mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-10-28 20:25:25 +03:00
Merge pull request #7486 from keszybz/coverity-fixes
Fixes for issues spotted by coverity (and some cleanups)
This commit is contained in:
commit
4de8d3f59e
@ -62,10 +62,7 @@ static BOOLEAN shim_validate(VOID *data, UINT32 size) {
|
||||
if (!shim_lock)
|
||||
return FALSE;
|
||||
|
||||
if (shim_lock->shim_verify(data, size) == EFI_SUCCESS)
|
||||
return TRUE;
|
||||
|
||||
return FALSE;
|
||||
return shim_lock->shim_verify(data, size) == EFI_SUCCESS;
|
||||
}
|
||||
|
||||
BOOLEAN secure_boot_enabled(void) {
|
||||
@ -162,7 +159,7 @@ static EFIAPI EFI_STATUS security_policy_authentication (const EFI_SECURITY_PROT
|
||||
EFI_DEVICE_PATH *dev_path;
|
||||
EFI_HANDLE h;
|
||||
EFI_FILE *root;
|
||||
VOID *file_buffer = NULL;
|
||||
CHAR8 *file_buffer = NULL;
|
||||
UINTN file_size;
|
||||
CHAR16 *dev_path_str;
|
||||
|
||||
@ -182,18 +179,16 @@ static EFIAPI EFI_STATUS security_policy_authentication (const EFI_SECURITY_PROT
|
||||
dev_path_str = DevicePathToStr(dev_path);
|
||||
FreePool(dev_path);
|
||||
|
||||
file_size = file_read(root, dev_path_str, 0, 0, file_buffer);
|
||||
file_size = file_read(root, dev_path_str, 0, 0, &file_buffer);
|
||||
FreePool(dev_path_str);
|
||||
uefi_call_wrapper(root->Close, 1, root);
|
||||
|
||||
if (shim_validate(file_buffer, file_size))
|
||||
status = EFI_SUCCESS;
|
||||
|
||||
FreePool(file_buffer);
|
||||
|
||||
/* Try using the platform's native policy.... */
|
||||
if (status != EFI_SUCCESS)
|
||||
else
|
||||
/* Try using the platform's native policy.... */
|
||||
status = uefi_call_wrapper(esfas, 3, this, authentication_status, device_path_const);
|
||||
FreePool(file_buffer);
|
||||
|
||||
return status;
|
||||
}
|
||||
@ -208,9 +203,9 @@ EFI_STATUS security_policy_install(void) {
|
||||
return EFI_ALREADY_STARTED;
|
||||
|
||||
/*
|
||||
* Don't bother with status here. The call is allowed
|
||||
* to fail, since SECURITY2 was introduced in PI 1.2.1
|
||||
* If it fails, use security2_protocol == NULL as indicator
|
||||
* Don't bother with status here. The call is allowed
|
||||
* to fail, since SECURITY2 was introduced in PI 1.2.1.
|
||||
* Use security2_protocol == NULL as indicator.
|
||||
*/
|
||||
uefi_call_wrapper(BS->LocateProtocol, 3, (EFI_GUID*) &security2_protocol_guid, NULL, (VOID**) &security2_protocol);
|
||||
|
||||
@ -219,14 +214,14 @@ EFI_STATUS security_policy_install(void) {
|
||||
if (status != EFI_SUCCESS)
|
||||
return status;
|
||||
|
||||
if (!security2_protocol) {
|
||||
esfas = security_protocol->FileAuthenticationState;
|
||||
security_protocol->FileAuthenticationState = security_policy_authentication;
|
||||
|
||||
if (security2_protocol) {
|
||||
es2fa = security2_protocol->FileAuthentication;
|
||||
security2_protocol->FileAuthentication = security2_policy_authentication;
|
||||
}
|
||||
|
||||
esfas = security_protocol->FileAuthenticationState;
|
||||
security_protocol->FileAuthenticationState = security_policy_authentication;
|
||||
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
||||
|
@ -2904,7 +2904,7 @@ static int syscall_filter_parse_one(
|
||||
set = syscall_filter_set_find(t);
|
||||
if (!set) {
|
||||
if (warn)
|
||||
log_syntax(unit, LOG_WARNING, filename, line, 0, "Don't know system call group, ignoring: %s", t);
|
||||
log_syntax(unit, LOG_WARNING, filename, line, 0, "Unknown system call group, ignoring: %s", t);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -2924,7 +2924,7 @@ static int syscall_filter_parse_one(
|
||||
}
|
||||
|
||||
/* If we previously wanted to forbid a syscall and now
|
||||
* we want to allow it, then remove it from the list
|
||||
* we want to allow it, then remove it from the list.
|
||||
*/
|
||||
if (!invert == c->syscall_whitelist) {
|
||||
r = hashmap_put(c->syscall_filter, INT_TO_PTR(id + 1), INT_TO_PTR(errno_num));
|
||||
|
@ -1237,7 +1237,7 @@ static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
|
||||
|
||||
/* Get current RLIMIT_NOFILE maximum compiled into the kernel. */
|
||||
r = read_one_line_file("/proc/sys/fs/nr_open", &nr_open);
|
||||
if (r == 0)
|
||||
if (r >= 0)
|
||||
r = safe_atoi(nr_open, &min_max);
|
||||
/* If we fail, fallback to the hard-coded kernel limit of 1024 * 1024. */
|
||||
if (r < 0)
|
||||
|
@ -159,7 +159,7 @@ static int swap_list_get(MountPoint **head) {
|
||||
|
||||
for (i = 2;; i++) {
|
||||
MountPoint *swap;
|
||||
char *dev = NULL, *d;
|
||||
_cleanup_free_ char *dev = NULL, *d = NULL;
|
||||
int k;
|
||||
|
||||
k = fscanf(proc_swaps,
|
||||
@ -175,27 +175,21 @@ static int swap_list_get(MountPoint **head) {
|
||||
break;
|
||||
|
||||
log_warning("Failed to parse /proc/swaps:%u.", i);
|
||||
free(dev);
|
||||
continue;
|
||||
}
|
||||
|
||||
if (endswith(dev, " (deleted)")) {
|
||||
free(dev);
|
||||
if (endswith(dev, " (deleted)"))
|
||||
continue;
|
||||
}
|
||||
|
||||
r = cunescape(dev, UNESCAPE_RELAX, &d);
|
||||
free(dev);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
swap = new0(MountPoint, 1);
|
||||
if (!swap) {
|
||||
free(d);
|
||||
if (!swap)
|
||||
return -ENOMEM;
|
||||
}
|
||||
|
||||
swap->path = d;
|
||||
free_and_replace(swap->path, d);
|
||||
LIST_PREPEND(mount_point, *head, swap);
|
||||
}
|
||||
|
||||
|
@ -262,7 +262,7 @@ static int radv_recv(sd_event_source *s, int fd, uint32_t revents, void *userdat
|
||||
unsigned char buf[168];
|
||||
size_t i;
|
||||
|
||||
read(test_fd[0], &buf, sizeof(buf));
|
||||
assert_se(read(test_fd[0], &buf, sizeof(buf)) == sizeof(buf));
|
||||
|
||||
/* router lifetime must be zero when test is stopped */
|
||||
if (test_stopped) {
|
||||
|
@ -33,6 +33,7 @@
|
||||
#include "sd-resolve.h"
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "dns-domain.h"
|
||||
#include "fd-util.h"
|
||||
#include "io-util.h"
|
||||
#include "list.h"
|
||||
@ -812,25 +813,36 @@ static int handle_response(sd_resolve *resolve, const Packet *packet, size_t len
|
||||
assert(length >= sizeof(NameInfoResponse));
|
||||
assert(q->type == REQUEST_NAMEINFO);
|
||||
|
||||
q->ret = ni_resp->ret;
|
||||
q->_errno = ni_resp->_errno;
|
||||
q->_h_errno = ni_resp->_h_errno;
|
||||
if (ni_resp->hostlen > DNS_HOSTNAME_MAX ||
|
||||
ni_resp->servlen > DNS_HOSTNAME_MAX ||
|
||||
sizeof(NameInfoResponse) + ni_resp->hostlen + ni_resp->servlen > length + 2) {
|
||||
q->ret = EAI_SYSTEM;
|
||||
q->_errno = -EIO;
|
||||
q->_h_errno = 0;
|
||||
|
||||
if (ni_resp->hostlen > 0) {
|
||||
q->host = strndup((const char*) ni_resp + sizeof(NameInfoResponse), ni_resp->hostlen-1);
|
||||
if (!q->host) {
|
||||
q->ret = EAI_MEMORY;
|
||||
q->_errno = ENOMEM;
|
||||
q->_h_errno = 0;
|
||||
} else {
|
||||
q->ret = ni_resp->ret;
|
||||
q->_errno = ni_resp->_errno;
|
||||
q->_h_errno = ni_resp->_h_errno;
|
||||
|
||||
if (ni_resp->hostlen > 0) {
|
||||
q->host = strndup((const char*) ni_resp + sizeof(NameInfoResponse),
|
||||
ni_resp->hostlen-1);
|
||||
if (!q->host) {
|
||||
q->ret = EAI_MEMORY;
|
||||
q->_errno = ENOMEM;
|
||||
q->_h_errno = 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (ni_resp->servlen > 0) {
|
||||
q->serv = strndup((const char*) ni_resp + sizeof(NameInfoResponse) + ni_resp->hostlen, ni_resp->servlen-1);
|
||||
if (!q->serv) {
|
||||
q->ret = EAI_MEMORY;
|
||||
q->_errno = ENOMEM;
|
||||
q->_h_errno = 0;
|
||||
if (ni_resp->servlen > 0) {
|
||||
q->serv = strndup((const char*) ni_resp + sizeof(NameInfoResponse) + ni_resp->hostlen,
|
||||
ni_resp->servlen-1);
|
||||
if (!q->serv) {
|
||||
q->ret = EAI_MEMORY;
|
||||
q->_errno = ENOMEM;
|
||||
q->_h_errno = 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -156,6 +156,12 @@ if conf.get('ENABLE_NETWORKD') == 1
|
||||
libshared],
|
||||
[threads]],
|
||||
|
||||
[['src/network/test-routing-policy-rule.c'],
|
||||
[libnetworkd_core,
|
||||
libsystemd_network,
|
||||
libudev],
|
||||
[]],
|
||||
|
||||
[['src/network/test-network-tables.c',
|
||||
'src/network/test-network-tables.c',
|
||||
test_tables_h],
|
||||
|
@ -151,9 +151,6 @@ int manager_connect_bus(Manager *m) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
r = sd_bus_add_match(m->bus, &m->prepare_for_sleep_slot,
|
||||
"type='signal',"
|
||||
"sender='org.freedesktop.login1',"
|
||||
@ -471,7 +468,7 @@ int manager_rtnl_process_route(sd_netlink *rtnl, sd_netlink_message *message, vo
|
||||
return 0;
|
||||
}
|
||||
|
||||
route_update(route, &src, src_prefixlen, &gw, &prefsrc, scope, rt_type, protocol);
|
||||
route_update(route, &src, src_prefixlen, &gw, &prefsrc, scope, protocol, rt_type);
|
||||
|
||||
break;
|
||||
|
||||
@ -1004,8 +1001,6 @@ static void print_string_set(FILE *f, const char *field, OrderedSet *s) {
|
||||
|
||||
static int manager_save(Manager *m) {
|
||||
_cleanup_ordered_set_free_free_ OrderedSet *dns = NULL, *ntp = NULL, *search_domains = NULL, *route_domains = NULL;
|
||||
RoutingPolicyRule *rule = NULL;
|
||||
bool space = false;
|
||||
Link *link;
|
||||
Iterator i;
|
||||
_cleanup_free_ char *temp_path = NULL;
|
||||
@ -1130,31 +1125,9 @@ static int manager_save(Manager *m) {
|
||||
print_string_set(f, "DOMAINS=", search_domains);
|
||||
print_string_set(f, "ROUTE_DOMAINS=", route_domains);
|
||||
|
||||
SET_FOREACH(rule, m->rules, i) {
|
||||
_cleanup_free_ char *from_str = NULL, *to_str = NULL;
|
||||
fputs("RULE=", f);
|
||||
|
||||
if (!in_addr_is_null(rule->family, &rule->from)) {
|
||||
r = in_addr_to_string(rule->family, &rule->from, &from_str);
|
||||
if (r < 0)
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (!in_addr_is_null(rule->family, &rule->to)) {
|
||||
r = in_addr_to_string(rule->family, &rule->to, &to_str);
|
||||
if (r < 0)
|
||||
goto fail;
|
||||
}
|
||||
|
||||
fprintf(f, "from=%s%s/%hhu to=%s%s/%hhu tos=%hhu fwmark=%"PRIu32"/%"PRIu32" table=%"PRIu32,
|
||||
space ? " " : "", from_str, rule->from_prefixlen,
|
||||
space ? " " : "", to_str, rule->to_prefixlen,
|
||||
rule->tos,
|
||||
rule->fwmark, rule->fwmask,
|
||||
rule->table);
|
||||
|
||||
fputc('\n', f);
|
||||
}
|
||||
r = routing_policy_serialize_rules(m->rules, f);
|
||||
if (r < 0)
|
||||
goto fail;
|
||||
|
||||
r = fflush_and_check(f);
|
||||
if (r < 0)
|
||||
@ -1241,7 +1214,7 @@ int manager_new(Manager **ret, sd_event *event) {
|
||||
|
||||
m->duid.type = DUID_TYPE_EN;
|
||||
|
||||
(void) routing_policy_rule_load(m);
|
||||
(void) routing_policy_load_rules(m->state_file, &m->rules_saved);
|
||||
|
||||
*ret = m;
|
||||
m = NULL;
|
||||
|
@ -368,7 +368,7 @@ int route_add(
|
||||
return 0;
|
||||
}
|
||||
|
||||
int route_update(Route *route,
|
||||
void route_update(Route *route,
|
||||
const union in_addr_union *src,
|
||||
unsigned char src_prefixlen,
|
||||
const union in_addr_union *gw,
|
||||
@ -389,8 +389,6 @@ int route_update(Route *route,
|
||||
route->scope = scope;
|
||||
route->protocol = protocol;
|
||||
route->type = type;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int route_remove(Route *route, Link *link,
|
||||
|
@ -64,7 +64,7 @@ int route_remove(Route *route, Link *link, sd_netlink_message_handler_t callback
|
||||
int route_get(Link *link, int family, const union in_addr_union *dst, unsigned char dst_prefixlen, unsigned char tos, uint32_t priority, uint32_t table, Route **ret);
|
||||
int route_add(Link *link, int family, const union in_addr_union *dst, unsigned char dst_prefixlen, unsigned char tos, uint32_t priority, uint32_t table, Route **ret);
|
||||
int route_add_foreign(Link *link, int family, const union in_addr_union *dst, unsigned char dst_prefixlen, unsigned char tos, uint32_t priority, uint32_t table, Route **ret);
|
||||
int route_update(Route *route, const union in_addr_union *src, unsigned char src_prefixlen, const union in_addr_union *gw, const union in_addr_union *prefsrc, unsigned char scope, unsigned char protocol, unsigned char type);
|
||||
void route_update(Route *route, const union in_addr_union *src, unsigned char src_prefixlen, const union in_addr_union *gw, const union in_addr_union *prefsrc, unsigned char scope, unsigned char protocol, unsigned char type);
|
||||
|
||||
int route_expire_handler(sd_event_source *s, uint64_t usec, void *userdata);
|
||||
|
||||
|
@ -836,7 +836,7 @@ int config_parse_routing_policy_rule_device(
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int routing_policy_rule_read_full_file(char *state_file, char **ret) {
|
||||
static int routing_policy_rule_read_full_file(const char *state_file, char **ret) {
|
||||
_cleanup_free_ char *s = NULL;
|
||||
size_t size;
|
||||
int r;
|
||||
@ -857,16 +857,87 @@ static int routing_policy_rule_read_full_file(char *state_file, char **ret) {
|
||||
return size;
|
||||
}
|
||||
|
||||
int routing_policy_rule_load(Manager *m) {
|
||||
int routing_policy_serialize_rules(Set *rules, FILE *f) {
|
||||
RoutingPolicyRule *rule = NULL;
|
||||
Iterator i;
|
||||
int r;
|
||||
|
||||
assert(f);
|
||||
|
||||
SET_FOREACH(rule, rules, i) {
|
||||
_cleanup_free_ char *from_str = NULL, *to_str = NULL;
|
||||
bool space = false;
|
||||
|
||||
fputs("RULE=", f);
|
||||
|
||||
if (!in_addr_is_null(rule->family, &rule->from)) {
|
||||
r = in_addr_to_string(rule->family, &rule->from, &from_str);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
fprintf(f, "from=%s/%hhu",
|
||||
from_str, rule->from_prefixlen);
|
||||
space = true;
|
||||
}
|
||||
|
||||
if (!in_addr_is_null(rule->family, &rule->to)) {
|
||||
r = in_addr_to_string(rule->family, &rule->to, &to_str);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
fprintf(f, "%sto=%s/%hhu",
|
||||
space ? " " : "",
|
||||
to_str, rule->to_prefixlen);
|
||||
space = true;
|
||||
}
|
||||
|
||||
if (rule->tos != 0) {
|
||||
fprintf(f, "%stos=%hhu",
|
||||
space ? " " : "",
|
||||
rule->tos);
|
||||
space = true;
|
||||
}
|
||||
|
||||
if (rule->fwmark != 0) {
|
||||
fprintf(f, "%sfwmark=%"PRIu32"/%"PRIu32,
|
||||
space ? " " : "",
|
||||
rule->fwmark, rule->fwmask);
|
||||
space = true;
|
||||
}
|
||||
|
||||
if (rule->iif) {
|
||||
fprintf(f, "%siif=%s",
|
||||
space ? " " : "",
|
||||
rule->iif);
|
||||
space = true;
|
||||
}
|
||||
|
||||
if (rule->oif) {
|
||||
fprintf(f, "%soif=%s",
|
||||
space ? " " : "",
|
||||
rule->oif);
|
||||
space = true;
|
||||
}
|
||||
|
||||
fprintf(f, "%stable=%"PRIu32 "\n",
|
||||
space ? " " : "",
|
||||
rule->table);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int routing_policy_load_rules(const char *state_file, Set **rules) {
|
||||
_cleanup_strv_free_ char **l = NULL;
|
||||
_cleanup_free_ char *data = NULL;
|
||||
const char *p;
|
||||
char **i;
|
||||
int r;
|
||||
|
||||
assert(m);
|
||||
assert(state_file);
|
||||
assert(rules);
|
||||
|
||||
r = routing_policy_rule_read_full_file(m->state_file, &data);
|
||||
r = routing_policy_rule_read_full_file(state_file, &data);
|
||||
if (r <= 0)
|
||||
return r;
|
||||
|
||||
@ -874,7 +945,7 @@ int routing_policy_rule_load(Manager *m) {
|
||||
if (!l)
|
||||
return -ENOMEM;
|
||||
|
||||
r = set_ensure_allocated(&m->rules_saved, &routing_policy_rule_hash_ops);
|
||||
r = set_ensure_allocated(rules, &routing_policy_rule_hash_ops);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
@ -885,9 +956,6 @@ int routing_policy_rule_load(Manager *m) {
|
||||
if (!p)
|
||||
continue;
|
||||
|
||||
p = strchr(*i, '=');
|
||||
p++;
|
||||
|
||||
r = routing_policy_rule_new(&rule);
|
||||
if (r < 0)
|
||||
return r;
|
||||
@ -942,25 +1010,24 @@ int routing_policy_rule_load(Manager *m) {
|
||||
}
|
||||
} else if (streq(a, "fwmark")) {
|
||||
|
||||
r = parse_fwmark_fwmask(a, &rule->fwmark, &rule->fwmask);
|
||||
r = parse_fwmark_fwmask(b, &rule->fwmark, &rule->fwmask);
|
||||
if (r < 0) {
|
||||
log_error_errno(r, "Failed to parse RPDB rule firewall mark or mask, ignoring: %s", a);
|
||||
continue;
|
||||
}
|
||||
} else if (streq(a, "IncomingInterface")) {
|
||||
} else if (streq(a, "iif")) {
|
||||
|
||||
rule->iif = strdup(a);
|
||||
if (!rule->iif)
|
||||
if (free_and_strdup(&rule->iif, b) < 0)
|
||||
return log_oom();
|
||||
} else if (streq(a, "OutgoingInterface")) {
|
||||
|
||||
rule->oif = strdup(a);
|
||||
if (!rule->oif)
|
||||
} else if (streq(a, "oif")) {
|
||||
|
||||
if (free_and_strdup(&rule->oif, b) < 0)
|
||||
return log_oom();
|
||||
}
|
||||
}
|
||||
|
||||
r = set_put(m->rules_saved, rule);
|
||||
r = set_put(*rules, rule);
|
||||
if (r < 0) {
|
||||
log_warning_errno(r, "Failed to add RPDB rule to saved DB, ignoring: %s", p);
|
||||
continue;
|
||||
|
@ -77,7 +77,8 @@ int routing_policy_rule_add_foreign(Manager *m, int family, const union in_addr_
|
||||
int routing_policy_rule_get(Manager *m, int family, const union in_addr_union *from, uint8_t from_prefixlen, const union in_addr_union *to, uint8_t to_prefixlen, uint8_t tos,
|
||||
uint32_t fwmark, uint32_t table, char *iif, char *oif, RoutingPolicyRule **ret);
|
||||
int routing_policy_rule_make_local(Manager *m, RoutingPolicyRule *rule);
|
||||
int routing_policy_rule_load(Manager *m);
|
||||
int routing_policy_serialize_rules(Set *rules, FILE *f);
|
||||
int routing_policy_load_rules(const char *state_file, Set **rules);
|
||||
void routing_policy_rule_purge(Manager *m, Link *link);
|
||||
|
||||
int config_parse_routing_policy_rule_tos(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data,void *userdata);
|
||||
|
@ -22,6 +22,7 @@
|
||||
#include "dhcp-lease-internal.h"
|
||||
#include "network-internal.h"
|
||||
#include "networkd-manager.h"
|
||||
#include "udev-util.h"
|
||||
|
||||
static void test_deserialize_in_addr(void) {
|
||||
_cleanup_free_ struct in_addr *addresses = NULL;
|
||||
@ -187,25 +188,22 @@ static void test_address_equality(void) {
|
||||
|
||||
int main(void) {
|
||||
_cleanup_manager_free_ Manager *manager = NULL;
|
||||
sd_event *event;
|
||||
struct udev *udev;
|
||||
struct udev_device *loopback;
|
||||
_cleanup_(sd_event_unrefp) sd_event *event = NULL;
|
||||
_cleanup_udev_unref_ struct udev *udev = NULL;
|
||||
_cleanup_udev_device_unref_ struct udev_device *loopback = NULL;
|
||||
int r;
|
||||
|
||||
test_deserialize_in_addr();
|
||||
test_deserialize_dhcp_routes();
|
||||
test_address_equality();
|
||||
|
||||
r = sd_event_default(&event);
|
||||
assert_se(r >= 0);
|
||||
assert_se(sd_event_default(&event) >= 0);
|
||||
|
||||
assert_se(manager_new(&manager, event) >= 0);
|
||||
|
||||
r = test_load_config(manager);
|
||||
if (r == -EPERM) {
|
||||
sd_event_unref(event);
|
||||
if (r == -EPERM)
|
||||
return EXIT_TEST_SKIP;
|
||||
}
|
||||
|
||||
udev = udev_new();
|
||||
assert_se(udev);
|
||||
@ -217,8 +215,4 @@ int main(void) {
|
||||
test_network_get(manager, loopback);
|
||||
|
||||
assert_se(manager_rtnl_enumerate_links(manager) >= 0);
|
||||
|
||||
udev_device_unref(loopback);
|
||||
udev_unref(udev);
|
||||
sd_event_unref(event);
|
||||
}
|
||||
|
104
src/network/test-routing-policy-rule.c
Normal file
104
src/network/test-routing-policy-rule.c
Normal file
@ -0,0 +1,104 @@
|
||||
/***
|
||||
SPDX-License-Identifier: LGPL-2.1+
|
||||
|
||||
This file is part of systemd.
|
||||
|
||||
Copyright 2017 Zbigniew Jędrzejewski-Szmek
|
||||
|
||||
systemd is free software; you can redistribute it and/or modify it
|
||||
under the terms of the GNU Lesser General Public License as published by
|
||||
the Free Software Foundation; either version 2.1 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
systemd is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
Lesser General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Lesser General Public License
|
||||
along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
||||
***/
|
||||
|
||||
#include "fd-util.h"
|
||||
#include "fileio.h"
|
||||
#include "log.h"
|
||||
#include "macro.h"
|
||||
#include "network-internal.h"
|
||||
#include "networkd-manager.h"
|
||||
#include "string-util.h"
|
||||
|
||||
static void test_rule_serialization(const char *title, const char *ruleset, const char *expected) {
|
||||
char pattern[] = "/tmp/systemd-test-routing-policy-rule.XXXXXX",
|
||||
pattern2[] = "/tmp/systemd-test-routing-policy-rule.XXXXXX",
|
||||
pattern3[] = "/tmp/systemd-test-routing-policy-rule.XXXXXX";
|
||||
const char *cmd;
|
||||
int fd, fd2, fd3;
|
||||
_cleanup_fclose_ FILE *f = NULL, *f2 = NULL, *f3 = NULL;
|
||||
_cleanup_set_free_free_ Set *rules = NULL;
|
||||
_cleanup_free_ char *buf = NULL;
|
||||
size_t buf_size;
|
||||
|
||||
log_info("========== %s ==========", title);
|
||||
log_info("put:\n%s\n", ruleset);
|
||||
|
||||
assert_se((fd = mkostemp_safe(pattern)) >= 0);
|
||||
assert_se(f = fdopen(fd, "a+e"));
|
||||
assert_se(write_string_stream(f, ruleset, 0) == 0);
|
||||
|
||||
assert_se(routing_policy_load_rules(pattern, &rules) == 0);
|
||||
|
||||
assert_se((fd2 = mkostemp_safe(pattern2)) >= 0);
|
||||
assert_se(f2 = fdopen(fd2, "a+e"));
|
||||
|
||||
assert_se(routing_policy_serialize_rules(rules, f2) == 0);
|
||||
assert_se(fflush_and_check(f2) == 0);
|
||||
|
||||
assert_se(read_full_file(pattern2, &buf, &buf_size) == 0);
|
||||
|
||||
log_info("got:\n%s", buf);
|
||||
|
||||
assert_se((fd3 = mkostemp_safe(pattern3)) >= 0);
|
||||
assert_se(f3 = fdopen(fd3, "we"));
|
||||
assert_se(write_string_stream(f3, expected ?: ruleset, 0) == 0);
|
||||
|
||||
cmd = strjoina("diff -u ", pattern3, " ", pattern2);
|
||||
log_info("$ %s", cmd);
|
||||
assert_se(system(cmd) == 0);
|
||||
}
|
||||
|
||||
int main(int argc, char **argv) {
|
||||
_cleanup_free_ char *p = NULL;
|
||||
|
||||
log_set_max_level(LOG_DEBUG);
|
||||
log_parse_environment();
|
||||
log_open();
|
||||
|
||||
test_rule_serialization("basic parsing",
|
||||
"RULE=from=1.2.3.4/32 to=2.3.4.5/32 tos=5 fwmark=1/2 table=10", NULL);
|
||||
|
||||
test_rule_serialization("ignored values",
|
||||
"RULE=something=to=ignore from=1.2.3.4/32 from=1.2.3.4/32"
|
||||
" \t to=2.3.4.5/24 to=2.3.4.5/32 tos=5 fwmark=2 fwmark=1 table=10 table=20",
|
||||
"RULE=from=1.2.3.4/32"
|
||||
" to=2.3.4.5/32 tos=5 fwmark=1/0 table=20");
|
||||
|
||||
test_rule_serialization("ipv6",
|
||||
"RULE=from=1::2/64 to=2::3/64 table=6", NULL);
|
||||
|
||||
assert_se(asprintf(&p, "RULE=from=1::2/64 to=2::3/64 table=%d", RT_TABLE_MAIN) >= 0);
|
||||
test_rule_serialization("default table",
|
||||
"RULE=from=1::2/64 to=2::3/64", p);
|
||||
|
||||
test_rule_serialization("incoming interface",
|
||||
"RULE=from=1::2/64 to=2::3/64 table=1 iif=lo",
|
||||
"RULE=from=1::2/64 to=2::3/64 iif=lo table=1");
|
||||
|
||||
test_rule_serialization("outgoing interface",
|
||||
"RULE=from=1::2/64 to=2::3/64 oif=eth0 table=1", NULL);
|
||||
|
||||
test_rule_serialization("freeing interface names",
|
||||
"RULE=from=1::2/64 to=2::3/64 iif=e0 iif=e1 oif=e0 oif=e1 table=1",
|
||||
"RULE=from=1::2/64 to=2::3/64 iif=e1 oif=e1 table=1");
|
||||
|
||||
return 0;
|
||||
}
|
@ -861,6 +861,9 @@ static int decrypt_partition(
|
||||
if (!streq(m->fstype, "crypto_LUKS"))
|
||||
return 0;
|
||||
|
||||
if (!passphrase)
|
||||
return -ENOKEY;
|
||||
|
||||
r = make_dm_name_and_node(m->node, "-decrypted", &name, &node);
|
||||
if (r < 0)
|
||||
return r;
|
||||
@ -1006,9 +1009,6 @@ int dissected_image_decrypt(
|
||||
}
|
||||
|
||||
#if HAVE_LIBCRYPTSETUP
|
||||
if (m->encrypted && !passphrase)
|
||||
return -ENOKEY;
|
||||
|
||||
d = new0(DecryptedImage, 1);
|
||||
if (!d)
|
||||
return -ENOMEM;
|
||||
|
@ -104,7 +104,7 @@ static void test_open_serialization_fd(void) {
|
||||
fd = open_serialization_fd("test");
|
||||
assert_se(fd >= 0);
|
||||
|
||||
write(fd, "test\n", 5);
|
||||
assert_se(write(fd, "test\n", 5) == 5);
|
||||
}
|
||||
|
||||
static void test_acquire_data_fd_one(unsigned flags) {
|
||||
|
@ -110,27 +110,27 @@ static void test_read_etc_hostname(void) {
|
||||
close(fd);
|
||||
|
||||
/* simple hostname */
|
||||
write_string_file(path, "foo", WRITE_STRING_FILE_CREATE);
|
||||
assert_se(write_string_file(path, "foo", WRITE_STRING_FILE_CREATE) == 0);
|
||||
assert_se(read_etc_hostname(path, &hostname) == 0);
|
||||
assert_se(streq(hostname, "foo"));
|
||||
hostname = mfree(hostname);
|
||||
|
||||
/* with comment */
|
||||
write_string_file(path, "# comment\nfoo", WRITE_STRING_FILE_CREATE);
|
||||
assert_se(write_string_file(path, "# comment\nfoo", WRITE_STRING_FILE_CREATE) == 0);
|
||||
assert_se(read_etc_hostname(path, &hostname) == 0);
|
||||
assert_se(hostname);
|
||||
assert_se(streq(hostname, "foo"));
|
||||
hostname = mfree(hostname);
|
||||
|
||||
/* with comment and extra whitespace */
|
||||
write_string_file(path, "# comment\n\n foo ", WRITE_STRING_FILE_CREATE);
|
||||
assert_se(write_string_file(path, "# comment\n\n foo ", WRITE_STRING_FILE_CREATE) == 0);
|
||||
assert_se(read_etc_hostname(path, &hostname) == 0);
|
||||
assert_se(hostname);
|
||||
assert_se(streq(hostname, "foo"));
|
||||
hostname = mfree(hostname);
|
||||
|
||||
/* cleans up name */
|
||||
write_string_file(path, "!foo/bar.com", WRITE_STRING_FILE_CREATE);
|
||||
assert_se(write_string_file(path, "!foo/bar.com", WRITE_STRING_FILE_CREATE) == 0);
|
||||
assert_se(read_etc_hostname(path, &hostname) == 0);
|
||||
assert_se(hostname);
|
||||
assert_se(streq(hostname, "foobar.com"));
|
||||
@ -138,7 +138,7 @@ static void test_read_etc_hostname(void) {
|
||||
|
||||
/* no value set */
|
||||
hostname = (char*) 0x1234;
|
||||
write_string_file(path, "# nothing here\n", WRITE_STRING_FILE_CREATE);
|
||||
assert_se(write_string_file(path, "# nothing here\n", WRITE_STRING_FILE_CREATE) == 0);
|
||||
assert_se(read_etc_hostname(path, &hostname) == -ENOENT);
|
||||
assert_se(hostname == (char*) 0x1234); /* does not touch argument on error */
|
||||
|
||||
|
@ -425,7 +425,7 @@ static void test_rename_process_multi(void) {
|
||||
/* child */
|
||||
test_rename_process_now("one", 1);
|
||||
test_rename_process_now("more", 0); /* longer than "one", hence truncated */
|
||||
setresuid(99, 99, 99);
|
||||
(void) setresuid(99, 99, 99); /* change uid when running privileged */
|
||||
test_rename_process_now("time!", 0);
|
||||
test_rename_process_now("0", 1); /* shorter than "one", should fit */
|
||||
test_rename_process_one("", -EINVAL);
|
||||
|
@ -145,12 +145,12 @@ static int adm_monitor(struct udev *udev, int argc, char *argv[]) {
|
||||
/* set signal handlers */
|
||||
act.sa_handler = sig_handler;
|
||||
act.sa_flags = SA_RESTART;
|
||||
sigaction(SIGINT, &act, NULL);
|
||||
sigaction(SIGTERM, &act, NULL);
|
||||
sigemptyset(&mask);
|
||||
sigaddset(&mask, SIGINT);
|
||||
sigaddset(&mask, SIGTERM);
|
||||
sigprocmask(SIG_UNBLOCK, &mask, NULL);
|
||||
assert_se(sigaction(SIGINT, &act, NULL) == 0);
|
||||
assert_se(sigaction(SIGTERM, &act, NULL) == 0);
|
||||
assert_se(sigemptyset(&mask) == 0);
|
||||
assert_se(sigaddset(&mask, SIGINT) == 0);
|
||||
assert_se(sigaddset(&mask, SIGTERM) == 0);
|
||||
assert_se(sigprocmask(SIG_UNBLOCK, &mask, NULL) == 0);
|
||||
|
||||
/* Callers are expecting to see events as they happen: Line buffering */
|
||||
setlinebuf(stdout);
|
||||
|
Loading…
Reference in New Issue
Block a user