search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[core] cleanup: consolidate FAM code in stat_cache
[lighttpd.git] / src / server.c
blob4cd8699c00fb747abe0043f2b33433c3b36d16c8
1 #include "first.h"
2
3 #include "server.h"
4 #include "buffer.h"
5 #include "network.h"
6 #include "log.h"
7 #include "keyvalue.h"
8 #include "rand.h"
9 #include "response.h"
10 #include "request.h"
11 #include "chunk.h"
12 #include "http_auth.h"
13 #include "http_chunk.h"
14 #include "http_vhostdb.h"
15 #include "fdevent.h"
16 #include "connections.h"
17 #include "sock_addr.h"
18 #include "stat_cache.h"
19 #include "plugin.h"
20 #include "joblist.h"
21 #include "network_backends.h"
22
23 #ifdef HAVE_VERSIONSTAMP_H
24 # include "versionstamp.h"
25 #else
26 # define REPO_VERSION ""
27 #endif
28
29 #define PACKAGE_DESC PACKAGE_NAME "/" PACKAGE_VERSION REPO_VERSION
30
31 #include <sys/types.h>
32 #include <sys/time.h>
33 #include <sys/stat.h>
34 #include <sys/wait.h>
35
36 #include <string.h>
37 #include <errno.h>
38 #include <fcntl.h>
39 #include <unistd.h>
40 #include <stdlib.h>
41 #include <time.h>
42 #include <signal.h>
43 #include <locale.h>
44
45 #include <stdio.h>
46
47 #ifdef HAVE_GETOPT_H
48 # include <getopt.h>
49 #endif
50
51 #ifdef HAVE_VALGRIND_VALGRIND_H
52 # include <valgrind/valgrind.h>
53 #endif
54
55 #ifdef HAVE_SYS_WAIT_H
56 # include <sys/wait.h>
57 #endif
58
59 #ifdef HAVE_PWD_H
60 # include <grp.h>
61 # include <pwd.h>
62 #endif
63
64 #ifdef HAVE_SYSLOG_H
65 # include <syslog.h>
66 #endif
67
68 #ifdef HAVE_SYS_RESOURCE_H
69 # include <sys/resource.h>
70 #endif
71
72 #ifdef HAVE_SYS_PRCTL_H
73 # include <sys/prctl.h>
74 #endif
75
76 #if defined HAVE_LIBSSL && defined HAVE_OPENSSL_SSL_H
77 #define USE_SSL
78 #define TEXT_SSL " (ssl)"
79 #else
80 #define TEXT_SSL
81 #endif
82
83 #ifndef __sgi
84 /* IRIX doesn't like the alarm based time() optimization */
85 /* #define USE_ALARM */
86 #endif
87
88 static int oneshot_fd = 0;
89 static volatile int pid_fd = -2;
90 static server_socket_array graceful_sockets;
91 static volatile sig_atomic_t graceful_restart = 0;
92 static volatile sig_atomic_t graceful_shutdown = 0;
93 static volatile sig_atomic_t srv_shutdown = 0;
94 static volatile sig_atomic_t handle_sig_child = 0;
95 static volatile sig_atomic_t handle_sig_alarm = 1;
96 static volatile sig_atomic_t handle_sig_hup = 0;
97
98 #if defined(HAVE_SIGACTION) && defined(SA_SIGINFO)
99 static volatile siginfo_t last_sigterm_info;
100 static volatile siginfo_t last_sighup_info;
101
102 static void sigaction_handler(int sig, siginfo_t *si, void *context) {
103 static const siginfo_t empty_siginfo;
104 UNUSED(context);
105
106 if (!si) *(const siginfo_t **)&si = &empty_siginfo;
107
108 switch (sig) {
109 case SIGTERM:
110 srv_shutdown = 1;
111 last_sigterm_info = *si;
112 break;
113 case SIGUSR1:
114 if (!graceful_shutdown) {
115 graceful_restart = 1;
116 graceful_shutdown = 1;
117 last_sigterm_info = *si;
118 }
119 break;
120 case SIGINT:
121 if (graceful_shutdown) {
122 if (2 == graceful_restart)
123 graceful_restart = 1;
124 else
125 srv_shutdown = 1;
126 } else {
127 graceful_shutdown = 1;
128 }
129 last_sigterm_info = *si;
130
131 break;
132 case SIGALRM:
133 handle_sig_alarm = 1;
134 break;
135 case SIGHUP:
136 handle_sig_hup = 1;
137 last_sighup_info = *si;
138 break;
139 case SIGCHLD:
140 handle_sig_child = 1;
141 break;
142 }
143 }
144 #elif defined(HAVE_SIGNAL) || defined(HAVE_SIGACTION)
145 static void signal_handler(int sig) {
146 switch (sig) {
147 case SIGTERM: srv_shutdown = 1; break;
148 case SIGUSR1:
149 if (!graceful_shutdown) {
150 graceful_restart = 1;
151 graceful_shutdown = 1;
152 }
153 break;
154 case SIGINT:
155 if (graceful_shutdown) {
156 if (2 == graceful_restart)
157 graceful_restart = 1;
158 else
159 srv_shutdown = 1;
160 } else {
161 graceful_shutdown = 1;
162 }
163 break;
164 case SIGALRM: handle_sig_alarm = 1; break;
165 case SIGHUP: handle_sig_hup = 1; break;
166 case SIGCHLD: handle_sig_child = 1; break;
167 }
168 }
169 #endif
170
171 #ifdef HAVE_FORK
172 static int daemonize(void) {
173 int pipefd[2];
174 pid_t pid;
175 #ifdef SIGTTOU
176 signal(SIGTTOU, SIG_IGN);
177 #endif
178 #ifdef SIGTTIN
179 signal(SIGTTIN, SIG_IGN);
180 #endif
181 #ifdef SIGTSTP
182 signal(SIGTSTP, SIG_IGN);
183 #endif
184
185 if (pipe(pipefd) < 0) exit(-1);
186
187 if (0 > (pid = fork())) exit(-1);
188
189 if (0 < pid) {
190 char buf;
191 ssize_t bytes;
192
193 close(pipefd[1]);
194 /* parent waits for grandchild to be ready */
195 do {
196 bytes = read(pipefd[0], &buf, sizeof(buf));
197 } while (bytes < 0 && EINTR == errno);
198 close(pipefd[0]);
199
200 if (bytes <= 0) {
201 /* closed fd (without writing) == failure in grandchild */
202 fputs("daemonized server failed to start; check error log for details\n", stderr);
203 exit(-1);
204 }
205
206 exit(0);
207 }
208
209 close(pipefd[0]);
210
211 if (-1 == setsid()) exit(0);
212
213 signal(SIGHUP, SIG_IGN);
214
215 if (0 != fork()) exit(0);
216
217 if (0 != chdir("/")) exit(0);
218
219 fdevent_setfd_cloexec(pipefd[1]);
220 return pipefd[1];
221 }
222 #endif
223
224 static server *server_init(void) {
225 int i;
226 server *srv = calloc(1, sizeof(*srv));
227 force_assert(srv);
228 #define CLEAN(x) \
229 srv->x = buffer_init();
230
231 CLEAN(response_header);
232 CLEAN(parse_full_path);
233 CLEAN(ts_debug_str);
234 CLEAN(ts_date_str);
235 CLEAN(errorlog_buf);
236 CLEAN(response_range);
237 CLEAN(tmp_buf);
238 srv->empty_string = buffer_init_string("");
239 CLEAN(cond_check_buf);
240
241 CLEAN(srvconf.errorlog_file);
242 CLEAN(srvconf.breakagelog_file);
243 CLEAN(srvconf.groupname);
244 CLEAN(srvconf.username);
245 CLEAN(srvconf.changeroot);
246 CLEAN(srvconf.bindhost);
247 CLEAN(srvconf.event_handler);
248 CLEAN(srvconf.pid_file);
249 CLEAN(srvconf.syslog_facility);
250
251 CLEAN(tmp_chunk_len);
252 #undef CLEAN
253
254 #define CLEAN(x) \
255 srv->x = array_init();
256
257 CLEAN(config_context);
258 CLEAN(config_touched);
259 CLEAN(status);
260 #undef CLEAN
261
262 for (i = 0; i < FILE_CACHE_MAX; i++) {
263 srv->mtime_cache[i].mtime = (time_t)-1;
264 srv->mtime_cache[i].str = buffer_init();
265 }
266
267 li_rand_reseed();
268
269 srv->cur_ts = time(NULL);
270 srv->startup_ts = srv->cur_ts;
271
272 srv->conns = calloc(1, sizeof(*srv->conns));
273 force_assert(srv->conns);
274
275 srv->joblist = calloc(1, sizeof(*srv->joblist));
276 force_assert(srv->joblist);
277
278 srv->fdwaitqueue = calloc(1, sizeof(*srv->fdwaitqueue));
279 force_assert(srv->fdwaitqueue);
280
281 srv->srvconf.modules = array_init();
282 srv->srvconf.modules_dir = buffer_init_string(LIBRARY_DIR);
283 srv->srvconf.network_backend = buffer_init();
284 srv->srvconf.upload_tempdirs = array_init();
285 srv->srvconf.reject_expect_100_with_417 = 1;
286 srv->srvconf.xattr_name = buffer_init_string("Content-Type");
287 srv->srvconf.http_header_strict = 1;
288 srv->srvconf.http_host_strict = 1; /*(implies http_host_normalize)*/
289 srv->srvconf.http_host_normalize = 0;
290 srv->srvconf.high_precision_timestamps = 0;
291 srv->srvconf.max_request_field_size = 8192;
292 srv->srvconf.loadavg[0] = 0.0;
293 srv->srvconf.loadavg[1] = 0.0;
294 srv->srvconf.loadavg[2] = 0.0;
295
296 /* use syslog */
297 srv->errorlog_fd = STDERR_FILENO;
298 srv->errorlog_mode = ERRORLOG_FD;
299
300 srv->split_vals = array_init();
301 srv->request_env = plugins_call_handle_request_env;
302
303 return srv;
304 }
305
306 static void server_free(server *srv) {
307 size_t i;
308
309 for (i = 0; i < FILE_CACHE_MAX; i++) {
310 buffer_free(srv->mtime_cache[i].str);
311 }
312
313 if (oneshot_fd > 0) {
314 close(oneshot_fd);
315 }
316
317 #define CLEAN(x) \
318 buffer_free(srv->x);
319
320 CLEAN(response_header);
321 CLEAN(parse_full_path);
322 CLEAN(ts_debug_str);
323 CLEAN(ts_date_str);
324 CLEAN(errorlog_buf);
325 CLEAN(response_range);
326 CLEAN(tmp_buf);
327 CLEAN(empty_string);
328 CLEAN(cond_check_buf);
329
330 CLEAN(srvconf.errorlog_file);
331 CLEAN(srvconf.breakagelog_file);
332 CLEAN(srvconf.groupname);
333 CLEAN(srvconf.username);
334 CLEAN(srvconf.changeroot);
335 CLEAN(srvconf.bindhost);
336 CLEAN(srvconf.event_handler);
337 CLEAN(srvconf.pid_file);
338 CLEAN(srvconf.modules_dir);
339 CLEAN(srvconf.network_backend);
340 CLEAN(srvconf.xattr_name);
341 CLEAN(srvconf.syslog_facility);
342
343 CLEAN(tmp_chunk_len);
344 #undef CLEAN
345
346 #if 0
347 fdevent_unregister(srv->ev, srv->fd);
348 #endif
349 fdevent_free(srv->ev);
350
351 free(srv->conns);
352
353 if (srv->config_storage) {
354 for (i = 0; i < srv->config_context->used; i++) {
355 specific_config *s = srv->config_storage[i];
356
357 if (!s) continue;
358
359 buffer_free(s->document_root);
360 buffer_free(s->server_name);
361 buffer_free(s->server_tag);
362 buffer_free(s->error_handler);
363 buffer_free(s->error_handler_404);
364 buffer_free(s->errorfile_prefix);
365 buffer_free(s->socket_perms);
366 array_free(s->mimetypes);
367 free(s);
368 }
369 free(srv->config_storage);
370 srv->config_storage = NULL;
371 }
372
373 #define CLEAN(x) \
374 array_free(srv->x);
375
376 CLEAN(config_context);
377 CLEAN(config_touched);
378 CLEAN(status);
379 CLEAN(srvconf.upload_tempdirs);
380 #undef CLEAN
381
382 joblist_free(srv, srv->joblist);
383 fdwaitqueue_free(srv, srv->fdwaitqueue);
384
385 if (srv->stat_cache) {
386 stat_cache_free(srv->stat_cache);
387 }
388
389 array_free(srv->srvconf.modules);
390 array_free(srv->split_vals);
391
392 li_rand_cleanup();
393
394 free(srv);
395 }
396
397 static void remove_pid_file(server *srv) {
398 if (pid_fd <= -2) return;
399 if (!buffer_string_is_empty(srv->srvconf.pid_file) && 0 <= pid_fd) {
400 if (0 != ftruncate(pid_fd, 0)) {
401 log_error_write(srv, __FILE__, __LINE__, "sbds",
402 "ftruncate failed for:",
403 srv->srvconf.pid_file,
404 errno,
405 strerror(errno));
406 }
407 }
408 if (0 <= pid_fd) {
409 close(pid_fd);
410 pid_fd = -1;
411 }
412 if (!buffer_string_is_empty(srv->srvconf.pid_file) &&
413 buffer_string_is_empty(srv->srvconf.changeroot)) {
414 if (0 != unlink(srv->srvconf.pid_file->ptr)) {
415 if (errno != EACCES && errno != EPERM) {
416 log_error_write(srv, __FILE__, __LINE__, "sbds",
417 "unlink failed for:",
418 srv->srvconf.pid_file,
419 errno,
420 strerror(errno));
421 }
422 }
423 }
424 }
425
426
427 static server_socket * server_oneshot_getsock(server *srv, sock_addr *cnt_addr) {
428 server_socket *srv_socket, *srv_socket_wild = NULL;
429 size_t i;
430 for (i = 0; i < srv->srv_sockets.used; ++i) {
431 srv_socket = srv->srv_sockets.ptr[i];
432 if (!sock_addr_is_port_eq(&srv_socket->addr,cnt_addr)) continue;
433 if (sock_addr_is_addr_eq(&srv_socket->addr,cnt_addr)) return srv_socket;
434
435 if (NULL != srv_socket_wild) continue;
436 if (sock_addr_is_addr_wildcard(&srv_socket->addr)) {
437 srv_socket_wild = srv_socket;
438 }
439 }
440
441 if (NULL != srv_socket_wild) {
442 return srv_socket_wild;
443 } else if (srv->srv_sockets.used) {
444 return srv->srv_sockets.ptr[0];
445 } else {
446 log_error_write(srv, __FILE__, __LINE__, "s", "no sockets configured");
447 return NULL;
448 }
449 }
450
451
452 static int server_oneshot_init(server *srv, int fd) {
453 /* Note: does not work with netcat due to requirement that fd be socket.
454 * STDOUT_FILENO was not saved earlier in startup, and that is to where
455 * netcat expects output to be sent. Since lighttpd expects connections
456 * to be sockets, con->fd is where output is sent; separate fds are not
457 * stored for input and output, but netcat has different fds for stdin
458 * and * stdout. To support netcat, would additionally need to avoid
459 * S_ISSOCK(), getsockname(), and getpeername() below, reconstructing
460 * addresses from environment variables:
461 * NCAT_LOCAL_ADDR NCAT_LOCAL_PORT
462 * NCAT_REMOTE_ADDR NCAT_REMOTE_PORT
463 * NCAT_PROTO
464 */
465 connection *con;
466 server_socket *srv_socket;
467 sock_addr cnt_addr;
468 socklen_t cnt_len;
469 struct stat st;
470
471 if (0 != fstat(fd, &st)) {
472 log_error_write(srv, __FILE__, __LINE__, "ss", "fstat:", strerror(errno));
473 return 0;
474 }
475
476 if (!S_ISSOCK(st.st_mode)) {
477 /* require that fd is a socket
478 * (modules might expect STDIN_FILENO and STDOUT_FILENO opened to /dev/null) */
479 log_error_write(srv, __FILE__, __LINE__, "s", "lighttpd -1 stdin is not a socket");
480 return 0;
481 }
482
483 cnt_len = sizeof(cnt_addr);
484 if (0 != getsockname(fd, (struct sockaddr *)&cnt_addr, &cnt_len)) {
485 log_error_write(srv, __FILE__, __LINE__, "ss", "getsockname:", strerror(errno));
486 return 0;
487 }
488
489 srv_socket = server_oneshot_getsock(srv, &cnt_addr);
490 if (NULL == srv_socket) return 0;
491
492 cnt_len = sizeof(cnt_addr);
493 if (0 != getpeername(fd, (struct sockaddr *)&cnt_addr, &cnt_len)) {
494 log_error_write(srv, __FILE__, __LINE__, "ss", "getpeername:", strerror(errno));
495 return 0;
496 }
497
498 /*(must set flags; fd did not pass through fdevent accept() logic)*/
499 if (-1 == fdevent_fcntl_set_nb_cloexec(srv->ev, fd)) {
500 log_error_write(srv, __FILE__, __LINE__, "ss", "fcntl:", strerror(errno));
501 return 0;
502 }
503
504 if (sock_addr_get_family(&cnt_addr) != AF_UNIX) {
505 network_accept_tcp_nagle_disable(fd);
506 }
507
508 con = connection_accepted(srv, srv_socket, &cnt_addr, fd);
509 if (NULL == con) return 0;
510
511 connection_state_machine(srv, con);
512 return 1;
513 }
514
515
516 static void show_version (void) {
517 char *b = PACKAGE_DESC TEXT_SSL \
518 " - a light and fast webserver\n"
519 #ifdef NONREPRODUCIBLE_BUILD
520 "Build-Date: " __DATE__ " " __TIME__ "\n";
521 #endif
522 ;
523 write_all(STDOUT_FILENO, b, strlen(b));
524 }
525
526 static void show_features (void) {
527 const char features[] = ""
528 #ifdef USE_SELECT
529 "\t+ select (generic)\n"
530 #else
531 "\t- select (generic)\n"
532 #endif
533 #ifdef USE_POLL
534 "\t+ poll (Unix)\n"
535 #else
536 "\t- poll (Unix)\n"
537 #endif
538 #ifdef USE_LINUX_EPOLL
539 "\t+ epoll (Linux 2.6)\n"
540 #else
541 "\t- epoll (Linux 2.6)\n"
542 #endif
543 #ifdef USE_SOLARIS_DEVPOLL
544 "\t+ /dev/poll (Solaris)\n"
545 #else
546 "\t- /dev/poll (Solaris)\n"
547 #endif
548 #ifdef USE_SOLARIS_PORT
549 "\t+ eventports (Solaris)\n"
550 #else
551 "\t- eventports (Solaris)\n"
552 #endif
553 #ifdef USE_FREEBSD_KQUEUE
554 "\t+ kqueue (FreeBSD)\n"
555 #else
556 "\t- kqueue (FreeBSD)\n"
557 #endif
558 #ifdef USE_LIBEV
559 "\t+ libev (generic)\n"
560 #else
561 "\t- libev (generic)\n"
562 #endif
563 "\nNetwork handler:\n\n"
564 #if defined USE_LINUX_SENDFILE
565 "\t+ linux-sendfile\n"
566 #else
567 "\t- linux-sendfile\n"
568 #endif
569 #if defined USE_FREEBSD_SENDFILE
570 "\t+ freebsd-sendfile\n"
571 #else
572 "\t- freebsd-sendfile\n"
573 #endif
574 #if defined USE_DARWIN_SENDFILE
575 "\t+ darwin-sendfile\n"
576 #else
577 "\t- darwin-sendfile\n"
578 #endif
579 #if defined USE_SOLARIS_SENDFILEV
580 "\t+ solaris-sendfilev\n"
581 #else
582 "\t- solaris-sendfilev\n"
583 #endif
584 #if defined USE_WRITEV
585 "\t+ writev\n"
586 #else
587 "\t- writev\n"
588 #endif
589 "\t+ write\n"
590 #ifdef USE_MMAP
591 "\t+ mmap support\n"
592 #else
593 "\t- mmap support\n"
594 #endif
595 "\nFeatures:\n\n"
596 #ifdef HAVE_IPV6
597 "\t+ IPv6 support\n"
598 #else
599 "\t- IPv6 support\n"
600 #endif
601 #if defined HAVE_ZLIB_H && defined HAVE_LIBZ
602 "\t+ zlib support\n"
603 #else
604 "\t- zlib support\n"
605 #endif
606 #if defined HAVE_BZLIB_H && defined HAVE_LIBBZ2
607 "\t+ bzip2 support\n"
608 #else
609 "\t- bzip2 support\n"
610 #endif
611 #if defined(HAVE_CRYPT) || defined(HAVE_CRYPT_R) || defined(HAVE_LIBCRYPT)
612 "\t+ crypt support\n"
613 #else
614 "\t- crypt support\n"
615 #endif
616 #ifdef USE_SSL
617 "\t+ SSL support\n"
618 #else
619 "\t- SSL support\n"
620 #endif
621 #ifdef HAVE_LIBPCRE
622 "\t+ PCRE support\n"
623 #else
624 "\t- PCRE support\n"
625 #endif
626 #ifdef HAVE_MYSQL
627 "\t+ MySQL support\n"
628 #else
629 "\t- MySQL support\n"
630 #endif
631 #ifdef HAVE_PGSQL
632 "\t+ PgSQL support\n"
633 #else
634 "\t- PgSQL support\n"
635 #endif
636 #ifdef HAVE_DBI
637 "\t+ DBI support\n"
638 #else
639 "\t- DBI support\n"
640 #endif
641 #ifdef HAVE_KRB5
642 "\t+ Kerberos support\n"
643 #else
644 "\t- Kerberos support\n"
645 #endif
646 #if defined(HAVE_LDAP_H) && defined(HAVE_LBER_H) && defined(HAVE_LIBLDAP) && defined(HAVE_LIBLBER)
647 "\t+ LDAP support\n"
648 #else
649 "\t- LDAP support\n"
650 #endif
651 #ifdef USE_MEMCACHED
652 "\t+ memcached support\n"
653 #else
654 "\t- memcached support\n"
655 #endif
656 #ifdef HAVE_FAM_H
657 "\t+ FAM support\n"
658 #else
659 "\t- FAM support\n"
660 #endif
661 #ifdef HAVE_LUA_H
662 "\t+ LUA support\n"
663 #else
664 "\t- LUA support\n"
665 #endif
666 #ifdef HAVE_LIBXML_H
667 "\t+ xml support\n"
668 #else
669 "\t- xml support\n"
670 #endif
671 #ifdef HAVE_SQLITE3_H
672 "\t+ SQLite support\n"
673 #else
674 "\t- SQLite support\n"
675 #endif
676 #ifdef HAVE_GDBM_H
677 "\t+ GDBM support\n"
678 #else
679 "\t- GDBM support\n"
680 #endif
681 "\n";
682 show_version();
683 printf("\nEvent Handlers:\n\n%s", features);
684 }
685
686 static void show_help (void) {
687 char *b = PACKAGE_DESC TEXT_SSL
688 #ifdef NONREPRODUCIBLE_BUILD
689 " ("__DATE__ " " __TIME__ ")"
690 #endif
691 " - a light and fast webserver\n" \
692 "usage:\n" \
693 " -f <name> filename of the config-file\n" \
694 " -m <name> module directory (default: "LIBRARY_DIR")\n" \
695 " -i <secs> graceful shutdown after <secs> of inactivity\n" \
696 " -1 process single (one) request on stdin socket, then exit\n" \
697 " -p print the parsed config-file in internal form, and exit\n" \
698 " -t test config-file syntax, then exit\n" \
699 " -tt test config-file syntax, load and init modules, then exit\n" \
700 " -D don't go to background (default: go to background)\n" \
701 " -v show version\n" \
702 " -V show compile-time features\n" \
703 " -h show this help\n" \
704 "\n"
705 ;
706 write_all(STDOUT_FILENO, b, strlen(b));
707 }
708
709 /**
710 * open the errorlog
711 *
712 * we have 4 possibilities:
713 * - stderr (default)
714 * - syslog
715 * - logfile
716 * - pipe
717 *
718 */
719
720 static int log_error_open(server *srv) {
721 int errfd;
722 #ifdef HAVE_SYSLOG_H
723 /* perhaps someone wants to use syslog() */
724 int facility = -1;
725 if (!buffer_string_is_empty(srv->srvconf.syslog_facility)) {
726 static const struct facility_name_st {
727 const char *name;
728 int val;
729 } facility_names[] = {
730 { "auth", LOG_AUTH }
731 #ifdef LOG_AUTHPRIV
732 ,{ "authpriv", LOG_AUTHPRIV }
733 #endif
734 #ifdef LOG_CRON
735 ,{ "cron", LOG_CRON }
736 #endif
737 ,{ "daemon", LOG_DAEMON }
738 #ifdef LOG_FTP
739 ,{ "ftp", LOG_FTP }
740 #endif
741 #ifdef LOG_KERN
742 ,{ "kern", LOG_KERN }
743 #endif
744 #ifdef LOG_LPR
745 ,{ "lpr", LOG_LPR }
746 #endif
747 #ifdef LOG_MAIL
748 ,{ "mail", LOG_MAIL }
749 #endif
750 #ifdef LOG_NEWS
751 ,{ "news", LOG_NEWS }
752 #endif
753 ,{ "security", LOG_AUTH } /* DEPRECATED */
754 #ifdef LOG_SYSLOG
755 ,{ "syslog", LOG_SYSLOG }
756 #endif
757 #ifdef LOG_USER
758 ,{ "user", LOG_USER }
759 #endif
760 #ifdef LOG_UUCP
761 ,{ "uucp", LOG_UUCP }
762 #endif
763 ,{ "local0", LOG_LOCAL0 }
764 ,{ "local1", LOG_LOCAL1 }
765 ,{ "local2", LOG_LOCAL2 }
766 ,{ "local3", LOG_LOCAL3 }
767 ,{ "local4", LOG_LOCAL4 }
768 ,{ "local5", LOG_LOCAL5 }
769 ,{ "local6", LOG_LOCAL6 }
770 ,{ "local7", LOG_LOCAL7 }
771 };
772 unsigned int i;
773 for (i = 0; i < sizeof(facility_names)/sizeof(facility_names[0]); ++i) {
774 const struct facility_name_st *f = facility_names+i;
775 if (0 == strcmp(srv->srvconf.syslog_facility->ptr, f->name)) {
776 facility = f->val;
777 break;
778 }
779 }
780 if (-1 == facility) {
781 log_error_write(srv, __FILE__, __LINE__, "SBS",
782 "unrecognized server.syslog-facility: \"",
783 srv->srvconf.syslog_facility,
784 "\"; defaulting to \"daemon\" facility");
785 }
786 }
787 openlog("lighttpd", LOG_CONS|LOG_PID, -1==facility ? LOG_DAEMON : facility);
788 #endif
789
790 srv->errorlog_mode = ERRORLOG_FD;
791 srv->errorlog_fd = STDERR_FILENO;
792
793 if (srv->srvconf.errorlog_use_syslog) {
794 srv->errorlog_mode = ERRORLOG_SYSLOG;
795 }
796 else if (!buffer_string_is_empty(srv->srvconf.errorlog_file)) {
797 const char *logfile = srv->srvconf.errorlog_file->ptr;
798
799 if (-1 == (srv->errorlog_fd = fdevent_open_logger(logfile))) {
800 log_error_write(srv, __FILE__, __LINE__, "SSSS",
801 "opening errorlog '", logfile,
802 "' failed: ", strerror(errno));
803 return -1;
804 }
805 srv->errorlog_mode = logfile[0] == '|' ? ERRORLOG_PIPE : ERRORLOG_FILE;
806 }
807
808 if (srv->errorlog_mode == ERRORLOG_FD && !srv->srvconf.dont_daemonize) {
809 /* We can only log to stderr in dont-daemonize mode;
810 * if we do daemonize and no errorlog file is specified,
811 * we log into /dev/null
812 */
813 srv->errorlog_fd = -1;
814 }
815
816 if (!buffer_string_is_empty(srv->srvconf.breakagelog_file)) {
817 const char *logfile = srv->srvconf.breakagelog_file->ptr;
818
819 if (srv->errorlog_mode == ERRORLOG_FD) {
820 srv->errorlog_fd = dup(STDERR_FILENO);
821 fdevent_setfd_cloexec(srv->errorlog_fd);
822 }
823
824 if (-1 == (errfd = fdevent_open_logger(logfile))) {
825 log_error_write(srv, __FILE__, __LINE__, "SSSS",
826 "opening errorlog '", logfile,
827 "' failed: ", strerror(errno));
828 return -1;
829 }
830
831 if (*logfile == '|') fdevent_breakagelog_logger_pipe(errfd);
832 }
833 else if (!srv->srvconf.dont_daemonize) {
834 /* move STDERR_FILENO to /dev/null */
835 if (-1 == (errfd = fdevent_open_devnull())) {
836 log_error_write(srv, __FILE__, __LINE__, "ss",
837 "opening /dev/null failed:", strerror(errno));
838 return -1;
839 }
840 }
841 else {
842 /*(leave STDERR_FILENO as-is)*/
843 errfd = -1;
844 }
845
846 if (0 != fdevent_set_stdin_stdout_stderr(-1, -1, errfd)) {
847 log_error_write(srv, __FILE__, __LINE__, "ss",
848 "setting stderr failed:", strerror(errno));
849 #ifdef FD_CLOEXEC
850 if (-1 != errfd) close(errfd);
851 #endif
852 return -1;
853 }
854 #ifdef FD_CLOEXEC
855 if (-1 != errfd) close(errfd);
856 #endif
857
858 return 0;
859 }
860
861 /**
862 * cycle the errorlog
863 *
864 */
865
866 static int log_error_cycle(server *srv) {
867 /* cycle only if the error log is a file */
868
869 if (srv->errorlog_mode == ERRORLOG_FILE) {
870 const char *logfile = srv->srvconf.errorlog_file->ptr;
871 if (-1 == fdevent_cycle_logger(logfile, &srv->errorlog_fd)) {
872 /* write to old log */
873 log_error_write(srv, __FILE__, __LINE__, "SSSS",
874 "cycling errorlog '", logfile,
875 "' failed: ", strerror(errno));
876 }
877 }
878
879 return 0;
880 }
881
882 static int log_error_close(server *srv) {
883 switch(srv->errorlog_mode) {
884 case ERRORLOG_PIPE:
885 case ERRORLOG_FILE:
886 case ERRORLOG_FD:
887 if (-1 != srv->errorlog_fd) {
888 /* don't close STDERR */
889 /* fdevent_close_logger_pipes() closes ERRORLOG_PIPE */
890 if (STDERR_FILENO != srv->errorlog_fd
891 && srv->errorlog_mode != ERRORLOG_PIPE) {
892 close(srv->errorlog_fd);
893 }
894 srv->errorlog_fd = -1;
895 }
896 break;
897 case ERRORLOG_SYSLOG:
898 #ifdef HAVE_SYSLOG_H
899 closelog();
900 #endif
901 break;
902 }
903
904 return 0;
905 }
906
907 static void server_sockets_save (server *srv) { /* graceful_restart */
908 memcpy(&graceful_sockets, &srv->srv_sockets, sizeof(server_socket_array));
909 memset(&srv->srv_sockets, 0, sizeof(server_socket_array));
910 }
911
912 static void server_sockets_restore (server *srv) { /* graceful_restart */
913 memcpy(&srv->srv_sockets, &graceful_sockets, sizeof(server_socket_array));
914 memset(&graceful_sockets, 0, sizeof(server_socket_array));
915 }
916
917 static int server_sockets_set_nb_cloexec (server *srv) {
918 if (srv->sockets_disabled) return 0; /* lighttpd -1 (one-shot mode) */
919 for (size_t i = 0; i < srv->srv_sockets.used; ++i) {
920 server_socket *srv_socket = srv->srv_sockets.ptr[i];
921 if (-1 == fdevent_fcntl_set_nb_cloexec_sock(srv->ev, srv_socket->fd)) {
922 log_error_write(srv, __FILE__, __LINE__, "ss",
923 "fcntl failed:", strerror(errno));
924 return -1;
925 }
926 }
927 return 0;
928 }
929
930 static void server_sockets_set_event (server *srv, int event) {
931 for (size_t i = 0; i < srv->srv_sockets.used; ++i) {
932 server_socket *srv_socket = srv->srv_sockets.ptr[i];
933 fdevent_event_set(srv->ev,&(srv_socket->fde_ndx),srv_socket->fd,event);
934 }
935 }
936
937 static void server_sockets_unregister (server *srv) {
938 for (size_t i = 0; i < srv->srv_sockets.used; ++i)
939 network_unregister_sock(srv, srv->srv_sockets.ptr[i]);
940 }
941
942 static void server_sockets_close (server *srv) {
943 /* closing socket right away will make it possible for the next lighttpd
944 * to take over (old-style graceful restart), but only if backends
945 * (e.g. fastcgi, scgi, etc) are independent from lighttpd, rather
946 * than started by lighttpd via "bin-path")
947 */
948 for (size_t i = 0; i < srv->srv_sockets.used; ++i) {
949 server_socket *srv_socket = srv->srv_sockets.ptr[i];
950 if (-1 == srv_socket->fd) continue;
951 network_unregister_sock(srv, srv_socket);
952 close(srv_socket->fd);
953 srv_socket->fd = -1;
954 /* network_close() will cleanup after us */
955 }
956 }
957
958 static void server_graceful_shutdown_maint (server *srv) {
959 connections *conns = srv->conns;
960 for (size_t ndx = 0; ndx < conns->used; ++ndx) {
961 connection * const con = conns->ptr[ndx];
962 int changed = 0;
963
964 if (con->state == CON_STATE_CLOSE) {
965 /* reduce remaining linger timeout to be
966 * (from zero) *up to* one more second, but no more */
967 if (HTTP_LINGER_TIMEOUT > 1)
968 con->close_timeout_ts -= (HTTP_LINGER_TIMEOUT - 1);
969 if (srv->cur_ts - con->close_timeout_ts > HTTP_LINGER_TIMEOUT)
970 changed = 1;
971 }
972 else if (con->state == CON_STATE_READ && con->request_count > 1
973 && chunkqueue_is_empty(con->read_queue)) {
974 /* close connections in keep-alive waiting for next request */
975 connection_set_state(srv, con, CON_STATE_ERROR);
976 changed = 1;
977 }
978
979 con->keep_alive = 0; /* disable keep-alive */
980
981 con->conf.kbytes_per_second = 0; /* disable rate limit */
982 con->conf.global_kbytes_per_second = 0; /* disable rate limit */
983 if (con->traffic_limit_reached) {
984 con->traffic_limit_reached = 0;
985 changed = 1;
986 }
987
988 if (changed) {
989 connection_state_machine(srv, con);
990 }
991 }
992 }
993
994 static void server_graceful_state (server *srv) {
995
996 if (!srv_shutdown) server_graceful_shutdown_maint(srv);
997
998 if (!oneshot_fd) {
999 if (0==srv->srv_sockets.used || -1 == srv->srv_sockets.ptr[0]->fde_ndx)
1000 return;
1001 }
1002
1003 log_error_write(srv, __FILE__, __LINE__, "s",
1004 "[note] graceful shutdown started");
1005
1006 /* no graceful restart if chroot()ed, if oneshot mode, or if idle timeout */
1007 if (!buffer_string_is_empty(srv->srvconf.changeroot)
1008 || oneshot_fd || 2 == graceful_shutdown)
1009 graceful_restart = 0;
1010
1011 if (graceful_restart) {
1012 server_sockets_unregister(srv);
1013 if (pid_fd > 0) pid_fd = -pid_fd; /*(flag to skip removing pid file)*/
1014 }
1015 else {
1016 server_sockets_close(srv);
1017 remove_pid_file(srv);
1018 buffer_reset(srv->srvconf.pid_file); /*(prevent more removal attempts)*/
1019 }
1020 }
1021
1022 static int server_main (server * const srv, int argc, char **argv) {
1023 int print_config = 0;
1024 int test_config = 0;
1025 int i_am_root = 0;
1026 int o;
1027 #ifdef HAVE_FORK
1028 int num_childs = 0;
1029 #endif
1030 size_t i;
1031 time_t idle_limit = 0, last_active_ts = time(NULL);
1032 #ifdef HAVE_SIGACTION
1033 struct sigaction act;
1034 #endif
1035
1036 #ifdef HAVE_FORK
1037 int parent_pipe_fd = -1;
1038 #endif
1039 int stdin_fd = -1;
1040
1041 #ifdef HAVE_GETUID
1042 i_am_root = (0 == getuid());
1043 #endif
1044
1045 /* initialize globals (including file-scoped static globals) */
1046 oneshot_fd = 0;
1047 srv_shutdown = 0;
1048 graceful_shutdown = 0;
1049 handle_sig_alarm = 1;
1050 handle_sig_hup = 0;
1051 chunkqueue_set_tempdirs_default_reset();
1052 http_auth_dumbdata_reset();
1053 http_vhostdb_dumbdata_reset();
1054 /*graceful_restart = 0;*//*(reset below to avoid further daemonizing)*/
1055 /*(intentionally preserved)*/
1056 /*memset(graceful_sockets, 0, sizeof(graceful_sockets));*/
1057 /*pid_fd = -1;*/
1058
1059 srv->srvconf.port = 0;
1060 srv->srvconf.dont_daemonize = 0;
1061 srv->srvconf.preflight_check = 0;
1062
1063 while(-1 != (o = getopt(argc, argv, "f:m:i:hvVD1pt"))) {
1064 switch(o) {
1065 case 'f':
1066 if (srv->config_storage) {
1067 log_error_write(srv, __FILE__, __LINE__, "s",
1068 "Can only read one config file. Use the include command to use multiple config files.");
1069 return -1;
1070 }
1071 if (config_read(srv, optarg)) {
1072 return -1;
1073 }
1074 break;
1075 case 'm':
1076 buffer_copy_string(srv->srvconf.modules_dir, optarg);
1077 break;
1078 case 'i': {
1079 char *endptr;
1080 long timeout = strtol(optarg, &endptr, 0);
1081 if (!*optarg || *endptr || timeout < 0) {
1082 log_error_write(srv, __FILE__, __LINE__, "ss",
1083 "Invalid idle timeout value:", optarg);
1084 return -1;
1085 }
1086 idle_limit = (time_t)timeout;
1087 break;
1088 }
1089 case 'p': print_config = 1; break;
1090 case 't': ++test_config; break;
1091 case '1': if (0 == oneshot_fd) oneshot_fd = dup(STDIN_FILENO);
1092 break;
1093 case 'D': srv->srvconf.dont_daemonize = 1; break;
1094 case 'v': show_version(); return 0;
1095 case 'V': show_features(); return 0;
1096 case 'h': show_help(); return 0;
1097 default:
1098 show_help();
1099 return -1;
1100 }
1101 }
1102
1103 if (!srv->config_storage) {
1104 log_error_write(srv, __FILE__, __LINE__, "s",
1105 "No configuration available. Try using -f option.");
1106 return -1;
1107 }
1108
1109 if (print_config) {
1110 data_unset *dc = srv->config_context->data[0];
1111 if (dc) {
1112 dc->print(dc, 0);
1113 fprintf(stdout, "\n");
1114 } else {
1115 /* shouldn't happend */
1116 fprintf(stderr, "global config not found\n");
1117 }
1118 }
1119
1120 if (test_config) {
1121 buffer_reset(srv->srvconf.pid_file);
1122 if (1 == test_config) {
1123 printf("Syntax OK\n");
1124 } else { /*(test_config > 1)*/
1125 test_config = 0;
1126 srv->srvconf.preflight_check = 1;
1127 srv->srvconf.dont_daemonize = 1;
1128 }
1129 }
1130
1131 if (test_config || print_config) {
1132 return 0;
1133 }
1134
1135 if (oneshot_fd) {
1136 if (oneshot_fd <= STDERR_FILENO) {
1137 log_error_write(srv, __FILE__, __LINE__, "s",
1138 "Invalid fds at startup with lighttpd -1");
1139 return -1;
1140 }
1141 graceful_shutdown = 1;
1142 srv->sockets_disabled = 1;
1143 srv->srvconf.dont_daemonize = 1;
1144 buffer_reset(srv->srvconf.pid_file);
1145 if (srv->srvconf.max_worker) {
1146 srv->srvconf.max_worker = 0;
1147 log_error_write(srv, __FILE__, __LINE__, "s",
1148 "server one-shot command line option disables server.max-worker config file option.");
1149 }
1150 }
1151
1152 if (buffer_is_equal_string(srv->srvconf.bindhost, CONST_STR_LEN("/dev/stdin"))) {
1153 stdin_fd = dup(STDIN_FILENO);
1154 if (stdin_fd <= STDERR_FILENO) {
1155 log_error_write(srv, __FILE__, __LINE__, "s",
1156 "Invalid fds at startup");
1157 return -1;
1158 }
1159 }
1160
1161 /* close stdin and stdout, as they are not needed */
1162 {
1163 struct stat st;
1164 int devnull;
1165 int errfd;
1166 do {
1167 /* coverity[overwrite_var : FALSE] */
1168 devnull = fdevent_open_devnull();
1169 #ifdef __COVERITY__
1170 __coverity_escape__(devnull);
1171 #endif
1172 } while (-1 != devnull && devnull <= STDERR_FILENO);
1173 if (-1 == devnull) {
1174 log_error_write(srv, __FILE__, __LINE__, "ss",
1175 "opening /dev/null failed:", strerror(errno));
1176 return -1;
1177 }
1178 errfd = (0 == fstat(STDERR_FILENO, &st)) ? -1 : devnull;
1179 if (0 != fdevent_set_stdin_stdout_stderr(devnull, devnull, errfd)) {
1180 log_error_write(srv, __FILE__, __LINE__, "ss",
1181 "setting default fds failed:", strerror(errno));
1182 #ifdef FD_CLOEXEC
1183 if (-1 != errfd) close(errfd);
1184 if (devnull != errfd) close(devnull);
1185 #endif
1186 return -1;
1187 }
1188 #ifdef FD_CLOEXEC
1189 if (-1 != errfd) close(errfd);
1190 if (devnull != errfd) close(devnull);
1191 #endif
1192 }
1193
1194 if (0 != config_set_defaults(srv)) {
1195 log_error_write(srv, __FILE__, __LINE__, "s",
1196 "setting default values failed");
1197 return -1;
1198 }
1199
1200 /* check document-root */
1201 if (buffer_string_is_empty(srv->config_storage[0]->document_root)) {
1202 log_error_write(srv, __FILE__, __LINE__, "s",
1203 "document-root is not set\n");
1204 return -1;
1205 }
1206
1207 if (plugins_load(srv)) {
1208 log_error_write(srv, __FILE__, __LINE__, "s",
1209 "loading plugins finally failed");
1210 return -1;
1211 }
1212
1213 if (HANDLER_GO_ON != plugins_call_init(srv)) {
1214 log_error_write(srv, __FILE__, __LINE__, "s", "Initialization of plugins failed. Going down.");
1215 return -1;
1216 }
1217
1218 /* open pid file BEFORE chroot */
1219 if (-2 == pid_fd) pid_fd = -1; /*(initial startup state)*/
1220 if (-1 == pid_fd && !buffer_string_is_empty(srv->srvconf.pid_file)) {
1221 if (-1 == (pid_fd = fdevent_open_cloexec(srv->srvconf.pid_file->ptr, O_WRONLY | O_CREAT | O_EXCL | O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH))) {
1222 struct stat st;
1223 if (errno != EEXIST) {
1224 log_error_write(srv, __FILE__, __LINE__, "sbs",
1225 "opening pid-file failed:", srv->srvconf.pid_file, strerror(errno));
1226 return -1;
1227 }
1228
1229 if (0 != stat(srv->srvconf.pid_file->ptr, &st)) {
1230 log_error_write(srv, __FILE__, __LINE__, "sbs",
1231 "stating existing pid-file failed:", srv->srvconf.pid_file, strerror(errno));
1232 }
1233
1234 if (!S_ISREG(st.st_mode)) {
1235 log_error_write(srv, __FILE__, __LINE__, "sb",
1236 "pid-file exists and isn't regular file:", srv->srvconf.pid_file);
1237 return -1;
1238 }
1239
1240 if (-1 == (pid_fd = fdevent_open_cloexec(srv->srvconf.pid_file->ptr, O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH))) {
1241 log_error_write(srv, __FILE__, __LINE__, "sbs",
1242 "opening pid-file failed:", srv->srvconf.pid_file, strerror(errno));
1243 return -1;
1244 }
1245 }
1246 }
1247
1248 if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
1249 /* select limits itself
1250 *
1251 * as it is a hard limit and will lead to a segfault we add some safety
1252 * */
1253 srv->max_fds = FD_SETSIZE - 200;
1254 } else {
1255 srv->max_fds = 4096;
1256 }
1257
1258 {
1259 #ifdef HAVE_GETRLIMIT
1260 struct rlimit rlim;
1261 int use_rlimit = 1;
1262 #ifdef HAVE_VALGRIND_VALGRIND_H
1263 if (RUNNING_ON_VALGRIND) use_rlimit = 0;
1264 #endif
1265
1266 if (0 != getrlimit(RLIMIT_NOFILE, &rlim)) {
1267 log_error_write(srv, __FILE__, __LINE__,
1268 "ss", "couldn't get 'max filedescriptors'",
1269 strerror(errno));
1270 return -1;
1271 }
1272
1273 /**
1274 * if we are not root can can't increase the fd-limit above rlim_max, but we can reduce it
1275 */
1276 if (use_rlimit && srv->srvconf.max_fds
1277 && (i_am_root || srv->srvconf.max_fds <= rlim.rlim_max)) {
1278 /* set rlimits */
1279
1280 rlim.rlim_cur = srv->srvconf.max_fds;
1281 if (i_am_root) rlim.rlim_max = srv->srvconf.max_fds;
1282
1283 if (0 != setrlimit(RLIMIT_NOFILE, &rlim)) {
1284 log_error_write(srv, __FILE__, __LINE__,
1285 "ss", "couldn't set 'max filedescriptors'",
1286 strerror(errno));
1287 return -1;
1288 }
1289 }
1290
1291 if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
1292 srv->max_fds = rlim.rlim_cur < (rlim_t)FD_SETSIZE - 200 ? (int)rlim.rlim_cur : (int)FD_SETSIZE - 200;
1293 } else {
1294 srv->max_fds = rlim.rlim_cur;
1295 /*(default upper limit of 4k if server.max-fds not specified)*/
1296 if (i_am_root && 0 == srv->srvconf.max_fds && rlim.rlim_cur > 4096)
1297 srv->max_fds = 4096;
1298 }
1299
1300 /* set core file rlimit, if enable_cores is set */
1301 if (use_rlimit && srv->srvconf.enable_cores && getrlimit(RLIMIT_CORE, &rlim) == 0) {
1302 rlim.rlim_cur = rlim.rlim_max;
1303 setrlimit(RLIMIT_CORE, &rlim);
1304 }
1305 #endif
1306 if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
1307 /* don't raise the limit above FD_SET_SIZE */
1308 if (srv->max_fds > ((int)FD_SETSIZE) - 200) {
1309 log_error_write(srv, __FILE__, __LINE__, "sd",
1310 "can't raise max filedescriptors above", FD_SETSIZE - 200,
1311 "if event-handler is 'select'. Use 'poll' or something else or reduce server.max-fds.");
1312 return -1;
1313 }
1314 }
1315 }
1316
1317 /* we need root-perms for port < 1024 */
1318 if (0 != network_init(srv, stdin_fd)) {
1319 return -1;
1320 }
1321
1322 if (i_am_root) {
1323 #ifdef HAVE_PWD_H
1324 /* set user and group */
1325 struct group *grp = NULL;
1326 struct passwd *pwd = NULL;
1327
1328 if (!buffer_string_is_empty(srv->srvconf.groupname)) {
1329 if (NULL == (grp = getgrnam(srv->srvconf.groupname->ptr))) {
1330 log_error_write(srv, __FILE__, __LINE__, "sb",
1331 "can't find groupname", srv->srvconf.groupname);
1332 return -1;
1333 }
1334 }
1335
1336 if (!buffer_string_is_empty(srv->srvconf.username)) {
1337 if (NULL == (pwd = getpwnam(srv->srvconf.username->ptr))) {
1338 log_error_write(srv, __FILE__, __LINE__, "sb",
1339 "can't find username", srv->srvconf.username);
1340 return -1;
1341 }
1342
1343 if (pwd->pw_uid == 0) {
1344 log_error_write(srv, __FILE__, __LINE__, "s",
1345 "I will not set uid to 0\n");
1346 return -1;
1347 }
1348
1349 if (NULL == grp && NULL == (grp = getgrgid(pwd->pw_gid))) {
1350 log_error_write(srv, __FILE__, __LINE__, "sd",
1351 "can't find group id", pwd->pw_gid);
1352 return -1;
1353 }
1354 }
1355
1356 if (NULL != grp) {
1357 if (grp->gr_gid == 0) {
1358 log_error_write(srv, __FILE__, __LINE__, "s",
1359 "I will not set gid to 0\n");
1360 return -1;
1361 }
1362 }
1363
1364 /*
1365 * Change group before chroot, when we have access
1366 * to /etc/group
1367 * */
1368 if (NULL != grp) {
1369 if (-1 == setgid(grp->gr_gid)) {
1370 log_error_write(srv, __FILE__, __LINE__, "ss", "setgid failed: ", strerror(errno));
1371 return -1;
1372 }
1373 if (-1 == setgroups(0, NULL)) {
1374 log_error_write(srv, __FILE__, __LINE__, "ss", "setgroups failed: ", strerror(errno));
1375 return -1;
1376 }
1377 if (!buffer_string_is_empty(srv->srvconf.username)) {
1378 initgroups(srv->srvconf.username->ptr, grp->gr_gid);
1379 }
1380 }
1381 #endif
1382 #ifdef HAVE_CHROOT
1383 if (!buffer_string_is_empty(srv->srvconf.changeroot)) {
1384 tzset();
1385
1386 if (-1 == chroot(srv->srvconf.changeroot->ptr)) {
1387 log_error_write(srv, __FILE__, __LINE__, "ss", "chroot failed: ", strerror(errno));
1388 return -1;
1389 }
1390 if (-1 == chdir("/")) {
1391 log_error_write(srv, __FILE__, __LINE__, "ss", "chdir failed: ", strerror(errno));
1392 return -1;
1393 }
1394 }
1395 #endif
1396 #ifdef HAVE_PWD_H
1397 /* drop root privs */
1398 if (NULL != pwd) {
1399 if (-1 == setuid(pwd->pw_uid)) {
1400 log_error_write(srv, __FILE__, __LINE__, "ss", "setuid failed: ", strerror(errno));
1401 return -1;
1402 }
1403 }
1404 #endif
1405 #if defined(HAVE_SYS_PRCTL_H) && defined(PR_SET_DUMPABLE)
1406 /**
1407 * on IRIX 6.5.30 they have prctl() but no DUMPABLE
1408 */
1409 if (srv->srvconf.enable_cores) {
1410 prctl(PR_SET_DUMPABLE, 1, 0, 0, 0);
1411 }
1412 #endif
1413 }
1414
1415 /* set max-conns */
1416 if (srv->srvconf.max_conns > srv->max_fds/2) {
1417 /* we can't have more connections than max-fds/2 */
1418 log_error_write(srv, __FILE__, __LINE__, "sdd", "can't have more connections than fds/2: ", srv->srvconf.max_conns, srv->max_fds);
1419 srv->max_conns = srv->max_fds/2;
1420 } else if (srv->srvconf.max_conns) {
1421 /* otherwise respect the wishes of the user */
1422 srv->max_conns = srv->srvconf.max_conns;
1423 } else {
1424 /* or use the default: we really don't want to hit max-fds */
1425 srv->max_conns = srv->max_fds/3;
1426 }
1427
1428 #ifdef HAVE_FORK
1429 /* network is up, let's daemonize ourself */
1430 if (0 == srv->srvconf.dont_daemonize && 0 == graceful_restart) {
1431 parent_pipe_fd = daemonize();
1432 }
1433 #endif
1434 graceful_restart = 0;/*(reset here after avoiding further daemonizing)*/
1435 graceful_shutdown= 0;
1436
1437
1438 #ifdef HAVE_SIGACTION
1439 memset(&act, 0, sizeof(act));
1440 act.sa_handler = SIG_IGN;
1441 sigaction(SIGPIPE, &act, NULL);
1442 # if defined(SA_SIGINFO)
1443 last_sighup_info.si_uid = 0,
1444 last_sighup_info.si_pid = 0;
1445 last_sigterm_info.si_uid = 0,
1446 last_sigterm_info.si_pid = 0;
1447 act.sa_sigaction = sigaction_handler;
1448 sigemptyset(&act.sa_mask);
1449 act.sa_flags = SA_SIGINFO;
1450 # else
1451 act.sa_handler = signal_handler;
1452 sigemptyset(&act.sa_mask);
1453 act.sa_flags = 0;
1454 # endif
1455 sigaction(SIGINT, &act, NULL);
1456 sigaction(SIGTERM, &act, NULL);
1457 sigaction(SIGHUP, &act, NULL);
1458 sigaction(SIGALRM, &act, NULL);
1459 sigaction(SIGUSR1, &act, NULL);
1460
1461 /* it should be safe to restart syscalls after SIGCHLD */
1462 act.sa_flags |= SA_RESTART | SA_NOCLDSTOP;
1463 sigaction(SIGCHLD, &act, NULL);
1464
1465 #elif defined(HAVE_SIGNAL)
1466 /* ignore the SIGPIPE from sendfile() */
1467 signal(SIGPIPE, SIG_IGN);
1468 signal(SIGALRM, signal_handler);
1469 signal(SIGTERM, signal_handler);
1470 signal(SIGHUP, signal_handler);
1471 signal(SIGCHLD, signal_handler);
1472 signal(SIGINT, signal_handler);
1473 signal(SIGUSR1, signal_handler);
1474 #endif
1475
1476
1477 srv->gid = getgid();
1478 srv->uid = getuid();
1479 srv->pid = getpid();
1480
1481 /* write pid file */
1482 if (pid_fd > 2) {
1483 buffer_copy_int(srv->tmp_buf, srv->pid);
1484 buffer_append_string_len(srv->tmp_buf, CONST_STR_LEN("\n"));
1485 if (-1 == write_all(pid_fd, CONST_BUF_LEN(srv->tmp_buf))) {
1486 log_error_write(srv, __FILE__, __LINE__, "ss", "Couldn't write pid file:", strerror(errno));
1487 close(pid_fd);
1488 pid_fd = -1;
1489 return -1;
1490 }
1491 } else if (pid_fd < -2) {
1492 pid_fd = -pid_fd;
1493 }
1494
1495 /* Close stderr ASAP in the child process to make sure that nothing
1496 * is being written to that fd which may not be valid anymore. */
1497 if (!srv->srvconf.preflight_check) {
1498 if (-1 == log_error_open(srv)) {
1499 log_error_write(srv, __FILE__, __LINE__, "s", "Opening errorlog failed. Going down.");
1500 return -1;
1501 }
1502 log_error_write(srv, __FILE__, __LINE__, "s", "server started (" PACKAGE_DESC ")");
1503 }
1504
1505 if (buffer_is_empty(srv->config_storage[0]->server_tag)) {
1506 buffer_copy_string_len(srv->config_storage[0]->server_tag, CONST_STR_LEN(PACKAGE_DESC));
1507 }
1508
1509 if (HANDLER_GO_ON != plugins_call_set_defaults(srv)) {
1510 log_error_write(srv, __FILE__, __LINE__, "s", "Configuration of plugins failed. Going down.");
1511 return -1;
1512 }
1513
1514 /* settings might be enabled during module config set defaults */
1515 srv->config_storage[0]->high_precision_timestamps = srv->srvconf.high_precision_timestamps;
1516
1517 /* dump unused config-keys */
1518 for (i = 0; i < srv->config_context->used; i++) {
1519 array *config = ((data_config *)srv->config_context->data[i])->value;
1520 size_t j;
1521
1522 for (j = 0; config && j < config->used; j++) {
1523 data_unset *du = config->data[j];
1524
1525 /* all var.* is known as user defined variable */
1526 if (strncmp(du->key->ptr, "var.", sizeof("var.") - 1) == 0) {
1527 continue;
1528 }
1529
1530 if (NULL == array_get_element_klen(srv->config_touched, CONST_BUF_LEN(du->key))) {
1531 log_error_write(srv, __FILE__, __LINE__, "sbs",
1532 "WARNING: unknown config-key:",
1533 du->key,
1534 "(ignored)");
1535 }
1536 }
1537 }
1538
1539 if (srv->config_unsupported) {
1540 log_error_write(srv, __FILE__, __LINE__, "s",
1541 "Configuration contains unsupported keys. Going down.");
1542 }
1543
1544 if (srv->config_deprecated) {
1545 log_error_write(srv, __FILE__, __LINE__, "s",
1546 "Configuration contains deprecated keys. Going down.");
1547 }
1548
1549 if (srv->config_unsupported || srv->config_deprecated) {
1550 return -1;
1551 }
1552
1553 if (srv->srvconf.preflight_check) {
1554 /*printf("Preflight OK");*//*(stdout reopened to /dev/null)*/
1555 return 0;
1556 }
1557
1558
1559 #ifdef HAVE_FORK
1560 /**
1561 * notify daemonize-grandparent of successful startup
1562 * do this before any further forking is done (workers)
1563 */
1564 if (0 == srv->srvconf.dont_daemonize && -1 != parent_pipe_fd) {
1565 if (0 > write(parent_pipe_fd, "", 1)) return -1;
1566 close(parent_pipe_fd);
1567 }
1568
1569 if (idle_limit && srv->srvconf.max_worker) {
1570 srv->srvconf.max_worker = 0;
1571 log_error_write(srv, __FILE__, __LINE__, "s",
1572 "server idle time limit command line option disables server.max-worker config file option.");
1573 }
1574
1575 /* start watcher and workers */
1576 num_childs = srv->srvconf.max_worker;
1577 if (num_childs > 0) {
1578 pid_t pids[num_childs];
1579 pid_t pid;
1580 const int npids = num_childs;
1581 int child = 0;
1582 unsigned int timer = 0;
1583 for (int n = 0; n < npids; ++n) pids[n] = -1;
1584 while (!child && !srv_shutdown && !graceful_shutdown) {
1585 if (num_childs > 0) {
1586 switch ((pid = fork())) {
1587 case -1:
1588 return -1;
1589 case 0:
1590 child = 1;
1591 alarm(0);
1592 break;
1593 default:
1594 num_childs--;
1595 for (int n = 0; n < npids; ++n) {
1596 if (-1 == pids[n]) {
1597 pids[n] = pid;
1598 break;
1599 }
1600 }
1601 break;
1602 }
1603 } else {
1604 int status;
1605
1606 if (-1 != (pid = wait(&status))) {
1607 srv->cur_ts = time(NULL);
1608 if (plugins_call_handle_waitpid(srv, pid, status) != HANDLER_GO_ON) {
1609 if (!timer) alarm((timer = 5));
1610 continue;
1611 }
1612 switch (fdevent_reaped_logger_pipe(pid)) {
1613 default: break;
1614 case -1: if (!timer) alarm((timer = 5));
1615 /* fall through */
1616 case 1: continue;
1617 }
1618 /**
1619 * check if one of our workers went away
1620 */
1621 for (int n = 0; n < npids; ++n) {
1622 if (pid == pids[n]) {
1623 pids[n] = -1;
1624 num_childs++;
1625 break;
1626 }
1627 }
1628 } else {
1629 switch (errno) {
1630 case EINTR:
1631 srv->cur_ts = time(NULL);
1632 /**
1633 * if we receive a SIGHUP we have to close our logs ourself as we don't
1634 * have the mainloop who can help us here
1635 */
1636 if (handle_sig_hup) {
1637 handle_sig_hup = 0;
1638
1639 log_error_cycle(srv);
1640
1641 /* forward SIGHUP to workers */
1642 for (int n = 0; n < npids; ++n) {
1643 if (pids[n] > 0) kill(pids[n], SIGHUP);
1644 }
1645 }
1646 if (handle_sig_alarm) {
1647 handle_sig_alarm = 0;
1648 timer = 0;
1649 plugins_call_handle_trigger(srv);
1650 fdevent_restart_logger_pipes(srv->cur_ts);
1651 }
1652 break;
1653 default:
1654 break;
1655 }
1656 }
1657 }
1658 }
1659
1660 /**
1661 * for the parent this is the exit-point
1662 */
1663 if (!child) {
1664 /**
1665 * kill all children too
1666 */
1667 if (graceful_shutdown || graceful_restart) {
1668 /* flag to ignore one SIGINT if graceful_restart */
1669 if (graceful_restart) graceful_restart = 2;
1670 kill(0, SIGINT);
1671 server_graceful_state(srv);
1672 } else if (srv_shutdown) {
1673 kill(0, SIGTERM);
1674 }
1675
1676 return 0;
1677 }
1678
1679 /* ignore SIGUSR1 in workers; only parent directs graceful restart */
1680 #ifdef HAVE_SIGACTION
1681 {
1682 struct sigaction actignore;
1683 memset(&actignore, 0, sizeof(actignore));
1684 actignore.sa_handler = SIG_IGN;
1685 sigaction(SIGUSR1, &actignore, NULL);
1686 }
1687 #elif defined(HAVE_SIGNAL)
1688 signal(SIGUSR1, SIG_IGN);
1689 #endif
1690
1691 /**
1692 * make sure workers do not muck with pid-file
1693 */
1694 if (0 <= pid_fd) {
1695 close(pid_fd);
1696 pid_fd = -1;
1697 }
1698 buffer_reset(srv->srvconf.pid_file);
1699
1700 fdevent_clr_logger_pipe_pids();
1701 srv->pid = getpid();
1702 li_rand_reseed();
1703 }
1704 #endif
1705
1706 if (NULL == (srv->ev = fdevent_init(srv, srv->max_fds + 1, srv->event_handler))) {
1707 log_error_write(srv, __FILE__, __LINE__,
1708 "s", "fdevent_init failed");
1709 return -1;
1710 }
1711
1712 /* libev backend overwrites our SIGCHLD handler and calls waitpid on SIGCHLD; we want our own SIGCHLD handling. */
1713 #ifdef HAVE_SIGACTION
1714 sigaction(SIGCHLD, &act, NULL);
1715 #elif defined(HAVE_SIGNAL)
1716 signal(SIGCHLD, signal_handler);
1717 #endif
1718
1719 /*
1720 * kqueue() is called here, select resets its internals,
1721 * all server sockets get their handlers
1722 *
1723 * */
1724 if (0 != network_register_fdevents(srv)) {
1725 return -1;
1726 }
1727
1728 /* might fail if user is using fam (not gamin) and famd isn't running */
1729 if (NULL == (srv->stat_cache = stat_cache_init(srv))) {
1730 log_error_write(srv, __FILE__, __LINE__, "s",
1731 "stat-cache could not be setup, dieing.");
1732 return -1;
1733 }
1734
1735 #ifdef USE_ALARM
1736 {
1737 /* setup periodic timer (1 second) */
1738 struct itimerval interval;
1739 interval.it_interval.tv_sec = 1;
1740 interval.it_interval.tv_usec = 0;
1741 interval.it_value.tv_sec = 1;
1742 interval.it_value.tv_usec = 0;
1743 if (setitimer(ITIMER_REAL, &interval, NULL)) {
1744 log_error_write(srv, __FILE__, __LINE__, "s", "setting timer failed");
1745 return -1;
1746 }
1747 }
1748 #endif
1749
1750
1751 /* get the current number of FDs */
1752 {
1753 int fd = fdevent_open_devnull();
1754 if (fd >= 0) {
1755 srv->cur_fds = fd;
1756 close(fd);
1757 }
1758 }
1759
1760 if (0 != server_sockets_set_nb_cloexec(srv)) {
1761 return -1;
1762 }
1763
1764 if (oneshot_fd && server_oneshot_init(srv, oneshot_fd)) {
1765 oneshot_fd = -1;
1766 }
1767
1768 /* main-loop */
1769 while (!srv_shutdown) {
1770 int n;
1771 size_t ndx;
1772 time_t min_ts;
1773
1774 if (handle_sig_hup) {
1775 handler_t r;
1776
1777 /* reset notification */
1778 handle_sig_hup = 0;
1779
1780
1781 /* cycle logfiles */
1782
1783 switch(r = plugins_call_handle_sighup(srv)) {
1784 case HANDLER_GO_ON:
1785 break;
1786 default:
1787 log_error_write(srv, __FILE__, __LINE__, "sd", "sighup-handler return with an error", r);
1788 break;
1789 }
1790
1791 if (-1 == log_error_cycle(srv)) {
1792 log_error_write(srv, __FILE__, __LINE__, "s", "cycling errorlog failed, dying");
1793
1794 return -1;
1795 } else {
1796 #ifdef HAVE_SIGACTION
1797 log_error_write(srv, __FILE__, __LINE__, "sdsd",
1798 "logfiles cycled UID =",
1799 last_sighup_info.si_uid,
1800 "PID =",
1801 last_sighup_info.si_pid);
1802 #else
1803 log_error_write(srv, __FILE__, __LINE__, "s",
1804 "logfiles cycled");
1805 #endif
1806 }
1807 }
1808
1809 if (handle_sig_alarm) {
1810 /* a new second */
1811
1812 #ifdef USE_ALARM
1813 /* reset notification */
1814 handle_sig_alarm = 0;
1815 #endif
1816
1817 /* get current time */
1818 min_ts = time(NULL);
1819
1820 if (min_ts != srv->cur_ts) {
1821 #ifdef DEBUG_CONNECTION_STATES
1822 int cs = 0;
1823 #endif
1824 connections *conns = srv->conns;
1825 handler_t r;
1826
1827 switch(r = plugins_call_handle_trigger(srv)) {
1828 case HANDLER_GO_ON:
1829 break;
1830 case HANDLER_ERROR:
1831 log_error_write(srv, __FILE__, __LINE__, "s", "one of the triggers failed");
1832 break;
1833 default:
1834 log_error_write(srv, __FILE__, __LINE__, "d", r);
1835 break;
1836 }
1837
1838 srv->cur_ts = min_ts;
1839
1840 /* check idle time limit, if enabled */
1841 if (idle_limit && idle_limit < min_ts - last_active_ts && !graceful_shutdown) {
1842 log_error_write(srv, __FILE__, __LINE__, "sDs", "[note] idle timeout", (int)idle_limit,
1843 "s exceeded, initiating graceful shutdown");
1844 graceful_shutdown = 2; /* value 2 indicates idle timeout */
1845 if (graceful_restart) {
1846 graceful_restart = 0;
1847 if (pid_fd < -2) pid_fd = -pid_fd;
1848 server_sockets_close(srv);
1849 }
1850 }
1851
1852 #ifdef HAVE_GETLOADAVG
1853 /* refresh loadavg data every 30 seconds */
1854 if (srv->srvconf.loadts + 30 < min_ts) {
1855 if (-1 != getloadavg(srv->srvconf.loadavg, 3)) {
1856 srv->srvconf.loadts = min_ts;
1857 }
1858 }
1859 #endif
1860
1861 /* cleanup stat-cache */
1862 stat_cache_trigger_cleanup(srv);
1863 /* reset global/aggregate rate limit counters */
1864 for (i = 0; i < srv->config_context->used; ++i) {
1865 srv->config_storage[i]->global_bytes_per_second_cnt = 0;
1866 }
1867 /* if graceful_shutdown, accelerate cleanup of recently completed request/responses */
1868 if (graceful_shutdown && !srv_shutdown) server_graceful_shutdown_maint(srv);
1869 /**
1870 * check all connections for timeouts
1871 *
1872 */
1873 for (ndx = 0; ndx < conns->used; ndx++) {
1874 connection * const con = conns->ptr[ndx];
1875 const int waitevents = fdevent_event_get_interest(srv->ev, con->fd);
1876 int changed = 0;
1877 int t_diff;
1878
1879 if (con->state == CON_STATE_CLOSE) {
1880 if (srv->cur_ts - con->close_timeout_ts > HTTP_LINGER_TIMEOUT) {
1881 changed = 1;
1882 }
1883 } else if (waitevents & FDEVENT_IN) {
1884 if (con->request_count == 1 || con->state != CON_STATE_READ) { /* e.g. CON_STATE_READ_POST || CON_STATE_WRITE */
1885 if (srv->cur_ts - con->read_idle_ts > con->conf.max_read_idle) {
1886 /* time - out */
1887 if (con->conf.log_request_handling) {
1888 log_error_write(srv, __FILE__, __LINE__, "sd",
1889 "connection closed - read timeout:", con->fd);
1890 }
1891
1892 connection_set_state(srv, con, CON_STATE_ERROR);
1893 changed = 1;
1894 }
1895 } else {
1896 if (srv->cur_ts - con->read_idle_ts > con->keep_alive_idle) {
1897 /* time - out */
1898 if (con->conf.log_request_handling) {
1899 log_error_write(srv, __FILE__, __LINE__, "sd",
1900 "connection closed - keep-alive timeout:", con->fd);
1901 }
1902
1903 connection_set_state(srv, con, CON_STATE_ERROR);
1904 changed = 1;
1905 }
1906 }
1907 }
1908
1909 /* max_write_idle timeout currently functions as backend timeout,
1910 * too, after response has been started.
1911 * future: have separate backend timeout, and then change this
1912 * to check for write interest before checking for timeout */
1913 /*if (waitevents & FDEVENT_OUT)*/
1914 if ((con->state == CON_STATE_WRITE) &&
1915 (con->write_request_ts != 0)) {
1916 #if 0
1917 if (srv->cur_ts - con->write_request_ts > 60) {
1918 log_error_write(srv, __FILE__, __LINE__, "sdd",
1919 "connection closed - pre-write-request-timeout:", con->fd, srv->cur_ts - con->write_request_ts);
1920 }
1921 #endif
1922
1923 if (srv->cur_ts - con->write_request_ts > con->conf.max_write_idle) {
1924 /* time - out */
1925 if (con->conf.log_timeouts) {
1926 log_error_write(srv, __FILE__, __LINE__, "sbsbsosds",
1927 "NOTE: a request from",
1928 con->dst_addr_buf,
1929 "for",
1930 con->request.uri,
1931 "timed out after writing",
1932 con->bytes_written,
1933 "bytes. We waited",
1934 (int)con->conf.max_write_idle,
1935 "seconds. If this a problem increase server.max-write-idle");
1936 }
1937 connection_set_state(srv, con, CON_STATE_ERROR);
1938 changed = 1;
1939 }
1940 }
1941
1942 /* we don't like div by zero */
1943 if (0 == (t_diff = srv->cur_ts - con->connection_start)) t_diff = 1;
1944
1945 if (con->traffic_limit_reached &&
1946 (con->conf.kbytes_per_second == 0 ||
1947 ((con->bytes_written / t_diff) < con->conf.kbytes_per_second * 1024))) {
1948 /* enable connection again */
1949 con->traffic_limit_reached = 0;
1950
1951 changed = 1;
1952 }
1953
1954 con->bytes_written_cur_second = 0;
1955
1956 if (changed) {
1957 connection_state_machine(srv, con);
1958 }
1959
1960 #if DEBUG_CONNECTION_STATES
1961 if (cs == 0) {
1962 fprintf(stderr, "connection-state: ");
1963 cs = 1;
1964 }
1965
1966 fprintf(stderr, "c[%d,%d]: %s ",
1967 con->fd,
1968 con->fcgi.fd,
1969 connection_get_state(con->state));
1970 #endif
1971 }
1972
1973 #ifdef DEBUG_CONNECTION_STATES
1974 if (cs == 1) fprintf(stderr, "\n");
1975 #endif
1976 }
1977 }
1978
1979 if (handle_sig_child) {
1980 pid_t pid;
1981 handle_sig_child = 0;
1982 do {
1983 int status;
1984 pid = waitpid(-1, &status, WNOHANG);
1985 if (pid > 0) {
1986 if (plugins_call_handle_waitpid(srv, pid, status) != HANDLER_GO_ON) {
1987 continue;
1988 }
1989 if (0 == srv->srvconf.max_worker) {
1990 /* check piped-loggers and restart, even if shutting down */
1991 if (fdevent_waitpid_logger_pipe_pid(pid, srv->cur_ts)) {
1992 continue;
1993 }
1994 }
1995 }
1996 } while (pid > 0 || (-1 == pid && errno == EINTR));
1997 }
1998
1999 if (graceful_shutdown) {
2000 server_graceful_state(srv);
2001 srv->sockets_disabled = 1;
2002 } else if (srv->sockets_disabled) {
2003 /* our server sockets are disabled, why ? */
2004
2005 if ((srv->cur_fds + srv->want_fds < srv->max_fds * 8 / 10) && /* we have enough unused fds */
2006 (srv->conns->used <= srv->max_conns * 9 / 10)) {
2007 server_sockets_set_event(srv, FDEVENT_IN);
2008 log_error_write(srv, __FILE__, __LINE__, "s", "[note] sockets enabled again");
2009
2010 srv->sockets_disabled = 0;
2011 }
2012 } else {
2013 if ((srv->cur_fds + srv->want_fds > srv->max_fds * 9 / 10) || /* out of fds */
2014 (srv->conns->used >= srv->max_conns)) { /* out of connections */
2015 /* disable server-fds */
2016 server_sockets_set_event(srv, 0);
2017
2018 if (srv->conns->used >= srv->max_conns) {
2019 log_error_write(srv, __FILE__, __LINE__, "s", "[note] sockets disabled, connection limit reached");
2020 } else {
2021 log_error_write(srv, __FILE__, __LINE__, "s", "[note] sockets disabled, out-of-fds");
2022 }
2023
2024 srv->sockets_disabled = 1;
2025 }
2026 }
2027
2028 if (graceful_shutdown && srv->conns->used == 0) {
2029 /* we are in graceful shutdown phase and all connections are closed
2030 * we are ready to terminate without harming anyone */
2031 srv_shutdown = 1;
2032 break;
2033 }
2034
2035 /* we still have some fds to share */
2036 if (srv->want_fds) {
2037 /* check the fdwaitqueue for waiting fds */
2038 int free_fds = srv->max_fds - srv->cur_fds - 16;
2039 connection *con;
2040
2041 for (; free_fds > 0 && NULL != (con = fdwaitqueue_unshift(srv, srv->fdwaitqueue)); free_fds--) {
2042 connection_state_machine(srv, con);
2043
2044 srv->want_fds--;
2045 }
2046 }
2047
2048 if ((n = fdevent_poll(srv->ev, 1000)) > 0) {
2049 /* n is the number of events */
2050 int fd;
2051 int revents;
2052 int fd_ndx;
2053 last_active_ts = srv->cur_ts;
2054 fd_ndx = -1;
2055 do {
2056 fdevent_handler handler;
2057 void *context;
2058
2059 fd_ndx = fdevent_event_next_fdndx (srv->ev, fd_ndx);
2060 if (-1 == fd_ndx) break; /* not all fdevent handlers know how many fds got an event */
2061
2062 revents = fdevent_event_get_revent (srv->ev, fd_ndx);
2063 fd = fdevent_event_get_fd (srv->ev, fd_ndx);
2064 handler = fdevent_get_handler(srv->ev, fd);
2065 context = fdevent_get_context(srv->ev, fd);
2066 if (NULL != handler) {
2067 (*handler)(srv, context, revents);
2068 }
2069 } while (--n > 0);
2070 } else if (n < 0 && errno != EINTR) {
2071 log_error_write(srv, __FILE__, __LINE__, "ss",
2072 "fdevent_poll failed:",
2073 strerror(errno));
2074 }
2075
2076 if (n >= 0) fdevent_sched_run(srv, srv->ev);
2077
2078 for (ndx = 0; ndx < srv->joblist->used; ndx++) {
2079 connection *con = srv->joblist->ptr[ndx];
2080 connection_state_machine(srv, con);
2081 }
2082
2083 srv->joblist->used = 0;
2084 }
2085
2086 if (graceful_shutdown || graceful_restart) {
2087 server_graceful_state(srv);
2088 }
2089
2090 if (2 == graceful_shutdown) { /* value 2 indicates idle timeout */
2091 log_error_write(srv, __FILE__, __LINE__, "s",
2092 "server stopped after idle timeout");
2093 } else {
2094 #ifdef HAVE_SIGACTION
2095 log_error_write(srv, __FILE__, __LINE__, "sdsd",
2096 "server stopped by UID =",
2097 last_sigterm_info.si_uid,
2098 "PID =",
2099 last_sigterm_info.si_pid);
2100 #else
2101 log_error_write(srv, __FILE__, __LINE__, "s",
2102 "server stopped");
2103 #endif
2104 }
2105
2106 return 0;
2107 }
2108
2109 int main (int argc, char **argv) {
2110 int rc;
2111
2112 #ifdef HAVE_GETUID
2113 #ifndef HAVE_ISSETUGID
2114 #define issetugid() (geteuid() != getuid() || getegid() != getgid())
2115 #endif
2116 if (0 != getuid() && issetugid()) { /*check as early as possible in main()*/
2117 fprintf(stderr,
2118 "Are you nuts ? Don't apply a SUID bit to this binary\n");
2119 return -1;
2120 }
2121 #endif
2122
2123 /* for nice %b handling in strftime() */
2124 setlocale(LC_TIME, "C");
2125
2126 do {
2127 server * const srv = server_init();
2128
2129 if (graceful_restart) {
2130 server_sockets_restore(srv);
2131 optind = 1;
2132 }
2133
2134 rc = server_main(srv, argc, argv);
2135
2136 /* clean-up */
2137 remove_pid_file(srv);
2138 log_error_close(srv);
2139 fdevent_close_logger_pipes();
2140 if (graceful_restart)
2141 server_sockets_save(srv);
2142 else
2143 network_close(srv);
2144 connections_free(srv);
2145 plugins_free(srv);
2146 server_free(srv);
2147
2148 if (0 != rc || !graceful_restart) break;
2149
2150 /* wait for all children to exit before graceful restart */
2151 while (waitpid(-1, NULL, 0) > 0) ;
2152 } while (graceful_restart);
2153
2154 return rc;
2155 }
A fast webserver with minimal memory-footprint (lighttpd)