search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[core] consistent behavior w/ and w/o SA_SIGINFO
[lighttpd.git] / src / server.c
blobec203c41489e7c7600084dbad7711e2ba41cb429
1 #include "first.h"
2
3 #include "server.h"
4 #include "buffer.h"
5 #include "network.h"
6 #include "log.h"
7 #include "keyvalue.h"
8 #include "rand.h"
9 #include "response.h"
10 #include "request.h"
11 #include "chunk.h"
12 #include "http_auth.h"
13 #include "http_chunk.h"
14 #include "http_vhostdb.h"
15 #include "fdevent.h"
16 #include "connections.h"
17 #include "stat_cache.h"
18 #include "plugin.h"
19 #include "joblist.h"
20 #include "network_backends.h"
21
22 #ifdef HAVE_VERSIONSTAMP_H
23 # include "versionstamp.h"
24 #else
25 # define REPO_VERSION ""
26 #endif
27
28 #define PACKAGE_DESC PACKAGE_NAME "/" PACKAGE_VERSION REPO_VERSION
29
30 #include <sys/types.h>
31 #include <sys/time.h>
32 #include <sys/stat.h>
33 #include <sys/wait.h>
34
35 #include <string.h>
36 #include <errno.h>
37 #include <fcntl.h>
38 #include <unistd.h>
39 #include <stdlib.h>
40 #include <time.h>
41 #include <signal.h>
42 #include <locale.h>
43
44 #include <stdio.h>
45
46 #ifdef HAVE_GETOPT_H
47 # include <getopt.h>
48 #endif
49
50 #ifdef HAVE_VALGRIND_VALGRIND_H
51 # include <valgrind/valgrind.h>
52 #endif
53
54 #ifdef HAVE_SYS_WAIT_H
55 # include <sys/wait.h>
56 #endif
57
58 #ifdef HAVE_PWD_H
59 # include <grp.h>
60 # include <pwd.h>
61 #endif
62
63 #ifdef HAVE_SYSLOG_H
64 # include <syslog.h>
65 #endif
66
67 #ifdef HAVE_SYS_RESOURCE_H
68 # include <sys/resource.h>
69 #endif
70
71 #ifdef HAVE_SYS_PRCTL_H
72 # include <sys/prctl.h>
73 #endif
74
75 #if defined HAVE_LIBSSL && defined HAVE_OPENSSL_SSL_H
76 #define USE_SSL
77 #define TEXT_SSL " (ssl)"
78 #else
79 #define TEXT_SSL
80 #endif
81
82 #ifndef __sgi
83 /* IRIX doesn't like the alarm based time() optimization */
84 /* #define USE_ALARM */
85 #endif
86
87 static int oneshot_fd = 0;
88 static volatile int pid_fd = -1;
89 static server_socket_array graceful_sockets;
90 static volatile sig_atomic_t graceful_restart = 0;
91 static volatile sig_atomic_t graceful_shutdown = 0;
92 static volatile sig_atomic_t srv_shutdown = 0;
93 static volatile sig_atomic_t handle_sig_alarm = 1;
94 static volatile sig_atomic_t handle_sig_hup = 0;
95 static volatile sig_atomic_t forwarded_sig_hup = 0;
96
97 #if defined(HAVE_SIGACTION) && defined(SA_SIGINFO)
98 static volatile siginfo_t last_sigterm_info;
99 static volatile siginfo_t last_sighup_info;
100
101 static void sigaction_handler(int sig, siginfo_t *si, void *context) {
102 static const siginfo_t empty_siginfo;
103 UNUSED(context);
104
105 if (!si) *(const siginfo_t **)&si = &empty_siginfo;
106
107 switch (sig) {
108 case SIGTERM:
109 srv_shutdown = 1;
110 last_sigterm_info = *si;
111 break;
112 case SIGUSR1:
113 if (!graceful_shutdown) {
114 graceful_restart = 1;
115 graceful_shutdown = 1;
116 last_sigterm_info = *si;
117 }
118 break;
119 case SIGINT:
120 if (graceful_shutdown) {
121 if (2 == graceful_restart)
122 graceful_restart = 1;
123 else
124 srv_shutdown = 1;
125 } else {
126 graceful_shutdown = 1;
127 }
128 last_sigterm_info = *si;
129
130 break;
131 case SIGALRM:
132 handle_sig_alarm = 1;
133 break;
134 case SIGHUP:
135 /**
136 * we send the SIGHUP to all procs in the process-group
137 * this includes ourself
138 *
139 * make sure we only send it once and don't create a
140 * infinite loop
141 */
142 if (!forwarded_sig_hup) {
143 handle_sig_hup = 1;
144 last_sighup_info = *si;
145 } else {
146 forwarded_sig_hup = 0;
147 }
148 break;
149 case SIGCHLD:
150 break;
151 }
152 }
153 #elif defined(HAVE_SIGNAL) || defined(HAVE_SIGACTION)
154 static void signal_handler(int sig) {
155 switch (sig) {
156 case SIGTERM: srv_shutdown = 1; break;
157 case SIGUSR1:
158 if (!graceful_shutdown) {
159 graceful_restart = 1;
160 graceful_shutdown = 1;
161 }
162 break;
163 case SIGINT:
164 if (graceful_shutdown) {
165 if (2 == graceful_restart)
166 graceful_restart = 1;
167 else
168 srv_shutdown = 1;
169 } else {
170 graceful_shutdown = 1;
171 }
172 break;
173 case SIGALRM: handle_sig_alarm = 1; break;
174 case SIGHUP:
175 /**
176 * we send the SIGHUP to all procs in the process-group
177 * this includes ourself
178 *
179 * make sure we only send it once and don't create a
180 * infinite loop
181 */
182 if (!forwarded_sig_hup) {
183 handle_sig_hup = 1;
184 } else {
185 forwarded_sig_hup = 0;
186 }
187 break;
188 case SIGCHLD: break;
189 }
190 }
191 #endif
192
193 #ifdef HAVE_FORK
194 static int daemonize(void) {
195 int pipefd[2];
196 pid_t pid;
197 #ifdef SIGTTOU
198 signal(SIGTTOU, SIG_IGN);
199 #endif
200 #ifdef SIGTTIN
201 signal(SIGTTIN, SIG_IGN);
202 #endif
203 #ifdef SIGTSTP
204 signal(SIGTSTP, SIG_IGN);
205 #endif
206
207 if (pipe(pipefd) < 0) exit(-1);
208
209 if (0 > (pid = fork())) exit(-1);
210
211 if (0 < pid) {
212 char buf;
213 ssize_t bytes;
214
215 close(pipefd[1]);
216 /* parent waits for grandchild to be ready */
217 do {
218 bytes = read(pipefd[0], &buf, sizeof(buf));
219 } while (bytes < 0 && EINTR == errno);
220 close(pipefd[0]);
221
222 if (bytes <= 0) {
223 /* closed fd (without writing) == failure in grandchild */
224 fputs("daemonized server failed to start; check error log for details\n", stderr);
225 exit(-1);
226 }
227
228 exit(0);
229 }
230
231 close(pipefd[0]);
232
233 if (-1 == setsid()) exit(0);
234
235 signal(SIGHUP, SIG_IGN);
236
237 if (0 != fork()) exit(0);
238
239 if (0 != chdir("/")) exit(0);
240
241 fdevent_setfd_cloexec(pipefd[1]);
242 return pipefd[1];
243 }
244 #endif
245
246 static server *server_init(void) {
247 int i;
248 server *srv = calloc(1, sizeof(*srv));
249 force_assert(srv);
250 #define CLEAN(x) \
251 srv->x = buffer_init();
252
253 CLEAN(response_header);
254 CLEAN(parse_full_path);
255 CLEAN(ts_debug_str);
256 CLEAN(ts_date_str);
257 CLEAN(errorlog_buf);
258 CLEAN(response_range);
259 CLEAN(tmp_buf);
260 srv->empty_string = buffer_init_string("");
261 CLEAN(cond_check_buf);
262
263 CLEAN(srvconf.errorlog_file);
264 CLEAN(srvconf.breakagelog_file);
265 CLEAN(srvconf.groupname);
266 CLEAN(srvconf.username);
267 CLEAN(srvconf.changeroot);
268 CLEAN(srvconf.bindhost);
269 CLEAN(srvconf.event_handler);
270 CLEAN(srvconf.pid_file);
271 CLEAN(srvconf.syslog_facility);
272
273 CLEAN(tmp_chunk_len);
274 #undef CLEAN
275
276 #define CLEAN(x) \
277 srv->x = array_init();
278
279 CLEAN(config_context);
280 CLEAN(config_touched);
281 CLEAN(status);
282 #undef CLEAN
283
284 for (i = 0; i < FILE_CACHE_MAX; i++) {
285 srv->mtime_cache[i].mtime = (time_t)-1;
286 srv->mtime_cache[i].str = buffer_init();
287 }
288
289 li_rand_reseed();
290
291 srv->cur_ts = time(NULL);
292 srv->startup_ts = srv->cur_ts;
293
294 srv->conns = calloc(1, sizeof(*srv->conns));
295 force_assert(srv->conns);
296
297 srv->joblist = calloc(1, sizeof(*srv->joblist));
298 force_assert(srv->joblist);
299
300 srv->fdwaitqueue = calloc(1, sizeof(*srv->fdwaitqueue));
301 force_assert(srv->fdwaitqueue);
302
303 srv->srvconf.modules = array_init();
304 srv->srvconf.modules_dir = buffer_init_string(LIBRARY_DIR);
305 srv->srvconf.network_backend = buffer_init();
306 srv->srvconf.upload_tempdirs = array_init();
307 srv->srvconf.reject_expect_100_with_417 = 1;
308 srv->srvconf.xattr_name = buffer_init_string("Content-Type");
309 srv->srvconf.http_header_strict = 1;
310 srv->srvconf.http_host_strict = 1; /*(implies http_host_normalize)*/
311 srv->srvconf.http_host_normalize = 0;
312 srv->srvconf.high_precision_timestamps = 0;
313 srv->srvconf.max_request_field_size = 8192;
314 srv->srvconf.loadavg[0] = 0.0;
315 srv->srvconf.loadavg[1] = 0.0;
316 srv->srvconf.loadavg[2] = 0.0;
317
318 /* use syslog */
319 srv->errorlog_fd = STDERR_FILENO;
320 srv->errorlog_mode = ERRORLOG_FD;
321
322 srv->split_vals = array_init();
323 srv->request_env = plugins_call_handle_request_env;
324
325 return srv;
326 }
327
328 static void server_free(server *srv) {
329 size_t i;
330
331 for (i = 0; i < FILE_CACHE_MAX; i++) {
332 buffer_free(srv->mtime_cache[i].str);
333 }
334
335 if (oneshot_fd > 0) {
336 close(oneshot_fd);
337 }
338
339 #define CLEAN(x) \
340 buffer_free(srv->x);
341
342 CLEAN(response_header);
343 CLEAN(parse_full_path);
344 CLEAN(ts_debug_str);
345 CLEAN(ts_date_str);
346 CLEAN(errorlog_buf);
347 CLEAN(response_range);
348 CLEAN(tmp_buf);
349 CLEAN(empty_string);
350 CLEAN(cond_check_buf);
351
352 CLEAN(srvconf.errorlog_file);
353 CLEAN(srvconf.breakagelog_file);
354 CLEAN(srvconf.groupname);
355 CLEAN(srvconf.username);
356 CLEAN(srvconf.changeroot);
357 CLEAN(srvconf.bindhost);
358 CLEAN(srvconf.event_handler);
359 CLEAN(srvconf.pid_file);
360 CLEAN(srvconf.modules_dir);
361 CLEAN(srvconf.network_backend);
362 CLEAN(srvconf.xattr_name);
363 CLEAN(srvconf.syslog_facility);
364
365 CLEAN(tmp_chunk_len);
366 #undef CLEAN
367
368 #if 0
369 fdevent_unregister(srv->ev, srv->fd);
370 #endif
371 fdevent_free(srv->ev);
372
373 free(srv->conns);
374
375 if (srv->config_storage) {
376 for (i = 0; i < srv->config_context->used; i++) {
377 specific_config *s = srv->config_storage[i];
378
379 if (!s) continue;
380
381 buffer_free(s->document_root);
382 buffer_free(s->server_name);
383 buffer_free(s->server_tag);
384 buffer_free(s->error_handler);
385 buffer_free(s->error_handler_404);
386 buffer_free(s->errorfile_prefix);
387 buffer_free(s->socket_perms);
388 array_free(s->mimetypes);
389 free(s);
390 }
391 free(srv->config_storage);
392 srv->config_storage = NULL;
393 }
394
395 #define CLEAN(x) \
396 array_free(srv->x);
397
398 CLEAN(config_context);
399 CLEAN(config_touched);
400 CLEAN(status);
401 CLEAN(srvconf.upload_tempdirs);
402 #undef CLEAN
403
404 joblist_free(srv, srv->joblist);
405 fdwaitqueue_free(srv, srv->fdwaitqueue);
406
407 if (srv->stat_cache) {
408 stat_cache_free(srv->stat_cache);
409 }
410
411 array_free(srv->srvconf.modules);
412 array_free(srv->split_vals);
413
414 li_rand_cleanup();
415
416 free(srv);
417 }
418
419 static void remove_pid_file(server *srv) {
420 if (pid_fd < -2) return;
421 if (!buffer_string_is_empty(srv->srvconf.pid_file) && 0 <= pid_fd) {
422 if (0 != ftruncate(pid_fd, 0)) {
423 log_error_write(srv, __FILE__, __LINE__, "sbds",
424 "ftruncate failed for:",
425 srv->srvconf.pid_file,
426 errno,
427 strerror(errno));
428 }
429 }
430 if (0 <= pid_fd) {
431 close(pid_fd);
432 pid_fd = -1;
433 }
434 if (!buffer_string_is_empty(srv->srvconf.pid_file) &&
435 buffer_string_is_empty(srv->srvconf.changeroot)) {
436 if (0 != unlink(srv->srvconf.pid_file->ptr)) {
437 if (errno != EACCES && errno != EPERM) {
438 log_error_write(srv, __FILE__, __LINE__, "sbds",
439 "unlink failed for:",
440 srv->srvconf.pid_file,
441 errno,
442 strerror(errno));
443 }
444 }
445 }
446 }
447
448
449 static server_socket * server_oneshot_getsock(server *srv, sock_addr *cnt_addr) {
450 server_socket *srv_socket, *srv_socket_wild = NULL;
451 size_t i;
452 for (i = 0; i < srv->srv_sockets.used; ++i) {
453 srv_socket = srv->srv_sockets.ptr[i];
454 if (cnt_addr->plain.sa_family != srv_socket->addr.plain.sa_family) continue;
455 switch (cnt_addr->plain.sa_family) {
456 case AF_INET:
457 if (srv_socket->addr.ipv4.sin_port != cnt_addr->ipv4.sin_port) continue;
458 if (srv_socket->addr.ipv4.sin_addr.s_addr == cnt_addr->ipv4.sin_addr.s_addr) {
459 return srv_socket;
460 }
461 if (srv_socket->addr.ipv4.sin_addr.s_addr == htonl(INADDR_ANY)) {
462 srv_socket_wild = srv_socket;
463 }
464 continue;
465 #ifdef HAVE_IPV6
466 case AF_INET6:
467 if (srv_socket->addr.ipv6.sin6_port != cnt_addr->ipv6.sin6_port) continue;
468 if (0 == memcmp(&srv_socket->addr.ipv6.sin6_addr, &cnt_addr->ipv6.sin6_addr, sizeof(struct in6_addr))) {
469 return srv_socket;
470 }
471 if (0 == memcmp(&srv_socket->addr.ipv6.sin6_addr, &in6addr_any, sizeof(struct in6_addr))) {
472 srv_socket_wild = srv_socket;
473 }
474 continue;
475 #endif
476 #ifdef HAVE_SYS_UN_H
477 case AF_UNIX:
478 if (0 == strcmp(srv_socket->addr.un.sun_path, cnt_addr->un.sun_path)) {
479 return srv_socket;
480 }
481 continue;
482 #endif
483 default: continue;
484 }
485 }
486
487 if (NULL != srv_socket_wild) {
488 return srv_socket_wild;
489 } else if (srv->srv_sockets.used) {
490 return srv->srv_sockets.ptr[0];
491 } else {
492 log_error_write(srv, __FILE__, __LINE__, "s", "no sockets configured");
493 return NULL;
494 }
495 }
496
497
498 static int server_oneshot_init(server *srv, int fd) {
499 /* Note: does not work with netcat due to requirement that fd be socket.
500 * STDOUT_FILENO was not saved earlier in startup, and that is to where
501 * netcat expects output to be sent. Since lighttpd expects connections
502 * to be sockets, con->fd is where output is sent; separate fds are not
503 * stored for input and output, but netcat has different fds for stdin
504 * and * stdout. To support netcat, would additionally need to avoid
505 * S_ISSOCK(), getsockname(), and getpeername() below, reconstructing
506 * addresses from environment variables:
507 * NCAT_LOCAL_ADDR NCAT_LOCAL_PORT
508 * NCAT_REMOTE_ADDR NCAT_REMOTE_PORT
509 * NCAT_PROTO
510 */
511 connection *con;
512 server_socket *srv_socket;
513 sock_addr cnt_addr;
514 socklen_t cnt_len;
515 struct stat st;
516
517 if (0 != fstat(fd, &st)) {
518 log_error_write(srv, __FILE__, __LINE__, "ss", "fstat:", strerror(errno));
519 return 0;
520 }
521
522 if (!S_ISSOCK(st.st_mode)) {
523 /* require that fd is a socket
524 * (modules might expect STDIN_FILENO and STDOUT_FILENO opened to /dev/null) */
525 log_error_write(srv, __FILE__, __LINE__, "s", "lighttpd -1 stdin is not a socket");
526 return 0;
527 }
528
529 cnt_len = sizeof(cnt_addr);
530 if (0 != getsockname(fd, (struct sockaddr *)&cnt_addr, &cnt_len)) {
531 log_error_write(srv, __FILE__, __LINE__, "ss", "getsockname:", strerror(errno));
532 return 0;
533 }
534
535 srv_socket = server_oneshot_getsock(srv, &cnt_addr);
536 if (NULL == srv_socket) return 0;
537
538 cnt_len = sizeof(cnt_addr);
539 if (0 != getpeername(fd, (struct sockaddr *)&cnt_addr, &cnt_len)) {
540 log_error_write(srv, __FILE__, __LINE__, "ss", "getpeername:", strerror(errno));
541 return 0;
542 }
543
544 if (cnt_addr.plain.sa_family != AF_UNIX) {
545 network_accept_tcp_nagle_disable(fd);
546 }
547
548 con = connection_accepted(srv, srv_socket, &cnt_addr, fd);
549 if (NULL == con) return 0;
550
551 connection_state_machine(srv, con);
552 return 1;
553 }
554
555
556 static void show_version (void) {
557 char *b = PACKAGE_DESC TEXT_SSL \
558 " - a light and fast webserver\n" \
559 "Build-Date: " __DATE__ " " __TIME__ "\n";
560 ;
561 write_all(STDOUT_FILENO, b, strlen(b));
562 }
563
564 static void show_features (void) {
565 const char features[] = ""
566 #ifdef USE_SELECT
567 "\t+ select (generic)\n"
568 #else
569 "\t- select (generic)\n"
570 #endif
571 #ifdef USE_POLL
572 "\t+ poll (Unix)\n"
573 #else
574 "\t- poll (Unix)\n"
575 #endif
576 #ifdef USE_LINUX_EPOLL
577 "\t+ epoll (Linux 2.6)\n"
578 #else
579 "\t- epoll (Linux 2.6)\n"
580 #endif
581 #ifdef USE_SOLARIS_DEVPOLL
582 "\t+ /dev/poll (Solaris)\n"
583 #else
584 "\t- /dev/poll (Solaris)\n"
585 #endif
586 #ifdef USE_SOLARIS_PORT
587 "\t+ eventports (Solaris)\n"
588 #else
589 "\t- eventports (Solaris)\n"
590 #endif
591 #ifdef USE_FREEBSD_KQUEUE
592 "\t+ kqueue (FreeBSD)\n"
593 #else
594 "\t- kqueue (FreeBSD)\n"
595 #endif
596 #ifdef USE_LIBEV
597 "\t+ libev (generic)\n"
598 #else
599 "\t- libev (generic)\n"
600 #endif
601 "\nNetwork handler:\n\n"
602 #if defined USE_LINUX_SENDFILE
603 "\t+ linux-sendfile\n"
604 #else
605 "\t- linux-sendfile\n"
606 #endif
607 #if defined USE_FREEBSD_SENDFILE
608 "\t+ freebsd-sendfile\n"
609 #else
610 "\t- freebsd-sendfile\n"
611 #endif
612 #if defined USE_DARWIN_SENDFILE
613 "\t+ darwin-sendfile\n"
614 #else
615 "\t- darwin-sendfile\n"
616 #endif
617 #if defined USE_SOLARIS_SENDFILEV
618 "\t+ solaris-sendfilev\n"
619 #else
620 "\t- solaris-sendfilev\n"
621 #endif
622 #if defined USE_WRITEV
623 "\t+ writev\n"
624 #else
625 "\t- writev\n"
626 #endif
627 "\t+ write\n"
628 #ifdef USE_MMAP
629 "\t+ mmap support\n"
630 #else
631 "\t- mmap support\n"
632 #endif
633 "\nFeatures:\n\n"
634 #ifdef HAVE_IPV6
635 "\t+ IPv6 support\n"
636 #else
637 "\t- IPv6 support\n"
638 #endif
639 #if defined HAVE_ZLIB_H && defined HAVE_LIBZ
640 "\t+ zlib support\n"
641 #else
642 "\t- zlib support\n"
643 #endif
644 #if defined HAVE_BZLIB_H && defined HAVE_LIBBZ2
645 "\t+ bzip2 support\n"
646 #else
647 "\t- bzip2 support\n"
648 #endif
649 #if defined(HAVE_CRYPT) || defined(HAVE_CRYPT_R) || defined(HAVE_LIBCRYPT)
650 "\t+ crypt support\n"
651 #else
652 "\t- crypt support\n"
653 #endif
654 #ifdef USE_SSL
655 "\t+ SSL support\n"
656 #else
657 "\t- SSL support\n"
658 #endif
659 #ifdef HAVE_LIBPCRE
660 "\t+ PCRE support\n"
661 #else
662 "\t- PCRE support\n"
663 #endif
664 #ifdef HAVE_MYSQL
665 "\t+ MySQL support\n"
666 #else
667 "\t- MySQL support\n"
668 #endif
669 #ifdef HAVE_PGSQL
670 "\t+ PgSQL support\n"
671 #else
672 "\t- PgSQL support\n"
673 #endif
674 #ifdef HAVE_DBI
675 "\t+ DBI support\n"
676 #else
677 "\t- DBI support\n"
678 #endif
679 #ifdef HAVE_KRB5
680 "\t+ Kerberos support\n"
681 #else
682 "\t- Kerberos support\n"
683 #endif
684 #if defined(HAVE_LDAP_H) && defined(HAVE_LBER_H) && defined(HAVE_LIBLDAP) && defined(HAVE_LIBLBER)
685 "\t+ LDAP support\n"
686 #else
687 "\t- LDAP support\n"
688 #endif
689 #ifdef USE_MEMCACHED
690 "\t+ memcached support\n"
691 #else
692 "\t- memcached support\n"
693 #endif
694 #ifdef HAVE_FAM_H
695 "\t+ FAM support\n"
696 #else
697 "\t- FAM support\n"
698 #endif
699 #ifdef HAVE_LUA_H
700 "\t+ LUA support\n"
701 #else
702 "\t- LUA support\n"
703 #endif
704 #ifdef HAVE_LIBXML_H
705 "\t+ xml support\n"
706 #else
707 "\t- xml support\n"
708 #endif
709 #ifdef HAVE_SQLITE3_H
710 "\t+ SQLite support\n"
711 #else
712 "\t- SQLite support\n"
713 #endif
714 #ifdef HAVE_GDBM_H
715 "\t+ GDBM support\n"
716 #else
717 "\t- GDBM support\n"
718 #endif
719 "\n";
720 show_version();
721 printf("\nEvent Handlers:\n\n%s", features);
722 }
723
724 static void show_help (void) {
725 char *b = PACKAGE_DESC TEXT_SSL " ("__DATE__ " " __TIME__ ")" \
726 " - a light and fast webserver\n" \
727 "usage:\n" \
728 " -f <name> filename of the config-file\n" \
729 " -m <name> module directory (default: "LIBRARY_DIR")\n" \
730 " -i <secs> graceful shutdown after <secs> of inactivity\n" \
731 " -1 process single (one) request on stdin socket, then exit\n" \
732 " -p print the parsed config-file in internal form, and exit\n" \
733 " -t test config-file syntax, then exit\n" \
734 " -tt test config-file syntax, load and init modules, then exit\n" \
735 " -D don't go to background (default: go to background)\n" \
736 " -v show version\n" \
737 " -V show compile-time features\n" \
738 " -h show this help\n" \
739 "\n"
740 ;
741 write_all(STDOUT_FILENO, b, strlen(b));
742 }
743
744 /**
745 * open the errorlog
746 *
747 * we have 4 possibilities:
748 * - stderr (default)
749 * - syslog
750 * - logfile
751 * - pipe
752 *
753 */
754
755 static int log_error_open(server *srv) {
756 int errfd;
757 #ifdef HAVE_SYSLOG_H
758 /* perhaps someone wants to use syslog() */
759 int facility = -1;
760 if (!buffer_string_is_empty(srv->srvconf.syslog_facility)) {
761 static const struct facility_name_st {
762 const char *name;
763 int val;
764 } facility_names[] = {
765 { "auth", LOG_AUTH }
766 #ifdef LOG_AUTHPRIV
767 ,{ "authpriv", LOG_AUTHPRIV }
768 #endif
769 #ifdef LOG_CRON
770 ,{ "cron", LOG_CRON }
771 #endif
772 ,{ "daemon", LOG_DAEMON }
773 #ifdef LOG_FTP
774 ,{ "ftp", LOG_FTP }
775 #endif
776 #ifdef LOG_KERN
777 ,{ "kern", LOG_KERN }
778 #endif
779 #ifdef LOG_LPR
780 ,{ "lpr", LOG_LPR }
781 #endif
782 #ifdef LOG_MAIL
783 ,{ "mail", LOG_MAIL }
784 #endif
785 #ifdef LOG_NEWS
786 ,{ "news", LOG_NEWS }
787 #endif
788 ,{ "security", LOG_AUTH } /* DEPRECATED */
789 #ifdef LOG_SYSLOG
790 ,{ "syslog", LOG_SYSLOG }
791 #endif
792 #ifdef LOG_USER
793 ,{ "user", LOG_USER }
794 #endif
795 #ifdef LOG_UUCP
796 ,{ "uucp", LOG_UUCP }
797 #endif
798 ,{ "local0", LOG_LOCAL0 }
799 ,{ "local1", LOG_LOCAL1 }
800 ,{ "local2", LOG_LOCAL2 }
801 ,{ "local3", LOG_LOCAL3 }
802 ,{ "local4", LOG_LOCAL4 }
803 ,{ "local5", LOG_LOCAL5 }
804 ,{ "local6", LOG_LOCAL6 }
805 ,{ "local7", LOG_LOCAL7 }
806 };
807 unsigned int i;
808 for (i = 0; i < sizeof(facility_names)/sizeof(facility_names[0]); ++i) {
809 const struct facility_name_st *f = facility_names+i;
810 if (0 == strcmp(srv->srvconf.syslog_facility->ptr, f->name)) {
811 facility = f->val;
812 break;
813 }
814 }
815 if (-1 == facility) {
816 log_error_write(srv, __FILE__, __LINE__, "SBS",
817 "unrecognized server.syslog-facility: \"",
818 srv->srvconf.syslog_facility,
819 "\"; defaulting to \"daemon\" facility");
820 }
821 }
822 openlog("lighttpd", LOG_CONS|LOG_PID, -1==facility ? LOG_DAEMON : facility);
823 #endif
824
825 srv->errorlog_mode = ERRORLOG_FD;
826 srv->errorlog_fd = STDERR_FILENO;
827
828 if (srv->srvconf.errorlog_use_syslog) {
829 srv->errorlog_mode = ERRORLOG_SYSLOG;
830 }
831 else if (!buffer_string_is_empty(srv->srvconf.errorlog_file)) {
832 const char *logfile = srv->srvconf.errorlog_file->ptr;
833
834 if (-1 == (srv->errorlog_fd = fdevent_open_logger(logfile))) {
835 log_error_write(srv, __FILE__, __LINE__, "SSSS",
836 "opening errorlog '", logfile,
837 "' failed: ", strerror(errno));
838 return -1;
839 }
840 srv->errorlog_mode = logfile[0] == '|' ? ERRORLOG_PIPE : ERRORLOG_FILE;
841 }
842
843 if (srv->errorlog_mode == ERRORLOG_FD && !srv->srvconf.dont_daemonize) {
844 /* We can only log to stderr in dont-daemonize mode;
845 * if we do daemonize and no errorlog file is specified,
846 * we log into /dev/null
847 */
848 srv->errorlog_fd = -1;
849 }
850
851 if (!buffer_string_is_empty(srv->srvconf.breakagelog_file)) {
852 const char *logfile = srv->srvconf.breakagelog_file->ptr;
853
854 if (srv->errorlog_mode == ERRORLOG_FD) {
855 srv->errorlog_fd = dup(STDERR_FILENO);
856 fdevent_setfd_cloexec(srv->errorlog_fd);
857 }
858
859 if (-1 == (errfd = fdevent_open_logger(logfile))) {
860 log_error_write(srv, __FILE__, __LINE__, "SSSS",
861 "opening errorlog '", logfile,
862 "' failed: ", strerror(errno));
863 return -1;
864 }
865
866 if (*logfile == '|') fdevent_breakagelog_logger_pipe(errfd);
867 }
868 else if (!srv->srvconf.dont_daemonize) {
869 /* move STDERR_FILENO to /dev/null */
870 if (-1 == (errfd = fdevent_open_devnull())) {
871 log_error_write(srv, __FILE__, __LINE__, "ss",
872 "opening /dev/null failed:", strerror(errno));
873 return -1;
874 }
875 }
876 else {
877 /*(leave STDERR_FILENO as-is)*/
878 errfd = -1;
879 }
880
881 if (0 != fdevent_set_stdin_stdout_stderr(-1, -1, errfd)) {
882 log_error_write(srv, __FILE__, __LINE__, "ss",
883 "setting stderr failed:", strerror(errno));
884 #ifdef FD_CLOEXEC
885 if (-1 != errfd) close(errfd);
886 #endif
887 return -1;
888 }
889 #ifdef FD_CLOEXEC
890 if (-1 != errfd) close(errfd);
891 #endif
892
893 return 0;
894 }
895
896 /**
897 * cycle the errorlog
898 *
899 */
900
901 static int log_error_cycle(server *srv) {
902 /* cycle only if the error log is a file */
903
904 if (srv->errorlog_mode == ERRORLOG_FILE) {
905 const char *logfile = srv->srvconf.errorlog_file->ptr;
906 if (-1 == fdevent_cycle_logger(logfile, &srv->errorlog_fd)) {
907 /* write to old log */
908 log_error_write(srv, __FILE__, __LINE__, "SSSS",
909 "cycling errorlog '", logfile,
910 "' failed: ", strerror(errno));
911 }
912 }
913
914 return 0;
915 }
916
917 static int log_error_close(server *srv) {
918 switch(srv->errorlog_mode) {
919 case ERRORLOG_PIPE:
920 case ERRORLOG_FILE:
921 case ERRORLOG_FD:
922 if (-1 != srv->errorlog_fd) {
923 /* don't close STDERR */
924 /* fdevent_close_logger_pipes() closes ERRORLOG_PIPE */
925 if (STDERR_FILENO != srv->errorlog_fd
926 && srv->errorlog_mode != ERRORLOG_PIPE) {
927 close(srv->errorlog_fd);
928 }
929 srv->errorlog_fd = -1;
930 }
931 break;
932 case ERRORLOG_SYSLOG:
933 #ifdef HAVE_SYSLOG_H
934 closelog();
935 #endif
936 break;
937 }
938
939 return 0;
940 }
941
942 static void server_sockets_save (server *srv) { /* graceful_restart */
943 memcpy(&graceful_sockets, &srv->srv_sockets, sizeof(server_socket_array));
944 memset(&srv->srv_sockets, 0, sizeof(server_socket_array));
945 }
946
947 static void server_sockets_restore (server *srv) { /* graceful_restart */
948 memcpy(&srv->srv_sockets, &graceful_sockets, sizeof(server_socket_array));
949 memset(&graceful_sockets, 0, sizeof(server_socket_array));
950 }
951
952 static int server_sockets_set_nb_cloexec (server *srv) {
953 if (srv->sockets_disabled) return 0; /* lighttpd -1 (one-shot mode) */
954 for (size_t i = 0; i < srv->srv_sockets.used; ++i) {
955 server_socket *srv_socket = srv->srv_sockets.ptr[i];
956 if (-1 == fdevent_fcntl_set_nb_cloexec_sock(srv->ev, srv_socket->fd)) {
957 log_error_write(srv, __FILE__, __LINE__, "ss",
958 "fcntl failed:", strerror(errno));
959 return -1;
960 }
961 }
962 return 0;
963 }
964
965 static void server_sockets_set_event (server *srv, int event) {
966 for (size_t i = 0; i < srv->srv_sockets.used; ++i) {
967 server_socket *srv_socket = srv->srv_sockets.ptr[i];
968 fdevent_event_set(srv->ev,&(srv_socket->fde_ndx),srv_socket->fd,event);
969 }
970 }
971
972 static void server_sockets_unregister (server *srv) {
973 for (size_t i = 0; i < srv->srv_sockets.used; ++i)
974 network_unregister_sock(srv, srv->srv_sockets.ptr[i]);
975 }
976
977 static void server_sockets_close (server *srv) {
978 /* closing socket right away will make it possible for the next lighttpd
979 * to take over (old-style graceful restart), but only if backends
980 * (e.g. fastcgi, scgi, etc) are independent from lighttpd, rather
981 * than started by lighttpd via "bin-path")
982 */
983 for (size_t i = 0; i < srv->srv_sockets.used; ++i) {
984 server_socket *srv_socket = srv->srv_sockets.ptr[i];
985 if (-1 == srv_socket->fd) continue;
986 network_unregister_sock(srv, srv_socket);
987 close(srv_socket->fd);
988 srv_socket->fd = -1;
989 /* network_close() will cleanup after us */
990 }
991 }
992
993 static void server_graceful_shutdown_maint (server *srv) {
994 connections *conns = srv->conns;
995 for (size_t ndx = 0; ndx < conns->used; ++ndx) {
996 connection * const con = conns->ptr[ndx];
997 int changed = 0;
998
999 if (con->state == CON_STATE_CLOSE) {
1000 /* reduce remaining linger timeout to be
1001 * (from zero) *up to* one more second, but no more */
1002 if (HTTP_LINGER_TIMEOUT > 1)
1003 con->close_timeout_ts -= (HTTP_LINGER_TIMEOUT - 1);
1004 if (srv->cur_ts - con->close_timeout_ts > HTTP_LINGER_TIMEOUT)
1005 changed = 1;
1006 }
1007 else if (con->state == CON_STATE_READ && con->request_count > 1
1008 && chunkqueue_is_empty(con->read_queue)) {
1009 /* close connections in keep-alive waiting for next request */
1010 connection_set_state(srv, con, CON_STATE_ERROR);
1011 changed = 1;
1012 }
1013
1014 con->keep_alive = 0; /* disable keep-alive */
1015
1016 con->conf.kbytes_per_second = 0; /* disable rate limit */
1017 con->conf.global_kbytes_per_second = 0; /* disable rate limit */
1018 if (con->traffic_limit_reached) {
1019 con->traffic_limit_reached = 0;
1020 changed = 1;
1021 }
1022
1023 if (changed) {
1024 connection_state_machine(srv, con);
1025 }
1026 }
1027 }
1028
1029 static void server_graceful_state (server *srv) {
1030
1031 if (!srv_shutdown) server_graceful_shutdown_maint(srv);
1032
1033 if (!oneshot_fd) {
1034 if (0==srv->srv_sockets.used || -1 == srv->srv_sockets.ptr[0]->fde_ndx)
1035 return;
1036 }
1037
1038 log_error_write(srv, __FILE__, __LINE__, "s",
1039 "[note] graceful shutdown started");
1040
1041 /* no graceful restart if chroot()ed, if oneshot mode, or if idle timeout */
1042 if (!buffer_string_is_empty(srv->srvconf.changeroot)
1043 || oneshot_fd || 2 == graceful_shutdown)
1044 graceful_restart = 0;
1045
1046 if (graceful_restart) {
1047 server_sockets_unregister(srv);
1048 if (pid_fd > 0) pid_fd = -pid_fd; /*(flag to skip removing pid file)*/
1049 }
1050 else {
1051 server_sockets_close(srv);
1052 remove_pid_file(srv);
1053 buffer_reset(srv->srvconf.pid_file); /*(prevent more removal attempts)*/
1054 }
1055 }
1056
1057 static int server_main (server * const srv, int argc, char **argv) {
1058 int print_config = 0;
1059 int test_config = 0;
1060 int i_am_root = 0;
1061 int o;
1062 #ifdef HAVE_FORK
1063 int num_childs = 0;
1064 #endif
1065 size_t i;
1066 time_t idle_limit = 0, last_active_ts = time(NULL);
1067 #ifdef HAVE_SIGACTION
1068 struct sigaction act;
1069 #endif
1070
1071 #ifdef HAVE_FORK
1072 int parent_pipe_fd = -1;
1073 #endif
1074
1075 #ifdef HAVE_GETUID
1076 i_am_root = (0 == getuid());
1077 #endif
1078
1079 /* initialize globals (including file-scoped static globals) */
1080 oneshot_fd = 0;
1081 srv_shutdown = 0;
1082 graceful_shutdown = 0;
1083 handle_sig_alarm = 1;
1084 handle_sig_hup = 0;
1085 forwarded_sig_hup = 0;
1086 chunkqueue_set_tempdirs_default_reset();
1087 http_auth_dumbdata_reset();
1088 http_vhostdb_dumbdata_reset();
1089 /*graceful_restart = 0;*//*(reset below to avoid further daemonizing)*/
1090 /*(intentionally preserved)*/
1091 /*memset(graceful_sockets, 0, sizeof(graceful_sockets));*/
1092 /*pid_fd = -1;*/
1093
1094 srv->srvconf.port = 0;
1095 srv->srvconf.dont_daemonize = 0;
1096 srv->srvconf.preflight_check = 0;
1097
1098 while(-1 != (o = getopt(argc, argv, "f:m:i:hvVD1pt"))) {
1099 switch(o) {
1100 case 'f':
1101 if (srv->config_storage) {
1102 log_error_write(srv, __FILE__, __LINE__, "s",
1103 "Can only read one config file. Use the include command to use multiple config files.");
1104 return -1;
1105 }
1106 if (config_read(srv, optarg)) {
1107 return -1;
1108 }
1109 break;
1110 case 'm':
1111 buffer_copy_string(srv->srvconf.modules_dir, optarg);
1112 break;
1113 case 'i': {
1114 char *endptr;
1115 long timeout = strtol(optarg, &endptr, 0);
1116 if (!*optarg || *endptr || timeout < 0) {
1117 log_error_write(srv, __FILE__, __LINE__, "ss",
1118 "Invalid idle timeout value:", optarg);
1119 return -1;
1120 }
1121 idle_limit = (time_t)timeout;
1122 break;
1123 }
1124 case 'p': print_config = 1; break;
1125 case 't': ++test_config; break;
1126 case '1': if (0 == oneshot_fd) oneshot_fd = dup(STDIN_FILENO);
1127 break;
1128 case 'D': srv->srvconf.dont_daemonize = 1; break;
1129 case 'v': show_version(); return 0;
1130 case 'V': show_features(); return 0;
1131 case 'h': show_help(); return 0;
1132 default:
1133 show_help();
1134 return -1;
1135 }
1136 }
1137
1138 if (!srv->config_storage) {
1139 log_error_write(srv, __FILE__, __LINE__, "s",
1140 "No configuration available. Try using -f option.");
1141 return -1;
1142 }
1143
1144 if (print_config) {
1145 data_unset *dc = srv->config_context->data[0];
1146 if (dc) {
1147 dc->print(dc, 0);
1148 fprintf(stdout, "\n");
1149 } else {
1150 /* shouldn't happend */
1151 fprintf(stderr, "global config not found\n");
1152 }
1153 }
1154
1155 if (test_config) {
1156 if (1 == test_config) {
1157 printf("Syntax OK\n");
1158 } else { /*(test_config > 1)*/
1159 test_config = 0;
1160 srv->srvconf.preflight_check = 1;
1161 srv->srvconf.dont_daemonize = 1;
1162 buffer_reset(srv->srvconf.pid_file);
1163 }
1164 }
1165
1166 if (test_config || print_config) {
1167 return 0;
1168 }
1169
1170 if (oneshot_fd) {
1171 if (oneshot_fd <= STDERR_FILENO) {
1172 log_error_write(srv, __FILE__, __LINE__, "s",
1173 "Invalid fds at startup with lighttpd -1");
1174 return -1;
1175 }
1176 graceful_shutdown = 1;
1177 srv->sockets_disabled = 1;
1178 srv->srvconf.dont_daemonize = 1;
1179 buffer_reset(srv->srvconf.pid_file);
1180 if (srv->srvconf.max_worker) {
1181 srv->srvconf.max_worker = 0;
1182 log_error_write(srv, __FILE__, __LINE__, "s",
1183 "server one-shot command line option disables server.max-worker config file option.");
1184 }
1185 }
1186
1187 /* close stdin and stdout, as they are not needed */
1188 {
1189 struct stat st;
1190 int devnull;
1191 int errfd;
1192 do {
1193 devnull = fdevent_open_devnull();
1194 } while (-1 != devnull && devnull <= STDERR_FILENO);
1195 if (-1 == devnull) {
1196 log_error_write(srv, __FILE__, __LINE__, "ss",
1197 "opening /dev/null failed:", strerror(errno));
1198 return -1;
1199 }
1200 errfd = (0 == fstat(STDERR_FILENO, &st)) ? -1 : devnull;
1201 if (0 != fdevent_set_stdin_stdout_stderr(devnull, devnull, errfd)) {
1202 log_error_write(srv, __FILE__, __LINE__, "ss",
1203 "setting default fds failed:", strerror(errno));
1204 #ifdef FD_CLOEXEC
1205 if (-1 != errfd) close(errfd);
1206 if (devnull != errfd) close(devnull);
1207 #endif
1208 return -1;
1209 }
1210 #ifdef FD_CLOEXEC
1211 if (-1 != errfd) close(errfd);
1212 if (devnull != errfd) close(devnull);
1213 #endif
1214 }
1215
1216 if (0 != config_set_defaults(srv)) {
1217 log_error_write(srv, __FILE__, __LINE__, "s",
1218 "setting default values failed");
1219 return -1;
1220 }
1221
1222 /* check document-root */
1223 if (buffer_string_is_empty(srv->config_storage[0]->document_root)) {
1224 log_error_write(srv, __FILE__, __LINE__, "s",
1225 "document-root is not set\n");
1226 return -1;
1227 }
1228
1229 if (plugins_load(srv)) {
1230 log_error_write(srv, __FILE__, __LINE__, "s",
1231 "loading plugins finally failed");
1232 return -1;
1233 }
1234
1235 if (HANDLER_GO_ON != plugins_call_init(srv)) {
1236 log_error_write(srv, __FILE__, __LINE__, "s", "Initialization of plugins failed. Going down.");
1237 return -1;
1238 }
1239
1240 /* open pid file BEFORE chroot */
1241 if (-1 == pid_fd && !buffer_string_is_empty(srv->srvconf.pid_file)) {
1242 if (-1 == (pid_fd = fdevent_open_cloexec(srv->srvconf.pid_file->ptr, O_WRONLY | O_CREAT | O_EXCL | O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH))) {
1243 struct stat st;
1244 if (errno != EEXIST) {
1245 log_error_write(srv, __FILE__, __LINE__, "sbs",
1246 "opening pid-file failed:", srv->srvconf.pid_file, strerror(errno));
1247 return -1;
1248 }
1249
1250 if (0 != stat(srv->srvconf.pid_file->ptr, &st)) {
1251 log_error_write(srv, __FILE__, __LINE__, "sbs",
1252 "stating existing pid-file failed:", srv->srvconf.pid_file, strerror(errno));
1253 }
1254
1255 if (!S_ISREG(st.st_mode)) {
1256 log_error_write(srv, __FILE__, __LINE__, "sb",
1257 "pid-file exists and isn't regular file:", srv->srvconf.pid_file);
1258 return -1;
1259 }
1260
1261 if (-1 == (pid_fd = fdevent_open_cloexec(srv->srvconf.pid_file->ptr, O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH))) {
1262 log_error_write(srv, __FILE__, __LINE__, "sbs",
1263 "opening pid-file failed:", srv->srvconf.pid_file, strerror(errno));
1264 return -1;
1265 }
1266 }
1267 }
1268
1269 if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
1270 /* select limits itself
1271 *
1272 * as it is a hard limit and will lead to a segfault we add some safety
1273 * */
1274 srv->max_fds = FD_SETSIZE - 200;
1275 } else {
1276 srv->max_fds = 4096;
1277 }
1278
1279 {
1280 #ifdef HAVE_GETRLIMIT
1281 struct rlimit rlim;
1282 int use_rlimit = 1;
1283 #ifdef HAVE_VALGRIND_VALGRIND_H
1284 if (RUNNING_ON_VALGRIND) use_rlimit = 0;
1285 #endif
1286
1287 if (0 != getrlimit(RLIMIT_NOFILE, &rlim)) {
1288 log_error_write(srv, __FILE__, __LINE__,
1289 "ss", "couldn't get 'max filedescriptors'",
1290 strerror(errno));
1291 return -1;
1292 }
1293
1294 /**
1295 * if we are not root can can't increase the fd-limit above rlim_max, but we can reduce it
1296 */
1297 if (use_rlimit && srv->srvconf.max_fds
1298 && (i_am_root || srv->srvconf.max_fds <= rlim.rlim_max)) {
1299 /* set rlimits */
1300
1301 rlim.rlim_cur = srv->srvconf.max_fds;
1302 if (i_am_root) rlim.rlim_max = srv->srvconf.max_fds;
1303
1304 if (0 != setrlimit(RLIMIT_NOFILE, &rlim)) {
1305 log_error_write(srv, __FILE__, __LINE__,
1306 "ss", "couldn't set 'max filedescriptors'",
1307 strerror(errno));
1308 return -1;
1309 }
1310 }
1311
1312 if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
1313 srv->max_fds = rlim.rlim_cur < (rlim_t)FD_SETSIZE - 200 ? (int)rlim.rlim_cur : (int)FD_SETSIZE - 200;
1314 } else {
1315 srv->max_fds = rlim.rlim_cur;
1316 /*(default upper limit of 4k if server.max-fds not specified)*/
1317 if (i_am_root && 0 == srv->srvconf.max_fds && rlim.rlim_cur > 4096)
1318 srv->max_fds = 4096;
1319 }
1320
1321 /* set core file rlimit, if enable_cores is set */
1322 if (use_rlimit && srv->srvconf.enable_cores && getrlimit(RLIMIT_CORE, &rlim) == 0) {
1323 rlim.rlim_cur = rlim.rlim_max;
1324 setrlimit(RLIMIT_CORE, &rlim);
1325 }
1326 #endif
1327 if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
1328 /* don't raise the limit above FD_SET_SIZE */
1329 if (srv->max_fds > ((int)FD_SETSIZE) - 200) {
1330 log_error_write(srv, __FILE__, __LINE__, "sd",
1331 "can't raise max filedescriptors above", FD_SETSIZE - 200,
1332 "if event-handler is 'select'. Use 'poll' or something else or reduce server.max-fds.");
1333 return -1;
1334 }
1335 }
1336 }
1337
1338 /* we need root-perms for port < 1024 */
1339 if (0 != network_init(srv)) {
1340 return -1;
1341 }
1342
1343 if (i_am_root) {
1344 #ifdef HAVE_PWD_H
1345 /* set user and group */
1346 struct group *grp = NULL;
1347 struct passwd *pwd = NULL;
1348
1349 if (!buffer_string_is_empty(srv->srvconf.groupname)) {
1350 if (NULL == (grp = getgrnam(srv->srvconf.groupname->ptr))) {
1351 log_error_write(srv, __FILE__, __LINE__, "sb",
1352 "can't find groupname", srv->srvconf.groupname);
1353 return -1;
1354 }
1355 }
1356
1357 if (!buffer_string_is_empty(srv->srvconf.username)) {
1358 if (NULL == (pwd = getpwnam(srv->srvconf.username->ptr))) {
1359 log_error_write(srv, __FILE__, __LINE__, "sb",
1360 "can't find username", srv->srvconf.username);
1361 return -1;
1362 }
1363
1364 if (pwd->pw_uid == 0) {
1365 log_error_write(srv, __FILE__, __LINE__, "s",
1366 "I will not set uid to 0\n");
1367 return -1;
1368 }
1369
1370 if (NULL == grp && NULL == (grp = getgrgid(pwd->pw_gid))) {
1371 log_error_write(srv, __FILE__, __LINE__, "sd",
1372 "can't find group id", pwd->pw_gid);
1373 return -1;
1374 }
1375 }
1376
1377 if (NULL != grp) {
1378 if (grp->gr_gid == 0) {
1379 log_error_write(srv, __FILE__, __LINE__, "s",
1380 "I will not set gid to 0\n");
1381 return -1;
1382 }
1383 }
1384
1385 /*
1386 * Change group before chroot, when we have access
1387 * to /etc/group
1388 * */
1389 if (NULL != grp) {
1390 if (-1 == setgid(grp->gr_gid)) {
1391 log_error_write(srv, __FILE__, __LINE__, "ss", "setgid failed: ", strerror(errno));
1392 return -1;
1393 }
1394 if (-1 == setgroups(0, NULL)) {
1395 log_error_write(srv, __FILE__, __LINE__, "ss", "setgroups failed: ", strerror(errno));
1396 return -1;
1397 }
1398 if (!buffer_string_is_empty(srv->srvconf.username)) {
1399 initgroups(srv->srvconf.username->ptr, grp->gr_gid);
1400 }
1401 }
1402 #endif
1403 #ifdef HAVE_CHROOT
1404 if (!buffer_string_is_empty(srv->srvconf.changeroot)) {
1405 tzset();
1406
1407 if (-1 == chroot(srv->srvconf.changeroot->ptr)) {
1408 log_error_write(srv, __FILE__, __LINE__, "ss", "chroot failed: ", strerror(errno));
1409 return -1;
1410 }
1411 if (-1 == chdir("/")) {
1412 log_error_write(srv, __FILE__, __LINE__, "ss", "chdir failed: ", strerror(errno));
1413 return -1;
1414 }
1415 }
1416 #endif
1417 #ifdef HAVE_PWD_H
1418 /* drop root privs */
1419 if (NULL != pwd) {
1420 if (-1 == setuid(pwd->pw_uid)) {
1421 log_error_write(srv, __FILE__, __LINE__, "ss", "setuid failed: ", strerror(errno));
1422 return -1;
1423 }
1424 }
1425 #endif
1426 #if defined(HAVE_SYS_PRCTL_H) && defined(PR_SET_DUMPABLE)
1427 /**
1428 * on IRIX 6.5.30 they have prctl() but no DUMPABLE
1429 */
1430 if (srv->srvconf.enable_cores) {
1431 prctl(PR_SET_DUMPABLE, 1, 0, 0, 0);
1432 }
1433 #endif
1434 }
1435
1436 /* set max-conns */
1437 if (srv->srvconf.max_conns > srv->max_fds/2) {
1438 /* we can't have more connections than max-fds/2 */
1439 log_error_write(srv, __FILE__, __LINE__, "sdd", "can't have more connections than fds/2: ", srv->srvconf.max_conns, srv->max_fds);
1440 srv->max_conns = srv->max_fds/2;
1441 } else if (srv->srvconf.max_conns) {
1442 /* otherwise respect the wishes of the user */
1443 srv->max_conns = srv->srvconf.max_conns;
1444 } else {
1445 /* or use the default: we really don't want to hit max-fds */
1446 srv->max_conns = srv->max_fds/3;
1447 }
1448
1449 #ifdef HAVE_FORK
1450 /* network is up, let's daemonize ourself */
1451 if (0 == srv->srvconf.dont_daemonize && 0 == graceful_restart) {
1452 parent_pipe_fd = daemonize();
1453 }
1454 #endif
1455 graceful_restart = 0;/*(reset here after avoiding further daemonizing)*/
1456 graceful_shutdown= 0;
1457
1458
1459 #ifdef HAVE_SIGACTION
1460 memset(&act, 0, sizeof(act));
1461 act.sa_handler = SIG_IGN;
1462 sigaction(SIGPIPE, &act, NULL);
1463 # if defined(SA_SIGINFO)
1464 last_sighup_info.si_uid = 0,
1465 last_sighup_info.si_pid = 0;
1466 last_sigterm_info.si_uid = 0,
1467 last_sigterm_info.si_pid = 0;
1468 act.sa_sigaction = sigaction_handler;
1469 sigemptyset(&act.sa_mask);
1470 act.sa_flags = SA_SIGINFO;
1471 # else
1472 act.sa_handler = signal_handler;
1473 sigemptyset(&act.sa_mask);
1474 act.sa_flags = 0;
1475 # endif
1476 sigaction(SIGINT, &act, NULL);
1477 sigaction(SIGTERM, &act, NULL);
1478 sigaction(SIGHUP, &act, NULL);
1479 sigaction(SIGALRM, &act, NULL);
1480 sigaction(SIGUSR1, &act, NULL);
1481
1482 /* it should be safe to restart syscalls after SIGCHLD */
1483 act.sa_flags |= SA_RESTART | SA_NOCLDSTOP;
1484 sigaction(SIGCHLD, &act, NULL);
1485
1486 #elif defined(HAVE_SIGNAL)
1487 /* ignore the SIGPIPE from sendfile() */
1488 signal(SIGPIPE, SIG_IGN);
1489 signal(SIGALRM, signal_handler);
1490 signal(SIGTERM, signal_handler);
1491 signal(SIGHUP, signal_handler);
1492 signal(SIGCHLD, signal_handler);
1493 signal(SIGINT, signal_handler);
1494 signal(SIGUSR1, signal_handler);
1495 #endif
1496
1497
1498 srv->gid = getgid();
1499 srv->uid = getuid();
1500
1501 /* write pid file */
1502 if (pid_fd > 2) {
1503 buffer_copy_int(srv->tmp_buf, getpid());
1504 buffer_append_string_len(srv->tmp_buf, CONST_STR_LEN("\n"));
1505 if (-1 == write_all(pid_fd, CONST_BUF_LEN(srv->tmp_buf))) {
1506 log_error_write(srv, __FILE__, __LINE__, "ss", "Couldn't write pid file:", strerror(errno));
1507 close(pid_fd);
1508 pid_fd = -1;
1509 return -1;
1510 }
1511 } else if (pid_fd < -2) {
1512 pid_fd = -pid_fd;
1513 }
1514
1515 /* Close stderr ASAP in the child process to make sure that nothing
1516 * is being written to that fd which may not be valid anymore. */
1517 if (!srv->srvconf.preflight_check) {
1518 if (-1 == log_error_open(srv)) {
1519 log_error_write(srv, __FILE__, __LINE__, "s", "Opening errorlog failed. Going down.");
1520 return -1;
1521 }
1522 log_error_write(srv, __FILE__, __LINE__, "s", "server started (" PACKAGE_DESC ")");
1523 }
1524
1525 if (buffer_is_empty(srv->config_storage[0]->server_tag)) {
1526 buffer_copy_string_len(srv->config_storage[0]->server_tag, CONST_STR_LEN(PACKAGE_DESC));
1527 }
1528
1529 if (HANDLER_GO_ON != plugins_call_set_defaults(srv)) {
1530 log_error_write(srv, __FILE__, __LINE__, "s", "Configuration of plugins failed. Going down.");
1531 return -1;
1532 }
1533
1534 /* settings might be enabled during module config set defaults */
1535 srv->config_storage[0]->high_precision_timestamps = srv->srvconf.high_precision_timestamps;
1536
1537 /* dump unused config-keys */
1538 for (i = 0; i < srv->config_context->used; i++) {
1539 array *config = ((data_config *)srv->config_context->data[i])->value;
1540 size_t j;
1541
1542 for (j = 0; config && j < config->used; j++) {
1543 data_unset *du = config->data[j];
1544
1545 /* all var.* is known as user defined variable */
1546 if (strncmp(du->key->ptr, "var.", sizeof("var.") - 1) == 0) {
1547 continue;
1548 }
1549
1550 if (NULL == array_get_element_klen(srv->config_touched, CONST_BUF_LEN(du->key))) {
1551 log_error_write(srv, __FILE__, __LINE__, "sbs",
1552 "WARNING: unknown config-key:",
1553 du->key,
1554 "(ignored)");
1555 }
1556 }
1557 }
1558
1559 if (srv->config_unsupported) {
1560 log_error_write(srv, __FILE__, __LINE__, "s",
1561 "Configuration contains unsupported keys. Going down.");
1562 }
1563
1564 if (srv->config_deprecated) {
1565 log_error_write(srv, __FILE__, __LINE__, "s",
1566 "Configuration contains deprecated keys. Going down.");
1567 }
1568
1569 if (srv->config_unsupported || srv->config_deprecated) {
1570 return -1;
1571 }
1572
1573 if (srv->srvconf.preflight_check) {
1574 /*printf("Preflight OK");*//*(stdout reopened to /dev/null)*/
1575 return 0;
1576 }
1577
1578
1579 #ifdef HAVE_FORK
1580 /**
1581 * notify daemonize-grandparent of successful startup
1582 * do this before any further forking is done (workers)
1583 */
1584 if (0 == srv->srvconf.dont_daemonize && -1 != parent_pipe_fd) {
1585 if (0 > write(parent_pipe_fd, "", 1)) return -1;
1586 close(parent_pipe_fd);
1587 }
1588
1589 if (idle_limit && srv->srvconf.max_worker) {
1590 srv->srvconf.max_worker = 0;
1591 log_error_write(srv, __FILE__, __LINE__, "s",
1592 "server idle time limit command line option disables server.max-worker config file option.");
1593 }
1594
1595 /* start watcher and workers */
1596 num_childs = srv->srvconf.max_worker;
1597 if (num_childs > 0) {
1598 pid_t pids[num_childs];
1599 pid_t pid;
1600 const int npids = num_childs;
1601 int child = 0;
1602 for (int n = 0; n < npids; ++n) pids[n] = -1;
1603 while (!child && !srv_shutdown && !graceful_shutdown) {
1604 if (num_childs > 0) {
1605 switch ((pid = fork())) {
1606 case -1:
1607 return -1;
1608 case 0:
1609 child = 1;
1610 break;
1611 default:
1612 num_childs--;
1613 for (int n = 0; n < npids; ++n) {
1614 if (-1 == pids[n]) {
1615 pids[n] = pid;
1616 break;
1617 }
1618 }
1619 break;
1620 }
1621 } else {
1622 int status;
1623
1624 if (-1 != (pid = wait(&status))) {
1625 switch (fdevent_reaped_logger_pipe(pid)) {
1626 default: break;
1627 case -1: alarm(5); /* fall through */
1628 case 1: continue;
1629 }
1630 /**
1631 * check if one of our workers went away
1632 */
1633 for (int n = 0; n < npids; ++n) {
1634 if (pid == pids[n]) {
1635 pids[n] = -1;
1636 num_childs++;
1637 break;
1638 }
1639 }
1640 } else {
1641 switch (errno) {
1642 case EINTR:
1643 /**
1644 * if we receive a SIGHUP we have to close our logs ourself as we don't
1645 * have the mainloop who can help us here
1646 */
1647 if (handle_sig_hup) {
1648 handle_sig_hup = 0;
1649
1650 log_error_cycle(srv);
1651
1652 /**
1653 * forward to all procs in the process-group
1654 *
1655 * we also send it ourself
1656 */
1657 if (!forwarded_sig_hup && 0 != srv->srvconf.max_worker) {
1658 forwarded_sig_hup = 1;
1659 kill(0, SIGHUP);
1660 }
1661 }
1662 if (handle_sig_alarm) {
1663 handle_sig_alarm = 0;
1664 fdevent_waitpid_logger_pipes(time(NULL));
1665 }
1666 break;
1667 default:
1668 break;
1669 }
1670 }
1671 }
1672 }
1673
1674 /**
1675 * for the parent this is the exit-point
1676 */
1677 if (!child) {
1678 /**
1679 * kill all children too
1680 */
1681 if (graceful_shutdown || graceful_restart) {
1682 /* flag to ignore one SIGINT if graceful_restart */
1683 if (graceful_restart) graceful_restart = 2;
1684 kill(0, SIGINT);
1685 server_graceful_state(srv);
1686 } else if (srv_shutdown) {
1687 kill(0, SIGTERM);
1688 }
1689
1690 return 0;
1691 }
1692
1693 /* ignore SIGUSR1 in workers; only parent directs graceful restart */
1694 #ifdef HAVE_SIGACTION
1695 {
1696 struct sigaction actignore;
1697 memset(&actignore, 0, sizeof(actignore));
1698 actignore.sa_handler = SIG_IGN;
1699 sigaction(SIGUSR1, &actignore, NULL);
1700 }
1701 #elif defined(HAVE_SIGNAL)
1702 signal(SIGUSR1, SIG_IGN);
1703 #endif
1704
1705 /**
1706 * make sure workers do not muck with pid-file
1707 */
1708 if (0 <= pid_fd) {
1709 close(pid_fd);
1710 pid_fd = -1;
1711 }
1712 buffer_reset(srv->srvconf.pid_file);
1713
1714 li_rand_reseed();
1715 }
1716 #endif
1717
1718 if (NULL == (srv->ev = fdevent_init(srv, srv->max_fds + 1, srv->event_handler))) {
1719 log_error_write(srv, __FILE__, __LINE__,
1720 "s", "fdevent_init failed");
1721 return -1;
1722 }
1723
1724 /* libev backend overwrites our SIGCHLD handler and calls waitpid on SIGCHLD; we want our own SIGCHLD handling. */
1725 #ifdef HAVE_SIGACTION
1726 sigaction(SIGCHLD, &act, NULL);
1727 #elif defined(HAVE_SIGNAL)
1728 signal(SIGCHLD, signal_handler);
1729 #endif
1730
1731 /*
1732 * kqueue() is called here, select resets its internals,
1733 * all server sockets get their handlers
1734 *
1735 * */
1736 if (0 != network_register_fdevents(srv)) {
1737 return -1;
1738 }
1739
1740 /* might fail if user is using fam (not gamin) and famd isn't running */
1741 if (NULL == (srv->stat_cache = stat_cache_init(srv))) {
1742 log_error_write(srv, __FILE__, __LINE__, "s",
1743 "stat-cache could not be setup, dieing.");
1744 return -1;
1745 }
1746
1747 #ifdef USE_ALARM
1748 {
1749 /* setup periodic timer (1 second) */
1750 struct itimerval interval;
1751 interval.it_interval.tv_sec = 1;
1752 interval.it_interval.tv_usec = 0;
1753 interval.it_value.tv_sec = 1;
1754 interval.it_value.tv_usec = 0;
1755 if (setitimer(ITIMER_REAL, &interval, NULL)) {
1756 log_error_write(srv, __FILE__, __LINE__, "s", "setting timer failed");
1757 return -1;
1758 }
1759 }
1760 #endif
1761
1762
1763 /* get the current number of FDs */
1764 {
1765 int fd = fdevent_open_devnull();
1766 if (fd >= 0) {
1767 srv->cur_fds = fd;
1768 close(fd);
1769 }
1770 }
1771
1772 if (0 != server_sockets_set_nb_cloexec(srv)) {
1773 return -1;
1774 }
1775
1776 if (oneshot_fd && server_oneshot_init(srv, oneshot_fd)) {
1777 oneshot_fd = -1;
1778 }
1779
1780 /* main-loop */
1781 while (!srv_shutdown) {
1782 int n;
1783 size_t ndx;
1784 time_t min_ts;
1785
1786 if (handle_sig_hup) {
1787 handler_t r;
1788
1789 /* reset notification */
1790 handle_sig_hup = 0;
1791
1792
1793 /* cycle logfiles */
1794
1795 switch(r = plugins_call_handle_sighup(srv)) {
1796 case HANDLER_GO_ON:
1797 break;
1798 default:
1799 log_error_write(srv, __FILE__, __LINE__, "sd", "sighup-handler return with an error", r);
1800 break;
1801 }
1802
1803 if (-1 == log_error_cycle(srv)) {
1804 log_error_write(srv, __FILE__, __LINE__, "s", "cycling errorlog failed, dying");
1805
1806 return -1;
1807 } else {
1808 #ifdef HAVE_SIGACTION
1809 log_error_write(srv, __FILE__, __LINE__, "sdsd",
1810 "logfiles cycled UID =",
1811 last_sighup_info.si_uid,
1812 "PID =",
1813 last_sighup_info.si_pid);
1814 #else
1815 log_error_write(srv, __FILE__, __LINE__, "s",
1816 "logfiles cycled");
1817 #endif
1818 }
1819 }
1820
1821 if (handle_sig_alarm) {
1822 /* a new second */
1823
1824 #ifdef USE_ALARM
1825 /* reset notification */
1826 handle_sig_alarm = 0;
1827 #endif
1828
1829 /* get current time */
1830 min_ts = time(NULL);
1831
1832 if (min_ts != srv->cur_ts) {
1833 #ifdef DEBUG_CONNECTION_STATES
1834 int cs = 0;
1835 #endif
1836 connections *conns = srv->conns;
1837 handler_t r;
1838
1839 switch(r = plugins_call_handle_trigger(srv)) {
1840 case HANDLER_GO_ON:
1841 break;
1842 case HANDLER_ERROR:
1843 log_error_write(srv, __FILE__, __LINE__, "s", "one of the triggers failed");
1844 break;
1845 default:
1846 log_error_write(srv, __FILE__, __LINE__, "d", r);
1847 break;
1848 }
1849
1850 /* trigger waitpid */
1851 srv->cur_ts = min_ts;
1852
1853 /* check idle time limit, if enabled */
1854 if (idle_limit && idle_limit < min_ts - last_active_ts && !graceful_shutdown) {
1855 log_error_write(srv, __FILE__, __LINE__, "sDs", "[note] idle timeout", (int)idle_limit,
1856 "s exceeded, initiating graceful shutdown");
1857 graceful_shutdown = 2; /* value 2 indicates idle timeout */
1858 if (graceful_restart) {
1859 graceful_restart = 0;
1860 if (pid_fd < -2) pid_fd = -pid_fd;
1861 server_sockets_close(srv);
1862 }
1863 }
1864
1865 #ifdef HAVE_GETLOADAVG
1866 /* refresh loadavg data every 30 seconds */
1867 if (srv->srvconf.loadts + 30 < min_ts) {
1868 if (-1 != getloadavg(srv->srvconf.loadavg, 3)) {
1869 srv->srvconf.loadts = min_ts;
1870 }
1871 }
1872 #endif
1873
1874 /* cleanup stat-cache */
1875 stat_cache_trigger_cleanup(srv);
1876 /* reset global/aggregate rate limit counters */
1877 for (i = 0; i < srv->config_context->used; ++i) {
1878 srv->config_storage[i]->global_bytes_per_second_cnt = 0;
1879 }
1880 /* check piped-loggers and restart, unless shutting down */
1881 if (!graceful_shutdown && !srv_shutdown && 0 == srv->srvconf.max_worker) fdevent_waitpid_logger_pipes(min_ts);
1882 /* if graceful_shutdown, accelerate cleanup of recently completed request/responses */
1883 if (graceful_shutdown && !srv_shutdown) server_graceful_shutdown_maint(srv);
1884 /**
1885 * check all connections for timeouts
1886 *
1887 */
1888 for (ndx = 0; ndx < conns->used; ndx++) {
1889 connection * const con = conns->ptr[ndx];
1890 const int waitevents = fdevent_event_get_interest(srv->ev, con->fd);
1891 int changed = 0;
1892 int t_diff;
1893
1894 if (con->state == CON_STATE_CLOSE) {
1895 if (srv->cur_ts - con->close_timeout_ts > HTTP_LINGER_TIMEOUT) {
1896 changed = 1;
1897 }
1898 } else if (waitevents & FDEVENT_IN) {
1899 if (con->request_count == 1 || con->state != CON_STATE_READ) { /* e.g. CON_STATE_READ_POST || CON_STATE_WRITE */
1900 if (srv->cur_ts - con->read_idle_ts > con->conf.max_read_idle) {
1901 /* time - out */
1902 if (con->conf.log_request_handling) {
1903 log_error_write(srv, __FILE__, __LINE__, "sd",
1904 "connection closed - read timeout:", con->fd);
1905 }
1906
1907 connection_set_state(srv, con, CON_STATE_ERROR);
1908 changed = 1;
1909 }
1910 } else {
1911 if (srv->cur_ts - con->read_idle_ts > con->keep_alive_idle) {
1912 /* time - out */
1913 if (con->conf.log_request_handling) {
1914 log_error_write(srv, __FILE__, __LINE__, "sd",
1915 "connection closed - keep-alive timeout:", con->fd);
1916 }
1917
1918 connection_set_state(srv, con, CON_STATE_ERROR);
1919 changed = 1;
1920 }
1921 }
1922 }
1923
1924 /* max_write_idle timeout currently functions as backend timeout,
1925 * too, after response has been started.
1926 * future: have separate backend timeout, and then change this
1927 * to check for write interest before checking for timeout */
1928 /*if (waitevents & FDEVENT_OUT)*/
1929 if ((con->state == CON_STATE_WRITE) &&
1930 (con->write_request_ts != 0)) {
1931 #if 0
1932 if (srv->cur_ts - con->write_request_ts > 60) {
1933 log_error_write(srv, __FILE__, __LINE__, "sdd",
1934 "connection closed - pre-write-request-timeout:", con->fd, srv->cur_ts - con->write_request_ts);
1935 }
1936 #endif
1937
1938 if (srv->cur_ts - con->write_request_ts > con->conf.max_write_idle) {
1939 /* time - out */
1940 if (con->conf.log_timeouts) {
1941 log_error_write(srv, __FILE__, __LINE__, "sbsbsosds",
1942 "NOTE: a request from",
1943 con->dst_addr_buf,
1944 "for",
1945 con->request.uri,
1946 "timed out after writing",
1947 con->bytes_written,
1948 "bytes. We waited",
1949 (int)con->conf.max_write_idle,
1950 "seconds. If this a problem increase server.max-write-idle");
1951 }
1952 connection_set_state(srv, con, CON_STATE_ERROR);
1953 changed = 1;
1954 }
1955 }
1956
1957 /* we don't like div by zero */
1958 if (0 == (t_diff = srv->cur_ts - con->connection_start)) t_diff = 1;
1959
1960 if (con->traffic_limit_reached &&
1961 (con->conf.kbytes_per_second == 0 ||
1962 ((con->bytes_written / t_diff) < con->conf.kbytes_per_second * 1024))) {
1963 /* enable connection again */
1964 con->traffic_limit_reached = 0;
1965
1966 changed = 1;
1967 }
1968
1969 con->bytes_written_cur_second = 0;
1970
1971 if (changed) {
1972 connection_state_machine(srv, con);
1973 }
1974
1975 #if DEBUG_CONNECTION_STATES
1976 if (cs == 0) {
1977 fprintf(stderr, "connection-state: ");
1978 cs = 1;
1979 }
1980
1981 fprintf(stderr, "c[%d,%d]: %s ",
1982 con->fd,
1983 con->fcgi.fd,
1984 connection_get_state(con->state));
1985 #endif
1986 }
1987
1988 #ifdef DEBUG_CONNECTION_STATES
1989 if (cs == 1) fprintf(stderr, "\n");
1990 #endif
1991 }
1992 }
1993
1994 if (graceful_shutdown) {
1995 server_graceful_state(srv);
1996 srv->sockets_disabled = 1;
1997 } else if (srv->sockets_disabled) {
1998 /* our server sockets are disabled, why ? */
1999
2000 if ((srv->cur_fds + srv->want_fds < srv->max_fds * 8 / 10) && /* we have enough unused fds */
2001 (srv->conns->used <= srv->max_conns * 9 / 10)) {
2002 server_sockets_set_event(srv, FDEVENT_IN);
2003 log_error_write(srv, __FILE__, __LINE__, "s", "[note] sockets enabled again");
2004
2005 srv->sockets_disabled = 0;
2006 }
2007 } else {
2008 if ((srv->cur_fds + srv->want_fds > srv->max_fds * 9 / 10) || /* out of fds */
2009 (srv->conns->used >= srv->max_conns)) { /* out of connections */
2010 /* disable server-fds */
2011 server_sockets_set_event(srv, 0);
2012
2013 if (srv->conns->used >= srv->max_conns) {
2014 log_error_write(srv, __FILE__, __LINE__, "s", "[note] sockets disabled, connection limit reached");
2015 } else {
2016 log_error_write(srv, __FILE__, __LINE__, "s", "[note] sockets disabled, out-of-fds");
2017 }
2018
2019 srv->sockets_disabled = 1;
2020 }
2021 }
2022
2023 if (graceful_shutdown && srv->conns->used == 0) {
2024 /* we are in graceful shutdown phase and all connections are closed
2025 * we are ready to terminate without harming anyone */
2026 srv_shutdown = 1;
2027 break;
2028 }
2029
2030 /* we still have some fds to share */
2031 if (srv->want_fds) {
2032 /* check the fdwaitqueue for waiting fds */
2033 int free_fds = srv->max_fds - srv->cur_fds - 16;
2034 connection *con;
2035
2036 for (; free_fds > 0 && NULL != (con = fdwaitqueue_unshift(srv, srv->fdwaitqueue)); free_fds--) {
2037 connection_state_machine(srv, con);
2038
2039 srv->want_fds--;
2040 }
2041 }
2042
2043 if ((n = fdevent_poll(srv->ev, 1000)) > 0) {
2044 /* n is the number of events */
2045 int fd;
2046 int revents;
2047 int fd_ndx;
2048 last_active_ts = srv->cur_ts;
2049 fd_ndx = -1;
2050 do {
2051 fdevent_handler handler;
2052 void *context;
2053
2054 fd_ndx = fdevent_event_next_fdndx (srv->ev, fd_ndx);
2055 if (-1 == fd_ndx) break; /* not all fdevent handlers know how many fds got an event */
2056
2057 revents = fdevent_event_get_revent (srv->ev, fd_ndx);
2058 fd = fdevent_event_get_fd (srv->ev, fd_ndx);
2059 handler = fdevent_get_handler(srv->ev, fd);
2060 context = fdevent_get_context(srv->ev, fd);
2061 if (NULL != handler) {
2062 (*handler)(srv, context, revents);
2063 }
2064 } while (--n > 0);
2065 fdevent_sched_run(srv, srv->ev);
2066 } else if (n < 0 && errno != EINTR) {
2067 log_error_write(srv, __FILE__, __LINE__, "ss",
2068 "fdevent_poll failed:",
2069 strerror(errno));
2070 }
2071
2072 for (ndx = 0; ndx < srv->joblist->used; ndx++) {
2073 connection *con = srv->joblist->ptr[ndx];
2074 connection_state_machine(srv, con);
2075 }
2076
2077 srv->joblist->used = 0;
2078 }
2079
2080 if (graceful_shutdown || graceful_restart) {
2081 server_graceful_state(srv);
2082 }
2083
2084 if (2 == graceful_shutdown) { /* value 2 indicates idle timeout */
2085 log_error_write(srv, __FILE__, __LINE__, "s",
2086 "server stopped after idle timeout");
2087 } else {
2088 #ifdef HAVE_SIGACTION
2089 log_error_write(srv, __FILE__, __LINE__, "sdsd",
2090 "server stopped by UID =",
2091 last_sigterm_info.si_uid,
2092 "PID =",
2093 last_sigterm_info.si_pid);
2094 #else
2095 log_error_write(srv, __FILE__, __LINE__, "s",
2096 "server stopped");
2097 #endif
2098 }
2099
2100 return 0;
2101 }
2102
2103 int main (int argc, char **argv) {
2104 int rc;
2105
2106 #ifdef HAVE_GETUID
2107 #ifndef HAVE_ISSETUGID
2108 #define issetugid() (geteuid() != getuid() || getegid() != getgid())
2109 #endif
2110 if (0 != getuid() && issetugid()) { /*check as early as possible in main()*/
2111 fprintf(stderr,
2112 "Are you nuts ? Don't apply a SUID bit to this binary\n");
2113 return -1;
2114 }
2115 #endif
2116
2117 /* for nice %b handling in strftime() */
2118 setlocale(LC_TIME, "C");
2119
2120 do {
2121 server * const srv = server_init();
2122
2123 if (graceful_restart) {
2124 server_sockets_restore(srv);
2125 optind = 1;
2126 }
2127
2128 rc = server_main(srv, argc, argv);
2129
2130 /* clean-up */
2131 remove_pid_file(srv);
2132 log_error_close(srv);
2133 fdevent_close_logger_pipes();
2134 if (graceful_restart)
2135 server_sockets_save(srv);
2136 else
2137 network_close(srv);
2138 connections_free(srv);
2139 plugins_free(srv);
2140 server_free(srv);
2141
2142 if (0 != rc || !graceful_restart) break;
2143
2144 /* wait for all children to exit before graceful restart */
2145 while (waitpid(-1, NULL, 0) > 0) ;
2146 } while (graceful_restart);
2147
2148 return rc;
2149 }
A fast webserver with minimal memory-footprint (lighttpd)