From 7b1df75e3aad8a9a01cbbf2f2ff377cbc5a1ea4b Mon Sep 17 00:00:00 2001 From: Pascal Ernster Date: Sat, 30 Apr 2016 18:27:15 +0200 Subject: [PATCH 1/3] Fix compilation with systemd>=230 and for older systemd versions without compat-libs --- src/osflags | 1 + 1 file changed, 1 insertion(+) diff --git a/src/osflags b/src/osflags index 6af11aa..eb01101 100755 --- a/src/osflags +++ b/src/osflags @@ -20,6 +20,7 @@ link) FLAGS=""; [ -e /usr/include/selinux/selinux.h ] && FLAGS="$FLAGS -lselinux"; [ -e /usr/include/systemd/sd-daemon.h ] && FLAGS="$FLAGS $(pkg-config --libs libsystemd-daemon)"; + [ -e /usr/include/systemd/sd-daemon.h ] && FLAGS="$FLAGS $(pkg-config --libs libsystemd)"; echo $FLAGS; ;; esac From 4987aa536db069c9f687c2c85b325fc49756a0f2 Mon Sep 17 00:00:00 2001 From: Aleksei Fedotov Date: Mon, 9 May 2016 23:04:21 +0300 Subject: [PATCH 2/3] Add support for socket activation by ipv6 socket iodined may accept ipv4 and ipv6 sockets via systemd socket activation, we need to figure out type of sockets. --- src/iodined.c | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/src/iodined.c b/src/iodined.c index 659c9a7..2e6f7bf 100644 --- a/src/iodined.c +++ b/src/iodined.c @@ -2671,14 +2671,11 @@ main(int argc, char **argv) #ifdef HAVE_SYSTEMD nb_fds = sd_listen_fds(0); - if (nb_fds > 1) { + if (nb_fds < 0) { + warnx("Failed to receive file descriptors from systemd: %s", strerror(-nb_fds)); retval = 1; - warnx("Too many file descriptors received!\n"); goto cleanup; - } else if (nb_fds == 1) { - /* XXX: assume we get IPv4 socket */ - dns_fds.v4fd = SD_LISTEN_FDS_START; - } else { + } else if (nb_fds == 0) { #endif if ((addrfamily == AF_UNSPEC || addrfamily == AF_INET) && (dns_fds.v4fd = open_dns(&dns4addr, dns4addr_len)) < 0) { @@ -2694,6 +2691,25 @@ main(int argc, char **argv) goto cleanup; } #ifdef HAVE_SYSTEMD + } else if (nb_fds <= 2) { + /* systemd may pass up to two sockets, for ip4 and ip6, try to figure out + which is which */ + for (int i = 0; i < nb_fds; i++) { + int fd = SD_LISTEN_FDS_START + i; + if (sd_is_socket(fd, AF_INET, SOCK_DGRAM, -1)) { + dns_fds.v4fd = fd; + } else if (sd_is_socket(fd, AF_INET6, SOCK_DGRAM, -1)) { + dns_fds.v6fd = fd; + } else { + retval = 1; + warnx("Unknown socket %d passed to iodined!\n", fd); + goto cleanup; + } + } + } else { + retval = 1; + warnx("Too many file descriptors received!\n"); + goto cleanup; } #endif From 2edb879845b900a04b05ec555bdbde19f81c4a92 Mon Sep 17 00:00:00 2001 From: Aleksei Fedotov Date: Wed, 11 May 2016 00:15:33 +0300 Subject: [PATCH 3/3] Listen on two different sockets for ipv6 and ipv4 Option BindIPv6Only is needed to restrict ipv6 to sending IPv6 packets only, without it IPv6 socket can be used to send and receive packet to and from an IPv6 address or an IPv4-mapped IPv6 address. --- doc/iodine-server.socket | 2 ++ 1 file changed, 2 insertions(+) diff --git a/doc/iodine-server.socket b/doc/iodine-server.socket index d6c57b8..485181f 100644 --- a/doc/iodine-server.socket +++ b/doc/iodine-server.socket @@ -3,6 +3,8 @@ Description=Iodine socket [Socket] ListenDatagram=53 +ListenDatagram=0.0.0.0:53 +BindIPv6Only=ipv6-only [Install] WantedBy=sockets.target