Update copyright notice Signed-off-by: Markus Armbruster <armbru@pond.sub.org>
Update copyright notice Signed-off-by: Markus Armbruster <armbru@pond.sub.org>
Update copyright notice Signed-off-by: Markus Armbruster <armbru@redhat.com>
Make: Support shallow git clones for testing Since commit 1ec9b94, we derive the version number from git tags with build-aux/git-version-gen. When a shallow clone doesn't include a suitable tag, this fails, and make refuses to build anything. Since Travis uses git-clone --depth=50, it'll break as soon as we've got more than 50 commits since the last release. Support arbitrarily shallow clones for limited purposes like testing by falling back from a proper V.N-H version number to UNKNOWN-H. To guard against use of such builds for other purposes, log a warning on server startup, and print one on player login. Signed-off-by: Markus Armbruster <armbru@pond.sub.org>
Update copyright notice Signed-off-by: Markus Armbruster <armbru@pond.sub.org>
Update copyright notice Signed-off-by: Markus Armbruster <armbru@pond.sub.org>
Update copyright notice Signed-off-by: Markus Armbruster <armbru@pond.sub.org>
Clean up superfluous includes Signed-off-by: Markus Armbruster <armbru@pond.sub.org>
econfig: New key running_test_suite, for use by tests For now, it just logs "Configured for testing" on startup, and prints a scary warning on player login. Signed-off-by: Markus Armbruster <armbru@pond.sub.org>
Update copyright notice Signed-off-by: Markus Armbruster <armbru@pond.sub.org>
Update known contributors comments Signed-off-by: Markus Armbruster <armbru@pond.sub.org>
server: Grow small thread stacks from 50 KiB to 64 KiB Affected are threads AcceptPlayers, MarketUpdate, shutdownSeq. Signed-off-by: Markus Armbruster <armbru@pond.sub.org>
Fix PRNG seeding to resist guessing We seed it with value of time(). It's the traditional way, but it provides only a few bits of effective entropy when an attacker has a rough idea when the program started. Instead, seed with a kernel random number. If we can't get one, fall back to a hash of gettimeofday() and getpid(). This should happen only on old systems or Windows. Far worse than a kernel random number, but far better than using time(). Note that fairland used to seed with time() + getpid() until commit 331aac2a (v4.2.20) dropped the getpid(), claiming it didn't improve the randomness. Perhaps it didn't under Windows then, but it certainly did elsewhere, so it was a regression.
Encapsulate direct use of random(), srandom() in chance.c Wrap roll0() around random(), and seed_prng() around srandom(). In preparation of replacing the PRNG.
Update copyright notice
Open journal before daemonizing, so we can fail in foreground Just like we open server.log. Also permits calling journal_prng() right where we seed the PRNG.
Update copyright notice
Rename play_lock back to update_lock It was renamed to play_lock because it synchronized not just updates but also shutdown. Since the previous commit, it again only synchronizes updates. Rename it back. Also move its initialization next to shutdown_lock's.
Fix synchronization between shutdown and player threads shutdwn() sets the EOF indicator, aborts the running command, if any, forbids sleeping on I/O and wakes up the player thread, for all player threads in state PS_PLAYING. It takes play_lock to prevent new commands from running. It then waits up to 3s for player threads to terminate, by polling player_next(), to let output buffers drain. Issues: 1. Polling is lame. 2. New player threads can still enter state PS_PLAYING. They'll block as soon as they try to run a command. Somehwat unclean. 3. We can exit before all player threads left state PS_PLAYING, losing a treasury update, play time update, and log entries. Could happen when player threads blocked on output until commit 90b3abc5 fixed that; its commit message describes the bug's impact in more detail. Since then, the bug shouldn't bite in practice, because player threads should leave state PS_PLAYING quickly. Fix by introducing shutdown_lock: player threads in state PS_PLAYING hold it shared, shutdwn() takes it exclusive, instead of play_lock. Takes care of the issues as follows: 3. shutdwn() waits until all player threads left state PS_PLAYING, no matter how long it takes them. 2. New player threads block before entering state PS_PLAYING. 1. shutdwn() still polls up to 3s for player threads to terminate. Still lame. Left for another day.
Start player thread shutdown grace time at shutdwn() entry Before, it was started after all commands aborted. Shouldn't make a difference in practice, as command abortion is supposed to be quick.