1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 #include "apr_network_io.h"
18 #include "apr_strings.h"
20 #define APR_WANT_STRFUNC
23 #include "ap_config.h"
25 #include "http_config.h"
26 #include "http_core.h"
27 #include "ap_listen.h"
29 #include "mpm_common.h"
31 AP_DECLARE_DATA ap_listen_rec *ap_listeners = NULL;
33 static ap_listen_rec *old_listeners;
34 static int ap_listenbacklog;
35 static int send_buffer_size;
36 static int receive_buffer_size;
38 /* TODO: make_sock is just begging and screaming for APR abstraction */
39 static apr_status_t make_sock(apr_pool_t *p, ap_listen_rec *server)
41 apr_socket_t *s = server->sd;
44 #ifdef AP_ENABLE_V4_MAPPED
45 int v6only_setting = 0;
47 int v6only_setting = 1;
53 stat = apr_socket_opt_set(s, APR_SO_REUSEADDR, one);
54 if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
55 ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p,
56 "make_sock: for address %pI, apr_socket_opt_set: (SO_REUSEADDR)",
63 stat = apr_socket_opt_set(s, APR_SO_KEEPALIVE, one);
64 if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
65 ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p,
66 "make_sock: for address %pI, apr_socket_opt_set: (SO_KEEPALIVE)",
73 if (server->bind_addr->family == APR_INET6) {
74 stat = apr_socket_opt_set(s, APR_IPV6_V6ONLY, v6only_setting);
75 if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
76 ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p,
77 "make_sock: for address %pI, apr_socket_opt_set: "
87 * To send data over high bandwidth-delay connections at full
88 * speed we must force the TCP window to open wide enough to keep the
89 * pipe full. The default window size on many systems
90 * is only 4kB. Cross-country WAN connections of 100ms
91 * at 1Mb/s are not impossible for well connected sites.
92 * If we assume 100ms cross-country latency,
93 * a 4kB buffer limits throughput to 40kB/s.
95 * To avoid this problem I've added the SendBufferSize directive
96 * to allow the web master to configure send buffer size.
98 * The trade-off of larger buffers is that more kernel memory
99 * is consumed. YMMV, know your customers and your network!
101 * -John Heidemann <johnh@isi.edu> 25-Oct-96
103 * If no size is specified, use the kernel default.
105 if (send_buffer_size) {
106 stat = apr_socket_opt_set(s, APR_SO_SNDBUF, send_buffer_size);
107 if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
108 ap_log_perror(APLOG_MARK, APLOG_WARNING, stat, p,
109 "make_sock: failed to set SendBufferSize for "
110 "address %pI, using default",
112 /* not a fatal error */
115 if (receive_buffer_size) {
116 stat = apr_socket_opt_set(s, APR_SO_RCVBUF, receive_buffer_size);
117 if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
118 ap_log_perror(APLOG_MARK, APLOG_WARNING, stat, p,
119 "make_sock: failed to set ReceiveBufferSize for "
120 "address %pI, using default",
122 /* not a fatal error */
126 #if APR_TCP_NODELAY_INHERITED
127 ap_sock_disable_nagle(s);
130 if ((stat = apr_socket_bind(s, server->bind_addr)) != APR_SUCCESS) {
131 ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_CRIT, stat, p,
132 "make_sock: could not bind to address %pI",
138 if ((stat = apr_socket_listen(s, ap_listenbacklog)) != APR_SUCCESS) {
139 ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_ERR, stat, p,
140 "make_sock: unable to listen for connections "
148 /* I seriously doubt that this would work on Unix; I have doubts that
149 * it entirely solves the problem on Win32. However, since setting
150 * reuseaddr on the listener -prior- to binding the socket has allowed
151 * us to attach to the same port as an already running instance of
152 * Apache, or even another web server, we cannot identify that this
153 * port was exclusively granted to this instance of Apache.
155 * So set reuseaddr, but do not attempt to do so until we have the
156 * parent listeners successfully bound.
158 stat = apr_socket_opt_set(s, APR_SO_REUSEADDR, one);
159 if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
160 ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p,
161 "make_sock: for address %pI, apr_socket_opt_set: (SO_REUSEADDR)",
171 server->accept_func = NULL;
176 static const char* find_accf_name(server_rec *s, const char *proto)
179 core_server_config *conf = ap_get_module_config(s->module_config,
185 accf = apr_table_get(conf->accf_map, proto);
187 if (accf && !strcmp("none", accf)) {
194 static void ap_apply_accept_filter(apr_pool_t *p, ap_listen_rec *lis,
197 apr_socket_t *s = lis->sd;
202 proto = lis->protocol;
205 proto = ap_get_server_protocol(server);
209 accf = find_accf_name(server, proto);
212 #if APR_HAS_SO_ACCEPTFILTER
213 rv = apr_socket_accept_filter(s, apr_pstrdup(p, accf),
215 if (rv != APR_SUCCESS && !APR_STATUS_IS_ENOTIMPL(rv)) {
216 ap_log_perror(APLOG_MARK, APLOG_WARNING, rv, p,
217 "Failed to enable the '%s' Accept Filter",
221 rv = apr_socket_opt_set(s, APR_TCP_DEFER_ACCEPT, 30);
222 if (rv != APR_SUCCESS && !APR_STATUS_IS_ENOTIMPL(rv)) {
223 ap_log_perror(APLOG_MARK, APLOG_WARNING, rv, p,
224 "Failed to enable APR_TCP_DEFER_ACCEPT");
230 static apr_status_t close_listeners_on_exec(void *v)
232 ap_close_listeners();
236 static const char *alloc_listener(process_rec *process, char *addr,
237 apr_port_t port, const char* proto)
239 ap_listen_rec **walk, *last;
242 int found_listener = 0;
244 /* see if we've got an old listener for this address:port */
245 for (walk = &old_listeners; *walk;) {
246 sa = (*walk)->bind_addr;
247 /* Some listeners are not real so they will not have a bind_addr. */
253 /* If both ports are equivalent, then if their names are equivalent,
254 * then we will re-use the existing record.
256 if (port == oldport &&
257 ((!addr && !sa->hostname) ||
258 ((addr && sa->hostname) && !strcmp(sa->hostname, addr)))) {
261 new->next = ap_listeners;
268 walk = &(*walk)->next;
271 if (found_listener) {
275 if ((status = apr_sockaddr_info_get(&sa, addr, APR_UNSPEC, port, 0,
278 ap_log_perror(APLOG_MARK, APLOG_CRIT, status, process->pool,
279 "alloc_listener: failed to set up sockaddr for %s",
281 return "Listen setup failed";
284 /* Initialize to our last configured ap_listener. */
286 while (last && last->next) {
293 /* this has to survive restarts */
294 new = apr_palloc(process->pool, sizeof(ap_listen_rec));
298 new->protocol = apr_pstrdup(process->pool, proto);
300 /* Go to the next sockaddr. */
303 status = apr_socket_create(&new->sd, new->bind_addr->family,
304 SOCK_STREAM, 0, process->pool);
307 /* What could happen is that we got an IPv6 address, but this system
308 * doesn't actually support IPv6. Try the next address.
310 if (status != APR_SUCCESS && !addr &&
311 new->bind_addr->family == APR_INET6) {
315 if (status != APR_SUCCESS) {
316 ap_log_perror(APLOG_MARK, APLOG_CRIT, status, process->pool,
317 "alloc_listener: failed to get a socket for %s",
319 return "Listen setup failed";
322 /* We need to preserve the order returned by getaddrinfo() */
324 ap_listeners = last = new;
333 /* Evaluates to true if the (apr_sockaddr_t *) addr argument is the
334 * IPv4 match-any-address, 0.0.0.0. */
335 #define IS_INADDR_ANY(addr) ((addr)->family == APR_INET \
336 && (addr)->sa.sin.sin_addr.s_addr == INADDR_ANY)
338 /* Evaluates to true if the (apr_sockaddr_t *) addr argument is the
339 * IPv6 match-any-address, [::]. */
340 #define IS_IN6ADDR_ANY(addr) ((addr)->family == APR_INET6 \
341 && IN6_IS_ADDR_UNSPECIFIED(&(addr)->sa.sin6.sin6_addr))
344 * Create, open, listen, and bind all sockets.
345 * @param process The process record for the currently running server
346 * @return The number of open sockets
348 static int open_listeners(apr_pool_t *pool)
352 ap_listen_rec *previous;
354 const char *userdata_key = "ap_open_listeners";
356 #if AP_NONBLOCK_WHEN_MULTI_LISTEN
360 /* Don't allocate a default listener. If we need to listen to a
361 * port, then the user needs to have a Listen directive in their
366 for (lr = ap_listeners; lr; previous = lr, lr = lr->next) {
376 /* If we have the unspecified IPv4 address (0.0.0.0) and
377 * the unspecified IPv6 address (::) is next, we need to
378 * swap the order of these in the list. We always try to
379 * bind to IPv6 first, then IPv4, since an IPv6 socket
380 * might be able to receive IPv4 packets if V6ONLY is not
381 * enabled, but never the other way around.
382 * Note: In some configurations, the unspecified IPv6 address
383 * could be even later in the list. This logic only corrects
384 * the situation where it is next in the list, such as when
385 * apr_sockaddr_info_get() returns an IPv4 and an IPv6 address,
389 && IS_INADDR_ANY(lr->bind_addr)
390 && lr->bind_addr->port == lr->next->bind_addr->port
391 && IS_IN6ADDR_ANY(lr->next->bind_addr)) {
392 /* Exchange lr and lr->next */
394 lr->next = next->next;
397 previous->next = next;
405 /* If we are trying to bind to 0.0.0.0 and a previous listener
406 * was :: on the same port and in turn that socket does not have
407 * the IPV6_V6ONLY flag set; we must skip the current attempt to
408 * listen (which would generate an error). IPv4 will be handled
409 * on the established IPv6 socket.
411 if (IS_INADDR_ANY(lr->bind_addr)) {
412 for (cur = ap_listeners; cur != lr; cur = cur->next) {
413 if (lr->bind_addr->port == cur->bind_addr->port
414 && IS_IN6ADDR_ANY(cur->bind_addr)
415 && apr_socket_opt_get(cur->sd, APR_IPV6_V6ONLY,
416 &v6only_setting) == APR_SUCCESS
417 && v6only_setting == 0) {
419 /* Remove the current listener from the list */
420 previous->next = lr->next;
421 lr = previous; /* maintain current value of previous after
422 * post-loop expression is evaluated
433 if (make_sock(pool, lr) == APR_SUCCESS) {
439 /* If we tried to bind to ::, and the next listener is
440 * on 0.0.0.0 with the same port, don't give a fatal
441 * error. The user will still get a warning from make_sock
445 && IS_IN6ADDR_ANY(lr->bind_addr)
446 && lr->bind_addr->port == lr->next->bind_addr->port
447 && IS_INADDR_ANY(lr->next->bind_addr)) {
449 /* Remove the current listener from the list */
451 previous->next = lr->next;
454 ap_listeners = lr->next;
457 /* Although we've removed ourselves from the list,
458 * we need to make sure that the next iteration won't
459 * consider "previous" a working IPv6 '::' socket.
460 * Changing the family is enough to make sure the
461 * conditions before make_sock() fail.
463 lr->bind_addr->family = AF_INET;
474 /* close the old listeners */
475 for (lr = old_listeners; lr; lr = next) {
476 apr_socket_close(lr->sd);
480 old_listeners = NULL;
482 #if AP_NONBLOCK_WHEN_MULTI_LISTEN
483 /* if multiple listening sockets, make them non-blocking so that
484 * if select()/poll() reports readability for a reset connection that
485 * is already forgotten about by the time we call accept, we won't
486 * be hung until another connection arrives on that port
488 use_nonblock = (ap_listeners && ap_listeners->next);
489 for (lr = ap_listeners; lr; lr = lr->next) {
492 status = apr_socket_opt_set(lr->sd, APR_SO_NONBLOCK, use_nonblock);
493 if (status != APR_SUCCESS) {
494 ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_ERR, status, pool,
495 "unable to control socket non-blocking status");
499 #endif /* AP_NONBLOCK_WHEN_MULTI_LISTEN */
501 /* we come through here on both passes of the open logs phase
502 * only register the cleanup once... otherwise we try to close
503 * listening sockets twice when cleaning up prior to exec
505 apr_pool_userdata_get(&data, userdata_key, pool);
507 apr_pool_userdata_set((const void *)1, userdata_key,
508 apr_pool_cleanup_null, pool);
509 apr_pool_cleanup_register(pool, NULL, apr_pool_cleanup_null,
510 close_listeners_on_exec);
513 return num_open ? 0 : -1;
516 AP_DECLARE(int) ap_setup_listeners(server_rec *s)
519 server_addr_rec *addr;
521 int num_listeners = 0;
525 for (ls = s; ls; ls = ls->next) {
526 proto = ap_get_server_protocol(ls);
529 /* No protocol was set for this vhost,
530 * use the default for this listener.
532 for (addr = ls->addrs; addr && !found; addr = addr->next) {
533 for (lr = ap_listeners; lr; lr = lr->next) {
534 if (apr_sockaddr_equal(lr->bind_addr, addr->host_addr) &&
535 lr->bind_addr->port == addr->host_port) {
536 ap_set_server_protocol(ls, lr->protocol);
544 /* TODO: set protocol defaults per-Port, eg 25=smtp */
545 ap_set_server_protocol(ls, "http");
550 if (open_listeners(s->process->pool)) {
554 for (lr = ap_listeners; lr; lr = lr->next) {
557 for (ls = s; ls && !found; ls = ls->next) {
558 for (addr = ls->addrs; addr && !found; addr = addr->next) {
559 if (apr_sockaddr_equal(lr->bind_addr, addr->host_addr) &&
560 lr->bind_addr->port == addr->host_port) {
562 ap_apply_accept_filter(s->process->pool, lr, ls);
568 ap_apply_accept_filter(s->process->pool, lr, s);
572 return num_listeners;
575 AP_DECLARE_NONSTD(void) ap_close_listeners(void)
579 for (lr = ap_listeners; lr; lr = lr->next) {
580 apr_socket_close(lr->sd);
585 AP_DECLARE(void) ap_listen_pre_config(void)
587 old_listeners = ap_listeners;
589 ap_listenbacklog = DEFAULT_LISTENBACKLOG;
593 AP_DECLARE_NONSTD(const char *) ap_set_listener(cmd_parms *cmd, void *dummy,
594 int argc, char *const argv[])
596 char *host, *scope_id, *proto;
599 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
605 if (argc < 1 || argc > 2) {
606 return "Listen requires 1 or 2 arguments.";
609 rv = apr_parse_addr_port(&host, &scope_id, &port, argv[0], cmd->pool);
610 if (rv != APR_SUCCESS) {
611 return "Invalid address or port";
614 if (host && !strcmp(host, "*")) {
619 /* XXX scope id support is useful with link-local IPv6 addresses */
620 return "Scope id is not supported";
624 return "Port must be specified";
635 proto = apr_pstrdup(cmd->pool, argv[1]);
636 ap_str_tolower(proto);
639 return alloc_listener(cmd->server->process, host, port, proto);
642 AP_DECLARE_NONSTD(const char *) ap_set_listenbacklog(cmd_parms *cmd,
647 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
655 return "ListenBacklog must be > 0";
658 ap_listenbacklog = b;
662 AP_DECLARE_NONSTD(const char *) ap_set_send_buffer_size(cmd_parms *cmd,
667 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
673 if (s < 512 && s != 0) {
674 return "SendBufferSize must be >= 512 bytes, or 0 for system default.";
677 send_buffer_size = s;
681 AP_DECLARE_NONSTD(const char *) ap_set_receive_buffer_size(cmd_parms *cmd,
686 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
692 if (s < 512 && s != 0) {
693 return "ReceiveBufferSize must be >= 512 bytes, or 0 for system default.";
696 receive_buffer_size = s;