[Git][NTPsec/ntpsec][master] 4 commits: Remove close-all after fork, fixes #711
Hal Murray (@hal.murray)
gitlab at mg.gitlab.com
Wed Nov 17 06:51:16 UTC 2021
Hal Murray pushed to branch master at NTPsec / ntpsec
Commits:
78257a47 by Hal Murray at 2021-10-29T21:21:34-07:00
Remove close-all after fork, fixes #711
- - - - -
3290b068 by Hal Murray at 2021-10-29T21:21:34-07:00
Fix wscript to work with OpenSSL 3.0.0 on NetBSD and FreeBSD
- - - - -
71c34527 by Hal Murray at 2021-10-29T21:21:34-07:00
Cleanup startup logging
- - - - -
fa3d3486 by Hal Murray at 2021-11-16T22:47:06-08:00
Fixes for some NULL warnings uncovered by -fanalyze
2 were potential bugs (not checking malloc)
2 are false positives -- it can't tell a list isn't empty
- - - - -
6 changed files:
- libntp/authkeys.c
- ntpd/ntp_monitor.c
- ntpd/ntp_scanner.c
- ntpd/ntpd.c
- ntpd/refclock_trimble.c
- wscript
Changes:
=====================================
libntp/authkeys.c
=====================================
@@ -283,6 +283,17 @@ alloc_auth_info(
auth_moremem(-1);
}
UNLINK_HEAD_SLIST(auth, authfreekeys, llink.f);
+ if (1) {
+ /* FIXME -fanalyze
+ * Hack to keep compiler -fanalyze happy
+ * If mru_entries !=0, the list is not empty
+ * and TAIL_DLIST will return a valid pointer
+ */
+ if (NULL == auth) {
+ msyslog(LOG_ERR, "AUTH: Bug in alloc_auth_info");
+ exit(3);
+ }
+ }
//ENSURE(sk != NULL);
auth->keyid = keyid;
auth->type = type;
=====================================
ntpd/ntp_monitor.c
=====================================
@@ -292,6 +292,17 @@ int mon_get_oldest_age(l_fp now)
if (mon_data.mru_entries == 0)
return 0;
oldest = TAIL_DLIST(mon_data.mon_mru_list, mru);
+ if (1) {
+ /* FIXME -fanalyze
+ * Hack to keep compiler -fanalyze happy
+ * If mru_entries !=0, the list is not empty
+ * and TAIL_DLIST will return a valid pointer
+ */
+ if (NULL == oldest) {
+ msyslog(LOG_ERR, "MON: Bug in mon_get_oldest_age");
+ exit(3);
+ }
+ }
now -= oldest->last;
/* add one-half second to round up */
now += 0x80000000;
=====================================
ntpd/ntp_scanner.c
=====================================
@@ -421,6 +421,10 @@ bool lex_push_file(
if ((dfd = opendir(fullpath)) == NULL)
return false;
baselist = (char **)malloc(sizeof(char *));
+ if (NULL == baselist) {
+ msyslog(LOG_ERR, "CONFIG: lex_push_file: NULL from malloc");
+ exit(3);
+ }
while ((dp = readdir(dfd)) != NULL)
{
if (!CONF_ENABLE(dp->d_name)) {
=====================================
ntpd/ntpd.c
=====================================
@@ -101,8 +101,6 @@ static char ** saved_argv;
static void mainloop (void)
__attribute__ ((__noreturn__));
static void set_process_priority (void);
-static void close_all_beyond(int);
-static void close_all_except(int);
#define ALL_OPTIONS "46abc:dD:f:gGhi:I:k:l:LmnNp:P:qr:Rs:t:u:U:Vw:xzZ"
@@ -504,11 +502,19 @@ main(
# endif
init_logging(progname, NLOG_SYNCMASK, true);
+
+ if (!dumpopts) {
+ /* log to syslog before setting up log file */
+ announce_starting();
+ }
+
/* honor -l/--logfile option to log to a file */
if (logfilename != NULL) {
syslogit = false;
termlogit = false;
change_logfile(logfilename, false);
+ /* Repeat critical info in logfile. Helps debugging. */
+ announce_starting();
} else {
if (nofork)
termlogit = true;
@@ -516,9 +522,6 @@ main(
syslogit = false;
}
- if (!dumpopts)
- announce_starting();
-
uid = getuid();
if (uid && !dumpopts) {
termlogit = true;
@@ -569,18 +572,14 @@ main(
/*
* child/daemon
- * close all open files excepting waitsync_fd_to_close.
- * msyslog() unreliable until after init_logging().
*/
termlogit = false; /* do not use stderr after fork */
- closelog();
- close_all_except(waitsync_fd_to_close);
- INSIST(0 == open("/dev/null", 0) && 1 == dup2(0, 1) \
- && 2 == dup2(0, 2));
-
- init_logging(progname, 0, true);
- /* we lost our logfile (if any) daemonizing */
- setup_logfile(logfilename);
+ fclose(stdin);
+ fclose(stdout);
+ fclose(stderr);
+ INSIST(STDIN_FILENO == open("/dev/null", 0) \
+ && STDOUT_FILENO == dup2(0, 1) \
+ && STDERR_FILENO == dup2(0, 2));
if (setsid() == (pid_t)-1)
msyslog(LOG_ERR, "INIT: setsid(): %s", strerror(errno));
@@ -885,6 +884,18 @@ main(
/* unreachable, mainloop() never returns */
}
+
+/* This goes to syslog.
+ * And again to a log file if you are using one.
+ *
+ * The first copy also goes to stderr.
+ * systemd adds that to syslog.
+ *
+ * Switching log files also logs a message before switching.
+ *
+ * If using a log file, there should be enough info in syslog
+ * to debug things with minimal extra clutter.
+ */
void announce_starting() {
char buf[1024]; /* Secret knowledge of msyslog buf length */
char *cp = buf;
@@ -1201,60 +1212,3 @@ no_debug(
}
# endif /* !DEBUG */
-/*
- * close_all_except()
- *
- * Close all file descriptors except the given keep_fd.
- */
-static void
-close_all_except(
- int keep_fd
- )
-{
- int fd;
-
- for (fd = 0; fd < keep_fd; fd++) {
- close(fd);
- }
-
- close_all_beyond(keep_fd);
-}
-
-
-/*
- * close_all_beyond()
- *
- * Close all file descriptors after the given keep_fd, which is the
- * highest fd to keep open. See
- *
- * http://stackoverflow.com/questions/899038/getting-the-highest-allocated-file-descriptor
- */
-static void
-close_all_beyond(
- int keep_fd
- )
-{
-# ifdef HAVE_CLOSEFROM
- closefrom(keep_fd + 1);
-# elif defined(F_CLOSEM)
- /*
- * From 'Writing Reliable AIX Daemons,' SG24-4946-00,
- * by Eric Agar (saves us from doing 32767 system
- * calls)
- */
- if (fcntl(keep_fd + 1, F_CLOSEM, 0) == -1)
- msyslog(LOG_ERR, "INIT: F_CLOSEM(%d): %s", keep_fd + 1, strerror(errno));
-# else /* !HAVE_CLOSEFROM && !F_CLOSEM follows */
- int fd;
- int max_fd;
-
- /* includes POSIX case */
- max_fd = sysconf(_SC_OPEN_MAX);
- if (10000 < max_fd)
- msyslog(LOG_ERR, "INIT: close_all_beyond: closing %d files", max_fd);
- for (fd = keep_fd + 1; fd < max_fd; fd++) {
- close(fd);
- }
-# endif /* !HAVE_CLOSEFROM && !F_CLOSEM */
-}
-
=====================================
ntpd/refclock_trimble.c
=====================================
@@ -269,6 +269,11 @@ init_thunderbolt (
tx.size = 0;
tx.data = (uint8_t *) malloc(100);
+ if (NULL == tx.data) {
+ msyslog(LOG_ERR, "REFCLOCK: init_thunderbolt malloc failed");
+ exit(3);
+ }
+
/* set UTC time */
sendsupercmd (&tx, 0x8E, 0xA2);
sendbyte (&tx, 0x3);
=====================================
wscript
=====================================
@@ -509,10 +509,18 @@ int main(int argc, char **argv) {
if ctx.env.DEST_OS in ["freebsd"]:
ctx.env.INCLUDES = ["/usr/local/include"]
ctx.env.LIBPATH = ["/usr/local/lib"]
+ if os.path.isdir("/usr/local/ssl/"):
+ # This assumes OpenSSL is the only thing that was in /usr/local/
+ ctx.env.INCLUDES = ["/usr/local/ssl/include"]
+ ctx.env.LIBPATH = ["/usr/local/ssl/lib"]
elif ctx.env.DEST_OS == "netbsd" and os.path.isdir("/usr/pkg/include"):
ctx.env.INCLUDES = ["/usr/pkg/include"]
ctx.env.LIBPATH = ["/usr/pkg/lib"]
ctx.env.LDFLAGS += ["-rpath=/usr/pkg/lib"]
+ if os.path.isdir("/usr/local/ssl/"):
+ # This assumes OpenSSL is the only thing that was in /usr/pkg/
+ ctx.env.INCLUDES = ["/usr/local/ssl/include"]
+ ctx.env.LIBPATH = ["/usr/local/ssl/lib"]
elif ctx.env.DEST_OS == "linux" and os.path.isdir("/usr/local/ssl/"):
# This supports building OpenSSL from source
# That allows using OpenSSL 1.1.1 on older CentOS
@@ -628,7 +636,6 @@ int main(int argc, char **argv) {
('_Unwind_Backtrace', ["unwind.h"]),
('adjtimex', ["sys/time.h", "sys/timex.h"]),
('backtrace_symbols_fd', ["execinfo.h"]),
- ('closefrom', ["stdlib.h"]),
('ntp_adjtime', ["sys/time.h", "sys/timex.h"]), # BSD
('ntp_gettime', ["sys/time.h", "sys/timex.h"]), # BSD
('res_init', ["netinet/in.h", "arpa/nameser.h", "resolv.h"]),
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/compare/db531373e81c68198ca6170f1e54ea966c0ce2ab...fa3d34860dc4633a174f24f0d185edc4e8356f6f
--
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/compare/db531373e81c68198ca6170f1e54ea966c0ce2ab...fa3d34860dc4633a174f24f0d185edc4e8356f6f
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20211117/3de5f32f/attachment-0001.htm>
More information about the vc
mailing list