diff options
Diffstat (limited to 'agent')
| -rw-r--r-- | agent/ChangeLog | 24 | ||||
| -rw-r--r-- | agent/agent.h | 11 | ||||
| -rw-r--r-- | agent/call-pinentry.c | 7 | ||||
| -rw-r--r-- | agent/call-scd.c | 16 | ||||
| -rw-r--r-- | agent/command-ssh.c | 40 | ||||
| -rw-r--r-- | agent/command.c | 44 | ||||
| -rw-r--r-- | agent/gpg-agent.c | 89 | ||||
| -rw-r--r-- | agent/minip12.c | 7 | ||||
| -rw-r--r-- | agent/protect.c | 2 |
9 files changed, 156 insertions, 84 deletions
diff --git a/agent/ChangeLog b/agent/ChangeLog index 761b7b013..ddee4e5c6 100644 --- a/agent/ChangeLog +++ b/agent/ChangeLog @@ -1,3 +1,27 @@ +2006-11-20 Werner Koch <[email protected]> + + * call-pinentry.c (agent_popup_message_stop): Use SIGKILL. + * call-scd.c (inq_needpin): Implement POPUPKEYPADPROMPT and + DISMISSKEYPADPROMPT. + +2006-11-15 Werner Koch <[email protected]> + + * protect.c (make_shadow_info): Cast printf arg to unsigned int. + * minip12.c (parse_bag_encrypted_data): Ditto. + (parse_bag_data, p12_parse): Ditto. + * command-ssh.c (ssh_identity_register): Changed buffer_n to + size_t. + + * agent.h (struct server_control_s): New field thread_startup. + * command.c (start_command_handler): Moved CTRL init code to .. + * gpg-agent.c (start_connection_thread): .. here. + (agent_deinit_default_ctrl): New. + (agent_init_default_ctrl): Made static. + (handle_connections): Allocate CTRL and pass it pth_spawn. + * command-ssh.c (start_command_handler_ssh): Moved CTRL init code + to .. + * gpg-agent.c (start_connection_thread_ssh): .. here. + 2006-11-14 Werner Koch <[email protected]> * command.c (bump_key_eventcounter): New. diff --git a/agent/agent.h b/agent/agent.h index 2b7f36741..883924cd9 100644 --- a/agent/agent.h +++ b/agent/agent.h @@ -112,6 +112,12 @@ struct scd_local_s; /* Collection of data per session (aka connection). */ struct server_control_s { + /* Private data used to fire up the connection thread. We use this + structure do avoid an extra allocation for just a few bytes. */ + struct { + int fd; + } thread_startup; + /* Private data of the server (command.c). */ struct server_local_s *server_local; @@ -178,16 +184,15 @@ cache_mode_t; /*-- gpg-agent.c --*/ void agent_exit (int rc) JNLIB_GCC_A_NR; /* Also implemented in other tools */ -void agent_init_default_ctrl (struct server_control_s *ctrl); /*-- command.c --*/ gpg_error_t agent_write_status (ctrl_t ctrl, const char *keyword, ...); void bump_key_eventcounter (void); void bump_card_eventcounter (void); -void start_command_handler (int, int); +void start_command_handler (ctrl_t, int, int); /*-- command-ssh.c --*/ -void start_command_handler_ssh (int); +void start_command_handler_ssh (ctrl_t, int); /*-- findkey.c --*/ int agent_write_private_key (const unsigned char *grip, diff --git a/agent/call-pinentry.c b/agent/call-pinentry.c index 7193db799..f22136fd4 100644 --- a/agent/call-pinentry.c +++ b/agent/call-pinentry.c @@ -636,7 +636,7 @@ popup_message_thread (void *arg) /* Pop up a message window similar to the confirm one but keep it open until agent_popup_message_stop has been called. It is crucial for the caller to make sure that the stop function gets called as soon - as the message is not anymore required becuase the message is + as the message is not anymore required because the message is system modal and all other attempts to use the pinentry will fail (after a timeout). */ int @@ -723,8 +723,9 @@ agent_popup_message_stop (ctrl_t ctrl) if (rc == pid) assuan_set_flag (entry_ctx, ASSUAN_NO_WAITPID, 1); } - else - kill (pid, SIGINT); + else if (pid > 0) + kill (pid, SIGKILL); /* Need to use SIGKILL due to bad + interaction of SIGINT with Pth. */ /* Now wait for the thread to terminate. */ rc = pth_join (popup_tid, NULL); diff --git a/agent/call-scd.c b/agent/call-scd.c index 2f91e1e84..53e4ced4d 100644 --- a/agent/call-scd.c +++ b/agent/call-scd.c @@ -711,17 +711,19 @@ inq_needpin (void *opaque, const char *line) rc = assuan_send_data (parm->ctx, pin, pinlen); xfree (pin); } - else if (!strncmp (line, "KEYPADINFO", 10) && (line[10] == ' ' || !line[10])) + else if (!strncmp (line, "POPUPKEYPADPROMPT", 17) + && (line[17] == ' ' || !line[17])) { - size_t code; - char *endp; - - code = strtoul (line+10, &endp, 10); - line = endp; + line += 17; while (*line == ' ') line++; - rc = parm->getpin_cb (parm->getpin_cb_arg, line, NULL, code); + rc = parm->getpin_cb (parm->getpin_cb_arg, line, NULL, 1); + } + else if (!strncmp (line, "DISMISSKEYPADPROMPT", 19) + && (line[19] == ' ' || !line[19])) + { + rc = parm->getpin_cb (parm->getpin_cb_arg, "", NULL, 0); } else { diff --git a/agent/command-ssh.c b/agent/command-ssh.c index 1adf8ba94..b44dc2140 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -2329,7 +2329,7 @@ ssh_identity_register (ctrl_t ctrl, gcry_sexp_t key, int ttl) unsigned char key_grip_raw[20]; char key_grip[41]; unsigned char *buffer = NULL; - unsigned int buffer_n; + size_t buffer_n; char *description = NULL; char *comment = NULL; unsigned int i; @@ -2821,32 +2821,28 @@ ssh_request_process (ctrl_t ctrl, estream_t stream_sock) /* Start serving client on SOCK_CLIENT. */ void -start_command_handler_ssh (int sock_client) +start_command_handler_ssh (ctrl_t ctrl, int sock_client) { - struct server_control_s ctrl; estream_t stream_sock; gpg_error_t err; int ret; /* Setup control structure. */ - - memset (&ctrl, 0, sizeof (ctrl)); - agent_init_default_ctrl (&ctrl); - ctrl.connection_fd = sock_client; + ctrl->connection_fd = sock_client; /* Because the ssh protocol does not send us information about the the current TTY setting, we resort here to use those from startup or those explictly set. */ - if (!ctrl.display && opt.startup_display) - ctrl.display = strdup (opt.startup_display); - if (!ctrl.ttyname && opt.startup_ttyname) - ctrl.ttyname = strdup (opt.startup_ttyname); - if (!ctrl.ttytype && opt.startup_ttytype) - ctrl.ttytype = strdup (opt.startup_ttytype); - if (!ctrl.lc_ctype && opt.startup_lc_ctype) - ctrl.lc_ctype = strdup (opt.startup_lc_ctype); - if (!ctrl.lc_messages && opt.startup_lc_messages) - ctrl.lc_messages = strdup (opt.startup_lc_messages); + if (!ctrl->display && opt.startup_display) + ctrl->display = strdup (opt.startup_display); + if (!ctrl->ttyname && opt.startup_ttyname) + ctrl->ttyname = strdup (opt.startup_ttyname); + if (!ctrl->ttytype && opt.startup_ttytype) + ctrl->ttytype = strdup (opt.startup_ttytype); + if (!ctrl->lc_ctype && opt.startup_lc_ctype) + ctrl->lc_ctype = strdup (opt.startup_lc_ctype); + if (!ctrl->lc_messages && opt.startup_lc_messages) + ctrl->lc_messages = strdup (opt.startup_lc_messages); /* Create stream from socket. */ @@ -2870,20 +2866,14 @@ start_command_handler_ssh (int sock_client) } /* Main processing loop. */ - while ( !ssh_request_process (&ctrl, stream_sock) ) + while ( !ssh_request_process (ctrl, stream_sock) ) ; /* Reset the SCD in case it has been used. */ - agent_reset_scd (&ctrl); + agent_reset_scd (ctrl); out: if (stream_sock) es_fclose (stream_sock); - - free (ctrl.display); - free (ctrl.ttyname); - free (ctrl.ttytype); - free (ctrl.lc_ctype); - free (ctrl.lc_messages); } diff --git a/agent/command.c b/agent/command.c index d28dd7cb6..63f41c369 100644 --- a/agent/command.c +++ b/agent/command.c @@ -1441,18 +1441,16 @@ register_commands (assuan_context_t ctx) } -/* Startup the server. If LISTEN_FD and FD is given as -1, this is a simple - piper server, otherwise it is a regular server */ +/* Startup the server. If LISTEN_FD and FD is given as -1, this is a + simple piper server, otherwise it is a regular server. CTRL is the + control structure for this connection; it has only the basic + intialization. */ void -start_command_handler (int listen_fd, int fd) +start_command_handler (ctrl_t ctrl, int listen_fd, int fd) { int rc; assuan_context_t ctx; - struct server_control_s ctrl; - memset (&ctrl, 0, sizeof ctrl); - agent_init_default_ctrl (&ctrl); - if (listen_fd == -1 && fd == -1) { int filedes[2]; @@ -1468,7 +1466,7 @@ start_command_handler (int listen_fd, int fd) else { rc = assuan_init_socket_server_ext (&ctx, fd, 2); - ctrl.connection_fd = fd; + ctrl->connection_fd = fd; } if (rc) { @@ -1484,12 +1482,12 @@ start_command_handler (int listen_fd, int fd) agent_exit (2); } - assuan_set_pointer (ctx, &ctrl); - ctrl.server_local = xcalloc (1, sizeof *ctrl.server_local); - ctrl.server_local->assuan_ctx = ctx; - ctrl.server_local->message_fd = -1; - ctrl.server_local->use_cache_for_signing = 1; - ctrl.digest.raw_value = 0; + assuan_set_pointer (ctx, ctrl); + ctrl->server_local = xcalloc (1, sizeof *ctrl->server_local); + ctrl->server_local->assuan_ctx = ctx; + ctrl->server_local->message_fd = -1; + ctrl->server_local->use_cache_for_signing = 1; + ctrl->digest.raw_value = 0; if (DBG_ASSUAN) assuan_set_log_stream (ctx, log_get_stream ()); @@ -1520,22 +1518,14 @@ start_command_handler (int listen_fd, int fd) } /* Reset the SCD if needed. */ - agent_reset_scd (&ctrl); + agent_reset_scd (ctrl); /* Reset the pinentry (in case of popup messages). */ - agent_reset_query (&ctrl); + agent_reset_query (ctrl); + /* Cleanup. */ assuan_deinit_server (ctx); - if (ctrl.display) - free (ctrl.display); - if (ctrl.ttyname) - free (ctrl.ttyname); - if (ctrl.ttytype) - free (ctrl.ttytype); - if (ctrl.lc_ctype) - free (ctrl.lc_ctype); - if (ctrl.lc_messages) - free (ctrl.lc_messages); - xfree (ctrl.server_local); + xfree (ctrl->server_local); + ctrl->server_local = NULL; } diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c index 793bc91bf..75ffb70da 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c @@ -211,6 +211,9 @@ static char *create_socket_name (int use_standard_socket, static int create_server_socket (int is_standard_name, const char *name); static void create_directories (void); +static void agent_init_default_ctrl (ctrl_t ctrl); +static void agent_deinit_default_ctrl (ctrl_t ctrl); + static void handle_connections (int listen_fd, int listen_fd_ssh); static int check_for_running_agent (int); @@ -813,8 +816,21 @@ main (int argc, char **argv ) if (pipe_server) - { /* this is the simple pipe based server */ - start_command_handler (-1, -1); + { + /* This is the simple pipe based server */ + ctrl_t ctrl; + + ctrl = xtrycalloc (1, sizeof *ctrl); + if (!ctrl) + { + log_error ("error allocating connection control data: %s\n", + strerror (errno) ); + agent_exit (1); + } + agent_init_default_ctrl (ctrl); + start_command_handler (ctrl, -1, -1); + agent_deinit_default_ctrl (ctrl); + xfree (ctrl); } else if (!is_daemon) ; /* NOTREACHED */ @@ -1073,8 +1089,8 @@ agent_exit (int rc) } -void -agent_init_default_ctrl (struct server_control_s *ctrl) +static void +agent_init_default_ctrl (ctrl_t ctrl) { ctrl->connection_fd = -1; @@ -1103,6 +1119,21 @@ agent_init_default_ctrl (struct server_control_s *ctrl) } +static void +agent_deinit_default_ctrl (ctrl_t ctrl) +{ + if (ctrl->display) + free (ctrl->display); + if (ctrl->ttyname) + free (ctrl->ttyname); + if (ctrl->ttytype) + free (ctrl->ttytype); + if (ctrl->lc_ctype) + free (ctrl->lc_ctype); + if (ctrl->lc_messages) + free (ctrl->lc_messages); +} + /* Reread parts of the configuration. Note, that this function is obviously not thread-safe and should only be called from the PTH signal handler. @@ -1437,17 +1468,20 @@ handle_signal (int signo) static void * start_connection_thread (void *arg) { - int fd = (int)arg; + ctrl_t ctrl = arg; + agent_init_default_ctrl (ctrl); if (opt.verbose) log_info (_("handler 0x%lx for fd %d started\n"), - (long)pth_self (), fd); + (long)pth_self (), ctrl->thread_startup.fd); - start_command_handler (-1, fd); + start_command_handler (ctrl, -1, ctrl->thread_startup.fd); if (opt.verbose) log_info (_("handler 0x%lx for fd %d terminated\n"), - (long)pth_self (), fd); + (long)pth_self (), ctrl->thread_startup.fd); + agent_deinit_default_ctrl (ctrl); + xfree (ctrl); return NULL; } @@ -1456,17 +1490,20 @@ start_connection_thread (void *arg) static void * start_connection_thread_ssh (void *arg) { - int fd = (int)arg; + ctrl_t ctrl = arg; + agent_init_default_ctrl (ctrl); if (opt.verbose) log_info (_("ssh handler 0x%lx for fd %d started\n"), - (long)pth_self (), fd); + (long)pth_self (), ctrl->thread_startup.fd); - start_command_handler_ssh (fd); + start_command_handler_ssh (ctrl, ctrl->thread_startup.fd); if (opt.verbose) log_info (_("ssh handler 0x%lx for fd %d terminated\n"), - (long)pth_self (), fd); + (long)pth_self (), ctrl->thread_startup.fd); + agent_deinit_default_ctrl (ctrl); + xfree (ctrl); return NULL; } @@ -1584,24 +1621,35 @@ handle_connections (int listen_fd, int listen_fd_ssh) if (FD_ISSET (listen_fd, &read_fdset)) { + ctrl_t ctrl; + plen = sizeof paddr; fd = pth_accept (listen_fd, (struct sockaddr *)&paddr, &plen); if (fd == -1) { log_error ("accept failed: %s\n", strerror (errno)); } + else if ( !(ctrl = xtrycalloc (1, sizeof *ctrl)) ) + { + log_error ("error allocating connection control data: %s\n", + strerror (errno) ); + close (fd); + } else { char threadname[50]; + snprintf (threadname, sizeof threadname-1, "conn fd=%d (gpg)", fd); threadname[sizeof threadname -1] = 0; pth_attr_set (tattr, PTH_ATTR_NAME, threadname); - if (!pth_spawn (tattr, start_connection_thread, (void*)fd)) + ctrl->thread_startup.fd = fd; + if (!pth_spawn (tattr, start_connection_thread, ctrl)) { log_error ("error spawning connection handler: %s\n", strerror (errno) ); close (fd); + xfree (ctrl); } } fd = -1; @@ -1609,25 +1657,36 @@ handle_connections (int listen_fd, int listen_fd_ssh) if (listen_fd_ssh != -1 && FD_ISSET (listen_fd_ssh, &read_fdset)) { + ctrl_t ctrl; + plen = sizeof paddr; fd = pth_accept (listen_fd_ssh, (struct sockaddr *)&paddr, &plen); if (fd == -1) { log_error ("accept failed for ssh: %s\n", strerror (errno)); } + else if ( !(ctrl = xtrycalloc (1, sizeof *ctrl)) ) + { + log_error ("error allocating connection control data: %s\n", + strerror (errno) ); + close (fd); + } else { char threadname[50]; + + agent_init_default_ctrl (ctrl); snprintf (threadname, sizeof threadname-1, "conn fd=%d (ssh)", fd); threadname[sizeof threadname -1] = 0; pth_attr_set (tattr, PTH_ATTR_NAME, threadname); - - if (!pth_spawn (tattr, start_connection_thread_ssh, (void*)fd)) + ctrl->thread_startup.fd = fd; + if (!pth_spawn (tattr, start_connection_thread_ssh, ctrl) ) { log_error ("error spawning ssh connection handler: %s\n", strerror (errno) ); close (fd); + xfree (ctrl); } } fd = -1; diff --git a/agent/minip12.c b/agent/minip12.c index 2da118022..25a38b9c8 100644 --- a/agent/minip12.c +++ b/agent/minip12.c @@ -888,7 +888,7 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length, gcry_free (plain); gcry_free (cram_buffer); log_error ("encryptedData error at \"%s\", offset %u\n", - where, (p - p_start)+startoffset); + where, (unsigned int)((p - p_start)+startoffset)); if (bad_pass) { /* Note, that the following string might be used by other programs @@ -1133,7 +1133,7 @@ parse_bag_data (const unsigned char *buffer, size_t length, int startoffset, } gcry_free (cram_buffer); log_error ( "data error at \"%s\", offset %u\n", - where, (p - buffer) + startoffset); + where, (unsigned int)((p - buffer) + startoffset)); if (r_consumed) *r_consumed = consumed; return NULL; @@ -1309,7 +1309,8 @@ p12_parse (const unsigned char *buffer, size_t length, const char *pw, gcry_free (cram_buffer); return result; bailout: - log_error ("error at \"%s\", offset %u\n", where, (p - p_start)); + log_error ("error at \"%s\", offset %u\n", + where, (unsigned int)(p - p_start)); if (result) { int i; diff --git a/agent/protect.c b/agent/protect.c index 19f6ccbc6..2bb38f316 100644 --- a/agent/protect.c +++ b/agent/protect.c @@ -861,7 +861,7 @@ make_shadow_info (const char *serialno, const char *idstring) p = stpcpy (p, numbuf); for (s=serialno; *s && s[1]; s += 2) *(unsigned char *)p++ = xtoi_2 (s); - sprintf (numbuf, "%d:", strlen (idstring)); + sprintf (numbuf, "%u:", (unsigned int)strlen (idstring)); p = stpcpy (p, numbuf); p = stpcpy (p, idstring); *p++ = ')'; |