Commit Graph

12 Commits

Author SHA1 Message Date
aszlig
67325b12c6
ip2unix: 2.1.2 -> 2.1.3
Upstream fixes:

  - Pass linker version script to the linker instead of the compiler.
  - Compile with `-fPIC` again (regression from version 2.1.2).
  - Out of bounds array access in `globpath`.
  - Handling of `epoll_ctl` calls (they're now replayed after replacing
    socket).
  - GCC 10 build errors and Clang warnings.

While most of these fixes are more relevant for other distros, the
linker script fix is actually a regression existing since a long time
(version 1.x) and caused libip2unix to expose way too many symbols.

Built and tested on i686-linux and x86_64-linux.

Signed-off-by: aszlig <aszlig@nix.build>
2020-06-01 05:51:00 +02:00
aszlig
b51d39fbe4
ip2unix: 2.1.1 -> 2.1.2
This fixes the issues with glibc 2.30, which were caused because glibc
no longer allows to dlopen/LD_PRELOAD a PIE executable.

So this release is essentially just a hotfix release which addresses
this issue by splitting the executable and library.

Signed-off-by: aszlig <aszlig@nix.build>
Reported-by: @zimbatm
2020-05-27 05:58:03 +02:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
aszlig
d69bc56e69
ip2unix: 2.1.0 -> 2.1.1
This is just a small bugfix release (essentially adds two lines of code)
which fixes a segfault if using with a program that doesn't pass a
sockaddr buffer to accept() or accept4().

Signed-off-by: aszlig <aszlig@nix.build>
2019-09-20 07:54:04 +02:00
volth
46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
aszlig
fcf2d5745e
ip2unix: 2.0.1 -> 2.1.0
Upstream changes:

  * Support AF_INET and AF_INET6 sockets for systemd socket activation.

This basically makes ip2unix generally usable for turning any (not
statically linked) application into systemd socket activated services.

Signed-off-by: aszlig <aszlig@nix.build>
2019-06-21 05:20:19 +02:00
aszlig
6dc9f79c0f
ip2unix: 2.0.0 -> 2.0.1
Upstream fixes:

  - Unregister socket as soon as we know that no rule matches.

I also removed the encode_rules() function which was an artifact left in
version 2.0.0.

Built and tested on i686-linux and x86_64-linux.

Signed-off-by: aszlig <aszlig@nix.build>
2019-02-26 11:30:07 +01:00
aszlig
b0f9e47271
ip2unix: 1.2.0 -> 2.0.0
New upstream features:

  - New ignore rule option, which prevents conversion to Unix socket.
  - A way to increase the verbosity via the -v command line argument.
  - Reams of log messages in addition to the FATAL errors we had so far.
  - Use Syslog format for logging if stderr is a socket.
  - Set FD_CLOEXEC on systemd socket file descriptors as soon as they're
    associated.

Upstream fixes:

  - Use right endian conversion functions in port matching.
  - Pass is_unix to child socket on accept to prevent accidentally
    replacing an already converted Unix socket by a new Unix socket. The
    latter would be a socket that's not accepted, which would eventually
    lead to an error.
  - Correctly handle setsockopts used with other levels than SOL_SOCKET.

Upstream changes:

  - Improve wording and add more descriptions in README and manpage.
  - The implementation for fetching systemd sockets now no longer uses
    libsystemd, thus the build-time dependency is no longer required.
  - New serialiser for passing rules to the preloaded library in a more
    compact form instead of using YAML, so it's less likely that we'll
    hit the maximum stack size.
  - Systemd sockets are now associated during rule initialisation and
    thus behave more predictable in complex setups.

On our side, the dependency on systemd is only needed for running the
tests, as it uses the systemd-socket-activate helper. Socket association
is now done by ip2unix directly and doesn't rely on libsystemd anymore.

Built and tested on i686-linux and x86_64-linux.

Signed-off-by: aszlig <aszlig@nix.build>
2018-12-26 19:36:49 +01:00
aszlig
2ea5e68b24
ip2unix: 1.1.1 -> 1.2.0
Upstream changes:

  - Fixed: Don't fail when building the manual with AsciiDoc and xmllint.
  - Fixed: Some long options (--rule, --rules-file and --rules-data) were
           ignored.
  - Fixed: Manpage formatting is now more consistent.
  - Added: A new --version command line argument for showing version
           information.

With the new upstream release recommending to use AsciiDoc to generate
the manpage, I also switched to AsciiDoc instead of Asciidoctor. The
resulting manpage looks better in some ways (for example when definition
lists are used).

I also added an installCheckPhase to ensure that the manpage exists in
the resulting store path.

Signed-off-by: aszlig <aszlig@nix.build>
2018-11-12 15:45:23 +01:00
aszlig
1d0517ddb3
ip2unix: 1.1.0 -> 1.1.1
Upstream fixes:

  * Don't unlink target socket path if connect is used after bind.

Signed-off-by: aszlig <aszlig@nix.build>
2018-11-07 18:21:07 +01:00
aszlig
5fc73fd52e
ip2unix: 1.0.0 -> 1.1.0
Upstream fixes:

  * Prevent closing file descriptors passed by systemd.

New upstream features:

  * Allow to specify port ranges.

Signed-off-by: aszlig <aszlig@nix.build>
2018-11-07 09:42:17 +01:00
aszlig
b162b40007
ip2unix: init at 1.0.0
This tool was initially built specifically for nixcloud to prevent a few
annoying programs from binding to IP sockets.

While initially only accepting a JSON file as input, the tool now has a
proper command line interface and it's also generally usable to turn IP
sockets of any program into Unix sockets.

Another thing that might be even useful for NixOS modules is the
possibility to bend programs into using systemd socket activation.

Signed-off-by: aszlig <aszlig@nix.build>
2018-11-05 16:39:42 +01:00