]>
Commit | Line | Data |
---|---|---|
30a4f2a8 | 1 | /* |
bde978a6 | 2 | * Copyright (C) 1996-2015 The Squid Software Foundation and contributors |
e25c139f | 3 | * |
bbc27441 AJ |
4 | * Squid software is distributed under GPLv2+ license and includes |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
019dd986 | 7 | */ |
44a47c6e | 8 | |
bbc27441 AJ |
9 | /* DEBUG: section 21 Misc Functions */ |
10 | ||
582c2af2 | 11 | #include "squid.h" |
602d9612 | 12 | #include "anyp/PortCfg.h" |
e0d28505 | 13 | #include "base/Subscription.h" |
93da1f99 | 14 | #include "client_side.h" |
438b04d4 | 15 | #include "disk.h" |
528b2c61 | 16 | #include "fde.h" |
95e6d864 | 17 | #include "fqdncache.h" |
65d448bc | 18 | #include "htcp.h" |
e0d28505 | 19 | #include "ICP.h" |
96d89ea0 | 20 | #include "ip/Intercept.h" |
425de4c8 | 21 | #include "ip/QosConfig.h" |
602d9612 A |
22 | #include "ipc/Coordinator.h" |
23 | #include "ipc/Kids.h" | |
24 | #include "ipcache.h" | |
0eb49b6d | 25 | #include "MemBuf.h" |
4d5904f7 | 26 | #include "SquidConfig.h" |
a98bcbee | 27 | #include "SquidMath.h" |
985c86bc | 28 | #include "SquidTime.h" |
27bc2077 | 29 | #include "SwapDir.h" |
602d9612 | 30 | #include "tools.h" |
27bc2077 | 31 | #include "wordlist.h" |
44a47c6e | 32 | |
1a30fdf5 | 33 | #include <cerrno> |
62ae0622 | 34 | #if HAVE_SYS_PRCTL_H |
35 | #include <sys/prctl.h> | |
36 | #endif | |
e30fe60a AJ |
37 | #if HAVE_WIN32_PSAPI |
38 | #include <psapi.h> | |
39 | #endif | |
582c2af2 FC |
40 | #if HAVE_SYS_STAT_H |
41 | #include <sys/stat.h> | |
42 | #endif | |
43 | #if HAVE_SYS_WAIT_H | |
44 | #include <sys/wait.h> | |
45 | #endif | |
46 | #if HAVE_GRP_H | |
47 | #include <grp.h> | |
48 | #endif | |
62ae0622 | 49 | |
090089c4 | 50 | #define DEAD_MSG "\ |
c5c666ab | 51 | The Squid Cache (version %s) died.\n\ |
090089c4 | 52 | \n\ |
c5c666ab | 53 | You've encountered a fatal error in the Squid Cache version %s.\n\ |
090089c4 | 54 | If a core file was created (possibly in the swap directory),\n\ |
b8de7ebe | 55 | please execute 'gdb squid core' or 'dbx squid core', then type 'where',\n\ |
784219b8 | 56 | and report the trace back to squid-bugs@squid-cache.org.\n\ |
090089c4 | 57 | \n\ |
58 | Thanks!\n" | |
59 | ||
f5b8bbc4 | 60 | static void mail_warranty(void); |
ff2afd7f | 61 | static void restoreCapabilities(bool keep); |
a2c48c98 | 62 | int DebugSignal = -1; |
8b505ba9 | 63 | SBuf service_name(APP_SHORTNAME); |
24382924 | 64 | |
1191b93b | 65 | #if _SQUID_LINUX_ |
941a3077 | 66 | /* Workaround for crappy glic header files */ |
e6ccf245 | 67 | SQUIDCEXTERN int backtrace(void *, int); |
68 | SQUIDCEXTERN void backtrace_symbols_fd(void *, int, int); | |
69 | SQUIDCEXTERN int setresuid(uid_t, uid_t, uid_t); | |
10da753f FC |
70 | #else /* _SQUID_LINUX_ */ |
71 | /* needed on Opensolaris for backtrace_symbols_fd */ | |
72 | #if HAVE_EXECINFO_H | |
73 | #include <execinfo.h> | |
74 | #endif /* HAVE_EXECINFO_H */ | |
75 | ||
941a3077 | 76 | #endif /* _SQUID_LINUX */ |
77 | ||
4a5a6c62 | 78 | void |
429fdbec | 79 | releaseServerSockets(void) |
80 | { | |
65d448bc | 81 | // Release the main ports as early as possible |
62e76326 | 82 | |
e7ce227f | 83 | // clear http_port, https_port, and ftp_port lists |
434a79b0 | 84 | clientConnectionsClose(); |
62e76326 | 85 | |
e0d28505 | 86 | // clear icp_port's |
65d448bc | 87 | icpClosePorts(); |
62e76326 | 88 | |
e0d28505 | 89 | // XXX: Why not the HTCP, SNMP, DNS ports as well? |
65d448bc | 90 | // XXX: why does this differ from main closeServerConnections() anyway ? |
429fdbec | 91 | } |
92 | ||
b8d8561b | 93 | static char * |
0673c0ba | 94 | dead_msg(void) |
090089c4 | 95 | { |
95d659f0 | 96 | LOCAL_ARRAY(char, msg, 1024); |
56878878 | 97 | snprintf(msg, 1024, DEAD_MSG, version_string, version_string); |
090089c4 | 98 | return msg; |
99 | } | |
100 | ||
24382924 | 101 | static void |
0673c0ba | 102 | mail_warranty(void) |
090089c4 | 103 | { |
019dd986 | 104 | FILE *fp = NULL; |
6e40f263 | 105 | static char command[256]; |
50536c47 | 106 | |
a2c13db1 AJ |
107 | /* |
108 | * NP: umask() takes the mask of bits we DONT want set. | |
109 | * | |
110 | * We want the current user to have read/write access | |
111 | * and since this file will be passed to mailsystem, | |
112 | * the group and other must have read access. | |
113 | */ | |
114 | const mode_t prev_umask=umask(S_IXUSR|S_IXGRP|S_IWGRP|S_IWOTH|S_IXOTH); | |
62e76326 | 115 | |
50536c47 | 116 | #if HAVE_MKSTEMP |
b99a6dec | 117 | char filename[] = "/tmp/squid-XXXXXX"; |
118 | int tfd = mkstemp(filename); | |
50536c47 FC |
119 | if (tfd < 0 || (fp = fdopen(tfd, "w")) == NULL) { |
120 | umask(prev_umask); | |
62e76326 | 121 | return; |
50536c47 | 122 | } |
b99a6dec | 123 | #else |
124 | char *filename; | |
50536c47 FC |
125 | // XXX tempnam is obsolete since POSIX.2008-1 |
126 | // tmpfile is not an option, we want the created files to stick around | |
127 | if ((filename = tempnam(NULL, APP_SHORTNAME)) == NULL || | |
6a1a5b78 | 128 | (fp = fopen(filename, "w")) == NULL) { |
50536c47 | 129 | umask(prev_umask); |
62e76326 | 130 | return; |
50536c47 | 131 | } |
b99a6dec | 132 | #endif |
50536c47 | 133 | umask(prev_umask); |
62e76326 | 134 | |
abacf776 | 135 | if (Config.EmailFrom) |
136 | fprintf(fp, "From: %s\n", Config.EmailFrom); | |
137 | else | |
7dbca7a4 | 138 | fprintf(fp, "From: %s@%s\n", APP_SHORTNAME, uniqueHostname()); |
62e76326 | 139 | |
edae7bc0 | 140 | fprintf(fp, "To: %s\n", Config.adminEmail); |
6e40f263 | 141 | fprintf(fp, "Subject: %s\n", dead_msg()); |
142 | fclose(fp); | |
62e76326 | 143 | |
d084bf20 | 144 | snprintf(command, 256, "%s %s < %s", Config.EmailProgram, Config.adminEmail, filename); |
f53969cc | 145 | if (system(command)) {} /* XXX should avoid system(3) */ |
6e40f263 | 146 | unlink(filename); |
87cedd31 AJ |
147 | #if !HAVE_MKSTEMP |
148 | xfree(filename); // tempnam() requires us to free its allocation | |
149 | #endif | |
090089c4 | 150 | } |
151 | ||
4a5a6c62 | 152 | void |
43c3424b | 153 | dumpMallocStats(void) |
3f43b19b | 154 | { |
88738790 | 155 | #if HAVE_MSTATS && HAVE_GNUMALLOC_H |
62e76326 | 156 | |
88738790 | 157 | struct mstats ms = mstats(); |
158 | fprintf(debug_log, "\ttotal space in arena: %6d KB\n", | |
62e76326 | 159 | (int) (ms.bytes_total >> 10)); |
88738790 | 160 | fprintf(debug_log, "\tTotal free: %6d KB %d%%\n", |
62e76326 | 161 | (int) (ms.bytes_free >> 10), |
a98bcbee | 162 | Math::intPercent(ms.bytes_free, ms.bytes_total)); |
4572073a | 163 | #endif |
3f43b19b | 164 | } |
30a4f2a8 | 165 | |
f2908497 | 166 | void |
167 | squid_getrusage(struct rusage *r) | |
f0f81709 | 168 | { |
8da94b66 | 169 | memset(r, '\0', sizeof(struct rusage)); |
e30fe60a | 170 | #if HAVE_GETRUSAGE && defined(RUSAGE_SELF) && !_SQUID_WINDOWS_ |
1da023b5 | 171 | #if _SQUID_SOLARIS_ |
cd19f0b6 | 172 | /* Solaris 2.5 has getrusage() permission bug -- Arjan de Vet */ |
173 | enter_suid(); | |
174 | #endif | |
62e76326 | 175 | |
f2908497 | 176 | getrusage(RUSAGE_SELF, r); |
62e76326 | 177 | |
e30fe60a | 178 | #if _SQUID_SOLARIS_ |
cd19f0b6 | 179 | leave_suid(); |
180 | #endif | |
e30fe60a AJ |
181 | |
182 | #elif _SQUID_WINDOWS_ && HAVE_WIN32_PSAPI | |
183 | // Windows has an alternative method if there is no POSIX getrusage defined. | |
184 | if (WIN32_OS_version >= _WIN_OS_WINNT) { | |
185 | /* On Windows NT and later call PSAPI.DLL for process Memory */ | |
186 | /* informations -- Guido Serassio */ | |
187 | HANDLE hProcess; | |
188 | PROCESS_MEMORY_COUNTERS pmc; | |
189 | hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | | |
190 | PROCESS_VM_READ, | |
191 | FALSE, GetCurrentProcessId()); | |
192 | { | |
193 | /* Microsoft CRT doesn't have getrusage function, */ | |
194 | /* so we get process CPU time information from PSAPI.DLL. */ | |
195 | FILETIME ftCreate, ftExit, ftKernel, ftUser; | |
196 | if (GetProcessTimes(hProcess, &ftCreate, &ftExit, &ftKernel, &ftUser)) { | |
197 | int64_t *ptUser = (int64_t *)&ftUser; | |
198 | int64_t tUser64 = *ptUser / 10; | |
199 | int64_t *ptKernel = (int64_t *)&ftKernel; | |
200 | int64_t tKernel64 = *ptKernel / 10; | |
201 | r->ru_utime.tv_sec =(long)(tUser64 / 1000000); | |
202 | r->ru_stime.tv_sec =(long)(tKernel64 / 1000000); | |
203 | r->ru_utime.tv_usec =(long)(tUser64 % 1000000); | |
204 | r->ru_stime.tv_usec =(long)(tKernel64 % 1000000); | |
205 | } else { | |
206 | CloseHandle( hProcess ); | |
207 | return; | |
208 | } | |
209 | } | |
210 | if (GetProcessMemoryInfo( hProcess, &pmc, sizeof(pmc))) { | |
211 | r->ru_maxrss=(DWORD)(pmc.WorkingSetSize / getpagesize()); | |
212 | r->ru_majflt=pmc.PageFaultCount; | |
213 | } else { | |
214 | CloseHandle( hProcess ); | |
215 | return; | |
216 | } | |
217 | ||
218 | CloseHandle( hProcess ); | |
219 | } | |
56983a01 | 220 | #endif |
f2908497 | 221 | } |
222 | ||
223 | double | |
62e76326 | 224 | |
f2908497 | 225 | rusage_cputime(struct rusage *r) |
226 | { | |
227 | return (double) r->ru_stime.tv_sec + | |
62e76326 | 228 | (double) r->ru_utime.tv_sec + |
229 | (double) r->ru_stime.tv_usec / 1000000.0 + | |
230 | (double) r->ru_utime.tv_usec / 1000000.0; | |
f2908497 | 231 | } |
232 | ||
ec603b25 | 233 | /* Hack for some HP-UX preprocessors */ |
234 | #ifndef HAVE_GETPAGESIZE | |
235 | #define HAVE_GETPAGESIZE 0 | |
236 | #endif | |
237 | ||
f2908497 | 238 | int |
62e76326 | 239 | |
f2908497 | 240 | rusage_maxrss(struct rusage *r) |
241 | { | |
8a09e810 | 242 | #if _SQUID_SGI_ && _ABIAPI |
4fdc3986 | 243 | return r->ru_pad[0]; |
8a09e810 | 244 | #elif _SQUID_SGI_|| _SQUID_OSF_ || _SQUID_AIX_ || defined(BSD4_4) |
62e76326 | 245 | |
f2908497 | 246 | return r->ru_maxrss; |
6b8e7481 | 247 | #elif defined(HAVE_GETPAGESIZE) && HAVE_GETPAGESIZE != 0 |
62e76326 | 248 | |
f2908497 | 249 | return (r->ru_maxrss * getpagesize()) >> 10; |
c7a1083d | 250 | #elif defined(PAGESIZE) |
62e76326 | 251 | |
c7a1083d | 252 | return (r->ru_maxrss * PAGESIZE) >> 10; |
8505e57b | 253 | #else |
62e76326 | 254 | |
8505e57b | 255 | return r->ru_maxrss; |
f2908497 | 256 | #endif |
257 | } | |
258 | ||
259 | int | |
62e76326 | 260 | |
f2908497 | 261 | rusage_pagefaults(struct rusage *r) |
262 | { | |
8a09e810 | 263 | #if _SQUID_SGI_ && _ABIAPI |
4fdc3986 | 264 | return r->ru_pad[5]; |
265 | #else | |
62e76326 | 266 | |
f2908497 | 267 | return r->ru_majflt; |
4fdc3986 | 268 | #endif |
f2908497 | 269 | } |
270 | ||
4a5a6c62 | 271 | void |
f2908497 | 272 | PrintRusage(void) |
273 | { | |
62e76326 | 274 | |
f2908497 | 275 | struct rusage rusage; |
276 | squid_getrusage(&rusage); | |
2b906e48 | 277 | fprintf(debug_log, "CPU Usage: %.3f seconds = %.3f user + %.3f sys\n", |
62e76326 | 278 | rusage_cputime(&rusage), |
279 | rusage.ru_utime.tv_sec + ((double) rusage.ru_utime.tv_usec / 1000000.0), | |
280 | rusage.ru_stime.tv_sec + ((double) rusage.ru_stime.tv_usec / 1000000.0)); | |
f2908497 | 281 | fprintf(debug_log, "Maximum Resident Size: %d KB\n", |
62e76326 | 282 | rusage_maxrss(&rusage)); |
f2908497 | 283 | fprintf(debug_log, "Page faults with physical i/o: %d\n", |
62e76326 | 284 | rusage_pagefaults(&rusage)); |
f0f81709 | 285 | } |
286 | ||
b8d8561b | 287 | void |
288 | death(int sig) | |
44a47c6e | 289 | { |
0e08ce4b | 290 | if (sig == SIGSEGV) |
62e76326 | 291 | fprintf(debug_log, "FATAL: Received Segment Violation...dying.\n"); |
0e08ce4b | 292 | else if (sig == SIGBUS) |
62e76326 | 293 | fprintf(debug_log, "FATAL: Received Bus Error...dying.\n"); |
0e08ce4b | 294 | else |
62e76326 | 295 | fprintf(debug_log, "FATAL: Received signal %d...dying.\n", sig); |
0b4639af | 296 | |
0a081cb0 | 297 | #if PRINT_STACK_TRACE |
1191b93b | 298 | #if _SQUID_HPUX_ |
0b4639af | 299 | { |
f53969cc | 300 | extern void U_STACK_TRACE(void); /* link with -lcl */ |
62e76326 | 301 | fflush(debug_log); |
302 | dup2(fileno(debug_log), 2); | |
303 | U_STACK_TRACE(); | |
0b4639af | 304 | } |
62e76326 | 305 | |
0b4639af | 306 | #endif /* _SQUID_HPUX_ */ |
8a09e810 | 307 | #if _SQUID_SOLARIS_ && HAVE_LIBOPCOM_STACK |
f53969cc SM |
308 | { /* get ftp://opcom.sun.ca/pub/tars/opcom_stack.tar.gz and */ |
309 | extern void opcom_stack_trace(void); /* link with -lopcom_stack */ | |
62e76326 | 310 | fflush(debug_log); |
311 | dup2(fileno(debug_log), fileno(stdout)); | |
312 | opcom_stack_trace(); | |
313 | fflush(stdout); | |
0b4639af | 314 | } |
62e76326 | 315 | |
10da753f | 316 | #endif /* _SQUID_SOLARIS_and HAVE_LIBOPCOM_STACK */ |
ce3d30fb | 317 | #if HAVE_BACKTRACE_SYMBOLS_FD |
318 | { | |
62e76326 | 319 | static void *(callarray[8192]); |
320 | int n; | |
321 | n = backtrace(callarray, 8192); | |
322 | backtrace_symbols_fd(callarray, n, fileno(debug_log)); | |
ce3d30fb | 323 | } |
62e76326 | 324 | |
ce3d30fb | 325 | #endif |
0b4639af | 326 | #endif /* PRINT_STACK_TRACE */ |
327 | ||
7aa9bb3e | 328 | #if SA_RESETHAND == 0 && !_SQUID_WINDOWS_ |
44a47c6e | 329 | signal(SIGSEGV, SIG_DFL); |
62e76326 | 330 | |
44a47c6e | 331 | signal(SIGBUS, SIG_DFL); |
62e76326 | 332 | |
0e08ce4b | 333 | signal(sig, SIG_DFL); |
62e76326 | 334 | |
30a4f2a8 | 335 | #endif |
62e76326 | 336 | |
429fdbec | 337 | releaseServerSockets(); |
62e76326 | 338 | |
e3ef2b09 | 339 | storeDirWriteCleanLogs(0); |
62e76326 | 340 | |
4b0f5de8 | 341 | if (!shutting_down) { |
342 | PrintRusage(); | |
62e76326 | 343 | |
4b0f5de8 | 344 | dumpMallocStats(); |
345 | } | |
62e76326 | 346 | |
6e40f263 | 347 | if (squid_curtime - SQUID_RELEASE_TIME < 864000) { |
62e76326 | 348 | /* skip if more than 10 days old */ |
349 | ||
350 | if (Config.adminEmail) | |
351 | mail_warranty(); | |
329ce686 | 352 | |
353 | puts(dead_msg()); | |
6e40f263 | 354 | } |
62e76326 | 355 | |
44a47c6e | 356 | abort(); |
357 | } | |
358 | ||
a2c48c98 AR |
359 | void |
360 | BroadcastSignalIfAny(int& sig) | |
361 | { | |
362 | if (sig > 0) { | |
dbf55289 CT |
363 | if (IamMasterProcess()) { |
364 | for (int i = TheKids.count() - 1; i >= 0; --i) { | |
365 | Kid& kid = TheKids.get(i); | |
366 | kill(kid.getPid(), sig); | |
367 | } | |
368 | } | |
a2c48c98 AR |
369 | sig = -1; |
370 | } | |
371 | } | |
44a47c6e | 372 | |
b8d8561b | 373 | void |
23d92c64 | 374 | sigusr2_handle(int sig) |
090089c4 | 375 | { |
30a4f2a8 | 376 | static int state = 0; |
96e03dd8 | 377 | /* no debugs() here; bad things happen if the signal is delivered during _db_print() */ |
62e76326 | 378 | |
a2c48c98 AR |
379 | DebugSignal = sig; |
380 | ||
30a4f2a8 | 381 | if (state == 0) { |
d7298d24 | 382 | Debug::parseOptions("ALL,7"); |
62e76326 | 383 | state = 1; |
30a4f2a8 | 384 | } else { |
62493678 | 385 | Debug::parseOptions(Debug::debugOptions); |
62e76326 | 386 | state = 0; |
30a4f2a8 | 387 | } |
62e76326 | 388 | |
30a4f2a8 | 389 | #if !HAVE_SIGACTION |
f53969cc | 390 | if (signal(sig, sigusr2_handle) == SIG_ERR) /* reinstall */ |
fa84c01d | 391 | debugs(50, DBG_CRITICAL, "signal: sig=" << sig << " func=sigusr2_handle: " << xstrerror()); |
62e76326 | 392 | |
090089c4 | 393 | #endif |
394 | } | |
395 | ||
b8d8561b | 396 | void |
af6a12ee AJ |
397 | debug_trap(const char *message) |
398 | { | |
4a69c163 | 399 | if (!opt_catch_signals) |
62e76326 | 400 | fatal_dump(message); |
401 | ||
a3d5953d | 402 | _db_print("WARNING: %s\n", message); |
85b701ed | 403 | } |
404 | ||
0ee4272b | 405 | const char * |
0673c0ba | 406 | getMyHostname(void) |
44a47c6e | 407 | { |
95d659f0 | 408 | LOCAL_ARRAY(char, host, SQUIDHOSTNAMELEN + 1); |
44a47c6e | 409 | static int present = 0; |
cc192b50 | 410 | struct addrinfo *AI = NULL; |
b7ac5457 | 411 | Ip::Address sa; |
62e76326 | 412 | |
af85f811 | 413 | if (Config.visibleHostname != NULL) |
62e76326 | 414 | return Config.visibleHostname; |
415 | ||
d20b1cd0 | 416 | if (present) |
62e76326 | 417 | return host; |
418 | ||
d20b1cd0 | 419 | host[0] = '\0'; |
62e76326 | 420 | |
fa720bfb AJ |
421 | if (HttpPortList != NULL && sa.isAnyAddr()) |
422 | sa = HttpPortList->s; | |
62e76326 | 423 | |
cb4f4424 | 424 | #if USE_OPENSSL |
62e76326 | 425 | |
fa720bfb AJ |
426 | if (HttpsPortList != NULL && sa.isAnyAddr()) |
427 | sa = HttpsPortList->s; | |
62e76326 | 428 | |
aa2b5399 | 429 | #endif |
cc192b50 | 430 | |
aa2b5399 | 431 | /* |
432 | * If the first http_port address has a specific address, try a | |
433 | * reverse DNS lookup on it. | |
434 | */ | |
4dd643d5 | 435 | if ( !sa.isAnyAddr() ) { |
62e76326 | 436 | |
4dd643d5 | 437 | sa.getAddrInfo(AI); |
cc192b50 | 438 | /* we are looking for a name. */ |
27bc2077 | 439 | if (getnameinfo(AI->ai_addr, AI->ai_addrlen, host, SQUIDHOSTNAMELEN, NULL, 0, NI_NAMEREQD ) == 0) { |
62e76326 | 440 | /* DNS lookup successful */ |
441 | /* use the official name from DNS lookup */ | |
cc192b50 | 442 | debugs(50, 4, "getMyHostname: resolved " << sa << " to '" << host << "'"); |
bf8fe701 | 443 | |
62e76326 | 444 | present = 1; |
445 | ||
851614a8 | 446 | Ip::Address::FreeAddr(AI); |
cc192b50 | 447 | |
62e76326 | 448 | if (strchr(host, '.')) |
449 | return host; | |
62e76326 | 450 | } |
451 | ||
851614a8 | 452 | Ip::Address::FreeAddr(AI); |
c19d1320 AJ |
453 | debugs(50, 2, "WARNING: failed to resolve " << sa << " to a fully qualified hostname"); |
454 | } | |
455 | ||
456 | // still no host. fallback to gethostname() | |
457 | if (gethostname(host, SQUIDHOSTNAMELEN) < 0) { | |
458 | debugs(50, DBG_IMPORTANT, "WARNING: gethostname failed: " << xstrerror()); | |
26ac0430 | 459 | } else { |
c19d1320 AJ |
460 | /* Verify that the hostname given resolves properly */ |
461 | struct addrinfo hints; | |
462 | memset(&hints, 0, sizeof(addrinfo)); | |
463 | hints.ai_flags = AI_CANONNAME; | |
62e76326 | 464 | |
c19d1320 AJ |
465 | if (getaddrinfo(host, NULL, NULL, &AI) == 0) { |
466 | /* DNS lookup successful */ | |
467 | /* use the official name from DNS lookup */ | |
468 | debugs(50, 6, "getMyHostname: '" << host << "' has DNS resolution."); | |
469 | present = 1; | |
470 | ||
471 | /* AYJ: do we want to flag AI_ALL and cache the result anywhere. ie as our local host IPs? */ | |
4dd643d5 | 472 | if (AI) |
c19d1320 | 473 | freeaddrinfo(AI); |
cc192b50 | 474 | |
c19d1320 | 475 | return host; |
cc192b50 | 476 | } |
c19d1320 | 477 | |
4dd643d5 AJ |
478 | if (AI) |
479 | freeaddrinfo(AI); | |
c19d1320 | 480 | debugs(50, DBG_IMPORTANT, "WARNING: '" << host << "' rDNS test failed: " << xstrerror()); |
44a47c6e | 481 | } |
62e76326 | 482 | |
c19d1320 AJ |
483 | /* throw a configuration error when the Host/IP given has bad DNS/rDNS. */ |
484 | debugs(50, DBG_CRITICAL, "WARNING: Could not determine this machines public hostname. " << | |
485 | "Please configure one or set 'visible_hostname'."); | |
a572d8be | 486 | |
c19d1320 | 487 | return ("localhost"); |
44a47c6e | 488 | } |
489 | ||
98829f69 | 490 | const char * |
491 | uniqueHostname(void) | |
492 | { | |
23c6ebc4 | 493 | debugs(21, 3, HERE << " Config: '" << Config.uniqueHostname << "'"); |
98829f69 | 494 | return Config.uniqueHostname ? Config.uniqueHostname : getMyHostname(); |
495 | } | |
496 | ||
23c6ebc4 | 497 | /** leave a priviliged section. (Give up any privilegies) |
30a4f2a8 | 498 | * Routines that need privilegies can rap themselves in enter_suid() |
499 | * and leave_suid() | |
500 | * To give upp all posibilites to gain privilegies use no_suid() | |
12b9e9b1 | 501 | */ |
b8d8561b | 502 | void |
0673c0ba | 503 | leave_suid(void) |
12b9e9b1 | 504 | { |
36584579 | 505 | debugs(21, 3, "leave_suid: PID " << getpid() << " called"); |
62e76326 | 506 | |
e3d74828 | 507 | if (Config.effectiveGroup) { |
508 | ||
509 | #if HAVE_SETGROUPS | |
510 | ||
511 | setgroups(1, &Config2.effectiveGroupID); | |
512 | ||
513 | #endif | |
514 | ||
515 | if (setgid(Config2.effectiveGroupID) < 0) | |
fa84c01d | 516 | debugs(50, DBG_CRITICAL, "ALERT: setgid: " << xstrerror()); |
e3d74828 | 517 | |
518 | } | |
519 | ||
12b9e9b1 | 520 | if (geteuid() != 0) |
62e76326 | 521 | return; |
522 | ||
12b9e9b1 | 523 | /* Started as a root, check suid option */ |
b6f794d6 | 524 | if (Config.effectiveUser == NULL) |
62e76326 | 525 | return; |
526 | ||
36584579 | 527 | debugs(21, 3, "leave_suid: PID " << getpid() << " giving up root, becoming '" << Config.effectiveUser << "'"); |
62e76326 | 528 | |
e3d74828 | 529 | if (!Config.effectiveGroup) { |
62e76326 | 530 | |
e3d74828 | 531 | if (setgid(Config2.effectiveGroupID) < 0) |
fa84c01d | 532 | debugs(50, DBG_CRITICAL, "ALERT: setgid: " << xstrerror()); |
62e76326 | 533 | |
e3d74828 | 534 | if (initgroups(Config.effectiveUser, Config2.effectiveGroupID) < 0) { |
fa84c01d | 535 | debugs(50, DBG_CRITICAL, "ALERT: initgroups: unable to set groups for User " << |
bf8fe701 | 536 | Config.effectiveUser << " and Group " << |
537 | (unsigned) Config2.effectiveGroupID << ""); | |
e3d74828 | 538 | } |
539 | } | |
62e76326 | 540 | |
234967c9 | 541 | #if HAVE_SETRESUID |
62e76326 | 542 | |
d20b1cd0 | 543 | if (setresuid(Config2.effectiveUserID, Config2.effectiveUserID, 0) < 0) |
fa84c01d | 544 | debugs(50, DBG_CRITICAL, "ALERT: setresuid: " << xstrerror()); |
62e76326 | 545 | |
234967c9 | 546 | #elif HAVE_SETEUID |
62e76326 | 547 | |
d20b1cd0 | 548 | if (seteuid(Config2.effectiveUserID) < 0) |
fa84c01d | 549 | debugs(50, DBG_CRITICAL, "ALERT: seteuid: " << xstrerror()); |
62e76326 | 550 | |
234967c9 | 551 | #else |
62e76326 | 552 | |
d20b1cd0 | 553 | if (setuid(Config2.effectiveUserID) < 0) |
fa84c01d | 554 | debugs(50, DBG_CRITICAL, "ALERT: setuid: " << xstrerror()); |
62e76326 | 555 | |
fc68f6b1 | 556 | #endif |
fc68f6b1 | 557 | |
ff2afd7f | 558 | restoreCapabilities(true); |
fc68f6b1 | 559 | |
62ae0622 | 560 | #if HAVE_PRCTL && defined(PR_SET_DUMPABLE) |
561 | /* Set Linux DUMPABLE flag */ | |
562 | if (Config.coredump_dir && prctl(PR_SET_DUMPABLE, 1) != 0) | |
bf8fe701 | 563 | debugs(50, 2, "ALERT: prctl: " << xstrerror()); |
62ae0622 | 564 | |
234967c9 | 565 | #endif |
566 | } | |
567 | ||
30a4f2a8 | 568 | /* Enter a privilegied section */ |
b8d8561b | 569 | void |
0673c0ba | 570 | enter_suid(void) |
234967c9 | 571 | { |
77468ee5 | 572 | debugs(21, 3, "enter_suid: PID " << getpid() << " taking root privileges"); |
234967c9 | 573 | #if HAVE_SETRESUID |
77468ee5 | 574 | if (setresuid((uid_t)-1, 0, (uid_t)-1) < 0) |
6595704b | 575 | debugs (21, 3, "enter_suid: setresuid failed: " << xstrerror ()); |
234967c9 | 576 | #else |
62e76326 | 577 | |
234967c9 | 578 | setuid(0); |
579 | #endif | |
62ae0622 | 580 | #if HAVE_PRCTL && defined(PR_SET_DUMPABLE) |
581 | /* Set Linux DUMPABLE flag */ | |
582 | ||
583 | if (Config.coredump_dir && prctl(PR_SET_DUMPABLE, 1) != 0) | |
bf8fe701 | 584 | debugs(50, 2, "ALERT: prctl: " << xstrerror()); |
62ae0622 | 585 | |
586 | #endif | |
234967c9 | 587 | } |
588 | ||
30a4f2a8 | 589 | /* Give up the posibility to gain privilegies. |
590 | * this should be used before starting a sub process | |
591 | */ | |
b8d8561b | 592 | void |
0673c0ba | 593 | no_suid(void) |
234967c9 | 594 | { |
595 | uid_t uid; | |
30a4f2a8 | 596 | leave_suid(); |
234967c9 | 597 | uid = geteuid(); |
329ce686 | 598 | debugs(21, 3, "no_suid: PID " << getpid() << " giving up root priveleges forever"); |
62e76326 | 599 | |
77468ee5 | 600 | if (setuid(0) < 0) |
6595704b | 601 | debugs(50, DBG_IMPORTANT, "WARNING: no_suid: setuid(0): " << xstrerror()); |
62e76326 | 602 | |
429fdbec | 603 | if (setuid(uid) < 0) |
77468ee5 | 604 | debugs(50, DBG_IMPORTANT, "ERROR: no_suid: setuid(" << uid << "): " << xstrerror()); |
62e76326 | 605 | |
ff2afd7f | 606 | restoreCapabilities(false); |
329ce686 | 607 | |
62ae0622 | 608 | #if HAVE_PRCTL && defined(PR_SET_DUMPABLE) |
609 | /* Set Linux DUMPABLE flag */ | |
610 | if (Config.coredump_dir && prctl(PR_SET_DUMPABLE, 1) != 0) | |
bf8fe701 | 611 | debugs(50, 2, "ALERT: prctl: " << xstrerror()); |
62ae0622 | 612 | |
234967c9 | 613 | #endif |
12b9e9b1 | 614 | } |
ccff9601 | 615 | |
a2c48c98 | 616 | bool |
7de94c8c | 617 | IamMasterProcess() |
a2c48c98 | 618 | { |
7de94c8c AR |
619 | return KidIdentifier == 0; |
620 | } | |
621 | ||
622 | bool | |
623 | IamWorkerProcess() | |
624 | { | |
625 | // when there is only one process, it has to be the worker | |
13aeac35 | 626 | if (opt_no_daemon || Config.workers == 0) |
7de94c8c AR |
627 | return true; |
628 | ||
095ec2b1 AR |
629 | return TheProcessKind == pkWorker; |
630 | } | |
631 | ||
632 | bool | |
633 | IamDiskProcess() | |
634 | { | |
635 | return TheProcessKind == pkDisker; | |
7de94c8c AR |
636 | } |
637 | ||
96c2bb61 AR |
638 | bool |
639 | InDaemonMode() | |
640 | { | |
641 | return !opt_no_daemon && Config.workers > 0; | |
642 | } | |
643 | ||
7de94c8c AR |
644 | bool |
645 | UsingSmp() | |
646 | { | |
095ec2b1 | 647 | return InDaemonMode() && NumberOfKids() > 1; |
7de94c8c AR |
648 | } |
649 | ||
650 | bool | |
651 | IamCoordinatorProcess() | |
652 | { | |
095ec2b1 | 653 | return TheProcessKind == pkCoordinator; |
7de94c8c AR |
654 | } |
655 | ||
656 | bool | |
657 | IamPrimaryProcess() | |
658 | { | |
659 | // when there is only one process, it has to be primary | |
13aeac35 | 660 | if (opt_no_daemon || Config.workers == 0) |
7de94c8c AR |
661 | return true; |
662 | ||
663 | // when there is a master and worker process, the master delegates | |
664 | // primary functions to its only kid | |
254912f3 | 665 | if (NumberOfKids() == 1) |
7de94c8c | 666 | return IamWorkerProcess(); |
a2c48c98 | 667 | |
7de94c8c AR |
668 | // in SMP mode, multiple kids delegate primary functions to the coordinator |
669 | return IamCoordinatorProcess(); | |
a2c48c98 AR |
670 | } |
671 | ||
96c2bb61 AR |
672 | int |
673 | NumberOfKids() | |
674 | { | |
675 | // no kids in no-daemon mode | |
676 | if (!InDaemonMode()) | |
677 | return 0; | |
678 | ||
095ec2b1 AR |
679 | // XXX: detect and abort when called before workers/cache_dirs are parsed |
680 | ||
14911a4e | 681 | const int rockDirs = Config.cacheSwap.n_strands; |
095ec2b1 AR |
682 | |
683 | const bool needCoord = Config.workers > 1 || rockDirs > 0; | |
684 | return (needCoord ? 1 : 0) + Config.workers + rockDirs; | |
685 | } | |
96c2bb61 | 686 | |
095ec2b1 AR |
687 | String |
688 | ProcessRoles() | |
689 | { | |
690 | String roles = ""; | |
691 | if (IamMasterProcess()) | |
692 | roles.append(" master"); | |
693 | if (IamCoordinatorProcess()) | |
694 | roles.append(" coordinator"); | |
695 | if (IamWorkerProcess()) | |
696 | roles.append(" worker"); | |
697 | if (IamDiskProcess()) | |
698 | roles.append(" disker"); | |
699 | return roles; | |
96c2bb61 AR |
700 | } |
701 | ||
b8d8561b | 702 | void |
0673c0ba | 703 | writePidFile(void) |
ccff9601 | 704 | { |
9e4ad609 | 705 | int fd; |
0b4639af | 706 | const char *f = NULL; |
973e9fe1 | 707 | mode_t old_umask; |
9e4ad609 | 708 | char buf[32]; |
62e76326 | 709 | |
9e4ad609 | 710 | if ((f = Config.pidFilename) == NULL) |
62e76326 | 711 | return; |
712 | ||
9e4ad609 | 713 | if (!strcmp(Config.pidFilename, "none")) |
62e76326 | 714 | return; |
715 | ||
30a4f2a8 | 716 | enter_suid(); |
62e76326 | 717 | |
973e9fe1 | 718 | old_umask = umask(022); |
62e76326 | 719 | |
dbf55289 | 720 | fd = open(f, O_WRONLY | O_CREAT | O_TRUNC | O_TEXT, 0644); |
62e76326 | 721 | |
973e9fe1 | 722 | umask(old_umask); |
62e76326 | 723 | |
30a4f2a8 | 724 | leave_suid(); |
62e76326 | 725 | |
9e4ad609 | 726 | if (fd < 0) { |
fa84c01d | 727 | debugs(50, DBG_CRITICAL, "" << f << ": " << xstrerror()); |
62e76326 | 728 | debug_trap("Could not write pid file"); |
729 | return; | |
ccff9601 | 730 | } |
62e76326 | 731 | |
56878878 | 732 | snprintf(buf, 32, "%d\n", (int) getpid()); |
dbf55289 CT |
733 | const size_t ws = write(fd, buf, strlen(buf)); |
734 | assert(ws == strlen(buf)); | |
735 | close(fd); | |
736 | } | |
737 | ||
738 | void | |
739 | removePidFile() | |
740 | { | |
741 | if (Config.pidFilename && strcmp(Config.pidFilename, "none") != 0) { | |
742 | enter_suid(); | |
743 | safeunlink(Config.pidFilename, 0); | |
744 | leave_suid(); | |
745 | } | |
ccff9601 | 746 | } |
c4fb974e | 747 | |
ff8d0ea6 | 748 | pid_t |
0673c0ba | 749 | readPidFile(void) |
7690e8eb | 750 | { |
751 | FILE *pid_fp = NULL; | |
9e4ad609 | 752 | const char *f = Config.pidFilename; |
1ee742a2 | 753 | char *chroot_f = NULL; |
ff8d0ea6 | 754 | pid_t pid = -1; |
755 | int i; | |
7690e8eb | 756 | |
9e4ad609 | 757 | if (f == NULL || !strcmp(Config.pidFilename, "none")) { |
7dbca7a4 | 758 | fprintf(stderr, APP_SHORTNAME ": ERROR: No pid file name defined\n"); |
62e76326 | 759 | exit(1); |
7690e8eb | 760 | } |
62e76326 | 761 | |
1ee742a2 | 762 | if (Config.chroot_dir && geteuid() == 0) { |
763 | int len = strlen(Config.chroot_dir) + 1 + strlen(f) + 1; | |
764 | chroot_f = (char *)xmalloc(strlen(Config.chroot_dir) + 1 + strlen(f) + 1); | |
765 | snprintf(chroot_f, len, "%s/%s", Config.chroot_dir, f); | |
766 | f = chroot_f; | |
767 | } | |
768 | ||
7690e8eb | 769 | pid_fp = fopen(f, "r"); |
62e76326 | 770 | |
7690e8eb | 771 | if (pid_fp != NULL) { |
62e76326 | 772 | pid = 0; |
773 | ||
774 | if (fscanf(pid_fp, "%d", &i) == 1) | |
775 | pid = (pid_t) i; | |
776 | ||
777 | fclose(pid_fp); | |
7690e8eb | 778 | } else { |
62e76326 | 779 | if (errno != ENOENT) { |
7dbca7a4 | 780 | fprintf(stderr, APP_SHORTNAME ": ERROR: Could not read pid file\n"); |
62e76326 | 781 | fprintf(stderr, "\t%s: %s\n", f, xstrerror()); |
782 | exit(1); | |
783 | } | |
7690e8eb | 784 | } |
62e76326 | 785 | |
1ee742a2 | 786 | safe_free(chroot_f); |
7690e8eb | 787 | return pid; |
788 | } | |
789 | ||
f3f0f563 AJ |
790 | /* A little piece of glue for odd systems */ |
791 | #ifndef RLIMIT_NOFILE | |
792 | #ifdef RLIMIT_OFILE | |
793 | #define RLIMIT_NOFILE RLIMIT_OFILE | |
794 | #endif | |
795 | #endif | |
7690e8eb | 796 | |
f3f0f563 | 797 | /** Figure out the number of supported filedescriptors */ |
b8d8561b | 798 | void |
0673c0ba | 799 | setMaxFD(void) |
c4fb974e | 800 | { |
f3f0f563 | 801 | #if HAVE_SETRLIMIT && defined(RLIMIT_NOFILE) |
8527a56f | 802 | |
9064ed81 A |
803 | /* On Linux with 64-bit file support the sys/resource.h header |
804 | * uses #define to change the function definition to require rlimit64 | |
805 | */ | |
8527a56f AJ |
806 | #if defined(getrlimit) |
807 | struct rlimit64 rl; // Assume its a 64-bit redefine anyways. | |
808 | #else | |
c4fb974e | 809 | struct rlimit rl; |
8527a56f AJ |
810 | #endif |
811 | ||
c4fb974e | 812 | if (getrlimit(RLIMIT_NOFILE, &rl) < 0) { |
f3f0f563 AJ |
813 | debugs(50, DBG_CRITICAL, "setrlimit: RLIMIT_NOFILE: " << xstrerror()); |
814 | } else if (Config.max_filedescriptors > 0) { | |
0979b3a6 AJ |
815 | #if USE_SELECT || USE_SELECT_WIN32 |
816 | /* select() breaks if this gets set too big */ | |
1b7fae06 | 817 | if (Config.max_filedescriptors > FD_SETSIZE) { |
0979b3a6 | 818 | rl.rlim_cur = FD_SETSIZE; |
1b7fae06 AJ |
819 | debugs(50, DBG_CRITICAL, "WARNING: 'max_filedescriptors " << Config.max_filedescriptors << "' does not work with select()"); |
820 | } else | |
0979b3a6 AJ |
821 | #endif |
822 | rl.rlim_cur = Config.max_filedescriptors; | |
62e76326 | 823 | if (rl.rlim_cur > rl.rlim_max) |
f3f0f563 AJ |
824 | rl.rlim_max = rl.rlim_cur; |
825 | if (setrlimit(RLIMIT_NOFILE, &rl)) { | |
1b7fae06 | 826 | debugs(50, DBG_CRITICAL, "ERROR: setrlimit: RLIMIT_NOFILE: " << xstrerror()); |
f3f0f563 AJ |
827 | getrlimit(RLIMIT_NOFILE, &rl); |
828 | rl.rlim_cur = rl.rlim_max; | |
829 | if (setrlimit(RLIMIT_NOFILE, &rl)) { | |
1b7fae06 | 830 | debugs(50, DBG_CRITICAL, "ERROR: setrlimit: RLIMIT_NOFILE: " << xstrerror()); |
f3f0f563 | 831 | } |
62e76326 | 832 | } |
c4fb974e | 833 | } |
f3f0f563 | 834 | if (getrlimit(RLIMIT_NOFILE, &rl) < 0) { |
1b7fae06 | 835 | debugs(50, DBG_CRITICAL, "ERROR: getrlimit: RLIMIT_NOFILE: " << xstrerror()); |
c4fb974e | 836 | } else { |
f3f0f563 AJ |
837 | Squid_MaxFD = rl.rlim_cur; |
838 | } | |
62e76326 | 839 | |
f3f0f563 AJ |
840 | #endif /* HAVE_SETRLIMIT */ |
841 | } | |
62e76326 | 842 | |
f3f0f563 AJ |
843 | void |
844 | setSystemLimits(void) | |
845 | { | |
be266cb2 | 846 | #if HAVE_SETRLIMIT && defined(RLIMIT_NOFILE) && !_SQUID_CYGWIN_ |
f3f0f563 | 847 | /* limit system filedescriptors to our own limit */ |
8527a56f AJ |
848 | |
849 | /* On Linux with 64-bit file support the sys/resource.h header | |
850 | * uses #define to change the function definition to require rlimit64 | |
851 | */ | |
852 | #if defined(getrlimit) | |
853 | struct rlimit64 rl; // Assume its a 64-bit redefine anyways. | |
854 | #else | |
f3f0f563 | 855 | struct rlimit rl; |
8527a56f AJ |
856 | #endif |
857 | ||
f3f0f563 AJ |
858 | if (getrlimit(RLIMIT_NOFILE, &rl) < 0) { |
859 | debugs(50, DBG_CRITICAL, "setrlimit: RLIMIT_NOFILE: " << xstrerror()); | |
860 | } else { | |
861 | rl.rlim_cur = Squid_MaxFD; | |
862 | if (setrlimit(RLIMIT_NOFILE, &rl) < 0) { | |
863 | snprintf(tmp_error_buf, ERROR_BUF_SZ, "setrlimit: RLIMIT_NOFILE: %s", xstrerror()); | |
62e76326 | 864 | fatal_dump(tmp_error_buf); |
865 | } | |
c4fb974e | 866 | } |
30a4f2a8 | 867 | #endif /* HAVE_SETRLIMIT */ |
868 | ||
a396d1f8 | 869 | #if HAVE_SETRLIMIT && defined(RLIMIT_DATA) && !_SQUID_CYGWIN_ |
30a4f2a8 | 870 | if (getrlimit(RLIMIT_DATA, &rl) < 0) { |
f3f0f563 | 871 | debugs(50, DBG_CRITICAL, "getrlimit: RLIMIT_DATA: " << xstrerror()); |
88738790 | 872 | } else if (rl.rlim_max > rl.rlim_cur) { |
f53969cc | 873 | rl.rlim_cur = rl.rlim_max; /* set it to the max */ |
62e76326 | 874 | |
875 | if (setrlimit(RLIMIT_DATA, &rl) < 0) { | |
f3f0f563 | 876 | snprintf(tmp_error_buf, ERROR_BUF_SZ, "setrlimit: RLIMIT_DATA: %s", xstrerror()); |
62e76326 | 877 | fatal_dump(tmp_error_buf); |
878 | } | |
30a4f2a8 | 879 | } |
880 | #endif /* RLIMIT_DATA */ | |
f3f0f563 AJ |
881 | if (Config.max_filedescriptors > Squid_MaxFD) { |
882 | debugs(50, DBG_IMPORTANT, "NOTICE: Could not increase the number of filedescriptors"); | |
883 | } | |
884 | ||
a396d1f8 | 885 | #if HAVE_SETRLIMIT && defined(RLIMIT_VMEM) && !_SQUID_CYGWIN_ |
ad7ef91a | 886 | if (getrlimit(RLIMIT_VMEM, &rl) < 0) { |
30c48b1a | 887 | debugs(50, DBG_CRITICAL, "getrlimit: RLIMIT_VMEM: " << xstrerror()); |
88738790 | 888 | } else if (rl.rlim_max > rl.rlim_cur) { |
f53969cc | 889 | rl.rlim_cur = rl.rlim_max; /* set it to the max */ |
62e76326 | 890 | |
891 | if (setrlimit(RLIMIT_VMEM, &rl) < 0) { | |
f3f0f563 | 892 | snprintf(tmp_error_buf, ERROR_BUF_SZ, "setrlimit: RLIMIT_VMEM: %s", xstrerror()); |
62e76326 | 893 | fatal_dump(tmp_error_buf); |
894 | } | |
ad7ef91a | 895 | } |
896 | #endif /* RLIMIT_VMEM */ | |
c4fb974e | 897 | } |
3a57089e | 898 | |
b8d8561b | 899 | void |
ea3a2a69 | 900 | squid_signal(int sig, SIGHDLR * func, int flags) |
30a4f2a8 | 901 | { |
902 | #if HAVE_SIGACTION | |
62e76326 | 903 | |
30a4f2a8 | 904 | struct sigaction sa; |
905 | sa.sa_handler = func; | |
906 | sa.sa_flags = flags; | |
907 | sigemptyset(&sa.sa_mask); | |
62e76326 | 908 | |
30a4f2a8 | 909 | if (sigaction(sig, &sa, NULL) < 0) |
30c48b1a | 910 | debugs(50, DBG_CRITICAL, "sigaction: sig=" << sig << " func=" << func << ": " << xstrerror()); |
62e76326 | 911 | |
30a4f2a8 | 912 | #else |
7aa9bb3e | 913 | #if _SQUID_WINDOWS_ |
06648839 | 914 | /* |
915 | On Windows, only SIGINT, SIGILL, SIGFPE, SIGTERM, SIGBREAK, SIGABRT and SIGSEGV signals | |
916 | are supported, so we must care of don't call signal() for other value. | |
917 | The SIGILL, SIGSEGV, and SIGTERM signals are not generated under Windows. They are defined | |
918 | for ANSI compatibility, so both SIGSEGV and SIGBUS are emulated with an Exception Handler. | |
919 | */ | |
920 | switch (sig) { | |
921 | ||
922 | case SIGINT: | |
923 | ||
924 | case SIGILL: | |
925 | ||
926 | case SIGFPE: | |
927 | ||
928 | case SIGTERM: | |
929 | ||
930 | case SIGBREAK: | |
931 | ||
932 | case SIGABRT: | |
933 | break; | |
934 | ||
935 | case SIGSEGV: | |
936 | WIN32_ExceptionHandlerInit(); | |
937 | break; | |
938 | ||
939 | case SIGBUS: | |
940 | WIN32_ExceptionHandlerInit(); | |
941 | return; | |
942 | break; /* Nor reached */ | |
943 | ||
944 | default: | |
945 | return; | |
946 | break; /* Nor reached */ | |
947 | } | |
948 | ||
949 | #endif | |
62e76326 | 950 | |
06648839 | 951 | signal(sig, func); |
62e76326 | 952 | |
30a4f2a8 | 953 | #endif |
954 | } | |
396c5745 | 955 | |
70364f29 | 956 | void |
957 | logsFlush(void) | |
958 | { | |
959 | if (debug_log) | |
62e76326 | 960 | fflush(debug_log); |
70364f29 | 961 | } |
88738790 | 962 | |
16300b58 | 963 | void |
0e473d70 | 964 | kb_incr(kb_t * k, size_t v) |
a7c05555 | 965 | { |
0e473d70 | 966 | k->bytes += v; |
967 | k->kb += (k->bytes >> 10); | |
968 | k->bytes &= 0x3FF; | |
a7c05555 | 969 | } |
c1dabf04 | 970 | |
a00a7c85 | 971 | void |
6bbf9cc4 | 972 | debugObj(int section, int level, const char *label, void *obj, ObjPackMethod pm) |
a00a7c85 | 973 | { |
6bbf9cc4 | 974 | assert(label && obj && pm); |
10201568 | 975 | MemBuf mb; |
2fe7eff9 | 976 | mb.init(); |
10201568 | 977 | (*pm) (obj, &mb); |
bf8fe701 | 978 | debugs(section, level, "" << label << "" << mb.buf << ""); |
2fe7eff9 | 979 | mb.clean(); |
a00a7c85 | 980 | } |
d548ee64 | 981 | |
0e70aa1e | 982 | void |
983 | parseEtcHosts(void) | |
984 | { | |
985 | FILE *fp; | |
986 | char buf[1024]; | |
987 | char buf2[512]; | |
988 | char *nt = buf; | |
989 | char *lt = buf; | |
fa2bfbab | 990 | |
0e70aa1e | 991 | if (NULL == Config.etcHostsPath) |
62e76326 | 992 | return; |
993 | ||
0e70aa1e | 994 | if (0 == strcmp(Config.etcHostsPath, "none")) |
62e76326 | 995 | return; |
996 | ||
0e70aa1e | 997 | fp = fopen(Config.etcHostsPath, "r"); |
62e76326 | 998 | |
0e70aa1e | 999 | if (fp == NULL) { |
e0236918 | 1000 | debugs(1, DBG_IMPORTANT, "parseEtcHosts: " << Config.etcHostsPath << ": " << xstrerror()); |
62e76326 | 1001 | return; |
0e70aa1e | 1002 | } |
62e76326 | 1003 | |
be266cb2 | 1004 | #if _SQUID_WINDOWS_ |
c4aefe96 | 1005 | setmode(fileno(fp), O_TEXT); |
1006 | #endif | |
62e76326 | 1007 | |
f53969cc | 1008 | while (fgets(buf, 1024, fp)) { /* for each line */ |
62e76326 | 1009 | wordlist *hosts = NULL; |
1010 | char *addr; | |
1011 | ||
f53969cc | 1012 | if (buf[0] == '#') /* MS-windows likes to add comments */ |
c31616ae | 1013 | continue; |
1014 | ||
f53969cc | 1015 | strtok(buf, "#"); /* chop everything following a comment marker */ |
62e76326 | 1016 | |
1017 | lt = buf; | |
1018 | ||
1019 | addr = buf; | |
1020 | ||
bf8fe701 | 1021 | debugs(1, 5, "etc_hosts: line is '" << buf << "'"); |
62e76326 | 1022 | |
1023 | nt = strpbrk(lt, w_space); | |
1024 | ||
f53969cc | 1025 | if (nt == NULL) /* empty line */ |
62e76326 | 1026 | continue; |
1027 | ||
f53969cc | 1028 | *nt = '\0'; /* null-terminate the address */ |
62e76326 | 1029 | |
bf8fe701 | 1030 | debugs(1, 5, "etc_hosts: address is '" << addr << "'"); |
62e76326 | 1031 | |
1032 | lt = nt + 1; | |
1033 | ||
1034 | while ((nt = strpbrk(lt, w_space))) { | |
1035 | char *host = NULL; | |
1036 | ||
f53969cc | 1037 | if (nt == lt) { /* multiple spaces */ |
bf8fe701 | 1038 | debugs(1, 5, "etc_hosts: multiple spaces, skipping"); |
62e76326 | 1039 | lt = nt + 1; |
1040 | continue; | |
1041 | } | |
1042 | ||
1043 | *nt = '\0'; | |
bf8fe701 | 1044 | debugs(1, 5, "etc_hosts: got hostname '" << lt << "'"); |
62e76326 | 1045 | |
532e5dd4 AJ |
1046 | /* For IPV6 addresses also check for a colon */ |
1047 | if (Config.appendDomain && !strchr(lt, '.') && !strchr(lt, ':')) { | |
62e76326 | 1048 | /* I know it's ugly, but it's only at reconfig */ |
0a84e4fb AJ |
1049 | strncpy(buf2, lt, sizeof(buf2)-1); |
1050 | strncat(buf2, Config.appendDomain, sizeof(buf2) - strlen(lt) - 1); | |
50e746f3 | 1051 | buf2[sizeof(buf2)-1] = '\0'; |
62e76326 | 1052 | host = buf2; |
1053 | } else { | |
1054 | host = lt; | |
1055 | } | |
1056 | ||
f6a72b33 AJ |
1057 | if (ipcacheAddEntryFromHosts(host, addr) != 0) { |
1058 | /* invalid address, continuing is useless */ | |
1059 | wordlistDestroy(&hosts); | |
1060 | hosts = NULL; | |
1061 | break; | |
1062 | } | |
62e76326 | 1063 | wordlistAdd(&hosts, host); |
1064 | ||
1065 | lt = nt + 1; | |
1066 | } | |
1067 | ||
9e008dda | 1068 | if (hosts) { |
f6a72b33 AJ |
1069 | fqdncacheAddEntryFromHosts(addr, hosts); |
1070 | wordlistDestroy(&hosts); | |
1071 | } | |
0e70aa1e | 1072 | } |
62e76326 | 1073 | |
1f3c7397 | 1074 | fclose (fp); |
0e70aa1e | 1075 | } |
52f772de | 1076 | |
1077 | int | |
1078 | getMyPort(void) | |
1079 | { | |
fa720bfb AJ |
1080 | AnyP::PortCfgPointer p; |
1081 | if ((p = HttpPortList) != NULL) { | |
c4ac4197 | 1082 | // skip any special interception ports |
fa720bfb | 1083 | while (p != NULL && p->flags.isIntercepted()) |
af5ebaf4 | 1084 | p = p->next; |
fa720bfb | 1085 | if (p != NULL) |
4dd643d5 | 1086 | return p->s.port(); |
af5ebaf4 | 1087 | } |
62e76326 | 1088 | |
cb4f4424 | 1089 | #if USE_OPENSSL |
fa720bfb | 1090 | if ((p = HttpsPortList) != NULL) { |
c4ac4197 | 1091 | // skip any special interception ports |
fa720bfb | 1092 | while (p != NULL && p->flags.isIntercepted()) |
c4ac4197 | 1093 | p = p->next; |
fa720bfb | 1094 | if (p != NULL) |
4dd643d5 | 1095 | return p->s.port(); |
c4ac4197 | 1096 | } |
52f772de | 1097 | #endif |
62e76326 | 1098 | |
8ea0d847 | 1099 | if ((p = FtpPortList) != NULL) { |
547f3031 | 1100 | // skip any special interception ports |
8ea0d847 | 1101 | while (p != NULL && p->flags.isIntercepted()) |
547f3031 | 1102 | p = p->next; |
8ea0d847 | 1103 | if (p != NULL) |
547f3031 AR |
1104 | return p->s.port(); |
1105 | } | |
1106 | ||
af5ebaf4 AJ |
1107 | debugs(21, DBG_CRITICAL, "ERROR: No forward-proxy ports configured."); |
1108 | return 0; // Invalid port. This will result in invalid URLs on bad configurations. | |
52f772de | 1109 | } |
d860a1aa | 1110 | |
c642c141 AJ |
1111 | /* |
1112 | * Set the umask to at least the given mask. This is in addition | |
1113 | * to the umask set at startup | |
1114 | */ | |
1115 | void | |
1116 | setUmask(mode_t mask) | |
1117 | { | |
1118 | // No way to get the current umask value without setting it. | |
1119 | static const mode_t orig_umask = umask(mask); // once, to get | |
1120 | umask(mask | orig_umask); // always, to set | |
1121 | } | |
d860a1aa | 1122 | |
1123 | /* | |
1124 | * Inverse of strwordtok. Quotes a word if needed | |
1125 | */ | |
42419a95 | 1126 | void |
d860a1aa | 1127 | strwordquote(MemBuf * mb, const char *str) |
1128 | { | |
1129 | int quoted = 0; | |
62e76326 | 1130 | |
d860a1aa | 1131 | if (strchr(str, ' ')) { |
62e76326 | 1132 | quoted = 1; |
2fe7eff9 | 1133 | mb->append("\"", 1); |
d860a1aa | 1134 | } |
62e76326 | 1135 | |
d860a1aa | 1136 | while (*str) { |
dc1af3cf | 1137 | int l = strcspn(str, "\"\\\n\r"); |
2fe7eff9 | 1138 | mb->append(str, l); |
62e76326 | 1139 | str += l; |
1140 | ||
26ac0430 | 1141 | switch (*str) { |
dc1af3cf | 1142 | |
1143 | case '\n': | |
2fe7eff9 | 1144 | mb->append("\\n", 2); |
5db6bf73 | 1145 | ++str; |
dc1af3cf | 1146 | break; |
1147 | ||
1148 | case '\r': | |
2fe7eff9 | 1149 | mb->append("\\r", 2); |
5db6bf73 | 1150 | ++str; |
dc1af3cf | 1151 | break; |
1152 | ||
1153 | case '\0': | |
1154 | break; | |
1155 | ||
1156 | default: | |
2fe7eff9 | 1157 | mb->append("\\", 1); |
1158 | mb->append(str, 1); | |
5db6bf73 | 1159 | ++str; |
dc1af3cf | 1160 | break; |
62e76326 | 1161 | } |
d860a1aa | 1162 | } |
62e76326 | 1163 | |
d860a1aa | 1164 | if (quoted) |
2fe7eff9 | 1165 | mb->append("\"", 1); |
d860a1aa | 1166 | } |
fc68f6b1 | 1167 | |
1168 | void | |
1169 | keepCapabilities(void) | |
1170 | { | |
b7ac5457 | 1171 | #if USE_LIBCAP && HAVE_PRCTL && defined(PR_SET_KEEPCAPS) |
329ce686 | 1172 | |
1173 | if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) { | |
b7ac5457 | 1174 | Ip::Interceptor.StopTransparency("capability setting has failed."); |
fc68f6b1 | 1175 | } |
fc68f6b1 | 1176 | #endif |
1177 | } | |
329ce686 | 1178 | |
1179 | static void | |
ff2afd7f | 1180 | restoreCapabilities(bool keep) |
329ce686 | 1181 | { |
9e008dda | 1182 | /* NP: keep these two if-endif separate. Non-Linux work perfectly well without Linux syscap support. */ |
b64b6030 | 1183 | #if USE_LIBCAP |
c3487a77 HN |
1184 | cap_t caps; |
1185 | if (keep) | |
1186 | caps = cap_get_proc(); | |
1187 | else | |
1188 | caps = cap_init(); | |
1189 | if (!caps) { | |
b7ac5457 | 1190 | Ip::Interceptor.StopTransparency("Can't get current capabilities"); |
9e008dda | 1191 | } else { |
c3487a77 HN |
1192 | int ncaps = 0; |
1193 | int rc = 0; | |
1194 | cap_value_t cap_list[10]; | |
5db6bf73 FC |
1195 | cap_list[ncaps] = CAP_NET_BIND_SERVICE; |
1196 | ++ncaps; | |
4a751e2a | 1197 | if (Ip::Interceptor.TransparentActive() || |
9e27e206 SM |
1198 | Ip::Qos::TheConfig.isHitNfmarkActive() || |
1199 | Ip::Qos::TheConfig.isAclNfmarkActive() || | |
1200 | Ip::Qos::TheConfig.isAclTosActive()) { | |
5db6bf73 FC |
1201 | cap_list[ncaps] = CAP_NET_ADMIN; |
1202 | ++ncaps; | |
fc32ce2e | 1203 | } |
329ce686 | 1204 | |
c3487a77 HN |
1205 | cap_clear_flag(caps, CAP_EFFECTIVE); |
1206 | rc |= cap_set_flag(caps, CAP_EFFECTIVE, ncaps, cap_list, CAP_SET); | |
1207 | rc |= cap_set_flag(caps, CAP_PERMITTED, ncaps, cap_list, CAP_SET); | |
329ce686 | 1208 | |
c3487a77 | 1209 | if (rc || cap_set_proc(caps) != 0) { |
b7ac5457 | 1210 | Ip::Interceptor.StopTransparency("Error enabling needed capabilities."); |
b5bd96ce | 1211 | } |
c3487a77 | 1212 | cap_free(caps); |
329ce686 | 1213 | } |
8a09e810 | 1214 | #elif _SQUID_LINUX_ |
b7ac5457 | 1215 | Ip::Interceptor.StopTransparency("Missing needed capability support."); |
b5bd96ce | 1216 | #endif /* HAVE_SYS_CAPABILITY_H */ |
329ce686 | 1217 | } |
f53969cc | 1218 | |
dbf55289 CT |
1219 | pid_t |
1220 | WaitForOnePid(pid_t pid, PidStatus &status, int flags) | |
1221 | { | |
1222 | #if _SQUID_NEXT_ | |
1223 | if (pid < 0) | |
1224 | return wait3(&status, flags, NULL); | |
1225 | return wait4(cpid, &status, flags, NULL); | |
c92fcbad AJ |
1226 | #elif _SQUID_WINDOWS_ |
1227 | return 0; // function not used on Windows | |
dbf55289 CT |
1228 | #else |
1229 | return waitpid(pid, &status, flags); | |
1230 | #endif | |
1231 | } | |
5c634111 | 1232 |