From patchwork Thu Jun 24 15:04:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lev Stipakov X-Patchwork-Id: 1871 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director7.mail.ord1d.rsapps.net ([172.27.255.9]) by backend30.mail.ord1d.rsapps.net with LMTP id kA9TOqPj1WBiBgAAIUCqbw (envelope-from ) for ; Fri, 25 Jun 2021 10:09:39 -0400 Received: from proxy9.mail.iad3a.rsapps.net ([172.27.255.9]) by director7.mail.ord1d.rsapps.net with LMTP id MPEwOqPj1WC6RQAAovjBpQ (envelope-from ) for ; Fri, 25 Jun 2021 10:09:39 -0400 Received: from smtp15.gate.iad3a ([172.27.255.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy9.mail.iad3a.rsapps.net with LMTPS id 6JQeMqPj1WA0JQAAGuSQww (envelope-from ) for ; Fri, 25 Jun 2021 10:09:39 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp15.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Suspicious-Flag: YES X-Classification-ID: fa3f9fc2-d5be-11eb-b536-525400f46865-1-1 Received: from [216.105.38.7] ([216.105.38.7:54266] helo=lists.sourceforge.net) by smtp15.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id C6/E3-05089-2A3E5D06; Fri, 25 Jun 2021 10:09:39 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.92.3) (envelope-from ) id 1lwmVV-00080b-Cw; Fri, 25 Jun 2021 14:08:33 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) (envelope-from ) id 1lwmVT-00080K-QL for openvpn-devel@lists.sourceforge.net; Fri, 25 Jun 2021 14:08:31 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc: To:From:Sender:Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=3y8Lofd8XXxlcVYUnYFS/MsDlgQ5yDI/NNLgIGsDaZ8=; b=MvIqHnY/cDbmypyR1ABuYxzaeA femb3M0PA9uNxJXhV/IsiOvShrnXQ5/zXHpWmtNqHOpP+mT5FijL3roPhbLafng/QzZfcXdhzBXeb 6nW5QqtTSfTOnUi1ovEeAh9OevAaXBKuyomjr2qdB50iWymSpBeb8xF822rRNcPm+qdE=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=3y8Lofd8XXxlcVYUnYFS/MsDlgQ5yDI/NNLgIGsDaZ8=; b=dMRefFTX+CDXCx4KPpQNp8PWLR 929I2xrxLM3D5hAMV7FNIEPHItT2poM+av9IL7/Cjsubjk1OqnoORJq5K6bGgD9et2wHaI7eq/Hbo hxgdeKySEufzVnQ7zrGDILOTQ/rwNBMIhRAeT27tekBCzlfiUfwwOgCtDJ0c/ysTLWgM=; Received: from mail-lj1-f178.google.com ([209.85.208.178]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92.3) id 1lwmVL-0000Cc-NP for openvpn-devel@lists.sourceforge.net; Fri, 25 Jun 2021 14:08:31 +0000 Received: by mail-lj1-f178.google.com with SMTP id d2so12665915ljj.11 for ; Fri, 25 Jun 2021 07:08:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=3y8Lofd8XXxlcVYUnYFS/MsDlgQ5yDI/NNLgIGsDaZ8=; b=Iwd4Ue8M2yhZR7Xg900VNiwUdN5CZsqTC26/fMTu9PWNBgdGRexuA2+yE6/K2ebzAQ koQ0g25LUvw4mahrDZj4Q8td8XMz090Jg0qvOKgpuZcTsvDXE2i2RrnMvkvWZXbBGdzX MJOhdhXweteUtX1sBdon5UKL8CKAWj7xViMeqDBnd59tZ6ZVmzdavKMQ9SzNea/IAfv8 1DnzcpRhp21k6wY2SYO7Z4i3vi0HXiGqCIbRweaDn4Y/dfr+3F3if4UXIRhBBwgSaNhq b68qrP13XLOVQH5Z+5xNCR3ZSUmPWsmqB+r87O7zN83JRhrxnwuPNnp4MMj5lAp3jR98 RTrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=3y8Lofd8XXxlcVYUnYFS/MsDlgQ5yDI/NNLgIGsDaZ8=; b=fEMnQr6AANBSvtAap/zSFesnBqbAm96sxtVWjcVrA02Z39s+cQ+7e/pIFNFQZF8fih aaCa91fL67gIuwyPyy/OxaX35CcdL+Ym+xNVzRVwiuacf8Sb5r8bt7pFzdUtH6HQP2gW kpetCcE7JSEOIRA2IhCjjYc0SyCvQLsNjk2uCHj9V2gwuqcRQFnfe92GfUb97IVMFXRH ItXqtA0EK16kTEzhquA9JA0cfbLKHLCTSuB+6eh7z9SDRb8/uklrani6IjpuHSzdMxvh YkSdPC+Uoqiyn2PmBMj6Sp/DjnVlcQqHCG3v2X9pek1LCb71dsjZrT6eDuo9CDgwZPD5 RnMQ== X-Gm-Message-State: AOAM533RzbQ3ve6sECcmIKAFUxVKBiUoCDBCsCy85irTpb9s+OLijqcU hcXCV66XYTkNdP7bue4cvBeGgWHroyw= X-Google-Smtp-Source: ABdhPJxwFAkhsdT1sYzwTWRmyazTxRJJnTsd007wbABwJTXLlFUzmlwMe1ZHkLcpUqDzD1CHrMOJuw== X-Received: by 2002:a2e:9009:: with SMTP id h9mr8520235ljg.213.1624630098503; Fri, 25 Jun 2021 07:08:18 -0700 (PDT) Received: from LAPTOP-4L3N7KFS.localdomain (37-33-144-184.bb.dnainternet.fi. [37.33.144.184]) by smtp.gmail.com with ESMTPSA id g20sm592632lja.2.2021.06.25.07.08.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 25 Jun 2021 07:08:17 -0700 (PDT) From: Lev Stipakov To: openvpn-devel@lists.sourceforge.net Date: Fri, 25 Jun 2021 04:04:05 +0300 Message-Id: <20210625010405.224-1-lstipakov@gmail.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210624153401.GJ976@greenie.muc.de> References: <20210624153401.GJ976@greenie.muc.de> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.208.178 listed in list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (lstipakov[at]gmail.com) -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.208.178 listed in wl.mailspike.net] 0.8 DATE_IN_PAST_12_24 Date: is 12 to 24 hours before Received: date -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: openvpn.net] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-Headers-End: 1lwmVL-0000Cc-NP Subject: [Openvpn-devel] [PATCH v3] Fix console prompts with redirected log X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Lev Stipakov MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Lev Stipakov When openvpn nees to prompt user for a password (for example, to set management interface password), the prompt is written to standard error device. When log is redirected to a file, that prompt is written to that file and not to the "original" stderr. Moreover, on recent Insider build (21390.2025) openvpn exits with fatal error get_console_input_win32(): unexpected error: No such device or address (errno=6) while attempting to write that prompt. When redirecting stdout/stderr, we use _dup2() to associate stderr descriptor with a log file. This call closes file associated with stderr descriptor, which might explain why it has stopped working (original stderr is closed and WriteFile() fails) and on current versions it appears to work "by accident" - not failing but use redirected stderr instead of original one. Fix by creating new file descriptor with _dup() for stderr before redirect and use this descriptor for writing prompts. While on it, make code a bit more C99-ish by moving variables declaration from the beginning of the scope to the actual initialisation. Signed-off-by: Lev Stipakov Acked-by: Gert Doering --- v3: rebase v2: actually fix the prompt by displaying it in console instead of writing to log src/openvpn/console_builtin.c | 18 +++++++----------- src/openvpn/error.c | 28 +++++++--------------------- src/openvpn/error.h | 4 ++-- 3 files changed, 16 insertions(+), 34 deletions(-) diff --git a/src/openvpn/console_builtin.c b/src/openvpn/console_builtin.c index 9bf36347..06b8a77a 100644 --- a/src/openvpn/console_builtin.c +++ b/src/openvpn/console_builtin.c @@ -62,23 +62,17 @@ static bool get_console_input_win32(const char *prompt, const bool echo, char *input, const int capacity) { - HANDLE in = INVALID_HANDLE_VALUE; - HANDLE err = INVALID_HANDLE_VALUE; - DWORD len = 0; - ASSERT(prompt); ASSERT(input); ASSERT(capacity > 0); input[0] = '\0'; - in = GetStdHandle(STD_INPUT_HANDLE); - err = get_orig_stderr(); - - if (in == INVALID_HANDLE_VALUE - || err == INVALID_HANDLE_VALUE + HANDLE in = GetStdHandle(STD_INPUT_HANDLE); + int orig_stderr = get_orig_stderr(); // guaranteed to be always valid + if ((in == INVALID_HANDLE_VALUE) || win32_service_interrupt(&win32_signal) - || !WriteFile(err, prompt, strlen(prompt), &len, NULL)) + || (_write(orig_stderr, prompt, strlen(prompt)) == -1)) { msg(M_WARN|M_ERRNO, "get_console_input_win32(): unexpected error"); return false; @@ -106,6 +100,8 @@ get_console_input_win32(const char *prompt, const bool echo, char *input, const } } + DWORD len = 0; + if (is_console) { winput = malloc(capacity * sizeof(WCHAR)); @@ -128,7 +124,7 @@ get_console_input_win32(const char *prompt, const bool echo, char *input, const if (!echo) { - WriteFile(err, "\r\n", 2, &len, NULL); + _write(orig_stderr, "\r\n", 2); } if (is_console) { diff --git a/src/openvpn/error.c b/src/openvpn/error.c index b94d387c..eb82f9c7 100644 --- a/src/openvpn/error.c +++ b/src/openvpn/error.c @@ -491,22 +491,12 @@ close_syslog(void) } #ifdef _WIN32 +static int orig_stderr; -static HANDLE orig_stderr; - -HANDLE -get_orig_stderr(void) +int get_orig_stderr() { - if (orig_stderr) - { - return orig_stderr; - } - else - { - return GetStdHandle(STD_ERROR_HANDLE); - } + return orig_stderr ? orig_stderr : _fileno(stderr); } - #endif void @@ -550,16 +540,12 @@ redirect_stdout_stderr(const char *file, bool append) } /* save original stderr for password prompts */ - orig_stderr = GetStdHandle(STD_ERROR_HANDLE); - -#if 0 /* seems not be necessary with stdout/stderr redirection below*/ - /* set up for redirection */ - if (!SetStdHandle(STD_OUTPUT_HANDLE, log_handle) - || !SetStdHandle(STD_ERROR_HANDLE, log_handle)) + orig_stderr = _dup(_fileno(stderr)); + if (orig_stderr == -1) { - msg(M_ERR, "Error: cannot redirect stdout/stderr to --log file: %s", file); + msg(M_WARN | M_ERRNO, "Warning: cannot duplicate stderr, password prompts will appear in log file instead of console."); + orig_stderr = _fileno(stderr); } -#endif /* direct stdout/stderr to point to log_handle */ log_fd = _open_osfhandle((intptr_t)log_handle, _O_TEXT); diff --git a/src/openvpn/error.h b/src/openvpn/error.h index f4528ef2..533354b3 100644 --- a/src/openvpn/error.h +++ b/src/openvpn/error.h @@ -256,8 +256,8 @@ void close_syslog(void); void redirect_stdout_stderr(const char *file, bool append); #ifdef _WIN32 -/* get original stderr handle, even if redirected by --log/--log-append */ -HANDLE get_orig_stderr(void); +/* get original stderr fd, even if redirected by --log/--log-append */ +int get_orig_stderr(void); #endif