From: Michal Koutný Date: Fri, 28 Feb 2025 14:28:04 +0000 (+0100) Subject: user-record: Make user and group matching functions total X-Git-Tag: v258-rc1~1199^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=75e2d70eef97e92499e658829f7c3e3b4d82e4de;p=thirdparty%2Fsystemd.git user-record: Make user and group matching functions total Since we can evaluate even the case with invalid ids (non-matching) we can switch the function to pure boolean with no error cases and simpler (none) return error handling. --- diff --git a/src/shared/group-record.c b/src/shared/group-record.c index 76d23259ce6..04989eb63aa 100644 --- a/src/shared/group-record.c +++ b/src/shared/group-record.c @@ -344,7 +344,7 @@ bool group_record_matches_group_name(const GroupRecord *g, const char *group_nam return false; } -int group_record_match(GroupRecord *h, const UserDBMatch *match) { +bool group_record_match(GroupRecord *h, const UserDBMatch *match) { assert(h); if (!match) diff --git a/src/shared/group-record.h b/src/shared/group-record.h index 5705fe25116..ee8d3995779 100644 --- a/src/shared/group-record.h +++ b/src/shared/group-record.h @@ -43,7 +43,7 @@ int group_record_load(GroupRecord *h, sd_json_variant *v, UserRecordLoadFlags fl int group_record_build(GroupRecord **ret, ...); int group_record_clone(GroupRecord *g, UserRecordLoadFlags flags, GroupRecord **ret); -int group_record_match(GroupRecord *h, const UserDBMatch *match); +bool group_record_match(GroupRecord *h, const UserDBMatch *match); const char* group_record_group_name_and_realm(GroupRecord *h); UserDisposition group_record_disposition(GroupRecord *h); diff --git a/src/shared/user-record.c b/src/shared/user-record.c index 4c8e41cd895..89ba2fbef4c 100644 --- a/src/shared/user-record.c +++ b/src/shared/user-record.c @@ -2769,7 +2769,7 @@ bool user_name_fuzzy_match(const char *names[], size_t n_names, char **matches) return false; } -int user_record_match(UserRecord *u, const UserDBMatch *match) { +bool user_record_match(UserRecord *u, const UserDBMatch *match) { assert(u); if (!match) diff --git a/src/shared/user-record.h b/src/shared/user-record.h index 8f58c5ca93d..fcd26855548 100644 --- a/src/shared/user-record.h +++ b/src/shared/user-record.h @@ -532,7 +532,7 @@ static inline void userdb_match_done(UserDBMatch *match) { } bool user_name_fuzzy_match(const char *names[], size_t n_names, char **matches); -int user_record_match(UserRecord *u, const UserDBMatch *match); +bool user_record_match(UserRecord *u, const UserDBMatch *match); bool user_record_matches_user_name(const UserRecord *u, const char *username); diff --git a/src/shared/userdb.c b/src/shared/userdb.c index 18b98685dbd..a420504b0c0 100644 --- a/src/shared/userdb.c +++ b/src/shared/userdb.c @@ -915,10 +915,7 @@ int userdb_by_name(const char *name, const UserDBMatch *match, UserDBFlags flags /* NB: we always apply our own filtering here, explicitly, regardless if the server supported it or * not. It's more robust this way, we never know how carefully the server is written, and whether it * properly implements all details of the filtering logic. */ - r = user_record_match(ur, match); - if (r < 0) - return r; - if (r == 0) + if (!user_record_match(ur, match)) return -ENOEXEC; if (ret) @@ -1001,10 +998,7 @@ int userdb_by_uid(uid_t uid, const UserDBMatch *match, UserDBFlags flags, UserRe return r; } - r = user_record_match(ur, match); - if (r < 0) - return r; - if (r == 0) + if (!user_record_match(ur, match)) return -ENOEXEC; if (ret) @@ -1347,10 +1341,7 @@ int groupdb_by_name(const char *name, const UserDBMatch *match, UserDBFlags flag } /* As above, we apply our own client-side filtering even if server-side filtering worked, for robustness and simplicity reasons. */ - r = group_record_match(gr, match); - if (r < 0) - return r; - if (r == 0) + if (!group_record_match(gr, match)) return -ENOEXEC; if (ret) @@ -1432,10 +1423,7 @@ int groupdb_by_gid(gid_t gid, const UserDBMatch *match, UserDBFlags flags, Group return r; } - r = group_record_match(gr, match); - if (r < 0) - return r; - if (r == 0) + if (!group_record_match(gr, match)) return -ENOEXEC; if (ret)