mpm_winnt.c revision a1e8b54f269a8f2388590174174509546e886e60
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2000-2002 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" must
* not be used to endorse or promote products derived from this
* software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache",
* nor may "Apache" appear in their name, without prior written
* permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
*
* Portions of this software are based upon public domain software
* originally written at the National Center for Supercomputing Applications,
* University of Illinois, Urbana-Champaign.
*/
#define CORE_PRIVATE
#include "httpd.h"
#include "http_main.h"
#include "http_log.h"
#include "http_config.h" /* for read_config */
#include "http_core.h" /* for get_remote_host */
#include "http_connection.h"
#include "apr_portable.h"
#include "apr_getopt.h"
#include "apr_strings.h"
#include "apr_lib.h"
#include "apr_shm.h"
#include "apr_thread_mutex.h"
#include "ap_mpm.h"
#include "ap_config.h"
#include "ap_listen.h"
#include "mpm_default.h"
#include "mpm_winnt.h"
#include "mpm_common.h"
#include <malloc.h>
/* Limit on the threads per process. Clients will be locked out if more than
* this * HARD_SERVER_LIMIT are needed.
*
* We keep this for one reason it keeps the size of the scoreboard file small
* enough that we can read the whole thing without worrying too much about
* the overhead.
*/
#ifndef HARD_THREAD_LIMIT
#define HARD_THREAD_LIMIT 1920
#endif
/* Limit on the total --- clients will be locked out if more servers than
* this are needed. It is intended solely to keep the server from crashing
* when things get out of hand.
*
* We keep a hard maximum number of servers, for two reasons --- first off,
* in case something goes seriously wrong, we want to stop the fork bomb
* short of actually crashing the machine we're running on by filling some
* kernel table. Secondly, it keeps the size of the scoreboard file small
* enough that we can read the whole thing without worrying too much about
* the overhead.
*/
#define HARD_SERVER_LIMIT 1
/* scoreboard.c does the heavy lifting; all we do is create the child
* score by moving a handle down the pipe into the child's stdin.
*/
extern apr_shm_t *ap_scoreboard_shm;
/* Definitions of WINNT MPM specific config globals */
static apr_pool_t *pconf;
static int workers_may_exit = 0;
static int shutdown_in_progress = 0;
static unsigned int g_blocked_threads = 0;
static HANDLE max_requests_per_child_event;
static char ap_coredump_dir[MAX_STRING_LEN];
static int one_process = 0;
static char const* signal_arg = NULL;
static DWORD parent_pid;
int ap_threads_per_child = 0;
/* ap_my_generation are used by the scoreboard code */
ap_generation_t volatile ap_my_generation=0;
/* Queue for managing the passing of COMP_CONTEXTs between
* the accept and worker threads.
*/
static apr_thread_mutex_t *qlock;
static int num_completion_contexts = 0;
/* Stub functions until this MPM supports the connection status API */
const char *value)
{
/* NOP */
}
{
/* NOP */
}
{
/* NOP */
return NULL;
}
/*
* Command processors
*/
{
return err;
}
if (ap_threads_per_child > HARD_THREAD_LIMIT) {
"WARNING: ThreadsPerChild of %d exceeds compile time"
" limit of %d threads,", ap_threads_per_child,
" lowering ThreadsPerChild to %d. To increase, please"
" see the HARD_THREAD_LIMIT define in %s.",
}
else if (ap_threads_per_child < 1) {
"WARNING: Require ThreadsPerChild > 0, setting to 1");
ap_threads_per_child = 1;
}
return NULL;
}
static const command_rec winnt_cmds[] = {
"Number of threads each child creates" },
{ NULL }
};
{
/* Recycle the completion context.
* - clear the ptrans pool
* - put the context on the queue to be consumed by the accept thread
* Note:
* context->accept_socket may be in a disconnected but reusable
* state so -don't- close it.
*/
if (context) {
if (qtail)
else
}
}
{
/* Grab a context off the queue */
if (qhead) {
if (!qhead)
}
/* If we failed to grab a context off the queue, alloc one out of
* the child pool. There may be up to ap_threads_per_child contexts
* in the system at once.
*/
if (!context) {
if (num_completion_contexts >= ap_threads_per_child) {
static int reported = 0;
if (!reported) {
"Server ran out of threads to serve requests. Consider "
"raising the ThreadsPerChild setting");
reported = 1;
}
return NULL;
}
/* Note:
* Multiple failures in the next two steps will cause the pchild pool
* to 'leak' storage. I don't think this is worth fixing...
*/
/* Hopefully this is a temporary condition ... */
"mpm_get_completion_context: CreateEvent failed.");
return NULL;
}
/* Create the tranaction pool */
"mpm_get_completion_context: Failed to create the transaction pool.");
return NULL;
}
}
return context;
}
{
if (context)
else
pOverlapped = NULL;
return APR_SUCCESS;
}
/* This is the helper code to resolve late bound entry points
* missing from one or more releases of the Win32 API...
* but it sure would be nice if we didn't duplicate this code
* from the APR ;-)
*/
static const char* const lateDllName[DLL_defined] = {
"kernel32", "advapi32", "mswsock", "ws2_32" };
{
if (!lateDllHandle[fnLib]) {
if (!lateDllHandle[fnLib])
return NULL;
}
if (ordinal)
else
}
/* To share the semaphores with other processes, we need a NULL ACL
* Code from MS KB Q106387
*/
static PSECURITY_ATTRIBUTES GetNullACL()
{
return NULL;
}
apr_set_os_error(0);
|| apr_get_os_error()) {
return NULL;
}
|| apr_get_os_error()) {
return NULL;
}
return sa;
}
static void CleanNullACL( void *sa ) {
if( sa ) {
}
}
/*
* The Win32 call WaitForMultipleObjects will only allow you to wait for
* a maximum of MAXIMUM_WAIT_OBJECTS (current 64). Since the threading
* model in the multithreaded version of apache wants to use this call,
* we are restricted to a maximum of 64 threads. This is a simplistic
* routine that will increase this size.
*/
{
do {
if (!bFirst)
Sleep(1000);
else
0, 0);
if (dwRet != WAIT_TIMEOUT) {
break;
}
}
return dwRet;
}
/*
* Signalling Apache on NT.
*
* Under Unix, Apache can be told to shutdown or restart by sending various
* signals (HUP, USR, TERM). On NT we don't have easy access to signals, so
* we use "events" instead. The parent apache process goes into a loop
* where it waits forever for a set of events. Two of those events are
* called
*
* apPID_shutdown
* apPID_restart
*
* (where PID is the PID of the apache parent process). When one of these
* is signalled, the Apache parent performs the appropriate action. The events
* can become signalled through internal Apache methods (e.g. if the child
* finds a fatal error and needs to kill its parent), via the service
* control manager (the control thread will signal the shutdown event when
* requested to stop the Apache service), from the -k Apache command line,
* or from any external program which finds the Apache PID from the
* httpd.pid file.
*
* The signal_parent() function, below, is used to signal one of these events.
* It can be called by any child or parent process, since it does not
* rely on global variables.
*
* On entry, type gives the event to signal. 0 means shutdown, 1 means
* graceful restart.
*/
/*
* Initialise the signal names, in the global variables signal_name_prefix,
* signal_restart_name and signal_shutdown_name.
*/
void setup_signal_names(char *prefix)
{
"%s_shutdown", signal_name_prefix);
"%s_restart", signal_name_prefix);
}
static int volatile is_graceful = 0;
AP_DECLARE(int) ap_graceful_stop_signalled(void)
{
return is_graceful;
}
{
HANDLE e;
char *signal_name;
if (parent_pid == my_pid) {
switch(type) {
case SIGNAL_PARENT_SHUTDOWN:
{
break;
}
/* This MPM supports only graceful restarts right now */
case SIGNAL_PARENT_RESTART:
{
is_graceful = 1;
break;
}
}
return;
}
switch(type) {
case SIGNAL_PARENT_SHUTDOWN:
{
break;
}
/* This MPM supports only graceful restarts right now */
case SIGNAL_PARENT_RESTART:
{
is_graceful = 1;
break;
}
default:
return;
}
if (!e) {
/* Um, problem, can't signal the parent, which means we can't
* signal ourselves to die. Ignore for now...
*/
"OpenEvent on %s event", signal_name);
return;
}
if (SetEvent(e) == 0) {
/* Same problem as above */
"SetEvent on %s event", signal_name);
CloseHandle(e);
return;
}
CloseHandle(e);
}
/* set_listeners_noninheritable()
* Make the listening socket handles noninheritable by processes
* started out of this process.
*/
static int set_listeners_noninheritable(apr_pool_t *p)
{
0, FALSE, DUPLICATE_SAME_ACCESS)) {
"set_listeners_noninheritable: DuplicateHandle failed.");
}
else {
}
}
if (my_pid == parent_pid) {
"Parent: Marked listeners as not inheritable.");
} else {
"Child %d: Marked listeners as not inheritable.", my_pid);
}
return 1;
}
/*
* find_ready_listener()
* Only used by Win9* and should go away when the win9*_accept() function is
* reimplemented using apr_poll().
*/
static ap_listen_rec *head_listener;
{
if (head_listener == NULL)
return (lr);
}
}
return NULL;
}
/*
*
*/
void get_handles_from_parent(server_rec *s)
{
void *sb_shared;
"Child %d: Unable to retrieve the exit event from the parent", my_pid);
}
"Child %d: Unable to retrieve the scoreboard from the parent", my_pid);
}
!= APR_SUCCESS) {
"Child %d: Unable to access the scoreboard from the parent", my_pid);
}
"Child %d: Unable to reopen the scoreboard from the parent", my_pid);
}
/* We must 'initialize' the scoreboard to relink all the
* process-local pointer arrays into the shared memory block.
*/
"Child %d: Retrieved our scoreboard from the parent.", my_pid);
}
/*
* get_listeners_from_parent()
* The listen sockets are opened in the parent. This function, which runs
* exclusively in the child process, receives them from the parent and
* makes them availeble in the child.
*/
void get_listeners_from_parent(server_rec *s)
{
int lcnt = 0;
/* Set up a default listener if necessary */
if (ap_listeners == NULL) {
ap_listeners = lr;
}
/* Open the pipe to the parent process to receive the inherited socket
* data. The sockets have been set to listening in the parent process.
*/
"setup_inherited_listeners: Unable to read socket data from parent");
}
&WSAProtocolInfo, 0, 0);
if (nsd == INVALID_SOCKET) {
"Child %d: setup_inherited_listeners(), WSASocket failed to open the inherited socket.", my_pid);
}
}
}
}
/* Windows 9x specific code...
* model. A single thread accepts connections and queues the accepted socket
* to the accept queue for consumption by a pool of worker threads.
*
* win9x_accept()
* The accept threads runs this function, which accepts connections off
* the network and calls add_job() to queue jobs to the accept_queue.
* add_job()/remove_job()
* Add or remove an accepted socket from the list of sockets
* connected to clients. allowed_globals.jobmutex protects
* against multiple concurrent access to the linked list of jobs.
* win9x_get_connection()
* Calls remove_job() to pull a job from the accept queue. All the worker
* threads block on remove_job.
*/
typedef struct joblist_s {
int sock;
} joblist;
typedef struct globals_s {
int jobcount;
} globals;
#define MAX_SELECT_ERRORS 100
{
"Ouch! Out of memory in add_job()!");
return;
}
if (!allowed_globals.jobhead)
}
static int remove_job(void)
{
int sock;
return (-1);
}
return (sock);
}
static void win9x_accept(void * dummy)
{
int wait_time = 1;
int csd;
struct sockaddr_in sa_client;
int count_select_errors = 0;
int rc;
int clen;
/* Setup the listeners
* ToDo: Use apr_poll()
*/
listenmaxfd = nsd;
}
}
}
while (!shutdown_in_progress) {
count_select_errors = 0; /* reset count of errors */
continue;
}
else if (rc == SOCKET_ERROR) {
/* A "real" error occurred, log it and increment the count of
* select errors. This count is used to ensure we don't go into
* a busy loop of continuous errors.
*/
"select failed with error %d", apr_get_netos_error());
if (count_select_errors > MAX_SELECT_ERRORS) {
shutdown_in_progress = 1;
"Too many errors in select loop. Child process exiting.");
break;
}
} else {
/* fetch the native socket descriptor */
}
}
do {
if (csd == INVALID_SOCKET) {
csd = -1;
}
if (csd < 0) {
"accept: (client socket)");
}
}
else {
}
}
}
{
int len;
/* allocate the completion context and the transaction pool */
}
while (1) {
return NULL;
}
"getsockname failed");
continue;
}
"getpeername failed");
}
return context;
}
}
/* Windows NT/2000 specific code...
* model. An accept thread accepts connections off the network then issues
* PostQueuedCompletionStatus() to awake a thread blocked on the ThreadDispatch
* IOCompletionPort.
*
* winnt_accept()
* One or more accept threads run in this function, each of which accepts
* connections off the network and calls PostQueuedCompletionStatus() to
* queue an io completion packet to the ThreadDispatch IOCompletionPort.
* winnt_get_connection()
* Worker threads block on the ThreadDispatch IOCompletionPort awaiting
* connections to service.
*/
static void winnt_accept(void *listen_socket)
{
int lasterror;
while (!shutdown_in_progress) {
if (!context) {
/* Hopefully whatever is preventing us from getting a
* completion context is a temporary resource constraint.
* Yield the rest of our time slice.
*/
Sleep(0);
continue;
}
/* Create and initialize the accept socket */
/* Another temporary condition? */
"winnt_accept: Failed to allocate an accept socket. "
"Temporary resource constraint? Try again.");
Sleep(100);
goto again;
}
}
/* AcceptEx on the completion context. The completion context will be
* signaled when a connection is accepted.
*/
0,
&context->Overlapped)) {
/* Hack alert. Occasionally, TransmitFile will not recycle the
* accept socket (usually when the client disconnects early).
* Get a new socket and try the call again.
*/
"winnt_accept: AcceptEx failed due to early client "
"disconnect. Reallocate the accept socket and try again.");
if (shutdown_in_progress)
break;
else
goto again;
}
"winnt_accept: AcceptEx failed. Attempting to recover.");
Sleep(100);
goto again;
}
/* Wait for pending i/o */
}
/* ### There is a race condition here. The mainline may hit
* WSATerminate before this thread reawakens. Look First.
*/
if (shutdown_in_progress) {
break;
}
/* Inherit the listen socket settings. Required for
* shutdown() to work
*/
SO_UPDATE_ACCEPT_CONTEXT, (char *)&nlsd,
sizeof(nlsd))) {
"setsockopt(SO_UPDATE_ACCEPT_CONTEXT) failed.");
/* Not a failure condition. Keep running. */
}
/* Get the local & remote address */
0,
&context->sa_client_len);
/* When a connection is received, send an io completion notification to
* the ThreadDispatchIOCP. This function could be replaced by
* mpm_post_completion_context(), but why do an extra function call...
*/
&context->Overlapped);
}
if (!shutdown_in_progress) {
/* Yow, hit an irrecoverable error! Tell the child to die. */
}
}
{
int rc;
while (1) {
if (workers_may_exit) {
return NULL;
}
if (!rc) {
rc = apr_get_os_error();
continue;
}
switch (CompKey) {
case IOCP_CONNECTION_ACCEPTED:
break;
case IOCP_SHUTDOWN:
return NULL;
default:
return NULL;
}
break;
}
return context;
}
/*
* worker_main()
* Main entry point for the worker threads. Worker threads block in
* win*_get_connection() awaiting a connection to service.
*/
static void worker_main(long thread_num)
{
static int requests_this_child = 0;
while (1) {
conn_rec *c;
(request_rec *) NULL);
/* Grab a connection off the network */
}
else {
}
if (!context) {
/* Time for the thread to exit */
break;
}
/* Have we hit MaxRequestPerChild connections? */
if (ap_max_requests_per_child) {
}
}
if (c) {
if (!disconnected) {
}
}
else {
/* ap_run_create_connection closes the socket on failure */
}
}
(request_rec *) NULL);
"Child %d: Thread exiting.", my_pid);
}
{
int i;
(*thread_cnt)--;
}
/*
* child_main()
* Entry point for the main control thread for the child process.
* This thread creates the accept thread, worker threads and
* monitors the child process for maintenance and shutdown
* events.
*/
static void child_main()
{
int nthreads = ap_threads_per_child;
int tid;
int rv;
int i;
int cld;
/* Initialize the child_events */
if (!max_requests_per_child_event) {
"Child %d: Failed to create a max_requests event.", my_pid);
}
child_events[0] = exit_event;
/*
* Wait until we have permission to start accepting connections.
* start_mutex is used to ensure that only one child ever
*/
if (status != APR_SUCCESS) {
"Child %d: Failed to acquire the start_mutex. Process will exit.", my_pid);
}
"Child %d: Acquired the start mutex.", my_pid);
/*
* Create the worker thread dispatch IOCompletionPort
* on Windows NT/2000
*/
/* Create the worker thread dispatch IOCP */
NULL,
0,
0); /* CONCURRENT ACTIVE THREADS */
}
/*
* Create the pool of worker threads
*/
for (i = 0; i < nthreads; i++) {
(request_rec *) NULL);
(void *) i, 0, &tid);
}
/*
* Start the accept thread
*/
(void *) i, 0, &tid);
} else {
/* Start an accept thread per listener */
}
}
}
/* Wait for one of three events:
* exit_event:
* The exit_event is signaled by the parent process to notify
* the child that it is time to exit.
*
* max_requests_per_child_event:
* This event is signaled by the worker threads to indicate that
* the process has handled MaxRequestsPerChild connections.
*
* TIMEOUT:
* To do periodic maintenance on the server (check for thread exits,
* number of completion contexts, etc.)
*/
while (1) {
if (rv == WAIT_FAILED) {
/* Something serious is wrong */
"Child %d: WAIT_FAILED -- shutting down server");
break;
}
else if (rv == WAIT_TIMEOUT) {
}
else if (cld == 0) {
/* Exit event was signaled */
"Child %d: Exit event signaled. Child process is ending.", my_pid);
break;
}
else {
/* MaxRequestsPerChild event set by the worker threads.
* Signal the parent to restart
*/
"Child %d: Process exiting because it reached "
"MaxRequestsPerChild. Signaling the parent to "
"restart a new child process.", my_pid);
break;
}
}
/* Setting is_graceful will cause keep-alive connections to be closed
* rather than block on the next network read.
*/
is_graceful = 1;
/* Setting shutdown_in_progress prevents new connections from
* being accepted but allows the worker threads to continue
* handling connections that have already been accepted.
*/
shutdown_in_progress = 1;
/* Tell the worker threads they may exit when done handling
* a connection.
*/
workers_may_exit = 1;
/* Close the listening sockets. */
}
Sleep(1000);
/* Release the start_mutex to let the new process (in the restart
* scenario) a chance to begin accepting and servicing requests
*/
if (rv == APR_SUCCESS) {
"Child %d: Released the start mutex", my_pid);
}
else {
"Child %d: Failure releasing the start mutex", my_pid);
}
/* Shutdown the worker threads */
for (i = 0; i < nthreads; i++) {
add_job(-1);
}
}
else { /* Windows NT/2000 */
/* Post worker threads blocked on the ThreadDispatch IOCompletion port */
while (g_blocked_threads > 0) {
for (i=g_blocked_threads; i > 0; i--) {
}
Sleep(1000);
}
/* Empty the accept queue of completion contexts */
while (qhead) {
}
}
/* Give busy worker threads a chance to service their connections */
while (nthreads) {
if (rv != WAIT_TIMEOUT) {
continue;
}
break;
}
/* Kill remaining threads off the hard way */
for (i = 0; i < nthreads; i++) {
CloseHandle(child_handles[i]);
}
"Child %d: All worker threads have exited.", my_pid);
}
static int send_handles_to_child(apr_pool_t *p, HANDLE child_exit_event, HANDLE hProcess, HANDLE hPipeWrite)
{
"Parent: Unable to duplicate the exit event handle for the child");
return -1;
}
|| (BytesWritten != sizeof(hDup))) {
"Parent: Unable to send the exit event handle to the child");
return -1;
}
"Parent: Unable to retrieve the scoreboard handle for the child");
return -1;
}
"Parent: Unable to duplicate the scoreboard handle to the child");
return -1;
}
|| (BytesWritten != sizeof(hDup))) {
"Parent: Unable to send the scoreboard handle to the child");
return -1;
}
"Parent: Sent the scoreboard to the child");
return 0;
}
{
int lcnt = 0;
/* Run the chain of open sockets. For each socket, duplicate it
* for the target process then send the WSAPROTOCOL_INFO
* (returned by dup socket) to the child.
*/
int nsd;
"Parent: Duplicating socket %d and sending it to child process %d",
nsd, dwProcessId);
lpWSAProtocolInfo) == SOCKET_ERROR) {
return -1;
}
(LPOVERLAPPED) NULL)
|| BytesWritten != sizeof(WSAPROTOCOL_INFO)) {
return -1;
}
}
return 0;
}
{
int rv;
char buf[1024];
char *pCommand;
char *pEnvVar;
char *pEnvBlock;
int i;
int iEnvBlockLen;
/* Build the command line. Should look something like this:
* C:/apache/bin/apache.exe -f ap_server_confname
* First, get the path to the executable...
*/
"Parent: Path to Apache process too long");
return -1;
} else if (rv == 0) {
"Parent: GetModuleFileName() returned NULL for current process.");
return -1;
}
/* Build the command line */
}
/* Create a pipe to send socket info to the child */
"Parent: Unable to create pipe to child process.");
return -1;
}
/* Make our end of the handle non-inherited */
hPipeWrite = hDup;
}
else {
"Parent: Unable to duplicate pipe to child.\n");
return -1;
}
/* Open a null handle to soak info from the child */
if (hNullOutput == INVALID_HANDLE_VALUE) {
"Parent: Unable to create null output pipe for child process.\n");
return -1;
}
/* Child's initial stderr -> our main server error log (or, failing that, stderr) */
GENERIC_WRITE, TRUE, 0)) {
hShareError = hDup;
}
else {
rv = apr_get_os_error();
}
}
if (rv != APR_SUCCESS) {
"Parent: Unable to share error log with child.\n");
return -1;
}
else if (hShareError == INVALID_HANDLE_VALUE) {
"Parent: Failed to share error log with child.\n");
return -1;
}
}
else {
}
/* Create the child_exit_event */
if (!hExitEvent) {
"Parent: Could not create exit event for child process");
}
return -1;
}
/*
* Build the environment
* Win32's CreateProcess call requires that the environment
* be passed in an environment block, a null terminated block of
* null terminated strings.
*/
i = 0;
iEnvBlockLen = 1;
while (_environ[i]) {
i++;
}
i = 0;
while (_environ[i]) {
i++;
}
pEnvVar = '\0';
/* Give the read end of the pipe (hPipeRead) to the child as stdin. The
* parent will write the socket data to the child on this pipe.
*/
TRUE, /* Inherit handles */
0, /* Creation flags */
pEnvBlock, /* Environment block */
NULL,
/* Undo everything created for the child alone
*/
/* Handles opened with GetStdHandle are psuedo handles
* and should not be closed else bad things will happen.
*/
}
_putenv("AP_PARENT_PID=");
_putenv("AP_MY_GENERATION=");
if (!rv) {
"Parent: Failed to create the child process.");
return -1;
}
/*
* This error is fatal, mop up the child and move on
* We toggle the child's exit event to cause this child
* to quit even as it is attempting to start.
*/
return -1;
}
/* Important:
* Give the child process a chance to run before dup'ing the sockets.
* We have already set the listening sockets noninheritable, but if
* WSADuplicateSocket runs before the child process initializes
* the listeners will be inherited anyway.
*
* XXX: This is badness; needs some mutex interlocking
*/
Sleep(1000);
/*
* This error is fatal, mop up the child and move on
* We toggle the child's exit event to cause this child
* to quit even as it is attempting to start.
*/
return -1;
}
return 0;
}
/***********************************************************************
* master_main()
* master_main() runs in the parent process. It creates the child
* process which handles HTTP requests then waits on one of three
* events:
*
* restart_event
* -------------
* The restart event causes master_main to start a new child process and
* tells the old child process to exit (by setting the child_exit_event).
* The restart event is set as a result of one of the following:
* 1. An apache -k restart command on the command line
* 2. A command received from Windows service manager which gets
* translated into an ap_signal_parent(SIGNAL_PARENT_RESTART)
* call by code in service.c.
* 3. The child process calling ap_signal_parent(SIGNAL_PARENT_RESTART)
* as a result of hitting MaxRequestsPerChild.
*
* shutdown_event
* --------------
* The shutdown event causes master_main to tell the child process to
* exit and that the server is shutting down. The shutdown event is
* set as a result of one of the following:
* 1. An apache -k shutdown command on the command line
* 2. A command received from Windows service manager which gets
* translated into an ap_signal_parent(SIGNAL_PARENT_SHUTDOWN)
* call by code in service.c.
*
* child process handle
* --------------------
* The child process handle will be signaled if the child process
* exits for any reason. In a normal running server, the signaling
* of this event means that the child process has exited prematurely
* due to a seg fault or other irrecoverable error. For server
* robustness, master_main will restart the child process under this
* condtion.
*
* master_main uses the child_exit_event to signal the child process
* to exit.
**********************************************************************/
#define NUM_WAIT_HANDLES 3
#define CHILD_HANDLE 0
#define SHUTDOWN_HANDLE 1
#define RESTART_HANDLE 2
{
int restart_pending;
int shutdown_pending;
restart_pending = shutdown_pending = 0;
/* Create a single child process */
if (rv < 0)
{
"master_main: create child process failed. Exiting.");
shutdown_pending = 1;
goto die_now;
}
}
/* Wait for shutdown or restart events or for child death */
if (rv == WAIT_FAILED) {
/* Something serious is wrong */
"master_main: WaitForMultipeObjects WAIT_FAILED -- doing server shutdown");
shutdown_pending = 1;
}
else if (rv == WAIT_TIMEOUT) {
/* Hey, this cannot happen */
"master_main: WaitForMultipeObjects with INFINITE wait exited with WAIT_TIMEOUT");
shutdown_pending = 1;
}
else if (cld == SHUTDOWN_HANDLE) {
/* shutdown_event signalled */
shutdown_pending = 1;
"Parent: Received shutdown signal -- Shutting down the server.");
if (ResetEvent(shutdown_event) == 0) {
"ResetEvent(shutdown_event)");
}
}
else if (cld == RESTART_HANDLE) {
/* Received a restart event. Prepare the restart_event to be reused
* then signal the child process to exit.
*/
restart_pending = 1;
"Parent: Received restart signal -- Restarting the server.");
if (ResetEvent(restart_event) == 0) {
"Parent: ResetEvent(restart_event) failed.");
}
if (SetEvent(child_exit_event) == 0) {
"Parent: SetEvent for child process %d failed.",
}
/* Don't wait to verify that the child process really exits,
* just move on with the restart.
*/
}
else {
/* The child process exited prematurely due to a fatal error. */
/* HUH? We did exit, didn't we? */
}
if ( exitcode == APEXIT_CHILDFATAL
|| exitcode == APEXIT_CHILDINIT
|| exitcode == APEXIT_INIT) {
"Parent: child process exited with status %u -- Aborting.", exitcode);
}
else {
restart_pending = 1;
"Parent: child process exited with status %u -- Restarting.", exitcode);
}
}
if (shutdown_pending)
{
/* This shutdown is only marginally graceful. We will give the
* child a bit of time to exit gracefully. If the time expires,
* the child will be wacked.
*/
}
/* Signal the child processes to exit */
if (SetEvent(child_exit_event) == 0) {
}
if (event_handles[CHILD_HANDLE]) {
if (rv == WAIT_OBJECT_0) {
"Parent: Child process exited successfully.");
}
else {
}
}
return 0; /* Tell the caller we do not want to restart */
}
return 1; /* Tell the caller we want a restart */
}
/* service_nt_main_fn needs to append the StartService() args
* outside of our call stack and thread as the service starts...
*/
/* Remember service_to_start failures to log and fail in pre_config.
* Remember inst_argc and inst_argv for installing or starting the
* service after we preflight the config.
*/
{
switch(query_code){
case AP_MPMQ_MAX_DAEMON_USED:
return APR_SUCCESS;
case AP_MPMQ_IS_THREADED:
*result = AP_MPMQ_STATIC;
return APR_SUCCESS;
case AP_MPMQ_IS_FORKED:
return APR_SUCCESS;
return APR_SUCCESS;
return APR_SUCCESS;
case AP_MPMQ_MAX_THREADS:
return APR_SUCCESS;
*result = 0;
return APR_SUCCESS;
*result = 0;
return APR_SUCCESS;
*result = 0;
return APR_SUCCESS;
*result = 0;
return APR_SUCCESS;
return APR_SUCCESS;
case AP_MPMQ_MAX_DAEMONS:
*result = 0;
return APR_SUCCESS;
}
return APR_ENOTIMPL;
}
#define SERVICE_UNSET (-1)
static apr_status_t service_to_start_success;
static int inst_argc;
static const char * const *inst_argv;
static char *service_name = NULL;
{
/* Handle the following SCM aspects in this phase:
*
* -k runservice [transition for WinNT, nothing for Win9x]
* -k (!)install [error out if name is not installed]
* -k uninstall
* -k stop
* -k shutdown (same as -k stop). Maintained for backward compatability.
*
* We can't leave this phase until we know our identity
* and modify the command arguments appropriately.
*
* We do not care if the .conf file exists or is parsable when
* attempting to stop or uninstall a service.
*/
char *def_server_root;
char optbuf[3];
const char *optarg;
int fixed_args;
char *pid;
int running_as_service = 1;
/* AP_PARENT_PID is only valid in the child */
if (pid)
{
/* This is the child */
/* The parent is responsible for providing the
* COMPLETE ARGUMENTS REQUIRED to the child.
*
* No further argument parsing is needed, but
* for good measure we will provide a simple
* signal string for later testing.
*/
signal_arg = "runchild";
return;
}
/* This is the parent, we have a long way to go :-) */
/* Rewrite process->argv[];
*
* strip out -k signal into signal_arg
* strip out -n servicename and set the names
* add default -d serverroot from the path of this executable
*
* The end result will look like:
*
* The invocation command (%0)
* The -d serverroot default from the running executable
* The requested service's (-n) registry ConfigArgs
* The WinNT SCM's StartService() args
*/
rv = apr_get_os_error();
"Failed to get the path of Apache.exe");
}
/* WARNING: There is an implict assumption here that the
* executable resides in ServerRoot or ServerRoot\bin
*/
if (def_server_root > fnbuf) {
}
/* Use process->pool so that the rewritten argv
* lasts for the lifetime of the server process,
* because pconf will be destroyed after the
* initial pre-flight of the config parser.
*/
sizeof(const char *));
optbuf[0] = '-';
switch (optbuf[1]) {
case 'n':
optarg);
break;
case 'k':
signal_arg = optarg;
break;
default:
*(const char **)apr_array_push(mpm_new_argv) =
if (optarg) {
}
break;
}
}
/* back up to capture the bad argument */
}
*(const char **)apr_array_push(mpm_new_argv) =
}
/* Track the number of args actually entered by the user */
/* Provide a default 'run' -k arg to simplify signal_arg tests */
if (!signal_arg)
{
signal_arg = "run";
running_as_service = 0;
}
{
/* Start the NT Service _NOW_ because the WinNT SCM is
* expecting us to rapidly assume control of our own
* process, the SCM will tell us our service name, and
* may have extra StartService() command arguments to
* add for us.
*
* Any other process has a console, so we don't to begin
* a Win9x service until the configuration is parsed and
* any command line errors are reported.
*
* We hold the return value so that we can die in pre_config
* after logging begins, and the failure can land in the log.
*/
if (service_to_start_success == APR_SUCCESS) {
}
}
}
/* Get the default for any -k option, except run */
}
{
if (service_set == APR_SUCCESS)
{
"%s: Service is already installed.", service_name);
}
}
else if (running_as_service)
{
if (service_set == APR_SUCCESS)
{
/* Attempt to Uninstall, or stop, before
* we can read the arguments or .conf files
*/
rv = mpm_service_uninstall();
}
exit(0);
}
if (rv == APR_SUCCESS) {
"Using ConfigArgs of the installed service "
"\"%s\".", service_name);
}
else {
"No installed ConfigArgs for the service "
"\"%s\", using Apache defaults.", service_name);
}
}
else
{
"No installed service named \"%s\".", service_name);
}
}
{
"No installed service named \"%s\".", service_name);
}
/* Track the args actually entered by the user.
* These will be used for the -k install parameters, as well as
* for the -k start service override arguments.
*/
}
{
/* Handle the following SCM aspects in this phase:
*
* -k runservice [WinNT errors logged from rewrite_args]
*/
if (ap_exists_config_define("ONE_PROCESS") ||
ap_exists_config_define("DEBUG"))
one_process = -1;
&& (service_to_start_success != APR_SUCCESS)) {
"%s: Unable to start the service manager.",
}
return OK;
}
static int winnt_post_config(apr_pool_t *pconf_, apr_pool_t *plog, apr_pool_t *ptemp, server_rec* s)
{
static int restart_num = 0;
apr_status_t rv = 0;
/* Initialize shared static objects.
*/
ap_server_conf = s;
/* Handle the following SCM aspects in this phase:
*
* -k install
* -k config
* -k start
* -k restart
* -k runservice [Win95, only once - after we parsed the config]
*
* because all of these signals are useful _only_ if there
* is a valid conf\httpd.conf environment to start.
*
* We reached this phase by avoiding errors that would cause
* these options to fail unexpectedly in another process.
*/
}
}
/* Close the listening sockets. */
}
}
}
if (parent_pid == my_pid)
{
if (restart_num++ == 1)
{
/* This code should be run once in the parent and not run
* across a restart
*/
/* Create shutdown event, apPID_shutdown, where PID is the parent
* Apache process ID. Shutdown is signaled by 'apache -k shutdown'.
*/
if (!shutdown_event) {
"Parent: Cannot create shutdown event %s", signal_shutdown_name);
CleanNullACL((void *)sa);
return HTTP_INTERNAL_SERVER_ERROR;
}
/* Create restart event, apPID_restart, where PID is the parent
* Apache process ID. Restart is signaled by 'apache -k restart'.
*/
if (!restart_event) {
"Parent: Cannot create restart event %s", signal_restart_name);
CleanNullACL((void *)sa);
return HTTP_INTERNAL_SERVER_ERROR;
}
CleanNullACL((void *)sa);
/* Now that we are flying at 15000 feet...
* wipe out the Win95 service console,
* signal the SCM the WinNT service started, or
* if not a service, setup console handlers instead.
*/
{
{
if (rv != APR_SUCCESS) {
"%s: Unable to start the service manager.",
return HTTP_INTERNAL_SERVER_ERROR;
}
}
}
else /* ! -k runservice */
{
}
/* Create the start mutex, apPID, where PID is the parent Apache process ID.
* Ths start mutex is used during a restart to prevent more than one
* child process from entering the accept loop at once.
*/
if (rv != APR_SUCCESS) {
"%s: Unable to create the start_mutex.",
return HTTP_INTERNAL_SERVER_ERROR;
}
}
}
else /* parent_pid != my_pid */
{
}
return OK;
}
/* This really should be a post_config hook, but the error log is already
* redirected by that point, so we need to do this in the open_logs phase.
*/
{
if (parent_pid != my_pid) {
return OK;
}
/* We cannot initialize our listeners if we are restarting
* (the parent process already has glomed on to them)
* nor should we do so for service reconfiguration
* (since the service may already be running.)
*/
return OK;
}
if (ap_setup_listeners(s) < 1) {
NULL, "no listening sockets available, shutting down");
return DONE;
}
return 1;
}
return OK;
}
{
/* This is a child process, not in single process mode */
if (!one_process) {
/* Set up events and the scoreboard */
/* Set up the listeners */
}
else {
/* Single process mode - this lock doesn't even need to exist */
/* Borrow the shutdown_even as our _child_ loop exit event */
}
if (rv != APR_SUCCESS) {
"%s child %d: Unable to init the start_mutex.",
}
}
{
static int restart = 0; /* Default is "not a restart" */
/* ### If non-graceful restarts are ever introduced - we need to rerun
* the pre_mpm hook on subsequent non-graceful restarts. But Win32
* has only graceful style restarts - and we need this hook to act
* the same on Win32 as on Unix.
*/
/* Set up the scoreboard. */
return 1;
}
}
{
/* The child process or in one_process (debug) mode
*/
"Child %d: Child process is running", my_pid);
child_main();
"Child %d: Child process is exiting", my_pid);
return 1;
}
else
{
/* A real-honest to goodness parent */
if (!restart)
{
/* Shutting down. Clean up... */
ap_server_conf, "removed PID file %s (pid=%ld)",
}
return 1;
}
}
return 0; /* Restart */
}
static void winnt_hooks(apr_pool_t *p)
{
/* The prefork open_logs phase must run before the core's, or stderr
* will be redirected to a file, and the messages won't print to the
* console.
*/
}
winnt_rewrite_args, /* hook to run before apache parses args */
NULL, /* create per-directory config structure */
NULL, /* merge per-directory config structures */
NULL, /* create per-server config structure */
NULL, /* merge per-server config structures */
winnt_cmds, /* command apr_table_t */
winnt_hooks /* register_hooks */
};