From patchwork Wed Jun 23 22:39:18 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lev Stipakov X-Patchwork-Id: 1869 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director7.mail.ord1d.rsapps.net ([172.27.255.59]) by backend30.mail.ord1d.rsapps.net with LMTP id IOS2HBFF1GBXVAAAIUCqbw (envelope-from ) for ; Thu, 24 Jun 2021 04:40:49 -0400 Received: from proxy8.mail.iad3a.rsapps.net ([172.27.255.59]) by director7.mail.ord1d.rsapps.net with LMTP id IPiJHBFF1GDJLgAAovjBpQ (envelope-from ) for ; Thu, 24 Jun 2021 04:40:49 -0400 Received: from smtp26.gate.iad3a ([172.27.255.59]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy8.mail.iad3a.rsapps.net with LMTPS id EJnmFRFF1GAYWwAAsBr/qg (envelope-from ) for ; Thu, 24 Jun 2021 04:40:49 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp26.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Suspicious-Flag: YES X-Classification-ID: dfc1433c-d4c7-11eb-b7a4-52540063aac2-1-1 Received: from [216.105.38.7] ([216.105.38.7:42620] helo=lists.sourceforge.net) by smtp26.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 41/2F-19815-01544D06; Thu, 24 Jun 2021 04:40:49 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1lwKtq-0007aF-2N; Thu, 24 Jun 2021 08:39:50 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lwKto-0007a0-LW for openvpn-devel@lists.sourceforge.net; Thu, 24 Jun 2021 08:39:48 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc: To:From:Sender:Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=VFeHQyf5eV9HzMzxMj2X5U7s+IbwL47ea3FIpgH+Vy4=; b=U58kAsHQBwuqq6lSl3ehcO2ibp G+Jsb3wL7Vn4yEcC9oaQNlLD7yrg5OgIYPV/GuULBm5OIGPAGToY9a0NyrwiibSp2XqoO83YZfCSj a37/pmXbzvRHKHgHBuD2TDOLqYwe1jfZTeVsrnQBakNX3buGtTK9BLmvKwwSYErti7ng=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=VFeHQyf5eV9HzMzxMj2X5U7s+IbwL47ea3FIpgH+Vy4=; b=kskneoABOQZinthfDbhbkaUGHW ozKa3qb+cbQdn3cOpn6UOhk8+fh9rQD3h7z2c/nnwGHrvEllLUnw6mfQ8S3KbsTHUPpI0pp3ZxMSu sQIwUsHLFK5O6Lnl48ZTdIbCZDGJMbcVp18NgCxQcvfTUHgjhxzMpXqjFz3J3JKTkSdE=; Received: from mail-wm1-f53.google.com ([209.85.128.53]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92.3) id 1lwKtg-00Aoth-C6 for openvpn-devel@lists.sourceforge.net; Thu, 24 Jun 2021 08:39:50 +0000 Received: by mail-wm1-f53.google.com with SMTP id o22so2426765wms.0 for ; Thu, 24 Jun 2021 01:39:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=VFeHQyf5eV9HzMzxMj2X5U7s+IbwL47ea3FIpgH+Vy4=; b=otweAV5KkiXYNqeSOy+9+5sY6yoszB4SR2DKP9kg741qz4DTcjSpsBT4x8+631PDxz x/DUCJPOnMoqGjM3BpEZ47CzdKQkpzZ427Vu/FR2PzBHNPsE3qRrRMrbHfnrq/LvdIn/ iD3fd8g3qJwIQjk3t8lvUssDcFvkZNxzlC9GBnU6J0iNbdGWNFiLAPP+ighzqV/ILgtK 5rSNKzvsNomICfKZRgVPYn9riGndrR/lVxeUko4ooK19ZnlRHbLGAuHktCaa0uLHBRgQ xhPeR4ixp41YYs5BJVdGjnGh8vbJ2tysYFCnfBWtDIzw3+OrwNNx9pwPVSPkhRC32zDD I4Iw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=VFeHQyf5eV9HzMzxMj2X5U7s+IbwL47ea3FIpgH+Vy4=; b=JAUBSuWLW1OaNH31kCzUXLe399eKHCnTjcyBIka+JkyVGNR65ESBsRxdQNRg+aaohi 39YHEdBhmcMmWshd0/hwsK3K4a/A9LWbMSNrA0A1/NPjTEpAKEe73tBstcH2U+cjzmt+ dskpTR5VtvcysMUVS0FfoMuTr3OyYa8itThF02UyUDwltM5JuxHfoT72EK6XrWXswCoZ OuPG5pRgEefzot5zLgDrM7L5IQPWe5F6aCIUShcgM3gYRfUyFrMGAWylcEt4+7+KCl6N LJbScuwvnRgLNi5nzUFhMFWMWw0AsBHwo/E2+S7TwJvkBNGG6T5X3VdD481wKHe9pqM+ XQWg== X-Gm-Message-State: AOAM531gU75rse2m0BwHxNno5qTdwlYBZrzyhXJ0ETh84lyYSkToM76d u0pqJJXhJAxsIopAGrKyV2P4/leNz4OURZLL X-Google-Smtp-Source: ABdhPJz34hsL7mUScUUlukvYG82Q34ANCGdsZ9qA/lECNYMNgUkZkqnoNCURq8dfhWyejhW6GY4QYA== X-Received: by 2002:a7b:cc10:: with SMTP id f16mr2969299wmh.24.1624523973687; Thu, 24 Jun 2021 01:39:33 -0700 (PDT) Received: from LAPTOP-4L3N7KFS.localdomain (nat3.panoulu.net. [185.38.2.3]) by smtp.gmail.com with ESMTPSA id u12sm2571878wrq.50.2021.06.24.01.39.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Jun 2021 01:39:33 -0700 (PDT) From: Lev Stipakov To: openvpn-devel@lists.sourceforge.net Date: Thu, 24 Jun 2021 11:39:18 +0300 Message-Id: <20210624083918.106-1-lstipakov@gmail.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210618155241.400-1-lstipakov@gmail.com> References: <20210618155241.400-1-lstipakov@gmail.com> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (lstipakov[at]gmail.com) -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.128.53 listed in list.dnswl.org] 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: openvpn.net] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.128.53 listed in wl.mailspike.net] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-Headers-End: 1lwKtg-00Aoth-C6 Subject: [Openvpn-devel] [PATCH v2] Fix console prompts with redirected log X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Lev Stipakov MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Lev Stipakov When openvpn nees to prompt user for a password (for example, to set management interface password), the prompt is written to standard error device. When log is redirected to a file, that prompt is written to that file and not to the "original" stderr. Moreover, on recent Insider build (21390.2025) openvpn exits with fatal error get_console_input_win32(): unexpected error: No such device or address (errno=6) while attempting to write that prompt. When redirecting stdout/stderr, we use _dup2() to associate stderr descriptor with a log file. This call closes file associated with stderr descriptor, which might explain why it has stopped working (original stderr is closed and WriteFile() fails) and on current versions it appears to work "by accident" - not failing but use redirected stderr instead of original one. Fix by creating new file descriptor with _dup() for stderr before redirect and use this descriptor for writing prompts. While on it, make code a bit more C99-ish by moving variables declaration from the beginning of the scope to the actual initialisation. Signed-off-by: Lev Stipakov --- v2: actually fix the prompt by displaying it in console instead of writing to log src/openvpn/console_builtin.c | 16 +++++++--------- src/openvpn/error.c | 28 +++++++--------------------- src/openvpn/error.h | 4 ++-- 3 files changed, 16 insertions(+), 32 deletions(-) diff --git a/src/openvpn/console_builtin.c b/src/openvpn/console_builtin.c index 3214cb5f..2340da6e 100644 --- a/src/openvpn/console_builtin.c +++ b/src/openvpn/console_builtin.c @@ -62,23 +62,19 @@ static bool get_console_input_win32(const char *prompt, const bool echo, char *input, const int capacity) { - HANDLE in = INVALID_HANDLE_VALUE; - HANDLE err = INVALID_HANDLE_VALUE; - DWORD len = 0; - ASSERT(prompt); ASSERT(input); ASSERT(capacity > 0); input[0] = '\0'; - in = GetStdHandle(STD_INPUT_HANDLE); - err = get_orig_stderr(); + HANDLE in = GetStdHandle(STD_INPUT_HANDLE); + int err = get_orig_stderr(); if (in != INVALID_HANDLE_VALUE - && err != INVALID_HANDLE_VALUE + && err != -1 && !win32_service_interrupt(&win32_signal) - && WriteFile(err, prompt, strlen(prompt), &len, NULL)) + && (_write(err, prompt, strlen(prompt)) != -1)) { bool is_console = (GetFileType(in) == FILE_TYPE_CHAR); DWORD flags_save = 0; @@ -102,6 +98,8 @@ get_console_input_win32(const char *prompt, const bool echo, char *input, const } } + DWORD len = 0; + if (is_console) { winput = malloc(capacity * sizeof(WCHAR)); @@ -124,7 +122,7 @@ get_console_input_win32(const char *prompt, const bool echo, char *input, const if (!echo) { - WriteFile(err, "\r\n", 2, &len, NULL); + _write(err, "\r\n", 2); } if (is_console) { diff --git a/src/openvpn/error.c b/src/openvpn/error.c index b94d387c..eb82f9c7 100644 --- a/src/openvpn/error.c +++ b/src/openvpn/error.c @@ -491,22 +491,12 @@ close_syslog(void) } #ifdef _WIN32 +static int orig_stderr; -static HANDLE orig_stderr; - -HANDLE -get_orig_stderr(void) +int get_orig_stderr() { - if (orig_stderr) - { - return orig_stderr; - } - else - { - return GetStdHandle(STD_ERROR_HANDLE); - } + return orig_stderr ? orig_stderr : _fileno(stderr); } - #endif void @@ -550,16 +540,12 @@ redirect_stdout_stderr(const char *file, bool append) } /* save original stderr for password prompts */ - orig_stderr = GetStdHandle(STD_ERROR_HANDLE); - -#if 0 /* seems not be necessary with stdout/stderr redirection below*/ - /* set up for redirection */ - if (!SetStdHandle(STD_OUTPUT_HANDLE, log_handle) - || !SetStdHandle(STD_ERROR_HANDLE, log_handle)) + orig_stderr = _dup(_fileno(stderr)); + if (orig_stderr == -1) { - msg(M_ERR, "Error: cannot redirect stdout/stderr to --log file: %s", file); + msg(M_WARN | M_ERRNO, "Warning: cannot duplicate stderr, password prompts will appear in log file instead of console."); + orig_stderr = _fileno(stderr); } -#endif /* direct stdout/stderr to point to log_handle */ log_fd = _open_osfhandle((intptr_t)log_handle, _O_TEXT); diff --git a/src/openvpn/error.h b/src/openvpn/error.h index f4528ef2..533354b3 100644 --- a/src/openvpn/error.h +++ b/src/openvpn/error.h @@ -256,8 +256,8 @@ void close_syslog(void); void redirect_stdout_stderr(const char *file, bool append); #ifdef _WIN32 -/* get original stderr handle, even if redirected by --log/--log-append */ -HANDLE get_orig_stderr(void); +/* get original stderr fd, even if redirected by --log/--log-append */ +int get_orig_stderr(void); #endif