3 * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
13 #include <ac/signal.h>
14 #include <ac/socket.h>
15 #include <ac/string.h>
17 #include <ac/unistd.h>
20 #include "ldap_pvt_thread.h"
27 int allow_severity = LOG_INFO;
28 int deny_severity = LOG_NOTICE;
29 #endif /* TCP Wrappers */
33 #endif /* LDAP_PF_LOCAL */
37 ber_socket_t dtblsize;
39 Listener **slap_listeners = NULL;
41 #define SLAPD_LISTEN 10
43 static ber_socket_t wake_sds[2];
47 #define WAKE_LISTENER(w) \
48 ((w && !waking) ? tcp_write( wake_sds[1], "0", 1 ), waking=1 : 0)
50 #define WAKE_LISTENER(w) \
51 do { if (w) tcp_write( wake_sds[1], "0", 1 ); } while(0)
57 volatile sig_atomic_t slapd_shutdown = 0;
59 static struct slap_daemon {
60 ldap_pvt_thread_mutex_t sd_mutex;
65 /* In winsock, accept() returns values higher than dtblsize
66 so don't bother with this optimization */
79 * SLP related functions
83 #define LDAP_SRVTYPE_PREFIX "service:ldap://"
84 #define LDAPS_SRVTYPE_PREFIX "service:ldaps://"
85 static char** slapd_srvurls = NULL;
86 static SLPHandle slapd_hslp = 0;
88 void slapd_slp_init( const char* urls ) {
91 slapd_srvurls = str2charray( urls, " " );
93 if( slapd_srvurls == NULL ) return;
95 /* find and expand INADDR_ANY URLs */
96 for( i=0; slapd_srvurls[i] != NULL; i++ ) {
97 if( strcmp( slapd_srvurls[i], "ldap:///" ) == 0) {
98 char *host = ldap_pvt_get_fqdn( NULL );
100 slapd_srvurls[i] = (char *) realloc( slapd_srvurls[i],
102 sizeof( LDAP_SRVTYPE_PREFIX ) );
103 strcpy( slap_strcopy(slapd_srvurls[i],
104 LDAP_SRVTYPE_PREFIX ), host );
109 } else if ( strcmp( slapd_srvurls[i], "ldaps:///" ) == 0) {
110 char *host = ldap_pvt_get_fqdn( NULL );
111 if ( host != NULL ) {
112 slapd_srvurls[i] = (char *) realloc( slapd_srvurls[i],
114 sizeof( LDAPS_SRVTYPE_PREFIX ) );
115 strcpy( slap_strcopy(slapd_srvurls[i],
116 LDAPS_SRVTYPE_PREFIX ), host );
123 /* open the SLP handle */
124 SLPOpen( "en", 0, &slapd_hslp );
127 void slapd_slp_deinit() {
128 if( slapd_srvurls == NULL ) return;
130 charray_free( slapd_srvurls );
131 slapd_srvurls = NULL;
133 /* close the SLP handle */
134 SLPClose( slapd_hslp );
137 void slapd_slp_regreport(
145 void slapd_slp_reg() {
148 for( i=0; slapd_srvurls[i] != NULL; i++ ) {
149 if( strncmp( slapd_srvurls[i], LDAP_SRVTYPE_PREFIX,
150 sizeof( LDAP_SRVTYPE_PREFIX ) - 1 ) == 0 ||
151 strncmp( slapd_srvurls[i], LDAPS_SRVTYPE_PREFIX,
152 sizeof( LDAPS_SRVTYPE_PREFIX ) - 1 ) == 0 )
156 SLP_LIFETIME_MAXIMUM,
166 void slapd_slp_dereg() {
169 for( i=0; slapd_srvurls[i] != NULL; i++ ) {
170 SLPDereg( slapd_hslp,
176 #endif /* HAVE_SLP */
179 * Add a descriptor to daemon control
181 static void slapd_add(ber_socket_t s) {
182 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
184 assert( !FD_ISSET( s, &slap_daemon.sd_actives ));
185 assert( !FD_ISSET( s, &slap_daemon.sd_readers ));
186 assert( !FD_ISSET( s, &slap_daemon.sd_writers ));
189 if (s >= slap_daemon.sd_nfds) {
190 slap_daemon.sd_nfds = s + 1;
194 FD_SET( s, &slap_daemon.sd_actives );
195 FD_SET( s, &slap_daemon.sd_readers );
198 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1,
199 "slapd_add: added %ld%s%s\n",
201 FD_ISSET(s, &slap_daemon.sd_readers) ? "r" : "",
202 FD_ISSET(s, &slap_daemon.sd_writers) ? "w" : "" ));
204 Debug( LDAP_DEBUG_CONNS, "daemon: added %ld%s%s\n",
206 FD_ISSET(s, &slap_daemon.sd_readers) ? "r" : "",
207 FD_ISSET(s, &slap_daemon.sd_writers) ? "w" : "" );
209 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
213 * Remove the descriptor from daemon control
215 void slapd_remove(ber_socket_t s, int wake) {
216 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
219 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1,
220 "slapd_remove: removing %ld%s%s\n",
222 FD_ISSET(s, &slap_daemon.sd_readers) ? "r" : "",
223 FD_ISSET(s, &slap_daemon.sd_writers) ? "w" : "" ));
225 Debug( LDAP_DEBUG_CONNS, "daemon: removing %ld%s%s\n",
227 FD_ISSET(s, &slap_daemon.sd_readers) ? "r" : "",
228 FD_ISSET(s, &slap_daemon.sd_writers) ? "w" : "" );
230 FD_CLR( s, &slap_daemon.sd_actives );
231 FD_CLR( s, &slap_daemon.sd_readers );
232 FD_CLR( s, &slap_daemon.sd_writers );
234 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
238 void slapd_clr_write(ber_socket_t s, int wake) {
239 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
241 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
242 FD_CLR( s, &slap_daemon.sd_writers );
244 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
248 void slapd_set_write(ber_socket_t s, int wake) {
249 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
251 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
252 if (!FD_ISSET(s, &slap_daemon.sd_writers))
253 FD_SET( (unsigned) s, &slap_daemon.sd_writers );
255 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
259 void slapd_clr_read(ber_socket_t s, int wake) {
260 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
262 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
263 FD_CLR( s, &slap_daemon.sd_readers );
265 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
269 void slapd_set_read(ber_socket_t s, int wake) {
270 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
272 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
273 if (!FD_ISSET(s, &slap_daemon.sd_readers))
274 FD_SET( s, &slap_daemon.sd_readers );
276 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
280 static void slapd_close(ber_socket_t s) {
282 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1,
283 "slapd_close: closing %ld\n", (long)s ));
285 Debug( LDAP_DEBUG_CONNS, "daemon: closing %ld\n",
291 static void slap_free_listener_addresses(struct sockaddr **sal)
293 struct sockaddr **sap;
299 for (sap = sal; *sap != NULL; sap++) {
306 /* port = 0 indicates AF_LOCAL */
307 static int slap_get_listener_addresses(
310 struct sockaddr ***sal)
312 struct sockaddr **sap;
316 *sal = ch_malloc(2 * sizeof(void *));
322 *sap = ch_malloc(sizeof(struct sockaddr_un));
328 (sizeof(((struct sockaddr_un *)*sap)->sun_path) - 1) ) {
330 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
331 "slap_get_listener_addresses: domain socket path (%s) too long in URL\n",
334 Debug( LDAP_DEBUG_ANY,
335 "daemon: domain socket path (%s) too long in URL",
341 (void)memset( (void *)*sap, '\0', sizeof(struct sockaddr_un) );
342 (*sap)->sa_family = AF_LOCAL;
343 strcpy( ((struct sockaddr_un *)*sap)->sun_path, host );
347 #ifdef HAVE_GETADDRINFO
348 struct addrinfo hints, *res, *sai;
352 memset( &hints, '\0', sizeof(hints) );
353 hints.ai_flags = AI_PASSIVE;
354 hints.ai_socktype = SOCK_STREAM;
355 hints.ai_family = AF_UNSPEC;
356 snprintf(serv, sizeof serv, "%d", port);
358 if ( (err = getaddrinfo(host, serv, &hints, &res)) ) {
360 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
361 "slap_get_listener_addresses: getaddrinfo failed: %s\n",
362 AC_GAI_STRERROR(err) ));
364 Debug( LDAP_DEBUG_ANY, "daemon: getaddrinfo failed: %s\n",
365 AC_GAI_STRERROR(err), 0, 0);
371 for (n=2; (sai = sai->ai_next) != NULL; n++) {
374 *sal = ch_calloc(n, sizeof(void *));
382 for ( sai=res; sai; sai=sai->ai_next ) {
383 if( sai->ai_addr == NULL ) {
385 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
386 "slap_get_listener_addresses: "
387 "getaddrinfo ai_addr is NULL?\n" ));
389 Debug( LDAP_DEBUG_ANY, "slap_get_listener_addresses: "
390 "getaddrinfo ai_addr is NULL?\n", 0, 0, 0 );
396 switch (sai->ai_family) {
397 # ifdef LDAP_PF_INET6
399 *sap = ch_malloc(sizeof(struct sockaddr_in6));
404 *(struct sockaddr_in6 *)*sap =
405 *((struct sockaddr_in6 *)sai->ai_addr);
409 *sap = ch_malloc(sizeof(struct sockaddr_in));
414 *(struct sockaddr_in *)*sap =
415 *((struct sockaddr_in *)sai->ai_addr);
423 (*sap)->sa_family = sai->ai_family;
433 if ( host == NULL ) {
434 in.s_addr = htonl(INADDR_ANY);
436 } else if ( !inet_aton( host, &in ) ) {
437 struct hostent *he = gethostbyname( host );
440 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
441 "slap_get_listener_addresses: invalid host %s\n",
444 Debug( LDAP_DEBUG_ANY,
445 "daemon: invalid host %s", host, 0, 0);
449 AC_MEMCPY( &in, he->h_addr, sizeof( in ) );
452 *sal = ch_malloc(2 * sizeof(void *));
458 *sap = ch_malloc(sizeof(struct sockaddr_in));
464 (void)memset( (void *)*sap, '\0', sizeof(struct sockaddr_in) );
465 (*sap)->sa_family = AF_INET;
466 ((struct sockaddr_in *)*sap)->sin_port = htons(port);
467 ((struct sockaddr_in *)*sap)->sin_addr = in;
474 slap_free_listener_addresses(*sal);
478 static Listener * slap_open_listener(
486 int err, addrlen = 0;
487 struct sockaddr **sal, **psal;
488 int socktype = SOCK_STREAM; /* default to COTS */
490 mode_t perms = S_IRWXU;
493 rc = ldap_url_parse( url, &lud );
495 if( rc != LDAP_URL_SUCCESS ) {
497 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
498 "slap_open_listener: listen URL \"%s\" parse error %d\n",
501 Debug( LDAP_DEBUG_ANY,
502 "daemon: listen URL \"%s\" parse error=%d\n",
509 if( ldap_pvt_url_scheme2tls( lud->lud_scheme ) ) {
511 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
512 "slap_open_listener: TLS is not supported (%s)\n",
515 Debug( LDAP_DEBUG_ANY,
516 "daemon: TLS not supported (%s)\n",
519 ldap_free_urldesc( lud );
523 if(! lud->lud_port ) {
524 lud->lud_port = LDAP_PORT;
528 l.sl_is_tls = ldap_pvt_url_scheme2tls( lud->lud_scheme );
530 if(! lud->lud_port ) {
531 lud->lud_port = l.sl_is_tls ? LDAPS_PORT : LDAP_PORT;
535 port = (unsigned short) lud->lud_port;
537 tmp = ldap_pvt_url_scheme2proto(lud->lud_scheme);
538 if ( tmp == LDAP_PROTO_IPC ) {
540 if ( lud->lud_host == NULL || lud->lud_host[0] == '\0' ) {
541 err = slap_get_listener_addresses(LDAPI_SOCK, 0, &sal);
543 err = slap_get_listener_addresses(lud->lud_host, 0, &sal);
548 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
549 "slap_open_listener: URL scheme is not supported: %s\n",
552 Debug( LDAP_DEBUG_ANY, "daemon: URL scheme not supported: %s",
555 ldap_free_urldesc( lud );
559 #ifdef LDAP_CONNECTIONLESS
560 l.sl_is_udp = ( tmp == LDAP_PROTO_UDP );
562 if( lud->lud_host == NULL || lud->lud_host[0] == '\0'
563 || strcmp(lud->lud_host, "*") == 0 )
565 err = slap_get_listener_addresses(NULL, port, &sal);
567 err = slap_get_listener_addresses(lud->lud_host, port, &sal);
571 ldap_free_urldesc( lud );
577 while ( *sal != NULL ) {
578 switch( (*sal)->sa_family ) {
591 #ifdef LDAP_CONNECTIONLESS
593 socktype = SOCK_DGRAM;
595 l.sl_sd = socket( (*sal)->sa_family, socktype, 0);
596 if ( l.sl_sd == AC_SOCKET_INVALID ) {
597 int err = sock_errno();
599 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
600 "slap_open_listener: socket() failed errno=%d (%s)\n",
601 err, sock_errstr(err) ));
603 Debug( LDAP_DEBUG_ANY,
604 "daemon: socket() failed errno=%d (%s)\n", err,
605 sock_errstr(err), 0 );
611 if ( l.sl_sd >= dtblsize ) {
613 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
614 "slap_open_listener: listener descriptor %ld is too great %ld\n",
615 (long)l.sl_sd, (long)dtblsize ));
617 Debug( LDAP_DEBUG_ANY,
618 "daemon: listener descriptor %ld is too great %ld\n",
619 (long) l.sl_sd, (long) dtblsize, 0 );
621 tcp_close( l.sl_sd );
627 if ( (*sal)->sa_family == AF_LOCAL ) {
628 unlink ( ((struct sockaddr_un *)*sal)->sun_path );
633 /* enable address reuse */
635 rc = setsockopt( l.sl_sd, SOL_SOCKET, SO_REUSEADDR,
636 (char *) &tmp, sizeof(tmp) );
637 if ( rc == AC_SOCKET_ERROR ) {
638 int err = sock_errno();
640 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
641 "slap_open_listener: setsockopt( %ld, SO_REUSEADDR ) failed errno %d (%s)\n",
642 (long)l.sl_sd, err, sock_errstr(err) ));
644 Debug( LDAP_DEBUG_ANY,
645 "slapd(%ld): setsockopt(SO_REUSEADDR) failed errno=%d (%s)\n",
646 (long) l.sl_sd, err, sock_errstr(err) );
652 switch( (*sal)->sa_family ) {
654 addrlen = sizeof(struct sockaddr_in);
658 addrlen = sizeof(struct sockaddr_in6);
663 addrlen = sizeof(struct sockaddr_un);
668 if (!bind(l.sl_sd, *sal, addrlen))
672 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
673 "slap_open_listener: bind(%ld) failed errno=%d (%s)\n",
674 (long)l.sl_sd, err, sock_errstr(err) ));
676 Debug( LDAP_DEBUG_ANY, "daemon: bind(%ld) failed errno=%d (%s)\n",
677 (long) l.sl_sd, err, sock_errstr(err) );
679 tcp_close( l.sl_sd );
681 } /* while ( *sal != NULL ) */
683 if ( *sal == NULL ) {
685 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
686 "slap_open_listener: bind(%ld) failed.\n", (long)l.sl_sd ));
688 Debug( LDAP_DEBUG_ANY, "daemon: bind(%ld) failed\n",
689 (long) l.sl_sd, 0, 0 );
691 slap_free_listener_addresses(psal);
695 switch ( (*sal)->sa_family ) {
698 char *addr = ((struct sockaddr_un *)*sal)->sun_path;
699 if ( chmod( addr, perms ) < 0 ) {
700 int err = sock_errno();
702 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
703 "slap_open_listener: fchmod(%ld) failed errno=%d (%s)\n",
704 (long)l.sl_sd, err, sock_errstr(err) ));
706 Debug( LDAP_DEBUG_ANY, "daemon: fchmod(%ld) failed errno=%d (%s)",
707 (long) l.sl_sd, err, sock_errstr(err) );
709 tcp_close( l.sl_sd );
710 slap_free_listener_addresses(psal);
713 l.sl_name = ch_malloc( strlen(addr) + sizeof("PATH=") );
714 sprintf( l.sl_name, "PATH=%s", addr );
716 #endif /* LDAP_PF_LOCAL */
720 #if defined( HAVE_GETADDRINFO ) && defined( HAVE_INET_NTOP )
721 char addr[INET_ADDRSTRLEN];
722 inet_ntop( AF_INET, &((struct sockaddr_in *)*sal)->sin_addr,
723 addr, sizeof(addr) );
726 s = inet_ntoa( ((struct sockaddr_in *) *sal)->sin_addr );
728 port = ((struct sockaddr_in *)*sal) ->sin_port;
729 l.sl_name = ch_malloc( sizeof("IP=255.255.255.255:65535") );
730 sprintf( l.sl_name, "IP=%s:%d",
731 s != NULL ? s : "unknown" , port );
736 char addr[INET6_ADDRSTRLEN];
737 inet_ntop( AF_INET6, &((struct sockaddr_in6 *)*sal)->sin6_addr,
739 port = ((struct sockaddr_in6 *)*sal)->sin6_port;
740 l.sl_name = ch_malloc( strlen(addr) + sizeof("IP= 65535") );
741 sprintf( l.sl_name, "IP=%s %d", addr, port );
743 #endif /* LDAP_PF_INET6 */
747 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
748 "slap_open_listener: unsupported address family (%d)\n",
749 (int)(*sal)->sa_family ));
751 Debug( LDAP_DEBUG_ANY, "daemon: unsupported address family (%d)\n",
752 (int) (*sal)->sa_family, 0, 0 );
757 slap_free_listener_addresses(psal);
759 l.sl_url = ch_strdup( url );
760 li = ch_malloc( sizeof( Listener ) );
764 LDAP_LOG(( "connection", LDAP_LEVEL_RESULTS,
765 "slap_open_listener: daemon initialzed %s\n", l.sl_url ));
767 Debug( LDAP_DEBUG_TRACE, "daemon: initialized %s\n",
773 static int sockinit(void);
774 static int sockdestroy(void);
776 int slapd_daemon_init( const char *urls )
782 LDAP_LOG(( "connection", LDAP_LEVEL_ARGS,
783 "slapd_daemon_init: %s\n",
784 urls ? urls : "<null>" ));
786 Debug( LDAP_DEBUG_ARGS, "daemon_init: %s\n",
787 urls ? urls : "<null>", 0, 0 );
789 if( (rc = sockinit()) != 0 ) {
794 dtblsize = sysconf( _SC_OPEN_MAX );
795 #elif HAVE_GETDTABLESIZE
796 dtblsize = getdtablesize();
798 dtblsize = FD_SETSIZE;
802 if(dtblsize > FD_SETSIZE) {
803 dtblsize = FD_SETSIZE;
805 #endif /* !FD_SETSIZE */
807 /* open a pipe (or something equivalent connected to itself).
808 * we write a byte on this fd whenever we catch a signal. The main
809 * loop will be select'ing on this socket, and will wake up when
812 if( (rc = lutil_pair( wake_sds )) < 0 ) {
814 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
815 "slap_daemon_init: lutil_pair() failed rc=%d\n", rc ));
817 Debug( LDAP_DEBUG_ANY,
818 "daemon: lutil_pair() failed rc=%d\n", rc, 0, 0 );
823 FD_ZERO( &slap_daemon.sd_readers );
824 FD_ZERO( &slap_daemon.sd_writers );
830 u = str2charray( urls, " " );
832 if( u == NULL || u[0] == NULL ) {
834 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
835 "slap_daemon_init: no urls (%s) provided.\n", urls ));
837 Debug( LDAP_DEBUG_ANY, "daemon_init: no urls (%s) provided.\n",
843 for( i=0; u[i] != NULL; i++ ) {
845 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1,
846 "slap_daemon_init: listen on %s\n.", u[i] ));
848 Debug( LDAP_DEBUG_TRACE, "daemon_init: listen on %s\n",
855 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
856 "slap_daemon_init: no listeners to open (%s)\n", urls ));
858 Debug( LDAP_DEBUG_ANY, "daemon_init: no listeners to open (%s)\n",
866 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
867 "slap_daemon_init: %d listeners to open...\n", i ));
869 Debug( LDAP_DEBUG_TRACE, "daemon_init: %d listeners to open...\n",
872 slap_listeners = ch_malloc( (i+1)*sizeof(Listener *) );
874 for(i = 0; u[i] != NULL; i++ ) {
875 slap_listeners[i] = slap_open_listener( u[i] );
877 if( slap_listeners[i] == NULL ) {
882 slap_listeners[i] = NULL;
885 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1,
886 "slap_daemon_init: %d listeners opened\n", i ));
888 Debug( LDAP_DEBUG_TRACE, "daemon_init: %d listeners opened\n",
893 slapd_slp_init( urls );
898 ldap_pvt_thread_mutex_init( &slap_daemon.sd_mutex );
904 slapd_daemon_destroy(void)
906 connections_destroy();
907 tcp_close( wake_sds[1] );
908 tcp_close( wake_sds[0] );
926 time_t last_idle_check = 0;
929 if ( global_idletimeout > 0 ) {
930 last_idle_check = slap_get_time();
932 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
933 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
935 #ifdef LDAP_CONNECTIONLESS
936 /* Since this is connectionless, the data port is the
937 * listening port. The listen() and accept() calls
940 if ( slap_listeners[l]->sl_is_udp )
942 slapd_add( slap_listeners[l]->sl_sd );
947 if ( listen( slap_listeners[l]->sl_sd, SLAPD_LISTEN ) == -1 ) {
948 int err = sock_errno();
950 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
951 "slapd_daemon_task: listen( %s, 5 ) failed errno=%d (%s)\n",
952 slap_listeners[l]->sl_url, err, sock_errstr(err) ));
954 Debug( LDAP_DEBUG_ANY,
955 "daemon: listen(%s, 5) failed errno=%d (%s)\n",
956 slap_listeners[l]->sl_url, err,
962 slapd_add( slap_listeners[l]->sl_sd );
965 #ifdef HAVE_NT_SERVICE_MANAGER
966 if ( started_event != NULL ) {
967 ldap_pvt_thread_cond_signal( &started_event );
970 /* initialization complete. Here comes the loop. */
972 while ( !slapd_shutdown ) {
977 #define SLAPD_EBADF_LIMIT 16
981 #define SLAPD_IDLE_CHECK_LIMIT 4
989 #if defined(SLAPD_RLOOKUPS)
996 now = slap_get_time();
997 connections_timeout_idle( now );
999 else if ( global_idletimeout > 0 ) {
1000 now = slap_get_time();
1001 if ( difftime( last_idle_check+global_idletimeout/SLAPD_IDLE_CHECK_LIMIT, now ) < 0 ) {
1002 connections_timeout_idle( now );
1006 FD_ZERO( &writefds );
1007 FD_ZERO( &readfds );
1012 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
1014 #ifdef FD_SET_MANUAL_COPY
1015 for( s = 0; s < nfds; s++ ) {
1016 if(FD_ISSET( &slap_sd_readers, s )) {
1017 FD_SET( s, &readfds );
1019 if(FD_ISSET( &slap_sd_writers, s )) {
1020 FD_SET( s, &writefds );
1024 AC_MEMCPY( &readfds, &slap_daemon.sd_readers, sizeof(fd_set) );
1025 AC_MEMCPY( &writefds, &slap_daemon.sd_writers, sizeof(fd_set) );
1027 assert(!FD_ISSET(wake_sds[0], &readfds));
1028 FD_SET( wake_sds[0], &readfds );
1030 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
1031 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
1033 if (!FD_ISSET(slap_listeners[l]->sl_sd, &readfds))
1034 FD_SET( slap_listeners[l]->sl_sd, &readfds );
1037 #ifndef HAVE_WINSOCK
1038 nfds = slap_daemon.sd_nfds;
1043 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
1045 at = ldap_pvt_thread_pool_backload(&connection_pool);
1047 #if defined( HAVE_YIELDING_SELECT ) || defined( NO_THREADS )
1050 tvp = at ? &zero : NULL;
1053 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
1054 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
1058 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1,
1059 "slapd_daemon_task: select: listen=%d active_threads=%d tvp=%s\n",
1060 slap_listeners[l]->sl_sd, at, tvp == NULL ? "NULL" : "zero" ));
1062 Debug( LDAP_DEBUG_CONNS,
1063 "daemon: select: listen=%d active_threads=%d tvp=%s\n",
1064 slap_listeners[l]->sl_sd, at,
1065 tvp == NULL ? "NULL" : "zero" );
1069 switch(ns = select( nfds, &readfds,
1071 /* don't pass empty fd_set */
1072 ( writefds.fd_count > 0 ? &writefds : NULL ),
1078 case -1: { /* failure - try again */
1079 int err = sock_errno();
1083 /* you'd think this would be EBADF */
1084 || err == WSAENOTSOCK
1087 if (++ebadf < SLAPD_EBADF_LIMIT)
1091 if( err != EINTR ) {
1093 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
1094 "slapd_daemon_task: select failed (%d): %s\n",
1095 err, sock_errstr(err) ));
1097 Debug( LDAP_DEBUG_CONNS,
1098 "daemon: select failed (%d): %s\n",
1099 err, sock_errstr(err), 0 );
1101 slapd_shutdown = -1;
1106 case 0: /* timeout - let threads run */
1109 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2,
1110 "slapd_daemon_task: select timeout - yielding\n" ));
1112 Debug( LDAP_DEBUG_CONNS, "daemon: select timeout - yielding\n",
1115 ldap_pvt_thread_yield();
1118 default: /* something happened - deal with it */
1119 if( slapd_shutdown ) continue;
1123 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2,
1124 "slapd_daemon_task: activity on %d descriptors\n", ns ));
1126 Debug( LDAP_DEBUG_CONNS, "daemon: activity on %d descriptors\n",
1132 if( FD_ISSET( wake_sds[0], &readfds ) ) {
1134 tcp_read( wake_sds[0], c, sizeof(c) );
1141 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
1143 socklen_t len = sizeof(from);
1146 char *authid = NULL;
1148 char *dnsname = NULL;
1150 #ifdef LDAP_PF_LOCAL
1151 char peername[MAXPATHLEN + sizeof("PATH=")];
1152 #elif defined(LDAP_PF_INET6)
1153 char peername[sizeof("IP=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff 65535")];
1155 char peername[sizeof("IP=255.255.255.255:65336")];
1156 #endif /* LDAP_PF_LOCAL */
1160 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
1163 if ( !FD_ISSET( slap_listeners[l]->sl_sd, &readfds ) )
1166 #ifdef LDAP_CONNECTIONLESS
1167 if ( slap_listeners[l]->sl_is_udp )
1169 /* The first time we receive a query, we set this
1170 * up as a "connection". It remains open for the life
1173 if ( slap_listeners[l]->sl_is_udp < 2 )
1175 id = connection_init(
1176 slap_listeners[l]->sl_sd,
1177 slap_listeners[l]->sl_url, "", "",
1178 slap_listeners[l]->sl_name,
1180 slap_listeners[l]->sl_is_udp++;
1186 s = accept( slap_listeners[l]->sl_sd,
1187 (struct sockaddr *) &from, &len );
1188 if ( s == AC_SOCKET_INVALID ) {
1189 int err = sock_errno();
1192 if( err == EMFILE ) {
1197 if( err == ENFILE ) {
1207 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
1208 "slapd_daemon_task: accept(%ld) failed errno=%d (%s)\n",
1209 (long)slap_listeners[l]->sl_sd, err, sock_errstr(err) ));
1211 Debug( LDAP_DEBUG_ANY,
1212 "daemon: accept(%ld) failed errno=%d (%s)\n",
1213 (long) slap_listeners[l]->sl_sd, err,
1217 /* prevent busy loop */
1219 if( emfile % 4 == 3 ) usleep( 250 );
1221 if( emfile % 8 == 7 ) sleep( 1 );
1225 ldap_pvt_thread_yield();
1230 #ifndef HAVE_WINSOCK
1231 /* make sure descriptor number isn't too great */
1232 if ( s >= dtblsize ) {
1234 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
1235 "slapd_daemon_task: %ld beyond descriptor table size %ld\n",
1236 (long)s, (long)dtblsize ));
1238 Debug( LDAP_DEBUG_ANY,
1239 "daemon: %ld beyond descriptor table size %ld\n",
1240 (long) s, (long) dtblsize, 0 );
1244 ldap_pvt_thread_yield();
1250 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
1252 /* newly accepted stream should not be in any of the FD SETS */
1253 assert( !FD_ISSET( s, &slap_daemon.sd_actives) );
1254 assert( !FD_ISSET( s, &slap_daemon.sd_readers) );
1255 assert( !FD_ISSET( s, &slap_daemon.sd_writers) );
1257 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
1260 #if defined( SO_KEEPALIVE ) || defined( TCP_NODELAY )
1261 #ifdef LDAP_PF_LOCAL
1262 /* for IPv4 and IPv6 sockets only */
1263 if ( from.sa_addr.sa_family != AF_LOCAL )
1264 #endif /* LDAP_PF_LOCAL */
1269 /* enable keep alives */
1271 rc = setsockopt( s, SOL_SOCKET, SO_KEEPALIVE,
1272 (char *) &tmp, sizeof(tmp) );
1273 if ( rc == AC_SOCKET_ERROR ) {
1274 int err = sock_errno();
1276 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
1277 "slapd_daemon_task: setsockopt( %ld, SO_KEEPALIVE) failed errno=%d (%s)\n",
1278 (long)s, err, sock_errstr(err) ));
1280 Debug( LDAP_DEBUG_ANY,
1281 "slapd(%ld): setsockopt(SO_KEEPALIVE) failed "
1282 "errno=%d (%s)\n", (long) s, err, sock_errstr(err) );
1287 /* enable no delay */
1289 rc = setsockopt( s, IPPROTO_TCP, TCP_NODELAY,
1290 (char *)&tmp, sizeof(tmp) );
1291 if ( rc == AC_SOCKET_ERROR ) {
1292 int err = sock_errno();
1294 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
1295 "slapd_daemon_task: setsockopt( %ld, TCP_NODELAY) failed errno=%d (%s)\n",
1296 (long)s, err, sock_errstr(err) ));
1298 Debug( LDAP_DEBUG_ANY,
1299 "slapd(%ld): setsockopt(TCP_NODELAY) failed "
1300 "errno=%d (%s)\n", (long) s, err, sock_errstr(err) );
1308 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1,
1309 "slapd_daemon_task: new connection on %ld\n", (long)s ));
1311 Debug( LDAP_DEBUG_CONNS, "daemon: new connection on %ld\n",
1314 switch ( from.sa_addr.sa_family ) {
1315 # ifdef LDAP_PF_LOCAL
1317 sprintf( peername, "PATH=%s", from.sa_un_addr.sun_path );
1318 ssf = LDAP_PVT_SASL_LOCAL_SSF;
1321 #endif /* LDAP_PF_LOCAL */
1323 # ifdef LDAP_PF_INET6
1325 if ( IN6_IS_ADDR_V4MAPPED(&from.sa_in6_addr.sin6_addr) ) {
1326 peeraddr = inet_ntoa( *((struct in_addr *)
1327 &from.sa_in6_addr.sin6_addr.s6_addr[12]) );
1328 sprintf( peername, "IP=%s:%d",
1329 peeraddr != NULL ? peeraddr : "unknown",
1330 (unsigned) ntohs( from.sa_in6_addr.sin6_port ) );
1332 char addr[INET6_ADDRSTRLEN];
1333 sprintf( peername, "IP=%s %d",
1334 inet_ntop( AF_INET6,
1335 &from.sa_in6_addr.sin6_addr,
1336 addr, sizeof addr) ? addr : "unknown",
1337 (unsigned) ntohs( from.sa_in6_addr.sin6_port ) );
1340 # endif /* LDAP_PF_INET6 */
1343 peeraddr = inet_ntoa( from.sa_in_addr.sin_addr );
1344 sprintf( peername, "IP=%s:%d",
1345 peeraddr != NULL ? peeraddr : "unknown",
1346 (unsigned) ntohs( from.sa_in_addr.sin_port ) );
1354 if ( ( from.sa_addr.sa_family == AF_INET )
1355 #ifdef LDAP_PF_INET6
1356 || ( from.sa_addr.sa_family == AF_INET6 )
1359 #ifdef SLAPD_RLOOKUPS
1360 # ifdef LDAP_PF_INET6
1361 if ( from.sa_addr.sa_family == AF_INET6 )
1363 (char *)&(from.sa_in6_addr.sin6_addr),
1364 sizeof(from.sa_in6_addr.sin6_addr),
1367 # endif /* LDAP_PF_INET6 */
1369 (char *) &(from.sa_in_addr.sin_addr),
1370 sizeof(from.sa_in_addr.sin_addr),
1372 dnsname = hp ? ldap_pvt_str2lower( hp->h_name ) : NULL;
1375 #endif /* SLAPD_RLOOKUPS */
1378 if ( !hosts_ctl("slapd",
1379 dnsname != NULL ? dnsname : STRING_UNKNOWN,
1380 peeraddr != NULL ? peeraddr : STRING_UNKNOWN,
1384 Statslog( LDAP_DEBUG_ANY,
1385 "fd=%ld host access from %s (%s) denied.\n",
1387 dnsname != NULL ? dnsname : "unknown",
1388 peeraddr != NULL ? peeraddr : "unknown",
1393 #endif /* HAVE_TCPD */
1396 id = connection_init(s,
1397 slap_listeners[l]->sl_url,
1398 dnsname != NULL ? dnsname : "unknown",
1400 slap_listeners[l]->sl_name,
1402 slap_listeners[l]->sl_is_tls,
1409 if( authid ) ch_free(authid);
1413 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
1414 "slapd_daemon_task: connection_init(%ld, %s, %s) failed.\n",
1415 (long)s, peername, slap_listeners[l]->sl_name ));
1417 Debug( LDAP_DEBUG_ANY,
1418 "daemon: connection_init(%ld, %s, %s) failed.\n",
1421 slap_listeners[l]->sl_name );
1427 Statslog( LDAP_DEBUG_STATS,
1428 "daemon: conn=%ld fd=%ld connection from %s (%s) accepted.\n",
1431 slap_listeners[l]->sl_name,
1440 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2,
1441 "slapd_daemon_task: activity on " ));
1443 Debug( LDAP_DEBUG_CONNS, "daemon: activity on:", 0, 0, 0 );
1446 for ( i = 0; i < readfds.fd_count; i++ ) {
1448 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2,
1449 " %d%s", readfds.fd_array[i], "r", 0 ));
1451 Debug( LDAP_DEBUG_CONNS, " %d%s",
1452 readfds.fd_array[i], "r", 0 );
1455 for ( i = 0; i < writefds.fd_count; i++ ) {
1457 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2,
1458 " %d%s", writefds.fd_array[i], "w" ));
1460 Debug( LDAP_DEBUG_CONNS, " %d%s",
1461 writefds.fd_array[i], "w", 0 );
1466 for ( i = 0; i < nfds; i++ ) {
1468 int is_listener = 0;
1470 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
1471 if ( i == slap_listeners[l]->sl_sd ) {
1472 #ifdef LDAP_CONNECTIONLESS
1473 /* The listener is the data port. Don't
1476 if (slap_listeners[l]->sl_is_udp)
1483 if ( is_listener ) {
1486 r = FD_ISSET( i, &readfds );
1487 w = FD_ISSET( i, &writefds );
1490 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2,
1492 r ? "r" : "", w ? "w" : "" ));
1494 Debug( LDAP_DEBUG_CONNS, " %d%s%s", i,
1495 r ? "r" : "", w ? "w" : "" );
1501 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2, "\n" ));
1503 Debug( LDAP_DEBUG_CONNS, "\n", 0, 0, 0 );
1508 /* loop through the writers */
1510 for ( i = 0; i < writefds.fd_count; i++ )
1512 for ( i = 0; i < nfds; i++ )
1516 int is_listener = 0;
1518 wd = writefds.fd_array[i];
1520 if( ! FD_ISSET( i, &writefds ) ) {
1526 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
1527 if ( i == slap_listeners[l]->sl_sd ) {
1528 #ifdef LDAP_CONNECTIONLESS
1529 if (slap_listeners[l]->sl_is_udp)
1536 if ( is_listener ) {
1540 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2,
1541 "slapd_daemon_task: write active on %d\n", wd ));
1543 Debug( LDAP_DEBUG_CONNS,
1544 "daemon: write active on %d\n",
1548 * NOTE: it is possible that the connection was closed
1549 * and that the stream is now inactive.
1550 * connection_write() must valid the stream is still
1554 if ( connection_write( wd ) < 0 ) {
1555 FD_CLR( (unsigned) wd, &readfds );
1561 for ( i = 0; i < readfds.fd_count; i++ )
1563 for ( i = 0; i < nfds; i++ )
1567 int is_listener = 0;
1570 rd = readfds.fd_array[i];
1572 if( ! FD_ISSET( i, &readfds ) ) {
1578 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
1579 if ( rd == slap_listeners[l]->sl_sd ) {
1580 #ifdef LDAP_CONNECTIONLESS
1581 if (slap_listeners[l]->sl_is_udp)
1588 if ( is_listener ) {
1593 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2,
1594 "slapd_daemon_task: read activity on %d\n", rd ));
1596 Debug ( LDAP_DEBUG_CONNS,
1597 "daemon: read activity on %d\n", rd, 0, 0 );
1600 * NOTE: it is possible that the connection was closed
1601 * and that the stream is now inactive.
1602 * connection_read() must valid the stream is still
1606 if ( connection_read( rd ) < 0 ) {
1610 ldap_pvt_thread_yield();
1613 if( slapd_shutdown > 0 ) {
1615 LDAP_LOG(( "connection", LDAP_LEVEL_CRIT,
1616 "slapd_daemon_task: shutdown requested and initiated.\n"));
1618 Debug( LDAP_DEBUG_TRACE,
1619 "daemon: shutdown requested and initiated.\n",
1623 } else if ( slapd_shutdown < 0 ) {
1624 #ifdef HAVE_NT_SERVICE_MANAGER
1625 if (slapd_shutdown == -1)
1628 LDAP_LOG(( "connection", LDAP_LEVEL_CRIT,
1629 "slapd_daemon_task: shutdown initiated by Service Manager.\n"));
1631 Debug( LDAP_DEBUG_TRACE,
1632 "daemon: shutdown initiated by Service Manager.\n",
1640 LDAP_LOG(( "connection", LDAP_LEVEL_CRIT,
1641 "slapd_daemon_task: abnormal condition, shutdown initiated.\n" ));
1643 Debug( LDAP_DEBUG_TRACE,
1644 "daemon: abnormal condition, shutdown initiated.\n",
1650 LDAP_LOG(( "connection", LDAP_LEVEL_CRIT,
1651 "slapd_daemon_task: no active streams, shutdown initiated.\n" ));
1653 Debug( LDAP_DEBUG_TRACE,
1654 "daemon: no active streams, shutdown initiated.\n",
1659 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
1660 if ( slap_listeners[l]->sl_sd != AC_SOCKET_INVALID ) {
1661 #ifdef LDAP_PF_LOCAL
1662 if ( slap_listeners[l]->sl_sa.sa_addr.sa_family == AF_LOCAL ) {
1663 unlink( slap_listeners[l]->sl_sa.sa_un_addr.sun_path );
1665 #endif /* LDAP_PF_LOCAL */
1666 slapd_close( slap_listeners[l]->sl_sd );
1668 if ( slap_listeners[l]->sl_url )
1669 free ( slap_listeners[l]->sl_url );
1670 if ( slap_listeners[l]->sl_name )
1671 free ( slap_listeners[l]->sl_name );
1672 free ( slap_listeners[l] );
1674 free ( slap_listeners );
1675 slap_listeners = NULL;
1678 LDAP_LOG(( "connection", LDAP_LEVEL_CRIT,
1679 "slapd_daemon_task: shutdown waiting for %d threads to terminate.\n",
1680 ldap_pvt_thread_pool_backload(&connection_pool) ));
1682 Debug( LDAP_DEBUG_ANY,
1683 "slapd shutdown: waiting for %d threads to terminate\n",
1684 ldap_pvt_thread_pool_backload(&connection_pool), 0, 0 );
1686 ldap_pvt_thread_pool_destroy(&connection_pool, 1);
1692 int slapd_daemon( void )
1698 #define SLAPD_LISTENER_THREAD 1
1699 #if defined( SLAPD_LISTENER_THREAD )
1701 ldap_pvt_thread_t listener_tid;
1703 /* listener as a separate THREAD */
1704 rc = ldap_pvt_thread_create( &listener_tid,
1705 0, slapd_daemon_task, NULL );
1709 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
1710 "slapd_daemon: listener ldap_pvt_thread_create failed (%d).\n", rc ));
1712 Debug( LDAP_DEBUG_ANY,
1713 "listener ldap_pvt_thread_create failed (%d)\n", rc, 0, 0 );
1718 /* wait for the listener thread to complete */
1719 ldap_pvt_thread_join( listener_tid, (void *) NULL );
1722 /* experimental code */
1723 slapd_daemon_task( NULL );
1732 #if defined( HAVE_WINSOCK2 )
1733 WORD wVersionRequested;
1737 wVersionRequested = MAKEWORD( 2, 0 );
1739 err = WSAStartup( wVersionRequested, &wsaData );
1741 /* Tell the user that we couldn't find a usable */
1746 /* Confirm that the WinSock DLL supports 2.0.*/
1747 /* Note that if the DLL supports versions greater */
1748 /* than 2.0 in addition to 2.0, it will still return */
1749 /* 2.0 in wVersion since that is the version we */
1752 if ( LOBYTE( wsaData.wVersion ) != 2 ||
1753 HIBYTE( wsaData.wVersion ) != 0 )
1755 /* Tell the user that we couldn't find a usable */
1761 /* The WinSock DLL is acceptable. Proceed. */
1762 #elif defined( HAVE_WINSOCK )
1764 if ( WSAStartup( 0x0101, &wsaData ) != 0 ) {
1771 int sockdestroy(void)
1773 #if defined( HAVE_WINSOCK2 ) || defined( HAVE_WINSOCK )
1780 slap_sig_shutdown( int sig )
1783 LDAP_LOG(( "connection", LDAP_LEVEL_CRIT,
1784 "slap_sig_shutdown: signal %d\n", sig ));
1786 Debug(LDAP_DEBUG_TRACE, "slap_sig_shutdown: signal %d\n", sig, 0, 0);
1790 * If the NT Service Manager is controlling the server, we don't
1791 * want SIGBREAK to kill the server. For some strange reason,
1792 * SIGBREAK is generated when a user logs out.
1795 #if HAVE_NT_SERVICE_MANAGER && SIGBREAK
1796 if (is_NT_Service && sig == SIGBREAK)
1798 LDAP_LOG(( "connection", LDAP_LEVEL_CRIT,
1799 "slap_sig_shutdown: SIGBREAK ignored.\n" ));
1801 Debug(LDAP_DEBUG_TRACE, "slap_sig_shutdown: SIGBREAK ignored.\n",
1806 slapd_shutdown = sig;
1810 /* reinstall self */
1811 (void) SIGNAL_REINSTALL( sig, slap_sig_shutdown );
1815 slap_sig_wake( int sig )
1819 /* reinstall self */
1820 (void) SIGNAL_REINSTALL( sig, slap_sig_wake );
1824 void slapd_add_internal(ber_socket_t s) {
1828 Listener ** slapd_get_listeners(void) {
1829 return slap_listeners;