security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-03-12 23:01:14 +01:00
Code Activity

w32: On socket nonce mismatch close the socket.

Browse Source 
* agent/gpg-agent.c (start_connection_thread_std): Close socket on
nonce mismatch.
(start_connection_thread_extra): Ditto.
(start_connection_thread_browser): Ditto.
(start_connection_thread_ssh): Ditto.
* dirmngr/dirmngr.c (start_connection_thread): Ditto.
* kbx/keyboxd.c (start_connection_thread): Ditto.
--

Usually Libassuan takes care of closing the socket but because we do
the nonce check before setting up Assuan we need to explicit close
it.

GnuPG-bug-id: 7434
This commit is contained in:
Werner Koch 2025-03-05 15:31:50 +01:00
parent 41cf76b8c1
commit 73f6c2dd4d
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
4 changed files with 19 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
agent/command.c
View File

@ -4396,7 +4396,7 @@ register_commands (assuan_context_t ctx)
/* Startup the server. If LISTEN_FD and FD is given as -1, this is a /* Startup the server. If LISTEN_FD and FD is given as -1, this is a
simple piper server, otherwise it is a regular server. CTRL is the simple pipe server, otherwise it is a regular server. CTRL is the
control structure for this connection; it has only the basic control structure for this connection; it has only the basic
initialization. */ initialization. */
void void

20
agent/gpg-agent.c
View File

@ -2877,8 +2877,9 @@ start_connection_thread_std (void *arg)
if (check_nonce (ctrl, &socket_nonce)) if (check_nonce (ctrl, &socket_nonce))
{ {
log_error ("handler 0x%lx nonce check FAILED\n", log_error ("handler 0x%lx for fd %d FAILED nonce check\n",
(unsigned long) npth_self()); (unsigned long) npth_self(), FD_DBG (ctrl->thread_startup.fd));
assuan_sock_close (ctrl->thread_startup.fd);
return NULL; return NULL;
} }
@ -2894,8 +2895,9 @@ start_connection_thread_extra (void *arg)
if (check_nonce (ctrl, &socket_nonce_extra)) if (check_nonce (ctrl, &socket_nonce_extra))
{ {
log_error ("handler 0x%lx nonce check FAILED\n", log_error ("handler 0x%lx for fd %d FAILED nonce check\n",
(unsigned long) npth_self()); (unsigned long) npth_self(), FD_DBG (ctrl->thread_startup.fd));
assuan_sock_close (ctrl->thread_startup.fd);
return NULL; return NULL;
} }
@ -2912,8 +2914,9 @@ start_connection_thread_browser (void *arg)
if (check_nonce (ctrl, &socket_nonce_browser)) if (check_nonce (ctrl, &socket_nonce_browser))
{ {
log_error ("handler 0x%lx nonce check FAILED\n", log_error ("handler 0x%lx for fd %d FAILED nonce check\n",
(unsigned long) npth_self()); (unsigned long) npth_self(), FD_DBG (ctrl->thread_startup.fd));
assuan_sock_close (ctrl->thread_startup.fd);
return NULL; return NULL;
} }
@ -2929,7 +2932,10 @@ start_connection_thread_ssh (void *arg)
ctrl_t ctrl = arg; ctrl_t ctrl = arg;
if (check_nonce (ctrl, &socket_nonce_ssh)) if (check_nonce (ctrl, &socket_nonce_ssh))
return NULL; {
assuan_sock_close (ctrl->thread_startup.fd);
return NULL;
}
active_connections++; active_connections++;
agent_init_default_ctrl (ctrl); agent_init_default_ctrl (ctrl);

3
dirmngr/dirmngr.c
View File

@ -2259,7 +2259,8 @@ start_connection_thread (void *arg)
if (check_nonce (fd, &socket_nonce)) if (check_nonce (fd, &socket_nonce))
{ {
log_error ("handler nonce check FAILED\n"); log_error ("handler for fd %d FAILED nonce check\n", FD_DBG (fd));
assuan_sock_close (fd);
return NULL; return NULL;
} }

5
kbx/keyboxd.c
View File

@ -1448,8 +1448,9 @@ start_connection_thread (void *arg)
if (check_nonce (ctrl, &socket_nonce)) if (check_nonce (ctrl, &socket_nonce))
{ {
log_error ("handler 0x%lx nonce check FAILED\n", log_error ("handler 0x%lx for fd %d FAILED nonce check\n",
(unsigned long) npth_self()); (unsigned long) npth_self(), FD_DBG (ctrl->thread_startup.fd));
assuan_sock_close (ctrl->thread_startup.fd);
return NULL; return NULL;
} }