security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00
Code Activity

dirmngr: Exclude D lines from the IPC debug output.

Browse Source 
* dirmngr/dirmngr.h: Include asshelp.h.
* dirmngr/server.c (server_local_s): Add inhibit_dara_logging fields.
(data_line_write): Implement logging inhibit.
(data_line_cookie_close): Print non-logged D lines.
(cmd_wkd_get, cmd_ks_get, cmd_ks_fetch): Do not log D lines.
(dirmngr_assuan_log_monitor): New.
* dirmngr/dirmngr.c (main): Register monitor function.
--

In particular with large keys the D lines clutter the log output and
make it unusable.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2016-09-05 12:50:35 +02:00
parent 0ac671f8a2
commit de623474db
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
3 changed files with 76 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
dirmngr/dirmngr.c
View File

@ -702,7 +702,7 @@ main (int argc, char **argv)
assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT); assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH); assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
assuan_sock_init (); assuan_sock_init ();
setup_libassuan_logging (&opt.debug, NULL); setup_libassuan_logging (&opt.debug, dirmngr_assuan_log_monitor);
setup_libgcrypt_logging (); setup_libgcrypt_logging ();

3
dirmngr/dirmngr.h
View File

@ -32,6 +32,7 @@
#include "../common/util.h" #include "../common/util.h"
#include "../common/membuf.h" #include "../common/membuf.h"
#include "../common/sysutils.h" /* (gnupg_fd_t) */ #include "../common/sysutils.h" /* (gnupg_fd_t) */
#include "../common/asshelp.h" /* (assuan_context_t) */
#include "../common/i18n.h" #include "../common/i18n.h"
#include "http.h" /* (parsed_uri_t) */ #include "http.h" /* (parsed_uri_t) */
@ -196,6 +197,8 @@ ksba_cert_t get_issuing_cert_local (ctrl_t ctrl, const char *issuer);
ksba_cert_t get_cert_local_ski (ctrl_t ctrl, ksba_cert_t get_cert_local_ski (ctrl_t ctrl,
const char *name, ksba_sexp_t keyid); const char *name, ksba_sexp_t keyid);
gpg_error_t get_istrusted_from_client (ctrl_t ctrl, const char *hexfpr); gpg_error_t get_istrusted_from_client (ctrl_t ctrl, const char *hexfpr);
int dirmngr_assuan_log_monitor (assuan_context_t ctx, unsigned int cat,
const char *msg);
void start_command_handler (gnupg_fd_t fd); void start_command_handler (gnupg_fd_t fd);
gpg_error_t dirmngr_status (ctrl_t ctrl, const char *keyword, ...); gpg_error_t dirmngr_status (ctrl_t ctrl, const char *keyword, ...);
gpg_error_t dirmngr_status_help (ctrl_t ctrl, const char *text); gpg_error_t dirmngr_status_help (ctrl_t ctrl, const char *text);

76
dirmngr/server.c
View File

@ -95,6 +95,13 @@ struct server_local_s
/* State variable private to is_tor_running. */ /* State variable private to is_tor_running. */
int tor_state; int tor_state;
/* If the first both flags are set the assuan logging of data lines
* is suppressed. The count variable is used to show the number of
* non-logged bytes. */
size_t inhibit_data_logging_count;
unsigned int inhibit_data_logging : 1;
unsigned int inhibit_data_logging_now : 1;
}; };
@ -175,9 +182,14 @@ leave_cmd (assuan_context_t ctx, gpg_error_t err)
static gpg_error_t static gpg_error_t
data_line_write (assuan_context_t ctx, const void *buffer_arg, size_t size) data_line_write (assuan_context_t ctx, const void *buffer_arg, size_t size)
{ {
ctrl_t ctrl = assuan_get_pointer (ctx);
const char *buffer = buffer_arg; const char *buffer = buffer_arg;
gpg_error_t err; gpg_error_t err;
/* If we do not want logging, enable it it here. */
if (ctrl && ctrl->server_local && ctrl->server_local->inhibit_data_logging)
ctrl->server_local->inhibit_data_logging_now = 1;
if (opt.verbose && buffer && size) if (opt.verbose && buffer && size)
{ {
/* Ease reading of output by sending a physical line at each LF. */ /* Ease reading of output by sending a physical line at each LF. */
@ -193,14 +205,14 @@ data_line_write (assuan_context_t ctx, const void *buffer_arg, size_t size)
if (err) if (err)
{ {
gpg_err_set_errno (EIO); gpg_err_set_errno (EIO);
return err; goto leave;
} }
buffer += n; buffer += n;
nbytes -= n; nbytes -= n;
if (nbytes && (err=assuan_send_data (ctx, NULL, 0))) /* Flush line. */ if (nbytes && (err=assuan_send_data (ctx, NULL, 0))) /* Flush line. */
{ {
gpg_err_set_errno (EIO); gpg_err_set_errno (EIO);
return err; goto leave;
} }
} }
while (nbytes); while (nbytes);
@ -211,11 +223,18 @@ data_line_write (assuan_context_t ctx, const void *buffer_arg, size_t size)
if (err) if (err)
{ {
gpg_err_set_errno (EIO); /* For use by data_line_cookie_write. */ gpg_err_set_errno (EIO); /* For use by data_line_cookie_write. */
return err; goto leave;
} }
} }
return 0; leave:
if (ctrl && ctrl->server_local && ctrl->server_local->inhibit_data_logging)
{
ctrl->server_local->inhibit_data_logging_now = 0;
ctrl->server_local->inhibit_data_logging_count += size;
}
return err;
} }
@ -237,6 +256,16 @@ data_line_cookie_close (void *cookie)
{ {
assuan_context_t ctx = cookie; assuan_context_t ctx = cookie;
if (DBG_IPC)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
if (ctrl && ctrl->server_local
&& ctrl->server_local->inhibit_data_logging
&& ctrl->server_local->inhibit_data_logging_count)
log_debug ("(%zu bytes sent via D lines not shown)\n",
ctrl->server_local->inhibit_data_logging_count);
}
if (assuan_send_data (ctx, NULL, 0)) if (assuan_send_data (ctx, NULL, 0))
{ {
gpg_err_set_errno (EIO); gpg_err_set_errno (EIO);
@ -810,6 +839,7 @@ cmd_wkd_get (assuan_context_t ctx, char *line)
char *encodedhash = NULL; char *encodedhash = NULL;
int opt_submission_addr; int opt_submission_addr;
int opt_policy_flags; int opt_policy_flags;
int no_log = 0;
opt_submission_addr = has_option (line, "--submission-address"); opt_submission_addr = has_option (line, "--submission-address");
opt_policy_flags = has_option (line, "--policy-flags"); opt_policy_flags = has_option (line, "--policy-flags");
@ -852,6 +882,7 @@ cmd_wkd_get (assuan_context_t ctx, char *line)
"/.well-known/openpgpkey/hu/", "/.well-known/openpgpkey/hu/",
encodedhash, encodedhash,
NULL); NULL);
no_log = 1;
} }
if (!uri) if (!uri)
{ {
@ -869,8 +900,13 @@ cmd_wkd_get (assuan_context_t ctx, char *line)
"error setting up a data stream"); "error setting up a data stream");
else else
{ {
if (no_log)
ctrl->server_local->inhibit_data_logging = 1;
ctrl->server_local->inhibit_data_logging_now = 0;
ctrl->server_local->inhibit_data_logging_count = 0;
err = ks_action_fetch (ctrl, uri, outfp); err = ks_action_fetch (ctrl, uri, outfp);
es_fclose (outfp); es_fclose (outfp);
ctrl->server_local->inhibit_data_logging = 0;
} }
} }
@ -2079,8 +2115,12 @@ cmd_ks_get (assuan_context_t ctx, char *line)
err = set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream"); err = set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream");
else else
{ {
ctrl->server_local->inhibit_data_logging = 1;
ctrl->server_local->inhibit_data_logging_now = 0;
ctrl->server_local->inhibit_data_logging_count = 0;
err = ks_action_get (ctrl, ctrl->server_local->keyservers, list, outfp); err = ks_action_get (ctrl, ctrl->server_local->keyservers, list, outfp);
es_fclose (outfp); es_fclose (outfp);
ctrl->server_local->inhibit_data_logging = 0;
} }
leave: leave:
@ -2113,8 +2153,12 @@ cmd_ks_fetch (assuan_context_t ctx, char *line)
err = set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream"); err = set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream");
else else
{ {
ctrl->server_local->inhibit_data_logging = 1;
ctrl->server_local->inhibit_data_logging_now = 0;
ctrl->server_local->inhibit_data_logging_count = 0;
err = ks_action_fetch (ctrl, line, outfp); err = ks_action_fetch (ctrl, line, outfp);
es_fclose (outfp); es_fclose (outfp);
ctrl->server_local->inhibit_data_logging = 0;
} }
leave: leave:
@ -2356,6 +2400,30 @@ reset_notify (assuan_context_t ctx, char *line)
} }
/* This function is called by our assuan log handler to test whether a
* log message shall really be printed. The function must return
* false to inhibit the logging of MSG. CAT gives the requested log
* category. MSG might be NULL. */
int
dirmngr_assuan_log_monitor (assuan_context_t ctx, unsigned int cat,
const char *msg)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
(void)cat;
(void)msg;
if (!ctrl || !ctrl->server_local)
return 1; /* Can't decide - allow logging. */
if (!ctrl->server_local->inhibit_data_logging)
return 1; /* Not requested - allow logging. */
/* Disallow logging if *_now is true. */
return !ctrl->server_local->inhibit_data_logging_now;
}
/* Startup the server and run the main command loop. With FD = -1, /* Startup the server and run the main command loop. With FD = -1,
use stdin/stdout. */ use stdin/stdout. */
void void