#include <errno.h>
#include <stdarg.h>
#include <syslog.h>
+#include <grp.h>
#ifdef HAVE_PTHREAD_H
#include <pthread.h>
#endif
}
#endif
+static pthread_t main_thread_id;
+
+#ifndef HAVE_PTHREAD_CANCEL
+/*
+ * signal handler to fake thread cancellation; only required on BSDI as far
+ * as I know.
+ */
+static RETSIGTYPE cancel_thread(int signum) {
+ pthread_exit(NULL);
+ }
+#endif
+
+/*
+ * we used to use master_cleanup() as a signal handler to shut down the server.
+ * however, master_cleanup() and the functions it calls do some things that
+ * aren't such a good idea to do from a signal handler: acquiring mutexes,
+ * playing with signal masks on BSDI systems, etc. so instead we install the
+ * following signal handler to set a global variable to inform the main loop
+ * that it's time to call master_cleanup() and exit.
+ */
+
+static volatile int time_to_die = 0;
+
+static RETSIGTYPE signal_cleanup(int signum) {
+ time_to_die = 1;
+ }
/*
/*
* The action for unexpected signals and exceptions should be to
- * call master_cleanup() to gracefully shut down the server.
+ * call signal_cleanup() to gracefully shut down the server.
*/
- signal(SIGINT, (void(*)(int))master_cleanup);
- signal(SIGQUIT, (void(*)(int))master_cleanup);
- signal(SIGHUP, (void(*)(int))master_cleanup);
- signal(SIGTERM, (void(*)(int))master_cleanup);
+ signal(SIGINT, signal_cleanup);
+ signal(SIGQUIT, signal_cleanup);
+ signal(SIGHUP, signal_cleanup);
+ signal(SIGTERM, signal_cleanup);
signal(SIGPIPE, SIG_IGN);
+ main_thread_id = pthread_self();
+#ifndef HAVE_PTHREAD_CANCEL /* fake it - only BSDI afaik */
+ signal(SIGUSR1, cancel_thread);
+#endif
}
*/
void begin_critical_section(int which_one)
{
+#ifdef HAVE_PTHREAD_CANCEL
int oldval;
+#else
+ sigset_t set;
+#endif
/* lprintf(8, "begin_critical_section(%d)\n", which_one); */
- /* Don't get interrupted during the critical section */
- pthread_setcanceltype(PTHREAD_CANCEL_DEFERRED, &oldval);
+ if (!pthread_equal(pthread_self(), main_thread_id)) {
+ /* Keep a count of how many critical sections this thread has
+ * open, so that end_critical_section() doesn't enable
+ * cancellation prematurely. */
+ CC->n_crit++;
+#ifdef HAVE_PTHREAD_CANCEL
+ /* Don't get interrupted during the critical section */
+ pthread_setcanceltype(PTHREAD_CANCEL_DEFERRED, &oldval);
+#else
+ /* We're faking cancellation with signals. Block SIGUSR1 while
+ * we're in the critical section. */
+ sigemptyset(&set);
+ sigaddset(&set, SIGUSR1);
+ pthread_sigmask(SIG_BLOCK, &set, NULL);
+#endif
+ }
/* Obtain a semaphore */
pthread_mutex_lock(&Critters[which_one]);
*/
void end_critical_section(int which_one)
{
+#ifdef HAVE_PTHREAD_CANCEL
int oldval;
+#else
+ sigset_t set;
+#endif
/* lprintf(8, " end_critical_section(%d)\n", which_one); */
/* Let go of the semaphore */
pthread_mutex_unlock(&Critters[which_one]);
- /* If a cancel was sent during the critical section, do it now.
- * Then re-enable thread cancellation.
- */
- pthread_testcancel();
- pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS, &oldval);
- pthread_testcancel();
+ if (!pthread_equal(pthread_self(), main_thread_id))
+ if (!--CC->n_crit) {
+#ifdef HAVE_PTHREAD_CANCEL
+ /* If a cancel was sent during the critical section, do it now.
+ * Then re-enable thread cancellation.
+ */
+ pthread_testcancel();
+ pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS, &oldval);
+ pthread_testcancel();
+#else
+ /* We're faking it. Unblock SIGUSR1; signals sent during the
+ * critical section should now be able to kill us. */
+ sigemptyset(&set);
+ sigaddset(&set, SIGUSR1);
+ pthread_sigmask(SIG_UNBLOCK, &set, NULL);
+#endif
+ }
}
*/
void InitMyContext(struct CitContext *con)
{
+#ifdef HAVE_PTHREAD_CANCEL
int oldval;
+#endif
con->mythread = pthread_self();
+#ifdef HAVE_PTHREAD_CANCEL
pthread_setcancelstate(PTHREAD_CANCEL_ENABLE, &oldval);
pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS, &oldval);
+#endif
if (pthread_setspecific(MyConKey, (void *)con) != 0) {
lprintf(1, "ERROR! pthread_setspecific() failed: %s\n",
strerror(errno));
lprintf(9, "kill_session() finished scanning.\n");
if (killme != 0) {
+#ifdef HAVE_PTHREAD_CANCEL
lprintf(9, "calling pthread_cancel()\n");
pthread_cancel(killme);
+#else
+ pthread_kill(killme, SIGUSR1);
+#ifdef __FreeBSD__
+ /* there's a very stupid bug in the user threads package on
+ FreeBSD 3.1 which prevents a signal from being properly
+ dispatched to a thread that's in a blocking syscall. the
+ first signal interrupts the syscall, the second one actually
+ gets delivered. */
+ pthread_kill(killme, SIGUSR1);
+#endif
+#endif
}
}
struct CitContext *con; /* Temporary context pointer */
char tracefile[128]; /* Name of file to log traces to */
int a, i; /* General-purpose variables */
- char convbuf[128];
+ fd_set readfds;
+ struct timeval tv;
+ struct passwd *pw;
+ int drop_root_perms = 1;
+ char *moddir;
/* specify default port name and trace file */
strcpy(tracefile, "");
/* -x specifies the desired logging level */
else if (!strncmp(argv[a], "-x", 2)) {
- strcpy(convbuf, argv[a]);
- verbosity = atoi(&convbuf[2]);
+ verbosity = atoi(&argv[a][2]);
}
else if (!strncmp(argv[a], "-h", 2)) {
- strcpy(convbuf, argv[a]);
- strcpy(bbs_home_directory, &convbuf[2]);
+ safestrncpy(bbs_home_directory, &argv[a][2],
+ sizeof bbs_home_directory);
home_specified = 1;
}
+ /* -r tells the server not to drop root permissions. don't use
+ * this unless you know what you're doing. this should be
+ * removed in the next release if it proves unnecessary. */
+ else if (!strcmp(argv[a], "-r"))
+ drop_root_perms = 0;
+
/* any other parameter makes it crash and burn */
else {
lprintf(1, "citserver: usage: ");
}
/* Tell 'em who's in da house */
- lprintf(1, "Multithreaded message server for %s\n", CITADEL);
- lprintf(1, "Copyright (C) 1987-1998 by Art Cancro. ");
- lprintf(1, "All rights reserved.\n\n");
+ lprintf(1,
+"\nMultithreaded message server for Citadel/UX\n"
+"Copyright (C) 1987-1999 by the Citadel/UX development team.\n"
+"Citadel/UX is free software, covered by the GNU General Public License, and\n"
+"you are welcome to change it and/or distribute copies of it under certain\n"
+"conditions. There is absolutely no warranty for this software. Please\n"
+"read the 'COPYING.txt' file for details.\n\n");
/* Initialize... */
init_sysdep();
lprintf(7, "Loading citadel.config\n");
get_config();
- lprintf(7, "Initializing loadable modules\n");
- DLoader_Init("./modules");
- lprintf(9, "Modules done initializing.\n");
-
- /* Do non system dependent startup functions */
- master_startup();
-
/*
* Bind the server to our favourite port.
* There is no need to check for errors, because ig_tcp_server()
lprintf(7, "Listening on socket %d\n", msock);
/*
- * Now that we've bound the socket, change to the BBS user id
- lprintf(7, "Changing uid to %d\n", BBSUID);
- if (setuid(BBSUID) != 0) {
- lprintf(3, "setuid() failed: %s", strerror(errno));
+ * Now that we've bound the socket, change to the BBS user id and its
+ * corresponding group ids
+ */
+ if (drop_root_perms) {
+ if ((pw = getpwuid(BBSUID)) == NULL)
+ lprintf(1, "WARNING: getpwuid(%d): %s\n"
+ "Group IDs will be incorrect.\n", BBSUID,
+ strerror(errno));
+ else {
+ initgroups(pw->pw_name, pw->pw_gid);
+ if (setgid(pw->pw_gid))
+ lprintf(3, "setgid(%d): %s\n", pw->pw_gid,
+ strerror(errno));
+ }
+ lprintf(7, "Changing uid to %d\n", BBSUID);
+ if (setuid(BBSUID) != 0) {
+ lprintf(3, "setuid() failed: %s\n", strerror(errno));
+ }
+ }
+
+ lprintf(7, "Initializing loadable modules\n");
+ if ((moddir = malloc(strlen(bbs_home_directory) + 9)) != NULL) {
+ sprintf(moddir, "%s/modules", bbs_home_directory);
+ DLoader_Init(moddir);
+ free(moddir);
}
+ lprintf(9, "Modules done initializing.\n");
+
+ /*
+ * Do non system dependent startup functions.
*/
+ master_startup();
/*
* Endless loop. Listen on the master socket. When a connection
* comes in, create a socket, a context, and a thread.
*/
- while (1) {
+ while (!time_to_die) {
+ /* we need to check if a signal has been delivered. because
+ * syscalls may be restartable across signals, we call
+ * select with a timeout of 1 second and repeatedly check for
+ * time_to_die... */
+ FD_ZERO(&readfds);
+ FD_SET(msock, &readfds);
+ tv.tv_sec = 1;
+ tv.tv_usec = 0;
+ if (select(msock + 1, &readfds, NULL, NULL, &tv) <= 0)
+ continue;
+ alen = sizeof fsin;
ssock = accept(msock, (struct sockaddr *)&fsin, &alen);
if (ssock < 0) {
lprintf(2, "citserver: accept() failed: %s\n",
lprintf(9, "done!\n");
}
}
+ master_cleanup();
+ return 0;
}
projects / citadel.git / blobdiff