3 * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
13 #include <ac/signal.h>
14 #include <ac/socket.h>
15 #include <ac/string.h>
17 #include <ac/unistd.h>
26 int allow_severity = LOG_INFO;
27 int deny_severity = LOG_NOTICE;
28 #endif /* TCP Wrappers */
32 ber_socket_t dtblsize;
34 typedef struct slap_listener {
41 struct sockaddr_in sl_addr;
44 Listener **slap_listeners = NULL;
46 static ber_socket_t wake_sds[2];
48 #define WAKE_LISTENER(w) \
49 do { if (w) tcp_write( wake_sds[1], "0", 1 ); } while(0)
53 extern ldap_pvt_thread_cond_t started_event;
59 volatile sig_atomic_t slapd_shutdown = 0;
61 static ldap_pvt_thread_t listener_tid;
63 static struct slap_daemon {
64 ldap_pvt_thread_mutex_t sd_mutex;
69 /* In winsock, accept() returns values higher than dtblsize
70 so don't bother with this optimization */
80 * Add a descriptor to daemon control
82 static void slapd_add(ber_socket_t s) {
83 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
85 assert( !FD_ISSET( s, &slap_daemon.sd_actives ));
86 assert( !FD_ISSET( s, &slap_daemon.sd_readers ));
87 assert( !FD_ISSET( s, &slap_daemon.sd_writers ));
90 if (s >= slap_daemon.sd_nfds) {
91 slap_daemon.sd_nfds = s + 1;
95 FD_SET( s, &slap_daemon.sd_actives );
96 FD_SET( s, &slap_daemon.sd_readers );
98 Debug( LDAP_DEBUG_CONNS, "daemon: added %ld%s%s\n",
100 FD_ISSET(s, &slap_daemon.sd_readers) ? "r" : "",
101 FD_ISSET(s, &slap_daemon.sd_writers) ? "w" : "" );
103 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
107 * Remove the descriptor from daemon control
109 void slapd_remove(ber_socket_t s, int wake) {
110 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
112 Debug( LDAP_DEBUG_CONNS, "daemon: removing %ld%s%s\n",
114 FD_ISSET(s, &slap_daemon.sd_readers) ? "r" : "",
115 FD_ISSET(s, &slap_daemon.sd_writers) ? "w" : "" );
117 FD_CLR( s, &slap_daemon.sd_actives );
118 FD_CLR( s, &slap_daemon.sd_readers );
119 FD_CLR( s, &slap_daemon.sd_writers );
121 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
125 void slapd_clr_write(ber_socket_t s, int wake) {
126 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
128 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
129 FD_CLR( s, &slap_daemon.sd_writers );
131 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
135 void slapd_set_write(ber_socket_t s, int wake) {
136 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
138 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
139 FD_SET( (unsigned) s, &slap_daemon.sd_writers );
141 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
145 void slapd_clr_read(ber_socket_t s, int wake) {
146 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
148 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
149 FD_CLR( s, &slap_daemon.sd_readers );
151 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
155 void slapd_set_read(ber_socket_t s, int wake) {
156 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
158 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
159 FD_SET( s, &slap_daemon.sd_readers );
161 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
165 static void slapd_close(ber_socket_t s) {
166 Debug( LDAP_DEBUG_CONNS, "daemon: closing %ld\n",
184 rc = ldap_url_parse( url, &lud );
186 if( rc != LDAP_URL_SUCCESS ) {
187 Debug( LDAP_DEBUG_ANY,
188 "daemon: listen URL \"%s\" parse error=%d\n",
194 if( lud->lud_ldaps ) {
195 Debug( LDAP_DEBUG_ANY,
196 "daemon: TLS not supported (%s)\n",
198 ldap_free_urldesc( lud );
202 if(! lud->lud_port ) {
203 lud->lud_port = port;
207 l.sl_is_tls = lud->lud_ldaps;
209 if(! lud->lud_port ) {
210 lud->lud_port = lud->lud_ldaps ? tls_port : port;
214 port = lud->lud_port;
216 (void) memset( (void*) &l.sl_addr, '\0', sizeof(l.sl_addr) );
218 l.sl_addr.sin_family = AF_INET;
219 l.sl_addr.sin_port = htons( (unsigned short) lud->lud_port );
221 if( lud->lud_host == NULL || lud->lud_host[0] == '\0'
222 || strcmp(lud->lud_host, "*") == 0 )
224 l.sl_addr.sin_addr.s_addr = htonl(INADDR_ANY);
227 /* host or address was specified */
228 if( !inet_aton( lud->lud_host, &l.sl_addr.sin_addr ) ) {
229 struct hostent *he = gethostbyname( lud->lud_host );
231 Debug( LDAP_DEBUG_ANY, "invalid host (%s) in URL: %s",
232 lud->lud_host, url, 0);
233 ldap_free_urldesc( lud );
237 memcpy( &l.sl_addr.sin_addr, he->h_addr,
238 sizeof( l.sl_addr.sin_addr ) );
242 ldap_free_urldesc( lud );
245 if ( (l.sl_sd = socket( AF_INET, SOCK_STREAM, 0 )) == AC_SOCKET_INVALID ) {
246 int err = sock_errno();
247 Debug( LDAP_DEBUG_ANY,
248 "daemon: socket() failed errno=%d (%s)\n", err,
249 sock_errstr(err), 0 );
254 if ( l.sl_sd >= dtblsize ) {
255 Debug( LDAP_DEBUG_ANY,
256 "daemon: listener descriptor %ld is too great %ld\n",
257 (long) l.sl_sd, (long) dtblsize, 0 );
258 tcp_close( l.sl_sd );
264 /* enable address reuse */
266 rc = setsockopt( l.sl_sd, SOL_SOCKET, SO_REUSEADDR,
267 (char *) &tmp, sizeof(tmp) );
268 if ( rc == AC_SOCKET_ERROR ) {
269 int err = sock_errno();
270 Debug( LDAP_DEBUG_ANY,
271 "slapd(%ld): setsockopt(SO_REUSEADDR) failed errno=%d (%s)\n",
272 (long) l.sl_sd, err, sock_errstr(err) );
276 /* enable keep alives */
278 rc = setsockopt( l.sl_sd, SOL_SOCKET, SO_KEEPALIVE,
279 (char *) &tmp, sizeof(tmp) );
280 if ( rc == AC_SOCKET_ERROR ) {
281 int err = sock_errno();
282 Debug( LDAP_DEBUG_ANY,
283 "slapd(%ld): setsockopt(SO_KEEPALIVE) failed errno=%d (%s)\n",
284 (long) l.sl_sd, err, sock_errstr(err) );
288 /* enable no delay */
290 rc = setsockopt( l.sl_sd, IPPROTO_TCP, TCP_NODELAY,
291 (char *)&tmp, sizeof(tmp) );
292 if ( rc == AC_SOCKET_ERROR ) {
293 int err = sock_errno();
294 Debug( LDAP_DEBUG_ANY,
295 "slapd(%ld): setsockopt(TCP_NODELAY) failed errno=%d (%s)\n",
296 (long) l.sl_sd, err, sock_errstr(err) );
300 rc = bind( l.sl_sd, (struct sockaddr *) &l.sl_addr, sizeof(l.sl_addr) );
301 if ( rc == AC_SOCKET_ERROR ) {
302 int err = sock_errno();
303 Debug( LDAP_DEBUG_ANY, "daemon: bind(%ld) failed errno=%d (%s)\n",
304 (long) l.sl_sd, err, sock_errstr(err) );
305 tcp_close( l.sl_sd );
309 l.sl_url = ch_strdup( url );
311 l.sl_name = ch_malloc( sizeof("IP=255.255.255.255:65336") );
312 s = inet_ntoa( l.sl_addr.sin_addr );
313 sprintf( l.sl_name, "IP=%s:%d",
314 s != NULL ? s : "unknown" , port );
316 li = ch_malloc( sizeof( Listener ) );
319 Debug( LDAP_DEBUG_TRACE, "daemon: initialized %s\n",
325 static int sockinit(void);
326 static int sockdestroy(void);
328 int slapd_daemon_init(char *urls, int port, int tls_port )
334 assert( tls_port == 0 );
337 Debug( LDAP_DEBUG_ARGS, "daemon_init: %s (%d/%d)\n",
338 urls ? urls : "<null>", port, tls_port );
340 if( (rc = sockinit()) != 0 ) {
345 dtblsize = sysconf( _SC_OPEN_MAX );
346 #elif HAVE_GETDTABLESIZE
347 dtblsize = getdtablesize();
349 dtblsize = FD_SETSIZE;
353 if(dtblsize > FD_SETSIZE) {
354 dtblsize = FD_SETSIZE;
356 #endif /* !FD_SETSIZE */
358 /* open a pipe (or something equivalent connected to itself).
359 * we write a byte on this fd whenever we catch a signal. The main
360 * loop will be select'ing on this socket, and will wake up when
363 if( (rc = lutil_pair( wake_sds )) < 0 ) {
364 Debug( LDAP_DEBUG_ANY,
365 "daemon: lutil_pair() failed rc=%d\n", rc, 0, 0 );
369 FD_ZERO( &slap_daemon.sd_readers );
370 FD_ZERO( &slap_daemon.sd_writers );
376 u = str2charray( urls, " " );
378 if( u == NULL || u[0] == NULL ) {
379 Debug( LDAP_DEBUG_ANY, "daemon_init: no urls (%s) provided.\n",
385 for( i=0; u[i] != NULL; i++ ) {
386 Debug( LDAP_DEBUG_TRACE, "daemon_init: listen on %s\n",
391 Debug( LDAP_DEBUG_ANY, "daemon_init: no listeners to open (%s)\n",
397 Debug( LDAP_DEBUG_TRACE, "daemon_init: %d listeners to open...\n",
400 slap_listeners = ch_malloc( (i+1)*sizeof(Listener *) );
402 for(i = 0; u[i] != NULL; i++ ) {
403 slap_listeners[i] = open_listener( u[i], port, tls_port );
405 if( slap_listeners[i] == NULL ) {
410 slap_listeners[i] = NULL;
412 Debug( LDAP_DEBUG_TRACE, "daemon_init: %d listeners opened\n",
416 ldap_pvt_thread_mutex_init( &slap_daemon.sd_mutex );
422 slapd_daemon_destroy(void)
424 connections_destroy();
425 tcp_close( wake_sds[1] );
426 tcp_close( wake_sds[0] );
438 time_t last_idle_check = slap_get_time();
441 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
442 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
445 if ( listen( slap_listeners[l]->sl_sd, 5 ) == -1 ) {
446 int err = sock_errno();
447 Debug( LDAP_DEBUG_ANY,
448 "daemon: listen(%s, 5) failed errno=%d (%s)\n",
449 slap_listeners[l]->sl_url, err,
454 slapd_add( slap_listeners[l]->sl_sd );
458 if ( started_event != NULL ) {
459 ldap_pvt_thread_cond_signal( &started_event );
462 /* initialization complete. Here comes the loop. */
464 while ( !slapd_shutdown ) {
469 #define SLAPD_EBADF_LIMIT 10
472 #define SLAPD_IDLE_CHECK_LIMIT 4
473 time_t now = slap_get_time();
479 struct sockaddr_in from;
480 #if defined(SLAPD_RLOOKUPS) || defined(HAVE_TCPD)
486 if( global_idletimeout > 0 && difftime(
487 last_idle_check+global_idletimeout/SLAPD_IDLE_CHECK_LIMIT,
490 connections_timeout_idle(now);
493 FD_ZERO( &writefds );
499 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
501 #ifdef FD_SET_MANUAL_COPY
502 for( s = 0; s < nfds; s++ ) {
503 if(FD_ISSET( &slap_sd_readers, s )) {
504 FD_SET( s, &readfds );
506 if(FD_ISSET( &slap_sd_writers, s )) {
507 FD_SET( s, &writefds );
511 memcpy( &readfds, &slap_daemon.sd_readers, sizeof(fd_set) );
512 memcpy( &writefds, &slap_daemon.sd_writers, sizeof(fd_set) );
514 FD_SET( wake_sds[0], &readfds );
516 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
517 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
519 FD_SET( slap_listeners[l]->sl_sd, &readfds );
523 nfds = slap_daemon.sd_nfds;
528 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
530 ldap_pvt_thread_mutex_lock( &active_threads_mutex );
532 ldap_pvt_thread_mutex_unlock( &active_threads_mutex );
534 #if defined( HAVE_YIELDING_SELECT ) || defined( NO_THREADS )
537 tvp = at ? &zero : NULL;
540 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
541 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
544 Debug( LDAP_DEBUG_CONNS,
545 "daemon: select: listen=%d active_threads=%d tvp=%s\n",
546 slap_listeners[l]->sl_sd, at,
547 tvp == NULL ? "NULL" : "zero" );
550 switch(ns = select( nfds, &readfds,
552 /* don't pass empty fd_set */
553 ( writefds.fd_count > 0 ? &writefds : NULL ),
559 case -1: { /* failure - try again */
560 int err = sock_errno();
562 if( err == EBADF && ++ebadf < SLAPD_EBADF_LIMIT) {
567 Debug( LDAP_DEBUG_CONNS,
568 "daemon: select failed (%d): %s\n",
569 err, sock_errstr(err), 0 );
576 case 0: /* timeout - let threads run */
578 Debug( LDAP_DEBUG_CONNS, "daemon: select timeout - yielding\n",
580 ldap_pvt_thread_yield();
583 default: /* something happened - deal with it */
585 Debug( LDAP_DEBUG_CONNS, "daemon: activity on %d descriptors\n",
590 if( FD_ISSET( wake_sds[0], &readfds ) ) {
592 tcp_read( wake_sds[0], &c, 1 );
596 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
598 socklen_t len = sizeof(from);
604 char peername[sizeof("IP=255.255.255.255:65336")];
606 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
609 if ( !FD_ISSET( slap_listeners[l]->sl_sd, &readfds ) )
612 if ( (s = accept( slap_listeners[l]->sl_sd,
613 (struct sockaddr *) &from, &len )) == AC_SOCKET_INVALID )
615 int err = sock_errno();
616 Debug( LDAP_DEBUG_ANY,
617 "daemon: accept(%ld) failed errno=%d (%s)\n",
618 (long) slap_listeners[l]->sl_sd, err,
624 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
626 /* newly accepted stream should not be in any of the FD SETS */
628 assert( !FD_ISSET( s, &slap_daemon.sd_actives) );
629 assert( !FD_ISSET( s, &slap_daemon.sd_readers) );
630 assert( !FD_ISSET( s, &slap_daemon.sd_writers) );
632 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
636 /* make sure descriptor number isn't too great */
637 if ( s >= dtblsize ) {
638 Debug( LDAP_DEBUG_ANY,
639 "daemon: %ld beyond descriptor table size %ld\n",
640 (long) s, (long) dtblsize, 0 );
646 Debug( LDAP_DEBUG_CONNS, "daemon: new connection on %ld\n",
651 if ( getpeername( s, (struct sockaddr *) &from, &len ) != 0 ) {
652 int err = sock_errno();
653 Debug( LDAP_DEBUG_ANY,
654 "daemon: getpeername( %ld ) failed: errno=%d (%s)\n",
655 (long) s, err, sock_errstr(err) );
660 peeraddr = inet_ntoa( from.sin_addr );
661 sprintf( peername, "IP=%s:%d",
662 peeraddr != NULL ? peeraddr : "unknown",
663 (unsigned) ntohs( from.sin_port ) );
665 #if defined(SLAPD_RLOOKUPS) || defined(HAVE_TCPD)
666 hp = gethostbyaddr( (char *)
667 &(from.sin_addr.s_addr),
668 sizeof(from.sin_addr.s_addr), AF_INET );
671 dnsname = ldap_pvt_str2lower( hp->h_name );
681 if( !hosts_ctl("slapd",
682 dnsname != NULL ? dnsname : STRING_UNKNOWN,
683 peeraddr != NULL ? peeraddr : STRING_UNKNOWN,
687 Statslog( LDAP_DEBUG_ANY,
688 "fd=%ld connection from %s (%s) denied.\n",
690 dnsname != NULL ? dnsname : "unknown",
691 peeraddr != NULL ? peeraddr : "unknown",
697 #endif /* HAVE_TCPD */
699 if( (id = connection_init(s,
700 slap_listeners[l]->sl_url,
701 dnsname != NULL ? dnsname : "unknown",
703 slap_listeners[l]->sl_name,
705 slap_listeners[l]->sl_is_tls
711 Debug( LDAP_DEBUG_ANY,
712 "daemon: connection_init(%ld, %s, %s) failed.\n",
715 slap_listeners[l]->sl_name );
720 Statslog( LDAP_DEBUG_STATS,
721 "daemon: conn=%ld fd=%ld connection from %s (%s) accepted.\n",
724 slap_listeners[l]->sl_name,
732 Debug( LDAP_DEBUG_CONNS, "daemon: activity on:", 0, 0, 0 );
734 for ( i = 0; i < readfds.fd_count; i++ ) {
735 Debug( LDAP_DEBUG_CONNS, " %d%s",
736 readfds.fd_array[i], "r", 0 );
738 for ( i = 0; i < writefds.fd_count; i++ ) {
739 Debug( LDAP_DEBUG_CONNS, " %d%s",
740 writefds.fd_array[i], "w", 0 );
743 for ( i = 0; i < nfds; i++ ) {
747 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
748 if ( i == slap_listeners[l]->sl_sd ) {
756 r = FD_ISSET( i, &readfds );
757 w = FD_ISSET( i, &writefds );
759 Debug( LDAP_DEBUG_CONNS, " %d%s%s", i,
760 r ? "r" : "", w ? "w" : "" );
764 Debug( LDAP_DEBUG_CONNS, "\n", 0, 0, 0 );
767 /* loop through the writers */
769 for ( i = 0; i < writefds.fd_count; i++ )
771 for ( i = 0; i < nfds; i++ )
777 wd = writefds.fd_array[i];
779 if( ! FD_ISSET( i, &writefds ) ) {
785 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
786 if ( i == slap_listeners[l]->sl_sd ) {
794 Debug( LDAP_DEBUG_CONNS,
795 "daemon: write active on %d\n",
799 * NOTE: it is possible that the connection was closed
800 * and that the stream is now inactive.
801 * connection_write() must valid the stream is still
805 if ( connection_write( wd ) < 0 ) {
806 FD_CLR( (unsigned) wd, &readfds );
812 for ( i = 0; i < readfds.fd_count; i++ )
814 for ( i = 0; i < nfds; i++ )
821 rd = readfds.fd_array[i];
823 if( ! FD_ISSET( i, &readfds ) ) {
829 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
830 if ( rd == slap_listeners[l]->sl_sd ) {
839 Debug ( LDAP_DEBUG_CONNS,
840 "daemon: read activity on %d\n", rd, 0, 0 );
843 * NOTE: it is possible that the connection was closed
844 * and that the stream is now inactive.
845 * connection_read() must valid the stream is still
849 if ( connection_read( rd ) < 0 ) {
853 ldap_pvt_thread_yield();
856 if( slapd_shutdown > 0 ) {
857 Debug( LDAP_DEBUG_TRACE,
858 "daemon: shutdown requested and initiated.\n",
861 } else if ( slapd_shutdown < 0 ) {
862 Debug( LDAP_DEBUG_TRACE,
863 "daemon: abnormal condition, shutdown initiated.\n",
866 Debug( LDAP_DEBUG_TRACE,
867 "daemon: no active streams, shutdown initiated.\n",
871 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
872 if ( slap_listeners[l]->sl_sd != AC_SOCKET_INVALID ) {
873 slapd_close( slap_listeners[l]->sl_sd );
878 ldap_pvt_thread_mutex_lock( &active_threads_mutex );
879 Debug( LDAP_DEBUG_ANY,
880 "slapd shutdown: waiting for %d threads to terminate\n",
881 active_threads, 0, 0 );
882 while ( active_threads > 0 ) {
883 ldap_pvt_thread_cond_wait(&active_threads_cond, &active_threads_mutex);
885 ldap_pvt_thread_mutex_unlock( &active_threads_mutex );
891 int slapd_daemon( void )
897 #define SLAPD_LISTENER_THREAD 1
898 #if defined( SLAPD_LISTENER_THREAD ) || !defined(HAVE_PTHREADS)
900 /* listener as a separate THREAD */
901 rc = ldap_pvt_thread_create( &listener_tid,
902 0, slapd_daemon_task, NULL );
905 Debug( LDAP_DEBUG_ANY,
906 "listener ldap_pvt_thread_create failed (%d)\n", rc, 0, 0 );
910 /* wait for the listener thread to complete */
911 ldap_pvt_thread_join( listener_tid, (void *) NULL );
913 /* expermimental code */
914 listener_tid = pthread_self();
915 slapd_daemon_task( NULL );
925 WORD wVersionRequested;
929 wVersionRequested = MAKEWORD( 2, 0 );
931 err = WSAStartup( wVersionRequested, &wsaData );
933 /* Tell the user that we couldn't find a usable */
938 /* Confirm that the WinSock DLL supports 2.0.*/
939 /* Note that if the DLL supports versions greater */
940 /* than 2.0 in addition to 2.0, it will still return */
941 /* 2.0 in wVersion since that is the version we */
944 if ( LOBYTE( wsaData.wVersion ) != 2 ||
945 HIBYTE( wsaData.wVersion ) != 0 )
947 /* Tell the user that we couldn't find a usable */
953 /* The WinSock DLL is acceptable. Proceed. */
957 int sockdestroy(void)
964 static int sockinit(void)
967 if ( WSAStartup( 0x0101, &wsaData ) != 0 ) {
972 static int sockdestroy(void)
979 static int sockinit(void)
983 static int sockdestroy(void)
990 slap_sig_shutdown( int sig )
992 slapd_shutdown = sig;
996 (void) SIGNAL( sig, slap_sig_shutdown );
1000 slap_sig_wake( int sig )
1004 /* reinstall self */
1005 (void) SIGNAL( sig, slap_sig_wake );