#include <config.h>
#include <stdio.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/wait.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#include <fcntl.h>
#include <signal.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/param.h>
#include <sys/stat.h>
#include <syslog.h>
#include <netdb.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <errno.h>
#include <stdlib.h>
#include <sysexits.h>
#include <string.h>
#include <limits.h>
#include "service.h"
#include "libconfig.h"
#include "xmalloc.h"
#include "xstrlcpy.h"
#include "xstrlcat.h"
#include "signals.h"
extern int optind, opterr;
extern char *optarg;
static int use_count = 0;
static int verbose = 0;
static int lockfd = -1;
static int newfile = 0;
void notify_master(int fd, int msg)
{
struct notify_message notifymsg;
if (verbose) syslog(LOG_DEBUG, "telling master %x", msg);
notifymsg.message = msg;
notifymsg.service_pid = getpid();
if (write(fd, ¬ifymsg, sizeof(notifymsg)) != sizeof(notifymsg)) {
syslog(LOG_ERR, "unable to tell master %x: %m", msg);
}
}
#ifdef HAVE_LIBWRAP
#include <tcpd.h>
int allow_severity = LOG_DEBUG;
int deny_severity = LOG_ERR;
static void libwrap_init(struct request_info *r, char *service)
{
request_init(r, RQ_DAEMON, service, 0);
}
static int libwrap_ask(struct request_info *r, int fd)
{
int a;
struct sockaddr_storage sin;
socklen_t len = sizeof(sin);
sin.ss_family = AF_UNIX;
if (getpeername(fd, (struct sockaddr *) &sin, &len) == 0) {
if (((struct sockaddr *)&sin)->sa_family == AF_UNIX) {
return 1;
}
}
request_set(r, RQ_FILE, fd, 0);
sock_host(r);
a = hosts_access(r);
if (!a) {
syslog(deny_severity, "refused connection from %s", eval_client(r));
}
return a;
}
#else
struct request_info { int x; };
static void libwrap_init(struct request_info *r __attribute__((unused)),
char *service __attribute__((unused)))
{
}
static int libwrap_ask(struct request_info *r __attribute__((unused)),
int fd __attribute__((unused)))
{
return 1;
}
#endif
extern void cyrus_init(const char *, const char *, unsigned);
static int getlockfd(char *service, int id)
{
char lockfile[1024];
int fd;
snprintf(lockfile, sizeof(lockfile), "%s/socket/%s-%d.lock",
config_dir, service, id);
fd = open(lockfile, O_CREAT | O_RDWR, 0600);
if (fd < 0) {
syslog(LOG_ERR,
"locking disabled: couldn't open socket lockfile %s: %m",
lockfile);
lockfd = -1;
return -1;
}
lockfd = fd;
return 0;
}
static int lockaccept(void)
{
struct flock alockinfo;
int rc;
alockinfo.l_start = 0;
alockinfo.l_len = 0;
alockinfo.l_whence = SEEK_SET;
if (lockfd != -1) {
alockinfo.l_type = F_WRLCK;
while ((rc = fcntl(lockfd, F_SETLKW, &alockinfo)) < 0 &&
errno == EINTR &&
!signals_poll())
;
if (rc < 0 && signals_poll()) {
if (MESSAGE_MASTER_ON_EXIT)
notify_master(STATUS_FD, MASTER_SERVICE_UNAVAILABLE);
service_abort(0);
return -1;
}
if (rc < 0) {
syslog(LOG_ERR, "fcntl: F_SETLKW: error getting accept lock: %m");
if (MESSAGE_MASTER_ON_EXIT)
notify_master(STATUS_FD, MASTER_SERVICE_UNAVAILABLE);
service_abort(EX_OSERR);
return -1;
}
}
return 0;
}
static int unlockaccept(void)
{
struct flock alockinfo;
int rc;
alockinfo.l_start = 0;
alockinfo.l_len = 0;
alockinfo.l_whence = SEEK_SET;
if (lockfd != -1) {
alockinfo.l_type = F_UNLCK;
while ((rc = fcntl(lockfd, F_SETLKW, &alockinfo)) < 0 &&
errno == EINTR)
;
if (rc < 0) {
syslog(LOG_ERR,
"fcntl: F_SETLKW: error releasing accept lock: %m");
if (MESSAGE_MASTER_ON_EXIT)
notify_master(STATUS_FD, MASTER_SERVICE_UNAVAILABLE);
service_abort(EX_OSERR);
return -1;
}
}
return 0;
}
#define ARGV_GROW 10
int main(int argc, char **argv, char **envp)
{
int fdflags;
int fd;
char *p = NULL, *service;
struct request_info request;
int opt;
char *alt_config = NULL;
int call_debugger = 0;
int max_use = MAX_USE;
int reuse_timeout = REUSE_TIMEOUT;
int soctype;
int typelen = sizeof(soctype);
int newargc = 0;
char **newargv = (char **) xmalloc(ARGV_GROW * sizeof(char *));
int id;
char path[PATH_MAX];
struct stat sbuf;
ino_t start_ino;
off_t start_size;
time_t start_mtime;
opterr = 0;
newargv[newargc++] = argv[0];
while ((opt = getopt(argc, argv, "C:U:T:D")) != EOF) {
if (argv[optind-1][0] == '-' && strlen(argv[optind-1]) > 2) {
syslog(LOG_ERR,
"options and arguments MUST be separated by whitespace");
exit(EX_USAGE);
}
switch (opt) {
case 'C':
alt_config = optarg;
break;
case 'U':
max_use = atoi(optarg);
if (max_use < 0) max_use = 0;
break;
case 'T':
reuse_timeout = atoi(optarg);
if (reuse_timeout < 0) reuse_timeout = 0;
break;
case 'D':
call_debugger = 1;
break;
default:
if (!((newargc+1) % ARGV_GROW)) {
newargv = (char **) xrealloc(newargv, (newargc + ARGV_GROW) *
sizeof(char *));
}
newargv[newargc++] = argv[optind-1];
if (optind < argc && argv[optind][0] != '-')
newargv[newargc++] = argv[optind++];
break;
}
}
for (; optind < argc; optind++) {
if (!(newargc % ARGV_GROW)) {
newargv = (char **) xrealloc(newargv, (newargc + ARGV_GROW) *
sizeof(char *));
}
newargv[newargc++] = argv[optind];
}
opterr = 1;
optind = 1;
p = getenv("CYRUS_VERBOSE");
if (p) verbose = atoi(p) + 1;
if (verbose > 30) {
syslog(LOG_DEBUG, "waiting 15 seconds for debugger");
sleep(15);
}
p = getenv("CYRUS_SERVICE");
if (p == NULL) {
syslog(LOG_ERR, "could not getenv(CYRUS_SERVICE); exiting");
exit(EX_SOFTWARE);
}
service = xstrdup(p);
p = getenv("CYRUS_ID");
if (p == NULL) {
syslog(LOG_ERR, "could not getenv(CYRUS_ID); exiting");
exit(EX_SOFTWARE);
}
id = atoi(p);
srand(time(NULL) * getpid());
reuse_timeout = reuse_timeout + (rand() % reuse_timeout);
cyrus_init(alt_config, service, 0);
if (call_debugger) {
char debugbuf[1024];
int ret;
const char *debugger = config_getstring(IMAPOPT_DEBUG_COMMAND);
if (debugger) {
snprintf(debugbuf, sizeof(debugbuf), debugger,
argv[0], getpid(), service);
syslog(LOG_DEBUG, "running external debugger: %s", debugbuf);
ret = system(debugbuf);
syslog(LOG_DEBUG, "debugger returned exit status: %d", ret);
}
}
syslog(LOG_DEBUG, "executed");
fdflags = fcntl(LISTEN_FD, F_GETFD, 0);
if (fdflags != -1) fdflags = fcntl(LISTEN_FD, F_SETFD,
fdflags | FD_CLOEXEC);
if (fdflags == -1) {
syslog(LOG_ERR, "unable to set close on exec: %m");
if (MESSAGE_MASTER_ON_EXIT)
notify_master(STATUS_FD, MASTER_SERVICE_UNAVAILABLE);
return 1;
}
fdflags = fcntl(STATUS_FD, F_GETFD, 0);
if (fdflags != -1) fdflags = fcntl(STATUS_FD, F_SETFD,
fdflags | FD_CLOEXEC);
if (fdflags == -1) {
syslog(LOG_ERR, "unable to set close on exec: %m");
if (MESSAGE_MASTER_ON_EXIT)
notify_master(STATUS_FD, MASTER_SERVICE_UNAVAILABLE);
return 1;
}
if (getsockopt(LISTEN_FD, SOL_SOCKET, SO_TYPE,
(char *) &soctype, &typelen) < 0) {
syslog(LOG_ERR, "getsockopt: SOL_SOCKET: failed to get type: %m");
if (MESSAGE_MASTER_ON_EXIT)
notify_master(STATUS_FD, MASTER_SERVICE_UNAVAILABLE);
return 1;
}
if (service_init(newargc, newargv, envp) != 0) {
if (MESSAGE_MASTER_ON_EXIT)
notify_master(STATUS_FD, MASTER_SERVICE_UNAVAILABLE);
return 1;
}
if (newargv[0][0] == '/')
strlcpy(path, newargv[0], sizeof(path));
else
snprintf(path, sizeof(path), "%s/%s", SERVICE_PATH, newargv[0]);
stat(path, &sbuf);
start_ino= sbuf.st_ino;
start_size = sbuf.st_size;
start_mtime = sbuf.st_mtime;
getlockfd(service, id);
for (;;) {
signals_add_handlers(SIGALRM);
if (use_count > 0) {
alarm(reuse_timeout);
}
lockaccept();
fd = -1;
while (fd < 0 && !signals_poll()) {
stat(path, &sbuf);
if (sbuf.st_ino != start_ino || sbuf.st_size != start_size ||
sbuf.st_mtime != start_mtime) {
syslog(LOG_INFO, "process file has changed");
newfile = 1;
break;
}
if (soctype == SOCK_STREAM) {
fd = accept(LISTEN_FD, NULL, NULL);
if (fd < 0) {
switch (errno) {
case ENETDOWN:
#ifdef EPROTO
case EPROTO:
#endif
case ENOPROTOOPT:
case EHOSTDOWN:
#ifdef ENONET
case ENONET:
#endif
case EHOSTUNREACH:
case EOPNOTSUPP:
case ENETUNREACH:
case EAGAIN:
case EINTR:
break;
case EINVAL:
if (signals_poll() == SIGHUP) break;
default:
syslog(LOG_ERR, "accept failed: %m");
if (MESSAGE_MASTER_ON_EXIT)
notify_master(STATUS_FD, MASTER_SERVICE_UNAVAILABLE);
service_abort(EX_OSERR);
}
}
} else {
struct sockaddr_storage from;
socklen_t fromlen;
char ch;
int r;
fromlen = sizeof(from);
r = recvfrom(LISTEN_FD, (void *) &ch, 1, MSG_PEEK,
(struct sockaddr *) &from, &fromlen);
if (r == -1) {
syslog(LOG_ERR, "recvfrom failed: %m");
if (MESSAGE_MASTER_ON_EXIT)
notify_master(STATUS_FD, MASTER_SERVICE_UNAVAILABLE);
service_abort(EX_OSERR);
}
fd = LISTEN_FD;
}
}
unlockaccept();
if (fd < 0 && (signals_poll() || newfile)) {
if (MESSAGE_MASTER_ON_EXIT)
notify_master(STATUS_FD, MASTER_SERVICE_UNAVAILABLE);
service_abort(0);
}
if (fd < 0) {
syslog(LOG_ERR, "accept() failed but we didn't catch it?");
if (MESSAGE_MASTER_ON_EXIT)
notify_master(STATUS_FD, MASTER_SERVICE_UNAVAILABLE);
service_abort(EX_SOFTWARE);
}
alarm(0);
if(soctype == SOCK_STREAM) {
libwrap_init(&request, service);
if (!libwrap_ask(&request, fd)) {
shutdown(fd, SHUT_RDWR);
close(fd);
continue;
}
}
notify_master(STATUS_FD, MASTER_SERVICE_UNAVAILABLE);
syslog(LOG_DEBUG, "accepted connection");
if (fd != 0 && dup2(fd, 0) < 0) {
syslog(LOG_ERR, "can't duplicate accepted socket: %m");
service_abort(EX_OSERR);
}
if (fd != 1 && dup2(fd, 1) < 0) {
syslog(LOG_ERR, "can't duplicate accepted socket: %m");
service_abort(EX_OSERR);
}
if (fd != 2 && dup2(fd, 2) < 0) {
syslog(LOG_ERR, "can't duplicate accepted socket: %m");
service_abort(EX_OSERR);
}
if(soctype == SOCK_STREAM) {
if (fd > 2) close(fd);
}
notify_master(STATUS_FD, MASTER_SERVICE_CONNECTION);
use_count++;
service_main(newargc, newargv, envp);
if (signals_poll() || use_count >= max_use) {
break;
}
notify_master(STATUS_FD, MASTER_SERVICE_AVAILABLE);
}
service_abort(0);
return 0;
}