mirrors
/
kore
mirror of https://git.kore.io/kore.git
1
0
Fork 1
Code Issues Projects Releases Wiki Activity
kore/src/config.c

443 lines
9.8 KiB
C
Raw Normal View History

add missing config.c
2013-05-01 17:17:16 +02:00
/*
* Copyright (c) 2013 Joris Vink <joris@coders.se>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <ctype.h>
#include <fcntl.h>
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
#include <pwd.h>
add missing config.c
2013-05-01 17:17:16 +02:00
#include "kore.h"
write main process pid to /var/run/kore.pid (changable in configuration)
2013-06-04 16:53:30 +02:00
static int configure_bind(char **);
static int configure_load(char **);
static int configure_onload(char **);
static int configure_handler(char **);
static int configure_domain(char **);
static int configure_chroot(char **);
static int configure_runas(char **);
static int configure_workers(char **);
static int configure_pidfile(char **);
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
static int configure_accesslog(char **);
Introduce certfile and certkey in the configuration to specify where the certificate file and keys are located on a system. Free unused vars in the main process after starting.
2013-06-05 09:47:08 +02:00
static int configure_certfile(char **);
static int configure_certkey(char **);
Add a form of synchronization between what worker will be accepting new connections and which ones will not be notified for it. Fixes the thundering herd problem, and nicely spreads out load between all the workers equally. A configuration option (workers_max_connections) is available to tweak how many connections a worker will have before giving up the accept lock. Two ways are added to this commit for access locking: - Locking via semaphores. - Locking via GCC's builtin atomic methods. The default is running with semaphores disabled (OpenBSD cannot do sem_init() with pshared set to 1, which is required). If you want to use semaphores add KORE_USE_SEMAPHORES to CFLAGS, and -lpthread to LDFLAGS in the Makefile. Other fixes: - BSD: add a timeout to kevent(). - Merge kore_worker_wait together, linux knows waitpid() as well. - Send the correct SIGQUIT signal to workers instead of SIGINT. - Fix kore_time_ms(). - Log fatal worker messages in syslog. - Refactor code even more. - Do not free our own kore_worker structure.
2013-06-26 16:37:22 +02:00
static int configure_max_connections(char **);
- Better spread load between all worker processes. - Introduce own memory management system on top of malloc to keep track of all our allocations and free's. Later we should introduce a pooling mechanism for fixed size allocations (http_request comes to mind). - Introduce ssl_cipher in configuration. Memory usage is kind of high right now, but it seems its OpenSSL doing it rather then Kore.
2013-06-27 08:43:07 +02:00
static int configure_ssl_cipher(char **);
Add support for ephemeral key exchange mechanisms, ssl_dhparam configuration option must be set (and point to a file containing a generated DH key).
2013-08-07 16:51:39 +02:00
static int configure_ssl_dhparam(char **);
add ssl_no_compression option to allow one to disable OpenSSL compression.
2013-08-07 16:59:45 +02:00
static int configure_ssl_no_compression(char **);
Kore can now disconnect SPDY session if they've been idle too long. Configurable via spdy_idle_time in your configuration file. Setting this to 0 will keep SPDY sessions open indefinately.
2013-07-13 20:19:01 +02:00
static int configure_spdy_idle_time(char **);
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
static void domain_sslstart(void);
add missing config.c
2013-05-01 17:17:16 +02:00
static struct {
const char *name;
int (*configure)(char **);
} config_names[] = {
Add a form of synchronization between what worker will be accepting new connections and which ones will not be notified for it. Fixes the thundering herd problem, and nicely spreads out load between all the workers equally. A configuration option (workers_max_connections) is available to tweak how many connections a worker will have before giving up the accept lock. Two ways are added to this commit for access locking: - Locking via semaphores. - Locking via GCC's builtin atomic methods. The default is running with semaphores disabled (OpenBSD cannot do sem_init() with pshared set to 1, which is required). If you want to use semaphores add KORE_USE_SEMAPHORES to CFLAGS, and -lpthread to LDFLAGS in the Makefile. Other fixes: - BSD: add a timeout to kevent(). - Merge kore_worker_wait together, linux knows waitpid() as well. - Send the correct SIGQUIT signal to workers instead of SIGINT. - Fix kore_time_ms(). - Log fatal worker messages in syslog. - Refactor code even more. - Do not free our own kore_worker structure.
2013-06-26 16:37:22 +02:00
{ "bind", configure_bind },
{ "load", configure_load },
{ "onload", configure_onload },
{ "static", configure_handler },
{ "dynamic", configure_handler },
- Better spread load between all worker processes. - Introduce own memory management system on top of malloc to keep track of all our allocations and free's. Later we should introduce a pooling mechanism for fixed size allocations (http_request comes to mind). - Introduce ssl_cipher in configuration. Memory usage is kind of high right now, but it seems its OpenSSL doing it rather then Kore.
2013-06-27 08:43:07 +02:00
{ "ssl_cipher", configure_ssl_cipher },
Add support for ephemeral key exchange mechanisms, ssl_dhparam configuration option must be set (and point to a file containing a generated DH key).
2013-08-07 16:51:39 +02:00
{ "ssl_dhparam", configure_ssl_dhparam },
add ssl_no_compression option to allow one to disable OpenSSL compression.
2013-08-07 16:59:45 +02:00
{ "ssl_no_compression", configure_ssl_no_compression },
Kore can now disconnect SPDY session if they've been idle too long. Configurable via spdy_idle_time in your configuration file. Setting this to 0 will keep SPDY sessions open indefinately.
2013-07-13 20:19:01 +02:00
{ "spdy_idle_time", configure_spdy_idle_time },
Add a form of synchronization between what worker will be accepting new connections and which ones will not be notified for it. Fixes the thundering herd problem, and nicely spreads out load between all the workers equally. A configuration option (workers_max_connections) is available to tweak how many connections a worker will have before giving up the accept lock. Two ways are added to this commit for access locking: - Locking via semaphores. - Locking via GCC's builtin atomic methods. The default is running with semaphores disabled (OpenBSD cannot do sem_init() with pshared set to 1, which is required). If you want to use semaphores add KORE_USE_SEMAPHORES to CFLAGS, and -lpthread to LDFLAGS in the Makefile. Other fixes: - BSD: add a timeout to kevent(). - Merge kore_worker_wait together, linux knows waitpid() as well. - Send the correct SIGQUIT signal to workers instead of SIGINT. - Fix kore_time_ms(). - Log fatal worker messages in syslog. - Refactor code even more. - Do not free our own kore_worker structure.
2013-06-26 16:37:22 +02:00
{ "domain", configure_domain },
{ "chroot", configure_chroot },
{ "runas", configure_runas },
{ "workers", configure_workers },
{ "worker_max_connections", configure_max_connections },
{ "pidfile", configure_pidfile },
{ "accesslog", configure_accesslog },
{ "certfile", configure_certfile },
{ "certkey", configure_certkey },
{ NULL, NULL },
add missing config.c
2013-05-01 17:17:16 +02:00
};
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
char *config_file = NULL;
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
static struct kore_domain *current_domain = NULL;
from now on configuration files must specify a domain for the handlers that follow. This allows for easy subdomain configuration. example: domain joris.local static / serve_index domain .joris.local static / serve_another_index
2013-05-02 13:30:13 +02:00
add missing config.c
2013-05-01 17:17:16 +02:00
void
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
kore_parse_config(void)
add missing config.c
2013-05-01 17:17:16 +02:00
{
FILE *fp;
int i, lineno;
introduce kore_split_string() to properly split strings apart. introduce kore_date_to_time() to conver http-date formatted strings to time_t.
2013-05-01 20:10:45 +02:00
char buf[BUFSIZ], *p, *t, *argv[5];
add missing config.c
2013-05-01 17:17:16 +02:00
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
if (config_file == NULL)
fatal("specify a configuration file with -c");
if ((fp = fopen(config_file, "r")) == NULL)
fatal("configuration given cannot be opened: %s", config_file);
add missing config.c
2013-05-01 17:17:16 +02:00
lineno = 1;
while (fgets(buf, sizeof(buf), fp) != NULL) {
p = buf;
buf[strcspn(buf, "\n")] = '\0';
while (isspace(*p))
p++;
if (p[0] == '#' || p[0] == '\0') {
lineno++;
continue;
}
for (t = p; *t != '\0'; t++) {
if (*t == '\t')
*t = ' ';
}
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
if (!strcmp(p, "}") && current_domain != NULL)
domain_sslstart();
introduce kore_split_string() to properly split strings apart. introduce kore_date_to_time() to conver http-date formatted strings to time_t.
2013-05-01 20:10:45 +02:00
kore_split_string(p, " ", argv, 5);
add missing config.c
2013-05-01 17:17:16 +02:00
for (i = 0; config_names[i].name != NULL; i++) {
if (!strcmp(config_names[i].name, argv[0])) {
if (!config_names[i].configure(argv)) {
fatal("configuration error on line %d",
lineno);
}
break;
}
}
lineno++;
}
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
if (!kore_module_loaded())
fatal("no site module was loaded");
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
if (LIST_EMPTY(&listeners))
fatal("no listeners defined");
refactor code quite a bit.
2013-06-26 11:18:32 +02:00
if (chroot_path == NULL)
fatal("missing a chroot path");
if (runas_user == NULL)
fatal("missing a username to run as");
if ((pw = getpwnam(runas_user)) == NULL)
fatal("user '%s' does not exist", runas_user);
add missing config.c
2013-05-01 17:17:16 +02:00
}
static int
configure_bind(char **argv)
{
if (argv[1] == NULL || argv[2] == NULL)
return (KORE_RESULT_ERROR);
add IPv6 support and support for multiple listeners.
2013-07-27 20:56:15 +02:00
return (kore_server_bind(argv[1], argv[2]));
add missing config.c
2013-05-01 17:17:16 +02:00
}
static int
configure_load(char **argv)
{
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
kore_module_load(argv[1]);
return (KORE_RESULT_OK);
}
allow onload to be given in the config file. onload specifies what function in your module to call when the module has been loaded or reloaded.
2013-05-30 21:26:39 +02:00
static int
configure_onload(char **argv)
{
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
if (kore_module_onload != NULL) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("duplicate onload directive found");
allow onload to be given in the config file. onload specifies what function in your module to call when the module has been loaded or reloaded.
2013-05-30 21:26:39 +02:00
return (KORE_RESULT_ERROR);
}
kore_module_onload = kore_strdup(argv[1]);
return (KORE_RESULT_OK);
}
- Better spread load between all worker processes. - Introduce own memory management system on top of malloc to keep track of all our allocations and free's. Later we should introduce a pooling mechanism for fixed size allocations (http_request comes to mind). - Introduce ssl_cipher in configuration. Memory usage is kind of high right now, but it seems its OpenSSL doing it rather then Kore.
2013-06-27 08:43:07 +02:00
static int
configure_ssl_cipher(char **argv)
{
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
if (strcmp(kore_ssl_cipher_list, KORE_DEFAULT_CIPHER_LIST)) {
kore_debug("duplicate ssl_cipher directive specified");
return (KORE_RESULT_ERROR);
}
kore_ssl_cipher_list = kore_strdup(argv[1]);
return (KORE_RESULT_OK);
}
Add support for ephemeral key exchange mechanisms, ssl_dhparam configuration option must be set (and point to a file containing a generated DH key).
2013-08-07 16:51:39 +02:00
static int
configure_ssl_dhparam(char **argv)
{
BIO *bio;
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
if (ssl_dhparam != NULL) {
kore_debug("duplicate ssl_dhparam directive specified");
return (KORE_RESULT_ERROR);
}
if ((bio = BIO_new_file(argv[1], "r")) == NULL) {
kore_debug("%s did not exist", argv[1]);
return (KORE_RESULT_ERROR);
}
ssl_dhparam = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
BIO_free(bio);
if (ssl_dhparam == NULL) {
kore_debug("PEM_read_bio_DHparams(): %s", ssl_errno_s);
return (KORE_RESULT_ERROR);
}
return (KORE_RESULT_OK);
}
add ssl_no_compression option to allow one to disable OpenSSL compression.
2013-08-07 16:59:45 +02:00
static int
configure_ssl_no_compression(char **argv)
{
ssl_no_compression = 1;
return (KORE_RESULT_OK);
}
Kore can now disconnect SPDY session if they've been idle too long. Configurable via spdy_idle_time in your configuration file. Setting this to 0 will keep SPDY sessions open indefinately.
2013-07-13 20:19:01 +02:00
static int
configure_spdy_idle_time(char **argv)
{
int err;
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
Pass the base for strtoll() to kore_strtonum(), breakage ensues if we depend on the "auto" detection that happens when we pass 0 to strtoll() as base.
2013-08-13 16:13:43 +02:00
spdy_idle_time = kore_strtonum(argv[1], 10, 0, 65535, &err);
Kore can now disconnect SPDY session if they've been idle too long. Configurable via spdy_idle_time in your configuration file. Setting this to 0 will keep SPDY sessions open indefinately.
2013-07-13 20:19:01 +02:00
if (err != KORE_RESULT_OK) {
kore_debug("spdy_idle_time has invalid value: %s", argv[1]);
return (KORE_RESULT_ERROR);
}
spdy_idle_time = spdy_idle_time * 1000;
return (KORE_RESULT_OK);
}
from now on configuration files must specify a domain for the handlers that follow. This allows for easy subdomain configuration. example: domain joris.local static / serve_index domain .joris.local static / serve_another_index
2013-05-02 13:30:13 +02:00
static int
configure_domain(char **argv)
{
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
if (argv[2] == NULL)
from now on configuration files must specify a domain for the handlers that follow. This allows for easy subdomain configuration. example: domain joris.local static / serve_index domain .joris.local static / serve_another_index
2013-05-02 13:30:13 +02:00
return (KORE_RESULT_ERROR);
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
if (current_domain != NULL) {
kore_debug("previous domain configuration not closed");
return (KORE_RESULT_ERROR);
}
if (strcmp(argv[2], "{")) {
kore_debug("missing { for domain directive");
return (KORE_RESULT_ERROR);
}
if (!kore_domain_new(argv[1])) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("could not create new domain %s", current_domain);
switch dynamic handlers to regex based patterns, much easier.
2013-05-29 14:29:46 +02:00
return (KORE_RESULT_ERROR);
}
from now on configuration files must specify a domain for the handlers that follow. This allows for easy subdomain configuration. example: domain joris.local static / serve_index domain .joris.local static / serve_another_index
2013-05-02 13:30:13 +02:00
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
current_domain = kore_domain_lookup(argv[1]);
from now on configuration files must specify a domain for the handlers that follow. This allows for easy subdomain configuration. example: domain joris.local static / serve_index domain .joris.local static / serve_another_index
2013-05-02 13:30:13 +02:00
return (KORE_RESULT_OK);
}
add missing config.c
2013-05-01 17:17:16 +02:00
static int
configure_handler(char **argv)
{
int type;
from now on configuration files must specify a domain for the handlers that follow. This allows for easy subdomain configuration. example: domain joris.local static / serve_index domain .joris.local static / serve_another_index
2013-05-02 13:30:13 +02:00
if (current_domain == NULL) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("missing domain for page handler");
from now on configuration files must specify a domain for the handlers that follow. This allows for easy subdomain configuration. example: domain joris.local static / serve_index domain .joris.local static / serve_another_index
2013-05-02 13:30:13 +02:00
return (KORE_RESULT_ERROR);
}
add missing config.c
2013-05-01 17:17:16 +02:00
if (argv[1] == NULL || argv[2] == NULL)
return (KORE_RESULT_ERROR);
if (!strcmp(argv[0], "static"))
type = HANDLER_TYPE_STATIC;
else if (!strcmp(argv[0], "dynamic"))
type = HANDLER_TYPE_DYNAMIC;
else
return (KORE_RESULT_ERROR);
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
if (!kore_module_handler_new(argv[1],
current_domain->domain, argv[2], type)) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("cannot create handler for %s", argv[1]);
add missing config.c
2013-05-01 17:17:16 +02:00
return (KORE_RESULT_ERROR);
}
return (KORE_RESULT_OK);
}
add chroot and runas directives so we can chroot and drop privilegs properly
2013-05-04 22:18:27 +02:00
static int
configure_chroot(char **argv)
{
if (chroot_path != NULL) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("duplicate chroot path specified");
add chroot and runas directives so we can chroot and drop privilegs properly
2013-05-04 22:18:27 +02:00
return (KORE_RESULT_ERROR);
}
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
chroot_path = kore_strdup(argv[1]);
return (KORE_RESULT_OK);
}
static int
configure_runas(char **argv)
{
if (runas_user != NULL) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("duplicate runas user specified");
add chroot and runas directives so we can chroot and drop privilegs properly
2013-05-04 22:18:27 +02:00
return (KORE_RESULT_ERROR);
}
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
runas_user = kore_strdup(argv[1]);
return (KORE_RESULT_OK);
}
move to a worker based threading approach where we delegate http requests to workers in a round robin basis (later this should be swapped to find the laziest worker and assign the request to that instead).
2013-05-30 19:36:42 +02:00
static int
configure_workers(char **argv)
{
int err;
if (worker_count != 0) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("duplicate worker directive specified");
move to a worker based threading approach where we delegate http requests to workers in a round robin basis (later this should be swapped to find the laziest worker and assign the request to that instead).
2013-05-30 19:36:42 +02:00
return (KORE_RESULT_ERROR);
}
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
Pass the base for strtoll() to kore_strtonum(), breakage ensues if we depend on the "auto" detection that happens when we pass 0 to strtoll() as base.
2013-08-13 16:13:43 +02:00
worker_count = kore_strtonum(argv[1], 10, 1, 255, &err);
move to a worker based threading approach where we delegate http requests to workers in a round robin basis (later this should be swapped to find the laziest worker and assign the request to that instead).
2013-05-30 19:36:42 +02:00
if (err != KORE_RESULT_OK) {
rename kore_log to kore_debug, and allow one to turn it off.
2013-06-04 16:30:53 +02:00
kore_debug("%s is not a correct worker number", argv[1]);
move to a worker based threading approach where we delegate http requests to workers in a round robin basis (later this should be swapped to find the laziest worker and assign the request to that instead).
2013-05-30 19:36:42 +02:00
return (KORE_RESULT_ERROR);
}
return (KORE_RESULT_OK);
}
write main process pid to /var/run/kore.pid (changable in configuration)
2013-06-04 16:53:30 +02:00
static int
configure_pidfile(char **argv)
{
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
if (strcmp(kore_pidfile, KORE_PIDFILE_DEFAULT)) {
kore_debug("duplicate pidfile directive specified");
return (KORE_RESULT_ERROR);
}
kore_pidfile = kore_strdup(argv[1]);
return (KORE_RESULT_OK);
}
Introduce certfile and certkey in the configuration to specify where the certificate file and keys are located on a system. Free unused vars in the main process after starting.
2013-06-05 09:47:08 +02:00
static int
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
configure_accesslog(char **argv)
Introduce certfile and certkey in the configuration to specify where the certificate file and keys are located on a system. Free unused vars in the main process after starting.
2013-06-05 09:47:08 +02:00
{
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
if (current_domain == NULL) {
kore_debug("missing domain for accesslog");
Introduce certfile and certkey in the configuration to specify where the certificate file and keys are located on a system. Free unused vars in the main process after starting.
2013-06-05 09:47:08 +02:00
return (KORE_RESULT_ERROR);
}
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
if (current_domain->accesslog != -1) {
kore_debug("domain %s already has an open accesslog",
current_domain->domain);
Introduce certfile and certkey in the configuration to specify where the certificate file and keys are located on a system. Free unused vars in the main process after starting.
2013-06-05 09:47:08 +02:00
return (KORE_RESULT_ERROR);
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
}
Introduce certfile and certkey in the configuration to specify where the certificate file and keys are located on a system. Free unused vars in the main process after starting.
2013-06-05 09:47:08 +02:00
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
current_domain->accesslog = open(argv[1],
O_CREAT | O_APPEND | O_WRONLY, 0755);
if (current_domain->accesslog == -1) {
kore_debug("open(%s): %s", argv[1], errno_s);
Introduce certfile and certkey in the configuration to specify where the certificate file and keys are located on a system. Free unused vars in the main process after starting.
2013-06-05 09:47:08 +02:00
return (KORE_RESULT_ERROR);
}
return (KORE_RESULT_OK);
}
Add access logging to Kore.
2013-06-24 09:36:40 +02:00
static int
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
configure_certfile(char **argv)
Add access logging to Kore.
2013-06-24 09:36:40 +02:00
{
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
if (current_domain == NULL) {
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
kore_debug("missing domain for certfile");
Add access logging to Kore.
2013-06-24 09:36:40 +02:00
return (KORE_RESULT_ERROR);
}
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
if (current_domain->certfile != NULL) {
kore_debug("domain already has a certfile set");
Add access logging to Kore.
2013-06-24 09:36:40 +02:00
return (KORE_RESULT_ERROR);
}
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
current_domain->certfile = kore_strdup(argv[1]);
return (KORE_RESULT_OK);
}
static int
configure_certkey(char **argv)
{
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
if (current_domain == NULL) {
kore_debug("missing domain for certkey");
Add access logging to Kore.
2013-06-24 09:36:40 +02:00
return (KORE_RESULT_ERROR);
}
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
if (current_domain->certkey != NULL) {
kore_debug("domain already has a certkey set");
Add access logging to Kore.
2013-06-24 09:36:40 +02:00
return (KORE_RESULT_ERROR);
}
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
current_domain->certkey = kore_strdup(argv[1]);
Add access logging to Kore.
2013-06-24 09:36:40 +02:00
return (KORE_RESULT_OK);
}
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
Add a form of synchronization between what worker will be accepting new connections and which ones will not be notified for it. Fixes the thundering herd problem, and nicely spreads out load between all the workers equally. A configuration option (workers_max_connections) is available to tweak how many connections a worker will have before giving up the accept lock. Two ways are added to this commit for access locking: - Locking via semaphores. - Locking via GCC's builtin atomic methods. The default is running with semaphores disabled (OpenBSD cannot do sem_init() with pshared set to 1, which is required). If you want to use semaphores add KORE_USE_SEMAPHORES to CFLAGS, and -lpthread to LDFLAGS in the Makefile. Other fixes: - BSD: add a timeout to kevent(). - Merge kore_worker_wait together, linux knows waitpid() as well. - Send the correct SIGQUIT signal to workers instead of SIGINT. - Fix kore_time_ms(). - Log fatal worker messages in syslog. - Refactor code even more. - Do not free our own kore_worker structure.
2013-06-26 16:37:22 +02:00
static int
configure_max_connections(char **argv)
{
int err;
if (argv[1] == NULL)
return (KORE_RESULT_ERROR);
Pass the base for strtoll() to kore_strtonum(), breakage ensues if we depend on the "auto" detection that happens when we pass 0 to strtoll() as base.
2013-08-13 16:13:43 +02:00
worker_max_connections = kore_strtonum(argv[1], 10, 1, 65535, &err);
Add a form of synchronization between what worker will be accepting new connections and which ones will not be notified for it. Fixes the thundering herd problem, and nicely spreads out load between all the workers equally. A configuration option (workers_max_connections) is available to tweak how many connections a worker will have before giving up the accept lock. Two ways are added to this commit for access locking: - Locking via semaphores. - Locking via GCC's builtin atomic methods. The default is running with semaphores disabled (OpenBSD cannot do sem_init() with pshared set to 1, which is required). If you want to use semaphores add KORE_USE_SEMAPHORES to CFLAGS, and -lpthread to LDFLAGS in the Makefile. Other fixes: - BSD: add a timeout to kevent(). - Merge kore_worker_wait together, linux knows waitpid() as well. - Send the correct SIGQUIT signal to workers instead of SIGINT. - Fix kore_time_ms(). - Log fatal worker messages in syslog. - Refactor code even more. - Do not free our own kore_worker structure.
2013-06-26 16:37:22 +02:00
if (err != KORE_RESULT_OK)
return (KORE_RESULT_ERROR);
return (KORE_RESULT_OK);
}
add SNI support, and change domain configuration a bit.
2013-06-24 11:32:45 +02:00
static void
domain_sslstart(void)
{
kore_domain_sslstart(current_domain);
current_domain = NULL;
}