1 /* 2 * daemon/daemon.c - collection of workers that handles requests. 3 * 4 * Copyright (c) 2007, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * Redistributions of source code must retain the above copyright notice, 13 * this list of conditions and the following disclaimer. 14 * 15 * Redistributions in binary form must reproduce the above copyright notice, 16 * this list of conditions and the following disclaimer in the documentation 17 * and/or other materials provided with the distribution. 18 * 19 * Neither the name of the NLNET LABS nor the names of its contributors may 20 * be used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36 /** 37 * \file 38 * 39 * The daemon consists of global settings and a number of workers. 40 */ 41 42 #include "config.h" 43 #ifdef HAVE_OPENSSL_ERR_H 44 #include <openssl/err.h> 45 #endif 46 47 #ifdef HAVE_OPENSSL_RAND_H 48 #include <openssl/rand.h> 49 #endif 50 51 #ifdef HAVE_OPENSSL_CONF_H 52 #include <openssl/conf.h> 53 #endif 54 55 #ifdef HAVE_OPENSSL_ENGINE_H 56 #include <openssl/engine.h> 57 #endif 58 59 #ifdef HAVE_TIME_H 60 #include <time.h> 61 #endif 62 #include <sys/time.h> 63 64 #ifdef HAVE_NSS 65 /* nss3 */ 66 #include "nss.h" 67 #endif 68 69 #include "daemon/daemon.h" 70 #include "daemon/worker.h" 71 #include "daemon/remote.h" 72 #include "daemon/acl_list.h" 73 #include "util/log.h" 74 #include "util/config_file.h" 75 #include "util/data/msgreply.h" 76 #include "util/shm_side/shm_main.h" 77 #include "util/storage/lookup3.h" 78 #include "util/storage/slabhash.h" 79 #include "services/listen_dnsport.h" 80 #include "services/cache/rrset.h" 81 #include "services/cache/infra.h" 82 #include "services/localzone.h" 83 #include "services/view.h" 84 #include "services/modstack.h" 85 #include "util/module.h" 86 #include "util/random.h" 87 #include "util/tube.h" 88 #include "util/net_help.h" 89 #include "sldns/keyraw.h" 90 #include "respip/respip.h" 91 #include <signal.h> 92 93 #ifdef HAVE_SYSTEMD 94 #include <systemd/sd-daemon.h> 95 #endif 96 97 /** How many quit requests happened. */ 98 static int sig_record_quit = 0; 99 /** How many reload requests happened. */ 100 static int sig_record_reload = 0; 101 102 #if HAVE_DECL_SSL_COMP_GET_COMPRESSION_METHODS 103 /** cleaner ssl memory freeup */ 104 static void* comp_meth = NULL; 105 #endif 106 #ifdef LEX_HAS_YYLEX_DESTROY 107 /** remove buffers for parsing and init */ 108 int ub_c_lex_destroy(void); 109 #endif 110 111 /** used when no other sighandling happens, so we don't die 112 * when multiple signals in quick succession are sent to us. 113 * @param sig: signal number. 114 * @return signal handler return type (void or int). 115 */ 116 static RETSIGTYPE record_sigh(int sig) 117 { 118 #ifdef LIBEVENT_SIGNAL_PROBLEM 119 /* cannot log, verbose here because locks may be held */ 120 /* quit on signal, no cleanup and statistics, 121 because installed libevent version is not threadsafe */ 122 exit(0); 123 #endif 124 switch(sig) 125 { 126 case SIGTERM: 127 #ifdef SIGQUIT 128 case SIGQUIT: 129 #endif 130 #ifdef SIGBREAK 131 case SIGBREAK: 132 #endif 133 case SIGINT: 134 sig_record_quit++; 135 break; 136 #ifdef SIGHUP 137 case SIGHUP: 138 sig_record_reload++; 139 break; 140 #endif 141 #ifdef SIGPIPE 142 case SIGPIPE: 143 break; 144 #endif 145 default: 146 /* ignoring signal */ 147 break; 148 } 149 } 150 151 /** 152 * Signal handling during the time when netevent is disabled. 153 * Stores signals to replay later. 154 */ 155 static void 156 signal_handling_record(void) 157 { 158 if( signal(SIGTERM, record_sigh) == SIG_ERR || 159 #ifdef SIGQUIT 160 signal(SIGQUIT, record_sigh) == SIG_ERR || 161 #endif 162 #ifdef SIGBREAK 163 signal(SIGBREAK, record_sigh) == SIG_ERR || 164 #endif 165 #ifdef SIGHUP 166 signal(SIGHUP, record_sigh) == SIG_ERR || 167 #endif 168 #ifdef SIGPIPE 169 signal(SIGPIPE, SIG_IGN) == SIG_ERR || 170 #endif 171 signal(SIGINT, record_sigh) == SIG_ERR 172 ) 173 log_err("install sighandler: %s", strerror(errno)); 174 } 175 176 /** 177 * Replay old signals. 178 * @param wrk: worker that handles signals. 179 */ 180 static void 181 signal_handling_playback(struct worker* wrk) 182 { 183 #ifdef SIGHUP 184 if(sig_record_reload) { 185 # ifdef HAVE_SYSTEMD 186 sd_notify(0, "RELOADING=1"); 187 # endif 188 worker_sighandler(SIGHUP, wrk); 189 # ifdef HAVE_SYSTEMD 190 sd_notify(0, "READY=1"); 191 # endif 192 } 193 #endif 194 if(sig_record_quit) 195 worker_sighandler(SIGTERM, wrk); 196 sig_record_quit = 0; 197 sig_record_reload = 0; 198 } 199 200 struct daemon* 201 daemon_init(void) 202 { 203 struct daemon* daemon = (struct daemon*)calloc(1, 204 sizeof(struct daemon)); 205 #ifdef USE_WINSOCK 206 int r; 207 WSADATA wsa_data; 208 #endif 209 if(!daemon) 210 return NULL; 211 #ifdef USE_WINSOCK 212 r = WSAStartup(MAKEWORD(2,2), &wsa_data); 213 if(r != 0) { 214 fatal_exit("could not init winsock. WSAStartup: %s", 215 wsa_strerror(r)); 216 } 217 #endif /* USE_WINSOCK */ 218 signal_handling_record(); 219 checklock_start(); 220 #ifdef HAVE_SSL 221 # ifdef HAVE_ERR_LOAD_CRYPTO_STRINGS 222 ERR_load_crypto_strings(); 223 # endif 224 #if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL) 225 ERR_load_SSL_strings(); 226 #endif 227 # ifdef USE_GOST 228 (void)sldns_key_EVP_load_gost_id(); 229 # endif 230 # if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO) 231 OpenSSL_add_all_algorithms(); 232 # else 233 OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS 234 | OPENSSL_INIT_ADD_ALL_DIGESTS 235 | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); 236 # endif 237 # if HAVE_DECL_SSL_COMP_GET_COMPRESSION_METHODS 238 /* grab the COMP method ptr because openssl leaks it */ 239 comp_meth = (void*)SSL_COMP_get_compression_methods(); 240 # endif 241 # if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL) 242 (void)SSL_library_init(); 243 # else 244 (void)OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); 245 # endif 246 # if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) 247 if(!ub_openssl_lock_init()) 248 fatal_exit("could not init openssl locks"); 249 # endif 250 #elif defined(HAVE_NSS) 251 if(NSS_NoDB_Init(NULL) != SECSuccess) 252 fatal_exit("could not init NSS"); 253 #endif /* HAVE_SSL or HAVE_NSS */ 254 #ifdef HAVE_TZSET 255 /* init timezone info while we are not chrooted yet */ 256 tzset(); 257 #endif 258 /* open /dev/random if needed */ 259 ub_systemseed((unsigned)time(NULL)^(unsigned)getpid()^0xe67); 260 daemon->need_to_exit = 0; 261 modstack_init(&daemon->mods); 262 if(!(daemon->env = (struct module_env*)calloc(1, 263 sizeof(*daemon->env)))) { 264 free(daemon); 265 return NULL; 266 } 267 /* init edns_known_options */ 268 if(!edns_known_options_init(daemon->env)) { 269 free(daemon->env); 270 free(daemon); 271 return NULL; 272 } 273 alloc_init(&daemon->superalloc, NULL, 0); 274 daemon->acl = acl_list_create(); 275 if(!daemon->acl) { 276 edns_known_options_delete(daemon->env); 277 free(daemon->env); 278 free(daemon); 279 return NULL; 280 } 281 if(gettimeofday(&daemon->time_boot, NULL) < 0) 282 log_err("gettimeofday: %s", strerror(errno)); 283 daemon->time_last_stat = daemon->time_boot; 284 return daemon; 285 } 286 287 int 288 daemon_open_shared_ports(struct daemon* daemon) 289 { 290 log_assert(daemon); 291 if(daemon->cfg->port != daemon->listening_port) { 292 size_t i; 293 struct listen_port* p0; 294 daemon->reuseport = 0; 295 /* free and close old ports */ 296 if(daemon->ports != NULL) { 297 for(i=0; i<daemon->num_ports; i++) 298 listening_ports_free(daemon->ports[i]); 299 free(daemon->ports); 300 daemon->ports = NULL; 301 } 302 /* see if we want to reuseport */ 303 #ifdef SO_REUSEPORT 304 if(daemon->cfg->so_reuseport && daemon->cfg->num_threads > 0) 305 daemon->reuseport = 1; 306 #endif 307 /* try to use reuseport */ 308 p0 = listening_ports_open(daemon->cfg, &daemon->reuseport); 309 if(!p0) { 310 listening_ports_free(p0); 311 return 0; 312 } 313 if(daemon->reuseport) { 314 /* reuseport was successful, allocate for it */ 315 daemon->num_ports = (size_t)daemon->cfg->num_threads; 316 } else { 317 /* do the normal, singleportslist thing, 318 * reuseport not enabled or did not work */ 319 daemon->num_ports = 1; 320 } 321 if(!(daemon->ports = (struct listen_port**)calloc( 322 daemon->num_ports, sizeof(*daemon->ports)))) { 323 listening_ports_free(p0); 324 return 0; 325 } 326 daemon->ports[0] = p0; 327 if(daemon->reuseport) { 328 /* continue to use reuseport */ 329 for(i=1; i<daemon->num_ports; i++) { 330 if(!(daemon->ports[i]= 331 listening_ports_open(daemon->cfg, 332 &daemon->reuseport)) 333 || !daemon->reuseport ) { 334 for(i=0; i<daemon->num_ports; i++) 335 listening_ports_free(daemon->ports[i]); 336 free(daemon->ports); 337 daemon->ports = NULL; 338 return 0; 339 } 340 } 341 } 342 daemon->listening_port = daemon->cfg->port; 343 } 344 if(!daemon->cfg->remote_control_enable && daemon->rc_port) { 345 listening_ports_free(daemon->rc_ports); 346 daemon->rc_ports = NULL; 347 daemon->rc_port = 0; 348 } 349 if(daemon->cfg->remote_control_enable && 350 daemon->cfg->control_port != daemon->rc_port) { 351 listening_ports_free(daemon->rc_ports); 352 if(!(daemon->rc_ports=daemon_remote_open_ports(daemon->cfg))) 353 return 0; 354 daemon->rc_port = daemon->cfg->control_port; 355 } 356 return 1; 357 } 358 359 /** 360 * Setup modules. setup module stack. 361 * @param daemon: the daemon 362 */ 363 static void daemon_setup_modules(struct daemon* daemon) 364 { 365 daemon->env->cfg = daemon->cfg; 366 daemon->env->alloc = &daemon->superalloc; 367 daemon->env->worker = NULL; 368 daemon->env->need_to_validate = 0; /* set by module init below */ 369 if(!modstack_setup(&daemon->mods, daemon->cfg->module_conf, 370 daemon->env)) { 371 fatal_exit("failed to setup modules"); 372 } 373 log_edns_known_options(VERB_ALGO, daemon->env); 374 } 375 376 /** 377 * Obtain allowed port numbers, concatenate the list, and shuffle them 378 * (ready to be handed out to threads). 379 * @param daemon: the daemon. Uses rand and cfg. 380 * @param shufport: the portlist output. 381 * @return number of ports available. 382 */ 383 static int daemon_get_shufport(struct daemon* daemon, int* shufport) 384 { 385 int i, n, k, temp; 386 int avail = 0; 387 for(i=0; i<65536; i++) { 388 if(daemon->cfg->outgoing_avail_ports[i]) { 389 shufport[avail++] = daemon->cfg-> 390 outgoing_avail_ports[i]; 391 } 392 } 393 if(avail == 0) 394 fatal_exit("no ports are permitted for UDP, add " 395 "with outgoing-port-permit"); 396 /* Knuth shuffle */ 397 n = avail; 398 while(--n > 0) { 399 k = ub_random_max(daemon->rand, n+1); /* 0<= k<= n */ 400 temp = shufport[k]; 401 shufport[k] = shufport[n]; 402 shufport[n] = temp; 403 } 404 return avail; 405 } 406 407 /** 408 * Allocate empty worker structures. With backptr and thread-number, 409 * from 0..numthread initialised. Used as user arguments to new threads. 410 * Creates the daemon random generator if it does not exist yet. 411 * The random generator stays existing between reloads with a unique state. 412 * @param daemon: the daemon with (new) config settings. 413 */ 414 static void 415 daemon_create_workers(struct daemon* daemon) 416 { 417 int i, numport; 418 int* shufport; 419 log_assert(daemon && daemon->cfg); 420 if(!daemon->rand) { 421 unsigned int seed = (unsigned int)time(NULL) ^ 422 (unsigned int)getpid() ^ 0x438; 423 daemon->rand = ub_initstate(seed, NULL); 424 if(!daemon->rand) 425 fatal_exit("could not init random generator"); 426 hash_set_raninit((uint32_t)ub_random(daemon->rand)); 427 } 428 shufport = (int*)calloc(65536, sizeof(int)); 429 if(!shufport) 430 fatal_exit("out of memory during daemon init"); 431 numport = daemon_get_shufport(daemon, shufport); 432 verbose(VERB_ALGO, "total of %d outgoing ports available", numport); 433 434 daemon->num = (daemon->cfg->num_threads?daemon->cfg->num_threads:1); 435 if(daemon->reuseport && (int)daemon->num < (int)daemon->num_ports) { 436 log_warn("cannot reduce num-threads to %d because so-reuseport " 437 "so continuing with %d threads.", (int)daemon->num, 438 (int)daemon->num_ports); 439 daemon->num = (int)daemon->num_ports; 440 } 441 daemon->workers = (struct worker**)calloc((size_t)daemon->num, 442 sizeof(struct worker*)); 443 if(!daemon->workers) 444 fatal_exit("out of memory during daemon init"); 445 if(daemon->cfg->dnstap) { 446 #ifdef USE_DNSTAP 447 daemon->dtenv = dt_create(daemon->cfg->dnstap_socket_path, 448 (unsigned int)daemon->num); 449 if (!daemon->dtenv) 450 fatal_exit("dt_create failed"); 451 dt_apply_cfg(daemon->dtenv, daemon->cfg); 452 #else 453 fatal_exit("dnstap enabled in config but not built with dnstap support"); 454 #endif 455 } 456 for(i=0; i<daemon->num; i++) { 457 if(!(daemon->workers[i] = worker_create(daemon, i, 458 shufport+numport*i/daemon->num, 459 numport*(i+1)/daemon->num - numport*i/daemon->num))) 460 /* the above is not ports/numthr, due to rounding */ 461 fatal_exit("could not create worker"); 462 } 463 free(shufport); 464 } 465 466 #ifdef THREADS_DISABLED 467 /** 468 * Close all pipes except for the numbered thread. 469 * @param daemon: daemon to close pipes in. 470 * @param thr: thread number 0..num-1 of thread to skip. 471 */ 472 static void close_other_pipes(struct daemon* daemon, int thr) 473 { 474 int i; 475 for(i=0; i<daemon->num; i++) 476 if(i!=thr) { 477 if(i==0) { 478 /* only close read part, need to write stats */ 479 tube_close_read(daemon->workers[i]->cmd); 480 } else { 481 /* complete close channel to others */ 482 tube_delete(daemon->workers[i]->cmd); 483 daemon->workers[i]->cmd = NULL; 484 } 485 } 486 } 487 #endif /* THREADS_DISABLED */ 488 489 /** 490 * Function to start one thread. 491 * @param arg: user argument. 492 * @return: void* user return value could be used for thread_join results. 493 */ 494 static void* 495 thread_start(void* arg) 496 { 497 struct worker* worker = (struct worker*)arg; 498 int port_num = 0; 499 log_thread_set(&worker->thread_num); 500 ub_thread_blocksigs(); 501 #ifdef THREADS_DISABLED 502 /* close pipe ends used by main */ 503 tube_close_write(worker->cmd); 504 close_other_pipes(worker->daemon, worker->thread_num); 505 #endif 506 #ifdef SO_REUSEPORT 507 if(worker->daemon->cfg->so_reuseport) 508 port_num = worker->thread_num % worker->daemon->num_ports; 509 else 510 port_num = 0; 511 #endif 512 if(!worker_init(worker, worker->daemon->cfg, 513 worker->daemon->ports[port_num], 0)) 514 fatal_exit("Could not initialize thread"); 515 516 worker_work(worker); 517 return NULL; 518 } 519 520 /** 521 * Fork and init the other threads. Main thread returns for special handling. 522 * @param daemon: the daemon with other threads to fork. 523 */ 524 static void 525 daemon_start_others(struct daemon* daemon) 526 { 527 int i; 528 log_assert(daemon); 529 verbose(VERB_ALGO, "start threads"); 530 /* skip i=0, is this thread */ 531 for(i=1; i<daemon->num; i++) { 532 ub_thread_create(&daemon->workers[i]->thr_id, 533 thread_start, daemon->workers[i]); 534 #ifdef THREADS_DISABLED 535 /* close pipe end of child */ 536 tube_close_read(daemon->workers[i]->cmd); 537 #endif /* no threads */ 538 } 539 } 540 541 /** 542 * Stop the other threads. 543 * @param daemon: the daemon with other threads. 544 */ 545 static void 546 daemon_stop_others(struct daemon* daemon) 547 { 548 int i; 549 log_assert(daemon); 550 verbose(VERB_ALGO, "stop threads"); 551 /* skip i=0, is this thread */ 552 /* use i=0 buffer for sending cmds; because we are #0 */ 553 for(i=1; i<daemon->num; i++) { 554 worker_send_cmd(daemon->workers[i], worker_cmd_quit); 555 } 556 /* wait for them to quit */ 557 for(i=1; i<daemon->num; i++) { 558 /* join it to make sure its dead */ 559 verbose(VERB_ALGO, "join %d", i); 560 ub_thread_join(daemon->workers[i]->thr_id); 561 verbose(VERB_ALGO, "join success %d", i); 562 } 563 } 564 565 void 566 daemon_fork(struct daemon* daemon) 567 { 568 int have_view_respip_cfg = 0; 569 570 log_assert(daemon); 571 if(!(daemon->views = views_create())) 572 fatal_exit("Could not create views: out of memory"); 573 /* create individual views and their localzone/data trees */ 574 if(!views_apply_cfg(daemon->views, daemon->cfg)) 575 fatal_exit("Could not set up views"); 576 577 if(!acl_list_apply_cfg(daemon->acl, daemon->cfg, daemon->views)) 578 fatal_exit("Could not setup access control list"); 579 if(daemon->cfg->dnscrypt) { 580 #ifdef USE_DNSCRYPT 581 daemon->dnscenv = dnsc_create(); 582 if (!daemon->dnscenv) 583 fatal_exit("dnsc_create failed"); 584 dnsc_apply_cfg(daemon->dnscenv, daemon->cfg); 585 #else 586 fatal_exit("dnscrypt enabled in config but unbound was not built with " 587 "dnscrypt support"); 588 #endif 589 } 590 /* create global local_zones */ 591 if(!(daemon->local_zones = local_zones_create())) 592 fatal_exit("Could not create local zones: out of memory"); 593 if(!local_zones_apply_cfg(daemon->local_zones, daemon->cfg)) 594 fatal_exit("Could not set up local zones"); 595 596 /* process raw response-ip configuration data */ 597 if(!(daemon->respip_set = respip_set_create())) 598 fatal_exit("Could not create response IP set"); 599 if(!respip_global_apply_cfg(daemon->respip_set, daemon->cfg)) 600 fatal_exit("Could not set up response IP set"); 601 if(!respip_views_apply_cfg(daemon->views, daemon->cfg, 602 &have_view_respip_cfg)) 603 fatal_exit("Could not set up per-view response IP sets"); 604 daemon->use_response_ip = !respip_set_is_empty(daemon->respip_set) || 605 have_view_respip_cfg; 606 607 /* setup modules */ 608 daemon_setup_modules(daemon); 609 610 /* response-ip-xxx options don't work as expected without the respip 611 * module. To avoid run-time operational surprise we reject such 612 * configuration. */ 613 if(daemon->use_response_ip && 614 modstack_find(&daemon->mods, "respip") < 0) 615 fatal_exit("response-ip options require respip module"); 616 617 /* first create all the worker structures, so we can pass 618 * them to the newly created threads. 619 */ 620 daemon_create_workers(daemon); 621 622 #if defined(HAVE_EV_LOOP) || defined(HAVE_EV_DEFAULT_LOOP) 623 /* in libev the first inited base gets signals */ 624 if(!worker_init(daemon->workers[0], daemon->cfg, daemon->ports[0], 1)) 625 fatal_exit("Could not initialize main thread"); 626 #endif 627 628 /* Now create the threads and init the workers. 629 * By the way, this is thread #0 (the main thread). 630 */ 631 daemon_start_others(daemon); 632 633 /* Special handling for the main thread. This is the thread 634 * that handles signals and remote control. 635 */ 636 #if !(defined(HAVE_EV_LOOP) || defined(HAVE_EV_DEFAULT_LOOP)) 637 /* libevent has the last inited base get signals (or any base) */ 638 if(!worker_init(daemon->workers[0], daemon->cfg, daemon->ports[0], 1)) 639 fatal_exit("Could not initialize main thread"); 640 #endif 641 signal_handling_playback(daemon->workers[0]); 642 643 if (!shm_main_init(daemon)) 644 log_warn("SHM has failed"); 645 646 /* Start resolver service on main thread. */ 647 #ifdef HAVE_SYSTEMD 648 sd_notify(0, "READY=1"); 649 #endif 650 log_info("start of service (%s).", PACKAGE_STRING); 651 worker_work(daemon->workers[0]); 652 #ifdef HAVE_SYSTEMD 653 sd_notify(0, "STOPPING=1"); 654 #endif 655 log_info("service stopped (%s).", PACKAGE_STRING); 656 657 /* we exited! a signal happened! Stop other threads */ 658 daemon_stop_others(daemon); 659 660 /* Shutdown SHM */ 661 shm_main_shutdown(daemon); 662 663 daemon->need_to_exit = daemon->workers[0]->need_to_exit; 664 } 665 666 void 667 daemon_cleanup(struct daemon* daemon) 668 { 669 int i; 670 log_assert(daemon); 671 /* before stopping main worker, handle signals ourselves, so we 672 don't die on multiple reload signals for example. */ 673 signal_handling_record(); 674 log_thread_set(NULL); 675 /* clean up caches because 676 * a) RRset IDs will be recycled after a reload, causing collisions 677 * b) validation config can change, thus rrset, msg, keycache clear */ 678 slabhash_clear(&daemon->env->rrset_cache->table); 679 slabhash_clear(daemon->env->msg_cache); 680 local_zones_delete(daemon->local_zones); 681 daemon->local_zones = NULL; 682 respip_set_delete(daemon->respip_set); 683 daemon->respip_set = NULL; 684 views_delete(daemon->views); 685 daemon->views = NULL; 686 /* key cache is cleared by module desetup during next daemon_fork() */ 687 daemon_remote_clear(daemon->rc); 688 for(i=0; i<daemon->num; i++) 689 worker_delete(daemon->workers[i]); 690 free(daemon->workers); 691 daemon->workers = NULL; 692 daemon->num = 0; 693 #ifdef USE_DNSTAP 694 dt_delete(daemon->dtenv); 695 #endif 696 #ifdef USE_DNSCRYPT 697 dnsc_delete(daemon->dnscenv); 698 #endif 699 daemon->cfg = NULL; 700 } 701 702 void 703 daemon_delete(struct daemon* daemon) 704 { 705 size_t i; 706 if(!daemon) 707 return; 708 modstack_desetup(&daemon->mods, daemon->env); 709 daemon_remote_delete(daemon->rc); 710 for(i = 0; i < daemon->num_ports; i++) 711 listening_ports_free(daemon->ports[i]); 712 free(daemon->ports); 713 listening_ports_free(daemon->rc_ports); 714 if(daemon->env) { 715 slabhash_delete(daemon->env->msg_cache); 716 rrset_cache_delete(daemon->env->rrset_cache); 717 infra_delete(daemon->env->infra_cache); 718 edns_known_options_delete(daemon->env); 719 } 720 ub_randfree(daemon->rand); 721 alloc_clear(&daemon->superalloc); 722 acl_list_delete(daemon->acl); 723 free(daemon->chroot); 724 free(daemon->pidfile); 725 free(daemon->env); 726 #ifdef HAVE_SSL 727 SSL_CTX_free((SSL_CTX*)daemon->listen_sslctx); 728 SSL_CTX_free((SSL_CTX*)daemon->connect_sslctx); 729 #endif 730 free(daemon); 731 #ifdef LEX_HAS_YYLEX_DESTROY 732 /* lex cleanup */ 733 ub_c_lex_destroy(); 734 #endif 735 /* libcrypto cleanup */ 736 #ifdef HAVE_SSL 737 # if defined(USE_GOST) && defined(HAVE_LDNS_KEY_EVP_UNLOAD_GOST) 738 sldns_key_EVP_unload_gost(); 739 # endif 740 # if HAVE_DECL_SSL_COMP_GET_COMPRESSION_METHODS && HAVE_DECL_SK_SSL_COMP_POP_FREE 741 # ifndef S_SPLINT_S 742 # if OPENSSL_VERSION_NUMBER < 0x10100000 743 sk_SSL_COMP_pop_free(comp_meth, (void(*)())CRYPTO_free); 744 # endif 745 # endif 746 # endif 747 # ifdef HAVE_OPENSSL_CONFIG 748 EVP_cleanup(); 749 # if OPENSSL_VERSION_NUMBER < 0x10100000 750 ENGINE_cleanup(); 751 # endif 752 CONF_modules_free(); 753 # endif 754 # ifdef HAVE_CRYPTO_CLEANUP_ALL_EX_DATA 755 CRYPTO_cleanup_all_ex_data(); /* safe, no more threads right now */ 756 # endif 757 # ifdef HAVE_ERR_FREE_STRINGS 758 ERR_free_strings(); 759 # endif 760 # if OPENSSL_VERSION_NUMBER < 0x10100000 761 RAND_cleanup(); 762 # endif 763 # if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) 764 ub_openssl_lock_delete(); 765 # endif 766 #elif defined(HAVE_NSS) 767 NSS_Shutdown(); 768 #endif /* HAVE_SSL or HAVE_NSS */ 769 checklock_stop(); 770 #ifdef USE_WINSOCK 771 if(WSACleanup() != 0) { 772 log_err("Could not WSACleanup: %s", 773 wsa_strerror(WSAGetLastError())); 774 } 775 #endif 776 } 777 778 void daemon_apply_cfg(struct daemon* daemon, struct config_file* cfg) 779 { 780 daemon->cfg = cfg; 781 config_apply(cfg); 782 if(!daemon->env->msg_cache || 783 cfg->msg_cache_size != slabhash_get_size(daemon->env->msg_cache) || 784 cfg->msg_cache_slabs != daemon->env->msg_cache->size) { 785 slabhash_delete(daemon->env->msg_cache); 786 daemon->env->msg_cache = slabhash_create(cfg->msg_cache_slabs, 787 HASH_DEFAULT_STARTARRAY, cfg->msg_cache_size, 788 msgreply_sizefunc, query_info_compare, 789 query_entry_delete, reply_info_delete, NULL); 790 if(!daemon->env->msg_cache) { 791 fatal_exit("malloc failure updating config settings"); 792 } 793 } 794 if((daemon->env->rrset_cache = rrset_cache_adjust( 795 daemon->env->rrset_cache, cfg, &daemon->superalloc)) == 0) 796 fatal_exit("malloc failure updating config settings"); 797 if((daemon->env->infra_cache = infra_adjust(daemon->env->infra_cache, 798 cfg))==0) 799 fatal_exit("malloc failure updating config settings"); 800 } 801