Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 4 May 2015 15:31:49 +0300
From: Shinnok <admin@...nnok.com>
To: john-dev@...ts.openwall.com
Subject: Re: [Johnny] Task 1.4.2 fork and OpenMP


> On May 2, 2015, at 5:01 AM, Solar Designer <solar@...nwall.com> wrote:
> 
> Mathieu,
> 
> On Thu, Apr 30, 2015 at 02:24:32PM -0400, Mathieu Laprise wrote:
>> If we choose the JtR forward sigterm/sigint to its children path, here is
>> the code needed. I'm not sure how to submit changes to Solar's cvs repo of
>> core john.
> 
> Please post any patches against core to this mailing list.
> 
>> So I put diff in this website for you to see: left is original,
>> right is the new one.
>> https://www.diffchecker.com/vhuw1xgn
> 
> Thanks.  Going forward, please don't use any pastebins and such (with
> the only exception being GitHub, which we currently use anyway).
> Instead, please just attach patches, command output, etc. to messages.

Mathieu, I think it's best if you use Magnum's repo for JtR core and jumbo work/version tracking and in the case there's going to be any more fixes for core, you can easily create a patch from your git to send to this list. For Jumbo, as Magnum said, Github PR's should be just fine. I think this is the sanest workflow, contrary to using tarballs.

> 
>> I tested it and it works with Johnny(forkOpenMP branch) or the "top"
>> command. However, I'm not a john pro like you guys so I don't know if it
>> could have side effects on john that I didn't think of.
> 
> It did have side-effects.  (And it deviated from the coding style we use
> in JtR.)  Here's a more elaborate patch I committed:
> 
> ...
> 
> Thank you, and I'm sorry for telling you that this functionality was
> already in there - I genuinely thought so, misguided by the fact that
> normally SIGINT is sent to all processes on the tty.
> 
> Now the tricky part: handling of older versions of JtR (before this
> patch) in Johnny.  How do you determine which processes to send the
> signal to?  One idea is to create a separate process group for each
> invocation of JtR.  See setsid(2) and this feature of kill(2):
> 
> "If pid is less than -1, then sig is sent to every process in the
> process group whose ID is -pid."
> 
> That was Linux man page.  POSIX:
> 
> "If pid is negative, but not -1, sig shall be sent to all processes
> (excluding an unspecified set of system processes) whose process group
> ID is equal to the absolute value of pid, and for which the process has
> permission to send a signal."
> 
> Alexander

I like this approach and it's good that this has been resolved in core.

Is it my understanding that the fix Solar committed allows for both pre-patch and post-patch JtR's to be handled in the same manner without us discriminating JtR versions in Johnny yet?

If yes, Mathieu, I think you need to change your override of JohnProcess::terminate() to not send SIGTERM twice in the OS_FORK case(looking over your Github branch). Also you should use Q_OS_ defines to probe for OS'es instead of GCC builtins(or otherwise)?

Shinnok

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ