Age | Commit message (Collapse) | Author |
|
A fix for #2678
|
|
Make sure we propagate errors properly.
|
|
normalization success
After all, we verify that every calendar part is not out of bounds later on,
and it's fully OK if the normalization has no effect.
|
|
Perform journal offlines asynchronously when possible
|
|
udev-rules cleanup and coverity warning silencing
|
|
|
|
Also downgrade non-fatal warnings to log_warning.
Previously rule_add_key() would check the output array and log a cryptic
error and return -1. Most of the time the return value was ignored. This
does not seems right, because the buffer can overflow with enough rules.
It would also check if we have enough space for the *next* rule, even if
there might be not next rule, i.e. off-by-one.
Replace this with a check that we have enough space for a next rule before
we start parsing.
Normally using macros to alter flow is not allowed, but in this case I
think it is worth it, because it allows lots of boilerplate code to be
removed and hides repeated boring parameters, making function logic much
easier to follow.
|
|
If the attribute wasn't found, the last filename looked at was returned in
the input/output argument. This just seems bad style.
The return value was ignored, so change function to return void.
|
|
|
|
CID #1313566.
Also, change the return value to void, because it is ignored anyway.
|
|
set_iterate sets the output argument to NULL on error, and the return
value is not used in this case.
CID #1306804-09.
|
|
CID #1320855.
|
|
coverity seems to think that our siphash code can read past the
end of a short buffer. Add a test which adds very short buffers
with different combinations of length to the hash. Hashing is done
twice, once with zeros following "data", and once with some other
bytes following "data". The two results are then compared to
verify that the result does not depend on bytes past the specified
data length.
(This test passes.)
|
|
Fix typo on systemd-resolved log message
|
|
|
|
When we rotate journals, we must set offline and close the current one,
but don't generally need to wait for this to complete.
Instead, we'll initiate an asynchronous offline via
journal_file_set_offline(oldfile, false), and add the file to a
per-server set of deferred closes to be closed later when they
won't block.
There's one complication however; journal_file_open() via
journal_file_verify_header() assumes that any writable journal in the
online state is the product of an unclean shutdown or other form of
corruption.
Thus there's a need for journal_file_open() to be aware of deferred
closes and synchronize with their completion when opening preexisting
journals for writing. To facilitate this the deferred closes set is
supplied to the journal_file_open() function where the deferred closes
may be closed synchronously before verifying the header in such
circumstances.
|
|
This adds a wait flag to journal_file_set_offline(), when false the offline is
performed asynchronously in a separate thread.
When wait is true, if an asynchronous offline is already in-progress it is
restarted and waited for. Otherwise the offline is performed synchronously
without the use of a thread.
journal_file_set_online() cancels or waits for the asynchronous offline to
complete if in-flight, depending on where in the offline process the thread
happens to be. If the thread is in the fsync() phase, it is cancelled and
waiting is unnecessary. Otherwise, the thread is joined before proceeding.
A new offline_state member is added to JournalFile which is used via
atomic operations for communicating between the offline thread and the
journal_file_set_{offline,online}() functions.
|
|
|
|
|
|
Coverity fixes
|
|
udev/path_id: correct segmentation fault due to missing NULL check
|
|
Fix typo in systemd-resolve man page
|
|
Running "udevadm test-builtin path_id /sys/devices/platform/" results
in a segmentation fault.
The problem is that udev_device_get_subsystem(dev) might return NULL
in a streq() call. Solve this problem by using streq_ptr() instead.
|
|
|
|
This is a cosmetic best-effort thing anyway.
|
|
CID #1351544, #1351545.
|
|
Include and internal struct member fixes.
|
|
Memleaks and ubsan
|
|
activate: fix -E option parsing
|
|
Better support for DANE, shell completion
|
|
Fixes #2658.
|
|
gcc thinks that multiplier might be unitialized. Split out the inner
loop to make the function easier to grok.
|
|
The test was failing at -O2+ with gcc 5.3 and 6.0.
"val1" == "val1" and "val1" != "val1" are both valid.
http://stackoverflow.com/questions/4843640/why-is-a-a-in-c
|
|
Various buffers were lost because finish_item() either consumed
the buffer or allocated a new one (if an entry with the same key existed).
The caller would simply forget the buffer in either case.
Also add a check for the case when a valid identifier is followed by
an empty body. We should not allow this.
Also be more consistent in error handling and always print an error
message.
|
|
Das ist verboten!
src/basic/strbuf.c:162:23: runtime error: null pointer passed as argument 2,
which is declared to never be null
|
|
|
|
|
|
alloc-util: extract overflow check into inline function
|
|
This patch contains a set of little cleanups for alloc-util.h:
1. The malloc_multiply(), realloc_multiply() and memdup_multiply()
functions check allocation related parameters on overflow. Let's
move them to the separate size_multiply_overflow() function for
simplicity, code duplication prevention and possible reuse in future.
2. use SIZE_MAX from stdlib instead of ((size_t) - 1) to be more
clear.
3. The 'a'/'b' variables are renamed to 'size' and 'need' to be
more clear.'
|
|
build-sys: allow wheel group name to be specified
|
|
v2:
- use /sys/class/net to list interfaces,
also copy the same code to systemd-nspawn
v3:
- do not propose "any" twice for --type
|
|
|
|
https://tools.ietf.org/html/rfc6698#section-2.2 says:
> The certificate association data field MUST be represented as a string
> of hexadecimal characters. Whitespace is allowed within the string of
> hexadecimal characters
|
|
$ systemd-resolve --tlsa fedoraproject.org
_443._tcp.fedoraproject.org IN TLSA 0 0 1 GUAL5bejH7czkXcAeJ0vCiRxwMnVBsDlBMBsFtfLF8A=
-- Cert. usage: CA constraint
-- Selector: Full Certificate
-- Matching type: SHA-256
$ systemd-resolve --tlsa=tcp fedoraproject.org:443
_443._tcp.fedoraproject.org IN TLSA 0 0 1 GUAL5bejH7czkXcAeJ0vCiRxwMnVBsDlBMBsFtfLF8A=
...
$ systemd-resolve --tlsa=udp fedoraproject.org
_443._udp.fedoraproject.org: resolve call failed: '_443._udp.fedoraproject.org' not found
v2:
- use uint16_t
- refuse port 0
|
|
Fix #2637 (doubled specifier expansion in ExecStart=)
|
|
build-sys: remove duplicated entry in tests
|
|
test-dns-domain should be built and run even without ENABLE_RESOLVED.
|
|
This reverts commit cb48dfca6a8bc15d9081651001a16bf51e03838a.
Exec*-settings resolve specifiers twice:
%%U -> config_parse_exec [cb48dfca6a8] -> %U -> service_spawn -> 0
Fixes #2637
|
|
Do not build tests that depend on resolved when it has been disabled
|
|
If ./configure --disable-resolved has been used, do not try to build
test-dns-packet and test-resolve-tables which depend on it.
Previously, the SOURCES, LIBS and LDADDs for these tests were made conditional
while the main rules for them weren't, causing build failures trying to build a
binary with no sources.
This was uncovered when trying to build udeb for systemd in CI, which uses
--disable-resolved for a minimal build, which uncovered the issue.
Fixes #2651.
|