Re: SSL_connect fails on systemd socket

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thanks for the response.

 

Yes the server program need not bind and listen because systemd socket will do that.

 

On “Accept=True” parameter, here the requirement is that systemd should accept the connection and handover it to server.

 

My query was on post the connection accept by systemd.

Once the regular connection is accepted, client does SSL_connect over same fd to establish SSL connection.

Will this SSL connect request also be handled by systemd ?

 

Regards,

Hari.

 

 

From: Mantas Mikulėnas [mailto:grawity@xxxxxxxxx]
Sent: Tuesday, January 28, 2020 8:02 PM
To: Tiwari, Hari Sahaya <hari-sahaya.tiwari@xxxxxxx>
Cc: systemd-devel@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: [systemd-devel] SSL_connect fails on systemd socket

 

On Tue, Jan 28, 2020 at 4:23 PM Tiwari, Hari Sahaya <hari-sahaya.tiwari@xxxxxxx> wrote:

Hi,

 

I am trying to implement a client server program over SSL through systemd.

Here I have a TCP systemd socket (listening on a predefined port) and its associated service.

 

systemd socket file:-

# cat /usr/lib/systemd/system/test_ssl.socket

[Unit]

Description=Test socket

 

[Socket]

ListenStream=2000

Accept=true

MaxConnections=900

 

[Install]

WantedBy=sockets.target

 

systemd service file:-

# cat /usr/lib/systemd/system/test_ssl@.service

[Unit]

Description= Test Service

Requires=test_ssl.socket

 

[Service]

ExecStart=/home/SSL/server

StandardInput=socket

KillMode=process

 

[Install]

WantedBy=multi-user.target

 

The service file invoke the binary /home/SSL/server.

 

Here is it a very simple client server program, where

1.       Server binds and listens on a port number.

You need to remove this part if you want to use socket activation. The whole point of .socket units here is that systemd binds to the socket and passes the fd over to your service. If your service ignores the received fd and tries to create its own socket, it will never be able to receive the connections.

 

By default, the service would receive the sockets as fd#3 and ahove (see https://www.freedesktop.org/software/systemd/man/sd_listen_fds.html for documentation), but because you use StandardInput=socket, it will receive the socket as fd#1.

2.       Client first connects to server with normal connect (server will do accept)

Your .socket specifies Accept=true, so you should remove this part as well: the option means that systemd itself will accept the connection and only hand your server the accepted socket.

 


 

--

Mantas Mikulėnas

_______________________________________________
systemd-devel mailing list
systemd-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux