3 * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
13 #include <ac/signal.h>
14 #include <ac/socket.h>
15 #include <ac/string.h>
17 #include <ac/unistd.h>
26 int allow_severity = LOG_INFO;
27 int deny_severity = LOG_NOTICE;
28 #endif /* TCP Wrappers */
32 #endif /* LDAP_PF_LOCAL */
36 ber_socket_t dtblsize;
38 typedef union slap_sockaddr {
39 struct sockaddr sa_addr;
40 struct sockaddr_in sa_in_addr;
42 struct sockaddr_in6 sa_in6_addr;
45 struct sockaddr_un sa_un_addr;
49 typedef struct slap_listener {
57 #define sl_addr sl_sa.sa_in_addr
60 Listener **slap_listeners = NULL;
62 #define SLAPD_LISTEN 10
64 static ber_socket_t wake_sds[2];
68 #define WAKE_LISTENER(w) \
69 ((w && !waking) ? tcp_write( wake_sds[1], "0", 1 ), waking=1 : 0)
71 #define WAKE_LISTENER(w) \
72 do { if (w) tcp_write( wake_sds[1], "0", 1 ); } while(0)
75 #ifdef HAVE_NT_SERVICE_MANAGER
77 extern ldap_pvt_thread_cond_t started_event;
78 extern int is_NT_Service;
84 volatile sig_atomic_t slapd_shutdown = 0;
86 static struct slap_daemon {
87 ldap_pvt_thread_mutex_t sd_mutex;
92 /* In winsock, accept() returns values higher than dtblsize
93 so don't bother with this optimization */
106 * SLP related functions
110 #define LDAP_SRVTYPE_PREFIX "service:ldap://"
111 #define LDAPS_SRVTYPE_PREFIX "service:ldaps://"
112 static char** slapd_srvurls = NULL;
113 static SLPHandle slapd_hslp = 0;
115 void slapd_slp_init( const char* urls ) {
118 slapd_srvurls = str2charray( urls, " " );
120 if( slapd_srvurls == NULL ) return;
122 /* find and expand INADDR_ANY URLs */
123 for( i=0; slapd_srvurls[i] != NULL; i++ ) {
124 if( strcmp( slapd_srvurls[i], "ldap:///" ) == 0) {
125 char *host = ldap_pvt_get_fqdn( NULL );
126 if ( host != NULL ) {
127 slapd_srvurls[i] = (char *) realloc( slapd_srvurls[i],
129 sizeof( LDAP_SRVTYPE_PREFIX ) );
130 strcpy( slapd_srvurls[i], LDAP_SRVTYPE_PREFIX );
131 strcat( slapd_srvurls[i], host );
136 } else if ( strcmp( slapd_srvurls[i], "ldaps:///" ) == 0) {
137 char *host = ldap_pvt_get_fqdn( NULL );
138 if ( host != NULL ) {
139 slapd_srvurls[i] = (char *) realloc( slapd_srvurls[i],
141 sizeof( LDAPS_SRVTYPE_PREFIX ) );
142 strcpy( slapd_srvurls[i], LDAPS_SRVTYPE_PREFIX );
143 strcat( slapd_srvurls[i], host );
150 /* open the SLP handle */
151 SLPOpen( "en", 0, &slapd_hslp );
154 void slapd_slp_deinit() {
155 if( slapd_srvurls == NULL ) return;
157 charray_free( slapd_srvurls );
158 slapd_srvurls = NULL;
160 /* close the SLP handle */
161 SLPClose( slapd_hslp );
164 void slapd_slp_regreport(
172 void slapd_slp_reg() {
175 for( i=0; slapd_srvurls[i] != NULL; i++ ) {
176 if( strncmp( slapd_srvurls[i], LDAP_SRVTYPE_PREFIX,
177 sizeof( LDAP_SRVTYPE_PREFIX ) - 1 ) == 0 ||
178 strncmp( slapd_srvurls[i], LDAPS_SRVTYPE_PREFIX,
179 sizeof( LDAPS_SRVTYPE_PREFIX ) - 1 ) == 0 )
183 SLP_LIFETIME_MAXIMUM,
193 void slapd_slp_dereg() {
196 for( i=0; slapd_srvurls[i] != NULL; i++ ) {
197 SLPDereg( slapd_hslp,
203 #endif /* HAVE_SLP */
206 * Add a descriptor to daemon control
208 static void slapd_add(ber_socket_t s) {
209 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
211 assert( !FD_ISSET( s, &slap_daemon.sd_actives ));
212 assert( !FD_ISSET( s, &slap_daemon.sd_readers ));
213 assert( !FD_ISSET( s, &slap_daemon.sd_writers ));
216 if (s >= slap_daemon.sd_nfds) {
217 slap_daemon.sd_nfds = s + 1;
221 FD_SET( s, &slap_daemon.sd_actives );
222 FD_SET( s, &slap_daemon.sd_readers );
225 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1,
226 "slapd_add: added %ld%s%s\n",
228 FD_ISSET(s, &slap_daemon.sd_readers) ? "r" : "",
229 FD_ISSET(s, &slap_daemon.sd_writers) ? "w" : "" ));
231 Debug( LDAP_DEBUG_CONNS, "daemon: added %ld%s%s\n",
233 FD_ISSET(s, &slap_daemon.sd_readers) ? "r" : "",
234 FD_ISSET(s, &slap_daemon.sd_writers) ? "w" : "" );
236 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
240 * Remove the descriptor from daemon control
242 void slapd_remove(ber_socket_t s, int wake) {
243 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
246 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1,
247 "slapd_remove: removing %ld%s%s\n",
249 FD_ISSET(s, &slap_daemon.sd_readers) ? "r" : "",
250 FD_ISSET(s, &slap_daemon.sd_writers) ? "w" : "" ));
252 Debug( LDAP_DEBUG_CONNS, "daemon: removing %ld%s%s\n",
254 FD_ISSET(s, &slap_daemon.sd_readers) ? "r" : "",
255 FD_ISSET(s, &slap_daemon.sd_writers) ? "w" : "" );
257 FD_CLR( s, &slap_daemon.sd_actives );
258 FD_CLR( s, &slap_daemon.sd_readers );
259 FD_CLR( s, &slap_daemon.sd_writers );
261 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
265 void slapd_clr_write(ber_socket_t s, int wake) {
266 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
268 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
269 FD_CLR( s, &slap_daemon.sd_writers );
271 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
275 void slapd_set_write(ber_socket_t s, int wake) {
276 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
278 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
279 if (!FD_ISSET(s, &slap_daemon.sd_writers))
280 FD_SET( (unsigned) s, &slap_daemon.sd_writers );
282 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
286 void slapd_clr_read(ber_socket_t s, int wake) {
287 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
289 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
290 FD_CLR( s, &slap_daemon.sd_readers );
292 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
296 void slapd_set_read(ber_socket_t s, int wake) {
297 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
299 assert( FD_ISSET( s, &slap_daemon.sd_actives) );
300 if (!FD_ISSET(s, &slap_daemon.sd_readers))
301 FD_SET( s, &slap_daemon.sd_readers );
303 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
307 static void slapd_close(ber_socket_t s) {
309 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1,
310 "slapd_close: closing %ld\n", (long)s ));
312 Debug( LDAP_DEBUG_CONNS, "daemon: closing %ld\n",
318 static void slap_free_listener_addresses(struct sockaddr **sal)
320 struct sockaddr **sap;
326 for (sap = sal; *sap != NULL; sap++) {
333 /* port = 0 indicates AF_LOCAL */
334 static int slap_get_listener_addresses(
337 struct sockaddr ***sal)
339 struct sockaddr **sap;
343 *sal = ch_malloc(2 * sizeof(void *));
349 *sap = ch_malloc(sizeof(struct sockaddr_un));
355 (sizeof(((struct sockaddr_un *)*sap)->sun_path) - 1) ) {
357 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
358 "slap_get_listener_addresses: domain socket path (%s) too long in URL\n",
361 Debug( LDAP_DEBUG_ANY,
362 "daemon: domain socket path (%s) too long in URL",
368 (void)memset( (void *)*sap, '\0', sizeof(struct sockaddr_un) );
369 (*sap)->sa_family = AF_LOCAL;
370 strcpy( ((struct sockaddr_un *)*sap)->sun_path, host );
374 #ifdef HAVE_GETADDRINFO
375 struct addrinfo hints, *res, *sai;
379 memset( &hints, '\0', sizeof(hints) );
380 hints.ai_flags = AI_PASSIVE;
381 hints.ai_socktype = SOCK_STREAM;
382 hints.ai_family = AF_UNSPEC;
383 snprintf(serv, sizeof serv, "%d", port);
385 if (err = getaddrinfo(host, serv, &hints, &res)) {
387 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
388 "slap_get_listener_addresses: getaddrinfo failed: %s\n",
389 AC_GAI_STRERROR(err) ));
391 Debug( LDAP_DEBUG_ANY, "daemon: getaddrinfo failed: %s\n",
392 AC_GAI_STRERROR(err), 0, 0);
398 for (n=2; (sai = sai->ai_next) != NULL; n++) {
401 *sal = ch_malloc(n * sizeof(void *));
410 switch (sai->ai_family) {
411 # ifdef LDAP_PF_INET6
413 *sap = ch_malloc(sizeof(struct sockaddr_in6));
418 *(struct sockaddr_in6 *)*sap =
419 *((struct sockaddr_in6 *)sai->ai_addr);
423 *sap = ch_malloc(sizeof(struct sockaddr_in));
428 *(struct sockaddr_in *)*sap =
429 *((struct sockaddr_in *)sai->ai_addr);
436 (*sap)->sa_family = sai->ai_family;
439 } while ((sai = sai->ai_next) != NULL);
446 if ( host == NULL ) {
447 in.s_addr = htonl(INADDR_ANY);
449 } else if ( !inet_aton( host, &in ) ) {
450 struct hostent *he = gethostbyname( host );
453 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
454 "slap_get_listener_addresses: invalid host %s\n",
457 Debug( LDAP_DEBUG_ANY,
458 "daemon: invalid host %s", host, 0, 0);
462 AC_MEMCPY( &in, he->h_addr, sizeof( in ) );
465 *sal = ch_malloc(2 * sizeof(void *));
471 *sap = ch_malloc(sizeof(struct sockaddr_in));
477 (void)memset( (void *)*sap, '\0', sizeof(struct sockaddr_in) );
478 (*sap)->sa_family = AF_INET;
479 ((struct sockaddr_in *)*sap)->sin_port = htons(port);
480 ((struct sockaddr_in *)*sap)->sin_addr = in;
487 slap_free_listener_addresses(*sal);
491 static Listener * slap_open_listener(
500 struct sockaddr **sal, **psal;
502 rc = ldap_url_parse( url, &lud );
504 if( rc != LDAP_URL_SUCCESS ) {
506 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
507 "slap_open_listener: listen URL \"%s\" parse error %d\n",
510 Debug( LDAP_DEBUG_ANY,
511 "daemon: listen URL \"%s\" parse error=%d\n",
518 if( ldap_pvt_url_scheme2tls( lud->lud_scheme ) ) {
520 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
521 "slap_open_listener: TLS is not supported (%s)\n",
524 Debug( LDAP_DEBUG_ANY,
525 "daemon: TLS not supported (%s)\n",
528 ldap_free_urldesc( lud );
532 if(! lud->lud_port ) {
533 lud->lud_port = LDAP_PORT;
537 l.sl_is_tls = ldap_pvt_url_scheme2tls( lud->lud_scheme );
539 if(! lud->lud_port ) {
540 lud->lud_port = l.sl_is_tls ? LDAPS_PORT : LDAP_PORT;
544 port = (unsigned short) lud->lud_port;
546 if ( ldap_pvt_url_scheme2proto(lud->lud_scheme) == LDAP_PROTO_IPC ) {
548 if ( lud->lud_host == NULL || lud->lud_host[0] == '\0' ) {
549 err = slap_get_listener_addresses(LDAPI_SOCK, 0, &sal);
551 err = slap_get_listener_addresses(lud->lud_host, 0, &sal);
556 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
557 "slap_open_listener: URL scheme is not supported: %s\n",
560 Debug( LDAP_DEBUG_ANY, "daemon: URL scheme not supported: %s",
563 ldap_free_urldesc( lud );
567 if( lud->lud_host == NULL || lud->lud_host[0] == '\0'
568 || strcmp(lud->lud_host, "*") == 0 )
570 err = slap_get_listener_addresses(NULL, port, &sal);
572 err = slap_get_listener_addresses(lud->lud_host, port, &sal);
576 ldap_free_urldesc( lud );
582 while ( *sal != NULL ) {
583 switch( (*sal)->sa_family ) {
596 l.sl_sd = socket( (*sal)->sa_family, SOCK_STREAM, 0);
597 if ( l.sl_sd == AC_SOCKET_INVALID ) {
598 int err = sock_errno();
600 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
601 "slap_open_listener: socket() failed errno=%d (%s)\n",
602 err, sock_errstr(err) ));
604 Debug( LDAP_DEBUG_ANY,
605 "daemon: socket() failed errno=%d (%s)\n", err,
606 sock_errstr(err), 0 );
612 if ( l.sl_sd >= dtblsize ) {
614 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
615 "slap_open_listener: listener descriptor %ld is too great %ld\n",
616 (long)l.sl_sd, (long)dtblsize ));
618 Debug( LDAP_DEBUG_ANY,
619 "daemon: listener descriptor %ld is too great %ld\n",
620 (long) l.sl_sd, (long) dtblsize, 0 );
622 tcp_close( l.sl_sd );
628 if ( (*sal)->sa_family == AF_LOCAL ) {
629 unlink ( ((struct sockaddr_un *)*sal)->sun_path );
634 /* enable address reuse */
636 rc = setsockopt( l.sl_sd, SOL_SOCKET, SO_REUSEADDR,
637 (char *) &tmp, sizeof(tmp) );
638 if ( rc == AC_SOCKET_ERROR ) {
639 int err = sock_errno();
641 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
642 "slap_open_listener: setsockopt( %ld, SO_REUSEADDR ) failed errno %d (%s)\n",
643 (long)l.sl_sd, err, sock_errstr(err) ));
645 Debug( LDAP_DEBUG_ANY,
646 "slapd(%ld): setsockopt(SO_REUSEADDR) failed errno=%d (%s)\n",
647 (long) l.sl_sd, err, sock_errstr(err) );
653 switch( (*sal)->sa_family ) {
655 addrlen = sizeof(struct sockaddr_in);
659 addrlen = sizeof(struct sockaddr_in6);
664 addrlen = sizeof(struct sockaddr_un);
669 if (!bind(l.sl_sd, *sal, addrlen))
673 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
674 "slap_open_listener: bind(%ld) failed errno=%d (%s)\n",
675 (long)l.sl_sd, err, sock_errstr(err) ));
677 Debug( LDAP_DEBUG_ANY, "daemon: bind(%ld) failed errno=%d (%s)\n",
678 (long) l.sl_sd, err, sock_errstr(err) );
680 tcp_close( l.sl_sd );
682 } /* while ( *sal != NULL ) */
684 if ( *sal == NULL ) {
686 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
687 "slap_open_listener: bind(%ld) failed.\n", (long)l.sl_sd ));
689 Debug( LDAP_DEBUG_ANY, "daemon: bind(%ld) failed\n",
690 (long) l.sl_sd, 0, 0 );
692 slap_free_listener_addresses(psal);
696 switch ( (*sal)->sa_family ) {
699 char *addr = ((struct sockaddr_un *)*sal)->sun_path;
700 if ( chmod( addr, S_IRWXU ) < 0 ) {
701 int err = sock_errno();
703 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
704 "slap_open_listener: fchmod(%ld) failed errno=%d (%s)\n",
705 (long)l.sl_sd, err, sock_errstr(err) ));
707 Debug( LDAP_DEBUG_ANY, "daemon: fchmod(%ld) failed errno=%d (%s)",
708 (long) l.sl_sd, err, sock_errstr(err) );
710 tcp_close( l.sl_sd );
711 slap_free_listener_addresses(psal);
714 l.sl_name = ch_malloc( strlen(addr) + sizeof("PATH=") );
715 sprintf( l.sl_name, "PATH=%s", addr );
717 #endif /* LDAP_PF_LOCAL */
721 #if defined( HAVE_GETADDRINFO ) && defined( HAVE_INET_NTOP )
722 char addr[INET_ADDRSTRLEN];
723 inet_ntop( AF_INET, &((struct sockaddr_in *)*sal)->sin_addr,
724 addr, sizeof(addr) );
726 port = ((struct sockaddr_in *)*sal) ->sin_port;
728 s = inet_ntoa( l.sl_addr.sin_addr );
729 port = l.sl_addr.sin_port;
731 l.sl_name = ch_malloc( sizeof("IP=255.255.255.255:65535") );
732 sprintf( l.sl_name, "IP=%s:%d",
733 s != NULL ? s : "unknown" , port );
738 char addr[INET6_ADDRSTRLEN];
739 inet_ntop( AF_INET6, &((struct sockaddr_in6 *)*sal)->sin6_addr,
741 port = ((struct sockaddr_in6 *)*sal)->sin6_port;
742 l.sl_name = ch_malloc( strlen(addr) + sizeof("IP= 65535") );
743 sprintf( l.sl_name, "IP=%s %d", addr, port );
745 #endif /* LDAP_PF_INET6 */
749 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
750 "slap_open_listener: unsupported address family (%d)\n",
751 (int)(*sal)->sa_family ));
753 Debug( LDAP_DEBUG_ANY, "daemon: unsupported address family (%d)\n",
754 (int) (*sal)->sa_family, 0, 0 );
759 slap_free_listener_addresses(psal);
761 l.sl_url = ch_strdup( url );
762 li = ch_malloc( sizeof( Listener ) );
766 LDAP_LOG(( "connection", LDAP_LEVEL_RESULTS,
767 "slap_open_listener: daemon initialzed %s\n", l.sl_url ));
769 Debug( LDAP_DEBUG_TRACE, "daemon: initialized %s\n",
775 static int sockinit(void);
776 static int sockdestroy(void);
778 int slapd_daemon_init( const char *urls )
784 LDAP_LOG(( "connection", LDAP_LEVEL_ARGS,
785 "slapd_daemon_init: %s\n",
786 urls ? urls : "<null>" ));
788 Debug( LDAP_DEBUG_ARGS, "daemon_init: %s\n",
789 urls ? urls : "<null>", 0, 0 );
791 if( (rc = sockinit()) != 0 ) {
796 dtblsize = sysconf( _SC_OPEN_MAX );
797 #elif HAVE_GETDTABLESIZE
798 dtblsize = getdtablesize();
800 dtblsize = FD_SETSIZE;
804 if(dtblsize > FD_SETSIZE) {
805 dtblsize = FD_SETSIZE;
807 #endif /* !FD_SETSIZE */
809 /* open a pipe (or something equivalent connected to itself).
810 * we write a byte on this fd whenever we catch a signal. The main
811 * loop will be select'ing on this socket, and will wake up when
814 if( (rc = lutil_pair( wake_sds )) < 0 ) {
816 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
817 "slap_daemon_init: lutil_pair() failed rc=%d\n", rc ));
819 Debug( LDAP_DEBUG_ANY,
820 "daemon: lutil_pair() failed rc=%d\n", rc, 0, 0 );
825 FD_ZERO( &slap_daemon.sd_readers );
826 FD_ZERO( &slap_daemon.sd_writers );
832 u = str2charray( urls, " " );
834 if( u == NULL || u[0] == NULL ) {
836 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
837 "slap_daemon_init: no urls (%s) provided.\n", urls ));
839 Debug( LDAP_DEBUG_ANY, "daemon_init: no urls (%s) provided.\n",
845 for( i=0; u[i] != NULL; i++ ) {
847 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1,
848 "slap_daemon_init: listen on %s\n.", u[i] ));
850 Debug( LDAP_DEBUG_TRACE, "daemon_init: listen on %s\n",
857 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
858 "slap_daemon_init: no listeners to open (%s)\n", urls ));
860 Debug( LDAP_DEBUG_ANY, "daemon_init: no listeners to open (%s)\n",
868 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
869 "slap_daemon_init: %d listeners to open...\n", i ));
871 Debug( LDAP_DEBUG_TRACE, "daemon_init: %d listeners to open...\n",
874 slap_listeners = ch_malloc( (i+1)*sizeof(Listener *) );
876 for(i = 0; u[i] != NULL; i++ ) {
877 slap_listeners[i] = slap_open_listener( u[i] );
879 if( slap_listeners[i] == NULL ) {
884 slap_listeners[i] = NULL;
887 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1,
888 "slap_daemon_init: %d listeners opened\n", i ));
890 Debug( LDAP_DEBUG_TRACE, "daemon_init: %d listeners opened\n",
895 slapd_slp_init( urls );
900 ldap_pvt_thread_mutex_init( &slap_daemon.sd_mutex );
906 slapd_daemon_destroy(void)
908 connections_destroy();
909 tcp_close( wake_sds[1] );
910 tcp_close( wake_sds[0] );
928 time_t last_idle_check = slap_get_time();
931 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
932 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
935 if ( listen( slap_listeners[l]->sl_sd, SLAPD_LISTEN ) == -1 ) {
936 int err = sock_errno();
938 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
939 "slapd_daemon_task: listen( %s, 5 ) failed errno=%d (%s)\n",
940 slap_listeners[l]->sl_url, err, sock_errstr(err) ));
942 Debug( LDAP_DEBUG_ANY,
943 "daemon: listen(%s, 5) failed errno=%d (%s)\n",
944 slap_listeners[l]->sl_url, err,
950 slapd_add( slap_listeners[l]->sl_sd );
953 #ifdef HAVE_NT_SERVICE_MANAGER
954 if ( started_event != NULL ) {
955 ldap_pvt_thread_cond_signal( &started_event );
958 /* initialization complete. Here comes the loop. */
960 while ( !slapd_shutdown ) {
965 #define SLAPD_EBADF_LIMIT 16
968 #define SLAPD_IDLE_CHECK_LIMIT 4
969 time_t now = slap_get_time();
976 #if defined(SLAPD_RLOOKUPS)
982 if( global_idletimeout > 0 && difftime(
983 last_idle_check+global_idletimeout/SLAPD_IDLE_CHECK_LIMIT,
986 connections_timeout_idle(now);
989 FD_ZERO( &writefds );
995 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
997 #ifdef FD_SET_MANUAL_COPY
998 for( s = 0; s < nfds; s++ ) {
999 if(FD_ISSET( &slap_sd_readers, s )) {
1000 FD_SET( s, &readfds );
1002 if(FD_ISSET( &slap_sd_writers, s )) {
1003 FD_SET( s, &writefds );
1007 AC_MEMCPY( &readfds, &slap_daemon.sd_readers, sizeof(fd_set) );
1008 AC_MEMCPY( &writefds, &slap_daemon.sd_writers, sizeof(fd_set) );
1010 assert(!FD_ISSET(wake_sds[0], &readfds));
1011 FD_SET( wake_sds[0], &readfds );
1013 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
1014 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
1016 if (!FD_ISSET(slap_listeners[l]->sl_sd, &readfds))
1017 FD_SET( slap_listeners[l]->sl_sd, &readfds );
1020 #ifndef HAVE_WINSOCK
1021 nfds = slap_daemon.sd_nfds;
1026 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
1028 at = ldap_pvt_thread_pool_backload(&connection_pool);
1030 #if defined( HAVE_YIELDING_SELECT ) || defined( NO_THREADS )
1033 tvp = at ? &zero : NULL;
1036 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
1037 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
1041 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1,
1042 "slapd_daemon_task: select: listen=%d active_threads=%d tvp=%s\n",
1043 slap_listeners[l]->sl_sd, at, tvp == NULL ? "NULL" : "zero" ));
1045 Debug( LDAP_DEBUG_CONNS,
1046 "daemon: select: listen=%d active_threads=%d tvp=%s\n",
1047 slap_listeners[l]->sl_sd, at,
1048 tvp == NULL ? "NULL" : "zero" );
1052 switch(ns = select( nfds, &readfds,
1054 /* don't pass empty fd_set */
1055 ( writefds.fd_count > 0 ? &writefds : NULL ),
1061 case -1: { /* failure - try again */
1062 int err = sock_errno();
1066 /* you'd think this would be EBADF */
1067 || err == WSAENOTSOCK
1070 if (++ebadf < SLAPD_EBADF_LIMIT)
1074 if( err != EINTR ) {
1076 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
1077 "slapd_daemon_task: select failed (%d): %s\n",
1078 err, sock_errstr(err) ));
1080 Debug( LDAP_DEBUG_CONNS,
1081 "daemon: select failed (%d): %s\n",
1082 err, sock_errstr(err), 0 );
1084 slapd_shutdown = -1;
1089 case 0: /* timeout - let threads run */
1092 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2,
1093 "slapd_daemon_task: select timeout - yielding\n" ));
1095 Debug( LDAP_DEBUG_CONNS, "daemon: select timeout - yielding\n",
1098 ldap_pvt_thread_yield();
1101 default: /* something happened - deal with it */
1102 if( slapd_shutdown ) continue;
1106 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2,
1107 "slapd_daemon_task: activity on %d descriptors\n", ns ));
1109 Debug( LDAP_DEBUG_CONNS, "daemon: activity on %d descriptors\n",
1115 if( FD_ISSET( wake_sds[0], &readfds ) ) {
1117 tcp_read( wake_sds[0], c, sizeof(c) );
1124 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
1126 socklen_t len = sizeof(from);
1129 char *authid = NULL;
1133 #ifdef LDAP_PF_LOCAL
1134 char peername[MAXPATHLEN + sizeof("PATH=")];
1135 #elif defined(LDAP_PF_INET6)
1136 char peername[sizeof("IP=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff 65535")];
1138 char peername[sizeof("IP=255.255.255.255:65336")];
1139 #endif /* LDAP_PF_LOCAL */
1143 if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID )
1146 if ( !FD_ISSET( slap_listeners[l]->sl_sd, &readfds ) )
1149 s = accept( slap_listeners[l]->sl_sd,
1150 (struct sockaddr *) &from, &len );
1151 if ( s == AC_SOCKET_INVALID ) {
1152 int err = sock_errno();
1154 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
1155 "slapd_daemon_task: accept(%ld) failed errno=%d (%s)\n",
1156 (long)slap_listeners[l]->sl_sd, err, sock_errstr(err) ));
1158 Debug( LDAP_DEBUG_ANY,
1159 "daemon: accept(%ld) failed errno=%d (%s)\n",
1160 (long) slap_listeners[l]->sl_sd, err,
1163 ldap_pvt_thread_yield();
1167 #ifndef HAVE_WINSOCK
1168 /* make sure descriptor number isn't too great */
1169 if ( s >= dtblsize ) {
1171 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
1172 "slapd_daemon_task: %ld beyond descriptor table size %ld\n",
1173 (long)s, (long)dtblsize ));
1175 Debug( LDAP_DEBUG_ANY,
1176 "daemon: %ld beyond descriptor table size %ld\n",
1177 (long) s, (long) dtblsize, 0 );
1180 ldap_pvt_thread_yield();
1186 ldap_pvt_thread_mutex_lock( &slap_daemon.sd_mutex );
1188 /* newly accepted stream should not be in any of the FD SETS */
1189 assert( !FD_ISSET( s, &slap_daemon.sd_actives) );
1190 assert( !FD_ISSET( s, &slap_daemon.sd_readers) );
1191 assert( !FD_ISSET( s, &slap_daemon.sd_writers) );
1193 ldap_pvt_thread_mutex_unlock( &slap_daemon.sd_mutex );
1196 #if defined( SO_KEEPALIVE ) || defined( TCP_NODELAY )
1197 #ifdef LDAP_PF_LOCAL
1198 /* for IPv4 and IPv6 sockets only */
1199 if ( from.sa_addr.sa_family != AF_LOCAL )
1200 #endif /* LDAP_PF_LOCAL */
1205 /* enable keep alives */
1207 rc = setsockopt( s, SOL_SOCKET, SO_KEEPALIVE,
1208 (char *) &tmp, sizeof(tmp) );
1209 if ( rc == AC_SOCKET_ERROR ) {
1210 int err = sock_errno();
1212 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
1213 "slapd_daemon_task: setsockopt( %ld, SO_KEEPALIVE) failed errno=%d (%s)\n",
1214 (long)s, err, sock_errstr(err) ));
1216 Debug( LDAP_DEBUG_ANY,
1217 "slapd(%ld): setsockopt(SO_KEEPALIVE) failed "
1218 "errno=%d (%s)\n", (long) s, err, sock_errstr(err) );
1223 /* enable no delay */
1225 rc = setsockopt( s, IPPROTO_TCP, TCP_NODELAY,
1226 (char *)&tmp, sizeof(tmp) );
1227 if ( rc == AC_SOCKET_ERROR ) {
1228 int err = sock_errno();
1230 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
1231 "slapd_daemon_task: setsockopt( %ld, TCP_NODELAY) failed errno=%d (%s)\n",
1232 (long)s, err, sock_errstr(err) ));
1234 Debug( LDAP_DEBUG_ANY,
1235 "slapd(%ld): setsockopt(TCP_NODELAY) failed "
1236 "errno=%d (%s)\n", (long) s, err, sock_errstr(err) );
1244 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1,
1245 "slapd_daemon_task: new connection on %ld\n", (long)s ));
1247 Debug( LDAP_DEBUG_CONNS, "daemon: new connection on %ld\n",
1250 switch ( from.sa_addr.sa_family ) {
1251 # ifdef LDAP_PF_LOCAL
1253 sprintf( peername, "PATH=%s", from.sa_un_addr.sun_path );
1254 ssf = LDAP_PVT_SASL_LOCAL_SSF;
1256 #endif /* LDAP_PF_LOCAL */
1258 # ifdef LDAP_PF_INET6
1260 if ( IN6_IS_ADDR_V4MAPPED(&from.sa_in6_addr.sin6_addr) ) {
1261 peeraddr = inet_ntoa( *((struct in_addr *)
1262 &from.sa_in6_addr.sin6_addr.s6_addr[12]) );
1263 sprintf( peername, "IP=%s:%d",
1264 peeraddr != NULL ? peeraddr : "unknown",
1265 (unsigned) ntohs( from.sa_in6_addr.sin6_port ) );
1267 char addr[INET6_ADDRSTRLEN];
1268 sprintf( peername, "IP=%s %d",
1269 inet_ntop( AF_INET6,
1270 &from.sa_in6_addr.sin6_addr,
1271 addr, sizeof addr) ? addr : "unknown",
1272 (unsigned) ntohs( from.sa_in6_addr.sin6_port ) );
1275 # endif /* LDAP_PF_INET6 */
1278 peeraddr = inet_ntoa( from.sa_in_addr.sin_addr );
1279 sprintf( peername, "IP=%s:%d",
1280 peeraddr != NULL ? peeraddr : "unknown",
1281 (unsigned) ntohs( from.sa_in_addr.sin_port ) );
1289 if ( ( from.sa_addr.sa_family == AF_INET )
1290 #ifdef LDAP_PF_INET6
1291 || ( from.sa_addr.sa_family == AF_INET6 )
1294 #ifdef SLAPD_RLOOKUPS
1295 # ifdef LDAP_PF_INET6
1296 if ( from.sa_addr.sa_family == AF_INET6 )
1298 (char *)&(from.sa_in6_addr.sin6_addr),
1299 sizeof(from.sa_in6_addr.sin6_addr),
1302 # endif /* LDAP_PF_INET6 */
1304 (char *) &(from.sa_in_addr.sin_addr),
1305 sizeof(from.sa_in_addr.sin_addr),
1307 dnsname = hp ? ldap_pvt_str2lower( hp->h_name ) : NULL;
1310 #endif /* SLAPD_RLOOKUPS */
1313 if ( !hosts_ctl("slapd",
1314 dnsname != NULL ? dnsname : STRING_UNKNOWN,
1315 peeraddr != NULL ? peeraddr : STRING_UNKNOWN,
1319 Statslog( LDAP_DEBUG_ANY,
1320 "fd=%ld host access from %s (%s) denied.\n",
1322 dnsname != NULL ? dnsname : "unknown",
1323 peeraddr != NULL ? peeraddr : "unknown",
1328 #endif /* HAVE_TCPD */
1331 id = connection_init(s,
1332 slap_listeners[l]->sl_url,
1333 dnsname != NULL ? dnsname : "unknown",
1335 slap_listeners[l]->sl_name,
1337 slap_listeners[l]->sl_is_tls,
1344 if( authid ) ch_free(authid);
1348 LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
1349 "slapd_daemon_task: connection_init(%ld, %s, %s) failed.\n",
1350 (long)s, peername, slap_listeners[l]->sl_name ));
1352 Debug( LDAP_DEBUG_ANY,
1353 "daemon: connection_init(%ld, %s, %s) failed.\n",
1356 slap_listeners[l]->sl_name );
1362 Statslog( LDAP_DEBUG_STATS,
1363 "daemon: conn=%ld fd=%ld connection from %s (%s) accepted.\n",
1366 slap_listeners[l]->sl_name,
1375 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2,
1376 "slapd_daemon_task: activity on " ));
1378 Debug( LDAP_DEBUG_CONNS, "daemon: activity on:", 0, 0, 0 );
1381 for ( i = 0; i < readfds.fd_count; i++ ) {
1383 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2,
1384 " %d%s", readfds.fd_array[i], "r", 0 ));
1386 Debug( LDAP_DEBUG_CONNS, " %d%s",
1387 readfds.fd_array[i], "r", 0 );
1390 for ( i = 0; i < writefds.fd_count; i++ ) {
1392 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2,
1393 " %d%s", writefds.fd_array[i], "w" ));
1395 Debug( LDAP_DEBUG_CONNS, " %d%s",
1396 writefds.fd_array[i], "w", 0 );
1401 for ( i = 0; i < nfds; i++ ) {
1403 int is_listener = 0;
1405 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
1406 if ( i == slap_listeners[l]->sl_sd ) {
1411 if ( is_listener ) {
1414 r = FD_ISSET( i, &readfds );
1415 w = FD_ISSET( i, &writefds );
1418 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2,
1420 r ? "r" : "", w ? "w" : "" ));
1422 Debug( LDAP_DEBUG_CONNS, " %d%s%s", i,
1423 r ? "r" : "", w ? "w" : "" );
1429 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2, "\n" ));
1431 Debug( LDAP_DEBUG_CONNS, "\n", 0, 0, 0 );
1436 /* loop through the writers */
1438 for ( i = 0; i < writefds.fd_count; i++ )
1440 for ( i = 0; i < nfds; i++ )
1444 int is_listener = 0;
1446 wd = writefds.fd_array[i];
1448 if( ! FD_ISSET( i, &writefds ) ) {
1454 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
1455 if ( i == slap_listeners[l]->sl_sd ) {
1460 if ( is_listener ) {
1464 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2,
1465 "slapd_daemon_task: write active on %d\n", wd ));
1467 Debug( LDAP_DEBUG_CONNS,
1468 "daemon: write active on %d\n",
1472 * NOTE: it is possible that the connection was closed
1473 * and that the stream is now inactive.
1474 * connection_write() must valid the stream is still
1478 if ( connection_write( wd ) < 0 ) {
1479 FD_CLR( (unsigned) wd, &readfds );
1485 for ( i = 0; i < readfds.fd_count; i++ )
1487 for ( i = 0; i < nfds; i++ )
1491 int is_listener = 0;
1494 rd = readfds.fd_array[i];
1496 if( ! FD_ISSET( i, &readfds ) ) {
1502 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
1503 if ( rd == slap_listeners[l]->sl_sd ) {
1508 if ( is_listener ) {
1513 LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL2,
1514 "slapd_daemon_task: read activity on %d\n", rd ));
1516 Debug ( LDAP_DEBUG_CONNS,
1517 "daemon: read activity on %d\n", rd, 0, 0 );
1520 * NOTE: it is possible that the connection was closed
1521 * and that the stream is now inactive.
1522 * connection_read() must valid the stream is still
1526 if ( connection_read( rd ) < 0 ) {
1530 ldap_pvt_thread_yield();
1533 if( slapd_shutdown > 0 ) {
1535 LDAP_LOG(( "connection", LDAP_LEVEL_CRIT,
1536 "slapd_daemon_task: shutdown requested and initiated.\n"));
1538 Debug( LDAP_DEBUG_TRACE,
1539 "daemon: shutdown requested and initiated.\n",
1543 } else if ( slapd_shutdown < 0 ) {
1544 #ifdef HAVE_NT_SERVICE_MANAGER
1545 if (slapd_shutdown == -1)
1548 LDAP_LOG(( "connection", LDAP_LEVEL_CRIT,
1549 "slapd_daemon_task: shutdown initiated by Service Manager.\n"));
1551 Debug( LDAP_DEBUG_TRACE,
1552 "daemon: shutdown initiated by Service Manager.\n",
1560 LDAP_LOG(( "connection", LDAP_LEVEL_CRIT,
1561 "slapd_daemon_task: abnormal condition, shutdown initiated.\n" ));
1563 Debug( LDAP_DEBUG_TRACE,
1564 "daemon: abnormal condition, shutdown initiated.\n",
1570 LDAP_LOG(( "connection", LDAP_LEVEL_CRIT,
1571 "slapd_daemon_task: no active streams, shutdown initiated.\n" ));
1573 Debug( LDAP_DEBUG_TRACE,
1574 "daemon: no active streams, shutdown initiated.\n",
1579 for ( l = 0; slap_listeners[l] != NULL; l++ ) {
1580 if ( slap_listeners[l]->sl_sd != AC_SOCKET_INVALID ) {
1581 #ifdef LDAP_PF_LOCAL
1582 if ( slap_listeners[l]->sl_sa.sa_addr.sa_family == AF_LOCAL ) {
1583 unlink( slap_listeners[l]->sl_sa.sa_un_addr.sun_path );
1585 #endif /* LDAP_PF_LOCAL */
1586 slapd_close( slap_listeners[l]->sl_sd );
1592 LDAP_LOG(( "connection", LDAP_LEVEL_CRIT,
1593 "slapd_daemon_task: shutdown waiting for %d threads to terminate.\n",
1594 ldap_pvt_thread_pool_backload(&connection_pool) ));
1596 Debug( LDAP_DEBUG_ANY,
1597 "slapd shutdown: waiting for %d threads to terminate\n",
1598 ldap_pvt_thread_pool_backload(&connection_pool), 0, 0 );
1600 ldap_pvt_thread_pool_destroy(&connection_pool, 1);
1606 int slapd_daemon( void )
1612 #define SLAPD_LISTENER_THREAD 1
1613 #if defined( SLAPD_LISTENER_THREAD )
1615 ldap_pvt_thread_t listener_tid;
1617 /* listener as a separate THREAD */
1618 rc = ldap_pvt_thread_create( &listener_tid,
1619 0, slapd_daemon_task, NULL );
1623 LDAP_LOG(( "connection", LDAP_LEVEL_ERR,
1624 "slapd_daemon: listener ldap_pvt_thread_create failed (%d).\n", rc ));
1626 Debug( LDAP_DEBUG_ANY,
1627 "listener ldap_pvt_thread_create failed (%d)\n", rc, 0, 0 );
1632 /* wait for the listener thread to complete */
1633 ldap_pvt_thread_join( listener_tid, (void *) NULL );
1636 /* experimental code */
1637 slapd_daemon_task( NULL );
1646 #if defined( HAVE_WINSOCK2 )
1647 WORD wVersionRequested;
1651 wVersionRequested = MAKEWORD( 2, 0 );
1653 err = WSAStartup( wVersionRequested, &wsaData );
1655 /* Tell the user that we couldn't find a usable */
1660 /* Confirm that the WinSock DLL supports 2.0.*/
1661 /* Note that if the DLL supports versions greater */
1662 /* than 2.0 in addition to 2.0, it will still return */
1663 /* 2.0 in wVersion since that is the version we */
1666 if ( LOBYTE( wsaData.wVersion ) != 2 ||
1667 HIBYTE( wsaData.wVersion ) != 0 )
1669 /* Tell the user that we couldn't find a usable */
1675 /* The WinSock DLL is acceptable. Proceed. */
1676 #elif defined( HAVE_WINSOCK )
1678 if ( WSAStartup( 0x0101, &wsaData ) != 0 ) {
1685 int sockdestroy(void)
1687 #if defined( HAVE_WINSOCK2 ) || defined( HAVE_WINSOCK )
1694 slap_sig_shutdown( int sig )
1697 LDAP_LOG(( "connection", LDAP_LEVEL_CRIT,
1698 "slap_sig_shutdown: signal %d\n", sig ));
1700 Debug(LDAP_DEBUG_TRACE, "slap_sig_shutdown: signal %d\n", sig, 0, 0);
1704 * If the NT Service Manager is controlling the server, we don't
1705 * want SIGBREAK to kill the server. For some strange reason,
1706 * SIGBREAK is generated when a user logs out.
1709 #if HAVE_NT_SERVICE_MANAGER && SIGBREAK
1710 if (is_NT_Service && sig == SIGBREAK)
1712 LDAP_LOG(( "connection", LDAP_LEVEL_CRIT,
1713 "slap_sig_shutdown: SIGBREAK ignored.\n" ));
1715 Debug(LDAP_DEBUG_TRACE, "slap_sig_shutdown: SIGBREAK ignored.\n",
1720 slapd_shutdown = sig;
1724 /* reinstall self */
1725 (void) SIGNAL_REINSTALL( sig, slap_sig_shutdown );
1729 slap_sig_wake( int sig )
1733 /* reinstall self */
1734 (void) SIGNAL_REINSTALL( sig, slap_sig_wake );
1738 void slapd_add_internal(ber_socket_t s) {
projects / openldap / blob