From b7452dcbcb2f086e3fd7daf0c31b95d9e777190a Mon Sep 17 00:00:00 2001 From: Robert Ransom Date: Tue, 10 May 2011 05:15:02 -0700 Subject: Fix comment typo --- src/common/compat.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/common') diff --git a/src/common/compat.h b/src/common/compat.h index af795ffba..8144026ff 100644 --- a/src/common/compat.h +++ b/src/common/compat.h @@ -398,7 +398,7 @@ int get_n_open_sockets(void); #define tor_socket_send(s, buf, len, flags) send(s, buf, len, flags) #define tor_socket_recv(s, buf, len, flags) recv(s, buf, len, flags) -/** Implementatino of struct in6_addr for platforms that do not have it. +/** Implementation of struct in6_addr for platforms that do not have it. * Generally, these platforms are ones without IPv6 support, but we want to * have a working in6_addr there anyway, so we can use it to parse IPv6 * addresses. */ -- cgit v1.2.3 From cb9df5e53c169efc0ec1ccbfeea4c8d2878b1a39 Mon Sep 17 00:00:00 2001 From: Robert Ransom Date: Thu, 12 May 2011 00:27:19 -0700 Subject: Fix comment typo --- src/common/compat_libevent.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/common') diff --git a/src/common/compat_libevent.c b/src/common/compat_libevent.c index 3ad9be145..6d89be804 100644 --- a/src/common/compat_libevent.c +++ b/src/common/compat_libevent.c @@ -48,7 +48,7 @@ typedef uint32_t le_version_t; * it is. */ #define LE_OLD V(0,0,0) /** Represents a version of libevent so weird we can't figure out what version - * it it. */ + * it is. */ #define LE_OTHER V(0,0,99) static le_version_t tor_get_libevent_version(const char **v_out); -- cgit v1.2.3 From c714a098ea96fcd452a223ce7bbc6bfa2a6f0d02 Mon Sep 17 00:00:00 2001 From: Robert Ransom Date: Thu, 12 May 2011 02:57:09 -0700 Subject: Improve a documentation comment --- src/common/util.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) (limited to 'src/common') diff --git a/src/common/util.c b/src/common/util.c index 38c0ad05e..014b3349a 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -769,13 +769,17 @@ tor_digest256_is_zero(const char *digest) if (next) *next = endptr; \ return 0 -/** Extract a long from the start of s, in the given numeric base. If - * there is unconverted data and next is provided, set *next to the - * first unconverted character. An error has occurred if no characters - * are converted; or if there are unconverted characters and next is NULL; or - * if the parsed value is not between min and max. When no error occurs, - * return the parsed value and set *ok (if provided) to 1. When an error - * occurs, return 0 and set *ok (if provided) to 0. +/** Extract a long from the start of s, in the given numeric + * base. If base is 0, s is parsed as a decimal, + * octal, or hex number in the syntax of a C integer literal. If + * there is unconverted data and next is provided, set + * *next to the first unconverted character. An error has + * occurred if no characters are converted; or if there are + * unconverted characters and next is NULL; or if the parsed + * value is not between min and max. When no error + * occurs, return the parsed value and set *ok (if provided) to + * 1. When an error occurs, return 0 and set *ok (if provided) + * to 0. */ long tor_parse_long(const char *s, int base, long min, long max, -- cgit v1.2.3 From 4b266c6e72254d848b2ca4f594c0b41770104d81 Mon Sep 17 00:00:00 2001 From: Robert Ransom Date: Sun, 15 May 2011 08:23:04 -0700 Subject: Implement __OwningControllerProcess option Implements part of feature 3049. --- src/common/Makefile.am | 4 +- src/common/procmon.c | 331 +++++++++++++++++++++++++++++++++++++++++++++++++ src/common/procmon.h | 29 +++++ 3 files changed, 362 insertions(+), 2 deletions(-) create mode 100644 src/common/procmon.c create mode 100644 src/common/procmon.h (limited to 'src/common') diff --git a/src/common/Makefile.am b/src/common/Makefile.am index b1e03cd71..88892455e 100644 --- a/src/common/Makefile.am +++ b/src/common/Makefile.am @@ -12,11 +12,11 @@ libor_extra_source= endif libor_a_SOURCES = address.c log.c util.c compat.c container.c mempool.c \ - memarea.c util_codedigest.c $(libor_extra_source) + memarea.c util_codedigest.c procmon.c $(libor_extra_source) libor_crypto_a_SOURCES = crypto.c aes.c tortls.c torgzip.c libor_event_a_SOURCES = compat_libevent.c -noinst_HEADERS = address.h torlog.h crypto.h util.h compat.h aes.h torint.h tortls.h strlcpy.c strlcat.c torgzip.h container.h ht.h mempool.h memarea.h ciphers.inc compat_libevent.h tortls_states.h +noinst_HEADERS = address.h torlog.h crypto.h util.h compat.h aes.h torint.h tortls.h strlcpy.c strlcat.c torgzip.h container.h ht.h mempool.h memarea.h procmon.h ciphers.inc compat_libevent.h tortls_states.h common_sha1.i: $(libor_SOURCES) $(libor_crypto_a_SOURCES) $(noinst_HEADERS) if test "@SHA1SUM@" != none; then \ diff --git a/src/common/procmon.c b/src/common/procmon.c new file mode 100644 index 000000000..cee956a52 --- /dev/null +++ b/src/common/procmon.c @@ -0,0 +1,331 @@ + +/** + * \file procmon.c + * \brief Process-termination monitor functions + **/ + +#include "procmon.h" + +#include "util.h" + +#ifdef HAVE_EVENT2_EVENT_H +#include +#else +#include +#endif + +#ifdef HAVE_SIGNAL_H +#include +#endif +#ifdef HAVE_ERRNO_H +#include +#endif + +#ifdef MS_WINDOWS +#include + +/* Windows does not define pid_t, but _getpid() returns an int. */ +typedef int pid_t; +#endif + +/* Define to 1 if process-termination monitors on this OS and Libevent + version must poll for process termination themselves. */ +#define PROCMON_POLLS 1 +/* Currently we need to poll in some way on all systems. */ + +#ifdef PROCMON_POLLS +static void tor_process_monitor_poll_cb(int unused1, short unused2, + void *procmon_); +#endif + +/* This struct may contain pointers into the original process + * specifier string, but it should *never* contain anything which + * needs to be freed. */ +struct parsed_process_specifier_t { + pid_t pid; +}; + +/** Parse the process specifier given in process_spec into + * *ppspec. Return 0 on success; return -1 and store an error + * message into *msg on failure. The caller must not free the + * returned error message. */ +static int +parse_process_specifier(const char *process_spec, + struct parsed_process_specifier_t *ppspec, + const char **msg) +{ + long pid_l; + int pid_ok = 0; + char *pspec_next; + + /* If we're lucky, long will turn out to be large enough to hold a + * PID everywhere that Tor runs. */ + pid_l = tor_parse_long(process_spec, 0, 1, LONG_MAX, &pid_ok, &pspec_next); + + /* Reserve room in the ‘process specifier’ for additional + * (platform-specific) identifying information beyond the PID, to + * make our process-existence checks a bit less racy in a future + * version. */ + if ((*pspec_next != 0) && (*pspec_next != ' ') && (*pspec_next != ':')) { + pid_ok = 0; + } + + ppspec->pid = (pid_t)(pid_l); + if (!pid_ok || (pid_l != (long)(ppspec->pid))) { + *msg = "invalid PID"; + goto err; + } + + return 0; + err: + return -1; +} + +struct tor_process_monitor_t { + /** Log domain for warning messages. */ + log_domain_mask_t log_domain; + + /** All systems: The best we can do in general is poll for the + * process's existence by PID periodically, and hope that the kernel + * doesn't reassign the same PID to another process between our + * polls. */ + pid_t pid; + +#ifdef MS_WINDOWS + /** Windows-only: Should we poll hproc? If false, poll pid + * instead. */ + int poll_hproc; + + /** Windows-only: Get a handle to the process (if possible) and + * periodically check whether the process we have a handle to has + * ended. */ + HANDLE hproc; + /* XXX023 We can and should have Libevent watch hproc for us, + * if/when some version of Libevent 2.x can be told to do so. */ +#endif + + /* XXX023 On Linux, we can and should receive the 22nd + * (space-delimited) field (‘starttime’) of /proc/$PID/stat from the + * owning controller and store it, and poll once in a while to see + * whether it has changed -- if so, the kernel has *definitely* + * reassigned the owning controller's PID and we should exit. On + * FreeBSD, we can do the same trick using either the 8th + * space-delimited field of /proc/$PID/status on the seven FBSD + * systems whose admins have mounted procfs, or the start-time field + * of the process-information structure returned by kvmgetprocs() on + * any system. The latter is ickier. */ + /* XXX023 On FreeBSD (and possibly other kqueue systems), we can and + * should arrange to receive EVFILT_PROC NOTE_EXIT notifications for + * pid, so we don't have to do such a heavyweight poll operation in + * order to avoid the PID-reassignment race condition. (We would + * still need to poll our own kqueue periodically until some version + * of Libevent 2.x learns to receive these events for us.) */ + + /** A Libevent event structure, to either poll for the process's + * existence or receive a notification when the process ends. */ + struct event *e; + + /** A callback to be called when the process ends. */ + tor_procmon_callback_t cb; + void *cb_arg; /**< A user-specified pointer to be passed to cb. */ +}; + +/** Verify that the process specifier given in process_spec is + * syntactically valid. Return 0 on success; return -1 and store an + * error message into *msg on failure. The caller must not + * free the returned error message. */ +int +tor_validate_process_specifier(const char *process_spec, + const char **msg) +{ + struct parsed_process_specifier_t ppspec; + + tor_assert(msg != NULL); + *msg = NULL; + + return parse_process_specifier(process_spec, &ppspec, msg); +} + +#ifdef HAVE_EVENT2_EVENT_H +#define PERIODIC_TIMER_FLAGS EV_PERSIST +#else +#define PERIODIC_TIMER_FLAGS (0) +#endif + +static const struct timeval poll_interval_tv = {15, 0}; + +/** Create a process-termination monitor for the process specifier + * given in process_spec. Return a newly allocated + * tor_process_monitor_t on success; return NULL and store an error + * message into *msg on failure. The caller must not free + * the returned error message. + * + * When the monitored process terminates, call + * cb(cb_arg). + */ +tor_process_monitor_t * +tor_process_monitor_new(struct event_base *base, + const char *process_spec, + log_domain_mask_t log_domain, + tor_procmon_callback_t cb, void *cb_arg, + const char **msg) +{ + tor_process_monitor_t *procmon = tor_malloc(sizeof(tor_process_monitor_t)); + struct parsed_process_specifier_t ppspec; + + tor_assert(msg != NULL); + *msg = NULL; + + if (procmon == NULL) { + *msg = "out of memory"; + goto err; + } + + procmon->log_domain = log_domain; + + if (parse_process_specifier(process_spec, &ppspec, msg)) + goto err; + + procmon->pid = ppspec.pid; + +#ifdef MS_WINDOWS + procmon->hproc = OpenProcess(PROCESS_QUERY_INFORMATION | SYNCHRONIZE, + FALSE, + procmon->pid); + + if (procmon->hproc != NULL) { + procmon->poll_hproc = 1; + log_info(procmon->log_domain, "Successfully opened handle to process %d; " + "monitoring it.", + (int)(procmon->pid)); + } else { + /* If we couldn't get a handle to the process, we'll try again the + * first time we poll. */ + log_info(procmon->log_domain, "Failed to open handle to process %d; will " + "try again later.", + (int)(procmon->pid)); + } +#endif + + procmon->cb = cb; + procmon->cb_arg = cb_arg; + +#ifdef PROCMON_POLLS + procmon->e = tor_event_new(base, -1 /* no FD */, PERIODIC_TIMER_FLAGS, + tor_process_monitor_poll_cb, procmon); + /* Note: If you port this file to plain Libevent 2, check that + * procmon->e is non-NULL. We don't need to here because + * tor_evtimer_new never returns NULL. */ + + evtimer_add(procmon->e, &poll_interval_tv); +#else +#error OOPS? +#endif + + return procmon; + err: + tor_process_monitor_free(procmon); + return NULL; +} + +#ifdef PROCMON_POLLS +/** Libevent callback to poll for the existence of the process + * monitored by procmon_. */ +static void +tor_process_monitor_poll_cb(int unused1, short unused2, void *procmon_) +{ + tor_process_monitor_t *procmon = (tor_process_monitor_t *)(procmon_); + int its_dead_jim; + + (void)unused1; (void)unused2; + + tor_assert(procmon != NULL); + +#ifdef MS_WINDOWS + if (procmon->poll_hproc) { + DWORD exit_code; + if (!GetExitCodeProcess(procmon->hproc, &exit_code)) { + char *errmsg = format_win32_error(GetLastError()); + log_warn(procmon->log_domain, "Error \"%s\" occurred while polling " + "handle for monitored process %d; assuming it's dead." + errmsg, procmon->pid); + tor_free(errmsg); + its_dead_jim = 1; + } else { + its_dead_jim = (exit_code != STILL_ACTIVE); + } + } else { + /* All we can do is try to open the process, and look at the error + * code if it fails again. */ + procmon->hproc = OpenProcess(PROCESS_QUERY_INFORMATION | SYNCHRONIZE, + FALSE, + procmon->pid); + + if (procmon->hproc != NULL) { + log_info(procmon->log_domain, "Successfully opened handle to monitored " + "process %d.", + procmon->pid); + its_dead_jim = 0; + procmon->poll_hproc = 1; + } else { + DWORD err_code = GetLastError(); + char *errmsg = format_win32_error(err_code); + + /* When I tested OpenProcess's error codes on Windows 7, I + * received error code 5 (ERROR_ACCESS_DENIED) for PIDs of + * existing processes that I could not open and error code 87 + * (ERROR_INVALID_PARAMETER) for PIDs that were not in use. + * Since the nonexistent-process error code is sane, I'm going + * to assume that all errors other than ERROR_INVALID_PARAMETER + * mean that the process we are monitoring is still alive. */ + its_dead_jim = (err_code == ERROR_INVALID_PARAMETER); + + if (!its_dead_jim) + log_info(procmon->log_domain, "Failed to open handle to monitored " + "process %d, and error code %d (%s) is not 'invalid " + "parameter' -- assuming the process is still alive.", + procmon->pid, + err_code, err_msg); + + tor_free(err_msg); + } + } +#else + /* Unix makes this part easy, if a bit racy. */ + its_dead_jim = kill(procmon->pid, 0); + its_dead_jim = its_dead_jim && (errno == ESRCH); +#endif + + log(its_dead_jim ? LOG_NOTICE : LOG_INFO, + procmon->log_domain, "Monitored process %d is %s.", + (int)procmon->pid, + its_dead_jim ? "dead" : "still alive"); + + if (its_dead_jim) { + procmon->cb(procmon->cb_arg); +#ifndef HAVE_EVENT2_EVENT_H + } else { + evtimer_add(procmon->e, &poll_interval_tv); +#endif + } +} +#endif + +/** Free the process-termination monitor procmon. */ +void +tor_process_monitor_free(tor_process_monitor_t *procmon) +{ + if (procmon == NULL) + return; + +#ifdef MS_WINDOWS + if (procmon->hproc != NULL) + CloseHandle(procmon->hproc); +#endif + + if (procmon->e != NULL) + tor_event_free(procmon->e); + + tor_free(procmon); +} + diff --git a/src/common/procmon.h b/src/common/procmon.h new file mode 100644 index 000000000..f8c7444d5 --- /dev/null +++ b/src/common/procmon.h @@ -0,0 +1,29 @@ + +/** + * \file procmon.h + * \brief Headers for procmon.c + **/ + +#ifndef TOR_PROCMON_H +#define TOR_PROCMON_H + +#include "compat.h" +#include "compat_libevent.h" + +#include "torlog.h" + +typedef struct tor_process_monitor_t tor_process_monitor_t; + +typedef void (*tor_procmon_callback_t)(void *); + +int tor_validate_process_specifier(const char *process_spec, + const char **msg); +tor_process_monitor_t *tor_process_monitor_new(struct event_base *base, + const char *process_spec, + log_domain_mask_t log_domain, + tor_procmon_callback_t cb, + void *cb_arg, + const char **msg); +void tor_process_monitor_free(tor_process_monitor_t *procmon); + +#endif -- cgit v1.2.3 From 0caa37db4df76fc50af48a107a14e4f139b7fa55 Mon Sep 17 00:00:00 2001 From: Robert Ransom Date: Sun, 15 May 2011 08:23:29 -0700 Subject: Fix some comments --- src/common/log.c | 2 +- src/common/torlog.h | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) (limited to 'src/common') diff --git a/src/common/log.c b/src/common/log.c index d14563c88..ac98f1353 100644 --- a/src/common/log.c +++ b/src/common/log.c @@ -390,7 +390,7 @@ logv(int severity, log_domain_mask_t domain, const char *funcname, /** Output a message to the log. It gets logged to all logfiles that * care about messages with severity in domain. The content - * is formatted printf style basedc on format and extra arguments. + * is formatted printf-style based on format and extra arguments. * */ void tor_log(int severity, log_domain_mask_t domain, const char *format, ...) diff --git a/src/common/torlog.h b/src/common/torlog.h index 000e32dda..541a0d173 100644 --- a/src/common/torlog.h +++ b/src/common/torlog.h @@ -146,7 +146,6 @@ void change_callback_log_severity(int loglevelMin, int loglevelMax, void flush_pending_log_callbacks(void); void log_set_application_name(const char *name); -/* Outputs a message to stdout */ void tor_log(int severity, log_domain_mask_t domain, const char *format, ...) CHECK_PRINTF(3,4); #define log tor_log /* hack it so we don't conflict with log() as much */ -- cgit v1.2.3 From 93b699e1ea5f4107f545cca97de627a3746e1daf Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Mon, 23 May 2011 01:10:49 -0400 Subject: Appease make check-spaces wrt procmon.h --- src/common/procmon.h | 1 + 1 file changed, 1 insertion(+) (limited to 'src/common') diff --git a/src/common/procmon.h b/src/common/procmon.h index f8c7444d5..02eb2da61 100644 --- a/src/common/procmon.h +++ b/src/common/procmon.h @@ -27,3 +27,4 @@ tor_process_monitor_t *tor_process_monitor_new(struct event_base *base, void tor_process_monitor_free(tor_process_monitor_t *procmon); #endif + -- cgit v1.2.3 From 1e69c60dccc358a7146c2b5e7825ea729498b41b Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Mon, 23 May 2011 01:12:00 -0400 Subject: The first argument for a libevent callback should be evutil_socket_t --- src/common/procmon.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'src/common') diff --git a/src/common/procmon.c b/src/common/procmon.c index cee956a52..bd25bc10e 100644 --- a/src/common/procmon.c +++ b/src/common/procmon.c @@ -34,7 +34,7 @@ typedef int pid_t; /* Currently we need to poll in some way on all systems. */ #ifdef PROCMON_POLLS -static void tor_process_monitor_poll_cb(int unused1, short unused2, +static void tor_process_monitor_poll_cb(evutil_socket_t unused1, short unused2, void *procmon_); #endif @@ -232,7 +232,8 @@ tor_process_monitor_new(struct event_base *base, /** Libevent callback to poll for the existence of the process * monitored by procmon_. */ static void -tor_process_monitor_poll_cb(int unused1, short unused2, void *procmon_) +tor_process_monitor_poll_cb(evutil_socket_t unused1, short unused2, + void *procmon_) { tor_process_monitor_t *procmon = (tor_process_monitor_t *)(procmon_); int its_dead_jim; -- cgit v1.2.3