1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729 |
- /*
- * Copyright 2023 Vsevolod Stakhov
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- #include "config.h"
- #include "blas-config.h"
- #include "rspamd.h"
- #include "libserver/maps/map.h"
- #include "lua/lua_common.h"
- #include "libserver/worker_util.h"
- #include "libserver/rspamd_control.h"
- #include "ottery.h"
- #include "cryptobox.h"
- #include "utlist.h"
- #include "unix-std.h"
- /* pwd and grp */
- #ifdef HAVE_PWD_H
- #include <pwd.h>
- #endif
- #ifdef HAVE_GRP_H
- #include <grp.h>
- #endif
-
- #ifdef HAVE_NFTW
- #include <ftw.h>
- #endif
-
- #include <signal.h>
- #ifdef HAVE_SYS_RESOURCE_H
- #include <sys/resource.h>
- #endif
- #ifdef HAVE_LIBUTIL_H
- #include <libutil.h>
- #endif
-
- #ifdef HAVE_OPENSSL
- #include <openssl/err.h>
- #include <openssl/evp.h>
- #include <math.h>
-
- #endif
-
- #include "sqlite3.h"
- #include "contrib/libev/ev.h"
-
- #ifdef WITH_HYPERSCAN
- #include "libserver/hyperscan_tools.h"
- #endif
-
- /* 2 seconds to fork new process in place of dead one */
- #define SOFT_FORK_TIME 2
-
- /* 10 seconds after getting termination signal to terminate all workers with SIGKILL */
- #define TERMINATION_INTERVAL (0.2)
-
- static gboolean load_rspamd_config(struct rspamd_main *rspamd_main,
- struct rspamd_config *cfg,
- gboolean init_modules,
- enum rspamd_post_load_options opts,
- gboolean reload);
- static void rspamd_cld_handler(EV_P_ ev_child *w,
- struct rspamd_main *rspamd_main,
- struct rspamd_worker *wrk);
-
- /* Control socket */
- static gint control_fd;
- static ev_io control_ev;
- static struct rspamd_stat old_stat;
- static ev_timer stat_ev;
-
- static gboolean valgrind_mode = FALSE;
-
- /* Cmdline options */
- static gboolean no_fork = FALSE;
- static gboolean show_version = FALSE;
- static gchar **cfg_names = NULL;
- static gchar *rspamd_user = NULL;
- static gchar *rspamd_group = NULL;
- static gchar *rspamd_pidfile = NULL;
- static gboolean is_debug = FALSE;
- static gboolean is_insecure = FALSE;
- static GHashTable *ucl_vars = NULL;
- static gchar **lua_env = NULL;
- static gboolean skip_template = FALSE;
-
- static gint term_attempts = 0;
-
- /* List of active listen sockets indexed by worker type */
- static GHashTable *listen_sockets = NULL;
-
- /* Defined in modules.c */
- extern module_t *modules[];
- extern worker_t *workers[];
-
- /* Command line options */
- static gboolean rspamd_parse_var(const gchar *option_name,
- const gchar *value, gpointer data,
- GError **error);
- static GOptionEntry entries[] =
- {
- {"no-fork", 'f', 0, G_OPTION_ARG_NONE, &no_fork,
- "Do not daemonize main process", NULL},
- {"config", 'c', 0, G_OPTION_ARG_FILENAME_ARRAY, &cfg_names,
- "Specify config file(s)", NULL},
- {"user", 'u', 0, G_OPTION_ARG_STRING, &rspamd_user,
- "User to run rspamd as", NULL},
- {"group", 'g', 0, G_OPTION_ARG_STRING, &rspamd_group,
- "Group to run rspamd as", NULL},
- {"pid", 'p', 0, G_OPTION_ARG_STRING, &rspamd_pidfile, "Path to pidfile",
- NULL},
- {"debug", 'd', 0, G_OPTION_ARG_NONE, &is_debug, "Force debug output",
- NULL},
- {"insecure", 'i', 0, G_OPTION_ARG_NONE, &is_insecure,
- "Ignore running workers as privileged users (insecure)", NULL},
- {"version", 'v', 0, G_OPTION_ARG_NONE, &show_version,
- "Show version and exit", NULL},
- {"var", 0, 0, G_OPTION_ARG_CALLBACK, (gpointer) &rspamd_parse_var,
- "Redefine/define environment variable", NULL},
- {"skip-template", 'T', 0, G_OPTION_ARG_NONE, &skip_template,
- "Do not apply Jinja templates", NULL},
- {"lua-env", '\0', 0, G_OPTION_ARG_FILENAME_ARRAY, &lua_env,
- "Load lua environment from the specified files", NULL},
- {NULL, 0, 0, G_OPTION_ARG_NONE, NULL, NULL, NULL}};
-
- static gboolean
- rspamd_parse_var(const gchar *option_name,
- const gchar *value, gpointer data,
- GError **error)
- {
- gchar *k, *v, *t;
-
- t = strchr(value, '=');
-
- if (t != NULL) {
- k = g_strdup(value);
- t = k + (t - value);
- v = g_strdup(t + 1);
- *t = '\0';
-
- if (ucl_vars == NULL) {
- ucl_vars = g_hash_table_new_full(rspamd_strcase_hash,
- rspamd_strcase_equal, g_free, g_free);
- }
-
- g_hash_table_insert(ucl_vars, k, v);
- }
- else {
- g_set_error(error, g_quark_try_string("main"), EINVAL,
- "Bad variable format: %s", value);
- return FALSE;
- }
-
- return TRUE;
- }
-
- static void
- read_cmd_line(gint *argc, gchar ***argv, struct rspamd_config *cfg)
- {
- GError *error = NULL;
- GOptionContext *context;
- guint cfg_num;
-
- context = g_option_context_new("- run rspamd daemon");
- #if defined(GIT_VERSION) && GIT_VERSION == 1
- g_option_context_set_summary(context,
- "Summary:\n Rspamd daemon version " RVERSION "-git\n Git id: " RID);
- #else
- g_option_context_set_summary(context,
- "Summary:\n Rspamd daemon version " RVERSION);
- #endif
- g_option_context_add_main_entries(context, entries, NULL);
-
- if (!g_option_context_parse(context, argc, argv, &error)) {
- fprintf(stderr, "option parsing failed: %s\n", error->message);
- g_option_context_free(context);
- exit(EXIT_FAILURE);
- }
-
- cfg->rspamd_user = rspamd_user;
- cfg->rspamd_group = rspamd_group;
- cfg_num = cfg_names != NULL ? g_strv_length(cfg_names) : 0;
-
- if (cfg_num == 0) {
- cfg->cfg_name = FIXED_CONFIG_FILE;
- }
- else {
- cfg->cfg_name = cfg_names[0];
- g_assert(cfg_num == 1);
- }
-
- cfg->pid_file = rspamd_pidfile;
- g_option_context_free(context);
- }
-
- static int
- rspamd_write_pid(struct rspamd_main *main)
- {
- pid_t pid;
-
- if (main->cfg->pid_file == NULL) {
- return -1;
- }
- main->pfh = rspamd_pidfile_open(main->cfg->pid_file, 0644, &pid);
-
- if (main->pfh == NULL) {
- return -1;
- }
-
- if (main->is_privileged) {
- /* Force root user as owner of pid file */
- #ifdef HAVE_PIDFILE_FILENO
- if (fchown(pidfile_fileno(main->pfh), 0, 0) == -1) {
- #else
- if (fchown(main->pfh->pf_fd, 0, 0) == -1) {
- #endif
- }
- }
-
- rspamd_pidfile_write(main->pfh);
-
- return 0;
- }
-
- /* Detect privileged mode */
- static void
- detect_priv(struct rspamd_main *rspamd_main)
- {
- struct passwd *pwd;
- struct group *grp;
- uid_t euid;
-
- euid = geteuid();
-
- if (euid == 0) {
- if (!rspamd_main->cfg->rspamd_user && !is_insecure) {
- msg_err_main(
- "cannot run rspamd workers as root user, please add -u and -g options to select a proper unprivileged user or specify --insecure flag");
- exit(EXIT_FAILURE);
- }
- else if (is_insecure) {
- rspamd_main->is_privileged = TRUE;
- rspamd_main->workers_uid = 0;
- rspamd_main->workers_gid = 0;
- }
- else {
- rspamd_main->is_privileged = TRUE;
- pwd = getpwnam(rspamd_main->cfg->rspamd_user);
- if (pwd == NULL) {
- msg_err_main("user specified does not exists (%s), aborting",
- strerror(errno));
- exit(-errno);
- }
- if (rspamd_main->cfg->rspamd_group) {
- grp = getgrnam(rspamd_main->cfg->rspamd_group);
- if (grp == NULL) {
- msg_err_main("group specified does not exists (%s), aborting",
- strerror(errno));
- exit(-errno);
- }
- rspamd_main->workers_gid = grp->gr_gid;
- }
- else {
- /* Use the main group of user */
- rspamd_main->workers_gid = pwd->pw_gid;
- }
- rspamd_main->workers_uid = pwd->pw_uid;
- }
- }
- else {
- rspamd_main->is_privileged = FALSE;
- rspamd_main->workers_uid = (uid_t) -1;
- rspamd_main->workers_gid = (gid_t) -1;
- }
- }
-
- static void
- config_logger(rspamd_mempool_t *pool, gpointer ud)
- {
- struct rspamd_main *rspamd_main = ud;
-
- rspamd_main->logger = rspamd_log_open_specific(rspamd_main->server_pool,
- rspamd_main->cfg,
- "main",
- rspamd_main->workers_uid,
- rspamd_main->workers_gid);
-
- if (rspamd_main->logger == NULL) {
- /*
- * XXX:
- * Error has been already logged (in fact,
- * we might fall back to console logger here)
- */
- exit(EXIT_FAILURE);
- }
-
- rspamd_logger_configure_modules(rspamd_main->cfg->debug_modules);
- }
-
- static gboolean
- reread_config(struct rspamd_main *rspamd_main)
- {
- struct rspamd_config *tmp_cfg, *old_cfg;
- gchar *cfg_file;
- int load_opts = RSPAMD_CONFIG_INIT_VALIDATE | RSPAMD_CONFIG_INIT_SYMCACHE |
- RSPAMD_CONFIG_INIT_LIBS | RSPAMD_CONFIG_INIT_URL;
-
- rspamd_symcache_save(rspamd_main->cfg->cache);
- tmp_cfg = rspamd_config_new(RSPAMD_CONFIG_INIT_DEFAULT);
- tmp_cfg->libs_ctx = rspamd_main->cfg->libs_ctx;
- REF_RETAIN(tmp_cfg->libs_ctx);
- cfg_file = rspamd_mempool_strdup(tmp_cfg->cfg_pool,
- rspamd_main->cfg->cfg_name);
- /* Save some variables */
- tmp_cfg->cfg_name = cfg_file;
- old_cfg = rspamd_main->cfg;
- rspamd_main->cfg = tmp_cfg;
- rspamd_logger_t *old_logger = rspamd_main->logger;
-
- if (!load_rspamd_config(rspamd_main, tmp_cfg, TRUE, load_opts, TRUE)) {
- rspamd_main->cfg = old_cfg;
- rspamd_main->logger = old_logger;
- msg_err_main("cannot parse new config file, revert to old one");
- REF_RELEASE(tmp_cfg);
-
- return FALSE;
- }
- else {
- rspamd_log_close(old_logger);
- msg_info_main("replacing config");
- REF_RELEASE(old_cfg);
- rspamd_main->cfg->rspamd_user = rspamd_user;
- rspamd_main->cfg->rspamd_group = rspamd_group;
- /* Here, we can do post actions with the existing config */
- /*
- * As some rules are defined in lua, we need to process them, then init
- * modules and merely afterwards to init modules
- */
- rspamd_lua_post_load_config(tmp_cfg);
- rspamd_init_filters(tmp_cfg, true, false);
-
- /* Do post-load actions */
- rspamd_config_post_load(tmp_cfg,
- load_opts | RSPAMD_CONFIG_INIT_POST_LOAD_LUA | RSPAMD_CONFIG_INIT_PRELOAD_MAPS);
- msg_info_main("config has been reread successfully");
- }
-
- return TRUE;
- }
-
- struct waiting_worker {
- struct rspamd_main *rspamd_main;
- struct ev_timer wait_ev;
- struct rspamd_worker_conf *cf;
- guint oldindex;
- };
-
- static void
- rspamd_fork_delayed_cb(EV_P_ ev_timer *w, int revents)
- {
- struct waiting_worker *waiting_worker = (struct waiting_worker *) w->data;
-
- ev_timer_stop(EV_A_ & waiting_worker->wait_ev);
- rspamd_fork_worker(waiting_worker->rspamd_main, waiting_worker->cf,
- waiting_worker->oldindex,
- waiting_worker->rspamd_main->event_loop,
- rspamd_cld_handler, listen_sockets);
- REF_RELEASE(waiting_worker->cf);
- g_free(waiting_worker);
- }
-
- static void
- rspamd_fork_delayed(struct rspamd_worker_conf *cf,
- guint index,
- struct rspamd_main *rspamd_main)
- {
- struct waiting_worker *nw;
-
- nw = g_malloc0(sizeof(*nw));
- nw->cf = cf;
- nw->oldindex = index;
- nw->rspamd_main = rspamd_main;
- REF_RETAIN(cf);
- nw->wait_ev.data = nw;
- ev_timer_init(&nw->wait_ev, rspamd_fork_delayed_cb, SOFT_FORK_TIME, 0.0);
- ev_timer_start(rspamd_main->event_loop, &nw->wait_ev);
- }
-
- static GList *
- create_listen_socket(GPtrArray *addrs, guint cnt,
- enum rspamd_worker_socket_type listen_type)
- {
- GList *result = NULL;
- gint fd;
- guint i;
- static const int listen_opts = RSPAMD_INET_ADDRESS_LISTEN_ASYNC;
- struct rspamd_worker_listen_socket *ls;
-
- g_ptr_array_sort(addrs, rspamd_inet_address_compare_ptr);
- for (i = 0; i < cnt; i++) {
-
- /*
- * Copy address to avoid reload issues
- */
- if (listen_type & RSPAMD_WORKER_SOCKET_TCP) {
- fd = rspamd_inet_address_listen(g_ptr_array_index(addrs, i),
- SOCK_STREAM,
- listen_opts, -1);
- if (fd != -1) {
- ls = g_malloc0(sizeof(*ls));
- ls->addr = rspamd_inet_address_copy(g_ptr_array_index(addrs, i), NULL);
- ls->fd = fd;
- ls->type = RSPAMD_WORKER_SOCKET_TCP;
- result = g_list_prepend(result, ls);
- }
- }
- if (listen_type & RSPAMD_WORKER_SOCKET_UDP) {
- fd = rspamd_inet_address_listen(g_ptr_array_index(addrs, i),
- SOCK_DGRAM,
- listen_opts | RSPAMD_INET_ADDRESS_LISTEN_REUSEPORT, -1);
- if (fd != -1) {
- ls = g_malloc0(sizeof(*ls));
- ls->addr = rspamd_inet_address_copy(g_ptr_array_index(addrs, i), NULL);
- ls->fd = fd;
- ls->type = RSPAMD_WORKER_SOCKET_UDP;
- result = g_list_prepend(result, ls);
- }
- }
- }
-
- return result;
- }
-
- static GList *
- systemd_get_socket(struct rspamd_main *rspamd_main, const gchar *fdname)
- {
- int number, sock, num_passed, flags;
- GList *result = NULL;
- const gchar *e;
- gchar **fdnames;
- gchar *end;
- struct stat st;
- static const int sd_listen_fds_start = 3; /* SD_LISTEN_FDS_START */
- struct rspamd_worker_listen_socket *ls;
-
- union {
- struct sockaddr_storage ss;
- struct sockaddr sa;
- struct sockaddr_un sun;
- struct sockaddr_in6 s6;
- } addr_storage;
- socklen_t slen = sizeof(addr_storage);
- gint stype;
-
- number = strtoul(fdname, &end, 10);
- if (end != NULL && *end != '\0') {
- /* Cannot parse as number, assume a name in LISTEN_FDNAMES. */
- e = getenv("LISTEN_FDNAMES");
- if (!e) {
- msg_err_main("cannot get systemd variable 'LISTEN_FDNAMES'");
- errno = ENOENT;
- return NULL;
- }
-
- fdnames = g_strsplit(e, ":", -1);
- for (number = 0; fdnames[number]; number++) {
- if (!strcmp(fdnames[number], fdname)) {
- break;
- }
- }
- if (!fdnames[number]) {
- number = -1;
- }
- g_strfreev(fdnames);
- }
-
- if (number < 0) {
- msg_warn_main("cannot find systemd socket: %s", fdname);
- errno = ENOENT;
- return NULL;
- }
-
- e = getenv("LISTEN_FDS");
- if (e != NULL) {
- errno = 0;
- num_passed = strtoul(e, &end, 10);
- if ((end == NULL || *end == '\0') && num_passed > number) {
- sock = number + sd_listen_fds_start;
- if (fstat(sock, &st) == -1) {
- msg_warn_main("cannot stat systemd descriptor %d", sock);
- return NULL;
- }
- if (!S_ISSOCK(st.st_mode)) {
- msg_warn_main("systemd descriptor %d is not a socket", sock);
- errno = EINVAL;
- return NULL;
- }
- flags = fcntl(sock, F_GETFD);
-
- if (flags != -1) {
- (void) fcntl(sock, F_SETFD, flags | FD_CLOEXEC);
- }
-
- rspamd_socket_nonblocking(sock);
-
- if (getsockname(sock, &addr_storage.sa, &slen) == -1) {
- msg_warn_main("cannot get name for systemd descriptor %d: %s",
- sock, strerror(errno));
- errno = EINVAL;
- return NULL;
- }
-
- ls = g_malloc0(sizeof(*ls));
- ls->addr = rspamd_inet_address_from_sa(&addr_storage.sa, slen);
- ls->fd = sock;
- ls->is_systemd = true;
-
- slen = sizeof(stype);
- if (getsockopt(sock, SOL_SOCKET, SO_TYPE, &stype, &slen) != -1) {
- if (stype == SOCK_STREAM) {
- ls->type = RSPAMD_WORKER_SOCKET_TCP;
- }
- else {
- ls->type = RSPAMD_WORKER_SOCKET_UDP;
- }
- }
- else {
- msg_warn_main("cannot get type for systemd descriptor %d: %s",
- sock, strerror(errno));
- ls->type = RSPAMD_WORKER_SOCKET_TCP;
- }
-
-
- result = g_list_prepend(result, ls);
- }
- else if (num_passed <= number) {
- msg_err_main("systemd LISTEN_FDS does not contain the expected fd: %d",
- num_passed);
- errno = EINVAL;
- }
- }
- else {
- msg_err_main("cannot get systemd variable 'LISTEN_FDS'");
- errno = ENOENT;
- }
-
- return result;
- }
-
- static void
- pass_signal_cb(gpointer key, gpointer value, gpointer ud)
- {
- struct rspamd_worker *cur = value;
- gint signo = GPOINTER_TO_INT(ud);
-
- kill(cur->pid, signo);
- }
-
- static void
- rspamd_pass_signal(GHashTable *workers, gint signo)
- {
- g_hash_table_foreach(workers, pass_signal_cb, GINT_TO_POINTER(signo));
- }
-
- static inline uintptr_t
- make_listen_key(struct rspamd_worker_bind_conf *cf)
- {
- rspamd_cryptobox_fast_hash_state_t st;
- guint i, keylen = 0;
- guint8 *key;
- rspamd_inet_addr_t *addr;
- guint16 port;
-
- rspamd_cryptobox_fast_hash_init(&st, rspamd_hash_seed());
- if (cf->is_systemd) {
- /* Something like 'systemd:0' or 'systemd:controller'. */
- rspamd_cryptobox_fast_hash_update(&st, cf->name, strlen(cf->name));
- }
- else {
- rspamd_cryptobox_fast_hash_update(&st, cf->name, strlen(cf->name));
- for (i = 0; i < cf->cnt; i++) {
- addr = g_ptr_array_index(cf->addrs, i);
- key = rspamd_inet_address_get_hash_key(
- addr, &keylen);
- rspamd_cryptobox_fast_hash_update(&st, key, keylen);
- port = rspamd_inet_address_get_port(addr);
- rspamd_cryptobox_fast_hash_update(&st, &port, sizeof(port));
- }
- }
-
- return rspamd_cryptobox_fast_hash_final(&st);
- }
-
- static void
- spawn_worker_type(struct rspamd_main *rspamd_main, struct ev_loop *event_loop,
- struct rspamd_worker_conf *cf)
- {
- gint i;
-
- if (cf->count < 0) {
- msg_info_main("skip spawning of worker %s: disabled in configuration",
- cf->worker->name);
-
- return;
- }
- if (cf->worker->flags & RSPAMD_WORKER_UNIQUE) {
- if (cf->count > 1) {
- msg_warn_main(
- "cannot spawn more than 1 %s worker, so spawn one",
- cf->worker->name);
- }
- rspamd_fork_worker(rspamd_main, cf, 0, event_loop, rspamd_cld_handler,
- listen_sockets);
- }
- else if (cf->worker->flags & RSPAMD_WORKER_THREADED) {
- rspamd_fork_worker(rspamd_main, cf, 0, event_loop, rspamd_cld_handler,
- listen_sockets);
- }
- else {
- for (i = 0; i < cf->count; i++) {
- rspamd_fork_worker(rspamd_main, cf, i, event_loop,
- rspamd_cld_handler, listen_sockets);
- }
- }
- }
-
- static void
- spawn_workers(struct rspamd_main *rspamd_main, struct ev_loop *ev_base)
- {
- GList *cur, *ls;
- struct rspamd_worker_conf *cf;
- gpointer p;
- guintptr key;
- struct rspamd_worker_bind_conf *bcf;
- gboolean listen_ok = FALSE;
- GPtrArray *seen_mandatory_workers;
- worker_t **cw, *wrk;
- guint i;
-
- /* Special hack for hs_helper if it's not defined in a config */
- seen_mandatory_workers = g_ptr_array_new();
- cur = rspamd_main->cfg->workers;
-
- while (cur) {
- cf = cur->data;
- listen_ok = FALSE;
-
- if (cf->worker == NULL) {
- msg_err_main("type of worker is unspecified, skip spawning");
- }
- else {
- if (!cf->enabled || cf->count <= 0) {
- msg_info_main("worker of type %s(%s) is disabled in the config, "
- "skip spawning",
- g_quark_to_string(cf->type),
- cf->bind_conf ? cf->bind_conf->name : "none");
- cur = g_list_next(cur);
-
- continue;
- }
-
- if (cf->worker->flags & RSPAMD_WORKER_ALWAYS_START) {
- g_ptr_array_add(seen_mandatory_workers, cf->worker);
- }
- if (cf->worker->flags & RSPAMD_WORKER_HAS_SOCKET) {
- LL_FOREACH(cf->bind_conf, bcf)
- {
- key = make_listen_key(bcf);
-
- if ((p =
- g_hash_table_lookup(listen_sockets,
- GINT_TO_POINTER(key))) == NULL) {
-
- if (!bcf->is_systemd) {
- /* Create listen socket */
- ls = create_listen_socket(bcf->addrs, bcf->cnt,
- cf->worker->listen_type);
- }
- else {
- ls = systemd_get_socket(rspamd_main,
- g_ptr_array_index(bcf->addrs, 0));
- }
-
- if (ls == NULL) {
- msg_err_main("cannot listen on %s socket %s: %s",
- bcf->is_systemd ? "systemd" : "normal",
- bcf->name,
- strerror(errno));
- }
- else {
- g_hash_table_insert(listen_sockets, (gpointer) key, ls);
- listen_ok = TRUE;
- }
- }
- else {
- /* We had socket for this type of worker */
- ls = p;
- listen_ok = TRUE;
- }
- /* Do not add existing lists as it causes loops */
- if (g_list_position(cf->listen_socks, ls) == -1) {
- cf->listen_socks = g_list_concat(cf->listen_socks, ls);
- }
- }
-
- if (listen_ok) {
- spawn_worker_type(rspamd_main, ev_base, cf);
- }
- else {
- if (cf->bind_conf == NULL) {
- msg_err_main("cannot create listen socket for %s",
- g_quark_to_string(cf->type));
- }
- else {
- msg_err_main("cannot create listen socket for %s at %s",
- g_quark_to_string(cf->type), cf->bind_conf->name);
- }
-
- rspamd_hard_terminate(rspamd_main);
- g_assert_not_reached();
- }
- }
- else {
- spawn_worker_type(rspamd_main, ev_base, cf);
- }
- }
-
- cur = g_list_next(cur);
- }
-
- for (cw = workers; *cw != NULL; cw++) {
- gboolean seen = FALSE;
-
- wrk = *cw;
-
- if (wrk->flags & RSPAMD_WORKER_ALWAYS_START) {
- for (i = 0; i < seen_mandatory_workers->len; i++) {
- if (wrk == g_ptr_array_index(seen_mandatory_workers, i)) {
- seen = TRUE;
- break;
- }
- }
-
- if (!seen) {
- cf = rspamd_config_new_worker(rspamd_main->cfg, NULL);
- cf->count = 1;
- cf->worker = wrk;
- cf->type = g_quark_from_static_string(wrk->name);
-
- if (cf->worker->worker_init_func) {
- cf->ctx = cf->worker->worker_init_func(rspamd_main->cfg);
- }
-
- spawn_worker_type(rspamd_main, ev_base, cf);
- }
- }
- }
-
- g_ptr_array_free(seen_mandatory_workers, TRUE);
- }
-
- static void
- kill_old_workers(gpointer key, gpointer value, gpointer unused)
- {
- struct rspamd_worker *w = value;
- struct rspamd_main *rspamd_main;
-
- rspamd_main = w->srv;
-
- if (w->state == rspamd_worker_state_wanna_die) {
- w->state = rspamd_worker_state_terminating;
- kill(w->pid, SIGUSR2);
- ev_io_stop(rspamd_main->event_loop, &w->srv_ev);
- g_hash_table_remove_all(w->control_events_pending);
- msg_info_main("send signal to worker %P", w->pid);
- }
- else if (w->state != rspamd_worker_state_running) {
- msg_info_main("do not send signal to worker %P, already sent", w->pid);
- }
- }
-
- static void
- mark_old_workers(gpointer key, gpointer value, gpointer unused)
- {
- struct rspamd_worker *w = value;
-
- if (w->state == rspamd_worker_state_running) {
- w->state = rspamd_worker_state_wanna_die;
- }
-
- w->flags |= RSPAMD_WORKER_OLD_CONFIG;
- }
-
- static void
- rspamd_worker_wait(struct rspamd_worker *w)
- {
- struct rspamd_main *rspamd_main;
- rspamd_main = w->srv;
-
- if (term_attempts < 0) {
- if (w->cf->worker->flags & RSPAMD_WORKER_KILLABLE) {
- if (kill(w->pid, SIGKILL) == -1) {
- if (errno == ESRCH) {
- /* We have actually killed the process */
- return;
- }
- }
- else {
- msg_warn_main("terminate worker %s(%P) with SIGKILL",
- g_quark_to_string(w->type), w->pid);
- }
- }
- else {
- kill(w->pid, SIGKILL);
- if (errno == ESRCH) {
- /* We have actually killed the process */
- return;
- }
- else {
- msg_err_main("data corruption warning: terminating "
- "special worker %s(%P) with SIGKILL",
- g_quark_to_string(w->type), w->pid);
- }
- }
- }
- }
-
- static void
- hash_worker_wait_callback(gpointer key, gpointer value, gpointer unused)
- {
- rspamd_worker_wait((struct rspamd_worker *) value);
- }
-
- struct core_check_cbdata {
- struct rspamd_config *cfg;
- gsize total_count;
- gsize total_size;
- };
-
- #ifdef HAVE_NFTW
-
- static struct core_check_cbdata cores_cbdata;
-
- static gint
- rspamd_check_core_cb(const gchar *path, const struct stat *st,
- gint flag, struct FTW *ft)
- {
- if (S_ISREG(st->st_mode)) {
- cores_cbdata.total_count++;
- /* Use physical size instead of displayed one */
- cores_cbdata.total_size += st->st_blocks * 512;
- }
-
- return 0;
- }
-
- #endif
-
- static void
- rspamd_check_core_limits(struct rspamd_main *rspamd_main)
- {
- #ifdef HAVE_NFTW
- struct rspamd_config *cfg = rspamd_main->cfg;
-
- cores_cbdata.cfg = cfg;
- cores_cbdata.total_count = 0;
- cores_cbdata.total_size = 0;
-
- if (cfg->cores_dir && (cfg->max_cores_count || cfg->max_cores_size)) {
- if (nftw(cfg->cores_dir, rspamd_check_core_cb, 1, FTW_MOUNT | FTW_PHYS) == -1) {
- msg_err_main("nftw failed for path %s: %s", cfg->cores_dir,
- strerror(errno));
- }
- else {
- if (!rspamd_main->cores_throttling) {
- if (cfg->max_cores_size &&
- cores_cbdata.total_size > cfg->max_cores_size) {
- msg_warn_main(
- "enable cores throttling as size of cores in"
- " %s is %Hz, limit is %Hz",
- cfg->cores_dir,
- cores_cbdata.total_size,
- cfg->max_cores_size);
- rspamd_main->cores_throttling = TRUE;
- }
- if (cfg->max_cores_count &&
- cores_cbdata.total_count > cfg->max_cores_count) {
- msg_warn_main(
- "enable cores throttling as count of cores in"
- " %s is %z, limit is %z",
- cfg->cores_dir,
- cores_cbdata.total_count,
- cfg->max_cores_count);
- rspamd_main->cores_throttling = TRUE;
- }
- }
- else {
- if (cfg->max_cores_size &&
- cores_cbdata.total_size < cfg->max_cores_size) {
- msg_info_main(
- "disable cores throttling as size of cores in"
- " %s is now %Hz, limit is %Hz",
- cfg->cores_dir,
- cores_cbdata.total_size,
- cfg->max_cores_size);
- rspamd_main->cores_throttling = FALSE;
- }
- if (cfg->max_cores_count &&
- cores_cbdata.total_count < cfg->max_cores_count) {
- msg_info_main(
- "disable cores throttling as count of cores in"
- " %s is %z, limit is %z",
- cfg->cores_dir,
- cores_cbdata.total_count,
- cfg->max_cores_count);
- rspamd_main->cores_throttling = FALSE;
- }
- }
- }
- }
- #endif
- }
-
- static void
- reopen_log_handler(gpointer key, gpointer value, gpointer unused)
- {
- struct rspamd_worker *w = value;
- struct rspamd_main *rspamd_main;
-
- rspamd_main = w->srv;
-
- if (kill(w->pid, SIGUSR1) == -1) {
- msg_err_main("kill failed for pid %P: %s", w->pid, strerror(errno));
- }
- }
-
- static gboolean
- load_rspamd_config(struct rspamd_main *rspamd_main,
- struct rspamd_config *cfg, gboolean init_modules,
- enum rspamd_post_load_options opts,
- gboolean reload)
- {
- cfg->compiled_modules = modules;
- cfg->compiled_workers = workers;
-
- if (!rspamd_config_read(cfg, cfg->cfg_name, config_logger, rspamd_main,
- ucl_vars, skip_template, lua_env)) {
- return FALSE;
- }
-
- /* Strictly set temp dir */
- if (!cfg->temp_dir) {
- msg_warn_main("tempdir is not set, trying to use $TMPDIR");
- cfg->temp_dir =
- rspamd_mempool_strdup(cfg->cfg_pool, getenv("TMPDIR"));
-
- if (!cfg->temp_dir) {
- msg_warn_main("$TMPDIR is empty too, using /tmp as default");
- cfg->temp_dir = rspamd_mempool_strdup(cfg->cfg_pool, "/tmp");
- }
- }
-
- if (!reload) {
- /*
- * As some rules are defined in lua, we need to process them, then init
- * modules and merely afterwards to init modules
- */
- rspamd_lua_post_load_config(cfg);
-
- if (init_modules) {
- if (!rspamd_init_filters(cfg, reload, false)) {
- return FALSE;
- }
- }
-
- /* Do post-load actions */
- if (!rspamd_config_post_load(cfg, opts)) {
- return FALSE;
- }
- }
-
- return TRUE;
- }
-
- static void
- rspamd_detach_worker(struct rspamd_main *rspamd_main, struct rspamd_worker *wrk)
- {
- ev_io_stop(rspamd_main->event_loop, &wrk->srv_ev);
- ev_timer_stop(rspamd_main->event_loop, &wrk->hb.heartbeat_ev);
- }
-
- static void
- rspamd_attach_worker(struct rspamd_main *rspamd_main, struct rspamd_worker *wrk)
- {
- ev_io_start(rspamd_main->event_loop, &wrk->srv_ev);
- ev_timer_start(rspamd_main->event_loop, &wrk->hb.heartbeat_ev);
- }
-
- static void
- stop_srv_ev(gpointer key, gpointer value, gpointer ud)
- {
- struct rspamd_worker *cur = (struct rspamd_worker *) value;
- struct rspamd_main *rspamd_main = (struct rspamd_main *) ud;
-
- rspamd_detach_worker(rspamd_main, cur);
- }
-
- static void
- start_srv_ev(gpointer key, gpointer value, gpointer ud)
- {
- struct rspamd_worker *cur = (struct rspamd_worker *) value;
- struct rspamd_main *rspamd_main = (struct rspamd_main *) ud;
-
- rspamd_attach_worker(rspamd_main, cur);
- }
-
- static void
- rspamd_final_timer_handler(EV_P_ ev_timer *w, int revents)
- {
- struct rspamd_main *rspamd_main = (struct rspamd_main *) w->data;
-
- term_attempts--;
-
- g_hash_table_foreach(rspamd_main->workers, hash_worker_wait_callback,
- NULL);
-
- if (g_hash_table_size(rspamd_main->workers) == 0) {
- ev_break(rspamd_main->event_loop, EVBREAK_ALL);
- }
- }
-
- /* Signal handlers */
- static void
- rspamd_term_handler(struct ev_loop *loop, ev_signal *w, int revents)
- {
- struct rspamd_main *rspamd_main = (struct rspamd_main *) w->data;
- static ev_timer ev_finale;
- ev_tstamp shutdown_ts;
-
- if (!rspamd_main->wanna_die) {
- rspamd_main->wanna_die = TRUE;
- shutdown_ts = MAX(SOFT_SHUTDOWN_TIME,
- rspamd_main->cfg->task_timeout * 2.0);
- msg_info_main("catch termination signal, waiting for %d children for %.2f seconds",
- (gint) g_hash_table_size(rspamd_main->workers),
- valgrind_mode ? shutdown_ts * 10 : shutdown_ts);
- /* Stop srv events to avoid false notifications */
- g_hash_table_foreach(rspamd_main->workers, stop_srv_ev, rspamd_main);
- rspamd_pass_signal(rspamd_main->workers, SIGTERM);
-
- if (control_fd != -1) {
- ev_io_stop(rspamd_main->event_loop, &control_ev);
- close(control_fd);
- }
-
- if (valgrind_mode) {
- /* Special case if we are likely running with valgrind */
- term_attempts = shutdown_ts / TERMINATION_INTERVAL * 10;
- }
- else {
- term_attempts = shutdown_ts / TERMINATION_INTERVAL;
- }
-
- ev_finale.data = rspamd_main;
- ev_timer_init(&ev_finale, rspamd_final_timer_handler,
- TERMINATION_INTERVAL, TERMINATION_INTERVAL);
- ev_timer_start(rspamd_main->event_loop, &ev_finale);
- }
- }
-
- static void
- rspamd_usr1_handler(struct ev_loop *loop, ev_signal *w, int revents)
- {
- struct rspamd_main *rspamd_main = (struct rspamd_main *) w->data;
-
- if (!rspamd_main->wanna_die) {
- rspamd_log_reopen(rspamd_main->logger,
- rspamd_main->cfg,
- rspamd_main->workers_uid,
- rspamd_main->workers_gid);
- msg_info_main("logging reinitialised");
- g_hash_table_foreach(rspamd_main->workers, reopen_log_handler,
- NULL);
- }
- }
-
- static void
- rspamd_stat_update_handler(struct ev_loop *loop, ev_timer *w, int revents)
- {
- struct rspamd_main *rspamd_main = (struct rspamd_main *) w->data;
- struct rspamd_stat cur_stat;
- gchar proctitle[128];
-
- memcpy(&cur_stat, rspamd_main->stat, sizeof(cur_stat));
-
- if (old_stat.messages_scanned > 0 &&
- cur_stat.messages_scanned > old_stat.messages_scanned) {
- gdouble rate = (double) (cur_stat.messages_scanned - old_stat.messages_scanned) /
- w->repeat;
- gdouble old_spam = old_stat.actions_stat[METRIC_ACTION_REJECT] +
- old_stat.actions_stat[METRIC_ACTION_ADD_HEADER] +
- old_stat.actions_stat[METRIC_ACTION_REWRITE_SUBJECT];
- gdouble old_ham = old_stat.actions_stat[METRIC_ACTION_NOACTION];
- gdouble new_spam = cur_stat.actions_stat[METRIC_ACTION_REJECT] +
- cur_stat.actions_stat[METRIC_ACTION_ADD_HEADER] +
- cur_stat.actions_stat[METRIC_ACTION_REWRITE_SUBJECT];
- gdouble new_ham = cur_stat.actions_stat[METRIC_ACTION_NOACTION];
-
- gsize cnt = MAX_AVG_TIME_SLOTS;
- float sum = rspamd_sum_floats(cur_stat.avg_time.avg_time, &cnt);
-
- rspamd_snprintf(proctitle, sizeof(proctitle),
- "main process; %.1f msg/sec, %.1f msg/sec spam, %.1f msg/sec ham; %.2fs avg processing time",
- rate,
- (new_spam - old_spam) / w->repeat,
- (new_ham - old_ham) / w->repeat,
- cnt > 0 ? sum / cnt : 0);
- rspamd_setproctitle("%s", proctitle);
- }
-
- memcpy(&old_stat, &cur_stat, sizeof(cur_stat));
- }
-
- static void
- rspamd_hup_handler(struct ev_loop *loop, ev_signal *w, int revents)
- {
- struct rspamd_main *rspamd_main = (struct rspamd_main *) w->data;
-
- if (!rspamd_main->wanna_die) {
- msg_info_main("rspamd " RVERSION
- " is requested to reload configuration");
- /* Detach existing workers and stop their heartbeats */
- g_hash_table_foreach(rspamd_main->workers, stop_srv_ev, rspamd_main);
-
- if (reread_config(rspamd_main)) {
- rspamd_check_core_limits(rspamd_main);
- /* Mark old workers */
- g_hash_table_foreach(rspamd_main->workers, mark_old_workers, NULL);
- msg_info_main("spawn workers with a new config");
- spawn_workers(rspamd_main, rspamd_main->event_loop);
- msg_info_main("workers spawning has been finished");
- /* Kill marked */
- msg_info_main("kill old workers");
- g_hash_table_foreach(rspamd_main->workers, kill_old_workers, NULL);
- }
- else {
- /* Reattach old workers */
- msg_info_main("restore old workers with a old config");
- g_hash_table_foreach(rspamd_main->workers, start_srv_ev, rspamd_main);
- }
- }
- }
-
- /* Called when a dead child has been found */
-
- static void
- rspamd_cld_handler(EV_P_ ev_child *w, struct rspamd_main *rspamd_main,
- struct rspamd_worker *wrk)
- {
- gboolean need_refork;
- static struct rspamd_control_command cmd;
-
- /* Turn off locking for logger */
- ev_child_stop(EV_A_ w);
-
- /* Remove dead child form children list */
- g_hash_table_remove(rspamd_main->workers, GSIZE_TO_POINTER(wrk->pid));
- g_hash_table_remove_all(wrk->control_events_pending);
-
- if (wrk->srv_pipe[0] != -1) {
- /* Ugly workaround */
- if (wrk->tmp_data) {
- g_free(wrk->tmp_data);
- }
-
- rspamd_detach_worker(rspamd_main, wrk);
- }
-
- if (wrk->control_pipe[0] != -1) {
- /* We also need to clean descriptors left */
- close(wrk->control_pipe[0]);
- close(wrk->srv_pipe[0]);
- }
-
- if (!rspamd_main->wanna_die) {
- cmd.type = RSPAMD_CONTROL_CHILD_CHANGE;
- cmd.cmd.child_change.what = rspamd_child_terminated;
- cmd.cmd.child_change.pid = wrk->pid;
- cmd.cmd.child_change.additional = w->rstatus;
- rspamd_control_broadcast_srv_cmd(rspamd_main, &cmd, wrk->pid);
- }
-
- need_refork = rspamd_check_termination_clause(wrk->srv, wrk, w->rstatus);
-
- if (need_refork) {
- /* Fork another worker in replace of dead one */
- msg_info_main("respawn process %s in lieu of terminated process with pid %P",
- g_quark_to_string(wrk->type),
- wrk->pid);
- rspamd_check_core_limits(rspamd_main);
- rspamd_fork_delayed(wrk->cf, wrk->index, rspamd_main);
- }
- else {
- msg_info_main("do not respawn process %s after found terminated process with pid %P",
- g_quark_to_string(wrk->type),
- wrk->pid);
- }
-
- REF_RELEASE(wrk->cf);
- g_hash_table_unref(wrk->control_events_pending);
- g_free(wrk);
- }
-
- /* Control socket handler */
- static void
- rspamd_control_handler(EV_P_ ev_io *w, int revents)
- {
- struct rspamd_main *rspamd_main = (struct rspamd_main *) w->data;
- rspamd_inet_addr_t *addr = NULL;
- gint nfd;
-
- if ((nfd =
- rspamd_accept_from_socket(w->fd, &addr, NULL, NULL)) == -1) {
- msg_warn_main("accept failed: %s", strerror(errno));
- return;
- }
- /* Check for EAGAIN */
- if (nfd == 0) {
- rspamd_inet_address_free(addr);
- return;
- }
-
- msg_info_main("accepted control connection from %s",
- rspamd_inet_address_to_string(addr));
-
- rspamd_control_process_client_socket(rspamd_main, nfd, addr);
- }
-
- static guint
- rspamd_spair_hash(gconstpointer p)
- {
- return rspamd_cryptobox_fast_hash(p, PAIR_ID_LEN, rspamd_hash_seed());
- }
-
- static gboolean
- rspamd_spair_equal(gconstpointer a, gconstpointer b)
- {
- return memcmp(a, b, PAIR_ID_LEN) == 0;
- }
-
- static void
- rspamd_spair_close(gpointer p)
- {
- gint *fds = p;
-
- close(fds[0]);
- close(fds[1]);
- g_free(p);
- }
-
- const char *
- get_cpu_architecture(void)
- {
- #if defined(__x86_64__) || defined(_M_X64)
- return "x86_64";
- #elif defined(__i386) || defined(_M_IX86)
- return "x86";
- #elif defined(__aarch64__)
- return "ARM64";
- #elif defined(__arm__) || defined(_M_ARM)
- return "ARM";
- #elif defined(__loongarch__) || defined(__loongarch64)
- return "LOONGARCH64";
- #elif defined(__mips__)
- return "MIPS";
- #elif defined(__powerpc__) || defined(_M_PPC)
- return "PowerPC";
- #elif defined(__sparc__)
- return "SPARC";
- #else
- return "Unknown";
- #endif
- }
-
- static void
- version(struct rspamd_main *rspamd_main)
- {
- #if defined(GIT_VERSION) && GIT_VERSION == 1
- rspamd_printf("Rspamd daemon version " RVERSION "-git." RID "\n\n");
- #else
- rspamd_printf("Rspamd daemon version " RVERSION "\n\n");
- #endif
- rspamd_printf("CPU architecture %s; features: %s\n",
- get_cpu_architecture(),
- rspamd_main->cfg->libs_ctx->crypto_ctx->cpu_extensions);
- #ifdef WITH_HYPERSCAN
- rspamd_printf("Hyperscan enabled: TRUE\n");
- #else
- rspamd_printf("Hyperscan enabled: FALSE\n");
- #endif
-
- #ifdef WITH_JEMALLOC
- rspamd_printf("Jemalloc enabled: TRUE\n");
- #else
- rspamd_printf("Jemalloc enabled: FALSE\n");
- #endif
- #ifdef WITH_LUAJIT
- rspamd_printf("LuaJIT enabled: TRUE (LuaJIT version: %s)\n", LUAJIT_VERSION);
- #else
- rspamd_printf("LuaJIT enabled: FALSE (Lua version: %s)\n", LUA_VERSION);
- #endif
- #ifndef __has_feature
- #define __has_feature(x) 0
- #endif
- #if (defined(__has_feature) && __has_feature(address_sanitizer)) || defined(ADDRESS_SANITIZER)
- rspamd_printf("ASAN enabled: TRUE\n");
- #else
- rspamd_printf("ASAN enabled: FALSE\n");
- #endif
- #ifdef HAVE_CBLAS
- rspamd_printf("BLAS enabled: TRUE\n");
- #else
- rspamd_printf("BLAS enabled: FALSE\n");
- #endif
- #ifdef WITH_FASTTEXT
- rspamd_printf("Fasttext enabled: TRUE\n");
- #else
- rspamd_printf("Fasttext enabled: FALSE\n");
- #endif
- }
-
- static gboolean
- rspamd_main_daemon(struct rspamd_main *rspamd_main)
- {
- int fd;
- pid_t old_pid = getpid();
-
- switch (fork()) {
- case -1:
- msg_err_main("fork() failed: %s", strerror(errno));
- return FALSE;
-
- case 0:
- break;
-
- default:
- /* Old process */
- exit(0);
- }
-
- rspamd_log_on_fork(g_quark_from_static_string("main"),
- rspamd_main->cfg,
- rspamd_main->logger);
-
- if (setsid() == -1) {
- msg_err_main("setsid () failed: %s", strerror(errno));
- return FALSE;
- }
-
- umask(0);
-
- fd = open("/dev/null", O_RDWR);
- if (fd == -1) {
- msg_err_main("open(\"/dev/null\") failed: %s", strerror(errno));
- return FALSE;
- }
-
- if (dup2(fd, STDIN_FILENO) == -1) {
- msg_err_main("dup2(STDIN) failed: %s", strerror(errno));
- return FALSE;
- }
-
- if (dup2(fd, STDOUT_FILENO) == -1) {
- msg_err_main("dup2(STDOUT) failed: %s", strerror(errno));
- return FALSE;
- }
-
- if (fd > STDERR_FILENO) {
- if (close(fd) == -1) {
- msg_err_main("close() failed: %s", strerror(errno));
- return FALSE;
- }
- }
-
- msg_info_main("daemonized successfully; old pid %P, new pid %P; pid file: %s",
- old_pid, getpid(),
- rspamd_main->cfg->pid_file);
-
- return TRUE;
- }
-
- gint main(gint argc, gchar **argv, gchar **env)
- {
- gint i, res = 0;
- struct sigaction signals, sigpipe_act;
- worker_t **pworker;
- GQuark type;
- rspamd_inet_addr_t *control_addr = NULL;
- struct ev_loop *event_loop;
- struct rspamd_main *rspamd_main;
- gboolean skip_pid = FALSE;
- sigset_t control_signals;
-
- /* Block special signals on loading */
- sigemptyset(&control_signals);
- sigaddset(&control_signals, SIGHUP);
- sigaddset(&control_signals, SIGUSR1);
- sigaddset(&control_signals, SIGUSR2);
- sigprocmask(SIG_BLOCK, &control_signals, NULL);
-
- rspamd_main = (struct rspamd_main *) g_malloc0(sizeof(struct rspamd_main));
-
- rspamd_main->server_pool = rspamd_mempool_new(rspamd_mempool_suggest_size(),
- "main", 0);
- rspamd_main->stat = rspamd_mempool_alloc0_shared_(rspamd_main->server_pool,
- sizeof(struct rspamd_stat),
- RSPAMD_ALIGNOF(struct rspamd_stat),
- G_STRLOC);
- /* Set all time slots to nan */
- for (i = 0; i < MAX_AVG_TIME_SLOTS; i++) {
- rspamd_main->stat->avg_time.avg_time[i] = NAN;
- }
-
- rspamd_main->cfg = rspamd_config_new(RSPAMD_CONFIG_INIT_DEFAULT);
- rspamd_main->spairs = g_hash_table_new_full(rspamd_spair_hash,
- rspamd_spair_equal, g_free, rspamd_spair_close);
- rspamd_main->start_mtx = rspamd_mempool_get_mutex(rspamd_main->server_pool);
-
- if (getenv("VALGRIND") != NULL) {
- valgrind_mode = TRUE;
- }
-
- #ifndef HAVE_SETPROCTITLE
- rspamd_init_title(rspamd_main->server_pool, argc, argv, env);
- #endif
-
- rspamd_main->cfg->libs_ctx = rspamd_init_libs();
- memset(&signals, 0, sizeof(struct sigaction));
-
- read_cmd_line(&argc, &argv, rspamd_main->cfg);
-
- if (show_version) {
- version(rspamd_main);
- exit(EXIT_SUCCESS);
- }
-
- if (argc > 0) {
- /* Parse variables */
- for (i = 0; i < argc; i++) {
- if (strchr(argv[i], '=') != NULL) {
- gchar *k, *v, *t;
-
- k = g_strdup(argv[i]);
- t = strchr(k, '=');
- v = g_strdup(t + 1);
- *t = '\0';
-
- if (ucl_vars == NULL) {
- ucl_vars = g_hash_table_new_full(rspamd_strcase_hash,
- rspamd_strcase_equal, g_free, g_free);
- }
-
- g_hash_table_insert(ucl_vars, k, v);
- }
- }
- }
-
- if (is_debug) {
- rspamd_main->cfg->log_level = G_LOG_LEVEL_DEBUG;
- }
- else {
- rspamd_main->cfg->log_level = G_LOG_LEVEL_MESSAGE;
- }
-
- type = g_quark_from_static_string("main");
-
- /* First set logger to console logger */
- rspamd_main->logger = rspamd_log_open_emergency(rspamd_main->server_pool, 0);
- g_assert(rspamd_main->logger != NULL);
-
- if (is_debug) {
- rspamd_log_set_log_level(rspamd_main->logger, G_LOG_LEVEL_DEBUG);
- }
- else {
- rspamd_log_set_log_level(rspamd_main->logger, G_LOG_LEVEL_MESSAGE);
- }
-
- g_log_set_default_handler(rspamd_glib_log_function, rspamd_main->logger);
- g_set_printerr_handler(rspamd_glib_printerr_function);
-
- detect_priv(rspamd_main);
-
- msg_notice_main("rspamd " RVERSION
- " is loading configuration, build id: " RID);
-
- pworker = &workers[0];
- while (*pworker) {
- /* Init string quarks */
- (void) g_quark_from_static_string((*pworker)->name);
- pworker++;
- }
-
- /* Init listen sockets hash */
- listen_sockets = g_hash_table_new(g_direct_hash, g_direct_equal);
- sqlite3_initialize();
-
- /* Load config */
- if (!load_rspamd_config(rspamd_main, rspamd_main->cfg, TRUE,
- RSPAMD_CONFIG_LOAD_ALL, FALSE)) {
- exit(EXIT_FAILURE);
- }
-
- /* Override pidfile from configuration by command line argument */
- if (rspamd_pidfile != NULL) {
- rspamd_main->cfg->pid_file = rspamd_pidfile;
- }
-
- /* Force debug log */
- if (is_debug) {
- rspamd_log_set_log_level(rspamd_main->logger, G_LOG_LEVEL_DEBUG);
- }
-
- /* Create rolling history */
- rspamd_main->history = rspamd_roll_history_new(rspamd_main->server_pool,
- rspamd_main->cfg->history_rows, rspamd_main->cfg);
-
- msg_info_main("rspamd " RVERSION
- " is starting, build id: " RID);
- rspamd_main->cfg->cfg_name = rspamd_mempool_strdup(
- rspamd_main->cfg->cfg_pool,
- rspamd_main->cfg->cfg_name);
- msg_info_main("cpu features: %s",
- rspamd_main->cfg->libs_ctx->crypto_ctx->cpu_extensions);
- msg_info_main("cryptobox configuration: curve25519(libsodium), "
- "chacha20(%s), poly1305(libsodium), siphash(libsodium), blake2(libsodium), base64(%s)",
- rspamd_main->cfg->libs_ctx->crypto_ctx->chacha20_impl,
- rspamd_main->cfg->libs_ctx->crypto_ctx->base64_impl);
- msg_info_main("libottery prf: %s", ottery_get_impl_name());
-
- /* Daemonize */
- if (!no_fork) {
- if (!rspamd_main_daemon(rspamd_main)) {
- exit(EXIT_FAILURE);
- }
-
- /* Close emergency logger */
- rspamd_log_close(rspamd_log_emergency_logger());
- }
-
- /* Write info */
- rspamd_main->pid = getpid();
- rspamd_main->type = type;
-
- rspamd_set_crash_handler(rspamd_main);
-
- /* Ignore SIGPIPE as we handle write errors manually */
- sigemptyset(&sigpipe_act.sa_mask);
- sigaddset(&sigpipe_act.sa_mask, SIGPIPE);
- sigpipe_act.sa_handler = SIG_IGN;
- sigpipe_act.sa_flags = 0;
- sigaction(SIGPIPE, &sigpipe_act, NULL);
-
- if (rspamd_main->cfg->pid_file == NULL) {
- msg_info_main("pid file is not specified, skipping writing it");
- skip_pid = TRUE;
- }
- else if (no_fork) {
- msg_info_main("skip writing pid in no-fork mode");
- skip_pid = TRUE;
- }
- else if (rspamd_write_pid(rspamd_main) == -1) {
- msg_err_main("cannot write pid file %s", rspamd_main->cfg->pid_file);
- exit(-errno);
- }
-
- sigprocmask(SIG_BLOCK, &signals.sa_mask, NULL);
-
- /* Set title */
- rspamd_setproctitle("main process");
-
- /* Open control socket if needed */
- control_fd = -1;
- if (rspamd_main->cfg->control_socket_path) {
- if (!rspamd_parse_inet_address(&control_addr,
- rspamd_main->cfg->control_socket_path,
- strlen(rspamd_main->cfg->control_socket_path),
- RSPAMD_INET_ADDRESS_PARSE_DEFAULT)) {
- msg_err_main("cannot parse inet address %s",
- rspamd_main->cfg->control_socket_path);
- }
- else {
- control_fd = rspamd_inet_address_listen(control_addr, SOCK_STREAM,
- RSPAMD_INET_ADDRESS_LISTEN_ASYNC, -1);
- if (control_fd == -1) {
- msg_err_main("cannot open control socket at path: %s",
- rspamd_main->cfg->control_socket_path);
- }
- }
- }
-
- /* Maybe read roll history */
- if (rspamd_main->cfg->history_file) {
- rspamd_roll_history_load(rspamd_main->history,
- rspamd_main->cfg->history_file);
- }
-
- /* Init workers hash */
- rspamd_main->workers = g_hash_table_new(g_direct_hash, g_direct_equal);
-
- /* Unblock control signals */
- sigprocmask(SIG_UNBLOCK, &control_signals, NULL);
- /* Init event base */
- event_loop = ev_default_loop(rspamd_config_ev_backend_get(rspamd_main->cfg));
- rspamd_main->event_loop = event_loop;
-
- if (event_loop) {
- int loop_type = ev_backend(event_loop);
- gboolean effective_backend;
- const gchar *loop_str;
-
- loop_str =
- rspamd_config_ev_backend_to_string(loop_type, &effective_backend);
-
- if (!effective_backend) {
- msg_warn_main("event loop uses non-optimal backend: %s", loop_str);
- }
- else {
- msg_info_main("event loop initialised with backend: %s", loop_str);
- }
- }
- else {
- msg_err("cannot init event loop! exiting");
- exit(EXIT_FAILURE);
- }
-
- /* Unblock signals */
- sigemptyset(&signals.sa_mask);
- sigprocmask(SIG_SETMASK, &signals.sa_mask, NULL);
-
- /* Set events for signals */
- ev_signal_init(&rspamd_main->term_ev, rspamd_term_handler, SIGTERM);
- rspamd_main->term_ev.data = rspamd_main;
- ev_signal_start(event_loop, &rspamd_main->term_ev);
-
- ev_signal_init(&rspamd_main->int_ev, rspamd_term_handler, SIGINT);
- rspamd_main->int_ev.data = rspamd_main;
- ev_signal_start(event_loop, &rspamd_main->int_ev);
-
- ev_signal_init(&rspamd_main->hup_ev, rspamd_hup_handler, SIGHUP);
- rspamd_main->hup_ev.data = rspamd_main;
- ev_signal_start(event_loop, &rspamd_main->hup_ev);
-
- ev_signal_init(&rspamd_main->usr1_ev, rspamd_usr1_handler, SIGUSR1);
- rspamd_main->usr1_ev.data = rspamd_main;
- ev_signal_start(event_loop, &rspamd_main->usr1_ev);
-
- /* Update proctitle according to number of messages processed */
- static const ev_tstamp stat_update_time = 10.0;
-
- memset(&old_stat, 0, sizeof(old_stat));
- stat_ev.data = rspamd_main;
- ev_timer_init(&stat_ev, rspamd_stat_update_handler,
- stat_update_time, stat_update_time);
- ev_timer_start(event_loop, &stat_ev);
-
- rspamd_check_core_limits(rspamd_main);
- rspamd_mempool_lock_mutex(rspamd_main->start_mtx);
- spawn_workers(rspamd_main, event_loop);
- rspamd_mempool_unlock_mutex(rspamd_main->start_mtx);
-
- rspamd_main->http_ctx = rspamd_http_context_create(rspamd_main->cfg,
- event_loop, rspamd_main->cfg->ups_ctx);
-
- if (control_fd != -1) {
- msg_info_main("listening for control commands on %s",
- rspamd_inet_address_to_string(control_addr));
- ev_io_init(&control_ev, rspamd_control_handler, control_fd, EV_READ);
- control_ev.data = rspamd_main;
- ev_io_start(event_loop, &control_ev);
- }
-
- ev_loop(event_loop, 0);
-
- /* Maybe save roll history */
- if (rspamd_main->cfg->history_file) {
- rspamd_roll_history_save(rspamd_main->history,
- rspamd_main->cfg->history_file);
- }
-
- if (rspamd_main->cfg->cache) {
- rspamd_symcache_save(rspamd_main->cfg->cache);
- }
-
- msg_info_main("terminating...");
-
- #ifdef WITH_HYPERSCAN
- rspamd_hyperscan_cleanup_maybe();
- #endif
- REF_RELEASE(rspamd_main->cfg);
- rspamd_log_close(rspamd_main->logger);
- g_hash_table_unref(rspamd_main->spairs);
- g_hash_table_unref(rspamd_main->workers);
- rspamd_mempool_delete(rspamd_main->server_pool);
-
- if (!skip_pid) {
- rspamd_pidfile_close(rspamd_main->pfh);
- }
-
- rspamd_unset_crash_handler(rspamd_main);
- g_free(rspamd_main);
- ev_unref(event_loop);
- sqlite3_shutdown();
-
- if (control_addr) {
- rspamd_inet_address_free(control_addr);
- }
-
- return (res);
- }
|