1*cf1d77f7Schristos /* $NetBSD: init.c,v 1.2 2021/08/14 16:14:58 christos Exp $ */
292cfeba6Schristos
392cfeba6Schristos /* init.c - initialize various things */
492cfeba6Schristos /* $OpenLDAP$ */
592cfeba6Schristos /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
692cfeba6Schristos *
792cfeba6Schristos * Copyright 1998-2021 The OpenLDAP Foundation.
892cfeba6Schristos * All rights reserved.
992cfeba6Schristos *
1092cfeba6Schristos * Redistribution and use in source and binary forms, with or without
1192cfeba6Schristos * modification, are permitted only as authorized by the OpenLDAP
1292cfeba6Schristos * Public License.
1392cfeba6Schristos *
1492cfeba6Schristos * A copy of this license is available in the file LICENSE in the
1592cfeba6Schristos * top-level directory of the distribution or, alternatively, at
1692cfeba6Schristos * <http://www.OpenLDAP.org/license.html>.
1792cfeba6Schristos */
1892cfeba6Schristos /* Portions Copyright (c) 1995 Regents of the University of Michigan.
1992cfeba6Schristos * All rights reserved.
2092cfeba6Schristos *
2192cfeba6Schristos * Redistribution and use in source and binary forms are permitted
2292cfeba6Schristos * provided that this notice is preserved and that due credit is given
2392cfeba6Schristos * to the University of Michigan at Ann Arbor. The name of the University
2492cfeba6Schristos * may not be used to endorse or promote products derived from this
2592cfeba6Schristos * software without specific prior written permission. This software
2692cfeba6Schristos * is provided ``as is'' without express or implied warranty.
2792cfeba6Schristos */
2892cfeba6Schristos
2992cfeba6Schristos #include <sys/cdefs.h>
30*cf1d77f7Schristos __RCSID("$NetBSD: init.c,v 1.2 2021/08/14 16:14:58 christos Exp $");
3192cfeba6Schristos
3292cfeba6Schristos #include "portable.h"
3392cfeba6Schristos
3492cfeba6Schristos #include <stdio.h>
3592cfeba6Schristos
3692cfeba6Schristos #include <ac/socket.h>
3792cfeba6Schristos #include <ac/string.h>
3892cfeba6Schristos #include <ac/time.h>
3992cfeba6Schristos
4092cfeba6Schristos #include "lload.h"
4192cfeba6Schristos #include "lber_pvt.h"
4292cfeba6Schristos
4392cfeba6Schristos #include "ldap_rq.h"
4492cfeba6Schristos
4592cfeba6Schristos #ifndef BALANCER_MODULE
4692cfeba6Schristos /*
4792cfeba6Schristos * read-only global variables or variables only written by the listener
4892cfeba6Schristos * thread (after they are initialized) - no need to protect them with a mutex.
4992cfeba6Schristos */
5092cfeba6Schristos int slap_debug = 0;
5192cfeba6Schristos
5292cfeba6Schristos #ifdef LDAP_DEBUG
5392cfeba6Schristos int ldap_syslog = LDAP_DEBUG_STATS;
5492cfeba6Schristos #else
5592cfeba6Schristos int ldap_syslog;
5692cfeba6Schristos #endif
5792cfeba6Schristos
5892cfeba6Schristos #ifdef LOG_DEBUG
5992cfeba6Schristos int ldap_syslog_level = LOG_DEBUG;
6092cfeba6Schristos #endif
6192cfeba6Schristos
6292cfeba6Schristos /*
6392cfeba6Schristos * global variables that need mutex protection
6492cfeba6Schristos */
6592cfeba6Schristos ldap_pvt_thread_pool_t connection_pool;
6692cfeba6Schristos int connection_pool_max = SLAP_MAX_WORKER_THREADS;
6792cfeba6Schristos int connection_pool_queues = 1;
6892cfeba6Schristos int slap_tool_thread_max = 1;
6992cfeba6Schristos
7092cfeba6Schristos int slapMode = SLAP_UNDEFINED_MODE;
7192cfeba6Schristos #endif /* !BALANCER_MODULE */
7292cfeba6Schristos
7392cfeba6Schristos static const char *lload_name = NULL;
7492cfeba6Schristos
7592cfeba6Schristos int
lload_global_init(void)7692cfeba6Schristos lload_global_init( void )
7792cfeba6Schristos {
7892cfeba6Schristos int rc;
7992cfeba6Schristos
8092cfeba6Schristos if ( lload_libevent_init() ) {
8192cfeba6Schristos return -1;
8292cfeba6Schristos }
8392cfeba6Schristos
8492cfeba6Schristos #ifdef HAVE_TLS
8592cfeba6Schristos if ( ldap_create( &lload_tls_backend_ld ) ) {
8692cfeba6Schristos return -1;
8792cfeba6Schristos }
8892cfeba6Schristos if ( ldap_create( &lload_tls_ld ) ) {
8992cfeba6Schristos return -1;
9092cfeba6Schristos }
9192cfeba6Schristos
9292cfeba6Schristos /* Library defaults to full certificate checking. This is correct when
9392cfeba6Schristos * a client is verifying a server because all servers should have a
9492cfeba6Schristos * valid cert. But few clients have valid certs, so we want our default
9592cfeba6Schristos * to be no checking. The config file can override this as usual.
9692cfeba6Schristos */
9792cfeba6Schristos rc = LDAP_OPT_X_TLS_NEVER;
9892cfeba6Schristos (void)ldap_pvt_tls_set_option(
9992cfeba6Schristos lload_tls_ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &rc );
10092cfeba6Schristos #endif
10192cfeba6Schristos
10292cfeba6Schristos ldap_pvt_thread_mutex_init( &lload_wait_mutex );
10392cfeba6Schristos ldap_pvt_thread_cond_init( &lload_wait_cond );
10492cfeba6Schristos ldap_pvt_thread_cond_init( &lload_pause_cond );
10592cfeba6Schristos
10692cfeba6Schristos ldap_pvt_thread_mutex_init( &backend_mutex );
10792cfeba6Schristos ldap_pvt_thread_mutex_init( &clients_mutex );
10892cfeba6Schristos ldap_pvt_thread_mutex_init( &lload_pin_mutex );
10992cfeba6Schristos
11092cfeba6Schristos if ( lload_exop_init() ) {
11192cfeba6Schristos return -1;
11292cfeba6Schristos }
11392cfeba6Schristos return 0;
11492cfeba6Schristos }
11592cfeba6Schristos
11692cfeba6Schristos int
lload_tls_init(void)11792cfeba6Schristos lload_tls_init( void )
11892cfeba6Schristos {
11992cfeba6Schristos #ifdef HAVE_TLS
12092cfeba6Schristos int rc, opt = 1;
12192cfeba6Schristos
12292cfeba6Schristos /* Force new ctx to be created */
12392cfeba6Schristos rc = ldap_pvt_tls_set_option( lload_tls_ld, LDAP_OPT_X_TLS_NEWCTX, &opt );
12492cfeba6Schristos if ( rc == 0 ) {
12592cfeba6Schristos /* The ctx's refcount is bumped up here */
12692cfeba6Schristos ldap_pvt_tls_get_option(
12792cfeba6Schristos lload_tls_ld, LDAP_OPT_X_TLS_CTX, &lload_tls_ctx );
12892cfeba6Schristos } else if ( rc != LDAP_NOT_SUPPORTED ) {
12992cfeba6Schristos Debug( LDAP_DEBUG_ANY, "lload_global_init: "
13092cfeba6Schristos "TLS init def ctx failed: %d\n",
13192cfeba6Schristos rc );
13292cfeba6Schristos return -1;
13392cfeba6Schristos }
13492cfeba6Schristos #endif
13592cfeba6Schristos return 0;
13692cfeba6Schristos }
13792cfeba6Schristos
13892cfeba6Schristos int
lload_init(int mode,const char * name)13992cfeba6Schristos lload_init( int mode, const char *name )
14092cfeba6Schristos {
14192cfeba6Schristos int rc = LDAP_SUCCESS;
14292cfeba6Schristos
14392cfeba6Schristos assert( mode );
14492cfeba6Schristos
14592cfeba6Schristos if ( slapMode != SLAP_UNDEFINED_MODE ) {
14692cfeba6Schristos /* Make sure we write something to stderr */
14792cfeba6Schristos slap_debug |= LDAP_DEBUG_NONE;
14892cfeba6Schristos Debug( LDAP_DEBUG_ANY, "%s init: "
14992cfeba6Schristos "init called twice (old=%d, new=%d)\n",
15092cfeba6Schristos name, slapMode, mode );
15192cfeba6Schristos
15292cfeba6Schristos return 1;
15392cfeba6Schristos }
15492cfeba6Schristos
15592cfeba6Schristos slapMode = mode;
15692cfeba6Schristos
15792cfeba6Schristos switch ( slapMode & SLAP_MODE ) {
15892cfeba6Schristos case SLAP_SERVER_MODE:
15992cfeba6Schristos Debug( LDAP_DEBUG_TRACE, "%s init: "
16092cfeba6Schristos "initiated server.\n",
16192cfeba6Schristos name );
16292cfeba6Schristos
16392cfeba6Schristos lload_name = name;
16492cfeba6Schristos
16592cfeba6Schristos ldap_pvt_thread_pool_init_q( &connection_pool, connection_pool_max,
16692cfeba6Schristos 0, connection_pool_queues );
16792cfeba6Schristos
16892cfeba6Schristos ldap_pvt_thread_mutex_init( &slapd_rq.rq_mutex );
16992cfeba6Schristos LDAP_STAILQ_INIT( &slapd_rq.task_list );
17092cfeba6Schristos LDAP_STAILQ_INIT( &slapd_rq.run_list );
17192cfeba6Schristos
17292cfeba6Schristos rc = lload_global_init();
17392cfeba6Schristos break;
17492cfeba6Schristos
17592cfeba6Schristos default:
17692cfeba6Schristos slap_debug |= LDAP_DEBUG_NONE;
17792cfeba6Schristos Debug( LDAP_DEBUG_ANY, "%s init: "
17892cfeba6Schristos "undefined mode (%d).\n",
17992cfeba6Schristos name, mode );
18092cfeba6Schristos
18192cfeba6Schristos rc = 1;
18292cfeba6Schristos break;
18392cfeba6Schristos }
18492cfeba6Schristos
18592cfeba6Schristos return rc;
18692cfeba6Schristos }
18792cfeba6Schristos
18892cfeba6Schristos int
lload_destroy(void)18992cfeba6Schristos lload_destroy( void )
19092cfeba6Schristos {
19192cfeba6Schristos int rc = LDAP_SUCCESS;
19292cfeba6Schristos
19392cfeba6Schristos Debug( LDAP_DEBUG_TRACE, "%s destroy: "
19492cfeba6Schristos "freeing system resources.\n",
19592cfeba6Schristos lload_name );
19692cfeba6Schristos
19792cfeba6Schristos ldap_pvt_thread_pool_free( &connection_pool );
19892cfeba6Schristos
19992cfeba6Schristos switch ( slapMode & SLAP_MODE ) {
20092cfeba6Schristos case SLAP_SERVER_MODE:
20192cfeba6Schristos break;
20292cfeba6Schristos
20392cfeba6Schristos default:
20492cfeba6Schristos Debug( LDAP_DEBUG_ANY, "lload_destroy(): "
20592cfeba6Schristos "undefined mode (%d).\n",
20692cfeba6Schristos slapMode );
20792cfeba6Schristos
20892cfeba6Schristos rc = 1;
20992cfeba6Schristos break;
21092cfeba6Schristos }
21192cfeba6Schristos
21292cfeba6Schristos ldap_pvt_thread_destroy();
21392cfeba6Schristos
21492cfeba6Schristos /* should destroy the above mutex */
21592cfeba6Schristos return rc;
21692cfeba6Schristos }
217