12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562 |
- /*-
- * Copyright 2016 Vsevolod Stakhov
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- #include "config.h"
- #include "rspamd.h"
- #include "libutil/map.h"
- #include "lua/lua_common.h"
- #include "libserver/worker_util.h"
- #include "libserver/rspamd_control.h"
- #include "ottery.h"
- #include "cryptobox.h"
- #include "utlist.h"
- #include "unix-std.h"
- /* sysexits */
- #ifdef HAVE_SYSEXITS_H
- #include <sysexits.h>
- #endif
- /* pwd and grp */
- #ifdef HAVE_PWD_H
- #include <pwd.h>
- #endif
- #ifdef HAVE_GRP_H
- #include <grp.h>
- #endif
-
- #ifdef HAVE_NFTW
- #include <ftw.h>
- #endif
-
- #include <signal.h>
- #ifdef HAVE_SYS_WAIT_H
- #include <sys/wait.h>
- #endif
- #ifdef HAVE_SYS_RESOURCE_H
- #include <sys/resource.h>
- #endif
- #ifdef HAVE_LIBUTIL_H
- #include <libutil.h>
- #endif
- #ifdef WITH_GPERF_TOOLS
- #include <gperftools/profiler.h>
- #endif
- #ifdef HAVE_STROPS_H
- #include <stropts.h>
- #endif
-
- #ifdef HAVE_OPENSSL
- #include <openssl/err.h>
- #include <openssl/evp.h>
- #endif
-
- #include "sqlite3.h"
-
- /* 2 seconds to fork new process in place of dead one */
- #define SOFT_FORK_TIME 2
-
- /* 10 seconds after getting termination signal to terminate all workers with SIGKILL */
- #define TERMINATION_ATTEMPTS 50
-
- static gboolean load_rspamd_config (struct rspamd_main *rspamd_main,
- struct rspamd_config *cfg,
- gboolean init_modules,
- enum rspamd_post_load_options opts,
- gboolean reload);
-
- /* Control socket */
- static gint control_fd;
-
- /* Cmdline options */
- static gboolean config_test = FALSE;
- static gboolean no_fork = FALSE;
- static gboolean show_version = FALSE;
- static gchar **cfg_names = NULL;
- static gchar **lua_tests = NULL;
- static gchar **sign_configs = NULL;
- static gchar *privkey = NULL;
- static gchar *rspamd_user = NULL;
- static gchar *rspamd_group = NULL;
- static gchar *rspamd_pidfile = NULL;
- static gboolean dump_cache = FALSE;
- static gboolean is_debug = FALSE;
- static gboolean is_insecure = FALSE;
- static gboolean gen_keypair = FALSE;
- static gboolean encrypt_password = FALSE;
- static GHashTable *ucl_vars = NULL;
-
- static gint term_attempts = 0;
-
- /* List of unrelated forked processes */
- static GArray *other_workers = NULL;
-
- /* List of active listen sockets indexed by worker type */
- static GHashTable *listen_sockets = NULL;
-
- /* Defined in modules.c */
- extern module_t *modules[];
- extern worker_t *workers[];
-
- /* Commandline options */
- static GOptionEntry entries[] =
- {
- { "config-test", 't', 0, G_OPTION_ARG_NONE, &config_test,
- "Do config test and exit", NULL },
- { "no-fork", 'f', 0, G_OPTION_ARG_NONE, &no_fork,
- "Do not daemonize main process", NULL },
- { "config", 'c', 0, G_OPTION_ARG_FILENAME_ARRAY, &cfg_names,
- "Specify config file(s)", NULL },
- { "user", 'u', 0, G_OPTION_ARG_STRING, &rspamd_user,
- "User to run rspamd as", NULL },
- { "group", 'g', 0, G_OPTION_ARG_STRING, &rspamd_group,
- "Group to run rspamd as", NULL },
- { "pid", 'p', 0, G_OPTION_ARG_STRING, &rspamd_pidfile, "Path to pidfile",
- NULL },
- { "dump-cache", 'C', 0, G_OPTION_ARG_NONE, &dump_cache,
- "Dump symbols cache stats and exit", NULL },
- { "debug", 'd', 0, G_OPTION_ARG_NONE, &is_debug, "Force debug output",
- NULL },
- { "insecure", 'i', 0, G_OPTION_ARG_NONE, &is_insecure,
- "Ignore running workers as privileged users (insecure)", NULL },
- { "test-lua", 0, 0, G_OPTION_ARG_FILENAME_ARRAY, &lua_tests,
- "Specify lua file(s) to test", NULL },
- { "sign-config", 0, 0, G_OPTION_ARG_FILENAME_ARRAY, &sign_configs,
- "Specify config file(s) to sign", NULL },
- { "private-key", 0, 0, G_OPTION_ARG_FILENAME, &privkey,
- "Specify private key to sign", NULL },
- { "gen-keypair", 0, 0, G_OPTION_ARG_NONE, &gen_keypair, "Generate new encryption "
- "keypair", NULL},
- { "encrypt-password", 0, 0, G_OPTION_ARG_NONE, &encrypt_password, "Encrypt "
- "controller password to store in the configuration file", NULL },
- { "version", 'v', 0, G_OPTION_ARG_NONE, &show_version,
- "Show version and exit", NULL },
- { NULL, 0, 0, G_OPTION_ARG_NONE, NULL, NULL, NULL }
- };
-
-
- static void
- read_cmd_line (gint *argc, gchar ***argv, struct rspamd_config *cfg)
- {
- GError *error = NULL;
- GOptionContext *context;
- guint i, cfg_num;
- pid_t r;
-
- context = g_option_context_new ("- run rspamd daemon");
- #if defined(GIT_VERSION) && GIT_VERSION == 1
- g_option_context_set_summary (context,
- "Summary:\n Rspamd daemon version " RVERSION "-git\n Git id: " RID);
- #else
- g_option_context_set_summary (context,
- "Summary:\n Rspamd daemon version " RVERSION);
- #endif
- g_option_context_add_main_entries (context, entries, NULL);
-
- if (!g_option_context_parse (context, argc, argv, &error)) {
- fprintf (stderr, "option parsing failed: %s\n", error->message);
- g_option_context_free (context);
- exit (1);
- }
-
- cfg->rspamd_user = rspamd_user;
- cfg->rspamd_group = rspamd_group;
- cfg_num = cfg_names != NULL ? g_strv_length (cfg_names) : 0;
- if (cfg_num == 0) {
- cfg->cfg_name = FIXED_CONFIG_FILE;
- }
- else {
- cfg->cfg_name = cfg_names[0];
- }
- for (i = 1; i < cfg_num; i++) {
- r = fork ();
- if (r == 0) {
- /* Spawning new main process */
- cfg->cfg_name = cfg_names[i];
- (void)setsid ();
- }
- else if (r == -1) {
- fprintf (stderr,
- "fork failed while spawning process for %s configuration file: %s\n",
- cfg_names[i],
- strerror (errno));
- }
- else {
- /* Save pid to the list of other main processes, we need it to ignore SIGCHLD from them */
- g_array_append_val (other_workers, r);
- }
- }
-
- cfg->pid_file = rspamd_pidfile;
- g_option_context_free (context);
- }
-
- /* Detect privilleged mode */
- static void
- detect_priv (struct rspamd_main *rspamd_main)
- {
- struct passwd *pwd;
- struct group *grp;
- uid_t euid;
-
- euid = geteuid ();
-
- if (euid == 0) {
- if (!rspamd_main->cfg->rspamd_user && !is_insecure) {
- msg_err_main (
- "cannot run rspamd workers as root user, please add -u and -g options to select a proper unprivilleged user or specify --insecure flag");
- exit (EXIT_FAILURE);
- }
- else if (is_insecure) {
- rspamd_main->is_privilleged = TRUE;
- rspamd_main->workers_uid = 0;
- rspamd_main->workers_gid = 0;
- }
- else {
- rspamd_main->is_privilleged = TRUE;
- pwd = getpwnam (rspamd_main->cfg->rspamd_user);
- if (pwd == NULL) {
- msg_err_main ("user specified does not exists (%s), aborting",
- strerror (errno));
- exit (-errno);
- }
- if (rspamd_main->cfg->rspamd_group) {
- grp = getgrnam (rspamd_main->cfg->rspamd_group);
- if (grp == NULL) {
- msg_err_main ("group specified does not exists (%s), aborting",
- strerror (errno));
- exit (-errno);
- }
- rspamd_main->workers_gid = grp->gr_gid;
- }
- else {
- rspamd_main->workers_gid = (gid_t)-1;
- }
- rspamd_main->workers_uid = pwd->pw_uid;
- }
- }
- else {
- rspamd_main->is_privilleged = FALSE;
- rspamd_main->workers_uid = (uid_t)-1;
- rspamd_main->workers_gid = (gid_t)-1;
- }
- }
-
- static void
- config_logger (rspamd_mempool_t *pool, gpointer ud)
- {
- struct rspamd_main *rspamd_main = ud;
-
- if (config_test) {
- /* Explicitly set logger type to console in case of config testing */
- rspamd_main->cfg->log_type = RSPAMD_LOG_CONSOLE;
- }
-
- rspamd_set_logger (rspamd_main->cfg, g_quark_try_string ("main"),
- &rspamd_main->logger, rspamd_main->server_pool);
-
- if (rspamd_log_open_priv (rspamd_main->logger,
- rspamd_main->workers_uid, rspamd_main->workers_gid) == -1) {
- fprintf (stderr, "Fatal error, cannot open logfile, exiting\n");
- exit (EXIT_FAILURE);
- }
-
- rspamd_logger_configure_modules (rspamd_main->cfg->debug_modules);
- }
-
- static void
- reread_config (struct rspamd_main *rspamd_main)
- {
- struct rspamd_config *tmp_cfg, *old_cfg;
- gchar *cfg_file;
-
- rspamd_symcache_save (rspamd_main->cfg->cache);
- tmp_cfg = rspamd_config_new (RSPAMD_CONFIG_INIT_DEFAULT);
- tmp_cfg->libs_ctx = rspamd_main->cfg->libs_ctx;
- REF_RETAIN (tmp_cfg->libs_ctx);
- cfg_file = rspamd_mempool_strdup (tmp_cfg->cfg_pool,
- rspamd_main->cfg->cfg_name);
- /* Save some variables */
- tmp_cfg->cfg_name = cfg_file;
- old_cfg = rspamd_main->cfg;
- rspamd_main->cfg = tmp_cfg;
-
- if (!load_rspamd_config (rspamd_main, tmp_cfg, TRUE,
- RSPAMD_CONFIG_INIT_VALIDATE|RSPAMD_CONFIG_INIT_SYMCACHE|
- RSPAMD_CONFIG_INIT_LIBS|RSPAMD_CONFIG_INIT_URL,
- TRUE)) {
- rspamd_main->cfg = old_cfg;
- rspamd_log_close_priv (rspamd_main->logger,
- FALSE,
- rspamd_main->workers_uid,
- rspamd_main->workers_gid);
- rspamd_set_logger (rspamd_main->cfg, g_quark_try_string ("main"),
- &rspamd_main->logger, rspamd_main->server_pool);
- rspamd_log_open_priv (rspamd_main->logger,
- rspamd_main->workers_uid,
- rspamd_main->workers_gid);
- msg_err_main ("cannot parse new config file, revert to old one");
- REF_RELEASE (tmp_cfg);
- }
- else {
- msg_info_main ("replacing config");
- REF_RELEASE (old_cfg);
- msg_info_main ("config has been reread successfully");
- rspamd_map_preload (rspamd_main->cfg);
- }
- }
-
- struct waiting_worker {
- struct rspamd_main *rspamd_main;
- struct event wait_ev;
- struct rspamd_worker_conf *cf;
- guint oldindex;
- };
-
- static void
- rspamd_fork_delayed_cb (gint signo, short what, gpointer arg)
- {
- struct waiting_worker *w = arg;
-
- event_del (&w->wait_ev);
- rspamd_fork_worker (w->rspamd_main, w->cf, w->oldindex,
- w->rspamd_main->ev_base);
- REF_RELEASE (w->cf);
- g_free (w);
- }
-
- static void
- rspamd_fork_delayed (struct rspamd_worker_conf *cf,
- guint index,
- struct rspamd_main *rspamd_main)
- {
- struct waiting_worker *nw;
- struct timeval tv;
-
- nw = g_malloc0 (sizeof (*nw));
- nw->cf = cf;
- nw->oldindex = index;
- nw->rspamd_main = rspamd_main;
- tv.tv_sec = SOFT_FORK_TIME;
- tv.tv_usec = 0;
- REF_RETAIN (cf);
- event_set (&nw->wait_ev, -1, EV_TIMEOUT, rspamd_fork_delayed_cb, nw);
- event_base_set (rspamd_main->ev_base, &nw->wait_ev);
- event_add (&nw->wait_ev, &tv);
- }
-
- static GList *
- create_listen_socket (GPtrArray *addrs, guint cnt,
- enum rspamd_worker_socket_type listen_type)
- {
- GList *result = NULL;
- gint fd;
- guint i;
- struct rspamd_worker_listen_socket *ls;
-
- g_ptr_array_sort (addrs, rspamd_inet_address_compare_ptr);
- for (i = 0; i < cnt; i ++) {
-
- /*
- * Copy address to avoid reload issues
- */
- if (listen_type & RSPAMD_WORKER_SOCKET_TCP) {
- fd = rspamd_inet_address_listen (g_ptr_array_index (addrs, i),
- SOCK_STREAM, TRUE);
- if (fd != -1) {
- ls = g_malloc0 (sizeof (*ls));
- ls->addr = rspamd_inet_address_copy (g_ptr_array_index (addrs, i));
- ls->fd = fd;
- ls->type = RSPAMD_WORKER_SOCKET_TCP;
- result = g_list_prepend (result, ls);
- }
- }
- if (listen_type & RSPAMD_WORKER_SOCKET_UDP) {
- fd = rspamd_inet_address_listen (g_ptr_array_index (addrs, i),
- SOCK_DGRAM, TRUE);
- if (fd != -1) {
- ls = g_malloc0 (sizeof (*ls));
- ls->addr = rspamd_inet_address_copy (g_ptr_array_index (addrs, i));
- ls->fd = fd;
- ls->type = RSPAMD_WORKER_SOCKET_UDP;
- result = g_list_prepend (result, ls);
- }
- }
- }
-
- return result;
- }
-
- static GList *
- systemd_get_socket (struct rspamd_main *rspamd_main, gint number)
- {
- int sock, num_passed, flags;
- GList *result = NULL;
- const gchar *e;
- gchar *err;
- struct stat st;
- /* XXX: can we trust the current choice ? */
- static const int sd_listen_fds_start = 3;
- struct rspamd_worker_listen_socket *ls;
-
- union {
- struct sockaddr_storage ss;
- struct sockaddr sa;
- } addr_storage;
- socklen_t slen = sizeof (addr_storage);
- gint stype;
-
- e = getenv ("LISTEN_FDS");
- if (e != NULL) {
- errno = 0;
- num_passed = strtoul (e, &err, 10);
- if ((err == NULL || *err == '\0') && num_passed > number) {
- sock = number + sd_listen_fds_start;
- if (fstat (sock, &st) == -1) {
- msg_warn_main ("cannot stat systemd descriptor %d", sock);
- return NULL;
- }
- if (!S_ISSOCK (st.st_mode)) {
- msg_warn_main ("systemd descriptor %d is not a socket", sock);
- errno = EINVAL;
- return NULL;
- }
- flags = fcntl (sock, F_GETFD);
-
- if (flags != -1) {
- (void)fcntl (sock, F_SETFD, flags | FD_CLOEXEC);
- }
-
- rspamd_socket_nonblocking (sock);
-
- if (getsockname (sock, &addr_storage.sa, &slen) == -1) {
- msg_warn_main ("cannot get name for systemd descriptor %d: %s",
- sock, strerror (errno));
- errno = EINVAL;
- return NULL;
- }
-
- ls = g_malloc0 (sizeof (*ls));
- ls->addr = rspamd_inet_address_from_sa (&addr_storage.sa, slen);
- ls->fd = sock;
-
- slen = sizeof (stype);
- if (getsockopt (sock, SOL_SOCKET, SO_TYPE, &stype, &slen) != -1) {
- if (stype == SOCK_STREAM) {
- ls->type = RSPAMD_WORKER_SOCKET_TCP;
- }
- else {
- ls->type = RSPAMD_WORKER_SOCKET_UDP;
- }
- }
- else {
- msg_warn_main ("cannot get type for systemd descriptor %d: %s",
- sock, strerror (errno));
- ls->type = RSPAMD_WORKER_SOCKET_TCP;
- }
-
-
- result = g_list_prepend (result, ls);
- }
- else if (num_passed <= number) {
- msg_err_main ("systemd LISTEN_FDS does not contain the expected fd: %d",
- num_passed);
- errno = EOVERFLOW;
- }
- }
- else {
- msg_err_main ("cannot get systemd variable 'LISTEN_FDS'");
- errno = ENOENT;
- }
-
- return result;
- }
-
- static inline uintptr_t
- make_listen_key (struct rspamd_worker_bind_conf *cf)
- {
- rspamd_cryptobox_fast_hash_state_t st;
- guint i, keylen = 0;
- guint8 *key;
- rspamd_inet_addr_t *addr;
- guint16 port;
-
- rspamd_cryptobox_fast_hash_init (&st, rspamd_hash_seed ());
- if (cf->is_systemd) {
- rspamd_cryptobox_fast_hash_update (&st, "systemd", sizeof ("systemd"));
- rspamd_cryptobox_fast_hash_update (&st, &cf->cnt, sizeof (cf->cnt));
- }
- else {
- rspamd_cryptobox_fast_hash_update (&st, cf->name, strlen (cf->name));
- for (i = 0; i < cf->cnt; i ++) {
- addr = g_ptr_array_index (cf->addrs, i);
- key = rspamd_inet_address_get_hash_key (
- addr, &keylen);
- rspamd_cryptobox_fast_hash_update (&st, key, keylen);
- port = rspamd_inet_address_get_port (addr);
- rspamd_cryptobox_fast_hash_update (&st, &port, sizeof (port));
- }
- }
-
- return rspamd_cryptobox_fast_hash_final (&st);
- }
-
- static void
- spawn_worker_type (struct rspamd_main *rspamd_main, struct event_base *ev_base,
- struct rspamd_worker_conf *cf)
- {
- gint i;
-
- if (cf->count < 0) {
- msg_info_main ("skip spawning of worker %s: disabled in configuration",
- cf->worker->name);
-
- return;
- }
- if (cf->worker->flags & RSPAMD_WORKER_UNIQUE) {
- if (cf->count > 1) {
- msg_warn_main (
- "cannot spawn more than 1 %s worker, so spawn one",
- cf->worker->name);
- }
- rspamd_fork_worker (rspamd_main, cf, 0, ev_base);
- }
- else if (cf->worker->flags & RSPAMD_WORKER_THREADED) {
- rspamd_fork_worker (rspamd_main, cf, 0, ev_base);
- }
- else {
- for (i = 0; i < cf->count; i++) {
- rspamd_fork_worker (rspamd_main, cf, i, ev_base);
- }
- }
- }
-
- static void
- spawn_workers (struct rspamd_main *rspamd_main, struct event_base *ev_base)
- {
- GList *cur, *ls;
- struct rspamd_worker_conf *cf;
- gpointer p;
- guintptr key;
- struct rspamd_worker_bind_conf *bcf;
- gboolean listen_ok = FALSE;
- GPtrArray *seen_mandatory_workers;
- worker_t **cw, *wrk;
- guint i;
-
- /* Special hack for hs_helper if it's not defined in a config */
- seen_mandatory_workers = g_ptr_array_new ();
- cur = rspamd_main->cfg->workers;
-
- while (cur) {
- cf = cur->data;
- listen_ok = FALSE;
-
- if (cf->worker == NULL) {
- msg_err_main ("type of worker is unspecified, skip spawning");
- }
- else {
- if (!cf->enabled || cf->count <= 0) {
- msg_info_main ("worker of type %s(%s) is disabled in the config, "
- "skip spawning", g_quark_to_string (cf->type),
- cf->bind_conf ? cf->bind_conf->bind_line : "none");
- cur = g_list_next (cur);
-
- continue;
- }
-
- if (cf->worker->flags & RSPAMD_WORKER_ALWAYS_START) {
- g_ptr_array_add (seen_mandatory_workers, cf->worker);
- }
- if (cf->worker->flags & RSPAMD_WORKER_HAS_SOCKET) {
- LL_FOREACH (cf->bind_conf, bcf) {
- key = make_listen_key (bcf);
-
- if ((p =
- g_hash_table_lookup (listen_sockets,
- GINT_TO_POINTER (key))) == NULL) {
-
- if (!bcf->is_systemd) {
- /* Create listen socket */
- ls = create_listen_socket (bcf->addrs, bcf->cnt,
- cf->worker->listen_type);
- }
- else {
- ls = systemd_get_socket (rspamd_main, bcf->cnt);
- }
-
- if (ls == NULL) {
- msg_err_main ("cannot listen on %s socket %s: %s",
- bcf->is_systemd ? "systemd" : "normal",
- bcf->name,
- strerror (errno));
- }
- else {
- g_hash_table_insert (listen_sockets, (gpointer)key, ls);
- listen_ok = TRUE;
- }
- }
- else {
- /* We had socket for this type of worker */
- ls = p;
- listen_ok = TRUE;
- }
- /* Do not add existing lists as it causes loops */
- if (g_list_position (cf->listen_socks, ls) == -1) {
- cf->listen_socks = g_list_concat (cf->listen_socks, ls);
- }
- }
-
- if (listen_ok) {
- spawn_worker_type (rspamd_main, ev_base, cf);
- }
- else {
- msg_err_main ("cannot create listen socket for %s at %s",
- g_quark_to_string (cf->type), cf->bind_conf->name);
-
- rspamd_hard_terminate (rspamd_main);
- g_assert_not_reached ();
- }
- }
- else {
- spawn_worker_type (rspamd_main, ev_base, cf);
- }
- }
-
- cur = g_list_next (cur);
- }
-
- for (cw = workers; *cw != NULL; cw ++) {
- gboolean seen = FALSE;
-
- wrk = *cw;
-
- if (wrk->flags & RSPAMD_WORKER_ALWAYS_START) {
- for (i = 0; i < seen_mandatory_workers->len; i ++) {
- if (wrk == g_ptr_array_index (seen_mandatory_workers, i)) {
- seen = TRUE;
- break;
- }
- }
-
- if (!seen) {
- cf = rspamd_config_new_worker (rspamd_main->cfg, NULL);
- cf->count = 1;
- cf->worker = wrk;
- cf->type = g_quark_from_static_string (wrk->name);
-
- if (cf->worker->worker_init_func) {
- cf->ctx = cf->worker->worker_init_func (rspamd_main->cfg);
- }
-
- spawn_worker_type (rspamd_main, ev_base, cf);
- }
- }
- }
-
- g_ptr_array_free (seen_mandatory_workers, TRUE);
- }
-
- static void
- kill_old_workers (gpointer key, gpointer value, gpointer unused)
- {
- struct rspamd_worker *w = value;
- struct rspamd_main *rspamd_main;
-
- rspamd_main = w->srv;
-
- if (!w->wanna_die) {
- w->wanna_die = TRUE;
- kill (w->pid, SIGUSR2);
- msg_info_main ("send signal to worker %P", w->pid);
- }
- else {
- msg_info_main ("do not send signal to worker %P, already sent", w->pid);
- }
- }
-
- static gboolean
- wait_for_workers (gpointer key, gpointer value, gpointer unused)
- {
- struct rspamd_worker *w = value;
- struct rspamd_main *rspamd_main;
- gint res = 0;
- gboolean nowait = FALSE;
-
- rspamd_main = w->srv;
-
- if (w->ppid != getpid ()) {
- nowait = TRUE;
- }
-
- if (nowait || waitpid (w->pid, &res, WNOHANG) <= 0) {
- if (term_attempts < 0) {
- if (w->cf->worker->flags & RSPAMD_WORKER_KILLABLE) {
- msg_warn_main ("terminate worker %s(%P) with SIGKILL",
- g_quark_to_string (w->type), w->pid);
- if (kill (w->pid, SIGKILL) == -1) {
- if (nowait && errno == ESRCH) {
- /* We have actually killed the process */
- goto finished;
- }
- }
- }
- else {
- if (term_attempts > -(TERMINATION_ATTEMPTS * 2)) {
- if (term_attempts % 10 == 0) {
- msg_info_main ("waiting for worker %s(%P) to sync, "
- "%d seconds remain",
- g_quark_to_string (w->type), w->pid,
- (TERMINATION_ATTEMPTS * 2 + term_attempts) / 5);
- kill (w->pid, SIGTERM);
- if (nowait && errno == ESRCH) {
- /* We have actually killed the process */
- goto finished;
- }
- }
- }
- else {
- msg_err_main ("data corruption warning: terminating "
- "special worker %s(%P) with SIGKILL",
- g_quark_to_string (w->type), w->pid);
- kill (w->pid, SIGKILL);
- if (nowait && errno == ESRCH) {
- /* We have actually killed the process */
- goto finished;
- }
- }
- }
- }
- else if (nowait) {
- kill (w->pid, 0);
-
- if (errno != ESRCH) {
- return FALSE;
- }
- else {
- goto finished;
- }
- }
-
- return FALSE;
- }
-
-
-
- finished:
- msg_info_main ("%s process %P terminated %s",
- g_quark_to_string (w->type), w->pid,
- nowait ? "with no result available" :
- (WTERMSIG (res) == SIGKILL ? "hardly" : "softly"));
- if (w->srv_pipe[0] != -1) {
- /* Ugly workaround */
- if (w->tmp_data) {
- g_free (w->tmp_data);
- }
- event_del (&w->srv_ev);
- }
-
- if (w->finish_actions) {
- g_ptr_array_free (w->finish_actions, TRUE);
- }
-
- REF_RELEASE (w->cf);
- g_free (w);
-
- return TRUE;
- }
-
- struct core_check_cbdata {
- struct rspamd_config *cfg;
- gsize total_count;
- gsize total_size;
- };
-
- #ifdef HAVE_NFTW
-
- static struct core_check_cbdata cores_cbdata;
-
- static gint
- rspamd_check_core_cb (const gchar *path, const struct stat *st,
- gint flag, struct FTW *ft)
- {
- if (S_ISREG (st->st_mode)) {
- cores_cbdata.total_count ++;
- /* Use physical size instead of displayed one */
- cores_cbdata.total_size += st->st_blocks * 512;
- }
-
- return 0;
- }
-
- #endif
-
- static void
- rspamd_check_core_limits (struct rspamd_main *rspamd_main)
- {
- #ifdef HAVE_NFTW
- struct rspamd_config *cfg = rspamd_main->cfg;
-
- cores_cbdata.cfg = cfg;
- cores_cbdata.total_count = 0;
- cores_cbdata.total_size = 0;
-
- if (cfg->cores_dir && (cfg->max_cores_count || cfg->max_cores_size)) {
- if (nftw (cfg->cores_dir, rspamd_check_core_cb, 1, FTW_MOUNT|FTW_PHYS)
- == -1) {
- msg_err_main ("nftw failed for path %s: %s", cfg->cores_dir,
- strerror (errno));
- }
- else {
- if (!rspamd_main->cores_throttling) {
- if (cfg->max_cores_size &&
- cores_cbdata.total_size > cfg->max_cores_size) {
- msg_warn_main (
- "enable cores throttling as size of cores in"
- " %s is %Hz, limit is %Hz",
- cfg->cores_dir,
- cores_cbdata.total_size,
- cfg->max_cores_size);
- rspamd_main->cores_throttling = TRUE;
- }
- if (cfg->max_cores_count &&
- cores_cbdata.total_count > cfg->max_cores_count) {
- msg_warn_main (
- "enable cores throttling as count of cores in"
- " %s is %z, limit is %z",
- cfg->cores_dir,
- cores_cbdata.total_count,
- cfg->max_cores_count);
- rspamd_main->cores_throttling = TRUE;
- }
- }
- else {
- if (cfg->max_cores_size &&
- cores_cbdata.total_size < cfg->max_cores_size) {
- msg_info_main (
- "disable cores throttling as size of cores in"
- " %s is now %Hz, limit is %Hz",
- cfg->cores_dir,
- cores_cbdata.total_size,
- cfg->max_cores_size);
- rspamd_main->cores_throttling = FALSE;
- }
- if (cfg->max_cores_count &&
- cores_cbdata.total_count < cfg->max_cores_count) {
- msg_info_main (
- "disable cores throttling as count of cores in"
- " %s is %z, limit is %z",
- cfg->cores_dir,
- cores_cbdata.total_count,
- cfg->max_cores_count);
- rspamd_main->cores_throttling = FALSE;
- }
- }
- }
- }
- #endif
- }
-
- static void
- reopen_log_handler (gpointer key, gpointer value, gpointer unused)
- {
- struct rspamd_worker *w = value;
- struct rspamd_main *rspamd_main;
-
- rspamd_main = w->srv;
-
- if (kill (w->pid, SIGUSR1) == -1) {
- msg_err_main ("kill failed for pid %P: %s", w->pid, strerror (errno));
- }
- }
-
- static gboolean
- load_rspamd_config (struct rspamd_main *rspamd_main,
- struct rspamd_config *cfg, gboolean init_modules,
- enum rspamd_post_load_options opts,
- gboolean reload)
- {
- cfg->compiled_modules = modules;
- cfg->compiled_workers = workers;
-
- if (!rspamd_config_read (cfg, cfg->cfg_name, config_logger, rspamd_main, ucl_vars)) {
- return FALSE;
- }
-
- /* Strictly set temp dir */
- if (!cfg->temp_dir) {
- msg_warn_main ("tempdir is not set, trying to use $TMPDIR");
- cfg->temp_dir =
- rspamd_mempool_strdup (cfg->cfg_pool, getenv ("TMPDIR"));
-
- if (!cfg->temp_dir) {
- msg_warn_main ("$TMPDIR is empty too, using /tmp as default");
- cfg->temp_dir = rspamd_mempool_strdup (cfg->cfg_pool, "/tmp");
- }
- }
-
- /*
- * As some rules are defined in lua, we need to process them, then init
- * modules and merely afterwards to init modules
- */
- rspamd_lua_post_load_config (cfg);
-
- if (init_modules) {
- rspamd_init_filters (cfg, reload);
- }
-
- /* Do post-load actions */
- rspamd_config_post_load (cfg, opts);
-
- return TRUE;
- }
-
- static gint
- perform_lua_tests (struct rspamd_config *cfg)
- {
- rspamd_fprintf (stderr, "no longer supported\n");
- return EXIT_FAILURE;
- }
-
- static gint
- perform_configs_sign (void)
- {
- rspamd_fprintf (stderr, "use rspamadm signtool for this operation\n");
- return EXIT_FAILURE;
- }
-
- static void
- do_encrypt_password (void)
- {
- rspamd_fprintf (stderr, "use rspamadm pw for this operation\n");
- }
-
- /* Signal handlers */
- static void
- rspamd_term_handler (gint signo, short what, gpointer arg)
- {
- struct rspamd_main *rspamd_main = arg;
-
- msg_info_main ("catch termination signal, waiting for children");
- rspamd_log_nolock (rspamd_main->logger);
- rspamd_pass_signal (rspamd_main->workers, signo);
-
- event_base_loopexit (rspamd_main->ev_base, NULL);
- }
-
- static void
- rspamd_usr1_handler (gint signo, short what, gpointer arg)
- {
- struct rspamd_main *rspamd_main = arg;
-
- rspamd_log_reopen_priv (rspamd_main->logger,
- rspamd_main->workers_uid,
- rspamd_main->workers_gid);
- g_hash_table_foreach (rspamd_main->workers, reopen_log_handler,
- NULL);
- }
-
- static void
- rspamd_hup_handler (gint signo, short what, gpointer arg)
- {
- struct rspamd_main *rspamd_main = arg;
-
- msg_info_main ("rspamd "
- RVERSION
- " is restarting");
- g_hash_table_foreach (rspamd_main->workers, kill_old_workers, NULL);
- rspamd_log_close_priv (rspamd_main->logger,
- FALSE,
- rspamd_main->workers_uid,
- rspamd_main->workers_gid);
- reread_config (rspamd_main);
- rspamd_check_core_limits (rspamd_main);
- spawn_workers (rspamd_main, rspamd_main->ev_base);
- }
-
- static void
- rspamd_cld_handler (gint signo, short what, gpointer arg)
- {
- struct rspamd_main *rspamd_main = arg;
- guint i;
- gint res = 0;
- struct rspamd_worker *cur;
- pid_t wrk;
- gboolean need_refork = TRUE;
-
- /* Turn off locking for logger */
- rspamd_log_nolock (rspamd_main->logger);
-
- msg_info_main ("catch SIGCHLD signal, finding terminated workers");
- /* Remove dead child form children list */
- while ((wrk = waitpid (0, &res, WNOHANG)) > 0) {
- if ((cur =
- g_hash_table_lookup (rspamd_main->workers,
- GSIZE_TO_POINTER (wrk))) != NULL) {
- /* Unlink dead process from queue and hash table */
-
- g_hash_table_remove (rspamd_main->workers, GSIZE_TO_POINTER (
- wrk));
-
- if (cur->wanna_die) {
- /* Do not refork workers that are intended to be terminated */
- need_refork = FALSE;
- }
-
- if (WIFEXITED (res) && WEXITSTATUS (res) == 0) {
- /* Normal worker termination, do not fork one more */
- msg_info_main ("%s process %P terminated normally",
- g_quark_to_string (cur->type),
- cur->pid);
- }
- else {
- if (WIFSIGNALED (res)) {
- #ifdef WCOREDUMP
- if (WCOREDUMP (res)) {
- msg_warn_main (
- "%s process %P terminated abnormally by signal: %s"
- " and created core file",
- g_quark_to_string (cur->type),
- cur->pid,
- g_strsignal (WTERMSIG (res)));
- }
- else {
- #ifdef HAVE_SYS_RESOURCE_H
- struct rlimit rlmt;
- (void)getrlimit (RLIMIT_CORE, &rlmt);
-
- msg_warn_main (
- "%s process %P terminated abnormally by signal: %s"
- " but NOT created core file (throttled=%s); "
- "core file limits: %L current, %L max",
- g_quark_to_string (cur->type),
- cur->pid,
- g_strsignal (WTERMSIG (res)),
- cur->cores_throttled ? "yes" : "no",
- (gint64)rlmt.rlim_cur,
- (gint64)rlmt.rlim_max);
- #else
- msg_warn_main (
- "%s process %P terminated abnormally by signal: %s"
- " but NOT created core file (throttled=%s); ",
- g_quark_to_string (cur->type),
- cur->pid,
- g_strsignal (WTERMSIG (res)),
- cur->cores_throttled ? "yes" : "no");
- #endif
- }
- #else
- msg_warn_main (
- "%s process %P terminated abnormally by signal: %s",
- g_quark_to_string (cur->type),
- cur->pid,
- g_strsignal (WTERMSIG (res)));
- #endif
- if (WTERMSIG (res) == SIGUSR2) {
- /*
- * It is actually race condition when not started process
- * has been requested to be reloaded.
- *
- * We shouldn't refork on this
- */
- need_refork = FALSE;
- }
- }
- else {
- msg_warn_main ("%s process %P terminated abnormally "
- "with exit code %d",
- g_quark_to_string (cur->type),
- cur->pid,
- WEXITSTATUS (res));
- }
-
- if (need_refork) {
- /* Fork another worker in replace of dead one */
- rspamd_check_core_limits (rspamd_main);
-
-
- rspamd_fork_delayed (cur->cf, cur->index, rspamd_main);
- }
- }
-
- if (cur->srv_pipe[0] != -1) {
- /* Ugly workaround */
- if (cur->tmp_data) {
- g_free (cur->tmp_data);
- }
- event_del (&cur->srv_ev);
- }
-
- if (cur->control_pipe[0] != -1) {
- /* We also need to clean descriptors left */
- close (cur->control_pipe[0]);
- close (cur->srv_pipe[0]);
- }
-
- REF_RELEASE (cur->cf);
-
- if (cur->finish_actions) {
- g_ptr_array_free (cur->finish_actions, TRUE);
- }
-
- g_free (cur);
- }
- else {
- for (i = 0; i < other_workers->len; i++) {
- if (g_array_index (other_workers, pid_t, i) == wrk) {
- g_array_remove_index_fast (other_workers, i);
- msg_info_main ("related process %P terminated", wrk);
- }
- }
- }
- }
-
- rspamd_log_lock (rspamd_main->logger);
- }
-
- static void
- rspamd_final_term_handler (gint signo, short what, gpointer arg)
- {
- struct rspamd_main *rspamd_main = arg;
-
- term_attempts--;
-
- g_hash_table_foreach_remove (rspamd_main->workers, wait_for_workers, NULL);
-
- if (g_hash_table_size (rspamd_main->workers) == 0) {
- event_base_loopexit (rspamd_main->ev_base, NULL);
- }
- }
-
- /* Control socket handler */
- static void
- rspamd_control_handler (gint fd, short what, gpointer arg)
- {
- struct rspamd_main *rspamd_main = arg;
- rspamd_inet_addr_t *addr;
- gint nfd;
-
- if ((nfd =
- rspamd_accept_from_socket (fd, &addr, NULL)) == -1) {
- msg_warn_main ("accept failed: %s", strerror (errno));
- return;
- }
- /* Check for EAGAIN */
- if (nfd == 0) {
- return;
- }
-
- msg_info_main ("accepted control connection from %s",
- rspamd_inet_address_to_string (addr));
-
- rspamd_control_process_client_socket (rspamd_main, nfd);
- }
-
- static guint
- rspamd_spair_hash (gconstpointer p)
- {
- return rspamd_cryptobox_fast_hash (p, PAIR_ID_LEN, rspamd_hash_seed ());
- }
-
- static gboolean
- rspamd_spair_equal (gconstpointer a, gconstpointer b)
- {
- return memcmp (a, b, PAIR_ID_LEN) == 0;
- }
-
- static void
- rspamd_spair_close (gpointer p)
- {
- gint *fds = p;
-
- close (fds[0]);
- close (fds[1]);
- g_free (p);
- }
-
- static void
- version (void)
- {
- #if defined(GIT_VERSION) && GIT_VERSION == 1
- rspamd_printf ("Rspamd daemon version " RVERSION "-git." RID "\n");
- #else
- rspamd_printf ("Rspamd daemon version " RVERSION "\n");
- #endif
- }
-
- gint
- main (gint argc, gchar **argv, gchar **env)
- {
- gint i, res = 0;
- struct sigaction signals, sigpipe_act;
- worker_t **pworker;
- GQuark type;
- rspamd_inet_addr_t *control_addr = NULL;
- struct event_base *ev_base;
- struct event term_ev, int_ev, cld_ev, hup_ev, usr1_ev, control_ev;
- struct timeval term_tv;
- struct rspamd_main *rspamd_main;
- gboolean skip_pid = FALSE, valgrind_mode = FALSE;
-
- #if ((GLIB_MAJOR_VERSION == 2) && (GLIB_MINOR_VERSION <= 30))
- g_thread_init (NULL);
- #endif
- rspamd_main = (struct rspamd_main *) g_malloc0 (sizeof (struct rspamd_main));
-
- rspamd_main->server_pool = rspamd_mempool_new (rspamd_mempool_suggest_size (),
- "main");
- rspamd_main->stat = rspamd_mempool_alloc0_shared (rspamd_main->server_pool,
- sizeof (struct rspamd_stat));
- rspamd_main->cfg = rspamd_config_new (RSPAMD_CONFIG_INIT_DEFAULT);
- rspamd_main->spairs = g_hash_table_new_full (rspamd_spair_hash,
- rspamd_spair_equal, g_free, rspamd_spair_close);
- rspamd_main->start_mtx = rspamd_mempool_get_mutex (rspamd_main->server_pool);
-
- if (getenv ("VALGRIND") != NULL) {
- valgrind_mode = TRUE;
- }
-
- #ifndef HAVE_SETPROCTITLE
- init_title (rspamd_main, argc, argv, env);
- #endif
-
- rspamd_main->cfg->libs_ctx = rspamd_init_libs ();
- memset (&signals, 0, sizeof (struct sigaction));
- other_workers = g_array_new (FALSE, TRUE, sizeof (pid_t));
-
- read_cmd_line (&argc, &argv, rspamd_main->cfg);
-
- if (show_version) {
- version ();
- exit (EXIT_SUCCESS);
- }
-
- if (argc > 0) {
- /* Parse variables */
- for (i = 0; i < argc; i++) {
- if (strchr (argv[i], '=') != NULL) {
- gchar *k, *v, *t;
-
- k = g_strdup (argv[i]);
- t = strchr (k, '=');
- v = g_strdup (t + 1);
- *t = '\0';
-
- if (ucl_vars == NULL) {
- ucl_vars = g_hash_table_new_full (rspamd_strcase_hash,
- rspamd_strcase_equal, g_free, g_free);
- }
-
- g_hash_table_insert (ucl_vars, k, v);
- }
- }
- }
-
- if (config_test || is_debug) {
- rspamd_main->cfg->log_level = G_LOG_LEVEL_DEBUG;
- }
- else {
- rspamd_main->cfg->log_level = G_LOG_LEVEL_WARNING;
- }
-
- type = g_quark_from_static_string ("main");
-
- /* First set logger to console logger */
- rspamd_main->cfg->log_type = RSPAMD_LOG_CONSOLE;
- rspamd_set_logger (rspamd_main->cfg, type,
- &rspamd_main->logger, rspamd_main->server_pool);
- (void) rspamd_log_open (rspamd_main->logger);
- g_log_set_default_handler (rspamd_glib_log_function, rspamd_main->logger);
- g_set_printerr_handler (rspamd_glib_printerr_function);
-
- detect_priv (rspamd_main);
-
- pworker = &workers[0];
- while (*pworker) {
- /* Init string quarks */
- (void) g_quark_from_static_string ((*pworker)->name);
- pworker++;
- }
-
- /* Init listen sockets hash */
- listen_sockets = g_hash_table_new (g_direct_hash, g_direct_equal);
-
- /* If we want to test lua skip everything except it */
- if (lua_tests != NULL && lua_tests[0] != NULL) {
- exit (perform_lua_tests (rspamd_main->cfg));
- }
-
- /* If we want to sign configs, just do it */
- if (sign_configs != NULL && privkey != NULL) {
- exit (perform_configs_sign ());
- }
-
- /* Same for keypair creation */
- if (gen_keypair) {
- rspamd_fprintf (stderr, "use rspamadm keypair for this operation\n");
- exit (EXIT_FAILURE);
- }
-
- if (encrypt_password) {
- do_encrypt_password ();
- exit (EXIT_SUCCESS);
- }
-
- rspamd_log_close_priv (rspamd_main->logger, FALSE,
- rspamd_main->workers_uid, rspamd_main->workers_gid);
-
- if (config_test || dump_cache) {
- if (!load_rspamd_config (rspamd_main, rspamd_main->cfg, FALSE, 0,
- FALSE)) {
- exit (EXIT_FAILURE);
- }
-
- res = TRUE;
-
- if (!rspamd_symcache_validate (rspamd_main->cfg->cache,
- rspamd_main->cfg,
- FALSE)) {
- res = FALSE;
- }
-
- if (dump_cache) {
- msg_err_main ("Use rspamc counters for dumping cache");
- exit (EXIT_FAILURE);
- }
-
- fprintf (stderr, "syntax %s\n", res ? "OK" : "BAD");
- return res ? EXIT_SUCCESS : EXIT_FAILURE;
- }
-
- sqlite3_initialize ();
-
- /* Load config */
- if (!load_rspamd_config (rspamd_main, rspamd_main->cfg, TRUE,
- RSPAMD_CONFIG_LOAD_ALL, FALSE)) {
- exit (EXIT_FAILURE);
- }
-
- /* Override pidfile from configuration by command line argument */
- if (rspamd_pidfile != NULL) {
- rspamd_main->cfg->pid_file = rspamd_pidfile;
- }
-
- /* Force debug log */
- if (is_debug) {
- rspamd_main->cfg->log_level = G_LOG_LEVEL_DEBUG;
- }
-
- /* Create rolling history */
- rspamd_main->history = rspamd_roll_history_new (rspamd_main->server_pool,
- rspamd_main->cfg->history_rows, rspamd_main->cfg);
-
- gperf_profiler_init (rspamd_main->cfg, "main");
-
- msg_info_main ("rspamd "
- RVERSION
- " is starting, build id: "
- RID);
- rspamd_main->cfg->cfg_name = rspamd_mempool_strdup (
- rspamd_main->cfg->cfg_pool,
- rspamd_main->cfg->cfg_name);
- msg_info_main ("cpu features: %s",
- rspamd_main->cfg->libs_ctx->crypto_ctx->cpu_extensions);
- msg_info_main ("cryptobox configuration: curve25519(%s), "
- "chacha20(%s), poly1305(%s), siphash(%s), blake2(%s), base64(%s)",
- rspamd_main->cfg->libs_ctx->crypto_ctx->curve25519_impl,
- rspamd_main->cfg->libs_ctx->crypto_ctx->chacha20_impl,
- rspamd_main->cfg->libs_ctx->crypto_ctx->poly1305_impl,
- rspamd_main->cfg->libs_ctx->crypto_ctx->siphash_impl,
- rspamd_main->cfg->libs_ctx->crypto_ctx->blake2_impl,
- rspamd_main->cfg->libs_ctx->crypto_ctx->base64_impl);
- msg_info_main ("libottery prf: %s", ottery_get_impl_name ());
-
- /* Daemonize */
- if (!no_fork && daemon (0, 0) == -1) {
- rspamd_fprintf (stderr, "Cannot daemonize\n");
- exit (-errno);
- }
-
- /* Write info */
- rspamd_main->pid = getpid ();
- rspamd_main->type = type;
-
- if (!valgrind_mode) {
- rspamd_set_crash_handler (rspamd_main);
- }
-
- /* Ignore SIGPIPE as we handle write errors manually */
- sigemptyset (&sigpipe_act.sa_mask);
- sigaddset (&sigpipe_act.sa_mask, SIGPIPE);
- sigpipe_act.sa_handler = SIG_IGN;
- sigpipe_act.sa_flags = 0;
- sigaction (SIGPIPE, &sigpipe_act, NULL);
-
- if (rspamd_main->cfg->pid_file == NULL) {
- msg_info_main ("pid file is not specified, skipping writing it");
- skip_pid = TRUE;
- }
- else if (no_fork) {
- msg_info_main ("skip writing pid in no-fork mode");
- skip_pid = TRUE;
- }
- else if (rspamd_write_pid (rspamd_main) == -1) {
- msg_err_main ("cannot write pid file %s", rspamd_main->cfg->pid_file);
- exit (-errno);
- }
-
- /* Block signals to use sigsuspend in future */
- sigprocmask (SIG_BLOCK, &signals.sa_mask, NULL);
-
- /* Set title */
- setproctitle ("main process");
-
-
- /* Flush log */
- rspamd_log_flush (rspamd_main->logger);
-
- /* Open control socket if needed */
- control_fd = -1;
- if (rspamd_main->cfg->control_socket_path) {
- if (!rspamd_parse_inet_address (&control_addr,
- rspamd_main->cfg->control_socket_path,
- 0)) {
- msg_err_main ("cannot parse inet address %s",
- rspamd_main->cfg->control_socket_path);
- }
- else {
- control_fd = rspamd_inet_address_listen (control_addr, SOCK_STREAM,
- TRUE);
- if (control_fd == -1) {
- msg_err_main ("cannot open control socket at path: %s",
- rspamd_main->cfg->control_socket_path);
- }
- }
- }
-
- /* Maybe read roll history */
- if (rspamd_main->cfg->history_file) {
- rspamd_roll_history_load (rspamd_main->history,
- rspamd_main->cfg->history_file);
- }
-
- #if defined(WITH_GPERF_TOOLS)
- ProfilerStop ();
- #endif
- /* Spawn workers */
- rspamd_main->workers = g_hash_table_new (g_direct_hash, g_direct_equal);
-
- /* Init event base */
- ev_base = event_init ();
- rspamd_main->ev_base = ev_base;
- /* Unblock signals */
- sigemptyset (&signals.sa_mask);
- sigprocmask (SIG_SETMASK, &signals.sa_mask, NULL);
-
- /* Set events for signals */
- evsignal_set (&term_ev, SIGTERM, rspamd_term_handler, rspamd_main);
- event_base_set (ev_base, &term_ev);
- event_add (&term_ev, NULL);
- evsignal_set (&int_ev, SIGINT, rspamd_term_handler, rspamd_main);
- event_base_set (ev_base, &int_ev);
- event_add (&int_ev, NULL);
- evsignal_set (&hup_ev, SIGHUP, rspamd_hup_handler, rspamd_main);
- event_base_set (ev_base, &hup_ev);
- event_add (&hup_ev, NULL);
- evsignal_set (&cld_ev, SIGCHLD, rspamd_cld_handler, rspamd_main);
- event_base_set (ev_base, &cld_ev);
- event_add (&cld_ev, NULL);
- evsignal_set (&usr1_ev, SIGUSR1, rspamd_usr1_handler, rspamd_main);
- event_base_set (ev_base, &usr1_ev);
- event_add (&usr1_ev, NULL);
-
- rspamd_check_core_limits (rspamd_main);
- rspamd_mempool_lock_mutex (rspamd_main->start_mtx);
- spawn_workers (rspamd_main, ev_base);
- rspamd_mempool_unlock_mutex (rspamd_main->start_mtx);
-
- if (control_fd != -1) {
- msg_info_main ("listening for control commands on %s",
- rspamd_inet_address_to_string (control_addr));
- event_set (&control_ev, control_fd, EV_READ|EV_PERSIST,
- rspamd_control_handler, rspamd_main);
- event_base_set (ev_base, &control_ev);
- event_add (&control_ev, NULL);
- }
-
- event_base_loop (ev_base, 0);
- /* We need to block signals unless children are waited for */
- rspamd_worker_block_signals ();
-
- event_del (&term_ev);
- event_del (&int_ev);
- event_del (&hup_ev);
- event_del (&cld_ev);
- event_del (&usr1_ev);
-
- if (control_fd != -1) {
- event_del (&control_ev);
- close (control_fd);
- }
-
- if (valgrind_mode) {
- /* Special case if we are likely running with valgrind */
- term_attempts = TERMINATION_ATTEMPTS * 10;
- }
- else {
- term_attempts = TERMINATION_ATTEMPTS;
- }
-
- /* Check each 200 ms */
- term_tv.tv_sec = 0;
- term_tv.tv_usec = 200000;
-
- /* Wait for workers termination */
- g_hash_table_foreach_remove (rspamd_main->workers, wait_for_workers, NULL);
-
- event_set (&term_ev, -1, EV_TIMEOUT|EV_PERSIST,
- rspamd_final_term_handler, rspamd_main);
- event_base_set (ev_base, &term_ev);
- event_add (&term_ev, &term_tv);
-
- event_base_loop (ev_base, 0);
- event_del (&term_ev);
-
- /* Maybe save roll history */
- if (rspamd_main->cfg->history_file) {
- rspamd_roll_history_save (rspamd_main->history,
- rspamd_main->cfg->history_file);
- }
-
- msg_info_main ("terminating...");
-
- REF_RELEASE (rspamd_main->cfg);
- rspamd_log_close (rspamd_main->logger, TRUE);
- g_hash_table_unref (rspamd_main->spairs);
- g_hash_table_unref (rspamd_main->workers);
- rspamd_mempool_delete (rspamd_main->server_pool);
-
- if (!skip_pid) {
- rspamd_pidfile_close (rspamd_main->pfh);
- }
-
- g_free (rspamd_main);
- event_base_free (ev_base);
- sqlite3_shutdown ();
-
- if (control_addr) {
- rspamd_inet_address_free (control_addr);
- }
-
- return (res);
- }
|