2 * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
3 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
12 #include <ac/signal.h>
13 #include <ac/socket.h>
14 #include <ac/string.h>
16 #include <ac/unistd.h>
19 #include "ldap_defaults.h"
26 int allow_severity = LOG_INFO;
27 int deny_severity = LOG_NOTICE;
28 #endif /* TCP Wrappers */
32 ber_socket_t dtblsize;
34 typedef struct slap_listener {
41 struct sockaddr_in sl_addr;
44 Listener **slap_listeners = NULL;
46 static ber_socket_t wake_sds[2];
48 #define WAKE_LISTENER(w) \
49 do { if (w) tcp_write( wake_sds[1], "0", 1 ); } while(0)
53 extern ldap_pvt_thread_cond_t started_event;
59 volatile sig_atomic_t slapd_shutdown = 0;
61 static ldap_pvt_thread_t listener_tid;
62 static volatile sig_atomic_t slapd_listener = 0;
64 static struct slap_daemon {
65 ldap_pvt_thread_mutex_t sd_mutex;
70 /* In winsock, accept() returns values higher than dtblsize
71 so don't bother with this optimization */
81 * Add a descriptor to daemon control
83 static void slapd_add(ber_socket_t s) {
84 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
86 assert( !FD_ISSET( s, &slap_daemon.sd_actives ));
87 assert( !FD_ISSET( s, &slap_daemon.sd_readers ));
88 assert( !FD_ISSET( s, &slap_daemon.sd_writers ));
91 if (s >= slap_daemon.sd_nfds) {
92 slap_daemon.sd_nfds = s + 1;
96 FD_SET( s, &slap_daemon.sd_actives );
97 FD_SET( s, &slap_daemon.sd_readers );
99 Debug( LDAP_DEBUG_CONNS, "daemon: added %ld%s%s\n",
101 FD_ISSET(s, &slap_daemon.sd_readers) ? "r" : "",
102 FD_ISSET(s, &slap_daemon.sd_writers) ? "w" : "" );
104 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
108 * Remove the descriptor from daemon control
110 void slapd_remove(ber_socket_t s, int wake) {
111 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
113 Debug( LDAP_DEBUG_CONNS, "daemon: removing %ld%s%s\n",
115 FD_ISSET(s, &slap_daemon.sd_readers) ? "r" : "",
116 FD_ISSET(s, &slap_daemon.sd_writers) ? "w" : "" );
118 FD_CLR( s, &slap_daemon.sd_actives );
119 FD_CLR( s, &slap_daemon.sd_readers );
120 FD_CLR( s, &slap_daemon.sd_writers );
122 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
126 void slapd_clr_write(ber_socket_t s, int wake) {
127 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
129 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
130 FD_CLR( s, &slap_daemon.sd_writers );
132 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
136 void slapd_set_write(ber_socket_t s, int wake) {
137 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
139 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
140 FD_SET( (unsigned) s, &slap_daemon.sd_writers );
142 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
146 void slapd_clr_read(ber_socket_t s, int wake) {
147 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
149 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
150 FD_CLR( s, &slap_daemon.sd_readers );
152 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
156 void slapd_set_read(ber_socket_t s, int wake) {
157 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
159 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
160 FD_SET( s, &slap_daemon.sd_readers );
162 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
166 static void slapd_close(ber_socket_t s) {
167 Debug( LDAP_DEBUG_CONNS, "daemon: closing %ld\n",
185 rc = ldap_url_parse( url, &lud );
187 if( rc != LDAP_URL_SUCCESS ) {
188 Debug( LDAP_DEBUG_ANY,
189 "daemon: listen URL \"%s\" parse error=%d\n",
195 if( lud->lud_ldaps ) {
196 Debug( LDAP_DEBUG_ANY,
197 "daemon: TLS not supported (%s)\n",
199 ldap_free_urldesc( lud );
203 if(! lud->lud_port ) {
204 lud->lud_port = port;
208 l.sl_is_tls = lud->lud_ldaps;
210 if(! lud->lud_port ) {
211 lud->lud_port = lud->lud_ldaps ? tls_port : port;
215 port = lud->lud_port;
217 (void) memset( (void*) &l.sl_addr, '\0', sizeof(l.sl_addr) );
219 l.sl_addr.sin_family = AF_INET;
220 l.sl_addr.sin_port = htons( (unsigned short) lud->lud_port );
222 if( lud->lud_host == NULL || lud->lud_host[0] == '\0'
223 || strcmp(lud->lud_host, "*") == 0 )
225 l.sl_addr.sin_addr.s_addr = htonl(INADDR_ANY);
228 /* host or address was specified */
229 if( !inet_aton( lud->lud_host, &l.sl_addr.sin_addr ) ) {
230 struct hostent *he = gethostbyname( lud->lud_host );
232 Debug( LDAP_DEBUG_ANY, "invalid host (%s) in URL: %s",
233 lud->lud_host, url, 0);
234 ldap_free_urldesc( lud );
238 memcpy( &l.sl_addr.sin_addr, he->h_addr,
239 sizeof( l.sl_addr.sin_addr ) );
243 ldap_free_urldesc( lud );
246 if ( (l.sl_sd = socket( AF_INET, SOCK_STREAM, 0 )) == AC_SOCKET_INVALID ) {
247 int err = sock_errno();
248 Debug( LDAP_DEBUG_ANY,
249 "daemon: socket() failed errno=%d (%s)\n", err,
250 sock_errstr(err), 0 );
255 if ( l.sl_sd >= dtblsize ) {
256 Debug( LDAP_DEBUG_ANY,
257 "daemon: listener descriptor %ld is too great %ld\n",
258 (long) l.sl_sd, (long) dtblsize, 0 );
259 tcp_close( l.sl_sd );
265 /* enable address reuse */
267 rc = setsockopt( l.sl_sd, SOL_SOCKET, SO_REUSEADDR,
268 (char *) &tmp, sizeof(tmp) );
269 if ( rc == AC_SOCKET_ERROR ) {
270 int err = sock_errno();
271 Debug( LDAP_DEBUG_ANY,
272 "slapd(%ld): setsockopt(SO_REUSEADDR) failed errno=%d (%s)\n",
273 (long) l.sl_sd, err, sock_errstr(err) );
277 /* enable keep alives */
279 rc = setsockopt( l.sl_sd, SOL_SOCKET, SO_KEEPALIVE,
280 (char *) &tmp, sizeof(tmp) );
281 if ( rc == AC_SOCKET_ERROR ) {
282 int err = sock_errno();
283 Debug( LDAP_DEBUG_ANY,
284 "slapd(%ld): setsockopt(SO_KEEPALIVE) failed errno=%d (%s)\n",
285 (long) l.sl_sd, err, sock_errstr(err) );
289 /* enable no delay */
291 rc = setsockopt( l.sl_sd, IPPROTO_TCP, TCP_NODELAY,
292 (char *)&tmp, sizeof(tmp) );
293 if ( rc == AC_SOCKET_ERROR ) {
294 int err = sock_errno();
295 Debug( LDAP_DEBUG_ANY,
296 "slapd(%ld): setsockopt(TCP_NODELAY) failed errno=%d (%s)\n",
297 (long) l.sl_sd, err, sock_errstr(err) );
301 rc = bind( l.sl_sd, (struct sockaddr *) &l.sl_addr, sizeof(l.sl_addr) );
302 if ( rc == AC_SOCKET_ERROR ) {
303 int err = sock_errno();
304 Debug( LDAP_DEBUG_ANY, "daemon: bind(%ld) failed errno=%d (%s)\n",
305 (long) l.sl_sd, err, sock_errstr(err) );
306 tcp_close( l.sl_sd );
310 l.sl_url = ch_strdup( url );
312 l.sl_name = ch_malloc( sizeof("IP=255.255.255.255:65336") );
313 s = inet_ntoa( l.sl_addr.sin_addr );
314 sprintf( l.sl_name, "IP=%s:%d",
315 s != NULL ? s : "unknown" , port );
317 li = ch_malloc( sizeof( Listener ) );
320 Debug( LDAP_DEBUG_TRACE, "daemon: initialized %s\n",
326 static int sockinit(void);
327 static int sockdestroy(void);
329 int slapd_daemon_init(char *urls, int port, int tls_port )
335 assert( tls_port == 0 );
338 Debug( LDAP_DEBUG_ARGS, "daemon_init: %s (%d/%d)\n",
339 urls ? urls : "<null>", port, tls_port );
341 if( rc = sockinit() ) {
346 dtblsize = sysconf( _SC_OPEN_MAX );
347 #elif HAVE_GETDTABLESIZE
348 dtblsize = getdtablesize();
350 dtblsize = FD_SETSIZE;
354 if(dtblsize > FD_SETSIZE) {
355 dtblsize = FD_SETSIZE;
357 #endif /* !FD_SETSIZE */
359 /* open a pipe (or something equivalent connected to itself).
360 * we write a byte on this fd whenever we catch a signal. The main
361 * loop will be select'ing on this socket, and will wake up when
364 if( (rc = lutil_pair( wake_sds )) < 0 ) {
365 Debug( LDAP_DEBUG_ANY,
366 "daemon: lutil_pair() failed rc=%d\n", rc, 0, 0 );
370 FD_ZERO( &slap_daemon.sd_readers );
371 FD_ZERO( &slap_daemon.sd_writers );
377 u = str2charray( urls, " " );
379 if( u == NULL || u[0] == NULL ) {
380 Debug( LDAP_DEBUG_ANY, "daemon_init: no urls (%s) provided.\n",
386 for( i=0; u[i] != NULL; i++ ) {
387 Debug( LDAP_DEBUG_TRACE, "daemon_init: listen on %s\n",
392 Debug( LDAP_DEBUG_ANY, "daemon_init: no listeners to open (%s)\n",
398 Debug( LDAP_DEBUG_TRACE, "daemon_init: %d listeners to open...\n",
401 slap_listeners = ch_malloc( (i+1)*sizeof(Listener *) );
403 for(i = 0; u[i] != NULL; i++ ) {
404 slap_listeners[i] = open_listener( u[i], port, tls_port );
406 if( slap_listeners[i] == NULL ) {
411 slap_listeners[i] = NULL;
413 Debug( LDAP_DEBUG_TRACE, "daemon_init: %d listeners opened\n",
417 ldap_pvt_thread_mutex_init( &slap_daemon.sd_mutex );
423 slapd_daemon_destroy(void)
425 connections_destroy();
426 tcp_close( wake_sds[1] );
427 tcp_close( wake_sds[0] );
439 time_t last_idle_check = slap_get_time();
442 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
443 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
446 if ( listen( slap_listeners[l]->sl_sd, 5 ) == -1 ) {
447 int err = sock_errno();
448 Debug( LDAP_DEBUG_ANY,
449 "daemon: listen(%s, 5) failed errno=%d (%s)\n",
450 (long) slap_listeners[l]->sl_url, err,
455 slapd_add( slap_listeners[l]->sl_sd );
459 if ( started_event != NULL ) {
460 ldap_pvt_thread_cond_signal( &started_event );
463 /* initialization complete. Here comes the loop. */
465 while ( !slapd_shutdown ) {
470 #define SLAPD_EBADF_LIMIT 10
473 #define SLAPD_IDLE_CHECK_LIMIT 4
474 time_t now = slap_get_time();
480 struct sockaddr_in from;
481 #if defined(SLAPD_RLOOKUPS) || defined(HAVE_TCPD)
487 if( global_idletimeout > 0 && difftime(
488 last_idle_check+global_idletimeout/SLAPD_IDLE_CHECK_LIMIT,
491 connections_timeout_idle(now);
494 FD_ZERO( &writefds );
500 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
502 #ifdef FD_SET_MANUAL_COPY
503 for( s = 0; s < nfds; s++ ) {
504 if(FD_ISSET( &slap_sd_readers, s )) {
505 FD_SET( s, &readfds );
507 if(FD_ISSET( &slap_sd_writers, s )) {
508 FD_SET( s, &writefds );
512 memcpy( &readfds, &slap_daemon.sd_readers, sizeof(fd_set) );
513 memcpy( &writefds, &slap_daemon.sd_writers, sizeof(fd_set) );
515 FD_SET( wake_sds[0], &readfds );
517 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
518 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
520 FD_SET( slap_listeners[l]->sl_sd, &readfds );
524 nfds = slap_daemon.sd_nfds;
529 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
531 ldap_pvt_thread_mutex_lock( &active_threads_mutex );
533 ldap_pvt_thread_mutex_unlock( &active_threads_mutex );
535 #if defined( HAVE_YIELDING_SELECT ) || defined( NO_THREADS )
538 tvp = at ? &zero : NULL;
541 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
542 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
545 Debug( LDAP_DEBUG_CONNS,
546 "daemon: select: listen=%d active_threads=%d tvp=%s\n",
547 slap_listeners[l]->sl_sd, at,
548 tvp == NULL ? "NULL" : "zero" );
551 switch(ns = select( nfds, &readfds,
553 /* don't pass empty fd_set */
554 ( writefds.fd_count > 0 ? &writefds : NULL ),
560 case -1: { /* failure - try again */
561 int err = sock_errno();
563 if( err == EBADF && ++ebadf < SLAPD_EBADF_LIMIT) {
568 Debug( LDAP_DEBUG_CONNS,
569 "daemon: select failed (%d): %s\n",
570 err, sock_errstr(err), 0 );
577 case 0: /* timeout - let threads run */
579 Debug( LDAP_DEBUG_CONNS, "daemon: select timeout - yielding\n",
581 ldap_pvt_thread_yield();
584 default: /* something happened - deal with it */
586 Debug( LDAP_DEBUG_CONNS, "daemon: activity on %d descriptors\n",
591 if( FD_ISSET( wake_sds[0], &readfds ) ) {
593 tcp_read( wake_sds[0], &c, 1 );
597 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
599 socklen_t len = sizeof(from);
605 char peername[sizeof("IP=255.255.255.255:65336")];
607 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
610 if ( !FD_ISSET( slap_listeners[l]->sl_sd, &readfds ) )
613 if ( (s = accept( slap_listeners[l]->sl_sd,
614 (struct sockaddr *) &from, &len )) == AC_SOCKET_INVALID )
616 int err = sock_errno();
617 Debug( LDAP_DEBUG_ANY,
618 "daemon: accept(%ld) failed errno=%d (%s)\n",
619 (long) slap_listeners[l]->sl_sd, err,
625 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
627 /* newly accepted stream should not be in any of the FD SETS */
629 assert( !FD_ISSET( s, &slap_daemon.sd_actives) );
630 assert( !FD_ISSET( s, &slap_daemon.sd_readers) );
631 assert( !FD_ISSET( s, &slap_daemon.sd_writers) );
633 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
637 /* make sure descriptor number isn't too great */
638 if ( s >= dtblsize ) {
639 Debug( LDAP_DEBUG_ANY,
640 "daemon: %ld beyond descriptor table size %ld\n",
641 (long) s, (long) dtblsize, 0 );
647 Debug( LDAP_DEBUG_CONNS, "daemon: new connection on %ld\n",
652 if ( getpeername( s, (struct sockaddr *) &from, &len ) != 0 ) {
653 int err = sock_errno();
654 Debug( LDAP_DEBUG_ANY,
655 "daemon: getpeername( %ld ) failed: errno=%d (%s)\n",
656 (long) s, err, sock_errstr(err) );
661 peeraddr = inet_ntoa( from.sin_addr );
662 sprintf( peername, "IP=%s:%d",
663 peeraddr != NULL ? peeraddr : "unknown",
664 (unsigned) ntohs( from.sin_port ) );
666 #if defined(SLAPD_RLOOKUPS) || defined(HAVE_TCPD)
667 hp = gethostbyaddr( (char *)
668 &(from.sin_addr.s_addr),
669 sizeof(from.sin_addr.s_addr), AF_INET );
672 dnsname = ldap_pvt_str2lower( hp->h_name );
682 if( !hosts_ctl("slapd",
683 dnsname != NULL ? dnsname : STRING_UNKNOWN,
684 peeraddr != NULL ? peeraddr : STRING_UNKNOWN,
688 Statslog( LDAP_DEBUG_ANY,
689 "fd=%ld connection from %s (%s) denied.\n",
691 dnsname != NULL ? dnsname : "unknown",
692 peeraddr != NULL ? peeraddr : "unknown",
698 #endif /* HAVE_TCPD */
700 if( (id = connection_init(s,
701 slap_listeners[l]->sl_url,
702 dnsname != NULL ? dnsname : "unknown",
704 slap_listeners[l]->sl_name,
706 slap_listeners[l]->sl_is_tls
712 Debug( LDAP_DEBUG_ANY,
713 "daemon: connection_init(%ld, %s, %s) failed.\n",
716 slap_listeners[l]->sl_name );
721 Statslog( LDAP_DEBUG_STATS,
722 "daemon: conn=%ld fd=%ld connection from %s (%s) accepted.\n",
725 slap_listeners[l]->sl_name,
733 Debug( LDAP_DEBUG_CONNS, "daemon: activity on:", 0, 0, 0 );
735 for ( i = 0; i < readfds.fd_count; i++ ) {
736 Debug( LDAP_DEBUG_CONNS, " %d%s",
737 readfds.fd_array[i], "r", 0 );
739 for ( i = 0; i < writefds.fd_count; i++ ) {
740 Debug( LDAP_DEBUG_CONNS, " %d%s",
741 writefds.fd_array[i], "w", 0 );
744 for ( i = 0; i < nfds; i++ ) {
748 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
749 if ( i == slap_listeners[l]->sl_sd ) {
757 r = FD_ISSET( i, &readfds );
758 w = FD_ISSET( i, &writefds );
760 Debug( LDAP_DEBUG_CONNS, " %d%s%s", i,
761 r ? "r" : "", w ? "w" : "" );
765 Debug( LDAP_DEBUG_CONNS, "\n", 0, 0, 0 );
768 /* loop through the writers */
770 for ( i = 0; i < writefds.fd_count; i++ )
772 for ( i = 0; i < nfds; i++ )
778 wd = writefds.fd_array[i];
780 if( ! FD_ISSET( i, &writefds ) ) {
786 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
787 if ( i == slap_listeners[l]->sl_sd ) {
795 Debug( LDAP_DEBUG_CONNS,
796 "daemon: write active on %d\n",
800 * NOTE: it is possible that the connection was closed
801 * and that the stream is now inactive.
802 * connection_write() must valid the stream is still
806 if ( connection_write( wd ) < 0 ) {
807 FD_CLR( (unsigned) wd, &readfds );
813 for ( i = 0; i < readfds.fd_count; i++ )
815 for ( i = 0; i < nfds; i++ )
822 rd = readfds.fd_array[i];
824 if( ! FD_ISSET( i, &readfds ) ) {
830 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
831 if ( rd == slap_listeners[l]->sl_sd ) {
840 Debug ( LDAP_DEBUG_CONNS,
841 "daemon: read activity on %d\n", rd, 0, 0 );
844 * NOTE: it is possible that the connection was closed
845 * and that the stream is now inactive.
846 * connection_read() must valid the stream is still
850 if ( connection_read( rd ) < 0 ) {
854 ldap_pvt_thread_yield();
857 if( slapd_shutdown > 0 ) {
858 Debug( LDAP_DEBUG_TRACE,
859 "daemon: shutdown requested and initiated.\n",
862 } else if ( slapd_shutdown < 0 ) {
863 Debug( LDAP_DEBUG_TRACE,
864 "daemon: abnormal condition, shutdown initiated.\n",
867 Debug( LDAP_DEBUG_TRACE,
868 "daemon: no active streams, shutdown initiated.\n",
872 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
873 if ( slap_listeners[l]->sl_sd != AC_SOCKET_INVALID ) {
874 slapd_close( slap_listeners[l]->sl_sd );
879 ldap_pvt_thread_mutex_lock( &active_threads_mutex );
880 Debug( LDAP_DEBUG_ANY,
881 "slapd shutdown: waiting for %d threads to terminate\n",
882 active_threads, 0, 0 );
883 while ( active_threads > 0 ) {
884 ldap_pvt_thread_cond_wait(&active_threads_cond, &active_threads_mutex);
886 ldap_pvt_thread_mutex_unlock( &active_threads_mutex );
892 int slapd_daemon( void )
898 #define SLAPD_LISTENER_THREAD 1
899 #if defined( SLAPD_LISTENER_THREAD ) || !defined(HAVE_PTHREADS)
901 /* listener as a separate THREAD */
902 rc = ldap_pvt_thread_create( &listener_tid,
903 0, slapd_daemon_task, NULL );
906 Debug( LDAP_DEBUG_ANY,
907 "listener ldap_pvt_thread_create failed (%d)\n", rc, 0, 0 );
911 /* wait for the listener thread to complete */
912 ldap_pvt_thread_join( listener_tid, (void *) NULL );
914 /* expermimental code */
915 listener_tid = pthread_self();
916 slapd_daemon_task( NULL );
926 WORD wVersionRequested;
930 wVersionRequested = MAKEWORD( 2, 0 );
932 err = WSAStartup( wVersionRequested, &wsaData );
934 /* Tell the user that we couldn't find a usable */
939 /* Confirm that the WinSock DLL supports 2.0.*/
940 /* Note that if the DLL supports versions greater */
941 /* than 2.0 in addition to 2.0, it will still return */
942 /* 2.0 in wVersion since that is the version we */
945 if ( LOBYTE( wsaData.wVersion ) != 2 ||
946 HIBYTE( wsaData.wVersion ) != 0 )
948 /* Tell the user that we couldn't find a usable */
954 /* The WinSock DLL is acceptable. Proceed. */
958 int sockdestroy(void)
965 static int sockinit(void)
968 if ( WSAStartup( 0x0101, &wsaData ) != 0 ) {
973 static int sockdestroy(void)
980 static int sockinit(void)
984 static int sockdestroy(void)
991 slap_sig_shutdown( int sig )
993 slapd_shutdown = sig;
997 (void) SIGNAL( sig, slap_sig_shutdown );
1001 slap_sig_wake( int sig )
1005 /* reinstall self */
1006 (void) SIGNAL( sig, slap_sig_wake );