summaryrefslogtreecommitdiff
path: root/src/libsystemd
AgeCommit message (Collapse)Author
2016-01-12sd-event: minor fixups to delays profiling changesVito Caputo
2016-01-12Merge pull request #2147 from vcaputo/sd-event-measure-latenciesLennart Poettering
sd-event: instrument sd_event_run() for profiling delays
2016-01-12sd-event: instrument sd_event_run() for profiling delaysVito Caputo
Set SD_EVENT_PROFILE_DELAYS to activate accounting and periodic logging of the distribution of delays between sd_event_run() calls. Time spent in dispatching as well as time spent outside of sd_event_run() is measured and accounted for. Every 5 seconds a logarithmic histogram loop iteration delays since 5 seconds previous is logged. This is useful in identifying the frequency and magnitude of latencies affecting the event loop, which should be kept to a minimum.
2016-01-12tree-wide: use xsprintf() where applicableDaniel Mack
Also add a coccinelle receipt to help with such transitions.
2016-01-11resolved: don't attempt to send queries for DNSSEC RR types to servers not ↵Lennart Poettering
supporting them If we already degraded the feature level below DO don't bother with sending requests for DS, DNSKEY, RRSIG, NSEC, NSEC3 or NSEC3PARAM RRs. After all, we cannot do DNSSEC validation then anyway, and we better not press a legacy server like this with such modern concepts. This also has the benefit that when we try to validate a response we received using DNSSEC, and we detect a limited server support level while doing so, all further auxiliary DNSSEC queries will fail right-away.
2016-01-10sd-netlink: fix assertDaniel Mack
nl->fd can be 0.
2016-01-07Merge pull request #2285 from evverx/fix-test-resolveDaniel Mack
tests: test-resolve: wait until all queries are completed
2016-01-07tests: test-resolve: wait until all queries are completedEvgeny Vereshchagin
This is a follow-up for 4a134c4903dbf6ef6c6a Fixes: $ ./test-resolve 209.132.183.105:80 209.132.183.105:80 canonical name: n/a 193.99.144.85:0 [2a02:2e0:3fe:1001:7777:772e:2:85]:0 canonical name: www.heise.de Host: web.heise.de -- Serv: http $ ./test-resolve 193.99.144.85:0 [2a02:2e0:3fe:1001:7777:772e:2:85]:0 canonical name: www.heise.de Host: web.heise.de -- Serv: http $ ./test-resolve ...
2016-01-07Merge pull request #2276 from poettering/dnssec12Tom Gundersen
Twelfth DNSSEC PR
2016-01-06resolved: introduce support for per-interface negative trust anchorsLennart Poettering
2016-01-05resolved,networkd: add a per-interface DNSSEC settingLennart Poettering
This adds a DNSSEC= setting to .network files, and makes resolved honour them.
2016-01-05networkd,resolved: add a per-interface mdns configuration optionLennart Poettering
2016-01-05sd-network: unify parsing of /run/systemd/netif/links/* string fieldsLennart Poettering
2016-01-05tests: use sd_bus_flush_close_unref instead of sd_bus_unref in test-bus-cleanupEvgeny Vereshchagin
Fixes: $ make valgrind-tests TESTS=test-bus-cleanup ==6363== 9 bytes in 1 blocks are possibly lost in loss record 1 of 28 ==6363== at 0x4C2BBCF: malloc (vg_replace_malloc.c:299) ==6363== by 0x197D12: hexmem (hexdecoct.c:79) ==6363== by 0x183083: bus_socket_start_auth_client (bus-socket.c:639) ==6363== by 0x1832A0: bus_socket_start_auth (bus-socket.c:678) ==6363== by 0x183438: bus_socket_connect (bus-socket.c:705) ==6363== by 0x14B0F2: bus_start_address (sd-bus.c:1053) ==6363== by 0x14B592: sd_bus_start (sd-bus.c:1134) ==6363== by 0x14B95E: sd_bus_open_system (sd-bus.c:1235) ==6363== by 0x1127E2: test_bus_open (test-bus-cleanup.c:42) ==6363== by 0x112AAE: main (test-bus-cleanup.c:87) ==6363== ... $ ./libtool --mode=execute valgrind ./test-bus-cleanup ==6584== LEAK SUMMARY: ... ==6584== possibly lost: 10,566 bytes in 27 blocks
2016-01-04resolved: explicitly handle case when the trust anchor is emptyLennart Poettering
Since we honour RFC5011 revoked keys it might happen we end up with an empty trust anchor, or one where there's no entry for the root left. With this patch the logic is changed what to do in this case. Before this patch we'd end up requesting the root DS, which returns with NODATA but a signed NSEC we cannot verify, since the trust anchor is empty after all. Thus we'd return a DNSSEC result of "missing-key", as we lack a verified version of the key. With this patch in place, look-ups for the root DS are explicitly recognized, and not passed on to the DNS servers. Instead, if downgrade-ok mode is on an unsigned NODATA response is synthesized, so that the validator code continues under the assumption the root zone was unsigned. If downgrade-ok mode is off a new transaction failure is generated, that makes this case recognizable.
2016-01-04resolved: introduce a proper bus error for DNSSEC validation errorsLennart Poettering
2016-01-01Merge pull request #2241 from poettering/dnssec9Tom Gundersen
Ninth DNSSEC patch set
2015-12-29resolved: properly handle SRV RRs with the DNS root as hostnameLennart Poettering
2015-12-29resolved: add errno mapping for BUS_ERROR_CONNECTION_FAILURELennart Poettering
This was missing when the error type was added in ac720200b7e5b80cc4985087e38f3452e5b3b080.
2015-12-29resolved: change mapping of BUS_ERROR_NO_NAME_SERVERS to ESRCHLennart Poettering
EIO is really too generic, and indicates transmission problems.
2015-12-29tests: fix memory leak in test-bus-marshalEvgeny Vereshchagin
Fixes: ``` $ ./configure ... --enable-dbus $ make $ make valgrind-tests TESTS=test-bus-marshal ... ==25301== 51 bytes in 1 blocks are definitely lost in loss record 7 of 18 ==25301== at 0x4C2DD9F: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==25301== by 0x5496B8C: ??? (in /lib/x86_64-linux-gnu/libdbus-1.so.3.14.3) ==25301== by 0x54973E3: _dbus_string_append_printf_valist (in /lib/x86_64-linux-gnu/libdbus-1.so.3.14.3) ==25301== by 0x547E5C2: _dbus_set_error_valist (in /lib/x86_64-linux-gnu/libdbus-1.so.3.14.3) ==25301== by 0x547E73E: dbus_set_error (in /lib/x86_64-linux-gnu/libdbus-1.so.3.14.3) ==25301== by 0x548969A: dbus_message_demarshal (in /lib/x86_64-linux-gnu/libdbus-1.so.3.14.3) ==25301== by 0x115C1A: main (test-bus-marshal.c:244) ==25301== ```
2015-12-26resolved: generate an explicit transaction error when we cannot reach server ↵Lennart Poettering
via TCP Previously, if we couldn't reach a server via UDP we'd generate an MAX_ATTEMPTS transaction result, but if we couldn't reach it via TCP we'd generate a RESOURCES transaction result. While it is OK to generate two different errors I think, "RESOURCES" is certainly a misnomer. Introduce a new transaction result "CONNECTION_FAILURE" instead.
2015-12-21sd-event: improve debugging of event source errorsDaniel Mack
Printing the pointer variable really doesn't help, so drop that. Instead, add a string lookup table for the EventSourceType enum, and print the type of event source in case of errors.
2015-12-02tests: turn check if manager cannot be intialized into macroZbigniew Jędrzejewski-Szmek
We need to check the same thing in multiple tests. Use a shared macro to make it easier to update the list of errnos. Change the errno code for "unitialized cgroup fs" for ENOMEDIUM. Exec format error looks like something more serious. This fixes test-execute invocation in mock.
2015-11-27selinux: split up mac_selinux_have() from mac_selinux_use()Lennart Poettering
Let's distuingish the cases where our code takes an active role in selinux management, or just passively reports whatever selinux properties are set. mac_selinux_have() now checks whether selinux is around for the passive stuff, and mac_selinux_use() for the active stuff. The latter checks the former, plus also checks UID == 0, under the assumption that only when we run priviliged selinux management really makes sense. Fixes: #1941
2015-11-27tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easyLennart Poettering
GLIB has recently started to officially support the gcc cleanup attribute in its public API, hence let's do the same for our APIs. With this patch we'll define an xyz_unrefp() call for each public xyz_unref() call, to make it easy to use inside a __attribute__((cleanup())) expression. Then, all code is ported over to make use of this. The new calls are also documented in the man pages, with examples how to use them (well, I only added docs where the _unref() call itself already had docs, and the examples, only cover sd_bus_unrefp() and sd_event_unrefp()). This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we tend to call our destructors these days. Note that this defines no public macro that wraps gcc's attribute and makes it easier to use. While I think it's our duty in the library to make our stuff easy to use, I figure it's not our duty to make gcc's own features easy to use on its own. Most likely, client code which wants to make use of this should define its own: #define _cleanup_(function) __attribute__((cleanup(function))) Or similar, to make the gcc feature easier to use. Making this logic public has the benefit that we can remove three header files whose only purpose was to define these functions internally. See #2008.
2015-11-23tests: add sd_event_now to test_basicEvgeny Vereshchagin
2015-11-22tests: add missing sd_event_add_post to test_basicEvgeny Vereshchagin
2015-11-22tests: check exit handler invocationEvgeny Vereshchagin
2015-11-22sd-event: use prioq_ensure_allocated where possibleEvgeny Vereshchagin
2015-11-19sd-event: define a new PREPARING stateLennart Poettering
We already have a state RUNNING and EXITING when we dispatch regular and exit callbacks. Let's introduce a new state called PREPARING that is active while we invoke preparation callbacks. This way we have a state each for all three kinds of event handlers. The states are currently not documented, hence let's add a new state to the end, before we start documenting this.
2015-11-19sd-event: make _ref() calls NOPs when NULL is passed to themLennart Poettering
Let's make _ref() calls happy when NULL is passed to them, and simply return NULL without any assertion logic. This makes them nicely symmetric to the _unref() calls which also are happy to take NULL and become NOPs then.
2015-11-18tree-wide: sort includes in *.hThomas Hindoe Paaboel Andersen
This is a continuation of the previous include sort patch, which only sorted for .c files.
2015-11-17tree-wide: use right cast macros for UIDs, GIDs and PIDsLennart Poettering
2015-11-17Merge pull request #1923 from zonque/siphashLennart Poettering
siphash24: let siphash24_finalize() and siphash24() return the result…
2015-11-16siphash24: let siphash24_finalize() and siphash24() return the result directlyDaniel Mack
Rather than passing a pointer to return the result, return it directly from the function calls. Also, return the result in native endianess, and let the callers care about the conversion. For hash tables and bloom filters, we don't care, but in order to keep MAC addresses and DHCP client IDs stable, we explicitly convert to LE.
2015-11-16tree-wide: sort includesThomas Hindoe Paaboel Andersen
Sort the includes accoding to the new coding style.
2015-11-16tree-wide: add missing includesThomas Hindoe Paaboel Andersen
Add a few includes that we rely on to be include already.
2015-11-16siphash24: change result argument to uint64_tMartin Pitt
Change the "out" parameter from uint8_t[8] to uint64_t. On architectures which enforce pointer alignment this fixes crashes when we previously cast an unaligned array to uint64_t*, and on others this should at least improve performance as the compiler now aligns these properly. This also simplifies the code in most cases by getting rid of typecasts. The only place which we can't change is struct duid's en.id, as that is _packed_ and public API, so we can't enforce alignment of the "id" field and have to use memcpy instead.
2015-11-11sd-netlink: add support for RTA_PREFTom Gundersen
2015-11-11sd-netlink: types - let tables be sized implicitlyTom Gundersen
This way we do not rely on the size MAX* constants from the kernel headers, as these will be out-of-sync in case we have old headers and new defines in missing.h.
2015-11-11sd-netlink: add sd_rtnl_message_route_{s,g}et_flags()Tom Gundersen
2015-11-11sd-bus: don't try to acquire connection selinux label unless selinux is ↵Lennart Poettering
actually enabled Otherwise we might end up mistaking a SMACK label for an selinux label. Also, fixes unexpect debug messages: http://lists.freedesktop.org/archives/systemd-devel/2015-November/034913.html
2015-11-09Merge pull request #1820 from michich/errno-v2Daniel Mack
[v2] treewide: treatment of errno and other cleanups
2015-11-06doc: correct punctuation and improve typography in documentationJan Engelhardt
2015-11-05sd-resolve: simplify pthread_join() callMichal Schmidt
POSIX says: The pthread_join() function shall not return an error code of [EINTR].
2015-11-04Merge pull request #1768 from vcaputo/sd-daemon-listen-fds-overflow-bisLennart Poettering
sd-daemon: fix potential LISTEN_FDS overflow in sd_listen_fds()
2015-11-03sd-daemon: fix potential LISTEN_FDS overflow in sd_listen_fds()Vito Caputo
2015-11-03sd-daemon: explicitly filter out -1 when parsing watchdog timeoutLennart Poettering
We already filter out 0, and as -1 is usually special (meaning infinity, as in USEC_INFINITY) we should better not accept it either. Better safe than sorry...
2015-11-03parse-util: introduce parse_ifindex() and make use of it everywhereLennart Poettering
We have enough places where we parse an ifindex, hence introduce a proper parsing function for it, that verifies all parameters.