12 #include "http_auth.h"
13 #include "http_chunk.h"
14 #include "http_vhostdb.h"
16 #include "connections.h"
17 #include "sock_addr.h"
18 #include "stat_cache.h"
21 #include "network_backends.h"
23 #ifdef HAVE_VERSIONSTAMP_H
24 # include "versionstamp.h"
26 # define REPO_VERSION ""
29 #define PACKAGE_DESC PACKAGE_NAME "/" PACKAGE_VERSION REPO_VERSION
31 #include <sys/types.h>
51 #ifdef HAVE_VALGRIND_VALGRIND_H
52 # include <valgrind/valgrind.h>
55 #ifdef HAVE_SYS_WAIT_H
56 # include <sys/wait.h>
68 #ifdef HAVE_SYS_RESOURCE_H
69 # include <sys/resource.h>
72 #ifdef HAVE_SYS_PRCTL_H
73 # include <sys/prctl.h>
76 #if defined HAVE_LIBSSL && defined HAVE_OPENSSL_SSL_H
78 #define TEXT_SSL " (ssl)"
84 /* IRIX doesn't like the alarm based time() optimization */
85 /* #define USE_ALARM */
88 static int oneshot_fd
= 0;
89 static volatile int pid_fd
= -2;
90 static server_socket_array graceful_sockets
;
91 static volatile sig_atomic_t graceful_restart
= 0;
92 static volatile sig_atomic_t graceful_shutdown
= 0;
93 static volatile sig_atomic_t srv_shutdown
= 0;
94 static volatile sig_atomic_t handle_sig_child
= 0;
95 static volatile sig_atomic_t handle_sig_alarm
= 1;
96 static volatile sig_atomic_t handle_sig_hup
= 0;
98 #if defined(HAVE_SIGACTION) && defined(SA_SIGINFO)
99 static volatile siginfo_t last_sigterm_info
;
100 static volatile siginfo_t last_sighup_info
;
102 static void sigaction_handler(int sig
, siginfo_t
*si
, void *context
) {
103 static const siginfo_t empty_siginfo
;
106 if (!si
) *(const siginfo_t
**)&si
= &empty_siginfo
;
111 last_sigterm_info
= *si
;
114 if (!graceful_shutdown
) {
115 graceful_restart
= 1;
116 graceful_shutdown
= 1;
117 last_sigterm_info
= *si
;
121 if (graceful_shutdown
) {
122 if (2 == graceful_restart
)
123 graceful_restart
= 1;
127 graceful_shutdown
= 1;
129 last_sigterm_info
= *si
;
133 handle_sig_alarm
= 1;
137 last_sighup_info
= *si
;
140 handle_sig_child
= 1;
144 #elif defined(HAVE_SIGNAL) || defined(HAVE_SIGACTION)
145 static void signal_handler(int sig
) {
147 case SIGTERM
: srv_shutdown
= 1; break;
149 if (!graceful_shutdown
) {
150 graceful_restart
= 1;
151 graceful_shutdown
= 1;
155 if (graceful_shutdown
) {
156 if (2 == graceful_restart
)
157 graceful_restart
= 1;
161 graceful_shutdown
= 1;
164 case SIGALRM
: handle_sig_alarm
= 1; break;
165 case SIGHUP
: handle_sig_hup
= 1; break;
166 case SIGCHLD
: handle_sig_child
= 1; break;
172 static int daemonize(void) {
176 signal(SIGTTOU
, SIG_IGN
);
179 signal(SIGTTIN
, SIG_IGN
);
182 signal(SIGTSTP
, SIG_IGN
);
185 if (pipe(pipefd
) < 0) exit(-1);
187 if (0 > (pid
= fork())) exit(-1);
194 /* parent waits for grandchild to be ready */
196 bytes
= read(pipefd
[0], &buf
, sizeof(buf
));
197 } while (bytes
< 0 && EINTR
== errno
);
201 /* closed fd (without writing) == failure in grandchild */
202 fputs("daemonized server failed to start; check error log for details\n", stderr
);
211 if (-1 == setsid()) exit(0);
213 signal(SIGHUP
, SIG_IGN
);
215 if (0 != fork()) exit(0);
217 if (0 != chdir("/")) exit(0);
219 fdevent_setfd_cloexec(pipefd
[1]);
224 static server
*server_init(void) {
226 server
*srv
= calloc(1, sizeof(*srv
));
229 srv->x = buffer_init();
231 CLEAN(response_header
);
232 CLEAN(parse_full_path
);
236 CLEAN(response_range
);
238 srv
->empty_string
= buffer_init_string("");
239 CLEAN(cond_check_buf
);
241 CLEAN(srvconf
.errorlog_file
);
242 CLEAN(srvconf
.breakagelog_file
);
243 CLEAN(srvconf
.groupname
);
244 CLEAN(srvconf
.username
);
245 CLEAN(srvconf
.changeroot
);
246 CLEAN(srvconf
.bindhost
);
247 CLEAN(srvconf
.event_handler
);
248 CLEAN(srvconf
.pid_file
);
249 CLEAN(srvconf
.syslog_facility
);
251 CLEAN(tmp_chunk_len
);
255 srv->x = array_init();
257 CLEAN(config_context
);
258 CLEAN(config_touched
);
262 for (i
= 0; i
< FILE_CACHE_MAX
; i
++) {
263 srv
->mtime_cache
[i
].mtime
= (time_t)-1;
264 srv
->mtime_cache
[i
].str
= buffer_init();
269 srv
->cur_ts
= time(NULL
);
270 srv
->startup_ts
= srv
->cur_ts
;
272 srv
->conns
= calloc(1, sizeof(*srv
->conns
));
273 force_assert(srv
->conns
);
275 srv
->joblist
= calloc(1, sizeof(*srv
->joblist
));
276 force_assert(srv
->joblist
);
278 srv
->fdwaitqueue
= calloc(1, sizeof(*srv
->fdwaitqueue
));
279 force_assert(srv
->fdwaitqueue
);
281 srv
->srvconf
.modules
= array_init();
282 srv
->srvconf
.modules_dir
= buffer_init_string(LIBRARY_DIR
);
283 srv
->srvconf
.network_backend
= buffer_init();
284 srv
->srvconf
.upload_tempdirs
= array_init();
285 srv
->srvconf
.reject_expect_100_with_417
= 1;
286 srv
->srvconf
.xattr_name
= buffer_init_string("Content-Type");
287 srv
->srvconf
.http_header_strict
= 1;
288 srv
->srvconf
.http_host_strict
= 1; /*(implies http_host_normalize)*/
289 srv
->srvconf
.http_host_normalize
= 0;
290 srv
->srvconf
.high_precision_timestamps
= 0;
291 srv
->srvconf
.max_request_field_size
= 8192;
292 srv
->srvconf
.loadavg
[0] = 0.0;
293 srv
->srvconf
.loadavg
[1] = 0.0;
294 srv
->srvconf
.loadavg
[2] = 0.0;
297 srv
->errorlog_fd
= STDERR_FILENO
;
298 srv
->errorlog_mode
= ERRORLOG_FD
;
300 srv
->split_vals
= array_init();
301 srv
->request_env
= plugins_call_handle_request_env
;
306 static void server_free(server
*srv
) {
309 for (i
= 0; i
< FILE_CACHE_MAX
; i
++) {
310 buffer_free(srv
->mtime_cache
[i
].str
);
313 if (oneshot_fd
> 0) {
320 CLEAN(response_header
);
321 CLEAN(parse_full_path
);
325 CLEAN(response_range
);
328 CLEAN(cond_check_buf
);
330 CLEAN(srvconf
.errorlog_file
);
331 CLEAN(srvconf
.breakagelog_file
);
332 CLEAN(srvconf
.groupname
);
333 CLEAN(srvconf
.username
);
334 CLEAN(srvconf
.changeroot
);
335 CLEAN(srvconf
.bindhost
);
336 CLEAN(srvconf
.event_handler
);
337 CLEAN(srvconf
.pid_file
);
338 CLEAN(srvconf
.modules_dir
);
339 CLEAN(srvconf
.network_backend
);
340 CLEAN(srvconf
.xattr_name
);
341 CLEAN(srvconf
.syslog_facility
);
343 CLEAN(tmp_chunk_len
);
347 fdevent_unregister(srv
->ev
, srv
->fd
);
349 fdevent_free(srv
->ev
);
353 if (srv
->config_storage
) {
354 for (i
= 0; i
< srv
->config_context
->used
; i
++) {
355 specific_config
*s
= srv
->config_storage
[i
];
359 buffer_free(s
->document_root
);
360 buffer_free(s
->server_name
);
361 buffer_free(s
->server_tag
);
362 buffer_free(s
->error_handler
);
363 buffer_free(s
->error_handler_404
);
364 buffer_free(s
->errorfile_prefix
);
365 buffer_free(s
->socket_perms
);
366 array_free(s
->mimetypes
);
369 free(srv
->config_storage
);
370 srv
->config_storage
= NULL
;
376 CLEAN(config_context
);
377 CLEAN(config_touched
);
379 CLEAN(srvconf
.upload_tempdirs
);
382 joblist_free(srv
, srv
->joblist
);
383 fdwaitqueue_free(srv
, srv
->fdwaitqueue
);
385 if (srv
->stat_cache
) {
386 stat_cache_free(srv
->stat_cache
);
389 array_free(srv
->srvconf
.modules
);
390 array_free(srv
->split_vals
);
397 static void remove_pid_file(server
*srv
) {
398 if (pid_fd
<= -2) return;
399 if (!buffer_string_is_empty(srv
->srvconf
.pid_file
) && 0 <= pid_fd
) {
400 if (0 != ftruncate(pid_fd
, 0)) {
401 log_error_write(srv
, __FILE__
, __LINE__
, "sbds",
402 "ftruncate failed for:",
403 srv
->srvconf
.pid_file
,
412 if (!buffer_string_is_empty(srv
->srvconf
.pid_file
) &&
413 buffer_string_is_empty(srv
->srvconf
.changeroot
)) {
414 if (0 != unlink(srv
->srvconf
.pid_file
->ptr
)) {
415 if (errno
!= EACCES
&& errno
!= EPERM
) {
416 log_error_write(srv
, __FILE__
, __LINE__
, "sbds",
417 "unlink failed for:",
418 srv
->srvconf
.pid_file
,
427 static server_socket
* server_oneshot_getsock(server
*srv
, sock_addr
*cnt_addr
) {
428 server_socket
*srv_socket
, *srv_socket_wild
= NULL
;
430 for (i
= 0; i
< srv
->srv_sockets
.used
; ++i
) {
431 srv_socket
= srv
->srv_sockets
.ptr
[i
];
432 if (!sock_addr_is_port_eq(&srv_socket
->addr
,cnt_addr
)) continue;
433 if (sock_addr_is_addr_eq(&srv_socket
->addr
,cnt_addr
)) return srv_socket
;
435 if (NULL
!= srv_socket_wild
) continue;
436 if (sock_addr_is_addr_wildcard(&srv_socket
->addr
)) {
437 srv_socket_wild
= srv_socket
;
441 if (NULL
!= srv_socket_wild
) {
442 return srv_socket_wild
;
443 } else if (srv
->srv_sockets
.used
) {
444 return srv
->srv_sockets
.ptr
[0];
446 log_error_write(srv
, __FILE__
, __LINE__
, "s", "no sockets configured");
452 static int server_oneshot_init(server
*srv
, int fd
) {
453 /* Note: does not work with netcat due to requirement that fd be socket.
454 * STDOUT_FILENO was not saved earlier in startup, and that is to where
455 * netcat expects output to be sent. Since lighttpd expects connections
456 * to be sockets, con->fd is where output is sent; separate fds are not
457 * stored for input and output, but netcat has different fds for stdin
458 * and * stdout. To support netcat, would additionally need to avoid
459 * S_ISSOCK(), getsockname(), and getpeername() below, reconstructing
460 * addresses from environment variables:
461 * NCAT_LOCAL_ADDR NCAT_LOCAL_PORT
462 * NCAT_REMOTE_ADDR NCAT_REMOTE_PORT
466 server_socket
*srv_socket
;
471 if (0 != fstat(fd
, &st
)) {
472 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "fstat:", strerror(errno
));
476 if (!S_ISSOCK(st
.st_mode
)) {
477 /* require that fd is a socket
478 * (modules might expect STDIN_FILENO and STDOUT_FILENO opened to /dev/null) */
479 log_error_write(srv
, __FILE__
, __LINE__
, "s", "lighttpd -1 stdin is not a socket");
483 cnt_len
= sizeof(cnt_addr
);
484 if (0 != getsockname(fd
, (struct sockaddr
*)&cnt_addr
, &cnt_len
)) {
485 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "getsockname:", strerror(errno
));
489 srv_socket
= server_oneshot_getsock(srv
, &cnt_addr
);
490 if (NULL
== srv_socket
) return 0;
492 cnt_len
= sizeof(cnt_addr
);
493 if (0 != getpeername(fd
, (struct sockaddr
*)&cnt_addr
, &cnt_len
)) {
494 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "getpeername:", strerror(errno
));
498 /*(must set flags; fd did not pass through fdevent accept() logic)*/
499 if (-1 == fdevent_fcntl_set_nb_cloexec(srv
->ev
, fd
)) {
500 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "fcntl:", strerror(errno
));
504 if (sock_addr_get_family(&cnt_addr
) != AF_UNIX
) {
505 network_accept_tcp_nagle_disable(fd
);
508 con
= connection_accepted(srv
, srv_socket
, &cnt_addr
, fd
);
509 if (NULL
== con
) return 0;
511 connection_state_machine(srv
, con
);
516 static void show_version (void) {
517 char *b
= PACKAGE_DESC TEXT_SSL \
518 " - a light and fast webserver\n"
519 #ifdef NONREPRODUCIBLE_BUILD
520 "Build-Date: " __DATE__
" " __TIME__
"\n";
523 write_all(STDOUT_FILENO
, b
, strlen(b
));
526 static void show_features (void) {
527 const char features
[] = ""
529 "\t+ select (generic)\n"
531 "\t- select (generic)\n"
538 #ifdef USE_LINUX_EPOLL
539 "\t+ epoll (Linux 2.6)\n"
541 "\t- epoll (Linux 2.6)\n"
543 #ifdef USE_SOLARIS_DEVPOLL
544 "\t+ /dev/poll (Solaris)\n"
546 "\t- /dev/poll (Solaris)\n"
548 #ifdef USE_SOLARIS_PORT
549 "\t+ eventports (Solaris)\n"
551 "\t- eventports (Solaris)\n"
553 #ifdef USE_FREEBSD_KQUEUE
554 "\t+ kqueue (FreeBSD)\n"
556 "\t- kqueue (FreeBSD)\n"
559 "\t+ libev (generic)\n"
561 "\t- libev (generic)\n"
563 "\nNetwork handler:\n\n"
564 #if defined USE_LINUX_SENDFILE
565 "\t+ linux-sendfile\n"
567 "\t- linux-sendfile\n"
569 #if defined USE_FREEBSD_SENDFILE
570 "\t+ freebsd-sendfile\n"
572 "\t- freebsd-sendfile\n"
574 #if defined USE_DARWIN_SENDFILE
575 "\t+ darwin-sendfile\n"
577 "\t- darwin-sendfile\n"
579 #if defined USE_SOLARIS_SENDFILEV
580 "\t+ solaris-sendfilev\n"
582 "\t- solaris-sendfilev\n"
584 #if defined USE_WRITEV
601 #if defined HAVE_ZLIB_H && defined HAVE_LIBZ
606 #if defined HAVE_BZLIB_H && defined HAVE_LIBBZ2
607 "\t+ bzip2 support\n"
609 "\t- bzip2 support\n"
611 #if defined(HAVE_CRYPT) || defined(HAVE_CRYPT_R) || defined(HAVE_LIBCRYPT)
612 "\t+ crypt support\n"
614 "\t- crypt support\n"
627 "\t+ MySQL support\n"
629 "\t- MySQL support\n"
632 "\t+ PgSQL support\n"
634 "\t- PgSQL support\n"
642 "\t+ Kerberos support\n"
644 "\t- Kerberos support\n"
646 #if defined(HAVE_LDAP_H) && defined(HAVE_LBER_H) && defined(HAVE_LIBLDAP) && defined(HAVE_LIBLBER)
652 "\t+ memcached support\n"
654 "\t- memcached support\n"
671 #ifdef HAVE_SQLITE3_H
672 "\t+ SQLite support\n"
674 "\t- SQLite support\n"
683 printf("\nEvent Handlers:\n\n%s", features
);
686 static void show_help (void) {
687 char *b
= PACKAGE_DESC TEXT_SSL
688 #ifdef NONREPRODUCIBLE_BUILD
689 " ("__DATE__
" " __TIME__
")"
691 " - a light and fast webserver\n" \
693 " -f <name> filename of the config-file\n" \
694 " -m <name> module directory (default: "LIBRARY_DIR
")\n" \
695 " -i <secs> graceful shutdown after <secs> of inactivity\n" \
696 " -1 process single (one) request on stdin socket, then exit\n" \
697 " -p print the parsed config-file in internal form, and exit\n" \
698 " -t test config-file syntax, then exit\n" \
699 " -tt test config-file syntax, load and init modules, then exit\n" \
700 " -D don't go to background (default: go to background)\n" \
701 " -v show version\n" \
702 " -V show compile-time features\n" \
703 " -h show this help\n" \
706 write_all(STDOUT_FILENO
, b
, strlen(b
));
712 * we have 4 possibilities:
720 static int log_error_open(server
*srv
) {
723 /* perhaps someone wants to use syslog() */
725 if (!buffer_string_is_empty(srv
->srvconf
.syslog_facility
)) {
726 static const struct facility_name_st
{
729 } facility_names
[] = {
732 ,{ "authpriv", LOG_AUTHPRIV
}
735 ,{ "cron", LOG_CRON
}
737 ,{ "daemon", LOG_DAEMON
}
742 ,{ "kern", LOG_KERN
}
748 ,{ "mail", LOG_MAIL
}
751 ,{ "news", LOG_NEWS
}
753 ,{ "security", LOG_AUTH
} /* DEPRECATED */
755 ,{ "syslog", LOG_SYSLOG
}
758 ,{ "user", LOG_USER
}
761 ,{ "uucp", LOG_UUCP
}
763 ,{ "local0", LOG_LOCAL0
}
764 ,{ "local1", LOG_LOCAL1
}
765 ,{ "local2", LOG_LOCAL2
}
766 ,{ "local3", LOG_LOCAL3
}
767 ,{ "local4", LOG_LOCAL4
}
768 ,{ "local5", LOG_LOCAL5
}
769 ,{ "local6", LOG_LOCAL6
}
770 ,{ "local7", LOG_LOCAL7
}
773 for (i
= 0; i
< sizeof(facility_names
)/sizeof(facility_names
[0]); ++i
) {
774 const struct facility_name_st
*f
= facility_names
+i
;
775 if (0 == strcmp(srv
->srvconf
.syslog_facility
->ptr
, f
->name
)) {
780 if (-1 == facility
) {
781 log_error_write(srv
, __FILE__
, __LINE__
, "SBS",
782 "unrecognized server.syslog-facility: \"",
783 srv
->srvconf
.syslog_facility
,
784 "\"; defaulting to \"daemon\" facility");
787 openlog("lighttpd", LOG_CONS
|LOG_PID
, -1==facility
? LOG_DAEMON
: facility
);
790 srv
->errorlog_mode
= ERRORLOG_FD
;
791 srv
->errorlog_fd
= STDERR_FILENO
;
793 if (srv
->srvconf
.errorlog_use_syslog
) {
794 srv
->errorlog_mode
= ERRORLOG_SYSLOG
;
796 else if (!buffer_string_is_empty(srv
->srvconf
.errorlog_file
)) {
797 const char *logfile
= srv
->srvconf
.errorlog_file
->ptr
;
799 if (-1 == (srv
->errorlog_fd
= fdevent_open_logger(logfile
))) {
800 log_error_write(srv
, __FILE__
, __LINE__
, "SSSS",
801 "opening errorlog '", logfile
,
802 "' failed: ", strerror(errno
));
805 srv
->errorlog_mode
= logfile
[0] == '|' ? ERRORLOG_PIPE
: ERRORLOG_FILE
;
808 if (srv
->errorlog_mode
== ERRORLOG_FD
&& !srv
->srvconf
.dont_daemonize
) {
809 /* We can only log to stderr in dont-daemonize mode;
810 * if we do daemonize and no errorlog file is specified,
811 * we log into /dev/null
813 srv
->errorlog_fd
= -1;
816 if (!buffer_string_is_empty(srv
->srvconf
.breakagelog_file
)) {
817 const char *logfile
= srv
->srvconf
.breakagelog_file
->ptr
;
819 if (srv
->errorlog_mode
== ERRORLOG_FD
) {
820 srv
->errorlog_fd
= dup(STDERR_FILENO
);
821 fdevent_setfd_cloexec(srv
->errorlog_fd
);
824 if (-1 == (errfd
= fdevent_open_logger(logfile
))) {
825 log_error_write(srv
, __FILE__
, __LINE__
, "SSSS",
826 "opening errorlog '", logfile
,
827 "' failed: ", strerror(errno
));
831 if (*logfile
== '|') fdevent_breakagelog_logger_pipe(errfd
);
833 else if (!srv
->srvconf
.dont_daemonize
) {
834 /* move STDERR_FILENO to /dev/null */
835 if (-1 == (errfd
= fdevent_open_devnull())) {
836 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
837 "opening /dev/null failed:", strerror(errno
));
842 /*(leave STDERR_FILENO as-is)*/
846 if (0 != fdevent_set_stdin_stdout_stderr(-1, -1, errfd
)) {
847 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
848 "setting stderr failed:", strerror(errno
));
850 if (-1 != errfd
) close(errfd
);
855 if (-1 != errfd
) close(errfd
);
866 static int log_error_cycle(server
*srv
) {
867 /* cycle only if the error log is a file */
869 if (srv
->errorlog_mode
== ERRORLOG_FILE
) {
870 const char *logfile
= srv
->srvconf
.errorlog_file
->ptr
;
871 if (-1 == fdevent_cycle_logger(logfile
, &srv
->errorlog_fd
)) {
872 /* write to old log */
873 log_error_write(srv
, __FILE__
, __LINE__
, "SSSS",
874 "cycling errorlog '", logfile
,
875 "' failed: ", strerror(errno
));
882 static int log_error_close(server
*srv
) {
883 switch(srv
->errorlog_mode
) {
887 if (-1 != srv
->errorlog_fd
) {
888 /* don't close STDERR */
889 /* fdevent_close_logger_pipes() closes ERRORLOG_PIPE */
890 if (STDERR_FILENO
!= srv
->errorlog_fd
891 && srv
->errorlog_mode
!= ERRORLOG_PIPE
) {
892 close(srv
->errorlog_fd
);
894 srv
->errorlog_fd
= -1;
897 case ERRORLOG_SYSLOG
:
907 static void server_sockets_save (server
*srv
) { /* graceful_restart */
908 memcpy(&graceful_sockets
, &srv
->srv_sockets
, sizeof(server_socket_array
));
909 memset(&srv
->srv_sockets
, 0, sizeof(server_socket_array
));
912 static void server_sockets_restore (server
*srv
) { /* graceful_restart */
913 memcpy(&srv
->srv_sockets
, &graceful_sockets
, sizeof(server_socket_array
));
914 memset(&graceful_sockets
, 0, sizeof(server_socket_array
));
917 static int server_sockets_set_nb_cloexec (server
*srv
) {
918 if (srv
->sockets_disabled
) return 0; /* lighttpd -1 (one-shot mode) */
919 for (size_t i
= 0; i
< srv
->srv_sockets
.used
; ++i
) {
920 server_socket
*srv_socket
= srv
->srv_sockets
.ptr
[i
];
921 if (-1 == fdevent_fcntl_set_nb_cloexec_sock(srv
->ev
, srv_socket
->fd
)) {
922 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
923 "fcntl failed:", strerror(errno
));
930 static void server_sockets_set_event (server
*srv
, int event
) {
931 for (size_t i
= 0; i
< srv
->srv_sockets
.used
; ++i
) {
932 server_socket
*srv_socket
= srv
->srv_sockets
.ptr
[i
];
933 fdevent_event_set(srv
->ev
,&(srv_socket
->fde_ndx
),srv_socket
->fd
,event
);
937 static void server_sockets_unregister (server
*srv
) {
938 for (size_t i
= 0; i
< srv
->srv_sockets
.used
; ++i
)
939 network_unregister_sock(srv
, srv
->srv_sockets
.ptr
[i
]);
942 static void server_sockets_close (server
*srv
) {
943 /* closing socket right away will make it possible for the next lighttpd
944 * to take over (old-style graceful restart), but only if backends
945 * (e.g. fastcgi, scgi, etc) are independent from lighttpd, rather
946 * than started by lighttpd via "bin-path")
948 for (size_t i
= 0; i
< srv
->srv_sockets
.used
; ++i
) {
949 server_socket
*srv_socket
= srv
->srv_sockets
.ptr
[i
];
950 if (-1 == srv_socket
->fd
) continue;
951 network_unregister_sock(srv
, srv_socket
);
952 close(srv_socket
->fd
);
954 /* network_close() will cleanup after us */
958 static void server_graceful_shutdown_maint (server
*srv
) {
959 connections
*conns
= srv
->conns
;
960 for (size_t ndx
= 0; ndx
< conns
->used
; ++ndx
) {
961 connection
* const con
= conns
->ptr
[ndx
];
964 if (con
->state
== CON_STATE_CLOSE
) {
965 /* reduce remaining linger timeout to be
966 * (from zero) *up to* one more second, but no more */
967 if (HTTP_LINGER_TIMEOUT
> 1)
968 con
->close_timeout_ts
-= (HTTP_LINGER_TIMEOUT
- 1);
969 if (srv
->cur_ts
- con
->close_timeout_ts
> HTTP_LINGER_TIMEOUT
)
972 else if (con
->state
== CON_STATE_READ
&& con
->request_count
> 1
973 && chunkqueue_is_empty(con
->read_queue
)) {
974 /* close connections in keep-alive waiting for next request */
975 connection_set_state(srv
, con
, CON_STATE_ERROR
);
979 con
->keep_alive
= 0; /* disable keep-alive */
981 con
->conf
.kbytes_per_second
= 0; /* disable rate limit */
982 con
->conf
.global_kbytes_per_second
= 0; /* disable rate limit */
983 if (con
->traffic_limit_reached
) {
984 con
->traffic_limit_reached
= 0;
989 connection_state_machine(srv
, con
);
994 static void server_graceful_state (server
*srv
) {
996 if (!srv_shutdown
) server_graceful_shutdown_maint(srv
);
999 if (0==srv
->srv_sockets
.used
|| -1 == srv
->srv_sockets
.ptr
[0]->fde_ndx
)
1003 log_error_write(srv
, __FILE__
, __LINE__
, "s",
1004 "[note] graceful shutdown started");
1006 /* no graceful restart if chroot()ed, if oneshot mode, or if idle timeout */
1007 if (!buffer_string_is_empty(srv
->srvconf
.changeroot
)
1008 || oneshot_fd
|| 2 == graceful_shutdown
)
1009 graceful_restart
= 0;
1011 if (graceful_restart
) {
1012 server_sockets_unregister(srv
);
1013 if (pid_fd
> 0) pid_fd
= -pid_fd
; /*(flag to skip removing pid file)*/
1016 server_sockets_close(srv
);
1017 remove_pid_file(srv
);
1018 buffer_reset(srv
->srvconf
.pid_file
); /*(prevent more removal attempts)*/
1022 static int server_main (server
* const srv
, int argc
, char **argv
) {
1023 int print_config
= 0;
1024 int test_config
= 0;
1031 time_t idle_limit
= 0, last_active_ts
= time(NULL
);
1032 #ifdef HAVE_SIGACTION
1033 struct sigaction act
;
1037 int parent_pipe_fd
= -1;
1042 i_am_root
= (0 == getuid());
1045 /* initialize globals (including file-scoped static globals) */
1048 graceful_shutdown
= 0;
1049 handle_sig_alarm
= 1;
1051 chunkqueue_set_tempdirs_default_reset();
1052 http_auth_dumbdata_reset();
1053 http_vhostdb_dumbdata_reset();
1054 /*graceful_restart = 0;*//*(reset below to avoid further daemonizing)*/
1055 /*(intentionally preserved)*/
1056 /*memset(graceful_sockets, 0, sizeof(graceful_sockets));*/
1059 srv
->srvconf
.port
= 0;
1060 srv
->srvconf
.dont_daemonize
= 0;
1061 srv
->srvconf
.preflight_check
= 0;
1063 while(-1 != (o
= getopt(argc
, argv
, "f:m:i:hvVD1pt"))) {
1066 if (srv
->config_storage
) {
1067 log_error_write(srv
, __FILE__
, __LINE__
, "s",
1068 "Can only read one config file. Use the include command to use multiple config files.");
1071 if (config_read(srv
, optarg
)) {
1076 buffer_copy_string(srv
->srvconf
.modules_dir
, optarg
);
1080 long timeout
= strtol(optarg
, &endptr
, 0);
1081 if (!*optarg
|| *endptr
|| timeout
< 0) {
1082 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
1083 "Invalid idle timeout value:", optarg
);
1086 idle_limit
= (time_t)timeout
;
1089 case 'p': print_config
= 1; break;
1090 case 't': ++test_config
; break;
1091 case '1': if (0 == oneshot_fd
) oneshot_fd
= dup(STDIN_FILENO
);
1093 case 'D': srv
->srvconf
.dont_daemonize
= 1; break;
1094 case 'v': show_version(); return 0;
1095 case 'V': show_features(); return 0;
1096 case 'h': show_help(); return 0;
1103 if (!srv
->config_storage
) {
1104 log_error_write(srv
, __FILE__
, __LINE__
, "s",
1105 "No configuration available. Try using -f option.");
1110 data_unset
*dc
= srv
->config_context
->data
[0];
1113 fprintf(stdout
, "\n");
1115 /* shouldn't happend */
1116 fprintf(stderr
, "global config not found\n");
1121 buffer_reset(srv
->srvconf
.pid_file
);
1122 if (1 == test_config
) {
1123 printf("Syntax OK\n");
1124 } else { /*(test_config > 1)*/
1126 srv
->srvconf
.preflight_check
= 1;
1127 srv
->srvconf
.dont_daemonize
= 1;
1131 if (test_config
|| print_config
) {
1136 if (oneshot_fd
<= STDERR_FILENO
) {
1137 log_error_write(srv
, __FILE__
, __LINE__
, "s",
1138 "Invalid fds at startup with lighttpd -1");
1141 graceful_shutdown
= 1;
1142 srv
->sockets_disabled
= 1;
1143 srv
->srvconf
.dont_daemonize
= 1;
1144 buffer_reset(srv
->srvconf
.pid_file
);
1145 if (srv
->srvconf
.max_worker
) {
1146 srv
->srvconf
.max_worker
= 0;
1147 log_error_write(srv
, __FILE__
, __LINE__
, "s",
1148 "server one-shot command line option disables server.max-worker config file option.");
1152 if (buffer_is_equal_string(srv
->srvconf
.bindhost
, CONST_STR_LEN("/dev/stdin"))) {
1153 stdin_fd
= dup(STDIN_FILENO
);
1154 if (stdin_fd
<= STDERR_FILENO
) {
1155 log_error_write(srv
, __FILE__
, __LINE__
, "s",
1156 "Invalid fds at startup");
1161 /* close stdin and stdout, as they are not needed */
1167 /* coverity[overwrite_var : FALSE] */
1168 devnull
= fdevent_open_devnull();
1170 __coverity_escape__(devnull
);
1172 } while (-1 != devnull
&& devnull
<= STDERR_FILENO
);
1173 if (-1 == devnull
) {
1174 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
1175 "opening /dev/null failed:", strerror(errno
));
1178 errfd
= (0 == fstat(STDERR_FILENO
, &st
)) ? -1 : devnull
;
1179 if (0 != fdevent_set_stdin_stdout_stderr(devnull
, devnull
, errfd
)) {
1180 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
1181 "setting default fds failed:", strerror(errno
));
1183 if (-1 != errfd
) close(errfd
);
1184 if (devnull
!= errfd
) close(devnull
);
1189 if (-1 != errfd
) close(errfd
);
1190 if (devnull
!= errfd
) close(devnull
);
1194 if (0 != config_set_defaults(srv
)) {
1195 log_error_write(srv
, __FILE__
, __LINE__
, "s",
1196 "setting default values failed");
1200 /* check document-root */
1201 if (buffer_string_is_empty(srv
->config_storage
[0]->document_root
)) {
1202 log_error_write(srv
, __FILE__
, __LINE__
, "s",
1203 "document-root is not set\n");
1207 if (plugins_load(srv
)) {
1208 log_error_write(srv
, __FILE__
, __LINE__
, "s",
1209 "loading plugins finally failed");
1213 if (HANDLER_GO_ON
!= plugins_call_init(srv
)) {
1214 log_error_write(srv
, __FILE__
, __LINE__
, "s", "Initialization of plugins failed. Going down.");
1218 /* open pid file BEFORE chroot */
1219 if (-2 == pid_fd
) pid_fd
= -1; /*(initial startup state)*/
1220 if (-1 == pid_fd
&& !buffer_string_is_empty(srv
->srvconf
.pid_file
)) {
1221 if (-1 == (pid_fd
= fdevent_open_cloexec(srv
->srvconf
.pid_file
->ptr
, O_WRONLY
| O_CREAT
| O_EXCL
| O_TRUNC
, S_IRUSR
| S_IWUSR
| S_IRGRP
| S_IROTH
))) {
1223 if (errno
!= EEXIST
) {
1224 log_error_write(srv
, __FILE__
, __LINE__
, "sbs",
1225 "opening pid-file failed:", srv
->srvconf
.pid_file
, strerror(errno
));
1229 if (0 != stat(srv
->srvconf
.pid_file
->ptr
, &st
)) {
1230 log_error_write(srv
, __FILE__
, __LINE__
, "sbs",
1231 "stating existing pid-file failed:", srv
->srvconf
.pid_file
, strerror(errno
));
1234 if (!S_ISREG(st
.st_mode
)) {
1235 log_error_write(srv
, __FILE__
, __LINE__
, "sb",
1236 "pid-file exists and isn't regular file:", srv
->srvconf
.pid_file
);
1240 if (-1 == (pid_fd
= fdevent_open_cloexec(srv
->srvconf
.pid_file
->ptr
, O_WRONLY
| O_CREAT
| O_TRUNC
, S_IRUSR
| S_IWUSR
| S_IRGRP
| S_IROTH
))) {
1241 log_error_write(srv
, __FILE__
, __LINE__
, "sbs",
1242 "opening pid-file failed:", srv
->srvconf
.pid_file
, strerror(errno
));
1248 if (srv
->event_handler
== FDEVENT_HANDLER_SELECT
) {
1249 /* select limits itself
1251 * as it is a hard limit and will lead to a segfault we add some safety
1253 srv
->max_fds
= FD_SETSIZE
- 200;
1255 srv
->max_fds
= 4096;
1259 #ifdef HAVE_GETRLIMIT
1262 #ifdef HAVE_VALGRIND_VALGRIND_H
1263 if (RUNNING_ON_VALGRIND
) use_rlimit
= 0;
1266 if (0 != getrlimit(RLIMIT_NOFILE
, &rlim
)) {
1267 log_error_write(srv
, __FILE__
, __LINE__
,
1268 "ss", "couldn't get 'max filedescriptors'",
1274 * if we are not root can can't increase the fd-limit above rlim_max, but we can reduce it
1276 if (use_rlimit
&& srv
->srvconf
.max_fds
1277 && (i_am_root
|| srv
->srvconf
.max_fds
<= rlim
.rlim_max
)) {
1280 rlim
.rlim_cur
= srv
->srvconf
.max_fds
;
1281 if (i_am_root
) rlim
.rlim_max
= srv
->srvconf
.max_fds
;
1283 if (0 != setrlimit(RLIMIT_NOFILE
, &rlim
)) {
1284 log_error_write(srv
, __FILE__
, __LINE__
,
1285 "ss", "couldn't set 'max filedescriptors'",
1291 if (srv
->event_handler
== FDEVENT_HANDLER_SELECT
) {
1292 srv
->max_fds
= rlim
.rlim_cur
< (rlim_t
)FD_SETSIZE
- 200 ? (int)rlim
.rlim_cur
: (int)FD_SETSIZE
- 200;
1294 srv
->max_fds
= rlim
.rlim_cur
;
1295 /*(default upper limit of 4k if server.max-fds not specified)*/
1296 if (i_am_root
&& 0 == srv
->srvconf
.max_fds
&& rlim
.rlim_cur
> 4096)
1297 srv
->max_fds
= 4096;
1300 /* set core file rlimit, if enable_cores is set */
1301 if (use_rlimit
&& srv
->srvconf
.enable_cores
&& getrlimit(RLIMIT_CORE
, &rlim
) == 0) {
1302 rlim
.rlim_cur
= rlim
.rlim_max
;
1303 setrlimit(RLIMIT_CORE
, &rlim
);
1306 if (srv
->event_handler
== FDEVENT_HANDLER_SELECT
) {
1307 /* don't raise the limit above FD_SET_SIZE */
1308 if (srv
->max_fds
> ((int)FD_SETSIZE
) - 200) {
1309 log_error_write(srv
, __FILE__
, __LINE__
, "sd",
1310 "can't raise max filedescriptors above", FD_SETSIZE
- 200,
1311 "if event-handler is 'select'. Use 'poll' or something else or reduce server.max-fds.");
1317 /* we need root-perms for port < 1024 */
1318 if (0 != network_init(srv
, stdin_fd
)) {
1324 /* set user and group */
1325 struct group
*grp
= NULL
;
1326 struct passwd
*pwd
= NULL
;
1328 if (!buffer_string_is_empty(srv
->srvconf
.groupname
)) {
1329 if (NULL
== (grp
= getgrnam(srv
->srvconf
.groupname
->ptr
))) {
1330 log_error_write(srv
, __FILE__
, __LINE__
, "sb",
1331 "can't find groupname", srv
->srvconf
.groupname
);
1336 if (!buffer_string_is_empty(srv
->srvconf
.username
)) {
1337 if (NULL
== (pwd
= getpwnam(srv
->srvconf
.username
->ptr
))) {
1338 log_error_write(srv
, __FILE__
, __LINE__
, "sb",
1339 "can't find username", srv
->srvconf
.username
);
1343 if (pwd
->pw_uid
== 0) {
1344 log_error_write(srv
, __FILE__
, __LINE__
, "s",
1345 "I will not set uid to 0\n");
1349 if (NULL
== grp
&& NULL
== (grp
= getgrgid(pwd
->pw_gid
))) {
1350 log_error_write(srv
, __FILE__
, __LINE__
, "sd",
1351 "can't find group id", pwd
->pw_gid
);
1357 if (grp
->gr_gid
== 0) {
1358 log_error_write(srv
, __FILE__
, __LINE__
, "s",
1359 "I will not set gid to 0\n");
1365 * Change group before chroot, when we have access
1369 if (-1 == setgid(grp
->gr_gid
)) {
1370 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "setgid failed: ", strerror(errno
));
1373 if (-1 == setgroups(0, NULL
)) {
1374 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "setgroups failed: ", strerror(errno
));
1377 if (!buffer_string_is_empty(srv
->srvconf
.username
)) {
1378 initgroups(srv
->srvconf
.username
->ptr
, grp
->gr_gid
);
1383 if (!buffer_string_is_empty(srv
->srvconf
.changeroot
)) {
1386 if (-1 == chroot(srv
->srvconf
.changeroot
->ptr
)) {
1387 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "chroot failed: ", strerror(errno
));
1390 if (-1 == chdir("/")) {
1391 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "chdir failed: ", strerror(errno
));
1397 /* drop root privs */
1399 if (-1 == setuid(pwd
->pw_uid
)) {
1400 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "setuid failed: ", strerror(errno
));
1405 #if defined(HAVE_SYS_PRCTL_H) && defined(PR_SET_DUMPABLE)
1407 * on IRIX 6.5.30 they have prctl() but no DUMPABLE
1409 if (srv
->srvconf
.enable_cores
) {
1410 prctl(PR_SET_DUMPABLE
, 1, 0, 0, 0);
1416 if (srv
->srvconf
.max_conns
> srv
->max_fds
/2) {
1417 /* we can't have more connections than max-fds/2 */
1418 log_error_write(srv
, __FILE__
, __LINE__
, "sdd", "can't have more connections than fds/2: ", srv
->srvconf
.max_conns
, srv
->max_fds
);
1419 srv
->max_conns
= srv
->max_fds
/2;
1420 } else if (srv
->srvconf
.max_conns
) {
1421 /* otherwise respect the wishes of the user */
1422 srv
->max_conns
= srv
->srvconf
.max_conns
;
1424 /* or use the default: we really don't want to hit max-fds */
1425 srv
->max_conns
= srv
->max_fds
/3;
1429 /* network is up, let's daemonize ourself */
1430 if (0 == srv
->srvconf
.dont_daemonize
&& 0 == graceful_restart
) {
1431 parent_pipe_fd
= daemonize();
1434 graceful_restart
= 0;/*(reset here after avoiding further daemonizing)*/
1435 graceful_shutdown
= 0;
1438 #ifdef HAVE_SIGACTION
1439 memset(&act
, 0, sizeof(act
));
1440 act
.sa_handler
= SIG_IGN
;
1441 sigaction(SIGPIPE
, &act
, NULL
);
1442 # if defined(SA_SIGINFO)
1443 last_sighup_info
.si_uid
= 0,
1444 last_sighup_info
.si_pid
= 0;
1445 last_sigterm_info
.si_uid
= 0,
1446 last_sigterm_info
.si_pid
= 0;
1447 act
.sa_sigaction
= sigaction_handler
;
1448 sigemptyset(&act
.sa_mask
);
1449 act
.sa_flags
= SA_SIGINFO
;
1451 act
.sa_handler
= signal_handler
;
1452 sigemptyset(&act
.sa_mask
);
1455 sigaction(SIGINT
, &act
, NULL
);
1456 sigaction(SIGTERM
, &act
, NULL
);
1457 sigaction(SIGHUP
, &act
, NULL
);
1458 sigaction(SIGALRM
, &act
, NULL
);
1459 sigaction(SIGUSR1
, &act
, NULL
);
1461 /* it should be safe to restart syscalls after SIGCHLD */
1462 act
.sa_flags
|= SA_RESTART
| SA_NOCLDSTOP
;
1463 sigaction(SIGCHLD
, &act
, NULL
);
1465 #elif defined(HAVE_SIGNAL)
1466 /* ignore the SIGPIPE from sendfile() */
1467 signal(SIGPIPE
, SIG_IGN
);
1468 signal(SIGALRM
, signal_handler
);
1469 signal(SIGTERM
, signal_handler
);
1470 signal(SIGHUP
, signal_handler
);
1471 signal(SIGCHLD
, signal_handler
);
1472 signal(SIGINT
, signal_handler
);
1473 signal(SIGUSR1
, signal_handler
);
1477 srv
->gid
= getgid();
1478 srv
->uid
= getuid();
1479 srv
->pid
= getpid();
1481 /* write pid file */
1483 buffer_copy_int(srv
->tmp_buf
, srv
->pid
);
1484 buffer_append_string_len(srv
->tmp_buf
, CONST_STR_LEN("\n"));
1485 if (-1 == write_all(pid_fd
, CONST_BUF_LEN(srv
->tmp_buf
))) {
1486 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "Couldn't write pid file:", strerror(errno
));
1491 } else if (pid_fd
< -2) {
1495 /* Close stderr ASAP in the child process to make sure that nothing
1496 * is being written to that fd which may not be valid anymore. */
1497 if (!srv
->srvconf
.preflight_check
) {
1498 if (-1 == log_error_open(srv
)) {
1499 log_error_write(srv
, __FILE__
, __LINE__
, "s", "Opening errorlog failed. Going down.");
1502 log_error_write(srv
, __FILE__
, __LINE__
, "s", "server started (" PACKAGE_DESC
")");
1505 if (buffer_is_empty(srv
->config_storage
[0]->server_tag
)) {
1506 buffer_copy_string_len(srv
->config_storage
[0]->server_tag
, CONST_STR_LEN(PACKAGE_DESC
));
1509 if (HANDLER_GO_ON
!= plugins_call_set_defaults(srv
)) {
1510 log_error_write(srv
, __FILE__
, __LINE__
, "s", "Configuration of plugins failed. Going down.");
1514 /* settings might be enabled during module config set defaults */
1515 srv
->config_storage
[0]->high_precision_timestamps
= srv
->srvconf
.high_precision_timestamps
;
1517 /* dump unused config-keys */
1518 for (i
= 0; i
< srv
->config_context
->used
; i
++) {
1519 array
*config
= ((data_config
*)srv
->config_context
->data
[i
])->value
;
1522 for (j
= 0; config
&& j
< config
->used
; j
++) {
1523 data_unset
*du
= config
->data
[j
];
1525 /* all var.* is known as user defined variable */
1526 if (strncmp(du
->key
->ptr
, "var.", sizeof("var.") - 1) == 0) {
1530 if (NULL
== array_get_element_klen(srv
->config_touched
, CONST_BUF_LEN(du
->key
))) {
1531 log_error_write(srv
, __FILE__
, __LINE__
, "sbs",
1532 "WARNING: unknown config-key:",
1539 if (srv
->config_unsupported
) {
1540 log_error_write(srv
, __FILE__
, __LINE__
, "s",
1541 "Configuration contains unsupported keys. Going down.");
1544 if (srv
->config_deprecated
) {
1545 log_error_write(srv
, __FILE__
, __LINE__
, "s",
1546 "Configuration contains deprecated keys. Going down.");
1549 if (srv
->config_unsupported
|| srv
->config_deprecated
) {
1553 if (srv
->srvconf
.preflight_check
) {
1554 /*printf("Preflight OK");*//*(stdout reopened to /dev/null)*/
1561 * notify daemonize-grandparent of successful startup
1562 * do this before any further forking is done (workers)
1564 if (0 == srv
->srvconf
.dont_daemonize
&& -1 != parent_pipe_fd
) {
1565 if (0 > write(parent_pipe_fd
, "", 1)) return -1;
1566 close(parent_pipe_fd
);
1569 if (idle_limit
&& srv
->srvconf
.max_worker
) {
1570 srv
->srvconf
.max_worker
= 0;
1571 log_error_write(srv
, __FILE__
, __LINE__
, "s",
1572 "server idle time limit command line option disables server.max-worker config file option.");
1575 /* start watcher and workers */
1576 num_childs
= srv
->srvconf
.max_worker
;
1577 if (num_childs
> 0) {
1578 pid_t pids
[num_childs
];
1580 const int npids
= num_childs
;
1582 unsigned int timer
= 0;
1583 for (int n
= 0; n
< npids
; ++n
) pids
[n
] = -1;
1584 while (!child
&& !srv_shutdown
&& !graceful_shutdown
) {
1585 if (num_childs
> 0) {
1586 switch ((pid
= fork())) {
1595 for (int n
= 0; n
< npids
; ++n
) {
1596 if (-1 == pids
[n
]) {
1606 if (-1 != (pid
= wait(&status
))) {
1607 srv
->cur_ts
= time(NULL
);
1608 if (plugins_call_handle_waitpid(srv
, pid
, status
) != HANDLER_GO_ON
) {
1609 if (!timer
) alarm((timer
= 5));
1612 switch (fdevent_reaped_logger_pipe(pid
)) {
1614 case -1: if (!timer
) alarm((timer
= 5));
1619 * check if one of our workers went away
1621 for (int n
= 0; n
< npids
; ++n
) {
1622 if (pid
== pids
[n
]) {
1631 srv
->cur_ts
= time(NULL
);
1633 * if we receive a SIGHUP we have to close our logs ourself as we don't
1634 * have the mainloop who can help us here
1636 if (handle_sig_hup
) {
1639 log_error_cycle(srv
);
1641 /* forward SIGHUP to workers */
1642 for (int n
= 0; n
< npids
; ++n
) {
1643 if (pids
[n
] > 0) kill(pids
[n
], SIGHUP
);
1646 if (handle_sig_alarm
) {
1647 handle_sig_alarm
= 0;
1649 plugins_call_handle_trigger(srv
);
1650 fdevent_restart_logger_pipes(srv
->cur_ts
);
1661 * for the parent this is the exit-point
1665 * kill all children too
1667 if (graceful_shutdown
|| graceful_restart
) {
1668 /* flag to ignore one SIGINT if graceful_restart */
1669 if (graceful_restart
) graceful_restart
= 2;
1671 server_graceful_state(srv
);
1672 } else if (srv_shutdown
) {
1679 /* ignore SIGUSR1 in workers; only parent directs graceful restart */
1680 #ifdef HAVE_SIGACTION
1682 struct sigaction actignore
;
1683 memset(&actignore
, 0, sizeof(actignore
));
1684 actignore
.sa_handler
= SIG_IGN
;
1685 sigaction(SIGUSR1
, &actignore
, NULL
);
1687 #elif defined(HAVE_SIGNAL)
1688 signal(SIGUSR1
, SIG_IGN
);
1692 * make sure workers do not muck with pid-file
1698 buffer_reset(srv
->srvconf
.pid_file
);
1700 fdevent_clr_logger_pipe_pids();
1701 srv
->pid
= getpid();
1706 if (NULL
== (srv
->ev
= fdevent_init(srv
, srv
->max_fds
+ 1, srv
->event_handler
))) {
1707 log_error_write(srv
, __FILE__
, __LINE__
,
1708 "s", "fdevent_init failed");
1712 /* libev backend overwrites our SIGCHLD handler and calls waitpid on SIGCHLD; we want our own SIGCHLD handling. */
1713 #ifdef HAVE_SIGACTION
1714 sigaction(SIGCHLD
, &act
, NULL
);
1715 #elif defined(HAVE_SIGNAL)
1716 signal(SIGCHLD
, signal_handler
);
1720 * kqueue() is called here, select resets its internals,
1721 * all server sockets get their handlers
1724 if (0 != network_register_fdevents(srv
)) {
1728 /* might fail if user is using fam (not gamin) and famd isn't running */
1729 if (NULL
== (srv
->stat_cache
= stat_cache_init(srv
))) {
1730 log_error_write(srv
, __FILE__
, __LINE__
, "s",
1731 "stat-cache could not be setup, dieing.");
1737 /* setup periodic timer (1 second) */
1738 struct itimerval interval
;
1739 interval
.it_interval
.tv_sec
= 1;
1740 interval
.it_interval
.tv_usec
= 0;
1741 interval
.it_value
.tv_sec
= 1;
1742 interval
.it_value
.tv_usec
= 0;
1743 if (setitimer(ITIMER_REAL
, &interval
, NULL
)) {
1744 log_error_write(srv
, __FILE__
, __LINE__
, "s", "setting timer failed");
1751 /* get the current number of FDs */
1753 int fd
= fdevent_open_devnull();
1760 if (0 != server_sockets_set_nb_cloexec(srv
)) {
1764 if (oneshot_fd
&& server_oneshot_init(srv
, oneshot_fd
)) {
1769 while (!srv_shutdown
) {
1774 if (handle_sig_hup
) {
1777 /* reset notification */
1781 /* cycle logfiles */
1783 switch(r
= plugins_call_handle_sighup(srv
)) {
1787 log_error_write(srv
, __FILE__
, __LINE__
, "sd", "sighup-handler return with an error", r
);
1791 if (-1 == log_error_cycle(srv
)) {
1792 log_error_write(srv
, __FILE__
, __LINE__
, "s", "cycling errorlog failed, dying");
1796 #ifdef HAVE_SIGACTION
1797 log_error_write(srv
, __FILE__
, __LINE__
, "sdsd",
1798 "logfiles cycled UID =",
1799 last_sighup_info
.si_uid
,
1801 last_sighup_info
.si_pid
);
1803 log_error_write(srv
, __FILE__
, __LINE__
, "s",
1809 if (handle_sig_alarm
) {
1813 /* reset notification */
1814 handle_sig_alarm
= 0;
1817 /* get current time */
1818 min_ts
= time(NULL
);
1820 if (min_ts
!= srv
->cur_ts
) {
1821 #ifdef DEBUG_CONNECTION_STATES
1824 connections
*conns
= srv
->conns
;
1827 switch(r
= plugins_call_handle_trigger(srv
)) {
1831 log_error_write(srv
, __FILE__
, __LINE__
, "s", "one of the triggers failed");
1834 log_error_write(srv
, __FILE__
, __LINE__
, "d", r
);
1838 srv
->cur_ts
= min_ts
;
1840 /* check idle time limit, if enabled */
1841 if (idle_limit
&& idle_limit
< min_ts
- last_active_ts
&& !graceful_shutdown
) {
1842 log_error_write(srv
, __FILE__
, __LINE__
, "sDs", "[note] idle timeout", (int)idle_limit
,
1843 "s exceeded, initiating graceful shutdown");
1844 graceful_shutdown
= 2; /* value 2 indicates idle timeout */
1845 if (graceful_restart
) {
1846 graceful_restart
= 0;
1847 if (pid_fd
< -2) pid_fd
= -pid_fd
;
1848 server_sockets_close(srv
);
1852 #ifdef HAVE_GETLOADAVG
1853 /* refresh loadavg data every 30 seconds */
1854 if (srv
->srvconf
.loadts
+ 30 < min_ts
) {
1855 if (-1 != getloadavg(srv
->srvconf
.loadavg
, 3)) {
1856 srv
->srvconf
.loadts
= min_ts
;
1861 /* cleanup stat-cache */
1862 stat_cache_trigger_cleanup(srv
);
1863 /* reset global/aggregate rate limit counters */
1864 for (i
= 0; i
< srv
->config_context
->used
; ++i
) {
1865 srv
->config_storage
[i
]->global_bytes_per_second_cnt
= 0;
1867 /* if graceful_shutdown, accelerate cleanup of recently completed request/responses */
1868 if (graceful_shutdown
&& !srv_shutdown
) server_graceful_shutdown_maint(srv
);
1870 * check all connections for timeouts
1873 for (ndx
= 0; ndx
< conns
->used
; ndx
++) {
1874 connection
* const con
= conns
->ptr
[ndx
];
1875 const int waitevents
= fdevent_event_get_interest(srv
->ev
, con
->fd
);
1879 if (con
->state
== CON_STATE_CLOSE
) {
1880 if (srv
->cur_ts
- con
->close_timeout_ts
> HTTP_LINGER_TIMEOUT
) {
1883 } else if (waitevents
& FDEVENT_IN
) {
1884 if (con
->request_count
== 1 || con
->state
!= CON_STATE_READ
) { /* e.g. CON_STATE_READ_POST || CON_STATE_WRITE */
1885 if (srv
->cur_ts
- con
->read_idle_ts
> con
->conf
.max_read_idle
) {
1887 if (con
->conf
.log_request_handling
) {
1888 log_error_write(srv
, __FILE__
, __LINE__
, "sd",
1889 "connection closed - read timeout:", con
->fd
);
1892 connection_set_state(srv
, con
, CON_STATE_ERROR
);
1896 if (srv
->cur_ts
- con
->read_idle_ts
> con
->keep_alive_idle
) {
1898 if (con
->conf
.log_request_handling
) {
1899 log_error_write(srv
, __FILE__
, __LINE__
, "sd",
1900 "connection closed - keep-alive timeout:", con
->fd
);
1903 connection_set_state(srv
, con
, CON_STATE_ERROR
);
1909 /* max_write_idle timeout currently functions as backend timeout,
1910 * too, after response has been started.
1911 * future: have separate backend timeout, and then change this
1912 * to check for write interest before checking for timeout */
1913 /*if (waitevents & FDEVENT_OUT)*/
1914 if ((con
->state
== CON_STATE_WRITE
) &&
1915 (con
->write_request_ts
!= 0)) {
1917 if (srv
->cur_ts
- con
->write_request_ts
> 60) {
1918 log_error_write(srv
, __FILE__
, __LINE__
, "sdd",
1919 "connection closed - pre-write-request-timeout:", con
->fd
, srv
->cur_ts
- con
->write_request_ts
);
1923 if (srv
->cur_ts
- con
->write_request_ts
> con
->conf
.max_write_idle
) {
1925 if (con
->conf
.log_timeouts
) {
1926 log_error_write(srv
, __FILE__
, __LINE__
, "sbsbsosds",
1927 "NOTE: a request from",
1931 "timed out after writing",
1934 (int)con
->conf
.max_write_idle
,
1935 "seconds. If this a problem increase server.max-write-idle");
1937 connection_set_state(srv
, con
, CON_STATE_ERROR
);
1942 /* we don't like div by zero */
1943 if (0 == (t_diff
= srv
->cur_ts
- con
->connection_start
)) t_diff
= 1;
1945 if (con
->traffic_limit_reached
&&
1946 (con
->conf
.kbytes_per_second
== 0 ||
1947 ((con
->bytes_written
/ t_diff
) < con
->conf
.kbytes_per_second
* 1024))) {
1948 /* enable connection again */
1949 con
->traffic_limit_reached
= 0;
1954 con
->bytes_written_cur_second
= 0;
1957 connection_state_machine(srv
, con
);
1960 #if DEBUG_CONNECTION_STATES
1962 fprintf(stderr
, "connection-state: ");
1966 fprintf(stderr
, "c[%d,%d]: %s ",
1969 connection_get_state(con
->state
));
1973 #ifdef DEBUG_CONNECTION_STATES
1974 if (cs
== 1) fprintf(stderr
, "\n");
1979 if (handle_sig_child
) {
1981 handle_sig_child
= 0;
1984 pid
= waitpid(-1, &status
, WNOHANG
);
1986 if (plugins_call_handle_waitpid(srv
, pid
, status
) != HANDLER_GO_ON
) {
1989 if (0 == srv
->srvconf
.max_worker
) {
1990 /* check piped-loggers and restart, even if shutting down */
1991 if (fdevent_waitpid_logger_pipe_pid(pid
, srv
->cur_ts
)) {
1996 } while (pid
> 0 || (-1 == pid
&& errno
== EINTR
));
1999 if (graceful_shutdown
) {
2000 server_graceful_state(srv
);
2001 srv
->sockets_disabled
= 1;
2002 } else if (srv
->sockets_disabled
) {
2003 /* our server sockets are disabled, why ? */
2005 if ((srv
->cur_fds
+ srv
->want_fds
< srv
->max_fds
* 8 / 10) && /* we have enough unused fds */
2006 (srv
->conns
->used
<= srv
->max_conns
* 9 / 10)) {
2007 server_sockets_set_event(srv
, FDEVENT_IN
);
2008 log_error_write(srv
, __FILE__
, __LINE__
, "s", "[note] sockets enabled again");
2010 srv
->sockets_disabled
= 0;
2013 if ((srv
->cur_fds
+ srv
->want_fds
> srv
->max_fds
* 9 / 10) || /* out of fds */
2014 (srv
->conns
->used
>= srv
->max_conns
)) { /* out of connections */
2015 /* disable server-fds */
2016 server_sockets_set_event(srv
, 0);
2018 if (srv
->conns
->used
>= srv
->max_conns
) {
2019 log_error_write(srv
, __FILE__
, __LINE__
, "s", "[note] sockets disabled, connection limit reached");
2021 log_error_write(srv
, __FILE__
, __LINE__
, "s", "[note] sockets disabled, out-of-fds");
2024 srv
->sockets_disabled
= 1;
2028 if (graceful_shutdown
&& srv
->conns
->used
== 0) {
2029 /* we are in graceful shutdown phase and all connections are closed
2030 * we are ready to terminate without harming anyone */
2035 /* we still have some fds to share */
2036 if (srv
->want_fds
) {
2037 /* check the fdwaitqueue for waiting fds */
2038 int free_fds
= srv
->max_fds
- srv
->cur_fds
- 16;
2041 for (; free_fds
> 0 && NULL
!= (con
= fdwaitqueue_unshift(srv
, srv
->fdwaitqueue
)); free_fds
--) {
2042 connection_state_machine(srv
, con
);
2048 if ((n
= fdevent_poll(srv
->ev
, 1000)) > 0) {
2049 /* n is the number of events */
2053 last_active_ts
= srv
->cur_ts
;
2056 fdevent_handler handler
;
2059 fd_ndx
= fdevent_event_next_fdndx (srv
->ev
, fd_ndx
);
2060 if (-1 == fd_ndx
) break; /* not all fdevent handlers know how many fds got an event */
2062 revents
= fdevent_event_get_revent (srv
->ev
, fd_ndx
);
2063 fd
= fdevent_event_get_fd (srv
->ev
, fd_ndx
);
2064 handler
= fdevent_get_handler(srv
->ev
, fd
);
2065 context
= fdevent_get_context(srv
->ev
, fd
);
2066 if (NULL
!= handler
) {
2067 (*handler
)(srv
, context
, revents
);
2070 } else if (n
< 0 && errno
!= EINTR
) {
2071 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
2072 "fdevent_poll failed:",
2076 if (n
>= 0) fdevent_sched_run(srv
, srv
->ev
);
2078 for (ndx
= 0; ndx
< srv
->joblist
->used
; ndx
++) {
2079 connection
*con
= srv
->joblist
->ptr
[ndx
];
2080 connection_state_machine(srv
, con
);
2083 srv
->joblist
->used
= 0;
2086 if (graceful_shutdown
|| graceful_restart
) {
2087 server_graceful_state(srv
);
2090 if (2 == graceful_shutdown
) { /* value 2 indicates idle timeout */
2091 log_error_write(srv
, __FILE__
, __LINE__
, "s",
2092 "server stopped after idle timeout");
2094 #ifdef HAVE_SIGACTION
2095 log_error_write(srv
, __FILE__
, __LINE__
, "sdsd",
2096 "server stopped by UID =",
2097 last_sigterm_info
.si_uid
,
2099 last_sigterm_info
.si_pid
);
2101 log_error_write(srv
, __FILE__
, __LINE__
, "s",
2109 int main (int argc
, char **argv
) {
2113 #ifndef HAVE_ISSETUGID
2114 #define issetugid() (geteuid() != getuid() || getegid() != getgid())
2116 if (0 != getuid() && issetugid()) { /*check as early as possible in main()*/
2118 "Are you nuts ? Don't apply a SUID bit to this binary\n");
2123 /* for nice %b handling in strftime() */
2124 setlocale(LC_TIME
, "C");
2127 server
* const srv
= server_init();
2129 if (graceful_restart
) {
2130 server_sockets_restore(srv
);
2134 rc
= server_main(srv
, argc
, argv
);
2137 remove_pid_file(srv
);
2138 log_error_close(srv
);
2139 fdevent_close_logger_pipes();
2140 if (graceful_restart
)
2141 server_sockets_save(srv
);
2144 connections_free(srv
);
2148 if (0 != rc
|| !graceful_restart
) break;
2150 /* wait for all children to exit before graceful restart */
2151 while (waitpid(-1, NULL
, 0) > 0) ;
2152 } while (graceful_restart
);