Re-using an inherited file descriptor to /dev/urandom frees us
from problems with mount options including 'nodev' and removes a
capability from the set we need.
Change-Id: I70337e923f802d7efbd3159c11a4e39f6529b6e6
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
This will enable thread joining before fork for bgsave.
Change-Id: I68c7c53f892f5edef861137c48759c7ccb8532ab
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
This lets us detect when Kit processes die without waiting for
the poll() timeout and feebly spinning the PrisonerPoll loop.
Instead we get notified immediately; but to do this we then need
to be able to safely transfer the socket between SocketPolls.
SocketPoll's should own Sockets - so by switching ChildProcess to
use a weak_ptr and also the NewChildren list - we can have standard
ownership and a sensible transfer between SocketPolls. A Socket is
owned either by PrisonerPoll or a DocumentBroker in the normal way.
Clean the NewChildren list as/when children are unexpectedly killed
apparently there are still some ownership issues probably around
the strong ChildProcess _ws pointer.
Change-Id: Ie541a9d03e36aee53fd57c45953e0de21ebe1828
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
Reduce the uses of MOBILEAPP conditionals by using the isMobileApp
function.
Signed-off-by: Jaume Pujantell <jaume.pujantell@collabora.com>
Change-Id: If541307fbc457b342674cc560b6c53454f3904cf
This should not have been necessary for a long time; but add
some assertions to help check.
Change-Id: Iedbc0bb57839209d1f1caeaab7094e335c881e57
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
- Docbroker only uploads the document when the document is already saved and
there are no further modifications.
- But when using typer once dockerbroker saves the document and tries to upload
there are already new changes to the document. Therefore, docbroker keeps on
saving this new changes and keeps on skiping the upload as there are new
changes to the document; until it times out
Signed-off-by: Rashesh Padia <rashesh.padia@collabora.com>
Change-Id: I427d37a6228299006530daddebdf4365af63588b
Fix race condition in testSaveOnDisconnect by waiting for kit process to
stop instead of just counting total kit processes
Signed-off-by: Neil Guertin <neil.guertin@collabora.com>
Change-Id: I6bda6b114070123a1366bc04eac1873f19928ac0
Noticed in some k8s deployments where alias groups were
defined with port. For lok_allow we need only host name.
Avoid adding empty hosts.
Signed-off-by: Szymon Kłos <szymon.klos@collabora.com>
Change-Id: Ic9cd574f9b6faa3c382229a853883a128e9b0620
We no longer send LOOL-WOPI headers, unless
the configuration specifically flags for
legacy servers. But we always send COOL-WOPI
even to legacy servers, to help them upgrade
seamlessly.
Change-Id: Ifc919ed8f6665cd8f846117ef4e8b7ef09fbd563
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
This makes it easier to support even earlier use
of RequestVettingStation, when cool.html is served.
Change-Id: I206f5f593a33806c24c6ed1e126d4cae5500f405
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
This replaces the synchronous loading logic
with the new asynchronous one.
Change-Id: I20fd7903cffbbd7c524d8051295113439ef75d5b
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
It's not used, since no external storage
is supported in the apps.
Change-Id: I5cf765ef3cb38dcb396318f6b9ace56bf4e127a2
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
This moves ClientRequestDispatcher and all
its direct exclusive dependencies to its
own file and adjusts formatting.
No functional changes were performed,
although namespaces were restored and
other minor changes were done for
consistency.
The resulting file is still rather large
at around 2000 lines, but that makes
COOLWSD.cpp smaller by about 30% now.
Change-Id: I59bcd997ad08702ce7029c6791095e75ad9b23b0
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
config.h should be included as the 1st line in each source file.
It should not be included in headers.
config_version.h which changes on every commit should not be
included widely - so remove it from the HttpRequest heeader to
save tinderbox's ccache.
Fetch version info from helper methods rather than in-lining via
defines, to better encapsulate.
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
Change-Id: If449a36f1ac61940f04d70d5f4180db389d9b4c4
and default printer. In typical deployment these should be effectively
no no-op, so mostly aligns debugging env with deployment env so whatever
printer happens to be installed locally has no effect.
Signed-off-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Change-Id: I09651d9af2de9817d4d278d25937c9ce0dc87352
This separates error-reporting to the client
through the WebSocket from the actual logic
of finding or creating a DocBroker.
This should be useful in creating a DocBroker
without having the client's WebSocket.
Change-Id: I66fc8ac09264fcbdb79ddf62867b8551a72929d6
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
We should always have an encoded WOPISrc.
We add detection logic to make sure
that all URIs that contain WOPISrc have
it encoded properly. We do this by
comparing the decoded WOPISrc with
the original URI.
Change-Id: Ia0c2a79b009ce105321ad35db3d4f81006e81cb3
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
so remove one in favor of the other
Signed-off-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Change-Id: I47778f7bce24f0687565aa179b7a3bbea9d95120
To avoid the following warning in C++20:
error: implicit capture of ‘this’ via ‘[=]’ is deprecated in C++20 [-Werror=deprecated]
Signed-off-by: Aron Budea <aron.budea@collabora.com>
Change-Id: I8b195d675ddc87fa6b16f7240a046fac9a7769e1
The "logging.html" end point was intended to capture
unhandled javascript exceptions from client side,
only corner cases, when websocket is disconnected or
very early errors before websocket is created.
So add a token to restrict access.
Change-Id: I64b7d7f3b3ddd83f044fea21dc07285b4465b3be
Signed-off-by: Henry Castro <hcastro@collabora.com>
But re-write them anyway to be more sensible.
Change-Id: Ie146f4f84b539ab7e826a1c1b947497acde7e384
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
So this only affects the case where we reuse the fd from opening smaps_rollup
Bug seen in 4.15.0 and not in 6.5.10, suspected to be fixed by:
258f669e7e
included in >= v4.19
Test for this in coolwsd and set a flag if it is broken
Signed-off-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Change-Id: I0a4aca77b9d9201e4f70172340296e5eb5460229
Fixes#7885
Be more flexible and allow to run service with configured
hosts which doesn't work with lok_allow (invalid regular
expression for std::regex which is used in core).
This change instead adds error report in the logs, without
it it was crashing when any host was not compatible.
For example when using domain like:
"*.example.com" which should be ".*\.example\.com"
Signed-off-by: Szymon Kłos <szymon.klos@collabora.com>
Change-Id: Id664df95899bda866b9179a3941280626a2c0299
The quarantine path should be an absolute path.
Unfortunately, because we had relative=true in
the path config, we couldn't detect empty configs.
This is because with relative=true the getter
would create a path based on the current directory
and the config value, which would default to
"quarantine" when empty.
This would result in /opt/cool/quarantine or
/usr/bin/quarantine when in fact the path is
really empty.
Now, the config has relative=false and
there is no default. In addition, we
warn if the path is no absolute.
Change-Id: I1b3eb5e76866a12d214b47e6556942715a210e54
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
This applies the cgroup memory limit, if set,
such that if it is lower than the configured
memproportion percentage, we do not exceed it.
Otherwise, we risk running out of our cgroup
limit and by then it is too late to do anything
but die due to OOM.
This also moves the logging of the cgroup memory
stats from COOLWSD into Admin, to avoid duplicate
logging.
Also updated the description of memproportion
config entry to account for the cgroup logic.
Change-Id: I870ae61c1260eb2b3275bd2fa1a4c48ff30957a2
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
We automatically add allowed wopi hosts to lok_allow.
But we expect to have plain host names, we need to remove
protocol if it is present.
Example:
wopi - group - host: https://.*\.mydomain.com
we need to add: .*\.mydomain.com to lok_allow list.
Signed-off-by: Szymon Kłos <szymon.klos@collabora.com>
Change-Id: I80bf3b7c25c0df15e422cd8369eceaddbb588e26
Removed all uses of KIT_IN_PROCESS, used Utils::isKitInProcess()
when necessary. Also removed the now unused parameter 'limit' from
forkLibreOfficeKit.
Signed-off-by: Jaume Pujantell <jaume.pujantell@collabora.com>
Change-Id: I068d3f55ab49076590f111847c87b3188f4d25d0
Extract some functions from ForKit.cpp and COOLWSD.cpp to new files
so we can do a kit in process mode without using ifdef directives.
Signed-off-by: Jaume Pujantell <jaume.pujantell@collabora.com>
Change-Id: I7529f8f46a8026318244666b27d1ce72ed5ad4ca
disable this with VCL_NO_THREAD_SCALE for wasm
"Yacht.odt" document with lots or large images fails to
render:
Tried to spawn a new thread, but the thread pool is exhausted. This
might result in a deadlock unless some threads eventually exit or the
code explicitly breaks out to the event loop. If you want to increase
the pool size, use setting `-sPTHREAD_POOL_SIZE=...`. If you want to
throw an explicit error instead of the risk of deadlocking in those
cases, use setting `-sPTHREAD_POOL_SIZE_STRICT=2`.
Signed-off-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Change-Id: I8b2f994d2d3d23f8a0043f0c7fefa4d5e250b8bc
This is in line with MOBILEAPP and GTKAPP and
is independent of __EMSCRIPTEN__.
Replace all application-specific cases, leaving
only toolchain-specific ones (such as include
protection).
Change-Id: Ic44288aa5ace51e0a8b54566170c19120f7bf0dd
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
so the launching site can query if wasm is enabled to see if it needs to
insert the required headers, so we can then in turn make it optional on
those being set to also require matching headers.
Signed-off-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Change-Id: Icd73081809abb8098c21bc61a8357869db45ff6c
- uses new lok_allow setting to provide such list
- for backward compatibility uses also all post_allow and storage.wopi
entries
- Used for example in: PostMessage Action_InsertGraphics,
=WEBSERVICE() function, external reference in the cell
Signed-off-by: Szymon Kłos <szymon.klos@collabora.com>
Change-Id: Ib930e0119d4ea124b9cd565f6b3683310b1b3ced