From: Stefan Sperling Subject: update gotd client state tracking To: gameoftrees@openbsd.org Date: Tue, 10 Jan 2023 15:38:41 +0100 Update client state tracking in the gotd parent process. The session process takes over the old state definitions under a new name ("session state"). The parent only needs to keep track of whether a client has been granted access, so it only uses two states: NEW, and ACCCESS_GRANTED which is set as soon as the auth process has granted repository access and before the session and repo_read/repo_write children are started. Because 'gotctl info' can no longer observe the session state remove support code for printing it. diff ee0b2e502f3be1d01835e96bdcd38afed67429f7 5204723706760347c39e54a68ab9c434e0fecb06 commit - ee0b2e502f3be1d01835e96bdcd38afed67429f7 commit + 5204723706760347c39e54a68ab9c434e0fecb06 blob - dbb09cd4673bf340a19e12a3607758538bfefff2 blob + c325f57c4de7b7c6a9487f451080651916364add --- gotctl/gotctl.c +++ gotctl/gotctl.c @@ -103,37 +103,6 @@ static const char * return NULL; } -static const char * -get_state_name(enum gotd_client_state state) -{ - static char unknown_state[64]; - - switch (state) { - case GOTD_STATE_EXPECT_LIST_REFS: - return "list-refs"; - case GOTD_STATE_EXPECT_CAPABILITIES: - return "expect-capabilities"; - case GOTD_STATE_EXPECT_WANT: - return "expect-want"; - case GOTD_STATE_EXPECT_REF_UPDATE: - return "expect-ref-update"; - case GOTD_STATE_EXPECT_MORE_REF_UPDATES: - return "expect-more-ref-updates"; - case GOTD_STATE_EXPECT_HAVE: - return "expect-have"; - case GOTD_STATE_EXPECT_PACKFILE: - return "expect-packfile"; - case GOTD_STATE_EXPECT_DONE: - return "expect-done"; - case GOTD_STATE_DONE: - return "done"; - } - - snprintf(unknown_state, sizeof(unknown_state), - "unknown state %d", state); - return unknown_state; -} - static const struct got_error * show_client_info(struct imsg *imsg) { @@ -145,8 +114,7 @@ show_client_info(struct imsg *imsg) return got_error(GOT_ERR_PRIVSEP_LEN); memcpy(&info, imsg->data, sizeof(info)); - printf("client UID %d, GID %d, protocol state '%s', ", - info.euid, info.egid, get_state_name(info.state)); + printf("client UID %d, GID %d, ", info.euid, info.egid); if (info.session_child_pid) printf("session PID %ld, ", (long)info.session_child_pid); if (info.repo_child_pid) blob - 56c227fb60619b289a5e2680330bf0651400bac8 blob + 390d403cdcb5e59c2799c5ebfea7918257bbfa92 --- gotd/gotd.c +++ gotd/gotd.c @@ -67,6 +67,11 @@ struct gotd_client { #define nitems(_a) (sizeof((_a)) / sizeof((_a)[0])) #endif +enum gotd_client_state { + GOTD_CLIENT_STATE_NEW, + GOTD_CLIENT_STATE_ACCESS_GRANTED, +}; + struct gotd_client { STAILQ_ENTRY(gotd_client) entry; enum gotd_client_state state; @@ -445,7 +450,6 @@ send_client_info(struct gotd_imsgev *iev, struct gotd_ iclient.repo_child_pid = proc->pid; } - iclient.state = client->state; if (client->session) iclient.session_child_pid = client->session->pid; @@ -542,7 +546,7 @@ start_client_authentication(struct gotd_client *client log_debug("list-refs request from uid %d", client->euid); - if (client->state != GOTD_STATE_EXPECT_LIST_REFS) + if (client->state != GOTD_CLIENT_STATE_NEW) return got_error_msg(GOT_ERR_BAD_REQUEST, "unexpected list-refs request received"); @@ -661,8 +665,7 @@ gotd_request(int fd, short events, void *arg) } if (err) { - if (err->code != GOT_ERR_EOF || - client->state != GOTD_STATE_EXPECT_PACKFILE) + if (err->code != GOT_ERR_EOF) disconnect_on_error(client, err); } else { gotd_imsg_event_add(&client->iev); @@ -714,7 +717,7 @@ recv_connect(uint32_t *client_id, struct imsg *imsg) *client_id = iconnect.client_id; - client->state = GOTD_STATE_EXPECT_LIST_REFS; + client->state = GOTD_CLIENT_STATE_NEW; client->id = iconnect.client_id; client->fd = s; s = -1; @@ -957,7 +960,7 @@ connect_repo_child(struct gotd_client *client, struct gotd_imsg_connect_repo_child ireq; int pipe[2]; - if (client->state != GOTD_STATE_EXPECT_LIST_REFS) + if (client->state != GOTD_CLIENT_STATE_ACCESS_GRANTED) return got_error_msg(GOT_ERR_BAD_REQUEST, "unexpected repo child ready signal received"); @@ -1134,6 +1137,7 @@ gotd_dispatch_auth_child(int fd, short event, void *ar err = gotd_imsg_recv_error(&client_id, &imsg); break; case GOTD_IMSG_ACCESS_GRANTED: + client->state = GOTD_CLIENT_STATE_ACCESS_GRANTED; break; default: do_disconnect = 1; @@ -1277,7 +1281,7 @@ gotd_dispatch_client_session(int fd, short event, void err = gotd_imsg_recv_error(&client_id, &imsg); break; case GOTD_IMSG_CLIENT_SESSION_READY: - if (client->state != GOTD_STATE_EXPECT_LIST_REFS) { + if (client->state != GOTD_CLIENT_STATE_ACCESS_GRANTED) { err = got_error(GOT_ERR_PRIVSEP_MSG); break; } blob - 3c7194f856798d1eab7423b732b4dad29644e13e blob + de4f9c2c78944e2a095e39c114c19e9baed240f5 --- gotd/gotd.h +++ gotd/gotd.h @@ -88,7 +88,7 @@ enum gotd_client_state { }; TAILQ_HEAD(gotd_repolist, gotd_repo); -enum gotd_client_state { +enum gotd_session_state { GOTD_STATE_EXPECT_LIST_REFS, GOTD_STATE_EXPECT_CAPABILITIES, GOTD_STATE_EXPECT_WANT, @@ -229,7 +229,6 @@ struct gotd_imsg_info_client { gid_t egid; char repo_name[NAME_MAX]; int is_writing; - enum gotd_client_state state; pid_t session_child_pid; pid_t repo_child_pid; }; blob - a6b8f011af70edd6ca8e1dd6ffc0658788c67ad1 blob + a1e9bda45d13cafee15c71ea7364217a9a432442 --- gotd/session.c +++ gotd/session.c @@ -63,7 +63,7 @@ static struct gotd_session_client { } gotd_session; static struct gotd_session_client { - enum gotd_client_state state; + enum gotd_session_state state; int is_writing; struct gotd_client_capability *capabilities; size_t ncapa_alloc;