git.ipfire.org Git - thirdparty/bind9.git/commit

author	Aydın Mercan <aydin@isc.org>
	Sun, 16 Mar 2025 16:54:18 +0000 (19:54 +0300)
committer	Aydın Mercan <aydin@isc.org>
	Thu, 27 Mar 2025 19:52:41 +0000 (22:52 +0300)
commit	3eb253e81fade5788e4462f651e28fc20358ebee
tree	8775cb6bf48f8ab242227e2870514f38849c1680	tree \| snapshot
parent	0d6839d832db49dcf3258bea5645316779a2ae76	commit \| diff

implement the systemd notification protocol manually, drop libsystemd

libsystemd, despite being useful, adds a huge surface area for just
using the sd_notify API. libsystemd's surface has been exploited in the
past [1].

Implement the systemd notification protocol by hand since it is just
sending newline-delimited datagrams to a UNIX socket. The code shouldn't
need more attention in the future since the notification protocol is
covered under systemd's stability promise [2].

We don't need to support VSOCK-backed service notifications since they
are only intended for virtual machine inits.

[1]: https://www.openwall.com/lists/oss-security/2024/03/29/4
[2]: https://systemd.io/PORTABILITY_AND_STABILITY/

bin/named/Makefile.am		diff \| blob \| blame \| history
bin/named/include/named/os.h		diff \| blob \| blame \| history
bin/named/os.c		diff \| blob \| blame \| history
bin/named/server.c		diff \| blob \| blame \| history
configure.ac		diff \| blob \| blame \| history