/*
Authors:
Simo Sorce <ssorce@redhat.com>
Copyright (C) 2009 Red Hat
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "config.h"
#include <ctype.h>
#include <netdb.h>
#include <poll.h>
#include <fcntl.h>
#include <talloc.h>
#include <dhash.h>
#include <time.h>
#include "util/sss_utf8.h"
int socket_activated = 0;
int dbus_activated = 0;
{
int i;
if (args) {
}
}
/* parse a string into arguments.
* arguments are separated by a space
* '\' is an escape character and can be used only to escape
* itself or the white space.
*/
{
const char *p;
char **ret, **r;
char *tmp;
int num;
int i;
bool e, w;
num = 0;
i = 0;
e = false;
/* skip leading whitespaces */
w = true;
p = str;
while (*p) {
if (*p == '\\') {
w = false;
if (e) {
/* if we were already escaping, add a '\' literal */
tmp[i] = '\\';
i++;
e = false;
} else {
/* otherwise just start escaping */
e = true;
}
} else if (isspace(*p)) {
if (e) {
/* Add escaped whitespace literally */
tmp[i] = *p;
i++;
e = false;
} else if (w == false) {
/* If previous character was non-whitespace, arg break */
tmp[i] = '\0';
i++;
w = true;
}
/* previous char was whitespace as well, skip it */
} else {
w = false;
if (e) {
/* Prepend escaped chars with a literal \ */
tmp[i] = '\\';
i++;
e = false;
}
/* Copy character from the source string */
tmp[i] = *p;
i++;
}
p++;
/* check if this was the last char */
if (*p == '\0') {
if (e) {
tmp[i] = '\\';
i++;
e = false;
}
tmp[i] = '\0';
i++;
}
/* save token to result array */
if (!r) goto fail;
ret = r;
num++;
i = 0;
}
}
return ret;
fail:
return NULL;
}
{
int i = 0;
int j = 0;
const char **dup_list;
if (!str_list) {
return NULL;
}
/* Find the size of the list */
while (str_list[i]) i++;
if (!dup_list) {
return NULL;
}
/* Copy the elements */
for (j = 0; j < i; j++) {
if (!dup_list[j]) {
return NULL;
}
}
/* NULL-terminate the list */
return dup_list;
}
/* Take two string lists (terminated on a NULL char*)
* and return up to three arrays of strings based on
* shared ownership.
*
* Pass NULL to any return type you don't care about
*/
char **_list1,
char **_list2,
char ***_list1_only,
char ***_list2_only,
char ***_both_lists)
{
int error;
int i;
int i2 = 0;
int i12 = 0;
unsigned long count;
if (!tmp_ctx) {
return ENOMEM;
}
if (!_list1) {
if (!list1) {
return ENOMEM;
}
}
else {
}
if (!_list2) {
if (!list2) {
return ENOMEM;
}
}
else {
}
if (error != HASH_SUCCESS) {
return EIO;
}
/* Add all entries from list 1 into a hash table */
i = 0;
while (list1[i]) {
if (error != HASH_SUCCESS) {
goto done;
}
i++;
}
/* Iterate through list 2 and remove matching items */
i = 0;
while (list2[i]) {
if (error == HASH_SUCCESS) {
if (_both_lists) {
/* String was present in both lists */
i12++;
if (!both_lists) {
goto done;
}
goto done;
}
}
}
else if (error == HASH_ERROR_KEY_NOT_FOUND) {
if (_list2_only) {
/* String was present only in list2 */
i2++;
char *, i2+1);
if (!list2_only) {
goto done;
}
goto done;
}
}
}
else {
/* An error occurred */
goto done;
}
i++;
}
/* Get the leftover entries in the hash table */
if (_list1_only) {
if (error != HASH_SUCCESS) {
goto done;
}
if (!list1_only) {
goto done;
}
for (i = 0; i < count; i++) {
if (!list1_only[i]) {
goto done;
}
}
}
if (_list2_only) {
if (list2_only) {
}
else {
if (!(*_list2_only)) {
goto done;
}
*_list2_only[0] = NULL;
}
}
if (_both_lists) {
if (both_lists) {
}
else {
if (!(*_both_lists)) {
goto done;
}
*_both_lists[0] = NULL;
}
}
done:
return ret;
}
{
}
{
}
unsigned long count,
hash_table_t **tbl,
unsigned int directory_bits,
unsigned int segment_bits,
unsigned long min_load_factor,
unsigned long max_load_factor,
void *delete_private_data)
{
int hret;
if (!internal_ctx) {
return ENOMEM;
}
switch (hret) {
case HASH_SUCCESS:
/* Steal the table pointer onto the mem_ctx,
* then make the internal_ctx a child of
* table.
*
* This way, we can clean up the values when
* we talloc_free() the table
*/
return EOK;
case HASH_ERROR_NO_MEMORY:
break;
default:
}
return ret;
}
hash_table_t **tbl)
{
}
const char *input,
char **sanitized,
const char *ignore)
{
char *output;
size_t i = 0;
size_t j = 0;
char *allowed;
/* Assume the worst-case. We'll resize it later, once */
if (!output) {
return ENOMEM;
}
while (input[i]) {
/* Even though this character might have a special meaning, if it's
* expliticly allowed, just copy it and move on
*/
} else {
}
if (allowed) {
continue;
}
switch(input[i]) {
case '\t':
output[j++] = '\\';
output[j++] = '0';
output[j++] = '9';
break;
case ' ':
output[j++] = '\\';
output[j++] = '2';
output[j++] = '0';
break;
case '*':
output[j++] = '\\';
output[j++] = '2';
output[j++] = 'a';
break;
case '(':
output[j++] = '\\';
output[j++] = '2';
output[j++] = '8';
break;
case ')':
output[j++] = '\\';
output[j++] = '2';
output[j++] = '9';
break;
case '\\':
output[j++] = '\\';
output[j++] = '5';
output[j++] = 'c';
break;
case '\r':
output[j++] = '\\';
output[j++] = '0';
output[j++] = 'd';
break;
case '\n':
output[j++] = '\\';
output[j++] = '0';
output[j++] = 'a';
break;
default:
}
i++;
}
output[j] = '\0';
if (!*sanitized) {
return ENOMEM;
}
return EOK;
}
const char *input,
char **sanitized)
{
}
char *
{
}
/* out->len includes terminating '\0' */
{
} else {
}
}
/* This function only removes first and last
* character if the first character was '['.
*
* NOTE: This means, that ipv6addr must NOT be followed
* by port number.
*/
{
if (len < 3) {
return EINVAL;
}
}
return EOK;
}
char ***list_p)
{
size_t c;
return EINVAL;
}
/* If the input is a NULL list a new one is created with the new
* string and the terminating NULL element. */
c = 0;
} else {
/* Allocate one extra space for the new service and one for
* the terminating NULL
*/
}
return ENOMEM;
}
return ENOMEM;
}
return EOK;
}
{
while (size--) {
*p++ = 0;
}
}
{
const char *s;
char *dn;
char *p;
int l;
return EINVAL;
}
s = domain;
while ((p = strchr(s, '.'))) {
l = p - s;
if (!dn) {
return ENOMEM;
}
s = p + 1;
}
if (!dn) {
return ENOMEM;
}
for (p=dn; *p; ++p) {
*p = tolower(*p);
}
return EOK;
}
{
return true;
}
return true;
}
return false;
}
/* addr is in network order for both IPv4 and IPv6 versions */
{
"inet_ntop failed, won't log IP addresses\n");
}
return false;
} else if ((flags & SSS_NO_LOOPBACK)
return false;
} else if ((flags & SSS_NO_LINKLOCAL)
/* 169.254.0.0/16 */
return false;
} else if ((flags & SSS_NO_BROADCAST)
return false;
}
return true;
}
{
"inet_ntop failed, won't log IP addresses\n");
}
return false;
return false;
return false;
}
return true;
}
const char * const * get_known_services(void)
{
return svc;
}
bool copy_strings, char ***_new_list)
{
size_t c;
char **new;
int ret;
}
}
return ENOMEM;
}
if (copy_strings) {
for(c = 0; c < l1_count; c++) {
goto done;
}
}
for(c = 0; c < l2_count; c++) {
goto done;
}
}
} else {
}
}
}
done:
}
return ret;
}
/* Set the nonblocking flag to the fd */
{
int flags;
int ret;
if (flags == -1) {
return ret;
}
return ret;
}
return EOK;
}
/* Convert GeneralizedTime (http://en.wikipedia.org/wiki/GeneralizedTime)
* to unix time (seconds since epoch). Use UTC time zone.
*/
{
char *end;
return EINVAL;
}
"%s does not seem to be in UTZ time zone.\n", str);
return ERR_TIMESPEC_NOT_SUPPORTED;
}
/* not all characters from format were matched */
return EINVAL;
}
/* str is 'longer' than format */
if (*end != '\0') {
return EINVAL;
}
if (ut == -1) {
"mktime failed to convert [%s].\n", str);
return EINVAL;
}
tzset();
*_unix_time = ut;
return EOK;
}
struct tmpfile_watch {
const char *filename;
};
{
if (ret != 0) {
"File already removed: [%s]\n", filename);
return 0;
} else {
"Cannot remove temporary file [%s] %d [%s]\n",
return -1;
}
}
return 0;
}
{
return -1;
}
}
const char *filename)
{
return NULL;
}
return NULL;
}
return tw;
}
char *path_tmpl,
{
"Template too short or doesn't end with XXXXXX!\n");
goto done;
}
if (fd == -1) {
"mkstemp(\"%s\") failed [%d]: %s!\n",
goto done;
}
goto done;
}
}
done:
if (_err) {
}
return fd;
}
char *path_tmpl,
{
}
{
int fd;
/* We only care about a unique file name */
if (fd >= 0) {
}
return ret;
}
{
if (cert_verify_opts == NULL) {
return NULL;
}
cert_verify_opts->do_ocsp = true;
cert_verify_opts->do_verification = true;
return cert_verify_opts;
}
#define OCSP_DEFAUL_RESPONDER_SIGNING_CERT \
"ocsp_default_responder_signing_cert="
#define OCSP_DEFAUL_RESPONDER_SIGNING_CERT_LEN \
(sizeof(OCSP_DEFAUL_RESPONDER_SIGNING_CERT) - 1)
struct cert_verify_opts **_cert_verify_opts)
{
int ret;
char **opts;
size_t c;
return ENOMEM;
}
if (cert_verify_opts == NULL) {
goto done;
}
if (verify_opts == NULL) {
goto done;
}
NULL);
goto done;
}
"Found 'no_ocsp' option, disabling OCSP.\n");
cert_verify_opts->do_ocsp = false;
"Found 'no_verification' option, "
"disabling verification completely. "
"This should not be used in production.\n");
cert_verify_opts->do_verification = false;
OCSP_DEFAUL_RESPONDER_LEN) == 0) {
&opts[c][OCSP_DEFAUL_RESPONDER_LEN]);
"Failed to parse ocsp_default_responder option [%s].\n",
opts[c]);
goto done;
}
} else if (strncasecmp(opts[c],
== '\0') {
"Failed to parse ocsp_default_responder_signing_cert "
"option [%s].\n", opts[c]);
goto done;
}
"Using OCSP default responder signing cert nickname [%s]\n",
} else {
"Unsupported certificate verification option [%s], " \
"skipping.\n", opts[c]);
}
}
"ocsp_default_responder and ocsp_default_responder_signing_cert "
"must be used together.\n");
goto done;
}
done:
}
return ret;
}
{
if (sudo_user_value == NULL) {
return false;
}
/* See man sudoers.ldap for explanation */
return false;
}
switch (sudo_user_value[0]) {
case '#': /* user id */
case '+': /* netgroup */
case '\0': /* empty value */
return false;
}
if (sudo_user_value[0] == '%') {
switch (sudo_user_value[1]) {
case '#': /* POSIX group ID */
case ':': /* non-POSIX group */
case '\0': /* empty value */
return false;
}
}
/* Now it's either a username or a groupname */
return true;
}
bool is_socket_activated(void)
{
#ifdef HAVE_SYSTEMD
return !!socket_activated;
#else
return false;
#endif
}
bool is_dbus_activated(void)
{
#ifdef HAVE_SYSTEMD
return !!dbus_activated;
#else
return false;
#endif
}