mirror of
https://github.com/servalproject/serval-dna.git
synced 2025-01-18 10:46:23 +00:00
Refactor keyring open/seed out of server()
Now the keyring is opened and seeded before the server daemon process is forked, and any keyring error prevents the server from starting No longer necessary to pass a (cli_parsed*) argument to server()
This commit is contained in:
parent
6371203703
commit
bb677e50fd
@ -862,16 +862,27 @@ int app_server_start(const struct cli_parsed *parsed, struct cli_context *contex
|
|||||||
instance directory when it starts up. */
|
instance directory when it starts up. */
|
||||||
if (server_remove_stopfile() == -1)
|
if (server_remove_stopfile() == -1)
|
||||||
RETURN(-1);
|
RETURN(-1);
|
||||||
|
// Open the keyring and ensure it contains at least one unlocked identity.
|
||||||
|
keyring = keyring_open_instance_cli(parsed);
|
||||||
|
if (!keyring)
|
||||||
|
RETURN(WHY("Could not open keyring file"));
|
||||||
|
if (keyring_seed(keyring) == -1) {
|
||||||
|
WHY("Could not seed keyring");
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
overlayMode = 1;
|
overlayMode = 1;
|
||||||
if (foregroundP)
|
if (foregroundP) {
|
||||||
RETURN(server(parsed));
|
ret = server();
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
const char *dir = getenv("SERVALD_SERVER_CHDIR");
|
const char *dir = getenv("SERVALD_SERVER_CHDIR");
|
||||||
if (!dir)
|
if (!dir)
|
||||||
dir = config.server.chdir;
|
dir = config.server.chdir;
|
||||||
switch (cpid = fork()) {
|
switch (cpid = fork()) {
|
||||||
case -1:
|
case -1:
|
||||||
/* Main process. Fork failed. There is no child process. */
|
/* Main process. Fork failed. There is no child process. */
|
||||||
RETURN(WHY_perror("fork"));
|
WHY_perror("fork");
|
||||||
|
goto exit;
|
||||||
case 0: {
|
case 0: {
|
||||||
/* Child process. Fork then exit, to disconnect daemon from parent process, so that
|
/* Child process. Fork then exit, to disconnect daemon from parent process, so that
|
||||||
when daemon exits it does not live on as a zombie. N.B. Do not return from within this
|
when daemon exits it does not live on as a zombie. N.B. Do not return from within this
|
||||||
@ -912,7 +923,7 @@ int app_server_start(const struct cli_parsed *parsed, struct cli_context *contex
|
|||||||
WHYF_perror("execl(%s,\"start\",\"foreground\")", alloca_str_toprint(execpath));
|
WHYF_perror("execl(%s,\"start\",\"foreground\")", alloca_str_toprint(execpath));
|
||||||
_exit(-1);
|
_exit(-1);
|
||||||
}
|
}
|
||||||
_exit(server(parsed));
|
_exit(server());
|
||||||
// NOT REACHED
|
// NOT REACHED
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -927,9 +938,11 @@ int app_server_start(const struct cli_parsed *parsed, struct cli_context *contex
|
|||||||
sleep_ms(200); // 5 Hz
|
sleep_ms(200); // 5 Hz
|
||||||
} while ((pid = server_pid()) == 0 && gettime_ms() < timeout);
|
} while ((pid = server_pid()) == 0 && gettime_ms() < timeout);
|
||||||
if (pid == -1)
|
if (pid == -1)
|
||||||
RETURN(-1);
|
goto exit;
|
||||||
if (pid == 0)
|
if (pid == 0) {
|
||||||
RETURN(WHY("Server process did not start"));
|
WHY("Server process did not start");
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
ret = 0;
|
ret = 0;
|
||||||
}
|
}
|
||||||
const char *ipath = instance_path();
|
const char *ipath = instance_path();
|
||||||
@ -963,6 +976,9 @@ int app_server_start(const struct cli_parsed *parsed, struct cli_context *contex
|
|||||||
sleep_ms(milliseconds);
|
sleep_ms(milliseconds);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
exit:
|
||||||
|
keyring_free(keyring);
|
||||||
|
keyring = NULL;
|
||||||
RETURN(ret);
|
RETURN(ret);
|
||||||
OUT();
|
OUT();
|
||||||
}
|
}
|
||||||
|
16
keyring.c
16
keyring.c
@ -2058,10 +2058,6 @@ keyring_file *keyring_open_instance_cli(const struct cli_parsed *parsed)
|
|||||||
This identity will not be pin protected (initially). */
|
This identity will not be pin protected (initially). */
|
||||||
int keyring_seed(keyring_file *k)
|
int keyring_seed(keyring_file *k)
|
||||||
{
|
{
|
||||||
if (config.debug.keyring)
|
|
||||||
DEBUGF("k=%p", k);
|
|
||||||
if (!k) return WHY("keyring is null");
|
|
||||||
|
|
||||||
/* nothing to do if there is already an identity */
|
/* nothing to do if there is already an identity */
|
||||||
unsigned cn;
|
unsigned cn;
|
||||||
for (cn = 0; cn < k->context_count; ++cn)
|
for (cn = 0; cn < k->context_count; ++cn)
|
||||||
@ -2070,16 +2066,20 @@ int keyring_seed(keyring_file *k)
|
|||||||
int i;
|
int i;
|
||||||
char did[65];
|
char did[65];
|
||||||
/* Securely generate random telephone number */
|
/* Securely generate random telephone number */
|
||||||
urandombytes((unsigned char *)did, 11);
|
if (urandombytes((unsigned char *)did, 11) == -1)
|
||||||
|
return -1;
|
||||||
/* Make DID start with 2 through 9, as 1 is special in many number spaces,
|
/* Make DID start with 2 through 9, as 1 is special in many number spaces,
|
||||||
and 0 is commonly used for escaping to national or international dialling. */
|
and 0 is commonly used for escaping to national or international dialling. */
|
||||||
did[0]='2'+(((unsigned char)did[0])%8);
|
did[0]='2'+(((unsigned char)did[0])%8);
|
||||||
/* Then add 10 more digits, which is what we do in the mobile phone software */
|
/* Then add 10 more digits, which is what we do in the mobile phone software */
|
||||||
for(i=1;i<11;i++) did[i]='0'+(((unsigned char)did[i])%10); did[11]=0;
|
for(i=1;i<11;i++) did[i]='0'+(((unsigned char)did[i])%10); did[11]=0;
|
||||||
keyring_identity *id=keyring_create_identity(k,k->contexts[0],"");
|
keyring_identity *id=keyring_create_identity(k,k->contexts[0],"");
|
||||||
if (!id) return WHY("Could not create new identity");
|
if (!id)
|
||||||
if (keyring_set_did(id, did, "")) return WHY("Could not set DID of new identity");
|
return WHY("Could not create new identity");
|
||||||
if (keyring_commit(k)) return WHY("Could not commit new identity to keyring file");
|
if (keyring_set_did(id, did, ""))
|
||||||
|
return WHY("Could not set DID of new identity");
|
||||||
|
if (keyring_commit(k))
|
||||||
|
return WHY("Could not commit new identity to keyring file");
|
||||||
{
|
{
|
||||||
const sid_t *sidp = NULL;
|
const sid_t *sidp = NULL;
|
||||||
const char *did = NULL;
|
const char *did = NULL;
|
||||||
|
14
overlay.c
14
overlay.c
@ -80,7 +80,10 @@ int overlayMode=0;
|
|||||||
|
|
||||||
keyring_file *keyring=NULL;
|
keyring_file *keyring=NULL;
|
||||||
|
|
||||||
int overlayServerMode(const struct cli_parsed *parsed)
|
/* The caller must set up the keyring before calling this function, and the keyring must contain at
|
||||||
|
* least one identity, otherwise MDP and routing will not work.
|
||||||
|
*/
|
||||||
|
int overlayServerMode()
|
||||||
{
|
{
|
||||||
IN();
|
IN();
|
||||||
|
|
||||||
@ -99,15 +102,6 @@ int overlayServerMode(const struct cli_parsed *parsed)
|
|||||||
if (server_write_pid())
|
if (server_write_pid())
|
||||||
RETURN(-1);
|
RETURN(-1);
|
||||||
|
|
||||||
/* Get keyring available for use.
|
|
||||||
Required for MDP, and very soon as a complete replacement for the
|
|
||||||
HLR for DNA lookups, even in non-overlay mode. */
|
|
||||||
keyring = keyring_open_instance_cli(parsed);
|
|
||||||
if (!keyring)
|
|
||||||
RETURN(WHY("Could not open serval keyring file."));
|
|
||||||
/* put initial identity in if we don't have any visible */
|
|
||||||
keyring_seed(keyring);
|
|
||||||
|
|
||||||
overlay_queue_init();
|
overlay_queue_init();
|
||||||
|
|
||||||
/* Get the set of socket file descriptors we need to monitor.
|
/* Get the set of socket file descriptors we need to monitor.
|
||||||
|
4
serval.h
4
serval.h
@ -226,7 +226,7 @@ int server_pid();
|
|||||||
const char *_server_pidfile_path(struct __sourceloc);
|
const char *_server_pidfile_path(struct __sourceloc);
|
||||||
#define server_pidfile_path() (_server_pidfile_path(__WHENCE__))
|
#define server_pidfile_path() (_server_pidfile_path(__WHENCE__))
|
||||||
void server_save_argv(int argc, const char *const *argv);
|
void server_save_argv(int argc, const char *const *argv);
|
||||||
int server(const struct cli_parsed *parsed);
|
int server(void);
|
||||||
int server_write_pid();
|
int server_write_pid();
|
||||||
int server_write_proc_state(const char *path, const char *fmt, ...);
|
int server_write_proc_state(const char *path, const char *fmt, ...);
|
||||||
int server_get_proc_state(const char *path, char *buff, size_t buff_len);
|
int server_get_proc_state(const char *path, char *buff, size_t buff_len);
|
||||||
@ -258,7 +258,7 @@ void overlay_rhizome_advertise(struct sched_ent *alarm);
|
|||||||
void rhizome_sync_status_html(struct strbuf *b, struct subscriber *subscriber);
|
void rhizome_sync_status_html(struct strbuf *b, struct subscriber *subscriber);
|
||||||
int rhizome_cache_count();
|
int rhizome_cache_count();
|
||||||
|
|
||||||
int overlayServerMode(const struct cli_parsed *parsed);
|
int overlayServerMode(void);
|
||||||
int overlay_payload_enqueue(struct overlay_frame *p);
|
int overlay_payload_enqueue(struct overlay_frame *p);
|
||||||
int overlay_queue_remaining(int queue);
|
int overlay_queue_remaining(int queue);
|
||||||
int overlay_queue_schedule_next(time_ms_t next_allowed_packet);
|
int overlay_queue_schedule_next(time_ms_t next_allowed_packet);
|
||||||
|
4
server.c
4
server.c
@ -99,7 +99,7 @@ void server_save_argv(int argc, const char *const *argv)
|
|||||||
exec_args[exec_argc] = NULL;
|
exec_args[exec_argc] = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
int server(const struct cli_parsed *parsed)
|
int server()
|
||||||
{
|
{
|
||||||
IN();
|
IN();
|
||||||
/* For testing, it can be very helpful to delay the start of the server process, for example to
|
/* For testing, it can be very helpful to delay the start of the server process, for example to
|
||||||
@ -131,7 +131,7 @@ int server(const struct cli_parsed *parsed)
|
|||||||
sigaction(SIGHUP, &sig, NULL);
|
sigaction(SIGHUP, &sig, NULL);
|
||||||
sigaction(SIGINT, &sig, NULL);
|
sigaction(SIGINT, &sig, NULL);
|
||||||
|
|
||||||
overlayServerMode(parsed);
|
overlayServerMode();
|
||||||
|
|
||||||
RETURN(0);
|
RETURN(0);
|
||||||
OUT();
|
OUT();
|
||||||
|
Loading…
Reference in New Issue
Block a user