mirror of
https://github.com/systemd/systemd.git
synced 2025-01-25 10:04:04 +03:00
fileio: beef up READ_FULL_FILE_CONNECT_SOCKET to allow setting sender socket name
This beefs up the READ_FULL_FILE_CONNECT_SOCKET logic of read_full_file_full() a bit: when used a sender socket name may be specified. If specified as NULL behaviour is as before: the client socket name is picked by the kernel. But if specified as non-NULL the client can pick a socket name to use when connecting. This is useful to communicate a minimal amount of metainformation from client to server, outside of the transport payload. Specifically, these beefs up the service credential logic to pass an abstract AF_UNIX socket name as client socket name when connecting via READ_FULL_FILE_CONNECT_SOCKET, that includes the requesting unit name and the eventual credential name. This allows servers implementing the trivial credential socket logic to distinguish clients: via a simple getpeername() it can be determined which unit is requesting a credential, and which credential specifically. Example: with this patch in place, in a unit file "waldo.service" a configuration line like the following: LoadCredential=foo:/run/quux/creds.sock will result in a connection to the AF_UNIX socket /run/quux/creds.sock, originating from an abstract namespace AF_UNIX socket: @$RANDOM/unit/waldo.service/foo (The $RANDOM is replaced by some randomized string. This is included in the socket name order to avoid namespace squatting issues: the abstract socket namespace is open to unprivileged users after all, and care needs to be taken not to use guessable names) The services listening on the /run/quux/creds.sock socket may thus easily retrieve the name of the unit the credential is requested for plus the credential name, via a simpler getpeername(), discarding the random preifx and the /unit/ string. This logic uses "/" as separator between the fields, since both unit names and credential names appear in the file system, and thus are designed to use "/" as outer separators. Given that it's a good safe choice to use as separators here, too avoid any conflicts. This is a minimal patch only: the new logic is used only for the unit file credential logic. For other places where we use READ_FULL_FILE_CONNECT_SOCKET it is probably a good idea to use this scheme too, but this should be done carefully in later patches, since the socket names become API that way, and we should determine the right amount of info to pass over.
This commit is contained in:
parent
ff640bd2e1
commit
d3dcf4e3b9
@ -2706,15 +2706,16 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy
|
|||||||
credential plus a file system path. The ID must be a short ASCII string suitable as filename in the
|
credential plus a file system path. The ID must be a short ASCII string suitable as filename in the
|
||||||
filesystem, and may be chosen freely by the user. If the specified path is absolute it is opened as
|
filesystem, and may be chosen freely by the user. If the specified path is absolute it is opened as
|
||||||
regular file and the credential data is read from it. If the absolute path refers to an
|
regular file and the credential data is read from it. If the absolute path refers to an
|
||||||
<constant>AF_UNIX</constant> stream socket in the file system a connection is made to it and the
|
<constant>AF_UNIX</constant> stream socket in the file system a connection is made to it (only once
|
||||||
credential data read from the connection, providing an easy IPC integration point for dynamically
|
at unit start-up) and the credential data read from the connection, providing an easy IPC integration
|
||||||
providing credentials from other services. If the specified path is not absolute and itself qualifies
|
point for dynamically providing credentials from other services. If the specified path is not
|
||||||
as valid credential identifier it is understood to refer to a credential that the service manager
|
absolute and itself qualifies as valid credential identifier it is understood to refer to a
|
||||||
itself received via the <varname>$CREDENTIALS_DIRECTORY</varname> environment variable, which may be
|
credential that the service manager itself received via the <varname>$CREDENTIALS_DIRECTORY</varname>
|
||||||
used to propagate credentials from an invoking environment (e.g. a container manager that invoked the
|
environment variable, which may be used to propagate credentials from an invoking environment (e.g. a
|
||||||
service manager) into a service. The contents of the file/socket may be arbitrary binary or textual
|
container manager that invoked the service manager) into a service. The contents of the file/socket
|
||||||
data, including newline characters and NUL bytes. This option may be used multiple times, each time
|
may be arbitrary binary or textual data, including newline characters and <constant>NUL</constant>
|
||||||
defining an additional credential to pass to the unit.</para>
|
bytes. This option may be used multiple times, each time defining an additional credential to pass to
|
||||||
|
the unit.</para>
|
||||||
|
|
||||||
<para>The credential files/IPC sockets must be accessible to the service manager, but don't have to
|
<para>The credential files/IPC sockets must be accessible to the service manager, but don't have to
|
||||||
be directly accessible to the unit's processes: the credential data is read and copied into separate,
|
be directly accessible to the unit's processes: the credential data is read and copied into separate,
|
||||||
@ -2728,7 +2729,22 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy
|
|||||||
e.g. <literal>ExecStart=cat ${CREDENTIALS_DIRECTORY}/mycred</literal>.</para>
|
e.g. <literal>ExecStart=cat ${CREDENTIALS_DIRECTORY}/mycred</literal>.</para>
|
||||||
|
|
||||||
<para>Currently, an accumulated credential size limit of 1M bytes per unit is
|
<para>Currently, an accumulated credential size limit of 1M bytes per unit is
|
||||||
enforced.</para></listitem>
|
enforced.</para>
|
||||||
|
|
||||||
|
<para>If referencing an <constant>AF_UNIX</constant> stream socket to connect to, the connection will
|
||||||
|
originate from an abstract namespace socket, that includes information about the unit and the
|
||||||
|
credential ID in its socket name. Use <citerefentry
|
||||||
|
project='man-pages'><refentrytitle>getpeername</refentrytitle><manvolnum>2</manvolnum></citerefentry>
|
||||||
|
to query this information. The returned socket name is formatted as <constant>NUL</constant>
|
||||||
|
<replaceable>RANDOM</replaceable> <literal>/unit/</literal> <replaceable>UNIT</replaceable>
|
||||||
|
<literal>/</literal> <replaceable>ID</replaceable>, i.e. a <constant>NUL</constant> byte (as required
|
||||||
|
for abstract namespace socket names), followed by a random string (consisting of alphadecimal
|
||||||
|
characters), followed by the literal string <literal>/unit/</literal>, followed by the requesting
|
||||||
|
unit name, followed by the literal character <literal>/</literal>, followed by the textual credential
|
||||||
|
ID requested. Example: <literal>\0adf9d86b6eda275e/unit/foobar.service/credx</literal> in case the
|
||||||
|
credential <literal>credx</literal> is requested for a unit <literal>foobar.service</literal>. This
|
||||||
|
functionality is useful for using a single listening socket to serve credentials to multiple
|
||||||
|
consumers.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
|
@ -602,7 +602,13 @@ finalize:
|
|||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
int read_full_file_full(int dir_fd, const char *filename, ReadFullFileFlags flags, char **contents, size_t *size) {
|
int read_full_file_full(
|
||||||
|
int dir_fd,
|
||||||
|
const char *filename,
|
||||||
|
ReadFullFileFlags flags,
|
||||||
|
const char *bind_name,
|
||||||
|
char **contents, size_t *size) {
|
||||||
|
|
||||||
_cleanup_fclose_ FILE *f = NULL;
|
_cleanup_fclose_ FILE *f = NULL;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
@ -645,6 +651,20 @@ int read_full_file_full(int dir_fd, const char *filename, ReadFullFileFlags flag
|
|||||||
if (sk < 0)
|
if (sk < 0)
|
||||||
return -errno;
|
return -errno;
|
||||||
|
|
||||||
|
if (bind_name) {
|
||||||
|
/* If the caller specified a socket name to bind to, do so before connecting. This is
|
||||||
|
* useful to communicate some minor, short meta-information token from the client to
|
||||||
|
* the server. */
|
||||||
|
union sockaddr_union bsa;
|
||||||
|
|
||||||
|
r = sockaddr_un_set_path(&bsa.un, bind_name);
|
||||||
|
if (r < 0)
|
||||||
|
return r;
|
||||||
|
|
||||||
|
if (bind(sk, &bsa.sa, r) < 0)
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
if (connect(sk, &sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0)
|
if (connect(sk, &sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0)
|
||||||
return errno == ENOTSOCK ? -ENXIO : -errno; /* propagate original error if this is
|
return errno == ENOTSOCK ? -ENXIO : -errno; /* propagate original error if this is
|
||||||
* not a socket after all */
|
* not a socket after all */
|
||||||
|
@ -60,9 +60,9 @@ static inline int write_string_file(const char *fn, const char *line, WriteStrin
|
|||||||
int write_string_filef(const char *fn, WriteStringFileFlags flags, const char *format, ...) _printf_(3, 4);
|
int write_string_filef(const char *fn, WriteStringFileFlags flags, const char *format, ...) _printf_(3, 4);
|
||||||
|
|
||||||
int read_one_line_file(const char *filename, char **line);
|
int read_one_line_file(const char *filename, char **line);
|
||||||
int read_full_file_full(int dir_fd, const char *filename, ReadFullFileFlags flags, char **contents, size_t *size);
|
int read_full_file_full(int dir_fd, const char *filename, ReadFullFileFlags flags, const char *bind_name, char **contents, size_t *size);
|
||||||
static inline int read_full_file(const char *filename, char **contents, size_t *size) {
|
static inline int read_full_file(const char *filename, char **contents, size_t *size) {
|
||||||
return read_full_file_full(AT_FDCWD, filename, 0, contents, size);
|
return read_full_file_full(AT_FDCWD, filename, 0, NULL, contents, size);
|
||||||
}
|
}
|
||||||
int read_full_virtual_file(const char *filename, char **ret_contents, size_t *ret_size);
|
int read_full_virtual_file(const char *filename, char **ret_contents, size_t *ret_size);
|
||||||
int read_full_stream_full(FILE *f, const char *filename, ReadFullFileFlags flags, char **contents, size_t *size);
|
int read_full_stream_full(FILE *f, const char *filename, ReadFullFileFlags flags, char **contents, size_t *size);
|
||||||
|
@ -73,6 +73,7 @@
|
|||||||
#include "parse-util.h"
|
#include "parse-util.h"
|
||||||
#include "path-util.h"
|
#include "path-util.h"
|
||||||
#include "process-util.h"
|
#include "process-util.h"
|
||||||
|
#include "random-util.h"
|
||||||
#include "rlimit-util.h"
|
#include "rlimit-util.h"
|
||||||
#include "rm-rf.h"
|
#include "rm-rf.h"
|
||||||
#if HAVE_SECCOMP
|
#if HAVE_SECCOMP
|
||||||
@ -2509,6 +2510,7 @@ static int write_credential(
|
|||||||
static int acquire_credentials(
|
static int acquire_credentials(
|
||||||
const ExecContext *context,
|
const ExecContext *context,
|
||||||
const ExecParameters *params,
|
const ExecParameters *params,
|
||||||
|
const char *unit,
|
||||||
const char *p,
|
const char *p,
|
||||||
uid_t uid,
|
uid_t uid,
|
||||||
bool ownership_ok) {
|
bool ownership_ok) {
|
||||||
@ -2546,7 +2548,7 @@ static int acquire_credentials(
|
|||||||
STRV_FOREACH_PAIR(id, fn, context->load_credentials) {
|
STRV_FOREACH_PAIR(id, fn, context->load_credentials) {
|
||||||
ReadFullFileFlags flags = READ_FULL_FILE_SECURE;
|
ReadFullFileFlags flags = READ_FULL_FILE_SECURE;
|
||||||
_cleanup_(erase_and_freep) char *data = NULL;
|
_cleanup_(erase_and_freep) char *data = NULL;
|
||||||
_cleanup_free_ char *j = NULL;
|
_cleanup_free_ char *j = NULL, *bindname = NULL;
|
||||||
const char *source;
|
const char *source;
|
||||||
size_t size, add;
|
size_t size, add;
|
||||||
|
|
||||||
@ -2554,6 +2556,12 @@ static int acquire_credentials(
|
|||||||
/* If this is an absolute path, read the data directly from it, and support AF_UNIX sockets */
|
/* If this is an absolute path, read the data directly from it, and support AF_UNIX sockets */
|
||||||
source = *fn;
|
source = *fn;
|
||||||
flags |= READ_FULL_FILE_CONNECT_SOCKET;
|
flags |= READ_FULL_FILE_CONNECT_SOCKET;
|
||||||
|
|
||||||
|
/* Pass some minimal info about the unit and the credential name we are looking to acquire
|
||||||
|
* via the source socket address in case we read off an AF_UNIX socket. */
|
||||||
|
if (asprintf(&bindname, "@%" PRIx64"/unit/%s/%s", random_u64(), unit, *id) < 0)
|
||||||
|
return -ENOMEM;
|
||||||
|
|
||||||
} else if (params->received_credentials) {
|
} else if (params->received_credentials) {
|
||||||
/* If this is a relative path, take it relative to the credentials we received
|
/* If this is a relative path, take it relative to the credentials we received
|
||||||
* ourselves. We don't support the AF_UNIX stuff in this mode, since we are operating
|
* ourselves. We don't support the AF_UNIX stuff in this mode, since we are operating
|
||||||
@ -2566,8 +2574,9 @@ static int acquire_credentials(
|
|||||||
} else
|
} else
|
||||||
source = NULL;
|
source = NULL;
|
||||||
|
|
||||||
|
|
||||||
if (source)
|
if (source)
|
||||||
r = read_full_file_full(AT_FDCWD, source, flags, &data, &size);
|
r = read_full_file_full(AT_FDCWD, source, flags, bindname, &data, &size);
|
||||||
else
|
else
|
||||||
r = -ENOENT;
|
r = -ENOENT;
|
||||||
if (r == -ENOENT &&
|
if (r == -ENOENT &&
|
||||||
@ -2613,6 +2622,7 @@ static int acquire_credentials(
|
|||||||
static int setup_credentials_internal(
|
static int setup_credentials_internal(
|
||||||
const ExecContext *context,
|
const ExecContext *context,
|
||||||
const ExecParameters *params,
|
const ExecParameters *params,
|
||||||
|
const char *unit,
|
||||||
const char *final, /* This is where the credential store shall eventually end up at */
|
const char *final, /* This is where the credential store shall eventually end up at */
|
||||||
const char *workspace, /* This is where we can prepare it before moving it to the final place */
|
const char *workspace, /* This is where we can prepare it before moving it to the final place */
|
||||||
bool reuse_workspace, /* Whether to reuse any existing workspace mount if it already is a mount */
|
bool reuse_workspace, /* Whether to reuse any existing workspace mount if it already is a mount */
|
||||||
@ -2724,7 +2734,7 @@ static int setup_credentials_internal(
|
|||||||
assert(!must_mount || workspace_mounted > 0);
|
assert(!must_mount || workspace_mounted > 0);
|
||||||
where = workspace_mounted ? workspace : final;
|
where = workspace_mounted ? workspace : final;
|
||||||
|
|
||||||
r = acquire_credentials(context, params, where, uid, workspace_mounted);
|
r = acquire_credentials(context, params, unit, where, uid, workspace_mounted);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
@ -2824,6 +2834,7 @@ static int setup_credentials(
|
|||||||
r = setup_credentials_internal(
|
r = setup_credentials_internal(
|
||||||
context,
|
context,
|
||||||
params,
|
params,
|
||||||
|
unit,
|
||||||
p, /* final mount point */
|
p, /* final mount point */
|
||||||
u, /* temporary workspace to overmount */
|
u, /* temporary workspace to overmount */
|
||||||
true, /* reuse the workspace if it is already a mount */
|
true, /* reuse the workspace if it is already a mount */
|
||||||
@ -2861,6 +2872,7 @@ static int setup_credentials(
|
|||||||
r = setup_credentials_internal(
|
r = setup_credentials_internal(
|
||||||
context,
|
context,
|
||||||
params,
|
params,
|
||||||
|
unit,
|
||||||
p, /* final mount point */
|
p, /* final mount point */
|
||||||
"/dev/shm", /* temporary workspace to overmount */
|
"/dev/shm", /* temporary workspace to overmount */
|
||||||
false, /* do not reuse /dev/shm if it is already a mount, under no circumstances */
|
false, /* do not reuse /dev/shm if it is already a mount, under no circumstances */
|
||||||
|
@ -896,7 +896,7 @@ static int parse_argv(int argc, char *argv[]) {
|
|||||||
if (arg_key_pem)
|
if (arg_key_pem)
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
||||||
"Key file specified twice");
|
"Key file specified twice");
|
||||||
r = read_full_file_full(AT_FDCWD, optarg, READ_FULL_FILE_CONNECT_SOCKET, &arg_key_pem, NULL);
|
r = read_full_file_full(AT_FDCWD, optarg, READ_FULL_FILE_CONNECT_SOCKET, NULL, &arg_key_pem, NULL);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to read key file: %m");
|
return log_error_errno(r, "Failed to read key file: %m");
|
||||||
assert(arg_key_pem);
|
assert(arg_key_pem);
|
||||||
@ -906,7 +906,7 @@ static int parse_argv(int argc, char *argv[]) {
|
|||||||
if (arg_cert_pem)
|
if (arg_cert_pem)
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
||||||
"Certificate file specified twice");
|
"Certificate file specified twice");
|
||||||
r = read_full_file_full(AT_FDCWD, optarg, READ_FULL_FILE_CONNECT_SOCKET, &arg_cert_pem, NULL);
|
r = read_full_file_full(AT_FDCWD, optarg, READ_FULL_FILE_CONNECT_SOCKET, NULL, &arg_cert_pem, NULL);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to read certificate file: %m");
|
return log_error_errno(r, "Failed to read certificate file: %m");
|
||||||
assert(arg_cert_pem);
|
assert(arg_cert_pem);
|
||||||
@ -917,7 +917,7 @@ static int parse_argv(int argc, char *argv[]) {
|
|||||||
if (arg_trust_pem)
|
if (arg_trust_pem)
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
||||||
"CA certificate file specified twice");
|
"CA certificate file specified twice");
|
||||||
r = read_full_file_full(AT_FDCWD, optarg, READ_FULL_FILE_CONNECT_SOCKET, &arg_trust_pem, NULL);
|
r = read_full_file_full(AT_FDCWD, optarg, READ_FULL_FILE_CONNECT_SOCKET, NULL, &arg_trust_pem, NULL);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to read CA certificate file: %m");
|
return log_error_errno(r, "Failed to read CA certificate file: %m");
|
||||||
assert(arg_trust_pem);
|
assert(arg_trust_pem);
|
||||||
|
@ -1077,12 +1077,12 @@ static int parse_argv(int argc, char *argv[]) {
|
|||||||
static int load_certificates(char **key, char **cert, char **trust) {
|
static int load_certificates(char **key, char **cert, char **trust) {
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
r = read_full_file_full(AT_FDCWD, arg_key ?: PRIV_KEY_FILE, READ_FULL_FILE_CONNECT_SOCKET, key, NULL);
|
r = read_full_file_full(AT_FDCWD, arg_key ?: PRIV_KEY_FILE, READ_FULL_FILE_CONNECT_SOCKET, NULL, key, NULL);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to read key from file '%s': %m",
|
return log_error_errno(r, "Failed to read key from file '%s': %m",
|
||||||
arg_key ?: PRIV_KEY_FILE);
|
arg_key ?: PRIV_KEY_FILE);
|
||||||
|
|
||||||
r = read_full_file_full(AT_FDCWD, arg_cert ?: CERT_FILE, READ_FULL_FILE_CONNECT_SOCKET, cert, NULL);
|
r = read_full_file_full(AT_FDCWD, arg_cert ?: CERT_FILE, READ_FULL_FILE_CONNECT_SOCKET, NULL, cert, NULL);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to read certificate from file '%s': %m",
|
return log_error_errno(r, "Failed to read certificate from file '%s': %m",
|
||||||
arg_cert ?: CERT_FILE);
|
arg_cert ?: CERT_FILE);
|
||||||
@ -1090,7 +1090,7 @@ static int load_certificates(char **key, char **cert, char **trust) {
|
|||||||
if (arg_trust_all)
|
if (arg_trust_all)
|
||||||
log_info("Certificate checking disabled.");
|
log_info("Certificate checking disabled.");
|
||||||
else {
|
else {
|
||||||
r = read_full_file_full(AT_FDCWD, arg_trust ?: TRUST_FILE, READ_FULL_FILE_CONNECT_SOCKET, trust, NULL);
|
r = read_full_file_full(AT_FDCWD, arg_trust ?: TRUST_FILE, READ_FULL_FILE_CONNECT_SOCKET, NULL, trust, NULL);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to read CA certificate file '%s': %m",
|
return log_error_errno(r, "Failed to read CA certificate file '%s': %m",
|
||||||
arg_trust ?: TRUST_FILE);
|
arg_trust ?: TRUST_FILE);
|
||||||
|
@ -989,7 +989,7 @@ static int macsec_read_key_file(NetDev *netdev, SecurityAssociation *sa) {
|
|||||||
r = read_full_file_full(
|
r = read_full_file_full(
|
||||||
AT_FDCWD, sa->key_file,
|
AT_FDCWD, sa->key_file,
|
||||||
READ_FULL_FILE_SECURE | READ_FULL_FILE_UNHEX | READ_FULL_FILE_WARN_WORLD_READABLE | READ_FULL_FILE_CONNECT_SOCKET,
|
READ_FULL_FILE_SECURE | READ_FULL_FILE_UNHEX | READ_FULL_FILE_WARN_WORLD_READABLE | READ_FULL_FILE_CONNECT_SOCKET,
|
||||||
(char **) &key, &key_len);
|
NULL, (char **) &key, &key_len);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_netdev_error_errno(netdev, r,
|
return log_netdev_error_errno(netdev, r,
|
||||||
"Failed to read key from '%s', ignoring: %m",
|
"Failed to read key from '%s', ignoring: %m",
|
||||||
|
@ -871,7 +871,7 @@ static int wireguard_read_key_file(const char *filename, uint8_t dest[static WG_
|
|||||||
r = read_full_file_full(
|
r = read_full_file_full(
|
||||||
AT_FDCWD, filename,
|
AT_FDCWD, filename,
|
||||||
READ_FULL_FILE_SECURE | READ_FULL_FILE_UNBASE64 | READ_FULL_FILE_WARN_WORLD_READABLE | READ_FULL_FILE_CONNECT_SOCKET,
|
READ_FULL_FILE_SECURE | READ_FULL_FILE_UNBASE64 | READ_FULL_FILE_WARN_WORLD_READABLE | READ_FULL_FILE_CONNECT_SOCKET,
|
||||||
&key, &key_len);
|
NULL, &key, &key_len);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
|
@ -1589,7 +1589,7 @@ static int parse_argv(int argc, char *argv[]) {
|
|||||||
return log_oom();
|
return log_oom();
|
||||||
}
|
}
|
||||||
|
|
||||||
r = read_full_file_full(AT_FDCWD, j ?: p, flags, &data, &size);
|
r = read_full_file_full(AT_FDCWD, j ?: p, flags, NULL, &data, &size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to read credential '%s': %m", j ?: p);
|
return log_error_errno(r, "Failed to read credential '%s': %m", j ?: p);
|
||||||
|
|
||||||
|
@ -3630,7 +3630,7 @@ static int parse_argv(int argc, char *argv[]) {
|
|||||||
_cleanup_(erase_and_freep) char *k = NULL;
|
_cleanup_(erase_and_freep) char *k = NULL;
|
||||||
size_t n = 0;
|
size_t n = 0;
|
||||||
|
|
||||||
r = read_full_file_full(AT_FDCWD, optarg, READ_FULL_FILE_SECURE|READ_FULL_FILE_CONNECT_SOCKET, &k, &n);
|
r = read_full_file_full(AT_FDCWD, optarg, READ_FULL_FILE_SECURE|READ_FULL_FILE_CONNECT_SOCKET, NULL, &k, &n);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to read key file '%s': %m", optarg);
|
return log_error_errno(r, "Failed to read key file '%s': %m", optarg);
|
||||||
|
|
||||||
|
@ -2115,7 +2115,7 @@ int verity_settings_load(
|
|||||||
|
|
||||||
if (verity->root_hash && !verity->root_hash_sig) {
|
if (verity->root_hash && !verity->root_hash_sig) {
|
||||||
if (root_hash_sig_path) {
|
if (root_hash_sig_path) {
|
||||||
r = read_full_file_full(AT_FDCWD, root_hash_sig_path, 0, (char**) &root_hash_sig, &root_hash_sig_size);
|
r = read_full_file_full(AT_FDCWD, root_hash_sig_path, 0, NULL, (char**) &root_hash_sig, &root_hash_sig_size);
|
||||||
if (r < 0 && r != -ENOENT)
|
if (r < 0 && r != -ENOENT)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
@ -2131,7 +2131,7 @@ int verity_settings_load(
|
|||||||
if (!p)
|
if (!p)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
r = read_full_file_full(AT_FDCWD, p, 0, (char**) &root_hash_sig, &root_hash_sig_size);
|
r = read_full_file_full(AT_FDCWD, p, 0, NULL, (char**) &root_hash_sig, &root_hash_sig_size);
|
||||||
if (r < 0 && r != -ENOENT)
|
if (r < 0 && r != -ENOENT)
|
||||||
return r;
|
return r;
|
||||||
if (r >= 0)
|
if (r >= 0)
|
||||||
@ -2145,7 +2145,7 @@ int verity_settings_load(
|
|||||||
if (!p)
|
if (!p)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
r = read_full_file_full(AT_FDCWD, p, 0, (char**) &root_hash_sig, &root_hash_sig_size);
|
r = read_full_file_full(AT_FDCWD, p, 0, NULL, (char**) &root_hash_sig, &root_hash_sig_size);
|
||||||
if (r < 0 && r != -ENOENT)
|
if (r < 0 && r != -ENOENT)
|
||||||
return r;
|
return r;
|
||||||
if (r >= 0)
|
if (r >= 0)
|
||||||
|
@ -3195,7 +3195,7 @@ int json_parse_file_at(FILE *f, int dir_fd, const char *path, JsonParseFlags fla
|
|||||||
if (f)
|
if (f)
|
||||||
r = read_full_stream(f, &text, NULL);
|
r = read_full_stream(f, &text, NULL);
|
||||||
else if (path)
|
else if (path)
|
||||||
r = read_full_file_full(dir_fd, path, 0, &text, NULL);
|
r = read_full_file_full(dir_fd, path, 0, NULL, &text, NULL);
|
||||||
else
|
else
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
|
@ -15,6 +15,7 @@
|
|||||||
#include "io-util.h"
|
#include "io-util.h"
|
||||||
#include "parse-util.h"
|
#include "parse-util.h"
|
||||||
#include "process-util.h"
|
#include "process-util.h"
|
||||||
|
#include "random-util.h"
|
||||||
#include "rm-rf.h"
|
#include "rm-rf.h"
|
||||||
#include "socket-util.h"
|
#include "socket-util.h"
|
||||||
#include "string-util.h"
|
#include "string-util.h"
|
||||||
@ -863,7 +864,7 @@ static void test_read_nul_string(void) {
|
|||||||
static void test_read_full_file_socket(void) {
|
static void test_read_full_file_socket(void) {
|
||||||
_cleanup_(rm_rf_physical_and_freep) char *z = NULL;
|
_cleanup_(rm_rf_physical_and_freep) char *z = NULL;
|
||||||
_cleanup_close_ int listener = -1;
|
_cleanup_close_ int listener = -1;
|
||||||
_cleanup_free_ char *data = NULL;
|
_cleanup_free_ char *data = NULL, *clientname = NULL;
|
||||||
union sockaddr_union sa;
|
union sockaddr_union sa;
|
||||||
const char *j;
|
const char *j;
|
||||||
size_t size;
|
size_t size;
|
||||||
@ -883,23 +884,35 @@ static void test_read_full_file_socket(void) {
|
|||||||
assert_se(bind(listener, &sa.sa, SOCKADDR_UN_LEN(sa.un)) >= 0);
|
assert_se(bind(listener, &sa.sa, SOCKADDR_UN_LEN(sa.un)) >= 0);
|
||||||
assert_se(listen(listener, 1) >= 0);
|
assert_se(listen(listener, 1) >= 0);
|
||||||
|
|
||||||
|
/* Bind the *client* socket to some randomized name, to verify that this works correctly. */
|
||||||
|
assert_se(asprintf(&clientname, "@%" PRIx64 "/test-bindname", random_u64()) >= 0);
|
||||||
|
|
||||||
r = safe_fork("(server)", FORK_DEATHSIG|FORK_LOG, &pid);
|
r = safe_fork("(server)", FORK_DEATHSIG|FORK_LOG, &pid);
|
||||||
assert_se(r >= 0);
|
assert_se(r >= 0);
|
||||||
if (r == 0) {
|
if (r == 0) {
|
||||||
|
union sockaddr_union peer = {};
|
||||||
|
socklen_t peerlen = sizeof(peer);
|
||||||
_cleanup_close_ int rfd = -1;
|
_cleanup_close_ int rfd = -1;
|
||||||
/* child */
|
/* child */
|
||||||
|
|
||||||
rfd = accept4(listener, NULL, 0, SOCK_CLOEXEC);
|
rfd = accept4(listener, NULL, 0, SOCK_CLOEXEC);
|
||||||
assert_se(rfd >= 0);
|
assert_se(rfd >= 0);
|
||||||
|
|
||||||
|
assert_se(getpeername(rfd, &peer.sa, &peerlen) >= 0);
|
||||||
|
|
||||||
|
assert_se(peer.un.sun_family == AF_UNIX);
|
||||||
|
assert_se(peerlen > offsetof(struct sockaddr_un, sun_path));
|
||||||
|
assert_se(peer.un.sun_path[0] == 0);
|
||||||
|
assert_se(streq(peer.un.sun_path + 1, clientname + 1));
|
||||||
|
|
||||||
#define TEST_STR "This is a test\nreally."
|
#define TEST_STR "This is a test\nreally."
|
||||||
|
|
||||||
assert_se(write(rfd, TEST_STR, strlen(TEST_STR)) == strlen(TEST_STR));
|
assert_se(write(rfd, TEST_STR, strlen(TEST_STR)) == strlen(TEST_STR));
|
||||||
_exit(EXIT_SUCCESS);
|
_exit(EXIT_SUCCESS);
|
||||||
}
|
}
|
||||||
|
|
||||||
assert_se(read_full_file_full(AT_FDCWD, j, 0, &data, &size) == -ENXIO);
|
assert_se(read_full_file_full(AT_FDCWD, j, 0, NULL, &data, &size) == -ENXIO);
|
||||||
assert_se(read_full_file_full(AT_FDCWD, j, READ_FULL_FILE_CONNECT_SOCKET, &data, &size) >= 0);
|
assert_se(read_full_file_full(AT_FDCWD, j, READ_FULL_FILE_CONNECT_SOCKET, clientname, &data, &size) >= 0);
|
||||||
assert_se(size == strlen(TEST_STR));
|
assert_se(size == strlen(TEST_STR));
|
||||||
assert_se(streq(data, TEST_STR));
|
assert_se(streq(data, TEST_STR));
|
||||||
|
|
||||||
|
@ -100,7 +100,7 @@ static int run(int argc, char *argv[]) {
|
|||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to parse root hash signature '%s': %m", argv[6]);
|
return log_error_errno(r, "Failed to parse root hash signature '%s': %m", argv[6]);
|
||||||
} else {
|
} else {
|
||||||
r = read_full_file_full(AT_FDCWD, argv[6], READ_FULL_FILE_CONNECT_SOCKET, &hash_sig, &hash_sig_size);
|
r = read_full_file_full(AT_FDCWD, argv[6], READ_FULL_FILE_CONNECT_SOCKET, NULL, &hash_sig, &hash_sig_size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to read root hash signature: %m");
|
return log_error_errno(r, "Failed to read root hash signature: %m");
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user