X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fdaemon.c;h=6180e391b580922dbffc5a23a44be3d1fa892d41;hb=fd810bb35ebcae78d9e9393af51873f1b404ee02;hp=c3539448969f144113fa8db5ae273f09afeef26f;hpb=3c28bb413d3efa6cde9780a3f58d597e16ffeaf5;p=openldap diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c index c353944896..6180e391b5 100644 --- a/servers/slapd/daemon.c +++ b/servers/slapd/daemon.c @@ -1,6 +1,6 @@ /* $OpenLDAP$ */ /* - * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. + * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file */ @@ -17,6 +17,7 @@ #include #include "ldap_pvt.h" +#include "ldap_pvt_thread.h" #include "lutil.h" #include "slap.h" @@ -29,26 +30,14 @@ int deny_severity = LOG_NOTICE; #ifdef LDAP_PF_LOCAL #include +/* this should go in as soon as it is accepted */ +#define LDAPI_MOD_URLEXT "x-mod" #endif /* LDAP_PF_LOCAL */ /* globals */ time_t starttime; ber_socket_t dtblsize; -typedef struct slap_listener { - char* sl_url; - char* sl_name; -#ifdef HAVE_TLS - int sl_is_tls; -#endif -#ifdef LDAP_CONNECTIONLESS - int sl_is_udp; /* UDP listener is also data port */ -#endif - ber_socket_t sl_sd; - Sockaddr sl_sa; -#define sl_addr sl_sa.sa_in_addr -} Listener; - Listener **slap_listeners = NULL; #define SLAPD_LISTEN 10 @@ -64,12 +53,6 @@ static int waking; do { if (w) tcp_write( wake_sds[1], "0", 1 ); } while(0) #endif -#ifdef HAVE_NT_SERVICE_MANAGER -/* in nt_main.c */ -extern ldap_pvt_thread_cond_t started_event; -extern int is_NT_Service; -#endif - #ifndef HAVE_WINSOCK static #endif @@ -119,8 +102,8 @@ void slapd_slp_init( const char* urls ) { slapd_srvurls[i] = (char *) realloc( slapd_srvurls[i], strlen( host ) + sizeof( LDAP_SRVTYPE_PREFIX ) ); - strcpy( slapd_srvurls[i], LDAP_SRVTYPE_PREFIX ); - strcat( slapd_srvurls[i], host ); + strcpy( slap_strcopy(slapd_srvurls[i], + LDAP_SRVTYPE_PREFIX ), host ); ch_free( host ); } @@ -131,8 +114,8 @@ void slapd_slp_init( const char* urls ) { slapd_srvurls[i] = (char *) realloc( slapd_srvurls[i], strlen( host ) + sizeof( LDAPS_SRVTYPE_PREFIX ) ); - strcpy( slapd_srvurls[i], LDAPS_SRVTYPE_PREFIX ); - strcat( slapd_srvurls[i], host ); + strcpy( slap_strcopy(slapd_srvurls[i], + LDAPS_SRVTYPE_PREFIX ), host ); ch_free( host ); } @@ -322,6 +305,171 @@ static void slap_free_listener_addresses(struct sockaddr **sal) ch_free(sal); } +#ifdef LDAP_PF_LOCAL +static int get_url_perms( + char **exts, + mode_t *perms, + int *crit ) +{ + int i; + + assert( exts ); + assert( perms ); + assert( crit ); + + *crit = 0; + for ( i = 0; exts[ i ]; i++ ) { + char *type = exts[ i ]; + int c = 0; + + if ( type[ 0 ] == '!' ) { + c = 1; + type++; + } + + if ( strncasecmp( type, LDAPI_MOD_URLEXT "=", sizeof(LDAPI_MOD_URLEXT "=") - 1 ) == 0 ) { + char *value = type + sizeof(LDAPI_MOD_URLEXT "=") - 1; + mode_t p = 0; + +#if 0 + if ( strlen( value ) != 9 ) { + return LDAP_OTHER; + } + + switch ( value[ 0 ] ) { + case 'r': + p |= S_IRUSR; + break; + case '-': + break; + default: + return LDAP_OTHER; + } + + switch ( value[ 1 ] ) { + case 'w': + p |= S_IWUSR; + break; + case '-': + break; + default: + return LDAP_OTHER; + } + + switch ( value[ 2 ] ) { + case 'x': + p |= S_IXUSR; + break; + case '-': + break; + default: + return LDAP_OTHER; + } + + switch ( value[ 3 ] ) { + case 'r': + p |= S_IRGRP; + break; + case '-': + break; + default: + return LDAP_OTHER; + } + + switch ( value[ 4 ] ) { + case 'w': + p |= S_IWGRP; + break; + case '-': + break; + default: + return LDAP_OTHER; + } + + switch ( value[ 5 ] ) { + case 'x': + p |= S_IXGRP; + break; + case '-': + break; + default: + return LDAP_OTHER; + } + + switch ( value[ 6 ] ) { + case 'r': + p |= S_IROTH; + break; + case '-': + break; + default: + return LDAP_OTHER; + } + + switch ( value[ 7 ] ) { + case 'w': + p |= S_IWOTH; + break; + case '-': + break; + default: + return LDAP_OTHER; + } + + switch ( value[ 8 ] ) { + case 'x': + p |= S_IXOTH; + break; + case '-': + break; + default: + return LDAP_OTHER; + } +#else + if ( strlen(value) != 3 ) { + return LDAP_OTHER; + } + + switch ( value[ 0 ] ) { + case 'w': + p |= S_IRWXU; + break; + case '-': + break; + default: + return LDAP_OTHER; + } + + switch ( value[ 1 ] ) { + case 'w': + p |= S_IRWXG; + break; + case '-': + break; + default: + return LDAP_OTHER; + } + + switch ( value[ 2 ] ) { + case 'w': + p |= S_IRWXO; + break; + case '-': + break; + default: + return LDAP_OTHER; + } +#endif + + *crit = c; + *perms = p; + + return LDAP_SUCCESS; + } + } +} +#endif /* LDAP_PF_LOCAL */ + /* port = 0 indicates AF_LOCAL */ static int slap_get_listener_addresses( const char *host, @@ -374,7 +522,7 @@ static int slap_get_listener_addresses( hints.ai_family = AF_UNSPEC; snprintf(serv, sizeof serv, "%d", port); - if (err = getaddrinfo(host, serv, &hints, &res)) { + if ( (err = getaddrinfo(host, serv, &hints, &res)) ) { #ifdef NEW_LOGGING LDAP_LOG(( "connection", LDAP_LEVEL_INFO, "slap_get_listener_addresses: getaddrinfo failed: %s\n", @@ -390,15 +538,24 @@ static int slap_get_listener_addresses( for (n=2; (sai = sai->ai_next) != NULL; n++) { /* EMPTY */ ; } - *sal = ch_malloc(n * sizeof(void *)); + *sal = ch_calloc(n, sizeof(void *)); if (*sal == NULL) { return -1; } sap = *sal; + *sap = NULL; for ( sai=res; sai; sai=sai->ai_next ) { if( sai->ai_addr == NULL ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_INFO, + "slap_get_listener_addresses: " + "getaddrinfo ai_addr is NULL?\n" )); +#else + Debug( LDAP_DEBUG_ANY, "slap_get_listener_addresses: " + "getaddrinfo ai_addr is NULL?\n", 0, 0, 0 ); +#endif freeaddrinfo(res); goto errexit; } @@ -428,13 +585,14 @@ static int slap_get_listener_addresses( *sap = NULL; break; } + if (*sap != NULL) { (*sap)->sa_family = sai->ai_family; sap++; + *sap = NULL; } } - *sap = NULL; freeaddrinfo(res); #else struct in_addr in; @@ -492,9 +650,13 @@ static Listener * slap_open_listener( Listener *li; LDAPURLDesc *lud; unsigned short port; - int err, addrlen; + int err, addrlen = 0; struct sockaddr **sal, **psal; int socktype = SOCK_STREAM; /* default to COTS */ +#ifdef LDAP_PF_LOCAL + mode_t perms = S_IRWXU; + int crit = 1; +#endif rc = ldap_url_parse( url, &lud ); @@ -548,6 +710,10 @@ static Listener * slap_open_listener( } else { err = slap_get_listener_addresses(lud->lud_host, 0, &sal); } + + if ( lud->lud_exts ) { + err = get_url_perms( lud->lud_exts, &perms, &crit ); + } #else #ifdef NEW_LOGGING @@ -563,8 +729,7 @@ static Listener * slap_open_listener( #endif } else { #ifdef LDAP_CONNECTIONLESS - if ( tmp == LDAP_PROTO_UDP ) - l.sl_is_udp = 1; + l.sl_is_udp = ( tmp == LDAP_PROTO_UDP ); #endif if( lud->lud_host == NULL || lud->lud_host[0] == '\0' || strcmp(lud->lud_host, "*") == 0 ) @@ -703,7 +868,7 @@ static Listener * slap_open_listener( #ifdef LDAP_PF_LOCAL case AF_LOCAL: { char *addr = ((struct sockaddr_un *)*sal)->sun_path; - if ( chmod( addr, S_IRWXU ) < 0 ) { + if ( chmod( addr, perms ) < 0 && crit ) { int err = sock_errno(); #ifdef NEW_LOGGING LDAP_LOG(( "connection", LDAP_LEVEL_INFO, @@ -729,11 +894,10 @@ static Listener * slap_open_listener( inet_ntop( AF_INET, &((struct sockaddr_in *)*sal)->sin_addr, addr, sizeof(addr) ); s = addr; - port = ((struct sockaddr_in *)*sal) ->sin_port; #else - s = inet_ntoa( l.sl_addr.sin_addr ); - port = l.sl_addr.sin_port; + s = inet_ntoa( ((struct sockaddr_in *) *sal)->sin_addr ); #endif + port = ((struct sockaddr_in *)*sal) ->sin_port; l.sl_name = ch_malloc( sizeof("IP=255.255.255.255:65535") ); sprintf( l.sl_name, "IP=%s:%d", s != NULL ? s : "unknown" , port ); @@ -931,9 +1095,12 @@ slapd_daemon_task( ) { int l; - time_t last_idle_check = slap_get_time(); + time_t last_idle_check = 0; time( &starttime ); + if ( global_idletimeout > 0 ) { + last_idle_check = slap_get_time(); + } for ( l = 0; slap_listeners[l] != NULL; l++ ) { if ( slap_listeners[l]->sl_sd == AC_SOCKET_INVALID ) continue; @@ -981,9 +1148,10 @@ slapd_daemon_task( ber_socket_t nfds; #define SLAPD_EBADF_LIMIT 16 int ebadf = 0; + int emfile = 0; #define SLAPD_IDLE_CHECK_LIMIT 4 - time_t now = slap_get_time(); + time_t now; fd_set readfds; @@ -991,16 +1159,20 @@ slapd_daemon_task( Sockaddr from; #if defined(SLAPD_RLOOKUPS) - struct hostent *hp; + struct hostent *hp; #endif struct timeval zero; struct timeval *tvp; - if( global_idletimeout > 0 && difftime( - last_idle_check+global_idletimeout/SLAPD_IDLE_CHECK_LIMIT, - now ) < 0 ) - { - connections_timeout_idle(now); + if( emfile ) { + now = slap_get_time(); + connections_timeout_idle( now ); + } + else if ( global_idletimeout > 0 ) { + now = slap_get_time(); + if ( difftime( last_idle_check+global_idletimeout/SLAPD_IDLE_CHECK_LIMIT, now ) < 0 ) { + connections_timeout_idle( now ); + } } FD_ZERO( &writefds ); @@ -1145,7 +1317,7 @@ slapd_daemon_task( slap_ssf_t ssf = 0; char *authid = NULL; - char *dnsname; + char *dnsname = NULL; char *peeraddr; #ifdef LDAP_PF_LOCAL char peername[MAXPATHLEN + sizeof("PATH=")]; @@ -1187,32 +1359,59 @@ slapd_daemon_task( (struct sockaddr *) &from, &len ); if ( s == AC_SOCKET_INVALID ) { int err = sock_errno(); + +#ifdef EMFILE + if( err == EMFILE ) { + emfile++; + } else +#endif +#ifdef ENFILE + if( err == ENFILE ) { + emfile++; + } else +#endif + { + emfile=0; + } + + if( emfile < 3 ) { #ifdef NEW_LOGGING - LDAP_LOG(( "connection", LDAP_LEVEL_ERR, - "slapd_daemon_task: accept(%ld) failed errno=%d (%s)\n", - (long)slap_listeners[l]->sl_sd, err, sock_errstr(err) )); + LDAP_LOG(( "connection", LDAP_LEVEL_ERR, + "slapd_daemon_task: accept(%ld) failed errno=%d (%s)\n", + (long)slap_listeners[l]->sl_sd, err, sock_errstr(err) )); #else - Debug( LDAP_DEBUG_ANY, - "daemon: accept(%ld) failed errno=%d (%s)\n", - (long) slap_listeners[l]->sl_sd, err, - sock_errstr(err) ); -#endif + Debug( LDAP_DEBUG_ANY, + "daemon: accept(%ld) failed errno=%d (%s)\n", + (long) slap_listeners[l]->sl_sd, err, + sock_errstr(err) ); +#endif + } else { + /* prevent busy loop */ +# ifdef HAVE_USLEEP + if( emfile % 4 == 3 ) usleep( 250 ); +# else + if( emfile % 8 == 7 ) sleep( 1 ); +# endif + } + ldap_pvt_thread_yield(); continue; } + emfile = 0; #ifndef HAVE_WINSOCK /* make sure descriptor number isn't too great */ if ( s >= dtblsize ) { #ifdef NEW_LOGGING LDAP_LOG(( "connection", LDAP_LEVEL_ERR, - "slapd_daemon_task: %ld beyond descriptor table size %ld\n", - (long)s, (long)dtblsize )); + "slapd_daemon_task: %ld beyond descriptor table size %ld\n", + (long)s, (long)dtblsize )); #else Debug( LDAP_DEBUG_ANY, "daemon: %ld beyond descriptor table size %ld\n", (long) s, (long) dtblsize, 0 ); #endif + slapd_close(s); ldap_pvt_thread_yield(); continue; @@ -1289,6 +1488,7 @@ slapd_daemon_task( case AF_LOCAL: sprintf( peername, "PATH=%s", from.sa_un_addr.sun_path ); ssf = LDAP_PVT_SASL_LOCAL_SSF; + dnsname = "local"; break; #endif /* LDAP_PF_LOCAL */ @@ -1636,9 +1836,15 @@ slapd_daemon_task( } #endif /* LDAP_PF_LOCAL */ slapd_close( slap_listeners[l]->sl_sd ); - break; } + if ( slap_listeners[l]->sl_url ) + free ( slap_listeners[l]->sl_url ); + if ( slap_listeners[l]->sl_name ) + free ( slap_listeners[l]->sl_name ); + free ( slap_listeners[l] ); } + free ( slap_listeners ); + slap_listeners = NULL; #ifdef NEW_LOGGING LDAP_LOG(( "connection", LDAP_LEVEL_CRIT, @@ -1790,3 +1996,7 @@ slap_sig_wake( int sig ) void slapd_add_internal(ber_socket_t s) { slapd_add(s); } + +Listener ** slapd_get_listeners(void) { + return slap_listeners; +}