diff options
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/OPTIONS | 4 | ||||
| -rw-r--r-- | g10/g10.c | 22 | ||||
| -rw-r--r-- | g10/keyedit.c | 29 | ||||
| -rw-r--r-- | g10/options.h | 1 | ||||
| -rw-r--r-- | g10/signal.c | 83 | ||||
| -rw-r--r-- | g10/status.c | 174 | ||||
| -rw-r--r-- | g10/status.h | 20 |
7 files changed, 290 insertions, 43 deletions
diff --git a/g10/OPTIONS b/g10/OPTIONS index 03ef351ee..2e933f57e 100644 --- a/g10/OPTIONS +++ b/g10/OPTIONS @@ -46,3 +46,7 @@ compress-sigs # Normally, compressing of signatures does not make sense; so this # is disabled for detached signatures unless this option is used. +run-as-shm-coprocess [request-locked-shm-size] +# very special :-) +# You will have to use "--status-fd" too + @@ -172,7 +172,7 @@ static ARGPARSE_OPTS opts[] = { { 566, "compress-sigs",0, "@"}, { 559, "always-trust", 0, "@"}, { 562, "emulate-checksum-bug", 0, "@"}, - /*554 is unused */ + { 554, "run-as-shm-coprocess", 4, "@" }, {0} }; @@ -404,6 +404,9 @@ main( int argc, char **argv ) const char *trustdb_name = NULL; char *def_cipher_string = NULL; char *def_digest_string = NULL; + #ifdef USE_SHM_COPROCESSING + ulong requested_shm_size=0; + #endif trap_unaligned(); #ifdef IS_G10MAINT @@ -605,6 +608,13 @@ main( int argc, char **argv ) case 565: opt.do_not_export_rsa = 1; break; case 566: opt.compress_sigs = 1; break; case 554: + #ifdef USE_SHM_COPROCESSING + opt.shm_coprocess = 1; + requested_shm_size = pargs.r.ret_ulong; + #else + log_error("shared memory coprocessing is not available\n"); + #endif + break; default : errors++; pargs.err = configfp? 1:2; break; } } @@ -623,6 +633,15 @@ main( int argc, char **argv ) tty_printf("%s\n", strusage(15) ); } + #ifdef USE_SHM_COPROCESSING + if( opt.shm_coprocess ) { + #ifdef IS_G10 + init_shm_coprocessing(requested_shm_size, 1 ); + #else + init_shm_coprocessing(requested_shm_size, 0 ); + #endif + } + #endif #ifdef IS_G10 /* initialize the secure memory. */ secmem_init( 16384 ); @@ -630,7 +649,6 @@ main( int argc, char **argv ) /* Okay, we are now working under our real uid */ #endif - /*write_status( STATUS_ENTER );*/ set_debug(); diff --git a/g10/keyedit.c b/g10/keyedit.c index c137d1af7..f61916bae 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -37,6 +37,7 @@ #include "trustdb.h" #include "filter.h" #include "ttyio.h" +#include "status.h" #include "i18n.h" static void show_key_with_all_names( KBNODE keyblock, @@ -264,8 +265,8 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified ) tty_print_string( p, n ); tty_printf("\"\n\n"); m_free(p); - p = tty_get(_("Really sign? ")); - tty_kill_prompt(); + p = cpr_get("sign_uid.really", _("Really sign? ")); + cpr_kill_prompt(); if( !answer_is_yes(p) ) { m_free(p); continue; /* No */ @@ -398,9 +399,10 @@ delete_key( const char *username, int secret ) m_free(p); tty_printf("\n\n"); - p = tty_get(_("Delete this key from the keyring? ")); - tty_kill_prompt(); - if( secret && answer_is_yes(p)) { + p = cpr_get( secret? "delete_key.secret.really":"delete_key.really", + _("Delete this key from the keyring? ")); + cpr_kill_prompt(); + if( !cpr_enabled() && secret && answer_is_yes(p)) { /* I think it is not required to check a passphrase; if * the user is so stupid as to let others access his secret keyring * (and has no backup) - it is up him to read some very @@ -493,8 +495,8 @@ change_passphrase( KBNODE keyblock ) rc = 0; tty_printf(_( "You don't want a passphrase -" " this is probably a *bad* idea!\n\n")); - if( tty_get_answer_is_yes(_( - "Do you really want to do this? "))) + if( cpr_get_answer_is_yes("change_passwd.empty", + _("Do you really want to do this? "))) changed++; break; } @@ -628,8 +630,8 @@ keyedit_menu( const char *username, STRLIST locusr ) redisplay = 0; } m_free(answer); - answer = tty_get(_("Command> ")); - tty_kill_prompt(); + answer = cpr_get("keyedit.cmd", _("Command> ")); + cpr_kill_prompt(); trim_spaces(answer); arg_number = 0; @@ -670,12 +672,9 @@ keyedit_menu( const char *username, STRLIST locusr ) case cmdQUIT: if( !modified ) goto leave; - m_free(answer); - answer = tty_get(_("Save changes? ")); - if( !answer_is_yes(answer) ) { - m_free(answer); - answer = tty_get(_("Quit without saving? ")); - if( answer_is_yes(answer) ) + if( !cpr_get_answer_is_yes("keyedit.save",_("Save changes? ")) ) { + if( cpr_enabled() + || tty_get_answer_is_yes(_("Quit without saving? ")) ) goto leave; break; } diff --git a/g10/options.h b/g10/options.h index 0c9e17fc1..630e43f44 100644 --- a/g10/options.h +++ b/g10/options.h @@ -51,6 +51,7 @@ struct { int always_trust; int rfc1991; unsigned emulate_bugs; /* bug emulation flags EMUBUG_xxxx */ + int shm_coprocess; } opt; diff --git a/g10/signal.c b/g10/signal.c index b508e515b..be831b338 100644 --- a/g10/signal.c +++ b/g10/signal.c @@ -35,40 +35,83 @@ #include "ttyio.h" -#if 0 -static RETSIGTYPE -print_and_exit( int sig ) -{ - const char *p; +static volatile int caught_fatal_sig = 0; +static volatile int caught_sigusr1 = 0; - /* Hmm, use only safe functions (we should do an autoconf test) */ - write( 2, "\nCaught ", 8 ); +static const char * +signal_name( int signum ) +{ #if SYS_SIGLIST_DECLARED - p = sys_siglist[sig]; - write( 2, p, strlen(p) ); + return sys_siglist[signum]; #else - write( 2, "a signal", 8 ); + static char buf[20]; + sprintf( "signal %d", signum ); + return buf; #endif - write( 2, "... exiting\n", 12 ); +} + +static RETSIGTYPE +got_fatal_signal( int sig ) +{ + if( caught_fatal_sig ) + raise( sig ); + caught_fatal_sig = 1; + + fprintf( stderr, "\n%s: %s caught ... exiting\n", + log_get_name(), signal_name(sig) ); secmem_term(); - exit(2); /* not correct but .. */ + exit( 2 ); +} + + +static RETSIGTYPE +got_usr_signal( int sig ) +{ + caught_sigusr1 = 1; +} + + +static void +do_sigaction( int sig, struct sigaction *nact ) +{ + struct sigaction oact; + + sigaction( sig, NULL, &oact ); + if( oact.sa_handler != SIG_IGN ) + sigaction( sig, nact, NULL); } -#endif void init_signals() { - #if 0 struct sigaction nact; - nact.sa_handler = print_and_exit; - sigemptyset (&nact.sa_mask); + nact.sa_handler = got_fatal_signal; + sigemptyset( &nact.sa_mask ); nact.sa_flags = 0; - sigaction( SIGINT, &nact, NULL ); - sigaction( SIGHUP, &nact, NULL ); - sigaction( SIGTERM, &nact, NULL ); - #endif + do_sigaction( SIGINT, &nact ); + do_sigaction( SIGHUP, &nact ); + do_sigaction( SIGTERM, &nact ); + do_sigaction( SIGQUIT, &nact ); + nact.sa_handler = got_usr_signal; + sigaction( SIGUSR1, &nact, NULL ); } +void +pause_on_sigusr( int which ) +{ + sigset_t mask, oldmask; + + assert( which == 1 ); + sigemptyset( &mask ); + sigaddset( &mask, SIGUSR1 ); + + sigprocmask( SIG_BLOCK, &mask, &oldmask ); + while( !caught_sigusr1 ) + sigsuspend( &oldmask ); + caught_sigusr1 = 0; + sigprocmask( SIG_UNBLOCK, &mask, NULL ); +} + diff --git a/g10/status.c b/g10/status.c index 5cdd4fd03..744f98de6 100644 --- a/g10/status.c +++ b/g10/status.c @@ -22,26 +22,45 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <errno.h> #include <unistd.h> +#ifdef USE_SHM_COPROCESSING + #ifdef HAVE_SYS_IPC_H + #include <sys/ipc.h> + #endif + #ifdef HAVE_SYS_SHM_H + #include <sys/shm.h> + #endif +#endif +#include "util.h" #include "status.h" +#include "ttyio.h" +#include "options.h" +#include "main.h" static int fd = -1; +#ifdef USE_SHM_COPROCESSING + static int shm_id = -1; + static volatile char *shm_area; + static size_t shm_size; + static int shm_is_locked; +#endif /*USE_SHM_COPROCESSING*/ void -set_status_fd( int newfd ) +set_status_fd ( int newfd ) { fd = newfd; } void -write_status( int no ) +write_status ( int no ) { write_status_text( no, NULL ); } void -write_status_text( int no, const char *text) +write_status_text ( int no, const char *text) { const char *s; @@ -64,6 +83,10 @@ write_status_text( int no, const char *text) case STATUS_TRUST_MARGINAL : s = "TRUST_MARGINAL\n"; break; case STATUS_TRUST_FULLY : s = "TRUST_FULLY\n"; break; case STATUS_TRUST_ULTIMATE : s = "TRUST_ULTIMATE\n"; break; + case STATUS_SHM_INFO : s = "SHM_INFO\n"; break; + case STATUS_SHM_GET : s = "SHM_GET\n"; break; + case STATUS_SHM_GET_BOOL : s = "SHM_GET_BOOL\n"; break; + case STATUS_SHM_GET_HIDDEN : s = "SHM_GET_HIDDEN\n"; break; default: s = "?\n"; break; } @@ -78,3 +101,148 @@ write_status_text( int no, const char *text) write( fd, s, strlen(s) ); } + +#ifdef USE_SHM_COPROCESSING +void +init_shm_coprocessing ( ulong requested_shm_size, int lock_mem ) +{ + char buf[100]; + + requested_shm_size = (requested_shm_size + 4095) & ~4095; + if ( requested_shm_size > 2 * 4096 ) + log_fatal("too much shared memory requested; only 8k are allowed\n"); + shm_size = 4096 /* one page for us */ + requested_shm_size; + + /* FIXME: Need other permissions ... */ + shm_id = shmget( IPC_PRIVATE, shm_size, IPC_CREAT | 0777 ); + if ( shm_id == -1 ) + log_fatal("can't get %uk of shared memory: %s\n", + (unsigned)shm_size/1024, strerror(errno)); + shm_area = shmat( shm_id, 0, 0 ); + if ( shm_area == (char*)-1 ) + log_fatal("can't attach %uk shared memory: %s\n", + (unsigned)shm_size/1024, strerror(errno)); + log_info("mapped %uk shared memory at %p, id=%d\n", + (unsigned)shm_size/1024, shm_area, shm_id ); + if( lock_mem ) { + if ( shmctl (shm_id, SHM_LOCK, 0) ) + log_info("Locking shared memory %d failed: %s\n", + shm_id, strerror(errno)); + else + shm_is_locked = 1; + } + + #ifdef IPC_RMID_DEFERRED_RELEASE + if ( shmctl ( shm_id, IPC_RMID, 0) ) + log_fatal("shmctl IPC_RMDID of %d failed: %s\n", + shm_id, strerror(errno)); + #else + #error Must add a cleanup function + #endif + + /* write info; Protocol version, id, size, locked size */ + sprintf( buf, "pv=1 pid=%d shmid=%d sz=%u lz=%u", (int)getpid(), + shm_id, (unsigned)shm_size, shm_is_locked? (unsigned)shm_size:0 ); + write_status_text( STATUS_SHM_INFO, buf ); +} + + +/**************** + * Request a string from client + * If bool, returns static string on true (do not free) or NULL for false + */ +static char * +do_shm_get( const char *keyword, int hidden, int bool ) +{ + size_t n; + byte *p; + char *string; + + if( !shm_area ) + BUG(); + + shm_area[0] = 0; /* msb of length of control block */ + shm_area[1] = 32; /* and lsb */ + shm_area[2] = 1; /* indicate that we are waiting on a reply */ + shm_area[3] = 0; /* clear data available flag */ + + write_status_text( bool? STATUS_SHM_GET_BOOL : + hidden? STATUS_SHM_GET_HIDDEN : STATUS_SHM_GET, keyword ); + + do { + pause_on_sigusr(1); + if( shm_area[0] || shm_area[1] != 32 || shm_area[2] != 1 ) + log_fatal("client modified shm control block - abort\n"); + } while( !shm_area[3] ); + shm_area[2] = 0; /* reset request flag */ + p = (byte*)shm_area+32; + n = p[0] << 8 | p[1]; + p += 2; + if( n+32+2+1 > 4095 ) + log_fatal("client returns too large data (%u bytes)\n", (unsigned)n ); + + if( bool ) + return p[0]? "" : NULL; + + string = hidden? m_alloc_secure( n+1 ) : m_alloc( n+1 ); + memcpy(string, p, n ); + string[n] = 0; /* make sure it is a string */ + if( hidden ) /* invalidate the memory */ + memset( p, 0, n ); + + return string; +} + +#endif /* USE_SHM_COPROCESSING */ + + +int +cpr_enabled() +{ + #ifdef USE_SHM_COPROCESSING + if( opt.shm_coprocess ) + return 1; + #endif + return 0; +} + +char * +cpr_get( const char *keyword, const char *prompt ) +{ + #ifdef USE_SHM_COPROCESSING + if( opt.shm_coprocess ) + return do_shm_get( keyword, 0, 0 ); + #endif + return tty_get( prompt ); +} + +char * +cpr_get_hidden( const char *keyword, const char *prompt ) +{ + #ifdef USE_SHM_COPROCESSING + if( opt.shm_coprocess ) + return do_shm_get( keyword, 1, 0 ); + #endif + return tty_get_hidden( prompt ); +} + +void +cpr_kill_prompt(void) +{ + #ifdef USE_SHM_COPROCESSING + if( opt.shm_coprocess ) + return; + #endif + return tty_kill_prompt(); +} + +int +cpr_get_answer_is_yes( const char *keyword, const char *prompt ) +{ + #ifdef USE_SHM_COPROCESSING + if( opt.shm_coprocess ) + return !!do_shm_get( keyword, 0, 1 ); + #endif + return tty_get_answer_is_yes( prompt ); +} + diff --git a/g10/status.h b/g10/status.h index d6ed773a0..f49e593a4 100644 --- a/g10/status.h +++ b/g10/status.h @@ -42,12 +42,26 @@ #define STATUS_TRUST_FULLY 14 #define STATUS_TRUST_ULTIMATE 15 +#define STATUS_SHM_INFO 16 +#define STATUS_SHM_GET 17 +#define STATUS_SHM_GET_BOOL 18 +#define STATUS_SHM_GET_HIDDEN 19 /*-- status.c --*/ -void set_status_fd( int fd ); -void write_status( int no ); -void write_status_text( int no, const char *text); +void set_status_fd ( int fd ); +void write_status ( int no ); +void write_status_text ( int no, const char *text ); + +#ifdef USE_SHM_COPROCESSING + void init_shm_coprocessing ( ulong requested_shm_size, int lock_mem ); +#endif /*USE_SHM_COPROCESSING*/ + +int cpr_enabled(void); +char *cpr_get( const char *keyword, const char *prompt ); +char *cpr_get_hidden( const char *keyword, const char *prompt ); +void cpr_kill_prompt(void); +int cpr_get_answer_is_yes( const char *keyword, const char *prompt ); #endif /*G10_STATUS_H*/ |