diff --git a/doc/taler-exchange-httpd.1 b/doc/taler-exchange-httpd.1 index 959f1ec76..2f0c37f6a 100644 --- a/doc/taler-exchange-httpd.1 +++ b/doc/taler-exchange-httpd.1 @@ -32,6 +32,17 @@ This option is only available if the exchange was compiled with the configure op .IP \"-t SECONDS, \-\-timeout=SECONDS" Specifies the number of SECONDS after which the HTTPD should close (idle) HTTP connections. +.SH SIGNALS +.B +.IP SIGUSR1 +Sending a SIGUSR1 to the process will cause it to reload denomination and signing keys. +.B +.IP SIGTERM +Sending a SIGTERM to the process will cause it to shutdown cleanly. +.B +.IP SIGHUP +Sending a SIGHUP to the process will cause it to re-execute the taler\-exchange\-httpd binary in the PATH, passing it the existing listen socket. Then the old server process will automatically exit after it is done handling existing client connections; the new server process will accept and handle new client connections. + .SH BUGS Report bugs by using Mantis or by sending electronic mail to diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 5f9f51422..45935f172 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -742,6 +742,9 @@ main (int argc, GNUNET_GETOPT_OPTION_END }; int ret; + const char *listen_pid; + const char *listen_fds; + int fh = -1; GNUNET_assert (GNUNET_OK == GNUNET_log_setup ("taler-exchange-httpd", @@ -755,7 +758,8 @@ main (int argc, if (NULL == cfgfile) cfgfile = GNUNET_strdup (GNUNET_OS_project_data_get ()->user_config_file); cfg = GNUNET_CONFIGURATION_create (); - if (GNUNET_SYSERR == GNUNET_CONFIGURATION_load (cfg, cfgfile)) + if (GNUNET_SYSERR == + GNUNET_CONFIGURATION_load (cfg, cfgfile)) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, _("Malformed configuration file `%s', exit ...\n"), @@ -768,11 +772,34 @@ main (int argc, exchange_serve_process_config ()) return 1; - if (NULL != serve_unixpath) + /* check for systemd-style FD passing */ + listen_pid = getenv ("LISTEN_PID"); + listen_fds = getenv ("LISTEN_FDS"); + if ( (NULL != listen_pid) && + (NULL != listen_fds) && + (getpid() == strtol (listen_pid, NULL, 10)) && + (1 == strtoul (listen_fds, NULL, 10)) /* we support only 1 socket */) + { + int flags; + + fh = 3; + flags = fcntl (fh, F_GETFD); + if ( (-1 == flags) && (EBADF == errno) ) + { + fprintf (stderr, + "Bad listen socket passed, ignored\n"); + fh = -1; + } + flags |= FD_CLOEXEC; + fcntl (fh, F_SETFD, flags); + } + + /* consider unix path */ + if ( (-1 == fh) && + (NULL != serve_unixpath) ) { struct GNUNET_NETWORK_Handle *nh; struct sockaddr_un *un; - int fh; if (sizeof (un->sun_path) <= strlen (serve_unixpath)) { @@ -782,9 +809,11 @@ main (int argc, GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Creating listen socket '%s' with mode %o\n", - serve_unixpath, unixpath_mode); + serve_unixpath, + unixpath_mode); - if (GNUNET_OK != GNUNET_DISK_directory_create_for_file (serve_unixpath)) + if (GNUNET_OK != + GNUNET_DISK_directory_create_for_file (serve_unixpath)) { GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "mkdir", @@ -793,23 +822,28 @@ main (int argc, un = GNUNET_new (struct sockaddr_un); un->sun_family = AF_UNIX; - strncpy (un->sun_path, serve_unixpath, sizeof (un->sun_path) - 1); + strncpy (un->sun_path, + serve_unixpath, + sizeof (un->sun_path) - 1); GNUNET_NETWORK_unix_precheck (un); if (NULL == (nh = GNUNET_NETWORK_socket_create (AF_UNIX, SOCK_STREAM, 0))) { - fprintf (stderr, "create failed for AF_UNIX\n"); + fprintf (stderr, + "create failed for AF_UNIX\n"); return 1; } if (GNUNET_OK != GNUNET_NETWORK_socket_bind (nh, (void *) un, sizeof (struct sockaddr_un))) { - fprintf (stderr, "bind failed for AF_UNIX\n"); + fprintf (stderr, + "bind failed for AF_UNIX\n"); return 1; } if (GNUNET_OK != GNUNET_NETWORK_socket_listen (nh, UNIX_BACKLOG)) { - fprintf (stderr, "listen failed for AF_UNIX\n"); + fprintf (stderr, + "listen failed for AF_UNIX\n"); return 1; } @@ -817,41 +851,31 @@ main (int argc, if (0 != chmod (serve_unixpath, unixpath_mode)) { - fprintf (stderr, "chmod failed: %s\n", strerror (errno)); + fprintf (stderr, + "chmod failed: %s\n", + strerror (errno)); return 1; } - GNUNET_log (GNUNET_ERROR_TYPE_INFO, "set socket '%s' to mode %o\n", serve_unixpath, unixpath_mode); - - mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG, - 0, - NULL, NULL, - &handle_mhd_request, NULL, - MHD_OPTION_LISTEN_SOCKET, fh, - MHD_OPTION_EXTERNAL_LOGGER, &handle_mhd_logs, NULL, - MHD_OPTION_NOTIFY_COMPLETED, &handle_mhd_completion_callback, NULL, - MHD_OPTION_CONNECTION_TIMEOUT, connection_timeout, -#if HAVE_DEVELOPER - MHD_OPTION_NOTIFY_CONNECTION, &connection_done, NULL, -#endif - MHD_OPTION_END); + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "set socket '%s' to mode %o\n", + serve_unixpath, + unixpath_mode); GNUNET_NETWORK_socket_free_memory_only_ (nh); } - else - { - // FIXME: refactor two calls to MHD_start_daemon - // into one, using an options array instead of varags - mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG, - serve_port, - NULL, NULL, - &handle_mhd_request, NULL, - MHD_OPTION_EXTERNAL_LOGGER, &handle_mhd_logs, NULL, - MHD_OPTION_NOTIFY_COMPLETED, &handle_mhd_completion_callback, NULL, - MHD_OPTION_CONNECTION_TIMEOUT, connection_timeout, + + + mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_PIPE_FOR_SHUTDOWN | MHD_USE_DEBUG, + (-1 == fh) ? serve_port : 0, + NULL, NULL, + &handle_mhd_request, NULL, + MHD_OPTION_LISTEN_SOCKET, fh, + MHD_OPTION_EXTERNAL_LOGGER, &handle_mhd_logs, NULL, + MHD_OPTION_NOTIFY_COMPLETED, &handle_mhd_completion_callback, NULL, + MHD_OPTION_CONNECTION_TIMEOUT, connection_timeout, #if HAVE_DEVELOPER - MHD_OPTION_NOTIFY_CONNECTION, &connection_done, NULL, + MHD_OPTION_NOTIFY_CONNECTION, &connection_done, NULL, #endif - MHD_OPTION_END); - } + MHD_OPTION_END); if (NULL == mydaemon) { @@ -884,14 +908,56 @@ main (int argc, case GNUNET_NO: { MHD_socket sock = MHD_quiesce_daemon (mydaemon); + pid_t chld; + int flags; - /* FIXME #3474: fork another MHD, passing on the listen socket! */ + /* Set flags to make 'sock' inherited by child */ + flags = fcntl (sock, F_GETFD); + GNUNET_assert (-1 != flags); + flags &= ~FD_CLOEXEC; + GNUNET_assert (-1 != fcntl (sock, F_SETFD, flags)); + chld = fork (); + if (-1 == chld) + { + /* fork() failed, continue clean up, unhappily */ + GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, + "fork"); + } + if (0 == chld) + { + char pids[12]; + + /* exec another taler-exchange-httpd, passing on the listen socket; + as in systemd it is expected to be on FD #3 */ + if (3 != dup2 (sock, 3)) + { + GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, + "dup2"); + _exit (1); + } + /* Tell the child that it is the desired recipient for FD #3 */ + GNUNET_snprintf (pids, + sizeof (pids), + "%u", + getpid ()); + setenv ("LISTEN_PID", pids, 1); + setenv ("LISTEN_FDS", "1", 1); + /* Finally, exec the (presumably) more recent exchange binary */ + execvp ("taler-exchange-httpd", + argv); + GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, + "execvp"); + _exit (1); + } + /* we're the original process, handle remaining contextions + before exiting; as the listen socket is no longer used, + close it here */ + GNUNET_break (0 == close (sock)); while (0 != MHD_get_daemon_info (mydaemon, MHD_DAEMON_INFO_CURRENT_CONNECTIONS)->num_connections) sleep (1); + /* Now we're really done, practice clean shutdown */ MHD_stop_daemon (mydaemon); - - close (sock); /* FIXME: done like this because #3474 is open */ } break; default: diff --git a/src/exchange/taler-exchange-httpd_keystate.c b/src/exchange/taler-exchange-httpd_keystate.c index a71d7676a..3649bf436 100644 --- a/src/exchange/taler-exchange-httpd_keystate.c +++ b/src/exchange/taler-exchange-httpd_keystate.c @@ -903,8 +903,8 @@ TMH_KS_loop (void) sigchld = GNUNET_SIGNAL_handler_install (SIGCHLD, &handle_sigchld); - ret = 0; - while (0 == ret) + ret = GNUNET_OK; + while (GNUNET_OK == ret) { char c; ssize_t res;