2 * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
3 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
12 #include <ac/signal.h>
13 #include <ac/socket.h>
14 #include <ac/string.h>
16 #include <ac/unistd.h>
25 int allow_severity = LOG_INFO;
26 int deny_severity = LOG_NOTICE;
27 #endif /* TCP Wrappers */
31 ber_socket_t dtblsize;
33 typedef struct slap_listener {
40 struct sockaddr_in sl_addr;
43 Listener **slap_listeners = NULL;
45 static ber_socket_t wake_sds[2];
47 #define WAKE_LISTENER(w) \
48 do { if (w) tcp_write( wake_sds[1], "0", 1 ); } while(0)
52 extern ldap_pvt_thread_cond_t started_event;
58 volatile sig_atomic_t slapd_shutdown = 0;
60 static ldap_pvt_thread_t listener_tid;
62 static struct slap_daemon {
63 ldap_pvt_thread_mutex_t sd_mutex;
68 /* In winsock, accept() returns values higher than dtblsize
69 so don't bother with this optimization */
79 * Add a descriptor to daemon control
81 static void slapd_add(ber_socket_t s) {
82 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
84 assert( !FD_ISSET( s, &slap_daemon.sd_actives ));
85 assert( !FD_ISSET( s, &slap_daemon.sd_readers ));
86 assert( !FD_ISSET( s, &slap_daemon.sd_writers ));
89 if (s >= slap_daemon.sd_nfds) {
90 slap_daemon.sd_nfds = s + 1;
94 FD_SET( s, &slap_daemon.sd_actives );
95 FD_SET( s, &slap_daemon.sd_readers );
97 Debug( LDAP_DEBUG_CONNS, "daemon: added %ld%s%s\n",
99 FD_ISSET(s, &slap_daemon.sd_readers) ? "r" : "",
100 FD_ISSET(s, &slap_daemon.sd_writers) ? "w" : "" );
102 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
106 * Remove the descriptor from daemon control
108 void slapd_remove(ber_socket_t s, int wake) {
109 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
111 Debug( LDAP_DEBUG_CONNS, "daemon: removing %ld%s%s\n",
113 FD_ISSET(s, &slap_daemon.sd_readers) ? "r" : "",
114 FD_ISSET(s, &slap_daemon.sd_writers) ? "w" : "" );
116 FD_CLR( s, &slap_daemon.sd_actives );
117 FD_CLR( s, &slap_daemon.sd_readers );
118 FD_CLR( s, &slap_daemon.sd_writers );
120 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
124 void slapd_clr_write(ber_socket_t s, int wake) {
125 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
127 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
128 FD_CLR( s, &slap_daemon.sd_writers );
130 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
134 void slapd_set_write(ber_socket_t s, int wake) {
135 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
137 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
138 FD_SET( (unsigned) s, &slap_daemon.sd_writers );
140 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
144 void slapd_clr_read(ber_socket_t s, int wake) {
145 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
147 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
148 FD_CLR( s, &slap_daemon.sd_readers );
150 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
154 void slapd_set_read(ber_socket_t s, int wake) {
155 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
157 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
158 FD_SET( s, &slap_daemon.sd_readers );
160 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
164 static void slapd_close(ber_socket_t s) {
165 Debug( LDAP_DEBUG_CONNS, "daemon: closing %ld\n",
183 rc = ldap_url_parse( url, &lud );
185 if( rc != LDAP_URL_SUCCESS ) {
186 Debug( LDAP_DEBUG_ANY,
187 "daemon: listen URL \"%s\" parse error=%d\n",
193 if( lud->lud_ldaps ) {
194 Debug( LDAP_DEBUG_ANY,
195 "daemon: TLS not supported (%s)\n",
197 ldap_free_urldesc( lud );
201 if(! lud->lud_port ) {
202 lud->lud_port = port;
206 l.sl_is_tls = lud->lud_ldaps;
208 if(! lud->lud_port ) {
209 lud->lud_port = lud->lud_ldaps ? tls_port : port;
213 port = lud->lud_port;
215 (void) memset( (void*) &l.sl_addr, '\0', sizeof(l.sl_addr) );
217 l.sl_addr.sin_family = AF_INET;
218 l.sl_addr.sin_port = htons( (unsigned short) lud->lud_port );
220 if( lud->lud_host == NULL || lud->lud_host[0] == '\0'
221 || strcmp(lud->lud_host, "*") == 0 )
223 l.sl_addr.sin_addr.s_addr = htonl(INADDR_ANY);
226 /* host or address was specified */
227 if( !inet_aton( lud->lud_host, &l.sl_addr.sin_addr ) ) {
228 struct hostent *he = gethostbyname( lud->lud_host );
230 Debug( LDAP_DEBUG_ANY, "invalid host (%s) in URL: %s",
231 lud->lud_host, url, 0);
232 ldap_free_urldesc( lud );
236 memcpy( &l.sl_addr.sin_addr, he->h_addr,
237 sizeof( l.sl_addr.sin_addr ) );
241 ldap_free_urldesc( lud );
244 if ( (l.sl_sd = socket( AF_INET, SOCK_STREAM, 0 )) == AC_SOCKET_INVALID ) {
245 int err = sock_errno();
246 Debug( LDAP_DEBUG_ANY,
247 "daemon: socket() failed errno=%d (%s)\n", err,
248 sock_errstr(err), 0 );
253 if ( l.sl_sd >= dtblsize ) {
254 Debug( LDAP_DEBUG_ANY,
255 "daemon: listener descriptor %ld is too great %ld\n",
256 (long) l.sl_sd, (long) dtblsize, 0 );
257 tcp_close( l.sl_sd );
263 /* enable address reuse */
265 rc = setsockopt( l.sl_sd, SOL_SOCKET, SO_REUSEADDR,
266 (char *) &tmp, sizeof(tmp) );
267 if ( rc == AC_SOCKET_ERROR ) {
268 int err = sock_errno();
269 Debug( LDAP_DEBUG_ANY,
270 "slapd(%ld): setsockopt(SO_REUSEADDR) failed errno=%d (%s)\n",
271 (long) l.sl_sd, err, sock_errstr(err) );
275 /* enable keep alives */
277 rc = setsockopt( l.sl_sd, SOL_SOCKET, SO_KEEPALIVE,
278 (char *) &tmp, sizeof(tmp) );
279 if ( rc == AC_SOCKET_ERROR ) {
280 int err = sock_errno();
281 Debug( LDAP_DEBUG_ANY,
282 "slapd(%ld): setsockopt(SO_KEEPALIVE) failed errno=%d (%s)\n",
283 (long) l.sl_sd, err, sock_errstr(err) );
287 /* enable no delay */
289 rc = setsockopt( l.sl_sd, IPPROTO_TCP, TCP_NODELAY,
290 (char *)&tmp, sizeof(tmp) );
291 if ( rc == AC_SOCKET_ERROR ) {
292 int err = sock_errno();
293 Debug( LDAP_DEBUG_ANY,
294 "slapd(%ld): setsockopt(TCP_NODELAY) failed errno=%d (%s)\n",
295 (long) l.sl_sd, err, sock_errstr(err) );
299 rc = bind( l.sl_sd, (struct sockaddr *) &l.sl_addr, sizeof(l.sl_addr) );
300 if ( rc == AC_SOCKET_ERROR ) {
301 int err = sock_errno();
302 Debug( LDAP_DEBUG_ANY, "daemon: bind(%ld) failed errno=%d (%s)\n",
303 (long) l.sl_sd, err, sock_errstr(err) );
304 tcp_close( l.sl_sd );
308 l.sl_url = ch_strdup( url );
310 l.sl_name = ch_malloc( sizeof("IP=255.255.255.255:65336") );
311 s = inet_ntoa( l.sl_addr.sin_addr );
312 sprintf( l.sl_name, "IP=%s:%d",
313 s != NULL ? s : "unknown" , port );
315 li = ch_malloc( sizeof( Listener ) );
318 Debug( LDAP_DEBUG_TRACE, "daemon: initialized %s\n",
324 static int sockinit(void);
325 static int sockdestroy(void);
327 int slapd_daemon_init(char *urls, int port, int tls_port )
333 assert( tls_port == 0 );
336 Debug( LDAP_DEBUG_ARGS, "daemon_init: %s (%d/%d)\n",
337 urls ? urls : "<null>", port, tls_port );
339 if( rc = sockinit() ) {
344 dtblsize = sysconf( _SC_OPEN_MAX );
345 #elif HAVE_GETDTABLESIZE
346 dtblsize = getdtablesize();
348 dtblsize = FD_SETSIZE;
352 if(dtblsize > FD_SETSIZE) {
353 dtblsize = FD_SETSIZE;
355 #endif /* !FD_SETSIZE */
357 /* open a pipe (or something equivalent connected to itself).
358 * we write a byte on this fd whenever we catch a signal. The main
359 * loop will be select'ing on this socket, and will wake up when
362 if( (rc = lutil_pair( wake_sds )) < 0 ) {
363 Debug( LDAP_DEBUG_ANY,
364 "daemon: lutil_pair() failed rc=%d\n", rc, 0, 0 );
368 FD_ZERO( &slap_daemon.sd_readers );
369 FD_ZERO( &slap_daemon.sd_writers );
375 u = str2charray( urls, " " );
377 if( u == NULL || u[0] == NULL ) {
378 Debug( LDAP_DEBUG_ANY, "daemon_init: no urls (%s) provided.\n",
384 for( i=0; u[i] != NULL; i++ ) {
385 Debug( LDAP_DEBUG_TRACE, "daemon_init: listen on %s\n",
390 Debug( LDAP_DEBUG_ANY, "daemon_init: no listeners to open (%s)\n",
396 Debug( LDAP_DEBUG_TRACE, "daemon_init: %d listeners to open...\n",
399 slap_listeners = ch_malloc( (i+1)*sizeof(Listener *) );
401 for(i = 0; u[i] != NULL; i++ ) {
402 slap_listeners[i] = open_listener( u[i], port, tls_port );
404 if( slap_listeners[i] == NULL ) {
409 slap_listeners[i] = NULL;
411 Debug( LDAP_DEBUG_TRACE, "daemon_init: %d listeners opened\n",
415 ldap_pvt_thread_mutex_init( &slap_daemon.sd_mutex );
421 slapd_daemon_destroy(void)
423 connections_destroy();
424 tcp_close( wake_sds[1] );
425 tcp_close( wake_sds[0] );
437 time_t last_idle_check = slap_get_time();
440 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
441 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
444 if ( listen( slap_listeners[l]->sl_sd, 5 ) == -1 ) {
445 int err = sock_errno();
446 Debug( LDAP_DEBUG_ANY,
447 "daemon: listen(%s, 5) failed errno=%d (%s)\n",
448 slap_listeners[l]->sl_url, err,
453 slapd_add( slap_listeners[l]->sl_sd );
457 if ( started_event != NULL ) {
458 ldap_pvt_thread_cond_signal( &started_event );
461 /* initialization complete. Here comes the loop. */
463 while ( !slapd_shutdown ) {
468 #define SLAPD_EBADF_LIMIT 10
471 #define SLAPD_IDLE_CHECK_LIMIT 4
472 time_t now = slap_get_time();
478 struct sockaddr_in from;
479 #if defined(SLAPD_RLOOKUPS) || defined(HAVE_TCPD)
485 if( global_idletimeout > 0 && difftime(
486 last_idle_check+global_idletimeout/SLAPD_IDLE_CHECK_LIMIT,
489 connections_timeout_idle(now);
492 FD_ZERO( &writefds );
498 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
500 #ifdef FD_SET_MANUAL_COPY
501 for( s = 0; s < nfds; s++ ) {
502 if(FD_ISSET( &slap_sd_readers, s )) {
503 FD_SET( s, &readfds );
505 if(FD_ISSET( &slap_sd_writers, s )) {
506 FD_SET( s, &writefds );
510 memcpy( &readfds, &slap_daemon.sd_readers, sizeof(fd_set) );
511 memcpy( &writefds, &slap_daemon.sd_writers, sizeof(fd_set) );
513 FD_SET( wake_sds[0], &readfds );
515 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
516 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
518 FD_SET( slap_listeners[l]->sl_sd, &readfds );
522 nfds = slap_daemon.sd_nfds;
527 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
529 ldap_pvt_thread_mutex_lock( &active_threads_mutex );
531 ldap_pvt_thread_mutex_unlock( &active_threads_mutex );
533 #if defined( HAVE_YIELDING_SELECT ) || defined( NO_THREADS )
536 tvp = at ? &zero : NULL;
539 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
540 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
543 Debug( LDAP_DEBUG_CONNS,
544 "daemon: select: listen=%d active_threads=%d tvp=%s\n",
545 slap_listeners[l]->sl_sd, at,
546 tvp == NULL ? "NULL" : "zero" );
549 switch(ns = select( nfds, &readfds,
551 /* don't pass empty fd_set */
552 ( writefds.fd_count > 0 ? &writefds : NULL ),
558 case -1: { /* failure - try again */
559 int err = sock_errno();
561 if( err == EBADF && ++ebadf < SLAPD_EBADF_LIMIT) {
566 Debug( LDAP_DEBUG_CONNS,
567 "daemon: select failed (%d): %s\n",
568 err, sock_errstr(err), 0 );
575 case 0: /* timeout - let threads run */
577 Debug( LDAP_DEBUG_CONNS, "daemon: select timeout - yielding\n",
579 ldap_pvt_thread_yield();
582 default: /* something happened - deal with it */
584 Debug( LDAP_DEBUG_CONNS, "daemon: activity on %d descriptors\n",
589 if( FD_ISSET( wake_sds[0], &readfds ) ) {
591 tcp_read( wake_sds[0], &c, 1 );
595 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
597 socklen_t len = sizeof(from);
603 char peername[sizeof("IP=255.255.255.255:65336")];
605 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
608 if ( !FD_ISSET( slap_listeners[l]->sl_sd, &readfds ) )
611 if ( (s = accept( slap_listeners[l]->sl_sd,
612 (struct sockaddr *) &from, &len )) == AC_SOCKET_INVALID )
614 int err = sock_errno();
615 Debug( LDAP_DEBUG_ANY,
616 "daemon: accept(%ld) failed errno=%d (%s)\n",
617 (long) slap_listeners[l]->sl_sd, err,
623 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
625 /* newly accepted stream should not be in any of the FD SETS */
627 assert( !FD_ISSET( s, &slap_daemon.sd_actives) );
628 assert( !FD_ISSET( s, &slap_daemon.sd_readers) );
629 assert( !FD_ISSET( s, &slap_daemon.sd_writers) );
631 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
635 /* make sure descriptor number isn't too great */
636 if ( s >= dtblsize ) {
637 Debug( LDAP_DEBUG_ANY,
638 "daemon: %ld beyond descriptor table size %ld\n",
639 (long) s, (long) dtblsize, 0 );
645 Debug( LDAP_DEBUG_CONNS, "daemon: new connection on %ld\n",
650 if ( getpeername( s, (struct sockaddr *) &from, &len ) != 0 ) {
651 int err = sock_errno();
652 Debug( LDAP_DEBUG_ANY,
653 "daemon: getpeername( %ld ) failed: errno=%d (%s)\n",
654 (long) s, err, sock_errstr(err) );
659 peeraddr = inet_ntoa( from.sin_addr );
660 sprintf( peername, "IP=%s:%d",
661 peeraddr != NULL ? peeraddr : "unknown",
662 (unsigned) ntohs( from.sin_port ) );
664 #if defined(SLAPD_RLOOKUPS) || defined(HAVE_TCPD)
665 hp = gethostbyaddr( (char *)
666 &(from.sin_addr.s_addr),
667 sizeof(from.sin_addr.s_addr), AF_INET );
670 dnsname = ldap_pvt_str2lower( hp->h_name );
680 if( !hosts_ctl("slapd",
681 dnsname != NULL ? dnsname : STRING_UNKNOWN,
682 peeraddr != NULL ? peeraddr : STRING_UNKNOWN,
686 Statslog( LDAP_DEBUG_ANY,
687 "fd=%ld connection from %s (%s) denied.\n",
689 dnsname != NULL ? dnsname : "unknown",
690 peeraddr != NULL ? peeraddr : "unknown",
696 #endif /* HAVE_TCPD */
698 if( (id = connection_init(s,
699 slap_listeners[l]->sl_url,
700 dnsname != NULL ? dnsname : "unknown",
702 slap_listeners[l]->sl_name,
704 slap_listeners[l]->sl_is_tls
710 Debug( LDAP_DEBUG_ANY,
711 "daemon: connection_init(%ld, %s, %s) failed.\n",
714 slap_listeners[l]->sl_name );
719 Statslog( LDAP_DEBUG_STATS,
720 "daemon: conn=%ld fd=%ld connection from %s (%s) accepted.\n",
723 slap_listeners[l]->sl_name,
731 Debug( LDAP_DEBUG_CONNS, "daemon: activity on:", 0, 0, 0 );
733 for ( i = 0; i < readfds.fd_count; i++ ) {
734 Debug( LDAP_DEBUG_CONNS, " %d%s",
735 readfds.fd_array[i], "r", 0 );
737 for ( i = 0; i < writefds.fd_count; i++ ) {
738 Debug( LDAP_DEBUG_CONNS, " %d%s",
739 writefds.fd_array[i], "w", 0 );
742 for ( i = 0; i < nfds; i++ ) {
746 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
747 if ( i == slap_listeners[l]->sl_sd ) {
755 r = FD_ISSET( i, &readfds );
756 w = FD_ISSET( i, &writefds );
758 Debug( LDAP_DEBUG_CONNS, " %d%s%s", i,
759 r ? "r" : "", w ? "w" : "" );
763 Debug( LDAP_DEBUG_CONNS, "\n", 0, 0, 0 );
766 /* loop through the writers */
768 for ( i = 0; i < writefds.fd_count; i++ )
770 for ( i = 0; i < nfds; i++ )
776 wd = writefds.fd_array[i];
778 if( ! FD_ISSET( i, &writefds ) ) {
784 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
785 if ( i == slap_listeners[l]->sl_sd ) {
793 Debug( LDAP_DEBUG_CONNS,
794 "daemon: write active on %d\n",
798 * NOTE: it is possible that the connection was closed
799 * and that the stream is now inactive.
800 * connection_write() must valid the stream is still
804 if ( connection_write( wd ) < 0 ) {
805 FD_CLR( (unsigned) wd, &readfds );
811 for ( i = 0; i < readfds.fd_count; i++ )
813 for ( i = 0; i < nfds; i++ )
820 rd = readfds.fd_array[i];
822 if( ! FD_ISSET( i, &readfds ) ) {
828 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
829 if ( rd == slap_listeners[l]->sl_sd ) {
838 Debug ( LDAP_DEBUG_CONNS,
839 "daemon: read activity on %d\n", rd, 0, 0 );
842 * NOTE: it is possible that the connection was closed
843 * and that the stream is now inactive.
844 * connection_read() must valid the stream is still
848 if ( connection_read( rd ) < 0 ) {
852 ldap_pvt_thread_yield();
855 if( slapd_shutdown > 0 ) {
856 Debug( LDAP_DEBUG_TRACE,
857 "daemon: shutdown requested and initiated.\n",
860 } else if ( slapd_shutdown < 0 ) {
861 Debug( LDAP_DEBUG_TRACE,
862 "daemon: abnormal condition, shutdown initiated.\n",
865 Debug( LDAP_DEBUG_TRACE,
866 "daemon: no active streams, shutdown initiated.\n",
870 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
871 if ( slap_listeners[l]->sl_sd != AC_SOCKET_INVALID ) {
872 slapd_close( slap_listeners[l]->sl_sd );
877 ldap_pvt_thread_mutex_lock( &active_threads_mutex );
878 Debug( LDAP_DEBUG_ANY,
879 "slapd shutdown: waiting for %d threads to terminate\n",
880 active_threads, 0, 0 );
881 while ( active_threads > 0 ) {
882 ldap_pvt_thread_cond_wait(&active_threads_cond, &active_threads_mutex);
884 ldap_pvt_thread_mutex_unlock( &active_threads_mutex );
890 int slapd_daemon( void )
896 #define SLAPD_LISTENER_THREAD 1
897 #if defined( SLAPD_LISTENER_THREAD ) || !defined(HAVE_PTHREADS)
899 /* listener as a separate THREAD */
900 rc = ldap_pvt_thread_create( &listener_tid,
901 0, slapd_daemon_task, NULL );
904 Debug( LDAP_DEBUG_ANY,
905 "listener ldap_pvt_thread_create failed (%d)\n", rc, 0, 0 );
909 /* wait for the listener thread to complete */
910 ldap_pvt_thread_join( listener_tid, (void *) NULL );
912 /* expermimental code */
913 listener_tid = pthread_self();
914 slapd_daemon_task( NULL );
924 WORD wVersionRequested;
928 wVersionRequested = MAKEWORD( 2, 0 );
930 err = WSAStartup( wVersionRequested, &wsaData );
932 /* Tell the user that we couldn't find a usable */
937 /* Confirm that the WinSock DLL supports 2.0.*/
938 /* Note that if the DLL supports versions greater */
939 /* than 2.0 in addition to 2.0, it will still return */
940 /* 2.0 in wVersion since that is the version we */
943 if ( LOBYTE( wsaData.wVersion ) != 2 ||
944 HIBYTE( wsaData.wVersion ) != 0 )
946 /* Tell the user that we couldn't find a usable */
952 /* The WinSock DLL is acceptable. Proceed. */
956 int sockdestroy(void)
963 static int sockinit(void)
966 if ( WSAStartup( 0x0101, &wsaData ) != 0 ) {
971 static int sockdestroy(void)
978 static int sockinit(void)
982 static int sockdestroy(void)
989 slap_sig_shutdown( int sig )
991 slapd_shutdown = sig;
995 (void) SIGNAL( sig, slap_sig_shutdown );
999 slap_sig_wake( int sig )
1003 /* reinstall self */
1004 (void) SIGNAL( sig, slap_sig_wake );