[NPTH] npth and fork

NIIBE Yutaka gniibe at fsij.org
Mon Oct 3 05:44:30 CEST 2016 

On 10/03/2016 10:13 AM, NIIBE Yutaka wrote:
> The specific use case of fork to daemonize a program should be done
> _before_ calling npth_init, ideally.
> 
> I'm going to examine code of gpg-agent and scdaemon if fix is easy.

Here is the change.  We also have dirmngr.

This change may be fragile.  No call/access should be done before
npth_init and I tried to do so, but possibly, I missed.


diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
index 15202ac..f56e29e 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@@ -718,6 +718,16 @@ finalize_rereadable_options (void)
 }


+static void
+initialize_modules (void)
+{
+  npth_init ();
+  initialize_module_cache ();
+  initialize_module_call_pinentry ();
+  initialize_module_call_scd ();
+  initialize_module_trustlist ();
+}
+

 /* The main entry point.  */
 int
@@ -765,8 +775,6 @@ main (int argc, char **argv )
   i18n_init ();
   init_common_subsystems (&argc, &argv);

-  npth_init ();
-
   malloc_hooks.malloc = gcry_malloc;
   malloc_hooks.realloc = gcry_realloc;
   malloc_hooks.free = gcry_free;
@@ -1080,11 +1088,6 @@ main (int argc, char **argv )
       exit (1);
     }

-  initialize_module_cache ();
-  initialize_module_call_pinentry ();
-  initialize_module_call_scd ();
-  initialize_module_trustlist ();
-
   /* Try to create missing directories. */
   create_directories ();

@@ -1196,6 +1199,8 @@ main (int argc, char **argv )
       /* This is the simple pipe based server */
       ctrl_t ctrl;

+      initialize_modules ();
+
       ctrl = xtrycalloc (1, sizeof *ctrl);
       if (!ctrl)
         {
@@ -1403,6 +1408,8 @@ main (int argc, char **argv )
          This is the child
        */

+      initialize_modules ();
+
       /* Detach from tty and put process into a new session */
       if (!nodetach )
         {
diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
index 64d93b7..621c2bb 100644
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
@@ -647,6 +647,22 @@ pid_suffix_callback (unsigned long *r_suffix)
 #endif /*!HAVE_W32_SYSTEM*/


+static void
+thread_init (void)
+{
+  npth_init ();
+
+  /* Now with NPth running we can set the logging callback.  Our
+     windows implementation does not yet feature the NPth TLS
+     functions.  */
+#ifndef HAVE_W32_SYSTEM
+  if (npth_key_create (&my_tlskey_current_fd, NULL) == 0)
+    if (npth_setspecific (my_tlskey_current_fd, NULL) == 0)
+      log_set_pid_suffix_cb (pid_suffix_callback);
+#endif /*!HAVE_W32_SYSTEM*/
+}
+
+
 int
 main (int argc, char **argv)
 {
@@ -680,8 +696,6 @@ main (int argc, char **argv)
   i18n_init ();
   init_common_subsystems (&argc, &argv);

-  npth_init ();
-
   gcry_control (GCRYCTL_DISABLE_SECMEM, 0);

  /* Check that the libraries are suitable.  Do it here because
@@ -722,15 +736,6 @@ main (int argc, char **argv)
   if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3,
"csh") )
     csh_style = 1;

-    /* Now with NPth running we can set the logging callback.  Our
-     windows implementation does not yet feature the NPth TLS
-     functions.  */
-#ifndef HAVE_W32_SYSTEM
-  if (npth_key_create (&my_tlskey_current_fd, NULL) == 0)
-    if (npth_setspecific (my_tlskey_current_fd, NULL) == 0)
-      log_set_pid_suffix_cb (pid_suffix_callback);
-#endif /*!HAVE_W32_SYSTEM*/
-
   /* Reset rereadable options to default values. */
   parse_rereadable_options (NULL, 0);

@@ -981,6 +986,7 @@ main (int argc, char **argv)
       ldap_wrapper_launch_thread ();
 #endif /*USE_LDAP*/

+      thread_init ();
       cert_cache_init ();
       crl_cache_init ();
       start_command_handler (ASSUAN_INVALID_FD);
@@ -1179,6 +1185,7 @@ main (int argc, char **argv)
       ldap_wrapper_launch_thread ();
 #endif /*USE_LDAP*/

+      thread_init ();
       cert_cache_init ();
       crl_cache_init ();
       handle_connections (fd);
@@ -1206,6 +1213,7 @@ main (int argc, char **argv)
 #if USE_LDAP
       ldap_wrapper_launch_thread ();
 #endif /*USE_LDAP*/
+      thread_init ();
       cert_cache_init ();
       crl_cache_init ();
       if (!argc)
@@ -1231,6 +1239,7 @@ main (int argc, char **argv)
 #if USE_LDAP
       ldap_wrapper_launch_thread ();
 #endif /*USE_LDAP*/
+      thread_init ();
       cert_cache_init ();
       crl_cache_init ();
       rc = crl_fetch (&ctrlbuf, argv[0], &reader);
diff --git a/scd/scdaemon.c b/scd/scdaemon.c
index bf54d95..3571e66 100644
--- a/scd/scdaemon.c
+++ b/scd/scdaemon.c
@@ -422,8 +422,6 @@ main (int argc, char **argv )
   i18n_init ();
   init_common_subsystems (&argc, &argv);

-  npth_init ();
-
   ksba_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free);

   malloc_hooks.malloc = gcry_malloc;
@@ -724,6 +722,8 @@ main (int argc, char **argv )
       }
 #endif

+      npth_init ();
+
       /* If --debug-allow-core-dump has been given we also need to
          switch the working directory to a place where we can actually
          write. */
@@ -861,6 +861,8 @@ main (int argc, char **argv )

       /* This is the child. */

+      npth_init ();
+
       /* Detach from tty and put process into a new session. */
       if (!nodetach )
         {
--

More information about the Gnupg-devel mailing list