commit 1d9e43b0ca10bcb024cf1335f2a1e95647a50e9c from: Stefan Sperling date: Thu Oct 13 09:23:36 2022 UTC move code which forks child processes into a subroutine, reducing copy-pasta commit - 8e359fa0dccf91ec3b06edc1ea17404f42a62862 commit + 1d9e43b0ca10bcb024cf1335f2a1e95647a50e9c blob - 306778c910ea41abc42a6c935b33661ebea9403f blob + 135e7ee1cfac145ac32e4f2556498a2a472f3cbd --- lib/object_open_privsep.c +++ lib/object_open_privsep.c @@ -316,12 +316,33 @@ request_raw_object(uint8_t **outbuf, off_t *size, size } static const struct got_error * -start_read_object_child(struct got_repository *repo) +start_child(struct got_repository *repo, int type) { const struct got_error *err = NULL; int imsg_fds[2]; pid_t pid; struct imsgbuf *ibuf; + const char *prog_path; + + switch (type) { + case GOT_REPO_PRIVSEP_CHILD_OBJECT: + prog_path = GOT_PATH_PROG_READ_OBJECT; + break; + case GOT_REPO_PRIVSEP_CHILD_TREE: + prog_path = GOT_PATH_PROG_READ_TREE; + break; + case GOT_REPO_PRIVSEP_CHILD_COMMIT: + prog_path = GOT_PATH_PROG_READ_COMMIT; + break; + case GOT_REPO_PRIVSEP_CHILD_BLOB: + prog_path = GOT_PATH_PROG_READ_BLOB; + break; + case GOT_REPO_PRIVSEP_CHILD_TAG: + prog_path = GOT_PATH_PROG_READ_TAG; + break; + default: + return got_error(GOT_ERR_OBJ_TYPE); + } ibuf = calloc(1, sizeof(*ibuf)); if (ibuf == NULL) @@ -340,8 +361,7 @@ start_read_object_child(struct got_repository *repo) return err; } else if (pid == 0) { - got_privsep_exec_child(imsg_fds, GOT_PATH_PROG_READ_OBJECT, - repo->path); + got_privsep_exec_child(imsg_fds, prog_path, repo->path); /* not reached */ } @@ -351,11 +371,10 @@ start_read_object_child(struct got_repository *repo) return err; } - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_OBJECT].imsg_fd = - imsg_fds[0]; - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_OBJECT].pid = pid; + repo->privsep_children[type].imsg_fd = imsg_fds[0]; + repo->privsep_children[type].pid = pid; imsg_init(ibuf, imsg_fds[0]); - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_OBJECT].ibuf = ibuf; + repo->privsep_children[type].ibuf = ibuf; return NULL; } @@ -369,11 +388,9 @@ got_object_read_header_privsep(struct got_object **obj if (repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_OBJECT].imsg_fd != -1) return request_object(obj, id, repo, obj_fd); - err = start_read_object_child(repo); - if (err) { - close(obj_fd); + err = start_child(repo, GOT_REPO_PRIVSEP_CHILD_OBJECT); + if (err) return err; - } return request_object(obj, id, repo, obj_fd); } @@ -389,7 +406,7 @@ read_object_raw_privsep(uint8_t **outbuf, off_t *size, return request_raw_object(outbuf, size, hdrlen, outfd, id, repo, obj_fd); - err = start_read_object_child(repo); + err = start_child(repo, GOT_REPO_PRIVSEP_CHILD_OBJECT); if (err) return err; @@ -610,46 +627,14 @@ read_commit_privsep(struct got_commit_object **commit, struct got_object_id *id, struct got_repository *repo) { const struct got_error *err; - int imsg_fds[2]; - pid_t pid; - struct imsgbuf *ibuf; if (repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_COMMIT].imsg_fd != -1) return request_commit(commit, repo, obj_fd, id); - ibuf = calloc(1, sizeof(*ibuf)); - if (ibuf == NULL) - return got_error_from_errno("calloc"); - - if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, imsg_fds) == -1) { - err = got_error_from_errno("socketpair"); - free(ibuf); + err = start_child(repo, GOT_REPO_PRIVSEP_CHILD_COMMIT); + if (err) return err; - } - pid = fork(); - if (pid == -1) { - err = got_error_from_errno("fork"); - free(ibuf); - return err; - } - else if (pid == 0) { - got_privsep_exec_child(imsg_fds, GOT_PATH_PROG_READ_COMMIT, - repo->path); - /* not reached */ - } - - if (close(imsg_fds[1]) == -1) { - err = got_error_from_errno("close"); - free(ibuf); - return err; - } - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_COMMIT].imsg_fd = - imsg_fds[0]; - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_COMMIT].pid = pid; - imsg_init(ibuf, imsg_fds[0]); - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_COMMIT].ibuf = ibuf; - return request_commit(commit, repo, obj_fd, id); } @@ -779,46 +764,14 @@ read_tree_privsep(struct got_tree_object **tree, int o struct got_object_id *id, struct got_repository *repo) { const struct got_error *err; - int imsg_fds[2]; - pid_t pid; - struct imsgbuf *ibuf; if (repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_TREE].imsg_fd != -1) return request_tree(tree, repo, obj_fd, id); - ibuf = calloc(1, sizeof(*ibuf)); - if (ibuf == NULL) - return got_error_from_errno("calloc"); - - if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, imsg_fds) == -1) { - err = got_error_from_errno("socketpair"); - free(ibuf); - return err; - } - - pid = fork(); - if (pid == -1) { - err = got_error_from_errno("fork"); - free(ibuf); - return err; - } else if (pid == 0) { - got_privsep_exec_child(imsg_fds, GOT_PATH_PROG_READ_TREE, - repo->path); - /* not reached */ - } - - if (close(imsg_fds[1]) == -1) { - err = got_error_from_errno("close"); - free(ibuf); + err = start_child(repo, GOT_REPO_PRIVSEP_CHILD_TREE); + if (err) return err; - } - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_TREE].imsg_fd = - imsg_fds[0]; - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_TREE].pid = pid; - imsg_init(ibuf, imsg_fds[0]); - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_TREE].ibuf = ibuf; - return request_tree(tree, repo, obj_fd, id); } @@ -985,8 +938,6 @@ read_blob_privsep(uint8_t **outbuf, size_t *size, size int outfd, int infd, struct got_object_id *id, struct got_repository *repo) { const struct got_error *err; - int imsg_fds[2]; - pid_t pid; struct imsgbuf *ibuf; if (repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_BLOB].imsg_fd != -1) { @@ -995,39 +946,11 @@ read_blob_privsep(uint8_t **outbuf, size_t *size, size ibuf); } - ibuf = calloc(1, sizeof(*ibuf)); - if (ibuf == NULL) - return got_error_from_errno("calloc"); - - if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, imsg_fds) == -1) { - err = got_error_from_errno("socketpair"); - free(ibuf); + err = start_child(repo, GOT_REPO_PRIVSEP_CHILD_BLOB); + if (err) return err; - } - pid = fork(); - if (pid == -1) { - err = got_error_from_errno("fork"); - free(ibuf); - return err; - } - else if (pid == 0) { - got_privsep_exec_child(imsg_fds, GOT_PATH_PROG_READ_BLOB, - repo->path); - /* not reached */ - } - - if (close(imsg_fds[1]) == -1) { - err = got_error_from_errno("close"); - free(ibuf); - return err; - } - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_BLOB].imsg_fd = - imsg_fds[0]; - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_BLOB].pid = pid; - imsg_init(ibuf, imsg_fds[0]); - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_BLOB].ibuf = ibuf; - + ibuf = repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_BLOB].ibuf; return request_blob(outbuf, size, hdrlen, outfd, infd, id, ibuf); } @@ -1214,46 +1137,14 @@ read_tag_privsep(struct got_tag_object **tag, int obj_ struct got_object_id *id, struct got_repository *repo) { const struct got_error *err; - int imsg_fds[2]; - pid_t pid; - struct imsgbuf *ibuf; if (repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_TAG].imsg_fd != -1) return request_tag(tag, repo, obj_fd, id); - ibuf = calloc(1, sizeof(*ibuf)); - if (ibuf == NULL) - return got_error_from_errno("calloc"); - - if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, imsg_fds) == -1) { - err = got_error_from_errno("socketpair"); - free(ibuf); - return err; - } - - pid = fork(); - if (pid == -1) { - err = got_error_from_errno("fork"); - free(ibuf); + err = start_child(repo, GOT_REPO_PRIVSEP_CHILD_TAG); + if (err) return err; - } - else if (pid == 0) { - got_privsep_exec_child(imsg_fds, GOT_PATH_PROG_READ_TAG, - repo->path); - /* not reached */ - } - if (close(imsg_fds[1]) == -1) { - err = got_error_from_errno("close"); - free(ibuf); - return err; - } - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_TAG].imsg_fd = - imsg_fds[0]; - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_TAG].pid = pid; - imsg_init(ibuf, imsg_fds[0]); - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_TAG].ibuf = ibuf; - return request_tag(tag, repo, obj_fd, id); }