mirror of
https://github.com/systemd/systemd.git
synced 2025-01-25 10:04:04 +03:00
137 lines
4.4 KiB
C
137 lines
4.4 KiB
C
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
|
|
|
#include "fd-util.h"
|
|
#include "home-util.h"
|
|
#include "homed-bus.h"
|
|
#include "stat-util.h"
|
|
#include "strv.h"
|
|
|
|
int bus_message_read_secret(sd_bus_message *m, UserRecord **ret, sd_bus_error *error) {
|
|
_cleanup_(json_variant_unrefp) JsonVariant *v = NULL, *full = NULL;
|
|
_cleanup_(user_record_unrefp) UserRecord *hr = NULL;
|
|
unsigned line = 0, column = 0;
|
|
const char *json;
|
|
int r;
|
|
|
|
assert(ret);
|
|
|
|
r = sd_bus_message_read(m, "s", &json);
|
|
if (r < 0)
|
|
return r;
|
|
|
|
r = json_parse(json, JSON_PARSE_SENSITIVE, &v, &line, &column);
|
|
if (r < 0)
|
|
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Failed to parse JSON secret record at %u:%u: %m", line, column);
|
|
|
|
r = json_build(&full, JSON_BUILD_OBJECT(JSON_BUILD_PAIR("secret", JSON_BUILD_VARIANT(v))));
|
|
if (r < 0)
|
|
return r;
|
|
|
|
hr = user_record_new();
|
|
if (!hr)
|
|
return -ENOMEM;
|
|
|
|
r = user_record_load(hr, full, USER_RECORD_REQUIRE_SECRET|USER_RECORD_PERMISSIVE);
|
|
if (r < 0)
|
|
return r;
|
|
|
|
*ret = TAKE_PTR(hr);
|
|
return 0;
|
|
}
|
|
|
|
int bus_message_read_home_record(sd_bus_message *m, UserRecordLoadFlags flags, UserRecord **ret, sd_bus_error *error) {
|
|
_cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
|
|
_cleanup_(user_record_unrefp) UserRecord *hr = NULL;
|
|
unsigned line = 0, column = 0;
|
|
const char *json;
|
|
int r;
|
|
|
|
assert(ret);
|
|
|
|
r = sd_bus_message_read(m, "s", &json);
|
|
if (r < 0)
|
|
return r;
|
|
|
|
r = json_parse(json, JSON_PARSE_SENSITIVE, &v, &line, &column);
|
|
if (r < 0)
|
|
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Failed to parse JSON identity record at %u:%u: %m", line, column);
|
|
|
|
hr = user_record_new();
|
|
if (!hr)
|
|
return -ENOMEM;
|
|
|
|
r = user_record_load(hr, v, flags);
|
|
if (r < 0)
|
|
return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "JSON data is not a valid identity record");
|
|
|
|
*ret = TAKE_PTR(hr);
|
|
return 0;
|
|
}
|
|
|
|
int bus_message_read_blobs(sd_bus_message *m, Hashmap **ret, sd_bus_error *error) {
|
|
_cleanup_hashmap_free_ Hashmap *blobs = NULL;
|
|
int r;
|
|
|
|
assert(m);
|
|
assert(ret);
|
|
|
|
/* We want to differentiate between blobs being NULL (not passed at all)
|
|
* and empty (passed from dbus, but it was empty) */
|
|
r = hashmap_ensure_allocated(&blobs, &blob_fd_hash_ops);
|
|
if (r < 0)
|
|
return r;
|
|
|
|
r = sd_bus_message_enter_container(m, 'a', "{sh}");
|
|
if (r < 0)
|
|
return r;
|
|
|
|
for (;;) {
|
|
_cleanup_free_ char *filename = NULL;
|
|
_cleanup_close_ int fd = -EBADF;
|
|
const char *_filename = NULL;
|
|
int _fd;
|
|
|
|
r = sd_bus_message_read(m, "{sh}", &_filename, &_fd);
|
|
if (r < 0)
|
|
return r;
|
|
if (r == 0)
|
|
break;
|
|
|
|
filename = strdup(_filename);
|
|
if (!filename)
|
|
return -ENOMEM;
|
|
|
|
fd = fcntl(_fd, F_DUPFD_CLOEXEC, 3);
|
|
if (fd < 0)
|
|
return -errno;
|
|
|
|
r = suitable_blob_filename(filename);
|
|
if (r < 0)
|
|
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid blob directory filename: %s", filename);
|
|
|
|
r = fd_verify_regular(fd);
|
|
if (r < 0)
|
|
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "FD for '%s' is not a regular file", filename);
|
|
|
|
r = fd_verify_safe_flags(fd);
|
|
if (r == -EREMOTEIO)
|
|
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
|
|
"FD for '%s' has unexpected flags set", filename);
|
|
if (r < 0)
|
|
return r;
|
|
|
|
r = hashmap_put(blobs, filename, FD_TO_PTR(fd));
|
|
if (r < 0)
|
|
return r;
|
|
TAKE_PTR(filename); /* Ownership transferred to hashmap */
|
|
TAKE_FD(fd);
|
|
}
|
|
|
|
r = sd_bus_message_exit_container(m);
|
|
if (r < 0)
|
|
return r;
|
|
|
|
*ret = TAKE_PTR(blobs);
|
|
return 0;
|
|
}
|