[Pkg-gnupg-commit] [gnupg2] 126/241: dirmngr: Do not block during ADNS calls.

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Dec 9 20:32:05 UTC 2015 

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch master
in repository gnupg2.

commit a3b26d6c0839ec18d1dc226bb537d5067c86d574
Author: Werner Koch <wk at gnupg.org>
Date:   Thu Nov 12 13:31:59 2015 +0100

    dirmngr: Do not block during ADNS calls.
    
    * dirmngr/dns-stuff.c: Include npth.h
    (my_unprotect, my_protect): New wrapper.
    (resolve_name_adns): Put unprotect/protect around adns calls.
    (get_dns_cert): Ditto.
    (getsrv): Ditto.
    (get_dns_cname): Ditto.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>
---
 dirmngr/Makefile.am |  1 +
 dirmngr/dns-stuff.c | 43 +++++++++++++++++++++++++++++++++++--------
 2 files changed, 36 insertions(+), 8 deletions(-)

diff --git a/dirmngr/Makefile.am b/dirmngr/Makefile.am
index 009802a..c3bce0d 100644
--- a/dirmngr/Makefile.am
+++ b/dirmngr/Makefile.am
@@ -142,6 +142,7 @@ t_ldap_parse_uri_SOURCES = \
 t_ldap_parse_uri_CFLAGS = -DWITHOUT_NPTH=1
 t_ldap_parse_uri_LDADD = $(ldaplibs) $(t_common_ldadd) $(DNSLIBS)
 
+t_dns_stuff_CFLAGS = -DWITHOUT_NPTH=1
 t_dns_stuff_SOURCES = t-dns-stuff.c dns-stuff.c
 t_dns_stuff_LDADD   = $(t_common_ldadd) $(DNSLIBS)
 
diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c
index 6f3ce39..200e1e2 100644
--- a/dirmngr/dns-stuff.c
+++ b/dirmngr/dns-stuff.c
@@ -51,10 +51,25 @@
 # error Either getaddrinfo or the ADNS libary is required.
 #endif
 
+#ifdef WITHOUT_NPTH /* Give the Makefile a chance to build without Pth.  */
+# undef USE_NPTH
+#endif
+#ifdef USE_NPTH
+# include <npth.h>
+#endif
+
 #include "util.h"
 #include "host2net.h"
 #include "dns-stuff.h"
 
+#ifdef USE_NPTH
+# define my_unprotect()        npth_unprotect ()
+# define my_protect()          npth_protect ()
+#else
+# define my_unprotect()        do { } while(0)
+# define my_protect()          do { } while(0)
+#endif
+
 /* We allow the use of 0 instead of AF_UNSPEC - check this assumption.  */
 #if AF_UNSPEC != 0
 # error AF_UNSPEC does not have the value 0
@@ -231,6 +246,7 @@ resolve_name_adns (const char *name, unsigned short port,
                    dns_addrinfo_t *r_dai, char **r_canonname)
 {
   gpg_error_t err = 0;
+  int ret;
   dns_addrinfo_t daihead = NULL;
   dns_addrinfo_t dai;
   adns_state state;
@@ -251,8 +267,11 @@ resolve_name_adns (const char *name, unsigned short port,
   if (err)
     return err;
 
-  if (adns_synchronous (state, name, adns_r_addr,
-                        adns_qf_quoteok_query, &answer))
+  my_unprotect ();
+  ret = adns_synchronous (state, name, adns_r_addr,
+                          adns_qf_quoteok_query, &answer);
+  my_protect ();
+  if (ret)
     {
       err = gpg_error_from_syserror ();
       log_error ("DNS query failed: %s\n", gpg_strerror (err));
@@ -629,6 +648,7 @@ get_dns_cert (const char *name, int want_certtype,
 #ifdef USE_DNS_CERT
 #ifdef USE_ADNS
   gpg_error_t err;
+  int ret;
   adns_state state;
   adns_answer *answer = NULL;
   unsigned int ctype;
@@ -646,12 +666,15 @@ get_dns_cert (const char *name, int want_certtype,
   if (err)
     return err;
 
-  if (adns_synchronous (state, name,
-                        (adns_r_unknown
-                         | (want_certtype < DNS_CERTTYPE_RRBASE
-                            ? my_adns_r_cert
-                            : (want_certtype - DNS_CERTTYPE_RRBASE))),
-                        adns_qf_quoteok_query, &answer))
+  my_unprotect ();
+  ret = adns_synchronous (state, name,
+                          (adns_r_unknown
+                           | (want_certtype < DNS_CERTTYPE_RRBASE
+                              ? my_adns_r_cert
+                              : (want_certtype - DNS_CERTTYPE_RRBASE))),
+                          adns_qf_quoteok_query, &answer);
+  my_protect ();
+  if (ret)
     {
       err = gpg_error_from_syserror ();
       /* log_error ("DNS query failed: %s\n", strerror (errno)); */
@@ -1001,8 +1024,10 @@ getsrv (const char *name,struct srventry **list)
     if (my_adns_init (&state))
       return -1;
 
+    my_unprotect ();
     rc = adns_synchronous (state, name, adns_r_srv, adns_qf_quoteok_query,
                            &answer);
+    my_protect ();
     if (rc)
       {
         log_error ("DNS query failed: %s\n", strerror (errno));
@@ -1241,8 +1266,10 @@ get_dns_cname (const char *name, char **r_cname)
     if (my_adns_init (&state))
       return gpg_error (GPG_ERR_GENERAL);
 
+    my_unprotect ();
     rc = adns_synchronous (state, name, adns_r_cname, adns_qf_quoteok_query,
                            &answer);
+    my_protect ();
     if (rc)
       {
         err = gpg_error_from_syserror ();

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

More information about the Pkg-gnupg-commit mailing list