2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1998-2005 The OpenLDAP Foundation.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted only as authorized by the OpenLDAP
11 * A copy of this license is available in the file LICENSE in the
12 * top-level directory of the distribution or, alternatively, at
13 * <http://www.OpenLDAP.org/license.html>.
15 /* Portions Copyright (c) 1995 Regents of the University of Michigan.
16 * All rights reserved.
18 * Redistribution and use in source and binary forms are permitted
19 * provided that this notice is preserved and that due credit is given
20 * to the University of Michigan at Ann Arbor. The name of the University
21 * may not be used to endorse or promote products derived from this
22 * software without specific prior written permission. This software
23 * is provided ``as is'' without express or implied warranty.
31 #include <ac/socket.h>
32 #include <ac/string.h>
34 #include <ac/unistd.h>
43 #include "slapi/slapi.h"
47 static RETSIGTYPE wait4child( int sig );
50 #ifdef HAVE_NT_SERVICE_MANAGER
51 #define MAIN_RETURN(x) return
52 static struct sockaddr_in bind_addr;
54 #define SERVICE_EXIT( e, n ) do { \
55 if ( is_NT_Service ) { \
56 lutil_ServiceStatus.dwWin32ExitCode = (e); \
57 lutil_ServiceStatus.dwServiceSpecificExitCode = (n); \
62 #define SERVICE_EXIT( e, n )
63 #define MAIN_RETURN(x) return(x)
66 typedef int (MainFunc) LDAP_P(( int argc, char *argv[] ));
67 extern MainFunc slapadd, slapcat, slapdn, slapindex, slappasswd,
68 slaptest, slapauth, slapacl;
77 {"slapindex", slapindex},
78 {"slappasswd", slappasswd},
79 {"slaptest", slaptest},
80 {"slapauth", slapauth},
82 /* NOTE: new tools must be added in chronological order,
83 * not in alphabetical order, because for backwards
84 * compatibility name[4] is used to identify the
85 * tools; so name[4]=='a' must refer to "slapadd" and
86 * not to "slapauth". Alphabetical order can be used
87 * for tools whose name[4] is not used yet */
92 * when more than one slapd is running on one machine, each one might have
93 * it's own LOCAL for syslogging and must have its own pid/args files
96 #ifndef HAVE_MKVERSION
97 const char Versionstr[] =
98 OPENLDAP_PACKAGE " " OPENLDAP_VERSION " Standalone LDAP Server (slapd)";
102 #define DEFAULT_SYSLOG_USER LOG_LOCAL4
104 typedef struct _str2intDispatch {
108 } STRDISP, *STRDISP_P;
110 /* table to compute syslog-options to integer */
111 static STRDISP syslog_types[] = {
112 { "LOCAL0", sizeof("LOCAL0"), LOG_LOCAL0 },
113 { "LOCAL1", sizeof("LOCAL1"), LOG_LOCAL1 },
114 { "LOCAL2", sizeof("LOCAL2"), LOG_LOCAL2 },
115 { "LOCAL3", sizeof("LOCAL3"), LOG_LOCAL3 },
116 { "LOCAL4", sizeof("LOCAL4"), LOG_LOCAL4 },
117 { "LOCAL5", sizeof("LOCAL5"), LOG_LOCAL5 },
118 { "LOCAL6", sizeof("LOCAL6"), LOG_LOCAL6 },
119 { "LOCAL7", sizeof("LOCAL7"), LOG_LOCAL7 },
121 { "USER", sizeof("USER"), LOG_USER },
124 { "DAEMON", sizeof("DAEMON"), LOG_DAEMON },
129 static int cnvt_str2int( char *, STRDISP_P, int );
130 #endif /* LOG_LOCAL4 */
132 #define CHECK_NONE 0x00
133 #define CHECK_CONFIG 0x01
134 static int check = CHECK_NONE;
135 static int version = 0;
140 slapd_opt_slp( const char *val, void *arg )
143 /* NULL is default */
144 if ( val == NULL || strcasecmp( val, "on" ) == 0 ) {
145 slapd_register_slp = 1;
147 } else if ( strcasecmp( val, "off" ) == 0 ) {
148 slapd_register_slp = 0;
150 /* NOTE: add support for URL specification? */
153 fprintf(stderr, "unrecognized value \"%s\" for SLP option\n", val );
160 fputs( "slapd: SLP support is not available\n", stderr );
166 * Option helper structure:
168 * oh_nam is left-hand part of <option>[=<value>]
169 * oh_fnc is handler function
170 * oh_arg is an optional arg to oh_fnc
171 * oh_usage is the one-line usage string related to the option,
172 * which is assumed to start with <option>[=<value>]
174 * please leave valid options in the structure, and optionally #ifdef
175 * their processing inside the helper, so that reasonable and helpful
176 * error messages can be generated if a disabled option is requested.
178 struct option_helper {
179 struct berval oh_name;
180 int (*oh_fnc)(const char *val, void *arg);
182 const char *oh_usage;
183 } option_helpers[] = {
184 { BER_BVC("slp"), slapd_opt_slp, NULL, "slp[={on|off}] enable/disable SLP" },
185 { BER_BVNULL, 0, NULL, NULL }
191 parse_syslog_level( const char *arg )
193 if ( !isdigit( arg[ 0 ] ) ) {
194 slap_verbmasks str2syslog_level[] = {
195 { BER_BVC( "EMERG" ), LOG_EMERG },
196 { BER_BVC( "ALERT" ), LOG_ALERT },
197 { BER_BVC( "CRIT" ), LOG_CRIT },
198 { BER_BVC( "ERR" ), LOG_ERR },
199 { BER_BVC( "WARNING" ), LOG_WARNING },
200 { BER_BVC( "NOTICE" ), LOG_NOTICE },
201 { BER_BVC( "INFO" ), LOG_INFO },
202 { BER_BVC( "DEBUG" ), LOG_DEBUG },
205 int i = verb_to_mask( arg, str2syslog_level );
206 if ( BER_BVISNULL( &str2syslog_level[ i ].word ) ) {
207 Debug( LDAP_DEBUG_ANY,
208 "unknown syslog level \"%s\".\n",
213 ldap_syslog_level = str2syslog_level[ i ].mask;
215 } else if ( lutil_atoi( &ldap_syslog_level, arg ) != 0 ) {
216 Debug( LDAP_DEBUG_ANY,
217 "unable to parse syslog level \"%s\".\n",
227 parse_debug_level( const char *arg, int *levelp )
231 if ( arg != NULL && arg[ 0 ] != '-' && !isdigit( arg[ 0 ] ) )
236 levels = ldap_str2charray( arg, "," );
238 for ( i = 0; levels[ i ] != NULL; i++ ) {
241 if ( str2loglevel( levels[ i ], &level ) ) {
243 "unrecognized log level "
244 "\"%s\"\n", levels[ i ] );
246 /* but keep parsing... */
253 ldap_charray_free( levels );
260 if ( lutil_atoix( &level, arg, 0 ) != 0 ) {
262 "unrecognized log level "
277 "usage: %s options\n", name );
279 "\t-4\t\tIPv4 only\n"
280 "\t-6\t\tIPv6 only\n"
281 "\t-T {acl|add|auth|cat|dn|index|passwd|test}\n"
282 "\t\t\tRun in Tool mode\n"
283 "\t-c cookie\tSync cookie of consumer\n"
284 "\t-d level\tDebug level" "\n"
285 "\t-f filename\tConfiguration file\n"
286 "\t-F dir\tConfiguration directory\n"
287 #if defined(HAVE_SETUID) && defined(HAVE_SETGID)
288 "\t-g group\tGroup (id or name) to run as\n"
290 "\t-h URLs\t\tList of URLs to serve\n"
292 "\t-l facility\tSyslog facility (default: LOCAL4)\n"
294 "\t-n serverName\tService name\n"
295 "\t-o <opt>[=val] generic means to specify options" );
296 if ( !BER_BVISNULL( &option_helpers[0].oh_name ) ) {
299 fprintf( stderr, "; supported options:\n" );
300 for ( i = 0; !BER_BVISNULL( &option_helpers[i].oh_name ); i++) {
301 fprintf( stderr, "\t\t%s\n", option_helpers[i].oh_usage );
304 fprintf( stderr, "\n" );
308 "\t-r directory\tSandbox directory to chroot to\n"
310 "\t-s level\tSyslog level\n"
311 #if defined(HAVE_SETUID) && defined(HAVE_SETGID)
312 "\t-u user\t\tUser (id or name) to run as\n"
314 "\t-V\t\tprint version info (-VV only)\n"
318 #ifdef HAVE_NT_SERVICE_MANAGER
319 void WINAPI ServiceMain( DWORD argc, LPTSTR *argv )
321 int main( int argc, char **argv )
324 int i, no_detach = 0;
327 #if defined(HAVE_SETUID) && defined(HAVE_SETGID)
328 char *username = NULL;
329 char *groupname = NULL;
331 #if defined(HAVE_CHROOT)
332 char *sandbox = NULL;
335 int syslogUser = DEFAULT_SYSLOG_USER;
339 char **g_argv = argv;
341 char *configfile = NULL;
342 char *configdir = NULL;
344 int serverMode = SLAP_SERVER_MODE;
346 struct sync_cookie *scp = NULL;
347 struct sync_cookie *scp_entry = NULL;
349 char *serverNamePrefix = "";
352 int slapd_pid_file_unlink = 0, slapd_args_file_unlink = 0;
356 if( ( leakfile = fopen( "slapd.leak", "w" )) == NULL ) {
363 (void) ldap_pvt_thread_initialize();
365 serverName = lutil_progname( "slapd", argc, argv );
367 if ( strcmp( serverName, "slapd" ) ) {
368 for (i=0; tools[i].name; i++) {
369 if ( !strcmp( serverName, tools[i].name ) ) {
370 rc = tools[i].func(argc, argv);
376 #ifdef HAVE_NT_SERVICE_MANAGER
382 char *regService = NULL;
384 if ( is_NT_Service ) {
385 lutil_CommenceStartupProcessing( serverName, slap_sig_shutdown );
386 if ( strcmp(serverName, SERVICE_NAME) )
387 regService = serverName;
390 i = (int*)lutil_getRegParam( regService, "DebugLevel" );
393 Debug( LDAP_DEBUG_ANY,
394 "new debug level from registry is: %d\n", slap_debug, 0, 0 );
397 newUrls = (char *) lutil_getRegParam(regService, "Urls");
402 urls = ch_strdup(newUrls);
403 Debug(LDAP_DEBUG_ANY, "new urls from registry: %s\n",
407 newConfigFile = (char*)lutil_getRegParam( regService, "ConfigFile" );
408 if ( newConfigFile != NULL ) {
409 configfile = newConfigFile;
410 Debug ( LDAP_DEBUG_ANY, "new config file from registry is: %s\n", configfile, 0, 0 );
413 newConfigDir = (char*)lutil_getRegParam( regService, "ConfigDir" );
414 if ( newConfigDir != NULL ) {
415 configdir = newConfigDir;
416 Debug ( LDAP_DEBUG_ANY, "new config dir from registry is: %s\n", configdir, 0, 0 );
421 while ( (i = getopt( argc, argv,
422 "c:d:f:F:h:n:o:s:tT:V"
432 #if defined(HAVE_SETUID) && defined(HAVE_SETGID)
439 slap_inet4or6 = AF_INET;
442 slap_inet4or6 = AF_INET6;
446 case 'h': /* listen URLs */
447 if ( urls != NULL ) free( urls );
448 urls = ch_strdup( optarg );
451 case 'c': /* provide sync cookie, override if exist in replica */
452 scp = (struct sync_cookie *) ch_calloc( 1,
453 sizeof( struct sync_cookie ));
454 ber_str2bv( optarg, 0, 1, &scp->octet_str );
456 /* This only parses out the rid at this point */
457 slap_parse_sync_cookie( scp, NULL );
459 if ( scp->rid == -1 ) {
460 Debug( LDAP_DEBUG_ANY,
461 "main: invalid cookie \"%s\"\n",
463 slap_sync_cookie_free( scp, 1 );
467 LDAP_STAILQ_FOREACH( scp_entry, &slap_sync_cookie, sc_next ) {
468 if ( scp->rid == scp_entry->rid ) {
469 Debug( LDAP_DEBUG_ANY,
470 "main: duplicated replica id in cookies\n",
472 slap_sync_cookie_free( scp, 1 );
476 LDAP_STAILQ_INSERT_TAIL( &slap_sync_cookie, scp, sc_next );
479 case 'd': { /* set debug level and 'do not detach' flag */
483 if ( parse_debug_level( optarg, &level ) ) {
490 fputs( "must compile with LDAP_DEBUG for debugging\n",
495 case 'f': /* read config file */
496 configfile = ch_strdup( optarg );
499 case 'F': /* use config dir */
500 configdir = ch_strdup( optarg );
504 char *val = strchr( optarg, '=' );
511 opt.bv_len = ( val - optarg );
515 opt.bv_len = strlen( optarg );
518 for ( i = 0; !BER_BVISNULL( &option_helpers[i].oh_name ); i++ ) {
519 if ( ber_bvstrcasecmp( &option_helpers[i].oh_name, &opt ) == 0 ) {
520 assert( option_helpers[i].oh_fnc != NULL );
521 if ( (*option_helpers[i].oh_fnc)( val, option_helpers[i].oh_arg ) == -1 ) {
522 /* we assume the option parsing helper
523 * issues appropriate and self-explanatory
524 * error messages... */
531 if ( BER_BVISNULL( &option_helpers[i].oh_name ) ) {
532 goto unhandled_option;
537 case 's': /* set syslog level */
538 if ( parse_debug_level( optarg, &ldap_syslog ) ) {
544 case 'l': /* set syslog local user */
545 syslogUser = cnvt_str2int( optarg,
546 syslog_types, DEFAULT_SYSLOG_USER );
552 if( sandbox ) free(sandbox);
553 sandbox = ch_strdup( optarg );
557 #if defined(HAVE_SETUID) && defined(HAVE_SETGID)
558 case 'u': /* user name */
559 if( username ) free(username);
560 username = ch_strdup( optarg );
563 case 'g': /* group name */
564 if( groupname ) free(groupname);
565 groupname = ch_strdup( optarg );
567 #endif /* SETUID && GETUID */
569 case 'n': /* NT service name */
570 serverName = ch_strdup( optarg );
574 /* deprecated; use slaptest instead */
575 fprintf( stderr, "option -t deprecated; "
576 "use slaptest command instead\n" );
577 check |= CHECK_CONFIG;
585 /* try full option string first */
586 for ( i = 0; tools[i].name; i++ ) {
587 if ( strcmp( optarg, &tools[i].name[4] ) == 0 ) {
588 rc = tools[i].func( argc, argv );
593 /* try bits of option string (backward compatibility for single char) */
594 l = strlen( optarg );
595 for ( i = 0; tools[i].name; i++ ) {
596 if ( strncmp( optarg, &tools[i].name[4], l ) == 0 ) {
597 rc = tools[i].func( argc, argv );
604 serverNamePrefix = "slap";
605 fprintf( stderr, "program name \"%s%s\" unrecognized; "
606 "aborting...\n", serverNamePrefix, serverName );
612 SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 15 );
617 ber_set_option(NULL, LBER_OPT_DEBUG_LEVEL, &slap_debug);
618 ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, &slap_debug);
619 ldif_debug = slap_debug;
622 fprintf( stderr, "%s\n", Versionstr );
623 if ( version > 1 ) goto stop;
629 logName = ch_strdup( serverName );
632 logName = serverName;
636 openlog( logName, OPENLOG_OPTIONS, syslogUser );
638 openlog( logName, OPENLOG_OPTIONS );
645 Debug( LDAP_DEBUG_ANY, "%s", Versionstr, 0, 0 );
647 if( check == CHECK_NONE && slapd_daemon_init( urls ) != 0 ) {
649 SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 16 );
653 #if defined(HAVE_CHROOT)
655 if ( chdir( sandbox ) ) {
660 if ( chroot( sandbox ) ) {
668 #if defined(HAVE_SETUID) && defined(HAVE_SETGID)
669 if ( username != NULL || groupname != NULL ) {
670 slap_init_user( username, groupname );
678 rc = slap_init( serverMode, serverName );
680 SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 18 );
684 if ( read_config( configfile, configdir ) != 0 ) {
686 SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 19 );
688 if ( check & CHECK_CONFIG ) {
689 fprintf( stderr, "config check failed\n" );
695 if ( check & CHECK_CONFIG ) {
696 fprintf( stderr, "config check succeeded\n" );
698 check &= ~CHECK_CONFIG;
699 if ( check == CHECK_NONE ) {
705 if ( glue_sub_attach( ) != 0 ) {
706 Debug( LDAP_DEBUG_ANY,
707 "subordinate config error\n",
713 if ( slap_schema_check( ) != 0 ) {
714 Debug( LDAP_DEBUG_ANY,
715 "schema prep error\n",
722 rc = ldap_pvt_tls_init();
724 Debug( LDAP_DEBUG_ANY,
725 "main: TLS init failed: %d\n",
728 SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 20 );
733 void *def_ctx = NULL;
735 /* Save existing default ctx, if any */
736 ldap_pvt_tls_get_option( NULL, LDAP_OPT_X_TLS_CTX, &def_ctx );
738 /* Force new ctx to be created */
739 ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_CTX, NULL );
741 rc = ldap_pvt_tls_init_def_ctx( 1 );
743 ldap_pvt_tls_get_option( NULL, LDAP_OPT_X_TLS_CTX, &slap_tls_ctx );
744 /* Restore previous ctx */
745 ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_CTX, def_ctx );
746 load_extop( &slap_EXOP_START_TLS, 0, starttls_extop );
747 } else if ( rc != LDAP_NOT_SUPPORTED ) {
748 Debug( LDAP_DEBUG_ANY,
749 "main: TLS init def ctx failed: %d\n",
752 SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 20 );
758 (void) SIGNAL( LDAP_SIGUSR1, slap_sig_wake );
759 (void) SIGNAL( LDAP_SIGUSR2, slap_sig_shutdown );
762 (void) SIGNAL( SIGPIPE, SIG_IGN );
765 (void) SIGNAL( SIGHUP, slap_sig_shutdown );
767 (void) SIGNAL( SIGINT, slap_sig_shutdown );
768 (void) SIGNAL( SIGTERM, slap_sig_shutdown );
770 (void) SIGNAL( SIGTRAP, slap_sig_shutdown );
773 (void) SIGNAL( LDAP_SIGCHLD, wait4child );
776 /* SIGBREAK is generated when Ctrl-Break is pressed. */
777 (void) SIGNAL( SIGBREAK, slap_sig_shutdown );
781 lutil_detach( no_detach, 0 );
782 #endif /* HAVE_WINSOCK */
788 if ( slapd_pid_file != NULL ) {
789 FILE *fp = fopen( slapd_pid_file, "w" );
792 int save_errno = errno;
794 Debug( LDAP_DEBUG_ANY, "unable to open pid file "
797 save_errno, strerror( save_errno ) );
799 free( slapd_pid_file );
800 slapd_pid_file = NULL;
805 fprintf( fp, "%d\n", (int) getpid() );
807 slapd_pid_file_unlink = 1;
810 if ( slapd_args_file != NULL ) {
811 FILE *fp = fopen( slapd_args_file, "w" );
814 int save_errno = errno;
816 Debug( LDAP_DEBUG_ANY, "unable to open args file "
819 save_errno, strerror( save_errno ) );
821 free( slapd_args_file );
822 slapd_args_file = NULL;
828 for ( i = 0; i < g_argc; i++ ) {
829 fprintf( fp, "%s ", g_argv[i] );
833 slapd_args_file_unlink = 1;
837 * FIXME: moved here from slapd_daemon_task()
838 * because back-monitor db_open() needs it
842 if ( slap_startup( NULL ) != 0 ) {
844 SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 21 );
848 Debug( LDAP_DEBUG_ANY, "slapd starting\n", 0, 0, 0 );
850 #ifdef HAVE_NT_EVENT_LOG
852 lutil_LogStartedEvent( serverName, slap_debug, configfile ?
853 configfile : SLAPD_DEFAULT_CONFIGFILE , urls );
858 #ifdef HAVE_NT_SERVICE_MANAGER
859 /* Throw away the event that we used during the startup process. */
861 ldap_pvt_thread_cond_destroy( &started_event );
865 /* remember an error during shutdown */
866 rc |= slap_shutdown( NULL );
869 /* remember an error during destroy */
870 rc |= slap_destroy();
872 while ( !LDAP_STAILQ_EMPTY( &slap_sync_cookie )) {
873 scp = LDAP_STAILQ_FIRST( &slap_sync_cookie );
874 LDAP_STAILQ_REMOVE_HEAD( &slap_sync_cookie, sc_next );
886 supported_feature_destroy();
889 #ifdef HAVE_NT_EVENT_LOG
891 lutil_LogStoppedEvent( serverName );
894 Debug( LDAP_DEBUG_ANY, "slapd stopped.\n", 0, 0, 0 );
897 #ifdef HAVE_NT_SERVICE_MANAGER
898 lutil_ReportShutdownComplete();
904 slapd_daemon_destroy();
910 lutil_passwd_destroy();
913 ldap_pvt_tls_destroy();
916 if ( slapd_pid_file_unlink ) {
917 unlink( slapd_pid_file );
919 if ( slapd_args_file_unlink ) {
920 unlink( slapd_args_file );
926 ch_free( configfile );
928 ch_free( configdir );
933 mal_dumpleaktrace( leakfile );
943 * Catch and discard terminated child processes, to avoid zombies.
947 wait4child( int sig )
949 int save_errno = errno;
954 while ( waitpid( (pid_t)-1, NULL, WNOHANG ) > 0 || errno == EINTR )
957 while ( wait3( NULL, WNOHANG, NULL ) > 0 || errno == EINTR )
963 (void) SIGNAL_REINSTALL( sig, wait4child );
967 #endif /* LDAP_SIGCHLD */
973 * Convert a string to an integer by means of a dispatcher table
974 * if the string is not in the table return the default
978 cnvt_str2int( char *stringVal, STRDISP_P dispatcher, int defaultVal )
980 int retVal = defaultVal;
983 for (disp = dispatcher; disp->stringVal; disp++) {
985 if (!strncasecmp (stringVal, disp->stringVal, disp->abbr)) {
987 retVal = disp->intVal;
996 #endif /* LOG_LOCAL4 */