* more details.
*
* You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc., 51
- * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * this program. If not, see <https://www.gnu.org/licenses/>.
*/
#include <errno.h>
#include <fcntl.h>
#include <getopt.h>
+#include <inttypes.h>
#include <signal.h>
+#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include <unistd.h>
+#include "config.h"
+
+#ifdef HAVE_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
+
#include "charfuncs.h"
#include "cleanup.h"
#include "keyd.h"
/* Maximum number of clients we're prepared to accept at once */
#define MAX_CLIENTS 16
+#ifdef HAVE_SYSTEMD
+static bool using_socket_activation = false;
+#endif
+
static struct keyd_stats *stats;
static void daemonize(void)
struct sockaddr_un sock;
int fd = -1;
int ret = -1;
+#ifdef HAVE_SYSTEMD
+ int n;
- fd = socket(PF_UNIX, SOCK_STREAM, 0);
- if (fd != -1) {
- ret = fcntl(fd, F_SETFD, FD_CLOEXEC);
- }
+ n = sd_listen_fds(0);
+ if (n > 1) {
+ logthing(LOGTHING_ERROR,
+ "Too many file descriptors received from systemd.");
+ } else if (n == 1) {
+ fd = SD_LISTEN_FDS_START + 0;
+ if (sd_is_socket_unix(fd, SOCK_STREAM, 1, NULL, 0) <= 0) {
+ logthing(LOGTHING_ERROR,
+ "systemd passed an invalid socket.");
+ fd = -1;
+ }
+ using_socket_activation = true;
+ } else {
+#endif
+ fd = socket(PF_UNIX, SOCK_STREAM, 0);
+ if (fd != -1) {
+ ret = fcntl(fd, F_SETFD, FD_CLOEXEC);
+ }
- if (ret != -1) {
- sock.sun_family = AF_UNIX;
- strncpy(sock.sun_path, sockname, sizeof(sock.sun_path) - 1);
- unlink(sockname);
- ret = bind(fd, (struct sockaddr *) &sock, sizeof(sock));
- }
+ if (ret != -1) {
+ sock.sun_family = AF_UNIX;
+ strncpy(sock.sun_path, sockname,
+ sizeof(sock.sun_path) - 1);
+ unlink(sockname);
+ ret = bind(fd, (struct sockaddr *) &sock,
+ sizeof(sock));
+ }
- if (ret != -1) {
- ret = listen(fd, 5);
- if (ret == -1) {
- close(fd);
- fd = -1;
+ if (ret != -1) {
+ ret = listen(fd, 5);
+ if (ret == -1) {
+ close(fd);
+ fd = -1;
+ }
}
+#ifdef HAVE_SYSTEMD
}
+#endif
return fd;
}
}
break;
case KEYD_CMD_STORE:
+ case KEYD_CMD_UPDATE:
if (!keyd_write_reply(fd, KEYD_REPLY_OK)) {
ret = 1;
}
&packets,
0);
parse_keys(packets, &key);
- dbctx->store_key(dbctx, key, false, false);
+ dbctx->store_key(dbctx, key, false,
+ (cmd == KEYD_CMD_UPDATE));
free_packet_list(packets);
packets = NULL;
free_publickey(key);
int main(int argc, char *argv[])
{
int fd = -1, maxfd, i, clients[MAX_CLIENTS];
- fd_set rfds;
- char sockname[1024];
+ fd_set rfds = { 0 }; /* Avoid scan-build false report for FD_SET */
+ char sockname[100];
char *configfile = NULL;
bool foreground = false;
int optchar;
}
stats->started = time(NULL);
- snprintf(sockname, 1023, "%s/%s", config.db_dir, KEYD_SOCKET);
+ snprintf(sockname, sizeof(sockname) - 1, "%s/%s",
+ config.sock_dir, KEYD_SOCKET);
fd = sock_init(sockname);
if (fd != -1) {
maxfd = fd;
memset(clients, -1, sizeof (clients));
- dbctx = config.dbinit(false);
+ dbctx = config.dbinit(config.backend, false);
logthing(LOGTHING_NOTICE, "Accepting connections.");
while (!cleanup() && select(maxfd + 1, &rfds, NULL, NULL, NULL) != -1) {
}
}
dbctx->cleanupdb(dbctx);
- sock_close(fd);
- unlink(sockname);
+#ifdef HAVE_SYSTEMD
+ if (!using_socket_activation) {
+#endif
+ sock_close(fd);
+ unlink(sockname);
+#ifdef HAVE_SYSTEMD
+ }
+#endif
}
free(stats);
projects / onak.git / blobdiff