From 4d24f126319cf86b33d7c999f8ceabe0bb1f4abc Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Thu, 1 Dec 2016 11:57:31 +0100 Subject: lacme: terminate the accountd when the ACME client terminates. --- lacme | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) (limited to 'lacme') diff --git a/lacme b/lacme index 839d53d..edcc77e 100755 --- a/lacme +++ b/lacme @@ -399,7 +399,7 @@ sub acme_client($@) { my $args = shift; my @args = @_; - my $client; + my ($client, $cleanup); my $conf = $CONFIG->{client}; if (defined (my $accountd = $CONFIG->{accountd})) { socketpair($client, my $s, AF_UNIX, SOCK_STREAM, PF_UNSPEC) or die "socketpair: $!"; @@ -417,12 +417,12 @@ sub acme_client($@) { } print STDERR "[$$] Forking lacme-accountd, child PID $pid\n" if $OPTS{debug}; $s->close() or die "Can't close: $!"; - push @CLEANUP, sub() { + $cleanup = sub() { print STDERR "[$$] Shutting down lacme-accountd\n" if $OPTS{debug}; shutdown($client, SHUT_RDWR) or warn "shutdown: $!"; - kill 15 => $pid; - waitpid $pid => 0; + $client->close() or warn "close: $!"; }; + push @CLEANUP, $cleanup; } else { my @stat; @@ -451,12 +451,18 @@ sub acme_client($@) { # child doesn't have access to the parent's memory my @fileno = map { fileno($_) =~ /^(\d+)$/ ? $1 : die } ($CONFFILE, $client); # untaint fileno set_FD_CLOEXEC($client, 1); - spawn({%$args{qw/in out/}, child => sub() { + my $rv = spawn({%$args{qw/in out/}, child => sub() { drop_privileges($conf->{user}, $conf->{group}, $args->{chdir} // '/'); set_FD_CLOEXEC($_, 0) foreach ($CONFFILE, $client); seek($CONFFILE, SEEK_SET, 0) or die "Can't seek: $!"; $ENV{DEBUG} = $OPTS{debug}; }}, $conf->{command}, $COMMAND, @fileno, @args); + + if (defined $cleanup) { + @CLEANUP = grep { $_ ne $cleanup } @CLEANUP; + $cleanup->(); + } + return $rv; } sub spawn($@) { -- cgit v1.2.3