[core] no SOCK_CLOEXEC on Linux kernel < 2.6.27

Linux kernels < 2.6.27 (old!) might return EINVAL if SOCK_CLOEXEC used x-ref: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529929 http://www.linksysinfo.org/index.php?threads/lighttpd-no-longer-starts-toastman-1-28-0510-7.73132/
2017-04-15 17:38:15 -04:00 · 2017-04-15 17:38:15 -04:00 · 8641d1b03f
parent 9e46b8ea25
commit 8641d1b03f
6 changed files with 72 additions and 39 deletions
--- a/src/connections.c
+++ b/src/connections.c
@ -901,13 +901,9 @@ static handler_t connection_handle_fdevent(server *srv, void *context, int reven


 connection *connection_accept(server *srv, server_socket *srv_socket) {
-	/* accept everything */
-
-	/* search an empty place */
 	int cnt;
 	sock_addr cnt_addr;
-	socklen_t cnt_len;
-	/* accept it and register the fd */
+	size_t cnt_len = sizeof(cnt_addr); /*(size_t intentional; not socklen_t)*/

 	/**
 	 * check if we can still open a new connections
@ -919,17 +915,7 @@ connection *connection_accept(server *srv, server_socket *srv_socket) {
 		return NULL;
 	}

-	cnt_len = sizeof(cnt_addr);
-
-#if defined(SOCK_CLOEXEC) && defined(SOCK_NONBLOCK)
-#if defined(__NetBSD__)
-	cnt = paccept(srv_socket->fd, (struct sockaddr *) &cnt_addr, &cnt_len, NULL, SOCK_CLOEXEC | SOCK_NONBLOCK);
-#else
-	cnt = accept4(srv_socket->fd, (struct sockaddr *) &cnt_addr, &cnt_len, SOCK_CLOEXEC | SOCK_NONBLOCK);
-#endif
-#else
-	cnt = accept(srv_socket->fd, (struct sockaddr *) &cnt_addr, &cnt_len);
-#endif
+	cnt = fdevent_accept_listenfd(srv_socket->fd, (struct sockaddr *) &cnt_addr, &cnt_len);
 	if (-1 == cnt) {
 		switch (errno) {
 		case EAGAIN:
--- a/src/fdevent.c
+++ b/src/fdevent.c
@ -5,6 +5,7 @@
 #include "log.h"

 #include <sys/types.h>
+#include "sys-socket.h"

 #include <unistd.h>
 #include <stdlib.h>
@ -12,9 +13,23 @@
 #include <errno.h>
 #include <fcntl.h>

+static int use_sock_cloexec;
+
 fdevents *fdevent_init(server *srv, size_t maxfds, int type) {
 	fdevents *ev;

+      #ifdef SOCK_CLOEXEC
+	/* Test if SOCK_CLOEXEC is supported by kernel.
+	 * Linux kernels < 2.6.27 might return EINVAL if SOCK_CLOEXEC used
+	 * https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529929
+	 * http://www.linksysinfo.org/index.php?threads/lighttpd-no-longer-starts-toastman-1-28-0510-7.73132/ */
+	int fd = socket(AF_INET, SOCK_STREAM | SOCK_CLOEXEC, 0);
+	if (fd >= 0) {
+		use_sock_cloexec = 1;
+		close(fd);
+	}
+      #endif
+
 	ev = calloc(1, sizeof(*ev));
 	force_assert(NULL != ev);
 	ev->srv = srv;
@ -264,7 +279,7 @@ void * fdevent_get_context(fdevents *ev, int fd) {
 	return ev->fdarray[fd]->ctx;
 }

-void fd_close_on_exec(int fd) {
+void fdevent_setfd_cloexec(int fd) {
 #ifdef FD_CLOEXEC
 	if (fd < 0) return;
 	force_assert(-1 != fcntl(fd, F_SETFD, FD_CLOEXEC));
@ -273,6 +288,14 @@ void fd_close_on_exec(int fd) {
 #endif
 }

+void fdevent_clrfd_cloexec(int fd) {
+#ifdef FD_CLOEXEC
+	if (fd >= 0) force_assert(-1 != fcntl(fd, F_SETFD, 0));
+#else
+	UNUSED(fd);
+#endif
+}
+
 int fdevent_fcntl_set(fdevents *ev, int fd) {
 	return ((ev) && (ev->fcntl_set)) ? ev->fcntl_set(ev, fd) : 0;
 }
@ -293,31 +316,32 @@ int fdevent_fcntl_set_nb_cloexec(fdevents *ev, int fd) {

 int fdevent_fcntl_set_nb_cloexec_sock(fdevents *ev, int fd) {
 #if defined(SOCK_CLOEXEC) && defined(SOCK_NONBLOCK)
-	return ((ev) && (ev->fcntl_set)) ? ev->fcntl_set(ev, fd) : 0;
-#else
-	return fdevent_fcntl_set_nb_cloexec(ev, fd);
+	if (use_sock_cloexec)
+		return ((ev) && (ev->fcntl_set)) ? ev->fcntl_set(ev, fd) : 0;
 #endif
+	return fdevent_fcntl_set_nb_cloexec(ev, fd);
 }

 int fdevent_socket_cloexec(int domain, int type, int protocol) {
-#ifdef SOCK_CLOEXEC
-	return socket(domain, type | SOCK_CLOEXEC, protocol);
-#else
 	int fd;
+#ifdef SOCK_CLOEXEC
+	if (use_sock_cloexec)
+		return socket(domain, type | SOCK_CLOEXEC, protocol);
+#endif
 	if (-1 != (fd = socket(domain, type, protocol))) {
 #ifdef FD_CLOEXEC
 		fcntl(fd, F_SETFD, FD_CLOEXEC);
 #endif
 	}
 	return fd;
-#endif
 }

 int fdevent_socket_nb_cloexec(int domain, int type, int protocol) {
-#ifdef SOCK_CLOEXEC
-	return socket(domain, type | SOCK_CLOEXEC | SOCK_NONBLOCK, protocol);
-#else
 	int fd;
+#ifdef SOCK_CLOEXEC
+	if (use_sock_cloexec)
+		return socket(domain, type | SOCK_CLOEXEC | SOCK_NONBLOCK, protocol);
+#endif
 	if (-1 != (fd = socket(domain, type, protocol))) {
 #ifdef FD_CLOEXEC
 		fcntl(fd, F_SETFD, FD_CLOEXEC);
@ -327,7 +351,6 @@ int fdevent_socket_nb_cloexec(int domain, int type, int protocol) {
 #endif
 	}
 	return fd;
-#endif
 }

 #ifndef O_NOCTTY
@ -348,6 +371,27 @@ int fdevent_open_cloexec(const char *pathname, int flags, mode_t mode) {
 }


+int fdevent_accept_listenfd(int listenfd, struct sockaddr *addr, size_t *addrlen) {
+	int fd;
+	socklen_t len = (socklen_t) *addrlen;
+
+      #if defined(SOCK_CLOEXEC) && defined(SOCK_NONBLOCK)
+       #if defined(__NetBSD__)
+	fd = paccept(listenfd, addr, &len, NULL, SOCK_CLOEXEC | SOCK_NONBLOCK);
+       #else
+	fd = (use_sock_cloexec)
+	  ? accept4(listenfd, addr, &len, SOCK_CLOEXEC | SOCK_NONBLOCK)
+	  : accept(listenfd, addr, &len);
+       #endif
+      #else
+	fd = accept(listenfd, addr, &len);
+      #endif
+
+	if (fd >= 0) *addrlen = (size_t)len;
+	return fd;
+}
+
+
 int fdevent_event_next_fdndx(fdevents *ev, int ndx) {
 	if (ev->event_next_fdndx) return ev->event_next_fdndx(ev, ndx);

--- a/src/fdevent.h
+++ b/src/fdevent.h
@ -206,7 +206,9 @@ int fdevent_unregister(fdevents *ev, int fd);
 void fdevent_sched_close(fdevents *ev, int fd, int issock);
 void fdevent_sched_run(struct server *srv, fdevents *ev);

-void fd_close_on_exec(int fd);
+#define fd_close_on_exec(fd) fdevent_setfd_cloexec(fd)
+void fdevent_setfd_cloexec(int fd);
+void fdevent_clrfd_cloexec(int fd);
 int fdevent_fcntl_set(fdevents *ev, int fd);
 int fdevent_fcntl_set_nb(fdevents *ev, int fd);
 int fdevent_fcntl_set_nb_cloexec(fdevents *ev, int fd);
@ -215,6 +217,9 @@ int fdevent_socket_cloexec(int domain, int type, int protocol);
 int fdevent_socket_nb_cloexec(int domain, int type, int protocol);
 int fdevent_open_cloexec(const char *pathname, int flags, mode_t mode);

+struct sockaddr;
+int fdevent_accept_listenfd(int listenfd, struct sockaddr *addr, size_t *addrlen);
+
 int fdevent_select_init(fdevents *ev);
 int fdevent_poll_init(fdevents *ev);
 int fdevent_linux_sysepoll_init(fdevents *ev);
--- a/src/mod_fastcgi.c
+++ b/src/mod_fastcgi.c
@ -1122,10 +1122,9 @@ static int fcgi_spawn_connection(server *srv,
 				dup2(fcgi_fd, FCGI_LISTENSOCK_FILENO);
 				close(fcgi_fd);
 			}
-		      #ifdef SOCK_CLOEXEC
-			else
-				(void)fcntl(fcgi_fd, F_SETFD, 0); /* clear cloexec */
-		      #endif
+			else {
+				fdevent_clrfd_cloexec(fcgi_fd);
+			}

 			/* we don't need the client socket */
 			for (i = 3; i < 256; i++) {
--- a/src/mod_scgi.c
+++ b/src/mod_scgi.c
@ -876,10 +876,9 @@ static int scgi_spawn_connection(server *srv,
 				dup2(scgi_fd, 0);
 				close(scgi_fd);
 			}
-		      #ifdef SOCK_CLOEXEC
-			else
-				(void)fcntl(scgi_fd, F_SETFD, 0); /* clear cloexec */
-		      #endif
+			else {
+				fdevent_clrfd_cloexec(scgi_fd);
+			}

 			/* we don't need the client socket */
 			for (fd = 3; fd < 256; fd++) {
--- a/src/test_configfile.c
+++ b/src/test_configfile.c
@ -87,5 +87,5 @@ int main (void) {
 /*
 * stub functions (for linking)
 */
-void fd_close_on_exec(int fd);
-void fd_close_on_exec(int fd) { UNUSED(fd); }
+void fdevent_setfd_cloexec(int fd);
+void fdevent_setfd_cloexec(int fd) { UNUSED(fd); }