diff options
Diffstat (limited to 'sapi')
| -rw-r--r-- | sapi/fpm/fpm/fastcgi.c | 4 | ||||
| -rw-r--r-- | sapi/fpm/fpm/fpm_conf.c | 3 | ||||
| -rw-r--r-- | sapi/fpm/fpm/fpm_sockets.c | 13 | ||||
| -rw-r--r-- | sapi/fpm/fpm/fpm_stdio.c | 40 | ||||
| -rw-r--r-- | sapi/fpm/fpm/fpm_unix.c | 2 | ||||
| -rw-r--r-- | sapi/fpm/tests/014.phpt | 54 | ||||
| -rw-r--r-- | sapi/fpm/tests/015.phpt | 87 |
7 files changed, 184 insertions, 19 deletions
diff --git a/sapi/fpm/fpm/fastcgi.c b/sapi/fpm/fpm/fastcgi.c index 432182ec2b..3473f4b175 100644 --- a/sapi/fpm/fpm/fastcgi.c +++ b/sapi/fpm/fpm/fastcgi.c @@ -280,6 +280,10 @@ void fcgi_set_allowed_clients(char *ip) } allowed_clients[n].sa.sa_family = 0; free(ip); + if (!n) { + zlog(ZLOG_ERROR, "There are no allowed addresses for this pool"); + /* don't clear allowed_clients as it will create an "open for all" security issue */ + } } } diff --git a/sapi/fpm/fpm/fpm_conf.c b/sapi/fpm/fpm/fpm_conf.c index 18ddccb300..1ee0169698 100644 --- a/sapi/fpm/fpm/fpm_conf.c +++ b/sapi/fpm/fpm/fpm_conf.c @@ -819,7 +819,7 @@ static int fpm_conf_process_all_pools() /* {{{ */ if (config->pm_start_servers <= 0) { config->pm_start_servers = config->pm_min_spare_servers + ((config->pm_max_spare_servers - config->pm_min_spare_servers) / 2); - zlog(ZLOG_WARNING, "[pool %s] pm.start_servers is not set. It's been set to %d.", wp->config->name, config->pm_start_servers); + zlog(ZLOG_NOTICE, "[pool %s] pm.start_servers is not set. It's been set to %d.", wp->config->name, config->pm_start_servers); } else if (config->pm_start_servers < config->pm_min_spare_servers || config->pm_start_servers > config->pm_max_spare_servers) { zlog(ZLOG_ALERT, "[pool %s] pm.start_servers(%d) must not be less than pm.min_spare_servers(%d) and not greater than pm.max_spare_servers(%d)", wp->config->name, config->pm_start_servers, config->pm_min_spare_servers, config->pm_max_spare_servers); @@ -1159,6 +1159,7 @@ static int fpm_conf_post_process(int force_daemon TSRMLS_DC) /* {{{ */ } fpm_globals.log_level = fpm_global_config.log_level; + zlog_set_level(fpm_globals.log_level); if (fpm_global_config.process_max < 0) { zlog(ZLOG_ERROR, "process_max can't be negative"); diff --git a/sapi/fpm/fpm/fpm_sockets.c b/sapi/fpm/fpm/fpm_sockets.c index 9d9def35c7..0286f0eee8 100644 --- a/sapi/fpm/fpm/fpm_sockets.c +++ b/sapi/fpm/fpm/fpm_sockets.c @@ -255,6 +255,7 @@ static int fpm_socket_af_inet_listening_socket(struct fpm_worker_pool_s *wp) /* char *dup_address = strdup(wp->config->listen_address); char *port_str = strrchr(dup_address, ':'); char *addr = NULL; + char tmpbuf[INET6_ADDRSTRLEN]; int addr_len; int port = 0; int sock = -1; @@ -302,14 +303,18 @@ static int fpm_socket_af_inet_listening_socket(struct fpm_worker_pool_s *wp) /* return -1; } - free(dup_address); - for (p = servinfo; p != NULL; p = p->ai_next) { - if ((sock = fpm_sockets_get_listening_socket(wp, p->ai_addr, p->ai_addrlen)) != -1) { - break; + inet_ntop(p->ai_family, fpm_get_in_addr(p->ai_addr), tmpbuf, INET6_ADDRSTRLEN); + if (sock < 0) { + if ((sock = fpm_sockets_get_listening_socket(wp, p->ai_addr, p->ai_addrlen)) != -1) { + zlog(ZLOG_DEBUG, "Found address for %s, socket opened on %s", dup_address, tmpbuf); + } + } else { + zlog(ZLOG_WARNING, "Found multiple addresses for %s, %s ignored", dup_address, tmpbuf); } } + free(dup_address); freeaddrinfo(servinfo); return sock; diff --git a/sapi/fpm/fpm/fpm_stdio.c b/sapi/fpm/fpm/fpm_stdio.c index fcec78435b..e28c0cbe7f 100644 --- a/sapi/fpm/fpm/fpm_stdio.c +++ b/sapi/fpm/fpm/fpm_stdio.c @@ -42,9 +42,28 @@ int fpm_stdio_init_main() /* {{{ */ } /* }}} */ +static inline int fpm_use_error_log() { /* {{{ */ + /* + * the error_log is NOT used when running in foreground + * and from a tty (user looking at output). + * So, error_log is used by + * - SysV init launch php-fpm as a daemon + * - Systemd launch php-fpm in foreground + */ +#if HAVE_UNISTD_H + if (fpm_global_config.daemonize || (!isatty(STDERR_FILENO) && !fpm_globals.force_stderr)) { +#else + if (fpm_global_config.daemonize) { +#endif + return 1; + } + return 0; +} + +/* }}} */ int fpm_stdio_init_final() /* {{{ */ { - if (fpm_global_config.daemonize) { + if (fpm_use_error_log()) { /* prevent duping if logging to syslog */ if (fpm_globals.error_log_fd > 0 && fpm_globals.error_log_fd != STDERR_FILENO) { @@ -67,6 +86,11 @@ int fpm_stdio_init_child(struct fpm_worker_pool_s *wp) /* {{{ */ closelog(); /* ensure to close syslog not to interrupt with PHP syslog code */ } else #endif + + /* Notice: child cannot use master error_log + * because not aware when being reopen + * else, should use if (!fpm_use_error_log()) + */ if (fpm_globals.error_log_fd > 0) { close(fpm_globals.error_log_fd); } @@ -268,11 +292,7 @@ int fpm_stdio_open_error_log(int reopen) /* {{{ */ if (!strcasecmp(fpm_global_config.error_log, "syslog")) { openlog(fpm_global_config.syslog_ident, LOG_PID | LOG_CONS, fpm_global_config.syslog_facility); fpm_globals.error_log_fd = ZLOG_SYSLOG; -#if HAVE_UNISTD_H - if (fpm_global_config.daemonize || (!isatty(STDERR_FILENO) && !fpm_globals.force_stderr)) { -#else - if (fpm_global_config.daemonize) { -#endif + if (fpm_use_error_log()) { zlog_set_fd(fpm_globals.error_log_fd); } return 0; @@ -286,7 +306,7 @@ int fpm_stdio_open_error_log(int reopen) /* {{{ */ } if (reopen) { - if (fpm_global_config.daemonize) { + if (fpm_use_error_log()) { dup2(fd, STDERR_FILENO); } @@ -295,11 +315,7 @@ int fpm_stdio_open_error_log(int reopen) /* {{{ */ fd = fpm_globals.error_log_fd; /* for FD_CLOSEXEC to work */ } else { fpm_globals.error_log_fd = fd; -#if HAVE_UNISTD_H - if (fpm_global_config.daemonize || (!isatty(STDERR_FILENO) && !fpm_globals.force_stderr)) { -#else - if (fpm_global_config.daemonize) { -#endif + if (fpm_use_error_log()) { zlog_set_fd(fpm_globals.error_log_fd); } } diff --git a/sapi/fpm/fpm/fpm_unix.c b/sapi/fpm/fpm/fpm_unix.c index c29e28f886..32448fc4d5 100644 --- a/sapi/fpm/fpm/fpm_unix.c +++ b/sapi/fpm/fpm/fpm_unix.c @@ -266,8 +266,6 @@ int fpm_unix_init_main() /* {{{ */ struct fpm_worker_pool_s *wp; int is_root = !geteuid(); - zlog_set_level(fpm_globals.log_level); - if (fpm_global_config.rlimit_files) { struct rlimit r; diff --git a/sapi/fpm/tests/014.phpt b/sapi/fpm/tests/014.phpt new file mode 100644 index 0000000000..ee0e549cc5 --- /dev/null +++ b/sapi/fpm/tests/014.phpt @@ -0,0 +1,54 @@ +--TEST-- +FPM: Test for pm.start_servers default calculation message being a notice and not a warning #68458 +--SKIPIF-- +<?php include "skipif.inc"; ?> +--FILE-- +<?php + +include "include.inc"; + +$logfile = dirname(__FILE__).'/php-fpm.log.tmp'; +$port = 9000+PHP_INT_SIZE; + +$cfg = <<<EOT +[global] +error_log = $logfile +log_level = warning +[unconfined] +listen = 127.0.0.1:$port +user = foo +pm = dynamic +pm.max_children = 5 +;pm.start_servers = 2 +pm.min_spare_servers = 1 +pm.max_spare_servers = 3 +EOT; + +$fpm = run_fpm($cfg, $tail); +if (is_resource($fpm)) { + $i = 0; + while (($i++ < 30) && !($fp = @fsockopen('127.0.0.1', $port))) { + usleep(10000); + } + if ($fp) { + echo "Started\n"; + fclose($fp); + } + proc_terminate($fpm); + if (!feof($tail)) { + echo stream_get_contents($tail); + } + fclose($tail); + proc_close($fpm); +} + +?> +Done +--EXPECTF-- +Started +Done +--CLEAN-- +<?php + $logfile = dirname(__FILE__).'/php-fpm.log.tmp'; + @unlink($logfile); +?>
\ No newline at end of file diff --git a/sapi/fpm/tests/015.phpt b/sapi/fpm/tests/015.phpt new file mode 100644 index 0000000000..fba333e256 --- /dev/null +++ b/sapi/fpm/tests/015.phpt @@ -0,0 +1,87 @@ +--TEST-- +FPM: Test various messages on start, from master and childs +--SKIPIF-- +<?php include "skipif.inc"; ?> +--FILE-- +<?php + +include "include.inc"; + +$logfile = dirname(__FILE__).'/php-fpm.log.tmp'; +$port1 = 9000+PHP_INT_SIZE; +$port2 = 9001+PHP_INT_SIZE; + +$cfg = <<<EOT +[global] +error_log = $logfile +log_level = notice +[pool1] +listen = 127.0.0.1:$port1 +listen.allowed_clients=127.0.0.1 +user = foo +pm = dynamic +pm.max_children = 5 +pm.min_spare_servers = 1 +pm.max_spare_servers = 3 +catch_workers_output = yes +[pool2] +listen = 127.0.0.1:$port2 +listen.allowed_clients=xxx +pm = dynamic +pm.max_children = 5 +pm.start_servers = 1 +pm.min_spare_servers = 1 +pm.max_spare_servers = 3 +catch_workers_output = yes +EOT; + +$fpm = run_fpm($cfg, $tail); +if (is_resource($fpm)) { + $i = 0; + while (($i++ < 30) && !($fp = @fsockopen('127.0.0.1', $port1))) { + usleep(10000); + } + if ($fp) { + echo "Started\n"; + fclose($fp); + } + for ($i=0 ; $i<10 ; $i++) { + try { + run_request('127.0.0.1', $port1); + } catch (Exception $e) { + echo "Error 1\n"; + } + } + try { + run_request('127.0.0.1', $port2); + } catch (Exception $e) { + echo "Error 2\n"; + } + proc_terminate($fpm); + if (!feof($tail)) { + echo stream_get_contents($tail); + } + fclose($tail); + proc_close($fpm); +} + +?> +Done +--EXPECTF-- +Started +Error 2 +[%s] NOTICE: [pool pool1] pm.start_servers is not set. It's been set to 2. +[%s] NOTICE: [pool pool1] 'user' directive is ignored when FPM is not running as root +[%s] NOTICE: fpm is running, pid %d +[%s] NOTICE: ready to handle connections +[%s] WARNING: [pool pool2] child %d said into stderr: "ERROR: Wrong IP address 'xxx' in listen.allowed_clients" +[%s] WARNING: [pool pool2] child %d said into stderr: "ERROR: There are no allowed addresses for this pool" +[%s] WARNING: [pool pool2] child %d said into stderr: "ERROR: Connection disallowed: IP address '127.0.0.1' has been dropped." +[%s] NOTICE: Terminating ... +[%s] NOTICE: exiting, bye-bye! +Done +--CLEAN-- +<?php + $logfile = dirname(__FILE__).'/php-fpm.log.tmp'; + @unlink($logfile); +?>
\ No newline at end of file |