Mercurial > dovecot > original-hg > dovecot-1.2
changeset 5601:b02af502bcd6 HEAD
When running multiple Dovecot instances, only one of them needs to
regenerate ssl-parameters.dat.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Sun, 13 May 2007 16:45:49 +0300 |
parents | 945966bb18c2 |
children | 117ec208d66b |
files | src/master/main.c src/master/ssl-init-main.c src/master/ssl-init.c src/master/ssl-init.h |
diffstat | 4 files changed, 41 insertions(+), 16 deletions(-) [+] |
line wrap: on
line diff
--- a/src/master/main.c Sun May 13 16:24:35 2007 +0300 +++ b/src/master/main.c Sun May 13 16:45:49 2007 +0300 @@ -233,6 +233,9 @@ i_error("unknown child %s exited " "successfully", dec2str(pid)); } + } else if (status == 1 && + process_type == PROCESS_TYPE_SSL_PARAM) { + /* kludgy. hide this failure. */ } else { msg = get_exit_status_message(status); msg = msg == NULL ? "" : @@ -256,7 +259,7 @@ mail_process_destroyed(pid); break; case PROCESS_TYPE_SSL_PARAM: - ssl_parameter_process_destroyed(pid); + ssl_parameter_process_destroyed(abnormal_exit); break; case PROCESS_TYPE_DICT: dict_process_restart();
--- a/src/master/ssl-init-main.c Sun May 13 16:24:35 2007 +0300 +++ b/src/master/ssl-init-main.c Sun May 13 16:45:49 2007 +0300 @@ -2,6 +2,7 @@ #include "lib.h" #include "lib-signals.h" +#include "file-lock.h" #include "randgen.h" #include "ssl-init.h" @@ -11,17 +12,17 @@ #include <sys/stat.h> #ifdef HAVE_SSL -static void generate_parameters_file(const char *fname) +static int generate_parameters_file(const char *fname) { const char *temp_fname; + struct file_lock *lock; mode_t old_mask; - int fd; + int fd, ret; temp_fname = t_strconcat(fname, ".tmp", NULL); - (void)unlink(temp_fname); old_mask = umask(0); - fd = open(temp_fname, O_WRONLY | O_CREAT | O_EXCL, 0644); + fd = open(temp_fname, O_WRONLY | O_CREAT, 0644); umask(old_mask); if (fd == -1) { @@ -29,25 +30,42 @@ temp_fname); } - _ssl_generate_parameters(fd, temp_fname); + /* If multiple dovecot instances are running, only one of them needs + to regenerate this file. */ + ret = file_try_lock(fd, temp_fname, F_WRLCK, + FILE_LOCK_METHOD_FCNTL, &lock); + if (ret < 0) + i_fatal("file_try_lock(%s) failed: %m", temp_fname); + if (ret == 0) { + /* someone else is writing this */ + return -1; + } + if (ftruncate(fd, 0) < 0) + i_fatal("ftruncate(%s) failed: %m", temp_fname); - if (close(fd) < 0) - i_fatal("close(%s) failed: %m", temp_fname); + _ssl_generate_parameters(fd, temp_fname); if (rename(temp_fname, fname) < 0) i_fatal("rename(%s, %s) failed: %m", temp_fname, fname); + if (close(fd) < 0) + i_fatal("close(%s) failed: %m", temp_fname); + file_lock_free(&lock); i_info("SSL parameters regeneration completed"); + return 0; } #else -static void generate_parameters_file(const char *fname __attr_unused__) +static int generate_parameters_file(const char *fname __attr_unused__) { i_fatal("Dovecot built without SSL support"); + return -1; } #endif int main(int argc, char *argv[]) { + int ret; + lib_init(); i_set_failure_internal(); @@ -55,9 +73,10 @@ i_fatal("Usage: ssl-build-param <path>"); random_init(); - generate_parameters_file(argv[1]); + if (generate_parameters_file(argv[1]) < 0) + ret = 1; random_deinit(); lib_deinit(); - return 0; + return ret; }
--- a/src/master/ssl-init.c Sun May 13 16:24:35 2007 +0300 +++ b/src/master/ssl-init.c Sun May 13 16:45:49 2007 +0300 @@ -60,11 +60,14 @@ i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", binpath); } -void ssl_parameter_process_destroyed(pid_t pid __attr_unused__) +void ssl_parameter_process_destroyed(bool abnormal_exit) { - if (file_copy(SSL_PARAMETERS_PERM_PATH, generating_path, TRUE) <= 0) { - i_error("file_copy(%s, %s) failed: %m", - SSL_PARAMETERS_PERM_PATH, generating_path); + if (!abnormal_exit) { + if (file_copy(SSL_PARAMETERS_PERM_PATH, + generating_path, TRUE) <= 0) { + i_error("file_copy(%s, %s) failed: %m", + SSL_PARAMETERS_PERM_PATH, generating_path); + } } i_free_and_null(generating_path); }
--- a/src/master/ssl-init.h Sun May 13 16:24:35 2007 +0300 +++ b/src/master/ssl-init.h Sun May 13 16:45:49 2007 +0300 @@ -3,7 +3,7 @@ #define SSL_PARAMETERS_FILENAME "ssl-parameters.dat" -void ssl_parameter_process_destroyed(pid_t pid); +void ssl_parameter_process_destroyed(bool abnormal_exit); void ssl_check_parameters_file(void); void _ssl_generate_parameters(int fd, const char *fname);