/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to plugins.d/mandos-client.c

  • Committer: Teddy Hogeborn
  • Date: 2016-03-13 00:37:02 UTC
  • mto: (237.7.594 trunk)
  • mto: This revision was merged to the branch mainline in revision 339.
  • Revision ID: teddy@recompile.se-20160313003702-dulwtwt8ilpojra9
Server: Fix bug where it did not exit timely on signals

Use GLib.unix_signal_add() instead of signal.signal() to catch
signals; this will allow GLib to do its internal magic with signal
file descriptors.  (GLib does not handle signals properly otherwise.)
The function unix_signal_add() requires GLib 2.30 or later, which was
not required by PyGobject until version 3.7.1, so depend on this.

* INSTALL (Mandos Server): Document dependency on PyGObject 3.7.1
* mandos (main): Use GLib.unix_signal_add instead of signal.signal.
* init.d-mandos (do_stop): Remove workaround.
* mandos.service ([Service]): - '' -

Show diffs side-by-side

added added

removed removed

Lines of Context:
47
47
                                   strtof(), abort() */
48
48
#include <stdbool.h>            /* bool, false, true */
49
49
#include <string.h>             /* strcmp(), strlen(), strerror(),
50
 
                                   asprintf(), strncpy(), strsignal()
51
 
                                */
 
50
                                   asprintf(), strncpy() */
52
51
#include <sys/ioctl.h>          /* ioctl */
53
52
#include <sys/types.h>          /* socket(), inet_pton(), sockaddr,
54
53
                                   sockaddr_in6, PF_INET6,
626
625
                     safer_gnutls_strerror(ret));
627
626
        dhparamsfilename = NULL;
628
627
      }
629
 
      free(params.data);
630
628
    } while(false);
631
629
  }
632
630
  if(dhparamsfilename == NULL){
1079
1077
    bool match = false;
1080
1078
    {
1081
1079
      char *interface = NULL;
1082
 
      while((interface = argz_next(mc->interfaces,
1083
 
                                   mc->interfaces_size,
1084
 
                                   interface))){
 
1080
      while((interface=argz_next(mc->interfaces, mc->interfaces_size,
 
1081
                                 interface))){
1085
1082
        if(if_nametoindex(interface) == (unsigned int)if_index){
1086
1083
          match = true;
1087
1084
          break;
1240
1237
           with an explicit route added with the server's address.
1241
1238
           
1242
1239
           Avahi bug reference:
1243
 
           https://lists.freedesktop.org/archives/avahi/2010-February/001833.html
 
1240
           http://lists.freedesktop.org/archives/avahi/2010-February/001833.html
1244
1241
           https://bugs.debian.org/587961
1245
1242
        */
1246
1243
        if(debug){
1426
1423
                                               &decrypted_buffer, mc);
1427
1424
    if(decrypted_buffer_size >= 0){
1428
1425
      
1429
 
      clearerr(stdout);
1430
1426
      written = 0;
1431
1427
      while(written < (size_t) decrypted_buffer_size){
1432
1428
        if(quit_now){
1448
1444
        }
1449
1445
        written += (size_t)ret;
1450
1446
      }
1451
 
      ret = fflush(stdout);
1452
 
      if(ret != 0){
1453
 
        int e = errno;
1454
 
        if(debug){
1455
 
          fprintf_plus(stderr, "Error writing encrypted data: %s\n",
1456
 
                       strerror(errno));
1457
 
        }
1458
 
        errno = e;
1459
 
        goto mandos_end;
1460
 
      }
1461
1447
      retval = 0;
1462
1448
    }
1463
1449
  }
2197
2183
  
2198
2184
  /* Sleep checking until interface is running.
2199
2185
     Check every 0.25s, up to total time of delay */
2200
 
  for(int i = 0; i < delay * 4; i++){
 
2186
  for(int i=0; i < delay * 4; i++){
2201
2187
    if(interface_is_running(interface)){
2202
2188
      break;
2203
2189
    }
2499
2485
  
2500
2486
  {
2501
2487
    /* Work around Debian bug #633582:
2502
 
       <https://bugs.debian.org/633582> */
 
2488
       <http://bugs.debian.org/633582> */
2503
2489
    
2504
2490
    /* Re-raise privileges */
2505
2491
    ret = raise_privileges();
2960
2946
 end:
2961
2947
  
2962
2948
  if(debug){
2963
 
    if(signal_received){
2964
 
      fprintf_plus(stderr, "%s exiting due to signal %d: %s\n",
2965
 
                   argv[0], signal_received,
2966
 
                   strsignal(signal_received));
2967
 
    } else {
2968
 
      fprintf_plus(stderr, "%s exiting\n", argv[0]);
2969
 
    }
 
2949
    fprintf_plus(stderr, "%s exiting\n", argv[0]);
2970
2950
  }
2971
2951
  
2972
2952
  /* Cleanup things */
3024
3004
      /* Take down the network interfaces which were brought up */
3025
3005
      {
3026
3006
        char *interface = NULL;
3027
 
        while((interface = argz_next(interfaces_to_take_down,
3028
 
                                     interfaces_to_take_down_size,
3029
 
                                     interface))){
 
3007
        while((interface=argz_next(interfaces_to_take_down,
 
3008
                                   interfaces_to_take_down_size,
 
3009
                                   interface))){
3030
3010
          ret = take_down_interface(interface);
3031
3011
          if(ret != 0){
3032
3012
            errno = ret;