diff options
| -rw-r--r-- | cmake/config.cmake | 1 | ||||
| -rw-r--r-- | cmake/deps.cmake | 10 | ||||
| -rw-r--r-- | examples/fastd@.service | 4 | ||||
| -rw-r--r-- | src/CMakeLists.txt | 10 | ||||
| -rw-r--r-- | src/fastd.c | 23 | ||||
| -rw-r--r-- | src/fastd_config.h.in | 1 |
6 files changed, 42 insertions, 7 deletions
diff --git a/cmake/config.cmake b/cmake/config.cmake index a678d4e..8390bf2 100644 --- a/cmake/config.cmake +++ b/cmake/config.cmake @@ -20,6 +20,7 @@ set(WITH_CAPABILITIES ${LINUX} CACHE BOOL "Include support for POSIX capabilitie set(ENABLE_LIBSODIUM FALSE CACHE BOOL "Use libsodium instead of NaCl") set(ENABLE_OPENSSL FALSE CACHE BOOL "Enable crypto implementations using OpenSSL") +set(ENABLE_SYSTEMD FALSE CACHE BOOL "Enable systemd support") set(WITH_CMDLINE_USER TRUE CACHE BOOL "Include support for setting user/group related options on the command line") set(WITH_CMDLINE_LOGGING TRUE CACHE BOOL "Include support for setting logging related options on the command line") diff --git a/cmake/deps.cmake b/cmake/deps.cmake index d9dff1e..98c7582 100644 --- a/cmake/deps.cmake +++ b/cmake/deps.cmake @@ -52,6 +52,16 @@ else(ENABLE_OPENSSL) set(OPENSSL_CRYPTO_LDFLAGS_OTHER "") endif(ENABLE_OPENSSL) +if(ENABLE_SYSTEMD) + pkg_check_modules(SYSTEMD_DAEMON REQUIRED libsystemd-daemon) +else(ENABLE_SYSTEMD) + set(SYSTEMD_DAEMON_INCLUDE_DIRS "") + set(SYSTEMD_DAEMON_CFLAGS_OTHER "") + set(SYSTEMD_DAEMON_LIBRARY_DIRS "") + set(SYSTEMD_DAEMON_LIBRARIES "") + set(SYSTEMD_DAEMON_LDFLAGS_OTHER "") +endif(ENABLE_SYSTEMD) + if(WITH_CAPABILITIES) find_package(CAP REQUIRED) diff --git a/examples/fastd@.service b/examples/fastd@.service index e46c47e..a09cef4 100644 --- a/examples/fastd@.service +++ b/examples/fastd@.service @@ -3,8 +3,8 @@ Description=Fast and Secure Tunnelling Daemon (connection %i) After=network.target [Service] -Type=forking -ExecStart=/usr/bin/fastd -c /etc/fastd/%i/fastd.conf --daemon +Type=notify +ExecStart=/usr/bin/fastd -c /etc/fastd/%i/fastd.conf ExecReload=/bin/kill -HUP $MAINPID [Install] diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index e7fb940..6ea65e8 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -1,8 +1,8 @@ set_directory_properties(PROPERTIES COMPILE_DEFINITIONS _GNU_SOURCE) -set(FASTD_CFLAGS "-pthread -std=c99 ${UECC_CFLAGS_OTHER} ${NACL_CFLAGS_OTHER} ${OPENSSL_CRYPTO_CFLAGS_OTHER} -Wall") +set(FASTD_CFLAGS "-pthread -std=c99 ${UECC_CFLAGS_OTHER} ${NACL_CFLAGS_OTHER} ${OPENSSL_CRYPTO_CFLAGS_OTHER} ${SYSTEMD_DAEMON_CFLAGS_OTHER} -Wall") include_directories(${FASTD_SOURCE_DIR} ${FASTD_BINARY_DIR}/src) -link_directories(${UECC_LIBRARY_DIRS} ${NACL_LIBRARY_DIRS} ${OPENSSL_CRYPTO_LIBRARY_DIRS}) +link_directories(${UECC_LIBRARY_DIRS} ${NACL_LIBRARY_DIRS} ${OPENSSL_CRYPTO_LIBRARY_DIRS} ${SYSTEMD_DAEMON_LIBRARY_DIRS}) include(generate_version) @@ -38,9 +38,9 @@ add_executable(fastd ${BISON_fastd_config_parse_OUTPUTS} ) set_property(TARGET fastd PROPERTY COMPILE_FLAGS "${FASTD_CFLAGS}") -set_property(TARGET fastd PROPERTY LINK_FLAGS "-pthread ${UECC_LDFLAGS_OTHER} ${NACL_LDFLAGS_OTHER} ${OPENSSL_CRYPTO_LDFLAGS_OTHER}") -set_property(TARGET fastd APPEND PROPERTY INCLUDE_DIRECTORIES ${CAP_INCLUDE_DIR} ${NACL_INCLUDE_DIRS}) -target_link_libraries(fastd protocols methods ciphers macs ${RT_LIBRARY} ${CAP_LIBRARY} ${UECC_LIBRARIES} ${NACL_LIBRARIES} ${OPENSSL_CRYPTO_LIBRARIES}) +set_property(TARGET fastd PROPERTY LINK_FLAGS "-pthread ${UECC_LDFLAGS_OTHER} ${NACL_LDFLAGS_OTHER} ${OPENSSL_CRYPTO_LDFLAGS_OTHER} ${SYSTEMD_DAEMON_LDFLAGS_OTHER}") +set_property(TARGET fastd APPEND PROPERTY INCLUDE_DIRECTORIES ${CAP_INCLUDE_DIR} ${NACL_INCLUDE_DIRS} ${SYSTEMD_DAEMON_INCLUDE_DIRS}) +target_link_libraries(fastd protocols methods ciphers macs ${RT_LIBRARY} ${CAP_LIBRARY} ${UECC_LIBRARIES} ${NACL_LIBRARIES} ${OPENSSL_CRYPTO_LIBRARIES} ${SYSTEMD_DAEMON_LIBRARIES}) add_dependencies(fastd version) diff --git a/src/fastd.c b/src/fastd.c index 58237b1..70117d8 100644 --- a/src/fastd.c +++ b/src/fastd.c @@ -51,6 +51,10 @@ #include <openssl/err.h> #endif +#ifdef ENABLE_SYSTEMD +#include <systemd/sd-daemon.h> +#endif + static volatile bool sighup = false; static volatile bool terminate = false; @@ -874,6 +878,17 @@ int main(int argc, char *argv[]) { fastd_context_t ctx = {}; int status_fd = -1; +#ifdef ENABLE_SYSTEMD + char *notify_socket = getenv("NOTIFY_SOCKET"); + + if (notify_socket) { + notify_socket = strdup(notify_socket); + + /* unset the socket to allow calling on_pre_up safely */ + unsetenv("NOTIFY_SOCKET"); + } +#endif + close_fds(&ctx); fastd_random_bytes(&ctx, &ctx.randseed, sizeof(ctx.randseed), false); @@ -945,6 +960,14 @@ int main(int argc, char *argv[]) { write_pid(&ctx, getpid()); +#ifdef ENABLE_SYSTEMD + if (notify_socket) { + setenv("NOTIFY_SOCKET", notify_socket, 1); + sd_notifyf(1, "READY=1\nMAINPID=%lu", (unsigned long) getpid()); + free(notify_socket); + } +#endif + if (status_fd >= 0) { static const uint8_t STATUS = 0; if (write(status_fd, &STATUS, 1) < 0) diff --git a/src/fastd_config.h.in b/src/fastd_config.h.in index 39856c4..ece2ba7 100644 --- a/src/fastd_config.h.in +++ b/src/fastd_config.h.in @@ -48,6 +48,7 @@ #cmakedefine HAVE_LIBSODIUM #cmakedefine ENABLE_OPENSSL +#cmakedefine ENABLE_SYSTEMD #define MAX_CONFIG_DEPTH @MAX_CONFIG_DEPTH_NUM@ |