kore

An easy to use, scalable and secure web application framework for writing web APIs in C.
Commits | Files | Refs | README | LICENSE | git clone https://git.kore.io/kore.git

commit 0eb11794f56b5f04a973409cfd47605a0bfbc2a8
parent 7209a67d473d9bae49bf5351dbd68fcb9f478c41
Author: Joris Vink <joris@coders.se>
Date:   Mon,  7 Oct 2019 10:31:35 +0200

Do not add keymgr its msg fd if not started.

Reshuffles the keymgr_active flag to keymgr.c and let it be figured out
from inside kore_server_start() instead of the worker init code.

Diffstat:
include/kore/kore.h | 1+
src/keymgr.c | 4++++
src/kore.c | 12++++++++++++
src/msg.c | 2++
src/seccomp.c | 3---
src/worker.c | 10----------
6 files changed, 19 insertions(+), 13 deletions(-)

diff --git a/include/kore/kore.h b/include/kore/kore.h @@ -559,6 +559,7 @@ extern volatile sig_atomic_t sig_recv; extern int tls_version; extern DH *tls_dhparam; extern char *rand_file; +extern int keymgr_active; extern char *keymgr_runas_user; extern char *keymgr_root_path; diff --git a/src/keymgr.c b/src/keymgr.c @@ -123,6 +123,7 @@ static void keymgr_rsa_encrypt(struct kore_msg *, const void *, static void keymgr_ecdsa_sign(struct kore_msg *, const void *, struct key *); +int keymgr_active = 0; char *keymgr_root_path = NULL; char *keymgr_runas_user = NULL; @@ -132,6 +133,9 @@ kore_keymgr_run(void) int quit; u_int64_t now, last_seed; + if (keymgr_active == 0) + fatal("%s: called with keymgr_active == 0", __func__); + quit = 0; kore_server_closeall(); diff --git a/src/kore.c b/src/kore.c @@ -806,6 +806,7 @@ static void kore_server_start(int argc, char *argv[]) { u_int32_t tmp; + struct kore_server *srv; u_int64_t netwait; int quit, last_sig; #if defined(KORE_SINGLE_BINARY) @@ -829,6 +830,9 @@ kore_server_start(int argc, char *argv[]) if (!kore_quiet) { kore_log(LOG_NOTICE, "%s is starting up", __progname); +#if defined(__linux__) + kore_log(LOG_NOTICE, "seccomp sandbox enabled"); +#endif #if defined(KORE_USE_PGSQL) kore_log(LOG_NOTICE, "pgsql built-in enabled"); #endif @@ -852,6 +856,14 @@ kore_server_start(int argc, char *argv[]) kore_call_parent_configure(argc, argv); #endif + /* Check if keymgr will be active. */ + LIST_FOREACH(srv, &kore_servers, list) { + if (srv->tls) { + keymgr_active = 1; + break; + } + } + kore_platform_proctitle("[parent]"); kore_msg_init(); kore_worker_init(); diff --git a/src/msg.c b/src/msg.c @@ -54,6 +54,8 @@ kore_msg_parent_init(void) struct kore_worker *kw; for (i = 0; i < worker_count; i++) { + if (keymgr_active == 0 && i == KORE_WORKER_KEYMGR) + continue; kw = kore_worker_data(i); kore_msg_parent_add(kw); } diff --git a/src/seccomp.c b/src/seccomp.c @@ -260,9 +260,6 @@ kore_seccomp_enable(void) if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog) == -1) fatalx("prctl: %s", errno_s); - if (!kore_quiet) - kore_log(LOG_INFO, "seccomp sandbox activated"); - #if defined(KORE_USE_PYTHON) kore_python_seccomp_cleanup(); #endif diff --git a/src/worker.c b/src/worker.c @@ -83,7 +83,6 @@ static struct kore_worker *kore_workers; static int worker_no_lock; static int shm_accept_key; static struct wlock *accept_lock; -static int keymgr_active = 0; struct kore_worker *worker = NULL; u_int8_t worker_set_affinity = 1; @@ -98,7 +97,6 @@ kore_worker_init(void) { size_t len; struct kore_worker *kw; - struct kore_server *srv; u_int16_t i, cpu; worker_no_lock = 0; @@ -106,14 +104,6 @@ kore_worker_init(void) if (worker_count == 0) worker_count = cpu_count; - /* Check if keymgr will be active. */ - LIST_FOREACH(srv, &kore_servers, list) { - if (srv->tls) { - keymgr_active = 1; - break; - } - } - /* Account for the keymgr even if we don't end up starting it. */ worker_count += 1;