diff options
| author | NIIBE Yutaka <[email protected]> | 2023-03-15 05:44:18 +0000 |
|---|---|---|
| committer | NIIBE Yutaka <[email protected]> | 2023-03-15 05:44:18 +0000 |
| commit | 4a48149d84f7c10fb07b5024b83d53acb2f96ba8 (patch) | |
| tree | 972d0ba33ae59d491b715eee69cc7ade53a18662 | |
| parent | agent: Add oTkdaemonProgram. (diff) | |
| download | gnupg-4a48149d84f7c10fb07b5024b83d53acb2f96ba8.tar.gz gnupg-4a48149d84f7c10fb07b5024b83d53acb2f96ba8.zip | |
tkd: Implement finalizer.
Signed-off-by: NIIBE Yutaka <[email protected]>
| -rw-r--r-- | tkd/command.c | 52 | ||||
| -rw-r--r-- | tkd/pkcs11.c | 64 | ||||
| -rw-r--r-- | tkd/tkdaemon.h | 5 |
3 files changed, 113 insertions, 8 deletions
diff --git a/tkd/command.c b/tkd/command.c index 772b3d3e4..b640eb7f7 100644 --- a/tkd/command.c +++ b/tkd/command.c @@ -181,6 +181,55 @@ pin_cb (void *opaque, const char *info, char **retstr) } #endif +static const char hlp_getinfo[] = + "GETINFO <what>\n" + "\n" + "Multi purpose command to return certain information. \n" + "Supported values of WHAT are:\n" + "\n" + " version - Return the version of the program.\n" + " pid - Return the process id of the server.\n" + " socket_name - Return the name of the socket.\n" + " connections - Return number of active connections."; +static gpg_error_t +cmd_getinfo (assuan_context_t ctx, char *line) +{ + int rc = 0; + const char *s; + + if (!strcmp (line, "version")) + { + s = VERSION; + rc = assuan_send_data (ctx, s, strlen (s)); + } + else if (!strcmp (line, "pid")) + { + char numbuf[50]; + + snprintf (numbuf, sizeof numbuf, "%lu", (unsigned long)getpid ()); + rc = assuan_send_data (ctx, numbuf, strlen (numbuf)); + } + else if (!strcmp (line, "socket_name")) + { + s = tkd_get_socket_name (); + if (s) + rc = assuan_send_data (ctx, s, strlen (s)); + else + rc = gpg_error (GPG_ERR_NO_DATA); + } + else if (!strcmp (line, "connections")) + { + char numbuf[20]; + + snprintf (numbuf, sizeof numbuf, "%d", get_active_connection_count ()); + rc = assuan_send_data (ctx, numbuf, strlen (numbuf)); + } + else + rc = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT"); + return rc; +} + + /* SLOTLIST command * A command to (re)scan for available keys, something like SERIALNO * command of scdaemon. @@ -199,7 +248,7 @@ cmd_slotlist (assuan_context_t ctx, char *line) line = skip_options (line); (void)line; - err = token_slotlist (ctrl, ctx); + err = token_init (ctrl, ctx); return err; } @@ -386,6 +435,7 @@ register_commands (assuan_context_t ctx) { "PKSIGN", cmd_pksign, hlp_pksign }, { "KILLTKD", cmd_killtkd, hlp_killtkd }, { "KEYINFO", cmd_keyinfo, hlp_keyinfo }, + { "GETINFO", cmd_getinfo, hlp_getinfo }, { NULL } }; int i, rc; diff --git a/tkd/pkcs11.c b/tkd/pkcs11.c index 1b426fe34..d943b87a1 100644 --- a/tkd/pkcs11.c +++ b/tkd/pkcs11.c @@ -85,6 +85,7 @@ struct token { }; struct cryptoki { + void *handle; /* DL handle to PKCS#11 Module. */ struct ck_function_list *f; int num_slots; struct token token_list[MAX_SLOTS]; @@ -101,15 +102,21 @@ get_function_list (struct cryptoki *ck, const char *libname) { unsigned long err = 0; unsigned long (*p_func) (struct ck_function_list **); - void *handle; - handle = dlopen (libname, RTLD_NOW); - if (handle == NULL) + if (ck->handle == NULL) { - return -1; + void *handle; + + handle = dlopen (libname, RTLD_NOW); + if (handle == NULL) + { + return -1; + } + + ck->handle = handle; } - p_func = (CK_C_GetFunctionList)dlsym (handle, "C_GetFunctionList"); + p_func = (CK_C_GetFunctionList)dlsym (ck->handle, "C_GetFunctionList"); if (p_func == NULL) { return -1; @@ -978,7 +985,7 @@ do_pksign (struct key *key, int hash_algo, gpg_error_t -token_slotlist (ctrl_t ctrl, assuan_context_t ctx) +token_init (ctrl_t ctrl, assuan_context_t ctx) { gpg_error_t err = 0; @@ -1068,6 +1075,51 @@ token_slotlist (ctrl_t ctrl, assuan_context_t ctx) } gpg_error_t +token_fini (ctrl_t ctrl, assuan_context_t ctx) +{ + long r; + struct cryptoki *ck = ck_instance; + int i; + + (void)ctrl; + (void)ctx; + + for (i = 0; i < ck->num_slots; i++) + { + struct token *token = &ck->token_list[i]; + + if (!token->valid) + continue; + + if (token->login_required) + logout (token); + + r = close_session (token); + if (r) + { + log_error ("Error at close_session: %ld\n", r); + continue; + } + + token->valid = 0; + } + + ck->num_slots = 0; + + r = ck->f->C_Finalize (NULL); + if (r) + { + return -1; + } + + dlclose (ck->handle); + ck->handle = NULL; + + return 0; +} + + +gpg_error_t token_sign (ctrl_t ctrl, assuan_context_t ctx, const char *keygrip, int hash_algo, unsigned char **r_outdata, diff --git a/tkd/tkdaemon.h b/tkd/tkdaemon.h index 85873ecbc..dd1b243f1 100644 --- a/tkd/tkdaemon.h +++ b/tkd/tkdaemon.h @@ -94,6 +94,7 @@ struct server_control_s void tkd_exit (int rc); void tkd_kick_the_loop (void); const char *tkd_get_socket_name (void); +int get_active_connection_count (void); /*-- command.c --*/ gpg_error_t initialize_module_command (void); @@ -109,7 +110,9 @@ void send_keyinfo (ctrl_t ctrl, int data, const char *keygrip_str, const char *usage); /*-- pkcs11.c --*/ -gpg_error_t token_slotlist (ctrl_t ctrl, assuan_context_t ctx); +gpg_error_t token_init (ctrl_t ctrl, assuan_context_t ctx); +gpg_error_t token_fini (ctrl_t ctrl, assuan_context_t ctx); + gpg_error_t token_sign (ctrl_t ctrl, assuan_context_t ctx, const char *keygrip, int hash_algo, unsigned char **r_outdata, |