[tor-commits] [obfs4/master] Clean up/refactor the shutdown/termination handling code.
yawning at torproject.org
yawning at torproject.org
Sat Mar 28 02:52:16 UTC 2015
commit 657c8e4f02ad6c6c3cc97256b7529fe5514c0945
Author: Yawning Angel <yawning at torproject.org>
Date: Sat Mar 28 02:49:07 2015 +0000
Clean up/refactor the shutdown/termination handling code.
This combines the old signal processing code with the parent monitor,
into a new termination monitor structure, which also now handles keeping
track of outstanding sessions.
---
obfs4proxy/obfs4proxy.go | 72 +++++++---------------
obfs4proxy/parentMonitor.go | 88 ---------------------------
obfs4proxy/parentMonitor_linux.go | 49 ---------------
obfs4proxy/termmon.go | 119 +++++++++++++++++++++++++++++++++++++
obfs4proxy/termmon_linux.go | 49 +++++++++++++++
5 files changed, 189 insertions(+), 188 deletions(-)
diff --git a/obfs4proxy/obfs4proxy.go b/obfs4proxy/obfs4proxy.go
index b27d75d..9b452ac 100644
--- a/obfs4proxy/obfs4proxy.go
+++ b/obfs4proxy/obfs4proxy.go
@@ -38,7 +38,6 @@ import (
"net"
"net/url"
"os"
- "os/signal"
"path"
"sync"
"syscall"
@@ -60,7 +59,7 @@ const (
var enableLogging bool
var unsafeLogging bool
var stateDir string
-var handlerChan chan int
+var termMon *termMonitor
// DialFn is a function pointer to a function that matches the net.Dialer.Dial
// interface.
@@ -176,10 +175,8 @@ func clientAcceptLoop(f base.ClientFactory, ln *pt.SocksListener, proxyURI *url.
func clientHandler(f base.ClientFactory, conn *pt.SocksConn, proxyURI *url.URL) {
defer conn.Close()
- handlerChan <- 1
- defer func() {
- handlerChan <- -1
- }()
+ termMon.onHandlerStart()
+ defer termMon.onHandlerFinish()
name := f.Transport().Name()
addrStr := elideAddr(conn.Req.Target)
@@ -298,10 +295,8 @@ func serverAcceptLoop(f base.ServerFactory, ln net.Listener, info *pt.ServerInfo
func serverHandler(f base.ServerFactory, conn net.Conn, info *pt.ServerInfo) {
defer conn.Close()
- handlerChan <- 1
- defer func() {
- handlerChan <- -1
- }()
+ termMon.onHandlerStart()
+ defer termMon.onHandlerFinish()
name := f.Transport().Name()
addrStr := elideAddr(conn.RemoteAddr().String())
@@ -386,8 +381,8 @@ func getVersion() string {
}
func main() {
- // Initialize parent process monitoring as early as possible.
- pmonErr := initParentMonitor()
+ // Initialize the termination state monitor as soon as possible.
+ termMon = newTermMonitor()
// Handle the command line arguments.
_, execName := path.Split(os.Args[0])
@@ -405,10 +400,8 @@ func main() {
log.Fatalf("[ERROR]: failed to set log level: %s", err)
}
- // Determine if this is a client or server, initialize logging, and finish
- // the pt configuration.
+ // Determine if this is a client or server, initialize the common state.
var ptListeners []net.Listener
- handlerChan = make(chan int)
launched := false
isClient, err := ptIsClient()
if err != nil {
@@ -419,12 +412,10 @@ func main() {
}
if err = ptInitializeLogging(enableLogging); err != nil {
log.Fatalf("[ERROR]: %s - failed to initialize logging", execName)
- } else {
- noticef("%s - launched", getVersion())
- if pmonErr != nil {
- warnf("%s - failed to initialize parent monitor: %s", execName, pmonErr)
- }
}
+ noticef("%s - launched", getVersion())
+
+ // Do the managed pluggable transport protocol configuration.
if isClient {
infof("%s - initializing client transport listeners", execName)
launched, ptListeners = clientSetup()
@@ -444,39 +435,18 @@ func main() {
}()
// At this point, the pt config protocol is finished, and incoming
- // connections will be processed. Per the pt spec, on sane platforms
- // termination is signaled via SIGINT (or SIGTERM), so wait on tor to
- // request a shutdown of some sort.
-
- sigChan := make(chan os.Signal, 1)
- signal.Notify(sigChan, syscall.SIGINT, syscall.SIGTERM)
-
- // Wait for the first SIGINT (close listeners).
- var sig os.Signal
- numHandlers := 0
- for sig == nil {
- select {
- case n := <-handlerChan:
- numHandlers += n
- case sig = <-sigChan:
- if sig == syscall.SIGTERM {
- // SIGTERM causes immediate termination.
- return
- }
- }
+ // connections will be processed. Wait till the parent dies
+ // (immediate exit), a SIGTERM is received (immediate exit),
+ // or a SIGINT is received.
+ if sig := termMon.wait(false); sig == syscall.SIGTERM {
+ return
}
+
+ // Ok, it was the first SIGINT, close all listeners, and wait till,
+ // the parent dies, all the current connections are closed, or either
+ // a SIGINT/SIGTERM is received, and exit.
for _, ln := range ptListeners {
ln.Close()
}
-
- // Wait for the 2nd SIGINT (or a SIGTERM), or for all current sessions to
- // finish.
- sig = nil
- for sig == nil && numHandlers != 0 {
- select {
- case n := <-handlerChan:
- numHandlers += n
- case sig = <-sigChan:
- }
- }
+ termMon.wait(true)
}
diff --git a/obfs4proxy/parentMonitor.go b/obfs4proxy/parentMonitor.go
deleted file mode 100644
index e2f078d..0000000
--- a/obfs4proxy/parentMonitor.go
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * Copyright (c) 2015, Yawning Angel <yawning at torproject dot org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- *
- * * Redistributions in binary form must reproduce the above copyright notice,
- * this list of conditions and the following disclaimer in the documentation
- * and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-package main
-
-import (
- "fmt"
- "os"
- "runtime"
- "syscall"
- "time"
-)
-
-var parentMonitorOSInit func() error
-
-func initParentMonitor() error {
- // Until #15435 is implemented, there is no reliable way to see if
- // the parent has died that is portable/platform independent/reliable.
- //
- // Do the next best thing and use various kludges and hacks:
- // * Linux - Platform specific code that should always work.
- // * Other U*IX - Somewhat generic code, that works unless the parent
- // dies before the monitor is initialized.
- // * Windows - Log an error, can't be bothered to figure out how
- // to handle this there.
- if parentMonitorOSInit != nil {
- return parentMonitorOSInit()
- } else if runtime.GOOS != "windows" {
- ppid := os.Getppid()
- go parentMonitorPpidChange(ppid)
- return nil
- }
- return fmt.Errorf("unsupported on: %s", runtime.GOOS)
-}
-
-func parentMonitorPpidChange(ppid int) {
- // Under most if not all U*IX systems, the parent PID will change
- // to that of init once the parent dies. There are several notable
- // exceptions (Slowlaris/Android), but the parent PID changes
- // under those platforms as well.
- //
- // Naturally we lose if the parent has died by the time when the
- // Getppid() call was issued in our parent, but, this is better
- // than nothing.
-
- const ppidPollInterval = 1 * time.Second
- for ppid == os.Getppid() {
- time.Sleep(ppidPollInterval)
- }
-
- // If possible SIGTERM ourself so that the normal shutdown code
- // gets invoked. If any of that fails, exit anyway, we are a
- // defunt process.
- noticef("Parent pid changed: %d (was %d)", os.Getppid(), ppid)
- if p, err := os.FindProcess(os.Getpid()); err == nil {
- if err := p.Signal(syscall.SIGTERM); err == nil {
- return
- }
- warnf("Failed to SIGTERM ourself: %v", err)
- } else {
- warnf("Failed to find our own process: %v", err)
- }
- os.Exit(-1)
-}
diff --git a/obfs4proxy/parentMonitor_linux.go b/obfs4proxy/parentMonitor_linux.go
deleted file mode 100644
index 65fd307..0000000
--- a/obfs4proxy/parentMonitor_linux.go
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * Copyright (c) 2015, Yawning Angel <yawning at torproject dot org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- *
- * * Redistributions in binary form must reproduce the above copyright notice,
- * this list of conditions and the following disclaimer in the documentation
- * and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-package main
-
-import (
- "fmt"
- "syscall"
-)
-
-func parentMonitorInitLinux() error {
- // Use prctl() to have the kernel deliver a SIGTERM if the parent
- // process dies. This beats anything else that can be done before
- // #15435 is implemented.
- _, _, errno := syscall.Syscall(syscall.SYS_PRCTL, syscall.PR_SET_PDEATHSIG, uintptr(syscall.SIGTERM), 0)
- if errno != 0 {
- var err error = errno
- return fmt.Errorf("prctl(PR_SET_PDEATHSIG, SIGTERM) returned: %s", err)
- }
- return nil
-}
-
-func init() {
- parentMonitorOSInit = parentMonitorInitLinux
-}
diff --git a/obfs4proxy/termmon.go b/obfs4proxy/termmon.go
new file mode 100644
index 0000000..eac7e20
--- /dev/null
+++ b/obfs4proxy/termmon.go
@@ -0,0 +1,119 @@
+/*
+ * Copyright (c) 2015, Yawning Angel <yawning at torproject dot org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package main
+
+import (
+ "os"
+ "os/signal"
+ "runtime"
+ "syscall"
+ "time"
+)
+
+var termMonitorOSInit func(*termMonitor) error
+
+type termMonitor struct {
+ sigChan chan os.Signal
+ handlerChan chan int
+ numHandlers int
+}
+
+func (m *termMonitor) onHandlerStart() {
+ m.handlerChan <- 1
+}
+
+func (m *termMonitor) onHandlerFinish() {
+ m.handlerChan <- -1
+}
+
+func (m *termMonitor) wait(termOnNoHandlers bool) os.Signal {
+ // Block until a signal has been received, or (optionally) the
+ // number of pending handlers has hit 0. In the case of the
+ // latter, treat it as if a SIGTERM has been received.
+ for {
+ select {
+ case n := <-m.handlerChan:
+ m.numHandlers += n
+ case sig := <-m.sigChan:
+ return sig
+ }
+ if termOnNoHandlers && m.numHandlers == 0 {
+ return syscall.SIGTERM
+ }
+ }
+}
+
+func (m *termMonitor) termOnPPIDChange(ppid int) {
+ // Under most if not all U*IX systems, the parent PID will change
+ // to that of init once the parent dies. There are several notable
+ // exceptions (Slowlaris/Android), but the parent PID changes
+ // under those platforms as well.
+ //
+ // Naturally we lose if the parent has died by the time when the
+ // Getppid() call was issued in our parent, but, this is better
+ // than nothing.
+
+ const ppidPollInterval = 1 * time.Second
+ for ppid == os.Getppid() {
+ time.Sleep(ppidPollInterval)
+ }
+
+ // Treat the parent PID changing as the same as having received
+ // a SIGTERM.
+ noticef("Parent pid changed: %d (was %d)", os.Getppid(), ppid)
+ m.sigChan <- syscall.SIGTERM
+}
+
+func newTermMonitor() *termMonitor {
+ ppid := os.Getppid()
+ m := new(termMonitor)
+ m.sigChan = make(chan os.Signal)
+ m.handlerChan = make(chan int)
+ signal.Notify(m.sigChan, syscall.SIGINT, syscall.SIGTERM)
+
+ // Until #15435 is implemented, there is no reliable way to see if
+ // the parent has died that is portable/platform independent/reliable.
+ //
+ // Do the next best thing and use various kludges and hacks:
+ // * Linux - Platform specific code that should always work.
+ // * Other U*IX - Somewhat generic code, that works unless the parent
+ // dies before the monitor is initialized.
+ // * Windows - Don't specifically monitor for parent termination.
+ if termMonitorOSInit != nil {
+ // Errors here are non-fatal, since it might still be possible
+ // to fall back to a generic implementation.
+ if err := termMonitorOSInit(m); err == nil {
+ return m
+ }
+ }
+ if runtime.GOOS != "windows" {
+ go m.termOnPPIDChange(ppid)
+ }
+
+ return m
+}
diff --git a/obfs4proxy/termmon_linux.go b/obfs4proxy/termmon_linux.go
new file mode 100644
index 0000000..9711cfc
--- /dev/null
+++ b/obfs4proxy/termmon_linux.go
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2015, Yawning Angel <yawning at torproject dot org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package main
+
+import (
+ "fmt"
+ "syscall"
+)
+
+func termMonitorInitLinux(m *termMonitor) error {
+ // Use prctl() to have the kernel deliver a SIGTERM if the parent
+ // process dies. This beats anything else that can be done before
+ // #15435 is implemented.
+ _, _, errno := syscall.Syscall(syscall.SYS_PRCTL, syscall.PR_SET_PDEATHSIG, uintptr(syscall.SIGTERM), 0)
+ if errno != 0 {
+ var err error = errno
+ return fmt.Errorf("prctl(PR_SET_PDEATHSIG, SIGTERM) returned: %s", err)
+ }
+ return nil
+}
+
+func init() {
+ termMonitorOSInit = termMonitorInitLinux
+}
More information about the tor-commits
mailing list