If we downgrade from DNSSEC to non-DNSSEC mode, let's log about this in a recognizable way (i.e. with a message ID),
after all, this is of major importance.
libsystemd-network provides the public function
sd_dhcp6_client_set_request_option() to enable the request of a given
DHCP option. However the enum defining such options is defined in the
internal header dhcp6-protocol.h. Move the enum definition to the
public header sd-dhcp6-client.h and properly namespace values.
libsystemd-network provides the public function
sd_dhcp_client_set_request_option() to enable the request of a given
DHCP option. However the enum defining such options is defined in the
internal header dhcp-protocol.h. Move the enum definition to the
public header sd-dhcp-client.h and properly namespace values.
At the moment sd_dhcp_lease_get_routes() returns an array of structs
which are not defined in public headers. Instead, change the function
to return an array of pointers to opaque sd_dhcp_route objects.
With this patch resolved will properly handle revoked keys, but not
augment the locally configured trust anchor database with newly learned
keys.
Specifically, resolved now refuses validating RRsets with
revoked keys, and it will remove revoked keys from the configured trust
anchors (only until reboot).
This patch does not add logic for adding new keys to the set of trust
anchors. This is a deliberate decision as this only can work with
persistent disk storage, and would result in a different update logic
for stateful and stateless systems. Since we have to support stateless
systems anyway, and don't want to encourage two independent upgrade
paths we focus on upgrading the trust anchor database via the usual OS
upgrade logic.
Whenever a trust anchor entry is found revoked and removed from the
trust anchor a recognizable log message is written, encouraging the user
to update the trust anchor or update his operating system.
This renames __useless_struct_to_allow_trailing_semicolon__ everywhere
to _sd_useless_struct_to_allow_trailing_semicolon_, to follow our usual
rule of prefixing stuff from public headers that should be considered
internal with "_sd_".
While we are at it, also to be safe: when the struct is used in the C++
protector macros make sure to use two different names depending on
whether it appears in the C++ or C side of things. After all, there
might be compilers that don't consider C++ and C structs the same.
See https://github.com/systemd/systemd/pull/2052#discussion_r46067059
GLIB has recently started to officially support the gcc cleanup
attribute in its public API, hence let's do the same for our APIs.
With this patch we'll define an xyz_unrefp() call for each public
xyz_unref() call, to make it easy to use inside a
__attribute__((cleanup())) expression. Then, all code is ported over to
make use of this.
The new calls are also documented in the man pages, with examples how to
use them (well, I only added docs where the _unref() call itself already
had docs, and the examples, only cover sd_bus_unrefp() and
sd_event_unrefp()).
This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we
tend to call our destructors these days.
Note that this defines no public macro that wraps gcc's attribute and
makes it easier to use. While I think it's our duty in the library to
make our stuff easy to use, I figure it's not our duty to make gcc's own
features easy to use on its own. Most likely, client code which wants to
make use of this should define its own:
#define _cleanup_(function) __attribute__((cleanup(function)))
Or similar, to make the gcc feature easier to use.
Making this logic public has the benefit that we can remove three header
files whose only purpose was to define these functions internally.
See #2008.
We already have a state RUNNING and EXITING when we dispatch regular and
exit callbacks. Let's introduce a new state called PREPARING that is
active while we invoke preparation callbacks. This way we have a state
each for all three kinds of event handlers.
The states are currently not documented, hence let's add a new state to
the end, before we start documenting this.
As the data passed is very different, we introduce four different callbacks:
- Generic - router discovery timed out or state machine stopped
- Router - router and link configuration received
- Prefix onlink - configuration for an onlink prefix received
- Prefix autonomous - configuration for to configure a SLAAC address for a prefix received
It is really unclear if we want to / have the resources to support this fully, so drop it
for now. It can easily be brought back if a killer usecase emerges.
Note that this code was never hooked up, so this does not remove any features.
Exported header files should not include internal headers. Fix that.
Exported header files should not use the bool type. So far we opted to
stick to C89 for exported headers, and hence use "int" for bools in
them. Continue to do so.
Exported header files should have #include lines for everything they use
including inttypes.h and sys/types.h, so that they may be included in
any order.
Exported header files should have C++ guards, hence add them.
Exported header files should not use gcc extensions like #pragma once,
get rid of it.
There are more than enough calls doing string manipulations to deserve
its own files, hence do something about it.
This patch also sorts the #include blocks of all files that needed to be
updated, according to the sorting suggestions from CODING_STYLE. Since
pretty much every file needs our string manipulation functions this
effectively means that most files have sorted #include blocks now.
Also touches a few unrelated include files.
The actual code rename will follow. The reason for the change of name is to make it
simpler and more uniform with how we name other libraries (we don't include the
underlying protocol). The new name also matches the naming in the kernel (which
is particularly relevent here as we expect to let the kernel do some parts of
the protocol and we do others).
Rename struct 'tlv_packet' to 'sd_lldp_packet' and struct
'tlv_section' to 'sd_lldp_section' since the former is referenced in
public header sd-lldp.h.
Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
This adds support for naming file descriptors passed using socket
activation. The names are passed in a new $LISTEN_FDNAMES= environment
variable, that matches the existign $LISTEN_FDS= one and contains a
colon-separated list of names.
This also adds support for naming fds submitted to the per-service fd
store using FDNAME= in the sd_notify() message.
This also adds a new FileDescriptorName= setting for socket unit files
to set the name for fds created by socket units.
This also adds a new call sd_listen_fds_with_names(), that is similar to
sd_listen_fds(), but also returns the names of the fds.
systemd-activate gained the new --fdname= switch to specify a name for
testing socket activation.
This is based on #1247 by Maciej Wereski.
Fixes#1247.
By default we set as NLM_F_CREATE | NLM_F_EXCL in
sd_rtnl_message_new_link
But incase of bridge we need to set NLM_F_REQUEST | NLM_F_ACK.
If NLM_F_EXCL is set then we are unable to set the parameters. As bridge
supports setting properties after creation not during creation.
LLDP TLVs of type 127 are used to carry organizationally specific
information and include additional fields to specify the OUI and
subtype.
Add support for parsing such fields and functions to access the most
common IEEE 802.1 specific TLVs.
It can be useful to know the destination address of a LLDP frame
because it determines the scope of propagation of the frame and thus
this information be used to know whether the neighbor is connected to
the same physical link.
See clause 7.1 of IEEE Std 802.1AB-2009.
Add a public function to get a list of current LLDP neighbours' TLV
packets. The function populates an array of pointers to the opaque
type sd_lldp_packet and returns the number of elements found. Callers
must take care of freeing the array and decreasing the refcount of
elements when done.
This introduces two new helpers alongside sd_bus_path_{encode,decode}(),
which work similarly to their counterparts, but accept a format-string as
input. This allows encoding and decoding multiple labels of a format
string at the same time.
If code enqueues a message on one of the default busses, but doesn't
sync on it, and immediately drops the reference to the bus again, it
will stay queued and consume memory. Intrdouce a new call
sd_bus_default_flush_close() that can be invoked at the end of programs
(or threads) and flushes out all unsent messages on any of the default
busses.
Currently, sd-lldp.h exports "UPDATE_INFO".. and defines it to a magic
constant '10'. This is completely bogus, so fix it to follow our coding
standards:
- Prefix exported symbols by SD_LLDP_*
- Define a separate event-enum for event types
- Translate internal state to external event-types
This splits the Address Conflict Detection out of the Link Local
library so that we can reuse it for DHCP and static addresses in
the future.
Implements RFC5227.
This adds a new sd_pid_get_cgroup() call to sd-login which may be used
to query the control path of a process. This is useful for programs when
making use of delegation units, in order to figure out which subtree has
been delegated.
In light of the unified control group hierarchy this is finally safe to
do, hence let's add a proper API for it, to make it easier to use this.
Merge sd_dhcp_server_set_address() and sd_dhcp_server_set_lease_pool() into
sd_dhcp_server_configure_pool() as the behavior of the two former depends
on the order they are called in. The flexibility is not needed, so let's
just do this in one call.
Querying low-level DNS RRs should be done via resolved now, not via
glibc's awful res_query() API anymore. Let's not introduce an async
wrapper for it hence.
a) drop handling of obsolete or unused DHCP options time_offset,
mtu_aging_timeout, policy filter, mdr, ttl, ip forwarding settings.
Should this become useful one day we can readd support for this.
b) For subnet mask and broadcast it is not always clear whether 0 or
255.255.255.255 might be valid, hence maintain a boolean indicating
validity next to it.
c) serialize/deserialize broadcast address, lifetime, T1 and T2 together
with the rest of the fields in dhcp_lease_save() and
dhcp_lease_load().
d) consistently return ENODATA from getter functions for data that is
missing in the lease.
e) add missing getter calls for broadcast, lifetime, T1, T2.
f) when decoding DHCP options, generate debug messages on parse
failures, but try to proceed if possible.
g) Similar, when deserializing a lease in dhcp_lease_load(), make sure
we deal nicely with unparsable fields, to provide upgrade compat.
h) fix some memory allocations
When we make sd-dhcp public one day we really should not make
sd_dhcp_lease_save() and sd_dhcp_lease_load() public, since it's pretty
much only useful as internal utility for networkd itself.
This allows marking properties as "explicit". Properties marked like
this are included in the introspection, but are avoided in GetAll()
property queries, PropertiesChanged() signals and in in GetManaged()
object manager calls and InterfacesAdded() signals.
Expensive properties may be marked that way, and they will be
retrievable when explicitly being requested, but never in "blanket"
all-property queries and signals.
This flag may be combined with the flags for "const" and
"emit-validation" properties, but not with "emit-validation", as that
is only useful for properties whose value shall be sent in "blanket"
all-property signals.
The "explicit" flag is also exposed in the introspection data via a new
annotation.
Support DHCPv6 DNS search list option as specified in RFC 3646. This
option contains a list of DNS search domains encoded without compression
as specified in Section 8. of RFC 3315.
This adds support for option 43 (Vendor Specific Information) to
libsystemd-network DHCP code. The option carries an opaque object of n
octets, interpreted by vendor-specific code on the clients and
servers.
[@zonque: adopted to new unhexmem() API]
All other *_get_description() functions use 'const char**', so make sure
sd_bus_slot_get_description() does the same.
This changes API, but ABI stays stable. I think this is fine, but I
wouldn't mind bumping SONAME.
Reported in #528.
sd_bus_flush_close_unref() is a call that simply combines sd_bus_flush()
(which writes all unwritten messages out) + sd_bus_close() (which
terminates the connection, releasing all unread messages) +
sd_bus_unref() (which frees the connection).
The combination of this call is used pretty frequently in systemd tools
right before exiting, and should also be relevant for most external
clients, and is hence useful to cover in a call of its own.
Previously the combination of the three calls was already done in the
_cleanup_bus_close_unref_ macro, but this was only available internally.
Also see #327
With the v221 release these APIs should be public, stable APIs, hence
let's install their headers by default now, and add their symbols to the
.sym file.
This should simplify the prototype a bit. The bus parameter is redundant
in most cases, and in the few where it matters it can be derived from
the message via sd_bus_message_get_bus().
Not that all functionality has been ported over to logind, the old
implementation can be removed. There goes one of the oldest parts of
the systemd code base.
It is still possible to include uninitialized ones, but now that is opt-in. In most
cases people only want initialized devices. Exception is if you want to work without
udev running.
Suggested by David Herrmann.
This provides equivalent functionality to libudev-device, but in the
systemd style. The public API only caters to creating sd_device objects
from for devices that already exist in /sys, there is no support for
listening for monitoring events or creating devices received over
the udev netlink protocol.
The private API contains the necessary functionality to make sd-device
a drop-in replacement for libudev-device, but which we would not
otherwise want to export.
Introduce BindCarrier= to indicate the set of links that determine if
the current link should be brought UP or DOWN.
[tomegun: add a bit to commit message]
Most of our client tools want to set this bit for all their method
calls, even though it defaults to off in sd-bus, and rightfully so.
Hence, to simplify thing, introduce a per sd_bus-object flag that sets
the default value for all messages created on the connection.
Save each new onlink IPv6 prefix and attach an expiry timer to it.
If the prefixes overlap, take the shorter prefix and write a debug
message about the event. Once the prefix is resent in a Router
Advertisement, update the timer. Add a new event for the expiring
prefix.
Add two helper functions, one for returning a prefix length given a
Router Advertisement and the other for generic prefix matching given
an IPv6 prefix and address.
Revise the address iteration functions so that one helper function
resets the iterator to the start of the address list while the
second one fetches addresses one by one.
The test case is also updated.
With this change it is possible to send file descriptors to PID 1, via
sd_pid_notify_with_fds() which PID 1 will store individually for each
service, and pass via the usual fd passing logic on next invocation.
This is useful for enable daemon reload schemes where daemons serialize
their state to /run, push their fds into PID 1 and terminate, restoring
their state on next start from the data in /run and passed in from PID
1.
The fds are kept by PID 1 as long as no POLLHUP or POLLERR is seen on
them, and the service they belong to are either not dead or failed, or
have a job queued.
This implements two new helpers, discussed on systemd-devel about 1 year
ago:
sd_bus_emit_object_added()
sd_bus_emit_object_removed()
Both calls are equivalent to their respective counterpart
sd_bus_emit_interfaces_{added/removed}(), but can figure out the list of
interfaces themselves, instead of requiring the caller to provide them.
Furthermore, both calls properly deal with builtin interfaces provided via
org.freedesktop.DBus.* and alike.
Both calls simply traverse a node and all its parent nodes to figure out a
list of all interfaces registered as vtable or fallback. It then appends
each of them, similar to the interfaces_{added/removed}() helpers.
Note that interfaces_{added/removed}() runs a parent traversal for *each*
passed interface. Therefore, it can simply bail out, once it found a
parent node that implements a given interface.
With object_{added/removed}() we cannot know the registered interfaces in
advance, thus, we cannot run one traversal per node. Instead, we run a
single traversal and remember all interfaces that we added. Therefore, a
child-interface overrides all conflicting parent-interfaces. We keep a
"Set *s" context to track those while climbing up the tree.
Pretty much everywhere else we use the generic term "machine" when
referring to containers in API, so let's do though in sd-bus too. In
particular, since the concept of a "container" exists in sd-bus too, but
as part of the marshalling system.
* (potentially) public headers must reside in src/systemd/ (not in
src/libsystemd*)
* some private (not prefixed with sd_) functions moved from sd-lldp.h to
lldp-internal.h
* introduce lldp-util.h for the cleanup macro, as these should not be public
* rename the cleanup macro, we always name them _cleanup_foo_, never
_cleanup_sd_foo_
* mark some function arguments as 'const'
Imagine the following use of hwdb:
if (condition_A)
SD_HWDB_FOREACH_PROPERTY(hwdb, modalias, key, value)
operation_A(key, value);
else
log_error("...");
This should work just fine, but but definitely does not what you would
expect. Due to how SD_HWDB_FOREACH_PROPERTY is defined, the dangling
'else' is linked to the hidden 'if' statement in the macro instead of the
outer 'if (condition_A)'. This is unexpected and really annoying to debug.
Fix this by never leaving un-finished if-statements in
SD_HWDB_FOREACH_PROPERTY(). We simply inverse the if() statement and
explicitly add an 'else'-branch. This way, the statement is closed and all
ambuguities are resolved.
This is libudev-hwdb, but decoupled from libudev and in the libsystemd style.
The core code is unchanged, apart from the following minor changes:
- hwdb.bin located in /**/systemd/hwdb/ take preference over the ones located
in /**/udev/
- properties are stored internally in an OrderedHashmap, rather than a
linked list.
- a new API call allows individual properties to be queried directly, rather
than iterating over them all
- the iteration over properties have been moved inside the library, rather than
exposing a list directly
- the unused 'flags' parameter was dropped
Implement Information Request message according to RFC 3315, section
18.1.5. with the excepion that the first message is not delayed by a
random amount. Instead systemd-networkd is supposed to take care of
desynchronizing between other clients.
Initialize the DHCPv6 client structure in sd_dhcp6_client_start()
as this allows toggling between information request and normal
DHCPv6 address aquisition modes.
The ELF magic cannot work for consumers of our shard library, since they
are in a different module. Hence make all the ELF magic private, and
instead introduce a public function to register additional static
mapping table.
This is useful inside of containers or local networks to intrdouce a
stable name of the default gateway host (in case of containers usually
the host, in case of LANs usually local router).
The ID returned really doesn't identify the owner, but the bus instance,
hence fix this misnaming.
Also, update "busctl status" to show the ID in its output.
We got the following error when running systemd on a device with many ports:
"rtnl: kernel receive buffer overrun
Event source 'rtnl-receive-message' returned error, disabling: No buffer space
available"
I think the kernel socket receive buffer queue should be increased. The default
value is taken from:
"/proc/sys/net/core/rmem_default", but we can overwrite it using SO_RCVBUF
socket option.
This is already done in networkd for other sockets.
For example, the bus socket (sd-bus/bus-socket.c) has a receive queue of 8MB.
In our case, the default is 208KB.
Increasing the buffer receive queue for manager socket to 512KB should be enough
to get rid of the above error.
[tomegun: bump the limit even higher to 8M]
Also:
- adds support for euid, suid, fsuid, egid, sgid, fsgid fields.
- makes augmentation of creds with data from /proc explicitly
controllable to give apps better control over this, given that this is
racy.
- enables augmentation for kdbus connections (previously we only did it
for dbus1). This is useful since with recent kdbus versions it is
possible for clients to control the metadata they want to send.
- changes sd_bus_query_sender_privilege() to take the euid of the client
into consideration, if known
- when we don't have permissions to read augmentation data from /proc,
don't fail, just don't add the data in
The client identifier can be in many different formats, not just
the one that systemd creates from the Ethernet MAC address. Non-
ethernet interfaces may have different client IDs formats. Users
may also have custom client IDs that the wish to use to preserve
lease options delivered by servers configured with the existing
client ID.
In kdbus a "server id" is mostly a misnomer, as there isn't any "server"
involved anymore. Let's rename this to "owner" id hence, since it is an
ID that is picked by the owner of a bus or direct connection. This
matches nicely the sd_bus_get_owner_creds() call we already have.
This library negotiates a PPPoE channel. It handles the discovery stage and
leaves the session stage to the kernel. A further PPP library is needed to
actually set up a PPP unit (negotatie LCP, IPCP and do authentication), so in
isolation this is not yet very useful.
The test program has two modes:
# ./test-pppoe
will create a veth tunnel in a new network namespace, start pppoe-server on one
end and this client library on the other. The pppd server will time out as no
LCP is performed, and the client will then shut down gracefully.
# ./test-pppoe eth0
will run the client on eth0 (or any other netdev), and requires a PPPoE server
to be reachable on the local link.
__attribute__((used)) is not enough to force static variables to
be carried over to a compiled program from a library. Mappings defined
in libsystemd-shared.a were not visible in the compiled binaries.
To ensure that the mappings are present in the final binary, the
tables are made non-static and are given a real unique name by which
they can be referenced.
To use a mapping defined not in the local compilation unit (e.g. in
a library) a reference to the mapping table is added. This is done
by including a declaration in the header file.
Expected values in test-engine are fixed to reflect the new mappings.
While GNOME/KDE are generally capitalized, systemd tools generally are
not, hence let's not start doing so in the XDG_CURRENT_SESSION
environment variable.
Clean up the function namespace by renaming the following:
sd_bus_get_owner_uid() → sd_bus_get_name_creds_uid()
sd_bus_get_owner_machine_id() → sd_bus_get_name_machine_id()
sd_bus_get_peer_creds() → sd_bus_get_owner_creds()
Like Infiniband. See RFC 4390 section 2.1 for details on DHCP
and Infiniband; chaddr is zeroed, hlen is set to 0, and htype
is set to ARPHRD_INFINIBAND because IB hardware addresses
are 20 bytes in length.
The caller may have an existing DUID that it wants to use, and may
want to use some other DUID generation scheme than systemd's
default DUID-EN.
[tomegun: whitespace - we never use tabs]
The desktop brand is stored as DESKTOP variable for sessions. It can be
set arbitrarily by the session owner and identifies the desktop
environment that is running on that session.
This will allow sd-event to be integrated into an external event loop, which
in turn will allow (say) glib-based applications to use our various libraries,
without manually integrating each of them (bus, rtnl, dhcp, ...).
The external event-loop should integrate sd-event int he following way:
Every iteration must start with a call to sd_event_prepare(), which will
return 0 if no event sources are ready to be processed, a positive value if
they are and a negative value on error. sd_event_prepare() may only be called
following sd_event_dispatch(); a call to sd_event_wait() indicating that no
sources are ready to be dispatched; or a failed call to sd_event_dispatch() or
sd_event_wait().
A successful call to sd_event_prepare() indicating that no event sources are
ready to be dispatched must be followed by a call to sd_event_wait(),
which will return 0 if it timed out without event sources being ready to
be processed, a negative value on error and a positive value otherwise.
sd_event_wait() may only be called following a successful call to
sd_event_prepare() indicating that no event sources are ready to be dispatched.
If sd_event_wait() indicates that some events sources are ready to be
dispatched, it must be followed by a call to sd_event_dispatch(). This
is the only time sd_event_dispatch() may be called.
Remove the sd_ prefix from internal functions and get rid of the sd_memfd
type. As a memfd is now just a native file descriptor, we can get rid of our
own wrapper type, and also use close() and dup() on them directly.
This is a generalization of the vtable privilege check we already have,
but exported, and hence useful when preparing for a polkit change.
This will deal with the complexity that on dbus1 one cannot trust the
capability field we retrieve via the bus, since it is read via
/proc/$$/stat (and thus might be out-of-date) rather than directly from
the message (like on kdbus) or bus connection (as for uid creds on
dbus1).
Also, port over all code to this new API.
For now this only exposes the domain name (DHCP Option 15), and not
the search string (DHCP Option 119), which will be implemented in
a follow-up patch.
This is the state when we are waiting for udev to initialize the device, and waiting for
libudev and rtnl to be in sync. In the future we probably will also be waiting for nl80211.
At this point we do not yet have enough information to know whether or not networkd should
be handling the device.
The networkd should abstract the difference between DHCP supplied and
configured data, and hence the DHCP lease concept should not exposed on
the client side.
Should we want to support arbitrary DHCP fields one day, we can add a
new sd_network_get_link_dhcp_field() call or so.
In the long run this should become a full fledged client to networkd
(but not before networkd learns bus support). For now, just pull
interesting data out of networkd, udev, and rtnl and present it to the
user, in a simple but useful output.
This avoids having to distinguish between IPv4 and IPv6, allowing us
to keep their internal orderings. The consumers now has to turn the
strings into addresses.
All routes added by networkd are currently set RTPROT_BOOT, which according
to the kernel means "Route installed during boot" (rtnetlink.h). But this
is not always the case as networkd changes routing after boot too. Since
the kernel gives more detailed protocols, use them.
With this patch, user-configured static routes now use RTPROT_STATIC (which
they are) and DHCP routes use RTPROT_DHCP. There is no define for IPv4LL
yet, so those are installed as RTPROT_STATIC (though perhaps RTPROT_RA is
better?).
[tomegun: fixup
src/network/networkd-link.c:972:33: error: too few arguments to function 'route_new_dynamic']
Let's settle on a single type for all address family values, even if
UNIX is very inconsitent on the precise type otherwise. Given that
socket() is the primary entrypoint for the sockets API, and that uses
"int", and "int" is relatively simple and generic, we settle on "int"
for this.
Do not expose link_is_loopback, people should just get this from rtnl directly.
Do not expose NTP servers as IP addresses, these must be strings.
Expose ifindex as int, not unsigned. This is what the kernel (mostly) and glibc uses.
As long as the number of array entries is relatively small it's nicer to
simply return the number of entries directly, instead of using a size_t*
return parameter for it.
Constructors should return the object they created as first parameter,
except when they are generated as a child/member object of some other
object in which case that should be first.
Let's turn resolved into a something truly useful: a fully asynchronous
DNS stub resolver that subscribes to network changes.
(More to come: caching, LLMNR, mDNS/DNS-SD, DNSSEC, IDN, NSS module)