Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/login-common/main.c @ 8620:9edf4a6e0cdb HEAD
Always send LOGIN_DIR environment to login processes.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Tue, 13 Jan 2009 13:12:21 -0500 |
parents | b9faf4db2a9f |
children | e85c7cb22ad7 |
rev | line source |
---|---|
8590
b9faf4db2a9f
Updated copyright notices to include year 2009.
Timo Sirainen <tss@iki.fi>
parents:
8331
diff
changeset
|
1 /* Copyright (c) 2002-2009 Dovecot authors, see the included COPYING file */ |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
3 #include "common.h" |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 #include "ioloop.h" |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
5 #include "array.h" |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
6 #include "lib-signals.h" |
2622
033d2fd1cd38
Replaced timestamp in APOP challenge with 128 bits of randomness.
Timo Sirainen <tss@iki.fi>
parents:
2235
diff
changeset
|
7 #include "randgen.h" |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 #include "restrict-access.h" |
1398
b2a2edafdd91
Moved setting process limit after exec().
Timo Sirainen <tss@iki.fi>
parents:
1281
diff
changeset
|
9 #include "restrict-process-size.h" |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
10 #include "process-title.h" |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
11 #include "fd-close-on-exec.h" |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
12 #include "master.h" |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
13 #include "client-common.h" |
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
1629
diff
changeset
|
14 #include "auth-client.h" |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
15 #include "ssl-proxy.h" |
2768
d344be0bb70f
Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
2691
diff
changeset
|
16 #include "login-proxy.h" |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
17 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
18 #include <stdlib.h> |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
19 #include <unistd.h> |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
20 #include <syslog.h> |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
21 |
7922
4b4d2a4423ec
Removed login_greeting_capability setting. Instead now a minimal pre-login
Timo Sirainen <tss@iki.fi>
parents:
7920
diff
changeset
|
22 bool disable_plaintext_auth, process_per_connection; |
8331
8fb20b423f8b
Login processes: If auth_debug=yes, log about received unknown passdb extra fields.
Timo Sirainen <tss@iki.fi>
parents:
8302
diff
changeset
|
23 bool verbose_proctitle, verbose_ssl, verbose_auth, auth_debug; |
8302
0db37acdc59f
Login process: Log auth failure reasons better in disconnect message.
Timo Sirainen <tss@iki.fi>
parents:
8088
diff
changeset
|
24 bool ssl_require_client_cert; |
3384
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3126
diff
changeset
|
25 const char *greeting, *log_format; |
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3126
diff
changeset
|
26 const char *const *log_format_elements; |
7920
3644883cf44e
Support transferring original IPs and ports through IMAP proxies.
Timo Sirainen <tss@iki.fi>
parents:
7852
diff
changeset
|
27 const char *trusted_networks; |
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
28 unsigned int max_connections; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
29 unsigned int login_process_uid; |
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
1629
diff
changeset
|
30 struct auth_client *auth_client; |
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
31 bool closing_down; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
32 |
3607
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
33 static const char *process_name; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
34 static struct ioloop *ioloop; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
35 static int main_refcount; |
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
36 static bool is_inetd, listening; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
37 |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
38 static ARRAY_DEFINE(listen_ios, struct io *); |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
39 static unsigned int listen_count, ssl_listen_count; |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
40 |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
41 void main_ref(void) |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
42 { |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
43 main_refcount++; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
44 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
45 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
46 void main_unref(void) |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
47 { |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
48 if (--main_refcount == 0) { |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
49 /* nothing to do, quit */ |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
50 io_loop_stop(ioloop); |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
51 } else if (closing_down && clients_get_count() == 0) { |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
52 /* last login finished, close all communications |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
53 to master process */ |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
54 master_close(); |
4986
5088f394fa72
Don't keep a connection open to dovecot-auth when we're only proxying.
Timo Sirainen <tss@iki.fi>
parents:
4903
diff
changeset
|
55 /* we might still be proxying. close the connection to |
5088f394fa72
Don't keep a connection open to dovecot-auth when we're only proxying.
Timo Sirainen <tss@iki.fi>
parents:
4903
diff
changeset
|
56 dovecot-auth, since it's not needed anymore. */ |
4987 | 57 if (auth_client != NULL) |
58 auth_client_free(&auth_client); | |
5364
8e2d0438d4ac
Call auth_client_reconnect() when the last client has disconnected to make
Timo Sirainen <tss@iki.fi>
parents:
5363
diff
changeset
|
59 } else if (clients_get_count() == 0) { |
8e2d0438d4ac
Call auth_client_reconnect() when the last client has disconnected to make
Timo Sirainen <tss@iki.fi>
parents:
5363
diff
changeset
|
60 /* make sure we clear all the memory used by the |
8e2d0438d4ac
Call auth_client_reconnect() when the last client has disconnected to make
Timo Sirainen <tss@iki.fi>
parents:
5363
diff
changeset
|
61 authentication connections. also this makes sure that if |
8e2d0438d4ac
Call auth_client_reconnect() when the last client has disconnected to make
Timo Sirainen <tss@iki.fi>
parents:
5363
diff
changeset
|
62 this connection's authentication was finished but the master |
8e2d0438d4ac
Call auth_client_reconnect() when the last client has disconnected to make
Timo Sirainen <tss@iki.fi>
parents:
5363
diff
changeset
|
63 login wasn't, the next connection won't be able to log in |
8e2d0438d4ac
Call auth_client_reconnect() when the last client has disconnected to make
Timo Sirainen <tss@iki.fi>
parents:
5363
diff
changeset
|
64 as this user by finishing the master login. */ |
5845
9265c13c4103
Don't crash at exit if auth client was already freed.
Timo Sirainen <tss@iki.fi>
parents:
5632
diff
changeset
|
65 if (auth_client != NULL) |
9265c13c4103
Don't crash at exit if auth client was already freed.
Timo Sirainen <tss@iki.fi>
parents:
5632
diff
changeset
|
66 auth_client_reconnect(auth_client); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
67 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
68 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
69 |
6411
6a64e64fa3a3
Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents:
5887
diff
changeset
|
70 static void sig_die(int signo, void *context ATTR_UNUSED) |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
71 { |
3620
3360cc019737
Implemented new signal handling framework, which makes handling signals much
Timo Sirainen <tss@iki.fi>
parents:
3607
diff
changeset
|
72 /* warn about being killed because of some signal, except SIGINT (^C) |
3360cc019737
Implemented new signal handling framework, which makes handling signals much
Timo Sirainen <tss@iki.fi>
parents:
3607
diff
changeset
|
73 which is too common at least while testing :) */ |
3360cc019737
Implemented new signal handling framework, which makes handling signals much
Timo Sirainen <tss@iki.fi>
parents:
3607
diff
changeset
|
74 if (signo != SIGINT) |
3360cc019737
Implemented new signal handling framework, which makes handling signals much
Timo Sirainen <tss@iki.fi>
parents:
3607
diff
changeset
|
75 i_warning("Killed with signal %d", signo); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
76 io_loop_stop(ioloop); |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
77 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
78 |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
79 static void login_accept(void *context) |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
80 { |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
81 int listen_fd = POINTER_CAST_TO(context, int); |
4861
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
82 struct ip_addr remote_ip, local_ip; |
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
83 unsigned int remote_port, local_port; |
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
84 struct client *client; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
85 int fd; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
86 |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
87 fd = net_accept(listen_fd, &remote_ip, &remote_port); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
88 if (fd < 0) { |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
89 if (fd < -1) |
5358
a977ad033903
net_listen_unix() API changed a bit. -1 is now returned for errors that can
Timo Sirainen <tss@iki.fi>
parents:
5249
diff
changeset
|
90 i_error("accept() failed: %m"); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
91 return; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
92 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
93 |
4861
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
94 if (net_getsockname(fd, &local_ip, &local_port) < 0) { |
2097
4e77cb0aff21
Added %l, %r and %P variables and mail_log_prefix setting.
Timo Sirainen <tss@iki.fi>
parents:
2027
diff
changeset
|
95 memset(&local_ip, 0, sizeof(local_ip)); |
4861
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
96 local_port = 0; |
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
97 } |
2097
4e77cb0aff21
Added %l, %r and %P variables and mail_log_prefix setting.
Timo Sirainen <tss@iki.fi>
parents:
2027
diff
changeset
|
98 |
4861
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
99 client = client_create(fd, FALSE, &local_ip, &remote_ip); |
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
100 client->remote_port = remote_port; |
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
101 client->local_port = local_port; |
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
102 |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
103 if (process_per_connection) { |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
104 closing_down = TRUE; |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
105 main_listen_stop(); |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
106 } |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
107 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
108 |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
109 static void login_accept_ssl(void *context) |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
110 { |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
111 int listen_fd = POINTER_CAST_TO(context, int); |
4861
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
112 struct ip_addr remote_ip, local_ip; |
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
113 unsigned int remote_port, local_port; |
2027
dc5d0da1abe9
Added ssl_require_client_cert auth-specific setting. Hide
Timo Sirainen <tss@iki.fi>
parents:
2000
diff
changeset
|
114 struct client *client; |
dc5d0da1abe9
Added ssl_require_client_cert auth-specific setting. Hide
Timo Sirainen <tss@iki.fi>
parents:
2000
diff
changeset
|
115 struct ssl_proxy *proxy; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
116 int fd, fd_ssl; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
117 |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
118 fd = net_accept(listen_fd, &remote_ip, &remote_port); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
119 if (fd < 0) { |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
120 if (fd < -1) |
5358
a977ad033903
net_listen_unix() API changed a bit. -1 is now returned for errors that can
Timo Sirainen <tss@iki.fi>
parents:
5249
diff
changeset
|
121 i_error("accept() failed: %m"); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
122 return; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
123 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
124 |
4861
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
125 if (net_getsockname(fd, &local_ip, &local_port) < 0) { |
2097
4e77cb0aff21
Added %l, %r and %P variables and mail_log_prefix setting.
Timo Sirainen <tss@iki.fi>
parents:
2027
diff
changeset
|
126 memset(&local_ip, 0, sizeof(local_ip)); |
4861
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
127 local_port = 0; |
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
128 } |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
129 |
4861
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
130 fd_ssl = ssl_proxy_new(fd, &remote_ip, &proxy); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
131 if (fd_ssl == -1) |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
132 net_disconnect(fd); |
2027
dc5d0da1abe9
Added ssl_require_client_cert auth-specific setting. Hide
Timo Sirainen <tss@iki.fi>
parents:
2000
diff
changeset
|
133 else { |
4861
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
134 client = client_create(fd_ssl, TRUE, &local_ip, &remote_ip); |
2027
dc5d0da1abe9
Added ssl_require_client_cert auth-specific setting. Hide
Timo Sirainen <tss@iki.fi>
parents:
2000
diff
changeset
|
135 client->proxy = proxy; |
4861
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
136 client->remote_port = remote_port; |
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
137 client->local_port = local_port; |
2027
dc5d0da1abe9
Added ssl_require_client_cert auth-specific setting. Hide
Timo Sirainen <tss@iki.fi>
parents:
2000
diff
changeset
|
138 } |
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
139 |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
140 if (process_per_connection) { |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
141 closing_down = TRUE; |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
142 main_listen_stop(); |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
143 } |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
144 } |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
145 |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
146 void main_listen_start(void) |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
147 { |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
148 struct io *io; |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
149 unsigned int i, current_count; |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
150 int cur_fd; |
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
151 |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
152 if (listening) |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
153 return; |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
154 if (closing_down) { |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
155 /* typically happens only with |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
156 login_process_per_connection=yes after client logs in */ |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
157 master_notify_state_change(LOGIN_STATE_FULL_LOGINS); |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
158 return; |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
159 } |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
160 |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
161 current_count = ssl_proxy_get_count() + login_proxy_get_count(); |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
162 if (current_count >= max_connections) { |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
163 /* can't accept any more connections until existing proxies |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
164 get destroyed */ |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
165 return; |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
166 } |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
167 |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
168 cur_fd = LOGIN_MASTER_SOCKET_FD + 1; |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
169 i_array_init(&listen_ios, listen_count + ssl_listen_count); |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
170 for (i = 0; i < listen_count; i++, cur_fd++) { |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
171 io = io_add(cur_fd, IO_READ, login_accept, |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
172 POINTER_CAST(cur_fd)); |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
173 array_append(&listen_ios, &io, 1); |
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
174 } |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
175 for (i = 0; i < ssl_listen_count; i++, cur_fd++) { |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
176 io = io_add(cur_fd, IO_READ, login_accept_ssl, |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
177 POINTER_CAST(cur_fd)); |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
178 array_append(&listen_ios, &io, 1); |
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
179 } |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
180 listening = TRUE; |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
181 |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
182 /* the initial notification tells master that we're ok. if we die |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
183 before sending it, the master should shutdown itself. */ |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
184 master_notify_state_change(LOGIN_STATE_LISTENING); |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
185 } |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
186 |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
187 void main_listen_stop(void) |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
188 { |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
189 struct io **ios; |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
190 unsigned int i, count; |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
191 int cur_fd; |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
192 |
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
193 if (!listening) |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
194 return; |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
195 |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
196 ios = array_get_modifiable(&listen_ios, &count); |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
197 for (i = 0; i < count; i++) |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
198 io_remove(&ios[i]); |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
199 array_free(&listen_ios); |
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
200 |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
201 if (closing_down) { |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
202 cur_fd = LOGIN_MASTER_SOCKET_FD + 1; |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
203 for (i = 0; i < count; i++, cur_fd++) { |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
204 if (close(cur_fd) < 0) { |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
205 i_fatal("close(listener %d) failed: %m", |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
206 cur_fd); |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
207 } |
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
208 } |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
209 } |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
210 |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
211 listening = FALSE; |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
212 if (io_loop_is_running(ioloop)) { |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
213 master_notify_state_change(clients_get_count() == 0 ? |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
214 LOGIN_STATE_FULL_LOGINS : |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
215 LOGIN_STATE_FULL_PRELOGINS); |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
216 } |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
217 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
218 |
4560
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
219 void connection_queue_add(unsigned int connection_count) |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
220 { |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
221 unsigned int current_count; |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
222 |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
223 if (process_per_connection) |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
224 return; |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
225 |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
226 current_count = clients_get_count() + ssl_proxy_get_count() + |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
227 login_proxy_get_count(); |
8073
f27ecc07d93a
login processes: Another try at setting the correct fd limit.
Timo Sirainen <tss@iki.fi>
parents:
8072
diff
changeset
|
228 if (current_count + connection_count + 2 >= max_connections) { |
4560
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
229 /* after this client we've reached max users count, |
8073
f27ecc07d93a
login processes: Another try at setting the correct fd limit.
Timo Sirainen <tss@iki.fi>
parents:
8072
diff
changeset
|
230 so stop listening for more. reserve +2 extra for SSL with |
f27ecc07d93a
login processes: Another try at setting the correct fd limit.
Timo Sirainen <tss@iki.fi>
parents:
8072
diff
changeset
|
231 login proxy connections. */ |
4560
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
232 main_listen_stop(); |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
233 |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
234 if (current_count >= max_connections) { |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
235 /* already reached max. users count, kill few of the |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
236 oldest connections. |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
237 |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
238 this happens when we've maxed out the login process |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
239 count and master has told us to start listening for |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
240 new connections even though we're full. */ |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
241 client_destroy_oldest(); |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
242 } |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
243 } |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
244 } |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
245 |
6411
6a64e64fa3a3
Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents:
5887
diff
changeset
|
246 static void auth_connect_notify(struct auth_client *client ATTR_UNUSED, |
6a64e64fa3a3
Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents:
5887
diff
changeset
|
247 bool connected, void *context ATTR_UNUSED) |
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
1629
diff
changeset
|
248 { |
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
1629
diff
changeset
|
249 if (connected) |
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
1629
diff
changeset
|
250 clients_notify_auth_connected(); |
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
1629
diff
changeset
|
251 } |
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
1629
diff
changeset
|
252 |
3607
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
253 static void drop_privileges(void) |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
254 { |
7852
53604857c7d2
Change fd limit in login process after it's execed. This fixes OSes which
Timo Sirainen <tss@iki.fi>
parents:
7203
diff
changeset
|
255 const char *value; |
3607
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
256 |
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
257 if (!is_inetd) |
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
258 i_set_failure_internal(); |
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
259 else { |
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
260 /* log to syslog */ |
7852
53604857c7d2
Change fd limit in login process after it's execed. This fixes OSes which
Timo Sirainen <tss@iki.fi>
parents:
7203
diff
changeset
|
261 value = getenv("SYSLOG_FACILITY"); |
3724
d22c883021da
Added syslog_facility setting to config file.
Timo Sirainen <tss@iki.fi>
parents:
3620
diff
changeset
|
262 i_set_failure_syslog(process_name, LOG_NDELAY, |
7852
53604857c7d2
Change fd limit in login process after it's execed. This fixes OSes which
Timo Sirainen <tss@iki.fi>
parents:
7203
diff
changeset
|
263 value == NULL ? LOG_MAIL : atoi(value)); |
3607
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
264 |
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
265 /* if we don't chroot, we must chdir */ |
7852
53604857c7d2
Change fd limit in login process after it's execed. This fixes OSes which
Timo Sirainen <tss@iki.fi>
parents:
7203
diff
changeset
|
266 value = getenv("LOGIN_DIR"); |
8620
9edf4a6e0cdb
Always send LOGIN_DIR environment to login processes.
Timo Sirainen <tss@iki.fi>
parents:
8590
diff
changeset
|
267 if (value == NULL) |
9edf4a6e0cdb
Always send LOGIN_DIR environment to login processes.
Timo Sirainen <tss@iki.fi>
parents:
8590
diff
changeset
|
268 i_fatal("LOGIN_DIR environment missing"); |
9edf4a6e0cdb
Always send LOGIN_DIR environment to login processes.
Timo Sirainen <tss@iki.fi>
parents:
8590
diff
changeset
|
269 if (chdir(value) < 0) |
9edf4a6e0cdb
Always send LOGIN_DIR environment to login processes.
Timo Sirainen <tss@iki.fi>
parents:
8590
diff
changeset
|
270 i_error("chdir(%s) failed: %m", value); |
3607
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
271 } |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
272 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
273 /* Initialize SSL proxy so it can read certificate and private |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
274 key file. */ |
2622
033d2fd1cd38
Replaced timestamp in APOP challenge with 128 bits of randomness.
Timo Sirainen <tss@iki.fi>
parents:
2235
diff
changeset
|
275 random_init(); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
276 ssl_proxy_init(); |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
277 |
7852
53604857c7d2
Change fd limit in login process after it's execed. This fixes OSes which
Timo Sirainen <tss@iki.fi>
parents:
7203
diff
changeset
|
278 value = getenv("LISTEN_FDS"); |
53604857c7d2
Change fd limit in login process after it's execed. This fixes OSes which
Timo Sirainen <tss@iki.fi>
parents:
7203
diff
changeset
|
279 listen_count = value == NULL ? 0 : atoi(value); |
53604857c7d2
Change fd limit in login process after it's execed. This fixes OSes which
Timo Sirainen <tss@iki.fi>
parents:
7203
diff
changeset
|
280 value = getenv("SSL_LISTEN_FDS"); |
53604857c7d2
Change fd limit in login process after it's execed. This fixes OSes which
Timo Sirainen <tss@iki.fi>
parents:
7203
diff
changeset
|
281 ssl_listen_count = value == NULL ? 0 : atoi(value); |
53604857c7d2
Change fd limit in login process after it's execed. This fixes OSes which
Timo Sirainen <tss@iki.fi>
parents:
7203
diff
changeset
|
282 value = getenv("MAX_CONNECTIONS"); |
53604857c7d2
Change fd limit in login process after it's execed. This fixes OSes which
Timo Sirainen <tss@iki.fi>
parents:
7203
diff
changeset
|
283 max_connections = value == NULL ? 1 : strtoul(value, NULL, 10); |
53604857c7d2
Change fd limit in login process after it's execed. This fixes OSes which
Timo Sirainen <tss@iki.fi>
parents:
7203
diff
changeset
|
284 |
53604857c7d2
Change fd limit in login process after it's execed. This fixes OSes which
Timo Sirainen <tss@iki.fi>
parents:
7203
diff
changeset
|
285 /* set the number of fds we want to use. it may get increased or |
8073
f27ecc07d93a
login processes: Another try at setting the correct fd limit.
Timo Sirainen <tss@iki.fi>
parents:
8072
diff
changeset
|
286 decreased. leave a couple of extra fds for auth sockets and such. |
f27ecc07d93a
login processes: Another try at setting the correct fd limit.
Timo Sirainen <tss@iki.fi>
parents:
8072
diff
changeset
|
287 normal connections each use one fd, but SSL connections use two */ |
7852
53604857c7d2
Change fd limit in login process after it's execed. This fixes OSes which
Timo Sirainen <tss@iki.fi>
parents:
7203
diff
changeset
|
288 restrict_fd_limit(LOGIN_MASTER_SOCKET_FD + 16 + |
8073
f27ecc07d93a
login processes: Another try at setting the correct fd limit.
Timo Sirainen <tss@iki.fi>
parents:
8072
diff
changeset
|
289 listen_count + ssl_listen_count + |
f27ecc07d93a
login processes: Another try at setting the correct fd limit.
Timo Sirainen <tss@iki.fi>
parents:
8072
diff
changeset
|
290 max_connections*2); |
7852
53604857c7d2
Change fd limit in login process after it's execed. This fixes OSes which
Timo Sirainen <tss@iki.fi>
parents:
7203
diff
changeset
|
291 |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
292 /* Refuse to run as root - we should never need it and it's |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
293 dangerous with SSL. */ |
7109
e6823d781317
Reverted "environment array" changes. It broke overriding imap/pop3 settings
Timo Sirainen <tss@iki.fi>
parents:
7104
diff
changeset
|
294 restrict_access_by_env(TRUE); |
1629
5bc8a5c718ca
Disable forking after setuid(), so Linux 2.6 is happy.
Timo Sirainen <tss@iki.fi>
parents:
1563
diff
changeset
|
295 |
5bc8a5c718ca
Disable forking after setuid(), so Linux 2.6 is happy.
Timo Sirainen <tss@iki.fi>
parents:
1563
diff
changeset
|
296 /* make sure we can't fork() */ |
5bc8a5c718ca
Disable forking after setuid(), so Linux 2.6 is happy.
Timo Sirainen <tss@iki.fi>
parents:
1563
diff
changeset
|
297 restrict_process_size((unsigned int)-1, 1); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
298 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
299 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
300 static void main_init(void) |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
301 { |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
302 const char *value; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
303 |
4553
d1c0514754d5
Require that master's version number matches the child's, unless
Timo Sirainen <tss@iki.fi>
parents:
4540
diff
changeset
|
304 value = getenv("DOVECOT_VERSION"); |
d1c0514754d5
Require that master's version number matches the child's, unless
Timo Sirainen <tss@iki.fi>
parents:
4540
diff
changeset
|
305 if (value != NULL && strcmp(value, PACKAGE_VERSION) != 0) { |
d1c0514754d5
Require that master's version number matches the child's, unless
Timo Sirainen <tss@iki.fi>
parents:
4540
diff
changeset
|
306 i_fatal("Dovecot version mismatch: " |
d1c0514754d5
Require that master's version number matches the child's, unless
Timo Sirainen <tss@iki.fi>
parents:
4540
diff
changeset
|
307 "Master is v%s, login is v"PACKAGE_VERSION" " |
d1c0514754d5
Require that master's version number matches the child's, unless
Timo Sirainen <tss@iki.fi>
parents:
4540
diff
changeset
|
308 "(if you don't care, set version_ignore=yes)", value); |
d1c0514754d5
Require that master's version number matches the child's, unless
Timo Sirainen <tss@iki.fi>
parents:
4540
diff
changeset
|
309 } |
d1c0514754d5
Require that master's version number matches the child's, unless
Timo Sirainen <tss@iki.fi>
parents:
4540
diff
changeset
|
310 |
3620
3360cc019737
Implemented new signal handling framework, which makes handling signals much
Timo Sirainen <tss@iki.fi>
parents:
3607
diff
changeset
|
311 lib_signals_init(); |
3360cc019737
Implemented new signal handling framework, which makes handling signals much
Timo Sirainen <tss@iki.fi>
parents:
3607
diff
changeset
|
312 lib_signals_set_handler(SIGINT, TRUE, sig_die, NULL); |
3360cc019737
Implemented new signal handling framework, which makes handling signals much
Timo Sirainen <tss@iki.fi>
parents:
3607
diff
changeset
|
313 lib_signals_set_handler(SIGTERM, TRUE, sig_die, NULL); |
4903
204d7edc7cdc
Added context parameter type safety checks for most callback APIs.
Timo Sirainen <tss@iki.fi>
parents:
4861
diff
changeset
|
314 lib_signals_ignore(SIGPIPE, TRUE); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
315 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
316 disable_plaintext_auth = getenv("DISABLE_PLAINTEXT_AUTH") != NULL; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
317 process_per_connection = getenv("PROCESS_PER_CONNECTION") != NULL; |
1235 | 318 verbose_proctitle = getenv("VERBOSE_PROCTITLE") != NULL; |
319 verbose_ssl = getenv("VERBOSE_SSL") != NULL; | |
2691
46f879c46b45
auth_verbose now affects imap/pop3 login processes too. Every authentication
Timo Sirainen <tss@iki.fi>
parents:
2679
diff
changeset
|
320 verbose_auth = getenv("VERBOSE_AUTH") != NULL; |
8331
8fb20b423f8b
Login processes: If auth_debug=yes, log about received unknown passdb extra fields.
Timo Sirainen <tss@iki.fi>
parents:
8302
diff
changeset
|
321 auth_debug = getenv("AUTH_DEBUG") != NULL; |
8302
0db37acdc59f
Login process: Log auth failure reasons better in disconnect message.
Timo Sirainen <tss@iki.fi>
parents:
8088
diff
changeset
|
322 ssl_require_client_cert = getenv("SSL_REQUIRE_CLIENT_CERT") != NULL; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
323 |
2674
857f5f7b512b
Added login_greeting and login_greeting_capability settings.
Timo Sirainen <tss@iki.fi>
parents:
2622
diff
changeset
|
324 greeting = getenv("GREETING"); |
857f5f7b512b
Added login_greeting and login_greeting_capability settings.
Timo Sirainen <tss@iki.fi>
parents:
2622
diff
changeset
|
325 if (greeting == NULL) |
857f5f7b512b
Added login_greeting and login_greeting_capability settings.
Timo Sirainen <tss@iki.fi>
parents:
2622
diff
changeset
|
326 greeting = PACKAGE" ready."; |
857f5f7b512b
Added login_greeting and login_greeting_capability settings.
Timo Sirainen <tss@iki.fi>
parents:
2622
diff
changeset
|
327 |
3384
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3126
diff
changeset
|
328 value = getenv("LOG_FORMAT_ELEMENTS"); |
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3126
diff
changeset
|
329 if (value == NULL) |
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3126
diff
changeset
|
330 value = "user=<%u> method=%m rip=%r lip=%l %c : %$"; |
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3126
diff
changeset
|
331 log_format_elements = t_strsplit(value, " "); |
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3126
diff
changeset
|
332 |
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3126
diff
changeset
|
333 log_format = getenv("LOG_FORMAT"); |
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3126
diff
changeset
|
334 if (log_format == NULL) |
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3126
diff
changeset
|
335 log_format = "%$: %s"; |
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3126
diff
changeset
|
336 |
7920
3644883cf44e
Support transferring original IPs and ports through IMAP proxies.
Timo Sirainen <tss@iki.fi>
parents:
7852
diff
changeset
|
337 trusted_networks = getenv("TRUSTED_NETWORKS"); |
3644883cf44e
Support transferring original IPs and ports through IMAP proxies.
Timo Sirainen <tss@iki.fi>
parents:
7852
diff
changeset
|
338 |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
339 value = getenv("PROCESS_UID"); |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
340 if (value == NULL) |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
341 i_fatal("BUG: PROCESS_UID environment not given"); |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
342 login_process_uid = strtoul(value, NULL, 10); |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
343 if (login_process_uid == 0) |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
344 i_fatal("BUG: PROCESS_UID environment is 0"); |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
345 |
4197
c3ded5b815aa
If we have plugins set and imap_capability unset, figure out the IMAP
Timo Sirainen <tss@iki.fi>
parents:
3960
diff
changeset
|
346 /* capability default is set in imap/pop3-login */ |
c3ded5b815aa
If we have plugins set and imap_capability unset, figure out the IMAP
Timo Sirainen <tss@iki.fi>
parents:
3960
diff
changeset
|
347 value = getenv("CAPABILITY_STRING"); |
c3ded5b815aa
If we have plugins set and imap_capability unset, figure out the IMAP
Timo Sirainen <tss@iki.fi>
parents:
3960
diff
changeset
|
348 if (value != NULL && *value != '\0') |
c3ded5b815aa
If we have plugins set and imap_capability unset, figure out the IMAP
Timo Sirainen <tss@iki.fi>
parents:
3960
diff
changeset
|
349 capability_string = value; |
c3ded5b815aa
If we have plugins set and imap_capability unset, figure out the IMAP
Timo Sirainen <tss@iki.fi>
parents:
3960
diff
changeset
|
350 |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
351 closing_down = FALSE; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
352 main_refcount = 0; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
353 |
3607
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
354 auth_client = auth_client_new(login_process_uid); |
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
1629
diff
changeset
|
355 auth_client_set_connect_notify(auth_client, auth_connect_notify, NULL); |
7137
c33c87781ab4
Added clients_init() and clients_deinit() back (for Managesieve).
Timo Sirainen <tss@iki.fi>
parents:
7109
diff
changeset
|
356 clients_init(); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
357 |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
358 if (!ssl_initialized && ssl_listen_count > 0) { |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
359 /* this shouldn't happen, master should have |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
360 disabled the ssl socket.. */ |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
361 i_fatal("BUG: SSL initialization parameters not given " |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
362 "while they should have been"); |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
363 } |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
364 |
1273
2cf2e08a6ee9
Somewhat working code to support loading Dovecot from inetd and such. It
Timo Sirainen <tss@iki.fi>
parents:
1235
diff
changeset
|
365 if (!is_inetd) { |
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
366 master_init(LOGIN_MASTER_SOCKET_FD); |
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
367 main_listen_start(); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
368 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
369 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
370 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
371 static void main_deinit(void) |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
372 { |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
373 closing_down = TRUE; |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
374 main_listen_stop(); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
375 |
1230
e6d2b8c78519
Keep list of the SSL proxies, so they're deinitialized properly if we have
Timo Sirainen <tss@iki.fi>
parents:
1134
diff
changeset
|
376 ssl_proxy_deinit(); |
2768
d344be0bb70f
Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
2691
diff
changeset
|
377 login_proxy_deinit(); |
1230
e6d2b8c78519
Keep list of the SSL proxies, so they're deinitialized properly if we have
Timo Sirainen <tss@iki.fi>
parents:
1134
diff
changeset
|
378 |
4986
5088f394fa72
Don't keep a connection open to dovecot-auth when we're only proxying.
Timo Sirainen <tss@iki.fi>
parents:
4903
diff
changeset
|
379 if (auth_client != NULL) |
5088f394fa72
Don't keep a connection open to dovecot-auth when we're only proxying.
Timo Sirainen <tss@iki.fi>
parents:
4903
diff
changeset
|
380 auth_client_free(&auth_client); |
7137
c33c87781ab4
Added clients_init() and clients_deinit() back (for Managesieve).
Timo Sirainen <tss@iki.fi>
parents:
7109
diff
changeset
|
381 clients_deinit(); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
382 master_deinit(); |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
383 |
3620
3360cc019737
Implemented new signal handling framework, which makes handling signals much
Timo Sirainen <tss@iki.fi>
parents:
3607
diff
changeset
|
384 lib_signals_deinit(); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
385 closelog(); |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
386 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
387 |
6411
6a64e64fa3a3
Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents:
5887
diff
changeset
|
388 int main(int argc ATTR_UNUSED, char *argv[], char *envp[]) |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
389 { |
5089 | 390 const char *group_name; |
4861
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
391 struct ip_addr remote_ip, local_ip; |
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
392 unsigned int remote_port, local_port; |
2027
dc5d0da1abe9
Added ssl_require_client_cert auth-specific setting. Hide
Timo Sirainen <tss@iki.fi>
parents:
2000
diff
changeset
|
393 struct ssl_proxy *proxy = NULL; |
dc5d0da1abe9
Added ssl_require_client_cert auth-specific setting. Hide
Timo Sirainen <tss@iki.fi>
parents:
2000
diff
changeset
|
394 struct client *client; |
3863
55df57c028d4
Added "bool" type and changed all ints that were used as booleans to bool.
Timo Sirainen <tss@iki.fi>
parents:
3724
diff
changeset
|
395 int i, fd = -1, master_fd = -1; |
55df57c028d4
Added "bool" type and changed all ints that were used as booleans to bool.
Timo Sirainen <tss@iki.fi>
parents:
3724
diff
changeset
|
396 bool ssl = FALSE; |
1273
2cf2e08a6ee9
Somewhat working code to support loading Dovecot from inetd and such. It
Timo Sirainen <tss@iki.fi>
parents:
1235
diff
changeset
|
397 |
2cf2e08a6ee9
Somewhat working code to support loading Dovecot from inetd and such. It
Timo Sirainen <tss@iki.fi>
parents:
1235
diff
changeset
|
398 is_inetd = getenv("DOVECOT_MASTER") == NULL; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
399 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
400 #ifdef DEBUG |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
401 if (!is_inetd && getenv("GDB") == NULL) { |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
402 const char *env; |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
403 |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
404 i = LOGIN_MASTER_SOCKET_FD + 1; |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
405 env = getenv("LISTEN_FDS"); |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
406 if (env != NULL) i += atoi(env); |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
407 env = getenv("SSL_LISTEN_FDS"); |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
408 if (env != NULL) i += atoi(env); |
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
409 |
8088
14a061acbb7b
Master process leaked one fd to login process. Typically it was listener fd,
Timo Sirainen <tss@iki.fi>
parents:
8073
diff
changeset
|
410 fd_debug_verify_leaks(i, 1024); |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
411 } |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
412 #endif |
5360
4d358f3b7e3a
Set login process's default_pool to system_clean_pool. Changed some
Timo Sirainen <tss@iki.fi>
parents:
5358
diff
changeset
|
413 /* clear all allocated memory before freeing it. this makes the login |
4d358f3b7e3a
Set login process's default_pool to system_clean_pool. Changed some
Timo Sirainen <tss@iki.fi>
parents:
5358
diff
changeset
|
414 processes pretty safe to reuse for new connections since the |
4d358f3b7e3a
Set login process's default_pool to system_clean_pool. Changed some
Timo Sirainen <tss@iki.fi>
parents:
5358
diff
changeset
|
415 attacker won't be able to find anything interesting from the |
4d358f3b7e3a
Set login process's default_pool to system_clean_pool. Changed some
Timo Sirainen <tss@iki.fi>
parents:
5358
diff
changeset
|
416 memory. */ |
4d358f3b7e3a
Set login process's default_pool to system_clean_pool. Changed some
Timo Sirainen <tss@iki.fi>
parents:
5358
diff
changeset
|
417 default_pool = system_clean_pool; |
5363
235433e7d9c2
Enable data_stack_set_clean_after_pop() for login processes
Timo Sirainen <tss@iki.fi>
parents:
5360
diff
changeset
|
418 data_stack_set_clean_after_pop(TRUE); |
5360
4d358f3b7e3a
Set login process's default_pool to system_clean_pool. Changed some
Timo Sirainen <tss@iki.fi>
parents:
5358
diff
changeset
|
419 |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
420 /* NOTE: we start rooted, so keep the code minimal until |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
421 restrict_access_by_env() is called */ |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
422 lib_init(); |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
423 |
1273
2cf2e08a6ee9
Somewhat working code to support loading Dovecot from inetd and such. It
Timo Sirainen <tss@iki.fi>
parents:
1235
diff
changeset
|
424 if (is_inetd) { |
2cf2e08a6ee9
Somewhat working code to support loading Dovecot from inetd and such. It
Timo Sirainen <tss@iki.fi>
parents:
1235
diff
changeset
|
425 /* running from inetd. create master process before |
1275
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
426 dropping privileges. */ |
3607
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
427 process_name = strrchr(argv[0], '/'); |
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
428 process_name = process_name == NULL ? argv[0] : process_name+1; |
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
429 group_name = t_strcut(process_name, '-'); |
1275
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
430 |
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
431 for (i = 1; i < argc; i++) { |
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
432 if (strncmp(argv[i], "--group=", 8) == 0) { |
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
433 group_name = argv[1]+8; |
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
434 break; |
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
435 } |
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
436 } |
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
437 |
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
438 master_fd = master_connect(group_name); |
1273
2cf2e08a6ee9
Somewhat working code to support loading Dovecot from inetd and such. It
Timo Sirainen <tss@iki.fi>
parents:
1235
diff
changeset
|
439 } |
2cf2e08a6ee9
Somewhat working code to support loading Dovecot from inetd and such. It
Timo Sirainen <tss@iki.fi>
parents:
1235
diff
changeset
|
440 |
2000
c7c19f5071c3
Write all logging through master process. Fixes problems with log rotation,
Timo Sirainen <tss@iki.fi>
parents:
1705
diff
changeset
|
441 drop_privileges(); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
442 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
443 process_title_init(argv, envp); |
5249
784dc7224718
Removed pool parameter from io_loop_create()
Timo Sirainen <tss@iki.fi>
parents:
5089
diff
changeset
|
444 ioloop = io_loop_create(); |
1275
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
445 main_init(); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
446 |
1273
2cf2e08a6ee9
Somewhat working code to support loading Dovecot from inetd and such. It
Timo Sirainen <tss@iki.fi>
parents:
1235
diff
changeset
|
447 if (is_inetd) { |
4861
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
448 if (net_getpeername(1, &remote_ip, &remote_port) < 0) { |
1273
2cf2e08a6ee9
Somewhat working code to support loading Dovecot from inetd and such. It
Timo Sirainen <tss@iki.fi>
parents:
1235
diff
changeset
|
449 i_fatal("%s can be started only through dovecot " |
7203 | 450 "master process, inetd or equivalent", argv[0]); |
1273
2cf2e08a6ee9
Somewhat working code to support loading Dovecot from inetd and such. It
Timo Sirainen <tss@iki.fi>
parents:
1235
diff
changeset
|
451 } |
3607
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
452 if (net_getsockname(1, &local_ip, &local_port) < 0) { |
2097
4e77cb0aff21
Added %l, %r and %P variables and mail_log_prefix setting.
Timo Sirainen <tss@iki.fi>
parents:
2027
diff
changeset
|
453 memset(&local_ip, 0, sizeof(local_ip)); |
3607
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
454 local_port = 0; |
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
455 } |
1273
2cf2e08a6ee9
Somewhat working code to support loading Dovecot from inetd and such. It
Timo Sirainen <tss@iki.fi>
parents:
1235
diff
changeset
|
456 |
1275
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
457 fd = 1; |
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
458 for (i = 1; i < argc; i++) { |
3607
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
459 if (strcmp(argv[i], "--ssl") == 0) |
3126
4868d061794c
inetd startup wasn't working. Patch by Magnus Holmgren.
Timo Sirainen <tss@iki.fi>
parents:
2768
diff
changeset
|
460 ssl = TRUE; |
3607
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
461 else if (strncmp(argv[i], "--group=", 8) != 0) |
1275
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
462 i_fatal("Unknown parameter: %s", argv[i]); |
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
463 } |
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
464 |
3607
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
465 /* hardcoded imaps and pop3s ports to be SSL by default */ |
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
466 if (local_port == 993 || local_port == 995 || ssl) { |
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
467 ssl = TRUE; |
4861
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
468 fd = ssl_proxy_new(fd, &remote_ip, &proxy); |
3607
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
469 if (fd == -1) |
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
470 return 1; |
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
471 } |
a2dd3d895e00
Several fixes to make running from inetd working again
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
472 |
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
473 master_init(master_fd); |
1281
043b71a06568
We didn't work at all in non-inetd mode. Also fix crash when quitting.
Timo Sirainen <tss@iki.fi>
parents:
1275
diff
changeset
|
474 closing_down = TRUE; |
1273
2cf2e08a6ee9
Somewhat working code to support loading Dovecot from inetd and such. It
Timo Sirainen <tss@iki.fi>
parents:
1235
diff
changeset
|
475 |
2097
4e77cb0aff21
Added %l, %r and %P variables and mail_log_prefix setting.
Timo Sirainen <tss@iki.fi>
parents:
2027
diff
changeset
|
476 if (fd != -1) { |
4861
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
477 client = client_create(fd, ssl, &local_ip, &remote_ip); |
2097
4e77cb0aff21
Added %l, %r and %P variables and mail_log_prefix setting.
Timo Sirainen <tss@iki.fi>
parents:
2027
diff
changeset
|
478 client->proxy = proxy; |
4861
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
479 client->remote_port = remote_port; |
a688269c0dd4
Added %a=local port and %b=remote port variables for
Timo Sirainen <tss@iki.fi>
parents:
4560
diff
changeset
|
480 client->local_port = local_port; |
2097
4e77cb0aff21
Added %l, %r and %P variables and mail_log_prefix setting.
Timo Sirainen <tss@iki.fi>
parents:
2027
diff
changeset
|
481 } |
2027
dc5d0da1abe9
Added ssl_require_client_cert auth-specific setting. Hide
Timo Sirainen <tss@iki.fi>
parents:
2000
diff
changeset
|
482 } |
1273
2cf2e08a6ee9
Somewhat working code to support loading Dovecot from inetd and such. It
Timo Sirainen <tss@iki.fi>
parents:
1235
diff
changeset
|
483 |
1275
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
484 io_loop_run(ioloop); |
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
485 main_deinit(); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
486 |
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
487 io_loop_destroy(&ioloop); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
488 lib_deinit(); |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
489 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
490 return 0; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
491 } |