Age | Commit message (Collapse) | Author |
|
resolved: minor improvements to RR handling
|
|
This implements the recommendations from RFC3597.
|
|
resolved: harden
|
|
This merges:
sd-netlink: respect attribute type flags
..fixing a conflict due to a typo fix.
|
|
Needed for DNSSEC.
|
|
|
|
We used to have one global socket, use one per transaction instead. This
has the side-effect of giving us a random UDP port per transaction, and
hence increasing the entropy and making cache poisoining significantly
harder to achieve.
We still reuse the same port number for packets belonging to the same
transaction (resent packets).
|
|
This improves the resilience against cache poisoning by being stricter
about only accepting responses that match precisely the requst they
are in reply to.
It should be noted that we still only use one port (which is picked
at random), rather than one port for each transaction. Port
randomization would improve things further, but is not required by
the RFC.
|
|
We want to discover information about the server and use that in when crafting
packets to be resent.
|
|
resolve-host: enable dbus-activation
|
|
We want to reference the servers from their active transactions, so make sure
they stay around as long as the transaction does.
|
|
Currently we only make sure our links can handle the size of the payload witohut
taking the headers into account.
|
|
This patch adds support to configure IFF_VNET_HDR flag
for a tap device. It allows whether sending and receiving
large pass larger (GSO) packets. This greatly increases the
achievable throughput.
|
|
As mandated by RFC4034.
|
|
Make all LLMNR related packet inspections conditional to p->protocol.
Use switch-case statements while at it, which will make future additions
more readable.
|
|
The C and T bits in the DNS packet header definitions are specific to LLMNR.
In regular DNS, they are called AA and RD instead. Reflect that by calling
the macros accordingly, and alias LLMNR specific macros.
While at it, define RA, AD and CD getters as well.
|
|
De-duplicate some magic numbers.
|
|
|
|
This adds support for option 43 (Vendor Specific Information) to
libsystemd-network DHCP code. The option carries an opaque object of n
octets, interpreted by vendor-specific code on the clients and
servers.
[@zonque: adopted to new unhexmem() API]
|
|
This implements RFC4648 for a slightly more compact representation of
binary data compared to hex (6 bits per character rather than 4).
|
|
We were ignoring failures from unhexchar, which meant that invalid
hex characters were being turned into garbage rather than the string
rejected.
Fix this by making unhexmem return an error code, also change the API
slightly, to return the size of the returned memory, reflecting the
fact that the memory is a binary blob,and not a string.
For convenience, still append a trailing NULL byte to the returned
memory (not included in the returned size), allowing callers to
treat it as a string without doing a second copy.
|
|
logind: bring bus policy up-to-date
|
|
We shouldn't fall over that, and just assume it is 0 in this case.
Fixes #499.
|
|
A while back we opened up all of logind's bus calls to unprivileged
users, via PK. However, the dbus1 policy wasn't updated accordingly.
With this change, the dbus1 policy is opened up for all bus calls that
should be available to unprivileged clients.
(also rearranges some calls in the vtable, to make more sense, and be in
line with the order in the bus policy file)
Fixes #471.
|
|
util: make sure we don't clobber errno in error path
|
|
basic: simplify path_is_mount_point() a bit
|
|
This removes two uses of the ternary operator.
|
|
|
|
core: include unit in path state transition debug logging.
|
|
|
|
Spell out the proper name. Use 'pos' over 'position', and also update the
logind state file to do the same. Note that this breaks live updates.
However, we only save 'POSITION' on non-seat0, so this shouldn't bother
anyone for real. If you run multi-seat setups, you better restart a
machine on updates, anyway.
|
|
Make sure a greeter can forcefully spawn a session on a VT that is
in-use. A recent patch prevented this (this used to be possible for all
session types) as it is highly fragile. However, as it turns out,
greeters seem to rely on that feature. Therefore, make sure we allow it
explicitly for greeters.
|
|
boot: use BUILD_ID if VERSION_ID is not available
|
|
sd-bus: include queried path in GetManagedObjects
|
|
|
|
sd-bus: sd_bus_slot_get_description() should return const strings
|
|
If GetManagedObjects is called on /foo/bar, then it should also include
the object /foo/bar, if it exists. Right now, we only include objects
underneath /foo/bar/.
This follows the behavior of existing dbus implementations.
Obsoletes #527 and fixes #525. Reported by: Nathaniel McCallum
|
|
According to os-release(5), VERSION_ID is not mandatory and BUILD_ID only
needs to be unique underneath VERSION_ID. Therefore, assuming a missing
VERSION_ID field means 'empty', we can rely on BUILD_ID to be unique.
Use BUILD_ID if VERSION_ID is not present. This way, rolling-release
distros can still provide a proper os-release entry without crafting
random VERSION_ID strings.
This fixes #186.
|
|
There is no guarantee that the os-release section contains each key only
once, nor any guarantee that all keys are present. Make sure we properly
free memory in both cases.
Not that it matters much, as we're short-living, anyway. But correct code
is always nicer to read..
|
|
Right now, systemd-resolve-host fails if resolved is not running.
However, resolved supports bus-activation (at least on kdbus) just fine.
Enable this so we can use resolve-host at all times.
This was disabled right from the beginning, without any comment why.
|
|
All other *_get_description() functions use 'const char**', so make sure
sd_bus_slot_get_description() does the same.
This changes API, but ABI stays stable. I think this is fine, but I
wouldn't mind bumping SONAME.
Reported in #528.
|
|
"systemctl daemon-reload" should also update the manager defaults from
/etc/systemd/system.conf.
For details, see:
http://lists.freedesktop.org/archives/systemd-devel/2015-June/033062.html
Amended to use manager_set_defaults() as common function.
|
|
|
|
property callback returns are consistent
|
|
fileio: consolidate write_string_file*()
|
|
resolved: fix marshalling of RRSIG records
|
|
journal-gatewayd: fix tmpfile logic
|
|
Remove python-systemd
|
|
It is no different to return 0 over 1 in the property
callback. It is confusing to return 1 which made me think
1 has a special purpose. This way code is consistent with
the rest of the tree.
|
|
The key tag is 16, not 8 bits.
|