1 --- httpd-2.4.28/server/listen.c.socketactivation 2017-08-16 19:48:29.000000000 +0300
2 +++ httpd-2.4.28/server/listen.c 2017-10-14 18:48:36.275690612 +0300
4 #include "apr_strings.h"
6 #define APR_WANT_STRFUNC
8 #include "apr_version.h"
10 #include "ap_config.h"
12 #include "http_main.h"
13 #include "http_config.h"
14 #include "http_core.h"
15 #include "ap_listen.h"
17 #include "mpm_common.h"
25 +#include <systemd/sd-daemon.h>
28 /* we know core's module_index is 0 */
29 #undef APLOG_MODULE_INDEX
30 #define APLOG_MODULE_INDEX AP_CORE_MODULE_INDEX
32 AP_DECLARE_DATA ap_listen_rec *ap_listeners = NULL;
34 /* Let ap_num_listen_buckets be global so that it can
35 * be printed by ap_log_mpm_common(), but keep the listeners
36 * buckets static since it is used only here to close them
37 * all (including duplicated) with ap_close_listeners().
39 AP_DECLARE_DATA int ap_num_listen_buckets;
40 static ap_listen_rec **ap_listen_buckets;
42 /* Determine once, at runtime, whether or not SO_REUSEPORT
43 * is usable on this platform, and hence whether or not
44 * listeners can be duplicated (if configured).
46 AP_DECLARE_DATA int ap_have_so_reuseport = -1;
48 static ap_listen_rec *old_listeners;
49 static int ap_listenbacklog;
50 static int ap_listencbratio;
51 static int send_buffer_size;
52 static int receive_buffer_size;
54 +static int use_systemd = -1;
57 /* TODO: make_sock is just begging and screaming for APR abstraction */
58 -static apr_status_t make_sock(apr_pool_t *p, ap_listen_rec *server)
59 +static apr_status_t make_sock(apr_pool_t *p, ap_listen_rec *server, int do_bind_listen)
61 apr_socket_t *s = server->sd;
64 #ifdef AP_ENABLE_V4_MAPPED
65 int v6only_setting = 0;
67 int v6only_setting = 1;
73 stat = apr_socket_opt_set(s, APR_SO_REUSEADDR, one);
74 if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
75 ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p, APLOGNO(00067)
76 "make_sock: for address %pI, apr_socket_opt_set: (SO_REUSEADDR)",
83 stat = apr_socket_opt_set(s, APR_SO_KEEPALIVE, one);
84 if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
85 ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p, APLOGNO(00068)
86 "make_sock: for address %pI, apr_socket_opt_set: (SO_KEEPALIVE)",
93 - if (server->bind_addr->family == APR_INET6) {
94 - stat = apr_socket_opt_set(s, APR_IPV6_V6ONLY, v6only_setting);
95 - if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
96 - ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p, APLOGNO(00069)
97 - "make_sock: for address %pI, apr_socket_opt_set: "
100 - apr_socket_close(s);
107 * To send data over high bandwidth-delay connections at full
108 * speed we must force the TCP window to open wide enough to keep the
109 * pipe full. The default window size on many systems
110 * is only 4kB. Cross-country WAN connections of 100ms
111 * at 1Mb/s are not impossible for well connected sites.
112 * If we assume 100ms cross-country latency,
113 * a 4kB buffer limits throughput to 40kB/s.
115 * To avoid this problem I've added the SendBufferSize directive
116 * to allow the web master to configure send buffer size.
118 * The trade-off of larger buffers is that more kernel memory
119 * is consumed. YMMV, know your customers and your network!
121 * -John Heidemann <johnh@isi.edu> 25-Oct-96
123 * If no size is specified, use the kernel default.
125 if (send_buffer_size) {
126 @@ -153,55 +146,71 @@
127 ap_sock_disable_nagle(s);
130 #if defined(SO_REUSEPORT)
131 if (ap_have_so_reuseport && ap_listencbratio > 0) {
133 apr_os_sock_get(&thesock, s);
134 if (setsockopt(thesock, SOL_SOCKET, SO_REUSEPORT,
135 (void *)&one, sizeof(int)) < 0) {
136 stat = apr_get_netos_error();
137 ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p, APLOGNO(02638)
138 "make_sock: for address %pI, apr_socket_opt_set: "
147 - if ((stat = apr_socket_bind(s, server->bind_addr)) != APR_SUCCESS) {
148 - ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_CRIT, stat, p, APLOGNO(00072)
149 - "make_sock: could not bind to address %pI",
150 - server->bind_addr);
151 - apr_socket_close(s);
154 + if (do_bind_listen) {
156 + if (server->bind_addr->family == APR_INET6) {
157 + stat = apr_socket_opt_set(s, APR_IPV6_V6ONLY, v6only_setting);
158 + if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
159 + ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p, APLOGNO(00069)
160 + "make_sock: for address %pI, apr_socket_opt_set: "
162 + server->bind_addr);
163 + apr_socket_close(s);
169 - if ((stat = apr_socket_listen(s, ap_listenbacklog)) != APR_SUCCESS) {
170 - ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_ERR, stat, p, APLOGNO(00073)
171 - "make_sock: unable to listen for connections "
173 - server->bind_addr);
174 - apr_socket_close(s);
176 + if ((stat = apr_socket_bind(s, server->bind_addr)) != APR_SUCCESS) {
177 + ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_CRIT, stat, p, APLOGNO(00072)
178 + "make_sock: could not bind to address %pI",
179 + server->bind_addr);
180 + apr_socket_close(s);
184 + if ((stat = apr_socket_listen(s, ap_listenbacklog)) != APR_SUCCESS) {
185 + ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_ERR, stat, p, APLOGNO(00073)
186 + "make_sock: unable to listen for connections "
188 + server->bind_addr);
189 + apr_socket_close(s);
195 /* I seriously doubt that this would work on Unix; I have doubts that
196 * it entirely solves the problem on Win32. However, since setting
197 * reuseaddr on the listener -prior- to binding the socket has allowed
198 * us to attach to the same port as an already running instance of
199 * Apache, or even another web server, we cannot identify that this
200 * port was exclusively granted to this instance of Apache.
202 * So set reuseaddr, but do not attempt to do so until we have the
203 * parent listeners successfully bound.
205 stat = apr_socket_opt_set(s, APR_SO_REUSEADDR, one);
206 if (stat != APR_SUCCESS && stat != APR_ENOTIMPL) {
207 ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p, APLOGNO(00074)
208 "make_sock: for address %pI, apr_socket_opt_set: (SO_REUSEADDR)",
212 @@ -283,40 +292,159 @@
213 static int match_address(const apr_sockaddr_t *sa,
214 const char *hostname, apr_port_t port,
215 const char *scope_id, apr_pool_t *p)
217 const char *old_scope = NULL;
219 #if APR_VERSION_AT_LEAST(1,7,0)
220 /* To be clever here we could correctly match numeric and
221 * non-numeric zone ids. Ignore failure, old_scope will be left
223 (void) apr_sockaddr_zone_get(sa, &old_scope, NULL, p);
226 return port == sa->port
227 && ((!hostname && !sa->hostname)
228 || (hostname && sa->hostname && !strcmp(sa->hostname, hostname)))
229 && ((!scope_id && !old_scope)
230 || (scope_id && old_scope && !strcmp(scope_id, old_scope)));
236 +static int find_systemd_socket(process_rec * process, apr_port_t port) {
238 + int sdc = sd_listen_fds(0);
241 + ap_log_perror(APLOG_MARK, APLOG_CRIT, sdc, process->pool, APLOGNO(02486)
242 + "find_systemd_socket: Error parsing enviroment, sd_listen_fds returned %d",
248 + ap_log_perror(APLOG_MARK, APLOG_CRIT, sdc, process->pool, APLOGNO(02487)
249 + "find_systemd_socket: At least one socket must be set.");
253 + fdcount = atoi(getenv("LISTEN_FDS"));
254 + for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + fdcount; fd++) {
255 + if (sd_is_socket_inet(fd, 0, 0, -1, port) > 0) {
263 +static apr_status_t alloc_systemd_listener(process_rec * process,
264 + int fd, const char *proto,
265 + ap_listen_rec **out_rec)
268 + struct sockaddr sa;
269 + socklen_t len = sizeof(struct sockaddr);
270 + apr_os_sock_info_t si;
271 + ap_listen_rec *rec;
274 + memset(&si, 0, sizeof(si));
276 + rv = getsockname(fd, &sa, &len);
279 + rv = apr_get_netos_error();
280 + ap_log_perror(APLOG_MARK, APLOG_CRIT, rv, process->pool, APLOGNO(02489)
281 + "getsockname on %d failed.", fd);
286 + si.family = sa.sa_family;
288 + si.type = SOCK_STREAM;
289 + si.protocol = APR_PROTO_TCP;
291 + rec = apr_palloc(process->pool, sizeof(ap_listen_rec));
296 + rv = apr_os_sock_make(&rec->sd, &si, process->pool);
297 + if (rv != APR_SUCCESS) {
298 + ap_log_perror(APLOG_MARK, APLOG_CRIT, rv, process->pool, APLOGNO(02490)
299 + "apr_os_sock_make on %d failed.", fd);
303 + rv = apr_socket_addr_get(&rec->bind_addr, APR_LOCAL, rec->sd);
304 + if (rv != APR_SUCCESS) {
305 + ap_log_perror(APLOG_MARK, APLOG_CRIT, rv, process->pool, APLOGNO(02491)
306 + "apr_socket_addr_get on %d failed.", fd);
310 + rec->protocol = apr_pstrdup(process->pool, proto);
314 + return make_sock(process->pool, rec, 0);
317 +static const char *set_systemd_listener(process_rec *process, apr_port_t port,
320 + ap_listen_rec *last, *new;
322 + int fd = find_systemd_socket(process, port);
324 + return "Systemd socket activation is used, but this port is not "
325 + "configured in systemd";
328 + last = ap_listeners;
329 + while (last && last->next) {
333 + rv = alloc_systemd_listener(process, fd, proto, &new);
334 + if (rv != APR_SUCCESS) {
335 + return "Failed to setup socket passed by systemd using socket activation";
338 + if (last == NULL) {
339 + ap_listeners = last = new;
349 +#endif /* HAVE_SYSTEMD */
352 /* ### This logic doesn't cope with DNS changes across a restart. */
353 static int find_listeners(ap_listen_rec **from, ap_listen_rec **to,
354 const char *addr, apr_port_t port,
355 const char *scope_id, apr_pool_t *temp_pool)
360 apr_sockaddr_t *sa = (*from)->bind_addr;
362 /* Some listeners are not real so they will not have a bind_addr. */
366 /* Re-use the existing record if it matches completely
367 * against an existing listener. */
368 if (match_address(sa, addr, port, scope_id, temp_pool)) {
372 @@ -512,41 +640,41 @@
373 if (lr->bind_addr->port == cur->bind_addr->port
374 && IS_IN6ADDR_ANY(cur->bind_addr)
375 && apr_socket_opt_get(cur->sd, APR_IPV6_V6ONLY,
376 &v6only_setting) == APR_SUCCESS
377 && v6only_setting == 0) {
379 /* Remove the current listener from the list */
380 previous->next = lr->next;
381 lr = previous; /* maintain current value of previous after
382 * post-loop expression is evaluated
393 - if (make_sock(pool, lr) == APR_SUCCESS) {
394 + if (make_sock(pool, lr, 1) == APR_SUCCESS) {
399 /* If we tried to bind to ::, and the next listener is
400 * on 0.0.0.0 with the same port, don't give a fatal
401 * error. The user will still get a warning from make_sock
405 && IS_IN6ADDR_ANY(lr->bind_addr)
406 && lr->bind_addr->port == lr->next->bind_addr->port
407 && IS_INADDR_ANY(lr->next->bind_addr)) {
409 /* Remove the current listener from the list */
411 previous->next = lr->next;
414 ap_listeners = lr->next;
415 @@ -624,42 +752,62 @@
416 * use the default for this listener.
418 for (addr = ls->addrs; addr && !found; addr = addr->next) {
419 for (lr = ap_listeners; lr; lr = lr->next) {
420 if (apr_sockaddr_equal(lr->bind_addr, addr->host_addr) &&
421 lr->bind_addr->port == addr->host_port) {
422 ap_set_server_protocol(ls, lr->protocol);
430 /* TODO: set protocol defaults per-Port, eg 25=smtp */
431 ap_set_server_protocol(ls, "http");
436 - if (open_listeners(s->process->pool)) {
440 + const char *userdata_key = "ap_open_systemd_listeners";
442 + /* clear the enviroment on our second run
443 + * so that none of our future children get confused.
445 + apr_pool_userdata_get(&data, userdata_key, s->process->pool);
447 + apr_pool_userdata_set((const void *)1, userdata_key,
448 + apr_pool_cleanup_null, s->process->pool);
457 + if (open_listeners(s->process->pool)) {
462 for (lr = ap_listeners; lr; lr = lr->next) {
465 for (ls = s; ls && !found; ls = ls->next) {
466 for (addr = ls->addrs; addr && !found; addr = addr->next) {
467 if (apr_sockaddr_equal(lr->bind_addr, addr->host_addr) &&
468 lr->bind_addr->port == addr->host_port) {
470 ap_apply_accept_filter(s->process->pool, lr, ls);
476 ap_apply_accept_filter(s->process->pool, lr, s);
480 @@ -715,41 +863,41 @@
484 duplr = apr_palloc(p, sizeof(ap_listen_rec));
486 duplr->protocol = apr_pstrdup(p, lr->protocol);
487 hostname = apr_pstrdup(p, lr->bind_addr->hostname);
488 port = lr->bind_addr->port;
489 apr_sockaddr_info_get(&sa, hostname, APR_UNSPEC, port, 0, p);
490 duplr->bind_addr = sa;
492 stat = apr_socket_create(&duplr->sd, duplr->bind_addr->family,
494 if (stat != APR_SUCCESS) {
495 ap_log_perror(APLOG_MARK, APLOG_CRIT, 0, p, APLOGNO(02640)
496 "ap_duplicate_listeners: for address %pI, "
497 "cannot duplicate a new socket!",
501 - make_sock(p, duplr);
502 + make_sock(p, duplr, 1);
503 #if AP_NONBLOCK_WHEN_MULTI_LISTEN
504 use_nonblock = (ap_listeners && ap_listeners->next);
505 stat = apr_socket_opt_set(duplr->sd, APR_SO_NONBLOCK, use_nonblock);
506 if (stat != APR_SUCCESS) {
507 ap_log_perror(APLOG_MARK, APLOG_CRIT, stat, p, APLOGNO(02641)
508 "unable to control socket non-blocking status");
512 ap_apply_accept_filter(p, duplr, s);
515 (*buckets)[i] = last = duplr;
523 @@ -695,74 +843,87 @@
528 AP_DECLARE_NONSTD(const char *) ap_set_listener(cmd_parms *cmd, void *dummy,
529 int argc, char *const argv[])
531 char *host, *scope_id, *proto;
534 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
540 if (argc < 1 || argc > 2) {
541 return "Listen requires 1 or 2 arguments.";
545 + if (use_systemd == -1) {
546 + use_systemd = sd_listen_fds(0) > 0;
550 rv = apr_parse_addr_port(&host, &scope_id, &port, argv[0], cmd->pool);
551 if (rv != APR_SUCCESS) {
552 return "Invalid address or port";
555 if (host && !strcmp(host, "*")) {
559 #if !APR_VERSION_AT_LEAST(1,7,0)
561 return apr_pstrcat(cmd->pool,
562 "Scope ID in address '", argv[0],
563 "' not supported with APR " APR_VERSION_STRING,
569 return "Port must be specified";
580 proto = apr_pstrdup(cmd->pool, argv[1]);
581 ap_str_tolower(proto);
586 + return set_systemd_listener(cmd->server->process, port, proto);
591 return alloc_listener(cmd->server->process, host, port, proto,
592 scope_id, NULL, cmd->temp_pool);
595 AP_DECLARE_NONSTD(const char *) ap_set_listenbacklog(cmd_parms *cmd,
600 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
608 return "ListenBacklog must be > 0";