gpg: First rough implementation of keyboxd access for key lookup.

* g10/Makefile.am: Add nPth flags. * g10/gpg.c: Include npth.h. (gpg_deinit_default_ctrl): Deinit call-keyboxd local data. (main): Init nPth. * g10/keydb-private.h (struct keydb_handle_s): Add field 'kbl' and remove the search result and the assuan context. * g10/call-keyboxd.c (struct keyboxd_local_s): Add more fields. (lock_datastream, unlock_datastream): New. (gpg_keyboxd_deinit_session_data): Adjust for changed data structures. (prepare_data_pipe): New. (open_context): Return kbl instead of an Assuan context. Init mutexes etc. (close_context): Merge into ... (keydb_release): here. Adjust for changed data structures. (datastream_thread): New. (keydb_get_keyblock): Implement datastream stuff. (keydb_search): Ditto. * common/asshelp.c (wait_for_sock): Add arg connect_flags. (start_new_service): Set FDPASSING flag for the keyboxd. -- This code as a lot of rough edges, in particular it relies on a well behaving keyboxd. We need to add code to shutdown the datastream reader thread in case of errors and to properly get it up again. We also need to make really sure that both threads run in lockstep so that the datastream thread is only active while we are sending a command to the keyboxd. We should also see whether we can depend nPth initialization on the --use-keyboxd option to avoid any problems with nPth. And we need to test on Windows. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-07-02 22:46:30 +02:00 · 2019-09-10 16:05:54 +02:00 · 2019-09-10 16:05:54 +02:00 · ce9906b008
commit ce9906b008
parent 6c327b4dd6
6 changed files with 382 additions and 106 deletions
--- a/common/asshelp.c
+++ b/common/asshelp.c
@ -310,14 +310,15 @@ unlock_spawning (lock_spawn_t *lock, const char *name)
 }


-/* Helper to start a service.
- * SECS gives the number of seconds to wait.  SOCKNAME is the name of
- * the socket to connect.  VERBOSE is the usual verbose flag. CTX is
- * the assuan context.  DID_SUCCESS_MSG will be set to 1 if a success
- * messages has been printed.
+/* Helper to start a service.  SECS gives the number of seconds to
+ * wait.  SOCKNAME is the name of the socket to connect.  VERBOSE is
+ * the usual verbose flag.  CTX is the assuan context.  CONNECT_FLAGS
+ * are the assuan connect flags.  DID_SUCCESS_MSG will be set to 1 if
+ * a success messages has been printed.
 */
 static gpg_error_t
 wait_for_sock (int secs, int module_name_id, const char *sockname,
+               unsigned int connect_flags,
               int verbose, assuan_context_t ctx, int *did_success_msg)
 {
  gpg_error_t err = 0;
@ -353,7 +354,7 @@ wait_for_sock (int secs, int module_name_id, const char *sockname,
        }
      gnupg_usleep (next_sleep_us);
      elapsed_us += next_sleep_us;
-      err = assuan_socket_connect (ctx, sockname, 0, 0);
+      err = assuan_socket_connect (ctx, sockname, 0, connect_flags);
      if (!err)
        {
          if (verbose)
@ -403,6 +404,7 @@ start_new_service (assuan_context_t *r_ctx,
  const char *status_start_line;
  int no_service_err;
  int seconds_to_wait;
+  unsigned int connect_flags = 0;
  const char *argv[6];

  *r_ctx = NULL;
@ -439,6 +441,7 @@ start_new_service (assuan_context_t *r_ctx,
      status_start_line = "starting_keyboxd ? 0 0";
      no_service_err = GPG_ERR_NO_KEYBOXD;
      seconds_to_wait = SECS_TO_WAIT_FOR_KEYBOXD;
+      connect_flags |= ASSUAN_SOCKET_CONNECT_FDPASSING;
      break;
    default:
      err = gpg_error (GPG_ERR_INV_ARG);
@ -446,7 +449,7 @@ start_new_service (assuan_context_t *r_ctx,
      return err;
    }

-  err = assuan_socket_connect (ctx, sockname, 0, 0);
+  err = assuan_socket_connect (ctx, sockname, 0, connect_flags);
  if (err && autostart)
    {
      char *abs_homedir;
@ -522,7 +525,7 @@ start_new_service (assuan_context_t *r_ctx,
      argv[i++] = NULL;

      if (!(err = lock_spawning (&lock, gnupg_homedir (), lock_name, verbose))
-          && assuan_socket_connect (ctx, sockname, 0, 0))
+          && assuan_socket_connect (ctx, sockname, 0, connect_flags))
        {
          err = gnupg_spawn_process_detached (program? program : program_name,
                                              argv, NULL);
@ -532,7 +535,8 @@ start_new_service (assuan_context_t *r_ctx,
                       gpg_strerror (err));
          else
            err = wait_for_sock (seconds_to_wait, module_name_id,
-                                 sockname, verbose, ctx, &did_success_msg);
+                                 sockname, connect_flags,
+                                 verbose, ctx, &did_success_msg);
        }

      unlock_spawning (&lock, lock_name);