X-Git-Url: https://git.sesse.net/?p=cubemap;a=blobdiff_plain;f=httpinput.cpp;h=1b09abf6ce8ad550b6c371853fdbcd0bc0bb8e6f;hp=9cacc1f0041e8ebccbaccf6c101c35d82a7c899a;hb=941a7e35cd1b51dcd15159e23cc4a1e82ae4808b;hpb=d5f3f941faaf113936113fc2105bf59913e9125e

diff --git a/httpinput.cpp b/httpinput.cpp
index 9cacc1f..1b09abf 100644
--- a/httpinput.cpp
+++ b/httpinput.cpp
@@ -1,5 +1,6 @@
 #include <assert.h>
 #include <errno.h>
+#include <fcntl.h>
 #include <math.h>
 #include <netdb.h>
 #include <netinet/in.h>
@@ -10,9 +11,12 @@
 #include <sys/ioctl.h>
 #include <sys/socket.h>
 #include <sys/time.h>
+#include <sys/types.h>
+#include <sys/wait.h>
 #include <time.h>
 #include <unistd.h>
 #include <math.h>
+#include <spawn.h>
 #include <map>
 #include <string>
 #include <utility>
@@ -73,6 +77,10 @@ HTTPInput::HTTPInput(const InputProto &serialized)
 	  has_metacube_header(serialized.has_metacube_header()),
 	  sock(serialized.sock())
 {
+	// Set back the close-on-exec flag for the socket.
+	// (This can't leak into a child, since we haven't been started yet.)
+	fcntl(sock, F_SETFD, 1);
+
 	pending_data.resize(serialized.pending_data().size());
 	memcpy(&pending_data[0], serialized.pending_data().data(), serialized.pending_data().size());
 
@@ -111,6 +119,10 @@ void HTTPInput::close_socket()
 
 InputProto HTTPInput::serialize() const
 {
+	// Unset the close-on-exec flag for the socket.
+	// (This can't leak into a child, since there's only one thread left.)
+	fcntl(sock, F_SETFD, 0);
+
 	InputProto serialized;
 	serialized.set_state(state);
 	serialized.set_url(url);
@@ -155,7 +167,7 @@ int HTTPInput::lookup_and_connect(const string &host, const string &port)
 	for ( ; ai && !should_stop(); ai = ai->ai_next) {
 		// Now do a non-blocking connect. This is important because we want to be able to be
 		// woken up, even though it's rather cumbersome.
-		int sock = socket(ai->ai_family, SOCK_STREAM | SOCK_NONBLOCK, IPPROTO_TCP);
+		int sock = socket(ai->ai_family, SOCK_STREAM | SOCK_NONBLOCK | SOCK_CLOEXEC, IPPROTO_TCP);
 		if (sock == -1) {
 			// Could be e.g. EPROTONOSUPPORT. The show must go on.
 			continue;
@@ -211,6 +223,52 @@ int HTTPInput::lookup_and_connect(const string &host, const string &port)
 	freeaddrinfo(base_ai);
 	return -1;
 }
+
+int HTTPInput::open_child_process(const string &cmdline)
+{
+	int devnullfd = open("/dev/null", O_RDONLY | O_CLOEXEC);
+	if (devnullfd == -1) {
+		log_perror("/dev/null");
+		return -1;
+	}
+
+	int pipefd[2];
+	if (pipe2(pipefd, O_CLOEXEC) == -1) {
+		log_perror("pipe2()");
+		close(devnullfd);
+		return -1;
+	}
+
+	// Point stdout to us, stdin to /dev/null, and stderr remains where it is
+	// (probably the systemd log). All other file descriptors should be marked
+	// as close-on-exec, and should thus not leak into the child.
+	posix_spawn_file_actions_t actions;
+	posix_spawn_file_actions_init(&actions);
+	posix_spawn_file_actions_adddup2(&actions, devnullfd, 0);
+	posix_spawn_file_actions_adddup2(&actions, pipefd[1], 1);
+
+	pid_t child_pid;
+	char * const argv[] = {
+		strdup("/bin/sh"),
+		strdup("-c"),
+		strdup(path.c_str()),
+		nullptr
+	};
+	int err = posix_spawn(&child_pid, "/bin/sh", &actions, /*attrp=*/nullptr, argv, /*envp=*/nullptr);
+	posix_spawn_file_actions_destroy(&actions);
+	free(argv[0]);
+	free(argv[1]);
+	free(argv[2]);
+	close(pipefd[1]);
+
+	if (err == 0) {
+		return pipefd[0];
+	} else {
+		log_perror(cmdline.c_str());
+		close(pipefd[0]);
+		return -1;
+	}
+}
 	
 bool HTTPInput::parse_response(const string &request)
 {
@@ -323,7 +381,23 @@ void HTTPInput::do_work()
 		}
 
 		switch (state) {
-		case NOT_CONNECTED:
+		case NOT_CONNECTED: {
+			// Reap any exited children.
+			int wstatus, err;
+			do {
+				err = waitpid(-1, &wstatus, WNOHANG);
+				if (err == -1) {
+					if (errno == EINTR) {
+						continue;
+					}
+					if (errno == ECHILD) {
+						break;
+					}
+					log_perror("waitpid");
+					break;
+				}
+			} while (err != 0);
+
 			request.clear();
 			request_bytes_sent = 0;
 			response.clear();
@@ -334,8 +408,9 @@ void HTTPInput::do_work()
 				servers->set_unavailable(stream_index);
 			}
 
+			string protocol;
 			{
-				string protocol, user;  // Thrown away.
+				string user;  // Thrown away.
 				if (!parse_url(url, &protocol, &user, &host, &port, &path)) {
 					if (!suppress_logging) {
 						log(WARNING, "[%s] Failed to parse URL '%s'", url.c_str(), url.c_str());
@@ -369,18 +444,33 @@ void HTTPInput::do_work()
 				assert(err != -1);
 			}
 			++num_connection_attempts;
-			sock = lookup_and_connect(host, port);
+			if (protocol == "pipe") {
+				sock = open_child_process(path.c_str());
+
+				if (sock != -1) {
+					// Construct a minimal HTTP header.
+					http_header = "HTTP/1.0 200 OK\r\n";
+					for (int stream_index : stream_indices) {
+						servers->set_header(stream_index, http_header, stream_header);
+					}
+					state = RECEIVING_DATA;
+				}
+			} else {
+				sock = lookup_and_connect(host, port);
+				if (sock != -1) {
+					// Yay, successful connect.
+					state = SENDING_REQUEST;
+					request = "GET " + path + " HTTP/1.0\r\nHost: " + host_header(host, port) + "\r\nUser-Agent: cubemap\r\n\r\n";
+					request_bytes_sent = 0;
+				}
+			}
 			if (sock != -1) {
-				// Yay, successful connect.
-				state = SENDING_REQUEST;
-				request = "GET " + path + " HTTP/1.0\r\nHost: " + host_header(host, port) + "\r\nUser-Agent: cubemap\r\n\r\n";
-				request_bytes_sent = 0;
-
 				lock_guard<mutex> lock(stats_mutex);
 				stats.connect_time = time(nullptr);
 				clock_gettime(CLOCK_MONOTONIC_COARSE, &last_activity);
 			}
 			break;
+		}
 		case SENDING_REQUEST: {
 			size_t to_send = request.size() - request_bytes_sent;
 			int ret;