diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2016-12-01 11:57:31 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2016-12-01 12:03:46 +0100 |
| commit | 4d24f126319cf86b33d7c999f8ceabe0bb1f4abc (patch) | |
| tree | fe49798ab6492939dba5ecaf7abce834ac888023 | |
| parent | 8184304b3e7c5ae92779f7f6bc8c4bb1aeb2d8eb (diff) | |
lacme: terminate the accountd when the ACME client terminates.
| -rwxr-xr-x | lacme | 16 |
1 files changed, 11 insertions, 5 deletions
@@ -399,7 +399,7 @@ sub acme_client($@) { my $args = shift; my @args = @_; - my $client; + my ($client, $cleanup); my $conf = $CONFIG->{client}; if (defined (my $accountd = $CONFIG->{accountd})) { socketpair($client, my $s, AF_UNIX, SOCK_STREAM, PF_UNSPEC) or die "socketpair: $!"; @@ -417,12 +417,12 @@ sub acme_client($@) { } print STDERR "[$$] Forking lacme-accountd, child PID $pid\n" if $OPTS{debug}; $s->close() or die "Can't close: $!"; - push @CLEANUP, sub() { + $cleanup = sub() { print STDERR "[$$] Shutting down lacme-accountd\n" if $OPTS{debug}; shutdown($client, SHUT_RDWR) or warn "shutdown: $!"; - kill 15 => $pid; - waitpid $pid => 0; + $client->close() or warn "close: $!"; }; + push @CLEANUP, $cleanup; } else { my @stat; @@ -451,12 +451,18 @@ sub acme_client($@) { # child doesn't have access to the parent's memory my @fileno = map { fileno($_) =~ /^(\d+)$/ ? $1 : die } ($CONFFILE, $client); # untaint fileno set_FD_CLOEXEC($client, 1); - spawn({%$args{qw/in out/}, child => sub() { + my $rv = spawn({%$args{qw/in out/}, child => sub() { drop_privileges($conf->{user}, $conf->{group}, $args->{chdir} // '/'); set_FD_CLOEXEC($_, 0) foreach ($CONFFILE, $client); seek($CONFFILE, SEEK_SET, 0) or die "Can't seek: $!"; $ENV{DEBUG} = $OPTS{debug}; }}, $conf->{command}, $COMMAND, @fileno, @args); + + if (defined $cleanup) { + @CLEANUP = grep { $_ ne $cleanup } @CLEANUP; + $cleanup->(); + } + return $rv; } sub spawn($@) { |