hydra/src/boa.c

/*
 *  Boa, an http server
 *  Copyright (C) 1995 Paul Phillips <paulp@go2net.com>
 *  Some changes Copyright (C) 1996 Charles F. Randall <crandall@goldsys.com>
 *  Some changes Copyright (C) 1996 Larry Doolittle <ldoolitt@boa.org>
 *  Some changes Copyright (C) 1996-2002 Jon Nelson <jnelson@boa.org>
 *  Portions Copyright (C) 2002 Nikos Mavroyanopoulos <nmav@gnutls.org>
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 1, or (at your option)
 *  any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 *
 */

/* $Id: boa.c,v 1.3 2002/09/23 19:28:41 nmav Exp $*/

#include "boa.h"
#include "ssl.h"
#include <sys/resource.h>
#ifdef ENABLE_SMP
# include <pthread.h>

pthread_t father_id;

#endif

extern int ssl_params_refresh;

/* globals */
int backlog = SO_MAXCONN;
time_t start_time;

time_t current_time;


/* static to boa.c */
static void fixup_server_root(void);
static socket_type create_server_socket( int port, int);
static void drop_privs(void);
static server_params *smp_init(socket_type server_s[2]);
static int sock_opt = 1;
static int do_fork = 1;
int devnullfd = -1;

int main(int argc, char **argv)
{
    int c;                      /* command line arg */
    socket_type server_s[2] = {{ -1, 0, 0, 0}, { -1, -1, 0, 0 }};   /* boa socket */
    server_params *params;

    /* set umask to u+rw, u-x, go-rwx */
    c = umask(~0600);
    if (c == -1) {
        perror("umask");
        exit(1);
    }

    devnullfd = open("/dev/null", 0);

    /* make STDIN and STDOUT point to /dev/null */
    if (devnullfd == -1) {
        DIE("can't open /dev/null");
    }

    if (dup2(devnullfd, STDIN_FILENO) == -1) {
        DIE("can't dup2 /dev/null to STDIN_FILENO");
    }

    if (dup2(devnullfd, STDOUT_FILENO) == -1) {
        DIE("can't dup2 /dev/null to STDOUT_FILENO");
    }

    /* but first, update timestamp, because log_error_time uses it */
    (void) time(&current_time);

    while ((c = getopt(argc, argv, "c:r:d")) != -1) {
        switch (c) {
        case 'c':
            if (server_root)
                free(server_root);
            server_root = strdup(optarg);
            if (!server_root) {
                perror("strdup (for server_root)");
                exit(1);
            }
            break;
        case 'r':
            if (chdir(optarg) == -1) {
                log_error_time();
                perror("chdir (to chroot)");
                exit(1);
            }
            if (chroot(optarg) == -1) {
                log_error_time();
                perror("chroot");
                exit(1);
            }
            if (chdir("/") == -1) {
                log_error_time();
                perror("chdir (after chroot)");
                exit(1);
            }
            break;
        case 'd':
            do_fork = 0;
            break;
        default:
            fprintf(stderr, "Usage: %s [-c serverroot] [-r chroot] [-d]\n", argv[0]);
            exit(1);
        }
    }

    fixup_server_root();
    read_config_files();
    open_logs();

    if ((boa_ssl >= 2 || boa_ssl == 0) && server_port > 0) {
        server_s[0] = create_server_socket( server_port, 0);
    }

    if (boa_ssl != 0 && ssl_port > 0) {
        server_s[1] = create_server_socket( ssl_port, 1);
    }

    if (server_s[1].socket == -1 && server_s[0].socket == -1) {
        log_error_time();
        fprintf(stderr, "Could not initialize sockets\n");
        exit(1);
    }

    init_signals();
    drop_privs();
    create_common_env();
    build_needs_escape();

    if (boa_ssl) {
            initialize_ssl();
    }

    if (max_connections < 1) {
        struct rlimit rl;

        /* has not been set explicitly */
        c = getrlimit(RLIMIT_NOFILE, &rl);
        if (c < 0) {
            perror("getrlimit");
            exit(1);
        }
        max_connections = rl.rlim_cur;
    }

    /* background ourself */
    if (do_fork) {
        switch(fork()) {
        case -1:
            /* error */
            perror("fork");
            exit(1);
            break;
        case 0:
            /* child, success */
            break;
        default:
            /* parent, success */
            exit(0);
            break;
        }
    }

    /* main loop */
    timestamp();

    start_time = current_time;

    /* Blocks signals that are not supposed to be catched
     * by the children.
     */
    block_main_signals();

    /* spawn the children pool
     */
    params = smp_init( server_s);
    
    /* unblock signals for daddy
     */
    unblock_main_signals();

    /* regenerate parameters in that time interval 
     */
    if (boa_ssl) {
       if (ssl_params_refresh < DEFAULT_SSL_PARAMS_REFRESH) {
          log_error_time();
          fprintf(stderr, "SSL parameters will be refreshed every %d minutes\n",
             DEFAULT_SSL_PARAMS_REFRESH/60);
          ssl_params_refresh = DEFAULT_SSL_PARAMS_REFRESH;
       }
       alarm( ssl_params_refresh);
    }

    select_loop( params);

    return 0;
}

server_params *global_server_params;
int global_server_params_size;

extern int server_max_threads;

/* This function will return a server_params pointer. This
 * pointer is to be used as a pointer to the select loop.
 */
static server_params* smp_init( socket_type server_s[2]) 
{
int i;
server_params *params;

#ifdef ENABLE_SMP
    pthread_t tid;
    int max_threads = server_max_threads;

    father_id = pthread_self();
#else
    const int max_threads = 1;
#endif

    params = malloc( sizeof(server_params) * max_threads);
    if (params == NULL) {
      log_error_time();
      fprintf(stderr, 
              "Could not allocate memory.\n");
      exit(1);
    }
        
    for (i=0;i<max_threads;i++) {
       params[i].server_s[0] = server_s[0];
       params[i].server_s[1] = server_s[1];
       params[i].request_ready = NULL;
       params[i].request_block = NULL;
       params[i].request_free = NULL;
       
       /* for signal handling */
       params[i].sighup_flag = 0;
       params[i].sigchld_flag = 0;
       params[i].sigalrm_flag = 0;
       params[i].sigusr1_flag = 0;
       params[i].sigterm_flag = 0;
       
       params[i].sockbufsize = SOCKETBUF_SIZE;

       params[i].status.requests = 0;
       params[i].status.errors = 0;

       params[i].total_connections = 0;
       params[i].max_fd = 0;
       
       params[i].handle_sigbus = 0;
    }

#ifdef ENABLE_SMP
    params[0].tid = father_id;

    for( i=1;i<max_threads;i++) {
      if (pthread_create( &tid, NULL, &select_loop, &params[i]) != 0)
      {
         log_error_time();
         fprintf(stderr, 
              "Could not dispatch threads.\n");
         exit(1);
      }
      params[i].tid = tid;
    }
#endif

    if (max_threads > 1) {
      log_error_time();
      fprintf(stderr, 
              "Generated pool of %d threads.\n", max_threads);
    }

    global_server_params_size = max_threads;
    global_server_params = params;

    return &params[0];
}

void smp_reinit()
{
#ifdef ENABLE_SMP
   int i;
   server_params *params = global_server_params;
   int max_threads = server_max_threads;
#else
   int max_threads = 1;
#endif

   if (global_server_params_size < max_threads) {
       log_error_time();
       fprintf(stderr, 
              "Cannot increase threads on runtime.\n");
       max_threads = global_server_params_size;
   }
        
#ifdef ENABLE_SMP
   for( i=1;i<max_threads;i++) {
      pthread_t tid;
      if (pthread_create( &tid, NULL, &select_loop, &params[i]) != 0)
      {
         log_error_time();
         fprintf(stderr, 
              "Could not dispatch threads.\n");
         exit(1);
      }
      params[i].tid = tid;
   }
#endif

   if (max_threads > 0) {
      log_error_time();
      fprintf(stderr, 
              "Regenerated a pool of %d threads.\n", max_threads);
   }    

   return;
}


static socket_type create_server_socket( int port, int secure)
{
    socket_type server_s;

    server_s.secure = secure;
    server_s.port = port;

    server_s.socket = socket(SERVER_AF, SOCK_STREAM, IPPROTO_TCP);
    if (server_s.socket == -1) {
        DIE("unable to create socket");
    }

    /* server socket is nonblocking */
    if (set_nonblock_fd(server_s.socket) == -1) {
        DIE("fcntl: unable to set server socket to nonblocking");
    }

    /* close server socket on exec so cgi's can't write to it */
    if (fcntl(server_s.socket, F_SETFD, 1) == -1) {
        DIE("can't set close-on-exec on server socket!");
    }

    /* reuse socket addr */
    if ((setsockopt(server_s.socket, SOL_SOCKET, SO_REUSEADDR, (void *) &sock_opt,
                    sizeof (sock_opt))) == -1) {
        DIE("setsockopt");
    }

    /* internet family-specific code encapsulated in bind_server()  */
    if (bind_server(server_s.socket, server_ip, port) == -1) {
        DIE("unable to bind");
    }

    /* listen: large number just in case your kernel is nicely tweaked */
    if (listen(server_s.socket, backlog) == -1) {
        DIE("unable to listen");
    }
    return server_s;
}

static void drop_privs(void)
{
    /* give away our privs if we can */
    if (getuid() == 0) {
        struct passwd *passwdbuf;
        passwdbuf = getpwuid(server_uid);
        if (passwdbuf == NULL) {
            DIE("getpwuid");
        }
        if (initgroups(passwdbuf->pw_name, passwdbuf->pw_gid) == -1) {
            DIE("initgroups");
        }
        if (setgid(server_gid) == -1) {
            DIE("setgid");
        }
        if (setuid(server_uid) == -1) {
            DIE("setuid");
        }
        /* test for failed-but-return-was-successful setuid
         * http://www.securityportal.com/list-archive/bugtraq/2000/Jun/0101.html
         */
        if (setuid(0) != -1) {
            DIE("icky Linux kernel bug!");
        }
    } else {
        if (server_gid || server_uid) {
            log_error_time();
            fprintf(stderr, "Warning: "
                    "Not running as root: no attempt to change"
                    " to uid %d gid %d\n", server_uid, server_gid);
        }
        server_gid = getgid();
        server_uid = getuid();
    }
}

/*
 * Name: fixup_server_root
 *
 * Description: Makes sure the server root is valid.
 *
 */

static void fixup_server_root()
{
    char *dirbuf;

    if (!server_root) {
#ifdef SERVER_ROOT
        server_root = strdup(SERVER_ROOT);
        if (!server_root) {
            perror("strdup (SERVER_ROOT)");
            exit(1);
        }
#else
        fputs("boa: don't know where server root is.  Please #define "
              "SERVER_ROOT in boa.h\n"
              "and recompile, or use the -c command line option to "
              "specify it.\n", stderr);
        exit(1);
#endif
    }

    if (chdir(server_root) == -1) {
        fprintf(stderr, "Could not chdir to \"%s\": aborting\n",
                server_root);
        exit(1);
    }

    dirbuf = normalize_path(server_root);
    free(server_root);
    server_root = dirbuf;
}

1	nmav	1.1	/*
2			* Boa, an http server
3			* Copyright (C) 1995 Paul Phillips <paulp@go2net.com>
4			* Some changes Copyright (C) 1996 Charles F. Randall <crandall@goldsys.com>
5			* Some changes Copyright (C) 1996 Larry Doolittle <ldoolitt@boa.org>
6			* Some changes Copyright (C) 1996-2002 Jon Nelson <jnelson@boa.org>
7			* Portions Copyright (C) 2002 Nikos Mavroyanopoulos <nmav@gnutls.org>
8			*
9			* This program is free software; you can redistribute it and/or modify
10			* it under the terms of the GNU General Public License as published by
11			* the Free Software Foundation; either version 1, or (at your option)
12			* any later version.
13			*
14			* This program is distributed in the hope that it will be useful,
15			* but WITHOUT ANY WARRANTY; without even the implied warranty of
16			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17			* GNU General Public License for more details.
18			*
19			* You should have received a copy of the GNU General Public License
20			* along with this program; if not, write to the Free Software
21			* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22			*
23			*/
24
25	nmav	1.4	/* $Id: boa.c,v 1.3 2002/09/23 19:28:41 nmav Exp $*/
26	nmav	1.1
27			#include "boa.h"
28			#include "ssl.h"
29			#include <sys/resource.h>
30			#ifdef ENABLE_SMP
31			# include <pthread.h>
32
33			pthread_t father_id;
34
35			#endif
36
37			extern int ssl_params_refresh;
38
39			/* globals */
40			int backlog = SO_MAXCONN;
41			time_t start_time;
42
43			time_t current_time;
44
45
46			/* static to boa.c */
47			static void fixup_server_root(void);
48			static socket_type create_server_socket( int port, int);
49			static void drop_privs(void);
50			static server_params *smp_init(socket_type server_s[2]);
51			static int sock_opt = 1;
52			static int do_fork = 1;
53			int devnullfd = -1;
54
55			int main(int argc, char **argv)
56			{
57			int c; /* command line arg */
58	nmav	1.3	socket_type server_s[2] = {{ -1, 0, 0, 0}, { -1, -1, 0, 0 }}; /* boa socket */
59	nmav	1.1	server_params *params;
60
61			/* set umask to u+rw, u-x, go-rwx */
62			c = umask(~0600);
63			if (c == -1) {
64			perror("umask");
65			exit(1);
66			}
67
68			devnullfd = open("/dev/null", 0);
69
70			/* make STDIN and STDOUT point to /dev/null */
71			if (devnullfd == -1) {
72			DIE("can't open /dev/null");
73			}
74
75			if (dup2(devnullfd, STDIN_FILENO) == -1) {
76			DIE("can't dup2 /dev/null to STDIN_FILENO");
77			}
78
79			if (dup2(devnullfd, STDOUT_FILENO) == -1) {
80			DIE("can't dup2 /dev/null to STDOUT_FILENO");
81			}
82
83			/* but first, update timestamp, because log_error_time uses it */
84			(void) time(&current_time);
85
86			while ((c = getopt(argc, argv, "c:r:d")) != -1) {
87			switch (c) {
88			case 'c':
89			if (server_root)
90			free(server_root);
91			server_root = strdup(optarg);
92			if (!server_root) {
93			perror("strdup (for server_root)");
94			exit(1);
95			}
96			break;
97			case 'r':
98			if (chdir(optarg) == -1) {
99			log_error_time();
100			perror("chdir (to chroot)");
101			exit(1);
102			}
103			if (chroot(optarg) == -1) {
104			log_error_time();
105			perror("chroot");
106			exit(1);
107			}
108			if (chdir("/") == -1) {
109			log_error_time();
110			perror("chdir (after chroot)");
111			exit(1);
112			}
113			break;
114			case 'd':
115			do_fork = 0;
116			break;
117			default:
118			fprintf(stderr, "Usage: %s [-c serverroot] [-r chroot] [-d]\n", argv[0]);
119			exit(1);
120			}
121			}
122
123			fixup_server_root();
124			read_config_files();
125			open_logs();
126
127			if ((boa_ssl >= 2 \|\| boa_ssl == 0) && server_port > 0) {
128			server_s[0] = create_server_socket( server_port, 0);
129			}
130
131			if (boa_ssl != 0 && ssl_port > 0) {
132			server_s[1] = create_server_socket( ssl_port, 1);
133			}
134
135			if (server_s[1].socket == -1 && server_s[0].socket == -1) {
136			log_error_time();
137			fprintf(stderr, "Could not initialize sockets\n");
138			exit(1);
139			}
140
141			init_signals();
142			drop_privs();
143			create_common_env();
144			build_needs_escape();
145
146			if (boa_ssl) {
147			initialize_ssl();
148			}
149
150			if (max_connections < 1) {
151			struct rlimit rl;
152
153			/* has not been set explicitly */
154			c = getrlimit(RLIMIT_NOFILE, &rl);
155			if (c < 0) {
156			perror("getrlimit");
157			exit(1);
158			}
159			max_connections = rl.rlim_cur;
160			}
161
162			/* background ourself */
163			if (do_fork) {
164			switch(fork()) {
165			case -1:
166			/* error */
167			perror("fork");
168			exit(1);
169			break;
170			case 0:
171			/* child, success */
172			break;
173			default:
174			/* parent, success */
175			exit(0);
176			break;
177			}
178			}
179
180			/* main loop */
181			timestamp();
182
183			start_time = current_time;
184
185			/* Blocks signals that are not supposed to be catched
186			* by the children.
187			*/
188			block_main_signals();
189
190			/* spawn the children pool
191			*/
192			params = smp_init( server_s);
193
194			/* unblock signals for daddy
195			*/
196			unblock_main_signals();
197
198			/* regenerate parameters in that time interval
199			*/
200			if (boa_ssl) {
201	nmav	1.4	if (ssl_params_refresh < DEFAULT_SSL_PARAMS_REFRESH) {
202			log_error_time();
203			fprintf(stderr, "SSL parameters will be refreshed every %d minutes\n",
204			DEFAULT_SSL_PARAMS_REFRESH/60);
205			ssl_params_refresh = DEFAULT_SSL_PARAMS_REFRESH;
206			}
207	nmav	1.1	alarm( ssl_params_refresh);
208			}
209
210			select_loop( params);
211
212			return 0;
213			}
214
215			server_params *global_server_params;
216			int global_server_params_size;
217
218			extern int server_max_threads;
219
220			/* This function will return a server_params pointer. This
221			* pointer is to be used as a pointer to the select loop.
222			*/
223			static server_params* smp_init( socket_type server_s[2])
224			{
225			int i;
226			server_params *params;
227
228			#ifdef ENABLE_SMP
229			pthread_t tid;
230			int max_threads = server_max_threads;
231
232			father_id = pthread_self();
233			#else
234			const int max_threads = 1;
235			#endif
236
237			params = malloc( sizeof(server_params) * max_threads);
238			if (params == NULL) {
239			log_error_time();
240			fprintf(stderr,
241			"Could not allocate memory.\n");
242			exit(1);
243			}
244
245			for (i=0;i<max_threads;i++) {
246			params[i].server_s[0] = server_s[0];
247			params[i].server_s[1] = server_s[1];
248			params[i].request_ready = NULL;
249			params[i].request_block = NULL;
250			params[i].request_free = NULL;
251
252			/* for signal handling */
253			params[i].sighup_flag = 0;
254			params[i].sigchld_flag = 0;
255			params[i].sigalrm_flag = 0;
256			params[i].sigusr1_flag = 0;
257			params[i].sigterm_flag = 0;
258
259			params[i].sockbufsize = SOCKETBUF_SIZE;
260
261			params[i].status.requests = 0;
262			params[i].status.errors = 0;
263
264			params[i].total_connections = 0;
265			params[i].max_fd = 0;
266
267			params[i].handle_sigbus = 0;
268			}
269
270			#ifdef ENABLE_SMP
271			params[0].tid = father_id;
272
273			for( i=1;i<max_threads;i++) {
274			if (pthread_create( &tid, NULL, &select_loop, &params[i]) != 0)
275			{
276			log_error_time();
277			fprintf(stderr,
278			"Could not dispatch threads.\n");
279			exit(1);
280			}
281			params[i].tid = tid;
282			}
283			#endif
284
285			if (max_threads > 1) {
286			log_error_time();
287			fprintf(stderr,
288			"Generated pool of %d threads.\n", max_threads);
289			}
290
291			global_server_params_size = max_threads;
292			global_server_params = params;
293
294			return &params[0];
295			}
296
297			void smp_reinit()
298			{
299			#ifdef ENABLE_SMP
300	nmav	1.2	int i;
301			server_params *params = global_server_params;
302			int max_threads = server_max_threads;
303	nmav	1.1	#else
304	nmav	1.2	int max_threads = 1;
305	nmav	1.1	#endif
306
307	nmav	1.2	if (global_server_params_size < max_threads) {
308	nmav	1.1	log_error_time();
309			fprintf(stderr,
310			"Cannot increase threads on runtime.\n");
311			max_threads = global_server_params_size;
312	nmav	1.2	}
313	nmav	1.1
314			#ifdef ENABLE_SMP
315	nmav	1.2	for( i=1;i<max_threads;i++) {
316	nmav	1.1	pthread_t tid;
317			if (pthread_create( &tid, NULL, &select_loop, &params[i]) != 0)
318			{
319			log_error_time();
320			fprintf(stderr,
321			"Could not dispatch threads.\n");
322			exit(1);
323			}
324			params[i].tid = tid;
325	nmav	1.2	}
326	nmav	1.1	#endif
327
328	nmav	1.2	if (max_threads > 0) {
329	nmav	1.1	log_error_time();
330			fprintf(stderr,
331			"Regenerated a pool of %d threads.\n", max_threads);
332	nmav	1.2	}
333	nmav	1.1
334	nmav	1.2	return;
335	nmav	1.1	}
336
337
338			static socket_type create_server_socket( int port, int secure)
339			{
340			socket_type server_s;
341
342			server_s.secure = secure;
343	nmav	1.3	server_s.port = port;
344	nmav	1.1
345			server_s.socket = socket(SERVER_AF, SOCK_STREAM, IPPROTO_TCP);
346			if (server_s.socket == -1) {
347			DIE("unable to create socket");
348			}
349
350			/* server socket is nonblocking */
351			if (set_nonblock_fd(server_s.socket) == -1) {
352			DIE("fcntl: unable to set server socket to nonblocking");
353			}
354
355			/* close server socket on exec so cgi's can't write to it */
356			if (fcntl(server_s.socket, F_SETFD, 1) == -1) {
357			DIE("can't set close-on-exec on server socket!");
358			}
359
360			/* reuse socket addr */
361			if ((setsockopt(server_s.socket, SOL_SOCKET, SO_REUSEADDR, (void *) &sock_opt,
362			sizeof (sock_opt))) == -1) {
363			DIE("setsockopt");
364			}
365
366			/* internet family-specific code encapsulated in bind_server() */
367			if (bind_server(server_s.socket, server_ip, port) == -1) {
368			DIE("unable to bind");
369			}
370
371			/* listen: large number just in case your kernel is nicely tweaked */
372			if (listen(server_s.socket, backlog) == -1) {
373			DIE("unable to listen");
374			}
375			return server_s;
376			}
377
378			static void drop_privs(void)
379			{
380			/* give away our privs if we can */
381			if (getuid() == 0) {
382			struct passwd *passwdbuf;
383			passwdbuf = getpwuid(server_uid);
384			if (passwdbuf == NULL) {
385			DIE("getpwuid");
386			}
387			if (initgroups(passwdbuf->pw_name, passwdbuf->pw_gid) == -1) {
388			DIE("initgroups");
389			}
390			if (setgid(server_gid) == -1) {
391			DIE("setgid");
392			}
393			if (setuid(server_uid) == -1) {
394			DIE("setuid");
395			}
396			/* test for failed-but-return-was-successful setuid
397			* http://www.securityportal.com/list-archive/bugtraq/2000/Jun/0101.html
398			*/
399			if (setuid(0) != -1) {
400			DIE("icky Linux kernel bug!");
401			}
402			} else {
403			if (server_gid \|\| server_uid) {
404			log_error_time();
405			fprintf(stderr, "Warning: "
406			"Not running as root: no attempt to change"
407			" to uid %d gid %d\n", server_uid, server_gid);
408			}
409			server_gid = getgid();
410			server_uid = getuid();
411			}
412			}
413
414			/*
415			* Name: fixup_server_root
416			*
417			* Description: Makes sure the server root is valid.
418			*
419			*/
420
421			static void fixup_server_root()
422			{
423			char *dirbuf;
424
425			if (!server_root) {
426			#ifdef SERVER_ROOT
427			server_root = strdup(SERVER_ROOT);
428			if (!server_root) {
429			perror("strdup (SERVER_ROOT)");
430			exit(1);
431			}
432			#else
433			fputs("boa: don't know where server root is. Please #define "
434			"SERVER_ROOT in boa.h\n"
435			"and recompile, or use the -c command line option to "
436			"specify it.\n", stderr);
437			exit(1);
438			#endif
439			}
440
441			if (chdir(server_root) == -1) {
442			fprintf(stderr, "Could not chdir to \"%s\": aborting\n",
443			server_root);
444			exit(1);
445			}
446
447			dirbuf = normalize_path(server_root);
448			free(server_root);
449			server_root = dirbuf;
450			}
451