static void
sighup_handler(int sig)
{
-sig = sig; /* Keep picky compilers happy */
sighup_seen = TRUE;
signal(SIGHUP, sighup_handler);
}
static void
main_sigchld_handler(int sig)
{
-sig = sig; /* Keep picky compilers happy */
os_non_restarting_signal(SIGCHLD, SIG_DFL);
sigchld_seen = TRUE;
}
/*************************************************
*************************************************/
+#ifndef EXIM_HAVE_ABSTRACT_UNIX_SOCKETS
+static void
+unlink_notifier_socket(void)
+{
+uschar * s = expand_string(notifier_socket);
+DEBUG(D_any) debug_printf("unlinking notifier socket %s\n", s);
+Uunlink(s);
+}
+#endif
+
+
static void
close_daemon_sockets(int daemon_notifier_fd,
int * listen_sockets, int listen_socket_count)
{
-if (daemon_notifier_fd >= 0) (void) close(daemon_notifier_fd);
+if (daemon_notifier_fd >= 0)
+ {
+ (void) close(daemon_notifier_fd);
+ daemon_notifier_fd = -1;
+#ifndef EXIM_HAVE_ABSTRACT_UNIX_SOCKETS
+ unlink_notifier_socket();
+#endif
+ }
+
for (int i = 0; i < listen_socket_count; i++) (void) close(listen_sockets[i]);
}
if (smtp_load_reserve >= 0)
{
load_average = OS_GETLOADAVG();
- if (smtp_reserve_hosts == NULL && load_average > smtp_load_reserve)
+ if (!smtp_reserve_hosts && load_average > smtp_load_reserve)
{
DEBUG(D_any) debug_printf("rejecting SMTP connection: load average = %.2f\n",
(double)load_average/1000.0);
this is in the daemon mainline, only fast expansions (such as inline address
checks) should be used. The documentation is full of warnings. */
-if (smtp_accept_max_per_host != NULL)
+if (smtp_accept_max_per_host)
{
uschar *expanded = expand_string(smtp_accept_max_per_host);
- if (expanded == NULL)
+ if (!expanded)
{
if (!f.expand_string_forcedfail)
log_write(0, LOG_MAIN|LOG_PANIC, "expansion of smtp_accept_max_per_host "
uschar *s = expanded;
while (isdigit(*s))
max_for_this_host = max_for_this_host * 10 + *s++ - '0';
- if (*s != 0)
+ if (*s)
log_write(0, LOG_MAIN|LOG_PANIC, "expansion of smtp_accept_max_per_host "
"for %s contains non-digit: %s", whofrom->s, expanded);
}
per host_address checks. Note that at this stage smtp_accept_count contains the
count of *other* connections, not including this one. */
-if ((max_for_this_host > 0) &&
- (smtp_accept_count >= max_for_this_host))
+if (max_for_this_host > 0 && smtp_accept_count >= max_for_this_host)
{
int host_accept_count = 0;
int other_host_count = 0; /* keep a count of non matches to optimise */
early, either by hitting the target, or finding there are not enough
connections left to make the target. */
- if ((host_accept_count >= max_for_this_host) ||
- ((smtp_accept_count - other_host_count) < max_for_this_host))
+ if ( host_accept_count >= max_for_this_host
+ || smtp_accept_count - other_host_count < max_for_this_host)
break;
}
log_write(L_connection_reject,
LOG_MAIN, "Connection from %s refused: too many connections "
"from that IP address", whofrom->s);
+ search_tidyup();
goto ERROR_RETURN;
}
}
{
uschar *list = hosts_connection_nolog;
memset(sender_host_cache, 0, sizeof(sender_host_cache));
- if (list != NULL && verify_check_host(&list) == OK)
+ if (list && verify_check_host(&list) == OK)
save_log_selector &= ~L_smtp_connection;
else
log_write(L_smtp_connection, LOG_MAIN, "SMTP connection from %s "
int save_debug_selector = debug_selector;
BOOL local_queue_only;
BOOL session_local_queue_only;
- #ifdef SA_NOCLDWAIT
+#ifdef SA_NOCLDWAIT
struct sigaction act;
- #endif
+#endif
smtp_accept_count++; /* So that it includes this process */
+ /* If the listen backlog was over the monitoring level, log it. */
+
+ if (smtp_listen_backlog > smtp_backlog_monitor)
+ log_write(0, LOG_MAIN, "listen backlog %d I=[%s]:%d",
+ smtp_listen_backlog, interface_address, interface_port);
+
/* May have been modified for the subprocess */
*log_selector = save_log_selector;
(void)fcntl(dup_accept_socket, F_SETFD,
fcntl(dup_accept_socket, F_GETFD) | FD_CLOEXEC);
- #ifdef SA_NOCLDWAIT
+#ifdef SA_NOCLDWAIT
act.sa_handler = SIG_IGN;
sigemptyset(&(act.sa_mask));
act.sa_flags = SA_NOCLDWAIT;
sigaction(SIGCHLD, &act, NULL);
- #else
+#else
signal(SIGCHLD, SIG_IGN);
- #endif
+#endif
signal(SIGTERM, SIG_DFL);
+ signal(SIGINT, SIG_DFL);
/* Attempt to get an id from the sending machine via the RFC 1413
protocol. We do this in the sub-process in order not to hold up the
}
if (message_id[0] == 0) continue; /* No message was accepted */
}
- else
+ else /* bad smtp_setup_msg() */
{
if (smtp_out)
{
{
pid_t dpid;
- /* Before forking, ensure that the C output buffer is flushed. Otherwise
- anything that it in it will get duplicated, leading to duplicate copies
- of the pending output. */
-
- mac_smtp_fflush();
+ /* We used to flush smtp_out before forking so that buffered data was not
+ duplicated, but now we want to pipeline the responses for data and quit.
+ Instead, hard-close the fd underlying smtp_out right after fork to discard
+ the data buffer. */
if ((dpid = exim_fork(US"daemon-accept-delivery")) == 0)
{
(void)fclose(smtp_in);
+ (void)close(fileno(smtp_out));
(void)fclose(smtp_out);
+ smtp_in = smtp_out = NULL;
/* Don't ever molest the parent's SSL connection, but do clean up
the data structures if necessary. */
signal(SIGHUP, SIG_DFL);
signal(SIGCHLD, SIG_DFL);
signal(SIGTERM, SIG_DFL);
+ signal(SIGINT, SIG_DFL);
if (geteuid() != root_uid && !deliver_drop_privilege)
{
}
-
static void
set_pid_file_path(void)
{
if (!*pid_file_path)
pid_file_path = string_sprintf("%s/exim-daemon.pid", spool_directory);
+
+if (pid_file_path[0] != '/')
+ log_write(0, LOG_PANIC_DIE, "pid file path %s must be absolute\n", pid_file_path);
}
-/* Remove the daemon's pidfile. Note: runs with root privilege,
-as a direct child of the daemon. Does not return. */
+enum pid_op { PID_WRITE, PID_CHECK, PID_DELETE };
-void
-delete_pid_file(void)
+/* Do various pid file operations as safe as possible. Ideally we'd just
+drop the privileges for creation of the pid file and not care at all about removal of
+the file. FIXME.
+Returns: true on success, false + errno==EACCES otherwise
+*/
+
+static BOOL
+operate_on_pid_file(const enum pid_op operation, const pid_t pid)
{
-uschar * daemon_pid = string_sprintf("%d\n", (int)getppid());
-FILE * f;
+char pid_line[sizeof(int) * 3 + 2];
+const int pid_len = snprintf(pid_line, sizeof(pid_line), "%d\n", (int)pid);
+BOOL lines_match = FALSE;
+uschar * path, * base, * dir;
+
+const int dir_flags = O_RDONLY | O_NONBLOCK;
+const int base_flags = O_NOFOLLOW | O_NONBLOCK;
+const mode_t base_mode = 0644;
+struct stat sb;
+int cwd_fd = -1, dir_fd = -1, base_fd = -1;
+BOOL success = FALSE;
+errno = EACCES;
set_pid_file_path();
-if ((f = Ufopen(pid_file_path, "rb")))
+if (!f.running_in_test_harness && real_uid != root_uid && real_uid != exim_uid) goto cleanup;
+if (pid_len < 2 || pid_len >= (int)sizeof(pid_line)) goto cleanup;
+
+path = string_copy(pid_file_path);
+if ((base = Ustrrchr(path, '/')) == NULL) /* should not happen, but who knows */
+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "pid file path \"%s\" does not contain a '/'", pid_file_path);
+
+dir = base != path ? path : US"/";
+*base++ = '\0';
+
+if (!dir || !*dir || *dir != '/') goto cleanup;
+if (!base || !*base || Ustrchr(base, '/') != NULL) goto cleanup;
+
+cwd_fd = open(".", dir_flags);
+if (cwd_fd < 0 || fstat(cwd_fd, &sb) != 0 || !S_ISDIR(sb.st_mode)) goto cleanup;
+dir_fd = open(CS dir, dir_flags);
+if (dir_fd < 0 || fstat(dir_fd, &sb) != 0 || !S_ISDIR(sb.st_mode)) goto cleanup;
+
+/* emulate openat */
+if (fchdir(dir_fd) != 0) goto cleanup;
+base_fd = open(CS base, O_RDONLY | base_flags);
+if (fchdir(cwd_fd) != 0)
+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "can't return to previous working dir: %s", strerror(errno));
+
+if (base_fd >= 0)
{
- if ( fgets(CS big_buffer, big_buffer_size, f)
- && Ustrcmp(daemon_pid, big_buffer) == 0
- )
- if (Uunlink(pid_file_path) == 0)
+ char line[sizeof(pid_line)];
+ ssize_t len = -1;
+
+ if (fstat(base_fd, &sb) != 0 || !S_ISREG(sb.st_mode)) goto cleanup;
+ if ((sb.st_mode & 07777) != base_mode || sb.st_nlink != 1) goto cleanup;
+ if (sb.st_size < 2 || sb.st_size >= (off_t)sizeof(line)) goto cleanup;
+
+ len = read(base_fd, line, sizeof(line));
+ if (len != (ssize_t)sb.st_size) goto cleanup;
+ line[len] = '\0';
+
+ if (strspn(line, "0123456789") != (size_t)len-1) goto cleanup;
+ if (line[len-1] != '\n') goto cleanup;
+ lines_match = len == pid_len && strcmp(line, pid_line) == 0;
+ }
+
+if (operation == PID_WRITE)
+ {
+ if (!lines_match)
+ {
+ if (base_fd >= 0)
{
- DEBUG(D_any)
- debug_printf("%s unlink: %s\n", pid_file_path, strerror(errno));
- }
- else
- DEBUG(D_any)
- debug_printf("unlinked %s\n", pid_file_path);
- fclose(f);
+ int error = -1;
+ /* emulate unlinkat */
+ if (fchdir(dir_fd) != 0) goto cleanup;
+ error = unlink(CS base);
+ if (fchdir(cwd_fd) != 0)
+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "can't return to previous working dir: %s", strerror(errno));
+ if (error) goto cleanup;
+ (void)close(base_fd);
+ base_fd = -1;
+ }
+ /* emulate openat */
+ if (fchdir(dir_fd) != 0) goto cleanup;
+ base_fd = open(CS base, O_WRONLY | O_CREAT | O_EXCL | base_flags, base_mode);
+ if (fchdir(cwd_fd) != 0)
+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "can't return to previous working dir: %s", strerror(errno));
+ if (base_fd < 0) goto cleanup;
+ if (fchmod(base_fd, base_mode) != 0) goto cleanup;
+ if (write(base_fd, pid_line, pid_len) != pid_len) goto cleanup;
+ DEBUG(D_any) debug_printf("pid written to %s\n", pid_file_path);
+ }
}
else
- DEBUG(D_any)
- debug_printf("%s\n", string_open_failed(errno, "pid file %s",
- pid_file_path));
+ {
+ if (!lines_match) goto cleanup;
+ if (operation == PID_DELETE)
+ {
+ int error = -1;
+ /* emulate unlinkat */
+ if (fchdir(dir_fd) != 0) goto cleanup;
+ error = unlink(CS base);
+ if (fchdir(cwd_fd) != 0)
+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "can't return to previous working dir: %s", strerror(errno));
+ if (error) goto cleanup;
+ }
+ }
+
+success = TRUE;
+errno = 0;
+
+cleanup:
+if (cwd_fd >= 0) (void)close(cwd_fd);
+if (dir_fd >= 0) (void)close(dir_fd);
+if (base_fd >= 0) (void)close(base_fd);
+return success;
+}
+
+
+/* Remove the daemon's pidfile. Note: runs with root privilege,
+as a direct child of the daemon. Does not return. */
+
+void
+delete_pid_file(void)
+{
+const BOOL success = operate_on_pid_file(PID_DELETE, getppid());
+
+DEBUG(D_any)
+ debug_printf("delete pid file %s %s: %s\n", pid_file_path,
+ success ? "success" : "failure", strerror(errno));
+
exim_exit(EXIT_SUCCESS);
}
{
int pid;
+DEBUG(D_any) debug_printf("SIGTERM/SIGINT seen\n");
+#if !defined(DISABLE_TLS) && (defined(EXIM_HAVE_INOTIFY) || defined(EXIM_HAVE_KEVENT))
+tls_watch_invalidate();
+#endif
+
if (daemon_notifier_fd >= 0)
{
close(daemon_notifier_fd);
daemon_notifier_fd = -1;
#ifndef EXIM_HAVE_ABSTRACT_UNIX_SOCKETS
- {
- uschar * s = expand_string(notifier_socket);
- DEBUG(D_any) debug_printf("unlinking notifier socket %s\n", s);
- Uunlink(s);
- }
+ unlink_notifier_socket();
#endif
}
struct sockaddr_un sa_un = {.sun_family = AF_UNIX};
int len;
+if (!notifier_socket || !*notifier_socket)
+ {
+ DEBUG(D_any) debug_printf("-oY used so not creating notifier socket\n");
+ return;
+ }
if (override_local_interfaces && !override_pid_file_path)
{
DEBUG(D_any)
DEBUG(D_any) debug_printf(" @%s\n", sa_un.sun_path+1);
#else /* filesystem-visible and persistent; will neeed removal */
len = offsetof(struct sockaddr_un, sun_path)
- + snprintf(sa_un.sun_path, sizeof(sa_un.sun_path), "%s",
+ + snprintf(sa_un.sun_path, sizeof(sa_un.sun_path), "%s",
expand_string(notifier_socket));
DEBUG(D_any) debug_printf(" %s\n", sa_un.sun_path);
#endif
buf[sz] = 0;
switch (buf[0])
{
-#ifdef EXPERIMENTAL_QUEUE_RAMP
+#ifndef DISABLE_QUEUE_RAMP
case NOTIFY_MSG_QRUN:
/* this should be a message_id */
DEBUG(D_queue_run)
debug_printf("%s: qrunner trigger: %s\n", __FUNCTION__, buf+1);
memcpy(queuerun_msgid, buf+1, MESSAGE_ID_LENGTH+1);
return TRUE;
-#endif /*EXPERIMENTAL_QUEUE_RAMP*/
+#endif
case NOTIFY_QUEUE_SIZE_REQ:
{
}
+
+
+static void
+add_listener_socket(int fd, fd_set * fds, int * fd_max)
+{
+FD_SET(fd, fds);
+if (fd > *fd_max) *fd_max = fd;
+}
+
/*************************************************
* Exim Daemon Mainline *
*************************************************/
void
daemon_go(void)
{
-struct passwd *pw;
-int *listen_sockets = NULL;
-int listen_socket_count = 0;
-ip_address_item *addresses = NULL;
+struct passwd * pw;
+int * listen_sockets = NULL;
+int listen_socket_count = 0, listen_fd_max = 0;
+fd_set select_listen;
+ip_address_item * addresses = NULL;
time_t last_connection_time = (time_t)0;
int local_queue_run_max = atoi(CS expand_string(queue_run_max));
DEBUG(D_any|D_v) debug_selector |= D_pid;
+FD_ZERO(&select_listen);
if (f.inetd_wait_mode)
{
listen_socket_count = 1;
if (setsockopt(3, IPPROTO_TCP, TCP_NODELAY, US &on, sizeof(on)))
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to set socket NODELAY: %s",
strerror(errno));
+
+ FD_SET(3, &select_listen);
+ listen_fd_max = 3;
}
for those OS for which this is necessary the first time it is called (in
order to perform an "open" on the kernel memory file). */
- #ifdef LOAD_AVG_NEEDS_ROOT
+#ifdef LOAD_AVG_NEEDS_ROOT
if (queue_only_load >= 0 || smtp_load_reserve >= 0 ||
(deliver_queue_load_max >= 0 && deliver_drop_privilege))
(void)os_getloadavg();
- #endif
+#endif
}
list = tls_in.on_connect_ports;
sep = 0;
+ /* the list isn't expanded so cannot be tainted. If it ever is we will trap here */
while ((s = string_nextinlist(&list, &sep, big_buffer, big_buffer_size)))
if (!isdigit(*s))
{
for (ipa = addresses, sk = 0; sk < listen_socket_count; ipa = ipa->next, sk++)
{
BOOL wildcard;
- ip_address_item *ipa2;
- int af;
+ ip_address_item * ipa2;
+ int fd, af;
if (Ustrchr(ipa->address, ':') != NULL)
{
wildcard = ipa->address[0] == 0;
}
- if ((listen_sockets[sk] = ip_socket(SOCK_STREAM, af)) < 0)
+ if ((listen_sockets[sk] = fd = ip_socket(SOCK_STREAM, af)) < 0)
{
if (check_special_case(0, addresses, ipa, FALSE))
{
#ifdef IPV6_V6ONLY
if (af == AF_INET6 && wildcard &&
- setsockopt(listen_sockets[sk], IPPROTO_IPV6, IPV6_V6ONLY, CS (&on),
- sizeof(on)) < 0)
+ setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0)
log_write(0, LOG_MAIN, "Setting IPV6_V6ONLY on daemon's IPv6 wildcard "
"socket failed (%s): carrying on without it", strerror(errno));
#endif /* IPV6_V6ONLY */
is being handled. Without this, a connection will prevent reuse of the
smtp port for listening. */
- if (setsockopt(listen_sockets[sk], SOL_SOCKET, SO_REUSEADDR,
- US (&on), sizeof(on)) < 0)
+ if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0)
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "setting SO_REUSEADDR on socket "
"failed when starting daemon: %s", strerror(errno));
/* Set TCP_NODELAY; Exim does its own buffering. There is a switch to
disable this because it breaks some broken clients. */
- if (tcp_nodelay) setsockopt(listen_sockets[sk], IPPROTO_TCP, TCP_NODELAY,
- US (&on), sizeof(on));
+ if (tcp_nodelay) setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on));
/* Now bind the socket to the required port; if Exim is being restarted
it may not always be possible to bind immediately, even with SO_REUSEADDR
for(;;)
{
uschar *msg, *addr;
- if (ip_bind(listen_sockets[sk], af, ipa->address, ipa->port) >= 0) break;
+ if (ip_bind(fd, af, ipa->address, ipa->port) >= 0) break;
if (check_special_case(errno, addresses, ipa, TRUE))
{
DEBUG(D_any) debug_printf("wildcard IPv4 bind() failed after IPv6 "
"listen() success; EADDRINUSE ignored\n");
- (void)close(listen_sockets[sk]);
+ (void)close(fd);
goto SKIP_SOCKET;
}
msg = US strerror(errno);
else
debug_printf("listening on %s port %d\n", ipa->address, ipa->port);
+ /* Start listening on the bound socket, establishing the maximum backlog of
+ connections that is allowed. On success, add to the set of sockets for select
+ and continue to the next address. */
+
#if defined(TCP_FASTOPEN) && !defined(__APPLE__)
if ( f.tcp_fastopen_ok
- && setsockopt(listen_sockets[sk], IPPROTO_TCP, TCP_FASTOPEN,
+ && setsockopt(fd, IPPROTO_TCP, TCP_FASTOPEN,
&smtp_connect_backlog, sizeof(smtp_connect_backlog)))
{
DEBUG(D_any) debug_printf("setsockopt FASTOPEN: %s\n", strerror(errno));
f.tcp_fastopen_ok = FALSE;
}
#endif
-
- /* Start listening on the bound socket, establishing the maximum backlog of
- connections that is allowed. On success, continue to the next address. */
-
- if (listen(listen_sockets[sk], smtp_connect_backlog) >= 0)
+ if (listen(fd, smtp_connect_backlog) >= 0)
{
#if defined(TCP_FASTOPEN) && defined(__APPLE__)
if ( f.tcp_fastopen_ok
- && setsockopt(listen_sockets[sk], IPPROTO_TCP, TCP_FASTOPEN,
- &on, sizeof(on)))
+ && setsockopt(fd, IPPROTO_TCP, TCP_FASTOPEN, &on, sizeof(on)))
{
DEBUG(D_any) debug_printf("setsockopt FASTOPEN: %s\n", strerror(errno));
f.tcp_fastopen_ok = FALSE;
}
#endif
+
+ add_listener_socket(fd, &select_listen, &listen_fd_max);
continue;
}
DEBUG(D_any) debug_printf("wildcard IPv4 listen() failed after IPv6 "
"listen() success; EADDRINUSE ignored\n");
- (void)close(listen_sockets[sk]);
+ (void)close(fd);
/* Come here if there has been a problem with the socket which we
are going to ignore. We remove the address from the chain, and back up the
if (f.running_in_test_harness || write_pid)
{
- FILE *f;
-
- set_pid_file_path();
- if ((f = modefopen(pid_file_path, "wb", 0644)))
- {
- (void)fprintf(f, "%d\n", (int)getpid());
- (void)fclose(f);
- DEBUG(D_any) debug_printf("pid written to %s\n", pid_file_path);
- }
- else
- DEBUG(D_any)
- debug_printf("%s\n", string_open_failed(errno, "pid file %s",
- pid_file_path));
+ const enum pid_op operation = (f.running_in_test_harness
+ || real_uid == root_uid
+ || (real_uid == exim_uid && !override_pid_file_path)) ? PID_WRITE : PID_CHECK;
+ if (!operate_on_pid_file(operation, getpid()))
+ DEBUG(D_any) debug_printf("%s pid file %s: %s\n", (operation == PID_WRITE) ? "write" : "check", pid_file_path, strerror(errno));
}
/* Set up the handler for SIGHUP, which causes a restart of the daemon. */
sigterm_seen = FALSE;
os_non_restarting_signal(SIGTERM, main_sigterm_handler);
+os_non_restarting_signal(SIGINT, main_sigterm_handler);
/* If we are to run the queue periodically, pretend the alarm has just gone
off. This will cause the first queue-runner to get kicked off straight away. */
#ifdef SUPPORT_SPF
spf_init();
#endif
+#ifndef DISABLE_TLS
+tls_daemon_init();
+#endif
+
+/* Add ancillary sockets to the set for select */
+
+#ifndef DISABLE_TLS
+if (tls_watch_fd >= 0)
+ add_listener_socket(tls_watch_fd, &select_listen, &listen_fd_max);
+#endif
+if (daemon_notifier_fd >= 0)
+ add_listener_socket(daemon_notifier_fd, &select_listen, &listen_fd_max);
+
+listen_fd_max++;
/* Close the log so it can be renamed and moved. In the few cases below where
this long-running process writes to the log (always exceptional conditions), it
for (;;)
{
- #if HAVE_IPV6
- struct sockaddr_in6 accepted;
- #else
- struct sockaddr_in accepted;
- #endif
-
- EXIM_SOCKLEN_T len;
pid_t pid;
if (sigterm_seen)
else
{
DEBUG(D_any) debug_printf("%s received\n",
-#ifdef EXPERIMENTAL_QUEUE_RAMP
+#ifndef DISABLE_QUEUE_RAMP
*queuerun_msgid ? "qrun notification" :
#endif
"SIGALRM");
signal(SIGHUP, SIG_DFL);
signal(SIGCHLD, SIG_DFL);
signal(SIGTERM, SIG_DFL);
+ signal(SIGINT, SIG_DFL);
/* Re-exec if privilege has been given up, unless deliver_drop_
privilege is set. Reset SIGALRM before exec(). */
*p++ = '-';
*p++ = 'q';
if ( f.queue_2stage
-#ifdef EXPERIMENTAL_QUEUE_RAMP
+#ifndef DISABLE_QUEUE_RAMP
&& !*queuerun_msgid
#endif
) *p++ = 'q';
extra[0] = *queue_name
? string_sprintf("%sG%s", opt, queue_name) : opt;
-#ifdef EXPERIMENTAL_QUEUE_RAMP
+#ifndef DISABLE_QUEUE_RAMP
if (*queuerun_msgid)
{
log_write(0, LOG_MAIN, "notify triggered queue run");
/* No need to re-exec; SIGALRM remains set to the default handler */
-#ifdef EXPERIMENTAL_QUEUE_RAMP
+#ifndef DISABLE_QUEUE_RAMP
if (*queuerun_msgid)
{
log_write(0, LOG_MAIN, "notify triggered queue run");
/* Reset the alarm clock */
sigalrm_seen = FALSE;
-#ifdef EXPERIMENTAL_QUEUE_RAMP
+#ifndef DISABLE_QUEUE_RAMP
if (*queuerun_msgid)
*queuerun_msgid = 0;
else
if (f.daemon_listen)
{
- int lcount, select_errno;
- int max_socket = 0;
+ int check_lsk = 0, lcount;
BOOL select_failed = FALSE;
- fd_set select_listen;
-
- FD_ZERO(&select_listen);
- if (daemon_notifier_fd >= 0)
- FD_SET(daemon_notifier_fd, &select_listen);
- for (int sk = 0; sk < listen_socket_count; sk++)
- {
- FD_SET(listen_sockets[sk], &select_listen);
- if (listen_sockets[sk] > max_socket) max_socket = listen_sockets[sk];
- }
+ fd_set fds = select_listen;
DEBUG(D_any) debug_printf("Listening...\n");
errno = EINTR;
}
else
- lcount = select(max_socket + 1, (SELECT_ARG2_TYPE *)&select_listen,
+ lcount = select(listen_fd_max, (SELECT_ARG2_TYPE *)&fds,
NULL, NULL, NULL);
if (lcount < 0)
old one had just finished. Preserve the errno from any select() failure for
the use of the common select/accept error processing below. */
- select_errno = errno;
- handle_ending_processes();
- errno = select_errno;
+ {
+ int select_errno = errno;
+ handle_ending_processes();
#ifndef DISABLE_TLS
- /* Create or rotate any required keys */
- tls_daemon_init();
+ /* Create or rotate any required keys; handle (delayed) filewatch event */
+ tls_daemon_tick();
#endif
+ errno = select_errno;
+ }
/* Loop for all the sockets that are currently ready to go. If select
actually failed, we have set the count to 1 and select_failed=TRUE, so as
while (lcount-- > 0)
{
int accept_socket = -1;
+#if HAVE_IPV6
+ struct sockaddr_in6 accepted;
+#else
+ struct sockaddr_in accepted;
+#endif
if (!select_failed)
{
- if ( daemon_notifier_fd >= 0
- && FD_ISSET(daemon_notifier_fd, &select_listen))
+#if !defined(DISABLE_TLS) && (defined(EXIM_HAVE_INOTIFY) || defined(EXIM_HAVE_KEVENT))
+ if (tls_watch_fd >= 0 && FD_ISSET(tls_watch_fd, &fds))
+ {
+ tls_watch_trigger_time = time(NULL); /* Set up delayed event */
+ tls_watch_discard_event(tls_watch_fd);
+ break; /* to top of daemon loop */
+ }
+#endif
+ if (daemon_notifier_fd >= 0 && FD_ISSET(daemon_notifier_fd, &fds))
{
- FD_CLR(daemon_notifier_fd, &select_listen);
sigalrm_seen = daemon_notification();
break; /* to top of daemon loop */
}
- for (int sk = 0; sk < listen_socket_count; sk++)
- if (FD_ISSET(listen_sockets[sk], &select_listen))
+ while (check_lsk < listen_socket_count)
+ {
+ int lfd = listen_sockets[check_lsk++];
+ if (FD_ISSET(lfd, &fds))
{
- len = sizeof(accepted);
- accept_socket = accept(listen_sockets[sk],
- (struct sockaddr *)&accepted, &len);
- FD_CLR(listen_sockets[sk], &select_listen);
+ EXIM_SOCKLEN_T alen = sizeof(accepted);
+#ifdef TCP_INFO
+ struct tcp_info ti;
+ socklen_t tlen = sizeof(ti);
+
+ /* If monitoring the backlog is wanted, grab for later logging */
+
+ smtp_listen_backlog = 0;
+ if ( smtp_backlog_monitor > 0
+ && getsockopt(lfd, IPPROTO_TCP, TCP_INFO, &ti, &tlen) == 0)
+ {
+# ifdef EXIM_HAVE_TCPI_UNACKED
+ DEBUG(D_interface) debug_printf("listen fd %d queue max %u curr %u\n",
+ lfd, ti.tcpi_sacked, ti.tcpi_unacked);
+ smtp_listen_backlog = ti.tcpi_unacked;
+# elif defined(__FreeBSD__) /* This does not work. Investigate kernel sourcecode. */
+ DEBUG(D_interface) debug_printf("listen fd %d queue max %u curr %u\n",
+ lfd, ti.__tcpi_sacked, ti.__tcpi_unacked);
+ smtp_listen_backlog = ti.__tcpi_unacked;
+# endif
+ }
+#endif
+ accept_socket = accept(lfd, (struct sockaddr *)&accepted, &alen);
break;
}
+ }
}
/* If select or accept has failed and this was not caused by an
accept_retry_errno = errno;
accept_retry_select_failed = select_failed;
}
- else
- {
- if (errno != accept_retry_errno ||
- select_failed != accept_retry_select_failed ||
- accept_retry_count >= 50)
- {
- log_write(0, LOG_MAIN | ((accept_retry_count >= 50)? LOG_PANIC : 0),
- "%d %s() failure%s: %s",
- accept_retry_count,
- accept_retry_select_failed? "select" : "accept",
- (accept_retry_count == 1)? "" : "s",
- strerror(accept_retry_errno));
- log_close_all();
- accept_retry_count = 0;
- accept_retry_errno = errno;
- accept_retry_select_failed = select_failed;
- }
- }
+ else if ( errno != accept_retry_errno
+ || select_failed != accept_retry_select_failed
+ || accept_retry_count >= 50)
+ {
+ log_write(0, LOG_MAIN | (accept_retry_count >= 50 ? LOG_PANIC : 0),
+ "%d %s() failure%s: %s",
+ accept_retry_count,
+ accept_retry_select_failed ? "select" : "accept",
+ accept_retry_count == 1 ? "" : "s",
+ strerror(accept_retry_errno));
+ log_close_all();
+ accept_retry_count = 0;
+ accept_retry_errno = errno;
+ accept_retry_select_failed = select_failed;
+ }
accept_retry_count++;
}
-
- else
- {
- if (accept_retry_count > 0)
- {
- log_write(0, LOG_MAIN, "%d %s() failure%s: %s",
- accept_retry_count,
- accept_retry_select_failed? "select" : "accept",
- (accept_retry_count == 1)? "" : "s",
- strerror(accept_retry_errno));
- log_close_all();
- accept_retry_count = 0;
- }
- }
+ else if (accept_retry_count > 0)
+ {
+ log_write(0, LOG_MAIN, "%d %s() failure%s: %s",
+ accept_retry_count,
+ accept_retry_select_failed ? "select" : "accept",
+ accept_retry_count == 1 ? "" : "s",
+ strerror(accept_retry_errno));
+ log_close_all();
+ accept_retry_count = 0;
+ }
/* If select/accept succeeded, deal with the connection. */
if (accept_socket >= 0)
{
+#ifdef TCP_QUICKACK /* Avoid pure-ACKs while in tls protocol pingpong phase */
+ /* Unfortunately we cannot be certain to do this before a TLS-on-connect
+ Client Hello arrives and is acked. We do it as early as possible. */
+ (void) setsockopt(accept_socket, IPPROTO_TCP, TCP_QUICKACK, US &off, sizeof(off));
+#endif
if (inetd_wait_timeout)
last_connection_time = time(NULL);
handle_smtp_call(listen_sockets, listen_socket_count, accept_socket,
git://git.exim.org / exim.git / blobdiff