summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorLaurent Bercot <ska-skaware@skarnet.org>2021-07-23 20:01:58 +0000
committerLaurent Bercot <ska@appnovation.com>2021-07-23 20:01:58 +0000
commitf24d6bdcdfd5f955cbc72ae9e0eb2d2778ecf06a (patch)
tree10f24fae2f0d8a0e0e74cbd4a71113fdf7c58c74 /src
parentc9fcfbf294edb01b149a75465a4beb14c3a5dd56 (diff)
downloads6-f24d6bdcdfd5f955cbc72ae9e0eb2d2778ecf06a.tar.xz
Prepare for 2.11.0.0, adapt to skalibs-2.11.0.0 (cdb changes)
Signed-off-by: Laurent Bercot <ska@appnovation.com>
Diffstat (limited to 'src')
-rw-r--r--src/conn-tools/s6-accessrules-cdb-from-fs.c21
-rw-r--r--src/conn-tools/s6-accessrules-fs-from-cdb.c108
-rw-r--r--src/conn-tools/s6-ipcserver-access.c7
-rw-r--r--src/fdholder/s6-fdholderd.c20
-rw-r--r--src/include/s6/accessrules.h6
-rw-r--r--src/libs6/s6_accessrules_backend_cdb.c48
-rw-r--r--src/libs6/s6_accessrules_backend_fs.c4
-rw-r--r--src/libs6/s6_accessrules_keycheck_ip4.c2
-rw-r--r--src/libs6/s6_accessrules_keycheck_ip6.c2
-rw-r--r--src/libs6/s6_accessrules_keycheck_reversedns.c2
-rw-r--r--src/libs6/s6_accessrules_keycheck_uidgid.c2
-rw-r--r--src/libs6/s6_accessrules_uidgid_cdb.c2
12 files changed, 107 insertions, 117 deletions
diff --git a/src/conn-tools/s6-accessrules-cdb-from-fs.c b/src/conn-tools/s6-accessrules-cdb-from-fs.c
index dd935bf..a6587db 100644
--- a/src/conn-tools/s6-accessrules-cdb-from-fs.c
+++ b/src/conn-tools/s6-accessrules-cdb-from-fs.c
@@ -5,9 +5,10 @@
#include <errno.h>
#include <stdlib.h>
#include <stdio.h>
+
#include <skalibs/posixplz.h>
#include <skalibs/types.h>
-#include <skalibs/cdb_make.h>
+#include <skalibs/cdbmake.h>
#include <skalibs/strerr2.h>
#include <skalibs/stralloc.h>
#include <skalibs/env.h>
@@ -31,7 +32,7 @@ static void dienomem (void)
strerr_diefu1sys(111, "stralloc_catb") ;
}
-static void doit (struct cdb_make *c, stralloc *sa, size_t start)
+static void doit (cdbmaker *c, stralloc *sa, size_t start)
{
size_t tmpbase = tmp.len ;
unsigned int k = sa->len ;
@@ -54,10 +55,10 @@ static void doit (struct cdb_make *c, stralloc *sa, size_t start)
strerr_diefu2sys(111, "access ", sa->s) ;
}
else return ;
- else if (cdb_make_add(c, sa->s + start, k - start, "D", 1) < 0)
+ else if (!cdbmake_add(c, sa->s + start, k - start, "D", 1))
{
cleanup() ;
- strerr_diefu1sys(111, "cdb_make_add") ;
+ strerr_diefu1sys(111, "cdbmake_add") ;
}
}
else
@@ -93,10 +94,10 @@ static void doit (struct cdb_make *c, stralloc *sa, size_t start)
if (r > 0) execlen = r ;
if (execlen == 4096) strerr_warnw2x("possibly truncated file ", sa->s) ;
uint16_pack_big(tmp.s + tmpbase + 3 + envlen, execlen) ;
- if (cdb_make_add(c, sa->s + start, k - start, tmp.s + tmpbase, 5 + envlen + execlen) < 0)
+ if (!cdbmake_add(c, sa->s + start, k - start, tmp.s + tmpbase, 5 + envlen + execlen))
{
cleanup() ;
- strerr_diefu1sys(111, "cdb_make_add") ;
+ strerr_diefu1sys(111, "cdbmake_add") ;
}
}
}
@@ -104,7 +105,7 @@ static void doit (struct cdb_make *c, stralloc *sa, size_t start)
int main (int argc, char const *const *argv)
{
stralloc sa = STRALLOC_ZERO ;
- struct cdb_make c = CDB_MAKE_ZERO ;
+ cdbmaker c = CDBMAKER_ZERO ;
DIR *dir ;
size_t start ;
int fd ;
@@ -116,10 +117,10 @@ int main (int argc, char const *const *argv)
stralloc_catb(&tmp, SUFFIX, sizeof(SUFFIX)) ;
fd = mkstemp(tmp.s) ;
if (fd < 0) strerr_diefu2sys(111, "mkstemp ", tmp.s) ;
- if (cdb_make_start(&c, fd) < 0)
+ if (!cdbmake_start(&c, fd))
{
cleanup() ;
- strerr_diefu1sys(111, "cdb_make_start") ;
+ strerr_diefu1sys(111, "cdbmake_start") ;
}
dir = opendir(argv[2]) ;
if (!dir)
@@ -173,7 +174,7 @@ int main (int argc, char const *const *argv)
strerr_diefu2sys(111, "readdir ", argv[2]) ;
}
dir_close(dir) ;
- if (cdb_make_finish(&c) < 0)
+ if (!cdbmake_finish(&c))
{
cleanup() ;
strerr_diefu1sys(111, "cdb_make_finish") ;
diff --git a/src/conn-tools/s6-accessrules-fs-from-cdb.c b/src/conn-tools/s6-accessrules-fs-from-cdb.c
index 3db1c77..d2cb4af 100644
--- a/src/conn-tools/s6-accessrules-fs-from-cdb.c
+++ b/src/conn-tools/s6-accessrules-fs-from-cdb.c
@@ -5,6 +5,7 @@
#include <sys/stat.h>
#include <errno.h>
#include <unistd.h>
+
#include <skalibs/bytestr.h>
#include <skalibs/types.h>
#include <skalibs/cdb.h>
@@ -51,11 +52,15 @@ static void mkdirp (char *s)
static void touchtrunc (char const *file)
{
int fd = open_trunc(file) ;
- if (fd < 0) strerr_diefu2sys(111, "open_trunc ", file) ;
+ if (fd < 0)
+ {
+ cleanup() ;
+ strerr_diefu2sys(111, "open_trunc ", file) ;
+ }
fd_close(fd) ;
}
-static int doenv (char const *dir, size_t dirlen, char *env, size_t envlen)
+static int doenv (char const *dir, size_t dirlen, char const *env, uint32_t envlen)
{
mode_t m = umask(0) ;
size_t i = 0 ;
@@ -78,12 +83,12 @@ static int doenv (char const *dir, size_t dirlen, char *env, size_t envlen)
tmp[dirlen + p + 1] = 0 ;
if (p < n)
{
- env[i+n] = '\n' ;
- if (!openwritenclose_unsafe(tmp, env + i + p + 1, n - p))
- {
- cleanup() ;
- strerr_diefu2sys(111, "openwritenclose_unsafe ", tmp) ;
- }
+ struct iovec v[2] = { { .iov_base = (char *)env + i + p + 1, .iov_len = n - p - 1 }, { .iov_base = "\n", .iov_len = 1 } } ;
+ if (!openwritevnclose_unsafe(tmp, v, 2))
+ {
+ cleanup() ;
+ strerr_diefu2sys(111, "openwritenclose_unsafe ", tmp) ;
+ }
}
else touchtrunc(tmp) ;
}
@@ -92,48 +97,41 @@ static int doenv (char const *dir, size_t dirlen, char *env, size_t envlen)
return 1 ;
}
-static int doit (struct cdb *c)
+static int doit (char const *key, uint32_t klen, char const *data, uint32_t dlen)
{
- unsigned int klen = cdb_keylen(c) ;
- unsigned int dlen = cdb_datalen(c) ;
+ uint16_t envlen, execlen ;
+ char name[basedirlen + klen + 8] ;
+ if (!dlen || (dlen > 8201)) return 0 ;
+ memcpy(name, basedir, basedirlen) ;
+ name[basedirlen] = '/' ;
+ memcpy(name + basedirlen + 1, key, klen) ;
+ name[basedirlen + klen + 1 + klen] = 0 ;
+ mkdirp(name) ;
+ name[basedirlen + klen + 1] = '/' ;
+ if (data[0] == 'A')
+ {
+ memcpy(name + basedirlen + klen + 2, "allow", 6) ;
+ touchtrunc(name) ;
+ }
+ else if (data[0] == 'D')
+ {
+ memcpy(name + basedirlen + klen + 2, "deny", 5) ;
+ touchtrunc(name) ;
+ }
+ if (dlen < 3) return 1 ;
+ uint16_unpack_big(data + 1, &envlen) ;
+ if ((envlen > 4096U) || (3U + envlen > dlen)) return 0 ;
+ uint16_unpack_big(data + 3 + envlen, &execlen) ;
+ if ((execlen > 4096U) || (5U + envlen + execlen != dlen)) return 0 ;
+ if (envlen)
+ {
+ memcpy(name + basedirlen + klen + 2, "env", 4) ;
+ if (!doenv(name, basedirlen + klen + 5, data + 3, envlen)) return 0 ;
+ }
+ if (execlen)
{
- uint16_t envlen, execlen ;
- char name[basedirlen + klen + 8] ;
- char data[dlen] ;
- memcpy(name, basedir, basedirlen) ;
- name[basedirlen] = '/' ;
- if (!dlen || (dlen > 8201)) return (errno = EINVAL, 0) ;
- if ((cdb_read(c, name+basedirlen+1, klen, cdb_keypos(c)) < 0)
- || (cdb_read(c, data, dlen, cdb_datapos(c)) < 0))
- {
- cleanup() ;
- strerr_diefu1sys(111, "cdb_read") ;
- }
- name[basedirlen + klen + 1] = 0 ;
- mkdirp(name) ;
- name[basedirlen + klen + 1] = '/' ;
- if (data[0] == 'A')
- {
- memcpy(name + basedirlen + klen + 2, "allow", 6) ;
- touchtrunc(name) ;
- }
- else if (data[0] == 'D')
- {
- memcpy(name + basedirlen + klen + 2, "deny", 5) ;
- touchtrunc(name) ;
- }
- if (dlen < 3) return 1 ;
- uint16_unpack_big(data + 1, &envlen) ;
- if ((envlen > 4096U) || (3U + envlen > dlen)) return (errno = EINVAL, 0) ;
- uint16_unpack_big(data + 3 + envlen, &execlen) ;
- if ((execlen > 4096U) || (5U + envlen + execlen != dlen)) return (errno = EINVAL, 0) ;
- if (envlen)
- {
- memcpy(name + basedirlen + klen + 2, "env", 4) ;
- if (!doenv(name, basedirlen + klen + 5, data + 3, envlen)) return (errno = EINVAL, 0) ;
- }
memcpy(name + basedirlen + klen + 2, "exec", 5) ;
- if (execlen && !openwritenclose_unsafe(name, data + 5 + envlen, execlen))
+ if (!openwritenclose_unsafe(name, data + 5 + envlen, execlen))
{
cleanup() ;
strerr_diefu2sys(111, "openwritenclose_unsafe ", name) ;
@@ -144,11 +142,11 @@ static int doit (struct cdb *c)
int main (int argc, char const *const *argv)
{
- struct cdb c = CDB_ZERO ;
- uint32_t kpos ;
+ cdb c = CDB_ZERO ;
+ uint32_t pos = CDB_TRAVERSE_INIT() ;
PROG = "s6-accessrules-fs-from-cdb" ;
if (argc < 3) strerr_dieusage(100, USAGE) ;
- if (cdb_mapfile(&c, argv[2]) < 0) strerr_diefu1sys(111, "cdb_mapfile") ;
+ if (!cdb_init(&c, argv[2])) strerr_diefu1sys(111, "cdb_init") ;
basedir = argv[1] ;
basedirlen = strlen(argv[1]) ;
{
@@ -157,20 +155,20 @@ int main (int argc, char const *const *argv)
strerr_diefu2sys(111, "mkdir ", basedir) ;
umask(m) ;
}
- cdb_traverse_init(&c, &kpos) ;
for (;;)
{
- int r = cdb_nextkey(&c, &kpos) ;
+ cdb_data key, data ;
+ int r = cdb_traverse_next(&c, &key, &data, &pos) ;
if (r < 0)
{
cleanup() ;
- strerr_diefu1sys(111, "cdb_nextkey") ;
+ strerr_diefu1x(111, "cdb_traverse_next: invalid cdb") ;
}
else if (!r) break ;
- else if (!doit(&c))
+ else if (!doit(key.s, key.len, data.s, data.len))
{
cleanup() ;
- strerr_diefu1sys(111, "handle key") ;
+ strerr_diefu3x(111, "handle cdb record: ", argv[2], " does not contain valid accessrules data") ;
}
}
return 0 ;
diff --git a/src/conn-tools/s6-ipcserver-access.c b/src/conn-tools/s6-ipcserver-access.c
index 0356f60..a5c2bd7 100644
--- a/src/conn-tools/s6-ipcserver-access.c
+++ b/src/conn-tools/s6-ipcserver-access.c
@@ -75,14 +75,11 @@ static inline void log_deny (pid_t pid, uid_t uid, gid_t gid)
static s6_accessrules_result_t check_cdb (uid_t uid, gid_t gid, char const *file, s6_accessrules_params_t *params)
{
- struct cdb c = CDB_ZERO ;
- int fd = open_readb(file) ;
+ cdb c = CDB_ZERO ;
s6_accessrules_result_t r ;
- if (fd < 0) return -1 ;
- if (cdb_init(&c, fd) < 0) strerr_diefu2sys(111, "cdb_init ", file) ;
+ if (!cdb_init(&c, file)) strerr_diefu2sys(111, "cdb_init ", file) ;
r = s6_accessrules_uidgid_cdb(uid, gid, &c, params) ;
cdb_free(&c) ;
- fd_close(fd) ;
return r ;
}
diff --git a/src/fdholder/s6-fdholderd.c b/src/fdholder/s6-fdholderd.c
index bacd42c..1300640 100644
--- a/src/fdholder/s6-fdholderd.c
+++ b/src/fdholder/s6-fdholderd.c
@@ -47,8 +47,7 @@ static tain_t const nano1 = { .sec = TAI_ZERO, .nano = 1 } ;
static unsigned int rulestype = 0 ;
static char const *rules = 0 ;
-static int cdbfd = -1 ;
-static struct cdb cdbmap = CDB_ZERO ;
+static cdb cdbmap = CDB_ZERO ;
static void handle_signals (void)
{
@@ -67,19 +66,10 @@ static void handle_signals (void)
}
case SIGHUP :
{
- int fd ;
- struct cdb c = CDB_ZERO ;
+ cdb c = CDB_ZERO ;
if (rulestype != 2) break ;
- fd = open_readb(rules) ;
- if (fd < 0) break ;
- if (cdb_init(&c, fd) < 0)
- {
- fd_close(fd) ;
- break ;
- }
+ if (!cdb_init(&c, rules)) break ;
cdb_free(&cdbmap) ;
- fd_close(cdbfd) ;
- cdbfd = fd ;
cdbmap = c ;
}
break ;
@@ -723,9 +713,7 @@ int main (int argc, char const *const *argv, char const *const *envp)
if (rulestype == 2)
{
- cdbfd = open_readb(rules) ;
- if (cdbfd < 0) strerr_diefu3sys(111, "open ", rules, " for reading") ;
- if (cdb_init(&cdbmap, cdbfd) < 0)
+ if (!cdb_init(&cdbmap, rules))
strerr_diefu2sys(111, "cdb_init ", rules) ;
}
diff --git a/src/include/s6/accessrules.h b/src/include/s6/accessrules.h
index c8a9400..c172641 100644
--- a/src/include/s6/accessrules.h
+++ b/src/include/s6/accessrules.h
@@ -35,13 +35,13 @@ enum s6_accessrules_result_e
S6_ACCESSRULES_NOTFOUND = 2
} ;
-typedef s6_accessrules_result_t s6_accessrules_backend_func_t (char const *, size_t, void *, s6_accessrules_params_t *) ;
+typedef s6_accessrules_result_t s6_accessrules_backend_func_t (char const *, size_t, void const *, s6_accessrules_params_t *) ;
typedef s6_accessrules_backend_func_t *s6_accessrules_backend_func_t_ref ;
extern s6_accessrules_backend_func_t s6_accessrules_backend_fs ;
extern s6_accessrules_backend_func_t s6_accessrules_backend_cdb ;
-typedef s6_accessrules_result_t s6_accessrules_keycheck_func_t (void const *, void *, s6_accessrules_params_t *, s6_accessrules_backend_func_t_ref) ;
+typedef s6_accessrules_result_t s6_accessrules_keycheck_func_t (void const *, void const *, s6_accessrules_params_t *, s6_accessrules_backend_func_t_ref) ;
typedef s6_accessrules_keycheck_func_t *s6_accessrules_keycheck_func_t_ref ;
extern s6_accessrules_keycheck_func_t s6_accessrules_keycheck_uidgid ;
@@ -50,7 +50,7 @@ extern s6_accessrules_keycheck_func_t s6_accessrules_keycheck_ip6 ;
extern s6_accessrules_keycheck_func_t s6_accessrules_keycheck_reversedns ;
#define s6_accessrules_keycheck_ip46(key, data, params, f) (ip46_is6((ip46_t const *)(key)) ? s6_accessrules_keycheck_ip6(((ip46_t const *)(key))->ip, data, params, f) : s6_accessrules_keycheck_ip4(((ip46_t const *)(key))->ip, data, params, f))
-extern s6_accessrules_result_t s6_accessrules_uidgid_cdb (uid_t, gid_t, struct cdb *, s6_accessrules_params_t *) ;
+extern s6_accessrules_result_t s6_accessrules_uidgid_cdb (uid_t, gid_t, cdb const *, s6_accessrules_params_t *) ;
extern s6_accessrules_result_t s6_accessrules_uidgid_fs (uid_t, gid_t, char const *, s6_accessrules_params_t *) ;
#define s6_accessrules_ip4_cdb(ip4, c, params) s6_accessrules_keycheck_ip4(ip4, c, (params), &s6_accessrules_backend_cdb)
#define s6_accessrules_ip4_fs(ip4, rulesdir, params) s6_accessrules_keycheck_ip4(ip4, rulesdir, (params), &s6_accessrules_backend_fs)
diff --git a/src/libs6/s6_accessrules_backend_cdb.c b/src/libs6/s6_accessrules_backend_cdb.c
index 4c454d1..49eca68 100644
--- a/src/libs6/s6_accessrules_backend_cdb.c
+++ b/src/libs6/s6_accessrules_backend_cdb.c
@@ -3,38 +3,44 @@
#include <string.h>
#include <stdint.h>
#include <errno.h>
+
#include <skalibs/uint16.h>
#include <skalibs/cdb.h>
#include <skalibs/stralloc.h>
#include <s6/accessrules.h>
-s6_accessrules_result_t s6_accessrules_backend_cdb (char const *key, size_t keylen, void *data, s6_accessrules_params_t *params)
+s6_accessrules_result_t s6_accessrules_backend_cdb (char const *key, size_t keylen, void const *arg, s6_accessrules_params_t *params)
{
- struct cdb *c = data ;
- size_t execbase ;
- unsigned int n ;
+ cdb_data data ;
+ int wasnull = !params->env.s ;
uint16_t envlen, execlen ;
- int r = cdb_find(c, key, keylen) ;
+ cdb const *c = arg ;
+ cdb_reader reader = CDB_READER_ZERO ;
+ int r = cdb_find(c, &reader, &data, key, keylen) ;
if (r < 0) return S6_ACCESSRULES_ERROR ;
else if (!r) return S6_ACCESSRULES_NOTFOUND ;
- n = cdb_datalen(c) ;
- if (!n || n > 8197) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
- if (!stralloc_readyplus(&params->exec, n)) return S6_ACCESSRULES_ERROR ;
- execbase = params->exec.len ;
- if (cdb_read(c, params->exec.s + execbase, n, cdb_datapos(c)) < 0) return S6_ACCESSRULES_ERROR ;
- if (params->exec.s[execbase] == 'D') return S6_ACCESSRULES_DENY ;
- else if (params->exec.s[execbase] != 'A') return S6_ACCESSRULES_NOTFOUND ;
- else if (n < 5) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
- uint16_unpack_big(params->exec.s + execbase + 1, &envlen) ;
- if ((envlen > 4096) || (envlen + 5 > n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
- uint16_unpack_big(params->exec.s + execbase + 3 + envlen, &execlen) ;
- if ((execlen > 4096) || (5 + envlen + execlen != n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
- if (!stralloc_catb(&params->env, params->exec.s + execbase + 3, envlen)) return S6_ACCESSRULES_ERROR ;
- memcpy(params->exec.s + execbase, params->exec.s + execbase + 5 + envlen, execlen) ;
+ if (!data.len || data.len > 8197) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
+ if (data.s[0] == 'D') return S6_ACCESSRULES_DENY ;
+ if (data.s[0] != 'A') return S6_ACCESSRULES_NOTFOUND ;
+ if (data.len < 5) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
+ uint16_unpack_big(data.s + 1, &envlen) ;
+ if ((envlen > 4096) || (data.len - 5 < envlen)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
+ uint16_unpack_big(data.s + 3 + envlen, &execlen) ;
+ if ((execlen > 4096) || (5 + envlen + execlen != data.len)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
+ if (envlen && !stralloc_catb(&params->env, data.s + 3, envlen)) return S6_ACCESSRULES_ERROR ;
if (execlen)
{
- params->exec.len += execlen ;
- params->exec.s[params->exec.len++] = 0 ;
+ if (!stralloc_readyplus(&params->exec, execlen + 1))
+ {
+ if (envlen)
+ {
+ if (wasnull) stralloc_free(&params->env) ;
+ else params->env.len -= envlen ;
+ }
+ return S6_ACCESSRULES_ERROR ;
+ }
+ stralloc_catb(&params->exec, data.s + 5 + envlen, execlen) ;
+ stralloc_0(&params->exec) ;
}
return S6_ACCESSRULES_ALLOW ;
}
diff --git a/src/libs6/s6_accessrules_backend_fs.c b/src/libs6/s6_accessrules_backend_fs.c
index aa1cfc6..1995757 100644
--- a/src/libs6/s6_accessrules_backend_fs.c
+++ b/src/libs6/s6_accessrules_backend_fs.c
@@ -8,9 +8,9 @@
#include <skalibs/djbunix.h>
#include <s6/accessrules.h>
-s6_accessrules_result_t s6_accessrules_backend_fs (char const *key, size_t keylen, void *data, s6_accessrules_params_t *params)
+s6_accessrules_result_t s6_accessrules_backend_fs (char const *key, size_t keylen, void const *data, s6_accessrules_params_t *params)
{
- char *dir = data ;
+ char const *dir = data ;
size_t dirlen = strlen(dir) ;
size_t envbase = params->env.len ;
int wasnull = !params->env.s ;
diff --git a/src/libs6/s6_accessrules_keycheck_ip4.c b/src/libs6/s6_accessrules_keycheck_ip4.c
index de402be..142be0e 100644
--- a/src/libs6/s6_accessrules_keycheck_ip4.c
+++ b/src/libs6/s6_accessrules_keycheck_ip4.c
@@ -5,7 +5,7 @@
#include <skalibs/fmtscan.h>
#include <s6/accessrules.h>
-s6_accessrules_result_t s6_accessrules_keycheck_ip4 (void const *key, void *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1)
+s6_accessrules_result_t s6_accessrules_keycheck_ip4 (void const *key, void const *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1)
{
char fmt[IP4_FMT + UINT_FMT + 6] = "ip4/" ;
uint32_t ip ;
diff --git a/src/libs6/s6_accessrules_keycheck_ip6.c b/src/libs6/s6_accessrules_keycheck_ip6.c
index 93418d3..5922db6 100644
--- a/src/libs6/s6_accessrules_keycheck_ip6.c
+++ b/src/libs6/s6_accessrules_keycheck_ip6.c
@@ -6,7 +6,7 @@
#include <skalibs/fmtscan.h>
#include <s6/accessrules.h>
-s6_accessrules_result_t s6_accessrules_keycheck_ip6 (void const *key, void *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1)
+s6_accessrules_result_t s6_accessrules_keycheck_ip6 (void const *key, void const *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1)
{
char fmt[IP6_FMT + UINT_FMT + 6] = "ip6/" ;
char ip6[16] ;
diff --git a/src/libs6/s6_accessrules_keycheck_reversedns.c b/src/libs6/s6_accessrules_keycheck_reversedns.c
index 34da90f..d0dac27 100644
--- a/src/libs6/s6_accessrules_keycheck_reversedns.c
+++ b/src/libs6/s6_accessrules_keycheck_reversedns.c
@@ -5,7 +5,7 @@
#include <skalibs/bytestr.h>
#include <s6/accessrules.h>
-s6_accessrules_result_t s6_accessrules_keycheck_reversedns (void const *key, void *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1)
+s6_accessrules_result_t s6_accessrules_keycheck_reversedns (void const *key, void const *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1)
{
char const *name = key ;
size_t len = strlen(name) ;
diff --git a/src/libs6/s6_accessrules_keycheck_uidgid.c b/src/libs6/s6_accessrules_keycheck_uidgid.c
index 573382c..4d8c079 100644
--- a/src/libs6/s6_accessrules_keycheck_uidgid.c
+++ b/src/libs6/s6_accessrules_keycheck_uidgid.c
@@ -6,7 +6,7 @@
#include <skalibs/types.h>
#include <s6/accessrules.h>
-s6_accessrules_result_t s6_accessrules_keycheck_uidgid (void const *key, void *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1)
+s6_accessrules_result_t s6_accessrules_keycheck_uidgid (void const *key, void const *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1)
{
uidgid_t const *uidgid = key ;
char fmt[4 + UINT64_FMT] = "uid/" ;
diff --git a/src/libs6/s6_accessrules_uidgid_cdb.c b/src/libs6/s6_accessrules_uidgid_cdb.c
index 707086e..d06b51b 100644
--- a/src/libs6/s6_accessrules_uidgid_cdb.c
+++ b/src/libs6/s6_accessrules_uidgid_cdb.c
@@ -2,7 +2,7 @@
#include <s6/accessrules.h>
-s6_accessrules_result_t s6_accessrules_uidgid_cdb (uid_t uid, gid_t gid, struct cdb *c, s6_accessrules_params_t *params)
+s6_accessrules_result_t s6_accessrules_uidgid_cdb (uid_t uid, gid_t gid, cdb const *c, s6_accessrules_params_t *params)
{
uidgid_t uidgid = { .left = uid, .right = gid } ;
return s6_accessrules_keycheck_uidgid(&uidgid, c, params, &s6_accessrules_backend_cdb) ;