walkero
/
nghttp2
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

nghttpx: Embed Process into OCSPUpdateContext

This commit is contained in:
Tatsuhiro Tsujikawa 2016-10-08 15:26:13 +09:00
parent 2c2188c09d
commit 4a4b2cf538
2 changed files with 15 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
src/shrpx_connection_handler.cc
View File

@ -44,7 +44,6 @@
#include "shrpx_accept_handler.h" #include "shrpx_accept_handler.h"
#include "shrpx_memcached_dispatcher.h" #include "shrpx_memcached_dispatcher.h"
#include "shrpx_signal.h" #include "shrpx_signal.h"
#include "shrpx_exec.h"
#include "util.h" #include "util.h"
#include "template.h" #include "template.h"
@ -139,7 +138,7 @@ ConnectionHandler::ConnectionHandler(struct ev_loop *loop, std::mt19937 &gen)
ocsp_.chldev.data = this; ocsp_.chldev.data = this;
ocsp_.next = 0; ocsp_.next = 0;
ocsp_.fd = -1; ocsp_.proc.rfd = -1;
reset_ocsp(); reset_ocsp();
} }
@ -496,11 +495,11 @@ bool ConnectionHandler::get_graceful_shutdown() const {
} }
void ConnectionHandler::cancel_ocsp_update() { void ConnectionHandler::cancel_ocsp_update() {
if (ocsp_.pid == 0) { if (ocsp_.proc.pid == 0) {
return; return;
} }
kill(ocsp_.pid, SIGTERM); kill(ocsp_.proc.pid, SIGTERM);
} }
// inspired by h2o_read_command function from h2o project: // inspired by h2o_read_command function from h2o project:
@ -526,13 +525,12 @@ int ConnectionHandler::start_ocsp_update(const char *cert_file) {
return -1; return -1;
} }
ocsp_.pid = proc.pid; ocsp_.proc = proc;
ocsp_.fd = proc.rfd;
ev_io_set(&ocsp_.rev, ocsp_.fd, EV_READ); ev_io_set(&ocsp_.rev, ocsp_.proc.rfd, EV_READ);
ev_io_start(loop_, &ocsp_.rev); ev_io_start(loop_, &ocsp_.rev);
ev_child_set(&ocsp_.chldev, ocsp_.pid, 0); ev_child_set(&ocsp_.chldev, ocsp_.proc.pid, 0);
ev_child_start(loop_, &ocsp_.chldev); ev_child_start(loop_, &ocsp_.chldev);
return 0; return 0;
@ -542,7 +540,8 @@ void ConnectionHandler::read_ocsp_chunk() {
std::array<uint8_t, 4_k> buf; std::array<uint8_t, 4_k> buf;
for (;;) { for (;;) {
ssize_t n; ssize_t n;
while ((n = read(ocsp_.fd, buf.data(), buf.size())) == -1 && errno == EINTR) while ((n = read(ocsp_.proc.rfd, buf.data(), buf.size())) == -1 &&
errno == EINTR)
; ;
if (n == -1) { if (n == -1) {
@ -614,12 +613,12 @@ void ConnectionHandler::handle_ocsp_complete() {
} }
void ConnectionHandler::reset_ocsp() { void ConnectionHandler::reset_ocsp() {
if (ocsp_.fd != -1) { if (ocsp_.proc.rfd != -1) {
close(ocsp_.fd); close(ocsp_.proc.rfd);
} }
ocsp_.fd = -1; ocsp_.proc.rfd = -1;
ocsp_.pid = 0; ocsp_.proc.pid = 0;
ocsp_.error = 0; ocsp_.error = 0;
ocsp_.resp = std::vector<uint8_t>(); ocsp_.resp = std::vector<uint8_t>();
} }

7
src/shrpx_connection_handler.h
View File

@ -50,6 +50,7 @@
#include "shrpx_downstream_connection_pool.h" #include "shrpx_downstream_connection_pool.h"
#include "shrpx_config.h" #include "shrpx_config.h"
#include "shrpx_exec.h"
namespace shrpx { namespace shrpx {
@ -71,17 +72,15 @@ class CertLookupTree;
struct OCSPUpdateContext { struct OCSPUpdateContext {
// ocsp response buffer // ocsp response buffer
std::vector<uint8_t> resp; std::vector<uint8_t> resp;
// Process running fetch-ocsp-response script
Process proc;
// index to ConnectionHandler::all_ssl_ctx_, which points to next // index to ConnectionHandler::all_ssl_ctx_, which points to next
// SSL_CTX to update ocsp response cache. // SSL_CTX to update ocsp response cache.
size_t next; size_t next;
ev_child chldev; ev_child chldev;
ev_io rev; ev_io rev;
// fd to read response from fetch-ocsp-response script
int fd;
// errno encountered while processing response // errno encountered while processing response
int error; int error;
// pid of forked fetch-ocsp-response script process
pid_t pid;
}; };
// SerialEvent is an event sent from Worker thread. // SerialEvent is an event sent from Worker thread.