Page MenuHome GnuPG
Create Task
Maniphest T7151

graceful shutdown: DEVINFO should be a gpg-agent command: also watching input close
Testing, HighPublic
Actions

Description

scdaemon supports DEVINFO --watch command to keep watching the device removal.
It loops forever (for the current implementation), and the only way to stop watcing is killing scdaemon.

It should work in the following way, like:
(1) It simultaneously polls device info updates and client input close.
(2) On device info update, send the information to client.
(3) On the client input close, finish the command (and finish the connection from client).

But it is not only scdaemon, but also gpg-agent should behave like that, because gpgme uses gpg-agent to access scdaemon.
That is:
(1) gpg-agent (for DEVINFO command) should simultaneously polls on (a) scdaemon's output and (b) client input close.
(2) On the scdaemon output, send the information to client.
(3) On the client input close, finish the command and finish the connection to scdaemon, and finish the connection from client).

Revisions and Commits

rG GnuPG
rG5746c944cd78 agent: Require use of "SCD DEVINFO --watch" command with socket.
rG0ed8e9ae3e75 agent: Handle SCD DEVINFO --watch command in a special way.
rG59e785b5434d scd: Restrict use of DEVINFO --watch command for socket connection.
rGfd9872295b33 agent:daemon: Add an argument to specify requiring socket connection.
rG6996e5f6ff5d scd: Finish DEVINFO --watch command on input close.
rG70bb9c512727 scd: Fix how scdaemon pipe server finishes.
rGc4ff9c5def1a agent: Require use of "SCD DEVINFO --watch" command with socket.
rGb3f1f2cd192b agent: Handle SCD DEVINFO --watch command in a special way.
rG5d980802acb3 agent:daemon: Add an argument to specify requiring socket connection.
rGd98521b934ec scd: Restrict use of DEVINFO --watch command for socket connection.
rG36d8cffc6cd2 scd: Finish DEVINFO --watch command on input close.
AuditedrG01fa318be0f8 scd: Fix how scdaemon pipe server finishes.

Related Objects
Search...

Event Timeline

gniibe claimed this task.Wed, Jun 12, 6:42 AM
gniibe created this task.
werner added a subscriber: ikloecker.Thu, Jun 13, 10:19 AM
werner triaged this task as High priority.Thu, Jun 13, 12:38 PM
werner added a project: gnupg24.
gniibe added projects: scd, gpgagent.Mon, Jun 17, 4:49 AM
gniibe added a commit: rG01fa318be0f8: scd: Fix how scdaemon pipe server finishes..Mon, Jun 17, 4:54 AM
gniibe added a comment.EditedMon, Jun 24, 4:24 AM

Did some experiment and I concluded (for now) that new command for gpg-agent would not be needed.
Instead, it might be better doing following in GPGME.

(1) Asking gpg-agent for socket name of scdaemon (if gpg-agent is not yet running, start it).
(2) Then, use the socket to connect scdaemon for DEVINFO --watch.

Note that this (1) is the way how Poldi works to access scdaemon.

By doing this, we don't need to touch gpg-agent, and we don't need to consider difference between how to watch pipe connection and how to watch socket connection on Windows for gpg-agent.

And... for scdaemon, we can assume the connection is socket for DEVINFO --watch command, which allows use of select.

werner added a subscriber: werner.Mon, Jun 24, 9:05 AM

Maybe we can support this directly in gpgme's assuan API.

gniibe added a commit: rG36d8cffc6cd2: scd: Finish DEVINFO --watch command on input close..Tue, Jun 25, 8:35 AM
gniibe added a comment.Tue, Jun 25, 10:56 AM

scdaemon part was done in: rG36d8cffc6cd2: scd: Finish DEVINFO --watch command on input close.

gniibe added a commit: rGd98521b934ec: scd: Restrict use of DEVINFO --watch command for socket connection..Wed, Jun 26, 4:17 AM
gniibe added a commit: rG5d980802acb3: agent:daemon: Add an argument to specify requiring socket connection..Thu, Jun 27, 8:32 AM
gniibe added a commit: rGb3f1f2cd192b: agent: Handle SCD DEVINFO --watch command in a special way..
gniibe added a comment.Thu, Jun 27, 8:38 AM

Asking a change of gpgme would need more time... So, I decided to change gpg-agent side.
gpg-agent part was done in: rGb3f1f2cd192b: agent: Handle SCD DEVINFO --watch command in a special way.

Tested on Debian machine. Test scenario is like following.

(1) Prepare gpg-agent running. Identify the PID by ps command and see the number of threads by ps -m -L PID command

(2) Run the following command to watch the device information

gpg-connect-agent "SCD DEVINFO --watch"

(3) On another terminal, you can see the number of threads of gpg-agent is now increased.

(4) With Ctrl-C, kill the gpg-connect-agent command

(5) Check the number of threads of gpg-agent again, it's now decreased.

Please test on Windows.

gniibe added a commit: rGc4ff9c5def1a: agent: Require use of "SCD DEVINFO --watch" command with socket..Fri, Jun 28, 6:54 AM
gniibe changed the task status from Open to Testing.Mon, Jul 1, 4:25 AM
gniibe changed the status of subtask T7160: scd: pipe server shutdown from Open to Testing.
werner added a commit: rG70bb9c512727: scd: Fix how scdaemon pipe server finishes..Mon, Jul 1, 2:39 PM
werner added a commit: rG6996e5f6ff5d: scd: Finish DEVINFO --watch command on input close..
werner added a commit: rGfd9872295b33: agent:daemon: Add an argument to specify requiring socket connection..
werner added a commit: rG59e785b5434d: scd: Restrict use of DEVINFO --watch command for socket connection..
werner added a commit: rG0ed8e9ae3e75: agent: Handle SCD DEVINFO --watch command in a special way..
werner added a commit: rG5746c944cd78: agent: Require use of "SCD DEVINFO --watch" command with socket..