Introduce new IMSG_CTL_PROCREADY which is used to signal that all pipes

are set up by child processes. The parent sends a ping to all children
and only starts once it has received an acknowledgement from all of them.
This fixes a race condition on process startup when the parent starts
running before all children are ready.

From markus@

1 files changed, 12 insertions, 5 deletions

diff --git a/sbin/iked/iked.c b/sbin/iked/iked.c
index 7e9f6addac0..00bd3f6e2d6 100644
--- a/sbin/iked/iked.c
+++ b/sbin/iked/iked.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: iked.c,v 1.69 2024/02/15 19:04:12 tobhe Exp $	*/
+/*	$OpenBSD: iked.c,v 1.70 2024/02/15 20:10:45 tobhe Exp $	*/
 
 /*
  * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -45,6 +45,7 @@ void	 parent_sig_handler(int, short, void *);
 int	 parent_dispatch_ca(int, struct privsep_proc *, struct imsg *);
 int	 parent_dispatch_control(int, struct privsep_proc *, struct imsg *);
 int	 parent_dispatch_ikev2(int, struct privsep_proc *, struct imsg *);
+void	 parent_connected(struct privsep *);
 int	 parent_configure(struct iked *);
 
 struct iked	*iked_env;
@@ -219,12 +220,9 @@ main(int argc, char *argv[])
 	signal_add(&ps->ps_evsigpipe, NULL);
 	signal_add(&ps->ps_evsigusr1, NULL);
 
-	proc_connect(ps);
-
 	vroute_init(env);
 
-	if (parent_configure(env) == -1)
-		fatalx("configuration failed");
+	proc_connect(ps, parent_connected);
 
 	event_dispatch();
 
@@ -234,6 +232,15 @@ main(int argc, char *argv[])
 	return (0);
 }
 
+void
+parent_connected(struct privsep *ps)
+{
+	struct iked	*env = ps->ps_env;
+
+	if (parent_configure(env) == -1)
+		fatalx("configuration failed");
+}
+
 int
 parent_configure(struct iked *env)
 {