dovecot/original-hg/dovecot-1.2: src/login-common/main.c annotate

annotate src/login-common/main.c @ 8620:9edf4a6e0cdb HEAD

Always send LOGIN_DIR environment to login processes.

author	Timo Sirainen <tss@iki.fi>
date	Tue, 13 Jan 2009 13:12:21 -0500
parents	b9faf4db2a9f
children	e85c7cb22ad7

rev	line source
8590 b9faf4db2a9f Updated copyright notices to include year 2009. Timo Sirainen <tss@iki.fi> parents: 8331 diff changeset	1 /* Copyright (c) 2002-2009 Dovecot authors, see the included COPYING file */
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	2
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	3 #include "common.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	4 #include "ioloop.h"
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	5 #include "array.h"
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	6 #include "lib-signals.h"
2622 033d2fd1cd38 Replaced timestamp in APOP challenge with 128 bits of randomness. Timo Sirainen <tss@iki.fi> parents: 2235 diff changeset	7 #include "randgen.h"
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	8 #include "restrict-access.h"
1398 b2a2edafdd91 Moved setting process limit after exec(). Timo Sirainen <tss@iki.fi> parents: 1281 diff changeset	9 #include "restrict-process-size.h"
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	10 #include "process-title.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	11 #include "fd-close-on-exec.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	12 #include "master.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	13 #include "client-common.h"
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1629 diff changeset	14 #include "auth-client.h"
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	15 #include "ssl-proxy.h"
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2691 diff changeset	16 #include "login-proxy.h"
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	17
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	18 #include <stdlib.h>
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	19 #include <unistd.h>
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	20 #include <syslog.h>
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	21
7922 4b4d2a4423ec Removed login_greeting_capability setting. Instead now a minimal pre-login Timo Sirainen <tss@iki.fi> parents: 7920 diff changeset	22 bool disable_plaintext_auth, process_per_connection;
8331 8fb20b423f8b Login processes: If auth_debug=yes, log about received unknown passdb extra fields. Timo Sirainen <tss@iki.fi> parents: 8302 diff changeset	23 bool verbose_proctitle, verbose_ssl, verbose_auth, auth_debug;
8302 0db37acdc59f Login process: Log auth failure reasons better in disconnect message. Timo Sirainen <tss@iki.fi> parents: 8088 diff changeset	24 bool ssl_require_client_cert;
3384 3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3126 diff changeset	25 const char greeting, log_format;
3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3126 diff changeset	26 const char const log_format_elements;
7920 3644883cf44e Support transferring original IPs and ports through IMAP proxies. Timo Sirainen <tss@iki.fi> parents: 7852 diff changeset	27 const char *trusted_networks;
4538 9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	28 unsigned int max_connections;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	29 unsigned int login_process_uid;
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1629 diff changeset	30 struct auth_client *auth_client;
4538 9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	31 bool closing_down;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	32
3607 a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	33 static const char *process_name;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	34 static struct ioloop *ioloop;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	35 static int main_refcount;
4538 9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	36 static bool is_inetd, listening;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	37
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	38 static ARRAY_DEFINE(listen_ios, struct io *);
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	39 static unsigned int listen_count, ssl_listen_count;
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	40
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	41 void main_ref(void)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	42 {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	43 main_refcount++;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	44 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	45
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	46 void main_unref(void)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	47 {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	48 if (--main_refcount == 0) {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	49 /* nothing to do, quit */
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	50 io_loop_stop(ioloop);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	51 } else if (closing_down && clients_get_count() == 0) {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	52 /* last login finished, close all communications
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	53 to master process */
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	54 master_close();
4986 5088f394fa72 Don't keep a connection open to dovecot-auth when we're only proxying. Timo Sirainen <tss@iki.fi> parents: 4903 diff changeset	55 /* we might still be proxying. close the connection to
5088f394fa72 Don't keep a connection open to dovecot-auth when we're only proxying. Timo Sirainen <tss@iki.fi> parents: 4903 diff changeset	56 dovecot-auth, since it's not needed anymore. */
4987 7179db893d3e Crashfix Timo Sirainen <tss@iki.fi> parents: 4986 diff changeset	57 if (auth_client != NULL)
7179db893d3e Crashfix Timo Sirainen <tss@iki.fi> parents: 4986 diff changeset	58 auth_client_free(&auth_client);
5364 8e2d0438d4ac Call auth_client_reconnect() when the last client has disconnected to make Timo Sirainen <tss@iki.fi> parents: 5363 diff changeset	59 } else if (clients_get_count() == 0) {
8e2d0438d4ac Call auth_client_reconnect() when the last client has disconnected to make Timo Sirainen <tss@iki.fi> parents: 5363 diff changeset	60 /* make sure we clear all the memory used by the
8e2d0438d4ac Call auth_client_reconnect() when the last client has disconnected to make Timo Sirainen <tss@iki.fi> parents: 5363 diff changeset	61 authentication connections. also this makes sure that if
8e2d0438d4ac Call auth_client_reconnect() when the last client has disconnected to make Timo Sirainen <tss@iki.fi> parents: 5363 diff changeset	62 this connection's authentication was finished but the master
8e2d0438d4ac Call auth_client_reconnect() when the last client has disconnected to make Timo Sirainen <tss@iki.fi> parents: 5363 diff changeset	63 login wasn't, the next connection won't be able to log in
8e2d0438d4ac Call auth_client_reconnect() when the last client has disconnected to make Timo Sirainen <tss@iki.fi> parents: 5363 diff changeset	64 as this user by finishing the master login. */
5845 9265c13c4103 Don't crash at exit if auth client was already freed. Timo Sirainen <tss@iki.fi> parents: 5632 diff changeset	65 if (auth_client != NULL)
9265c13c4103 Don't crash at exit if auth client was already freed. Timo Sirainen <tss@iki.fi> parents: 5632 diff changeset	66 auth_client_reconnect(auth_client);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	67 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	68 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	69
6411 6a64e64fa3a3 Renamed __attr___ to ATTR_. Renamed __attrs_used__ to ATTRS_DEFINED. Timo Sirainen <tss@iki.fi> parents: 5887 diff changeset	70 static void sig_die(int signo, void *context ATTR_UNUSED)
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	71 {
3620 3360cc019737 Implemented new signal handling framework, which makes handling signals much Timo Sirainen <tss@iki.fi> parents: 3607 diff changeset	72 /* warn about being killed because of some signal, except SIGINT (^C)
3360cc019737 Implemented new signal handling framework, which makes handling signals much Timo Sirainen <tss@iki.fi> parents: 3607 diff changeset	73 which is too common at least while testing :) */
3360cc019737 Implemented new signal handling framework, which makes handling signals much Timo Sirainen <tss@iki.fi> parents: 3607 diff changeset	74 if (signo != SIGINT)
3360cc019737 Implemented new signal handling framework, which makes handling signals much Timo Sirainen <tss@iki.fi> parents: 3607 diff changeset	75 i_warning("Killed with signal %d", signo);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	76 io_loop_stop(ioloop);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	77 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	78
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	79 static void login_accept(void *context)
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	80 {
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	81 int listen_fd = POINTER_CAST_TO(context, int);
4861 a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	82 struct ip_addr remote_ip, local_ip;
a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	83 unsigned int remote_port, local_port;
a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	84 struct client *client;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	85 int fd;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	86
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	87 fd = net_accept(listen_fd, &remote_ip, &remote_port);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	88 if (fd < 0) {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	89 if (fd < -1)
5358 a977ad033903 net_listen_unix() API changed a bit. -1 is now returned for errors that can Timo Sirainen <tss@iki.fi> parents: 5249 diff changeset	90 i_error("accept() failed: %m");
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	91 return;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	92 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	93
4861 a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	94 if (net_getsockname(fd, &local_ip, &local_port) < 0) {
2097 4e77cb0aff21 Added %l, %r and %P variables and mail_log_prefix setting. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	95 memset(&local_ip, 0, sizeof(local_ip));
4861 a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	96 local_port = 0;
a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	97 }
2097 4e77cb0aff21 Added %l, %r and %P variables and mail_log_prefix setting. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	98
4861 a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	99 client = client_create(fd, FALSE, &local_ip, &remote_ip);
a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	100 client->remote_port = remote_port;
a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	101 client->local_port = local_port;
4538 9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	102
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	103 if (process_per_connection) {
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	104 closing_down = TRUE;
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	105 main_listen_stop();
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	106 }
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	107 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	108
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	109 static void login_accept_ssl(void *context)
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	110 {
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	111 int listen_fd = POINTER_CAST_TO(context, int);
4861 a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	112 struct ip_addr remote_ip, local_ip;
a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	113 unsigned int remote_port, local_port;
2027 dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 2000 diff changeset	114 struct client *client;
dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 2000 diff changeset	115 struct ssl_proxy *proxy;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	116 int fd, fd_ssl;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	117
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	118 fd = net_accept(listen_fd, &remote_ip, &remote_port);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	119 if (fd < 0) {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	120 if (fd < -1)
5358 a977ad033903 net_listen_unix() API changed a bit. -1 is now returned for errors that can Timo Sirainen <tss@iki.fi> parents: 5249 diff changeset	121 i_error("accept() failed: %m");
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	122 return;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	123 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	124
4861 a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	125 if (net_getsockname(fd, &local_ip, &local_port) < 0) {
2097 4e77cb0aff21 Added %l, %r and %P variables and mail_log_prefix setting. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	126 memset(&local_ip, 0, sizeof(local_ip));
4861 a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	127 local_port = 0;
a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	128 }
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	129
4861 a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	130 fd_ssl = ssl_proxy_new(fd, &remote_ip, &proxy);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	131 if (fd_ssl == -1)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	132 net_disconnect(fd);
2027 dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 2000 diff changeset	133 else {
4861 a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	134 client = client_create(fd_ssl, TRUE, &local_ip, &remote_ip);
2027 dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 2000 diff changeset	135 client->proxy = proxy;
4861 a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	136 client->remote_port = remote_port;
a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	137 client->local_port = local_port;
2027 dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 2000 diff changeset	138 }
4538 9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	139
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	140 if (process_per_connection) {
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	141 closing_down = TRUE;
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	142 main_listen_stop();
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	143 }
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	144 }
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	145
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	146 void main_listen_start(void)
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	147 {
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	148 struct io *io;
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	149 unsigned int i, current_count;
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	150 int cur_fd;
4538 9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	151
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	152 if (listening)
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	153 return;
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	154 if (closing_down) {
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	155 /* typically happens only with
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	156 login_process_per_connection=yes after client logs in */
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	157 master_notify_state_change(LOGIN_STATE_FULL_LOGINS);
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	158 return;
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	159 }
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	160
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	161 current_count = ssl_proxy_get_count() + login_proxy_get_count();
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	162 if (current_count >= max_connections) {
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	163 /* can't accept any more connections until existing proxies
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	164 get destroyed */
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	165 return;
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	166 }
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	167
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	168 cur_fd = LOGIN_MASTER_SOCKET_FD + 1;
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	169 i_array_init(&listen_ios, listen_count + ssl_listen_count);
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	170 for (i = 0; i < listen_count; i++, cur_fd++) {
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	171 io = io_add(cur_fd, IO_READ, login_accept,
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	172 POINTER_CAST(cur_fd));
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	173 array_append(&listen_ios, &io, 1);
4538 9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	174 }
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	175 for (i = 0; i < ssl_listen_count; i++, cur_fd++) {
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	176 io = io_add(cur_fd, IO_READ, login_accept_ssl,
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	177 POINTER_CAST(cur_fd));
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	178 array_append(&listen_ios, &io, 1);
4538 9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	179 }
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	180 listening = TRUE;
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	181
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	182 /* the initial notification tells master that we're ok. if we die
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	183 before sending it, the master should shutdown itself. */
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	184 master_notify_state_change(LOGIN_STATE_LISTENING);
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	185 }
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	186
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	187 void main_listen_stop(void)
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	188 {
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	189 struct io **ios;
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	190 unsigned int i, count;
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	191 int cur_fd;
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	192
4538 9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	193 if (!listening)
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	194 return;
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	195
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	196 ios = array_get_modifiable(&listen_ios, &count);
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	197 for (i = 0; i < count; i++)
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	198 io_remove(&ios[i]);
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	199 array_free(&listen_ios);
4538 9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	200
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	201 if (closing_down) {
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	202 cur_fd = LOGIN_MASTER_SOCKET_FD + 1;
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	203 for (i = 0; i < count; i++, cur_fd++) {
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	204 if (close(cur_fd) < 0) {
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	205 i_fatal("close(listener %d) failed: %m",
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	206 cur_fd);
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	207 }
4538 9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	208 }
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	209 }
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	210
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	211 listening = FALSE;
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	212 if (io_loop_is_running(ioloop)) {
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	213 master_notify_state_change(clients_get_count() == 0 ?
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	214 LOGIN_STATE_FULL_LOGINS :
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	215 LOGIN_STATE_FULL_PRELOGINS);
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	216 }
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	217 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	218
4560 507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	219 void connection_queue_add(unsigned int connection_count)
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	220 {
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	221 unsigned int current_count;
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	222
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	223 if (process_per_connection)
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	224 return;
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	225
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	226 current_count = clients_get_count() + ssl_proxy_get_count() +
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	227 login_proxy_get_count();
8073 f27ecc07d93a login processes: Another try at setting the correct fd limit. Timo Sirainen <tss@iki.fi> parents: 8072 diff changeset	228 if (current_count + connection_count + 2 >= max_connections) {
4560 507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	229 /* after this client we've reached max users count,
8073 f27ecc07d93a login processes: Another try at setting the correct fd limit. Timo Sirainen <tss@iki.fi> parents: 8072 diff changeset	230 so stop listening for more. reserve +2 extra for SSL with
f27ecc07d93a login processes: Another try at setting the correct fd limit. Timo Sirainen <tss@iki.fi> parents: 8072 diff changeset	231 login proxy connections. */
4560 507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	232 main_listen_stop();
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	233
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	234 if (current_count >= max_connections) {
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	235 /* already reached max. users count, kill few of the
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	236 oldest connections.
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	237
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	238 this happens when we've maxed out the login process
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	239 count and master has told us to start listening for
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	240 new connections even though we're full. */
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	241 client_destroy_oldest();
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	242 }
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	243 }
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	244 }
507088c0d511 Fixes for handling near-full connection queues. Timo Sirainen <tss@iki.fi> parents: 4553 diff changeset	245
6411 6a64e64fa3a3 Renamed __attr___ to ATTR_. Renamed __attrs_used__ to ATTRS_DEFINED. Timo Sirainen <tss@iki.fi> parents: 5887 diff changeset	246 static void auth_connect_notify(struct auth_client *client ATTR_UNUSED,
6a64e64fa3a3 Renamed __attr___ to ATTR_. Renamed __attrs_used__ to ATTRS_DEFINED. Timo Sirainen <tss@iki.fi> parents: 5887 diff changeset	247 bool connected, void *context ATTR_UNUSED)
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1629 diff changeset	248 {
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1629 diff changeset	249 if (connected)
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1629 diff changeset	250 clients_notify_auth_connected();
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1629 diff changeset	251 }
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1629 diff changeset	252
3607 a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	253 static void drop_privileges(void)
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	254 {
7852 53604857c7d2 Change fd limit in login process after it's execed. This fixes OSes which Timo Sirainen <tss@iki.fi> parents: 7203 diff changeset	255 const char *value;
3607 a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	256
a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	257 if (!is_inetd)
a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	258 i_set_failure_internal();
a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	259 else {
a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	260 /* log to syslog */
7852 53604857c7d2 Change fd limit in login process after it's execed. This fixes OSes which Timo Sirainen <tss@iki.fi> parents: 7203 diff changeset	261 value = getenv("SYSLOG_FACILITY");
3724 d22c883021da Added syslog_facility setting to config file. Timo Sirainen <tss@iki.fi> parents: 3620 diff changeset	262 i_set_failure_syslog(process_name, LOG_NDELAY,
7852 53604857c7d2 Change fd limit in login process after it's execed. This fixes OSes which Timo Sirainen <tss@iki.fi> parents: 7203 diff changeset	263 value == NULL ? LOG_MAIL : atoi(value));
3607 a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	264
a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	265 /* if we don't chroot, we must chdir */
7852 53604857c7d2 Change fd limit in login process after it's execed. This fixes OSes which Timo Sirainen <tss@iki.fi> parents: 7203 diff changeset	266 value = getenv("LOGIN_DIR");
8620 9edf4a6e0cdb Always send LOGIN_DIR environment to login processes. Timo Sirainen <tss@iki.fi> parents: 8590 diff changeset	267 if (value == NULL)
9edf4a6e0cdb Always send LOGIN_DIR environment to login processes. Timo Sirainen <tss@iki.fi> parents: 8590 diff changeset	268 i_fatal("LOGIN_DIR environment missing");
9edf4a6e0cdb Always send LOGIN_DIR environment to login processes. Timo Sirainen <tss@iki.fi> parents: 8590 diff changeset	269 if (chdir(value) < 0)
9edf4a6e0cdb Always send LOGIN_DIR environment to login processes. Timo Sirainen <tss@iki.fi> parents: 8590 diff changeset	270 i_error("chdir(%s) failed: %m", value);
3607 a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	271 }
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	272
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	273 /* Initialize SSL proxy so it can read certificate and private
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	274 key file. */
2622 033d2fd1cd38 Replaced timestamp in APOP challenge with 128 bits of randomness. Timo Sirainen <tss@iki.fi> parents: 2235 diff changeset	275 random_init();
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	276 ssl_proxy_init();
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	277
7852 53604857c7d2 Change fd limit in login process after it's execed. This fixes OSes which Timo Sirainen <tss@iki.fi> parents: 7203 diff changeset	278 value = getenv("LISTEN_FDS");
53604857c7d2 Change fd limit in login process after it's execed. This fixes OSes which Timo Sirainen <tss@iki.fi> parents: 7203 diff changeset	279 listen_count = value == NULL ? 0 : atoi(value);
53604857c7d2 Change fd limit in login process after it's execed. This fixes OSes which Timo Sirainen <tss@iki.fi> parents: 7203 diff changeset	280 value = getenv("SSL_LISTEN_FDS");
53604857c7d2 Change fd limit in login process after it's execed. This fixes OSes which Timo Sirainen <tss@iki.fi> parents: 7203 diff changeset	281 ssl_listen_count = value == NULL ? 0 : atoi(value);
53604857c7d2 Change fd limit in login process after it's execed. This fixes OSes which Timo Sirainen <tss@iki.fi> parents: 7203 diff changeset	282 value = getenv("MAX_CONNECTIONS");
53604857c7d2 Change fd limit in login process after it's execed. This fixes OSes which Timo Sirainen <tss@iki.fi> parents: 7203 diff changeset	283 max_connections = value == NULL ? 1 : strtoul(value, NULL, 10);
53604857c7d2 Change fd limit in login process after it's execed. This fixes OSes which Timo Sirainen <tss@iki.fi> parents: 7203 diff changeset	284
53604857c7d2 Change fd limit in login process after it's execed. This fixes OSes which Timo Sirainen <tss@iki.fi> parents: 7203 diff changeset	285 /* set the number of fds we want to use. it may get increased or
8073 f27ecc07d93a login processes: Another try at setting the correct fd limit. Timo Sirainen <tss@iki.fi> parents: 8072 diff changeset	286 decreased. leave a couple of extra fds for auth sockets and such.
f27ecc07d93a login processes: Another try at setting the correct fd limit. Timo Sirainen <tss@iki.fi> parents: 8072 diff changeset	287 normal connections each use one fd, but SSL connections use two */
7852 53604857c7d2 Change fd limit in login process after it's execed. This fixes OSes which Timo Sirainen <tss@iki.fi> parents: 7203 diff changeset	288 restrict_fd_limit(LOGIN_MASTER_SOCKET_FD + 16 +
8073 f27ecc07d93a login processes: Another try at setting the correct fd limit. Timo Sirainen <tss@iki.fi> parents: 8072 diff changeset	289 listen_count + ssl_listen_count +
f27ecc07d93a login processes: Another try at setting the correct fd limit. Timo Sirainen <tss@iki.fi> parents: 8072 diff changeset	290 max_connections*2);
7852 53604857c7d2 Change fd limit in login process after it's execed. This fixes OSes which Timo Sirainen <tss@iki.fi> parents: 7203 diff changeset	291
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	292 /* Refuse to run as root - we should never need it and it's
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	293 dangerous with SSL. */
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7104 diff changeset	294 restrict_access_by_env(TRUE);
1629 5bc8a5c718ca Disable forking after setuid(), so Linux 2.6 is happy. Timo Sirainen <tss@iki.fi> parents: 1563 diff changeset	295
5bc8a5c718ca Disable forking after setuid(), so Linux 2.6 is happy. Timo Sirainen <tss@iki.fi> parents: 1563 diff changeset	296 /* make sure we can't fork() */
5bc8a5c718ca Disable forking after setuid(), so Linux 2.6 is happy. Timo Sirainen <tss@iki.fi> parents: 1563 diff changeset	297 restrict_process_size((unsigned int)-1, 1);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	298 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	299
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	300 static void main_init(void)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	301 {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	302 const char *value;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	303
4553 d1c0514754d5 Require that master's version number matches the child's, unless Timo Sirainen <tss@iki.fi> parents: 4540 diff changeset	304 value = getenv("DOVECOT_VERSION");
d1c0514754d5 Require that master's version number matches the child's, unless Timo Sirainen <tss@iki.fi> parents: 4540 diff changeset	305 if (value != NULL && strcmp(value, PACKAGE_VERSION) != 0) {
d1c0514754d5 Require that master's version number matches the child's, unless Timo Sirainen <tss@iki.fi> parents: 4540 diff changeset	306 i_fatal("Dovecot version mismatch: "
d1c0514754d5 Require that master's version number matches the child's, unless Timo Sirainen <tss@iki.fi> parents: 4540 diff changeset	307 "Master is v%s, login is v"PACKAGE_VERSION" "
d1c0514754d5 Require that master's version number matches the child's, unless Timo Sirainen <tss@iki.fi> parents: 4540 diff changeset	308 "(if you don't care, set version_ignore=yes)", value);
d1c0514754d5 Require that master's version number matches the child's, unless Timo Sirainen <tss@iki.fi> parents: 4540 diff changeset	309 }
d1c0514754d5 Require that master's version number matches the child's, unless Timo Sirainen <tss@iki.fi> parents: 4540 diff changeset	310
3620 3360cc019737 Implemented new signal handling framework, which makes handling signals much Timo Sirainen <tss@iki.fi> parents: 3607 diff changeset	311 lib_signals_init();
3360cc019737 Implemented new signal handling framework, which makes handling signals much Timo Sirainen <tss@iki.fi> parents: 3607 diff changeset	312 lib_signals_set_handler(SIGINT, TRUE, sig_die, NULL);
3360cc019737 Implemented new signal handling framework, which makes handling signals much Timo Sirainen <tss@iki.fi> parents: 3607 diff changeset	313 lib_signals_set_handler(SIGTERM, TRUE, sig_die, NULL);
4903 204d7edc7cdc Added context parameter type safety checks for most callback APIs. Timo Sirainen <tss@iki.fi> parents: 4861 diff changeset	314 lib_signals_ignore(SIGPIPE, TRUE);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	315
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	316 disable_plaintext_auth = getenv("DISABLE_PLAINTEXT_AUTH") != NULL;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	317 process_per_connection = getenv("PROCESS_PER_CONNECTION") != NULL;
1235 2660b47fd9bc Added setting verbose_ssl Timo Sirainen <tss@iki.fi> parents: 1230 diff changeset	318 verbose_proctitle = getenv("VERBOSE_PROCTITLE") != NULL;
2660b47fd9bc Added setting verbose_ssl Timo Sirainen <tss@iki.fi> parents: 1230 diff changeset	319 verbose_ssl = getenv("VERBOSE_SSL") != NULL;
2691 46f879c46b45 auth_verbose now affects imap/pop3 login processes too. Every authentication Timo Sirainen <tss@iki.fi> parents: 2679 diff changeset	320 verbose_auth = getenv("VERBOSE_AUTH") != NULL;
8331 8fb20b423f8b Login processes: If auth_debug=yes, log about received unknown passdb extra fields. Timo Sirainen <tss@iki.fi> parents: 8302 diff changeset	321 auth_debug = getenv("AUTH_DEBUG") != NULL;
8302 0db37acdc59f Login process: Log auth failure reasons better in disconnect message. Timo Sirainen <tss@iki.fi> parents: 8088 diff changeset	322 ssl_require_client_cert = getenv("SSL_REQUIRE_CLIENT_CERT") != NULL;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	323
2674 857f5f7b512b Added login_greeting and login_greeting_capability settings. Timo Sirainen <tss@iki.fi> parents: 2622 diff changeset	324 greeting = getenv("GREETING");
857f5f7b512b Added login_greeting and login_greeting_capability settings. Timo Sirainen <tss@iki.fi> parents: 2622 diff changeset	325 if (greeting == NULL)
857f5f7b512b Added login_greeting and login_greeting_capability settings. Timo Sirainen <tss@iki.fi> parents: 2622 diff changeset	326 greeting = PACKAGE" ready.";
857f5f7b512b Added login_greeting and login_greeting_capability settings. Timo Sirainen <tss@iki.fi> parents: 2622 diff changeset	327
3384 3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3126 diff changeset	328 value = getenv("LOG_FORMAT_ELEMENTS");
3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3126 diff changeset	329 if (value == NULL)
3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3126 diff changeset	330 value = "user=<%u> method=%m rip=%r lip=%l %c : %$";
3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3126 diff changeset	331 log_format_elements = t_strsplit(value, " ");
3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3126 diff changeset	332
3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3126 diff changeset	333 log_format = getenv("LOG_FORMAT");
3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3126 diff changeset	334 if (log_format == NULL)
3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3126 diff changeset	335 log_format = "%$: %s";
3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3126 diff changeset	336
7920 3644883cf44e Support transferring original IPs and ports through IMAP proxies. Timo Sirainen <tss@iki.fi> parents: 7852 diff changeset	337 trusted_networks = getenv("TRUSTED_NETWORKS");
3644883cf44e Support transferring original IPs and ports through IMAP proxies. Timo Sirainen <tss@iki.fi> parents: 7852 diff changeset	338
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	339 value = getenv("PROCESS_UID");
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	340 if (value == NULL)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	341 i_fatal("BUG: PROCESS_UID environment not given");
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	342 login_process_uid = strtoul(value, NULL, 10);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	343 if (login_process_uid == 0)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	344 i_fatal("BUG: PROCESS_UID environment is 0");
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	345
4197 c3ded5b815aa If we have plugins set and imap_capability unset, figure out the IMAP Timo Sirainen <tss@iki.fi> parents: 3960 diff changeset	346 /* capability default is set in imap/pop3-login */
c3ded5b815aa If we have plugins set and imap_capability unset, figure out the IMAP Timo Sirainen <tss@iki.fi> parents: 3960 diff changeset	347 value = getenv("CAPABILITY_STRING");
c3ded5b815aa If we have plugins set and imap_capability unset, figure out the IMAP Timo Sirainen <tss@iki.fi> parents: 3960 diff changeset	348 if (value != NULL && *value != '\0')
c3ded5b815aa If we have plugins set and imap_capability unset, figure out the IMAP Timo Sirainen <tss@iki.fi> parents: 3960 diff changeset	349 capability_string = value;
c3ded5b815aa If we have plugins set and imap_capability unset, figure out the IMAP Timo Sirainen <tss@iki.fi> parents: 3960 diff changeset	350
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	351 closing_down = FALSE;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	352 main_refcount = 0;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	353
3607 a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	354 auth_client = auth_client_new(login_process_uid);
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1629 diff changeset	355 auth_client_set_connect_notify(auth_client, auth_connect_notify, NULL);
7137 c33c87781ab4 Added clients_init() and clients_deinit() back (for Managesieve). Timo Sirainen <tss@iki.fi> parents: 7109 diff changeset	356 clients_init();
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	357
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	358 if (!ssl_initialized && ssl_listen_count > 0) {
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	359 /* this shouldn't happen, master should have
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	360 disabled the ssl socket.. */
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	361 i_fatal("BUG: SSL initialization parameters not given "
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	362 "while they should have been");
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	363 }
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	364
1273 2cf2e08a6ee9 Somewhat working code to support loading Dovecot from inetd and such. It Timo Sirainen <tss@iki.fi> parents: 1235 diff changeset	365 if (!is_inetd) {
4538 9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	366 master_init(LOGIN_MASTER_SOCKET_FD);
9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	367 main_listen_start();
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	368 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	369 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	370
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	371 static void main_deinit(void)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	372 {
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	373 closing_down = TRUE;
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	374 main_listen_stop();
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	375
1230 e6d2b8c78519 Keep list of the SSL proxies, so they're deinitialized properly if we have Timo Sirainen <tss@iki.fi> parents: 1134 diff changeset	376 ssl_proxy_deinit();
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2691 diff changeset	377 login_proxy_deinit();
1230 e6d2b8c78519 Keep list of the SSL proxies, so they're deinitialized properly if we have Timo Sirainen <tss@iki.fi> parents: 1134 diff changeset	378
4986 5088f394fa72 Don't keep a connection open to dovecot-auth when we're only proxying. Timo Sirainen <tss@iki.fi> parents: 4903 diff changeset	379 if (auth_client != NULL)
5088f394fa72 Don't keep a connection open to dovecot-auth when we're only proxying. Timo Sirainen <tss@iki.fi> parents: 4903 diff changeset	380 auth_client_free(&auth_client);
7137 c33c87781ab4 Added clients_init() and clients_deinit() back (for Managesieve). Timo Sirainen <tss@iki.fi> parents: 7109 diff changeset	381 clients_deinit();
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	382 master_deinit();
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	383
3620 3360cc019737 Implemented new signal handling framework, which makes handling signals much Timo Sirainen <tss@iki.fi> parents: 3607 diff changeset	384 lib_signals_deinit();
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	385 closelog();
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	386 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	387
6411 6a64e64fa3a3 Renamed __attr___ to ATTR_. Renamed __attrs_used__ to ATTRS_DEFINED. Timo Sirainen <tss@iki.fi> parents: 5887 diff changeset	388 int main(int argc ATTR_UNUSED, char argv[], char envp[])
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	389 {
5089 18559c7e3a15 Cleanups and minor fixes Timo Sirainen <tss@iki.fi> parents: 4987 diff changeset	390 const char *group_name;
4861 a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	391 struct ip_addr remote_ip, local_ip;
a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	392 unsigned int remote_port, local_port;
2027 dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 2000 diff changeset	393 struct ssl_proxy *proxy = NULL;
dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 2000 diff changeset	394 struct client *client;
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3724 diff changeset	395 int i, fd = -1, master_fd = -1;
55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3724 diff changeset	396 bool ssl = FALSE;
1273 2cf2e08a6ee9 Somewhat working code to support loading Dovecot from inetd and such. It Timo Sirainen <tss@iki.fi> parents: 1235 diff changeset	397
2cf2e08a6ee9 Somewhat working code to support loading Dovecot from inetd and such. It Timo Sirainen <tss@iki.fi> parents: 1235 diff changeset	398 is_inetd = getenv("DOVECOT_MASTER") == NULL;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	399
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	400 #ifdef DEBUG
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	401 if (!is_inetd && getenv("GDB") == NULL) {
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	402 const char *env;
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	403
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	404 i = LOGIN_MASTER_SOCKET_FD + 1;
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	405 env = getenv("LISTEN_FDS");
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	406 if (env != NULL) i += atoi(env);
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	407 env = getenv("SSL_LISTEN_FDS");
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	408 if (env != NULL) i += atoi(env);
3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	409
8088 14a061acbb7b Master process leaked one fd to login process. Typically it was listener fd, Timo Sirainen <tss@iki.fi> parents: 8073 diff changeset	410 fd_debug_verify_leaks(i, 1024);
5887 3f2eb1b9c555 Support listening multiple sockets. SIGHUP also doesn't anymore recreate Timo Sirainen <tss@iki.fi> parents: 5845 diff changeset	411 }
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	412 #endif
5360 4d358f3b7e3a Set login process's default_pool to system_clean_pool. Changed some Timo Sirainen <tss@iki.fi> parents: 5358 diff changeset	413 /* clear all allocated memory before freeing it. this makes the login
4d358f3b7e3a Set login process's default_pool to system_clean_pool. Changed some Timo Sirainen <tss@iki.fi> parents: 5358 diff changeset	414 processes pretty safe to reuse for new connections since the
4d358f3b7e3a Set login process's default_pool to system_clean_pool. Changed some Timo Sirainen <tss@iki.fi> parents: 5358 diff changeset	415 attacker won't be able to find anything interesting from the
4d358f3b7e3a Set login process's default_pool to system_clean_pool. Changed some Timo Sirainen <tss@iki.fi> parents: 5358 diff changeset	416 memory. */
4d358f3b7e3a Set login process's default_pool to system_clean_pool. Changed some Timo Sirainen <tss@iki.fi> parents: 5358 diff changeset	417 default_pool = system_clean_pool;
5363 235433e7d9c2 Enable data_stack_set_clean_after_pop() for login processes Timo Sirainen <tss@iki.fi> parents: 5360 diff changeset	418 data_stack_set_clean_after_pop(TRUE);
5360 4d358f3b7e3a Set login process's default_pool to system_clean_pool. Changed some Timo Sirainen <tss@iki.fi> parents: 5358 diff changeset	419
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	420 /* NOTE: we start rooted, so keep the code minimal until
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	421 restrict_access_by_env() is called */
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	422 lib_init();
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	423
1273 2cf2e08a6ee9 Somewhat working code to support loading Dovecot from inetd and such. It Timo Sirainen <tss@iki.fi> parents: 1235 diff changeset	424 if (is_inetd) {
2cf2e08a6ee9 Somewhat working code to support loading Dovecot from inetd and such. It Timo Sirainen <tss@iki.fi> parents: 1235 diff changeset	425 /* running from inetd. create master process before
1275 af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	426 dropping privileges. */
3607 a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	427 process_name = strrchr(argv[0], '/');
a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	428 process_name = process_name == NULL ? argv[0] : process_name+1;
a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	429 group_name = t_strcut(process_name, '-');
1275 af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	430
af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	431 for (i = 1; i < argc; i++) {
af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	432 if (strncmp(argv[i], "--group=", 8) == 0) {
af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	433 group_name = argv[1]+8;
af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	434 break;
af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	435 }
af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	436 }
af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	437
af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	438 master_fd = master_connect(group_name);
1273 2cf2e08a6ee9 Somewhat working code to support loading Dovecot from inetd and such. It Timo Sirainen <tss@iki.fi> parents: 1235 diff changeset	439 }
2cf2e08a6ee9 Somewhat working code to support loading Dovecot from inetd and such. It Timo Sirainen <tss@iki.fi> parents: 1235 diff changeset	440
2000 c7c19f5071c3 Write all logging through master process. Fixes problems with log rotation, Timo Sirainen <tss@iki.fi> parents: 1705 diff changeset	441 drop_privileges();
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	442
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	443 process_title_init(argv, envp);
5249 784dc7224718 Removed pool parameter from io_loop_create() Timo Sirainen <tss@iki.fi> parents: 5089 diff changeset	444 ioloop = io_loop_create();
1275 af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	445 main_init();
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	446
1273 2cf2e08a6ee9 Somewhat working code to support loading Dovecot from inetd and such. It Timo Sirainen <tss@iki.fi> parents: 1235 diff changeset	447 if (is_inetd) {
4861 a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	448 if (net_getpeername(1, &remote_ip, &remote_port) < 0) {
1273 2cf2e08a6ee9 Somewhat working code to support loading Dovecot from inetd and such. It Timo Sirainen <tss@iki.fi> parents: 1235 diff changeset	449 i_fatal("%s can be started only through dovecot "
7203 0269d0c563ea equilevant -> equivalent Timo Sirainen <tss@iki.fi> parents: 7137 diff changeset	450 "master process, inetd or equivalent", argv[0]);
1273 2cf2e08a6ee9 Somewhat working code to support loading Dovecot from inetd and such. It Timo Sirainen <tss@iki.fi> parents: 1235 diff changeset	451 }
3607 a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	452 if (net_getsockname(1, &local_ip, &local_port) < 0) {
2097 4e77cb0aff21 Added %l, %r and %P variables and mail_log_prefix setting. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	453 memset(&local_ip, 0, sizeof(local_ip));
3607 a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	454 local_port = 0;
a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	455 }
1273 2cf2e08a6ee9 Somewhat working code to support loading Dovecot from inetd and such. It Timo Sirainen <tss@iki.fi> parents: 1235 diff changeset	456
1275 af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	457 fd = 1;
af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	458 for (i = 1; i < argc; i++) {
3607 a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	459 if (strcmp(argv[i], "--ssl") == 0)
3126 4868d061794c inetd startup wasn't working. Patch by Magnus Holmgren. Timo Sirainen <tss@iki.fi> parents: 2768 diff changeset	460 ssl = TRUE;
3607 a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	461 else if (strncmp(argv[i], "--group=", 8) != 0)
1275 af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	462 i_fatal("Unknown parameter: %s", argv[i]);
af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	463 }
af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	464
3607 a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	465 /* hardcoded imaps and pop3s ports to be SSL by default */
a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	466 if (local_port == 993 \|\| local_port == 995 \|\| ssl) {
a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	467 ssl = TRUE;
4861 a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	468 fd = ssl_proxy_new(fd, &remote_ip, &proxy);
3607 a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	469 if (fd == -1)
a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	470 return 1;
a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	471 }
a2dd3d895e00 Several fixes to make running from inetd working again Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	472
4538 9d9e72374164 Fixes to login process handling, especially with Timo Sirainen <tss@iki.fi> parents: 4253 diff changeset	473 master_init(master_fd);
1281 043b71a06568 We didn't work at all in non-inetd mode. Also fix crash when quitting. Timo Sirainen <tss@iki.fi> parents: 1275 diff changeset	474 closing_down = TRUE;
1273 2cf2e08a6ee9 Somewhat working code to support loading Dovecot from inetd and such. It Timo Sirainen <tss@iki.fi> parents: 1235 diff changeset	475
2097 4e77cb0aff21 Added %l, %r and %P variables and mail_log_prefix setting. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	476 if (fd != -1) {
4861 a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	477 client = client_create(fd, ssl, &local_ip, &remote_ip);
2097 4e77cb0aff21 Added %l, %r and %P variables and mail_log_prefix setting. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	478 client->proxy = proxy;
4861 a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	479 client->remote_port = remote_port;
a688269c0dd4 Added %a=local port and %b=remote port variables for Timo Sirainen <tss@iki.fi> parents: 4560 diff changeset	480 client->local_port = local_port;
2097 4e77cb0aff21 Added %l, %r and %P variables and mail_log_prefix setting. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	481 }
2027 dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 2000 diff changeset	482 }
1273 2cf2e08a6ee9 Somewhat working code to support loading Dovecot from inetd and such. It Timo Sirainen <tss@iki.fi> parents: 1235 diff changeset	483
1275 af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	484 io_loop_run(ioloop);
af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1273 diff changeset	485 main_deinit();
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	486
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	487 io_loop_destroy(&ioloop);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	488 lib_deinit();
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	489
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	490 return 0;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	491 }

Mercurial > dovecot > original-hg > dovecot-1.2

annotate src/login-common/main.c @ 8620:9edf4a6e0cdb HEAD