1 /* ====================================================================
2 * The Apache Software License, Version 1.1
4 * Copyright (c) 2000-2002 The Apache Software Foundation. All rights
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
19 * 3. The end-user documentation included with the redistribution,
20 * if any, must include the following acknowledgment:
21 * "This product includes software developed by the
22 * Apache Software Foundation (http://www.apache.org/)."
23 * Alternately, this acknowledgment may appear in the software itself,
24 * if and wherever such third-party acknowledgments normally appear.
26 * 4. The names "Apache" and "Apache Software Foundation" must
27 * not be used to endorse or promote products derived from this
28 * software without prior written permission. For written
29 * permission, please contact apache@apache.org.
31 * 5. Products derived from this software may not be called "Apache",
32 * nor may "Apache" appear in their name, without prior written
33 * permission of the Apache Software Foundation.
35 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
36 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
37 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
38 * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
41 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
42 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
43 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
44 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
45 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
47 * ====================================================================
49 * This software consists of voluntary contributions made by many
50 * individuals on behalf of the Apache Software Foundation. For more
51 * information on the Apache Software Foundation, please see
52 * <http://www.apache.org/>.
54 * Portions of this software are based upon public domain software
55 * originally written at the National Center for Supercomputing Applications,
56 * University of Illinois, Urbana-Champaign.
59 /* The purpose of this file is to store the code that MOST mpm's will need
60 * this does not mean a function only goes into this file if every MPM needs
61 * it. It means that if a function is needed by more than one MPM, and
62 * future maintenance would be served by making the code common, then the
63 * function belongs here.
65 * This is going in src/main because it is not platform specific, it is
66 * specific to multi-process servers, but NOT to Unix. Which is why it
67 * does not belong in src/os/unix
71 #include "apr_thread_proc.h"
72 #include "apr_signal.h"
73 #include "apr_strings.h"
75 #define APR_WANT_STRFUNC
79 #include "http_config.h"
81 #include "http_main.h"
83 #include "mpm_common.h"
85 #include "ap_listen.h"
86 #include "mpm_default.h"
88 #ifdef AP_MPM_WANT_SET_SCOREBOARD
89 #include "scoreboard.h"
99 #ifdef AP_MPM_WANT_RECLAIM_CHILD_PROCESSES
100 void ap_reclaim_child_processes(int terminate)
103 long int waittime = 1024 * 16; /* in usecs */
104 apr_status_t waitret;
109 ap_mpm_query(AP_MPMQ_MAX_DAEMON_USED, &max_daemons);
110 MPM_SYNC_CHILD_TABLE();
112 for (tries = terminate ? 4 : 1; tries <= 9; ++tries) {
113 /* don't want to hold up progress any more than
114 * necessary, but we need to allow children a few moments to exit.
115 * Set delay with an exponential backoff.
118 waittime = waittime * 4;
120 /* now see who is done */
122 for (i = 0; i < max_daemons; ++i) {
123 pid_t pid = MPM_CHILD_PID(i);
130 waitret = apr_proc_wait(&proc, NULL, NULL, APR_NOWAIT);
131 if (waitret != APR_CHILD_NOTDONE) {
132 MPM_NOTE_CHILD_KILLED(i);
147 /* ok, now it's being annoying */
148 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_WARNING,
150 "child process %ld still did not exit, "
158 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR,
160 "child process %ld still did not exit, "
166 /* sending a SIGKILL kills the entire team on BeOS, and as
167 * httpd thread is part of that team it removes any chance
168 * of ever doing a restart. To counter this I'm changing to
169 * use a kinder, gentler way of killing a specific thread
170 * that is just as effective.
177 /* gave it our best shot, but alas... If this really
178 * is a child we are trying to kill and it really hasn't
179 * exited, we will likely fail to bind to the port
182 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR,
184 "could not make child process %ld exit, "
185 "attempting to continue anyway",
191 #if APR_HAS_OTHER_CHILD
192 apr_proc_other_child_check();
196 /* nothing left to wait for */
201 #endif /* AP_MPM_WANT_RECLAIM_CHILD_PROCESSES */
203 #ifdef AP_MPM_WANT_WAIT_OR_TIMEOUT
205 /* number of calls to wait_or_timeout between writable probes */
206 #ifndef INTERVAL_OF_WRITABLE_PROBES
207 #define INTERVAL_OF_WRITABLE_PROBES 10
209 static int wait_or_timeout_counter;
211 void ap_wait_or_timeout(apr_exit_why_e *status, int *exitcode, apr_proc_t *ret,
216 ++wait_or_timeout_counter;
217 if (wait_or_timeout_counter == INTERVAL_OF_WRITABLE_PROBES) {
218 wait_or_timeout_counter = 0;
221 rv = apr_proc_wait_all_procs(ret, exitcode, status, APR_NOWAIT, p);
222 if (APR_STATUS_IS_EINTR(rv)) {
227 if (APR_STATUS_IS_CHILD_DONE(rv)) {
232 if ((ret = reap_children(exitcode, status)) > 0) {
237 apr_sleep(SCOREBOARD_MAINTENANCE_INTERVAL);
241 #endif /* AP_MPM_WANT_WAIT_OR_TIMEOUT */
243 #ifdef AP_MPM_WANT_PROCESS_CHILD_STATUS
244 int ap_process_child_status(apr_proc_t *pid, apr_exit_why_e why, int status)
247 const char *sigdesc = apr_signal_get_description(signum);
249 /* Child died... if it died due to a fatal error,
250 * we should simply bail out. The caller needs to
251 * check for bad rc from us and exit, running any
252 * appropriate cleanups.
254 * If the child died due to a resource shortage,
255 * the parent should limit the rate of forking
257 if (APR_PROC_CHECK_EXIT(why)) {
258 if (status == APEXIT_CHILDSICK) {
262 if (status == APEXIT_CHILDFATAL) {
263 ap_log_error(APLOG_MARK, APLOG_ALERT|APLOG_NOERRNO,
265 "Child %" APR_OS_PROC_T_FMT
266 " returned a Fatal error..." APR_EOL_STR
267 "Apache is exiting!",
269 return APEXIT_CHILDFATAL;
275 if (APR_PROC_CHECK_SIGNALED(why)) {
279 case AP_SIG_GRACEFUL:
284 if (APR_PROC_CHECK_CORE_DUMP(why)) {
285 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE,
287 "child pid %ld exit signal %s (%d), "
288 "possible coredump in %s",
289 (long)pid->pid, sigdesc, signum,
293 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE,
295 "child pid %ld exit signal %s (%d)",
296 (long)pid->pid, sigdesc, signum);
302 #endif /* AP_MPM_WANT_PROCESS_CHILD_STATUS */
304 #if defined(TCP_NODELAY) && !defined(MPE) && !defined(TPF) && !defined(WIN32)
305 void ap_sock_disable_nagle(apr_socket_t *s)
307 /* The Nagle algorithm says that we should delay sending partial
308 * packets in hopes of getting more data. We don't want to do
309 * this; we are not telnet. There are bad interactions between
310 * persistent connections and Nagle's algorithm that have very severe
311 * performance penalties. (Failing to disable Nagle is not much of a
312 * problem with simple HTTP.)
314 * In spite of these problems, failure here is not a shooting offense.
316 apr_status_t status = apr_setsocketopt(s, APR_TCP_NODELAY, 1);
318 if (status != APR_SUCCESS) {
319 ap_log_error(APLOG_MARK, APLOG_WARNING, status, ap_server_conf,
320 "setsockopt: (TCP_NODELAY)");
326 AP_DECLARE(uid_t) ap_uname2id(const char *name)
331 return (atoi(&name[1]));
333 if (!(ent = getpwnam(name))) {
334 ap_log_error(APLOG_MARK, APLOG_STARTUP|APLOG_NOERRNO, 0, NULL,
335 "%s: bad user name %s", ap_server_argv0, name);
339 return (ent->pw_uid);
344 AP_DECLARE(gid_t) ap_gname2id(const char *name)
349 return (atoi(&name[1]));
351 if (!(ent = getgrnam(name))) {
352 ap_log_error(APLOG_MARK, APLOG_STARTUP|APLOG_NOERRNO, 0, NULL,
353 "%s: bad group name %s", ap_server_argv0, name);
357 return (ent->gr_gid);
361 #ifndef HAVE_INITGROUPS
362 int initgroups(const char *name, gid_t basegid)
364 #if defined(QNX) || defined(MPE) || defined(BEOS) || defined(_OSD_POSIX) || defined(TPF) || defined(__TANDEM) || defined(OS2) || defined(WIN32) || defined(NETWARE)
365 /* QNX, MPE and BeOS do not appear to support supplementary groups. */
368 gid_t groups[NGROUPS_MAX];
374 groups[index++] = basegid;
376 while (index < NGROUPS_MAX && ((g = getgrent()) != NULL)) {
377 if (g->gr_gid != basegid) {
380 for (names = g->gr_mem; *names != NULL; ++names) {
381 if (!strcmp(*names, name))
382 groups[index++] = g->gr_gid;
389 return setgroups(index, groups);
392 #endif /* def NEED_INITGROUPS */
394 #ifdef AP_MPM_USES_POD
396 AP_DECLARE(apr_status_t) ap_mpm_pod_open(apr_pool_t *p, ap_pod_t **pod)
400 *pod = apr_palloc(p, sizeof(**pod));
401 rv = apr_file_pipe_create(&((*pod)->pod_in), &((*pod)->pod_out), p);
402 if (rv != APR_SUCCESS) {
406 apr_file_pipe_timeout_set((*pod)->pod_in, 0);
409 apr_sockaddr_info_get(&(*pod)->sa, ap_listeners->bind_addr->hostname,
410 APR_UNSPEC, ap_listeners->bind_addr->port, 0, p);
415 AP_DECLARE(apr_status_t) ap_mpm_pod_check(ap_pod_t *pod)
421 rv = apr_file_read(pod->pod_in, &c, &len);
423 if ((rv == APR_SUCCESS) && (len == 1)) {
427 if (rv != APR_SUCCESS) {
434 AP_DECLARE(apr_status_t) ap_mpm_pod_close(ap_pod_t *pod)
438 rv = apr_file_close(pod->pod_out);
439 if (rv != APR_SUCCESS) {
443 rv = apr_file_close(pod->pod_in);
444 if (rv != APR_SUCCESS) {
451 static apr_status_t pod_signal_internal(ap_pod_t *pod)
454 char char_of_death = '!';
458 rv = apr_file_write(pod->pod_out, &char_of_death, &one);
459 } while (APR_STATUS_IS_EINTR(rv));
461 if (rv != APR_SUCCESS) {
462 ap_log_error(APLOG_MARK, APLOG_WARNING, rv, ap_server_conf,
463 "write pipe_of_death");
469 /* This function connects to the server, then immediately closes the connection.
470 * This permits the MPM to skip the poll when there is only one listening
471 * socket, because it provides a alternate way to unblock an accept() when
474 static apr_status_t dummy_connection(ap_pod_t *pod)
480 /* create a temporary pool for the socket. pconf stays around too long */
481 rv = apr_pool_create(&p, pod->p);
482 if (rv != APR_SUCCESS) {
486 rv = apr_socket_create(&sock, pod->sa->family, SOCK_STREAM, p);
487 if (rv != APR_SUCCESS) {
488 ap_log_error(APLOG_MARK, APLOG_WARNING, rv, ap_server_conf,
489 "get socket to connect to listener");
493 /* on some platforms (e.g., FreeBSD), the kernel won't accept many
494 * queued connections before it starts blocking local connects...
495 * we need to keep from blocking too long and instead return an error,
496 * because the MPM won't want to hold up a graceful restart for a
499 rv = apr_setsocketopt(sock, APR_SO_TIMEOUT, 3 * APR_USEC_PER_SEC);
500 if (rv != APR_SUCCESS) {
501 ap_log_error(APLOG_MARK, APLOG_WARNING, rv, ap_server_conf,
502 "set timeout on socket to connect to listener");
503 apr_socket_close(sock);
507 rv = apr_connect(sock, pod->sa);
508 if (rv != APR_SUCCESS) {
509 int log_level = APLOG_WARNING;
511 if (APR_STATUS_IS_TIMEUP(rv)) {
512 /* probably some server processes bailed out already and there
513 * is nobody around to call accept and clear out the kernel
514 * connection queue; usually this is not worth logging
516 log_level = APLOG_DEBUG;
519 ap_log_error(APLOG_MARK, log_level, rv, ap_server_conf,
520 "connect to listener");
523 apr_socket_close(sock);
529 AP_DECLARE(apr_status_t) ap_mpm_pod_signal(ap_pod_t *pod)
533 rv = pod_signal_internal(pod);
534 if (rv != APR_SUCCESS) {
538 return dummy_connection(pod);
541 void ap_mpm_pod_killpg(ap_pod_t *pod, int num)
544 apr_status_t rv = APR_SUCCESS;
546 for (i = 0; i < num && rv == APR_SUCCESS; i++) {
547 rv = pod_signal_internal(pod);
550 if (rv == APR_SUCCESS) {
551 for (i = 0; i < num && rv == APR_SUCCESS; i++) {
552 rv = dummy_connection(pod);
556 #endif /* #ifdef AP_MPM_USES_POD */
558 /* standard mpm configuration handling */
559 #ifdef AP_MPM_WANT_SET_PIDFILE
560 const char *ap_pid_fname = NULL;
562 const char *ap_mpm_set_pidfile(cmd_parms *cmd, void *dummy,
565 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
570 if (cmd->server->is_virtual) {
571 return "PidFile directive not allowed in <VirtualHost>";
579 #ifdef AP_MPM_WANT_SET_SCOREBOARD
580 const char * ap_mpm_set_scoreboard(cmd_parms *cmd, void *dummy,
583 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
588 ap_scoreboard_fname = arg;
593 #ifdef AP_MPM_WANT_SET_LOCKFILE
594 const char *ap_lock_fname = NULL;
596 const char *ap_mpm_set_lockfile(cmd_parms *cmd, void *dummy,
599 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
609 #ifdef AP_MPM_WANT_SET_MAX_REQUESTS
610 int ap_max_requests_per_child = 0;
612 const char *ap_mpm_set_max_requests(cmd_parms *cmd, void *dummy,
615 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
620 ap_max_requests_per_child = atoi(arg);
626 #ifdef AP_MPM_WANT_SET_COREDUMPDIR
627 char ap_coredump_dir[MAX_STRING_LEN];
629 const char *ap_mpm_set_coredumpdir(cmd_parms *cmd, void *dummy,
634 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
639 fname = ap_server_root_relative(cmd->pool, arg);
640 if ((apr_stat(&finfo, fname, APR_FINFO_TYPE, cmd->pool) != APR_SUCCESS)
641 || (finfo.filetype != APR_DIR)) {
642 return apr_pstrcat(cmd->pool, "CoreDumpDirectory ", fname,
643 " does not exist or is not a directory", NULL);
646 apr_cpystrn(ap_coredump_dir, fname, sizeof(ap_coredump_dir));
651 #ifdef AP_MPM_WANT_SET_ACCEPT_LOCK_MECH
652 apr_lockmech_e ap_accept_lock_mech = APR_LOCK_DEFAULT;
654 AP_DECLARE(const char *) ap_mpm_set_accept_lock_mech(cmd_parms *cmd,
658 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
663 if (!strcasecmp(arg, "default")) {
664 ap_accept_lock_mech = APR_LOCK_DEFAULT;
666 #if APR_HAS_FLOCK_SERIALIZE
667 else if (!strcasecmp(arg, "flock")) {
668 ap_accept_lock_mech = APR_LOCK_FLOCK;
671 #if APR_HAS_FCNTL_SERIALIZE
672 else if (!strcasecmp(arg, "fcntl")) {
673 ap_accept_lock_mech = APR_LOCK_FCNTL;
677 /* perchild can't use SysV sems because the permissions on the accept
678 * mutex can't be set to allow all processes to use the mutex and
679 * at the same time keep all users from being able to dink with the
682 #if APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM)
683 else if (!strcasecmp(arg, "sysvsem")) {
684 ap_accept_lock_mech = APR_LOCK_SYSVSEM;
687 #if APR_HAS_PROC_PTHREAD_SERIALIZE
688 else if (!strcasecmp(arg, "pthread")) {
689 ap_accept_lock_mech = APR_LOCK_PROC_PTHREAD;
693 return apr_pstrcat(cmd->pool, arg, " is an invalid mutex mechanism; "
694 "valid ones for this platform and MPM are: default"
695 #if APR_HAS_FLOCK_SERIALIZE
698 #if APR_HAS_FCNTL_SERIALIZE
701 #if APR_HAS_SYSVSEM_SERIALIZE && !defined(PERCHILD_MPM)
704 #if APR_HAS_PROC_PTHREAD_SERIALIZE