dovecot/original-hg/dovecot-1.2: src/master/login-process.c comparison

comparison src/master/login-process.c @ 1055:a72bba3f8a55 HEAD

Rewrote setting handling. Changed some existing settings also since POP3 support required changes anyway. POP3 seems to be really working now :)

author	Timo Sirainen <tss@iki.fi>
date	Thu, 30 Jan 2003 19:59:31 +0200
parents	793f05a7e50e
children	6cb5b50aea71

comparison

equal deleted inserted replaced

-:cd1ac4101adf
+:a72bba3f8a55
 #include "env-util.h"
 #include "restrict-access.h"
 #include "restrict-process-size.h"
 #include "login-process.h"
 #include "auth-process.h"
-#include "imap-process.h"
+#include "mail-process.h"
 #include "master-login-interface.h"
 #include <unistd.h>
 #include <syslog.h>
+struct login_group {
+	struct login_group *next;
+	struct login_settings *set;
+	unsigned int processes;
+	unsigned int listening_processes;
+	unsigned int wanted_processes_count;
+	struct login_process *oldest_nonlisten_process;
+	struct login_process *newest_nonlisten_process;
+	const char *executable;
+	unsigned int process_size;
+	int *listen_fd, *ssl_listen_fd;
+};
 struct login_process {
+	struct login_group *group;
 	struct login_process *prev_nonlisten, *next_nonlisten;
 	int refcount;
 	pid_t pid;
 	int fd;
 static unsigned int auth_id_counter;
 static struct timeout *to;
 static struct hash_table *processes;
-static struct login_process *oldest_nonlisten_process;
+static struct login_group *login_groups;
-static struct login_process *newest_nonlisten_process;
-static unsigned int listening_processes;
-static unsigned int wanted_processes_count;
 static void login_process_destroy(struct login_process *p);
 static void login_process_unref(struct login_process *p);
+static void login_group_create(struct login_settings *login_set)
+{
+	struct login_group *group;
+	group = i_new(struct login_group, 1);
+	group->set = login_set;
+	if (strcmp(login_set->name, "imap") == 0) {
+		group->executable = set->imap_executable;
+		group->process_size = set->imap_process_size;
+		group->listen_fd = &mail_fd[FD_IMAP];
+		group->ssl_listen_fd = &mail_fd[FD_IMAPS];
+	} else if (strcmp(login_set->name, "pop3") == 0) {
+		group->executable = set->pop3_executable;
+		group->process_size = set->pop3_process_size;
+		group->listen_fd = &mail_fd[FD_POP3];
+		group->ssl_listen_fd = &mail_fd[FD_POP3S];
+	} else
+		i_panic("Unknown login group name '%s'", login_set->name);
+	group->next = login_groups;
+	login_groups = group;
+}
+static void login_group_destroy(struct login_group *group)
+{
+	i_free(group);
+}
 void auth_master_callback(struct auth_master_reply *reply,
 			  const unsigned char *data, void *context)
 {
 	struct login_auth_request *request = context;
 	struct master_login_reply master_reply;
 	if (reply == NULL || !reply->success)
 		master_reply.success = FALSE;
 	else {
+		struct login_group *group = request->process->group;
 		master_reply.success =
-			create_imap_process(request->fd, &request->ip, reply,
+			create_mail_process(request->fd, &request->ip,
-					    (const char *) data);
+					    group->executable,
+					    group->process_size,
+					    reply, (const char *) data);
 	}
 	/* reply to login */
 	master_reply.tag = request->login_tag;
 	if (o_stream_send(request->process->output, &master_reply,
 			  sizeof(master_reply)) < 0)
 		login_process_destroy(request->process);
 	if (close(request->fd) < 0)
-		i_error("close(imap client) failed: %m");
+		i_error("close(mail client) failed: %m");
 	login_process_unref(request->process);
 	i_free(request);
 }
 static void login_process_mark_nonlistening(struct login_process *p)
 			"notification");
 		return;
 	}
 	p->listening = FALSE;
-	listening_processes--;
+	p->group->listening_processes--;
-	p->prev_nonlisten = newest_nonlisten_process;
+	p->prev_nonlisten = p->group->newest_nonlisten_process;
-	if (newest_nonlisten_process != NULL)
+	if (p->group->newest_nonlisten_process != NULL)
-		newest_nonlisten_process->next_nonlisten = p;
+		p->group->newest_nonlisten_process->next_nonlisten = p;
-	newest_nonlisten_process = p;
+	p->group->newest_nonlisten_process = p;
-	if (oldest_nonlisten_process == NULL)
+	if (p->group->oldest_nonlisten_process == NULL)
-		oldest_nonlisten_process = p;
+		p->group->oldest_nonlisten_process = p;
 }
 static void login_process_input(void *context)
 {
 	struct login_process *p = context;
 			i_error("login: fd_read() failed: %m");
 		}
 		if (client_fd != -1) {
 			if (close(client_fd) < 0)
-				i_error("close(imap client) failed: %m");
+				i_error("close(mail client) failed: %m");
 		}
 		login_process_destroy(p);
 		return;
 	}
 		auth_process_request(auth_process, p->pid,
 				     req.auth_id, authreq);
 	}
 }
-static struct login_process *login_process_new(pid_t pid, int fd)
+static struct login_process *
+login_process_new(struct login_group *group, pid_t pid, int fd)
 {
 	struct login_process *p;
 	PID_ADD_PROCESS_TYPE(pid, PROCESS_TYPE_LOGIN);
 	p = i_new(struct login_process, 1);
+	p->group = group;
 	p->refcount = 1;
 	p->pid = pid;
 	p->fd = fd;
 	p->listening = TRUE;
 	p->io = io_add(fd, IO_READ, login_process_input, p);
 	p->output = o_stream_create_file(fd, default_pool,
 					 sizeof(struct master_login_reply)*10,
 					 IO_PRIORITY_DEFAULT, FALSE);
 	hash_insert(processes, POINTER_CAST(pid), p);
-listening_processes++;
+	p->group->processes++;
+	p->group->listening_processes++;
 	return p;
 }
 static void login_process_remove_from_lists(struct login_process *p)
 {
-	if (p == oldest_nonlisten_process)
+	if (p == p->group->oldest_nonlisten_process)
-		oldest_nonlisten_process = p->next_nonlisten;
+		p->group->oldest_nonlisten_process = p->next_nonlisten;
 	else
 		p->prev_nonlisten->next_nonlisten = p->next_nonlisten;
-	if (p == newest_nonlisten_process)
+	if (p == p->group->newest_nonlisten_process)
-		newest_nonlisten_process = p->prev_nonlisten;
+		p->group->newest_nonlisten_process = p->prev_nonlisten;
 	else
 		p->next_nonlisten->prev_nonlisten = p->prev_nonlisten;
 	p->next_nonlisten = p->prev_nonlisten = NULL;
 }
 	if (!p->initialized && io_loop_is_running(ioloop)) {
 		i_error("Login process died too early - shutting down");
 		io_loop_stop(ioloop);
 	}
 	if (p->listening)
-		listening_processes--;
+		p->group->listening_processes--;
 	o_stream_close(p->output);
 	io_remove(p->io);
 	if (close(p->fd) < 0)
 		i_error("close(login) failed: %m");
 	if (!p->listening)
 		login_process_remove_from_lists(p);
+	p->group->processes--;
 	hash_remove(processes, POINTER_CAST(p->pid));
 	login_process_unref(p);
 }
 	o_stream_unref(p->output);
 	i_free(p);
 }
-static pid_t create_login_process(void)
+static pid_t create_login_process(struct login_group *group)
 {
-	static char *argv[] = { NULL, NULL };
+	static const char *argv[] = { NULL, NULL };
 	pid_t pid;
 	int fd[2];
-	if (set_login_process_per_connection &&
+	if (group->set->process_per_connection &&
-	    hash_size(processes)-listening_processes >= set_max_logging_users) {
+	    group->processes - group->listening_processes >=
-		if (oldest_nonlisten_process != NULL)
+	    group->set->max_logging_users) {
-			login_process_destroy(oldest_nonlisten_process);
+		if (group->oldest_nonlisten_process != NULL)
-	}
+			login_process_destroy(group->oldest_nonlisten_process);
+	}
-	if (set_login_uid == 0)
+	if (group->set->uid == 0)
 		i_fatal("Login process must not run as root");
 	/* create communication to process with a socket pair */
 	if (socketpair(AF_UNIX, SOCK_STREAM, 0, fd) == -1) {
 		i_error("socketpair() failed: %m");
 	}
 	if (pid != 0) {
 		/* master */
 		fd_close_on_exec(fd[0], TRUE);
-		login_process_new(pid, fd[0]);
+		login_process_new(group, pid, fd[0]);
 		(void)close(fd[1]);
 		return pid;
 	}
 	/* move communication handle */
 	if (dup2(fd[1], LOGIN_MASTER_SOCKET_FD) < 0)
 		i_fatal("login: dup2(master) failed: %m");
 	fd_close_on_exec(LOGIN_MASTER_SOCKET_FD, FALSE);
 	/* move the listen handle */
-	if (dup2(imap_fd, LOGIN_IMAP_LISTEN_FD) < 0)
+	if (dup2(*group->listen_fd, LOGIN_LISTEN_FD) < 0)
-		i_fatal("login: dup2(imap) failed: %m");
+		i_fatal("login: dup2(listen_fd) failed: %m");
-	fd_close_on_exec(LOGIN_IMAP_LISTEN_FD, FALSE);
+	fd_close_on_exec(LOGIN_LISTEN_FD, FALSE);
 	/* move the SSL listen handle */
-	if (!set_ssl_disable) {
+	if (!set->ssl_disable) {
-		if (dup2(imaps_fd, LOGIN_IMAPS_LISTEN_FD) < 0)
+		if (dup2(*group->ssl_listen_fd, LOGIN_SSL_LISTEN_FD) < 0)
-			i_fatal("login: dup2(imaps) failed: %m");
+			i_fatal("login: dup2(ssl_listen_fd) failed: %m");
 	} else {
-		if (dup2(null_fd, LOGIN_IMAPS_LISTEN_FD) < 0)
+		if (dup2(null_fd, LOGIN_SSL_LISTEN_FD) < 0)
-			i_fatal("login: dup2(imaps) failed: %m");
+			i_fatal("login: dup2(ssl_listen_fd) failed: %m");
 	}
-	fd_close_on_exec(LOGIN_IMAPS_LISTEN_FD, FALSE);
+	fd_close_on_exec(LOGIN_SSL_LISTEN_FD, FALSE);
-	/* imap_fd and imaps_fd are closed by clean_child_process() */
+	/* listen_fds are closed by clean_child_process() */
 	(void)close(fd[0]);
 	(void)close(fd[1]);
 	clean_child_process();
 	/* setup access environment - needs to be done after
 	   clean_child_process() since it clears environment */
-	restrict_access_set_env(set_login_user, set_login_uid, set_login_gid,
+	restrict_access_set_env(group->set->user,
-				set_login_chroot ? set_login_dir : NULL);
+				group->set->uid, set->login_gid,
+				set->login_chroot ? set->login_dir : NULL);
-	if (!set_login_chroot) {
+	if (!set->login_chroot) {
 		/* no chrooting, but still change to the directory */
-		if (chdir(set_login_dir) < 0)
+		if (chdir(set->login_dir) < 0)
-			i_fatal("chdir(%s) failed: %m", set_login_dir);
+			i_fatal("chdir(%s) failed: %m", set->login_dir);
 	}
-	if (!set_ssl_disable) {
+	if (!set->ssl_disable) {
-		env_put(t_strconcat("SSL_CERT_FILE=", set_ssl_cert_file, NULL));
+		env_put(t_strconcat("SSL_CERT_FILE=",
-		env_put(t_strconcat("SSL_KEY_FILE=", set_ssl_key_file, NULL));
+				    set->ssl_cert_file, NULL));
+		env_put(t_strconcat("SSL_KEY_FILE=", set->ssl_key_file, NULL));
 		env_put(t_strconcat("SSL_PARAM_FILE=",
-				    set_ssl_parameters_file, NULL));
+				    set->ssl_parameters_file, NULL));
 	}
-	if (set_disable_plaintext_auth)
+	if (set->disable_plaintext_auth)
 		env_put("DISABLE_PLAINTEXT_AUTH=1");
-	if (set_verbose_proctitle)
+	if (set->verbose_proctitle)
 		env_put("VERBOSE_PROCTITLE=1");
-	if (set_login_process_per_connection) {
+	if (group->set->process_per_connection) {
 		env_put("PROCESS_PER_CONNECTION=1");
 		env_put("MAX_LOGGING_USERS=1");
 	} else {
 		env_put(t_strdup_printf("MAX_LOGGING_USERS=%u",
-					set_max_logging_users));
+					group->set->max_logging_users));
 	}
 	env_put(t_strdup_printf("PROCESS_UID=%s", dec2str(getpid())));
-	restrict_process_size(set_login_process_size);
+	restrict_process_size(group->set->process_size);
 	/* make sure we don't leak syslog fd, but do it last so that
 	   any errors above will be logged */
 	closelog();
 	/* hide the path, it's ugly */
-	argv[0] = strrchr(set_login_executable, '/');
+	argv[0] = strrchr(group->set->executable, '/');
-	if (argv[0] == NULL) argv[0] = set_login_executable; else argv[0]++;
+	if (argv[0] == NULL) argv[0] = group->set->executable; else argv[0]++;
-	execv(set_login_executable, (char **) argv);
+	execv(group->set->executable, (char **) argv);
 	i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", argv[0]);
 	return -1;
 }
-void login_process_abormal_exit(pid_t pid __attr_unused__)
+void login_process_abormal_exit(pid_t pid)
 {
+	struct login_process *p;
 	/* don't start raising the process count if they're dying all
 	   the time */
-	wanted_processes_count = 0;
+	p = hash_lookup(processes, POINTER_CAST(pid));
+	if (p != NULL)
+		p->group->wanted_processes_count = 0;
 }
 static void login_hash_destroy(void *key __attr_unused__, void *value,
 			       void *context __attr_unused__)
 {
 void login_processes_destroy_all(void)
 {
 	hash_foreach(processes, login_hash_destroy, NULL);
-	/* don't double their amount when restarting */
+	while (login_groups != NULL) {
-	wanted_processes_count = 0;
+		struct login_group *group = login_groups;
+		login_groups = group->next;
+		login_group_destroy(group);
+	}
+}
+static void login_group_start_missings(struct login_group *group)
+{
+	if (!group->set->process_per_connection) {
+		/* create max. one process every second, that way if it keeps
+		   dying all the time we don't eat all cpu with fork()ing. */
+		if (group->listening_processes < group->set->processes_count)
+			(void)create_login_process(group);
+		return;
+	}
+	/* we want to respond fast when multiple clients are connecting
+	   at once, but we also want to prevent fork-bombing. use the
+	   same method as apache: check once a second if we need new
+	   processes. if yes and we've used all the existing processes,
+	   double their amount (unless we've hit the high limit).
+	   Then for each second that didn't use all existing processes,
+	   drop the max. process count by one. */
+	if (group->wanted_processes_count < group->set->processes_count)
+		group->wanted_processes_count = group->set->processes_count;
+	else if (group->listening_processes == 0)
+		group->wanted_processes_count *= 2;
+	else if (group->wanted_processes_count > group->set->processes_count)
+		group->wanted_processes_count--;
+	if (group->wanted_processes_count > group->set->max_processes_count)
+		group->wanted_processes_count = group->set->max_processes_count;
+	while (group->listening_processes < group->wanted_processes_count)
+		(void)create_login_process(group);
 }
 static void
 login_processes_start_missing(void *context __attr_unused__)
 {
-	if (!set_login_process_per_connection) {
+	struct login_group *group;
-		/* create max. one process every second, that way if it keeps
+	struct login_settings *login;
-		   dying all the time we don't eat all cpu with fork()ing. */
-		if (listening_processes < set_login_processes_count)
+	if (login_groups == NULL) {
-			(void)create_login_process();
+		for (login = set->logins; login != NULL; login = login->next)
-	} else {
+			login_group_create(login);
-		/* we want to respond fast when multiple clients are connecting
+	}
-		   at once, but we also want to prevent fork-bombing. use the
-		   same method as apache: check once a second if we need new
+	for (group = login_groups; group != NULL; group = group->next)
-		   processes. if yes and we've used all the existing processes,
+		login_group_start_missings(group);
-		   double their amount (unless we've hit the high limit).
-		   Then for each second that didn't use all existing processes,
-		   drop the max. process count by one. */
-		if (wanted_processes_count < set_login_processes_count)
-			wanted_processes_count = set_login_processes_count;
-		else if (listening_processes == 0)
-			wanted_processes_count *= 2;
-		else if (wanted_processes_count > set_login_processes_count)
-			wanted_processes_count--;
-		if (wanted_processes_count > set_login_max_processes_count)
-			wanted_processes_count = set_login_max_processes_count;
-		while (listening_processes < wanted_processes_count)
-			(void)create_login_process();
-	}
 }
 void login_processes_init(void)
 {
 auth_id_counter = 0;
-	listening_processes = 0;
+	login_groups = NULL;
-wanted_processes_count = 0;
-	oldest_nonlisten_process = newest_nonlisten_process = NULL;
 	processes = hash_create(default_pool, default_pool, 128, NULL, NULL);
 	to = timeout_add(1000, login_processes_start_missing, NULL);
 }

Mercurial > dovecot > original-hg > dovecot-1.2

comparison src/master/login-process.c @ 1055:a72bba3f8a55 HEAD