1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 #include "apr_network_io.h"
18 #include "apr_strings.h"
20 #define APR_WANT_STRFUNC
23 #include "ap_config.h"
25 #include "http_config.h"
26 #include "http_core.h"
27 #include "ap_listen.h"
29 #include "mpm_common.h"
31 AP_DECLARE_DATA ap_listen_rec *ap_listeners = NULL;
33 static ap_listen_rec *old_listeners;
34 static int ap_listenbacklog;
35 static int send_buffer_size;
36 static int receive_buffer_size;
38 /* TODO: make_sock is just begging and screaming for APR abstraction */
39 static apr_status_t make_sock(apr_pool_t *p, ap_listen_rec *server)
41 apr_socket_t *s = server->sd;
44 #ifdef AP_ENABLE_V4_MAPPED
45 int v6only_setting = 0;
47 int v6only_setting = 1;
53 stat = apr_socket_opt_set(s, APR_SO_REUSEADDR, one);
54 if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
55 ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p,
56 "make_sock: for address %pI, apr_socket_opt_set: (SO_REUSEADDR)",
63 stat = apr_socket_opt_set(s, APR_SO_KEEPALIVE, one);
64 if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
65 ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p,
66 "make_sock: for address %pI, apr_socket_opt_set: (SO_KEEPALIVE)",
73 if (server->bind_addr->family == APR_INET6) {
74 stat = apr_socket_opt_set(s, APR_IPV6_V6ONLY, v6only_setting);
75 if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
76 ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p,
77 "make_sock: for address %pI, apr_socket_opt_set: "
87 * To send data over high bandwidth-delay connections at full
88 * speed we must force the TCP window to open wide enough to keep the
89 * pipe full. The default window size on many systems
90 * is only 4kB. Cross-country WAN connections of 100ms
91 * at 1Mb/s are not impossible for well connected sites.
92 * If we assume 100ms cross-country latency,
93 * a 4kB buffer limits throughput to 40kB/s.
95 * To avoid this problem I've added the SendBufferSize directive
96 * to allow the web master to configure send buffer size.
98 * The trade-off of larger buffers is that more kernel memory
99 * is consumed. YMMV, know your customers and your network!
101 * -John Heidemann <johnh@isi.edu> 25-Oct-96
103 * If no size is specified, use the kernel default.
105 if (send_buffer_size) {
106 stat = apr_socket_opt_set(s, APR_SO_SNDBUF, send_buffer_size);
107 if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
108 ap_log_perror(APLOG_MARK, APLOG_WARNING, stat, p,
109 "make_sock: failed to set SendBufferSize for "
110 "address %pI, using default",
112 /* not a fatal error */
115 if (receive_buffer_size) {
116 stat = apr_socket_opt_set(s, APR_SO_RCVBUF, receive_buffer_size);
117 if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
118 ap_log_perror(APLOG_MARK, APLOG_WARNING, stat, p,
119 "make_sock: failed to set ReceiveBufferSize for "
120 "address %pI, using default",
122 /* not a fatal error */
126 #if APR_TCP_NODELAY_INHERITED
127 ap_sock_disable_nagle(s);
130 if ((stat = apr_socket_bind(s, server->bind_addr)) != APR_SUCCESS) {
131 ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_CRIT, stat, p,
132 "make_sock: could not bind to address %pI",
138 if ((stat = apr_socket_listen(s, ap_listenbacklog)) != APR_SUCCESS) {
139 ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_ERR, stat, p,
140 "make_sock: unable to listen for connections "
148 /* I seriously doubt that this would work on Unix; I have doubts that
149 * it entirely solves the problem on Win32. However, since setting
150 * reuseaddr on the listener -prior- to binding the socket has allowed
151 * us to attach to the same port as an already running instance of
152 * Apache, or even another web server, we cannot identify that this
153 * port was exclusively granted to this instance of Apache.
155 * So set reuseaddr, but do not attempt to do so until we have the
156 * parent listeners successfully bound.
158 stat = apr_socket_opt_set(s, APR_SO_REUSEADDR, one);
159 if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
160 ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p,
161 "make_sock: for address %pI, apr_socket_opt_set: (SO_REUSEADDR)",
171 server->accept_func = NULL;
176 static const char* find_accf_name(server_rec *s, const char *proto)
179 core_server_config *conf = ap_get_module_config(s->module_config,
185 accf = apr_table_get(conf->accf_map, proto);
187 if (accf && !strcmp("none", accf)) {
194 static void ap_apply_accept_filter(apr_pool_t *p, ap_listen_rec *lis,
197 apr_socket_t *s = lis->sd;
202 proto = lis->protocol;
205 proto = ap_get_server_protocol(server);
209 accf = find_accf_name(server, proto);
212 #if APR_HAS_SO_ACCEPTFILTER
213 rv = apr_socket_accept_filter(s, apr_pstrdup(p, accf),
215 if (rv != APR_SUCCESS && !APR_STATUS_IS_ENOTIMPL(rv)) {
216 ap_log_perror(APLOG_MARK, APLOG_WARNING, rv, p,
217 "Failed to enable the '%s' Accept Filter",
221 rv = apr_socket_opt_set(s, APR_TCP_DEFER_ACCEPT, 30);
222 if (rv != APR_SUCCESS && !APR_STATUS_IS_ENOTIMPL(rv)) {
223 ap_log_perror(APLOG_MARK, APLOG_WARNING, rv, p,
224 "Failed to enable APR_TCP_DEFER_ACCEPT");
230 static apr_status_t close_listeners_on_exec(void *v)
232 ap_close_listeners();
236 static const char *alloc_listener(process_rec *process, char *addr,
237 apr_port_t port, const char* proto,
240 ap_listen_rec **walk, *last;
243 int found_listener = 0;
245 /* see if we've got an old listener for this address:port */
246 for (walk = &old_listeners; *walk;) {
247 sa = (*walk)->bind_addr;
248 /* Some listeners are not real so they will not have a bind_addr. */
254 /* If both ports are equivalent, then if their names are equivalent,
255 * then we will re-use the existing record.
257 if (port == oldport &&
258 ((!addr && !sa->hostname) ||
259 ((addr && sa->hostname) && !strcmp(sa->hostname, addr)))) {
262 new->next = ap_listeners;
269 walk = &(*walk)->next;
272 if (found_listener) {
273 if (ap_listeners->slave != dummy) {
274 return "Cannot define a slave on the same IP:port as a Listener";
279 if ((status = apr_sockaddr_info_get(&sa, addr, APR_UNSPEC, port, 0,
282 ap_log_perror(APLOG_MARK, APLOG_CRIT, status, process->pool,
283 "alloc_listener: failed to set up sockaddr for %s",
285 return "Listen setup failed";
288 /* Initialize to our last configured ap_listener. */
290 while (last && last->next) {
297 /* this has to survive restarts */
298 new = apr_palloc(process->pool, sizeof(ap_listen_rec));
302 new->protocol = apr_pstrdup(process->pool, proto);
304 /* Go to the next sockaddr. */
307 status = apr_socket_create(&new->sd, new->bind_addr->family,
308 SOCK_STREAM, 0, process->pool);
311 /* What could happen is that we got an IPv6 address, but this system
312 * doesn't actually support IPv6. Try the next address.
314 if (status != APR_SUCCESS && !addr &&
315 new->bind_addr->family == APR_INET6) {
319 if (status != APR_SUCCESS) {
320 ap_log_perror(APLOG_MARK, APLOG_CRIT, status, process->pool,
321 "alloc_listener: failed to get a socket for %s",
323 return "Listen setup failed";
326 /* We need to preserve the order returned by getaddrinfo() */
328 ap_listeners = last = new;
338 /* Evaluates to true if the (apr_sockaddr_t *) addr argument is the
339 * IPv4 match-any-address, 0.0.0.0. */
340 #define IS_INADDR_ANY(addr) ((addr)->family == APR_INET \
341 && (addr)->sa.sin.sin_addr.s_addr == INADDR_ANY)
343 /* Evaluates to true if the (apr_sockaddr_t *) addr argument is the
344 * IPv6 match-any-address, [::]. */
345 #define IS_IN6ADDR_ANY(addr) ((addr)->family == APR_INET6 \
346 && IN6_IS_ADDR_UNSPECIFIED(&(addr)->sa.sin6.sin6_addr))
349 * Create, open, listen, and bind all sockets.
350 * @param process The process record for the currently running server
351 * @return The number of open sockets
353 static int open_listeners(apr_pool_t *pool)
357 ap_listen_rec *previous;
359 const char *userdata_key = "ap_open_listeners";
361 #if AP_NONBLOCK_WHEN_MULTI_LISTEN
365 /* Don't allocate a default listener. If we need to listen to a
366 * port, then the user needs to have a Listen directive in their
371 for (lr = ap_listeners; lr; previous = lr, lr = lr->next) {
381 /* If we have the unspecified IPv4 address (0.0.0.0) and
382 * the unspecified IPv6 address (::) is next, we need to
383 * swap the order of these in the list. We always try to
384 * bind to IPv6 first, then IPv4, since an IPv6 socket
385 * might be able to receive IPv4 packets if V6ONLY is not
386 * enabled, but never the other way around.
387 * Note: In some configurations, the unspecified IPv6 address
388 * could be even later in the list. This logic only corrects
389 * the situation where it is next in the list, such as when
390 * apr_sockaddr_info_get() returns an IPv4 and an IPv6 address,
394 && IS_INADDR_ANY(lr->bind_addr)
395 && lr->bind_addr->port == lr->next->bind_addr->port
396 && IS_IN6ADDR_ANY(lr->next->bind_addr)) {
397 /* Exchange lr and lr->next */
399 lr->next = next->next;
402 previous->next = next;
410 /* If we are trying to bind to 0.0.0.0 and a previous listener
411 * was :: on the same port and in turn that socket does not have
412 * the IPV6_V6ONLY flag set; we must skip the current attempt to
413 * listen (which would generate an error). IPv4 will be handled
414 * on the established IPv6 socket.
416 if (IS_INADDR_ANY(lr->bind_addr)) {
417 for (cur = ap_listeners; cur != lr; cur = cur->next) {
418 if (lr->bind_addr->port == cur->bind_addr->port
419 && IS_IN6ADDR_ANY(cur->bind_addr)
420 && apr_socket_opt_get(cur->sd, APR_IPV6_V6ONLY,
421 &v6only_setting) == APR_SUCCESS
422 && v6only_setting == 0) {
424 /* Remove the current listener from the list */
425 previous->next = lr->next;
426 lr = previous; /* maintain current value of previous after
427 * post-loop expression is evaluated
438 if (make_sock(pool, lr) == APR_SUCCESS) {
444 /* If we tried to bind to ::, and the next listener is
445 * on 0.0.0.0 with the same port, don't give a fatal
446 * error. The user will still get a warning from make_sock
450 && IS_IN6ADDR_ANY(lr->bind_addr)
451 && lr->bind_addr->port == lr->next->bind_addr->port
452 && IS_INADDR_ANY(lr->next->bind_addr)) {
454 /* Remove the current listener from the list */
456 previous->next = lr->next;
459 ap_listeners = lr->next;
462 /* Although we've removed ourselves from the list,
463 * we need to make sure that the next iteration won't
464 * consider "previous" a working IPv6 '::' socket.
465 * Changing the family is enough to make sure the
466 * conditions before make_sock() fail.
468 lr->bind_addr->family = AF_INET;
479 /* close the old listeners */
480 for (lr = old_listeners; lr; lr = next) {
481 apr_socket_close(lr->sd);
485 old_listeners = NULL;
487 #if AP_NONBLOCK_WHEN_MULTI_LISTEN
488 /* if multiple listening sockets, make them non-blocking so that
489 * if select()/poll() reports readability for a reset connection that
490 * is already forgotten about by the time we call accept, we won't
491 * be hung until another connection arrives on that port
493 use_nonblock = (ap_listeners && ap_listeners->next);
494 for (lr = ap_listeners; lr; lr = lr->next) {
497 status = apr_socket_opt_set(lr->sd, APR_SO_NONBLOCK, use_nonblock);
498 if (status != APR_SUCCESS) {
499 ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_ERR, status, pool,
500 "unable to control socket non-blocking status");
504 #endif /* AP_NONBLOCK_WHEN_MULTI_LISTEN */
506 /* we come through here on both passes of the open logs phase
507 * only register the cleanup once... otherwise we try to close
508 * listening sockets twice when cleaning up prior to exec
510 apr_pool_userdata_get(&data, userdata_key, pool);
512 apr_pool_userdata_set((const void *)1, userdata_key,
513 apr_pool_cleanup_null, pool);
514 apr_pool_cleanup_register(pool, NULL, apr_pool_cleanup_null,
515 close_listeners_on_exec);
518 return num_open ? 0 : -1;
521 AP_DECLARE(int) ap_setup_listeners(server_rec *s)
524 server_addr_rec *addr;
526 int num_listeners = 0;
530 for (ls = s; ls; ls = ls->next) {
531 proto = ap_get_server_protocol(ls);
534 /* No protocol was set for this vhost,
535 * use the default for this listener.
537 for (addr = ls->addrs; addr && !found; addr = addr->next) {
538 for (lr = ap_listeners; lr; lr = lr->next) {
539 if (apr_sockaddr_equal(lr->bind_addr, addr->host_addr) &&
540 lr->bind_addr->port == addr->host_port) {
541 ap_set_server_protocol(ls, lr->protocol);
549 /* TODO: set protocol defaults per-Port, eg 25=smtp */
550 ap_set_server_protocol(ls, "http");
555 if (open_listeners(s->process->pool)) {
559 for (lr = ap_listeners; lr; lr = lr->next) {
562 for (ls = s; ls && !found; ls = ls->next) {
563 for (addr = ls->addrs; addr && !found; addr = addr->next) {
564 if (apr_sockaddr_equal(lr->bind_addr, addr->host_addr) &&
565 lr->bind_addr->port == addr->host_port) {
567 ap_apply_accept_filter(s->process->pool, lr, ls);
573 ap_apply_accept_filter(s->process->pool, lr, s);
577 return num_listeners;
580 AP_DECLARE_NONSTD(void) ap_close_listeners(void)
584 for (lr = ap_listeners; lr; lr = lr->next) {
585 apr_socket_close(lr->sd);
589 AP_DECLARE_NONSTD(int) ap_close_selected_listeners(ap_slave_t *slave)
594 for (lr = ap_listeners; lr; lr = lr->next) {
595 if (lr->slave != slave) {
596 apr_socket_close(lr->sd);
606 AP_DECLARE(void) ap_listen_pre_config(void)
608 old_listeners = ap_listeners;
610 ap_listenbacklog = DEFAULT_LISTENBACKLOG;
613 /* Hack: populate an extra field
614 * When this gets called from a Listen directive, dummy is null.
615 * So we can use non-null dummy to pass a data pointer without conflict
617 AP_DECLARE_NONSTD(const char *) ap_set_listener(cmd_parms *cmd, void *dummy,
618 int argc, char *const argv[])
620 char *host, *scope_id, *proto;
623 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
629 if (argc < 1 || argc > 2) {
630 return "Listen requires 1 or 2 arguments.";
633 rv = apr_parse_addr_port(&host, &scope_id, &port, argv[0], cmd->pool);
634 if (rv != APR_SUCCESS) {
635 return "Invalid address or port";
638 if (host && !strcmp(host, "*")) {
643 /* XXX scope id support is useful with link-local IPv6 addresses */
644 return "Scope id is not supported";
648 return "Port must be specified";
659 proto = apr_pstrdup(cmd->pool, argv[1]);
660 ap_str_tolower(proto);
663 return alloc_listener(cmd->server->process, host, port, proto, dummy);
666 AP_DECLARE_NONSTD(const char *) ap_set_listenbacklog(cmd_parms *cmd,
671 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
679 return "ListenBacklog must be > 0";
682 ap_listenbacklog = b;
686 AP_DECLARE_NONSTD(const char *) ap_set_send_buffer_size(cmd_parms *cmd,
691 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
697 if (s < 512 && s != 0) {
698 return "SendBufferSize must be >= 512 bytes, or 0 for system default.";
701 send_buffer_size = s;
705 AP_DECLARE_NONSTD(const char *) ap_set_receive_buffer_size(cmd_parms *cmd,
710 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
716 if (s < 512 && s != 0) {
717 return "ReceiveBufferSize must be >= 512 bytes, or 0 for system default.";
720 receive_buffer_size = s;