Dirmngr: Keeps files in homedir open on Windows
Open, LowPublic

Description

On windows it is possible to delete $GNUPGHOME while gpg-agent is running, and the agent dies shortly afterwards.

But when dirmgnr is running this is no longer possible as dirmngr keeps file handles open.

I do not think that this is necessary. But it is not a big issue.

Details

Differential Revisions
D468: dirmngr: Read CRLs into memory on Windows
Version
master

Related Objects

aheinecke renamed this task from Dirmngr: Kepps files open on Windows to Dirmngr: Keeps files in homedir open on Windows.

@werner
This was an issue we talked about.

With process explorer I can see the crl's are kept open:

iirrc, that are memory mapped files.

Maybe related, flush also does not work on Windows:

Beim Leeren des Sperrlisten-Zwischenspeichers ist ein Fehler aufgetreten. Die Ausgabe von dirmngr lautet:
dirmngr[6760]: NOTE: this is a development version!
dirmngr[6760]: enabled debug flags: x509 crypto memory cache memstat hashing ipc dns network lookup extprog
dirmngr[6760]: error opening 'C:\Users\aheinecke\AppData\Roaming\gnupg\dirmngr_ldapservers.conf': No such file or directory
dirmngr[6760]: removing cache file 'C:\Users\aheinecke\AppData\Roaming\gnupg\crls.d\crl-309A02F8AFAB476B8596056B32BB421111175A47.db'
dirmngr[6760]: failed to remove 'C:\Users\aheinecke\AppData\Roaming\gnupg\crls.d\crl-309A02F8AFAB476B8596056B32BB421111175A47.db': Permission denied
dirmngr[6760]: removing cache file 'C:\Users\aheinecke\AppData\Roaming\gnupg\crls.d\crl-48DC7A7FB5A7478F421A4910FF06F6D3842AC835.db'
dirmngr[6760]: removing cache file 'C:\Users\aheinecke\AppData\Roaming\gnupg\crls.d\crl-6D382047D0965B32D75DC993494EA884EE842080.db'
dirmngr[6760]: failed to remove 'C:\Users\aheinecke\AppData\Roaming\gnupg\crls.d\crl-6D382047D0965B32D75DC993494EA884EE842080.db': Permission denied
dirmngr[6760]: removing cache file 'C:\Users\aheinecke\AppData\Roaming\gnupg\crls.d\crl-78922E5FD53D90DFEC89C1DE0B70727E915644C8.db'
dirmngr[6760]: failed to remove 'C:\Users\aheinecke\AppData\Roaming\gnupg\crls.d\crl-78922E5FD53D90DFEC89C1DE0B70727E915644C8.db': Permission denied
dirmngr[6760]: removing cache file 'C:\Users\aheinecke\AppData\Roaming\gnupg\crls.d\crl-97237596A54AAF0E61AF031BDBFB4C3B7B11A350.db'
dirmngr[6760]: removing cache file 'C:\Users\aheinecke\AppData\Roaming\gnupg\crls.d\crl-B7C257D1AF9C50624B9677B8FB166C367750BE4E.db'
dirmngr[6760]: removing cache file 'C:\Users\aheinecke\AppData\Roaming\gnupg\crls.d\crl-F9263E101470F70206718F7A0B84213A8534F450.db'
dirmngr[6760]: removing cache file 'C:\Users\aheinecke\AppData\Roaming\gnupg\crls.d\crl-tmp-unknown-1664-0x05c5e968.db.tmp'
dirmngr[6760]: removing cache file 'C:\Users\aheinecke\AppData\Roaming\gnupg\crls.d\crl-tmp-unknown-1664-0x05e5e968.db.tmp'
dirmngr[6760]: removing cache file 'C:\Users\aheinecke\AppData\Roaming\gnupg\crls.d\DIR.txt'

If I understand the code correctly the mapping is done to let the system optimize the memory management so that the full contents of the file are not kept in memory, or is there a different reason?

Otherwise I would say: This optimization does not make sense on Windows nowadays and change cdb_init for windows to read the full file into memory and then close the fd.

werner added a comment.Nov 7 2018, 5:26 PM

The dirmngr may at any time open a file in that directory and thus there is no reliable way to remove the home directory when any gpg tool is running. Daemons need to be stopped before a directory can be deleted. So I think this is a non-issue and brought to the table only because we have that kludge of detecting a n unlinked directory on Unix. But even on Unix this is not possible to get rid of the home directory, for example if you want to umount it.

Mmh. It still makes a bit sense to me as I think it will be faster. But of course for memory mapped files the OS might decide.

I'll check if https://dev.gnupg.org/D469 still works without it (I think it should). That is the "important" change as otherwise a GUI Action of Kleopatra would always fail on Windows.