Thanks for the response. Yes the server program need not bind and listen because systemd socket will do that.
On “Accept=True” parameter, here the requirement is that systemd should accept the connection and handover it to server. My query was on post the connection accept by systemd. Once the regular connection is accepted, client does SSL_connect over same fd to establish SSL connection. Will this SSL connect request also be handled by systemd ? Regards, Hari. From: Mantas Mikulėnas [mailto:[email protected]] Sent: Tuesday, January 28, 2020 8:02 PM To: Tiwari, Hari Sahaya <[email protected]> Cc: [email protected] Subject: Re: [systemd-devel] SSL_connect fails on systemd socket On Tue, Jan 28, 2020 at 4:23 PM Tiwari, Hari Sahaya <[email protected]<mailto:[email protected]>> wrote: Hi, I am trying to implement a client server program over SSL through systemd. Here I have a TCP systemd socket (listening on a predefined port) and its associated service. systemd socket file:- # cat /usr/lib/systemd/system/test_ssl.socket [Unit] Description=Test socket [Socket] ListenStream=2000 Accept=true MaxConnections=900 [Install] WantedBy=sockets.target systemd service file:- # cat /usr/lib/systemd/system/[email protected]<mailto:/usr/lib/systemd/system/[email protected]> [Unit] Description= Test Service Requires=test_ssl.socket [Service] ExecStart=/home/SSL/server StandardInput=socket KillMode=process [Install] WantedBy=multi-user.target The service file invoke the binary /home/SSL/server. Here is it a very simple client server program, where 1. Server binds and listens on a port number. You need to remove this part if you want to use socket activation. The whole point of .socket units here is that systemd binds to the socket and passes the fd over to your service. If your service ignores the received fd and tries to create its own socket, it will never be able to receive the connections. By default, the service would receive the sockets as fd#3 and ahove (see https://www.freedesktop.org/software/systemd/man/sd_listen_fds.html<https://www.freedesktop.org/software/systemd/man/sd_listen_fds.html> for documentation), but because you use StandardInput=socket, it will receive the socket as fd#1. 2. Client first connects to server with normal connect (server will do accept) Your .socket specifies Accept=true, so you should remove this part as well: the option means that systemd itself will accept the connection and only hand your server the accepted socket. -- Mantas Mikulėnas
_______________________________________________ systemd-devel mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/systemd-devel
