2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1998-2004 The OpenLDAP Foundation.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted only as authorized by the OpenLDAP
11 * A copy of this license is available in the file LICENSE in the
12 * top-level directory of the distribution or, alternatively, at
13 * <http://www.OpenLDAP.org/license.html>.
15 /* Portions Copyright (c) 1995 Regents of the University of Michigan.
16 * All rights reserved.
18 * Redistribution and use in source and binary forms are permitted
19 * provided that this notice is preserved and that due credit is given
20 * to the University of Michigan at Ann Arbor. The name of the University
21 * may not be used to endorse or promote products derived from this
22 * software without specific prior written permission. This software
23 * is provided ``as is'' without express or implied warranty.
30 #include <ac/socket.h>
31 #include <ac/string.h>
33 #include <ac/unistd.h>
44 #include "slapi/slapi.h"
48 static RETSIGTYPE wait4child( int sig );
51 #ifdef HAVE_NT_SERVICE_MANAGER
52 #define MAIN_RETURN(x) return
53 static struct sockaddr_in bind_addr;
55 #define SERVICE_EXIT( e, n ) do { \
56 if ( is_NT_Service ) { \
57 lutil_ServiceStatus.dwWin32ExitCode = (e); \
58 lutil_ServiceStatus.dwServiceSpecificExitCode = (n); \
63 #define SERVICE_EXIT( e, n )
64 #define MAIN_RETURN(x) return(x)
67 typedef int (MainFunc) LDAP_P(( int argc, char *argv[] ));
68 extern MainFunc slapadd, slapcat, slapdn, slapindex, slappasswd, slaptest;
77 {"slapindex", slapindex},
78 {"slappasswd", slappasswd},
79 {"slaptest", slaptest},
84 * when more than one slapd is running on one machine, each one might have
85 * it's own LOCAL for syslogging and must have its own pid/args files
88 #ifndef HAVE_MKVERSION
89 const char Versionstr[] =
90 OPENLDAP_PACKAGE " " OPENLDAP_VERSION " Standalone LDAP Server (slapd)";
95 #define DEFAULT_SYSLOG_USER LOG_LOCAL4
97 typedef struct _str2intDispatch {
101 } STRDISP, *STRDISP_P;
104 /* table to compute syslog-options to integer */
105 static STRDISP syslog_types[] = {
106 { "LOCAL0", sizeof("LOCAL0"), LOG_LOCAL0 },
107 { "LOCAL1", sizeof("LOCAL1"), LOG_LOCAL1 },
108 { "LOCAL2", sizeof("LOCAL2"), LOG_LOCAL2 },
109 { "LOCAL3", sizeof("LOCAL3"), LOG_LOCAL3 },
110 { "LOCAL4", sizeof("LOCAL4"), LOG_LOCAL4 },
111 { "LOCAL5", sizeof("LOCAL5"), LOG_LOCAL5 },
112 { "LOCAL6", sizeof("LOCAL6"), LOG_LOCAL6 },
113 { "LOCAL7", sizeof("LOCAL7"), LOG_LOCAL7 },
117 static int cnvt_str2int( char *, STRDISP_P, int );
119 #endif /* LOG_LOCAL4 */
121 #define CHECK_NONE 0x00
122 #define CHECK_CONFIG 0x01
123 #define CHECK_DN 0x02
124 static int check = CHECK_NONE;
125 static struct berval check_dn = BER_BVC("");
126 static int version = 0;
132 "usage: %s options\n", name );
134 "\t-4\t\tIPv4 only\n"
135 "\t-6\t\tIPv6 only\n"
136 "\t-T (a|c|i|p)\tRun in Tool mode\n"
137 "\t-c cookie\tSync cookie of consumer\n"
138 "\t-d level\tDebug level" "\n"
139 "\t-f filename\tConfiguration file\n"
140 #if defined(HAVE_SETUID) && defined(HAVE_SETGID)
141 "\t-g group\tGroup (id or name) to run as\n"
143 "\t-h URLs\t\tList of URLs to serve\n"
145 "\t-l facility\tSyslog facility (default: LOCAL4)\n"
147 "\t-n serverName\tService name\n"
149 "\t-r directory\tSandbox directory to chroot to\n"
151 "\t-s level\tSyslog level\n"
152 "\t-t\t\tCheck configuration file and exit\n"
153 "\t-D dn\tCheck dn and exit\n"
154 #if defined(HAVE_SETUID) && defined(HAVE_SETGID)
155 "\t-u user\t\tUser (id or name) to run as\n"
156 "\t-V\t\tprint version info (-VV only)\n"
161 #ifdef HAVE_NT_SERVICE_MANAGER
162 void WINAPI ServiceMain( DWORD argc, LPTSTR *argv )
164 int main( int argc, char **argv )
167 int i, no_detach = 0;
170 #if defined(HAVE_SETUID) && defined(HAVE_SETGID)
171 char *username = NULL;
172 char *groupname = NULL;
174 #if defined(HAVE_CHROOT)
175 char *sandbox = NULL;
178 int syslogUser = DEFAULT_SYSLOG_USER;
182 char **g_argv = argv;
184 #ifdef HAVE_NT_SERVICE_MANAGER
185 char *configfile = ".\\slapd.conf";
187 char *configfile = SLAPD_DEFAULT_CONFIGFILE;
190 int serverMode = SLAP_SERVER_MODE;
192 struct berval cookie = { 0, NULL };
193 struct sync_cookie *scp = NULL;
194 struct sync_cookie *scp_entry = NULL;
198 if( ( leakfile = fopen( "slapd.leak", "w" )) == NULL ) {
205 serverName = lutil_progname( "slapd", argc, argv );
207 if ( strcmp( serverName, "slapd" ) ) {
208 for (i=0; tools[i].name; i++) {
209 if ( !strcmp( serverName, tools[i].name ) ) {
210 rc = tools[i].func(argc, argv);
216 #ifdef HAVE_NT_SERVICE_MANAGER
221 char *regService = NULL;
223 if ( is_NT_Service ) {
224 lutil_CommenceStartupProcessing( serverName, slap_sig_shutdown );
225 if ( strcmp(serverName, SERVICE_NAME) )
226 regService = serverName;
229 i = (int*)lutil_getRegParam( regService, "DebugLevel" );
234 lutil_log_initialize( argc, argv );
235 LDAP_LOG( SLAPD, INFO,
236 "main: new debug level from registry is: %d\n",
239 Debug( LDAP_DEBUG_ANY, "new debug level from registry is: %d\n", slap_debug, 0, 0 );
243 newUrls = (char *) lutil_getRegParam(regService, "Urls");
249 urls = ch_strdup(newUrls);
251 LDAP_LOG( SLAPD, INFO,
252 "main: new urls from registry: %s\n", urls, 0, 0 );
254 Debug(LDAP_DEBUG_ANY, "new urls from registry: %s\n",
260 newConfigFile = (char*)lutil_getRegParam( regService, "ConfigFile" );
261 if ( newConfigFile != NULL )
263 configfile = newConfigFile;
265 LDAP_LOG( SLAPD, INFO,
266 "main: new config file from registry is: %s\n", configfile, 0, 0 );
268 Debug ( LDAP_DEBUG_ANY, "new config file from registry is: %s\n", configfile, 0, 0 );
275 while ( (i = getopt( argc, argv,
286 #if defined(HAVE_SETUID) && defined(HAVE_SETGID)
293 slap_inet4or6 = AF_INET;
296 slap_inet4or6 = AF_INET6;
300 case 'h': /* listen URLs */
301 if ( urls != NULL ) free( urls );
302 urls = ch_strdup( optarg );
305 case 'c': /* provide sync cookie, override if exist in replica */
306 scp = (struct sync_cookie *) ch_calloc( 1,
307 sizeof( struct sync_cookie ));
308 ber_str2bv( optarg, strlen( optarg ), 1, &cookie );
309 ber_bvarray_add( &scp->octet_str, &cookie );
310 slap_parse_sync_cookie( scp );
312 LDAP_STAILQ_FOREACH( scp_entry, &slap_sync_cookie, sc_next ) {
313 if ( scp->rid == scp_entry->rid ) {
315 LDAP_LOG( OPERATION, CRIT,
316 "main: duplicated replica id in cookies\n",
319 Debug( LDAP_DEBUG_ANY,
320 "main: duplicated replica id in cookies\n",
323 slap_sync_cookie_free( scp, 1 );
327 LDAP_STAILQ_INSERT_TAIL( &slap_sync_cookie, scp, sc_next );
330 case 'd': /* set debug level and 'do not detach' flag */
333 slap_debug |= atoi( optarg );
335 if ( atoi( optarg ) != 0 )
336 fputs( "must compile with LDAP_DEBUG for debugging\n",
341 case 'f': /* read config file */
342 configfile = ch_strdup( optarg );
345 case 's': /* set syslog level */
346 ldap_syslog = atoi( optarg );
350 case 'l': /* set syslog local user */
351 syslogUser = cnvt_str2int( optarg,
352 syslog_types, DEFAULT_SYSLOG_USER );
358 if( sandbox ) free(sandbox);
359 sandbox = ch_strdup( optarg );
363 #if defined(HAVE_SETUID) && defined(HAVE_SETGID)
364 case 'u': /* user name */
365 if( username ) free(username);
366 username = ch_strdup( optarg );
369 case 'g': /* group name */
370 if( groupname ) free(groupname);
371 groupname = ch_strdup( optarg );
373 #endif /* SETUID && GETUID */
375 case 'n': /* NT service name */
376 serverName = ch_strdup( optarg );
380 check |= CHECK_CONFIG;
385 check_dn.bv_val = optarg;
386 check_dn.bv_len = strlen( optarg );
394 for (i=0; tools[i].name; i++) {
395 if ( optarg[0] == tools[i].name[4] ) {
396 rc = tools[i].func(argc, argv);
404 SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 15 );
410 lutil_log_initialize( argc, argv );
412 lutil_set_debug_level( "slapd", slap_debug );
413 ber_set_option(NULL, LBER_OPT_DEBUG_LEVEL, &slap_debug);
414 ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, &slap_debug);
415 ldif_debug = slap_debug;
419 fprintf( stderr, "%s\n", Versionstr );
420 if ( version > 1 ) goto stop;
426 logName = ch_strdup( serverName );
429 logName = serverName;
433 openlog( logName, OPENLOG_OPTIONS, syslogUser );
435 openlog( logName, OPENLOG_OPTIONS );
443 LDAP_LOG( SLAPD, INFO, "%s", Versionstr, 0, 0 );
445 Debug( LDAP_DEBUG_ANY, "%s", Versionstr, 0, 0 );
448 if( check == CHECK_NONE && slapd_daemon_init( urls ) != 0 ) {
450 SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 16 );
454 #if defined(HAVE_CHROOT)
456 if ( chdir( sandbox ) ) {
461 if ( chroot( sandbox ) ) {
469 #if defined(HAVE_SETUID) && defined(HAVE_SETGID)
470 if ( username != NULL || groupname != NULL ) {
471 slap_init_user( username, groupname );
480 if ( module_init() != 0 ) {
482 SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 17 );
487 if ( slap_schema_init( ) != 0 ) {
489 LDAP_LOG( OPERATION, CRIT, "main: schema initialization error\n", 0, 0, 0 );
491 Debug( LDAP_DEBUG_ANY,
492 "schema initialization error\n",
499 if ( slap_init( serverMode, serverName ) != 0 ) {
501 SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 18 );
505 if ( slap_controls_init( ) != 0 ) {
507 LDAP_LOG( OPERATION, CRIT, "main: controls initialization error\n", 0, 0, 0 );
509 Debug( LDAP_DEBUG_ANY,
510 "controls initialization error\n",
518 /* Library defaults to full certificate checking. This is correct when
519 * a client is verifying a server because all servers should have a
520 * valid cert. But few clients have valid certs, so we want our default
521 * to be no checking. The config file can override this as usual.
524 (void) ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &rc );
528 if ( slapi_int_initialize() != 0 ) {
530 LDAP_LOG( OPERATION, CRIT, "main: slapi initialization error\n", 0, 0, 0 );
532 Debug( LDAP_DEBUG_ANY,
533 "slapi initialization error\n",
539 #endif /* LDAP_SLAPI */
541 if ( overlay_init() ) {
545 if ( read_config( configfile, 0 ) != 0 ) {
547 SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 19 );
549 if ( check & CHECK_CONFIG ) {
550 fprintf( stderr, "config check failed\n" );
556 if ( check & CHECK_CONFIG ) {
557 fprintf( stderr, "config check succeeded\n" );
559 check &= ~CHECK_CONFIG;
560 if ( check == CHECK_NONE ) {
566 if ( glue_sub_init( ) != 0 ) {
568 LDAP_LOG( SLAPD, CRIT, "main: subordinate config error\n", 0, 0, 0 );
570 Debug( LDAP_DEBUG_ANY,
571 "subordinate config error\n",
577 if ( slap_schema_check( ) != 0 ) {
579 LDAP_LOG( SLAPD, CRIT, "main: schema prep error\n", 0, 0, 0 );
581 Debug( LDAP_DEBUG_ANY,
582 "schema prep error\n",
589 if ( check & CHECK_DN ) {
590 struct berval pdn, ndn;
592 rc = dnPrettyNormal( NULL, &check_dn,
594 if ( rc != LDAP_SUCCESS ) {
595 fprintf( stderr, "DN: <%s> check failed %d (%s)\n",
597 ldap_err2string( rc ) );
601 fprintf( stderr, "DN: <%s> check succeeded\n"
605 ndn.bv_val, pdn.bv_val );
610 if ( check == CHECK_NONE ) {
616 rc = ldap_pvt_tls_init();
619 LDAP_LOG( SLAPD, CRIT, "main: tls init failed: %d\n", rc, 0, 0 );
621 Debug( LDAP_DEBUG_ANY,
622 "main: TLS init failed: %d\n",
626 SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 20 );
630 rc = ldap_pvt_tls_init_def_ctx();
633 LDAP_LOG( SLAPD, CRIT, "main: tls init def ctx failed: %d\n", rc, 0, 0 );
635 Debug( LDAP_DEBUG_ANY,
636 "main: TLS init def ctx failed: %d\n",
640 SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 20 );
645 (void) SIGNAL( LDAP_SIGUSR1, slap_sig_wake );
646 (void) SIGNAL( LDAP_SIGUSR2, slap_sig_shutdown );
649 (void) SIGNAL( SIGPIPE, SIG_IGN );
652 (void) SIGNAL( SIGHUP, slap_sig_shutdown );
654 (void) SIGNAL( SIGINT, slap_sig_shutdown );
655 (void) SIGNAL( SIGTERM, slap_sig_shutdown );
657 (void) SIGNAL( LDAP_SIGCHLD, wait4child );
660 /* SIGBREAK is generated when Ctrl-Break is pressed. */
661 (void) SIGNAL( SIGBREAK, slap_sig_shutdown );
665 lutil_detach( no_detach, 0 );
666 #endif /* HAVE_WINSOCK */
673 * FIXME: moved here from slapd_daemon_task()
674 * because back-monitor db_open() needs it
678 if ( slap_startup( NULL ) != 0 ) {
680 SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 21 );
685 LDAP_LOG( SLAPD, INFO, "main: slapd starting.\n", 0, 0, 0 );
687 Debug( LDAP_DEBUG_ANY, "slapd starting\n", 0, 0, 0 );
691 if ( slapd_pid_file != NULL ) {
692 FILE *fp = fopen( slapd_pid_file, "w" );
695 fprintf( fp, "%d\n", (int) getpid() );
699 free(slapd_pid_file);
700 slapd_pid_file = NULL;
704 if ( slapd_args_file != NULL ) {
705 FILE *fp = fopen( slapd_args_file, "w" );
708 for ( i = 0; i < g_argc; i++ ) {
709 fprintf( fp, "%s ", g_argv[i] );
714 free(slapd_args_file);
715 slapd_args_file = NULL;
719 #ifdef HAVE_NT_EVENT_LOG
721 lutil_LogStartedEvent( serverName, slap_debug, configfile, urls );
726 #ifdef HAVE_NT_SERVICE_MANAGER
727 /* Throw away the event that we used during the startup process. */
729 ldap_pvt_thread_cond_destroy( &started_event );
733 /* remember an error during shutdown */
734 rc |= slap_shutdown( NULL );
737 /* remember an error during destroy */
738 rc |= slap_destroy();
740 while ( !LDAP_STAILQ_EMPTY( &slap_sync_cookie )) {
741 scp = LDAP_STAILQ_FIRST( &slap_sync_cookie );
742 LDAP_STAILQ_REMOVE_HEAD( &slap_sync_cookie, sc_next );
755 #ifdef HAVE_NT_EVENT_LOG
757 lutil_LogStoppedEvent( serverName );
761 LDAP_LOG( SLAPD, CRIT, "main: slapd stopped.\n", 0, 0, 0 );
763 Debug( LDAP_DEBUG_ANY, "slapd stopped.\n", 0, 0, 0 );
767 #ifdef HAVE_NT_SERVICE_MANAGER
768 lutil_ReportShutdownComplete();
774 slapd_daemon_destroy();
780 lutil_passwd_destroy();
783 ldap_pvt_tls_destroy();
786 if ( slapd_pid_file != NULL ) {
787 unlink( slapd_pid_file );
789 if ( slapd_args_file != NULL ) {
790 unlink( slapd_args_file );
796 mal_dumpleaktrace( leakfile );
806 * Catch and discard terminated child processes, to avoid zombies.
810 wait4child( int sig )
812 int save_errno = errno;
817 while ( waitpid( (pid_t)-1, NULL, WNOHANG ) > 0 || errno == EINTR )
820 while ( wait3( NULL, WNOHANG, NULL ) > 0 || errno == EINTR )
826 (void) SIGNAL_REINSTALL( sig, wait4child );
830 #endif /* LDAP_SIGCHLD */
836 * Convert a string to an integer by means of a dispatcher table
837 * if the string is not in the table return the default
841 cnvt_str2int( char *stringVal, STRDISP_P dispatcher, int defaultVal )
843 int retVal = defaultVal;
846 for (disp = dispatcher; disp->stringVal; disp++) {
848 if (!strncasecmp (stringVal, disp->stringVal, disp->abbr)) {
850 retVal = disp->intVal;
859 #endif /* LOG_LOCAL4 */