Merge pull request #429 from spiral/2.0

Release 2.0-dev

5 files changed, 223 insertions, 0 deletions

diff --git a/utils/doc.go b/utils/doc.go
new file mode 100755
index 00000000..2c1c0d9c
--- /dev/null
+++ b/utils/doc.go
@@ -0,0 +1,5 @@
+package utils
+
+/*
+This package should not contain roadrunner dependencies, only system or third-party
+*/
diff --git a/utils/isolate.go b/utils/isolate.go
new file mode 100755
index 00000000..b05f4b3a
--- /dev/null
+++ b/utils/isolate.go
@@ -0,0 +1,59 @@
+// +build !windows
+
+package utils
+
+import (
+	"fmt"
+	"os"
+	"os/exec"
+	"os/user"
+	"strconv"
+	"syscall"
+
+	"github.com/spiral/errors"
+)
+
+// IsolateProcess change gpid for the process to avoid bypassing signals to php processes.
+func IsolateProcess(cmd *exec.Cmd) {
+	cmd.SysProcAttr = &syscall.SysProcAttr{Setpgid: true, Pgid: 0}
+}
+
+// ExecuteFromUser may work only if run RR under root user
+func ExecuteFromUser(cmd *exec.Cmd, u string) error {
+	const op = errors.Op("execute_from_user")
+	usr, err := user.Lookup(u)
+	if err != nil {
+		return errors.E(op, err)
+	}
+
+	usrI32, err := strconv.ParseInt(usr.Uid, 10, 32)
+	if err != nil {
+		return errors.E(op, err)
+	}
+
+	grI32, err := strconv.ParseInt(usr.Gid, 10, 32)
+	if err != nil {
+		return errors.E(op, err)
+	}
+
+	// For more information:
+	// https://www.man7.org/linux/man-pages/man7/user_namespaces.7.html
+	// https://www.man7.org/linux/man-pages/man7/namespaces.7.html
+	if _, err := os.Stat("/proc/self/ns/user"); err != nil {
+		if os.IsNotExist(err) {
+			return fmt.Errorf("kernel doesn't support user namespaces")
+		}
+		if os.IsPermission(err) {
+			return fmt.Errorf("unable to test user namespaces due to permissions")
+		}
+
+		return errors.E(op, errors.Errorf("failed to stat /proc/self/ns/user: %v", err))
+	}
+
+	cmd.SysProcAttr.Credential = &syscall.Credential{
+		Uid: uint32(usrI32),
+		Gid: uint32(grI32),
+	}
+
+	return nil
+}
diff --git a/utils/isolate_win.go b/utils/isolate_win.go
new file mode 100755
index 00000000..b2b213a8
--- /dev/null
+++ b/utils/isolate_win.go
@@ -0,0 +1,17 @@
+// +build windows
+
+package utils
+
+import (
+	"os/exec"
+	"syscall"
+)
+
+// IsolateProcess change gpid for the process to avoid bypassing signals to php processes.
+func IsolateProcess(cmd *exec.Cmd) {
+	cmd.SysProcAttr = &syscall.SysProcAttr{CreationFlags: syscall.CREATE_NEW_PROCESS_GROUP}
+}
+
+func ExecuteFromUser(cmd *exec.Cmd, u string) error {
+	return nil
+}
diff --git a/utils/network.go b/utils/network.go
new file mode 100755
index 00000000..e57854a8
--- /dev/null
+++ b/utils/network.go
@@ -0,0 +1,79 @@
+// +build linux darwin freebsd
+
+package utils
+
+import (
+	"fmt"
+	"net"
+	"os"
+	"strings"
+	"syscall"
+
+	"github.com/valyala/tcplisten"
+)
+
+//   - SO_REUSEPORT. This option allows linear scaling server performance
+//     on multi-CPU servers.
+//     See https://www.nginx.com/blog/socket-sharding-nginx-release-1-9-1/ for details.
+//
+//   - TCP_DEFER_ACCEPT. This option expects the server reads from the accepted
+//     connection before writing to them.
+//
+//   - TCP_FASTOPEN. See https://lwn.net/Articles/508865/ for details.
+// CreateListener crates socket listener based on DSN definition.
+func CreateListener(address string) (net.Listener, error) {
+	dsn := strings.Split(address, "://")
+
+	switch len(dsn) {
+	case 1:
+		// assume, that there is no prefix here [127.0.0.1:8000]
+		return createTCPListener(dsn[0])
+	case 2:
+		// we got two part here, first part is the transport, second - address
+		// [tcp://127.0.0.1:8000] OR [unix:///path/to/unix.socket] OR [error://path]
+		// where error is wrong transport name
+		switch dsn[0] {
+		case "unix":
+			// check of file exist. If exist, unlink
+			if fileExists(dsn[1]) {
+				err := syscall.Unlink(dsn[1])
+				if err != nil {
+					return nil, fmt.Errorf("error during the unlink syscall: error %v", err)
+				}
+			}
+			return net.Listen(dsn[0], dsn[1])
+		case "tcp":
+			return createTCPListener(dsn[1])
+			// not an tcp or unix
+		default:
+			return nil, fmt.Errorf("invalid Protocol ([tcp://]:6001, unix://file.sock), address: %s", address)
+		}
+		// wrong number of split parts
+	default:
+		return nil, fmt.Errorf("wrong number of parsed protocol parts, address: %s", address)
+	}
+}
+
+func createTCPListener(addr string) (net.Listener, error) {
+	cfg := tcplisten.Config{
+		ReusePort:   true,
+		DeferAccept: true,
+		FastOpen:    true,
+		Backlog:     0,
+	}
+	listener, err := cfg.NewListener("tcp4", addr)
+	if err != nil {
+		return nil, err
+	}
+	return listener, nil
+}
+
+// fileExists checks if a file exists and is not a directory before we
+// try using it to prevent further errors.
+func fileExists(filename string) bool {
+	info, err := os.Stat(filename)
+	if os.IsNotExist(err) {
+		return false
+	}
+	return !info.IsDir()
+}
diff --git a/utils/network_windows.go b/utils/network_windows.go
new file mode 100755
index 00000000..6eefb8f7
--- /dev/null
+++ b/utils/network_windows.go
@@ -0,0 +1,63 @@
+// +build windows
+
+package utils
+
+import (
+	"fmt"
+	"net"
+	"os"
+	"strings"
+	"syscall"
+)
+
+// CreateListener crates socket listener based on DSN definition.
+func CreateListener(address string) (net.Listener, error) {
+	dsn := strings.Split(address, "://")
+
+	switch len(dsn) {
+	case 1:
+		// assume, that there is no prefix here [127.0.0.1:8000]
+		return createTCPListener(dsn[0])
+	case 2:
+		// we got two part here, first part is the transport, second - address
+		// [tcp://127.0.0.1:8000] OR [unix:///path/to/unix.socket] OR [error://path]
+		// where error is wrong transport name
+		switch dsn[0] {
+		case "unix":
+			// check of file exist. If exist, unlink
+			if fileExists(dsn[1]) {
+				err := syscall.Unlink(dsn[1])
+				if err != nil {
+					return nil, fmt.Errorf("error during the unlink syscall: error %v", err)
+				}
+			}
+			return net.Listen(dsn[0], dsn[1])
+		case "tcp":
+			return createTCPListener(dsn[1])
+			// not an tcp or unix
+		default:
+			return nil, fmt.Errorf("invalid Protocol ([tcp://]:6001, unix://file.sock), address: %s", address)
+		}
+		// wrong number of split parts
+	default:
+		return nil, fmt.Errorf("wrong number of parsed protocol parts, address: %s", address)
+	}
+}
+
+func createTCPListener(addr string) (net.Listener, error) {
+	listener, err := net.Listen("tcp", addr)
+	if err != nil {
+		return nil, err
+	}
+	return listener, nil
+}
+
+// fileExists checks if a file exists and is not a directory before we
+// try using it to prevent further errors.
+func fileExists(filename string) bool {
+	info, err := os.Stat(filename)
+	if os.IsNotExist(err) {
+		return false
+	}
+	return !info.IsDir()
+}