search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[core] consolidate duplicated read-to-close code
[lighttpd.git] / src / server.c
blobf27b0034646029811163bf729376241c94c6bade
1 #include "first.h"
2
3 #include "server.h"
4 #include "buffer.h"
5 #include "network.h"
6 #include "log.h"
7 #include "keyvalue.h"
8 #include "rand.h"
9 #include "response.h"
10 #include "request.h"
11 #include "chunk.h"
12 #include "http_chunk.h"
13 #include "fdevent.h"
14 #include "connections.h"
15 #include "stat_cache.h"
16 #include "plugin.h"
17 #include "joblist.h"
18 #include "network_backends.h"
19 #include "version.h"
20
21 #include <sys/types.h>
22 #include <sys/time.h>
23 #include <sys/stat.h>
24
25 #include <string.h>
26 #include <errno.h>
27 #include <fcntl.h>
28 #include <unistd.h>
29 #include <stdlib.h>
30 #include <time.h>
31 #include <signal.h>
32 #include <assert.h>
33 #include <locale.h>
34
35 #include <stdio.h>
36
37 #ifdef HAVE_GETOPT_H
38 # include <getopt.h>
39 #endif
40
41 #ifdef HAVE_VALGRIND_VALGRIND_H
42 # include <valgrind/valgrind.h>
43 #endif
44
45 #ifdef HAVE_SYS_WAIT_H
46 # include <sys/wait.h>
47 #endif
48
49 #ifdef HAVE_PWD_H
50 # include <grp.h>
51 # include <pwd.h>
52 #endif
53
54 #ifdef HAVE_SYS_RESOURCE_H
55 # include <sys/resource.h>
56 #endif
57
58 #ifdef HAVE_SYS_PRCTL_H
59 # include <sys/prctl.h>
60 #endif
61
62 #ifdef USE_OPENSSL
63 # include <openssl/err.h>
64 #endif
65
66 #ifndef __sgi
67 /* IRIX doesn't like the alarm based time() optimization */
68 /* #define USE_ALARM */
69 #endif
70
71 #ifdef HAVE_GETUID
72 # ifndef HAVE_ISSETUGID
73
74 static int l_issetugid(void) {
75 return (geteuid() != getuid() || getegid() != getgid());
76 }
77
78 # define issetugid l_issetugid
79 # endif
80 #endif
81
82 static int oneshot_fd = 0;
83 static volatile sig_atomic_t srv_shutdown = 0;
84 static volatile sig_atomic_t graceful_shutdown = 0;
85 static volatile sig_atomic_t handle_sig_alarm = 1;
86 static volatile sig_atomic_t handle_sig_hup = 0;
87 static volatile sig_atomic_t forwarded_sig_hup = 0;
88
89 #if defined(HAVE_SIGACTION) && defined(SA_SIGINFO)
90 static volatile siginfo_t last_sigterm_info;
91 static volatile siginfo_t last_sighup_info;
92
93 static void sigaction_handler(int sig, siginfo_t *si, void *context) {
94 static siginfo_t empty_siginfo;
95 UNUSED(context);
96
97 if (!si) si = &empty_siginfo;
98
99 switch (sig) {
100 case SIGTERM:
101 srv_shutdown = 1;
102 last_sigterm_info = *si;
103 break;
104 case SIGINT:
105 if (graceful_shutdown) {
106 srv_shutdown = 1;
107 } else {
108 graceful_shutdown = 1;
109 }
110 last_sigterm_info = *si;
111
112 break;
113 case SIGALRM:
114 handle_sig_alarm = 1;
115 break;
116 case SIGHUP:
117 /**
118 * we send the SIGHUP to all procs in the process-group
119 * this includes ourself
120 *
121 * make sure we only send it once and don't create a
122 * infinite loop
123 */
124 if (!forwarded_sig_hup) {
125 handle_sig_hup = 1;
126 last_sighup_info = *si;
127 } else {
128 forwarded_sig_hup = 0;
129 }
130 break;
131 case SIGCHLD:
132 break;
133 }
134 }
135 #elif defined(HAVE_SIGNAL) || defined(HAVE_SIGACTION)
136 static void signal_handler(int sig) {
137 switch (sig) {
138 case SIGTERM: srv_shutdown = 1; break;
139 case SIGINT:
140 if (graceful_shutdown) srv_shutdown = 1;
141 else graceful_shutdown = 1;
142
143 break;
144 case SIGALRM: handle_sig_alarm = 1; break;
145 case SIGHUP: handle_sig_hup = 1; break;
146 case SIGCHLD: break;
147 }
148 }
149 #endif
150
151 #ifdef HAVE_FORK
152 static int daemonize(void) {
153 int pipefd[2];
154 pid_t pid;
155 #ifdef SIGTTOU
156 signal(SIGTTOU, SIG_IGN);
157 #endif
158 #ifdef SIGTTIN
159 signal(SIGTTIN, SIG_IGN);
160 #endif
161 #ifdef SIGTSTP
162 signal(SIGTSTP, SIG_IGN);
163 #endif
164
165 if (pipe(pipefd) < 0) exit(-1);
166
167 if (0 > (pid = fork())) exit(-1);
168
169 if (0 < pid) {
170 char buf;
171 ssize_t bytes;
172
173 close(pipefd[1]);
174 /* parent waits for grandchild to be ready */
175 do {
176 bytes = read(pipefd[0], &buf, sizeof(buf));
177 } while (bytes < 0 && EINTR == errno);
178 close(pipefd[0]);
179
180 if (bytes <= 0) {
181 /* closed fd (without writing) == failure in grandchild */
182 fputs("daemonized server failed to start; check error log for details\n", stderr);
183 exit(-1);
184 }
185
186 exit(0);
187 }
188
189 close(pipefd[0]);
190
191 if (-1 == setsid()) exit(0);
192
193 signal(SIGHUP, SIG_IGN);
194
195 if (0 != fork()) exit(0);
196
197 if (0 != chdir("/")) exit(0);
198
199 fd_close_on_exec(pipefd[1]);
200 return pipefd[1];
201 }
202 #endif
203
204 static server *server_init(void) {
205 int i;
206 server *srv = calloc(1, sizeof(*srv));
207 force_assert(srv);
208 #define CLEAN(x) \
209 srv->x = buffer_init();
210
211 CLEAN(response_header);
212 CLEAN(parse_full_path);
213 CLEAN(ts_debug_str);
214 CLEAN(ts_date_str);
215 CLEAN(errorlog_buf);
216 CLEAN(response_range);
217 CLEAN(tmp_buf);
218 srv->empty_string = buffer_init_string("");
219 CLEAN(cond_check_buf);
220
221 CLEAN(srvconf.errorlog_file);
222 CLEAN(srvconf.breakagelog_file);
223 CLEAN(srvconf.groupname);
224 CLEAN(srvconf.username);
225 CLEAN(srvconf.changeroot);
226 CLEAN(srvconf.bindhost);
227 CLEAN(srvconf.event_handler);
228 CLEAN(srvconf.pid_file);
229
230 CLEAN(tmp_chunk_len);
231 #undef CLEAN
232
233 #define CLEAN(x) \
234 srv->x = array_init();
235
236 CLEAN(config_context);
237 CLEAN(config_touched);
238 CLEAN(status);
239 #undef CLEAN
240
241 for (i = 0; i < FILE_CACHE_MAX; i++) {
242 srv->mtime_cache[i].mtime = (time_t)-1;
243 srv->mtime_cache[i].str = buffer_init();
244 }
245
246 li_rand_reseed();
247
248 srv->cur_ts = time(NULL);
249 srv->startup_ts = srv->cur_ts;
250
251 srv->conns = calloc(1, sizeof(*srv->conns));
252 force_assert(srv->conns);
253
254 srv->joblist = calloc(1, sizeof(*srv->joblist));
255 force_assert(srv->joblist);
256
257 srv->fdwaitqueue = calloc(1, sizeof(*srv->fdwaitqueue));
258 force_assert(srv->fdwaitqueue);
259
260 srv->srvconf.modules = array_init();
261 srv->srvconf.modules_dir = buffer_init_string(LIBRARY_DIR);
262 srv->srvconf.network_backend = buffer_init();
263 srv->srvconf.upload_tempdirs = array_init();
264 srv->srvconf.reject_expect_100_with_417 = 1;
265 srv->srvconf.xattr_name = buffer_init_string("Content-Type");
266 srv->srvconf.http_header_strict = 1;
267 srv->srvconf.http_host_strict = 1; /*(implies http_host_normalize)*/
268 srv->srvconf.http_host_normalize = 0;
269 srv->srvconf.high_precision_timestamps = 0;
270 srv->srvconf.max_request_field_size = 8192;
271 srv->srvconf.loadavg[0] = 0.0;
272 srv->srvconf.loadavg[1] = 0.0;
273 srv->srvconf.loadavg[2] = 0.0;
274
275 /* use syslog */
276 srv->errorlog_fd = STDERR_FILENO;
277 srv->errorlog_mode = ERRORLOG_FD;
278
279 srv->split_vals = array_init();
280
281 return srv;
282 }
283
284 static void server_free(server *srv) {
285 size_t i;
286
287 for (i = 0; i < FILE_CACHE_MAX; i++) {
288 buffer_free(srv->mtime_cache[i].str);
289 }
290
291 if (oneshot_fd > 0) {
292 close(oneshot_fd);
293 }
294
295 #define CLEAN(x) \
296 buffer_free(srv->x);
297
298 CLEAN(response_header);
299 CLEAN(parse_full_path);
300 CLEAN(ts_debug_str);
301 CLEAN(ts_date_str);
302 CLEAN(errorlog_buf);
303 CLEAN(response_range);
304 CLEAN(tmp_buf);
305 CLEAN(empty_string);
306 CLEAN(cond_check_buf);
307
308 CLEAN(srvconf.errorlog_file);
309 CLEAN(srvconf.breakagelog_file);
310 CLEAN(srvconf.groupname);
311 CLEAN(srvconf.username);
312 CLEAN(srvconf.changeroot);
313 CLEAN(srvconf.bindhost);
314 CLEAN(srvconf.event_handler);
315 CLEAN(srvconf.pid_file);
316 CLEAN(srvconf.modules_dir);
317 CLEAN(srvconf.network_backend);
318 CLEAN(srvconf.xattr_name);
319
320 CLEAN(tmp_chunk_len);
321 #undef CLEAN
322
323 #if 0
324 fdevent_unregister(srv->ev, srv->fd);
325 #endif
326 fdevent_free(srv->ev);
327
328 free(srv->conns);
329
330 if (srv->config_storage) {
331 for (i = 0; i < srv->config_context->used; i++) {
332 specific_config *s = srv->config_storage[i];
333
334 if (!s) continue;
335
336 buffer_free(s->document_root);
337 buffer_free(s->server_name);
338 buffer_free(s->server_tag);
339 buffer_free(s->ssl_pemfile);
340 buffer_free(s->ssl_ca_file);
341 buffer_free(s->ssl_cipher_list);
342 buffer_free(s->ssl_dh_file);
343 buffer_free(s->ssl_ec_curve);
344 buffer_free(s->error_handler);
345 buffer_free(s->error_handler_404);
346 buffer_free(s->errorfile_prefix);
347 array_free(s->mimetypes);
348 buffer_free(s->ssl_verifyclient_username);
349 #ifdef USE_OPENSSL
350 SSL_CTX_free(s->ssl_ctx);
351 EVP_PKEY_free(s->ssl_pemfile_pkey);
352 X509_free(s->ssl_pemfile_x509);
353 if (NULL != s->ssl_ca_file_cert_names) sk_X509_NAME_pop_free(s->ssl_ca_file_cert_names, X509_NAME_free);
354 #endif
355 free(s);
356 }
357 free(srv->config_storage);
358 srv->config_storage = NULL;
359 }
360
361 #define CLEAN(x) \
362 array_free(srv->x);
363
364 CLEAN(config_context);
365 CLEAN(config_touched);
366 CLEAN(status);
367 CLEAN(srvconf.upload_tempdirs);
368 #undef CLEAN
369
370 joblist_free(srv, srv->joblist);
371 fdwaitqueue_free(srv, srv->fdwaitqueue);
372
373 if (srv->stat_cache) {
374 stat_cache_free(srv->stat_cache);
375 }
376
377 array_free(srv->srvconf.modules);
378 array_free(srv->split_vals);
379
380 #ifdef USE_OPENSSL
381 if (srv->ssl_is_init) {
382 #if OPENSSL_VERSION_NUMBER >= 0x10100000L \
383 && !defined(LIBRESSL_VERSION_NUMBER)
384 /*(OpenSSL libraries handle thread init and deinit)
385 * https://github.com/openssl/openssl/pull/1048 */
386 #else
387 CRYPTO_cleanup_all_ex_data();
388 ERR_free_strings();
389 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
390 ERR_remove_thread_state(NULL);
391 #else
392 ERR_remove_state(0);
393 #endif
394 EVP_cleanup();
395 #endif
396 }
397 #endif
398 li_rand_cleanup();
399
400 free(srv);
401 }
402
403 static void remove_pid_file(server *srv, int *pid_fd) {
404 if (!buffer_string_is_empty(srv->srvconf.pid_file) && 0 <= *pid_fd) {
405 if (0 != ftruncate(*pid_fd, 0)) {
406 log_error_write(srv, __FILE__, __LINE__, "sbds",
407 "ftruncate failed for:",
408 srv->srvconf.pid_file,
409 errno,
410 strerror(errno));
411 }
412 }
413 if (0 <= *pid_fd) {
414 close(*pid_fd);
415 *pid_fd = -1;
416 }
417 if (!buffer_string_is_empty(srv->srvconf.pid_file) &&
418 buffer_string_is_empty(srv->srvconf.changeroot)) {
419 if (0 != unlink(srv->srvconf.pid_file->ptr)) {
420 if (errno != EACCES && errno != EPERM) {
421 log_error_write(srv, __FILE__, __LINE__, "sbds",
422 "unlink failed for:",
423 srv->srvconf.pid_file,
424 errno,
425 strerror(errno));
426 }
427 }
428 }
429 }
430
431
432 static server_socket * server_oneshot_getsock(server *srv, sock_addr *cnt_addr) {
433 server_socket *srv_socket, *srv_socket_wild = NULL;
434 size_t i;
435 for (i = 0; i < srv->srv_sockets.used; ++i) {
436 srv_socket = srv->srv_sockets.ptr[i];
437 if (cnt_addr->plain.sa_family != srv_socket->addr.plain.sa_family) continue;
438 switch (cnt_addr->plain.sa_family) {
439 case AF_INET:
440 if (srv_socket->addr.ipv4.sin_port != cnt_addr->ipv4.sin_port) continue;
441 if (srv_socket->addr.ipv4.sin_addr.s_addr == cnt_addr->ipv4.sin_addr.s_addr) {
442 return srv_socket;
443 }
444 if (srv_socket->addr.ipv4.sin_addr.s_addr == htonl(INADDR_ANY)) {
445 srv_socket_wild = srv_socket;
446 }
447 continue;
448 #ifdef HAVE_IPV6
449 case AF_INET6:
450 if (srv_socket->addr.ipv6.sin6_port != cnt_addr->ipv6.sin6_port) continue;
451 if (0 == memcmp(&srv_socket->addr.ipv6.sin6_addr, &cnt_addr->ipv6.sin6_addr, sizeof(struct in6_addr))) {
452 return srv_socket;
453 }
454 if (0 == memcmp(&srv_socket->addr.ipv6.sin6_addr, &in6addr_any, sizeof(struct in6_addr))) {
455 srv_socket_wild = srv_socket;
456 }
457 continue;
458 #endif
459 #ifdef HAVE_SYS_UN_H
460 case AF_UNIX:
461 if (0 == strcmp(srv_socket->addr.un.sun_path, cnt_addr->un.sun_path)) {
462 return srv_socket;
463 }
464 continue;
465 #endif
466 default: continue;
467 }
468 }
469
470 if (NULL != srv_socket_wild) {
471 return srv_socket_wild;
472 } else if (srv->srv_sockets.used) {
473 return srv->srv_sockets.ptr[0];
474 } else {
475 log_error_write(srv, __FILE__, __LINE__, "s", "no sockets configured");
476 return NULL;
477 }
478 }
479
480
481 static int server_oneshot_init(server *srv, int fd) {
482 /* Note: does not work with netcat due to requirement that fd be socket.
483 * STDOUT_FILENO was not saved earlier in startup, and that is to where
484 * netcat expects output to be sent. Since lighttpd expects connections
485 * to be sockets, con->fd is where output is sent; separate fds are not
486 * stored for input and output, but netcat has different fds for stdin
487 * and * stdout. To support netcat, would additionally need to avoid
488 * S_ISSOCK(), getsockname(), and getpeername() below, reconstructing
489 * addresses from environment variables:
490 * NCAT_LOCAL_ADDR NCAT_LOCAL_PORT
491 * NCAT_REMOTE_ADDR NCAT_REMOTE_PORT
492 * NCAT_PROTO
493 */
494 connection *con;
495 server_socket *srv_socket;
496 sock_addr cnt_addr;
497 socklen_t cnt_len;
498 struct stat st;
499
500 if (0 != fstat(fd, &st)) {
501 log_error_write(srv, __FILE__, __LINE__, "ss", "fstat:", strerror(errno));
502 return 0;
503 }
504
505 if (!S_ISSOCK(st.st_mode)) {
506 /* require that fd is a socket
507 * (modules might expect STDIN_FILENO and STDOUT_FILENO opened to /dev/null) */
508 log_error_write(srv, __FILE__, __LINE__, "s", "lighttpd -1 stdin is not a socket");
509 return 0;
510 }
511
512 cnt_len = sizeof(cnt_addr);
513 if (0 != getsockname(fd, (struct sockaddr *)&cnt_addr, &cnt_len)) {
514 log_error_write(srv, __FILE__, __LINE__, "ss", "getsockname:", strerror(errno));
515 return 0;
516 }
517
518 srv_socket = server_oneshot_getsock(srv, &cnt_addr);
519 if (NULL == srv_socket) return 0;
520
521 cnt_len = sizeof(cnt_addr);
522 if (0 != getpeername(fd, (struct sockaddr *)&cnt_addr, &cnt_len)) {
523 log_error_write(srv, __FILE__, __LINE__, "ss", "getpeername:", strerror(errno));
524 return 0;
525 }
526
527 if (cnt_addr.plain.sa_family != AF_UNIX) {
528 network_accept_tcp_nagle_disable(fd);
529 }
530
531 con = connection_accepted(srv, srv_socket, &cnt_addr, fd);
532 if (NULL == con) return 0;
533
534 connection_state_machine(srv, con);
535 return 1;
536 }
537
538
539 static void show_version (void) {
540 #ifdef USE_OPENSSL
541 # define TEXT_SSL " (ssl)"
542 #else
543 # define TEXT_SSL
544 #endif
545 char *b = PACKAGE_DESC TEXT_SSL \
546 " - a light and fast webserver\n" \
547 "Build-Date: " __DATE__ " " __TIME__ "\n";
548 ;
549 #undef TEXT_SSL
550 write_all(STDOUT_FILENO, b, strlen(b));
551 }
552
553 static void show_features (void) {
554 const char features[] = ""
555 #ifdef USE_SELECT
556 "\t+ select (generic)\n"
557 #else
558 "\t- select (generic)\n"
559 #endif
560 #ifdef USE_POLL
561 "\t+ poll (Unix)\n"
562 #else
563 "\t- poll (Unix)\n"
564 #endif
565 #ifdef USE_LINUX_EPOLL
566 "\t+ epoll (Linux 2.6)\n"
567 #else
568 "\t- epoll (Linux 2.6)\n"
569 #endif
570 #ifdef USE_SOLARIS_DEVPOLL
571 "\t+ /dev/poll (Solaris)\n"
572 #else
573 "\t- /dev/poll (Solaris)\n"
574 #endif
575 #ifdef USE_SOLARIS_PORT
576 "\t+ eventports (Solaris)\n"
577 #else
578 "\t- eventports (Solaris)\n"
579 #endif
580 #ifdef USE_FREEBSD_KQUEUE
581 "\t+ kqueue (FreeBSD)\n"
582 #else
583 "\t- kqueue (FreeBSD)\n"
584 #endif
585 #ifdef USE_LIBEV
586 "\t+ libev (generic)\n"
587 #else
588 "\t- libev (generic)\n"
589 #endif
590 "\nNetwork handler:\n\n"
591 #if defined USE_LINUX_SENDFILE
592 "\t+ linux-sendfile\n"
593 #else
594 "\t- linux-sendfile\n"
595 #endif
596 #if defined USE_FREEBSD_SENDFILE
597 "\t+ freebsd-sendfile\n"
598 #else
599 "\t- freebsd-sendfile\n"
600 #endif
601 #if defined USE_DARWIN_SENDFILE
602 "\t+ darwin-sendfile\n"
603 #else
604 "\t- darwin-sendfile\n"
605 #endif
606 #if defined USE_SOLARIS_SENDFILEV
607 "\t+ solaris-sendfilev\n"
608 #else
609 "\t- solaris-sendfilev\n"
610 #endif
611 #if defined USE_WRITEV
612 "\t+ writev\n"
613 #else
614 "\t- writev\n"
615 #endif
616 "\t+ write\n"
617 #ifdef USE_MMAP
618 "\t+ mmap support\n"
619 #else
620 "\t- mmap support\n"
621 #endif
622 "\nFeatures:\n\n"
623 #ifdef HAVE_IPV6
624 "\t+ IPv6 support\n"
625 #else
626 "\t- IPv6 support\n"
627 #endif
628 #if defined HAVE_ZLIB_H && defined HAVE_LIBZ
629 "\t+ zlib support\n"
630 #else
631 "\t- zlib support\n"
632 #endif
633 #if defined HAVE_BZLIB_H && defined HAVE_LIBBZ2
634 "\t+ bzip2 support\n"
635 #else
636 "\t- bzip2 support\n"
637 #endif
638 #if defined(HAVE_CRYPT) || defined(HAVE_CRYPT_R) || defined(HAVE_LIBCRYPT)
639 "\t+ crypt support\n"
640 #else
641 "\t- crypt support\n"
642 #endif
643 #ifdef USE_OPENSSL
644 "\t+ SSL Support\n"
645 #else
646 "\t- SSL Support\n"
647 #endif
648 #ifdef HAVE_LIBPCRE
649 "\t+ PCRE support\n"
650 #else
651 "\t- PCRE support\n"
652 #endif
653 #ifdef HAVE_MYSQL
654 "\t+ MySQL support\n"
655 #else
656 "\t- MySQL support\n"
657 #endif
658 #ifdef HAVE_KRB5
659 "\t+ Kerberos support\n"
660 #else
661 "\t- Kerberos support\n"
662 #endif
663 #if defined(HAVE_LDAP_H) && defined(HAVE_LBER_H) && defined(HAVE_LIBLDAP) && defined(HAVE_LIBLBER)
664 "\t+ LDAP support\n"
665 #else
666 "\t- LDAP support\n"
667 #endif
668 #ifdef USE_MEMCACHED
669 "\t+ memcached support\n"
670 #else
671 "\t- memcached support\n"
672 #endif
673 #ifdef HAVE_FAM_H
674 "\t+ FAM support\n"
675 #else
676 "\t- FAM support\n"
677 #endif
678 #ifdef HAVE_LUA_H
679 "\t+ LUA support\n"
680 #else
681 "\t- LUA support\n"
682 #endif
683 #ifdef HAVE_LIBXML_H
684 "\t+ xml support\n"
685 #else
686 "\t- xml support\n"
687 #endif
688 #ifdef HAVE_SQLITE3_H
689 "\t+ SQLite support\n"
690 #else
691 "\t- SQLite support\n"
692 #endif
693 #ifdef HAVE_GDBM_H
694 "\t+ GDBM support\n"
695 #else
696 "\t- GDBM support\n"
697 #endif
698 "\n";
699 show_version();
700 printf("\nEvent Handlers:\n\n%s", features);
701 }
702
703 static void show_help (void) {
704 #ifdef USE_OPENSSL
705 # define TEXT_SSL " (ssl)"
706 #else
707 # define TEXT_SSL
708 #endif
709 char *b = PACKAGE_DESC TEXT_SSL " ("__DATE__ " " __TIME__ ")" \
710 " - a light and fast webserver\n" \
711 "usage:\n" \
712 " -f <name> filename of the config-file\n" \
713 " -m <name> module directory (default: "LIBRARY_DIR")\n" \
714 " -i <secs> graceful shutdown after <secs> of inactivity\n" \
715 " -1 process single (one) request on stdin socket, then exit\n" \
716 " -p print the parsed config-file in internal form, and exit\n" \
717 " -t test config-file syntax, then exit\n" \
718 " -tt test config-file syntax, load and init modules, then exit\n" \
719 " -D don't go to background (default: go to background)\n" \
720 " -v show version\n" \
721 " -V show compile-time features\n" \
722 " -h show this help\n" \
723 "\n"
724 ;
725 #undef TEXT_SSL
726 #undef TEXT_IPV6
727 write_all(STDOUT_FILENO, b, strlen(b));
728 }
729
730 int main (int argc, char **argv) {
731 server *srv = NULL;
732 int print_config = 0;
733 int test_config = 0;
734 int i_am_root;
735 int o;
736 int num_childs = 0;
737 int pid_fd = -1, fd;
738 size_t i;
739 time_t idle_limit = 0, last_active_ts = time(NULL);
740 #ifdef HAVE_SIGACTION
741 struct sigaction act;
742 #endif
743 #ifdef HAVE_GETRLIMIT
744 struct rlimit rlim;
745 #endif
746
747 #ifdef HAVE_FORK
748 int parent_pipe_fd = -1;
749 #endif
750
751 #ifdef USE_ALARM
752 struct itimerval interval;
753
754 interval.it_interval.tv_sec = 1;
755 interval.it_interval.tv_usec = 0;
756 interval.it_value.tv_sec = 1;
757 interval.it_value.tv_usec = 0;
758 #endif
759
760 /* for nice %b handling in strfime() */
761 setlocale(LC_TIME, "C");
762
763 if (NULL == (srv = server_init())) {
764 fprintf(stderr, "did this really happen?\n");
765 return -1;
766 }
767
768 /* init structs done */
769
770 srv->srvconf.port = 0;
771 #ifdef HAVE_GETUID
772 i_am_root = (getuid() == 0);
773 #else
774 i_am_root = 0;
775 #endif
776 srv->srvconf.dont_daemonize = 0;
777 srv->srvconf.preflight_check = 0;
778
779 while(-1 != (o = getopt(argc, argv, "f:m:i:hvVD1pt"))) {
780 switch(o) {
781 case 'f':
782 if (srv->config_storage) {
783 log_error_write(srv, __FILE__, __LINE__, "s",
784 "Can only read one config file. Use the include command to use multiple config files.");
785
786 server_free(srv);
787 return -1;
788 }
789 if (config_read(srv, optarg)) {
790 server_free(srv);
791 return -1;
792 }
793 break;
794 case 'm':
795 buffer_copy_string(srv->srvconf.modules_dir, optarg);
796 break;
797 case 'i': {
798 char *endptr;
799 long timeout = strtol(optarg, &endptr, 0);
800 if (!*optarg || *endptr || timeout < 0) {
801 log_error_write(srv, __FILE__, __LINE__, "ss",
802 "Invalid idle timeout value:", optarg);
803 server_free(srv);
804 return -1;
805 }
806 idle_limit = (time_t)timeout;
807 break;
808 }
809 case 'p': print_config = 1; break;
810 case 't': ++test_config; break;
811 case '1': oneshot_fd = dup(STDIN_FILENO); break;
812 case 'D': srv->srvconf.dont_daemonize = 1; break;
813 case 'v': show_version(); server_free(srv); return 0;
814 case 'V': show_features(); server_free(srv); return 0;
815 case 'h': show_help(); server_free(srv); return 0;
816 default:
817 show_help();
818 server_free(srv);
819 return -1;
820 }
821 }
822
823 if (!srv->config_storage) {
824 log_error_write(srv, __FILE__, __LINE__, "s",
825 "No configuration available. Try using -f option.");
826
827 server_free(srv);
828 return -1;
829 }
830
831 if (print_config) {
832 data_unset *dc = srv->config_context->data[0];
833 if (dc) {
834 dc->print(dc, 0);
835 fprintf(stdout, "\n");
836 } else {
837 /* shouldn't happend */
838 fprintf(stderr, "global config not found\n");
839 }
840 }
841
842 if (test_config) {
843 if (1 == test_config) {
844 printf("Syntax OK\n");
845 } else { /*(test_config > 1)*/
846 test_config = 0;
847 srv->srvconf.preflight_check = 1;
848 srv->srvconf.dont_daemonize = 1;
849 buffer_reset(srv->srvconf.pid_file);
850 }
851 }
852
853 if (test_config || print_config) {
854 server_free(srv);
855 return 0;
856 }
857
858 if (oneshot_fd) {
859 if (oneshot_fd <= STDERR_FILENO) {
860 log_error_write(srv, __FILE__, __LINE__, "s",
861 "Invalid fds at startup with lighttpd -1");
862 server_free(srv);
863 return -1;
864 }
865 graceful_shutdown = 1;
866 srv->sockets_disabled = 1;
867 srv->srvconf.dont_daemonize = 1;
868 buffer_reset(srv->srvconf.pid_file);
869 if (srv->srvconf.max_worker) {
870 srv->srvconf.max_worker = 0;
871 log_error_write(srv, __FILE__, __LINE__, "s",
872 "server one-shot command line option disables server.max-worker config file option.");
873 }
874 }
875
876 /* close stdin and stdout, as they are not needed */
877 openDevNull(STDIN_FILENO);
878 openDevNull(STDOUT_FILENO);
879
880 if (0 != config_set_defaults(srv)) {
881 log_error_write(srv, __FILE__, __LINE__, "s",
882 "setting default values failed");
883 server_free(srv);
884 return -1;
885 }
886
887 /* UID handling */
888 #ifdef HAVE_GETUID
889 if (!i_am_root && issetugid()) {
890 /* we are setuid-root */
891
892 log_error_write(srv, __FILE__, __LINE__, "s",
893 "Are you nuts ? Don't apply a SUID bit to this binary");
894
895 server_free(srv);
896 return -1;
897 }
898 #endif
899
900 /* check document-root */
901 if (buffer_string_is_empty(srv->config_storage[0]->document_root)) {
902 log_error_write(srv, __FILE__, __LINE__, "s",
903 "document-root is not set\n");
904
905 server_free(srv);
906
907 return -1;
908 }
909
910 if (plugins_load(srv)) {
911 log_error_write(srv, __FILE__, __LINE__, "s",
912 "loading plugins finally failed");
913
914 plugins_free(srv);
915 server_free(srv);
916
917 return -1;
918 }
919
920 /* open pid file BEFORE chroot */
921 if (!buffer_string_is_empty(srv->srvconf.pid_file)) {
922 if (-1 == (pid_fd = fdevent_open_cloexec(srv->srvconf.pid_file->ptr, O_WRONLY | O_CREAT | O_EXCL | O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH))) {
923 struct stat st;
924 if (errno != EEXIST) {
925 log_error_write(srv, __FILE__, __LINE__, "sbs",
926 "opening pid-file failed:", srv->srvconf.pid_file, strerror(errno));
927 return -1;
928 }
929
930 if (0 != stat(srv->srvconf.pid_file->ptr, &st)) {
931 log_error_write(srv, __FILE__, __LINE__, "sbs",
932 "stating existing pid-file failed:", srv->srvconf.pid_file, strerror(errno));
933 }
934
935 if (!S_ISREG(st.st_mode)) {
936 log_error_write(srv, __FILE__, __LINE__, "sb",
937 "pid-file exists and isn't regular file:", srv->srvconf.pid_file);
938 return -1;
939 }
940
941 if (-1 == (pid_fd = open(srv->srvconf.pid_file->ptr, O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH))) {
942 log_error_write(srv, __FILE__, __LINE__, "sbs",
943 "opening pid-file failed:", srv->srvconf.pid_file, strerror(errno));
944 return -1;
945 }
946 }
947 }
948
949 if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
950 /* select limits itself
951 *
952 * as it is a hard limit and will lead to a segfault we add some safety
953 * */
954 srv->max_fds = FD_SETSIZE - 200;
955 } else {
956 srv->max_fds = 4096;
957 }
958
959 if (i_am_root) {
960 struct group *grp = NULL;
961 struct passwd *pwd = NULL;
962 int use_rlimit = 1;
963
964 #ifdef HAVE_VALGRIND_VALGRIND_H
965 if (RUNNING_ON_VALGRIND) use_rlimit = 0;
966 #endif
967
968 #ifdef HAVE_GETRLIMIT
969 if (0 != getrlimit(RLIMIT_NOFILE, &rlim)) {
970 log_error_write(srv, __FILE__, __LINE__,
971 "ss", "couldn't get 'max filedescriptors'",
972 strerror(errno));
973 return -1;
974 }
975
976 if (use_rlimit && srv->srvconf.max_fds) {
977 /* set rlimits */
978
979 rlim.rlim_cur = srv->srvconf.max_fds;
980 rlim.rlim_max = srv->srvconf.max_fds;
981
982 if (0 != setrlimit(RLIMIT_NOFILE, &rlim)) {
983 log_error_write(srv, __FILE__, __LINE__,
984 "ss", "couldn't set 'max filedescriptors'",
985 strerror(errno));
986 return -1;
987 }
988 }
989
990 if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
991 srv->max_fds = rlim.rlim_cur < (rlim_t)FD_SETSIZE - 200 ? (int)rlim.rlim_cur : (int)FD_SETSIZE - 200;
992 } else {
993 srv->max_fds = rlim.rlim_cur;
994 }
995
996 /* set core file rlimit, if enable_cores is set */
997 if (use_rlimit && srv->srvconf.enable_cores && getrlimit(RLIMIT_CORE, &rlim) == 0) {
998 rlim.rlim_cur = rlim.rlim_max;
999 setrlimit(RLIMIT_CORE, &rlim);
1000 }
1001 #endif
1002 if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
1003 /* don't raise the limit above FD_SET_SIZE */
1004 if (srv->max_fds > ((int)FD_SETSIZE) - 200) {
1005 log_error_write(srv, __FILE__, __LINE__, "sd",
1006 "can't raise max filedescriptors above", FD_SETSIZE - 200,
1007 "if event-handler is 'select'. Use 'poll' or something else or reduce server.max-fds.");
1008 return -1;
1009 }
1010 }
1011
1012
1013 #ifdef HAVE_PWD_H
1014 /* set user and group */
1015 if (!buffer_string_is_empty(srv->srvconf.groupname)) {
1016 if (NULL == (grp = getgrnam(srv->srvconf.groupname->ptr))) {
1017 log_error_write(srv, __FILE__, __LINE__, "sb",
1018 "can't find groupname", srv->srvconf.groupname);
1019 return -1;
1020 }
1021 }
1022
1023 if (!buffer_string_is_empty(srv->srvconf.username)) {
1024 if (NULL == (pwd = getpwnam(srv->srvconf.username->ptr))) {
1025 log_error_write(srv, __FILE__, __LINE__, "sb",
1026 "can't find username", srv->srvconf.username);
1027 return -1;
1028 }
1029
1030 if (pwd->pw_uid == 0) {
1031 log_error_write(srv, __FILE__, __LINE__, "s",
1032 "I will not set uid to 0\n");
1033 return -1;
1034 }
1035
1036 if (NULL == grp && NULL == (grp = getgrgid(pwd->pw_gid))) {
1037 log_error_write(srv, __FILE__, __LINE__, "sd",
1038 "can't find group id", pwd->pw_gid);
1039 return -1;
1040 }
1041 }
1042
1043 if (NULL != grp) {
1044 if (grp->gr_gid == 0) {
1045 log_error_write(srv, __FILE__, __LINE__, "s",
1046 "I will not set gid to 0\n");
1047 return -1;
1048 }
1049 }
1050 #endif
1051 /* we need root-perms for port < 1024 */
1052 if (0 != network_init(srv)) {
1053 plugins_free(srv);
1054 server_free(srv);
1055
1056 return -1;
1057 }
1058 #ifdef HAVE_PWD_H
1059 /*
1060 * Change group before chroot, when we have access
1061 * to /etc/group
1062 * */
1063 if (NULL != grp) {
1064 if (-1 == setgid(grp->gr_gid)) {
1065 log_error_write(srv, __FILE__, __LINE__, "ss", "setgid failed: ", strerror(errno));
1066 return -1;
1067 }
1068 if (-1 == setgroups(0, NULL)) {
1069 log_error_write(srv, __FILE__, __LINE__, "ss", "setgroups failed: ", strerror(errno));
1070 return -1;
1071 }
1072 if (!buffer_string_is_empty(srv->srvconf.username)) {
1073 initgroups(srv->srvconf.username->ptr, grp->gr_gid);
1074 }
1075 }
1076 #endif
1077 #ifdef HAVE_CHROOT
1078 if (!buffer_string_is_empty(srv->srvconf.changeroot)) {
1079 tzset();
1080
1081 if (-1 == chroot(srv->srvconf.changeroot->ptr)) {
1082 log_error_write(srv, __FILE__, __LINE__, "ss", "chroot failed: ", strerror(errno));
1083 return -1;
1084 }
1085 if (-1 == chdir("/")) {
1086 log_error_write(srv, __FILE__, __LINE__, "ss", "chdir failed: ", strerror(errno));
1087 return -1;
1088 }
1089 }
1090 #endif
1091 #ifdef HAVE_PWD_H
1092 /* drop root privs */
1093 if (NULL != pwd) {
1094 if (-1 == setuid(pwd->pw_uid)) {
1095 log_error_write(srv, __FILE__, __LINE__, "ss", "setuid failed: ", strerror(errno));
1096 return -1;
1097 }
1098 }
1099 #endif
1100 #if defined(HAVE_SYS_PRCTL_H) && defined(PR_SET_DUMPABLE)
1101 /**
1102 * on IRIX 6.5.30 they have prctl() but no DUMPABLE
1103 */
1104 if (srv->srvconf.enable_cores) {
1105 prctl(PR_SET_DUMPABLE, 1, 0, 0, 0);
1106 }
1107 #endif
1108 } else {
1109
1110 #ifdef HAVE_GETRLIMIT
1111 if (0 != getrlimit(RLIMIT_NOFILE, &rlim)) {
1112 log_error_write(srv, __FILE__, __LINE__,
1113 "ss", "couldn't get 'max filedescriptors'",
1114 strerror(errno));
1115 return -1;
1116 }
1117
1118 /**
1119 * we are not root can can't increase the fd-limit above rlim_max, but we can reduce it
1120 */
1121 if (srv->srvconf.max_fds && srv->srvconf.max_fds <= rlim.rlim_max) {
1122 /* set rlimits */
1123
1124 rlim.rlim_cur = srv->srvconf.max_fds;
1125
1126 if (0 != setrlimit(RLIMIT_NOFILE, &rlim)) {
1127 log_error_write(srv, __FILE__, __LINE__,
1128 "ss", "couldn't set 'max filedescriptors'",
1129 strerror(errno));
1130 return -1;
1131 }
1132 }
1133
1134 if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
1135 srv->max_fds = rlim.rlim_cur < (rlim_t)FD_SETSIZE - 200 ? (int)rlim.rlim_cur : (int)FD_SETSIZE - 200;
1136 } else {
1137 srv->max_fds = rlim.rlim_cur;
1138 }
1139
1140 /* set core file rlimit, if enable_cores is set */
1141 if (srv->srvconf.enable_cores && getrlimit(RLIMIT_CORE, &rlim) == 0) {
1142 rlim.rlim_cur = rlim.rlim_max;
1143 setrlimit(RLIMIT_CORE, &rlim);
1144 }
1145
1146 #endif
1147 if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
1148 /* don't raise the limit above FD_SET_SIZE */
1149 if (srv->max_fds > ((int)FD_SETSIZE) - 200) {
1150 log_error_write(srv, __FILE__, __LINE__, "sd",
1151 "can't raise max filedescriptors above", FD_SETSIZE - 200,
1152 "if event-handler is 'select'. Use 'poll' or something else or reduce server.max-fds.");
1153 return -1;
1154 }
1155 }
1156
1157 if (0 != network_init(srv)) {
1158 plugins_free(srv);
1159 server_free(srv);
1160
1161 return -1;
1162 }
1163 }
1164
1165 /* set max-conns */
1166 if (srv->srvconf.max_conns > srv->max_fds/2) {
1167 /* we can't have more connections than max-fds/2 */
1168 log_error_write(srv, __FILE__, __LINE__, "sdd", "can't have more connections than fds/2: ", srv->srvconf.max_conns, srv->max_fds);
1169 srv->max_conns = srv->max_fds/2;
1170 } else if (srv->srvconf.max_conns) {
1171 /* otherwise respect the wishes of the user */
1172 srv->max_conns = srv->srvconf.max_conns;
1173 } else {
1174 /* or use the default: we really don't want to hit max-fds */
1175 srv->max_conns = srv->max_fds/3;
1176 }
1177
1178 if (HANDLER_GO_ON != plugins_call_init(srv)) {
1179 log_error_write(srv, __FILE__, __LINE__, "s", "Initialization of plugins failed. Going down.");
1180
1181 plugins_free(srv);
1182 network_close(srv);
1183 server_free(srv);
1184
1185 return -1;
1186 }
1187
1188 #ifdef HAVE_FORK
1189 /* network is up, let's deamonize ourself */
1190 if (srv->srvconf.dont_daemonize == 0) {
1191 parent_pipe_fd = daemonize();
1192 }
1193 #endif
1194
1195
1196 #ifdef HAVE_SIGACTION
1197 memset(&act, 0, sizeof(act));
1198 act.sa_handler = SIG_IGN;
1199 sigaction(SIGPIPE, &act, NULL);
1200 sigaction(SIGUSR1, &act, NULL);
1201 # if defined(SA_SIGINFO)
1202 act.sa_sigaction = sigaction_handler;
1203 sigemptyset(&act.sa_mask);
1204 act.sa_flags = SA_SIGINFO;
1205 # else
1206 act.sa_handler = signal_handler;
1207 sigemptyset(&act.sa_mask);
1208 act.sa_flags = 0;
1209 # endif
1210 sigaction(SIGINT, &act, NULL);
1211 sigaction(SIGTERM, &act, NULL);
1212 sigaction(SIGHUP, &act, NULL);
1213 sigaction(SIGALRM, &act, NULL);
1214
1215 /* it should be safe to restart syscalls after SIGCHLD */
1216 act.sa_flags |= SA_RESTART | SA_NOCLDSTOP;
1217 sigaction(SIGCHLD, &act, NULL);
1218
1219 #elif defined(HAVE_SIGNAL)
1220 /* ignore the SIGPIPE from sendfile() */
1221 signal(SIGPIPE, SIG_IGN);
1222 signal(SIGUSR1, SIG_IGN);
1223 signal(SIGALRM, signal_handler);
1224 signal(SIGTERM, signal_handler);
1225 signal(SIGHUP, signal_handler);
1226 signal(SIGCHLD, signal_handler);
1227 signal(SIGINT, signal_handler);
1228 #endif
1229
1230 #ifdef USE_ALARM
1231 signal(SIGALRM, signal_handler);
1232
1233 /* setup periodic timer (1 second) */
1234 if (setitimer(ITIMER_REAL, &interval, NULL)) {
1235 log_error_write(srv, __FILE__, __LINE__, "s", "setting timer failed");
1236 return -1;
1237 }
1238
1239 getitimer(ITIMER_REAL, &interval);
1240 #endif
1241
1242
1243 srv->gid = getgid();
1244 srv->uid = getuid();
1245
1246 /* write pid file */
1247 if (pid_fd != -1) {
1248 buffer_copy_int(srv->tmp_buf, getpid());
1249 buffer_append_string_len(srv->tmp_buf, CONST_STR_LEN("\n"));
1250 if (-1 == write_all(pid_fd, CONST_BUF_LEN(srv->tmp_buf))) {
1251 log_error_write(srv, __FILE__, __LINE__, "ss", "Couldn't write pid file:", strerror(errno));
1252 close(pid_fd);
1253 return -1;
1254 }
1255 }
1256
1257 /* Close stderr ASAP in the child process to make sure that nothing
1258 * is being written to that fd which may not be valid anymore. */
1259 if (!srv->srvconf.preflight_check && -1 == log_error_open(srv)) {
1260 log_error_write(srv, __FILE__, __LINE__, "s", "Opening errorlog failed. Going down.");
1261
1262 plugins_free(srv);
1263 network_close(srv);
1264 server_free(srv);
1265 return -1;
1266 }
1267
1268 if (HANDLER_GO_ON != plugins_call_set_defaults(srv)) {
1269 log_error_write(srv, __FILE__, __LINE__, "s", "Configuration of plugins failed. Going down.");
1270
1271 plugins_free(srv);
1272 network_close(srv);
1273 server_free(srv);
1274
1275 return -1;
1276 }
1277
1278 /* settings might be enabled during module config set defaults */
1279 srv->config_storage[0]->high_precision_timestamps = srv->srvconf.high_precision_timestamps;
1280
1281 /* dump unused config-keys */
1282 for (i = 0; i < srv->config_context->used; i++) {
1283 array *config = ((data_config *)srv->config_context->data[i])->value;
1284 size_t j;
1285
1286 for (j = 0; config && j < config->used; j++) {
1287 data_unset *du = config->data[j];
1288
1289 /* all var.* is known as user defined variable */
1290 if (strncmp(du->key->ptr, "var.", sizeof("var.") - 1) == 0) {
1291 continue;
1292 }
1293
1294 if (NULL == array_get_element(srv->config_touched, du->key->ptr)) {
1295 log_error_write(srv, __FILE__, __LINE__, "sbs",
1296 "WARNING: unknown config-key:",
1297 du->key,
1298 "(ignored)");
1299 }
1300 }
1301 }
1302
1303 if (srv->config_unsupported) {
1304 log_error_write(srv, __FILE__, __LINE__, "s",
1305 "Configuration contains unsupported keys. Going down.");
1306 }
1307
1308 if (srv->config_deprecated) {
1309 log_error_write(srv, __FILE__, __LINE__, "s",
1310 "Configuration contains deprecated keys. Going down.");
1311 }
1312
1313 if (srv->config_unsupported || srv->config_deprecated) {
1314 plugins_free(srv);
1315 network_close(srv);
1316 server_free(srv);
1317
1318 return -1;
1319 }
1320
1321 if (srv->srvconf.preflight_check) {
1322 /*printf("Preflight OK");*//*(stdout reopened to /dev/null)*/
1323 plugins_free(srv);
1324 network_close(srv);
1325 server_free(srv);
1326
1327 exit(0);
1328 }
1329
1330
1331 #ifdef HAVE_FORK
1332 /**
1333 * notify daemonize-grandparent of successful startup
1334 * do this before any further forking is done (workers)
1335 */
1336 if (srv->srvconf.dont_daemonize == 0) {
1337 if (0 > write(parent_pipe_fd, "", 1)) return -1;
1338 close(parent_pipe_fd);
1339 }
1340
1341 if (idle_limit && srv->srvconf.max_worker) {
1342 srv->srvconf.max_worker = 0;
1343 log_error_write(srv, __FILE__, __LINE__, "s",
1344 "server idle time limit command line option disables server.max-worker config file option.");
1345 }
1346
1347 /* start watcher and workers */
1348 num_childs = srv->srvconf.max_worker;
1349 if (num_childs > 0) {
1350 int child = 0;
1351 while (!child && !srv_shutdown && !graceful_shutdown) {
1352 if (num_childs > 0) {
1353 switch (fork()) {
1354 case -1:
1355 return -1;
1356 case 0:
1357 child = 1;
1358 break;
1359 default:
1360 num_childs--;
1361 break;
1362 }
1363 } else {
1364 int status;
1365
1366 if (-1 != wait(&status)) {
1367 /**
1368 * one of our workers went away
1369 */
1370 num_childs++;
1371 } else {
1372 switch (errno) {
1373 case EINTR:
1374 /**
1375 * if we receive a SIGHUP we have to close our logs ourself as we don't
1376 * have the mainloop who can help us here
1377 */
1378 if (handle_sig_hup) {
1379 handle_sig_hup = 0;
1380
1381 log_error_cycle(srv);
1382
1383 /**
1384 * forward to all procs in the process-group
1385 *
1386 * we also send it ourself
1387 */
1388 if (!forwarded_sig_hup && 0 != srv->srvconf.max_worker) {
1389 forwarded_sig_hup = 1;
1390 kill(0, SIGHUP);
1391 }
1392 }
1393 break;
1394 default:
1395 break;
1396 }
1397 }
1398 }
1399 }
1400
1401 /**
1402 * for the parent this is the exit-point
1403 */
1404 if (!child) {
1405 /**
1406 * kill all children too
1407 */
1408 if (graceful_shutdown) {
1409 kill(0, SIGINT);
1410 } else if (srv_shutdown) {
1411 kill(0, SIGTERM);
1412 }
1413
1414 remove_pid_file(srv, &pid_fd);
1415 log_error_close(srv);
1416 network_close(srv);
1417 connections_free(srv);
1418 plugins_free(srv);
1419 server_free(srv);
1420 return 0;
1421 }
1422
1423 /**
1424 * make sure workers do not muck with pid-file
1425 */
1426 if (0 <= pid_fd) {
1427 close(pid_fd);
1428 pid_fd = -1;
1429 }
1430 buffer_reset(srv->srvconf.pid_file);
1431
1432 li_rand_reseed();
1433 }
1434 #endif
1435
1436 if (NULL == (srv->ev = fdevent_init(srv, srv->max_fds + 1, srv->event_handler))) {
1437 log_error_write(srv, __FILE__, __LINE__,
1438 "s", "fdevent_init failed");
1439 return -1;
1440 }
1441
1442 /* libev backend overwrites our SIGCHLD handler and calls waitpid on SIGCHLD; we want our own SIGCHLD handling. */
1443 #ifdef HAVE_SIGACTION
1444 sigaction(SIGCHLD, &act, NULL);
1445 #elif defined(HAVE_SIGNAL)
1446 signal(SIGCHLD, signal_handler);
1447 #endif
1448
1449 /*
1450 * kqueue() is called here, select resets its internals,
1451 * all server sockets get their handlers
1452 *
1453 * */
1454 if (0 != network_register_fdevents(srv)) {
1455 plugins_free(srv);
1456 network_close(srv);
1457 server_free(srv);
1458
1459 return -1;
1460 }
1461
1462 /* might fail if user is using fam (not gamin) and famd isn't running */
1463 if (NULL == (srv->stat_cache = stat_cache_init())) {
1464 log_error_write(srv, __FILE__, __LINE__, "s",
1465 "stat-cache could not be setup, dieing.");
1466 return -1;
1467 }
1468
1469 #ifdef HAVE_FAM_H
1470 /* setup FAM */
1471 if (srv->srvconf.stat_cache_engine == STAT_CACHE_ENGINE_FAM) {
1472 if (0 != FAMOpen2(&srv->stat_cache->fam, "lighttpd")) {
1473 log_error_write(srv, __FILE__, __LINE__, "s",
1474 "could not open a fam connection, dieing.");
1475 return -1;
1476 }
1477 #ifdef HAVE_FAMNOEXISTS
1478 FAMNoExists(&srv->stat_cache->fam);
1479 #endif
1480
1481 fd_close_on_exec(FAMCONNECTION_GETFD(&srv->stat_cache->fam));
1482 fdevent_register(srv->ev, FAMCONNECTION_GETFD(&srv->stat_cache->fam), stat_cache_handle_fdevent, NULL);
1483 fdevent_event_set(srv->ev, &(srv->stat_cache->fam_fcce_ndx), FAMCONNECTION_GETFD(&srv->stat_cache->fam), FDEVENT_IN);
1484 }
1485 #endif
1486
1487
1488 /* get the current number of FDs */
1489 srv->cur_fds = open("/dev/null", O_RDONLY);
1490 close(srv->cur_fds);
1491
1492 for (i = 0; i < srv->srv_sockets.used; i++) {
1493 server_socket *srv_socket = srv->srv_sockets.ptr[i];
1494 if (srv->sockets_disabled) continue; /* lighttpd -1 (one-shot mode) */
1495 if (-1 == fdevent_fcntl_set_nb_cloexec_sock(srv->ev, srv_socket->fd)) {
1496 log_error_write(srv, __FILE__, __LINE__, "ss", "fcntl failed:", strerror(errno));
1497 return -1;
1498 }
1499 }
1500
1501 if (oneshot_fd && server_oneshot_init(srv, oneshot_fd)) {
1502 oneshot_fd = -1;
1503 }
1504
1505 /* main-loop */
1506 while (!srv_shutdown) {
1507 int n;
1508 size_t ndx;
1509 time_t min_ts;
1510
1511 if (handle_sig_hup) {
1512 handler_t r;
1513
1514 /* reset notification */
1515 handle_sig_hup = 0;
1516
1517
1518 /* cycle logfiles */
1519
1520 switch(r = plugins_call_handle_sighup(srv)) {
1521 case HANDLER_GO_ON:
1522 break;
1523 default:
1524 log_error_write(srv, __FILE__, __LINE__, "sd", "sighup-handler return with an error", r);
1525 break;
1526 }
1527
1528 if (-1 == log_error_cycle(srv)) {
1529 log_error_write(srv, __FILE__, __LINE__, "s", "cycling errorlog failed, dying");
1530
1531 return -1;
1532 } else {
1533 #ifdef HAVE_SIGACTION
1534 log_error_write(srv, __FILE__, __LINE__, "sdsd",
1535 "logfiles cycled UID =",
1536 last_sighup_info.si_uid,
1537 "PID =",
1538 last_sighup_info.si_pid);
1539 #else
1540 log_error_write(srv, __FILE__, __LINE__, "s",
1541 "logfiles cycled");
1542 #endif
1543 }
1544 }
1545
1546 if (handle_sig_alarm) {
1547 /* a new second */
1548
1549 #ifdef USE_ALARM
1550 /* reset notification */
1551 handle_sig_alarm = 0;
1552 #endif
1553
1554 /* get current time */
1555 min_ts = time(NULL);
1556
1557 if (min_ts != srv->cur_ts) {
1558 #ifdef DEBUG_CONNECTION_STATES
1559 int cs = 0;
1560 #endif
1561 connections *conns = srv->conns;
1562 handler_t r;
1563
1564 switch(r = plugins_call_handle_trigger(srv)) {
1565 case HANDLER_GO_ON:
1566 break;
1567 case HANDLER_ERROR:
1568 log_error_write(srv, __FILE__, __LINE__, "s", "one of the triggers failed");
1569 break;
1570 default:
1571 log_error_write(srv, __FILE__, __LINE__, "d", r);
1572 break;
1573 }
1574
1575 /* trigger waitpid */
1576 srv->cur_ts = min_ts;
1577
1578 /* check idle time limit, if enabled */
1579 if (idle_limit && idle_limit < min_ts - last_active_ts && !graceful_shutdown) {
1580 log_error_write(srv, __FILE__, __LINE__, "sDs", "[note] idle timeout", (int)idle_limit,
1581 "s exceeded, initiating graceful shutdown");
1582 graceful_shutdown = 2; /* value 2 indicates idle timeout */
1583 }
1584
1585 #ifdef HAVE_GETLOADAVG
1586 /* refresh loadavg data every 30 seconds */
1587 if (srv->srvconf.loadts + 30 < min_ts) {
1588 if (-1 != getloadavg(srv->srvconf.loadavg, 3)) {
1589 srv->srvconf.loadts = min_ts;
1590 }
1591 }
1592 #endif
1593
1594 /* cleanup stat-cache */
1595 stat_cache_trigger_cleanup(srv);
1596 /**
1597 * check all connections for timeouts
1598 *
1599 */
1600 for (ndx = 0; ndx < conns->used; ndx++) {
1601 connection * const con = conns->ptr[ndx];
1602 const int waitevents = fdevent_event_get_interest(srv->ev, con->fd);
1603 int changed = 0;
1604 int t_diff;
1605
1606 if (con->state == CON_STATE_CLOSE) {
1607 if (srv->cur_ts - con->close_timeout_ts > HTTP_LINGER_TIMEOUT) {
1608 changed = 1;
1609 }
1610 } else if (waitevents & FDEVENT_IN) {
1611 if (con->request_count == 1 || con->state != CON_STATE_READ) { /* e.g. CON_STATE_READ_POST || CON_STATE_WRITE */
1612 if (srv->cur_ts - con->read_idle_ts > con->conf.max_read_idle) {
1613 /* time - out */
1614 if (con->conf.log_request_handling) {
1615 log_error_write(srv, __FILE__, __LINE__, "sd",
1616 "connection closed - read timeout:", con->fd);
1617 }
1618
1619 connection_set_state(srv, con, CON_STATE_ERROR);
1620 changed = 1;
1621 }
1622 } else {
1623 if (srv->cur_ts - con->read_idle_ts > con->keep_alive_idle) {
1624 /* time - out */
1625 if (con->conf.log_request_handling) {
1626 log_error_write(srv, __FILE__, __LINE__, "sd",
1627 "connection closed - keep-alive timeout:", con->fd);
1628 }
1629
1630 connection_set_state(srv, con, CON_STATE_ERROR);
1631 changed = 1;
1632 }
1633 }
1634 }
1635
1636 /* max_write_idle timeout currently functions as backend timeout,
1637 * too, after response has been started.
1638 * future: have separate backend timeout, and then change this
1639 * to check for write interest before checking for timeout */
1640 /*if (waitevents & FDEVENT_OUT)*/
1641 if ((con->state == CON_STATE_WRITE) &&
1642 (con->write_request_ts != 0)) {
1643 #if 0
1644 if (srv->cur_ts - con->write_request_ts > 60) {
1645 log_error_write(srv, __FILE__, __LINE__, "sdd",
1646 "connection closed - pre-write-request-timeout:", con->fd, srv->cur_ts - con->write_request_ts);
1647 }
1648 #endif
1649
1650 if (srv->cur_ts - con->write_request_ts > con->conf.max_write_idle) {
1651 /* time - out */
1652 if (con->conf.log_timeouts) {
1653 log_error_write(srv, __FILE__, __LINE__, "sbsbsosds",
1654 "NOTE: a request from",
1655 con->dst_addr_buf,
1656 "for",
1657 con->request.uri,
1658 "timed out after writing",
1659 con->bytes_written,
1660 "bytes. We waited",
1661 (int)con->conf.max_write_idle,
1662 "seconds. If this a problem increase server.max-write-idle");
1663 }
1664 connection_set_state(srv, con, CON_STATE_ERROR);
1665 changed = 1;
1666 }
1667 }
1668
1669 /* we don't like div by zero */
1670 if (0 == (t_diff = srv->cur_ts - con->connection_start)) t_diff = 1;
1671
1672 if (con->traffic_limit_reached &&
1673 (con->conf.kbytes_per_second == 0 ||
1674 ((con->bytes_written / t_diff) < con->conf.kbytes_per_second * 1024))) {
1675 /* enable connection again */
1676 con->traffic_limit_reached = 0;
1677
1678 changed = 1;
1679 }
1680
1681 if (changed) {
1682 connection_state_machine(srv, con);
1683 }
1684 con->bytes_written_cur_second = 0;
1685 *(con->conf.global_bytes_per_second_cnt_ptr) = 0;
1686
1687 #if DEBUG_CONNECTION_STATES
1688 if (cs == 0) {
1689 fprintf(stderr, "connection-state: ");
1690 cs = 1;
1691 }
1692
1693 fprintf(stderr, "c[%d,%d]: %s ",
1694 con->fd,
1695 con->fcgi.fd,
1696 connection_get_state(con->state));
1697 #endif
1698 }
1699
1700 #ifdef DEBUG_CONNECTION_STATES
1701 if (cs == 1) fprintf(stderr, "\n");
1702 #endif
1703 }
1704 }
1705
1706 if (srv->sockets_disabled) {
1707 /* our server sockets are disabled, why ? */
1708
1709 if ((srv->cur_fds + srv->want_fds < srv->max_fds * 8 / 10) && /* we have enough unused fds */
1710 (srv->conns->used <= srv->max_conns * 9 / 10) &&
1711 (0 == graceful_shutdown)) {
1712 for (i = 0; i < srv->srv_sockets.used; i++) {
1713 server_socket *srv_socket = srv->srv_sockets.ptr[i];
1714 fdevent_event_set(srv->ev, &(srv_socket->fde_ndx), srv_socket->fd, FDEVENT_IN);
1715 }
1716
1717 log_error_write(srv, __FILE__, __LINE__, "s", "[note] sockets enabled again");
1718
1719 srv->sockets_disabled = 0;
1720 }
1721 } else {
1722 if ((srv->cur_fds + srv->want_fds > srv->max_fds * 9 / 10) || /* out of fds */
1723 (srv->conns->used >= srv->max_conns) || /* out of connections */
1724 (graceful_shutdown)) { /* graceful_shutdown */
1725
1726 /* disable server-fds */
1727
1728 for (i = 0; i < srv->srv_sockets.used; i++) {
1729 server_socket *srv_socket = srv->srv_sockets.ptr[i];
1730
1731 if (graceful_shutdown) {
1732 /* we don't want this socket anymore,
1733 *
1734 * closing it right away will make it possible for
1735 * the next lighttpd to take over (graceful restart)
1736 * */
1737
1738 fdevent_event_del(srv->ev, &(srv_socket->fde_ndx), srv_socket->fd);
1739 fdevent_unregister(srv->ev, srv_socket->fd);
1740 close(srv_socket->fd);
1741 srv_socket->fd = -1;
1742
1743 /* network_close() will cleanup after us */
1744 } else {
1745 fdevent_event_set(srv->ev, &(srv_socket->fde_ndx), srv_socket->fd, 0);
1746 }
1747 }
1748
1749 if (graceful_shutdown) {
1750 remove_pid_file(srv, &pid_fd);
1751 log_error_write(srv, __FILE__, __LINE__, "s", "[note] graceful shutdown started");
1752 } else if (srv->conns->used >= srv->max_conns) {
1753 log_error_write(srv, __FILE__, __LINE__, "s", "[note] sockets disabled, connection limit reached");
1754 } else {
1755 log_error_write(srv, __FILE__, __LINE__, "s", "[note] sockets disabled, out-of-fds");
1756 }
1757
1758 srv->sockets_disabled = 1;
1759 }
1760 }
1761
1762 if (graceful_shutdown && srv->conns->used == 0) {
1763 /* we are in graceful shutdown phase and all connections are closed
1764 * we are ready to terminate without harming anyone */
1765 srv_shutdown = 1;
1766 break;
1767 }
1768
1769 /* we still have some fds to share */
1770 if (srv->want_fds) {
1771 /* check the fdwaitqueue for waiting fds */
1772 int free_fds = srv->max_fds - srv->cur_fds - 16;
1773 connection *con;
1774
1775 for (; free_fds > 0 && NULL != (con = fdwaitqueue_unshift(srv, srv->fdwaitqueue)); free_fds--) {
1776 connection_state_machine(srv, con);
1777
1778 srv->want_fds--;
1779 }
1780 }
1781
1782 if ((n = fdevent_poll(srv->ev, 1000)) > 0) {
1783 /* n is the number of events */
1784 int revents;
1785 int fd_ndx;
1786 last_active_ts = srv->cur_ts;
1787 fd_ndx = -1;
1788 do {
1789 fdevent_handler handler;
1790 void *context;
1791
1792 fd_ndx = fdevent_event_next_fdndx (srv->ev, fd_ndx);
1793 if (-1 == fd_ndx) break; /* not all fdevent handlers know how many fds got an event */
1794
1795 revents = fdevent_event_get_revent (srv->ev, fd_ndx);
1796 fd = fdevent_event_get_fd (srv->ev, fd_ndx);
1797 handler = fdevent_get_handler(srv->ev, fd);
1798 context = fdevent_get_context(srv->ev, fd);
1799 if (NULL != handler) {
1800 (*handler)(srv, context, revents);
1801 }
1802 } while (--n > 0);
1803 fdevent_sched_run(srv, srv->ev);
1804 } else if (n < 0 && errno != EINTR) {
1805 log_error_write(srv, __FILE__, __LINE__, "ss",
1806 "fdevent_poll failed:",
1807 strerror(errno));
1808 }
1809
1810 for (ndx = 0; ndx < srv->joblist->used; ndx++) {
1811 connection *con = srv->joblist->ptr[ndx];
1812 connection_state_machine(srv, con);
1813 con->in_joblist = 0;
1814 }
1815
1816 srv->joblist->used = 0;
1817 }
1818
1819 if (0 == graceful_shutdown) {
1820 remove_pid_file(srv, &pid_fd);
1821 }
1822
1823 if (2 == graceful_shutdown) { /* value 2 indicates idle timeout */
1824 log_error_write(srv, __FILE__, __LINE__, "s",
1825 "server stopped after idle timeout");
1826 } else {
1827 #ifdef HAVE_SIGACTION
1828 log_error_write(srv, __FILE__, __LINE__, "sdsd",
1829 "server stopped by UID =",
1830 last_sigterm_info.si_uid,
1831 "PID =",
1832 last_sigterm_info.si_pid);
1833 #else
1834 log_error_write(srv, __FILE__, __LINE__, "s",
1835 "server stopped");
1836 #endif
1837 }
1838
1839 /* clean-up */
1840 log_error_close(srv);
1841 network_close(srv);
1842 connections_free(srv);
1843 plugins_free(srv);
1844 server_free(srv);
1845
1846 return 0;
1847 }
A fast webserver with minimal memory-footprint (lighttpd)