dovecot/core-2.2: src/auth/auth-worker-server.c annotate

annotate src/auth/auth-worker-server.c @ 22614:cf66220d281e

doveadm proxy: Don't crash if remote doesn't support log proxying

author	Timo Sirainen <timo.sirainen@dovecot.fi>
date	Sat, 14 Oct 2017 12:54:18 +0300
parents	2e2563132d5f
children	cb108f786fb4

rev	line source
21390 2e2563132d5f Updated copyright notices to include the year 2017. Stephan Bosch <stephan.bosch@dovecot.fi> parents: 19552 diff changeset	1 /* Copyright (c) 2005-2017 Dovecot authors, see the included COPYING file */
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	2
9219 97cdfeb57129 Renamed headers to prevent collision if they were flattened on an install. Mark Washenberger parents: 9002 diff changeset	3 #include "auth-common.h"
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	4 #include "ioloop.h"
7087 a281705a2360 Converted some buffers to arrays. Timo Sirainen <tss@iki.fi> parents: 7086 diff changeset	5 #include "array.h"
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	6 #include "aqueue.h"
15187 02451e967a06 Renamed network.[ch] to net.[ch]. Timo Sirainen <tss@iki.fi> parents: 14920 diff changeset	7 #include "net.h"
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	8 #include "istream.h"
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	9 #include "ostream.h"
10928 f855ac569e2f auth: Compiler warning fixes. Timo Sirainen <tss@iki.fi> parents: 10924 diff changeset	10 #include "hex-binary.h"
f855ac569e2f auth: Compiler warning fixes. Timo Sirainen <tss@iki.fi> parents: 10924 diff changeset	11 #include "str.h"
12051 1d895c7a753d auth: Give better EACCES error if we can't connect to auth-worker. Timo Sirainen <tss@iki.fi> parents: 11850 diff changeset	12 #include "eacces-error.h"
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	13 #include "auth-request.h"
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	14 #include "auth-worker-client.h"
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	15 #include "auth-worker-server.h"
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	16
3444 82170d8364d3 Compiler warning fix Timo Sirainen <tss@iki.fi> parents: 3425 diff changeset	17 #include <unistd.h>
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	18
18102 c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	19 /* Initial lookup timeout */
8310 2e62e212f8a1 Auth workers: Use one full timeout per worker instead of a waking up every minute. Timo Sirainen <tss@iki.fi> parents: 8309 diff changeset	20 #define AUTH_WORKER_LOOKUP_TIMEOUT_SECS 60
18102 c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	21 /* Timeout for multi-line replies, e.g. listing users. This should be a much
c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	22 higher value, because e.g. doveadm could be doing some long-running commands
c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	23 for the users. And because of buffering this timeout is for handling
c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	24 multiple users, not just one. */
c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	25 #define AUTH_WORKER_RESUME_TIMEOUT_SECS (30*60)
10253 96838accb6af auth: Drop idling worker processes after 5 minutes, not 30 minutes. Timo Sirainen <tss@iki.fi> parents: 10159 diff changeset	26 #define AUTH_WORKER_MAX_IDLE_SECS (60*5)
16478 dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	27 #define AUTH_WORKER_ABORT_SECS 60
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	28 #define AUTH_WORKER_DELAY_WARN_SECS 3
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	29 #define AUTH_WORKER_DELAY_WARN_MIN_INTERVAL_SECS 300
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	30
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	31 struct auth_worker_request {
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	32 unsigned int id;
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	33 time_t created;
17155 8df5fc361103 auth: If auth-worker lookup times out, log a bit more details about it. Timo Sirainen <tss@iki.fi> parents: 17130 diff changeset	34 const char *username;
15680 55d20120b348 auth: Code cleanup: Removed unnecessary auth_stream_reply usage from auth-worker communication. Timo Sirainen <tss@iki.fi> parents: 15187 diff changeset	35 const char *data;
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	36 auth_worker_callback_t *callback;
1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	37 void *context;
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	38 };
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	39
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	40 struct auth_worker_connection {
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	41 int fd;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	42
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	43 struct io *io;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	44 struct istream *input;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	45 struct ostream *output;
8310 2e62e212f8a1 Auth workers: Use one full timeout per worker instead of a waking up every minute. Timo Sirainen <tss@iki.fi> parents: 8309 diff changeset	46 struct timeout *to;
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	47
8560 b6a7bc10c19a Replaced auth_worker_max_request_count setting with passdb pam { args = max_requests=n } Timo Sirainen <tss@iki.fi> parents: 8559 diff changeset	48 struct auth_worker_request *request;
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	49 unsigned int id_counter;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	50
13958 7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	51 unsigned int received_error:1;
13970 58556a90259f auth: Make idle_kill work with auth worker processes. Timo Sirainen <tss@iki.fi> parents: 13958 diff changeset	52 unsigned int restart:1;
8560 b6a7bc10c19a Replaced auth_worker_max_request_count setting with passdb pam { args = max_requests=n } Timo Sirainen <tss@iki.fi> parents: 8559 diff changeset	53 unsigned int shutdown:1;
17939 a36fe1250606 auth: Userdb iteration optimization. Timo Sirainen <tss@iki.fi> parents: 17158 diff changeset	54 unsigned int timeout_pending_resume:1;
18102 c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	55 unsigned int resuming:1;
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	56 };
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	57
14920 a097ef0a9d6d Array API changed: ARRAY_DEFINE(name, type) -> ARRAY(type) name Timo Sirainen <tss@iki.fi> parents: 14681 diff changeset	58 static ARRAY(struct auth_worker_connection *) connections = ARRAY_INIT;
13958 7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	59 static unsigned int idle_count = 0, auth_workers_with_errors = 0;
14920 a097ef0a9d6d Array API changed: ARRAY_DEFINE(name, type) -> ARRAY(type) name Timo Sirainen <tss@iki.fi> parents: 14681 diff changeset	60 static ARRAY(struct auth_worker_request *) worker_request_array;
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	61 static struct aqueue *worker_request_queue;
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	62 static time_t auth_worker_last_warn;
13958 7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	63 static unsigned int auth_workers_throttle_count;
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	64
9266 e5f4cce3ef7a Fixed using auth worker processes. Timo Sirainen <tss@iki.fi> parents: 9219 diff changeset	65 static const char *worker_socket_path;
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	66
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4451 diff changeset	67 static void worker_input(struct auth_worker_connection *conn);
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	68 static void auth_worker_destroy(struct auth_worker_connection **conn,
14629 c93ca5e46a8a Marked functions parameters that are allowed to be NULL. Some APIs were also changed. Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	69 const char *reason, bool restart) ATTR_NULL(2);
8310 2e62e212f8a1 Auth workers: Use one full timeout per worker instead of a waking up every minute. Timo Sirainen <tss@iki.fi> parents: 8309 diff changeset	70
2e62e212f8a1 Auth workers: Use one full timeout per worker instead of a waking up every minute. Timo Sirainen <tss@iki.fi> parents: 8309 diff changeset	71 static void auth_worker_idle_timeout(struct auth_worker_connection *conn)
2e62e212f8a1 Auth workers: Use one full timeout per worker instead of a waking up every minute. Timo Sirainen <tss@iki.fi> parents: 8309 diff changeset	72 {
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	73 i_assert(conn->request == NULL);
8310 2e62e212f8a1 Auth workers: Use one full timeout per worker instead of a waking up every minute. Timo Sirainen <tss@iki.fi> parents: 8309 diff changeset	74
2e62e212f8a1 Auth workers: Use one full timeout per worker instead of a waking up every minute. Timo Sirainen <tss@iki.fi> parents: 8309 diff changeset	75 if (idle_count > 1)
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	76 auth_worker_destroy(&conn, NULL, FALSE);
8310 2e62e212f8a1 Auth workers: Use one full timeout per worker instead of a waking up every minute. Timo Sirainen <tss@iki.fi> parents: 8309 diff changeset	77 else
2e62e212f8a1 Auth workers: Use one full timeout per worker instead of a waking up every minute. Timo Sirainen <tss@iki.fi> parents: 8309 diff changeset	78 timeout_reset(conn->to);
2e62e212f8a1 Auth workers: Use one full timeout per worker instead of a waking up every minute. Timo Sirainen <tss@iki.fi> parents: 8309 diff changeset	79 }
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	80
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	81 static void auth_worker_call_timeout(struct auth_worker_connection *conn)
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	82 {
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	83 i_assert(conn->request != NULL);
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	84
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	85 auth_worker_destroy(&conn, "Lookup timed out", TRUE);
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	86 }
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	87
16478 dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	88 static bool auth_worker_request_send(struct auth_worker_connection *conn,
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	89 struct auth_worker_request *request)
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	90 {
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	91 struct const_iovec iov[3];
16478 dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	92 unsigned int age_secs = ioloop_time - request->created;
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	93
17158 20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	94 i_assert(conn->to != NULL);
20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	95
16478 dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	96 if (age_secs >= AUTH_WORKER_ABORT_SECS) {
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	97 i_error("Aborting auth request that was queued for %d secs, "
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	98 "%d left in queue",
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	99 age_secs, aqueue_count(worker_request_queue));
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	100 request->callback(t_strdup_printf(
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	101 "FAIL\t%d", PASSDB_RESULT_INTERNAL_FAILURE),
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	102 request->context);
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	103 return FALSE;
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	104 }
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	105 if (age_secs >= AUTH_WORKER_DELAY_WARN_SECS &&
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	106 ioloop_time - auth_worker_last_warn >
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	107 AUTH_WORKER_DELAY_WARN_MIN_INTERVAL_SECS) {
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	108 auth_worker_last_warn = ioloop_time;
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	109 i_warning("auth workers: Auth request was queued for %d "
13787 9fa7c1b2c2ee auth: Mention auth_worker_max_count in warning message about worker queue being slow. Timo Sirainen <tss@iki.fi> parents: 13736 diff changeset	110 "seconds, %d left in queue "
9fa7c1b2c2ee auth: Mention auth_worker_max_count in warning message about worker queue being slow. Timo Sirainen <tss@iki.fi> parents: 13736 diff changeset	111 "(see auth_worker_max_count)",
16478 dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	112 age_secs, aqueue_count(worker_request_queue));
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	113 }
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	114
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	115 request->id = ++conn->id_counter;
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	116
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	117 iov[0].iov_base = t_strdup_printf("%d\t", request->id);
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	118 iov[0].iov_len = strlen(iov[0].iov_base);
15680 55d20120b348 auth: Code cleanup: Removed unnecessary auth_stream_reply usage from auth-worker communication. Timo Sirainen <tss@iki.fi> parents: 15187 diff changeset	119 iov[1].iov_base = request->data;
55d20120b348 auth: Code cleanup: Removed unnecessary auth_stream_reply usage from auth-worker communication. Timo Sirainen <tss@iki.fi> parents: 15187 diff changeset	120 iov[1].iov_len = strlen(request->data);
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	121 iov[2].iov_base = "\n";
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	122 iov[2].iov_len = 1;
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	123
14681 ca37d1577291 Added o_stream_nsend() and related functions to make delayed error handling safer. Timo Sirainen <tss@iki.fi>* parents: 14629 diff changeset	124 o_stream_nsendv(conn->output, iov, 3);
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	125
9809 fa76c740ee41 auth worker server: Don't assert-crash if the whole reply doesn't come in one packet. Timo Sirainen <tss@iki.fi> parents: 9273 diff changeset	126 i_assert(conn->request == NULL);
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	127 conn->request = request;
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	128
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	129 timeout_remove(&conn->to);
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	130 conn->to = timeout_add(AUTH_WORKER_LOOKUP_TIMEOUT_SECS * 1000,
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	131 auth_worker_call_timeout, conn);
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	132 idle_count--;
16478 dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	133 return TRUE;
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	134 }
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	135
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	136 static void auth_worker_request_send_next(struct auth_worker_connection *conn)
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	137 {
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	138 struct auth_worker_request request, const *requestp;
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	139
16478 dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	140 do {
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	141 if (aqueue_count(worker_request_queue) == 0)
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	142 return;
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	143
16478 dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	144 requestp = array_idx(&worker_request_array,
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	145 aqueue_idx(worker_request_queue, 0));
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	146 request = *requestp;
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	147 aqueue_delete_tail(worker_request_queue);
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	148 } while (!auth_worker_request_send(conn, request));
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	149 }
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	150
10924 91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	151 static void auth_worker_send_handshake(struct auth_worker_connection *conn)
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	152 {
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	153 string_t *str;
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	154 unsigned char passdb_md5[MD5_RESULTLEN];
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	155 unsigned char userdb_md5[MD5_RESULTLEN];
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	156
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	157 str = t_str_new(128);
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	158 str_printfa(str, "VERSION\tauth-worker\t%u\t%u\n",
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	159 AUTH_WORKER_PROTOCOL_MAJOR_VERSION,
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	160 AUTH_WORKER_PROTOCOL_MINOR_VERSION);
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	161
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	162 passdbs_generate_md5(passdb_md5);
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	163 userdbs_generate_md5(userdb_md5);
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	164 str_append(str, "DBHASH\t");
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	165 binary_to_hex_append(str, passdb_md5, sizeof(passdb_md5));
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	166 str_append_c(str, '\t');
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	167 binary_to_hex_append(str, userdb_md5, sizeof(userdb_md5));
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	168 str_append_c(str, '\n');
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	169
14681 ca37d1577291 Added o_stream_nsend() and related functions to make delayed error handling safer. Timo Sirainen <tss@iki.fi>* parents: 14629 diff changeset	170 o_stream_nsend(conn->output, str_data(str), str_len(str));
10924 91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	171 }
91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	172
10893 1a4c2e4bff75 auth: auth_userdb and auth_passdb no longer has pointer to struct auth. Timo Sirainen <tss@iki.fi> parents: 10582 diff changeset	173 static struct auth_worker_connection *auth_worker_create(void)
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	174 {
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	175 struct auth_worker_connection *conn;
10159 e027503ddb6b Use net_connect_unix_with_retries() instead of duplicating the code everywhere. Timo Sirainen <tss@iki.fi> parents: 9809 diff changeset	176 int fd;
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	177
13958 7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	178 if (array_count(&connections) >= auth_workers_throttle_count)
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	179 return NULL;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	180
10159 e027503ddb6b Use net_connect_unix_with_retries() instead of duplicating the code everywhere. Timo Sirainen <tss@iki.fi> parents: 9809 diff changeset	181 fd = net_connect_unix_with_retries(worker_socket_path, 5000);
e027503ddb6b Use net_connect_unix_with_retries() instead of duplicating the code everywhere. Timo Sirainen <tss@iki.fi> parents: 9809 diff changeset	182 if (fd == -1) {
12051 1d895c7a753d auth: Give better EACCES error if we can't connect to auth-worker. Timo Sirainen <tss@iki.fi> parents: 11850 diff changeset	183 if (errno == EACCES) {
13736 6b62d786fdc4 auth: Handle auth worker creation failure without killing the whole auth process. Timo Sirainen <tss@iki.fi> parents: 12782 diff changeset	184 i_error("%s", eacces_error_get("net_connect_unix",
12051 1d895c7a753d auth: Give better EACCES error if we can't connect to auth-worker. Timo Sirainen <tss@iki.fi> parents: 11850 diff changeset	185 worker_socket_path));
1d895c7a753d auth: Give better EACCES error if we can't connect to auth-worker. Timo Sirainen <tss@iki.fi> parents: 11850 diff changeset	186 } else {
13736 6b62d786fdc4 auth: Handle auth worker creation failure without killing the whole auth process. Timo Sirainen <tss@iki.fi> parents: 12782 diff changeset	187 i_error("net_connect_unix(%s) failed: %m",
12051 1d895c7a753d auth: Give better EACCES error if we can't connect to auth-worker. Timo Sirainen <tss@iki.fi> parents: 11850 diff changeset	188 worker_socket_path);
1d895c7a753d auth: Give better EACCES error if we can't connect to auth-worker. Timo Sirainen <tss@iki.fi> parents: 11850 diff changeset	189 }
13736 6b62d786fdc4 auth: Handle auth worker creation failure without killing the whole auth process. Timo Sirainen <tss@iki.fi> parents: 12782 diff changeset	190 return NULL;
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	191 }
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	192
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	193 conn = i_new(struct auth_worker_connection, 1);
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	194 conn->fd = fd;
6162 896cc473c1f0 Renamed i_stream_create_file() to i_stream_create_fd(). Timo Sirainen <tss@iki.fi> parents: 6161 diff changeset	195 conn->input = i_stream_create_fd(fd, AUTH_WORKER_MAX_LINE_LENGTH,
896cc473c1f0 Renamed i_stream_create_file() to i_stream_create_fd(). Timo Sirainen <tss@iki.fi> parents: 6161 diff changeset	196 FALSE);
6161 c62f7ee79446 Split o_stream_create_file() to _create_fd() and _create_fd_file(). Timo Sirainen <tss@iki.fi> parents: 6142 diff changeset	197 conn->output = o_stream_create_fd(fd, (size_t)-1, FALSE);
14681 ca37d1577291 Added o_stream_nsend() and related functions to make delayed error handling safer. Timo Sirainen <tss@iki.fi>* parents: 14629 diff changeset	198 o_stream_set_no_error_handling(conn->output, TRUE);
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	199 conn->io = io_add(fd, IO_READ, worker_input, conn);
8310 2e62e212f8a1 Auth workers: Use one full timeout per worker instead of a waking up every minute. Timo Sirainen <tss@iki.fi> parents: 8309 diff changeset	200 conn->to = timeout_add(AUTH_WORKER_MAX_IDLE_SECS * 1000,
2e62e212f8a1 Auth workers: Use one full timeout per worker instead of a waking up every minute. Timo Sirainen <tss@iki.fi> parents: 8309 diff changeset	201 auth_worker_idle_timeout, conn);
10924 91ae9577aca9 auth worker: Verify that both client and server see the same passdb/userdb IDs. Timo Sirainen <tss@iki.fi> parents: 10893 diff changeset	202 auth_worker_send_handshake(conn);
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	203
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	204 idle_count++;
7087 a281705a2360 Converted some buffers to arrays. Timo Sirainen <tss@iki.fi> parents: 7086 diff changeset	205 array_append(&connections, &conn, 1);
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	206 return conn;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	207 }
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	208
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	209 static void auth_worker_destroy(struct auth_worker_connection **_conn,
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	210 const char *reason, bool restart)
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	211 {
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	212 struct auth_worker_connection conn = _conn;
10406 ad3fb3f929fc Use array_foreach() more. Timo Sirainen <tss@iki.fi> parents: 10253 diff changeset	213 struct auth_worker_connection const conns;
ad3fb3f929fc Use array_foreach() more. Timo Sirainen <tss@iki.fi> parents: 10253 diff changeset	214 unsigned int idx;
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	215
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	216 *_conn = NULL;
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	217
13958 7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	218 if (conn->received_error) {
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	219 i_assert(auth_workers_with_errors > 0);
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	220 i_assert(auth_workers_with_errors <= array_count(&connections));
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	221 auth_workers_with_errors--;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	222 }
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	223
10406 ad3fb3f929fc Use array_foreach() more. Timo Sirainen <tss@iki.fi> parents: 10253 diff changeset	224 array_foreach(&connections, conns) {
ad3fb3f929fc Use array_foreach() more. Timo Sirainen <tss@iki.fi> parents: 10253 diff changeset	225 if (*conns == conn) {
ad3fb3f929fc Use array_foreach() more. Timo Sirainen <tss@iki.fi> parents: 10253 diff changeset	226 idx = array_foreach_idx(&connections, conns);
ad3fb3f929fc Use array_foreach() more. Timo Sirainen <tss@iki.fi> parents: 10253 diff changeset	227 array_delete(&connections, idx, 1);
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	228 break;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	229 }
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	230 }
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	231
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	232 if (conn->request == NULL)
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	233 idle_count--;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	234
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	235 if (conn->request != NULL) {
17155 8df5fc361103 auth: If auth-worker lookup times out, log a bit more details about it. Timo Sirainen <tss@iki.fi> parents: 17130 diff changeset	236 i_error("auth worker: Aborted %s request for %s: %s",
8df5fc361103 auth: If auth-worker lookup times out, log a bit more details about it. Timo Sirainen <tss@iki.fi> parents: 17130 diff changeset	237 t_strcut(conn->request->data, '\t'),
8df5fc361103 auth: If auth-worker lookup times out, log a bit more details about it. Timo Sirainen <tss@iki.fi> parents: 17130 diff changeset	238 conn->request->username, reason);
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	239 conn->request->callback(t_strdup_printf(
1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	240 "FAIL\t%d", PASSDB_RESULT_INTERNAL_FAILURE),
1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	241 conn->request->context);
1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	242 }
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	243
11850 cfd15170dff7 auth: Fixed a potential crash on deinit. Timo Sirainen <tss@iki.fi> parents: 11833 diff changeset	244 if (conn->io != NULL)
cfd15170dff7 auth: Fixed a potential crash on deinit. Timo Sirainen <tss@iki.fi> parents: 11833 diff changeset	245 io_remove(&conn->io);
4070 71b8faa84ec6 Added i_stream_destroy() and o_stream_destroy() and used them instead of Timo Sirainen <tss@iki.fi> parents: 3960 diff changeset	246 i_stream_destroy(&conn->input);
71b8faa84ec6 Added i_stream_destroy() and o_stream_destroy() and used them instead of Timo Sirainen <tss@iki.fi> parents: 3960 diff changeset	247 o_stream_destroy(&conn->output);
17158 20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	248 if (conn->to != NULL)
20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	249 timeout_remove(&conn->to);
3960 aeb424e64f24 Call io_remove() before closing the fd. It's required by kqueue. Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	250
aeb424e64f24 Call io_remove() before closing the fd. It's required by kqueue. Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	251 if (close(conn->fd) < 0)
aeb424e64f24 Call io_remove() before closing the fd. It's required by kqueue. Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	252 i_error("close(auth worker) failed: %m");
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	253 i_free(conn);
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	254
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	255 if (idle_count == 0 && restart) {
10893 1a4c2e4bff75 auth: auth_userdb and auth_passdb no longer has pointer to struct auth. Timo Sirainen <tss@iki.fi> parents: 10582 diff changeset	256 conn = auth_worker_create();
13736 6b62d786fdc4 auth: Handle auth worker creation failure without killing the whole auth process. Timo Sirainen <tss@iki.fi> parents: 12782 diff changeset	257 if (conn != NULL)
6b62d786fdc4 auth: Handle auth worker creation failure without killing the whole auth process. Timo Sirainen <tss@iki.fi> parents: 12782 diff changeset	258 auth_worker_request_send_next(conn);
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	259 }
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	260 }
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	261
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	262 static struct auth_worker_connection *auth_worker_find_free(void)
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	263 {
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	264 struct auth_worker_connection **conns;
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	265
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	266 if (idle_count == 0)
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	267 return NULL;
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	268
10406 ad3fb3f929fc Use array_foreach() more. Timo Sirainen <tss@iki.fi> parents: 10253 diff changeset	269 array_foreach_modifiable(&connections, conns) {
ad3fb3f929fc Use array_foreach() more. Timo Sirainen <tss@iki.fi> parents: 10253 diff changeset	270 struct auth_worker_connection conn = conns;
ad3fb3f929fc Use array_foreach() more. Timo Sirainen <tss@iki.fi> parents: 10253 diff changeset	271
ad3fb3f929fc Use array_foreach() more. Timo Sirainen <tss@iki.fi> parents: 10253 diff changeset	272 if (conn->request == NULL)
ad3fb3f929fc Use array_foreach() more. Timo Sirainen <tss@iki.fi> parents: 10253 diff changeset	273 return conn;
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	274 }
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	275 i_unreached();
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	276 return NULL;
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	277 }
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	278
17158 20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	279 static bool auth_worker_request_handle(struct auth_worker_connection *conn,
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	280 struct auth_worker_request *request,
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	281 const char *line)
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	282 {
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	283 if (strncmp(line, "*\t", 2) == 0) {
1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	284 /* multi-line reply, not finished yet */
18102 c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	285 if (conn->resuming)
c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	286 timeout_reset(conn->to);
c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	287 else {
c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	288 conn->resuming = TRUE;
c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	289 timeout_remove(&conn->to);
c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	290 conn->to = timeout_add(AUTH_WORKER_RESUME_TIMEOUT_SECS * 1000,
c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	291 auth_worker_call_timeout, conn);
c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	292 }
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	293 } else {
18102 c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	294 conn->resuming = FALSE;
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	295 conn->request = NULL;
17939 a36fe1250606 auth: Userdb iteration optimization. Timo Sirainen <tss@iki.fi> parents: 17158 diff changeset	296 conn->timeout_pending_resume = FALSE;
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	297 timeout_remove(&conn->to);
1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	298 conn->to = timeout_add(AUTH_WORKER_MAX_IDLE_SECS * 1000,
1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	299 auth_worker_idle_timeout, conn);
1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	300 idle_count++;
1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	301 }
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	302
17158 20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	303 if (!request->callback(line, request->context) && conn->io != NULL) {
17939 a36fe1250606 auth: Userdb iteration optimization. Timo Sirainen <tss@iki.fi> parents: 17158 diff changeset	304 conn->timeout_pending_resume = FALSE;
17158 20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	305 timeout_remove(&conn->to);
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	306 io_remove(&conn->io);
17158 20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	307 return FALSE;
20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	308 }
20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	309 return TRUE;
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	310 }
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	311
13958 7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	312 static bool auth_worker_error(struct auth_worker_connection *conn)
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	313 {
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	314 if (conn->received_error)
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	315 return TRUE;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	316 conn->received_error = TRUE;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	317 auth_workers_with_errors++;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	318 i_assert(auth_workers_with_errors <= array_count(&connections));
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	319
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	320 if (auth_workers_with_errors == 1) {
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	321 /* this is the only failing auth worker connection.
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	322 don't create new ones until this one sends SUCCESS. */
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	323 auth_workers_throttle_count = array_count(&connections);
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	324 return TRUE;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	325 }
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	326
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	327 /* too many auth workers, reduce them */
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	328 i_assert(array_count(&connections) > 1);
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	329 if (auth_workers_throttle_count >= array_count(&connections))
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	330 auth_workers_throttle_count = array_count(&connections)-1;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	331 else if (auth_workers_throttle_count > 1)
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	332 auth_workers_throttle_count--;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	333 auth_worker_destroy(&conn, "Internal auth worker failure", FALSE);
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	334 return FALSE;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	335 }
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	336
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	337 static void auth_worker_success(struct auth_worker_connection *conn)
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	338 {
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	339 unsigned int max_count = global_auth_settings->worker_max_count;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	340
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	341 if (!conn->received_error)
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	342 return;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	343
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	344 i_assert(auth_workers_with_errors > 0);
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	345 i_assert(auth_workers_with_errors <= array_count(&connections));
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	346 auth_workers_with_errors--;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	347
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	348 if (auth_workers_with_errors == 0) {
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	349 /* all workers are succeeding now, set the limit back to
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	350 original. */
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	351 auth_workers_throttle_count = max_count;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	352 } else if (auth_workers_throttle_count < max_count)
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	353 auth_workers_throttle_count++;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	354 conn->received_error = FALSE;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	355 }
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	356
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4451 diff changeset	357 static void worker_input(struct auth_worker_connection *conn)
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	358 {
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	359 const char line, id_str;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	360 unsigned int id;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	361
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	362 switch (i_stream_read(conn->input)) {
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	363 case 0:
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	364 return;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	365 case -1:
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	366 /* disconnected */
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	367 auth_worker_destroy(&conn, "Worker process died unexpectedly",
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	368 TRUE);
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	369 return;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	370 case -2:
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	371 /* buffer full */
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	372 i_error("BUG: Auth worker sent us more than %d bytes",
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	373 (int)AUTH_WORKER_MAX_LINE_LENGTH);
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	374 auth_worker_destroy(&conn, "Worker is buggy", TRUE);
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	375 return;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	376 }
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	377
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	378 while ((line = i_stream_next_line(conn->input)) != NULL) {
13970 58556a90259f auth: Make idle_kill work with auth worker processes. Timo Sirainen <tss@iki.fi> parents: 13958 diff changeset	379 if (strcmp(line, "RESTART") == 0) {
58556a90259f auth: Make idle_kill work with auth worker processes. Timo Sirainen <tss@iki.fi> parents: 13958 diff changeset	380 conn->restart = TRUE;
58556a90259f auth: Make idle_kill work with auth worker processes. Timo Sirainen <tss@iki.fi> parents: 13958 diff changeset	381 continue;
58556a90259f auth: Make idle_kill work with auth worker processes. Timo Sirainen <tss@iki.fi> parents: 13958 diff changeset	382 }
8560 b6a7bc10c19a Replaced auth_worker_max_request_count setting with passdb pam { args = max_requests=n } Timo Sirainen <tss@iki.fi> parents: 8559 diff changeset	383 if (strcmp(line, "SHUTDOWN") == 0) {
b6a7bc10c19a Replaced auth_worker_max_request_count setting with passdb pam { args = max_requests=n } Timo Sirainen <tss@iki.fi> parents: 8559 diff changeset	384 conn->shutdown = TRUE;
b6a7bc10c19a Replaced auth_worker_max_request_count setting with passdb pam { args = max_requests=n } Timo Sirainen <tss@iki.fi> parents: 8559 diff changeset	385 continue;
b6a7bc10c19a Replaced auth_worker_max_request_count setting with passdb pam { args = max_requests=n } Timo Sirainen <tss@iki.fi> parents: 8559 diff changeset	386 }
13958 7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	387 if (strcmp(line, "ERROR") == 0) {
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	388 if (!auth_worker_error(conn))
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	389 return;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	390 continue;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	391 }
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	392 if (strcmp(line, "SUCCESS") == 0) {
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	393 auth_worker_success(conn);
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	394 continue;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	395 }
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	396 id_str = line;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	397 line = strchr(line, '\t');
11086 260e190306b0 Started using str_to_() functions instead of libc's ones. Timo Sirainen <tss@iki.fi>* parents: 10928 diff changeset	398 if (line == NULL \|\|
260e190306b0 Started using str_to_() functions instead of libc's ones. Timo Sirainen <tss@iki.fi>* parents: 10928 diff changeset	399 str_to_uint(t_strdup_until(id_str, line), &id) < 0)
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	400 continue;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	401
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	402 if (conn->request != NULL && id == conn->request->id) {
17158 20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	403 if (!auth_worker_request_handle(conn, conn->request,
20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	404 line + 1))
20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	405 break;
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	406 } else {
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	407 if (conn->request != NULL) {
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	408 i_error("BUG: Worker sent reply with id %u, "
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	409 "expected %u", id, conn->request->id);
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	410 } else {
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	411 i_error("BUG: Worker sent reply with id %u, "
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	412 "none was expected", id);
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	413 }
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	414 auth_worker_destroy(&conn, "Worker is buggy", TRUE);
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	415 return;
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	416 }
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	417 }
6217 06743e1e4c13 Added auth_worker_max_request_count setting. Timo Sirainen <tss@iki.fi> parents: 6162 diff changeset	418
9809 fa76c740ee41 auth worker server: Don't assert-crash if the whole reply doesn't come in one packet. Timo Sirainen <tss@iki.fi> parents: 9273 diff changeset	419 if (conn->request != NULL) {
fa76c740ee41 auth worker server: Don't assert-crash if the whole reply doesn't come in one packet. Timo Sirainen <tss@iki.fi> parents: 9273 diff changeset	420 /* there's still a pending request */
13970 58556a90259f auth: Make idle_kill work with auth worker processes. Timo Sirainen <tss@iki.fi> parents: 13958 diff changeset	421 } else if (conn->restart)
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	422 auth_worker_destroy(&conn, "Max requests limit", TRUE);
13970 58556a90259f auth: Make idle_kill work with auth worker processes. Timo Sirainen <tss@iki.fi> parents: 13958 diff changeset	423 else if (conn->shutdown)
58556a90259f auth: Make idle_kill work with auth worker processes. Timo Sirainen <tss@iki.fi> parents: 13958 diff changeset	424 auth_worker_destroy(&conn, "Idle kill", FALSE);
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	425 else
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	426 auth_worker_request_send_next(conn);
8310 2e62e212f8a1 Auth workers: Use one full timeout per worker instead of a waking up every minute. Timo Sirainen <tss@iki.fi> parents: 8309 diff changeset	427 }
2e62e212f8a1 Auth workers: Use one full timeout per worker instead of a waking up every minute. Timo Sirainen <tss@iki.fi> parents: 8309 diff changeset	428
17158 20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	429 static void worker_input_resume(struct auth_worker_connection *conn)
20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	430 {
17939 a36fe1250606 auth: Userdb iteration optimization. Timo Sirainen <tss@iki.fi> parents: 17158 diff changeset	431 conn->timeout_pending_resume = FALSE;
17158 20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	432 timeout_remove(&conn->to);
18102 c3736d065d54 auth: Increase timeout for multi-line auth-worker replies to 30 minutes. Timo Sirainen <tss@iki.fi> parents: 17946 diff changeset	433 conn->to = timeout_add(AUTH_WORKER_RESUME_TIMEOUT_SECS * 1000,
17158 20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	434 auth_worker_call_timeout, conn);
20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	435 worker_input(conn);
20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	436 }
20a25e17bc3e auth: Don't disconnect auth-worker during long-running user iterations. Timo Sirainen <tss@iki.fi> parents: 17155 diff changeset	437
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	438 struct auth_worker_connection *
17155 8df5fc361103 auth: If auth-worker lookup times out, log a bit more details about it. Timo Sirainen <tss@iki.fi> parents: 17130 diff changeset	439 auth_worker_call(pool_t pool, const char username, const char data,
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	440 auth_worker_callback_t callback, void context)
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	441 {
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	442 struct auth_worker_connection *conn;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	443 struct auth_worker_request *request;
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	444
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	445 request = p_new(pool, struct auth_worker_request, 1);
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	446 request->created = ioloop_time;
17155 8df5fc361103 auth: If auth-worker lookup times out, log a bit more details about it. Timo Sirainen <tss@iki.fi> parents: 17130 diff changeset	447 request->username = p_strdup(pool, username);
15680 55d20120b348 auth: Code cleanup: Removed unnecessary auth_stream_reply usage from auth-worker communication. Timo Sirainen <tss@iki.fi> parents: 15187 diff changeset	448 request->data = p_strdup(pool, data);
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	449 request->callback = callback;
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	450 request->context = context;
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	451
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	452 if (aqueue_count(worker_request_queue) > 0) {
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	453 /* requests are already being queued, no chance of
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	454 finding/creating a worker */
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	455 conn = NULL;
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	456 } else {
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	457 conn = auth_worker_find_free();
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	458 if (conn == NULL) {
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	459 /* no free connections, create a new one */
10893 1a4c2e4bff75 auth: auth_userdb and auth_passdb no longer has pointer to struct auth. Timo Sirainen <tss@iki.fi> parents: 10582 diff changeset	460 conn = auth_worker_create();
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	461 }
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	462 }
16478 dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	463 if (conn != NULL) {
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	464 if (!auth_worker_request_send(conn, request))
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	465 i_unreached();
dbf8bbb7e51e auth: If worker request has been queued for 60 secs, abort it. Timo Sirainen <tss@iki.fi> parents: 16429 diff changeset	466 } else {
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	467 /* reached the limit, queue the request */
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	468 aqueue_append(worker_request_queue, &request);
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	469 }
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	470 return conn;
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	471 }
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	472
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	473 void auth_worker_server_resume_input(struct auth_worker_connection *conn)
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	474 {
17946 e54bd2e1a767 auth: Fix to earlier commit: Don't try to resume already finished user iteration. Timo Sirainen <tss@iki.fi> parents: 17939 diff changeset	475 if (conn->request == NULL) {
e54bd2e1a767 auth: Fix to earlier commit: Don't try to resume already finished user iteration. Timo Sirainen <tss@iki.fi> parents: 17939 diff changeset	476 /* request was just finished, don't try to resume it */
e54bd2e1a767 auth: Fix to earlier commit: Don't try to resume already finished user iteration. Timo Sirainen <tss@iki.fi> parents: 17939 diff changeset	477 return;
e54bd2e1a767 auth: Fix to earlier commit: Don't try to resume already finished user iteration. Timo Sirainen <tss@iki.fi> parents: 17939 diff changeset	478 }
e54bd2e1a767 auth: Fix to earlier commit: Don't try to resume already finished user iteration. Timo Sirainen <tss@iki.fi> parents: 17939 diff changeset	479
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	480 if (conn->io == NULL)
1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	481 conn->io = io_add(conn->fd, IO_READ, worker_input, conn);
17939 a36fe1250606 auth: Userdb iteration optimization. Timo Sirainen <tss@iki.fi> parents: 17158 diff changeset	482 if (!conn->timeout_pending_resume) {
a36fe1250606 auth: Userdb iteration optimization. Timo Sirainen <tss@iki.fi> parents: 17158 diff changeset	483 conn->timeout_pending_resume = TRUE;
a36fe1250606 auth: Userdb iteration optimization. Timo Sirainen <tss@iki.fi> parents: 17158 diff changeset	484 if (conn->to != NULL)
a36fe1250606 auth: Userdb iteration optimization. Timo Sirainen <tss@iki.fi> parents: 17158 diff changeset	485 timeout_remove(&conn->to);
a36fe1250606 auth: Userdb iteration optimization. Timo Sirainen <tss@iki.fi> parents: 17158 diff changeset	486 conn->to = timeout_add_short(0, worker_input_resume, conn);
a36fe1250606 auth: Userdb iteration optimization. Timo Sirainen <tss@iki.fi> parents: 17158 diff changeset	487 }
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	488 }
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	489
9273 1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	490 void auth_worker_server_init(void)
1d7965092e0e Implemented support for listing all users in userdb. Timo Sirainen <tss@iki.fi> parents: 9266 diff changeset	491 {
9266 e5f4cce3ef7a Fixed using auth worker processes. Timo Sirainen <tss@iki.fi> parents: 9219 diff changeset	492 worker_socket_path = "auth-worker";
13958 7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	493 auth_workers_throttle_count = global_auth_settings->worker_max_count;
7175320feafc auth: Throttle SQL auth worker process creation if they can't connect to database. Timo Sirainen <tss@iki.fi> parents: 13787 diff changeset	494 i_assert(auth_workers_throttle_count > 0);
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	495
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	496 i_array_init(&worker_request_array, 128);
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	497 worker_request_queue = aqueue_init(&worker_request_array.arr);
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	498
7087 a281705a2360 Converted some buffers to arrays. Timo Sirainen <tss@iki.fi> parents: 7086 diff changeset	499 i_array_init(&connections, 16);
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	500 }
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	501
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	502 void auth_worker_server_deinit(void)
62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	503 {
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	504 struct auth_worker_connection *connp, conn;
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	505
7087 a281705a2360 Converted some buffers to arrays. Timo Sirainen <tss@iki.fi> parents: 7086 diff changeset	506 while (array_count(&connections) > 0) {
a281705a2360 Converted some buffers to arrays. Timo Sirainen <tss@iki.fi> parents: 7086 diff changeset	507 connp = array_idx_modifiable(&connections, 0);
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	508 conn = *connp;
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	509 auth_worker_destroy(&conn, "Shutting down", FALSE);
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	510 }
7087 a281705a2360 Converted some buffers to arrays. Timo Sirainen <tss@iki.fi> parents: 7086 diff changeset	511 array_free(&connections);
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	512
8559 b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	513 aqueue_deinit(&worker_request_queue);
b0bc4519332f Redesigned auth request queuing to auth worker processes. Timo Sirainen <tss@iki.fi> parents: 8475 diff changeset	514 array_free(&worker_request_array);
3168 62f8366cb89c Forgot to add for blocking passdb/userdb workers.. Timo Sirainen <tss@iki.fi> parents: diff changeset	515 }

Mercurial > dovecot > core-2.2

annotate src/auth/auth-worker-server.c @ 22614:cf66220d281e