Compile with -Wsuggest-attribute=malloc. We already employ this attribute extensively to help the compiler improve optimization. However, a few malloc-like functions were not yet marked with __malloc. Fix that and enable the warning to make sure that new malloc-like functions get marked. Since not all supported compilers know about this warning option, we need to check at compile time whether the option is supported. Thanks to the existing cc-option make(1) function, this is a simple one-liner for Makefile.real.
net: De-doxify static functions. They don't make it into the web doc anyway.
net: Refer to correct man page in stringify_port(). The function calls getservbyport(), not getservent().
net: Pass true/false instead of 0/1 to makesock(). The function receives a boolean argument, after all.
net: Demote log level of error message in makesock(). This function has no idea how severe the failure actually is, so log only with loglevel notice and let the callers be more verbose if this is a stern error. The visible result of this change is that audiod no longer prints a warning every five seconds if the server is not running.
net: Make is_valid_ipv{4,6}_address() local to net.c. These inline functions are only used in net.c, so they do not need to be declared in net.h. De-doxyfy their documentation because static functions don't need doxygen comments.
net: Make single-use macros local. A few macros are defined in net.h but are only used in a single C file. Move those to where they are used to make the code easier to follow. DCCP_SOCKOPT_RX_CCID is not used at all, so remove that.
net: Combine documentation of struct flowopts. It was documented both in net.h and net.c.
Merge topic branch t/overflow into master This series implements a new memory allocation API which checks for overflows. The first part of the series just renames the main allocation functions. Later patches in the series implement allocators which take two size_t arguments (like calloc(3)) and check whether the multiplication overflows by employing the __builtin_mul_overflow() primitive supported by gcc and clang. This requires us to bump the lowest supported gcc and clang version. * refs/heads/t/overflow: build: Compile with -ftrapv. string: Introduce arr_zalloc(). string: Introduce arr_alloc(). string: Introduce arr_realloc() and check for integer overflow. string: Rename para_calloc() -> zalloc(). string: Rename para_malloc() -> alloc(). string: Overhaul para_strdup().
net: Drop fd_set parameter from para_accept(). As for read_nonblock(), the parameter is dispensable because it is only used for an optimization to avoid a system call. Get rid of it because it hinders the conversion from select(2) to poll(2).
string: Rename para_malloc() -> alloc(). Just because it's shorter and matches the naming of the new allocators we are about to introduce. The bulk of this patch was created with sed -i 's/para_malloc/alloc/g' *.c *.h yy/mp.y
list.h: Convert INIT_LIST_HEAD macro to inline function. Inline functions are easier to read and write, and we get type safety.
net.c: Remove compat macros for AI_V4MAPPED et al. These were added 11 years ago during NetBSD-3.1 days because this version of NetBSD lacked the three macros. At least on NetBSD-7.1 (released 2017), the compat macros are no longer necessary while FreeBSD and Linux never needed them. So let's get rid of them.
Check for abstract sockets only once. In net.c there is a static variable which is supposed to cache whether the abstract local socket namespace is supported. This variable is pointless because it is only ever set by command handlers, which exit after the command completed. Hence the command handler process of each subsequent afs command checks again. To make the caching work as intended we must initialize the variable in the *parent* process. The parent process, however, does not create any local sockets. This patch changes init_unix_addr() to initialize the variable without creating a socket when NULL is passed as the name parameter. The server process passes NULL to initialize the static variable while command handlers pass non NULL.
server: Add --http-listen-address and --dccp-listen-address. Currently the http and the dccp sender accept connections on all IP addresses. This commit makes it possible to configure the senders to listen only on the specified subset of addresses. To make this work, the sender_status structure has to be extended to store an array of file descriptors rather than just a single one. Several places need to iterate over all listening sockets of the sender. The new FOR_EACH_LISTEN_FD macro helps to avoid duplicating the corresponding loop. The status part of the sender command now prints the listening addresses instead of just on/off. This is why we also maintain the ascii representation of the listening addresses in the sender_status structure and introduce the format_url() helper to format host/port pairs.
server: Implement --listen-address for control service. For hosts with multiple IP addresses one might want to configure the listening sockets so that connections can only arrive on a subset of the host's addresses. This patch implements this feature. Unlike para_listen_simple() the new para_listen() receives an optional argument to let the caller specify the listening address in addition to the port number. para_listen_simple() is now a simple wrapper that passes a NULL pointer as the new argument which indicates that the socket should listen on all local addresses, just like prior to this change. The set of listening addresses for the control service of para_server can be specified via the new --listen-address option. This option can be given multiple times, once for each listening address. Due to this change the server needs to maintain more than a single file descriptor to dispatch incoming connections. Hence the integer ->listen_fd of struct server_command_task has to be replaced by an array of file descriptors and the {pre,post}_select methods of the command task have iterate over all descriptors in the array. The meaning of the --port option has changed due to the new option: since the argument to --listen-address can also contain a port number, the argument to --port is only used for addresses with no port number, or if --listen-address is not given at all. Although the http and dccp senders also open a listening socket, this commit affects only the control service of para_server (listening on TCP 2990 by default). Senders will be covered in the next commit.
net: Combine para_listen() and para_listen_simple(). The only caller of para_listen() is para_listen_simple(), since flowops are only used for active sockets.
net: Improve error diagnostics of makesock_addrinfo(). Since the function iterates over all addresses in the passed addressinfo structure, errors can be non-fatal and may even be expected. Therefore the function does not log any errors from socket(2), setsockopt(2), connect(2) or bind(2), but only returns a generic -E_MAKESOCK error code if none of the addressinfo members worked. Unfortunately, this means it's impossible to tell from the log message which of these system calls has failed. This patch changes the function to also log the errors from the above system calls, but only with loglevel notice. This way the non-fatal errors are not shown by default (since the default loglevel is "warning"), but one can easily activate them by specifying a lower loglevel.
Shorten copyright notice. The GPLv2 line does not add any additional information, so drop it. This leaves a single line of legalese text for most files, which is about the amount of screen real estate it deserves. This patch was created with the following script (plus some manual fixups): awk '{ if (NR <= 5) { gs = gensub(/.*Copyright.* ([0-9]+).*Andre Noll.*/, "\\1", "g") if (gs != $0) year = gs next } if (NR == 6 && year != "") printf("/* Copyright (C) %s Andre Noll <maan@tuebingen.mpg.de>, see file COPYING. */\n", year) print }'
doxygen: Add \ref to references. This way doxygen issues a warning if the file/function/structure no longer exists and a stale reference remains.