Merge branch 'refs/heads/t/long-help'
[paraslash.git] / command.c
index bd3d17c..6adb945 100644 (file)
--- a/command.c
+++ b/command.c
@@ -49,11 +49,15 @@ static const char * const server_command_perms_txt[] = {LSG_SERVER_CMD_AUX_INFOS
 
 extern int mmd_mutex;
 extern struct misc_meta_data *mmd;
-extern struct sender senders[];
 int send_afs_status(struct command_context *cc, int parser_friendly);
+static bool subcmd_should_die;
 
-static void dummy(__a_unused int s)
+static void command_handler_sighandler(int s)
 {
+       if (s != SIGTERM)
+               return;
+       PARA_EMERG_LOG("terminating on signal %d\n", SIGTERM);
+       subcmd_should_die = true;
 }
 
 /*
@@ -236,10 +240,10 @@ static int check_sender_args(struct command_context *cc,
                return ret;
        }
        arg = lls_input(0, lpr);
-       for (i = 0; senders[i].name; i++)
-               if (!strcmp(senders[i].name, arg))
+       FOR_EACH_SENDER(i)
+               if (strcmp(senders[i]->name, arg) == 0)
                        break;
-       if (!senders[i].name)
+       if (!senders[i])
                return -E_COMMAND_SYNTAX;
        scd->sender_num = i;
        arg = lls_input(1, lpr);
@@ -249,7 +253,7 @@ static int check_sender_args(struct command_context *cc,
        if (i == NUM_SENDER_CMDS)
                return -E_COMMAND_SYNTAX;
        scd->cmd_num = i;
-       if (!senders[scd->sender_num].client_cmds[scd->cmd_num])
+       if (!senders[scd->sender_num]->client_cmds[scd->cmd_num])
                return -E_SENDER_CMD;
        switch (scd->cmd_num) {
        case SENDER_on:
@@ -331,10 +335,10 @@ static int com_sender(struct command_context *cc, struct lls_parse_result *lpr)
        struct sender_command_data scd;
 
        if (lls_num_inputs(lpr) == 0) {
-               for (i = 0; senders[i].name; i++) {
+               FOR_EACH_SENDER(i) {
                        char *tmp;
                        ret = xasprintf(&tmp, "%s%s\n", msg? msg : "",
-                               senders[i].name);
+                               senders[i]->name);
                        free(msg);
                        msg = tmp;
                }
@@ -345,17 +349,17 @@ static int com_sender(struct command_context *cc, struct lls_parse_result *lpr)
                if (scd.sender_num < 0)
                        return ret;
                if (strcmp(lls_input(1, lpr), "status") == 0)
-                       msg = senders[scd.sender_num].status();
+                       msg = senders[scd.sender_num]->status();
                else
-                       msg = senders[scd.sender_num].help();
+                       msg = senders[scd.sender_num]->help();
                return send_sb(&cc->scc, msg, strlen(msg), SBD_OUTPUT, false);
        }
 
        switch (scd.cmd_num) {
        case SENDER_add:
        case SENDER_delete:
-               assert(senders[scd.sender_num].resolve_target);
-               ret = senders[scd.sender_num].resolve_target(lls_input(2, lpr),
+               assert(senders[scd.sender_num]->resolve_target);
+               ret = senders[scd.sender_num]->resolve_target(lls_input(2, lpr),
                        &scd);
                if (ret < 0)
                        return ret;
@@ -494,9 +498,21 @@ static int com_stat(struct command_context *cc, struct lls_parse_result *lpr)
        bool parser_friendly = SERVER_CMD_OPT_GIVEN(STAT, PARSER_FRIENDLY,
                lpr) > 0;
        uint32_t num = SERVER_CMD_UINT32_VAL(STAT, NUM, lpr);
+       const struct timespec ts = {.tv_sec = 50, .tv_nsec = 0};
 
-       para_sigaction(SIGUSR1, dummy);
+       para_sigaction(SIGINT, SIG_IGN);
+       para_sigaction(SIGUSR1, command_handler_sighandler);
+       para_sigaction(SIGTERM, command_handler_sighandler);
+       /*
+        * Simply checking subcmd_should_die is racy because a signal may
+        * arrive after the check but before the subsequent call to sleep(3).
+        * If this happens, sleep(3) would not be interrupted by the signal.
+        * To avoid this we block SIGTERM here and allow it to arrive only
+        * while we sleep.
+        */
+       para_block_signal(SIGTERM);
        for (;;) {
+               sigset_t set;
                /*
                 * Copy the mmd structure to minimize the time we hold the mmd
                 * lock.
@@ -519,7 +535,15 @@ static int com_stat(struct command_context *cc, struct lls_parse_result *lpr)
                ret = 1;
                if (num > 0 && !--num)
                        goto out;
-               sleep(50);
+               sigemptyset(&set); /* empty set means: unblock all signals */
+               /*
+                * pselect(2) allows to atomically unblock signals, then go to
+                * sleep. Calling sigprocmask(2) followed by sleep(3) would
+                * open a race window similar to the one described above.
+                */
+               pselect(1, NULL, NULL, NULL, &ts, &set);
+               if (subcmd_should_die)
+                       goto out;
                ret = -E_SERVER_CRASH;
                if (getppid() == 1)
                        goto out;
@@ -636,8 +660,7 @@ static int com_nomore(__a_unused struct command_context *cc,
 }
 EXPORT_SERVER_CMD_HANDLER(nomore);
 
-static int com_ff(__a_unused struct command_context *cc,
-               struct lls_parse_result *lpr)
+static int com_ff(struct command_context *cc, struct lls_parse_result *lpr)
 {
        long promille;
        int ret, backwards = 0;
@@ -657,6 +680,7 @@ static int com_ff(__a_unused struct command_context *cc,
        ret = -E_NO_AUDIO_FILE;
        if (!mmd->afd.afhi.chunks_total || !mmd->afd.afhi.seconds_total)
                goto out;
+       ret = 1;
        promille = (1000 * mmd->current_chunk) / mmd->afd.afhi.chunks_total;
        if (backwards)
                promille -= 1000 * i / mmd->afd.afhi.seconds_total;
@@ -672,15 +696,13 @@ static int com_ff(__a_unused struct command_context *cc,
        mmd->new_vss_status_flags |= VSS_REPOS;
        mmd->new_vss_status_flags &= ~VSS_NEXT;
        mmd->events++;
-       ret = 1;
 out:
        mutex_unlock(mmd_mutex);
        return ret;
 }
 EXPORT_SERVER_CMD_HANDLER(ff);
 
-static int com_jmp(__a_unused struct command_context *cc,
-               struct lls_parse_result *lpr)
+static int com_jmp(struct command_context *cc, struct lls_parse_result *lpr)
 {
        long unsigned int i;
        int ret;
@@ -733,7 +755,7 @@ struct connection_features {
        int dummy; /* none at the moment */
 };
 
-static int parse_auth_request(char *buf, int len, struct user **u,
+static int parse_auth_request(char *buf, int len, const struct user **u,
                struct connection_features *cf)
 {
        int ret;
@@ -767,7 +789,7 @@ static int parse_auth_request(char *buf, int len, struct user **u,
                }
        }
        PARA_DEBUG_LOG("received auth request for user %s\n", username);
-       *u = lookup_user(username);
+       *u = user_list_lookup(username);
        ret = 1;
 out:
        free_argv(features);
@@ -849,12 +871,14 @@ static int run_command(struct command_context *cc, struct iovec *iov)
  * the function if the connection was not authenticated when the timeout
  * expires.
  *
- * \sa alarm(2), \ref crypt.c, \ref crypt.h.
+ * \return Standard.
+ *
+ * \sa alarm(2), \ref openssl.c, \ref crypt.h.
  */
-__noreturn void handle_connect(int fd)
+int handle_connect(int fd)
 {
        int ret;
-       unsigned char rand_buf[CHALLENGE_SIZE + 2 * SESSION_KEY_LEN];
+       unsigned char rand_buf[APC_CHALLENGE_SIZE + 2 * SESSION_KEY_LEN];
        unsigned char challenge_hash[HASH_SIZE];
        char *command = NULL, *buf = para_malloc(HANDSHAKE_BUFSIZE) /* must be on the heap */;
        size_t numbytes;
@@ -884,7 +908,7 @@ __noreturn void handle_connect(int fd)
                goto net_err;
        if (cc->u) {
                get_random_bytes_or_die(rand_buf, sizeof(rand_buf));
-               ret = pub_encrypt(cc->u->pubkey, rand_buf, sizeof(rand_buf),
+               ret = apc_pub_encrypt(cc->u->pubkey, rand_buf, sizeof(rand_buf),
                        (unsigned char *)buf);
                if (ret < 0)
                        goto net_err;
@@ -899,7 +923,7 @@ __noreturn void handle_connect(int fd)
                get_random_bytes_or_die((unsigned char *)buf, numbytes);
        }
        PARA_DEBUG_LOG("sending %d byte challenge + session key (%zu bytes)\n",
-               CHALLENGE_SIZE, numbytes);
+               APC_CHALLENGE_SIZE, numbytes);
        ret = send_sb(&cc->scc, buf, numbytes, SBD_CHALLENGE, false);
        buf = NULL;
        if (ret < 0)
@@ -915,21 +939,21 @@ __noreturn void handle_connect(int fd)
        if (!cc->u)
                goto net_err;
        /*
-        * The correct response is the hash of the first CHALLENGE_SIZE bytes
+        * The correct response is the hash of the first APC_CHALLENGE_SIZE bytes
         * of the random data.
         */
        ret = -E_BAD_AUTH;
        if (numbytes != HASH_SIZE)
                goto net_err;
-       hash_function((char *)rand_buf, CHALLENGE_SIZE, challenge_hash);
+       hash_function((char *)rand_buf, APC_CHALLENGE_SIZE, challenge_hash);
        if (memcmp(challenge_hash, buf, HASH_SIZE))
                goto net_err;
        /* auth successful */
        alarm(0);
        PARA_INFO_LOG("good auth for %s\n", cc->u->name);
        /* init stream cipher keys with the second part of the random buffer */
-       cc->scc.recv = sc_new(rand_buf + CHALLENGE_SIZE, SESSION_KEY_LEN);
-       cc->scc.send = sc_new(rand_buf + CHALLENGE_SIZE + SESSION_KEY_LEN,
+       cc->scc.recv = sc_new(rand_buf + APC_CHALLENGE_SIZE, SESSION_KEY_LEN);
+       cc->scc.send = sc_new(rand_buf + APC_CHALLENGE_SIZE + SESSION_KEY_LEN,
                SESSION_KEY_LEN);
        ret = send_sb(&cc->scc, NULL, 0, SBD_PROCEED, false);
        if (ret < 0)
@@ -961,5 +985,5 @@ out:
        }
        sc_free(cc->scc.recv);
        sc_free(cc->scc.send);
-       exit(ret < 0? EXIT_FAILURE : EXIT_SUCCESS);
+       return ret;
 }