/* homedir.c - Setup the home directory.

 * Copyright (C) 2004, 2006, 2007, 2010 Free Software Foundation, Inc.

 * Copyright (C) 2013, 2016 Werner Koch

 * Copyright (C) 2021, 2024 g10 Code GmbH

 *

 * This file is part of GnuPG.

 *

 * This file is free software; you can redistribute it and/or modify

 * it under the terms of either

 *

 *   - the GNU Lesser General Public License as published by the Free

 *     Software Foundation; either version 3 of the License, or (at

 *     your option) any later version.

 *

 * or

 *

 *   - the GNU General Public License as published by the Free

 *     Software Foundation; either version 2 of the License, or (at

 *     your option) any later version.

 *

 * or both in parallel, as here.

 *

 * This file is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program; if not, see <https://www.gnu.org/licenses/>.

 * SPDX-License-Identifier: (LGPL-3.0-or-later OR GPL-2.0-or-later)

 */

#include <config.h>

#include <stdlib.h>

#include <errno.h>

#include <fcntl.h>

#include <unistd.h>

#ifdef HAVE_W32_SYSTEM

#include <winsock2.h>   /* Due to the stupid mingw64 requirement to

                           include this header before windows.h which

                           is often implicitly included.  */

#include <shlobj.h>

#ifndef CSIDL_APPDATA

#define CSIDL_APPDATA 0x001a

#endif

#ifndef CSIDL_LOCAL_APPDATA

#define CSIDL_LOCAL_APPDATA 0x001c

#endif

#ifndef CSIDL_COMMON_APPDATA

#define CSIDL_COMMON_APPDATA 0x0023

#endif

#ifndef CSIDL_FLAG_CREATE

#define CSIDL_FLAG_CREATE 0x8000

#endif

#endif /*HAVE_W32_SYSTEM*/

#ifdef HAVE_STAT

#include <sys/stat.h> /* for stat() */

#endif

#include "util.h"

#include "sysutils.h"

#include "i18n.h"

#include "zb32.h"

/* The name of the symbolic link to the file from which the process

 * text was read.  */

#if __linux__

# define MYPROC_SELF_EXE "/proc/self/exe"

#elif defined(__NetBSD__)

# define MYPROC_SELF_EXE "/proc/curproc/exe"

#elif defined(__illumos__) || defined(__sun)

# define MYPROC_SELF_EXE "/proc/self/path/a.out"

#else /* Assume other BSDs */

# define MYPROC_SELF_EXE "/proc/curproc/file"

#endif

/* Mode flags for unix_rootdir.  */

enum wantdir_values {

  WANTDIR_ROOT = 0,

  WANTDIR_SYSCONF,

  WANTDIR_SOCKET

};

/* The GnuPG homedir.  This is only accessed by the functions

 * gnupg_homedir and gnupg_set_homedir.  Malloced.  */

static char *the_gnupg_homedir;

/* Flag indicating that home directory is not the default one.  */

static byte non_default_homedir;

/* An object to store information taken from a gpgconf.ctl file.  This

 * is parsed early at startup time and never changed later.  */

static struct

{

  unsigned int checked:1; /* True if we have checked for a gpgconf.ctl.  */

  unsigned int found:1;   /* True if a gpgconf.ctl was found.            */

  unsigned int empty:1;   /* The file is empty except for comments.      */

  unsigned int valid:1;   /* The entries in gpgconf.ctl are valid.       */

  unsigned int portable:1;/* Windows portable installation.              */

  char *gnupg;            /* The "gnupg" directory part.  */

  char *rootdir;          /* rootdir or NULL        */

  char *sysconfdir;       /* sysconfdir or NULL     */

  char *socketdir;        /* socketdir or NULL      */

} gpgconf_ctl;

#ifdef HAVE_W32_SYSTEM

/* A flag used to indicate that a control file for gpgconf has been

 * detected.  Under Windows the presence of this file indicates a

 * portable installations and triggers several changes:

 *

 * - The GNUGHOME directory is fixed relative to installation

 *   directory.  All other means to set the home directory are ignored.

 *

 * - All registry variables will be ignored.

 *

 * This flag is not used on Unix systems.

 */

static byte w32_portable_app;

#endif /*HAVE_W32_SYSTEM*/

#ifdef HAVE_W32_SYSTEM

/* This flag is true if this process's binary has been installed under

   bin and not in the root directory as often used before GnuPG 2.1. */

static byte w32_bin_is_bin;

#endif /*HAVE_W32_SYSTEM*/

#ifdef HAVE_W32_SYSTEM

static const char *w32_rootdir (void);

#endif

/* Return the name of the gnupg dir.  This is usually "gnupg".  */

static const char *

my_gnupg_dirname (void)

{

  if (gpgconf_ctl.valid && gpgconf_ctl.gnupg)

    return gpgconf_ctl.gnupg;

  return "gnupg";

}

/* Return the hardwired home directory which is not anymore so

 * hardwired because it may now be modified using the gpgconf.ctl

 * "gnupg" keyword.  */

static const char *

my_fixed_default_homedir (void)

{

  if (gpgconf_ctl.valid && gpgconf_ctl.gnupg)

    {

      static char *name;

      char *p;

      if (!name)

        {

          name = xmalloc (strlen (GNUPG_DEFAULT_HOMEDIR)

                          + strlen (gpgconf_ctl.gnupg) + 1);

          strcpy (name, GNUPG_DEFAULT_HOMEDIR);

          p = strrchr (name, '/');

          if (p)

            p++;

          else

            p = name;

          if (*p == '.')

            p++; /* Keep a leading dot.  */

          strcpy (p, gpgconf_ctl.gnupg);

          gpgrt_annotate_leaked_object (name);

        }

      return name;

    }

  return GNUPG_DEFAULT_HOMEDIR;

}

/* Under Windows we need to modify the standard registry key with the

 * "gnupg" keyword from a gpgconf.ctl.  */

#ifdef HAVE_W32_SYSTEM

const char *

gnupg_registry_dir (void)

{

  if (gpgconf_ctl.valid && gpgconf_ctl.gnupg)

    {

      static char *name;

      char *p;

      if (!name)

        {

          name = xmalloc (strlen (GNUPG_REGISTRY_DIR)

                          + strlen (gpgconf_ctl.gnupg) + 1);

          strcpy (name, GNUPG_REGISTRY_DIR);

          p = strrchr (name, '\\');

          if (p)

            p++;

          else

            p = name;

          strcpy (p, gpgconf_ctl.gnupg);

          if (!strncmp (p, "gnupg", 5))

            {

              /* Registry keys are case-insensitive and we use a

               * capitalized version of gnupg by default.  So, if the

               * new value starts with "gnupg" we apply the usual

               * capitalization for this first part.  */

              p[0] = 'G';

              p[3] = 'P';

              p[4] = 'G';

            }

          gpgrt_annotate_leaked_object (name);

        }

      return name;

    }

  return GNUPG_REGISTRY_DIR;

}

#endif /*HAVE_W32_SYSTEM*/

/* This is a helper function to load and call a Windows function from

 * either of one DLLs.  On success an UTF-8 file name is returned.

 * ERRNO is _not_ set on error.  */

#ifdef HAVE_W32_SYSTEM

static char *

w32_shgetfolderpath (HWND a, int b, HANDLE c, DWORD d)

{

  static int initialized;

  static HRESULT (WINAPI * func)(HWND,int,HANDLE,DWORD,LPWSTR);

  wchar_t wfname[MAX_PATH];

  if (!initialized)

    {

      static char *dllnames[] = { "shell32.dll", "shfolder.dll", NULL };

      void *handle;

      int i;

      initialized = 1;

      for (i=0, handle = NULL; !handle && dllnames[i]; i++)

        {

          handle = dlopen (dllnames[i], RTLD_LAZY);

          if (handle)

            {

              func = dlsym (handle, "SHGetFolderPathW");

              if (!func)

                {

                  dlclose (handle);

                  handle = NULL;

                }

            }

        }

    }

  if (func && func (a,b,c,d,wfname) >= 0)

    return wchar_to_utf8 (wfname);

  else

    return NULL;

}

#endif /*HAVE_W32_SYSTEM*/

/* Given the directory name DNAME try to create a common.conf and

 * enable the keyboxd.  This should only be called for the standard

 * home directory and only if that directory has just been created.  */

static void

create_common_conf (const char *dname)

{

#ifdef BUILD_WITH_KEYBOXD

  estream_t fp;

  char *fcommon;

  fcommon = make_filename (dname, "common.conf", NULL);

  fp = es_fopen (fcommon, "wx,mode=-rw-r");

  if (!fp)

    {

      log_info (_("error creating '%s': %s\n"), fcommon,

                gpg_strerror (gpg_error_from_syserror ()));

    }

  else

    {

      if (es_fputs ("use-keyboxd\n", fp) == EOF)

        {

          log_info (_("error writing to '%s': %s\n"), fcommon,

                    gpg_strerror (es_ferror (fp)

                                  ? gpg_error_from_syserror ()

                                  : gpg_error (GPG_ERR_EOF)));

          es_fclose (fp);

        }

      else if (es_fclose (fp))

        {

          log_info (_("error closing '%s': %s\n"), fcommon,

                    gpg_strerror (gpg_error_from_syserror ()));

        }

    }

#else /* BUILD_WITH_KEYBOXD */

  (void)dname;

#endif /* !BUILD_WITH_KEYBOXD */

}

/* Check whether DIR is the default homedir.  */

static int

is_gnupg_default_homedir (const char *dir)

{

  int result;

  char *a = make_absfilename (dir, NULL);

  char *b = make_absfilename (standard_homedir (), NULL);

  result = !compare_filenames (a, b);

  xfree (b);

  xfree (a);

  return result;

}

/* Helper to remove trailing slashes from NEWDIR.  Return a new

 * allocated string if that has been done or NULL if there are no

 * slashes to remove.  Also inserts a missing slash after a Windows

 * drive letter.  */

static char *

copy_dir_with_fixup (const char *newdir)

{

  char *result = NULL;

  char *p;

#ifdef HAVE_W32_SYSTEM

  char *p0;

  const char *s;

#endif

  if (!*newdir)

    return NULL;

#ifdef HAVE_W32_SYSTEM

  if (newdir[0] && newdir[1] == ':'

      && !(newdir[2] == '/' || newdir[2] == '\\'))

    {

      /* Drive letter with missing leading slash.  */

      p = result = xmalloc (strlen (newdir) + 1 + 1);

      *p++ = newdir[0];

      *p++ = newdir[1];

      *p++ = '\\';

      strcpy (p, newdir+2);

      /* Remove trailing slashes.  */

      p = result + strlen (result) - 1;

      while (p > result+2 && (*p == '/' || *p == '\\'))

        *p-- = 0;

    }

  else if (newdir[strlen (newdir)-1] == '/'

           || newdir[strlen (newdir)-1] == '\\' )

    {

      result = xstrdup (newdir);

      p = result + strlen (result) - 1;

      while (p > result

             && (*p == '/' || *p == '\\')

             && (p-1 > result && p[-1] != ':')) /* We keep "c:/". */

        *p-- = 0;

    }

  /* Hack to mitigate badly doubled backslashes.  */

  s = result? result : newdir;

  if (s[0] == '\\' && s[1] == '\\' && s[2] != '\\')

    {

      /* UNC (\\Servername\file) or Long UNC (\\?\Servername\file)

       * Does not seem to be double quoted.  */

    }

  else if (strstr (s, "\\\\"))

    {

      /* Double quotes detected.  Fold them into one because that is

       * what what Windows does.  This way we get a unique hash

       * regardless of the number of doubled backslashes. */

      if (!result)

        result = xstrdup (newdir);

      for (p0=p=result; *p; p++)

        {

          *p0++ = *p;

          while (*p == '\\' && p[1] == '\\')

            p++;

        }

      *p0 = 0;

    }

#else /*!HAVE_W32_SYSTEM*/

  if (newdir[strlen (newdir)-1] == '/')

    {

      result = xstrdup (newdir);

      p = result + strlen (result) - 1;

      while (p > result && *p == '/')

        *p-- = 0;

    }

#endif /*!HAVE_W32_SYSTEM*/

  return result;

}

/* Get the standard home directory.  In general this function should

   not be used as it does not consider a registry value (under W32) or

   the GNUPGHOME environment variable.  It is better to use

   gnupg_homedir(). */

const char *

standard_homedir (void)

{

#ifdef HAVE_W32_SYSTEM

  static const char *dir;

  if (!dir)

    {

      const char *rdir;

      rdir = w32_rootdir ();

      if (w32_portable_app)

        {

          dir = xstrconcat (rdir, DIRSEP_S "home", NULL);

          gpgrt_annotate_leaked_object (dir);

        }

      else

        {

          char *path;

          path = w32_shgetfolderpath (NULL, CSIDL_APPDATA|CSIDL_FLAG_CREATE,

                                      NULL, 0);

          if (path)

            {

              dir = xstrconcat (path, "\\", my_gnupg_dirname (), NULL);

              xfree (path);

              gpgrt_annotate_leaked_object (dir);

              /* Try to create the directory if it does not yet exists.  */

              if (gnupg_access (dir, F_OK))

                if (!gnupg_mkdir (dir, "-rwx"))

                  create_common_conf (dir);

            }

          else

            dir = my_fixed_default_homedir ();

        }

    }

  return dir;

#else/*!HAVE_W32_SYSTEM*/

  return my_fixed_default_homedir ();

#endif /*!HAVE_W32_SYSTEM*/

}

/* Set up the default home directory.  The usual --homedir option

   should be parsed later. */

static const char *

default_homedir (void)

{

  const char *dir;

#ifdef HAVE_W32_SYSTEM

  /* For a portable application we only use the standard homedir.  */

  w32_rootdir ();

  if (w32_portable_app)

    return standard_homedir ();

#endif /*HAVE_W32_SYSTEM*/

  dir = getenv ("GNUPGHOME");

#ifdef HAVE_W32_SYSTEM

  if (!dir || !*dir)

    {

      static const char *saved_dir;

      if (!saved_dir)

        {

          if (!dir || !*dir)

            {

              char *tmp, *p;

              /* This is deprecated; gpgconf --list-dirs prints a

               * warning if the homedir has been taken from the

               * registry.  */

              tmp = read_w32_registry_string (NULL,

                                              gnupg_registry_dir (),

                                              "HomeDir");

              if (tmp && !*tmp)

                {

                  xfree (tmp);

                  tmp = NULL;

                }

              if (tmp)

                {

                  /* Strip trailing backslashes.  */

                  p = tmp + strlen (tmp) - 1;

                  while (p > tmp && *p == '\\')

                    *p-- = 0;

                  saved_dir = tmp;

                }

            }

          if (!saved_dir)

            saved_dir = standard_homedir ();

        }

      dir = saved_dir;

    }

#endif /*HAVE_W32_SYSTEM*/

  if (!dir || !*dir)

    dir = my_fixed_default_homedir ();

  else

    {

      char *p;

      p = copy_dir_with_fixup (dir);

      if (p)

        {

          /* A new buffer has been allocated with proper semantics.

           * Assign this to DIR.  If DIR is passed again to

           * copy_dir_with_fixup there will be no need for a fix up

           * and the function returns NULL.  Thus we leak only once.

           * Setting the homedir is usually a one-off task but might

           * be called a second time.  We also ignore such extra leaks

           * because we don't know who still references the former

           * string.  */

          gpgrt_annotate_leaked_object (p);

          dir = p;

        }

      if (!is_gnupg_default_homedir (dir))

        non_default_homedir = 1;

    }

  return dir;

}

/* Return true if S can be inteprtated as true.  This is uised for

 * keywords in gpgconf.ctl.  Spaces must have been trimmed.  */

static int

string_is_true (const char *s)

{

  return (atoi (s)

          || !ascii_strcasecmp (s, "yes")

          || !ascii_strcasecmp (s, "true")

          || !ascii_strcasecmp (s, "fact"));

}

/* This function is used to parse the gpgconf.ctl file and set the

 * information ito the gpgconf_ctl structure.  This is called once

 * with the full filename of gpgconf.ctl.  There are two callers: One

 * used on Windows and one on Unix.  No error return but diagnostics

 * are printed.  */

static void

parse_gpgconf_ctl (const char *fname)

{

  gpg_error_t err;

  char *p;

  char *line;

  size_t linelen;

  ssize_t length;

  estream_t fp;

  const char *name;

  int anyitem = 0;

  int ignoreall = 0;

  char *gnupgval = NULL;

  char *rootdir = NULL;

  char *sysconfdir = NULL;

  char *socketdir = NULL;

  if (gpgconf_ctl.checked)

    return;  /* Just in case this is called a second time.  */

  gpgconf_ctl.checked = 1;

  gpgconf_ctl.found = 0;

  gpgconf_ctl.valid = 0;

  gpgconf_ctl.empty = 0;

  if (gnupg_access (fname, F_OK))

    return; /* No gpgconf.ctl file.  */

  /* log_info ("detected '%s'\n", buffer); */

  fp = es_fopen (fname, "r");

  if (!fp)

    {

      err = gpg_error_from_syserror ();

      log_info ("error opening '%s': %s\n", fname, gpg_strerror (err));

      return;

    }

  gpgconf_ctl.found = 1;

  line = NULL;

  linelen = 0;

  while ((length = es_read_line (fp, &line, &linelen, NULL)) > 0)

    {

      static const char *names[] =

        {

          "gnupg",

          "rootdir",

          "sysconfdir",

          "socketdir",

          "portable",

          ".enable"

        };

      int i;

      size_t n;

      /* Strip NL and CR, if present.  */

      while (length > 0

             && (line[length - 1] == '\n' || line[length - 1] == '\r'))

        line[--length] = 0;

      trim_spaces (line);

      if (*line == '#' || !*line)

        continue;

      anyitem = 1;

      /* Find the keyword.  */

      name = NULL;

      p = NULL;

      for (i=0; i < DIM (names); i++)

        {

          n = strlen (names[i]);

          if (!strncmp (line, names[i], n))

            {

              while (line[n] == ' ' || line[n] == '\t')

                n++;

              if (line[n] == '=')

                {

                  name = names[i];

                  p = line + n + 1;

                  break;

                }

            }

        }

      if (!name)

        continue;  /* Keyword not known.  */

      trim_spaces (p);

      p = substitute_envvars (p);

      if (!p)

        {

          err = gpg_error_from_syserror ();

          log_info ("error getting %s from gpgconf.ctl: %s\n",

                    name, gpg_strerror (err));

        }

      else if (!strcmp (name, ".enable"))

        {

          if (string_is_true (p))

            ;              /* Yes, this file shall be used.    */

          else

            ignoreall = 1; /* No, this file shall be ignored.  */

          xfree (p);

        }

      else if (!strcmp (name, "gnupg"))

        {

          xfree (gnupgval);

          gnupgval = p;

        }

      else if (!strcmp (name, "sysconfdir"))

        {

          xfree (sysconfdir);

          sysconfdir = p;

        }

      else if (!strcmp (name, "socketdir"))

        {

          xfree (socketdir);

          socketdir = p;

        }

      else if (!strcmp (name, "rootdir"))

        {

          xfree (rootdir);

          rootdir = p;

        }

      else if (!strcmp (name, "portable"))

        {

          gpgconf_ctl.portable = string_is_true (p);

          xfree (p);

        }

      else /* Unknown keyword.  */

        xfree (p);

    }

  if (es_ferror (fp))

    {

      err = gpg_error_from_syserror ();

      log_info ("error reading '%s': %s\n", fname, gpg_strerror (err));

      ignoreall = 1;  /* Force all entries to invalid.  */

    }

  es_fclose (fp);

  xfree (line);

  if (ignoreall)

    ; /* Forced error.  Note that .found is still set.  */

  else if (gnupgval && (!*gnupgval || strpbrk (gnupgval, "/\\")))

    {

      /* We don't allow a slash or backslash in the value because our

       * code assumes this is a single directory name.  */

      log_info ("invalid %s '%s' specified in gpgconf.ctl\n",

                "gnupg", gnupgval);

    }

  else if (rootdir && (!*rootdir || *rootdir != '/'))

    {

      log_info ("invalid %s '%s' specified in gpgconf.ctl\n",

                "rootdir", rootdir);

    }

  else if (sysconfdir && (!*sysconfdir || *sysconfdir != '/'))

    {

      log_info ("invalid %s '%s' specified in gpgconf.ctl\n",

                "sysconfdir", sysconfdir);

    }

  else if (socketdir && (!*socketdir || *socketdir != '/'))

    {

      log_info ("invalid %s '%s' specified in gpgconf.ctl\n",

                "socketdir", socketdir);

    }

  else

    {

      if (gnupgval)

        {

          gpgconf_ctl.gnupg = gnupgval;

          gpgrt_annotate_leaked_object (gpgconf_ctl.gnupg);

          /* log_info ("want gnupg '%s'\n", dir); */

        }

      if (rootdir)

        {

          while (*rootdir && rootdir[strlen (rootdir)-1] == '/')

            rootdir[strlen (rootdir)-1] = 0;

          gpgconf_ctl.rootdir = rootdir;

          gpgrt_annotate_leaked_object (gpgconf_ctl.rootdir);

          /* log_info ("want rootdir '%s'\n", dir); */

        }

      if (sysconfdir)

        {

          while (*sysconfdir && sysconfdir[strlen (sysconfdir)-1] == '/')

            sysconfdir[strlen (sysconfdir)-1] = 0;

          gpgconf_ctl.sysconfdir = sysconfdir;

          gpgrt_annotate_leaked_object (gpgconf_ctl.sysconfdir);

          /* log_info ("want sysconfdir '%s'\n", sdir); */

        }

      if (socketdir)

        {

          while (*socketdir && socketdir[strlen (socketdir)-1] == '/')

            socketdir[strlen (socketdir)-1] = 0;

          gpgconf_ctl.socketdir = socketdir;

          gpgrt_annotate_leaked_object (gpgconf_ctl.socketdir);

          /* log_info ("want socketdir '%s'\n", s2dir); */

        }

      gpgconf_ctl.valid = 1;

    }

  gpgconf_ctl.empty = !anyitem;

  if (!gpgconf_ctl.valid)

    {

      /* Error reading some entries - clear them all.  */

      xfree (gnupgval);

      xfree (rootdir);

      xfree (sysconfdir);

      xfree (socketdir);

      gpgconf_ctl.gnupg = NULL;

      gpgconf_ctl.rootdir = NULL;

      gpgconf_ctl.sysconfdir = NULL;

      gpgconf_ctl.socketdir = NULL;

    }

}

#ifdef HAVE_W32_SYSTEM

/* Check whether gpgconf is installed and if so read the gpgconf.ctl

   file. */

static void

check_portable_app (const char *dir)

{

  char *fname;

  fname = xstrconcat (dir, DIRSEP_S "gpgconf.exe", NULL);

  if (!gnupg_access (fname, F_OK))

    {

      strcpy (fname + strlen (fname) - 3, "ctl");

      parse_gpgconf_ctl (fname);

      if ((gpgconf_ctl.found && gpgconf_ctl.empty)

          || (gpgconf_ctl.valid && gpgconf_ctl.portable))

        {

          unsigned int flags;

          /* Classic gpgconf.ctl file found.  This is a portable

           * application.  Note that if there are any items in that

           * file we don't consider this a portable application unless

           * the (later added) ".portable" keyword has also been

           * seen.  */

          w32_portable_app = 1;

          log_get_prefix (&flags);

          log_set_prefix (NULL, (flags | GPGRT_LOG_NO_REGISTRY));

        }

    }

  xfree (fname);

}

#endif /*HAVE_W32_SYSTEM*/

#ifdef HAVE_W32_SYSTEM

/* Return the filename of this process.  Caller must release the

 * returned buffer.  On error an empty string is returned.  */

static char *

w32_myproc_self (void)

{

  char *p;

  int rc;

  wchar_t wdir [MAX_PATH+5];

  char *dir;

  dir = xmalloc (MAX_PATH+5);

  rc = GetModuleFileNameW (NULL, wdir, MAX_PATH);

  if (rc && WideCharToMultiByte (CP_UTF8, 0, wdir, -1, dir, MAX_PATH-4,

                                 NULL, NULL) < 0)

    rc = 0;

  if (!rc)

    {

      log_debug ("GetModuleFileName failed: %s\n", w32_strerror (-1));

      *dir = 0;

    }

  return dir;

}

/* Determine the root directory of the gnupg installation on Windows.  */

static const char *

w32_rootdir (void)

{

  static int got_dir;

  static char *dir;

  if (!got_dir)

    {

      char *p;

      dir = w32_myproc_self ();

      gpgrt_annotate_leaked_object (dir);

      got_dir = 1;

      p = strrchr (dir, DIRSEP_C);

      if (p)

        {

          *p = 0;

          check_portable_app (dir);

          /* If we are installed below "bin" we strip that and use

             the top directory instead.  */

          p = strrchr (dir, DIRSEP_C);

          if (p && !strcmp (p+1, "bin"))

            {

              *p = 0;

              w32_bin_is_bin = 1;

            }

        }

      if (!p)

        {

          log_debug ("bad filename '%s' returned for this process\n", dir);

          *dir = 0;

        }

    }

  if (*dir)

    return dir;

  /* Fallback to the hardwired value. */

  return GNUPG_LIBEXECDIR;

}

#endif /*HAVE_W32_SYSTEM*/

#ifndef HAVE_W32_SYSTEM /* Unix */

/* Return the filename of this process.  If WITH_FALLBACK is set the

 * GNUPG_BUILD_ROOT envvar is considered in the error case.  Caller

 * must release the returned buffer.  On error an empty string is

 * returned.  */

static char *

unix_myproc_self (int with_fallback)

{

  char *buffer;

  size_t bufsize = 256-1;

  int nread;

  gpg_error_t err;

  const char *name;

  for (;;)

    {

      buffer = xmalloc (bufsize+1);

      nread = readlink (MYPROC_SELF_EXE, buffer, bufsize);

      if (nread < 0)

        {

          err = gpg_error_from_syserror ();

          buffer[0] = 0;

          if (with_fallback

              && (name = getenv ("GNUPG_BUILD_ROOT")) && *name == '/')

            {

              /* Try a fallback for systems w/o a supported /proc

               * file system if we are running a regression test.  */

              log_info ("error reading symlink '%s': %s\n",

                        MYPROC_SELF_EXE, gpg_strerror (err));

              xfree  (buffer);

              buffer = xstrconcat (name, "/bin/gpgconf", NULL);

              log_info ("trying fallback '%s'\n", buffer);

            }

          break;

        }

      else if (nread < bufsize)

        {

          buffer[nread] = 0;

          break;  /* Got it.  */

        }

      else if (bufsize >= 4095)

        {

          buffer[0] = 0;

          log_info ("error reading symlink '%s': %s\n",

                    MYPROC_SELF_EXE, "value too large");

          break;

        }

      xfree (buffer);

      bufsize += 256;

    }

  return buffer;

}

/* Determine the root directory of the gnupg installation on Unix.

 * The standard case is that this function returns NULL so that the

 * root directory as configured at build time is used.  However, it

 * may return a static string with a different root directory, similar

 * to what we do on Windows.  That second mode is triggered by the

 * existence of a file gpgconf.ctl installed side-by-side to gpgconf.

 * This file is parsed for keywords describing the actually to be used

 * root directory.  There is no solid standard on Unix to locate the

 * binary used to create the process, thus we support this currently

 * only on Linux and BSD where we can look this info up using the proc

 * file system.  If WANT_SYSCONFDIR is true the optional sysconfdir

 * entry is returned.  */

static const char *

unix_rootdir (enum wantdir_values wantdir)

{

  if (!gpgconf_ctl.checked)

    {

      char *p;

      char *buffer;

      buffer = unix_myproc_self (1/* with_fallback */);

      if (!*buffer)

        {

          xfree (buffer);

          gpgconf_ctl.checked = 1;

          return NULL;  /* Error - assume no gpgconf.ctl.  */

        }

      p = strrchr (buffer, '/');

      if (!p)

        {

          xfree (buffer);

          gpgconf_ctl.checked = 1;

          return NULL;  /* Erroneous /proc - assume no gpgconf.ctl.  */

        }

      *p = 0;  /* BUFFER has the directory.  */

      if (!(p = strrchr (buffer, '/')))

        {

          /* Installed in the root which is not a good idea.  Assume

           * no gpgconf.ctl.  */

          xfree (buffer);

          gpgconf_ctl.checked = 1;

          return NULL;

        }

      /* Strip one part and expect the file below a bin dir.  */

      *p = 0;

      p = xstrconcat (buffer, "/bin/gpgconf.ctl", NULL);

      xfree (buffer);

      buffer = p;

      parse_gpgconf_ctl (buffer);

      xfree (buffer);

    }

  if (!gpgconf_ctl.valid)

    return NULL; /* No valid entries in gpgconf.ctl  */

  switch (wantdir)

    {

    case WANTDIR_ROOT:    return gpgconf_ctl.rootdir;

    case WANTDIR_SYSCONF: return gpgconf_ctl.sysconfdir;

    case WANTDIR_SOCKET:  return gpgconf_ctl.socketdir;

    }

  return NULL; /* Not reached.  */

}

#endif /* Unix */

#ifdef HAVE_W32_SYSTEM

static const char *

w32_commondir (void)

{

  static char *dir;

  if (!dir)

    {