#include <assert.h>
#include <errno.h>
+#include <fcntl.h>
#include <math.h>
#include <netdb.h>
#include <netinet/in.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <sys/time.h>
+#include <sys/types.h>
+#include <sys/wait.h>
#include <time.h>
#include <unistd.h>
#include <math.h>
+#include <spawn.h>
#include <map>
#include <string>
#include <utility>
http_header(serialized.http_header()),
stream_header(serialized.stream_header()),
has_metacube_header(serialized.has_metacube_header()),
- sock(serialized.sock())
+ sock(serialized.sock()),
+ child_pid(serialized.child_pid())
{
+ // Set back the close-on-exec flag for the socket.
+ // (This can't leak into a child, since we haven't been started yet.)
+ if (sock != -1) {
+ fcntl(sock, F_SETFD, FD_CLOEXEC);
+ }
+
pending_data.resize(serialized.pending_data().size());
memcpy(&pending_data[0], serialized.pending_data().data(), serialized.pending_data().size());
safe_close(sock);
sock = -1;
}
+ if (child_pid != -1) {
+ // Kill the child process group, forcibly.
+ // TODO: Consider using a pidfd on newer kernels, so that we're guaranteed
+ // never to kill the wrong process.
+ kill(-child_pid, SIGKILL);
+ }
+ child_pid = -1;
lock_guard<mutex> lock(stats_mutex);
stats.connect_time = -1;
InputProto HTTPInput::serialize() const
{
+ // Unset the close-on-exec flag for the socket.
+ // (This can't leak into a child, since there's only one thread left.)
+ fcntl(sock, F_SETFD, 0);
+
InputProto serialized;
serialized.set_state(state);
serialized.set_url(url);
serialized.set_pending_data(string(pending_data.begin(), pending_data.end()));
serialized.set_has_metacube_header(has_metacube_header);
serialized.set_sock(sock);
+ serialized.set_child_pid(child_pid);
serialized.set_bytes_received(stats.bytes_received);
serialized.set_data_bytes_received(stats.data_bytes_received);
if (isfinite(stats.latency_sec)) {
log(WARNING, "[%s] Lookup of '%s' failed (%s).",
url.c_str(), host.c_str(), gai_strerror(err));
}
+ freeaddrinfo(ai);
return -1;
}
// Connect to everything in turn until we have a socket.
for ( ; ai && !should_stop(); ai = ai->ai_next) {
- int sock = socket(ai->ai_family, SOCK_STREAM, IPPROTO_TCP);
+ // Now do a non-blocking connect. This is important because we want to be able to be
+ // woken up, even though it's rather cumbersome.
+ int sock = socket(ai->ai_family, SOCK_STREAM | SOCK_NONBLOCK | SOCK_CLOEXEC, IPPROTO_TCP);
if (sock == -1) {
// Could be e.g. EPROTONOSUPPORT. The show must go on.
continue;
}
- // Now do a non-blocking connect. This is important because we want to be able to be
- // woken up, even though it's rather cumbersome.
-
- // Set the socket as nonblocking.
- int one = 1;
- if (ioctl(sock, FIONBIO, &one) == -1) {
- log_perror("ioctl(FIONBIO)");
- safe_close(sock);
- freeaddrinfo(base_ai);
- return -1;
- }
-
// Do a non-blocking connect.
do {
err = connect(sock, ai->ai_addr, ai->ai_addrlen);
bool complete = wait_for_activity(sock, POLLIN | POLLOUT, nullptr);
if (should_stop()) {
safe_close(sock);
+ freeaddrinfo(base_ai);
return -1;
}
if (complete) {
freeaddrinfo(base_ai);
return -1;
}
+
+int HTTPInput::open_child_process(const string &cmdline)
+{
+ int devnullfd = open("/dev/null", O_RDONLY | O_CLOEXEC);
+ if (devnullfd == -1) {
+ log_perror("/dev/null");
+ return -1;
+ }
+
+ int pipefd[2];
+ if (pipe2(pipefd, O_CLOEXEC) == -1) {
+ log_perror("pipe2()");
+ close(devnullfd);
+ return -1;
+ }
+
+ // Point stdout to us, stdin to /dev/null, and stderr remains where it is
+ // (probably the systemd log). All other file descriptors should be marked
+ // as close-on-exec, and should thus not leak into the child.
+ posix_spawn_file_actions_t actions;
+ posix_spawn_file_actions_init(&actions);
+ posix_spawn_file_actions_adddup2(&actions, devnullfd, 0);
+ posix_spawn_file_actions_adddup2(&actions, pipefd[1], 1);
+
+ // Make the process a leader of its own process group, so that we can easily
+ // kill it and any of its child processes (unless it's started new process
+ // groups itself, of course).
+ posix_spawnattr_t attr;
+ posix_spawnattr_init(&attr);
+ posix_spawnattr_setflags(&attr, POSIX_SPAWN_SETPGROUP);
+ posix_spawnattr_setpgroup(&attr, 0);
+
+ char * const argv[] = {
+ strdup("/bin/sh"),
+ strdup("-c"),
+ strdup(path.c_str()),
+ nullptr
+ };
+ int err = posix_spawn(&child_pid, "/bin/sh", &actions, &attr, argv, /*envp=*/nullptr);
+ posix_spawn_file_actions_destroy(&actions);
+ posix_spawnattr_destroy(&attr);
+ free(argv[0]);
+ free(argv[1]);
+ free(argv[2]);
+ close(devnullfd);
+ close(pipefd[1]);
+
+ if (err == 0) {
+ return pipefd[0];
+ } else {
+ child_pid = -1;
+ log_perror(cmdline.c_str());
+ close(pipefd[0]);
+ return -1;
+ }
+}
bool HTTPInput::parse_response(const string &request)
{
}
switch (state) {
- case NOT_CONNECTED:
+ case NOT_CONNECTED: {
+ // Reap any exited children.
+ int wstatus, err;
+ do {
+ err = waitpid(-1, &wstatus, WNOHANG);
+ if (err == -1) {
+ if (errno == EINTR) {
+ continue;
+ }
+ if (errno == ECHILD) {
+ break;
+ }
+ log_perror("waitpid");
+ break;
+ }
+ } while (err != 0);
+ child_pid = -1;
+
request.clear();
request_bytes_sent = 0;
response.clear();
servers->set_unavailable(stream_index);
}
+ string protocol;
{
- string protocol, user; // Thrown away.
+ string user; // Thrown away.
if (!parse_url(url, &protocol, &user, &host, &port, &path)) {
if (!suppress_logging) {
log(WARNING, "[%s] Failed to parse URL '%s'", url.c_str(), url.c_str());
assert(err != -1);
}
++num_connection_attempts;
- sock = lookup_and_connect(host, port);
- if (sock != -1) {
- // Yay, successful connect. Try to set it as nonblocking.
- int one = 1;
- if (ioctl(sock, FIONBIO, &one) == -1) {
- log_perror("ioctl(FIONBIO)");
- state = CLOSING_SOCKET;
- } else {
+ if (protocol == "pipe") {
+ sock = open_child_process(path.c_str());
+
+ if (sock != -1) {
+ // Construct a minimal HTTP header.
+ http_header = "HTTP/1.0 200 OK\r\n";
+ for (int stream_index : stream_indices) {
+ servers->set_header(stream_index, http_header, stream_header);
+ }
+ state = RECEIVING_DATA;
+ }
+ } else {
+ sock = lookup_and_connect(host, port);
+ if (sock != -1) {
+ // Yay, successful connect.
state = SENDING_REQUEST;
request = "GET " + path + " HTTP/1.0\r\nHost: " + host_header(host, port) + "\r\nUser-Agent: cubemap\r\n\r\n";
request_bytes_sent = 0;
}
-
+ }
+ if (sock != -1) {
lock_guard<mutex> lock(stats_mutex);
stats.connect_time = time(nullptr);
clock_gettime(CLOCK_MONOTONIC_COARSE, &last_activity);
}
break;
+ }
case SENDING_REQUEST: {
size_t to_send = request.size() - request_bytes_sent;
int ret;