security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00
Code Activity

common,tools,dirmngr: Introduce gnupg_process_spawn.

Browse Source 
--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2022-11-17 14:12:51 +09:00
parent 18a3ce1c9b
commit 729951f4c2
No known key found for this signature in database
GPG Key ID: 640114AF89DE6054
12 changed files with 1629 additions and 140 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
agent/genkey.c
View File

@ -99,7 +99,7 @@ do_check_passphrase_pattern (ctrl_t ctrl, const char *pw, unsigned int flags)
const char *pgmname = gnupg_module_name (GNUPG_MODULE_NAME_CHECK_PATTERN);
estream_t stream_to_check_pattern = NULL;
const char *argv[10];
pid_t pid;
gnupg_process_t proc;
int result, i;
const char *pattern;
char *patternfname;
@ -142,11 +142,19 @@ do_check_passphrase_pattern (ctrl_t ctrl, const char *pw, unsigned int flags)
argv[i] = NULL;
log_assert (i < sizeof argv);
if (gnupg_spawn_process (pgmname, argv, NULL, 0,
&stream_to_check_pattern, NULL, NULL, &pid))
if (gnupg_process_spawn (pgmname, argv,
(GNUPG_PROCESS_STDIN_PIPE
| GNUPG_PROCESS_STDOUT_NULL
| GNUPG_PROCESS_STDERR_NULL),
NULL, NULL, &proc))
result = 1; /* Execute error - assume password should no be used. */
else
{
int status;
gnupg_process_get_streams (proc, 0, &stream_to_check_pattern,
NULL, NULL);
es_set_binary (stream_to_check_pattern);
if (es_fwrite (pw, strlen (pw), 1, stream_to_check_pattern) != 1)
{
@ -157,11 +165,13 @@ do_check_passphrase_pattern (ctrl_t ctrl, const char *pw, unsigned int flags)
else
es_fflush (stream_to_check_pattern);
es_fclose (stream_to_check_pattern);
if (gnupg_wait_process (pgmname, pid, 1, NULL))
gnupg_process_wait (proc, 1);
gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &status);
if (status)
result = 1; /* Helper returned an error - probably a match. */
else
result = 0; /* Success; i.e. no match. */
gnupg_release_process (pid);
gnupg_process_release (proc);
}
xfree (patternfname);

652
common/exechelp-posix.c
View File

@ -915,3 +915,655 @@ gnupg_kill_process (pid_t pid)
kill (pid, SIGTERM);
}
}
#include <sys/socket.h>
struct gnupg_process {
const char *pgmname;
unsigned int terminated :1; /* or detached */
unsigned int flags;
pid_t pid;
int fd_in;
int fd_out;
int fd_err;
int wstatus;
};
static int gnupg_process_syscall_func_initialized;
/* Functions called before and after blocking syscalls. */
static void (*pre_syscall_func) (void);
static void (*post_syscall_func) (void);
static void
check_syscall_func (void)
{
if (!gnupg_process_syscall_func_initialized)
{
gpgrt_get_syscall_clamp (&pre_syscall_func, &post_syscall_func);
gnupg_process_syscall_func_initialized = 1;
}
}
static void
pre_syscall (void)
{
if (pre_syscall_func)
pre_syscall_func ();
}
static void
post_syscall (void)
{
if (post_syscall_func)
post_syscall_func ();
}
static gpg_err_code_t
do_create_socketpair (int filedes[2])
{
gpg_error_t err = 0;
pre_syscall ();
if (socketpair (AF_LOCAL, SOCK_STREAM, 0, filedes) == -1)
{
err = gpg_err_code_from_syserror ();
filedes[0] = filedes[1] = -1;
}
post_syscall ();
return err;
}
static int
posix_open_null (int for_write)
{
int fd;
fd = open ("/dev/null", for_write? O_WRONLY : O_RDONLY);
if (fd == -1)
log_fatal ("failed to open '/dev/null': %s\n", strerror (errno));
return fd;
}
static void
my_exec (const char *pgmname, const char *argv[],
int fd_in, int fd_out, int fd_err, int ask_inherit)
{
int i;
int fds[3];
fds[0] = fd_in;
fds[1] = fd_out;
fds[2] = fd_err;
/* Assign /dev/null to unused FDs. */
for (i = 0; i <= 2; i++)
if (fds[i] == -1)
fds[i] = posix_open_null (i);
/* Connect the standard files. */
for (i = 0; i <= 2; i++)
if (fds[i] != i)
{
if (dup2 (fds[i], i) == -1)
log_fatal ("dup2 std%s failed: %s\n",
i==0?"in":i==1?"out":"err", strerror (errno));
close (fds[i]);
}
/* Close all other files. */
if (!ask_inherit)
close_all_fds (3, NULL);
execv (pgmname, (char *const *)argv);
/* No way to print anything, as we have may have closed all streams. */
_exit (127);
}
static gpg_err_code_t
spawn_detached (gnupg_process_t process,
const char *pgmname, const char *argv[],
int (*spawn_cb) (struct spawn_cb_arg *), void *spawn_cb_arg)
{
gpg_err_code_t ec;
pid_t pid;
/* FIXME: Is this GnuPG specific or should we keep it. */
if (getuid() != geteuid())
{
xfree (process);
xfree (argv);
return GPG_ERR_BUG;
}
if (access (pgmname, X_OK))
{
ec = gpg_err_code_from_syserror ();
xfree (process);
xfree (argv);
return ec;
}
pre_syscall ();
pid = fork ();
post_syscall ();
if (pid == (pid_t)(-1))
{
ec = gpg_err_code_from_syserror ();
log_error (_("error forking process: %s\n"), gpg_strerror (ec));
xfree (process);
xfree (argv);
return ec;
}
if (!pid)
{
pid_t pid2;
struct spawn_cb_arg arg;
int ask_inherit = 0;
arg.std_fds[0] = arg.std_fds[1] = arg.std_fds[2] = -1;
arg.arg = spawn_cb_arg;
if (spawn_cb)
ask_inherit = (*spawn_cb) (&arg);
if (setsid() == -1 || chdir ("/"))
_exit (1);
pid2 = fork (); /* Double fork to let init take over the new child. */
if (pid2 == (pid_t)(-1))
_exit (1);
if (pid2)
_exit (0); /* Let the parent exit immediately. */
my_exec (pgmname, argv, -1, -1, -1, ask_inherit);
/*NOTREACHED*/
}
pre_syscall ();
if (waitpid (pid, NULL, 0) == -1)
{
post_syscall ();
ec = gpg_err_code_from_syserror ();
log_error ("waitpid failed in gpgrt_spawn_process_detached: %s",
gpg_strerror (ec));
return ec;
}
else
post_syscall ();
process->pid = (pid_t)-1;
process->fd_in = -1;
process->fd_out = -1;
process->fd_err = -1;
process->wstatus = -1;
process->terminated = 1;
return 0;
}
gpg_err_code_t
gnupg_process_spawn (const char *pgmname, const char *argv1[],
unsigned int flags,
int (*spawn_cb) (struct spawn_cb_arg *),
void *spawn_cb_arg,
gnupg_process_t *r_process)
{
gpg_err_code_t ec;
gnupg_process_t process;
int fd_in[2];
int fd_out[2];
int fd_err[2];
pid_t pid;
const char **argv;
int i, j;
check_syscall_func ();
*r_process = NULL;
/* Create the command line argument array. */
i = 0;
if (argv1)
while (argv1[i])
i++;
argv = xtrycalloc (i+2, sizeof *argv);
if (!argv)
return gpg_err_code_from_syserror ();
argv[0] = strrchr (pgmname, '/');
if (argv[0])
argv[0]++;
else
argv[0] = pgmname;
if (argv1)
for (i=0, j=1; argv1[i]; i++, j++)
argv[j] = argv1[i];
process = xtrycalloc (1, sizeof (struct gnupg_process));
if (process == NULL)
{
xfree (argv);
return gpg_err_code_from_syserror ();
}
process->pgmname = pgmname;
process->flags = flags;
if ((flags & GNUPG_PROCESS_DETACHED))
{
if ((flags & GNUPG_PROCESS_STDFDS_SETTING))
{
xfree (process);
xfree (argv);
return GPG_ERR_INV_FLAG;
}
*r_process = process;
return spawn_detached (process, pgmname, argv, spawn_cb, spawn_cb_arg);
}
if ((flags & GNUPG_PROCESS_STDINOUT_SOCKETPAIR))
{
ec = do_create_socketpair (fd_in);
if (ec)
{
xfree (process);
xfree (argv);
return ec;
}
fd_out[0] = dup (fd_in[0]);
fd_out[1] = dup (fd_in[1]);
}
else
{
if ((flags & GNUPG_PROCESS_STDIN_PIPE))
{
ec = do_create_pipe (fd_in);
if (ec)
{
xfree (process);
xfree (argv);
return ec;
}
}
else if ((flags & GNUPG_PROCESS_STDIN_NULL))
{
fd_in[0] = -1;
fd_in[1] = -1;
}
else
{
fd_in[0] = 0;
fd_in[1] = -1;
}
if ((flags & GNUPG_PROCESS_STDOUT_PIPE))
{
ec = do_create_pipe (fd_out);
if (ec)
{
if (fd_in[0] >= 0 && fd_in[0] != 0)
close (fd_in[0]);
if (fd_in[1] >= 0)
close (fd_in[1]);
xfree (process);
xfree (argv);
return ec;
}
}
else if ((flags & GNUPG_PROCESS_STDOUT_NULL))
{
fd_out[0] = -1;
fd_out[1] = -1;
}
else
{
fd_out[0] = -1;
fd_out[1] = 1;
}
}
if ((flags & GNUPG_PROCESS_STDERR_PIPE))
{
ec = do_create_pipe (fd_err);
if (ec)
{
if (fd_in[0] >= 0 && fd_in[0] != 0)
close (fd_in[0]);
if (fd_in[1] >= 0)
close (fd_in[1]);
if (fd_out[0] >= 0)
close (fd_out[0]);
if (fd_out[1] >= 0 && fd_out[1] != 1)
close (fd_out[1]);
xfree (process);
xfree (argv);
return ec;
}
}
else if ((flags & GNUPG_PROCESS_STDERR_NULL))
{
fd_err[0] = -1;
fd_err[1] = -1;
}
else
{
fd_err[0] = -1;
fd_err[1] = 2;
}
pre_syscall ();
pid = fork ();
post_syscall ();
if (pid == (pid_t)(-1))
{
ec = gpg_err_code_from_syserror ();
log_error (_("error forking process: %s\n"), gpg_strerror (ec));
if (fd_in[0] >= 0 && fd_in[0] != 0)
close (fd_in[0]);
if (fd_in[1] >= 0)
close (fd_in[1]);
if (fd_out[0] >= 0)
close (fd_out[0]);
if (fd_out[1] >= 0 && fd_out[1] != 1)
close (fd_out[1]);
if (fd_err[0] >= 0)
close (fd_err[0]);
if (fd_err[1] >= 0 && fd_err[1] != 2)
close (fd_err[1]);
xfree (process);
xfree (argv);
return ec;
}
if (!pid)
{
struct spawn_cb_arg arg;
int ask_inherit = 0;
arg.std_fds[0] = fd_in[0];
arg.std_fds[1] = fd_out[1];
arg.std_fds[2] = fd_err[1];
arg.arg = spawn_cb_arg;
if (fd_in[1] >= 0)
close (fd_in[1]);
if (fd_out[0] >= 0)
close (fd_out[0]);
if (fd_err[0] >= 0)
close (fd_err[0]);
if (spawn_cb)
ask_inherit = (*spawn_cb) (&arg);
/* Run child. */
my_exec (pgmname, argv, fd_in[0], fd_out[1], fd_err[1], ask_inherit);
/*NOTREACHED*/
}
xfree (argv);
process->pid = pid;
if (fd_in[0] >= 0 && fd_in[0] != 0)
close (fd_in[0]);
if (fd_out[1] >= 0 && fd_out[1] != 1)
close (fd_out[1]);
if (fd_err[1] >= 0 && fd_err[1] != 2)
close (fd_err[1]);
process->fd_in = fd_in[1];
process->fd_out = fd_out[0];
process->fd_err = fd_err[0];
process->wstatus = -1;
process->terminated = 0;
*r_process = process;
return 0;
}
static gpg_err_code_t
process_kill (gnupg_process_t process, int sig)
{
gpg_err_code_t ec = 0;
pid_t pid = process->pid;
pre_syscall ();
if (kill (pid, sig) < 0)
ec = gpg_err_code_from_syserror ();
post_syscall ();
return ec;
}
gpg_err_code_t
gnupg_process_terminate (gnupg_process_t process)
{
return process_kill (process, SIGTERM);
}
gpg_err_code_t
gnupg_process_get_fds (gnupg_process_t process, unsigned int flags,
int *r_fd_in, int *r_fd_out, int *r_fd_err)
{
(void)flags;
if (r_fd_in)
{
*r_fd_in = process->fd_in;
process->fd_in = -1;
}
if (r_fd_out)
{
*r_fd_out = process->fd_out;
process->fd_out = -1;
}
if (r_fd_err)
{
*r_fd_err = process->fd_err;
process->fd_err = -1;
}
return 0;
}
gpg_err_code_t
gnupg_process_get_streams (gnupg_process_t process, unsigned int flags,
gpgrt_stream_t *r_fp_in, gpgrt_stream_t *r_fp_out,
gpgrt_stream_t *r_fp_err)
{
int nonblock = (flags & GNUPG_PROCESS_STREAM_NONBLOCK)? 1: 0;
if (r_fp_in)
{
*r_fp_in = es_fdopen (process->fd_in, nonblock? "w,nonblock" : "w");
process->fd_in = -1;
}
if (r_fp_out)
{
*r_fp_out = es_fdopen (process->fd_out, nonblock? "r,nonblock" : "r");
process->fd_out = -1;
}
if (r_fp_err)
{
*r_fp_err = es_fdopen (process->fd_err, nonblock? "r,nonblock" : "r");
process->fd_err = -1;
}
return 0;
}
static gpg_err_code_t
process_vctl (gnupg_process_t process, unsigned int request, va_list arg_ptr)
{
switch (request)
{
case GNUPG_PROCESS_NOP:
return 0;
case GNUPG_PROCESS_GET_ID:
{
int *r_id = va_arg (arg_ptr, int *);
if (r_id == NULL)
return GPG_ERR_INV_VALUE;
*r_id = (int)process->pid;
return 0;
}
case GNUPG_PROCESS_GET_EXIT_ID:
{
int status = process->wstatus;
int *r_exit_status = va_arg (arg_ptr, int *);
if (!process->terminated)
return GPG_ERR_UNFINISHED;
if (WIFEXITED (status))
{
if (r_exit_status)
*r_exit_status = WEXITSTATUS (status);
}
else
*r_exit_status = -1;
return 0;
}
case GNUPG_PROCESS_GET_PID:
{
pid_t *r_pid = va_arg (arg_ptr, pid_t *);
if (r_pid == NULL)
return GPG_ERR_INV_VALUE;
*r_pid = process->pid;
return 0;
}
case GNUPG_PROCESS_GET_WSTATUS:
{
int status = process->wstatus;
int *r_if_exited = va_arg (arg_ptr, int *);
int *r_if_signaled = va_arg (arg_ptr, int *);
int *r_exit_status = va_arg (arg_ptr, int *);
int *r_termsig = va_arg (arg_ptr, int *);
if (!process->terminated)
return GPG_ERR_UNFINISHED;
if (WIFEXITED (status))
{
if (r_if_exited)
*r_if_exited = 1;
if (r_if_signaled)
*r_if_signaled = 0;
if (r_exit_status)
*r_exit_status = WEXITSTATUS (status);
if (r_termsig)
*r_termsig = 0;
}
else if (WIFSIGNALED (status))
{
if (r_if_exited)
*r_if_exited = 0;
if (r_if_signaled)
*r_if_signaled = 1;
if (r_exit_status)
*r_exit_status = 0;
if (r_termsig)
*r_termsig = WTERMSIG (status);
}
return 0;
}
case GNUPG_PROCESS_KILL:
{
int sig = va_arg (arg_ptr, int);
return process_kill (process, sig);
}
default:
break;
}
return GPG_ERR_UNKNOWN_COMMAND;
}
gpg_err_code_t
gnupg_process_ctl (gnupg_process_t process, unsigned int request, ...)
{
va_list arg_ptr;
gpg_err_code_t ec;
va_start (arg_ptr, request);
ec = process_vctl (process, request, arg_ptr);
va_end (arg_ptr);
return ec;
}
gpg_err_code_t
gnupg_process_wait (gnupg_process_t process, int hang)
{
gpg_err_code_t ec;
int status;
pid_t pid;
if (process->terminated)
/* Already terminated. */
return 0;
pre_syscall ();
while ((pid = waitpid (process->pid, &status, hang? 0: WNOHANG))
== (pid_t)(-1) && errno == EINTR);
post_syscall ();
if (pid == (pid_t)(-1))
{
ec = gpg_err_code_from_syserror ();
log_error (_("waiting for process %d to terminate failed: %s\n"),
(int)pid, gpg_strerror (ec));
}
else if (!pid)
{
ec = GPG_ERR_TIMEOUT; /* Still running. */
}
else
{
process->terminated = 1;
process->wstatus = status;
ec = 0;
}
return ec;
}
void
gnupg_process_release (gnupg_process_t process)
{
if (process->terminated)
gnupg_process_wait (process, 0);
xfree (process);
}
gpg_err_code_t
gnupg_process_wait_list (gnupg_process_t *process_list, int count, int hang)
{
gpg_err_code_t ec = 0;
int i;
for (i = 0; i < count; i++)
{
if (process_list[i]->terminated)
continue;
ec = gnupg_process_wait (process_list[i], hang);
if (ec)
break;
}
return ec;
}

665
common/exechelp-w32.c
View File

@ -1048,3 +1048,668 @@ gnupg_kill_process (pid_t pid)
TerminateProcess (process, 1);
}
}
struct gnupg_process {
const char *pgmname;
unsigned int terminated :1; /* or detached */
unsigned int flags;
HANDLE hProcess;
HANDLE hd_in;
HANDLE hd_out;
HANDLE hd_err;
int exitcode;
};
static int gnupg_process_syscall_func_initialized;
/* Functions called before and after blocking syscalls. */
static void (*pre_syscall_func) (void);
static void (*post_syscall_func) (void);
static void
check_syscall_func (void)
{
if (!gnupg_process_syscall_func_initialized)
{
gpgrt_get_syscall_clamp (&pre_syscall_func, &post_syscall_func);
gnupg_process_syscall_func_initialized = 1;
}
}
static void
pre_syscall (void)
{
if (pre_syscall_func)
pre_syscall_func ();
}
static void
post_syscall (void)
{
if (post_syscall_func)
post_syscall_func ();
}
static gpg_err_code_t
spawn_detached (gnupg_process_t process,
const char *pgmname, char *cmdline,
int (*spawn_cb) (struct spawn_cb_arg *), void *spawn_cb_arg)
{
SECURITY_ATTRIBUTES sec_attr;
PROCESS_INFORMATION pi = { NULL, 0, 0, 0 };
STARTUPINFOW si;
int cr_flags;
wchar_t *wcmdline = NULL;
wchar_t *wpgmname = NULL;
int ask_inherit = 0;
gpg_err_code_t ec;
int ret;
ec = gnupg_access (pgmname, X_OK);
if (ec)
{
xfree (process);
xfree (cmdline);
return ec;
}
if (spawn_cb)
{
struct spawn_cb_arg arg;
arg.std_fds[0] = arg.std_fds[1] = arg.std_fds[2] = -1;
arg.arg = spawn_cb_arg;
ask_inherit = (*spawn_cb) (&arg);
}
/* Prepare security attributes. */
memset (&sec_attr, 0, sizeof sec_attr );
sec_attr.nLength = sizeof sec_attr;
if (ask_inherit)
sec_attr.bInheritHandle = TRUE;
else
sec_attr.bInheritHandle = FALSE;
/* Start the process. */
memset (&si, 0, sizeof si);
si.cb = sizeof (si);
si.dwFlags = STARTF_USESHOWWINDOW;
si.wShowWindow = DEBUG_W32_SPAWN? SW_SHOW : SW_MINIMIZE;
cr_flags = (CREATE_DEFAULT_ERROR_MODE
| GetPriorityClass (GetCurrentProcess ())
| CREATE_NEW_PROCESS_GROUP
| DETACHED_PROCESS);
log_debug ("CreateProcess(detached), path='%s' cmdline='%s'\n",
pgmname, cmdline);
/* Take care: CreateProcessW may modify wpgmname */
if (!(wpgmname = utf8_to_wchar (pgmname)))
ret = 0;
else if (!(wcmdline = utf8_to_wchar (cmdline)))
ret = 0;
else
ret = CreateProcessW (wpgmname, /* Program to start. */
wcmdline, /* Command line arguments. */
&sec_attr, /* Process security attributes. */
&sec_attr, /* Thread security attributes. */
FALSE, /* Inherit handles. */
cr_flags, /* Creation flags. */
NULL, /* Environment. */
NULL, /* Use current drive/directory. */
&si, /* Startup information. */
&pi /* Returns process information. */
);
if (!ret)
{
if (!wpgmname || !wcmdline)
log_error ("CreateProcess failed (utf8_to_wchar): %s\n",
strerror (errno));
else
log_error ("CreateProcess(detached) failed: %d\n",
(int)GetLastError ());
xfree (wpgmname);
xfree (wcmdline);
xfree (cmdline);
return GPG_ERR_GENERAL;
}
xfree (wpgmname);
xfree (wcmdline);
xfree (cmdline);
log_debug ("CreateProcess(detached) ready: hProcess=%p hThread=%p"
" dwProcessID=%d dwThreadId=%d\n",
pi.hProcess, pi.hThread,
(int) pi.dwProcessId, (int) pi.dwThreadId);
CloseHandle (pi.hThread);
CloseHandle (pi.hProcess);
process->hProcess = INVALID_HANDLE_VALUE;
process->hd_in = INVALID_HANDLE_VALUE;
process->hd_out = INVALID_HANDLE_VALUE;
process->hd_err = INVALID_HANDLE_VALUE;
process->exitcode = -1;
process->terminated = 1;
return 0;
}
gpg_err_code_t
gnupg_process_spawn (const char *pgmname, const char *argv[],
unsigned int flags,
int (*spawn_cb) (struct spawn_cb_arg *),
void *spawn_cb_arg,
gnupg_process_t *r_process)
{
gpg_err_code_t ec;
gnupg_process_t process;
SECURITY_ATTRIBUTES sec_attr;
PROCESS_INFORMATION pi = { NULL, 0, 0, 0 };
STARTUPINFOW si;
int cr_flags;
char *cmdline;
wchar_t *wcmdline = NULL;
wchar_t *wpgmname = NULL;
int ret;
int ask_inherit = 0;
HANDLE hd_in[2];
HANDLE hd_out[2];
HANDLE hd_err[2];
check_syscall_func ();
*r_process = NULL;
/* Build the command line. */
ec = build_w32_commandline (pgmname, argv, &cmdline);
if (ec)
return ec;
process = xtrymalloc (sizeof (struct gnupg_process));
if (process == NULL)
return gpg_err_code_from_syserror ();
process->pgmname = pgmname;
process->flags = flags;
if ((flags & GNUPG_PROCESS_DETACHED))
{
if ((flags & GNUPG_PROCESS_STDFDS_SETTING))
{
xfree (process);
xfree (cmdline);
return GPG_ERR_INV_FLAG;
}
*r_process = process;
return spawn_detached (process, pgmname, cmdline, spawn_cb, spawn_cb_arg);
}
if ((flags & GNUPG_PROCESS_STDINOUT_SOCKETPAIR))
{
xfree (process);
xfree (cmdline);
return GPG_ERR_NOT_SUPPORTED;
}
if ((flags & GNUPG_PROCESS_STDIN_PIPE))
{
ec = create_inheritable_pipe (hd_in, INHERIT_READ);
if (ec)
{
xfree (process);
xfree (cmdline);
return ec;
}
}
else if ((flags & GNUPG_PROCESS_STDIN_NULL))
{
hd_in[0] = w32_open_null (0);
hd_in[1] = INVALID_HANDLE_VALUE;
}
else
{
hd_in[0] = GetStdHandle (STD_INPUT_HANDLE);
hd_in[1] = INVALID_HANDLE_VALUE;
}
if ((flags & GNUPG_PROCESS_STDOUT_PIPE))
{
ec = create_inheritable_pipe (hd_out, INHERIT_WRITE);
if (ec)
{
if (hd_in[0] != INVALID_HANDLE_VALUE)
CloseHandle (hd_in[0]);
if (hd_in[1] != INVALID_HANDLE_VALUE)
CloseHandle (hd_in[1]);
xfree (process);
xfree (cmdline);
return ec;
}
}
else if ((flags & GNUPG_PROCESS_STDOUT_NULL))
{
hd_out[0] = INVALID_HANDLE_VALUE;
hd_out[1] = w32_open_null (1);
}
else
{
hd_out[0] = INVALID_HANDLE_VALUE;
hd_out[1] = GetStdHandle (STD_OUTPUT_HANDLE);
}
if ((flags & GNUPG_PROCESS_STDERR_PIPE))
{
ec = create_inheritable_pipe (hd_err, INHERIT_WRITE);
if (ec)
{
if (hd_in[0] != INVALID_HANDLE_VALUE)
CloseHandle (hd_in[0]);
if (hd_in[1] != INVALID_HANDLE_VALUE)
CloseHandle (hd_in[1]);
if (hd_out[0] != INVALID_HANDLE_VALUE)
CloseHandle (hd_out[0]);
if (hd_out[1] != INVALID_HANDLE_VALUE)
CloseHandle (hd_out[1]);
xfree (process);
xfree (cmdline);
return ec;
}
}
else if ((flags & GNUPG_PROCESS_STDERR_NULL))
{
hd_err[0] = INVALID_HANDLE_VALUE;
hd_err[1] = w32_open_null (1);
}
else
{
hd_err[0] = INVALID_HANDLE_VALUE;
hd_err[1] = GetStdHandle (STD_ERROR_HANDLE);
}
if (spawn_cb)
{
struct spawn_cb_arg arg;
arg.std_fds[0] = arg.std_fds[1] = arg.std_fds[2] = -1;
arg.arg = spawn_cb_arg;
ask_inherit = (*spawn_cb) (&arg);
}
/* Prepare security attributes. */
memset (&sec_attr, 0, sizeof sec_attr );
sec_attr.nLength = sizeof sec_attr;
if (ask_inherit)
sec_attr.bInheritHandle = TRUE;
else
sec_attr.bInheritHandle = FALSE;
/* Start the process. */
memset (&si, 0, sizeof si);
si.cb = sizeof (si);
si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW;
si.wShowWindow = DEBUG_W32_SPAWN? SW_SHOW : SW_HIDE;
si.hStdInput = hd_in[0];
si.hStdOutput = hd_out[1];
si.hStdError = hd_err[1];
log_debug ("CreateProcess, path='%s' cmdline='%s'\n",
pgmname, cmdline);
cr_flags = (CREATE_DEFAULT_ERROR_MODE
| GetPriorityClass (GetCurrentProcess ())
| CREATE_SUSPENDED);
if (!(wpgmname = utf8_to_wchar (pgmname)))
ret = 0;
else if (!(wcmdline = utf8_to_wchar (cmdline)))
ret = 0;
else
ret = CreateProcessW (wpgmname, /* Program to start. */
wcmdline, /* Command line arguments. */
&sec_attr, /* Process security attributes. */
&sec_attr, /* Thread security attributes. */
TRUE, /* Inherit handles. */
cr_flags, /* Creation flags. */
NULL, /* Environment. */
NULL, /* Use current drive/directory. */
&si, /* Startup information. */
&pi /* Returns process information. */
);
if (!ret)
{
if (!wpgmname || !wcmdline)
log_error ("CreateProcess failed (utf8_to_wchar): %s\n",
strerror (errno));
else
log_error ("CreateProcess failed: ec=%d\n",
(int)GetLastError ());
if (hd_in[0] != INVALID_HANDLE_VALUE)
CloseHandle (hd_in[0]);
if (hd_in[1] != INVALID_HANDLE_VALUE)
CloseHandle (hd_in[1]);
if (hd_out[0] != INVALID_HANDLE_VALUE)
CloseHandle (hd_out[0]);
if (hd_out[1] != INVALID_HANDLE_VALUE)
CloseHandle (hd_out[1]);
if (hd_err[0] != INVALID_HANDLE_VALUE)
CloseHandle (hd_err[0]);
if (hd_err[1] != INVALID_HANDLE_VALUE)
CloseHandle (hd_err[1]);
xfree (wpgmname);
xfree (wcmdline);
xfree (process);
xfree (cmdline);
return GPG_ERR_GENERAL;
}
xfree (wpgmname);
xfree (wcmdline);
xfree (cmdline);
if (hd_in[0] != INVALID_HANDLE_VALUE)
CloseHandle (hd_in[0]);
if (hd_out[1] != INVALID_HANDLE_VALUE)
CloseHandle (hd_out[1]);
if (hd_err[1] != INVALID_HANDLE_VALUE)
CloseHandle (hd_err[1]);
log_debug ("CreateProcess ready: hProcess=%p hThread=%p"
" dwProcessID=%d dwThreadId=%d\n",
pi.hProcess, pi.hThread,
(int) pi.dwProcessId, (int) pi.dwThreadId);
if ((flags & GNUPG_PROCESS_WINDOWS_ASFW))
{
/* Fixme: For unknown reasons AllowSetForegroundWindow returns
* an invalid argument error if we pass it the correct
* processID. As a workaround we use -1 (ASFW_ANY). */
if (!AllowSetForegroundWindow (ASFW_ANY /*pi.dwProcessId*/))
log_info ("AllowSetForegroundWindow() failed: ec=%d\n",
(int)GetLastError ());
}
/* Process has been created suspended; resume it now. */
pre_syscall ();
ResumeThread (pi.hThread);
CloseHandle (pi.hThread);
post_syscall ();
process->hProcess = pi.hProcess;
process->hd_in = hd_in[1];
process->hd_out = hd_out[0];
process->hd_err = hd_err[0];
process->exitcode = -1;
process->terminated = 0;
*r_process = process;
return 0;
}
gpg_err_code_t
gnupg_process_get_fds (gnupg_process_t process, unsigned int flags,
int *r_fd_in, int *r_fd_out, int *r_fd_err)
{
(void)flags;
if (r_fd_in)
{
*r_fd_in = _open_osfhandle ((intptr_t)process->hd_in, O_APPEND);
process->hd_in = INVALID_HANDLE_VALUE;
}
if (r_fd_out)
{
*r_fd_out = _open_osfhandle ((intptr_t)process->hd_out, O_RDONLY);
process->hd_out = INVALID_HANDLE_VALUE;
}
if (r_fd_err)
{
*r_fd_err = _open_osfhandle ((intptr_t)process->hd_err, O_RDONLY);
process->hd_err = INVALID_HANDLE_VALUE;
}
return 0;
}
gpg_err_code_t
gnupg_process_get_streams (gnupg_process_t process, unsigned int flags,
estream_t *r_fp_in, estream_t *r_fp_out,
estream_t *r_fp_err)
{
int nonblock = (flags & GNUPG_PROCESS_STREAM_NONBLOCK)? 1: 0;
es_syshd_t syshd;
syshd.type = ES_SYSHD_HANDLE;
if (r_fp_in)
{
syshd.u.handle = process->hd_in;
*r_fp_in = es_sysopen (&syshd, nonblock? "w,nonblock" : "w");
process->hd_in = INVALID_HANDLE_VALUE;
}
if (r_fp_out)
{
syshd.u.handle = process->hd_out;
*r_fp_out = es_sysopen (&syshd, nonblock? "r,nonblock" : "r");
process->hd_out = INVALID_HANDLE_VALUE;
}
if (r_fp_err)
{
syshd.u.handle = process->hd_err;
*r_fp_err = es_sysopen (&syshd, nonblock? "r,nonblock" : "r");
process->hd_err = INVALID_HANDLE_VALUE;
}
return 0;
}
static gpg_err_code_t
process_kill (gnupg_process_t process, unsigned int exitcode)
{
gpg_err_code_t ec = 0;
pre_syscall ();
if (TerminateProcess (process->hProcess, exitcode))
ec = gpg_err_code_from_syserror ();
post_syscall ();
return ec;
}
static gpg_err_code_t
process_vctl (gnupg_process_t process, unsigned int request, va_list arg_ptr)
{
switch (request)
{
case GNUPG_PROCESS_NOP:
return 0;
case GNUPG_PROCESS_GET_ID:
{
int *r_id = va_arg (arg_ptr, int *);
if (r_id == NULL)
return GPG_ERR_INV_VALUE;
*r_id = (int)process->hProcess;
return 0;
}
case GNUPG_PROCESS_GET_EXIT_ID:
{
int *r_exit_status = va_arg (arg_ptr, int *);
unsigned long exit_code;
*r_exit_status = -1;
if (!process->terminated)
return GPG_ERR_UNFINISHED;
if (process->hProcess == INVALID_HANDLE_VALUE)
return 0;
if (GetExitCodeProcess (process->hProcess, &exit_code))
return gpg_err_code_from_syserror ();
*r_exit_status = (int)exit_code;
return 0;
}
case GNUPG_PROCESS_GET_P_HANDLE:
{
HANDLE *r_hProcess = va_arg (arg_ptr, HANDLE *);
if (r_hProcess == NULL)
return GPG_ERR_INV_VALUE;
*r_hProcess = process->hProcess;
process->hProcess = INVALID_HANDLE_VALUE;
return 0;
}
case GNUPG_PROCESS_GET_HANDLES:
{
HANDLE *r_hd_in = va_arg (arg_ptr, HANDLE *);
HANDLE *r_hd_out = va_arg (arg_ptr, HANDLE *);
HANDLE *r_hd_err = va_arg (arg_ptr, HANDLE *);
if (r_hd_in)
{
*r_hd_in = process->hd_in;
process->hd_in = INVALID_HANDLE_VALUE;
}
if (r_hd_out)
{
*r_hd_out = process->hd_out;
process->hd_out = INVALID_HANDLE_VALUE;
}
if (r_hd_err)
{
*r_hd_err = process->hd_err;
process->hd_err = INVALID_HANDLE_VALUE;
}
return 0;
}
case GNUPG_PROCESS_GET_EXIT_CODE:
{
unsigned long *r_exitcode = va_arg (arg_ptr, unsigned long *);
if (!process->terminated)
return GPG_ERR_UNFINISHED;
if (process->hProcess == INVALID_HANDLE_VALUE)
{
*r_exitcode = (unsigned long)-1;
return 0;
}
if (GetExitCodeProcess (process->hProcess, r_exitcode))
return gpg_err_code_from_syserror ();
return 0;
}
case GNUPG_PROCESS_KILL_WITH_EC:
{
unsigned int exitcode = va_arg (arg_ptr, unsigned int);
if (process->terminated)
return 0;
if (process->hProcess == INVALID_HANDLE_VALUE)
return 0;
return process_kill (process, exitcode);
}
default:
break;
}
return GPG_ERR_UNKNOWN_COMMAND;
}
gpg_err_code_t
gnupg_process_ctl (gnupg_process_t process, unsigned int request, ...)
{
va_list arg_ptr;
gpg_err_code_t ec;
va_start (arg_ptr, request);
ec = process_vctl (process, request, arg_ptr);
va_end (arg_ptr);
return ec;
}
gpg_err_code_t
gnupg_process_wait (gnupg_process_t process, int hang)
{
gpg_err_code_t ec;
int code;
if (process->hProcess == INVALID_HANDLE_VALUE)
return 0;
pre_syscall ();
code = WaitForSingleObject (process->hProcess, hang? INFINITE : 0);
post_syscall ();
switch (code)
{
case WAIT_TIMEOUT:
ec = GPG_ERR_TIMEOUT; /* Still running. */
break;
case WAIT_FAILED:
log_error (_("waiting for process to terminate failed: ec=%d\n"),
(int)GetLastError ());
ec = GPG_ERR_GENERAL;
break;
case WAIT_OBJECT_0:
process->terminated = 1;
ec = 0;
break;
default:
log_debug ("WaitForSingleObject returned unexpected code %d\n",
code);
ec = GPG_ERR_GENERAL;
break;
}
return ec;
}
gpg_err_code_t
gnupg_process_terminate (gnupg_process_t process)
{
return process_kill (process, 1);
}
void
gnupg_process_release (gnupg_process_t process)
{
if (process->terminated)
gnupg_process_wait (process, 0);
xfree (process);
}
gpg_err_code_t
gnupg_process_wait_list (gnupg_process_t *process_list, int count, int hang)
{
gpg_err_code_t ec = 0;
int i;
for (i = 0; i < count; i++)
{
if (process_list[i]->terminated)
continue;
ec = gnupg_process_wait (process_list[i], hang);
if (ec)
break;
}
return ec;
}

87
common/exechelp.h
View File

@ -207,6 +207,93 @@ gpg_error_t gnupg_spawn_process_detached (const char *pgmname,
const char *argv[],
const char *envp[] );
/* The opaque type for a subprocess. */
typedef struct gnupg_process *gnupg_process_t;
struct spawn_cb_arg {
int std_fds[3];
void *arg;
};
/* Internal flag to ihnerit file descriptor/handle */
#define GNUPG_PROCESS_INHERIT_FILE (1 << 0)
#define GNUPG_PROCESS_DETACHED (1 << 1)
/**/
#define GNUPG_PROCESS_WINDOWS_ASFW (1 << 7)
/* Specify how to keep/connect standard fds. */
#define GNUPG_PROCESS_STDIN_PIPE (1 << 8)
#define GNUPG_PROCESS_STDOUT_PIPE (1 << 9)
#define GNUPG_PROCESS_STDERR_PIPE (1 << 10)
#define GNUPG_PROCESS_STDINOUT_SOCKETPAIR (1 << 11)
#define GNUPG_PROCESS_STDIN_NULL (1 << 12)
#define GNUPG_PROCESS_STDOUT_NULL (1 << 13)
#define GNUPG_PROCESS_STDERR_NULL (1 << 14)
#define GNUPG_PROCESS_STDFDS_SETTING ( GNUPG_PROCESS_STDIN_PIPE \
| GNUPG_PROCESS_STDOUT_PIPE | GNUPG_PROCESS_STDERR_PIPE \
| GNUPG_PROCESS_STDINOUT_SOCKETPAIR | GNUPG_PROCESS_STDIN_NULL \
| GNUPG_PROCESS_STDOUT_NULL | GNUPG_PROCESS_STDERR_NULL)
#define GNUPG_PROCESS_STREAM_NONBLOCK (1 << 16)
/* Spawn PGMNAME. */
gpg_err_code_t gnupg_process_spawn (const char *pgmname, const char *argv[],
unsigned int flags,
int (*spawn_cb) (struct spawn_cb_arg *),
void *spawn_cb_arg,
gnupg_process_t *r_process);
/* Get FDs for subprocess I/O. It is the caller which should care
FDs (closing FDs). */
gpg_err_code_t gnupg_process_get_fds (gnupg_process_t process,
unsigned int flags,
int *r_fd_in, int *r_fd_out,
int *r_fd_err);
/* Get STREAMs for subprocess I/O. It is the caller which should care
STREAMs (closing STREAMs). */
gpg_err_code_t gnupg_process_get_streams (gnupg_process_t process,
unsigned int flags,
gpgrt_stream_t *r_fp_in,
gpgrt_stream_t *r_fp_out,
gpgrt_stream_t *r_fp_err);
enum gnupg_process_requests
{
/* Portable requests */
GNUPG_PROCESS_NOP = 0,
GNUPG_PROCESS_GET_ID = 1,
GNUPG_PROCESS_GET_EXIT_ID = 2,
/* POSIX only */
GNUPG_PROCESS_GET_PID = 16,
GNUPG_PROCESS_GET_WSTATUS = 17,
GNUPG_PROCESS_KILL = 18,
/* Windows only */
GNUPG_PROCESS_GET_P_HANDLE = 32,
GNUPG_PROCESS_GET_HANDLES = 33,
GNUPG_PROCESS_GET_EXIT_CODE = 34,
GNUPG_PROCESS_KILL_WITH_EC = 35
};
/* Control of a process. */
gpg_err_code_t gnupg_process_ctl (gnupg_process_t process,
unsigned int request, ...);
/* Wait for a single PROCESS. */
gpg_err_code_t gnupg_process_wait (gnupg_process_t process, int hang);
/* Terminate a PROCESS. */
gpg_err_code_t gnupg_process_terminate (gnupg_process_t process);
/* Release PROCESS resources. */
void gnupg_process_release (gnupg_process_t process);
/* Wait for a multiple processes. */
gpg_err_code_t gnupg_process_wait_list (gnupg_process_t *process_list,
int count, int hang);
#endif /*GNUPG_COMMON_EXECHELP_H*/

67
common/exectool.c
View File

@ -301,6 +301,38 @@ copy_buffer_flush (struct copy_buffer *c, estream_t sink)
}
static int
close_all_except (struct spawn_cb_arg *arg)
{
int except[32];
int i = 0;
int fd_in = arg->std_fds[0];
int fd_out = arg->std_fds[1];
int fd_err = arg->std_fds[2];
int *exceptclose = arg->arg;
if (fd_in >= 0)
except[i++] = fd_in;
if (fd_out >= 0)
except[i++] = fd_out;
if (fd_err >= 0)
except[i++] = fd_err;
for (; i < 31; i++)
{
int fd = *exceptclose++;
if (fd < 0)
break;
else
except[i] = fd;
}
except[i++] = -1;
close_all_fds (3, except);
return 1;
}
/* Run the program PGMNAME with the command line arguments given in
* the NULL terminates array ARGV. If INPUT is not NULL it will be
@ -321,7 +353,7 @@ gnupg_exec_tool_stream (const char *pgmname, const char *argv[],
void *status_cb_value)
{
gpg_error_t err;
pid_t pid = (pid_t) -1;
gnupg_process_t proc = NULL;
estream_t infp = NULL;
estream_t extrafp = NULL;
estream_t outfp = NULL, errfp = NULL;
@ -335,7 +367,6 @@ gnupg_exec_tool_stream (const char *pgmname, const char *argv[],
read_and_log_buffer_t fderrstate;
struct copy_buffer *cpbuf_in = NULL, *cpbuf_out = NULL, *cpbuf_extra = NULL;
int quiet = 0;
int dummy_exitcode;
memset (fds, 0, sizeof fds);
memset (&fderrstate, 0, sizeof fderrstate);
@ -411,10 +442,15 @@ gnupg_exec_tool_stream (const char *pgmname, const char *argv[],
else
exceptclose[0] = -1;
err = gnupg_spawn_process (pgmname, argv,
exceptclose, GNUPG_SPAWN_NONBLOCK,
input? &infp : NULL,
&outfp, &errfp, &pid);
err = gnupg_process_spawn (pgmname, argv,
((input
? GNUPG_PROCESS_STDIN_PIPE
: GNUPG_PROCESS_STDIN_NULL)
| GNUPG_PROCESS_STDOUT_PIPE
| GNUPG_PROCESS_STDERR_PIPE),
close_all_except, exceptclose, &proc);
gnupg_process_get_streams (proc, GNUPG_PROCESS_STREAM_NONBLOCK,
input? &infp : NULL, &outfp, &errfp);
if (extrapipe[0] != -1)
close (extrapipe[0]);
if (argsave)
@ -546,20 +582,25 @@ gnupg_exec_tool_stream (const char *pgmname, const char *argv[],
es_fclose (outfp); outfp = NULL;
es_fclose (errfp); errfp = NULL;
err = gnupg_wait_process (pgmname, pid, 1, quiet? &dummy_exitcode : NULL);
pid = (pid_t)(-1);
err = gnupg_process_wait (proc, 1);
if (!err)
{ /* To be compatible to old wait_process. */
int status;
gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &status);
if (status)
err = gpg_error (GPG_ERR_GENERAL);
}
leave:
if (err && pid != (pid_t) -1)
gnupg_kill_process (pid);
if (err && proc)
gnupg_process_terminate (proc);
es_fclose (infp);
es_fclose (extrafp);
es_fclose (outfp);
es_fclose (errfp);
if (pid != (pid_t)(-1))
gnupg_wait_process (pgmname, pid, 1, quiet? &dummy_exitcode : NULL);
gnupg_release_process (pid);
gnupg_process_release (proc);
copy_buffer_shred (cpbuf_in);
xfree (cpbuf_in);

80
dirmngr/ldap-wrapper.c
View File

@ -87,7 +87,7 @@ struct wrapper_context_s
{
struct wrapper_context_s *next;
pid_t pid; /* The pid of the wrapper process. */
gnupg_process_t proc;/* The wrapper process. */
int printable_pid; /* Helper to print diagnostics after the process has
* been cleaned up. */
estream_t fp; /* Connected with stdout of the ldap wrapper. */
@ -170,10 +170,10 @@ read_buffer (ksba_reader_t reader, unsigned char *buffer, size_t count)
static void
destroy_wrapper (struct wrapper_context_s *ctx)
{
if (ctx->pid != (pid_t)(-1))
if (ctx->proc)
{
gnupg_kill_process (ctx->pid);
gnupg_release_process (ctx->pid);
gnupg_process_terminate (ctx->proc);
gnupg_process_release (ctx->proc);
}
ksba_reader_release (ctx->reader);
SAFE_CLOSE (ctx->fp);
@ -260,7 +260,7 @@ read_log_data (struct wrapper_context_s *ctx)
if (gpg_err_code (err) == GPG_ERR_EAGAIN)
return 0;
log_error (_("error reading log from ldap wrapper %d: %s\n"),
(int)ctx->pid, gpg_strerror (err));
(int)ctx->printable_pid, gpg_strerror (err));
}
print_log_line (ctx, NULL); /* Flush. */
SAFE_CLOSE (ctx->log_fp);
@ -438,50 +438,44 @@ ldap_reaper_thread (void *dummy)
}
/* Check whether the process is still running. */
if (ctx->pid != (pid_t)(-1))
if (ctx->proc)
{
int status;
err = gnupg_wait_process ("[dirmngr_ldap]", ctx->pid, 0,
&status);
err = gnupg_process_wait (ctx->proc, 0);
if (!err)
{
int status;
gnupg_process_ctl (ctx->proc,
GNUPG_PROCESS_GET_EXIT_ID, &status);
if (DBG_EXTPROG)
log_info (_("ldap wrapper %d ready"), (int)ctx->pid);
log_info (_("ldap wrapper %d ready"), (int)ctx->printable_pid);
ctx->ready = 1;
gnupg_release_process (ctx->pid);
ctx->pid = (pid_t)(-1);
gnupg_process_release (ctx->proc);
ctx->proc = NULL;
any_action = 1;
}
else if (gpg_err_code (err) == GPG_ERR_GENERAL)
{
if (status == 10)
log_info (_("ldap wrapper %d ready: timeout\n"),
(int)ctx->pid);
(int)ctx->printable_pid);
else
log_info (_("ldap wrapper %d ready: exitcode=%d\n"),
(int)ctx->pid, status);
ctx->ready = 1;
gnupg_release_process (ctx->pid);
ctx->pid = (pid_t)(-1);
any_action = 1;
(int)ctx->printable_pid, status);
}
else if (gpg_err_code (err) != GPG_ERR_TIMEOUT)
{
log_error (_("waiting for ldap wrapper %d failed: %s\n"),
(int)ctx->pid, gpg_strerror (err));
(int)ctx->printable_pid, gpg_strerror (err));
any_action = 1;
}
}
/* Check whether we should terminate the process. */
if (ctx->pid != (pid_t)(-1)
&& ctx->stamp != (time_t)(-1) && ctx->stamp < exptime)
if (ctx->proc && ctx->stamp != (time_t)(-1) && ctx->stamp < exptime)
{
gnupg_kill_process (ctx->pid);
gnupg_process_terminate (ctx->proc);
ctx->stamp = (time_t)(-1);
log_info (_("ldap wrapper %d stalled - killing\n"),
(int)ctx->pid);
(int)ctx->printable_pid);
/* We need to close the log stream because the cleanup
* loop waits for it. */
SAFE_CLOSE (ctx->log_fp);
@ -496,10 +490,10 @@ ldap_reaper_thread (void *dummy)
{
log_debug ("ldap worker states:\n");
for (ctx = reaper_list; ctx; ctx = ctx->next)
log_debug (" c=%p pid=%d/%d rdr=%p logfp=%p"
log_debug (" c=%p pid=%d rdr=%p logfp=%p"
" ctrl=%p/%d la=%lu rdy=%d\n",
ctx,
(int)ctx->pid, (int)ctx->printable_pid,
(int)ctx->printable_pid,
ctx->reader, ctx->log_fp,
ctx->ctrl, ctx->ctrl? ctx->ctrl->refcount:0,
(unsigned long)ctx->stamp, ctx->ready);
@ -602,9 +596,9 @@ ldap_wrapper_release_context (ksba_reader_t reader)
if (ctx->reader == reader)
{
if (DBG_EXTPROG)
log_debug ("releasing ldap worker c=%p pid=%d/%d rdr=%p"
log_debug ("releasing ldap worker c=%p pid=%d rdr=%p"
" ctrl=%p/%d\n", ctx,
(int)ctx->pid, (int)ctx->printable_pid,
(int)ctx->printable_pid,
ctx->reader,
ctx->ctrl, ctx->ctrl? ctx->ctrl->refcount:0);
@ -639,8 +633,8 @@ ldap_wrapper_connection_cleanup (ctrl_t ctrl)
{
ctx->ctrl->refcount--;
ctx->ctrl = NULL;
if (ctx->pid != (pid_t)(-1))
gnupg_kill_process (ctx->pid);
if (ctx->proc)
gnupg_process_terminate (ctx->proc);
if (ctx->fp_err)
log_info ("%s: reading from ldap wrapper %d failed: %s\n",
__func__, ctx->printable_pid, gpg_strerror (ctx->fp_err));
@ -798,7 +792,7 @@ gpg_error_t
ldap_wrapper (ctrl_t ctrl, ksba_reader_t *reader, const char *argv[])
{
gpg_error_t err;
pid_t pid;
gnupg_process_t process;
struct wrapper_context_s *ctx;
int i;
int j;
@ -854,19 +848,23 @@ ldap_wrapper (ctrl_t ctrl, ksba_reader_t *reader, const char *argv[])
return err;
}
err = gnupg_spawn_process (pgmname, arg_list,
NULL, GNUPG_SPAWN_NONBLOCK,
NULL, &outfp, &errfp, &pid);
err = gnupg_process_spawn (pgmname, arg_list,
(GNUPG_PROCESS_STDIN_NULL
| GNUPG_PROCESS_STDOUT_PIPE
| GNUPG_PROCESS_STDERR_PIPE),
NULL, NULL, &process);
if (err)
{
xfree (arg_list);
xfree (arg_list);
xfree (ctx);
log_error ("error running '%s': %s\n", pgmname, gpg_strerror (err));
return err;
}
gnupg_process_get_streams (process, GNUPG_PROCESS_STREAM_NONBLOCK,
NULL, &outfp, &errfp);
gnupg_process_ctl (process, GNUPG_PROCESS_GET_ID, &ctx->printable_pid);
ctx->pid = pid;
ctx->printable_pid = (int) pid;
ctx->proc = process;
ctx->fp = outfp;
ctx->log_fp = errfp;
ctx->ctrl = ctrl;
@ -902,7 +900,7 @@ ldap_wrapper (ctrl_t ctrl, ksba_reader_t *reader, const char *argv[])
if (DBG_EXTPROG)
{
log_debug ("ldap wrapper %d started (%p, %s)",
(int)ctx->pid, ctx->reader, pgmname);
(int)ctx->printable_pid, ctx->reader, pgmname);
for (i=0; arg_list[i]; i++)
log_printf (" [%s]", arg_list[i]);
log_printf ("\n");

14
tools/gpg-card.c
View File

@ -3641,7 +3641,7 @@ cmd_gpg (card_info_t info, char *argstr, int use_gpgsm)
char **argarray;
ccparray_t ccp;
const char **argv = NULL;
pid_t pid;
gnupg_process_t proc;
int i;
if (!info)
@ -3669,15 +3669,13 @@ cmd_gpg (card_info_t info, char *argstr, int use_gpgsm)
goto leave;
}
err = gnupg_spawn_process (use_gpgsm? opt.gpgsm_program:opt.gpg_program,
argv, NULL, (GNUPG_SPAWN_KEEP_STDOUT
|GNUPG_SPAWN_KEEP_STDERR),
NULL, NULL, NULL, &pid);
err = gnupg_process_spawn (use_gpgsm? opt.gpgsm_program:opt.gpg_program,
argv, GNUPG_PROCESS_STDIN_NULL, NULL, NULL,
&proc);
if (!err)
{
err = gnupg_wait_process (use_gpgsm? opt.gpgsm_program:opt.gpg_program,
pid, 1, NULL);
gnupg_release_process (pid);
err = gnupg_process_wait (proc, 1);
gnupg_process_release (proc);
}

73
tools/gpgconf-comp.c
View File

@ -1336,8 +1336,7 @@ gc_component_check_options (int component, estream_t out, const char *conf_file)
const char *pgmname;
const char *argv[6];
int i;
pid_t pid;
int exitcode;
gnupg_process_t proc;
estream_t errfp;
error_line_t errlines;
@ -1370,22 +1369,30 @@ gc_component_check_options (int component, estream_t out, const char *conf_file)
result = 0;
errlines = NULL;
err = gnupg_spawn_process (pgmname, argv, NULL, 0,
NULL, NULL, &errfp, &pid);
err = gnupg_process_spawn (pgmname, argv,
(GNUPG_PROCESS_STDIN_NULL
| GNUPG_PROCESS_STDOUT_NULL
| GNUPG_PROCESS_STDERR_PIPE),
NULL, NULL, &proc);
if (err)
result |= 1; /* Program could not be run. */
else
{
gnupg_process_get_streams (proc, 0, NULL, NULL, &errfp);
errlines = collect_error_output (errfp,
gc_component[component].name);
if (gnupg_wait_process (pgmname, pid, 1, &exitcode))
if (!gnupg_process_wait (proc, 1))
{
int exitcode;
gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &exitcode);
if (exitcode == -1)
result |= 1; /* Program could not be run or it
terminated abnormally. */
result |= 2; /* Program returned an error. */
else if (exitcode)
result |= 2; /* Program returned an error. */
}
gnupg_release_process (pid);
gnupg_process_release (proc);
es_fclose (errfp);
}
@ -1725,8 +1732,7 @@ retrieve_options_from_program (gc_component_id_t component, int only_installed)
const char *pgmname;
const char *argv[2];
estream_t outfp;
int exitcode;
pid_t pid;
gnupg_process_t proc;
known_option_t *known_option;
gc_option_t *option;
char *line = NULL;
@ -1759,14 +1765,19 @@ retrieve_options_from_program (gc_component_id_t component, int only_installed)
/* First we need to read the option table from the program. */
argv[0] = "--dump-option-table";
argv[1] = NULL;
err = gnupg_spawn_process (pgmname, argv, NULL, 0,
NULL, &outfp, NULL, &pid);
err = gnupg_process_spawn (pgmname, argv,
(GNUPG_PROCESS_STDIN_NULL
| GNUPG_PROCESS_STDOUT_PIPE
| GNUPG_PROCESS_STDERR_NULL),
NULL, NULL, &proc);
if (err)
{
gc_error (1, 0, "could not gather option table from '%s': %s",
pgmname, gpg_strerror (err));
}
gnupg_process_get_streams (proc, 0, NULL, &outfp, NULL);
read_line_parm.pgmname = pgmname;
read_line_parm.fp = outfp;
read_line_parm.line = line;
@ -1925,12 +1936,17 @@ retrieve_options_from_program (gc_component_id_t component, int only_installed)
line_len = read_line_parm.line_len;
log_assert (opt_table_used + pseudo_count == opt_info_used);
err = gnupg_process_wait (proc, 1);
if (!err)
{
int exitcode;
err = gnupg_wait_process (pgmname, pid, 1, &exitcode);
if (err)
gc_error (1, 0, "running %s failed (exitcode=%d): %s",
pgmname, exitcode, gpg_strerror (err));
gnupg_release_process (pid);
gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &exitcode);
if (exitcode)
gc_error (1, 0, "running %s failed (exitcode=%d): %s",
pgmname, exitcode, gpg_strerror (err));
}
gnupg_process_release (proc);
/* Make the gpgrt option table and the internal option table available. */
gc_component[component].opt_table = opt_table;
@ -1940,14 +1956,19 @@ retrieve_options_from_program (gc_component_id_t component, int only_installed)
/* Now read the default options. */
argv[0] = "--gpgconf-list";
argv[1] = NULL;
err = gnupg_spawn_process (pgmname, argv, NULL, 0,
NULL, &outfp, NULL, &pid);
err = gnupg_process_spawn (pgmname, argv,
(GNUPG_PROCESS_STDIN_NULL
| GNUPG_PROCESS_STDOUT_PIPE
| GNUPG_PROCESS_STDERR_NULL),
NULL, NULL, &proc);
if (err)
{
gc_error (1, 0, "could not gather active options from '%s': %s",
pgmname, gpg_strerror (err));
}
gnupg_process_get_streams (proc, 0, NULL, &outfp, NULL);
while ((length = es_read_line (outfp, &line, &line_len, NULL)) > 0)
{
char *linep;
@ -2030,11 +2051,17 @@ retrieve_options_from_program (gc_component_id_t component, int only_installed)
if (es_fclose (outfp))
gc_error (1, errno, "error closing %s", pgmname);
err = gnupg_wait_process (pgmname, pid, 1, &exitcode);
if (err)
gc_error (1, 0, "running %s failed (exitcode=%d): %s",
pgmname, exitcode, gpg_strerror (err));
gnupg_release_process (pid);
err = gnupg_process_wait (proc, 1);
if (!err)
{
int exitcode;
gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &exitcode);
if (exitcode)
gc_error (1, 0, "running %s failed (exitcode=%d): %s",
pgmname, exitcode, gpg_strerror (err));
}
gnupg_process_release (proc);
/* At this point, we can parse the configuration file. */

20
tools/gpgconf.c
View File

@ -1173,17 +1173,19 @@ show_versions_via_dirmngr (estream_t fp)
const char *pgmname;
const char *argv[2];
estream_t outfp;
pid_t pid;
gnupg_process_t proc;
char *line = NULL;
size_t line_len = 0;
ssize_t length;
int exitcode;
pgmname = gnupg_module_name (GNUPG_MODULE_NAME_DIRMNGR);
argv[0] = "--gpgconf-versions";
argv[1] = NULL;
err = gnupg_spawn_process (pgmname, argv, NULL, 0,
NULL, &outfp, NULL, &pid);
err = gnupg_process_spawn (pgmname, argv,
(GNUPG_PROCESS_STDIN_NULL
| GNUPG_PROCESS_STDOUT_PIPE
| GNUPG_PROCESS_STDERR_NULL),
NULL, NULL, &proc);
if (err)
{
log_error ("error spawning %s: %s", pgmname, gpg_strerror (err));
@ -1191,6 +1193,7 @@ show_versions_via_dirmngr (estream_t fp)
return;
}
gnupg_process_get_streams (proc, 0, NULL, &outfp, NULL);
while ((length = es_read_line (outfp, &line, &line_len, NULL)) > 0)
{
/* Strip newline and carriage return, if present. */
@ -1211,14 +1214,17 @@ show_versions_via_dirmngr (estream_t fp)
pgmname, gpg_strerror (err));
}
err = gnupg_wait_process (pgmname, pid, 1, &exitcode);
if (err)
err = gnupg_process_wait (proc, 1);
if (!err)
{
int exitcode;
gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &exitcode);
log_error ("running %s failed (exitcode=%d): %s\n",
pgmname, exitcode, gpg_strerror (err));
es_fprintf (fp, "[error: can't get further info]\n");
}
gnupg_release_process (pid);
gnupg_process_release (proc);
xfree (line);
}

29
tools/gpgtar-create.c
View File

@ -994,7 +994,7 @@ gpgtar_create (char **inpattern, const char *files_from, int null_names,
estream_t files_from_stream = NULL;
estream_t outstream = NULL;
int eof_seen = 0;
pid_t pid = (pid_t)(-1);
gnupg_process_t proc = NULL;
memset (scanctrl, 0, sizeof *scanctrl);
scanctrl->flist_tail = &scanctrl->flist;
@ -1195,13 +1195,12 @@ gpgtar_create (char **inpattern, const char *files_from, int null_names,
goto leave;
}
err = gnupg_spawn_process (opt.gpg_program, argv, NULL,
(GNUPG_SPAWN_KEEP_STDOUT
| GNUPG_SPAWN_KEEP_STDERR),
&outstream, NULL, NULL, &pid);
err = gnupg_process_spawn (opt.gpg_program, argv,
GNUPG_PROCESS_STDIN_PIPE, NULL, NULL, &proc);
xfree (argv);
if (err)
goto leave;
gnupg_process_get_streams (proc, 0, &outstream, NULL, NULL);
es_set_binary (outstream);
}
else if (opt.outfile) /* No crypto */
@ -1237,30 +1236,32 @@ gpgtar_create (char **inpattern, const char *files_from, int null_names,
goto leave;
if (pid != (pid_t)(-1))
if (proc)
{
int exitcode;
err = es_fclose (outstream);
outstream = NULL;
if (err)
log_error ("error closing pipe: %s\n", gpg_strerror (err));
else
err = gnupg_process_wait (proc, 1);
if (!err)
{
err = gnupg_wait_process (opt.gpg_program, pid, 1, &exitcode);
if (err)
int exitcode;
gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &exitcode);
if (exitcode)
log_error ("running %s failed (exitcode=%d): %s",
opt.gpg_program, exitcode, gpg_strerror (err));
gnupg_release_process (pid);
pid = (pid_t)(-1);
}
gnupg_process_release (proc);
proc = NULL;
}
leave:
if (!err)
{
gpg_error_t first_err;
if (outstream != es_stdout || pid != (pid_t)(-1))
if (outstream != es_stdout)
first_err = es_fclose (outstream);
else
first_err = es_fflush (outstream);

30
tools/gpgtar-extract.c
View File

@ -324,7 +324,7 @@ gpgtar_extract (const char *filename, int decrypt)
char *dirname = NULL;
struct tarinfo_s tarinfo_buffer;
tarinfo_t tarinfo = &tarinfo_buffer;
pid_t pid = (pid_t)(-1);
gnupg_process_t proc;
char *logfilename = NULL;
@ -408,13 +408,14 @@ gpgtar_extract (const char *filename, int decrypt)
goto leave;
}
err = gnupg_spawn_process (opt.gpg_program, argv, NULL,
((filename? 0 : GNUPG_SPAWN_KEEP_STDIN)
| GNUPG_SPAWN_KEEP_STDERR),
NULL, &stream, NULL, &pid);
err = gnupg_process_spawn (opt.gpg_program, argv,
((filename ? GNUPG_PROCESS_STDIN_NULL : 0)
| GNUPG_PROCESS_STDOUT_PIPE),
NULL, NULL, &proc);
xfree (argv);
if (err)
goto leave;
gnupg_process_get_streams (proc, 0, NULL, &stream, NULL);
es_set_binary (stream);
}
else if (filename)
@ -454,26 +455,27 @@ gpgtar_extract (const char *filename, int decrypt)
header = NULL;
}
if (pid != (pid_t)(-1))
if (proc)
{
int exitcode;
err = es_fclose (stream);
stream = NULL;
if (err)
log_error ("error closing pipe: %s\n", gpg_strerror (err));
else
err = gnupg_process_wait (proc, 1);
if (!err)
{
err = gnupg_wait_process (opt.gpg_program, pid, 1, &exitcode);
if (err)
int exitcode;
gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &exitcode);
if (exitcode)
log_error ("running %s failed (exitcode=%d): %s",
opt.gpg_program, exitcode, gpg_strerror (err));
gnupg_release_process (pid);
pid = (pid_t)(-1);
}
gnupg_process_release (proc);
proc = NULL;
}
leave:
free_strlist (extheader);
xfree (header);

32
tools/gpgtar-list.c
View File

@ -460,7 +460,7 @@ gpgtar_list (const char *filename, int decrypt)
strlist_t extheader = NULL;
struct tarinfo_s tarinfo_buffer;
tarinfo_t tarinfo = &tarinfo_buffer;
pid_t pid = (pid_t)(-1);
gnupg_process_t proc = NULL;
memset (&tarinfo_buffer, 0, sizeof tarinfo_buffer);
@ -501,13 +501,14 @@ gpgtar_list (const char *filename, int decrypt)
goto leave;
}
err = gnupg_spawn_process (opt.gpg_program, argv, NULL,
((filename? 0 : GNUPG_SPAWN_KEEP_STDIN)
| GNUPG_SPAWN_KEEP_STDERR),
NULL, &stream, NULL, &pid);
err = gnupg_process_spawn (opt.gpg_program, argv,
((filename ? GNUPG_PROCESS_STDIN_NULL : 0)
| GNUPG_PROCESS_STDOUT_PIPE),
NULL, NULL, &proc);
xfree (argv);
if (err)
goto leave;
gnupg_process_get_streams (proc, 0, NULL, &stream, NULL);
es_set_binary (stream);
}
else if (filename) /* No decryption requested. */
@ -547,23 +548,24 @@ gpgtar_list (const char *filename, int decrypt)
header = NULL;
}
if (pid != (pid_t)(-1))
if (proc)
{
int exitcode;
err = es_fclose (stream);
stream = NULL;
if (err)
log_error ("error closing pipe: %s\n", gpg_strerror (err));
else
err = gnupg_process_wait (proc, 1);
if (!err)
{
err = gnupg_wait_process (opt.gpg_program, pid, 1, &exitcode);
if (err)
log_error ("running %s failed (exitcode=%d): %s",
opt.gpg_program, exitcode, gpg_strerror (err));
gnupg_release_process (pid);
pid = (pid_t)(-1);
int exitcode;
gnupg_process_ctl (proc, GNUPG_PROCESS_GET_EXIT_ID, &exitcode);
log_error ("running %s failed (exitcode=%d): %s",
opt.gpg_program, exitcode, gpg_strerror (err));
}
gnupg_process_release (proc);
proc = NULL;
}
leave: