extern void spawn_req_pack(spawn_req_t *req, Buf buf) { int i, j; spawn_subcmd_t *subcmd; void *auth_cred; auth_cred = g_slurm_auth_create(NULL, 2, slurm_get_auth_info()); if (auth_cred == NULL) { error("authentication: %s", g_slurm_auth_errstr(g_slurm_auth_errno(NULL)) ); return; } (void) g_slurm_auth_pack(auth_cred, buf); (void) g_slurm_auth_destroy(auth_cred); pack32(req->seq, buf); packstr(req->from_node, buf); pack32(req->subcmd_cnt, buf); pack32(req->preput_cnt, buf); for (i = 0; i < req->preput_cnt; i ++) { packstr(req->pp_keys[i], buf); packstr(req->pp_vals[i], buf); } for (i = 0; i < req->subcmd_cnt; i ++) { subcmd = req->subcmds[i]; packstr(subcmd->cmd, buf); pack32(subcmd->max_procs, buf); pack32(subcmd->argc, buf); for (j = 0; j < subcmd->argc; j ++) { packstr(subcmd->argv[j], buf); } pack32(subcmd->info_cnt, buf); for (j = 0; j < subcmd->info_cnt; j ++) { packstr(subcmd->info_keys[j], buf); packstr(subcmd->info_vals[j], buf); } } }
static void * _handle_accept(void *arg) { /*struct request_params *param = (struct request_params *)arg;*/ int fd = ((struct request_params *)arg)->fd; slurmd_job_t *job = ((struct request_params *)arg)->job; int req; int len; Buf buffer; void *auth_cred; int rc; uid_t uid; gid_t gid; debug3("Entering _handle_accept (new thread)"); xfree(arg); safe_read(fd, &req, sizeof(int)); if (req != REQUEST_CONNECT) { error("First message must be REQUEST_CONNECT"); goto fail; } safe_read(fd, &len, sizeof(int)); buffer = init_buf(len); safe_read(fd, get_buf_data(buffer), len); /* Unpack and verify the auth credential */ auth_cred = g_slurm_auth_unpack(buffer); if (auth_cred == NULL) { error("Unpacking authentication credential: %s", g_slurm_auth_errstr(g_slurm_auth_errno(NULL))); free_buf(buffer); goto fail; } rc = g_slurm_auth_verify(auth_cred, NULL, 2, NULL); if (rc != SLURM_SUCCESS) { error("Verifying authentication credential: %s", g_slurm_auth_errstr(g_slurm_auth_errno(auth_cred))); (void) g_slurm_auth_destroy(auth_cred); free_buf(buffer); goto fail; } /* Get the uid & gid from the credential, then destroy it. */ uid = g_slurm_auth_get_uid(auth_cred, NULL); gid = g_slurm_auth_get_gid(auth_cred, NULL); debug3(" Identity: uid=%d, gid=%d", uid, gid); g_slurm_auth_destroy(auth_cred); free_buf(buffer); rc = SLURM_SUCCESS; safe_write(fd, &rc, sizeof(int)); while (1) { rc = _handle_request(fd, job, uid, gid); if (rc != SLURM_SUCCESS) break; } if (close(fd) == -1) error("Closing accepted fd: %m"); pthread_mutex_lock(&message_lock); message_connections--; pthread_cond_signal(&message_cond); pthread_mutex_unlock(&message_lock); debug3("Leaving _handle_accept"); return NULL; fail: rc = SLURM_FAILURE; safe_write(fd, &rc, sizeof(int)); rwfail: if (close(fd) == -1) error("Closing accepted fd after error: %m"); debug("Leaving _handle_accept on an error"); return NULL; }
extern int spawn_req_unpack(spawn_req_t **req_ptr, Buf buf) { spawn_req_t *req = NULL; spawn_subcmd_t *subcmd = NULL; uint32_t temp32; int i, j; void *auth_cred; uid_t auth_uid, my_uid; auth_cred = g_slurm_auth_unpack(buf); if (auth_cred == NULL) { error("authentication: %s", g_slurm_auth_errstr(g_slurm_auth_errno(NULL)) ); return SLURM_ERROR; } auth_uid = g_slurm_auth_get_uid(auth_cred, NULL); (void) g_slurm_auth_destroy(auth_cred); my_uid = getuid(); if ((auth_uid != 0) && (auth_uid != my_uid)) { error("mpi/pmi2: spawn request apparently from uid %u", (uint32_t) auth_uid); return SLURM_ERROR; } req = xmalloc(sizeof(spawn_req_t)); safe_unpack32(&req->seq, buf); safe_unpackstr_xmalloc(&req->from_node, &temp32, buf); safe_unpack32(&req->subcmd_cnt, buf); /* subcmd_cnt must be greater than 0 */ req->subcmds = xmalloc(req->subcmd_cnt * sizeof(spawn_subcmd_t *)); safe_unpack32(&req->preput_cnt, buf); if (req->preput_cnt > 0) { req->pp_keys = xmalloc(req->preput_cnt * sizeof(char *)); req->pp_vals = xmalloc(req->preput_cnt * sizeof(char *)); for (i = 0; i < req->preput_cnt; i ++) { safe_unpackstr_xmalloc(&req->pp_keys[i], &temp32, buf); safe_unpackstr_xmalloc(&req->pp_vals[i], &temp32, buf); } } for (i = 0; i < req->subcmd_cnt; i ++) { req->subcmds[i] = spawn_subcmd_new(); subcmd = req->subcmds[i]; safe_unpackstr_xmalloc(&(subcmd->cmd), &temp32, buf); safe_unpack32(&(subcmd->max_procs), buf); safe_unpack32(&(subcmd->argc), buf); if (subcmd->argc > 0) { subcmd->argv = xmalloc(subcmd->argc * sizeof(char *)); for (j = 0; j < subcmd->argc; j ++) { safe_unpackstr_xmalloc(&(subcmd->argv[j]), &temp32, buf); } } safe_unpack32(&(subcmd->info_cnt), buf); if (subcmd->info_cnt > 0) { subcmd->info_keys = xmalloc(subcmd->info_cnt * sizeof(char *)); subcmd->info_vals = xmalloc(subcmd->info_cnt * sizeof(char *)); for (j = 0; j < subcmd->info_cnt; j ++) { safe_unpackstr_xmalloc(&(subcmd->info_keys[j]), &temp32, buf); safe_unpackstr_xmalloc(&(subcmd->info_vals[j]), &temp32, buf); } } } *req_ptr = req; return SLURM_SUCCESS; unpack_error: spawn_req_free(req); return SLURM_ERROR; }
/* * Connect to a slurmstepd proccess by way of its unix domain socket. * * Both "directory" and "nodename" may be null, in which case stepd_connect * will attempt to determine them on its own. If you are using multiple * slurmd on one node (unusual outside of development environments), you * will get one of the local NodeNames more-or-less at random. * * Returns a socket descriptor for the opened socket on success, * and -1 on error. */ int stepd_connect(const char *directory, const char *nodename, uint32_t jobid, uint32_t stepid) { int req = REQUEST_CONNECT; int fd = -1; int rc; void *auth_cred; Buf buffer; int len; if (nodename == NULL) { if (!(nodename = _guess_nodename())) return -1; } if (directory == NULL) { slurm_ctl_conf_t *cf; cf = slurm_conf_lock(); directory = slurm_conf_expand_slurmd_path( cf->slurmd_spooldir, nodename); slurm_conf_unlock(); } buffer = init_buf(0); /* Create an auth credential */ auth_cred = g_slurm_auth_create(NULL, 2, NULL); if (auth_cred == NULL) { error("Creating authentication credential: %s", g_slurm_auth_errstr(g_slurm_auth_errno(NULL))); slurm_seterrno(SLURM_PROTOCOL_AUTHENTICATION_ERROR); goto fail1; } /* Pack the auth credential */ rc = g_slurm_auth_pack(auth_cred, buffer); (void) g_slurm_auth_destroy(auth_cred); if (rc) { error("Packing authentication credential: %s", g_slurm_auth_errstr(g_slurm_auth_errno(auth_cred))); slurm_seterrno(SLURM_PROTOCOL_AUTHENTICATION_ERROR); goto fail1; } /* Connect to the step */ fd = _step_connect(directory, nodename, jobid, stepid); if (fd == -1) goto fail1; safe_write(fd, &req, sizeof(int)); len = size_buf(buffer); safe_write(fd, &len, sizeof(int)); safe_write(fd, get_buf_data(buffer), len); safe_read(fd, &rc, sizeof(int)); if (rc < 0) { error("slurmstepd refused authentication: %m"); slurm_seterrno(SLURM_PROTOCOL_AUTHENTICATION_ERROR); goto rwfail; } free_buf(buffer); return fd; rwfail: close(fd); fail1: free_buf(buffer); return -1; }
/* * Connect to a slurmstepd proccess by way of its unix domain socket. * * Both "directory" and "nodename" may be null, in which case stepd_connect * will attempt to determine them on its own. If you are using multiple * slurmd on one node (unusual outside of development environments), you * will get one of the local NodeNames more-or-less at random. * * Returns a socket descriptor for the opened socket on success, * and -1 on error. */ int stepd_connect(const char *directory, const char *nodename, uint32_t jobid, uint32_t stepid, uint16_t *protocol_version) { int req = REQUEST_CONNECT; int fd = -1; int rc; void *auth_cred; Buf buffer; int len; *protocol_version = 0; if (nodename == NULL) { if (!(nodename = _guess_nodename())) return -1; } if (directory == NULL) { slurm_ctl_conf_t *cf; cf = slurm_conf_lock(); directory = slurm_conf_expand_slurmd_path( cf->slurmd_spooldir, nodename); slurm_conf_unlock(); } buffer = init_buf(0); /* Create an auth credential */ auth_cred = g_slurm_auth_create(NULL, 2, NULL); if (auth_cred == NULL) { error("Creating authentication credential: %s", g_slurm_auth_errstr(g_slurm_auth_errno(NULL))); slurm_seterrno(SLURM_PROTOCOL_AUTHENTICATION_ERROR); goto fail1; } /* Pack the auth credential */ rc = g_slurm_auth_pack(auth_cred, buffer); (void) g_slurm_auth_destroy(auth_cred); if (rc) { error("Packing authentication credential: %s", g_slurm_auth_errstr(g_slurm_auth_errno(auth_cred))); slurm_seterrno(SLURM_PROTOCOL_AUTHENTICATION_ERROR); goto fail1; } /* Connect to the step */ fd = _step_connect(directory, nodename, jobid, stepid); if (fd == -1) goto fail1; safe_write(fd, &req, sizeof(int)); len = size_buf(buffer); safe_write(fd, &len, sizeof(int)); safe_write(fd, get_buf_data(buffer), len); safe_read(fd, &rc, sizeof(int)); if (rc < 0) { error("slurmstepd refused authentication: %m"); slurm_seterrno(SLURM_PROTOCOL_AUTHENTICATION_ERROR); goto rwfail; } else if (rc) *protocol_version = rc; else { /* 0n older versions of Slurm < 14.11 SLURM_SUCCESS * was returned here instead of the protocol version. * This can be removed when we are 2 versions past * 14.11. */ slurmstepd_info_t *stepd_info = stepd_get_info(fd); *protocol_version = stepd_info->protocol_version; xfree(stepd_info); } free_buf(buffer); return fd; rwfail: close(fd); fail1: free_buf(buffer); return -1; }