common: On Windows, we care about how PIPE handles are inherited.

* agent/gpg-agent.c (handle_connections): It's for POSIX.
* kbx/keyboxd.c (handle_connections): Ditto.
* scd/app.c (handle_connections): Ditto.
* scd/scdaemon.c (handle_connections): Ditto.
tpm2d/tpm2daemon.c (handle_connections): Ditto.
* tests/gpgscm/ffi.c (do_pipe): Use GNUPG_PIPE_BOTH.
(do_inbound_pipe): Use GNUPG_PIPE_INBOUND.
(do_outbound_pipe): Use GNUPG_PIPE_OUTBOUND.
* common/call-gpg.c (_gpg_encrypt): Specify outbound and inbound.
(_gpg_decrypt): Likewise.
* common/exechelp-posix.c (gnupg_create_pipe): Add an argument.
* common/exechelp-w32.c (create_pipe_and_estream): Care about
how PIPE handles are inherited to child process.
(gnupg_create_pipe): Add an argument.
* common/exechelp.h: Add enum values.

--

Fixes-commit: af6c47b2910f394faf582800d60d88e9b4dcf834
Signed-off-by: NIIBE Yutaka <[email protected]>

4 files changed, 46 insertions, 19 deletions

diff --git a/common/call-gpg.c b/common/call-gpg.c
index 8c69a0c9a..75943a315 100644
--- a/common/call-gpg.c
+++ b/common/call-gpg.c
@@ -429,9 +429,9 @@ _gpg_encrypt (ctrl_t ctrl,
   assert ((reader_mb == NULL) != (cipher_stream == NULL));
 
   /* Create two pipes.  */
-  err = gnupg_create_pipe (outbound_fds);
+  err = gnupg_create_pipe (outbound_fds, GNUPG_PIPE_OUTBOUND);
   if (!err)
-    err = gnupg_create_pipe (inbound_fds);
+    err = gnupg_create_pipe (inbound_fds, GNUPG_PIPE_INBOUND);
   if (err)
     {
       log_error (_("error creating a pipe: %s\n"), gpg_strerror (err));
@@ -613,9 +613,9 @@ _gpg_decrypt (ctrl_t ctrl,
   assert ((reader_mb == NULL) != (plain_stream == NULL));
 
   /* Create two pipes.  */
-  err = gnupg_create_pipe (outbound_fds);
+  err = gnupg_create_pipe (outbound_fds, GNUPG_PIPE_OUTBOUND);
   if (!err)
-    err = gnupg_create_pipe (inbound_fds);
+    err = gnupg_create_pipe (inbound_fds, GNUPG_PIPE_INBOUND);
   if (err)
     {
       log_error (_("error creating a pipe: %s\n"), gpg_strerror (err));
diff --git a/common/exechelp-posix.c b/common/exechelp-posix.c
index 2c7cb2adf..a9d91d9e7 100644
--- a/common/exechelp-posix.c
+++ b/common/exechelp-posix.c
@@ -348,11 +348,14 @@ gnupg_create_outbound_pipe (gnupg_fd_t *r_fd, estream_t *r_fp, int nonblock)
 }
 
 
-/* Portable function to create a pipe.  Under Windows both ends are
-   inheritable.  */
+/* Portable function to create a pipe.  FLAGS=GNUPG_PIPE_INBOUND for
+   ihneritable write-end for Windows, GNUPG_PIPE_OUTBOUND for
+   inheritable read-end for Windows, GNUPG_PIPE_BOTH to specify
+   both ends may be inheritable.  */
 gpg_error_t
-gnupg_create_pipe (int filedes[2])
+gnupg_create_pipe (int filedes[2], int flags)
 {
+  (void)flags;
   return do_create_pipe (filedes);
 }
 
diff --git a/common/exechelp-w32.c b/common/exechelp-w32.c
index 0c8314296..3c57e7724 100644
--- a/common/exechelp-w32.c
+++ b/common/exechelp-w32.c
@@ -229,8 +229,16 @@ create_pipe_and_estream (gnupg_fd_t *r_fd, int flags,
   gpg_error_t err = 0;
   es_syshd_t syshd;
   gnupg_fd_t fds[2];
+  int inherit_flags = 0;
 
-  if (create_inheritable_pipe (fds, flags) < 0)
+  if (flags == GNUPG_PIPE_OUTBOUND)
+    inherit_flags = INHERIT_READ;
+  else if (flags == GNUPG_PIPE_INBOUND)
+    inherit_flags = INHERIT_WRITE;
+  else
+    inherit_flags = INHERIT_BOTH;
+
+  if (create_inheritable_pipe (fds, inherit_flags) < 0)
     {
       err = my_error_from_syserror ();
       log_error (_("error creating a pipe: %s\n"), gpg_strerror (err));
@@ -275,7 +283,7 @@ gnupg_create_inbound_pipe (gnupg_fd_t *r_fd, estream_t *r_fp, int nonblock)
   if (!r_fd || !r_fp)
     gpg_error (GPG_ERR_INV_ARG);
 
-  return create_pipe_and_estream (r_fd, INHERIT_WRITE, r_fp, 0, nonblock);
+  return create_pipe_and_estream (r_fd, GNUPG_PIPE_INBOUND, r_fp, 0, nonblock);
 }
 
 
@@ -288,19 +296,29 @@ gnupg_create_outbound_pipe (gnupg_fd_t *r_fd, estream_t *r_fp, int nonblock)
   if (!r_fd || !r_fp)
     gpg_error (GPG_ERR_INV_ARG);
 
-  return create_pipe_and_estream (r_fd, INHERIT_READ, r_fp, 1, nonblock);
+  return create_pipe_and_estream (r_fd, GNUPG_PIPE_OUTBOUND, r_fp, 1, nonblock);
 }
 
 
-/* Portable function to create a pipe.  Under Windows both ends are
-   inheritable.  */
+/* Portable function to create a pipe.  FLAGS=GNUPG_PIPE_INBOUND for
+   ihneritable write-end for Windows, GNUPG_PIPE_OUTBOUND for
+   inheritable read-end for Windows, GNUPG_PIPE_BOTH to specify
+   both ends may be inheritable.  */
 gpg_error_t
-gnupg_create_pipe (int filedes[2])
+gnupg_create_pipe (int filedes[2], int flags)
 {
   gnupg_fd_t fds[2];
   gpg_error_t err = 0;
+  int inherit_flags = 0;
+
+  if (flags == GNUPG_PIPE_OUTBOUND)
+    inherit_flags = INHERIT_READ;
+  else if (flags == GNUPG_PIPE_INBOUND)
+    inherit_flags = INHERIT_WRITE;
+  else
+    inherit_flags = INHERIT_BOTH;
 
-  if (create_inheritable_pipe (fds, INHERIT_BOTH) < 0)
+  if (create_inheritable_pipe (fds, inherit_flags) < 0)
     return my_error_from_syserror ();
 
   filedes[0] = _open_osfhandle (handle_to_fd (fds[0]), O_RDONLY);
diff --git a/common/exechelp.h b/common/exechelp.h
index d2aac4b39..10127859f 100644
--- a/common/exechelp.h
+++ b/common/exechelp.h
@@ -65,11 +65,17 @@ gpg_error_t gnupg_create_inbound_pipe (gnupg_fd_t *r_fd,
 gpg_error_t gnupg_create_outbound_pipe (gnupg_fd_t *r_fd,
                                         estream_t *r_fp, int nonblock);
 
-/* Portable function to create a pipe.  Under Windows both ends are
-   inheritable.  */
-gpg_error_t gnupg_create_pipe (int filedes[2]);
+enum {
+  GNUPG_PIPE_DONTCARE=0,
+  GNUPG_PIPE_INBOUND=1,
+  GNUPG_PIPE_OUTBOUND=2,
+  GNUPG_PIPE_BOTH=3
+};
 
-/* Close the end of a pipe.  */
-void gnupg_close_pipe (int fd);
+/* Portable function to create a pipe.  FLAGS=GNUPG_PIPE_INBOUND for
+   ihneritable write-end for Windows, GNUPG_PIPE_OUTBOUND for
+   inheritable read-end for Windows, GNUPG_PIPE_BOTH to specify
+   both ends may be inheritable.  */
+gpg_error_t gnupg_create_pipe (int filedes[2], int flags);
 
 #endif /*GNUPG_COMMON_EXECHELP_H*/