summaryrefslogtreecommitdiff
path: root/src/shared/socket-util.c
diff options
context:
space:
mode:
authorKay Sievers <kay@vrfy.org>2012-04-11 12:30:53 +0200
committerKay Sievers <kay@vrfy.org>2012-04-11 12:49:00 +0200
commitcc527a4734d636f1ab5a66576cb7e232af3cc261 (patch)
treee94d4c19af3b29d0310cb5220f795e391b59bf7f /src/shared/socket-util.c
parent6ac405b493feb1041a9f83561323b642d84381a7 (diff)
split selinux label operations out of cgroup-util, socket-util
This prevents linking of selinux and libdl for another 15 binaries.
Diffstat (limited to 'src/shared/socket-util.c')
-rw-r--r--src/shared/socket-util.c104
1 files changed, 0 insertions, 104 deletions
diff --git a/src/shared/socket-util.c b/src/shared/socket-util.c
index 554f8ac965..618c928f06 100644
--- a/src/shared/socket-util.c
+++ b/src/shared/socket-util.c
@@ -37,7 +37,6 @@
#include "mkdir.h"
#include "socket-util.h"
#include "missing.h"
-#include "label.h"
int socket_address_parse(SocketAddress *a, const char *s) {
int r;
@@ -384,109 +383,6 @@ int socket_address_print(const SocketAddress *a, char **p) {
}
}
-int socket_address_listen(
- const SocketAddress *a,
- int backlog,
- SocketAddressBindIPv6Only only,
- const char *bind_to_device,
- bool free_bind,
- bool transparent,
- mode_t directory_mode,
- mode_t socket_mode,
- const char *label,
- int *ret) {
-
- int r, fd, one;
- assert(a);
- assert(ret);
-
- if ((r = socket_address_verify(a)) < 0)
- return r;
-
- if (socket_address_family(a) == AF_INET6 && !socket_ipv6_is_supported())
- return -EAFNOSUPPORT;
-
- r = label_socket_set(label);
- if (r < 0)
- return r;
-
- fd = socket(socket_address_family(a), a->type | SOCK_NONBLOCK | SOCK_CLOEXEC, a->protocol);
- r = fd < 0 ? -errno : 0;
-
- label_socket_clear();
-
- if (r < 0)
- return r;
-
- if (socket_address_family(a) == AF_INET6 && only != SOCKET_ADDRESS_DEFAULT) {
- int flag = only == SOCKET_ADDRESS_IPV6_ONLY;
-
- if (setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &flag, sizeof(flag)) < 0)
- goto fail;
- }
-
- if (socket_address_family(a) == AF_INET || socket_address_family(a) == AF_INET6) {
- if (bind_to_device)
- if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, bind_to_device, strlen(bind_to_device)+1) < 0)
- goto fail;
-
- if (free_bind) {
- one = 1;
- if (setsockopt(fd, IPPROTO_IP, IP_FREEBIND, &one, sizeof(one)) < 0)
- log_warning("IP_FREEBIND failed: %m");
- }
-
- if (transparent) {
- one = 1;
- if (setsockopt(fd, IPPROTO_IP, IP_TRANSPARENT, &one, sizeof(one)) < 0)
- log_warning("IP_TRANSPARENT failed: %m");
- }
- }
-
- one = 1;
- if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)) < 0)
- goto fail;
-
- if (socket_address_family(a) == AF_UNIX && a->sockaddr.un.sun_path[0] != 0) {
- mode_t old_mask;
-
- /* Create parents */
- mkdir_parents(a->sockaddr.un.sun_path, directory_mode);
-
- /* Enforce the right access mode for the socket*/
- old_mask = umask(~ socket_mode);
-
- /* Include the original umask in our mask */
- umask(~socket_mode | old_mask);
-
- r = label_bind(fd, &a->sockaddr.sa, a->size);
-
- if (r < 0 && errno == EADDRINUSE) {
- /* Unlink and try again */
- unlink(a->sockaddr.un.sun_path);
- r = bind(fd, &a->sockaddr.sa, a->size);
- }
-
- umask(old_mask);
- } else
- r = bind(fd, &a->sockaddr.sa, a->size);
-
- if (r < 0)
- goto fail;
-
- if (socket_address_can_accept(a))
- if (listen(fd, backlog) < 0)
- goto fail;
-
- *ret = fd;
- return 0;
-
-fail:
- r = -errno;
- close_nointr_nofail(fd);
- return r;
-}
-
bool socket_address_can_accept(const SocketAddress *a) {
assert(a);