search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[core] attempt to quiet coverity false positives
[lighttpd.git] / src / server.c
blob0b6579eff0b4690eecca9eff4fea0642397ce8ef
1 #include "first.h"
2
3 #include "server.h"
4 #include "buffer.h"
5 #include "network.h"
6 #include "log.h"
7 #include "keyvalue.h"
8 #include "rand.h"
9 #include "response.h"
10 #include "request.h"
11 #include "chunk.h"
12 #include "http_auth.h"
13 #include "http_chunk.h"
14 #include "http_vhostdb.h"
15 #include "fdevent.h"
16 #include "connections.h"
17 #include "stat_cache.h"
18 #include "plugin.h"
19 #include "joblist.h"
20 #include "network_backends.h"
21
22 #ifdef HAVE_VERSIONSTAMP_H
23 # include "versionstamp.h"
24 #else
25 # define REPO_VERSION ""
26 #endif
27
28 #define PACKAGE_DESC PACKAGE_NAME "/" PACKAGE_VERSION REPO_VERSION
29
30 #include <sys/types.h>
31 #include <sys/time.h>
32 #include <sys/stat.h>
33 #include <sys/wait.h>
34
35 #include <string.h>
36 #include <errno.h>
37 #include <fcntl.h>
38 #include <unistd.h>
39 #include <stdlib.h>
40 #include <time.h>
41 #include <signal.h>
42 #include <locale.h>
43
44 #include <stdio.h>
45
46 #ifdef HAVE_GETOPT_H
47 # include <getopt.h>
48 #endif
49
50 #ifdef HAVE_VALGRIND_VALGRIND_H
51 # include <valgrind/valgrind.h>
52 #endif
53
54 #ifdef HAVE_SYS_WAIT_H
55 # include <sys/wait.h>
56 #endif
57
58 #ifdef HAVE_PWD_H
59 # include <grp.h>
60 # include <pwd.h>
61 #endif
62
63 #ifdef HAVE_SYSLOG_H
64 # include <syslog.h>
65 #endif
66
67 #ifdef HAVE_SYS_RESOURCE_H
68 # include <sys/resource.h>
69 #endif
70
71 #ifdef HAVE_SYS_PRCTL_H
72 # include <sys/prctl.h>
73 #endif
74
75 #if defined HAVE_LIBSSL && defined HAVE_OPENSSL_SSL_H
76 #define USE_SSL
77 #define TEXT_SSL " (ssl)"
78 #else
79 #define TEXT_SSL
80 #endif
81
82 #ifndef __sgi
83 /* IRIX doesn't like the alarm based time() optimization */
84 /* #define USE_ALARM */
85 #endif
86
87 static int oneshot_fd = 0;
88 static volatile int pid_fd = -2;
89 static server_socket_array graceful_sockets;
90 static volatile sig_atomic_t graceful_restart = 0;
91 static volatile sig_atomic_t graceful_shutdown = 0;
92 static volatile sig_atomic_t srv_shutdown = 0;
93 static volatile sig_atomic_t handle_sig_alarm = 1;
94 static volatile sig_atomic_t handle_sig_hup = 0;
95
96 #if defined(HAVE_SIGACTION) && defined(SA_SIGINFO)
97 static volatile siginfo_t last_sigterm_info;
98 static volatile siginfo_t last_sighup_info;
99
100 static void sigaction_handler(int sig, siginfo_t *si, void *context) {
101 static const siginfo_t empty_siginfo;
102 UNUSED(context);
103
104 if (!si) *(const siginfo_t **)&si = &empty_siginfo;
105
106 switch (sig) {
107 case SIGTERM:
108 srv_shutdown = 1;
109 last_sigterm_info = *si;
110 break;
111 case SIGUSR1:
112 if (!graceful_shutdown) {
113 graceful_restart = 1;
114 graceful_shutdown = 1;
115 last_sigterm_info = *si;
116 }
117 break;
118 case SIGINT:
119 if (graceful_shutdown) {
120 if (2 == graceful_restart)
121 graceful_restart = 1;
122 else
123 srv_shutdown = 1;
124 } else {
125 graceful_shutdown = 1;
126 }
127 last_sigterm_info = *si;
128
129 break;
130 case SIGALRM:
131 handle_sig_alarm = 1;
132 break;
133 case SIGHUP:
134 handle_sig_hup = 1;
135 last_sighup_info = *si;
136 break;
137 case SIGCHLD:
138 break;
139 }
140 }
141 #elif defined(HAVE_SIGNAL) || defined(HAVE_SIGACTION)
142 static void signal_handler(int sig) {
143 switch (sig) {
144 case SIGTERM: srv_shutdown = 1; break;
145 case SIGUSR1:
146 if (!graceful_shutdown) {
147 graceful_restart = 1;
148 graceful_shutdown = 1;
149 }
150 break;
151 case SIGINT:
152 if (graceful_shutdown) {
153 if (2 == graceful_restart)
154 graceful_restart = 1;
155 else
156 srv_shutdown = 1;
157 } else {
158 graceful_shutdown = 1;
159 }
160 break;
161 case SIGALRM: handle_sig_alarm = 1; break;
162 case SIGHUP: handle_sig_hup = 1; break;
163 case SIGCHLD: break;
164 }
165 }
166 #endif
167
168 #ifdef HAVE_FORK
169 static int daemonize(void) {
170 int pipefd[2];
171 pid_t pid;
172 #ifdef SIGTTOU
173 signal(SIGTTOU, SIG_IGN);
174 #endif
175 #ifdef SIGTTIN
176 signal(SIGTTIN, SIG_IGN);
177 #endif
178 #ifdef SIGTSTP
179 signal(SIGTSTP, SIG_IGN);
180 #endif
181
182 if (pipe(pipefd) < 0) exit(-1);
183
184 if (0 > (pid = fork())) exit(-1);
185
186 if (0 < pid) {
187 char buf;
188 ssize_t bytes;
189
190 close(pipefd[1]);
191 /* parent waits for grandchild to be ready */
192 do {
193 bytes = read(pipefd[0], &buf, sizeof(buf));
194 } while (bytes < 0 && EINTR == errno);
195 close(pipefd[0]);
196
197 if (bytes <= 0) {
198 /* closed fd (without writing) == failure in grandchild */
199 fputs("daemonized server failed to start; check error log for details\n", stderr);
200 exit(-1);
201 }
202
203 exit(0);
204 }
205
206 close(pipefd[0]);
207
208 if (-1 == setsid()) exit(0);
209
210 signal(SIGHUP, SIG_IGN);
211
212 if (0 != fork()) exit(0);
213
214 if (0 != chdir("/")) exit(0);
215
216 fdevent_setfd_cloexec(pipefd[1]);
217 return pipefd[1];
218 }
219 #endif
220
221 static server *server_init(void) {
222 int i;
223 server *srv = calloc(1, sizeof(*srv));
224 force_assert(srv);
225 #define CLEAN(x) \
226 srv->x = buffer_init();
227
228 CLEAN(response_header);
229 CLEAN(parse_full_path);
230 CLEAN(ts_debug_str);
231 CLEAN(ts_date_str);
232 CLEAN(errorlog_buf);
233 CLEAN(response_range);
234 CLEAN(tmp_buf);
235 srv->empty_string = buffer_init_string("");
236 CLEAN(cond_check_buf);
237
238 CLEAN(srvconf.errorlog_file);
239 CLEAN(srvconf.breakagelog_file);
240 CLEAN(srvconf.groupname);
241 CLEAN(srvconf.username);
242 CLEAN(srvconf.changeroot);
243 CLEAN(srvconf.bindhost);
244 CLEAN(srvconf.event_handler);
245 CLEAN(srvconf.pid_file);
246 CLEAN(srvconf.syslog_facility);
247
248 CLEAN(tmp_chunk_len);
249 #undef CLEAN
250
251 #define CLEAN(x) \
252 srv->x = array_init();
253
254 CLEAN(config_context);
255 CLEAN(config_touched);
256 CLEAN(status);
257 #undef CLEAN
258
259 for (i = 0; i < FILE_CACHE_MAX; i++) {
260 srv->mtime_cache[i].mtime = (time_t)-1;
261 srv->mtime_cache[i].str = buffer_init();
262 }
263
264 li_rand_reseed();
265
266 srv->cur_ts = time(NULL);
267 srv->startup_ts = srv->cur_ts;
268
269 srv->conns = calloc(1, sizeof(*srv->conns));
270 force_assert(srv->conns);
271
272 srv->joblist = calloc(1, sizeof(*srv->joblist));
273 force_assert(srv->joblist);
274
275 srv->fdwaitqueue = calloc(1, sizeof(*srv->fdwaitqueue));
276 force_assert(srv->fdwaitqueue);
277
278 srv->srvconf.modules = array_init();
279 srv->srvconf.modules_dir = buffer_init_string(LIBRARY_DIR);
280 srv->srvconf.network_backend = buffer_init();
281 srv->srvconf.upload_tempdirs = array_init();
282 srv->srvconf.reject_expect_100_with_417 = 1;
283 srv->srvconf.xattr_name = buffer_init_string("Content-Type");
284 srv->srvconf.http_header_strict = 1;
285 srv->srvconf.http_host_strict = 1; /*(implies http_host_normalize)*/
286 srv->srvconf.http_host_normalize = 0;
287 srv->srvconf.high_precision_timestamps = 0;
288 srv->srvconf.max_request_field_size = 8192;
289 srv->srvconf.loadavg[0] = 0.0;
290 srv->srvconf.loadavg[1] = 0.0;
291 srv->srvconf.loadavg[2] = 0.0;
292
293 /* use syslog */
294 srv->errorlog_fd = STDERR_FILENO;
295 srv->errorlog_mode = ERRORLOG_FD;
296
297 srv->split_vals = array_init();
298 srv->request_env = plugins_call_handle_request_env;
299
300 return srv;
301 }
302
303 static void server_free(server *srv) {
304 size_t i;
305
306 for (i = 0; i < FILE_CACHE_MAX; i++) {
307 buffer_free(srv->mtime_cache[i].str);
308 }
309
310 if (oneshot_fd > 0) {
311 close(oneshot_fd);
312 }
313
314 #define CLEAN(x) \
315 buffer_free(srv->x);
316
317 CLEAN(response_header);
318 CLEAN(parse_full_path);
319 CLEAN(ts_debug_str);
320 CLEAN(ts_date_str);
321 CLEAN(errorlog_buf);
322 CLEAN(response_range);
323 CLEAN(tmp_buf);
324 CLEAN(empty_string);
325 CLEAN(cond_check_buf);
326
327 CLEAN(srvconf.errorlog_file);
328 CLEAN(srvconf.breakagelog_file);
329 CLEAN(srvconf.groupname);
330 CLEAN(srvconf.username);
331 CLEAN(srvconf.changeroot);
332 CLEAN(srvconf.bindhost);
333 CLEAN(srvconf.event_handler);
334 CLEAN(srvconf.pid_file);
335 CLEAN(srvconf.modules_dir);
336 CLEAN(srvconf.network_backend);
337 CLEAN(srvconf.xattr_name);
338 CLEAN(srvconf.syslog_facility);
339
340 CLEAN(tmp_chunk_len);
341 #undef CLEAN
342
343 #if 0
344 fdevent_unregister(srv->ev, srv->fd);
345 #endif
346 fdevent_free(srv->ev);
347
348 free(srv->conns);
349
350 if (srv->config_storage) {
351 for (i = 0; i < srv->config_context->used; i++) {
352 specific_config *s = srv->config_storage[i];
353
354 if (!s) continue;
355
356 buffer_free(s->document_root);
357 buffer_free(s->server_name);
358 buffer_free(s->server_tag);
359 buffer_free(s->error_handler);
360 buffer_free(s->error_handler_404);
361 buffer_free(s->errorfile_prefix);
362 buffer_free(s->socket_perms);
363 array_free(s->mimetypes);
364 free(s);
365 }
366 free(srv->config_storage);
367 srv->config_storage = NULL;
368 }
369
370 #define CLEAN(x) \
371 array_free(srv->x);
372
373 CLEAN(config_context);
374 CLEAN(config_touched);
375 CLEAN(status);
376 CLEAN(srvconf.upload_tempdirs);
377 #undef CLEAN
378
379 joblist_free(srv, srv->joblist);
380 fdwaitqueue_free(srv, srv->fdwaitqueue);
381
382 if (srv->stat_cache) {
383 stat_cache_free(srv->stat_cache);
384 }
385
386 array_free(srv->srvconf.modules);
387 array_free(srv->split_vals);
388
389 li_rand_cleanup();
390
391 free(srv);
392 }
393
394 static void remove_pid_file(server *srv) {
395 if (pid_fd <= -2) return;
396 if (!buffer_string_is_empty(srv->srvconf.pid_file) && 0 <= pid_fd) {
397 if (0 != ftruncate(pid_fd, 0)) {
398 log_error_write(srv, __FILE__, __LINE__, "sbds",
399 "ftruncate failed for:",
400 srv->srvconf.pid_file,
401 errno,
402 strerror(errno));
403 }
404 }
405 if (0 <= pid_fd) {
406 close(pid_fd);
407 pid_fd = -1;
408 }
409 if (!buffer_string_is_empty(srv->srvconf.pid_file) &&
410 buffer_string_is_empty(srv->srvconf.changeroot)) {
411 if (0 != unlink(srv->srvconf.pid_file->ptr)) {
412 if (errno != EACCES && errno != EPERM) {
413 log_error_write(srv, __FILE__, __LINE__, "sbds",
414 "unlink failed for:",
415 srv->srvconf.pid_file,
416 errno,
417 strerror(errno));
418 }
419 }
420 }
421 }
422
423
424 static server_socket * server_oneshot_getsock(server *srv, sock_addr *cnt_addr) {
425 server_socket *srv_socket, *srv_socket_wild = NULL;
426 size_t i;
427 for (i = 0; i < srv->srv_sockets.used; ++i) {
428 srv_socket = srv->srv_sockets.ptr[i];
429 if (cnt_addr->plain.sa_family != srv_socket->addr.plain.sa_family) continue;
430 switch (cnt_addr->plain.sa_family) {
431 case AF_INET:
432 if (srv_socket->addr.ipv4.sin_port != cnt_addr->ipv4.sin_port) continue;
433 if (srv_socket->addr.ipv4.sin_addr.s_addr == cnt_addr->ipv4.sin_addr.s_addr) {
434 return srv_socket;
435 }
436 if (srv_socket->addr.ipv4.sin_addr.s_addr == htonl(INADDR_ANY)) {
437 srv_socket_wild = srv_socket;
438 }
439 continue;
440 #ifdef HAVE_IPV6
441 case AF_INET6:
442 if (srv_socket->addr.ipv6.sin6_port != cnt_addr->ipv6.sin6_port) continue;
443 if (0 == memcmp(&srv_socket->addr.ipv6.sin6_addr, &cnt_addr->ipv6.sin6_addr, sizeof(struct in6_addr))) {
444 return srv_socket;
445 }
446 if (0 == memcmp(&srv_socket->addr.ipv6.sin6_addr, &in6addr_any, sizeof(struct in6_addr))) {
447 srv_socket_wild = srv_socket;
448 }
449 continue;
450 #endif
451 #ifdef HAVE_SYS_UN_H
452 case AF_UNIX:
453 if (0 == strcmp(srv_socket->addr.un.sun_path, cnt_addr->un.sun_path)) {
454 return srv_socket;
455 }
456 continue;
457 #endif
458 default: continue;
459 }
460 }
461
462 if (NULL != srv_socket_wild) {
463 return srv_socket_wild;
464 } else if (srv->srv_sockets.used) {
465 return srv->srv_sockets.ptr[0];
466 } else {
467 log_error_write(srv, __FILE__, __LINE__, "s", "no sockets configured");
468 return NULL;
469 }
470 }
471
472
473 static int server_oneshot_init(server *srv, int fd) {
474 /* Note: does not work with netcat due to requirement that fd be socket.
475 * STDOUT_FILENO was not saved earlier in startup, and that is to where
476 * netcat expects output to be sent. Since lighttpd expects connections
477 * to be sockets, con->fd is where output is sent; separate fds are not
478 * stored for input and output, but netcat has different fds for stdin
479 * and * stdout. To support netcat, would additionally need to avoid
480 * S_ISSOCK(), getsockname(), and getpeername() below, reconstructing
481 * addresses from environment variables:
482 * NCAT_LOCAL_ADDR NCAT_LOCAL_PORT
483 * NCAT_REMOTE_ADDR NCAT_REMOTE_PORT
484 * NCAT_PROTO
485 */
486 connection *con;
487 server_socket *srv_socket;
488 sock_addr cnt_addr;
489 socklen_t cnt_len;
490 struct stat st;
491
492 if (0 != fstat(fd, &st)) {
493 log_error_write(srv, __FILE__, __LINE__, "ss", "fstat:", strerror(errno));
494 return 0;
495 }
496
497 if (!S_ISSOCK(st.st_mode)) {
498 /* require that fd is a socket
499 * (modules might expect STDIN_FILENO and STDOUT_FILENO opened to /dev/null) */
500 log_error_write(srv, __FILE__, __LINE__, "s", "lighttpd -1 stdin is not a socket");
501 return 0;
502 }
503
504 cnt_len = sizeof(cnt_addr);
505 if (0 != getsockname(fd, (struct sockaddr *)&cnt_addr, &cnt_len)) {
506 log_error_write(srv, __FILE__, __LINE__, "ss", "getsockname:", strerror(errno));
507 return 0;
508 }
509
510 srv_socket = server_oneshot_getsock(srv, &cnt_addr);
511 if (NULL == srv_socket) return 0;
512
513 cnt_len = sizeof(cnt_addr);
514 if (0 != getpeername(fd, (struct sockaddr *)&cnt_addr, &cnt_len)) {
515 log_error_write(srv, __FILE__, __LINE__, "ss", "getpeername:", strerror(errno));
516 return 0;
517 }
518
519 /*(must set flags; fd did not pass through fdevent accept() logic)*/
520 if (-1 == fdevent_fcntl_set_nb_cloexec(srv->ev, fd)) {
521 log_error_write(srv, __FILE__, __LINE__, "ss", "fcntl:", strerror(errno));
522 return 0;
523 }
524
525 if (cnt_addr.plain.sa_family != AF_UNIX) {
526 network_accept_tcp_nagle_disable(fd);
527 }
528
529 con = connection_accepted(srv, srv_socket, &cnt_addr, fd);
530 if (NULL == con) return 0;
531
532 connection_state_machine(srv, con);
533 return 1;
534 }
535
536
537 static void show_version (void) {
538 char *b = PACKAGE_DESC TEXT_SSL \
539 " - a light and fast webserver\n" \
540 "Build-Date: " __DATE__ " " __TIME__ "\n";
541 ;
542 write_all(STDOUT_FILENO, b, strlen(b));
543 }
544
545 static void show_features (void) {
546 const char features[] = ""
547 #ifdef USE_SELECT
548 "\t+ select (generic)\n"
549 #else
550 "\t- select (generic)\n"
551 #endif
552 #ifdef USE_POLL
553 "\t+ poll (Unix)\n"
554 #else
555 "\t- poll (Unix)\n"
556 #endif
557 #ifdef USE_LINUX_EPOLL
558 "\t+ epoll (Linux 2.6)\n"
559 #else
560 "\t- epoll (Linux 2.6)\n"
561 #endif
562 #ifdef USE_SOLARIS_DEVPOLL
563 "\t+ /dev/poll (Solaris)\n"
564 #else
565 "\t- /dev/poll (Solaris)\n"
566 #endif
567 #ifdef USE_SOLARIS_PORT
568 "\t+ eventports (Solaris)\n"
569 #else
570 "\t- eventports (Solaris)\n"
571 #endif
572 #ifdef USE_FREEBSD_KQUEUE
573 "\t+ kqueue (FreeBSD)\n"
574 #else
575 "\t- kqueue (FreeBSD)\n"
576 #endif
577 #ifdef USE_LIBEV
578 "\t+ libev (generic)\n"
579 #else
580 "\t- libev (generic)\n"
581 #endif
582 "\nNetwork handler:\n\n"
583 #if defined USE_LINUX_SENDFILE
584 "\t+ linux-sendfile\n"
585 #else
586 "\t- linux-sendfile\n"
587 #endif
588 #if defined USE_FREEBSD_SENDFILE
589 "\t+ freebsd-sendfile\n"
590 #else
591 "\t- freebsd-sendfile\n"
592 #endif
593 #if defined USE_DARWIN_SENDFILE
594 "\t+ darwin-sendfile\n"
595 #else
596 "\t- darwin-sendfile\n"
597 #endif
598 #if defined USE_SOLARIS_SENDFILEV
599 "\t+ solaris-sendfilev\n"
600 #else
601 "\t- solaris-sendfilev\n"
602 #endif
603 #if defined USE_WRITEV
604 "\t+ writev\n"
605 #else
606 "\t- writev\n"
607 #endif
608 "\t+ write\n"
609 #ifdef USE_MMAP
610 "\t+ mmap support\n"
611 #else
612 "\t- mmap support\n"
613 #endif
614 "\nFeatures:\n\n"
615 #ifdef HAVE_IPV6
616 "\t+ IPv6 support\n"
617 #else
618 "\t- IPv6 support\n"
619 #endif
620 #if defined HAVE_ZLIB_H && defined HAVE_LIBZ
621 "\t+ zlib support\n"
622 #else
623 "\t- zlib support\n"
624 #endif
625 #if defined HAVE_BZLIB_H && defined HAVE_LIBBZ2
626 "\t+ bzip2 support\n"
627 #else
628 "\t- bzip2 support\n"
629 #endif
630 #if defined(HAVE_CRYPT) || defined(HAVE_CRYPT_R) || defined(HAVE_LIBCRYPT)
631 "\t+ crypt support\n"
632 #else
633 "\t- crypt support\n"
634 #endif
635 #ifdef USE_SSL
636 "\t+ SSL support\n"
637 #else
638 "\t- SSL support\n"
639 #endif
640 #ifdef HAVE_LIBPCRE
641 "\t+ PCRE support\n"
642 #else
643 "\t- PCRE support\n"
644 #endif
645 #ifdef HAVE_MYSQL
646 "\t+ MySQL support\n"
647 #else
648 "\t- MySQL support\n"
649 #endif
650 #ifdef HAVE_PGSQL
651 "\t+ PgSQL support\n"
652 #else
653 "\t- PgSQL support\n"
654 #endif
655 #ifdef HAVE_DBI
656 "\t+ DBI support\n"
657 #else
658 "\t- DBI support\n"
659 #endif
660 #ifdef HAVE_KRB5
661 "\t+ Kerberos support\n"
662 #else
663 "\t- Kerberos support\n"
664 #endif
665 #if defined(HAVE_LDAP_H) && defined(HAVE_LBER_H) && defined(HAVE_LIBLDAP) && defined(HAVE_LIBLBER)
666 "\t+ LDAP support\n"
667 #else
668 "\t- LDAP support\n"
669 #endif
670 #ifdef USE_MEMCACHED
671 "\t+ memcached support\n"
672 #else
673 "\t- memcached support\n"
674 #endif
675 #ifdef HAVE_FAM_H
676 "\t+ FAM support\n"
677 #else
678 "\t- FAM support\n"
679 #endif
680 #ifdef HAVE_LUA_H
681 "\t+ LUA support\n"
682 #else
683 "\t- LUA support\n"
684 #endif
685 #ifdef HAVE_LIBXML_H
686 "\t+ xml support\n"
687 #else
688 "\t- xml support\n"
689 #endif
690 #ifdef HAVE_SQLITE3_H
691 "\t+ SQLite support\n"
692 #else
693 "\t- SQLite support\n"
694 #endif
695 #ifdef HAVE_GDBM_H
696 "\t+ GDBM support\n"
697 #else
698 "\t- GDBM support\n"
699 #endif
700 "\n";
701 show_version();
702 printf("\nEvent Handlers:\n\n%s", features);
703 }
704
705 static void show_help (void) {
706 char *b = PACKAGE_DESC TEXT_SSL " ("__DATE__ " " __TIME__ ")" \
707 " - a light and fast webserver\n" \
708 "usage:\n" \
709 " -f <name> filename of the config-file\n" \
710 " -m <name> module directory (default: "LIBRARY_DIR")\n" \
711 " -i <secs> graceful shutdown after <secs> of inactivity\n" \
712 " -1 process single (one) request on stdin socket, then exit\n" \
713 " -p print the parsed config-file in internal form, and exit\n" \
714 " -t test config-file syntax, then exit\n" \
715 " -tt test config-file syntax, load and init modules, then exit\n" \
716 " -D don't go to background (default: go to background)\n" \
717 " -v show version\n" \
718 " -V show compile-time features\n" \
719 " -h show this help\n" \
720 "\n"
721 ;
722 write_all(STDOUT_FILENO, b, strlen(b));
723 }
724
725 /**
726 * open the errorlog
727 *
728 * we have 4 possibilities:
729 * - stderr (default)
730 * - syslog
731 * - logfile
732 * - pipe
733 *
734 */
735
736 static int log_error_open(server *srv) {
737 int errfd;
738 #ifdef HAVE_SYSLOG_H
739 /* perhaps someone wants to use syslog() */
740 int facility = -1;
741 if (!buffer_string_is_empty(srv->srvconf.syslog_facility)) {
742 static const struct facility_name_st {
743 const char *name;
744 int val;
745 } facility_names[] = {
746 { "auth", LOG_AUTH }
747 #ifdef LOG_AUTHPRIV
748 ,{ "authpriv", LOG_AUTHPRIV }
749 #endif
750 #ifdef LOG_CRON
751 ,{ "cron", LOG_CRON }
752 #endif
753 ,{ "daemon", LOG_DAEMON }
754 #ifdef LOG_FTP
755 ,{ "ftp", LOG_FTP }
756 #endif
757 #ifdef LOG_KERN
758 ,{ "kern", LOG_KERN }
759 #endif
760 #ifdef LOG_LPR
761 ,{ "lpr", LOG_LPR }
762 #endif
763 #ifdef LOG_MAIL
764 ,{ "mail", LOG_MAIL }
765 #endif
766 #ifdef LOG_NEWS
767 ,{ "news", LOG_NEWS }
768 #endif
769 ,{ "security", LOG_AUTH } /* DEPRECATED */
770 #ifdef LOG_SYSLOG
771 ,{ "syslog", LOG_SYSLOG }
772 #endif
773 #ifdef LOG_USER
774 ,{ "user", LOG_USER }
775 #endif
776 #ifdef LOG_UUCP
777 ,{ "uucp", LOG_UUCP }
778 #endif
779 ,{ "local0", LOG_LOCAL0 }
780 ,{ "local1", LOG_LOCAL1 }
781 ,{ "local2", LOG_LOCAL2 }
782 ,{ "local3", LOG_LOCAL3 }
783 ,{ "local4", LOG_LOCAL4 }
784 ,{ "local5", LOG_LOCAL5 }
785 ,{ "local6", LOG_LOCAL6 }
786 ,{ "local7", LOG_LOCAL7 }
787 };
788 unsigned int i;
789 for (i = 0; i < sizeof(facility_names)/sizeof(facility_names[0]); ++i) {
790 const struct facility_name_st *f = facility_names+i;
791 if (0 == strcmp(srv->srvconf.syslog_facility->ptr, f->name)) {
792 facility = f->val;
793 break;
794 }
795 }
796 if (-1 == facility) {
797 log_error_write(srv, __FILE__, __LINE__, "SBS",
798 "unrecognized server.syslog-facility: \"",
799 srv->srvconf.syslog_facility,
800 "\"; defaulting to \"daemon\" facility");
801 }
802 }
803 openlog("lighttpd", LOG_CONS|LOG_PID, -1==facility ? LOG_DAEMON : facility);
804 #endif
805
806 srv->errorlog_mode = ERRORLOG_FD;
807 srv->errorlog_fd = STDERR_FILENO;
808
809 if (srv->srvconf.errorlog_use_syslog) {
810 srv->errorlog_mode = ERRORLOG_SYSLOG;
811 }
812 else if (!buffer_string_is_empty(srv->srvconf.errorlog_file)) {
813 const char *logfile = srv->srvconf.errorlog_file->ptr;
814
815 if (-1 == (srv->errorlog_fd = fdevent_open_logger(logfile))) {
816 log_error_write(srv, __FILE__, __LINE__, "SSSS",
817 "opening errorlog '", logfile,
818 "' failed: ", strerror(errno));
819 return -1;
820 }
821 srv->errorlog_mode = logfile[0] == '|' ? ERRORLOG_PIPE : ERRORLOG_FILE;
822 }
823
824 if (srv->errorlog_mode == ERRORLOG_FD && !srv->srvconf.dont_daemonize) {
825 /* We can only log to stderr in dont-daemonize mode;
826 * if we do daemonize and no errorlog file is specified,
827 * we log into /dev/null
828 */
829 srv->errorlog_fd = -1;
830 }
831
832 if (!buffer_string_is_empty(srv->srvconf.breakagelog_file)) {
833 const char *logfile = srv->srvconf.breakagelog_file->ptr;
834
835 if (srv->errorlog_mode == ERRORLOG_FD) {
836 srv->errorlog_fd = dup(STDERR_FILENO);
837 fdevent_setfd_cloexec(srv->errorlog_fd);
838 }
839
840 if (-1 == (errfd = fdevent_open_logger(logfile))) {
841 log_error_write(srv, __FILE__, __LINE__, "SSSS",
842 "opening errorlog '", logfile,
843 "' failed: ", strerror(errno));
844 return -1;
845 }
846
847 if (*logfile == '|') fdevent_breakagelog_logger_pipe(errfd);
848 }
849 else if (!srv->srvconf.dont_daemonize) {
850 /* move STDERR_FILENO to /dev/null */
851 if (-1 == (errfd = fdevent_open_devnull())) {
852 log_error_write(srv, __FILE__, __LINE__, "ss",
853 "opening /dev/null failed:", strerror(errno));
854 return -1;
855 }
856 }
857 else {
858 /*(leave STDERR_FILENO as-is)*/
859 errfd = -1;
860 }
861
862 if (0 != fdevent_set_stdin_stdout_stderr(-1, -1, errfd)) {
863 log_error_write(srv, __FILE__, __LINE__, "ss",
864 "setting stderr failed:", strerror(errno));
865 #ifdef FD_CLOEXEC
866 if (-1 != errfd) close(errfd);
867 #endif
868 return -1;
869 }
870 #ifdef FD_CLOEXEC
871 if (-1 != errfd) close(errfd);
872 #endif
873
874 return 0;
875 }
876
877 /**
878 * cycle the errorlog
879 *
880 */
881
882 static int log_error_cycle(server *srv) {
883 /* cycle only if the error log is a file */
884
885 if (srv->errorlog_mode == ERRORLOG_FILE) {
886 const char *logfile = srv->srvconf.errorlog_file->ptr;
887 if (-1 == fdevent_cycle_logger(logfile, &srv->errorlog_fd)) {
888 /* write to old log */
889 log_error_write(srv, __FILE__, __LINE__, "SSSS",
890 "cycling errorlog '", logfile,
891 "' failed: ", strerror(errno));
892 }
893 }
894
895 return 0;
896 }
897
898 static int log_error_close(server *srv) {
899 switch(srv->errorlog_mode) {
900 case ERRORLOG_PIPE:
901 case ERRORLOG_FILE:
902 case ERRORLOG_FD:
903 if (-1 != srv->errorlog_fd) {
904 /* don't close STDERR */
905 /* fdevent_close_logger_pipes() closes ERRORLOG_PIPE */
906 if (STDERR_FILENO != srv->errorlog_fd
907 && srv->errorlog_mode != ERRORLOG_PIPE) {
908 close(srv->errorlog_fd);
909 }
910 srv->errorlog_fd = -1;
911 }
912 break;
913 case ERRORLOG_SYSLOG:
914 #ifdef HAVE_SYSLOG_H
915 closelog();
916 #endif
917 break;
918 }
919
920 return 0;
921 }
922
923 static void server_sockets_save (server *srv) { /* graceful_restart */
924 memcpy(&graceful_sockets, &srv->srv_sockets, sizeof(server_socket_array));
925 memset(&srv->srv_sockets, 0, sizeof(server_socket_array));
926 }
927
928 static void server_sockets_restore (server *srv) { /* graceful_restart */
929 memcpy(&srv->srv_sockets, &graceful_sockets, sizeof(server_socket_array));
930 memset(&graceful_sockets, 0, sizeof(server_socket_array));
931 }
932
933 static int server_sockets_set_nb_cloexec (server *srv) {
934 if (srv->sockets_disabled) return 0; /* lighttpd -1 (one-shot mode) */
935 for (size_t i = 0; i < srv->srv_sockets.used; ++i) {
936 server_socket *srv_socket = srv->srv_sockets.ptr[i];
937 if (-1 == fdevent_fcntl_set_nb_cloexec_sock(srv->ev, srv_socket->fd)) {
938 log_error_write(srv, __FILE__, __LINE__, "ss",
939 "fcntl failed:", strerror(errno));
940 return -1;
941 }
942 }
943 return 0;
944 }
945
946 static void server_sockets_set_event (server *srv, int event) {
947 for (size_t i = 0; i < srv->srv_sockets.used; ++i) {
948 server_socket *srv_socket = srv->srv_sockets.ptr[i];
949 fdevent_event_set(srv->ev,&(srv_socket->fde_ndx),srv_socket->fd,event);
950 }
951 }
952
953 static void server_sockets_unregister (server *srv) {
954 for (size_t i = 0; i < srv->srv_sockets.used; ++i)
955 network_unregister_sock(srv, srv->srv_sockets.ptr[i]);
956 }
957
958 static void server_sockets_close (server *srv) {
959 /* closing socket right away will make it possible for the next lighttpd
960 * to take over (old-style graceful restart), but only if backends
961 * (e.g. fastcgi, scgi, etc) are independent from lighttpd, rather
962 * than started by lighttpd via "bin-path")
963 */
964 for (size_t i = 0; i < srv->srv_sockets.used; ++i) {
965 server_socket *srv_socket = srv->srv_sockets.ptr[i];
966 if (-1 == srv_socket->fd) continue;
967 network_unregister_sock(srv, srv_socket);
968 close(srv_socket->fd);
969 srv_socket->fd = -1;
970 /* network_close() will cleanup after us */
971 }
972 }
973
974 static void server_graceful_shutdown_maint (server *srv) {
975 connections *conns = srv->conns;
976 for (size_t ndx = 0; ndx < conns->used; ++ndx) {
977 connection * const con = conns->ptr[ndx];
978 int changed = 0;
979
980 if (con->state == CON_STATE_CLOSE) {
981 /* reduce remaining linger timeout to be
982 * (from zero) *up to* one more second, but no more */
983 if (HTTP_LINGER_TIMEOUT > 1)
984 con->close_timeout_ts -= (HTTP_LINGER_TIMEOUT - 1);
985 if (srv->cur_ts - con->close_timeout_ts > HTTP_LINGER_TIMEOUT)
986 changed = 1;
987 }
988 else if (con->state == CON_STATE_READ && con->request_count > 1
989 && chunkqueue_is_empty(con->read_queue)) {
990 /* close connections in keep-alive waiting for next request */
991 connection_set_state(srv, con, CON_STATE_ERROR);
992 changed = 1;
993 }
994
995 con->keep_alive = 0; /* disable keep-alive */
996
997 con->conf.kbytes_per_second = 0; /* disable rate limit */
998 con->conf.global_kbytes_per_second = 0; /* disable rate limit */
999 if (con->traffic_limit_reached) {
1000 con->traffic_limit_reached = 0;
1001 changed = 1;
1002 }
1003
1004 if (changed) {
1005 connection_state_machine(srv, con);
1006 }
1007 }
1008 }
1009
1010 static void server_graceful_state (server *srv) {
1011
1012 if (!srv_shutdown) server_graceful_shutdown_maint(srv);
1013
1014 if (!oneshot_fd) {
1015 if (0==srv->srv_sockets.used || -1 == srv->srv_sockets.ptr[0]->fde_ndx)
1016 return;
1017 }
1018
1019 log_error_write(srv, __FILE__, __LINE__, "s",
1020 "[note] graceful shutdown started");
1021
1022 /* no graceful restart if chroot()ed, if oneshot mode, or if idle timeout */
1023 if (!buffer_string_is_empty(srv->srvconf.changeroot)
1024 || oneshot_fd || 2 == graceful_shutdown)
1025 graceful_restart = 0;
1026
1027 if (graceful_restart) {
1028 server_sockets_unregister(srv);
1029 if (pid_fd > 0) pid_fd = -pid_fd; /*(flag to skip removing pid file)*/
1030 }
1031 else {
1032 server_sockets_close(srv);
1033 remove_pid_file(srv);
1034 buffer_reset(srv->srvconf.pid_file); /*(prevent more removal attempts)*/
1035 }
1036 }
1037
1038 static int server_main (server * const srv, int argc, char **argv) {
1039 int print_config = 0;
1040 int test_config = 0;
1041 int i_am_root = 0;
1042 int o;
1043 #ifdef HAVE_FORK
1044 int num_childs = 0;
1045 #endif
1046 size_t i;
1047 time_t idle_limit = 0, last_active_ts = time(NULL);
1048 #ifdef HAVE_SIGACTION
1049 struct sigaction act;
1050 #endif
1051
1052 #ifdef HAVE_FORK
1053 int parent_pipe_fd = -1;
1054 #endif
1055
1056 #ifdef HAVE_GETUID
1057 i_am_root = (0 == getuid());
1058 #endif
1059
1060 /* initialize globals (including file-scoped static globals) */
1061 oneshot_fd = 0;
1062 srv_shutdown = 0;
1063 graceful_shutdown = 0;
1064 handle_sig_alarm = 1;
1065 handle_sig_hup = 0;
1066 chunkqueue_set_tempdirs_default_reset();
1067 http_auth_dumbdata_reset();
1068 http_vhostdb_dumbdata_reset();
1069 /*graceful_restart = 0;*//*(reset below to avoid further daemonizing)*/
1070 /*(intentionally preserved)*/
1071 /*memset(graceful_sockets, 0, sizeof(graceful_sockets));*/
1072 /*pid_fd = -1;*/
1073
1074 srv->srvconf.port = 0;
1075 srv->srvconf.dont_daemonize = 0;
1076 srv->srvconf.preflight_check = 0;
1077
1078 while(-1 != (o = getopt(argc, argv, "f:m:i:hvVD1pt"))) {
1079 switch(o) {
1080 case 'f':
1081 if (srv->config_storage) {
1082 log_error_write(srv, __FILE__, __LINE__, "s",
1083 "Can only read one config file. Use the include command to use multiple config files.");
1084 return -1;
1085 }
1086 if (config_read(srv, optarg)) {
1087 return -1;
1088 }
1089 break;
1090 case 'm':
1091 buffer_copy_string(srv->srvconf.modules_dir, optarg);
1092 break;
1093 case 'i': {
1094 char *endptr;
1095 long timeout = strtol(optarg, &endptr, 0);
1096 if (!*optarg || *endptr || timeout < 0) {
1097 log_error_write(srv, __FILE__, __LINE__, "ss",
1098 "Invalid idle timeout value:", optarg);
1099 return -1;
1100 }
1101 idle_limit = (time_t)timeout;
1102 break;
1103 }
1104 case 'p': print_config = 1; break;
1105 case 't': ++test_config; break;
1106 case '1': if (0 == oneshot_fd) oneshot_fd = dup(STDIN_FILENO);
1107 break;
1108 case 'D': srv->srvconf.dont_daemonize = 1; break;
1109 case 'v': show_version(); return 0;
1110 case 'V': show_features(); return 0;
1111 case 'h': show_help(); return 0;
1112 default:
1113 show_help();
1114 return -1;
1115 }
1116 }
1117
1118 if (!srv->config_storage) {
1119 log_error_write(srv, __FILE__, __LINE__, "s",
1120 "No configuration available. Try using -f option.");
1121 return -1;
1122 }
1123
1124 if (print_config) {
1125 data_unset *dc = srv->config_context->data[0];
1126 if (dc) {
1127 dc->print(dc, 0);
1128 fprintf(stdout, "\n");
1129 } else {
1130 /* shouldn't happend */
1131 fprintf(stderr, "global config not found\n");
1132 }
1133 }
1134
1135 if (test_config) {
1136 buffer_reset(srv->srvconf.pid_file);
1137 if (1 == test_config) {
1138 printf("Syntax OK\n");
1139 } else { /*(test_config > 1)*/
1140 test_config = 0;
1141 srv->srvconf.preflight_check = 1;
1142 srv->srvconf.dont_daemonize = 1;
1143 }
1144 }
1145
1146 if (test_config || print_config) {
1147 return 0;
1148 }
1149
1150 if (oneshot_fd) {
1151 if (oneshot_fd <= STDERR_FILENO) {
1152 log_error_write(srv, __FILE__, __LINE__, "s",
1153 "Invalid fds at startup with lighttpd -1");
1154 return -1;
1155 }
1156 graceful_shutdown = 1;
1157 srv->sockets_disabled = 1;
1158 srv->srvconf.dont_daemonize = 1;
1159 buffer_reset(srv->srvconf.pid_file);
1160 if (srv->srvconf.max_worker) {
1161 srv->srvconf.max_worker = 0;
1162 log_error_write(srv, __FILE__, __LINE__, "s",
1163 "server one-shot command line option disables server.max-worker config file option.");
1164 }
1165 }
1166
1167 /* close stdin and stdout, as they are not needed */
1168 {
1169 struct stat st;
1170 int devnull;
1171 int errfd;
1172 do {
1173 /* coverity[overwrite_var : FALSE] */
1174 devnull = fdevent_open_devnull();
1175 } while (-1 != devnull && devnull <= STDERR_FILENO);
1176 if (-1 == devnull) {
1177 log_error_write(srv, __FILE__, __LINE__, "ss",
1178 "opening /dev/null failed:", strerror(errno));
1179 return -1;
1180 }
1181 errfd = (0 == fstat(STDERR_FILENO, &st)) ? -1 : devnull;
1182 if (0 != fdevent_set_stdin_stdout_stderr(devnull, devnull, errfd)) {
1183 log_error_write(srv, __FILE__, __LINE__, "ss",
1184 "setting default fds failed:", strerror(errno));
1185 #ifdef FD_CLOEXEC
1186 if (-1 != errfd) close(errfd);
1187 if (devnull != errfd) close(devnull);
1188 #endif
1189 return -1;
1190 }
1191 #ifdef FD_CLOEXEC
1192 if (-1 != errfd) close(errfd);
1193 if (devnull != errfd) close(devnull);
1194 #endif
1195 }
1196
1197 if (0 != config_set_defaults(srv)) {
1198 log_error_write(srv, __FILE__, __LINE__, "s",
1199 "setting default values failed");
1200 return -1;
1201 }
1202
1203 /* check document-root */
1204 if (buffer_string_is_empty(srv->config_storage[0]->document_root)) {
1205 log_error_write(srv, __FILE__, __LINE__, "s",
1206 "document-root is not set\n");
1207 return -1;
1208 }
1209
1210 if (plugins_load(srv)) {
1211 log_error_write(srv, __FILE__, __LINE__, "s",
1212 "loading plugins finally failed");
1213 return -1;
1214 }
1215
1216 if (HANDLER_GO_ON != plugins_call_init(srv)) {
1217 log_error_write(srv, __FILE__, __LINE__, "s", "Initialization of plugins failed. Going down.");
1218 return -1;
1219 }
1220
1221 /* open pid file BEFORE chroot */
1222 if (-2 == pid_fd) pid_fd = -1; /*(initial startup state)*/
1223 if (-1 == pid_fd && !buffer_string_is_empty(srv->srvconf.pid_file)) {
1224 if (-1 == (pid_fd = fdevent_open_cloexec(srv->srvconf.pid_file->ptr, O_WRONLY | O_CREAT | O_EXCL | O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH))) {
1225 struct stat st;
1226 if (errno != EEXIST) {
1227 log_error_write(srv, __FILE__, __LINE__, "sbs",
1228 "opening pid-file failed:", srv->srvconf.pid_file, strerror(errno));
1229 return -1;
1230 }
1231
1232 if (0 != stat(srv->srvconf.pid_file->ptr, &st)) {
1233 log_error_write(srv, __FILE__, __LINE__, "sbs",
1234 "stating existing pid-file failed:", srv->srvconf.pid_file, strerror(errno));
1235 }
1236
1237 if (!S_ISREG(st.st_mode)) {
1238 log_error_write(srv, __FILE__, __LINE__, "sb",
1239 "pid-file exists and isn't regular file:", srv->srvconf.pid_file);
1240 return -1;
1241 }
1242
1243 if (-1 == (pid_fd = fdevent_open_cloexec(srv->srvconf.pid_file->ptr, O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH))) {
1244 log_error_write(srv, __FILE__, __LINE__, "sbs",
1245 "opening pid-file failed:", srv->srvconf.pid_file, strerror(errno));
1246 return -1;
1247 }
1248 }
1249 }
1250
1251 if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
1252 /* select limits itself
1253 *
1254 * as it is a hard limit and will lead to a segfault we add some safety
1255 * */
1256 srv->max_fds = FD_SETSIZE - 200;
1257 } else {
1258 srv->max_fds = 4096;
1259 }
1260
1261 {
1262 #ifdef HAVE_GETRLIMIT
1263 struct rlimit rlim;
1264 int use_rlimit = 1;
1265 #ifdef HAVE_VALGRIND_VALGRIND_H
1266 if (RUNNING_ON_VALGRIND) use_rlimit = 0;
1267 #endif
1268
1269 if (0 != getrlimit(RLIMIT_NOFILE, &rlim)) {
1270 log_error_write(srv, __FILE__, __LINE__,
1271 "ss", "couldn't get 'max filedescriptors'",
1272 strerror(errno));
1273 return -1;
1274 }
1275
1276 /**
1277 * if we are not root can can't increase the fd-limit above rlim_max, but we can reduce it
1278 */
1279 if (use_rlimit && srv->srvconf.max_fds
1280 && (i_am_root || srv->srvconf.max_fds <= rlim.rlim_max)) {
1281 /* set rlimits */
1282
1283 rlim.rlim_cur = srv->srvconf.max_fds;
1284 if (i_am_root) rlim.rlim_max = srv->srvconf.max_fds;
1285
1286 if (0 != setrlimit(RLIMIT_NOFILE, &rlim)) {
1287 log_error_write(srv, __FILE__, __LINE__,
1288 "ss", "couldn't set 'max filedescriptors'",
1289 strerror(errno));
1290 return -1;
1291 }
1292 }
1293
1294 if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
1295 srv->max_fds = rlim.rlim_cur < (rlim_t)FD_SETSIZE - 200 ? (int)rlim.rlim_cur : (int)FD_SETSIZE - 200;
1296 } else {
1297 srv->max_fds = rlim.rlim_cur;
1298 /*(default upper limit of 4k if server.max-fds not specified)*/
1299 if (i_am_root && 0 == srv->srvconf.max_fds && rlim.rlim_cur > 4096)
1300 srv->max_fds = 4096;
1301 }
1302
1303 /* set core file rlimit, if enable_cores is set */
1304 if (use_rlimit && srv->srvconf.enable_cores && getrlimit(RLIMIT_CORE, &rlim) == 0) {
1305 rlim.rlim_cur = rlim.rlim_max;
1306 setrlimit(RLIMIT_CORE, &rlim);
1307 }
1308 #endif
1309 if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
1310 /* don't raise the limit above FD_SET_SIZE */
1311 if (srv->max_fds > ((int)FD_SETSIZE) - 200) {
1312 log_error_write(srv, __FILE__, __LINE__, "sd",
1313 "can't raise max filedescriptors above", FD_SETSIZE - 200,
1314 "if event-handler is 'select'. Use 'poll' or something else or reduce server.max-fds.");
1315 return -1;
1316 }
1317 }
1318 }
1319
1320 /* we need root-perms for port < 1024 */
1321 if (0 != network_init(srv)) {
1322 return -1;
1323 }
1324
1325 if (i_am_root) {
1326 #ifdef HAVE_PWD_H
1327 /* set user and group */
1328 struct group *grp = NULL;
1329 struct passwd *pwd = NULL;
1330
1331 if (!buffer_string_is_empty(srv->srvconf.groupname)) {
1332 if (NULL == (grp = getgrnam(srv->srvconf.groupname->ptr))) {
1333 log_error_write(srv, __FILE__, __LINE__, "sb",
1334 "can't find groupname", srv->srvconf.groupname);
1335 return -1;
1336 }
1337 }
1338
1339 if (!buffer_string_is_empty(srv->srvconf.username)) {
1340 if (NULL == (pwd = getpwnam(srv->srvconf.username->ptr))) {
1341 log_error_write(srv, __FILE__, __LINE__, "sb",
1342 "can't find username", srv->srvconf.username);
1343 return -1;
1344 }
1345
1346 if (pwd->pw_uid == 0) {
1347 log_error_write(srv, __FILE__, __LINE__, "s",
1348 "I will not set uid to 0\n");
1349 return -1;
1350 }
1351
1352 if (NULL == grp && NULL == (grp = getgrgid(pwd->pw_gid))) {
1353 log_error_write(srv, __FILE__, __LINE__, "sd",
1354 "can't find group id", pwd->pw_gid);
1355 return -1;
1356 }
1357 }
1358
1359 if (NULL != grp) {
1360 if (grp->gr_gid == 0) {
1361 log_error_write(srv, __FILE__, __LINE__, "s",
1362 "I will not set gid to 0\n");
1363 return -1;
1364 }
1365 }
1366
1367 /*
1368 * Change group before chroot, when we have access
1369 * to /etc/group
1370 * */
1371 if (NULL != grp) {
1372 if (-1 == setgid(grp->gr_gid)) {
1373 log_error_write(srv, __FILE__, __LINE__, "ss", "setgid failed: ", strerror(errno));
1374 return -1;
1375 }
1376 if (-1 == setgroups(0, NULL)) {
1377 log_error_write(srv, __FILE__, __LINE__, "ss", "setgroups failed: ", strerror(errno));
1378 return -1;
1379 }
1380 if (!buffer_string_is_empty(srv->srvconf.username)) {
1381 initgroups(srv->srvconf.username->ptr, grp->gr_gid);
1382 }
1383 }
1384 #endif
1385 #ifdef HAVE_CHROOT
1386 if (!buffer_string_is_empty(srv->srvconf.changeroot)) {
1387 tzset();
1388
1389 if (-1 == chroot(srv->srvconf.changeroot->ptr)) {
1390 log_error_write(srv, __FILE__, __LINE__, "ss", "chroot failed: ", strerror(errno));
1391 return -1;
1392 }
1393 if (-1 == chdir("/")) {
1394 log_error_write(srv, __FILE__, __LINE__, "ss", "chdir failed: ", strerror(errno));
1395 return -1;
1396 }
1397 }
1398 #endif
1399 #ifdef HAVE_PWD_H
1400 /* drop root privs */
1401 if (NULL != pwd) {
1402 if (-1 == setuid(pwd->pw_uid)) {
1403 log_error_write(srv, __FILE__, __LINE__, "ss", "setuid failed: ", strerror(errno));
1404 return -1;
1405 }
1406 }
1407 #endif
1408 #if defined(HAVE_SYS_PRCTL_H) && defined(PR_SET_DUMPABLE)
1409 /**
1410 * on IRIX 6.5.30 they have prctl() but no DUMPABLE
1411 */
1412 if (srv->srvconf.enable_cores) {
1413 prctl(PR_SET_DUMPABLE, 1, 0, 0, 0);
1414 }
1415 #endif
1416 }
1417
1418 /* set max-conns */
1419 if (srv->srvconf.max_conns > srv->max_fds/2) {
1420 /* we can't have more connections than max-fds/2 */
1421 log_error_write(srv, __FILE__, __LINE__, "sdd", "can't have more connections than fds/2: ", srv->srvconf.max_conns, srv->max_fds);
1422 srv->max_conns = srv->max_fds/2;
1423 } else if (srv->srvconf.max_conns) {
1424 /* otherwise respect the wishes of the user */
1425 srv->max_conns = srv->srvconf.max_conns;
1426 } else {
1427 /* or use the default: we really don't want to hit max-fds */
1428 srv->max_conns = srv->max_fds/3;
1429 }
1430
1431 #ifdef HAVE_FORK
1432 /* network is up, let's daemonize ourself */
1433 if (0 == srv->srvconf.dont_daemonize && 0 == graceful_restart) {
1434 parent_pipe_fd = daemonize();
1435 }
1436 #endif
1437 graceful_restart = 0;/*(reset here after avoiding further daemonizing)*/
1438 graceful_shutdown= 0;
1439
1440
1441 #ifdef HAVE_SIGACTION
1442 memset(&act, 0, sizeof(act));
1443 act.sa_handler = SIG_IGN;
1444 sigaction(SIGPIPE, &act, NULL);
1445 # if defined(SA_SIGINFO)
1446 last_sighup_info.si_uid = 0,
1447 last_sighup_info.si_pid = 0;
1448 last_sigterm_info.si_uid = 0,
1449 last_sigterm_info.si_pid = 0;
1450 act.sa_sigaction = sigaction_handler;
1451 sigemptyset(&act.sa_mask);
1452 act.sa_flags = SA_SIGINFO;
1453 # else
1454 act.sa_handler = signal_handler;
1455 sigemptyset(&act.sa_mask);
1456 act.sa_flags = 0;
1457 # endif
1458 sigaction(SIGINT, &act, NULL);
1459 sigaction(SIGTERM, &act, NULL);
1460 sigaction(SIGHUP, &act, NULL);
1461 sigaction(SIGALRM, &act, NULL);
1462 sigaction(SIGUSR1, &act, NULL);
1463
1464 /* it should be safe to restart syscalls after SIGCHLD */
1465 act.sa_flags |= SA_RESTART | SA_NOCLDSTOP;
1466 sigaction(SIGCHLD, &act, NULL);
1467
1468 #elif defined(HAVE_SIGNAL)
1469 /* ignore the SIGPIPE from sendfile() */
1470 signal(SIGPIPE, SIG_IGN);
1471 signal(SIGALRM, signal_handler);
1472 signal(SIGTERM, signal_handler);
1473 signal(SIGHUP, signal_handler);
1474 signal(SIGCHLD, signal_handler);
1475 signal(SIGINT, signal_handler);
1476 signal(SIGUSR1, signal_handler);
1477 #endif
1478
1479
1480 srv->gid = getgid();
1481 srv->uid = getuid();
1482
1483 /* write pid file */
1484 if (pid_fd > 2) {
1485 buffer_copy_int(srv->tmp_buf, getpid());
1486 buffer_append_string_len(srv->tmp_buf, CONST_STR_LEN("\n"));
1487 if (-1 == write_all(pid_fd, CONST_BUF_LEN(srv->tmp_buf))) {
1488 log_error_write(srv, __FILE__, __LINE__, "ss", "Couldn't write pid file:", strerror(errno));
1489 close(pid_fd);
1490 pid_fd = -1;
1491 return -1;
1492 }
1493 } else if (pid_fd < -2) {
1494 pid_fd = -pid_fd;
1495 }
1496
1497 /* Close stderr ASAP in the child process to make sure that nothing
1498 * is being written to that fd which may not be valid anymore. */
1499 if (!srv->srvconf.preflight_check) {
1500 if (-1 == log_error_open(srv)) {
1501 log_error_write(srv, __FILE__, __LINE__, "s", "Opening errorlog failed. Going down.");
1502 return -1;
1503 }
1504 log_error_write(srv, __FILE__, __LINE__, "s", "server started (" PACKAGE_DESC ")");
1505 }
1506
1507 if (buffer_is_empty(srv->config_storage[0]->server_tag)) {
1508 buffer_copy_string_len(srv->config_storage[0]->server_tag, CONST_STR_LEN(PACKAGE_DESC));
1509 }
1510
1511 if (HANDLER_GO_ON != plugins_call_set_defaults(srv)) {
1512 log_error_write(srv, __FILE__, __LINE__, "s", "Configuration of plugins failed. Going down.");
1513 return -1;
1514 }
1515
1516 /* settings might be enabled during module config set defaults */
1517 srv->config_storage[0]->high_precision_timestamps = srv->srvconf.high_precision_timestamps;
1518
1519 /* dump unused config-keys */
1520 for (i = 0; i < srv->config_context->used; i++) {
1521 array *config = ((data_config *)srv->config_context->data[i])->value;
1522 size_t j;
1523
1524 for (j = 0; config && j < config->used; j++) {
1525 data_unset *du = config->data[j];
1526
1527 /* all var.* is known as user defined variable */
1528 if (strncmp(du->key->ptr, "var.", sizeof("var.") - 1) == 0) {
1529 continue;
1530 }
1531
1532 if (NULL == array_get_element_klen(srv->config_touched, CONST_BUF_LEN(du->key))) {
1533 log_error_write(srv, __FILE__, __LINE__, "sbs",
1534 "WARNING: unknown config-key:",
1535 du->key,
1536 "(ignored)");
1537 }
1538 }
1539 }
1540
1541 if (srv->config_unsupported) {
1542 log_error_write(srv, __FILE__, __LINE__, "s",
1543 "Configuration contains unsupported keys. Going down.");
1544 }
1545
1546 if (srv->config_deprecated) {
1547 log_error_write(srv, __FILE__, __LINE__, "s",
1548 "Configuration contains deprecated keys. Going down.");
1549 }
1550
1551 if (srv->config_unsupported || srv->config_deprecated) {
1552 return -1;
1553 }
1554
1555 if (srv->srvconf.preflight_check) {
1556 /*printf("Preflight OK");*//*(stdout reopened to /dev/null)*/
1557 return 0;
1558 }
1559
1560
1561 #ifdef HAVE_FORK
1562 /**
1563 * notify daemonize-grandparent of successful startup
1564 * do this before any further forking is done (workers)
1565 */
1566 if (0 == srv->srvconf.dont_daemonize && -1 != parent_pipe_fd) {
1567 if (0 > write(parent_pipe_fd, "", 1)) return -1;
1568 close(parent_pipe_fd);
1569 }
1570
1571 if (idle_limit && srv->srvconf.max_worker) {
1572 srv->srvconf.max_worker = 0;
1573 log_error_write(srv, __FILE__, __LINE__, "s",
1574 "server idle time limit command line option disables server.max-worker config file option.");
1575 }
1576
1577 /* start watcher and workers */
1578 num_childs = srv->srvconf.max_worker;
1579 if (num_childs > 0) {
1580 pid_t pids[num_childs];
1581 pid_t pid;
1582 const int npids = num_childs;
1583 int child = 0;
1584 for (int n = 0; n < npids; ++n) pids[n] = -1;
1585 while (!child && !srv_shutdown && !graceful_shutdown) {
1586 if (num_childs > 0) {
1587 switch ((pid = fork())) {
1588 case -1:
1589 return -1;
1590 case 0:
1591 child = 1;
1592 break;
1593 default:
1594 num_childs--;
1595 for (int n = 0; n < npids; ++n) {
1596 if (-1 == pids[n]) {
1597 pids[n] = pid;
1598 break;
1599 }
1600 }
1601 break;
1602 }
1603 } else {
1604 int status;
1605
1606 if (-1 != (pid = wait(&status))) {
1607 switch (fdevent_reaped_logger_pipe(pid)) {
1608 default: break;
1609 case -1: alarm(5); /* fall through */
1610 case 1: continue;
1611 }
1612 /**
1613 * check if one of our workers went away
1614 */
1615 for (int n = 0; n < npids; ++n) {
1616 if (pid == pids[n]) {
1617 pids[n] = -1;
1618 num_childs++;
1619 break;
1620 }
1621 }
1622 } else {
1623 switch (errno) {
1624 case EINTR:
1625 /**
1626 * if we receive a SIGHUP we have to close our logs ourself as we don't
1627 * have the mainloop who can help us here
1628 */
1629 if (handle_sig_hup) {
1630 handle_sig_hup = 0;
1631
1632 log_error_cycle(srv);
1633
1634 /* forward SIGHUP to workers */
1635 for (int n = 0; n < npids; ++n) {
1636 if (pids[n] > 0) kill(pids[n], SIGHUP);
1637 }
1638 }
1639 if (handle_sig_alarm) {
1640 handle_sig_alarm = 0;
1641 fdevent_waitpid_logger_pipes(time(NULL));
1642 }
1643 break;
1644 default:
1645 break;
1646 }
1647 }
1648 }
1649 }
1650
1651 /**
1652 * for the parent this is the exit-point
1653 */
1654 if (!child) {
1655 /**
1656 * kill all children too
1657 */
1658 if (graceful_shutdown || graceful_restart) {
1659 /* flag to ignore one SIGINT if graceful_restart */
1660 if (graceful_restart) graceful_restart = 2;
1661 kill(0, SIGINT);
1662 server_graceful_state(srv);
1663 } else if (srv_shutdown) {
1664 kill(0, SIGTERM);
1665 }
1666
1667 return 0;
1668 }
1669
1670 /* ignore SIGUSR1 in workers; only parent directs graceful restart */
1671 #ifdef HAVE_SIGACTION
1672 {
1673 struct sigaction actignore;
1674 memset(&actignore, 0, sizeof(actignore));
1675 actignore.sa_handler = SIG_IGN;
1676 sigaction(SIGUSR1, &actignore, NULL);
1677 }
1678 #elif defined(HAVE_SIGNAL)
1679 signal(SIGUSR1, SIG_IGN);
1680 #endif
1681
1682 /**
1683 * make sure workers do not muck with pid-file
1684 */
1685 if (0 <= pid_fd) {
1686 close(pid_fd);
1687 pid_fd = -1;
1688 }
1689 buffer_reset(srv->srvconf.pid_file);
1690
1691 li_rand_reseed();
1692 }
1693 #endif
1694
1695 if (NULL == (srv->ev = fdevent_init(srv, srv->max_fds + 1, srv->event_handler))) {
1696 log_error_write(srv, __FILE__, __LINE__,
1697 "s", "fdevent_init failed");
1698 return -1;
1699 }
1700
1701 /* libev backend overwrites our SIGCHLD handler and calls waitpid on SIGCHLD; we want our own SIGCHLD handling. */
1702 #ifdef HAVE_SIGACTION
1703 sigaction(SIGCHLD, &act, NULL);
1704 #elif defined(HAVE_SIGNAL)
1705 signal(SIGCHLD, signal_handler);
1706 #endif
1707
1708 /*
1709 * kqueue() is called here, select resets its internals,
1710 * all server sockets get their handlers
1711 *
1712 * */
1713 if (0 != network_register_fdevents(srv)) {
1714 return -1;
1715 }
1716
1717 /* might fail if user is using fam (not gamin) and famd isn't running */
1718 if (NULL == (srv->stat_cache = stat_cache_init(srv))) {
1719 log_error_write(srv, __FILE__, __LINE__, "s",
1720 "stat-cache could not be setup, dieing.");
1721 return -1;
1722 }
1723
1724 #ifdef USE_ALARM
1725 {
1726 /* setup periodic timer (1 second) */
1727 struct itimerval interval;
1728 interval.it_interval.tv_sec = 1;
1729 interval.it_interval.tv_usec = 0;
1730 interval.it_value.tv_sec = 1;
1731 interval.it_value.tv_usec = 0;
1732 if (setitimer(ITIMER_REAL, &interval, NULL)) {
1733 log_error_write(srv, __FILE__, __LINE__, "s", "setting timer failed");
1734 return -1;
1735 }
1736 }
1737 #endif
1738
1739
1740 /* get the current number of FDs */
1741 {
1742 int fd = fdevent_open_devnull();
1743 if (fd >= 0) {
1744 srv->cur_fds = fd;
1745 close(fd);
1746 }
1747 }
1748
1749 if (0 != server_sockets_set_nb_cloexec(srv)) {
1750 return -1;
1751 }
1752
1753 if (oneshot_fd && server_oneshot_init(srv, oneshot_fd)) {
1754 oneshot_fd = -1;
1755 }
1756
1757 /* main-loop */
1758 while (!srv_shutdown) {
1759 int n;
1760 size_t ndx;
1761 time_t min_ts;
1762
1763 if (handle_sig_hup) {
1764 handler_t r;
1765
1766 /* reset notification */
1767 handle_sig_hup = 0;
1768
1769
1770 /* cycle logfiles */
1771
1772 switch(r = plugins_call_handle_sighup(srv)) {
1773 case HANDLER_GO_ON:
1774 break;
1775 default:
1776 log_error_write(srv, __FILE__, __LINE__, "sd", "sighup-handler return with an error", r);
1777 break;
1778 }
1779
1780 if (-1 == log_error_cycle(srv)) {
1781 log_error_write(srv, __FILE__, __LINE__, "s", "cycling errorlog failed, dying");
1782
1783 return -1;
1784 } else {
1785 #ifdef HAVE_SIGACTION
1786 log_error_write(srv, __FILE__, __LINE__, "sdsd",
1787 "logfiles cycled UID =",
1788 last_sighup_info.si_uid,
1789 "PID =",
1790 last_sighup_info.si_pid);
1791 #else
1792 log_error_write(srv, __FILE__, __LINE__, "s",
1793 "logfiles cycled");
1794 #endif
1795 }
1796 }
1797
1798 if (handle_sig_alarm) {
1799 /* a new second */
1800
1801 #ifdef USE_ALARM
1802 /* reset notification */
1803 handle_sig_alarm = 0;
1804 #endif
1805
1806 /* get current time */
1807 min_ts = time(NULL);
1808
1809 if (min_ts != srv->cur_ts) {
1810 #ifdef DEBUG_CONNECTION_STATES
1811 int cs = 0;
1812 #endif
1813 connections *conns = srv->conns;
1814 handler_t r;
1815
1816 switch(r = plugins_call_handle_trigger(srv)) {
1817 case HANDLER_GO_ON:
1818 break;
1819 case HANDLER_ERROR:
1820 log_error_write(srv, __FILE__, __LINE__, "s", "one of the triggers failed");
1821 break;
1822 default:
1823 log_error_write(srv, __FILE__, __LINE__, "d", r);
1824 break;
1825 }
1826
1827 /* trigger waitpid */
1828 srv->cur_ts = min_ts;
1829
1830 /* check idle time limit, if enabled */
1831 if (idle_limit && idle_limit < min_ts - last_active_ts && !graceful_shutdown) {
1832 log_error_write(srv, __FILE__, __LINE__, "sDs", "[note] idle timeout", (int)idle_limit,
1833 "s exceeded, initiating graceful shutdown");
1834 graceful_shutdown = 2; /* value 2 indicates idle timeout */
1835 if (graceful_restart) {
1836 graceful_restart = 0;
1837 if (pid_fd < -2) pid_fd = -pid_fd;
1838 server_sockets_close(srv);
1839 }
1840 }
1841
1842 #ifdef HAVE_GETLOADAVG
1843 /* refresh loadavg data every 30 seconds */
1844 if (srv->srvconf.loadts + 30 < min_ts) {
1845 if (-1 != getloadavg(srv->srvconf.loadavg, 3)) {
1846 srv->srvconf.loadts = min_ts;
1847 }
1848 }
1849 #endif
1850
1851 /* cleanup stat-cache */
1852 stat_cache_trigger_cleanup(srv);
1853 /* reset global/aggregate rate limit counters */
1854 for (i = 0; i < srv->config_context->used; ++i) {
1855 srv->config_storage[i]->global_bytes_per_second_cnt = 0;
1856 }
1857 /* check piped-loggers and restart, unless shutting down */
1858 if (!graceful_shutdown && !srv_shutdown && 0 == srv->srvconf.max_worker) fdevent_waitpid_logger_pipes(min_ts);
1859 /* if graceful_shutdown, accelerate cleanup of recently completed request/responses */
1860 if (graceful_shutdown && !srv_shutdown) server_graceful_shutdown_maint(srv);
1861 /**
1862 * check all connections for timeouts
1863 *
1864 */
1865 for (ndx = 0; ndx < conns->used; ndx++) {
1866 connection * const con = conns->ptr[ndx];
1867 const int waitevents = fdevent_event_get_interest(srv->ev, con->fd);
1868 int changed = 0;
1869 int t_diff;
1870
1871 if (con->state == CON_STATE_CLOSE) {
1872 if (srv->cur_ts - con->close_timeout_ts > HTTP_LINGER_TIMEOUT) {
1873 changed = 1;
1874 }
1875 } else if (waitevents & FDEVENT_IN) {
1876 if (con->request_count == 1 || con->state != CON_STATE_READ) { /* e.g. CON_STATE_READ_POST || CON_STATE_WRITE */
1877 if (srv->cur_ts - con->read_idle_ts > con->conf.max_read_idle) {
1878 /* time - out */
1879 if (con->conf.log_request_handling) {
1880 log_error_write(srv, __FILE__, __LINE__, "sd",
1881 "connection closed - read timeout:", con->fd);
1882 }
1883
1884 connection_set_state(srv, con, CON_STATE_ERROR);
1885 changed = 1;
1886 }
1887 } else {
1888 if (srv->cur_ts - con->read_idle_ts > con->keep_alive_idle) {
1889 /* time - out */
1890 if (con->conf.log_request_handling) {
1891 log_error_write(srv, __FILE__, __LINE__, "sd",
1892 "connection closed - keep-alive timeout:", con->fd);
1893 }
1894
1895 connection_set_state(srv, con, CON_STATE_ERROR);
1896 changed = 1;
1897 }
1898 }
1899 }
1900
1901 /* max_write_idle timeout currently functions as backend timeout,
1902 * too, after response has been started.
1903 * future: have separate backend timeout, and then change this
1904 * to check for write interest before checking for timeout */
1905 /*if (waitevents & FDEVENT_OUT)*/
1906 if ((con->state == CON_STATE_WRITE) &&
1907 (con->write_request_ts != 0)) {
1908 #if 0
1909 if (srv->cur_ts - con->write_request_ts > 60) {
1910 log_error_write(srv, __FILE__, __LINE__, "sdd",
1911 "connection closed - pre-write-request-timeout:", con->fd, srv->cur_ts - con->write_request_ts);
1912 }
1913 #endif
1914
1915 if (srv->cur_ts - con->write_request_ts > con->conf.max_write_idle) {
1916 /* time - out */
1917 if (con->conf.log_timeouts) {
1918 log_error_write(srv, __FILE__, __LINE__, "sbsbsosds",
1919 "NOTE: a request from",
1920 con->dst_addr_buf,
1921 "for",
1922 con->request.uri,
1923 "timed out after writing",
1924 con->bytes_written,
1925 "bytes. We waited",
1926 (int)con->conf.max_write_idle,
1927 "seconds. If this a problem increase server.max-write-idle");
1928 }
1929 connection_set_state(srv, con, CON_STATE_ERROR);
1930 changed = 1;
1931 }
1932 }
1933
1934 /* we don't like div by zero */
1935 if (0 == (t_diff = srv->cur_ts - con->connection_start)) t_diff = 1;
1936
1937 if (con->traffic_limit_reached &&
1938 (con->conf.kbytes_per_second == 0 ||
1939 ((con->bytes_written / t_diff) < con->conf.kbytes_per_second * 1024))) {
1940 /* enable connection again */
1941 con->traffic_limit_reached = 0;
1942
1943 changed = 1;
1944 }
1945
1946 con->bytes_written_cur_second = 0;
1947
1948 if (changed) {
1949 connection_state_machine(srv, con);
1950 }
1951
1952 #if DEBUG_CONNECTION_STATES
1953 if (cs == 0) {
1954 fprintf(stderr, "connection-state: ");
1955 cs = 1;
1956 }
1957
1958 fprintf(stderr, "c[%d,%d]: %s ",
1959 con->fd,
1960 con->fcgi.fd,
1961 connection_get_state(con->state));
1962 #endif
1963 }
1964
1965 #ifdef DEBUG_CONNECTION_STATES
1966 if (cs == 1) fprintf(stderr, "\n");
1967 #endif
1968 }
1969 }
1970
1971 if (graceful_shutdown) {
1972 server_graceful_state(srv);
1973 srv->sockets_disabled = 1;
1974 } else if (srv->sockets_disabled) {
1975 /* our server sockets are disabled, why ? */
1976
1977 if ((srv->cur_fds + srv->want_fds < srv->max_fds * 8 / 10) && /* we have enough unused fds */
1978 (srv->conns->used <= srv->max_conns * 9 / 10)) {
1979 server_sockets_set_event(srv, FDEVENT_IN);
1980 log_error_write(srv, __FILE__, __LINE__, "s", "[note] sockets enabled again");
1981
1982 srv->sockets_disabled = 0;
1983 }
1984 } else {
1985 if ((srv->cur_fds + srv->want_fds > srv->max_fds * 9 / 10) || /* out of fds */
1986 (srv->conns->used >= srv->max_conns)) { /* out of connections */
1987 /* disable server-fds */
1988 server_sockets_set_event(srv, 0);
1989
1990 if (srv->conns->used >= srv->max_conns) {
1991 log_error_write(srv, __FILE__, __LINE__, "s", "[note] sockets disabled, connection limit reached");
1992 } else {
1993 log_error_write(srv, __FILE__, __LINE__, "s", "[note] sockets disabled, out-of-fds");
1994 }
1995
1996 srv->sockets_disabled = 1;
1997 }
1998 }
1999
2000 if (graceful_shutdown && srv->conns->used == 0) {
2001 /* we are in graceful shutdown phase and all connections are closed
2002 * we are ready to terminate without harming anyone */
2003 srv_shutdown = 1;
2004 break;
2005 }
2006
2007 /* we still have some fds to share */
2008 if (srv->want_fds) {
2009 /* check the fdwaitqueue for waiting fds */
2010 int free_fds = srv->max_fds - srv->cur_fds - 16;
2011 connection *con;
2012
2013 for (; free_fds > 0 && NULL != (con = fdwaitqueue_unshift(srv, srv->fdwaitqueue)); free_fds--) {
2014 connection_state_machine(srv, con);
2015
2016 srv->want_fds--;
2017 }
2018 }
2019
2020 if ((n = fdevent_poll(srv->ev, 1000)) > 0) {
2021 /* n is the number of events */
2022 int fd;
2023 int revents;
2024 int fd_ndx;
2025 last_active_ts = srv->cur_ts;
2026 fd_ndx = -1;
2027 do {
2028 fdevent_handler handler;
2029 void *context;
2030
2031 fd_ndx = fdevent_event_next_fdndx (srv->ev, fd_ndx);
2032 if (-1 == fd_ndx) break; /* not all fdevent handlers know how many fds got an event */
2033
2034 revents = fdevent_event_get_revent (srv->ev, fd_ndx);
2035 fd = fdevent_event_get_fd (srv->ev, fd_ndx);
2036 handler = fdevent_get_handler(srv->ev, fd);
2037 context = fdevent_get_context(srv->ev, fd);
2038 if (NULL != handler) {
2039 (*handler)(srv, context, revents);
2040 }
2041 } while (--n > 0);
2042 fdevent_sched_run(srv, srv->ev);
2043 } else if (n < 0 && errno != EINTR) {
2044 log_error_write(srv, __FILE__, __LINE__, "ss",
2045 "fdevent_poll failed:",
2046 strerror(errno));
2047 }
2048
2049 for (ndx = 0; ndx < srv->joblist->used; ndx++) {
2050 connection *con = srv->joblist->ptr[ndx];
2051 connection_state_machine(srv, con);
2052 }
2053
2054 srv->joblist->used = 0;
2055 }
2056
2057 if (graceful_shutdown || graceful_restart) {
2058 server_graceful_state(srv);
2059 }
2060
2061 if (2 == graceful_shutdown) { /* value 2 indicates idle timeout */
2062 log_error_write(srv, __FILE__, __LINE__, "s",
2063 "server stopped after idle timeout");
2064 } else {
2065 #ifdef HAVE_SIGACTION
2066 log_error_write(srv, __FILE__, __LINE__, "sdsd",
2067 "server stopped by UID =",
2068 last_sigterm_info.si_uid,
2069 "PID =",
2070 last_sigterm_info.si_pid);
2071 #else
2072 log_error_write(srv, __FILE__, __LINE__, "s",
2073 "server stopped");
2074 #endif
2075 }
2076
2077 return 0;
2078 }
2079
2080 int main (int argc, char **argv) {
2081 int rc;
2082
2083 #ifdef HAVE_GETUID
2084 #ifndef HAVE_ISSETUGID
2085 #define issetugid() (geteuid() != getuid() || getegid() != getgid())
2086 #endif
2087 if (0 != getuid() && issetugid()) { /*check as early as possible in main()*/
2088 fprintf(stderr,
2089 "Are you nuts ? Don't apply a SUID bit to this binary\n");
2090 return -1;
2091 }
2092 #endif
2093
2094 /* for nice %b handling in strftime() */
2095 setlocale(LC_TIME, "C");
2096
2097 do {
2098 server * const srv = server_init();
2099
2100 if (graceful_restart) {
2101 server_sockets_restore(srv);
2102 optind = 1;
2103 }
2104
2105 rc = server_main(srv, argc, argv);
2106
2107 /* clean-up */
2108 remove_pid_file(srv);
2109 log_error_close(srv);
2110 fdevent_close_logger_pipes();
2111 if (graceful_restart)
2112 server_sockets_save(srv);
2113 else
2114 network_close(srv);
2115 connections_free(srv);
2116 plugins_free(srv);
2117 server_free(srv);
2118
2119 if (0 != rc || !graceful_restart) break;
2120
2121 /* wait for all children to exit before graceful restart */
2122 while (waitpid(-1, NULL, 0) > 0) ;
2123 } while (graceful_restart);
2124
2125 return rc;
2126 }
A fast webserver with minimal memory-footprint (lighttpd)