shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-22 22:03:43 +03:00
Code
55,598 Commits 36 Branches 656 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Joan Bruguera 03692af607 resolved: Avoid multiple SSL writes per DoT packet 
In the DoT case, dns_stream_writev decomposed an iovec into multiple
dnstls_stream_write calls, which resulted in multiple SSL writes and multiple
TLS records. This can be checked from a network capture, e.g. using socat:
socat -v -x openssl-listen:853,reuseaddr,fork,cert=my.cert,key=my.key,verify=0 openssl:8.8.8.8:853

Instead, propagate the iovec as-is into the DoT handling code. For GnuTLS, the
library provides support for buffering ('corking') a record. OpenSSL has no
such facility, so we join the iovec into a single buffer then call SSL_write.

socat capture of `resolvectl -4 query --cache=no example.com` before the commit:

> 2022/01/30 13:35:52.194200  length=2 from=0 to=1
 00 28                                            .(
--
> 2022/01/30 13:35:52.194253  length=40 from=2 to=41
 1e b2 01 00 00 01 00 00 00 00 00 01 07 65 78 61  .............exa
 6d 70 6c 65 03 63 6f 6d 00 00 01 00 01 00 00 29  mple.com.......)
 ff e4 00 00 00 00 00 00                          ........
--
< 2022/01/30 13:35:52.232798  length=58 from=0 to=57
 00 38 1e b2 81 80 00 01 00 01 00 00 00 01 07 65  .8.............e
 78 61 6d 70 6c 65 03 63 6f 6d 00 00 01 00 01 c0  xample.com......
 0c 00 01 00 01 00 00 53 6f 00 04 5d b8 d8 22 00  .......So..]..".
 00 29 02 00 00 00 00 00 00 00                    .)........

socat capture of `resolvectl -4 query --cache=no example.com` after the commit:

> 2022/01/30 13:34:47.598099  length=42 from=504 to=545
 00 28 37 86 01 00 00 01 00 00 00 00 00 01 07 65  .(7............e
 78 61 6d 70 6c 65 03 63 6f 6d 00 00 01 00 01 00  xample.com......
 00 29 ff e4 00 00 00 00 00 00                    .)........
--
< 2022/01/30 13:34:47.613203  length=58 from=756 to=813
 00 38 37 86 81 80 00 01 00 01 00 00 00 01 07 65  .87............e
 78 61 6d 70 6c 65 03 63 6f 6d 00 00 01 00 01 c0  xample.com......
 0c 00 01 00 01 00 00 52 5e 00 04 5d b8 d8 22 00  .......R^..]..".
 00 29 02 00 00 00 00 00 00 00                    .)........

(cherry picked from commit aa892849d50e9dd5da03a628463ccf6c55ff1b44)
2022-03-18 02:36:10 +09:00
.github
mkosi: Remove Arch nspawn workaround
2022-03-05 21:03:32 +00:00
.lgtm/cpp-queries
ci: pack-ify our custom CodeQL queries and enable them in Actions
2021-12-07 14:57:09 +01:00
.semaphore
Change all fixed-path bash shebangs to /u/b/env bash outside test/
2021-12-12 21:13:50 +01:00
catalog
meson: do not use split() in file lists
2022-03-05 21:03:32 +00:00
coccinelle
Change all fixed-path bash shebangs to /u/b/env bash outside test/
2021-12-12 21:13:50 +01:00
docs
docs: swap Name and Partition Type UUID in header
2022-03-05 21:03:32 +00:00
factory/etc
pam: fix typo try_authtok → use_authtok
2021-05-12 12:14:17 +02:00
hwdb.d
meson: do not use split() in file lists
2022-03-05 21:03:32 +00:00
LICENSES
licensing: add a license file for the fonts we carry
2021-10-18 09:43:18 +02:00
man
core: do not return 'skipped' when Condition*= fail with StartUnitWithFlags()
2022-03-10 20:40:50 +00:00
mkosi.default.d
ci: check for failed services after boot
2021-12-10 10:25:43 +01:00
modprobe.d
meson: install the right README file in modprobe.d
2021-07-07 14:52:05 +02:00
network
network: dhcp-pd: add 6rd support
2021-12-07 20:33:16 +09:00
po
Update LINGUAS (#21499)
2021-11-25 20:24:00 +09:00
presets
units: enable systemd-network-generator by default
2021-12-16 09:49:39 +01:00
rules.d
meson: do not use split() in file lists
2022-03-05 21:03:32 +00:00
shell-completion
shell-completion: Add completion for systemd-analyze critical-chain
2021-12-14 10:27:49 +01:00
src
resolved: Avoid multiple SSL writes per DoT packet
2022-03-18 02:36:10 +09:00
sysctl.d
build: preserve correct mode when generating files via jinja2
2021-11-08 12:06:48 +00:00
sysusers.d
sysusers: avoid creating spurious "nobody" group
2021-11-30 16:16:25 +01:00
test
resolved: Test for DnsStream (plain TCP DNS and DoT)
2022-03-18 02:36:10 +09:00
tmpfiles.d
tmpfiles: split out config for systemd-resolve
2021-11-16 16:56:08 +01:00
tools
docs: swap Name and Partition Type UUID in header
2022-03-05 21:03:32 +00:00
units
unit: escape %
2022-03-05 21:03:32 +00:00
xorg
xorg/50-systemd-user: add a full license header
2021-10-01 14:45:00 +02:00
.clang-format
clang-format: we actually typically use 16ch continuation indentation
2022-03-05 21:03:32 +00:00
.ctags
editors: Prevent ctags from following symlinks
2019-02-15 11:01:20 -08:00
.dir-locals.el
scripts: use 4 space indentation
2019-04-12 08:30:31 +02:00
.editorconfig
editorconfig: set maximum line length to 109 for man/*.xml files
2021-09-30 13:45:34 +02:00
.gitattributes
gitattributes: introduce and use "generated" attribute
2021-10-18 09:42:55 +02:00
.gitignore
gitignore: remove patterns for build files in source dir
2021-12-08 09:52:31 +01:00
.lgtm.yml
ci: add a missing SPDX header
2021-12-07 14:15:04 +01:00
.mailmap
mailmap: two more names
2021-03-30 13:17:58 +02:00
.packit.yml
packit: drop unnumbered patches as well
2022-02-22 21:47:38 +00:00
.vimrc
scripts: use 4 space indentation
2019-04-12 08:30:31 +02:00
.ycm_extra_conf.py
ycm: add doc string for all the functions in configuration file
2017-11-29 13:21:49 -07:00
configure
tools: shellcheck-ify tool scripts
2021-09-30 12:27:06 +02:00
LICENSE.GPL2
relicense to LGPLv2.1 (with exceptions)
2012-04-12 00:24:39 +02:00
LICENSE.LGPL2.1
licence: remove references to old FSF address
2012-12-17 11:41:31 +01:00
Makefile
tree-wide: add spdx header on all scripts and helpers
2021-01-28 09:55:35 +01:00
meson_options.txt
boot, meson: allow statically linked build
2021-12-14 09:58:27 +09:00
meson.build
meson: Drop required libfdisk version to 2.32
2022-03-05 21:03:32 +00:00
mkosi.build
ci: check for failed services after boot
2021-12-10 10:25:43 +01:00
mkosi.postinst
ci: check for failed services after boot
2021-12-10 10:25:43 +01:00
NEWS
NEWS: adjust links to moved pages
2022-01-12 22:10:30 +01:00
README
meson: Drop required libfdisk version to 2.32
2022-03-05 21:03:32 +00:00
README.md
Fix loading of graphs
2021-12-14 15:27:25 +09:00
TODO
docs: use https:// for fd.o links
2022-01-12 22:10:51 +01:00

README.md

Systemd

System and Service Manager

Count of open issues over time Count of open pull requests over time Semaphore CI 2.0 Build Status
Coverity Scan Status
OSS-Fuzz Status
CIFuzz
CII Best Practices
Language Grade: C/C++
CentOS CI - CentOS 8
CentOS CI - Arch
CentOS CI - Arch (sanitizers)
Fossies codespell report
Coverage Status
Packaging status

Details

Most documentation is available on systemd's web site.

Assorted, older, general information about systemd can be found in the systemd Wiki.

Information about build requirements is provided in the README file.

Consult our NEWS file for information about what's new in the most recent systemd versions.

Please see the Code Map for information about this repository's layout and content.

Please see the Hacking guide for information on how to hack on systemd and test your modifications.

Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.

When preparing patches for systemd, please follow our Coding Style Guidelines.

If you are looking for support, please contact our mailing list or join our IRC channel.

Stable branches with backported patches are available in the stable repo.

Description
Backports of patch from systemd git to stable distributions
Readme 226 MiB
Languages
C 89.4%
Python 5.8%
Shell 2.1%
Meson 1.3%
HTML 0.9%
Other 0.4%