X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/f0ce96bbcfba66911b5ab36719638a52474301a9..9d783bb9f39bca59e720d0c543499b372c412441:/src/src/daemon.c diff --git a/src/src/daemon.c b/src/src/daemon.c index 83131fa1d..2d8b223c4 100644 --- a/src/src/daemon.c +++ b/src/src/daemon.c @@ -128,11 +128,30 @@ if (smtp_out) smtp_printf("421 %s\r\n", FALSE, smtp_msg); /************************************************* *************************************************/ +#ifndef EXIM_HAVE_ABSTRACT_UNIX_SOCKETS +static void +unlink_notifier_socket(void) +{ +uschar * s = expand_string(notifier_socket); +DEBUG(D_any) debug_printf("unlinking notifier socket %s\n", s); +Uunlink(s); +} +#endif + + static void close_daemon_sockets(int daemon_notifier_fd, int * listen_sockets, int listen_socket_count) { -if (daemon_notifier_fd >= 0) (void) close(daemon_notifier_fd); +if (daemon_notifier_fd >= 0) + { + (void) close(daemon_notifier_fd); + daemon_notifier_fd = -1; +#ifndef EXIM_HAVE_ABSTRACT_UNIX_SOCKETS + unlink_notifier_socket(); +#endif + } + for (int i = 0; i < listen_socket_count; i++) (void) close(listen_sockets[i]); } @@ -256,7 +275,7 @@ subprocess because it might take time. */ if (smtp_load_reserve >= 0) { load_average = OS_GETLOADAVG(); - if (smtp_reserve_hosts == NULL && load_average > smtp_load_reserve) + if (!smtp_reserve_hosts && load_average > smtp_load_reserve) { DEBUG(D_any) debug_printf("rejecting SMTP connection: load average = %.2f\n", (double)load_average/1000.0); @@ -355,7 +374,7 @@ if (LOGGING(smtp_connection)) { uschar *list = hosts_connection_nolog; memset(sender_host_cache, 0, sizeof(sender_host_cache)); - if (list != NULL && verify_check_host(&list) == OK) + if (list && verify_check_host(&list) == OK) save_log_selector &= ~L_smtp_connection; else log_write(L_smtp_connection, LOG_MAIN, "SMTP connection from %s " @@ -377,12 +396,18 @@ if (pid == 0) int save_debug_selector = debug_selector; BOOL local_queue_only; BOOL session_local_queue_only; - #ifdef SA_NOCLDWAIT +#ifdef SA_NOCLDWAIT struct sigaction act; - #endif +#endif smtp_accept_count++; /* So that it includes this process */ + /* If the listen backlog was over the monitoring level, log it. */ + + if (smtp_listen_backlog > smtp_backlog_monitor) + log_write(0, LOG_MAIN, "listen backlog %d I=[%s]:%d", + smtp_listen_backlog, interface_address, interface_port); + /* May have been modified for the subprocess */ *log_selector = save_log_selector; @@ -443,15 +468,16 @@ if (pid == 0) (void)fcntl(dup_accept_socket, F_SETFD, fcntl(dup_accept_socket, F_GETFD) | FD_CLOEXEC); - #ifdef SA_NOCLDWAIT +#ifdef SA_NOCLDWAIT act.sa_handler = SIG_IGN; sigemptyset(&(act.sa_mask)); act.sa_flags = SA_NOCLDWAIT; sigaction(SIGCHLD, &act, NULL); - #else +#else signal(SIGCHLD, SIG_IGN); - #endif +#endif signal(SIGTERM, SIG_DFL); + signal(SIGINT, SIG_DFL); /* Attempt to get an id from the sending machine via the RFC 1413 protocol. We do this in the sub-process in order not to hold up the @@ -535,7 +561,7 @@ if (pid == 0) } if (message_id[0] == 0) continue; /* No message was accepted */ } - else + else /* bad smtp_setup_msg() */ { if (smtp_out) { @@ -655,16 +681,17 @@ if (pid == 0) { pid_t dpid; - /* Before forking, ensure that the C output buffer is flushed. Otherwise - anything that it in it will get duplicated, leading to duplicate copies - of the pending output. */ - - mac_smtp_fflush(); + /* We used to flush smtp_out before forking so that buffered data was not + duplicated, but now we want to pipeline the responses for data and quit. + Instead, hard-close the fd underlying smtp_out right after fork to discard + the data buffer. */ if ((dpid = exim_fork(US"daemon-accept-delivery")) == 0) { (void)fclose(smtp_in); + (void)close(fileno(smtp_out)); (void)fclose(smtp_out); + smtp_in = smtp_out = NULL; /* Don't ever molest the parent's SSL connection, but do clean up the data structures if necessary. */ @@ -678,6 +705,7 @@ if (pid == 0) signal(SIGHUP, SIG_DFL); signal(SIGCHLD, SIG_DFL); signal(SIGTERM, SIG_DFL); + signal(SIGINT, SIG_DFL); if (geteuid() != root_uid && !deliver_drop_privilege) { @@ -911,7 +939,6 @@ while ((pid = waitpid(-1, &status, WNOHANG)) > 0) } - static void set_pid_file_path(void) { @@ -920,37 +947,144 @@ if (override_pid_file_path) if (!*pid_file_path) pid_file_path = string_sprintf("%s/exim-daemon.pid", spool_directory); + +if (pid_file_path[0] != '/') + log_write(0, LOG_PANIC_DIE, "pid file path %s must be absolute\n", pid_file_path); } -/* Remove the daemon's pidfile. Note: runs with root privilege, -as a direct child of the daemon. Does not return. */ +enum pid_op { PID_WRITE, PID_CHECK, PID_DELETE }; -void -delete_pid_file(void) +/* Do various pid file operations as safe as possible. Ideally we'd just +drop the privileges for creation of the pid file and not care at all about removal of +the file. FIXME. +Returns: true on success, false + errno==EACCES otherwise +*/ + +static BOOL +operate_on_pid_file(const enum pid_op operation, const pid_t pid) { -uschar * daemon_pid = string_sprintf("%d\n", (int)getppid()); -FILE * f; +char pid_line[sizeof(int) * 3 + 2]; +const int pid_len = snprintf(pid_line, sizeof(pid_line), "%d\n", (int)pid); +BOOL lines_match = FALSE; +uschar * path, * base, * dir; + +const int dir_flags = O_RDONLY | O_NONBLOCK; +const int base_flags = O_NOFOLLOW | O_NONBLOCK; +const mode_t base_mode = 0644; +struct stat sb; +int cwd_fd, dir_fd, base_fd; +BOOL success = FALSE; +errno = EACCES; set_pid_file_path(); -if ((f = Ufopen(pid_file_path, "rb"))) +if (!f.running_in_test_harness && real_uid != root_uid && real_uid != exim_uid) goto cleanup; +if (pid_len < 2 || pid_len >= (int)sizeof(pid_line)) goto cleanup; + +path = string_copy(pid_file_path); +if ((base = Ustrrchr(path, '/')) == NULL) /* should not happen, but who knows */ + log_write(0, LOG_MAIN|LOG_PANIC_DIE, "pid file path \"%s\" does not contain a '/'", pid_file_path); + +dir = base != path ? path : US"/"; +*base++ = '\0'; + +if (!dir || !*dir || *dir != '/') goto cleanup; +if (!base || !*base || Ustrchr(base, '/') != NULL) goto cleanup; + +cwd_fd = open(".", dir_flags); +if (cwd_fd < 0 || fstat(cwd_fd, &sb) != 0 || !S_ISDIR(sb.st_mode)) goto cleanup; +dir_fd = open(CS dir, dir_flags); +if (dir_fd < 0 || fstat(dir_fd, &sb) != 0 || !S_ISDIR(sb.st_mode)) goto cleanup; + +/* emulate openat */ +if (fchdir(dir_fd) != 0) goto cleanup; +base_fd = open(CS base, O_RDONLY | base_flags); +if (fchdir(cwd_fd) != 0) + log_write(0, LOG_MAIN|LOG_PANIC_DIE, "can't return to previous working dir: %s", strerror(errno)); + +if (base_fd >= 0) { - if ( fgets(CS big_buffer, big_buffer_size, f) - && Ustrcmp(daemon_pid, big_buffer) == 0 - ) - if (Uunlink(pid_file_path) == 0) + char line[sizeof(pid_line)]; + ssize_t len = -1; + + if (fstat(base_fd, &sb) != 0 || !S_ISREG(sb.st_mode)) goto cleanup; + if ((sb.st_mode & 07777) != base_mode || sb.st_nlink != 1) goto cleanup; + if (sb.st_size < 2 || sb.st_size >= (off_t)sizeof(line)) goto cleanup; + + len = read(base_fd, line, sizeof(line)); + if (len != (ssize_t)sb.st_size) goto cleanup; + line[len] = '\0'; + + if (strspn(line, "0123456789") != (size_t)len-1) goto cleanup; + if (line[len-1] != '\n') goto cleanup; + lines_match = len == pid_len && strcmp(line, pid_line) == 0; + } + +if (operation == PID_WRITE) + { + if (!lines_match) + { + if (base_fd >= 0) { - DEBUG(D_any) - debug_printf("%s unlink: %s\n", pid_file_path, strerror(errno)); - } - else - DEBUG(D_any) - debug_printf("unlinked %s\n", pid_file_path); - fclose(f); + int error = -1; + /* emulate unlinkat */ + if (fchdir(dir_fd) != 0) goto cleanup; + error = unlink(CS base); + if (fchdir(cwd_fd) != 0) + log_write(0, LOG_MAIN|LOG_PANIC_DIE, "can't return to previous working dir: %s", strerror(errno)); + if (error) goto cleanup; + (void)close(base_fd); + base_fd = -1; + } + /* emulate openat */ + if (fchdir(dir_fd) != 0) goto cleanup; + base_fd = open(CS base, O_WRONLY | O_CREAT | O_EXCL | base_flags, base_mode); + if (fchdir(cwd_fd) != 0) + log_write(0, LOG_MAIN|LOG_PANIC_DIE, "can't return to previous working dir: %s", strerror(errno)); + if (base_fd < 0) goto cleanup; + if (fchmod(base_fd, base_mode) != 0) goto cleanup; + if (write(base_fd, pid_line, pid_len) != pid_len) goto cleanup; + DEBUG(D_any) debug_printf("pid written to %s\n", pid_file_path); + } } else - DEBUG(D_any) - debug_printf("%s\n", string_open_failed("pid file %s", pid_file_path)); + { + if (!lines_match) goto cleanup; + if (operation == PID_DELETE) + { + int error = -1; + /* emulate unlinkat */ + if (fchdir(dir_fd) != 0) goto cleanup; + error = unlink(CS base); + if (fchdir(cwd_fd) != 0) + log_write(0, LOG_MAIN|LOG_PANIC_DIE, "can't return to previous working dir: %s", strerror(errno)); + if (error) goto cleanup; + } + } + +success = TRUE; +errno = 0; + +cleanup: +if (cwd_fd >= 0) (void)close(cwd_fd); +if (dir_fd >= 0) (void)close(dir_fd); +if (base_fd >= 0) (void)close(base_fd); +return success; +} + + +/* Remove the daemon's pidfile. Note: runs with root privilege, +as a direct child of the daemon. Does not return. */ + +void +delete_pid_file(void) +{ +const BOOL success = operate_on_pid_file(PID_DELETE, getppid()); + +DEBUG(D_any) + debug_printf("delete pid file %s %s: %s\n", pid_file_path, + success ? "success" : "failure", strerror(errno)); + exim_exit(EXIT_SUCCESS); } @@ -963,6 +1097,7 @@ daemon_die(void) { int pid; +DEBUG(D_any) debug_printf("SIGTERM/SIGINT seen\n"); #if !defined(DISABLE_TLS) && (defined(EXIM_HAVE_INOTIFY) || defined(EXIM_HAVE_KEVENT)) tls_watch_invalidate(); #endif @@ -972,11 +1107,7 @@ if (daemon_notifier_fd >= 0) close(daemon_notifier_fd); daemon_notifier_fd = -1; #ifndef EXIM_HAVE_ABSTRACT_UNIX_SOCKETS - { - uschar * s = expand_string(notifier_socket); - DEBUG(D_any) debug_printf("unlinking notifier socket %s\n", s); - Uunlink(s); - } + unlink_notifier_socket(); #endif } @@ -1042,7 +1173,7 @@ len = offsetof(struct sockaddr_un, sun_path) + 1 DEBUG(D_any) debug_printf(" @%s\n", sa_un.sun_path+1); #else /* filesystem-visible and persistent; will neeed removal */ len = offsetof(struct sockaddr_un, sun_path) - + snprintf(sa_un.sun_path, sizeof(sa_un.sun_path), "%s", + + snprintf(sa_un.sun_path, sizeof(sa_un.sun_path), "%s", expand_string(notifier_socket)); DEBUG(D_any) debug_printf(" %s\n", sa_un.sun_path); #endif @@ -1172,6 +1303,15 @@ return FALSE; } + + +static void +add_listener_socket(int fd, fd_set * fds, int * fd_max) +{ +FD_SET(fd, fds); +if (fd > *fd_max) *fd_max = fd; +} + /************************************************* * Exim Daemon Mainline * *************************************************/ @@ -1198,10 +1338,11 @@ There are no arguments to this function, and it never returns. */ void daemon_go(void) { -struct passwd *pw; -int *listen_sockets = NULL; -int listen_socket_count = 0; -ip_address_item *addresses = NULL; +struct passwd * pw; +int * listen_sockets = NULL; +int listen_socket_count = 0, listen_fd_max = 0; +fd_set select_listen; +ip_address_item * addresses = NULL; time_t last_connection_time = (time_t)0; int local_queue_run_max = atoi(CS expand_string(queue_run_max)); @@ -1212,6 +1353,7 @@ debugging lines get the pid added. */ DEBUG(D_any|D_v) debug_selector |= D_pid; +FD_ZERO(&select_listen); if (f.inetd_wait_mode) { listen_socket_count = 1; @@ -1248,6 +1390,9 @@ if (f.inetd_wait_mode) if (setsockopt(3, IPPROTO_TCP, TCP_NODELAY, US &on, sizeof(on))) log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to set socket NODELAY: %s", strerror(errno)); + + FD_SET(3, &select_listen); + listen_fd_max = 3; } @@ -1258,11 +1403,11 @@ if (f.inetd_wait_mode || f.daemon_listen) for those OS for which this is necessary the first time it is called (in order to perform an "open" on the kernel memory file). */ - #ifdef LOAD_AVG_NEEDS_ROOT +#ifdef LOAD_AVG_NEEDS_ROOT if (queue_only_load >= 0 || smtp_load_reserve >= 0 || (deliver_queue_load_max >= 0 && deliver_drop_privilege)) (void)os_getloadavg(); - #endif +#endif } @@ -1426,6 +1571,7 @@ if (f.daemon_listen && !f.inetd_wait_mode) list = tls_in.on_connect_ports; sep = 0; + /* the list isn't expanded so cannot be tainted. If it ever is we will trap here */ while ((s = string_nextinlist(&list, &sep, big_buffer, big_buffer_size))) if (!isdigit(*s)) { @@ -1635,8 +1781,8 @@ if (f.daemon_listen && !f.inetd_wait_mode) for (ipa = addresses, sk = 0; sk < listen_socket_count; ipa = ipa->next, sk++) { BOOL wildcard; - ip_address_item *ipa2; - int af; + ip_address_item * ipa2; + int fd, af; if (Ustrchr(ipa->address, ':') != NULL) { @@ -1649,7 +1795,7 @@ if (f.daemon_listen && !f.inetd_wait_mode) wildcard = ipa->address[0] == 0; } - if ((listen_sockets[sk] = ip_socket(SOCK_STREAM, af)) < 0) + if ((listen_sockets[sk] = fd = ip_socket(SOCK_STREAM, af)) < 0) { if (check_special_case(0, addresses, ipa, FALSE)) { @@ -1667,7 +1813,7 @@ if (f.daemon_listen && !f.inetd_wait_mode) #ifdef IPV6_V6ONLY if (af == AF_INET6 && wildcard && - setsockopt(listen_sockets[sk], IPPROTO_IPV6, IPV6_V6ONLY, CS (&on), + setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, CS (&on), sizeof(on)) < 0) log_write(0, LOG_MAIN, "Setting IPV6_V6ONLY on daemon's IPv6 wildcard " "socket failed (%s): carrying on without it", strerror(errno)); @@ -1677,7 +1823,7 @@ if (f.daemon_listen && !f.inetd_wait_mode) is being handled. Without this, a connection will prevent reuse of the smtp port for listening. */ - if (setsockopt(listen_sockets[sk], SOL_SOCKET, SO_REUSEADDR, + if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, US (&on), sizeof(on)) < 0) log_write(0, LOG_MAIN|LOG_PANIC_DIE, "setting SO_REUSEADDR on socket " "failed when starting daemon: %s", strerror(errno)); @@ -1685,7 +1831,7 @@ if (f.daemon_listen && !f.inetd_wait_mode) /* Set TCP_NODELAY; Exim does its own buffering. There is a switch to disable this because it breaks some broken clients. */ - if (tcp_nodelay) setsockopt(listen_sockets[sk], IPPROTO_TCP, TCP_NODELAY, + if (tcp_nodelay) setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, US (&on), sizeof(on)); /* Now bind the socket to the required port; if Exim is being restarted @@ -1704,12 +1850,12 @@ if (f.daemon_listen && !f.inetd_wait_mode) for(;;) { uschar *msg, *addr; - if (ip_bind(listen_sockets[sk], af, ipa->address, ipa->port) >= 0) break; + if (ip_bind(fd, af, ipa->address, ipa->port) >= 0) break; if (check_special_case(errno, addresses, ipa, TRUE)) { DEBUG(D_any) debug_printf("wildcard IPv4 bind() failed after IPv6 " "listen() success; EADDRINUSE ignored\n"); - (void)close(listen_sockets[sk]); + (void)close(fd); goto SKIP_SOCKET; } msg = US strerror(errno); @@ -1737,30 +1883,31 @@ if (f.daemon_listen && !f.inetd_wait_mode) else debug_printf("listening on %s port %d\n", ipa->address, ipa->port); + /* Start listening on the bound socket, establishing the maximum backlog of + connections that is allowed. On success, add to the set of sockets for select + and continue to the next address. */ + #if defined(TCP_FASTOPEN) && !defined(__APPLE__) if ( f.tcp_fastopen_ok - && setsockopt(listen_sockets[sk], IPPROTO_TCP, TCP_FASTOPEN, + && setsockopt(fd, IPPROTO_TCP, TCP_FASTOPEN, &smtp_connect_backlog, sizeof(smtp_connect_backlog))) { DEBUG(D_any) debug_printf("setsockopt FASTOPEN: %s\n", strerror(errno)); f.tcp_fastopen_ok = FALSE; } #endif - - /* Start listening on the bound socket, establishing the maximum backlog of - connections that is allowed. On success, continue to the next address. */ - - if (listen(listen_sockets[sk], smtp_connect_backlog) >= 0) + if (listen(fd, smtp_connect_backlog) >= 0) { #if defined(TCP_FASTOPEN) && defined(__APPLE__) if ( f.tcp_fastopen_ok - && setsockopt(listen_sockets[sk], IPPROTO_TCP, TCP_FASTOPEN, - &on, sizeof(on))) + && setsockopt(fd, IPPROTO_TCP, TCP_FASTOPEN, &on, sizeof(on))) { DEBUG(D_any) debug_printf("setsockopt FASTOPEN: %s\n", strerror(errno)); f.tcp_fastopen_ok = FALSE; } #endif + + add_listener_socket(fd, &select_listen, &listen_fd_max); continue; } @@ -1778,7 +1925,7 @@ if (f.daemon_listen && !f.inetd_wait_mode) DEBUG(D_any) debug_printf("wildcard IPv4 listen() failed after IPv6 " "listen() success; EADDRINUSE ignored\n"); - (void)close(listen_sockets[sk]); + (void)close(fd); /* Come here if there has been a problem with the socket which we are going to ignore. We remove the address from the chain, and back up the @@ -1819,20 +1966,24 @@ The variable daemon_write_pid is used to control this. */ if (f.running_in_test_harness || write_pid) { - FILE *f; - - set_pid_file_path(); - if ((f = modefopen(pid_file_path, "wb", 0644))) - { - (void)fprintf(f, "%d\n", (int)getpid()); - (void)fclose(f); - DEBUG(D_any) debug_printf("pid written to %s\n", pid_file_path); - } - else - DEBUG(D_any) - debug_printf("%s\n", string_open_failed("pid file %s", pid_file_path)); + const enum pid_op operation = (f.running_in_test_harness + || real_uid == root_uid + || (real_uid == exim_uid && !override_pid_file_path)) ? PID_WRITE : PID_CHECK; + if (!operate_on_pid_file(operation, getpid())) + DEBUG(D_any) debug_printf("%s pid file %s: %s\n", (operation == PID_WRITE) ? "write" : "check", pid_file_path, strerror(errno)); } +/* Add ancillary sockets to the set for select */ + +#ifndef DISABLE_TLS +if (tls_watch_fd >= 0) + add_listener_socket(tls_watch_fd, &select_listen, &listen_fd_max); +#endif +if (daemon_notifier_fd >= 0) + add_listener_socket(daemon_notifier_fd, &select_listen, &listen_fd_max); + +listen_fd_max++; + /* Set up the handler for SIGHUP, which causes a restart of the daemon. */ sighup_seen = FALSE; @@ -1871,6 +2022,7 @@ os_non_restarting_signal(SIGCHLD, main_sigchld_handler); sigterm_seen = FALSE; os_non_restarting_signal(SIGTERM, main_sigterm_handler); +os_non_restarting_signal(SIGINT, main_sigterm_handler); /* If we are to run the queue periodically, pretend the alarm has just gone off. This will cause the first queue-runner to get kicked off straight away. */ @@ -2067,13 +2219,6 @@ report_time_since(×tamp_startup, US"daemon loop start"); /* testcase 0022 * for (;;) { - #if HAVE_IPV6 - struct sockaddr_in6 accepted; - #else - struct sockaddr_in accepted; - #endif - - EXIM_SOCKLEN_T len; pid_t pid; if (sigterm_seen) @@ -2158,6 +2303,7 @@ for (;;) signal(SIGHUP, SIG_DFL); signal(SIGCHLD, SIG_DFL); signal(SIGTERM, SIG_DFL); + signal(SIGINT, SIG_DFL); /* Re-exec if privilege has been given up, unless deliver_drop_ privilege is set. Reset SIGALRM before exec(). */ @@ -2278,29 +2424,9 @@ for (;;) if (f.daemon_listen) { - int lcount; - int max_socket = 0; + int check_lsk = 0, lcount; BOOL select_failed = FALSE; - fd_set select_listen; - - FD_ZERO(&select_listen); -#ifndef DISABLE_TLS - if (tls_watch_fd >= 0) - { - FD_SET(tls_watch_fd, &select_listen); - if (tls_watch_fd > max_socket) max_socket = tls_watch_fd; - } -#endif - if (daemon_notifier_fd >= 0) - { - FD_SET(daemon_notifier_fd, &select_listen); - if (daemon_notifier_fd > max_socket) max_socket = daemon_notifier_fd; - } - for (int sk = 0; sk < listen_socket_count; sk++) - { - FD_SET(listen_sockets[sk], &select_listen); - if (listen_sockets[sk] > max_socket) max_socket = listen_sockets[sk]; - } + fd_set fds = select_listen; DEBUG(D_any) debug_printf("Listening...\n"); @@ -2317,7 +2443,7 @@ for (;;) errno = EINTR; } else - lcount = select(max_socket + 1, (SELECT_ARG2_TYPE *)&select_listen, + lcount = select(listen_fd_max, (SELECT_ARG2_TYPE *)&fds, NULL, NULL, NULL); if (lcount < 0) @@ -2351,34 +2477,57 @@ for (;;) while (lcount-- > 0) { int accept_socket = -1; +#if HAVE_IPV6 + struct sockaddr_in6 accepted; +#else + struct sockaddr_in accepted; +#endif if (!select_failed) { #if !defined(DISABLE_TLS) && (defined(EXIM_HAVE_INOTIFY) || defined(EXIM_HAVE_KEVENT)) - if (tls_watch_fd >= 0 && FD_ISSET(tls_watch_fd, &select_listen)) + if (tls_watch_fd >= 0 && FD_ISSET(tls_watch_fd, &fds)) { - FD_CLR(tls_watch_fd, &select_listen); tls_watch_trigger_time = time(NULL); /* Set up delayed event */ tls_watch_discard_event(tls_watch_fd); break; /* to top of daemon loop */ } #endif - if ( daemon_notifier_fd >= 0 - && FD_ISSET(daemon_notifier_fd, &select_listen)) + if (daemon_notifier_fd >= 0 && FD_ISSET(daemon_notifier_fd, &fds)) { - FD_CLR(daemon_notifier_fd, &select_listen); sigalrm_seen = daemon_notification(); break; /* to top of daemon loop */ } - for (int sk = 0; sk < listen_socket_count; sk++) - if (FD_ISSET(listen_sockets[sk], &select_listen)) + while (check_lsk < listen_socket_count) + { + int lfd = listen_sockets[check_lsk++]; + if (FD_ISSET(lfd, &fds)) { - len = sizeof(accepted); - accept_socket = accept(listen_sockets[sk], - (struct sockaddr *)&accepted, &len); - FD_CLR(listen_sockets[sk], &select_listen); + EXIM_SOCKLEN_T alen = sizeof(accepted); + struct tcp_info ti; + socklen_t tlen = sizeof(ti); + + /* If monitoring the backlog is wanted, grab for later logging */ + + smtp_listen_backlog = 0; +#if defined(TCP_INFO) + if ( smtp_backlog_monitor > 0 + && getsockopt(lfd, IPPROTO_TCP, TCP_INFO, &ti, &tlen) == 0) + { + DEBUG(D_interface) debug_printf("listen fd %d queue max %u curr %u\n", +# ifdef EXIM_HAVE_TCPI_UNACKED + lfd, ti.tcpi_sacked, ti.tcpi_unacked); + smtp_listen_backlog = ti.tcpi_unacked; +# elif defined(__FreeBSD__) /* This does not work. Investigate kernel sourcecode. */ + lfd, ti.__tcpi_sacked, ti.__tcpi_unacked); + smtp_listen_backlog = ti.__tcpi_unacked; +# endif + } +#endif + accept_socket = accept(lfd, (struct sockaddr *)&accepted, &alen); break; } + } } /* If select or accept has failed and this was not caused by an @@ -2398,21 +2547,21 @@ for (;;) accept_retry_errno = errno; accept_retry_select_failed = select_failed; } - else if ( errno != accept_retry_errno + else if ( errno != accept_retry_errno || select_failed != accept_retry_select_failed || accept_retry_count >= 50) - { - log_write(0, LOG_MAIN | (accept_retry_count >= 50 ? LOG_PANIC : 0), - "%d %s() failure%s: %s", - accept_retry_count, - accept_retry_select_failed ? "select" : "accept", - accept_retry_count == 1 ? "" : "s", - strerror(accept_retry_errno)); - log_close_all(); - accept_retry_count = 0; - accept_retry_errno = errno; - accept_retry_select_failed = select_failed; - } + { + log_write(0, LOG_MAIN | (accept_retry_count >= 50 ? LOG_PANIC : 0), + "%d %s() failure%s: %s", + accept_retry_count, + accept_retry_select_failed ? "select" : "accept", + accept_retry_count == 1 ? "" : "s", + strerror(accept_retry_errno)); + log_close_all(); + accept_retry_count = 0; + accept_retry_errno = errno; + accept_retry_select_failed = select_failed; + } accept_retry_count++; } else if (accept_retry_count > 0) @@ -2430,6 +2579,11 @@ for (;;) if (accept_socket >= 0) { +#ifdef TCP_QUICKACK /* Avoid pure-ACKs while in tls protocol pingpong phase */ + /* Unfortunately we cannot be certain to do this before a TLS-on-connect + Client Hello arrives and is acked. We do it as early as possible. */ + (void) setsockopt(accept_socket, IPPROTO_TCP, TCP_QUICKACK, US &off, sizeof(off)); +#endif if (inetd_wait_timeout) last_connection_time = time(NULL); handle_smtp_call(listen_sockets, listen_socket_count, accept_socket,