1 diff -Nur httpd-2.0.50/server/mpm/config.m4 httpd-2.0.50-new/server/mpm/config.m4
2 --- httpd-2.0.50/server/mpm/config.m4 2003-03-11 00:07:52.000000000 -0700
3 +++ httpd-2.0.50-new/server/mpm/config.m4 2004-08-01 21:06:05.773211880 -0600
5 AC_MSG_CHECKING(which MPM to use)
7 APACHE_HELP_STRING(--with-mpm=MPM,Choose the process model for Apache to use.
8 - MPM={beos|worker|prefork|mpmt_os2|perchild|leader|threadpool|metuxmpm}),[
9 + MPM={beos|worker|prefork|mpmt_os2|perchild|leader|threadpool|metuxmpm|peruser}),[
12 if test "x$APACHE_MPM" = "x"; then
14 APACHE_FAST_OUTPUT(server/mpm/Makefile)
16 MPM_NAME=$apache_cv_mpm
17 -if test "$MPM_NAME" = "leader" -o "$MPM_NAME" = "threadpool" -o "$MPM_NAME" = "perchild" -o "$MPM_NAME" = "metuxmpm"; then
18 +if test "$MPM_NAME" = "leader" -o "$MPM_NAME" = "threadpool" -o "$MPM_NAME" = "perchild" -o "$MPM_NAME" = "metuxmpm" -o "$MPM_NAME" = "peruser"; then
19 AC_MSG_WARN(You have selected an EXPERIMENTAL MPM. Be warned!)
20 MPM_SUBDIR_NAME=experimental/$MPM_NAME
22 diff -Nur httpd-2.0.50/server/mpm/experimental/peruser/config.m4 httpd-2.0.50-new/server/mpm/experimental/peruser/config.m4
23 --- httpd-2.0.50/server/mpm/experimental/peruser/config.m4 1969-12-31 17:00:00.000000000 -0700
24 +++ httpd-2.0.50-new/server/mpm/experimental/peruser/config.m4 2004-08-01 21:06:05.777211272 -0600
26 +if test "$MPM_NAME" = "peruser" ; then
27 + APACHE_FAST_OUTPUT(server/mpm/experimental/$MPM_NAME/Makefile)
29 diff -Nur httpd-2.0.50/server/mpm/experimental/peruser/Makefile.in httpd-2.0.50-new/server/mpm/experimental/peruser/Makefile.in
30 --- httpd-2.0.50/server/mpm/experimental/peruser/Makefile.in 1969-12-31 17:00:00.000000000 -0700
31 +++ httpd-2.0.50-new/server/mpm/experimental/peruser/Makefile.in 2004-08-01 21:06:05.775211576 -0600
34 +LTLIBRARY_NAME = libperuser.la
35 +LTLIBRARY_SOURCES = peruser.c
37 +include $(top_srcdir)/build/ltlib.mk
38 diff -Nur httpd-2.0.50/server/mpm/experimental/peruser/mpm_default.h httpd-2.0.50-new/server/mpm/experimental/peruser/mpm_default.h
39 --- httpd-2.0.50/server/mpm/experimental/peruser/mpm_default.h 1969-12-31 17:00:00.000000000 -0700
40 +++ httpd-2.0.50-new/server/mpm/experimental/peruser/mpm_default.h 2004-08-01 21:06:05.781210664 -0600
42 +/* ====================================================================
43 + * The Apache Software License, Version 1.1
45 + * Copyright (c) 2000-2003 The Apache Software Foundation. All rights
48 + * Redistribution and use in source and binary forms, with or without
49 + * modification, are permitted provided that the following conditions
52 + * 1. Redistributions of source code must retain the above copyright
53 + * notice, this list of conditions and the following disclaimer.
55 + * 2. Redistributions in binary form must reproduce the above copyright
56 + * notice, this list of conditions and the following disclaimer in
57 + * the documentation and/or other materials provided with the
60 + * 3. The end-user documentation included with the redistribution,
61 + * if any, must include the following acknowledgment:
62 + * "This product includes software developed by the
63 + * Apache Software Foundation (http://www.apache.org/)."
64 + * Alternately, this acknowledgment may appear in the software itself,
65 + * if and wherever such third-party acknowledgments normally appear.
67 + * 4. The names "Apache" and "Apache Software Foundation" must
68 + * not be used to endorse or promote products derived from this
69 + * software without prior written permission. For written
70 + * permission, please contact apache@apache.org.
72 + * 5. Products derived from this software may not be called "Apache",
73 + * nor may "Apache" appear in their name, without prior written
74 + * permission of the Apache Software Foundation.
76 + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
77 + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
78 + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
79 + * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
80 + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
81 + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
82 + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
83 + * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
84 + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
85 + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
86 + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
88 + * ====================================================================
90 + * This software consists of voluntary contributions made by many
91 + * individuals on behalf of the Apache Software Foundation. For more
92 + * information on the Apache Software Foundation, please see
93 + * <http://www.apache.org/>.
95 + * Portions of this software are based upon public domain software
96 + * originally written at the National Center for Supercomputing Applications,
97 + * University of Illinois, Urbana-Champaign.
100 +#ifndef APACHE_MPM_DEFAULT_H
101 +#define APACHE_MPM_DEFAULT_H
103 +/* Number of servers to spawn off by default --- also, if fewer than
104 + * this free when the caretaker checks, it will spawn more.
106 +#ifndef DEFAULT_START_DAEMON
107 +#define DEFAULT_START_DAEMON 5
110 +/* Maximum number of *free* server processes --- more than this, and
111 + * they will die off.
114 +#ifndef DEFAULT_MAX_FREE_DAEMON
115 +#define DEFAULT_MAX_FREE_DAEMON 10
118 +/* Minimum --- fewer than this, and more will be created */
120 +#ifndef DEFAULT_MIN_FREE_DAEMON
121 +#define DEFAULT_MIN_FREE_DAEMON 5
124 +/* Maximum processors per ServerEnvironment */
126 +#ifndef DEFAULT_MAX_PROCESSORS
127 +#define DEFAULT_MAX_PROCESSORS 10
130 +/* File used for accept locking, when we use a file */
131 +#ifndef DEFAULT_LOCKFILE
132 +#define DEFAULT_LOCKFILE DEFAULT_REL_RUNTIMEDIR "/accept.lock"
135 +/* Where the main/parent process's pid is logged */
136 +#ifndef DEFAULT_PIDLOG
137 +#define DEFAULT_PIDLOG DEFAULT_REL_RUNTIMEDIR "/httpd.pid"
141 + * Interval, in microseconds, between scoreboard maintenance.
143 +#ifndef SCOREBOARD_MAINTENANCE_INTERVAL
144 +#define SCOREBOARD_MAINTENANCE_INTERVAL 1000000
147 +/* Number of requests to try to handle in a single process. If <= 0,
148 + * the children don't die off.
150 +#ifndef DEFAULT_MAX_REQUESTS_PER_CHILD
151 +#define DEFAULT_MAX_REQUESTS_PER_CHILD 10000
154 +#endif /* AP_MPM_DEFAULT_H */
155 diff -Nur httpd-2.0.50/server/mpm/experimental/peruser/mpm.h httpd-2.0.50-new/server/mpm/experimental/peruser/mpm.h
156 --- httpd-2.0.50/server/mpm/experimental/peruser/mpm.h 1969-12-31 17:00:00.000000000 -0700
157 +++ httpd-2.0.50-new/server/mpm/experimental/peruser/mpm.h 2004-08-01 21:13:56.178699376 -0600
159 +/* ====================================================================
160 + * The Apache Software License, Version 1.1
162 + * Copyright (c) 2000-2003 The Apache Software Foundation. All rights
165 + * Redistribution and use in source and binary forms, with or without
166 + * modification, are permitted provided that the following conditions
169 + * 1. Redistributions of source code must retain the above copyright
170 + * notice, this list of conditions and the following disclaimer.
172 + * 2. Redistributions in binary form must reproduce the above copyright
173 + * notice, this list of conditions and the following disclaimer in
174 + * the documentation and/or other materials provided with the
177 + * 3. The end-user documentation included with the redistribution,
178 + * if any, must include the following acknowledgment:
179 + * "This product includes software developed by the
180 + * Apache Software Foundation (http://www.apache.org/)."
181 + * Alternately, this acknowledgment may appear in the software itself,
182 + * if and wherever such third-party acknowledgments normally appear.
184 + * 4. The names "Apache" and "Apache Software Foundation" must
185 + * not be used to endorse or promote products derived from this
186 + * software without prior written permission. For written
187 + * permission, please contact apache@apache.org.
189 + * 5. Products derived from this software may not be called "Apache",
190 + * nor may "Apache" appear in their name, without prior written
191 + * permission of the Apache Software Foundation.
193 + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
194 + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
195 + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
196 + * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
197 + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
198 + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
199 + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
200 + * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
201 + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
202 + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
203 + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
205 + * ====================================================================
207 + * This software consists of voluntary contributions made by many
208 + * individuals on behalf of the Apache Software Foundation. For more
209 + * information on the Apache Software Foundation, please see
210 + * <http://www.apache.org/>.
212 + * Portions of this software are based upon public domain software
213 + * originally written at the National Center for Supercomputing Applications,
214 + * University of Illinois, Urbana-Champaign.
218 +#include "mpm_default.h"
219 +#include "scoreboard.h"
222 +#ifndef APACHE_MPM_PERUSER_H
223 +#define APACHE_MPM_PERUSER_H
227 +#define MPM_NAME "Peruser"
229 +#define AP_MPM_WANT_RECLAIM_CHILD_PROCESSES
230 +#define AP_MPM_WANT_WAIT_OR_TIMEOUT
231 +#define AP_MPM_WANT_PROCESS_CHILD_STATUS
232 +#define AP_MPM_WANT_SET_PIDFILE
233 +#define AP_MPM_WANT_SET_SCOREBOARD
234 +#define AP_MPM_WANT_SET_LOCKFILE
235 +#define AP_MPM_WANT_SET_MAX_REQUESTS
236 +#define AP_MPM_WANT_SET_COREDUMPDIR
237 +#define AP_MPM_WANT_SET_ACCEPT_LOCK_MECH
238 +#define AP_MPM_WANT_SIGNAL_SERVER
239 +#define AP_MPM_WANT_SET_MAX_MEM_FREE
240 +#define AP_MPM_DISABLE_NAGLE_ACCEPTED_SOCK
242 +#define AP_MPM_USES_POD 1
243 +#define MPM_CHILD_PID(i) (ap_scoreboard_image->parent[i].pid)
244 +#define MPM_NOTE_CHILD_KILLED(i) (MPM_CHILD_PID(i) = 0)
245 +#define MPM_ACCEPT_FUNC unixd_accept
247 +extern int ap_threads_per_child;
248 +extern int ap_max_daemons_limit;
249 +extern server_rec *ap_server_conf;
251 +/* Table of child status */
252 +#define SERVER_DEAD 0
253 +#define SERVER_DYING 1
254 +#define SERVER_ALIVE 2
256 +typedef struct ap_ctable {
258 + unsigned char status;
261 +#endif /* APACHE_MPM_PERUSER_H */
262 diff -Nur httpd-2.0.50/server/mpm/experimental/peruser/peruser.c httpd-2.0.50-new/server/mpm/experimental/peruser/peruser.c
263 --- httpd-2.0.50/server/mpm/experimental/peruser/peruser.c 1969-12-31 17:00:00.000000000 -0700
264 +++ httpd-2.0.50-new/server/mpm/experimental/peruser/peruser.c 2004-08-01 21:07:09.480526896 -0600
266 +/* ====================================================================
267 + * The Apache Software License, Version 1.1
269 + * Copyright (c) 2000-2003 The Apache Software Foundation. All rights
272 + * Redistribution and use in source and binary forms, with or without
273 + * modification, are permitted provided that the following conditions
276 + * 1. Redistributions of source code must retain the above copyright
277 + * notice, this list of conditions and the following disclaimer.
279 + * 2. Redistributions in binary form must reproduce the above copyright
280 + * notice, this list of conditions and the following disclaimer in
281 + * the documentation and/or other materials provided with the
284 + * 3. The end-user documentation included with the redistribution,
285 + * if any, must include the following acknowledgment:
286 + * "This product includes software developed by the
287 + * Apache Software Foundation (http://www.apache.org/)."
288 + * Alternately, this acknowledgment may appear in the software itself,
289 + * if and wherever such third-party acknowledgments normally appear.
291 + * 4. The names "Apache" and "Apache Software Foundation" must
292 + * not be used to endorse or promote products derived from this
293 + * software without prior written permission. For written
294 + * permission, please contact apache@apache.org.
296 + * 5. Products derived from this software may not be called "Apache",
297 + * nor may "Apache" appear in their name, without prior written
298 + * permission of the Apache Software Foundation.
300 + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
301 + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
302 + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
303 + * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
304 + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
305 + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
306 + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
307 + * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
308 + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
309 + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
310 + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
312 + * ====================================================================
314 + * This software consists of voluntary contributions made by many
315 + * individuals on behalf of the Apache Software Foundation. For more
316 + * information on the Apache Software Foundation, please see
317 + * <http://www.apache.org/>.
319 + * Portions of this software are based upon public domain software
320 + * originally written at the National Center for Supercomputing Applications,
321 + * University of Illinois, Urbana-Champaign.
324 +/* #define MPM_PERUSER_DEBUG */
327 +#include "apr_hash.h"
328 +#include "apr_pools.h"
329 +#include "apr_file_io.h"
330 +#include "apr_portable.h"
331 +#include "apr_strings.h"
332 +#include "apr_thread_proc.h"
333 +#include "apr_signal.h"
335 +#define APR_WANT_STDIO
336 +#define APR_WANT_STRFUNC
337 +#define APR_WANT_IOVEC
338 +#include "apr_want.h"
340 +#if APR_HAVE_UNISTD_H
343 +#if APR_HAVE_SYS_TYPES_H
344 +#include <sys/types.h>
347 +#define CORE_PRIVATE
349 +#include "ap_config.h"
351 +#include "mpm_default.h"
352 +#include "http_main.h"
353 +#include "http_log.h"
354 +#include "http_config.h"
355 +#include "http_core.h" /* for get_remote_host */
356 +#include "http_connection.h"
357 +#include "scoreboard.h"
360 +#include "mpm_common.h"
361 +#include "ap_listen.h"
363 +#include "apr_poll.h"
364 +#include "util_ebcdic.h"
366 +#ifdef HAVE_BSTRING_H
367 +#include <bstring.h> /* for IRIX, FD_SET calls bzero() */
374 +#ifdef HAVE_SYS_PROCESSOR_H
375 +#include <sys/processor.h> /* for bindprocessor() */
378 +#if APR_HAS_SHARED_MEMORY
379 +#include "apr_shm.h"
381 +#error "Peruser MPM requres shared memory support."
385 +/* should be APR-ized */
388 +#include <sys/stat.h>
393 +#include <sys/times.h>
396 +#ifdef MPM_PERUSER_DEBUG
397 +# define _DBG(text,par...) \
398 + ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, \
399 + "(peruser: pid=%d uid=%d child=%d) %s(): " text, \
400 + getpid(), getuid(), my_child_num, __FUNCTION__, ##par, 0)
402 +# define _TRACE_CALL(text,par...) _DBG("calling " text, ##par)
403 +# define _TRACE_RET(text,par...) _DBG("returned from " text, ##par)
405 +# define _DBG(text,par...)
406 +# define _TRACE_RET(text,par...)
407 +# define _TRACE_CALL(text,par...)
408 +#endif /* MPM_PERUSER_DEBUG */
410 +/* char of death - for signalling children to die */
411 +#define AP_PERUSER_CHAR_OF_DEATH '!'
413 +#define PERUSER_SERVER_CONF(cf) \
414 + ((peruser_server_conf *) ap_get_module_config(cf, &mpm_peruser_module))
417 + * Define some magic numbers that we use for the state of the incomming
418 + * request. These must be < 0 so they don't collide with a file descriptor.
420 +#define AP_PERUSER_THISCHILD -1
421 +#define AP_PERUSER_OTHERCHILD -2
424 +/* Limit on the total --- clients will be locked out if more servers than
425 + * this are needed. It is intended solely to keep the server from crashing
426 + * when things get out of hand.
428 + * We keep a hard maximum number of servers, for two reasons --- first off,
429 + * in case something goes seriously wrong, we want to stop the fork bomb
430 + * short of actually crashing the machine we're running on by filling some
431 + * kernel table. Secondly, it keeps the size of the scoreboard file small
432 + * enough that we can read the whole thing without worrying too much about
435 +#ifndef DEFAULT_SERVER_LIMIT
436 +#define DEFAULT_SERVER_LIMIT 256
439 +/* Admin can't tune ServerLimit beyond MAX_SERVER_LIMIT. We want
440 + * some sort of compile-time limit to help catch typos.
442 +#ifndef MAX_SERVER_LIMIT
443 +#define MAX_SERVER_LIMIT 20000
446 +#ifndef HARD_THREAD_LIMIT
447 +#define HARD_THREAD_LIMIT 1
450 +#define CHILD_TYPE_MULTIPLEXER 1
451 +#define CHILD_TYPE_PROCESSOR 2
453 +#define CHILD_STATUS_STANDBY 0 /* wait for a request before starting */
454 +#define CHILD_STATUS_STARTING 1 /* wait for socket creation */
455 +#define CHILD_STATUS_READY 2 /* wait for mux to restart */
456 +#define CHILD_STATUS_ACTIVE 3 /* ready to take requests */
457 +#define CHILD_STATUS_RESTART 4 /* child about to die and restart */
459 +/* config globals */
461 +int ap_threads_per_child=0; /* Worker threads per child */
462 +static apr_proc_mutex_t *accept_mutex;
463 +static int ap_daemons_min_free=0;
464 +static int ap_max_processors=0;
465 +static int ap_daemons_limit=0; /* MaxClients */
466 +static int server_limit = DEFAULT_SERVER_LIMIT;
467 +static int first_server_limit;
468 +static int changed_limit_at_restart;
470 +static int requests_this_child;
471 +static ap_pod_t *pod;
473 +/* === configuration stuff === */
474 +/* the server limit is also the size of the server table */
475 +static int cf_server_limit = DEFAULT_SERVER_LIMIT;
477 +/* -- server process information -- */
480 + /* identification */
481 + int id; /* index in child_info_table */
482 + pid_t pid; /* process id */
483 + int status; /* status of child */
484 + int type; /* multiplexer or processor */
486 + /* security settings */
487 + uid_t uid; /* user id */
488 + gid_t gid; /* group id */
489 + const char *chroot; /* directory to chroot() to, can be null */
492 + int input; /* The socket descriptor */
493 + int output; /* The socket descriptor */
496 + /* stack context saved state */
502 + apr_size_t num_childs;
503 +} child_info_control;
507 + child_info_control *control;
508 + child_info_t *table;
513 + const char *sockname; /* The base name for the socket */
514 + const char *fullsockname; /* socket base name + extension */
517 + const char *chroot;
518 + int max_processors;
520 +} peruser_server_conf;
522 +typedef struct peruser_header
529 +/* Tables used to determine the user and group each child process should
530 + * run as. The hash table is used to correlate a server name with a child
533 +static apr_size_t child_info_size;
534 +static child_info *child_info_image;
535 +struct ap_ctable *ap_child_table;
537 +#define NUM_CHILDS (child_info_image != NULL ? child_info_image->control->num_childs : 0)
538 +#define CHILD_INFO_TABLE (child_info_image != NULL ? child_info_image->table : NULL)
540 +#if APR_HAS_SHARED_MEMORY
542 +static /* but must be exported to mpm_winnt */
544 + apr_shm_t *child_info_shm = NULL;
548 + * The max child slot ever assigned, preserved across restarts. Necessary
549 + * to deal with MaxClients changes across AP_SIG_GRACEFUL restarts. We
550 + * use this value to optimize routines that have to scan the entire scoreboard.
552 +int ap_max_daemons_limit = -1;
553 +server_rec *ap_server_conf;
555 +module AP_MODULE_DECLARE_DATA mpm_peruser_module;
557 +/* -- replace the pipe-of-death by an control socket -- */
558 +static apr_file_t *pipe_of_death_in = NULL;
559 +static apr_file_t *pipe_of_death_out = NULL;
562 +/* one_process --- debugging mode variable; can be set from the command line
563 + * with the -X flag. If set, this gets you the child_main loop running
564 + * in the process which originally started up (no detach, no make_child),
565 + * which is a pretty nice debugging environment. (You'll get a SIGHUP
566 + * early in standalone_main; just continue through. This is the server
567 + * trying to kill off any child processes which it might have lying
568 + * around --- Apache doesn't keep track of their pids, it just sends
569 + * SIGHUP to the process group, ignoring it in the root process.
570 + * Continue through and you'll be fine.).
573 +static int one_process = 0;
575 +static apr_pool_t *pconf; /* Pool for config stuff */
576 +static apr_pool_t *pchild; /* Pool for httpd child stuff */
578 +static pid_t ap_my_pid; /* it seems silly to call getpid all the time */
579 +static pid_t parent_pid;
580 +static int my_child_num;
581 +ap_generation_t volatile ap_my_generation=0;
585 +char tpf_server_name[INETD_SERVNAME_LENGTH+1];
588 +static int die_now = 0;
592 + * change directory for gprof to plop the gmon.out file
593 + * configure in httpd.conf:
594 + * GprofDir $RuntimeDir/ -> $ServerRoot/$RuntimeDir/gmon.out
595 + * GprofDir $RuntimeDir/% -> $ServerRoot/$RuntimeDir/gprof.$pid/gmon.out
597 +static void chdir_for_gprof(void)
599 + core_server_config *sconf =
600 + ap_get_module_config(ap_server_conf->module_config, &core_module);
601 + char *dir = sconf->gprof_dir;
602 + const char *use_dir;
607 + int len = strlen(sconf->gprof_dir) - 1;
608 + if(*(dir + len) == '%') {
610 + apr_snprintf(buf, sizeof(buf), "%sgprof.%d", dir, (int)getpid());
612 + use_dir = ap_server_root_relative(pconf, buf[0] ? buf : dir);
613 + res = apr_dir_make(use_dir, 0755, pconf);
614 + if(res != APR_SUCCESS && !APR_STATUS_IS_EEXIST(res)) {
615 + ap_log_error(APLOG_MARK, APLOG_ERR, errno, ap_server_conf,
616 + "gprof: error creating directory %s", dir);
620 + use_dir = ap_server_root_relative(pconf, DEFAULT_REL_RUNTIMEDIR);
626 +#define chdir_for_gprof()
629 +char* child_type_string(int type)
633 + case CHILD_TYPE_MULTIPLEXER: return "MULTIPLEXER";
634 + case CHILD_TYPE_PROCESSOR: return "PROCESSOR";
640 +char* child_status_string(int status)
644 + case CHILD_STATUS_STANDBY: return "STANDBY";
645 + case CHILD_STATUS_STARTING: return "STARTING";
646 + case CHILD_STATUS_READY: return "READY";
647 + case CHILD_STATUS_ACTIVE: return "ACTIVE";
648 + case CHILD_STATUS_RESTART: return "RESTART";
654 +void dump_child_table()
658 + _DBG("%-3s %-5s %-8s %-12s %-4s %-4s %-25s %5s %6s %7s",
659 + "ID", "PID", "STATUS", "TYPE", "UID", "GID", "CHROOT", "INPUT", "OUTPUT", "SOCK_FD");
661 + for(x = 0; x < NUM_CHILDS; x++)
663 + _DBG("%-3d %-5d %-8s %-12s %-4d %-4d %-25s %-5d %-6d %-7d",
664 + CHILD_INFO_TABLE[x].id,
665 + CHILD_INFO_TABLE[x].pid,
666 + child_status_string(CHILD_INFO_TABLE[x].status),
667 + child_type_string(CHILD_INFO_TABLE[x].type),
668 + CHILD_INFO_TABLE[x].uid,
669 + CHILD_INFO_TABLE[x].gid,
670 + CHILD_INFO_TABLE[x].chroot,
671 + CHILD_INFO_TABLE[x].input,
672 + CHILD_INFO_TABLE[x].output,
673 + CHILD_INFO_TABLE[x].sock_fd);
677 +/* XXX - I don't know if TPF will ever use this module or not, so leave
678 + * the ap_check_signals calls in but disable them - manoj */
679 +#define ap_check_signals()
681 +/* a clean exit from a child with proper cleanup */
682 +static inline int clean_child_exit(int code) __attribute__ ((noreturn));
683 +static inline int clean_child_exit(int code)
686 + apr_pool_destroy(pchild);
688 + ap_mpm_pod_close(pod);
693 +static void accept_mutex_on(void)
695 +/* for some reason this fails if we listen on the pipe_of_death.
696 + fortunately I don't think we currently need it */
699 + apr_status_t rv = apr_proc_mutex_lock(accept_mutex);
700 + if (rv != APR_SUCCESS) {
701 + const char *msg = "couldn't grab the accept mutex";
703 + if (ap_my_generation !=
704 + ap_scoreboard_image->global->running_generation) {
705 + ap_log_error(APLOG_MARK, APLOG_DEBUG, rv, NULL, msg);
706 + clean_child_exit(0);
709 + ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL, msg);
710 + exit(APEXIT_CHILDFATAL);
716 +static void accept_mutex_off(void)
719 + apr_status_t rv = apr_proc_mutex_unlock(accept_mutex);
720 + if (rv != APR_SUCCESS) {
721 + const char *msg = "couldn't release the accept mutex";
723 + if (ap_my_generation !=
724 + ap_scoreboard_image->global->running_generation) {
725 + ap_log_error(APLOG_MARK, APLOG_DEBUG, rv, NULL, msg);
726 + /* don't exit here... we have a connection to
727 + * process, after which point we'll see that the
728 + * generation changed and we'll exit cleanly
732 + ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL, msg);
733 + exit(APEXIT_CHILDFATAL);
739 +/* On some architectures it's safe to do unserialized accept()s in the single
740 + * Listen case. But it's never safe to do it in the case where there's
741 + * multiple Listen statements. Define SINGLE_LISTEN_UNSERIALIZED_ACCEPT
742 + * when it's safe in the single Listen case.
744 +#ifdef SINGLE_LISTEN_UNSERIALIZED_ACCEPT
745 +#define SAFE_ACCEPT(stmt) do {if (ap_listeners->next) {stmt;}} while(0)
747 +#define SAFE_ACCEPT(stmt) do {stmt;} while(0)
750 +AP_DECLARE(apr_status_t) ap_mpm_query(int query_code, int *result)
752 + switch(query_code){
753 + case AP_MPMQ_MAX_DAEMON_USED:
754 + *result = ap_daemons_limit;
755 + return APR_SUCCESS;
756 + case AP_MPMQ_IS_THREADED:
757 + *result = AP_MPMQ_NOT_SUPPORTED;
758 + return APR_SUCCESS;
759 + case AP_MPMQ_IS_FORKED:
760 + *result = AP_MPMQ_DYNAMIC;
761 + return APR_SUCCESS;
762 + case AP_MPMQ_HARD_LIMIT_DAEMONS:
763 + *result = server_limit;
764 + return APR_SUCCESS;
765 + case AP_MPMQ_HARD_LIMIT_THREADS:
766 + *result = HARD_THREAD_LIMIT;
767 + return APR_SUCCESS;
768 + case AP_MPMQ_MAX_THREADS:
770 + return APR_SUCCESS;
771 + case AP_MPMQ_MIN_SPARE_DAEMONS:
772 + *result = ap_daemons_min_free;
773 + return APR_SUCCESS;
774 + case AP_MPMQ_MIN_SPARE_THREADS:
776 + return APR_SUCCESS;
777 + case AP_MPMQ_MAX_SPARE_THREADS:
779 + return APR_SUCCESS;
780 + case AP_MPMQ_MAX_REQUESTS_DAEMON:
781 + *result = ap_max_requests_per_child;
782 + return APR_SUCCESS;
783 + case AP_MPMQ_MAX_DAEMONS:
784 + *result = server_limit;
785 + return APR_SUCCESS;
787 + return APR_ENOTIMPL;
790 +#if defined(NEED_WAITPID)
792 + Systems without a real waitpid sometimes lose a child's exit while waiting
793 + for another. Search through the scoreboard for missing children.
795 +int reap_children(int *exitcode, apr_exit_why_e *status)
799 + for (n = 0; n < ap_max_daemons_limit; ++n) {
800 + if (ap_scoreboard_image->servers[n][0].status != SERVER_DEAD &&
801 + kill((pid = ap_scoreboard_image->parent[n].pid), 0) == -1) {
802 + ap_update_child_status_from_indexes(n, 0, SERVER_DEAD, NULL);
803 + /* just mark it as having a successful exit status */
804 + *status = APR_PROC_EXIT;
813 +/* handle all varieties of core dumping signals */
814 +static void sig_coredump(int sig)
816 + chdir(ap_coredump_dir);
817 + apr_signal(sig, SIG_DFL);
818 + if (ap_my_pid == parent_pid) {
819 + ap_log_error(APLOG_MARK, APLOG_NOTICE,
821 + "seg fault or similar nasty error detected "
822 + "in the parent process");
824 + kill(getpid(), sig);
825 + /* At this point we've got sig blocked, because we're still inside
826 + * the signal handler. When we leave the signal handler it will
827 + * be unblocked, and we'll take the signal... and coredump or whatever
828 + * is appropriate for this particular Unix. In addition the parent
829 + * will see the real signal we received -- whereas if we called
830 + * abort() here, the parent would only see SIGABRT.
834 +/*****************************************************************
835 + * Connection structures and accounting...
838 +static void just_die(int sig)
840 +_DBG("function called");
841 + clean_child_exit(0);
844 +/* volatile just in case */
845 +static int volatile shutdown_pending;
846 +static int volatile restart_pending;
847 +static int volatile is_graceful;
848 +/* XXX static int volatile child_fatal; */
850 +static void sig_term(int sig)
852 + if (shutdown_pending == 1) {
853 + /* Um, is this _probably_ not an error, if the user has
854 + * tried to do a shutdown twice quickly, so we won't
855 + * worry about reporting it.
859 + shutdown_pending = 1;
862 +/* restart() is the signal handler for SIGHUP and AP_SIG_GRACEFUL
863 + * in the parent process, unless running in ONE_PROCESS mode
865 +static void restart(int sig)
867 + if (restart_pending == 1) {
868 + /* Probably not an error - don't bother reporting it */
871 + restart_pending = 1;
872 + is_graceful = (sig == AP_SIG_GRACEFUL);
875 +/* Sets die_now if we received a character on the pipe_of_death */
876 +static apr_status_t check_pipe_of_death
884 + char pipe_read_char;
887 + _DBG("WATCH: die_now=%d", die_now);
889 + if (die_now) return APR_SUCCESS;
891 + /* apr_thread_mutex_lock(pipe_of_death_mutex); */
892 + ret = apr_recv(lr->sd, &pipe_read_char, &n);
893 + if (APR_STATUS_IS_EAGAIN(ret))
895 + /* It lost the lottery. It must continue to suffer
896 + * through a life of servitude. */
900 + if (pipe_read_char != AP_PERUSER_CHAR_OF_DEATH)
902 + _DBG("got wrong char %c", pipe_read_char);
903 + return APR_SUCCESS;
905 + /* It won the lottery (or something else is very
906 + * wrong). Embrace death with open arms. */
908 + _DBG("WATCH: die_now=%d", die_now);
910 + /* apr_thread_mutex_unlock(pipe_of_death_mutex); */
911 + return APR_SUCCESS;
914 +static void set_signals(void)
916 +#ifndef NO_USE_SIGACTION
917 + struct sigaction sa;
919 + sigemptyset(&sa.sa_mask);
922 + if (!one_process) {
923 + sa.sa_handler = sig_coredump;
924 +#if defined(SA_ONESHOT)
925 + sa.sa_flags = SA_ONESHOT;
926 +#elif defined(SA_RESETHAND)
927 + sa.sa_flags = SA_RESETHAND;
929 + if (sigaction(SIGSEGV, &sa, NULL) < 0)
930 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGSEGV)");
932 + if (sigaction(SIGBUS, &sa, NULL) < 0)
933 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGBUS)");
936 + if (sigaction(SIGABORT, &sa, NULL) < 0)
937 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGABORT)");
940 + if (sigaction(SIGABRT, &sa, NULL) < 0)
941 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGABRT)");
944 + if (sigaction(SIGILL, &sa, NULL) < 0)
945 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGILL)");
949 + sa.sa_handler = sig_term;
950 + if (sigaction(SIGTERM, &sa, NULL) < 0)
951 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGTERM)");
953 + if (sigaction(SIGINT, &sa, NULL) < 0)
954 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGINT)");
957 + sa.sa_handler = SIG_DFL;
958 + if (sigaction(SIGXCPU, &sa, NULL) < 0)
959 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGXCPU)");
962 + sa.sa_handler = SIG_IGN;
963 + if (sigaction(SIGXFSZ, &sa, NULL) < 0)
964 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGXFSZ)");
967 + sa.sa_handler = SIG_IGN;
968 + if (sigaction(SIGPIPE, &sa, NULL) < 0)
969 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGPIPE)");
972 + /* we want to ignore HUPs and AP_SIG_GRACEFUL while we're busy
973 + * processing one */
974 + sigaddset(&sa.sa_mask, SIGHUP);
975 + sigaddset(&sa.sa_mask, AP_SIG_GRACEFUL);
976 + sa.sa_handler = restart;
977 + if (sigaction(SIGHUP, &sa, NULL) < 0)
978 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGHUP)");
979 + if (sigaction(AP_SIG_GRACEFUL, &sa, NULL) < 0)
980 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(" AP_SIG_GRACEFUL_STRING ")");
982 + if (!one_process) {
983 + apr_signal(SIGSEGV, sig_coredump);
985 + apr_signal(SIGBUS, sig_coredump);
988 + apr_signal(SIGABORT, sig_coredump);
989 +#endif /* SIGABORT */
991 + apr_signal(SIGABRT, sig_coredump);
992 +#endif /* SIGABRT */
994 + apr_signal(SIGILL, sig_coredump);
997 + apr_signal(SIGXCPU, SIG_DFL);
998 +#endif /* SIGXCPU */
1000 + apr_signal(SIGXFSZ, SIG_DFL);
1001 +#endif /* SIGXFSZ */
1004 + apr_signal(SIGTERM, sig_term);
1006 + apr_signal(SIGHUP, restart);
1007 +#endif /* SIGHUP */
1008 +#ifdef AP_SIG_GRACEFUL
1009 + apr_signal(AP_SIG_GRACEFUL, restart);
1010 +#endif /* AP_SIG_GRACEFUL */
1012 + apr_signal(SIGPIPE, SIG_IGN);
1013 +#endif /* SIGPIPE */
1018 +/*****************************************************************
1019 + * Child process main loop.
1020 + * The following vars are static to avoid getting clobbered by longjmp();
1021 + * they are really private to child_main.
1024 +static int requests_this_child;
1025 +static int num_listensocks = 0;
1026 +static ap_listen_rec *listensocks;
1028 +int ap_graceful_stop_signalled(void)
1030 + /* not ever called anymore... */
1034 +static void process_socket(apr_pool_t *p, apr_socket_t *sock, long conn_id,
1035 + apr_bucket_alloc_t *bucket_alloc)
1037 + conn_rec *current_conn;
1040 + ap_sb_handle_t *sbh;
1042 + if ((rv = apr_os_sock_get(&sock_fd, sock)) != APR_SUCCESS)
1044 + ap_log_error(APLOG_MARK, APLOG_ERR, rv, NULL, "apr_os_sock_get");
1047 + _DBG("child_num=%d sock=%ld sock_fd=%d\n", my_child_num, sock, sock_fd);
1049 + switch (CHILD_INFO_TABLE[my_child_num].type)
1051 + case CHILD_TYPE_MULTIPLEXER:
1052 + _DBG("type=MULTIPLEXER %d", my_child_num);
1054 + case CHILD_TYPE_PROCESSOR:
1055 + _DBG("type=PROCESSOR %d", my_child_num);
1058 + _DBG("type UNKNOWN! %d", my_child_num);
1061 + if (sock_fd >= FD_SETSIZE)
1063 + ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL,
1064 + "new file descriptor %d is too large; you probably need "
1065 + "to rebuild Apache with a larger FD_SETSIZE "
1067 + sock_fd, FD_SETSIZE);
1068 + apr_socket_close(sock);
1069 + _DBG("child_num=%d: exiting with error", my_child_num);
1073 + if (CHILD_INFO_TABLE[my_child_num].sock_fd < 0)
1075 + ap_sock_disable_nagle(sock);
1078 + ap_create_sb_handle(&sbh, p, conn_id, 0);
1079 + current_conn = ap_run_create_connection(p, ap_server_conf, sock, conn_id,
1080 + sbh, bucket_alloc);
1084 + ap_process_connection(current_conn, sock);
1085 + ap_lingering_close(current_conn);
1089 +static peruser_process_connection(conn_rec *conn)
1091 + ap_filter_t *filter;
1092 + apr_bucket_brigade *bb;
1093 + core_net_rec *net;
1095 + _DBG("function entered",0);
1097 + /* -- fetch our sockets from the pool -- */
1098 + apr_pool_userdata_get((void **)&bb, "PERUSER_SOCKETS", conn->pool);
1101 + /* -- find the 'core' filter and give the socket data to it -- */
1102 + for (filter = conn->output_filters; filter != NULL; filter = filter->next)
1104 + if (!strcmp(filter->frec->name, "core")) break;
1106 + if (filter != NULL)
1108 + net = filter->ctx;
1109 + net->in_ctx = apr_palloc(conn->pool, sizeof(*net->in_ctx));
1110 + net->in_ctx->b = bb;
1113 + _DBG("leaving (DECLINED)", 0);
1117 +static int total_processors(peruser_server_conf* sconf)
1121 + for(i = 0, total = 0; i < NUM_CHILDS; ++i)
1123 + if(CHILD_INFO_TABLE[i].uid == sconf->uid &&
1124 + CHILD_INFO_TABLE[i].gid == sconf->gid &&
1125 + !strcmp(CHILD_INFO_TABLE[i].chroot, sconf->chroot))
1134 +static int idle_processors(peruser_server_conf* sconf)
1138 + for(i = 0, total = 0; i < NUM_CHILDS; ++i)
1140 + if(CHILD_INFO_TABLE[i].uid == sconf->uid &&
1141 + CHILD_INFO_TABLE[i].gid == sconf->gid &&
1142 + !strcmp(CHILD_INFO_TABLE[i].chroot, sconf->chroot) &&
1143 + ap_scoreboard_image->servers[i][0].status == SERVER_READY)
1152 +static child_info_t* find_next_multiplexer()
1156 + _DBG("function entered", 0);
1158 + for(i = 0; i < NUM_CHILDS; ++i)
1160 + if(CHILD_INFO_TABLE[i].type == CHILD_TYPE_MULTIPLEXER)
1161 + return &CHILD_INFO_TABLE[i];
1167 +static child_info_t* find_next_processor(peruser_server_conf* sconf)
1171 + _DBG("function entered", 0);
1172 + _DBG("uid=%d gid=%d chroot=%s", sconf->uid, sconf->gid, sconf->chroot);
1176 + for(i = 0; i < NUM_CHILDS; i++)
1178 + if(CHILD_INFO_TABLE[i].type == CHILD_TYPE_PROCESSOR &&
1179 + CHILD_INFO_TABLE[i].uid == sconf->uid &&
1180 + CHILD_INFO_TABLE[i].gid == sconf->gid &&
1181 + !strcmp(CHILD_INFO_TABLE[i].chroot, sconf->chroot) &&
1182 + (CHILD_INFO_TABLE[i].status == CHILD_STATUS_STANDBY ||
1183 + CHILD_INFO_TABLE[i].status == CHILD_STATUS_ACTIVE))
1185 + _DBG("checking child #%d (%d, %d, %s)", i,
1186 + CHILD_INFO_TABLE[i].uid,
1187 + CHILD_INFO_TABLE[i].gid,
1188 + CHILD_INFO_TABLE[i].chroot);
1190 + if(CHILD_INFO_TABLE[i].status == CHILD_STATUS_STANDBY)
1191 + return &CHILD_INFO_TABLE[i];
1199 + /* the plan: pick the processor that's been idle the longest.
1200 + prefer ones in the SERVER_READY state */
1202 + if(ap_scoreboard_image->servers[match][0].status != SERVER_READY &&
1203 + ap_scoreboard_image->servers[i][0].status == SERVER_READY)
1206 + if(ap_scoreboard_image->servers[i][0].status ==
1207 + ap_scoreboard_image->servers[match][0].status &&
1208 + ap_scoreboard_image->servers[i][0].last_used <
1209 + ap_scoreboard_image->servers[match][0].last_used)
1214 + if(match == -1) return NULL;
1215 + return &CHILD_INFO_TABLE[match];
1218 +static int pass_request(request_rec *r, child_info_t *processor)
1221 + struct msghdr msg;
1222 + struct cmsghdr *cmsg;
1224 + char *bodypart = NULL;
1225 + struct iovec iov[2];
1226 + conn_rec *c = r->connection;
1227 + apr_bucket_brigade *bb = apr_brigade_create(r->pool, c->bucket_alloc);
1228 + apr_bucket_brigade *bodypart_bb = NULL;
1229 + apr_size_t len = 0;
1230 + apr_size_t bodypart_len = 0;
1232 + apr_bucket *bucket;
1233 + const apr_array_header_t *headers_in_array;
1234 + const apr_table_entry_t *headers_in;
1237 + apr_socket_t *thesock = ap_get_module_config(r->connection->conn_config, &core_module);
1238 + peruser_server_conf *sconf = PERUSER_SERVER_CONF(r->server->module_config);
1240 + if ((!r->the_request) || (!strlen(r->the_request)))
1242 + _DBG("empty request. dropping it (%ld)", r->the_request);
1248 + _DBG("server %s in child %d has no child_info associated",
1249 + r->hostname, my_child_num);
1253 + _DBG("passing request to another child. Vhost: %s, child %d %d",
1254 + apr_table_get(r->headers_in, "Host"), my_child_num, processor->output);
1255 + _DBG("r->the_request=\"%s\" len=%d", r->the_request, strlen(r->the_request));
1257 + ap_get_brigade(r->connection->input_filters, bb, AP_MODE_EXHAUSTIVE, APR_NONBLOCK_READ, len);
1259 + /* Scan the brigade looking for heap-buckets */
1261 + _DBG("Scanning the brigade",0);
1262 + bucket = APR_BRIGADE_FIRST(bb);
1263 + while (bucket != APR_BRIGADE_SENTINEL(bb) &&
1264 + APR_BUCKET_IS_HEAP(bucket)) {
1265 + _DBG("HEAP BUCKET is found, length=%d", bucket->length);
1266 + bucket = APR_BUCKET_NEXT(bucket);
1267 + if (!APR_BUCKET_IS_HEAP(bucket)) {
1268 + _DBG("NON-HEAP BUCKET is found, extracting the part of brigade before it",0);
1270 + bb = apr_brigade_split(bodypart_bb, bucket);
1271 + /* Do we need to apr_destroy_brigade(bb) here?
1272 + * Yeah, I know we do apr_pool_destroy(r->pool) before return, but
1273 + * ap_get_brigade is in non-blocking mode (however len is zero).
1275 + if (apr_brigade_pflatten(bodypart_bb, &bodypart, &bodypart_len, r->pool) != APR_SUCCESS) {
1276 + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
1277 + "Unable to flatten brigade, declining request");
1278 + apr_pool_destroy(r->pool);
1281 + _DBG("Brigade is flattened as bodypart (bodypart_len=%d)", bodypart_len);
1284 + _DBG("Scanning is finished",0);
1286 + apr_os_sock_get(&sock_fd, thesock);
1290 + headers_in_array = apr_table_elts(r->headers_in);
1291 + headers_in = (const apr_table_entry_t *) headers_in_array->elts;
1293 + h.headers = apr_pstrcat(h.p, r->the_request, CRLF, NULL);
1294 + for (counter = 0; counter < headers_in_array->nelts; counter++) {
1295 + if (headers_in[counter].key == NULL
1296 + || headers_in[counter].val == NULL) {
1299 + h.headers = apr_pstrcat(h.p, h.headers, headers_in[counter].key, ": ",
1300 + headers_in[counter].val, CRLF, NULL);
1303 + h.headers = apr_pstrcat(h.p, h.headers, CRLF, NULL);
1304 + ap_xlate_proto_to_ascii(h.headers, strlen(h.headers));
1306 + iov[0].iov_base = &bodypart_len;
1307 + iov[0].iov_len = sizeof(bodypart_len);
1308 + iov[1].iov_base = h.headers;
1309 + iov[1].iov_len = strlen(h.headers) + 1;
1311 + msg.msg_name = NULL;
1312 + msg.msg_namelen = 0;
1313 + msg.msg_iov = iov;
1314 + msg.msg_iovlen = 2;
1316 + cmsg = apr_palloc(r->pool, sizeof(*cmsg) + sizeof(sock_fd));
1317 + cmsg->cmsg_len = sizeof(*cmsg) + sizeof(sock_fd);
1318 + cmsg->cmsg_level = SOL_SOCKET;
1319 + cmsg->cmsg_type = SCM_RIGHTS;
1321 + memcpy(CMSG_DATA(cmsg), &sock_fd, sizeof(sock_fd));
1323 + msg.msg_control = cmsg;
1324 + msg.msg_controllen = cmsg->cmsg_len;
1327 + if (processor->status == CHILD_STATUS_STANDBY)
1329 + _DBG("Activating child #%d", processor->id);
1330 + processor->status = CHILD_STATUS_STARTING;
1333 + while (processor->status != CHILD_STATUS_ACTIVE)
1335 + _DBG("Waiting for child #%d...", processor->id);
1339 + _DBG("Writing message to %d, passing sock_fd: %d", processor->output, sock_fd);
1340 + _DBG("headers=\"%s\"", h.headers);
1341 + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
1342 + "Writing message to %d, passing sd: %d", processor->output, sock_fd);
1344 + if ((rv = sendmsg(processor->output, &msg, 0)) == -1)
1346 + apr_pool_destroy(r->pool);
1347 + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
1348 + "Writing message failed %d %d", rv, errno);
1352 + _DBG("Writing message succeeded %d", rv);
1353 + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
1354 + "Writing message succeeded %d", rv);
1356 + if (bodypart_len) {
1357 + _DBG("Passing bodypart (bodypart_len=%d) \"%s\"", bodypart_len, bodypart);
1358 + if ((rv = send(processor->output, bodypart, bodypart_len, 0)) == -1) {
1359 + apr_pool_destroy(r->pool);
1360 + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
1361 + "Writing message failed %d %d", rv, errno);
1364 + _DBG("Writing message succeeded %d", rv);
1365 + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
1366 + "Writing message succeeded %d", rv);
1368 + _DBG("No bodypart",0);
1371 + /* -- close the socket at our site -- */
1372 + apr_socket_close(thesock);
1373 + /* DS: What is the purpose of this?
1374 + * apr_socket_close(processor->output) seems more reasonable
1376 + _DBG("closing socket %d at our side", sock_fd);
1377 + apr_pool_destroy(r->pool);
1382 +static apr_status_t receive_from_multiplexer(
1383 + void **trans_sock, /* will be filled out w/ the received socket */
1384 + ap_listen_rec *lr, /* listener to receive from */
1385 + apr_pool_t *ptrans /* transaction wide pool */
1388 + struct msghdr msg;
1389 + struct cmsghdr *cmsg;
1390 + char headers[HUGE_STRING_LEN];
1392 + apr_size_t bodypart_len;
1393 + struct iovec iov[2];
1395 + apr_os_sock_t ctrl_sock_fd;
1396 + apr_os_sock_t trans_sock_fd;
1398 + /* -- bucket's, brigades and their allocators */
1399 + apr_bucket_alloc_t *alloc = apr_bucket_alloc_create(ptrans);
1400 + apr_bucket_brigade *bb = apr_brigade_create(ptrans, alloc);
1401 + apr_bucket *bucket;
1403 + /* prepare the buffers for receiving data from remote side */
1404 + iov[0].iov_base = &bodypart_len;
1405 + iov[0].iov_len = sizeof(bodypart_len);
1406 + iov[1].iov_base = headers;
1407 + iov[1].iov_len = HUGE_STRING_LEN;
1409 + cmsg = apr_palloc(ptrans, sizeof(*cmsg) + sizeof(trans_sock_fd));
1410 + cmsg->cmsg_len = sizeof(*cmsg) + sizeof(trans_sock_fd);
1412 + msg.msg_name = NULL;
1413 + msg.msg_namelen = 0;
1414 + msg.msg_iov = iov;
1415 + msg.msg_iovlen = 2;
1416 + msg.msg_control = cmsg;
1417 + msg.msg_controllen = cmsg->cmsg_len;
1419 + /* -- receive data from socket -- */
1420 + apr_os_sock_get(&ctrl_sock_fd, lr->sd);
1421 + _DBG("receiving from sock_fd=%d", ctrl_sock_fd);
1422 + ret = recvmsg(ctrl_sock_fd, &msg, 0);
1424 + /* -- extract socket from the cmsg -- */
1425 + memcpy(&trans_sock_fd, CMSG_DATA(cmsg), sizeof(trans_sock_fd));
1426 + apr_os_sock_put((apr_socket_t **)trans_sock, &trans_sock_fd, ptrans);
1427 + apr_os_sock_get(&fd_tmp, *trans_sock);
1430 + _DBG("trans_sock=%ld fdx=%d sock_fd=%d",
1431 + *trans_sock, trans_sock_fd, fd_tmp);
1433 + _DBG("headers=\"%s\"", headers);
1435 + /* -- store received data into an brigade and add
1436 + it to the current transaction's pool -- */
1437 + bucket = apr_bucket_eos_create(alloc);
1438 + APR_BRIGADE_INSERT_HEAD(bb, bucket);
1439 + bucket = apr_bucket_socket_create(*trans_sock, alloc);
1440 + APR_BRIGADE_INSERT_HEAD(bb, bucket);
1442 + /* Receive the bodypart (if there is one) and insert it in the brigade */
1443 + if (bodypart_len) {
1444 + _DBG("Receiving the bodypart (bodypart_len=%d)", bodypart_len);
1445 + bodypart = apr_palloc(ptrans, bodypart_len);
1446 + ret = recv(ctrl_sock_fd, bodypart, HUGE_STRING_LEN, 0);
1448 + _DBG("bodypart=\"%s\"", bodypart);
1449 + bucket = apr_bucket_heap_create(bodypart,
1450 + bodypart_len, NULL, alloc);
1451 + APR_BRIGADE_INSERT_HEAD(bb, bucket);
1453 + _DBG("There is no bodypart",0);
1456 + bucket = apr_bucket_heap_create(headers,
1457 + strlen(headers), NULL, alloc);
1458 + /* DS: I really don't like that strlen here */
1460 + APR_BRIGADE_INSERT_HEAD(bb, bucket);
1461 + apr_pool_userdata_set(bb, "PERUSER_SOCKETS", NULL, ptrans);
1463 + _DBG("returning 0", 0);
1468 +/* Set group privileges.
1470 + * Note that we use the username as set in the config files, rather than
1471 + * the lookup of to uid --- the same uid may have multiple passwd entries,
1472 + * with different sets of groups for each.
1475 +static int set_group_privs(uid_t uid, gid_t gid)
1481 + /* Get username if passed as a uid */
1483 + struct passwd *ent;
1485 + if ((ent = getpwuid(uid)) == NULL)
1487 + ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL,
1488 + "getpwuid: couldn't determine user name from uid %u, "
1489 + "you probably need to modify the User directive",
1494 + name = ent->pw_name;
1497 + * Set the GID before initgroups(), since on some platforms
1498 + * setgid() is known to zap the group list.
1500 + if (setgid(gid) == -1)
1502 + ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL,
1503 + "setgid: unable to set group id to Group %u",
1508 + /* Reset `groups' attributes. */
1510 + if (initgroups(name, gid) == -1)
1512 + ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL,
1513 + "initgroups: unable to set groups for User %s "
1514 + "and Group %u", name, (unsigned)gid);
1521 +static int peruser_setup_child(int childnum)
1523 + child_info_t *ug = &CHILD_INFO_TABLE[childnum];
1525 + if (ug->uid == -1 && ug->gid == -1) {
1526 + return unixd_setup_child();
1528 + if (set_group_privs(ug->uid, ug->gid)) {
1531 + /* Only try to switch if we're running as root */
1535 + os_init_job_environment(ap_server_conf, unixd_config.user_name,
1536 + one_process) != 0 ||
1538 + setuid(ug->uid) == -1)) {
1539 + ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL,
1540 + "setuid: unable to change to uid: %ld",
1547 +static int check_signal(int signum)
1549 + _DBG("signum=%d", signum);
1559 +/* Send a single HTTP header field to the client. Note that this function
1560 + * is used in calls to table_do(), so their interfaces are co-dependent.
1561 + * In other words, don't change this one without checking table_do in alloc.c.
1562 + * It returns true unless there was a write error of some kind.
1564 +static int peruser_header_field(peruser_header *h,
1565 + const char *fieldname, const char *fieldval)
1567 + apr_pstrcat(h->p, h->headers, fieldname, ": ", fieldval, CRLF, NULL);
1571 +static inline ap_listen_rec* listen_add(apr_pool_t* pool, apr_socket_t *sock, void* accept_func)
1573 + ap_listen_rec *lr_walk, *lr_new;
1575 + _DBG("function entered", 0);
1576 + /* -- create an new listener for this child -- */
1577 + lr_new = apr_palloc(pool, sizeof(*lr_new));
1578 + lr_new->sd = sock;
1579 + lr_new->active = 1;
1580 + lr_new->accept_func = accept_func;
1581 + lr_new->next = NULL;
1583 + /* -- add the new listener_rec into the list -- */
1584 + /* FIXME: should we somehow lock this list ? */
1585 + if (lr_walk = ap_listeners)
1587 + while (lr_walk->next) lr_walk = lr_walk->next;
1588 + lr_walk->next = lr_new;
1592 + ap_listeners = lr_walk = lr_new;
1594 + num_listensocks++;
1598 +static inline void listen_clear()
1600 + ap_listen_rec *lr_walk;
1602 + _DBG("function entered", 0);
1604 + /* FIXME: should we somehow lock this list ? */
1605 + while (ap_listeners)
1607 + lr_walk = ap_listeners->next;
1608 + apr_socket_close(ap_listeners->sd);
1609 + ap_listeners = lr_walk;
1611 + num_listensocks=0;
1614 +apr_status_t cleanup_child_info(void *d)
1616 + if (child_info_image == NULL) {
1617 + return APR_SUCCESS;
1620 + free(child_info_image);
1621 + child_info_image = NULL;
1622 + apr_shm_destroy(child_info_shm);
1624 + return APR_SUCCESS;
1627 +static void child_main(int child_num_arg)
1629 + apr_pool_t *ptrans;
1630 + apr_allocator_t *allocator;
1631 + conn_rec *current_conn;
1632 + apr_status_t status = APR_EINIT;
1634 + ap_listen_rec *lr;
1635 + int curr_pollfd, last_pollfd = 0;
1636 + apr_pollfd_t *pollset;
1638 + ap_sb_handle_t *sbh;
1640 + apr_bucket_alloc_t *bucket_alloc;
1646 + my_child_num = child_num_arg;
1647 + ap_my_pid = getpid();
1648 + requests_this_child = 0;
1650 + _DBG("sock_fd_in=%d sock_fd_out=%d",
1651 + CHILD_INFO_TABLE[my_child_num].input,
1652 + CHILD_INFO_TABLE[my_child_num].output);
1654 + /* Get a sub context for global allocations in this child, so that
1655 + * we can have cleanups occur when the child exits.
1657 + apr_allocator_create(&allocator);
1658 + apr_allocator_max_free_set(allocator, ap_max_mem_free);
1659 + apr_pool_create_ex(&pchild, pconf, NULL, allocator);
1660 + apr_allocator_owner_set(allocator, pchild);
1662 + apr_pool_create(&ptrans, pchild);
1663 + apr_pool_tag(ptrans, "transaction");
1665 + /* needs to be done before we switch UIDs so we have permissions */
1666 + ap_reopen_scoreboard(pchild, NULL, 0);
1668 + rv = apr_proc_mutex_child_init(&accept_mutex, ap_lock_fname, pchild);
1669 + if (rv != APR_SUCCESS) {
1670 + ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
1671 + "Couldn't initialize cross-process lock in child");
1672 + clean_child_exit(APEXIT_CHILDFATAL);
1675 + if(CHILD_INFO_TABLE[my_child_num].chroot) {
1676 + _DBG("chroot to %s", CHILD_INFO_TABLE[my_child_num].chroot);
1677 + if(chroot(CHILD_INFO_TABLE[my_child_num].chroot)) {
1678 + _DBG("chroot failure %s", CHILD_INFO_TABLE[my_child_num].chroot);
1683 + switch(CHILD_INFO_TABLE[my_child_num].type)
1685 + case CHILD_TYPE_MULTIPLEXER:
1686 + _DBG("MULTIPLEXER %d", my_child_num);
1688 + /* update status on processors that are ready to accept requests */
1689 + _DBG("updating processor stati", 0);
1690 + for(i = 0; i < NUM_CHILDS; ++i)
1692 + if(CHILD_INFO_TABLE[i].status == CHILD_STATUS_READY)
1693 + CHILD_INFO_TABLE[i].status = CHILD_STATUS_ACTIVE;
1698 + case CHILD_TYPE_PROCESSOR:
1699 + _DBG("PROCESSOR %d", my_child_num);
1701 + /* -- create new listener to receive from multiplexer -- */
1702 + apr_os_sock_put((void*)&sock, &CHILD_INFO_TABLE[my_child_num].input, pconf);
1704 + listen_add(pconf, sock, receive_from_multiplexer);
1709 + _DBG("unspecified child type for %d sleeping a while ...", my_child_num);
1714 + apr_os_file_get(&fd, pipe_of_death_in);
1715 + apr_os_sock_put((void*)&pod_sock, &fd, pconf);
1716 + listen_add(pconf, pod_sock, check_pipe_of_death);
1718 + (peruser_setup_child(my_child_num) && clean_child_exit(APEXIT_CHILDFATAL));
1719 + ap_run_child_init(pchild, ap_server_conf);
1721 + ap_create_sb_handle(&sbh, pchild, my_child_num, 0);
1722 + (void) ap_update_child_status(sbh, SERVER_READY, (request_rec *) NULL);
1724 + /* Set up the pollfd array */
1725 + listensocks = apr_pcalloc(pchild,
1726 + sizeof(*listensocks) * (num_listensocks));
1727 + for (lr = ap_listeners, i = 0; i < num_listensocks; lr = lr->next, i++) {
1728 + listensocks[i].accept_func = lr->accept_func;
1729 + listensocks[i].sd = lr->sd;
1732 + pollset = apr_palloc(pchild, sizeof(*pollset) * num_listensocks);
1733 + pollset[0].p = pchild;
1734 + for (i = 0; i < num_listensocks; i++) {
1735 + pollset[i].desc.s = listensocks[i].sd;
1736 + pollset[i].desc_type = APR_POLL_SOCKET;
1737 + pollset[i].reqevents = APR_POLLIN;
1740 + bucket_alloc = apr_bucket_alloc_create(pchild);
1742 + while (!die_now) {
1744 + * (Re)initialize this child to a pre-connection state.
1747 + current_conn = NULL;
1749 + apr_pool_clear(ptrans);
1751 + if ((ap_max_requests_per_child > 0
1752 + && requests_this_child++ >= ap_max_requests_per_child)) {
1753 + _DBG("max requests reached, dying now", 0);
1754 + clean_child_exit(0);
1757 + (void) ap_update_child_status(sbh, SERVER_READY, (request_rec *) NULL);
1760 + * Wait for an acceptable connection to arrive.
1763 + /* Lock around "accept", if necessary */
1764 + SAFE_ACCEPT(accept_mutex_on());
1766 + if (num_listensocks == 1) {
1770 + /* multiple listening sockets - need to poll */
1775 + ret = apr_poll(pollset, num_listensocks, &n, -1);
1776 + if (ret != APR_SUCCESS) {
1777 + if (APR_STATUS_IS_EINTR(ret)) {
1780 + /* Single Unix documents select as returning errnos
1781 + * EBADF, EINTR, and EINVAL... and in none of those
1782 + * cases does it make sense to continue. In fact
1783 + * on Linux 2.0.x we seem to end up with EFAULT
1784 + * occasionally, and we'd loop forever due to it.
1786 + ap_log_error(APLOG_MARK, APLOG_ERR, ret, ap_server_conf,
1787 + "apr_poll: (listen)");
1788 + clean_child_exit(1);
1790 + /* find a listener */
1791 + curr_pollfd = last_pollfd;
1794 + if (curr_pollfd >= num_listensocks) {
1797 + /* XXX: Should we check for POLLERR? */
1798 + if (pollset[curr_pollfd].rtnevents & APR_POLLIN) {
1799 + last_pollfd = curr_pollfd;
1800 + offset = curr_pollfd;
1803 + } while (curr_pollfd != last_pollfd);
1809 + _DBG("input available ... resetting socket.",0);
1810 + sock = NULL; /* important! */
1812 + /* if we accept() something we don't want to die, so we have to
1815 + status = listensocks[offset].accept_func(&sock, &listensocks[offset], ptrans);
1816 + SAFE_ACCEPT(accept_mutex_off()); /* unlock after "accept" */
1818 + if (status == APR_EGENERAL) {
1819 + /* resource shortage or should-not-occur occured */
1820 + clean_child_exit(1);
1822 + else if (status != APR_SUCCESS) {
1826 + if (!setjmp(CHILD_INFO_TABLE[my_child_num].jmpbuffer))
1828 + _DBG("marked jmpbuffer",0);
1829 + _TRACE_CALL("process_socket()",0);
1830 + process_socket(ptrans, sock, my_child_num, bucket_alloc);
1831 + _TRACE_RET("process_socket()",0);
1835 + _DBG("landed from longjmp",0);
1836 + CHILD_INFO_TABLE[my_child_num].sock_fd = AP_PERUSER_THISCHILD;
1839 + /* Check the pod and the generation number after processing a
1840 + * connection so that we'll go away if a graceful restart occurred
1841 + * while we were processing the connection or we are the lucky
1842 + * idle server process that gets to die.
1844 + if (ap_mpm_pod_check(pod) == APR_SUCCESS) { /* selected as idle? */
1845 + _DBG("ap_mpm_pod_check(pod) = APR_SUCCESS; dying now", 0);
1848 + else if (ap_my_generation !=
1849 + ap_scoreboard_image->global->running_generation) { /* restart? */
1850 + /* yeah, this could be non-graceful restart, in which case the
1851 + * parent will kill us soon enough, but why bother checking?
1853 + _DBG("ap_my_generation != ap_scoreboard_image->global->running_generation; dying now", 0);
1857 + if(CHILD_INFO_TABLE[my_child_num].status == CHILD_STATUS_RESTART)
1859 + _DBG("Multiplexer: restarting", 0);
1863 + clean_child_exit(0);
1866 +static const char* child_clone()
1868 + child_info_t *this;
1869 + child_info_t *new;
1871 + _DBG("cloning child #%d from #%d", NUM_CHILDS, my_child_num);
1873 + if(NUM_CHILDS >= server_limit)
1875 + return "Trying to use more child ID's than NumServers. "
1876 + "Increase NumServers in your config file.";
1879 + this = &CHILD_INFO_TABLE[my_child_num];
1880 + new = &CHILD_INFO_TABLE[NUM_CHILDS];
1882 + new->uid = this->uid;
1883 + new->gid = this->gid;
1884 + new->type = this->type;
1885 + new->chroot = this->chroot;
1886 + new->sock_fd = this->sock_fd;
1887 + new->status = CHILD_STATUS_STARTING;
1891 + child_info_image->control->num_childs++;
1895 +static const char* child_add(int type, int status,
1896 + uid_t uid, gid_t gid, const char* chroot)
1901 + _DBG("adding child #%d", NUM_CHILDS);
1903 + if(NUM_CHILDS >= server_limit)
1905 + return "Trying to use more child ID's than NumServers. "
1906 + "Increase NumServers in your config file.";
1909 + CHILD_INFO_TABLE[NUM_CHILDS].uid = uid;
1910 + CHILD_INFO_TABLE[NUM_CHILDS].gid = gid;
1911 + CHILD_INFO_TABLE[NUM_CHILDS].type = type;
1912 + CHILD_INFO_TABLE[NUM_CHILDS].chroot = chroot;
1913 + CHILD_INFO_TABLE[NUM_CHILDS].sock_fd = AP_PERUSER_THISCHILD;
1914 + CHILD_INFO_TABLE[NUM_CHILDS].status = status;
1916 + socketpair(PF_UNIX, SOCK_STREAM, 0, socks);
1917 + CHILD_INFO_TABLE[NUM_CHILDS].input = socks[0];
1918 + CHILD_INFO_TABLE[NUM_CHILDS].output = socks[1];
1920 + _DBG("[%d] uid=%d gid=%d type=%d fd_in=%d fd_out=%d chroot=%s",
1922 + CHILD_INFO_TABLE[NUM_CHILDS].uid,
1923 + CHILD_INFO_TABLE[NUM_CHILDS].gid,
1924 + CHILD_INFO_TABLE[NUM_CHILDS].type,
1925 + CHILD_INFO_TABLE[NUM_CHILDS].input,
1926 + CHILD_INFO_TABLE[NUM_CHILDS].output,
1927 + CHILD_INFO_TABLE[NUM_CHILDS].chroot);
1929 + if (CHILD_INFO_TABLE[NUM_CHILDS].uid == 0 ||
1930 + CHILD_INFO_TABLE[NUM_CHILDS].gid == 0)
1932 + _DBG("Assigning root user/group to a child.",0);
1935 + child_info_image->control->num_childs++;
1939 +static int make_child(server_rec *s, int slot)
1943 + child_info_t *multiplexer;
1945 + _DBG("function entered", 0);
1947 + switch (CHILD_INFO_TABLE[slot].type)
1949 + case CHILD_TYPE_MULTIPLEXER: break;
1950 + case CHILD_TYPE_PROCESSOR: break;
1952 + _DBG("no valid client in slot %d", slot);
1957 + if (slot + 1 > ap_max_daemons_limit) {
1958 + ap_max_daemons_limit = slot + 1;
1961 + if (one_process) {
1962 + apr_signal(SIGHUP, just_die);
1963 + /* Don't catch AP_SIG_GRACEFUL in ONE_PROCESS mode :) */
1964 + apr_signal(SIGINT, just_die);
1966 + apr_signal(SIGQUIT, SIG_DFL);
1968 + apr_signal(SIGTERM, just_die);
1972 + (void) ap_update_child_status_from_indexes(slot, 0, SERVER_STARTING,
1973 + (request_rec *) NULL);
1975 + if(CHILD_INFO_TABLE[slot].input == -1 &&
1976 + CHILD_INFO_TABLE[slot].output == -1)
1978 + socketpair(PF_UNIX, SOCK_STREAM, 0, socks);
1979 + CHILD_INFO_TABLE[slot].input = socks[0];
1980 + CHILD_INFO_TABLE[slot].output = socks[1];
1982 + if(!(multiplexer = find_next_multiplexer()))
1984 + _DBG("no multiplexer found!", 0);
1989 + CHILD_INFO_TABLE[slot].status = CHILD_STATUS_READY;
1990 + multiplexer->status = CHILD_STATUS_RESTART;
1992 + _DBG("New processor added: signaling multiplexer to restart", 0);
1996 + CHILD_INFO_TABLE[slot].status = CHILD_STATUS_ACTIVE;
2001 + /* BS2000 requires a "special" version of fork() before a setuid() call */
2002 + if ((pid = os_fork(unixd_config.user_name)) == -1) {
2004 + if ((pid = os_fork(s, slot)) == -1) {
2006 + if ((pid = fork()) == -1) {
2008 + ap_log_error(APLOG_MARK, APLOG_ERR, errno, s, "fork: Unable to fork new process");
2010 + /* fork didn't succeed. Fix the scoreboard or else
2011 + * it will say SERVER_STARTING forever and ever
2013 + (void) ap_update_child_status_from_indexes(slot, 0, SERVER_DEAD,
2014 + (request_rec *) NULL);
2016 + /* In case system resources are maxxed out, we don't want
2017 + Apache running away with the CPU trying to fork over and
2018 + over and over again. */
2025 +#ifdef HAVE_BINDPROCESSOR
2026 + /* by default AIX binds to a single processor
2027 + * this bit unbinds children which will then bind to another cpu
2029 + int status = bindprocessor(BINDPROCESS, (int)getpid(),
2030 + PROCESSOR_CLASS_ANY);
2031 + if (status != OK) {
2032 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno,
2033 + ap_server_conf, "processor unbind failed %d", status);
2036 + RAISE_SIGSTOP(MAKE_CHILD);
2038 + /* Disable the parent's signal handlers and set up proper handling in
2041 + apr_signal(SIGHUP, just_die);
2042 + apr_signal(SIGTERM, just_die);
2043 + /* The child process doesn't do anything for AP_SIG_GRACEFUL.
2044 + * Instead, the pod is used for signalling graceful restart.
2046 + /* apr_signal(AP_SIG_GRACEFUL, restart); */
2048 + clean_child_exit(0);
2051 + ap_scoreboard_image->parent[slot].pid = pid;
2052 + CHILD_INFO_TABLE[slot].pid = pid;
2054 + ap_child_table[slot].pid = pid;
2055 + ap_child_table[slot].status = SERVER_ALIVE;
2062 + * idle_spawn_rate is the number of children that will be spawned on the
2063 + * next maintenance cycle if there aren't enough idle servers. It is
2064 + * doubled up to MAX_SPAWN_RATE, and reset only when a cycle goes by
2065 + * without the need to spawn.
2067 +static int idle_spawn_rate = 1;
2068 +#ifndef MAX_SPAWN_RATE
2069 +#define MAX_SPAWN_RATE (32)
2071 +static int hold_off_on_exponential_spawning;
2073 +static void perform_idle_server_maintenance(apr_pool_t *p)
2077 + /* _DBG("function entered", 0); */
2079 + for (i = 0; i < NUM_CHILDS; ++i)
2081 + if(CHILD_INFO_TABLE[i].pid == 0 &&
2082 + CHILD_INFO_TABLE[i].status == CHILD_STATUS_STARTING)
2083 + make_child(ap_server_conf, i);
2088 +/*****************************************************************
2089 + * Executive routines.
2092 +int ap_mpm_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s)
2094 + int remaining_children_to_start;
2098 + apr_size_t one = 1;
2099 + apr_socket_t *sock = NULL;
2101 + ap_log_pid(pconf, ap_pid_fname);
2103 + first_server_limit = server_limit;
2104 + if (changed_limit_at_restart) {
2105 + ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2106 + "WARNING: Attempt to change ServerLimit "
2107 + "ignored during restart");
2108 + changed_limit_at_restart = 0;
2111 + ap_server_conf = s;
2113 + /* Initialize cross-process accept lock */
2114 + ap_lock_fname = apr_psprintf(_pconf, "%s.%" APR_PID_T_FMT,
2115 + ap_server_root_relative(_pconf, ap_lock_fname),
2118 + rv = apr_proc_mutex_create(&accept_mutex, ap_lock_fname,
2119 + ap_accept_lock_mech, _pconf);
2120 + if (rv != APR_SUCCESS) {
2121 + ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
2122 + "Couldn't create accept lock");
2127 +#if APR_USE_SYSVSEM_SERIALIZE
2128 + if (ap_accept_lock_mech == APR_LOCK_DEFAULT ||
2129 + ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
2131 + if (ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
2133 + rv = unixd_set_proc_mutex_perms(accept_mutex);
2134 + if (rv != APR_SUCCESS) {
2135 + ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
2136 + "Couldn't set permissions on cross-process lock; "
2137 + "check User and Group directives");
2143 + if (!is_graceful) {
2144 + if (ap_run_pre_mpm(s->process->pool, SB_SHARED) != OK) {
2147 + /* fix the generation number in the global score; we just got a new,
2148 + * cleared scoreboard
2150 + ap_scoreboard_image->global->running_generation = ap_my_generation;
2153 + /* Initialize the child table */
2156 + for (i = 0; i < server_limit; i++)
2158 + ap_child_table[i].pid = 0;
2162 + /* We need to put the new listeners at the end of the ap_listeners
2163 + * list. If we don't, then the pool will be cleared before the
2164 + * open_logs phase is called for the second time, and ap_listeners
2165 + * will have only invalid data. If that happens, then the sockets
2166 + * that we opened using make_sock() will be lost, and the server
2171 + apr_os_file_get(&fd, pipe_of_death_in);
2172 + apr_os_sock_put(&sock, &fd, pconf);
2174 + listen_add(pconf, sock, check_pipe_of_death);
2178 + if (one_process) {
2182 + ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
2183 + "%s configured -- resuming normal operations",
2184 + ap_get_server_version());
2185 + ap_log_error(APLOG_MARK, APLOG_INFO, 0, ap_server_conf,
2186 + "Server built: %s", ap_get_server_built());
2187 +#ifdef AP_MPM_WANT_SET_ACCEPT_LOCK_MECH
2188 + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
2189 + "AcceptMutex: %s (default: %s)",
2190 + apr_proc_mutex_name(accept_mutex),
2191 + apr_proc_mutex_defname());
2193 + restart_pending = shutdown_pending = 0;
2195 + _DBG("sizeof(child_info_t) = %d", sizeof(child_info_t));
2197 + while (!restart_pending && !shutdown_pending) {
2199 + apr_exit_why_e exitwhy;
2200 + int status, processed_status;
2201 + /* this is a memory leak, but I'll fix it later. */
2204 + ap_wait_or_timeout(&exitwhy, &status, &pid, pconf);
2206 + /* XXX: if it takes longer than 1 second for all our children
2207 + * to start up and get into IDLE state then we may spawn an
2210 + if (pid.pid != -1) {
2211 + processed_status = ap_process_child_status(&pid, exitwhy, status);
2212 + if (processed_status == APEXIT_CHILDFATAL) {
2216 + /* non-fatal death... note that it's gone in the scoreboard. */
2217 + child_slot = find_child_by_pid(&pid);
2218 + _DBG("child #%d has died ...", child_slot);
2220 + for (i = 0; i < ap_max_daemons_limit; ++i)
2222 + if (ap_child_table[i].pid == pid.pid)
2229 + if (child_slot >= 0) {
2230 + ap_child_table[child_slot].pid = 0;
2231 + _TRACE_CALL("ap_update_child_status_from_indexes", 0);
2232 + (void) ap_update_child_status_from_indexes(child_slot, 0, SERVER_DEAD,
2233 + (request_rec *) NULL);
2234 + _TRACE_RET("ap_update_child_status_from_indexes", 0);
2236 + if (processed_status == APEXIT_CHILDSICK) {
2237 + /* child detected a resource shortage (E[NM]FILE, ENOBUFS, etc)
2238 + * cut the fork rate to the minimum
2240 + _DBG("processed_status = APEXIT_CHILDSICK", 0);
2241 + idle_spawn_rate = 1;
2243 + else if(child_slot < ap_daemons_limit) {
2244 + /* we're still doing a 1-for-1 replacement of dead
2245 + * children with new children
2247 + _DBG("replacing by new child ...", 0);
2248 + make_child(ap_server_conf, child_slot);
2250 +#if APR_HAS_OTHER_CHILD
2252 + else if (apr_proc_other_child_read(&pid, status) == 0) {
2253 + _DBG("APR_HAS_OTHER_CHILD, apparently", 0);
2257 + else if (is_graceful) {
2258 + /* Great, we've probably just lost a slot in the
2259 + * scoreboard. Somehow we don't know about this
2262 + _DBG("long lost child came home, whatever that means", 0);
2264 + ap_log_error(APLOG_MARK, APLOG_WARNING,
2265 + 0, ap_server_conf,
2266 + "long lost child came home! (pid %ld)", (long)pid.pid);
2268 + /* Don't perform idle maintenance when a child dies,
2269 + * only do it when there's a timeout. Remember only a
2270 + * finite number of children can die, and it's pretty
2271 + * pathological for a lot to die suddenly.
2276 + perform_idle_server_maintenance(pconf);
2278 + shutdown_pending = os_check_server(tpf_server_name);
2279 + ap_check_signals();
2284 + if (shutdown_pending) {
2285 + /* Time to gracefully shut down:
2286 + * Kill child processes, tell them to call child_exit, etc...
2288 + if (unixd_killpg(getpgrp(), SIGTERM) < 0) {
2289 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "killpg SIGTERM");
2291 + ap_reclaim_child_processes(1); /* Start with SIGTERM */
2293 + /* cleanup pid file on normal shutdown */
2295 + const char *pidfile = NULL;
2296 + pidfile = ap_server_root_relative (pconf, ap_pid_fname);
2297 + if ( pidfile != NULL && unlink(pidfile) == 0)
2298 + ap_log_error(APLOG_MARK, APLOG_INFO,
2299 + 0, ap_server_conf,
2300 + "removed PID file %s (pid=%ld)",
2301 + pidfile, (long)getpid());
2304 + ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
2305 + "caught SIGTERM, shutting down");
2309 + /* we've been told to restart */
2310 + apr_signal(SIGHUP, SIG_IGN);
2311 + if (one_process) {
2312 + /* not worth thinking about */
2316 + /* advance to the next generation */
2317 + /* XXX: we really need to make sure this new generation number isn't in
2318 + * use by any of the children.
2320 + ++ap_my_generation;
2321 + ap_scoreboard_image->global->running_generation = ap_my_generation;
2323 + if (is_graceful) {
2324 + char char_of_death = AP_PERUSER_CHAR_OF_DEATH;
2326 + ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
2327 + "Graceful restart requested, doing restart");
2330 + /* kill off the idle ones */
2331 + ap_mpm_pod_killpg(pod, ap_max_daemons_limit);
2333 + /* This is mostly for debugging... so that we know what is still
2334 + * gracefully dealing with existing request. This will break
2335 + * in a very nasty way if we ever have the scoreboard totally
2336 + * file-based (no shared memory)
2338 + for (i = 0; i < ap_daemons_limit; ++i) {
2339 + if (ap_scoreboard_image->servers[i][0].status != SERVER_DEAD) {
2340 + ap_scoreboard_image->servers[i][0].status = SERVER_GRACEFUL;
2345 + ap_log_error(APLOG_MARK, APLOG_NOTICE, 0,
2346 + ap_server_conf, AP_SIG_GRACEFUL_STRING " received. "
2347 + "Doing graceful restart");
2349 + /* This is mostly for debugging... so that we know what is still
2350 + * gracefully dealing with existing request.
2353 + for (i = 0; i < NUM_CHILDS; ++i)
2355 + ((ap_child_table[i].pid) && (ap_child_table[i].status = SERVER_DYING));
2358 + /* give the children the signal to die */
2359 + for (i = 0; i < NUM_CHILDS;)
2361 + if ((rv = apr_file_write(pipe_of_death_out, &char_of_death, &one)) != APR_SUCCESS)
2363 + if (APR_STATUS_IS_EINTR(rv)) continue;
2364 + ap_log_error(APLOG_MARK, APLOG_WARNING, rv, ap_server_conf,
2365 + "write pipe_of_death");
2371 + /* Kill 'em off */
2372 + if (unixd_killpg(getpgrp(), SIGHUP) < 0) {
2373 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "killpg SIGHUP");
2375 + ap_reclaim_child_processes(0); /* Not when just starting up */
2376 + ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
2377 + "SIGHUP received. Attempting to restart");
2383 +/* == allocate an private server config structure == */
2384 +static void *peruser_create_config(apr_pool_t *p, server_rec *s)
2386 + peruser_server_conf *c = (peruser_server_conf *)
2387 + apr_pcalloc(p, sizeof(peruser_server_conf));
2388 + c->max_processors = 5;
2389 + c->last_child = 0;
2393 +/* This really should be a post_config hook, but the error log is already
2394 + * redirected by that point, so we need to do this in the open_logs phase.
2396 +static int peruser_open_logs(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
2401 + ap_server_conf = s;
2403 + if ((num_listensocks = ap_setup_listeners(ap_server_conf)) < 1) {
2404 + ap_log_error(APLOG_MARK, APLOG_ALERT|APLOG_STARTUP, 0,
2405 + NULL, "no listening sockets available, shutting down");
2409 + ap_log_pid(pconf, ap_pid_fname);
2411 + if ((rv = ap_mpm_pod_open(pconf, &pod))) {
2412 + ap_log_error(APLOG_MARK, APLOG_CRIT|APLOG_STARTUP, rv, NULL,
2413 + "Could not open pipe-of-death.");
2417 + if ((rv = apr_file_pipe_create(&pipe_of_death_in, &pipe_of_death_out,
2418 + pconf)) != APR_SUCCESS) {
2419 + ap_log_error(APLOG_MARK, APLOG_ERR, rv,
2420 + (const server_rec*) ap_server_conf,
2421 + "apr_file_pipe_create (pipe_of_death)");
2424 + if ((rv = apr_file_pipe_timeout_set(pipe_of_death_in, 0)) != APR_SUCCESS) {
2425 + ap_log_error(APLOG_MARK, APLOG_ERR, rv,
2426 + (const server_rec*) ap_server_conf,
2427 + "apr_file_pipe_timeout_set (pipe_of_death)");
2434 +static int peruser_pre_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp)
2436 + static int restart_num = 0;
2437 + int no_detach, debug, foreground, i;
2438 + int tmp_server_limit = DEFAULT_SERVER_LIMIT;
2439 + ap_directive_t *pdir;
2441 + apr_pool_t *global_pool;
2444 + debug = ap_exists_config_define("DEBUG");
2447 + foreground = one_process = 1;
2452 + no_detach = ap_exists_config_define("NO_DETACH");
2453 + one_process = ap_exists_config_define("ONE_PROCESS");
2454 + foreground = ap_exists_config_define("FOREGROUND");
2457 + /* sigh, want this only the second time around */
2458 + if (restart_num++ == 1) {
2461 + if (!one_process && !foreground) {
2462 + rv = apr_proc_detach(no_detach ? APR_PROC_DETACH_FOREGROUND
2463 + : APR_PROC_DETACH_DAEMONIZE);
2464 + if (rv != APR_SUCCESS) {
2465 + ap_log_error(APLOG_MARK, APLOG_CRIT, rv, NULL,
2466 + "apr_proc_detach failed");
2467 + return HTTP_INTERNAL_SERVER_ERROR;
2471 + parent_pid = ap_my_pid = getpid();
2474 + unixd_pre_config(ptemp);
2475 + ap_listen_pre_config();
2476 + ap_daemons_min_free = DEFAULT_MIN_FREE_DAEMON;
2477 + ap_max_processors = DEFAULT_MAX_PROCESSORS;
2478 + ap_daemons_limit = server_limit;
2479 + ap_pid_fname = DEFAULT_PIDLOG;
2480 + ap_lock_fname = DEFAULT_LOCKFILE;
2481 + ap_max_requests_per_child = DEFAULT_MAX_REQUESTS_PER_CHILD;
2482 + ap_extended_status = 0;
2483 +#ifdef AP_MPM_WANT_SET_MAX_MEM_FREE
2484 + ap_max_mem_free = APR_ALLOCATOR_MAX_FREE_UNLIMITED;
2487 + apr_cpystrn(ap_coredump_dir, ap_server_root, sizeof(ap_coredump_dir));
2489 + /* we need to know ServerLimit and ThreadLimit before we start processing
2490 + * the tree because we need to already have allocated child_info_table
2492 + for (pdir = ap_conftree; pdir != NULL; pdir = pdir->next)
2494 + if (!strcasecmp(pdir->directive, "ServerLimit"))
2496 + if (atoi(pdir->args) > tmp_server_limit)
2498 + tmp_server_limit = atoi(pdir->args);
2499 + if (tmp_server_limit > MAX_SERVER_LIMIT)
2501 + tmp_server_limit = MAX_SERVER_LIMIT;
2507 + _DBG("Initializing child_info_table", 0);
2508 + child_info_size = tmp_server_limit * sizeof(child_info_t) + sizeof(apr_size_t);
2510 + /* We don't want to have to recreate the scoreboard after
2511 + * restarts, so we'll create a global pool and never clean it.
2513 + rv = apr_pool_create(&global_pool, NULL);
2514 + if (rv != APR_SUCCESS) {
2515 + ap_log_error(APLOG_MARK, APLOG_CRIT, rv, NULL,
2516 + "Fatal error: unable to create global pool");
2520 + rv = apr_shm_create(&child_info_shm, child_info_size, NULL, global_pool);
2522 +/* if ((rv != APR_SUCCESS) && (rv != APR_ENOTIMPL)) { */
2523 + if (rv != APR_SUCCESS) {
2524 + _DBG("shared memory creation failed", 0);
2526 + ap_log_error(APLOG_MARK, APLOG_CRIT, rv, NULL,
2527 + "Unable to create shared memory segment "
2528 + "(anonymous shared memory failure)");
2530 + else if (rv == APR_ENOTIMPL) {
2531 + _DBG("anonymous shared memory not available", 0);
2532 + /* TODO: make up a filename and do name-based shmem */
2535 + if (rv || !(shmem = apr_shm_baseaddr_get(child_info_shm))) {
2536 + _DBG("apr_shm_baseaddr_get() failed", 0);
2537 + return HTTP_INTERNAL_SERVER_ERROR;
2540 + memset(shmem, 0, sizeof(child_info_size));
2541 + child_info_image = (child_info*)calloc(1, sizeof(child_info_size));
2542 + child_info_image->control = (child_info_control*)shmem;
2543 + shmem += sizeof(child_info_control*);
2544 + child_info_image->table = (child_info_t*)shmem;
2546 + child_info_image->control->num_childs = 0;
2548 + for (i = 0; i < tmp_server_limit; i++)
2550 + CHILD_INFO_TABLE[i].uid = -1;
2551 + CHILD_INFO_TABLE[i].gid = -1;
2552 + CHILD_INFO_TABLE[i].chroot = NULL;
2553 + CHILD_INFO_TABLE[i].input = -1;
2554 + CHILD_INFO_TABLE[i].output = -1;
2555 + CHILD_INFO_TABLE[i].type = -1;
2556 + CHILD_INFO_TABLE[i].status = CHILD_STATUS_STANDBY;
2557 + CHILD_INFO_TABLE[i].sock_fd = -3; /* -1 and -2 are taken */
2558 + CHILD_INFO_TABLE[i].id = i;
2564 +static int peruser_post_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *server_list)
2566 + ap_child_table = (ap_ctable *)apr_pcalloc(p, server_limit * sizeof(ap_ctable));
2571 +static int peruser_post_read(request_rec *r)
2573 + peruser_server_conf *sconf = PERUSER_SERVER_CONF(r->server->module_config);
2574 + child_info_t *processor;
2576 + if(CHILD_INFO_TABLE[my_child_num].type == CHILD_TYPE_MULTIPLEXER)
2577 + processor = find_next_processor(sconf);
2578 + else if(CHILD_INFO_TABLE[my_child_num].type == CHILD_TYPE_PROCESSOR)
2579 + processor = &CHILD_INFO_TABLE[r->connection->id];
2583 + _DBG("processor not found");
2584 + processor = &CHILD_INFO_TABLE[r->connection->id];
2587 + if (!strlen(r->the_request))
2589 + _DBG("corrupt request. aborting",0);
2593 + if (processor->sock_fd != AP_PERUSER_THISCHILD)
2595 + apr_socket_t *sock = NULL;
2597 + apr_os_sock_put(&sock, &processor->sock_fd, r->connection->pool);
2598 + ap_sock_disable_nagle(sock);
2599 + ap_set_module_config(r->connection->conn_config, &core_module, sock);
2600 + _DBG("not the right socket?", 0);
2604 + switch (CHILD_INFO_TABLE[my_child_num].type)
2606 + case CHILD_TYPE_MULTIPLEXER:
2608 + _DBG("MULTIPLEXER => Determining if request should be passed. "
2609 + "Child Num: %d, dest-child: %d, hostname from server: %s r->hostname=%s r->the_request=\"%s\"",
2610 + my_child_num, processor->id, r->server->server_hostname, r->hostname, r->the_request);
2612 + if (processor->id != my_child_num)
2614 + if (processor->status == CHILD_STATUS_STANDBY)
2617 + _DBG("Activating child #%d", processor->id);
2618 + processor->status = CHILD_STATUS_STARTING;
2621 + _DBG("Passing request.",0);
2622 + if (pass_request(r, processor) == -1)
2624 + ap_log_error(APLOG_MARK, APLOG_ERR, 0,
2625 + ap_server_conf, "Could not pass request to proper " "child, request will not be honoured.");
2628 + _DBG("doing longjmp",0);
2629 + longjmp(CHILD_INFO_TABLE[my_child_num].jmpbuffer, 1);
2630 + _DBG("request declined at our site",0);
2632 + _DBG("OUH! we should never reach this point",0);
2634 + _DBG("WTF: the server is assigned to the multiplexer! ... dropping request",0);
2637 + case CHILD_TYPE_PROCESSOR:
2639 + _DBG("PROCESSOR %d", my_child_num);
2640 + if (processor->id != my_child_num)
2642 + _DBG("WTF: this server is not assigned to us! what has the mux been smoking?!",0);
2644 + _DBG("request for %s / (server %s) seems to be for us", r->hostname, r->server->server_hostname);
2646 + /* TODO: add configuration for max processors per server */
2647 + if (total_processors(sconf) > ap_max_processors) return;
2648 + if (idle_processors(sconf) < ap_daemons_min_free) child_clone();
2654 + _DBG("unspecified child type %d in %d, dropping request",
2655 + CHILD_INFO_TABLE[my_child_num].type, my_child_num);
2660 + _DBG("THIS POINT SHOULD NOT BE REACHED!",0);
2664 +static void peruser_hooks(apr_pool_t *p)
2666 + /* The peruser open_logs phase must run before the core's, or stderr
2667 + * will be redirected to a file, and the messages won't print to the
2670 + static const char *const aszSucc[] = {"core.c", NULL};
2673 + (void) set42sig();
2676 + ap_hook_open_logs(peruser_open_logs, NULL, aszSucc, APR_HOOK_MIDDLE);
2677 + ap_hook_pre_config(peruser_pre_config, NULL, NULL, APR_HOOK_MIDDLE);
2678 + ap_hook_post_config(peruser_post_config, NULL, NULL, APR_HOOK_MIDDLE);
2680 + /* Both of these must be run absolutely first. If this request isn't for
2681 + * this server then we need to forward it to the proper child. No sense
2682 + * tying up this server running more post_read request hooks if it is
2683 + * just going to be forwarded along. The process_connection hook allows
2684 + * peruser to receive the passed request correctly, by automatically
2685 + * filling in the core_input_filter's ctx pointer.
2687 + ap_hook_post_read_request(peruser_post_read, NULL, NULL,
2688 + APR_HOOK_REALLY_FIRST);
2689 + ap_hook_process_connection(peruser_process_connection, NULL, NULL,
2690 + APR_HOOK_REALLY_FIRST);
2693 +/* we define an Processor w/ specific uid/gid */
2694 +static const char *cf_Processor(cmd_parms *cmd, void *dummy,
2695 + const char *user_name, const char *group_name, const char *chroot)
2697 + uid_t uid = ap_uname2id(user_name);
2698 + gid_t gid = ap_gname2id(group_name);
2700 + _DBG("user=%s:%d group=%s:%d chroot=%s",
2701 + user_name, uid, group_name, gid, chroot);
2703 + return child_add(CHILD_TYPE_PROCESSOR, CHILD_STATUS_STANDBY,
2704 + uid, gid, chroot);
2707 +/* we define an Multiplexer child w/ specific uid/gid */
2708 +static const char *cf_Multiplexer(cmd_parms *cmd, void *dummy,
2709 + const char *user_name, const char *group_name, const char *chroot)
2711 + uid_t uid = ap_uname2id(user_name);
2712 + gid_t gid = ap_gname2id(group_name);
2714 + _DBG("user=%s:%d group=%s:%d chroot=%s [multiplexer id %d]",
2715 + user_name, uid, group_name, gid, chroot, NUM_CHILDS);
2717 + return child_add(CHILD_TYPE_MULTIPLEXER, CHILD_STATUS_STARTING,
2718 + uid, gid, chroot);
2721 +static const char* cf_ServerEnvironment(cmd_parms *cmd, void *dummy,
2722 + const char *user_name, const char *group_name, const char *chroot)
2726 + int uid = ap_uname2id(user_name);
2727 + int gid = ap_gname2id(group_name);
2728 + const char *errstr;
2729 + peruser_server_conf *sconf;
2731 + _DBG("function entered", 0);
2733 + sconf = PERUSER_SERVER_CONF(cmd->server->module_config);
2735 + sconf->fullsockname = apr_pstrcat(cmd->pool, sconf->sockname, ".",
2736 + user_name,":", group_name, NULL);
2740 + sconf->chroot = chroot;
2742 + _DBG("user=%s:%d group=%s:%d chroot=%s numchilds=%d",
2743 + user_name, uid, group_name, gid, chroot, NUM_CHILDS);
2749 +static const char *cf_MaxProcessorsPerServer(cmd_parms *cmd, void *dummy, const char *arg)
2751 + const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2752 + if (err != NULL) return err;
2754 + max_processors = atoi(arg);
2759 +static const char *set_min_free_servers(cmd_parms *cmd, void *dummy, const char *arg)
2761 + const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2762 + if (err != NULL) {
2766 + ap_daemons_min_free = atoi(arg);
2767 + if (ap_daemons_min_free <= 0) {
2768 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
2769 + "WARNING: detected MinSpareServers set to non-positive.");
2770 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
2771 + "Resetting to 1 to avoid almost certain Apache failure.");
2772 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
2773 + "Please read the documentation.");
2774 + ap_daemons_min_free = 1;
2780 +static const char *set_max_clients (cmd_parms *cmd, void *dummy, const char *arg)
2782 + const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2783 + if (err != NULL) {
2787 + ap_daemons_limit = atoi(arg);
2788 + if (ap_daemons_limit > server_limit) {
2789 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
2790 + "WARNING: MaxClients of %d exceeds ServerLimit value "
2791 + "of %d servers,", ap_daemons_limit, server_limit);
2792 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
2793 + " lowering MaxClients to %d. To increase, please "
2794 + "see the ServerLimit", server_limit);
2795 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
2797 + ap_daemons_limit = server_limit;
2799 + else if (ap_daemons_limit < 1) {
2800 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
2801 + "WARNING: Require MaxClients > 0, setting to 1");
2802 + ap_daemons_limit = 1;
2807 +static const char *set_max_processors (cmd_parms *cmd, void *dummy, const char *arg)
2809 + const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2810 + if (err != NULL) {
2814 + ap_max_processors = atoi(arg);
2816 + if (ap_max_processors < 1) {
2817 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
2818 + "WARNING: Require MaxProcessors > 0, setting to 1");
2819 + ap_max_processors = 1;
2824 +static const char *set_server_limit (cmd_parms *cmd, void *dummy, const char *arg)
2826 + int tmp_server_limit;
2828 + const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2829 + if (err != NULL) {
2833 + tmp_server_limit = atoi(arg);
2834 + /* you cannot change ServerLimit across a restart; ignore
2835 + * any such attempts
2837 + if (first_server_limit &&
2838 + tmp_server_limit != server_limit) {
2839 + /* how do we log a message? the error log is a bit bucket at this
2840 + * point; we'll just have to set a flag so that ap_mpm_run()
2841 + * logs a warning later
2843 + changed_limit_at_restart = 1;
2846 + server_limit = tmp_server_limit;
2848 + if (server_limit > MAX_SERVER_LIMIT) {
2849 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
2850 + "WARNING: ServerLimit of %d exceeds compile time limit "
2851 + "of %d servers,", server_limit, MAX_SERVER_LIMIT);
2852 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
2853 + " lowering ServerLimit to %d.", MAX_SERVER_LIMIT);
2854 + server_limit = MAX_SERVER_LIMIT;
2856 + else if (server_limit < 1) {
2857 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
2858 + "WARNING: Require ServerLimit > 0, setting to 1");
2864 +static const command_rec peruser_cmds[] = {
2865 +UNIX_DAEMON_COMMANDS,
2867 +AP_INIT_TAKE1("MinSpareServers", set_min_free_servers, NULL, RSRC_CONF,
2868 + "Minimum number of idle children, to handle request spikes"),
2869 +AP_INIT_TAKE1("MaxClients", set_max_clients, NULL, RSRC_CONF,
2870 + "Maximum number of children alive at the same time"),
2871 +AP_INIT_TAKE1("MaxProcessors", set_max_processors, NULL, RSRC_CONF,
2872 + "Maximum number of processors per vhost"),
2873 +AP_INIT_TAKE1("ServerLimit", set_server_limit, NULL, RSRC_CONF,
2874 + "Maximum value of MaxClients for this run of Apache"),
2875 +AP_INIT_TAKE23("Multiplexer", cf_Multiplexer, NULL, RSRC_CONF,
2876 + "Specify an Multiplexer Child configuration."),
2877 +AP_INIT_TAKE23("Processor", cf_Processor, NULL, RSRC_CONF,
2878 + "Specify a User and Group for a specific child process."),
2879 +AP_INIT_TAKE23("ServerEnvironment", cf_ServerEnvironment, NULL, RSRC_CONF,
2880 + "Specify the server environment for this virtual host."),
2884 +module AP_MODULE_DECLARE_DATA mpm_peruser_module = {
2885 + MPM20_MODULE_STUFF,
2886 + ap_mpm_rewrite_args, /* hook to run before apache parses args */
2887 + NULL, /* create per-directory config structure */
2888 + NULL, /* merge per-directory config structures */
2889 + peruser_create_config, /* create per-server config structure */
2890 + NULL, /* merge per-server config structures */
2891 + peruser_cmds, /* command apr_table_t */
2892 + peruser_hooks, /* register hooks */