From ba59a9d18f8e537f908138fef9ad98cae596e65c Mon Sep 17 00:00:00 2001
From: Christian Schnell <cs@rekoba.de>
Date: Sat, 21 Oct 2023 16:30:09 +0200
Subject: [PATCH] Redefine usage of POSIX signals.

Use signal SIGUSR1 instead of SIGHUP to detect when to rotate the pcap dump file.
Use signal SIGHUP instead of SIGCONT to detect when the controlling terminal closed.

This signal usage provides that sngrep closes cleanly when its controlling (SSH) terminal closes.
---
 doc/sngrep.8  |  3 ++-
 src/capture.c | 16 ++++++++--------
 src/util.c    |  7 +++----
 3 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/doc/sngrep.8 b/doc/sngrep.8
index d62fd5e..d70f5f7 100644
--- a/doc/sngrep.8
+++ b/doc/sngrep.8
@@ -71,7 +71,8 @@ with bpf filters.
 .TP
 .I \-O pcap_dump
 Save all captured packets to a pcap file. This option can be used
-with bpf filters.
+with bpf filters. When receiving a SIGUSR1 signal sngrep will reopen
+the pcap file in order to facilitate pcap file rotation.
 
 .TP
 .I -B buffer
diff --git a/src/capture.c b/src/capture.c
index c988bbf..8924974 100644
--- a/src/capture.c
+++ b/src/capture.c
@@ -67,11 +67,11 @@ typedef volatile sig_atomic_t signal_flag_type;
 capture_config_t capture_cfg =
 { 0 };
 
-signal_flag_type sighup_received = 0;
+signal_flag_type sigusr1_received = 0;
 
-void sighup_handler(int signum)
+void sigusr1_handler(int signum)
 {
-    sighup_received = 1;
+    sigusr1_received = 1;
 }
 
 #if defined(WITH_ZLIB)
@@ -104,11 +104,11 @@ capture_init(size_t limit, bool rtp_capture, bool rotate, size_t pcap_buffer_siz
     capture_cfg.paused = 0;
     capture_cfg.sources = vector_create(1, 1);
 
-    // set up SIGHUP handler
+    // set up SIGUSR1 signal handler for pcap dump file rotation
     // the handler will be served by any of the running threads
     // so we just set a flag and check it in dump_packet
     // so it is only acted upon before then next packed will be dumped
-    if (signal(SIGHUP, sighup_handler) == SIG_ERR)
+    if (signal(SIGUSR1, sigusr1_handler) == SIG_ERR)
         exit(EXIT_FAILURE);
 
     // Fixme
@@ -1318,8 +1318,8 @@ capture_set_dumper(pcap_dumper_t *dumper, ino_t dump_inode)
 void
 capture_dump_packet(packet_t *packet)
 {
-    if (sighup_received && capture_cfg.pd) {
-        // we got a SIGHUP: reopen the dump file because it could have been renamed
+    if (sigusr1_received && capture_cfg.pd) {
+        // we got a SIGUSR1: reopen the dump file because it could have been renamed
         // we don't need to care about locking or other threads accessing in parallel
         // because dump_open ensures count(capture_cfg.sources) == 1
 
@@ -1333,7 +1333,7 @@ capture_dump_packet(packet_t *packet)
             capture_cfg.pd = dump_open(capture_cfg.dumpfilename, &capture_cfg.dump_inode);
         }
 
-        sighup_received = 0;
+        sigusr1_received = 0;
 
         // error reopening capture file: we can't capture anymore
         if (!capture_cfg.pd)
diff --git a/src/util.c b/src/util.c
index 9770430..d7f7c11 100644
--- a/src/util.c
+++ b/src/util.c
@@ -66,10 +66,9 @@ void setup_sigterm_handler(void)
     if (signal(SIGQUIT, sigterm_handler) == SIG_ERR)
         exit(EXIT_FAILURE);
 
-    // Handle SIGCONT signal, received when parent process has died and
-    // kernel requests us to continue running. This prevents running on
-    // dead ssh connections.
-    if (signal(SIGCONT, sigterm_handler) == SIG_ERR)
+    // Handle SIGHUP signal, received when our controlling terminal is closed.
+    // This prevents running on dead ssh connections.
+    if (signal(SIGHUP, sigterm_handler) == SIG_ERR)
         exit(EXIT_FAILURE);
 }