X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/b2bcdd35f0923e96b717d035e9d991b50a38eb50..17ba0f52b8df4e6ece849deac1b9d6b88bdc26c6:/src/src/daemon.c diff --git a/src/src/daemon.c b/src/src/daemon.c index 37fefd4b1..61371f592 100644 --- a/src/src/daemon.c +++ b/src/src/daemon.c @@ -2,7 +2,7 @@ * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2017 */ +/* Copyright (c) University of Cambridge 1995 - 2018 */ /* See the file NOTICE for conditions of use and distribution. */ /* Functions concerned with running Exim as a daemon */ @@ -31,6 +31,7 @@ static smtp_slot empty_smtp_slot = { .pid = 0, .host_address = NULL }; static SIGNAL_BOOL sigchld_seen; static SIGNAL_BOOL sighup_seen; +static SIGNAL_BOOL sigterm_seen; static int accept_retry_count = 0; static int accept_retry_errno; @@ -87,6 +88,16 @@ sigchld_seen = TRUE; } +/* SIGTERM handler. Try to get the damon pif file removed +before exiting. */ + +static void +main_sigterm_handler(int sig) +{ +sigterm_seen = TRUE; +} + + /************************************************* @@ -106,10 +117,10 @@ Returns: nothing static void never_error(uschar *log_msg, uschar *smtp_msg, int was_errno) { -uschar *emsg = (was_errno <= 0)? US"" : - string_sprintf(": %s", strerror(was_errno)); +uschar *emsg = was_errno <= 0 + ? US"" : string_sprintf(": %s", strerror(was_errno)); log_write(0, LOG_MAIN|LOG_PANIC, "%s%s", log_msg, emsg); -if (smtp_out != NULL) smtp_printf("421 %s\r\n", FALSE, smtp_msg); +if (smtp_out) smtp_printf("421 %s\r\n", FALSE, smtp_msg); } @@ -146,7 +157,7 @@ int max_for_this_host = 0; int save_log_selector = *log_selector; gstring * whofrom; -void *reset_point = store_get(0); +rmark reset_point = store_mark(); /* Make the address available in ASCII representation, and also fish out the remote port. */ @@ -202,11 +213,11 @@ memory is reclaimed. */ whofrom = string_append(NULL, 3, "[", sender_host_address, "]"); if (LOGGING(incoming_port)) - whofrom = string_append(whofrom, 2, ":", string_sprintf("%d", sender_host_port)); + whofrom = string_fmt_append(whofrom, ":%d", sender_host_port); if (LOGGING(incoming_interface)) - whofrom = string_append(whofrom, 4, " I=[", - interface_address, "]:", string_sprintf("%d", interface_port)); + whofrom = string_fmt_append(whofrom, " I=[%s]:%d", + interface_address, interface_port); (void) string_from_gstring(whofrom); /* Terminate the newly-built string */ @@ -259,7 +270,7 @@ if (smtp_accept_max_per_host != NULL) uschar *expanded = expand_string(smtp_accept_max_per_host); if (expanded == NULL) { - if (!expand_string_forcedfail) + if (!f.expand_string_forcedfail) log_write(0, LOG_MAIN|LOG_PANIC, "expansion of smtp_accept_max_per_host " "failed for %s: %s", whofrom->s, expand_string_message); } @@ -282,11 +293,10 @@ count of *other* connections, not including this one. */ if ((max_for_this_host > 0) && (smtp_accept_count >= max_for_this_host)) { - int i; int host_accept_count = 0; int other_host_count = 0; /* keep a count of non matches to optimise */ - for (i = 0; i < smtp_accept_max; ++i) + for (int i = 0; i < smtp_accept_max; ++i) if (smtp_slots[i].host_address) { if (Ustrcmp(sender_host_address, smtp_slots[i].host_address) == 0) @@ -387,7 +397,7 @@ if (pid == 0) uschar * nah = expand_string(raw_active_hostname); if (!nah) { - if (!expand_string_forcedfail) + if (!f.expand_string_forcedfail) { log_write(0, LOG_MAIN|LOG_PANIC, "failed to expand \"%s\" " "(smtp_active_hostname): %s", raw_active_hostname, @@ -396,7 +406,7 @@ if (pid == 0) "please try again later.\r\n", FALSE); mac_smtp_fflush(); search_tidyup(); - _exit(EXIT_FAILURE); + exim_underbar_exit(EXIT_FAILURE); } } else if (*nah) smtp_active_hostname = nah; @@ -431,6 +441,7 @@ if (pid == 0) #else signal(SIGCHLD, SIG_IGN); #endif + signal(SIGTERM, SIG_DFL); /* Attempt to get an id from the sending machine via the RFC 1413 protocol. We do this in the sub-process in order not to hold up the @@ -441,7 +452,7 @@ if (pid == 0) finding the id, but turn it on again afterwards so that information about the incoming connection is output. */ - if (debug_daemon) debug_selector = 0; + if (f.debug_daemon) debug_selector = 0; verify_get_ident(IDENT_PORT); host_build_sender_fullhost(); debug_selector = save_debug_selector; @@ -453,7 +464,7 @@ if (pid == 0) /* Now disable debugging permanently if it's required only for the daemon process. */ - if (debug_daemon) debug_selector = 0; + if (f.debug_daemon) debug_selector = 0; /* If there are too many child processes for immediate delivery, set the session_local_queue_only flag, which is initialized from the @@ -482,14 +493,14 @@ if (pid == 0) { mac_smtp_fflush(); search_tidyup(); - _exit(EXIT_SUCCESS); + exim_underbar_exit(EXIT_SUCCESS); } for (;;) { int rc; message_id[0] = 0; /* Clear out any previous message_id */ - reset_point = store_get(0); /* Save current store high water point */ + reset_point = store_mark(); /* Save current store high water point */ DEBUG(D_any) debug_printf("Process %d is ready for new message\n", (int)getpid()); @@ -510,7 +521,7 @@ if (pid == 0) cancel_cutthrough_connection(TRUE, US"receive dropped"); mac_smtp_fflush(); smtp_log_no_mail(); /* Log no mail if configured */ - _exit(EXIT_SUCCESS); + exim_underbar_exit(EXIT_SUCCESS); } if (message_id[0] == 0) continue; /* No message was accepted */ } @@ -518,13 +529,13 @@ if (pid == 0) { if (smtp_out) { - int i, fd = fileno(smtp_in); + int fd = fileno(smtp_in); uschar buf[128]; mac_smtp_fflush(); /* drain socket, for clean TCP FINs */ if (fcntl(fd, F_SETFL, O_NONBLOCK) == 0) - for(i = 16; read(fd, buf, sizeof(buf)) > 0 && i > 0; ) i--; + for(int i = 16; read(fd, buf, sizeof(buf)) > 0 && i > 0; ) i--; } cancel_cutthrough_connection(TRUE, US"message setup dropped"); search_tidyup(); @@ -533,20 +544,19 @@ if (pid == 0) /*XXX should we pause briefly, hoping that the client will be the active TCP closer hence get the TCP_WAIT endpoint? */ DEBUG(D_receive) debug_printf("SMTP>>(close on process exit)\n"); - _exit(rc ? EXIT_FAILURE : EXIT_SUCCESS); + exim_underbar_exit(rc ? EXIT_FAILURE : EXIT_SUCCESS); } /* Show the recipients when debugging */ DEBUG(D_receive) { - int i; if (sender_address) debug_printf("Sender: %s\n", sender_address); if (recipients_list) { debug_printf("Recipients:\n"); - for (i = 0; i < recipients_count; i++) + for (int i = 0; i < recipients_count; i++) debug_printf(" %s\n", recipients_list[i].address); } } @@ -563,18 +573,14 @@ if (pid == 0) /* Reclaim up the store used in accepting this message */ - return_path = sender_address = NULL; - authenticated_sender = NULL; - sending_ip_address = NULL; - deliver_host_address = deliver_host = - deliver_domain_orig = deliver_localpart_orig = NULL; - dnslist_domain = dnslist_matched = NULL; - callout_address = NULL; -#ifndef DISABLE_DKIM - dkim_cur_signer = NULL; -#endif - acl_var_m = NULL; - store_reset(reset_point); + { + int r = receive_messagecount; + BOOL q = f.queue_only_policy; + smtp_reset(reset_point); + reset_point = NULL; + f.queue_only_policy = q; + receive_messagecount = r; + } /* If queue_only is set or if there are too many incoming connections in existence, session_local_queue_only will be TRUE. If it is not, check @@ -634,7 +640,7 @@ if (pid == 0) If we are not root, we have to re-exec exim unless deliveries are being done unprivileged. */ - else if (!queue_only_policy && !deliver_freeze) + else if (!f.queue_only_policy && !f.deliver_freeze) { pid_t dpid; @@ -652,14 +658,15 @@ if (pid == 0) /* Don't ever molest the parent's SSL connection, but do clean up the data structures if necessary. */ -#ifdef SUPPORT_TLS - tls_close(TRUE, FALSE); +#ifndef DISABLE_TLS + tls_close(NULL, TLS_NO_SHUTDOWN); #endif /* Reset SIGHUP and SIGCHLD in the child in both cases. */ signal(SIGHUP, SIG_DFL); signal(SIGCHLD, SIG_DFL); + signal(SIGTERM, SIG_DFL); if (geteuid() != root_uid && !deliver_drop_privilege) { @@ -672,7 +679,7 @@ if (pid == 0) (void) deliver_message(message_id, FALSE, FALSE); search_tidyup(); - _exit(EXIT_SUCCESS); + exim_underbar_exit(EXIT_SUCCESS); } if (dpid > 0) @@ -699,18 +706,18 @@ if (pid < 0) never_error(US"daemon: accept process fork failed", US"Fork failed", errno); else { - int i; - for (i = 0; i < smtp_accept_max; ++i) + for (int i = 0; i < smtp_accept_max; ++i) if (smtp_slots[i].pid <= 0) { smtp_slots[i].pid = pid; - if (smtp_accept_max_per_host != NULL) + /* Connection closes come asyncronously, so we cannot stack this store */ + if (smtp_accept_max_per_host) smtp_slots[i].host_address = string_copy_malloc(sender_host_address); smtp_accept_count++; break; } DEBUG(D_any) debug_printf("%d SMTP accept process%s running\n", - smtp_accept_count, (smtp_accept_count == 1)? "" : "es"); + smtp_accept_count, smtp_accept_count == 1 ? "" : "es"); } /* Get here via goto in error cases */ @@ -841,7 +848,6 @@ pid_t pid; while ((pid = waitpid(-1, &status, WNOHANG)) > 0) { - int i; DEBUG(D_any) { debug_printf("child %d ended: status=0x%x\n", (int)pid, status); @@ -859,6 +865,7 @@ while ((pid = waitpid(-1, &status, WNOHANG)) > 0) if (smtp_slots) { + int i; for (i = 0; i < smtp_accept_max; i++) if (smtp_slots[i].pid == pid) { @@ -879,7 +886,7 @@ while ((pid = waitpid(-1, &status, WNOHANG)) > 0) if (queue_pid_slots) { int max = atoi(CS expand_string(queue_run_max)); - for (i = 0; i < max; i++) + for (int i = 0; i < max; i++) if (queue_pid_slots[i] == pid) { queue_pid_slots[i] = 0; @@ -894,6 +901,77 @@ while ((pid = waitpid(-1, &status, WNOHANG)) > 0) +static void +set_pid_file_path(void) +{ +if (override_pid_file_path) + pid_file_path = override_pid_file_path; + +if (!*pid_file_path) + pid_file_path = string_sprintf("%s/exim-daemon.pid", spool_directory); +} + + +/* Remove the daemon's pidfile. Note: runs with root privilege, +as a direct child of the daemon. Does not return. */ + +void +delete_pid_file(void) +{ +uschar * daemon_pid = string_sprintf("%d\n", (int)getppid()); +FILE * f; + +set_pid_file_path(); +if ((f = Ufopen(pid_file_path, "rb"))) + { + if ( fgets(CS big_buffer, big_buffer_size, f) + && Ustrcmp(daemon_pid, big_buffer) == 0 + ) + if (Uunlink(pid_file_path) == 0) + { + DEBUG(D_any) + debug_printf("%s unlink: %s\n", pid_file_path, strerror(errno)); + } + else + DEBUG(D_any) + debug_printf("unlinked %s\n", pid_file_path); + fclose(f); + } +else + DEBUG(D_any) + debug_printf("%s\n", string_open_failed(errno, "pid file %s", + pid_file_path)); +exim_exit(EXIT_SUCCESS, US"pid file remover"); +} + + +/* Called by the daemon; exec a child to get the pid file deleted +since we may require privs for the containing directory */ + +static void +daemon_die(void) +{ +int pid; + +if (f.running_in_test_harness || write_pid) + { + if ((pid = fork()) == 0) + { + if (override_pid_file_path) + (void)child_exec_exim(CEE_EXEC_PANIC, FALSE, NULL, FALSE, 3, + "-oP", override_pid_file_path, "-oPX"); + else + (void)child_exec_exim(CEE_EXEC_PANIC, FALSE, NULL, FALSE, 1, "-oPX"); + + /* Control never returns here. */ + } + if (pid > 0) + child_close(pid, 1); + } +exim_exit(EXIT_SUCCESS, US"daemon"); +} + + /************************************************* * Exim Daemon Mainline * *************************************************/ @@ -932,10 +1010,10 @@ debugging lines get the pid added. */ DEBUG(D_any|D_v) debug_selector |= D_pid; -if (inetd_wait_mode) +if (f.inetd_wait_mode) { listen_socket_count = 1; - listen_sockets = store_get(sizeof(int)); + listen_sockets = store_get(sizeof(int), FALSE); (void) close(3); if (dup2(0, 3) == -1) log_write(0, LOG_MAIN|LOG_PANIC_DIE, @@ -971,7 +1049,7 @@ if (inetd_wait_mode) } -if (inetd_wait_mode || daemon_listen) +if (f.inetd_wait_mode || f.daemon_listen) { /* If any option requiring a load average to be available during the reception of a message is set, call os_getloadavg() while we are root @@ -1053,7 +1131,7 @@ The preparation code decodes options and sets up the relevant data. We do this first, so that we can return non-zero if there are any syntax errors, and also write to stderr. */ -if (daemon_listen && !inetd_wait_mode) +if (f.daemon_listen && !f.inetd_wait_mode) { int *default_smtp_port; int sep; @@ -1074,19 +1152,14 @@ if (daemon_listen && !inetd_wait_mode) gstring * new_smtp_port = NULL; gstring * new_local_interfaces = NULL; - if (override_pid_file_path == NULL) write_pid = FALSE; + if (!override_pid_file_path) write_pid = FALSE; list = override_local_interfaces; sep = 0; while ((s = string_nextinlist(&list, &sep, big_buffer, big_buffer_size))) { uschar joinstr[4]; - gstring ** gp; - - if (Ustrpbrk(s, ".:") == NULL) - gp = &new_smtp_port; - else - gp = &new_local_interfaces; + gstring ** gp = Ustrpbrk(s, ".:") ? &new_local_interfaces : &new_smtp_port; if (!*gp) { @@ -1123,7 +1196,7 @@ if (daemon_listen && !inetd_wait_mode) sep = 0; while ((s = string_nextinlist(&list, &sep, big_buffer, big_buffer_size))) pct++; - default_smtp_port = store_get((pct+1) * sizeof(int)); + default_smtp_port = store_get((pct+1) * sizeof(int), FALSE); list = daemon_smtp_port; sep = 0; for (pct = 0; @@ -1192,8 +1265,6 @@ if (daemon_listen && !inetd_wait_mode) for (ipa = addresses; ipa; ipa = ipa->next) { - int i; - if (Ustrcmp(ipa->address, "0.0.0.0") == 0) ipa->address[0] = 0; else if (Ustrcmp(ipa->address, "::0") == 0) @@ -1211,9 +1282,9 @@ if (daemon_listen && !inetd_wait_mode) ipa->address[1] == 0 ? US"\"all IPv6\"" : ipa->address); ipa->port = default_smtp_port[0]; - for (i = 1; default_smtp_port[i] > 0; i++) + for (int i = 1; default_smtp_port[i] > 0; i++) { - ip_address_item *new = store_get(sizeof(ip_address_item)); + ip_address_item *new = store_get(sizeof(ip_address_item), FALSE); memcpy(new->address, ipa->address, Ustrlen(ipa->address) + 1); new->port = default_smtp_port[i]; @@ -1271,11 +1342,11 @@ if (daemon_listen && !inetd_wait_mode) for (ipa = addresses; ipa; ipa = ipa->next) listen_socket_count++; - listen_sockets = store_get(sizeof(int) * listen_socket_count); + listen_sockets = store_get(sizeof(int) * listen_socket_count, FALSE); } /* daemon_listen but not inetd_wait_mode */ -if (daemon_listen) +if (f.daemon_listen) { /* Do a sanity check on the max connects value just to save us from getting @@ -1294,9 +1365,8 @@ if (daemon_listen) if (smtp_accept_max > 0) { - int i; - smtp_slots = store_get(smtp_accept_max * sizeof(smtp_slot)); - for (i = 0; i < smtp_accept_max; i++) smtp_slots[i] = empty_smtp_slot; + smtp_slots = store_get(smtp_accept_max * sizeof(smtp_slot), FALSE); + for (int i = 0; i < smtp_accept_max; i++) smtp_slots[i] = empty_smtp_slot; } } @@ -1315,7 +1385,7 @@ Then disconnect from the controlling terminal, Most modern Unixes seem to have setsid() for getting rid of the controlling terminal. For any OS that doesn't, setsid() can be #defined as a no-op, or as something else. */ -if (background_daemon || inetd_wait_mode) +if (f.background_daemon || f.inetd_wait_mode) { log_close_all(); /* Just in case anything was logged earlier */ search_tidyup(); /* Just in case any were used in reading the config. */ @@ -1326,7 +1396,7 @@ if (background_daemon || inetd_wait_mode) log_stderr = NULL; /* So no attempt to copy paniclog output */ } -if (background_daemon) +if (f.background_daemon) { /* If the parent process of this one has pid == 1, we are re-initializing the daemon as the result of a SIGHUP. In this case, there is no need to do @@ -1347,7 +1417,7 @@ if (background_daemon) /* We are now in the disconnected, daemon process (unless debugging). Set up the listening sockets if required. */ -if (daemon_listen && !inetd_wait_mode) +if (f.daemon_listen && !f.inetd_wait_mode) { int sk; ip_address_item *ipa; @@ -1425,7 +1495,7 @@ if (daemon_listen && !inetd_wait_mode) listen() stage instead. */ #ifdef TCP_FASTOPEN - tcp_fastopen_ok = TRUE; + f.tcp_fastopen_ok = TRUE; #endif for(;;) { @@ -1463,19 +1533,32 @@ if (daemon_listen && !inetd_wait_mode) else debug_printf("listening on %s port %d\n", ipa->address, ipa->port); -#ifdef TCP_FASTOPEN - if (setsockopt(listen_sockets[sk], IPPROTO_TCP, TCP_FASTOPEN, +#if defined(TCP_FASTOPEN) && !defined(__APPLE__) + if ( f.tcp_fastopen_ok + && setsockopt(listen_sockets[sk], IPPROTO_TCP, TCP_FASTOPEN, &smtp_connect_backlog, sizeof(smtp_connect_backlog))) { DEBUG(D_any) debug_printf("setsockopt FASTOPEN: %s\n", strerror(errno)); - tcp_fastopen_ok = FALSE; + f.tcp_fastopen_ok = FALSE; } #endif /* Start listening on the bound socket, establishing the maximum backlog of connections that is allowed. On success, continue to the next address. */ - if (listen(listen_sockets[sk], smtp_connect_backlog) >= 0) continue; + if (listen(listen_sockets[sk], smtp_connect_backlog) >= 0) + { +#if defined(TCP_FASTOPEN) && defined(__APPLE__) + if ( f.tcp_fastopen_ok + && setsockopt(listen_sockets[sk], IPPROTO_TCP, TCP_FASTOPEN, + &on, sizeof(on))) + { + DEBUG(D_any) debug_printf("setsockopt FASTOPEN: %s\n", strerror(errno)); + f.tcp_fastopen_ok = FALSE; + } +#endif + continue; + } /* Listening has failed. In an IPv6 environment, as for bind(), if listen() fails with the error EADDRINUSE and we are doing IPv4 wildcard listening @@ -1530,16 +1613,11 @@ automatically. Consequently, Exim 4 writes a pid file only The variable daemon_write_pid is used to control this. */ -if (running_in_test_harness || write_pid) +if (f.running_in_test_harness || write_pid) { FILE *f; - if (override_pid_file_path) - pid_file_path = override_pid_file_path; - - if (pid_file_path[0] == 0) - pid_file_path = string_sprintf("%s/exim-daemon.pid", spool_directory); - + set_pid_file_path(); if ((f = modefopen(pid_file_path, "wb", 0644))) { (void)fprintf(f, "%d\n", (int)getpid()); @@ -1570,24 +1648,27 @@ coming from Exim, not whoever started the daemon. */ originator_uid = exim_uid; originator_gid = exim_gid; -originator_login = ((pw = getpwuid(exim_uid)) != NULL)? - string_copy_malloc(US pw->pw_name) : US"exim"; +originator_login = (pw = getpwuid(exim_uid)) + ? string_copy_perm(US pw->pw_name, FALSE) : US"exim"; /* Get somewhere to keep the list of queue-runner pids if we are keeping track of them (and also if we are doing queue runs). */ if (queue_interval > 0 && local_queue_run_max > 0) { - int i; - queue_pid_slots = store_get(local_queue_run_max * sizeof(pid_t)); - for (i = 0; i < local_queue_run_max; i++) queue_pid_slots[i] = 0; + queue_pid_slots = store_get(local_queue_run_max * sizeof(pid_t), FALSE); + for (int i = 0; i < local_queue_run_max; i++) queue_pid_slots[i] = 0; } -/* Set up the handler for termination of child processes. */ +/* Set up the handler for termination of child processes, and the one +telling us to die. */ sigchld_seen = FALSE; os_non_restarting_signal(SIGCHLD, main_sigchld_handler); +sigterm_seen = FALSE; +os_non_restarting_signal(SIGTERM, main_sigterm_handler); + /* If we are to run the queue periodically, pretend the alarm has just gone off. This will cause the first queue-runner to get kicked off straight away. */ @@ -1596,7 +1677,7 @@ sigalrm_seen = (queue_interval > 0); /* Log the start up of a daemon - at least one of listening or queue running must be set up. */ -if (inetd_wait_mode) +if (f.inetd_wait_mode) { uschar *p = big_buffer; @@ -1614,13 +1695,12 @@ if (inetd_wait_mode) sigalrm_seen = 1; } -else if (daemon_listen) +else if (f.daemon_listen) { - int i, j; int smtp_ports = 0; int smtps_ports = 0; - ip_address_item * ipa, * i2; - uschar * p = big_buffer; + ip_address_item * ipa; + uschar * p; uschar * qinfo = queue_interval > 0 ? string_sprintf("-q%s", readconf_printtime(queue_interval)) : US"no queue runs"; @@ -1632,27 +1712,19 @@ else if (daemon_listen) deprecated protocol that starts TLS without using STARTTLS), and others listening for standard SMTP. Keep their listings separate. */ - for (j = 0; j < 2; j++) + for (int j = 0, i; j < 2; j++) { for (i = 0, ipa = addresses; i < 10 && ipa; i++, ipa = ipa->next) { /* First time round, look for SMTP ports; second time round, look for - SMTPS ports. For the first one of each, insert leading text. */ + SMTPS ports. Build IP+port strings. */ if (host_is_tls_on_connect_port(ipa->port) == (j > 0)) { if (j == 0) - { - if (smtp_ports++ == 0) - { - memcpy(p, "SMTP on", 8); - p += 7; - } - } + smtp_ports++; else - if (smtps_ports++ == 0) - p += sprintf(CS p, "%sSMTPS on", - smtp_ports == 0 ? "" : " and for "); + smtps_ports++; /* Now the information about the port (and sometimes interface) */ @@ -1661,40 +1733,67 @@ else if (daemon_listen) if (ipa->next && ipa->next->address[0] == 0 && ipa->next->port == ipa->port) { - p += sprintf(CS p, " port %d (IPv6 and IPv4)", ipa->port); - ipa = ipa->next; + ipa->log = string_sprintf(" port %d (IPv6 and IPv4)", ipa->port); + (ipa = ipa->next)->log = NULL; } else if (ipa->v6_include_v4) - p += sprintf(CS p, " port %d (IPv6 with IPv4)", ipa->port); + ipa->log = string_sprintf(" port %d (IPv6 with IPv4)", ipa->port); else - p += sprintf(CS p, " port %d (IPv6)", ipa->port); + ipa->log = string_sprintf(" port %d (IPv6)", ipa->port); } else if (ipa->address[0] == 0) /* v4 wildcard */ - p += sprintf(CS p, " port %d (IPv4)", ipa->port); + ipa->log = string_sprintf(" port %d (IPv4)", ipa->port); else /* check for previously-seen IP */ { + ip_address_item * i2; for (i2 = addresses; i2 != ipa; i2 = i2->next) if ( host_is_tls_on_connect_port(i2->port) == (j > 0) && Ustrcmp(ipa->address, i2->address) == 0 ) { /* found; append port to list */ - if (p[-1] == '}') p--; - while (isdigit(*--p)) ; - p += 1 + sprintf(CS p+1, "%s%d,%d}", *p == ',' ? "" : "{", - i2->port, ipa->port); + for (p = i2->log; *p; ) p++; /* end of existing string */ + if (*--p == '}') *p = '\0'; /* drop EOL */ + while (isdigit(*--p)) ; /* char before port */ + + i2->log = *p == ':' /* no list yet? */ + ? string_sprintf("%.*s{%s,%d}", + (int)(p - i2->log + 1), i2->log, p+1, ipa->port) + : string_sprintf("%s,%d}", i2->log, ipa->port); + ipa->log = NULL; break; } if (i2 == ipa) /* first-time IP */ - p += sprintf(CS p, " [%s]:%d", ipa->address, ipa->port); + ipa->log = string_sprintf(" [%s]:%d", ipa->address, ipa->port); } } } + } - if (ipa) + p = big_buffer; + for (int j = 0, i; j < 2; j++) + { + /* First time round, look for SMTP ports; second time round, look for + SMTPS ports. For the first one of each, insert leading text. */ + + if (j == 0) { - memcpy(p, " ...", 5); - p += 4; + if (smtp_ports > 0) + p += sprintf(CS p, "SMTP on"); } + else + if (smtps_ports > 0) + p += sprintf(CS p, "%sSMTPS on", + smtp_ports == 0 ? "" : " and for "); + + /* Now the information about the port (and sometimes interface) */ + + for (i = 0, ipa = addresses; i < 10 && ipa; i++, ipa = ipa->next) + if (host_is_tls_on_connect_port(ipa->port) == (j > 0)) + if (ipa->log) + p += sprintf(CS p, "%s", ipa->log); + + if (ipa) + p += sprintf(CS p, " ..."); } log_write(0, LOG_MAIN, @@ -1719,10 +1818,27 @@ else (eg: compile regex) */ dns_pattern_init(); +smtp_deliver_init(); /* Used for callouts */ + +#ifndef DISABLE_DKIM + { +# ifdef MEASURE_TIMING + struct timeval t0; + gettimeofday(&t0, NULL); +# endif + dkim_exim_init(); +# ifdef MEASURE_TIMING + report_time_since(&t0, US"dkim_exim_init (delta)"); +# endif + } +#endif #ifdef WITH_CONTENT_SCAN malware_init(); #endif +#ifdef SUPPORT_SPF +spf_init(); +#endif /* Close the log so it can be renamed and moved. In the few cases below where this long-running process writes to the log (always exceptional conditions), it @@ -1736,6 +1852,10 @@ DEBUG(D_any) debug_print_ids(US"daemon running with"); smtp_input = TRUE; +#ifdef MEASURE_TIMING +report_time_since(×tamp_startup, US"daemon loop start"); /* testcase 0022 */ +#endif + /* Enter the never-ending loop... */ for (;;) @@ -1749,6 +1869,9 @@ for (;;) EXIM_SOCKLEN_T len; pid_t pid; + if (sigterm_seen) + daemon_die(); /* Does not return */ + /* This code is placed first in the loop, so that it gets obeyed at the start, before the first wait, for the queue-runner case, so that the first one can be started immediately. @@ -1792,7 +1915,7 @@ for (;;) } sigalrm_seen = FALSE; - alarm(resignal_interval); + ALARM(resignal_interval); } else @@ -1808,8 +1931,6 @@ for (;;) { if ((pid = fork()) == 0) { - int sk; - DEBUG(D_any) debug_printf("Starting queue-runner: pid %d\n", (int)getpid()); @@ -1817,17 +1938,18 @@ for (;;) leave the above message, because it ties up with the "child ended" debugging messages. */ - if (debug_daemon) debug_selector = 0; + if (f.debug_daemon) debug_selector = 0; /* Close any open listening sockets in the child */ - for (sk = 0; sk < listen_socket_count; sk++) + for (int sk = 0; sk < listen_socket_count; sk++) (void)close(listen_sockets[sk]); /* Reset SIGHUP and SIGCHLD in the child in both cases. */ signal(SIGHUP, SIG_DFL); signal(SIGCHLD, SIG_DFL); + signal(SIGTERM, SIG_DFL); /* Re-exec if privilege has been given up, unless deliver_drop_ privilege is set. Reset SIGALRM before exec(). */ @@ -1842,11 +1964,11 @@ for (;;) signal(SIGALRM, SIG_DFL); *p++ = '-'; *p++ = 'q'; - if (queue_2stage) *p++ = 'q'; - if (queue_run_first_delivery) *p++ = 'i'; - if (queue_run_force) *p++ = 'f'; - if (deliver_force_thaw) *p++ = 'f'; - if (queue_run_local) *p++ = 'l'; + if (f.queue_2stage) *p++ = 'q'; + if (f.queue_run_first_delivery) *p++ = 'i'; + if (f.queue_run_force) *p++ = 'f'; + if (f.deliver_force_thaw) *p++ = 'f'; + if (f.queue_run_local) *p++ = 'l'; *p = 0; extra[0] = queue_name ? string_sprintf("%sG%s", opt, queue_name) : opt; @@ -1856,13 +1978,13 @@ for (;;) if (deliver_selectstring) { - extra[extracount++] = deliver_selectstring_regex ? US"-Rr" : US"-R"; + extra[extracount++] = f.deliver_selectstring_regex ? US"-Rr" : US"-R"; extra[extracount++] = deliver_selectstring; } if (deliver_selectstring_sender) { - extra[extracount++] = deliver_selectstring_sender_regex + extra[extracount++] = f.deliver_selectstring_sender_regex ? US"-Sr" : US"-S"; extra[extracount++] = deliver_selectstring_sender; } @@ -1878,7 +2000,7 @@ for (;;) /* No need to re-exec; SIGALRM remains set to the default handler */ queue_run(NULL, NULL, FALSE); - _exit(EXIT_SUCCESS); + exim_underbar_exit(EXIT_SUCCESS); } if (pid < 0) @@ -1889,8 +2011,7 @@ for (;;) } else { - int i; - for (i = 0; i < local_queue_run_max; ++i) + for (int i = 0; i < local_queue_run_max; ++i) if (queue_pid_slots[i] <= 0) { queue_pid_slots[i] = pid; @@ -1898,14 +2019,14 @@ for (;;) break; } DEBUG(D_any) debug_printf("%d queue-runner process%s running\n", - queue_run_count, (queue_run_count == 1)? "" : "es"); + queue_run_count, queue_run_count == 1 ? "" : "es"); } } /* Reset the alarm clock */ sigalrm_seen = FALSE; - alarm(queue_interval); + ALARM(queue_interval); } } /* sigalrm_seen */ @@ -1920,15 +2041,15 @@ for (;;) new OS. In fact, the later addition of listening on specific interfaces only requires this way of working anyway. */ - if (daemon_listen) + if (f.daemon_listen) { - int sk, lcount, select_errno; + int lcount, select_errno; int max_socket = 0; BOOL select_failed = FALSE; fd_set select_listen; FD_ZERO(&select_listen); - for (sk = 0; sk < listen_socket_count; sk++) + for (int sk = 0; sk < listen_socket_count; sk++) { FD_SET(listen_sockets[sk], &select_listen); if (listen_sockets[sk] > max_socket) max_socket = listen_sockets[sk]; @@ -1969,6 +2090,11 @@ for (;;) handle_ending_processes(); errno = select_errno; +#ifndef DISABLE_TLS + /* Create or rotate any required keys */ + tls_daemon_init(); +#endif + /* Loop for all the sockets that are currently ready to go. If select actually failed, we have set the count to 1 and select_failed=TRUE, so as to use the common error code for select/accept below. */ @@ -1978,7 +2104,7 @@ for (;;) int accept_socket = -1; if (!select_failed) - for (sk = 0; sk < listen_socket_count; sk++) + for (int sk = 0; sk < listen_socket_count; sk++) if (FD_ISSET(listen_sockets[sk], &select_listen)) { len = sizeof(accepted); @@ -2087,12 +2213,11 @@ for (;;) if (sighup_seen) { - int sk; log_write(0, LOG_MAIN, "pid %d: SIGHUP received: re-exec daemon", getpid()); - for (sk = 0; sk < listen_socket_count; sk++) + for (int sk = 0; sk < listen_socket_count; sk++) (void)close(listen_sockets[sk]); - alarm(0); + ALARM_CLR(0); signal(SIGHUP, SIG_IGN); sighup_argv[0] = exim_path; exim_nullstd();