##// END OF EJS Templates
chg: forward SIGWINCH to worker...
Jun Wu -
r28980:b89e4457 stable
parent child Browse files
Show More
@@ -1,589 +1,593 b''
1 1 /*
2 2 * A fast client for Mercurial command server
3 3 *
4 4 * Copyright (c) 2011 Yuya Nishihara <yuya@tcha.org>
5 5 *
6 6 * This software may be used and distributed according to the terms of the
7 7 * GNU General Public License version 2 or any later version.
8 8 */
9 9
10 10 #include <assert.h>
11 11 #include <errno.h>
12 12 #include <fcntl.h>
13 13 #include <signal.h>
14 14 #include <stdio.h>
15 15 #include <stdlib.h>
16 16 #include <string.h>
17 17 #include <sys/file.h>
18 18 #include <sys/stat.h>
19 19 #include <sys/types.h>
20 20 #include <sys/un.h>
21 21 #include <sys/wait.h>
22 22 #include <time.h>
23 23 #include <unistd.h>
24 24
25 25 #include "hgclient.h"
26 26 #include "util.h"
27 27
28 28 #ifndef UNIX_PATH_MAX
29 29 #define UNIX_PATH_MAX (sizeof(((struct sockaddr_un *)NULL)->sun_path))
30 30 #endif
31 31
32 32 struct cmdserveropts {
33 33 char sockname[UNIX_PATH_MAX];
34 34 char redirectsockname[UNIX_PATH_MAX];
35 35 char lockfile[UNIX_PATH_MAX];
36 36 size_t argsize;
37 37 const char **args;
38 38 int lockfd;
39 39 int sockdirfd;
40 40 };
41 41
42 42 static void initcmdserveropts(struct cmdserveropts *opts) {
43 43 memset(opts, 0, sizeof(struct cmdserveropts));
44 44 opts->lockfd = -1;
45 45 opts->sockdirfd = AT_FDCWD;
46 46 }
47 47
48 48 static void freecmdserveropts(struct cmdserveropts *opts) {
49 49 free(opts->args);
50 50 opts->args = NULL;
51 51 opts->argsize = 0;
52 52 assert(opts->lockfd == -1 && "should be closed by unlockcmdserver()");
53 53 if (opts->sockdirfd != AT_FDCWD) {
54 54 close(opts->sockdirfd);
55 55 opts->sockdirfd = AT_FDCWD;
56 56 }
57 57 }
58 58
59 59 /*
60 60 * Test if an argument is a sensitive flag that should be passed to the server.
61 61 * Return 0 if not, otherwise the number of arguments starting from the current
62 62 * one that should be passed to the server.
63 63 */
64 64 static size_t testsensitiveflag(const char *arg)
65 65 {
66 66 static const struct {
67 67 const char *name;
68 68 size_t narg;
69 69 } flags[] = {
70 70 {"--config", 1},
71 71 {"--cwd", 1},
72 72 {"--repo", 1},
73 73 {"--repository", 1},
74 74 {"--traceback", 0},
75 75 {"-R", 1},
76 76 };
77 77 size_t i;
78 78 for (i = 0; i < sizeof(flags) / sizeof(flags[0]); ++i) {
79 79 size_t len = strlen(flags[i].name);
80 80 size_t narg = flags[i].narg;
81 81 if (memcmp(arg, flags[i].name, len) == 0) {
82 82 if (arg[len] == '\0') {
83 83 /* --flag (value) */
84 84 return narg + 1;
85 85 } else if (arg[len] == '=' && narg > 0) {
86 86 /* --flag=value */
87 87 return 1;
88 88 } else if (flags[i].name[1] != '-') {
89 89 /* short flag */
90 90 return 1;
91 91 }
92 92 }
93 93 }
94 94 return 0;
95 95 }
96 96
97 97 /*
98 98 * Parse argv[] and put sensitive flags to opts->args
99 99 */
100 100 static void setcmdserverargs(struct cmdserveropts *opts,
101 101 int argc, const char *argv[])
102 102 {
103 103 size_t i, step;
104 104 opts->argsize = 0;
105 105 for (i = 0, step = 1; i < (size_t)argc; i += step, step = 1) {
106 106 if (!argv[i])
107 107 continue; /* pass clang-analyse */
108 108 if (strcmp(argv[i], "--") == 0)
109 109 break;
110 110 size_t n = testsensitiveflag(argv[i]);
111 111 if (n == 0 || i + n > (size_t)argc)
112 112 continue;
113 113 opts->args = reallocx(opts->args,
114 114 (n + opts->argsize) * sizeof(char *));
115 115 memcpy(opts->args + opts->argsize, argv + i,
116 116 sizeof(char *) * n);
117 117 opts->argsize += n;
118 118 step = n;
119 119 }
120 120 }
121 121
122 122 static void preparesockdir(const char *sockdir)
123 123 {
124 124 int r;
125 125 r = mkdir(sockdir, 0700);
126 126 if (r < 0 && errno != EEXIST)
127 127 abortmsgerrno("cannot create sockdir %s", sockdir);
128 128
129 129 struct stat st;
130 130 r = lstat(sockdir, &st);
131 131 if (r < 0)
132 132 abortmsgerrno("cannot stat %s", sockdir);
133 133 if (!S_ISDIR(st.st_mode))
134 134 abortmsg("cannot create sockdir %s (file exists)", sockdir);
135 135 if (st.st_uid != geteuid() || st.st_mode & 0077)
136 136 abortmsg("insecure sockdir %s", sockdir);
137 137 }
138 138
139 139 static void setcmdserveropts(struct cmdserveropts *opts)
140 140 {
141 141 int r;
142 142 char sockdir[UNIX_PATH_MAX];
143 143 const char *envsockname = getenv("CHGSOCKNAME");
144 144 if (!envsockname) {
145 145 /* by default, put socket file in secure directory
146 146 * (permission of socket file may be ignored on some Unices) */
147 147 const char *tmpdir = getenv("TMPDIR");
148 148 if (!tmpdir)
149 149 tmpdir = "/tmp";
150 150 r = snprintf(sockdir, sizeof(sockdir), "%s/chg%d",
151 151 tmpdir, geteuid());
152 152 if (r < 0 || (size_t)r >= sizeof(sockdir))
153 153 abortmsg("too long TMPDIR (r = %d)", r);
154 154 preparesockdir(sockdir);
155 155 }
156 156
157 157 const char *basename = (envsockname) ? envsockname : sockdir;
158 158 const char *sockfmt = (envsockname) ? "%s" : "%s/server";
159 159 const char *lockfmt = (envsockname) ? "%s.lock" : "%s/lock";
160 160 r = snprintf(opts->sockname, sizeof(opts->sockname), sockfmt, basename);
161 161 if (r < 0 || (size_t)r >= sizeof(opts->sockname))
162 162 abortmsg("too long TMPDIR or CHGSOCKNAME (r = %d)", r);
163 163 r = snprintf(opts->lockfile, sizeof(opts->lockfile), lockfmt, basename);
164 164 if (r < 0 || (size_t)r >= sizeof(opts->lockfile))
165 165 abortmsg("too long TMPDIR or CHGSOCKNAME (r = %d)", r);
166 166 }
167 167
168 168 /*
169 169 * Acquire a file lock that indicates a client is trying to start and connect
170 170 * to a server, before executing a command. The lock is released upon exit or
171 171 * explicit unlock. Will block if the lock is held by another process.
172 172 */
173 173 static void lockcmdserver(struct cmdserveropts *opts)
174 174 {
175 175 if (opts->lockfd == -1) {
176 176 opts->lockfd = open(opts->lockfile,
177 177 O_RDWR | O_CREAT | O_NOFOLLOW, 0600);
178 178 if (opts->lockfd == -1)
179 179 abortmsgerrno("cannot create lock file %s",
180 180 opts->lockfile);
181 181 fsetcloexec(opts->lockfd);
182 182 }
183 183 int r = flock(opts->lockfd, LOCK_EX);
184 184 if (r == -1)
185 185 abortmsgerrno("cannot acquire lock");
186 186 }
187 187
188 188 /*
189 189 * Release the file lock held by calling lockcmdserver. Will do nothing if
190 190 * lockcmdserver is not called.
191 191 */
192 192 static void unlockcmdserver(struct cmdserveropts *opts)
193 193 {
194 194 if (opts->lockfd == -1)
195 195 return;
196 196 flock(opts->lockfd, LOCK_UN);
197 197 close(opts->lockfd);
198 198 opts->lockfd = -1;
199 199 }
200 200
201 201 static const char *gethgcmd(void)
202 202 {
203 203 static const char *hgcmd = NULL;
204 204 if (!hgcmd) {
205 205 hgcmd = getenv("CHGHG");
206 206 if (!hgcmd || hgcmd[0] == '\0')
207 207 hgcmd = getenv("HG");
208 208 if (!hgcmd || hgcmd[0] == '\0')
209 209 #ifdef HGPATH
210 210 hgcmd = (HGPATH);
211 211 #else
212 212 hgcmd = "hg";
213 213 #endif
214 214 }
215 215 return hgcmd;
216 216 }
217 217
218 218 static void execcmdserver(const struct cmdserveropts *opts)
219 219 {
220 220 const char *hgcmd = gethgcmd();
221 221
222 222 const char *baseargv[] = {
223 223 hgcmd,
224 224 "serve",
225 225 "--cmdserver", "chgunix",
226 226 "--address", opts->sockname,
227 227 "--daemon-postexec", "chdir:/",
228 228 "--config", "extensions.chgserver=",
229 229 };
230 230 size_t baseargvsize = sizeof(baseargv) / sizeof(baseargv[0]);
231 231 size_t argsize = baseargvsize + opts->argsize + 1;
232 232
233 233 const char **argv = mallocx(sizeof(char *) * argsize);
234 234 memcpy(argv, baseargv, sizeof(baseargv));
235 235 memcpy(argv + baseargvsize, opts->args, sizeof(char *) * opts->argsize);
236 236 argv[argsize - 1] = NULL;
237 237
238 238 if (putenv("CHGINTERNALMARK=") != 0)
239 239 abortmsgerrno("failed to putenv");
240 240 if (execvp(hgcmd, (char **)argv) < 0)
241 241 abortmsgerrno("failed to exec cmdserver");
242 242 free(argv);
243 243 }
244 244
245 245 /* Retry until we can connect to the server. Give up after some time. */
246 246 static hgclient_t *retryconnectcmdserver(struct cmdserveropts *opts, pid_t pid)
247 247 {
248 248 static const struct timespec sleepreq = {0, 10 * 1000000};
249 249 int pst = 0;
250 250
251 251 debugmsg("try connect to %s repeatedly", opts->sockname);
252 252 for (unsigned int i = 0; i < 10 * 100; i++) {
253 253 hgclient_t *hgc = hgc_open(opts->sockname);
254 254 if (hgc)
255 255 return hgc;
256 256
257 257 if (pid > 0) {
258 258 /* collect zombie if child process fails to start */
259 259 int r = waitpid(pid, &pst, WNOHANG);
260 260 if (r != 0)
261 261 goto cleanup;
262 262 }
263 263
264 264 nanosleep(&sleepreq, NULL);
265 265 }
266 266
267 267 abortmsg("timed out waiting for cmdserver %s", opts->sockname);
268 268 return NULL;
269 269
270 270 cleanup:
271 271 if (WIFEXITED(pst)) {
272 272 if (WEXITSTATUS(pst) == 0)
273 273 abortmsg("could not connect to cmdserver "
274 274 "(exited with status 0)");
275 275 debugmsg("cmdserver exited with status %d", WEXITSTATUS(pst));
276 276 exit(WEXITSTATUS(pst));
277 277 } else if (WIFSIGNALED(pst)) {
278 278 abortmsg("cmdserver killed by signal %d", WTERMSIG(pst));
279 279 } else {
280 280 abortmsg("error while waiting for cmdserver");
281 281 }
282 282 return NULL;
283 283 }
284 284
285 285 /* Connect to a cmdserver. Will start a new server on demand. */
286 286 static hgclient_t *connectcmdserver(struct cmdserveropts *opts)
287 287 {
288 288 const char *sockname = opts->redirectsockname[0] ?
289 289 opts->redirectsockname : opts->sockname;
290 290 debugmsg("try connect to %s", sockname);
291 291 hgclient_t *hgc = hgc_open(sockname);
292 292 if (hgc)
293 293 return hgc;
294 294
295 295 lockcmdserver(opts);
296 296 hgc = hgc_open(sockname);
297 297 if (hgc) {
298 298 unlockcmdserver(opts);
299 299 debugmsg("cmdserver is started by another process");
300 300 return hgc;
301 301 }
302 302
303 303 /* prevent us from being connected to an outdated server: we were
304 304 * told by a server to redirect to opts->redirectsockname and that
305 305 * address does not work. we do not want to connect to the server
306 306 * again because it will probably tell us the same thing. */
307 307 if (sockname == opts->redirectsockname)
308 308 unlink(opts->sockname);
309 309
310 310 debugmsg("start cmdserver at %s", opts->sockname);
311 311
312 312 pid_t pid = fork();
313 313 if (pid < 0)
314 314 abortmsg("failed to fork cmdserver process");
315 315 if (pid == 0) {
316 316 execcmdserver(opts);
317 317 } else {
318 318 hgc = retryconnectcmdserver(opts, pid);
319 319 }
320 320
321 321 unlockcmdserver(opts);
322 322 return hgc;
323 323 }
324 324
325 325 static void killcmdserver(const struct cmdserveropts *opts)
326 326 {
327 327 /* resolve config hash */
328 328 char *resolvedpath = realpath(opts->sockname, NULL);
329 329 if (resolvedpath) {
330 330 unlink(resolvedpath);
331 331 free(resolvedpath);
332 332 }
333 333 }
334 334
335 335 static pid_t peerpid = 0;
336 336
337 337 static void forwardsignal(int sig)
338 338 {
339 339 assert(peerpid > 0);
340 340 if (kill(peerpid, sig) < 0)
341 341 abortmsgerrno("cannot kill %d", peerpid);
342 342 debugmsg("forward signal %d", sig);
343 343 }
344 344
345 345 static void handlestopsignal(int sig)
346 346 {
347 347 sigset_t unblockset, oldset;
348 348 struct sigaction sa, oldsa;
349 349 if (sigemptyset(&unblockset) < 0)
350 350 goto error;
351 351 if (sigaddset(&unblockset, sig) < 0)
352 352 goto error;
353 353 memset(&sa, 0, sizeof(sa));
354 354 sa.sa_handler = SIG_DFL;
355 355 sa.sa_flags = SA_RESTART;
356 356 if (sigemptyset(&sa.sa_mask) < 0)
357 357 goto error;
358 358
359 359 forwardsignal(sig);
360 360 if (raise(sig) < 0) /* resend to self */
361 361 goto error;
362 362 if (sigaction(sig, &sa, &oldsa) < 0)
363 363 goto error;
364 364 if (sigprocmask(SIG_UNBLOCK, &unblockset, &oldset) < 0)
365 365 goto error;
366 366 /* resent signal will be handled before sigprocmask() returns */
367 367 if (sigprocmask(SIG_SETMASK, &oldset, NULL) < 0)
368 368 goto error;
369 369 if (sigaction(sig, &oldsa, NULL) < 0)
370 370 goto error;
371 371 return;
372 372
373 373 error:
374 374 abortmsgerrno("failed to handle stop signal");
375 375 }
376 376
377 377 static void setupsignalhandler(pid_t pid)
378 378 {
379 379 if (pid <= 0)
380 380 return;
381 381 peerpid = pid;
382 382
383 383 struct sigaction sa;
384 384 memset(&sa, 0, sizeof(sa));
385 385 sa.sa_handler = forwardsignal;
386 386 sa.sa_flags = SA_RESTART;
387 387 if (sigemptyset(&sa.sa_mask) < 0)
388 388 goto error;
389 389
390 390 if (sigaction(SIGHUP, &sa, NULL) < 0)
391 391 goto error;
392 392 if (sigaction(SIGINT, &sa, NULL) < 0)
393 393 goto error;
394 394
395 395 /* terminate frontend by double SIGTERM in case of server freeze */
396 396 sa.sa_flags |= SA_RESETHAND;
397 397 if (sigaction(SIGTERM, &sa, NULL) < 0)
398 398 goto error;
399 399
400 /* notify the worker about window resize events */
401 sa.sa_flags = SA_RESTART;
402 if (sigaction(SIGWINCH, &sa, NULL) < 0)
403 goto error;
400 404 /* propagate job control requests to worker */
401 405 sa.sa_handler = forwardsignal;
402 406 sa.sa_flags = SA_RESTART;
403 407 if (sigaction(SIGCONT, &sa, NULL) < 0)
404 408 goto error;
405 409 sa.sa_handler = handlestopsignal;
406 410 sa.sa_flags = SA_RESTART;
407 411 if (sigaction(SIGTSTP, &sa, NULL) < 0)
408 412 goto error;
409 413
410 414 return;
411 415
412 416 error:
413 417 abortmsgerrno("failed to set up signal handlers");
414 418 }
415 419
416 420 /* This implementation is based on hgext/pager.py (pre 369741ef7253) */
417 421 static void setuppager(hgclient_t *hgc, const char *const args[],
418 422 size_t argsize)
419 423 {
420 424 const char *pagercmd = hgc_getpager(hgc, args, argsize);
421 425 if (!pagercmd)
422 426 return;
423 427
424 428 int pipefds[2];
425 429 if (pipe(pipefds) < 0)
426 430 return;
427 431 pid_t pid = fork();
428 432 if (pid < 0)
429 433 goto error;
430 434 if (pid == 0) {
431 435 close(pipefds[0]);
432 436 if (dup2(pipefds[1], fileno(stdout)) < 0)
433 437 goto error;
434 438 if (isatty(fileno(stderr))) {
435 439 if (dup2(pipefds[1], fileno(stderr)) < 0)
436 440 goto error;
437 441 }
438 442 close(pipefds[1]);
439 443 hgc_attachio(hgc); /* reattach to pager */
440 444 return;
441 445 } else {
442 446 dup2(pipefds[0], fileno(stdin));
443 447 close(pipefds[0]);
444 448 close(pipefds[1]);
445 449
446 450 int r = execlp("/bin/sh", "/bin/sh", "-c", pagercmd, NULL);
447 451 if (r < 0) {
448 452 abortmsgerrno("cannot start pager '%s'", pagercmd);
449 453 }
450 454 return;
451 455 }
452 456
453 457 error:
454 458 close(pipefds[0]);
455 459 close(pipefds[1]);
456 460 abortmsgerrno("failed to prepare pager");
457 461 }
458 462
459 463 /* Run instructions sent from the server like unlink and set redirect path
460 464 * Return 1 if reconnect is needed, otherwise 0 */
461 465 static int runinstructions(struct cmdserveropts *opts, const char **insts)
462 466 {
463 467 int needreconnect = 0;
464 468 if (!insts)
465 469 return needreconnect;
466 470
467 471 assert(insts);
468 472 opts->redirectsockname[0] = '\0';
469 473 const char **pinst;
470 474 for (pinst = insts; *pinst; pinst++) {
471 475 debugmsg("instruction: %s", *pinst);
472 476 if (strncmp(*pinst, "unlink ", 7) == 0) {
473 477 unlink(*pinst + 7);
474 478 } else if (strncmp(*pinst, "redirect ", 9) == 0) {
475 479 int r = snprintf(opts->redirectsockname,
476 480 sizeof(opts->redirectsockname),
477 481 "%s", *pinst + 9);
478 482 if (r < 0 || r >= (int)sizeof(opts->redirectsockname))
479 483 abortmsg("redirect path is too long (%d)", r);
480 484 needreconnect = 1;
481 485 } else if (strncmp(*pinst, "exit ", 5) == 0) {
482 486 int n = 0;
483 487 if (sscanf(*pinst + 5, "%d", &n) != 1)
484 488 abortmsg("cannot read the exit code");
485 489 exit(n);
486 490 } else if (strcmp(*pinst, "reconnect") == 0) {
487 491 needreconnect = 1;
488 492 } else {
489 493 abortmsg("unknown instruction: %s", *pinst);
490 494 }
491 495 }
492 496 return needreconnect;
493 497 }
494 498
495 499 /*
496 500 * Test whether the command is unsupported or not. This is not designed to
497 501 * cover all cases. But it's fast, does not depend on the server and does
498 502 * not return false positives.
499 503 */
500 504 static int isunsupported(int argc, const char *argv[])
501 505 {
502 506 enum {
503 507 SERVE = 1,
504 508 DAEMON = 2,
505 509 SERVEDAEMON = SERVE | DAEMON,
506 510 TIME = 4,
507 511 };
508 512 unsigned int state = 0;
509 513 int i;
510 514 for (i = 0; i < argc; ++i) {
511 515 if (strcmp(argv[i], "--") == 0)
512 516 break;
513 517 if (i == 0 && strcmp("serve", argv[i]) == 0)
514 518 state |= SERVE;
515 519 else if (strcmp("-d", argv[i]) == 0 ||
516 520 strcmp("--daemon", argv[i]) == 0)
517 521 state |= DAEMON;
518 522 else if (strcmp("--time", argv[i]) == 0)
519 523 state |= TIME;
520 524 }
521 525 return (state & TIME) == TIME ||
522 526 (state & SERVEDAEMON) == SERVEDAEMON;
523 527 }
524 528
525 529 static void execoriginalhg(const char *argv[])
526 530 {
527 531 debugmsg("execute original hg");
528 532 if (execvp(gethgcmd(), (char **)argv) < 0)
529 533 abortmsgerrno("failed to exec original hg");
530 534 }
531 535
532 536 int main(int argc, const char *argv[], const char *envp[])
533 537 {
534 538 if (getenv("CHGDEBUG"))
535 539 enabledebugmsg();
536 540
537 541 if (!getenv("HGPLAIN") && isatty(fileno(stderr)))
538 542 enablecolor();
539 543
540 544 if (getenv("CHGINTERNALMARK"))
541 545 abortmsg("chg started by chg detected.\n"
542 546 "Please make sure ${HG:-hg} is not a symlink or "
543 547 "wrapper to chg. Alternatively, set $CHGHG to the "
544 548 "path of real hg.");
545 549
546 550 if (isunsupported(argc - 1, argv + 1))
547 551 execoriginalhg(argv);
548 552
549 553 struct cmdserveropts opts;
550 554 initcmdserveropts(&opts);
551 555 setcmdserveropts(&opts);
552 556 setcmdserverargs(&opts, argc, argv);
553 557
554 558 if (argc == 2) {
555 559 if (strcmp(argv[1], "--kill-chg-daemon") == 0) {
556 560 killcmdserver(&opts);
557 561 return 0;
558 562 }
559 563 }
560 564
561 565 hgclient_t *hgc;
562 566 size_t retry = 0;
563 567 while (1) {
564 568 hgc = connectcmdserver(&opts);
565 569 if (!hgc)
566 570 abortmsg("cannot open hg client");
567 571 hgc_setenv(hgc, envp);
568 572 const char **insts = hgc_validate(hgc, argv + 1, argc - 1);
569 573 int needreconnect = runinstructions(&opts, insts);
570 574 free(insts);
571 575 if (!needreconnect)
572 576 break;
573 577 hgc_close(hgc);
574 578 if (++retry > 10)
575 579 abortmsg("too many redirections.\n"
576 580 "Please make sure %s is not a wrapper which "
577 581 "changes sensitive environment variables "
578 582 "before executing hg. If you have to use a "
579 583 "wrapper, wrap chg instead of hg.",
580 584 gethgcmd());
581 585 }
582 586
583 587 setupsignalhandler(hgc_peerpid(hgc));
584 588 setuppager(hgc, argv + 1, argc - 1);
585 589 int exitcode = hgc_runcommand(hgc, argv + 1, argc - 1);
586 590 hgc_close(hgc);
587 591 freecmdserveropts(&opts);
588 592 return exitcode;
589 593 }
General Comments 0
You need to be logged in to leave comments. Login now