File: | build-scan/../src/nss-mymachines/nss-mymachines.c |
Warning: | line 312, column 17 Although the value stored to 'r' is used in the enclosing expression, the value is never actually read from 'r' |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
2 | |
3 | #include <netdb.h> |
4 | #include <nss.h> |
5 | |
6 | #include "sd-bus.h" |
7 | #include "sd-login.h" |
8 | |
9 | #include "alloc-util.h" |
10 | #include "bus-common-errors.h" |
11 | #include "env-util.h" |
12 | #include "hostname-util.h" |
13 | #include "in-addr-util.h" |
14 | #include "macro.h" |
15 | #include "nss-util.h" |
16 | #include "signal-util.h" |
17 | #include "string-util.h" |
18 | #include "user-util.h" |
19 | #include "util.h" |
20 | |
21 | NSS_GETHOSTBYNAME_PROTOTYPES(mymachines)enum nss_status _nss_mymachines_gethostbyname4_r( const char * name, struct gaih_addrtuple **pat, char *buffer, size_t buflen , int *errnop, int *h_errnop, int32_t *ttlp) __attribute__ (( visibility("default"))); enum nss_status _nss_mymachines_gethostbyname3_r ( const char *name, int af, struct hostent *host, char *buffer , size_t buflen, int *errnop, int *h_errnop, int32_t *ttlp, char **canonp) __attribute__ ((visibility("default"))); enum nss_status _nss_mymachines_gethostbyname2_r( const char *name, int af, struct hostent *host, char *buffer, size_t buflen, int *errnop, int *h_errnop) __attribute__ ((visibility("default"))); enum nss_status _nss_mymachines_gethostbyname_r( const char *name, struct hostent *host, char *buffer, size_t buflen, int *errnop, int *h_errnop ) __attribute__ ((visibility("default"))); |
22 | NSS_GETPW_PROTOTYPES(mymachines)enum nss_status _nss_mymachines_getpwnam_r( const char *name, struct passwd *pwd, char *buffer, size_t buflen, int *errnop ) __attribute__ ((visibility("default"))); enum nss_status _nss_mymachines_getpwuid_r ( uid_t uid, struct passwd *pwd, char *buffer, size_t buflen, int *errnop) __attribute__ ((visibility("default"))); |
23 | NSS_GETGR_PROTOTYPES(mymachines)enum nss_status _nss_mymachines_getgrnam_r( const char *name, struct group *gr, char *buffer, size_t buflen, int *errnop) __attribute__ ((visibility("default"))); enum nss_status _nss_mymachines_getgrgid_r ( gid_t gid, struct group *gr, char *buffer, size_t buflen, int *errnop) __attribute__ ((visibility("default"))); |
24 | |
25 | #define HOST_UID_LIMIT((uid_t) 0x10000U) ((uid_t) UINT32_C(0x10000)0x10000U) |
26 | #define HOST_GID_LIMIT((gid_t) 0x10000U) ((gid_t) UINT32_C(0x10000)0x10000U) |
27 | |
28 | static int count_addresses(sd_bus_message *m, int af, unsigned *ret) { |
29 | unsigned c = 0; |
30 | int r; |
31 | |
32 | assert(m)do { if ((__builtin_expect(!!(!(m)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("m"), "../src/nss-mymachines/nss-mymachines.c" , 32, __PRETTY_FUNCTION__); } while (0); |
33 | assert(ret)do { if ((__builtin_expect(!!(!(ret)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("ret"), "../src/nss-mymachines/nss-mymachines.c" , 33, __PRETTY_FUNCTION__); } while (0); |
34 | |
35 | while ((r = sd_bus_message_enter_container(m, 'r', "iay")) > 0) { |
36 | int family; |
37 | |
38 | r = sd_bus_message_read(m, "i", &family); |
39 | if (r < 0) |
40 | return r; |
41 | |
42 | r = sd_bus_message_skip(m, "ay"); |
43 | if (r < 0) |
44 | return r; |
45 | |
46 | r = sd_bus_message_exit_container(m); |
47 | if (r < 0) |
48 | return r; |
49 | |
50 | if (af != AF_UNSPEC0 && family != af) |
51 | continue; |
52 | |
53 | c++; |
54 | } |
55 | if (r < 0) |
56 | return r; |
57 | |
58 | r = sd_bus_message_rewind(m, false0); |
59 | if (r < 0) |
60 | return r; |
61 | |
62 | *ret = c; |
63 | return 0; |
64 | } |
65 | |
66 | enum nss_status _nss_mymachines_gethostbyname4_r( |
67 | const char *name, |
68 | struct gaih_addrtuple **pat, |
69 | char *buffer, size_t buflen, |
70 | int *errnop, int *h_errnop, |
71 | int32_t *ttlp) { |
72 | |
73 | struct gaih_addrtuple *r_tuple, *r_tuple_first = NULL((void*)0); |
74 | _cleanup_(sd_bus_message_unrefp)__attribute__((cleanup(sd_bus_message_unrefp))) sd_bus_message* reply = NULL((void*)0); |
75 | _cleanup_(sd_bus_flush_close_unrefp)__attribute__((cleanup(sd_bus_flush_close_unrefp))) sd_bus *bus = NULL((void*)0); |
76 | _cleanup_free___attribute__((cleanup(freep))) int *ifindices = NULL((void*)0); |
77 | _cleanup_free___attribute__((cleanup(freep))) char *class = NULL((void*)0); |
78 | size_t l, ms, idx; |
79 | unsigned i = 0, c = 0; |
80 | char *r_name; |
81 | int n_ifindices, r; |
82 | |
83 | PROTECT_ERRNO__attribute__((cleanup(_reset_errno_))) __attribute__((unused )) int _saved_errno_ = (*__errno_location ()); |
84 | BLOCK_SIGNALS(NSS_SIGNALS_BLOCK)__attribute__((cleanup(block_signals_reset))) __attribute__ ( (unused)) sigset_t _saved_sigset = ({ sigset_t _t; do { if (( __builtin_expect(!!(!(sigprocmask_many(0, &_t, 14,26,13,17 ,20,29,1,10,12,27,23,28, -1) >= 0)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("sigprocmask_many(SIG_BLOCK, &_t, 14,26,13,17,20,29,1,10,12,27,23,28, -1) >= 0" ), "../src/nss-mymachines/nss-mymachines.c", 84, __PRETTY_FUNCTION__ ); } while (0); _t; }); |
85 | |
86 | assert(name)do { if ((__builtin_expect(!!(!(name)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("name"), "../src/nss-mymachines/nss-mymachines.c" , 86, __PRETTY_FUNCTION__); } while (0); |
87 | assert(pat)do { if ((__builtin_expect(!!(!(pat)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("pat"), "../src/nss-mymachines/nss-mymachines.c" , 87, __PRETTY_FUNCTION__); } while (0); |
88 | assert(buffer)do { if ((__builtin_expect(!!(!(buffer)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("buffer"), "../src/nss-mymachines/nss-mymachines.c" , 88, __PRETTY_FUNCTION__); } while (0); |
89 | assert(errnop)do { if ((__builtin_expect(!!(!(errnop)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("errnop"), "../src/nss-mymachines/nss-mymachines.c" , 89, __PRETTY_FUNCTION__); } while (0); |
90 | assert(h_errnop)do { if ((__builtin_expect(!!(!(h_errnop)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("h_errnop"), "../src/nss-mymachines/nss-mymachines.c" , 90, __PRETTY_FUNCTION__); } while (0); |
91 | |
92 | r = sd_machine_get_class(name, &class); |
93 | if (r < 0) |
94 | goto fail; |
95 | if (!streq(class, "container")(strcmp((class),("container")) == 0)) { |
96 | r = -ENOTTY25; |
97 | goto fail; |
98 | } |
99 | |
100 | n_ifindices = sd_machine_get_ifindices(name, &ifindices); |
101 | if (n_ifindices < 0) { |
102 | r = n_ifindices; |
103 | goto fail; |
104 | } |
105 | |
106 | r = sd_bus_open_system(&bus); |
107 | if (r < 0) |
108 | goto fail; |
109 | |
110 | r = sd_bus_call_method(bus, |
111 | "org.freedesktop.machine1", |
112 | "/org/freedesktop/machine1", |
113 | "org.freedesktop.machine1.Manager", |
114 | "GetMachineAddresses", |
115 | NULL((void*)0), |
116 | &reply, |
117 | "s", name); |
118 | if (r < 0) |
119 | goto fail; |
120 | |
121 | r = sd_bus_message_enter_container(reply, 'a', "(iay)"); |
122 | if (r < 0) |
123 | goto fail; |
124 | |
125 | r = count_addresses(reply, AF_UNSPEC0, &c); |
126 | if (r < 0) |
127 | goto fail; |
128 | |
129 | if (c <= 0) { |
130 | *h_errnop = HOST_NOT_FOUND1; |
131 | return NSS_STATUS_NOTFOUND; |
132 | } |
133 | |
134 | l = strlen(name); |
135 | ms = ALIGN(l+1)(((l+1) + 7) & ~7) + ALIGN(sizeof(struct gaih_addrtuple))(((sizeof(struct gaih_addrtuple)) + 7) & ~7) * c; |
136 | if (buflen < ms) { |
137 | UNPROTECT_ERRNOdo { (*__errno_location ()) = _saved_errno_; _saved_errno_ = - 1; } while (0); |
138 | *errnop = ERANGE34; |
139 | *h_errnop = NETDB_INTERNAL-1; |
140 | return NSS_STATUS_TRYAGAIN; |
141 | } |
142 | |
143 | /* First, append name */ |
144 | r_name = buffer; |
145 | memcpy(r_name, name, l+1); |
146 | idx = ALIGN(l+1)(((l+1) + 7) & ~7); |
147 | |
148 | /* Second, append addresses */ |
149 | r_tuple_first = (struct gaih_addrtuple*) (buffer + idx); |
150 | while ((r = sd_bus_message_enter_container(reply, 'r', "iay")) > 0) { |
151 | int family; |
152 | const void *a; |
153 | size_t sz; |
154 | |
155 | r = sd_bus_message_read(reply, "i", &family); |
156 | if (r < 0) |
157 | goto fail; |
158 | |
159 | r = sd_bus_message_read_array(reply, 'y', &a, &sz); |
160 | if (r < 0) |
161 | goto fail; |
162 | |
163 | r = sd_bus_message_exit_container(reply); |
164 | if (r < 0) |
165 | goto fail; |
166 | |
167 | if (!IN_SET(family, AF_INET, AF_INET6)({ _Bool _found = 0; static __attribute__ ((unused)) char _static_assert__macros_need_to_be_extended [20 - sizeof((int[]){2, 10})/sizeof(int)]; switch(family) { case 2: case 10: _found = 1; break; default: break; } _found; })) { |
168 | r = -EAFNOSUPPORT97; |
169 | goto fail; |
170 | } |
171 | |
172 | if (sz != FAMILY_ADDRESS_SIZE(family)) { |
173 | r = -EINVAL22; |
174 | goto fail; |
175 | } |
176 | |
177 | r_tuple = (struct gaih_addrtuple*) (buffer + idx); |
178 | r_tuple->next = i == c-1 ? NULL((void*)0) : (struct gaih_addrtuple*) ((char*) r_tuple + ALIGN(sizeof(struct gaih_addrtuple))(((sizeof(struct gaih_addrtuple)) + 7) & ~7)); |
179 | r_tuple->name = r_name; |
180 | r_tuple->family = family; |
181 | r_tuple->scopeid = n_ifindices == 1 ? ifindices[0] : 0; |
182 | memcpy(r_tuple->addr, a, sz); |
183 | |
184 | idx += ALIGN(sizeof(struct gaih_addrtuple))(((sizeof(struct gaih_addrtuple)) + 7) & ~7); |
185 | i++; |
186 | } |
187 | |
188 | assert(i == c)do { if ((__builtin_expect(!!(!(i == c)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("i == c"), "../src/nss-mymachines/nss-mymachines.c" , 188, __PRETTY_FUNCTION__); } while (0); |
189 | |
190 | r = sd_bus_message_exit_container(reply); |
191 | if (r < 0) |
192 | goto fail; |
193 | |
194 | assert(idx == ms)do { if ((__builtin_expect(!!(!(idx == ms)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("idx == ms"), "../src/nss-mymachines/nss-mymachines.c" , 194, __PRETTY_FUNCTION__); } while (0); |
195 | |
196 | if (*pat) |
197 | **pat = *r_tuple_first; |
198 | else |
199 | *pat = r_tuple_first; |
200 | |
201 | if (ttlp) |
202 | *ttlp = 0; |
203 | |
204 | /* Explicitly reset both *h_errnop and h_errno to work around |
205 | * https://bugzilla.redhat.com/show_bug.cgi?id=1125975 */ |
206 | *h_errnop = NETDB_SUCCESS0; |
207 | h_errno(*__h_errno_location ()) = 0; |
208 | |
209 | return NSS_STATUS_SUCCESS; |
210 | |
211 | fail: |
212 | UNPROTECT_ERRNOdo { (*__errno_location ()) = _saved_errno_; _saved_errno_ = - 1; } while (0); |
213 | *errnop = -r; |
214 | *h_errnop = NO_DATA4; |
215 | return NSS_STATUS_UNAVAIL; |
216 | } |
217 | |
218 | enum nss_status _nss_mymachines_gethostbyname3_r( |
219 | const char *name, |
220 | int af, |
221 | struct hostent *result, |
222 | char *buffer, size_t buflen, |
223 | int *errnop, int *h_errnop, |
224 | int32_t *ttlp, |
225 | char **canonp) { |
226 | |
227 | _cleanup_(sd_bus_message_unrefp)__attribute__((cleanup(sd_bus_message_unrefp))) sd_bus_message* reply = NULL((void*)0); |
228 | _cleanup_(sd_bus_flush_close_unrefp)__attribute__((cleanup(sd_bus_flush_close_unrefp))) sd_bus *bus = NULL((void*)0); |
229 | _cleanup_free___attribute__((cleanup(freep))) char *class = NULL((void*)0); |
230 | unsigned c = 0, i = 0; |
231 | char *r_name, *r_aliases, *r_addr, *r_addr_list; |
232 | size_t l, idx, ms, alen; |
233 | int r; |
234 | |
235 | PROTECT_ERRNO__attribute__((cleanup(_reset_errno_))) __attribute__((unused )) int _saved_errno_ = (*__errno_location ()); |
236 | BLOCK_SIGNALS(NSS_SIGNALS_BLOCK)__attribute__((cleanup(block_signals_reset))) __attribute__ ( (unused)) sigset_t _saved_sigset = ({ sigset_t _t; do { if (( __builtin_expect(!!(!(sigprocmask_many(0, &_t, 14,26,13,17 ,20,29,1,10,12,27,23,28, -1) >= 0)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("sigprocmask_many(SIG_BLOCK, &_t, 14,26,13,17,20,29,1,10,12,27,23,28, -1) >= 0" ), "../src/nss-mymachines/nss-mymachines.c", 236, __PRETTY_FUNCTION__ ); } while (0); _t; }); |
237 | |
238 | assert(name)do { if ((__builtin_expect(!!(!(name)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("name"), "../src/nss-mymachines/nss-mymachines.c" , 238, __PRETTY_FUNCTION__); } while (0); |
239 | assert(result)do { if ((__builtin_expect(!!(!(result)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("result"), "../src/nss-mymachines/nss-mymachines.c" , 239, __PRETTY_FUNCTION__); } while (0); |
240 | assert(buffer)do { if ((__builtin_expect(!!(!(buffer)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("buffer"), "../src/nss-mymachines/nss-mymachines.c" , 240, __PRETTY_FUNCTION__); } while (0); |
241 | assert(errnop)do { if ((__builtin_expect(!!(!(errnop)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("errnop"), "../src/nss-mymachines/nss-mymachines.c" , 241, __PRETTY_FUNCTION__); } while (0); |
242 | assert(h_errnop)do { if ((__builtin_expect(!!(!(h_errnop)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("h_errnop"), "../src/nss-mymachines/nss-mymachines.c" , 242, __PRETTY_FUNCTION__); } while (0); |
243 | |
244 | if (af == AF_UNSPEC0) |
245 | af = AF_INET2; |
246 | |
247 | if (af != AF_INET2 && af != AF_INET610) { |
248 | r = -EAFNOSUPPORT97; |
249 | goto fail; |
250 | } |
251 | |
252 | r = sd_machine_get_class(name, &class); |
253 | if (r < 0) |
254 | goto fail; |
255 | if (!streq(class, "container")(strcmp((class),("container")) == 0)) { |
256 | r = -ENOTTY25; |
257 | goto fail; |
258 | } |
259 | |
260 | r = sd_bus_open_system(&bus); |
261 | if (r < 0) |
262 | goto fail; |
263 | |
264 | r = sd_bus_call_method(bus, |
265 | "org.freedesktop.machine1", |
266 | "/org/freedesktop/machine1", |
267 | "org.freedesktop.machine1.Manager", |
268 | "GetMachineAddresses", |
269 | NULL((void*)0), |
270 | &reply, |
271 | "s", name); |
272 | if (r < 0) |
273 | goto fail; |
274 | |
275 | r = sd_bus_message_enter_container(reply, 'a', "(iay)"); |
276 | if (r < 0) |
277 | goto fail; |
278 | |
279 | r = count_addresses(reply, af, &c); |
280 | if (r < 0) |
281 | goto fail; |
282 | |
283 | if (c <= 0) { |
284 | *h_errnop = HOST_NOT_FOUND1; |
285 | return NSS_STATUS_NOTFOUND; |
286 | } |
287 | |
288 | alen = FAMILY_ADDRESS_SIZE(af); |
289 | l = strlen(name); |
290 | |
291 | ms = ALIGN(l+1)(((l+1) + 7) & ~7) + c * ALIGN(alen)(((alen) + 7) & ~7) + (c+2) * sizeof(char*); |
292 | |
293 | if (buflen < ms) { |
294 | UNPROTECT_ERRNOdo { (*__errno_location ()) = _saved_errno_; _saved_errno_ = - 1; } while (0); |
295 | *errnop = ERANGE34; |
296 | *h_errnop = NETDB_INTERNAL-1; |
297 | return NSS_STATUS_TRYAGAIN; |
298 | } |
299 | |
300 | /* First, append name */ |
301 | r_name = buffer; |
302 | memcpy(r_name, name, l+1); |
303 | idx = ALIGN(l+1)(((l+1) + 7) & ~7); |
304 | |
305 | /* Second, create aliases array */ |
306 | r_aliases = buffer + idx; |
307 | ((char**) r_aliases)[0] = NULL((void*)0); |
308 | idx += sizeof(char*); |
309 | |
310 | /* Third, append addresses */ |
311 | r_addr = buffer + idx; |
312 | while ((r = sd_bus_message_enter_container(reply, 'r', "iay")) > 0) { |
Although the value stored to 'r' is used in the enclosing expression, the value is never actually read from 'r' | |
313 | int family; |
314 | const void *a; |
315 | size_t sz; |
316 | |
317 | r = sd_bus_message_read(reply, "i", &family); |
318 | if (r < 0) |
319 | goto fail; |
320 | |
321 | r = sd_bus_message_read_array(reply, 'y', &a, &sz); |
322 | if (r < 0) |
323 | goto fail; |
324 | |
325 | r = sd_bus_message_exit_container(reply); |
326 | if (r < 0) |
327 | goto fail; |
328 | |
329 | if (family != af) |
330 | continue; |
331 | |
332 | if (sz != alen) { |
333 | r = -EINVAL22; |
334 | goto fail; |
335 | } |
336 | |
337 | memcpy(r_addr + i*ALIGN(alen)(((alen) + 7) & ~7), a, alen); |
338 | i++; |
339 | } |
340 | |
341 | assert(i == c)do { if ((__builtin_expect(!!(!(i == c)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("i == c"), "../src/nss-mymachines/nss-mymachines.c" , 341, __PRETTY_FUNCTION__); } while (0); |
342 | idx += c * ALIGN(alen)(((alen) + 7) & ~7); |
343 | |
344 | r = sd_bus_message_exit_container(reply); |
345 | if (r < 0) |
346 | goto fail; |
347 | |
348 | /* Third, append address pointer array */ |
349 | r_addr_list = buffer + idx; |
350 | for (i = 0; i < c; i++) |
351 | ((char**) r_addr_list)[i] = r_addr + i*ALIGN(alen)(((alen) + 7) & ~7); |
352 | |
353 | ((char**) r_addr_list)[i] = NULL((void*)0); |
354 | idx += (c+1) * sizeof(char*); |
355 | |
356 | assert(idx == ms)do { if ((__builtin_expect(!!(!(idx == ms)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("idx == ms"), "../src/nss-mymachines/nss-mymachines.c" , 356, __PRETTY_FUNCTION__); } while (0); |
357 | |
358 | result->h_name = r_name; |
359 | result->h_aliases = (char**) r_aliases; |
360 | result->h_addrtype = af; |
361 | result->h_length = alen; |
362 | result->h_addr_list = (char**) r_addr_list; |
363 | |
364 | if (ttlp) |
365 | *ttlp = 0; |
366 | |
367 | if (canonp) |
368 | *canonp = r_name; |
369 | |
370 | /* Explicitly reset both *h_errnop and h_errno to work around |
371 | * https://bugzilla.redhat.com/show_bug.cgi?id=1125975 */ |
372 | *h_errnop = NETDB_SUCCESS0; |
373 | h_errno(*__h_errno_location ()) = 0; |
374 | |
375 | return NSS_STATUS_SUCCESS; |
376 | |
377 | fail: |
378 | UNPROTECT_ERRNOdo { (*__errno_location ()) = _saved_errno_; _saved_errno_ = - 1; } while (0); |
379 | *errnop = -r; |
380 | *h_errnop = NO_DATA4; |
381 | return NSS_STATUS_UNAVAIL; |
382 | } |
383 | |
384 | NSS_GETHOSTBYNAME_FALLBACKS(mymachines)enum nss_status _nss_mymachines_gethostbyname2_r( const char * name, int af, struct hostent *host, char *buffer, size_t buflen , int *errnop, int *h_errnop) { return _nss_mymachines_gethostbyname3_r ( name, af, host, buffer, buflen, errnop, h_errnop, ((void*)0 ), ((void*)0)); } enum nss_status _nss_mymachines_gethostbyname_r ( const char *name, struct hostent *host, char *buffer, size_t buflen, int *errnop, int *h_errnop) { enum nss_status ret = NSS_STATUS_NOTFOUND ; if ((*__res_state()).options & 0x00002000) ret = _nss_mymachines_gethostbyname3_r ( name, 10, host, buffer, buflen, errnop, h_errnop, ((void*)0 ), ((void*)0)); if (ret == NSS_STATUS_NOTFOUND) ret = _nss_mymachines_gethostbyname3_r ( name, 2, host, buffer, buflen, errnop, h_errnop, ((void*)0) , ((void*)0)); return ret; }; |
385 | |
386 | enum nss_status _nss_mymachines_getpwnam_r( |
387 | const char *name, |
388 | struct passwd *pwd, |
389 | char *buffer, size_t buflen, |
390 | int *errnop) { |
391 | |
392 | _cleanup_(sd_bus_error_free)__attribute__((cleanup(sd_bus_error_free))) sd_bus_error error = SD_BUS_ERROR_NULL((const sd_bus_error) {(((void*)0)), (((void*)0)), 0}); |
393 | _cleanup_(sd_bus_message_unrefp)__attribute__((cleanup(sd_bus_message_unrefp))) sd_bus_message* reply = NULL((void*)0); |
394 | _cleanup_(sd_bus_flush_close_unrefp)__attribute__((cleanup(sd_bus_flush_close_unrefp))) sd_bus *bus = NULL((void*)0); |
395 | const char *p, *e, *machine; |
396 | uint32_t mapped; |
397 | uid_t uid; |
398 | size_t l; |
399 | int r; |
400 | |
401 | PROTECT_ERRNO__attribute__((cleanup(_reset_errno_))) __attribute__((unused )) int _saved_errno_ = (*__errno_location ()); |
402 | BLOCK_SIGNALS(NSS_SIGNALS_BLOCK)__attribute__((cleanup(block_signals_reset))) __attribute__ ( (unused)) sigset_t _saved_sigset = ({ sigset_t _t; do { if (( __builtin_expect(!!(!(sigprocmask_many(0, &_t, 14,26,13,17 ,20,29,1,10,12,27,23,28, -1) >= 0)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("sigprocmask_many(SIG_BLOCK, &_t, 14,26,13,17,20,29,1,10,12,27,23,28, -1) >= 0" ), "../src/nss-mymachines/nss-mymachines.c", 402, __PRETTY_FUNCTION__ ); } while (0); _t; }); |
403 | |
404 | assert(name)do { if ((__builtin_expect(!!(!(name)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("name"), "../src/nss-mymachines/nss-mymachines.c" , 404, __PRETTY_FUNCTION__); } while (0); |
405 | assert(pwd)do { if ((__builtin_expect(!!(!(pwd)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("pwd"), "../src/nss-mymachines/nss-mymachines.c" , 405, __PRETTY_FUNCTION__); } while (0); |
406 | |
407 | p = startswith(name, "vu-"); |
408 | if (!p) |
409 | return NSS_STATUS_NOTFOUND; |
410 | |
411 | e = strrchr(p, '-'); |
412 | if (!e || e == p) |
413 | return NSS_STATUS_NOTFOUND; |
414 | |
415 | if (e - p > HOST_NAME_MAX64 - 1) /* -1 for the last dash */ |
416 | return NSS_STATUS_NOTFOUND; |
417 | |
418 | r = parse_uid(e + 1, &uid); |
419 | if (r < 0) |
420 | return NSS_STATUS_NOTFOUND; |
421 | |
422 | machine = strndupa(p, e - p)(__extension__ ({ const char *__old = (p); size_t __len = strnlen (__old, (e - p)); char *__new = (char *) __builtin_alloca (__len + 1); __new[__len] = '\0'; (char *) memcpy (__new, __old, __len ); })); |
423 | if (!machine_name_is_valid(machine)hostname_is_valid(machine, 0)) |
424 | return NSS_STATUS_NOTFOUND; |
425 | |
426 | if (getenv_bool_secure("SYSTEMD_NSS_BYPASS_BUS") > 0) |
427 | /* Make sure we can't deadlock if we are invoked by dbus-daemon. This way, it won't be able to resolve |
428 | * these UIDs, but that should be unproblematic as containers should never be able to connect to a bus |
429 | * running on the host. */ |
430 | return NSS_STATUS_NOTFOUND; |
431 | |
432 | r = sd_bus_open_system(&bus); |
433 | if (r < 0) |
434 | goto fail; |
435 | |
436 | r = sd_bus_call_method(bus, |
437 | "org.freedesktop.machine1", |
438 | "/org/freedesktop/machine1", |
439 | "org.freedesktop.machine1.Manager", |
440 | "MapFromMachineUser", |
441 | &error, |
442 | &reply, |
443 | "su", |
444 | machine, (uint32_t) uid); |
445 | if (r < 0) { |
446 | if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_USER_MAPPING"org.freedesktop.machine1.NoSuchUserMapping")) |
447 | return NSS_STATUS_NOTFOUND; |
448 | |
449 | goto fail; |
450 | } |
451 | |
452 | r = sd_bus_message_read(reply, "u", &mapped); |
453 | if (r < 0) |
454 | goto fail; |
455 | |
456 | /* Refuse to work if the mapped address is in the host UID range, or if there was no mapping at all. */ |
457 | if (mapped < HOST_UID_LIMIT((uid_t) 0x10000U) || mapped == uid) |
458 | return NSS_STATUS_NOTFOUND; |
459 | |
460 | l = strlen(name); |
461 | if (buflen < l+1) { |
462 | UNPROTECT_ERRNOdo { (*__errno_location ()) = _saved_errno_; _saved_errno_ = - 1; } while (0); |
463 | *errnop = ERANGE34; |
464 | return NSS_STATUS_TRYAGAIN; |
465 | } |
466 | |
467 | memcpy(buffer, name, l+1); |
468 | |
469 | pwd->pw_name = buffer; |
470 | pwd->pw_uid = mapped; |
471 | pwd->pw_gid = GID_NOBODY((gid_t) 65534U); |
472 | pwd->pw_gecos = buffer; |
473 | pwd->pw_passwd = (char*) "*"; /* locked */ |
474 | pwd->pw_dir = (char*) "/"; |
475 | pwd->pw_shell = (char*) "/sbin/nologin"; |
476 | |
477 | return NSS_STATUS_SUCCESS; |
478 | |
479 | fail: |
480 | UNPROTECT_ERRNOdo { (*__errno_location ()) = _saved_errno_; _saved_errno_ = - 1; } while (0); |
481 | *errnop = -r; |
482 | return NSS_STATUS_UNAVAIL; |
483 | } |
484 | |
485 | enum nss_status _nss_mymachines_getpwuid_r( |
486 | uid_t uid, |
487 | struct passwd *pwd, |
488 | char *buffer, size_t buflen, |
489 | int *errnop) { |
490 | |
491 | _cleanup_(sd_bus_error_free)__attribute__((cleanup(sd_bus_error_free))) sd_bus_error error = SD_BUS_ERROR_NULL((const sd_bus_error) {(((void*)0)), (((void*)0)), 0}); |
492 | _cleanup_(sd_bus_message_unrefp)__attribute__((cleanup(sd_bus_message_unrefp))) sd_bus_message* reply = NULL((void*)0); |
493 | _cleanup_(sd_bus_flush_close_unrefp)__attribute__((cleanup(sd_bus_flush_close_unrefp))) sd_bus *bus = NULL((void*)0); |
494 | const char *machine; |
495 | uint32_t mapped; |
496 | int r; |
497 | |
498 | PROTECT_ERRNO__attribute__((cleanup(_reset_errno_))) __attribute__((unused )) int _saved_errno_ = (*__errno_location ()); |
499 | BLOCK_SIGNALS(NSS_SIGNALS_BLOCK)__attribute__((cleanup(block_signals_reset))) __attribute__ ( (unused)) sigset_t _saved_sigset = ({ sigset_t _t; do { if (( __builtin_expect(!!(!(sigprocmask_many(0, &_t, 14,26,13,17 ,20,29,1,10,12,27,23,28, -1) >= 0)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("sigprocmask_many(SIG_BLOCK, &_t, 14,26,13,17,20,29,1,10,12,27,23,28, -1) >= 0" ), "../src/nss-mymachines/nss-mymachines.c", 499, __PRETTY_FUNCTION__ ); } while (0); _t; }); |
500 | |
501 | if (!uid_is_valid(uid)) |
502 | return NSS_STATUS_NOTFOUND; |
503 | |
504 | /* We consider all uids < 65536 host uids */ |
505 | if (uid < HOST_UID_LIMIT((uid_t) 0x10000U)) |
506 | return NSS_STATUS_NOTFOUND; |
507 | |
508 | if (getenv_bool_secure("SYSTEMD_NSS_BYPASS_BUS") > 0) |
509 | return NSS_STATUS_NOTFOUND; |
510 | |
511 | r = sd_bus_open_system(&bus); |
512 | if (r < 0) |
513 | goto fail; |
514 | |
515 | r = sd_bus_call_method(bus, |
516 | "org.freedesktop.machine1", |
517 | "/org/freedesktop/machine1", |
518 | "org.freedesktop.machine1.Manager", |
519 | "MapToMachineUser", |
520 | &error, |
521 | &reply, |
522 | "u", |
523 | (uint32_t) uid); |
524 | if (r < 0) { |
525 | if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_USER_MAPPING"org.freedesktop.machine1.NoSuchUserMapping")) |
526 | return NSS_STATUS_NOTFOUND; |
527 | |
528 | goto fail; |
529 | } |
530 | |
531 | r = sd_bus_message_read(reply, "sou", &machine, NULL((void*)0), &mapped); |
532 | if (r < 0) |
533 | goto fail; |
534 | |
535 | if (mapped == uid) |
536 | return NSS_STATUS_NOTFOUND; |
537 | |
538 | if (snprintf(buffer, buflen, "vu-%s-" UID_FMT"%" "u", machine, (uid_t) mapped) >= (int) buflen) { |
539 | UNPROTECT_ERRNOdo { (*__errno_location ()) = _saved_errno_; _saved_errno_ = - 1; } while (0); |
540 | *errnop = ERANGE34; |
541 | return NSS_STATUS_TRYAGAIN; |
542 | } |
543 | |
544 | pwd->pw_name = buffer; |
545 | pwd->pw_uid = uid; |
546 | pwd->pw_gid = GID_NOBODY((gid_t) 65534U); |
547 | pwd->pw_gecos = buffer; |
548 | pwd->pw_passwd = (char*) "*"; /* locked */ |
549 | pwd->pw_dir = (char*) "/"; |
550 | pwd->pw_shell = (char*) "/sbin/nologin"; |
551 | |
552 | return NSS_STATUS_SUCCESS; |
553 | |
554 | fail: |
555 | UNPROTECT_ERRNOdo { (*__errno_location ()) = _saved_errno_; _saved_errno_ = - 1; } while (0); |
556 | *errnop = -r; |
557 | return NSS_STATUS_UNAVAIL; |
558 | } |
559 | |
560 | #pragma GCC diagnostic ignored "-Wsizeof-pointer-memaccess" |
561 | |
562 | enum nss_status _nss_mymachines_getgrnam_r( |
563 | const char *name, |
564 | struct group *gr, |
565 | char *buffer, size_t buflen, |
566 | int *errnop) { |
567 | |
568 | _cleanup_(sd_bus_error_free)__attribute__((cleanup(sd_bus_error_free))) sd_bus_error error = SD_BUS_ERROR_NULL((const sd_bus_error) {(((void*)0)), (((void*)0)), 0}); |
569 | _cleanup_(sd_bus_message_unrefp)__attribute__((cleanup(sd_bus_message_unrefp))) sd_bus_message* reply = NULL((void*)0); |
570 | _cleanup_(sd_bus_flush_close_unrefp)__attribute__((cleanup(sd_bus_flush_close_unrefp))) sd_bus *bus = NULL((void*)0); |
571 | const char *p, *e, *machine; |
572 | uint32_t mapped; |
573 | uid_t gid; |
574 | size_t l; |
575 | int r; |
576 | |
577 | PROTECT_ERRNO__attribute__((cleanup(_reset_errno_))) __attribute__((unused )) int _saved_errno_ = (*__errno_location ()); |
578 | BLOCK_SIGNALS(NSS_SIGNALS_BLOCK)__attribute__((cleanup(block_signals_reset))) __attribute__ ( (unused)) sigset_t _saved_sigset = ({ sigset_t _t; do { if (( __builtin_expect(!!(!(sigprocmask_many(0, &_t, 14,26,13,17 ,20,29,1,10,12,27,23,28, -1) >= 0)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("sigprocmask_many(SIG_BLOCK, &_t, 14,26,13,17,20,29,1,10,12,27,23,28, -1) >= 0" ), "../src/nss-mymachines/nss-mymachines.c", 578, __PRETTY_FUNCTION__ ); } while (0); _t; }); |
579 | |
580 | assert(name)do { if ((__builtin_expect(!!(!(name)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("name"), "../src/nss-mymachines/nss-mymachines.c" , 580, __PRETTY_FUNCTION__); } while (0); |
581 | assert(gr)do { if ((__builtin_expect(!!(!(gr)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("gr"), "../src/nss-mymachines/nss-mymachines.c" , 581, __PRETTY_FUNCTION__); } while (0); |
582 | |
583 | p = startswith(name, "vg-"); |
584 | if (!p) |
585 | return NSS_STATUS_NOTFOUND; |
586 | |
587 | e = strrchr(p, '-'); |
588 | if (!e || e == p) |
589 | return NSS_STATUS_NOTFOUND; |
590 | |
591 | if (e - p > HOST_NAME_MAX64 - 1) /* -1 for the last dash */ |
592 | return NSS_STATUS_NOTFOUND; |
593 | |
594 | r = parse_gid(e + 1, &gid); |
595 | if (r < 0) |
596 | return NSS_STATUS_NOTFOUND; |
597 | |
598 | machine = strndupa(p, e - p)(__extension__ ({ const char *__old = (p); size_t __len = strnlen (__old, (e - p)); char *__new = (char *) __builtin_alloca (__len + 1); __new[__len] = '\0'; (char *) memcpy (__new, __old, __len ); })); |
599 | if (!machine_name_is_valid(machine)hostname_is_valid(machine, 0)) |
600 | return NSS_STATUS_NOTFOUND; |
601 | |
602 | if (getenv_bool_secure("SYSTEMD_NSS_BYPASS_BUS") > 0) |
603 | return NSS_STATUS_NOTFOUND; |
604 | |
605 | r = sd_bus_open_system(&bus); |
606 | if (r < 0) |
607 | goto fail; |
608 | |
609 | r = sd_bus_call_method(bus, |
610 | "org.freedesktop.machine1", |
611 | "/org/freedesktop/machine1", |
612 | "org.freedesktop.machine1.Manager", |
613 | "MapFromMachineGroup", |
614 | &error, |
615 | &reply, |
616 | "su", |
617 | machine, (uint32_t) gid); |
618 | if (r < 0) { |
619 | if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_GROUP_MAPPING"org.freedesktop.machine1.NoSuchGroupMapping")) |
620 | return NSS_STATUS_NOTFOUND; |
621 | |
622 | goto fail; |
623 | } |
624 | |
625 | r = sd_bus_message_read(reply, "u", &mapped); |
626 | if (r < 0) |
627 | goto fail; |
628 | |
629 | if (mapped < HOST_GID_LIMIT((gid_t) 0x10000U) || mapped == gid) |
630 | return NSS_STATUS_NOTFOUND; |
631 | |
632 | l = sizeof(char*) + strlen(name) + 1; |
633 | if (buflen < l) { |
634 | UNPROTECT_ERRNOdo { (*__errno_location ()) = _saved_errno_; _saved_errno_ = - 1; } while (0); |
635 | *errnop = ERANGE34; |
636 | return NSS_STATUS_TRYAGAIN; |
637 | } |
638 | |
639 | memzero(buffer, sizeof(char*))({ size_t _l_ = (sizeof(char*)); void *_x_ = (buffer); _l_ == 0 ? _x_ : memset(_x_, 0, _l_); }); |
640 | strcpy(buffer + sizeof(char*), name); |
641 | |
642 | gr->gr_name = buffer + sizeof(char*); |
643 | gr->gr_gid = mapped; |
644 | gr->gr_passwd = (char*) "*"; /* locked */ |
645 | gr->gr_mem = (char**) buffer; |
646 | |
647 | return NSS_STATUS_SUCCESS; |
648 | |
649 | fail: |
650 | UNPROTECT_ERRNOdo { (*__errno_location ()) = _saved_errno_; _saved_errno_ = - 1; } while (0); |
651 | *errnop = -r; |
652 | return NSS_STATUS_UNAVAIL; |
653 | } |
654 | |
655 | enum nss_status _nss_mymachines_getgrgid_r( |
656 | gid_t gid, |
657 | struct group *gr, |
658 | char *buffer, size_t buflen, |
659 | int *errnop) { |
660 | |
661 | _cleanup_(sd_bus_error_free)__attribute__((cleanup(sd_bus_error_free))) sd_bus_error error = SD_BUS_ERROR_NULL((const sd_bus_error) {(((void*)0)), (((void*)0)), 0}); |
662 | _cleanup_(sd_bus_message_unrefp)__attribute__((cleanup(sd_bus_message_unrefp))) sd_bus_message* reply = NULL((void*)0); |
663 | _cleanup_(sd_bus_flush_close_unrefp)__attribute__((cleanup(sd_bus_flush_close_unrefp))) sd_bus *bus = NULL((void*)0); |
664 | const char *machine; |
665 | uint32_t mapped; |
666 | int r; |
667 | |
668 | PROTECT_ERRNO__attribute__((cleanup(_reset_errno_))) __attribute__((unused )) int _saved_errno_ = (*__errno_location ()); |
669 | BLOCK_SIGNALS(NSS_SIGNALS_BLOCK)__attribute__((cleanup(block_signals_reset))) __attribute__ ( (unused)) sigset_t _saved_sigset = ({ sigset_t _t; do { if (( __builtin_expect(!!(!(sigprocmask_many(0, &_t, 14,26,13,17 ,20,29,1,10,12,27,23,28, -1) >= 0)),0))) log_assert_failed_realm (LOG_REALM_SYSTEMD, ("sigprocmask_many(SIG_BLOCK, &_t, 14,26,13,17,20,29,1,10,12,27,23,28, -1) >= 0" ), "../src/nss-mymachines/nss-mymachines.c", 669, __PRETTY_FUNCTION__ ); } while (0); _t; }); |
670 | |
671 | if (!gid_is_valid(gid)) |
672 | return NSS_STATUS_NOTFOUND; |
673 | |
674 | /* We consider all gids < 65536 host gids */ |
675 | if (gid < HOST_GID_LIMIT((gid_t) 0x10000U)) |
676 | return NSS_STATUS_NOTFOUND; |
677 | |
678 | if (getenv_bool_secure("SYSTEMD_NSS_BYPASS_BUS") > 0) |
679 | return NSS_STATUS_NOTFOUND; |
680 | |
681 | r = sd_bus_open_system(&bus); |
682 | if (r < 0) |
683 | goto fail; |
684 | |
685 | r = sd_bus_call_method(bus, |
686 | "org.freedesktop.machine1", |
687 | "/org/freedesktop/machine1", |
688 | "org.freedesktop.machine1.Manager", |
689 | "MapToMachineGroup", |
690 | &error, |
691 | &reply, |
692 | "u", |
693 | (uint32_t) gid); |
694 | if (r < 0) { |
695 | if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_GROUP_MAPPING"org.freedesktop.machine1.NoSuchGroupMapping")) |
696 | return NSS_STATUS_NOTFOUND; |
697 | |
698 | goto fail; |
699 | } |
700 | |
701 | r = sd_bus_message_read(reply, "sou", &machine, NULL((void*)0), &mapped); |
702 | if (r < 0) |
703 | goto fail; |
704 | |
705 | if (mapped == gid) |
706 | return NSS_STATUS_NOTFOUND; |
707 | |
708 | if (buflen < sizeof(char*) + 1) { |
709 | UNPROTECT_ERRNOdo { (*__errno_location ()) = _saved_errno_; _saved_errno_ = - 1; } while (0); |
710 | *errnop = ERANGE34; |
711 | return NSS_STATUS_TRYAGAIN; |
712 | } |
713 | |
714 | memzero(buffer, sizeof(char*))({ size_t _l_ = (sizeof(char*)); void *_x_ = (buffer); _l_ == 0 ? _x_ : memset(_x_, 0, _l_); }); |
715 | if (snprintf(buffer + sizeof(char*), buflen - sizeof(char*), "vg-%s-" GID_FMT"%" "u", machine, (gid_t) mapped) >= (int) buflen) { |
716 | UNPROTECT_ERRNOdo { (*__errno_location ()) = _saved_errno_; _saved_errno_ = - 1; } while (0); |
717 | *errnop = ERANGE34; |
718 | return NSS_STATUS_TRYAGAIN; |
719 | } |
720 | |
721 | gr->gr_name = buffer + sizeof(char*); |
722 | gr->gr_gid = gid; |
723 | gr->gr_passwd = (char*) "*"; /* locked */ |
724 | gr->gr_mem = (char**) buffer; |
725 | |
726 | return NSS_STATUS_SUCCESS; |
727 | |
728 | fail: |
729 | UNPROTECT_ERRNOdo { (*__errno_location ()) = _saved_errno_; _saved_errno_ = - 1; } while (0); |
730 | *errnop = -r; |
731 | return NSS_STATUS_UNAVAIL; |
732 | } |