ConfigStorage::ConfigStorage()
: m_timer(new TouchFile),
m_sharedMemory(NULL),
m_recursive(0),
m_mutexTID(0)
{
m_cfg_file = -1;
m_dirty = false;
PathName filename;
#ifdef WIN_NT
DWORD sesID = 0;
typedef BOOL (WINAPI *PFnProcessIdToSessionId) (DWORD, DWORD *);
HMODULE hmodKernel32 = GetModuleHandle("kernel32.dll");
PFnProcessIdToSessionId pfnProcessIdToSessionId =
(PFnProcessIdToSessionId) GetProcAddress(hmodKernel32, "ProcessIdToSessionId");
if (fb_utils::isGlobalKernelPrefix() ||
!pfnProcessIdToSessionId ||
pfnProcessIdToSessionId(GetCurrentProcessId(), &sesID) == 0 ||
sesID == 0)
{
filename.printf(TRACE_FILE); // TODO: it must be per engine instance
}
else
{
filename.printf("%s.%u", TRACE_FILE, sesID);
}
#else
filename.printf(TRACE_FILE); // TODO: it must be per engine instance
#endif
try
{
m_sharedMemory.reset(FB_NEW(getPool())
SharedMemory<TraceCSHeader>(filename.c_str(), sizeof(TraceCSHeader), this));
}
catch (const Exception& ex)
{
iscLogException("ConfigStorage: Cannot initialize the shared memory region", ex);
throw;
}
fb_assert(m_sharedMemory->getHeader());
fb_assert(m_sharedMemory->getHeader()->mhb_version == 1);
StorageGuard guard(this);
checkFile();
m_timer->start(m_sharedMemory->getHeader()->cfg_file_name);
++(m_sharedMemory->getHeader()->cnt_uses);
}
void WINAPI CNTL_main_thread( DWORD /*argc*/, char* /*argv*/[])
{
/**************************************
*
* C N T L _ m a i n _ t h r e a d
*
**************************************
*
* Functional description
*
**************************************/
service_handle = RegisterServiceCtrlHandler(service_name->c_str(), control_thread);
if (!service_handle)
return;
int status = 1;
DWORD temp = 0;
if (report_status(SERVICE_START_PENDING, NO_ERROR, 1, 3000) &&
(stop_event_handle = CreateEvent(NULL, TRUE, FALSE, NULL)) != NULL &&
report_status(SERVICE_START_PENDING, NO_ERROR, 2, 3000))
{
try
{
Thread::start(main_handler, NULL, THREAD_medium);
if (report_status(SERVICE_RUNNING, NO_ERROR, 0, 0))
{
status = 0;
temp = WaitForSingleObject(stop_event_handle, INFINITE);
}
}
catch (const Firebird::Exception& ex)
{
iscLogException("CNTL: cannot start service handler thread", ex);
}
}
DWORD last_error = 0;
if (temp == WAIT_FAILED || status)
last_error = GetLastError();
if (stop_event_handle)
CloseHandle(stop_event_handle);
report_status(SERVICE_STOP_PENDING, NO_ERROR, 1, SHUTDOWN_TIMEOUT);
fb_shutdown(SHUTDOWN_TIMEOUT, fb_shutrsn_svc_stopped);
report_status(SERVICE_STOPPED, last_error, 0, 0);
}
// allow different users to read\write\delete files in lock directory
// in case of any error just log it and don't stop engine execution
void adjustLockDirectoryAccess(const char* pathname)
{
PSECURITY_DESCRIPTOR pSecDesc = NULL;
PSID pSID_Users = NULL;
PSID pSID_Administrators = NULL;
PACL pNewACL = NULL;
try
{
// We should pass root directory in format "C:\" into GetVolumeInformation().
// In case of pathname is not local folder (i.e. \\share\folder) let
// GetVolumeInformation() return an error.
Firebird::PathName root(pathname);
const Firebird::PathName::size_type pos = root.find(':', 0);
if (pos == 1)
{
root.erase(pos + 1, root.length());
PathUtils::ensureSeparator(root);
}
DWORD fsflags;
if (!GetVolumeInformation(root.c_str(), NULL, 0, NULL, NULL, &fsflags, NULL, 0))
Firebird::system_error::raise("GetVolumeInformation");
if (!(fsflags & FS_PERSISTENT_ACLS))
return;
// Adjust security for our new folder : allow BUILTIN\Users group to
// read\write\delete files
PACL pOldACL = NULL;
if (GetNamedSecurityInfo((LPSTR) pathname,
SE_FILE_OBJECT, DACL_SECURITY_INFORMATION,
NULL, NULL, &pOldACL, NULL,
&pSecDesc) != ERROR_SUCCESS)
{
Firebird::system_error::raise("GetNamedSecurityInfo");
}
SID_IDENTIFIER_AUTHORITY sidAuth = SECURITY_NT_AUTHORITY;
if (!AllocateAndInitializeSid(&sidAuth, 2, SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_USERS, 0, 0, 0, 0, 0, 0, &pSID_Users))
{
Firebird::system_error::raise("AllocateAndInitializeSid");
}
if (!AllocateAndInitializeSid(&sidAuth, 2, SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &pSID_Administrators))
{
Firebird::system_error::raise("AllocateAndInitializeSid");
}
EXPLICIT_ACCESS eas[2];
memset(eas, 0, sizeof(eas));
eas[0].grfAccessPermissions = FILE_GENERIC_READ | FILE_GENERIC_WRITE | DELETE;
eas[0].grfAccessMode = GRANT_ACCESS;
eas[0].grfInheritance = SUB_OBJECTS_ONLY_INHERIT;
eas[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
eas[0].Trustee.TrusteeType = TRUSTEE_IS_GROUP;
eas[0].Trustee.ptstrName = (LPSTR) pSID_Users;
eas[1].grfAccessPermissions = FILE_GENERIC_READ | FILE_GENERIC_WRITE | DELETE;
eas[1].grfAccessMode = GRANT_ACCESS;
eas[1].grfInheritance = SUB_OBJECTS_ONLY_INHERIT;
eas[1].Trustee.TrusteeForm = TRUSTEE_IS_SID;
eas[1].Trustee.TrusteeType = TRUSTEE_IS_GROUP;
eas[1].Trustee.ptstrName = (LPSTR) pSID_Administrators;
if (SetEntriesInAcl(2, eas, pOldACL, &pNewACL) != ERROR_SUCCESS)
Firebird::system_error::raise("SetEntriesInAcl");
if (SetNamedSecurityInfo((LPSTR) pathname,
SE_FILE_OBJECT, DACL_SECURITY_INFORMATION,
NULL, NULL, pNewACL, NULL) != ERROR_SUCCESS)
{
Firebird::system_error::raise("SetNamedSecurityInfo");
}
}
catch (const Firebird::Exception& ex)
{
Firebird::string str;
str.printf("Error adjusting access rights for folder \"%s\" :", pathname);
iscLogException(str.c_str(), ex);
}
if (pSID_Users) {
FreeSid(pSID_Users);
}
if (pSID_Administrators) {
FreeSid(pSID_Administrators);
}
if (pNewACL) {
LocalFree(pNewACL);
}
if (pSecDesc) {
LocalFree(pSecDesc);
}
}
int CLIB_ROUTINE main( int argc, char** argv)
{
/**************************************
*
* m a i n
*
**************************************
*
* Functional description
* Run the server with apollo mailboxes.
*
**************************************/
try
{
RemPortPtr port;
// We should support 3 modes:
// 1. Standalone single-process listener (like SS).
// 2. Standalone listener, forking on each packet accepted (look -s switch in CS).
// 3. Process spawned by (x)inetd (like CS).
bool classic = false;
bool standaloneClassic = false;
bool super = false;
// It's very easy to detect that we are spawned - just check fd 0 to be a socket.
const int channel = 0;
struct stat stat0;
if (fstat(channel, &stat0) == 0 && S_ISSOCK(stat0.st_mode))
{
// classic server mode
classic = true;
}
const TEXT* const* const end = argc + argv;
argv++;
bool debug = false;
USHORT INET_SERVER_flag = 0;
protocol[0] = 0;
bool done = false;
while (argv < end)
{
TEXT c;
const TEXT* p = *argv++;
if (*p++ == '-')
{
while (c = *p++)
{
switch (UPPER(c))
{
case 'D':
debug = true;
break;
case 'E':
if (argv < end)
{
if (ISC_set_prefix(p, *argv) == -1)
printf("Invalid argument Ignored\n");
else
argv++; // do not skip next argument if this one is invalid
}
else
{
printf("Missing argument, switch -E ignored\n");
}
done = true;
break;
case 'P':
if (argv < end)
{
if (!classic)
{
fb_utils::snprintf(protocol, sizeof(protocol), "/%s", *argv++);
}
else
{
gds__log("Switch -P ignored in CS mode\n");
}
}
else
{
printf("Missing argument, switch -P ignored\n");
}
break;
case 'H':
case '?':
printf("Firebird TCP/IP server options are:\n");
printf(" -d : debug on\n");
printf(" -p <port> : specify port to listen on\n");
printf(" -z : print version and exit\n");
printf(" -h|? : print this help\n");
printf("\n");
printf(" (The following -e options used to be -h options)\n");
printf(" -e <firebird_root_dir> : set firebird_root path\n");
printf(" -el <firebird_lock_dir> : set runtime firebird_lock dir\n");
printf(" -em <firebird_msg_dir> : set firebird_msg dir path\n");
exit(FINI_OK);
case 'Z':
printf("Firebird TCP/IP server version %s\n", FB_VERSION);
exit(FINI_OK);
default:
printf("Unknown switch '%c', ignored\n", c);
break;
}
if (done)
break;
}
}
}
if (Config::getServerMode() == MODE_CLASSIC)
{
if (!classic)
standaloneClassic = true;
}
else
{
if (classic)
{
gds__log("Server misconfigured - to start it from (x)inetd add ServerMode=Classic to firebird.conf");
Firebird::Syslog::Record(Firebird::Syslog::Error, "Server misconfigured - add ServerMode=Classic to firebird.conf");
exit(STARTUP_ERROR);
}
INET_SERVER_flag |= SRVR_multi_client;
super = true;
}
{ // scope
Firebird::MasterInterfacePtr master;
master->serverMode(super ? 1 : 0);
}
if (debug)
{
INET_SERVER_flag |= SRVR_debug;
}
// activate paths set with -e family of switches
ISC_set_prefix(0, 0);
// ignore some signals
set_signal(SIGPIPE, signal_handler);
set_signal(SIGUSR1, signal_handler);
set_signal(SIGUSR2, signal_handler);
// First of all change directory to tmp
if (chdir(TEMP_DIR))
{
// error on changing the directory
gds__log("Could not change directory to %s due to errno %d", TEMP_DIR, errno);
}
#ifdef FB_RAISE_LIMITS
#ifdef RLIMIT_NPROC
raiseLimit(RLIMIT_NPROC);
#endif
#if !(defined(DEV_BUILD))
if (Config::getBugcheckAbort())
#endif
{
// try to force core files creation
raiseLimit(RLIMIT_CORE);
}
#if (defined SOLARIS || defined HPUX || defined LINUX)
if (super)
{
// Increase max open files to hard limit for Unix
// platforms which are known to have low soft limits.
raiseLimit(RLIMIT_NOFILE);
}
#endif // Unix platforms
#endif // FB_RAISE_LIMITS
#ifdef HAVE_LOCALE_H
// Pick up the system locale to allow SYSTEM<->UTF8 conversions inside the engine
setlocale(LC_CTYPE, "");
#endif
if (!(debug || classic))
{
int mask = 0; // FD_ZERO(&mask);
mask |= 1 << 2; // FD_SET(2, &mask);
divorce_terminal(mask);
}
// check firebird.conf presence - must be for server
if (Config::missFirebirdConf())
{
Firebird::Syslog::Record(Firebird::Syslog::Error, "Missing master config file firebird.conf");
exit(STARTUP_ERROR);
}
if (super || standaloneClassic)
{
try
{
port = INET_connect(protocol, 0, INET_SERVER_flag, 0, NULL);
}
catch (const Firebird::Exception& ex)
{
iscLogException("startup:INET_connect:", ex);
Firebird::StaticStatusVector st;
ex.stuffException(st);
gds__print_status(st.begin());
exit(STARTUP_ERROR);
}
}
if (classic)
{
port = INET_server(channel);
if (!port)
{
gds__log("Unable to start INET_server");
Firebird::Syslog::Record(Firebird::Syslog::Error, "Unable to start INET_server");
exit(STARTUP_ERROR);
}
}
{ // scope for interface ptr
Firebird::PluginManagerInterfacePtr pi;
Auth::registerSrpServer(pi);
}
if (super)
{
// Server tries to attach to security2.fdb to make sure everything is OK
// This code fixes bug# 8429 + all other bug of that kind - from
// now on the server exits if it cannot attach to the database
// (wrong or no license, not enough memory, etc.
ISC_STATUS_ARRAY status;
isc_db_handle db_handle = 0L;
const Firebird::RefPtr<Config> defConf(Config::getDefaultConfig());
const char* path = defConf->getSecurityDatabase();
const char dpb[] = {isc_dpb_version1, isc_dpb_sec_attach, 1, 1, isc_dpb_address_path, 0};
isc_attach_database(status, strlen(path), path, &db_handle, sizeof dpb, dpb);
if (status[0] == 1 && status[1] > 0)
{
logSecurityDatabaseError(path, status);
}
isc_detach_database(status, &db_handle);
if (status[0] == 1 && status[1] > 0)
{
logSecurityDatabaseError(path, status);
}
} // end scope
fb_shutdown_callback(NULL, closePort, fb_shut_exit, port);
SRVR_multi_thread(port, INET_SERVER_flag);
#ifdef DEBUG_GDS_ALLOC
// In Debug mode - this will report all server-side memory leaks due to remote access
Firebird::PathName name = fb_utils::getPrefix(
Firebird::IConfigManager::DIR_LOG, "memdebug.log");
FILE* file = os_utils::fopen(name.c_str(), "w+t");
if (file)
{
fprintf(file, "Global memory pool allocated objects\n");
getDefaultMemoryPool()->print_contents(file);
fclose(file);
}
#endif
// perform atexit shutdown here when all globals in embedded library are active
// also sync with possibly already running shutdown in dedicated thread
fb_shutdown(10000, fb_shutrsn_exit_called);
return FINI_OK;
}
catch (const Firebird::Exception& ex)
{
Firebird::StaticStatusVector st;
ex.stuffException(st);
char s[100];
const ISC_STATUS* status = st.begin();
fb_interpret(s, sizeof(s), &status);
iscLogException("Firebird startup error:", ex);
Firebird::Syslog::Record(Firebird::Syslog::Error, "Firebird startup error");
Firebird::Syslog::Record(Firebird::Syslog::Error, s);
exit(STARTUP_ERROR);
}
}
void WINAPI CNTL_main_thread( DWORD /*argc*/, char* /*argv*/[])
{
/**************************************
*
* C N T L _ m a i n _ t h r e a d
*
**************************************
*
* Functional description
*
**************************************/
service_handle = RegisterServiceCtrlHandler(service_name->c_str(), control_thread);
if (!service_handle)
return;
// start everything, and wait here for ever, or at
// least until we get the stop event indicating that
// the service is stoping.
bool failure = true;
DWORD temp = 0;
if (report_status(SERVICE_START_PENDING, NO_ERROR, 1, 3000) &&
(stop_event_handle = CreateEvent(NULL, TRUE, FALSE, NULL)) != NULL &&
report_status(SERVICE_START_PENDING, NO_ERROR, 2, 3000))
{
try
{
Thread::start(main_handler, NULL, THREAD_medium);
if (report_status(SERVICE_RUNNING, NO_ERROR, 0, 0))
{
failure = false;
temp = WaitForSingleObject(stop_event_handle, INFINITE);
}
}
catch (const Firebird::Exception& ex)
{
iscLogException("CNTL: cannot start service handler thread", ex);
}
}
DWORD last_error = 0;
if (failure || temp == WAIT_FAILED)
last_error = GetLastError();
if (stop_event_handle)
CloseHandle(stop_event_handle);
// Once we are stopped, we will tell the server to
// do the same. We could not do this in the control_thread
// since the Services Control Manager is single threaded,
// and thus can only process one request at the time.
SERVICE_STATUS status_info;
SC_HANDLE hScManager = 0, hService = 0;
hScManager = OpenSCManager(NULL, NULL, GENERIC_READ);
hService = OpenService(hScManager, remote_name->c_str(), GENERIC_READ | GENERIC_EXECUTE);
ControlService(hService, SERVICE_CONTROL_STOP, &status_info);
CloseServiceHandle(hScManager);
CloseServiceHandle(hService);
report_status(SERVICE_STOPPED, last_error, 0, 0);
}
void CryptoManager::cryptThread()
{
ISC_STATUS_ARRAY status_vector;
try
{
// Try to take crypt mutex
// If can't take that mutex - nothing to do, cryptThread already runs in our process
MutexEnsureUnlock guard(cryptThreadMtx, FB_FUNCTION);
if (!guard.tryEnter())
{
return;
}
// establish context
UserId user;
user.usr_user_name = "(Crypt thread)";
Jrd::Attachment* const attachment = Jrd::Attachment::create(&dbb);
RefPtr<SysAttachment> jAtt(new SysAttachment(attachment));
attachment->att_interface = jAtt;
attachment->att_filename = dbb.dbb_filename;
attachment->att_user = &user;
BackgroundContextHolder tdbb(&dbb, attachment, status_vector, FB_FUNCTION);
tdbb->tdbb_quantum = SWEEP_QUANTUM;
ULONG lastPage = getLastPage(tdbb);
ULONG runpage = 1;
Stack<ULONG> pages;
// Take exclusive threadLock
// If can't take that lock - nothing to do, cryptThread already runs somewhere
if (!LCK_lock(tdbb, threadLock, LCK_EX, LCK_NO_WAIT))
{
return;
}
bool lckRelease = false;
try
{
do
{
// Check is there some job to do
while ((runpage = currentPage.exchangeAdd(+1)) < lastPage)
{
// forced terminate
if (down)
{
break;
}
// nbackup state check
if (dbb.dbb_backup_manager && dbb.dbb_backup_manager->getState() != nbak_state_normal)
{
if (currentPage.exchangeAdd(-1) >= lastPage)
{
// currentPage was set to last page by thread, closing database
break;
}
THD_sleep(100);
continue;
}
// scheduling
if (--tdbb->tdbb_quantum < 0)
{
JRD_reschedule(tdbb, SWEEP_QUANTUM, true);
}
// writing page to disk will change it's crypt status in usual way
WIN window(DB_PAGE_SPACE, runpage);
Ods::pag* page = CCH_FETCH(tdbb, &window, LCK_write, pag_undefined);
if (page && page->pag_type <= pag_max &&
(bool(page->pag_flags & Ods::crypted_page) != crypt) &&
Ods::pag_crypt_page[page->pag_type])
{
CCH_MARK(tdbb, &window);
pages.push(runpage);
}
CCH_RELEASE_TAIL(tdbb, &window);
// sometimes save currentPage into DB header
++runpage;
if ((runpage & 0x3FF) == 0)
{
writeDbHeader(tdbb, runpage, pages);
}
}
// At this moment of time all pages with number < lastpage
// are guaranteed to change crypt state. Check for added pages.
lastPage = getLastPage(tdbb);
// forced terminate
if (down)
{
break;
}
} while (runpage < lastPage);
// Finalize crypt
if (!down)
{
writeDbHeader(tdbb, 0, pages);
}
// Release exclusive lock on StartCryptThread
lckRelease = true;
LCK_release(tdbb, threadLock);
}
catch (const Exception&)
{
try
{
if (!lckRelease)
{
// try to save current state of crypt thread
if (!down)
{
writeDbHeader(tdbb, runpage, pages);
}
// Release exclusive lock on StartCryptThread
LCK_release(tdbb, threadLock);
}
}
catch (const Exception&)
{ }
throw;
}
}
catch (const Exception& ex)
{
// Error during context creation - we can't even release lock
iscLogException("Crypt thread:", ex);
}
}
