[git] GnuPG - branch, master, updated. gnupg-2.1.15-358-g6bf6981

by Werner Koch cvs at cvs.gnupg.org
Sat Nov 12 11:06:06 CET 2016 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  6bf698197222bf6081c249c815aebb075e8ec820 (commit)
      from  4473db1ef24031ff4e26c9a9de95dbe898ed2b97 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 6bf698197222bf6081c249c815aebb075e8ec820
Author: Werner Koch <wk at gnupg.org>
Date:   Sat Nov 12 11:02:48 2016 +0100

    agent: Improve concurrency when Libgcrypt 1.8 is used.
    
    * agent/gpg-agent.c (thread_init_once): Tell Libgcrypt to reinit the
    system call clamp.
    (agent_libgcrypt_progress_cb): Do not sleep if Libgcrypt is recent
    enough.
    --
    
    This patch prepares for a feature comming with Libgcrypt 1.8.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
index d767879..1433f7f 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@@ -901,6 +901,14 @@ thread_init_once (void)
       npth_init ();
     }
   gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
+  /* Now that we have set the syscall clamp we need to tell Libgcrypt
+   * that it should get them from libgpg-error.  Note that Libgcrypt
+   * has already been initialized but at that point nPth was not
+   * initialized and thus Libgcrypt could not set its system call
+   * clamp.  */
+#if GCRYPT_VERSION_NUMBER >= 0x010800 /* 1.8.0 */
+  gcry_control (GCRYCTL_REINIT_SYSCALL_CLAMP, 0, 0);
+#endif
 }
 
 
@@ -1748,16 +1756,14 @@ agent_libgcrypt_progress_cb (void *data, const char *what, int printchar,
   if (dispatch && dispatch->cb)
     dispatch->cb (dispatch->ctrl, what, printchar, current, total);
 
-  /* If Libgcrypt tells us that it needs more entropy, we better take
-   * a nap to give other threads a chance to run.  Note that Libgcrypt
-   * does not know about nPth and thus when it selects and reads from
-   * /dev/random this will block the process.  Maybe we should add a
-   * function similar to gpgrt_set_syscall_clamp to Libgcrypt or use
-   * those clamps directly.  For now sleeping for 100ms seems to be
-   * appropriate. */
+  /* Libgcrypt < 1.8 does not know about nPth and thus when it reads
+   * from /dev/random this will block the process.  To mitigate this
+   * problem we take a short nap when Libgcrypt tells us that it needs
+   * more entropy.  This way other threads have chance to run.  */
+#if GCRYPT_VERSION_NUMBER < 0x010800 /* 1.8.0 */
   if (what && !strcmp (what, "need_entropy"))
-    npth_usleep (100000);
-
+    npth_usleep (100000); /* 100ms */
+#endif
 }
 
 

-----------------------------------------------------------------------

Summary of changes:
 agent/gpg-agent.c | 24 +++++++++++++++---------
 1 file changed, 15 insertions(+), 9 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list