On Thu, Feb 18, 2021 at 11:57:52AM +0100, Claudio Jeker wrote:
> This diff moves the mkpath() call from the rsync child to the parent.
> As a result the rsync process no longer needs cpath. It will also simplify
> integration of RRDP since that will be another process.
ok tb
>
> --
> :wq Claudio
>
> ? obj
> Index: extern.h
> ===================================================================
> RCS file: /cvs/src/usr.sbin/rpki-client/extern.h,v
> retrieving revision 1.44
> diff -u -p -r1.44 extern.h
> --- extern.h 16 Feb 2021 08:52:00 -0000 1.44
> +++ extern.h 18 Feb 2021 10:51:17 -0000
> @@ -449,7 +449,7 @@ int output_json(FILE *, struct vrp_tre
> void logx(const char *fmt, ...)
> __attribute__((format(printf, 1, 2)));
>
> -int mkpath(const char *);
> +int mkpath(int, const char *);
>
> #define RPKI_PATH_OUT_DIR "/var/db/rpki-client"
> #define RPKI_PATH_BASE_DIR "/var/cache/rpki-client"
> Index: main.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/rpki-client/main.c,v
> retrieving revision 1.101
> diff -u -p -r1.101 main.c
> --- main.c 18 Feb 2021 10:10:20 -0000 1.101
> +++ main.c 18 Feb 2021 10:51:17 -0000
> @@ -27,6 +27,7 @@
> #include <err.h>
> #include <errno.h>
> #include <dirent.h>
> +#include <fcntl.h>
> #include <fnmatch.h>
> #include <fts.h>
> #include <poll.h>
> @@ -91,6 +92,7 @@ RB_PROTOTYPE(filepath_tree, filepath, en
>
> static struct filepath_tree fpt = RB_INITIALIZER(&fpt);
> static struct msgbuf procq, rsyncq;
> +static int cachefd;
>
> const char *bird_tablename = "ROAS";
>
> @@ -289,6 +291,15 @@ repo_fetch(struct repo *rp)
> return;
> }
>
> + /*
> + * Create destination location.
> + * Build up the tree to this point because GPL rsync(1)
> + * will not build the destination for us.
> + */
> +
> + if (mkpath(cachefd, rp->local) == -1)
> + err(1, "%s", rp->local);
> +
> logx("%s: pulling from network", rp->local);
> if ((b = ibuf_dynamic(256, UINT_MAX)) == NULL)
> err(1, NULL);
> @@ -684,7 +695,7 @@ add_to_del(char **del, size_t *dsz, char
> }
>
> static size_t
> -repo_cleanup(const char *cachedir)
> +repo_cleanup(int dirfd)
> {
> size_t i, delsz = 0;
> char *argv[2], **del = NULL;
> @@ -692,8 +703,8 @@ repo_cleanup(const char *cachedir)
> FTSENT *e;
>
> /* change working directory to the cache directory */
> - if (chdir(cachedir) == -1)
> - err(1, "%s: chdir", cachedir);
> + if (fchdir(dirfd) == -1)
> + err(1, "fchdir");
>
> for (i = 0; i < rt.reposz; i++) {
> if (asprintf(&argv[0], "%s", rt.repos[i].local) == -1)
> @@ -866,6 +877,9 @@ main(int argc, char *argv[])
> goto usage;
> }
>
> + if ((cachefd = open(cachedir, O_RDONLY, 0)) == -1)
> + err(1, "cache directory %s", cachedir);
> +
> if (outformats == 0)
> outformats = FORMAT_OPENBGPD;
>
> @@ -891,8 +905,8 @@ main(int argc, char *argv[])
> close(fd[1]);
>
> /* change working directory to the cache directory */
> - if (chdir(cachedir) == -1)
> - err(1, "%s: chdir", cachedir);
> + if (fchdir(cachefd) == -1)
> + err(1, "fchdir");
>
> /* Only allow access to the cache directory. */
> if (unveil(cachedir, "r") == -1)
> @@ -924,8 +938,8 @@ main(int argc, char *argv[])
> close(fd[1]);
>
> /* change working directory to the cache directory */
> - if (chdir(cachedir) == -1)
> - err(1, "%s: chdir", cachedir);
> + if (fchdir(cachefd) == -1)
> + err(1, "fchdir");
>
> if (pledge("stdio rpath cpath proc exec unveil", NULL)
> == -1)
> @@ -1088,7 +1102,7 @@ main(int argc, char *argv[])
> if (outputfiles(&v, &stats))
> rc = 1;
>
> - stats.del_files = repo_cleanup(cachedir);
> + stats.del_files = repo_cleanup(cachefd);
>
> logx("Route Origin Authorizations: %zu (%zu failed parse, %zu invalid)",
> stats.roas, stats.roas_fail, stats.roas_invalid);
> Index: mkdir.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/rpki-client/mkdir.c,v
> retrieving revision 1.1
> diff -u -p -r1.1 mkdir.c
> --- mkdir.c 2 Feb 2021 18:33:11 -0000 1.1
> +++ mkdir.c 18 Feb 2021 10:51:17 -0000
> @@ -43,7 +43,7 @@
> * dir_mode - file mode of intermediate directories
> */
> int
> -mkpath(const char *dir)
> +mkpath(int dirfd, const char *dir)
> {
> char *path, *slash;
> int done;
> @@ -59,7 +59,7 @@ mkpath(const char *dir)
> done = (*slash == '\0');
> *slash = '\0';
>
> - if (mkdir(path, 0700) == -1 && errno != EEXIST) {
> + if (mkdirat(dirfd, path, 0700) == -1 && errno != EEXIST) {
> free(path);
> return (-1);
> }
> Index: rsync.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/rpki-client/rsync.c,v
> retrieving revision 1.17
> diff -u -p -r1.17 rsync.c
> --- rsync.c 16 Feb 2021 08:52:00 -0000 1.17
> +++ rsync.c 18 Feb 2021 10:51:17 -0000
> @@ -167,7 +167,7 @@ proc_rsync(char *prog, char *bind_addr,
> if (unveil(NULL, NULL) == -1)
> err(1, "unveil");
>
> - if (pledge("stdio cpath proc exec", NULL) == -1)
> + if (pledge("stdio proc exec", NULL) == -1)
> err(1, "pledge");
>
> /* Initialise retriever for children exiting. */
> @@ -260,15 +260,6 @@ proc_rsync(char *prog, char *bind_addr,
> io_str_read(fd, &uri);
> assert(dst);
> assert(uri);
> -
> - /*
> - * Create source and destination locations.
> - * Build up the tree to this point because GPL rsync(1)
> - * will not build the destination for us.
> - */
> -
> - if (mkpath(dst) == -1)
> - err(1, "%s", dst);
>
> /* Run process itself, wait for exit, check error. */
>
>
