1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
6 * Copyright (c) The Exim Maintainers 2022
8 * SPDX-License-Identifier: GPL-2.0-or-later
11 /* Caching layers for compiled REs. There is a local layer in the process,
12 implemented as a tree for inserts and lookup. This cache is inherited from
13 the daemon, for the process tree deriving from there - but not by re-exec'd
14 proceses or commandline submission processes.
16 If the process has to compile, and is not the daemon or a re-exec'd exim,
17 it notifies the use of the RE to the daemon via a unix-domain socket.
18 This is a fire-and-forget send with no response, hence cheap from the point-of
19 view of the sender. I have not measured the overall comms costs. The
20 daemon also compiles the RE, and caches the result.
22 A second layer would be possible by asking the daemon via the notifier socket
23 (for a result from its cache, or a compile if it must). The comms overhead
24 is significant, not only for the channel but also for de/serialisation of
25 the compiled object. This makes it untenable for the primary use-case, the
26 transport process which has been re-exec'd to gain privs - and therefore does not
27 have the daemon-maintained cache. Using shared-memory might reduce that cost
28 (the attach time for the memory segment will matter); the implimentation
29 would require suitable R/W locks.
34 typedef struct re_req {
35 uschar notifier_reqtype;
37 uschar re[1]; /* extensible */
40 static tree_node * regex_cache = NULL;
41 static tree_node * regex_caseless_cache = NULL;
43 #define REGEX_CACHESIZE_LIMIT 1000
45 /******************************************************************************/
48 regex_to_daemon(const uschar * key, BOOL caseless)
50 int klen = Ustrlen(key) + 1;
51 int rlen = sizeof(re_req) + klen;
53 int fd, old_pool = store_pool;
55 DEBUG(D_expand|D_lists)
56 debug_printf_indent("sending RE '%s' to daemon\n", key);
58 store_pool = POOL_MAIN;
59 req = store_get(rlen, key); /* maybe need a size limit */
60 store_pool = old_pool;;
61 req->notifier_reqtype = NOTIFY_REGEX;
62 req->caseless = caseless;
63 memcpy(req->re, key, klen);
65 if ((fd = socket(AF_UNIX, SOCK_DGRAM, 0)) >= 0)
67 struct sockaddr_un sa_un = {.sun_family = AF_UNIX};
68 ssize_t len = daemon_notifier_sockname(&sa_un);
70 if (sendto(fd, req, rlen, 0, (struct sockaddr *)&sa_un, (socklen_t)len) < 0)
72 debug_printf("%s: sendto %s\n", __FUNCTION__, strerror(errno));
75 else DEBUG(D_queue_run) debug_printf(" socket: %s\n", strerror(errno));
79 static const pcre2_code *
80 regex_from_cache(const uschar * key, BOOL caseless)
83 tree_search(caseless ? regex_caseless_cache : regex_cache, key);
84 DEBUG(D_expand|D_lists)
85 debug_printf_indent("compiled %sRE '%s' %sfound in local cache\n",
86 caseless ? "caseless " : "", key, node ? "" : "not ");
88 return node ? node->data.ptr : NULL;
93 regex_to_cache(const uschar * key, BOOL caseless, const pcre2_code * cre)
99 node = store_get(sizeof(tree_node) + Ustrlen(key) + 1, key); /* we are called with STORE_PERM */
100 Ustrcpy(node->name, key);
101 node->data.ptr = (void *)cre;
103 if (!tree_insertnode(caseless ? ®ex_caseless_cache : ®ex_cache, node))
104 { DEBUG(D_expand|D_lists) debug_printf_indent("duplicate key!\n"); }
105 else DEBUG(D_expand|D_lists)
106 debug_printf_indent("compiled RE '%s' saved in local cache\n", key);
108 /* Additionally, if not re-execed and not the daemon, tell the daemon of the RE
109 so it can add to the cache */
111 if (f.daemon_scion && !f.daemon_listen)
112 regex_to_daemon(key, caseless);
117 /******************************************************************************/
119 /*************************************************
120 * Compile regular expression and panic on fail *
121 *************************************************/
123 /* This function is called when failure to compile a regular expression leads
124 to a panic exit. In other cases, pcre_compile() is called directly. In many
125 cases where this function is used, the results of the compilation are to be
126 placed in long-lived store, so we temporarily reset the store management
127 functions that PCRE uses if the use_malloc flag is set.
130 pattern the pattern to compile
132 caseless caseless matching is required
133 cacheable use (writeback) cache
134 use_malloc TRUE if compile into malloc store
136 Returns: pointer to the compiled pattern
140 regex_must_compile(const uschar * pattern, mcs_flags flags, BOOL use_malloc)
142 BOOL caseless = !!(flags & MCS_CASELESS);
144 const pcre2_code * yield;
145 int old_pool = store_pool, err;
147 /* Optionall, check the cache and return if found */
149 if ( flags & MCS_CACHEABLE
150 && (yield = regex_from_cache(pattern, caseless)))
153 store_pool = POOL_PERM;
155 if (!(yield = pcre2_compile((PCRE2_SPTR)pattern, PCRE2_ZERO_TERMINATED,
156 caseless ? PCRE_COPT|PCRE2_CASELESS : PCRE_COPT,
157 &err, &offset, use_malloc ? pcre_mlc_cmp_ctx : pcre_gen_cmp_ctx)))
160 pcre2_get_error_message(err, errbuf, sizeof(errbuf));
161 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "regular expression error: "
162 "%s at offset %ld while compiling %s", errbuf, (long)offset, pattern);
167 /*pcre2_general_context_free(gctx);*/
170 if (flags & MCS_CACHEABLE)
171 regex_to_cache(pattern, caseless, yield);
173 store_pool = old_pool;
180 /* Wrapper for pcre2_compile() and error-message handling.
182 Arguments: pattern regex to compile
184 caseless flag for match variant
185 cacheable use (writeback) cache
186 errstr on error, filled in with error message
187 cctx compile-context for pcre2
189 Return: NULL on error, with errstr set. Otherwise, the compiled RE object
193 regex_compile(const uschar * pattern, mcs_flags flags, uschar ** errstr,
194 pcre2_compile_context * cctx)
196 const uschar * key = pattern;
197 BOOL caseless = !!(flags & MCS_CASELESS);
200 const pcre2_code * yield;
201 int old_pool = store_pool;
203 /* Optionally, check the cache and return if found */
205 if ( flags & MCS_CACHEABLE
206 && (yield = regex_from_cache(key, caseless)))
209 DEBUG(D_expand|D_lists) debug_printf_indent("compiling %sRE '%s'\n",
210 caseless ? "caseless " : "", pattern);
212 store_pool = POOL_PERM;
213 if (!(yield = pcre2_compile((PCRE2_SPTR)pattern, PCRE2_ZERO_TERMINATED,
214 caseless ? PCRE_COPT|PCRE2_CASELESS : PCRE_COPT,
215 &err, &offset, cctx)))
218 pcre2_get_error_message(err, errbuf, sizeof(errbuf));
219 store_pool = old_pool;
220 *errstr = string_sprintf("regular expression error in "
221 "\"%s\": %s at offset %ld", pattern, errbuf, (long)offset);
223 else if (flags & MCS_CACHEABLE)
224 regex_to_cache(key, caseless, yield);
225 store_pool = old_pool;
232 /* Handle a regex notify arriving at the daemon. We get sent the original RE;
233 compile it (again) and write to the cache. Later forked procs will be able to
234 read from the cache, unless they re-execed. Therefore, those latter never bother
235 sending us a notification. */
238 regex_at_daemon(const uschar * reqbuf)
240 const re_req * req = (const re_req *)reqbuf;
242 const pcre2_code * cre = NULL;
244 if (regex_cachesize >= REGEX_CACHESIZE_LIMIT)
245 errstr = US"regex cache size limit reached";
246 else if ((cre = regex_compile(req->re,
247 req->caseless ? MCS_CASELESS | MCS_CACHEABLE : MCS_CACHEABLE,
248 &errstr, pcre_gen_cmp_ctx)))
251 DEBUG(D_any) if (!cre) debug_printf("%s\n", errstr);