X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=hippotat.git;a=blobdiff_plain;f=hippotatd;h=05c51bcb58a1c57a682221ad9f5873364a19e5d4;hp=525e4a1bcf810b1ca4edae5cdb413b8e0ea49f30;hb=dbf9b0e5479e842dfeb0ad4e552a0570ff4ea342;hpb=ec2c9312c36782c61b38e1c3bcdbe932685a9794 diff --git a/hippotatd b/hippotatd index 525e4a1..05c51bc 100755 --- a/hippotatd +++ b/hippotatd @@ -25,19 +25,19 @@ # the file AGPLv3+CAFv2. If not, email Ian Jackson # . - +#@ import sys; sys.path.append('@PYBUILD_INSTALL_DIR@') from hippotatlib import * import os import tempfile import atexit import shutil +import subprocess import twisted.internet from twisted.web.server import NOT_DONE_YET import twisted.web.static -import twisted.python.syslog import hippotatlib.ownsource from hippotatlib.ownsource import SourceShipmentPreparer @@ -64,7 +64,7 @@ def route(packet, iface, saddr, daddr): elif daddr == c.vaddr or daddr not in c.vnetwork: lt('inbound') queue_inbound(ipif, packet) - elif daddr == c.relay: + elif daddr == c.vrelay: lt('discard relay') log_discard(packet, iface, saddr, daddr, 'relay') else: @@ -104,7 +104,8 @@ class Client(): def _req_cancel(self, request): self._log(DBG.HTTP_CTRL, 'cancel', idof=request) - request.finish() + try: request.finish() + except Exception: pass def _req_error(self, err, request): self._log(DBG.HTTP_CTRL, 'error %s' % err, idof=request) @@ -125,7 +126,7 @@ class Client(): nf = request.notifyFinish() nf.addErrback(self._req_error, request) nf.addCallback(self._req_fin, request, cl) - self._rq.append(request) + self._rq.append((request,nf)) self._check_outbound() def _req_write(self, req, d): @@ -135,9 +136,9 @@ class Client(): def _check_outbound(self): log_debug(DBG.HTTP_CTRL, 'CHKO') while True: - try: request = self._rq[0] + try: (request,nf) = self._rq[0] except IndexError: request = None - if request and request.finished: + if request and nf.called: self._log(DBG.HTTP_CTRL, 'CHKO req finished, discard', idof=request) self._rq.popleft() continue @@ -165,7 +166,7 @@ class Client(): # round again, looking for more to do while len(self._rq) > self.cc.target_requests_outstanding: - request = self._rq.popleft() + (request, nf) = self._rq.popleft() self._log(DBG.HTTP, 'CHKO above target, returning empty', idof=request) request.finish() @@ -173,7 +174,7 @@ def process_request(request, desca): # find client, update config, etc. metadata = request.args[b'm'][0] metadata = metadata.split(b'\r\n') - (ci_s, pw, tro, cto) = metadata[0:4] + (ci_s, token, tro, cto) = metadata[0:4] desca['m[0,2:3]'] = [ci_s, tro, cto] ci_s = ci_s.decode('utf-8') tro = int(tro); desca['tro']= tro @@ -181,7 +182,7 @@ def process_request(request, desca): ci = ipaddr(ci_s) desca['ci'] = ci cl = clients[ci] - if pw != cl.cc.password: raise ValueError('bad password') + authtoken_check(cl.cc.secret, token, cl.cc.max_clock_skew) desca['pwok']=True if tro != cl.cc.target_requests_outstanding: @@ -217,7 +218,7 @@ class NotStupidResource(twisted.web.resource.Resource): # why this is not the default is a mystery! def getChild(self, name, request): if name == b'': return self - else: return twisted.web.resource.Resource.getChild(name, request) + else: return twisted.web.resource.Resource.getChild(self, name, request) class IphttpResource(NotStupidResource): def render_POST(self, request): @@ -296,9 +297,10 @@ def process_cfg(_opts, putative_servers, putative_clients): global c c = ConfigResults() - c.server = cfg.get('SERVER','server') + try: c.server = cfg1get('SERVER','server') + except NoOptionError: c.server = 'SERVER' - cfg_process_common(c, c.server) + cfg_process_general(c, c.server) cfg_process_saddrs(c, c.server) cfg_process_vnetwork(c, c.server) cfg_process_vaddr(c, c.server) @@ -309,22 +311,32 @@ def process_cfg(_opts, putative_servers, putative_clients): if not sections: continue cfg_process_client_limited(cc,c.server,sections, 'max_batch_down') cfg_process_client_limited(cc,c.server,sections, 'max_queue_time') + cc.max_clock_skew = cfg_search(cfg.getint, 'max_clock_skew', sections) Client(ci, cc) try: - c.vrelay = cfg.get(c.server, 'vrelay') + c.vrelay = cfg1get(c.server, 'vrelay') except NoOptionError: for search in c.vnetwork.hosts(): if search == c.vaddr: continue c.vrelay = search break + try: c.ifname = cfg1get(c.server, 'ifname_server', raw=True) + except NoOptionError: pass + cfg_process_ipif(c, - [c.server, 'DEFAULT'], + [c.server, 'COMMON'], (('local','vaddr'), ('peer', 'vrelay'), ('rnets','vnetwork'))) + if opts.printconfig is not None: + try: val = cfg1get(c.server, opts.printconfig) + except NoOptionError: pass + else: print(val) + sys.exit(0) + def catch_termination(): def run_cleanups(): for cleanup in cleanups: @@ -340,7 +352,9 @@ def catch_termination(): raise RuntimeError('did not die due to signal %s !' % name) for sig in (signal.SIGINT, signal.SIGTERM): - signal.signal(sig, partial(signal_handler, sig.name)) + try: signame = sig.name + except AttributeError: signame = "signal %d" % sig + signal.signal(sig, partial(signal_handler, signame)) def daemonise(): global syslogfacility @@ -353,6 +367,7 @@ def daemonise(): facility=facilnum, logoption=syslog.LOG_PID) def emit(event): + if logevent_is_boringtwisted(event): return m = twisted.logger.formatEvent(event) #print(repr(event), m, file=org_stderr) level = event.get('log_level') @@ -362,10 +377,65 @@ def daemonise(): elif level == LogLevel.warn : sl = syslog.LOG_WARNING else : sl = syslog.LOG_INFO syslog.syslog(sl,m) + failure = event.get('log_failure') + if failure is not None: + for l in failure.getTraceback().split('\n'): + syslog.syslog(sl,l) glp = twisted.logger.globalLogPublisher glp.addObserver(emit) log_debug(DBG.INIT, 'starting to log to syslog') + #log.crit('daemonic hippotatd crashed', dflag=False) + if opts.daemon: + daemonic_reactor = (twisted.internet.interfaces.IReactorDaemonize + .providedBy(reactor)) + if daemonic_reactor: reactor.beforeDaemonize() + if opts.pidfile is not None: + pidfile_h = open(opts.pidfile, 'w') + rfd, wfd = os.pipe() + childpid = os.fork() + if childpid: + # we are the parent + os.close(wfd) + st = os.read(rfd, 1) + try: + st = st[0] + except IndexError: + st = 127 + log.critical('daemonic hippotatd crashed', dflag=False) + os._exit(st) + os.close(rfd) + os.setsid() + grandchildpid = os.fork() + if grandchildpid: + # we are the intermediate child + if opts.pidfile is not None: + print(grandchildpid, file=pidfile_h) + pidfile_h.close() + os._exit(0) + + if opts.pidfile is not None: + pidfile_h.close() + + logger = subprocess.Popen(['logger','-d', + '-t','hippotat[%d](stderr)' % os.getpid(), + '-p',opts.syslogfacility + '.err'], + stdin=subprocess.PIPE, + stdout=subprocess.DEVNULL, + stderr=subprocess.DEVNULL, + restore_signals=True) + + nullfd = os.open('/dev/null', os.O_RDWR) + os.dup2(nullfd, 0) + os.dup2(nullfd, 1) + os.dup2(logger.stdin.fileno(), 2) + os.close(nullfd) + if daemonic_reactor: reactor.afterDaemonize() + log_debug(DBG.INIT, 'daemonised') + os.write(wfd, b'\0') + os.close(wfd) + + if opts.syslogfacility is not None: glp.removeObserver(hippotatlib.file_log_observer) optparser.add_option('--ownsource', default=2, @@ -380,15 +450,30 @@ optparser.add_option('--no-ownsource', action='store_const', dest='ownsource', const=0, help='source download disabled (for testing only)') +optparser.add_option('--daemon', + action='store_true', dest='daemon', default=False, + help='daemonize (and log to syslog)') + +optparser.add_option('--pidfile', + nargs=1, type='string', + action='store', dest='pidfile', default=None, + help='write pid to this file') + optparser.add_option('--syslog-facility', nargs=1, type='string',action='store', metavar='FACILITY', dest='syslogfacility', default=None, help='log to syslog, with specified facility') +optparser.add_option('--print-config', + nargs=1, type='string',action='store', + metavar='OPTION', dest='printconfig', + default=None, + help='print one config option value and exit') + common_startup(process_cfg) catch_termination() -ipif = start_ipif(c.ipif_command, (lambda p,s,d: route(p,"[ipif]",s,d))) start_http() daemonise() +ipif = start_ipif(c.ipif_command, (lambda p,s,d: route(p,"[ipif]",s,d))) common_run()