From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on sa.local.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,RP_MATCHES_RCVD autolearn=ham autolearn_force=no version=3.4.1 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=cs.msu.ru; s=dkim; h=Subject:In-Reply-To:Content-Type:MIME-Version:References:Message-ID :Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=UHHyup008bclW1CM5tWVu6/hPb7eRa+6tu6KgwxWlUk=; b=WNPWxLHiniybk3g2yW7h525sqT rslo8npI24cGVAMNt5pzjEesjZREh6t/KpYe+zDS5l11RNkschHW5YHHixRhP0MWYCzXjQCTcLlJu 9Z8DW8Kg1/Joc9RB0pLWggXj8CMQvEvIrRmGhQ7pWYcZ2IN+iYpN1Lq7GeVFhSxUqm8rtG85ZGIxM Zib4CXzkNSGWYVRcTa35rW0OqeY1e1tkZWz9vB6fyErDJbIwImY8oUcli0ExoC9WA8923//4mS6ea 4uyMv5XLNQkzMt3PRCJdrYi4AWK1chBRvyGr215Ss8AfdmV27DdFTtfqoagaPPBbDuGGSu/WbdMUv wJRILkRw==; Date: Thu, 17 Sep 2020 16:12:09 +0300 From: Arseny Maslennikov To: Alex Gladkov , devel@lists.altlinux.org Message-ID: <20200917131209.GI286846@cello> References: <9bca7626b593f896de4283cba2d6290ec99eb4f2.1576183643.git.legion@altlinux.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="l0l+eSofNeLXHSnY" Content-Disposition: inline In-Reply-To: <9bca7626b593f896de4283cba2d6290ec99eb4f2.1576183643.git.legion@altlinux.org> OpenPGP: url=http://grep.cs.msu.ru/~ar/pgp-key.asc X-SA-Exim-Connect-IP: 10.7.5.179 X-SA-Exim-Mail-From: ar@cs.msu.ru X-SA-Exim-Version: 4.2.1 X-SA-Exim-Scanned: Yes (on mail.cs.msu.ru) Cc: ldv@altlinux.org Subject: Re: [devel] [PATCH hasher-priv v1 1/3] hasher-privd.c X-BeenThere: devel@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Team development discussions List-Id: ALT Linux Team development discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Sep 2020 13:12:15 -0000 Archived-At: List-Archive: List-Post: --l0l+eSofNeLXHSnY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Fri, Dec 13, 2019 at 12:42:03PM +0100, Alex Gladkov wrote: > diff --git a/hasher-priv/hasher-privd.c b/hasher-priv/hasher-privd.c > new file mode 100644 > index 0000000..5c56033 > --- /dev/null > +++ b/hasher-priv/hasher-privd.c > @@ -0,0 +1,375 @@ > + > +/* > + Copyright (C) 2019 Alexey Gladkov > + > + The entry function for the hasher-privd program. > + > + SPDX-License-Identifier: GPL-2.0-or-later > +*/ > + > +#include > + > +#include > +#include > +#include > +#include /* umask */ > +#include > +#include > + > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > + > +#include "epoll.h" > +#include "logging.h" > +#include "pidfile.h" > +#include "sockets.h" > +#include "communication.h" > +#include "priv.h" > + > +struct session { > + struct session *next; > + > + uid_t caller_uid; > + gid_t caller_gid; > + > + unsigned caller_num; > + > + pid_t server_pid; > +}; > + > +static struct session *pool = NULL; > +unsigned caller_num; > + > +static int > +start_session(int conn, unsigned num) > +{ > + uid_t uid; > + gid_t gid; > + pid_t server_pid; > + struct session **a = &pool; > + > + if (get_peercred(conn, NULL, &uid, &gid) < 0) No error response to the client. > + return -1; > + > + while (a && *a) { > + if ((*a)->caller_uid == uid && (*a)->caller_num == num) { > + send_command_response(conn, CMD_STATUS_DONE, NULL); > + return 0; > + } > + a = &(*a)->next; > + } > + > + info("start session for %d:%u user", uid, num); > + > + if ((server_pid = fork_server(conn, uid, gid, num)) < 0) No error response to the client. > + return -1; > + > + *a = calloc(1L, sizeof(struct session)); > + if (!*a) { > + err("calloc: %m"); Same. > + return -1; > + } > + > + (*a)->caller_uid = uid; > + (*a)->caller_gid = gid; > + (*a)->caller_num = num; > + (*a)->server_pid = server_pid; > + > + return 0; > +} > + > +static int > +close_session(int conn, unsigned num) > +{ > + uid_t uid; > + gid_t gid; > + struct session *e = pool; > + > + if (get_peercred(conn, NULL, &uid, &gid) < 0) > + return -1; > + > + while (e) { > + if (e->caller_uid == uid && e->caller_num == num) { > + info("close session for %d:%u user by request", uid, num); > + if (kill(e->server_pid, SIGTERM) < 0) { > + err("kill: %m"); > + return -1; > + } > + break; > + } > + e = e->next; > + } > + > + return 0; > +} > + > +static int > +process_request(int conn) > +{ > + int rc; > + struct cmd hdr = { 0 }; > + unsigned num = 0; > + > + if (xrecvmsg(conn, &hdr, sizeof(hdr)) < 0) > + return -1; > + > + if (hdr.datalen != sizeof(num)) { > + err("bad command"); > + send_command_response(conn, CMD_STATUS_FAILED, "bad command"); > + return -1; > + } > + > + if (xrecvmsg(conn, &num, sizeof(num)) < 0) > + return -1; > + > + switch (hdr.type) { > + case CMD_OPEN_SESSION: > + rc = start_session(conn, num); Ultimately, in some exit paths from start_session() the client receives no response. Most of them are triggered in case of error, so one option would be to send a failure response when rc < 0, and handle successful responses from inside start_session, most likely in separate processes. > + break; > + case CMD_CLOSE_SESSION: > + rc = close_session(conn, num); > + (rc < 0) > + ? send_command_response(conn, CMD_STATUS_FAILED, "command failed") > + : send_command_response(conn, CMD_STATUS_DONE, NULL); > + break; > + default: > + err("unknown command"); > + send_command_response(conn, CMD_STATUS_FAILED, "unknown command"); > + rc = -1; > + } > + > + return rc; > +} > + > +static void > +finish_sessions(int sig) > +{ > + struct session *e = pool; > + > + while (e) { > + if (kill(e->server_pid, sig) < 0) > + err("kill: %m"); > + e = e->next; > + } > +} > + > +static void > +clean_session(pid_t pid) > +{ > + struct session *x, **a = &pool; > + > + while (a && *a) { > + if ((*a)->server_pid == pid) { > + x = *a; > + *a = (*a)->next; > + free(x); > + } > + a = &(*a)->next; > + } > +} > + > +int main(int argc, char **argv) > +{ > + int i; > + int loglevel = -1; > + > + const char *pidfile = NULL; > + int daemonize = 1; > + > + char socketpath[UNIX_PATH_MAX]; > + > + struct option long_options[] = { > + { "help", no_argument, 0, 'h' }, > + { "version", no_argument, 0, 'V' }, > + { "foreground", no_argument, 0, 'f' }, > + { "loglevel", required_argument, 0, 'l' }, > + { "pidfile", required_argument, 0, 'p' }, Opinion: why the short option for pidfile path? It eats up the short ascii-alphanum space for a rather obscure feature. > + { 0, 0, 0, 0 } > + }; > + > + while ((i = getopt_long(argc, argv, "hVfl:p:", long_options, NULL)) != -1) { > + switch (i) { > + case 'p': > + pidfile = optarg; > + break; > + case 'l': > + loglevel = logging_level(optarg); > + break; > + case 'f': > + daemonize = 0; > + break; > + case 'V': > + printf("%s %s\n", program_invocation_short_name, PROJECT_VERSION); > + return EXIT_SUCCESS; > + default: > + case 'h': > + printf("Usage: %s [options]\n" > + " -p, --pidfile=FILE pid file location;\n" > + " -l, --loglevel=LVL set logging level;\n" > + " -f, --foreground stay in the foreground;\n" > + " -V, --version print program version and exit;\n" > + " -h, --help show this text and exit.\n" > + "\n", > + program_invocation_short_name); > + return EXIT_SUCCESS; > + } > + } > + > + configure_server(); > + > + if (!pidfile && server_pidfile && *server_pidfile) > + pidfile = server_pidfile; > + > + if (loglevel < 0) > + loglevel = (server_log_priority >= 0) > + ? server_log_priority > + : logging_level("info"); > + > + umask(022); > + > + if (pidfile && check_pid(pidfile)) > + error(EXIT_FAILURE, 0, "%s: already running", > + program_invocation_short_name); > + > + if (daemonize && daemon(0, 0) < 0) > + error(EXIT_FAILURE, errno, "daemon"); > + > + logging_init(loglevel, !daemonize); > + > + if (pidfile && write_pid(pidfile) == 0) > + return EXIT_FAILURE; > + > + sigset_t mask; > + > + sigfillset(&mask); > + sigprocmask(SIG_SETMASK, &mask, NULL); > + > + sigdelset(&mask, SIGABRT); > + sigdelset(&mask, SIGSEGV); > + > + int fd_ep = -1; > + > + if ((fd_ep = epoll_create1(EPOLL_CLOEXEC)) < 0) > + fatal("epoll_create1: %m"); > + > + int fd_signal = -1; > + > + if ((fd_signal = signalfd(-1, &mask, SFD_NONBLOCK | SFD_CLOEXEC)) < 0) > + fatal("signalfd: %m"); > + > + mode_t m = umask(017); > + > + int fd_conn = -1; > + > + if ((fd_conn = srv_listen(SOCKETDIR, PROJECT)) < 0) > + return EXIT_FAILURE; > + > + umask(m); > + > + snprintf(socketpath, sizeof(socketpath), "%s/%s", SOCKETDIR, PROJECT); > + > + if (chown(socketpath, 0, server_gid)) > + fatal("fchown: %s: %m", socketpath); > + > + if (epollin_add(fd_ep, fd_signal) < 0 || epollin_add(fd_ep, fd_conn) < 0) > + return EXIT_FAILURE; > + > + int ep_timeout = -1; > + int finish_server = 0; > + > + while (1) { > + struct epoll_event ev[42]; > + int fdcount; > + > + errno = 0; > + if ((fdcount = epoll_wait(fd_ep, ev, ARRAY_SIZE(ev), ep_timeout)) < 0) { > + if (errno == EINTR) > + continue; > + err("epoll_wait: %m"); > + break; > + } > + > + for (i = 0; i < fdcount; i++) { > + if (!(ev[i].events & EPOLLIN)) { > + continue; > + > + } else if (ev[i].data.fd == fd_signal) { > + struct signalfd_siginfo fdsi; > + ssize_t size; > + > + size = read_retry(fd_signal, &fdsi, sizeof(fdsi)); > + > + if (size != sizeof(fdsi)) { > + err("unable to read signal info"); > + continue; > + } > + > + pid_t pid; > + int status; > + > + switch (fdsi.ssi_signo) { > + case SIGINT: > + case SIGTERM: > + finish_server = 1; > + break; > + case SIGCHLD: > + if ((pid = waitpid(-1, &status, 0)) < 0) > + err("waitpid: %m"); > + > + clean_session(pid); > + break; > + } > + > + } else if (ev[i].data.fd == fd_conn) { > + int conn; > + > + if ((conn = accept4(fd_conn, NULL, 0, SOCK_CLOEXEC)) < 0) { > + err("accept4: %m"); > + continue; > + } > + > + if (set_recv_timeout(conn, 3) < 0) { > + close(conn); > + continue; > + } > + > + process_request(conn); > + close(conn); > + } > + } > + > + if (finish_server) { > + if (!pool) > + break; > + > + if (fd_conn >= 0) { > + epollin_remove(fd_ep, fd_conn); > + fd_conn = -1; > + ep_timeout = 3000; > + } > + > + finish_sessions(SIGTERM); > + } > + } > + > + epollin_remove(fd_ep, fd_signal); > + epollin_remove(fd_ep, fd_conn); > + > + if (fd_ep >= 0) > + close(fd_ep); > + > + if (pidfile) > + remove_pid(pidfile); > + > + logging_close(); > + free_server_configuration(); > + > + return EXIT_SUCCESS; > +} --l0l+eSofNeLXHSnY Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE56JD3UKTLEu/ddrm9dQjyAYL01AFAl9jYKkACgkQ9dQjyAYL 01CLIBAAvatMLSKDek2JW70KIX1fMkAaUV43h/9ZNtU+QYbRraagVWIw77dVqZ2v 3AZZ+alwWSQoMWiMEmhDDnMKPDVwdGQidj/VjjrdqerlefACYws/feJT7NCW8v6B GW6x8GhJXXlLlzdIIG3JRW4zab/Nw8H92ugXnm91HWyfLr4e/QHRtEe8tCULTMKy PMJCw6cL/+iNJXujeFgseAfC/GNaAg96EZIeD07UpaxGFUz0aghik9I3WqoPTjvW vcYMiBZX1kU0eC/xUJvXIh11OcjSde/VNPAnhU8fBrvSybcVjN4j/0NjP5gVfroT OVeSeiW7iCujkKRFQ6JoSEdE3eR6hHUUEv44lYC2B9TfD6T2f06+dr7YtieA91dP YDbbOVh6M8qNx8oRUtmIbg+wuXjPNouP68S7bHzHG+jbQTTTOVZrMKbh9s5ADCGL yppNAWCL8BmoP0TQBGuKtTcfs83yj1VylcjUcEm/Hq+UirvUleLmxlC7cCHohLJG V9G3xHIXZbxsSRg57ASRk25dLDT+8pyJ+Il3HbsDH21WVjOEUPB9kYUSGe6viIdd 04kzNkkmxTC/WoJ420W87gRmL00e3GiEQ5gHNxiaJ6JSj+RZAHTicGEpfxK631g5 +o+3GIleetJSqulAHsnO+GjkQRmHIGSRKikezQS6xhYDgdvP9e4= =PUvq -----END PGP SIGNATURE----- --l0l+eSofNeLXHSnY--