thirdparty/systemd.git
3 hours agonspawn: don't hard fail when setting capabilities master
Anita Zhang [Mon, 3 Jun 2019 23:25:43 +0000 (16:25 -0700)]
nspawn: don't hard fail when setting capabilities

The OCI changes in #9762 broke a use case in which we use nspawn from
inside a container that has dropped capabilities from the bounding set
that nspawn expected to retain. In an attempt to keep OCI compliance
and support our use case, I made hard failing on setting capabilities
not in the bounding set optional (hard fail if using OCI and log only
if using nspawn cmdline).

Fixes #12539

5 hours agoMerge pull request #12846 from poettering/cap-last-cap-fix
Yu Watanabe [Thu, 20 Jun 2019 18:31:49 +0000 (03:31 +0900)]
Merge pull request #12846 from poettering/cap-last-cap-fix

cap_last_cap() off by one fixes

5 hours agobpf: use more TAKE_FD()
Lennart Poettering [Thu, 20 Jun 2019 12:41:09 +0000 (14:41 +0200)]
bpf: use more TAKE_FD()

10 hours agobus-creds: fix size calculation for storing caps data 12846/head
Lennart Poettering [Thu, 20 Jun 2019 12:54:40 +0000 (14:54 +0200)]
bus-creds: fix size calculation for storing caps data

This is a bit confusing, hence let's at an example comment.

10 hours agocapability: fix loops for cap_last_cap()
Lennart Poettering [Thu, 20 Jun 2019 12:44:47 +0000 (14:44 +0200)]
capability: fix loops for cap_last_cap()

cap_last_cap() returns the last valid cap (instead of the number of
valid caps). to iterate through all known caps we hence need to use a <=
check, and not a < check like for all other cases. We got this right
usually, but in three cases we did not.

11 hours agounits: deny access to block devices
Topi Miettinen [Wed, 1 May 2019 12:28:36 +0000 (15:28 +0300)]
units: deny access to block devices

While the need for access to character devices can be tricky to determine for
the general case, it's obvious that most of our services have no need to access
block devices. For logind and timedated this can be tightened further.

11 hours agoMerge pull request #12762 from yuwata/network-introduce-carrier-and-network-state...
Lennart Poettering [Thu, 20 Jun 2019 11:36:30 +0000 (13:36 +0200)]
Merge pull request #12762 from yuwata/network-introduce-carrier-and-network-state-12752

network: introduce carrier and address state to fix network_is_online()

12 hours agoMerge pull request #12837 from yuwata/tree-wide-lgtm-fixes
Lennart Poettering [Thu, 20 Jun 2019 10:35:34 +0000 (12:35 +0200)]
Merge pull request #12837 from yuwata/tree-wide-lgtm-fixes

tree-wide: fix issues found by lgtm

15 hours agocgroup: Continue unit reset if cgroup is busy
Donald Buczek [Thu, 25 Apr 2019 07:39:41 +0000 (09:39 +0200)]
cgroup: Continue unit reset if cgroup is busy

When part of the cgroup hierarchy cannot be deleted (e.g. because there
are still processes in it), do not exit unit_prune_cgroup early, but
continue so that u->cgroup_realized is reset.

Log the known case of non-empty cgroups at debug level and other errors
at warning level.

Fixes https://github.com/systemd/systemd/issues/12386

25 hours agoMerge pull request #12806 from yuwata/networkctl-ethtool-12657
Yu Watanabe [Wed, 19 Jun 2019 21:56:37 +0000 (06:56 +0900)]
Merge pull request #12806 from yuwata/networkctl-ethtool-12657

networkctl: show speed, duplex, auto negotiation, and port

25 hours agoutil: use extract_first_word() instead of strsep() 12837/head
Yu Watanabe [Wed, 19 Jun 2019 21:51:34 +0000 (06:51 +0900)]
util: use extract_first_word() instead of strsep()

26 hours agotree-wide: use htobe{32,16}() instead of hton{l,s}()
Yu Watanabe [Wed, 19 Jun 2019 21:34:05 +0000 (06:34 +0900)]
tree-wide: use htobe{32,16}() instead of hton{l,s}()

26 hours agotree-wide: drop alloca() in loop
Yu Watanabe [Wed, 19 Jun 2019 21:29:19 +0000 (06:29 +0900)]
tree-wide: drop alloca() in loop

27 hours agonetworkctl: show link speed, duplex, auto negotiation, and port 12806/head
Yu Watanabe [Mon, 17 Jun 2019 07:12:06 +0000 (16:12 +0900)]
networkctl: show link speed, duplex, auto negotiation, and port

33 hours agonetwork: change type of BitRates= bus property
Yu Watanabe [Wed, 19 Jun 2019 13:18:54 +0000 (22:18 +0900)]
network: change type of BitRates= bus property

33 hours agotable: introduce FORMAT_BPS type
Yu Watanabe [Wed, 19 Jun 2019 13:03:42 +0000 (22:03 +0900)]
table: introduce FORMAT_BPS type

33 hours agotest: add tests for format_bytes()
Yu Watanabe [Wed, 19 Jun 2019 00:52:45 +0000 (09:52 +0900)]
test: add tests for format_bytes()

33 hours agoutil: make format_bytes() support e.g. 3.0E
Yu Watanabe [Wed, 19 Jun 2019 01:05:30 +0000 (10:05 +0900)]
util: make format_bytes() support e.g. 3.0E

33 hours agoutil: introduce format_bytes_full()
Yu Watanabe [Mon, 17 Jun 2019 07:08:24 +0000 (16:08 +0900)]
util: introduce format_bytes_full()

And move it into format-util.c.

33 hours agoethtool-util: introduce ethtool_get_link_info()
Yu Watanabe [Mon, 17 Jun 2019 06:31:20 +0000 (15:31 +0900)]
ethtool-util: introduce ethtool_get_link_info()

Will be used in later commits.

33 hours agoethtool-util: make ethtool_connect() warn on failure
Yu Watanabe [Wed, 19 Jun 2019 00:09:58 +0000 (09:09 +0900)]
ethtool-util: make ethtool_connect() warn on failure

33 hours agoethtool-util: use structured initializers
Yu Watanabe [Mon, 17 Jun 2019 05:57:54 +0000 (14:57 +0900)]
ethtool-util: use structured initializers

33 hours agosd-resolve: suppress false positive MSan warnings
Frantisek Sumsal [Wed, 19 Jun 2019 12:16:15 +0000 (21:16 +0900)]
sd-resolve: suppress false positive MSan warnings

MSan dislikes structured initializers for nested structures.

34 hours agoMerge pull request #12828 from yuwata/network-routing-policy-rule-add-missing-entries
Zbigniew Jędrzejewski-Szmek [Wed, 19 Jun 2019 13:25:31 +0000 (15:25 +0200)]
Merge pull request #12828 from yuwata/network-routing-policy-rule-add-missing-entries

network: add missing entries in routing_policy_rule_{hash,compare}_func()

34 hours agoMerge pull request #12815 from irtimmer/dot-strict
Lennart Poettering [Wed, 19 Jun 2019 12:56:36 +0000 (14:56 +0200)]
Merge pull request #12815 from irtimmer/dot-strict

resolved: strict mode for DNS-over-TLS

35 hours agonetwork: add missing entries in routing_policy_rule_{hash,compare}_func() 12828/head
Yu Watanabe [Wed, 19 Jun 2019 04:04:24 +0000 (13:04 +0900)]
network: add missing entries in routing_policy_rule_{hash,compare}_func()

This also makes routing_policy_rule_get() or friends take
a RoutingPolicyRule object as an input.

35 hours agoutil: introduce siphash24_compress_boolean()
Yu Watanabe [Wed, 19 Jun 2019 12:02:47 +0000 (21:02 +0900)]
util: introduce siphash24_compress_boolean()

36 hours agoresolved: support TLS 1.3 when using GnuTLS for DNS-over-TLS 12815/head
Iwan Timmer [Mon, 17 Jun 2019 19:24:05 +0000 (21:24 +0200)]
resolved: support TLS 1.3 when using GnuTLS for DNS-over-TLS

36 hours agoresolved: add strict mode for DNS-over-TLS
Iwan Timmer [Mon, 18 Feb 2019 19:41:46 +0000 (20:41 +0100)]
resolved: add strict mode for DNS-over-TLS

Add strict mode for DNS-over-TLS, which will require TLS support from the server. Closes #10755

36 hours agoresolved: don't require check when importing resolved-dnstls.h
Iwan Timmer [Tue, 18 Jun 2019 16:54:55 +0000 (18:54 +0200)]
resolved: don't require check when importing resolved-dnstls.h

40 hours agoMerge pull request #12829 from yuwata/dhcp-memdup_suffix0
Lennart Poettering [Wed, 19 Jun 2019 07:00:52 +0000 (09:00 +0200)]
Merge pull request #12829 from yuwata/dhcp-memdup_suffix0

sd-bus,dhcp: use memdup_suffix0() instead of strndup()

42 hours agosd-bus: use memdup_suffix0() instead of strndup() 12829/head
Yu Watanabe [Wed, 19 Jun 2019 05:29:00 +0000 (14:29 +0900)]
sd-bus: use memdup_suffix0() instead of strndup()

42 hours agodhcp: use memdup_suffix0() instead of strndup()
Yu Watanabe [Wed, 19 Jun 2019 05:15:06 +0000 (14:15 +0900)]
dhcp: use memdup_suffix0() instead of strndup()

45 hours agoMerge pull request #12822 from poettering/tmpfiles-is-mount-point
Yu Watanabe [Wed, 19 Jun 2019 02:11:06 +0000 (11:11 +0900)]
Merge pull request #12822 from poettering/tmpfiles-is-mount-point

tmpfiles: use common fd_is_mount_point() implementation

47 hours agoethtool-util: move from src/udev/net/ to src/shared/
Yu Watanabe [Mon, 17 Jun 2019 05:52:55 +0000 (14:52 +0900)]
ethtool-util: move from src/udev/net/ to src/shared/

2 days agojournald: use memdup_suffix0() when copying string from potentially binary data
Lennart Poettering [Tue, 18 Jun 2019 13:56:07 +0000 (15:56 +0200)]
journald: use memdup_suffix0() when copying string from potentially binary data

Fixes: #12484

2 days agoresolved: add missing error code check when initializing DNS-over-TLS
Iwan Timmer [Mon, 17 Jun 2019 20:33:50 +0000 (22:33 +0200)]
resolved: add missing error code check when initializing DNS-over-TLS

2 days agoresolved: move TLS data shared by all servers to manager
Iwan Timmer [Sat, 15 Jun 2019 20:54:41 +0000 (22:54 +0200)]
resolved: move TLS data shared by all servers to manager

Instead of having a context and/or trusted CA list per server this is now moved to the server. Ensures future TLS configuration options are global instead of per server.

2 days agofix(journal-gatewayd): use relative urls (not starting with '/')
Markus Felten [Tue, 18 Jun 2019 08:11:28 +0000 (10:11 +0200)]
fix(journal-gatewayd): use relative urls (not starting with '/')

if journal-gatewayd http is not mounted at '/' (proxy request)
the request lose their initial path component

2 days agohashmap: avoid using TLS in a destructor
Frantisek Sumsal [Tue, 18 Jun 2019 09:25:16 +0000 (11:25 +0200)]
hashmap: avoid using TLS in a destructor

Using C11 thread-local storage in destructors causes uninitialized
read. Let's avoid that using a direct comparison instead of using
the cached values. As this code path is taken only when compiled
with -DVALGRIND=1, the performance cost shouldn't matter too much.

Fixes #12814

2 days agoMerge pull request #12758 from fbuihuu/nspawn-console-tty
Lennart Poettering [Tue, 18 Jun 2019 11:17:14 +0000 (13:17 +0200)]
Merge pull request #12758 from fbuihuu/nspawn-console-tty

Create nspawn console tty in the child

2 days agotmpfiles: use common fd_is_mount_point() implementation in tmpfiles.c 12822/head
Lennart Poettering [Tue, 18 Jun 2019 10:42:30 +0000 (12:42 +0200)]
tmpfiles: use common fd_is_mount_point() implementation in tmpfiles.c

No need to have a private reimplementation here. Let's just use the
common one, which supports "fdinfo" as fallback.

2 days agotmpfiles: merge two nested if checks into one
Lennart Poettering [Tue, 18 Jun 2019 10:41:31 +0000 (12:41 +0200)]
tmpfiles: merge two nested if checks into one

2 days agotmpfiles: use path_join() where we can
Lennart Poettering [Tue, 18 Jun 2019 10:41:02 +0000 (12:41 +0200)]
tmpfiles: use path_join() where we can

2 days agodhcp: fix comparison with previous lease
Yu Watanabe [Tue, 18 Jun 2019 02:18:46 +0000 (11:18 +0900)]
dhcp: fix comparison with previous lease

Follow-up for f8862395e8f802e4106a07ceaaf02b6a1faa5a6d.

Fixes #12816.

2 days agonspawn: make use of openpt_allocate() 12758/head
Franck Bui [Fri, 7 Jun 2019 08:27:18 +0000 (10:27 +0200)]
nspawn: make use of openpt_allocate()

2 days agoterminal-util: introduce openpt_allocate()
Franck Bui [Fri, 7 Jun 2019 08:17:11 +0000 (10:17 +0200)]
terminal-util: introduce openpt_allocate()

Allocating a pty is done in a couple of places so let's introduce a new helper
which does the job.

Also the new function, as well as openpt_in_namespace(), returns both pty
master and slave so the callers don't need to know about the pty slave
allocation details.

For the same reasons machine_openpt() prototype has also been changed to return
both pty master and slave so callers don't need to allocate a pty slave which
might be in a different namespace.

Finally openpt_in_namespace() has been renamed into
openpt_allocate_in_namespace().

2 days agoMerge pull request #12805 from yuwata/test-network-cleanups
Zbigniew Jędrzejewski-Szmek [Tue, 18 Jun 2019 06:57:26 +0000 (08:57 +0200)]
Merge pull request #12805 from yuwata/test-network-cleanups

test: further test-network cleanups

2 days agonspawn: allocate the pty used for /dev/console within the container
Franck Bui [Thu, 6 Jun 2019 08:05:33 +0000 (10:05 +0200)]
nspawn: allocate the pty used for /dev/console within the container

The console tty is now allocated from within the container so it's not
necessary anymore to allocate it from the host and bind mount the pty slave
into the container. The pty master is sent to the host.

/dev/console is now a symlink pointing to the pty slave.

This might also be less confusing for applications running inside the container
and the overall result looks cleaner (we don't need to apply manually the
passed selinux context, if any, to the allocated pty for instance).

2 days agonspawn: use correct error variable when logging errors returned by send_one_fd()
Franck Bui [Thu, 6 Jun 2019 13:58:14 +0000 (15:58 +0200)]
nspawn: use correct error variable when logging errors returned by send_one_fd()

2 days agonamespace-util: make use of TAKE_FD()
Franck Bui [Fri, 7 Jun 2019 05:36:11 +0000 (07:36 +0200)]
namespace-util: make use of TAKE_FD()

No functional changes.

2 days agofs-util: no need for fchmod_and_chown() to access /proc/self/fd directly
Franck Bui [Thu, 6 Jun 2019 12:05:27 +0000 (14:05 +0200)]
fs-util: no need for fchmod_and_chown() to access /proc/self/fd directly

fstat(2) is fine with O_PATH fds.

For changing owership of a file opened with O_PATH, there's fchownat(2).

Only changing permissions is problematic but we introduced fchmod_opath() for
that purpose.

2 days agotest-network: change default sleep time of start_networkd() 12805/head
Yu Watanabe [Mon, 17 Jun 2019 02:21:45 +0000 (11:21 +0900)]
test-network: change default sleep time of start_networkd()

2 days agotest-network: use wait-online in NetworkdBridgeTests
Yu Watanabe [Mon, 17 Jun 2019 02:06:01 +0000 (11:06 +0900)]
test-network: use wait-online in NetworkdBridgeTests

2 days agonetwork: do not configure routing policy rule if it is already configured
Yu Watanabe [Tue, 18 Jun 2019 04:09:06 +0000 (13:09 +0900)]
network: do not configure routing policy rule if it is already configured

2 days agonetwork: make routing_policy_rule_get() require Manager
Yu Watanabe [Tue, 18 Jun 2019 04:08:20 +0000 (13:08 +0900)]
network: make routing_policy_rule_get() require Manager

2 days agotest-network: use wait-online in NetworkdBondTests
Yu Watanabe [Mon, 17 Jun 2019 01:52:16 +0000 (10:52 +0900)]
test-network: use wait-online in NetworkdBondTests

2 days agotest-network: use setUp() and tearDown() to clear routing policy rule tables
Yu Watanabe [Mon, 17 Jun 2019 02:09:25 +0000 (11:09 +0900)]
test-network: use setUp() and tearDown() to clear routing policy rule tables

2 days agoMerge pull request #12807 from keszybz/net-naming-scheme-yet-again
Yu Watanabe [Tue, 18 Jun 2019 03:02:41 +0000 (12:02 +0900)]
Merge pull request #12807 from keszybz/net-naming-scheme-yet-again

Extend naming scheme to mac address policy and introduce NAMING_STABLE_VIRTUAL_MACS

2 days agotest-network: rename l2tp_tunnel_remove -> remove_l2tp_tunnels
Yu Watanabe [Mon, 17 Jun 2019 02:11:30 +0000 (11:11 +0900)]
test-network: rename l2tp_tunnel_remove -> remove_l2tp_tunnels

2 days agotest-network: remove all routing policy rules in specified table
Yu Watanabe [Mon, 17 Jun 2019 10:57:54 +0000 (19:57 +0900)]
test-network: remove all routing policy rules in specified table

2 days agodocs: CGROUP_DELEGATION: fix a typo in "that"
Jan Pokorný [Mon, 17 Jun 2019 18:49:28 +0000 (20:49 +0200)]
docs: CGROUP_DELEGATION: fix a typo in "that"

3 days agotravis: turn on all default UBSan checks except for pointer-overflow, object-size...
Evgeny Vereshchagin [Mon, 17 Jun 2019 17:08:48 +0000 (19:08 +0200)]
travis: turn on all default UBSan checks except for pointer-overflow, object-size and float-cast-overflow

3 days agocore: set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX
Lennart Poettering [Mon, 17 Jun 2019 08:51:25 +0000 (10:51 +0200)]
core: set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX

Since kernel 5.2 the kernel thankfully returns proper errors when we
write a value out of range to the sysctl. Which however breaks writing
ULONG_MAX to request the maximum value. Hence let's write the new
maximum value instead, LONG_MAX.

/cc @brauner

Fixes: #12803

3 days agoMerge pull request #12810 from evverx/nonnull-attribute
Lennart Poettering [Mon, 17 Jun 2019 12:54:18 +0000 (14:54 +0200)]
Merge pull request #12810 from evverx/nonnull-attribute

travis: turn on nonnull-attribute on Fuzzit

3 days agoudev: introduce NAMING_STABLE_VIRTUAL_MACS (retroactively) 12807/head
Zbigniew Jędrzejewski-Szmek [Mon, 17 Jun 2019 07:42:46 +0000 (09:42 +0200)]
udev: introduce NAMING_STABLE_VIRTUAL_MACS (retroactively)

This is for 6d3646406560. It turns out that this is causing more problems than
expected. Let's retroactively introduce naming scheme v241 to conditionalize
this change.

Follow-up for #12792 and 6d36464065601f7. See also
https://bugzilla.suse.com/show_bug.cgi?id=1136600.

$ SYSTEMD_LOG_LEVEL=debug NET_NAMING_SCHEME=v240 build/udevadm test-builtin net_setup_link /sys/class/net/br11
$ SYSTEMD_LOG_LEVEL=debug NET_NAMING_SCHEME=v241 build/udevadm test-builtin net_setup_link /sys/class/net/br11
...
@@ -20,11 +20,13 @@
 link_config: could not set ethtool features for br11
 Could not set offload features of br11: Operation not permitted
 br11: Device has name_assign_type=3
-Using interface naming scheme 'v240'.
+Using interface naming scheme 'v241'.
 br11: Policy *keep*: keeping existing userspace name
 br11: Device has addr_assign_type=1
-br11: No stable identifying information found
-br11: Could not generate persistent MAC: No data available
+br11: Using "br11" as stable identifying information
+br11: Using generated persistent MAC address
+Could not set Alias=, MACAddress= or MTU= on br11: Operation not permitted
+br11: Could not apply link config, ignoring: Operation not permitted
 Unload module index
 Unloaded link configuration context.
 ID_NET_DRIVER=bridge

3 days agolibsystemd-network: rename net_get_name() to net_get_name_persistent()
Zbigniew Jędrzejewski-Szmek [Mon, 17 Jun 2019 11:38:40 +0000 (13:38 +0200)]
libsystemd-network: rename net_get_name() to net_get_name_persistent()

This reflect its role better.
(I didn't use …_persistent_name(), because which name is actually used
depends on the policy. So it's better not to make this sound like it returns
*the* persistent name.)

3 days agoman: clean up naming scheme description a bit
Zbigniew Jędrzejewski-Szmek [Mon, 17 Jun 2019 07:21:57 +0000 (09:21 +0200)]
man: clean up naming scheme description a bit

This is in preparation for later changes.  Let's change the documentation of
net.naming-scheme= to also say that it applies to MAC addresses. This commit
doesn't actually implement that though.

3 days agosleep: properly pass verb to sleep script
Lennart Poettering [Mon, 17 Jun 2019 09:31:06 +0000 (11:31 +0200)]
sleep: properly pass verb to sleep script

Another fall-out from our rewriting of argv[] now.

Fixes: #12782

3 days agofuzzit: sort UBSan checks alphabetically 12810/head
Evgeny Vereshchagin [Mon, 17 Jun 2019 10:49:07 +0000 (12:49 +0200)]
fuzzit: sort UBSan checks alphabetically

to make it easier to make sense of them

3 days agomeson: fix error message
Yu Watanabe [Mon, 17 Jun 2019 01:22:54 +0000 (10:22 +0900)]
meson: fix error message

3 days agoMerge pull request #12802 from irtimmer/fix-openssl
Yu Watanabe [Mon, 17 Jun 2019 01:19:50 +0000 (10:19 +0900)]
Merge pull request #12802 from irtimmer/fix-openssl

resolved: fix DNS-over-TLS when using OpenSSL

4 days agotimesync: judging if network is online by networkd's address state 12762/head
Yu Watanabe [Sun, 9 Jun 2019 20:36:32 +0000 (05:36 +0900)]
timesync: judging if network is online by networkd's address state

Closes #12752.

4 days agosd-network: introduce functions for new link and manager states
Yu Watanabe [Sun, 9 Jun 2019 19:56:03 +0000 (04:56 +0900)]
sd-network: introduce functions for new link and manager states

4 days agonetwork: drop unused manager_send_changed()
Yu Watanabe [Sun, 16 Jun 2019 00:27:19 +0000 (09:27 +0900)]
network: drop unused manager_send_changed()

4 days agonetwork: also introduce two new manager states
Yu Watanabe [Sun, 9 Jun 2019 20:22:25 +0000 (05:22 +0900)]
network: also introduce two new manager states

4 days agonetwork: expose carrier and address states over dbus
Yu Watanabe [Sun, 16 Jun 2019 00:03:25 +0000 (09:03 +0900)]
network: expose carrier and address states over dbus

Previously, when a bridge or bonding interface is in degraded-carrier
state, then we cannot judge the interface has addresses or not.
By using the new states, dbus clients can distinguish such situation.

4 days agonetwork: split operational states into carrier and address states
Yu Watanabe [Sat, 15 Jun 2019 23:58:39 +0000 (08:58 +0900)]
network: split operational states into carrier and address states

This should not change any behavior. The new states will be exposed by
later commits.

4 days agonetwork: introduce manager_send_changed_strv()
Yu Watanabe [Sun, 9 Jun 2019 20:15:53 +0000 (05:15 +0900)]
network: introduce manager_send_changed_strv()

4 days agonetwork: introduce link_send_changed_strv()
Yu Watanabe [Sun, 16 Jun 2019 00:14:36 +0000 (09:14 +0900)]
network: introduce link_send_changed_strv()

It will be used in later commits.

4 days agonetwork: split out DBus related prototypes to networkd-link-bus.h
Yu Watanabe [Sun, 26 May 2019 20:35:02 +0000 (05:35 +0900)]
network: split out DBus related prototypes to networkd-link-bus.h

5 days agotravis: turn on nonnull-attribute on Fuzzit
Evgeny Vereshchagin [Sat, 15 Jun 2019 21:12:24 +0000 (23:12 +0200)]
travis: turn on nonnull-attribute on Fuzzit

5 days agoresolved: make no changes to OpenSSL BUF_MEM struct 12802/head
Iwan Timmer [Sat, 15 Jun 2019 20:05:00 +0000 (22:05 +0200)]
resolved: make no changes to OpenSSL BUF_MEM struct

Fix crash when using OpenSSL 1.1.1c
Fixes: #12763

5 days agoRevert "resolved: Fix incorrect use of OpenSSL BUF_MEM"
Iwan Timmer [Sat, 15 Jun 2019 19:56:45 +0000 (21:56 +0200)]
Revert "resolved: Fix incorrect use of OpenSSL BUF_MEM"

This reverts commit 18bddeaaf225d5becfc10cd2c6a1d037c90574a2.

Revert this because it does not take the OpenSSL internal read pointer
into considoration. Resulting in padding in packetdata and therefore
broken SSL connections.

5 days agoMerge pull request #12753 from jrouleau/fix/hibernate-resume-timeout
Zbigniew Jędrzejewski-Szmek [Sat, 15 Jun 2019 15:50:37 +0000 (17:50 +0200)]
Merge pull request #12753 from jrouleau/fix/hibernate-resume-timeout

hibernate-resume: fix resume device timeout

5 days agonetwork: read link specific sysctl value
Yu Watanabe [Fri, 14 Jun 2019 00:42:51 +0000 (09:42 +0900)]
network: read link specific sysctl value

This introduce link_sysctl_ipv6_enabled() and replaces
manager_sysctl_ipv6_enabled() with it.

5 days agoMerge pull request #12796 from yuwata/test-network-use-wait-online
Zbigniew Jędrzejewski-Szmek [Sat, 15 Jun 2019 12:53:04 +0000 (14:53 +0200)]
Merge pull request #12796 from yuwata/test-network-use-wait-online

test-network: several cleanups

5 days agoMerge pull request #12794 from yuwata/network-configure-without-carrier
Zbigniew Jędrzejewski-Szmek [Sat, 15 Jun 2019 12:50:41 +0000 (14:50 +0200)]
Merge pull request #12794 from yuwata/network-configure-without-carrier

network: skip to check dynamic addresses when ConfigureWithoutCarrier=yes

5 days agoMerge pull request #12761 from evverx/try-fuzzit
Evgeny Vereshchagin [Sat, 15 Jun 2019 03:46:38 +0000 (06:46 +0300)]
Merge pull request #12761 from evverx/try-fuzzit

Turn on UBSan on Fuzzit

5 days agotravis: add more ASan options 12761/head
Evgeny Vereshchagin [Sat, 15 Jun 2019 00:07:17 +0000 (02:07 +0200)]
travis: add more ASan options

5 days agotravis: clean up bash variables a bit
Evgeny Vereshchagin [Fri, 14 Jun 2019 23:16:07 +0000 (01:16 +0200)]
travis: clean up bash variables a bit

in preparation for adding more ASan options

5 days agotravis: use UBSan checks from OSS-Fuzz
Evgeny Vereshchagin [Fri, 14 Jun 2019 22:44:27 +0000 (00:44 +0200)]
travis: use UBSan checks from OSS-Fuzz

This should help to silence UBSan reports mentioned in
https://github.com/systemd/systemd/pull/12771#issuecomment-502139157
for now.

6 days agotravis: turn on UBSan on Fuzzit
Evgeny Vereshchagin [Fri, 14 Jun 2019 22:09:15 +0000 (00:09 +0200)]
travis: turn on UBSan on Fuzzit

6 days agoMerge pull request #12799 from evverx/fuzzit-follow-up
Evgeny Vereshchagin [Fri, 14 Jun 2019 20:28:56 +0000 (23:28 +0300)]
Merge pull request #12799 from evverx/fuzzit-follow-up

travis: run Coverity after Fuzzit-Fuzzing

6 days agotravis: add 5 more fuzz targets 12799/head
Evgeny Vereshchagin [Fri, 14 Jun 2019 19:47:31 +0000 (21:47 +0200)]
travis: add 5 more fuzz targets

6 days agotravis: always run the "Build & test" stage first
Evgeny Vereshchagin [Fri, 14 Jun 2019 19:16:41 +0000 (21:16 +0200)]
travis: always run the "Build & test" stage first

Now that the other stages are explicitly listed in the "stages"
section, we should include "Built & test" there to make sure
it's run first.

6 days agotravis: skip the Fuzzit-Sanity stage when it's run by cron
Evgeny Vereshchagin [Fri, 14 Jun 2019 18:56:10 +0000 (20:56 +0200)]
travis: skip the Fuzzit-Sanity stage when it's run by cron

6 days agotravis: run Coverity after Fuzzit-Fuzzing
Evgeny Vereshchagin [Fri, 14 Jun 2019 18:42:19 +0000 (20:42 +0200)]
travis: run Coverity after Fuzzit-Fuzzing

Coverity is unpredictable and, according to a notification I received
yeserday, it will be upgraded on June 17. During the upgrade
it might be offline for 3 days, af far as I understand. Anyway, Travis
stops as soon as a stage fails so it makes sense to put stages that
are likely to fail at the end so that the others have a chance to
do what they are supposed to do.

https://community.synopsys.com/s/topic/0TO2H0000001CN7WAM/coverity-scan-status

6 days agoContinuous Fuzzing Integration with Fuzzit
Jeka Pats [Tue, 11 Jun 2019 06:25:45 +0000 (09:25 +0300)]
Continuous Fuzzing Integration with Fuzzit

includes two travis ci steps:

1) Every pull-request/push all fuzzing targets will do a quick
sanity run on the generated corpus and crashes (via Fuzzit)
2) On a daily basis the fuzzing targets will be compiled (from
master) and will and their respectible fuzzing job on Fuzzit
will be updated to the new binary.

6 days agoNEWS: add more hint about MACAddressPolicy= change
Yu Watanabe [Fri, 14 Jun 2019 14:15:55 +0000 (23:15 +0900)]
NEWS: add more hint about MACAddressPolicy= change

C.f. https://bugzilla.suse.com/show_bug.cgi?id=1136600