From ac791c0a9a4bcd6ec1785d1689994b578a9edf82 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 11 May 2004 09:54:52 +0000 Subject: [PATCH] * sysutils.c (disable_core_dumps): Only set the current limit. (enable_core_dumps): New. * gpgsm.texi (Esoteric Options): Add --debug-allow-core-dump. * gpgsm.c: New option --debug-allow-core-dump. * gpgsm.h (opt): Add member CONFIG_FILENAME. * gpgsm.c (main): Use it here instead of the local var. * server.c (gpgsm_server): Print some additional information with the hello in verbose mode. --- common/ChangeLog | 5 +++++ common/sysutils.c | 37 ++++++++++++++++++++++++++++++------- common/sysutils.h | 1 + doc/ChangeLog | 4 ++++ doc/gpgsm.texi | 8 ++++++++ sm/ChangeLog | 3 +++ sm/gpgsm.c | 5 +++++ sm/server.c | 2 +- 8 files changed, 57 insertions(+), 8 deletions(-) diff --git a/common/ChangeLog b/common/ChangeLog index 8e81baa0c..a39f17aaa 100644 --- a/common/ChangeLog +++ b/common/ChangeLog @@ -1,3 +1,8 @@ +2004-05-11 Werner Koch + + * sysutils.c (disable_core_dumps): Only set the current limit. + (enable_core_dumps): New. + 2004-04-13 Werner Koch * simple-pwquery.c (copy_and_escape): Relaxed quoting. diff --git a/common/sysutils.c b/common/sysutils.c index 4948af57f..97fa23d95 100644 --- a/common/sysutils.c +++ b/common/sysutils.c @@ -70,21 +70,44 @@ trap_unaligned(void) int disable_core_dumps (void) { - #ifdef HAVE_DOSISH_SYSTEM +#ifdef HAVE_DOSISH_SYSTEM return 0; - #else - #ifdef HAVE_SETRLIMIT +#else +# ifdef HAVE_SETRLIMIT struct rlimit limit; + /* We only set the current limit unless we were not able to + retrieve the old value. */ + if (getrlimit (RLIMIT_CORE, &limit)) + limit.rlim_max = 0; limit.rlim_cur = 0; - limit.rlim_max = 0; - if( !setrlimit( RLIMIT_CORE, &limit ) ) + if( !setrlimit (RLIMIT_CORE, &limit) ) return 0; if( errno != EINVAL && errno != ENOSYS ) log_fatal (_("can't disable core dumps: %s\n"), strerror(errno) ); - #endif +#endif return 1; - #endif +#endif +} + +int +enable_core_dumps (void) +{ +#ifdef HAVE_DOSISH_SYSTEM + return 0; +#else +# ifdef HAVE_SETRLIMIT + struct rlimit limit; + + if (getrlimit (RLIMIT_CORE, &limit)) + return 1; + limit.rlim_cur = limit.rlim_max; + setrlimit (RLIMIT_CORE, &limit); + return 1; /* We always return true because trhis function is + merely a debugging aid. */ +#endif + return 1; +#endif } diff --git a/common/sysutils.h b/common/sysutils.h index f2054d468..66f714acd 100644 --- a/common/sysutils.h +++ b/common/sysutils.h @@ -23,6 +23,7 @@ void trap_unaligned (void); int disable_core_dumps (void); +int enable_core_dumps (void); const unsigned char *get_session_marker (size_t *rlen); int check_permissions (const char *path,int extension,int checkonly); diff --git a/doc/ChangeLog b/doc/ChangeLog index a920022d0..1676834f8 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,7 @@ +2004-05-11 Werner Koch + + * gpgsm.texi (Esoteric Options): Add --debug-allow-core-dump. + 2004-05-03 Werner Koch * gpg-agent.texi (Agent Options): Add --allow-mark-trusted. diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi index b5c87b77c..4bb688c44 100644 --- a/doc/gpgsm.texi +++ b/doc/gpgsm.texi @@ -444,6 +444,14 @@ Note, that all flags set using this option may get overriden by @opindex debug-all Same as @code{--debug=0xffffffff} +@item --debug-allow-core-dump +@opindex debug-allow-core-dump +Usually gpgsm tries to avoid dumping core by well written code and by +disabling core dumps for security reasons. However, bugs are pretty +durable beasts and to squash them it is sometimes useful to have a core +dump. This option enables core dumps unless the Bad Thing happened +before the option parsing. + @item --debug-no-chain-validation @opindex debug-no-chain-validation This is actually not a debugging option but only useful as such. It diff --git a/sm/ChangeLog b/sm/ChangeLog index ee5f1a5a6..af7ddb1c6 100644 --- a/sm/ChangeLog +++ b/sm/ChangeLog @@ -1,7 +1,10 @@ 2004-05-11 Werner Koch + * gpgsm.c: New option --debug-allow-core-dump. + * gpgsm.h (opt): Add member CONFIG_FILENAME. * gpgsm.c (main): Use it here instead of the local var. + * server.c (gpgsm_server): Print some additional information with the hello in verbose mode. diff --git a/sm/gpgsm.c b/sm/gpgsm.c index adc04336e..e1751a7aa 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -92,6 +92,7 @@ enum cmd_and_opt_values { oDebugLevel, oDebugAll, oDebugWait, + oDebugAllowCoreDump, oDebugNoChainValidation, oDebugIgnoreExpiration, oLogFile, @@ -335,6 +336,7 @@ static ARGPARSE_OPTS opts[] = { { oDebugLevel, "debug-level" ,2, "@"}, { oDebugAll, "debug-all" ,0, "@"}, { oDebugWait, "debug-wait" ,1, "@"}, + { oDebugAllowCoreDump, "debug-allow-core-dump", 0, "@" }, { oDebugNoChainValidation, "debug-no-chain-validation", 0, "@"}, { oDebugIgnoreExpiration, "debug-ignore-expiration", 0, "@"}, { oStatusFD, "status-fd" ,1, N_("|FD|write status info to this FD") }, @@ -1010,6 +1012,9 @@ main ( int argc, char **argv) case oDebugAll: opt.debug = ~0; break; case oDebugLevel: debug_level = pargs.r.ret_str; break; case oDebugWait: debug_wait = pargs.r.ret_int; break; + case oDebugAllowCoreDump: + may_coredump = enable_core_dumps (); + break; case oDebugNoChainValidation: opt.no_chain_validation = 1; break; case oDebugIgnoreExpiration: opt.ignore_expiration = 1; break; diff --git a/sm/server.c b/sm/server.c index d94485926..72bf74afa 100644 --- a/sm/server.c +++ b/sm/server.c @@ -811,7 +811,7 @@ gpgsm_server (certlist_t default_recplist) assuan_strerror(rc)); gpgsm_exit (2); } - if (opt.verbose) + if (opt.verbose || opt.debug) { char *tmp = NULL; const char *s1 = getenv ("GPG_AGENT_INFO");