Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/master/login-process.c @ 925:2e649dec0f09 HEAD
Auth and login processes send an "we're ok" reply at the end of
initialization. If the process dies before master receives that reply, it
shutdowns itself. Usually this is because of some configuration error and
it's not nice to start spamming the log files.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Wed, 08 Jan 2003 23:13:05 +0200 |
parents | fd8888f6f037 |
children | a763b3826762 |
rev | line source |
---|---|
0 | 1 /* Copyright (C) 2002 Timo Sirainen */ |
2 | |
3 #include "common.h" | |
532
3b53dd1280c6
I/O buffers now use real blocking instead of setting up a sub-ioloop to
Timo Sirainen <tss@iki.fi>
parents:
410
diff
changeset
|
4 #include "ioloop.h" |
0 | 5 #include "network.h" |
764
f57c52738f90
Renamed IBuffer and OBuffer to IStream and OStream which describes their
Timo Sirainen <tss@iki.fi>
parents:
747
diff
changeset
|
6 #include "ostream.h" |
0 | 7 #include "fdpass.h" |
727
8dd8ebe6bcac
We use close-on-exec flag now to make sure that master process closes the
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
8 #include "fd-close-on-exec.h" |
697
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
9 #include "env-util.h" |
0 | 10 #include "restrict-access.h" |
722
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
699
diff
changeset
|
11 #include "restrict-process-size.h" |
0 | 12 #include "login-process.h" |
13 #include "auth-process.h" | |
14 #include "master-interface.h" | |
15 | |
16 #include <unistd.h> | |
17 #include <syslog.h> | |
18 | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
19 struct login_process { |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
20 struct login_process *prev_nonlisten, *next_nonlisten; |
0 | 21 int refcount; |
22 | |
23 pid_t pid; | |
24 int fd; | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
25 struct io *io; |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
26 struct ostream *output; |
925
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
27 unsigned int initialized:1; |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
28 unsigned int listening:1; |
0 | 29 unsigned int destroyed:1; |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
30 }; |
0 | 31 |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
32 struct login_auth_request { |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
33 struct login_process *process; |
810
30f6811f4952
Instead of just trusting randomness of authentication cookies between
Timo Sirainen <tss@iki.fi>
parents:
807
diff
changeset
|
34 unsigned int login_id; |
30f6811f4952
Instead of just trusting randomness of authentication cookies between
Timo Sirainen <tss@iki.fi>
parents:
807
diff
changeset
|
35 unsigned int auth_id; |
0 | 36 int fd; |
37 | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
38 struct ip_addr ip; |
0 | 39 char login_tag[LOGIN_TAG_SIZE]; |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
40 }; |
0 | 41 |
810
30f6811f4952
Instead of just trusting randomness of authentication cookies between
Timo Sirainen <tss@iki.fi>
parents:
807
diff
changeset
|
42 static unsigned int auth_id_counter; |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
43 static struct timeout *to; |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
44 |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
45 static struct hash_table *processes; |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
46 static struct login_process *oldest_nonlisten_process; |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
47 static struct login_process *newest_nonlisten_process; |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
48 static unsigned int listening_processes; |
614
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
49 static unsigned int wanted_processes_count; |
0 | 50 |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
51 static void login_process_destroy(struct login_process *p); |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
52 static void login_process_unref(struct login_process *p); |
0 | 53 |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
54 static void auth_callback(struct auth_cookie_reply_data *cookie_reply, |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
55 void *context) |
0 | 56 { |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
57 struct login_auth_request *request = context; |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
58 struct login_process *process; |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
59 struct master_reply reply; |
0 | 60 |
61 if (cookie_reply == NULL || !cookie_reply->success) | |
62 reply.result = MASTER_RESULT_FAILURE; | |
63 else { | |
64 reply.result = create_imap_process(request->fd, | |
596
ab3590c3a7d9
Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents:
532
diff
changeset
|
65 &request->ip, |
791
6efced4f80de
Clear separation of virtual and system usernames. passwd-file didn't work
Timo Sirainen <tss@iki.fi>
parents:
764
diff
changeset
|
66 cookie_reply->system_user, |
6efced4f80de
Clear separation of virtual and system usernames. passwd-file didn't work
Timo Sirainen <tss@iki.fi>
parents:
764
diff
changeset
|
67 cookie_reply->virtual_user, |
0 | 68 cookie_reply->uid, |
69 cookie_reply->gid, | |
70 cookie_reply->home, | |
801
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
791
diff
changeset
|
71 cookie_reply->chroot, |
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
791
diff
changeset
|
72 cookie_reply->mail, |
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
791
diff
changeset
|
73 request->login_tag); |
0 | 74 } |
75 | |
76 /* reply to login */ | |
77 reply.id = request->login_id; | |
78 | |
79 process = request->process; | |
764
f57c52738f90
Renamed IBuffer and OBuffer to IStream and OStream which describes their
Timo Sirainen <tss@iki.fi>
parents:
747
diff
changeset
|
80 if (o_stream_send(process->output, &reply, sizeof(reply)) < 0) |
0 | 81 login_process_destroy(process); |
82 | |
805
5ac361acb316
Marked all non-trivial buffer modifications with @UNSAFE tag. Several
Timo Sirainen <tss@iki.fi>
parents:
801
diff
changeset
|
83 if (close(request->fd) < 0) |
5ac361acb316
Marked all non-trivial buffer modifications with @UNSAFE tag. Several
Timo Sirainen <tss@iki.fi>
parents:
801
diff
changeset
|
84 i_error("close(imap client) failed: %m"); |
0 | 85 login_process_unref(process); |
86 i_free(request); | |
87 } | |
88 | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
89 static void login_process_mark_nonlistening(struct login_process *p) |
614
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
90 { |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
91 if (!p->listening) { |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
92 i_error("login: received another \"not listening\" " |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
93 "notification"); |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
94 return; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
95 } |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
96 |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
97 p->listening = FALSE; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
98 listening_processes--; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
99 |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
100 p->prev_nonlisten = newest_nonlisten_process; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
101 |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
102 if (newest_nonlisten_process != NULL) |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
103 newest_nonlisten_process->next_nonlisten = p; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
104 newest_nonlisten_process = p; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
105 |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
106 if (oldest_nonlisten_process == NULL) |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
107 oldest_nonlisten_process = p; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
108 } |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
109 |
10
82b7de533f98
s/user_data/context/ and some s/Data/Context/
Timo Sirainen <tss@iki.fi>
parents:
0
diff
changeset
|
110 static void login_process_input(void *context, int fd __attr_unused__, |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
111 struct io *io __attr_unused__) |
0 | 112 { |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
113 struct login_process *p = context; |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
114 struct auth_process *auth_process; |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
115 struct login_auth_request *authreq; |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
116 struct master_request req; |
0 | 117 int client_fd, ret; |
118 | |
119 ret = fd_read(p->fd, &req, sizeof(req), &client_fd); | |
120 if (ret != sizeof(req)) { | |
121 if (ret == 0) { | |
122 /* disconnected, ie. the login process died */ | |
123 } else if (ret > 0) { | |
124 /* req wasn't fully read */ | |
125 i_error("login: fd_read() couldn't read all req"); | |
126 } else { | |
127 i_error("login: fd_read() failed: %m"); | |
128 } | |
129 | |
130 login_process_destroy(p); | |
131 return; | |
132 } | |
133 | |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
134 if (client_fd == -1) { |
925
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
135 /* just a notification that the login process */ |
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
136 if (!p->initialized) { |
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
137 /* initialization notify */ |
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
138 p->initialized = TRUE;; |
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
139 } else { |
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
140 /* not listening for new connections anymore */ |
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
141 login_process_mark_nonlistening(p); |
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
142 } |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
143 return; |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
144 } |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
145 |
0 | 146 /* login process isn't trusted, validate all data to make sure |
147 it's not trying to exploit us */ | |
148 if (!VALIDATE_STR(req.login_tag)) { | |
149 i_error("login: Received corrupted data"); | |
150 login_process_destroy(p); | |
151 return; | |
152 } | |
153 | |
154 /* ask the cookie from the auth process */ | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
155 authreq = i_new(struct login_auth_request, 1); |
0 | 156 p->refcount++; |
157 authreq->process = p; | |
158 authreq->login_id = req.id; | |
159 authreq->auth_id = ++auth_id_counter; | |
160 authreq->fd = client_fd; | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
161 memcpy(&authreq->ip, &req.ip, sizeof(struct ip_addr)); |
807
35abd7a5d381
Buffer related cleanups. Use PATH_MAX instead of hardcoded 1024 for paths.
Timo Sirainen <tss@iki.fi>
parents:
805
diff
changeset
|
162 if (strocpy(authreq->login_tag, req.login_tag, |
35abd7a5d381
Buffer related cleanups. Use PATH_MAX instead of hardcoded 1024 for paths.
Timo Sirainen <tss@iki.fi>
parents:
805
diff
changeset
|
163 sizeof(authreq->login_tag)) < 0) |
35abd7a5d381
Buffer related cleanups. Use PATH_MAX instead of hardcoded 1024 for paths.
Timo Sirainen <tss@iki.fi>
parents:
805
diff
changeset
|
164 i_panic("login_tag overflow"); |
0 | 165 |
166 auth_process = auth_process_find(req.auth_process); | |
167 if (auth_process == NULL) { | |
168 i_error("login: Authentication process %u doesn't exist", | |
169 req.auth_process); | |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
170 auth_callback(NULL, authreq); |
0 | 171 } else { |
810
30f6811f4952
Instead of just trusting randomness of authentication cookies between
Timo Sirainen <tss@iki.fi>
parents:
807
diff
changeset
|
172 auth_process_request(p->pid, auth_process, authreq->auth_id, |
30f6811f4952
Instead of just trusting randomness of authentication cookies between
Timo Sirainen <tss@iki.fi>
parents:
807
diff
changeset
|
173 req.cookie, auth_callback, authreq); |
0 | 174 } |
175 } | |
176 | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
177 static struct login_process *login_process_new(pid_t pid, int fd) |
0 | 178 { |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
179 struct login_process *p; |
0 | 180 |
181 PID_ADD_PROCESS_TYPE(pid, PROCESS_TYPE_LOGIN); | |
182 | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
183 p = i_new(struct login_process, 1); |
0 | 184 p->refcount = 1; |
185 p->pid = pid; | |
186 p->fd = fd; | |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
187 p->listening = TRUE; |
0 | 188 p->io = io_add(fd, IO_READ, login_process_input, p); |
764
f57c52738f90
Renamed IBuffer and OBuffer to IStream and OStream which describes their
Timo Sirainen <tss@iki.fi>
parents:
747
diff
changeset
|
189 p->output = o_stream_create_file(fd, default_pool, |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
190 sizeof(struct master_reply)*10, |
410
1f0e7229ee58
Split IOBuffer into mmaped IBuffer, file IBuffer, memory data IBuffer and
Timo Sirainen <tss@iki.fi>
parents:
364
diff
changeset
|
191 IO_PRIORITY_DEFAULT, FALSE); |
0 | 192 |
195
db6e288be0e9
Replaced INT_TO_POINTER and POINTER_TO_INT macros with POINTER_CAST and
Timo Sirainen <tss@iki.fi>
parents:
10
diff
changeset
|
193 hash_insert(processes, POINTER_CAST(pid), p); |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
194 listening_processes++; |
0 | 195 return p; |
196 } | |
197 | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
198 static void login_process_remove_from_lists(struct login_process *p) |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
199 { |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
200 if (p == oldest_nonlisten_process) |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
201 oldest_nonlisten_process = p->next_nonlisten; |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
202 else |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
203 p->prev_nonlisten->next_nonlisten = p->next_nonlisten; |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
204 |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
205 if (p == newest_nonlisten_process) |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
206 newest_nonlisten_process = p->prev_nonlisten; |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
207 else |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
208 p->next_nonlisten->prev_nonlisten = p->prev_nonlisten; |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
209 |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
210 p->next_nonlisten = p->prev_nonlisten = NULL; |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
211 } |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
212 |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
213 static void login_process_destroy(struct login_process *p) |
0 | 214 { |
215 if (p->destroyed) | |
216 return; | |
217 p->destroyed = TRUE; | |
218 | |
925
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
219 if (!p->initialized) |
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
220 i_fatal("Login process died too early - shutting down"); |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
221 if (p->listening) |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
222 listening_processes--; |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
223 |
764
f57c52738f90
Renamed IBuffer and OBuffer to IStream and OStream which describes their
Timo Sirainen <tss@iki.fi>
parents:
747
diff
changeset
|
224 o_stream_close(p->output); |
0 | 225 io_remove(p->io); |
805
5ac361acb316
Marked all non-trivial buffer modifications with @UNSAFE tag. Several
Timo Sirainen <tss@iki.fi>
parents:
801
diff
changeset
|
226 if (close(p->fd) < 0) |
5ac361acb316
Marked all non-trivial buffer modifications with @UNSAFE tag. Several
Timo Sirainen <tss@iki.fi>
parents:
801
diff
changeset
|
227 i_error("close(login) failed: %m"); |
0 | 228 |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
229 if (!p->listening) |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
230 login_process_remove_from_lists(p); |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
231 |
195
db6e288be0e9
Replaced INT_TO_POINTER and POINTER_TO_INT macros with POINTER_CAST and
Timo Sirainen <tss@iki.fi>
parents:
10
diff
changeset
|
232 hash_remove(processes, POINTER_CAST(p->pid)); |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
233 |
0 | 234 login_process_unref(p); |
235 } | |
236 | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
237 static void login_process_unref(struct login_process *p) |
0 | 238 { |
239 if (--p->refcount > 0) | |
240 return; | |
241 | |
764
f57c52738f90
Renamed IBuffer and OBuffer to IStream and OStream which describes their
Timo Sirainen <tss@iki.fi>
parents:
747
diff
changeset
|
242 o_stream_unref(p->output); |
0 | 243 i_free(p); |
244 } | |
245 | |
246 static pid_t create_login_process(void) | |
247 { | |
699
cc795d74d08f
Use more warnings with GCC by default. Fixed several warnings.
Timo Sirainen <tss@iki.fi>
parents:
697
diff
changeset
|
248 static char *argv[] = { NULL, NULL }; |
0 | 249 pid_t pid; |
250 int fd[2]; | |
251 | |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
252 if (set_login_process_per_connection && |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
253 hash_size(processes)-listening_processes >= set_max_logging_users) { |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
254 if (oldest_nonlisten_process != NULL) |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
255 login_process_destroy(oldest_nonlisten_process); |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
256 } |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
257 |
0 | 258 if (set_login_uid == 0) |
259 i_fatal("Login process must not run as root"); | |
260 | |
261 /* create communication to process with a socket pair */ | |
262 if (socketpair(AF_UNIX, SOCK_STREAM, 0, fd) == -1) { | |
263 i_error("socketpair() failed: %m"); | |
264 return -1; | |
265 } | |
266 | |
267 pid = fork(); | |
268 if (pid < 0) { | |
269 (void)close(fd[0]); | |
270 (void)close(fd[1]); | |
271 i_error("fork() failed: %m"); | |
272 return -1; | |
273 } | |
274 | |
275 if (pid != 0) { | |
276 /* master */ | |
727
8dd8ebe6bcac
We use close-on-exec flag now to make sure that master process closes the
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
277 fd_close_on_exec(fd[0], TRUE); |
0 | 278 login_process_new(pid, fd[0]); |
279 (void)close(fd[1]); | |
280 return pid; | |
281 } | |
282 | |
283 /* move communication handle */ | |
284 if (dup2(fd[1], LOGIN_MASTER_SOCKET_FD) < 0) | |
805
5ac361acb316
Marked all non-trivial buffer modifications with @UNSAFE tag. Several
Timo Sirainen <tss@iki.fi>
parents:
801
diff
changeset
|
285 i_fatal("login: dup2(master) failed: %m"); |
727
8dd8ebe6bcac
We use close-on-exec flag now to make sure that master process closes the
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
286 fd_close_on_exec(LOGIN_MASTER_SOCKET_FD, FALSE); |
0 | 287 |
288 /* move the listen handle */ | |
289 if (dup2(imap_fd, LOGIN_IMAP_LISTEN_FD) < 0) | |
805
5ac361acb316
Marked all non-trivial buffer modifications with @UNSAFE tag. Several
Timo Sirainen <tss@iki.fi>
parents:
801
diff
changeset
|
290 i_fatal("login: dup2(imap) failed: %m"); |
727
8dd8ebe6bcac
We use close-on-exec flag now to make sure that master process closes the
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
291 fd_close_on_exec(LOGIN_IMAP_LISTEN_FD, FALSE); |
0 | 292 |
293 /* move the SSL listen handle */ | |
876
ad8f7d2107b4
If ssl_disable is set to yes and we get SIGHUPed, don't feed the listening
Timo Sirainen <tss@iki.fi>
parents:
810
diff
changeset
|
294 if (!set_ssl_disable) { |
ad8f7d2107b4
If ssl_disable is set to yes and we get SIGHUPed, don't feed the listening
Timo Sirainen <tss@iki.fi>
parents:
810
diff
changeset
|
295 if (dup2(imaps_fd, LOGIN_IMAPS_LISTEN_FD) < 0) |
ad8f7d2107b4
If ssl_disable is set to yes and we get SIGHUPed, don't feed the listening
Timo Sirainen <tss@iki.fi>
parents:
810
diff
changeset
|
296 i_fatal("login: dup2(imaps) failed: %m"); |
ad8f7d2107b4
If ssl_disable is set to yes and we get SIGHUPed, don't feed the listening
Timo Sirainen <tss@iki.fi>
parents:
810
diff
changeset
|
297 } else { |
ad8f7d2107b4
If ssl_disable is set to yes and we get SIGHUPed, don't feed the listening
Timo Sirainen <tss@iki.fi>
parents:
810
diff
changeset
|
298 if (dup2(null_fd, LOGIN_IMAPS_LISTEN_FD) < 0) |
ad8f7d2107b4
If ssl_disable is set to yes and we get SIGHUPed, don't feed the listening
Timo Sirainen <tss@iki.fi>
parents:
810
diff
changeset
|
299 i_fatal("login: dup2(imaps) failed: %m"); |
ad8f7d2107b4
If ssl_disable is set to yes and we get SIGHUPed, don't feed the listening
Timo Sirainen <tss@iki.fi>
parents:
810
diff
changeset
|
300 } |
727
8dd8ebe6bcac
We use close-on-exec flag now to make sure that master process closes the
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
301 fd_close_on_exec(LOGIN_IMAPS_LISTEN_FD, FALSE); |
0 | 302 |
303 /* imap_fd and imaps_fd are closed by clean_child_process() */ | |
304 | |
305 (void)close(fd[0]); | |
306 (void)close(fd[1]); | |
307 | |
308 clean_child_process(); | |
309 | |
310 /* setup access environment - needs to be done after | |
311 clean_child_process() since it clears environment */ | |
312 restrict_access_set_env(set_login_user, set_login_uid, set_login_gid, | |
313 set_login_chroot ? set_login_dir : NULL); | |
314 | |
315 if (!set_login_chroot) { | |
316 /* no chrooting, but still change to the directory */ | |
805
5ac361acb316
Marked all non-trivial buffer modifications with @UNSAFE tag. Several
Timo Sirainen <tss@iki.fi>
parents:
801
diff
changeset
|
317 if (chdir(set_login_dir) < 0) |
5ac361acb316
Marked all non-trivial buffer modifications with @UNSAFE tag. Several
Timo Sirainen <tss@iki.fi>
parents:
801
diff
changeset
|
318 i_fatal("chdir(%s) failed: %m", set_login_dir); |
0 | 319 } |
320 | |
666 | 321 if (!set_ssl_disable) { |
697
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
322 env_put(t_strconcat("SSL_CERT_FILE=", set_ssl_cert_file, NULL)); |
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
323 env_put(t_strconcat("SSL_KEY_FILE=", set_ssl_key_file, NULL)); |
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
324 env_put(t_strconcat("SSL_PARAM_FILE=", |
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
325 set_ssl_parameters_file, NULL)); |
615
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
326 } |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
327 |
0 | 328 if (set_disable_plaintext_auth) |
697
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
329 env_put("DISABLE_PLAINTEXT_AUTH=1"); |
747
db6fb0aa16d1
Let login process also know if verbose process titles are wanted..
Timo Sirainen <tss@iki.fi>
parents:
727
diff
changeset
|
330 if (set_verbose_proctitle) |
db6fb0aa16d1
Let login process also know if verbose process titles are wanted..
Timo Sirainen <tss@iki.fi>
parents:
727
diff
changeset
|
331 env_put("VERBOSE_PROCTITLE=1"); |
0 | 332 |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
333 if (set_login_process_per_connection) { |
697
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
334 env_put("PROCESS_PER_CONNECTION=1"); |
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
335 env_put("MAX_LOGGING_USERS=1"); |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
336 } else { |
810
30f6811f4952
Instead of just trusting randomness of authentication cookies between
Timo Sirainen <tss@iki.fi>
parents:
807
diff
changeset
|
337 env_put(t_strdup_printf("MAX_LOGGING_USERS=%u", |
697
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
338 set_max_logging_users)); |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
339 } |
0 | 340 |
810
30f6811f4952
Instead of just trusting randomness of authentication cookies between
Timo Sirainen <tss@iki.fi>
parents:
807
diff
changeset
|
341 env_put(t_strdup_printf("PROCESS_UID=%s", dec2str(getpid()))); |
30f6811f4952
Instead of just trusting randomness of authentication cookies between
Timo Sirainen <tss@iki.fi>
parents:
807
diff
changeset
|
342 |
722
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
699
diff
changeset
|
343 restrict_process_size(set_login_process_size); |
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
699
diff
changeset
|
344 |
801
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
791
diff
changeset
|
345 /* make sure we don't leak syslog fd, but do it last so that |
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
791
diff
changeset
|
346 any errors above will be logged */ |
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
791
diff
changeset
|
347 closelog(); |
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
791
diff
changeset
|
348 |
0 | 349 /* hide the path, it's ugly */ |
350 argv[0] = strrchr(set_login_executable, '/'); | |
351 if (argv[0] == NULL) argv[0] = set_login_executable; else argv[0]++; | |
352 | |
353 execv(set_login_executable, (char **) argv); | |
354 | |
801
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
791
diff
changeset
|
355 i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", argv[0]); |
0 | 356 return -1; |
357 } | |
358 | |
615
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
359 void login_process_abormal_exit(pid_t pid __attr_unused__) |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
360 { |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
361 /* don't start raising the process count if they're dying all |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
362 the time */ |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
363 wanted_processes_count = 0; |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
364 } |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
365 |
635
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
366 static void login_hash_destroy(void *key __attr_unused__, void *value, |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
367 void *context __attr_unused__) |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
368 { |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
369 login_process_destroy(value); |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
370 } |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
371 |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
372 void login_processes_destroy_all(void) |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
373 { |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
374 hash_foreach(processes, login_hash_destroy, NULL); |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
375 |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
376 /* don't double their amount when restarting */ |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
377 wanted_processes_count = 0; |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
378 } |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
379 |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
380 static void |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
381 login_processes_start_missing(void *context __attr_unused__, |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
382 struct timeout *timeout __attr_unused__) |
0 | 383 { |
614
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
384 if (!set_login_process_per_connection) { |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
385 /* create max. one process every second, that way if it keeps |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
386 dying all the time we don't eat all cpu with fork()ing. */ |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
387 if (listening_processes < set_login_processes_count) |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
388 (void)create_login_process(); |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
389 } else { |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
390 /* we want to respond fast when multiple clients are connecting |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
391 at once, but we also want to prevent fork-bombing. use the |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
392 same method as apache: check once a second if we need new |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
393 processes. if yes and we've used all the existing processes, |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
394 double their amount (unless we've hit the high limit). |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
395 Then for each second that didn't use all existing processes, |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
396 drop the max. process count by one. */ |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
397 if (wanted_processes_count < set_login_processes_count) |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
398 wanted_processes_count = set_login_processes_count; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
399 else if (listening_processes == 0) |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
400 wanted_processes_count *= 2; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
401 else if (wanted_processes_count > set_login_processes_count) |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
402 wanted_processes_count--; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
403 |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
404 if (wanted_processes_count > set_login_max_processes_count) |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
405 wanted_processes_count = set_login_max_processes_count; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
406 |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
407 while (listening_processes < wanted_processes_count) |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
408 (void)create_login_process(); |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
409 } |
0 | 410 } |
411 | |
412 void login_processes_init(void) | |
413 { | |
414 auth_id_counter = 0; | |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
415 listening_processes = 0; |
614
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
416 wanted_processes_count = 0; |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
417 oldest_nonlisten_process = newest_nonlisten_process = NULL; |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
418 |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
419 processes = hash_create(default_pool, 128, NULL, NULL); |
0 | 420 to = timeout_add(1000, login_processes_start_missing, NULL); |
421 } | |
422 | |
423 void login_processes_deinit(void) | |
424 { | |
425 timeout_remove(to); | |
426 | |
635
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
427 login_processes_destroy_all(); |
0 | 428 hash_destroy(processes); |
429 } |