From: Lennart Poettering Date: Tue, 10 Dec 2024 13:34:41 +0000 (+0100) Subject: sd-path: expose credential store in sd-path X-Git-Tag: v258-rc1~1795^2~5 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d2cd18932422563c12a6f6e7f3019750784705ab;p=thirdparty%2Fsystemd.git sd-path: expose credential store in sd-path --- diff --git a/src/libsystemd/sd-path/sd-path.c b/src/libsystemd/sd-path/sd-path.c index a2f03f52e92..d5363520383 100644 --- a/src/libsystemd/sd-path/sd-path.c +++ b/src/libsystemd/sd-path/sd-path.c @@ -36,7 +36,12 @@ static int from_environment(const char *envname, const char *fallback, const cha return -ENXIO; } -static int from_home_dir(const char *envname, const char *suffix, char **buffer, const char **ret) { +static int from_home_dir( + const char *envname, + const char *suffix, + char **buffer, + const char **ret) { + _cleanup_free_ char *h = NULL; int r; @@ -350,6 +355,30 @@ static int get_path(uint64_t type, char **buffer, const char **ret) { case SD_PATH_SYSTEMD_USER_ENVIRONMENT_GENERATOR: *ret = USER_ENV_GENERATOR_DIR; return 0; + + case SD_PATH_SYSTEM_CREDENTIAL_STORE: + *ret = "/etc/credstore"; + return 0; + + case SD_PATH_SYSTEM_CREDENTIAL_STORE_ENCRYPTED: + *ret = "/etc/credstore.encrypted"; + return 0; + + case SD_PATH_USER_CREDENTIAL_STORE: + r = xdg_user_config_dir("credstore", buffer); + if (r < 0) + return r; + + *ret = *buffer; + return 0; + + case SD_PATH_USER_CREDENTIAL_STORE_ENCRYPTED: + r = xdg_user_config_dir("credstore.encrypted", buffer); + if (r < 0) + return r; + + *ret = *buffer; + return 0; } return -EOPNOTSUPP; @@ -601,8 +630,55 @@ static int get_search(uint64_t type, char ***ret) { case SD_PATH_SYSTEMD_SEARCH_NETWORK: return strv_from_nulstr(ret, NETWORK_DIRS_NULSTR); + case SD_PATH_SYSTEM_SEARCH_CREDENTIAL_STORE: + case SD_PATH_SYSTEM_SEARCH_CREDENTIAL_STORE_ENCRYPTED: { + const char *suffix = + type == SD_PATH_SYSTEM_SEARCH_CREDENTIAL_STORE_ENCRYPTED ? "credstore.encrypted" : "credstore"; + + _cleanup_strv_free_ char **l = NULL; + FOREACH_STRING(d, CONF_PATHS("")) { + char *j = path_join(d, suffix); + if (!j) + return -ENOMEM; + + r = strv_consume(&l, TAKE_PTR(j)); + if (r < 0) + return r; + } + + *ret = TAKE_PTR(l); + return 0; } + case SD_PATH_USER_SEARCH_CREDENTIAL_STORE: + case SD_PATH_USER_SEARCH_CREDENTIAL_STORE_ENCRYPTED: { + const char *suffix = + type == SD_PATH_USER_SEARCH_CREDENTIAL_STORE_ENCRYPTED ? "credstore.encrypted" : "credstore"; + + static const uint64_t dirs[] = { + SD_PATH_USER_CONFIGURATION, + SD_PATH_USER_RUNTIME, + SD_PATH_USER_LIBRARY_PRIVATE, + }; + + _cleanup_strv_free_ char **l = NULL; + FOREACH_ELEMENT(d, dirs) { + _cleanup_free_ char *p = NULL; + r = sd_path_lookup(*d, suffix, &p); + if (r == -ENXIO) + continue; + if (r < 0) + return r; + + r = strv_consume(&l, TAKE_PTR(p)); + if (r < 0) + return r; + } + + *ret = TAKE_PTR(l); + return 0; + }} + return -EOPNOTSUPP; } diff --git a/src/path/path.c b/src/path/path.c index ad65437c8fe..6ca2bd8c388 100644 --- a/src/path/path.c +++ b/src/path/path.c @@ -102,6 +102,16 @@ static const char* const path_table[_SD_PATH_MAX] = { [SD_PATH_SYSTEMD_USER_ENVIRONMENT_GENERATOR] = "systemd-user-environment-generator", [SD_PATH_SYSTEMD_SEARCH_SYSTEM_ENVIRONMENT_GENERATOR] = "systemd-search-system-environment-generator", [SD_PATH_SYSTEMD_SEARCH_USER_ENVIRONMENT_GENERATOR] = "systemd-search-user-environment-generator", + + [SD_PATH_SYSTEM_CREDENTIAL_STORE] = "system-credential-store", + [SD_PATH_SYSTEM_SEARCH_CREDENTIAL_STORE] = "system-search-credential-store", + [SD_PATH_SYSTEM_CREDENTIAL_STORE_ENCRYPTED] = "system-credential-store-encrypted", + [SD_PATH_SYSTEM_SEARCH_CREDENTIAL_STORE_ENCRYPTED] = "system-search-credential-store-encrypted", + [SD_PATH_USER_CREDENTIAL_STORE] = "user-credential-store", + [SD_PATH_USER_SEARCH_CREDENTIAL_STORE] = "user-search-credential-store", + [SD_PATH_USER_CREDENTIAL_STORE_ENCRYPTED] = "user-credential-store-encrypted", + [SD_PATH_USER_SEARCH_CREDENTIAL_STORE_ENCRYPTED] = "user-search-credential-store-encrypted", + }; static int order_cmp(const size_t *a, const size_t *b) { diff --git a/src/systemd/sd-path.h b/src/systemd/sd-path.h index 820116a6f8b..bd3a60150cd 100644 --- a/src/systemd/sd-path.h +++ b/src/systemd/sd-path.h @@ -120,6 +120,16 @@ enum { SD_PATH_USER_STATE_PRIVATE, + /* credential store */ + SD_PATH_SYSTEM_CREDENTIAL_STORE, + SD_PATH_SYSTEM_SEARCH_CREDENTIAL_STORE, + SD_PATH_SYSTEM_CREDENTIAL_STORE_ENCRYPTED, + SD_PATH_SYSTEM_SEARCH_CREDENTIAL_STORE_ENCRYPTED, + SD_PATH_USER_CREDENTIAL_STORE, + SD_PATH_USER_SEARCH_CREDENTIAL_STORE, + SD_PATH_USER_CREDENTIAL_STORE_ENCRYPTED, + SD_PATH_USER_SEARCH_CREDENTIAL_STORE_ENCRYPTED, + _SD_PATH_MAX };