[git] GnuPG - branch, master, updated. gnupg-2.1.15-70-g0b99d1f

by Werner Koch cvs at cvs.gnupg.org
Mon Sep 5 16:31:11 CEST 2016 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  0b99d1fd2a80b8efaacc731027d2b2ecd9eca699 (commit)
       via  2eeb5551c37659fdd59e8537fc77a9e7fb6a9204 (commit)
      from  1f1f56e606c1cb28eec68c60bd8bcb7ab30805de (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 0b99d1fd2a80b8efaacc731027d2b2ecd9eca699
Author: Werner Koch <wk at gnupg.org>
Date:   Mon Sep 5 16:13:41 2016 +0200

    agent: Silence --debug IPC output for connections from self.
    
    * agent/command.c (server_local_s): Add fields 'greeting_seen' and
    'connect_from_self'.
    (io_monitor): Do not log connections from self.
    (start_command_handler): Set flag 'connect_from_self'.
    * agent/gpg-agent.c (check_own_socket_thread): Disable logging.
    (do_start_connection_thread): Do not log conection start and
    termination if IPC debugging is enabled.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/agent/command.c b/agent/command.c
index e66f1ed..7e651bf 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -76,9 +76,16 @@ struct server_local_s
      takes precedence over this flag.  */
   unsigned int use_cache_for_signing : 1;
 
-  /* Flags to suppress I/O logging during a command.  */
+  /* Flag to suppress I/O logging during a command.  */
   unsigned int pause_io_logging : 1;
 
+  /* Flag indicating that the connection is from ourselves.  */
+  unsigned int connect_from_self : 1;
+
+  /* Helper flag for io_monitor to allow suppressing of our own
+   * greeting in some cases.  See io_monitor for details.  */
+  unsigned int greeting_seen : 1;
+
   /* If this flag is set to true the agent will be terminated after
      the end of the current session.  */
   unsigned int stopme : 1;
@@ -3052,6 +3059,29 @@ io_monitor (assuan_context_t ctx, void *hook, int direction,
 
   (void) hook;
 
+  /* We want to suppress all Assuan log messages for connections from
+   * self.  However, assuan_get_pid works only after
+   * assuan_accept. Now, assuan_accept already logs a line ending with
+   * the process id.  We use this hack here to get the peers pid so
+   * that we can compare it to our pid.  We should add an assuan
+   * function to return the pid for a file descriptor and use that to
+   * detect connections to self.  */
+  if (ctx && !ctrl->server_local->greeting_seen
+      && direction == ASSUAN_IO_TO_PEER)
+    {
+      ctrl->server_local->greeting_seen = 1;
+      if (linelen > 32
+          && !strncmp (line, "OK Pleased to meet you, process ", 32)
+          && strtoul (line+32, NULL, 10) == getpid ())
+        return ASSUAN_IO_MONITOR_NOLOG;
+    }
+
+
+  /* Do not log self-connections.  This makes the log cleaner because
+   * we won't see the check-our-own-socket calls.  */
+  if (ctx && ctrl->server_local->connect_from_self)
+    return ASSUAN_IO_MONITOR_NOLOG;
+
   /* Note that we only check for the uppercase name.  This allows the user to
      see the logging for debugging if using a non-upercase command
      name. */
@@ -3202,6 +3232,7 @@ start_command_handler (ctrl_t ctrl, gnupg_fd_t listen_fd, gnupg_fd_t fd)
   ctrl->server_local = xcalloc (1, sizeof *ctrl->server_local);
   ctrl->server_local->assuan_ctx = ctx;
   ctrl->server_local->use_cache_for_signing = 1;
+
   ctrl->digest.raw_value = 0;
 
   assuan_set_io_monitor (ctx, io_monitor, NULL);
@@ -3220,6 +3251,8 @@ start_command_handler (ctrl_t ctrl, gnupg_fd_t listen_fd, gnupg_fd_t fd)
           break;
         }
 
+      ctrl->server_local->connect_from_self = (assuan_get_pid (ctx)==getpid ());
+
       rc = assuan_process (ctx);
       if (rc)
         {
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
index 79c83a5..e119975 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@@ -2303,12 +2303,12 @@ do_start_connection_thread (ctrl_t ctrl)
 {
   active_connections++;
   agent_init_default_ctrl (ctrl);
-  if (opt.verbose)
+  if (opt.verbose && !DBG_IPC)
     log_info (_("handler 0x%lx for fd %d started\n"),
               (unsigned long) npth_self(), FD2INT(ctrl->thread_startup.fd));
 
   start_command_handler (ctrl, GNUPG_INVALID_FD, ctrl->thread_startup.fd);
-  if (opt.verbose)
+  if (opt.verbose && !DBG_IPC)
     log_info (_("handler 0x%lx for fd %d terminated\n"),
               (unsigned long) npth_self(), FD2INT(ctrl->thread_startup.fd));
 
@@ -2657,6 +2657,7 @@ check_own_socket_thread (void *arg)
       log_error ("can't allocate assuan context: %s\n", gpg_strerror (rc));
       goto leave;
     }
+  assuan_set_flag (ctx, ASSUAN_NO_LOGGING, 1);
 
   rc = assuan_socket_connect (ctx, sockname, (pid_t)(-1), 0);
   if (rc)

commit 2eeb5551c37659fdd59e8537fc77a9e7fb6a9204
Author: Werner Koch <wk at gnupg.org>
Date:   Mon Sep 5 14:43:42 2016 +0200

    agent: Small improvement of the server's local state.
    
    * agent/command.c (sserver_local_s): Change flags to use only one bit.
    (option_handler): Make an atoi return 1 or 0.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/agent/command.c b/agent/command.c
index 9522f89..e66f1ed 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -74,21 +74,21 @@ struct server_local_s
      operations.  It defaults to true but may be set on a per
      connection base.  The global option opt.ignore_cache_for_signing
      takes precedence over this flag.  */
-  int use_cache_for_signing;
-
-  /* An allocated description for the next key operation.  This is
-     used if a pinnetry needs to be popped up.  */
-  char *keydesc;
+  unsigned int use_cache_for_signing : 1;
 
   /* Flags to suppress I/O logging during a command.  */
-  int pause_io_logging;
+  unsigned int pause_io_logging : 1;
 
-  /* If this flags is set to true the agent will be terminated after
+  /* If this flag is set to true the agent will be terminated after
      the end of the current session.  */
-  int stopme;
+  unsigned int stopme : 1;
 
   /* Flag indicating whether pinentry notifications shall be done. */
-  int allow_pinentry_notify;
+  unsigned int allow_pinentry_notify : 1;
+
+  /* An allocated description for the next key operation.  This is
+     used if a pinnetry needs to be popped up.  */
+  char *keydesc;
 
   /* Malloced KEK (Key-Encryption-Key) for the import_key command.  */
   void *import_key;
@@ -2992,7 +2992,7 @@ option_handler (assuan_context_t ctx, const char *key, const char *value)
       err = session_env_setenv (ctrl->session_env, "PINENTRY_USER_DATA", value);
     }
   else if (!strcmp (key, "use-cache-for-signing"))
-    ctrl->server_local->use_cache_for_signing = *value? atoi (value) : 0;
+    ctrl->server_local->use_cache_for_signing = *value? !!atoi (value) : 0;
   else if (!strcmp (key, "allow-pinentry-notify"))
     ctrl->server_local->allow_pinentry_notify = 1;
   else if (!strcmp (key, "pinentry-mode"))

-----------------------------------------------------------------------

Summary of changes:
 agent/command.c   | 53 +++++++++++++++++++++++++++++++++++++++++++----------
 agent/gpg-agent.c |  5 +++--
 2 files changed, 46 insertions(+), 12 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list