1 /* $NetBSD: event_server.c,v 1.1.1.3 2013/01/02 18:59:01 tron Exp $ */ 2 3 /*++ 4 /* NAME 5 /* event_server 3 6 /* SUMMARY 7 /* skeleton multi-threaded mail subsystem 8 /* SYNOPSIS 9 /* #include <mail_server.h> 10 /* 11 /* NORETURN event_server_main(argc, argv, service, key, value, ...) 12 /* int argc; 13 /* char **argv; 14 /* void (*service)(VSTREAM *stream, char *service_name, char **argv); 15 /* int key; 16 /* 17 /* void event_server_disconnect(fd) 18 /* VSTREAM *stream; 19 /* 20 /* void event_server_drain() 21 /* DESCRIPTION 22 /* This module implements a skeleton for multi-threaded 23 /* mail subsystems: mail subsystem programs that service multiple 24 /* clients at the same time. The resulting program expects to be run 25 /* from the \fBmaster\fR process. 26 /* 27 /* event_server_main() is the skeleton entry point. It should be 28 /* called from the application main program. The skeleton does all 29 /* the generic command-line processing, initialization of 30 /* configurable parameters, and connection management. 31 /* Unlike multi_server, this skeleton does not attempt to manage 32 /* all the events on a client connection. 33 /* The skeleton never returns. 34 /* 35 /* Arguments: 36 /* .IP "void (*service)(VSTREAM *stream, char *service_name, char **argv)" 37 /* A pointer to a function that is called by the skeleton each 38 /* time a client connects to the program's service port. The 39 /* function is run after the program has optionally dropped 40 /* its privileges. The application is responsible for managing 41 /* subsequent I/O events on the stream, and is responsible for 42 /* calling event_server_disconnect() when the stream is closed. 43 /* The stream initial state is non-blocking mode. The service 44 /* name argument corresponds to the service name in the master.cf 45 /* file. The argv argument specifies command-line arguments 46 /* left over after options processing. 47 /* .PP 48 /* Optional arguments are specified as a null-terminated (key, value) 49 /* list. Keys and expected values are: 50 /* .IP "MAIL_SERVER_INT_TABLE (CONFIG_INT_TABLE *)" 51 /* A table with configurable parameters, to be loaded from the 52 /* global Postfix configuration file. Tables are loaded in the 53 /* order as specified, and multiple instances of the same type 54 /* are allowed. 55 /* .IP "MAIL_SERVER_LONG_TABLE (CONFIG_LONG_TABLE *)" 56 /* A table with configurable parameters, to be loaded from the 57 /* global Postfix configuration file. Tables are loaded in the 58 /* order as specified, and multiple instances of the same type 59 /* are allowed. 60 /* .IP "MAIL_SERVER_STR_TABLE (CONFIG_STR_TABLE *)" 61 /* A table with configurable parameters, to be loaded from the 62 /* global Postfix configuration file. Tables are loaded in the 63 /* order as specified, and multiple instances of the same type 64 /* are allowed. 65 /* .IP "MAIL_SERVER_BOOL_TABLE (CONFIG_BOOL_TABLE *)" 66 /* A table with configurable parameters, to be loaded from the 67 /* global Postfix configuration file. Tables are loaded in the 68 /* order as specified, and multiple instances of the same type 69 /* are allowed. 70 /* .IP "MAIL_SERVER_TIME_TABLE (CONFIG_TIME_TABLE *)" 71 /* A table with configurable parameters, to be loaded from the 72 /* global Postfix configuration file. Tables are loaded in the 73 /* order as specified, and multiple instances of the same type 74 /* are allowed. 75 /* .IP "MAIL_SERVER_RAW_TABLE (CONFIG_RAW_TABLE *)" 76 /* A table with configurable parameters, to be loaded from the 77 /* global Postfix configuration file. Tables are loaded in the 78 /* order as specified, and multiple instances of the same type 79 /* are allowed. Raw parameters are not subjected to $name 80 /* evaluation. 81 /* .IP "MAIL_SERVER_NINT_TABLE (CONFIG_NINT_TABLE *)" 82 /* A table with configurable parameters, to be loaded from the 83 /* global Postfix configuration file. Tables are loaded in the 84 /* order as specified, and multiple instances of the same type 85 /* are allowed. 86 /* .IP "MAIL_SERVER_NBOOL_TABLE (CONFIG_NBOOL_TABLE *)" 87 /* A table with configurable parameters, to be loaded from the 88 /* global Postfix configuration file. Tables are loaded in the 89 /* order as specified, and multiple instances of the same type 90 /* are allowed. 91 /* .IP "MAIL_SERVER_PRE_INIT (void *(char *service_name, char **argv))" 92 /* A pointer to a function that is called once 93 /* by the skeleton after it has read the global configuration file 94 /* and after it has processed command-line arguments, but before 95 /* the skeleton has optionally relinquished the process privileges. 96 /* .sp 97 /* Only the last instance of this parameter type is remembered. 98 /* .IP "MAIL_SERVER_POST_INIT (void *(char *service_name, char **argv))" 99 /* A pointer to a function that is called once 100 /* by the skeleton after it has optionally relinquished the process 101 /* privileges, but before servicing client connection requests. 102 /* .sp 103 /* Only the last instance of this parameter type is remembered. 104 /* .IP "MAIL_SERVER_LOOP (int *(char *service_name, char **argv))" 105 /* A pointer to function that is executed from 106 /* within the event loop, whenever an I/O or timer event has happened, 107 /* or whenever nothing has happened for a specified amount of time. 108 /* The result value of the function specifies how long to wait until 109 /* the next event. Specify -1 to wait for "as long as it takes". 110 /* .sp 111 /* Only the last instance of this parameter type is remembered. 112 /* .IP "MAIL_SERVER_EXIT (void *(char *service_name, char **argv))" 113 /* A pointer to function that is executed immediately before normal 114 /* process termination. 115 /* .IP "MAIL_SERVER_PRE_ACCEPT (void *(char *service_name, char **argv))" 116 /* Function to be executed prior to accepting a new connection. 117 /* .sp 118 /* Only the last instance of this parameter type is remembered. 119 /* .IP "MAIL_SERVER_PRE_DISCONN (VSTREAM *, char *service_name, char **argv)" 120 /* A pointer to a function that is called 121 /* by the event_server_disconnect() function (see below). 122 /* .sp 123 /* Only the last instance of this parameter type is remembered. 124 /* .IP "MAIL_SERVER_IN_FLOW_DELAY (none)" 125 /* Pause $in_flow_delay seconds when no "mail flow control token" 126 /* is available. A token is consumed for each connection request. 127 /* .IP MAIL_SERVER_SOLITARY 128 /* This service must be configured with process limit of 1. 129 /* .IP MAIL_SERVER_UNLIMITED 130 /* This service must be configured with process limit of 0. 131 /* .IP MAIL_SERVER_PRIVILEGED 132 /* This service must be configured as privileged. 133 /* .IP "MAIL_SERVER_SLOW_EXIT (void *(char *service_name, char **argv))" 134 /* A pointer to a function that is called after "postfix reload" 135 /* or "master exit". The application can call event_server_drain() 136 /* (see below) to finish ongoing activities in the background. 137 /* .IP "MAIL_SERVER_WATCHDOG (int *)" 138 /* Override the default 1000s watchdog timeout. The value is 139 /* used after command-line and main.cf file processing. 140 /* .PP 141 /* event_server_disconnect() should be called by the application 142 /* to close a client connection. 143 /* 144 /* event_server_drain() should be called when the application 145 /* no longer wishes to accept new client connections. Existing 146 /* clients are handled in a background process, and the process 147 /* terminates when the last client is disconnected. A non-zero 148 /* result means this call should be tried again later. 149 /* 150 /* The var_use_limit variable limits the number of clients 151 /* that a server can service before it commits suicide. This 152 /* value is taken from the global \fBmain.cf\fR configuration 153 /* file. Setting \fBvar_use_limit\fR to zero disables the 154 /* client limit. 155 /* 156 /* The var_idle_limit variable limits the time that a service 157 /* receives no client connection requests before it commits 158 /* suicide. This value is taken from the global \fBmain.cf\fR 159 /* configuration file. Setting \fBvar_idle_limit\fR to zero 160 /* disables the idle limit. 161 /* DIAGNOSTICS 162 /* Problems and transactions are logged to \fBsyslogd\fR(8). 163 /* SEE ALSO 164 /* master(8), master process 165 /* syslogd(8) system logging 166 /* LICENSE 167 /* .ad 168 /* .fi 169 /* The Secure Mailer license must be distributed with this software. 170 /* AUTHOR(S) 171 /* Wietse Venema 172 /* IBM T.J. Watson Research 173 /* P.O. Box 704 174 /* Yorktown Heights, NY 10598, USA 175 /*--*/ 176 177 /* System library. */ 178 179 #include <sys_defs.h> 180 #include <sys/socket.h> 181 #include <sys/time.h> /* select() */ 182 #include <unistd.h> 183 #include <signal.h> 184 #include <syslog.h> 185 #include <stdlib.h> 186 #include <limits.h> 187 #include <string.h> 188 #include <errno.h> 189 #include <fcntl.h> 190 #include <stdarg.h> 191 #ifdef STRCASECMP_IN_STRINGS_H 192 #include <strings.h> 193 #endif 194 #include <time.h> 195 196 #ifdef USE_SYS_SELECT_H 197 #include <sys/select.h> /* select() */ 198 #endif 199 200 /* Utility library. */ 201 202 #include <msg.h> 203 #include <msg_syslog.h> 204 #include <msg_vstream.h> 205 #include <chroot_uid.h> 206 #include <listen.h> 207 #include <events.h> 208 #include <vstring.h> 209 #include <vstream.h> 210 #include <msg_vstream.h> 211 #include <mymalloc.h> 212 #include <iostuff.h> 213 #include <stringops.h> 214 #include <sane_accept.h> 215 #include <myflock.h> 216 #include <safe_open.h> 217 #include <listen.h> 218 #include <watchdog.h> 219 #include <split_at.h> 220 221 /* Global library. */ 222 223 #include <mail_task.h> 224 #include <debug_process.h> 225 #include <mail_params.h> 226 #include <mail_conf.h> 227 #include <mail_dict.h> 228 #include <timed_ipc.h> 229 #include <resolve_local.h> 230 #include <mail_flow.h> 231 #include <mail_version.h> 232 233 /* Process manager. */ 234 235 #include "master_proto.h" 236 237 /* Application-specific */ 238 239 #include "mail_server.h" 240 241 /* 242 * Global state. 243 */ 244 static int client_count; 245 static int use_count; 246 static int socket_count = 1; 247 248 static void (*event_server_service) (VSTREAM *, char *, char **); 249 static char *event_server_name; 250 static char **event_server_argv; 251 static void (*event_server_accept) (int, char *); 252 static void (*event_server_onexit) (char *, char **); 253 static void (*event_server_pre_accept) (char *, char **); 254 static VSTREAM *event_server_lock; 255 static int event_server_in_flow_delay; 256 static unsigned event_server_generation; 257 static void (*event_server_pre_disconn) (VSTREAM *, char *, char **); 258 static void (*event_server_slow_exit) (char *, char **); 259 static int event_server_watchdog = 1000; 260 261 /* event_server_exit - normal termination */ 262 263 static NORETURN event_server_exit(void) 264 { 265 if (event_server_onexit) 266 event_server_onexit(event_server_name, event_server_argv); 267 exit(0); 268 } 269 270 /* event_server_abort - terminate after abnormal master exit */ 271 272 static void event_server_abort(int unused_event, char *unused_context) 273 { 274 if (msg_verbose) 275 msg_info("master disconnect -- exiting"); 276 event_disable_readwrite(MASTER_STATUS_FD); 277 if (event_server_slow_exit) 278 event_server_slow_exit(event_server_name, event_server_argv); 279 else 280 event_server_exit(); 281 } 282 283 /* event_server_timeout - idle time exceeded */ 284 285 static void event_server_timeout(int unused_event, char *unused_context) 286 { 287 if (msg_verbose) 288 msg_info("idle timeout -- exiting"); 289 event_server_exit(); 290 } 291 292 /* event_server_drain - stop accepting new clients */ 293 294 int event_server_drain(void) 295 { 296 const char *myname = "event_server_drain"; 297 int fd; 298 299 switch (fork()) { 300 /* Try again later. */ 301 case -1: 302 return (-1); 303 /* Finish existing clients in the background, then terminate. */ 304 case 0: 305 (void) msg_cleanup((MSG_CLEANUP_FN) 0); 306 event_fork(); 307 for (fd = MASTER_LISTEN_FD; fd < MASTER_LISTEN_FD + socket_count; fd++) { 308 event_disable_readwrite(fd); 309 (void) close(fd); 310 /* Play safe - don't reuse this file number. */ 311 if (DUP2(STDIN_FILENO, fd) < 0) 312 msg_warn("%s: dup2(%d, %d): %m", myname, STDIN_FILENO, fd); 313 } 314 var_use_limit = 1; 315 return (0); 316 /* Let the master start a new process. */ 317 default: 318 exit(0); 319 } 320 } 321 322 /* event_server_disconnect - terminate client session */ 323 324 void event_server_disconnect(VSTREAM *stream) 325 { 326 if (msg_verbose) 327 msg_info("connection closed fd %d", vstream_fileno(stream)); 328 if (event_server_pre_disconn) 329 event_server_pre_disconn(stream, event_server_name, event_server_argv); 330 (void) vstream_fclose(stream); 331 client_count--; 332 /* Avoid integer wrap-around in a persistent process. */ 333 if (use_count < INT_MAX) 334 use_count++; 335 if (client_count == 0 && var_idle_limit > 0) 336 event_request_timer(event_server_timeout, (char *) 0, var_idle_limit); 337 } 338 339 /* event_server_execute - in case (char *) != (struct *) */ 340 341 static void event_server_execute(int unused_event, char *context) 342 { 343 VSTREAM *stream = (VSTREAM *) context; 344 345 if (event_server_lock != 0 346 && myflock(vstream_fileno(event_server_lock), INTERNAL_LOCK, 347 MYFLOCK_OP_NONE) < 0) 348 msg_fatal("select unlock: %m"); 349 350 /* 351 * Do bother the application when the client disconnected. Don't drop the 352 * already accepted client request after "postfix reload"; that would be 353 * rude. 354 */ 355 if (master_notify(var_pid, event_server_generation, MASTER_STAT_TAKEN) < 0) 356 /* void */ ; 357 event_server_service(stream, event_server_name, event_server_argv); 358 if (master_notify(var_pid, event_server_generation, MASTER_STAT_AVAIL) < 0) 359 event_server_abort(EVENT_NULL_TYPE, EVENT_NULL_CONTEXT); 360 } 361 362 /* event_server_wakeup - wake up application */ 363 364 static void event_server_wakeup(int fd) 365 { 366 VSTREAM *stream; 367 char *tmp; 368 369 #if defined(F_DUPFD) && (EVENTS_STYLE != EVENTS_STYLE_SELECT) 370 #ifndef THRESHOLD_FD_WORKAROUND 371 #define THRESHOLD_FD_WORKAROUND 128 372 #endif 373 int new_fd; 374 375 /* 376 * Leave some handles < FD_SETSIZE for DBMS libraries, in the unlikely 377 * case of a multi-server with a thousand clients. 378 */ 379 if (fd < THRESHOLD_FD_WORKAROUND) { 380 if ((new_fd = fcntl(fd, F_DUPFD, THRESHOLD_FD_WORKAROUND)) < 0) 381 msg_fatal("fcntl F_DUPFD: %m"); 382 (void) close(fd); 383 fd = new_fd; 384 } 385 #endif 386 if (msg_verbose) 387 msg_info("connection established fd %d", fd); 388 non_blocking(fd, BLOCKING); 389 close_on_exec(fd, CLOSE_ON_EXEC); 390 client_count++; 391 stream = vstream_fdopen(fd, O_RDWR); 392 tmp = concatenate(event_server_name, " socket", (char *) 0); 393 vstream_control(stream, VSTREAM_CTL_PATH, tmp, VSTREAM_CTL_END); 394 myfree(tmp); 395 timed_ipc_setup(stream); 396 if (event_server_in_flow_delay && mail_flow_get(1) < 0) 397 event_request_timer(event_server_execute, (char *) stream, 398 var_in_flow_delay); 399 else 400 event_server_execute(0, (char *) stream); 401 } 402 403 /* event_server_accept_local - accept client connection request */ 404 405 static void event_server_accept_local(int unused_event, char *context) 406 { 407 int listen_fd = CAST_CHAR_PTR_TO_INT(context); 408 int time_left = -1; 409 int fd; 410 411 /* 412 * Be prepared for accept() to fail because some other process already 413 * got the connection (the number of processes competing for clients is 414 * kept small, so this is not a "thundering herd" problem). If the 415 * accept() succeeds, be sure to disable non-blocking I/O, in order to 416 * minimize confusion. 417 */ 418 if (client_count == 0 && var_idle_limit > 0) 419 time_left = event_cancel_timer(event_server_timeout, (char *) 0); 420 421 if (event_server_pre_accept) 422 event_server_pre_accept(event_server_name, event_server_argv); 423 fd = LOCAL_ACCEPT(listen_fd); 424 if (event_server_lock != 0 425 && myflock(vstream_fileno(event_server_lock), INTERNAL_LOCK, 426 MYFLOCK_OP_NONE) < 0) 427 msg_fatal("select unlock: %m"); 428 if (fd < 0) { 429 if (errno != EAGAIN) 430 msg_error("accept connection: %m"); 431 if (time_left >= 0) 432 event_request_timer(event_server_timeout, (char *) 0, time_left); 433 return; 434 } 435 event_server_wakeup(fd); 436 } 437 438 #ifdef MASTER_XPORT_NAME_PASS 439 440 /* event_server_accept_pass - accept descriptor */ 441 442 static void event_server_accept_pass(int unused_event, char *context) 443 { 444 int listen_fd = CAST_CHAR_PTR_TO_INT(context); 445 int time_left = -1; 446 int fd; 447 448 /* 449 * Be prepared for accept() to fail because some other process already 450 * got the connection (the number of processes competing for clients is 451 * kept small, so this is not a "thundering herd" problem). If the 452 * accept() succeeds, be sure to disable non-blocking I/O, in order to 453 * minimize confusion. 454 */ 455 if (client_count == 0 && var_idle_limit > 0) 456 time_left = event_cancel_timer(event_server_timeout, (char *) 0); 457 458 if (event_server_pre_accept) 459 event_server_pre_accept(event_server_name, event_server_argv); 460 fd = PASS_ACCEPT(listen_fd); 461 if (event_server_lock != 0 462 && myflock(vstream_fileno(event_server_lock), INTERNAL_LOCK, 463 MYFLOCK_OP_NONE) < 0) 464 msg_fatal("select unlock: %m"); 465 if (fd < 0) { 466 if (errno != EAGAIN) 467 msg_error("accept connection: %m"); 468 if (time_left >= 0) 469 event_request_timer(event_server_timeout, (char *) 0, time_left); 470 return; 471 } 472 event_server_wakeup(fd); 473 } 474 475 #endif 476 477 /* event_server_accept_inet - accept client connection request */ 478 479 static void event_server_accept_inet(int unused_event, char *context) 480 { 481 int listen_fd = CAST_CHAR_PTR_TO_INT(context); 482 int time_left = -1; 483 int fd; 484 485 /* 486 * Be prepared for accept() to fail because some other process already 487 * got the connection (the number of processes competing for clients is 488 * kept small, so this is not a "thundering herd" problem). If the 489 * accept() succeeds, be sure to disable non-blocking I/O, in order to 490 * minimize confusion. 491 */ 492 if (client_count == 0 && var_idle_limit > 0) 493 time_left = event_cancel_timer(event_server_timeout, (char *) 0); 494 495 if (event_server_pre_accept) 496 event_server_pre_accept(event_server_name, event_server_argv); 497 fd = inet_accept(listen_fd); 498 if (event_server_lock != 0 499 && myflock(vstream_fileno(event_server_lock), INTERNAL_LOCK, 500 MYFLOCK_OP_NONE) < 0) 501 msg_fatal("select unlock: %m"); 502 if (fd < 0) { 503 if (errno != EAGAIN) 504 msg_error("accept connection: %m"); 505 if (time_left >= 0) 506 event_request_timer(event_server_timeout, (char *) 0, time_left); 507 return; 508 } 509 event_server_wakeup(fd); 510 } 511 512 /* event_server_main - the real main program */ 513 514 NORETURN event_server_main(int argc, char **argv, MULTI_SERVER_FN service,...) 515 { 516 const char *myname = "event_server_main"; 517 VSTREAM *stream = 0; 518 char *root_dir = 0; 519 char *user_name = 0; 520 int debug_me = 0; 521 int daemon_mode = 1; 522 char *service_name = basename(argv[0]); 523 int delay; 524 int c; 525 int fd; 526 va_list ap; 527 MAIL_SERVER_INIT_FN pre_init = 0; 528 MAIL_SERVER_INIT_FN post_init = 0; 529 MAIL_SERVER_LOOP_FN loop = 0; 530 int key; 531 char *transport = 0; 532 533 #if 0 534 char *lock_path; 535 VSTRING *why; 536 537 #endif 538 int alone = 0; 539 int zerolimit = 0; 540 WATCHDOG *watchdog; 541 char *oname_val; 542 char *oname; 543 char *oval; 544 const char *err; 545 char *generation; 546 int msg_vstream_needed = 0; 547 int redo_syslog_init = 0; 548 549 /* 550 * Process environment options as early as we can. 551 */ 552 if (getenv(CONF_ENV_VERB)) 553 msg_verbose = 1; 554 if (getenv(CONF_ENV_DEBUG)) 555 debug_me = 1; 556 557 /* 558 * Don't die when a process goes away unexpectedly. 559 */ 560 signal(SIGPIPE, SIG_IGN); 561 562 /* 563 * Don't die for frivolous reasons. 564 */ 565 #ifdef SIGXFSZ 566 signal(SIGXFSZ, SIG_IGN); 567 #endif 568 569 /* 570 * May need this every now and then. 571 */ 572 var_procname = mystrdup(basename(argv[0])); 573 set_mail_conf_str(VAR_PROCNAME, var_procname); 574 575 /* 576 * Initialize logging and exit handler. Do the syslog first, so that its 577 * initialization completes before we enter the optional chroot jail. 578 */ 579 msg_syslog_init(mail_task(var_procname), LOG_PID, LOG_FACILITY); 580 if (msg_verbose) 581 msg_info("daemon started"); 582 583 /* 584 * Check the Postfix library version as soon as we enable logging. 585 */ 586 MAIL_VERSION_CHECK; 587 588 /* 589 * Initialize from the configuration file. Allow command-line options to 590 * override compiled-in defaults or configured parameter values. 591 */ 592 mail_conf_suck(); 593 594 /* 595 * Register dictionaries that use higher-level interfaces and protocols. 596 */ 597 mail_dict_init(); 598 599 /* 600 * After database open error, continue execution with reduced 601 * functionality. 602 */ 603 dict_allow_surrogate = 1; 604 605 /* 606 * Pick up policy settings from master process. Shut up error messages to 607 * stderr, because no-one is going to see them. 608 */ 609 opterr = 0; 610 while ((c = GETOPT(argc, argv, "cdDi:lm:n:o:s:St:uvVz")) > 0) { 611 switch (c) { 612 case 'c': 613 root_dir = "setme"; 614 break; 615 case 'd': 616 daemon_mode = 0; 617 break; 618 case 'D': 619 debug_me = 1; 620 break; 621 case 'i': 622 mail_conf_update(VAR_MAX_IDLE, optarg); 623 break; 624 case 'l': 625 alone = 1; 626 break; 627 case 'm': 628 mail_conf_update(VAR_MAX_USE, optarg); 629 break; 630 case 'n': 631 service_name = optarg; 632 break; 633 case 'o': 634 oname_val = mystrdup(optarg); 635 if ((err = split_nameval(oname_val, &oname, &oval)) != 0) 636 msg_fatal("invalid \"-o %s\" option value: %s", optarg, err); 637 mail_conf_update(oname, oval); 638 if (strcmp(oname, VAR_SYSLOG_NAME) == 0) 639 redo_syslog_init = 1; 640 myfree(oname_val); 641 break; 642 case 's': 643 if ((socket_count = atoi(optarg)) <= 0) 644 msg_fatal("invalid socket_count: %s", optarg); 645 break; 646 case 'S': 647 stream = VSTREAM_IN; 648 break; 649 case 'u': 650 user_name = "setme"; 651 break; 652 case 't': 653 transport = optarg; 654 break; 655 case 'v': 656 msg_verbose++; 657 break; 658 case 'V': 659 if (++msg_vstream_needed == 1) 660 msg_vstream_init(mail_task(var_procname), VSTREAM_ERR); 661 break; 662 case 'z': 663 zerolimit = 1; 664 break; 665 default: 666 msg_fatal("invalid option: %c", c); 667 break; 668 } 669 } 670 671 /* 672 * Initialize generic parameters. 673 */ 674 mail_params_init(); 675 if (redo_syslog_init) 676 msg_syslog_init(mail_task(var_procname), LOG_PID, LOG_FACILITY); 677 678 /* 679 * If not connected to stdin, stdin must not be a terminal. 680 */ 681 if (daemon_mode && stream == 0 && isatty(STDIN_FILENO)) { 682 msg_vstream_init(var_procname, VSTREAM_ERR); 683 msg_fatal("do not run this command by hand"); 684 } 685 686 /* 687 * Application-specific initialization. 688 */ 689 va_start(ap, service); 690 while ((key = va_arg(ap, int)) != 0) { 691 switch (key) { 692 case MAIL_SERVER_INT_TABLE: 693 get_mail_conf_int_table(va_arg(ap, CONFIG_INT_TABLE *)); 694 break; 695 case MAIL_SERVER_LONG_TABLE: 696 get_mail_conf_long_table(va_arg(ap, CONFIG_LONG_TABLE *)); 697 break; 698 case MAIL_SERVER_STR_TABLE: 699 get_mail_conf_str_table(va_arg(ap, CONFIG_STR_TABLE *)); 700 break; 701 case MAIL_SERVER_BOOL_TABLE: 702 get_mail_conf_bool_table(va_arg(ap, CONFIG_BOOL_TABLE *)); 703 break; 704 case MAIL_SERVER_TIME_TABLE: 705 get_mail_conf_time_table(va_arg(ap, CONFIG_TIME_TABLE *)); 706 break; 707 case MAIL_SERVER_RAW_TABLE: 708 get_mail_conf_raw_table(va_arg(ap, CONFIG_RAW_TABLE *)); 709 break; 710 case MAIL_SERVER_NINT_TABLE: 711 get_mail_conf_nint_table(va_arg(ap, CONFIG_NINT_TABLE *)); 712 break; 713 case MAIL_SERVER_NBOOL_TABLE: 714 get_mail_conf_nbool_table(va_arg(ap, CONFIG_NBOOL_TABLE *)); 715 break; 716 case MAIL_SERVER_PRE_INIT: 717 pre_init = va_arg(ap, MAIL_SERVER_INIT_FN); 718 break; 719 case MAIL_SERVER_POST_INIT: 720 post_init = va_arg(ap, MAIL_SERVER_INIT_FN); 721 break; 722 case MAIL_SERVER_LOOP: 723 loop = va_arg(ap, MAIL_SERVER_LOOP_FN); 724 break; 725 case MAIL_SERVER_EXIT: 726 event_server_onexit = va_arg(ap, MAIL_SERVER_EXIT_FN); 727 break; 728 case MAIL_SERVER_PRE_ACCEPT: 729 event_server_pre_accept = va_arg(ap, MAIL_SERVER_ACCEPT_FN); 730 break; 731 case MAIL_SERVER_PRE_DISCONN: 732 event_server_pre_disconn = va_arg(ap, MAIL_SERVER_DISCONN_FN); 733 break; 734 case MAIL_SERVER_IN_FLOW_DELAY: 735 event_server_in_flow_delay = 1; 736 break; 737 case MAIL_SERVER_SOLITARY: 738 if (stream == 0 && !alone) 739 msg_fatal("service %s requires a process limit of 1", 740 service_name); 741 break; 742 case MAIL_SERVER_UNLIMITED: 743 if (stream == 0 && !zerolimit) 744 msg_fatal("service %s requires a process limit of 0", 745 service_name); 746 break; 747 case MAIL_SERVER_PRIVILEGED: 748 if (user_name) 749 msg_fatal("service %s requires privileged operation", 750 service_name); 751 break; 752 case MAIL_SERVER_WATCHDOG: 753 event_server_watchdog = *va_arg(ap, int *); 754 break; 755 case MAIL_SERVER_SLOW_EXIT: 756 event_server_slow_exit = va_arg(ap, MAIL_SERVER_SLOW_EXIT_FN); 757 break; 758 default: 759 msg_panic("%s: unknown argument type: %d", myname, key); 760 } 761 } 762 va_end(ap); 763 764 if (root_dir) 765 root_dir = var_queue_dir; 766 if (user_name) 767 user_name = var_mail_owner; 768 769 /* 770 * Can options be required? 771 */ 772 if (stream == 0) { 773 if (transport == 0) 774 msg_fatal("no transport type specified"); 775 if (strcasecmp(transport, MASTER_XPORT_NAME_INET) == 0) 776 event_server_accept = event_server_accept_inet; 777 else if (strcasecmp(transport, MASTER_XPORT_NAME_UNIX) == 0) 778 event_server_accept = event_server_accept_local; 779 #ifdef MASTER_XPORT_NAME_PASS 780 else if (strcasecmp(transport, MASTER_XPORT_NAME_PASS) == 0) 781 event_server_accept = event_server_accept_pass; 782 #endif 783 else 784 msg_fatal("unsupported transport type: %s", transport); 785 } 786 787 /* 788 * Retrieve process generation from environment. 789 */ 790 if ((generation = getenv(MASTER_GEN_NAME)) != 0) { 791 if (!alldig(generation)) 792 msg_fatal("bad generation: %s", generation); 793 OCTAL_TO_UNSIGNED(event_server_generation, generation); 794 if (msg_verbose) 795 msg_info("process generation: %s (%o)", 796 generation, event_server_generation); 797 } 798 799 /* 800 * Optionally start the debugger on ourself. 801 */ 802 if (debug_me) 803 debug_process(); 804 805 /* 806 * Traditionally, BSD select() can't handle multiple processes selecting 807 * on the same socket, and wakes up every process in select(). See TCP/IP 808 * Illustrated volume 2 page 532. We avoid select() collisions with an 809 * external lock file. 810 */ 811 812 /* 813 * XXX Can't compete for exclusive access to the listen socket because we 814 * also have to monitor existing client connections for service requests. 815 */ 816 #if 0 817 if (stream == 0 && !alone) { 818 lock_path = concatenate(DEF_PID_DIR, "/", transport, 819 ".", service_name, (char *) 0); 820 why = vstring_alloc(1); 821 if ((event_server_lock = safe_open(lock_path, O_CREAT | O_RDWR, 0600, 822 (struct stat *) 0, -1, -1, why)) == 0) 823 msg_fatal("open lock file %s: %s", lock_path, vstring_str(why)); 824 close_on_exec(vstream_fileno(event_server_lock), CLOSE_ON_EXEC); 825 myfree(lock_path); 826 vstring_free(why); 827 } 828 #endif 829 830 /* 831 * Set up call-back info. 832 */ 833 event_server_service = service; 834 event_server_name = service_name; 835 event_server_argv = argv + optind; 836 837 /* 838 * Run pre-jail initialization. 839 */ 840 if (chdir(var_queue_dir) < 0) 841 msg_fatal("chdir(\"%s\"): %m", var_queue_dir); 842 if (pre_init) 843 pre_init(event_server_name, event_server_argv); 844 845 /* 846 * Optionally, restrict the damage that this process can do. 847 */ 848 resolve_local_init(); 849 tzset(); 850 chroot_uid(root_dir, user_name); 851 852 /* 853 * Run post-jail initialization. 854 */ 855 if (post_init) 856 post_init(event_server_name, event_server_argv); 857 858 /* 859 * Are we running as a one-shot server with the client connection on 860 * standard input? If so, make sure the output is written to stdout so as 861 * to satisfy common expectation. 862 */ 863 if (stream != 0) { 864 vstream_control(stream, 865 VSTREAM_CTL_DOUBLE, 866 VSTREAM_CTL_WRITE_FD, STDOUT_FILENO, 867 VSTREAM_CTL_END); 868 service(stream, event_server_name, event_server_argv); 869 vstream_fflush(stream); 870 event_server_exit(); 871 } 872 873 /* 874 * Running as a semi-resident server. Service connection requests. 875 * Terminate when we have serviced a sufficient number of clients, when 876 * no-one has been talking to us for a configurable amount of time, or 877 * when the master process terminated abnormally. 878 */ 879 if (var_idle_limit > 0) 880 event_request_timer(event_server_timeout, (char *) 0, var_idle_limit); 881 for (fd = MASTER_LISTEN_FD; fd < MASTER_LISTEN_FD + socket_count; fd++) { 882 event_enable_read(fd, event_server_accept, CAST_INT_TO_CHAR_PTR(fd)); 883 close_on_exec(fd, CLOSE_ON_EXEC); 884 } 885 event_enable_read(MASTER_STATUS_FD, event_server_abort, (char *) 0); 886 close_on_exec(MASTER_STATUS_FD, CLOSE_ON_EXEC); 887 close_on_exec(MASTER_FLOW_READ, CLOSE_ON_EXEC); 888 close_on_exec(MASTER_FLOW_WRITE, CLOSE_ON_EXEC); 889 watchdog = watchdog_create(event_server_watchdog, 890 (WATCHDOG_FN) 0, (char *) 0); 891 892 /* 893 * The event loop, at last. 894 */ 895 while (var_use_limit == 0 || use_count < var_use_limit || client_count > 0) { 896 if (event_server_lock != 0) { 897 watchdog_stop(watchdog); 898 if (myflock(vstream_fileno(event_server_lock), INTERNAL_LOCK, 899 MYFLOCK_OP_EXCLUSIVE) < 0) 900 msg_fatal("select lock: %m"); 901 } 902 watchdog_start(watchdog); 903 delay = loop ? loop(event_server_name, event_server_argv) : -1; 904 event_loop(delay); 905 } 906 event_server_exit(); 907 } 908