src/basic/socket-util.c

@@ -23,7 +23,10 @@
 #include "format-util.h"
 #include "io-util.h"
 #include "log.h"
+#include "macro.h"
 #include "memory-util.h"
+#include "missing_socket.h"
+#include "missing_network.h"
 #include "parse-util.h"
 #include "path-util.h"
 #include "process-util.h"
@@ -1264,6 +1267,72 @@ int socket_set_recvpktinfo(int fd, int af, bool b) {
         }
 }
 
+int socket_set_recverr(int fd, int af, bool b) {
+        int r;
+
+        if (af == AF_UNSPEC) {
+                r = socket_get_family(fd, &af);
+                if (r < 0)
+                        return r;
+        }
+
+        switch (af) {
+
+        case AF_INET:
+                return setsockopt_int(fd, IPPROTO_IP, IP_RECVERR, b);
+
+        case AF_INET6:
+                return setsockopt_int(fd, IPPROTO_IPV6, IPV6_RECVERR, b);
+
+        default:
+                return -EAFNOSUPPORT;
+        }
+}
+
+int socket_set_recvttl(int fd, int af, bool b) {
+        int r;
+
+        if (af == AF_UNSPEC) {
+                r = socket_get_family(fd, &af);
+                if (r < 0)
+                        return r;
+        }
+
+        switch (af) {
+
+        case AF_INET:
+                return setsockopt_int(fd, IPPROTO_IP, IP_RECVTTL, b);
+
+        case AF_INET6:
+                return setsockopt_int(fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, b);
+
+        default:
+                return -EAFNOSUPPORT;
+        }
+}
+
+int socket_set_ttl(int fd, int af, int ttl) {
+        int r;
+
+        if (af == AF_UNSPEC) {
+                r = socket_get_family(fd, &af);
+                if (r < 0)
+                        return r;
+        }
+
+        switch (af) {
+
+        case AF_INET:
+                return setsockopt_int(fd, IPPROTO_IP, IP_TTL, ttl);
+
+        case AF_INET6:
+                return setsockopt_int(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, ttl);
+
+        default:
+                return -EAFNOSUPPORT;
+        }
+}
+
 int socket_set_unicast_if(int fd, int af, int ifi) {
         be32_t ifindex_be = htobe32(ifi);
         int r;
@@ -1293,7 +1362,7 @@ int socket_set_unicast_if(int fd, int af, int ifi) {
         }
 }
 
-int socket_set_option(int fd, int af, int opt_ipv4, int opt_ipv6, int val) {
+int socket_set_freebind(int fd, int af, bool b) {
         int r;
 
         if (af == AF_UNSPEC) {
@@ -1305,10 +1374,32 @@ int socket_set_option(int fd, int af, int opt_ipv4, int opt_ipv6, int val) {
         switch (af) {
 
         case AF_INET:
-                return setsockopt_int(fd, IPPROTO_IP, opt_ipv4, val);
+                return setsockopt_int(fd, IPPROTO_IP, IP_FREEBIND, b);
 
         case AF_INET6:
-                return setsockopt_int(fd, IPPROTO_IPV6, opt_ipv6, val);
+                return setsockopt_int(fd, IPPROTO_IPV6, IPV6_FREEBIND, b);
+
+        default:
+                return -EAFNOSUPPORT;
+        }
+}
+
+int socket_set_transparent(int fd, int af, bool b) {
+        int r;
+
+        if (af == AF_UNSPEC) {
+                r = socket_get_family(fd, &af);
+                if (r < 0)
+                        return r;
+        }
+
+        switch (af) {
+
+        case AF_INET:
+                return setsockopt_int(fd, IPPROTO_IP, IP_TRANSPARENT, b);
+
+        case AF_INET6:
+                return setsockopt_int(fd, IPPROTO_IPV6, IPV6_TRANSPARENT, b);
 
         default:
                 return -EAFNOSUPPORT;

src/basic/socket-util.h

@@ -15,7 +15,6 @@
 #include <sys/un.h>
 
 #include "macro.h"
-#include "missing_network.h"
 #include "missing_socket.h"
 #include "sparse-endian.h"
 
@@ -265,20 +264,9 @@ ssize_t recvmsg_safe(int sockfd, struct msghdr *msg, int flags);
 
 int socket_get_family(int fd, int *ret);
 int socket_set_recvpktinfo(int fd, int af, bool b);
+int socket_set_recverr(int fd, int af, bool b);
+int socket_set_recvttl(int fd, int af, bool b);
+int socket_set_ttl(int fd, int af, int ttl);
 int socket_set_unicast_if(int fd, int af, int ifi);
-int socket_set_option(int fd, int af, int opt_ipv4, int opt_ipv6, int val);
+int socket_set_freebind(int fd, int af, bool b);
-static inline int socket_set_recverr(int fd, int af, bool b) {
+int socket_set_transparent(int fd, int af, bool b);
-        return socket_set_option(fd, af, IP_RECVERR, IPV6_RECVERR, b);
-}
-static inline int socket_set_recvttl(int fd, int af, bool b) {
-        return socket_set_option(fd, af, IP_RECVTTL, IPV6_RECVHOPLIMIT, b);
-}
-static inline int socket_set_ttl(int fd, int af, int ttl) {
-        return socket_set_option(fd, af, IP_TTL, IPV6_UNICAST_HOPS, ttl);
-}
-static inline int socket_set_freebind(int fd, int af, bool b) {
-        return socket_set_option(fd, af, IP_FREEBIND, IPV6_FREEBIND, b);
-}
-static inline int socket_set_transparent(int fd, int af, bool b) {
-        return socket_set_option(fd, af, IP_TRANSPARENT, IPV6_TRANSPARENT, b);
-}

src/cryptsetup/cryptsetup.c

@@ -855,7 +855,6 @@ static void remove_and_erasep(const char **p) {
 
 static int run(int argc, char *argv[]) {
         _cleanup_(crypt_freep) struct crypt_device *cd = NULL;
-        const char *verb;
         int r;
 
         if (argc <= 1)
@@ -871,44 +870,39 @@ static int run(int argc, char *argv[]) {
 
         umask(0022);
 
-        verb = argv[1];
+        if (streq(argv[1], "attach")) {
-
-        if (streq(verb, "attach")) {
-                _cleanup_(remove_and_erasep) const char *destroy_key_file = NULL;
-                _cleanup_(erase_and_freep) void *key_data = NULL;
-                const char *volume, *source, *key_file, *options;
-                crypt_status_info status;
-                size_t key_data_size = 0;
                 uint32_t flags = 0;
                 unsigned tries;
                 usec_t until;
+                crypt_status_info status;
+                _cleanup_(remove_and_erasep) const char *destroy_key_file = NULL;
+                const char *key_file = NULL;
+                _cleanup_(erase_and_freep) void *key_data = NULL;
+                size_t key_data_size = 0;
 
                 /* Arguments: systemd-cryptsetup attach VOLUME SOURCE-DEVICE [PASSWORD] [OPTIONS] */
 
                 if (argc < 4)
                         return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "attach requires at least two arguments.");
 
-                volume = argv[2];
+                if (!filename_is_valid(argv[2]))
-                source = argv[3];
+                        return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", argv[2]);
-                key_file = argc >= 5 && !STR_IN_SET(argv[4], "", "-", "none") ? argv[4] : NULL;
-                options = argc >= 6 && !STR_IN_SET(argv[5], "", "-", "none") ? argv[5] : NULL;
 
-                if (!filename_is_valid(volume))
+                if (argc >= 5 && !STR_IN_SET(argv[4], "", "-", "none")) {
-                        return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", volume);
+                        if (path_is_absolute(argv[4]))
-
+                                key_file = argv[4];
-                if (key_file && !path_is_absolute(key_file)) {
+                        else
-                        log_warning("Password file path '%s' is not absolute. Ignoring.", key_file);
+                                log_warning("Password file path '%s' is not absolute. Ignoring.", argv[4]);
-                        key_file = NULL;
                 }
 
-                if (options) {
+                if (argc >= 6 && !STR_IN_SET(argv[5], "", "-", "none")) {
-                        r = parse_options(options);
+                        r = parse_options(argv[5]);
                         if (r < 0)
                                 return r;
                 }
 
                 log_debug("%s %s ← %s type=%s cipher=%s", __func__,
-                          volume, source, strempty(arg_type), strempty(arg_cipher));
+                          argv[2], argv[3], strempty(arg_type), strempty(arg_cipher));
 
                 /* A delicious drop of snake oil */
                 (void) mlockall(MCL_FUTURE);
@@ -917,14 +911,14 @@ static int run(int argc, char *argv[]) {
                         _cleanup_free_ char *bindname = NULL;
                         const char *fn;
 
-                        bindname = make_bindname(volume);
+                        bindname = make_bindname(argv[2]);
                         if (!bindname)
                                 return log_oom();
 
                         /* If a key file is not explicitly specified, search for a key in a well defined
                          * search path, and load it. */
 
-                        fn = strjoina(volume, ".key");
+                        fn = strjoina(argv[2], ".key");
                         r = find_key_file(
                                         fn,
                                         STRV_MAKE("/etc/cryptsetup-keys.d", "/run/cryptsetup-keys.d"),
@@ -933,7 +927,7 @@ static int run(int argc, char *argv[]) {
                         if (r < 0)
                                 return r;
                         if (r > 0)
-                                log_debug("Automatically discovered key for volume '%s'.", volume);
+                                log_debug("Automatically discovered key for volume '%s'.", argv[2]);
                 } else if (arg_keyfile_erase)
                         destroy_key_file = key_file; /* let's get this baby erased when we leave */
 
@@ -941,15 +935,15 @@ static int run(int argc, char *argv[]) {
                         log_debug("LUKS header: %s", arg_header);
                         r = crypt_init(&cd, arg_header);
                 } else
-                        r = crypt_init(&cd, source);
+                        r = crypt_init(&cd, argv[3]);
                 if (r < 0)
                         return log_error_errno(r, "crypt_init() failed: %m");
 
                 cryptsetup_enable_logging(cd);
 
-                status = crypt_status(cd, volume);
+                status = crypt_status(cd, argv[2]);
                 if (IN_SET(status, CRYPT_ACTIVE, CRYPT_BUSY)) {
-                        log_info("Volume %s already active.", volume);
+                        log_info("Volume %s already active.", argv[2]);
                         return 0;
                 }
 
@@ -977,16 +971,16 @@ static int run(int argc, char *argv[]) {
                                 return log_error_errno(r, "Failed to load LUKS superblock on device %s: %m", crypt_get_device_name(cd));
 
                         if (arg_header) {
-                                r = crypt_set_data_device(cd, source);
+                                r = crypt_set_data_device(cd, argv[3]);
                                 if (r < 0)
-                                        return log_error_errno(r, "Failed to set LUKS data device %s: %m", source);
+                                        return log_error_errno(r, "Failed to set LUKS data device %s: %m", argv[3]);
                         }
 
                         /* Tokens are available in LUKS2 only, but it is ok to call (and fail) with LUKS1. */
                         if (!key_file && !key_data) {
-                                r = crypt_activate_by_token(cd, volume, CRYPT_ANY_TOKEN, NULL, flags);
+                                r = crypt_activate_by_token(cd, argv[2], CRYPT_ANY_TOKEN, NULL, flags);
                                 if (r >= 0) {
-                                        log_debug("Volume %s activated with LUKS token id %i.", volume, r);
+                                        log_debug("Volume %s activated with LUKS token id %i.", argv[2], r);
                                         return 0;
                                 }
 
@@ -1030,7 +1024,7 @@ static int run(int argc, char *argv[]) {
                                         /* Ask the user for a passphrase only as last resort, if we have
                                          * nothing else to check for */
 
-                                        r = get_password(volume, source, until, tries == 0 && !arg_verify, &passwords);
+                                        r = get_password(argv[2], argv[3], until, tries == 0 && !arg_verify, &passwords);
                                         if (r == -EAGAIN)
                                                 continue;
                                         if (r < 0)
@@ -1039,9 +1033,9 @@ static int run(int argc, char *argv[]) {
                         }
 
                         if (streq_ptr(arg_type, CRYPT_TCRYPT))
-                                r = attach_tcrypt(cd, volume, key_file, key_data, key_data_size, passwords, flags);
+                                r = attach_tcrypt(cd, argv[2], key_file, key_data, key_data_size, passwords, flags);
                         else
-                                r = attach_luks_or_plain_or_bitlk(cd, volume, key_file, key_data, key_data_size, passwords, flags, until);
+                                r = attach_luks_or_plain_or_bitlk(cd, argv[2], key_file, key_data, key_data_size, passwords, flags, until);
                         if (r >= 0)
                                 break;
                         if (r != -EAGAIN)
@@ -1058,17 +1052,14 @@ static int run(int argc, char *argv[]) {
                 if (arg_tries != 0 && tries >= arg_tries)
                         return log_error_errno(SYNTHETIC_ERRNO(EPERM), "Too many attempts to activate; giving up.");
 
-        } else if (streq(verb, "detach")) {
+        } else if (streq(argv[1], "detach")) {
-                const char *volume;
 
-                volume = argv[2];
+                if (!filename_is_valid(argv[2]))
+                        return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", argv[2]);
 
-                if (!filename_is_valid(volume))
+                r = crypt_init_by_name(&cd, argv[2]);
-                        return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", volume);
-
-                r = crypt_init_by_name(&cd, volume);
                 if (r == -ENODEV) {
-                        log_info("Volume %s already inactive.", volume);
+                        log_info("Volume %s already inactive.", argv[2]);
                         return 0;
                 }
                 if (r < 0)
@@ -1076,12 +1067,12 @@ static int run(int argc, char *argv[]) {
 
                 cryptsetup_enable_logging(cd);
 
-                r = crypt_deactivate(cd, volume);
+                r = crypt_deactivate(cd, argv[2]);
                 if (r < 0)
                         return log_error_errno(r, "Failed to deactivate: %m");
 
         } else
-                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Unknown verb %s.", verb);
+                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Unknown verb %s.", argv[1]);
 
         return 0;
 }

src/shared/dissect-image.c

@@ -460,12 +460,8 @@ int dissect_image(
                 DissectedImage **ret) {
 
 #if HAVE_BLKID
-#ifdef GPT_ROOT_NATIVE
+        sd_id128_t root_uuid = SD_ID128_NULL, root_verity_uuid = SD_ID128_NULL,
-        sd_id128_t root_uuid = SD_ID128_NULL, root_verity_uuid = SD_ID128_NULL;
+                usr_uuid = SD_ID128_NULL, usr_verity_uuid = SD_ID128_NULL;
-#endif
-#ifdef GPT_USR_NATIVE
-        sd_id128_t usr_uuid = SD_ID128_NULL, usr_verity_uuid = SD_ID128_NULL;
-#endif
         bool is_gpt, is_mbr, generic_rw, multiple_generic = false;
         _cleanup_(sd_device_unrefp) sd_device *d = NULL;
         _cleanup_(dissected_image_unrefp) DissectedImage *m = NULL;
@@ -508,19 +504,13 @@ int dissect_image(
 
                 /* If the verity data declares it's for the /usr partition, then search for that, in all
                  * other cases assume it's for the root partition. */
-#ifdef GPT_USR_NATIVE
                 if (verity->designator == PARTITION_USR) {
                         usr_uuid = fsuuid;
                         usr_verity_uuid = vuuid;
                 } else {
-#endif
-#ifdef GPT_ROOT_NATIVE
                         root_uuid = fsuuid;
                         root_verity_uuid = vuuid;
-#endif
-#ifdef GPT_USR_NATIVE
                 }
-#endif
         }
 
         if (fstat(fd, &st) < 0)

src/shared/dns-domain.c

@@ -743,12 +743,12 @@ int dns_name_reverse(int family, const union in_addr_union *a, char **ret) {
         return 0;
 }
 
-int dns_name_address(const char *p, int *ret_family, union in_addr_union *ret_address) {
+int dns_name_address(const char *p, int *family, union in_addr_union *address) {
         int r;
 
         assert(p);
-        assert(ret_family);
+        assert(family);
-        assert(ret_address);
+        assert(address);
 
         r = dns_name_endswith(p, "in-addr.arpa");
         if (r < 0)
@@ -777,8 +777,8 @@ int dns_name_address(const char *p, int *ret_family, union in_addr_union *ret_ad
                 if (r <= 0)
                         return r;
 
-                *ret_family = AF_INET;
+                *family = AF_INET;
-                ret_address->in.s_addr = htobe32(((uint32_t) a[3] << 24) |
+                address->in.s_addr = htobe32(((uint32_t) a[3] << 24) |
                                              ((uint32_t) a[2] << 16) |
                                              ((uint32_t) a[1] << 8) |
                                               (uint32_t) a[0]);
@@ -822,14 +822,11 @@ int dns_name_address(const char *p, int *ret_family, union in_addr_union *ret_ad
                 if (r <= 0)
                         return r;
 
-                *ret_family = AF_INET6;
+                *family = AF_INET6;
-                ret_address->in6 = a;
+                address->in6 = a;
                 return 1;
         }
 
-        *ret_family = AF_UNSPEC;
-        *ret_address = IN_ADDR_NULL;
-
         return 0;
 }
 
@@ -1311,19 +1308,18 @@ int dns_name_apply_idna(const char *name, char **ret) {
                         if (r != IDN2_OK) {
                                 log_debug("idn2_to_unicode_8z8z(\"%s\") failed: %d/%s",
                                           t, r, sym_idn2_strerror(r));
-                                *ret = NULL;
                                 return 0;
                         }
 
                         if (!streq_ptr(name, s)) {
                                 log_debug("idn2 roundtrip failed: \"%s\" → \"%s\" → \"%s\", ignoring.",
                                           name, t, s);
-                                *ret = NULL;
                                 return 0;
                         }
                 }
 
                 *ret = TAKE_PTR(t);
+
                 return 1; /* *ret has been written */
         }
 
@@ -1333,7 +1329,6 @@ int dns_name_apply_idna(const char *name, char **ret) {
                 return 0;
         if (IN_SET(r, IDN2_TOO_BIG_DOMAIN, IDN2_TOO_BIG_LABEL))
                 return -ENOSPC;
-
         return -EINVAL;
 #elif HAVE_LIBIDN
         _cleanup_free_ char *buf = NULL;