aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--AUTHORS3
-rw-r--r--NEWS35
-rw-r--r--README2
-rw-r--r--agent/agent.h3
-rw-r--r--agent/cache.c358
-rw-r--r--agent/call-daemon.c51
-rw-r--r--agent/call-pinentry.c44
-rw-r--r--agent/command-ssh.c4
-rw-r--r--agent/genkey.c18
-rw-r--r--agent/gpg-agent.c484
-rw-r--r--agent/trustlist.c14
-rw-r--r--common/Makefile.am8
-rw-r--r--common/asshelp.c43
-rw-r--r--common/asshelp.h11
-rw-r--r--common/audit.c4
-rw-r--r--common/b64dec.c299
-rw-r--r--common/b64enc.c423
-rw-r--r--common/dynload.h11
-rw-r--r--common/exechelp-posix.c993
-rw-r--r--common/exechelp-w32.c1209
-rw-r--r--common/exechelp.h231
-rw-r--r--common/exectool.c40
-rw-r--r--common/get-passphrase.c3
-rw-r--r--common/init.c1
-rw-r--r--common/iobuf.c72
-rw-r--r--common/iobuf.h6
-rw-r--r--common/miscellaneous.c50
-rw-r--r--common/openpgpdefs.h9
-rw-r--r--common/ssh-utils.c24
-rw-r--r--common/sysutils.c182
-rw-r--r--common/sysutils.h13
-rw-r--r--common/t-b64.c283
-rw-r--r--common/t-exechelp.c152
-rw-r--r--common/t-iobuf.c56
-rw-r--r--common/util.h34
-rw-r--r--configure.ac12
-rw-r--r--dirmngr/certcache.c3
-rw-r--r--dirmngr/crlfetch.c16
-rw-r--r--dirmngr/dirmngr-client.c18
-rw-r--r--dirmngr/dirmngr.c25
-rw-r--r--dirmngr/dns-stuff.c1
-rw-r--r--dirmngr/http.c12
-rw-r--r--dirmngr/ks-action.c9
-rw-r--r--dirmngr/ks-engine-ldap.c2
-rw-r--r--dirmngr/ldap-wrapper.c79
-rw-r--r--dirmngr/misc.c14
-rw-r--r--doc/DETAILS11
-rw-r--r--doc/debugging.texi4
-rw-r--r--doc/dirmngr.texi34
-rw-r--r--doc/gpg-agent.texi26
-rw-r--r--doc/gpg.texi114
-rw-r--r--doc/gpgsm.texi41
-rw-r--r--doc/gpgv.texi14
-rw-r--r--doc/howto-create-a-server-cert.texi2
-rw-r--r--doc/scdaemon.texi8
-rw-r--r--doc/specify-user-id.texi4
-rw-r--r--doc/tools.texi21
-rw-r--r--doc/wks.texi2
-rw-r--r--g10/call-agent.c3
-rw-r--r--g10/call-dirmngr.c3
-rw-r--r--g10/call-keyboxd.c16
-rw-r--r--g10/card-util.c24
-rw-r--r--g10/dearmor.c4
-rw-r--r--g10/decrypt.c19
-rw-r--r--g10/ecdh.c25
-rw-r--r--g10/encrypt.c23
-rw-r--r--g10/export.c22
-rw-r--r--g10/filter.h4
-rw-r--r--g10/gpg.c19
-rw-r--r--g10/keygen.c31
-rw-r--r--g10/keyid.c5
-rw-r--r--g10/main.h18
-rw-r--r--g10/mainproc.c30
-rw-r--r--g10/mdfilter.c295
-rw-r--r--g10/misc.c17
-rw-r--r--g10/openfile.c10
-rw-r--r--g10/options.h4
-rw-r--r--g10/packet.h8
-rw-r--r--g10/parse-packet.c177
-rw-r--r--g10/photoid.c67
-rw-r--r--g10/plaintext.c27
-rw-r--r--g10/revoke.c4
-rw-r--r--g10/server.c31
-rw-r--r--g10/sign.c70
-rw-r--r--g10/tdbdump.c13
-rw-r--r--g10/verify.c6
-rw-r--r--g13/be-encfs.c63
-rw-r--r--g13/g13-syshelp.c1
-rw-r--r--g13/g13.c8
-rw-r--r--g13/mount.c3
-rw-r--r--g13/runner.c36
-rw-r--r--g13/runner.h2
-rw-r--r--kbx/kbx-client-util.c54
-rw-r--r--kbx/kbxserver.c26
-rw-r--r--kbx/keyboxd.c381
-rw-r--r--scd/app.c21
-rw-r--r--scd/command.c44
-rw-r--r--scd/scdaemon.c20
-rw-r--r--sm/call-agent.c3
-rw-r--r--sm/call-dirmngr.c3
-rw-r--r--sm/decrypt.c12
-rw-r--r--sm/encrypt.c14
-rw-r--r--sm/gpgsm.c146
-rw-r--r--sm/gpgsm.h13
-rw-r--r--sm/import.c51
-rw-r--r--sm/keydb.c16
-rw-r--r--sm/server.c182
-rw-r--r--sm/sign.c34
-rw-r--r--sm/verify.c41
-rw-r--r--tests/gpgscm/ffi.c508
-rw-r--r--tests/gpgscm/scheme.c4
-rw-r--r--tests/gpgscm/t-child.scm39
-rw-r--r--tests/gpgscm/tests.scm93
-rw-r--r--tests/openpgp/defs.scm7
-rw-r--r--tests/tpm2dtests/defs.scm7
-rw-r--r--tools/call-dirmngr.c3
-rw-r--r--tools/card-call-scd.c3
-rw-r--r--tools/gpg-auth.c2
-rw-r--r--tools/gpg-card.c28
-rw-r--r--tools/gpg-connect-agent.c91
-rw-r--r--tools/gpgconf-comp.c115
-rw-r--r--tools/gpgconf.c18
-rw-r--r--tools/gpgtar-create.c49
-rw-r--r--tools/gpgtar-extract.c46
-rw-r--r--tools/gpgtar-list.c49
-rw-r--r--tools/gpgtar.c25
-rw-r--r--tools/gpgtar.h2
-rw-r--r--tools/mime-parser.c23
-rw-r--r--tools/wks-util.c15
-rw-r--r--tpm2d/tpm2daemon.c20
130 files changed, 4901 insertions, 4040 deletions
diff --git a/AUTHORS b/AUTHORS
index 44a755333..6451a5b48 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -220,6 +220,9 @@ Jussi Kivilinna <[email protected]>
Kyle Butt <[email protected]>
2013-05-29:CAAODAYLbCtqOG6msLLL0UTdASKWT6u2ptxsgUQ1JpusBESBoNQ@mail.gmail.com:
+Mario Haustein <[email protected]>
+2022-09-26:8149069.T7Z3S40VBb@localdomain:
+
Michael Haubenwallner <[email protected]>
2018-07-13:[email protected]:
diff --git a/NEWS b/NEWS
index 2182bd225..062353b66 100644
--- a/NEWS
+++ b/NEWS
@@ -1,9 +1,7 @@
-Noteworthy changes in version 2.4.6 (unreleased)
+Noteworthy changes in version 2.5.0 (unreleased)
------------------------------------------------
-
- Release-info: https://dev.gnupg.org/T7030
-
+ Changes also found in 2.4.5:
Noteworthy changes in version 2.4.5 (2024-03-07)
------------------------------------------------
@@ -47,11 +45,8 @@ Noteworthy changes in version 2.4.5 (2024-03-07)
* Make the getswdb.sh tool usable outside the GnuPG tree.
- Release-info: https://dev.gnupg.org/T6960
-
-Noteworthy changes in version 2.4.4 (2024-01-25)
-------------------------------------------------
+ Changes also found in 2.4.4:
* gpg: Do not keep an unprotected smartcard backup key on disk. See
https://gnupg.org/blog/20240125-smartcard-backup-key.html for a
@@ -152,11 +147,7 @@ Noteworthy changes in version 2.4.4 (2024-01-25)
* Improve the speedo build system for Unix. [T6710]
- Release-info: https://dev.gnupg.org/T6578
-
-
-Noteworthy changes in version 2.4.3 (2023-07-04)
-------------------------------------------------
+ Changes also found in 2.4.3:
* gpg: Set default expiration date to 3 years. [T2701]
@@ -205,12 +196,8 @@ Noteworthy changes in version 2.4.3 (2023-07-04)
* Fix garbled time output in non-English Windows. [T6741]
- See-also: gnupg-announce/2023q3/000480.html
- Release-info: https://dev.gnupg.org/T6509
-
-Noteworthy changes in version 2.4.2 (2023-05-30)
-------------------------------------------------
+ Changes also found in 2.4.2:
* gpg: Print a warning if no more encryption subkeys are left over
after changing the expiration date. [rGef2c3d50fa]
@@ -232,8 +219,16 @@ Noteworthy changes in version 2.4.2 (2023-05-30)
* w32: Avoid using the VirtualStore. [T6403]
- See-also: gnupg-announce/2023q2/000479.html
- Release-info: https://dev.gnupg.org/T6506
+
+Release dates of 2.4 versions
+-----------------------------
+
+Version 2.4.5 (2024-03-07) https://dev.gnupg.org/T6960
+Version 2.4.4 (2024-01-25) https://dev.gnupg.org/T6578
+Version 2.4.3 (2023-07-04) https://dev.gnupg.org/T6509
+Version 2.4.2 (2023-05-30) https://dev.gnupg.org/T6506
+Version 2.4.1 (2023-04-28) https://dev.gnupg.org/T6454
+Version 2.4.0 (2022-12-16) https://dev.gnupg.org/T6302
Noteworthy changes in version 2.4.1 (2023-04-28)
diff --git a/README b/README
index a1e989356..fc30b1601 100644
--- a/README
+++ b/README
@@ -1,6 +1,6 @@
The GNU Privacy Guard
=======================
- Version 2.4
+ Version 2.5 (devel)
Copyright 1997-2019 Werner Koch
Copyright 1998-2021 Free Software Foundation, Inc.
diff --git a/agent/agent.h b/agent/agent.h
index 06bc1e046..9a7b59db3 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -428,6 +428,7 @@ void *get_agent_daemon_notify_event (void);
#endif
void agent_sighup_action (void);
int map_pk_openpgp_to_gcry (int openpgp_algo);
+void agent_kick_the_loop (void);
/*-- command.c --*/
gpg_error_t agent_inq_pinentry_launched (ctrl_t ctrl, unsigned long pid,
@@ -533,7 +534,7 @@ int agent_clear_passphrase (ctrl_t ctrl,
/*-- cache.c --*/
void initialize_module_cache (void);
void deinitialize_module_cache (void);
-void agent_cache_housekeeping (void);
+struct timespec *agent_cache_expiration (void);
void agent_flush_cache (int pincache_only);
int agent_put_cache (ctrl_t ctrl, const char *key, cache_mode_t cache_mode,
const char *data, int ttl);
diff --git a/agent/cache.c b/agent/cache.c
index 7616dafc1..e8544205f 100644
--- a/agent/cache.c
+++ b/agent/cache.c
@@ -53,8 +53,20 @@ struct secret_data_s {
char data[1]; /* A string. */
};
-/* The cache object. */
+/* The type of cache object. */
typedef struct cache_item_s *ITEM;
+
+/* The timer entry in a linked list. */
+struct timer_s {
+ ITEM next;
+ int tv_sec;
+ int reason;
+};
+#define CACHE_EXPIRE_UNUSED 0
+#define CACHE_EXPIRE_LAST_ACCESS 1
+#define CACHE_EXPIRE_CREATION 2
+
+/* The cache object. */
struct cache_item_s {
ITEM next;
time_t created;
@@ -63,12 +75,18 @@ struct cache_item_s {
struct secret_data_s *pw;
cache_mode_t cache_mode;
int restricted; /* The value of ctrl->restricted is part of the key. */
+ struct timer_s t;
char key[1];
};
/* The cache himself. */
static ITEM thecache;
+/* The timer list of expiration, in active. */
+static ITEM the_timer_list;
+/* Newly created entries, to be inserted into the timer list. */
+static ITEM the_timer_list_new;
+
/* NULL or the last cache key stored by agent_store_cache_hit. */
static char *last_stored_cache_key;
@@ -193,100 +211,302 @@ new_data (const char *string, struct secret_data_s **r_data)
}
+static void
+insert_to_timer_list_new (ITEM entry)
+{
+ entry->t.next = the_timer_list_new;
+ the_timer_list_new = entry;
+}
-/* Check whether there are items to expire. */
+/* Insert to the active timer list. */
static void
-housekeeping (void)
+insert_to_timer_list (struct timespec *ts, ITEM entry)
{
- ITEM r, rprev;
- time_t current = gnupg_get_time ();
+ ITEM e, eprev;
- /* First expire the actual data */
- for (r=thecache; r; r = r->next)
+ if (!the_timer_list || ts->tv_sec >= entry->t.tv_sec)
{
- if (r->cache_mode == CACHE_MODE_PIN)
- ; /* Don't let it expire - scdaemon explicitly flushes them. */
- else if (r->pw && r->ttl >= 0 && r->accessed + r->ttl < current)
+ if (the_timer_list)
{
- if (DBG_CACHE)
- log_debug (" expired '%s'.%d (%ds after last access)\n",
- r->key, r->restricted, r->ttl);
- release_data (r->pw);
- r->pw = NULL;
- r->accessed = current;
+ the_timer_list->t.tv_sec += ts->tv_sec - entry->t.tv_sec;
+ if (ts->tv_nsec >= 500000000)
+ the_timer_list->t.tv_sec++;
}
+
+ ts->tv_sec = entry->t.tv_sec;
+ ts->tv_nsec = 0;
+
+ entry->t.tv_sec = 0;
+ entry->t.next = the_timer_list;
+ the_timer_list = entry;
+ return;
}
- /* Second, make sure that we also remove them based on the created
- * stamp so that the user has to enter it from time to time. We
- * don't do this for data items which are used to storage secrets in
- * meory and are not user entered passphrases etc. */
- for (r=thecache; r; r = r->next)
+ entry->t.tv_sec -= ts->tv_sec;
+ eprev = NULL;
+ for (e = the_timer_list; e; e = e->t.next)
{
- unsigned long maxttl;
+ if (e->t.tv_sec > entry->t.tv_sec)
+ break;
- switch (r->cache_mode)
- {
- case CACHE_MODE_DATA:
- case CACHE_MODE_PIN:
- continue; /* No MAX TTL here. */
- case CACHE_MODE_SSH: maxttl = opt.max_cache_ttl_ssh; break;
- default: maxttl = opt.max_cache_ttl; break;
- }
- if (r->pw && r->created + maxttl < current)
- {
- if (DBG_CACHE)
- log_debug (" expired '%s'.%d (%lus after creation)\n",
- r->key, r->restricted, opt.max_cache_ttl);
- release_data (r->pw);
- r->pw = NULL;
- r->accessed = current;
- }
+ eprev = e;
+ entry->t.tv_sec -= e->t.tv_sec;
+ }
+
+ entry->t.next = e;
+ if (e)
+ e->t.tv_sec -= entry->t.tv_sec;
+
+ if (eprev)
+ eprev->t.next = entry;
+ else
+ the_timer_list = entry;
+}
+
+static void
+remove_from_timer_list (ITEM entry)
+{
+ ITEM e, eprev;
+
+ eprev = NULL;
+ for (e = the_timer_list; e; e = e->t.next)
+ if (e != entry)
+ eprev = e;
+ else
+ {
+ if (e->t.next)
+ e->t.next->t.tv_sec += e->t.tv_sec;
+
+ if (eprev)
+ eprev->t.next = e->t.next;
+ else
+ the_timer_list = e->t.next;
+
+ break;
+ }
+
+ entry->t.next = NULL;
+ entry->t.tv_sec = 0;
+}
+
+static void
+remove_from_timer_list_new (ITEM entry)
+{
+ ITEM e, eprev;
+
+ eprev = NULL;
+ for (e = the_timer_list_new; e; e = e->t.next)
+ if (e != entry)
+ eprev = e;
+ else
+ {
+ if (eprev)
+ eprev->t.next = e->t.next;
+ else
+ the_timer_list_new = e->t.next;
+
+ break;
+ }
+
+ entry->t.next = NULL;
+ entry->t.tv_sec = 0;
+}
+
+static int
+compute_expiration (ITEM r)
+{
+ unsigned long maxttl;
+ time_t current = gnupg_get_time ();
+ time_t next;
+
+ if (r->cache_mode == CACHE_MODE_PIN)
+ return 0; /* Don't let it expire - scdaemon explicitly flushes them. */
+
+ if (!r->pw)
+ {
+ /* Expire an old and unused entry after 30 minutes. */
+ r->t.tv_sec = 60*30;
+ r->t.reason = CACHE_EXPIRE_UNUSED;
+ return 1;
}
- /* Third, make sure that we don't have too many items in the list.
- * Expire old and unused entries after 30 minutes. */
- for (rprev=NULL, r=thecache; r; )
+ switch (r->cache_mode)
{
- if (!r->pw && r->ttl >= 0 && r->accessed + 60*30 < current)
- {
- ITEM r2 = r->next;
- if (DBG_CACHE)
- log_debug (" removed '%s'.%d (mode %d) (slot not used for 30m)\n",
- r->key, r->restricted, r->cache_mode);
- xfree (r);
- if (!rprev)
- thecache = r2;
- else
- rprev->next = r2;
- r = r2;
- }
- else
+ case CACHE_MODE_DATA:
+ case CACHE_MODE_PIN:
+ maxttl = 0; /* No MAX TTL here. */
+ break;
+ case CACHE_MODE_SSH: maxttl = opt.max_cache_ttl_ssh; break;
+ default: maxttl = opt.max_cache_ttl; break;
+ }
+
+ if (maxttl)
+ {
+ if (r->created + maxttl < current)
{
- rprev = r;
- r = r->next;
+ r->t.tv_sec = 0;
+ r->t.reason = CACHE_EXPIRE_CREATION;
+ return 1;
}
+
+ next = r->created + maxttl - current;
+ }
+ else
+ next = 0;
+
+ if (r->ttl >= 0 && (next == 0 || r->ttl < next))
+ {
+ r->t.tv_sec = r->ttl;
+ r->t.reason = CACHE_EXPIRE_LAST_ACCESS;
+ return 1;
}
+
+ if (next)
+ {
+ r->t.tv_sec = next;
+ r->t.reason = CACHE_EXPIRE_CREATION;
+ return 1;
+ }
+
+ return 0;
}
+static void
+update_expiration (ITEM entry, int is_new_entry)
+{
+ if (!is_new_entry)
+ {
+ remove_from_timer_list (entry);
+ remove_from_timer_list_new (entry);
+ }
-void
-agent_cache_housekeeping (void)
+ if (compute_expiration (entry))
+ {
+ insert_to_timer_list_new (entry);
+ agent_kick_the_loop ();
+ }
+}
+
+
+/* Expire the cache entry. Returns 1 when the entry should be removed
+ * from the cache. */
+static int
+do_expire (ITEM e)
{
- int res;
+ if (!e->pw)
+ /* Unused entry after 30 minutes. */
+ return 1;
- if (DBG_CACHE)
- log_debug ("agent_cache_housekeeping\n");
+ if (e->t.reason == CACHE_EXPIRE_LAST_ACCESS)
+ {
+ if (DBG_CACHE)
+ log_debug (" expired '%s'.%d (%ds after last access)\n",
+ e->key, e->restricted, e->ttl);
+ }
+ else
+ {
+ if (DBG_CACHE)
+ log_debug (" expired '%s'.%d (%lus after creation)\n",
+ e->key, e->restricted, opt.max_cache_ttl);
+ }
+
+ release_data (e->pw);
+ e->pw = NULL;
+ e->accessed = 0;
+
+ if (compute_expiration (e))
+ insert_to_timer_list_new (e);
+
+ return 0;
+}
+
+
+struct timespec *
+agent_cache_expiration (void)
+{
+ static struct timespec abstime;
+ static struct timespec timeout;
+ struct timespec *tp;
+ struct timespec curtime;
+ int res;
+ int expired = 0;
+ ITEM e, enext;
res = npth_mutex_lock (&cache_lock);
if (res)
log_fatal ("failed to acquire cache mutex: %s\n", strerror (res));
- housekeeping ();
+ npth_clock_gettime (&curtime);
+ if (the_timer_list)
+ {
+ if (npth_timercmp (&abstime, &curtime, <))
+ expired = 1;
+ else
+ npth_timersub (&abstime, &curtime, &timeout);
+ }
+
+ if (expired && (e = the_timer_list) && e->t.tv_sec == 0)
+ {
+ the_timer_list = e->t.next;
+ e->t.next = NULL;
+
+ if (do_expire (e))
+ {
+ ITEM r, rprev;
+
+ if (DBG_CACHE)
+ log_debug (" removed '%s'.%d (mode %d) (slot not used for 30m)\n",
+ e->key, e->restricted, e->cache_mode);
+
+ rprev = NULL;
+ for (r = thecache; r; r = r->next)
+ if (r == e)
+ {
+ if (!rprev)
+ thecache = r->next;
+ else
+ rprev->next = r->next;
+ break;
+ }
+ else
+ rprev = r;
+
+ remove_from_timer_list_new (e);
+
+ xfree (e);
+ }
+ }
+
+ if (expired || !the_timer_list)
+ timeout.tv_sec = timeout.tv_nsec = 0;
+
+ for (e = the_timer_list_new; e; e = enext)
+ {
+ enext = e->t.next;
+ e->t.next = NULL;
+ insert_to_timer_list (&timeout, e);
+ }
+ the_timer_list_new = NULL;
+
+ if (!the_timer_list)
+ tp = NULL;
+ else
+ {
+ if (the_timer_list->t.tv_sec != 0)
+ {
+ timeout.tv_sec += the_timer_list->t.tv_sec;
+ the_timer_list->t.tv_sec = 0;
+ }
+
+ npth_timeradd (&timeout, &curtime, &abstime);
+ tp = &timeout;
+ }
res = npth_mutex_unlock (&cache_lock);
if (res)
log_fatal ("failed to release cache mutex: %s\n", strerror (res));
+
+ return tp;
}
@@ -314,6 +534,7 @@ agent_flush_cache (int pincache_only)
release_data (r->pw);
r->pw = NULL;
r->accessed = 0;
+ update_expiration (r, 0);
}
}
@@ -358,7 +579,6 @@ agent_put_cache (ctrl_t ctrl, const char *key, cache_mode_t cache_mode,
if (DBG_CACHE)
log_debug ("agent_put_cache '%s'.%d (mode %d) requested ttl=%d\n",
key, restricted, cache_mode, ttl);
- housekeeping ();
if (!ttl)
{
@@ -410,6 +630,7 @@ agent_put_cache (ctrl_t ctrl, const char *key, cache_mode_t cache_mode,
err = new_data (data, &r->pw);
if (err)
log_error ("error replacing cache item: %s\n", gpg_strerror (err));
+ update_expiration (r, 0);
}
}
else if (data) /* Insert. */
@@ -431,6 +652,7 @@ agent_put_cache (ctrl_t ctrl, const char *key, cache_mode_t cache_mode,
{
r->next = thecache;
thecache = r;
+ update_expiration (r, 1);
}
}
if (err)
@@ -478,7 +700,6 @@ agent_get_cache (ctrl_t ctrl, const char *key, cache_mode_t cache_mode)
log_debug ("agent_get_cache '%s'.%d (mode %d)%s ...\n",
key, restricted, cache_mode,
last_stored? " (stored cache key)":"");
- housekeeping ();
for (r=thecache; r; r = r->next)
{
@@ -500,7 +721,10 @@ agent_get_cache (ctrl_t ctrl, const char *key, cache_mode_t cache_mode)
* below. Note also that we don't update the accessed time
* for data items. */
if (r->cache_mode != CACHE_MODE_DATA)
- r->accessed = gnupg_get_time ();
+ {
+ r->accessed = gnupg_get_time ();
+ update_expiration (r, 0);
+ }
if (DBG_CACHE)
log_debug ("... hit\n");
if (r->pw->totallen < 32)
diff --git a/agent/call-daemon.c b/agent/call-daemon.c
index e1c5669e9..806ef5dc1 100644
--- a/agent/call-daemon.c
+++ b/agent/call-daemon.c
@@ -98,7 +98,6 @@ static npth_mutex_t start_daemon_lock;
struct wait_child_thread_parm_s
{
enum daemon_type type;
- pid_t pid;
};
@@ -109,54 +108,14 @@ wait_child_thread (void *arg)
int err;
struct wait_child_thread_parm_s *parm = arg;
enum daemon_type type = parm->type;
- pid_t pid = parm->pid;
-#ifndef HAVE_W32_SYSTEM
- int wstatus;
-#endif
const char *name = opt.daemon_program[type];
struct daemon_global_s *g = &daemon_global[type];
struct daemon_local_s *sl;
xfree (parm); /* We have copied all data to the stack. */
-#ifdef HAVE_W32_SYSTEM
- npth_unprotect ();
- /* Note that although we use a pid_t here, it is actually a HANDLE. */
- WaitForSingleObject ((HANDLE)pid, INFINITE);
- npth_protect ();
+ assuan_pipe_wait_server_termination (g->primary_ctx, NULL, 0);
log_info ("daemon %s finished\n", name);
-#else /* !HAVE_W32_SYSTEM*/
-
- again:
- npth_unprotect ();
- err = waitpid (pid, &wstatus, 0);
- npth_protect ();
-
- if (err < 0)
- {
- if (errno == EINTR)
- goto again;
- log_error ("waitpid for %s failed: %s\n", name, strerror (errno));
- return NULL;
- }
- else
- {
- if (WIFEXITED (wstatus))
- log_info ("daemon %s finished (status %d)\n",
- name, WEXITSTATUS (wstatus));
- else if (WIFSIGNALED (wstatus))
- log_info ("daemon %s killed by signal %d\n", name, WTERMSIG (wstatus));
- else
- {
- if (WIFSTOPPED (wstatus))
- log_info ("daemon %s stopped by signal %d\n",
- name, WSTOPSIG (wstatus));
- goto again;
- }
-
- assuan_set_flag (g->primary_ctx, ASSUAN_NO_WAITPID, 1);
- }
-#endif /*!HAVE_W32_SYSTEM*/
agent_flush_cache (1); /* Flush the PIN cache. */
@@ -471,8 +430,8 @@ daemon_start (enum daemon_type type, ctrl_t ctrl)
char buf[100];
#ifdef HAVE_W32_SYSTEM
- snprintf (buf, sizeof buf, "OPTION event-signal=%lx",
- (unsigned long)get_agent_daemon_notify_event ());
+ snprintf (buf, sizeof buf, "OPTION event-signal=%p",
+ get_agent_daemon_notify_event ());
#else
snprintf (buf, sizeof buf, "OPTION event-signal=%d", SIGUSR2);
#endif
@@ -496,7 +455,6 @@ daemon_start (enum daemon_type type, ctrl_t ctrl)
}
wctp->type = type;
- wctp->pid = assuan_get_pid (g->primary_ctx);
err = npth_attr_init (&tattr);
if (!err)
{
@@ -561,10 +519,9 @@ agent_daemon_dump_state (void)
for (i = 0; i < DAEMON_MAX_TYPE; i++) {
struct daemon_global_s *g = &daemon_global[i];
- log_info ("%s: name %s primary_ctx=%p pid=%ld reusable=%d\n", __func__,
+ log_info ("%s: name %s primary_ctx=%p reusable=%d\n", __func__,
gnupg_module_name (daemon_modules[i]),
g->primary_ctx,
- (long)assuan_get_pid (g->primary_ctx),
g->primary_ctx_reusable);
if (g->socket_name)
log_info ("%s: socket='%s'\n", __func__, g->socket_name);
diff --git a/agent/call-pinentry.c b/agent/call-pinentry.c
index d236e1107..4a999ca9a 100644
--- a/agent/call-pinentry.c
+++ b/agent/call-pinentry.c
@@ -128,8 +128,9 @@ initialize_module_call_pinentry (void)
void
agent_query_dump_state (void)
{
- log_info ("agent_query_dump_state: entry_ctx=%p pid=%ld popup_tid=%p\n",
- entry_ctx, (long)assuan_get_pid (entry_ctx), (void*)popup_tid);
+ log_info ("agent_query_dump_state: entry_ctx=%p pid=%ld popup_tid=%lx\n",
+ entry_ctx, (long)assuan_get_pid (entry_ctx),
+ (unsigned long)popup_tid);
}
/* Called to make sure that a popup window owned by the current
@@ -1288,8 +1289,6 @@ build_cmd_setdesc (char *line, size_t linelen, const char *desc)
static void *
watch_sock (void *arg)
{
- pid_t pid = assuan_get_pid (entry_ctx);
-
while (1)
{
int err;
@@ -1302,7 +1301,7 @@ watch_sock (void *arg)
FD_ZERO (&fdset);
FD_SET (FD2INT (sock), &fdset);
- err = npth_select (FD2INT (sock)+1, &fdset, NULL, NULL, &timeout);
+ err = npth_select (FD2NUM (sock)+1, &fdset, NULL, NULL, &timeout);
if (err < 0)
{
@@ -1317,17 +1316,7 @@ watch_sock (void *arg)
break;
}
- if (pid == (pid_t)(-1))
- ; /* No pid available can't send a kill. */
-#ifdef HAVE_W32_SYSTEM
- /* Older versions of assuan set PID to 0 on Windows to indicate an
- invalid value. */
- else if (pid != (pid_t) INVALID_HANDLE_VALUE && pid != 0)
- TerminateProcess ((HANDLE)pid, 1);
-#else
- else if (pid > 0)
- kill (pid, SIGINT);
-#endif
+ assuan_pipe_kill_server (entry_ctx);
return NULL;
}
@@ -2124,7 +2113,6 @@ void
agent_popup_message_stop (ctrl_t ctrl)
{
int rc;
- pid_t pid;
(void)ctrl;
@@ -2137,26 +2125,10 @@ agent_popup_message_stop (ctrl_t ctrl)
return;
}
- pid = assuan_get_pid (entry_ctx);
- if (pid == (pid_t)(-1))
- ; /* No pid available can't send a kill. */
- else if (popup_finished)
+ if (popup_finished)
; /* Already finished and ready for joining. */
-#ifdef HAVE_W32_SYSTEM
- /* Older versions of assuan set PID to 0 on Windows to indicate an
- invalid value. */
- else if (pid != (pid_t) INVALID_HANDLE_VALUE
- && pid != 0)
- {
- HANDLE process = (HANDLE) pid;
-
- /* Arbitrary error code. */
- TerminateProcess (process, 1);
- }
-#else
- else if (pid > 0)
- kill (pid, SIGINT);
-#endif
+ else
+ assuan_pipe_kill_server (entry_ctx);
/* Now wait for the thread to terminate. */
rc = npth_join (popup_tid, NULL);
diff --git a/agent/command-ssh.c b/agent/command-ssh.c
index 189acd7f8..02f069dea 100644
--- a/agent/command-ssh.c
+++ b/agent/command-ssh.c
@@ -3952,7 +3952,11 @@ start_command_handler_ssh (ctrl_t ctrl, gnupg_fd_t sock_client)
es_syshd_t syshd;
syshd.type = ES_SYSHD_SOCK;
+#ifdef HAVE_SOCKET
+ syshd.u.sock = (SOCKET)sock_client;
+#else
syshd.u.sock = sock_client;
+#endif
get_client_info (sock_client, &peer_info);
ctrl->client_pid = peer_info.pid;
diff --git a/agent/genkey.c b/agent/genkey.c
index 444f89f79..503a7eb53 100644
--- a/agent/genkey.c
+++ b/agent/genkey.c
@@ -161,7 +161,7 @@ do_check_passphrase_pattern (ctrl_t ctrl, const char *pw, unsigned int flags)
const char *pgmname = gnupg_module_name (GNUPG_MODULE_NAME_CHECK_PATTERN);
estream_t stream_to_check_pattern = NULL;
const char *argv[10];
- pid_t pid;
+ gnupg_process_t proc;
int result, i;
const char *pattern;
char *patternfname;
@@ -204,11 +204,17 @@ do_check_passphrase_pattern (ctrl_t ctrl, const char *pw, unsigned int flags)
argv[i] = NULL;
log_assert (i < sizeof argv);
- if (gnupg_spawn_process (pgmname, argv, NULL, 0,
- &stream_to_check_pattern, NULL, NULL, &pid))
+ if (gnupg_process_spawn (pgmname, argv,
+ GNUPG_PROCESS_STDIN_PIPE,
+ NULL, NULL, &proc))
result = 1; /* Execute error - assume password should no be used. */
else
{
+ int status;
+
+ gnupg_process_get_streams (proc, 0, &stream_to_check_pattern,
+ NULL, NULL);
+
es_set_binary (stream_to_check_pattern);
if (es_fwrite (pw, strlen (pw), 1, stream_to_check_pattern) != 1)
{
@@ -219,11 +225,13 @@ do_check_passphrase_pattern (ctrl_t ctrl, const char *pw, unsigned int flags)
else
es_fflush (stream_to_check_pattern);
es_fclose (stream_to_check_pattern);
- if (gnupg_wait_process (pgmname, pid, 1, NULL))
+ gnupg_process_wait (proc, 1);
+ gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &status);
+ if (status)
result = 1; /* Helper returned an error - probably a match. */
else
result = 0; /* Success; i.e. no match. */
- gnupg_release_process (pid);
+ gnupg_process_release (proc);
}
xfree (patternfname);
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
index 5305098d2..3c71ba65d 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@@ -341,15 +341,13 @@ static struct debug_flags_s debug_flags [] =
#define MIN_PASSPHRASE_NONALPHA (1)
#define MAX_PASSPHRASE_DAYS (0)
-/* The timer tick used for housekeeping stuff. Note that on Windows
- * we use a SetWaitableTimer seems to signal earlier than about 2
- * seconds. Thus we use 4 seconds on all platforms.
- * CHECK_OWN_SOCKET_INTERVAL defines how often we check
- * our own socket in standard socket mode. If that value is 0 we
- * don't check at all. All values are in seconds. */
-#define TIMERTICK_INTERVAL (4)
+/* CHECK_OWN_SOCKET_INTERVAL defines how often we check our own socket
+ * in standard socket mode. If that value is 0 we don't check at all.
+ * Values is in seconds. */
#define CHECK_OWN_SOCKET_INTERVAL (60)
-
+/* CHECK_PROBLEMS_INTERVAL defines how often we check the existence of
+ * parent process and homedir. Value is in seconds. */
+#define CHECK_PROBLEMS_INTERVAL (4)
/* Flag indicating that the ssh-agent subsystem has been enabled. */
static int ssh_support;
@@ -384,9 +382,6 @@ static int startup_signal_mask_valid;
/* Flag to indicate that a shutdown was requested. */
static int shutdown_pending;
-/* Counter for the currently running own socket checks. */
-static int check_own_socket_running;
-
/* Flags to indicate that check_own_socket shall not be called. */
static int disable_check_own_socket;
@@ -396,6 +391,12 @@ static int is_supervised;
/* Flag indicating to start the daemon even if one already runs. */
static int steal_socket;
+/* Flag to monitor problems. */
+static int problem_detected;
+#define AGENT_PROBLEM_SOCKET_TAKEOVER (1 << 0)
+#define AGENT_PROBLEM_PARENT_HAS_GONE (1 << 1)
+#define AGENT_PROBLEM_HOMEDIR_REMOVED (1 << 2)
+
/* Flag to inhibit socket removal in cleanup. */
static int inhibit_socket_removal;
@@ -432,6 +433,17 @@ static assuan_sock_nonce_t socket_nonce_ssh;
* Let's try this as default. Change at runtime with --listen-backlog. */
static int listen_backlog = 64;
+#ifdef HAVE_W32_SYSTEM
+/* The event to break the select call. */
+static HANDLE the_event2;
+#elif defined(HAVE_PSELECT_NO_EINTR)
+/* An FD to break the select call. */
+static int event_pipe_fd;
+#else
+/* PID of the main thread. */
+static pid_t main_thread_pid;
+#endif
+
/* Default values for options passed to the pinentry. */
static char *default_display;
static char *default_ttyname;
@@ -452,9 +464,14 @@ static const char *debug_level;
the log file after a SIGHUP if it didn't changed. Malloced. */
static char *current_logfile;
-/* The handle_tick() function may test whether a parent is still
- * running. We record the PID of the parent here or -1 if it should
- * be watched. */
+#ifdef HAVE_W32_SYSTEM
+#define HAVE_PARENT_PID_SUPPORT 0
+#else
+#define HAVE_PARENT_PID_SUPPORT 1
+#endif
+/* The check_others_thread() function may test whether a parent is
+ * still running. We record the PID of the parent here or -1 if it
+ * should be watched. */
static pid_t parent_pid = (pid_t)(-1);
/* This flag is true if the inotify mechanism for detecting the
@@ -462,11 +479,6 @@ static pid_t parent_pid = (pid_t)(-1);
* alternative but portable stat based check. */
static int have_homedir_inotify;
-/* Depending on how gpg-agent was started, the homedir inotify watch
- * may not be reliable. This flag is set if we assume that inotify
- * works reliable. */
-static int reliable_homedir_inotify;
-
/* Number of active connections. */
static int active_connections;
@@ -516,13 +528,13 @@ static void agent_deinit_default_ctrl (ctrl_t ctrl);
static void handle_connections (gnupg_fd_t listen_fd,
gnupg_fd_t listen_fd_extra,
gnupg_fd_t listen_fd_browser,
- gnupg_fd_t listen_fd_ssh);
-static void check_own_socket (void);
+ gnupg_fd_t listen_fd_ssh,
+ int reliable_homedir_inotify);
static int check_for_running_agent (int silent);
-
-/* Pth wrapper function definitions. */
-ASSUAN_SYSTEM_NPTH_IMPL;
-
+#if CHECK_OWN_SOCKET_INTERVAL > 0
+static void *check_own_socket_thread (void *arg);
+#endif
+static void *check_others_thread (void *arg);
/*
Functions.
@@ -1050,6 +1062,7 @@ thread_init_once (void)
* initialized and thus Libgcrypt could not set its system call
* clamp. */
gcry_control (GCRYCTL_REINIT_SYSCALL_CLAMP, 0, 0);
+ assuan_control (ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP, NULL);
}
@@ -1057,7 +1070,6 @@ static void
initialize_modules (void)
{
thread_init_once ();
- assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
initialize_module_cache ();
initialize_module_call_pinentry ();
initialize_module_daemon ();
@@ -1085,6 +1097,7 @@ main (int argc, char **argv)
int gpgconf_list = 0;
gpg_error_t err;
struct assuan_malloc_hooks malloc_hooks;
+ int reliable_homedir_inotify = 1;
early_system_init ();
@@ -1117,7 +1130,6 @@ main (int argc, char **argv)
assuan_set_malloc_hooks (&malloc_hooks);
assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
assuan_sock_init ();
- assuan_sock_set_system_hooks (ASSUAN_SYSTEM_NPTH);
setup_libassuan_logging (&opt.debug, NULL);
setup_libgcrypt_logging ();
@@ -1583,7 +1595,7 @@ main (int argc, char **argv)
log_info ("listening on: std=%d extra=%d browser=%d ssh=%d\n",
fd, fd_extra, fd_browser, fd_ssh);
- handle_connections (fd, fd_extra, fd_browser, fd_ssh);
+ handle_connections (fd, fd_extra, fd_browser, fd_ssh, 1);
#endif /*!HAVE_W32_SYSTEM*/
}
else if (!is_daemon)
@@ -1811,14 +1823,14 @@ main (int argc, char **argv)
log_get_prefix (&oldflags);
log_set_prefix (NULL, oldflags | GPGRT_LOG_RUN_DETACHED);
opt.running_detached = 1;
-
- /* Unless we are running with a program given on the command
- * line we can assume that the inotify things works and thus
- * we can avoid the regular stat calls. */
- if (!argc)
- reliable_homedir_inotify = 1;
}
+ /* When we are running with a program given on the command
+ * line, the inotify things may not work well and thus
+ * we cannot avoid the regular stat calls. */
+ if (argc)
+ reliable_homedir_inotify = 0;
+
{
struct sigaction sa;
@@ -1837,7 +1849,8 @@ main (int argc, char **argv)
}
log_info ("%s %s started\n", gpgrt_strusage(11), gpgrt_strusage(13) );
- handle_connections (fd, fd_extra, fd_browser, fd_ssh);
+ handle_connections (fd, fd_extra, fd_browser, fd_ssh,
+ reliable_homedir_inotify);
assuan_sock_close (fd);
}
@@ -2139,39 +2152,45 @@ get_agent_active_connection_count (void)
notification event. Calling it the first time creates that
event. */
#if defined(HAVE_W32_SYSTEM)
+static void *
+create_an_event (void)
+{
+ HANDLE h, h2;
+ SECURITY_ATTRIBUTES sa = { sizeof (SECURITY_ATTRIBUTES), NULL, TRUE};
+
+ /* We need to use a manual reset event object due to the way our
+ w32-pth wait function works: If we would use an automatic
+ reset event we are not able to figure out which handle has
+ been signaled because at the time we single out the signaled
+ handles using WFSO the event has already been reset due to
+ the WFMO. */
+ h = CreateEvent (&sa, TRUE, FALSE, NULL);
+ if (!h)
+ log_error ("can't create an event: %s\n", w32_strerror (-1) );
+ else if (!DuplicateHandle (GetCurrentProcess(), h,
+ GetCurrentProcess(), &h2,
+ EVENT_MODIFY_STATE|SYNCHRONIZE, TRUE, 0))
+ {
+ log_error ("setting synchronize for an event failed: %s\n",
+ w32_strerror (-1) );
+ CloseHandle (h);
+ }
+ else
+ {
+ CloseHandle (h);
+ return h2;
+ }
+
+ return INVALID_HANDLE_VALUE;
+}
+
void *
get_agent_daemon_notify_event (void)
{
static HANDLE the_event = INVALID_HANDLE_VALUE;
if (the_event == INVALID_HANDLE_VALUE)
- {
- HANDLE h, h2;
- SECURITY_ATTRIBUTES sa = { sizeof (SECURITY_ATTRIBUTES), NULL, TRUE};
-
- /* We need to use a manual reset event object due to the way our
- w32-pth wait function works: If we would use an automatic
- reset event we are not able to figure out which handle has
- been signaled because at the time we single out the signaled
- handles using WFSO the event has already been reset due to
- the WFMO. */
- h = CreateEvent (&sa, TRUE, FALSE, NULL);
- if (!h)
- log_error ("can't create scd notify event: %s\n", w32_strerror (-1) );
- else if (!DuplicateHandle (GetCurrentProcess(), h,
- GetCurrentProcess(), &h2,
- EVENT_MODIFY_STATE|SYNCHRONIZE, TRUE, 0))
- {
- log_error ("setting synchronize for scd notify event failed: %s\n",
- w32_strerror (-1) );
- CloseHandle (h);
- }
- else
- {
- CloseHandle (h);
- the_event = h2;
- }
- }
+ the_event = create_an_event ();
return the_event;
}
@@ -2428,57 +2447,6 @@ create_directories (void)
}
-
-/* This is the worker for the ticker. It is called every few seconds
- and may only do fast operations. */
-static void
-handle_tick (void)
-{
- static time_t last_minute;
- struct stat statbuf;
-
- if (!last_minute)
- last_minute = time (NULL);
-
- /* If we are running as a child of another process, check whether
- the parent is still alive and shutdown if not. */
-#ifndef HAVE_W32_SYSTEM
- if (parent_pid != (pid_t)(-1))
- {
- if (kill (parent_pid, 0))
- {
- shutdown_pending = 2;
- log_info ("parent process died - shutting down\n");
- log_info ("%s %s stopped\n", gpgrt_strusage(11), gpgrt_strusage(13));
- cleanup ();
- agent_exit (0);
- }
- }
-#endif /*HAVE_W32_SYSTEM*/
-
- /* Code to be run from time to time. */
-#if CHECK_OWN_SOCKET_INTERVAL > 0
- if (last_minute + CHECK_OWN_SOCKET_INTERVAL <= time (NULL))
- {
- check_own_socket ();
- last_minute = time (NULL);
- }
-#endif
-
- /* Need to check for expired cache entries. */
- agent_cache_housekeeping ();
-
- /* Check whether the homedir is still available. */
- if (!shutdown_pending
- && (!have_homedir_inotify || !reliable_homedir_inotify)
- && gnupg_stat (gnupg_homedir (), &statbuf) && errno == ENOENT)
- {
- shutdown_pending = 1;
- log_info ("homedir has been removed - shutting down\n");
- }
-}
-
-
/* A global function which allows us to call the reload stuff from
other places too. This is only used when build for W32. */
void
@@ -2537,6 +2505,11 @@ handle_signal (int signo)
agent_sigusr2_action ();
break;
+ case SIGCONT:
+ /* Do nothing, but break the syscall. */
+ log_debug ("SIGCONT received - breaking select\n");
+ break;
+
case SIGTERM:
if (!shutdown_pending)
log_info ("SIGTERM received - shutting down ...\n");
@@ -2574,7 +2547,7 @@ check_nonce (ctrl_t ctrl, assuan_sock_nonce_t *nonce)
if (assuan_sock_check_nonce (ctrl->thread_startup.fd, nonce))
{
log_info (_("error reading nonce on fd %d: %s\n"),
- FD2INT(ctrl->thread_startup.fd), strerror (errno));
+ FD_DBG (ctrl->thread_startup.fd), strerror (errno));
assuan_sock_close (ctrl->thread_startup.fd);
xfree (ctrl);
return -1;
@@ -2874,12 +2847,12 @@ do_start_connection_thread (ctrl_t ctrl)
agent_init_default_ctrl (ctrl);
if (opt.verbose > 1 && !DBG_IPC)
log_info (_("handler 0x%lx for fd %d started\n"),
- (unsigned long) npth_self(), FD2INT(ctrl->thread_startup.fd));
+ (unsigned long) npth_self(), FD_DBG (ctrl->thread_startup.fd));
start_command_handler (ctrl, GNUPG_INVALID_FD, ctrl->thread_startup.fd);
if (opt.verbose > 1 && !DBG_IPC)
log_info (_("handler 0x%lx for fd %d terminated\n"),
- (unsigned long) npth_self(), FD2INT(ctrl->thread_startup.fd));
+ (unsigned long) npth_self(), FD_DBG (ctrl->thread_startup.fd));
agent_deinit_default_ctrl (ctrl);
xfree (ctrl);
@@ -2954,12 +2927,12 @@ start_connection_thread_ssh (void *arg)
agent_init_default_ctrl (ctrl);
if (opt.verbose)
log_info (_("ssh handler 0x%lx for fd %d started\n"),
- (unsigned long) npth_self(), FD2INT(ctrl->thread_startup.fd));
+ (unsigned long) npth_self(), FD_DBG (ctrl->thread_startup.fd));
start_command_handler_ssh (ctrl, ctrl->thread_startup.fd);
if (opt.verbose)
log_info (_("ssh handler 0x%lx for fd %d terminated\n"),
- (unsigned long) npth_self(), FD2INT(ctrl->thread_startup.fd));
+ (unsigned long) npth_self(), FD_DBG (ctrl->thread_startup.fd));
agent_deinit_default_ctrl (ctrl);
xfree (ctrl);
@@ -2968,13 +2941,36 @@ start_connection_thread_ssh (void *arg)
}
+void
+agent_kick_the_loop (void)
+{
+ /* Kick the select loop. */
+#ifdef HAVE_W32_SYSTEM
+ int ret = SetEvent (the_event2);
+ if (ret == 0)
+ log_error ("SetEvent for agent_kick_the_loop failed: %s\n",
+ w32_strerror (-1));
+#else
+# ifdef HAVE_PSELECT_NO_EINTR
+ write (event_pipe_fd, "", 1);
+# else
+ int ret = kill (main_thread_pid, SIGCONT);
+ if (ret < 0)
+ log_error ("sending signal for agent_kick_the_loop failed: %s\n",
+ gpg_strerror (gpg_error_from_syserror ()));
+# endif
+#endif
+}
+
+
/* Connection handler loop. Wait for connection requests and spawn a
thread after accepting a connection. */
static void
handle_connections (gnupg_fd_t listen_fd,
gnupg_fd_t listen_fd_extra,
gnupg_fd_t listen_fd_browser,
- gnupg_fd_t listen_fd_ssh)
+ gnupg_fd_t listen_fd_ssh,
+ int reliable_homedir_inotify)
{
gpg_error_t err;
npth_attr_t tattr;
@@ -2985,12 +2981,15 @@ handle_connections (gnupg_fd_t listen_fd,
gnupg_fd_t fd;
int nfd;
int saved_errno;
- struct timespec abstime;
- struct timespec curtime;
- struct timespec timeout;
+ struct timespec *tp;
#ifdef HAVE_W32_SYSTEM
- HANDLE events[2];
+ HANDLE events[3];
unsigned int events_set;
+#else
+ int signo;
+# ifdef HAVE_PSELECT_NO_EINTR
+ int pipe_fd[2];
+# endif
#endif
int sock_inotify_fd = -1;
int home_inotify_fd = -1;
@@ -3018,11 +3017,24 @@ handle_connections (gnupg_fd_t listen_fd,
npth_sigev_add (SIGUSR1);
npth_sigev_add (SIGUSR2);
npth_sigev_add (SIGINT);
+ npth_sigev_add (SIGCONT);
npth_sigev_add (SIGTERM);
npth_sigev_fini ();
+# ifdef HAVE_PSELECT_NO_EINTR
+ ret = gnupg_create_pipe (pipe_fd);
+ if (ret)
+ {
+ log_error ("pipe creation failed: %s\n", gpg_strerror (ret));
+ return;
+ }
+ event_pipe_fd = pipe_fd[1];
+# else
+ main_thread_pid = getpid ();
+# endif
#else
events[0] = get_agent_daemon_notify_event ();
- events[1] = INVALID_HANDLE_VALUE;
+ events[1] = the_event2 = create_an_event ();
+ events[2] = INVALID_HANDLE_VALUE;
#endif
if (disable_check_own_socket)
@@ -3034,7 +3046,7 @@ handle_connections (gnupg_fd_t listen_fd,
gpg_strerror (err));
}
- if (disable_check_own_socket)
+ if (!reliable_homedir_inotify)
home_inotify_fd = -1;
else if ((err = gnupg_inotify_watch_delete_self (&home_inotify_fd,
gnupg_homedir ())))
@@ -3046,6 +3058,27 @@ handle_connections (gnupg_fd_t listen_fd,
else
have_homedir_inotify = 1;
+#if CHECK_OWN_SOCKET_INTERVAL > 0
+ if (!disable_check_own_socket && sock_inotify_fd == -1)
+ {
+ npth_t thread;
+
+ err = npth_create (&thread, &tattr, check_own_socket_thread, NULL);
+ if (err)
+ log_error ("error spawning check_own_socket_thread: %s\n", strerror (err));
+ }
+#endif
+
+ if ((HAVE_PARENT_PID_SUPPORT && parent_pid != (pid_t)(-1))
+ || !have_homedir_inotify)
+ {
+ npth_t thread;
+
+ err = npth_create (&thread, &tattr, check_others_thread, NULL);
+ if (err)
+ log_error ("error spawning check_others_thread: %s\n", strerror (err));
+ }
+
/* On Windows we need to fire up a separate thread to listen for
requests from Putty (an SSH client), so we can replace Putty's
Pageant (its ssh-agent implementation). */
@@ -3075,24 +3108,24 @@ handle_connections (gnupg_fd_t listen_fd,
FD_ZERO (&fdset);
FD_SET (FD2INT (listen_fd), &fdset);
- nfd = FD2INT (listen_fd);
+ nfd = FD2NUM (listen_fd);
if (listen_fd_extra != GNUPG_INVALID_FD)
{
FD_SET ( FD2INT(listen_fd_extra), &fdset);
if (FD2INT (listen_fd_extra) > nfd)
- nfd = FD2INT (listen_fd_extra);
+ nfd = FD2NUM (listen_fd_extra);
}
if (listen_fd_browser != GNUPG_INVALID_FD)
{
FD_SET ( FD2INT(listen_fd_browser), &fdset);
if (FD2INT (listen_fd_browser) > nfd)
- nfd = FD2INT (listen_fd_browser);
+ nfd = FD2NUM (listen_fd_browser);
}
if (listen_fd_ssh != GNUPG_INVALID_FD)
{
FD_SET ( FD2INT(listen_fd_ssh), &fdset);
if (FD2INT (listen_fd_ssh) > nfd)
- nfd = FD2INT (listen_fd_ssh);
+ nfd = FD2NUM (listen_fd_ssh);
}
if (sock_inotify_fd != -1)
{
@@ -3112,15 +3145,12 @@ handle_connections (gnupg_fd_t listen_fd,
listentbl[2].l_fd = listen_fd_browser;
listentbl[3].l_fd = listen_fd_ssh;
- npth_clock_gettime (&abstime);
- abstime.tv_sec += TIMERTICK_INTERVAL;
-
for (;;)
{
/* Shutdown test. */
if (shutdown_pending)
{
- if (active_connections == 0)
+ if (active_connections == 0 || is_supervised)
break; /* ready */
/* Do not accept new connections but keep on running the
@@ -3149,28 +3179,23 @@ handle_connections (gnupg_fd_t listen_fd,
thus a simple assignment is fine to copy the entire set. */
read_fdset = fdset;
- npth_clock_gettime (&curtime);
- if (!(npth_timercmp (&curtime, &abstime, <)))
- {
- /* Timeout. */
- handle_tick ();
- npth_clock_gettime (&abstime);
- abstime.tv_sec += TIMERTICK_INTERVAL;
- }
- npth_timersub (&abstime, &curtime, &timeout);
+#ifdef HAVE_PSELECT_NO_EINTR
+ FD_SET (pipe_fd[0], &read_fdset);
+ if (nfd < pipe_fd[0])
+ nfd = pipe_fd[0];
+#endif
+
+ tp = agent_cache_expiration ();
#ifndef HAVE_W32_SYSTEM
- ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, &timeout,
+ ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, tp,
npth_sigev_sigmask ());
saved_errno = errno;
- {
- int signo;
- while (npth_sigev_get_pending (&signo))
- handle_signal (signo);
- }
+ while (npth_sigev_get_pending (&signo))
+ handle_signal (signo);
#else
- ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, &timeout,
+ ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, tp,
events, &events_set);
saved_errno = errno;
@@ -3186,11 +3211,47 @@ handle_connections (gnupg_fd_t listen_fd,
gnupg_sleep (1);
continue;
}
+
+#ifndef HAVE_W32_SYSTEM
+ if ((problem_detected & AGENT_PROBLEM_PARENT_HAS_GONE))
+ {
+ shutdown_pending = 2;
+ log_info ("parent process died - shutting down\n");
+ log_info ("%s %s stopped\n", gpgrt_strusage(11), gpgrt_strusage(13));
+ cleanup ();
+ agent_exit (0);
+ }
+#endif
+
+ if ((problem_detected & AGENT_PROBLEM_SOCKET_TAKEOVER))
+ {
+ /* We may not remove the socket as it is now in use by another
+ server. */
+ inhibit_socket_removal = 1;
+ shutdown_pending = 2;
+ log_info ("this process is useless - shutting down\n");
+ }
+
+ if ((problem_detected & AGENT_PROBLEM_HOMEDIR_REMOVED))
+ {
+ shutdown_pending = 1;
+ log_info ("homedir has been removed - shutting down\n");
+ }
+
if (ret <= 0)
/* Interrupt or timeout. Will be handled when calculating the
next timeout. */
continue;
+#ifdef HAVE_PSELECT_NO_EINTR
+ if (FD_ISSET (pipe_fd[0], &read_fdset))
+ {
+ char buf[256];
+
+ read (pipe_fd[0], buf, sizeof buf);
+ }
+#endif
+
/* The inotify fds are set even when a shutdown is pending (see
* above). So we must handle them in any case. To avoid that
* they trigger a second time we close them immediately. */
@@ -3198,7 +3259,10 @@ handle_connections (gnupg_fd_t listen_fd,
&& FD_ISSET (sock_inotify_fd, &read_fdset)
&& gnupg_inotify_has_name (sock_inotify_fd, GPG_AGENT_SOCK_NAME))
{
- shutdown_pending = 1;
+ /* We may not remove the socket (if any), as it may be now
+ in use by another server. */
+ inhibit_socket_removal = 1;
+ shutdown_pending = 2;
close (sock_inotify_fd);
sock_inotify_fd = -1;
log_info ("socket file has been removed - shutting down\n");
@@ -3227,8 +3291,8 @@ handle_connections (gnupg_fd_t listen_fd,
continue;
plen = sizeof paddr;
- fd = INT2FD (npth_accept (FD2INT(listentbl[idx].l_fd),
- (struct sockaddr *)&paddr, &plen));
+ fd = assuan_sock_accept (listentbl[idx].l_fd,
+ (struct sockaddr *)&paddr, &plen);
if (fd == GNUPG_INVALID_FD)
{
log_error ("accept failed for %s: %s\n",
@@ -3268,13 +3332,21 @@ handle_connections (gnupg_fd_t listen_fd,
close (sock_inotify_fd);
if (home_inotify_fd != -1)
close (home_inotify_fd);
+#ifdef HAVE_W32_SYSTEM
+ if (the_event2 != INVALID_HANDLE_VALUE)
+ CloseHandle (the_event2);
+#endif
+#ifdef HAVE_PSELECT_NO_EINTR
+ close (pipe_fd[0]);
+ close (pipe_fd[1]);
+#endif
cleanup ();
log_info (_("%s %s stopped\n"), gpgrt_strusage(11), gpgrt_strusage(13));
npth_attr_destroy (&tattr);
}
-
+#if CHECK_OWN_SOCKET_INTERVAL > 0
/* Helper for check_own_socket. */
static gpg_error_t
check_own_socket_pid_cb (void *opaque, const void *buffer, size_t length)
@@ -3285,20 +3357,18 @@ check_own_socket_pid_cb (void *opaque, const void *buffer, size_t length)
}
-/* The thread running the actual check. We need to run this in a
- separate thread so that check_own_thread can be called from the
- timer tick. */
-static void *
-check_own_socket_thread (void *arg)
+/* Check whether we are still listening on our own socket. In case
+ another gpg-agent process started after us has taken ownership of
+ our socket, we would linger around without any real task. Thus we
+ better check once in a while whether we are really needed. */
+static int
+do_check_own_socket (const char *sockname)
{
int rc;
- char *sockname = arg;
assuan_context_t ctx = NULL;
membuf_t mb;
char *buffer;
- check_own_socket_running++;
-
rc = assuan_new (&ctx);
if (rc)
{
@@ -3336,58 +3406,78 @@ check_own_socket_thread (void *arg)
xfree (buffer);
leave:
- xfree (sockname);
if (ctx)
assuan_release (ctx);
- if (rc)
- {
- /* We may not remove the socket as it is now in use by another
- server. */
- inhibit_socket_removal = 1;
- shutdown_pending = 2;
- log_info ("this process is useless - shutting down\n");
- }
- check_own_socket_running--;
- return NULL;
-}
+ return rc;
+}
-/* Check whether we are still listening on our own socket. In case
- another gpg-agent process started after us has taken ownership of
- our socket, we would linger around without any real task. Thus we
- better check once in a while whether we are really needed. */
-static void
-check_own_socket (void)
+/* The thread running the actual check. */
+static void *
+check_own_socket_thread (void *arg)
{
char *sockname;
- npth_t thread;
- npth_attr_t tattr;
- int err;
-
- if (disable_check_own_socket)
- return;
- if (check_own_socket_running || shutdown_pending)
- return; /* Still running or already shutting down. */
+ (void)arg;
sockname = make_filename_try (gnupg_socketdir (), GPG_AGENT_SOCK_NAME, NULL);
if (!sockname)
- return; /* Out of memory. */
+ return NULL; /* Out of memory. */
- err = npth_attr_init (&tattr);
- if (err)
+ while (!problem_detected)
{
- xfree (sockname);
- return;
+ if (shutdown_pending)
+ goto leave;
+
+ gnupg_sleep (CHECK_OWN_SOCKET_INTERVAL);
+
+ if (do_check_own_socket (sockname))
+ problem_detected |= AGENT_PROBLEM_SOCKET_TAKEOVER;
}
- npth_attr_setdetachstate (&tattr, NPTH_CREATE_DETACHED);
- err = npth_create (&thread, &tattr, check_own_socket_thread, sockname);
- if (err)
- log_error ("error spawning check_own_socket_thread: %s\n", strerror (err));
- npth_attr_destroy (&tattr);
+
+ agent_kick_the_loop ();
+
+ leave:
+ xfree (sockname);
+ return NULL;
}
+#endif
+
+/* The thread running other checks. */
+static void *
+check_others_thread (void *arg)
+{
+ const char *homedir = gnupg_homedir ();
+
+ (void)arg;
+
+ while (!problem_detected)
+ {
+ struct stat statbuf;
+
+ if (shutdown_pending)
+ goto leave;
+
+ gnupg_sleep (CHECK_PROBLEMS_INTERVAL);
+
+ /* If we are running as a child of another process, check whether
+ the parent is still alive and shutdown if not. */
+#ifndef HAVE_W32_SYSTEM
+ if (parent_pid != (pid_t)(-1) && kill (parent_pid, 0))
+ problem_detected |= AGENT_PROBLEM_PARENT_HAS_GONE;
+#endif /*HAVE_W32_SYSTEM*/
+
+ /* Check whether the homedir is still available. */
+ if (!have_homedir_inotify
+ && gnupg_stat (homedir, &statbuf) && errno == ENOENT)
+ problem_detected |= AGENT_PROBLEM_HOMEDIR_REMOVED;
+ }
+ agent_kick_the_loop ();
+ leave:
+ return NULL;
+}
/* Figure out whether an agent is available and running. Prints an
error if not. If SILENT is true, no messages are printed.
diff --git a/agent/trustlist.c b/agent/trustlist.c
index 330f233b8..fce23de15 100644
--- a/agent/trustlist.c
+++ b/agent/trustlist.c
@@ -38,14 +38,14 @@ struct trustitem_s
{
struct
{
- int disabled:1; /* This entry is disabled. */
- int for_pgp:1; /* Set by '*' or 'P' as first flag. */
- int for_smime:1; /* Set by '*' or 'S' as first flag. */
- int relax:1; /* Relax checking of root certificate
+ unsigned int disabled:1; /* This entry is disabled. */
+ unsigned int for_pgp:1; /* Set by '*' or 'P' as first flag. */
+ unsigned int for_smime:1; /* Set by '*' or 'S' as first flag. */
+ unsigned int relax:1; /* Relax checking of root certificate
constraints. */
- int cm:1; /* Use chain model for validation. */
- int qual:1; /* Root CA for qualified signatures. */
- int de_vs:1; /* Root CA for de-vs compliant PKI. */
+ unsigned int cm:1; /* Use chain model for validation. */
+ unsigned int qual:1; /* Root CA for qualified signatures. */
+ unsigned int de_vs:1; /* Root CA for de-vs compliant PKI. */
} flags;
unsigned char fpr[20]; /* The binary fingerprint. */
};
diff --git a/common/Makefile.am b/common/Makefile.am
index 91718f99e..d27603f96 100644
--- a/common/Makefile.am
+++ b/common/Makefile.am
@@ -65,7 +65,7 @@ common_sources = \
homedir.c \
gettime.c gettime.h \
yesno.c \
- b64enc.c b64dec.c zb32.c zb32.h \
+ zb32.c zb32.h \
convert.c \
percent.c \
mbox-util.c mbox-util.h \
@@ -161,11 +161,12 @@ module_tests = t-stringhelp t-timestuff \
t-convert t-percent t-gettime t-sysutils t-sexputil \
t-session-env t-openpgp-oid t-ssh-utils \
t-mapstrings t-zb32 t-mbox-util t-iobuf t-strlist \
- t-name-value t-ccparray t-recsel t-w32-cmdline t-b64
+ t-name-value t-ccparray t-recsel t-w32-cmdline t-exechelp
+
if HAVE_W32_SYSTEM
module_tests += t-w32-reg
else
-module_tests += t-exechelp t-exectool
+module_tests += t-exectool
endif
if MAINTAINER_MODE
@@ -196,7 +197,6 @@ t_gettime_LDADD = $(t_common_ldadd)
t_sysutils_LDADD = $(t_common_ldadd)
t_helpfile_LDADD = $(t_common_ldadd)
t_sexputil_LDADD = $(t_common_ldadd)
-t_b64_LDADD = $(t_common_ldadd)
t_exechelp_LDADD = $(t_common_ldadd)
t_exectool_LDADD = $(t_common_ldadd)
t_session_env_LDADD = $(t_common_ldadd)
diff --git a/common/asshelp.c b/common/asshelp.c
index eb3e41bf5..5a40e0380 100644
--- a/common/asshelp.c
+++ b/common/asshelp.c
@@ -386,7 +386,8 @@ start_new_service (assuan_context_t *r_ctx,
const char *opt_lc_ctype,
const char *opt_lc_messages,
session_env_t session_env,
- int autostart, int verbose, int debug,
+ unsigned int flags,
+ int verbose, int debug,
gpg_error_t (*status_cb)(ctrl_t, int, ...),
ctrl_t status_cb_arg)
{
@@ -445,7 +446,7 @@ start_new_service (assuan_context_t *r_ctx,
}
err = assuan_socket_connect (ctx, sockname, 0, connect_flags);
- if (err && autostart)
+ if (err && (flags & ASSHELP_FLAG_AUTOSTART))
{
char *abs_homedir;
lock_spawn_t lock;
@@ -523,16 +524,12 @@ start_new_service (assuan_context_t *r_ctx,
&& assuan_socket_connect (ctx, sockname, 0, connect_flags))
{
#ifdef HAVE_W32_SYSTEM
- err = gnupg_spawn_process_detached (program? program : program_name,
- argv, NULL);
+ err = gnupg_process_spawn (program? program : program_name, argv,
+ GNUPG_PROCESS_DETACHED,
+ NULL, NULL, NULL);
#else /*!W32*/
- pid_t pid;
-
- err = gnupg_spawn_process_fd (program? program : program_name,
- argv, -1, -1, -1, &pid);
- if (!err)
- err = gnupg_wait_process (program? program : program_name,
- pid, 1, NULL);
+ err = gnupg_process_spawn (program? program : program_name, argv,
+ 0, NULL, NULL, NULL);
#endif /*!W32*/
if (err)
log_error ("failed to start %s '%s': %s\n",
@@ -551,7 +548,8 @@ start_new_service (assuan_context_t *r_ctx,
xfree (sockname);
if (err)
{
- if (autostart || gpg_err_code (err) != GPG_ERR_ASS_CONNECT_FAILED)
+ if ((flags & ASSHELP_FLAG_AUTOSTART)
+ || gpg_err_code (err) != GPG_ERR_ASS_CONNECT_FAILED)
log_error ("can't connect to the %s: %s\n",
printed_name, gpg_strerror (err));
assuan_release (ctx);
@@ -603,55 +601,58 @@ start_new_gpg_agent (assuan_context_t *r_ctx,
const char *opt_lc_ctype,
const char *opt_lc_messages,
session_env_t session_env,
- int autostart, int verbose, int debug,
+ unsigned int flags,
+ int verbose, int debug,
gpg_error_t (*status_cb)(ctrl_t, int, ...),
ctrl_t status_cb_arg)
{
return start_new_service (r_ctx, GNUPG_MODULE_NAME_AGENT,
errsource, agent_program,
opt_lc_ctype, opt_lc_messages, session_env,
- autostart, verbose, debug,
+ flags, verbose, debug,
status_cb, status_cb_arg);
}
/* Try to connect to the dirmngr via a socket. On platforms
- supporting it, start it up if needed and if AUTOSTART is true.
+ supporting it, start it up if needed and if ASSHELP_FLAG_AUTOSTART is set.
Returns a new assuan context at R_CTX or an error code. */
gpg_error_t
start_new_keyboxd (assuan_context_t *r_ctx,
gpg_err_source_t errsource,
const char *keyboxd_program,
- int autostart, int verbose, int debug,
+ unsigned int flags,
+ int verbose, int debug,
gpg_error_t (*status_cb)(ctrl_t, int, ...),
ctrl_t status_cb_arg)
{
return start_new_service (r_ctx, GNUPG_MODULE_NAME_KEYBOXD,
errsource, keyboxd_program,
NULL, NULL, NULL,
- autostart, verbose, debug,
+ flags, verbose, debug,
status_cb, status_cb_arg);
}
/* Try to connect to the dirmngr via a socket. On platforms
- supporting it, start it up if needed and if AUTOSTART is true.
+ supporting it, start it up if needed and if ASSHELP_FLAG_AUTOSTART is set.
Returns a new assuan context at R_CTX or an error code. */
gpg_error_t
start_new_dirmngr (assuan_context_t *r_ctx,
gpg_err_source_t errsource,
const char *dirmngr_program,
- int autostart, int verbose, int debug,
+ unsigned int flags,
+ int verbose, int debug,
gpg_error_t (*status_cb)(ctrl_t, int, ...),
ctrl_t status_cb_arg)
{
#ifndef USE_DIRMNGR_AUTO_START
- autostart = 0;
+ flags &= ~ASSHELP_FLAG_AUTOSTART; /* Clear flag. */
#endif
return start_new_service (r_ctx, GNUPG_MODULE_NAME_DIRMNGR,
errsource, dirmngr_program,
NULL, NULL, NULL,
- autostart, verbose, debug,
+ flags, verbose, debug,
status_cb, status_cb_arg);
}
diff --git a/common/asshelp.h b/common/asshelp.h
index e7e43bd1b..bca50759d 100644
--- a/common/asshelp.h
+++ b/common/asshelp.h
@@ -37,6 +37,8 @@
#include "util.h"
/*-- asshelp.c --*/
+#define ASSHELP_FLAG_AUTOSTART 1 /* Autostart the new service. */
+
void setup_libassuan_logging (unsigned int *debug_var_address,
int (*log_monitor)(assuan_context_t ctx,
@@ -61,7 +63,8 @@ start_new_gpg_agent (assuan_context_t *r_ctx,
const char *opt_lc_ctype,
const char *opt_lc_messages,
session_env_t session_env,
- int autostart, int verbose, int debug,
+ unsigned int flags,
+ int verbose, int debug,
gpg_error_t (*status_cb)(ctrl_t, int, ...),
ctrl_t status_cb_arg);
@@ -71,7 +74,8 @@ gpg_error_t
start_new_keyboxd (assuan_context_t *r_ctx,
gpg_err_source_t errsource,
const char *keyboxd_program,
- int autostart, int verbose, int debug,
+ unsigned int flags,
+ int verbose, int debug,
gpg_error_t (*status_cb)(ctrl_t, int, ...),
ctrl_t status_cb_arg);
@@ -81,7 +85,8 @@ gpg_error_t
start_new_dirmngr (assuan_context_t *r_ctx,
gpg_err_source_t errsource,
const char *dirmngr_program,
- int autostart, int verbose, int debug,
+ unsigned int flags,
+ int verbose, int debug,
gpg_error_t (*status_cb)(ctrl_t, int, ...),
ctrl_t status_cb_arg);
diff --git a/common/audit.c b/common/audit.c
index ae0d45216..42a2cf6d6 100644
--- a/common/audit.c
+++ b/common/audit.c
@@ -45,8 +45,8 @@ struct log_item_s
int intvalue; /* A logged integer value. */
char *string; /* A malloced string or NULL. */
ksba_cert_t cert; /* A certifciate or NULL. */
- int have_err:1;
- int have_intvalue:1;
+ unsigned int have_err:1;
+ unsigned int have_intvalue:1;
};
typedef struct log_item_s *log_item_t;
diff --git a/common/b64dec.c b/common/b64dec.c
deleted file mode 100644
index 2904b0471..000000000
--- a/common/b64dec.c
+++ /dev/null
@@ -1,299 +0,0 @@
-/* b64dec.c - Simple Base64 decoder.
- * Copyright (C) 2008, 2011 Free Software Foundation, Inc.
- * Copyright (C) 2008, 2011, 2016 g10 Code GmbH
- *
- * This file is part of GnuPG.
- *
- * This file is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This file is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, see <https://www.gnu.org/licenses/>.
- * SPDX-License-Identifier: LGPL-2.1-or-later
- */
-
-#include <config.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <assert.h>
-
-#include "i18n.h"
-#include "util.h"
-
-
-/* The reverse base-64 list used for base-64 decoding. */
-static unsigned char const asctobin[128] =
- {
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0x3e, 0xff, 0xff, 0xff, 0x3f,
- 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b,
- 0x3c, 0x3d, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
- 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e,
- 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
- 0x17, 0x18, 0x19, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
- 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
- 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30,
- 0x31, 0x32, 0x33, 0xff, 0xff, 0xff, 0xff, 0xff
- };
-
-enum decoder_states
- {
- s_init, s_idle, s_lfseen, s_beginseen, s_waitheader, s_waitblank, s_begin,
- s_b64_0, s_b64_1, s_b64_2, s_b64_3,
- s_waitendtitle, s_waitend
- };
-
-
-
-/* Initialize the context for the base64 decoder. If TITLE is NULL a
- plain base64 decoding is done. If it is the empty string the
- decoder will skip everything until a "-----BEGIN " line has been
- seen, decoding ends at a "----END " line. */
-gpg_error_t
-b64dec_start (struct b64state *state, const char *title)
-{
- memset (state, 0, sizeof *state);
- if (title)
- {
- state->title = xtrystrdup (title);
- if (!state->title)
- state->lasterr = gpg_error_from_syserror ();
- else
- state->idx = s_init;
- }
- else
- state->idx = s_b64_0;
- return state->lasterr;
-}
-
-
-/* Do in-place decoding of base-64 data of LENGTH in BUFFER. Stores the
- new length of the buffer at R_NBYTES. */
-gpg_error_t
-b64dec_proc (struct b64state *state, void *buffer, size_t length,
- size_t *r_nbytes)
-{
- enum decoder_states ds = state->idx;
- unsigned char val = state->radbuf[0];
- int pos = state->quad_count;
- char *d, *s;
-
- if (state->lasterr)
- return state->lasterr;
-
- if (state->stop_seen)
- {
- *r_nbytes = 0;
- state->lasterr = gpg_error (GPG_ERR_EOF);
- xfree (state->title);
- state->title = NULL;
- return state->lasterr;
- }
-
- for (s=d=buffer; length && !state->stop_seen; length--, s++)
- {
- again:
- switch (ds)
- {
- case s_idle:
- if (*s == '\n')
- {
- ds = s_lfseen;
- pos = 0;
- }
- break;
- case s_init:
- ds = s_lfseen;
- /* fall through */
- case s_lfseen:
- if (*s != "-----BEGIN "[pos])
- {
- ds = s_idle;
- goto again;
- }
- else if (pos == 10)
- {
- pos = 0;
- ds = s_beginseen;
- }
- else
- pos++;
- break;
- case s_beginseen:
- if (*s != "PGP "[pos])
- ds = s_begin; /* Not a PGP armor. */
- else if (pos == 3)
- ds = s_waitheader;
- else
- pos++;
- break;
- case s_waitheader:
- if (*s == '\n')
- ds = s_waitblank;
- break;
- case s_waitblank:
- if (*s == '\n')
- ds = s_b64_0; /* blank line found. */
- else if (*s == ' ' || *s == '\r' || *s == '\t')
- ; /* Ignore spaces. */
- else
- {
- /* Armor header line. Note that we don't care that our
- * FSM accepts a header prefixed with spaces. */
- ds = s_waitheader; /* Wait for next header. */
- }
- break;
- case s_begin:
- if (*s == '\n')
- ds = s_b64_0;
- break;
- case s_b64_0:
- case s_b64_1:
- case s_b64_2:
- case s_b64_3:
- {
- int c;
-
- if (*s == '-' && state->title)
- {
- /* Not a valid Base64 character: assume end
- header. */
- ds = s_waitend;
- }
- else if (*s == '=')
- {
- /* Pad character: stop */
- if (ds == s_b64_1)
- *d++ = val;
- ds = state->title? s_waitendtitle : s_waitend;
- }
- else if (*s == '\n' || *s == ' ' || *s == '\r' || *s == '\t')
- ; /* Skip white spaces. */
- else if ( (*s & 0x80)
- || (c = asctobin[*(unsigned char *)s]) == 255)
- {
- /* Skip invalid encodings. */
- state->invalid_encoding = 1;
- }
- else if (ds == s_b64_0)
- {
- val = c << 2;
- ds = s_b64_1;
- }
- else if (ds == s_b64_1)
- {
- val |= (c>>4)&3;
- *d++ = val;
- val = (c<<4)&0xf0;
- ds = s_b64_2;
- }
- else if (ds == s_b64_2)
- {
- val |= (c>>2)&15;
- *d++ = val;
- val = (c<<6)&0xc0;
- ds = s_b64_3;
- }
- else
- {
- val |= c&0x3f;
- *d++ = val;
- ds = s_b64_0;
- }
- }
- break;
- case s_waitendtitle:
- if (*s == '-')
- ds = s_waitend;
- break;
- case s_waitend:
- if ( *s == '\n')
- state->stop_seen = 1;
- break;
- default:
- BUG();
- }
- }
-
-
- state->idx = ds;
- state->radbuf[0] = val;
- state->quad_count = pos;
- *r_nbytes = (d -(char*) buffer);
- return 0;
-}
-
-
-/* This function needs to be called before releasing the decoder
- state. It may return an error code in case an encoding error has
- been found during decoding. */
-gpg_error_t
-b64dec_finish (struct b64state *state)
-{
- xfree (state->title);
- state->title = NULL;
-
- if (state->lasterr)
- return state->lasterr;
-
- return state->invalid_encoding? gpg_error(GPG_ERR_BAD_DATA): 0;
-}
-
-
-/* Convert STRING consisting of base64 characters into its binary
- * representation and store the result in a newly allocated buffer at
- * R_BUFFER with its length at R_BUFLEN. If TITLE is NULL a plain
- * base64 decoding is done. If it is the empty string the decoder
- * will skip everything until a "-----BEGIN " line has been seen,
- * decoding then ends at a "----END " line. On failure the function
- * returns an error code and sets R_BUFFER to NULL. If the decoded
- * data has a length of 0 a dummy buffer will still be allocated and
- * the length is set to 0. */
-gpg_error_t
-b64decode (const char *string, const char *title,
- void **r_buffer, size_t *r_buflen)
-{
- gpg_error_t err;
- struct b64state state;
- size_t nbytes;
- char *buffer;
-
- *r_buffer = NULL;
- *r_buflen = 0;
-
- buffer = xtrystrdup (string);
- if (!buffer)
- return gpg_error_from_syserror();
-
- err = b64dec_start (&state, title);
- if (err)
- {
- xfree (buffer);
- return err;
- }
- b64dec_proc (&state, buffer, strlen (buffer), &nbytes);
- err = b64dec_finish (&state);
- if (err)
- xfree (buffer);
- else
- {
- *r_buffer = buffer;
- *r_buflen = nbytes;
- }
- return err;
-}
diff --git a/common/b64enc.c b/common/b64enc.c
deleted file mode 100644
index 7846dcb3e..000000000
--- a/common/b64enc.c
+++ /dev/null
@@ -1,423 +0,0 @@
-/* b64enc.c - Simple Base64 encoder.
- * Copyright (C) 2001, 2003, 2004, 2008, 2010,
- * 2011 Free Software Foundation, Inc.
- * Copyright (C) 2001, 2003, 2004, 2008, 2010,
- * 2011 g10 Code GmbH
- *
- * This file is part of GnuPG.
- *
- * This file is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This file is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, see <https://www.gnu.org/licenses/>.
- * SPDX-License-Identifier: LGPL-2.1-or-later
- */
-
-#include <config.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <assert.h>
-
-#include "i18n.h"
-#include "util.h"
-
-#define B64ENC_DID_HEADER 1
-#define B64ENC_DID_TRAILER 2
-#define B64ENC_NO_LINEFEEDS 16
-#define B64ENC_USE_PGPCRC 32
-
-/* The base-64 character list */
-static unsigned char bintoasc[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
- "abcdefghijklmnopqrstuvwxyz"
- "0123456789+/";
-
-/* Stuff required to create the OpenPGP CRC. This crc_table has been
- created using this code:
-
- #include <stdio.h>
- #include <stdint.h>
-
- #define CRCPOLY 0x864CFB
-
- int
- main (void)
- {
- int i, j;
- uint32_t t;
- uint32_t crc_table[256];
-
- crc_table[0] = 0;
- for (i=j=0; j < 128; j++ )
- {
- t = crc_table[j];
- if ( (t & 0x00800000) )
- {
- t <<= 1;
- crc_table[i++] = t ^ CRCPOLY;
- crc_table[i++] = t;
- }
- else
- {
- t <<= 1;
- crc_table[i++] = t;
- crc_table[i++] = t ^ CRCPOLY;
- }
- }
-
- puts ("static const u32 crc_table[256] = {");
- for (i=j=0; i < 256; i++)
- {
- printf ("%s 0x%08lx", j? "":" ", (unsigned long)crc_table[i]);
- if (i != 255)
- {
- putchar (',');
- if ( ++j > 5)
- {
- j = 0;
- putchar ('\n');
- }
- }
- }
- puts ("\n};");
- return 0;
- }
-*/
-#define CRCINIT 0xB704CE
-static const u32 crc_table[256] = {
- 0x00000000, 0x00864cfb, 0x018ad50d, 0x010c99f6, 0x0393e6e1, 0x0315aa1a,
- 0x021933ec, 0x029f7f17, 0x07a18139, 0x0727cdc2, 0x062b5434, 0x06ad18cf,
- 0x043267d8, 0x04b42b23, 0x05b8b2d5, 0x053efe2e, 0x0fc54e89, 0x0f430272,
- 0x0e4f9b84, 0x0ec9d77f, 0x0c56a868, 0x0cd0e493, 0x0ddc7d65, 0x0d5a319e,
- 0x0864cfb0, 0x08e2834b, 0x09ee1abd, 0x09685646, 0x0bf72951, 0x0b7165aa,
- 0x0a7dfc5c, 0x0afbb0a7, 0x1f0cd1e9, 0x1f8a9d12, 0x1e8604e4, 0x1e00481f,
- 0x1c9f3708, 0x1c197bf3, 0x1d15e205, 0x1d93aefe, 0x18ad50d0, 0x182b1c2b,
- 0x192785dd, 0x19a1c926, 0x1b3eb631, 0x1bb8faca, 0x1ab4633c, 0x1a322fc7,
- 0x10c99f60, 0x104fd39b, 0x11434a6d, 0x11c50696, 0x135a7981, 0x13dc357a,
- 0x12d0ac8c, 0x1256e077, 0x17681e59, 0x17ee52a2, 0x16e2cb54, 0x166487af,
- 0x14fbf8b8, 0x147db443, 0x15712db5, 0x15f7614e, 0x3e19a3d2, 0x3e9fef29,
- 0x3f9376df, 0x3f153a24, 0x3d8a4533, 0x3d0c09c8, 0x3c00903e, 0x3c86dcc5,
- 0x39b822eb, 0x393e6e10, 0x3832f7e6, 0x38b4bb1d, 0x3a2bc40a, 0x3aad88f1,
- 0x3ba11107, 0x3b275dfc, 0x31dced5b, 0x315aa1a0, 0x30563856, 0x30d074ad,
- 0x324f0bba, 0x32c94741, 0x33c5deb7, 0x3343924c, 0x367d6c62, 0x36fb2099,
- 0x37f7b96f, 0x3771f594, 0x35ee8a83, 0x3568c678, 0x34645f8e, 0x34e21375,
- 0x2115723b, 0x21933ec0, 0x209fa736, 0x2019ebcd, 0x228694da, 0x2200d821,
- 0x230c41d7, 0x238a0d2c, 0x26b4f302, 0x2632bff9, 0x273e260f, 0x27b86af4,
- 0x252715e3, 0x25a15918, 0x24adc0ee, 0x242b8c15, 0x2ed03cb2, 0x2e567049,
- 0x2f5ae9bf, 0x2fdca544, 0x2d43da53, 0x2dc596a8, 0x2cc90f5e, 0x2c4f43a5,
- 0x2971bd8b, 0x29f7f170, 0x28fb6886, 0x287d247d, 0x2ae25b6a, 0x2a641791,
- 0x2b688e67, 0x2beec29c, 0x7c3347a4, 0x7cb50b5f, 0x7db992a9, 0x7d3fde52,
- 0x7fa0a145, 0x7f26edbe, 0x7e2a7448, 0x7eac38b3, 0x7b92c69d, 0x7b148a66,
- 0x7a181390, 0x7a9e5f6b, 0x7801207c, 0x78876c87, 0x798bf571, 0x790db98a,
- 0x73f6092d, 0x737045d6, 0x727cdc20, 0x72fa90db, 0x7065efcc, 0x70e3a337,
- 0x71ef3ac1, 0x7169763a, 0x74578814, 0x74d1c4ef, 0x75dd5d19, 0x755b11e2,
- 0x77c46ef5, 0x7742220e, 0x764ebbf8, 0x76c8f703, 0x633f964d, 0x63b9dab6,
- 0x62b54340, 0x62330fbb, 0x60ac70ac, 0x602a3c57, 0x6126a5a1, 0x61a0e95a,
- 0x649e1774, 0x64185b8f, 0x6514c279, 0x65928e82, 0x670df195, 0x678bbd6e,
- 0x66872498, 0x66016863, 0x6cfad8c4, 0x6c7c943f, 0x6d700dc9, 0x6df64132,
- 0x6f693e25, 0x6fef72de, 0x6ee3eb28, 0x6e65a7d3, 0x6b5b59fd, 0x6bdd1506,
- 0x6ad18cf0, 0x6a57c00b, 0x68c8bf1c, 0x684ef3e7, 0x69426a11, 0x69c426ea,
- 0x422ae476, 0x42aca88d, 0x43a0317b, 0x43267d80, 0x41b90297, 0x413f4e6c,
- 0x4033d79a, 0x40b59b61, 0x458b654f, 0x450d29b4, 0x4401b042, 0x4487fcb9,
- 0x461883ae, 0x469ecf55, 0x479256a3, 0x47141a58, 0x4defaaff, 0x4d69e604,
- 0x4c657ff2, 0x4ce33309, 0x4e7c4c1e, 0x4efa00e5, 0x4ff69913, 0x4f70d5e8,
- 0x4a4e2bc6, 0x4ac8673d, 0x4bc4fecb, 0x4b42b230, 0x49ddcd27, 0x495b81dc,
- 0x4857182a, 0x48d154d1, 0x5d26359f, 0x5da07964, 0x5cace092, 0x5c2aac69,
- 0x5eb5d37e, 0x5e339f85, 0x5f3f0673, 0x5fb94a88, 0x5a87b4a6, 0x5a01f85d,
- 0x5b0d61ab, 0x5b8b2d50, 0x59145247, 0x59921ebc, 0x589e874a, 0x5818cbb1,
- 0x52e37b16, 0x526537ed, 0x5369ae1b, 0x53efe2e0, 0x51709df7, 0x51f6d10c,
- 0x50fa48fa, 0x507c0401, 0x5542fa2f, 0x55c4b6d4, 0x54c82f22, 0x544e63d9,
- 0x56d11cce, 0x56575035, 0x575bc9c3, 0x57dd8538
-};
-
-
-static gpg_error_t
-enc_start (struct b64state *state, FILE *fp, estream_t stream,
- const char *title)
-{
- memset (state, 0, sizeof *state);
- state->fp = fp;
- state->stream = stream;
- state->lasterr = 0;
- if (title && !*title)
- state->flags |= B64ENC_NO_LINEFEEDS;
- else if (title)
- {
- if (!strncmp (title, "PGP ", 4))
- {
- state->flags |= B64ENC_USE_PGPCRC;
- state->crc = CRCINIT;
- }
- state->title = xtrystrdup (title);
- if (!state->title)
- state->lasterr = gpg_error_from_syserror ();
- }
- return state->lasterr;
-}
-
-
-/* Prepare for base-64 writing to the stream FP. If TITLE is not NULL
- and not an empty string, this string will be used as the title for
- the armor lines, with TITLE being an empty string, we don't write
- the header lines and furthermore even don't write any linefeeds.
- If TITLE starts with "PGP " the OpenPGP CRC checksum will be
- written as well. With TITLE being NULL, we merely don't write
- header but make sure that lines are not too long. Note, that we
- don't write any output unless at least one byte get written using
- b64enc_write. */
-gpg_error_t
-b64enc_start (struct b64state *state, FILE *fp, const char *title)
-{
- return enc_start (state, fp, NULL, title);
-}
-
-/* Same as b64enc_start but takes an estream. */
-gpg_error_t
-b64enc_start_es (struct b64state *state, estream_t fp, const char *title)
-{
- return enc_start (state, NULL, fp, title);
-}
-
-
-static int
-my_fputs (const char *string, struct b64state *state)
-{
- if (state->stream)
- return es_fputs (string, state->stream);
- else
- return fputs (string, state->fp);
-}
-
-
-/* Write NBYTES from BUFFER to the Base 64 stream identified by
- STATE. With BUFFER and NBYTES being 0, merely do a fflush on the
- stream. */
-gpg_error_t
-b64enc_write (struct b64state *state, const void *buffer, size_t nbytes)
-{
- unsigned char radbuf[4];
- int idx, quad_count;
- const unsigned char *p;
-
- if (state->lasterr)
- return state->lasterr;
-
- if (!nbytes)
- {
- if (buffer)
- if (state->stream? es_fflush (state->stream) : fflush (state->fp))
- goto write_error;
- return 0;
- }
-
- if (!(state->flags & B64ENC_DID_HEADER))
- {
- if (state->title)
- {
- if ( my_fputs ("-----BEGIN ", state) == EOF
- || my_fputs (state->title, state) == EOF
- || my_fputs ("-----\n", state) == EOF)
- goto write_error;
- if ( (state->flags & B64ENC_USE_PGPCRC)
- && my_fputs ("\n", state) == EOF)
- goto write_error;
- }
-
- state->flags |= B64ENC_DID_HEADER;
- }
-
- idx = state->idx;
- quad_count = state->quad_count;
- assert (idx < 4);
- memcpy (radbuf, state->radbuf, idx);
-
- if ( (state->flags & B64ENC_USE_PGPCRC) )
- {
- size_t n;
- u32 crc = state->crc;
-
- for (p=buffer, n=nbytes; n; p++, n-- )
- crc = ((u32)crc << 8) ^ crc_table[((crc >> 16)&0xff) ^ *p];
- state->crc = (crc & 0x00ffffff);
- }
-
- for (p=buffer; nbytes; p++, nbytes--)
- {
- radbuf[idx++] = *p;
- if (idx > 2)
- {
- char tmp[4];
-
- tmp[0] = bintoasc[(*radbuf >> 2) & 077];
- tmp[1] = bintoasc[(((*radbuf<<4)&060)|((radbuf[1] >> 4)&017))&077];
- tmp[2] = bintoasc[(((radbuf[1]<<2)&074)|((radbuf[2]>>6)&03))&077];
- tmp[3] = bintoasc[radbuf[2]&077];
- if (state->stream)
- {
- for (idx=0; idx < 4; idx++)
- es_putc (tmp[idx], state->stream);
- idx = 0;
- if (es_ferror (state->stream))
- goto write_error;
- }
- else
- {
- for (idx=0; idx < 4; idx++)
- putc (tmp[idx], state->fp);
- idx = 0;
- if (ferror (state->fp))
- goto write_error;
- }
- if (++quad_count >= (64/4))
- {
- quad_count = 0;
- if (!(state->flags & B64ENC_NO_LINEFEEDS)
- && my_fputs ("\n", state) == EOF)
- goto write_error;
- }
- }
- }
- memcpy (state->radbuf, radbuf, idx);
- state->idx = idx;
- state->quad_count = quad_count;
- return 0;
-
- write_error:
- state->lasterr = gpg_error_from_syserror ();
- if (state->title)
- {
- xfree (state->title);
- state->title = NULL;
- }
- return state->lasterr;
-}
-
-
-gpg_error_t
-b64enc_finish (struct b64state *state)
-{
- gpg_error_t err = 0;
- unsigned char radbuf[4];
- int idx, quad_count;
- char tmp[4];
-
- if (state->lasterr)
- return state->lasterr;
-
- if (!(state->flags & B64ENC_DID_HEADER))
- goto cleanup;
-
- /* Flush the base64 encoding */
- idx = state->idx;
- quad_count = state->quad_count;
- assert (idx < 4);
- memcpy (radbuf, state->radbuf, idx);
-
- if (idx)
- {
- tmp[0] = bintoasc[(*radbuf>>2)&077];
- if (idx == 1)
- {
- tmp[1] = bintoasc[((*radbuf << 4) & 060) & 077];
- tmp[2] = '=';
- tmp[3] = '=';
- }
- else
- {
- tmp[1] = bintoasc[(((*radbuf<<4)&060)|((radbuf[1]>>4)&017))&077];
- tmp[2] = bintoasc[((radbuf[1] << 2) & 074) & 077];
- tmp[3] = '=';
- }
- if (state->stream)
- {
- for (idx=0; idx < 4; idx++)
- es_putc (tmp[idx], state->stream);
- if (es_ferror (state->stream))
- goto write_error;
- }
- else
- {
- for (idx=0; idx < 4; idx++)
- putc (tmp[idx], state->fp);
- if (ferror (state->fp))
- goto write_error;
- }
-
- if (++quad_count >= (64/4))
- {
- quad_count = 0;
- if (!(state->flags & B64ENC_NO_LINEFEEDS)
- && my_fputs ("\n", state) == EOF)
- goto write_error;
- }
- }
-
- /* Finish the last line and write the trailer. */
- if (quad_count
- && !(state->flags & B64ENC_NO_LINEFEEDS)
- && my_fputs ("\n", state) == EOF)
- goto write_error;
-
- if ( (state->flags & B64ENC_USE_PGPCRC) )
- {
- /* Write the CRC. */
- my_fputs ("=", state);
- radbuf[0] = state->crc >>16;
- radbuf[1] = state->crc >> 8;
- radbuf[2] = state->crc;
- tmp[0] = bintoasc[(*radbuf>>2)&077];
- tmp[1] = bintoasc[(((*radbuf<<4)&060)|((radbuf[1]>>4)&017))&077];
- tmp[2] = bintoasc[(((radbuf[1]<<2)&074)|((radbuf[2]>>6)&03))&077];
- tmp[3] = bintoasc[radbuf[2]&077];
- if (state->stream)
- {
- for (idx=0; idx < 4; idx++)
- es_putc (tmp[idx], state->stream);
- if (es_ferror (state->stream))
- goto write_error;
- }
- else
- {
- for (idx=0; idx < 4; idx++)
- putc (tmp[idx], state->fp);
- if (ferror (state->fp))
- goto write_error;
- }
- if (!(state->flags & B64ENC_NO_LINEFEEDS)
- && my_fputs ("\n", state) == EOF)
- goto write_error;
- }
-
- if (state->title)
- {
- if ( my_fputs ("-----END ", state) == EOF
- || my_fputs (state->title, state) == EOF
- || my_fputs ("-----\n", state) == EOF)
- goto write_error;
- }
-
- goto cleanup;
-
- write_error:
- err = gpg_error_from_syserror ();
-
- cleanup:
- if (state->title)
- {
- xfree (state->title);
- state->title = NULL;
- }
- state->fp = NULL;
- state->stream = NULL;
- state->lasterr = err;
- return err;
-}
diff --git a/common/dynload.h b/common/dynload.h
index 6ac7b4e17..af3906c81 100644
--- a/common/dynload.h
+++ b/common/dynload.h
@@ -34,12 +34,15 @@
#ifndef __MINGW32__
# include <dlfcn.h>
#else
-# include <errhandlingapi.h>
-# include <handleapi.h>
-# include <libloaderapi.h>
+# ifdef HAVE_WINSOCK2_H
+# include <winsock2.h>
+# endif
+# include <windows.h>
# include "utf8conv.h"
# include "mischelp.h"
-# define RTLD_LAZY 0
+# ifndef RTLD_LAZY
+# define RTLD_LAZY 0
+# endif
static inline void *
dlopen (const char *name, int flag)
diff --git a/common/exechelp-posix.c b/common/exechelp-posix.c
index fa613449d..7b20a3796 100644
--- a/common/exechelp-posix.c
+++ b/common/exechelp-posix.c
@@ -273,73 +273,6 @@ get_all_open_fds (void)
}
-/* The exec core used right after the fork. This will never return. */
-static void
-do_exec (const char *pgmname, const char *argv[],
- int fd_in, int fd_out, int fd_err,
- int *except, unsigned int flags)
-{
- char **arg_list;
- int i, j;
- int fds[3];
- int nodevnull[3];
-
- fds[0] = fd_in;
- fds[1] = fd_out;
- fds[2] = fd_err;
-
- nodevnull[0] = !!(flags & GNUPG_SPAWN_KEEP_STDIN);
- nodevnull[1] = !!(flags & GNUPG_SPAWN_KEEP_STDOUT);
- nodevnull[2] = !!(flags & GNUPG_SPAWN_KEEP_STDERR);
-
- /* Create the command line argument array. */
- i = 0;
- if (argv)
- while (argv[i])
- i++;
- arg_list = xcalloc (i+2, sizeof *arg_list);
- arg_list[0] = strrchr (pgmname, '/');
- if (arg_list[0])
- arg_list[0]++;
- else
- arg_list[0] = xstrdup (pgmname);
- if (argv)
- for (i=0,j=1; argv[i]; i++, j++)
- arg_list[j] = (char*)argv[i];
-
- /* Assign /dev/null to unused FDs. */
- for (i=0; i <= 2; i++)
- {
- if (nodevnull[i])
- continue;
- if (fds[i] == -1)
- {
- fds[i] = open ("/dev/null", i? O_WRONLY : O_RDONLY);
- if (fds[i] == -1)
- log_fatal ("failed to open '%s': %s\n",
- "/dev/null", strerror (errno));
- }
- }
-
- /* Connect the standard files. */
- for (i=0; i <= 2; i++)
- {
- if (nodevnull[i])
- continue;
- if (fds[i] != i && dup2 (fds[i], i) == -1)
- log_fatal ("dup2 std%s failed: %s\n",
- i==0?"in":i==1?"out":"err", strerror (errno));
- }
-
- /* Close all other files. */
- close_all_fds (3, except);
-
- execv (pgmname, arg_list);
- /* No way to print anything, as we have closed all streams. */
- _exit (127);
-}
-
-
static gpg_error_t
do_create_pipe (int filedes[2])
{
@@ -431,487 +364,669 @@ gnupg_close_pipe (int fd)
close (fd);
}
+#include <sys/socket.h>
-/* Fork and exec the PGMNAME, see exechelp.h for details. */
-gpg_error_t
-gnupg_spawn_process (const char *pgmname, const char *argv[],
- int *except, unsigned int flags,
- estream_t *r_infp,
- estream_t *r_outfp,
- estream_t *r_errfp,
- pid_t *pid)
-{
- gpg_error_t err;
- int inpipe[2] = {-1, -1};
- int outpipe[2] = {-1, -1};
- int errpipe[2] = {-1, -1};
- estream_t infp = NULL;
- estream_t outfp = NULL;
- estream_t errfp = NULL;
- int nonblock = !!(flags & GNUPG_SPAWN_NONBLOCK);
+struct gnupg_process {
+ const char *pgmname;
+ unsigned int terminated :1; /* or detached */
+ unsigned int flags;
+ pid_t pid;
+ int fd_in;
+ int fd_out;
+ int fd_err;
+ int wstatus;
+};
- if (r_infp)
- *r_infp = NULL;
- if (r_outfp)
- *r_outfp = NULL;
- if (r_errfp)
- *r_errfp = NULL;
- *pid = (pid_t)(-1); /* Always required. */
+static int gnupg_process_syscall_func_initialized;
- if (r_infp)
- {
- err = create_pipe_and_estream (inpipe, &infp, 1, nonblock);
- if (err)
- return err;
- }
+/* Functions called before and after blocking syscalls. */
+static void (*pre_syscall_func) (void);
+static void (*post_syscall_func) (void);
- if (r_outfp)
+static void
+check_syscall_func (void)
+{
+ if (!gnupg_process_syscall_func_initialized)
{
- err = create_pipe_and_estream (outpipe, &outfp, 0, nonblock);
- if (err)
- {
- if (infp)
- es_fclose (infp);
- else if (inpipe[1] != -1)
- close (inpipe[1]);
- if (inpipe[0] != -1)
- close (inpipe[0]);
-
- return err;
- }
+ gpgrt_get_syscall_clamp (&pre_syscall_func, &post_syscall_func);
+ gnupg_process_syscall_func_initialized = 1;
}
+}
- if (r_errfp)
- {
- err = create_pipe_and_estream (errpipe, &errfp, 0, nonblock);
- if (err)
- {
- if (infp)
- es_fclose (infp);
- else if (inpipe[1] != -1)
- close (inpipe[1]);
- if (inpipe[0] != -1)
- close (inpipe[0]);
-
- if (outfp)
- es_fclose (outfp);
- else if (outpipe[0] != -1)
- close (outpipe[0]);
- if (outpipe[1] != -1)
- close (outpipe[1]);
-
- return err;
- }
- }
+static void
+pre_syscall (void)
+{
+ if (pre_syscall_func)
+ pre_syscall_func ();
+}
+
+static void
+post_syscall (void)
+{
+ if (post_syscall_func)
+ post_syscall_func ();
+}
- *pid = fork ();
- if (*pid == (pid_t)(-1))
- {
- err = my_error_from_syserror ();
- log_error (_("error forking process: %s\n"), gpg_strerror (err));
-
- if (infp)
- es_fclose (infp);
- else if (inpipe[1] != -1)
- close (inpipe[1]);
- if (inpipe[0] != -1)
- close (inpipe[0]);
-
- if (outfp)
- es_fclose (outfp);
- else if (outpipe[0] != -1)
- close (outpipe[0]);
- if (outpipe[1] != -1)
- close (outpipe[1]);
-
- if (errfp)
- es_fclose (errfp);
- else if (errpipe[0] != -1)
- close (errpipe[0]);
- if (errpipe[1] != -1)
- close (errpipe[1]);
- return err;
- }
+static gpg_err_code_t
+do_create_socketpair (int filedes[2])
+{
+ gpg_error_t err = 0;
- if (!*pid)
+ pre_syscall ();
+ if (socketpair (AF_LOCAL, SOCK_STREAM, 0, filedes) == -1)
{
- /* This is the child. */
- gcry_control (GCRYCTL_TERM_SECMEM);
- es_fclose (infp);
- es_fclose (outfp);
- es_fclose (errfp);
- do_exec (pgmname, argv, inpipe[0], outpipe[1], errpipe[1],
- except, flags);
- /*NOTREACHED*/
+ err = gpg_err_code_from_syserror ();
+ filedes[0] = filedes[1] = -1;
}
+ post_syscall ();
- /* This is the parent. */
- if (inpipe[0] != -1)
- close (inpipe[0]);
- if (outpipe[1] != -1)
- close (outpipe[1]);
- if (errpipe[1] != -1)
- close (errpipe[1]);
+ return err;
+}
- if (r_infp)
- *r_infp = infp;
- if (r_outfp)
- *r_outfp = outfp;
- if (r_errfp)
- *r_errfp = errfp;
+static int
+posix_open_null (int for_write)
+{
+ int fd;
- return 0;
+ fd = open ("/dev/null", for_write? O_WRONLY : O_RDONLY);
+ if (fd == -1)
+ log_fatal ("failed to open '/dev/null': %s\n", strerror (errno));
+ return fd;
}
+static void
+call_spawn_cb (struct spawn_cb_arg *sca,
+ int fd_in, int fd_out, int fd_err,
+ void (*spawn_cb) (struct spawn_cb_arg *), void *spawn_cb_arg)
+{
+ sca->fds[0] = fd_in;
+ sca->fds[1] = fd_out;
+ sca->fds[2] = fd_err;
+ sca->except_fds = NULL;
+ sca->arg = spawn_cb_arg;
+ if (spawn_cb)
+ (*spawn_cb) (sca);
+}
+static void
+my_exec (const char *pgmname, const char *argv[], struct spawn_cb_arg *sca)
+{
+ int i;
-/* Simplified version of gnupg_spawn_process. This function forks and
- then execs PGMNAME, while connecting INFD to stdin, OUTFD to stdout
- and ERRFD to stderr (any of them may be -1 to connect them to
- /dev/null). The arguments for the process are expected in the NULL
- terminated array ARGV. The program name itself should not be
- included there. Calling gnupg_wait_process is required.
+ /* Assign /dev/null to unused FDs. */
+ for (i = 0; i <= 2; i++)
+ if (sca->fds[i] == -1)
+ sca->fds[i] = posix_open_null (i);
- Returns 0 on success or an error code. */
-gpg_error_t
-gnupg_spawn_process_fd (const char *pgmname, const char *argv[],
- int infd, int outfd, int errfd, pid_t *pid)
+ /* Connect the standard files. */
+ for (i = 0; i <= 2; i++)
+ if (sca->fds[i] != i)
+ {
+ if (dup2 (sca->fds[i], i) == -1)
+ log_fatal ("dup2 std%s failed: %s\n",
+ i==0?"in":i==1?"out":"err", strerror (errno));
+ /*
+ * We don't close sca.fds[i] here, but close them by
+ * close_all_fds. Note that there may be same one in three of
+ * sca->fds[i].
+ */
+ }
+
+ /* Close all other files. */
+ close_all_fds (3, sca->except_fds);
+
+ execv (pgmname, (char *const *)argv);
+ /* No way to print anything, as we have may have closed all streams. */
+ _exit (127);
+}
+
+static gpg_err_code_t
+spawn_detached (const char *pgmname, const char *argv[],
+ void (*spawn_cb) (struct spawn_cb_arg *), void *spawn_cb_arg)
{
- gpg_error_t err;
+ gpg_err_code_t ec;
+ pid_t pid;
- *pid = fork ();
- if (*pid == (pid_t)(-1))
+ /* FIXME: Is this GnuPG specific or should we keep it. */
+ if (getuid() != geteuid())
{
- err = my_error_from_syserror ();
- log_error (_("error forking process: %s\n"), strerror (errno));
- return err;
+ xfree (argv);
+ return GPG_ERR_BUG;
}
- if (!*pid)
+ if (access (pgmname, X_OK))
{
- gcry_control (GCRYCTL_TERM_SECMEM);
- /* Run child. */
- do_exec (pgmname, argv, infd, outfd, errfd, NULL, 0);
- /*NOTREACHED*/
+ ec = gpg_err_code_from_syserror ();
+ xfree (argv);
+ return ec;
}
- return 0;
-}
-
-
-
+ pre_syscall ();
+ pid = fork ();
+ post_syscall ();
+ if (pid == (pid_t)(-1))
+ {
+ ec = gpg_err_code_from_syserror ();
+ log_error (_("error forking process: %s\n"), gpg_strerror (ec));
+ xfree (argv);
+ return ec;
+ }
-/* Waiting for child processes.
+ if (!pid)
+ {
+ pid_t pid2;
+ struct spawn_cb_arg sca;
- waitpid(2) may return information about terminated children that we
- did not yet request, and there is no portable way to wait for a
- specific set of children.
+ if (setsid() == -1 || chdir ("/"))
+ _exit (1);
- As a workaround, we store the results of children for later use.
+ pid2 = fork (); /* Double fork to let init take over the new child. */
+ if (pid2 == (pid_t)(-1))
+ _exit (1);
+ if (pid2)
+ _exit (0); /* Let the parent exit immediately. */
- XXX: This assumes that PIDs are not reused too quickly. */
+ call_spawn_cb (&sca, -1, -1, -1, spawn_cb, spawn_cb_arg);
-struct terminated_child
-{
- pid_t pid;
- int exitcode;
- struct terminated_child *next;
-};
+ my_exec (pgmname, argv, &sca);
+ /*NOTREACHED*/
+ }
-struct terminated_child *terminated_children;
+ pre_syscall ();
+ if (waitpid (pid, NULL, 0) == -1)
+ {
+ post_syscall ();
+ ec = gpg_err_code_from_syserror ();
+ log_error ("waitpid failed in gpgrt_spawn_process_detached: %s",
+ gpg_strerror (ec));
+ return ec;
+ }
+ else
+ post_syscall ();
+ return 0;
+}
-static gpg_error_t
-store_result (pid_t pid, int exitcode)
+void
+gnupg_spawn_helper (struct spawn_cb_arg *sca)
{
- struct terminated_child *c;
+ int *user_except = sca->arg;
+ sca->except_fds = user_except;
+}
- c = xtrymalloc (sizeof *c);
- if (c == NULL)
- return gpg_err_code_from_syserror ();
+gpg_err_code_t
+gnupg_process_spawn (const char *pgmname, const char *argv1[],
+ unsigned int flags,
+ void (*spawn_cb) (struct spawn_cb_arg *),
+ void *spawn_cb_arg,
+ gnupg_process_t *r_process)
+{
+ gpg_err_code_t ec;
+ gnupg_process_t process;
+ int fd_in[2];
+ int fd_out[2];
+ int fd_err[2];
+ pid_t pid;
+ const char **argv;
+ int i, j;
- c->pid = pid;
- c->exitcode = exitcode;
- c->next = terminated_children;
- terminated_children = c;
+ check_syscall_func ();
- return 0;
-}
+ if (r_process)
+ *r_process = NULL;
+ /* Create the command line argument array. */
+ i = 0;
+ if (argv1)
+ while (argv1[i])
+ i++;
+ argv = xtrycalloc (i+2, sizeof *argv);
+ if (!argv)
+ return gpg_err_code_from_syserror ();
+ argv[0] = strrchr (pgmname, '/');
+ if (argv[0])
+ argv[0]++;
+ else
+ argv[0] = pgmname;
-static int
-get_result (pid_t pid, int *r_exitcode)
-{
- struct terminated_child *c, **prevp;
+ if (argv1)
+ for (i=0, j=1; argv1[i]; i++, j++)
+ argv[j] = argv1[i];
- for (prevp = &terminated_children, c = terminated_children;
- c;
- prevp = &c->next, c = c->next)
- if (c->pid == pid)
- {
- *prevp = c->next;
- *r_exitcode = c->exitcode;
- xfree (c);
- return 1;
- }
+ if ((flags & GNUPG_PROCESS_DETACHED))
+ {
+ if ((flags & GNUPG_PROCESS_STDFDS_SETTING))
+ {
+ xfree (argv);
+ return GPG_ERR_INV_FLAG;
+ }
- return 0;
-}
+ /* In detached case, it must be no R_PROCESS. */
+ if (r_process)
+ {
+ xfree (argv);
+ return GPG_ERR_INV_ARG;
+ }
+ return spawn_detached (pgmname, argv, spawn_cb, spawn_cb_arg);
+ }
-/* See exechelp.h for a description. */
-gpg_error_t
-gnupg_wait_process (const char *pgmname, pid_t pid, int hang, int *r_exitcode)
-{
- gpg_err_code_t ec;
- int i, status;
+ process = xtrycalloc (1, sizeof (struct gnupg_process));
+ if (process == NULL)
+ {
+ xfree (argv);
+ return gpg_err_code_from_syserror ();
+ }
- if (r_exitcode)
- *r_exitcode = -1;
+ process->pgmname = pgmname;
+ process->flags = flags;
- if (pid == (pid_t)(-1))
- return gpg_error (GPG_ERR_INV_VALUE);
+ if ((flags & GNUPG_PROCESS_STDINOUT_SOCKETPAIR))
+ {
+ ec = do_create_socketpair (fd_in);
+ if (ec)
+ {
+ xfree (process);
+ xfree (argv);
+ return ec;
+ }
+ fd_out[0] = dup (fd_in[0]);
+ fd_out[1] = dup (fd_in[1]);
+ }
+ else
+ {
+ if ((flags & GNUPG_PROCESS_STDIN_PIPE))
+ {
+ ec = do_create_pipe (fd_in);
+ if (ec)
+ {
+ xfree (process);
+ xfree (argv);
+ return ec;
+ }
+ }
+ else if ((flags & GNUPG_PROCESS_STDIN_KEEP))
+ {
+ fd_in[0] = 0;
+ fd_in[1] = -1;
+ }
+ else
+ {
+ fd_in[0] = -1;
+ fd_in[1] = -1;
+ }
-#ifdef USE_NPTH
- i = npth_waitpid (pid, &status, hang? 0:WNOHANG);
-#else
- while ((i=waitpid (pid, &status, hang? 0:WNOHANG)) == (pid_t)(-1)
- && errno == EINTR);
-#endif
+ if ((flags & GNUPG_PROCESS_STDOUT_PIPE))
+ {
+ ec = do_create_pipe (fd_out);
+ if (ec)
+ {
+ if (fd_in[0] >= 0 && fd_in[0] != 0)
+ close (fd_in[0]);
+ if (fd_in[1] >= 0)
+ close (fd_in[1]);
+ xfree (process);
+ xfree (argv);
+ return ec;
+ }
+ }
+ else if ((flags & GNUPG_PROCESS_STDOUT_KEEP))
+ {
+ fd_out[0] = -1;
+ fd_out[1] = 1;
+ }
+ else
+ {
+ fd_out[0] = -1;
+ fd_out[1] = -1;
+ }
+ }
- if (i == (pid_t)(-1))
+ if ((flags & GNUPG_PROCESS_STDERR_PIPE))
{
- ec = gpg_err_code_from_errno (errno);
- log_error (_("waiting for process %d to terminate failed: %s\n"),
- (int)pid, strerror (errno));
+ ec = do_create_pipe (fd_err);
+ if (ec)
+ {
+ if (fd_in[0] >= 0 && fd_in[0] != 0)
+ close (fd_in[0]);
+ if (fd_in[1] >= 0)
+ close (fd_in[1]);
+ if (fd_out[0] >= 0)
+ close (fd_out[0]);
+ if (fd_out[1] >= 0 && fd_out[1] != 1)
+ close (fd_out[1]);
+ xfree (process);
+ xfree (argv);
+ return ec;
+ }
}
- else if (!i)
+ else if ((flags & GNUPG_PROCESS_STDERR_KEEP))
{
- ec = GPG_ERR_TIMEOUT; /* Still running. */
+ fd_err[0] = -1;
+ fd_err[1] = 2;
}
- else if (WIFEXITED (status) && WEXITSTATUS (status) == 127)
+ else
{
- log_error (_("error running '%s': probably not installed\n"), pgmname);
- ec = GPG_ERR_CONFIGURATION;
+ fd_err[0] = -1;
+ fd_err[1] = -1;
}
- else if (WIFEXITED (status) && WEXITSTATUS (status))
+
+ pre_syscall ();
+ pid = fork ();
+ post_syscall ();
+ if (pid == (pid_t)(-1))
{
- if (!r_exitcode)
- log_error (_("error running '%s': exit status %d\n"), pgmname,
- WEXITSTATUS (status));
- else
- *r_exitcode = WEXITSTATUS (status);
- ec = GPG_ERR_GENERAL;
+ ec = gpg_err_code_from_syserror ();
+ log_error (_("error forking process: %s\n"), gpg_strerror (ec));
+ if (fd_in[0] >= 0 && fd_in[0] != 0)
+ close (fd_in[0]);
+ if (fd_in[1] >= 0)
+ close (fd_in[1]);
+ if (fd_out[0] >= 0)
+ close (fd_out[0]);
+ if (fd_out[1] >= 0 && fd_out[1] != 1)
+ close (fd_out[1]);
+ if (fd_err[0] >= 0)
+ close (fd_err[0]);
+ if (fd_err[1] >= 0 && fd_err[1] != 2)
+ close (fd_err[1]);
+ xfree (process);
+ xfree (argv);
+ return ec;
}
- else if (!WIFEXITED (status))
+
+ if (!pid)
{
- log_error (_("error running '%s': terminated\n"), pgmname);
- ec = GPG_ERR_GENERAL;
+ struct spawn_cb_arg sca;
+
+ if (fd_in[1] >= 0)
+ close (fd_in[1]);
+ if (fd_out[0] >= 0)
+ close (fd_out[0]);
+ if (fd_err[0] >= 0)
+ close (fd_err[0]);
+
+ call_spawn_cb (&sca, fd_in[0], fd_out[1], fd_err[1],
+ spawn_cb, spawn_cb_arg);
+
+ /* Run child. */
+ my_exec (pgmname, argv, &sca);
+ /*NOTREACHED*/
}
- else
+
+ xfree (argv);
+ process->pid = pid;
+
+ if (fd_in[0] >= 0 && fd_in[0] != 0)
+ close (fd_in[0]);
+ if (fd_out[1] >= 0 && fd_out[1] != 1)
+ close (fd_out[1]);
+ if (fd_err[1] >= 0 && fd_err[1] != 2)
+ close (fd_err[1]);
+ process->fd_in = fd_in[1];
+ process->fd_out = fd_out[0];
+ process->fd_err = fd_err[0];
+ process->wstatus = -1;
+ process->terminated = 0;
+
+ if (r_process == NULL)
{
- if (r_exitcode)
- *r_exitcode = 0;
- ec = 0;
+ ec = gnupg_process_wait (process, 1);
+ gnupg_process_release (process);
+ return ec;
}
- return gpg_err_make (GPG_ERR_SOURCE_DEFAULT, ec);
+ *r_process = process;
+ return 0;
}
-/* See exechelp.h for a description. */
-gpg_error_t
-gnupg_wait_processes (const char **pgmnames, pid_t *pids, size_t count,
- int hang, int *r_exitcodes)
+static gpg_err_code_t
+process_kill (gnupg_process_t process, int sig)
{
gpg_err_code_t ec = 0;
- size_t i, left;
- int *dummy = NULL;
+ pid_t pid = process->pid;
- if (r_exitcodes == NULL)
+ pre_syscall ();
+ if (kill (pid, sig) < 0)
+ ec = gpg_err_code_from_syserror ();
+ post_syscall ();
+ return ec;
+}
+
+gpg_err_code_t
+gnupg_process_terminate (gnupg_process_t process)
+{
+ return process_kill (process, SIGTERM);
+}
+
+gpg_err_code_t
+gnupg_process_get_fds (gnupg_process_t process, unsigned int flags,
+ int *r_fd_in, int *r_fd_out, int *r_fd_err)
+{
+ (void)flags;
+ if (r_fd_in)
{
- dummy = r_exitcodes = xtrymalloc (sizeof *r_exitcodes * count);
- if (dummy == NULL)
- return gpg_err_code_from_syserror ();
+ *r_fd_in = process->fd_in;
+ process->fd_in = -1;
}
-
- for (i = 0, left = count; i < count; i++)
+ if (r_fd_out)
{
- int status = -1;
+ *r_fd_out = process->fd_out;
+ process->fd_out = -1;
+ }
+ if (r_fd_err)
+ {
+ *r_fd_err = process->fd_err;
+ process->fd_err = -1;
+ }
- /* Skip invalid PID. */
- if (pids[i] == (pid_t)(-1))
- {
- r_exitcodes[i] = -1;
- left -= 1;
- continue;
- }
+ return 0;
+}
- /* See if there was a previously stored result for this pid. */
- if (get_result (pids[i], &status))
- left -= 1;
+gpg_err_code_t
+gnupg_process_get_streams (gnupg_process_t process, unsigned int flags,
+ gpgrt_stream_t *r_fp_in, gpgrt_stream_t *r_fp_out,
+ gpgrt_stream_t *r_fp_err)
+{
+ int nonblock = (flags & GNUPG_PROCESS_STREAM_NONBLOCK)? 1: 0;
- r_exitcodes[i] = status;
+ if (r_fp_in)
+ {
+ *r_fp_in = es_fdopen (process->fd_in, nonblock? "w,nonblock" : "w");
+ process->fd_in = -1;
+ }
+ if (r_fp_out)
+ {
+ *r_fp_out = es_fdopen (process->fd_out, nonblock? "r,nonblock" : "r");
+ process->fd_out = -1;
+ }
+ if (r_fp_err)
+ {
+ *r_fp_err = es_fdopen (process->fd_err, nonblock? "r,nonblock" : "r");
+ process->fd_err = -1;
}
+ return 0;
+}
- while (left > 0)
+static gpg_err_code_t
+process_vctl (gnupg_process_t process, unsigned int request, va_list arg_ptr)
+{
+ switch (request)
{
- pid_t pid;
- int status;
+ case GNUPG_PROCESS_NOP:
+ return 0;
-#ifdef USE_NPTH
- pid = npth_waitpid (-1, &status, hang ? 0 : WNOHANG);
-#else
- while ((pid = waitpid (-1, &status, hang ? 0 : WNOHANG)) == (pid_t)(-1)
- && errno == EINTR);
-#endif
+ case GNUPG_PROCESS_GET_PROC_ID:
+ {
+ int *r_id = va_arg (arg_ptr, int *);
- if (pid == (pid_t)(-1))
- {
- ec = gpg_err_code_from_errno (errno);
- log_error (_("waiting for processes to terminate failed: %s\n"),
- strerror (errno));
- break;
- }
- else if (!pid)
- {
- ec = GPG_ERR_TIMEOUT; /* Still running. */
- break;
- }
- else
- {
- for (i = 0; i < count; i++)
- if (pid == pids[i])
- break;
+ if (r_id == NULL)
+ return GPG_ERR_INV_VALUE;
- if (i == count)
- {
- /* No match, store this result. */
- ec = store_result (pid, status);
- if (ec)
- break;
- continue;
- }
+ *r_id = (int)process->pid;
+ return 0;
+ }
- /* Process PIDS[i] died. */
- if (r_exitcodes[i] != (pid_t) -1)
- {
- log_error ("PID %d was reused", pid);
- ec = GPG_ERR_GENERAL;
- break;
- }
+ case GNUPG_PROCESS_GET_EXIT_ID:
+ {
+ int status = process->wstatus;
+ int *r_exit_status = va_arg (arg_ptr, int *);
- left -= 1;
- r_exitcodes[i] = status;
- }
- }
+ if (!process->terminated)
+ return GPG_ERR_UNFINISHED;
- for (i = 0; i < count; i++)
- {
- if (r_exitcodes[i] == -1)
- continue;
+ if (WIFEXITED (status))
+ {
+ if (r_exit_status)
+ *r_exit_status = WEXITSTATUS (status);
+ }
+ else
+ *r_exit_status = -1;
- if (WIFEXITED (r_exitcodes[i]) && WEXITSTATUS (r_exitcodes[i]) == 127)
- {
- log_error (_("error running '%s': probably not installed\n"),
- pgmnames[i]);
- ec = GPG_ERR_CONFIGURATION;
- }
- else if (WIFEXITED (r_exitcodes[i]) && WEXITSTATUS (r_exitcodes[i]))
- {
- if (dummy)
- log_error (_("error running '%s': exit status %d\n"),
- pgmnames[i], WEXITSTATUS (r_exitcodes[i]));
- else
- r_exitcodes[i] = WEXITSTATUS (r_exitcodes[i]);
- ec = GPG_ERR_GENERAL;
- }
- else if (!WIFEXITED (r_exitcodes[i]))
- {
- log_error (_("error running '%s': terminated\n"), pgmnames[i]);
- ec = GPG_ERR_GENERAL;
- }
+ return 0;
+ }
+
+ case GNUPG_PROCESS_GET_PID:
+ {
+ pid_t *r_pid = va_arg (arg_ptr, pid_t *);
+
+ if (r_pid == NULL)
+ return GPG_ERR_INV_VALUE;
+
+ *r_pid = process->pid;
+ return 0;
+ }
+
+ case GNUPG_PROCESS_GET_WSTATUS:
+ {
+ int status = process->wstatus;
+ int *r_if_exited = va_arg (arg_ptr, int *);
+ int *r_if_signaled = va_arg (arg_ptr, int *);
+ int *r_exit_status = va_arg (arg_ptr, int *);
+ int *r_termsig = va_arg (arg_ptr, int *);
+
+ if (!process->terminated)
+ return GPG_ERR_UNFINISHED;
+
+ if (WIFEXITED (status))
+ {
+ if (r_if_exited)
+ *r_if_exited = 1;
+ if (r_if_signaled)
+ *r_if_signaled = 0;
+ if (r_exit_status)
+ *r_exit_status = WEXITSTATUS (status);
+ if (r_termsig)
+ *r_termsig = 0;
+ }
+ else if (WIFSIGNALED (status))
+ {
+ if (r_if_exited)
+ *r_if_exited = 0;
+ if (r_if_signaled)
+ *r_if_signaled = 1;
+ if (r_exit_status)
+ *r_exit_status = 0;
+ if (r_termsig)
+ *r_termsig = WTERMSIG (status);
+ }
+
+ return 0;
+ }
+
+ case GNUPG_PROCESS_KILL:
+ {
+ int sig = va_arg (arg_ptr, int);
+
+ return process_kill (process, sig);
+ }
+
+ default:
+ break;
}
- xfree (dummy);
- return gpg_err_make (GPG_ERR_SOURCE_DEFAULT, ec);
+ return GPG_ERR_UNKNOWN_COMMAND;
}
-
-
-void
-gnupg_release_process (pid_t pid)
+gpg_err_code_t
+gnupg_process_ctl (gnupg_process_t process, unsigned int request, ...)
{
- (void)pid;
-}
+ va_list arg_ptr;
+ gpg_err_code_t ec;
+ va_start (arg_ptr, request);
+ ec = process_vctl (process, request, arg_ptr);
+ va_end (arg_ptr);
+ return ec;
+}
-/* Spawn a new process and immediately detach from it. The name of
- the program to exec is PGMNAME and its arguments are in ARGV (the
- programname is automatically passed as first argument).
- Environment strings in ENVP are set. An error is returned if
- pgmname is not executable; to make this work it is necessary to
- provide an absolute file name. All standard file descriptors are
- connected to /dev/null. */
-gpg_error_t
-gnupg_spawn_process_detached (const char *pgmname, const char *argv[],
- const char *envp[] )
+gpg_err_code_t
+gnupg_process_wait (gnupg_process_t process, int hang)
{
gpg_err_code_t ec;
+ int status;
pid_t pid;
- int i;
- if (getuid() != geteuid())
- return my_error (GPG_ERR_BUG);
+ if (process->terminated)
+ /* Already terminated. */
+ return 0;
- if ((ec = gnupg_access (pgmname, X_OK)))
- return gpg_err_make (default_errsource, ec);
+ pre_syscall ();
+ while ((pid = waitpid (process->pid, &status, hang? 0: WNOHANG))
+ == (pid_t)(-1) && errno == EINTR);
+ post_syscall ();
- pid = fork ();
if (pid == (pid_t)(-1))
{
- log_error (_("error forking process: %s\n"), strerror (errno));
- return my_error_from_syserror ();
+ ec = gpg_err_code_from_syserror ();
+ log_error (_("waiting for process %d to terminate failed: %s\n"),
+ (int)pid, gpg_strerror (ec));
}
- if (!pid)
+ else if (!pid)
{
- pid_t pid2;
-
- gcry_control (GCRYCTL_TERM_SECMEM);
- if (setsid() == -1 || chdir ("/"))
- _exit (1);
-
- pid2 = fork (); /* Double fork to let init take over the new child. */
- if (pid2 == (pid_t)(-1))
- _exit (1);
- if (pid2)
- _exit (0); /* Let the parent exit immediately. */
+ ec = GPG_ERR_TIMEOUT; /* Still running. */
+ }
+ else
+ {
+ process->terminated = 1;
+ process->wstatus = status;
+ ec = 0;
+ }
- if (envp)
- for (i=0; envp[i]; i++)
- putenv (xstrdup (envp[i]));
+ return ec;
+}
- do_exec (pgmname, argv, -1, -1, -1, NULL, 0);
+void
+gnupg_process_release (gnupg_process_t process)
+{
+ if (!process)
+ return;
- /*NOTREACHED*/
+ if (process->terminated)
+ {
+ gnupg_process_terminate (process);
+ gnupg_process_wait (process, 1);
}
- if (waitpid (pid, NULL, 0) == -1)
- log_error ("waitpid failed in gnupg_spawn_process_detached: %s",
- strerror (errno));
-
- return 0;
+ xfree (process);
}
-
-/* Kill a process; that is send an appropriate signal to the process.
- gnupg_wait_process must be called to actually remove the process
- from the system. An invalid PID is ignored. */
-void
-gnupg_kill_process (pid_t pid)
+gpg_err_code_t
+gnupg_process_wait_list (gnupg_process_t *process_list, int count, int hang)
{
- if (pid != (pid_t)(-1))
+ gpg_err_code_t ec = 0;
+ int i;
+
+ for (i = 0; i < count; i++)
{
- kill (pid, SIGTERM);
+ if (process_list[i]->terminated)
+ continue;
+
+ ec = gnupg_process_wait (process_list[i], hang);
+ if (ec)
+ break;
}
+
+ return ec;
}
diff --git a/common/exechelp-w32.c b/common/exechelp-w32.c
index 2093f0d8b..08290e442 100644
--- a/common/exechelp-w32.c
+++ b/common/exechelp-w32.c
@@ -33,6 +33,8 @@
#if !defined(HAVE_W32_SYSTEM)
#error This code is only used on W32.
+#else
+#define _WIN32_WINNT 0x600
#endif
#include <stdio.h>
@@ -63,9 +65,11 @@
#include "util.h"
#include "i18n.h"
#include "sysutils.h"
+#define NEED_STRUCT_SPAWN_CB_ARG
#include "exechelp.h"
#include <windows.h>
+#include <processthreadsapi.h>
/* Define to 1 do enable debugging. */
#define DEBUG_W32_SPAWN 0
@@ -405,143 +409,147 @@ gnupg_close_pipe (int fd)
if (fd != -1)
close (fd);
}
+
+struct gnupg_process {
+ const char *pgmname;
+ unsigned int terminated :1; /* or detached */
+ unsigned int flags;
+ HANDLE hProcess;
+ HANDLE hd_in;
+ HANDLE hd_out;
+ HANDLE hd_err;
+ int exitcode;
+};
+
+static int gnupg_process_syscall_func_initialized;
+
+/* Functions called before and after blocking syscalls. */
+static void (*pre_syscall_func) (void);
+static void (*post_syscall_func) (void);
+
+static void
+check_syscall_func (void)
+{
+ if (!gnupg_process_syscall_func_initialized)
+ {
+ gpgrt_get_syscall_clamp (&pre_syscall_func, &post_syscall_func);
+ gnupg_process_syscall_func_initialized = 1;
+ }
+}
-/* Fork and exec the PGMNAME, see exechelp.h for details. */
-gpg_error_t
-gnupg_spawn_process (const char *pgmname, const char *argv[],
- int *except, unsigned int flags,
- estream_t *r_infp,
- estream_t *r_outfp,
- estream_t *r_errfp,
- pid_t *pid)
+static void
+pre_syscall (void)
{
- gpg_error_t err;
- SECURITY_ATTRIBUTES sec_attr;
- PROCESS_INFORMATION pi =
- {
- NULL, /* Returns process handle. */
- 0, /* Returns primary thread handle. */
- 0, /* Returns pid. */
- 0 /* Returns tid. */
- };
- STARTUPINFOW si;
- int cr_flags;
- char *cmdline;
- wchar_t *wcmdline = NULL;
- wchar_t *wpgmname = NULL;
- HANDLE inpipe[2] = {INVALID_HANDLE_VALUE, INVALID_HANDLE_VALUE};
- HANDLE outpipe[2] = {INVALID_HANDLE_VALUE, INVALID_HANDLE_VALUE};
- HANDLE errpipe[2] = {INVALID_HANDLE_VALUE, INVALID_HANDLE_VALUE};
- estream_t infp = NULL;
- estream_t outfp = NULL;
- estream_t errfp = NULL;
- HANDLE nullhd[3] = {INVALID_HANDLE_VALUE,
- INVALID_HANDLE_VALUE,
- INVALID_HANDLE_VALUE};
- int i, rc;
- es_syshd_t syshd;
- gpg_err_source_t errsource = default_errsource;
- int nonblock = !!(flags & GNUPG_SPAWN_NONBLOCK);
+ if (pre_syscall_func)
+ pre_syscall_func ();
+}
+
- (void)except; /* Not yet used. */
+static void
+post_syscall (void)
+{
+ if (post_syscall_func)
+ post_syscall_func ();
+}
- if (r_infp)
- *r_infp = NULL;
- if (r_outfp)
- *r_outfp = NULL;
- if (r_errfp)
- *r_errfp = NULL;
- *pid = (pid_t)(-1); /* Always required. */
- if (r_infp)
+/*
+ * Check if STARTUPINFOEXW supports PROC_THREAD_ATTRIBUTE_HANDLE_LIST.
+ */
+static int
+check_windows_version (void)
+{
+ static int is_vista_or_later = -1;
+
+ OSVERSIONINFO osvi;
+
+ if (is_vista_or_later == -1)
{
- if (create_inheritable_pipe (inpipe, INHERIT_READ))
- {
- err = gpg_err_make (errsource, GPG_ERR_GENERAL);
- log_error (_("error creating a pipe: %s\n"), gpg_strerror (err));
- return err;
- }
+ memset (&osvi,0,sizeof(osvi));
+ osvi.dwOSVersionInfoSize = sizeof(osvi);
+ GetVersionEx (&osvi);
- syshd.type = ES_SYSHD_HANDLE;
- syshd.u.handle = inpipe[1];
- infp = es_sysopen (&syshd, nonblock? "w,nonblock" : "w");
- if (!infp)
- {
- err = gpg_err_make (errsource, gpg_err_code_from_syserror ());
- log_error (_("error creating a stream for a pipe: %s\n"),
- gpg_strerror (err));
- CloseHandle (inpipe[0]);
- CloseHandle (inpipe[1]);
- inpipe[0] = inpipe[1] = INVALID_HANDLE_VALUE;
- return err;
- }
+ /* The feature is available on Vista or later. */
+ is_vista_or_later = (osvi.dwMajorVersion >= 6);
}
- if (r_outfp)
- {
- if (create_inheritable_pipe (outpipe, INHERIT_WRITE))
- {
- err = gpg_err_make (errsource, GPG_ERR_GENERAL);
- log_error (_("error creating a pipe: %s\n"), gpg_strerror (err));
- return err;
- }
+ return is_vista_or_later;
+}
- syshd.type = ES_SYSHD_HANDLE;
- syshd.u.handle = outpipe[0];
- outfp = es_sysopen (&syshd, nonblock? "r,nonblock" : "r");
- if (!outfp)
- {
- err = gpg_err_make (errsource, gpg_err_code_from_syserror ());
- log_error (_("error creating a stream for a pipe: %s\n"),
- gpg_strerror (err));
- CloseHandle (outpipe[0]);
- CloseHandle (outpipe[1]);
- outpipe[0] = outpipe[1] = INVALID_HANDLE_VALUE;
- if (infp)
- es_fclose (infp);
- else if (inpipe[1] != INVALID_HANDLE_VALUE)
- CloseHandle (inpipe[1]);
- if (inpipe[0] != INVALID_HANDLE_VALUE)
- CloseHandle (inpipe[0]);
- return err;
- }
+
+static gpg_err_code_t
+spawn_detached (const char *pgmname, char *cmdline,
+ void (*spawn_cb) (struct spawn_cb_arg *), void *spawn_cb_arg)
+{
+ SECURITY_ATTRIBUTES sec_attr;
+ PROCESS_INFORMATION pi = { NULL, 0, 0, 0 };
+ STARTUPINFOEXW si;
+ int cr_flags;
+ wchar_t *wcmdline = NULL;
+ wchar_t *wpgmname = NULL;
+ gpg_err_code_t ec;
+ int ret;
+ struct spawn_cb_arg sca;
+ BOOL ask_inherit = FALSE;
+
+ ec = gnupg_access (pgmname, X_OK);
+ if (ec)
+ {
+ xfree (cmdline);
+ return ec;
}
- if (r_errfp)
+ memset (&si, 0, sizeof si);
+
+ sca.allow_foreground_window = FALSE;
+ sca.hd[0] = INVALID_HANDLE_VALUE;
+ sca.hd[1] = INVALID_HANDLE_VALUE;
+ sca.hd[2] = INVALID_HANDLE_VALUE;
+ sca.inherit_hds = NULL;
+ sca.arg = spawn_cb_arg;
+ if (spawn_cb)
+ (*spawn_cb) (&sca);
+
+ if (sca.inherit_hds)
{
- if (create_inheritable_pipe (errpipe, INHERIT_WRITE))
- {
- err = gpg_err_make (errsource, GPG_ERR_GENERAL);
- log_error (_("error creating a pipe: %s\n"), gpg_strerror (err));
- return err;
- }
+ SIZE_T attr_list_size = 0;
+ HANDLE hd[16];
+ HANDLE *hd_p = sca.inherit_hds;
+ int j = 0;
- syshd.type = ES_SYSHD_HANDLE;
- syshd.u.handle = errpipe[0];
- errfp = es_sysopen (&syshd, nonblock? "r,nonblock" : "r");
- if (!errfp)
+ if (hd_p)
{
- err = gpg_err_make (errsource, gpg_err_code_from_syserror ());
- log_error (_("error creating a stream for a pipe: %s\n"),
- gpg_strerror (err));
- CloseHandle (errpipe[0]);
- CloseHandle (errpipe[1]);
- errpipe[0] = errpipe[1] = INVALID_HANDLE_VALUE;
- if (outfp)
- es_fclose (outfp);
- else if (outpipe[0] != INVALID_HANDLE_VALUE)
- CloseHandle (outpipe[0]);
- if (outpipe[1] != INVALID_HANDLE_VALUE)
- CloseHandle (outpipe[1]);
- if (infp)
- es_fclose (infp);
- else if (inpipe[1] != INVALID_HANDLE_VALUE)
- CloseHandle (inpipe[1]);
- if (inpipe[0] != INVALID_HANDLE_VALUE)
- CloseHandle (inpipe[0]);
- return err;
+ while (*hd_p != INVALID_HANDLE_VALUE)
+ if (j < DIM (hd))
+ hd[j++] = *hd_p++;
+ else
+ {
+ log_error ("Too much handles\n");
+ break;
+ }
}
+
+ if (j)
+ {
+ if (check_windows_version ())
+ {
+ InitializeProcThreadAttributeList (NULL, 1, 0, &attr_list_size);
+ si.lpAttributeList = xtrymalloc (attr_list_size);
+ if (si.lpAttributeList == NULL)
+ {
+ xfree (cmdline);
+ return gpg_err_code_from_syserror ();
+ }
+ InitializeProcThreadAttributeList (si.lpAttributeList, 1, 0,
+ &attr_list_size);
+ UpdateProcThreadAttribute (si.lpAttributeList, 0,
+ PROC_THREAD_ATTRIBUTE_HANDLE_LIST,
+ hd, sizeof (HANDLE) * j, NULL, NULL);
+ }
+
+ ask_inherit = TRUE;
+ }
}
/* Prepare security attributes. */
@@ -549,502 +557,683 @@ gnupg_spawn_process (const char *pgmname, const char *argv[],
sec_attr.nLength = sizeof sec_attr;
sec_attr.bInheritHandle = FALSE;
- /* Build the command line. */
- err = build_w32_commandline (pgmname, argv, &cmdline);
- if (err)
- return err;
-
- if (inpipe[0] == INVALID_HANDLE_VALUE)
- nullhd[0] = ((flags & GNUPG_SPAWN_KEEP_STDIN)?
- GetStdHandle (STD_INPUT_HANDLE) : w32_open_null (0));
- if (outpipe[1] == INVALID_HANDLE_VALUE)
- nullhd[1] = ((flags & GNUPG_SPAWN_KEEP_STDOUT)?
- GetStdHandle (STD_OUTPUT_HANDLE) : w32_open_null (1));
- if (errpipe[1] == INVALID_HANDLE_VALUE)
- nullhd[2] = ((flags & GNUPG_SPAWN_KEEP_STDERR)?
- GetStdHandle (STD_ERROR_HANDLE) : w32_open_null (1));
-
- memset (&si, 0, sizeof si);
- si.cb = sizeof (si);
- si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW;
- si.wShowWindow = DEBUG_W32_SPAWN? SW_SHOW : SW_HIDE;
- si.hStdInput = inpipe[0] == INVALID_HANDLE_VALUE? nullhd[0] : inpipe[0];
- si.hStdOutput = outpipe[1] == INVALID_HANDLE_VALUE? nullhd[1] : outpipe[1];
- si.hStdError = errpipe[1] == INVALID_HANDLE_VALUE? nullhd[2] : errpipe[1];
+ /* Start the process. */
+ si.StartupInfo.cb = sizeof (si);
+ si.StartupInfo.dwFlags = STARTF_USESHOWWINDOW;
+ si.StartupInfo.wShowWindow = DEBUG_W32_SPAWN? SW_SHOW : SW_MINIMIZE;
cr_flags = (CREATE_DEFAULT_ERROR_MODE
- | ((flags & GNUPG_SPAWN_DETACHED)? DETACHED_PROCESS : 0)
| GetPriorityClass (GetCurrentProcess ())
- | CREATE_SUSPENDED);
- /* log_debug ("CreateProcess, path='%s' cmdline='%s'\n", */
- /* pgmname, cmdline); */
+ | CREATE_NEW_PROCESS_GROUP
+ | DETACHED_PROCESS);
+
/* Take care: CreateProcessW may modify wpgmname */
if (!(wpgmname = utf8_to_wchar (pgmname)))
- rc = 0;
+ ret = 0;
else if (!(wcmdline = utf8_to_wchar (cmdline)))
- rc = 0;
+ ret = 0;
else
- rc = CreateProcessW (wpgmname, /* Program to start. */
- wcmdline, /* Command line arguments. */
- &sec_attr, /* Process security attributes. */
- &sec_attr, /* Thread security attributes. */
- TRUE, /* Inherit handles. */
- cr_flags, /* Creation flags. */
- NULL, /* Environment. */
- NULL, /* Use current drive/directory. */
- &si, /* Startup information. */
- &pi /* Returns process information. */
- );
- if (!rc)
+ ret = CreateProcessW (wpgmname, /* Program to start. */
+ wcmdline, /* Command line arguments. */
+ &sec_attr, /* Process security attributes. */
+ &sec_attr, /* Thread security attributes. */
+ ask_inherit, /* Inherit handles. */
+ cr_flags, /* Creation flags. */
+ NULL, /* Environment. */
+ NULL, /* Use current drive/directory. */
+ (STARTUPINFOW *)&si, /* Startup information. */
+ &pi /* Returns process information. */
+ );
+ if (!ret)
{
if (!wpgmname || !wcmdline)
log_error ("CreateProcess failed (utf8_to_wchar): %s\n",
strerror (errno));
else
- log_error ("CreateProcess failed: %s\n", w32_strerror (-1));
+ log_error ("CreateProcess(detached) failed: %d\n",
+ (int)GetLastError ());
xfree (wpgmname);
xfree (wcmdline);
xfree (cmdline);
- if (infp)
- es_fclose (infp);
- else if (inpipe[1] != INVALID_HANDLE_VALUE)
- CloseHandle (outpipe[1]);
- if (inpipe[0] != INVALID_HANDLE_VALUE)
- CloseHandle (inpipe[0]);
- if (outfp)
- es_fclose (outfp);
- else if (outpipe[0] != INVALID_HANDLE_VALUE)
- CloseHandle (outpipe[0]);
- if (outpipe[1] != INVALID_HANDLE_VALUE)
- CloseHandle (outpipe[1]);
- if (errfp)
- es_fclose (errfp);
- else if (errpipe[0] != INVALID_HANDLE_VALUE)
- CloseHandle (errpipe[0]);
- if (errpipe[1] != INVALID_HANDLE_VALUE)
- CloseHandle (errpipe[1]);
- return gpg_err_make (errsource, GPG_ERR_GENERAL);
+ return GPG_ERR_GENERAL;
}
+ if (si.lpAttributeList)
+ DeleteProcThreadAttributeList (si.lpAttributeList);
xfree (wpgmname);
xfree (wcmdline);
xfree (cmdline);
- cmdline = NULL;
- /* Close the inherited handles to /dev/null. */
- for (i=0; i < DIM (nullhd); i++)
- if (nullhd[i] != INVALID_HANDLE_VALUE)
- CloseHandle (nullhd[i]);
+ /* log_debug ("CreateProcess(detached) ready: hProcess=%p hThread=%p" */
+ /* " dwProcessID=%d dwThreadId=%d\n", */
+ /* pi.hProcess, pi.hThread, */
+ /* (int) pi.dwProcessId, (int) pi.dwThreadId); */
- /* Close the inherited ends of the pipes. */
- if (inpipe[0] != INVALID_HANDLE_VALUE)
- CloseHandle (inpipe[0]);
- if (outpipe[1] != INVALID_HANDLE_VALUE)
- CloseHandle (outpipe[1]);
- if (errpipe[1] != INVALID_HANDLE_VALUE)
- CloseHandle (errpipe[1]);
-
- /* log_debug ("CreateProcess ready: hProcess=%p hThread=%p" */
- /* " dwProcessID=%d dwThreadId=%d\n", */
- /* pi.hProcess, pi.hThread, */
- /* (int) pi.dwProcessId, (int) pi.dwThreadId); */
- /* log_debug (" outfp=%p errfp=%p\n", outfp, errfp); */
+ /* Note: AllowSetForegroundWindow doesn't make sense for background
+ process. */
- /* Fixme: For unknown reasons AllowSetForegroundWindow returns an
- invalid argument error if we pass it the correct processID. As a
- workaround we use -1 (ASFW_ANY). */
- if ((flags & GNUPG_SPAWN_RUN_ASFW))
- gnupg_allow_set_foregound_window ((pid_t)(-1)/*pi.dwProcessId*/);
-
- /* Process has been created suspended; resume it now. */
- ResumeThread (pi.hThread);
CloseHandle (pi.hThread);
-
- if (r_infp)
- *r_infp = infp;
- if (r_outfp)
- *r_outfp = outfp;
- if (r_errfp)
- *r_errfp = errfp;
-
- *pid = handle_to_pid (pi.hProcess);
+ CloseHandle (pi.hProcess);
return 0;
-
}
+void
+gnupg_spawn_helper (struct spawn_cb_arg *sca)
+{
+ HANDLE *user_except = sca->arg;
+ sca->inherit_hds = user_except;
+}
-/* Simplified version of gnupg_spawn_process. This function forks and
- then execs PGMNAME, while connecting INFD to stdin, OUTFD to stdout
- and ERRFD to stderr (any of them may be -1 to connect them to
- /dev/null). The arguments for the process are expected in the NULL
- terminated array ARGV. The program name itself should not be
- included there. Calling gnupg_wait_process is required.
-
- Returns 0 on success or an error code. */
-gpg_error_t
-gnupg_spawn_process_fd (const char *pgmname, const char *argv[],
- int infd, int outfd, int errfd, pid_t *pid)
+gpg_err_code_t
+gnupg_process_spawn (const char *pgmname, const char *argv[],
+ unsigned int flags,
+ void (*spawn_cb) (struct spawn_cb_arg *),
+ void *spawn_cb_arg,
+ gnupg_process_t *r_process)
{
- gpg_error_t err;
+ gpg_err_code_t ec;
+ gnupg_process_t process;
SECURITY_ATTRIBUTES sec_attr;
PROCESS_INFORMATION pi = { NULL, 0, 0, 0 };
- STARTUPINFOW si;
+ STARTUPINFOEXW si;
+ int cr_flags;
char *cmdline;
wchar_t *wcmdline = NULL;
wchar_t *wpgmname = NULL;
- int i, rc;
- HANDLE stdhd[3];
+ int ret;
+ HANDLE hd_in[2];
+ HANDLE hd_out[2];
+ HANDLE hd_err[2];
+ struct spawn_cb_arg sca;
+ int i;
+ BOOL ask_inherit = FALSE;
+
+ check_syscall_func ();
+
+ /* Build the command line. */
+ ec = build_w32_commandline (pgmname, argv, &cmdline);
+ if (ec)
+ return ec;
+
+ if ((flags & GNUPG_PROCESS_DETACHED))
+ {
+ if ((flags & GNUPG_PROCESS_STDFDS_SETTING))
+ {
+ xfree (cmdline);
+ return GPG_ERR_INV_FLAG;
+ }
- /* Setup return values. */
- *pid = (pid_t)(-1);
+ /* In detached case, it must be no R_PROCESS. */
+ if (r_process)
+ {
+ xfree (cmdline);
+ return GPG_ERR_INV_ARG;
+ }
+
+ return spawn_detached (pgmname, cmdline, spawn_cb, spawn_cb_arg);
+ }
+
+ if (r_process)
+ *r_process = NULL;
+
+ process = xtrymalloc (sizeof (struct gnupg_process));
+ if (process == NULL)
+ {
+ xfree (cmdline);
+ return gpg_err_code_from_syserror ();
+ }
+
+ process->pgmname = pgmname;
+ process->flags = flags;
+
+ if ((flags & GNUPG_PROCESS_STDINOUT_SOCKETPAIR))
+ {
+ xfree (process);
+ xfree (cmdline);
+ return GPG_ERR_NOT_SUPPORTED;
+ }
+
+ if ((flags & GNUPG_PROCESS_STDIN_PIPE))
+ {
+ ec = create_inheritable_pipe (hd_in, INHERIT_READ);
+ if (ec)
+ {
+ xfree (process);
+ xfree (cmdline);
+ return ec;
+ }
+ }
+ else if ((flags & GNUPG_PROCESS_STDIN_KEEP))
+ {
+ hd_in[0] = GetStdHandle (STD_INPUT_HANDLE);
+ hd_in[1] = INVALID_HANDLE_VALUE;
+ }
+ else
+ {
+ hd_in[0] = w32_open_null (0);
+ hd_in[1] = INVALID_HANDLE_VALUE;
+ }
+
+ if ((flags & GNUPG_PROCESS_STDOUT_PIPE))
+ {
+ ec = create_inheritable_pipe (hd_out, INHERIT_WRITE);
+ if (ec)
+ {
+ if (hd_in[0] != INVALID_HANDLE_VALUE)
+ CloseHandle (hd_in[0]);
+ if (hd_in[1] != INVALID_HANDLE_VALUE)
+ CloseHandle (hd_in[1]);
+ xfree (process);
+ xfree (cmdline);
+ return ec;
+ }
+ }
+ else if ((flags & GNUPG_PROCESS_STDOUT_KEEP))
+ {
+ hd_out[0] = INVALID_HANDLE_VALUE;
+ hd_out[1] = GetStdHandle (STD_OUTPUT_HANDLE);
+ }
+ else
+ {
+ hd_out[0] = INVALID_HANDLE_VALUE;
+ hd_out[1] = w32_open_null (1);
+ }
+
+ if ((flags & GNUPG_PROCESS_STDERR_PIPE))
+ {
+ ec = create_inheritable_pipe (hd_err, INHERIT_WRITE);
+ if (ec)
+ {
+ if (hd_in[0] != INVALID_HANDLE_VALUE)
+ CloseHandle (hd_in[0]);
+ if (hd_in[1] != INVALID_HANDLE_VALUE)
+ CloseHandle (hd_in[1]);
+ if (hd_out[0] != INVALID_HANDLE_VALUE)
+ CloseHandle (hd_out[0]);
+ if (hd_out[1] != INVALID_HANDLE_VALUE)
+ CloseHandle (hd_out[1]);
+ xfree (process);
+ xfree (cmdline);
+ return ec;
+ }
+ }
+ else if ((flags & GNUPG_PROCESS_STDERR_KEEP))
+ {
+ hd_err[0] = INVALID_HANDLE_VALUE;
+ hd_err[1] = GetStdHandle (STD_ERROR_HANDLE);
+ }
+ else
+ {
+ hd_err[0] = INVALID_HANDLE_VALUE;
+ hd_err[1] = w32_open_null (1);
+ }
+
+ memset (&si, 0, sizeof si);
+
+ sca.allow_foreground_window = FALSE;
+ sca.hd[0] = hd_in[0];
+ sca.hd[1] = hd_out[1];
+ sca.hd[2] = hd_err[1];
+ sca.inherit_hds = NULL;
+ sca.arg = spawn_cb_arg;
+ if (spawn_cb)
+ (*spawn_cb) (&sca);
+
+ i = 0;
+ if (sca.hd[0] != INVALID_HANDLE_VALUE)
+ i++;
+ if (sca.hd[1] != INVALID_HANDLE_VALUE)
+ i++;
+ if (sca.hd[2] != INVALID_HANDLE_VALUE)
+ i++;
+
+ if (i != 0 || sca.inherit_hds)
+ {
+ SIZE_T attr_list_size = 0;
+ HANDLE hd[16];
+ HANDLE *hd_p = sca.inherit_hds;
+ int j = 0;
+
+ if (sca.hd[0] != INVALID_HANDLE_VALUE)
+ hd[j++] = sca.hd[0];
+ if (sca.hd[1] != INVALID_HANDLE_VALUE)
+ hd[j++] = sca.hd[1];
+ if (sca.hd[1] != INVALID_HANDLE_VALUE)
+ hd[j++] = sca.hd[2];
+ if (hd_p)
+ {
+ while (*hd_p != INVALID_HANDLE_VALUE)
+ if (j < DIM (hd))
+ hd[j++] = *hd_p++;
+ else
+ {
+ log_error ("Too much handles\n");
+ break;
+ }
+ }
+
+ if (j)
+ {
+ if (check_windows_version ())
+ {
+ InitializeProcThreadAttributeList (NULL, 1, 0, &attr_list_size);
+ si.lpAttributeList = xtrymalloc (attr_list_size);
+ if (si.lpAttributeList == NULL)
+ {
+ if ((flags & GNUPG_PROCESS_STDIN_PIPE)
+ || !(flags & GNUPG_PROCESS_STDIN_KEEP))
+ CloseHandle (hd_in[0]);
+ if ((flags & GNUPG_PROCESS_STDIN_PIPE))
+ CloseHandle (hd_in[1]);
+ if ((flags & GNUPG_PROCESS_STDOUT_PIPE))
+ CloseHandle (hd_out[0]);
+ if ((flags & GNUPG_PROCESS_STDOUT_PIPE)
+ || !(flags & GNUPG_PROCESS_STDOUT_KEEP))
+ CloseHandle (hd_out[1]);
+ if ((flags & GNUPG_PROCESS_STDERR_PIPE))
+ CloseHandle (hd_err[0]);
+ if ((flags & GNUPG_PROCESS_STDERR_PIPE)
+ || !(flags & GNUPG_PROCESS_STDERR_KEEP))
+ CloseHandle (hd_err[1]);
+ xfree (process);
+ xfree (cmdline);
+ return gpg_err_code_from_syserror ();
+ }
+ InitializeProcThreadAttributeList (si.lpAttributeList, 1, 0,
+ &attr_list_size);
+ UpdateProcThreadAttribute (si.lpAttributeList, 0,
+ PROC_THREAD_ATTRIBUTE_HANDLE_LIST,
+ hd, sizeof (HANDLE) * j, NULL, NULL);
+ }
+ ask_inherit = TRUE;
+ }
+ }
/* Prepare security attributes. */
memset (&sec_attr, 0, sizeof sec_attr );
sec_attr.nLength = sizeof sec_attr;
sec_attr.bInheritHandle = FALSE;
- /* Build the command line. */
- err = build_w32_commandline (pgmname, argv, &cmdline);
- if (err)
- return err;
-
- memset (&si, 0, sizeof si);
- si.cb = sizeof (si);
- si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW;
- si.wShowWindow = DEBUG_W32_SPAWN? SW_SHOW : SW_MINIMIZE;
- stdhd[0] = infd == -1? w32_open_null (0) : INVALID_HANDLE_VALUE;
- stdhd[1] = outfd == -1? w32_open_null (1) : INVALID_HANDLE_VALUE;
- stdhd[2] = errfd == -1? w32_open_null (1) : INVALID_HANDLE_VALUE;
- si.hStdInput = infd == -1? stdhd[0] : (void*)_get_osfhandle (infd);
- si.hStdOutput = outfd == -1? stdhd[1] : (void*)_get_osfhandle (outfd);
- si.hStdError = errfd == -1? stdhd[2] : (void*)_get_osfhandle (errfd);
-
-/* log_debug ("CreateProcess, path='%s' cmdline='%s'\n", pgmname, cmdline); */
- /* Take care: CreateProcessW may modify wpgmname */
+ /* Start the process. */
+ si.StartupInfo.cb = sizeof (si);
+ si.StartupInfo.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW;
+ si.StartupInfo.wShowWindow = DEBUG_W32_SPAWN? SW_SHOW : SW_HIDE;
+ si.StartupInfo.hStdInput = sca.hd[0];
+ si.StartupInfo.hStdOutput = sca.hd[1];
+ si.StartupInfo.hStdError = sca.hd[2];
+
+ /* log_debug ("CreateProcess, path='%s' cmdline='%s'\n", pgmname, cmdline); */
+ cr_flags = (CREATE_DEFAULT_ERROR_MODE
+ | GetPriorityClass (GetCurrentProcess ())
+ | CREATE_SUSPENDED);
if (!(wpgmname = utf8_to_wchar (pgmname)))
- rc = 0;
+ ret = 0;
else if (!(wcmdline = utf8_to_wchar (cmdline)))
- rc = 0;
+ ret = 0;
else
- rc = CreateProcessW (wpgmname, /* Program to start. */
- wcmdline, /* Command line arguments. */
- &sec_attr, /* Process security attributes. */
- &sec_attr, /* Thread security attributes. */
- TRUE, /* Inherit handles. */
- (CREATE_DEFAULT_ERROR_MODE
- | GetPriorityClass (GetCurrentProcess ())
- | CREATE_SUSPENDED | DETACHED_PROCESS),
- NULL, /* Environment. */
- NULL, /* Use current drive/directory. */
- &si, /* Startup information. */
- &pi /* Returns process information. */
- );
- if (!rc)
+ ret = CreateProcessW (wpgmname, /* Program to start. */
+ wcmdline, /* Command line arguments. */
+ &sec_attr, /* Process security attributes. */
+ &sec_attr, /* Thread security attributes. */
+ ask_inherit, /* Inherit handles. */
+ cr_flags, /* Creation flags. */
+ NULL, /* Environment. */
+ NULL, /* Use current drive/directory. */
+ (STARTUPINFOW *)&si, /* Startup information. */
+ &pi /* Returns process information. */
+ );
+ if (!ret)
{
if (!wpgmname || !wcmdline)
log_error ("CreateProcess failed (utf8_to_wchar): %s\n",
- strerror (errno));
+ strerror (errno));
else
- log_error ("CreateProcess failed: %s\n", w32_strerror (-1));
- err = my_error (GPG_ERR_GENERAL);
+ log_error ("CreateProcess failed: ec=%d\n",
+ (int)GetLastError ());
+ if ((flags & GNUPG_PROCESS_STDIN_PIPE)
+ || !(flags & GNUPG_PROCESS_STDIN_KEEP))
+ CloseHandle (hd_in[0]);
+ if ((flags & GNUPG_PROCESS_STDIN_PIPE))
+ CloseHandle (hd_in[1]);
+ if ((flags & GNUPG_PROCESS_STDOUT_PIPE))
+ CloseHandle (hd_out[0]);
+ if ((flags & GNUPG_PROCESS_STDOUT_PIPE)
+ || !(flags & GNUPG_PROCESS_STDOUT_KEEP))
+ CloseHandle (hd_out[1]);
+ if ((flags & GNUPG_PROCESS_STDERR_PIPE))
+ CloseHandle (hd_err[0]);
+ if ((flags & GNUPG_PROCESS_STDERR_PIPE)
+ || !(flags & GNUPG_PROCESS_STDERR_KEEP))
+ CloseHandle (hd_err[1]);
+ xfree (wpgmname);
+ xfree (wcmdline);
+ xfree (process);
+ xfree (cmdline);
+ return GPG_ERR_GENERAL;
}
- else
- err = 0;
+
+ if (si.lpAttributeList)
+ DeleteProcThreadAttributeList (si.lpAttributeList);
xfree (wpgmname);
xfree (wcmdline);
xfree (cmdline);
- for (i=0; i < 3; i++)
- if (stdhd[i] != INVALID_HANDLE_VALUE)
- CloseHandle (stdhd[i]);
- if (err)
- return err;
-/* log_debug ("CreateProcess ready: hProcess=%p hThread=%p" */
-/* " dwProcessID=%d dwThreadId=%d\n", */
-/* pi.hProcess, pi.hThread, */
-/* (int) pi.dwProcessId, (int) pi.dwThreadId); */
+ if ((flags & GNUPG_PROCESS_STDIN_PIPE)
+ || !(flags & GNUPG_PROCESS_STDIN_KEEP))
+ CloseHandle (hd_in[0]);
+ if ((flags & GNUPG_PROCESS_STDOUT_PIPE)
+ || !(flags & GNUPG_PROCESS_STDOUT_KEEP))
+ CloseHandle (hd_out[1]);
+ if ((flags & GNUPG_PROCESS_STDERR_PIPE)
+ || !(flags & GNUPG_PROCESS_STDERR_KEEP))
+ CloseHandle (hd_err[1]);
+
+ /* log_debug ("CreateProcess ready: hProcess=%p hThread=%p" */
+ /* " dwProcessID=%d dwThreadId=%d\n", */
+ /* pi.hProcess, pi.hThread, */
+ /* (int) pi.dwProcessId, (int) pi.dwThreadId); */
+
+ if (sca.allow_foreground_window)
+ {
+ /* Fixme: For unknown reasons AllowSetForegroundWindow returns
+ * an invalid argument error if we pass it the correct
+ * processID. As a workaround we use -1 (ASFW_ANY). */
+ if (!AllowSetForegroundWindow (ASFW_ANY /*pi.dwProcessId*/))
+ log_info ("AllowSetForegroundWindow() failed: ec=%d\n",
+ (int)GetLastError ());
+ }
/* Process has been created suspended; resume it now. */
+ pre_syscall ();
ResumeThread (pi.hThread);
CloseHandle (pi.hThread);
+ post_syscall ();
- *pid = handle_to_pid (pi.hProcess);
- return 0;
+ process->hProcess = pi.hProcess;
+ process->hd_in = hd_in[1];
+ process->hd_out = hd_out[0];
+ process->hd_err = hd_err[0];
+ process->exitcode = -1;
+ process->terminated = 0;
+ if (r_process == NULL)
+ {
+ ec = gnupg_process_wait (process, 1);
+ gnupg_process_release (process);
+ return ec;
+ }
+
+ *r_process = process;
+ return 0;
}
+gpg_err_code_t
+gnupg_process_get_fds (gnupg_process_t process, unsigned int flags,
+ int *r_fd_in, int *r_fd_out, int *r_fd_err)
+{
+ (void)flags;
+ if (r_fd_in)
+ {
+ *r_fd_in = _open_osfhandle ((intptr_t)process->hd_in, O_APPEND);
+ process->hd_in = INVALID_HANDLE_VALUE;
+ }
+ if (r_fd_out)
+ {
+ *r_fd_out = _open_osfhandle ((intptr_t)process->hd_out, O_RDONLY);
+ process->hd_out = INVALID_HANDLE_VALUE;
+ }
+ if (r_fd_err)
+ {
+ *r_fd_err = _open_osfhandle ((intptr_t)process->hd_err, O_RDONLY);
+ process->hd_err = INVALID_HANDLE_VALUE;
+ }
+
+ return 0;
+}
-/* See exechelp.h for a description. */
-gpg_error_t
-gnupg_wait_process (const char *pgmname, pid_t pid, int hang, int *r_exitcode)
+gpg_err_code_t
+gnupg_process_get_streams (gnupg_process_t process, unsigned int flags,
+ estream_t *r_fp_in, estream_t *r_fp_out,
+ estream_t *r_fp_err)
{
- return gnupg_wait_processes (&pgmname, &pid, 1, hang, r_exitcode);
+ int nonblock = (flags & GNUPG_PROCESS_STREAM_NONBLOCK)? 1: 0;
+ es_syshd_t syshd;
+
+ syshd.type = ES_SYSHD_HANDLE;
+ if (r_fp_in)
+ {
+ syshd.u.handle = process->hd_in;
+ *r_fp_in = es_sysopen (&syshd, nonblock? "w,nonblock" : "w");
+ process->hd_in = INVALID_HANDLE_VALUE;
+ }
+ if (r_fp_out)
+ {
+ syshd.u.handle = process->hd_out;
+ *r_fp_out = es_sysopen (&syshd, nonblock? "r,nonblock" : "r");
+ process->hd_out = INVALID_HANDLE_VALUE;
+ }
+ if (r_fp_err)
+ {
+ syshd.u.handle = process->hd_err;
+ *r_fp_err = es_sysopen (&syshd, nonblock? "r,nonblock" : "r");
+ process->hd_err = INVALID_HANDLE_VALUE;
+ }
+ return 0;
}
-/* See exechelp.h for a description. */
-gpg_error_t
-gnupg_wait_processes (const char **pgmnames, pid_t *pids, size_t count,
- int hang, int *r_exitcodes)
+static gpg_err_code_t
+process_kill (gnupg_process_t process, unsigned int exitcode)
{
gpg_err_code_t ec = 0;
- size_t i;
- HANDLE *procs;
- int code;
- procs = xtrycalloc (count, sizeof *procs);
- if (procs == NULL)
- return my_error_from_syserror ();
+ pre_syscall ();
+ if (TerminateProcess (process->hProcess, exitcode))
+ ec = gpg_err_code_from_syserror ();
+ post_syscall ();
+ return ec;
+}
- for (i = 0; i < count; i++)
+static gpg_err_code_t
+process_vctl (gnupg_process_t process, unsigned int request, va_list arg_ptr)
+{
+ switch (request)
{
- if (r_exitcodes)
- r_exitcodes[i] = -1;
+ case GNUPG_PROCESS_NOP:
+ return 0;
- if (pids[i] == (pid_t)(-1))
- return my_error (GPG_ERR_INV_VALUE);
+ case GNUPG_PROCESS_GET_PROC_ID:
+ {
+ int *r_id = va_arg (arg_ptr, int *);
- procs[i] = pid_to_handle (pids[i]);
- }
+ if (r_id == NULL)
+ return GPG_ERR_INV_VALUE;
- /* FIXME: We should do a pth_waitpid here. However this has not yet
- been implemented. A special W32 pth system call would even be
- better. */
- code = WaitForMultipleObjects (count, procs, TRUE, hang? INFINITE : 0);
- switch (code)
- {
- case WAIT_TIMEOUT:
- ec = GPG_ERR_TIMEOUT;
- goto leave;
+ *r_id = (int)GetProcessId (process->hProcess);
+ return 0;
+ }
- case WAIT_FAILED:
- log_error (_("waiting for processes to terminate failed: %s\n"),
- w32_strerror (-1));
- ec = GPG_ERR_GENERAL;
- goto leave;
+ case GNUPG_PROCESS_GET_EXIT_ID:
+ {
+ int *r_exit_status = va_arg (arg_ptr, int *);
+ unsigned long exit_code;
- case WAIT_OBJECT_0:
- for (i = 0; i < count; i++)
- {
- DWORD exc;
+ *r_exit_status = -1;
- if (! GetExitCodeProcess (procs[i], &exc))
- {
- log_error (_("error getting exit code of process %d: %s\n"),
- (int) pids[i], w32_strerror (-1) );
- ec = GPG_ERR_GENERAL;
- }
- else if (exc)
- {
- if (!r_exitcodes)
- log_error (_("error running '%s': exit status %d\n"),
- pgmnames[i], (int)exc);
- else
- r_exitcodes[i] = (int)exc;
- ec = GPG_ERR_GENERAL;
- }
- else
- {
- if (r_exitcodes)
- r_exitcodes[i] = 0;
- }
- }
- break;
+ if (!process->terminated)
+ return GPG_ERR_UNFINISHED;
+
+ if (process->hProcess == INVALID_HANDLE_VALUE)
+ return 0;
+
+ if (GetExitCodeProcess (process->hProcess, &exit_code) == 0)
+ return gpg_err_code_from_syserror ();
+
+ *r_exit_status = (int)exit_code;
+ return 0;
+ }
+
+ case GNUPG_PROCESS_GET_P_HANDLE:
+ {
+ HANDLE *r_hProcess = va_arg (arg_ptr, HANDLE *);
+
+ if (r_hProcess == NULL)
+ return GPG_ERR_INV_VALUE;
+
+ *r_hProcess = process->hProcess;
+ process->hProcess = INVALID_HANDLE_VALUE;
+ return 0;
+ }
+
+ case GNUPG_PROCESS_GET_HANDLES:
+ {
+ HANDLE *r_hd_in = va_arg (arg_ptr, HANDLE *);
+ HANDLE *r_hd_out = va_arg (arg_ptr, HANDLE *);
+ HANDLE *r_hd_err = va_arg (arg_ptr, HANDLE *);
+
+ if (r_hd_in)
+ {
+ *r_hd_in = process->hd_in;
+ process->hd_in = INVALID_HANDLE_VALUE;
+ }
+ if (r_hd_out)
+ {
+ *r_hd_out = process->hd_out;
+ process->hd_out = INVALID_HANDLE_VALUE;
+ }
+ if (r_hd_err)
+ {
+ *r_hd_err = process->hd_err;
+ process->hd_err = INVALID_HANDLE_VALUE;
+ }
+ return 0;
+ }
+
+ case GNUPG_PROCESS_GET_EXIT_CODE:
+ {
+ unsigned long *r_exitcode = va_arg (arg_ptr, unsigned long *);
+
+ if (!process->terminated)
+ return GPG_ERR_UNFINISHED;
+
+ if (process->hProcess == INVALID_HANDLE_VALUE)
+ {
+ *r_exitcode = (unsigned long)-1;
+ return 0;
+ }
+
+ if (GetExitCodeProcess (process->hProcess, r_exitcode) == 0)
+ return gpg_err_code_from_syserror ();
+ return 0;
+ }
+
+ case GNUPG_PROCESS_KILL_WITH_EC:
+ {
+ unsigned int exitcode = va_arg (arg_ptr, unsigned int);
+
+ if (process->terminated)
+ return 0;
+
+ if (process->hProcess == INVALID_HANDLE_VALUE)
+ return 0;
+
+ return process_kill (process, exitcode);
+ }
default:
- log_error ("WaitForMultipleObjects returned unexpected "
- "code %d\n", code);
- ec = GPG_ERR_GENERAL;
break;
}
- leave:
- return gpg_err_make (GPG_ERR_SOURCE_DEFAULT, ec);
+ return GPG_ERR_UNKNOWN_COMMAND;
}
-
-
-void
-gnupg_release_process (pid_t pid)
+gpg_err_code_t
+gnupg_process_ctl (gnupg_process_t process, unsigned int request, ...)
{
- if (pid != (pid_t)INVALID_HANDLE_VALUE)
- {
- HANDLE process = (HANDLE)pid;
+ va_list arg_ptr;
+ gpg_err_code_t ec;
- CloseHandle (process);
- }
+ va_start (arg_ptr, request);
+ ec = process_vctl (process, request, arg_ptr);
+ va_end (arg_ptr);
+ return ec;
}
-
-/* Spawn a new process and immediately detach from it. The name of
- the program to exec is PGMNAME and its arguments are in ARGV (the
- programname is automatically passed as first argument).
- Environment strings in ENVP are set. An error is returned if
- pgmname is not executable; to make this work it is necessary to
- provide an absolute file name. All standard file descriptors are
- connected to /dev/null. */
-gpg_error_t
-gnupg_spawn_process_detached (const char *pgmname, const char *argv[],
- const char *envp[] )
+gpg_err_code_t
+gnupg_process_wait (gnupg_process_t process, int hang)
{
- gpg_error_t err;
- SECURITY_ATTRIBUTES sec_attr;
- PROCESS_INFORMATION pi =
- {
- NULL, /* Returns process handle. */
- 0, /* Returns primary thread handle. */
- 0, /* Returns pid. */
- 0 /* Returns tid. */
- };
- STARTUPINFOW si;
- int cr_flags;
- char *cmdline;
- wchar_t *wcmdline = NULL;
- wchar_t *wpgmname = NULL;
- BOOL in_job = FALSE;
gpg_err_code_t ec;
- int rc;
- int jobdebug;
+ int code;
- /* We don't use ENVP. */
- (void)envp;
+ if (process->hProcess == INVALID_HANDLE_VALUE)
+ return 0;
- cmdline = getenv ("GNUPG_EXEC_DEBUG_FLAGS");
- jobdebug = (cmdline && (atoi (cmdline) & 1));
+ pre_syscall ();
+ code = WaitForSingleObject (process->hProcess, hang? INFINITE : 0);
+ post_syscall ();
- if ((ec = gnupg_access (pgmname, X_OK)))
- return gpg_err_make (default_errsource, ec);
+ switch (code)
+ {
+ case WAIT_TIMEOUT:
+ ec = GPG_ERR_TIMEOUT; /* Still running. */
+ break;
- /* Prepare security attributes. */
- memset (&sec_attr, 0, sizeof sec_attr );
- sec_attr.nLength = sizeof sec_attr;
- sec_attr.bInheritHandle = FALSE;
+ case WAIT_FAILED:
+ log_error (_("waiting for process to terminate failed: ec=%d\n"),
+ (int)GetLastError ());
+ ec = GPG_ERR_GENERAL;
+ break;
- /* Build the command line. */
- err = build_w32_commandline (pgmname, argv, &cmdline);
- if (err)
- return err;
+ case WAIT_OBJECT_0:
+ process->terminated = 1;
+ ec = 0;
+ break;
- /* Start the process. */
- memset (&si, 0, sizeof si);
- si.cb = sizeof (si);
- si.dwFlags = STARTF_USESHOWWINDOW;
- si.wShowWindow = DEBUG_W32_SPAWN? SW_SHOW : SW_MINIMIZE;
+ default:
+ log_debug ("WaitForSingleObject returned unexpected code %d\n", code);
+ ec = GPG_ERR_GENERAL;
+ break;
+ }
- cr_flags = (CREATE_DEFAULT_ERROR_MODE
- | GetPriorityClass (GetCurrentProcess ())
- | CREATE_NEW_PROCESS_GROUP
- | DETACHED_PROCESS);
+ return ec;
+}
- /* Check if we were spawned as part of a Job.
- * In a job we need to add CREATE_BREAKAWAY_FROM_JOB
- * to the cr_flags, otherwise our child processes
- * are killed when we terminate. */
- if (!IsProcessInJob (GetCurrentProcess(), NULL, &in_job))
- {
- log_error ("IsProcessInJob() failed: %s\n", w32_strerror (-1));
- in_job = FALSE;
- }
+gpg_err_code_t
+gnupg_process_terminate (gnupg_process_t process)
+{
+ return process_kill (process, 1);
+}
- if (in_job)
- {
- /* Only try to break away from job if it is allowed, otherwise
- * CreateProcess() would fail with an "Access is denied" error. */
- JOBOBJECT_EXTENDED_LIMIT_INFORMATION info;
- if (!QueryInformationJobObject (NULL, JobObjectExtendedLimitInformation,
- &info, sizeof info, NULL))
- {
- log_error ("QueryInformationJobObject() failed: %s\n",
- w32_strerror (-1));
- }
- else if ((info.BasicLimitInformation.LimitFlags &
- JOB_OBJECT_LIMIT_BREAKAWAY_OK))
- {
- if (jobdebug)
- log_debug ("Using CREATE_BREAKAWAY_FROM_JOB flag\n");
- cr_flags |= CREATE_BREAKAWAY_FROM_JOB;
- }
- else if ((info.BasicLimitInformation.LimitFlags &
- JOB_OBJECT_LIMIT_SILENT_BREAKAWAY_OK))
- {
- /* The child process should automatically detach from the job. */
- if (jobdebug)
- log_debug ("Not using CREATE_BREAKAWAY_FROM_JOB flag; "
- "JOB_OBJECT_LIMIT_SILENT_BREAKAWAY_OK is set\n");
- }
- else
- {
- /* It seems that the child process must remain in the job.
- * This is not necessarily an error, although it can cause premature
- * termination of the child process when the job is closed. */
- if (jobdebug)
- log_debug ("Not using CREATE_BREAKAWAY_FROM_JOB flag\n");
- }
- }
- else
- {
- if (jobdebug)
- log_debug ("Process is not in a Job\n");
- }
+void
+gnupg_process_release (gnupg_process_t process)
+{
+ if (!process)
+ return;
- /* log_debug ("CreateProcess(detached), path='%s' cmdline='%s'\n", */
- /* pgmname, cmdline); */
- /* Take care: CreateProcessW may modify wpgmname */
- if (!(wpgmname = utf8_to_wchar (pgmname)))
- rc = 0;
- else if (!(wcmdline = utf8_to_wchar (cmdline)))
- rc = 0;
- else
- rc = CreateProcessW (wpgmname, /* Program to start. */
- wcmdline, /* Command line arguments. */
- &sec_attr, /* Process security attributes. */
- &sec_attr, /* Thread security attributes. */
- FALSE, /* Inherit handles. */
- cr_flags, /* Creation flags. */
- NULL, /* Environment. */
- NULL, /* Use current drive/directory. */
- &si, /* Startup information. */
- &pi /* Returns process information. */
- );
- if (!rc)
+ if (process->terminated)
{
- if (!wpgmname || !wcmdline)
- log_error ("CreateProcess failed (utf8_to_wchar): %s\n",
- strerror (errno));
- else
- log_error ("CreateProcess(detached) failed: %s\n", w32_strerror (-1));
- xfree (wpgmname);
- xfree (wcmdline);
- xfree (cmdline);
- return my_error (GPG_ERR_GENERAL);
+ gnupg_process_terminate (process);
+ gnupg_process_wait (process, 1);
}
- xfree (wpgmname);
- xfree (wcmdline);
- xfree (cmdline);
- cmdline = NULL;
-
-/* log_debug ("CreateProcess(detached) ready: hProcess=%p hThread=%p" */
-/* " dwProcessID=%d dwThreadId=%d\n", */
-/* pi.hProcess, pi.hThread, */
-/* (int) pi.dwProcessId, (int) pi.dwThreadId); */
- CloseHandle (pi.hThread);
- CloseHandle (pi.hProcess);
-
- return 0;
+ CloseHandle (process->hProcess);
+ xfree (process);
}
-
-/* Kill a process; that is send an appropriate signal to the process.
- gnupg_wait_process must be called to actually remove the process
- from the system. An invalid PID is ignored. */
-void
-gnupg_kill_process (pid_t pid)
+gpg_err_code_t
+gnupg_process_wait_list (gnupg_process_t *process_list, int count, int hang)
{
- if (pid != (pid_t) INVALID_HANDLE_VALUE)
+ gpg_err_code_t ec = 0;
+ int i;
+
+ for (i = 0; i < count; i++)
{
- HANDLE process = (HANDLE) pid;
+ if (process_list[i]->terminated)
+ continue;
- /* Arbitrary error code. */
- TerminateProcess (process, 1);
+ ec = gnupg_process_wait (process_list[i], hang);
+ if (ec)
+ break;
}
+
+ return ec;
}
diff --git a/common/exechelp.h b/common/exechelp.h
index 3343fe598..0370b23a4 100644
--- a/common/exechelp.h
+++ b/common/exechelp.h
@@ -73,140 +73,103 @@ gpg_error_t gnupg_create_pipe (int filedes[2]);
void gnupg_close_pipe (int fd);
-#define GNUPG_SPAWN_NONBLOCK 16
-#define GNUPG_SPAWN_RUN_ASFW 64
-#define GNUPG_SPAWN_DETACHED 128
-#define GNUPG_SPAWN_KEEP_STDIN 256
-#define GNUPG_SPAWN_KEEP_STDOUT 512
-#define GNUPG_SPAWN_KEEP_STDERR 1024
-
-/* Fork and exec the program PGMNAME.
-
- If R_INFP is NULL connect stdin of the new process to /dev/null; if
- it is not NULL store the address of a pointer to a new estream
- there. If R_OUTFP is NULL connect stdout of the new process to
- /dev/null; if it is not NULL store the address of a pointer to a
- new estream there. If R_ERRFP is NULL connect stderr of the new
- process to /dev/null; if it is not NULL store the address of a
- pointer to a new estream there. On success the pid of the new
- process is stored at PID. On error -1 is stored at PID and if
- R_OUTFP or R_ERRFP are not NULL, NULL is stored there.
-
- The arguments for the process are expected in the NULL terminated
- array ARGV. The program name itself should not be included there.
- If PREEXEC is not NULL, the given function will be called right
- before the exec.
-
- IF EXCEPT is not NULL, it is expected to be an ordered list of file
- descriptors, terminated by an entry with the value (-1). These
- file descriptors won't be closed before spawning a new program.
-
- Returns 0 on success or an error code. Calling gnupg_wait_process
- and gnupg_release_process is required if the function succeeded.
-
- FLAGS is a bit vector:
-
- GNUPG_SPAWN_NONBLOCK
- If set the two output streams are created in non-blocking
- mode and the input stream is switched to non-blocking mode.
- This is merely a convenience feature because the caller
- could do the same with gpgrt_set_nonblock. Does not yet
- work for Windows.
-
- GNUPG_SPAWN_DETACHED
- If set the process will be started as a background process.
- This flag is only useful under W32 (but not W32CE) systems,
- so that no new console is created and pops up a console
- window when starting the server. Does not work on W32CE.
-
- GNUPG_SPAWN_RUN_ASFW
- On W32 (but not on W32CE) run AllowSetForegroundWindow for
- the child. Note that due to unknown problems this actually
- allows SetForegroundWindow for all children of this process.
-
- GNUPG_SPAWN_KEEP_STDIN
- GNUPG_SPAWN_KEEP_STDOUT
- GNUPG_SPAWN_KEEP_STDERR
- Do not assign /dev/null to a non-required standard file
- descriptor.
-
- */
-gpg_error_t
-gnupg_spawn_process (const char *pgmname, const char *argv[],
- int *execpt, unsigned int flags,
- estream_t *r_infp,
- estream_t *r_outfp,
- estream_t *r_errfp,
- pid_t *pid);
-
-
-/* Simplified version of gnupg_spawn_process. This function forks and
- then execs PGMNAME, while connecting INFD to stdin, OUTFD to stdout
- and ERRFD to stderr (any of them may be -1 to connect them to
- /dev/null). The arguments for the process are expected in the NULL
- terminated array ARGV. The program name itself should not be
- included there. Calling gnupg_wait_process and
- gnupg_release_process is required. Returns 0 on success or an
- error code. */
-gpg_error_t gnupg_spawn_process_fd (const char *pgmname,
- const char *argv[],
- int infd, int outfd, int errfd,
- pid_t *pid);
-
-
-/* If HANG is true, waits for the process identified by PID to exit;
- if HANG is false, checks whether the process has terminated.
- PGMNAME should be the same as supplied to the spawn function and is
- only used for diagnostics. Return values:
-
- 0
- The process exited successful. 0 is stored at R_EXITCODE.
-
- GPG_ERR_GENERAL
- The process exited without success. The exit code of process
- is then stored at R_EXITCODE. An exit code of -1 indicates
- that the process terminated abnormally (e.g. due to a signal).
-
- GPG_ERR_TIMEOUT
- The process is still running (returned only if HANG is false).
-
- GPG_ERR_INV_VALUE
- An invalid PID has been specified.
-
- Other error codes may be returned as well. Unless otherwise noted,
- -1 will be stored at R_EXITCODE. R_EXITCODE may be passed as NULL
- if the exit code is not required (in that case an error message will
- be printed). Note that under Windows PID is not the process id but
- the handle of the process. */
-gpg_error_t gnupg_wait_process (const char *pgmname, pid_t pid, int hang,
- int *r_exitcode);
-
-/* Like gnupg_wait_process, but for COUNT processes. */
-gpg_error_t gnupg_wait_processes (const char **pgmnames, pid_t *pids,
- size_t count, int hang, int *r_exitcodes);
-
-
-/* Kill a process; that is send an appropriate signal to the process.
- gnupg_wait_process must be called to actually remove the process
- from the system. An invalid PID is ignored. */
-void gnupg_kill_process (pid_t pid);
-
-/* Release the process identified by PID. This function is actually
- only required for Windows but it does not harm to always call it.
- It is a nop if PID is invalid. */
-void gnupg_release_process (pid_t pid);
-
-
-/* Spawn a new process and immediately detach from it. The name of
- the program to exec is PGMNAME and its arguments are in ARGV (the
- programname is automatically passed as first argument).
- Environment strings in ENVP are set. An error is returned if
- pgmname is not executable; to make this work it is necessary to
- provide an absolute file name. */
-gpg_error_t gnupg_spawn_process_detached (const char *pgmname,
- const char *argv[],
- const char *envp[] );
-
+/* The opaque type for a subprocess. */
+typedef struct gnupg_process *gnupg_process_t;
+#ifdef HAVE_W32_SYSTEM
+struct spawn_cb_arg;
+#ifdef NEED_STRUCT_SPAWN_CB_ARG
+struct spawn_cb_arg {
+ HANDLE hd[3];
+ HANDLE *inherit_hds;
+ BOOL allow_foreground_window;
+ void *arg;
+};
+#endif
+#else
+struct spawn_cb_arg {
+ int fds[3];
+ int *except_fds;
+ void *arg;
+};
+#endif
+
+#define GNUPG_PROCESS_DETACHED (1 << 1)
+
+/* Specify how to keep/connect standard fds. */
+#define GNUPG_PROCESS_STDIN_PIPE (1 << 8)
+#define GNUPG_PROCESS_STDOUT_PIPE (1 << 9)
+#define GNUPG_PROCESS_STDERR_PIPE (1 << 10)
+#define GNUPG_PROCESS_STDINOUT_SOCKETPAIR (1 << 11)
+#define GNUPG_PROCESS_STDIN_KEEP (1 << 12)
+#define GNUPG_PROCESS_STDOUT_KEEP (1 << 13)
+#define GNUPG_PROCESS_STDERR_KEEP (1 << 14)
+#define GNUPG_PROCESS_STDFDS_SETTING ( GNUPG_PROCESS_STDIN_PIPE \
+ | GNUPG_PROCESS_STDOUT_PIPE | GNUPG_PROCESS_STDERR_PIPE \
+ | GNUPG_PROCESS_STDINOUT_SOCKETPAIR | GNUPG_PROCESS_STDIN_KEEP \
+ | GNUPG_PROCESS_STDOUT_KEEP | GNUPG_PROCESS_STDERR_KEEP)
+
+#define GNUPG_PROCESS_STREAM_NONBLOCK (1 << 16)
+
+/* Spawn helper. */
+void gnupg_spawn_helper (struct spawn_cb_arg *sca);
+
+/* Spawn PGMNAME. */
+gpg_err_code_t gnupg_process_spawn (const char *pgmname, const char *argv[],
+ unsigned int flags,
+ void (*spawn_cb) (struct spawn_cb_arg *),
+ void *spawn_cb_arg,
+ gnupg_process_t *r_process);
+
+/* Get FDs for subprocess I/O. It is the caller which should care
+ FDs (closing FDs). */
+gpg_err_code_t gnupg_process_get_fds (gnupg_process_t process,
+ unsigned int flags,
+ int *r_fd_in, int *r_fd_out,
+ int *r_fd_err);
+
+/* Get STREAMs for subprocess I/O. It is the caller which should care
+ STREAMs (closing STREAMs). */
+gpg_err_code_t gnupg_process_get_streams (gnupg_process_t process,
+ unsigned int flags,
+ gpgrt_stream_t *r_fp_in,
+ gpgrt_stream_t *r_fp_out,
+ gpgrt_stream_t *r_fp_err);
+
+enum gnupg_process_requests
+ {
+ /* Portable requests */
+ GNUPG_PROCESS_NOP = 0,
+ GNUPG_PROCESS_GET_PROC_ID = 1,
+ GNUPG_PROCESS_GET_EXIT_ID = 2,
+
+ /* POSIX only */
+ GNUPG_PROCESS_GET_PID = 16,
+ GNUPG_PROCESS_GET_WSTATUS = 17,
+ GNUPG_PROCESS_KILL = 18,
+
+ /* Windows only */
+ GNUPG_PROCESS_GET_P_HANDLE = 32,
+ GNUPG_PROCESS_GET_HANDLES = 33,
+ GNUPG_PROCESS_GET_EXIT_CODE = 34,
+ GNUPG_PROCESS_KILL_WITH_EC = 35
+ };
+
+/* Control of a process. */
+gpg_err_code_t gnupg_process_ctl (gnupg_process_t process,
+ unsigned int request, ...);
+
+/* Wait for a single PROCESS. */
+gpg_err_code_t gnupg_process_wait (gnupg_process_t process, int hang);
+
+/* Terminate a PROCESS. */
+gpg_err_code_t gnupg_process_terminate (gnupg_process_t process);
+
+/* Release PROCESS resources. */
+void gnupg_process_release (gnupg_process_t process);
+
+/* Wait for a multiple processes. */
+gpg_err_code_t gnupg_process_wait_list (gnupg_process_t *process_list,
+ int count, int hang);
#endif /*GNUPG_COMMON_EXECHELP_H*/
diff --git a/common/exectool.c b/common/exectool.c
index aaf5898d0..3505c25f1 100644
--- a/common/exectool.c
+++ b/common/exectool.c
@@ -38,10 +38,14 @@
#include <gpg-error.h>
#include <assuan.h>
+
#include "i18n.h"
#include "logging.h"
#include "membuf.h"
#include "mischelp.h"
+#ifdef HAVE_W32_SYSTEM
+#define NEED_STRUCT_SPAWN_CB_ARG 1
+#endif
#include "exechelp.h"
#include "sysutils.h"
#include "util.h"
@@ -301,7 +305,6 @@ copy_buffer_flush (struct copy_buffer *c, estream_t sink)
}
-
/* Run the program PGMNAME with the command line arguments given in
* the NULL terminates array ARGV. If INPUT is not NULL it will be
* fed to stdin of the process. stderr is logged using log_info and
@@ -321,7 +324,7 @@ gnupg_exec_tool_stream (const char *pgmname, const char *argv[],
void *status_cb_value)
{
gpg_error_t err;
- pid_t pid = (pid_t) -1;
+ gnupg_process_t proc = NULL;
estream_t infp = NULL;
estream_t extrafp = NULL;
estream_t outfp = NULL, errfp = NULL;
@@ -335,7 +338,6 @@ gnupg_exec_tool_stream (const char *pgmname, const char *argv[],
read_and_log_buffer_t fderrstate;
struct copy_buffer *cpbuf_in = NULL, *cpbuf_out = NULL, *cpbuf_extra = NULL;
int quiet = 0;
- int dummy_exitcode;
memset (fds, 0, sizeof fds);
memset (&fderrstate, 0, sizeof fderrstate);
@@ -411,10 +413,15 @@ gnupg_exec_tool_stream (const char *pgmname, const char *argv[],
else
exceptclose[0] = -1;
- err = gnupg_spawn_process (pgmname, argv,
- exceptclose, GNUPG_SPAWN_NONBLOCK,
- input? &infp : NULL,
- &outfp, &errfp, &pid);
+ err = gnupg_process_spawn (pgmname, argv,
+ ((input
+ ? GNUPG_PROCESS_STDIN_PIPE
+ : 0)
+ | GNUPG_PROCESS_STDOUT_PIPE
+ | GNUPG_PROCESS_STDERR_PIPE),
+ gnupg_spawn_helper, exceptclose, &proc);
+ gnupg_process_get_streams (proc, GNUPG_PROCESS_STREAM_NONBLOCK,
+ input? &infp : NULL, &outfp, &errfp);
if (extrapipe[0] != -1)
close (extrapipe[0]);
if (argsave)
@@ -546,20 +553,25 @@ gnupg_exec_tool_stream (const char *pgmname, const char *argv[],
es_fclose (outfp); outfp = NULL;
es_fclose (errfp); errfp = NULL;
- err = gnupg_wait_process (pgmname, pid, 1, quiet? &dummy_exitcode : NULL);
- pid = (pid_t)(-1);
+ err = gnupg_process_wait (proc, 1);
+ if (!err)
+ { /* To be compatible to old wait_process. */
+ int status;
+
+ gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &status);
+ if (status)
+ err = gpg_error (GPG_ERR_GENERAL);
+ }
leave:
- if (err && pid != (pid_t) -1)
- gnupg_kill_process (pid);
+ if (err && proc)
+ gnupg_process_terminate (proc);
es_fclose (infp);
es_fclose (extrafp);
es_fclose (outfp);
es_fclose (errfp);
- if (pid != (pid_t)(-1))
- gnupg_wait_process (pgmname, pid, 1, quiet? &dummy_exitcode : NULL);
- gnupg_release_process (pid);
+ gnupg_process_release (proc);
copy_buffer_shred (cpbuf_in);
xfree (cpbuf_in);
diff --git a/common/get-passphrase.c b/common/get-passphrase.c
index c24b40e88..8ea822710 100644
--- a/common/get-passphrase.c
+++ b/common/get-passphrase.c
@@ -94,7 +94,8 @@ start_agent (void)
agentargs.lc_ctype,
agentargs.lc_messages,
agentargs.session_env,
- 1, agentargs.verbosity, 0, NULL, NULL);
+ ASSHELP_FLAG_AUTOSTART,
+ agentargs.verbosity, 0, NULL, NULL);
if (!err)
{
/* Tell the agent that we support Pinentry notifications. No
diff --git a/common/init.c b/common/init.c
index 62a48f8c7..8ea51c8b0 100644
--- a/common/init.c
+++ b/common/init.c
@@ -37,6 +37,7 @@
# include <winsock2.h>
# endif
# include <windows.h>
+# include <wctype.h>
#endif
#include <gcrypt.h>
diff --git a/common/iobuf.c b/common/iobuf.c
index 748e6935d..e46eeac95 100644
--- a/common/iobuf.c
+++ b/common/iobuf.c
@@ -166,7 +166,8 @@ block_filter_ctx_t;
/* Local prototypes. */
static int underflow (iobuf_t a, int clear_pending_eof);
static int underflow_target (iobuf_t a, int clear_pending_eof, size_t target);
-static int translate_file_handle (int fd, int for_write);
+static iobuf_t do_iobuf_fdopen (gnupg_fd_t fp, const char *mode, int keep_open);
+
/* Sends any pending data to the filter's FILTER function. Note: this
works on the filter and not on the whole pipeline. That is,
@@ -389,7 +390,7 @@ fd_cache_close (const char *fname, gnupg_fd_t fp)
close (fp);
#endif
if (DBG_IOBUF)
- log_debug ("fd_cache_close (%d) real\n", (int)fp);
+ log_debug ("fd_cache_close (%d) real\n", FD_DBG (fp));
return;
}
/* try to reuse a slot */
@@ -696,7 +697,7 @@ file_filter (void *opaque, int control, iobuf_t chain, byte * buf,
if (f != FD_FOR_STDIN && f != FD_FOR_STDOUT)
{
if (DBG_IOBUF)
- log_debug ("%s: close fd/handle %d\n", a->fname, FD2INT (f));
+ log_debug ("%s: close fd/handle %d\n", a->fname, FD_DBG (f));
if (!a->keep_open)
fd_cache_close (a->no_cache ? NULL : a->fname, f);
}
@@ -1410,7 +1411,7 @@ iobuf_is_pipe_filename (const char *fname)
{
if (!fname || (*fname=='-' && !fname[1]) )
return 1;
- return check_special_filename (fname, 0, 1) != -1;
+ return gnupg_check_special_filename (fname) != GNUPG_INVALID_FD;
}
@@ -1423,7 +1424,7 @@ do_open (const char *fname, int special_filenames,
file_filter_ctx_t *fcx;
size_t len = 0;
int print_only = 0;
- int fd;
+ gnupg_fd_t fd;
byte desc[MAX_IOBUF_DESC];
log_assert (use == IOBUF_INPUT || use == IOBUF_OUTPUT);
@@ -1447,9 +1448,8 @@ do_open (const char *fname, int special_filenames,
else if (!fname)
return NULL;
else if (special_filenames
- && (fd = check_special_filename (fname, 0, 1)) != -1)
- return iobuf_fdopen (translate_file_handle (fd, use == IOBUF_INPUT ? 0 : 1),
- opentype);
+ && (fd = gnupg_check_special_filename (fname)) != GNUPG_INVALID_FD)
+ return do_iobuf_fdopen (fd, opentype, 0);
else
{
if (use == IOBUF_INPUT)
@@ -1472,7 +1472,8 @@ do_open (const char *fname, int special_filenames,
file_filter (fcx, IOBUFCTRL_INIT, NULL, NULL, &len);
if (DBG_IOBUF)
log_debug ("iobuf-%d.%d: open '%s' desc=%s fd=%d\n",
- a->no, a->subno, fname, iobuf_desc (a, desc), FD2INT (fcx->fp));
+ a->no, a->subno, fname, iobuf_desc (a, desc),
+ FD_DBG (fcx->fp));
return a;
}
@@ -1497,22 +1498,19 @@ iobuf_openrw (const char *fname)
static iobuf_t
-do_iobuf_fdopen (int fd, const char *mode, int keep_open)
+do_iobuf_fdopen (gnupg_fd_t fp, const char *mode, int keep_open)
{
iobuf_t a;
- gnupg_fd_t fp;
file_filter_ctx_t *fcx;
size_t len = 0;
- fp = INT2FD (fd);
-
a = iobuf_alloc (strchr (mode, 'w') ? IOBUF_OUTPUT : IOBUF_INPUT,
iobuf_buffer_size);
fcx = xmalloc (sizeof *fcx + 20);
fcx->fp = fp;
fcx->print_only_name = 1;
fcx->keep_open = keep_open;
- sprintf (fcx->fname, "[fd %d]", fd);
+ sprintf (fcx->fname, "[fd %d]", FD_DBG (fp));
a->filter = file_filter;
a->filter_ov = fcx;
file_filter (fcx, IOBUFCTRL_INIT, NULL, NULL, &len);
@@ -1525,15 +1523,15 @@ do_iobuf_fdopen (int fd, const char *mode, int keep_open)
iobuf_t
-iobuf_fdopen (int fd, const char *mode)
+iobuf_fdopen (gnupg_fd_t fp, const char *mode)
{
- return do_iobuf_fdopen (fd, mode, 0);
+ return do_iobuf_fdopen (fp, mode, 0);
}
iobuf_t
-iobuf_fdopen_nc (int fd, const char *mode)
+iobuf_fdopen_nc (gnupg_fd_t fp, const char *mode)
{
- return do_iobuf_fdopen (fd, mode, 1);
+ return do_iobuf_fdopen (fp, mode, 1);
}
@@ -1585,7 +1583,7 @@ iobuf_sockopen (int fd, const char *mode)
log_debug ("iobuf-%d.%d: sockopen '%s'\n", a->no, a->subno, scx->fname);
iobuf_ioctl (a, IOBUF_IOCTL_NO_CACHE, 1, NULL);
#else
- a = iobuf_fdopen (fd, mode);
+ a = do_iobuf_fdopen (fd, mode, 0);
#endif
return a;
}
@@ -2644,20 +2642,20 @@ iobuf_get_filelength (iobuf_t a)
}
-int
+gnupg_fd_t
iobuf_get_fd (iobuf_t a)
{
for (; a->chain; a = a->chain)
;
if (a->filter != file_filter)
- return -1;
+ return GNUPG_INVALID_FD;
{
file_filter_ctx_t *b = a->filter_ov;
gnupg_fd_t fp = b->fp;
- return FD2INT (fp);
+ return fp;
}
}
@@ -2948,36 +2946,6 @@ iobuf_read_line (iobuf_t a, byte ** addr_of_buffer,
return nbytes;
}
-static int
-translate_file_handle (int fd, int for_write)
-{
-#if defined(HAVE_W32_SYSTEM)
- {
- int x;
-
- (void)for_write;
-
- if (fd == 0)
- x = (int) GetStdHandle (STD_INPUT_HANDLE);
- else if (fd == 1)
- x = (int) GetStdHandle (STD_OUTPUT_HANDLE);
- else if (fd == 2)
- x = (int) GetStdHandle (STD_ERROR_HANDLE);
- else
- x = fd;
-
- if (x == -1)
- log_debug ("GetStdHandle(%d) failed: ec=%d\n",
- fd, (int) GetLastError ());
-
- fd = x;
- }
-#else
- (void)for_write;
-#endif
- return fd;
-}
-
void
iobuf_skip_rest (iobuf_t a, unsigned long n, int partial)
diff --git a/common/iobuf.h b/common/iobuf.h
index 04e6b4421..4354c718d 100644
--- a/common/iobuf.h
+++ b/common/iobuf.h
@@ -333,11 +333,11 @@ iobuf_t iobuf_openrw (const char *fname);
creates an input filter. Note: MODE must reflect the file
descriptors actual mode! When the filter is destroyed, the file
descriptor is closed. */
-iobuf_t iobuf_fdopen (int fd, const char *mode);
+iobuf_t iobuf_fdopen (gnupg_fd_t fd, const char *mode);
/* Like iobuf_fdopen, but doesn't close the file descriptor when the
filter is destroyed. */
-iobuf_t iobuf_fdopen_nc (int fd, const char *mode);
+iobuf_t iobuf_fdopen_nc (gnupg_fd_t fd, const char *mode);
/* Create a filter using an existing estream. If MODE contains the
letter 'w', creates an output filter. Otherwise, creates an input
@@ -590,7 +590,7 @@ uint64_t iobuf_get_filelength (iobuf_t a);
/* Return the file descriptor designating the underlying file. This
only works with file_filter based pipelines. */
-int iobuf_get_fd (iobuf_t a);
+gnupg_fd_t iobuf_get_fd (iobuf_t a);
/* Return the real filename, if available. This only supports
pipelines that end in file filters. Returns NULL if not
diff --git a/common/miscellaneous.c b/common/miscellaneous.c
index 1a090b1f5..28d3e7a2e 100644
--- a/common/miscellaneous.c
+++ b/common/miscellaneous.c
@@ -687,3 +687,53 @@ parse_compatibility_flags (const char *string, unsigned int *flagvar,
*flagvar |= result;
return 0;
}
+
+
+/* Convert STRING consisting of base64 characters into its binary
+ * representation and store the result in a newly allocated buffer at
+ * R_BUFFER with its length at R_BUFLEN. If TITLE is NULL a plain
+ * base64 decoding is done. If it is the empty string the decoder
+ * will skip everything until a "-----BEGIN " line has been seen,
+ * decoding then ends at a "----END " line. On failure the function
+ * returns an error code and sets R_BUFFER to NULL. If the decoded
+ * data has a length of 0 a dummy buffer will still be allocated and
+ * the length is set to 0. */
+gpg_error_t
+b64decode (const char *string, const char *title,
+ void **r_buffer, size_t *r_buflen)
+{
+ gpg_error_t err;
+ gpgrt_b64state_t state;
+ size_t nbytes;
+ char *buffer;
+
+ *r_buffer = NULL;
+ *r_buflen = 0;
+
+ buffer = xtrystrdup (string);
+ if (!buffer)
+ return gpg_error_from_syserror();
+
+ state = gpgrt_b64dec_start (title);
+ if (!state)
+ {
+ err = gpg_error_from_syserror ();
+ xfree (buffer);
+ return err;
+ }
+ err = gpgrt_b64dec_proc (state, buffer, strlen (buffer), &nbytes);
+ if (!err)
+ {
+ err = gpgrt_b64dec_finish (state);
+ state = NULL;
+ }
+ if (err)
+ xfree (buffer);
+ else
+ {
+ *r_buffer = buffer;
+ *r_buflen = nbytes;
+ }
+ gpgrt_b64dec_finish (state); /* Make sure it is released. */
+ return err;
+}
diff --git a/common/openpgpdefs.h b/common/openpgpdefs.h
index 180680bcc..d8672ac47 100644
--- a/common/openpgpdefs.h
+++ b/common/openpgpdefs.h
@@ -171,7 +171,12 @@ typedef enum
PUBKEY_ALGO_ECDSA = 19, /* RFC-6637 */
PUBKEY_ALGO_ELGAMAL = 20, /* Elgamal encrypt+sign (legacy). */
/* 21 reserved by OpenPGP. */
- PUBKEY_ALGO_EDDSA = 22, /* EdDSA (not yet assigned). */
+ PUBKEY_ALGO_EDDSA = 22, /* EdDSA. */
+ PUBKEY_ALGO_KY768_25519 = 29, /* Kyber768 + X25519 (aka ML-KEM-768) */
+ PUBKEY_ALGO_KY1024_448 = 30, /* Kyber1024 + X448 (aka ML-KEM-1024) */
+ PUBKEY_ALGO_DIL3_25519 = 35, /* Dilithium3 + Ed25519 (aka ML-DSA-65) */
+ PUBKEY_ALGO_DIL5_448 = 36, /* Dilithium5 + Ed448 (aka ML-DSA-87) */
+ PUBKEY_ALGO_SPHINX_SHA2 = 41, /* SPHINX+-simple-SHA2 (aka SLH-DSA-SHA2) */
PUBKEY_ALGO_PRIVATE10 = 110
}
pubkey_algo_t;
@@ -206,7 +211,7 @@ compress_algo_t;
#define OPENPGP_MAX_NPKEY 5 /* Maximum number of public key parameters. */
#define OPENPGP_MAX_NSKEY 7 /* Maximum number of secret key parameters. */
#define OPENPGP_MAX_NSIG 2 /* Maximum number of signature parameters. */
-#define OPENPGP_MAX_NENC 2 /* Maximum number of encryption parameters. */
+#define OPENPGP_MAX_NENC 4 /* Maximum number of encryption parameters. */
/* Decode an rfc4880 encoded S2K count. */
diff --git a/common/ssh-utils.c b/common/ssh-utils.c
index ab29558cf..d27e2e200 100644
--- a/common/ssh-utils.c
+++ b/common/ssh-utils.c
@@ -259,7 +259,7 @@ get_fingerprint (gcry_sexp_t key, int algo,
}
else
{
- struct b64state b64s;
+ gpgrt_b64state_t b64s;
estream_t stream;
char *p;
long int len;
@@ -273,15 +273,15 @@ get_fingerprint (gcry_sexp_t key, int algo,
goto leave;
}
- err = b64enc_start_es (&b64s, stream, "");
- if (err)
+ b64s = gpgrt_b64enc_start (stream, "");
+ if (!b64s)
{
es_fclose (stream);
goto leave;
}
- err = b64enc_write (&b64s,
- gcry_md_read (md, algo), gcry_md_get_algo_dlen (algo));
+ err = gpgrt_b64enc_write (b64s, gcry_md_read (md, algo),
+ gcry_md_get_algo_dlen (algo));
if (err)
{
es_fclose (stream);
@@ -289,7 +289,7 @@ get_fingerprint (gcry_sexp_t key, int algo,
}
/* Finish, get the length, and close the stream. */
- err = b64enc_finish (&b64s);
+ err = gpgrt_b64enc_finish (b64s);
len = es_ftell (stream);
es_fclose (stream);
if (err)
@@ -566,7 +566,7 @@ ssh_public_key_in_base64 (gcry_sexp_t key, estream_t stream,
const char *identifier = NULL;
void *blob = NULL;
size_t bloblen;
- struct b64state b64_state;
+ gpgrt_b64state_t b64_state;
algo = get_pk_algo_from_key (key);
if (algo == 0)
@@ -624,15 +624,15 @@ ssh_public_key_in_base64 (gcry_sexp_t key, estream_t stream,
es_fprintf (stream, "%s ", identifier);
- err = b64enc_start_es (&b64_state, stream, "");
- if (err)
+ b64_state = gpgrt_b64enc_start (stream, "");
+ if (!b64_state)
{
es_free (blob);
- return err;
+ return gpg_error_from_syserror ();
}
- err = b64enc_write (&b64_state, blob, bloblen);
- b64enc_finish (&b64_state);
+ err = gpgrt_b64enc_write (b64_state, blob, bloblen);
+ gpgrt_b64enc_finish (b64_state);
es_free (blob);
if (err)
return err;
diff --git a/common/sysutils.c b/common/sysutils.c
index 90627b7c8..6c7d616b9 100644
--- a/common/sysutils.c
+++ b/common/sysutils.c
@@ -559,17 +559,15 @@ translate_sys2libc_fd (gnupg_fd_t fd, int for_write)
}
/* This is the same as translate_sys2libc_fd but takes an integer
- which is assumed to be such an system handle. On WindowsCE the
- passed FD is a rendezvous ID and the function finishes the pipe
- creation. */
+ which is assumed to be such an system handle. */
int
translate_sys2libc_fd_int (int fd, int for_write)
{
#ifdef HAVE_W32_SYSTEM
if (fd <= 2)
- return fd; /* Do not do this for error, stdin, stdout, stderr. */
+ return fd; /* Do not do this for stdin, stdout, and stderr. */
- return translate_sys2libc_fd ((void*)fd, for_write);
+ return translate_sys2libc_fd ((void*)(intptr_t)fd, for_write);
#else
(void)for_write;
return fd;
@@ -577,6 +575,70 @@ translate_sys2libc_fd_int (int fd, int for_write)
}
+/*
+ * Parse the string representation of a file reference (file handle on
+ * Windows or file descriptor on POSIX) in FDSTR. The string
+ * representation may be either of folllowing:
+
+ * (1) 0, 1, or 2 which means stdin, stdout, and stderr, respectively.
+ * (2) Integer representation (by %d of printf).
+ * (3) Hex representation which starts as "0x".
+ *
+ * Then, fill R_SYSHD, according to the value of a file reference.
+ *
+ */
+gpg_error_t
+gnupg_parse_fdstr (const char *fdstr, es_syshd_t *r_syshd)
+{
+ int fd = -1;
+#ifdef HAVE_W32_SYSTEM
+ gnupg_fd_t hd;
+ char *endptr;
+ int base;
+
+ if (!strcmp (fdstr, "0"))
+ fd = 0;
+ else if (!strcmp (fdstr, "1"))
+ fd = 1;
+ else if (!strcmp (fdstr, "2"))
+ fd = 2;
+
+ if (fd >= 0)
+ {
+ r_syshd->type = ES_SYSHD_FD;
+ r_syshd->u.fd = fd;
+ return 0;
+ }
+
+ if (!strncmp (fdstr, "0x", 2))
+ {
+ base = 16;
+ fdstr += 2;
+ }
+ else
+ base = 10;
+
+ gpg_err_set_errno (0);
+#ifdef _WIN64
+ hd = (gnupg_fd_t)strtoll (fdstr, &endptr, base);
+#else
+ hd = (gnupg_fd_t)strtol (fdstr, &endptr, base);
+#endif
+ if (errno != 0 || endptr == fdstr || *endptr != '\0')
+ return gpg_error (GPG_ERR_INV_ARG);
+
+ r_syshd->type = ES_SYSHD_HANDLE;
+ r_syshd->u.handle = hd;
+ return 0;
+#else
+ fd = atoi (fdstr);
+ r_syshd->type = ES_SYSHD_FD;
+ r_syshd->u.fd = fd;
+ return 0;
+#endif
+}
+
+
/* Check whether FNAME has the form "-&nnnn", where N is a non-zero
* number. Returns this number or -1 if it is not the case. If the
* caller wants to use the file descriptor for writing FOR_WRITE shall
@@ -594,13 +656,74 @@ check_special_filename (const char *fname, int for_write, int notranslate)
for (i=0; digitp (fname+i); i++ )
;
if (!fname[i])
- return notranslate? atoi (fname)
- /**/ : translate_sys2libc_fd_int (atoi (fname), for_write);
+ {
+ if (notranslate)
+ return atoi (fname);
+ else
+ {
+ es_syshd_t syshd;
+
+ if (gnupg_parse_fdstr (fname, &syshd))
+ return -1;
+
+#ifdef HAVE_W32_SYSTEM
+ if (syshd.type == ES_SYSHD_FD)
+ return syshd.u.fd;
+ else
+ return translate_sys2libc_fd ((gnupg_fd_t)syshd.u.handle, for_write);
+#else
+ (void)for_write;
+ return syshd.u.fd;
+#endif
+ }
+ }
}
return -1;
}
+/* Check whether FNAME has the form "-&nnnn", where N is a number
+ * representing a file. Returns GNUPG_INVALID_FD if it is not the
+ * case. Returns a file descriptor on POSIX, a system handle on
+ * Windows. */
+gnupg_fd_t
+gnupg_check_special_filename (const char *fname)
+{
+ if (allow_special_filenames
+ && fname && *fname == '-' && fname[1] == '&')
+ {
+ int i;
+
+ fname += 2;
+ for (i=0; digitp (fname+i); i++ )
+ ;
+ if (!fname[i])
+ {
+ es_syshd_t syshd;
+
+ if (gnupg_parse_fdstr (fname, &syshd))
+ return GNUPG_INVALID_FD;
+
+#ifdef HAVE_W32_SYSTEM
+ if (syshd.type == ES_SYSHD_FD)
+ {
+ if (syshd.u.fd == 0)
+ return GetStdHandle (STD_INPUT_HANDLE);
+ else if (syshd.u.fd == 1)
+ return GetStdHandle (STD_OUTPUT_HANDLE);
+ else if (syshd.u.fd == 2)
+ return GetStdHandle (STD_ERROR_HANDLE);
+ }
+ else
+ return syshd.u.handle;
+#else
+ return syshd.u.fd;
+#endif
+ }
+ }
+ return GNUPG_INVALID_FD;
+}
+
/* Replacement for tmpfile(). This is required because the tmpfile
function of Windows' runtime library is broken, insecure, ignores
TMPDIR and so on. In addition we create a file with an inheritable
@@ -1158,6 +1281,19 @@ gnupg_setenv (const char *name, const char *value, int overwrite)
return setenv (name, value, overwrite);
#else /*!HAVE_SETENV*/
if (! getenv (name) || overwrite)
+#if defined(HAVE_W32_SYSTEM) && defined(_CRT_SECURE_CPP_OVERLOAD_STANDARD_NAMES)
+ {
+ int e = _putenv_s (name, value);
+
+ if (e)
+ {
+ gpg_err_set_errno (e);
+ return -1;
+ }
+ else
+ return 0;
+ }
+#else
{
char *buf;
@@ -1175,6 +1311,7 @@ gnupg_setenv (const char *name, const char *value, int overwrite)
# endif
return putenv (buf);
}
+#endif /*!HAVE_W32_SYSTEM*/
return 0;
#endif /*!HAVE_SETENV*/
}
@@ -1199,6 +1336,18 @@ gnupg_unsetenv (const char *name)
#ifdef HAVE_UNSETENV
return unsetenv (name);
+#elif defined(HAVE_W32_SYSTEM) && defined(_CRT_SECURE_CPP_OVERLOAD_STANDARD_NAMES)
+ {
+ int e = _putenv_s (name, "");
+
+ if (e)
+ {
+ gpg_err_set_errno (e);
+ return -1;
+ }
+ else
+ return 0;
+ }
#else /*!HAVE_UNSETENV*/
{
char *buf;
@@ -1829,3 +1978,22 @@ gnupg_fd_valid (int fd)
close (d);
return 1;
}
+
+
+/* Open a stream from FD (a file descriptor on POSIX, a system
+ handle on Windows), non-closed. */
+estream_t
+open_stream_nc (gnupg_fd_t fd, const char *mode)
+{
+ es_syshd_t syshd;
+
+#ifdef HAVE_W32_SYSTEM
+ syshd.type = ES_SYSHD_HANDLE;
+ syshd.u.handle = fd;
+#else
+ syshd.type = ES_SYSHD_FD;
+ syshd.u.fd = fd;
+#endif
+
+ return es_sysopen_nc (&syshd, mode);
+}
diff --git a/common/sysutils.h b/common/sysutils.h
index a78a81c64..dac2d9244 100644
--- a/common/sysutils.h
+++ b/common/sysutils.h
@@ -38,12 +38,20 @@
typedef void *gnupg_fd_t;
#define GNUPG_INVALID_FD ((void*)(-1))
#define INT2FD(s) ((void *)(s))
-#define FD2INT(h) ((unsigned int)(h))
+# ifdef _WIN64
+# define FD2INT(h) ((intptr_t)(h))
+# else
+# define FD2INT(h) ((unsigned int)(h))
+# endif
+#define FD_DBG(h) ((int)(intptr_t)(h))
+#define FD2NUM(h) ((int)(intptr_t)(h))
#else
typedef int gnupg_fd_t;
#define GNUPG_INVALID_FD (-1)
#define INT2FD(s) (s)
#define FD2INT(h) (h)
+#define FD_DBG(h) (h)
+#define FD2NUM(h) (h)
#endif
#ifdef HAVE_STAT
@@ -74,7 +82,9 @@ void gnupg_sleep (unsigned int seconds);
void gnupg_usleep (unsigned int usecs);
int translate_sys2libc_fd (gnupg_fd_t fd, int for_write);
int translate_sys2libc_fd_int (int fd, int for_write);
+gpg_error_t gnupg_parse_fdstr (const char *fdstr, es_syshd_t *r_syshd);
int check_special_filename (const char *fname, int for_write, int notranslate);
+gnupg_fd_t gnupg_check_special_filename (const char *fname);
FILE *gnupg_tmpfile (void);
void gnupg_reopen_std (const char *pgmname);
void gnupg_inhibit_set_foregound_window (int yes);
@@ -108,6 +118,7 @@ gpg_error_t gnupg_inotify_watch_delete_self (int *r_fd, const char *fname);
gpg_error_t gnupg_inotify_watch_socket (int *r_fd, const char *socket_name);
int gnupg_inotify_has_name (int fd, const char *name);
+estream_t open_stream_nc (gnupg_fd_t fd, const char *mode);
#ifdef HAVE_W32_SYSTEM
int gnupg_w32_set_errno (int ec);
diff --git a/common/t-b64.c b/common/t-b64.c
deleted file mode 100644
index 16c079d1d..000000000
--- a/common/t-b64.c
+++ /dev/null
@@ -1,283 +0,0 @@
-/* t-b64.c - Module tests for b64enc.c and b64dec.c
- * Copyright (C) 2008 Free Software Foundation, Inc.
- * Copyright (C) 2008, 2023 g10 Code GmbH
- *
- * This file is part of GnuPG.
- *
- * This file is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This file is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, see <https://www.gnu.org/licenses/>.
- * SPDX-License-Identifier: LGPL-2.1-or-later
- */
-
-#include <config.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "util.h"
-
-#define pass() do { ; } while(0)
-#define fail(a) do { fprintf (stderr, "%s:%d: test %d failed\n",\
- __FILE__,__LINE__, (a)); \
- errcount++; \
- } while(0)
-#define oops() do { fprintf (stderr, "%s:%d: ooops\n", \
- __FILE__,__LINE__); \
- exit (2); \
- } while(0)
-
-static int verbose;
-static int errcount;
-
-
-/* Convert STRING consisting of hex characters into its binary
- * representation and return it as an allocated buffer. The valid
- * length of the buffer is returned at R_LENGTH. The string is
- * delimited by end of string. The function returns NULL on
- * error. */
-static void *
-hex2buffer (const char *string, size_t *r_length)
-{
- const char *s;
- unsigned char *buffer;
- size_t length;
-
- buffer = xmalloc (strlen(string)/2+1);
- length = 0;
- for (s=string; *s; s +=2 )
- {
- if (!hexdigitp (s) || !hexdigitp (s+1))
- return NULL; /* Invalid hex digits. */
- ((unsigned char*)buffer)[length++] = xtoi_2 (s);
- }
- *r_length = length;
- return buffer;
-}
-
-
-static void
-test_b64decode (void)
-{
- static struct {
- const char *string; /* String to test. */
- const char *title; /* title parameter. */
- gpg_error_t err; /* expected error. */
- const char *datastr; /* Expected data (hex encoded) */
- } tests[] = {
- { "YQ==", NULL, 0,
- "61" },
- { "YWE==", NULL, 0,
- "6161" },
- { "YWFh", NULL, 0,
- "616161" },
- { "YWFhYQ==", NULL, 0,
- "61616161" },
- { "YWJjZA==", NULL, 0,
- "61626364" },
- { "AA=", NULL, 0,
- "00" },
- { "AAEA=", NULL, 0,
- "000100" },
- { "/w==", NULL, 0,
- "ff" },
- { "oRQwEqADCgEDoQsGCSqGSIL3EgECAg==", NULL, 0,
- "a1143012a0030a0103a10b06092a864882f712010202" },
- { "oRQwEqADCgEDoQsGCSqGSIL3EgECA-==", NULL, GPG_ERR_BAD_DATA,
- "a1143012a0030a0103a10b06092a864882f712010202" },
- { "oRQwEqADCgEDoQsGCSqGSIL3EgECAg==", "", 0,
- "" },
- { "-----BEGIN PGP\n\n"
- "oRQwEqADCgEDoQsGCSqGSIL3EgECAg==\n"
- "-----END PGP\n", "", 0,
- "a1143012a0030a0103a10b06092a864882f712010202" },
-
- { "", NULL, 0,
- "" }
- };
- int tidx;
- gpg_error_t err;
- void *data = NULL;
- size_t datalen;
- char *wantdata = NULL;
- size_t wantdatalen;
-
- for (tidx = 0; tidx < DIM(tests); tidx++)
- {
- xfree (wantdata);
- if (!(wantdata = hex2buffer (tests[tidx].datastr, &wantdatalen)))
- oops ();
- xfree (data);
- err = b64decode (tests[tidx].string, tests[tidx].title, &data, &datalen);
- if (verbose)
- fprintf (stderr, "%s:%d: test %d, err=%d, datalen=%zu\n",
- __FILE__, __LINE__, tidx, err, datalen);
- if (gpg_err_code (err) != tests[tidx].err)
- fail (tidx);
- else if (err)
- pass ();
- else if (wantdatalen != datalen)
- fail (tidx);
- else if (memcmp (wantdata, data, datalen))
- fail (tidx);
- else
- pass ();
- }
- xfree (wantdata);
- xfree (data);
-}
-
-
-static void
-test_b64enc_pgp (const char *string)
-{
- gpg_error_t err;
- struct b64state state;
-
- if (!string)
- string = "a";
-
- err = b64enc_start (&state, stdout, "PGP MESSAGE");
- if (err)
- fail (1);
-
- err = b64enc_write (&state, string, strlen (string));
- if (err)
- fail (2);
-
- err = b64enc_finish (&state);
- if (err)
- fail (3);
-
- pass ();
-}
-
-
-static void
-test_b64enc_file (const char *fname)
-{
- gpg_error_t err;
- struct b64state state;
- FILE *fp;
- char buffer[50];
- size_t nread;
-
- fp = fname ? fopen (fname, "r") : stdin;
- if (!fp)
- {
- fprintf (stderr, "%s:%d: can't open '%s': %s\n",
- __FILE__, __LINE__, fname? fname:"[stdin]", strerror (errno));
- fail (0);
- }
-
- err = b64enc_start (&state, stdout, "DATA");
- if (err)
- fail (1);
-
- while ( (nread = fread (buffer, 1, sizeof buffer, fp)) )
- {
- err = b64enc_write (&state, buffer, nread);
- if (err)
- fail (2);
- }
-
- err = b64enc_finish (&state);
- if (err)
- fail (3);
-
- fclose (fp);
- pass ();
-}
-
-
-static void
-test_b64dec_file (const char *fname)
-{
- gpg_error_t err;
- struct b64state state;
- FILE *fp;
- char buffer[50];
- size_t nread, nbytes;
-
- fp = fname ? fopen (fname, "r") : stdin;
- if (!fp)
- {
- fprintf (stderr, "%s:%d: can't open '%s': %s\n",
- __FILE__, __LINE__, fname? fname:"[stdin]", strerror (errno));
- fail (0);
- }
-
- err = b64dec_start (&state, "");
- if (err)
- fail (1);
-
- while ( (nread = fread (buffer, 1, sizeof buffer, fp)) )
- {
- err = b64dec_proc (&state, buffer, nread, &nbytes);
- if (err)
- {
- if (gpg_err_code (err) == GPG_ERR_EOF)
- break;
- fail (2);
- }
- else if (nbytes)
- fwrite (buffer, 1, nbytes, stdout);
- }
-
- err = b64dec_finish (&state);
- if (err)
- fail (3);
-
- fclose (fp);
- pass ();
-}
-
-
-
-int
-main (int argc, char **argv)
-{
- int do_encode = 0;
- int do_decode = 0;
- int do_pgpdecode = 0;
-
- if (argc)
- { argc--; argv++; }
- if (argc && !strcmp (argv[0], "--verbose"))
- {
- verbose = 1;
- argc--; argv++;
- }
-
- if (argc && !strcmp (argv[0], "--encode"))
- {
- do_encode = 1;
- argc--; argv++;
- }
- else if (argc && !strcmp (argv[0], "--decode"))
- {
- do_decode = 1;
- argc--; argv++;
- }
- else if (argc)
- do_pgpdecode = 1;
-
- if (do_encode)
- test_b64enc_file (argc? *argv: NULL);
- else if (do_decode)
- test_b64dec_file (argc? *argv: NULL);
- else if (do_pgpdecode)
- test_b64enc_pgp (argc? *argv: NULL);
- else
- test_b64decode ();
-
- return !!errcount;
-}
diff --git a/common/t-exechelp.c b/common/t-exechelp.c
index 3bf082bbb..2179ef2a0 100644
--- a/common/t-exechelp.c
+++ b/common/t-exechelp.c
@@ -29,7 +29,7 @@
static int verbose;
-
+#ifndef HAVE_W32_SYSTEM
static void
print_open_fds (int *array)
{
@@ -169,20 +169,168 @@ test_close_all_fds (void)
}
}
+#endif
+
+static char buff12k[1024*12];
+static char buff4k[1024*4];
+
+static void
+run_server (void)
+{
+ estream_t fp;
+ int i;
+ char *p;
+ unsigned int len;
+ int ret;
+ es_syshd_t syshd;
+ size_t n;
+ off_t o;
+
+#ifdef HAVE_W32_SYSTEM
+ syshd.type = ES_SYSHD_HANDLE;
+ syshd.u.handle = (HANDLE)_get_osfhandle (1);
+#else
+ syshd.type = ES_SYSHD_FD;
+ syshd.u.fd = 1;
+#endif
+
+ fp = es_sysopen_nc (&syshd, "w");
+ if (fp == NULL)
+ {
+ fprintf (stderr, "es_fdopen failed\n");
+ exit (1);
+ }
+
+ /* Fill the buffer by ASCII chars. */
+ p = buff12k;
+ for (i = 0; i < sizeof (buff12k); i++)
+ if ((i % 64) == 63)
+ *p++ = '\n';
+ else
+ *p++ = (i % 64) + '@';
+
+ len = sizeof (buff12k);
+
+ ret = es_write (fp, (void *)&len, sizeof (len), NULL);
+ if (ret)
+ {
+ fprintf (stderr, "es_write (1) failed\n");
+ exit (1);
+ }
+
+ es_fflush (fp);
+
+ o = 0;
+ n = len;
+
+ while (1)
+ {
+ size_t n0, n1;
+
+ n0 = n > 4096 ? 4096 : n;
+ memcpy (buff4k, buff12k + o, n0);
+
+ ret = es_write (fp, buff4k, n0, &n1);
+ if (ret || n0 != n1)
+ {
+ fprintf (stderr, "es_write (2) failed\n");
+ exit (1);
+ }
+
+ o += n0;
+ n -= n0;
+ if (n == 0)
+ break;
+ }
+
+ es_fclose (fp);
+ exit (0);
+}
+
+
+static void
+test_pipe_stream (const char *pgmname)
+{
+ gpg_error_t err;
+ gnupg_process_t proc;
+ estream_t outfp;
+ const char *argv[2];
+ unsigned int len;
+ size_t n;
+ off_t o;
+ int ret;
+
+ argv[0] = "--server";
+ argv[1] = NULL;
+
+ err = gnupg_process_spawn (pgmname, argv,
+ (GNUPG_PROCESS_STDOUT_PIPE
+ |GNUPG_PROCESS_STDERR_KEEP),
+ NULL, NULL, &proc);
+ if (err)
+ {
+ fprintf (stderr, "gnupg_process_spawn failed\n");
+ exit (1);
+ }
+
+ gnupg_process_get_streams (proc, 0, NULL, &outfp, NULL);
+
+ ret = es_read (outfp, (void *)&len, sizeof (len), NULL);
+ if (ret)
+ {
+ fprintf (stderr, "es_read (1) failed\n");
+ exit (1);
+ }
+
+ o = 0;
+ while (1)
+ {
+ if (es_feof (outfp))
+ break;
+
+ ret = es_read (outfp, buff4k, sizeof (buff4k), &n);
+ if (ret)
+ {
+ fprintf (stderr, "es_read (2) failed\n");
+ exit (1);
+ }
+
+ memcpy (buff12k + o, buff4k, n);
+ o += n;
+ }
+
+ if (o != sizeof (buff12k))
+ {
+ fprintf (stderr, "received data with wrong length %d\n", (int)o);
+ exit (1);
+ }
+ es_fclose (outfp);
+ gnupg_process_release (proc);
+}
int
main (int argc, char **argv)
{
+ const char *myname = "no-pgm";
+
if (argc)
- { argc--; argv++; }
+ {
+ myname = argv[0];
+ argc--; argv++;
+ }
if (argc && !strcmp (argv[0], "--verbose"))
{
verbose = 1;
argc--; argv++;
}
+ if (argc && !strcmp (argv[0], "--server"))
+ run_server ();
+#ifndef HAVE_W32_SYSTEM
test_close_all_fds ();
+#endif
+ test_pipe_stream (myname);
return 0;
}
diff --git a/common/t-iobuf.c b/common/t-iobuf.c
index bdeab99a4..aacf27a8b 100644
--- a/common/t-iobuf.c
+++ b/common/t-iobuf.c
@@ -1,3 +1,36 @@
+/* t-iobuf.c - Simple module test for iobuf.c
+ * Copyright (C) 2015 g10 Code GmbH
+ *
+ * This file is part of GnuPG.
+ *
+ * This file is free software; you can redistribute it and/or modify
+ * it under the terms of either
+ *
+ * - the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 3 of the License, or (at
+ * your option) any later version.
+ *
+ * or
+ *
+ * - the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * or both in parallel, as here.
+ *
+ * This file is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <https://www.gnu.org/licenses/>.
+ * SPDX-License-Identifier: (LGPL-3.0-or-later OR GPL-2.0-or-later)
+ */
+
+/* The whole code here does not very fill into our general test frame
+ * work patter. But let's keep it as it is. */
+
#include <config.h>
#include <stdio.h>
#include <string.h>
@@ -7,6 +40,20 @@
#include "iobuf.h"
#include "stringhelp.h"
+
+static void *
+xmalloc (size_t n)
+{
+ void *p = malloc (n);
+ if (!p)
+ {
+ fprintf (stderr, "t-iobuf: out of core\n");
+ abort ();
+ }
+ return p;
+}
+
+
/* Return every other byte. In particular, reads two bytes, returns
the second one. */
static int
@@ -86,7 +133,7 @@ static struct content_filter_state *
content_filter_new (const char *buffer)
{
struct content_filter_state *state
- = malloc (sizeof (struct content_filter_state));
+ = xmalloc (sizeof (struct content_filter_state));
state->pos = 0;
state->len = strlen (buffer);
@@ -215,8 +262,7 @@ main (int argc, char *argv[])
allocate a buffer that is 5 bytes long, then no reallocation
should be required. */
size = 5;
- buffer = malloc (size);
- assert (buffer);
+ buffer = xmalloc (size);
max_len = 100;
n = iobuf_read_line (iobuf, &buffer, &size, &max_len);
assert (n == 4);
@@ -229,7 +275,7 @@ main (int argc, char *argv[])
requires 6 bytes of storage. We pass a buffer that is 5 bytes
large and we allow the buffer to be grown. */
size = 5;
- buffer = malloc (size);
+ buffer = xmalloc (size);
max_len = 100;
n = iobuf_read_line (iobuf, &buffer, &size, &max_len);
assert (n == 5);
@@ -243,7 +289,7 @@ main (int argc, char *argv[])
requires 7 bytes of storage. We pass a buffer that is 5 bytes
large and we don't allow the buffer to be grown. */
size = 5;
- buffer = malloc (size);
+ buffer = xmalloc (size);
max_len = 5;
n = iobuf_read_line (iobuf, &buffer, &size, &max_len);
assert (n == 4);
diff --git a/common/util.h b/common/util.h
index 803ab3d5c..e2d95b1af 100644
--- a/common/util.h
+++ b/common/util.h
@@ -149,36 +149,6 @@ ssize_t read_line (FILE *fp,
size_t *max_length);
-/*-- b64enc.c and b64dec.c --*/
-struct b64state
-{
- unsigned int flags;
- int idx;
- int quad_count;
- FILE *fp;
- estream_t stream;
- char *title;
- unsigned char radbuf[4];
- u32 crc;
- int stop_seen:1;
- int invalid_encoding:1;
- gpg_error_t lasterr;
-};
-
-gpg_error_t b64enc_start (struct b64state *state, FILE *fp, const char *title);
-gpg_error_t b64enc_start_es (struct b64state *state, estream_t fp,
- const char *title);
-gpg_error_t b64enc_write (struct b64state *state,
- const void *buffer, size_t nbytes);
-gpg_error_t b64enc_finish (struct b64state *state);
-
-gpg_error_t b64dec_start (struct b64state *state, const char *title);
-gpg_error_t b64dec_proc (struct b64state *state, void *buffer, size_t length,
- size_t *r_nbytes);
-gpg_error_t b64dec_finish (struct b64state *state);
-gpg_error_t b64decode (const char *string, const char *title,
- void **r_buffer, size_t *r_buflen);
-
/*-- sexputil.c */
char *canon_sexp_to_string (const unsigned char *canon, size_t canonlen);
void log_printcanon (const char *text,
@@ -388,6 +358,10 @@ struct compatibility_flags_s
int parse_compatibility_flags (const char *string, unsigned int *flagvar,
const struct compatibility_flags_s *flags);
+gpg_error_t b64decode (const char *string, const char *title,
+ void **r_buffer, size_t *r_buflen);
+
+
/*-- Simple replacement functions. */
diff --git a/configure.ac b/configure.ac
index db5f89947..0dfbe6193 100644
--- a/configure.ac
+++ b/configure.ac
@@ -28,8 +28,8 @@ min_automake_version="1.16.3"
# another commit and push so that the git magic is able to work.
m4_define([mym4_package],[gnupg])
m4_define([mym4_major], [2])
-m4_define([mym4_minor], [4])
-m4_define([mym4_micro], [6])
+m4_define([mym4_minor], [5])
+m4_define([mym4_micro], [0])
# To start a new development series, i.e a new major or minor number
# you need to mark an arbitrary commit before the first beta release
@@ -53,15 +53,15 @@ AC_INIT([mym4_package],[mym4_version],[https://bugs.gnupg.org])
# When changing the SWDB tag please also adjust the hard coded tags in
# build-aux/speedo.mk, build-aux/getswdb.sh, and Makefile.am
# As well as the source info for the man pages.
-AC_DEFINE_UNQUOTED(GNUPG_SWDB_TAG, "gnupg24", [swdb tag for this branch])
+AC_DEFINE_UNQUOTED(GNUPG_SWDB_TAG, "gnupg26", [swdb tag for this branch])
NEED_GPGRT_VERSION=1.46
NEED_LIBGCRYPT_API=1
NEED_LIBGCRYPT_VERSION=1.9.1
-NEED_LIBASSUAN_API=2
-NEED_LIBASSUAN_VERSION=2.5.0
+NEED_LIBASSUAN_API=3
+NEED_LIBASSUAN_VERSION=3.0.0
NEED_KSBA_API=1
NEED_KSBA_VERSION=1.6.3
@@ -1385,6 +1385,8 @@ AC_CHECK_SIZEOF(time_t,,[[
]])
GNUPG_TIME_T_UNSIGNED
+# Check SOCKET type for Windows.
+AC_CHECK_TYPES([SOCKET], [], [], [[#include "winsock2.h"]])
if test "$ac_cv_sizeof_unsigned_short" = "0" \
|| test "$ac_cv_sizeof_unsigned_int" = "0" \
diff --git a/dirmngr/certcache.c b/dirmngr/certcache.c
index 6b194f31c..b7b5b3d15 100644
--- a/dirmngr/certcache.c
+++ b/dirmngr/certcache.c
@@ -100,7 +100,8 @@ static unsigned int any_cert_of_class;
#ifdef HAVE_W32_SYSTEM
-/* We load some functions dynamically. Provide typedefs for tehse
+#include <wincrypt.h>
+/* We load some functions dynamically. Provide typedefs for these
* functions. */
typedef HCERTSTORE (WINAPI *CERTOPENSYSTEMSTORE)
(HCRYPTPROV hProv, LPCSTR szSubsystemProtocol);
diff --git a/dirmngr/crlfetch.c b/dirmngr/crlfetch.c
index 5b6b648e2..620edf788 100644
--- a/dirmngr/crlfetch.c
+++ b/dirmngr/crlfetch.c
@@ -39,10 +39,10 @@
2008) we need a context in the reader callback. */
struct reader_cb_context_s
{
- estream_t fp; /* The stream used with the ksba reader. */
- int checked:1; /* PEM/binary detection ahs been done. */
- int is_pem:1; /* The file stream is PEM encoded. */
- struct b64state b64state; /* The state used for Base64 decoding. */
+ estream_t fp; /* The stream used with the ksba reader. */
+ unsigned int checked:1; /* PEM/binary detection ahs been done. */
+ unsigned int is_pem:1; /* The file stream is PEM encoded. */
+ gpgrt_b64state_t b64state; /* The state used for Base64 decoding. */
};
@@ -126,14 +126,16 @@ my_es_read (void *opaque, char *buffer, size_t nbytes, size_t *nread)
else
{
cb_ctx->is_pem = 1;
- b64dec_start (&cb_ctx->b64state, "");
+ cb_ctx->b64state = gpgrt_b64dec_start ("");
+ if (!cb_ctx->b64state)
+ return gpg_error_from_syserror ();
}
}
if (cb_ctx->is_pem && *nread)
{
size_t nread2;
- if (b64dec_proc (&cb_ctx->b64state, buffer, *nread, &nread2))
+ if (gpgrt_b64dec_proc (cb_ctx->b64state, buffer, *nread, &nread2))
{
/* EOF from decoder. */
*nread = 0;
@@ -581,7 +583,7 @@ crl_close_reader (ksba_reader_t reader)
es_fclose (cb_ctx->fp);
/* Release the base64 decoder state. */
if (cb_ctx->is_pem)
- b64dec_finish (&cb_ctx->b64state);
+ gpgrt_b64dec_finish (cb_ctx->b64state);
/* Release the callback context. */
xfree (cb_ctx);
}
diff --git a/dirmngr/dirmngr-client.c b/dirmngr/dirmngr-client.c
index 3912bf47b..ece4fbcc9 100644
--- a/dirmngr/dirmngr-client.c
+++ b/dirmngr/dirmngr-client.c
@@ -308,7 +308,7 @@ main (int argc, char **argv )
opt.dirmngr_program
? opt.dirmngr_program
: gnupg_module_name (GNUPG_MODULE_NAME_DIRMNGR),
- ! cmd_ping,
+ cmd_ping? 0 : ASSHELP_FLAG_AUTOSTART,
opt.verbose,
0,
NULL, NULL);
@@ -441,11 +441,11 @@ static gpg_error_t
data_cb (void *opaque, const void *buffer, size_t length)
{
gpg_error_t err;
- struct b64state *state = opaque;
+ gpgrt_b64state_t state = opaque;
if (buffer)
{
- err = b64enc_write (state, buffer, length);
+ err = gpgrt_b64enc_write (state, buffer, length);
if (err)
log_error (_("error writing base64 encoding: %s\n"),
gpg_strerror (err));
@@ -853,14 +853,14 @@ do_lookup (assuan_context_t ctx, const char *pattern)
gpg_error_t err;
const unsigned char *s;
char *line, *p;
- struct b64state state;
+ gpgrt_b64state_t state;
if (opt.verbose)
log_info (_("looking up '%s'\n"), pattern);
- err = b64enc_start (&state, stdout, NULL);
- if (err)
- return err;
+ state = gpgrt_b64enc_start (es_stdout, NULL);
+ if (!state)
+ return gpg_error_from_syserror ();
line = xmalloc (10 + 6 + 13 + strlen (pattern)*3 + 1);
@@ -885,13 +885,13 @@ do_lookup (assuan_context_t ctx, const char *pattern)
err = assuan_transact (ctx, line,
- data_cb, &state,
+ data_cb, state,
NULL, NULL,
status_cb, NULL);
if (opt.verbose > 1)
log_info ("response of dirmngr: %s\n", err? gpg_strerror (err): "okay");
- err = b64enc_finish (&state);
+ err = gpgrt_b64enc_finish (state);
xfree (line);
return err;
diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
index f79a0f877..d58a27372 100644
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
@@ -394,6 +394,9 @@ static enum
} tor_mode;
+/* Flag indicating that we are in supervised mode. */
+static int is_supervised;
+
/* Counter for the active connections. */
static int active_connections;
@@ -450,9 +453,6 @@ static void handle_connections (assuan_fd_t listen_fd);
static void gpgconf_versions (void);
-/* NPth wrapper function definitions. */
-ASSUAN_SYSTEM_NPTH_IMPL;
-
static const char *
my_strusage( int level )
{
@@ -980,7 +980,6 @@ static void
thread_init (void)
{
npth_init ();
- assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
/* Now with NPth running we can set the logging callback. Our
@@ -1335,6 +1334,8 @@ main (int argc, char **argv)
if (!opt.quiet)
log_info(_("WARNING: \"%s\" is a deprecated option\n"), "--supervised");
+ is_supervised = 1;
+
/* In supervised mode, we expect file descriptor 3 to be an
already opened, listening socket.
@@ -2233,7 +2234,7 @@ check_nonce (assuan_fd_t fd, assuan_sock_nonce_t *nonce)
if (assuan_sock_check_nonce (fd, nonce))
{
log_info (_("error reading nonce on fd %d: %s\n"),
- FD2INT (fd), strerror (errno));
+ FD_DBG (fd), strerror (errno));
assuan_sock_close (fd);
return -1;
}
@@ -2267,7 +2268,7 @@ start_connection_thread (void *arg)
active_connections++;
if (opt.verbose)
- log_info (_("handler for fd %d started\n"), FD2INT (fd));
+ log_info (_("handler for fd %d started\n"), FD_DBG (fd));
session_id = ++last_session_id;
if (!session_id)
@@ -2275,7 +2276,7 @@ start_connection_thread (void *arg)
start_command_handler (fd, session_id);
if (opt.verbose)
- log_info (_("handler for fd %d terminated\n"), FD2INT (fd));
+ log_info (_("handler for fd %d terminated\n"), FD_DBG (fd));
active_connections--;
workqueue_run_post_session_tasks (session_id);
@@ -2378,7 +2379,7 @@ handle_connections (assuan_fd_t listen_fd)
to full second. */
FD_ZERO (&fdset);
FD_SET (FD2INT (listen_fd), &fdset);
- nfd = FD2INT (listen_fd);
+ nfd = FD2NUM (listen_fd);
if (my_inotify_fd != -1)
{
FD_SET (my_inotify_fd, &fdset);
@@ -2395,7 +2396,7 @@ handle_connections (assuan_fd_t listen_fd)
/* Shutdown test. */
if (shutdown_pending)
{
- if (!active_connections)
+ if (!active_connections || is_supervised)
break; /* ready */
/* Do not accept new connections but keep on running the
@@ -2479,8 +2480,8 @@ handle_connections (assuan_fd_t listen_fd)
gnupg_fd_t fd;
plen = sizeof paddr;
- fd = INT2FD (npth_accept (FD2INT(listen_fd),
- (struct sockaddr *)&paddr, &plen));
+ fd = assuan_sock_accept (listen_fd,
+ (struct sockaddr *)&paddr, &plen);
if (fd == GNUPG_INVALID_FD)
{
log_error ("accept failed: %s\n", strerror (errno));
@@ -2494,7 +2495,7 @@ handle_connections (assuan_fd_t listen_fd)
memset (&argval, 0, sizeof argval);
argval.afd = fd;
snprintf (threadname, sizeof threadname,
- "conn fd=%d", FD2INT(fd));
+ "conn fd=%d", FD_DBG (fd));
ret = npth_create (&thread, &tattr,
start_connection_thread, argval.aptr);
diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c
index 0edbc0442..270717215 100644
--- a/dirmngr/dns-stuff.c
+++ b/dirmngr/dns-stuff.c
@@ -34,6 +34,7 @@
# define WIN32_LEAN_AND_MEAN
# ifdef HAVE_WINSOCK2_H
# include <winsock2.h>
+# include <ws2tcpip.h>
# endif
# include <windows.h>
# include <iphlpapi.h>
diff --git a/dirmngr/http.c b/dirmngr/http.c
index e4c719348..6ae9029be 100644
--- a/dirmngr/http.c
+++ b/dirmngr/http.c
@@ -441,7 +441,7 @@ _my_socket_new (int lnr, assuan_fd_t fd)
so->refcount = 1;
if (opt_debug)
log_debug ("http.c:%d:socket_new: object %p for fd %d created\n",
- lnr, so, (int)so->fd);
+ lnr, so, FD_DBG (so->fd));
return so;
}
#define my_socket_new(a) _my_socket_new (__LINE__, (a))
@@ -453,7 +453,7 @@ _my_socket_ref (int lnr, my_socket_t so)
so->refcount++;
if (opt_debug > 1)
log_debug ("http.c:%d:socket_ref: object %p for fd %d refcount now %d\n",
- lnr, so, (int)so->fd, so->refcount);
+ lnr, so, FD_DBG (so->fd), so->refcount);
return so;
}
#define my_socket_ref(a) _my_socket_ref (__LINE__,(a))
@@ -471,7 +471,7 @@ _my_socket_unref (int lnr, my_socket_t so,
so->refcount--;
if (opt_debug > 1)
log_debug ("http.c:%d:socket_unref: object %p for fd %d ref now %d\n",
- lnr, so, (int)so->fd, so->refcount);
+ lnr, so, FD_DBG (so->fd), so->refcount);
if (!so->refcount)
{
@@ -2200,7 +2200,7 @@ run_ntbtls_handshake (http_t hd)
/* Until we support send/recv in estream under Windows we need
* to use es_fopencookie. */
# ifdef HAVE_W32_SYSTEM
- in = es_fopencookie ((void*)(unsigned int)hd->sock->fd, "rb",
+ in = es_fopencookie (hd->sock->fd, "rb",
simple_cookie_functions);
# else
in = es_fdopen_nc (hd->sock->fd, "rb");
@@ -2212,7 +2212,7 @@ run_ntbtls_handshake (http_t hd)
}
# ifdef HAVE_W32_SYSTEM
- out = es_fopencookie ((void*)(unsigned int)hd->sock->fd, "wb",
+ out = es_fopencookie (hd->sock->fd, "wb",
simple_cookie_functions);
# else
out = es_fdopen_nc (hd->sock->fd, "wb");
@@ -3571,7 +3571,7 @@ connect_with_timeout (assuan_fd_t sock,
tval.tv_sec = timeout / 1000;
tval.tv_usec = (timeout % 1000) * 1000;
- n = my_select (FD2INT(sock)+1, &rset, &wset, NULL, &tval);
+ n = my_select (FD2NUM(sock)+1, &rset, &wset, NULL, &tval);
if (n < 0)
{
err = gpg_err_make (default_errsource, gpg_err_code_from_syserror ());
diff --git a/dirmngr/ks-action.c b/dirmngr/ks-action.c
index 002f1a7a5..2e04582a1 100644
--- a/dirmngr/ks-action.c
+++ b/dirmngr/ks-action.c
@@ -373,6 +373,8 @@ ks_action_get (ctrl_t ctrl, uri_item_t keyservers,
|| !strcmp (uri->parsed_uri->scheme, "ldaps")
|| !strcmp (uri->parsed_uri->scheme, "ldapi")
|| uri->parsed_uri->opaque);
+#else
+ (void)newer;
#endif
if (is_hkp_s || is_http_s || is_ldap)
@@ -590,6 +592,13 @@ ks_action_query (ctrl_t ctrl, const char *url, unsigned int ks_get_flags,
return err;
#else /* !USE_LDAP */
+ (void)ctrl;
+ (void)url;
+ (void)ks_get_flags;
+ (void)filter;
+ (void)attrs;
+ (void)newer;
+ (void)outfp;
return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
#endif
}
diff --git a/dirmngr/ks-engine-ldap.c b/dirmngr/ks-engine-ldap.c
index 749c0de09..688972a89 100644
--- a/dirmngr/ks-engine-ldap.c
+++ b/dirmngr/ks-engine-ldap.c
@@ -31,6 +31,8 @@
# define WINVER 0x0500 /* Same as in common/sysutils.c */
# endif
# include <winsock2.h>
+# include <winldap.h>
+# include <winber.h>
# include <sddl.h>
#endif
diff --git a/dirmngr/ldap-wrapper.c b/dirmngr/ldap-wrapper.c
index 23d514cf9..2ec944c72 100644
--- a/dirmngr/ldap-wrapper.c
+++ b/dirmngr/ldap-wrapper.c
@@ -87,7 +87,7 @@ struct wrapper_context_s
{
struct wrapper_context_s *next;
- pid_t pid; /* The pid of the wrapper process. */
+ gnupg_process_t proc;/* The wrapper process. */
int printable_pid; /* Helper to print diagnostics after the process has
* been cleaned up. */
estream_t fp; /* Connected with stdout of the ldap wrapper. */
@@ -170,10 +170,10 @@ read_buffer (ksba_reader_t reader, unsigned char *buffer, size_t count)
static void
destroy_wrapper (struct wrapper_context_s *ctx)
{
- if (ctx->pid != (pid_t)(-1))
+ if (ctx->proc)
{
- gnupg_kill_process (ctx->pid);
- gnupg_release_process (ctx->pid);
+ gnupg_process_terminate (ctx->proc);
+ gnupg_process_release (ctx->proc);
}
ksba_reader_release (ctx->reader);
SAFE_CLOSE (ctx->fp);
@@ -260,7 +260,7 @@ read_log_data (struct wrapper_context_s *ctx)
if (gpg_err_code (err) == GPG_ERR_EAGAIN)
return 0;
log_error (_("error reading log from ldap wrapper %d: %s\n"),
- (int)ctx->pid, gpg_strerror (err));
+ ctx->printable_pid, gpg_strerror (err));
}
print_log_line (ctx, NULL); /* Flush. */
SAFE_CLOSE (ctx->log_fp);
@@ -438,50 +438,44 @@ ldap_reaper_thread (void *dummy)
}
/* Check whether the process is still running. */
- if (ctx->pid != (pid_t)(-1))
+ if (ctx->proc)
{
- int status;
-
- err = gnupg_wait_process ("[dirmngr_ldap]", ctx->pid, 0,
- &status);
+ err = gnupg_process_wait (ctx->proc, 0);
if (!err)
{
+ int status;
+
+ gnupg_process_ctl (ctx->proc, GNUPG_PROCESS_GET_EXIT_ID,
+ &status);
if (DBG_EXTPROG)
- log_info (_("ldap wrapper %d ready"), (int)ctx->pid);
+ log_info (_("ldap wrapper %d ready"), ctx->printable_pid);
ctx->ready = 1;
- gnupg_release_process (ctx->pid);
- ctx->pid = (pid_t)(-1);
+ gnupg_process_release (ctx->proc);
+ ctx->proc = NULL;
any_action = 1;
- }
- else if (gpg_err_code (err) == GPG_ERR_GENERAL)
- {
+
if (status == 10)
log_info (_("ldap wrapper %d ready: timeout\n"),
- (int)ctx->pid);
+ ctx->printable_pid);
else
log_info (_("ldap wrapper %d ready: exitcode=%d\n"),
- (int)ctx->pid, status);
- ctx->ready = 1;
- gnupg_release_process (ctx->pid);
- ctx->pid = (pid_t)(-1);
- any_action = 1;
+ ctx->printable_pid, status);
}
else if (gpg_err_code (err) != GPG_ERR_TIMEOUT)
{
log_error (_("waiting for ldap wrapper %d failed: %s\n"),
- (int)ctx->pid, gpg_strerror (err));
+ ctx->printable_pid, gpg_strerror (err));
any_action = 1;
}
}
/* Check whether we should terminate the process. */
- if (ctx->pid != (pid_t)(-1)
- && ctx->stamp != (time_t)(-1) && ctx->stamp < exptime)
+ if (ctx->proc && ctx->stamp != (time_t)(-1) && ctx->stamp < exptime)
{
- gnupg_kill_process (ctx->pid);
+ gnupg_process_terminate (ctx->proc);
ctx->stamp = (time_t)(-1);
log_info (_("ldap wrapper %d stalled - killing\n"),
- (int)ctx->pid);
+ ctx->printable_pid);
/* We need to close the log stream because the cleanup
* loop waits for it. */
SAFE_CLOSE (ctx->log_fp);
@@ -496,10 +490,10 @@ ldap_reaper_thread (void *dummy)
{
log_debug ("ldap worker states:\n");
for (ctx = reaper_list; ctx; ctx = ctx->next)
- log_debug (" c=%p pid=%d/%d rdr=%p logfp=%p"
+ log_debug (" c=%p pid=%d rdr=%p logfp=%p"
" ctrl=%p/%d la=%lu rdy=%d\n",
ctx,
- (int)ctx->pid, (int)ctx->printable_pid,
+ ctx->printable_pid,
ctx->reader, ctx->log_fp,
ctx->ctrl, ctx->ctrl? ctx->ctrl->refcount:0,
(unsigned long)ctx->stamp, ctx->ready);
@@ -602,9 +596,9 @@ ldap_wrapper_release_context (ksba_reader_t reader)
if (ctx->reader == reader)
{
if (DBG_EXTPROG)
- log_debug ("releasing ldap worker c=%p pid=%d/%d rdr=%p"
+ log_debug ("releasing ldap worker c=%p pid=%d rdr=%p"
" ctrl=%p/%d\n", ctx,
- (int)ctx->pid, (int)ctx->printable_pid,
+ ctx->printable_pid,
ctx->reader,
ctx->ctrl, ctx->ctrl? ctx->ctrl->refcount:0);
@@ -639,8 +633,8 @@ ldap_wrapper_connection_cleanup (ctrl_t ctrl)
{
ctx->ctrl->refcount--;
ctx->ctrl = NULL;
- if (ctx->pid != (pid_t)(-1))
- gnupg_kill_process (ctx->pid);
+ if (ctx->proc)
+ gnupg_process_terminate (ctx->proc);
if (ctx->fp_err)
log_info ("%s: reading from ldap wrapper %d failed: %s\n",
__func__, ctx->printable_pid, gpg_strerror (ctx->fp_err));
@@ -798,7 +792,7 @@ gpg_error_t
ldap_wrapper (ctrl_t ctrl, ksba_reader_t *reader, const char *argv[])
{
gpg_error_t err;
- pid_t pid;
+ gnupg_process_t process;
struct wrapper_context_s *ctx;
int i;
int j;
@@ -854,19 +848,22 @@ ldap_wrapper (ctrl_t ctrl, ksba_reader_t *reader, const char *argv[])
return err;
}
- err = gnupg_spawn_process (pgmname, arg_list,
- NULL, GNUPG_SPAWN_NONBLOCK,
- NULL, &outfp, &errfp, &pid);
+ err = gnupg_process_spawn (pgmname, arg_list,
+ (GNUPG_PROCESS_STDOUT_PIPE
+ | GNUPG_PROCESS_STDERR_PIPE),
+ NULL, NULL, &process);
if (err)
{
- xfree (arg_list);
+ xfree (arg_list);
xfree (ctx);
log_error ("error running '%s': %s\n", pgmname, gpg_strerror (err));
return err;
}
+ gnupg_process_get_streams (process, GNUPG_PROCESS_STREAM_NONBLOCK,
+ NULL, &outfp, &errfp);
+ gnupg_process_ctl (process, GNUPG_PROCESS_GET_PROC_ID, &ctx->printable_pid);
- ctx->pid = pid;
- ctx->printable_pid = (int) pid;
+ ctx->proc = process;
ctx->fp = outfp;
ctx->log_fp = errfp;
ctx->ctrl = ctrl;
@@ -902,7 +899,7 @@ ldap_wrapper (ctrl_t ctrl, ksba_reader_t *reader, const char *argv[])
if (DBG_EXTPROG)
{
log_debug ("ldap wrapper %d started (%p, %s)",
- (int)ctx->pid, ctx->reader, pgmname);
+ ctx->printable_pid, ctx->reader, pgmname);
for (i=0; arg_list[i]; i++)
log_printf (" [%s]", arg_list[i]);
log_printf ("\n");
diff --git a/dirmngr/misc.c b/dirmngr/misc.c
index 9cedf911c..d1830237d 100644
--- a/dirmngr/misc.c
+++ b/dirmngr/misc.c
@@ -583,7 +583,7 @@ gpg_error_t
armor_data (char **r_string, const void *data, size_t datalen)
{
gpg_error_t err;
- struct b64state b64state;
+ gpgrt_b64state_t b64state;
estream_t fp;
long length;
char *buffer;
@@ -595,9 +595,15 @@ armor_data (char **r_string, const void *data, size_t datalen)
if (!fp)
return gpg_error_from_syserror ();
- if ((err=b64enc_start_es (&b64state, fp, "PGP PUBLIC KEY BLOCK"))
- || (err=b64enc_write (&b64state, data, datalen))
- || (err = b64enc_finish (&b64state)))
+ b64state = gpgrt_b64enc_start (fp, "PGP PUBLIC KEY BLOCK");
+ if (!b64state)
+ {
+ es_fclose (fp);
+ return gpg_error_from_syserror ();
+ }
+
+ if ((err = gpgrt_b64enc_write (b64state, data, datalen))
+ || (err = gpgrt_b64enc_finish (b64state)))
{
es_fclose (fp);
return err;
diff --git a/doc/DETAILS b/doc/DETAILS
index 29e39708b..583022113 100644
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -167,11 +167,12 @@ described here.
The value is quoted like a C string to avoid control characters
(the colon is quoted =\x3a=). For a "pub" record this field is
- not used on --fixed-list-mode. A UAT record puts the attribute
+ not used on --fixed-list-mode. A "uat" record puts the attribute
subpacket count here, a space, and then the total attribute
subpacket size. In gpgsm the issuer name comes here. The FPR and FP2
records store the fingerprints here. The fingerprint of a
- revocation key is stored here.
+ revocation key is also stored here. A "grp" records puts the
+ keygrip here.
*** Field 11 - Signature class
@@ -185,6 +186,9 @@ described here.
"rev" and "rvs" may be followed by a comma and a 2 digit hexnumber
with the revocation reason.
+ In a "grp" record the second keygrip for combined algorithms is
+ given here.
+
*** Field 12 - Key capabilities
The defined capabilities are:
@@ -243,7 +247,8 @@ described here.
*** Field 17 - Curve name
For pub, sub, sec, ssb, crt, and crs records this field is used
- for the ECC curve name.
+ for the ECC curve name. For combined algorithms the first and the
+ second algorithm name, delimited by a '+', are put here.
*** Field 18 - Compliance flags
diff --git a/doc/debugging.texi b/doc/debugging.texi
index 6639e184b..a389bdf50 100644
--- a/doc/debugging.texi
+++ b/doc/debugging.texi
@@ -91,7 +91,7 @@ should not occur but sometimes things go wrong), run it using
@item How to find the IP address of a keyserver
If a round robin URL of is used for a keyserver
-(e.g. subkeys.gnupg.org); it is not easy to see what server is actually
+(e.g., subkeys.gnupg.org); it is not easy to see what server is actually
used. Using the keyserver debug option as in
@smallexample
@@ -130,7 +130,7 @@ but Dirmngr's OCSP feature has not been enabled using
The far most common reason for this is that the environment variable
@code{GPG_TTY} has not been set correctly. Make sure that it has been
set to a real tty device and not just to @samp{/dev/tty};
-i.e. @samp{GPG_TTY=tty} is plainly wrong; what you want is
+i.e., @samp{GPG_TTY=tty} is plainly wrong; what you want is
@samp{GPG_TTY=`tty`} --- note the back ticks. Also make sure that
this environment variable gets exported, that is you should follow up
the setting with an @samp{export GPG_TTY} (assuming a Bourne style
diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi
index e50406035..420340ee3 100644
--- a/doc/dirmngr.texi
+++ b/doc/dirmngr.texi
@@ -213,7 +213,7 @@ however carefully selected to best aid in debugging.
@item --debug @var{flags}
@opindex debug
Set debug flags. All flags are or-ed and @var{flags} may be given in
-C syntax (e.g. 0x0042) or as a comma separated list of flag names. To
+C syntax (e.g., 0x0042) or as a comma separated list of flag names. To
get a list of all supported flags the single word "help" can be used.
This option is only useful for debugging and the behavior may change
at any time without notice.
@@ -295,7 +295,7 @@ seconds.
@opindex connect-quick-timeout
Set the timeout for HTTP and generic TCP connection attempts to N
seconds. The value set with the quick variant is used when the
---quick option has been given to certain Assuan commands. The quick
+@option{--quick} option has been given to certain Assuan commands. The quick
value is capped at the value of the regular connect timeout. The
default values are 15 and 2 seconds. Note that the timeout values are
for each connection attempt; the connection code will attempt to
@@ -375,7 +375,7 @@ there for details; here is an example:
as given. Replace USERNAME, PASSWORD, and the 'dc' parts
according to the instructions received from your LDAP
administrator. Note that only simple authentication
- (i.e. cleartext passwords) is supported and thus using ldaps is
+ (i.e., cleartext passwords) is supported and thus using ldaps is
strongly suggested (since 2.2.28 "ldaps" defaults to port 389
and uses STARTTLS). On Windows authentication via AD can be
requested by adding @code{gpgNtds=1} after the fourth question
@@ -468,7 +468,7 @@ Lines starting with a @samp{#} are comments.
Note that as usual all strings entered are expected to be UTF-8 encoded.
Obviously this will lead to problems if the password has originally been
encoded as Latin-1. There is no other solution here than to put such a
-password in the binary encoding into the file (i.e. non-ascii characters
+password in the binary encoding into the file (i.e., non-ascii characters
won't show up readable).@footnote{The @command{gpgconf} tool might be
helpful for frontends as it enables editing this configuration file using
percent-escaped strings.}
@@ -684,7 +684,7 @@ those certificates on startup and when given a SIGHUP. Certificates
which are not readable or do not make up a proper X.509 certificate
are ignored; see the log file for details.
-Applications using dirmngr (e.g. gpgsm) can request these
+Applications using dirmngr (e.g., gpgsm) can request these
certificates to complete a trust chain in the same way as with the
extra-certs directory (see below).
@@ -693,7 +693,7 @@ Note that for OCSP responses the certificate specified using the option
@item /etc/gnupg/extra-certs
This directory may contain extra certificates which are preloaded
-into the internal cache on startup. Applications using dirmngr (e.g. gpgsm)
+into the internal cache on startup. Applications using dirmngr (e.g., gpgsm)
can request cached certificates to complete a trust chain.
This is convenient in cases you have a couple intermediate CA certificates
or certificates usually used to sign OCSP responses.
@@ -752,7 +752,7 @@ certificate exists it is used to access the special keyservers
Please note that @command{gpgsm} accepts Root CA certificates for its
own purposes only if they are listed in its file @file{trustlist.txt}.
-@command{dirmngr} does not make use of this list - except FIXME.
+@command{dirmngr} does not make use of this list --- except FIXME.
@mansect notes
@@ -802,7 +802,7 @@ Enter @code{HELP} at the prompt to see a list of commands and enter
@node Dirmngr Signals
@section Use of signals
-A running @command{dirmngr} may be controlled by signals, i.e. using
+A running @command{dirmngr} may be controlled by signals, i.e., using
the @command{kill} command to send a signal to the process.
Here is a list of supported signals:
@@ -1034,7 +1034,7 @@ includes a local certificate store as well as a list of trusted root
certificates.
@noindent
-The return code is 0 for success; i.e. the certificate has not been
+The return code is 0 for success; i.e., the certificate has not been
revoked or one of the usual error codes from libgpg-error.
@node Dirmngr CHECKOCSP
@@ -1069,7 +1069,7 @@ of the global option @option{--ignore-ocsp-service-url}.
@noindent
-The return code is 0 for success; i.e. the certificate has not been
+The return code is 0 for success; i.e., the certificate has not been
revoked or one of the usual error codes from libgpg-error.
@node Dirmngr CACHECERT
@@ -1091,7 +1091,7 @@ Thus the caller is expected to return the certificate for the request
as a binary blob.
@noindent
-The return code is 0 for success; i.e. the certificate has not been
+The return code is 0 for success; i.e., the certificate has not been
successfully cached or one of the usual error codes from libgpg-error.
@node Dirmngr VALIDATE
@@ -1191,7 +1191,7 @@ as a binary blob.
@c does not yet end up in memory.
@c * @code{crl_cache_insert} is called with that descriptor to
@c actually read the CRL into the cache. See below for a
-@c description of this function. If there is any error (e.g. read
+@c description of this function. If there is any error (e.g., read
@c problem, CRL not correctly signed or verification of signature
@c not possible), this descriptor is rejected and we continue
@c with the next name. If the CRL has been successfully loaded,
@@ -1217,7 +1217,7 @@ as a binary blob.
@c a) An authorityKeyIdentifier with an issuer and serialno exits: The
@c certificate is retrieved using @code{find_cert_bysn}. If
@c the certificate is in the certificate cache, it is directly
-@c returned. Then the requester (i.e. the client who requested the
+@c returned. Then the requester (i.e., the client who requested the
@c CRL check) is asked via the Assuan inquiry ``SENDCERT'' whether
@c he can provide this certificate. If this succeed the returned
@c certificate gets cached and returned. Note, that dirmngr does not
@@ -1296,7 +1296,7 @@ as a binary blob.
@c expiration time of all certificates in the chain.
@c
@c We first check that the certificate may be used for the requested
-@c purpose (i.e. OCSP or CRL signing). If this is not the case
+@c purpose (i.e., OCSP or CRL signing). If this is not the case
@c GPG_ERR_WRONG_KEY_USAGE is returned.
@c
@c The next step is to find the trust anchor (root certificate) and to
@@ -1320,7 +1320,7 @@ as a binary blob.
@c Now the issuer's certificate is looked up: If an
@c authorityKeyIdentifier is available, this one is used to locate the
@c certificate either using issuer and serialnumber or subject DN
-@c (i.e. the issuer's DN) and the keyID. The functions
+@c (i.e., the issuer's DN) and the keyID. The functions
@c @code{find_cert_bysn) and @code{find_cert_bysubject} are used
@c respectively. The have already been described above under the
@c description of @code{crl_cache_insert}. If no certificate was found
@@ -1334,13 +1334,13 @@ as a binary blob.
@c actual certificate is checked and in case this fails the error
@c #code{GPG_ERR_BAD_CERT_CHAIN} is returned. If the signature checks out, the
@c maximum chain length of the issuing certificate is checked as well as
-@c the capability of the certificate (i.e. whether he may be used for
+@c the capability of the certificate (i.e., whether he may be used for
@c certificate signing). Then the certificate is prepended to our list
@c representing the certificate chain. Finally the loop is continued now
@c with the issuer's certificate as the current certificate.
@c
@c After the end of the loop and if no error as been encountered
-@c (i.e. the certificate chain has been assempled correctly), a check is
+@c (i.e., the certificate chain has been assempled correctly), a check is
@c done whether any certificate expired or a critical policy has not been
@c met. In any of these cases the validation terminates with an
@c appropriate error.
diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi
index 74c4c10af..1d531fb57 100644
--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@@ -72,7 +72,7 @@ the included Secure Shell Agent you may start the agent using:
@c One way of enforcing this split is a per-key or per-session
@c passphrase, known only by the owner, which must be supplied to the
@c agent to permit the use of the secret key material. Another way is
-@c with an out-of-band permission mechanism (e.g. a button or GUI
+@c with an out-of-band permission mechanism (e.g@:. a button or GUI
@c interface that the owner has access to, but the supplicant does not).
@c
@c The rationale for this separation is that it allows access to the
@@ -111,8 +111,8 @@ Please make sure that a proper pinentry program has been installed
under the default filename (which is system dependent) or use the
option @option{pinentry-program} to specify the full name of that program.
It is often useful to install a symbolic link from the actual used
-pinentry (e.g. @file{@value{BINDIR}/pinentry-gtk}) to the expected
-one (e.g. @file{@value{BINDIR}/pinentry}).
+pinentry (e.g., @file{@value{BINDIR}/pinentry-gtk}) to the expected
+one (e.g., @file{@value{BINDIR}/pinentry}).
@manpause
@noindent
@@ -177,8 +177,8 @@ Windows.
If in @file{common.conf} the option @option{no-autostart} is set, any
start attempts will be ignored.
-In --supervised mode, different file descriptors can be provided for
-use as different socket types (e.g. ssh, extra) as long as they are
+In @option{--supervised} mode, different file descriptors can be provided for
+use as different socket types (e.g., ssh, extra) as long as they are
identified in the environment variable @code{LISTEN_FDNAMES} (see
sd_listen_fds(3) on some Linux distributions for more information on
this convention).
@@ -259,7 +259,7 @@ however carefully selected to best aid in debugging.
@item --debug @var{flags}
@opindex debug
Set debug flags. All flags are or-ed and @var{flags} may be given
-in C syntax (e.g. 0x0042) or as a comma separated list of flag names.
+in C syntax (e.g., 0x0042) or as a comma separated list of flag names.
To get a list of all supported flags the single word "help" can be
used. This option is only useful for debugging and the behavior may
change at any time without notice.
@@ -345,7 +345,7 @@ specify the logging output.
@anchor{option --no-allow-mark-trusted}
@item --no-allow-mark-trusted
@opindex no-allow-mark-trusted
-Do not allow clients to mark keys as trusted, i.e. put them into the
+Do not allow clients to mark keys as trusted, i.e., put them into the
@file{trustlist.txt} file. This makes it harder for users to inadvertently
accept Root-CA keys.
@@ -716,7 +716,7 @@ The order in which keys are presented to ssh are:
Editing the "Use-for-ssh" values can be done with an editor or using
@command{gpg-connect-agent} and "KEYATTR" (Remember to append a colon
-to the key; i.e. use "Use-for-ssh:").
+to the key; i.e., use "Use-for-ssh:").
@anchor{option --ssh-fingerprint-digest}
@@ -724,7 +724,7 @@ to the key; i.e. use "Use-for-ssh:").
@opindex ssh-fingerprint-digest
Select the digest algorithm used to compute ssh fingerprints that are
-communicated to the user, e.g. in pinentry dialogs. OpenSSH has
+communicated to the user, e.g., in pinentry dialogs. OpenSSH has
transitioned from using MD5 to the more secure SHA256.
@@ -830,7 +830,7 @@ It might even be advisable to change the permissions to read-only so
that this file can't be changed inadvertently.
As a special feature a line @code{include-default} will include a global
-list of trusted certificates (e.g. @file{@value{SYSCONFDIR}/trustlist.txt}).
+list of trusted certificates (e.g., @file{@value{SYSCONFDIR}/trustlist.txt}).
This global list is also used if the local list is not available;
the @ref{option --no-user-trustlist} enforces the use of only
this global list.
@@ -892,7 +892,7 @@ The keygrip may be prefixed with a @code{!} to disable an entry.
The following example lists exactly one key. Note that keys available
through a OpenPGP smartcard in the active smartcard reader are
-implicitly added to this list; i.e. there is no need to list them.
+implicitly added to this list; i.e., there is no need to list them.
@cartouche
@smallexample
@@ -925,7 +925,7 @@ a small helper script is provided to create these files (@pxref{addgnupghome}).
@mansect signals
@node Agent Signals
@section Use of some signals
-A running @command{gpg-agent} may be controlled by signals, i.e. using
+A running @command{gpg-agent} may be controlled by signals, i.e., using
the @command{kill} command to send a signal to the process.
Here is a list of supported signals:
@@ -1407,7 +1407,7 @@ convention either the hexified fingerprint of the key shall be used for
calling application and a colon: Like @code{gpg:somestring}.
@var{error_message} is either a single @code{X} for no error message or
-a string to be shown as an error message like (e.g. "invalid
+a string to be shown as an error message like (e.g., "invalid
passphrase"). Blanks must be percent escaped or replaced by @code{+}'.
@var{prompt} is either a single @code{X} for a default prompt or the
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 1d1c38cd9..cb4506049 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -330,21 +330,21 @@ The status of the verification is indicated by a flag directly
following the "sig" tag (and thus before the flags described below. A
"!" indicates that the signature has been successfully verified, a "-"
denotes a bad signature and a "%" is used if an error occurred while
-checking the signature (e.g. a non supported algorithm). Signatures
+checking the signature (e.g., a non supported algorithm). Signatures
where the public key is not available are not listed; to see their
keyids the command @option{--list-sigs} can be used.
For each signature listed, there are several flags in between the
signature status flag and keyid. These flags give additional
information about each key signature. From left to right, they are
-the numbers 1-3 for certificate check level (see
+the numbers 1--3 for certificate check level (see
@option{--ask-cert-level}), "L" for a local or non-exportable
signature (see @option{--lsign-key}), "R" for a nonRevocable signature
(see the @option{--edit-key} command "nrsign"), "P" for a signature
that contains a policy URL (see @option{--cert-policy-url}), "N" for a
signature that contains a notation (see @option{--cert-notation}), "X"
for an eXpired signature (see @option{--ask-cert-expire}), and the
-numbers 1-9 or "T" for 10 and above to indicate trust signature levels
+numbers 1--9 or "T" for 10 and above to indicate trust signature levels
(see the @option{--edit-key} command "tsign").
@@ -362,9 +362,9 @@ public keys are listed.
The variant @option{--locate-external-keys} does not consider a
locally existing key and can thus be used to force the refresh of a
key via the defined external methods. If a fingerprint is given and
-and the methods defined by --auto-key-locate define LDAP servers, the
-key is fetched from these resources; defined non-LDAP keyservers are
-skipped.
+and the methods defined by @option{--auto-key-locate} define LDAP
+servers, the key is fetched from these resources; defined non-LDAP
+keyservers are skipped.
@item --show-keys
@@ -405,7 +405,7 @@ description, please see the Card HOWTO at
https://gnupg.org/documentation/howtos.html#GnuPG-cardHOWTO . Please
note that the command "openpgp" can be used to switch to the OpenPGP
application of cards which by default are presenting another
-application (e.g. PIV).
+application (e.g., PIV).
@item --card-status
@opindex card-status
@@ -589,7 +589,7 @@ corrupted trustdb. Example:
Update the trustdb with the ownertrust values stored in @code{files} (or
STDIN if not given); existing values will be overwritten. In case of a
severely damaged trustdb and if you have a recent backup of the
-ownertrust values (e.g. in the file @file{otrust.txt}), you may re-create
+ownertrust values (e.g., in the file @file{otrust.txt}), you may re-create
the trustdb using these commands:
@c man:.RS
@example
@@ -892,7 +892,7 @@ signing.
@item delsig
@opindex keyedit:delsig
Delete a signature. Note that it is not possible to retract a signature,
- once it has been send to the public (i.e. to a keyserver). In that case
+ once it has been send to the public (i.e., to a keyserver). In that case
you better use @code{revsig}.
@item revsig
@@ -926,7 +926,7 @@ signing.
@opindex keyedit:deluid
Delete a user ID or photographic user ID. Note that it is not
possible to retract a user id, once it has been send to the public
- (i.e. to a keyserver). In that case you better use @code{revuid}.
+ (i.e., to a keyserver). In that case you better use @code{revuid}.
@item revuid
@opindex keyedit:revuid
@@ -1005,13 +1005,13 @@ signing.
@item keytocard
@opindex keyedit:keytocard
Transfer the selected secret subkey (or the primary key if no subkey
- has been selected) to a smartcard. The secret key in the keyring will
- be replaced by a stub if the key could be stored successfully on the
- card and you use the save command later. Only certain key types may be
- transferred to the card. A sub menu allows you to select on what card
- to store the key. Note that it is not possible to get that key back
- from the card - if the card gets broken your secret key will be lost
- unless you have a backup somewhere.
+ has been selected) to a smartcard. The secret key in the keyring
+ will be replaced by a stub if the key could be stored successfully
+ on the card and you use the save command later. Only certain key
+ types may be transferred to the card. A sub menu allows you to
+ select on what card to store the key. Note that it is not possible
+ to get that key back from the card --- if the card gets broken your
+ secret key will be lost unless you have a backup somewhere.
@item bkuptocard @var{file}
@opindex keyedit:bkuptocard
@@ -1046,7 +1046,7 @@ signing.
@item delkey
@opindex keyedit:delkey
Remove a subkey (secondary key). Note that it is not possible to retract
- a subkey, once it has been send to the public (i.e. to a keyserver). In
+ a subkey, once it has been send to the public (i.e., to a keyserver). In
that case you better use @code{revkey}. Also note that this only
deletes the public part of a key.
@@ -1098,7 +1098,7 @@ signing.
@item clean
@opindex keyedit:clean
Compact (by removing all signatures except the selfsig) any user ID
- that is no longer usable (e.g. revoked, or expired). Then, remove any
+ that is no longer usable (e.g., revoked, or expired). Then, remove any
signatures that are not usable by the trust calculations.
Specifically, this removes any signature that does not validate, any
signature that is superseded by a later signature, revoked signatures,
@@ -1112,7 +1112,7 @@ signing.
@item change-usage
@opindex keyedit:change-usage
Change the usage flags (capabilities) of the primary key or of
- subkeys. These usage flags (e.g. Certify, Sign, Authenticate,
+ subkeys. These usage flags (e.g., Certify, Sign, Authenticate,
Encrypt) are set during key creation. Sometimes it is useful to
have the opportunity to change them (for example to add
Authenticate) after they have been created. Please take care when
@@ -1265,13 +1265,13 @@ behaviour and to change the default configuration.
@end menu
Long options can be put in an options file (default
-"~/.gnupg/gpg.conf"). Short option names will not work - for example,
-"armor" is a valid option for the options file, while "a" is not. Do not
-write the 2 dashes, but simply the name of the option and any required
-arguments. Lines with a hash ('#') as the first non-white-space
-character are ignored. Commands may be put in this file too, but that is
-not generally useful as the command will execute automatically with
-every execution of gpg.
+"~/.gnupg/gpg.conf"). Short option names will not work --- for
+example, "armor" is a valid option for the options file, while "a" is
+not. Do not write the 2 dashes, but simply the name of the option and
+any required arguments. Lines with a hash ('#') as the first
+non-white-space character are ignored. Commands may be put in this
+file too, but that is not generally useful as the command will execute
+automatically with every execution of gpg.
Please remember that option parsing stops as soon as a non-option is
encountered, you can explicitly stop parsing by using the special option
@@ -1457,10 +1457,10 @@ give the opposite meaning. The options are:
@item sort-sigs
@opindex list-options:sort-sigs
- With --list-sigs and --check-sigs sort the signatures by keyID and
- creation time to make it easier to view the history of these
- signatures. The self-signature is also listed before other
- signatures. Defaults to yes.
+ With @option{--list-sigs} and @option{--check-sigs} sort the
+ signatures by keyID and creation time to make it easier to view the
+ history of these signatures. The self-signature is also listed
+ before other signatures. Defaults to yes.
@end table
@@ -1517,12 +1517,12 @@ the opposite meaning. The options are:
@itemx --disable-large-rsa
@opindex enable-large-rsa
@opindex disable-large-rsa
-With --generate-key and --batch, enable the creation of RSA secret keys as
-large as 8192 bit. Note: 8192 bit is more than is generally
-recommended. These large keys don't significantly improve security,
-but they are more expensive to use, and their signatures and
-certifications are larger. This option is only available if the
-binary was build with large-secmem support.
+With @option{--generate-key} and @option{--batch}, enable the creation
+of RSA secret keys as large as 8192 bit. Note: 8192 bit is more than
+is generally recommended. These large keys don't significantly
+improve security, but they are more expensive to use, and their
+signatures and certifications are larger. This option is only
+available if the binary was build with large-secmem support.
@item --enable-dsa2
@itemx --disable-dsa2
@@ -1540,9 +1540,9 @@ will be expanded to a filename containing the photo. "%I" does the
same, except the file will not be deleted once the viewer exits.
Other flags are "%k" for the key ID, "%K" for the long key ID, "%f"
for the key fingerprint, "%t" for the extension of the image type
-(e.g. "jpg"), "%T" for the MIME type of the image (e.g. "image/jpeg"),
+(e.g., "jpg"), "%T" for the MIME type of the image (e.g., "image/jpeg"),
"%v" for the single-character calculated validity of the image being
-viewed (e.g. "f"), "%V" for the calculated validity as a string (e.g.
+viewed (e.g., "f"), "%V" for the calculated validity as a string (e.g.,
"full"), "%U" for a base32 encoded hash of the user ID,
and "%%" for an actual percent sign. If neither %i or %I are present,
then the photo will be supplied to the viewer on standard input.
@@ -2046,7 +2046,7 @@ default), that keyserver is tried. Note that the creator of the
signature uses the option @option{--sig-keyserver-url} to specify the
preferred keyserver for data signatures.
-3. If the signature has the Signer's UID set (e.g. using
+3. If the signature has the Signer's UID set (e.g., using
@option{--sender} while creating the signature) a Web Key Directory
(WKD) lookup is done. This is the default configuration but can be
disabled by removing WKD from the auto-key-locate list or by using the
@@ -2074,7 +2074,7 @@ option is ignored if the option @option{--with-colons} is used.
@item --keyserver @var{name}
@opindex keyserver
-This option is deprecated - please use the @option{--keyserver} in
+This option is deprecated --- please use the @option{--keyserver} in
@file{dirmngr.conf} instead.
Use @var{name} as your keyserver. This is the server that
@@ -2294,7 +2294,7 @@ suppressed on the command line.
@itemx --no-require-secmem
@opindex require-secmem
Refuse to run if GnuPG cannot get secure memory. Defaults to no
-(i.e. run, but give a warning).
+(i.e., run, but give a warning).
@item --require-cross-certification
@@ -2426,7 +2426,7 @@ id used to make the signature and embeds that user ID into the created
signature (using OpenPGP's ``Signer's User ID'' subpacket). If the
option is given multiple times a suitable user ID is picked. However,
if the signing key was specified directly by using a mail address
-(i.e. not by using a fingerprint or key ID) this option is used and
+(i.e., not by using a fingerprint or key ID) this option is used and
the mail address is embedded in the created signature.
When verifying a signature @var{mbox} is used to restrict the
@@ -2535,7 +2535,7 @@ the @option{--status-fd} line ``PROGRESS'' to provide a value for
@item --key-origin @var{string}[,@var{url}]
@opindex key-origin
gpg can track the origin of a key. Certain origins are implicitly
-known (e.g. keyserver, web key directory) and set. For a standard
+known (e.g., keyserver, web key directory) and set. For a standard
import the origin of the keys imported can be set with this option.
To list the possible values use "help" for @var{string}. Some origins
can store an optional @var{url} argument. That URL can appended to
@@ -2657,12 +2657,12 @@ The available filter types are:
@item drop-subkey
This filter drops the selected subkeys.
- Currently only implemented for --export-filter.
+ Currently only implemented for @option{--export-filter}.
@item drop-sig
This filter drops the selected key signatures on user ids.
Self-signatures are not considered.
- Currently only implemented for --import-filter.
+ Currently only implemented for @option{--import-filter}.
@item select
This filter is only implemented by @option{--list-filter}. All
@@ -2707,13 +2707,13 @@ The available properties are:
@itemx key_created_d
The first is the timestamp a public key or subkey packet was
created. The second is the same but given as an ISO string,
- e.g. "2016-08-17". (drop-subkey)
+ e.g., "2016-08-17". (drop-subkey)
@item key_expires
@itemx key_expires_d
The expiration time of a public key or subkey or 0 if it does not
expire. The second is the same but given as an ISO date string or
- an empty string e.g. "2038-01-19".
+ an empty string e.g., "2038-01-19".
@item fpr
The hexified fingerprint of the current subkey or primary key.
@@ -2746,7 +2746,7 @@ The available properties are:
@itemx sig_created_d
The first is the timestamp a signature packet was created. The
second is the same but given as an ISO date string,
- e.g. "2016-08-17". (drop-sig)
+ e.g., "2016-08-17". (drop-sig)
@item sig_expires
@itemx sig_expires_d
@@ -2872,7 +2872,7 @@ obsolete; it does not harm to use it though.
@opindex legacy-list-mode
Revert to the pre-2.1 public key list mode. This only affects the
human readable output and not the machine interface
-(i.e. @code{--with-colons}). Note that the legacy format does not
+(i.e., @code{--with-colons}). Note that the legacy format does not
convey suitable information for elliptic curves.
@item --with-fingerprint
@@ -2990,7 +2990,7 @@ to safely override the algorithm chosen by the recipient key
preferences, as GPG will only select an algorithm that is usable by
all recipients. The most highly ranked digest algorithm in this list
is also used when signing without encryption
-(e.g. @option{--clear-sign} or @option{--sign}).
+(e.g., @option{--clear-sign} or @option{--sign}).
@item --personal-compress-preferences @var{string}
@opindex personal-compress-preferences
@@ -3001,7 +3001,7 @@ allows the user to safely override the algorithm chosen by the
recipient key preferences, as GPG will only select an algorithm that
is usable by all recipients. The most highly ranked compression
algorithm in this list is also used when there are no recipient keys
-to consider (e.g. @option{--symmetric}).
+to consider (e.g., @option{--symmetric}).
@item --s2k-cipher-algo @var{name}
@opindex s2k-cipher-algo
@@ -3027,7 +3027,7 @@ of times (see @option{--s2k-count}).
Specify how many times the passphrases mangling for symmetric
encryption is repeated. This value may range between 1024 and
65011712 inclusive. The default is inquired from gpg-agent. Note
-that not all values in the 1024-65011712 range are legal and if an
+that not all values in the 1024--65011712 range are legal and if an
illegal value is selected, GnuPG will round up to the nearest legal
value. This option is only meaningful if @option{--s2k-mode} is set
to the default of 3.
@@ -3197,7 +3197,7 @@ however carefully selected to best aid in debugging.
@item --debug @var{flags}
@opindex debug
Set debug flags. All flags are or-ed and @var{flags} may be given
-in C syntax (e.g. 0x0042) or as a comma separated list of flag names.
+in C syntax (e.g., 0x0042) or as a comma separated list of flag names.
To get a list of all supported flags the single word "help" can be
used. This option is only useful for debugging and the behavior may
change at any time without notice.
@@ -3232,7 +3232,7 @@ only useful for certain regression tests.
This option is only useful for testing; it sets the system time back
or forth to @var{epoch} which is the number of seconds elapsed since
the year 1970. Alternatively @var{epoch} may be given as a full ISO
-time string (e.g. "20070924T154812").
+time string (e.g., "20070924T154812").
If you suffix @var{epoch} with an exclamation mark (!), the system time
will appear to be frozen at the specified time.
@@ -3572,7 +3572,7 @@ are:
@opindex no-symkey-cache
Disable the passphrase cache used for symmetrical en- and decryption.
This cache is based on the message specific salt value
-(cf. @option{--s2k-mode}).
+(cf.@: @option{--s2k-mode}).
@item --request-origin @var{origin}
@opindex request-origin
@@ -4660,7 +4660,7 @@ If you don't give any of them, no user ID is created.
@item Expire-Date: @var{iso-date}|(@var{number}[d|w|m|y])
Set the expiration date for the key (and the subkey). It may either
-be entered in ISO date format (e.g. "20000815T145012") or as number of
+be entered in ISO date format (e.g., "20000815T145012") or as number of
days, weeks, month or years after the creation date. The special
notation "seconds=N" is also allowed to specify a number of seconds
since creation. Without a letter days are assumed. Note that there
diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi
index d00ad447e..71cfa1e8a 100644
--- a/doc/gpgsm.texi
+++ b/doc/gpgsm.texi
@@ -136,7 +136,7 @@ Run in server mode and wait for commands on the @code{stdin}.
Behave as a Dirmngr client issuing the request @var{command} with the
optional list of @var{args}. The output of the Dirmngr is printed
stdout. Please note that file names given as arguments should have an
-absolute file name (i.e. commencing with @code{/}) because they are
+absolute file name (i.e., commencing with @code{/}) because they are
passed verbatim to the Dirmngr and the working directory of the
Dirmngr might not be the same as the one of this client. Currently it
is not possible to pass data via stdin to the Dirmngr. @var{command}
@@ -259,7 +259,7 @@ optional @var{pattern}. Those pattern consist of a list of user ids
@option{--armor} option a few informational lines are prepended before
each block. There is one limitation: As there is no commonly agreed
upon way to pack more than one certificate into an ASN.1 structure,
-the binary export (i.e. without using @option{armor}) works only for
+the binary export (i.e., without using @option{armor}) works only for
the export of one certificate. Thus it is required to specify a
@var{pattern} which yields exactly one certificate. Ephemeral
certificate are only exported if all @var{pattern} are given as
@@ -462,7 +462,7 @@ line of the @file{trustlist.txt}
@opindex force-crl-refresh
Tell the dirmngr to reload the CRL for each request. For better
performance, the dirmngr will actually optimize this by suppressing
-the loading for short time intervals (e.g. 30 minutes). This option
+the loading for short time intervals (e.g., 30 minutes). This option
is useful to make sure that a fresh CRL is available for certificates
hold in the keybox. The suggested way of doing this is by using it
along with the option @option{--with-validation} for a key listing
@@ -539,7 +539,7 @@ Create PEM encoded output. Default is binary output.
@item --base64
@opindex base64
-Create Base-64 encoded output; i.e. PEM without the header lines.
+Create Base-64 encoded output; i.e., PEM without the header lines.
@item --assume-armor
@opindex assume-armor
@@ -639,11 +639,11 @@ done with @code{--with-colons}.
@item --no-pretty-dn
@opindex no-pretty-dn
By default gpgsm prints distinguished names (DNs) like the Issuer or
-Subject in a more readable format (e.g. using a well defined order of
+Subject in a more readable format (e.g., using a well defined order of
the parts). However, this format can't be used as input strings.
This option reverts printing to standard RFC-2253 format and thus
-avoids the need to use --dump-cert or --with-colons to get the
-``real'' name.
+avoids the need to use @option{--dump-cert} or @option{--with-colons}
+to get the ``real'' name.
@end table
@@ -754,7 +754,7 @@ key database clear of unneeded certificates stored on smartcards.
This option is only useful for testing; it sets the system time back or
forth to @var{epoch} which is the number of seconds elapsed since the year
1970. Alternatively @var{epoch} may be given as a full ISO time string
-(e.g. "20070924T154812").
+(e.g., "20070924T154812").
@item --with-ephemeral-keys
@opindex with-ephemeral-keys
@@ -801,7 +801,7 @@ however carefully selected to best aid in debugging.
@item --debug @var{flags}
@opindex debug
Set debug flags. All flags are or-ed and @var{flags} may be given
-in C syntax (e.g. 0x0042) or as a comma separated list of flag names.
+in C syntax (e.g., 0x0042) or as a comma separated list of flag names.
To get a list of all supported flags the single word "help" can be
used. This option is only useful for debugging and the behavior may
change at any time without notice.
@@ -974,9 +974,9 @@ This is plain text file with a few help entries used with
@command{gpg} and @command{gpgsm}. The standard file has English help
texts; to install localized versions use filenames like @file{help.LL.txt}
with LL denoting the locale. GnuPG comes with a set of predefined help
-files in the data directory (e.g. @file{@value{DATADIR}/gnupg/help.de.txt})
+files in the data directory (e.g., @file{@value{DATADIR}/gnupg/help.de.txt})
and allows overriding of any help item by help files stored in the
-system configuration directory (e.g. @file{@value{SYSCONFDIR}/help.de.txt}).
+system configuration directory (e.g., @file{@value{SYSCONFDIR}/help.de.txt}).
For a reference of the help file's syntax, please see the installed
@file{help.txt} file.
@@ -987,11 +987,10 @@ This file is a collection of common certificates used to populated a
newly created @file{pubring.kbx}. An administrator may replace this
file with a custom one. The format is a concatenation of PEM encoded
X.509 certificates. This global file is installed in the data directory
-(e.g. @file{@value{DATADIR}/com-certs.pem}).
+(e.g., @file{@value{DATADIR}/com-certs.pem}).
@end table
-@c man:.RE
Note that on larger installations, it is useful to put predefined files
into the directory @file{/etc/skel/.gnupg/} so that newly created users
start up with a working configuration. For existing users a small
@@ -1100,7 +1099,7 @@ of a transfer error, a program error or tampering with the message).
@end table
@item Error verifying a signature
-For some reason the signature could not be verified, i.e. it cannot be
+For some reason the signature could not be verified, i.e., it cannot be
decided whether the signature is valid or invalid. A common reason for
this is a missing certificate.
@@ -1281,7 +1280,7 @@ provides a regular command line interface which exhibits a full client
to this protocol (but uses internal linking). To start
@command{gpgsm} as a server the command line the option
@code{--server} must be used. Additional options are provided to
-select the communication method (i.e. the name of the socket).
+select the communication method (i.e., the name of the socket).
We assume that the connection has already been established; see the
Assuan manual for details.
@@ -1345,7 +1344,7 @@ correct.
OUTPUT FD[=@var{n}] [--armor|--base64]
@end example
-Set the file descriptor to be used for the output (i.e. the encrypted
+Set the file descriptor to be used for the output (i.e., the encrypted
message). Obviously the pipe must be open at that point, the server
establishes its own end. If the server returns an error the client
should consider this session failed.
@@ -1388,11 +1387,11 @@ The decryption is done by using the command
DECRYPT
@end example
-It performs the decrypt operation after doing some check on the internal
-state (e.g. that all needed data has been set). Because it utilizes
-the GPG-Agent for the session key decryption, there is no need to ask
-the client for a protecting passphrase - GpgAgent takes care of this by
-requesting this from the user.
+It performs the decrypt operation after doing some check on the
+internal state (e.g., that all needed data has been set). Because it
+utilizes the GPG-Agent for the session key decryption, there is no
+need to ask the client for a protecting passphrase --- GpgAgent takes
+care of this by requesting this from the user.
@node GPGSM SIGN
diff --git a/doc/gpgv.texi b/doc/gpgv.texi
index 54ab23383..cbaea40e5 100644
--- a/doc/gpgv.texi
+++ b/doc/gpgv.texi
@@ -91,7 +91,7 @@ Add @var{file} to the list of keyrings.
If @var{file} begins with a tilde and a slash, these
are replaced by the HOME directory. If the filename
does not contain a slash, it is assumed to be in the
-home-directory ("~/.gnupg" if --homedir is not used).
+home-directory ("~/.gnupg" if @option{--homedir} is not used).
@item --output @var{file}
@itemx -o @var{file}
@@ -184,10 +184,18 @@ If set directory used instead of "~/.gnupg".
@mansect files
@subsection FILES
-@table @asis
+Default keyring file is expected in the GnuPG home directory
+(@pxref{option --homedir}, @code{GNUPGHOME}).
+
+@table @file
+@item ~/.gnupg/trustedkeys.kbx
+@efindex trustedkeys.kbx
+The default keyring with the allowed keys, using the new keybox format.
@item ~/.gnupg/trustedkeys.gpg
-The default keyring with the allowed keys.
+@efindex trustedkeys.gpg
+When @file{trustedkeys.kbx} is not available, the default keyring with
+the allowed keys, using a legacy format.
@end table
diff --git a/doc/howto-create-a-server-cert.texi b/doc/howto-create-a-server-cert.texi
index 30e28bdd0..de5a9470f 100644
--- a/doc/howto-create-a-server-cert.texi
+++ b/doc/howto-create-a-server-cert.texi
@@ -80,7 +80,7 @@ would anyway ignore such a request. Thus just hit enter.
If you want to create a client certificate for email encryption, this
would be the place to enter your mail address
-(e.g. @email{joe@@example.org}). You may enter as many addresses as you like,
+(e.g., @email{joe@@example.org}). You may enter as many addresses as you like,
however the CA may not accept them all or reject the entire request.
@cartouche
diff --git a/doc/scdaemon.texi b/doc/scdaemon.texi
index d57326125..cbb22225d 100644
--- a/doc/scdaemon.texi
+++ b/doc/scdaemon.texi
@@ -161,7 +161,7 @@ helpers to debug problems.
@item --debug @var{flags}
@opindex debug
Set debug flags. All flags are or-ed and @var{flags} may be given
-in C syntax (e.g. 0x0042) or as a comma separated list of flag names.
+in C syntax (e.g., 0x0042) or as a comma separated list of flag names.
To get a list of all supported flags the single word "help" can be
used. This option is only useful for debugging and the behavior may
change at any time without notice.
@@ -238,7 +238,7 @@ this option only if you know what you are doing.
Use @var{library} to access the smartcard reader. The current default
on Unix is @file{libpcsclite.so} and on Windows @file{winscard.dll}.
Instead of using this option you might also want to install a symbolic
-link to the default file name (e.g. from @file{libpcsclite.so.1}).
+link to the default file name (e.g., from @file{libpcsclite.so.1}).
A Unicode file name may not be used on Windows.
@item --disable-ccid
@@ -503,7 +503,7 @@ will return an error when a card change has been detected and the use of
this function is therefore required.
Background: We want to keep the client clear of handling card changes
-between operations; i.e. the client can assume that all operations are
+between operations; i.e., the client can assume that all operations are
done on the same card unless he call this function.
@example
@@ -717,7 +717,7 @@ reset the card.
This is used by gpg-agent to reuse a primary pipe connection and
may be used by clients to backup from a conflict in the serial
-command; i.e. to select another application.
+command; i.e., to select another application.
diff --git a/doc/specify-user-id.texi b/doc/specify-user-id.texi
index 64e354bdf..1dc91b6d8 100644
--- a/doc/specify-user-id.texi
+++ b/doc/specify-user-id.texi
@@ -39,7 +39,7 @@ using the option @option{--with-colons}.
@item By fingerprint.
This format is deduced from the length of the string and its content or
the @code{0x} prefix. Note, that only the 20 byte version fingerprint
-is available with @command{gpgsm} (i.e. the SHA-1 hash of the
+is available with @command{gpgsm} (i.e., the SHA-1 hash of the
certificate).
When using @command{gpg} an exclamation mark (!) may be appended to
@@ -88,7 +88,7 @@ with left and right angles.
@item By partial match on an email address.
This is indicated by prefixing the search string with an @code{@@}.
This uses a substring search but considers only the mail address
-(i.e. inside the angle brackets).
+(i.e., inside the angle brackets).
@cartouche
@example
diff --git a/doc/tools.texi b/doc/tools.texi
index da537b6d0..26c4c5f3d 100644
--- a/doc/tools.texi
+++ b/doc/tools.texi
@@ -124,7 +124,7 @@ $ watchgnupg --time-only
@end example
This waits for connections on the local socket
-(e.g. @file{/var/run/user/1234/gnupg/S.log}) and shows all log
+(e.g., @file{/var/run/user/1234/gnupg/S.log}) and shows all log
entries. To make this work the option @option{log-file} needs to be
used with all modules which logs are to be shown. The suggested entry
for the configuration files is:
@@ -133,8 +133,8 @@ for the configuration files is:
log-file socket://
@end example
-If the default socket as given above and returned by "echo $(gpgconf
---list-dirs socketdir)/S.log" is not desired an arbitrary socket name
+If the default socket as given above and returned by @code{"echo $(gpgconf
+--list-dirs socketdir)/S.log"} is not desired an arbitrary socket name
can be specified, for example @file{socket:///home/foo/bar/mysocket}.
For debugging purposes it is also possible to do remote logging. Take
care if you use this feature because the information is send in the
@@ -1284,7 +1284,7 @@ Alternatively an arbitrary string may be used to identify a
passphrase; it is suggested that such a string is prefixed with the
name of the application (e.g @code{foo:12346}). Scripts should always
use the option @option{--with-colons}, which provides the keygrip in a
-"grp" line (cf. @file{doc/DETAILS})/
+"grp" line (cf.@: @file{doc/DETAILS})/
@noindent
One of the following command options must be given:
@@ -1765,7 +1765,7 @@ The return value of this command is
@table @code
@item 0
-The certificate under question is valid; i.e. there is a valid CRL
+The certificate under question is valid; i.e., there is a valid CRL
available and it is not listed there or the OCSP request returned that
that certificate is valid.
@@ -2088,9 +2088,9 @@ This option is deprecated in favor of option @option{--directory}.
@item --no-compress
@opindex no-compress
-This option tells gpg to disable compression (i.e. using option -z0).
+This option tells gpg to disable compression (i.e., using option -z0).
It is useful for archiving only large files which are are already
-compressed (e.g. a set of videos).
+compressed (e.g., a set of videos).
@item --gpg @var{gpgcmd}
@opindex gpg
@@ -2103,9 +2103,10 @@ Pass the specified extra options to @command{gpg}.
@item --tar-args @var{args}
@opindex tar-args
Assume @var{args} are standard options of the command @command{tar}
-and parse them. The only supported tar options are "--directory",
-"--files-from", and "--null" This is an obsolete options because those
-supported tar options can also be given directly.
+and parse them. The only supported tar options are
+@option{--directory}, @option{--files-from}, and @option{--null}.
+This is an obsolete options because those supported tar options can
+also be given directly.
@item --tar @var{command}
@opindex tar
diff --git a/doc/wks.texi b/doc/wks.texi
index 2870e52d8..bfdd069f2 100644
--- a/doc/wks.texi
+++ b/doc/wks.texi
@@ -214,7 +214,7 @@ The default is @file{openpgpkey}.
@opindex blacklist
This option is used to exclude certain mail addresses from a mirror
operation. The format of @var{file} is one mail address (just the
-addrspec, e.g. "postel@@isi.edu") per line. Empty lines and lines
+addrspec, e.g., "postel@@isi.edu") per line. Empty lines and lines
starting with a '#' are ignored.
@item --add-revocs
diff --git a/g10/call-agent.c b/g10/call-agent.c
index daf12fae7..06ed232fa 100644
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@@ -251,7 +251,8 @@ start_agent (ctrl_t ctrl, int flag_for_card)
opt.agent_program,
opt.lc_ctype, opt.lc_messages,
opt.session_env,
- opt.autostart, opt.verbose, DBG_IPC,
+ opt.autostart?ASSHELP_FLAG_AUTOSTART:0,
+ opt.verbose, DBG_IPC,
NULL, NULL);
if (!opt.autostart && gpg_err_code (rc) == GPG_ERR_NO_AGENT)
{
diff --git a/g10/call-dirmngr.c b/g10/call-dirmngr.c
index c47bf0928..d00f61450 100644
--- a/g10/call-dirmngr.c
+++ b/g10/call-dirmngr.c
@@ -166,7 +166,8 @@ create_context (ctrl_t ctrl, assuan_context_t *r_ctx)
err = start_new_dirmngr (&ctx,
GPG_ERR_SOURCE_DEFAULT,
opt.dirmngr_program,
- opt.autostart, opt.verbose, DBG_IPC,
+ opt.autostart?ASSHELP_FLAG_AUTOSTART:0,
+ opt.verbose, DBG_IPC,
NULL /*gpg_status2*/, ctrl);
if (!opt.autostart && gpg_err_code (err) == GPG_ERR_NO_DIRMNGR)
{
diff --git a/g10/call-keyboxd.c b/g10/call-keyboxd.c
index 121b7aa2a..bc3806f0b 100644
--- a/g10/call-keyboxd.c
+++ b/g10/call-keyboxd.c
@@ -94,8 +94,6 @@ gpg_keyboxd_deinit_session_data (ctrl_t ctrl)
log_error ("oops: trying to cleanup an active keyboxd context\n");
else
{
- kbx_client_data_release (kbl->kcd);
- kbl->kcd = NULL;
if (kbl->ctx && in_transaction)
{
/* This is our hack to commit the changes done during a
@@ -112,6 +110,15 @@ gpg_keyboxd_deinit_session_data (ctrl_t ctrl)
}
assuan_release (kbl->ctx);
kbl->ctx = NULL;
+ /*
+ * Since there may be pipe output FD sent to the server (so
+ * that it can receive data through the pipe), we should
+ * release the assuan connection before releasing KBL->KCD.
+ * This way, the data receiving thread can finish cleanly,
+ * and we can join the thread.
+ */
+ kbx_client_data_release (kbl->kcd);
+ kbl->kcd = NULL;
}
xfree (kbl);
}
@@ -143,7 +150,8 @@ create_new_context (ctrl_t ctrl, assuan_context_t *r_ctx)
err = start_new_keyboxd (&ctx,
GPG_ERR_SOURCE_DEFAULT,
opt.keyboxd_program,
- opt.autostart, opt.verbose, DBG_IPC,
+ opt.autostart?ASSHELP_FLAG_AUTOSTART:0,
+ opt.verbose, DBG_IPC,
NULL, ctrl);
if (!opt.autostart && gpg_err_code (err) == GPG_ERR_NO_KEYBOXD)
{
@@ -223,7 +231,7 @@ open_context (ctrl_t ctrl, keyboxd_local_t *r_kbl)
return err;
}
- err = kbx_client_data_new (&kbl->kcd, kbl->ctx, 1);
+ err = kbx_client_data_new (&kbl->kcd, kbl->ctx, 0);
if (err)
{
assuan_release (kbl->ctx);
diff --git a/g10/card-util.c b/g10/card-util.c
index a66c2e3de..7df505f62 100644
--- a/g10/card-util.c
+++ b/g10/card-util.c
@@ -28,9 +28,7 @@
# include <readline/readline.h>
#endif /*HAVE_LIBREADLINE*/
-#if GNUPG_MAJOR_VERSION != 1
# include "gpg.h"
-#endif /*GNUPG_MAJOR_VERSION != 1*/
#include "../common/util.h"
#include "../common/i18n.h"
#include "../common/ttyio.h"
@@ -39,11 +37,7 @@
#include "main.h"
#include "keyserver-internal.h"
-#if GNUPG_MAJOR_VERSION == 1
-# include "cardglue.h"
-#else /*GNUPG_MAJOR_VERSION!=1*/
-# include "call-agent.h"
-#endif /*GNUPG_MAJOR_VERSION!=1*/
+#include "call-agent.h"
#define CONTROL_D ('D' - 'A' + 1)
@@ -949,14 +943,6 @@ get_data_from_file (const char *fname, char **r_buffer)
*r_buffer = NULL;
fp = es_fopen (fname, "rb");
-#if GNUPG_MAJOR_VERSION == 1
- if (fp && is_secured_file (fileno (fp)))
- {
- fclose (fp);
- fp = NULL;
- errno = EPERM;
- }
-#endif
if (!fp)
{
tty_printf (_("can't open '%s': %s\n"), fname, strerror (errno));
@@ -992,14 +978,6 @@ put_data_to_file (const char *fname, const void *buffer, size_t length)
estream_t fp;
fp = es_fopen (fname, "wb");
-#if GNUPG_MAJOR_VERSION == 1
- if (fp && is_secured_file (fileno (fp)))
- {
- fclose (fp);
- fp = NULL;
- errno = EPERM;
- }
-#endif
if (!fp)
{
tty_printf (_("can't create '%s': %s\n"), fname, strerror (errno));
diff --git a/g10/dearmor.c b/g10/dearmor.c
index c0bd9ecf6..f6bb59ef6 100644
--- a/g10/dearmor.c
+++ b/g10/dearmor.c
@@ -63,7 +63,7 @@ dearmor_file( const char *fname )
push_armor_filter ( afx, inp );
- if( (rc = open_outfile (-1, fname, 0, 0, &out)) )
+ if( (rc = open_outfile (GNUPG_INVALID_FD, fname, 0, 0, &out)) )
goto leave;
iobuf_copy (out, inp);
@@ -107,7 +107,7 @@ enarmor_file( const char *fname )
}
- if( (rc = open_outfile (-1, fname, 1, 0, &out )) )
+ if( (rc = open_outfile (GNUPG_INVALID_FD, fname, 1, 0, &out )) )
goto leave;
afx->what = 4;
diff --git a/g10/decrypt.c b/g10/decrypt.c
index cb9e36a93..b30359af4 100644
--- a/g10/decrypt.c
+++ b/g10/decrypt.c
@@ -100,7 +100,8 @@ decrypt_message (ctrl_t ctrl, const char *filename)
/* Same as decrypt_message but takes a file descriptor for input and
output. */
gpg_error_t
-decrypt_message_fd (ctrl_t ctrl, int input_fd, int output_fd)
+decrypt_message_fd (ctrl_t ctrl, gnupg_fd_t input_fd,
+ gnupg_fd_t output_fd)
{
#ifdef HAVE_W32_SYSTEM
/* No server mode yet. */
@@ -138,13 +139,25 @@ decrypt_message_fd (ctrl_t ctrl, int input_fd, int output_fd)
return err;
}
- opt.outfp = es_fdopen_nc (output_fd, "wb");
+ if (is_secured_file (output_fd))
+ {
+ char xname[64];
+
+ err = gpg_error (GPG_ERR_EPERM);
+ snprintf (xname, sizeof xname, "[fd %d]", FD_DBG (output_fd));
+ log_error (_("can't open '%s': %s\n"), xname, gpg_strerror (err));
+ iobuf_close (fp);
+ release_progress_context (pfx);
+ return err;
+ }
+
+ opt.outfp = open_stream_nc (output_fd, "w");
if (!opt.outfp)
{
char xname[64];
err = gpg_error_from_syserror ();
- snprintf (xname, sizeof xname, "[fd %d]", output_fd);
+ snprintf (xname, sizeof xname, "[fd %d]", FD_DBG (output_fd));
log_error (_("can't open '%s': %s\n"), xname, gpg_strerror (err));
iobuf_close (fp);
release_progress_context (pfx);
diff --git a/g10/ecdh.c b/g10/ecdh.c
index eb14154a1..dbce846b9 100644
--- a/g10/ecdh.c
+++ b/g10/ecdh.c
@@ -524,8 +524,7 @@ pk_ecdh_decrypt (gcry_mpi_t *r_result, const byte sk_fp[MAX_FINGERPRINT_LEN],
size_t nbytes;
byte *data_buf;
int data_buf_size;
- byte *in;
- const void *p;
+ const unsigned char *p;
unsigned int nbits;
*r_result = NULL;
@@ -546,7 +545,10 @@ pk_ecdh_decrypt (gcry_mpi_t *r_result, const byte sk_fp[MAX_FINGERPRINT_LEN],
return gpg_error (GPG_ERR_BAD_DATA);
}
- data_buf = xtrymalloc_secure( 1 + 2*data_buf_size + 8);
+ /* The first octet is for length. It's longer than the result
+ because of one additional block of AESWRAP. */
+ data_buf_size -= 1 + 8;
+ data_buf = xtrymalloc_secure (data_buf_size);
if (!data_buf)
{
err = gpg_error_from_syserror ();
@@ -560,22 +562,18 @@ pk_ecdh_decrypt (gcry_mpi_t *r_result, const byte sk_fp[MAX_FINGERPRINT_LEN],
gcry_cipher_close (hd);
return gpg_error (GPG_ERR_BAD_MPI);
}
- memcpy (data_buf, p, nbytes);
- if (data_buf[0] != nbytes-1)
+ if (p[0] != nbytes-1)
{
log_error ("ecdh inconsistent size\n");
xfree (data_buf);
gcry_cipher_close (hd);
return gpg_error (GPG_ERR_BAD_MPI);
}
- in = data_buf+data_buf_size;
- data_buf_size = data_buf[0];
if (DBG_CRYPTO)
- log_printhex (data_buf+1, data_buf_size, "ecdh decrypting :");
+ log_printhex (p+1, nbytes-1, "ecdh decrypting :");
- err = gcry_cipher_decrypt (hd, in, data_buf_size, data_buf+1,
- data_buf_size);
+ err = gcry_cipher_decrypt (hd, data_buf, data_buf_size, p+1, nbytes-1);
gcry_cipher_close (hd);
if (err)
{
@@ -585,10 +583,8 @@ pk_ecdh_decrypt (gcry_mpi_t *r_result, const byte sk_fp[MAX_FINGERPRINT_LEN],
return err;
}
- data_buf_size -= 8;
-
if (DBG_CRYPTO)
- log_printhex (in, data_buf_size, "ecdh decrypted to :");
+ log_printhex (data_buf, data_buf_size, "ecdh decrypted to :");
/* Padding is removed later. */
/* if (in[data_buf_size-1] > 8 ) */
@@ -598,7 +594,8 @@ pk_ecdh_decrypt (gcry_mpi_t *r_result, const byte sk_fp[MAX_FINGERPRINT_LEN],
/* return gpg_error (GPG_ERR_BAD_KEY); */
/* } */
- err = gcry_mpi_scan (r_result, GCRYMPI_FMT_USG, in, data_buf_size, NULL);
+ err = gcry_mpi_scan (r_result, GCRYMPI_FMT_USG, data_buf,
+ data_buf_size, NULL);
xfree (data_buf);
if (err)
{
diff --git a/g10/encrypt.c b/g10/encrypt.c
index b335b9797..62483fa16 100644
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@@ -507,7 +507,8 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
/**/ : "CFB");
}
- if ( rc || (rc = open_outfile (-1, filename, opt.armor? 1:0, 0, &out )))
+ if (rc || (rc = open_outfile (GNUPG_INVALID_FD, filename, opt.armor? 1:0,
+ 0, &out )))
{
iobuf_cancel (inp);
xfree (cfx.dek);
@@ -763,9 +764,9 @@ write_symkey_enc (STRING2KEY *symkey_s2k, aead_algo_t aead_algo,
* not yet finished server.c.
*/
int
-encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
+encrypt_crypt (ctrl_t ctrl, gnupg_fd_t filefd, const char *filename,
strlist_t remusr, int use_symkey, pk_list_t provided_keys,
- int outputfd)
+ gnupg_fd_t outputfd)
{
iobuf_t inp = NULL;
iobuf_t out = NULL;
@@ -783,7 +784,7 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
PK_LIST pk_list;
int do_compress;
- if (filefd != -1 && filename)
+ if (filefd != GNUPG_INVALID_FD && filename)
return gpg_error (GPG_ERR_INV_ARG); /* Both given. */
do_compress = !!opt.compress_algo;
@@ -814,7 +815,7 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
/* Prepare iobufs. */
#ifdef HAVE_W32_SYSTEM
- if (filefd == -1)
+ if (filefd == GNUPG_INVALID_FD)
inp = iobuf_open (filename);
else
{
@@ -822,7 +823,7 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
gpg_err_set_errno (ENOSYS);
}
#else
- if (filefd == -1)
+ if (filefd == GNUPG_INVALID_FD)
inp = iobuf_open (filename);
else
inp = iobuf_fdopen_nc (filefd, "rb");
@@ -840,8 +841,8 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
char xname[64];
rc = gpg_error_from_syserror ();
- if (filefd != -1)
- snprintf (xname, sizeof xname, "[fd %d]", filefd);
+ if (filefd != GNUPG_INVALID_FD)
+ snprintf (xname, sizeof xname, "[fd %d]", FD_DBG (filefd));
else if (!filename)
strcpy (xname, "[stdin]");
else
@@ -1224,7 +1225,8 @@ encrypt_crypt_files (ctrl_t ctrl, int nfiles, char **files, strlist_t remusr)
}
line[strlen(line)-1] = '\0';
print_file_status(STATUS_FILE_START, line, 2);
- rc = encrypt_crypt (ctrl, -1, line, remusr, 0, NULL, -1);
+ rc = encrypt_crypt (ctrl, GNUPG_INVALID_FD, line, remusr,
+ 0, NULL, GNUPG_INVALID_FD);
if (rc)
log_error ("encryption of '%s' failed: %s\n",
print_fname_stdin(line), gpg_strerror (rc) );
@@ -1236,7 +1238,8 @@ encrypt_crypt_files (ctrl_t ctrl, int nfiles, char **files, strlist_t remusr)
while (nfiles--)
{
print_file_status(STATUS_FILE_START, *files, 2);
- if ( (rc = encrypt_crypt (ctrl, -1, *files, remusr, 0, NULL, -1)) )
+ if ((rc = encrypt_crypt (ctrl, GNUPG_INVALID_FD, *files, remusr,
+ 0, NULL, GNUPG_INVALID_FD)))
log_error("encryption of '%s' failed: %s\n",
print_fname_stdin(*files), gpg_strerror (rc) );
write_status( STATUS_FILE_DONE );
diff --git a/g10/export.c b/g10/export.c
index 224847e0f..74cb03764 100644
--- a/g10/export.c
+++ b/g10/export.c
@@ -428,7 +428,7 @@ do_export (ctrl_t ctrl, strlist_t users, int secret, unsigned int options,
memset( &zfx, 0, sizeof zfx);
- rc = open_outfile (-1, NULL, 0, !!secret, &out );
+ rc = open_outfile (GNUPG_INVALID_FD, NULL, 0, !!secret, &out);
if (rc)
return rc;
@@ -2707,18 +2707,18 @@ export_one_ssh_key (estream_t fp, PKT_public_key *pk)
blob = get_membuf (&mb, &bloblen);
if (blob)
{
- struct b64state b64_state;
+ gpgrt_b64state_t b64_state;
es_fprintf (fp, "%s ", identifier);
- err = b64enc_start_es (&b64_state, fp, "");
- if (err)
+ b64_state = gpgrt_b64enc_start (fp, "");
+ if (!b64_state)
{
xfree (blob);
goto leave;
}
- err = b64enc_write (&b64_state, blob, bloblen);
- b64enc_finish (&b64_state);
+ err = gpgrt_b64enc_write (b64_state, blob, bloblen);
+ gpgrt_b64enc_finish (b64_state);
es_fprintf (fp, " openpgp:0x%08lX\n", (ulong)keyid_from_pk (pk, NULL));
xfree (blob);
@@ -2962,7 +2962,7 @@ export_secret_ssh_key (ctrl_t ctrl, const char *userid)
int pkalgo;
int i;
gcry_mpi_t keyparam[10] = { NULL };
- struct b64state b64_state;
+ gpgrt_b64state_t b64_state;
init_membuf_secure (&mb, 1024);
init_membuf_secure (&mb2, 1024);
@@ -3140,11 +3140,11 @@ export_secret_ssh_key (ctrl_t ctrl, const char *userid)
goto leave;
}
- err = b64enc_start_es (&b64_state, fp, "OPENSSH PRIVATE_KEY");
- if (err)
+ b64_state = gpgrt_b64enc_start (fp, "OPENSSH PRIVATE_KEY");
+ if (!b64_state)
goto leave;
- err = b64enc_write (&b64_state, blob, bloblen);
- b64enc_finish (&b64_state);
+ err = gpgrt_b64enc_write (b64_state, blob, bloblen);
+ gpgrt_b64enc_finish (b64_state);
if (err)
goto leave;
diff --git a/g10/filter.h b/g10/filter.h
index 4b4fc55ff..321b553dc 100644
--- a/g10/filter.h
+++ b/g10/filter.h
@@ -29,6 +29,9 @@ typedef struct {
size_t maxbuf_size;
} md_filter_context_t;
+typedef struct md_thd_filter_context *md_thd_filter_context_t;
+void md_thd_filter_set_md (md_thd_filter_context_t mfx, gcry_md_hd_t md);
+
typedef struct {
int refcount; /* Initialized to 1. */
@@ -165,6 +168,7 @@ typedef struct {
/*-- mdfilter.c --*/
int md_filter( void *opaque, int control, iobuf_t a, byte *buf, size_t *ret_len);
+int md_thd_filter( void *opaque, int control, iobuf_t a, byte *buf, size_t *ret_len);
void free_md_filter_context( md_filter_context_t *mfx );
/*-- armor.c --*/
diff --git a/g10/gpg.c b/g10/gpg.c
index 80cb2f38b..bef3b6fbd 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -1031,6 +1031,7 @@ static struct debug_flags_s debug_flags [] =
/* The list of compatibility flags. */
static struct compatibility_flags_s compatibility_flags [] =
{
+ { COMPAT_PARALLELIZED, "parallelized" },
{ 0, NULL }
};
@@ -1085,10 +1086,6 @@ static void read_sessionkey_from_fd (int fd);
-/* NPth wrapper function definitions. */
-ASSUAN_SYSTEM_NPTH_IMPL;
-
-
static char *
make_libversion (const char *libname, const char *(*getfnc)(const char*))
{
@@ -3902,8 +3899,8 @@ main (int argc, char **argv)
/* Init threading which is used by some helper functions. */
npth_init ();
- assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
+ assuan_control (ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP, NULL);
if (logfile)
{
@@ -4447,7 +4444,8 @@ main (int argc, char **argv)
{
if( argc > 1 )
wrong_args("--encrypt [filename]");
- if( (rc = encrypt_crypt (ctrl, -1, fname, remusr, 0, NULL, -1)) )
+ if ((rc = encrypt_crypt (ctrl, GNUPG_INVALID_FD, fname, remusr,
+ 0, NULL, GNUPG_INVALID_FD)))
{
write_status_failure ("encrypt", rc);
log_error("%s: encryption failed: %s\n",
@@ -4472,7 +4470,8 @@ main (int argc, char **argv)
gnupg_compliance_option_string (opt.compliance));
else
{
- if( (rc = encrypt_crypt (ctrl, -1, fname, remusr, 1, NULL, -1)) )
+ if ((rc = encrypt_crypt (ctrl, GNUPG_INVALID_FD, fname, remusr,
+ 1, NULL, GNUPG_INVALID_FD)))
{
write_status_failure ("encrypt", rc);
log_error ("%s: encryption failed: %s\n",
@@ -5661,13 +5660,13 @@ print_mds( const char *fname, int algo )
}
else
{
- fp = es_fopen (fname, "rb" );
- if (fp && is_secured_file (es_fileno (fp)))
+ if (is_secured_filename (fname))
{
- es_fclose (fp);
fp = NULL;
gpg_err_set_errno (EPERM);
}
+ else
+ fp = es_fopen (fname, "rb" );
}
if (!fp)
{
diff --git a/g10/keygen.c b/g10/keygen.c
index b263a47de..c98deb635 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -3408,6 +3408,7 @@ parse_key_parameter_part (ctrl_t ctrl,
char *keygrip = NULL;
u32 keytime = 0;
int is_448 = 0;
+ int is_pqc = 0;
if (!string || !*string)
return 0; /* Success. */
@@ -3442,6 +3443,32 @@ parse_key_parameter_part (ctrl_t ctrl,
return gpg_error (GPG_ERR_INV_VALUE);
}
}
+ else if (!ascii_strcasecmp (string, "ky768"))
+ {
+ algo = PUBKEY_ALGO_KY768_25519;
+ is_pqc = 1;
+ }
+ else if (!ascii_strcasecmp (string, "ky1024"))
+ {
+ algo = PUBKEY_ALGO_KY1024_448;
+ is_pqc = 1;
+ }
+ else if (!ascii_strcasecmp (string, "dil3"))
+ {
+ algo = PUBKEY_ALGO_DIL3_25519;
+ is_pqc = 1;
+ }
+ else if (!ascii_strcasecmp (string, "dil5"))
+ {
+ algo = PUBKEY_ALGO_DIL5_448;
+ is_pqc = 1;
+ }
+ else if (!ascii_strcasecmp (string, "sphinx")
+ || !ascii_strcasecmp (string, "sphinx_sha2"))
+ {
+ algo = PUBKEY_ALGO_SPHINX_SHA2;
+ is_pqc = 1;
+ }
else if ((curve = openpgp_is_curve_supported (string, &algo, &size)))
{
if (!algo)
@@ -3690,8 +3717,8 @@ parse_key_parameter_part (ctrl_t ctrl,
return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
}
- /* Ed448 and X448 must only be used as v5 keys. */
- if (is_448)
+ /* Ed448, X448 and the PQC algos must only be used as v5 keys. */
+ if (is_448 || is_pqc)
{
if (keyversion == 4)
log_info (_("WARNING: v4 is specified, but overridden by v5.\n"));
diff --git a/g10/keyid.c b/g10/keyid.c
index fab1e3a36..7e4c50b59 100644
--- a/g10/keyid.c
+++ b/g10/keyid.c
@@ -116,6 +116,11 @@ pubkey_string (PKT_public_key *pk, char *buffer, size_t bufsize)
case PUBKEY_ALGO_ECDH:
case PUBKEY_ALGO_ECDSA:
case PUBKEY_ALGO_EDDSA: prefix = ""; break;
+ case PUBKEY_ALGO_KY768_25519: prefix = "ky768"; break;
+ case PUBKEY_ALGO_KY1024_448: prefix = "ky1024"; break;
+ case PUBKEY_ALGO_DIL3_25519: prefix = "dil3"; break;
+ case PUBKEY_ALGO_DIL5_448: prefix = "dil5"; break;
+ case PUBKEY_ALGO_SPHINX_SHA2: prefix = "sphinx_sha2"; break;
}
if (prefix && *prefix)
diff --git a/g10/main.h b/g10/main.h
index 2482fbde2..5123dd03b 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -108,7 +108,7 @@ char *make_radix64_string( const byte *data, size_t len );
void trap_unaligned(void);
void register_secured_file (const char *fname);
void unregister_secured_file (const char *fname);
-int is_secured_file (int fd);
+int is_secured_file (gnupg_fd_t fd);
int is_secured_filename (const char *fname);
u16 checksum_u16( unsigned n );
u16 checksum( const byte *p, unsigned n );
@@ -243,9 +243,9 @@ aead_algo_t use_aead (pk_list_t pk_list, int algo);
int use_mdc (pk_list_t pk_list,int algo);
int encrypt_symmetric (const char *filename );
int encrypt_store (const char *filename );
-int encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
+int encrypt_crypt (ctrl_t ctrl, gnupg_fd_t filefd, const char *filename,
strlist_t remusr, int use_symkey, pk_list_t provided_keys,
- int outputfd);
+ gnupg_fd_t outputfd);
void encrypt_crypt_files (ctrl_t ctrl,
int nfiles, char **files, strlist_t remusr);
int encrypt_filter (void *opaque, int control,
@@ -341,7 +341,7 @@ gpg_error_t generate_card_subkeypair (ctrl_t ctrl, kbnode_t pub_keyblock,
int overwrite_filep( const char *fname );
char *make_outfile_name( const char *iname );
char *ask_outfile_name( const char *name, size_t namelen );
-int open_outfile (int out_fd, const char *iname, int mode,
+int open_outfile (gnupg_fd_t out_fd, const char *iname, int mode,
int restrictedperm, iobuf_t *a);
char *get_matching_datafile (const char *sigfilename);
iobuf_t open_sigfile (const char *sigfilename, progress_filter_context_t *pfx);
@@ -493,20 +493,22 @@ void print_key_line (ctrl_t ctrl, estream_t fp, PKT_public_key *pk, int secret);
void print_file_status( int status, const char *name, int what );
int verify_signatures (ctrl_t ctrl, int nfiles, char **files );
int verify_files (ctrl_t ctrl, int nfiles, char **files );
-int gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, estream_t out_fp);
+int gpg_verify (ctrl_t ctrl, gnupg_fd_t sig_fd, gnupg_fd_t data_fd,
+ estream_t out_fp);
void check_assert_signer_list (const char *mainpkhex, const char *pkhex);
void check_assert_pubkey_algo (const char *algostr, const char *pkhex);
/*-- decrypt.c --*/
int decrypt_message (ctrl_t ctrl, const char *filename );
-gpg_error_t decrypt_message_fd (ctrl_t ctrl, int input_fd, int output_fd);
+gpg_error_t decrypt_message_fd (ctrl_t ctrl, gnupg_fd_t input_fd,
+ gnupg_fd_t output_fd);
void decrypt_messages (ctrl_t ctrl, int nfiles, char *files[]);
/*-- plaintext.c --*/
int hash_datafiles( gcry_md_hd_t md, gcry_md_hd_t md2,
strlist_t files, const char *sigfilename, int textmode);
-int hash_datafile_by_fd ( gcry_md_hd_t md, gcry_md_hd_t md2, int data_fd,
- int textmode );
+int hash_datafile_by_fd (gcry_md_hd_t md, gcry_md_hd_t md2,
+ gnupg_fd_t data_fd, int textmode);
PKT_plaintext *setup_plaintext_name(const char *filename,IOBUF iobuf);
/*-- server.c --*/
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 5f3f6df86..043b34f62 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -81,7 +81,7 @@ struct mainproc_context
struct
{
/* A file descriptor of the signed data. Only used if not -1. */
- int data_fd;
+ gnupg_fd_t data_fd;
/* A list of filenames with the data files or NULL. This is only
used if DATA_FD is -1. */
strlist_t data_names;
@@ -1093,7 +1093,7 @@ static int
proc_compressed_cb (iobuf_t a, void *info)
{
if ( ((CTX)info)->signed_data.used
- && ((CTX)info)->signed_data.data_fd != -1)
+ && ((CTX)info)->signed_data.data_fd != GNUPG_INVALID_FD)
return proc_signature_packets_by_fd (((CTX)info)->ctrl, info, a,
((CTX)info)->signed_data.data_fd);
else
@@ -1515,7 +1515,7 @@ proc_signature_packets (ctrl_t ctrl, void *anchor, iobuf_t a,
c->anchor = anchor;
c->sigs_only = 1;
- c->signed_data.data_fd = -1;
+ c->signed_data.data_fd = GNUPG_INVALID_FD;
c->signed_data.data_names = signedfiles;
c->signed_data.used = !!signedfiles;
@@ -1545,8 +1545,8 @@ proc_signature_packets (ctrl_t ctrl, void *anchor, iobuf_t a,
int
-proc_signature_packets_by_fd (ctrl_t ctrl,
- void *anchor, iobuf_t a, int signed_data_fd )
+proc_signature_packets_by_fd (ctrl_t ctrl, void *anchor, iobuf_t a,
+ gnupg_fd_t signed_data_fd)
{
int rc;
CTX c;
@@ -1561,7 +1561,7 @@ proc_signature_packets_by_fd (ctrl_t ctrl,
c->signed_data.data_fd = signed_data_fd;
c->signed_data.data_names = NULL;
- c->signed_data.used = (signed_data_fd != -1);
+ c->signed_data.used = (signed_data_fd != GNUPG_INVALID_FD);
rc = do_proc_packets (c, a);
@@ -2545,8 +2545,6 @@ check_sig_and_print (CTX c, kbnode_t node)
release_kbnode( keyblock );
if (rc)
g10_errors_seen = 1;
- if (opt.batch && rc)
- g10_exit (1);
}
else /* Error checking the signature. (neither Good nor Bad). */
{
@@ -2632,7 +2630,8 @@ proc_tree (CTX c, kbnode_t node)
/* Ask for file and hash it. */
if (c->sigs_only)
{
- if (c->signed_data.used && c->signed_data.data_fd != -1)
+ if (c->signed_data.used
+ && c->signed_data.data_fd != GNUPG_INVALID_FD)
rc = hash_datafile_by_fd (c->mfx.md, NULL,
c->signed_data.data_fd,
use_textmode);
@@ -2663,7 +2662,8 @@ proc_tree (CTX c, kbnode_t node)
}
for (n1 = node; (n1 = find_next_kbnode (n1, PKT_SIGNATURE));)
- check_sig_and_print (c, n1);
+ if (check_sig_and_print (c, n1) && opt.batch)
+ break;
}
else if (node->pkt->pkttype == PKT_GPG_CONTROL
@@ -2682,8 +2682,8 @@ proc_tree (CTX c, kbnode_t node)
}
for (n1 = node; (n1 = find_next_kbnode (n1, PKT_SIGNATURE));)
- check_sig_and_print (c, n1);
-
+ if (check_sig_and_print (c, n1) && opt.batch)
+ break;
}
else if (node->pkt->pkttype == PKT_SIGNATURE)
{
@@ -2775,7 +2775,8 @@ proc_tree (CTX c, kbnode_t node)
if (c->sigs_only)
{
- if (c->signed_data.used && c->signed_data.data_fd != -1)
+ if (c->signed_data.used
+ && c->signed_data.data_fd != GNUPG_INVALID_FD)
rc = hash_datafile_by_fd (c->mfx.md, c->mfx.md2,
c->signed_data.data_fd,
(sig->sig_class == 0x01));
@@ -2810,7 +2811,8 @@ proc_tree (CTX c, kbnode_t node)
if (multiple_ok)
{
for (n1 = node; n1; (n1 = find_next_kbnode(n1, PKT_SIGNATURE)))
- check_sig_and_print (c, n1);
+ if (check_sig_and_print (c, n1) && opt.batch)
+ break;
}
else
check_sig_and_print (c, node);
diff --git a/g10/mdfilter.c b/g10/mdfilter.c
index f3318f15c..a655d6d72 100644
--- a/g10/mdfilter.c
+++ b/g10/mdfilter.c
@@ -22,6 +22,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
+#include <npth.h>
#include "gpg.h"
#include "../common/status.h"
@@ -71,3 +72,297 @@ free_md_filter_context( md_filter_context_t *mfx )
mfx->md2 = NULL;
mfx->maxbuf_size = 0;
}
+
+
+/****************
+ * Threaded implementation for hashing.
+ */
+
+struct md_thd_filter_context {
+ gcry_md_hd_t md;
+ npth_t thd;
+ /**/
+ npth_mutex_t mutex;
+ npth_cond_t cond;
+ size_t bufsize;
+ unsigned int produce : 1;
+ unsigned int consume : 1;
+ ssize_t written0;
+ ssize_t written1;
+ unsigned char buf[1];
+};
+
+
+static void
+lock_md (struct md_thd_filter_context *mfx)
+{
+ int rc = npth_mutex_lock (&mfx->mutex);
+ if (rc)
+ log_fatal ("%s: failed to acquire mutex: %s\n", __func__,
+ gpg_strerror (gpg_error_from_errno (rc)));
+}
+
+
+static void
+unlock_md (struct md_thd_filter_context * mfx)
+{
+ int rc = npth_mutex_unlock (&mfx->mutex);
+ if (rc)
+ log_fatal ("%s: failed to release mutex: %s\n", __func__,
+ gpg_strerror (gpg_error_from_errno (rc)));
+}
+
+static int
+get_buffer_to_hash (struct md_thd_filter_context *mfx,
+ unsigned char **r_buf, size_t *r_len)
+{
+ int rc = 0;
+
+ lock_md (mfx);
+
+ if ((mfx->consume == 0 && mfx->written0 < 0)
+ || (mfx->consume != 0 && mfx->written1 < 0))
+ {
+ rc = npth_cond_wait (&mfx->cond, &mfx->mutex);
+ if (rc)
+ {
+ unlock_md (mfx);
+ return -1;
+ }
+ }
+
+ if (mfx->consume == 0)
+ {
+ *r_buf = mfx->buf;
+ *r_len = mfx->written0;
+ }
+ else
+ {
+ *r_buf = mfx->buf + mfx->bufsize;
+ *r_len = mfx->written1;
+ }
+
+ unlock_md (mfx);
+
+ return 0;
+}
+
+static int
+put_buffer_to_recv (struct md_thd_filter_context *mfx)
+{
+ int rc = 0;
+
+ lock_md (mfx);
+ if (mfx->consume == 0)
+ {
+ mfx->written0 = -1;
+ mfx->consume = 1;
+ }
+ else
+ {
+ mfx->written1 = -1;
+ mfx->consume = 0;
+ }
+
+ rc = npth_cond_signal (&mfx->cond);
+ if (rc)
+ {
+ unlock_md (mfx);
+ return -1;
+ }
+
+ unlock_md (mfx);
+ return 0;
+}
+
+static int
+get_buffer_to_fill (struct md_thd_filter_context *mfx,
+ unsigned char **r_buf, size_t len)
+{
+ lock_md (mfx);
+
+ if (len > mfx->bufsize)
+ {
+ unlock_md (mfx);
+ return GPG_ERR_BUFFER_TOO_SHORT;
+ }
+
+ if ((mfx->produce == 0 && mfx->written0 >= 0)
+ || (mfx->produce != 0 && mfx->written1 >= 0))
+ {
+ int rc = npth_cond_wait (&mfx->cond, &mfx->mutex);
+ if (rc)
+ {
+ unlock_md (mfx);
+ return gpg_error_from_errno (rc);
+ }
+ }
+
+ if (mfx->produce == 0)
+ *r_buf = mfx->buf;
+ else
+ *r_buf = mfx->buf + mfx->bufsize;
+ unlock_md (mfx);
+ return 0;
+}
+
+static int
+put_buffer_to_send (struct md_thd_filter_context *mfx, size_t len)
+{
+ int rc;
+
+ lock_md (mfx);
+ if (mfx->produce == 0)
+ {
+ mfx->written0 = len;
+ mfx->produce = 1;
+ }
+ else
+ {
+ mfx->written1 = len;
+ mfx->produce = 0;
+ }
+
+ rc = npth_cond_signal (&mfx->cond);
+ if (rc)
+ {
+ unlock_md (mfx);
+ return gpg_error_from_errno (rc);
+ }
+
+ unlock_md (mfx);
+
+ /* Yield to the md_thread to let it compute the hash in parallel */
+ npth_usleep (0);
+ return 0;
+}
+
+
+static void *
+md_thread (void *arg)
+{
+ struct md_thd_filter_context *mfx = arg;
+
+ while (1)
+ {
+ unsigned char *buf;
+ size_t len;
+
+ if (get_buffer_to_hash (mfx, &buf, &len) < 0)
+ /* Error */
+ return NULL;
+
+ if (len == 0)
+ break;
+
+ npth_unprotect ();
+ gcry_md_write (mfx->md, buf, len);
+ npth_protect ();
+
+ if (put_buffer_to_recv (mfx) < 0)
+ /* Error */
+ return NULL;
+ }
+
+ return NULL;
+}
+
+int
+md_thd_filter (void *opaque, int control,
+ IOBUF a, byte *buf, size_t *ret_len)
+{
+ size_t size = *ret_len;
+ struct md_thd_filter_context **r_mfx = opaque;
+ struct md_thd_filter_context *mfx = *r_mfx;
+ int rc=0;
+
+ if (control == IOBUFCTRL_INIT)
+ {
+ npth_attr_t tattr;
+ size_t n;
+
+ n = 2 * iobuf_set_buffer_size (0) * 1024;
+ mfx = xtrymalloc (n + offsetof (struct md_thd_filter_context, buf));
+ if (!mfx)
+ return gpg_error_from_syserror ();
+ *r_mfx = mfx;
+ mfx->bufsize = n / 2;
+ mfx->consume = mfx->produce = 0;
+ mfx->written0 = -1;
+ mfx->written1 = -1;
+
+ rc = npth_mutex_init (&mfx->mutex, NULL);
+ if (rc)
+ {
+ return gpg_error_from_errno (rc);
+ }
+ rc = npth_cond_init (&mfx->cond, NULL);
+ if (rc)
+ {
+ npth_mutex_destroy (&mfx->mutex);
+ return gpg_error_from_errno (rc);
+ }
+ rc = npth_attr_init (&tattr);
+ if (rc)
+ {
+ npth_cond_destroy (&mfx->cond);
+ npth_mutex_destroy (&mfx->mutex);
+ return gpg_error_from_errno (rc);
+ }
+ npth_attr_setdetachstate (&tattr, NPTH_CREATE_JOINABLE);
+ rc = npth_create (&mfx->thd, &tattr, md_thread, mfx);
+ if (rc)
+ {
+ npth_cond_destroy (&mfx->cond);
+ npth_mutex_destroy (&mfx->mutex);
+ npth_attr_destroy (&tattr);
+ return gpg_error_from_errno (rc);
+ }
+ npth_attr_destroy (&tattr);
+ }
+ else if (control == IOBUFCTRL_UNDERFLOW)
+ {
+ int i;
+ unsigned char *md_buf = NULL;
+
+ i = iobuf_read (a, buf, size);
+ if (i == -1)
+ i = 0;
+
+ rc = get_buffer_to_fill (mfx, &md_buf, i);
+ if (rc)
+ return rc;
+
+ if (i)
+ memcpy (md_buf, buf, i);
+
+ rc = put_buffer_to_send (mfx, i);
+ if (rc)
+ return rc;
+
+ if (i == 0)
+ {
+ npth_join (mfx->thd, NULL);
+ rc = -1; /* eof */
+ }
+
+ *ret_len = i;
+ }
+ else if (control == IOBUFCTRL_FREE)
+ {
+ npth_cond_destroy (&mfx->cond);
+ npth_mutex_destroy (&mfx->mutex);
+ xfree (mfx);
+ *r_mfx = NULL;
+ }
+ else if (control == IOBUFCTRL_DESC)
+ mem2str (buf, "md_thd_filter", *ret_len);
+
+ return rc;
+}
+
+void
+md_thd_filter_set_md (struct md_thd_filter_context *mfx, gcry_md_hd_t md)
+{
+ mfx->md = md;
+}
diff --git a/g10/misc.c b/g10/misc.c
index 2f4b452dd..24242cc30 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -160,7 +160,7 @@ unregister_secured_file (const char *fname)
/* Return true if FD is corresponds to a secured file. Using -1 for
FS is allowed and will return false. */
int
-is_secured_file (int fd)
+is_secured_file (gnupg_fd_t fd)
{
#ifdef ENABLE_SELINUX_HACKS
struct stat buf;
@@ -799,6 +799,19 @@ openpgp_pk_algo_usage ( int algo )
case PUBKEY_ALGO_ECDSA:
case PUBKEY_ALGO_EDDSA:
use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH;
+ break;
+
+ case PUBKEY_ALGO_KY768_25519:
+ case PUBKEY_ALGO_KY1024_448:
+ use = PUBKEY_USAGE_ENC | PUBKEY_USAGE_RENC;
+ break;
+
+ case PUBKEY_ALGO_DIL3_25519:
+ case PUBKEY_ALGO_DIL5_448:
+ case PUBKEY_ALGO_SPHINX_SHA2:
+ use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG;
+ break;
+
default:
break;
}
@@ -1770,6 +1783,8 @@ pubkey_get_nenc (pubkey_algo_t algo)
case PUBKEY_ALGO_ECDSA: return 0;
case PUBKEY_ALGO_ELGAMAL: return 2;
case PUBKEY_ALGO_EDDSA: return 0;
+ case PUBKEY_ALGO_KY768_25519: return 4;
+ case PUBKEY_ALGO_KY1024_448: return 4;
default: return 0;
}
}
diff --git a/g10/openfile.c b/g10/openfile.c
index 5ca168a13..01f323399 100644
--- a/g10/openfile.c
+++ b/g10/openfile.c
@@ -179,13 +179,13 @@ ask_outfile_name( const char *name, size_t namelen )
* be closed if the returned IOBUF is closed. This is used for gpg's
* --server mode. */
int
-open_outfile (int out_fd, const char *iname, int mode, int restrictedperm,
- iobuf_t *a)
+open_outfile (gnupg_fd_t out_fd, const char *iname, int mode,
+ int restrictedperm, iobuf_t *a)
{
int rc = 0;
*a = NULL;
- if (out_fd != -1)
+ if (out_fd != GNUPG_INVALID_FD)
{
char xname[64];
@@ -193,12 +193,12 @@ open_outfile (int out_fd, const char *iname, int mode, int restrictedperm,
if (!*a)
{
rc = gpg_error_from_syserror ();
- snprintf (xname, sizeof xname, "[fd %d]", out_fd);
+ snprintf (xname, sizeof xname, "[fd %d]", FD_DBG (out_fd));
log_error (_("can't open '%s': %s\n"), xname, gpg_strerror (rc));
}
else if (opt.verbose)
{
- snprintf (xname, sizeof xname, "[fd %d]", out_fd);
+ snprintf (xname, sizeof xname, "[fd %d]", FD_DBG (out_fd));
log_info (_("writing to '%s'\n"), xname);
}
}
diff --git a/g10/options.h b/g10/options.h
index 458180c7a..476c30ad5 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -378,7 +378,9 @@ EXTERN_UNLESS_MAIN_MODULE int memory_debug_mode;
EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode;
/* Compatibility flags */
-/* #define COMPAT_FOO 1 */
+#define COMPAT_PARALLELIZED 1
+
+/* #define COMPAT_FOO 2 */
/* Compliance test macors. */
diff --git a/g10/packet.h b/g10/packet.h
index 39dab96c9..76ec78017 100644
--- a/g10/packet.h
+++ b/g10/packet.h
@@ -342,11 +342,11 @@ struct revoke_info
/* Information pertaining to secret keys. */
struct seckey_info
{
- int is_protected:1; /* The secret info is protected and must */
+ unsigned int is_protected:1; /* The secret info is protected and must */
/* be decrypted before use, the protected */
/* MPIs are simply (void*) pointers to memory */
/* and should never be passed to a mpi_xxx() */
- int sha1chk:1; /* SHA1 is used instead of a 16 bit checksum */
+ unsigned int sha1chk:1; /* SHA1 is used instead of a 16 bit checksum */
u16 csum; /* Checksum for old protection modes. */
byte algo; /* Cipher used to protect the secret information. */
STRING2KEY s2k; /* S2K parameter. */
@@ -634,8 +634,8 @@ void reset_literals_seen(void);
int proc_packets (ctrl_t ctrl, void *ctx, iobuf_t a );
int proc_signature_packets (ctrl_t ctrl, void *ctx, iobuf_t a,
strlist_t signedfiles, const char *sigfile );
-int proc_signature_packets_by_fd (ctrl_t ctrl,
- void *anchor, IOBUF a, int signed_data_fd );
+int proc_signature_packets_by_fd (ctrl_t ctrl, void *anchor, IOBUF a,
+ gnupg_fd_t signed_data_fd);
int proc_encryption_packets (ctrl_t ctrl, void *ctx, iobuf_t a);
int list_packets( iobuf_t a );
diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index aa6bac9da..34760a2d1 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -188,6 +188,65 @@ mpi_read (iobuf_t inp, unsigned int *ret_nread, int secure)
}
+/* Read an octet string of length NBYTES from INP and return it at
+ * R_DATA. On error return an error code and store NULL at R_DATA.
+ * PKTLEN shall give the current lenhgth of the packt and is updated
+ * with each read. If SECURE is true, the integer is stored in secure
+ * memory (allocated using gcry_xmalloc_secure). */
+static gpg_error_t
+read_octet_string (iobuf_t inp, unsigned long *pktlen, unsigned int nbytes,
+ int secure, gcry_mpi_t *r_data)
+{
+ gpg_error_t err;
+ int c, i;
+ byte *buf = NULL;
+ byte *p;
+
+ *r_data = NULL;
+
+ if (nbytes*8 > MAX_EXTERN_MPI_BITS)
+ {
+ log_error ("octet string too large (%u octets)\n", nbytes);
+ err = gpg_error (GPG_ERR_TOO_LARGE);
+ goto leave;
+ }
+ if (nbytes > *pktlen)
+ {
+ log_error ("octet string larger than packet (%u octets)\n", nbytes);
+ err = gpg_error (GPG_ERR_INV_PACKET);
+ goto leave;
+ }
+
+ buf = secure ? gcry_malloc_secure (nbytes) : gcry_malloc (nbytes);
+ if (!buf)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
+ p = buf;
+ for (i = 0; i < nbytes; i++)
+ {
+ c = iobuf_get (inp);
+ if (c == -1)
+ {
+ err = gpg_error (GPG_ERR_INV_PACKET);
+ goto leave;
+ }
+
+ p[i] = c;
+ --*pktlen;
+ }
+
+ *r_data = gcry_mpi_set_opaque (NULL, buf, nbytes*8);
+ gcry_mpi_set_flag (*r_data, GCRYMPI_FLAG_USER2);
+ return 0;
+
+ leave:
+ gcry_free (buf);
+ return err;
+}
+
+
/* Read an external representation of an SOS and return the opaque MPI
with GCRYMPI_FLAG_USER2. The external format is a 16-bit unsigned
value stored in network byte order giving information for the
@@ -1102,32 +1161,29 @@ read_rest (IOBUF inp, size_t pktlen)
/* Read a special size+body from INP. On success store an opaque MPI
- with it at R_DATA. On error return an error code and store NULL at
- R_DATA. Even in the error case store the number of read bytes at
- R_NREAD. The caller shall pass the remaining size of the packet in
- PKTLEN. */
+ * with it at R_DATA. The caller shall store the remaining size of
+ * the packet at PKTLEN. On error return an error code and store NULL
+ * at R_DATA. Even in the error case store the number of read bytes
+ * at PKTLEN is updated. */
static gpg_error_t
-read_size_body (iobuf_t inp, int pktlen, size_t *r_nread,
- gcry_mpi_t *r_data)
+read_sized_octet_string (iobuf_t inp, unsigned long *pktlen, gcry_mpi_t *r_data)
{
char buffer[256];
char *tmpbuf;
int i, c, nbytes;
- *r_nread = 0;
*r_data = NULL;
- if (!pktlen)
+ if (!*pktlen)
return gpg_error (GPG_ERR_INV_PACKET);
c = iobuf_readbyte (inp);
if (c < 0)
return gpg_error (GPG_ERR_INV_PACKET);
- pktlen--;
- ++*r_nread;
+ --*pktlen;
nbytes = c;
if (nbytes < 2 || nbytes > 254)
return gpg_error (GPG_ERR_INV_PACKET);
- if (nbytes > pktlen)
+ if (nbytes > *pktlen)
return gpg_error (GPG_ERR_INV_PACKET);
buffer[0] = nbytes;
@@ -1137,7 +1193,7 @@ read_size_body (iobuf_t inp, int pktlen, size_t *r_nread,
c = iobuf_get (inp);
if (c < 0)
return gpg_error (GPG_ERR_INV_PACKET);
- ++*r_nread;
+ --*pktlen;
buffer[1+i] = c;
}
@@ -1350,7 +1406,9 @@ parse_pubkeyenc (IOBUF inp, int pkttype, unsigned long pktlen,
{
int rc = 0;
int i, ndata;
+ unsigned int n;
PKT_pubkey_enc *k;
+ int is_ky1024 = 0;
k = packet->pkt.pubkey_enc = xmalloc_clear (sizeof *packet->pkt.pubkey_enc);
if (pktlen < 12)
@@ -1392,46 +1450,71 @@ parse_pubkeyenc (IOBUF inp, int pkttype, unsigned long pktlen,
unknown_pubkey_warning (k->pubkey_algo);
k->data[0] = NULL; /* No need to store the encrypted data. */
}
+ else if (k->pubkey_algo == PUBKEY_ALGO_ECDH)
+ {
+ log_assert (ndata == 2);
+ /* Get the ephemeral public key. */
+ n = pktlen;
+ k->data[0] = sos_read (inp, &n, 0);
+ pktlen -= n;
+ if (!k->data[0])
+ {
+ rc = gpg_error (GPG_ERR_INV_PACKET);
+ goto leave;
+ }
+ /* Get the wrapped symmetric key. */
+ rc = read_sized_octet_string (inp, &pktlen, k->data + 1);
+ if (rc)
+ goto leave;
+ }
+ else if (k->pubkey_algo == PUBKEY_ALGO_KY768_25519
+ || (is_ky1024 = (k->pubkey_algo == PUBKEY_ALGO_KY1024_448)))
+ {
+ log_assert (ndata == 4);
+ /* Get the ephemeral public key. */
+ n = is_ky1024? 56 : 32;
+ rc = read_octet_string (inp, &pktlen, n, 0, k->data + 0);
+ if (rc)
+ goto leave;
+ /* Get the Kyber ciphertext. */
+ n = is_ky1024? 1568 : 1088;
+ rc = read_octet_string (inp, &pktlen, n, 0, k->data + 1);
+ if (rc)
+ goto leave;
+ /* Get the algorithm id. */
+ n = 1;
+ rc = read_octet_string (inp, &pktlen, n, 0, k->data + 2);
+ if (rc)
+ goto leave;
+ /* Get the wrapped symmetric key. */
+ rc = read_sized_octet_string (inp, &pktlen, k->data + 3);
+ if (rc)
+ goto leave;
+ }
else
{
for (i = 0; i < ndata; i++)
{
- if (k->pubkey_algo == PUBKEY_ALGO_ECDH)
- {
- if (i == 1)
- {
- size_t n;
- rc = read_size_body (inp, pktlen, &n, k->data+i);
- pktlen -= n;
- }
- else
- {
- int n = pktlen;
- k->data[i] = sos_read (inp, &n, 0);
- pktlen -= n;
- if (!k->data[i])
- rc = gpg_error (GPG_ERR_INV_PACKET);
- }
- }
- else
- {
- int n = pktlen;
- k->data[i] = mpi_read (inp, &n, 0);
- pktlen -= n;
- if (!k->data[i])
- rc = gpg_error (GPG_ERR_INV_PACKET);
- }
- if (rc)
- goto leave;
- if (list_mode)
- {
- es_fprintf (listfp, "\tdata: ");
- mpi_print (listfp, k->data[i], mpi_print_mode);
- es_putc ('\n', listfp);
- }
+ n = pktlen;
+ k->data[i] = mpi_read (inp, &n, 0);
+ pktlen -= n;
+ if (!k->data[i])
+ rc = gpg_error (GPG_ERR_INV_PACKET);
+ }
+ if (rc)
+ goto leave;
+ }
+ if (list_mode)
+ {
+ for (i = 0; i < ndata; i++)
+ {
+ es_fprintf (listfp, "\tdata: ");
+ mpi_print (listfp, k->data[i], mpi_print_mode);
+ es_putc ('\n', listfp);
}
}
+
leave:
iobuf_skip_rest (inp, pktlen, 0);
return rc;
@@ -2601,9 +2684,7 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
|| (algorithm == PUBKEY_ALGO_ECDH && (i == 0 || i == 2)))
{
/* Read the OID (i==0) or the KDF params (i==2). */
- size_t n;
- err = read_size_body (inp, pktlen, &n, pk->pkey+i);
- pktlen -= n;
+ err = read_sized_octet_string (inp, &pktlen, pk->pkey+i);
}
else
{
diff --git a/g10/photoid.c b/g10/photoid.c
index fc8866121..8cc7e3a20 100644
--- a/g10/photoid.c
+++ b/g10/photoid.c
@@ -27,9 +27,6 @@
# include <winsock2.h>
# endif
# include <windows.h>
-# ifndef VER_PLATFORM_WIN32_WINDOWS
-# define VER_PLATFORM_WIN32_WINDOWS 1
-# endif
#endif
#include "gpg.h"
@@ -95,8 +92,15 @@ w32_system (const char *command)
return -1;
}
if (DBG_EXTPROG)
- log_debug ("ShellExecuteEx succeeded (hProcess=%p,hInstApp=%d)\n",
- see.hProcess, (int)see.hInstApp);
+ {
+ /* hInstApp has HINSTANCE type. The documentations says
+ that it's not a true HINSTANCE and it can be cast only to
+ an int. */
+ int hinstance = (intptr_t)see.hInstApp;
+
+ log_debug ("ShellExecuteEx succeeded (hProcess=%p,hInstApp=%d)\n",
+ see.hProcess, hinstance);
+ }
if (!see.hProcess)
{
@@ -381,16 +385,7 @@ static const char *
get_default_photo_command(void)
{
#if defined(_WIN32)
- OSVERSIONINFO osvi;
-
- memset(&osvi,0,sizeof(osvi));
- osvi.dwOSVersionInfoSize=sizeof(osvi);
- GetVersionEx(&osvi);
-
- if(osvi.dwPlatformId==VER_PLATFORM_WIN32_WINDOWS)
- return "start /w %i";
- else
- return "!ShellExecute 400 %i";
+ return "!ShellExecute 400 %i";
#elif defined(__APPLE__)
/* OS X. This really needs more than just __APPLE__. */
return "open %I";
@@ -600,34 +595,35 @@ run_with_pipe (struct spawn_info *info, const void *image, u32 len)
" external programs\n"));
return;
#else /* !EXEC_TEMPFILE_ONLY */
- int to[2];
- pid_t pid;
gpg_error_t err;
const char *argv[4];
-
- err = gnupg_create_pipe (to);
- if (err)
- return;
+ gnupg_process_t proc;
fill_command_argv (argv, info->command);
- err = gnupg_spawn_process_fd (argv[0], argv+1, to[0], -1, -1, &pid);
-
- close (to[0]);
-
+ err = gnupg_process_spawn (argv[0], argv+1, GNUPG_PROCESS_STDIN_PIPE,
+ NULL, NULL, &proc);
if (err)
- {
- log_error (_("unable to execute shell '%s': %s\n"),
- argv[0], gpg_strerror (err));
- close (to[1]);
- }
+ log_error (_("unable to execute shell '%s': %s\n"),
+ argv[0], gpg_strerror (err));
else
{
- write (to[1], image, len);
- close (to[1]);
+ int fd_in;
+
+ err = gnupg_process_get_fds (proc, 0, &fd_in, NULL, NULL);
+ if (err)
+ log_error ("unable to get pipe connection '%s': %s\n",
+ argv[2], gpg_strerror (err));
+ else
+ {
+ write (fd_in, image, len);
+ close (fd_in);
+ }
- err = gnupg_wait_process (argv[0], pid, 1, NULL);
+ err = gnupg_process_wait (proc, 1);
if (err)
log_error (_("unnatural exit of external program\n"));
+
+ gnupg_process_release (proc);
}
#endif /* !EXEC_TEMPFILE_ONLY */
}
@@ -695,14 +691,11 @@ show_photo (const char *command, const char *name, const void *image, u32 len)
log_error (_("system error while calling external program: %s\n"),
strerror (errno));
#else
- pid_t pid;
gpg_error_t err;
const char *argv[4];
fill_command_argv (argv, spawn->command);
- err = gnupg_spawn_process_fd (argv[0], argv+1, -1, -1, -1, &pid);
- if (!err)
- err = gnupg_wait_process (argv[0], pid, 1, NULL);
+ err = gnupg_process_spawn (argv[0], argv+1, 0, NULL, NULL, NULL);
if (err)
log_error (_("unnatural exit of external program\n"));
#endif
diff --git a/g10/plaintext.c b/g10/plaintext.c
index 5c21dd7f6..a96214994 100644
--- a/g10/plaintext.c
+++ b/g10/plaintext.c
@@ -111,20 +111,20 @@ get_output_file (const byte *embedded_name, int embedded_namelen,
{
/* Special file name, no filename, or "-" given; write to the
* file descriptor or to stdout. */
- int fd;
+ gnupg_fd_t fd;
char xname[64];
- fd = check_special_filename (fname, 1, 0);
- if (fd == -1)
+ fd = gnupg_check_special_filename (fname);
+ if (fd == GNUPG_INVALID_FD)
{
/* Not a special filename, thus we want stdout. */
fp = es_stdout;
es_set_binary (fp);
}
- else if (!(fp = es_fdopen_nc (fd, "wb")))
+ else if (!(fp = open_stream_nc (fd, "wb")))
{
err = gpg_error_from_syserror ();
- snprintf (xname, sizeof xname, "[fd %d]", fd);
+ snprintf (xname, sizeof xname, "[fd %d]", FD_DBG (fd));
log_error (_("can't open '%s': %s\n"), xname, gpg_strerror (err));
goto leave;
}
@@ -137,8 +137,7 @@ get_output_file (const byte *embedded_name, int embedded_namelen,
if (!tmp || !*tmp)
{
xfree (tmp);
- /* FIXME: Below used to be GPG_ERR_CREATE_FILE */
- err = gpg_error (GPG_ERR_GENERAL);
+ err = gpg_error (GPG_ERR_EEXIST);
goto leave;
}
xfree (fname);
@@ -146,13 +145,7 @@ get_output_file (const byte *embedded_name, int embedded_namelen,
}
}
- if (opt.outfp && is_secured_file (es_fileno (opt.outfp)))
- {
- err = gpg_error (GPG_ERR_EPERM);
- log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err));
- goto leave;
- }
- else if (fp || nooutput)
+ if (fp || nooutput)
;
else if (is_secured_filename (fname))
{
@@ -729,8 +722,8 @@ hash_datafiles (gcry_md_hd_t md, gcry_md_hd_t md2, strlist_t files,
/* Hash the data from file descriptor DATA_FD and append the hash to hash
contexts MD and MD2. */
int
-hash_datafile_by_fd (gcry_md_hd_t md, gcry_md_hd_t md2, int data_fd,
- int textmode)
+hash_datafile_by_fd (gcry_md_hd_t md, gcry_md_hd_t md2,
+ gnupg_fd_t data_fd, int textmode)
{
progress_filter_context_t *pfx = new_progress_context ();
iobuf_t fp;
@@ -747,7 +740,7 @@ hash_datafile_by_fd (gcry_md_hd_t md, gcry_md_hd_t md2, int data_fd,
{
int rc = gpg_error_from_syserror ();
log_error (_("can't open signed data fd=%d: %s\n"),
- data_fd, strerror (errno));
+ FD_DBG (data_fd), strerror (errno));
release_progress_context (pfx);
return rc;
}
diff --git a/g10/revoke.c b/g10/revoke.c
index d6cbf93cb..ef5bb4d78 100644
--- a/g10/revoke.c
+++ b/g10/revoke.c
@@ -333,7 +333,7 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr)
if( !opt.armor )
tty_printf(_("ASCII armored output forced.\n"));
- if( (rc = open_outfile (-1, NULL, 0, 1, &out )) )
+ if( (rc = open_outfile (GNUPG_INVALID_FD, NULL, 0, 1, &out )) )
goto leave;
afx->what = 1;
@@ -464,7 +464,7 @@ create_revocation (ctrl_t ctrl,
afx = new_armor_context ();
- if ((rc = open_outfile (-1, filename, suffix, 1, &out)))
+ if ((rc = open_outfile (GNUPG_INVALID_FD, filename, suffix, 1, &out)))
goto leave;
if (leadintext )
diff --git a/g10/server.c b/g10/server.c
index 60b447c41..24e525e7f 100644
--- a/g10/server.c
+++ b/g10/server.c
@@ -265,7 +265,7 @@ cmd_encrypt (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
gpg_error_t err;
- int inp_fd, out_fd;
+ gnupg_fd_t inp_fd, out_fd;
(void)line; /* LINE is not used. */
@@ -276,14 +276,14 @@ cmd_encrypt (assuan_context_t ctx, char *line)
goto leave;
}
- inp_fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0);
- if (inp_fd == -1)
+ inp_fd = assuan_get_input_fd (ctx);
+ if (inp_fd == GNUPG_INVALID_FD)
{
err = set_error (GPG_ERR_ASS_NO_INPUT, NULL);
goto leave;
}
- out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1);
- if (out_fd == -1)
+ out_fd = assuan_get_output_fd (ctx);
+ if (out_fd == GNUPG_INVALID_FD)
{
err = set_error (GPG_ERR_ASS_NO_OUTPUT, NULL);
goto leave;
@@ -327,15 +327,15 @@ cmd_decrypt (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
gpg_error_t err;
- int inp_fd, out_fd;
+ gnupg_fd_t inp_fd, out_fd;
(void)line; /* LINE is not used. */
- inp_fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0);
- if (inp_fd == -1)
+ inp_fd = assuan_get_input_fd (ctx);
+ if (inp_fd == GNUPG_INVALID_FD)
return set_error (GPG_ERR_ASS_NO_INPUT, NULL);
- out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1);
- if (out_fd == -1)
+ out_fd = assuan_get_output_fd (ctx);
+ if (out_fd == GNUPG_INVALID_FD)
return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL);
glo_ctrl.lasterr = 0;
@@ -388,16 +388,7 @@ cmd_verify (assuan_context_t ctx, char *line)
if (out_fd != GNUPG_INVALID_FD)
{
- es_syshd_t syshd;
-
-#ifdef HAVE_W32_SYSTEM
- syshd.type = ES_SYSHD_HANDLE;
- syshd.u.handle = out_fd;
-#else
- syshd.type = ES_SYSHD_FD;
- syshd.u.fd = out_fd;
-#endif
- out_fp = es_sysopen_nc (&syshd, "w");
+ out_fp = open_stream_nc (fd, "w");
if (!out_fp)
return set_error (gpg_err_code_from_syserror (), "fdopen() failed");
}
diff --git a/g10/sign.c b/g10/sign.c
index b00bdfefd..e00baf3e7 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -1022,7 +1022,9 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
const char *fname;
armor_filter_context_t *afx;
compress_filter_context_t zfx;
+ gcry_md_hd_t md = NULL;
md_filter_context_t mfx;
+ md_thd_filter_context_t mfx2 = NULL;
text_filter_context_t tfx;
progress_filter_context_t *pfx;
encrypt_filter_context_t efx;
@@ -1115,7 +1117,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
else if (opt.verbose)
log_info (_("writing to '%s'\n"), outfile);
}
- else if ((rc = open_outfile (-1, fname,
+ else if ((rc = open_outfile (GNUPG_INVALID_FD, fname,
opt.armor? 1 : detached? 2 : 0, 0, &out)))
{
goto leave;
@@ -1128,10 +1130,10 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
iobuf_push_filter (inp, text_filter, &tfx);
}
- if (gcry_md_open (&mfx.md, 0, 0))
+ if (gcry_md_open (&md, 0, 0))
BUG ();
if (DBG_HASHING)
- gcry_md_debug (mfx.md, "sign");
+ gcry_md_debug (md, "sign");
/* If we're encrypting and signing, it is reasonable to pick the
* hash algorithm to use out of the recipient key prefs. This is
@@ -1228,10 +1230,21 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
}
for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next)
- gcry_md_enable (mfx.md, hash_for (sk_rover->pk));
+ gcry_md_enable (md, hash_for (sk_rover->pk));
if (!multifile)
- iobuf_push_filter (inp, md_filter, &mfx);
+ {
+ if (encryptflag && (opt.compat_flags & COMPAT_PARALLELIZED))
+ {
+ iobuf_push_filter (inp, md_thd_filter, &mfx2);
+ md_thd_filter_set_md (mfx2, md);
+ }
+ else
+ {
+ iobuf_push_filter (inp, md_filter, &mfx);
+ mfx.md = md;
+ }
+ }
if (detached && !encryptflag)
afx->what = 2;
@@ -1294,7 +1307,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
goto leave;
}
- write_status_begin_signing (mfx.md);
+ write_status_begin_signing (md);
/* Setup the inner packet. */
if (detached)
@@ -1334,7 +1347,16 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
memset (&tfx, 0, sizeof tfx);
iobuf_push_filter (inp, text_filter, &tfx);
}
- iobuf_push_filter (inp, md_filter, &mfx);
+ if (encryptflag && (opt.compat_flags & COMPAT_PARALLELIZED))
+ {
+ iobuf_push_filter (inp, md_thd_filter, &mfx2);
+ md_thd_filter_set_md (mfx2, md);
+ }
+ else
+ {
+ iobuf_push_filter (inp, md_filter, &mfx);
+ mfx.md = md;
+ }
while (iobuf_read (inp, NULL, iobuf_size) != -1)
;
iobuf_close (inp);
@@ -1363,7 +1385,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
goto leave;
/* Write the signatures. */
- rc = write_signature_packets (ctrl, sk_list, out, mfx.md, extrahash,
+ rc = write_signature_packets (ctrl, sk_list, out, md, extrahash,
opt.textmode && !outfile? 0x01 : 0x00,
0, duration, detached ? 'D':'S', NULL);
if (rc)
@@ -1380,7 +1402,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
write_status (STATUS_END_ENCRYPTION);
}
iobuf_close (inp);
- gcry_md_close (mfx.md);
+ gcry_md_close (md);
release_sk_list (sk_list);
release_pk_list (pk_list);
recipient_digest_algo = 0;
@@ -1461,7 +1483,7 @@ clearsign_file (ctrl_t ctrl,
log_info (_("writing to '%s'\n"), outfile);
}
- else if ((rc = open_outfile (-1, fname, 1, 0, &out)))
+ else if ((rc = open_outfile (GNUPG_INVALID_FD, fname, 1, 0, &out)))
{
goto leave;
}
@@ -1563,6 +1585,8 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr)
progress_filter_context_t *pfx;
compress_filter_context_t zfx;
md_filter_context_t mfx;
+ md_thd_filter_context_t mfx2 = NULL;
+ gcry_md_hd_t md = NULL;
text_filter_context_t tfx;
cipher_filter_context_t cfx;
iobuf_t inp = NULL;
@@ -1639,22 +1663,32 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr)
/**/ : "CFB");
/* Now create the outfile. */
- rc = open_outfile (-1, fname, opt.armor? 1:0, 0, &out);
+ rc = open_outfile (GNUPG_INVALID_FD, fname, opt.armor? 1:0, 0, &out);
if (rc)
goto leave;
/* Prepare to calculate the MD over the input. */
if (opt.textmode)
iobuf_push_filter (inp, text_filter, &tfx);
- if (gcry_md_open (&mfx.md, 0, 0))
+ if (gcry_md_open (&md, 0, 0))
BUG ();
if (DBG_HASHING)
- gcry_md_debug (mfx.md, "symc-sign");
+ gcry_md_debug (md, "symc-sign");
for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next)
- gcry_md_enable (mfx.md, hash_for (sk_rover->pk));
+ gcry_md_enable (md, hash_for (sk_rover->pk));
+
+ if ((opt.compat_flags & COMPAT_PARALLELIZED))
+ {
+ iobuf_push_filter (inp, md_thd_filter, &mfx2);
+ md_thd_filter_set_md (mfx2, md);
+ }
+ else
+ {
+ iobuf_push_filter (inp, md_filter, &mfx);
+ mfx.md = md;
+ }
- iobuf_push_filter (inp, md_filter, &mfx);
/* Push armor output filter */
if (opt.armor)
@@ -1696,7 +1730,7 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr)
if (rc)
goto leave;
- write_status_begin_signing (mfx.md);
+ write_status_begin_signing (md);
/* Pipe data through all filters; i.e. write the signed stuff. */
/* (current filters: zip - encrypt - armor) */
@@ -1708,7 +1742,7 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr)
/* Write the signatures. */
/* (current filters: zip - encrypt - armor) */
- rc = write_signature_packets (ctrl, sk_list, out, mfx.md, extrahash,
+ rc = write_signature_packets (ctrl, sk_list, out, md, extrahash,
opt.textmode? 0x01 : 0x00,
0, duration, 'S', NULL);
if (rc)
@@ -1725,7 +1759,7 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr)
}
iobuf_close (inp);
release_sk_list (sk_list);
- gcry_md_close (mfx.md);
+ gcry_md_close (md);
xfree (cfx.dek);
xfree (s2k);
release_progress_context (pfx);
diff --git a/g10/tdbdump.c b/g10/tdbdump.c
index 058ab5cf6..99f135678 100644
--- a/g10/tdbdump.c
+++ b/g10/tdbdump.c
@@ -141,19 +141,16 @@ import_ownertrust (ctrl_t ctrl, const char *fname )
fname = "[stdin]";
is_stdin = 1;
}
+ else if (is_secured_filename (fname)) {
+ gpg_err_set_errno (EPERM);
+ log_error (_("can't open '%s': %s\n"), fname, strerror(errno) );
+ return;
+ }
else if( !(fp = es_fopen( fname, "r" )) ) {
log_error ( _("can't open '%s': %s\n"), fname, strerror(errno) );
return;
}
- if (is_secured_file (es_fileno (fp)))
- {
- es_fclose (fp);
- gpg_err_set_errno (EPERM);
- log_error (_("can't open '%s': %s\n"), fname, strerror(errno) );
- return;
- }
-
while (es_fgets (line, DIM(line)-1, fp)) {
TRUSTREC rec;
diff --git a/g10/verify.c b/g10/verify.c
index 1c3de767c..c2c63255c 100644
--- a/g10/verify.c
+++ b/g10/verify.c
@@ -240,7 +240,8 @@ verify_files (ctrl_t ctrl, int nfiles, char **files )
FIXME: OUTFP is not yet implemented.
*/
int
-gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, estream_t out_fp)
+gpg_verify (ctrl_t ctrl, gnupg_fd_t sig_fd, gnupg_fd_t data_fd,
+ estream_t out_fp)
{
int rc;
iobuf_t fp;
@@ -260,7 +261,8 @@ gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, estream_t out_fp)
if (!fp)
{
rc = gpg_error_from_syserror ();
- log_error (_("can't open fd %d: %s\n"), sig_fd, strerror (errno));
+ log_error (_("can't open fd %d: %s\n"), FD_DBG (sig_fd),
+ strerror (errno));
goto leave;
}
diff --git a/g13/be-encfs.c b/g13/be-encfs.c
index 0e2c68bf3..ac6d6d6cd 100644
--- a/g13/be-encfs.c
+++ b/g13/be-encfs.c
@@ -28,10 +28,10 @@
#include "g13.h"
#include "../common/i18n.h"
#include "keyblob.h"
-#include "be-encfs.h"
-#include "runner.h"
#include "../common/sysutils.h"
#include "../common/exechelp.h"
+#include "runner.h"
+#include "be-encfs.h"
/* Command values used to run the encfs tool. */
@@ -81,7 +81,9 @@ run_umount_helper (const char *mountpoint)
args[1] = mountpoint;
args[2] = NULL;
- err = gnupg_spawn_process_detached (pgmname, args, NULL);
+ err = gnupg_process_spawn (pgmname, args,
+ GNUPG_PROCESS_DETACHED,
+ NULL, NULL, NULL);
if (err)
log_error ("failed to run '%s': %s\n",
pgmname, gpg_strerror (err));
@@ -218,12 +220,11 @@ run_encfs_tool (ctrl_t ctrl, enum encfs_cmds cmd,
gpg_error_t err;
encfs_parm_t parm;
runner_t runner = NULL;
- int outbound[2] = { -1, -1 };
- int inbound[2] = { -1, -1 };
const char *pgmname;
const char *argv[10];
- pid_t pid = (pid_t)(-1);
int idx;
+ gnupg_process_t proc;
+ int inbound, outbound;
(void)ctrl;
@@ -246,15 +247,6 @@ run_encfs_tool (ctrl_t ctrl, enum encfs_cmds cmd,
if (err)
goto leave;
- err = gnupg_create_inbound_pipe (inbound, NULL, 0);
- if (!err)
- err = gnupg_create_outbound_pipe (outbound, NULL, 0);
- if (err)
- {
- log_error (_("error creating a pipe: %s\n"), gpg_strerror (err));
- goto leave;
- }
-
pgmname = ENCFS;
idx = 0;
argv[idx++] = "-f";
@@ -267,47 +259,42 @@ run_encfs_tool (ctrl_t ctrl, enum encfs_cmds cmd,
argv[idx++] = NULL;
assert (idx <= DIM (argv));
- err = gnupg_spawn_process_fd (pgmname, argv,
- outbound[0], -1, inbound[1], &pid);
+ err = gnupg_process_spawn (pgmname, argv,
+ (GNUPG_PROCESS_STDIN_PIPE
+ | GNUPG_PROCESS_STDERR_PIPE),
+ NULL, NULL, &proc);
if (err)
{
log_error ("error spawning '%s': %s\n", pgmname, gpg_strerror (err));
goto leave;
}
- close (outbound[0]); outbound[0] = -1;
- close ( inbound[1]); inbound[1] = -1;
- runner_set_fds (runner, inbound[0], outbound[1]);
- inbound[0] = -1; /* Now owned by RUNNER. */
- outbound[1] = -1; /* Now owned by RUNNER. */
+ err = gnupg_process_get_fds (proc, 0, &outbound, NULL, &inbound);
+ if (err)
+ {
+ log_error ("error get fds '%s': %s\n", pgmname, gpg_strerror (err));
+ gnupg_process_release (proc);
+ goto leave;
+ }
+
+ runner_set_fds (runner, inbound, outbound);
runner_set_handler (runner, encfs_handler, encfs_handler_cleanup, parm);
parm = NULL; /* Now owned by RUNNER. */
- runner_set_pid (runner, pid);
- pid = (pid_t)(-1); /* The process is now owned by RUNNER. */
+ runner_set_proc (runner, proc);
err = runner_spawn (runner);
if (err)
- goto leave;
+ {
+ gnupg_process_release (proc);
+ goto leave;
+ }
*r_id = runner_get_rid (runner);
log_info ("running '%s' in the background\n", pgmname);
leave:
- if (inbound[0] != -1)
- close (inbound[0]);
- if (inbound[1] != -1)
- close (inbound[1]);
- if (outbound[0] != -1)
- close (outbound[0]);
- if (outbound[1] != -1)
- close (outbound[1]);
- if (pid != (pid_t)(-1))
- {
- gnupg_wait_process (pgmname, pid, 1, NULL);
- gnupg_release_process (pid);
- }
runner_release (runner);
encfs_handler_cleanup (parm);
return err;
diff --git a/g13/g13-syshelp.c b/g13/g13-syshelp.c
index 0de1cf15d..08b67377c 100644
--- a/g13/g13-syshelp.c
+++ b/g13/g13-syshelp.c
@@ -306,7 +306,6 @@ main (int argc, char **argv)
/* Prepare libassuan. */
assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
- /*assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);*/
setup_libassuan_logging (&opt.debug, NULL);
/* Setup a default control structure for command line mode. */
diff --git a/g13/g13.c b/g13/g13.c
index 4942e7893..dc2dca109 100644
--- a/g13/g13.c
+++ b/g13/g13.c
@@ -40,6 +40,7 @@
#include "../common/gc-opt-flags.h"
#include "../common/asshelp.h"
#include "../common/init.h"
+#include "../common/exechelp.h"
#include "keyblob.h"
#include "server.h"
#include "runner.h"
@@ -228,10 +229,6 @@ static void start_idle_task (void);
static void join_idle_task (void);
-/* Begin NPth wrapper functions. */
-ASSUAN_SYSTEM_NPTH_IMPL;
-
-
static const char *
my_strusage( int level )
{
@@ -378,6 +375,7 @@ main (int argc, char **argv)
init_common_subsystems (&argc, &argv);
npth_init ();
+ gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
/* Take extra care of the random pool. */
gcry_control (GCRYCTL_USE_SECURE_RNDPOOL);
@@ -436,8 +434,8 @@ main (int argc, char **argv)
/* Prepare libassuan. */
assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
- assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
setup_libassuan_logging (&opt.debug, NULL);
+ assuan_control (ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP, NULL);
/* Setup a default control structure for command line mode. */
memset (&ctrl, 0, sizeof ctrl);
diff --git a/g13/mount.c b/g13/mount.c
index 45b60806c..071b76b67 100644
--- a/g13/mount.c
+++ b/g13/mount.c
@@ -34,10 +34,11 @@
#include "backend.h"
#include "g13tuple.h"
#include "mountinfo.h"
-#include "runner.h"
#include "../common/host2net.h"
#include "server.h" /*(g13_keyblob_decrypt)*/
#include "../common/sysutils.h"
+#include "../common/exechelp.h"
+#include "runner.h"
#include "call-syshelp.h"
diff --git a/g13/runner.c b/g13/runner.c
index b08d99030..c0534fe5d 100644
--- a/g13/runner.c
+++ b/g13/runner.c
@@ -29,8 +29,8 @@
#include "g13.h"
#include "../common/i18n.h"
#include "keyblob.h"
-#include "runner.h"
#include "../common/exechelp.h"
+#include "runner.h"
#include "mountinfo.h"
/* The runner object. */
@@ -55,7 +55,7 @@ struct runner_s
2 = Thread is running and someone is holding a reference. */
int refcount;
- pid_t pid; /* PID of the backend's process (the engine). */
+ gnupg_process_t proc; /* Process of the backend's process (the engine). */
int in_fd; /* File descriptors to read from the engine. */
int out_fd; /* File descriptors to write to the engine. */
engine_handler_fnc_t handler; /* The handler functions. */
@@ -157,16 +157,16 @@ runner_release (runner_t runner)
if (runner->handler_cleanup)
runner->handler_cleanup (runner->handler_data);
- if (runner->pid != (pid_t)(-1))
+ if (runner->proc)
{
/* The process has not been cleaned up - do it now. */
- gnupg_kill_process (runner->pid);
+ gnupg_process_terminate (runner->proc);
/* (Actually we should use the program name and not the
arbitrary NAME of the runner object. However it does not
matter because that information is only used for
diagnostics.) */
- gnupg_wait_process (runner->name, runner->pid, 1, NULL);
- gnupg_release_process (runner->pid);
+ gnupg_process_wait (runner->proc, 1);
+ gnupg_process_release (runner->proc);
}
xfree (runner->name);
@@ -212,7 +212,7 @@ runner_new (runner_t *r_runner, const char *name)
return gpg_error_from_syserror ();
}
runner->refcount = 1;
- runner->pid = (pid_t)(-1);
+ runner->proc = NULL;
runner->in_fd = -1;
runner->out_fd = -1;
@@ -266,15 +266,15 @@ runner_set_fds (runner_t runner, int in_fd, int out_fd)
}
-/* Set the PID of the backend engine. After this call the engine is
+/* Set the PROC of the backend engine. After this call the engine is
owned by the runner object. */
void
-runner_set_pid (runner_t runner, pid_t pid)
+runner_set_proc (runner_t runner, gnupg_process_t proc)
{
- if (check_already_spawned (runner, "runner_set_fds"))
+ if (check_already_spawned (runner, "runner_set_proc"))
return;
- runner->pid = pid;
+ runner->proc = proc;
}
@@ -366,15 +366,17 @@ runner_thread (void *arg)
}
/* Now wait for the process to finish. */
- if (!err && runner->pid != (pid_t)(-1))
+ if (!err && runner->proc)
{
int exitcode;
log_debug ("runner thread waiting ...\n");
- err = gnupg_wait_process (runner->name, runner->pid, 1, &exitcode);
- gnupg_release_process (runner->pid);
- runner->pid = (pid_t)(-1);
- if (err)
+ err = gnupg_process_wait (runner->proc, 1);
+ if (!err)
+ gnupg_process_ctl (runner->proc, GNUPG_PROCESS_GET_EXIT_ID, &exitcode);
+ gnupg_process_release (runner->proc);
+ runner->proc = NULL;
+ if (exitcode)
log_error ("running '%s' failed (exitcode=%d): %s\n",
runner->name, exitcode, gpg_strerror (err));
log_debug ("runner thread waiting finished\n");
@@ -473,7 +475,7 @@ runner_cancel (runner_t runner)
need to change the thread to wait on an event. */
runner->cancel_flag = 1;
/* For now we use the brutal way and kill the process. */
- gnupg_kill_process (runner->pid);
+ gnupg_process_terminate (runner->proc);
}
}
diff --git a/g13/runner.h b/g13/runner.h
index 36181adf9..01c395e02 100644
--- a/g13/runner.h
+++ b/g13/runner.h
@@ -49,7 +49,7 @@ runner_t runner_find_by_rid (unsigned int rid);
/* Functions to set properties of the runner. */
void runner_set_fds (runner_t runner, int in_fd, int out_fd);
-void runner_set_pid (runner_t runner, pid_t pid);
+void runner_set_proc (runner_t runner, gnupg_process_t proc);
/* Register the handler functions with a runner. */
void runner_set_handler (runner_t runner,
diff --git a/kbx/kbx-client-util.c b/kbx/kbx-client-util.c
index f6456a508..b900586c8 100644
--- a/kbx/kbx-client-util.c
+++ b/kbx/kbx-client-util.c
@@ -53,6 +53,7 @@ struct kbx_client_data_s
/* Condition variable to sync the datastream with the command. */
npth_mutex_t mutex;
npth_cond_t cond;
+ npth_t thd;
/* The data received from the keyboxd and an error code if there was
* a problem (in which case DATA is also set to NULL. This is only
@@ -103,7 +104,6 @@ prepare_data_pipe (kbx_client_data_t kcd)
int rc;
int inpipe[2];
estream_t infp;
- npth_t thread;
npth_attr_t tattr;
kcd->fp = NULL;
@@ -118,14 +118,18 @@ prepare_data_pipe (kbx_client_data_t kcd)
return err; /* That should not happen. */
}
- err = assuan_sendfd (kcd->ctx, INT2FD (inpipe[1]));
+#ifdef HAVE_W32_SYSTEM
+ err = assuan_sendfd (kcd->ctx, (HANDLE)_get_osfhandle (inpipe[1]));
+#else
+ err = assuan_sendfd (kcd->ctx, inpipe[1]);
+#endif
if (err)
{
- log_error ("sending sending fd %d to keyboxd: %s <%s>\n",
+ log_error ("sending fd %d to keyboxd: %s <%s>\n",
inpipe[1], gpg_strerror (err), gpg_strsource (err));
es_fclose (infp);
gnupg_close_pipe (inpipe[1]);
- return 0; /* Server may not support fd-passing. */
+ return err;
}
err = assuan_transact (kcd->ctx, "OUTPUT FD",
@@ -135,12 +139,12 @@ prepare_data_pipe (kbx_client_data_t kcd)
log_info ("keyboxd does not accept our fd: %s <%s>\n",
gpg_strerror (err), gpg_strsource (err));
es_fclose (infp);
- return 0;
+ return err;
}
+ close (inpipe[1]);
kcd->fp = infp;
-
rc = npth_attr_init (&tattr);
if (rc)
{
@@ -150,8 +154,8 @@ prepare_data_pipe (kbx_client_data_t kcd)
kcd->fp = NULL;
return err;
}
- npth_attr_setdetachstate (&tattr, NPTH_CREATE_DETACHED);
- rc = npth_create (&thread, &tattr, datastream_thread, kcd);
+ npth_attr_setdetachstate (&tattr, NPTH_CREATE_JOINABLE);
+ rc = npth_create (&kcd->thd, &tattr, datastream_thread, kcd);
if (rc)
{
err = gpg_error_from_errno (rc);
@@ -162,6 +166,7 @@ prepare_data_pipe (kbx_client_data_t kcd)
return err;
}
+ npth_attr_destroy (&tattr);
return 0;
}
@@ -193,13 +198,8 @@ datastream_thread (void *arg)
gnupg_sleep (1);
continue;
}
- if (nread != 4)
- {
- err = gpg_error (GPG_ERR_EIO);
- log_error ("error reading data length from keyboxd: %s\n",
- "short read");
- continue;
- }
+ if (nread < 4)
+ break;
datalen = buf32_to_size_t (lenbuf);
/* log_debug ("keyboxd announced %zu bytes\n", datalen); */
@@ -294,8 +294,7 @@ kbx_client_data_new (kbx_client_data_t *r_kcd, assuan_context_t ctx,
{
err = gpg_error_from_errno (rc);
log_error ("error initializing mutex: %s\n", gpg_strerror (err));
- xfree (kcd);
- return err;
+ goto leave; /* Use D-lines. */
}
rc = npth_cond_init (&kcd->cond, NULL);
if (rc)
@@ -303,8 +302,7 @@ kbx_client_data_new (kbx_client_data_t *r_kcd, assuan_context_t ctx,
err = gpg_error_from_errno (rc);
log_error ("error initializing condition: %s\n", gpg_strerror (err));
npth_mutex_destroy (&kcd->mutex);
- xfree (kcd);
- return err;
+ goto leave; /* Use D-lines. */
}
err = prepare_data_pipe (kcd);
@@ -312,8 +310,7 @@ kbx_client_data_new (kbx_client_data_t *r_kcd, assuan_context_t ctx,
{
npth_cond_destroy (&kcd->cond);
npth_mutex_destroy (&kcd->mutex);
- xfree (kcd);
- return err;
+ /* Use D-lines. */
}
leave:
@@ -329,11 +326,20 @@ kbx_client_data_release (kbx_client_data_t kcd)
if (!kcd)
return;
+
fp = kcd->fp;
+ if (!fp)
+ {
+ xfree (kcd);
+ return;
+ }
+
+ if (npth_join (kcd->thd, NULL))
+ log_error ("kbx_client_data_release failed on npth_join");
+
kcd->fp = NULL;
- es_fclose (fp); /* That close should let the thread run into an error. */
- /* FIXME: Make thread killing explicit. Otherwise we run in a
- * log_fatal due to the destroyed mutex. */
+ es_fclose (fp);
+
npth_cond_destroy (&kcd->cond);
npth_mutex_destroy (&kcd->mutex);
xfree (kcd);
diff --git a/kbx/kbxserver.c b/kbx/kbxserver.c
index ae9ae5c75..d09a8f8eb 100644
--- a/kbx/kbxserver.c
+++ b/kbx/kbxserver.c
@@ -131,21 +131,25 @@ get_assuan_ctx_from_ctrl (ctrl_t ctrl)
static gpg_error_t
prepare_outstream (ctrl_t ctrl)
{
- int fd;
+ gnupg_fd_t fd;
+ estream_t out_fp = NULL;
log_assert (ctrl && ctrl->server_local);
if (ctrl->server_local->outstream)
return 0; /* Already enabled. */
- fd = translate_sys2libc_fd
- (assuan_get_output_fd (get_assuan_ctx_from_ctrl (ctrl)), 1);
- if (fd == -1)
+ fd = assuan_get_output_fd (get_assuan_ctx_from_ctrl (ctrl));
+ if (fd == GNUPG_INVALID_FD)
return 0; /* No Output command active. */
+ else
+ {
+ out_fp = open_stream_nc (fd, "w");
+ if (!out_fp)
+ return gpg_err_code_from_syserror ();
+ }
- ctrl->server_local->outstream = es_fdopen_nc (fd, "w");
- if (!ctrl->server_local->outstream)
- return gpg_err_code_from_syserror ();
+ ctrl->server_local->outstream = out_fp;
return 0;
}
@@ -946,15 +950,9 @@ kbxd_start_command_handler (ctrl_t ctrl, gnupg_fd_t fd, unsigned int session_id)
}
else
{
- /* The fd-passing does not work reliable on Windows, and even it
- * it is not used by gpg and gpgsm the current libassuan slows
- * down things if it is allowed for the server.*/
rc = assuan_init_socket_server (ctx, fd,
(ASSUAN_SOCKET_SERVER_ACCEPTED
-#ifndef HAVE_W32_SYSTEM
- |ASSUAN_SOCKET_SERVER_FDPASSING
-#endif
- ));
+ |ASSUAN_SOCKET_SERVER_FDPASSING));
}
if (rc)
diff --git a/kbx/keyboxd.c b/kbx/keyboxd.c
index f875e115d..73905eb7d 100644
--- a/kbx/keyboxd.c
+++ b/kbx/keyboxd.c
@@ -144,14 +144,13 @@ static struct debug_flags_s debug_flags [] =
{ 77, NULL } /* 77 := Do not exit on "help" or "?". */
};
-/* The timer tick used for housekeeping stuff. Note that on Windows
- * we use a SetWaitableTimer seems to signal earlier than about 2
- * seconds. Thus we use 4 seconds on all platforms.
- * CHECK_OWN_SOCKET_INTERVAL defines how often we check
- * our own socket in standard socket mode. If that value is 0 we
- * don't check at all. All values are in seconds. */
-# define TIMERTICK_INTERVAL (4)
-# define CHECK_OWN_SOCKET_INTERVAL (60)
+/* CHECK_OWN_SOCKET_INTERVAL defines how often we check our own socket
+ * in standard socket mode. If that value is 0 we don't check at all.
+ * Values is in seconds. */
+#define CHECK_OWN_SOCKET_INTERVAL (60)
+/* CHECK_PROBLEMS_INTERVAL defines how often we check the existence of
+ * homedir. Value is in seconds. */
+#define CHECK_PROBLEMS_INTERVAL (4)
/* The list of open file descriptors at startup. Note that this list
* has been allocated using the standard malloc. */
@@ -171,8 +170,10 @@ static int shutdown_pending;
/* Flag indicating to start the daemon even if one already runs. */
static int steal_socket;
-/* Counter for the currently running own socket checks. */
-static int check_own_socket_running;
+/* Flag to monitor problems. */
+static int problem_detected;
+#define KEYBOXD_PROBLEM_SOCKET_TAKEOVER (1 << 0)
+#define KEYBOXD_PROBLEM_HOMEDIR_REMOVED (1 << 1)
/* Flag to indicate that we shall not watch our own socket. */
static int disable_check_own_socket;
@@ -192,6 +193,17 @@ static assuan_sock_nonce_t socket_nonce;
* Let's try this as default. Change at runtime with --listen-backlog. */
static int listen_backlog = 64;
+#ifdef HAVE_W32_SYSTEM
+/* The event to break the select call. */
+static HANDLE the_event2;
+#elif defined(HAVE_PSELECT_NO_EINTR)
+/* An FD to break the select call. */
+static int event_pipe_fd;
+#else
+/* PID of the main thread. */
+static pid_t main_thread_pid;
+#endif
+
/* Name of a config file, which will be reread on a HUP if it is not NULL. */
static char *config_filename;
@@ -199,16 +211,6 @@ static char *config_filename;
* the log file after a SIGHUP if it didn't changed. Malloced. */
static char *current_logfile;
-/* This flag is true if the inotify mechanism for detecting the
- * removal of the homedir is active. This flag is used to disable the
- * alternative but portable stat based check. */
-static int have_homedir_inotify;
-
-/* Depending on how keyboxd was started, the homedir inotify watch may
- * not be reliable. This flag is set if we assume that inotify works
- * reliable. */
-static int reliable_homedir_inotify;
-
/* Number of active connections. */
static int active_connections;
@@ -255,12 +257,11 @@ static void kbxd_init_default_ctrl (ctrl_t ctrl);
static void kbxd_deinit_default_ctrl (ctrl_t ctrl);
static void handle_connections (gnupg_fd_t listen_fd);
-static void check_own_socket (void);
static int check_for_running_kbxd (int silent);
-
-/* Pth wrapper function definitions. */
-ASSUAN_SYSTEM_NPTH_IMPL;
-
+#if CHECK_OWN_SOCKET_INTERVAL > 0
+static void *check_own_socket_thread (void *arg);
+#endif
+static void *check_others_thread (void *arg);
/*
* Functions.
@@ -440,6 +441,7 @@ thread_init_once (void)
* initialized and thus Libgcrypt could not set its system call
* clamp. */
gcry_control (GCRYCTL_REINIT_SYSCALL_CLAMP, 0, 0);
+ assuan_control (ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP, NULL);
}
@@ -447,7 +449,6 @@ static void
initialize_modules (void)
{
thread_init_once ();
- assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
}
@@ -497,7 +498,6 @@ main (int argc, char **argv )
assuan_set_malloc_hooks (&malloc_hooks);
assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
assuan_sock_init ();
- assuan_sock_set_system_hooks (ASSUAN_SYSTEM_NPTH);
setup_libassuan_logging (&opt.debug, kbxd_assuan_log_monitor);
setup_libgcrypt_logging ();
@@ -809,11 +809,6 @@ main (int argc, char **argv )
log_get_prefix (&oldflags);
log_set_prefix (NULL, oldflags | GPGRT_LOG_RUN_DETACHED);
opt.running_detached = 1;
-
- /* Because we don't support running a program on the command
- * line we can assume that the inotify things works and thus
- * we can avoid the regular stat calls. */
- reliable_homedir_inotify = 1;
}
{
@@ -1070,6 +1065,44 @@ get_kbxd_active_connection_count (void)
}
+/* Under W32, this function returns the handle of the scdaemon
+ notification event. Calling it the first time creates that
+ event. */
+#if defined(HAVE_W32_SYSTEM)
+static void *
+create_an_event (void)
+{
+ HANDLE h, h2;
+ SECURITY_ATTRIBUTES sa = { sizeof (SECURITY_ATTRIBUTES), NULL, TRUE};
+
+ /* We need to use a manual reset event object due to the way our
+ w32-pth wait function works: If we would use an automatic
+ reset event we are not able to figure out which handle has
+ been signaled because at the time we single out the signaled
+ handles using WFSO the event has already been reset due to
+ the WFMO. */
+ h = CreateEvent (&sa, TRUE, FALSE, NULL);
+ if (!h)
+ log_error ("can't create an event: %s\n", w32_strerror (-1) );
+ else if (!DuplicateHandle (GetCurrentProcess(), h,
+ GetCurrentProcess(), &h2,
+ EVENT_MODIFY_STATE|SYNCHRONIZE, TRUE, 0))
+ {
+ log_error ("setting synchronize for an event failed: %s\n",
+ w32_strerror (-1) );
+ CloseHandle (h);
+ }
+ else
+ {
+ CloseHandle (h);
+ return h2;
+ }
+
+ return INVALID_HANDLE_VALUE;
+}
+#endif /*HAVE_W32_SYSTEM*/
+
+
/* Create a name for the socket in the home directory as using
* STANDARD_NAME. We also check for valid characters as well as
* against a maximum allowed length for a Unix domain socket is done.
@@ -1282,38 +1315,6 @@ create_directories (void)
-/* This is the worker for the ticker. It is called every few seconds
- * and may only do fast operations. */
-static void
-handle_tick (void)
-{
- static time_t last_minute;
- struct stat statbuf;
-
- if (!last_minute)
- last_minute = time (NULL);
-
- /* Code to be run from time to time. */
-#if CHECK_OWN_SOCKET_INTERVAL > 0
- if (last_minute + CHECK_OWN_SOCKET_INTERVAL <= time (NULL))
- {
- check_own_socket ();
- last_minute = time (NULL);
- }
-#endif
-
-
- /* Check whether the homedir is still available. */
- if (!shutdown_pending
- && (!have_homedir_inotify || !reliable_homedir_inotify)
- && gnupg_stat (gnupg_homedir (), &statbuf) && errno == ENOENT)
- {
- shutdown_pending = 1;
- log_info ("homedir has been removed - shutting down\n");
- }
-}
-
-
/* A global function which allows us to call the reload stuff from
* other places too. This is only used when build for W32. */
void
@@ -1359,6 +1360,11 @@ handle_signal (int signo)
kbxd_sigusr2_action ();
break;
+ case SIGCONT:
+ /* Do nothing, but break the syscall. */
+ log_debug ("SIGCONT received - breaking select\n");
+ break;
+
case SIGTERM:
if (!shutdown_pending)
log_info ("SIGTERM received - shutting down ...\n");
@@ -1396,7 +1402,7 @@ check_nonce (ctrl_t ctrl, assuan_sock_nonce_t *nonce)
if (assuan_sock_check_nonce (ctrl->thread_startup.fd, nonce))
{
log_info (_("error reading nonce on fd %d: %s\n"),
- FD2INT(ctrl->thread_startup.fd), strerror (errno));
+ FD_DBG (ctrl->thread_startup.fd), strerror (errno));
assuan_sock_close (ctrl->thread_startup.fd);
xfree (ctrl);
return -1;
@@ -1416,7 +1422,7 @@ do_start_connection_thread (ctrl_t ctrl)
kbxd_init_default_ctrl (ctrl);
if (opt.verbose && !DBG_IPC)
log_info (_("handler 0x%lx for fd %d started\n"),
- (unsigned long) npth_self(), FD2INT(ctrl->thread_startup.fd));
+ (unsigned long) npth_self(), FD_DBG (ctrl->thread_startup.fd));
session_id = ++last_session_id;
if (!session_id)
@@ -1424,7 +1430,7 @@ do_start_connection_thread (ctrl_t ctrl)
kbxd_start_command_handler (ctrl, ctrl->thread_startup.fd, session_id);
if (opt.verbose && !DBG_IPC)
log_info (_("handler 0x%lx for fd %d terminated\n"),
- (unsigned long) npth_self(), FD2INT(ctrl->thread_startup.fd));
+ (unsigned long) npth_self(), FD_DBG (ctrl->thread_startup.fd));
kbxd_deinit_default_ctrl (ctrl);
xfree (ctrl);
@@ -1450,6 +1456,28 @@ start_connection_thread (void *arg)
}
+static void
+keyboxd_kick_the_loop (void)
+{
+ /* Kick the select loop. */
+#ifdef HAVE_W32_SYSTEM
+ int ret = SetEvent (the_event2);
+ if (ret == 0)
+ log_error ("SetEvent for agent_kick_the_loop failed: %s\n",
+ w32_strerror (-1));
+#else
+# ifdef HAVE_PSELECT_NO_EINTR
+ write (event_pipe_fd, "", 1);
+# else
+ int ret = kill (main_thread_pid, SIGCONT);
+ if (ret < 0)
+ log_error ("sending signal for agent_kick_the_loop failed: %s\n",
+ gpg_strerror (gpg_error_from_syserror ()));
+# endif
+#endif
+}
+
+
/* Connection handler loop. Wait for connection requests and spawn a
* thread after accepting a connection. */
static void
@@ -1464,12 +1492,14 @@ handle_connections (gnupg_fd_t listen_fd)
gnupg_fd_t fd;
int nfd;
int saved_errno;
- struct timespec abstime;
- struct timespec curtime;
- struct timespec timeout;
#ifdef HAVE_W32_SYSTEM
HANDLE events[2];
unsigned int events_set;
+#else
+ int signo;
+# ifdef HAVE_PSELECT_NO_EINTR
+ int pipe_fd[2];
+# endif
#endif
int sock_inotify_fd = -1;
int home_inotify_fd = -1;
@@ -1480,7 +1510,7 @@ handle_connections (gnupg_fd_t listen_fd)
} listentbl[] = {
{ "std", start_connection_thread },
};
-
+ int have_homedir_inotify = 0;
ret = npth_attr_init(&tattr);
if (ret)
@@ -1493,10 +1523,23 @@ handle_connections (gnupg_fd_t listen_fd)
npth_sigev_add (SIGUSR1);
npth_sigev_add (SIGUSR2);
npth_sigev_add (SIGINT);
+ npth_sigev_add (SIGCONT);
npth_sigev_add (SIGTERM);
npth_sigev_fini ();
+# ifdef HAVE_PSELECT_NO_EINTR
+ ret = gnupg_create_pipe (pipe_fd);
+ if (ret)
+ {
+ log_error ("pipe creation failed: %s\n", gpg_strerror (ret));
+ return;
+ }
+ event_pipe_fd = pipe_fd[1];
+# else
+ main_thread_pid = getpid ();
+# endif
#else
- events[0] = INVALID_HANDLE_VALUE;
+ events[0] = the_event2 = create_an_event ();
+ events[1] = INVALID_HANDLE_VALUE;
#endif
if (disable_check_own_socket)
@@ -1508,10 +1551,8 @@ handle_connections (gnupg_fd_t listen_fd)
gpg_strerror (err));
}
- if (disable_check_own_socket)
- home_inotify_fd = -1;
- else if ((err = gnupg_inotify_watch_delete_self (&home_inotify_fd,
- gnupg_homedir ())))
+ if ((err = gnupg_inotify_watch_delete_self (&home_inotify_fd,
+ gnupg_homedir ())))
{
if (gpg_err_code (err) != GPG_ERR_NOT_SUPPORTED)
log_info ("error enabling daemon termination by homedir removal: %s\n",
@@ -1520,9 +1561,29 @@ handle_connections (gnupg_fd_t listen_fd)
else
have_homedir_inotify = 1;
+#if CHECK_OWN_SOCKET_INTERVAL > 0
+ if (!disable_check_own_socket && sock_inotify_fd == -1)
+ {
+ npth_t thread;
+
+ err = npth_create (&thread, &tattr, check_own_socket_thread, NULL);
+ if (err)
+ log_error ("error spawning check_own_socket_thread: %s\n", strerror (err));
+ }
+#endif
+
+ if (!have_homedir_inotify)
+ {
+ npth_t thread;
+
+ err = npth_create (&thread, &tattr, check_others_thread, NULL);
+ if (err)
+ log_error ("error spawning check_others_thread: %s\n", strerror (err));
+ }
+
FD_ZERO (&fdset);
FD_SET (FD2INT (listen_fd), &fdset);
- nfd = FD2INT (listen_fd);
+ nfd = FD2NUM (listen_fd);
if (sock_inotify_fd != -1)
{
FD_SET (sock_inotify_fd, &fdset);
@@ -1538,9 +1599,6 @@ handle_connections (gnupg_fd_t listen_fd)
listentbl[0].l_fd = listen_fd;
- npth_clock_gettime (&abstime);
- abstime.tv_sec += TIMERTICK_INTERVAL;
-
for (;;)
{
/* Shutdown test. */
@@ -1573,28 +1631,21 @@ handle_connections (gnupg_fd_t listen_fd)
read_fdset = fdset;
- npth_clock_gettime (&curtime);
- if (!(npth_timercmp (&curtime, &abstime, <)))
- {
- /* Timeout. */
- handle_tick ();
- npth_clock_gettime (&abstime);
- abstime.tv_sec += TIMERTICK_INTERVAL;
- }
- npth_timersub (&abstime, &curtime, &timeout);
+#ifdef HAVE_PSELECT_NO_EINTR
+ FD_SET (pipe_fd[0], &read_fdset);
+ if (nfd < pipe_fd[0])
+ nfd = pipe_fd[0];
+#endif
#ifndef HAVE_W32_SYSTEM
- ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, &timeout,
+ ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, NULL,
npth_sigev_sigmask ());
saved_errno = errno;
- {
- int signo;
- while (npth_sigev_get_pending (&signo))
- handle_signal (signo);
- }
+ while (npth_sigev_get_pending (&signo))
+ handle_signal (signo);
#else
- ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, &timeout,
+ ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, NULL,
events, &events_set);
saved_errno = errno;
@@ -1610,6 +1661,22 @@ handle_connections (gnupg_fd_t listen_fd)
gnupg_sleep (1);
continue;
}
+
+ if ((problem_detected & KEYBOXD_PROBLEM_SOCKET_TAKEOVER))
+ {
+ /* We may not remove the socket as it is now in use by another
+ server. */
+ inhibit_socket_removal = 1;
+ shutdown_pending = 2;
+ log_info ("this process is useless - shutting down\n");
+ }
+
+ if ((problem_detected & KEYBOXD_PROBLEM_HOMEDIR_REMOVED))
+ {
+ shutdown_pending = 1;
+ log_info ("homedir has been removed - shutting down\n");
+ }
+
if (ret <= 0)
{
/* Interrupt or timeout. Will be handled when calculating the
@@ -1617,6 +1684,15 @@ handle_connections (gnupg_fd_t listen_fd)
continue;
}
+#ifdef HAVE_PSELECT_NO_EINTR
+ if (FD_ISSET (pipe_fd[0], &read_fdset))
+ {
+ char buf[256];
+
+ read (pipe_fd[0], buf, sizeof buf);
+ }
+#endif
+
/* The inotify fds are set even when a shutdown is pending (see
* above). So we must handle them in any case. To avoid that
* they trigger a second time we close them immediately. */
@@ -1653,8 +1729,8 @@ handle_connections (gnupg_fd_t listen_fd)
continue;
plen = sizeof paddr;
- fd = INT2FD (npth_accept (FD2INT(listentbl[idx].l_fd),
- (struct sockaddr *)&paddr, &plen));
+ fd = assuan_sock_accept (listentbl[idx].l_fd,
+ (struct sockaddr *)&paddr, &plen);
if (fd == GNUPG_INVALID_FD)
{
log_error ("accept failed for %s: %s\n",
@@ -1687,13 +1763,21 @@ handle_connections (gnupg_fd_t listen_fd)
close (sock_inotify_fd);
if (home_inotify_fd != -1)
close (home_inotify_fd);
+#ifdef HAVE_W32_SYSTEM
+ if (the_event2 != INVALID_HANDLE_VALUE)
+ CloseHandle (the_event2);
+#endif
+#ifdef HAVE_PSELECT_NO_EINTR
+ close (pipe_fd[0]);
+ close (pipe_fd[1]);
+#endif
cleanup ();
log_info (_("%s %s stopped\n"), gpgrt_strusage(11), gpgrt_strusage(13));
npth_attr_destroy (&tattr);
}
-
+#if CHECK_OWN_SOCKET_INTERVAL > 0
/* Helper for check_own_socket. */
static gpg_error_t
check_own_socket_pid_cb (void *opaque, const void *buffer, size_t length)
@@ -1704,20 +1788,18 @@ check_own_socket_pid_cb (void *opaque, const void *buffer, size_t length)
}
-/* The thread running the actual check. We need to run this in a
- * separate thread so that check_own_thread can be called from the
- * timer tick. */
-static void *
-check_own_socket_thread (void *arg)
+/* Check whether we are still listening on our own socket. In case
+ another gpg-agent process started after us has taken ownership of
+ our socket, we would linger around without any real task. Thus we
+ better check once in a while whether we are really needed. */
+static int
+do_check_own_socket (const char *sockname)
{
int rc;
- char *sockname = arg;
assuan_context_t ctx = NULL;
membuf_t mb;
char *buffer;
- check_own_socket_running++;
-
rc = assuan_new (&ctx);
if (rc)
{
@@ -1755,57 +1837,70 @@ check_own_socket_thread (void *arg)
xfree (buffer);
leave:
- xfree (sockname);
if (ctx)
assuan_release (ctx);
- if (rc)
- {
- /* We may not remove the socket as it is now in use by another
- * server. */
- inhibit_socket_removal = 1;
- shutdown_pending = 2;
- log_info ("this process is useless - shutting down\n");
- }
- check_own_socket_running--;
- return NULL;
-}
+ return rc;
+}
-/* Check whether we are still listening on our own socket. In case
- * another keyboxd process started after us has taken ownership of our
- * socket, we would linger around without any real task. Thus we
- * better check once in a while whether we are really needed. */
-static void
-check_own_socket (void)
+/* The thread running the actual check. */
+static void *
+check_own_socket_thread (void *arg)
{
char *sockname;
- npth_t thread;
- npth_attr_t tattr;
- int err;
- if (disable_check_own_socket)
- return;
-
- if (check_own_socket_running || shutdown_pending)
- return; /* Still running or already shutting down. */
+ (void)arg;
sockname = make_filename_try (gnupg_socketdir (), KEYBOXD_SOCK_NAME, NULL);
if (!sockname)
- return; /* Out of memory. */
+ return NULL; /* Out of memory. */
- err = npth_attr_init (&tattr);
- if (err)
+ while (!problem_detected)
{
- xfree (sockname);
- return;
+ if (shutdown_pending)
+ goto leave;
+
+ gnupg_sleep (CHECK_OWN_SOCKET_INTERVAL);
+
+ if (do_check_own_socket (sockname))
+ problem_detected |= KEYBOXD_PROBLEM_SOCKET_TAKEOVER;
}
- npth_attr_setdetachstate (&tattr, NPTH_CREATE_DETACHED);
- err = npth_create (&thread, &tattr, check_own_socket_thread, sockname);
- if (err)
- log_error ("error spawning check_own_socket_thread: %s\n", strerror (err));
- npth_attr_destroy (&tattr);
+
+ keyboxd_kick_the_loop ();
+
+ leave:
+ xfree (sockname);
+ return NULL;
}
+#endif
+
+/* The thread running other checks. */
+static void *
+check_others_thread (void *arg)
+{
+ const char *homedir = gnupg_homedir ();
+ (void)arg;
+
+ while (!problem_detected)
+ {
+ struct stat statbuf;
+
+ if (shutdown_pending)
+ goto leave;
+
+ gnupg_sleep (CHECK_PROBLEMS_INTERVAL);
+
+ /* Check whether the homedir is still available. */
+ if (gnupg_stat (homedir, &statbuf) && errno == ENOENT)
+ problem_detected |= KEYBOXD_PROBLEM_HOMEDIR_REMOVED;
+ }
+
+ keyboxd_kick_the_loop ();
+
+ leave:
+ return NULL;
+}
/* Figure out whether a keyboxd is available and running. Prints an
diff --git a/scd/app.c b/scd/app.c
index 2c92201cf..a9591a12c 100644
--- a/scd/app.c
+++ b/scd/app.c
@@ -2385,6 +2385,18 @@ app_check_pin (card_t card, ctrl_t ctrl, const char *keyidstr,
static void
+setup_env (struct spawn_cb_arg *sca)
+{
+#ifdef HAVE_W32_SYSTEM
+ (void)sca; /* Not supported on Windows. */
+#else
+ char *v = sca->arg;
+
+ putenv (v);
+#endif
+}
+
+static void
report_change (int slot, int old_status, int cur_status)
{
char *homestr, *envstr;
@@ -2411,12 +2423,9 @@ report_change (int slot, int old_status, int cur_status)
else
{
gpg_error_t err;
- const char *args[9], *envs[2];
+ const char *args[9];
char numbuf1[30], numbuf2[30], numbuf3[30];
- envs[0] = envstr;
- envs[1] = NULL;
-
sprintf (numbuf1, "%d", slot);
sprintf (numbuf2, "0x%04X", old_status);
sprintf (numbuf3, "0x%04X", cur_status);
@@ -2433,7 +2442,9 @@ report_change (int slot, int old_status, int cur_status)
args[8] = NULL;
fname = make_filename (gnupg_homedir (), "scd-event", NULL);
- err = gnupg_spawn_process_detached (fname, args, envs);
+ err = gnupg_process_spawn (fname, args,
+ GNUPG_PROCESS_DETACHED,
+ setup_env, envstr, NULL);
if (err && gpg_err_code (err) != GPG_ERR_ENOENT)
log_error ("failed to run event handler '%s': %s\n",
fname, gpg_strerror (err));
diff --git a/scd/command.c b/scd/command.c
index 0cf66d08c..a2274f15a 100644
--- a/scd/command.c
+++ b/scd/command.c
@@ -957,7 +957,8 @@ pin_cb (void *opaque, const char *info, char **retstr)
We ignore any value returned. */
if (info)
{
- log_debug ("prompting for pinpad entry '%s'\n", info);
+ if (DBG_IPC)
+ log_debug ("prompting for pinpad entry '%s'\n", info);
rc = gpgrt_asprintf (&command, "POPUPPINPADPROMPT %s", info);
if (rc < 0)
return gpg_error (gpg_err_code_from_errno (errno));
@@ -966,7 +967,8 @@ pin_cb (void *opaque, const char *info, char **retstr)
}
else
{
- log_debug ("dismiss pinpad entry prompt\n");
+ if (DBG_IPC)
+ log_debug ("dismiss pinpad entry prompt\n");
rc = assuan_inquire (ctx, "DISMISSPINPADPROMPT",
&value, &valuelen, MAXLEN_PIN);
}
@@ -976,7 +978,8 @@ pin_cb (void *opaque, const char *info, char **retstr)
}
*retstr = NULL;
- log_debug ("asking for PIN '%s'\n", info);
+ if (DBG_IPC)
+ log_debug ("asking for PIN '%s'\n", info);
rc = gpgrt_asprintf (&command, "NEEDPIN %s", info);
if (rc < 0)
@@ -2942,10 +2945,10 @@ void
send_client_notifications (card_t card, int removal)
{
struct {
- pid_t pid;
#ifdef HAVE_W32_SYSTEM
HANDLE handle;
#else
+ pid_t pid;
int signo;
#endif
} killed[50];
@@ -2965,10 +2968,10 @@ send_client_notifications (card_t card, int removal)
if (sl->ctrl_backlink && sl->ctrl_backlink->card_ctx == card)
{
- pid_t pid;
#ifdef HAVE_W32_SYSTEM
HANDLE handle;
#else
+ pid_t pid;
int signo;
#endif
@@ -2983,32 +2986,33 @@ send_client_notifications (card_t card, int removal)
if (!sl->event_signal || !sl->assuan_ctx)
continue;
- pid = assuan_get_pid (sl->assuan_ctx);
-
#ifdef HAVE_W32_SYSTEM
handle = sl->event_signal;
for (kidx=0; kidx < killidx; kidx++)
- if (killed[kidx].pid == pid
- && killed[kidx].handle == handle)
+ if (killed[kidx].handle == handle)
break;
if (kidx < killidx)
- log_info ("event %p (%p) already triggered for client %d\n",
- sl->event_signal, handle, (int)pid);
+ {
+ if (opt.verbose)
+ log_info ("event %p already triggered for client\n",
+ sl->event_signal);
+ }
else
{
- log_info ("triggering event %p (%p) for client %d\n",
- sl->event_signal, handle, (int)pid);
+ if (opt.verbose)
+ log_info ("triggering event %p for client\n",
+ sl->event_signal);
if (!SetEvent (handle))
log_error ("SetEvent(%p) failed: %s\n",
sl->event_signal, w32_strerror (-1));
if (killidx < DIM (killed))
{
- killed[killidx].pid = pid;
killed[killidx].handle = handle;
killidx++;
}
}
#else /*!HAVE_W32_SYSTEM*/
+ pid = assuan_get_pid (sl->assuan_ctx);
signo = sl->event_signal;
if (pid != (pid_t)(-1) && pid && signo > 0)
@@ -3018,12 +3022,16 @@ send_client_notifications (card_t card, int removal)
&& killed[kidx].signo == signo)
break;
if (kidx < killidx)
- log_info ("signal %d already sent to client %d\n",
- signo, (int)pid);
+ {
+ if (opt.verbose)
+ log_info ("signal %d already sent to client %d\n",
+ signo, (int)pid);
+ }
else
{
- log_info ("sending signal %d to client %d\n",
- signo, (int)pid);
+ if (opt.verbose)
+ log_info ("sending signal %d to client %d\n",
+ signo, (int)pid);
kill (pid, signo);
if (killidx < DIM (killed))
{
diff --git a/scd/scdaemon.c b/scd/scdaemon.c
index 1a8705b18..2a9b0923c 100644
--- a/scd/scdaemon.c
+++ b/scd/scdaemon.c
@@ -284,9 +284,6 @@ static gnupg_fd_t create_server_socket (const char *name,
static void *start_connection_thread (void *arg);
static void handle_connections (gnupg_fd_t listen_fd);
-/* Pth wrapper function definitions. */
-ASSUAN_SYSTEM_NPTH_IMPL;
-
static int active_connections;
@@ -492,7 +489,6 @@ main (int argc, char **argv )
malloc_hooks.free = gcry_free;
assuan_set_malloc_hooks (&malloc_hooks);
assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
- assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
assuan_sock_init ();
setup_libassuan_logging (&opt.debug, NULL);
@@ -782,6 +778,7 @@ main (int argc, char **argv )
npth_init ();
setup_signal_mask ();
gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
+ assuan_control (ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP, NULL);
/* If --debug-allow-core-dump has been given we also need to
switch the working directory to a place where we can actually
@@ -923,6 +920,7 @@ main (int argc, char **argv )
npth_init ();
setup_signal_mask ();
gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
+ assuan_control (ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP, NULL);
/* Detach from tty and put process into a new session. */
if (!nodetach )
@@ -1207,7 +1205,7 @@ start_connection_thread (void *arg)
&& assuan_sock_check_nonce (ctrl->thread_startup.fd, &socket_nonce))
{
log_info (_("error reading nonce on fd %d: %s\n"),
- FD2INT(ctrl->thread_startup.fd), strerror (errno));
+ FD_DBG (ctrl->thread_startup.fd), strerror (errno));
assuan_sock_close (ctrl->thread_startup.fd);
xfree (ctrl);
return NULL;
@@ -1218,7 +1216,7 @@ start_connection_thread (void *arg)
scd_init_default_ctrl (ctrl);
if (opt.verbose)
log_info (_("handler for fd %d started\n"),
- FD2INT(ctrl->thread_startup.fd));
+ FD_DBG (ctrl->thread_startup.fd));
/* If this is a pipe server, we request a shutdown if the command
handler asked for it. With the next ticker event and given that
@@ -1230,7 +1228,7 @@ start_connection_thread (void *arg)
if (opt.verbose)
log_info (_("handler for fd %d terminated\n"),
- FD2INT (ctrl->thread_startup.fd));
+ FD_DBG (ctrl->thread_startup.fd));
scd_deinit_default_ctrl (ctrl);
xfree (ctrl);
@@ -1337,7 +1335,7 @@ handle_connections (gnupg_fd_t listen_fd)
if (listen_fd != GNUPG_INVALID_FD)
{
FD_SET (FD2INT (listen_fd), &fdset);
- nfd = FD2INT (listen_fd);
+ nfd = FD2NUM (listen_fd);
}
for (;;)
@@ -1423,8 +1421,8 @@ handle_connections (gnupg_fd_t listen_fd)
gnupg_fd_t fd;
plen = sizeof paddr;
- fd = INT2FD (npth_accept (FD2INT (listen_fd),
- (struct sockaddr *)&paddr, &plen));
+ fd = assuan_sock_accept (listen_fd,
+ (struct sockaddr *)&paddr, &plen);
if (fd == GNUPG_INVALID_FD)
{
log_error ("accept failed: %s\n", strerror (errno));
@@ -1441,7 +1439,7 @@ handle_connections (gnupg_fd_t listen_fd)
npth_t thread;
snprintf (threadname, sizeof threadname, "conn fd=%d",
- FD2INT (fd));
+ FD_DBG (fd));
ctrl->thread_startup.fd = fd;
ret = npth_create (&thread, &tattr, start_connection_thread, ctrl);
if (ret)
diff --git a/sm/call-agent.c b/sm/call-agent.c
index eb6671692..acce19058 100644
--- a/sm/call-agent.c
+++ b/sm/call-agent.c
@@ -118,7 +118,8 @@ start_agent (ctrl_t ctrl)
opt.agent_program,
opt.lc_ctype, opt.lc_messages,
opt.session_env,
- opt.autostart, opt.verbose, DBG_IPC,
+ opt.autostart?ASSHELP_FLAG_AUTOSTART:0,
+ opt.verbose, DBG_IPC,
gpgsm_status2, ctrl);
if (!opt.autostart && gpg_err_code (rc) == GPG_ERR_NO_AGENT)
diff --git a/sm/call-dirmngr.c b/sm/call-dirmngr.c
index 7fe7a68f5..22580bd12 100644
--- a/sm/call-dirmngr.c
+++ b/sm/call-dirmngr.c
@@ -228,7 +228,8 @@ start_dirmngr_ext (ctrl_t ctrl, assuan_context_t *ctx_r)
err = start_new_dirmngr (&ctx, GPG_ERR_SOURCE_DEFAULT,
opt.dirmngr_program,
- opt.autostart, opt.verbose, DBG_IPC,
+ opt.autostart?ASSHELP_FLAG_AUTOSTART:0,
+ opt.verbose, DBG_IPC,
gpgsm_status2, ctrl);
if (!opt.autostart && gpg_err_code (err) == GPG_ERR_NO_DIRMNGR)
{
diff --git a/sm/decrypt.c b/sm/decrypt.c
index 6d63189b8..5a947779f 100644
--- a/sm/decrypt.c
+++ b/sm/decrypt.c
@@ -1052,7 +1052,7 @@ decrypt_gcm_filter (void *arg,
/* Perform a decrypt operation. */
int
-gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
+gpgsm_decrypt (ctrl_t ctrl, estream_t in_fp, estream_t out_fp)
{
int rc;
gnupg_ksba_io_t b64reader = NULL;
@@ -1063,7 +1063,6 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
ksba_stop_reason_t stopreason;
KEYDB_HANDLE kh;
int recp;
- estream_t in_fp = NULL;
struct decrypt_filter_parm_s dfparm;
char *curve = NULL;
@@ -1079,14 +1078,6 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
goto leave;
}
- in_fp = es_fdopen_nc (in_fd, "rb");
- if (!in_fp)
- {
- rc = gpg_error_from_syserror ();
- log_error ("fdopen() failed: %s\n", strerror (errno));
- goto leave;
- }
-
rc = gnupg_ksba_create_reader
(&b64reader, ((ctrl->is_pem? GNUPG_KSBA_IO_PEM : 0)
| (ctrl->is_base64? GNUPG_KSBA_IO_BASE64 : 0)
@@ -1520,7 +1511,6 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
gnupg_ksba_destroy_reader (b64reader);
gnupg_ksba_destroy_writer (b64writer);
keydb_release (kh);
- es_fclose (in_fp);
if (dfparm.hd)
gcry_cipher_close (dfparm.hd);
return rc;
diff --git a/sm/encrypt.c b/sm/encrypt.c
index 741fe6206..202bbb92f 100644
--- a/sm/encrypt.c
+++ b/sm/encrypt.c
@@ -574,7 +574,8 @@ encrypt_cb (void *cb_value, char *buffer, size_t count, size_t *nread)
recipients are take from the certificate given in recplist; if this
is NULL it will be encrypted for a default recipient */
int
-gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
+gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, estream_t data_fp,
+ estream_t out_fp)
{
gpg_error_t err = 0;
gnupg_ksba_io_t b64writer = NULL;
@@ -586,7 +587,6 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
struct encrypt_cb_parm_s encparm;
DEK dek = NULL;
int recpno;
- estream_t data_fp = NULL;
certlist_t cl;
int count;
int compliant;
@@ -622,15 +622,6 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
goto leave;
}
- /* Fixme: We should use the unlocked version of the es functions. */
- data_fp = es_fdopen_nc (data_fd, "rb");
- if (!data_fp)
- {
- err = gpg_error_from_syserror ();
- log_error ("fdopen() failed: %s\n", gpg_strerror (err));
- goto leave;
- }
-
err = ksba_reader_new (&reader);
if (!err)
err = ksba_reader_set_cb (reader, encrypt_cb, &encparm);
@@ -855,7 +846,6 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
ksba_reader_release (reader);
keydb_release (kh);
xfree (dek);
- es_fclose (data_fp);
xfree (encparm.buffer);
return err;
}
diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index 3948372e4..7c866d0b8 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -537,7 +537,6 @@ static void set_cmd (enum cmd_and_opt_values *ret_cmd,
enum cmd_and_opt_values new_cmd );
static void emergency_cleanup (void);
-static int open_read (const char *filename);
static estream_t open_es_fread (const char *filename, const char *mode);
static estream_t open_es_fwrite (const char *filename);
static void run_protect_tool (int argc, char **argv);
@@ -599,10 +598,6 @@ our_md_test_algo (int algo)
}
-/* nPth wrapper function definitions. */
-ASSUAN_SYSTEM_NPTH_IMPL;
-
-
static char *
make_libversion (const char *libname, const char *(*getfnc)(const char*))
{
@@ -1611,8 +1606,8 @@ main ( int argc, char **argv)
npth_init ();
- assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
+ assuan_control (ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP, NULL);
/* if (opt.qualsig_approval && !opt.quiet) */
@@ -1801,7 +1796,7 @@ main ( int argc, char **argv)
{
log_info (_("importing common certificates '%s'\n"),
filelist[0]);
- gpgsm_import_files (&ctrl, 1, filelist, open_read);
+ gpgsm_import_files (&ctrl, 1, filelist, open_es_fread);
}
xfree (filelist[0]);
}
@@ -1939,9 +1934,20 @@ main ( int argc, char **argv)
set_binary (stdin);
if (!argc) /* Source is stdin. */
- err = gpgsm_encrypt (&ctrl, recplist, 0, fp);
+ err = gpgsm_encrypt (&ctrl, recplist, es_stdin, fp);
else if (argc == 1) /* Source is the given file. */
- err = gpgsm_encrypt (&ctrl, recplist, open_read (*argv), fp);
+ {
+ estream_t data_fp = es_fopen (*argv, "rb");
+
+ if (!data_fp)
+ {
+ log_error (_("can't open '%s': %s\n"), *argv,
+ strerror (errno));
+ gpgsm_exit (2);
+ }
+ err = gpgsm_encrypt (&ctrl, recplist, data_fp, fp);
+ es_fclose (data_fp);
+ }
else
wrong_args ("--encrypt [datafile]");
@@ -1960,10 +1966,20 @@ main ( int argc, char **argv)
signing because that is what gpg does.*/
set_binary (stdin);
if (!argc) /* Create from stdin. */
- err = gpgsm_sign (&ctrl, signerlist, 0, detached_sig, fp);
+ err = gpgsm_sign (&ctrl, signerlist, es_stdin, detached_sig, fp);
else if (argc == 1) /* From file. */
- err = gpgsm_sign (&ctrl, signerlist,
- open_read (*argv), detached_sig, fp);
+ {
+ estream_t data_fp = es_fopen (*argv, "rb");
+
+ if (!data_fp)
+ {
+ log_error (_("can't open '%s': %s\n"), *argv,
+ strerror (errno));
+ gpgsm_exit (2);
+ }
+ err = gpgsm_sign (&ctrl, signerlist, data_fp, detached_sig, fp);
+ es_fclose (data_fp);
+ }
else
wrong_args ("--sign [datafile]");
@@ -2004,11 +2020,43 @@ main ( int argc, char **argv)
fp = open_es_fwrite (opt.outfile);
if (!argc)
- gpgsm_verify (&ctrl, 0, -1, fp); /* normal signature from stdin */
+ /* normal signature from stdin */
+ gpgsm_verify (&ctrl, es_stdin, NULL, fp);
else if (argc == 1)
- gpgsm_verify (&ctrl, open_read (*argv), -1, fp); /* std signature */
+ {
+ estream_t in_fp = es_fopen (*argv, "rb");
+
+ if (!in_fp)
+ {
+ log_error (_("can't open '%s': %s\n"), *argv,
+ strerror (errno));
+ gpgsm_exit (2);
+ }
+ gpgsm_verify (&ctrl, in_fp, NULL, fp); /* std signature */
+ es_fclose (in_fp);
+ }
else if (argc == 2) /* detached signature (sig, detached) */
- gpgsm_verify (&ctrl, open_read (*argv), open_read (argv[1]), NULL);
+ {
+ estream_t in_fp = es_fopen (*argv, "rb");
+ estream_t data_fp = es_fopen (argv[1], "rb");
+
+ if (!in_fp)
+ {
+ log_error (_("can't open '%s': %s\n"), *argv,
+ strerror (errno));
+ gpgsm_exit (2);
+ }
+ if (!data_fp)
+ {
+ log_error (_("can't open '%s': %s\n"), argv[1],
+ strerror (errno));
+ gpgsm_exit (2);
+ }
+
+ gpgsm_verify (&ctrl, in_fp, data_fp, NULL);
+ es_fclose (in_fp);
+ es_fclose (data_fp);
+ }
else
wrong_args ("--verify [signature [detached_data]]");
@@ -2022,9 +2070,19 @@ main ( int argc, char **argv)
set_binary (stdin);
if (!argc)
- err = gpgsm_decrypt (&ctrl, 0, fp); /* from stdin */
+ err = gpgsm_decrypt (&ctrl, es_stdin, fp); /* from stdin */
else if (argc == 1)
- err = gpgsm_decrypt (&ctrl, open_read (*argv), fp); /* from file */
+ {
+ estream_t data_fp = es_fopen (*argv, "rb");
+ if (!data_fp)
+ {
+ log_error (_("can't open '%s': %s\n"), *argv,
+ strerror (errno));
+ gpgsm_exit (2);
+ }
+ err = gpgsm_decrypt (&ctrl, data_fp, fp); /* from file */
+ es_fclose (data_fp);
+ }
else
wrong_args ("--decrypt [filename]");
@@ -2115,7 +2173,7 @@ main ( int argc, char **argv)
case aImport:
- gpgsm_import_files (&ctrl, argc, argv, open_read);
+ gpgsm_import_files (&ctrl, argc, argv, open_es_fread);
break;
case aExport:
@@ -2316,49 +2374,24 @@ gpgsm_parse_validation_model (const char *model)
}
-
-/* Open the FILENAME for read and return the file descriptor. Stop
- with an error message in case of problems. "-" denotes stdin and
- if special filenames are allowed the given fd is opened instead. */
-static int
-open_read (const char *filename)
-{
- int fd;
-
- if (filename[0] == '-' && !filename[1])
- {
- set_binary (stdin);
- return 0; /* stdin */
- }
- fd = check_special_filename (filename, 0, 0);
- if (fd != -1)
- return fd;
- fd = gnupg_open (filename, O_RDONLY | O_BINARY, 0);
- if (fd == -1)
- {
- log_error (_("can't open '%s': %s\n"), filename, strerror (errno));
- gpgsm_exit (2);
- }
- return fd;
-}
-
/* Same as open_read but return an estream_t. */
static estream_t
open_es_fread (const char *filename, const char *mode)
{
- int fd;
+ gnupg_fd_t fd;
estream_t fp;
if (filename[0] == '-' && !filename[1])
- fd = fileno (stdin);
+ return es_fpopen_nc (stdin, mode);
else
- fd = check_special_filename (filename, 0, 0);
- if (fd != -1)
+ fd = gnupg_check_special_filename (filename);
+ if (fd != GNUPG_INVALID_FD)
{
- fp = es_fdopen_nc (fd, mode);
+ fp = open_stream_nc (fd, mode);
if (!fp)
{
- log_error ("es_fdopen(%d) failed: %s\n", fd, strerror (errno));
+ log_error ("es_fdopen(%d) failed: %s\n", FD_DBG (fd),
+ strerror (errno));
gpgsm_exit (2);
}
return fp;
@@ -2380,23 +2413,24 @@ open_es_fread (const char *filename, const char *mode)
static estream_t
open_es_fwrite (const char *filename)
{
- int fd;
+ gnupg_fd_t fd;
estream_t fp;
if (filename[0] == '-' && !filename[1])
{
fflush (stdout);
- fp = es_fdopen_nc (fileno(stdout), "wb");
+ fp = es_fpopen_nc (stdout, "wb");
return fp;
}
- fd = check_special_filename (filename, 1, 0);
- if (fd != -1)
+ fd = gnupg_check_special_filename (filename);
+ if (fd != GNUPG_INVALID_FD)
{
- fp = es_fdopen_nc (fd, "wb");
+ fp = open_stream_nc (fd, "wb");
if (!fp)
{
- log_error ("es_fdopen(%d) failed: %s\n", fd, strerror (errno));
+ log_error ("es_fdopen(%d) failed: %s\n",
+ FD_DBG (fd), strerror (errno));
gpgsm_exit (2);
}
return fp;
diff --git a/sm/gpgsm.h b/sm/gpgsm.h
index faa03a9f4..673ea1687 100644
--- a/sm/gpgsm.h
+++ b/sm/gpgsm.h
@@ -431,9 +431,9 @@ gpg_error_t gpgsm_show_certs (ctrl_t ctrl, int nfiles, char **files,
estream_t fp);
/*-- import.c --*/
-int gpgsm_import (ctrl_t ctrl, int in_fd, int reimport_mode);
+int gpgsm_import (ctrl_t ctrl, estream_t in_fp, int reimport_mode);
int gpgsm_import_files (ctrl_t ctrl, int nfiles, char **files,
- int (*of)(const char *fname));
+ estream_t (*of)(const char *fname, const char *mode));
/*-- export.c --*/
void gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream);
@@ -444,23 +444,24 @@ void gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream,
int gpgsm_delete (ctrl_t ctrl, strlist_t names);
/*-- verify.c --*/
-int gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp);
+int gpgsm_verify (ctrl_t ctrl, estream_t in_fp, estream_t data_fp,
+ estream_t out_fp);
/*-- sign.c --*/
int gpgsm_get_default_cert (ctrl_t ctrl, ksba_cert_t *r_cert);
int gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
- int data_fd, int detached, estream_t out_fp);
+ estream_t data_fp, int detached, estream_t out_fp);
/*-- encrypt.c --*/
int gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist,
- int in_fd, estream_t out_fp);
+ estream_t in_fp, estream_t out_fp);
/*-- decrypt.c --*/
gpg_error_t ecdh_derive_kek (unsigned char *key, unsigned int keylen,
int hash_algo, const char *wrap_algo_str,
const void *secret, unsigned int secretlen,
const void *ukm, unsigned int ukmlen);
-int gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp);
+int gpgsm_decrypt (ctrl_t ctrl, estream_t in_fp, estream_t out_fp);
/*-- certreqgen.c --*/
int gpgsm_genkey (ctrl_t ctrl, estream_t in_stream, estream_t out_stream);
diff --git a/sm/import.c b/sm/import.c
index cbf8fa627..4f993ef30 100644
--- a/sm/import.c
+++ b/sm/import.c
@@ -37,6 +37,10 @@
#include "../common/membuf.h"
#include "minip12.h"
+#ifndef O_BINARY
+#define O_BINARY 0
+#endif
+
/* The arbitrary limit of one PKCS#12 object. */
#define MAX_P12OBJ_SIZE 128 /*kb*/
@@ -269,25 +273,16 @@ check_and_store (ctrl_t ctrl, struct stats_s *stats,
static int
-import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
+import_one (ctrl_t ctrl, struct stats_s *stats, estream_t fp)
{
int rc;
gnupg_ksba_io_t b64reader = NULL;
ksba_reader_t reader;
ksba_cert_t cert = NULL;
ksba_cms_t cms = NULL;
- estream_t fp = NULL;
ksba_content_type_t ct;
int any = 0;
- fp = es_fdopen_nc (in_fd, "rb");
- if (!fp)
- {
- rc = gpg_error_from_syserror ();
- log_error ("fdopen() failed: %s\n", strerror (errno));
- goto leave;
- }
-
rc = gnupg_ksba_create_reader
(&b64reader, ((ctrl->is_pem? GNUPG_KSBA_IO_PEM : 0)
| (ctrl->is_base64? GNUPG_KSBA_IO_BASE64 : 0)
@@ -388,7 +383,6 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
ksba_cms_release (cms);
ksba_cert_release (cert);
gnupg_ksba_destroy_reader (b64reader);
- es_fclose (fp);
return rc;
}
@@ -398,10 +392,9 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
fingerprints t re-import. The actual re-import is done by clearing
the ephemeral flag. */
static int
-reimport_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
+reimport_one (ctrl_t ctrl, struct stats_s *stats, estream_t fp)
{
gpg_error_t err = 0;
- estream_t fp = NULL;
char line[100]; /* Sufficient for a fingerprint. */
KEYDB_HANDLE kh;
KEYDB_SEARCH_DESC desc;
@@ -417,14 +410,6 @@ reimport_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
}
keydb_set_ephemeral (kh, 1);
- fp = es_fdopen_nc (in_fd, "r");
- if (!fp)
- {
- err = gpg_error_from_syserror ();
- log_error ("es_fdopen(%d) failed: %s\n", in_fd, gpg_strerror (err));
- goto leave;
- }
-
while (es_fgets (line, DIM(line)-1, fp) )
{
if (*line && line[strlen(line)-1] != '\n')
@@ -500,30 +485,29 @@ reimport_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
if (es_ferror (fp))
{
err = gpg_error_from_syserror ();
- log_error ("error reading fd %d: %s\n", in_fd, gpg_strerror (err));
+ log_error ("error reading fp %p: %s\n", fp, gpg_strerror (err));
goto leave;
}
leave:
ksba_cert_release (cert);
keydb_release (kh);
- es_fclose (fp);
return err;
}
int
-gpgsm_import (ctrl_t ctrl, int in_fd, int reimport_mode)
+gpgsm_import (ctrl_t ctrl, estream_t in_fp, int reimport_mode)
{
int rc;
struct stats_s stats;
memset (&stats, 0, sizeof stats);
if (reimport_mode)
- rc = reimport_one (ctrl, &stats, in_fd);
+ rc = reimport_one (ctrl, &stats, in_fp);
else
- rc = import_one (ctrl, &stats, in_fd);
+ rc = import_one (ctrl, &stats, in_fp);
print_imported_summary (ctrl, &stats);
/* If we never printed an error message do it now so that a command
line invocation will return with an error (log_error keeps a
@@ -536,7 +520,7 @@ gpgsm_import (ctrl_t ctrl, int in_fd, int reimport_mode)
int
gpgsm_import_files (ctrl_t ctrl, int nfiles, char **files,
- int (*of)(const char *fname))
+ estream_t (*of)(const char *fname, const char *mode))
{
int rc = 0;
struct stats_s stats;
@@ -544,14 +528,19 @@ gpgsm_import_files (ctrl_t ctrl, int nfiles, char **files,
memset (&stats, 0, sizeof stats);
if (!nfiles)
- rc = import_one (ctrl, &stats, 0);
+ {
+#ifdef HAVE_DOSISH_SYSTEM
+ setmode (0, O_BINARY);
+#endif
+ rc = import_one (ctrl, &stats, es_stdin);
+ }
else
{
for (; nfiles && !rc ; nfiles--, files++)
{
- int fd = of (*files);
- rc = import_one (ctrl, &stats, fd);
- close (fd);
+ estream_t fp = of (*files, "rb");
+ rc = import_one (ctrl, &stats, fp);
+ es_fclose (fp);
if (rc == -1/* legacy*/ || gpg_err_code (rc) == GPG_ERR_NOT_FOUND)
rc = 0;
}
diff --git a/sm/keydb.c b/sm/keydb.c
index 411720513..151ae8103 100644
--- a/sm/keydb.c
+++ b/sm/keydb.c
@@ -161,10 +161,17 @@ gpgsm_keydb_deinit_session_data (ctrl_t ctrl)
log_error ("oops: trying to cleanup an active keydb context\n");
else
{
- kbx_client_data_release (kbl->kcd);
- kbl->kcd = NULL;
assuan_release (kbl->ctx);
kbl->ctx = NULL;
+ /*
+ * Since there may be pipe output FD sent to the server (so
+ * that it can receive data through the pipe), we should
+ * release the assuan connection before releasing KBL->KCD.
+ * This way, the data receiving thread can finish cleanly,
+ * and we can join the thread.
+ */
+ kbx_client_data_release (kbl->kcd);
+ kbl->kcd = NULL;
}
xfree (kbl);
}
@@ -516,7 +523,8 @@ create_new_context (ctrl_t ctrl, assuan_context_t *r_ctx)
err = start_new_keyboxd (&ctx,
GPG_ERR_SOURCE_DEFAULT,
opt.keyboxd_program,
- opt.autostart, opt.verbose, DBG_IPC,
+ opt.autostart?ASSHELP_FLAG_AUTOSTART:0,
+ opt.verbose, DBG_IPC,
NULL, ctrl);
if (!opt.autostart && gpg_err_code (err) == GPG_ERR_NO_KEYBOXD)
{
@@ -580,7 +588,7 @@ open_context (ctrl_t ctrl, keydb_local_t *r_kbl)
return err;
}
- err = kbx_client_data_new (&kbl->kcd, kbl->ctx, 1);
+ err = kbx_client_data_new (&kbl->kcd, kbl->ctx, 0);
if (err)
{
assuan_release (kbl->ctx);
diff --git a/sm/server.c b/sm/server.c
index 184ec9379..f00b70d38 100644
--- a/sm/server.c
+++ b/sm/server.c
@@ -43,7 +43,7 @@ static FILE *statusfp;
/* Data used to assuciate an Assuan context with local server data */
struct server_local_s {
assuan_context_t assuan_ctx;
- int message_fd;
+ estream_t message_fp;
int list_internal;
int list_external;
int list_to_output; /* Write keylistings to the output fd. */
@@ -130,12 +130,12 @@ data_line_cookie_close (void *cookie)
static void
-close_message_fd (ctrl_t ctrl)
+close_message_fp (ctrl_t ctrl)
{
- if (ctrl->server_local->message_fd != -1)
+ if (ctrl->server_local->message_fp)
{
- close (ctrl->server_local->message_fd);
- ctrl->server_local->message_fd = -1;
+ es_fclose (ctrl->server_local->message_fp);
+ ctrl->server_local->message_fp = NULL;
}
}
@@ -332,7 +332,7 @@ reset_notify (assuan_context_t ctx, char *line)
ctrl->server_local->recplist = NULL;
ctrl->server_local->signerlist = NULL;
ctrl->always_trust = 0;
- close_message_fd (ctrl);
+ close_message_fp (ctrl);
assuan_close_input_fd (ctx);
assuan_close_output_fd (ctx);
return 0;
@@ -463,20 +463,26 @@ cmd_encrypt (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
certlist_t cl;
- int inp_fd, out_fd;
+ gnupg_fd_t inp_fd;
+ gnupg_fd_t out_fd;
+ estream_t inp_fp;
estream_t out_fp;
int rc;
(void)line;
- inp_fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0);
- if (inp_fd == -1)
+ inp_fd = assuan_get_input_fd (ctx);
+ if (inp_fd == GNUPG_INVALID_FD)
return set_error (GPG_ERR_ASS_NO_INPUT, NULL);
- out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1);
- if (out_fd == -1)
+ out_fd = assuan_get_output_fd (ctx);
+ if (out_fd == GNUPG_INVALID_FD)
return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL);
- out_fp = es_fdopen_nc (out_fd, "w");
+ inp_fp = open_stream_nc (inp_fd, "r");
+ if (!inp_fp)
+ return set_error (gpg_err_code_from_syserror (), "fdopen() failed");
+
+ out_fp = open_stream_nc (out_fd, "w");
if (!out_fp)
return set_error (gpg_err_code_from_syserror (), "fdopen() failed");
@@ -495,14 +501,15 @@ cmd_encrypt (assuan_context_t ctx, char *line)
if (!rc)
rc = gpgsm_encrypt (assuan_get_pointer (ctx),
ctrl->server_local->recplist,
- inp_fd, out_fp);
+ inp_fp, out_fp);
+ es_fclose (inp_fp);
es_fclose (out_fp);
gpgsm_release_certlist (ctrl->server_local->recplist);
ctrl->server_local->recplist = NULL;
ctrl->always_trust = 0;
- /* Close and reset the fd */
- close_message_fd (ctrl);
+ /* Close and reset the fp and the fds */
+ close_message_fp (ctrl);
assuan_close_input_fd (ctx);
assuan_close_output_fd (ctx);
return rc;
@@ -521,30 +528,37 @@ static gpg_error_t
cmd_decrypt (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
- int inp_fd, out_fd;
+ gnupg_fd_t inp_fd;
+ gnupg_fd_t out_fd;
+ estream_t inp_fp;
estream_t out_fp;
int rc;
(void)line;
- inp_fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0);
- if (inp_fd == -1)
+ inp_fd = assuan_get_input_fd (ctx);
+ if (inp_fd == GNUPG_INVALID_FD)
return set_error (GPG_ERR_ASS_NO_INPUT, NULL);
- out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1);
- if (out_fd == -1)
+ out_fd = assuan_get_output_fd (ctx);
+ if (out_fd == GNUPG_INVALID_FD)
return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL);
- out_fp = es_fdopen_nc (out_fd, "w");
+ inp_fp = open_stream_nc (inp_fd, "r");
+ if (!inp_fp)
+ return set_error (gpg_err_code_from_syserror (), "fdopen() failed");
+
+ out_fp = open_stream_nc (out_fd, "w");
if (!out_fp)
return set_error (gpg_err_code_from_syserror (), "fdopen() failed");
rc = start_audit_session (ctrl);
if (!rc)
- rc = gpgsm_decrypt (ctrl, inp_fd, out_fp);
+ rc = gpgsm_decrypt (ctrl, inp_fp, out_fp);
+ es_fclose (inp_fp);
es_fclose (out_fp);
/* Close and reset the fds. */
- close_message_fd (ctrl);
+ close_message_fp (ctrl);
assuan_close_input_fd (ctx);
assuan_close_output_fd (ctx);
@@ -566,30 +580,36 @@ cmd_verify (assuan_context_t ctx, char *line)
{
int rc;
ctrl_t ctrl = assuan_get_pointer (ctx);
- int fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0);
- int out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1);
+ gnupg_fd_t fd = assuan_get_input_fd (ctx);
+ gnupg_fd_t out_fd = assuan_get_output_fd (ctx);
+ estream_t fp = NULL;
estream_t out_fp = NULL;
(void)line;
- if (fd == -1)
+ if (fd == GNUPG_INVALID_FD)
return set_error (GPG_ERR_ASS_NO_INPUT, NULL);
- if (out_fd != -1)
+ fp = open_stream_nc (fd, "r");
+ if (!fp)
+ return set_error (gpg_err_code_from_syserror (), "fdopen() failed");
+
+ if (out_fd != GNUPG_INVALID_FD)
{
- out_fp = es_fdopen_nc (out_fd, "w");
+ out_fp = open_stream_nc (out_fd, "w");
if (!out_fp)
return set_error (gpg_err_code_from_syserror (), "fdopen() failed");
}
rc = start_audit_session (ctrl);
if (!rc)
- rc = gpgsm_verify (assuan_get_pointer (ctx), fd,
- ctrl->server_local->message_fd, out_fp);
+ rc = gpgsm_verify (assuan_get_pointer (ctx), fp,
+ ctrl->server_local->message_fp, out_fp);
+ es_fclose (fp);
es_fclose (out_fp);
- /* Close and reset the fd. */
- close_message_fd (ctrl);
+ /* Close and reset the fp and the fd. */
+ close_message_fp (ctrl);
assuan_close_input_fd (ctx);
assuan_close_output_fd (ctx);
@@ -607,32 +627,39 @@ static gpg_error_t
cmd_sign (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
- int inp_fd, out_fd;
+ gnupg_fd_t inp_fd;
+ gnupg_fd_t out_fd;
+ estream_t inp_fp;
estream_t out_fp;
int detached;
int rc;
- inp_fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0);
- if (inp_fd == -1)
+ inp_fd = assuan_get_input_fd (ctx);
+ if (inp_fd == GNUPG_INVALID_FD)
return set_error (GPG_ERR_ASS_NO_INPUT, NULL);
- out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1);
- if (out_fd == -1)
+ out_fd = assuan_get_output_fd (ctx);
+ if (out_fd == GNUPG_INVALID_FD)
return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL);
detached = has_option (line, "--detached");
- out_fp = es_fdopen_nc (out_fd, "w");
+ inp_fp = open_stream_nc (inp_fd, "r");
+ if (!inp_fp)
+ return set_error (gpg_err_code_from_syserror (), "fdopen() failed");
+
+ out_fp = open_stream_nc (out_fd, "w");
if (!out_fp)
return set_error (GPG_ERR_ASS_GENERAL, "fdopen() failed");
rc = start_audit_session (ctrl);
if (!rc)
rc = gpgsm_sign (assuan_get_pointer (ctx), ctrl->server_local->signerlist,
- inp_fd, detached, out_fp);
+ inp_fp, detached, out_fp);
+ es_fclose (inp_fp);
es_fclose (out_fp);
- /* close and reset the fd */
- close_message_fd (ctrl);
+ /* close and reset the fp and the fds */
+ close_message_fp (ctrl);
assuan_close_input_fd (ctx);
assuan_close_output_fd (ctx);
@@ -657,18 +684,24 @@ cmd_import (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
int rc;
- int fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0);
+ gnupg_fd_t fd = assuan_get_input_fd (ctx);
int reimport = has_option (line, "--re-import");
+ estream_t fp;
(void)line;
- if (fd == -1)
+ if (fd == GNUPG_INVALID_FD)
+ return set_error (GPG_ERR_ASS_NO_INPUT, NULL);
+
+ fp = open_stream_nc (fd, "r");
+ if (!fp)
return set_error (GPG_ERR_ASS_NO_INPUT, NULL);
- rc = gpgsm_import (assuan_get_pointer (ctx), fd, reimport);
+ rc = gpgsm_import (assuan_get_pointer (ctx), fp, reimport);
+ es_fclose (fp);
- /* close and reset the fd */
- close_message_fd (ctrl);
+ /* close and reset the fp and the fds */
+ close_message_fp (ctrl);
assuan_close_input_fd (ctx);
assuan_close_output_fd (ctx);
@@ -769,15 +802,15 @@ cmd_export (assuan_context_t ctx, char *line)
}
else
{
- int fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1);
+ gnupg_fd_t fd = assuan_get_output_fd (ctx);
estream_t out_fp;
- if (fd == -1)
+ if (fd == GNUPG_INVALID_FD)
{
free_strlist (list);
return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL);
}
- out_fp = es_fdopen_nc (fd, "w");
+ out_fp = open_stream_nc (fd, "w");
if (!out_fp)
{
free_strlist (list);
@@ -793,8 +826,8 @@ cmd_export (assuan_context_t ctx, char *line)
}
free_strlist (list);
- /* Close and reset the fds. */
- close_message_fd (ctrl);
+ /* Close and reset the fp and the fds. */
+ close_message_fp (ctrl);
assuan_close_input_fd (ctx);
assuan_close_output_fd (ctx);
return 0;
@@ -842,8 +875,8 @@ cmd_delkeys (assuan_context_t ctx, char *line)
rc = gpgsm_delete (ctrl, list);
free_strlist (list);
- /* close and reset the fd */
- close_message_fd (ctrl);
+ /* close and reset the fp and the fds */
+ close_message_fp (ctrl);
assuan_close_input_fd (ctx);
assuan_close_output_fd (ctx);
@@ -877,19 +910,18 @@ static gpg_error_t
cmd_message (assuan_context_t ctx, char *line)
{
int rc;
- gnupg_fd_t sysfd;
- int fd;
+ gnupg_fd_t fd;
+ estream_t fp;
ctrl_t ctrl = assuan_get_pointer (ctx);
- rc = assuan_command_parse_fd (ctx, line, &sysfd);
+ rc = assuan_command_parse_fd (ctx, line, &fd);
if (rc)
return rc;
-
- fd = translate_sys2libc_fd (sysfd, 0);
- if (fd == -1)
+ fp = open_stream_nc (fd, "r");
+ if (!fp)
return set_error (GPG_ERR_ASS_NO_INPUT, NULL);
- ctrl->server_local->message_fd = fd;
+ ctrl->server_local->message_fp = fp;
return 0;
}
@@ -1024,14 +1056,14 @@ do_listkeys (assuan_context_t ctx, char *line, int mode)
if (ctrl->server_local->list_to_output)
{
- int outfd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1);
+ gnupg_fd_t outfd = assuan_get_output_fd (ctx);
- if ( outfd == -1 )
+ if ( outfd == GNUPG_INVALID_FD )
{
free_strlist (list);
return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL);
}
- fp = es_fdopen_nc (outfd, "w");
+ fp = open_stream_nc (outfd, "w");
if (!fp)
{
free_strlist (list);
@@ -1100,24 +1132,24 @@ static gpg_error_t
cmd_genkey (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
- int inp_fd, out_fd;
+ gnupg_fd_t inp_fd, out_fd;
estream_t in_stream, out_stream;
int rc;
(void)line;
- inp_fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0);
- if (inp_fd == -1)
+ inp_fd = assuan_get_input_fd (ctx);
+ if (inp_fd == GNUPG_INVALID_FD)
return set_error (GPG_ERR_ASS_NO_INPUT, NULL);
- out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1);
- if (out_fd == -1)
+ out_fd = assuan_get_output_fd (ctx);
+ if (out_fd == GNUPG_INVALID_FD)
return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL);
- in_stream = es_fdopen_nc (inp_fd, "r");
+ in_stream = open_stream_nc (inp_fd, "r");
if (!in_stream)
return set_error (GPG_ERR_ASS_GENERAL, "es_fdopen failed");
- out_stream = es_fdopen_nc (out_fd, "w");
+ out_stream = open_stream_nc (out_fd, "w");
if (!out_stream)
{
es_fclose (in_stream);
@@ -1148,7 +1180,7 @@ static gpg_error_t
cmd_getauditlog (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
- int out_fd;
+ gnupg_fd_t out_fd;
estream_t out_stream;
int opt_data, opt_html;
int rc;
@@ -1169,11 +1201,11 @@ cmd_getauditlog (assuan_context_t ctx, char *line)
}
else
{
- out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1);
- if (out_fd == -1)
+ out_fd = assuan_get_output_fd (ctx);
+ if (out_fd == GNUPG_INVALID_FD)
return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL);
- out_stream = es_fdopen_nc (out_fd, "w");
+ out_stream = open_stream_nc (out_fd, "w");
if (!out_stream)
{
return set_error (GPG_ERR_ASS_GENERAL, "es_fdopen() failed");
@@ -1441,7 +1473,7 @@ gpgsm_server (certlist_t default_recplist)
assuan_set_pointer (ctx, &ctrl);
ctrl.server_local = xcalloc (1, sizeof *ctrl.server_local);
ctrl.server_local->assuan_ctx = ctx;
- ctrl.server_local->message_fd = -1;
+ ctrl.server_local->message_fp = NULL;
ctrl.server_local->list_internal = 1;
ctrl.server_local->list_external = 0;
ctrl.server_local->default_recplist = default_recplist;
diff --git a/sm/sign.c b/sm/sign.c
index 3e8f26cbd..ec0172b4b 100644
--- a/sm/sign.c
+++ b/sm/sign.c
@@ -40,20 +40,12 @@
/* Hash the data and return if something was hashed. Return -1 on error. */
static int
-hash_data (int fd, gcry_md_hd_t md)
+hash_data (estream_t fp, gcry_md_hd_t md)
{
- estream_t fp;
char buffer[4096];
int nread;
int rc = 0;
- fp = es_fdopen_nc (fd, "rb");
- if (!fp)
- {
- log_error ("fdopen(%d) failed: %s\n", fd, strerror (errno));
- return -1;
- }
-
do
{
nread = es_fread (buffer, 1, DIM(buffer), fp);
@@ -62,32 +54,22 @@ hash_data (int fd, gcry_md_hd_t md)
while (nread);
if (es_ferror (fp))
{
- log_error ("read error on fd %d: %s\n", fd, strerror (errno));
+ log_error ("read error on fd %p: %s\n", fp, strerror (errno));
rc = -1;
}
- es_fclose (fp);
return rc;
}
static int
-hash_and_copy_data (int fd, gcry_md_hd_t md, ksba_writer_t writer)
+hash_and_copy_data (estream_t fp, gcry_md_hd_t md, ksba_writer_t writer)
{
gpg_error_t err;
- estream_t fp;
char buffer[4096];
int nread;
int rc = 0;
int any = 0;
- fp = es_fdopen_nc (fd, "rb");
- if (!fp)
- {
- gpg_error_t tmperr = gpg_error_from_syserror ();
- log_error ("fdopen(%d) failed: %s\n", fd, strerror (errno));
- return tmperr;
- }
-
do
{
nread = es_fread (buffer, 1, DIM(buffer), fp);
@@ -107,9 +89,9 @@ hash_and_copy_data (int fd, gcry_md_hd_t md, ksba_writer_t writer)
if (es_ferror (fp))
{
rc = gpg_error_from_syserror ();
- log_error ("read error on fd %d: %s\n", fd, strerror (errno));
+ log_error ("read error on fp %p: %s\n", fp, strerror (errno));
}
- es_fclose (fp);
+
if (!any)
{
/* We can't allow signing an empty message because it does not
@@ -622,7 +604,7 @@ write_detached_signature (ctrl_t ctrl, const void *blob, size_t bloblen,
be used if the value of this argument is NULL. */
int
gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
- int data_fd, int detached, estream_t out_fp)
+ estream_t data_fp, int detached, estream_t out_fp)
{
gpg_error_t err;
int i;
@@ -950,7 +932,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
unsigned char *digest;
size_t digest_len;
- if (!hash_data (data_fd, data_md))
+ if (!hash_data (data_fp, data_md))
audit_log (ctrl->audit, AUDIT_GOT_DATA);
for (cl=signerlist,signer=0; cl; cl = cl->next, signer++)
{
@@ -1032,7 +1014,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
log_assert (!detached);
- err = hash_and_copy_data (data_fd, data_md, writer);
+ err = hash_and_copy_data (data_fp, data_md, writer);
if (err)
goto leave;
audit_log (ctrl->audit, AUDIT_GOT_DATA);
diff --git a/sm/verify.c b/sm/verify.c
index f5d7341ef..39226ed28 100644
--- a/sm/verify.c
+++ b/sm/verify.c
@@ -53,21 +53,12 @@ strtimestamp_r (ksba_isotime_t atime)
/* Hash the data for a detached signature. Returns 0 on success. */
static gpg_error_t
-hash_data (int fd, gcry_md_hd_t md)
+hash_data (estream_t fp, gcry_md_hd_t md)
{
gpg_error_t err = 0;
- estream_t fp;
char buffer[4096];
int nread;
- fp = es_fdopen_nc (fd, "rb");
- if (!fp)
- {
- err = gpg_error_from_syserror ();
- log_error ("fdopen(%d) failed: %s\n", fd, gpg_strerror (err));
- return err;
- }
-
do
{
nread = es_fread (buffer, 1, DIM(buffer), fp);
@@ -77,20 +68,20 @@ hash_data (int fd, gcry_md_hd_t md)
if (es_ferror (fp))
{
err = gpg_error_from_syserror ();
- log_error ("read error on fd %d: %s\n", fd, gpg_strerror (err));
+ log_error ("read error on fp %p: %s\n", fp, gpg_strerror (err));
}
- es_fclose (fp);
return err;
}
-/* Perform a verify operation. To verify detached signatures, DATA_FD
- must be different than -1. With OUT_FP given and a non-detached
+/* Perform a verify operation. To verify detached signatures, DATA_FP
+ must be different than NULL. With OUT_FP given and a non-detached
signature, the signed material is written to that stream. */
int
-gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
+gpgsm_verify (ctrl_t ctrl, estream_t in_fp, estream_t data_fp,
+ estream_t out_fp)
{
int i, rc;
gnupg_ksba_io_t b64reader = NULL;
@@ -106,7 +97,6 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
const char *algoid;
int algo;
int is_detached, maybe_detached;
- estream_t in_fp = NULL;
char *p;
audit_set_type (ctrl->audit, AUDIT_TYPE_VERIFY);
@@ -114,7 +104,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
/* Although we detect detached signatures during the parsing phase,
* we need to know it earlier and thus accept the caller idea of
* what to verify. */
- maybe_detached = (data_fd != -1);
+ maybe_detached = (data_fp != NULL);
kh = keydb_new (ctrl);
if (!kh)
@@ -125,14 +115,6 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
}
- in_fp = es_fdopen_nc (in_fd, "rb");
- if (!in_fp)
- {
- rc = gpg_error_from_syserror ();
- log_error ("fdopen() failed: %s\n", strerror (errno));
- goto leave;
- }
-
rc = gnupg_ksba_create_reader
(&b64reader, ((ctrl->is_pem? GNUPG_KSBA_IO_PEM : 0)
| (ctrl->is_base64? GNUPG_KSBA_IO_BASE64 : 0)
@@ -242,7 +224,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
}
if (is_detached)
{
- if (data_fd == -1)
+ if (!data_fp)
{
log_info ("detached signature w/o data "
"- assuming certs-only\n");
@@ -250,7 +232,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
}
else
audit_log_ok (ctrl->audit, AUDIT_DATA_HASHING,
- hash_data (data_fd, data_md));
+ hash_data (data_fp, data_md));
}
else
{
@@ -275,7 +257,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
}
}
- if (data_fd != -1 && !is_detached)
+ if (data_fp && !is_detached)
{
log_error ("data given for a non-detached signature\n");
rc = gpg_error (GPG_ERR_CONFLICT);
@@ -315,7 +297,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
rc = ksba_cms_get_issuer_serial (cms, signer, &issuer, &serial);
if (!signer && gpg_err_code (rc) == GPG_ERR_NO_DATA
- && data_fd == -1 && is_detached)
+ && !data_fp && is_detached)
{
log_info ("certs-only message accepted\n");
rc = 0;
@@ -749,7 +731,6 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
gnupg_ksba_destroy_writer (b64writer);
keydb_release (kh);
gcry_md_close (data_md);
- es_fclose (in_fp);
if (rc)
{
diff --git a/tests/gpgscm/ffi.c b/tests/gpgscm/ffi.c
index ce18e0794..36b0b98d2 100644
--- a/tests/gpgscm/ffi.c
+++ b/tests/gpgscm/ffi.c
@@ -42,6 +42,9 @@
#endif
#include "../../common/util.h"
+#ifdef HAVE_W32_SYSTEM
+#define NEED_STRUCT_SPAWN_CB_ARG
+#endif
#include "../../common/exechelp.h"
#include "../../common/sysutils.h"
@@ -644,6 +647,7 @@ static struct foreign_object_vtable es_object_vtable =
es_object_to_string,
};
+#if 0
static pointer
es_wrap (scheme *sc, estream_t stream)
{
@@ -655,6 +659,7 @@ es_wrap (scheme *sc, estream_t stream)
box->closed = 0;
return sc->vptr->mk_foreign_object (sc, &es_object_vtable, box);
}
+#endif
static struct es_object_box *
es_unwrap (scheme *sc, pointer object)
@@ -753,25 +758,166 @@ do_es_write (scheme *sc, pointer args)
}
-
/* Process handling. */
+struct proc_object_box
+{
+ gnupg_process_t proc;
+};
+
+static void
+proc_object_finalize (scheme *sc, void *data)
+{
+ struct proc_object_box *box = data;
+ (void) sc;
+
+ if (!box->proc)
+ gnupg_process_release (box->proc);
+ xfree (box);
+}
+
+static void
+proc_object_to_string (scheme *sc, char *out, size_t size, void *data)
+{
+ struct proc_object_box *box = data;
+ (void) sc;
+
+ snprintf (out, size, "#proc %p", box->proc);
+}
+
+static struct foreign_object_vtable proc_object_vtable =
+ {
+ proc_object_finalize,
+ proc_object_to_string,
+ };
+
static pointer
-do_spawn_process (scheme *sc, pointer args)
+proc_wrap (scheme *sc, gnupg_process_t proc)
+{
+ struct proc_object_box *box = xmalloc (sizeof *box);
+ if (box == NULL)
+ return sc->NIL;
+
+ box->proc = proc;
+ return sc->vptr->mk_foreign_object (sc, &proc_object_vtable, box);
+}
+
+static struct proc_object_box *
+proc_unwrap (scheme *sc, pointer object)
+{
+ (void) sc;
+
+ if (! is_foreign_object (object))
+ return NULL;
+
+ if (sc->vptr->get_foreign_object_vtable (object) != &proc_object_vtable)
+ return NULL;
+
+ return sc->vptr->get_foreign_object_data (object);
+}
+
+#define CONVERSION_proc(SC, X) proc_unwrap (SC, X)
+#define IS_A_proc(SC, X) proc_unwrap (SC, X)
+
+
+#define SPAWN_IO_BUFSIZE 4096
+
+#ifdef HAVE_W32_SYSTEM
+struct rfp {
+ HANDLE hd;
+ char *buf;
+ size_t len;
+ off_t off;
+};
+
+static DWORD __attribute__((stdcall))
+read_from_pipe (void *arg)
+{
+ struct rfp *rfp = arg;
+ DWORD bytes_read;
+
+ if (rfp->hd == INVALID_HANDLE_VALUE)
+ goto errout;
+
+ while (1)
+ {
+ if (!ReadFile (rfp->hd, rfp->buf + rfp->off, rfp->len - rfp->off,
+ &bytes_read, NULL))
+ {
+ DWORD ec = GetLastError ();
+
+ if (ec == ERROR_BROKEN_PIPE)
+ {
+ CloseHandle (rfp->hd);
+ rfp->hd = INVALID_HANDLE_VALUE;
+ break;
+ }
+
+ goto errout;
+ }
+
+ if (bytes_read == 0)
+ /* It may occur, when it writes WriteFile with zero-byte on
+ the other end of the pipe. */
+ continue;
+ else
+ {
+ rfp->off += bytes_read;
+ if (rfp->off == rfp->len)
+ {
+ rfp->len += SPAWN_IO_BUFSIZE;
+ rfp->buf = xtryrealloc (rfp->buf, rfp->len);
+ if (rfp->buf == NULL)
+ goto errout;
+ }
+ }
+ }
+
+ return 0;
+
+ errout:
+ if (rfp->hd != INVALID_HANDLE_VALUE)
+ {
+ CloseHandle (rfp->hd);
+ rfp->hd = INVALID_HANDLE_VALUE;
+ }
+ xfree (rfp->buf);
+ rfp->buf = NULL;
+ return 1;
+}
+#endif
+
+
+static pointer
+do_process_spawn_io (scheme *sc, pointer args)
{
FFI_PROLOG ();
pointer arguments;
+ char *a_input;
char **argv;
size_t len;
unsigned int flags;
-
+ gnupg_process_t proc = NULL;
estream_t infp;
- estream_t outfp;
- estream_t errfp;
- pid_t pid;
+#ifdef HAVE_W32_SYSTEM
+ HANDLE out_hd, err_hd;
+#else
+ int out_fd, err_fd;
+#endif
+ char *out_string = NULL;
+ char *err_string = NULL;
+ size_t out_len = SPAWN_IO_BUFSIZE;
+ size_t err_len = SPAWN_IO_BUFSIZE;
+ off_t out_off = 0;
+ off_t err_off = 0;
+ int retcode = -1;
+ pointer p0, p1, p2;
FFI_ARG_OR_RETURN (sc, pointer, arguments, list, args);
- FFI_ARG_OR_RETURN (sc, unsigned int, flags, number, args);
+ FFI_ARG_OR_RETURN (sc, char *, a_input, string, args);
+ flags = (GNUPG_PROCESS_STDIN_PIPE
+ | GNUPG_PROCESS_STDOUT_PIPE
+ | GNUPG_PROCESS_STDERR_PIPE);
FFI_ARGS_DONE_OR_RETURN (sc, args);
err = ffi_list2argv (sc, arguments, &argv, &len);
@@ -791,38 +937,239 @@ do_spawn_process (scheme *sc, pointer args)
fprintf (stderr, "\n");
}
- err = gnupg_spawn_process (argv[0], (const char **) &argv[1],
- NULL,
- flags,
- &infp, &outfp, &errfp, &pid);
+ err = gnupg_process_spawn (argv[0], (const char **) &argv[1],
+ flags, NULL, NULL, &proc);
+ err = gnupg_process_get_streams (proc, 0, &infp, NULL, NULL);
+
+ err = es_write (infp, a_input, strlen (a_input), NULL);
+ es_fclose (infp);
+ if (err)
+ {
+ gnupg_process_release (proc);
+ xfree (argv);
+ FFI_RETURN_ERR (sc, err);
+ }
+
+#ifdef HAVE_W32_SYSTEM
+ err = gnupg_process_ctl (proc, GNUPG_PROCESS_GET_HANDLES,
+ NULL, &out_hd, &err_hd);
+#else
+ err = gnupg_process_get_fds (proc, 0, NULL, &out_fd, &err_fd);
+#endif
+ if (err)
+ {
+ gnupg_process_release (proc);
+ xfree (argv);
+ FFI_RETURN_ERR (sc, err);
+ }
+
+ out_string = xtrymalloc (out_len);
+ if (out_string == NULL)
+ goto errout;
+
+ err_string = xtrymalloc (err_len);
+ if (err_string == NULL)
+ goto errout;
+
+#ifdef HAVE_W32_SYSTEM
+ {
+ HANDLE h_thread_rfp_err;
+ struct rfp rfp_out;
+ struct rfp rfp_err;
+ DWORD thread_exit_code;
+
+ rfp_err.hd = err_hd;
+ rfp_err.buf = err_string;
+ rfp_err.len = err_len;
+ rfp_err.off = 0;
+ err_hd = INVALID_HANDLE_VALUE;
+ err_string = NULL;
+
+ h_thread_rfp_err = CreateThread (NULL, 0, read_from_pipe, (void *)&rfp_err,
+ 0, NULL);
+ if (h_thread_rfp_err == NULL)
+ {
+ xfree (rfp_err.buf);
+ CloseHandle (rfp_err.hd);
+ goto errout;
+ }
+
+ rfp_out.hd = out_hd;
+ rfp_out.buf = out_string;
+ rfp_out.len = out_len;
+ rfp_out.off = 0;
+ out_hd = INVALID_HANDLE_VALUE;
+ out_string = NULL;
+
+ if (read_from_pipe (&rfp_out))
+ {
+ CloseHandle (h_thread_rfp_err);
+ xfree (rfp_err.buf);
+ goto errout;
+ }
+
+ out_string = rfp_out.buf;
+ out_off = rfp_out.off;
+
+ WaitForSingleObject (h_thread_rfp_err, INFINITE);
+ GetExitCodeThread (h_thread_rfp_err, &thread_exit_code);
+ CloseHandle (h_thread_rfp_err);
+ if (thread_exit_code)
+ goto errout;
+
+ err_string = rfp_err.buf;
+ err_off = rfp_err.off;
+ }
+#else
+ {
+ fd_set read_fdset;
+ ssize_t bytes_read;
+
+ while (1)
+ {
+ int nfd;
+ int ret;
+
+ FD_ZERO (&read_fdset);
+
+ if (out_fd >= 0)
+ FD_SET (out_fd, &read_fdset);
+
+ if (err_fd >= 0)
+ FD_SET (err_fd, &read_fdset);
+
+ if (out_fd > err_fd)
+ nfd = out_fd;
+ else
+ nfd = err_fd;
+
+ if (nfd == -1)
+ break;
+
+ ret = select (nfd+1, &read_fdset, NULL, NULL, NULL);
+ if (ret < 0)
+ break;
+
+ if (FD_ISSET (out_fd, &read_fdset))
+ {
+ bytes_read = read (out_fd, out_string + out_off,
+ out_len - out_off);
+ if (bytes_read == 0)
+ {
+ close (out_fd);
+ out_fd = -1;
+ }
+ else if (bytes_read < 0)
+ goto errout;
+ else
+ {
+ out_off += bytes_read;
+ if (out_off == out_len)
+ {
+ out_len += SPAWN_IO_BUFSIZE;
+ out_string = xtryrealloc (out_string, out_len);
+ if (out_string == NULL)
+ goto errout;
+ }
+ }
+ }
+
+ if (FD_ISSET (err_fd, &read_fdset))
+ {
+ bytes_read = read (err_fd, err_string + err_off,
+ err_len - err_off);
+ if (bytes_read == 0)
+ {
+ close (err_fd);
+ err_fd = -1;
+ }
+ else if (bytes_read < 0)
+ goto errout;
+ else
+ {
+ err_off += bytes_read;
+ if (err_off == err_len)
+ {
+ err_len += SPAWN_IO_BUFSIZE;
+ err_string = xtryrealloc (err_string, err_len);
+ if (err_string == NULL)
+ goto errout;
+ }
+ }
+ }
+ }
+ }
+#endif
+
+ err = gnupg_process_wait (proc, 1);
+ if (!err)
+ err = gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &retcode);
+
+ gnupg_process_release (proc);
xfree (argv);
-#define IMC(A, B) \
- _cons (sc, sc->vptr->mk_integer (sc, (unsigned long) (A)), (B), 1)
-#define IMS(A, B) \
- _cons (sc, es_wrap (sc, (A)), (B), 1)
- FFI_RETURN_POINTER (sc, IMS (infp,
- IMS (outfp,
- IMS (errfp,
- IMC (pid, sc->NIL)))));
-#undef IMS
-#undef IMC
+
+ p0 = sc->vptr->mk_integer (sc, (unsigned long)retcode);
+ p1 = sc->vptr->mk_counted_string (sc, out_string, out_off);
+ p2 = sc->vptr->mk_counted_string (sc, err_string, err_off);
+
+ xfree (out_string);
+ xfree (err_string);
+
+ FFI_RETURN_POINTER (sc, _cons (sc, p0,
+ _cons (sc, p1,
+ _cons (sc, p2, sc->NIL, 1), 1), 1));
+ errout:
+ xfree (out_string);
+ xfree (err_string);
+#ifdef HAVE_W32_SYSTEM
+ if (out_hd != INVALID_HANDLE_VALUE)
+ CloseHandle (out_hd);
+ if (err_hd != INVALID_HANDLE_VALUE)
+ CloseHandle (err_hd);
+#else
+ if (out_fd >= 0)
+ close (out_fd);
+ if (err_fd >= 0)
+ close (err_fd);
+#endif
+ gnupg_process_release (proc);
+ xfree (argv);
+ FFI_RETURN_ERR (sc, err);
+}
+
+static void
+setup_std_fds (struct spawn_cb_arg *sca)
+{
+ int *std_fds = sca->arg;
+
+#ifdef HAVE_W32_SYSTEM
+ sca->hd[0] = std_fds[0] == -1?
+ INVALID_HANDLE_VALUE : (HANDLE)_get_osfhandle (std_fds[0]);
+ sca->hd[1] = std_fds[1] == -1?
+ INVALID_HANDLE_VALUE : (HANDLE)_get_osfhandle (std_fds[1]);
+ sca->hd[2] = std_fds[2] == -1?
+ INVALID_HANDLE_VALUE : (HANDLE)_get_osfhandle (std_fds[2]);
+#else
+ sca->fds[0] = std_fds[0];
+ sca->fds[1] = std_fds[1];
+ sca->fds[2] = std_fds[2];
+#endif
}
static pointer
-do_spawn_process_fd (scheme *sc, pointer args)
+do_process_spawn_fd (scheme *sc, pointer args)
{
FFI_PROLOG ();
pointer arguments;
char **argv;
size_t len;
- int infd, outfd, errfd;
-
- pid_t pid;
+ int std_fds[3];
+ gnupg_process_t proc = NULL;
FFI_ARG_OR_RETURN (sc, pointer, arguments, list, args);
- FFI_ARG_OR_RETURN (sc, int, infd, number, args);
- FFI_ARG_OR_RETURN (sc, int, outfd, number, args);
- FFI_ARG_OR_RETURN (sc, int, errfd, number, args);
+ FFI_ARG_OR_RETURN (sc, int, std_fds[0], number, args);
+ FFI_ARG_OR_RETURN (sc, int, std_fds[1], number, args);
+ FFI_ARG_OR_RETURN (sc, int, std_fds[2], number, args);
FFI_ARGS_DONE_OR_RETURN (sc, args);
err = ffi_list2argv (sc, arguments, &argv, &len);
@@ -839,107 +1186,35 @@ do_spawn_process_fd (scheme *sc, pointer args)
fprintf (stderr, "Executing:");
for (p = argv; *p; p++)
fprintf (stderr, " '%s'", *p);
- fprintf (stderr, "\n");
+ fprintf (stderr, " (%d %d %d)\n", std_fds[0], std_fds[1], std_fds[2]);
}
- err = gnupg_spawn_process_fd (argv[0], (const char **) &argv[1],
- infd, outfd, errfd, &pid);
+ err = gnupg_process_spawn (argv[0], (const char **) &argv[1],
+ 0, setup_std_fds, std_fds, &proc);
xfree (argv);
- FFI_RETURN_INT (sc, pid);
+ FFI_RETURN_POINTER (sc, proc_wrap (sc, proc));
}
static pointer
-do_wait_process (scheme *sc, pointer args)
+do_process_wait (scheme *sc, pointer args)
{
FFI_PROLOG ();
- const char *name;
- pid_t pid;
+ struct proc_object_box *box;
int hang;
+ int retcode = -1;
- int retcode;
-
- FFI_ARG_OR_RETURN (sc, const char *, name, string, args);
- FFI_ARG_OR_RETURN (sc, pid_t, pid, number, args);
+ FFI_ARG_OR_RETURN (sc, struct proc_object_box *, box, proc, args);
FFI_ARG_OR_RETURN (sc, int, hang, bool, args);
FFI_ARGS_DONE_OR_RETURN (sc, args);
- err = gnupg_wait_process (name, pid, hang, &retcode);
- if (err == GPG_ERR_GENERAL)
- err = 0; /* Let the return code speak for itself. */
-
- FFI_RETURN_INT (sc, retcode);
-}
-
-
-static pointer
-do_wait_processes (scheme *sc, pointer args)
-{
- FFI_PROLOG ();
- pointer list_names;
- char **names;
- pointer list_pids;
- size_t i, count;
- pid_t *pids;
- int hang;
- int *retcodes;
- pointer retcodes_list = sc->NIL;
-
- FFI_ARG_OR_RETURN (sc, pointer, list_names, list, args);
- FFI_ARG_OR_RETURN (sc, pointer, list_pids, list, args);
- FFI_ARG_OR_RETURN (sc, int, hang, bool, args);
- FFI_ARGS_DONE_OR_RETURN (sc, args);
-
- if (sc->vptr->list_length (sc, list_names)
- != sc->vptr->list_length (sc, list_pids))
- return
- sc->vptr->mk_string (sc, "length of first two arguments must match");
-
- err = ffi_list2argv (sc, list_names, &names, &count);
- if (err == gpg_error (GPG_ERR_INV_VALUE))
- return ffi_sprintf (sc, "%lu%s element of first argument is "
- "neither string nor symbol",
- (unsigned long) count,
- ordinal_suffix ((int) count));
- if (err)
- FFI_RETURN_ERR (sc, err);
-
- err = ffi_list2intv (sc, list_pids, (int **) &pids, &count);
- if (err == gpg_error (GPG_ERR_INV_VALUE))
- return ffi_sprintf (sc, "%lu%s element of second argument is "
- "not a number",
- (unsigned long) count,
- ordinal_suffix ((int) count));
- if (err)
- FFI_RETURN_ERR (sc, err);
-
- retcodes = xtrycalloc (sizeof *retcodes, count);
- if (retcodes == NULL)
- {
- xfree (names);
- xfree (pids);
- FFI_RETURN_ERR (sc, gpg_error_from_syserror ());
- }
-
- err = gnupg_wait_processes ((const char **) names, pids, count, hang,
- retcodes);
- if (err == GPG_ERR_GENERAL)
- err = 0; /* Let the return codes speak. */
+ err = gnupg_process_wait (box->proc, hang);
+ if (!err)
+ err = gnupg_process_ctl (box->proc, GNUPG_PROCESS_GET_EXIT_ID, &retcode);
if (err == GPG_ERR_TIMEOUT)
- err = 0; /* We may have got some results. */
-
- for (i = 0; i < count; i++)
- retcodes_list =
- (sc->vptr->cons) (sc,
- sc->vptr->mk_integer (sc,
- (long) retcodes[count-1-i]),
- retcodes_list);
+ err = 0;
- xfree (names);
- xfree (pids);
- xfree (retcodes);
- FFI_RETURN_POINTER (sc, retcodes_list);
+ FFI_RETURN_INT (sc, retcode);
}
-
static pointer
do_pipe (scheme *sc, pointer args)
{
@@ -1398,13 +1673,12 @@ ffi_init (scheme *sc, const char *argv0, const char *scriptname,
ffi_define_function (sc, make_random_string);
/* Process management. */
- ffi_define_function (sc, spawn_process);
- ffi_define_function (sc, spawn_process_fd);
- ffi_define_function (sc, wait_process);
- ffi_define_function (sc, wait_processes);
ffi_define_function (sc, pipe);
ffi_define_function (sc, inbound_pipe);
ffi_define_function (sc, outbound_pipe);
+ ffi_define_function (sc, process_spawn_io);
+ ffi_define_function (sc, process_spawn_fd);
+ ffi_define_function (sc, process_wait);
/* estream functions. */
ffi_define_function_name (sc, "es-fclose", es_fclose);
diff --git a/tests/gpgscm/scheme.c b/tests/gpgscm/scheme.c
index bde39fcd0..003e85037 100644
--- a/tests/gpgscm/scheme.c
+++ b/tests/gpgscm/scheme.c
@@ -169,7 +169,11 @@ type_to_string (enum scheme_types typ)
case T_SINK: return "sink";
case T_FRAME: return "frame";
}
+#ifdef __GNUC__
+ __builtin_unreachable ();
+#else
assert (! "not reached");
+#endif
}
/* ADJ is enough slack to align cells in a TYPE_BITS-bit boundary */
diff --git a/tests/gpgscm/t-child.scm b/tests/gpgscm/t-child.scm
index fd1dcc3fe..461413b9c 100644
--- a/tests/gpgscm/t-child.scm
+++ b/tests/gpgscm/t-child.scm
@@ -69,37 +69,36 @@
(assert (string=? "" (:stderr r))))
(define (spawn what)
- (spawn-process-fd what CLOSED_FD STDOUT_FILENO STDERR_FILENO))
+ (process-spawn-fd what CLOSED_FD STDOUT_FILENO STDERR_FILENO))
-(let ((pid0 (spawn `(,(qualify "t-child") "return0")))
- (pid1 (spawn `(,(qualify "t-child") "return0"))))
- (assert (equal? '(0 0)
- (wait-processes '("child0" "child1") (list pid0 pid1) #t))))
+(let ((proc0 (spawn `(,(qualify "t-child") "return0")))
+ (proc1 (spawn `(,(qualify "t-child") "return0"))))
+ (assert (= (process-wait proc0 #t) 0))
+ (assert (= (process-wait proc1 #t) 0)))
-(let ((pid0 (spawn `(,(qualify "t-child") "return1")))
- (pid1 (spawn `(,(qualify "t-child") "return0"))))
- (assert (equal? '(1 0)
- (wait-processes '("child0" "child1") (list pid0 pid1) #t))))
+(let ((proc0 (spawn `(,(qualify "t-child") "return1")))
+ (proc1 (spawn `(,(qualify "t-child") "return0"))))
+ (assert (= (process-wait proc0 #t) 1))
+ (assert (= (process-wait proc1 #t) 0)))
-(let ((pid0 (spawn `(,(qualify "t-child") "return0")))
- (pid1 (spawn `(,(qualify "t-child") "return77")))
- (pid2 (spawn `(,(qualify "t-child") "return1"))))
- (assert (equal? '(0 77 1)
- (wait-processes '("child0" "child1" "child2")
- (list pid0 pid1 pid2) #t))))
+(let ((proc0 (spawn `(,(qualify "t-child") "return0")))
+ (proc1 (spawn `(,(qualify "t-child") "return77")))
+ (proc2 (spawn `(,(qualify "t-child") "return1"))))
+ (assert (= (process-wait proc0 #t) 0))
+ (assert (= (process-wait proc1 #t) 77))
+ (assert (= (process-wait proc2 #t) 1)))
(let* ((p (pipe))
- (pid0 (spawn-process-fd
+ (proc0 (process-spawn-fd
`(,(qualify "t-child") "hello_stdout")
CLOSED_FD (:write-end p) STDERR_FILENO))
(_ (close (:write-end p)))
- (pid1 (spawn-process-fd
+ (proc1 (process-spawn-fd
`(,(qualify "t-child") "cat")
(:read-end p) STDOUT_FILENO STDERR_FILENO)))
(close (:read-end p))
- (assert
- (equal? '(0 0)
- (wait-processes '("child0" "child1") (list pid0 pid1) #t))))
+ (assert (= (process-wait proc0 #t) 0))
+ (assert (= (process-wait proc1 #t) 0)))
(echo " world.")
(tr:do
diff --git a/tests/gpgscm/tests.scm b/tests/gpgscm/tests.scm
index db1025bbb..1e6d7fea0 100644
--- a/tests/gpgscm/tests.scm
+++ b/tests/gpgscm/tests.scm
@@ -81,7 +81,7 @@
;; Process management.
(define CLOSED_FD -1)
(define (call-with-fds what infd outfd errfd)
- (wait-process (stringify what) (spawn-process-fd what infd outfd errfd) #t))
+ (process-wait (process-spawn-fd what infd outfd errfd) #t))
(define (call what)
(call-with-fds what
CLOSED_FD
@@ -92,24 +92,16 @@
(define :stdin car)
(define :stdout cadr)
(define :stderr caddr)
-(define :pid cadddr)
(define (call-with-io what in)
- (let ((h (spawn-process what 0)))
- (es-write (:stdin h) in)
- (es-fclose (:stdin h))
- (let* ((out (es-read-all (:stdout h)))
- (err (es-read-all (:stderr h)))
- (result (wait-process (car what) (:pid h) #t)))
- (es-fclose (:stdout h))
- (es-fclose (:stderr h))
- (if (> (*verbose*) 2)
- (info "Child" (:pid h) "returned:"
- `((command ,(stringify what))
- (status ,result)
- (stdout ,out)
- (stderr ,err))))
- (list result out err))))
+ (let ((proc-result (process-spawn-io what in)))
+ (if (> (*verbose*) 2)
+ (info "Child #proc returned:"
+ `((command ,(stringify what))
+ (status ,(car proc-result))
+ (stdout ,(cadr proc-result))
+ (stderr ,(caddr proc-result)))))
+ proc-result))
;; Accessor function for the results of 'call-with-io'. ':stdout' and
;; ':stderr' can also be used.
@@ -129,17 +121,6 @@
(throw (:stderr result)))))
;;
-;; estream helpers.
-;;
-
-(define (es-read-all stream)
- (let loop
- ((acc ""))
- (if (es-feof stream)
- acc
- (loop (string-append acc (es-read stream 4096))))))
-
-;;
;; File management.
;;
(define (file-exists? name)
@@ -351,12 +332,8 @@
(define (dump)
(write (list procs source sink producer))
(newline))
- (define (add-proc command pid)
- (new (cons (list command pid) procs) source sink producer))
- (define (commands)
- (map car procs))
- (define (pids)
- (map cadr procs))
+ (define (add-proc proc)
+ (new (cons proc procs) source sink producer))
(define (set-source source')
(new procs source' sink producer))
(define (set-sink sink')
@@ -367,17 +344,19 @@
(new procs source sink producer'))))))
+(define (process-wait-list procs hang)
+ (map (lambda (p) (process-wait p hang)) procs))
+
(define (pipe:do . commands)
(let loop ((M (pipeM::new '() CLOSED_FD CLOSED_FD #f)) (cmds commands))
(if (null? cmds)
(begin
(if M::producer (M::producer))
(if (not (null? M::procs))
- (let* ((retcodes (wait-processes (map stringify (M::commands))
- (M::pids) #t))
- (results (map (lambda (p r) (append p (list r)))
+ (let* ((retcodes (process-wait-list M::procs #t))
+ (results (map (lambda (p r) (cons p r))
M::procs retcodes))
- (failed (filter (lambda (x) (not (= 0 (caddr x))))
+ (failed (filter (lambda (x) (not (= 0 (cdr x))))
results)))
(if (not (null? failed))
(throw failed))))) ; xxx nicer reporting
@@ -408,11 +387,11 @@
(define (pipe:spawn command)
(lambda (M)
(define (do-spawn M new-source)
- (let ((pid (spawn-process-fd command M::source M::sink
- (if (> (*verbose*) 0)
- STDERR_FILENO CLOSED_FD)))
+ (let ((proc (process-spawn-fd command M::source M::sink
+ (if (> (*verbose*) 0)
+ STDERR_FILENO CLOSED_FD)))
(M' (M::set-source new-source)))
- (M'::add-proc command pid)))
+ (M'::add-proc proc)))
(if (= CLOSED_FD M::sink)
(let* ((p (pipe))
(M' (do-spawn (M::set-sink (:write-end p)) (:read-end p))))
@@ -568,8 +547,8 @@
(assert (= (length enqueued) (- i 1)))
test)))))
- (define (pid->test pid)
- (let ((t (filter (lambda (x) (= pid x::pid)) procs)))
+ (define (proc->test proc)
+ (let ((t (filter (lambda (x) (eq? proc x::proc)) procs)))
(if (null? t) #f (car t))))
(define (wait)
(if (null? enqueued)
@@ -587,7 +566,7 @@
(if (null? unfinished)
(current-environment)
(let ((names (map (lambda (t) t::name) unfinished))
- (pids (map (lambda (t) t::pid) unfinished))
+ (procs (map (lambda (t) t::proc) unfinished))
(any #f))
(for-each
(lambda (test retcode)
@@ -597,8 +576,8 @@
(test::report)
(sem::release!)
(set! any #t)))
- (map pid->test pids)
- (wait-processes (map stringify names) pids hang))
+ (map proc->test procs)
+ (process-wait-list procs hang))
;; If some processes finished, try to start new ones.
(let loop ()
@@ -682,7 +661,7 @@
(define (scm setup variant name path . args)
;; Start the process.
(define (spawn-scm args' in out err)
- (spawn-process-fd `(,*argv0* ,@(verbosity (*verbose*))
+ (process-spawn-fd `(,*argv0* ,@(verbosity (*verbose*))
,(locate-test (test-name path))
,@(if setup (force setup) '())
,@args' ,@args) in out err))
@@ -691,12 +670,12 @@
(define (binary setup name path . args)
;; Start the process.
(define (spawn-binary args' in out err)
- (spawn-process-fd `(,(test-name path)
+ (process-spawn-fd `(,(test-name path)
,@(if setup (force setup) '()) ,@args' ,@args)
in out err))
(new #f name #f spawn-binary #f #f CLOSED_FD (expect-failure? name)))
- (define (new variant name directory spawn pid retcode logfd expect-failure)
+ (define (new variant name directory spawn proc retcode logfd expect-failure)
(package
;; XXX: OO glue.
@@ -721,7 +700,7 @@
;; Has the test been started yet?
(define (started?)
- (number? pid))
+ proc)
(define (open-log-file)
(unless log-file-name
@@ -738,26 +717,26 @@
(letfd ((log (open-log-file)))
(with-working-directory directory
(let* ((p (inbound-pipe))
- (pid' (spawn args 0 (:write-end p) (:write-end p))))
+ (proc' (spawn args 0 (:write-end p) (:write-end p))))
(close (:write-end p))
(splice (:read-end p) STDERR_FILENO log)
(close (:read-end p))
- (set! pid pid')
- (set! retcode (wait-process name pid' #t)))))
+ (set! proc proc')
+ (set! retcode (process-wait proc' #t)))))
(report)
(current-environment))
(define (run-sync-quiet . args)
(set-start-time!)
(with-working-directory directory
- (set! pid (spawn args CLOSED_FD CLOSED_FD CLOSED_FD)))
- (set! retcode (wait-process name pid #t))
+ (set! proc (spawn args CLOSED_FD CLOSED_FD CLOSED_FD)))
+ (set! retcode (process-wait proc #t))
(set-end-time!)
(current-environment))
(define (run-async . args)
(set-start-time!)
(let ((log (open-log-file)))
(with-working-directory directory
- (set! pid (spawn args CLOSED_FD log log)))
+ (set! proc (spawn args CLOSED_FD log log)))
(set! logfd log))
(current-environment))
(define (status)
diff --git a/tests/openpgp/defs.scm b/tests/openpgp/defs.scm
index bf3714f50..1ac25bf65 100644
--- a/tests/openpgp/defs.scm
+++ b/tests/openpgp/defs.scm
@@ -268,13 +268,14 @@
(define (gpg-pipe args0 args1 errfd)
(lambda (source sink)
(let* ((p (pipe))
- (task0 (spawn-process-fd `(,@GPG ,@args0)
+ (task0 (process-spawn-fd `(,@GPG ,@args0)
source (:write-end p) errfd))
(_ (close (:write-end p)))
- (task1 (spawn-process-fd `(,@GPG ,@args1)
+ (task1 (process-spawn-fd `(,@GPG ,@args1)
(:read-end p) sink errfd)))
(close (:read-end p))
- (wait-processes (list GPG GPG) (list task0 task1) #t))))
+ (process-wait task0 #t)
+ (process-wait task1 #t))))
(setenv "GPG_AGENT_INFO" "" #t)
(setenv "GNUPGHOME" (getcwd) #t)
diff --git a/tests/tpm2dtests/defs.scm b/tests/tpm2dtests/defs.scm
index 0fef71806..a913818f5 100644
--- a/tests/tpm2dtests/defs.scm
+++ b/tests/tpm2dtests/defs.scm
@@ -217,13 +217,14 @@
(define (gpg-pipe args0 args1 errfd)
(lambda (source sink)
(let* ((p (pipe))
- (task0 (spawn-process-fd `(,@GPG ,@args0)
+ (task0 (process-spawn-fd `(,@GPG ,@args0)
source (:write-end p) errfd))
(_ (close (:write-end p)))
- (task1 (spawn-process-fd `(,@GPG ,@args1)
+ (task1 (process-spawn-fd `(,@GPG ,@args1)
(:read-end p) sink errfd)))
(close (:read-end p))
- (wait-processes (list GPG GPG) (list task0 task1) #t))))
+ (process-wait task0 #t)
+ (process-wait task1 #t))))
;;
;; Do we have a software tpm
diff --git a/tools/call-dirmngr.c b/tools/call-dirmngr.c
index c0ddcf568..d85801530 100644
--- a/tools/call-dirmngr.c
+++ b/tools/call-dirmngr.c
@@ -65,7 +65,8 @@ connect_dirmngr (assuan_context_t *r_ctx)
err = start_new_dirmngr (&ctx,
GPG_ERR_SOURCE_DEFAULT,
NULL,
- opt.autostart, opt.verbose, opt.debug_ipc,
+ opt.autostart?ASSHELP_FLAG_AUTOSTART:0,
+ opt.verbose, opt.debug_ipc,
NULL, NULL);
if (!opt.autostart && gpg_err_code (err) == GPG_ERR_NO_DIRMNGR)
{
diff --git a/tools/card-call-scd.c b/tools/card-call-scd.c
index f6ce565c3..f8557e32b 100644
--- a/tools/card-call-scd.c
+++ b/tools/card-call-scd.c
@@ -306,7 +306,8 @@ start_agent (unsigned int flags)
opt.agent_program,
opt.lc_ctype, opt.lc_messages,
opt.session_env,
- opt.autostart, opt.verbose, DBG_IPC,
+ opt.autostart?ASSHELP_FLAG_AUTOSTART:0,
+ opt.verbose, DBG_IPC,
NULL, NULL);
if (!opt.autostart && gpg_err_code (err) == GPG_ERR_NO_AGENT)
{
diff --git a/tools/gpg-auth.c b/tools/gpg-auth.c
index f433ba220..a818bee5d 100644
--- a/tools/gpg-auth.c
+++ b/tools/gpg-auth.c
@@ -396,7 +396,7 @@ start_agent (assuan_context_t *ctx_p)
opt.agent_program,
NULL, NULL,
session_env,
- opt.autostart,
+ opt.autostart?ASSHELP_FLAG_AUTOSTART:0,
!opt.quiet, 0,
NULL, NULL);
diff --git a/tools/gpg-card.c b/tools/gpg-card.c
index 22b95d0d7..8c9a26090 100644
--- a/tools/gpg-card.c
+++ b/tools/gpg-card.c
@@ -2218,13 +2218,15 @@ cmd_writecert (card_info_t info, char *argstr)
&& ascii_memistr (data, datalen, "-----END CERTIFICATE-----")
&& !memchr (data, 0, datalen) && !memchr (data, 1, datalen))
{
- struct b64state b64;
+ gpgrt_b64state_t b64;
- err = b64dec_start (&b64, "");
- if (!err)
- err = b64dec_proc (&b64, data, datalen, &datalen);
+ b64 = gpgrt_b64dec_start ("");
+ if (!b64)
+ err = gpg_error_from_syserror ();
+ else
+ err = gpgrt_b64dec_proc (b64, data, datalen, &datalen);
if (!err)
- err = b64dec_finish (&b64);
+ err = gpgrt_b64dec_finish (b64);
if (err)
goto leave;
}
@@ -3779,7 +3781,7 @@ cmd_gpg (card_info_t info, char *argstr, int use_gpgsm)
char **argarray;
ccparray_t ccp;
const char **argv = NULL;
- pid_t pid;
+ gnupg_process_t proc;
int i;
if (!info)
@@ -3807,15 +3809,15 @@ cmd_gpg (card_info_t info, char *argstr, int use_gpgsm)
goto leave;
}
- err = gnupg_spawn_process (use_gpgsm? opt.gpgsm_program:opt.gpg_program,
- argv, NULL, (GNUPG_SPAWN_KEEP_STDOUT
- |GNUPG_SPAWN_KEEP_STDERR),
- NULL, NULL, NULL, &pid);
+ err = gnupg_process_spawn (use_gpgsm? opt.gpgsm_program:opt.gpg_program,
+ argv,
+ (GNUPG_PROCESS_STDOUT_KEEP
+ | GNUPG_PROCESS_STDERR_KEEP),
+ NULL, NULL, &proc);
if (!err)
{
- err = gnupg_wait_process (use_gpgsm? opt.gpgsm_program:opt.gpg_program,
- pid, 1, NULL);
- gnupg_release_process (pid);
+ err = gnupg_process_wait (proc, 1);
+ gnupg_process_release (proc);
}
diff --git a/tools/gpg-connect-agent.c b/tools/gpg-connect-agent.c
index cf4e64e2b..577b12575 100644
--- a/tools/gpg-connect-agent.c
+++ b/tools/gpg-connect-agent.c
@@ -898,8 +898,10 @@ static void
do_sendfd (assuan_context_t ctx, char *line)
{
estream_t fp;
- char *name, *mode, *p;
- int rc, fd;
+ char *name, *p;
+ int rc;
+ char mode[32];
+ es_syshd_t hd;
/* Get file name. */
name = line;
@@ -911,17 +913,25 @@ do_sendfd (assuan_context_t ctx, char *line)
p++;
/* Get mode. */
- mode = p;
- if (!*mode)
- mode = "r";
+ if (!*p)
+ {
+ mode[0] = 'r';
+ mode[1] = 0;
+ p = &mode[1];
+ }
else
{
- for (p=mode; *p && !spacep (p); p++)
- ;
- if (*p)
- *p++ = 0;
+ int i;
+ for (i = 0; *p && !spacep (p); p++)
+ mode[i++] = *p;
+ mode[i] = 0;
+ p = &mode[i];
}
+#ifdef HAVE_W32_SYSTEM
+ strcpy (p, ",sysopen");
+#endif
+
/* Open and send. */
fp = es_fopen (name, mode);
if (!fp)
@@ -930,15 +940,30 @@ do_sendfd (assuan_context_t ctx, char *line)
name, mode, strerror (errno));
return;
}
- fd = es_fileno (fp);
+ es_syshd (fp, &hd);
+
+#ifdef HAVE_W32_SYSTEM
+ if (opt.verbose)
+ log_error ("file '%s' opened in \"%s\" mode, fd=%p\n",
+ name, mode, hd.u.handle);
+#else
if (opt.verbose)
log_error ("file '%s' opened in \"%s\" mode, fd=%d\n",
- name, mode, fd);
+ name, mode, hd.u.fd);
+#endif
- rc = assuan_sendfd (ctx, INT2FD (fd) );
+#ifdef HAVE_W32_SYSTEM
+ rc = assuan_sendfd (ctx, hd.u.handle);
+ if (rc)
+ log_error ("sending descriptor %p failed: %s\n", hd.u.handle,
+ gpg_strerror (rc));
+#else
+ rc = assuan_sendfd (ctx, hd.u.fd);
if (rc)
- log_error ("sending descriptor %d failed: %s\n", fd, gpg_strerror (rc));
+ log_error ("sending descriptor %d failed: %s\n", hd.u.fd,
+ gpg_strerror (rc));
+#endif
es_fclose (fp);
}
@@ -1013,8 +1038,9 @@ do_open (char *line)
#if defined(HAVE_W32_SYSTEM)
{
HANDLE prochandle, handle, newhandle;
+ char numbuf[35];
- handle = (void*)_get_osfhandle (fd);
+ handle = (HANDLE)_get_osfhandle (fd);
prochandle = OpenProcess (PROCESS_DUP_HANDLE, FALSE, server_pid);
if (!prochandle)
@@ -1035,11 +1061,13 @@ do_open (char *line)
}
CloseHandle (prochandle);
open_fd_table[fd].handle = newhandle;
+
+ snprintf (numbuf, sizeof numbuf, "%p", open_fd_table[fd].handle);
+ set_var (varname, numbuf);
}
if (opt.verbose)
- log_info ("file '%s' opened in \"%s\" mode, fd=%d (libc=%d)\n",
- name, mode, (int)open_fd_table[fd].handle, fd);
- set_int_var (varname, (int)open_fd_table[fd].handle);
+ log_info ("file '%s' opened in \"%s\" mode, fd=%p (libc=%d)\n",
+ name, mode, open_fd_table[fd].handle, fd);
#else /* Unix */
if (opt.verbose)
log_info ("file '%s' opened in \"%s\" mode, fd=%d\n",
@@ -1060,13 +1088,28 @@ do_open (char *line)
static void
do_close (char *line)
{
- int fd = atoi (line);
+ int fd;
#ifdef HAVE_W32_SYSTEM
int i;
+ gpg_error_t err;
+ es_syshd_t syshd;
+
+ err = gnupg_parse_fdstr (line, &syshd);
+ if (err)
+ {
+ log_error ("given fd (system handle) is not valid\n");
+ return;
+ }
+
+ if (syshd.type == ES_SYSHD_FD)
+ {
+ log_error ("given fd is stdin/out/err\n");
+ return;
+ }
for (i=0; i < DIM (open_fd_table); i++)
- if ( open_fd_table[i].inuse && open_fd_table[i].handle == (void*)fd)
+ if (open_fd_table[i].inuse && open_fd_table[i].handle == syshd.u.handle)
break;
if (i < DIM (open_fd_table))
fd = i;
@@ -1075,6 +1118,8 @@ do_close (char *line)
log_error ("given fd (system handle) has not been opened\n");
return;
}
+#else
+ fd = atoi (line);
#endif
if (fd < 0 || fd >= DIM (open_fd_table))
@@ -1105,7 +1150,7 @@ do_showopen (void)
if (open_fd_table[i].inuse)
{
#ifdef HAVE_W32_SYSTEM
- printf ("%-15d (libc=%d)\n", (int)open_fd_table[i].handle, i);
+ printf ("%p (libc=%d)\n", open_fd_table[i].handle, i);
#else
printf ("%-15d\n", i);
#endif
@@ -2302,14 +2347,14 @@ start_agent (void)
err = start_new_dirmngr (&ctx,
GPG_ERR_SOURCE_DEFAULT,
opt.dirmngr_program,
- opt.autostart,
+ opt.autostart?ASSHELP_FLAG_AUTOSTART:0,
!opt.quiet, 0,
NULL, NULL);
else if (opt.use_keyboxd)
err = start_new_keyboxd (&ctx,
GPG_ERR_SOURCE_DEFAULT,
opt.keyboxd_program,
- opt.autostart,
+ opt.autostart?ASSHELP_FLAG_AUTOSTART:0,
!opt.quiet, 0,
NULL, NULL);
else
@@ -2318,7 +2363,7 @@ start_agent (void)
opt.agent_program,
NULL, NULL,
session_env,
- opt.autostart,
+ opt.autostart?ASSHELP_FLAG_AUTOSTART:0,
!opt.quiet, 0,
NULL, NULL);
diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c
index 90f2f53d3..d6aa9d61b 100644
--- a/tools/gpgconf-comp.c
+++ b/tools/gpgconf-comp.c
@@ -744,7 +744,7 @@ gpg_agent_runtime_change (int killflag)
gpg_error_t err = 0;
const char *pgmname;
const char *argv[5];
- pid_t pid = (pid_t)(-1);
+ gnupg_process_t proc = NULL;
int i = 0;
int cmdidx;
@@ -761,13 +761,13 @@ gpg_agent_runtime_change (int killflag)
log_assert (i < DIM(argv));
if (!err)
- err = gnupg_spawn_process_fd (pgmname, argv, -1, -1, -1, &pid);
+ err = gnupg_process_spawn (pgmname, argv, 0, NULL, NULL, &proc);
if (!err)
- err = gnupg_wait_process (pgmname, pid, 1, NULL);
+ err = gnupg_process_wait (proc, 1);
if (err)
gc_error (0, 0, "error running '%s %s': %s",
pgmname, argv[cmdidx], gpg_strerror (err));
- gnupg_release_process (pid);
+ gnupg_process_release (proc);
}
@@ -777,7 +777,7 @@ scdaemon_runtime_change (int killflag)
gpg_error_t err = 0;
const char *pgmname;
const char *argv[9];
- pid_t pid = (pid_t)(-1);
+ gnupg_process_t proc = NULL;
int i = 0;
int cmdidx;
@@ -805,13 +805,13 @@ scdaemon_runtime_change (int killflag)
log_assert (i < DIM(argv));
if (!err)
- err = gnupg_spawn_process_fd (pgmname, argv, -1, -1, -1, &pid);
+ err = gnupg_process_spawn (pgmname, argv, 0, NULL, NULL, &proc);
if (!err)
- err = gnupg_wait_process (pgmname, pid, 1, NULL);
+ err = gnupg_process_wait (proc, 1);
if (err)
gc_error (0, 0, "error running '%s %s': %s",
pgmname, argv[cmdidx], gpg_strerror (err));
- gnupg_release_process (pid);
+ gnupg_process_release (proc);
}
@@ -822,7 +822,7 @@ tpm2daemon_runtime_change (int killflag)
gpg_error_t err = 0;
const char *pgmname;
const char *argv[9];
- pid_t pid = (pid_t)(-1);
+ gnupg_process_t proc = NULL;
int i = 0;
int cmdidx;
@@ -850,13 +850,13 @@ tpm2daemon_runtime_change (int killflag)
log_assert (i < DIM(argv));
if (!err)
- err = gnupg_spawn_process_fd (pgmname, argv, -1, -1, -1, &pid);
+ err = gnupg_process_spawn (pgmname, argv, 0, NULL, NULL, &proc);
if (!err)
- err = gnupg_wait_process (pgmname, pid, 1, NULL);
+ err = gnupg_process_wait (proc, 1);
if (err)
gc_error (0, 0, "error running '%s %s': %s",
pgmname, argv[cmdidx], gpg_strerror (err));
- gnupg_release_process (pid);
+ gnupg_process_release (proc);
}
#endif
@@ -867,7 +867,7 @@ dirmngr_runtime_change (int killflag)
gpg_error_t err = 0;
const char *pgmname;
const char *argv[6];
- pid_t pid = (pid_t)(-1);
+ gnupg_process_t proc = NULL;
int i = 0;
int cmdidx;
@@ -885,13 +885,13 @@ dirmngr_runtime_change (int killflag)
log_assert (i < DIM(argv));
if (!err)
- err = gnupg_spawn_process_fd (pgmname, argv, -1, -1, -1, &pid);
+ err = gnupg_process_spawn (pgmname, argv, 0, NULL, NULL, &proc);
if (!err)
- err = gnupg_wait_process (pgmname, pid, 1, NULL);
+ err = gnupg_process_wait (proc, 1);
if (err)
gc_error (0, 0, "error running '%s %s': %s",
pgmname, argv[cmdidx], gpg_strerror (err));
- gnupg_release_process (pid);
+ gnupg_process_release (proc);
}
@@ -901,7 +901,7 @@ keyboxd_runtime_change (int killflag)
gpg_error_t err = 0;
const char *pgmname;
const char *argv[6];
- pid_t pid = (pid_t)(-1);
+ gnupg_process_t proc = NULL;
int i = 0;
int cmdidx;
@@ -919,13 +919,13 @@ keyboxd_runtime_change (int killflag)
log_assert (i < DIM(argv));
if (!err)
- err = gnupg_spawn_process_fd (pgmname, argv, -1, -1, -1, &pid);
+ err = gnupg_process_spawn (pgmname, argv, 0, NULL, NULL, &proc);
if (!err)
- err = gnupg_wait_process (pgmname, pid, 1, NULL);
+ err = gnupg_process_wait (proc, 1);
if (err)
gc_error (0, 0, "error running '%s %s': %s",
pgmname, argv[cmdidx], gpg_strerror (err));
- gnupg_release_process (pid);
+ gnupg_process_release (proc);
}
@@ -937,7 +937,7 @@ gc_component_launch (int component)
const char *pgmname;
const char *argv[6];
int i;
- pid_t pid;
+ gnupg_process_t proc = NULL;
if (component < 0)
{
@@ -985,9 +985,9 @@ gc_component_launch (int component)
argv[i] = NULL;
log_assert (i < DIM(argv));
- err = gnupg_spawn_process_fd (pgmname, argv, -1, -1, -1, &pid);
+ err = gnupg_process_spawn (pgmname, argv, 0, NULL, NULL, &proc);
if (!err)
- err = gnupg_wait_process (pgmname, pid, 1, NULL);
+ err = gnupg_process_wait (proc, 1);
if (err)
gc_error (0, 0, "error running '%s%s%s': %s",
pgmname,
@@ -995,7 +995,7 @@ gc_component_launch (int component)
: component == GC_COMPONENT_KEYBOXD? " --keyboxd":"",
" NOP",
gpg_strerror (err));
- gnupg_release_process (pid);
+ gnupg_process_release (proc);
return err;
}
@@ -1336,8 +1336,7 @@ gc_component_check_options (int component, estream_t out, const char *conf_file)
const char *pgmname;
const char *argv[6];
int i;
- pid_t pid;
- int exitcode;
+ gnupg_process_t proc;
estream_t errfp;
error_line_t errlines;
@@ -1370,22 +1369,28 @@ gc_component_check_options (int component, estream_t out, const char *conf_file)
result = 0;
errlines = NULL;
- err = gnupg_spawn_process (pgmname, argv, NULL, 0,
- NULL, NULL, &errfp, &pid);
+ err = gnupg_process_spawn (pgmname, argv,
+ GNUPG_PROCESS_STDERR_PIPE,
+ NULL, NULL, &proc);
if (err)
result |= 1; /* Program could not be run. */
else
{
+ gnupg_process_get_streams (proc, 0, NULL, NULL, &errfp);
errlines = collect_error_output (errfp,
gc_component[component].name);
- if (gnupg_wait_process (pgmname, pid, 1, &exitcode))
+ if (!gnupg_process_wait (proc, 1))
{
+ int exitcode;
+
+ gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &exitcode);
if (exitcode == -1)
result |= 1; /* Program could not be run or it
terminated abnormally. */
- result |= 2; /* Program returned an error. */
+ else if (exitcode)
+ result |= 2; /* Program returned an error. */
}
- gnupg_release_process (pid);
+ gnupg_process_release (proc);
es_fclose (errfp);
}
@@ -1725,8 +1730,7 @@ retrieve_options_from_program (gc_component_id_t component, int only_installed)
const char *pgmname;
const char *argv[2];
estream_t outfp;
- int exitcode;
- pid_t pid;
+ gnupg_process_t proc;
known_option_t *known_option;
gc_option_t *option;
char *line = NULL;
@@ -1759,14 +1763,17 @@ retrieve_options_from_program (gc_component_id_t component, int only_installed)
/* First we need to read the option table from the program. */
argv[0] = "--dump-option-table";
argv[1] = NULL;
- err = gnupg_spawn_process (pgmname, argv, NULL, 0,
- NULL, &outfp, NULL, &pid);
+ err = gnupg_process_spawn (pgmname, argv,
+ GNUPG_PROCESS_STDOUT_PIPE,
+ NULL, NULL, &proc);
if (err)
{
gc_error (1, 0, "could not gather option table from '%s': %s",
pgmname, gpg_strerror (err));
}
+ gnupg_process_get_streams (proc, 0, NULL, &outfp, NULL);
+
read_line_parm.pgmname = pgmname;
read_line_parm.fp = outfp;
read_line_parm.line = line;
@@ -1925,12 +1932,17 @@ retrieve_options_from_program (gc_component_id_t component, int only_installed)
line_len = read_line_parm.line_len;
log_assert (opt_table_used + pseudo_count == opt_info_used);
+ err = gnupg_process_wait (proc, 1);
+ if (!err)
+ {
+ int exitcode;
- err = gnupg_wait_process (pgmname, pid, 1, &exitcode);
- if (err)
- gc_error (1, 0, "running %s failed (exitcode=%d): %s",
- pgmname, exitcode, gpg_strerror (err));
- gnupg_release_process (pid);
+ gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &exitcode);
+ if (exitcode)
+ gc_error (1, 0, "running %s failed (exitcode=%d): %s",
+ pgmname, exitcode, gpg_strerror (err));
+ }
+ gnupg_process_release (proc);
/* Make the gpgrt option table and the internal option table available. */
gc_component[component].opt_table = opt_table;
@@ -1940,14 +1952,17 @@ retrieve_options_from_program (gc_component_id_t component, int only_installed)
/* Now read the default options. */
argv[0] = "--gpgconf-list";
argv[1] = NULL;
- err = gnupg_spawn_process (pgmname, argv, NULL, 0,
- NULL, &outfp, NULL, &pid);
+ err = gnupg_process_spawn (pgmname, argv,
+ GNUPG_PROCESS_STDOUT_PIPE,
+ NULL, NULL, &proc);
if (err)
{
gc_error (1, 0, "could not gather active options from '%s': %s",
pgmname, gpg_strerror (err));
}
+ gnupg_process_get_streams (proc, 0, NULL, &outfp, NULL);
+
while ((length = es_read_line (outfp, &line, &line_len, NULL)) > 0)
{
char *linep;
@@ -2030,11 +2045,17 @@ retrieve_options_from_program (gc_component_id_t component, int only_installed)
if (es_fclose (outfp))
gc_error (1, errno, "error closing %s", pgmname);
- err = gnupg_wait_process (pgmname, pid, 1, &exitcode);
- if (err)
- gc_error (1, 0, "running %s failed (exitcode=%d): %s",
- pgmname, exitcode, gpg_strerror (err));
- gnupg_release_process (pid);
+ err = gnupg_process_wait (proc, 1);
+ if (!err)
+ {
+ int exitcode;
+
+ gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &exitcode);
+ if (exitcode)
+ gc_error (1, 0, "running %s failed (exitcode=%d): %s",
+ pgmname, exitcode, gpg_strerror (err));
+ }
+ gnupg_process_release (proc);
/* At this point, we can parse the configuration file. */
diff --git a/tools/gpgconf.c b/tools/gpgconf.c
index 6a5add42b..22569a870 100644
--- a/tools/gpgconf.c
+++ b/tools/gpgconf.c
@@ -1275,17 +1275,17 @@ show_versions_via_dirmngr (estream_t fp)
const char *pgmname;
const char *argv[2];
estream_t outfp;
- pid_t pid;
+ gnupg_process_t proc;
char *line = NULL;
size_t line_len = 0;
ssize_t length;
- int exitcode;
pgmname = gnupg_module_name (GNUPG_MODULE_NAME_DIRMNGR);
argv[0] = "--gpgconf-versions";
argv[1] = NULL;
- err = gnupg_spawn_process (pgmname, argv, NULL, 0,
- NULL, &outfp, NULL, &pid);
+ err = gnupg_process_spawn (pgmname, argv,
+ GNUPG_PROCESS_STDOUT_PIPE,
+ NULL, NULL, &proc);
if (err)
{
log_error ("error spawning %s: %s", pgmname, gpg_strerror (err));
@@ -1293,6 +1293,7 @@ show_versions_via_dirmngr (estream_t fp)
return;
}
+ gnupg_process_get_streams (proc, 0, NULL, &outfp, NULL);
while ((length = es_read_line (outfp, &line, &line_len, NULL)) > 0)
{
/* Strip newline and carriage return, if present. */
@@ -1313,14 +1314,17 @@ show_versions_via_dirmngr (estream_t fp)
pgmname, gpg_strerror (err));
}
- err = gnupg_wait_process (pgmname, pid, 1, &exitcode);
- if (err)
+ err = gnupg_process_wait (proc, 1);
+ if (!err)
{
+ int exitcode;
+
+ gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &exitcode);
log_error ("running %s failed (exitcode=%d): %s\n",
pgmname, exitcode, gpg_strerror (err));
es_fprintf (fp, "[error: can't get further info]\n");
}
- gnupg_release_process (pid);
+ gnupg_process_release (proc);
xfree (line);
}
diff --git a/tools/gpgtar-create.c b/tools/gpgtar-create.c
index 0994322ea..7af5a2ede 100644
--- a/tools/gpgtar-create.c
+++ b/tools/gpgtar-create.c
@@ -1069,7 +1069,7 @@ gpgtar_create (char **inpattern, const char *files_from, int null_names,
estream_t files_from_stream = NULL;
estream_t outstream = NULL;
int eof_seen = 0;
- pid_t pid = (pid_t)(-1);
+ gnupg_process_t proc = NULL;
unsigned int skipped_open = 0;
memset (scanctrl, 0, sizeof *scanctrl);
@@ -1228,7 +1228,11 @@ gpgtar_create (char **inpattern, const char *files_from, int null_names,
{
strlist_t arg;
ccparray_t ccp;
+#ifdef HAVE_W32_SYSTEM
+ HANDLE except[2] = { INVALID_HANDLE_VALUE, INVALID_HANDLE_VALUE };
+#else
int except[2] = { -1, -1 };
+#endif
const char **argv;
/* '--encrypt' may be combined with '--symmetric', but 'encrypt'
@@ -1246,13 +1250,19 @@ gpgtar_create (char **inpattern, const char *files_from, int null_names,
ccparray_put (&ccp, "--no");
if (opt.require_compliance)
ccparray_put (&ccp, "--require-compliance");
- if (opt.status_fd != -1)
+ if (opt.status_fd)
{
static char tmpbuf[40];
+ es_syshd_t hd;
- snprintf (tmpbuf, sizeof tmpbuf, "--status-fd=%d", opt.status_fd);
+ snprintf (tmpbuf, sizeof tmpbuf, "--status-fd=%s", opt.status_fd);
ccparray_put (&ccp, tmpbuf);
- except[0] = opt.status_fd;
+ es_syshd (opt.status_stream, &hd);
+#ifdef HAVE_W32_SYSTEM
+ except[0] = hd.u.handle;
+#else
+ except[0] = hd.u.fd;
+#endif
}
ccparray_put (&ccp, "--output");
@@ -1286,14 +1296,15 @@ gpgtar_create (char **inpattern, const char *files_from, int null_names,
goto leave;
}
- err = gnupg_spawn_process (opt.gpg_program, argv,
- except[0] == -1? NULL : except,
- (GNUPG_SPAWN_KEEP_STDOUT
- | GNUPG_SPAWN_KEEP_STDERR),
- &outstream, NULL, NULL, &pid);
+ err = gnupg_process_spawn (opt.gpg_program, argv,
+ (GNUPG_PROCESS_STDIN_PIPE
+ | GNUPG_PROCESS_STDOUT_KEEP
+ | GNUPG_PROCESS_STDERR_KEEP),
+ gnupg_spawn_helper, except, &proc);
xfree (argv);
if (err)
goto leave;
+ gnupg_process_get_streams (proc, 0, &outstream, NULL, NULL);
es_set_binary (outstream);
}
else if (opt.outfile) /* No crypto */
@@ -1332,23 +1343,25 @@ gpgtar_create (char **inpattern, const char *files_from, int null_names,
write_progress (1, global_written_files, global_total_files);
write_progress (0, global_written_data, global_total_data);
- if (pid != (pid_t)(-1))
+ if (proc)
{
- int exitcode;
-
err = es_fclose (outstream);
outstream = NULL;
if (err)
log_error ("error closing pipe: %s\n", gpg_strerror (err));
- else
+
+ err = gnupg_process_wait (proc, 1);
+ if (!err)
{
- err = gnupg_wait_process (opt.gpg_program, pid, 1, &exitcode);
- if (err)
+ int exitcode;
+
+ gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &exitcode);
+ if (exitcode)
log_error ("running %s failed (exitcode=%d): %s",
opt.gpg_program, exitcode, gpg_strerror (err));
- gnupg_release_process (pid);
- pid = (pid_t)(-1);
}
+ gnupg_process_release (proc);
+ proc = NULL;
}
if (skipped_open)
@@ -1361,7 +1374,7 @@ gpgtar_create (char **inpattern, const char *files_from, int null_names,
if (!err)
{
gpg_error_t first_err;
- if (outstream != es_stdout || pid != (pid_t)(-1))
+ if (outstream != es_stdout)
first_err = es_fclose (outstream);
else
first_err = es_fflush (outstream);
diff --git a/tools/gpgtar-extract.c b/tools/gpgtar-extract.c
index 936d03e3e..87113b054 100644
--- a/tools/gpgtar-extract.c
+++ b/tools/gpgtar-extract.c
@@ -339,7 +339,7 @@ gpgtar_extract (const char *filename, int decrypt)
char *dirname = NULL;
struct tarinfo_s tarinfo_buffer;
tarinfo_t tarinfo = &tarinfo_buffer;
- pid_t pid = (pid_t)(-1);
+ gnupg_process_t proc;
char *logfilename = NULL;
unsigned long long notextracted;
@@ -384,7 +384,11 @@ gpgtar_extract (const char *filename, int decrypt)
{
strlist_t arg;
ccparray_t ccp;
+#ifdef HAVE_W32_SYSTEM
+ HANDLE except[2] = { INVALID_HANDLE_VALUE, INVALID_HANDLE_VALUE };
+#else
int except[2] = { -1, -1 };
+#endif
const char **argv;
ccparray_init (&ccp, 0);
@@ -392,13 +396,19 @@ gpgtar_extract (const char *filename, int decrypt)
ccparray_put (&ccp, "--batch");
if (opt.require_compliance)
ccparray_put (&ccp, "--require-compliance");
- if (opt.status_fd != -1)
+ if (opt.status_fd)
{
static char tmpbuf[40];
+ es_syshd_t hd;
- snprintf (tmpbuf, sizeof tmpbuf, "--status-fd=%d", opt.status_fd);
+ snprintf (tmpbuf, sizeof tmpbuf, "--status-fd=%s", opt.status_fd);
ccparray_put (&ccp, tmpbuf);
- except[0] = opt.status_fd;
+ es_syshd (opt.status_stream, &hd);
+#ifdef HAVE_W32_SYSTEM
+ except[0] = hd.u.handle;
+#else
+ except[0] = hd.u.fd;
+#endif
}
if (opt.with_log)
{
@@ -425,14 +435,14 @@ gpgtar_extract (const char *filename, int decrypt)
goto leave;
}
- err = gnupg_spawn_process (opt.gpg_program, argv,
- except[0] == -1? NULL : except,
- ((filename? 0 : GNUPG_SPAWN_KEEP_STDIN)
- | GNUPG_SPAWN_KEEP_STDERR),
- NULL, &stream, NULL, &pid);
+ err = gnupg_process_spawn (opt.gpg_program, argv,
+ ((filename ? 0 : GNUPG_PROCESS_STDIN_KEEP)
+ | GNUPG_PROCESS_STDOUT_PIPE),
+ gnupg_spawn_helper, except, &proc);
xfree (argv);
if (err)
goto leave;
+ gnupg_process_get_streams (proc, 0, NULL, &stream, NULL);
es_set_binary (stream);
}
else if (filename)
@@ -472,23 +482,25 @@ gpgtar_extract (const char *filename, int decrypt)
header = NULL;
}
- if (pid != (pid_t)(-1))
+ if (proc)
{
- int exitcode;
-
err = es_fclose (stream);
stream = NULL;
if (err)
log_error ("error closing pipe: %s\n", gpg_strerror (err));
- else
+
+ err = gnupg_process_wait (proc, 1);
+ if (!err)
{
- err = gnupg_wait_process (opt.gpg_program, pid, 1, &exitcode);
- if (err)
+ int exitcode;
+
+ gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &exitcode);
+ if (exitcode)
log_error ("running %s failed (exitcode=%d): %s",
opt.gpg_program, exitcode, gpg_strerror (err));
- gnupg_release_process (pid);
- pid = (pid_t)(-1);
}
+ gnupg_process_release (proc);
+ proc = NULL;
}
leave:
diff --git a/tools/gpgtar-list.c b/tools/gpgtar-list.c
index c5bf25825..0c5e474f3 100644
--- a/tools/gpgtar-list.c
+++ b/tools/gpgtar-list.c
@@ -460,7 +460,7 @@ gpgtar_list (const char *filename, int decrypt)
strlist_t extheader = NULL;
struct tarinfo_s tarinfo_buffer;
tarinfo_t tarinfo = &tarinfo_buffer;
- pid_t pid = (pid_t)(-1);
+ gnupg_process_t proc = NULL;
memset (&tarinfo_buffer, 0, sizeof tarinfo_buffer);
@@ -468,7 +468,11 @@ gpgtar_list (const char *filename, int decrypt)
{
strlist_t arg;
ccparray_t ccp;
+#ifdef HAVE_W32_SYSTEM
+ HANDLE except[2] = { INVALID_HANDLE_VALUE, INVALID_HANDLE_VALUE };
+#else
int except[2] = { -1, -1 };
+#endif
const char **argv;
ccparray_init (&ccp, 0);
@@ -476,13 +480,19 @@ gpgtar_list (const char *filename, int decrypt)
ccparray_put (&ccp, "--batch");
if (opt.require_compliance)
ccparray_put (&ccp, "--require-compliance");
- if (opt.status_fd != -1)
+ if (opt.status_fd)
{
static char tmpbuf[40];
+ es_syshd_t hd;
- snprintf (tmpbuf, sizeof tmpbuf, "--status-fd=%d", opt.status_fd);
+ snprintf (tmpbuf, sizeof tmpbuf, "--status-fd=%s", opt.status_fd);
ccparray_put (&ccp, tmpbuf);
- except[0] = opt.status_fd;
+ es_syshd (opt.status_stream, &hd);
+#ifdef HAVE_W32_SYSTEM
+ except[0] = hd.u.handle;
+#else
+ except[0] = hd.u.fd;
+#endif
}
ccparray_put (&ccp, "--output");
ccparray_put (&ccp, "-");
@@ -503,14 +513,14 @@ gpgtar_list (const char *filename, int decrypt)
goto leave;
}
- err = gnupg_spawn_process (opt.gpg_program, argv,
- except[0] == -1? NULL : except,
- ((filename? 0 : GNUPG_SPAWN_KEEP_STDIN)
- | GNUPG_SPAWN_KEEP_STDERR),
- NULL, &stream, NULL, &pid);
+ err = gnupg_process_spawn (opt.gpg_program, argv,
+ ((filename ? 0 : GNUPG_PROCESS_STDIN_KEEP)
+ | GNUPG_PROCESS_STDOUT_PIPE),
+ gnupg_spawn_helper, except, &proc);
xfree (argv);
if (err)
goto leave;
+ gnupg_process_get_streams (proc, 0, NULL, &stream, NULL);
es_set_binary (stream);
}
else if (filename) /* No decryption requested. */
@@ -550,23 +560,24 @@ gpgtar_list (const char *filename, int decrypt)
header = NULL;
}
- if (pid != (pid_t)(-1))
+ if (proc)
{
- int exitcode;
-
err = es_fclose (stream);
stream = NULL;
if (err)
log_error ("error closing pipe: %s\n", gpg_strerror (err));
- else
+
+ err = gnupg_process_wait (proc, 1);
+ if (!err)
{
- err = gnupg_wait_process (opt.gpg_program, pid, 1, &exitcode);
- if (err)
- log_error ("running %s failed (exitcode=%d): %s",
- opt.gpg_program, exitcode, gpg_strerror (err));
- gnupg_release_process (pid);
- pid = (pid_t)(-1);
+ int exitcode;
+
+ gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &exitcode);
+ log_error ("running %s failed (exitcode=%d): %s",
+ opt.gpg_program, exitcode, gpg_strerror (err));
}
+ gnupg_process_release (proc);
+ proc = NULL;
}
leave:
diff --git a/tools/gpgtar.c b/tools/gpgtar.c
index ea1e1e751..f93ba2e65 100644
--- a/tools/gpgtar.c
+++ b/tools/gpgtar.c
@@ -127,7 +127,7 @@ static gpgrt_opt_t opts[] = {
ARGPARSE_s_n (oBatch, "batch", "@"),
ARGPARSE_s_n (oAnswerYes, "yes", "@"),
ARGPARSE_s_n (oAnswerNo, "no", "@"),
- ARGPARSE_s_i (oStatusFD, "status-fd", "@"),
+ ARGPARSE_s_s (oStatusFD, "status-fd", "@"),
ARGPARSE_s_n (oRequireCompliance, "require-compliance", "@"),
ARGPARSE_s_n (oWithLog, "with-log", "@"),
@@ -398,7 +398,7 @@ parse_arguments (gpgrt_argparse_t *pargs, gpgrt_opt_t *popts)
case oBatch: opt.batch = 1; break;
case oAnswerYes: opt.answer_yes = 1; break;
case oAnswerNo: opt.answer_no = 1; break;
- case oStatusFD: opt.status_fd = pargs->r.ret_int; break;
+ case oStatusFD: opt.status_fd = pargs->r.ret_str; break;
case oRequireCompliance: opt.require_compliance = 1; break;
case oWithLog: opt.with_log = 1; break;
@@ -480,7 +480,7 @@ main (int argc, char **argv)
log_assert (sizeof (struct ustar_raw_header) == 512);
/* Set default options */
- opt.status_fd = -1;
+ opt.status_fd = NULL;
/* The configuraton directories for use by gpgrt_argparser. */
gpgrt_set_confdir (GPGRT_CONFDIR_SYS, gnupg_sysconfdir ());
@@ -512,31 +512,32 @@ main (int argc, char **argv)
/* Set status stream for our own use of --status-fd. The original
* status fd is passed verbatim to gpg. */
- if (opt.status_fd != -1)
+ if (opt.status_fd)
{
- int fd = translate_sys2libc_fd_int (opt.status_fd, 1);
+ es_syshd_t syshd;
- if (!gnupg_fd_valid (fd))
- log_fatal ("status-fd is invalid: %s\n", strerror (errno));
+ err = gnupg_parse_fdstr (opt.status_fd, &syshd);
+ if (err)
+ log_fatal ("status-fd is invalid: %s\n", gpg_strerror (err));
- if (fd == 1)
+ if (syshd.type == ES_SYSHD_FD && syshd.u.fd == 1)
{
opt.status_stream = es_stdout;
if (!skip_crypto)
log_fatal ("using stdout for the status-fd is not possible\n");
}
- else if (fd == 2)
+ else if (syshd.type == ES_SYSHD_FD && syshd.u.fd == 2)
opt.status_stream = es_stderr;
else
{
- opt.status_stream = es_fdopen (fd, "w");
+ opt.status_stream = es_sysopen (&syshd, "w");
if (opt.status_stream)
es_setvbuf (opt.status_stream, NULL, _IOLBF, 0);
}
if (!opt.status_stream)
{
- log_fatal ("can't open fd %d for status output: %s\n",
- fd, strerror (errno));
+ log_fatal ("can't open fd %s for status output: %s\n",
+ opt.status_fd, strerror (errno));
}
}
diff --git a/tools/gpgtar.h b/tools/gpgtar.h
index d86010476..4e36deaeb 100644
--- a/tools/gpgtar.h
+++ b/tools/gpgtar.h
@@ -45,7 +45,7 @@ struct
int batch;
int answer_yes;
int answer_no;
- int status_fd;
+ const char *status_fd;
estream_t status_stream;
int require_compliance;
int with_log;
diff --git a/tools/mime-parser.c b/tools/mime-parser.c
index 0db1a9c23..31f766ca5 100644
--- a/tools/mime-parser.c
+++ b/tools/mime-parser.c
@@ -93,7 +93,7 @@ struct mime_parser_context_s
unsigned int boundary : 1;
} show;
- struct b64state *b64state; /* NULL or malloced Base64 decoder state. */
+ gpgrt_b64state_t b64state; /* NULL or malloced Base64 decoder state. */
/* A buffer for reading a mail line, */
char line[5000];
@@ -410,15 +410,11 @@ parse_message_cb (void *opaque, rfc822parse_event_t event, rfc822parse_t msg)
{
ctx->decode_part = 2;
if (ctx->b64state)
- b64dec_finish (ctx->b64state); /* Reuse state. */
- else
- {
- ctx->b64state = xtrymalloc (sizeof *ctx->b64state);
- if (!ctx->b64state)
- rc = gpg_error_from_syserror ();
- }
- if (!rc)
- rc = b64dec_start (ctx->b64state, NULL);
+ gpgrt_b64dec_finish (ctx->b64state); /* Release. */
+
+ ctx->b64state = gpgrt_b64dec_start (NULL);
+ if (!ctx->b64state)
+ rc = gpg_error_from_syserror ();
}
free (value); /* Right, we need a plain free. */
}
@@ -528,10 +524,7 @@ mime_parser_release (mime_parser_t ctx)
return;
if (ctx->b64state)
- {
- b64dec_finish (ctx->b64state);
- xfree (ctx->b64state);
- }
+ gpgrt_b64dec_finish (ctx->b64state);
xfree (ctx);
}
@@ -661,7 +654,7 @@ process_part_data (mime_parser_t ctx, char *line, size_t *length)
else if (ctx->decode_part == 2)
{
log_assert (ctx->b64state);
- err = b64dec_proc (ctx->b64state, line, *length, &nbytes);
+ err = gpgrt_b64dec_proc (ctx->b64state, line, *length, &nbytes);
if (err)
return err;
*length = nbytes;
diff --git a/tools/wks-util.c b/tools/wks-util.c
index 640116ce8..4a15d672a 100644
--- a/tools/wks-util.c
+++ b/tools/wks-util.c
@@ -599,7 +599,7 @@ wks_armor_key (estream_t *r_newkey, estream_t key, const char *prefix)
{
gpg_error_t err;
estream_t newkey;
- struct b64state b64state;
+ gpgrt_b64state_t b64state;
char buffer[4096];
size_t nread;
@@ -615,16 +615,19 @@ wks_armor_key (estream_t *r_newkey, estream_t key, const char *prefix)
if (prefix)
es_fputs (prefix, newkey);
- err = b64enc_start_es (&b64state, newkey, "PGP PUBLIC KEY BLOCK");
- if (err)
- goto leave;
+ b64state = gpgrt_b64enc_start (newkey, "PGP PUBLIC KEY BLOCK");
+ if (!b64state)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
do
{
nread = es_fread (buffer, 1, sizeof buffer, key);
if (!nread)
break;
- err = b64enc_write (&b64state, buffer, nread);
+ err = gpgrt_b64enc_write (b64state, buffer, nread);
if (err)
goto leave;
}
@@ -635,7 +638,7 @@ wks_armor_key (estream_t *r_newkey, estream_t key, const char *prefix)
goto leave;
}
- err = b64enc_finish (&b64state);
+ err = gpgrt_b64enc_finish (b64state);
if (err)
goto leave;
diff --git a/tpm2d/tpm2daemon.c b/tpm2d/tpm2daemon.c
index b4e6f66e7..8e16e931a 100644
--- a/tpm2d/tpm2daemon.c
+++ b/tpm2d/tpm2daemon.c
@@ -192,9 +192,6 @@ static gnupg_fd_t create_server_socket (const char *name,
static void *start_connection_thread (void *arg);
static void handle_connections (gnupg_fd_t listen_fd);
-/* Pth wrapper function definitions. */
-ASSUAN_SYSTEM_NPTH_IMPL;
-
static int active_connections;
@@ -368,7 +365,6 @@ main (int argc, char **argv )
malloc_hooks.free = gcry_free;
assuan_set_malloc_hooks (&malloc_hooks);
assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
- assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
assuan_sock_init ();
setup_libassuan_logging (&opt.debug, NULL);
@@ -599,6 +595,7 @@ main (int argc, char **argv )
npth_init ();
gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
+ assuan_control (ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP, NULL);
/* If --debug-allow-core-dump has been given we also need to
switch the working directory to a place where we can actually
@@ -740,6 +737,7 @@ main (int argc, char **argv )
npth_init ();
gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
+ assuan_control (ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP, NULL);
/* Detach from tty and put process into a new session. */
if (!nodetach )
@@ -1012,7 +1010,7 @@ start_connection_thread (void *arg)
&& assuan_sock_check_nonce (ctrl->thread_startup.fd, &socket_nonce))
{
log_info (_("error reading nonce on fd %d: %s\n"),
- FD2INT (ctrl->thread_startup.fd), strerror (errno));
+ FD_DBG (ctrl->thread_startup.fd), strerror (errno));
assuan_sock_close (ctrl->thread_startup.fd);
xfree (ctrl);
return NULL;
@@ -1023,7 +1021,7 @@ start_connection_thread (void *arg)
tpm2d_init_default_ctrl (ctrl);
if (opt.verbose)
log_info (_("handler for fd %d started\n"),
- FD2INT (ctrl->thread_startup.fd));
+ FD_DBG (ctrl->thread_startup.fd));
/* If this is a pipe server, we request a shutdown if the command
handler asked for it. With the next ticker event and given that
@@ -1035,7 +1033,7 @@ start_connection_thread (void *arg)
if (opt.verbose)
log_info (_("handler for fd %d terminated\n"),
- FD2INT (ctrl->thread_startup.fd));
+ FD_DBG (ctrl->thread_startup.fd));
tpm2d_deinit_default_ctrl (ctrl);
xfree (ctrl);
@@ -1154,7 +1152,7 @@ handle_connections (gnupg_fd_t listen_fd)
if (listen_fd != GNUPG_INVALID_FD)
{
FD_SET (FD2INT (listen_fd), &fdset);
- nfd = FD2INT (listen_fd);
+ nfd = FD2NUM (listen_fd);
}
for (;;)
@@ -1238,8 +1236,8 @@ handle_connections (gnupg_fd_t listen_fd)
gnupg_fd_t fd;
plen = sizeof paddr;
- fd = INT2FD (npth_accept (FD2INT (listen_fd),
- (struct sockaddr *)&paddr, &plen));
+ fd = assuan_sock_accept (listen_fd,
+ (struct sockaddr *)&paddr, &plen);
if (fd == GNUPG_INVALID_FD)
{
log_error ("accept failed: %s\n", strerror (errno));
@@ -1255,7 +1253,7 @@ handle_connections (gnupg_fd_t listen_fd)
char threadname[50];
npth_t thread;
- snprintf (threadname, sizeof threadname, "conn fd=%d", FD2INT (fd));
+ snprintf (threadname, sizeof threadname, "conn fd=%d", FD_DBG (fd));
ctrl->thread_startup.fd = fd;
ret = npth_create (&thread, &tattr, start_connection_thread, ctrl);
if (ret)
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-27 19:34:04 +0000