--- trunk/pcsc-lite/patches/pcsc-lite-1.7.4-systemd-socket-activation.patch 2011/11/24 20:58:47 1573 +++ trunk/pcsc-lite/patches/pcsc-lite-1.7.4-systemd-socket-activation.patch 2011/11/24 21:10:23 1574 @@ -1,1010 +1,1016 @@ -Add systemd socket-based activation support to pcscd as an alternative -to the existing autostart code which used forking from the user space -library. Systemd socket activation makes it possible to start pcscd on -demand by systemd when a request is sent on the IPC socket. +From ed83954ce404d0e58a04dfe7bfd379203f7830b5 Mon Sep 17 00:00:00 2001 +From: Kalev Lember +Date: Thu, 23 Jun 2011 21:58:56 +0300 +Subject: [PATCH 1/3] Support systemd socket activation -The implementation uses the $LISTEN_FDS/$LISTEN_PID env var parsing code -from systemd's sd-daemon.[ch] copy library. ---- - PCSC/src/Makefile.am | 6 + - PCSC/src/pcscdaemon.c | 56 ++++-- - PCSC/src/sd-daemon.c | 520 +++++++++++++++++++++++++++++++++++++++++++ - PCSC/src/sd-daemon.h | 277 +++++++++++++++++++++++ - PCSC/src/winscard_msg.h | 1 + - PCSC/src/winscard_msg_srv.c | 25 ++ - 6 files changed, 870 insertions(+), 15 deletions(-) - create mode 100644 PCSC/src/sd-daemon.c - create mode 100644 PCSC/src/sd-daemon.h +Add systemd socket-based activation support to pcscd as an alternative +to the existing autostart code which used forking from the user space +library. Systemd socket activation makes it possible to start pcscd on +demand by systemd when a request is sent on the IPC socket. -diff --git a/PCSC/src/Makefile.am b/PCSC/src/Makefile.am -index 2bd2f11..1b70466 100644 ---- a/PCSC/src/Makefile.am -+++ b/PCSC/src/Makefile.am -@@ -67,6 +67,8 @@ pcscd_SOURCES = \ - prothandler.h \ - readerfactory.c \ - readerfactory.h \ -+ sd-daemon.c \ -+ sd-daemon.h \ - simclist.c \ - simclist.h \ - strlcat.c \ -@@ -95,6 +97,10 @@ fix-rights: install-sbinPROGRAMS - chgrp pcscd $(DESTDIR)$(sbindir)/pcscd - chmod g+s $(DESTDIR)$(sbindir)/pcscd - -+update-systemd: -+ curl http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.c > sd-daemon.c -+ curl http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.h > sd-daemon.h -+ - testpcsc_SOURCES = testpcsc.c - testpcsc_LDADD = libpcsclite.la - -diff --git a/PCSC/src/pcscdaemon.c b/PCSC/src/pcscdaemon.c -index 6abc328..609f981 100644 ---- a/PCSC/src/pcscdaemon.c -+++ b/PCSC/src/pcscdaemon.c -@@ -37,6 +37,7 @@ - #include "pcsclite.h" - #include "pcscd.h" - #include "debuglog.h" -+#include "sd-daemon.h" - #include "winscard_msg.h" - #include "winscard_svc.h" - #include "sys_generic.h" -@@ -54,6 +55,7 @@ - char AraKiri = FALSE; - static char Init = TRUE; - char AutoExit = FALSE; -+char SocketActivated = FALSE; - static int ExitValue = EXIT_FAILURE; - int HPForceReaderPolling = 0; - static int pipefd[] = {-1, -1}; -@@ -316,6 +318,20 @@ int main(int argc, char **argv) - } - - /* -+ * Check if systemd passed us any file descriptors -+ */ -+ rv = sd_listen_fds(0); -+ if (rv > 1) -+ { -+ Log1(PCSC_LOG_CRITICAL, "Too many file descriptors received"); -+ return EXIT_FAILURE; -+ } -+ else if (rv == 1) -+ SocketActivated = TRUE; -+ else -+ SocketActivated = FALSE; -+ -+ /* - * test the presence of /var/run/pcscd/pcscd.comm - */ - -@@ -366,16 +382,19 @@ int main(int argc, char **argv) - return EXIT_FAILURE; - } - -- Log1(PCSC_LOG_CRITICAL, -- "file " PCSCLITE_CSOCK_NAME " already exists."); -- Log1(PCSC_LOG_CRITICAL, -- "Maybe another pcscd is running?"); -- Log1(PCSC_LOG_CRITICAL, -- "I can't read process pid from " PCSCLITE_RUN_PID); -- Log1(PCSC_LOG_CRITICAL, "Remove " PCSCLITE_CSOCK_NAME); -- Log1(PCSC_LOG_CRITICAL, -- "if pcscd is not running to clear this message."); -- return EXIT_FAILURE; -+ if (!SocketActivated) -+ { -+ Log1(PCSC_LOG_CRITICAL, -+ "file " PCSCLITE_CSOCK_NAME " already exists."); -+ Log1(PCSC_LOG_CRITICAL, -+ "Maybe another pcscd is running?"); -+ Log1(PCSC_LOG_CRITICAL, -+ "I can't read process pid from " PCSCLITE_RUN_PID); -+ Log1(PCSC_LOG_CRITICAL, "Remove " PCSCLITE_CSOCK_NAME); -+ Log1(PCSC_LOG_CRITICAL, -+ "if pcscd is not running to clear this message."); -+ return EXIT_FAILURE; -+ } - } - } - else -@@ -568,7 +587,11 @@ int main(int argc, char **argv) - /* - * Initialize the comm structure - */ -- rv = InitializeSocket(); -+ if (SocketActivated) -+ rv = ListenExistingSocket(SD_LISTEN_FDS_START + 0); -+ else -+ rv = InitializeSocket(); -+ - if (rv) - { - Log1(PCSC_LOG_CRITICAL, "Error initializing pcscd."); -@@ -652,10 +675,13 @@ static void clean_temp_files(void) - { - int rv; - -- rv = remove(PCSCLITE_CSOCK_NAME); -- if (rv != 0) -- Log2(PCSC_LOG_ERROR, "Cannot remove " PCSCLITE_CSOCK_NAME ": %s", -- strerror(errno)); -+ if (!SocketActivated) -+ { -+ rv = remove(PCSCLITE_CSOCK_NAME); -+ if (rv != 0) -+ Log2(PCSC_LOG_ERROR, "Cannot remove " PCSCLITE_CSOCK_NAME ": %s", -+ strerror(errno)); -+ } - - rv = remove(PCSCLITE_RUN_PID); - if (rv != 0) -diff --git a/PCSC/src/sd-daemon.c b/PCSC/src/sd-daemon.c -new file mode 100644 -index 0000000..a2ec74c ---- /dev/null -+++ b/PCSC/src/sd-daemon.c -@@ -0,0 +1,520 @@ -+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ -+ -+/*** -+ Copyright 2010 Lennart Poettering -+ -+ Permission is hereby granted, free of charge, to any person -+ obtaining a copy of this software and associated documentation files -+ (the "Software"), to deal in the Software without restriction, -+ including without limitation the rights to use, copy, modify, merge, -+ publish, distribute, sublicense, and/or sell copies of the Software, -+ and to permit persons to whom the Software is furnished to do so, -+ subject to the following conditions: -+ -+ The above copyright notice and this permission notice shall be -+ included in all copies or substantial portions of the Software. -+ -+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS -+ BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN -+ ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -+ SOFTWARE. -+***/ -+ -+#ifndef _GNU_SOURCE -+#define _GNU_SOURCE -+#endif -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#if defined(__linux__) -+#include -+#endif -+ -+#include "sd-daemon.h" -+ -+#if (__GNUC__ >= 4) && !defined(SD_EXPORT_SYMBOLS) -+#define _sd_hidden_ __attribute__ ((visibility("hidden"))) -+#else -+#define _sd_hidden_ -+#endif -+ -+_sd_hidden_ int sd_listen_fds(int unset_environment) { -+ -+#if defined(DISABLE_SYSTEMD) || !defined(__linux__) -+ return 0; -+#else -+ int r, fd; -+ const char *e; -+ char *p = NULL; -+ unsigned long l; -+ -+ if (!(e = getenv("LISTEN_PID"))) { -+ r = 0; -+ goto finish; -+ } -+ -+ errno = 0; -+ l = strtoul(e, &p, 10); -+ -+ if (errno != 0) { -+ r = -errno; -+ goto finish; -+ } -+ -+ if (!p || *p || l <= 0) { -+ r = -EINVAL; -+ goto finish; -+ } -+ -+ /* Is this for us? */ -+ if (getpid() != (pid_t) l) { -+ r = 0; -+ goto finish; -+ } -+ -+ if (!(e = getenv("LISTEN_FDS"))) { -+ r = 0; -+ goto finish; -+ } -+ -+ errno = 0; -+ l = strtoul(e, &p, 10); -+ -+ if (errno != 0) { -+ r = -errno; -+ goto finish; -+ } -+ -+ if (!p || *p) { -+ r = -EINVAL; -+ goto finish; -+ } -+ -+ for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + (int) l; fd ++) { -+ int flags; -+ -+ if ((flags = fcntl(fd, F_GETFD)) < 0) { -+ r = -errno; -+ goto finish; -+ } -+ -+ if (flags & FD_CLOEXEC) -+ continue; -+ -+ if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) < 0) { -+ r = -errno; -+ goto finish; -+ } -+ } -+ -+ r = (int) l; -+ -+finish: -+ if (unset_environment) { -+ unsetenv("LISTEN_PID"); -+ unsetenv("LISTEN_FDS"); -+ } -+ -+ return r; -+#endif -+} -+ -+_sd_hidden_ int sd_is_fifo(int fd, const char *path) { -+ struct stat st_fd; -+ -+ if (fd < 0) -+ return -EINVAL; -+ -+ memset(&st_fd, 0, sizeof(st_fd)); -+ if (fstat(fd, &st_fd) < 0) -+ return -errno; -+ -+ if (!S_ISFIFO(st_fd.st_mode)) -+ return 0; -+ -+ if (path) { -+ struct stat st_path; -+ -+ memset(&st_path, 0, sizeof(st_path)); -+ if (stat(path, &st_path) < 0) { -+ -+ if (errno == ENOENT || errno == ENOTDIR) -+ return 0; -+ -+ return -errno; -+ } -+ -+ return -+ st_path.st_dev == st_fd.st_dev && -+ st_path.st_ino == st_fd.st_ino; -+ } -+ -+ return 1; -+} -+ -+_sd_hidden_ int sd_is_special(int fd, const char *path) { -+ struct stat st_fd; -+ -+ if (fd < 0) -+ return -EINVAL; -+ -+ if (fstat(fd, &st_fd) < 0) -+ return -errno; -+ -+ if (!S_ISREG(st_fd.st_mode) && !S_ISCHR(st_fd.st_mode)) -+ return 0; -+ -+ if (path) { -+ struct stat st_path; -+ -+ if (stat(path, &st_path) < 0) { -+ -+ if (errno == ENOENT || errno == ENOTDIR) -+ return 0; -+ -+ return -errno; -+ } -+ -+ if (S_ISREG(st_fd.st_mode) && S_ISREG(st_path.st_mode)) -+ return -+ st_path.st_dev == st_fd.st_dev && -+ st_path.st_ino == st_fd.st_ino; -+ else if (S_ISCHR(st_fd.st_mode) && S_ISCHR(st_path.st_mode)) -+ return st_path.st_rdev == st_fd.st_rdev; -+ else -+ return 0; -+ } -+ -+ return 1; -+} -+ -+static int sd_is_socket_internal(int fd, int type, int listening) { -+ struct stat st_fd; -+ -+ if (fd < 0 || type < 0) -+ return -EINVAL; -+ -+ if (fstat(fd, &st_fd) < 0) -+ return -errno; -+ -+ if (!S_ISSOCK(st_fd.st_mode)) -+ return 0; -+ -+ if (type != 0) { -+ int other_type = 0; -+ socklen_t l = sizeof(other_type); -+ -+ if (getsockopt(fd, SOL_SOCKET, SO_TYPE, &other_type, &l) < 0) -+ return -errno; -+ -+ if (l != sizeof(other_type)) -+ return -EINVAL; -+ -+ if (other_type != type) -+ return 0; -+ } -+ -+ if (listening >= 0) { -+ int accepting = 0; -+ socklen_t l = sizeof(accepting); -+ -+ if (getsockopt(fd, SOL_SOCKET, SO_ACCEPTCONN, &accepting, &l) < 0) -+ return -errno; -+ -+ if (l != sizeof(accepting)) -+ return -EINVAL; -+ -+ if (!accepting != !listening) -+ return 0; -+ } -+ -+ return 1; -+} -+ -+union sockaddr_union { -+ struct sockaddr sa; -+ struct sockaddr_in in4; -+ struct sockaddr_in6 in6; -+ struct sockaddr_un un; -+ struct sockaddr_storage storage; -+}; -+ -+_sd_hidden_ int sd_is_socket(int fd, int family, int type, int listening) { -+ int r; -+ -+ if (family < 0) -+ return -EINVAL; -+ -+ if ((r = sd_is_socket_internal(fd, type, listening)) <= 0) -+ return r; -+ -+ if (family > 0) { -+ union sockaddr_union sockaddr; -+ socklen_t l; -+ -+ memset(&sockaddr, 0, sizeof(sockaddr)); -+ l = sizeof(sockaddr); -+ -+ if (getsockname(fd, &sockaddr.sa, &l) < 0) -+ return -errno; -+ -+ if (l < sizeof(sa_family_t)) -+ return -EINVAL; -+ -+ return sockaddr.sa.sa_family == family; -+ } -+ -+ return 1; -+} -+ -+_sd_hidden_ int sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port) { -+ union sockaddr_union sockaddr; -+ socklen_t l; -+ int r; -+ -+ if (family != 0 && family != AF_INET && family != AF_INET6) -+ return -EINVAL; -+ -+ if ((r = sd_is_socket_internal(fd, type, listening)) <= 0) -+ return r; -+ -+ memset(&sockaddr, 0, sizeof(sockaddr)); -+ l = sizeof(sockaddr); -+ -+ if (getsockname(fd, &sockaddr.sa, &l) < 0) -+ return -errno; -+ -+ if (l < sizeof(sa_family_t)) -+ return -EINVAL; -+ -+ if (sockaddr.sa.sa_family != AF_INET && -+ sockaddr.sa.sa_family != AF_INET6) -+ return 0; -+ -+ if (family > 0) -+ if (sockaddr.sa.sa_family != family) -+ return 0; -+ -+ if (port > 0) { -+ if (sockaddr.sa.sa_family == AF_INET) { -+ if (l < sizeof(struct sockaddr_in)) -+ return -EINVAL; -+ -+ return htons(port) == sockaddr.in4.sin_port; -+ } else { -+ if (l < sizeof(struct sockaddr_in6)) -+ return -EINVAL; -+ -+ return htons(port) == sockaddr.in6.sin6_port; -+ } -+ } -+ -+ return 1; -+} -+ -+_sd_hidden_ int sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length) { -+ union sockaddr_union sockaddr; -+ socklen_t l; -+ int r; -+ -+ if ((r = sd_is_socket_internal(fd, type, listening)) <= 0) -+ return r; -+ -+ memset(&sockaddr, 0, sizeof(sockaddr)); -+ l = sizeof(sockaddr); -+ -+ if (getsockname(fd, &sockaddr.sa, &l) < 0) -+ return -errno; -+ -+ if (l < sizeof(sa_family_t)) -+ return -EINVAL; -+ -+ if (sockaddr.sa.sa_family != AF_UNIX) -+ return 0; -+ -+ if (path) { -+ if (length <= 0) -+ length = strlen(path); -+ -+ if (length <= 0) -+ /* Unnamed socket */ -+ return l == offsetof(struct sockaddr_un, sun_path); -+ -+ if (path[0]) -+ /* Normal path socket */ -+ return -+ (l >= offsetof(struct sockaddr_un, sun_path) + length + 1) && -+ memcmp(path, sockaddr.un.sun_path, length+1) == 0; -+ else -+ /* Abstract namespace socket */ -+ return -+ (l == offsetof(struct sockaddr_un, sun_path) + length) && -+ memcmp(path, sockaddr.un.sun_path, length) == 0; -+ } -+ -+ return 1; -+} -+ -+_sd_hidden_ int sd_is_mq(int fd, const char *path) { -+#if !defined(__linux__) -+ return 0; -+#else -+ struct mq_attr attr; -+ -+ if (fd < 0) -+ return -EINVAL; -+ -+ if (mq_getattr(fd, &attr) < 0) -+ return -errno; -+ -+ if (path) { -+ char fpath[PATH_MAX]; -+ struct stat a, b; -+ -+ if (path[0] != '/') -+ return -EINVAL; -+ -+ if (fstat(fd, &a) < 0) -+ return -errno; -+ -+ strncpy(stpcpy(fpath, "/dev/mqueue"), path, sizeof(fpath) - 12); -+ fpath[sizeof(fpath)-1] = 0; -+ -+ if (stat(fpath, &b) < 0) -+ return -errno; -+ -+ if (a.st_dev != b.st_dev || -+ a.st_ino != b.st_ino) -+ return 0; -+ } -+ -+ return 1; -+#endif -+} -+ -+_sd_hidden_ int sd_notify(int unset_environment, const char *state) { -+#if defined(DISABLE_SYSTEMD) || !defined(__linux__) || !defined(SOCK_CLOEXEC) -+ return 0; -+#else -+ int fd = -1, r; -+ struct msghdr msghdr; -+ struct iovec iovec; -+ union sockaddr_union sockaddr; -+ const char *e; -+ -+ if (!state) { -+ r = -EINVAL; -+ goto finish; -+ } -+ -+ if (!(e = getenv("NOTIFY_SOCKET"))) -+ return 0; -+ -+ /* Must be an abstract socket, or an absolute path */ -+ if ((e[0] != '@' && e[0] != '/') || e[1] == 0) { -+ r = -EINVAL; -+ goto finish; -+ } -+ -+ if ((fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0)) < 0) { -+ r = -errno; -+ goto finish; -+ } -+ -+ memset(&sockaddr, 0, sizeof(sockaddr)); -+ sockaddr.sa.sa_family = AF_UNIX; -+ strncpy(sockaddr.un.sun_path, e, sizeof(sockaddr.un.sun_path)); -+ -+ if (sockaddr.un.sun_path[0] == '@') -+ sockaddr.un.sun_path[0] = 0; -+ -+ memset(&iovec, 0, sizeof(iovec)); -+ iovec.iov_base = (char*) state; -+ iovec.iov_len = strlen(state); -+ -+ memset(&msghdr, 0, sizeof(msghdr)); -+ msghdr.msg_name = &sockaddr; -+ msghdr.msg_namelen = offsetof(struct sockaddr_un, sun_path) + strlen(e); -+ -+ if (msghdr.msg_namelen > sizeof(struct sockaddr_un)) -+ msghdr.msg_namelen = sizeof(struct sockaddr_un); -+ -+ msghdr.msg_iov = &iovec; -+ msghdr.msg_iovlen = 1; -+ -+ if (sendmsg(fd, &msghdr, MSG_NOSIGNAL) < 0) { -+ r = -errno; -+ goto finish; -+ } -+ -+ r = 1; -+ -+finish: -+ if (unset_environment) -+ unsetenv("NOTIFY_SOCKET"); -+ -+ if (fd >= 0) -+ close(fd); -+ -+ return r; -+#endif -+} -+ -+_sd_hidden_ int sd_notifyf(int unset_environment, const char *format, ...) { -+#if defined(DISABLE_SYSTEMD) || !defined(__linux__) -+ return 0; -+#else -+ va_list ap; -+ char *p = NULL; -+ int r; -+ -+ va_start(ap, format); -+ r = vasprintf(&p, format, ap); -+ va_end(ap); -+ -+ if (r < 0 || !p) -+ return -ENOMEM; -+ -+ r = sd_notify(unset_environment, p); -+ free(p); -+ -+ return r; -+#endif -+} -+ -+_sd_hidden_ int sd_booted(void) { -+#if defined(DISABLE_SYSTEMD) || !defined(__linux__) -+ return 0; -+#else -+ -+ struct stat a, b; -+ -+ /* We simply test whether the systemd cgroup hierarchy is -+ * mounted */ -+ -+ if (lstat("/sys/fs/cgroup", &a) < 0) -+ return 0; -+ -+ if (lstat("/sys/fs/cgroup/systemd", &b) < 0) -+ return 0; -+ -+ return a.st_dev != b.st_dev; -+#endif -+} -diff --git a/PCSC/src/sd-daemon.h b/PCSC/src/sd-daemon.h -new file mode 100644 -index 0000000..46dc7fd ---- /dev/null -+++ b/PCSC/src/sd-daemon.h -@@ -0,0 +1,277 @@ -+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ -+ -+#ifndef foosddaemonhfoo -+#define foosddaemonhfoo -+ -+/*** -+ Copyright 2010 Lennart Poettering -+ -+ Permission is hereby granted, free of charge, to any person -+ obtaining a copy of this software and associated documentation files -+ (the "Software"), to deal in the Software without restriction, -+ including without limitation the rights to use, copy, modify, merge, -+ publish, distribute, sublicense, and/or sell copies of the Software, -+ and to permit persons to whom the Software is furnished to do so, -+ subject to the following conditions: -+ -+ The above copyright notice and this permission notice shall be -+ included in all copies or substantial portions of the Software. -+ -+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS -+ BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN -+ ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -+ SOFTWARE. -+***/ -+ -+#include -+#include -+ -+#ifdef __cplusplus -+extern "C" { -+#endif -+ -+/* -+ Reference implementation of a few systemd related interfaces for -+ writing daemons. These interfaces are trivial to implement. To -+ simplify porting we provide this reference implementation. -+ Applications are welcome to reimplement the algorithms described -+ here if they do not want to include these two source files. -+ -+ The following functionality is provided: -+ -+ - Support for logging with log levels on stderr -+ - File descriptor passing for socket-based activation -+ - Daemon startup and status notification -+ - Detection of systemd boots -+ -+ You may compile this with -DDISABLE_SYSTEMD to disable systemd -+ support. This makes all those calls NOPs that are directly related to -+ systemd (i.e. only sd_is_xxx() will stay useful). -+ -+ Since this is drop-in code we don't want any of our symbols to be -+ exported in any case. Hence we declare hidden visibility for all of -+ them. -+ -+ You may find an up-to-date version of these source files online: -+ +The implementation uses the $LISTEN_FDS/$LISTEN_PID env var parsing code +from systemd's sd-daemon.[ch] copy library. +--- + PCSC/src/Makefile.am | 6 + + PCSC/src/pcscdaemon.c | 56 ++++-- + PCSC/src/sd-daemon.c | 520 +++++++++++++++++++++++++++++++++++++++++++ + PCSC/src/sd-daemon.h | 277 +++++++++++++++++++++++ + PCSC/src/winscard_msg.h | 1 + + PCSC/src/winscard_msg_srv.c | 25 ++ + 6 files changed, 870 insertions(+), 15 deletions(-) + create mode 100644 PCSC/src/sd-daemon.c + create mode 100644 PCSC/src/sd-daemon.h + +diff --git a/PCSC/src/Makefile.am b/PCSC/src/Makefile.am +index 2bd2f11..1b70466 100644 +--- a/PCSC/src/Makefile.am ++++ b/PCSC/src/Makefile.am +@@ -67,6 +67,8 @@ pcscd_SOURCES = \ + prothandler.h \ + readerfactory.c \ + readerfactory.h \ ++ sd-daemon.c \ ++ sd-daemon.h \ + simclist.c \ + simclist.h \ + strlcat.c \ +@@ -95,6 +97,10 @@ fix-rights: install-sbinPROGRAMS + chgrp pcscd $(DESTDIR)$(sbindir)/pcscd + chmod g+s $(DESTDIR)$(sbindir)/pcscd + ++update-systemd: ++ curl http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.c > sd-daemon.c ++ curl http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.h > sd-daemon.h ++ + testpcsc_SOURCES = testpcsc.c + testpcsc_LDADD = libpcsclite.la + +diff --git a/PCSC/src/pcscdaemon.c b/PCSC/src/pcscdaemon.c +index 6abc328..609f981 100644 +--- a/PCSC/src/pcscdaemon.c ++++ b/PCSC/src/pcscdaemon.c +@@ -37,6 +37,7 @@ + #include "pcsclite.h" + #include "pcscd.h" + #include "debuglog.h" ++#include "sd-daemon.h" + #include "winscard_msg.h" + #include "winscard_svc.h" + #include "sys_generic.h" +@@ -54,6 +55,7 @@ + char AraKiri = FALSE; + static char Init = TRUE; + char AutoExit = FALSE; ++char SocketActivated = FALSE; + static int ExitValue = EXIT_FAILURE; + int HPForceReaderPolling = 0; + static int pipefd[] = {-1, -1}; +@@ -316,6 +318,20 @@ int main(int argc, char **argv) + } + + /* ++ * Check if systemd passed us any file descriptors ++ */ ++ rv = sd_listen_fds(0); ++ if (rv > 1) ++ { ++ Log1(PCSC_LOG_CRITICAL, "Too many file descriptors received"); ++ return EXIT_FAILURE; ++ } ++ else if (rv == 1) ++ SocketActivated = TRUE; ++ else ++ SocketActivated = FALSE; ++ ++ /* + * test the presence of /var/run/pcscd/pcscd.comm + */ + +@@ -366,16 +382,19 @@ int main(int argc, char **argv) + return EXIT_FAILURE; + } + +- Log1(PCSC_LOG_CRITICAL, +- "file " PCSCLITE_CSOCK_NAME " already exists."); +- Log1(PCSC_LOG_CRITICAL, +- "Maybe another pcscd is running?"); +- Log1(PCSC_LOG_CRITICAL, +- "I can't read process pid from " PCSCLITE_RUN_PID); +- Log1(PCSC_LOG_CRITICAL, "Remove " PCSCLITE_CSOCK_NAME); +- Log1(PCSC_LOG_CRITICAL, +- "if pcscd is not running to clear this message."); +- return EXIT_FAILURE; ++ if (!SocketActivated) ++ { ++ Log1(PCSC_LOG_CRITICAL, ++ "file " PCSCLITE_CSOCK_NAME " already exists."); ++ Log1(PCSC_LOG_CRITICAL, ++ "Maybe another pcscd is running?"); ++ Log1(PCSC_LOG_CRITICAL, ++ "I can't read process pid from " PCSCLITE_RUN_PID); ++ Log1(PCSC_LOG_CRITICAL, "Remove " PCSCLITE_CSOCK_NAME); ++ Log1(PCSC_LOG_CRITICAL, ++ "if pcscd is not running to clear this message."); ++ return EXIT_FAILURE; ++ } + } + } + else +@@ -568,7 +587,11 @@ int main(int argc, char **argv) + /* + * Initialize the comm structure + */ +- rv = InitializeSocket(); ++ if (SocketActivated) ++ rv = ListenExistingSocket(SD_LISTEN_FDS_START + 0); ++ else ++ rv = InitializeSocket(); ++ + if (rv) + { + Log1(PCSC_LOG_CRITICAL, "Error initializing pcscd."); +@@ -652,10 +675,13 @@ static void clean_temp_files(void) + { + int rv; + +- rv = remove(PCSCLITE_CSOCK_NAME); +- if (rv != 0) +- Log2(PCSC_LOG_ERROR, "Cannot remove " PCSCLITE_CSOCK_NAME ": %s", +- strerror(errno)); ++ if (!SocketActivated) ++ { ++ rv = remove(PCSCLITE_CSOCK_NAME); ++ if (rv != 0) ++ Log2(PCSC_LOG_ERROR, "Cannot remove " PCSCLITE_CSOCK_NAME ": %s", ++ strerror(errno)); ++ } + + rv = remove(PCSCLITE_RUN_PID); + if (rv != 0) +diff --git a/PCSC/src/sd-daemon.c b/PCSC/src/sd-daemon.c +new file mode 100644 +index 0000000..a2ec74c +--- /dev/null ++++ b/PCSC/src/sd-daemon.c +@@ -0,0 +1,520 @@ ++/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ ++ ++/*** ++ Copyright 2010 Lennart Poettering ++ ++ Permission is hereby granted, free of charge, to any person ++ obtaining a copy of this software and associated documentation files ++ (the "Software"), to deal in the Software without restriction, ++ including without limitation the rights to use, copy, modify, merge, ++ publish, distribute, sublicense, and/or sell copies of the Software, ++ and to permit persons to whom the Software is furnished to do so, ++ subject to the following conditions: ++ ++ The above copyright notice and this permission notice shall be ++ included in all copies or substantial portions of the Software. ++ ++ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, ++ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF ++ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ++ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS ++ BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ++ ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN ++ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE ++ SOFTWARE. ++***/ ++ ++#ifndef _GNU_SOURCE ++#define _GNU_SOURCE ++#endif ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#if defined(__linux__) ++#include ++#endif ++ ++#include "sd-daemon.h" ++ ++#if (__GNUC__ >= 4) && !defined(SD_EXPORT_SYMBOLS) ++#define _sd_hidden_ __attribute__ ((visibility("hidden"))) ++#else ++#define _sd_hidden_ ++#endif ++ ++_sd_hidden_ int sd_listen_fds(int unset_environment) { ++ ++#if defined(DISABLE_SYSTEMD) || !defined(__linux__) ++ return 0; ++#else ++ int r, fd; ++ const char *e; ++ char *p = NULL; ++ unsigned long l; ++ ++ if (!(e = getenv("LISTEN_PID"))) { ++ r = 0; ++ goto finish; ++ } ++ ++ errno = 0; ++ l = strtoul(e, &p, 10); ++ ++ if (errno != 0) { ++ r = -errno; ++ goto finish; ++ } ++ ++ if (!p || *p || l <= 0) { ++ r = -EINVAL; ++ goto finish; ++ } ++ ++ /* Is this for us? */ ++ if (getpid() != (pid_t) l) { ++ r = 0; ++ goto finish; ++ } ++ ++ if (!(e = getenv("LISTEN_FDS"))) { ++ r = 0; ++ goto finish; ++ } ++ ++ errno = 0; ++ l = strtoul(e, &p, 10); ++ ++ if (errno != 0) { ++ r = -errno; ++ goto finish; ++ } ++ ++ if (!p || *p) { ++ r = -EINVAL; ++ goto finish; ++ } ++ ++ for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + (int) l; fd ++) { ++ int flags; ++ ++ if ((flags = fcntl(fd, F_GETFD)) < 0) { ++ r = -errno; ++ goto finish; ++ } ++ ++ if (flags & FD_CLOEXEC) ++ continue; ++ ++ if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) < 0) { ++ r = -errno; ++ goto finish; ++ } ++ } ++ ++ r = (int) l; ++ ++finish: ++ if (unset_environment) { ++ unsetenv("LISTEN_PID"); ++ unsetenv("LISTEN_FDS"); ++ } ++ ++ return r; ++#endif ++} ++ ++_sd_hidden_ int sd_is_fifo(int fd, const char *path) { ++ struct stat st_fd; ++ ++ if (fd < 0) ++ return -EINVAL; ++ ++ memset(&st_fd, 0, sizeof(st_fd)); ++ if (fstat(fd, &st_fd) < 0) ++ return -errno; ++ ++ if (!S_ISFIFO(st_fd.st_mode)) ++ return 0; ++ ++ if (path) { ++ struct stat st_path; ++ ++ memset(&st_path, 0, sizeof(st_path)); ++ if (stat(path, &st_path) < 0) { ++ ++ if (errno == ENOENT || errno == ENOTDIR) ++ return 0; ++ ++ return -errno; ++ } ++ ++ return ++ st_path.st_dev == st_fd.st_dev && ++ st_path.st_ino == st_fd.st_ino; ++ } ++ ++ return 1; ++} ++ ++_sd_hidden_ int sd_is_special(int fd, const char *path) { ++ struct stat st_fd; ++ ++ if (fd < 0) ++ return -EINVAL; ++ ++ if (fstat(fd, &st_fd) < 0) ++ return -errno; ++ ++ if (!S_ISREG(st_fd.st_mode) && !S_ISCHR(st_fd.st_mode)) ++ return 0; ++ ++ if (path) { ++ struct stat st_path; ++ ++ if (stat(path, &st_path) < 0) { ++ ++ if (errno == ENOENT || errno == ENOTDIR) ++ return 0; ++ ++ return -errno; ++ } ++ ++ if (S_ISREG(st_fd.st_mode) && S_ISREG(st_path.st_mode)) ++ return ++ st_path.st_dev == st_fd.st_dev && ++ st_path.st_ino == st_fd.st_ino; ++ else if (S_ISCHR(st_fd.st_mode) && S_ISCHR(st_path.st_mode)) ++ return st_path.st_rdev == st_fd.st_rdev; ++ else ++ return 0; ++ } ++ ++ return 1; ++} ++ ++static int sd_is_socket_internal(int fd, int type, int listening) { ++ struct stat st_fd; ++ ++ if (fd < 0 || type < 0) ++ return -EINVAL; ++ ++ if (fstat(fd, &st_fd) < 0) ++ return -errno; ++ ++ if (!S_ISSOCK(st_fd.st_mode)) ++ return 0; ++ ++ if (type != 0) { ++ int other_type = 0; ++ socklen_t l = sizeof(other_type); ++ ++ if (getsockopt(fd, SOL_SOCKET, SO_TYPE, &other_type, &l) < 0) ++ return -errno; ++ ++ if (l != sizeof(other_type)) ++ return -EINVAL; ++ ++ if (other_type != type) ++ return 0; ++ } ++ ++ if (listening >= 0) { ++ int accepting = 0; ++ socklen_t l = sizeof(accepting); ++ ++ if (getsockopt(fd, SOL_SOCKET, SO_ACCEPTCONN, &accepting, &l) < 0) ++ return -errno; ++ ++ if (l != sizeof(accepting)) ++ return -EINVAL; ++ ++ if (!accepting != !listening) ++ return 0; ++ } ++ ++ return 1; ++} ++ ++union sockaddr_union { ++ struct sockaddr sa; ++ struct sockaddr_in in4; ++ struct sockaddr_in6 in6; ++ struct sockaddr_un un; ++ struct sockaddr_storage storage; ++}; ++ ++_sd_hidden_ int sd_is_socket(int fd, int family, int type, int listening) { ++ int r; ++ ++ if (family < 0) ++ return -EINVAL; ++ ++ if ((r = sd_is_socket_internal(fd, type, listening)) <= 0) ++ return r; ++ ++ if (family > 0) { ++ union sockaddr_union sockaddr; ++ socklen_t l; ++ ++ memset(&sockaddr, 0, sizeof(sockaddr)); ++ l = sizeof(sockaddr); ++ ++ if (getsockname(fd, &sockaddr.sa, &l) < 0) ++ return -errno; ++ ++ if (l < sizeof(sa_family_t)) ++ return -EINVAL; ++ ++ return sockaddr.sa.sa_family == family; ++ } ++ ++ return 1; ++} ++ ++_sd_hidden_ int sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port) { ++ union sockaddr_union sockaddr; ++ socklen_t l; ++ int r; ++ ++ if (family != 0 && family != AF_INET && family != AF_INET6) ++ return -EINVAL; ++ ++ if ((r = sd_is_socket_internal(fd, type, listening)) <= 0) ++ return r; ++ ++ memset(&sockaddr, 0, sizeof(sockaddr)); ++ l = sizeof(sockaddr); ++ ++ if (getsockname(fd, &sockaddr.sa, &l) < 0) ++ return -errno; ++ ++ if (l < sizeof(sa_family_t)) ++ return -EINVAL; ++ ++ if (sockaddr.sa.sa_family != AF_INET && ++ sockaddr.sa.sa_family != AF_INET6) ++ return 0; ++ ++ if (family > 0) ++ if (sockaddr.sa.sa_family != family) ++ return 0; ++ ++ if (port > 0) { ++ if (sockaddr.sa.sa_family == AF_INET) { ++ if (l < sizeof(struct sockaddr_in)) ++ return -EINVAL; ++ ++ return htons(port) == sockaddr.in4.sin_port; ++ } else { ++ if (l < sizeof(struct sockaddr_in6)) ++ return -EINVAL; ++ ++ return htons(port) == sockaddr.in6.sin6_port; ++ } ++ } ++ ++ return 1; ++} ++ ++_sd_hidden_ int sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length) { ++ union sockaddr_union sockaddr; ++ socklen_t l; ++ int r; ++ ++ if ((r = sd_is_socket_internal(fd, type, listening)) <= 0) ++ return r; ++ ++ memset(&sockaddr, 0, sizeof(sockaddr)); ++ l = sizeof(sockaddr); ++ ++ if (getsockname(fd, &sockaddr.sa, &l) < 0) ++ return -errno; ++ ++ if (l < sizeof(sa_family_t)) ++ return -EINVAL; ++ ++ if (sockaddr.sa.sa_family != AF_UNIX) ++ return 0; ++ ++ if (path) { ++ if (length <= 0) ++ length = strlen(path); ++ ++ if (length <= 0) ++ /* Unnamed socket */ ++ return l == offsetof(struct sockaddr_un, sun_path); ++ ++ if (path[0]) ++ /* Normal path socket */ ++ return ++ (l >= offsetof(struct sockaddr_un, sun_path) + length + 1) && ++ memcmp(path, sockaddr.un.sun_path, length+1) == 0; ++ else ++ /* Abstract namespace socket */ ++ return ++ (l == offsetof(struct sockaddr_un, sun_path) + length) && ++ memcmp(path, sockaddr.un.sun_path, length) == 0; ++ } ++ ++ return 1; ++} ++ ++_sd_hidden_ int sd_is_mq(int fd, const char *path) { ++#if !defined(__linux__) ++ return 0; ++#else ++ struct mq_attr attr; ++ ++ if (fd < 0) ++ return -EINVAL; ++ ++ if (mq_getattr(fd, &attr) < 0) ++ return -errno; ++ ++ if (path) { ++ char fpath[PATH_MAX]; ++ struct stat a, b; ++ ++ if (path[0] != '/') ++ return -EINVAL; ++ ++ if (fstat(fd, &a) < 0) ++ return -errno; ++ ++ strncpy(stpcpy(fpath, "/dev/mqueue"), path, sizeof(fpath) - 12); ++ fpath[sizeof(fpath)-1] = 0; ++ ++ if (stat(fpath, &b) < 0) ++ return -errno; ++ ++ if (a.st_dev != b.st_dev || ++ a.st_ino != b.st_ino) ++ return 0; ++ } ++ ++ return 1; ++#endif ++} ++ ++_sd_hidden_ int sd_notify(int unset_environment, const char *state) { ++#if defined(DISABLE_SYSTEMD) || !defined(__linux__) || !defined(SOCK_CLOEXEC) ++ return 0; ++#else ++ int fd = -1, r; ++ struct msghdr msghdr; ++ struct iovec iovec; ++ union sockaddr_union sockaddr; ++ const char *e; ++ ++ if (!state) { ++ r = -EINVAL; ++ goto finish; ++ } ++ ++ if (!(e = getenv("NOTIFY_SOCKET"))) ++ return 0; ++ ++ /* Must be an abstract socket, or an absolute path */ ++ if ((e[0] != '@' && e[0] != '/') || e[1] == 0) { ++ r = -EINVAL; ++ goto finish; ++ } ++ ++ if ((fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0)) < 0) { ++ r = -errno; ++ goto finish; ++ } ++ ++ memset(&sockaddr, 0, sizeof(sockaddr)); ++ sockaddr.sa.sa_family = AF_UNIX; ++ strncpy(sockaddr.un.sun_path, e, sizeof(sockaddr.un.sun_path)); ++ ++ if (sockaddr.un.sun_path[0] == '@') ++ sockaddr.un.sun_path[0] = 0; ++ ++ memset(&iovec, 0, sizeof(iovec)); ++ iovec.iov_base = (char*) state; ++ iovec.iov_len = strlen(state); ++ ++ memset(&msghdr, 0, sizeof(msghdr)); ++ msghdr.msg_name = &sockaddr; ++ msghdr.msg_namelen = offsetof(struct sockaddr_un, sun_path) + strlen(e); ++ ++ if (msghdr.msg_namelen > sizeof(struct sockaddr_un)) ++ msghdr.msg_namelen = sizeof(struct sockaddr_un); ++ ++ msghdr.msg_iov = &iovec; ++ msghdr.msg_iovlen = 1; ++ ++ if (sendmsg(fd, &msghdr, MSG_NOSIGNAL) < 0) { ++ r = -errno; ++ goto finish; ++ } ++ ++ r = 1; ++ ++finish: ++ if (unset_environment) ++ unsetenv("NOTIFY_SOCKET"); ++ ++ if (fd >= 0) ++ close(fd); ++ ++ return r; ++#endif ++} ++ ++_sd_hidden_ int sd_notifyf(int unset_environment, const char *format, ...) { ++#if defined(DISABLE_SYSTEMD) || !defined(__linux__) ++ return 0; ++#else ++ va_list ap; ++ char *p = NULL; ++ int r; ++ ++ va_start(ap, format); ++ r = vasprintf(&p, format, ap); ++ va_end(ap); ++ ++ if (r < 0 || !p) ++ return -ENOMEM; ++ ++ r = sd_notify(unset_environment, p); ++ free(p); ++ ++ return r; ++#endif ++} ++ ++_sd_hidden_ int sd_booted(void) { ++#if defined(DISABLE_SYSTEMD) || !defined(__linux__) ++ return 0; ++#else ++ ++ struct stat a, b; ++ ++ /* We simply test whether the systemd cgroup hierarchy is ++ * mounted */ ++ ++ if (lstat("/sys/fs/cgroup", &a) < 0) ++ return 0; ++ ++ if (lstat("/sys/fs/cgroup/systemd", &b) < 0) ++ return 0; ++ ++ return a.st_dev != b.st_dev; ++#endif ++} +diff --git a/PCSC/src/sd-daemon.h b/PCSC/src/sd-daemon.h +new file mode 100644 +index 0000000..46dc7fd +--- /dev/null ++++ b/PCSC/src/sd-daemon.h +@@ -0,0 +1,277 @@ ++/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ ++ ++#ifndef foosddaemonhfoo ++#define foosddaemonhfoo ++ ++/*** ++ Copyright 2010 Lennart Poettering ++ ++ Permission is hereby granted, free of charge, to any person ++ obtaining a copy of this software and associated documentation files ++ (the "Software"), to deal in the Software without restriction, ++ including without limitation the rights to use, copy, modify, merge, ++ publish, distribute, sublicense, and/or sell copies of the Software, ++ and to permit persons to whom the Software is furnished to do so, ++ subject to the following conditions: ++ ++ The above copyright notice and this permission notice shall be ++ included in all copies or substantial portions of the Software. ++ ++ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, ++ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF ++ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ++ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS ++ BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ++ ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN ++ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE ++ SOFTWARE. ++***/ ++ ++#include ++#include ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++/* ++ Reference implementation of a few systemd related interfaces for ++ writing daemons. These interfaces are trivial to implement. To ++ simplify porting we provide this reference implementation. ++ Applications are welcome to reimplement the algorithms described ++ here if they do not want to include these two source files. ++ ++ The following functionality is provided: ++ ++ - Support for logging with log levels on stderr ++ - File descriptor passing for socket-based activation ++ - Daemon startup and status notification ++ - Detection of systemd boots ++ ++ You may compile this with -DDISABLE_SYSTEMD to disable systemd ++ support. This makes all those calls NOPs that are directly related to ++ systemd (i.e. only sd_is_xxx() will stay useful). ++ ++ Since this is drop-in code we don't want any of our symbols to be ++ exported in any case. Hence we declare hidden visibility for all of ++ them. ++ ++ You may find an up-to-date version of these source files online: ++ + http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.h + http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.c -+ -+ This should compile on non-Linux systems, too, but with the -+ exception of the sd_is_xxx() calls all functions will become NOPs. -+ -+ See sd-daemon(7) for more information. -+*/ -+ -+#ifndef _sd_printf_attr_ -+#if __GNUC__ >= 4 -+#define _sd_printf_attr_(a,b) __attribute__ ((format (printf, a, b))) -+#else -+#define _sd_printf_attr_(a,b) -+#endif -+#endif -+ -+/* -+ Log levels for usage on stderr: -+ -+ fprintf(stderr, SD_NOTICE "Hello World!\n"); -+ -+ This is similar to printk() usage in the kernel. -+*/ -+#define SD_EMERG "<0>" /* system is unusable */ -+#define SD_ALERT "<1>" /* action must be taken immediately */ -+#define SD_CRIT "<2>" /* critical conditions */ -+#define SD_ERR "<3>" /* error conditions */ -+#define SD_WARNING "<4>" /* warning conditions */ -+#define SD_NOTICE "<5>" /* normal but significant condition */ -+#define SD_INFO "<6>" /* informational */ -+#define SD_DEBUG "<7>" /* debug-level messages */ -+ -+/* The first passed file descriptor is fd 3 */ -+#define SD_LISTEN_FDS_START 3 -+ -+/* -+ Returns how many file descriptors have been passed, or a negative -+ errno code on failure. Optionally, removes the $LISTEN_FDS and -+ $LISTEN_PID file descriptors from the environment (recommended, but -+ problematic in threaded environments). If r is the return value of -+ this function you'll find the file descriptors passed as fds -+ SD_LISTEN_FDS_START to SD_LISTEN_FDS_START+r-1. Returns a negative -+ errno style error code on failure. This function call ensures that -+ the FD_CLOEXEC flag is set for the passed file descriptors, to make -+ sure they are not passed on to child processes. If FD_CLOEXEC shall -+ not be set, the caller needs to unset it after this call for all file -+ descriptors that are used. -+ -+ See sd_listen_fds(3) for more information. -+*/ -+int sd_listen_fds(int unset_environment); -+ -+/* -+ Helper call for identifying a passed file descriptor. Returns 1 if -+ the file descriptor is a FIFO in the file system stored under the -+ specified path, 0 otherwise. If path is NULL a path name check will -+ not be done and the call only verifies if the file descriptor -+ refers to a FIFO. Returns a negative errno style error code on -+ failure. -+ -+ See sd_is_fifo(3) for more information. -+*/ -+int sd_is_fifo(int fd, const char *path); -+ -+/* -+ Helper call for identifying a passed file descriptor. Returns 1 if -+ the file descriptor is a special character device on the file -+ system stored under the specified path, 0 otherwise. -+ If path is NULL a path name check will not be done and the call -+ only verifies if the file descriptor refers to a special character. -+ Returns a negative errno style error code on failure. -+ -+ See sd_is_special(3) for more information. -+*/ -+int sd_is_special(int fd, const char *path); -+ -+/* -+ Helper call for identifying a passed file descriptor. Returns 1 if -+ the file descriptor is a socket of the specified family (AF_INET, -+ ...) and type (SOCK_DGRAM, SOCK_STREAM, ...), 0 otherwise. If -+ family is 0 a socket family check will not be done. If type is 0 a -+ socket type check will not be done and the call only verifies if -+ the file descriptor refers to a socket. If listening is > 0 it is -+ verified that the socket is in listening mode. (i.e. listen() has -+ been called) If listening is == 0 it is verified that the socket is -+ not in listening mode. If listening is < 0 no listening mode check -+ is done. Returns a negative errno style error code on failure. -+ -+ See sd_is_socket(3) for more information. -+*/ -+int sd_is_socket(int fd, int family, int type, int listening); -+ -+/* -+ Helper call for identifying a passed file descriptor. Returns 1 if -+ the file descriptor is an Internet socket, of the specified family -+ (either AF_INET or AF_INET6) and the specified type (SOCK_DGRAM, -+ SOCK_STREAM, ...), 0 otherwise. If version is 0 a protocol version -+ check is not done. If type is 0 a socket type check will not be -+ done. If port is 0 a socket port check will not be done. The -+ listening flag is used the same way as in sd_is_socket(). Returns a -+ negative errno style error code on failure. -+ -+ See sd_is_socket_inet(3) for more information. -+*/ -+int sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port); -+ -+/* -+ Helper call for identifying a passed file descriptor. Returns 1 if -+ the file descriptor is an AF_UNIX socket of the specified type -+ (SOCK_DGRAM, SOCK_STREAM, ...) and path, 0 otherwise. If type is 0 -+ a socket type check will not be done. If path is NULL a socket path -+ check will not be done. For normal AF_UNIX sockets set length to -+ 0. For abstract namespace sockets set length to the length of the -+ socket name (including the initial 0 byte), and pass the full -+ socket path in path (including the initial 0 byte). The listening -+ flag is used the same way as in sd_is_socket(). Returns a negative -+ errno style error code on failure. -+ -+ See sd_is_socket_unix(3) for more information. -+*/ -+int sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length); -+ -+/* -+ Helper call for identifying a passed file descriptor. Returns 1 if -+ the file descriptor is a POSIX Message Queue of the specified name, -+ 0 otherwise. If path is NULL a message queue name check is not -+ done. Returns a negative errno style error code on failure. -+*/ -+int sd_is_mq(int fd, const char *path); -+ -+/* -+ Informs systemd about changed daemon state. This takes a number of -+ newline separated environment-style variable assignments in a -+ string. The following variables are known: -+ -+ READY=1 Tells systemd that daemon startup is finished (only -+ relevant for services of Type=notify). The passed -+ argument is a boolean "1" or "0". Since there is -+ little value in signaling non-readiness the only -+ value daemons should send is "READY=1". -+ -+ STATUS=... Passes a single-line status string back to systemd -+ that describes the daemon state. This is free-from -+ and can be used for various purposes: general state -+ feedback, fsck-like programs could pass completion -+ percentages and failing programs could pass a human -+ readable error message. Example: "STATUS=Completed -+ 66% of file system check..." -+ -+ ERRNO=... If a daemon fails, the errno-style error code, -+ formatted as string. Example: "ERRNO=2" for ENOENT. -+ -+ BUSERROR=... If a daemon fails, the D-Bus error-style error -+ code. Example: "BUSERROR=org.freedesktop.DBus.Error.TimedOut" -+ -+ MAINPID=... The main pid of a daemon, in case systemd did not -+ fork off the process itself. Example: "MAINPID=4711" -+ -+ Daemons can choose to send additional variables. However, it is -+ recommended to prefix variable names not listed above with X_. -+ -+ Returns a negative errno-style error code on failure. Returns > 0 -+ if systemd could be notified, 0 if it couldn't possibly because -+ systemd is not running. -+ -+ Example: When a daemon finished starting up, it could issue this -+ call to notify systemd about it: -+ -+ sd_notify(0, "READY=1"); -+ -+ See sd_notifyf() for more complete examples. -+ -+ See sd_notify(3) for more information. -+*/ -+int sd_notify(int unset_environment, const char *state); -+ -+/* -+ Similar to sd_notify() but takes a format string. -+ -+ Example 1: A daemon could send the following after initialization: -+ -+ sd_notifyf(0, "READY=1\n" -+ "STATUS=Processing requests...\n" -+ "MAINPID=%lu", -+ (unsigned long) getpid()); -+ -+ Example 2: A daemon could send the following shortly before -+ exiting, on failure: -+ -+ sd_notifyf(0, "STATUS=Failed to start up: %s\n" -+ "ERRNO=%i", -+ strerror(errno), -+ errno); -+ -+ See sd_notifyf(3) for more information. -+*/ -+int sd_notifyf(int unset_environment, const char *format, ...) _sd_printf_attr_(2,3); -+ -+/* -+ Returns > 0 if the system was booted with systemd. Returns < 0 on -+ error. Returns 0 if the system was not booted with systemd. Note -+ that all of the functions above handle non-systemd boots just -+ fine. You should NOT protect them with a call to this function. Also -+ note that this function checks whether the system, not the user -+ session is controlled by systemd. However the functions above work -+ for both user and system services. -+ -+ See sd_booted(3) for more information. -+*/ -+int sd_booted(void); -+ -+#ifdef __cplusplus -+} -+#endif -+ -+#endif -diff --git a/PCSC/src/winscard_msg.h b/PCSC/src/winscard_msg.h -index b2b6f90..b8c490c 100644 ---- a/PCSC/src/winscard_msg.h -+++ b/PCSC/src/winscard_msg.h -@@ -252,6 +252,7 @@ - - #ifdef PCSCD - int32_t InitializeSocket(void); -+ int32_t ListenExistingSocket(int fd); - int32_t ProcessEventsServer(/*@out@*/ uint32_t *); - #else - char *getSocketName(void); -diff --git a/PCSC/src/winscard_msg_srv.c b/PCSC/src/winscard_msg_srv.c -index 19ea363..4bb5bdc 100644 ---- a/PCSC/src/winscard_msg_srv.c -+++ b/PCSC/src/winscard_msg_srv.c -@@ -39,6 +39,7 @@ - - #include "misc.h" - #include "pcscd.h" -+#include "sd-daemon.h" - #include "winscard.h" - #include "debuglog.h" - #include "winscard_msg.h" -@@ -138,6 +139,30 @@ INTERNAL int32_t InitializeSocket(void) - } - - /** -+ * @brief Acquires a socket passed in from systemd. -+ * -+ * This is called by the server to start listening on an existing socket for -+ * local IPC with the clients. -+ * -+ * @param fd The file descriptor to start listening on. -+ * -+ * @return Error code. -+ * @retval 0 Success -+ * @retval -1 Passed FD is not an UNIX socket. -+ */ -+INTERNAL int32_t ListenExistingSocket(int fd) -+{ -+ if (!sd_is_socket(fd, AF_UNIX, SOCK_STREAM, -1)) -+ { -+ Log1(PCSC_LOG_CRITICAL, "Passed FD is not an UNIX socket"); -+ return -1; -+ } -+ -+ commonSocket = fd; -+ return 0; -+} -+ -+/** - * @brief Looks for messages sent by clients. - * - * This is called by the Server's function \c SVCServiceRunLoop(). ++ ++ This should compile on non-Linux systems, too, but with the ++ exception of the sd_is_xxx() calls all functions will become NOPs. ++ ++ See sd-daemon(7) for more information. ++*/ ++ ++#ifndef _sd_printf_attr_ ++#if __GNUC__ >= 4 ++#define _sd_printf_attr_(a,b) __attribute__ ((format (printf, a, b))) ++#else ++#define _sd_printf_attr_(a,b) ++#endif ++#endif ++ ++/* ++ Log levels for usage on stderr: ++ ++ fprintf(stderr, SD_NOTICE "Hello World!\n"); ++ ++ This is similar to printk() usage in the kernel. ++*/ ++#define SD_EMERG "<0>" /* system is unusable */ ++#define SD_ALERT "<1>" /* action must be taken immediately */ ++#define SD_CRIT "<2>" /* critical conditions */ ++#define SD_ERR "<3>" /* error conditions */ ++#define SD_WARNING "<4>" /* warning conditions */ ++#define SD_NOTICE "<5>" /* normal but significant condition */ ++#define SD_INFO "<6>" /* informational */ ++#define SD_DEBUG "<7>" /* debug-level messages */ ++ ++/* The first passed file descriptor is fd 3 */ ++#define SD_LISTEN_FDS_START 3 ++ ++/* ++ Returns how many file descriptors have been passed, or a negative ++ errno code on failure. Optionally, removes the $LISTEN_FDS and ++ $LISTEN_PID file descriptors from the environment (recommended, but ++ problematic in threaded environments). If r is the return value of ++ this function you'll find the file descriptors passed as fds ++ SD_LISTEN_FDS_START to SD_LISTEN_FDS_START+r-1. Returns a negative ++ errno style error code on failure. This function call ensures that ++ the FD_CLOEXEC flag is set for the passed file descriptors, to make ++ sure they are not passed on to child processes. If FD_CLOEXEC shall ++ not be set, the caller needs to unset it after this call for all file ++ descriptors that are used. ++ ++ See sd_listen_fds(3) for more information. ++*/ ++int sd_listen_fds(int unset_environment); ++ ++/* ++ Helper call for identifying a passed file descriptor. Returns 1 if ++ the file descriptor is a FIFO in the file system stored under the ++ specified path, 0 otherwise. If path is NULL a path name check will ++ not be done and the call only verifies if the file descriptor ++ refers to a FIFO. Returns a negative errno style error code on ++ failure. ++ ++ See sd_is_fifo(3) for more information. ++*/ ++int sd_is_fifo(int fd, const char *path); ++ ++/* ++ Helper call for identifying a passed file descriptor. Returns 1 if ++ the file descriptor is a special character device on the file ++ system stored under the specified path, 0 otherwise. ++ If path is NULL a path name check will not be done and the call ++ only verifies if the file descriptor refers to a special character. ++ Returns a negative errno style error code on failure. ++ ++ See sd_is_special(3) for more information. ++*/ ++int sd_is_special(int fd, const char *path); ++ ++/* ++ Helper call for identifying a passed file descriptor. Returns 1 if ++ the file descriptor is a socket of the specified family (AF_INET, ++ ...) and type (SOCK_DGRAM, SOCK_STREAM, ...), 0 otherwise. If ++ family is 0 a socket family check will not be done. If type is 0 a ++ socket type check will not be done and the call only verifies if ++ the file descriptor refers to a socket. If listening is > 0 it is ++ verified that the socket is in listening mode. (i.e. listen() has ++ been called) If listening is == 0 it is verified that the socket is ++ not in listening mode. If listening is < 0 no listening mode check ++ is done. Returns a negative errno style error code on failure. ++ ++ See sd_is_socket(3) for more information. ++*/ ++int sd_is_socket(int fd, int family, int type, int listening); ++ ++/* ++ Helper call for identifying a passed file descriptor. Returns 1 if ++ the file descriptor is an Internet socket, of the specified family ++ (either AF_INET or AF_INET6) and the specified type (SOCK_DGRAM, ++ SOCK_STREAM, ...), 0 otherwise. If version is 0 a protocol version ++ check is not done. If type is 0 a socket type check will not be ++ done. If port is 0 a socket port check will not be done. The ++ listening flag is used the same way as in sd_is_socket(). Returns a ++ negative errno style error code on failure. ++ ++ See sd_is_socket_inet(3) for more information. ++*/ ++int sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port); ++ ++/* ++ Helper call for identifying a passed file descriptor. Returns 1 if ++ the file descriptor is an AF_UNIX socket of the specified type ++ (SOCK_DGRAM, SOCK_STREAM, ...) and path, 0 otherwise. If type is 0 ++ a socket type check will not be done. If path is NULL a socket path ++ check will not be done. For normal AF_UNIX sockets set length to ++ 0. For abstract namespace sockets set length to the length of the ++ socket name (including the initial 0 byte), and pass the full ++ socket path in path (including the initial 0 byte). The listening ++ flag is used the same way as in sd_is_socket(). Returns a negative ++ errno style error code on failure. ++ ++ See sd_is_socket_unix(3) for more information. ++*/ ++int sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length); ++ ++/* ++ Helper call for identifying a passed file descriptor. Returns 1 if ++ the file descriptor is a POSIX Message Queue of the specified name, ++ 0 otherwise. If path is NULL a message queue name check is not ++ done. Returns a negative errno style error code on failure. ++*/ ++int sd_is_mq(int fd, const char *path); ++ ++/* ++ Informs systemd about changed daemon state. This takes a number of ++ newline separated environment-style variable assignments in a ++ string. The following variables are known: ++ ++ READY=1 Tells systemd that daemon startup is finished (only ++ relevant for services of Type=notify). The passed ++ argument is a boolean "1" or "0". Since there is ++ little value in signaling non-readiness the only ++ value daemons should send is "READY=1". ++ ++ STATUS=... Passes a single-line status string back to systemd ++ that describes the daemon state. This is free-from ++ and can be used for various purposes: general state ++ feedback, fsck-like programs could pass completion ++ percentages and failing programs could pass a human ++ readable error message. Example: "STATUS=Completed ++ 66% of file system check..." ++ ++ ERRNO=... If a daemon fails, the errno-style error code, ++ formatted as string. Example: "ERRNO=2" for ENOENT. ++ ++ BUSERROR=... If a daemon fails, the D-Bus error-style error ++ code. Example: "BUSERROR=org.freedesktop.DBus.Error.TimedOut" ++ ++ MAINPID=... The main pid of a daemon, in case systemd did not ++ fork off the process itself. Example: "MAINPID=4711" ++ ++ Daemons can choose to send additional variables. However, it is ++ recommended to prefix variable names not listed above with X_. ++ ++ Returns a negative errno-style error code on failure. Returns > 0 ++ if systemd could be notified, 0 if it couldn't possibly because ++ systemd is not running. ++ ++ Example: When a daemon finished starting up, it could issue this ++ call to notify systemd about it: ++ ++ sd_notify(0, "READY=1"); ++ ++ See sd_notifyf() for more complete examples. ++ ++ See sd_notify(3) for more information. ++*/ ++int sd_notify(int unset_environment, const char *state); ++ ++/* ++ Similar to sd_notify() but takes a format string. ++ ++ Example 1: A daemon could send the following after initialization: ++ ++ sd_notifyf(0, "READY=1\n" ++ "STATUS=Processing requests...\n" ++ "MAINPID=%lu", ++ (unsigned long) getpid()); ++ ++ Example 2: A daemon could send the following shortly before ++ exiting, on failure: ++ ++ sd_notifyf(0, "STATUS=Failed to start up: %s\n" ++ "ERRNO=%i", ++ strerror(errno), ++ errno); ++ ++ See sd_notifyf(3) for more information. ++*/ ++int sd_notifyf(int unset_environment, const char *format, ...) _sd_printf_attr_(2,3); ++ ++/* ++ Returns > 0 if the system was booted with systemd. Returns < 0 on ++ error. Returns 0 if the system was not booted with systemd. Note ++ that all of the functions above handle non-systemd boots just ++ fine. You should NOT protect them with a call to this function. Also ++ note that this function checks whether the system, not the user ++ session is controlled by systemd. However the functions above work ++ for both user and system services. ++ ++ See sd_booted(3) for more information. ++*/ ++int sd_booted(void); ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif +diff --git a/PCSC/src/winscard_msg.h b/PCSC/src/winscard_msg.h +index b2b6f90..b8c490c 100644 +--- a/PCSC/src/winscard_msg.h ++++ b/PCSC/src/winscard_msg.h +@@ -252,6 +252,7 @@ + + #ifdef PCSCD + int32_t InitializeSocket(void); ++ int32_t ListenExistingSocket(int fd); + int32_t ProcessEventsServer(/*@out@*/ uint32_t *); + #else + char *getSocketName(void); +diff --git a/PCSC/src/winscard_msg_srv.c b/PCSC/src/winscard_msg_srv.c +index 19ea363..4bb5bdc 100644 +--- a/PCSC/src/winscard_msg_srv.c ++++ b/PCSC/src/winscard_msg_srv.c +@@ -39,6 +39,7 @@ + + #include "misc.h" + #include "pcscd.h" ++#include "sd-daemon.h" + #include "winscard.h" + #include "debuglog.h" + #include "winscard_msg.h" +@@ -138,6 +139,30 @@ INTERNAL int32_t InitializeSocket(void) + } + + /** ++ * @brief Acquires a socket passed in from systemd. ++ * ++ * This is called by the server to start listening on an existing socket for ++ * local IPC with the clients. ++ * ++ * @param fd The file descriptor to start listening on. ++ * ++ * @return Error code. ++ * @retval 0 Success ++ * @retval -1 Passed FD is not an UNIX socket. ++ */ ++INTERNAL int32_t ListenExistingSocket(int fd) ++{ ++ if (!sd_is_socket(fd, AF_UNIX, SOCK_STREAM, -1)) ++ { ++ Log1(PCSC_LOG_CRITICAL, "Passed FD is not an UNIX socket"); ++ return -1; ++ } ++ ++ commonSocket = fd; ++ return 0; ++} ++ ++/** + * @brief Looks for messages sent by clients. + * + * This is called by the Server's function \c SVCServiceRunLoop(). -- 1.7.5.4 +