1 http://mpm-itk.sesse.net/apache2.2-mpm-itk-20090414-00.patch
4 --- httpd-2.2.11/server/mpm/experimental/itk/Makefile.in 2009-03-17 21:38:54.000000000 +0100
5 +++ httpd-2.2.11/server/mpm/experimental/itk/Makefile.in 2009-03-17 21:39:03.000000000 +0100
8 +LTLIBRARY_NAME = libitk.la
9 +LTLIBRARY_SOURCES = itk.c
11 +include $(top_srcdir)/build/ltlib.mk
13 --- httpd-2.2.11/server/mpm/experimental/itk/config.m4 2009-03-17 21:38:53.000000000 +0100
14 +++ httpd-2.2.11/server/mpm/experimental/itk/config.m4 2009-03-17 21:39:03.000000000 +0100
16 +if test "$MPM_NAME" = "itk" ; then
17 + APACHE_FAST_OUTPUT(server/mpm/$MPM_NAME/Makefile)
19 diff -u httpd-2.2.11/server/mpm/experimental/itk/itk.c httpd-2.2.11/server/mpm/experimental/itk/itk.c
20 --- httpd-2.2.11/server/mpm/experimental/itk/itk.c 2009-04-14 23:29:16.000000000 +0200
21 +++ httpd-2.2.11/server/mpm/experimental/itk/itk.c 2009-04-14 23:31:05.000000000 +0200
23 +/* Licensed to the Apache Software Foundation (ASF) under one or more
24 + * contributor license agreements. See the NOTICE file distributed with
25 + * this work for additional information regarding copyright ownership.
26 + * The ASF licenses this file to You under the Apache License, Version 2.0
27 + * (the "License"); you may not use this file except in compliance with
28 + * the License. You may obtain a copy of the License at
30 + * http://www.apache.org/licenses/LICENSE-2.0
32 + * Unless required by applicable law or agreed to in writing, software
33 + * distributed under the License is distributed on an "AS IS" BASIS,
34 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
35 + * See the License for the specific language governing permissions and
36 + * limitations under the License.
38 + * Portions copyright 2005-2009 Steinar H. Gunderson <sgunderson@bigfoot.com>.
39 + * Licensed under the same terms as the rest of Apache.
41 + * Portions copyright 2008 Knut Auvor Grythe <knut@auvor.no>.
42 + * Licensed under the same terms as the rest of Apache.
46 +#include "apr_portable.h"
47 +#include "apr_strings.h"
48 +#include "apr_thread_proc.h"
49 +#include "apr_signal.h"
51 +# define _DBG(text,par...) \
52 + ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, \
53 + "(itkmpm: pid=%d uid=%d, gid=%d) %s(): " text, \
54 + getpid(), getuid(), getgid(), __FUNCTION__, par)
56 +#define APR_WANT_STDIO
57 +#define APR_WANT_STRFUNC
58 +#include "apr_want.h"
60 +#if APR_HAVE_UNISTD_H
63 +#if APR_HAVE_SYS_TYPES_H
64 +#include <sys/types.h>
69 +#include "ap_config.h"
71 +#include "mpm_default.h"
72 +#include "http_main.h"
73 +#include "http_log.h"
74 +#include "http_config.h"
75 +#include "http_core.h" /* for get_remote_host */
76 +#include "http_connection.h"
77 +#include "http_request.h" /* for ap_hook_post_perdir_config */
78 +#include "scoreboard.h"
81 +#include "mpm_common.h"
82 +#include "ap_listen.h"
84 +#include "apr_poll.h"
86 +#ifdef HAVE_BSTRING_H
87 +#include <bstring.h> /* for IRIX, FD_SET calls bzero() */
92 +#ifdef HAVE_SYS_PROCESSOR_H
93 +#include <sys/processor.h> /* for bindprocessor() */
97 +#include <sys/capability.h>
101 +#include <sys/times.h>
103 +/* Limit on the total --- clients will be locked out if more servers than
104 + * this are needed. It is intended solely to keep the server from crashing
105 + * when things get out of hand.
107 + * We keep a hard maximum number of servers, for two reasons --- first off,
108 + * in case something goes seriously wrong, we want to stop the fork bomb
109 + * short of actually crashing the machine we're running on by filling some
110 + * kernel table. Secondly, it keeps the size of the scoreboard file small
111 + * enough that we can read the whole thing without worrying too much about
114 +#ifndef DEFAULT_SERVER_LIMIT
115 +#define DEFAULT_SERVER_LIMIT 256
118 +/* Admin can't tune ServerLimit beyond MAX_SERVER_LIMIT. We want
119 + * some sort of compile-time limit to help catch typos.
121 +#ifndef MAX_SERVER_LIMIT
122 +#define MAX_SERVER_LIMIT 200000
125 +#ifndef HARD_THREAD_LIMIT
126 +#define HARD_THREAD_LIMIT 1
129 +/* config globals */
131 +int ap_threads_per_child=0; /* Worker threads per child */
132 +static apr_proc_mutex_t *accept_mutex;
133 +static int ap_daemons_to_start=0;
134 +static int ap_daemons_min_free=0;
135 +static int ap_daemons_max_free=0;
136 +static int ap_daemons_limit=0; /* MaxClients */
137 +static int server_limit = DEFAULT_SERVER_LIMIT;
138 +static int first_server_limit = 0;
139 +static int changed_limit_at_restart;
140 +static int mpm_state = AP_MPMQ_STARTING;
141 +static ap_pod_t *pod;
144 + * The max child slot ever assigned, preserved across restarts. Necessary
145 + * to deal with MaxClients changes across AP_SIG_GRACEFUL restarts. We
146 + * use this value to optimize routines that have to scan the entire scoreboard.
148 +int ap_max_daemons_limit = -1;
149 +server_rec *ap_server_conf;
151 +/* one_process --- debugging mode variable; can be set from the command line
152 + * with the -X flag. If set, this gets you the child_main loop running
153 + * in the process which originally started up (no detach, no make_child),
154 + * which is a pretty nice debugging environment. (You'll get a SIGHUP
155 + * early in standalone_main; just continue through. This is the server
156 + * trying to kill off any child processes which it might have lying
157 + * around --- Apache doesn't keep track of their pids, it just sends
158 + * SIGHUP to the process group, ignoring it in the root process.
159 + * Continue through and you'll be fine.).
162 +static int one_process = 0;
164 +static apr_pool_t *pconf; /* Pool for config stuff */
165 +static apr_pool_t *pchild; /* Pool for httpd child stuff */
167 +static pid_t ap_my_pid; /* it seems silly to call getpid all the time */
168 +static pid_t parent_pid;
170 +static int my_child_num;
172 +ap_generation_t volatile ap_my_generation=0;
176 +char tpf_server_name[INETD_SERVNAME_LENGTH+1];
179 +static volatile int die_now = 0;
181 +#define UNSET_NICE_VALUE 100
193 + int max_clients_vhost;
196 +module AP_MODULE_DECLARE_DATA mpm_itk_module;
200 + * change directory for gprof to plop the gmon.out file
201 + * configure in httpd.conf:
202 + * GprofDir $RuntimeDir/ -> $ServerRoot/$RuntimeDir/gmon.out
203 + * GprofDir $RuntimeDir/% -> $ServerRoot/$RuntimeDir/gprof.$pid/gmon.out
205 +static void chdir_for_gprof(void)
207 + core_server_config *sconf =
208 + ap_get_module_config(ap_server_conf->module_config, &core_module);
209 + char *dir = sconf->gprof_dir;
210 + const char *use_dir;
215 + int len = strlen(sconf->gprof_dir) - 1;
216 + if(*(dir + len) == '%') {
218 + buf = ap_append_pid(pconf, dir, "gprof.");
220 + use_dir = ap_server_root_relative(pconf, buf ? buf : dir);
221 + res = apr_dir_make(use_dir,
222 + APR_UREAD | APR_UWRITE | APR_UEXECUTE |
223 + APR_GREAD | APR_GEXECUTE |
224 + APR_WREAD | APR_WEXECUTE, pconf);
225 + if(res != APR_SUCCESS && !APR_STATUS_IS_EEXIST(res)) {
226 + ap_log_error(APLOG_MARK, APLOG_ERR, res, ap_server_conf,
227 + "gprof: error creating directory %s", dir);
231 + use_dir = ap_server_root_relative(pconf, DEFAULT_REL_RUNTIMEDIR);
237 +#define chdir_for_gprof()
240 +/* XXX - I don't know if TPF will ever use this module or not, so leave
241 + * the ap_check_signals calls in but disable them - manoj */
242 +#define ap_check_signals()
244 +/* a clean exit from a child with proper cleanup */
245 +static void clean_child_exit(int code) __attribute__ ((noreturn));
246 +static void clean_child_exit(int code)
248 + mpm_state = AP_MPMQ_STOPPING;
251 + apr_pool_destroy(pchild);
253 + ap_mpm_pod_close(pod);
258 +static void accept_mutex_on(void)
260 + apr_status_t rv = apr_proc_mutex_lock(accept_mutex);
261 + if (rv != APR_SUCCESS) {
262 + const char *msg = "couldn't grab the accept mutex";
264 + if (ap_my_generation !=
265 + ap_scoreboard_image->global->running_generation) {
266 + ap_log_error(APLOG_MARK, APLOG_DEBUG, rv, NULL, "%s", msg);
267 + clean_child_exit(0);
270 + ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL, "%s", msg);
271 + exit(APEXIT_CHILDFATAL);
276 +static void accept_mutex_off(void)
278 + apr_status_t rv = apr_proc_mutex_unlock(accept_mutex);
279 + if (rv != APR_SUCCESS) {
280 + const char *msg = "couldn't release the accept mutex";
282 + if (ap_my_generation !=
283 + ap_scoreboard_image->global->running_generation) {
284 + ap_log_error(APLOG_MARK, APLOG_DEBUG, rv, NULL, "%s", msg);
285 + /* don't exit here... we have a connection to
286 + * process, after which point we'll see that the
287 + * generation changed and we'll exit cleanly
291 + ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL, "%s", msg);
292 + exit(APEXIT_CHILDFATAL);
297 +/* On some architectures it's safe to do unserialized accept()s in the single
298 + * Listen case. But it's never safe to do it in the case where there's
299 + * multiple Listen statements. Define SINGLE_LISTEN_UNSERIALIZED_ACCEPT
300 + * when it's safe in the single Listen case.
302 +#ifdef SINGLE_LISTEN_UNSERIALIZED_ACCEPT
303 +#define SAFE_ACCEPT(stmt) do {if (ap_listeners->next) {stmt;}} while(0)
305 +#define SAFE_ACCEPT(stmt) do {stmt;} while(0)
308 +AP_DECLARE(apr_status_t) ap_mpm_query(int query_code, int *result)
310 + switch(query_code){
311 + case AP_MPMQ_MAX_DAEMON_USED:
312 + *result = ap_daemons_limit;
313 + return APR_SUCCESS;
314 + case AP_MPMQ_IS_THREADED:
315 + *result = AP_MPMQ_NOT_SUPPORTED;
316 + return APR_SUCCESS;
317 + case AP_MPMQ_IS_FORKED:
318 + *result = AP_MPMQ_DYNAMIC;
319 + return APR_SUCCESS;
320 + case AP_MPMQ_HARD_LIMIT_DAEMONS:
321 + *result = server_limit;
322 + return APR_SUCCESS;
323 + case AP_MPMQ_HARD_LIMIT_THREADS:
324 + *result = HARD_THREAD_LIMIT;
325 + return APR_SUCCESS;
326 + case AP_MPMQ_MAX_THREADS:
328 + return APR_SUCCESS;
329 + case AP_MPMQ_MIN_SPARE_DAEMONS:
330 + *result = ap_daemons_min_free;
331 + return APR_SUCCESS;
332 + case AP_MPMQ_MIN_SPARE_THREADS:
334 + return APR_SUCCESS;
335 + case AP_MPMQ_MAX_SPARE_DAEMONS:
336 + *result = ap_daemons_max_free;
337 + return APR_SUCCESS;
338 + case AP_MPMQ_MAX_SPARE_THREADS:
340 + return APR_SUCCESS;
341 + case AP_MPMQ_MAX_REQUESTS_DAEMON:
342 + *result = ap_max_requests_per_child;
343 + return APR_SUCCESS;
344 + case AP_MPMQ_MAX_DAEMONS:
345 + *result = server_limit;
346 + return APR_SUCCESS;
347 + case AP_MPMQ_MPM_STATE:
348 + *result = mpm_state;
349 + return APR_SUCCESS;
351 + return APR_ENOTIMPL;
354 +#if defined(NEED_WAITPID)
356 + Systems without a real waitpid sometimes lose a child's exit while waiting
357 + for another. Search through the scoreboard for missing children.
359 +int reap_children(int *exitcode, apr_exit_why_e *status)
363 + for (n = 0; n < ap_max_daemons_limit; ++n) {
364 + if (ap_scoreboard_image->servers[n][0].status != SERVER_DEAD &&
365 + kill((pid = ap_scoreboard_image->parent[n].pid), 0) == -1) {
366 + ap_update_child_status_from_indexes(n, 0, SERVER_DEAD, NULL);
367 + /* just mark it as having a successful exit status */
368 + *status = APR_PROC_EXIT;
377 +/*****************************************************************
378 + * Connection structures and accounting...
381 +static void just_die(int sig)
383 + clean_child_exit(0);
386 +static void stop_listening(int sig)
388 + ap_close_listeners();
390 + /* For a graceful stop, we want the child to exit when done */
394 +/* volatile just in case */
395 +static int volatile shutdown_pending;
396 +static int volatile restart_pending;
397 +static int volatile is_graceful;
399 +static void sig_term(int sig)
401 + if (shutdown_pending == 1) {
402 + /* Um, is this _probably_ not an error, if the user has
403 + * tried to do a shutdown twice quickly, so we won't
404 + * worry about reporting it.
408 + shutdown_pending = 1;
409 + is_graceful = (sig == AP_SIG_GRACEFUL_STOP);
412 +/* restart() is the signal handler for SIGHUP and AP_SIG_GRACEFUL
413 + * in the parent process, unless running in ONE_PROCESS mode
415 +static void restart(int sig)
417 + if (restart_pending == 1) {
418 + /* Probably not an error - don't bother reporting it */
421 + restart_pending = 1;
422 + is_graceful = (sig == AP_SIG_GRACEFUL);
425 +static void set_signals(void)
427 +#ifndef NO_USE_SIGACTION
428 + struct sigaction sa;
431 + if (!one_process) {
432 + ap_fatal_signal_setup(ap_server_conf, pconf);
435 +#ifndef NO_USE_SIGACTION
436 + sigemptyset(&sa.sa_mask);
439 + sa.sa_handler = sig_term;
440 + if (sigaction(SIGTERM, &sa, NULL) < 0)
441 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGTERM)");
442 +#ifdef AP_SIG_GRACEFUL_STOP
443 + if (sigaction(AP_SIG_GRACEFUL_STOP, &sa, NULL) < 0)
444 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
445 + "sigaction(" AP_SIG_GRACEFUL_STOP_STRING ")");
448 + if (sigaction(SIGINT, &sa, NULL) < 0)
449 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGINT)");
452 + sa.sa_handler = SIG_DFL;
453 + if (sigaction(SIGXCPU, &sa, NULL) < 0)
454 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGXCPU)");
457 + sa.sa_handler = SIG_DFL;
458 + if (sigaction(SIGXFSZ, &sa, NULL) < 0)
459 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGXFSZ)");
462 + sa.sa_handler = SIG_IGN;
463 + if (sigaction(SIGPIPE, &sa, NULL) < 0)
464 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGPIPE)");
467 + /* we want to ignore HUPs and AP_SIG_GRACEFUL while we're busy
470 + sigaddset(&sa.sa_mask, SIGHUP);
471 + sigaddset(&sa.sa_mask, AP_SIG_GRACEFUL);
472 + sa.sa_handler = restart;
473 + if (sigaction(SIGHUP, &sa, NULL) < 0)
474 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(SIGHUP)");
475 + if (sigaction(AP_SIG_GRACEFUL, &sa, NULL) < 0)
476 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "sigaction(" AP_SIG_GRACEFUL_STRING ")");
478 + if (!one_process) {
480 + apr_signal(SIGXCPU, SIG_DFL);
481 +#endif /* SIGXCPU */
483 + apr_signal(SIGXFSZ, SIG_DFL);
484 +#endif /* SIGXFSZ */
487 + apr_signal(SIGTERM, sig_term);
489 + apr_signal(SIGHUP, restart);
491 +#ifdef AP_SIG_GRACEFUL
492 + apr_signal(AP_SIG_GRACEFUL, restart);
493 +#endif /* AP_SIG_GRACEFUL */
494 +#ifdef AP_SIG_GRACEFUL_STOP
495 + apr_signal(AP_SIG_GRACEFUL_STOP, sig_term);
496 +#endif /* AP_SIG_GRACEFUL */
498 + apr_signal(SIGPIPE, SIG_IGN);
499 +#endif /* SIGPIPE */
504 +/*****************************************************************
505 + * Child process main loop.
506 + * The following vars are static to avoid getting clobbered by longjmp();
507 + * they are really private to child_main.
510 +static int requests_this_child;
511 +static int num_listensocks = 0;
514 +int ap_graceful_stop_signalled(void)
516 + /* not ever called anymore... */
521 +static void child_main(int child_num_arg)
523 + apr_pool_t *ptrans;
524 + apr_allocator_t *allocator;
525 + apr_status_t status;
528 + apr_pollset_t *pollset;
529 + ap_sb_handle_t *sbh;
530 + apr_bucket_alloc_t *bucket_alloc;
531 + int last_poll_idx = 0;
535 + cap_value_t suidcaps[] = {
538 + CAP_DAC_READ_SEARCH,
543 + mpm_state = AP_MPMQ_STARTING; /* for benefit of any hooks that run as this
544 + * child initializes
547 + my_child_num = child_num_arg;
548 + ap_my_pid = getpid();
549 + requests_this_child = 0;
551 + ap_fatal_signal_child_setup(ap_server_conf);
553 + /* Get a sub context for global allocations in this child, so that
554 + * we can have cleanups occur when the child exits.
556 + apr_allocator_create(&allocator);
557 + apr_allocator_max_free_set(allocator, ap_max_mem_free);
558 + apr_pool_create_ex(&pchild, pconf, NULL, allocator);
559 + apr_allocator_owner_set(allocator, pchild);
561 + apr_pool_create(&ptrans, pchild);
562 + apr_pool_tag(ptrans, "transaction");
564 + /* needs to be done before we switch UIDs so we have permissions */
565 + ap_reopen_scoreboard(pchild, NULL, 0);
566 + status = apr_proc_mutex_child_init(&accept_mutex, ap_lock_fname, pchild);
567 + if (status != APR_SUCCESS) {
568 + ap_log_error(APLOG_MARK, APLOG_EMERG, status, ap_server_conf,
569 + "Couldn't initialize cross-process lock in child "
570 + "(%s) (%d)", ap_lock_fname, ap_accept_lock_mech);
571 + clean_child_exit(APEXIT_CHILDFATAL);
574 + ap_run_child_init(pchild, ap_server_conf);
576 + ap_create_sb_handle(&sbh, pchild, my_child_num, 0);
578 + (void) ap_update_child_status(sbh, SERVER_READY, (request_rec *) NULL);
580 + /* Set up the pollfd array */
581 + /* ### check the status */
582 + (void) apr_pollset_create(&pollset, num_listensocks, pchild, 0);
584 + for (lr = ap_listeners, i = num_listensocks; i--; lr = lr->next) {
585 + apr_pollfd_t pfd = { 0 };
587 + pfd.desc_type = APR_POLL_SOCKET;
588 + pfd.desc.s = lr->sd;
589 + pfd.reqevents = APR_POLLIN;
590 + pfd.client_data = lr;
592 + /* ### check the status */
593 + (void) apr_pollset_add(pollset, &pfd);
597 + /* Drop as many privileges as we can. We'll still
598 + * access files with uid=0, and we can setuid() to anything, but
599 + * at least there's tons of other evilness (like loading kernel
600 + * modules) we can't do directly. (The setuid() capability will
601 + * go away automatically when we setuid() or exec() -- the former
602 + * is likely to come first.)
606 + cap_set_flag(caps, CAP_PERMITTED, sizeof(suidcaps)/sizeof(cap_value_t), suidcaps, CAP_SET);
607 + cap_set_flag(caps, CAP_EFFECTIVE, sizeof(suidcaps)/sizeof(cap_value_t), suidcaps, CAP_SET);
608 + cap_set_proc(caps);
612 + mpm_state = AP_MPMQ_RUNNING;
614 + bucket_alloc = apr_bucket_alloc_create(pchild);
616 + /* die_now is set when AP_SIG_GRACEFUL is received in the child;
617 + * shutdown_pending is set when SIGTERM is received when running
618 + * in single process mode. */
619 + while (!die_now && !shutdown_pending) {
620 + conn_rec *current_conn;
624 + * (Re)initialize this child to a pre-connection state.
627 + apr_pool_clear(ptrans);
629 + if ((ap_max_requests_per_child > 0
630 + && requests_this_child++ >= ap_max_requests_per_child)) {
631 + clean_child_exit(0);
634 + (void) ap_update_child_status(sbh, SERVER_READY, (request_rec *) NULL);
637 + * Wait for an acceptable connection to arrive.
640 + /* Lock around "accept", if necessary */
641 + SAFE_ACCEPT(accept_mutex_on());
643 + if (num_listensocks == 1) {
644 + /* There is only one listener record, so refer to that one. */
648 + /* multiple listening sockets - need to poll */
650 + apr_int32_t numdesc;
651 + const apr_pollfd_t *pdesc;
653 + /* timeout == -1 == wait forever */
654 + status = apr_pollset_poll(pollset, -1, &numdesc, &pdesc);
655 + if (status != APR_SUCCESS) {
656 + if (APR_STATUS_IS_EINTR(status)) {
657 + if (one_process && shutdown_pending) {
660 + else if (die_now) {
661 + /* In graceful stop/restart; drop the mutex
662 + * and terminate the child. */
663 + SAFE_ACCEPT(accept_mutex_off());
664 + clean_child_exit(0);
668 + /* Single Unix documents select as returning errnos
669 + * EBADF, EINTR, and EINVAL... and in none of those
670 + * cases does it make sense to continue. In fact
671 + * on Linux 2.0.x we seem to end up with EFAULT
672 + * occasionally, and we'd loop forever due to it.
674 + ap_log_error(APLOG_MARK, APLOG_ERR, status,
675 + ap_server_conf, "apr_pollset_poll: (listen)");
676 + SAFE_ACCEPT(accept_mutex_off());
677 + clean_child_exit(1);
680 + /* We can always use pdesc[0], but sockets at position N
681 + * could end up completely starved of attention in a very
682 + * busy server. Therefore, we round-robin across the
683 + * returned set of descriptors. While it is possible that
684 + * the returned set of descriptors might flip around and
685 + * continue to starve some sockets, we happen to know the
686 + * internal pollset implementation retains ordering
687 + * stability of the sockets. Thus, the round-robin should
688 + * ensure that a socket will eventually be serviced.
690 + if (last_poll_idx >= numdesc)
693 + /* Grab a listener record from the client_data of the poll
694 + * descriptor, and advance our saved index to round-robin
697 + * ### hmm... this descriptor might have POLLERR rather
700 + lr = pdesc[last_poll_idx++].client_data;
705 + /* if we accept() something we don't want to die, so we have to
708 + status = lr->accept_func(&csd, lr, ptrans);
710 + SAFE_ACCEPT(accept_mutex_off()); /* unlock after "accept" */
712 + if (status == APR_EGENERAL) {
713 + /* resource shortage or should-not-occur occured */
714 + clean_child_exit(1);
716 + else if (status != APR_SUCCESS) {
721 + * We now have a connection, so set it up with the appropriate
722 + * socket options, file descriptors, and read/write buffers.
726 + pid_t pid = fork(), child_pid;
730 + ap_log_error(APLOG_MARK, APLOG_ERR, errno, NULL, "fork: Unable to fork new process");
732 + case 0: /* child */
733 + apr_proc_mutex_child_init(&accept_mutex, ap_lock_fname, pchild);
734 + current_conn = ap_run_create_connection(ptrans, ap_server_conf, csd, my_child_num, sbh, bucket_alloc);
735 + if (current_conn) {
736 + ap_process_connection(current_conn, csd);
737 + ap_lingering_close(current_conn);
740 + default: /* parent; just wait for child to be done */
742 + child_pid = waitpid(pid, &status, 0);
743 + } while (child_pid == -1 && errno == EINTR);
745 + if (child_pid != pid || !WIFEXITED(status)) {
746 + if (WIFSIGNALED(status)) {
747 + ap_log_error(APLOG_MARK, APLOG_ERR, 0, ap_server_conf, "child died with signal %u", WTERMSIG(status));
748 + } else if (WEXITSTATUS(status) != 0) {
749 + ap_log_error(APLOG_MARK, APLOG_ERR, 0, ap_server_conf, "child exited with non-zero exit status %u", WEXITSTATUS(status));
751 + ap_log_error(APLOG_MARK, APLOG_ERR, errno, NULL, "waitpid() failed");
753 + clean_child_exit(1);
759 + /* Check the pod and the generation number after processing a
760 + * connection so that we'll go away if a graceful restart occurred
761 + * while we were processing the connection or we are the lucky
762 + * idle server process that gets to die.
764 + if (ap_mpm_pod_check(pod) == APR_SUCCESS) { /* selected as idle? */
767 + else if (ap_my_generation !=
768 + ap_scoreboard_image->global->running_generation) { /* restart? */
769 + /* yeah, this could be non-graceful restart, in which case the
770 + * parent will kill us soon enough, but why bother checking?
775 + /* if we have already setuid(), die (we can't be used anyhow) */
779 + clean_child_exit(0);
783 +static int make_child(server_rec *s, int slot)
787 + if (slot + 1 > ap_max_daemons_limit) {
788 + ap_max_daemons_limit = slot + 1;
792 + apr_signal(SIGHUP, sig_term);
793 + /* Don't catch AP_SIG_GRACEFUL in ONE_PROCESS mode :) */
794 + apr_signal(SIGINT, sig_term);
796 + apr_signal(SIGQUIT, SIG_DFL);
798 + apr_signal(SIGTERM, sig_term);
803 + (void) ap_update_child_status_from_indexes(slot, 0, SERVER_STARTING,
804 + (request_rec *) NULL);
808 + /* BS2000 requires a "special" version of fork() before a setuid() call */
809 + if ((pid = os_fork(unixd_config.user_name)) == -1) {
811 + if ((pid = os_fork(s, slot)) == -1) {
813 + if ((pid = fork()) == -1) {
815 + ap_log_error(APLOG_MARK, APLOG_ERR, errno, s, "fork: Unable to fork new process");
817 + /* fork didn't succeed. Fix the scoreboard or else
818 + * it will say SERVER_STARTING forever and ever
820 + (void) ap_update_child_status_from_indexes(slot, 0, SERVER_DEAD,
821 + (request_rec *) NULL);
823 + /* In case system resources are maxxed out, we don't want
824 + * Apache running away with the CPU trying to fork over and
825 + * over and over again.
833 +#ifdef HAVE_BINDPROCESSOR
834 + /* by default AIX binds to a single processor
835 + * this bit unbinds children which will then bind to another cpu
837 + int status = bindprocessor(BINDPROCESS, (int)getpid(),
838 + PROCESSOR_CLASS_ANY);
839 + if (status != OK) {
840 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno,
841 + ap_server_conf, "processor unbind failed %d", status);
844 + RAISE_SIGSTOP(MAKE_CHILD);
846 + /* Disable the parent's signal handlers and set up proper handling in
849 + apr_signal(SIGHUP, just_die);
850 + apr_signal(SIGTERM, just_die);
851 + /* The child process just closes listeners on AP_SIG_GRACEFUL.
852 + * The pod is used for signalling the graceful restart.
854 + apr_signal(AP_SIG_GRACEFUL, stop_listening);
858 + ap_scoreboard_image->parent[slot].pid = pid;
864 +/* start up a bunch of children */
865 +static void startup_children(int number_to_start)
869 + for (i = 0; number_to_start && i < ap_daemons_limit; ++i) {
870 + if (ap_scoreboard_image->servers[i][0].status != SERVER_DEAD) {
873 + if (make_child(ap_server_conf, i) < 0) {
882 + * idle_spawn_rate is the number of children that will be spawned on the
883 + * next maintenance cycle if there aren't enough idle servers. It is
884 + * doubled up to MAX_SPAWN_RATE, and reset only when a cycle goes by
885 + * without the need to spawn.
887 +static int idle_spawn_rate = 1;
888 +#ifndef MAX_SPAWN_RATE
889 +#define MAX_SPAWN_RATE (32)
891 +static int hold_off_on_exponential_spawning;
893 +static void perform_idle_server_maintenance(apr_pool_t *p)
900 + int free_slots[MAX_SPAWN_RATE];
902 + int total_non_dead;
904 + /* initialize the free_list */
909 + last_non_dead = -1;
910 + total_non_dead = 0;
912 + for (i = 0; i < ap_daemons_limit; ++i) {
915 + if (i >= ap_max_daemons_limit && free_length == idle_spawn_rate)
917 + ws = &ap_scoreboard_image->servers[i][0];
918 + status = ws->status;
919 + if (status == SERVER_DEAD) {
920 + /* try to keep children numbers as low as possible */
921 + if (free_length < idle_spawn_rate) {
922 + free_slots[free_length] = i;
927 + /* We consider a starting server as idle because we started it
928 + * at least a cycle ago, and if it still hasn't finished starting
929 + * then we're just going to swamp things worse by forking more.
930 + * So we hopefully won't need to fork more if we count it.
931 + * This depends on the ordering of SERVER_READY and SERVER_STARTING.
933 + if (status <= SERVER_READY) {
935 + /* always kill the highest numbered child if we have to...
936 + * no really well thought out reason ... other than observing
937 + * the server behaviour under linux where lower numbered children
938 + * tend to service more hits (and hence are more likely to have
939 + * their data in cpu caches).
948 + ap_max_daemons_limit = last_non_dead + 1;
949 + if (idle_count > ap_daemons_max_free) {
950 + /* kill off one child... we use the pod because that'll cause it to
951 + * shut down gracefully, in case it happened to pick up a request
952 + * while we were counting
954 + ap_mpm_pod_signal(pod);
955 + idle_spawn_rate = 1;
957 + else if (idle_count < ap_daemons_min_free) {
958 + /* terminate the free list */
959 + if (free_length == 0) {
960 + /* only report this condition once */
961 + static int reported = 0;
964 + ap_log_error(APLOG_MARK, APLOG_ERR, 0, ap_server_conf,
965 + "server reached MaxClients setting, consider"
966 + " raising the MaxClients setting");
969 + idle_spawn_rate = 1;
972 + if (idle_spawn_rate >= 8) {
973 + ap_log_error(APLOG_MARK, APLOG_INFO, 0, ap_server_conf,
974 + "server seems busy, (you may need "
975 + "to increase StartServers, or Min/MaxSpareServers), "
976 + "spawning %d children, there are %d idle, and "
977 + "%d total children", idle_spawn_rate,
978 + idle_count, total_non_dead);
980 + for (i = 0; i < free_length; ++i) {
982 + if (make_child(ap_server_conf, free_slots[i]) == -1) {
983 + if(free_length == 1) {
984 + shutdown_pending = 1;
985 + ap_log_error(APLOG_MARK, APLOG_EMERG, 0, ap_server_conf,
986 + "No active child processes: shutting down");
990 + make_child(ap_server_conf, free_slots[i]);
993 + /* the next time around we want to spawn twice as many if this
994 + * wasn't good enough, but not if we've just done a graceful
996 + if (hold_off_on_exponential_spawning) {
997 + --hold_off_on_exponential_spawning;
999 + else if (idle_spawn_rate < MAX_SPAWN_RATE) {
1000 + idle_spawn_rate *= 2;
1005 + idle_spawn_rate = 1;
1009 +/*****************************************************************
1010 + * Executive routines.
1013 +int ap_mpm_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s)
1016 + int remaining_children_to_start;
1019 + ap_log_pid(pconf, ap_pid_fname);
1021 + first_server_limit = server_limit;
1022 + if (changed_limit_at_restart) {
1023 + ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
1024 + "WARNING: Attempt to change ServerLimit "
1025 + "ignored during restart");
1026 + changed_limit_at_restart = 0;
1029 + /* Initialize cross-process accept lock */
1030 + ap_lock_fname = apr_psprintf(_pconf, "%s.%" APR_PID_T_FMT,
1031 + ap_server_root_relative(_pconf, ap_lock_fname),
1034 + rv = apr_proc_mutex_create(&accept_mutex, ap_lock_fname,
1035 + ap_accept_lock_mech, _pconf);
1036 + if (rv != APR_SUCCESS) {
1037 + ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
1038 + "Couldn't create accept lock (%s) (%d)",
1039 + ap_lock_fname, ap_accept_lock_mech);
1040 + mpm_state = AP_MPMQ_STOPPING;
1044 +#if APR_USE_SYSVSEM_SERIALIZE
1045 + if (ap_accept_lock_mech == APR_LOCK_DEFAULT ||
1046 + ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
1048 + if (ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
1050 + rv = unixd_set_proc_mutex_perms(accept_mutex);
1051 + if (rv != APR_SUCCESS) {
1052 + ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
1053 + "Couldn't set permissions on cross-process lock; "
1054 + "check User and Group directives");
1055 + mpm_state = AP_MPMQ_STOPPING;
1060 + if (!is_graceful) {
1061 + if (ap_run_pre_mpm(s->process->pool, SB_SHARED) != OK) {
1062 + mpm_state = AP_MPMQ_STOPPING;
1065 + /* fix the generation number in the global score; we just got a new,
1066 + * cleared scoreboard
1068 + ap_scoreboard_image->global->running_generation = ap_my_generation;
1073 + if (one_process) {
1075 + make_child(ap_server_conf, 0);
1078 + if (ap_daemons_max_free < ap_daemons_min_free + 1) /* Don't thrash... */
1079 + ap_daemons_max_free = ap_daemons_min_free + 1;
1081 + /* If we're doing a graceful_restart then we're going to see a lot
1082 + * of children exiting immediately when we get into the main loop
1083 + * below (because we just sent them AP_SIG_GRACEFUL). This happens pretty
1084 + * rapidly... and for each one that exits we'll start a new one until
1085 + * we reach at least daemons_min_free. But we may be permitted to
1086 + * start more than that, so we'll just keep track of how many we're
1087 + * supposed to start up without the 1 second penalty between each fork.
1089 + remaining_children_to_start = ap_daemons_to_start;
1090 + if (remaining_children_to_start > ap_daemons_limit) {
1091 + remaining_children_to_start = ap_daemons_limit;
1093 + if (!is_graceful) {
1094 + startup_children(remaining_children_to_start);
1095 + remaining_children_to_start = 0;
1098 + /* give the system some time to recover before kicking into
1099 + * exponential mode
1101 + hold_off_on_exponential_spawning = 10;
1104 + ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
1105 + "%s configured -- resuming normal operations",
1106 + ap_get_server_description());
1107 + ap_log_error(APLOG_MARK, APLOG_INFO, 0, ap_server_conf,
1108 + "Server built: %s", ap_get_server_built());
1109 +#ifdef AP_MPM_WANT_SET_ACCEPT_LOCK_MECH
1110 + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
1111 + "AcceptMutex: %s (default: %s)",
1112 + apr_proc_mutex_name(accept_mutex),
1113 + apr_proc_mutex_defname());
1115 + restart_pending = shutdown_pending = 0;
1117 + mpm_state = AP_MPMQ_RUNNING;
1119 + while (!restart_pending && !shutdown_pending) {
1121 + apr_exit_why_e exitwhy;
1122 + int status, processed_status;
1123 + /* this is a memory leak, but I'll fix it later. */
1126 + ap_wait_or_timeout(&exitwhy, &status, &pid, pconf);
1128 + /* XXX: if it takes longer than 1 second for all our children
1129 + * to start up and get into IDLE state then we may spawn an
1132 + if (pid.pid != -1) {
1133 + processed_status = ap_process_child_status(&pid, exitwhy, status);
1134 + if (processed_status == APEXIT_CHILDFATAL) {
1135 + mpm_state = AP_MPMQ_STOPPING;
1139 + /* non-fatal death... note that it's gone in the scoreboard. */
1140 + child_slot = find_child_by_pid(&pid);
1141 + if (child_slot >= 0) {
1142 + (void) ap_update_child_status_from_indexes(child_slot, 0, SERVER_DEAD,
1143 + (request_rec *) NULL);
1144 + if (processed_status == APEXIT_CHILDSICK) {
1145 + /* child detected a resource shortage (E[NM]FILE, ENOBUFS, etc)
1146 + * cut the fork rate to the minimum
1148 + idle_spawn_rate = 1;
1150 + else if (remaining_children_to_start
1151 + && child_slot < ap_daemons_limit) {
1152 + /* we're still doing a 1-for-1 replacement of dead
1153 + * children with new children
1155 + make_child(ap_server_conf, child_slot);
1156 + --remaining_children_to_start;
1158 +#if APR_HAS_OTHER_CHILD
1160 + else if (apr_proc_other_child_alert(&pid, APR_OC_REASON_DEATH, status) == APR_SUCCESS) {
1164 + else if (is_graceful) {
1165 + /* Great, we've probably just lost a slot in the
1166 + * scoreboard. Somehow we don't know about this
1169 + ap_log_error(APLOG_MARK, APLOG_WARNING,
1170 + 0, ap_server_conf,
1171 + "long lost child came home! (pid %ld)", (long)pid.pid);
1173 + /* Don't perform idle maintenance when a child dies,
1174 + * only do it when there's a timeout. Remember only a
1175 + * finite number of children can die, and it's pretty
1176 + * pathological for a lot to die suddenly.
1180 + else if (remaining_children_to_start) {
1181 + /* we hit a 1 second timeout in which none of the previous
1182 + * generation of children needed to be reaped... so assume
1183 + * they're all done, and pick up the slack if any is left.
1185 + startup_children(remaining_children_to_start);
1186 + remaining_children_to_start = 0;
1187 + /* In any event we really shouldn't do the code below because
1188 + * few of the servers we just started are in the IDLE state
1189 + * yet, so we'd mistakenly create an extra server.
1194 + perform_idle_server_maintenance(pconf);
1196 + shutdown_pending = os_check_server(tpf_server_name);
1197 + ap_check_signals();
1201 + } /* one_process */
1203 + mpm_state = AP_MPMQ_STOPPING;
1205 + if (shutdown_pending && !is_graceful) {
1206 + /* Time to shut down:
1207 + * Kill child processes, tell them to call child_exit, etc...
1209 + if (unixd_killpg(getpgrp(), SIGTERM) < 0) {
1210 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "killpg SIGTERM");
1212 + ap_reclaim_child_processes(1); /* Start with SIGTERM */
1214 + /* cleanup pid file on normal shutdown */
1216 + const char *pidfile = NULL;
1217 + pidfile = ap_server_root_relative (pconf, ap_pid_fname);
1218 + if ( pidfile != NULL && unlink(pidfile) == 0)
1219 + ap_log_error(APLOG_MARK, APLOG_INFO,
1220 + 0, ap_server_conf,
1221 + "removed PID file %s (pid=%ld)",
1222 + pidfile, (long)getpid());
1225 + ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
1226 + "caught SIGTERM, shutting down");
1229 + } else if (shutdown_pending) {
1230 + /* Time to perform a graceful shut down:
1231 + * Reap the inactive children, and ask the active ones
1232 + * to close their listeners, then wait until they are
1233 + * all done to exit.
1235 + int active_children;
1236 + apr_time_t cutoff = 0;
1238 + /* Stop listening */
1239 + ap_close_listeners();
1241 + /* kill off the idle ones */
1242 + ap_mpm_pod_killpg(pod, ap_max_daemons_limit);
1244 + /* Send SIGUSR1 to the active children */
1245 + active_children = 0;
1246 + for (index = 0; index < ap_daemons_limit; ++index) {
1247 + if (ap_scoreboard_image->servers[index][0].status != SERVER_DEAD) {
1248 + /* Ask each child to close its listeners. */
1249 + ap_mpm_safe_kill(MPM_CHILD_PID(index), AP_SIG_GRACEFUL);
1250 + active_children++;
1254 + /* Allow each child which actually finished to exit */
1255 + ap_relieve_child_processes();
1257 + /* cleanup pid file */
1259 + const char *pidfile = NULL;
1260 + pidfile = ap_server_root_relative (pconf, ap_pid_fname);
1261 + if ( pidfile != NULL && unlink(pidfile) == 0)
1262 + ap_log_error(APLOG_MARK, APLOG_INFO,
1263 + 0, ap_server_conf,
1264 + "removed PID file %s (pid=%ld)",
1265 + pidfile, (long)getpid());
1268 + ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
1269 + "caught " AP_SIG_GRACEFUL_STOP_STRING ", shutting down gracefully");
1271 + if (ap_graceful_shutdown_timeout) {
1272 + cutoff = apr_time_now() +
1273 + apr_time_from_sec(ap_graceful_shutdown_timeout);
1276 + /* Don't really exit until each child has finished */
1277 + shutdown_pending = 0;
1279 + /* Pause for a second */
1282 + /* Relieve any children which have now exited */
1283 + ap_relieve_child_processes();
1285 + active_children = 0;
1286 + for (index = 0; index < ap_daemons_limit; ++index) {
1287 + if (ap_mpm_safe_kill(MPM_CHILD_PID(index), 0) == APR_SUCCESS) {
1288 + active_children = 1;
1289 + /* Having just one child is enough to stay around */
1293 + } while (!shutdown_pending && active_children &&
1294 + (!ap_graceful_shutdown_timeout || apr_time_now() < cutoff));
1296 + /* We might be here because we received SIGTERM, either
1297 + * way, try and make sure that all of our processes are
1300 + unixd_killpg(getpgrp(), SIGTERM);
1305 + /* we've been told to restart */
1306 + apr_signal(SIGHUP, SIG_IGN);
1307 + apr_signal(AP_SIG_GRACEFUL, SIG_IGN);
1308 + if (one_process) {
1309 + /* not worth thinking about */
1313 + /* advance to the next generation */
1314 + /* XXX: we really need to make sure this new generation number isn't in
1315 + * use by any of the children.
1317 + ++ap_my_generation;
1318 + ap_scoreboard_image->global->running_generation = ap_my_generation;
1320 + if (is_graceful) {
1321 + ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
1322 + "Graceful restart requested, doing restart");
1324 + /* kill off the idle ones */
1325 + ap_mpm_pod_killpg(pod, ap_max_daemons_limit);
1327 + /* This is mostly for debugging... so that we know what is still
1328 + * gracefully dealing with existing request. This will break
1329 + * in a very nasty way if we ever have the scoreboard totally
1330 + * file-based (no shared memory)
1332 + for (index = 0; index < ap_daemons_limit; ++index) {
1333 + if (ap_scoreboard_image->servers[index][0].status != SERVER_DEAD) {
1334 + ap_scoreboard_image->servers[index][0].status = SERVER_GRACEFUL;
1335 + /* Ask each child to close its listeners.
1337 + * NOTE: we use the scoreboard, because if we send SIGUSR1
1338 + * to every process in the group, this may include CGI's,
1339 + * piped loggers, etc. They almost certainly won't handle
1342 + ap_mpm_safe_kill(ap_scoreboard_image->parent[index].pid, AP_SIG_GRACEFUL);
1347 + /* Kill 'em off */
1348 + if (unixd_killpg(getpgrp(), SIGHUP) < 0) {
1349 + ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, "killpg SIGHUP");
1351 + ap_reclaim_child_processes(0); /* Not when just starting up */
1352 + ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
1353 + "SIGHUP received. Attempting to restart");
1359 +/* This really should be a post_config hook, but the error log is already
1360 + * redirected by that point, so we need to do this in the open_logs phase.
1362 +static int itk_open_logs(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
1367 + ap_server_conf = s;
1369 + if ((num_listensocks = ap_setup_listeners(ap_server_conf)) < 1) {
1370 + ap_log_error(APLOG_MARK, APLOG_ALERT|APLOG_STARTUP, 0,
1371 + NULL, "no listening sockets available, shutting down");
1375 + if ((rv = ap_mpm_pod_open(pconf, &pod))) {
1376 + ap_log_error(APLOG_MARK, APLOG_CRIT|APLOG_STARTUP, rv, NULL,
1377 + "Could not open pipe-of-death.");
1383 +static int itk_pre_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp)
1385 + static int restart_num = 0;
1386 + int no_detach, debug, foreground;
1389 + mpm_state = AP_MPMQ_STARTING;
1391 + debug = ap_exists_config_define("DEBUG");
1394 + foreground = one_process = 1;
1399 + no_detach = ap_exists_config_define("NO_DETACH");
1400 + one_process = ap_exists_config_define("ONE_PROCESS");
1401 + foreground = ap_exists_config_define("FOREGROUND");
1404 + /* sigh, want this only the second time around */
1405 + if (restart_num++ == 1) {
1408 + if (!one_process && !foreground) {
1409 + rv = apr_proc_detach(no_detach ? APR_PROC_DETACH_FOREGROUND
1410 + : APR_PROC_DETACH_DAEMONIZE);
1411 + if (rv != APR_SUCCESS) {
1412 + ap_log_error(APLOG_MARK, APLOG_CRIT, rv, NULL,
1413 + "apr_proc_detach failed");
1414 + return HTTP_INTERNAL_SERVER_ERROR;
1418 + parent_pid = ap_my_pid = getpid();
1421 + unixd_pre_config(ptemp);
1422 + ap_listen_pre_config();
1423 + ap_daemons_to_start = DEFAULT_START_DAEMON;
1424 + ap_daemons_min_free = DEFAULT_MIN_FREE_DAEMON;
1425 + ap_daemons_max_free = DEFAULT_MAX_FREE_DAEMON;
1426 + ap_daemons_limit = server_limit;
1427 + ap_pid_fname = DEFAULT_PIDLOG;
1428 + ap_lock_fname = DEFAULT_LOCKFILE;
1429 + ap_max_requests_per_child = DEFAULT_MAX_REQUESTS_PER_CHILD;
1430 + ap_extended_status = 0;
1431 +#ifdef AP_MPM_WANT_SET_MAX_MEM_FREE
1432 + ap_max_mem_free = APR_ALLOCATOR_MAX_FREE_UNLIMITED;
1435 + apr_cpystrn(ap_coredump_dir, ap_server_root, sizeof(ap_coredump_dir));
1440 +static int itk_post_perdir_config(request_rec *r)
1444 + const char *wanted_username;
1447 + itk_server_conf *sconf =
1448 + (itk_server_conf *) ap_get_module_config(r->server->module_config, &mpm_itk_module);
1450 + /* Enforce MaxClientsVhost. */
1451 + if (sconf->max_clients_vhost > 0) {
1452 + int i, num_other_servers = 0;
1453 + for (i = 0; i < ap_daemons_limit; ++i) {
1454 + worker_score *ws = &ap_scoreboard_image->servers[i][0];
1455 + if (ws->status >= SERVER_BUSY_READ && strncmp(ws->vhost, r->server->server_hostname, 31) == 0)
1456 + ++num_other_servers;
1459 + if (num_other_servers > sconf->max_clients_vhost) {
1460 + ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, \
1461 + "MaxClientsVhost reached for %s, refusing client.",
1462 + r->server->server_hostname);
1463 + return HTTP_SERVICE_UNAVAILABLE;
1467 + itk_per_dir_conf *dconf =
1468 + (itk_per_dir_conf *) ap_get_module_config(r->per_dir_config, &mpm_itk_module);
1470 + strncpy(ap_scoreboard_image->servers[my_child_num][0].vhost, r->server->server_hostname, 31);
1471 + ap_scoreboard_image->servers[my_child_num][0].vhost[31] = 0;
1473 + if (dconf->nice_value != UNSET_NICE_VALUE &&
1474 + setpriority(PRIO_PROCESS, 0, dconf->nice_value)) {
1475 + _DBG("setpriority(): %s", strerror(errno));
1479 + wanted_uid = dconf->uid;
1480 + wanted_gid = dconf->gid;
1481 + wanted_username = dconf->username;
1483 + if (wanted_uid == -1 || wanted_gid == -1) {
1484 + wanted_uid = unixd_config.user_id;
1485 + wanted_gid = unixd_config.group_id;
1486 + wanted_username = unixd_config.user_name;
1489 + if (!err && wanted_uid != -1 && wanted_gid != -1 && (getuid() != wanted_uid || getgid() != wanted_gid)) {
1490 + if (setgid(wanted_gid)) {
1491 + _DBG("setgid(%d): %s", wanted_gid, strerror(errno));
1493 + } else if (initgroups(wanted_username, wanted_gid)) {
1494 + _DBG("initgroups(%s, %d): %s", wanted_username, wanted_gid, strerror(errno));
1496 + } else if (setuid(wanted_uid)) {
1497 + _DBG("setuid(%d): %s", wanted_uid, strerror(errno));
1503 + * Most likely a case of switching uid/gid within a persistent
1504 + * connection; the RFCs allow us to just close the connection
1505 + * at anytime, so we excercise our right. :-)
1508 + ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, \
1509 + "Couldn't set uid/gid/priority, closing connection.");
1510 + ap_lingering_close(r->connection);
1516 +static void itk_hooks(apr_pool_t *p)
1518 + /* The itk open_logs phase must run before the core's, or stderr
1519 + * will be redirected to a file, and the messages won't print to the
1522 + static const char *const aszSucc[] = {"core.c", NULL};
1525 + (void) set42sig();
1528 + ap_hook_open_logs(itk_open_logs, NULL, aszSucc, APR_HOOK_MIDDLE);
1529 + /* we need to set the MPM state before other pre-config hooks use MPM query
1530 + * to retrieve it, so register as REALLY_FIRST
1532 + ap_hook_pre_config(itk_pre_config, NULL, NULL, APR_HOOK_REALLY_FIRST);
1534 + /* set the uid as fast as possible, but not before merging per-dit config */
1535 + ap_hook_header_parser(itk_post_perdir_config, NULL, NULL, APR_HOOK_REALLY_FIRST);
1538 +static const char *set_daemons_to_start(cmd_parms *cmd, void *dummy, const char *arg)
1540 + const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1541 + if (err != NULL) {
1545 + ap_daemons_to_start = atoi(arg);
1549 +static const char *set_min_free_servers(cmd_parms *cmd, void *dummy, const char *arg)
1551 + const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1552 + if (err != NULL) {
1556 + ap_daemons_min_free = atoi(arg);
1557 + if (ap_daemons_min_free <= 0) {
1558 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
1559 + "WARNING: detected MinSpareServers set to non-positive.");
1560 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
1561 + "Resetting to 1 to avoid almost certain Apache failure.");
1562 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
1563 + "Please read the documentation.");
1564 + ap_daemons_min_free = 1;
1570 +static const char *set_max_free_servers(cmd_parms *cmd, void *dummy, const char *arg)
1572 + const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1573 + if (err != NULL) {
1577 + ap_daemons_max_free = atoi(arg);
1581 +static const char *set_max_clients (cmd_parms *cmd, void *dummy, const char *arg)
1583 + const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1584 + if (err != NULL) {
1588 + ap_daemons_limit = atoi(arg);
1589 + if (ap_daemons_limit > server_limit) {
1590 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
1591 + "WARNING: MaxClients of %d exceeds ServerLimit value "
1592 + "of %d servers,", ap_daemons_limit, server_limit);
1593 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
1594 + " lowering MaxClients to %d. To increase, please "
1595 + "see the ServerLimit", server_limit);
1596 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
1598 + ap_daemons_limit = server_limit;
1600 + else if (ap_daemons_limit < 1) {
1601 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
1602 + "WARNING: Require MaxClients > 0, setting to 1");
1603 + ap_daemons_limit = 1;
1608 +static const char *set_server_limit (cmd_parms *cmd, void *dummy, const char *arg)
1610 + int tmp_server_limit;
1612 + const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1613 + if (err != NULL) {
1617 + tmp_server_limit = atoi(arg);
1618 + /* you cannot change ServerLimit across a restart; ignore
1619 + * any such attempts
1621 + if (first_server_limit &&
1622 + tmp_server_limit != server_limit) {
1623 + /* how do we log a message? the error log is a bit bucket at this
1624 + * point; we'll just have to set a flag so that ap_mpm_run()
1625 + * logs a warning later
1627 + changed_limit_at_restart = 1;
1630 + server_limit = tmp_server_limit;
1632 + if (server_limit > MAX_SERVER_LIMIT) {
1633 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
1634 + "WARNING: ServerLimit of %d exceeds compile time limit "
1635 + "of %d servers,", server_limit, MAX_SERVER_LIMIT);
1636 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
1637 + " lowering ServerLimit to %d.", MAX_SERVER_LIMIT);
1638 + server_limit = MAX_SERVER_LIMIT;
1640 + else if (server_limit < 1) {
1641 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
1642 + "WARNING: Require ServerLimit > 0, setting to 1");
1648 +static const char *assign_user_id (cmd_parms *cmd, void *ptr, const char *user_name, const char *group_name)
1650 + itk_per_dir_conf *dconf = (itk_per_dir_conf *) ptr;
1651 + dconf->username = apr_pstrdup(cmd->pool, user_name);
1652 + dconf->uid = ap_uname2id(user_name);
1653 + dconf->gid = ap_gname2id(group_name);
1657 +static const char *set_max_clients_vhost (cmd_parms *cmd, void *dummy, const char *arg)
1659 + itk_server_conf *sconf =
1660 + (itk_server_conf *) ap_get_module_config(cmd->server->module_config, &mpm_itk_module);
1661 + sconf->max_clients_vhost = atoi(arg);
1665 +static const char *set_nice_value (cmd_parms *cmd, void *ptr, const char *arg)
1667 + itk_per_dir_conf *dconf = (itk_per_dir_conf *) ptr;
1668 + int nice_value = atoi(arg);
1670 + if (nice_value < -20) {
1671 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
1672 + "WARNING: NiceValue of %d is below -20, increasing NiceValue to -20.",
1676 + else if (nice_value > 19) {
1677 + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
1678 + "WARNING: NiceValue of %d is above 19, lowering NiceValue to 19.",
1682 + dconf->nice_value = nice_value;
1686 +static const command_rec itk_cmds[] = {
1687 +UNIX_DAEMON_COMMANDS,
1689 +AP_INIT_TAKE1("StartServers", set_daemons_to_start, NULL, RSRC_CONF,
1690 + "Number of child processes launched at server startup"),
1691 +AP_INIT_TAKE1("MinSpareServers", set_min_free_servers, NULL, RSRC_CONF,
1692 + "Minimum number of idle children, to handle request spikes"),
1693 +AP_INIT_TAKE1("MaxSpareServers", set_max_free_servers, NULL, RSRC_CONF,
1694 + "Maximum number of idle children"),
1695 +AP_INIT_TAKE1("MaxClients", set_max_clients, NULL, RSRC_CONF,
1696 + "Maximum number of children alive at the same time"),
1697 +AP_INIT_TAKE1("ServerLimit", set_server_limit, NULL, RSRC_CONF,
1698 + "Maximum value of MaxClients for this run of Apache"),
1699 +AP_INIT_TAKE2("AssignUserID", assign_user_id, NULL, RSRC_CONF|ACCESS_CONF,
1700 + "Tie a virtual host to a specific child process."),
1701 +AP_INIT_TAKE1("MaxClientsVHost", set_max_clients_vhost, NULL, RSRC_CONF,
1702 + "Maximum number of children alive at the same time for this virtual host."),
1703 +AP_INIT_TAKE1("NiceValue", set_nice_value, NULL, RSRC_CONF|ACCESS_CONF,
1704 + "Set nice value for the given vhost, from -20 (highest priority) to 19 (lowest priority)."),
1705 +AP_GRACEFUL_SHUTDOWN_TIMEOUT_COMMAND,
1709 +/* == allocate a private per-dir config structure == */
1710 +static void *itk_create_dir_config(apr_pool_t *p, char *dummy)
1712 + itk_per_dir_conf *c = (itk_per_dir_conf *)
1713 + apr_pcalloc(p, sizeof(itk_per_dir_conf));
1714 + c->uid = c->gid = -1;
1715 + c->nice_value = UNSET_NICE_VALUE;
1719 +/* == merge the parent per-dir config structure into ours == */
1720 +static void *itk_merge_dir_config(apr_pool_t *p, void *parent_ptr, void *child_ptr)
1722 + itk_per_dir_conf *c = (itk_per_dir_conf *)
1723 + apr_pcalloc(p, sizeof(itk_per_dir_conf));
1724 + itk_per_dir_conf *parent = (itk_per_dir_conf *) parent_ptr;
1725 + itk_per_dir_conf *child = (itk_per_dir_conf *) child_ptr;
1727 + if (child->username != NULL) {
1728 + c->username = apr_pstrdup(p, child->username);
1729 + c->uid = child->uid;
1730 + c->gid = child->gid;
1731 + } else if (parent->username != NULL) {
1732 + c->username = apr_pstrdup(p, parent->username);
1733 + c->uid = parent->uid;
1734 + c->gid = parent->gid;
1736 + if (child->nice_value != UNSET_NICE_VALUE) {
1737 + c->nice_value = child->nice_value;
1739 + c->nice_value = parent->nice_value;
1744 +/* == allocate a private server config structure == */
1745 +static void *itk_create_server_config(apr_pool_t *p, server_rec *s)
1747 + itk_server_conf *c = (itk_server_conf *)
1748 + apr_pcalloc(p, sizeof(itk_server_conf));
1749 + c->max_clients_vhost = -1;
1753 +module AP_MODULE_DECLARE_DATA mpm_itk_module = {
1754 + MPM20_MODULE_STUFF,
1755 + ap_mpm_rewrite_args, /* hook to run before apache parses args */
1756 + itk_create_dir_config, /* create per-directory config structure */
1757 + itk_merge_dir_config, /* merge per-directory config structures */
1758 + itk_create_server_config, /* create per-server config structure */
1759 + NULL, /* merge per-server config structures */
1760 + itk_cmds, /* command apr_table_t */
1761 + itk_hooks, /* register hooks */
1764 --- httpd-2.2.11/server/mpm/experimental/itk/mpm.h 2009-03-17 21:39:03.000000000 +0100
1765 +++ httpd-2.2.11/server/mpm/experimental/itk/mpm.h 2009-03-21 13:02:33.000000000 +0100
1767 +/* Licensed to the Apache Software Foundation (ASF) under one or more
1768 + * contributor license agreements. See the NOTICE file distributed with
1769 + * this work for additional information regarding copyright ownership.
1770 + * The ASF licenses this file to You under the Apache License, Version 2.0
1771 + * (the "License"); you may not use this file except in compliance with
1772 + * the License. You may obtain a copy of the License at
1774 + * http://www.apache.org/licenses/LICENSE-2.0
1776 + * Unless required by applicable law or agreed to in writing, software
1777 + * distributed under the License is distributed on an "AS IS" BASIS,
1778 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1779 + * See the License for the specific language governing permissions and
1780 + * limitations under the License.
1782 + * Portions copyright 2005-2009 Steinar H. Gunderson <sgunderson@bigfoot.com>.
1783 + * Licensed under the same terms as the rest of Apache.
1785 + * Portions copyright 2008 Knut Auvor Grythe <knut@auvor.no>.
1786 + * Licensed under the same terms as the rest of Apache.
1791 + * @brief ITK MPM (setuid per-vhost, no threads)
1793 + * @defgroup APACHE_MPM_ITK Apache ITK
1794 + * @ingroup APACHE_MPM APACHE_OS_UNIX
1799 +#include "mpm_default.h"
1800 +#include "scoreboard.h"
1803 +#ifndef APACHE_MPM_ITK_H
1804 +#define APACHE_MPM_ITK_H
1808 +#define MPM_NAME "ITK"
1810 +#define AP_MPM_WANT_RECLAIM_CHILD_PROCESSES
1811 +#define AP_MPM_WANT_WAIT_OR_TIMEOUT
1812 +#define AP_MPM_WANT_PROCESS_CHILD_STATUS
1813 +#define AP_MPM_WANT_SET_PIDFILE
1814 +#define AP_MPM_WANT_SET_SCOREBOARD
1815 +#define AP_MPM_WANT_SET_LOCKFILE
1816 +#define AP_MPM_WANT_SET_MAX_REQUESTS
1817 +#define AP_MPM_WANT_SET_COREDUMPDIR
1818 +#define AP_MPM_WANT_SET_ACCEPT_LOCK_MECH
1819 +#define AP_MPM_WANT_SIGNAL_SERVER
1820 +#define AP_MPM_WANT_SET_MAX_MEM_FREE
1821 +#define AP_MPM_WANT_FATAL_SIGNAL_HANDLER
1822 +#define AP_MPM_WANT_SET_GRACEFUL_SHUTDOWN
1823 +#define AP_MPM_DISABLE_NAGLE_ACCEPTED_SOCK
1825 +#define AP_MPM_USES_POD 1
1826 +#define MPM_CHILD_PID(i) (ap_scoreboard_image->parent[i].pid)
1827 +#define MPM_NOTE_CHILD_KILLED(i) (MPM_CHILD_PID(i) = 0)
1828 +#define MPM_ACCEPT_FUNC unixd_accept
1830 +extern int ap_threads_per_child;
1831 +extern int ap_max_daemons_limit;
1832 +extern server_rec *ap_server_conf;
1833 +#endif /* APACHE_MPM_ITK_H */
1836 --- httpd-2.2.11/server/mpm/experimental/itk/mpm_default.h 2009-03-17 21:39:03.000000000 +0100
1837 +++ httpd-2.2.11/server/mpm/experimental/itk/mpm_default.h 2009-03-21 13:02:33.000000000 +0100
1839 +/* Licensed to the Apache Software Foundation (ASF) under one or more
1840 + * contributor license agreements. See the NOTICE file distributed with
1841 + * this work for additional information regarding copyright ownership.
1842 + * The ASF licenses this file to You under the Apache License, Version 2.0
1843 + * (the "License"); you may not use this file except in compliance with
1844 + * the License. You may obtain a copy of the License at
1846 + * http://www.apache.org/licenses/LICENSE-2.0
1848 + * Unless required by applicable law or agreed to in writing, software
1849 + * distributed under the License is distributed on an "AS IS" BASIS,
1850 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1851 + * See the License for the specific language governing permissions and
1852 + * limitations under the License.
1854 + * Portions copyright 2005-2009 Steinar H. Gunderson <sgunderson@bigfoot.com>.
1855 + * Licensed under the same terms as the rest of Apache.
1857 + * Portions copyright 2008 Knut Auvor Grythe <knut@auvor.no>.
1858 + * Licensed under the same terms as the rest of Apache.
1862 + * @file itk/mpm_default.h
1863 + * @brief ITK MPM defaults
1865 + * @addtogroup APACHE_MPM_ITK
1869 +#ifndef APACHE_MPM_DEFAULT_H
1870 +#define APACHE_MPM_DEFAULT_H
1872 +/* Number of servers to spawn off by default --- also, if fewer than
1873 + * this free when the caretaker checks, it will spawn more.
1875 +#ifndef DEFAULT_START_DAEMON
1876 +#define DEFAULT_START_DAEMON 5
1879 +/* Maximum number of *free* server processes --- more than this, and
1880 + * they will die off.
1883 +#ifndef DEFAULT_MAX_FREE_DAEMON
1884 +#define DEFAULT_MAX_FREE_DAEMON 10
1887 +/* Minimum --- fewer than this, and more will be created */
1889 +#ifndef DEFAULT_MIN_FREE_DAEMON
1890 +#define DEFAULT_MIN_FREE_DAEMON 5
1893 +/* File used for accept locking, when we use a file */
1894 +#ifndef DEFAULT_LOCKFILE
1895 +#define DEFAULT_LOCKFILE DEFAULT_REL_RUNTIMEDIR "/accept.lock"
1898 +/* Where the main/parent process's pid is logged */
1899 +#ifndef DEFAULT_PIDLOG
1900 +#define DEFAULT_PIDLOG DEFAULT_REL_RUNTIMEDIR "/httpd.pid"
1904 + * Interval, in microseconds, between scoreboard maintenance.
1906 +#ifndef SCOREBOARD_MAINTENANCE_INTERVAL
1907 +#define SCOREBOARD_MAINTENANCE_INTERVAL 1000000
1910 +/* Number of requests to try to handle in a single process. If <= 0,
1911 + * the children don't die off.
1913 +#ifndef DEFAULT_MAX_REQUESTS_PER_CHILD
1914 +#define DEFAULT_MAX_REQUESTS_PER_CHILD 10000
1917 +#endif /* AP_MPM_DEFAULT_H */
1920 --- apache2.2.orig/server/mpm/config.m4 2007-01-29 21:30:26.000000000 +0100
1921 +++ apache2.2/server/mpm/config.m4 2007-01-29 21:30:35.000000000 +0100
1923 AC_MSG_CHECKING(which MPM to use)
1925 APACHE_HELP_STRING(--with-mpm=MPM,Choose the process model for Apache to use.
1926 - MPM={beos|event|worker|prefork|mpmt_os2|winnt}),[
1927 + MPM={beos|event|worker|prefork|mpmt_os2|winnt|itk}),[
1930 if test "x$APACHE_MPM" = "x"; then
1933 ap_mpm_is_experimental ()
1935 - if test "$apache_cv_mpm" = "event" ; then
1936 + if test "$apache_cv_mpm" = "event" -o "$apache_cv_mpm" = "itk" ; then
1941 --- apache2.2.orig/server/mpm/experimental/itk/config.m4 2007-01-29 21:03:51.000000000 +0100
1942 +++ apache2.2/server/mpm/experimental/itk/config.m4 2007-01-29 21:03:57.000000000 +0100
1944 if test "$MPM_NAME" = "itk" ; then
1945 - APACHE_FAST_OUTPUT(server/mpm/$MPM_NAME/Makefile)
1946 + APACHE_FAST_OUTPUT(server/mpm/$MPM_SUBDIR_NAME/Makefile)
1949 --- httpd-2.2.11/include/http_request.h 2009-03-21 13:03:31.000000000 +0100
1950 +++ httpd-2.2.11/include/http_request.h 2009-03-21 13:03:41.000000000 +0100
1952 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1953 * See the License for the specific language governing permissions and
1954 * limitations under the License.
1956 + * Portions copyright 2005-2009 Steinar H. Gunderson <sgunderson@bigfoot.com>.
1957 + * Licensed under the same terms as the rest of Apache.
1959 + * Portions copyright 2008 Knut Auvor Grythe <knut@auvor.no>.
1960 + * Licensed under the same terms as the rest of Apache.
1964 @@ -350,6 +356,15 @@
1966 AP_DECLARE_HOOK(void,insert_filter,(request_rec *r))
1969 + * This hook allows modules to affect the request immediately after the
1970 + * per-directory configuration for the request has been generated. This allows
1971 + * modules to make decisions based upon the current directory configuration
1972 + * @param r The current request
1973 + * @return OK or DECLINED
1975 +AP_DECLARE_HOOK(int,post_perdir_config,(request_rec *r))
1977 AP_DECLARE(int) ap_location_walk(request_rec *r);
1978 AP_DECLARE(int) ap_directory_walk(request_rec *r);
1979 AP_DECLARE(int) ap_file_walk(request_rec *r);
1981 --- httpd-2.2.11/server/request.c 2009-03-21 13:03:13.000000000 +0100
1982 +++ httpd-2.2.11/server/request.c 2009-03-21 13:03:41.000000000 +0100
1984 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1985 * See the License for the specific language governing permissions and
1986 * limitations under the License.
1988 + * Portions copyright 2005-2009 Steinar H. Gunderson <sgunderson@bigfoot.com>.
1989 + * Licensed under the same terms as the rest of Apache.
1991 + * Portions copyright 2008 Knut Auvor Grythe <knut@auvor.no>.
1992 + * Licensed under the same terms as the rest of Apache.
1997 APR_HOOK_LINK(auth_checker)
1998 APR_HOOK_LINK(insert_filter)
1999 APR_HOOK_LINK(create_request)
2000 + APR_HOOK_LINK(post_perdir_config)
2003 AP_IMPLEMENT_HOOK_RUN_FIRST(int,translate_name,
2005 AP_IMPLEMENT_HOOK_VOID(insert_filter, (request_rec *r), (r))
2006 AP_IMPLEMENT_HOOK_RUN_ALL(int, create_request,
2007 (request_rec *r), (r), OK, DECLINED)
2008 +AP_IMPLEMENT_HOOK_RUN_ALL(int,post_perdir_config,
2009 + (request_rec *r), (r), OK, DECLINED)
2012 static int decl_die(int status, char *phase, request_rec *r)
2013 @@ -158,6 +167,13 @@
2014 return access_status;
2017 + /* First chance to handle the request after per-directory configuration is
2020 + if ((access_status = ap_run_post_perdir_config(r))) {
2021 + return access_status;
2024 /* Only on the main request! */
2025 if (r->main == NULL) {
2026 if ((access_status = ap_run_header_parser(r))) {
2028 --- httpd-2.2.11.orig/server/mpm/config.m4 2009-04-14 23:26:41.000000000 +0200
2029 +++ httpd-2.2.11/server/mpm/config.m4 2009-04-14 23:28:03.000000000 +0200
2032 MPM_SUBDIR_NAME=$MPM_NAME
2035 +if test "$apache_cv_mpm" = "itk" ; then
2036 + AC_CHECK_LIB(cap, cap_init)
2039 MPM_DIR=server/mpm/$MPM_SUBDIR_NAME
2040 MPM_LIB=$MPM_DIR/lib${MPM_NAME}.la