]> git.ipfire.org Git - thirdparty/squid.git/blob - src/main.cc
projects / thirdparty / squid.git / blob
? search:


9b4a46f816827eb1bbfda888109c4b4a6685c331
[thirdparty/squid.git] / src / main.cc
1 /*
2 * Copyright (C) 1996-2025 The Squid Software Foundation and contributors
3 *
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
7 */
8
9 /* DEBUG: section 01 Startup and Main Loop */
10
11 #include "squid.h"
12 #include "AccessLogEntry.h"
13 //#include "acl/Acl.h"
14 #include "acl/Asn.h"
15 #include "acl/forward.h"
16 #include "anyp/UriScheme.h"
17 #include "auth/Config.h"
18 #include "auth/Gadgets.h"
19 #include "AuthReg.h"
20 #include "base/RunnersRegistry.h"
21 #include "base/Subscription.h"
22 #include "base/TextException.h"
23 #include "cache_cf.h"
24 #include "CachePeer.h"
25 #include "client_db.h"
26 #include "client_side.h"
27 #include "comm.h"
28 #include "CommandLine.h"
29 #include "ConfigParser.h"
30 #include "CpuAffinity.h"
31 #include "debug/Messages.h"
32 #include "DiskIO/DiskIOModule.h"
33 #include "dns/forward.h"
34 #include "errorpage.h"
35 #include "event.h"
36 #include "EventLoop.h"
37 #include "ExternalACL.h"
38 #include "fd.h"
39 #include "format/Token.h"
40 #include "fqdncache.h"
41 #include "fs/Module.h"
42 #include "fs_io.h"
43 #include "FwdState.h"
44 #include "globals.h"
45 #include "htcp.h"
46 #include "http/Stream.h"
47 #include "HttpHeader.h"
48 #include "HttpReply.h"
49 #include "icmp/IcmpSquid.h"
50 #include "icmp/net_db.h"
51 #include "ICP.h"
52 #include "Instance.h"
53 #include "ip/tools.h"
54 #include "ipc/Coordinator.h"
55 #include "ipc/Kids.h"
56 #include "ipc/Strand.h"
57 #include "ipcache.h"
58 #include "mime.h"
59 #include "neighbors.h"
60 #include "parser/Tokenizer.h"
61 #include "Parsing.h"
62 #include "pconn.h"
63 #include "PeerSelectState.h"
64 #include "protos.h"
65 #include "redirect.h"
66 #include "refresh.h"
67 #include "sbuf/Stream.h"
68 #include "SBufStatsAction.h"
69 #include "SquidConfig.h"
70 #include "stat.h"
71 #include "StatCounters.h"
72 #include "Store.h"
73 #include "store/Disks.h"
74 #include "store_log.h"
75 #include "StoreFileSystem.h"
76 #include "time/Engine.h"
77 #include "tools.h"
78 #include "unlinkd.h"
79 #include "windows_service.h"
80
81 #if USE_ADAPTATION
82 #include "adaptation/Config.h"
83 #endif
84 #if USE_ECAP
85 #include "adaptation/ecap/Config.h"
86 #endif
87 #if ICAP_CLIENT
88 #include "adaptation/icap/Config.h"
89 #include "adaptation/icap/icap_log.h"
90 #endif
91 #if USE_DELAY_POOLS
92 #include "ClientDelayConfig.h"
93 #endif
94 #if USE_DELAY_POOLS
95 #include "DelayPools.h"
96 #endif
97 #if USE_LOADABLE_MODULES
98 #include "LoadableModules.h"
99 #endif
100 #if USE_OPENSSL
101 #include "ssl/context_storage.h"
102 #include "ssl/helper.h"
103 #endif
104 #if ICAP_CLIENT
105 #include "adaptation/icap/Config.h"
106 #endif
107 #if USE_ECAP
108 #include "adaptation/ecap/Config.h"
109 #endif
110 #if USE_ADAPTATION
111 #include "adaptation/Config.h"
112 #endif
113 #if SQUID_SNMP
114 #include "snmp_core.h"
115 #endif
116
117 #include <cerrno>
118 #if HAVE_GETOPT_H
119 #include <getopt.h>
120 #endif
121 #if HAVE_PATHS_H
122 #include <paths.h>
123 #endif
124 #if HAVE_SYS_WAIT_H
125 #include <sys/wait.h>
126 #endif
127
128 #if USE_WIN32_SERVICE
129 #include <process.h>
130
131 static int opt_install_service = FALSE;
132 static int opt_remove_service = FALSE;
133 static int opt_command_line = FALSE;
134 void WIN32_svcstatusupdate(DWORD, DWORD);
135 void WINAPI WIN32_svcHandler(DWORD);
136 #endif
137
138 static int opt_signal_service = FALSE;
139 static char *opt_syslog_facility = nullptr;
140 static int icpPortNumOverride = 1; /* Want to detect "-u 0" */
141 static int configured_once = 0;
142 #if MALLOC_DBG
143 static int malloc_debug_level = 0;
144 #endif
145 static volatile int do_reconfigure = 0;
146 static volatile int do_rotate = 0;
147 static volatile int do_shutdown = 0;
148 static volatile int do_revive_kids = 0;
149 static volatile int shutdown_status = EXIT_SUCCESS;
150 static volatile int do_handle_stopped_child = 0;
151
152 static int RotateSignal = -1;
153 static int ReconfigureSignal = -1;
154 static int ShutdownSignal = -1;
155 static int ReviveKidsSignal = -1;
156
157 static void mainRotate(void);
158 static void mainReconfigureStart(void);
159 static void mainReconfigureFinish(void*);
160 static void mainInitialize(void);
161 static void usage(void);
162 static void mainHandleCommandLineOption(const int optId, const char *optValue);
163 static void sendSignal(void);
164 static void serverConnectionsOpen(void);
165 static void serverConnectionsClose(void);
166 static void watch_child(const CommandLine &);
167 static void setEffectiveUser(void);
168 static void SquidShutdown(void);
169 static void mainSetCwd(void);
170
171 #if !_SQUID_WINDOWS_
172 static const char *squid_start_script = "squid_start";
173 #endif
174
175 #if TEST_ACCESS
176 #include "test_access.c"
177 #endif
178
179 /** temporary thunk across to the unrefactored store interface */
180
181 class StoreRootEngine : public AsyncEngine
182 {
183
184 public:
185 int checkEvents(int) override {
186 Store::Root().callback();
187 return EVENT_IDLE;
188 };
189 };
190
191 class SignalEngine: public AsyncEngine
192 {
193
194 public:
195 int checkEvents(int timeout) override;
196
197 private:
198 static void StopEventLoop(void *) {
199 if (EventLoop::Running)
200 EventLoop::Running->stop();
201 }
202
203 static void FinalShutdownRunners(void *) {
204 RunRegisteredHere(RegisteredRunner::endingShutdown);
205
206 // XXX: this should be a Runner.
207 #if USE_AUTH
208 /* detach the auth components (only do this on full shutdown) */
209 Auth::Scheme::FreeAll();
210 #endif
211
212 eventAdd("SquidTerminate", &StopEventLoop, nullptr, 0, 1, false);
213 }
214
215 void doShutdown(time_t wait);
216 void handleStoppedChild();
217 };
218
219 int
220 SignalEngine::checkEvents(int)
221 {
222 if (do_reconfigure)
223 mainReconfigureStart();
224 else if (do_rotate)
225 mainRotate();
226 else if (do_shutdown)
227 doShutdown(do_shutdown > 0 ? (int) Config.shutdownLifetime : 0);
228 if (do_handle_stopped_child)
229 handleStoppedChild();
230 return EVENT_IDLE;
231 }
232
233 /// Decides whether the signal-controlled action X should be delayed, canceled,
234 /// or executed immediately. Clears do_X (via signalVar) as needed.
235 static bool
236 AvoidSignalAction(const char *description, volatile int &signalVar)
237 {
238 const char *avoiding = "delaying";
239 const char *currentEvent = "none";
240 if (shutting_down) {
241 currentEvent = "shutdown";
242 avoiding = "canceling";
243 // do not avoid repeated shutdown signals
244 // which just means the user wants to skip/abort shutdown timeouts
245 if (strcmp(currentEvent, description) == 0)
246 return false;
247 signalVar = 0;
248 }
249 else if (!configured_once)
250 currentEvent = "startup";
251 else if (reconfiguring)
252 currentEvent = "reconfiguration";
253 else {
254 signalVar = 0;
255 return false; // do not avoid (i.e., execute immediately)
256 // the caller may produce a signal-specific debugging message
257 }
258
259 debugs(1, DBG_IMPORTANT, avoiding << ' ' << description <<
260 " request during " << currentEvent);
261 return true;
262 }
263
264 void
265 SignalEngine::doShutdown(time_t wait)
266 {
267 if (AvoidSignalAction("shutdown", do_shutdown))
268 return;
269
270 debugs(1, Important(2), "Preparing for shutdown after " << statCounter.client_http.requests << " requests");
271 debugs(1, Important(3), "Waiting " << wait << " seconds for active connections to finish");
272
273 if (shutting_down) {
274 // Already a shutdown signal has received and shutdown is in progress.
275 // Shutdown as soon as possible.
276 wait = 0;
277 } else {
278 shutting_down = 1;
279
280 /* run the closure code which can be shared with reconfigure */
281 serverConnectionsClose();
282
283 RunRegisteredHere(RegisteredRunner::startShutdown);
284 }
285
286 #if USE_WIN32_SERVICE
287 WIN32_svcstatusupdate(SERVICE_STOP_PENDING, (wait + 1) * 1000);
288 #endif
289
290 eventAdd("SquidShutdown", &FinalShutdownRunners, this, (double) (wait + 1), 1, false);
291 }
292
293 void
294 SignalEngine::handleStoppedChild()
295 {
296 // no AvoidSignalAction() call: This code can run at any time because it
297 // does not depend on Squid state. It does not need debugging because it
298 // handles an "internal" signal, not an external/admin command.
299 do_handle_stopped_child = 0;
300 #if !_SQUID_WINDOWS_
301 PidStatus status;
302 pid_t pid;
303
304 do {
305 pid = WaitForAnyPid(status, WNOHANG);
306
307 #if HAVE_SIGACTION
308
309 } while (pid > 0);
310
311 #else
312
313 }
314 while (pid > 0 || (pid < 0 && errno == EINTR));
315 #endif
316 #endif
317 }
318
319 static void
320 usage(void)
321 {
322 fprintf(stderr,
323 "Usage: %s [-cdzCFNRVYX] [-n name] [-s | -l facility] [-f config-file] [-[au] port] [-k signal]"
324 #if USE_WIN32_SERVICE
325 "[-ir] [-O CommandLine]"
326 #endif
327 "\n"
328 " -h | --help Print help message.\n"
329 " -v | --version Print version details.\n"
330 "\n"
331 " -a port Specify HTTP port number (default: %d).\n"
332 " -d level Write debugging to stderr also.\n"
333 " -f file Use given config-file instead of\n"
334 " %s\n"
335 #if USE_WIN32_SERVICE
336 " -i Installs as a Windows Service (see -n option).\n"
337 #endif
338 " -k reconfigure|rotate|shutdown|"
339 #ifdef SIGTTIN
340 "restart|"
341 #endif
342 "interrupt|kill|debug|check|parse\n"
343 " Parse configuration file, then send signal to \n"
344 " running copy (except -k parse) and exit.\n"
345 " -n name Specify service name to use for service operations\n"
346 " default is: " APP_SHORTNAME ".\n"
347 #if USE_WIN32_SERVICE
348 " -r Removes a Windows Service (see -n option).\n"
349 #endif
350 " -s | -l facility\n"
351 " Enable logging to syslog.\n"
352 " -u port Specify ICP port number (default: %d), disable with 0.\n"
353 " -z Create missing swap directories and then exit.\n"
354 " -C Do not catch fatal signals.\n"
355 " -D OBSOLETE. Scheduled for removal.\n"
356 " -F Don't serve any requests until store is rebuilt.\n"
357 " -N Master process runs in foreground and is a worker. No kids.\n"
358 " --foreground\n"
359 " Master process runs in foreground and creates worker kids.\n"
360 " --kid role-ID\n"
361 " Play a given SMP kid process role, with a given ID. Do not use\n"
362 " this option. It is meant for the master process use only.\n"
363 #if USE_WIN32_SERVICE
364 " -O options\n"
365 " Set Windows Service Command line options in Registry.\n"
366 #endif
367 " -R Do not set REUSEADDR on port.\n"
368 " -S Double-check swap during rebuild.\n"
369 " -X Force full debugging.\n"
370 " Add -d9 to also write full debugging to stderr.\n"
371 " -Y Only return UDP_HIT or UDP_MISS_NOFETCH during fast reload.\n",
372 APP_SHORTNAME, CACHE_HTTP_PORT, DEFAULT_CONFIG_FILE, CACHE_ICP_PORT);
373 exit(EXIT_FAILURE);
374 }
375
376 /// CommandLine option IDs for --long options that lack a short (-x) equivalent
377 enum {
378 // The absolute values do not matter except that the following values should
379 // not be used: Values below 2 are for special getopt_long(3) use cases, and
380 // values in the [33,126] range are reserved for short options (-x).
381 optForeground = 2,
382 optKid
383 };
384
385 // short options
386 // TODO: consider prefixing with ':' for better logging
387 // (distinguish missing required argument cases)
388 static const char *shortOpStr =
389 #if USE_WIN32_SERVICE
390 "O:Vir"
391 #endif
392 "CDFNRSYXa:d:f:hk:m::n:sl:u:vz?";
393
394 // long options
395 static struct option squidOptions[] = {
396 {"foreground", no_argument, nullptr, optForeground},
397 {"kid", required_argument, nullptr, optKid},
398 {"help", no_argument, nullptr, 'h'},
399 {"version", no_argument, nullptr, 'v'},
400 {nullptr, 0, nullptr, 0}
401 };
402
403 // handle a command line parameter
404 static void
405 mainHandleCommandLineOption(const int optId, const char *optValue)
406 {
407 switch (optId) {
408
409 case 'C':
410 /** \par C
411 * Unset/disabel global option for catchign signals. opt_catch_signals */
412 opt_catch_signals = 0;
413 break;
414
415 case 'D':
416 /** \par D
417 * OBSOLETE: WAS: override to prevent optional startup DNS tests. */
418 debugs(1,DBG_CRITICAL, "WARNING: -D command-line option is obsolete.");
419 break;
420
421 case 'F':
422 /** \par F
423 * Set global option for foreground rebuild. opt_foreground_rebuild */
424 opt_foreground_rebuild = 1;
425 break;
426
427 case 'N':
428 /** \par N
429 * Set global option for 'no_daemon' mode. opt_no_daemon */
430 opt_no_daemon = 1;
431 break;
432
433 #if USE_WIN32_SERVICE
434
435 case 'O':
436 /** \par O
437 * Set global option. opt_command_lin and WIN32_Command_Line */
438 opt_command_line = 1;
439 WIN32_Command_Line = xstrdup(optValue);
440 break;
441 #endif
442
443 case 'R':
444 /** \par R
445 * Unset/disable global option opt_reuseaddr */
446 opt_reuseaddr = 0;
447 break;
448
449 case 'S':
450 /** \par S
451 * Set global option opt_store_doublecheck */
452 opt_store_doublecheck = 1;
453 break;
454
455 case 'X':
456 /** \par X
457 * Force full debugging */
458 Debug::parseOptions("rotate=0 ALL,9");
459 Debug::override_X = 1;
460 sigusr2_handle(SIGUSR2);
461 break;
462
463 case 'Y':
464 /** \par Y
465 * Set global option opt_reload_hit_only */
466 opt_reload_hit_only = 1;
467 break;
468
469 #if USE_WIN32_SERVICE
470
471 case 'i':
472 /** \par i
473 * Set global option opt_install_service (to TRUE) */
474 opt_install_service = TRUE;
475 break;
476 #endif
477
478 case 'a':
479 {
480 /** \par a
481 * Add optional HTTP port as given following the option */
482 char *port = xstrdup(optValue);
483 // use a copy to avoid optValue modification
484 add_http_port(port);
485 xfree(port);
486 break;
487 }
488
489 case 'd':
490 /** \par d
491 * debugs() messages with the given debugging level (and the more
492 * important ones) should be written to stderr */
493 Debug::ResetStderrLevel(xatoi(optValue));
494 break;
495
496 case 'f':
497 /** \par f
498 * Load the file given instead of the default squid.conf. */
499 xfree(ConfigFile);
500 ConfigFile = xstrdup(optValue);
501 break;
502
503 case 'k':
504 /** \par k
505 * Run the administrative action given following the option */
506
507 /** \li When it is missing or an unknown option display the usage help. */
508 if (!optValue || strlen(optValue) < 1)
509 usage();
510
511 else if (!strncmp(optValue, "reconfigure", strlen(optValue)))
512 /** \li On reconfigure send SIGHUP. */
513 opt_send_signal = SIGHUP;
514 else if (!strncmp(optValue, "rotate", strlen(optValue)))
515 /** \li On rotate send SIGQUIT or SIGUSR1. */
516 #if defined(_SQUID_LINUX_THREADS_)
517 opt_send_signal = SIGQUIT;
518 #else
519 opt_send_signal = SIGUSR1;
520 #endif
521
522 else if (!strncmp(optValue, "debug", strlen(optValue)))
523 /** \li On debug send SIGTRAP or SIGUSR2. */
524 #if defined(_SQUID_LINUX_THREADS_)
525 opt_send_signal = SIGTRAP;
526 #else
527 opt_send_signal = SIGUSR2;
528 #endif
529
530 else if (!strncmp(optValue, "shutdown", strlen(optValue)))
531 /** \li On shutdown send SIGTERM. */
532 opt_send_signal = SIGTERM;
533 else if (!strncmp(optValue, "interrupt", strlen(optValue)))
534 /** \li On interrupt send SIGINT. */
535 opt_send_signal = SIGINT;
536 else if (!strncmp(optValue, "kill", strlen(optValue)))
537 // XXX: In SMP mode, uncatchable SIGKILL only kills the master process
538 /** \li On kill send SIGKILL. */
539 opt_send_signal = SIGKILL;
540
541 #ifdef SIGTTIN
542
543 else if (!strncmp(optValue, "restart", strlen(optValue)))
544 /** \li On restart send SIGTTIN. (exit and restart by parent) */
545 opt_send_signal = SIGTTIN;
546
547 #endif
548
549 else if (!strncmp(optValue, "check", strlen(optValue)))
550 /** \li On check send 0 / SIGNULL. */
551 opt_send_signal = 0; /* SIGNULL */
552 else if (!strncmp(optValue, "parse", strlen(optValue)))
553 /** \li On parse set global flag to re-parse the config file only. */
554 opt_parse_cfg_only = 1;
555 else
556 usage();
557
558 // Cannot use cache.log: use stderr for important messages (by default)
559 // and stop expecting a Debug::UseCacheLog() call.
560 Debug::EnsureDefaultStderrLevel(DBG_IMPORTANT);
561 Debug::BanCacheLogUse();
562 break;
563
564 case 'm':
565 /** \par m
566 * Set global malloc_debug_level to the value given following the option.
567 * if none is given it toggles the xmalloc_trace option on/off */
568 if (optValue) {
569 #if MALLOC_DBG
570 malloc_debug_level = xatoi(optValue);
571 #else
572 fatal("Need to add -DMALLOC_DBG when compiling to use -mX option");
573 #endif
574
575 }
576 break;
577
578 case 'n':
579 /** \par n
580 * Set global option opt_signal_service (to true).
581 * Stores the additional parameter given in global service_name */
582 if (optValue && *optValue != '\0') {
583 const SBuf t(optValue);
584 ::Parser::Tokenizer tok(t);
585 const CharacterSet chr = CharacterSet::ALPHA+CharacterSet::DIGIT;
586 if (!tok.prefix(service_name, chr))
587 fatalf("Expected alphanumeric service name for the -n option but got: %s", optValue);
588 if (!tok.atEnd())
589 fatalf("Garbage after alphanumeric service name in the -n option value: %s", optValue);
590 if (service_name.length() > 32)
591 fatalf("Service name (-n option) must be limited to 32 characters but got %u", service_name.length());
592 opt_signal_service = true;
593 } else {
594 fatal("A service name is required for the -n option");
595 }
596 break;
597
598 #if USE_WIN32_SERVICE
599
600 case 'r':
601 /** \par r
602 * Set global option opt_remove_service (to TRUE) */
603 opt_remove_service = TRUE;
604
605 break;
606
607 #endif
608
609 case 'l':
610 /** \par l
611 * Stores the syslog facility name in global opt_syslog_facility
612 * then performs actions for -s option. */
613 xfree(opt_syslog_facility); // ignore any previous options sent
614 opt_syslog_facility = xstrdup(optValue);
615 Debug::ConfigureSyslog(opt_syslog_facility);
616 break;
617
618 case 's':
619 /** \par s
620 * Initialize the syslog for output */
621 Debug::ConfigureSyslog(opt_syslog_facility);
622 break;
623
624 case 'u':
625 /** \par u
626 * Store the ICP port number given in global option icpPortNumOverride
627 * ensuring its a positive number. */
628 icpPortNumOverride = atoi(optValue);
629
630 if (icpPortNumOverride < 0)
631 icpPortNumOverride = 0;
632
633 break;
634
635 case 'v':
636 /** \par v
637 * Display squid version and build information. Then exit. */
638 printf("Squid Cache: Version %s\n",version_string);
639 printf("Service Name: " SQUIDSBUFPH "\n", SQUIDSBUFPRINT(service_name));
640 if (strlen(SQUID_BUILD_INFO))
641 printf("%s\n",SQUID_BUILD_INFO);
642 #if USE_OPENSSL
643 printf("\nThis binary uses %s. ", OpenSSL_version(OPENSSL_VERSION));
644 #if OPENSSL_VERSION_MAJOR < 3
645 printf("For legal restrictions on distribution see https://www.openssl.org/source/license.html\n\n");
646 #endif
647 #endif
648 printf( "configure options: %s\n", SQUID_CONFIGURE_OPTIONS);
649
650 #if USE_WIN32_SERVICE
651
652 printf("Compiled as Windows System Service.\n");
653
654 #endif
655
656 exit(EXIT_SUCCESS);
657
658 /* NOTREACHED */
659
660 case 'z':
661 /** \par z
662 * Request cache_dir initialization */
663 opt_create_swap_dirs = 1;
664 // We will use cache.log, but this command is often executed on the
665 // command line, so use stderr to show important messages (by default).
666 // TODO: Generalize/fix this -z-specific and sometimes faulty logic with
667 // "use stderr when it is a tty [until we GoIntoBackground()]" logic.
668 Debug::EnsureDefaultStderrLevel(DBG_IMPORTANT);
669 break;
670
671 case optForeground:
672 /** \par --foreground
673 * Set global option opt_foreground */
674 opt_foreground = 1;
675 break;
676
677 case optKid:
678 // already processed in ConfigureCurrentKid()
679 break;
680
681 case 'h':
682
683 case '?':
684
685 default:
686 /** \par h,?, or unknown
687 * \copydoc usage() */
688 usage();
689
690 break;
691 }
692 }
693
694 /* ARGSUSED */
695 void
696 rotate_logs(int sig)
697 {
698 do_rotate = 1;
699 RotateSignal = sig;
700 #if !_SQUID_WINDOWS_
701 #if !HAVE_SIGACTION
702
703 signal(sig, rotate_logs);
704 #endif
705 #endif
706 }
707
708 /* ARGSUSED */
709 void
710 reconfigure(int sig)
711 {
712 do_reconfigure = 1;
713 ReconfigureSignal = sig;
714 #if !_SQUID_WINDOWS_
715 #if !HAVE_SIGACTION
716
717 signal(sig, reconfigure);
718 #endif
719 #endif
720 }
721
722 static void
723 master_revive_kids(int sig)
724 {
725 ReviveKidsSignal = sig;
726 do_revive_kids = true;
727
728 #if !_SQUID_WINDOWS_
729 #if !HAVE_SIGACTION
730 signal(sig, master_revive_kids);
731 #endif
732 #endif
733 }
734
735 /// Shutdown signal handler for master process
736 static void
737 master_shutdown(int sig)
738 {
739 do_shutdown = 1;
740 ShutdownSignal = sig;
741
742 #if !_SQUID_WINDOWS_
743 #if !HAVE_SIGACTION
744 signal(sig, master_shutdown);
745 #endif
746 #endif
747
748 }
749
750 void
751 shut_down(int sig)
752 {
753 do_shutdown = sig == SIGINT ? -1 : 1;
754 ShutdownSignal = sig;
755 #if defined(SIGTTIN)
756 if (SIGTTIN == sig)
757 shutdown_status = EXIT_FAILURE;
758 #endif
759
760 #if !defined(_SQUID_WINDOWS_) && !defined(HAVE_SIGACTION)
761 signal(sig, shut_down);
762 #endif
763 }
764
765 void
766 sig_child(int sig)
767 {
768 do_handle_stopped_child = 1;
769
770 #if !defined(_SQUID_WINDOWS_) && !defined(HAVE_SIGACTION)
771 signal(sig, sig_child);
772 #else
773 (void)sig;
774 #endif
775 }
776
777 static void
778 serverConnectionsOpen(void)
779 {
780 // start various proxying services if we are responsible for them
781 if (IamWorkerProcess()) {
782 clientOpenListenSockets();
783 icpOpenPorts();
784 #if USE_HTCP
785 htcpOpenPorts();
786 #endif
787 #if SQUID_SNMP
788 snmpOpenPorts();
789 #endif
790
791 icmpEngine.Open();
792 netdbInit();
793 asnInit();
794 Acl::Node::Initialize();
795 peerSelectInit();
796 }
797 }
798
799 static void
800 serverConnectionsClose(void)
801 {
802 assert(shutting_down || reconfiguring);
803
804 if (IamWorkerProcess()) {
805 clientConnectionsClose();
806 icpConnectionShutdown();
807 #if USE_HTCP
808 htcpSocketShutdown();
809 #endif
810
811 icmpEngine.Close();
812 #if SQUID_SNMP
813 snmpClosePorts();
814 #endif
815
816 asnFreeMemory();
817 }
818 }
819
820 static void
821 mainReconfigureStart(void)
822 {
823 if (AvoidSignalAction("reconfiguration", do_reconfigure))
824 return;
825
826 debugs(1, DBG_IMPORTANT, "Reconfiguring Squid Cache (version " << version_string << ")...");
827 reconfiguring = 1;
828
829 RunRegisteredHere(RegisteredRunner::startReconfigure);
830
831 // Initiate asynchronous closing sequence
832 serverConnectionsClose();
833 icpClosePorts();
834 #if USE_HTCP
835 htcpClosePorts();
836 #endif
837 #if USE_OPENSSL
838 Ssl::TheGlobalContextStorage().reconfigureStart();
839 #endif
840 #if USE_AUTH
841 authenticateReset();
842 #endif
843 externalAclShutdown();
844 storeDirCloseSwapLogs();
845 storeLogClose();
846 accessLogClose();
847 #if ICAP_CLIENT
848 icapLogClose();
849 #endif
850 Security::CloseLogs();
851
852 eventAdd("mainReconfigureFinish", &mainReconfigureFinish, nullptr, 0, 1,
853 false);
854 }
855
856 /// error message to log when Configuration::Parse() fails
857 static SBuf
858 ConfigurationFailureMessage()
859 {
860 SBufStream out;
861 out << (reconfiguring ? "re" : "");
862 out << "configuration failure: " << CurrentException;
863 if (!opt_parse_cfg_only)
864 out << Debug::Extra << "advice: Run 'squid -k parse' and check for ERRORs.";
865 return out.buf();
866 }
867
868 static void
869 mainReconfigureFinish(void *)
870 {
871 debugs(1, 3, "finishing reconfiguring");
872
873 errorClean();
874 enter_suid(); /* root to read config file */
875
876 // we may have disabled the need for PURGE
877 if (Config2.onoff.enable_purge)
878 Config2.onoff.enable_purge = 2;
879
880 const int oldWorkers = Config.workers;
881
882 try {
883 Configuration::Parse();
884 } catch (...) {
885 // for now any errors are a fatal condition...
886 fatal(ConfigurationFailureMessage().c_str());
887 }
888
889 if (oldWorkers != Config.workers) {
890 debugs(1, DBG_CRITICAL, "WARNING: Changing 'workers' (from " <<
891 oldWorkers << " to " << Config.workers <<
892 ") requires a full restart. It has been ignored by reconfigure.");
893 Config.workers = oldWorkers;
894 }
895
896 RunRegisteredHere(RegisteredRunner::syncConfig);
897
898 if (IamPrimaryProcess())
899 CpuAffinityCheck();
900 CpuAffinityReconfigure();
901
902 setUmask(Config.umask);
903 setEffectiveUser();
904 Debug::UseCacheLog();
905 ipcache_restart(); /* clear stuck entries */
906 fqdncache_restart(); /* sigh, fqdncache too */
907 parseEtcHosts();
908 errorInitialize(); /* reload error pages */
909 accessLogInit();
910
911 #if USE_LOADABLE_MODULES
912 LoadableModulesConfigure(Config.loadable_module_names);
913 #endif
914
915 #if USE_ADAPTATION
916 bool enableAdaptation = false;
917 #if ICAP_CLIENT
918 Adaptation::Icap::TheConfig.finalize();
919 enableAdaptation = Adaptation::Icap::TheConfig.onoff || enableAdaptation;
920 #endif
921 #if USE_ECAP
922 Adaptation::Ecap::TheConfig.finalize(); // must be after we load modules
923 enableAdaptation = Adaptation::Ecap::TheConfig.onoff || enableAdaptation;
924 #endif
925 Adaptation::Config::Finalize(enableAdaptation);
926 #endif
927
928 Security::OpenLogs();
929 #if ICAP_CLIENT
930 icapLogOpen();
931 #endif
932 storeLogOpen();
933 Dns::Init();
934 #if USE_SSL_CRTD
935 Ssl::Helper::Reconfigure();
936 #endif
937 #if USE_OPENSSL
938 Ssl::CertValidationHelper::Reconfigure();
939 #endif
940
941 redirectReconfigure();
942 #if USE_AUTH
943 authenticateInit(&Auth::TheConfig.schemes);
944 #endif
945 externalAclInit();
946
947 serverConnectionsOpen();
948
949 neighbors_init();
950
951 storeDirOpenSwapLogs();
952
953 mimeInit(Config.mimeTablePathname);
954
955 if (unlinkdNeeded())
956 unlinkdInit();
957
958 #if USE_DELAY_POOLS
959 Config.ClientDelay.finalize();
960 #endif
961
962 reconfiguring = 0;
963 }
964
965 static void
966 mainRotate(void)
967 {
968 if (AvoidSignalAction("log rotation", do_rotate))
969 return;
970
971 icmpEngine.Close();
972 redirectShutdown();
973 #if USE_AUTH
974 authenticateRotate();
975 #endif
976 externalAclShutdown();
977
978 _db_rotate_log(); /* cache.log */
979 storeDirWriteCleanLogs(1);
980 storeLogRotate(); /* store.log */
981 accessLogRotate(); /* access.log */
982 Security::RotateLogs();
983 #if ICAP_CLIENT
984 icapLogRotate(); /*icap.log*/
985 #endif
986 icmpEngine.Open();
987 redirectInit();
988 #if USE_AUTH
989 authenticateInit(&Auth::TheConfig.schemes);
990 #endif
991 externalAclInit();
992 }
993
994 static void
995 setEffectiveUser(void)
996 {
997 keepCapabilities();
998 leave_suid(); /* Run as non privilegied user */
999 #if _SQUID_OS2_
1000
1001 return;
1002 #endif
1003
1004 if (geteuid() == 0) {
1005 debugs(0, DBG_CRITICAL, "Squid is not safe to run as root! If you must");
1006 debugs(0, DBG_CRITICAL, "start Squid as root, then you must configure");
1007 debugs(0, DBG_CRITICAL, "it to run as a non-priveledged user with the");
1008 debugs(0, DBG_CRITICAL, "'cache_effective_user' option in the config file.");
1009 fatal("Don't run Squid as root, set 'cache_effective_user'!");
1010 }
1011 }
1012
1013 /// changes working directory, providing error reporting
1014 static bool
1015 mainChangeDir(const char *dir)
1016 {
1017 if (chdir(dir) == 0)
1018 return true;
1019
1020 int xerrno = errno;
1021 debugs(50, DBG_CRITICAL, "ERROR: cannot change current directory to " << dir <<
1022 ": " << xstrerr(xerrno));
1023 return false;
1024 }
1025
1026 /// Hack: Have we called chroot()? This exposure is needed because some code has
1027 /// to open the same files before and after chroot()
1028 bool Chrooted = false;
1029
1030 /// set the working directory.
1031 static void
1032 mainSetCwd(void)
1033 {
1034 if (Config.chroot_dir && !Chrooted) {
1035 Chrooted = true;
1036
1037 if (chroot(Config.chroot_dir) != 0) {
1038 int xerrno = errno;
1039 fatalf("chroot to %s failed: %s", Config.chroot_dir, xstrerr(xerrno));
1040 }
1041
1042 if (!mainChangeDir("/"))
1043 fatalf("chdir to / after chroot to %s failed", Config.chroot_dir);
1044 }
1045
1046 if (Config.coredump_dir && strcmp("none", Config.coredump_dir) != 0) {
1047 if (mainChangeDir(Config.coredump_dir)) {
1048 debugs(0, Important(4), "Set Current Directory to " << Config.coredump_dir);
1049 return;
1050 }
1051 }
1052
1053 /* If we don't have coredump_dir or couldn't cd there, report current dir */
1054 char pathbuf[MAXPATHLEN];
1055 if (getcwd(pathbuf, MAXPATHLEN)) {
1056 debugs(0, DBG_IMPORTANT, "Current Directory is " << pathbuf);
1057 } else {
1058 int xerrno = errno;
1059 debugs(50, DBG_CRITICAL, "WARNING: Can't find current directory, getcwd: " << xstrerr(xerrno));
1060 }
1061 }
1062
1063 static void
1064 mainInitialize(void)
1065 {
1066 if (opt_catch_signals) {
1067 squid_signal(SIGSEGV, death, SA_NODEFER | SA_RESETHAND);
1068 squid_signal(SIGBUS, death, SA_NODEFER | SA_RESETHAND);
1069 }
1070
1071 squid_signal(SIGPIPE, SIG_IGN, SA_RESTART);
1072 squid_signal(SIGCHLD, sig_child, SA_NODEFER | SA_RESTART);
1073 squid_signal(SIGHUP, reconfigure, SA_RESTART);
1074
1075 setEffectiveUser();
1076
1077 if (icpPortNumOverride != 1)
1078 Config.Port.icp = (unsigned short) icpPortNumOverride;
1079
1080 debugs(1, DBG_CRITICAL, "Starting Squid Cache version " << version_string << " for " << CONFIG_HOST_TYPE << "...");
1081 debugs(1, Critical(5), "Service Name: " << service_name);
1082
1083 #if _SQUID_WINDOWS_
1084 if (WIN32_run_mode == _WIN_SQUID_RUN_MODE_SERVICE) {
1085 debugs(1, DBG_CRITICAL, "Service command line is: " << WIN32_Service_Command_Line);
1086 } else
1087 debugs(1, DBG_CRITICAL, "Running on " << WIN32_OS_string);
1088 #endif
1089
1090 debugs(1, Important(6), "Process ID " << getpid());
1091
1092 debugs(1, Important(7), "Process Roles:" << ProcessRoles());
1093
1094 setSystemLimits();
1095 debugs(1, Important(8), "With " << Squid_MaxFD << " file descriptors available");
1096
1097 #if _SQUID_WINDOWS_
1098
1099 debugs(1, DBG_IMPORTANT, "With " << _getmaxstdio() << " CRT stdio descriptors available");
1100
1101 if (WIN32_Socks_initialized)
1102 debugs(1, DBG_IMPORTANT, "Windows sockets initialized");
1103
1104 if (WIN32_OS_version > _WIN_OS_WINNT) {
1105 WIN32_IpAddrChangeMonitorInit();
1106 }
1107
1108 #endif
1109
1110 ipcache_init();
1111
1112 fqdncache_init();
1113
1114 parseEtcHosts();
1115
1116 Dns::Init();
1117
1118 #if USE_SSL_CRTD
1119 Ssl::Helper::Init();
1120 #endif
1121
1122 #if USE_OPENSSL
1123 Ssl::CertValidationHelper::Init();
1124 #endif
1125
1126 redirectInit();
1127 #if USE_AUTH
1128 authenticateInit(&Auth::TheConfig.schemes);
1129 #endif
1130 externalAclInit();
1131
1132 httpHeaderInitModule(); /* must go before any header processing (e.g. the one in errorInitialize) */
1133
1134 errorInitialize();
1135
1136 accessLogInit();
1137
1138 Security::OpenLogs();
1139
1140 #if ICAP_CLIENT
1141 icapLogOpen();
1142 #endif
1143
1144 #if SQUID_SNMP
1145
1146 snmpInit();
1147
1148 #endif
1149 #if MALLOC_DBG
1150
1151 malloc_debug(0, malloc_debug_level);
1152
1153 #endif
1154
1155 if (unlinkdNeeded())
1156 unlinkdInit();
1157
1158 urlInitialize();
1159 statInit();
1160 storeInit();
1161 mainSetCwd();
1162 mimeInit(Config.mimeTablePathname);
1163 refreshInit();
1164 #if USE_DELAY_POOLS
1165 DelayPools::Init();
1166 #endif
1167
1168 FwdState::initModule();
1169 SBufStatsAction::RegisterWithCacheManager();
1170
1171 AsyncJob::RegisterWithCacheManager();
1172
1173 /* These use separate calls so that the comm loops can eventually
1174 * coexist.
1175 */
1176
1177 eventInit();
1178
1179 // TODO: pconn is a good candidate for new-style registration
1180 // PconnModule::GetInstance()->registerWithCacheManager();
1181 // moved to PconnModule::PconnModule()
1182
1183 serverConnectionsOpen();
1184
1185 neighbors_init();
1186
1187 // neighborsRegisterWithCacheManager(); //moved to neighbors_init()
1188
1189 if (Config.chroot_dir)
1190 no_suid();
1191
1192 #if defined(_SQUID_LINUX_THREADS_)
1193
1194 squid_signal(SIGQUIT, rotate_logs, SA_RESTART);
1195
1196 squid_signal(SIGTRAP, sigusr2_handle, SA_RESTART);
1197
1198 #else
1199
1200 squid_signal(SIGUSR1, rotate_logs, SA_RESTART);
1201
1202 squid_signal(SIGUSR2, sigusr2_handle, SA_RESTART);
1203
1204 #endif
1205
1206 squid_signal(SIGTERM, shut_down, SA_RESTART);
1207
1208 squid_signal(SIGINT, shut_down, SA_RESTART);
1209
1210 #ifdef SIGTTIN
1211
1212 squid_signal(SIGTTIN, shut_down, SA_RESTART);
1213
1214 #endif
1215
1216 #if USE_LOADABLE_MODULES
1217 LoadableModulesConfigure(Config.loadable_module_names);
1218 #endif
1219
1220 #if USE_ADAPTATION
1221 bool enableAdaptation = false;
1222
1223 // We can remove this dependency on specific adaptation mechanisms
1224 // if we create a generic Registry of such mechanisms. Should we?
1225 #if ICAP_CLIENT
1226 Adaptation::Icap::TheConfig.finalize();
1227 enableAdaptation = Adaptation::Icap::TheConfig.onoff || enableAdaptation;
1228 #endif
1229 #if USE_ECAP
1230 Adaptation::Ecap::TheConfig.finalize(); // must be after we load modules
1231 enableAdaptation = Adaptation::Ecap::TheConfig.onoff || enableAdaptation;
1232 #endif
1233 // must be the last adaptation-related finalize
1234 Adaptation::Config::Finalize(enableAdaptation);
1235 #endif
1236
1237 #if USE_DELAY_POOLS
1238 Config.ClientDelay.finalize();
1239 #endif
1240
1241 eventAdd("storeMaintain", Store::Maintain, nullptr, 1.0, 1);
1242
1243 eventAdd("ipcache_purgelru", ipcache_purgelru, nullptr, 10.0, 1);
1244
1245 eventAdd("fqdncache_purgelru", fqdncache_purgelru, nullptr, 15.0, 1);
1246
1247 eventAdd("memPoolCleanIdlePools", Mem::CleanIdlePools, nullptr, 15.0, 1);
1248
1249 configured_once = 1;
1250 }
1251
1252 static void
1253 OnTerminate()
1254 {
1255 // ignore recursive calls to avoid termination loops
1256 static bool terminating = false;
1257 if (terminating)
1258 return;
1259 terminating = true;
1260
1261 debugs(1, DBG_CRITICAL, "FATAL: Dying after an undetermined failure" << CurrentExceptionExtra);
1262
1263 Debug::PrepareToDie();
1264 abort();
1265 }
1266
1267 /// unsafe main routine -- may throw
1268 int SquidMain(int argc, char **argv);
1269 /// unsafe main routine wrapper to catch exceptions
1270 static int SquidMainSafe(int argc, char **argv);
1271
1272 #if USE_WIN32_SERVICE
1273 /* Entry point for Windows services */
1274 extern "C" void WINAPI
1275 SquidWinSvcMain(int argc, char **argv)
1276 {
1277 SquidMainSafe(argc, argv);
1278 }
1279 #endif
1280
1281 int
1282 main(int argc, char **argv)
1283 {
1284 #if USE_WIN32_SERVICE
1285 SetErrorMode(SEM_NOGPFAULTERRORBOX);
1286 if ((argc == 2) && strstr(argv[1], _WIN_SQUID_SERVICE_OPTION))
1287 return WIN32_StartService(argc, argv);
1288 else {
1289 WIN32_run_mode = _WIN_SQUID_RUN_MODE_INTERACTIVE;
1290 opt_no_daemon = 1;
1291 }
1292 #endif
1293
1294 return SquidMainSafe(argc, argv);
1295 }
1296
1297 static int
1298 SquidMainSafe(int argc, char **argv)
1299 {
1300 (void)std::set_terminate(&OnTerminate);
1301 // XXX: This top-level catch works great for startup, but, during runtime,
1302 // it erases valuable stack info. TODO: Let stack-preserving OnTerminate()
1303 // handle FATAL runtime errors by splitting main code into protected
1304 // startup, unprotected runtime, and protected termination sections!
1305 try {
1306 return SquidMain(argc, argv);
1307 } catch (...) {
1308 debugs(1, DBG_CRITICAL, "FATAL: " << CurrentException);
1309 }
1310 return EXIT_FAILURE;
1311 }
1312
1313 /// computes name and ID for the current kid process
1314 static void
1315 ConfigureCurrentKid(const CommandLine &cmdLine)
1316 {
1317 const char *kidParams = nullptr;
1318 if (cmdLine.hasOption(optKid, &kidParams)) {
1319 SBuf processName(kidParams);
1320 SBuf kidId;
1321 Parser::Tokenizer tok(processName);
1322 tok.suffix(kidId, CharacterSet::DIGIT);
1323 KidIdentifier = xatoi(kidId.c_str());
1324 tok.skipSuffix(SBuf("-"));
1325 TheKidName = tok.remaining();
1326 if (TheKidName.cmp("squid-coord") == 0)
1327 TheProcessKind = pkCoordinator;
1328 else if (TheKidName.cmp("squid") == 0)
1329 TheProcessKind = pkWorker;
1330 else if (TheKidName.cmp("squid-disk") == 0)
1331 TheProcessKind = pkDisker;
1332 else
1333 TheProcessKind = pkOther; // including coordinator
1334 } else {
1335 TheKidName.assign(APP_SHORTNAME);
1336 KidIdentifier = 0;
1337 }
1338 Debug::NameThisKid(KidIdentifier);
1339 }
1340
1341 /// Start directing debugs() messages to the configured cache.log.
1342 static void
1343 ConfigureDebugging()
1344 {
1345 if (opt_no_daemon) {
1346 fd_open(0, FD_LOG, "stdin");
1347 fd_open(1, FD_LOG, "stdout");
1348 fd_open(2, FD_LOG, "stderr");
1349 }
1350 // we should not create cache.log outside chroot environment, if any
1351 // XXX: With Config.chroot_dir set, SMP master process calls Debug::BanCacheLogUse().
1352 if (!Config.chroot_dir || Chrooted)
1353 Debug::UseCacheLog();
1354 else
1355 Debug::BanCacheLogUse();
1356 }
1357
1358 static void
1359 RunConfigUsers()
1360 {
1361 RunRegisteredHere(RegisteredRunner::claimMemoryNeeds);
1362 RunRegisteredHere(RegisteredRunner::useConfig);
1363 }
1364
1365 static void
1366 StartUsingConfig()
1367 {
1368 setMaxFD();
1369 fde::Init();
1370 const auto skipCwdAdjusting = IamMasterProcess() && InDaemonMode();
1371 if (skipCwdAdjusting) {
1372 ConfigureDebugging();
1373 RunConfigUsers();
1374 } else if (Config.chroot_dir) {
1375 RunConfigUsers();
1376 enter_suid();
1377 // TODO: don't we need to RunConfigUsers() in the configured
1378 // chroot environment?
1379 mainSetCwd();
1380 leave_suid();
1381 ConfigureDebugging();
1382 } else {
1383 ConfigureDebugging();
1384 RunConfigUsers();
1385 enter_suid();
1386 // TODO: since RunConfigUsers() may use a relative path, we
1387 // need to change the process root first
1388 mainSetCwd();
1389 leave_suid();
1390 }
1391 }
1392
1393 /// register all known modules for handling future RegisteredRunner events
1394 static void
1395 RegisterModules()
1396 {
1397 // These registration calls do not represent a RegisteredRunner "event". The
1398 // modules registered here should be initialized later, during those events.
1399
1400 // RegisteredRunner event handlers should not depend on handler call order
1401 // and, hence, should not depend on the registration call order below.
1402
1403 CallRunnerRegistrator(CarpRr);
1404 CallRunnerRegistrator(ClientDbRr);
1405 CallRunnerRegistrator(CollapsedForwardingRr);
1406 CallRunnerRegistrator(MemStoreRr);
1407 CallRunnerRegistrator(PeerPoolMgrsRr);
1408 CallRunnerRegistrator(PeerSourceHashRr);
1409 CallRunnerRegistrator(SharedMemPagesRr);
1410 CallRunnerRegistrator(SharedSessionCacheRr);
1411 CallRunnerRegistrator(TransientsRr);
1412 CallRunnerRegistratorIn(Dns, ConfigRr);
1413
1414 #if HAVE_DISKIO_MODULE_IPCIO
1415 CallRunnerRegistrator(IpcIoRr);
1416 #endif
1417
1418 #if HAVE_AUTH_MODULE_NTLM
1419 CallRunnerRegistrator(NtlmAuthRr);
1420 #endif
1421
1422 #if USE_AUTH
1423 CallRunnerRegistrator(PeerUserHashRr);
1424 #endif
1425
1426 #if USE_OPENSSL
1427 CallRunnerRegistrator(sslBumpCfgRr);
1428 #endif
1429
1430 #if HAVE_FS_ROCK
1431 CallRunnerRegistratorIn(Rock, SwapDirRr);
1432 #endif
1433
1434 #if USE_WCCP
1435 CallRunnerRegistrator(WccpRr);
1436 #endif
1437 #if USE_WCCPv2
1438 CallRunnerRegistrator(Wccp2Rr);
1439 #endif
1440 }
1441
1442 int
1443 SquidMain(int argc, char **argv)
1444 {
1445 // We must register all modules before the first RunRegisteredHere() call.
1446 // We do it ASAP/here so that we do not need to move this code when we add
1447 // earlier hooks to the RegisteredRunner API.
1448 RegisterModules();
1449
1450 const CommandLine cmdLine(argc, argv, shortOpStr, squidOptions);
1451
1452 ConfigureCurrentKid(cmdLine);
1453
1454 #if defined(SQUID_MAXFD_LIMIT)
1455
1456 if (SQUID_MAXFD_LIMIT < Squid_MaxFD)
1457 Squid_MaxFD = SQUID_MAXFD_LIMIT;
1458
1459 #endif
1460
1461 /* NOP under non-windows */
1462 int WIN32_init_err=0;
1463 if ((WIN32_init_err = WIN32_Subsystem_Init(&argc, &argv)))
1464 return WIN32_init_err;
1465
1466 /* call mallopt() before anything else */
1467 #if HAVE_MALLOPT
1468 #ifdef M_GRAIN
1469 /* Round up all sizes to a multiple of this */
1470 mallopt(M_GRAIN, 16);
1471
1472 #endif
1473 #ifdef M_MXFAST
1474 /* biggest size that is considered a small block */
1475 mallopt(M_MXFAST, 256);
1476
1477 #endif
1478 #ifdef M_NBLKS
1479 /* allocate this many small blocks at once */
1480 mallopt(M_NLBLKS, 32);
1481
1482 #endif
1483 #endif /* HAVE_MALLOPT */
1484
1485 getCurrentTime();
1486
1487 squid_start = current_time;
1488
1489 failure_notify = fatal_dump;
1490
1491 #if USE_WIN32_SERVICE
1492
1493 WIN32_svcstatusupdate(SERVICE_START_PENDING, 10000);
1494
1495 #endif
1496 AnyP::UriScheme::Init(); // needs to be before arg parsing, bug 5337
1497
1498 cmdLine.forEachOption(mainHandleCommandLineOption);
1499
1500 Debug::SettleStderr();
1501 Debug::SettleSyslog();
1502
1503 if (opt_foreground && opt_no_daemon) {
1504 debugs(1, DBG_CRITICAL, "WARNING: --foreground command-line option has no effect with -N.");
1505 }
1506
1507 #if USE_WIN32_SERVICE
1508
1509 if (opt_install_service) {
1510 WIN32_InstallService();
1511 return 0;
1512 }
1513
1514 if (opt_remove_service) {
1515 WIN32_RemoveService();
1516 return 0;
1517 }
1518
1519 if (opt_command_line) {
1520 WIN32_SetServiceCommandLine();
1521 return 0;
1522 }
1523
1524 #endif
1525
1526 /* parse configuration file
1527 * note: in "normal" case this used to be called from mainInitialize() */
1528 {
1529 if (!ConfigFile)
1530 ConfigFile = xstrdup(DEFAULT_CONFIG_FILE);
1531
1532 assert(!configured_once);
1533
1534 Mem::Init();
1535
1536 storeFsInit(); /* required for config parsing */
1537
1538 Fs::Init();
1539
1540 /* May not be needed for parsing, have not audited for such */
1541 DiskIOModule::SetupAllModules();
1542
1543 /* we may want the parsing process to set this up in the future */
1544 Acl::Init();
1545 Auth::Init(); /* required for config parsing. NOP if !USE_AUTH */
1546 Ip::ProbeTransport(); // determine IPv4 or IPv6 capabilities before parsing.
1547
1548 Format::Token::Init(); // XXX: temporary. Use a runners registry of pre-parse runners instead.
1549
1550 RunRegisteredHere(RegisteredRunner::bootstrapConfig);
1551
1552 try {
1553 Configuration::Parse();
1554 } catch (...) {
1555 auto msg = ConfigurationFailureMessage();
1556 if (opt_parse_cfg_only) {
1557 debugs(3, DBG_CRITICAL, "FATAL: " << msg);
1558 return EXIT_FAILURE;
1559 } else {
1560 fatal(msg.c_str());
1561 return EXIT_FAILURE; // unreachable
1562 }
1563 }
1564
1565 if (opt_parse_cfg_only)
1566 return EXIT_SUCCESS;
1567 }
1568 setUmask(Config.umask);
1569
1570 // Master optimization: Where possible, avoid pointless daemon fork() and/or
1571 // pointless wait for the exclusive PID file lock. This optional/weak check
1572 // is not applicable to kids because they always co-exist with their master.
1573 if (opt_send_signal == -1 && IamMasterProcess())
1574 Instance::ThrowIfAlreadyRunning();
1575
1576 /* send signal to running copy and exit */
1577 if (opt_send_signal != -1) {
1578 /* chroot if configured to run inside chroot */
1579 mainSetCwd();
1580 if (Config.chroot_dir) {
1581 no_suid();
1582 } else {
1583 leave_suid();
1584 }
1585
1586 sendSignal();
1587 return 0;
1588 }
1589
1590 debugs(1,2, "Doing post-config initialization");
1591 leave_suid();
1592 RunRegisteredHere(RegisteredRunner::finalizeConfig);
1593
1594 if (IamMasterProcess()) {
1595 if (InDaemonMode()) {
1596 watch_child(cmdLine);
1597 // NOTREACHED
1598 } else {
1599 Instance::WriteOurPid();
1600 }
1601 }
1602
1603 StartUsingConfig();
1604 enter_suid();
1605
1606 if (opt_create_swap_dirs) {
1607 setEffectiveUser();
1608 debugs(0, DBG_CRITICAL, "Creating missing swap directories");
1609 Store::Root().create();
1610
1611 return 0;
1612 }
1613
1614 if (IamPrimaryProcess())
1615 CpuAffinityCheck();
1616 CpuAffinityInit();
1617
1618 /* init comm module */
1619 comm_init();
1620
1621 #if USE_WIN32_SERVICE
1622
1623 WIN32_svcstatusupdate(SERVICE_START_PENDING, 10000);
1624
1625 #endif
1626
1627 mainInitialize();
1628
1629 #if USE_WIN32_SERVICE
1630
1631 WIN32_svcstatusupdate(SERVICE_RUNNING, 0);
1632
1633 #endif
1634
1635 /* main loop */
1636 EventLoop mainLoop;
1637
1638 SignalEngine signalEngine;
1639
1640 mainLoop.registerEngine(&signalEngine);
1641
1642 /* TODO: stop requiring the singleton here */
1643 mainLoop.registerEngine(EventScheduler::GetInstance());
1644
1645 StoreRootEngine store_engine;
1646
1647 mainLoop.registerEngine(&store_engine);
1648
1649 CommSelectEngine comm_engine;
1650
1651 mainLoop.registerEngine(&comm_engine);
1652
1653 mainLoop.setPrimaryEngine(&comm_engine);
1654
1655 /* use the standard time service */
1656 Time::Engine time_engine;
1657
1658 mainLoop.setTimeService(&time_engine);
1659
1660 if (IamCoordinatorProcess())
1661 AsyncJob::Start(Ipc::Coordinator::Instance());
1662 else if (UsingSmp() && (IamWorkerProcess() || IamDiskProcess()))
1663 AsyncJob::Start(new Ipc::Strand);
1664
1665 /* at this point we are finished the synchronous startup. */
1666 starting_up = 0;
1667
1668 mainLoop.run();
1669
1670 if (mainLoop.errcount == 10)
1671 fatal_dump("Event loop exited with failure.");
1672
1673 /* shutdown squid now */
1674 SquidShutdown();
1675
1676 /* NOTREACHED */
1677 return 0;
1678 }
1679
1680 static void
1681 sendSignal(void)
1682 {
1683 #if USE_WIN32_SERVICE
1684 // WIN32_sendSignal() does not need the PID value to signal,
1685 // but we must exit if there is no valid PID (TODO: Why?).
1686 (void)Instance::Other();
1687 if (!opt_signal_service)
1688 throw TexcHere("missing -n command line switch");
1689 WIN32_sendSignal(opt_send_signal);
1690 #else
1691 const auto pid = Instance::Other();
1692 if (kill(pid, opt_send_signal) &&
1693 /* ignore permissions if just running check */
1694 !(opt_send_signal == 0 && errno == EPERM)) {
1695 const auto savedErrno = errno;
1696 throw TexcHere(ToSBuf("failed to send signal ", opt_send_signal,
1697 " to Squid instance with PID ", pid, ": ", xstrerr(savedErrno)));
1698 }
1699 #endif
1700 /* signal successfully sent */
1701 }
1702
1703 #if !_SQUID_WINDOWS_
1704 /*
1705 * This function is run when Squid is in daemon mode, just
1706 * before the parent forks and starts up the child process.
1707 * It can be used for admin-specific tasks, such as notifying
1708 * someone that Squid is (re)started.
1709 */
1710 static void
1711 mainStartScript(const char *prog)
1712 {
1713 char script[MAXPATHLEN];
1714 char *t;
1715 size_t sl = 0;
1716 pid_t cpid;
1717 pid_t rpid;
1718 xstrncpy(script, prog, MAXPATHLEN);
1719
1720 if ((t = strrchr(script, '/'))) {
1721 *(++t) = '\0';
1722 sl = strlen(script);
1723 }
1724
1725 xstrncpy(&script[sl], squid_start_script, MAXPATHLEN - sl);
1726
1727 if ((cpid = fork()) == 0) {
1728 /* child */
1729 execl(script, squid_start_script, (char *)nullptr);
1730 _exit(-1);
1731 } else {
1732 do {
1733 PidStatus status;
1734 rpid = WaitForOnePid(cpid, status, 0);
1735 } while (rpid != cpid);
1736 }
1737 }
1738
1739 /// Initiates shutdown sequence. Shutdown ends when the last running kids stops.
1740 static void
1741 masterShutdownStart()
1742 {
1743 if (AvoidSignalAction("shutdown", do_shutdown))
1744 return;
1745 debugs(1, 2, "received shutdown command");
1746 shutting_down = 1;
1747 }
1748
1749 /// Initiates reconfiguration sequence. See also: masterReconfigureFinish().
1750 static void
1751 masterReconfigureStart()
1752 {
1753 if (AvoidSignalAction("reconfiguration", do_reconfigure))
1754 return;
1755 debugs(1, 2, "received reconfiguration command");
1756 reconfiguring = 1;
1757 TheKids.forgetAllFailures();
1758 // TODO: hot-reconfiguration of the number of kids, kids revival delay,
1759 // PID file location, etc.
1760 }
1761
1762 /// Ends reconfiguration sequence started by masterReconfigureStart().
1763 static void
1764 masterReconfigureFinish()
1765 {
1766 reconfiguring = 0;
1767 }
1768
1769 /// Reacts to the kid revival alarm.
1770 static void
1771 masterReviveKids()
1772 {
1773 if (AvoidSignalAction("kids revival", do_revive_kids))
1774 return;
1775 debugs(1, 2, "woke up after ~" << Config.hopelessKidRevivalDelay << "s");
1776 // nothing to do here -- actual revival happens elsewhere in the main loop
1777 // the alarm was needed just to wake us up so that we do a loop iteration
1778 }
1779
1780 static void
1781 masterCheckAndBroadcastSignals()
1782 {
1783 if (do_shutdown)
1784 masterShutdownStart();
1785 if (do_reconfigure)
1786 masterReconfigureStart();
1787 if (do_revive_kids)
1788 masterReviveKids();
1789
1790 // emulate multi-step reconfiguration assumed by AvoidSignalAction()
1791 if (reconfiguring)
1792 masterReconfigureFinish();
1793
1794 BroadcastSignalIfAny(DebugSignal);
1795 BroadcastSignalIfAny(RotateSignal);
1796 BroadcastSignalIfAny(ReconfigureSignal);
1797 BroadcastSignalIfAny(ShutdownSignal);
1798 ReviveKidsSignal = -1; // alarms are not broadcasted
1799 }
1800
1801 /// Maintains the following invariant: An alarm should be scheduled when and
1802 /// only when there are hopeless kid(s) that cannot be immediately revived.
1803 static void
1804 masterMaintainKidRevivalSchedule()
1805 {
1806 const auto nextCheckDelay = TheKids.forgetOldFailures();
1807 assert(nextCheckDelay >= 0);
1808 (void)alarm(static_cast<unsigned int>(nextCheckDelay)); // resets or cancels
1809 if (nextCheckDelay)
1810 debugs(1, 2, "will recheck hopeless kids in " << nextCheckDelay << " seconds");
1811 }
1812
1813 static inline bool
1814 masterSignaled()
1815 {
1816 return (DebugSignal > 0 || RotateSignal > 0 || ReconfigureSignal > 0 ||
1817 ShutdownSignal > 0 || ReviveKidsSignal > 0);
1818 }
1819
1820 /// makes the caller a daemon process running in the background
1821 static void
1822 GoIntoBackground()
1823 {
1824 pid_t pid;
1825 if ((pid = fork()) < 0) {
1826 int xerrno = errno;
1827 throw TexcHere(ToSBuf("failed to fork(2) the master process: ", xstrerr(xerrno)));
1828 } else if (pid > 0) {
1829 // parent
1830 // The fork() effectively duped any saved debugs() messages. For
1831 // simplicity sake, let the child process deal with them.
1832 Debug::ForgetSaved();
1833 exit(EXIT_SUCCESS);
1834 }
1835 // child, running as a background daemon
1836 Must(setsid() > 0); // ought to succeed after fork()
1837 }
1838
1839 static void
1840 masterExit()
1841 {
1842 if (TheKids.someSignaled(SIGINT) || TheKids.someSignaled(SIGTERM)) {
1843 syslog(LOG_ALERT, "Exiting due to unexpected forced shutdown");
1844 exit(EXIT_FAILURE);
1845 }
1846
1847 if (TheKids.allHopeless()) {
1848 syslog(LOG_ALERT, "Exiting due to repeated, frequent failures");
1849 exit(EXIT_FAILURE);
1850 }
1851
1852 exit(EXIT_SUCCESS);
1853 }
1854
1855 #endif /* !_SQUID_WINDOWS_ */
1856
1857 static void
1858 watch_child(const CommandLine &masterCommand)
1859 {
1860 #if !_SQUID_WINDOWS_
1861 pid_t pid;
1862 #ifdef TIOCNOTTY
1863
1864 int i;
1865 #endif
1866
1867 int nullfd;
1868
1869 // TODO: zero values are not supported because they result in
1870 // misconfigured SMP Squid instances running forever, endlessly
1871 // restarting each dying kid.
1872 if (Config.hopelessKidRevivalDelay <= 0)
1873 throw TexcHere("hopeless_kid_revival_delay must be positive");
1874
1875 enter_suid();
1876
1877 openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
1878
1879 if (!opt_foreground)
1880 GoIntoBackground();
1881
1882 closelog();
1883
1884 #ifdef TIOCNOTTY
1885
1886 if ((i = open("/dev/tty", O_RDWR | O_TEXT)) >= 0) {
1887 ioctl(i, TIOCNOTTY, nullptr);
1888 close(i);
1889 }
1890
1891 #endif
1892
1893 /*
1894 * RBCOLLINS - if cygwin stackdumps when squid is run without
1895 * -N, check the cygwin1.dll version, it needs to be AT LEAST
1896 * 1.1.3. execvp had a bit overflow error in a loop..
1897 */
1898 /* Connect stdio to /dev/null in daemon mode */
1899 nullfd = open(_PATH_DEVNULL, O_RDWR | O_TEXT);
1900
1901 if (nullfd < 0) {
1902 int xerrno = errno;
1903 fatalf(_PATH_DEVNULL " %s\n", xstrerr(xerrno));
1904 }
1905
1906 dup2(nullfd, 0);
1907
1908 if (!Debug::StderrEnabled()) {
1909 dup2(nullfd, 1);
1910 dup2(nullfd, 2);
1911 }
1912
1913 leave_suid();
1914 Instance::WriteOurPid();
1915 StartUsingConfig();
1916 enter_suid();
1917
1918 #if defined(_SQUID_LINUX_THREADS_)
1919 squid_signal(SIGQUIT, rotate_logs, 0);
1920 squid_signal(SIGTRAP, sigusr2_handle, 0);
1921 #else
1922 squid_signal(SIGUSR1, rotate_logs, 0);
1923 squid_signal(SIGUSR2, sigusr2_handle, 0);
1924 #endif
1925
1926 squid_signal(SIGHUP, reconfigure, 0);
1927
1928 squid_signal(SIGTERM, master_shutdown, 0);
1929 squid_signal(SIGALRM, master_revive_kids, 0);
1930 squid_signal(SIGINT, master_shutdown, 0);
1931 #ifdef SIGTTIN
1932 squid_signal(SIGTTIN, master_shutdown, 0);
1933 #endif
1934
1935 if (Config.workers > 128) {
1936 syslog(LOG_ALERT, "Suspiciously high workers value: %d",
1937 Config.workers);
1938 // but we keep going in hope that user knows best
1939 }
1940 TheKids.init();
1941
1942 configured_once = 1;
1943
1944 syslog(LOG_NOTICE, "Squid Parent: will start %d kids", (int)TheKids.count());
1945
1946 // keep [re]starting kids until it is time to quit
1947 for (;;) {
1948 bool mainStartScriptCalled = false;
1949 // start each kid that needs to be [re]started; once
1950 for (int i = TheKids.count() - 1; i >= 0 && !shutting_down; --i) {
1951 Kid& kid = TheKids.get(i);
1952 if (!kid.shouldRestart())
1953 continue;
1954
1955 if (!mainStartScriptCalled) {
1956 mainStartScript(masterCommand.arg0());
1957 mainStartScriptCalled = true;
1958 }
1959
1960 // These are only needed by the forked child below, but let's keep
1961 // them out of that "no man's land" between fork() and execvp().
1962 auto kidCommand = masterCommand;
1963 kidCommand.resetArg0(kid.processName().c_str());
1964 assert(!kidCommand.hasOption(optKid));
1965 kidCommand.pushFrontOption("--kid", kid.gist().c_str());
1966
1967 if ((pid = fork()) == 0) {
1968 /* child */
1969 openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
1970 (void)execvp(masterCommand.arg0(), kidCommand.argv());
1971 int xerrno = errno;
1972 syslog(LOG_ALERT, "execvp failed: %s", xstrerr(xerrno));
1973 }
1974
1975 kid.start(pid);
1976 syslog(LOG_NOTICE, "Squid Parent: %s process %d started",
1977 kid.processName().c_str(), pid);
1978 }
1979
1980 /* parent */
1981 openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
1982
1983 // If Squid received a signal while checking for dying kids (below) or
1984 // starting new kids (above), then do a fast check for a new dying kid
1985 // (WaitForAnyPid with the WNOHANG option) and continue to forward
1986 // signals to kids. Otherwise, wait for a kid to die or for a signal
1987 // to abort the blocking WaitForAnyPid() call.
1988 // With the WNOHANG option, we could check whether WaitForAnyPid() was
1989 // aborted by a dying kid or a signal, but it is not required: The
1990 // next do/while loop will check again for any dying kids.
1991 int waitFlag = 0;
1992 if (masterSignaled())
1993 waitFlag = WNOHANG;
1994 PidStatus status;
1995 pid = WaitForAnyPid(status, waitFlag);
1996 getCurrentTime();
1997
1998 // check for a stopped kid
1999 if (Kid *kid = pid > 0 ? TheKids.find(pid) : nullptr)
2000 kid->stop(status);
2001 else if (pid > 0)
2002 syslog(LOG_NOTICE, "Squid Parent: unknown child process %d exited", pid);
2003
2004 masterCheckAndBroadcastSignals();
2005 masterMaintainKidRevivalSchedule();
2006
2007 if (!TheKids.someRunning() && !TheKids.shouldRestartSome()) {
2008 leave_suid();
2009 // XXX: Master process has no main loop and, hence, should not call
2010 // RegisteredRunner::startShutdown which promises a loop iteration.
2011 RunRegisteredHere(RegisteredRunner::finishShutdown);
2012 enter_suid();
2013 masterExit();
2014 }
2015 }
2016
2017 /* NOTREACHED */
2018 #endif /* _SQUID_WINDOWS_ */
2019
2020 }
2021
2022 static void
2023 SquidShutdown()
2024 {
2025 /* XXX: This function is called after the main loop has quit, which
2026 * means that no AsyncCalls would be called, including close handlers.
2027 * TODO: We need to close/shut/free everything that needs calls before
2028 * exiting the loop.
2029 */
2030
2031 #if USE_WIN32_SERVICE
2032 WIN32_svcstatusupdate(SERVICE_STOP_PENDING, 10000);
2033 #endif
2034
2035 debugs(1, Important(9), "Shutting down...");
2036 #if USE_SSL_CRTD
2037 Ssl::Helper::Shutdown();
2038 #endif
2039 #if USE_OPENSSL
2040 Ssl::CertValidationHelper::Shutdown();
2041 #endif
2042 redirectShutdown();
2043 externalAclShutdown();
2044 icpClosePorts();
2045 #if USE_HTCP
2046 htcpClosePorts();
2047 #endif
2048 #if SQUID_SNMP
2049 snmpClosePorts();
2050 #endif
2051 releaseServerSockets();
2052 commCloseAllSockets();
2053
2054 #if USE_DELAY_POOLS
2055 DelayPools::FreePools();
2056 #endif
2057 #if USE_AUTH
2058 authenticateReset();
2059 #endif
2060 #if USE_WIN32_SERVICE
2061
2062 WIN32_svcstatusupdate(SERVICE_STOP_PENDING, 10000);
2063 #endif
2064 #if ICAP_CLIENT
2065 Adaptation::Icap::TheConfig.freeService();
2066 #endif
2067
2068 Store::Root().sync(); /* Flush pending object writes/unlinks */
2069
2070 unlinkdClose(); /* after sync/flush. NOP if !USE_UNLINKD */
2071
2072 storeDirWriteCleanLogs(0);
2073 PrintRusage();
2074 dumpMallocStats();
2075 Store::Root().sync(); /* Flush log writes */
2076 storeLogClose();
2077 accessLogClose();
2078 Store::Root().sync(); /* Flush log close */
2079 DiskIOModule::FreeAllModules();
2080
2081 fdDumpOpen();
2082
2083 comm_exit();
2084
2085 RunRegisteredHere(RegisteredRunner::finishShutdown);
2086
2087 memClean();
2088
2089 debugs(1, Important(10), "Squid Cache (Version " << version_string << "): Exiting normally.");
2090
2091 exit(shutdown_status);
2092 }
2093
Mirror of https://github.com/squid-cache/squid.git