diff options
| -rw-r--r-- | INSTALL | 2 | ||||
| -rw-r--r-- | NEWS | 3 | ||||
| -rw-r--r-- | doc/index.html | 4 | ||||
| -rw-r--r-- | doc/upgrade.html | 4 | ||||
| -rw-r--r-- | package/info | 2 | ||||
| -rw-r--r-- | src/conn-tools/s6-accessrules-cdb-from-fs.c | 21 | ||||
| -rw-r--r-- | src/conn-tools/s6-accessrules-fs-from-cdb.c | 108 | ||||
| -rw-r--r-- | src/conn-tools/s6-ipcserver-access.c | 7 | ||||
| -rw-r--r-- | src/fdholder/s6-fdholderd.c | 20 | ||||
| -rw-r--r-- | src/include/s6/accessrules.h | 6 | ||||
| -rw-r--r-- | src/libs6/s6_accessrules_backend_cdb.c | 48 | ||||
| -rw-r--r-- | src/libs6/s6_accessrules_backend_fs.c | 4 | ||||
| -rw-r--r-- | src/libs6/s6_accessrules_keycheck_ip4.c | 2 | ||||
| -rw-r--r-- | src/libs6/s6_accessrules_keycheck_ip6.c | 2 | ||||
| -rw-r--r-- | src/libs6/s6_accessrules_keycheck_reversedns.c | 2 | ||||
| -rw-r--r-- | src/libs6/s6_accessrules_keycheck_uidgid.c | 2 | ||||
| -rw-r--r-- | src/libs6/s6_accessrules_uidgid_cdb.c | 2 |
17 files changed, 116 insertions, 123 deletions
@@ -6,7 +6,7 @@ Build Instructions - A POSIX-compliant C development environment - GNU make version 3.81 or later - - skalibs version 2.10.0.3 or later: https://skarnet.org/software/skalibs/ + - skalibs version 2.11.0.0 or later: https://skarnet.org/software/skalibs/ - execline version 2.8.0.1 or later: https://skarnet.org/software/execline/ (You can disable this requirement at configure time, but will lose some functionality.) @@ -1,8 +1,9 @@ Changelog for s6. -In 2.10.1.0 +In 2.11.0.0 ----------- + - Adaptation to skalibs-2.11.0.0. - Bugfixes. - s6-svwait now supports -r and -R options to wait for restarts. - New service directory file: lock-fd, to take a lock before diff --git a/doc/index.html b/doc/index.html index 6fba9f5..6b1cd2b 100644 --- a/doc/index.html +++ b/doc/index.html @@ -83,7 +83,7 @@ with s6</a> </li> <li> A POSIX-compliant system with a standard C development environment </li> <li> GNU make, version 3.81 or later </li> <li> <a href="//skarnet.org/software/skalibs/">skalibs</a> version -2.10.0.3 or later. It's a build-time requirement. It's also a run-time +2.11.0.0 or later. It's a build-time requirement. It's also a run-time requirement if you link against the shared version of the skalibs library. </li> <li> (Optional, but really recommended for full functionality): @@ -115,7 +115,7 @@ want nsswitch-like functionality: <h3> Download </h3> <ul> - <li> The current released version of s6 is <a href="s6-2.10.1.0.tar.gz">2.10.1.0</a>. </li> + <li> The current released version of s6 is <a href="s6-2.11.0.0.tar.gz">2.10.0.0</a>. </li> <li> Alternatively, you can checkout a copy of the <a href="//git.skarnet.org/cgi-bin/cgit.cgi/s6/">s6 git repository</a>: diff --git a/doc/upgrade.html b/doc/upgrade.html index a87f326..67eb6c3 100644 --- a/doc/upgrade.html +++ b/doc/upgrade.html @@ -18,9 +18,11 @@ <h1> What has changed in s6 </h1> -<h2> in 2.10.1.0 </h2> +<h2> in 2.11.0.0 </h2> <ul> + <li> <a href="//skarnet.org/software/skalibs/">skalibs</a> +dependency bumped to 2.11.0.0. </li> <li> <a href="s6-svwait.html">s6-svwait</a> now supports the <tt>-r</tt> and <tt>-R</tt> options, to wait for service restarts. </li> </ul> diff --git a/package/info b/package/info index 0e11a6e..0899491 100644 --- a/package/info +++ b/package/info @@ -1,4 +1,4 @@ package=s6 -version=2.10.1.0 +version=2.11.0.0 category=admin package_macro_name=S6 diff --git a/src/conn-tools/s6-accessrules-cdb-from-fs.c b/src/conn-tools/s6-accessrules-cdb-from-fs.c index dd935bf..a6587db 100644 --- a/src/conn-tools/s6-accessrules-cdb-from-fs.c +++ b/src/conn-tools/s6-accessrules-cdb-from-fs.c @@ -5,9 +5,10 @@ #include <errno.h> #include <stdlib.h> #include <stdio.h> + #include <skalibs/posixplz.h> #include <skalibs/types.h> -#include <skalibs/cdb_make.h> +#include <skalibs/cdbmake.h> #include <skalibs/strerr2.h> #include <skalibs/stralloc.h> #include <skalibs/env.h> @@ -31,7 +32,7 @@ static void dienomem (void) strerr_diefu1sys(111, "stralloc_catb") ; } -static void doit (struct cdb_make *c, stralloc *sa, size_t start) +static void doit (cdbmaker *c, stralloc *sa, size_t start) { size_t tmpbase = tmp.len ; unsigned int k = sa->len ; @@ -54,10 +55,10 @@ static void doit (struct cdb_make *c, stralloc *sa, size_t start) strerr_diefu2sys(111, "access ", sa->s) ; } else return ; - else if (cdb_make_add(c, sa->s + start, k - start, "D", 1) < 0) + else if (!cdbmake_add(c, sa->s + start, k - start, "D", 1)) { cleanup() ; - strerr_diefu1sys(111, "cdb_make_add") ; + strerr_diefu1sys(111, "cdbmake_add") ; } } else @@ -93,10 +94,10 @@ static void doit (struct cdb_make *c, stralloc *sa, size_t start) if (r > 0) execlen = r ; if (execlen == 4096) strerr_warnw2x("possibly truncated file ", sa->s) ; uint16_pack_big(tmp.s + tmpbase + 3 + envlen, execlen) ; - if (cdb_make_add(c, sa->s + start, k - start, tmp.s + tmpbase, 5 + envlen + execlen) < 0) + if (!cdbmake_add(c, sa->s + start, k - start, tmp.s + tmpbase, 5 + envlen + execlen)) { cleanup() ; - strerr_diefu1sys(111, "cdb_make_add") ; + strerr_diefu1sys(111, "cdbmake_add") ; } } } @@ -104,7 +105,7 @@ static void doit (struct cdb_make *c, stralloc *sa, size_t start) int main (int argc, char const *const *argv) { stralloc sa = STRALLOC_ZERO ; - struct cdb_make c = CDB_MAKE_ZERO ; + cdbmaker c = CDBMAKER_ZERO ; DIR *dir ; size_t start ; int fd ; @@ -116,10 +117,10 @@ int main (int argc, char const *const *argv) stralloc_catb(&tmp, SUFFIX, sizeof(SUFFIX)) ; fd = mkstemp(tmp.s) ; if (fd < 0) strerr_diefu2sys(111, "mkstemp ", tmp.s) ; - if (cdb_make_start(&c, fd) < 0) + if (!cdbmake_start(&c, fd)) { cleanup() ; - strerr_diefu1sys(111, "cdb_make_start") ; + strerr_diefu1sys(111, "cdbmake_start") ; } dir = opendir(argv[2]) ; if (!dir) @@ -173,7 +174,7 @@ int main (int argc, char const *const *argv) strerr_diefu2sys(111, "readdir ", argv[2]) ; } dir_close(dir) ; - if (cdb_make_finish(&c) < 0) + if (!cdbmake_finish(&c)) { cleanup() ; strerr_diefu1sys(111, "cdb_make_finish") ; diff --git a/src/conn-tools/s6-accessrules-fs-from-cdb.c b/src/conn-tools/s6-accessrules-fs-from-cdb.c index 3db1c77..d2cb4af 100644 --- a/src/conn-tools/s6-accessrules-fs-from-cdb.c +++ b/src/conn-tools/s6-accessrules-fs-from-cdb.c @@ -5,6 +5,7 @@ #include <sys/stat.h> #include <errno.h> #include <unistd.h> + #include <skalibs/bytestr.h> #include <skalibs/types.h> #include <skalibs/cdb.h> @@ -51,11 +52,15 @@ static void mkdirp (char *s) static void touchtrunc (char const *file) { int fd = open_trunc(file) ; - if (fd < 0) strerr_diefu2sys(111, "open_trunc ", file) ; + if (fd < 0) + { + cleanup() ; + strerr_diefu2sys(111, "open_trunc ", file) ; + } fd_close(fd) ; } -static int doenv (char const *dir, size_t dirlen, char *env, size_t envlen) +static int doenv (char const *dir, size_t dirlen, char const *env, uint32_t envlen) { mode_t m = umask(0) ; size_t i = 0 ; @@ -78,12 +83,12 @@ static int doenv (char const *dir, size_t dirlen, char *env, size_t envlen) tmp[dirlen + p + 1] = 0 ; if (p < n) { - env[i+n] = '\n' ; - if (!openwritenclose_unsafe(tmp, env + i + p + 1, n - p)) - { - cleanup() ; - strerr_diefu2sys(111, "openwritenclose_unsafe ", tmp) ; - } + struct iovec v[2] = { { .iov_base = (char *)env + i + p + 1, .iov_len = n - p - 1 }, { .iov_base = "\n", .iov_len = 1 } } ; + if (!openwritevnclose_unsafe(tmp, v, 2)) + { + cleanup() ; + strerr_diefu2sys(111, "openwritenclose_unsafe ", tmp) ; + } } else touchtrunc(tmp) ; } @@ -92,48 +97,41 @@ static int doenv (char const *dir, size_t dirlen, char *env, size_t envlen) return 1 ; } -static int doit (struct cdb *c) +static int doit (char const *key, uint32_t klen, char const *data, uint32_t dlen) { - unsigned int klen = cdb_keylen(c) ; - unsigned int dlen = cdb_datalen(c) ; + uint16_t envlen, execlen ; + char name[basedirlen + klen + 8] ; + if (!dlen || (dlen > 8201)) return 0 ; + memcpy(name, basedir, basedirlen) ; + name[basedirlen] = '/' ; + memcpy(name + basedirlen + 1, key, klen) ; + name[basedirlen + klen + 1 + klen] = 0 ; + mkdirp(name) ; + name[basedirlen + klen + 1] = '/' ; + if (data[0] == 'A') + { + memcpy(name + basedirlen + klen + 2, "allow", 6) ; + touchtrunc(name) ; + } + else if (data[0] == 'D') + { + memcpy(name + basedirlen + klen + 2, "deny", 5) ; + touchtrunc(name) ; + } + if (dlen < 3) return 1 ; + uint16_unpack_big(data + 1, &envlen) ; + if ((envlen > 4096U) || (3U + envlen > dlen)) return 0 ; + uint16_unpack_big(data + 3 + envlen, &execlen) ; + if ((execlen > 4096U) || (5U + envlen + execlen != dlen)) return 0 ; + if (envlen) + { + memcpy(name + basedirlen + klen + 2, "env", 4) ; + if (!doenv(name, basedirlen + klen + 5, data + 3, envlen)) return 0 ; + } + if (execlen) { - uint16_t envlen, execlen ; - char name[basedirlen + klen + 8] ; - char data[dlen] ; - memcpy(name, basedir, basedirlen) ; - name[basedirlen] = '/' ; - if (!dlen || (dlen > 8201)) return (errno = EINVAL, 0) ; - if ((cdb_read(c, name+basedirlen+1, klen, cdb_keypos(c)) < 0) - || (cdb_read(c, data, dlen, cdb_datapos(c)) < 0)) - { - cleanup() ; - strerr_diefu1sys(111, "cdb_read") ; - } - name[basedirlen + klen + 1] = 0 ; - mkdirp(name) ; - name[basedirlen + klen + 1] = '/' ; - if (data[0] == 'A') - { - memcpy(name + basedirlen + klen + 2, "allow", 6) ; - touchtrunc(name) ; - } - else if (data[0] == 'D') - { - memcpy(name + basedirlen + klen + 2, "deny", 5) ; - touchtrunc(name) ; - } - if (dlen < 3) return 1 ; - uint16_unpack_big(data + 1, &envlen) ; - if ((envlen > 4096U) || (3U + envlen > dlen)) return (errno = EINVAL, 0) ; - uint16_unpack_big(data + 3 + envlen, &execlen) ; - if ((execlen > 4096U) || (5U + envlen + execlen != dlen)) return (errno = EINVAL, 0) ; - if (envlen) - { - memcpy(name + basedirlen + klen + 2, "env", 4) ; - if (!doenv(name, basedirlen + klen + 5, data + 3, envlen)) return (errno = EINVAL, 0) ; - } memcpy(name + basedirlen + klen + 2, "exec", 5) ; - if (execlen && !openwritenclose_unsafe(name, data + 5 + envlen, execlen)) + if (!openwritenclose_unsafe(name, data + 5 + envlen, execlen)) { cleanup() ; strerr_diefu2sys(111, "openwritenclose_unsafe ", name) ; @@ -144,11 +142,11 @@ static int doit (struct cdb *c) int main (int argc, char const *const *argv) { - struct cdb c = CDB_ZERO ; - uint32_t kpos ; + cdb c = CDB_ZERO ; + uint32_t pos = CDB_TRAVERSE_INIT() ; PROG = "s6-accessrules-fs-from-cdb" ; if (argc < 3) strerr_dieusage(100, USAGE) ; - if (cdb_mapfile(&c, argv[2]) < 0) strerr_diefu1sys(111, "cdb_mapfile") ; + if (!cdb_init(&c, argv[2])) strerr_diefu1sys(111, "cdb_init") ; basedir = argv[1] ; basedirlen = strlen(argv[1]) ; { @@ -157,20 +155,20 @@ int main (int argc, char const *const *argv) strerr_diefu2sys(111, "mkdir ", basedir) ; umask(m) ; } - cdb_traverse_init(&c, &kpos) ; for (;;) { - int r = cdb_nextkey(&c, &kpos) ; + cdb_data key, data ; + int r = cdb_traverse_next(&c, &key, &data, &pos) ; if (r < 0) { cleanup() ; - strerr_diefu1sys(111, "cdb_nextkey") ; + strerr_diefu1x(111, "cdb_traverse_next: invalid cdb") ; } else if (!r) break ; - else if (!doit(&c)) + else if (!doit(key.s, key.len, data.s, data.len)) { cleanup() ; - strerr_diefu1sys(111, "handle key") ; + strerr_diefu3x(111, "handle cdb record: ", argv[2], " does not contain valid accessrules data") ; } } return 0 ; diff --git a/src/conn-tools/s6-ipcserver-access.c b/src/conn-tools/s6-ipcserver-access.c index 0356f60..a5c2bd7 100644 --- a/src/conn-tools/s6-ipcserver-access.c +++ b/src/conn-tools/s6-ipcserver-access.c @@ -75,14 +75,11 @@ static inline void log_deny (pid_t pid, uid_t uid, gid_t gid) static s6_accessrules_result_t check_cdb (uid_t uid, gid_t gid, char const *file, s6_accessrules_params_t *params) { - struct cdb c = CDB_ZERO ; - int fd = open_readb(file) ; + cdb c = CDB_ZERO ; s6_accessrules_result_t r ; - if (fd < 0) return -1 ; - if (cdb_init(&c, fd) < 0) strerr_diefu2sys(111, "cdb_init ", file) ; + if (!cdb_init(&c, file)) strerr_diefu2sys(111, "cdb_init ", file) ; r = s6_accessrules_uidgid_cdb(uid, gid, &c, params) ; cdb_free(&c) ; - fd_close(fd) ; return r ; } diff --git a/src/fdholder/s6-fdholderd.c b/src/fdholder/s6-fdholderd.c index bacd42c..1300640 100644 --- a/src/fdholder/s6-fdholderd.c +++ b/src/fdholder/s6-fdholderd.c @@ -47,8 +47,7 @@ static tain_t const nano1 = { .sec = TAI_ZERO, .nano = 1 } ; static unsigned int rulestype = 0 ; static char const *rules = 0 ; -static int cdbfd = -1 ; -static struct cdb cdbmap = CDB_ZERO ; +static cdb cdbmap = CDB_ZERO ; static void handle_signals (void) { @@ -67,19 +66,10 @@ static void handle_signals (void) } case SIGHUP : { - int fd ; - struct cdb c = CDB_ZERO ; + cdb c = CDB_ZERO ; if (rulestype != 2) break ; - fd = open_readb(rules) ; - if (fd < 0) break ; - if (cdb_init(&c, fd) < 0) - { - fd_close(fd) ; - break ; - } + if (!cdb_init(&c, rules)) break ; cdb_free(&cdbmap) ; - fd_close(cdbfd) ; - cdbfd = fd ; cdbmap = c ; } break ; @@ -723,9 +713,7 @@ int main (int argc, char const *const *argv, char const *const *envp) if (rulestype == 2) { - cdbfd = open_readb(rules) ; - if (cdbfd < 0) strerr_diefu3sys(111, "open ", rules, " for reading") ; - if (cdb_init(&cdbmap, cdbfd) < 0) + if (!cdb_init(&cdbmap, rules)) strerr_diefu2sys(111, "cdb_init ", rules) ; } diff --git a/src/include/s6/accessrules.h b/src/include/s6/accessrules.h index c8a9400..c172641 100644 --- a/src/include/s6/accessrules.h +++ b/src/include/s6/accessrules.h @@ -35,13 +35,13 @@ enum s6_accessrules_result_e S6_ACCESSRULES_NOTFOUND = 2 } ; -typedef s6_accessrules_result_t s6_accessrules_backend_func_t (char const *, size_t, void *, s6_accessrules_params_t *) ; +typedef s6_accessrules_result_t s6_accessrules_backend_func_t (char const *, size_t, void const *, s6_accessrules_params_t *) ; typedef s6_accessrules_backend_func_t *s6_accessrules_backend_func_t_ref ; extern s6_accessrules_backend_func_t s6_accessrules_backend_fs ; extern s6_accessrules_backend_func_t s6_accessrules_backend_cdb ; -typedef s6_accessrules_result_t s6_accessrules_keycheck_func_t (void const *, void *, s6_accessrules_params_t *, s6_accessrules_backend_func_t_ref) ; +typedef s6_accessrules_result_t s6_accessrules_keycheck_func_t (void const *, void const *, s6_accessrules_params_t *, s6_accessrules_backend_func_t_ref) ; typedef s6_accessrules_keycheck_func_t *s6_accessrules_keycheck_func_t_ref ; extern s6_accessrules_keycheck_func_t s6_accessrules_keycheck_uidgid ; @@ -50,7 +50,7 @@ extern s6_accessrules_keycheck_func_t s6_accessrules_keycheck_ip6 ; extern s6_accessrules_keycheck_func_t s6_accessrules_keycheck_reversedns ; #define s6_accessrules_keycheck_ip46(key, data, params, f) (ip46_is6((ip46_t const *)(key)) ? s6_accessrules_keycheck_ip6(((ip46_t const *)(key))->ip, data, params, f) : s6_accessrules_keycheck_ip4(((ip46_t const *)(key))->ip, data, params, f)) -extern s6_accessrules_result_t s6_accessrules_uidgid_cdb (uid_t, gid_t, struct cdb *, s6_accessrules_params_t *) ; +extern s6_accessrules_result_t s6_accessrules_uidgid_cdb (uid_t, gid_t, cdb const *, s6_accessrules_params_t *) ; extern s6_accessrules_result_t s6_accessrules_uidgid_fs (uid_t, gid_t, char const *, s6_accessrules_params_t *) ; #define s6_accessrules_ip4_cdb(ip4, c, params) s6_accessrules_keycheck_ip4(ip4, c, (params), &s6_accessrules_backend_cdb) #define s6_accessrules_ip4_fs(ip4, rulesdir, params) s6_accessrules_keycheck_ip4(ip4, rulesdir, (params), &s6_accessrules_backend_fs) diff --git a/src/libs6/s6_accessrules_backend_cdb.c b/src/libs6/s6_accessrules_backend_cdb.c index 4c454d1..49eca68 100644 --- a/src/libs6/s6_accessrules_backend_cdb.c +++ b/src/libs6/s6_accessrules_backend_cdb.c @@ -3,38 +3,44 @@ #include <string.h> #include <stdint.h> #include <errno.h> + #include <skalibs/uint16.h> #include <skalibs/cdb.h> #include <skalibs/stralloc.h> #include <s6/accessrules.h> -s6_accessrules_result_t s6_accessrules_backend_cdb (char const *key, size_t keylen, void *data, s6_accessrules_params_t *params) +s6_accessrules_result_t s6_accessrules_backend_cdb (char const *key, size_t keylen, void const *arg, s6_accessrules_params_t *params) { - struct cdb *c = data ; - size_t execbase ; - unsigned int n ; + cdb_data data ; + int wasnull = !params->env.s ; uint16_t envlen, execlen ; - int r = cdb_find(c, key, keylen) ; + cdb const *c = arg ; + cdb_reader reader = CDB_READER_ZERO ; + int r = cdb_find(c, &reader, &data, key, keylen) ; if (r < 0) return S6_ACCESSRULES_ERROR ; else if (!r) return S6_ACCESSRULES_NOTFOUND ; - n = cdb_datalen(c) ; - if (!n || n > 8197) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; - if (!stralloc_readyplus(¶ms->exec, n)) return S6_ACCESSRULES_ERROR ; - execbase = params->exec.len ; - if (cdb_read(c, params->exec.s + execbase, n, cdb_datapos(c)) < 0) return S6_ACCESSRULES_ERROR ; - if (params->exec.s[execbase] == 'D') return S6_ACCESSRULES_DENY ; - else if (params->exec.s[execbase] != 'A') return S6_ACCESSRULES_NOTFOUND ; - else if (n < 5) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; - uint16_unpack_big(params->exec.s + execbase + 1, &envlen) ; - if ((envlen > 4096) || (envlen + 5 > n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; - uint16_unpack_big(params->exec.s + execbase + 3 + envlen, &execlen) ; - if ((execlen > 4096) || (5 + envlen + execlen != n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; - if (!stralloc_catb(¶ms->env, params->exec.s + execbase + 3, envlen)) return S6_ACCESSRULES_ERROR ; - memcpy(params->exec.s + execbase, params->exec.s + execbase + 5 + envlen, execlen) ; + if (!data.len || data.len > 8197) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; + if (data.s[0] == 'D') return S6_ACCESSRULES_DENY ; + if (data.s[0] != 'A') return S6_ACCESSRULES_NOTFOUND ; + if (data.len < 5) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; + uint16_unpack_big(data.s + 1, &envlen) ; + if ((envlen > 4096) || (data.len - 5 < envlen)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; + uint16_unpack_big(data.s + 3 + envlen, &execlen) ; + if ((execlen > 4096) || (5 + envlen + execlen != data.len)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ; + if (envlen && !stralloc_catb(¶ms->env, data.s + 3, envlen)) return S6_ACCESSRULES_ERROR ; if (execlen) { - params->exec.len += execlen ; - params->exec.s[params->exec.len++] = 0 ; + if (!stralloc_readyplus(¶ms->exec, execlen + 1)) + { + if (envlen) + { + if (wasnull) stralloc_free(¶ms->env) ; + else params->env.len -= envlen ; + } + return S6_ACCESSRULES_ERROR ; + } + stralloc_catb(¶ms->exec, data.s + 5 + envlen, execlen) ; + stralloc_0(¶ms->exec) ; } return S6_ACCESSRULES_ALLOW ; } diff --git a/src/libs6/s6_accessrules_backend_fs.c b/src/libs6/s6_accessrules_backend_fs.c index aa1cfc6..1995757 100644 --- a/src/libs6/s6_accessrules_backend_fs.c +++ b/src/libs6/s6_accessrules_backend_fs.c @@ -8,9 +8,9 @@ #include <skalibs/djbunix.h> #include <s6/accessrules.h> -s6_accessrules_result_t s6_accessrules_backend_fs (char const *key, size_t keylen, void *data, s6_accessrules_params_t *params) +s6_accessrules_result_t s6_accessrules_backend_fs (char const *key, size_t keylen, void const *data, s6_accessrules_params_t *params) { - char *dir = data ; + char const *dir = data ; size_t dirlen = strlen(dir) ; size_t envbase = params->env.len ; int wasnull = !params->env.s ; diff --git a/src/libs6/s6_accessrules_keycheck_ip4.c b/src/libs6/s6_accessrules_keycheck_ip4.c index de402be..142be0e 100644 --- a/src/libs6/s6_accessrules_keycheck_ip4.c +++ b/src/libs6/s6_accessrules_keycheck_ip4.c @@ -5,7 +5,7 @@ #include <skalibs/fmtscan.h> #include <s6/accessrules.h> -s6_accessrules_result_t s6_accessrules_keycheck_ip4 (void const *key, void *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1) +s6_accessrules_result_t s6_accessrules_keycheck_ip4 (void const *key, void const *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1) { char fmt[IP4_FMT + UINT_FMT + 6] = "ip4/" ; uint32_t ip ; diff --git a/src/libs6/s6_accessrules_keycheck_ip6.c b/src/libs6/s6_accessrules_keycheck_ip6.c index 93418d3..5922db6 100644 --- a/src/libs6/s6_accessrules_keycheck_ip6.c +++ b/src/libs6/s6_accessrules_keycheck_ip6.c @@ -6,7 +6,7 @@ #include <skalibs/fmtscan.h> #include <s6/accessrules.h> -s6_accessrules_result_t s6_accessrules_keycheck_ip6 (void const *key, void *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1) +s6_accessrules_result_t s6_accessrules_keycheck_ip6 (void const *key, void const *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1) { char fmt[IP6_FMT + UINT_FMT + 6] = "ip6/" ; char ip6[16] ; diff --git a/src/libs6/s6_accessrules_keycheck_reversedns.c b/src/libs6/s6_accessrules_keycheck_reversedns.c index 34da90f..d0dac27 100644 --- a/src/libs6/s6_accessrules_keycheck_reversedns.c +++ b/src/libs6/s6_accessrules_keycheck_reversedns.c @@ -5,7 +5,7 @@ #include <skalibs/bytestr.h> #include <s6/accessrules.h> -s6_accessrules_result_t s6_accessrules_keycheck_reversedns (void const *key, void *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1) +s6_accessrules_result_t s6_accessrules_keycheck_reversedns (void const *key, void const *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1) { char const *name = key ; size_t len = strlen(name) ; diff --git a/src/libs6/s6_accessrules_keycheck_uidgid.c b/src/libs6/s6_accessrules_keycheck_uidgid.c index 573382c..4d8c079 100644 --- a/src/libs6/s6_accessrules_keycheck_uidgid.c +++ b/src/libs6/s6_accessrules_keycheck_uidgid.c @@ -6,7 +6,7 @@ #include <skalibs/types.h> #include <s6/accessrules.h> -s6_accessrules_result_t s6_accessrules_keycheck_uidgid (void const *key, void *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1) +s6_accessrules_result_t s6_accessrules_keycheck_uidgid (void const *key, void const *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1) { uidgid_t const *uidgid = key ; char fmt[4 + UINT64_FMT] = "uid/" ; diff --git a/src/libs6/s6_accessrules_uidgid_cdb.c b/src/libs6/s6_accessrules_uidgid_cdb.c index 707086e..d06b51b 100644 --- a/src/libs6/s6_accessrules_uidgid_cdb.c +++ b/src/libs6/s6_accessrules_uidgid_cdb.c @@ -2,7 +2,7 @@ #include <s6/accessrules.h> -s6_accessrules_result_t s6_accessrules_uidgid_cdb (uid_t uid, gid_t gid, struct cdb *c, s6_accessrules_params_t *params) +s6_accessrules_result_t s6_accessrules_uidgid_cdb (uid_t uid, gid_t gid, cdb const *c, s6_accessrules_params_t *params) { uidgid_t uidgid = { .left = uid, .right = gid } ; return s6_accessrules_keycheck_uidgid(&uidgid, c, params, &s6_accessrules_backend_cdb) ; |