[tor-commits] [obfs4/master] Attempt to detect if the parent crashed without killing obfs4proxy.
yawning at torproject.org
yawning at torproject.org
Thu Mar 26 06:33:46 UTC 2015
commit 4e4c9052f436b86729b853715086e9445c76e185
Author: Yawning Angel <yawning at torproject.org>
Date: Thu Mar 26 06:30:50 2015 +0000
Attempt to detect if the parent crashed without killing obfs4proxy.
The ideal solution here would be to implement #15435, but till then
use one of several kludges:
* Linux - prctl() so that the kernel SIGTERMs on parent exit.
* Other U*ix - Poll the parent process id once a second, and SIGTERM
ourself/exit if it changes. Former is better since all the normal
cleanup if any gets done.
* Windows - Log a warning.
---
ChangeLog | 1 +
obfs4proxy/obfs4proxy.go | 6 +++
obfs4proxy/parentMonitor.go | 88 +++++++++++++++++++++++++++++++++++++
obfs4proxy/parentMonitor_linux.go | 50 +++++++++++++++++++++
4 files changed, 145 insertions(+)
diff --git a/ChangeLog b/ChangeLog
index b012ef5..5e77d16 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,7 @@
Changes in version 0.0.5 - UNRELEASED:
- Go vet/fmt fixes, and misc. code cleanups. Patches by mvdan.
- Changed the go.net import path to the new location (golang.org/x/net).
+ - Added limited support for detecting if the parent process crashes.
Changes in version 0.0.4 - 2015-02-17
- Improve the runtime performance of the obfs4 handshake tests.
diff --git a/obfs4proxy/obfs4proxy.go b/obfs4proxy/obfs4proxy.go
index 53a0218..b27d75d 100644
--- a/obfs4proxy/obfs4proxy.go
+++ b/obfs4proxy/obfs4proxy.go
@@ -386,6 +386,9 @@ func getVersion() string {
}
func main() {
+ // Initialize parent process monitoring as early as possible.
+ pmonErr := initParentMonitor()
+
// Handle the command line arguments.
_, execName := path.Split(os.Args[0])
showVer := flag.Bool("version", false, "Print version and exit")
@@ -418,6 +421,9 @@ func main() {
log.Fatalf("[ERROR]: %s - failed to initialize logging", execName)
} else {
noticef("%s - launched", getVersion())
+ if pmonErr != nil {
+ warnf("%s - failed to initialize parent monitor: %s", execName, pmonErr)
+ }
}
if isClient {
infof("%s - initializing client transport listeners", execName)
diff --git a/obfs4proxy/parentMonitor.go b/obfs4proxy/parentMonitor.go
new file mode 100644
index 0000000..beeea50
--- /dev/null
+++ b/obfs4proxy/parentMonitor.go
@@ -0,0 +1,88 @@
+/*
+ * Copyright (c) 2015, Yawning Angel <yawning at torproject dot org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package main
+
+import (
+ "fmt"
+ "os"
+ "runtime"
+ "syscall"
+ "time"
+)
+
+var parentMonitorOSInit func() error
+
+func initParentMonitor() error {
+ // Until #15435 is implemented, there is no reliable way to see if
+ // the parent has died that is portable/platform independent/reliable.
+ //
+ // Do the next best thing and use various kludges and hacks:
+ // * Linux - Platform specific code that should always work.
+ // * Other U*IX - Somewhat generic code, that works unless the parent
+ // dies before the monitor is initialized.
+ // * Windows - Log an error, can't be bothered to figure out how
+ // to handle this there.
+ if parentMonitorOSInit != nil {
+ return parentMonitorOSInit()
+ } else if runtime.GOOS != "windows" {
+ ppid := os.Getppid()
+ go parentMonitorPpidChange(ppid)
+ return nil
+ }
+ return fmt.Errorf("unsupported on: %s", runtime.GOOS)
+}
+
+func parentMonitorPpidChange(ppid int) {
+ // Under most if not all U*IX systems, the parent PID will change
+ // to that of init once the parent dies. There are several notable
+ // exceptions (Slowlaris/Android), but the parent PID changes
+ // under those platforms as well.
+ //
+ // Naturally we lose if the parent has died by the when the
+ // Getppid() call was issued in our parent, but, this is better
+ // than nothing.
+
+ const ppidPollInterval = 1 * time.Second
+ for ppid == os.Getppid() {
+ time.Sleep(ppidPollInterval)
+ }
+
+ // If possible SIGTERM ourself so that the normal shutdown code
+ // gets invoked. If any of that fails, exit anyway, we are a
+ // defunt process.
+ noticef("Parent pid changed: %d (was %d)", os.Getppid(), ppid)
+ if p, err := os.FindProcess(os.Getpid()); err == nil {
+ if err := p.Signal(syscall.SIGTERM); err == nil {
+ return
+ }
+ warnf("Failed to SIGTERM ourself: %v", err)
+ } else {
+ warnf("Failed to find our own process: %v", err)
+ }
+ os.Exit(-1)
+}
diff --git a/obfs4proxy/parentMonitor_linux.go b/obfs4proxy/parentMonitor_linux.go
new file mode 100644
index 0000000..0fc967f
--- /dev/null
+++ b/obfs4proxy/parentMonitor_linux.go
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 2015, Yawning Angel <yawning at torproject dot org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package main
+
+import (
+ "fmt"
+ "syscall"
+)
+
+func parentMonitorInitLinux() error {
+ /* Use prctl() to have the kernel deliver a SIGTERM if the parent
+ * process dies. This beats anything else that can be done before
+ * #15435 is implemented.
+ */
+ _, _, errno := syscall.Syscall(syscall.SYS_PRCTL, syscall.PR_SET_PDEATHSIG, uintptr(syscall.SIGTERM), 0)
+ if errno != 0 {
+ var err error = errno
+ return fmt.Errorf("prctl(PR_SET_PDEATHSIG, SIGTERM) returned: %s", err)
+ }
+ return nil
+}
+
+func init() {
+ parentMonitorOSInit = parentMonitorInitLinux
+}
More information about the tor-commits
mailing list