X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=netatalk.git;a=blobdiff_plain;f=etc%2Fafpd%2Fmain.c;h=ff1f2a54dbc0965e6875d065e57e6fb04b7b4e54;hp=7f273c23abdd84f769f0579c452bff565ba57b5f;hb=d2da4b77412a33dc2d62c7877e7b331285dadab6;hpb=79e77d4fe3ff1572e987ec63d9d78675de1a99be diff --git a/etc/afpd/main.c b/etc/afpd/main.c index 7f273c23..1c5c4c42 100644 --- a/etc/afpd/main.c +++ b/etc/afpd/main.c @@ -5,176 +5,318 @@ #ifdef HAVE_CONFIG_H #include "config.h" -#endif +#endif /* HAVE_CONFIG_H */ #include #include #include -#include -#include #include - -#include -#include #include #include -#include #include #include - +#include #include +#include +#include -#include -#include +#include +#include #include #include -#include -#include #include -#include #include #include #include +#include +#include +#include +#include -#include "globals.h" #include "afp_config.h" #include "status.h" #include "fork.h" #include "uam_auth.h" +#include "afp_zeroconf.h" + +#define AFP_LISTENERS 32 +#define FDSET_SAFETY 5 -unsigned char nologin = 0; +unsigned char nologin = 0; -struct afp_options default_options; -static AFPConfig *configs; +static AFPObj obj; static server_child *server_children; -static fd_set save_rfds; +static sig_atomic_t reloadconfig = 0; +static sig_atomic_t gotsigchld = 0; + +/* Two pointers to dynamic allocated arrays which store pollfds and associated data */ +static struct pollfd *fdset; +static struct polldata *polldata; +static int fdset_size; /* current allocated size */ +static int fdset_used; /* number of used elements */ +static int disasociated_ipc_fd; /* disasociated sessions uses this fd for IPC */ + +static afp_child_t *dsi_start(AFPObj *obj, DSI *dsi, server_child *server_children); + +static void afp_exit(int ret) +{ + exit(ret); +} + + +/* ------------------ + initialize fd set we are waiting for. +*/ +static void fd_set_listening_sockets(const AFPObj *config) +{ + DSI *dsi; -#ifdef CAPDIR -int addr_net, addr_node, addr_uid; -char addr_name[32]; -#endif CAPDIR + for (dsi = config->dsi; dsi; dsi = dsi->next) { + fdset_add_fd(config->options.connections + AFP_LISTENERS + FDSET_SAFETY, + &fdset, + &polldata, + &fdset_used, + &fdset_size, + dsi->serversock, + LISTEN_FD, + dsi); + } -static void afp_exit(const int i) + if (config->options.flags & OPTION_KEEPSESSIONS) + fdset_add_fd(config->options.connections + AFP_LISTENERS + FDSET_SAFETY, + &fdset, + &polldata, + &fdset_used, + &fdset_size, + disasociated_ipc_fd, + DISASOCIATED_IPC_FD, + NULL); +} + +static void fd_reset_listening_sockets(const AFPObj *config) { - server_unlock(default_options.pidfile); - exit(i); + const DSI *dsi; + + for (dsi = config->dsi; dsi; dsi = dsi->next) { + fdset_del_fd(&fdset, &polldata, &fdset_used, &fdset_size, dsi->serversock); + } + + if (config->options.flags & OPTION_KEEPSESSIONS) + fdset_del_fd(&fdset, &polldata, &fdset_used, &fdset_size, disasociated_ipc_fd); } +/* ------------------ */ static void afp_goaway(int sig) { -#ifndef NO_DDP - asp_kill(sig); -#endif - dsi_kill(sig); switch( sig ) { - case SIGTERM : - syslog( LOG_INFO, "shutting down on signal %d", sig ); - break; + + case SIGTERM: + case SIGQUIT: + switch (sig) { + case SIGTERM: + LOG(log_note, logtype_afpd, "AFP Server shutting down on SIGTERM"); + break; + case SIGQUIT: + if (obj.options.flags & OPTION_KEEPSESSIONS) { + LOG(log_note, logtype_afpd, "AFP Server shutting down on SIGQUIT, NOT disconnecting clients"); + } else { + LOG(log_note, logtype_afpd, "AFP Server shutting down on SIGQUIT"); + sig = SIGTERM; + } + break; + } + if (server_children) + server_child_kill(server_children, CHILD_DSIFORK, sig); + + _exit(0); + break; + + case SIGUSR1 : + nologin++; + auth_unload(); + LOG(log_info, logtype_afpd, "disallowing logins"); + + if (server_children) + server_child_kill(server_children, CHILD_DSIFORK, sig); + break; + case SIGHUP : - /* w/ a configuration file, we can force a re-read if we want */ - nologin++; - if ((nologin + 1) & 1) { - AFPConfig *config; - - syslog(LOG_INFO, "re-reading configuration file"); - for (config = configs; config; config = config->next) - if (config->server_cleanup) - config->server_cleanup(config); - - configfree(configs, NULL); - if (!(configs = configinit(&default_options))) { - syslog(LOG_ERR, "config re-read: no servers configured"); - afp_exit(1); - } - FD_ZERO(&save_rfds); - for (config = configs; config; config = config->next) { - if (config->fd < 0) - continue; - FD_SET(config->fd, &save_rfds); - } - } else { - syslog(LOG_INFO, "disallowing logins"); - auth_unload(); - } - break; + /* w/ a configuration file, we can force a re-read if we want */ + reloadconfig = 1; + break; + + case SIGCHLD: + /* w/ a configuration file, we can force a re-read if we want */ + gotsigchld = 1; + break; + default : - syslog( LOG_ERR, "afp_goaway: bad signal" ); + LOG(log_error, logtype_afpd, "afp_goaway: bad signal" ); } - if ( sig == SIGTERM ) { - AFPConfig *config; - - for (config = configs; config; config = config->next) - if (config->server_cleanup) - config->server_cleanup(config); + return; +} - afp_exit(0); +static void child_handler(void) +{ + int fd; + int status, i; + pid_t pid; + +#ifndef WAIT_ANY +#define WAIT_ANY (-1) +#endif /* ! WAIT_ANY */ + + while ((pid = waitpid(WAIT_ANY, &status, WNOHANG)) > 0) { + for (i = 0; i < server_children->nforks; i++) { + if ((fd = server_child_remove(server_children, i, pid)) != -1) { + fdset_del_fd(&fdset, &polldata, &fdset_used, &fdset_size, fd); + break; + } + } + + if (WIFEXITED(status)) { + if (WEXITSTATUS(status)) + LOG(log_info, logtype_afpd, "child[%d]: exited %d", pid, WEXITSTATUS(status)); + else + LOG(log_info, logtype_afpd, "child[%d]: done", pid); + } else { + if (WIFSIGNALED(status)) + LOG(log_info, logtype_afpd, "child[%d]: killed by signal %d", pid, WTERMSIG(status)); + else + LOG(log_info, logtype_afpd, "child[%d]: died", pid); + } } - return; } -static void child_handler() +static int setlimits(void) { - server_child_handler(server_children); + struct rlimit rlim; + + if (getrlimit(RLIMIT_NOFILE, &rlim) != 0) { + LOG(log_warning, logtype_afpd, "setlimits: reading current limits failed: %s", strerror(errno)); + return -1; + } + if (rlim.rlim_cur != RLIM_INFINITY && rlim.rlim_cur < 65535) { + rlim.rlim_cur = 65535; + if (rlim.rlim_max != RLIM_INFINITY && rlim.rlim_max < 65535) + rlim.rlim_max = 65535; + if (setrlimit(RLIMIT_NOFILE, &rlim) != 0) { + LOG(log_warning, logtype_afpd, "setlimits: increasing limits failed: %s", strerror(errno)); + return -1; + } + } + return 0; } -int main( ac, av ) - int ac; - char **av; +int main(int ac, char **av) { - AFPConfig *config; fd_set rfds; + void *ipc; struct sigaction sv; sigset_t sigs; + int ret; - umask( 0 ); /* so inherited file permissions work right */ + /* Parse argv args and initialize default options */ + afp_options_parse_cmdline(&obj, ac, av); - afp_options_init(&default_options); - if (!afp_options_parse(ac, av, &default_options)) - exit(1); - - switch(server_lock("afpd", default_options.pidfile, - default_options.flags & OPTION_DEBUG)) { - case -1: /* error */ - exit(1); - case 0: /* child */ - break; - default: /* server */ - exit(0); - } + if (!(obj.cmdlineflags & OPTION_DEBUG) && (daemonize(0, 0) != 0)) + exit(EXITERR_SYS); + + /* Log SIGBUS/SIGSEGV SBT */ + fault_setup(NULL); + + if (afp_config_parse(&obj, "afpd") != 0) + afp_exit(EXITERR_CONF); + + /* Save the user's current umask */ + obj.options.save_mask = umask(obj.options.umask); /* install child handler for asp and dsi. we do this before afp_goaway * as afp_goaway references stuff from here. * XXX: this should really be setup after the initial connections. */ - if (!(server_children = server_child_alloc(default_options.connections, - CHILD_NFORKS))) { - syslog(LOG_ERR, "main: server_child alloc: %m"); - afp_exit(1); - } - - memset(&sv, 0, sizeof(sv)); - sv.sa_handler = child_handler; + if (!(server_children = server_child_alloc(obj.options.connections, CHILD_NFORKS))) { + LOG(log_error, logtype_afpd, "main: server_child alloc: %s", strerror(errno) ); + afp_exit(EXITERR_SYS); + } + + sigemptyset(&sigs); + pthread_sigmask(SIG_SETMASK, &sigs, NULL); + + memset(&sv, 0, sizeof(sv)); + /* linux at least up to 2.4.22 send a SIGXFZ for vfat fs, + even if the file is open with O_LARGEFILE ! */ +#ifdef SIGXFSZ + sv.sa_handler = SIG_IGN; + sigemptyset( &sv.sa_mask ); + if (sigaction(SIGXFSZ, &sv, NULL ) < 0 ) { + LOG(log_error, logtype_afpd, "main: sigaction: %s", strerror(errno) ); + afp_exit(EXITERR_SYS); + } +#endif + + sv.sa_handler = afp_goaway; /* handler for all sigs */ + sigemptyset( &sv.sa_mask ); + sigaddset(&sv.sa_mask, SIGALRM); + sigaddset(&sv.sa_mask, SIGHUP); + sigaddset(&sv.sa_mask, SIGTERM); + sigaddset(&sv.sa_mask, SIGUSR1); + sigaddset(&sv.sa_mask, SIGQUIT); sv.sa_flags = SA_RESTART; - if ( sigaction( SIGCHLD, &sv, 0 ) < 0 ) { - syslog( LOG_ERR, "main: sigaction: %m" ); - afp_exit(1); + if ( sigaction( SIGCHLD, &sv, NULL ) < 0 ) { + LOG(log_error, logtype_afpd, "main: sigaction: %s", strerror(errno) ); + afp_exit(EXITERR_SYS); } - sv.sa_handler = afp_goaway; sigemptyset( &sv.sa_mask ); + sigaddset(&sv.sa_mask, SIGALRM); + sigaddset(&sv.sa_mask, SIGTERM); sigaddset(&sv.sa_mask, SIGHUP); + sigaddset(&sv.sa_mask, SIGCHLD); + sigaddset(&sv.sa_mask, SIGQUIT); + sv.sa_flags = SA_RESTART; + if ( sigaction( SIGUSR1, &sv, NULL ) < 0 ) { + LOG(log_error, logtype_afpd, "main: sigaction: %s", strerror(errno) ); + afp_exit(EXITERR_SYS); + } + + sigemptyset( &sv.sa_mask ); + sigaddset(&sv.sa_mask, SIGALRM); sigaddset(&sv.sa_mask, SIGTERM); + sigaddset(&sv.sa_mask, SIGUSR1); + sigaddset(&sv.sa_mask, SIGCHLD); + sigaddset(&sv.sa_mask, SIGQUIT); sv.sa_flags = SA_RESTART; - if ( sigaction( SIGHUP, &sv, 0 ) < 0 ) { - syslog( LOG_ERR, "main: sigaction: %m" ); - afp_exit(1); + if ( sigaction( SIGHUP, &sv, NULL ) < 0 ) { + LOG(log_error, logtype_afpd, "main: sigaction: %s", strerror(errno) ); + afp_exit(EXITERR_SYS); } - if ( sigaction( SIGTERM, &sv, 0 ) < 0 ) { - syslog( LOG_ERR, "main: sigaction: %m" ); - afp_exit(1); + + sigemptyset( &sv.sa_mask ); + sigaddset(&sv.sa_mask, SIGALRM); + sigaddset(&sv.sa_mask, SIGHUP); + sigaddset(&sv.sa_mask, SIGUSR1); + sigaddset(&sv.sa_mask, SIGCHLD); + sigaddset(&sv.sa_mask, SIGQUIT); + sv.sa_flags = SA_RESTART; + if ( sigaction( SIGTERM, &sv, NULL ) < 0 ) { + LOG(log_error, logtype_afpd, "main: sigaction: %s", strerror(errno) ); + afp_exit(EXITERR_SYS); } - - /* afpd.conf: not in config file: lockfile, connections, configfile + + sigemptyset( &sv.sa_mask ); + sigaddset(&sv.sa_mask, SIGALRM); + sigaddset(&sv.sa_mask, SIGHUP); + sigaddset(&sv.sa_mask, SIGUSR1); + sigaddset(&sv.sa_mask, SIGCHLD); + sigaddset(&sv.sa_mask, SIGTERM); + sv.sa_flags = SA_RESTART; + if (sigaction(SIGQUIT, &sv, NULL ) < 0 ) { + LOG(log_error, logtype_afpd, "main: sigaction: %s", strerror(errno) ); + afp_exit(EXITERR_SYS); + } + + /* afp.conf: not in config file: lockfile, configfile * preference: command-line provides defaults. * config file over-writes defaults. * @@ -183,23 +325,42 @@ int main( ac, av ) */ sigemptyset(&sigs); + sigaddset(&sigs, SIGALRM); sigaddset(&sigs, SIGHUP); + sigaddset(&sigs, SIGUSR1); +#if 0 + /* don't block SIGTERM */ sigaddset(&sigs, SIGTERM); - sigprocmask(SIG_BLOCK, &sigs, NULL); - if (!(configs = configinit(&default_options))) { - syslog(LOG_ERR, "main: no servers configured: %m\n"); - afp_exit(1); - } - sigprocmask(SIG_UNBLOCK, &sigs, NULL); +#endif + sigaddset(&sigs, SIGCHLD); - /* watch atp and dsi sockets. */ - FD_ZERO(&save_rfds); - for (config = configs; config; config = config->next) { - if (config->fd < 0) /* for proxies */ - continue; - FD_SET(config->fd, &save_rfds); + pthread_sigmask(SIG_BLOCK, &sigs, NULL); + if (configinit(&obj) != 0) { + LOG(log_error, logtype_afpd, "main: no servers configured"); + afp_exit(EXITERR_CONF); } + pthread_sigmask(SIG_UNBLOCK, &sigs, NULL); + + /* Initialize */ + cnid_init(); + /* watch atp, dsi sockets and ipc parent/child file descriptor. */ + + if (obj.options.flags & OPTION_KEEPSESSIONS) { + LOG(log_note, logtype_afpd, "Activating continuous service"); + disasociated_ipc_fd = ipc_server_uds(_PATH_AFP_IPC); + } + + fd_set_listening_sockets(&obj); + + /* set limits */ + (void)setlimits(); + + afp_child_t *child; + int recon_ipc_fd; + pid_t pid; + int saveerrno; + /* wait for an appleshare connection. parent remains in the loop * while the children get handled by afp_over_{asp,dsi}. this is * currently vulnerable to a denial-of-service attack if a @@ -207,21 +368,137 @@ int main( ac, av ) * afterwards. establishing timeouts for logins is a possible * solution. */ while (1) { - rfds = save_rfds; - if (select(FD_SETSIZE, &rfds, NULL, NULL, NULL) < 0) { - if (errno == EINTR) - continue; - syslog(LOG_ERR, "main: can't wait for input: %m"); - break; - } - - for (config = configs; config; config = config->next) { - if (config->fd < 0) - continue; - if (FD_ISSET(config->fd, &rfds)) - config->server_start(config, configs, server_children); - } - } + LOG(log_maxdebug, logtype_afpd, "main: polling %i fds", fdset_used); + pthread_sigmask(SIG_UNBLOCK, &sigs, NULL); + ret = poll(fdset, fdset_used, -1); + pthread_sigmask(SIG_BLOCK, &sigs, NULL); + saveerrno = errno; + + if (gotsigchld) { + gotsigchld = 0; + child_handler(); + continue; + } + + if (reloadconfig) { + nologin++; + auth_unload(); + fd_reset_listening_sockets(&obj); + + LOG(log_info, logtype_afpd, "re-reading configuration file"); + + configfree(&obj, NULL); + if (configinit(&obj) != 0) { + LOG(log_error, logtype_afpd, "config re-read: no servers configured"); + afp_exit(EXITERR_CONF); + } + + fd_set_listening_sockets(&obj); + + nologin = 0; + reloadconfig = 0; + errno = saveerrno; + continue; + } + + if (ret == 0) + continue; + + if (ret < 0) { + if (errno == EINTR) + continue; + LOG(log_error, logtype_afpd, "main: can't wait for input: %s", strerror(errno)); + break; + } + + for (int i = 0; i < fdset_used; i++) { + if (fdset[i].revents & (POLLIN | POLLERR | POLLHUP | POLLNVAL)) { + switch (polldata[i].fdtype) { + + case LISTEN_FD: + if (child = dsi_start(&obj, (DSI *)polldata[i].data, server_children)) { + /* Add IPC fd to select fd set */ + fdset_add_fd(obj.options.connections + AFP_LISTENERS + FDSET_SAFETY, + &fdset, + &polldata, + &fdset_used, + &fdset_size, + child->ipc_fd, + IPC_FD, + child); + } + break; + + case IPC_FD: + child = (afp_child_t *)polldata[i].data; + LOG(log_debug, logtype_afpd, "main: IPC request from child[%u]", child->pid); + + if (ipc_server_read(server_children, child->ipc_fd) != 0) { + fdset_del_fd(&fdset, &polldata, &fdset_used, &fdset_size, child->ipc_fd); + close(child->ipc_fd); + child->ipc_fd = -1; + if ((obj.options.flags & OPTION_KEEPSESSIONS) && child->disasociated) { + LOG(log_note, logtype_afpd, "main: removing reattached child[%u]", child->pid); + server_child_remove(server_children, CHILD_DSIFORK, child->pid); + } + } + break; + + case DISASOCIATED_IPC_FD: + LOG(log_debug, logtype_afpd, "main: IPC reconnect request"); + if ((recon_ipc_fd = accept(disasociated_ipc_fd, NULL, NULL)) == -1) { + LOG(log_error, logtype_afpd, "main: accept: %s", strerror(errno)); + break; + } + if (readt(recon_ipc_fd, &pid, sizeof(pid_t), 0, 1) != sizeof(pid_t)) { + LOG(log_error, logtype_afpd, "main: readt: %s", strerror(errno)); + close(recon_ipc_fd); + break; + } + LOG(log_note, logtype_afpd, "main: IPC reconnect from pid [%u]", pid); + + if ((child = server_child_add(server_children, CHILD_DSIFORK, pid, recon_ipc_fd)) == NULL) { + LOG(log_error, logtype_afpd, "main: server_child_add"); + close(recon_ipc_fd); + break; + } + child->disasociated = 1; + fdset_add_fd(obj.options.connections + AFP_LISTENERS + FDSET_SAFETY, + &fdset, + &polldata, + &fdset_used, + &fdset_size, + recon_ipc_fd, + IPC_FD, + child); + break; + + default: + LOG(log_debug, logtype_afpd, "main: IPC request for unknown type"); + break; + } /* switch */ + } /* if */ + } /* for (i)*/ + } /* while (1) */ return 0; } + +static afp_child_t *dsi_start(AFPObj *obj, DSI *dsi, server_child *server_children) +{ + afp_child_t *child = NULL; + + if (dsi_getsession(dsi, server_children, obj->options.tickleval, &child) != 0) { + LOG(log_error, logtype_afpd, "dsi_start: session error: %s", strerror(errno)); + return NULL; + } + + /* we've forked. */ + if (child == NULL) { + configfree(obj, dsi); + afp_over_dsi(obj); /* start a session */ + exit (0); + } + + return child; +}