[pve-devel] [PATCH vncterm 3/4] libvncserver: add revert of systemd socket activation

Fabian Grünbichler f.gruenbichler at proxmox.com
Thu Feb 2 12:02:23 CET 2017


Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
---
 vncpatches/remove-systemd-socket-activation.patch | 227 ++++++++++++++++++++++
 vncpatches/series                                 |   1 +
 2 files changed, 228 insertions(+)
 create mode 100644 vncpatches/remove-systemd-socket-activation.patch

diff --git a/vncpatches/remove-systemd-socket-activation.patch b/vncpatches/remove-systemd-socket-activation.patch
new file mode 100644
index 0000000..f190b94
--- /dev/null
+++ b/vncpatches/remove-systemd-socket-activation.patch
@@ -0,0 +1,227 @@
+commit 25e3dfeab75b6febdb6c1157e991c3bcbeb3eb86
+Author:     Fabian Grünbichler <f.gruenbichler at proxmox.com>
+AuthorDate: Thu Feb 2 11:22:35 2017 +0100
+Commit:     Fabian Grünbichler <f.gruenbichler at proxmox.com>
+CommitDate: Thu Feb 2 11:22:35 2017 +0100
+
+    Revert "Support systemd socket activation"
+
+    unneeded extra build dep
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 9424d8d..4c56635 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -36,7 +36,6 @@ find_package(GnuTLS)
+ find_package(Threads)
+ find_package(X11)
+ find_package(OpenSSL)
+-find_package(PkgConfig)
+ find_library(LIBGCRYPT_LIBRARIES gcrypt)
+ 
+ # Check whether the version of libjpeg we found was libjpeg-turbo and print a
+@@ -103,17 +102,6 @@ if(PNG_FOUND)
+ endif(PNG_FOUND)
+ option(LIBVNCSERVER_ALLOW24BPP "Allow 24 bpp" ON)
+ 
+-pkg_check_modules(SYSTEMD "libsystemd")
+-if(SYSTEMD_FOUND)
+-  option(LIBVNCSERVER_WITH_SYSTEMD "Build with systemd socket activation support" ON)
+-endif(SYSTEMD_FOUND)
+-
+-if(LIBVNCSERVER_WITH_SYSTEMD)
+-  add_definitions(-DLIBVNCSERVER_WITH_SYSTEMD)
+-  include_directories(${SYSTEMD_INCLUDE_DIRS})
+-  set(ADDITIONAL_LIBS ${ADDITIONAL_LIBS} ${SYSTEMD_LIBRARIES})
+-endif(LIBVNCSERVER_WITH_SYSTEMD)
+-
+ if(GNUTLS_FOUND)
+   set(LIBVNCSERVER_WITH_CLIENT_TLS 1)
+   option(LIBVNCSERVER_WITH_WEBSOCKETS "Build with websockets support (gnutls)" ON)
+diff --git a/configure.ac b/configure.ac
+index f13edb4..3f4b29a 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -68,9 +68,6 @@ if test ! -z "$with_ffmpeg"; then
+ fi
+ AM_CONDITIONAL(HAVE_MP3LAME, test "$HAVE_MP3LAME" = "true")
+ 
+-PKG_CHECK_MODULES([LIBSYSTEMD], [libsystemd], [with_systemd=1], [with_systemd=0])
+-AM_CONDITIONAL([WITH_SYSTEMD], [test $with_systemd -eq 1])
+-
+ # Seem to need this dummy here to induce the 'checking for egrep... grep -E', etc.
+ # before it seemed to be inside the with_jpeg conditional. 
+ AC_CHECK_HEADER(thenonexistentheader.h, HAVE_THENONEXISTENTHEADER_H="true")
+diff --git a/libvncserver/Makefile.am b/libvncserver/Makefile.am
+index e25784b..2f23e31 100644
+--- a/libvncserver/Makefile.am
++++ b/libvncserver/Makefile.am
+@@ -59,12 +59,6 @@ LIB_SRCS = main.c rfbserver.c rfbregion.c auth.c sockets.c $(WEBSOCKETSSRCS) \
+ libvncserver_la_SOURCES=$(LIB_SRCS)
+ libvncserver_la_LIBADD=$(WEBSOCKETSSSLLIBS)
+ 
+-if WITH_SYSTEMD
+-AM_CPPFLAGS += -DLIBVNCSERVER_WITH_SYSTEMD
+-libvncserver_la_CFLAGS = $(LIBSYSTEMD_CFLAGS)
+-libvncserver_la_LIBADD += $(LIBSYSTEMD_LIBS)
+-endif
+-
+ lib_LTLIBRARIES=libvncserver.la
+ libvncserver_la_LDFLAGS = -version-info 1:0:0
+ 
+diff --git a/libvncserver/sockets.c b/libvncserver/sockets.c
+index bbc3d90..6467b1c 100644
+--- a/libvncserver/sockets.c
++++ b/libvncserver/sockets.c
+@@ -77,10 +77,6 @@
+ #include "rfbssl.h"
+ #endif
+ 
+-#ifdef LIBVNCSERVER_WITH_SYSTEMD
+-#include <systemd/sd-daemon.h>
+-#endif
+-
+ #if defined(__linux__) && defined(NEED_TIMEVAL)
+ struct timeval 
+ {
+@@ -126,54 +122,6 @@ int deny_severity=LOG_WARNING;
+ int rfbMaxClientWait = 20000;   /* time (ms) after which we decide client has
+                                    gone away - needed to stop us hanging */
+ 
+-static rfbBool
+-rfbNewConnectionFromSock(rfbScreenInfoPtr rfbScreen, int sock)
+-{
+-    const int one = 1;
+-#ifdef LIBVNCSERVER_IPv6
+-    struct sockaddr_storage addr;
+-#else
+-    struct sockaddr_in addr;
+-#endif
+-    socklen_t addrlen = sizeof(addr);
+-
+-    getpeername(sock, (struct sockaddr *)&addr, &addrlen);
+-
+-    if(!rfbSetNonBlocking(sock)) {
+-      rfbLogPerror("rfbCheckFds: setnonblock");
+-      closesocket(sock);
+-      return FALSE;
+-    }
+-
+-    if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY,
+-		   (char *)&one, sizeof(one)) < 0) {
+-      rfbLogPerror("rfbCheckFds: setsockopt failed: can't set TCP_NODELAY flag, non TCP socket?");
+-    }
+-
+-#ifdef USE_LIBWRAP
+-    if(!hosts_ctl("vnc",STRING_UNKNOWN,inet_ntoa(addr.sin_addr),
+-		  STRING_UNKNOWN)) {
+-      rfbLog("Rejected connection from client %s\n",
+-	     inet_ntoa(addr.sin_addr));
+-      closesocket(sock);
+-      return FALSE;
+-    }
+-#endif
+-
+-#ifdef LIBVNCSERVER_IPv6
+-    char host[1024];
+-    if(getnameinfo((struct sockaddr*)&addr, addrlen, host, sizeof(host), NULL, 0, NI_NUMERICHOST) != 0) {
+-      rfbLogPerror("rfbProcessNewConnection: error in getnameinfo");
+-    }
+-    rfbLog("Got connection from client %s\n", host);
+-#else
+-    rfbLog("Got connection from client %s\n", inet_ntoa(addr.sin_addr));
+-#endif
+-
+-    rfbNewClient(rfbScreen,sock);
+-    return TRUE;
+-}
+-
+ /*
+  * rfbInitSockets sets up the TCP and UDP sockets to listen for RFB
+  * connections.  It does nothing if called again.
+@@ -190,20 +138,6 @@ rfbInitSockets(rfbScreenInfoPtr rfbScreen)
+ 
+     rfbScreen->socketState = RFB_SOCKET_READY;
+ 
+-#ifdef LIBVNCSERVER_WITH_SYSTEMD
+-    if (sd_listen_fds(0) == 1)
+-    {
+-        int sock = SD_LISTEN_FDS_START + 0;
+-        if (sd_is_socket(sock, AF_UNSPEC, 0, 0))
+-            rfbNewConnectionFromSock(rfbScreen, sock);
+-        else if (sd_is_socket(sock, AF_UNSPEC, 0, 1))
+-            rfbProcessNewConnection(rfbScreen);
+-        return;
+-    }
+-    else
+-        rfbLog("Unable to establish connection with systemd socket\n");
+-#endif
+-
+     if (rfbScreen->inetdSock != -1) {
+ 	const int one = 1;
+ 
+@@ -479,7 +413,14 @@ rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec)
+ rfbBool
+ rfbProcessNewConnection(rfbScreenInfoPtr rfbScreen)
+ {
++    const int one = 1;
+     int sock = -1;
++#ifdef LIBVNCSERVER_IPv6
++    struct sockaddr_storage addr;
++#else
++    struct sockaddr_in addr;
++#endif
++    socklen_t addrlen = sizeof(addr);
+     fd_set listen_fds; 
+     int chosen_listen_sock = -1;
+ 
+@@ -500,12 +441,47 @@ rfbProcessNewConnection(rfbScreenInfoPtr rfbScreen)
+     if (rfbScreen->listen6Sock >= 0 && FD_ISSET(rfbScreen->listen6Sock, &listen_fds))
+       chosen_listen_sock = rfbScreen->listen6Sock;
+ 
+-    if ((sock = accept(chosen_listen_sock, NULL, NULL)) < 0) {
++    if ((sock = accept(chosen_listen_sock,
++		       (struct sockaddr *)&addr, &addrlen)) < 0) {
+       rfbLogPerror("rfbCheckFds: accept");
+       return FALSE;
+     }
+ 
+-    return rfbNewConnectionFromSock(rfbScreen, sock);
++    if(!rfbSetNonBlocking(sock)) {
++      closesocket(sock);
++      return FALSE;
++    }
++
++    if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY,
++		   (char *)&one, sizeof(one)) < 0) {
++      rfbLogPerror("rfbCheckFds: setsockopt failed: can't set TCP_NODELAY flag, non TCP socket?");
++    }
++
++#ifdef USE_LIBWRAP
++    if(!hosts_ctl("vnc",STRING_UNKNOWN,inet_ntoa(addr.sin_addr),
++		  STRING_UNKNOWN)) {
++      rfbLog("Rejected connection from client %s\n",
++	     inet_ntoa(addr.sin_addr));
++      closesocket(sock);
++      return FALSE;
++    }
++#endif
++
++#ifdef LIBVNCSERVER_IPv6
++    {
++        char host[1024];
++        if(getnameinfo((struct sockaddr*)&addr, addrlen, host, sizeof(host), NULL, 0, NI_NUMERICHOST) != 0) {
++            rfbLogPerror("rfbProcessNewConnection: error in getnameinfo");
++        }
++        rfbLog("Got connection from client %s\n", host);
++    }
++#else
++    rfbLog("Got connection from client %s\n", inet_ntoa(addr.sin_addr));
++#endif
++
++    rfbNewClient(rfbScreen,sock);
++
++    return TRUE;
+ }
+ 
+ 
diff --git a/vncpatches/series b/vncpatches/series
index 2fb1c30..defbfe8 100644
--- a/vncpatches/series
+++ b/vncpatches/series
@@ -1 +1,2 @@
+remove-systemd-socket-activation.patch
 tls-auth-pluging.patch
-- 
2.1.4





More information about the pve-devel mailing list