X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=command.c;h=25b92715497d74caa06d2d2b47a94ad473ce0ecd;hp=bfce809a310cbe7024386ed61a441f71d3cf4e82;hb=e2167286448ce2ed9a01a548e7e9832563035088;hpb=3998a8c581623224b7b56bce593646b2c8516a0f;ds=sidebyside

diff --git a/command.c b/command.c
index bfce809a..25b92715 100644
--- a/command.c
+++ b/command.c
@@ -48,11 +48,15 @@ static const char * const server_command_perms_txt[] = {LSG_SERVER_CMD_AUX_INFOS
 
 extern int mmd_mutex;
 extern struct misc_meta_data *mmd;
-extern struct sender senders[];
 int send_afs_status(struct command_context *cc, int parser_friendly);
+static bool subcmd_should_die;
 
-static void dummy(__a_unused int s)
+static void command_handler_sighandler(int s)
 {
+	if (s != SIGTERM)
+		return;
+	PARA_EMERG_LOG("terminating on signal %d\n", SIGTERM);
+	subcmd_should_die = true;
 }
 
 /*
@@ -235,10 +239,10 @@ static int check_sender_args(struct command_context *cc,
 		return ret;
 	}
 	arg = lls_input(0, lpr);
-	for (i = 0; senders[i].name; i++)
-		if (!strcmp(senders[i].name, arg))
+	FOR_EACH_SENDER(i)
+		if (strcmp(senders[i]->name, arg) == 0)
 			break;
-	if (!senders[i].name)
+	if (!senders[i])
 		return -E_COMMAND_SYNTAX;
 	scd->sender_num = i;
 	arg = lls_input(1, lpr);
@@ -248,7 +252,7 @@ static int check_sender_args(struct command_context *cc,
 	if (i == NUM_SENDER_CMDS)
 		return -E_COMMAND_SYNTAX;
 	scd->cmd_num = i;
-	if (!senders[scd->sender_num].client_cmds[scd->cmd_num])
+	if (!senders[scd->sender_num]->client_cmds[scd->cmd_num])
 		return -E_SENDER_CMD;
 	switch (scd->cmd_num) {
 	case SENDER_on:
@@ -330,10 +334,10 @@ static int com_sender(struct command_context *cc, struct lls_parse_result *lpr)
 	struct sender_command_data scd;
 
 	if (lls_num_inputs(lpr) == 0) {
-		for (i = 0; senders[i].name; i++) {
+		FOR_EACH_SENDER(i) {
 			char *tmp;
 			ret = xasprintf(&tmp, "%s%s\n", msg? msg : "",
-				senders[i].name);
+				senders[i]->name);
 			free(msg);
 			msg = tmp;
 		}
@@ -344,17 +348,17 @@ static int com_sender(struct command_context *cc, struct lls_parse_result *lpr)
 		if (scd.sender_num < 0)
 			return ret;
 		if (strcmp(lls_input(1, lpr), "status") == 0)
-			msg = senders[scd.sender_num].status();
+			msg = senders[scd.sender_num]->status();
 		else
-			msg = senders[scd.sender_num].help();
+			msg = senders[scd.sender_num]->help();
 		return send_sb(&cc->scc, msg, strlen(msg), SBD_OUTPUT, false);
 	}
 
 	switch (scd.cmd_num) {
 	case SENDER_add:
 	case SENDER_delete:
-		assert(senders[scd.sender_num].resolve_target);
-		ret = senders[scd.sender_num].resolve_target(lls_input(2, lpr),
+		assert(senders[scd.sender_num]->resolve_target);
+		ret = senders[scd.sender_num]->resolve_target(lls_input(2, lpr),
 			&scd);
 		if (ret < 0)
 			return ret;
@@ -493,9 +497,21 @@ static int com_stat(struct command_context *cc, struct lls_parse_result *lpr)
 	bool parser_friendly = SERVER_CMD_OPT_GIVEN(STAT, PARSER_FRIENDLY,
 		lpr) > 0;
 	uint32_t num = SERVER_CMD_UINT32_VAL(STAT, NUM, lpr);
+	const struct timespec ts = {.tv_sec = 50, .tv_nsec = 0};
 
-	para_sigaction(SIGUSR1, dummy);
+	para_sigaction(SIGINT, SIG_IGN);
+	para_sigaction(SIGUSR1, command_handler_sighandler);
+	para_sigaction(SIGTERM, command_handler_sighandler);
+	/*
+	 * Simply checking subcmd_should_die is racy because a signal may
+	 * arrive after the check but before the subsequent call to sleep(3).
+	 * If this happens, sleep(3) would not be interrupted by the signal.
+	 * To avoid this we block SIGTERM here and allow it to arrive only
+	 * while we sleep.
+	 */
+	para_block_signal(SIGTERM);
 	for (;;) {
+		sigset_t set;
 		/*
 		 * Copy the mmd structure to minimize the time we hold the mmd
 		 * lock.
@@ -518,7 +534,15 @@ static int com_stat(struct command_context *cc, struct lls_parse_result *lpr)
 		ret = 1;
 		if (num > 0 && !--num)
 			goto out;
-		sleep(50);
+		sigemptyset(&set); /* empty set means: unblock all signals */
+		/*
+		 * pselect(2) allows to atomically unblock signals, then go to
+		 * sleep. Calling sigprocmask(2) followed by sleep(3) would
+		 * open a race window similar to the one described above.
+		 */
+		pselect(1, NULL, NULL, NULL, &ts, &set);
+		if (subcmd_should_die)
+			goto out;
 		ret = -E_SERVER_CRASH;
 		if (getppid() == 1)
 			goto out;
@@ -758,7 +782,7 @@ struct connection_features {
 	int dummy; /* none at the moment */
 };
 
-static int parse_auth_request(char *buf, int len, struct user **u,
+static int parse_auth_request(char *buf, int len, const struct user **u,
 		struct connection_features *cf)
 {
 	int ret;
@@ -792,7 +816,7 @@ static int parse_auth_request(char *buf, int len, struct user **u,
 		}
 	}
 	PARA_DEBUG_LOG("received auth request for user %s\n", username);
-	*u = lookup_user(username);
+	*u = user_list_lookup(username);
 	ret = 1;
 out:
 	free_argv(features);
@@ -874,9 +898,11 @@ static int run_command(struct command_context *cc, struct iovec *iov)
  * the function if the connection was not authenticated when the timeout
  * expires.
  *
+ * \return Standard.
+ *
  * \sa alarm(2), \ref openssl.c, \ref crypt.h.
  */
-__noreturn void handle_connect(int fd)
+int handle_connect(int fd)
 {
 	int ret;
 	unsigned char rand_buf[APC_CHALLENGE_SIZE + 2 * SESSION_KEY_LEN];
@@ -986,5 +1012,5 @@ out:
 	}
 	sc_free(cc->scc.recv);
 	sc_free(cc->scc.send);
-	exit(ret < 0? EXIT_FAILURE : EXIT_SUCCESS);
+	return ret;
 }