| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Fixes: 59db98fb941c ("stream: Add basic stream service for systemd sockets")
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows systemd socket activation by passing URIs such as systemd://foo
to plugins such as VICI.
For example setting charon.plugins.vici.socket = systemd://vici, a
systemd socket file descriptor with the name "vici" will be picked up.
So these would be the corresponding unit options:
[Socket]
FileDescriptorName=vici
Service=strongswan.service
ListenStream=/run/charon.vici
The implementation currently is very basic and right now only the first
file descriptor for a particular identifier is picked up if there are
multiple socket units with the same FileDescriptorName.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Closes strongswan/strongswan#79.
|
| |
|
|
|
|
|
|
| |
In the previous implementation queued jobs could prevent a service from
getting destroyed. This could have lead to a deadlock when the
processor is cancelled. Now destroy() still blocks, but waits only for
actually running tasks. The service instance is reference counted so that
queued jobs can safely be destroyed.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Calling on_accept() sometimes lead to deadlocks when service->destroy()
was called concurrently. That is, two threads waiting in on_accept() but
the last worker would only wake one due to the call to signal(). Calling
broadcast() wouldn't help either as that could lead to crashes if the thread
that called destroy() is woken first.
This is also more efficient as a constant pool of concurrent workers can
be maintained, otherwise peaks at the limit were followed by only a single
worker being active.
|
| |
|
|
|
|
| |
This allows us to disable Unix sockets cleanly on Windows. Replaces some
read/write calls with recv/send counterparts, as Winsock does not like
read/writes.
|
| |
|
|
|
|
|
|
|
| |
While it really would be desirable to allow stream destruction during on_read()
callbacks, this does not work anymore since e49b2998. Until we have a proper
solution for this issue, use asynchronous disconnects for the only user doing
so.
Fixes #518.
|
| |
|
|
|
|
|
|
|
|
|
| |
When changing async callbacks on streams, we have to make sure the watcher
callback is not currently active and has temporarily disabled callbacks. This
could have been the case, as we didn't explicitly removed any pending
watcher registration if both callbacks are NULL.
By enforcing the watcher unregistration, we are sure the watcher callback is
not active and currently is not mangling the callback hooks. This should make
sure we avoid any races for the callback variables.
|
| |
|
|
|
|
| |
Due to the previous negation the high bits of the mask were set, which
at least some versions of the Android build system prevent with a compile-time
check.
|
| | |
|
| |
|
|
|
| |
A plugin service can be a TCP socket now, so it does not make much sense
to strictly check for CAP_CHOWN.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
It does not make much sense to reference running services in the manager,
especially as unregistration would need the URI (which a user would have to
store instead of the service reference).
|
| |
|
|
|
| |
While this will complicate the implementation of streams not based on a fd,
it allows us to unleash the full power of FILE based convenience functions.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
|
|
Currently only synchronous operation is supported, but this will be extended
with asynchronous methods using the new watcher.
|
