3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

6 commits

Author SHA1 Message Date
aszlig 6dc9f79c0f
ip2unix: 2.0.0 -> 2.0.1
Upstream fixes:

  - Unregister socket as soon as we know that no rule matches.

I also removed the encode_rules() function which was an artifact left in
version 2.0.0.

Built and tested on i686-linux and x86_64-linux.

Signed-off-by: aszlig <aszlig@nix.build>
2019-02-26 11:30:07 +01:00
aszlig b0f9e47271
ip2unix: 1.2.0 -> 2.0.0
New upstream features:

  - New ignore rule option, which prevents conversion to Unix socket.
  - A way to increase the verbosity via the -v command line argument.
  - Reams of log messages in addition to the FATAL errors we had so far.
  - Use Syslog format for logging if stderr is a socket.
  - Set FD_CLOEXEC on systemd socket file descriptors as soon as they're
    associated.

Upstream fixes:

  - Use right endian conversion functions in port matching.
  - Pass is_unix to child socket on accept to prevent accidentally
    replacing an already converted Unix socket by a new Unix socket. The
    latter would be a socket that's not accepted, which would eventually
    lead to an error.
  - Correctly handle setsockopts used with other levels than SOL_SOCKET.

Upstream changes:

  - Improve wording and add more descriptions in README and manpage.
  - The implementation for fetching systemd sockets now no longer uses
    libsystemd, thus the build-time dependency is no longer required.
  - New serialiser for passing rules to the preloaded library in a more
    compact form instead of using YAML, so it's less likely that we'll
    hit the maximum stack size.
  - Systemd sockets are now associated during rule initialisation and
    thus behave more predictable in complex setups.

On our side, the dependency on systemd is only needed for running the
tests, as it uses the systemd-socket-activate helper. Socket association
is now done by ip2unix directly and doesn't rely on libsystemd anymore.

Built and tested on i686-linux and x86_64-linux.

Signed-off-by: aszlig <aszlig@nix.build>
2018-12-26 19:36:49 +01:00
aszlig 2ea5e68b24
ip2unix: 1.1.1 -> 1.2.0
Upstream changes:

  - Fixed: Don't fail when building the manual with AsciiDoc and xmllint.
  - Fixed: Some long options (--rule, --rules-file and --rules-data) were
           ignored.
  - Fixed: Manpage formatting is now more consistent.
  - Added: A new --version command line argument for showing version
           information.

With the new upstream release recommending to use AsciiDoc to generate
the manpage, I also switched to AsciiDoc instead of Asciidoctor. The
resulting manpage looks better in some ways (for example when definition
lists are used).

I also added an installCheckPhase to ensure that the manpage exists in
the resulting store path.

Signed-off-by: aszlig <aszlig@nix.build>
2018-11-12 15:45:23 +01:00
aszlig 1d0517ddb3
ip2unix: 1.1.0 -> 1.1.1
Upstream fixes:

  * Don't unlink target socket path if connect is used after bind.

Signed-off-by: aszlig <aszlig@nix.build>
2018-11-07 18:21:07 +01:00
aszlig 5fc73fd52e
ip2unix: 1.0.0 -> 1.1.0
Upstream fixes:

  * Prevent closing file descriptors passed by systemd.

New upstream features:

  * Allow to specify port ranges.

Signed-off-by: aszlig <aszlig@nix.build>
2018-11-07 09:42:17 +01:00
aszlig b162b40007
ip2unix: init at 1.0.0
This tool was initially built specifically for nixcloud to prevent a few
annoying programs from binding to IP sockets.

While initially only accepting a JSON file as input, the tool now has a
proper command line interface and it's also generally usable to turn IP
sockets of any program into Unix sockets.

Another thing that might be even useful for NixOS modules is the
possibility to bend programs into using systemd socket activation.

Signed-off-by: aszlig <aszlig@nix.build>
2018-11-05 16:39:42 +01:00