2 * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
3 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
12 #include <ac/signal.h>
13 #include <ac/socket.h>
14 #include <ac/string.h>
16 #include <ac/unistd.h>
19 #include "ldap_defaults.h"
26 int allow_severity = LOG_INFO;
27 int deny_severity = LOG_NOTICE;
28 #endif /* TCP Wrappers */
32 ber_socket_t dtblsize;
34 typedef struct slap_listener {
41 struct sockaddr_in sl_addr;
44 Listener **slap_listeners = NULL;
46 static ber_socket_t wake_sds[2];
48 #define WAKE_LISTENER(w) \
49 do { if (w) tcp_write( wake_sds[1], "0", 1 ); } while(0)
53 extern ldap_pvt_thread_cond_t started_event;
59 volatile sig_atomic_t slapd_shutdown = 0;
61 static ldap_pvt_thread_t listener_tid;
62 static volatile sig_atomic_t slapd_listener = 0;
64 static struct slap_daemon {
65 ldap_pvt_thread_mutex_t sd_mutex;
70 /* In winsock, accept() returns values higher than dtblsize
71 so don't bother with this optimization */
81 * Add a descriptor to daemon control
83 static void slapd_add(ber_socket_t s) {
84 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
86 assert( !FD_ISSET( s, &slap_daemon.sd_actives ));
87 assert( !FD_ISSET( s, &slap_daemon.sd_readers ));
88 assert( !FD_ISSET( s, &slap_daemon.sd_writers ));
91 if (s >= slap_daemon.sd_nfds) {
92 slap_daemon.sd_nfds = s + 1;
96 FD_SET( s, &slap_daemon.sd_actives );
97 FD_SET( s, &slap_daemon.sd_readers );
99 Debug( LDAP_DEBUG_CONNS, "daemon: added %ld%s%s\n",
101 FD_ISSET(s, &slap_daemon.sd_readers) ? "r" : "",
102 FD_ISSET(s, &slap_daemon.sd_writers) ? "w" : "" );
104 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
108 * Remove the descriptor from daemon control
110 void slapd_remove(ber_socket_t s, int wake) {
111 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
113 Debug( LDAP_DEBUG_CONNS, "daemon: removing %ld%s%s\n",
115 FD_ISSET(s, &slap_daemon.sd_readers) ? "r" : "",
116 FD_ISSET(s, &slap_daemon.sd_writers) ? "w" : "" );
118 FD_CLR( s, &slap_daemon.sd_actives );
119 FD_CLR( s, &slap_daemon.sd_readers );
120 FD_CLR( s, &slap_daemon.sd_writers );
122 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
126 void slapd_clr_write(ber_socket_t s, int wake) {
127 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
129 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
130 FD_CLR( s, &slap_daemon.sd_writers );
132 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
136 void slapd_set_write(ber_socket_t s, int wake) {
137 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
139 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
140 FD_SET( (unsigned) s, &slap_daemon.sd_writers );
142 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
146 void slapd_clr_read(ber_socket_t s, int wake) {
147 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
149 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
150 FD_CLR( s, &slap_daemon.sd_readers );
152 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
156 void slapd_set_read(ber_socket_t s, int wake) {
157 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
159 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
160 FD_SET( s, &slap_daemon.sd_readers );
162 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
166 static void slapd_close(ber_socket_t s) {
167 Debug( LDAP_DEBUG_CONNS, "daemon: closing %ld\n",
185 rc = ldap_url_parse( url, &lud );
187 if( rc != LDAP_URL_SUCCESS ) {
188 Debug( LDAP_DEBUG_ANY,
189 "daemon: listen URL \"%s\" parse error=%d\n",
195 if( lud->lud_ldaps ) {
196 Debug( LDAP_DEBUG_ANY,
197 "daemon: TLS not supported (%s)\n",
199 ldap_free_urldesc( lud );
203 if(! lud->lud_port ) {
204 lud->lud_port = port;
208 l.sl_is_tls = lud->lud_ldaps;
210 if(! lud->lud_port ) {
211 lud->lud_port = lud->lud_ldaps ? tls_port : port;
215 port = lud->lud_port;
217 (void) memset( (void*) &l.sl_addr, '\0', sizeof(l.sl_addr) );
219 l.sl_addr.sin_family = AF_INET;
220 l.sl_addr.sin_port = htons( (unsigned short) lud->lud_port );
222 if( lud->lud_host == NULL || lud->lud_host[0] == '\0'
223 || strcmp(lud->lud_host, "*") == 0 )
225 l.sl_addr.sin_addr.s_addr = htonl(INADDR_ANY);
228 /* host or address was specified */
229 if( !inet_aton( lud->lud_host, &l.sl_addr.sin_addr ) ) {
230 struct hostent *he = gethostbyname( lud->lud_host );
232 Debug( LDAP_DEBUG_ANY, "invalid host (%s) in URL: %s",
233 lud->lud_host, url, 0);
234 ldap_free_urldesc( lud );
238 memcpy( &l.sl_addr.sin_addr, he->h_addr,
239 sizeof( l.sl_addr.sin_addr ) );
243 ldap_free_urldesc( lud );
246 if ( (l.sl_sd = socket( AF_INET, SOCK_STREAM, 0 )) == AC_SOCKET_INVALID ) {
247 int err = sock_errno();
248 Debug( LDAP_DEBUG_ANY,
249 "daemon: socket() failed errno=%d (%s)\n", err,
250 sock_errstr(err), 0 );
255 if ( l.sl_sd >= dtblsize ) {
256 Debug( LDAP_DEBUG_ANY,
257 "daemon: listener descriptor %ld is too great %ld\n",
258 (long) l.sl_sd, (long) dtblsize, 0 );
259 tcp_close( l.sl_sd );
265 /* enable address reuse */
267 rc = setsockopt( l.sl_sd, SOL_SOCKET, SO_REUSEADDR,
268 (char *) &tmp, sizeof(tmp) );
269 if ( rc == AC_SOCKET_ERROR ) {
270 int err = sock_errno();
271 Debug( LDAP_DEBUG_ANY,
272 "slapd(%ld): setsockopt(SO_REUSEADDR) failed errno=%d (%s)\n",
273 (long) l.sl_sd, err, sock_errstr(err) );
277 /* enable keep alives */
279 rc = setsockopt( l.sl_sd, SOL_SOCKET, SO_KEEPALIVE,
280 (char *) &tmp, sizeof(tmp) );
281 if ( rc == AC_SOCKET_ERROR ) {
282 int err = sock_errno();
283 Debug( LDAP_DEBUG_ANY,
284 "slapd(%ld): setsockopt(SO_KEEPALIVE) failed errno=%d (%s)\n",
285 (long) l.sl_sd, err, sock_errstr(err) );
289 /* enable no delay */
291 rc = setsockopt( l.sl_sd, IPPROTO_TCP, TCP_NODELAY,
292 (char *)&tmp, sizeof(tmp) );
293 if ( rc == AC_SOCKET_ERROR ) {
294 int err = sock_errno();
295 Debug( LDAP_DEBUG_ANY,
296 "slapd(%ld): setsockopt(TCP_NODELAY) failed errno=%d (%s)\n",
297 (long) l.sl_sd, err, sock_errstr(err) );
301 rc = bind( l.sl_sd, (struct sockaddr *) &l.sl_addr, sizeof(l.sl_addr) );
302 if ( rc == AC_SOCKET_ERROR ) {
303 int err = sock_errno();
304 Debug( LDAP_DEBUG_ANY, "daemon: bind(%ld) failed errno=%d (%s)\n",
305 (long) l.sl_sd, err, sock_errstr(err) );
306 tcp_close( l.sl_sd );
310 l.sl_url = ch_strdup( url );
312 l.sl_name = ch_malloc( sizeof("IP=255.255.255.255:65336") );
313 s = inet_ntoa( l.sl_addr.sin_addr );
314 sprintf( l.sl_name, "IP=%s:%d",
315 s != NULL ? s : "unknown" , port );
317 li = ch_malloc( sizeof( Listener ) );
320 Debug( LDAP_DEBUG_TRACE, "daemon: initialized %s\n",
326 static int sockinit(void);
327 static int sockdestroy(void);
329 int slapd_daemon_init(char *urls, int port, int tls_port )
335 assert( tls_port == 0 );
338 Debug( LDAP_DEBUG_ARGS, "daemon_init: %s (%d/%d)\n",
339 urls ? urls : "<null>", port, tls_port );
341 if( rc = sockinit() ) {
346 dtblsize = sysconf( _SC_OPEN_MAX );
347 #elif HAVE_GETDTABLESIZE
348 dtblsize = getdtablesize();
350 dtblsize = FD_SETSIZE;
354 if(dtblsize > FD_SETSIZE) {
355 dtblsize = FD_SETSIZE;
357 #endif /* !FD_SETSIZE */
359 /* open a pipe (or something equivalent connected to itself).
360 * we write a byte on this fd whenever we catch a signal. The main
361 * loop will be select'ing on this socket, and will wake up when
364 if( (rc = lutil_pair( wake_sds )) < 0 ) {
365 Debug( LDAP_DEBUG_ANY,
366 "daemon: lutil_pair() failed rc=%d\n", rc, 0, 0 );
370 FD_ZERO( &slap_daemon.sd_readers );
371 FD_ZERO( &slap_daemon.sd_writers );
377 u = str2charray( urls, " " );
379 if( u == NULL || u[0] == NULL ) {
380 Debug( LDAP_DEBUG_ANY, "daemon_init: no urls (%s) provided.\n",
386 for( i=0; u[i] != NULL; i++ ) {
387 Debug( LDAP_DEBUG_TRACE, "daemon_init: listen on %s\n",
392 Debug( LDAP_DEBUG_ANY, "daemon_init: no listeners to open (%s)\n",
398 Debug( LDAP_DEBUG_TRACE, "daemon_init: %d listeners to open...\n",
401 slap_listeners = ch_malloc( (i+1)*sizeof(Listener *) );
403 for(i = 0; u[i] != NULL; i++ ) {
404 slap_listeners[i] = open_listener( u[i], port, tls_port );
406 if( slap_listeners[i] == NULL ) {
411 slap_listeners[i] = NULL;
413 Debug( LDAP_DEBUG_TRACE, "daemon_init: %d listeners opened\n",
417 ldap_pvt_thread_mutex_init( &slap_daemon.sd_mutex );
423 slapd_daemon_destroy(void)
425 connections_destroy();
426 tcp_close( wake_sds[1] );
427 tcp_close( wake_sds[0] );
442 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
443 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
446 if ( listen( slap_listeners[l]->sl_sd, 5 ) == -1 ) {
447 int err = sock_errno();
448 Debug( LDAP_DEBUG_ANY,
449 "daemon: listen(%s, 5) failed errno=%d (%s)\n",
450 (long) slap_listeners[l]->sl_url, err,
455 slapd_add( slap_listeners[l]->sl_sd );
459 if ( started_event != NULL ) {
460 ldap_pvt_thread_cond_signal( &started_event );
463 /* initialization complete. Here comes the loop. */
465 while ( !slapd_shutdown ) {
470 #define SLAPD_EBADF_LIMIT 10
473 #define SLAPD_IDLE_CHECK_LIMIT 4
474 time_t last_idle_check = slap_get_time();
481 struct sockaddr_in from;
482 #if defined(SLAPD_RLOOKUPS) || defined(HAVE_TCPD)
488 if( global_idletimeout > 0 && difftime(
489 last_idle_check+global_idletimeout/SLAPD_IDLE_CHECK_LIMIT,
492 connections_timeout_idle(now);
495 FD_ZERO( &writefds );
501 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
503 #ifdef FD_SET_MANUAL_COPY
504 for( s = 0; s < nfds; s++ ) {
505 if(FD_ISSET( &slap_sd_readers, s )) {
506 FD_SET( s, &readfds );
508 if(FD_ISSET( &slap_sd_writers, s )) {
509 FD_SET( s, &writefds );
513 memcpy( &readfds, &slap_daemon.sd_readers, sizeof(fd_set) );
514 memcpy( &writefds, &slap_daemon.sd_writers, sizeof(fd_set) );
516 FD_SET( wake_sds[0], &readfds );
518 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
519 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
521 FD_SET( slap_listeners[l]->sl_sd, &readfds );
525 nfds = slap_daemon.sd_nfds;
530 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
532 ldap_pvt_thread_mutex_lock( &active_threads_mutex );
534 ldap_pvt_thread_mutex_unlock( &active_threads_mutex );
536 #if defined( HAVE_YIELDING_SELECT ) || defined( NO_THREADS )
539 tvp = at ? &zero : NULL;
542 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
543 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
546 Debug( LDAP_DEBUG_CONNS,
547 "daemon: select: listen=%d active_threads=%d tvp=%s\n",
548 slap_listeners[l]->sl_sd, at,
549 tvp == NULL ? "NULL" : "zero" );
552 switch(ns = select( nfds, &readfds,
554 /* don't pass empty fd_set */
555 ( writefds.fd_count > 0 ? &writefds : NULL ),
561 case -1: { /* failure - try again */
562 int err = sock_errno();
564 if( err == EBADF && ++ebadf < SLAPD_EBADF_LIMIT) {
569 Debug( LDAP_DEBUG_CONNS,
570 "daemon: select failed (%d): %s\n",
571 err, sock_errstr(err), 0 );
578 case 0: /* timeout - let threads run */
580 Debug( LDAP_DEBUG_CONNS, "daemon: select timeout - yielding\n",
582 ldap_pvt_thread_yield();
585 default: /* something happened - deal with it */
587 Debug( LDAP_DEBUG_CONNS, "daemon: activity on %d descriptors\n",
592 if( FD_ISSET( wake_sds[0], &readfds ) ) {
594 tcp_read( wake_sds[0], &c, 1 );
598 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
600 socklen_t len = sizeof(from);
606 char peername[sizeof("IP=255.255.255.255:65336")];
608 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
611 if ( !FD_ISSET( slap_listeners[l]->sl_sd, &readfds ) )
614 if ( (s = accept( slap_listeners[l]->sl_sd,
615 (struct sockaddr *) &from, &len )) == AC_SOCKET_INVALID )
617 int err = sock_errno();
618 Debug( LDAP_DEBUG_ANY,
619 "daemon: accept(%ld) failed errno=%d (%s)\n",
620 (long) slap_listeners[l]->sl_sd, err,
626 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
628 /* newly accepted stream should not be in any of the FD SETS */
630 assert( !FD_ISSET( s, &slap_daemon.sd_actives) );
631 assert( !FD_ISSET( s, &slap_daemon.sd_readers) );
632 assert( !FD_ISSET( s, &slap_daemon.sd_writers) );
634 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
638 /* make sure descriptor number isn't too great */
639 if ( s >= dtblsize ) {
640 Debug( LDAP_DEBUG_ANY,
641 "daemon: %ld beyond descriptor table size %ld\n",
642 (long) s, (long) dtblsize, 0 );
648 Debug( LDAP_DEBUG_CONNS, "daemon: new connection on %ld\n",
653 if ( getpeername( s, (struct sockaddr *) &from, &len ) != 0 ) {
654 int err = sock_errno();
655 Debug( LDAP_DEBUG_ANY,
656 "daemon: getpeername( %ld ) failed: errno=%d (%s)\n",
657 (long) s, err, sock_errstr(err) );
662 peeraddr = inet_ntoa( from.sin_addr );
663 sprintf( peername, "IP=%s:%d",
664 peeraddr != NULL ? peeraddr : "unknown",
665 (unsigned) ntohs( from.sin_port ) );
667 #if defined(SLAPD_RLOOKUPS) || defined(HAVE_TCPD)
668 hp = gethostbyaddr( (char *)
669 &(from.sin_addr.s_addr),
670 sizeof(from.sin_addr.s_addr), AF_INET );
673 dnsname = ldap_pvt_str2lower( hp->h_name );
683 if( !hosts_ctl("slapd",
684 dnsname != NULL ? dnsname : STRING_UNKNOWN,
685 peeraddr != NULL ? peeraddr : STRING_UNKNOWN,
689 Statslog( LDAP_DEBUG_ANY,
690 "fd=%ld connection from %s (%s) denied.\n",
692 dnsname != NULL ? dnsname : "unknown",
693 peeraddr != NULL ? peeraddr : "unknown",
699 #endif /* HAVE_TCPD */
701 if( (id = connection_init(s,
702 slap_listeners[l]->sl_url,
703 dnsname != NULL ? dnsname : "unknown",
705 slap_listeners[l]->sl_name,
707 slap_listeners[l]->sl_is_tls
713 Debug( LDAP_DEBUG_ANY,
714 "daemon: connection_init(%ld, %s, %s) failed.\n",
717 slap_listeners[l]->sl_name );
722 Statslog( LDAP_DEBUG_STATS,
723 "daemon: conn=%ld fd=%ld connection from %s (%s) accepted.\n",
726 slap_listeners[l]->sl_name,
734 Debug( LDAP_DEBUG_CONNS, "daemon: activity on:", 0, 0, 0 );
736 for ( i = 0; i < readfds.fd_count; i++ ) {
737 Debug( LDAP_DEBUG_CONNS, " %d%s",
738 readfds.fd_array[i], "r", 0 );
740 for ( i = 0; i < writefds.fd_count; i++ ) {
741 Debug( LDAP_DEBUG_CONNS, " %d%s",
742 writefds.fd_array[i], "w", 0 );
745 for ( i = 0; i < nfds; i++ ) {
749 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
750 if ( i == slap_listeners[l]->sl_sd ) {
758 r = FD_ISSET( i, &readfds );
759 w = FD_ISSET( i, &writefds );
761 Debug( LDAP_DEBUG_CONNS, " %d%s%s", i,
762 r ? "r" : "", w ? "w" : "" );
766 Debug( LDAP_DEBUG_CONNS, "\n", 0, 0, 0 );
769 /* loop through the writers */
771 for ( i = 0; i < writefds.fd_count; i++ )
773 for ( i = 0; i < nfds; i++ )
779 wd = writefds.fd_array[i];
781 if( ! FD_ISSET( i, &writefds ) ) {
787 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
788 if ( i == slap_listeners[l]->sl_sd ) {
796 Debug( LDAP_DEBUG_CONNS,
797 "daemon: write active on %d\n",
801 * NOTE: it is possible that the connection was closed
802 * and that the stream is now inactive.
803 * connection_write() must valid the stream is still
807 if ( connection_write( wd ) < 0 ) {
808 FD_CLR( (unsigned) wd, &readfds );
814 for ( i = 0; i < readfds.fd_count; i++ )
816 for ( i = 0; i < nfds; i++ )
823 rd = readfds.fd_array[i];
825 if( ! FD_ISSET( i, &readfds ) ) {
831 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
832 if ( rd == slap_listeners[l]->sl_sd ) {
841 Debug ( LDAP_DEBUG_CONNS,
842 "daemon: read activity on %d\n", rd, 0, 0 );
845 * NOTE: it is possible that the connection was closed
846 * and that the stream is now inactive.
847 * connection_read() must valid the stream is still
851 if ( connection_read( rd ) < 0 ) {
855 ldap_pvt_thread_yield();
858 if( slapd_shutdown > 0 ) {
859 Debug( LDAP_DEBUG_TRACE,
860 "daemon: shutdown requested and initiated.\n",
863 } else if ( slapd_shutdown < 0 ) {
864 Debug( LDAP_DEBUG_TRACE,
865 "daemon: abnormal condition, shutdown initiated.\n",
868 Debug( LDAP_DEBUG_TRACE,
869 "daemon: no active streams, shutdown initiated.\n",
873 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
874 if ( slap_listeners[l]->sl_sd != AC_SOCKET_INVALID ) {
875 slapd_close( slap_listeners[l]->sl_sd );
880 ldap_pvt_thread_mutex_lock( &active_threads_mutex );
881 Debug( LDAP_DEBUG_ANY,
882 "slapd shutdown: waiting for %d threads to terminate\n",
883 active_threads, 0, 0 );
884 while ( active_threads > 0 ) {
885 ldap_pvt_thread_cond_wait(&active_threads_cond, &active_threads_mutex);
887 ldap_pvt_thread_mutex_unlock( &active_threads_mutex );
893 int slapd_daemon( void )
899 #define SLAPD_LISTENER_THREAD 1
900 #if defined( SLAPD_LISTENER_THREAD ) || !defined(HAVE_PTHREADS)
902 /* listener as a separate THREAD */
903 rc = ldap_pvt_thread_create( &listener_tid,
904 0, slapd_daemon_task, NULL );
907 Debug( LDAP_DEBUG_ANY,
908 "listener ldap_pvt_thread_create failed (%d)\n", rc, 0, 0 );
912 /* wait for the listener thread to complete */
913 ldap_pvt_thread_join( listener_tid, (void *) NULL );
915 /* expermimental code */
916 listener_tid = pthread_self();
917 slapd_daemon_task( NULL );
927 WORD wVersionRequested;
931 wVersionRequested = MAKEWORD( 2, 0 );
933 err = WSAStartup( wVersionRequested, &wsaData );
935 /* Tell the user that we couldn't find a usable */
940 /* Confirm that the WinSock DLL supports 2.0.*/
941 /* Note that if the DLL supports versions greater */
942 /* than 2.0 in addition to 2.0, it will still return */
943 /* 2.0 in wVersion since that is the version we */
946 if ( LOBYTE( wsaData.wVersion ) != 2 ||
947 HIBYTE( wsaData.wVersion ) != 0 )
949 /* Tell the user that we couldn't find a usable */
955 /* The WinSock DLL is acceptable. Proceed. */
959 int sockdestroy(void)
966 static int sockinit(void)
969 if ( WSAStartup( 0x0101, &wsaData ) != 0 ) {
974 static int sockdestroy(void)
981 static int sockinit(void)
985 static int sockdestroy(void)
992 slap_sig_shutdown( int sig )
994 slapd_shutdown = sig;
998 (void) SIGNAL( sig, slap_sig_shutdown );
1002 slap_sig_wake( int sig )
1006 /* reinstall self */
1007 (void) SIGNAL( sig, slap_sig_wake );