Bug#686054: Bug#682518: Bug#677565: RC bugs in msva-perl

[Daniel Kahn Gillmor <dkg@fifthhorseman.net>]

On 02/04/2013 01:28 PM, Dominic Hargreaves wrote:
> On Sat, Feb 02, 2013 at 03:31:33PM +0100, intrigeri wrote:
>> FWIW, I've asked about the same on the Monkeysphere mailing-list last
>> October, see dkg's answer there:
>> https://lists.riseup.net/www/arc/monkeysphere/2012-10/

I've just pushed a proposed upstream msva-perl/0.8.1 targetted bugfix
tag to git://lair.fifthhorseman.net/~dkg/msva-perl, and a "wheezy"
branch that uses that and targets testing-proposed-updates.

The debdiff between 0.8-2 and the proposed 0.8.1-1 is attached here.  It
is smaller than the previously-submitted changeset to 0.9.1-1, but it is
still non-trivial, alas, due to having to accomodate the new Net::Server
and the change to avoid crashing X11 sessions if the agent fails for any
reason we were not able to anticipate.

I've tested 0.8.1-1 on a wheezy system and it works for me.  I plan to
upload it to t-p-u sometime tomorrow or the next day unless i hear from
anyone that it didn't work for them.

Regards,

	--dkg

diff -Nru msva-perl-0.8/Changelog msva-perl-0.8.1/Changelog
--- msva-perl-0.8/Changelog	2010-12-20 16:11:39.000000000 -0500
+++ msva-perl-0.8.1/Changelog	2013-02-08 00:28:19.000000000 -0500
@@ -1,3 +1,11 @@
+msva-perl (0.8.1) upstream;
+
+  * "stable" release:
+   - cherry-picked bugfixes from 0.9 and 0.9.1; reduced refactoring
+    changes to get it to work safely with wheezy.
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>  Thu, 07 Feb 2013 23:33:46 -0500
+
 msva-perl (0.8) upstream;
 
   * Minor bugfix release!
diff -Nru msva-perl-0.8/Crypt/Monkeysphere/MSVA/Client.pm msva-perl-0.8.1/Crypt/Monkeysphere/MSVA/Client.pm
--- msva-perl-0.8/Crypt/Monkeysphere/MSVA/Client.pm	2010-12-20 16:11:39.000000000 -0500
+++ msva-perl-0.8.1/Crypt/Monkeysphere/MSVA/Client.pm	2013-02-08 00:28:19.000000000 -0500
@@ -145,7 +145,7 @@
 
     $self->{logger} = Crypt::Monkeysphere::MSVA::Logger->new($args{log_level});
     $self->{socket} = $args{socket};
-    $self->{socket} = 'http://localhost:8901'
+    $self->{socket} = 'http://127.0.0.1:8901'
       if (! defined $self->{socket} or $self->{socket} eq '');
 
     # create the user agent
diff -Nru msva-perl-0.8/Crypt/Monkeysphere/MSVA/Logger.pm msva-perl-0.8.1/Crypt/Monkeysphere/MSVA/Logger.pm
--- msva-perl-0.8/Crypt/Monkeysphere/MSVA/Logger.pm	2010-12-20 16:11:39.000000000 -0500
+++ msva-perl-0.8.1/Crypt/Monkeysphere/MSVA/Logger.pm	2013-02-08 00:28:19.000000000 -0500
@@ -45,6 +45,8 @@
     my $self = shift;
     my $msglevel = shift;
 
+    $msglevel = 'error'
+      if (! defined($msglevel));
     if ($loglevels{lc($msglevel)} <= $self->{loglevel}) {
       printf STDERR @_;
     }
@@ -88,7 +90,7 @@
     my $class = shift;
     my $loglevel = shift;
 
-    my $self = {loglevel => $loglevels{lc($loglevel)}};
+    my $self = {loglevel => $loglevels{defined($loglevel) ? lc($loglevel) : 'error'}};
     $self->{loglevel} = $loglevels{error}
       if (!defined $self->{loglevel});
 
diff -Nru msva-perl-0.8/Crypt/Monkeysphere/MSVA/MarginalUI.pm msva-perl-0.8.1/Crypt/Monkeysphere/MSVA/MarginalUI.pm
--- msva-perl-0.8/Crypt/Monkeysphere/MSVA/MarginalUI.pm	2010-12-20 16:11:39.000000000 -0500
+++ msva-perl-0.8.1/Crypt/Monkeysphere/MSVA/MarginalUI.pm	2013-02-08 00:28:19.000000000 -0500
@@ -46,7 +46,8 @@
     }
 
     foreach my $keyfpr (@subvalid_key_fprs) {
-      my $fprx = sprintf('0x%.40s', $keyfpr->{fpr}->as_hex_string());
+      $keyfpr->{fpr}->as_hex_string() =~ /([[:xdigit:]]{0,40})/;
+      my $fprx = '0x' . $1;
       $logger->log('debug', "checking on %s\n", $fprx);
       foreach my $gpgkey ($gnupg->get_public_keys_with_sigs($fprx)) {
         $logger->log('debug', "found key %.40s\n", $gpgkey->fingerprint->as_hex_string);
diff -Nru msva-perl-0.8/Crypt/Monkeysphere/MSVA.pm msva-perl-0.8.1/Crypt/Monkeysphere/MSVA.pm
--- msva-perl-0.8/Crypt/Monkeysphere/MSVA.pm	2010-12-20 16:11:39.000000000 -0500
+++ msva-perl-0.8.1/Crypt/Monkeysphere/MSVA.pm	2013-02-08 00:28:19.000000000 -0500
@@ -376,7 +376,7 @@
 
     # This is part of a spawned child process.  We don't want the
     # child process to destroy the update monitor when it terminates.
-    $self->{updatemonitor}->forget();
+    $self->{updatemonitor}->forget() if exists $self->{updatemonitor} && defined $self->{updatemonitor};
     my $clientinfo = get_client_info(select);
     my $clientuid = $clientinfo->{uid};
 
@@ -759,17 +759,22 @@
     my $self = shift;
     my $server = shift;
 
-    $self->spawn_master_subproc($server);
+    $self->spawn_as_child($server);
   }
 
-  sub master_subprocess_died {
+  sub pre_accept_hook {
     my $self = shift;
     my $server = shift;
-    my $subproc_return = shift;
 
-    my $exitstatus = POSIX::WEXITSTATUS($subproc_return);
-    msvalog('verbose', "Subprocess %d terminated; exiting %d.\n", $self->{child_pid}, $exitstatus);
-    $server->set_exit_status($exitstatus);
+    $self->parent_changed($server) if (defined $self->{parent_pid} && getppid() != $self->{parent_pid});
+  }
+
+  sub parent_changed {
+    my $self = shift;
+    my $server = shift;
+
+    msvalog('verbose', "parent %d went away; exiting.\n", $self->{parent_pid});
+    $server->set_exit_status(0);
     $server->server_close();
   }
 
@@ -802,10 +807,6 @@
         # instead, we'll just avoid trying to kill the next process with this PID:
         $self->{updatemonitor}->forget();
       }
-    } elsif (exists $self->{child_pid} &&
-             ($self->{child_pid} == 0 ||
-              $self->{child_pid} == $pid)) {
-      $self->master_subprocess_died($server, $?);
     }
   }
 
@@ -825,36 +826,41 @@
     $server->{server}->{leave_children_open_on_hup} = 1;
 
     my $socketcount = @{ $server->{server}->{sock} };
-    if ( $socketcount != 1 ) {
-      msvalog('error', "%d sockets open; should have been 1.\n", $socketcount);
+    # note: we're assuming here that if there are more than one socket
+    # open (e.g. IPv6 and IPv4, or multiple IP addresses of the same
+    # family), they all share the same port number as socket 0.
+    if ( $socketcount < 1 ) {
+      msvalog('error', "%d sockets open; should have been at least 1.\n", $socketcount);
       $server->set_exit_status(10);
       $server->server_close();
     }
-    my $port = @{ $server->{server}->{sock} }[0]->sockport();
-    if ((! defined $port) || ($port < 1) || ($port >= 65536)) {
-      msvalog('error', "got nonsense port: %d.\n", $port);
-      $server->set_exit_status(11);
-      $server->server_close();
-    }
-    if ((exists $ENV{MSVA_PORT}) && (($ENV{MSVA_PORT} + 0) != $port)) {
-      msvalog('error', "Explicitly requested port %d, but got port: %d.", ($ENV{MSVA_PORT}+0), $port);
-      $server->set_exit_status(13);
-      $server->server_close();
+    if (!defined($self->port) || $self->port == 0) {
+      my $port = @{ $server->{server}->{sock} }[0]->sockport();
+      if (! defined($port)) {
+        msvalog('error', "got undefined port.\nRecording as 0.\n", $port);
+        $port = 0;
+      } elsif (($port < 1) || ($port >= 65536)) {
+        msvalog('error', "got nonsense port: %d.\nRecording as 0.\n", $port);
+        $port = 0;
+      } elsif ((exists $ENV{MSVA_PORT}) && (($ENV{MSVA_PORT} + 0) != $port)) {
+        msvalog('error', "Explicitly requested port %d, but got port: %d.", ($ENV{MSVA_PORT}+0), $port);
+        $server->set_exit_status(13);
+        $server->server_close();
+      }
+      $self->port($port);
     }
-    $self->port($port);
-    $self->{updatemonitor} = Crypt::Monkeysphere::MSVA::Monitor::->new($logger);
   }
 
-  sub spawn_master_subproc {
+  sub spawn_as_child {
     my $self = shift;
     my $server = shift;
 
-    if ((exists $ENV{MSVA_CHILD_PID}) && ($ENV{MSVA_CHILD_PID} ne '')) {
+    if ((exists $ENV{MSVA_PARENT_PID}) && ($ENV{MSVA_PARENT_PID} ne '')) {
       # this is most likely a re-exec.
-      msvalog('info', "This appears to be a re-exec, continuing with child pid %d\n", $ENV{MSVA_CHILD_PID});
-      $self->{child_pid} = $ENV{MSVA_CHILD_PID} + 0;
-    } elsif ($#ARGV >= 0) {
-      $self->{child_pid} = 0; # indicate that we are planning to fork.
+      msvalog('info', "This appears to be a re-exec, continuing with parent pid %d\n", $ENV{MSVA_PARENT_PID});
+      $self->{parent_pid} = $ENV{MSVA_PARENT_PID} + 0;
+     } elsif ($#ARGV >= 0) {
+      $self->{parent_pid} = 0; # indicate that we are planning to fork.
       # avoid ignoring SIGCHLD right before we fork.
       $SIG{CHLD} = sub {
         my $val;
@@ -862,20 +868,26 @@
           $self->child_dies($val, $server);
         }
       };
+      my $pid = $$;
       my $fork = fork();
       if (! defined $fork) {
         msvalog('error', "could not fork\n");
       } else {
-        if ($fork) {
-          msvalog('debug', "Child process has PID %d\n", $fork);
-          $self->{child_pid} = $fork;
-          $ENV{MSVA_CHILD_PID} = $fork;
+        if (! $fork) {
+          msvalog('debug', "daemon has PID %d, parent has PID %d\n", $$, $pid);
+          $self->{parent_pid} = $pid;
+          # ppid is set in Net::Server::Fork's post_configure; we're
+          # past post_configure by here, and we're about to change
+          # process IDs before assuming the role of a forking server,
+          # so we should set it properly:
+          $server->{server}->{ppid} = $$;
+          $ENV{MSVA_PARENT_PID} = $pid;
         } else {
           msvalog('verbose', "PID %d executing: \n", $$);
           for my $arg (@ARGV) {
             msvalog('verbose', " %s\n", $arg);
           }
-          # untaint the environment for the subprocess
+          # untaint the environment for the parent process
           # see: https://labs.riseup.net/code/issues/2461
           foreach my $e (keys %ENV) {
             $ENV{$e} = untaint($ENV{$e});
@@ -886,16 +898,22 @@
           }
           # restore default SIGCHLD handling:
           $SIG{CHLD} = 'DEFAULT';
-          $ENV{MONKEYSPHERE_VALIDATION_AGENT_SOCKET} = sprintf('http://localhost:%d', $self->port);
+          $ENV{MONKEYSPHERE_VALIDATION_AGENT_SOCKET} = sprintf('http://127.0.0.1:%d', $self->port);
           exec(@args) or exit 111;
         }
       }
     } else {
-      printf("MONKEYSPHERE_VALIDATION_AGENT_SOCKET=http://localhost:%d;\nexport MONKEYSPHERE_VALIDATION_AGENT_SOCKET;\n", $self->port);
+      printf("MONKEYSPHERE_VALIDATION_AGENT_SOCKET=http://127.0.0.1:%d;\nexport MONKEYSPHERE_VALIDATION_AGENT_SOCKET;\n", $self->port);
       # FIXME: consider daemonizing here to behave more like
       # ssh-agent.  maybe avoid backgrounding by setting
       # MSVA_NO_BACKGROUND.
     };
+    if (exists $ENV{MSVA_MONITOR_CHANGES} &&
+        $ENV{MSVA_MONITOR_CHANGES} eq 'true') {
+      $self->{updatemonitor} = Crypt::Monkeysphere::MSVA::Monitor::->new($logger);
+    } else {
+      msvalog('verbose', "Not monitoring for changes\n");
+    }
   }
 
   sub extracerts {
diff -Nru msva-perl-0.8/debian/changelog msva-perl-0.8.1/debian/changelog
--- msva-perl-0.8/debian/changelog	2011-02-13 19:49:54.000000000 -0500
+++ msva-perl-0.8.1/debian/changelog	2013-02-08 00:38:09.000000000 -0500
@@ -1,3 +1,15 @@
+msva-perl (0.8.1-1) testing-proposed-updates; urgency=low
+
+  * incorporated minimized upstream changesets to deal with wheezy.
+   - spawn daemon as a subprocess instead of the master process
+    (Closes: #682353, #682518)
+   - avoid spurious logging errors (Closes: #642304)
+   - bind to IPv4 loopback explicitly (Closes: #661939)
+   - rely on new Net::Server (>= 2.00)
+  * bump Standards-Version to 3.9.4 (no changes needed).
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>  Thu, 07 Feb 2013 23:58:15 -0500
+
 msva-perl (0.8-2) unstable; urgency=low
 
   * Release into unstable.
diff -Nru msva-perl-0.8/debian/control msva-perl-0.8.1/debian/control
--- msva-perl-0.8/debian/control	2011-02-13 19:44:29.000000000 -0500
+++ msva-perl-0.8.1/debian/control	2013-02-08 00:30:05.000000000 -0500
@@ -6,7 +6,7 @@
 Build-Depends:
  debhelper (>= 7.0),
  perl
-Standards-Version: 3.9.1
+Standards-Version: 3.9.4
 Homepage: http://web.monkeysphere.info/
 Vcs-Git: git://git.monkeysphere.info/msva-perl
 
@@ -15,7 +15,7 @@
 Depends: 
  libcrypt-x509-perl,
  libconvert-asn1-perl,
- libnet-server-perl,
+ libnet-server-perl (>= 2.00),
  libhttp-server-simple-perl,
  libjson-perl,
  libparent-perl,
diff -Nru msva-perl-0.8/debian/gbp.conf msva-perl-0.8.1/debian/gbp.conf
--- msva-perl-0.8/debian/gbp.conf	2011-02-13 19:44:29.000000000 -0500
+++ msva-perl-0.8.1/debian/gbp.conf	2013-02-08 00:30:05.000000000 -0500
@@ -1,6 +1,6 @@
 [DEFAULT]
-upstream-branch = master
-debian-branch = debian
+upstream-branch = 0.8-stable
+debian-branch = wheezy
 upstream-tag = msva-perl/%(version)s
 debian-tag = msva-perl_debian/%(version)s
 pristine-tar = False
diff -Nru msva-perl-0.8/gpgkeys_hkpms msva-perl-0.8.1/gpgkeys_hkpms
--- msva-perl-0.8/gpgkeys_hkpms	2010-12-20 16:11:39.000000000 -0500
+++ msva-perl-0.8.1/gpgkeys_hkpms	2013-02-08 00:28:19.000000000 -0500
@@ -117,7 +117,9 @@
       if (JSON::is_bool($ret->{valid}) && ($ret->{valid} eq 1)) {
         $self->{logger}->log('verbose', "Monkeysphere HKPMS Certificate validation succeeded:\n  %s\n", $ret->{message});
       } else {
-        $self->{logger}->log('error', "Monkeysphere HKPMS Certificate validation failed:\n  %s\n", $ret->{message});
+        my $m = '[undefined]';
+        $m = $ret->{message} if (defined($ret->{message}));
+        $self->{logger}->log('error', "Monkeysphere HKPMS Certificate validation failed:\n  %s\n", $m);
       }
     }
 
diff -Nru msva-perl-0.8/msva-perl msva-perl-0.8.1/msva-perl
--- msva-perl-0.8/msva-perl	2010-12-20 16:11:39.000000000 -0500
+++ msva-perl-0.8.1/msva-perl	2013-02-08 00:28:19.000000000 -0500
@@ -22,7 +22,7 @@
 use Crypt::Monkeysphere::MSVA;
 
 my $server = Crypt::Monkeysphere::MSVA->new();
-$server->run(host=>'localhost',
+$server->run(host=>'127.0.0.1',
              log_level=> $server->logger->get_log_level(),
              user => POSIX::geteuid(),  # explicitly choose regular user and group (avoids spew)
              group => POSIX::getegid(),
@@ -114,6 +114,14 @@
 specific query if no keys are already locally known to be valid for
 the requested peer.  Default is 'unlessvalid'.
 
+=item MSVA_MONITOR_CHANGES
+
+Under graphical environments such as X11, msva-perl is capable of
+monitoring for changes in its underlying code and can prompt the user
+to restart the daemon when some of the underlying code changes.
+Setting this environmnt variable to 'true' enables this monitoring and
+prompting behavior.  Default is 'false'.
+
 =back
 
 =head1 COMMUNICATION PROTOCOL DETAILS
@@ -126,11 +134,11 @@
 
 =head1 SECURITY CONSIDERATIONS
 
-msva-perl deliberately binds to the loopback adapter (via named lookup
-of "localhost") so that remote users do not get access to the daemon.
-On systems (like Linux) which report ownership of TCP sockets in
-/proc/net/tcp, msva-perl will refuse access from random users (see
-MSVA_ALLOWED_USERS above).
+msva-perl deliberately binds to the IPv4 loopback (on 127.0.0.1) so
+that remote users do not get access to the daemon.  On systems (like
+Linux) which report ownership of TCP sockets in /proc/net/tcp,
+msva-perl will refuse access from random users (see MSVA_ALLOWED_USERS
+above).
 
 =head1 SEE ALSO
 
diff -Nru msva-perl-0.8/msva-query-agent msva-perl-0.8.1/msva-query-agent
--- msva-perl-0.8/msva-query-agent	2010-12-20 16:11:39.000000000 -0500
+++ msva-perl-0.8.1/msva-query-agent	2013-02-08 00:28:19.000000000 -0500
@@ -118,7 +118,7 @@
 =item MONKEYSPHERE_VALIDATION_AGENT_SOCKET
 
 Socket over which to query the validation agent.  If unset, the
-default value is 'http://localhost:8901'.
+default value is 'http://127.0.0.1:8901'.
 
 =item MSVA_LOG_LEVEL
 
diff -Nru msva-perl-0.8/Net/Server/MSVA.pm msva-perl-0.8.1/Net/Server/MSVA.pm
--- msva-perl-0.8/Net/Server/MSVA.pm	2010-12-20 16:11:39.000000000 -0500
+++ msva-perl-0.8.1/Net/Server/MSVA.pm	2013-02-08 00:28:19.000000000 -0500
@@ -19,6 +19,7 @@
 { package Net::Server::MSVA;
   use strict;
   use base qw(Net::Server::Fork);
+  use Net::Server 2.000 ();
 
   my $msva;
   # guarantee initial failure -- this will be cleared after we bind
@@ -37,6 +38,11 @@
     $msva->pre_loop_hook($self, @_);
   }
 
+  sub pre_accept_hook {
+    my $self = shift;
+    $msva->pre_accept_hook($self, @_);
+  }
+
   sub set_exit_status {
     my $self = shift;
     $exit_status = shift;

Attachment: signature.asc
Description: OpenPGP digital signature