common: On Windows, we care about how PIPE handles are inherited.

* agent/gpg-agent.c (handle_connections): It's for POSIX.
* kbx/keyboxd.c (handle_connections): Ditto.
* scd/app.c (handle_connections): Ditto.
* scd/scdaemon.c (handle_connections): Ditto.
tpm2d/tpm2daemon.c (handle_connections): Ditto.
* tests/gpgscm/ffi.c (do_pipe): Use GNUPG_PIPE_BOTH.
(do_inbound_pipe): Use GNUPG_PIPE_INBOUND.
(do_outbound_pipe): Use GNUPG_PIPE_OUTBOUND.
* common/call-gpg.c (_gpg_encrypt): Specify outbound and inbound.
(_gpg_decrypt): Likewise.
* common/exechelp-posix.c (gnupg_create_pipe): Add an argument.
* common/exechelp-w32.c (create_pipe_and_estream): Care about
how PIPE handles are inherited to child process.
(gnupg_create_pipe): Add an argument.
* common/exechelp.h: Add enum values.

--

Fixes-commit: af6c47b2910f394faf582800d60d88e9b4dcf834
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

agent/gpg-agent.c

@@ -3022,7 +3022,7 @@ handle_connections (gnupg_fd_t listen_fd,
   npth_sigev_add (SIGTERM);
   npth_sigev_fini ();
 # ifdef HAVE_PSELECT_NO_EINTR
-  ret = gnupg_create_pipe (pipe_fd);
+  ret = gnupg_create_pipe (pipe_fd, 0);
   if (ret)
     {
       log_error ("pipe creation failed: %s\n", gpg_strerror (ret));

common/call-gpg.c

@@ -429,9 +429,9 @@ _gpg_encrypt (ctrl_t ctrl,
   assert ((reader_mb == NULL) != (cipher_stream == NULL));
 
   /* Create two pipes.  */
-  err = gnupg_create_pipe (outbound_fds);
+  err = gnupg_create_pipe (outbound_fds, GNUPG_PIPE_OUTBOUND);
   if (!err)
-    err = gnupg_create_pipe (inbound_fds);
+    err = gnupg_create_pipe (inbound_fds, GNUPG_PIPE_INBOUND);
   if (err)
     {
       log_error (_("error creating a pipe: %s\n"), gpg_strerror (err));
@@ -613,9 +613,9 @@ _gpg_decrypt (ctrl_t ctrl,
   assert ((reader_mb == NULL) != (plain_stream == NULL));
 
   /* Create two pipes.  */
-  err = gnupg_create_pipe (outbound_fds);
+  err = gnupg_create_pipe (outbound_fds, GNUPG_PIPE_OUTBOUND);
   if (!err)
-    err = gnupg_create_pipe (inbound_fds);
+    err = gnupg_create_pipe (inbound_fds, GNUPG_PIPE_INBOUND);
   if (err)
     {
       log_error (_("error creating a pipe: %s\n"), gpg_strerror (err));

common/exechelp-posix.c

@@ -348,11 +348,14 @@ gnupg_create_outbound_pipe (gnupg_fd_t *r_fd, estream_t *r_fp, int nonblock)
 }
 
 
-/* Portable function to create a pipe.  Under Windows both ends are
+/* Portable function to create a pipe.  FLAGS=GNUPG_PIPE_INBOUND for
-   inheritable.  */
+   ihneritable write-end for Windows, GNUPG_PIPE_OUTBOUND for
+   inheritable read-end for Windows, GNUPG_PIPE_BOTH to specify
+   both ends may be inheritable.  */
 gpg_error_t
-gnupg_create_pipe (int filedes[2])
+gnupg_create_pipe (int filedes[2], int flags)
 {
+  (void)flags;
   return do_create_pipe (filedes);
 }
 

common/exechelp-w32.c

@@ -229,8 +229,16 @@ create_pipe_and_estream (gnupg_fd_t *r_fd, int flags,
   gpg_error_t err = 0;
   es_syshd_t syshd;
   gnupg_fd_t fds[2];
+  int inherit_flags = 0;
 
-  if (create_inheritable_pipe (fds, flags) < 0)
+  if (flags == GNUPG_PIPE_OUTBOUND)
+    inherit_flags = INHERIT_READ;
+  else if (flags == GNUPG_PIPE_INBOUND)
+    inherit_flags = INHERIT_WRITE;
+  else
+    inherit_flags = INHERIT_BOTH;
+
+  if (create_inheritable_pipe (fds, inherit_flags) < 0)
     {
       err = my_error_from_syserror ();
       log_error (_("error creating a pipe: %s\n"), gpg_strerror (err));
@@ -275,7 +283,7 @@ gnupg_create_inbound_pipe (gnupg_fd_t *r_fd, estream_t *r_fp, int nonblock)
   if (!r_fd || !r_fp)
     gpg_error (GPG_ERR_INV_ARG);
 
-  return create_pipe_and_estream (r_fd, INHERIT_WRITE, r_fp, 0, nonblock);
+  return create_pipe_and_estream (r_fd, GNUPG_PIPE_INBOUND, r_fp, 0, nonblock);
 }
 
 
@@ -288,19 +296,29 @@ gnupg_create_outbound_pipe (gnupg_fd_t *r_fd, estream_t *r_fp, int nonblock)
   if (!r_fd || !r_fp)
     gpg_error (GPG_ERR_INV_ARG);
 
-  return create_pipe_and_estream (r_fd, INHERIT_READ, r_fp, 1, nonblock);
+  return create_pipe_and_estream (r_fd, GNUPG_PIPE_OUTBOUND, r_fp, 1, nonblock);
 }
 
 
-/* Portable function to create a pipe.  Under Windows both ends are
+/* Portable function to create a pipe.  FLAGS=GNUPG_PIPE_INBOUND for
-   inheritable.  */
+   ihneritable write-end for Windows, GNUPG_PIPE_OUTBOUND for
+   inheritable read-end for Windows, GNUPG_PIPE_BOTH to specify
+   both ends may be inheritable.  */
 gpg_error_t
-gnupg_create_pipe (int filedes[2])
+gnupg_create_pipe (int filedes[2], int flags)
 {
   gnupg_fd_t fds[2];
   gpg_error_t err = 0;
+  int inherit_flags = 0;
 
-  if (create_inheritable_pipe (fds, INHERIT_BOTH) < 0)
+  if (flags == GNUPG_PIPE_OUTBOUND)
+    inherit_flags = INHERIT_READ;
+  else if (flags == GNUPG_PIPE_INBOUND)
+    inherit_flags = INHERIT_WRITE;
+  else
+    inherit_flags = INHERIT_BOTH;
+
+  if (create_inheritable_pipe (fds, inherit_flags) < 0)
     return my_error_from_syserror ();
 
   filedes[0] = _open_osfhandle (handle_to_fd (fds[0]), O_RDONLY);

common/exechelp.h

@@ -65,11 +65,17 @@ gpg_error_t gnupg_create_inbound_pipe (gnupg_fd_t *r_fd,
 gpg_error_t gnupg_create_outbound_pipe (gnupg_fd_t *r_fd,
                                         estream_t *r_fp, int nonblock);
 
-/* Portable function to create a pipe.  Under Windows both ends are
+enum {
-   inheritable.  */
+  GNUPG_PIPE_DONTCARE=0,
-gpg_error_t gnupg_create_pipe (int filedes[2]);
+  GNUPG_PIPE_INBOUND=1,
+  GNUPG_PIPE_OUTBOUND=2,
+  GNUPG_PIPE_BOTH=3
+};
 
-/* Close the end of a pipe.  */
+/* Portable function to create a pipe.  FLAGS=GNUPG_PIPE_INBOUND for
-void gnupg_close_pipe (int fd);
+   ihneritable write-end for Windows, GNUPG_PIPE_OUTBOUND for
+   inheritable read-end for Windows, GNUPG_PIPE_BOTH to specify
+   both ends may be inheritable.  */
+gpg_error_t gnupg_create_pipe (int filedes[2], int flags);
 
 #endif /*GNUPG_COMMON_EXECHELP_H*/

kbx/keyboxd.c

@@ -1527,7 +1527,7 @@ handle_connections (gnupg_fd_t listen_fd)
   npth_sigev_add (SIGTERM);
   npth_sigev_fini ();
 # ifdef HAVE_PSELECT_NO_EINTR
-  ret = gnupg_create_pipe (pipe_fd);
+  ret = gnupg_create_pipe (pipe_fd, 0);
   if (ret)
     {
       log_error ("pipe creation failed: %s\n", gpg_strerror (ret));

scd/app.c

@@ -2649,7 +2649,7 @@ initialize_module_command (void)
 #ifdef HAVE_W32_SYSTEM
   scd_init_event (&card_list_lock.the_event, card_list_lock.events);
 #else
-  ret = gnupg_create_pipe (card_list_lock.notify_pipe);
+  ret = gnupg_create_pipe (card_list_lock.notify_pipe, 0);
   if (ret)
     {
       err = gpg_error_from_syserror ();

scd/scdaemon.c

@@ -1312,7 +1312,7 @@ handle_connections (gnupg_fd_t listen_fd)
 #ifdef HAVE_PSELECT_NO_EINTR
   int pipe_fd[2];
 
-  ret = gnupg_create_pipe (pipe_fd);
+  ret = gnupg_create_pipe (pipe_fd, 0);
   if (ret)
     {
       log_error ("pipe creation failed: %s\n", gpg_strerror (ret));

tests/gpgscm/ffi.c

@@ -1227,7 +1227,7 @@ do_pipe (scheme *sc, pointer args)
   FFI_PROLOG ();
   int filedes[2];
   FFI_ARGS_DONE_OR_RETURN (sc, args);
-  err = gnupg_create_pipe (filedes);
+  err = gnupg_create_pipe (filedes, GNUPG_PIPE_BOTH);
 #define IMC(A, B)                                                       \
   _cons (sc, sc->vptr->mk_integer (sc, (unsigned long) (A)), (B), 1)
   FFI_RETURN_POINTER (sc, IMC (filedes[0],
@@ -1241,7 +1241,7 @@ do_inbound_pipe (scheme *sc, pointer args)
   FFI_PROLOG ();
   int filedes[2];
   FFI_ARGS_DONE_OR_RETURN (sc, args);
-  err = gnupg_create_pipe (filedes);
+  err = gnupg_create_pipe (filedes, GNUPG_PIPE_INBOUND);
 #define IMC(A, B)                                                       \
   _cons (sc, sc->vptr->mk_integer (sc, (unsigned long) (A)), (B), 1)
   FFI_RETURN_POINTER (sc, IMC (filedes[0],
@@ -1255,7 +1255,7 @@ do_outbound_pipe (scheme *sc, pointer args)
   FFI_PROLOG ();
   int filedes[2];
   FFI_ARGS_DONE_OR_RETURN (sc, args);
-  err = gnupg_create_pipe (filedes);
+  err = gnupg_create_pipe (filedes, GNUPG_PIPE_OUTBOUND);
 #define IMC(A, B)                                                       \
   _cons (sc, sc->vptr->mk_integer (sc, (unsigned long) (A)), (B), 1)
   FFI_RETURN_POINTER (sc, IMC (filedes[0],

tpm2d/tpm2daemon.c

@@ -1093,7 +1093,7 @@ handle_connections (gnupg_fd_t listen_fd)
 #ifdef HAVE_PSELECT_NO_EINTR
   int pipe_fd[2];
 
-  ret = gnupg_create_pipe (pipe_fd);
+  ret = gnupg_create_pipe (pipe_fd, 0);
   if (ret)
     {
       log_error ("pipe creation failed: %s\n", gpg_strerror (ret));