Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/master/login-process.c @ 1039:793f05a7e50e HEAD
signed/unsigned/const pointer fixes
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Mon, 27 Jan 2003 04:05:32 +0200 |
parents | f782b3319553 |
children | a72bba3f8a55 |
rev | line source |
---|---|
0 | 1 /* Copyright (C) 2002 Timo Sirainen */ |
2 | |
3 #include "common.h" | |
532
3b53dd1280c6
I/O buffers now use real blocking instead of setting up a sub-ioloop to
Timo Sirainen <tss@iki.fi>
parents:
410
diff
changeset
|
4 #include "ioloop.h" |
0 | 5 #include "network.h" |
764
f57c52738f90
Renamed IBuffer and OBuffer to IStream and OStream which describes their
Timo Sirainen <tss@iki.fi>
parents:
747
diff
changeset
|
6 #include "ostream.h" |
0 | 7 #include "fdpass.h" |
727
8dd8ebe6bcac
We use close-on-exec flag now to make sure that master process closes the
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
8 #include "fd-close-on-exec.h" |
697
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
9 #include "env-util.h" |
0 | 10 #include "restrict-access.h" |
722
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
699
diff
changeset
|
11 #include "restrict-process-size.h" |
0 | 12 #include "login-process.h" |
13 #include "auth-process.h" | |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
14 #include "imap-process.h" |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
15 #include "master-login-interface.h" |
0 | 16 |
17 #include <unistd.h> | |
18 #include <syslog.h> | |
19 | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
20 struct login_process { |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
21 struct login_process *prev_nonlisten, *next_nonlisten; |
0 | 22 int refcount; |
23 | |
24 pid_t pid; | |
25 int fd; | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
26 struct io *io; |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
27 struct ostream *output; |
925
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
28 unsigned int initialized:1; |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
29 unsigned int listening:1; |
0 | 30 unsigned int destroyed:1; |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
31 }; |
0 | 32 |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
33 struct login_auth_request { |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
34 struct login_process *process; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
35 unsigned int tag; |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
36 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
37 unsigned int login_tag; |
0 | 38 int fd; |
39 | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
40 struct ip_addr ip; |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
41 }; |
0 | 42 |
810
30f6811f4952
Instead of just trusting randomness of authentication cookies between
Timo Sirainen <tss@iki.fi>
parents:
807
diff
changeset
|
43 static unsigned int auth_id_counter; |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
44 static struct timeout *to; |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
45 |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
46 static struct hash_table *processes; |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
47 static struct login_process *oldest_nonlisten_process; |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
48 static struct login_process *newest_nonlisten_process; |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
49 static unsigned int listening_processes; |
614
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
50 static unsigned int wanted_processes_count; |
0 | 51 |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
52 static void login_process_destroy(struct login_process *p); |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
53 static void login_process_unref(struct login_process *p); |
0 | 54 |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
55 void auth_master_callback(struct auth_master_reply *reply, |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
56 const unsigned char *data, void *context) |
0 | 57 { |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
58 struct login_auth_request *request = context; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
59 struct master_login_reply master_reply; |
0 | 60 |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
61 if (reply == NULL || !reply->success) |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
62 master_reply.success = FALSE; |
0 | 63 else { |
1039
793f05a7e50e
signed/unsigned/const pointer fixes
Timo Sirainen <tss@iki.fi>
parents:
1036
diff
changeset
|
64 master_reply.success = |
793f05a7e50e
signed/unsigned/const pointer fixes
Timo Sirainen <tss@iki.fi>
parents:
1036
diff
changeset
|
65 create_imap_process(request->fd, &request->ip, reply, |
793f05a7e50e
signed/unsigned/const pointer fixes
Timo Sirainen <tss@iki.fi>
parents:
1036
diff
changeset
|
66 (const char *) data); |
0 | 67 } |
68 | |
69 /* reply to login */ | |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
70 master_reply.tag = request->login_tag; |
0 | 71 |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
72 if (o_stream_send(request->process->output, &master_reply, |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
73 sizeof(master_reply)) < 0) |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
74 login_process_destroy(request->process); |
0 | 75 |
805
5ac361acb316
Marked all non-trivial buffer modifications with @UNSAFE tag. Several
Timo Sirainen <tss@iki.fi>
parents:
801
diff
changeset
|
76 if (close(request->fd) < 0) |
5ac361acb316
Marked all non-trivial buffer modifications with @UNSAFE tag. Several
Timo Sirainen <tss@iki.fi>
parents:
801
diff
changeset
|
77 i_error("close(imap client) failed: %m"); |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
78 login_process_unref(request->process); |
0 | 79 i_free(request); |
80 } | |
81 | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
82 static void login_process_mark_nonlistening(struct login_process *p) |
614
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
83 { |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
84 if (!p->listening) { |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
85 i_error("login: received another \"not listening\" " |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
86 "notification"); |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
87 return; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
88 } |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
89 |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
90 p->listening = FALSE; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
91 listening_processes--; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
92 |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
93 p->prev_nonlisten = newest_nonlisten_process; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
94 |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
95 if (newest_nonlisten_process != NULL) |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
96 newest_nonlisten_process->next_nonlisten = p; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
97 newest_nonlisten_process = p; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
98 |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
99 if (oldest_nonlisten_process == NULL) |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
100 oldest_nonlisten_process = p; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
101 } |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
102 |
1036
f782b3319553
Removed useless parameters from io_callback_t and timeout_callback_t.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
103 static void login_process_input(void *context) |
0 | 104 { |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
105 struct login_process *p = context; |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
106 struct auth_process *auth_process; |
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
107 struct login_auth_request *authreq; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
108 struct master_login_request req; |
0 | 109 int client_fd, ret; |
110 | |
111 ret = fd_read(p->fd, &req, sizeof(req), &client_fd); | |
112 if (ret != sizeof(req)) { | |
113 if (ret == 0) { | |
114 /* disconnected, ie. the login process died */ | |
115 } else if (ret > 0) { | |
116 /* req wasn't fully read */ | |
117 i_error("login: fd_read() couldn't read all req"); | |
118 } else { | |
119 i_error("login: fd_read() failed: %m"); | |
120 } | |
121 | |
929
a763b3826762
Don't leak fds in case of errors.
Timo Sirainen <tss@iki.fi>
parents:
925
diff
changeset
|
122 if (client_fd != -1) { |
a763b3826762
Don't leak fds in case of errors.
Timo Sirainen <tss@iki.fi>
parents:
925
diff
changeset
|
123 if (close(client_fd) < 0) |
a763b3826762
Don't leak fds in case of errors.
Timo Sirainen <tss@iki.fi>
parents:
925
diff
changeset
|
124 i_error("close(imap client) failed: %m"); |
a763b3826762
Don't leak fds in case of errors.
Timo Sirainen <tss@iki.fi>
parents:
925
diff
changeset
|
125 } |
a763b3826762
Don't leak fds in case of errors.
Timo Sirainen <tss@iki.fi>
parents:
925
diff
changeset
|
126 |
0 | 127 login_process_destroy(p); |
128 return; | |
129 } | |
130 | |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
131 if (client_fd == -1) { |
925
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
132 /* just a notification that the login process */ |
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
133 if (!p->initialized) { |
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
134 /* initialization notify */ |
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
135 p->initialized = TRUE;; |
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
136 } else { |
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
137 /* not listening for new connections anymore */ |
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
138 login_process_mark_nonlistening(p); |
2e649dec0f09
Auth and login processes send an "we're ok" reply at the end of
Timo Sirainen <tss@iki.fi>
parents:
903
diff
changeset
|
139 } |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
140 return; |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
141 } |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
142 |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
143 fd_close_on_exec(client_fd, TRUE); |
0 | 144 |
145 /* ask the cookie from the auth process */ | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
146 authreq = i_new(struct login_auth_request, 1); |
0 | 147 p->refcount++; |
148 authreq->process = p; | |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
149 authreq->tag = ++auth_id_counter; |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
150 authreq->login_tag = req.tag; |
0 | 151 authreq->fd = client_fd; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
152 authreq->ip = req.ip; |
0 | 153 |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
154 auth_process = auth_process_find(req.auth_pid); |
0 | 155 if (auth_process == NULL) { |
156 i_error("login: Authentication process %u doesn't exist", | |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
157 req.auth_pid); |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
158 auth_master_callback(NULL, NULL, authreq); |
0 | 159 } else { |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
160 auth_process_request(auth_process, p->pid, |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
161 req.auth_id, authreq); |
0 | 162 } |
163 } | |
164 | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
165 static struct login_process *login_process_new(pid_t pid, int fd) |
0 | 166 { |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
167 struct login_process *p; |
0 | 168 |
169 PID_ADD_PROCESS_TYPE(pid, PROCESS_TYPE_LOGIN); | |
170 | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
171 p = i_new(struct login_process, 1); |
0 | 172 p->refcount = 1; |
173 p->pid = pid; | |
174 p->fd = fd; | |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
175 p->listening = TRUE; |
0 | 176 p->io = io_add(fd, IO_READ, login_process_input, p); |
764
f57c52738f90
Renamed IBuffer and OBuffer to IStream and OStream which describes their
Timo Sirainen <tss@iki.fi>
parents:
747
diff
changeset
|
177 p->output = o_stream_create_file(fd, default_pool, |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
178 sizeof(struct master_login_reply)*10, |
410
1f0e7229ee58
Split IOBuffer into mmaped IBuffer, file IBuffer, memory data IBuffer and
Timo Sirainen <tss@iki.fi>
parents:
364
diff
changeset
|
179 IO_PRIORITY_DEFAULT, FALSE); |
0 | 180 |
195
db6e288be0e9
Replaced INT_TO_POINTER and POINTER_TO_INT macros with POINTER_CAST and
Timo Sirainen <tss@iki.fi>
parents:
10
diff
changeset
|
181 hash_insert(processes, POINTER_CAST(pid), p); |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
182 listening_processes++; |
0 | 183 return p; |
184 } | |
185 | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
186 static void login_process_remove_from_lists(struct login_process *p) |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
187 { |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
188 if (p == oldest_nonlisten_process) |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
189 oldest_nonlisten_process = p->next_nonlisten; |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
190 else |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
191 p->prev_nonlisten->next_nonlisten = p->next_nonlisten; |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
192 |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
193 if (p == newest_nonlisten_process) |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
194 newest_nonlisten_process = p->prev_nonlisten; |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
195 else |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
196 p->next_nonlisten->prev_nonlisten = p->prev_nonlisten; |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
197 |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
198 p->next_nonlisten = p->prev_nonlisten = NULL; |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
199 } |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
200 |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
201 static void login_process_destroy(struct login_process *p) |
0 | 202 { |
203 if (p->destroyed) | |
204 return; | |
205 p->destroyed = TRUE; | |
206 | |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
1000
diff
changeset
|
207 if (!p->initialized && io_loop_is_running(ioloop)) { |
1000
0fbafade2d85
If auth/login process died unexpectedly, the exit status or killing signal
Timo Sirainen <tss@iki.fi>
parents:
945
diff
changeset
|
208 i_error("Login process died too early - shutting down"); |
0fbafade2d85
If auth/login process died unexpectedly, the exit status or killing signal
Timo Sirainen <tss@iki.fi>
parents:
945
diff
changeset
|
209 io_loop_stop(ioloop); |
0fbafade2d85
If auth/login process died unexpectedly, the exit status or killing signal
Timo Sirainen <tss@iki.fi>
parents:
945
diff
changeset
|
210 } |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
211 if (p->listening) |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
212 listening_processes--; |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
213 |
764
f57c52738f90
Renamed IBuffer and OBuffer to IStream and OStream which describes their
Timo Sirainen <tss@iki.fi>
parents:
747
diff
changeset
|
214 o_stream_close(p->output); |
0 | 215 io_remove(p->io); |
805
5ac361acb316
Marked all non-trivial buffer modifications with @UNSAFE tag. Several
Timo Sirainen <tss@iki.fi>
parents:
801
diff
changeset
|
216 if (close(p->fd) < 0) |
5ac361acb316
Marked all non-trivial buffer modifications with @UNSAFE tag. Several
Timo Sirainen <tss@iki.fi>
parents:
801
diff
changeset
|
217 i_error("close(login) failed: %m"); |
0 | 218 |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
219 if (!p->listening) |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
220 login_process_remove_from_lists(p); |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
221 |
195
db6e288be0e9
Replaced INT_TO_POINTER and POINTER_TO_INT macros with POINTER_CAST and
Timo Sirainen <tss@iki.fi>
parents:
10
diff
changeset
|
222 hash_remove(processes, POINTER_CAST(p->pid)); |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
223 |
0 | 224 login_process_unref(p); |
225 } | |
226 | |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
227 static void login_process_unref(struct login_process *p) |
0 | 228 { |
229 if (--p->refcount > 0) | |
230 return; | |
231 | |
764
f57c52738f90
Renamed IBuffer and OBuffer to IStream and OStream which describes their
Timo Sirainen <tss@iki.fi>
parents:
747
diff
changeset
|
232 o_stream_unref(p->output); |
0 | 233 i_free(p); |
234 } | |
235 | |
236 static pid_t create_login_process(void) | |
237 { | |
699
cc795d74d08f
Use more warnings with GCC by default. Fixed several warnings.
Timo Sirainen <tss@iki.fi>
parents:
697
diff
changeset
|
238 static char *argv[] = { NULL, NULL }; |
0 | 239 pid_t pid; |
240 int fd[2]; | |
241 | |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
242 if (set_login_process_per_connection && |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
243 hash_size(processes)-listening_processes >= set_max_logging_users) { |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
244 if (oldest_nonlisten_process != NULL) |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
245 login_process_destroy(oldest_nonlisten_process); |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
246 } |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
247 |
0 | 248 if (set_login_uid == 0) |
249 i_fatal("Login process must not run as root"); | |
250 | |
251 /* create communication to process with a socket pair */ | |
252 if (socketpair(AF_UNIX, SOCK_STREAM, 0, fd) == -1) { | |
253 i_error("socketpair() failed: %m"); | |
254 return -1; | |
255 } | |
256 | |
257 pid = fork(); | |
258 if (pid < 0) { | |
259 (void)close(fd[0]); | |
260 (void)close(fd[1]); | |
261 i_error("fork() failed: %m"); | |
262 return -1; | |
263 } | |
264 | |
265 if (pid != 0) { | |
266 /* master */ | |
727
8dd8ebe6bcac
We use close-on-exec flag now to make sure that master process closes the
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
267 fd_close_on_exec(fd[0], TRUE); |
0 | 268 login_process_new(pid, fd[0]); |
269 (void)close(fd[1]); | |
270 return pid; | |
271 } | |
272 | |
273 /* move communication handle */ | |
274 if (dup2(fd[1], LOGIN_MASTER_SOCKET_FD) < 0) | |
805
5ac361acb316
Marked all non-trivial buffer modifications with @UNSAFE tag. Several
Timo Sirainen <tss@iki.fi>
parents:
801
diff
changeset
|
275 i_fatal("login: dup2(master) failed: %m"); |
727
8dd8ebe6bcac
We use close-on-exec flag now to make sure that master process closes the
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
276 fd_close_on_exec(LOGIN_MASTER_SOCKET_FD, FALSE); |
0 | 277 |
278 /* move the listen handle */ | |
279 if (dup2(imap_fd, LOGIN_IMAP_LISTEN_FD) < 0) | |
805
5ac361acb316
Marked all non-trivial buffer modifications with @UNSAFE tag. Several
Timo Sirainen <tss@iki.fi>
parents:
801
diff
changeset
|
280 i_fatal("login: dup2(imap) failed: %m"); |
727
8dd8ebe6bcac
We use close-on-exec flag now to make sure that master process closes the
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
281 fd_close_on_exec(LOGIN_IMAP_LISTEN_FD, FALSE); |
0 | 282 |
283 /* move the SSL listen handle */ | |
876
ad8f7d2107b4
If ssl_disable is set to yes and we get SIGHUPed, don't feed the listening
Timo Sirainen <tss@iki.fi>
parents:
810
diff
changeset
|
284 if (!set_ssl_disable) { |
ad8f7d2107b4
If ssl_disable is set to yes and we get SIGHUPed, don't feed the listening
Timo Sirainen <tss@iki.fi>
parents:
810
diff
changeset
|
285 if (dup2(imaps_fd, LOGIN_IMAPS_LISTEN_FD) < 0) |
ad8f7d2107b4
If ssl_disable is set to yes and we get SIGHUPed, don't feed the listening
Timo Sirainen <tss@iki.fi>
parents:
810
diff
changeset
|
286 i_fatal("login: dup2(imaps) failed: %m"); |
ad8f7d2107b4
If ssl_disable is set to yes and we get SIGHUPed, don't feed the listening
Timo Sirainen <tss@iki.fi>
parents:
810
diff
changeset
|
287 } else { |
ad8f7d2107b4
If ssl_disable is set to yes and we get SIGHUPed, don't feed the listening
Timo Sirainen <tss@iki.fi>
parents:
810
diff
changeset
|
288 if (dup2(null_fd, LOGIN_IMAPS_LISTEN_FD) < 0) |
ad8f7d2107b4
If ssl_disable is set to yes and we get SIGHUPed, don't feed the listening
Timo Sirainen <tss@iki.fi>
parents:
810
diff
changeset
|
289 i_fatal("login: dup2(imaps) failed: %m"); |
ad8f7d2107b4
If ssl_disable is set to yes and we get SIGHUPed, don't feed the listening
Timo Sirainen <tss@iki.fi>
parents:
810
diff
changeset
|
290 } |
727
8dd8ebe6bcac
We use close-on-exec flag now to make sure that master process closes the
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
291 fd_close_on_exec(LOGIN_IMAPS_LISTEN_FD, FALSE); |
0 | 292 |
293 /* imap_fd and imaps_fd are closed by clean_child_process() */ | |
294 | |
295 (void)close(fd[0]); | |
296 (void)close(fd[1]); | |
297 | |
298 clean_child_process(); | |
299 | |
300 /* setup access environment - needs to be done after | |
301 clean_child_process() since it clears environment */ | |
302 restrict_access_set_env(set_login_user, set_login_uid, set_login_gid, | |
303 set_login_chroot ? set_login_dir : NULL); | |
304 | |
305 if (!set_login_chroot) { | |
306 /* no chrooting, but still change to the directory */ | |
805
5ac361acb316
Marked all non-trivial buffer modifications with @UNSAFE tag. Several
Timo Sirainen <tss@iki.fi>
parents:
801
diff
changeset
|
307 if (chdir(set_login_dir) < 0) |
5ac361acb316
Marked all non-trivial buffer modifications with @UNSAFE tag. Several
Timo Sirainen <tss@iki.fi>
parents:
801
diff
changeset
|
308 i_fatal("chdir(%s) failed: %m", set_login_dir); |
0 | 309 } |
310 | |
666 | 311 if (!set_ssl_disable) { |
697
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
312 env_put(t_strconcat("SSL_CERT_FILE=", set_ssl_cert_file, NULL)); |
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
313 env_put(t_strconcat("SSL_KEY_FILE=", set_ssl_key_file, NULL)); |
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
314 env_put(t_strconcat("SSL_PARAM_FILE=", |
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
315 set_ssl_parameters_file, NULL)); |
615
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
316 } |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
317 |
0 | 318 if (set_disable_plaintext_auth) |
697
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
319 env_put("DISABLE_PLAINTEXT_AUTH=1"); |
747
db6fb0aa16d1
Let login process also know if verbose process titles are wanted..
Timo Sirainen <tss@iki.fi>
parents:
727
diff
changeset
|
320 if (set_verbose_proctitle) |
db6fb0aa16d1
Let login process also know if verbose process titles are wanted..
Timo Sirainen <tss@iki.fi>
parents:
727
diff
changeset
|
321 env_put("VERBOSE_PROCTITLE=1"); |
0 | 322 |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
323 if (set_login_process_per_connection) { |
697
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
324 env_put("PROCESS_PER_CONNECTION=1"); |
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
325 env_put("MAX_LOGGING_USERS=1"); |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
326 } else { |
810
30f6811f4952
Instead of just trusting randomness of authentication cookies between
Timo Sirainen <tss@iki.fi>
parents:
807
diff
changeset
|
327 env_put(t_strdup_printf("MAX_LOGGING_USERS=%u", |
697
7814b29d0862
Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
328 set_max_logging_users)); |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
329 } |
0 | 330 |
810
30f6811f4952
Instead of just trusting randomness of authentication cookies between
Timo Sirainen <tss@iki.fi>
parents:
807
diff
changeset
|
331 env_put(t_strdup_printf("PROCESS_UID=%s", dec2str(getpid()))); |
30f6811f4952
Instead of just trusting randomness of authentication cookies between
Timo Sirainen <tss@iki.fi>
parents:
807
diff
changeset
|
332 |
722
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
699
diff
changeset
|
333 restrict_process_size(set_login_process_size); |
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
699
diff
changeset
|
334 |
801
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
791
diff
changeset
|
335 /* make sure we don't leak syslog fd, but do it last so that |
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
791
diff
changeset
|
336 any errors above will be logged */ |
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
791
diff
changeset
|
337 closelog(); |
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
791
diff
changeset
|
338 |
0 | 339 /* hide the path, it's ugly */ |
340 argv[0] = strrchr(set_login_executable, '/'); | |
341 if (argv[0] == NULL) argv[0] = set_login_executable; else argv[0]++; | |
342 | |
343 execv(set_login_executable, (char **) argv); | |
344 | |
801
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
791
diff
changeset
|
345 i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", argv[0]); |
0 | 346 return -1; |
347 } | |
348 | |
615
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
349 void login_process_abormal_exit(pid_t pid __attr_unused__) |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
350 { |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
351 /* don't start raising the process count if they're dying all |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
352 the time */ |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
353 wanted_processes_count = 0; |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
354 } |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
355 |
635
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
356 static void login_hash_destroy(void *key __attr_unused__, void *value, |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
357 void *context __attr_unused__) |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
358 { |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
359 login_process_destroy(value); |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
360 } |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
361 |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
362 void login_processes_destroy_all(void) |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
363 { |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
364 hash_foreach(processes, login_hash_destroy, NULL); |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
365 |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
366 /* don't double their amount when restarting */ |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
367 wanted_processes_count = 0; |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
368 } |
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
369 |
903
fd8888f6f037
Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents:
876
diff
changeset
|
370 static void |
1036
f782b3319553
Removed useless parameters from io_callback_t and timeout_callback_t.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
371 login_processes_start_missing(void *context __attr_unused__) |
0 | 372 { |
614
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
373 if (!set_login_process_per_connection) { |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
374 /* create max. one process every second, that way if it keeps |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
375 dying all the time we don't eat all cpu with fork()ing. */ |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
376 if (listening_processes < set_login_processes_count) |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
377 (void)create_login_process(); |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
378 } else { |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
379 /* we want to respond fast when multiple clients are connecting |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
380 at once, but we also want to prevent fork-bombing. use the |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
381 same method as apache: check once a second if we need new |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
382 processes. if yes and we've used all the existing processes, |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
383 double their amount (unless we've hit the high limit). |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
384 Then for each second that didn't use all existing processes, |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
385 drop the max. process count by one. */ |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
386 if (wanted_processes_count < set_login_processes_count) |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
387 wanted_processes_count = set_login_processes_count; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
388 else if (listening_processes == 0) |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
389 wanted_processes_count *= 2; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
390 else if (wanted_processes_count > set_login_processes_count) |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
391 wanted_processes_count--; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
392 |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
393 if (wanted_processes_count > set_login_max_processes_count) |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
394 wanted_processes_count = set_login_max_processes_count; |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
395 |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
396 while (listening_processes < wanted_processes_count) |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
397 (void)create_login_process(); |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
398 } |
0 | 399 } |
400 | |
401 void login_processes_init(void) | |
402 { | |
403 auth_id_counter = 0; | |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
404 listening_processes = 0; |
614
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
405 wanted_processes_count = 0; |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
406 oldest_nonlisten_process = newest_nonlisten_process = NULL; |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
407 |
945
501f076f2e74
Rewrote hash table code, works with less memory now. Also some memory
Timo Sirainen <tss@iki.fi>
parents:
929
diff
changeset
|
408 processes = hash_create(default_pool, default_pool, 128, NULL, NULL); |
0 | 409 to = timeout_add(1000, login_processes_start_missing, NULL); |
410 } | |
411 | |
412 void login_processes_deinit(void) | |
413 { | |
414 timeout_remove(to); | |
415 | |
635
90a65c017bf0
SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
416 login_processes_destroy_all(); |
0 | 417 hash_destroy(processes); |
418 } |