From f9919bcc48831fcb7aa01cd6ce9d8028a6485e99 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 26 Mar 2024 15:46:56 +0100 Subject: [PATCH] gpg,gpgsm: New option --disable-fd-translation. * common/sysutils.c (no_translate_sys2libc_fd) [W32]: New global. (disable_translate_sys2libc_fd): New. (translate_sys2libc_fd): Make static and cobuild only for Windows. (translate_sys2libc_fd_int): Use no_translate_sys2libc_fd flag. * g10/gpg.c, sm/gpgsm.c (oDisableFdTranslation): New const. (opts): Add option "disable-fd-translation". (main): Set option. -- GnuPG-bug-id: 7060 --- common/sysutils.c | 24 +++++++++++++++++------- common/sysutils.h | 3 ++- doc/gpg.texi | 6 ++++++ doc/gpgsm.texi | 12 ++++++++++++ g10/gpg.c | 8 +++++++- sm/gpgsm.c | 6 ++++++ 6 files changed, 50 insertions(+), 9 deletions(-) diff --git a/common/sysutils.c b/common/sysutils.c index 6c7d616b9..780af58bd 100644 --- a/common/sysutils.c +++ b/common/sysutils.c @@ -113,6 +113,8 @@ static int allow_special_filenames; #ifdef HAVE_W32_SYSTEM /* State of gnupg_inhibit_set_foregound_window. */ static int inhibit_set_foregound_window; +/* Disable the use of _open_osfhandle. */ +static int no_translate_sys2libc_fd; #endif @@ -351,6 +353,16 @@ enable_special_filenames (void) } +/* Disable the use use of _open_osfhandle on Windows. */ +void +disable_translate_sys2libc_fd (void) +{ +#ifdef HAVE_W32_SYSTEM + no_translate_sys2libc_fd = 1; +#endif +} + + /* Return a string which is used as a kind of process ID. */ const byte * get_session_marker (size_t *rlen) @@ -537,10 +549,10 @@ gnupg_usleep (unsigned int usecs) different from the libc file descriptors (like open). This function translates system file handles to libc file handles. FOR_WRITE gives the direction of the handle. */ -int +#if defined(HAVE_W32_SYSTEM) +static int translate_sys2libc_fd (gnupg_fd_t fd, int for_write) { -#if defined(HAVE_W32_SYSTEM) int x; if (fd == GNUPG_INVALID_FD) @@ -552,11 +564,9 @@ translate_sys2libc_fd (gnupg_fd_t fd, int for_write) if (x == -1) log_error ("failed to translate osfhandle %p\n", (void *) fd); return x; -#else /*!HAVE_W32_SYSTEM */ - (void)for_write; - return fd; -#endif } +#endif /*!HAVE_W32_SYSTEM */ + /* This is the same as translate_sys2libc_fd but takes an integer which is assumed to be such an system handle. */ @@ -564,7 +574,7 @@ int translate_sys2libc_fd_int (int fd, int for_write) { #ifdef HAVE_W32_SYSTEM - if (fd <= 2) + if (fd <= 2 || no_translate_sys2libc_fd) return fd; /* Do not do this for stdin, stdout, and stderr. */ return translate_sys2libc_fd ((void*)(intptr_t)fd, for_write); diff --git a/common/sysutils.h b/common/sysutils.h index dac2d9244..9a90d1018 100644 --- a/common/sysutils.h +++ b/common/sysutils.h @@ -75,12 +75,13 @@ void trap_unaligned (void); int disable_core_dumps (void); int enable_core_dumps (void); void enable_special_filenames (void); +void disable_translate_sys2libc_fd (void); + const unsigned char *get_session_marker (size_t *rlen); unsigned int get_uint_nonce (void); /*int check_permissions (const char *path,int extension,int checkonly);*/ void gnupg_sleep (unsigned int seconds); void gnupg_usleep (unsigned int usecs); -int translate_sys2libc_fd (gnupg_fd_t fd, int for_write); int translate_sys2libc_fd_int (int fd, int for_write); gpg_error_t gnupg_parse_fdstr (const char *fdstr, es_syshd_t *r_syshd); int check_special_filename (const char *fname, int for_write, int notranslate); diff --git a/doc/gpg.texi b/doc/gpg.texi index e3a6109c9..2ddc16342 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -3856,6 +3856,12 @@ This option enables a mode in which filenames of the form @file{-&n}, where n is a non-negative decimal number, refer to the file descriptor n and not to a file with that name. +@item --disable-fd-translation +@opindex disable-fd-translation +This option changes the behaviour for all following options to expect +libc file descriptors instead of HANDLE values on the command line. +The option has an effect only on Windows. + @item --no-expensive-trust-checks @opindex no-expensive-trust-checks Experimental use only. diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi index 71cfa1e8a..1316318a6 100644 --- a/doc/gpgsm.texi +++ b/doc/gpgsm.texi @@ -770,6 +770,18 @@ list of flag names and are OR-ed together. The special flag "none" clears the list and allows one to start over with an empty list. To get a list of available flags the sole word "help" can be used. +@item --enable-special-filenames +@opindex enable-special-filenames +This option enables a mode in which filenames of the form +@file{-&n}, where n is a non-negative decimal number, +refer to the file descriptor n and not to a file with that name. + +@item --disable-fd-translation +@opindex disable-fd-translation +This option changes the behaviour for all following options to expect +libc file descriptors instead of HANDLE values on the command line. +The option has an effect only on Windows. + @item --debug-level @var{level} @opindex debug-level Select the debug level for investigating problems. @var{level} may be diff --git a/g10/gpg.c b/g10/gpg.c index 658b7c7c8..2afcd91ad 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -354,6 +354,7 @@ enum cmd_and_opt_values oAllowSecretKeyImport, oAllowOldCipherAlgos, oEnableSpecialFilenames, + oDisableFdTranslation, oNoLiteral, oSetFilesize, oHonorHttpProxy, @@ -880,7 +881,6 @@ static gpgrt_opt_t opts[] = { ARGPARSE_s_n (oAllowOldCipherAlgos, "allow-old-cipher-algos", "@"), ARGPARSE_s_s (oWeakDigest, "weak-digest","@"), ARGPARSE_s_s (oVerifyOptions, "verify-options", "@"), - ARGPARSE_s_n (oEnableSpecialFilenames, "enable-special-filenames", "@"), ARGPARSE_s_n (oNoRandomSeedFile, "no-random-seed-file", "@"), ARGPARSE_s_n (oNoSigCache, "no-sig-cache", "@"), ARGPARSE_s_n (oIgnoreTimeConflict, "ignore-time-conflict", "@"), @@ -912,6 +912,8 @@ static gpgrt_opt_t opts[] = { ARGPARSE_s_i (oPassphraseRepeat,"passphrase-repeat", "@"), ARGPARSE_s_s (oPinentryMode, "pinentry-mode", "@"), ARGPARSE_s_n (oForceSignKey, "force-sign-key", "@"), + ARGPARSE_s_n (oEnableSpecialFilenames, "enable-special-filenames", "@"), + ARGPARSE_s_n (oDisableFdTranslation, "disable-fd-translation", "@"), ARGPARSE_header (NULL, N_("Other options")), @@ -3563,6 +3565,10 @@ main (int argc, char **argv) enable_special_filenames (); break; + case oDisableFdTranslation: + disable_translate_sys2libc_fd (); + break; + case oNoExpensiveTrustChecks: opt.no_expensive_trust_checks=1; break; case oAutoCheckTrustDB: opt.no_auto_check_trustdb=0; break; case oNoAutoCheckTrustDB: opt.no_auto_check_trustdb=1; break; diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 7c866d0b8..b1a5f09b5 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -117,6 +117,7 @@ enum cmd_and_opt_values { oLogTime, oEnableSpecialFilenames, + oDisableFdTranslation, oAgentProgram, oDisplay, @@ -428,6 +429,7 @@ static gpgrt_opt_t opts[] = { ARGPARSE_s_n (oAnswerNo, "no", N_("assume no on most questions")), ARGPARSE_s_i (oStatusFD, "status-fd", N_("|FD|write status info to this FD")), ARGPARSE_s_n (oEnableSpecialFilenames, "enable-special-filenames", "@"), + ARGPARSE_s_n (oDisableFdTranslation, "disable-fd-translation", "@"), ARGPARSE_s_i (oPassphraseFD, "passphrase-fd", "@"), ARGPARSE_s_s (oPinentryMode, "pinentry-mode", "@"), @@ -1461,6 +1463,10 @@ main ( int argc, char **argv) enable_special_filenames (); break; + case oDisableFdTranslation: + disable_translate_sys2libc_fd (); + break; + case oValidationModel: parse_validation_model (pargs.r.ret_str); break; case oKeyServer: