File curvedns-systemd.patch of Package curvedns

Overview Repositories Revisions Requests Users Attributes Meta

File curvedns-systemd.patch of Package curvedns

diff -rU3 curvedns.orig/curvedns.c curvedns-systemd/curvedns.c
--- curvedns.orig/curvedns.c	2010-12-28 09:32:54.000000000 +0100
+++ curvedns-systemd/curvedns.c	2011-12-09 16:52:37.000000000 +0100
@@ -36,6 +36,10 @@
 
 #include <sys/socket.h>		/* for AF_UNSPEC */
 
+#ifdef USE_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
+
 #include "curvedns.h"
 #include "misc.h"
 #include "ip.h"
@@ -64,6 +70,9 @@
 	debug_log(DEBUG_FATAL, " [CURVEDNS_TCP_TIMEOUT]\n\tNumber of seconds before TCP session to client times out (default: 60.0)\n");
 	debug_log(DEBUG_FATAL, " [CURVEDNS_SHARED_SECRETS]\n\tNumber of shared secrets that can be cached (default: 5000)\n");
 	debug_log(DEBUG_FATAL, " [CURVEDNS_DEBUG]\n\tDebug level, 1: fatal, 2: error, 3: warning, 4: info, 5: debug (default: 2)\n");
+#ifdef USE_SYSTEMD
+	debug_log(DEBUG_FATAL, " [LISTEN_FDS], [LISTEN_PID]\n\tsee sd_listen_fds(3). When these are set, <listening IPs> and <listening port> will be ignored (but must be present!)\n");
+#endif
 	debug_log(DEBUG_FATAL, "Exactly one of the CURVEDNS_PRIVATE_KEY* variables is required.\n");
 	return 1;
 }
@@ -147,14 +158,20 @@
 		if ((tmp > 0) && (tmp < 6))
 			debug_level = tmp;
 	}
-	debug_log(DEBUG_FATAL, "starting %s version %s (debug level %d)\n", argv[0], CURVEDNS_VERSION, debug_level);
+	debug_log(DEBUG_INFO, "starting %s version %s (debug level %d)\n", argv[0], CURVEDNS_VERSION, debug_level);
 
 	// Parse the listening IP addresses:
+#ifdef USE_SYSTEMD
+    if (sd_listen_fds(0) <= 0) {
+#endif
 	local_addresses = ip_multiple_parse(&local_addresses_count, argv[1], argv[2]);
 	if (!local_addresses) {
 		debug_log(DEBUG_FATAL, "listening IPs or port malformed\n");
 		return 1;
 	}
+#ifdef USE_SYSTEMD
+    }
+#endif
 
 	// Parse target IP:
 	if (!ip_parse(&global_target_address, argv[3], argv[4]))
diff -rU3 curvedns.orig/ip.c curvedns-systemd/ip.c
--- curvedns.orig/ip.c	2010-12-28 09:32:54.000000000 +0100
+++ curvedns-systemd/ip.c	2011-12-12 13:43:11.000000000 +0100
@@ -33,6 +33,9 @@
  * $Date$
  * $Revision$
  */
+#ifdef USE_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
 
 #include "ip.h"
 #include "misc.h"
@@ -125,6 +128,25 @@
 int ip_init(anysin_t *addresses, int addresses_count) {
 	int i;
 
+#ifdef USE_SYSTEMD
+	global_ip_sockets_count = sd_listen_fds(0);
+	if (global_ip_sockets_count > 0) {
+		global_ip_sockets = (struct ip_socket_t *) calloc(global_ip_sockets_count, sizeof(struct ip_socket_t));
+		for (i = 0; i < global_ip_sockets_count; i++) {
+			global_ip_sockets[i].fd = SD_LISTEN_FDS_START + i;
+			if (sd_is_socket(global_ip_sockets[i].fd, AF_UNSPEC, SOCK_DGRAM, -1)) {
+				global_ip_sockets[i].protocol = IP_PROTOCOL_UDP;
+			} else if (sd_is_socket(global_ip_sockets[i].fd, AF_UNSPEC, SOCK_STREAM, 1)) {
+				global_ip_sockets[i].protocol = IP_PROTOCOL_TCP;
+			} else {
+				debug_log(DEBUG_FATAL, "ip_init(): LISTEN_FD %d is neither UDP nor TCP socket?!\n", global_ip_sockets[i].fd);
+				return 0;
+			}
+		}
+		return 1;
+	}
+#endif
+
 	global_ip_sockets = (struct ip_socket_t *) calloc(addresses_count * 2, sizeof(struct ip_socket_t));
 	if (!global_ip_sockets)
 		goto wrong;
--- curvedns.orig/debug.c	2010-12-28 09:32:54.000000000 +0100
+++ curvedns-0.87/debug.c	2011-12-12 15:33:35.000000000 +0100
@@ -33,15 +33,40 @@
  * $Date$
  * $Revision$
  */
+#ifdef USE_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
 
 #include "debug.h"
 
 // Standard error level: ERROR
 int debug_level = DEBUG_ERROR;
 
+static int isRunningWithSystemd = -1;
+
 void debug_log(int level, char *format, ...) {
+
 	if (level <= debug_level) {
 		va_list args;
+#ifdef USE_SYSTEMD
+		if (isRunningWithSystemd < 0) {
+			isRunningWithSystemd = sd_listen_fds(0) > 0;
+		}
+		if (isRunningWithSystemd) {
+			switch (level) {
+				case DEBUG_DEBUG:
+					fprintf(stderr, SD_DEBUG); break;
+				case DEBUG_INFO:
+					fprintf(stderr, SD_INFO); break;
+				case DEBUG_WARN:
+					fprintf(stderr, SD_WARNING); break;
+				case DEBUG_ERROR:
+					fprintf(stderr, SD_ERR); break;
+				case DEBUG_FATAL:
+					fprintf(stderr, SD_EMERG); break;
+			}
+		}
+#endif
 		va_start(args, format);
 		vfprintf(stderr, format, args);
 		va_end(args);
--- curvedns.orig/event_main.c	2010-12-28 09:32:54.000000000 +0100
+++ curvedns-0.87/event_main.c	2011-12-12 15:33:58.000000000 +0100
@@ -41,7 +41,7 @@
 
 static struct ev_io *udp_watchers = NULL;
 static struct ev_io *tcp_watchers = NULL;
-static int watchers_count; /* as udp_watchers_count = tcp_watchers_count = watchers_count */
+static int udp_watchers_count, tcp_watchers_count;
 static struct ev_signal signal_watcher_hup;
 static struct ev_signal signal_watcher_int;
 static struct ev_signal signal_watcher_term;
@@ -69,7 +69,7 @@
 // Starts the accept watchers if startstop = 1, stops them if startstop = 0
 void event_tcp_startstop_watchers(struct ev_loop *loop, int startstop) {
 	int i;
-	for (i = 0; i < watchers_count; i++) {
+	for (i = 0; i < tcp_watchers_count; i++) {
 		if (startstop)
 			ev_io_start(loop, &tcp_watchers[i]);
 		else
@@ -97,7 +97,7 @@
 }
 
 int event_init() {
-	int i, j;
+	int i;
 
 	// Fetch the default loop:
 	event_default_loop = ev_default_loop(0);
@@ -114,34 +114,36 @@
 	ev_signal_start(event_default_loop, &signal_watcher_term);
 
 	// Now allocate memory for each of the workers (global_sockets_count is always even):
-	watchers_count = (int) (global_ip_sockets_count / 2);
+	udp_watchers_count = tcp_watchers_count = 0;
 
-	udp_watchers = (struct ev_io *) calloc(watchers_count, sizeof(struct ev_io));
+	udp_watchers = (struct ev_io *) calloc(global_ip_sockets_count, sizeof(struct ev_io));
 	if (!udp_watchers)
 		goto wrong;
 
-	tcp_watchers = (struct ev_io *) calloc(watchers_count, sizeof(struct ev_io));
+	tcp_watchers = (struct ev_io *) calloc(global_ip_sockets_count, sizeof(struct ev_io));
 	if (!tcp_watchers)
 		goto wrong;
 
 	// Initialize watchers and connect them to the loop:
 	char s[52];
-	for (i = 0, j = 0; i < global_ip_sockets_count; i++) {
-		ip_address_total_string(global_ip_sockets[i].address, s, sizeof(s));
+	for (i = 0; i < global_ip_sockets_count; i++) {
+		if (global_ip_sockets[i].address) {
+			ip_address_total_string(global_ip_sockets[i].address, s, sizeof(s));
+		} else { s[0] = 0; }
 		if (global_ip_sockets[i].protocol == IP_PROTOCOL_UDP) {
 			// UDP socket
-			debug_log(DEBUG_INFO, "event_init(): udp_watchers[%d] = UDP socket on %s (fd = %d)\n", j, s, global_ip_sockets[i].fd);
-			udp_watchers[j].data = &global_ip_sockets[i];
-			ev_io_init(&udp_watchers[j], event_udp_ext_cb, global_ip_sockets[i].fd, EV_READ);
-			ev_io_start(event_default_loop, &udp_watchers[j]);
+			debug_log(DEBUG_INFO, "event_init(): udp_watchers[%d] = UDP socket on %s (fd = %d)\n", udp_watchers_count, s, global_ip_sockets[i].fd);
+			udp_watchers[udp_watchers_count].data = &global_ip_sockets[i];
+			ev_io_init(&udp_watchers[udp_watchers_count], event_udp_ext_cb, global_ip_sockets[i].fd, EV_READ);
+			ev_io_start(event_default_loop, &udp_watchers[udp_watchers_count]);
+			udp_watchers_count++;
 		} else if (global_ip_sockets[i].protocol == IP_PROTOCOL_TCP) {
 			// TCP socket
-			debug_log(DEBUG_INFO, "event_init(): tcp_watchers[%d] = TCP socket on %s (fd = %d)\n", j, s, global_ip_sockets[i].fd);
-			ev_io_init(&tcp_watchers[j], event_tcp_accept_cb, global_ip_sockets[i].fd, EV_READ);
-			ev_io_start(event_default_loop, &tcp_watchers[j]);
+			debug_log(DEBUG_INFO, "event_init(): tcp_watchers[%d] = TCP socket on %s (fd = %d)\n", tcp_watchers_count, s, global_ip_sockets[i].fd);
+			ev_io_init(&tcp_watchers[tcp_watchers_count], event_tcp_accept_cb, global_ip_sockets[i].fd, EV_READ);
+			ev_io_start(event_default_loop, &tcp_watchers[tcp_watchers_count]);
+			tcp_watchers_count++;
 		}
-		if (i % 2)
-			j++;
 	}
 
 	return 1;
@@ -158,6 +158,6 @@
 }
 
 void event_worker() {
-	debug_log(DEBUG_FATAL, "event_worker(): starting the event loop\n");
+	debug_log(DEBUG_INFO, "event_worker(): starting the event loop\n");
 	ev_loop(event_default_loop, 0);
 }
 
--- curvedns-0.87/Makefile.in.orig      2011-12-13 19:44:32.000000000 +0100
+++ curvedns-0.87/Makefile.in   2011-12-13 19:44:43.000000000 +0100
@@ -83,4 +83,4 @@
 	$(CC) $(LDFLAGS) debug.o ip.o misc.o dnscurve.o dns.o cache.a event.a curvedns.o $(EXTRALIB) -lnacl -o curvedns
 
 curvedns-keygen: curvedns-keygen.o debug.o ip.o misc.o
-	$(CC) $(LDFLAGS) curvedns-keygen.o debug.o ip.o misc.o -lnacl -o curvedns-keygen
+	$(CC) $(LDFLAGS) curvedns-keygen.o debug.o ip.o misc.o -lnacl $(EXTRALIB) -o curvedns-keygen
--- curvedns-0.87/curvedns.c.orig	2011-12-15 09:33:21.000000000 +0100
+++ curvedns-0.87/curvedns.c	2011-12-15 09:35:15.000000000 +0100
@@ -94,7 +94,7 @@
 		}
 		if (!ip_address_string(&global_source_address, ip, sizeof(ip)))
 			return 0;
-		debug_log(DEBUG_FATAL, "source IP address: %s\n", ip);
+		debug_log(DEBUG_INFO, "source IP address: %s\n", ip);
 	} else {
 		debug_log(DEBUG_INFO, "source IP address: [none]\n");
 	}
@@ -103,7 +103,7 @@
 		if (tmpd > 60.) tmpd = 60.;
 		else if (tmpd < 0.01) tmpd = 0.01;
 		global_ip_internal_timeout = (ev_tstamp) tmpd;
-		debug_log(DEBUG_FATAL, "internal timeout set to %.2f seconds\n", global_ip_internal_timeout);
+		debug_log(DEBUG_INFO, "internal timeout set to %.2f seconds\n", global_ip_internal_timeout);
 	} else {
 		debug_log(DEBUG_INFO, "internal timeout: %.2f seconds\n", global_ip_internal_timeout);
 	}
@@ -112,7 +112,7 @@
 		if (tmpi > 50) tmpi = 50;
 		else if (tmpi < 1) tmpi = 1;
 		global_ip_udp_retries = tmpi;
-		debug_log(DEBUG_FATAL, "UDP retries set to %d time(s)\n", global_ip_udp_retries);
+		debug_log(DEBUG_INFO, "UDP retries set to %d time(s)\n", global_ip_udp_retries);
 	} else {
 		debug_log(DEBUG_INFO, "UDP retries: %d time(s)\n", global_ip_udp_retries);
 	}
@@ -121,7 +121,7 @@
 		if (tmpi > 500) tmpi = 500;
 		else if (tmpi < 1) tmpi = 1;
 		global_ip_tcp_max_number_connections = tmpi;
-		debug_log(DEBUG_FATAL, "number of simultaneous TCP connections set to %d\n", global_ip_tcp_max_number_connections);
+		debug_log(DEBUG_INFO, "number of simultaneous TCP connections set to %d\n", global_ip_tcp_max_number_connections);
 	} else {
 		debug_log(DEBUG_INFO, "number of simultaneous TCP connections: %d\n", global_ip_tcp_max_number_connections);
 	}
@@ -130,7 +130,7 @@
 		if (tmpd > 86400.) tmpd = 86400.;
 		else if (tmpd < 1.0) tmpd = 1.0;
 		global_ip_tcp_external_timeout = (ev_tstamp) tmpd;
-		debug_log(DEBUG_FATAL, "TCP client timeout set to %.2f seconds\n", global_ip_tcp_external_timeout);
+		debug_log(DEBUG_INFO, "TCP client timeout set to %.2f seconds\n", global_ip_tcp_external_timeout);
 	} else {
 		debug_log(DEBUG_INFO, "TCP client timeout: %.2f seconds\n", global_ip_tcp_external_timeout);
 	}
@@ -138,7 +138,7 @@
 	if (misc_getenv_int("CURVEDNS_SHARED_SECRETS", 0, &tmpi)) {
 		if (tmpi > 50)
 			global_shared_secrets = tmpi;
-		debug_log(DEBUG_FATAL, "shared secret cached set to %d positions\n", global_shared_secrets);
+		debug_log(DEBUG_INFO, "shared secret cached set to %d positions\n", global_shared_secrets);
 	} else {
 		debug_log(DEBUG_INFO, "shared secret cache: %d positions\n", global_shared_secrets);
 	}
--- curvedns-0.87/event_main.c.orig	2011-12-15 09:32:38.000000000 +0100
+++ curvedns-0.87/event_main.c	2011-12-15 09:33:08.000000000 +0100
@@ -82,11 +82,11 @@
 		return;
 
 	if (w->signum == SIGHUP) {
-		debug_log(DEBUG_FATAL, "event_signal_cb(): received SIGHUP - clearing cache\n");
+		debug_log(DEBUG_INFO, "event_signal_cb(): received SIGHUP - clearing cache\n");
 		cache_stats(dnscurve_cache);
 		cache_empty(dnscurve_cache);
 	} else if ((w->signum == SIGINT) || (w->signum == SIGTERM)) {
-		debug_log(DEBUG_FATAL, "event_signal_cb(): received %s - cleaning up nicely and quitting\n",
+		debug_log(DEBUG_INFO, "event_signal_cb(): received %s - cleaning up nicely and quitting\n",
 				(w->signum == SIGINT) ? "SIGINT" : "SIGTERM");
 		ev_unloop(EV_DEFAULT_ EVUNLOOP_ALL);
 		cache_destroy(dnscurve_cache);
--- curvedns/curvedns.8.nosystemd	2011-12-15 12:57:21.000000000 +0100
+++ curvedns/curvedns.8	2011-12-15 12:55:25.000000000 +0100
@@ -32,6 +32,13 @@
 .P
 .B curvedns
 writes log messages to STDERR.
+.P
+When curvedns is running under
+.BR systemd (1),
+.I listen-ips
+and
+.I listen-port
+must be present but are ignored.
 
 .SH "ENVIRONMENT VARIABLES"
 .B curvedns
@@ -88,12 +95,35 @@
 .IP CURVEDNS_SOURCE_IP
 the IP address CurveDNS will use as source IP address when it will forward the
 query to the authoritative name server (default: let kernel pick).
+.IP LISTEN_FDS
+the number of
+.BR socket (2)
+file descriptors already opened by systemd. If this variable is present and
+.B curvedns
+was compiled with
+.BR -DUSE_SYSTEMD ,
+it will assume it is running under systemd, and will ignore the first two command
+line arguments. Also, it will prefix its log messages with systemd-compatible
+logging prefixes.
 
 .SH NOTES
 Putting secret information like cryptographic private keys into a process'
 environment is considered a security risk. The use of the
 .B CURVEDNS_PRIVATE_KEY
 environment variable is therefore strongly discouraged.
+.P
+When running under
+.BR systemd (1),
+it is recommended to configure
+.B curvedns
+as a socket-activated service.
+.B CURVEDNS_DEBUG
+should be set to 5 to leave logging configuration the system's standard syslog
+mechanism. The
+.BR systemd (1)
+service should run
+.B curvedns
+as a non-root user, with UID and GID set to this user's IDs.
 
 .SH AUTHORS
 .B curvedns
@@ -102,7 +132,7 @@
 This man page was written by Peter Conrad <conrad@quisquis.de>.
 
 .SH SEE ALSO
-curvedns-keygen(8)
+curvedns-keygen(8), sd_listen_fds(3), sd-daemon(7), systemd(1)
 .br
 http://curvedns.on2it.net/
 .br

Places

File curvedns-systemd.patch of Package curvedns

Places