X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=command.c;h=25b92715497d74caa06d2d2b47a94ad473ce0ecd;hp=cd24c0350ef90fbeccf713325738a6b03eba1000;hb=53af5c6efb309565990203fd8504a812ec9166c9;hpb=0b786d977ded3c3922e851e5b8d60837b43469b9

diff --git a/command.c b/command.c
index cd24c035..25b92715 100644
--- a/command.c
+++ b/command.c
@@ -22,12 +22,12 @@
 #include "string.h"
 #include "afh.h"
 #include "afs.h"
+#include "net.h"
 #include "server.h"
 #include "list.h"
 #include "send.h"
 #include "sched.h"
 #include "vss.h"
-#include "net.h"
 #include "daemon.h"
 #include "fd.h"
 #include "ipc.h"
@@ -49,9 +49,14 @@ static const char * const server_command_perms_txt[] = {LSG_SERVER_CMD_AUX_INFOS
 extern int mmd_mutex;
 extern struct misc_meta_data *mmd;
 int send_afs_status(struct command_context *cc, int parser_friendly);
+static bool subcmd_should_die;
 
-static void dummy(__a_unused int s)
+static void command_handler_sighandler(int s)
 {
+	if (s != SIGTERM)
+		return;
+	PARA_EMERG_LOG("terminating on signal %d\n", SIGTERM);
+	subcmd_should_die = true;
 }
 
 /*
@@ -492,9 +497,21 @@ static int com_stat(struct command_context *cc, struct lls_parse_result *lpr)
 	bool parser_friendly = SERVER_CMD_OPT_GIVEN(STAT, PARSER_FRIENDLY,
 		lpr) > 0;
 	uint32_t num = SERVER_CMD_UINT32_VAL(STAT, NUM, lpr);
+	const struct timespec ts = {.tv_sec = 50, .tv_nsec = 0};
 
-	para_sigaction(SIGUSR1, dummy);
+	para_sigaction(SIGINT, SIG_IGN);
+	para_sigaction(SIGUSR1, command_handler_sighandler);
+	para_sigaction(SIGTERM, command_handler_sighandler);
+	/*
+	 * Simply checking subcmd_should_die is racy because a signal may
+	 * arrive after the check but before the subsequent call to sleep(3).
+	 * If this happens, sleep(3) would not be interrupted by the signal.
+	 * To avoid this we block SIGTERM here and allow it to arrive only
+	 * while we sleep.
+	 */
+	para_block_signal(SIGTERM);
 	for (;;) {
+		sigset_t set;
 		/*
 		 * Copy the mmd structure to minimize the time we hold the mmd
 		 * lock.
@@ -517,7 +534,15 @@ static int com_stat(struct command_context *cc, struct lls_parse_result *lpr)
 		ret = 1;
 		if (num > 0 && !--num)
 			goto out;
-		sleep(50);
+		sigemptyset(&set); /* empty set means: unblock all signals */
+		/*
+		 * pselect(2) allows to atomically unblock signals, then go to
+		 * sleep. Calling sigprocmask(2) followed by sleep(3) would
+		 * open a race window similar to the one described above.
+		 */
+		pselect(1, NULL, NULL, NULL, &ts, &set);
+		if (subcmd_should_die)
+			goto out;
 		ret = -E_SERVER_CRASH;
 		if (getppid() == 1)
 			goto out;
@@ -662,8 +687,7 @@ static int com_nomore(__a_unused struct command_context *cc,
 }
 EXPORT_SERVER_CMD_HANDLER(nomore);
 
-static int com_ff(__a_unused struct command_context *cc,
-		struct lls_parse_result *lpr)
+static int com_ff(struct command_context *cc, struct lls_parse_result *lpr)
 {
 	long promille;
 	int ret, backwards = 0;
@@ -683,6 +707,7 @@ static int com_ff(__a_unused struct command_context *cc,
 	ret = -E_NO_AUDIO_FILE;
 	if (!mmd->afd.afhi.chunks_total || !mmd->afd.afhi.seconds_total)
 		goto out;
+	ret = 1;
 	promille = (1000 * mmd->current_chunk) / mmd->afd.afhi.chunks_total;
 	if (backwards)
 		promille -= 1000 * i / mmd->afd.afhi.seconds_total;
@@ -698,15 +723,13 @@ static int com_ff(__a_unused struct command_context *cc,
 	mmd->new_vss_status_flags |= VSS_REPOS;
 	mmd->new_vss_status_flags &= ~VSS_NEXT;
 	mmd->events++;
-	ret = 1;
 out:
 	mutex_unlock(mmd_mutex);
 	return ret;
 }
 EXPORT_SERVER_CMD_HANDLER(ff);
 
-static int com_jmp(__a_unused struct command_context *cc,
-		struct lls_parse_result *lpr)
+static int com_jmp(struct command_context *cc, struct lls_parse_result *lpr)
 {
 	long unsigned int i;
 	int ret;
@@ -759,7 +782,7 @@ struct connection_features {
 	int dummy; /* none at the moment */
 };
 
-static int parse_auth_request(char *buf, int len, struct user **u,
+static int parse_auth_request(char *buf, int len, const struct user **u,
 		struct connection_features *cf)
 {
 	int ret;
@@ -793,7 +816,7 @@ static int parse_auth_request(char *buf, int len, struct user **u,
 		}
 	}
 	PARA_DEBUG_LOG("received auth request for user %s\n", username);
-	*u = lookup_user(username);
+	*u = user_list_lookup(username);
 	ret = 1;
 out:
 	free_argv(features);
@@ -875,12 +898,14 @@ static int run_command(struct command_context *cc, struct iovec *iov)
  * the function if the connection was not authenticated when the timeout
  * expires.
  *
- * \sa alarm(2), \ref crypt.c, \ref crypt.h.
+ * \return Standard.
+ *
+ * \sa alarm(2), \ref openssl.c, \ref crypt.h.
  */
-__noreturn void handle_connect(int fd)
+int handle_connect(int fd)
 {
 	int ret;
-	unsigned char rand_buf[CHALLENGE_SIZE + 2 * SESSION_KEY_LEN];
+	unsigned char rand_buf[APC_CHALLENGE_SIZE + 2 * SESSION_KEY_LEN];
 	unsigned char challenge_hash[HASH_SIZE];
 	char *command = NULL, *buf = para_malloc(HANDSHAKE_BUFSIZE) /* must be on the heap */;
 	size_t numbytes;
@@ -910,7 +935,7 @@ __noreturn void handle_connect(int fd)
 		goto net_err;
 	if (cc->u) {
 		get_random_bytes_or_die(rand_buf, sizeof(rand_buf));
-		ret = pub_encrypt(cc->u->pubkey, rand_buf, sizeof(rand_buf),
+		ret = apc_pub_encrypt(cc->u->pubkey, rand_buf, sizeof(rand_buf),
 			(unsigned char *)buf);
 		if (ret < 0)
 			goto net_err;
@@ -925,7 +950,7 @@ __noreturn void handle_connect(int fd)
 		get_random_bytes_or_die((unsigned char *)buf, numbytes);
 	}
 	PARA_DEBUG_LOG("sending %d byte challenge + session key (%zu bytes)\n",
-		CHALLENGE_SIZE, numbytes);
+		APC_CHALLENGE_SIZE, numbytes);
 	ret = send_sb(&cc->scc, buf, numbytes, SBD_CHALLENGE, false);
 	buf = NULL;
 	if (ret < 0)
@@ -941,21 +966,21 @@ __noreturn void handle_connect(int fd)
 	if (!cc->u)
 		goto net_err;
 	/*
-	 * The correct response is the hash of the first CHALLENGE_SIZE bytes
+	 * The correct response is the hash of the first APC_CHALLENGE_SIZE bytes
 	 * of the random data.
 	 */
 	ret = -E_BAD_AUTH;
 	if (numbytes != HASH_SIZE)
 		goto net_err;
-	hash_function((char *)rand_buf, CHALLENGE_SIZE, challenge_hash);
+	hash_function((char *)rand_buf, APC_CHALLENGE_SIZE, challenge_hash);
 	if (memcmp(challenge_hash, buf, HASH_SIZE))
 		goto net_err;
 	/* auth successful */
 	alarm(0);
 	PARA_INFO_LOG("good auth for %s\n", cc->u->name);
 	/* init stream cipher keys with the second part of the random buffer */
-	cc->scc.recv = sc_new(rand_buf + CHALLENGE_SIZE, SESSION_KEY_LEN);
-	cc->scc.send = sc_new(rand_buf + CHALLENGE_SIZE + SESSION_KEY_LEN,
+	cc->scc.recv = sc_new(rand_buf + APC_CHALLENGE_SIZE, SESSION_KEY_LEN);
+	cc->scc.send = sc_new(rand_buf + APC_CHALLENGE_SIZE + SESSION_KEY_LEN,
 		SESSION_KEY_LEN);
 	ret = send_sb(&cc->scc, NULL, 0, SBD_PROCEED, false);
 	if (ret < 0)
@@ -987,5 +1012,5 @@ out:
 	}
 	sc_free(cc->scc.recv);
 	sc_free(cc->scc.send);
-	exit(ret < 0? EXIT_FAILURE : EXIT_SUCCESS);
+	return ret;
 }