From: Zbigniew Jędrzejewski-Szmek Date: Fri, 27 Jun 2025 12:03:32 +0000 (+0200) Subject: shared/bus-unit-util: add helper for ImportCredentialEx= and fix naming confusion X-Git-Tag: v258-rc1~183^2~42 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4b98aeb6ef61b270ad01b44a56d4efc51c1845af;p=thirdparty%2Fsystemd.git shared/bus-unit-util: add helper for ImportCredentialEx= and fix naming confusion We add D-Bus properties like "*Ex" because we cannot change the D-Bus property type without breaking backward comapatibility. But those names are only for D-Bus, not for config file stanzas or the command-line parser. There, we can change the type, or in other words, there is no type, just a free-form string whose interpretation we can extend or change. Commit 831f208783aeac443e6f2fc2efc3119535a032ef that added ProtectHostnameEx was confused, because it added ImportCredentialEx in places where parsing of ImportCredential should be have been extended. On D-Bus, we send ImportCrednential in preference, and ImportCredentialEx only when required. This way we send less bytes on the wire and support older systems that don't understand the new property. Partially resolves https://github.com/systemd/systemd/issues/37174. --- diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c index cda870cc0fd..aa61ab8dbc8 100644 --- a/src/shared/bus-unit-util.c +++ b/src/shared/bus-unit-util.c @@ -1113,6 +1113,56 @@ static int bus_append_load_credential(sd_bus_message *m, const char *field, cons return 1; } +static int bus_append_import_credential(sd_bus_message *m, const char *field, const char *eq) { + int r; + + if (isempty(eq)) + r = sd_bus_message_append(m, "(sv)", "ImportCredential", "as", 0); + else { + _cleanup_free_ char *word = NULL; + const char *p = eq; + + r = extract_first_word(&p, &word, ":", EXTRACT_DONT_COALESCE_SEPARATORS); + if (r == -ENOMEM) + return log_oom(); + if (r < 0) + return log_error_errno(r, "Failed to parse %s= parameter: %s", field, eq); + if (r == 0) + return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Missing argument to %s=.", field); + + if (!p) + r = sd_bus_message_append(m, "(sv)", "ImportCredential", "as", 1, eq); + else { + /* We need to send ImportCredentialEx */ + r = sd_bus_message_open_container(m, 'r', "sv"); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_append_basic(m, 's', "ImportCredentialEx"); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_open_container(m, 'v', "a(ss)"); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_append(m, "a(ss)", 1, word, p); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_close_container(m); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_close_container(m); + } + } + if (r < 0) + return bus_log_create_error(r); + + return 1; +} + static int bus_append_cgroup_property(sd_bus_message *m, const char *field, const char *eq) { if (STR_IN_SET(field, "DevicePolicy", "Slice", @@ -1389,59 +1439,8 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con if (STR_IN_SET(field, "LoadCredential", "LoadCredentialEncrypted")) return bus_append_load_credential(m, field, eq); - if (streq(field, "ImportCredential")) { - if (isempty(eq)) - r = sd_bus_message_append(m, "(sv)", field, "as", 0); - else - r = sd_bus_message_append(m, "(sv)", field, "as", 1, eq); - if (r < 0) - return bus_log_create_error(r); - - return 1; - } - - if (streq(field, "ImportCredentialEx")) { - r = sd_bus_message_open_container(m, 'r', "sv"); - if (r < 0) - return bus_log_create_error(r); - - r = sd_bus_message_append_basic(m, 's', field); - if (r < 0) - return bus_log_create_error(r); - - r = sd_bus_message_open_container(m, 'v', "a(ss)"); - if (r < 0) - return bus_log_create_error(r); - - if (isempty(eq)) - r = sd_bus_message_append(m, "a(ss)", 0); - else { - _cleanup_free_ char *word = NULL; - const char *p = eq; - - r = extract_first_word(&p, &word, ":", EXTRACT_DONT_COALESCE_SEPARATORS); - if (r == -ENOMEM) - return log_oom(); - if (r < 0) - return log_error_errno(r, "Failed to parse %s= parameter: %s", field, eq); - if (r == 0) - return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Missing argument to %s=.", field); - - r = sd_bus_message_append(m, "a(ss)", 1, word, p); - } - if (r < 0) - return bus_log_create_error(r); - - r = sd_bus_message_close_container(m); - if (r < 0) - return bus_log_create_error(r); - - r = sd_bus_message_close_container(m); - if (r < 0) - return bus_log_create_error(r); - - return 1; - } + if (STR_IN_SET(field, "ImportCredential", "ImportCredentialEx")) + return bus_append_import_credential(m, field, eq); if (streq(field, "LogExtraFields")) { r = sd_bus_message_open_container(m, 'r', "sv");