summaryrefslogtreecommitdiff
path: root/src/conn-tools
diff options
context:
space:
mode:
authorLaurent Bercot <ska-skaware@skarnet.org>2021-07-23 20:01:58 +0000
committerLaurent Bercot <ska@appnovation.com>2021-07-23 20:01:58 +0000
commitf24d6bdcdfd5f955cbc72ae9e0eb2d2778ecf06a (patch)
tree10f24fae2f0d8a0e0e74cbd4a71113fdf7c58c74 /src/conn-tools
parentc9fcfbf294edb01b149a75465a4beb14c3a5dd56 (diff)
downloads6-f24d6bdcdfd5f955cbc72ae9e0eb2d2778ecf06a.tar.xz
Prepare for 2.11.0.0, adapt to skalibs-2.11.0.0 (cdb changes)
Signed-off-by: Laurent Bercot <ska@appnovation.com>
Diffstat (limited to 'src/conn-tools')
-rw-r--r--src/conn-tools/s6-accessrules-cdb-from-fs.c21
-rw-r--r--src/conn-tools/s6-accessrules-fs-from-cdb.c108
-rw-r--r--src/conn-tools/s6-ipcserver-access.c7
3 files changed, 66 insertions, 70 deletions
diff --git a/src/conn-tools/s6-accessrules-cdb-from-fs.c b/src/conn-tools/s6-accessrules-cdb-from-fs.c
index dd935bf..a6587db 100644
--- a/src/conn-tools/s6-accessrules-cdb-from-fs.c
+++ b/src/conn-tools/s6-accessrules-cdb-from-fs.c
@@ -5,9 +5,10 @@
#include <errno.h>
#include <stdlib.h>
#include <stdio.h>
+
#include <skalibs/posixplz.h>
#include <skalibs/types.h>
-#include <skalibs/cdb_make.h>
+#include <skalibs/cdbmake.h>
#include <skalibs/strerr2.h>
#include <skalibs/stralloc.h>
#include <skalibs/env.h>
@@ -31,7 +32,7 @@ static void dienomem (void)
strerr_diefu1sys(111, "stralloc_catb") ;
}
-static void doit (struct cdb_make *c, stralloc *sa, size_t start)
+static void doit (cdbmaker *c, stralloc *sa, size_t start)
{
size_t tmpbase = tmp.len ;
unsigned int k = sa->len ;
@@ -54,10 +55,10 @@ static void doit (struct cdb_make *c, stralloc *sa, size_t start)
strerr_diefu2sys(111, "access ", sa->s) ;
}
else return ;
- else if (cdb_make_add(c, sa->s + start, k - start, "D", 1) < 0)
+ else if (!cdbmake_add(c, sa->s + start, k - start, "D", 1))
{
cleanup() ;
- strerr_diefu1sys(111, "cdb_make_add") ;
+ strerr_diefu1sys(111, "cdbmake_add") ;
}
}
else
@@ -93,10 +94,10 @@ static void doit (struct cdb_make *c, stralloc *sa, size_t start)
if (r > 0) execlen = r ;
if (execlen == 4096) strerr_warnw2x("possibly truncated file ", sa->s) ;
uint16_pack_big(tmp.s + tmpbase + 3 + envlen, execlen) ;
- if (cdb_make_add(c, sa->s + start, k - start, tmp.s + tmpbase, 5 + envlen + execlen) < 0)
+ if (!cdbmake_add(c, sa->s + start, k - start, tmp.s + tmpbase, 5 + envlen + execlen))
{
cleanup() ;
- strerr_diefu1sys(111, "cdb_make_add") ;
+ strerr_diefu1sys(111, "cdbmake_add") ;
}
}
}
@@ -104,7 +105,7 @@ static void doit (struct cdb_make *c, stralloc *sa, size_t start)
int main (int argc, char const *const *argv)
{
stralloc sa = STRALLOC_ZERO ;
- struct cdb_make c = CDB_MAKE_ZERO ;
+ cdbmaker c = CDBMAKER_ZERO ;
DIR *dir ;
size_t start ;
int fd ;
@@ -116,10 +117,10 @@ int main (int argc, char const *const *argv)
stralloc_catb(&tmp, SUFFIX, sizeof(SUFFIX)) ;
fd = mkstemp(tmp.s) ;
if (fd < 0) strerr_diefu2sys(111, "mkstemp ", tmp.s) ;
- if (cdb_make_start(&c, fd) < 0)
+ if (!cdbmake_start(&c, fd))
{
cleanup() ;
- strerr_diefu1sys(111, "cdb_make_start") ;
+ strerr_diefu1sys(111, "cdbmake_start") ;
}
dir = opendir(argv[2]) ;
if (!dir)
@@ -173,7 +174,7 @@ int main (int argc, char const *const *argv)
strerr_diefu2sys(111, "readdir ", argv[2]) ;
}
dir_close(dir) ;
- if (cdb_make_finish(&c) < 0)
+ if (!cdbmake_finish(&c))
{
cleanup() ;
strerr_diefu1sys(111, "cdb_make_finish") ;
diff --git a/src/conn-tools/s6-accessrules-fs-from-cdb.c b/src/conn-tools/s6-accessrules-fs-from-cdb.c
index 3db1c77..d2cb4af 100644
--- a/src/conn-tools/s6-accessrules-fs-from-cdb.c
+++ b/src/conn-tools/s6-accessrules-fs-from-cdb.c
@@ -5,6 +5,7 @@
#include <sys/stat.h>
#include <errno.h>
#include <unistd.h>
+
#include <skalibs/bytestr.h>
#include <skalibs/types.h>
#include <skalibs/cdb.h>
@@ -51,11 +52,15 @@ static void mkdirp (char *s)
static void touchtrunc (char const *file)
{
int fd = open_trunc(file) ;
- if (fd < 0) strerr_diefu2sys(111, "open_trunc ", file) ;
+ if (fd < 0)
+ {
+ cleanup() ;
+ strerr_diefu2sys(111, "open_trunc ", file) ;
+ }
fd_close(fd) ;
}
-static int doenv (char const *dir, size_t dirlen, char *env, size_t envlen)
+static int doenv (char const *dir, size_t dirlen, char const *env, uint32_t envlen)
{
mode_t m = umask(0) ;
size_t i = 0 ;
@@ -78,12 +83,12 @@ static int doenv (char const *dir, size_t dirlen, char *env, size_t envlen)
tmp[dirlen + p + 1] = 0 ;
if (p < n)
{
- env[i+n] = '\n' ;
- if (!openwritenclose_unsafe(tmp, env + i + p + 1, n - p))
- {
- cleanup() ;
- strerr_diefu2sys(111, "openwritenclose_unsafe ", tmp) ;
- }
+ struct iovec v[2] = { { .iov_base = (char *)env + i + p + 1, .iov_len = n - p - 1 }, { .iov_base = "\n", .iov_len = 1 } } ;
+ if (!openwritevnclose_unsafe(tmp, v, 2))
+ {
+ cleanup() ;
+ strerr_diefu2sys(111, "openwritenclose_unsafe ", tmp) ;
+ }
}
else touchtrunc(tmp) ;
}
@@ -92,48 +97,41 @@ static int doenv (char const *dir, size_t dirlen, char *env, size_t envlen)
return 1 ;
}
-static int doit (struct cdb *c)
+static int doit (char const *key, uint32_t klen, char const *data, uint32_t dlen)
{
- unsigned int klen = cdb_keylen(c) ;
- unsigned int dlen = cdb_datalen(c) ;
+ uint16_t envlen, execlen ;
+ char name[basedirlen + klen + 8] ;
+ if (!dlen || (dlen > 8201)) return 0 ;
+ memcpy(name, basedir, basedirlen) ;
+ name[basedirlen] = '/' ;
+ memcpy(name + basedirlen + 1, key, klen) ;
+ name[basedirlen + klen + 1 + klen] = 0 ;
+ mkdirp(name) ;
+ name[basedirlen + klen + 1] = '/' ;
+ if (data[0] == 'A')
+ {
+ memcpy(name + basedirlen + klen + 2, "allow", 6) ;
+ touchtrunc(name) ;
+ }
+ else if (data[0] == 'D')
+ {
+ memcpy(name + basedirlen + klen + 2, "deny", 5) ;
+ touchtrunc(name) ;
+ }
+ if (dlen < 3) return 1 ;
+ uint16_unpack_big(data + 1, &envlen) ;
+ if ((envlen > 4096U) || (3U + envlen > dlen)) return 0 ;
+ uint16_unpack_big(data + 3 + envlen, &execlen) ;
+ if ((execlen > 4096U) || (5U + envlen + execlen != dlen)) return 0 ;
+ if (envlen)
+ {
+ memcpy(name + basedirlen + klen + 2, "env", 4) ;
+ if (!doenv(name, basedirlen + klen + 5, data + 3, envlen)) return 0 ;
+ }
+ if (execlen)
{
- uint16_t envlen, execlen ;
- char name[basedirlen + klen + 8] ;
- char data[dlen] ;
- memcpy(name, basedir, basedirlen) ;
- name[basedirlen] = '/' ;
- if (!dlen || (dlen > 8201)) return (errno = EINVAL, 0) ;
- if ((cdb_read(c, name+basedirlen+1, klen, cdb_keypos(c)) < 0)
- || (cdb_read(c, data, dlen, cdb_datapos(c)) < 0))
- {
- cleanup() ;
- strerr_diefu1sys(111, "cdb_read") ;
- }
- name[basedirlen + klen + 1] = 0 ;
- mkdirp(name) ;
- name[basedirlen + klen + 1] = '/' ;
- if (data[0] == 'A')
- {
- memcpy(name + basedirlen + klen + 2, "allow", 6) ;
- touchtrunc(name) ;
- }
- else if (data[0] == 'D')
- {
- memcpy(name + basedirlen + klen + 2, "deny", 5) ;
- touchtrunc(name) ;
- }
- if (dlen < 3) return 1 ;
- uint16_unpack_big(data + 1, &envlen) ;
- if ((envlen > 4096U) || (3U + envlen > dlen)) return (errno = EINVAL, 0) ;
- uint16_unpack_big(data + 3 + envlen, &execlen) ;
- if ((execlen > 4096U) || (5U + envlen + execlen != dlen)) return (errno = EINVAL, 0) ;
- if (envlen)
- {
- memcpy(name + basedirlen + klen + 2, "env", 4) ;
- if (!doenv(name, basedirlen + klen + 5, data + 3, envlen)) return (errno = EINVAL, 0) ;
- }
memcpy(name + basedirlen + klen + 2, "exec", 5) ;
- if (execlen && !openwritenclose_unsafe(name, data + 5 + envlen, execlen))
+ if (!openwritenclose_unsafe(name, data + 5 + envlen, execlen))
{
cleanup() ;
strerr_diefu2sys(111, "openwritenclose_unsafe ", name) ;
@@ -144,11 +142,11 @@ static int doit (struct cdb *c)
int main (int argc, char const *const *argv)
{
- struct cdb c = CDB_ZERO ;
- uint32_t kpos ;
+ cdb c = CDB_ZERO ;
+ uint32_t pos = CDB_TRAVERSE_INIT() ;
PROG = "s6-accessrules-fs-from-cdb" ;
if (argc < 3) strerr_dieusage(100, USAGE) ;
- if (cdb_mapfile(&c, argv[2]) < 0) strerr_diefu1sys(111, "cdb_mapfile") ;
+ if (!cdb_init(&c, argv[2])) strerr_diefu1sys(111, "cdb_init") ;
basedir = argv[1] ;
basedirlen = strlen(argv[1]) ;
{
@@ -157,20 +155,20 @@ int main (int argc, char const *const *argv)
strerr_diefu2sys(111, "mkdir ", basedir) ;
umask(m) ;
}
- cdb_traverse_init(&c, &kpos) ;
for (;;)
{
- int r = cdb_nextkey(&c, &kpos) ;
+ cdb_data key, data ;
+ int r = cdb_traverse_next(&c, &key, &data, &pos) ;
if (r < 0)
{
cleanup() ;
- strerr_diefu1sys(111, "cdb_nextkey") ;
+ strerr_diefu1x(111, "cdb_traverse_next: invalid cdb") ;
}
else if (!r) break ;
- else if (!doit(&c))
+ else if (!doit(key.s, key.len, data.s, data.len))
{
cleanup() ;
- strerr_diefu1sys(111, "handle key") ;
+ strerr_diefu3x(111, "handle cdb record: ", argv[2], " does not contain valid accessrules data") ;
}
}
return 0 ;
diff --git a/src/conn-tools/s6-ipcserver-access.c b/src/conn-tools/s6-ipcserver-access.c
index 0356f60..a5c2bd7 100644
--- a/src/conn-tools/s6-ipcserver-access.c
+++ b/src/conn-tools/s6-ipcserver-access.c
@@ -75,14 +75,11 @@ static inline void log_deny (pid_t pid, uid_t uid, gid_t gid)
static s6_accessrules_result_t check_cdb (uid_t uid, gid_t gid, char const *file, s6_accessrules_params_t *params)
{
- struct cdb c = CDB_ZERO ;
- int fd = open_readb(file) ;
+ cdb c = CDB_ZERO ;
s6_accessrules_result_t r ;
- if (fd < 0) return -1 ;
- if (cdb_init(&c, fd) < 0) strerr_diefu2sys(111, "cdb_init ", file) ;
+ if (!cdb_init(&c, file)) strerr_diefu2sys(111, "cdb_init ", file) ;
r = s6_accessrules_uidgid_cdb(uid, gid, &c, params) ;
cdb_free(&c) ;
- fd_close(fd) ;
return r ;
}