Mercurial > dovecot > original-hg > dovecot-1.2

annotate src/master/login-process.c @ 764:f57c52738f90 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Renamed IBuffer and OBuffer to IStream and OStream which describes their functionality better. I tried to keep the variable names and comments also sensible.
author Timo Sirainen <tss@iki.fi>
date Fri, 06 Dec 2002 03:09:22 +0200
parents db6fb0aa16d1
children 6efced4f80de
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
1 /* Copyright (C) 2002 Timo Sirainen */
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
2
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
3 #include "common.h"
532
3b53dd1280c6 I/O buffers now use real blocking instead of setting up a sub-ioloop to
Timo Sirainen <tss@iki.fi>
parents: 410
diff changeset
4 #include "ioloop.h"
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
5 #include "network.h"
764
f57c52738f90 Renamed IBuffer and OBuffer to IStream and OStream which describes their
Timo Sirainen <tss@iki.fi>
parents: 747
diff changeset
6 #include "ostream.h"
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
7 #include "fdpass.h"
727
8dd8ebe6bcac We use close-on-exec flag now to make sure that master process closes the
Timo Sirainen <tss@iki.fi>
parents: 722
diff changeset
8 #include "fd-close-on-exec.h"
697
7814b29d0862 Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents: 666
diff changeset
9 #include "env-util.h"
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
10 #include "restrict-access.h"
722
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents: 699
diff changeset
11 #include "restrict-process-size.h"
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
12 #include "login-process.h"
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
13 #include "auth-process.h"
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
14 #include "master-interface.h"
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
15
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
16 #include <unistd.h>
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
17 #include <syslog.h>
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
18
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
19 typedef struct _LoginProcess LoginProcess;
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
20
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
21 struct _LoginProcess {
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
22 LoginProcess *prev_nonlisten, *next_nonlisten;
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
23 int refcount;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
24
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
25 pid_t pid;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
26 int fd;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
27 IO io;
764
f57c52738f90 Renamed IBuffer and OBuffer to IStream and OStream which describes their
Timo Sirainen <tss@iki.fi>
parents: 747
diff changeset
28 OStream *output;
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
29 unsigned int listening:1;
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
30 unsigned int destroyed:1;
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
31 };
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
32
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
33 typedef struct {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
34 LoginProcess *process;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
35 int login_id;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
36 int auth_id;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
37 int fd;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
38
596
ab3590c3a7d9 Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents: 532
diff changeset
39 IPADDR ip;
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
40 char login_tag[LOGIN_TAG_SIZE];
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
41 } LoginAuthRequest;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
42
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
43 static int auth_id_counter;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
44 static Timeout to;
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
45
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
46 static HashTable *processes;
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
47 static LoginProcess *oldest_nonlisten_process, *newest_nonlisten_process;
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
48 static unsigned int listening_processes;
614
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
49 static unsigned int wanted_processes_count;
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
50
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
51 static void login_process_destroy(LoginProcess *p);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
52 static void login_process_unref(LoginProcess *p);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
53
10
82b7de533f98 s/user_data/context/ and some s/Data/Context/
Timo Sirainen <tss@iki.fi>
parents: 0
diff changeset
54 static void auth_callback(AuthCookieReplyData *cookie_reply, void *context)
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
55 {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
56 const char *env[] = {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
57 "MAIL", NULL,
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
58 "LOGIN_TAG", NULL,
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
59 NULL
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
60 };
10
82b7de533f98 s/user_data/context/ and some s/Data/Context/
Timo Sirainen <tss@iki.fi>
parents: 0
diff changeset
61 LoginAuthRequest *request = context;
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
62 LoginProcess *process;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
63 MasterReply reply;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
64
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
65 env[1] = cookie_reply->mail;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
66 env[3] = request->login_tag;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
67
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
68 if (cookie_reply == NULL || !cookie_reply->success)
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
69 reply.result = MASTER_RESULT_FAILURE;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
70 else {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
71 reply.result = create_imap_process(request->fd,
596
ab3590c3a7d9 Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents: 532
diff changeset
72 &request->ip,
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
73 cookie_reply->user,
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
74 cookie_reply->uid,
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
75 cookie_reply->gid,
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
76 cookie_reply->home,
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
77 cookie_reply->chroot, env);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
78 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
79
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
80 /* reply to login */
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
81 reply.id = request->login_id;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
82
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
83 process = request->process;
764
f57c52738f90 Renamed IBuffer and OBuffer to IStream and OStream which describes their
Timo Sirainen <tss@iki.fi>
parents: 747
diff changeset
84 if (o_stream_send(process->output, &reply, sizeof(reply)) < 0)
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
85 login_process_destroy(process);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
86
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
87 (void)close(request->fd);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
88 login_process_unref(process);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
89 i_free(request);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
90 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
91
699
cc795d74d08f Use more warnings with GCC by default. Fixed several warnings.
Timo Sirainen <tss@iki.fi>
parents: 697
diff changeset
92 static void login_process_mark_nonlistening(LoginProcess *p)
614
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
93 {
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
94 if (!p->listening) {
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
95 i_error("login: received another \"not listening\" "
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
96 "notification");
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
97 return;
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
98 }
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
99
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
100 p->listening = FALSE;
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
101 listening_processes--;
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
102
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
103 p->prev_nonlisten = newest_nonlisten_process;
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
104
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
105 if (newest_nonlisten_process != NULL)
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
106 newest_nonlisten_process->next_nonlisten = p;
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
107 newest_nonlisten_process = p;
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
108
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
109 if (oldest_nonlisten_process == NULL)
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
110 oldest_nonlisten_process = p;
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
111 }
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
112
10
82b7de533f98 s/user_data/context/ and some s/Data/Context/
Timo Sirainen <tss@iki.fi>
parents: 0
diff changeset
113 static void login_process_input(void *context, int fd __attr_unused__,
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
114 IO io __attr_unused__)
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
115 {
10
82b7de533f98 s/user_data/context/ and some s/Data/Context/
Timo Sirainen <tss@iki.fi>
parents: 0
diff changeset
116 LoginProcess *p = context;
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
117 AuthProcess *auth_process;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
118 LoginAuthRequest *authreq;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
119 MasterRequest req;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
120 int client_fd, ret;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
121
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
122 ret = fd_read(p->fd, &req, sizeof(req), &client_fd);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
123 if (ret != sizeof(req)) {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
124 if (ret == 0) {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
125 /* disconnected, ie. the login process died */
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
126 } else if (ret > 0) {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
127 /* req wasn't fully read */
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
128 i_error("login: fd_read() couldn't read all req");
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
129 } else {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
130 i_error("login: fd_read() failed: %m");
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
131 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
132
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
133 login_process_destroy(p);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
134 return;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
135 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
136
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
137 if (client_fd == -1) {
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
138 /* just a notification that the login process isn't
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
139 listening for new connections anymore */
614
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
140 login_process_mark_nonlistening(p);
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
141 return;
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
142 }
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
143
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
144 /* login process isn't trusted, validate all data to make sure
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
145 it's not trying to exploit us */
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
146 if (!VALIDATE_STR(req.login_tag)) {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
147 i_error("login: Received corrupted data");
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
148 login_process_destroy(p);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
149 return;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
150 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
151
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
152 /* ask the cookie from the auth process */
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
153 authreq = i_new(LoginAuthRequest, 1);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
154 p->refcount++;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
155 authreq->process = p;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
156 authreq->login_id = req.id;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
157 authreq->auth_id = ++auth_id_counter;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
158 authreq->fd = client_fd;
596
ab3590c3a7d9 Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents: 532
diff changeset
159 memcpy(&authreq->ip, &req.ip, sizeof(IPADDR));
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
160 strcpy(authreq->login_tag, req.login_tag);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
161
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
162 auth_process = auth_process_find(req.auth_process);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
163 if (auth_process == NULL) {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
164 i_error("login: Authentication process %u doesn't exist",
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
165 req.auth_process);
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
166 auth_callback(NULL, authreq);
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
167 } else {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
168 auth_process_request(auth_process, authreq->auth_id, req.cookie,
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
169 auth_callback, authreq);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
170 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
171 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
172
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
173 static LoginProcess *login_process_new(pid_t pid, int fd)
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
174 {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
175 LoginProcess *p;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
176
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
177 PID_ADD_PROCESS_TYPE(pid, PROCESS_TYPE_LOGIN);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
178
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
179 p = i_new(LoginProcess, 1);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
180 p->refcount = 1;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
181 p->pid = pid;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
182 p->fd = fd;
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
183 p->listening = TRUE;
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
184 p->io = io_add(fd, IO_READ, login_process_input, p);
764
f57c52738f90 Renamed IBuffer and OBuffer to IStream and OStream which describes their
Timo Sirainen <tss@iki.fi>
parents: 747
diff changeset
185 p->output = o_stream_create_file(fd, default_pool,
410
1f0e7229ee58 Split IOBuffer into mmaped IBuffer, file IBuffer, memory data IBuffer and
Timo Sirainen <tss@iki.fi>
parents: 364
diff changeset
186 sizeof(MasterReply)*10,
1f0e7229ee58 Split IOBuffer into mmaped IBuffer, file IBuffer, memory data IBuffer and
Timo Sirainen <tss@iki.fi>
parents: 364
diff changeset
187 IO_PRIORITY_DEFAULT, FALSE);
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
188
195
db6e288be0e9 Replaced INT_TO_POINTER and POINTER_TO_INT macros with POINTER_CAST and
Timo Sirainen <tss@iki.fi>
parents: 10
diff changeset
189 hash_insert(processes, POINTER_CAST(pid), p);
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
190 listening_processes++;
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
191 return p;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
192 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
193
699
cc795d74d08f Use more warnings with GCC by default. Fixed several warnings.
Timo Sirainen <tss@iki.fi>
parents: 697
diff changeset
194 static void login_process_remove_from_lists(LoginProcess *p)
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
195 {
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
196 if (p == oldest_nonlisten_process)
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
197 oldest_nonlisten_process = p->next_nonlisten;
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
198 else
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
199 p->prev_nonlisten->next_nonlisten = p->next_nonlisten;
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
200
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
201 if (p == newest_nonlisten_process)
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
202 newest_nonlisten_process = p->prev_nonlisten;
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
203 else
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
204 p->next_nonlisten->prev_nonlisten = p->prev_nonlisten;
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
205
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
206 p->next_nonlisten = p->prev_nonlisten = NULL;
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
207 }
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
208
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
209 static void login_process_destroy(LoginProcess *p)
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
210 {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
211 if (p->destroyed)
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
212 return;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
213 p->destroyed = TRUE;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
214
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
215 if (p->listening)
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
216 listening_processes--;
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
217
764
f57c52738f90 Renamed IBuffer and OBuffer to IStream and OStream which describes their
Timo Sirainen <tss@iki.fi>
parents: 747
diff changeset
218 o_stream_close(p->output);
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
219 io_remove(p->io);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
220 (void)close(p->fd);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
221
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
222 if (!p->listening)
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
223 login_process_remove_from_lists(p);
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
224
195
db6e288be0e9 Replaced INT_TO_POINTER and POINTER_TO_INT macros with POINTER_CAST and
Timo Sirainen <tss@iki.fi>
parents: 10
diff changeset
225 hash_remove(processes, POINTER_CAST(p->pid));
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
226
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
227 login_process_unref(p);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
228 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
229
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
230 static void login_process_unref(LoginProcess *p)
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
231 {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
232 if (--p->refcount > 0)
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
233 return;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
234
764
f57c52738f90 Renamed IBuffer and OBuffer to IStream and OStream which describes their
Timo Sirainen <tss@iki.fi>
parents: 747
diff changeset
235 o_stream_unref(p->output);
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
236 i_free(p);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
237 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
238
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
239 static pid_t create_login_process(void)
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
240 {
699
cc795d74d08f Use more warnings with GCC by default. Fixed several warnings.
Timo Sirainen <tss@iki.fi>
parents: 697
diff changeset
241 static char *argv[] = { NULL, NULL };
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
242 pid_t pid;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
243 int fd[2];
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
244
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
245 if (set_login_process_per_connection &&
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
246 hash_size(processes)-listening_processes >= set_max_logging_users) {
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
247 if (oldest_nonlisten_process != NULL)
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
248 login_process_destroy(oldest_nonlisten_process);
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
249 }
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
250
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
251 if (set_login_uid == 0)
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
252 i_fatal("Login process must not run as root");
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
253
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
254 /* create communication to process with a socket pair */
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
255 if (socketpair(AF_UNIX, SOCK_STREAM, 0, fd) == -1) {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
256 i_error("socketpair() failed: %m");
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
257 return -1;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
258 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
259
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
260 pid = fork();
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
261 if (pid < 0) {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
262 (void)close(fd[0]);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
263 (void)close(fd[1]);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
264 i_error("fork() failed: %m");
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
265 return -1;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
266 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
267
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
268 if (pid != 0) {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
269 /* master */
727
8dd8ebe6bcac We use close-on-exec flag now to make sure that master process closes the
Timo Sirainen <tss@iki.fi>
parents: 722
diff changeset
270 fd_close_on_exec(fd[0], TRUE);
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
271 login_process_new(pid, fd[0]);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
272 (void)close(fd[1]);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
273 return pid;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
274 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
275
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
276 /* move communication handle */
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
277 if (dup2(fd[1], LOGIN_MASTER_SOCKET_FD) < 0)
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
278 i_fatal("login: dup2() failed: %m");
727
8dd8ebe6bcac We use close-on-exec flag now to make sure that master process closes the
Timo Sirainen <tss@iki.fi>
parents: 722
diff changeset
279 fd_close_on_exec(LOGIN_MASTER_SOCKET_FD, FALSE);
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
280
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
281 /* move the listen handle */
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
282 if (dup2(imap_fd, LOGIN_IMAP_LISTEN_FD) < 0)
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
283 i_fatal("login: dup2() failed: %m");
727
8dd8ebe6bcac We use close-on-exec flag now to make sure that master process closes the
Timo Sirainen <tss@iki.fi>
parents: 722
diff changeset
284 fd_close_on_exec(LOGIN_IMAP_LISTEN_FD, FALSE);
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
285
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
286 /* move the SSL listen handle */
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
287 if (dup2(imaps_fd, LOGIN_IMAPS_LISTEN_FD) < 0)
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
288 i_fatal("login: dup2() failed: %m");
727
8dd8ebe6bcac We use close-on-exec flag now to make sure that master process closes the
Timo Sirainen <tss@iki.fi>
parents: 722
diff changeset
289 fd_close_on_exec(LOGIN_IMAPS_LISTEN_FD, FALSE);
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
290
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
291 /* imap_fd and imaps_fd are closed by clean_child_process() */
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
292
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
293 (void)close(fd[0]);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
294 (void)close(fd[1]);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
295
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
296 clean_child_process();
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
297
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
298 /* setup access environment - needs to be done after
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
299 clean_child_process() since it clears environment */
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
300 restrict_access_set_env(set_login_user, set_login_uid, set_login_gid,
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
301 set_login_chroot ? set_login_dir : NULL);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
302
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
303 if (!set_login_chroot) {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
304 /* no chrooting, but still change to the directory */
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
305 if (chdir(set_login_dir) < 0) {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
306 i_fatal("chdir(%s) failed: %m",
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
307 set_login_dir);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
308 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
309 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
310
666
36ac2fd352ff Added ssl_disable setting.
Timo Sirainen <tss@iki.fi>
parents: 635
diff changeset
311 if (!set_ssl_disable) {
697
7814b29d0862 Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents: 666
diff changeset
312 env_put(t_strconcat("SSL_CERT_FILE=", set_ssl_cert_file, NULL));
7814b29d0862 Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents: 666
diff changeset
313 env_put(t_strconcat("SSL_KEY_FILE=", set_ssl_key_file, NULL));
7814b29d0862 Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents: 666
diff changeset
314 env_put(t_strconcat("SSL_PARAM_FILE=",
7814b29d0862 Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents: 666
diff changeset
315 set_ssl_parameters_file, NULL));
615
0d852af6842e Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents: 614
diff changeset
316 }
0d852af6842e Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents: 614
diff changeset
317
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
318 if (set_disable_plaintext_auth)
697
7814b29d0862 Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents: 666
diff changeset
319 env_put("DISABLE_PLAINTEXT_AUTH=1");
747
db6fb0aa16d1 Let login process also know if verbose process titles are wanted..
Timo Sirainen <tss@iki.fi>
parents: 727
diff changeset
320 if (set_verbose_proctitle)
db6fb0aa16d1 Let login process also know if verbose process titles are wanted..
Timo Sirainen <tss@iki.fi>
parents: 727
diff changeset
321 env_put("VERBOSE_PROCTITLE=1");
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
322
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
323 if (set_login_process_per_connection) {
697
7814b29d0862 Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents: 666
diff changeset
324 env_put("PROCESS_PER_CONNECTION=1");
7814b29d0862 Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents: 666
diff changeset
325 env_put("MAX_LOGGING_USERS=1");
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
326 } else {
697
7814b29d0862 Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents: 666
diff changeset
327 env_put(t_strdup_printf("MAX_LOGGING_USERS=%d",
7814b29d0862 Created env_put() and env_clean() for a bit easier handling of environment
Timo Sirainen <tss@iki.fi>
parents: 666
diff changeset
328 set_max_logging_users));
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
329 }
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
330
722
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents: 699
diff changeset
331 restrict_process_size(set_login_process_size);
0438621d25ff Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents: 699
diff changeset
332
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
333 /* hide the path, it's ugly */
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
334 argv[0] = strrchr(set_login_executable, '/');
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
335 if (argv[0] == NULL) argv[0] = set_login_executable; else argv[0]++;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
336
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
337 execv(set_login_executable, (char **) argv);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
338
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
339 i_fatal("execv(%s) failed: %m", argv[0]);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
340 return -1;
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
341 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
342
615
0d852af6842e Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents: 614
diff changeset
343 void login_process_abormal_exit(pid_t pid __attr_unused__)
0d852af6842e Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents: 614
diff changeset
344 {
0d852af6842e Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents: 614
diff changeset
345 /* don't start raising the process count if they're dying all
0d852af6842e Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents: 614
diff changeset
346 the time */
0d852af6842e Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents: 614
diff changeset
347 wanted_processes_count = 0;
0d852af6842e Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents: 614
diff changeset
348 }
0d852af6842e Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents: 614
diff changeset
349
635
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents: 615
diff changeset
350 static void login_hash_destroy(void *key __attr_unused__, void *value,
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents: 615
diff changeset
351 void *context __attr_unused__)
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents: 615
diff changeset
352 {
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents: 615
diff changeset
353 login_process_destroy(value);
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents: 615
diff changeset
354 }
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents: 615
diff changeset
355
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents: 615
diff changeset
356 void login_processes_destroy_all(void)
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents: 615
diff changeset
357 {
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents: 615
diff changeset
358 hash_foreach(processes, login_hash_destroy, NULL);
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents: 615
diff changeset
359
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents: 615
diff changeset
360 /* don't double their amount when restarting */
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents: 615
diff changeset
361 wanted_processes_count = 0;
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents: 615
diff changeset
362 }
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents: 615
diff changeset
363
10
82b7de533f98 s/user_data/context/ and some s/Data/Context/
Timo Sirainen <tss@iki.fi>
parents: 0
diff changeset
364 static void login_processes_start_missing(void *context __attr_unused__,
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
365 Timeout timeout __attr_unused__)
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
366 {
614
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
367 if (!set_login_process_per_connection) {
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
368 /* create max. one process every second, that way if it keeps
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
369 dying all the time we don't eat all cpu with fork()ing. */
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
370 if (listening_processes < set_login_processes_count)
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
371 (void)create_login_process();
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
372 } else {
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
373 /* we want to respond fast when multiple clients are connecting
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
374 at once, but we also want to prevent fork-bombing. use the
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
375 same method as apache: check once a second if we need new
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
376 processes. if yes and we've used all the existing processes,
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
377 double their amount (unless we've hit the high limit).
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
378 Then for each second that didn't use all existing processes,
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
379 drop the max. process count by one. */
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
380 if (wanted_processes_count < set_login_processes_count)
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
381 wanted_processes_count = set_login_processes_count;
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
382 else if (listening_processes == 0)
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
383 wanted_processes_count *= 2;
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
384 else if (wanted_processes_count > set_login_processes_count)
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
385 wanted_processes_count--;
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
386
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
387 if (wanted_processes_count > set_login_max_processes_count)
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
388 wanted_processes_count = set_login_max_processes_count;
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
389
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
390 while (listening_processes < wanted_processes_count)
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
391 (void)create_login_process();
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
392 }
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
393 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
394
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
395 void login_processes_init(void)
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
396 {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
397 auth_id_counter = 0;
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
398 listening_processes = 0;
614
e60620644af3 login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents: 613
diff changeset
399 wanted_processes_count = 0;
613
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
400 oldest_nonlisten_process = newest_nonlisten_process = NULL;
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
401
1906116a62ce Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents: 596
diff changeset
402 processes = hash_create(default_pool, 128, NULL, NULL);
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
403 to = timeout_add(1000, login_processes_start_missing, NULL);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
404 }
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
405
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
406 void login_processes_deinit(void)
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
407 {
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
408 timeout_remove(to);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
409
635
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but
Timo Sirainen <tss@iki.fi>
parents: 615
diff changeset
410 login_processes_destroy_all();
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
411 hash_destroy(processes);
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
412 }