1 /* $NetBSD: trigger_server.c,v 1.1.1.5 2013/09/25 19:06:32 tron Exp $ */ 2 3 /*++ 4 /* NAME 5 /* trigger_server 3 6 /* SUMMARY 7 /* skeleton triggered mail subsystem 8 /* SYNOPSIS 9 /* #include <mail_server.h> 10 /* 11 /* NORETURN trigger_server_main(argc, argv, service, key, value, ...) 12 /* int argc; 13 /* char **argv; 14 /* void (*service)(char *buf, int len, char *service_name, char **argv); 15 /* int key; 16 /* DESCRIPTION 17 /* This module implements a skeleton for triggered 18 /* mail subsystems: mail subsystem programs that wake up on 19 /* client request and perform some activity without further 20 /* client interaction. This module supports local IPC via FIFOs 21 /* and via UNIX-domain sockets. The resulting program expects to be 22 /* run from the \fBmaster\fR process. 23 /* 24 /* trigger_server_main() is the skeleton entry point. It should be 25 /* called from the application main program. The skeleton does the 26 /* generic command-line options processing, initialization of 27 /* configurable parameters, and connection management. 28 /* The skeleton never returns. 29 /* 30 /* Arguments: 31 /* .IP "void (*service)(char *buf, int len, char *service_name, char **argv)" 32 /* A pointer to a function that is called by the skeleton each time 33 /* a client connects to the program's service port. The function is 34 /* run after the program has irrevocably dropped its privileges. 35 /* The buffer argument specifies the data read from the trigger port; 36 /* this data corresponds to one or more trigger requests. 37 /* The len argument specifies how much client data is available. 38 /* The maximal size of the buffer is specified via the 39 /* TRIGGER_BUF_SIZE manifest constant. 40 /* The service name argument corresponds to the service name in the 41 /* master.cf file. 42 /* The argv argument specifies command-line arguments left over 43 /* after options processing. 44 /* The \fBserver\fR argument provides the following information: 45 /* .PP 46 /* Optional arguments are specified as a null-terminated (key, value) 47 /* list. Keys and expected values are: 48 /* .IP "MAIL_SERVER_INT_TABLE (CONFIG_INT_TABLE *)" 49 /* A table with configurable parameters, to be loaded from the 50 /* global Postfix configuration file. Tables are loaded in the 51 /* order as specified, and multiple instances of the same type 52 /* are allowed. 53 /* .IP "MAIL_SERVER_LONG_TABLE (CONFIG_LONG_TABLE *)" 54 /* A table with configurable parameters, to be loaded from the 55 /* global Postfix configuration file. Tables are loaded in the 56 /* order as specified, and multiple instances of the same type 57 /* are allowed. 58 /* .IP "MAIL_SERVER_STR_TABLE (CONFIG_STR_TABLE *)" 59 /* A table with configurable parameters, to be loaded from the 60 /* global Postfix configuration file. Tables are loaded in the 61 /* order as specified, and multiple instances of the same type 62 /* are allowed. 63 /* .IP "MAIL_SERVER_BOOL_TABLE (CONFIG_BOOL_TABLE *)" 64 /* A table with configurable parameters, to be loaded from the 65 /* global Postfix configuration file. Tables are loaded in the 66 /* order as specified, and multiple instances of the same type 67 /* are allowed. 68 /* .IP "MAIL_SERVER_TIME_TABLE (CONFIG_TIME_TABLE *)" 69 /* A table with configurable parameters, to be loaded from the 70 /* global Postfix configuration file. Tables are loaded in the 71 /* order as specified, and multiple instances of the same type 72 /* are allowed. 73 /* .IP "MAIL_SERVER_RAW_TABLE (CONFIG_RAW_TABLE *)" 74 /* A table with configurable parameters, to be loaded from the 75 /* global Postfix configuration file. Tables are loaded in the 76 /* order as specified, and multiple instances of the same type 77 /* are allowed. Raw parameters are not subjected to $name 78 /* evaluation. 79 /* .IP "MAIL_SERVER_NINT_TABLE (CONFIG_NINT_TABLE *)" 80 /* A table with configurable parameters, to be loaded from the 81 /* global Postfix configuration file. Tables are loaded in the 82 /* order as specified, and multiple instances of the same type 83 /* are allowed. 84 /* .IP "MAIL_SERVER_NBOOL_TABLE (CONFIG_NBOOL_TABLE *)" 85 /* A table with configurable parameters, to be loaded from the 86 /* global Postfix configuration file. Tables are loaded in the 87 /* order as specified, and multiple instances of the same type 88 /* are allowed. 89 /* .IP "MAIL_SERVER_PRE_INIT (void *(char *service_name, char **argv))" 90 /* A pointer to a function that is called once 91 /* by the skeleton after it has read the global configuration file 92 /* and after it has processed command-line arguments, but before 93 /* the skeleton has optionally relinquished the process privileges. 94 /* .sp 95 /* Only the last instance of this parameter type is remembered. 96 /* .IP "MAIL_SERVER_POST_INIT (void *(char *service_name, char **argv))" 97 /* A pointer to a function that is called once 98 /* by the skeleton after it has optionally relinquished the process 99 /* privileges, but before servicing client connection requests. 100 /* .sp 101 /* Only the last instance of this parameter type is remembered. 102 /* .IP "MAIL_SERVER_LOOP (int *(char *service_name, char **argv))" 103 /* A pointer to function that is executed from 104 /* within the event loop, whenever an I/O or timer event has happened, 105 /* or whenever nothing has happened for a specified amount of time. 106 /* The result value of the function specifies how long to wait until 107 /* the next event. Specify -1 to wait for "as long as it takes". 108 /* .sp 109 /* Only the last instance of this parameter type is remembered. 110 /* .IP "MAIL_SERVER_EXIT (void *(char *service_name, char **argv))" 111 /* A pointer to function that is executed immediately before normal 112 /* process termination. 113 /* .sp 114 /* Only the last instance of this parameter type is remembered. 115 /* .IP "MAIL_SERVER_PRE_ACCEPT (void *(char *service_name, char **argv))" 116 /* Function to be executed prior to accepting a new request. 117 /* .sp 118 /* Only the last instance of this parameter type is remembered. 119 /* .IP "MAIL_SERVER_IN_FLOW_DELAY (none)" 120 /* Pause $in_flow_delay seconds when no "mail flow control token" 121 /* is available. A token is consumed for each connection request. 122 /* .IP MAIL_SERVER_SOLITARY 123 /* This service must be configured with process limit of 1. 124 /* .IP MAIL_SERVER_UNLIMITED 125 /* This service must be configured with process limit of 0. 126 /* .IP MAIL_SERVER_PRIVILEGED 127 /* This service must be configured as privileged. 128 /* .IP "MAIL_SERVER_WATCHDOG (int *)" 129 /* Override the default 1000s watchdog timeout. The value is 130 /* used after command-line and main.cf file processing. 131 /* .PP 132 /* The var_use_limit variable limits the number of clients that 133 /* a server can service before it commits suicide. 134 /* This value is taken from the global \fBmain.cf\fR configuration 135 /* file. Setting \fBvar_use_limit\fR to zero disables the client limit. 136 /* 137 /* The var_idle_limit variable limits the time that a service 138 /* receives no client connection requests before it commits suicide. 139 /* This value is taken from the global \fBmain.cf\fR configuration 140 /* file. Setting \fBvar_use_limit\fR to zero disables the idle limit. 141 /* DIAGNOSTICS 142 /* Problems and transactions are logged to \fBsyslogd\fR(8). 143 /* BUGS 144 /* Works with FIFO-based services only. 145 /* SEE ALSO 146 /* master(8), master process 147 /* syslogd(8) system logging 148 /* LICENSE 149 /* .ad 150 /* .fi 151 /* The Secure Mailer license must be distributed with this software. 152 /* AUTHOR(S) 153 /* Wietse Venema 154 /* IBM T.J. Watson Research 155 /* P.O. Box 704 156 /* Yorktown Heights, NY 10598, USA 157 /*--*/ 158 159 /* System library. */ 160 161 #include <sys_defs.h> 162 #include <sys/socket.h> 163 #include <unistd.h> 164 #include <signal.h> 165 #include <syslog.h> 166 #include <stdlib.h> 167 #include <limits.h> 168 #include <string.h> 169 #include <errno.h> 170 #include <fcntl.h> 171 #include <stdarg.h> 172 #ifdef STRCASECMP_IN_STRINGS_H 173 #include <strings.h> 174 #endif 175 #include <time.h> 176 177 /* Utility library. */ 178 179 #include <msg.h> 180 #include <msg_syslog.h> 181 #include <msg_vstream.h> 182 #include <chroot_uid.h> 183 #include <vstring.h> 184 #include <vstream.h> 185 #include <msg_vstream.h> 186 #include <mymalloc.h> 187 #include <events.h> 188 #include <iostuff.h> 189 #include <stringops.h> 190 #include <sane_accept.h> 191 #include <myflock.h> 192 #include <safe_open.h> 193 #include <listen.h> 194 #include <watchdog.h> 195 #include <split_at.h> 196 197 /* Global library. */ 198 199 #include <mail_params.h> 200 #include <mail_task.h> 201 #include <debug_process.h> 202 #include <mail_conf.h> 203 #include <mail_dict.h> 204 #include <resolve_local.h> 205 #include <mail_flow.h> 206 #include <mail_version.h> 207 208 /* Process manager. */ 209 210 #include "master_proto.h" 211 212 /* Application-specific */ 213 214 #include "mail_server.h" 215 216 /* 217 * Global state. 218 */ 219 static int use_count; 220 221 static TRIGGER_SERVER_FN trigger_server_service; 222 static char *trigger_server_name; 223 static char **trigger_server_argv; 224 static void (*trigger_server_accept) (int, char *); 225 static void (*trigger_server_onexit) (char *, char **); 226 static void (*trigger_server_pre_accept) (char *, char **); 227 static VSTREAM *trigger_server_lock; 228 static int trigger_server_in_flow_delay; 229 static unsigned trigger_server_generation; 230 static int trigger_server_watchdog = 1000; 231 232 /* trigger_server_exit - normal termination */ 233 234 static NORETURN trigger_server_exit(void) 235 { 236 if (trigger_server_onexit) 237 trigger_server_onexit(trigger_server_name, trigger_server_argv); 238 exit(0); 239 } 240 241 /* trigger_server_abort - terminate after abnormal master exit */ 242 243 static void trigger_server_abort(int unused_event, char *unused_context) 244 { 245 if (msg_verbose) 246 msg_info("master disconnect -- exiting"); 247 trigger_server_exit(); 248 } 249 250 /* trigger_server_timeout - idle time exceeded */ 251 252 static void trigger_server_timeout(int unused_event, char *unused_context) 253 { 254 if (msg_verbose) 255 msg_info("idle timeout -- exiting"); 256 trigger_server_exit(); 257 } 258 259 /* trigger_server_wakeup - wake up application */ 260 261 static void trigger_server_wakeup(int fd) 262 { 263 char buf[TRIGGER_BUF_SIZE]; 264 int len; 265 266 /* 267 * Commit suicide when the master process disconnected from us. Don't 268 * drop the already accepted client request after "postfix reload"; that 269 * would be rude. 270 */ 271 if (master_notify(var_pid, trigger_server_generation, MASTER_STAT_TAKEN) < 0) 272 /* void */ ; 273 if (trigger_server_in_flow_delay && mail_flow_get(1) < 0) 274 doze(var_in_flow_delay * 1000000); 275 if ((len = read(fd, buf, sizeof(buf))) >= 0) 276 trigger_server_service(buf, len, trigger_server_name, 277 trigger_server_argv); 278 if (master_notify(var_pid, trigger_server_generation, MASTER_STAT_AVAIL) < 0) 279 trigger_server_abort(EVENT_NULL_TYPE, EVENT_NULL_CONTEXT); 280 if (var_idle_limit > 0) 281 event_request_timer(trigger_server_timeout, (char *) 0, var_idle_limit); 282 /* Avoid integer wrap-around in a persistent process. */ 283 if (use_count < INT_MAX) 284 use_count++; 285 } 286 287 /* trigger_server_accept_fifo - accept fifo client request */ 288 289 static void trigger_server_accept_fifo(int unused_event, char *context) 290 { 291 const char *myname = "trigger_server_accept_fifo"; 292 int listen_fd = CAST_CHAR_PTR_TO_INT(context); 293 294 if (trigger_server_lock != 0 295 && myflock(vstream_fileno(trigger_server_lock), INTERNAL_LOCK, 296 MYFLOCK_OP_NONE) < 0) 297 msg_fatal("select unlock: %m"); 298 299 if (msg_verbose) 300 msg_info("%s: trigger arrived", myname); 301 302 /* 303 * Read whatever the other side wrote into the FIFO. The FIFO read end is 304 * non-blocking so we won't get stuck when multiple processes wake up. 305 */ 306 if (trigger_server_pre_accept) 307 trigger_server_pre_accept(trigger_server_name, trigger_server_argv); 308 trigger_server_wakeup(listen_fd); 309 } 310 311 /* trigger_server_accept_local - accept socket client request */ 312 313 static void trigger_server_accept_local(int unused_event, char *context) 314 { 315 const char *myname = "trigger_server_accept_local"; 316 int listen_fd = CAST_CHAR_PTR_TO_INT(context); 317 int time_left = 0; 318 int fd; 319 320 if (msg_verbose) 321 msg_info("%s: trigger arrived", myname); 322 323 /* 324 * Read a message from a socket. Be prepared for accept() to fail because 325 * some other process already got the connection. The socket is 326 * non-blocking so we won't get stuck when multiple processes wake up. 327 * Don't get stuck when the client connects but sends no data. Restart 328 * the idle timer if this was a false alarm. 329 */ 330 if (var_idle_limit > 0) 331 time_left = event_cancel_timer(trigger_server_timeout, (char *) 0); 332 333 if (trigger_server_pre_accept) 334 trigger_server_pre_accept(trigger_server_name, trigger_server_argv); 335 fd = LOCAL_ACCEPT(listen_fd); 336 if (trigger_server_lock != 0 337 && myflock(vstream_fileno(trigger_server_lock), INTERNAL_LOCK, 338 MYFLOCK_OP_NONE) < 0) 339 msg_fatal("select unlock: %m"); 340 if (fd < 0) { 341 if (errno != EAGAIN) 342 msg_error("accept connection: %m"); 343 if (time_left >= 0) 344 event_request_timer(trigger_server_timeout, (char *) 0, time_left); 345 return; 346 } 347 close_on_exec(fd, CLOSE_ON_EXEC); 348 if (read_wait(fd, 10) == 0) 349 trigger_server_wakeup(fd); 350 else if (time_left >= 0) 351 event_request_timer(trigger_server_timeout, (char *) 0, time_left); 352 close(fd); 353 } 354 355 #ifdef MASTER_XPORT_NAME_PASS 356 357 /* trigger_server_accept_pass - accept descriptor */ 358 359 static void trigger_server_accept_pass(int unused_event, char *context) 360 { 361 const char *myname = "trigger_server_accept_pass"; 362 int listen_fd = CAST_CHAR_PTR_TO_INT(context); 363 int time_left = 0; 364 int fd; 365 366 if (msg_verbose) 367 msg_info("%s: trigger arrived", myname); 368 369 /* 370 * Read a message from a socket. Be prepared for accept() to fail because 371 * some other process already got the connection. The socket is 372 * non-blocking so we won't get stuck when multiple processes wake up. 373 * Don't get stuck when the client connects but sends no data. Restart 374 * the idle timer if this was a false alarm. 375 */ 376 if (var_idle_limit > 0) 377 time_left = event_cancel_timer(trigger_server_timeout, (char *) 0); 378 379 if (trigger_server_pre_accept) 380 trigger_server_pre_accept(trigger_server_name, trigger_server_argv); 381 fd = pass_accept(listen_fd); 382 if (trigger_server_lock != 0 383 && myflock(vstream_fileno(trigger_server_lock), INTERNAL_LOCK, 384 MYFLOCK_OP_NONE) < 0) 385 msg_fatal("select unlock: %m"); 386 if (fd < 0) { 387 if (errno != EAGAIN) 388 msg_error("accept connection: %m"); 389 if (time_left >= 0) 390 event_request_timer(trigger_server_timeout, (char *) 0, time_left); 391 return; 392 } 393 close_on_exec(fd, CLOSE_ON_EXEC); 394 if (read_wait(fd, 10) == 0) 395 trigger_server_wakeup(fd); 396 else if (time_left >= 0) 397 event_request_timer(trigger_server_timeout, (char *) 0, time_left); 398 close(fd); 399 } 400 401 #endif 402 403 /* trigger_server_main - the real main program */ 404 405 NORETURN trigger_server_main(int argc, char **argv, TRIGGER_SERVER_FN service,...) 406 { 407 const char *myname = "trigger_server_main"; 408 char *root_dir = 0; 409 char *user_name = 0; 410 int debug_me = 0; 411 int daemon_mode = 1; 412 char *service_name = basename(argv[0]); 413 VSTREAM *stream = 0; 414 int delay; 415 int c; 416 int socket_count = 1; 417 int fd; 418 va_list ap; 419 MAIL_SERVER_INIT_FN pre_init = 0; 420 MAIL_SERVER_INIT_FN post_init = 0; 421 MAIL_SERVER_LOOP_FN loop = 0; 422 int key; 423 char buf[TRIGGER_BUF_SIZE]; 424 int len; 425 char *transport = 0; 426 char *lock_path; 427 VSTRING *why; 428 int alone = 0; 429 int zerolimit = 0; 430 WATCHDOG *watchdog; 431 char *oname_val; 432 char *oname; 433 char *oval; 434 const char *err; 435 char *generation; 436 int msg_vstream_needed = 0; 437 int redo_syslog_init = 0; 438 439 /* 440 * Process environment options as early as we can. 441 */ 442 if (getenv(CONF_ENV_VERB)) 443 msg_verbose = 1; 444 if (getenv(CONF_ENV_DEBUG)) 445 debug_me = 1; 446 447 /* 448 * Don't die when a process goes away unexpectedly. 449 */ 450 signal(SIGPIPE, SIG_IGN); 451 452 /* 453 * Don't die for frivolous reasons. 454 */ 455 #ifdef SIGXFSZ 456 signal(SIGXFSZ, SIG_IGN); 457 #endif 458 459 /* 460 * May need this every now and then. 461 */ 462 var_procname = mystrdup(basename(argv[0])); 463 set_mail_conf_str(VAR_PROCNAME, var_procname); 464 465 /* 466 * Initialize logging and exit handler. Do the syslog first, so that its 467 * initialization completes before we enter the optional chroot jail. 468 */ 469 msg_syslog_init(mail_task(var_procname), LOG_PID, LOG_FACILITY); 470 if (msg_verbose) 471 msg_info("daemon started"); 472 473 /* 474 * Check the Postfix library version as soon as we enable logging. 475 */ 476 MAIL_VERSION_CHECK; 477 478 /* 479 * Initialize from the configuration file. Allow command-line options to 480 * override compiled-in defaults or configured parameter values. 481 */ 482 mail_conf_suck(); 483 484 /* 485 * Register dictionaries that use higher-level interfaces and protocols. 486 */ 487 mail_dict_init(); 488 489 /* 490 * After database open error, continue execution with reduced 491 * functionality. 492 */ 493 dict_allow_surrogate = 1; 494 495 /* 496 * Pick up policy settings from master process. Shut up error messages to 497 * stderr, because no-one is going to see them. 498 */ 499 opterr = 0; 500 while ((c = GETOPT(argc, argv, "cdDi:lm:n:o:s:St:uvVz")) > 0) { 501 switch (c) { 502 case 'c': 503 root_dir = "setme"; 504 break; 505 case 'd': 506 daemon_mode = 0; 507 break; 508 case 'D': 509 debug_me = 1; 510 break; 511 case 'i': 512 mail_conf_update(VAR_MAX_IDLE, optarg); 513 break; 514 case 'l': 515 alone = 1; 516 break; 517 case 'm': 518 mail_conf_update(VAR_MAX_USE, optarg); 519 break; 520 case 'n': 521 service_name = optarg; 522 break; 523 case 'o': 524 oname_val = mystrdup(optarg); 525 if ((err = split_nameval(oname_val, &oname, &oval)) != 0) 526 msg_fatal("invalid \"-o %s\" option value: %s", optarg, err); 527 mail_conf_update(oname, oval); 528 if (strcmp(oname, VAR_SYSLOG_NAME) == 0) 529 redo_syslog_init = 1; 530 myfree(oname_val); 531 break; 532 case 's': 533 if ((socket_count = atoi(optarg)) <= 0) 534 msg_fatal("invalid socket_count: %s", optarg); 535 break; 536 case 'S': 537 stream = VSTREAM_IN; 538 break; 539 case 't': 540 transport = optarg; 541 break; 542 case 'u': 543 user_name = "setme"; 544 break; 545 case 'v': 546 msg_verbose++; 547 break; 548 case 'V': 549 if (++msg_vstream_needed == 1) 550 msg_vstream_init(mail_task(var_procname), VSTREAM_ERR); 551 break; 552 case 'z': 553 zerolimit = 1; 554 break; 555 default: 556 msg_fatal("invalid option: %c", c); 557 break; 558 } 559 } 560 561 /* 562 * Initialize generic parameters. 563 */ 564 mail_params_init(); 565 if (redo_syslog_init) 566 msg_syslog_init(mail_task(var_procname), LOG_PID, LOG_FACILITY); 567 568 /* 569 * If not connected to stdin, stdin must not be a terminal. 570 */ 571 if (daemon_mode && stream == 0 && isatty(STDIN_FILENO)) { 572 msg_vstream_init(var_procname, VSTREAM_ERR); 573 msg_fatal("do not run this command by hand"); 574 } 575 576 /* 577 * Application-specific initialization. 578 */ 579 va_start(ap, service); 580 while ((key = va_arg(ap, int)) != 0) { 581 switch (key) { 582 case MAIL_SERVER_INT_TABLE: 583 get_mail_conf_int_table(va_arg(ap, CONFIG_INT_TABLE *)); 584 break; 585 case MAIL_SERVER_LONG_TABLE: 586 get_mail_conf_long_table(va_arg(ap, CONFIG_LONG_TABLE *)); 587 break; 588 case MAIL_SERVER_STR_TABLE: 589 get_mail_conf_str_table(va_arg(ap, CONFIG_STR_TABLE *)); 590 break; 591 case MAIL_SERVER_BOOL_TABLE: 592 get_mail_conf_bool_table(va_arg(ap, CONFIG_BOOL_TABLE *)); 593 break; 594 case MAIL_SERVER_TIME_TABLE: 595 get_mail_conf_time_table(va_arg(ap, CONFIG_TIME_TABLE *)); 596 break; 597 case MAIL_SERVER_RAW_TABLE: 598 get_mail_conf_raw_table(va_arg(ap, CONFIG_RAW_TABLE *)); 599 break; 600 case MAIL_SERVER_NINT_TABLE: 601 get_mail_conf_nint_table(va_arg(ap, CONFIG_NINT_TABLE *)); 602 break; 603 case MAIL_SERVER_NBOOL_TABLE: 604 get_mail_conf_nbool_table(va_arg(ap, CONFIG_NBOOL_TABLE *)); 605 break; 606 case MAIL_SERVER_PRE_INIT: 607 pre_init = va_arg(ap, MAIL_SERVER_INIT_FN); 608 break; 609 case MAIL_SERVER_POST_INIT: 610 post_init = va_arg(ap, MAIL_SERVER_INIT_FN); 611 break; 612 case MAIL_SERVER_LOOP: 613 loop = va_arg(ap, MAIL_SERVER_LOOP_FN); 614 break; 615 case MAIL_SERVER_EXIT: 616 trigger_server_onexit = va_arg(ap, MAIL_SERVER_EXIT_FN); 617 break; 618 case MAIL_SERVER_PRE_ACCEPT: 619 trigger_server_pre_accept = va_arg(ap, MAIL_SERVER_ACCEPT_FN); 620 break; 621 case MAIL_SERVER_IN_FLOW_DELAY: 622 trigger_server_in_flow_delay = 1; 623 break; 624 case MAIL_SERVER_SOLITARY: 625 if (stream == 0 && !alone) 626 msg_fatal("service %s requires a process limit of 1", 627 service_name); 628 break; 629 case MAIL_SERVER_UNLIMITED: 630 if (stream == 0 && !zerolimit) 631 msg_fatal("service %s requires a process limit of 0", 632 service_name); 633 break; 634 case MAIL_SERVER_PRIVILEGED: 635 if (user_name) 636 msg_fatal("service %s requires privileged operation", 637 service_name); 638 break; 639 case MAIL_SERVER_WATCHDOG: 640 trigger_server_watchdog = *va_arg(ap, int *); 641 break; 642 default: 643 msg_panic("%s: unknown argument type: %d", myname, key); 644 } 645 } 646 va_end(ap); 647 648 if (root_dir) 649 root_dir = var_queue_dir; 650 if (user_name) 651 user_name = var_mail_owner; 652 653 /* 654 * Can options be required? 655 * 656 * XXX Initially this code was implemented with UNIX-domain sockets, but 657 * Solaris <= 2.5 UNIX-domain sockets misbehave hopelessly when the 658 * client disconnects before the server has accepted the connection. 659 * Symptom: the server accept() fails with EPIPE or EPROTO, but the 660 * socket stays readable, so that the program goes into a wasteful loop. 661 * 662 * The initial fix was to use FIFOs, but those turn out to have their own 663 * problems, witness the workarounds in the fifo_listen() routine. 664 * Therefore we support both FIFOs and UNIX-domain sockets, so that the 665 * user can choose whatever works best. 666 * 667 * Well, I give up. Solaris UNIX-domain sockets still don't work properly, 668 * so it will have to limp along with a streams-specific alternative. 669 */ 670 if (stream == 0) { 671 if (transport == 0) 672 msg_fatal("no transport type specified"); 673 if (strcasecmp(transport, MASTER_XPORT_NAME_UNIX) == 0) 674 trigger_server_accept = trigger_server_accept_local; 675 else if (strcasecmp(transport, MASTER_XPORT_NAME_FIFO) == 0) 676 trigger_server_accept = trigger_server_accept_fifo; 677 #ifdef MASTER_XPORT_NAME_PASS 678 else if (strcasecmp(transport, MASTER_XPORT_NAME_PASS) == 0) 679 trigger_server_accept = trigger_server_accept_pass; 680 #endif 681 else 682 msg_fatal("unsupported transport type: %s", transport); 683 } 684 685 /* 686 * Retrieve process generation from environment. 687 */ 688 if ((generation = getenv(MASTER_GEN_NAME)) != 0) { 689 if (!alldig(generation)) 690 msg_fatal("bad generation: %s", generation); 691 OCTAL_TO_UNSIGNED(trigger_server_generation, generation); 692 if (msg_verbose) 693 msg_info("process generation: %s (%o)", 694 generation, trigger_server_generation); 695 } 696 697 /* 698 * Optionally start the debugger on ourself. 699 */ 700 if (debug_me) 701 debug_process(); 702 703 /* 704 * Traditionally, BSD select() can't handle multiple processes selecting 705 * on the same socket, and wakes up every process in select(). See TCP/IP 706 * Illustrated volume 2 page 532. We avoid select() collisions with an 707 * external lock file. 708 */ 709 if (stream == 0 && !alone) { 710 lock_path = concatenate(DEF_PID_DIR, "/", transport, 711 ".", service_name, (char *) 0); 712 why = vstring_alloc(1); 713 if ((trigger_server_lock = safe_open(lock_path, O_CREAT | O_RDWR, 0600, 714 (struct stat *) 0, -1, -1, why)) == 0) 715 msg_fatal("open lock file %s: %s", lock_path, vstring_str(why)); 716 close_on_exec(vstream_fileno(trigger_server_lock), CLOSE_ON_EXEC); 717 myfree(lock_path); 718 vstring_free(why); 719 } 720 721 /* 722 * Set up call-back info. 723 */ 724 trigger_server_service = service; 725 trigger_server_name = service_name; 726 trigger_server_argv = argv + optind; 727 728 /* 729 * Run pre-jail initialization. 730 */ 731 if (chdir(var_queue_dir) < 0) 732 msg_fatal("chdir(\"%s\"): %m", var_queue_dir); 733 if (pre_init) 734 pre_init(trigger_server_name, trigger_server_argv); 735 736 /* 737 * Optionally, restrict the damage that this process can do. 738 */ 739 resolve_local_init(); 740 tzset(); 741 chroot_uid(root_dir, user_name); 742 743 /* 744 * Run post-jail initialization. 745 */ 746 if (post_init) 747 post_init(trigger_server_name, trigger_server_argv); 748 749 /* 750 * Are we running as a one-shot server with the client connection on 751 * standard input? 752 */ 753 if (stream != 0) { 754 if ((len = read(vstream_fileno(stream), buf, sizeof(buf))) <= 0) 755 msg_fatal("read: %m"); 756 service(buf, len, trigger_server_name, trigger_server_argv); 757 vstream_fflush(stream); 758 trigger_server_exit(); 759 } 760 761 /* 762 * Running as a semi-resident server. Service connection requests. 763 * Terminate when we have serviced a sufficient number of clients, when 764 * no-one has been talking to us for a configurable amount of time, or 765 * when the master process terminated abnormally. 766 */ 767 if (var_idle_limit > 0) 768 event_request_timer(trigger_server_timeout, (char *) 0, var_idle_limit); 769 for (fd = MASTER_LISTEN_FD; fd < MASTER_LISTEN_FD + socket_count; fd++) { 770 event_enable_read(fd, trigger_server_accept, CAST_INT_TO_CHAR_PTR(fd)); 771 close_on_exec(fd, CLOSE_ON_EXEC); 772 } 773 event_enable_read(MASTER_STATUS_FD, trigger_server_abort, (char *) 0); 774 close_on_exec(MASTER_STATUS_FD, CLOSE_ON_EXEC); 775 close_on_exec(MASTER_FLOW_READ, CLOSE_ON_EXEC); 776 close_on_exec(MASTER_FLOW_WRITE, CLOSE_ON_EXEC); 777 watchdog = watchdog_create(trigger_server_watchdog, 778 (WATCHDOG_FN) 0, (char *) 0); 779 780 /* 781 * The event loop, at last. 782 */ 783 while (var_use_limit == 0 || use_count < var_use_limit) { 784 if (trigger_server_lock != 0) { 785 watchdog_stop(watchdog); 786 if (myflock(vstream_fileno(trigger_server_lock), INTERNAL_LOCK, 787 MYFLOCK_OP_EXCLUSIVE) < 0) 788 msg_fatal("select lock: %m"); 789 } 790 watchdog_start(watchdog); 791 delay = loop ? loop(trigger_server_name, trigger_server_argv) : -1; 792 event_loop(delay); 793 } 794 trigger_server_exit(); 795 } 796