#include <errno.h>
#include <fcntl.h>
#include <stdint.h>
+#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#endif
#ifdef OS_WIN32
+#include <process.h>
+#include <signal.h>
#include <winsock2.h>
#ifndef EWOULDBLOCK
#define EWOULDBLOCK WSAEWOULDBLOCK
#endif
typedef struct {
- /* Never changes */
- int fd;
+ /* Never changes. On Unix, these are identical, as it is
+ * backed by a socket. On Windows, it is another file
+ * descriptor, as they are backed by two pipes */
+ int read_fd;
+ int write_fd;
/* Protected by the lock */
p11_mutex_t write_lock;
sock = calloc (1, sizeof (rpc_socket));
return_val_if_fail (sock != NULL, NULL);
- sock->fd = fd;
+ sock->read_fd = fd;
+ sock->write_fd = fd;
sock->last_code = 0x10;
sock->read_creds = false;
sock->sent_creds = false;
rpc_socket_is_open (rpc_socket *sock)
{
assert (sock != NULL);
- return sock->fd >= 0;
+ return sock->read_fd >= 0;
}
#endif
rpc_socket_close (rpc_socket *sock)
{
assert (sock != NULL);
- if (sock->fd != -1)
- close (sock->fd);
- sock->fd = -1;
+ if (sock->read_fd != -1)
+ close (sock->read_fd);
+ sock->read_fd = -1;
+#ifdef OS_WIN32
+ if (sock->write_fd != -1)
+ close (sock->write_fd);
+ sock->write_fd = -1;
+#endif
}
static void
/* Place holder byte, will later carry unix credentials (on some systems) */
if (!sock->sent_creds) {
- if (write_all (sock->fd, &dummy, 1) != 1) {
+ if (write_all (sock->write_fd, &dummy, 1) != 1) {
p11_message_err (errno, "couldn't send socket credentials");
return CKR_DEVICE_ERROR;
}
p11_rpc_buffer_encode_uint32 (header + 4, options->len);
p11_rpc_buffer_encode_uint32 (header + 8, buffer->len);
- if (!write_all (sock->fd, header, 12) ||
- !write_all (sock->fd, options->data, options->len) ||
- !write_all (sock->fd, buffer->data, buffer->len))
+ if (!write_all (sock->write_fd, header, 12) ||
+ !write_all (sock->write_fd, options->data, options->len) ||
+ !write_all (sock->write_fd, buffer->data, buffer->len))
return CKR_DEVICE_ERROR;
return CKR_OK;
CK_RV ret = CKR_DEVICE_ERROR;
unsigned char header[12];
unsigned char dummy;
+#ifdef OS_UNIX
fd_set rfds;
+#endif
+#ifdef OS_WIN32
+ HANDLE handle;
+ DWORD mode;
+#endif
assert (code != NULL);
assert (buffer != NULL);
p11_mutex_lock (&sock->read_lock);
if (!sock->read_creds) {
- if (read_all (sock->fd, &dummy, 1) != 1) {
+ if (read_all (sock->read_fd, &dummy, 1) != 1) {
p11_mutex_unlock (&sock->read_lock);
return CKR_DEVICE_ERROR;
}
for (;;) {
/* No message header has been read yet? ... read one in */
if (sock->read_code == 0) {
- if (!read_all (sock->fd, header, 12))
+ if (!read_all (sock->read_fd, header, 12))
break;
/* Decode and check the message header */
}
/* Read in the the options first, and then data */
- if (!read_all (sock->fd, buffer->data, sock->read_olen) ||
- !read_all (sock->fd, buffer->data, sock->read_dlen))
+ if (!read_all (sock->read_fd, buffer->data, sock->read_olen) ||
+ !read_all (sock->read_fd, buffer->data, sock->read_dlen))
break;
buffer->len = sock->read_dlen;
p11_mutex_unlock (&sock->read_lock);
/* Used as a simple wait */
+#ifdef OS_UNIX
FD_ZERO (&rfds);
- FD_SET (sock->fd, &rfds);
- if (select (sock->fd + 1, &rfds, NULL, NULL, NULL) < 0)
+ FD_SET (sock->read_fd, &rfds);
+ if (select (sock->read_fd + 1, &rfds, NULL, NULL, NULL) < 0)
p11_message ("couldn't use select to wait on rpc socket");
-
+#endif
+#ifdef OS_WIN32
+ handle = (HANDLE) _get_osfhandle (sock->read_fd);
+ if (!ReadFile (handle, NULL, 0, &mode, NULL))
+ p11_message ("couldn't use select to wait on rpc pipe");
+#endif
p11_mutex_lock (&sock->read_lock);
}
}
/* Get the next socket reply code */
call_code = sock->last_code++;
- if (sock->fd == -1)
+ if (sock->read_fd == -1)
rv = CKR_DEVICE_ERROR;
+#ifdef OS_WIN32
+ if (sock->write_fd == -1)
+ rv = CKR_DEVICE_ERROR;
+#endif
if (rv == CKR_OK)
rv = rpc_socket_write_inlock (sock, call_code, &rpc->options, request);
p11_mutex_lock (&sock->write_lock);
}
- if (rv != CKR_OK && sock->fd != -1) {
+ if (rv != CKR_OK && sock->read_fd != -1) {
p11_message ("closing socket due to protocol failure");
- close (sock->fd);
- sock->fd = -1;
+ close (sock->read_fd);
+ sock->read_fd = -1;
}
+#ifdef OS_WIN32
+ if (rv != CKR_OK && sock->write_fd != -1) {
+ p11_message ("closing socket due to protocol failure");
+ close (sock->write_fd);
+ sock->write_fd = -1;
+ }
+#endif
sock->refs--;
assert (sock->refs > 0);
return CKR_OK;
}
+#endif /* OS_UNIX */
+
+#ifdef OS_WIN32
+
+typedef struct {
+ p11_rpc_transport base;
+ p11_array *argv;
+ HANDLE pid;
+} rpc_exec;
+
+static void
+rpc_exec_wait_or_terminate (HANDLE pid)
+{
+ DWORD status;
+ int ret;
+ int i;
+
+
+ for (i = 0; i < 3 * 1000; i += 100) {
+ ret = WaitForSingleObject (pid, 10000);
+ if (ret == WAIT_OBJECT_0)
+ break;
+ }
+
+ if (ret != WAIT_OBJECT_0) {
+ p11_message ("process %p did not exit, terminating", pid);
+ if (!TerminateProcess (pid, SIGTERM))
+ p11_message ("couldn't terminate process %p", pid);
+ ret = WaitForSingleObject (pid, 0);
+ }
+
+ if (ret != WAIT_OBJECT_0) {
+ p11_message ("failed to wait for executed child: %p", pid);
+ status = 0;
+ } else if (!GetExitCodeProcess (pid, &status)) {
+ p11_message ("failed to get the exit status of %p", pid);
+ } else if (status == 0) {
+ p11_debug ("process %p exited with status 0", pid);
+ } else {
+ p11_message ("process %p exited with status %lu", pid, status);
+ }
+
+ CloseHandle (pid);
+}
+
+static void
+rpc_exec_disconnect (p11_rpc_client_vtable *vtable,
+ void *fini_reserved)
+{
+ rpc_exec *rex = (rpc_exec *)vtable;
+
+ if (rex->base.socket)
+ rpc_socket_close (rex->base.socket);
+
+ if (rex->pid != INVALID_HANDLE_VALUE)
+ rpc_exec_wait_or_terminate (rex->pid);
+ rex->pid = INVALID_HANDLE_VALUE;
+
+ /* Do the common disconnect stuff */
+ rpc_transport_disconnect (vtable, fini_reserved);
+}
+
+static int
+set_cloexec_on_fd (int fd)
+{
+ HANDLE handle;
+
+ handle = (HANDLE) _get_osfhandle (fd);
+ if (!SetHandleInformation (handle, HANDLE_FLAG_INHERIT, 0))
+ return -1;
+
+ return 0;
+}
+
+static CK_RV
+rpc_exec_connect (p11_rpc_client_vtable *vtable,
+ void *init_reserved)
+{
+ rpc_exec *rex = (rpc_exec *)vtable;
+ intptr_t pid = -1;
+ int pw[2] = { -1, -1 }, pr[2] = { -1, -1 };
+ int fds[2] = { -1, -1 };
+ CK_RV rv = CKR_OK;
+
+ p11_debug ("executing rpc transport: %s", (char *)rex->argv->elem[0]);
+
+ setvbuf (stdout, NULL, _IONBF, 0 );
+
+ if (_pipe (pw, 256, _O_BINARY) == -1 ||
+ set_cloexec_on_fd (pw[1]) == -1) {
+ p11_message_err (errno, "failed to create pipe for remote");
+ rv = CKR_DEVICE_ERROR;
+ goto out;
+ }
+
+ if (_pipe (pr, 256, _O_BINARY) == -1 ||
+ set_cloexec_on_fd (pr[0]) == -1) {
+ p11_message_err (errno, "failed to create pipe for remote");
+ rv = CKR_DEVICE_ERROR;
+ goto out;
+ }
+
+ /* Save the original stdin and stdout */
+ fds[0] = dup (STDIN_FILENO);
+ if (fds[0] == -1) {
+ p11_message_err (errno, "failed to duplicate stdin");
+ rv = CKR_DEVICE_ERROR;
+ goto out;
+ }
+ /* FIXME: Shouldn't we close STDIN_FILENO? */
+
+ fds[1] = dup (STDOUT_FILENO);
+ if (fds[1] == -1) {
+ p11_message_err (errno, "failed to duplicate stdout");
+ rv = CKR_DEVICE_ERROR;
+ goto out;
+ }
+ /* FIXME: Shouldn't we close STDOUT_FILENO */
+
+ /* Temporarily redirect pipe descriptors to stdin/stdout for child */
+ if (dup2 (pw[0], STDIN_FILENO) == -1 ||
+ dup2 (pr[1], STDOUT_FILENO) == -1) {
+ p11_message_err (errno, "failed to duplicate child end of pipe");
+ rv = CKR_DEVICE_ERROR;
+ goto out;
+ }
+
+ pid = _spawnv (P_NOWAIT,
+ rex->argv->elem[0],
+ (const char * const *)rex->argv->elem);
+
+ if (pid == -1) {
+ p11_message_err (errno, "failed to spawn remote");
+ rv = CKR_DEVICE_ERROR;
+ goto out;
+ }
+
+ close (pw[0]);
+ pw[0] = -1;
+ close (pr[1]);
+ pr[1] = -1;
+
+ /* Restore the original stdin and stdout */
+ if (dup2 (fds[0], STDIN_FILENO) == -1 ||
+ dup2 (fds[1], STDOUT_FILENO) == -1) {
+ p11_message_err (errno, "failed to restore file descriptors");
+ rv = CKR_DEVICE_ERROR;
+ goto out;
+ }
+
+ close (fds[0]);
+ fds[0] = -1;
+ close (fds[1]);
+ fds[1] = -1;
+
+ rex->pid = (HANDLE) pid;
+ rex->base.socket = rpc_socket_new (pr[0]);
+ return_val_if_fail (rex->base.socket != NULL, CKR_GENERAL_ERROR);
+ rex->base.socket->write_fd = pw[1];
+
+ out:
+ if (rv != CKR_OK) {
+ if (pid != -1) {
+ TerminateProcess ((HANDLE) pid, SIGTERM);
+ CloseHandle ((HANDLE) pid);
+ }
+ if (pw[0] != -1)
+ close (pw[0]);
+ if (pw[1] != -1)
+ close (pw[1]);
+ if (pr[0] != -1)
+ close (pr[0]);
+ if (pr[1] != -1)
+ close (pr[1]);
+ if (fds[0] != -1)
+ close (fds[0]);
+ if (fds[1] != -1)
+ close (fds[1]);
+ }
+
+ return rv;
+}
+
+#endif /* OS_WIN32 */
+
static void
rpc_exec_free (void *data)
{
p11_array_push (argv, NULL);
rex->argv = argv;
+#ifdef OS_WIN32
+ rex->pid = INVALID_HANDLE_VALUE;
+#endif
rex->base.vtable.connect = rpc_exec_connect;
rex->base.vtable.disconnect = rpc_exec_disconnect;
return &rex->base;
}
-#endif /* OS_UNIX */
-
p11_rpc_transport *
p11_rpc_transport_new (p11_virtual *virt,
const char *remote,
return_val_if_fail (remote != NULL, NULL);
return_val_if_fail (name != NULL, NULL);
-#ifdef OS_WIN32
- p11_message ("Windows not yet supported for remote");
- return rpc;
-#else
-
/* This is a command we can execute */
if (remote[0] == '|') {
rpc = rpc_exec_init (remote + 1, name);
return_val_if_reached (NULL);
return rpc;
-#endif
}
void
projects / p11-kit / commitdiff