sd-path: expose credential store in sd-path

diff --git a/src/libsystemd/sd-path/sd-path.c b/src/libsystemd/sd-path/sd-path.c
index a2f03f52e92ea357f2615e53224c6beebccfe300..d53635203838448f6e654e691219d003cb8db7f4 100644 (file)
--- a/src/libsystemd/sd-path/sd-path.c
+++ b/src/libsystemd/sd-path/sd-path.c
@@ -36,7 +36,12 @@ static int from_environment(const char *envname, const char *fallback, const cha
         return -ENXIO;
 }
 
-static int from_home_dir(const char *envname, const char *suffix, char **buffer, const char **ret) {
+static int from_home_dir(
+                const char *envname,
+                const char *suffix,
+                char **buffer,
+                const char **ret) {
+
         _cleanup_free_ char *h = NULL;
         int r;
 
@@ -350,6 +355,30 @@ static int get_path(uint64_t type, char **buffer, const char **ret) {
         case SD_PATH_SYSTEMD_USER_ENVIRONMENT_GENERATOR:
                 *ret = USER_ENV_GENERATOR_DIR;
                 return 0;
+
+        case SD_PATH_SYSTEM_CREDENTIAL_STORE:
+                *ret = "/etc/credstore";
+                return 0;
+
+        case SD_PATH_SYSTEM_CREDENTIAL_STORE_ENCRYPTED:
+                *ret = "/etc/credstore.encrypted";
+                return 0;
+
+        case SD_PATH_USER_CREDENTIAL_STORE:
+                r = xdg_user_config_dir("credstore", buffer);
+                if (r < 0)
+                        return r;
+
+                *ret = *buffer;
+                return 0;
+
+        case SD_PATH_USER_CREDENTIAL_STORE_ENCRYPTED:
+                r = xdg_user_config_dir("credstore.encrypted", buffer);
+                if (r < 0)
+                        return r;
+
+                *ret = *buffer;
+                return 0;
         }
 
         return -EOPNOTSUPP;
@@ -601,8 +630,55 @@ static int get_search(uint64_t type, char ***ret) {
         case SD_PATH_SYSTEMD_SEARCH_NETWORK:
                 return strv_from_nulstr(ret, NETWORK_DIRS_NULSTR);
 
+        case SD_PATH_SYSTEM_SEARCH_CREDENTIAL_STORE:
+        case SD_PATH_SYSTEM_SEARCH_CREDENTIAL_STORE_ENCRYPTED: {
+                const char *suffix =
+                        type == SD_PATH_SYSTEM_SEARCH_CREDENTIAL_STORE_ENCRYPTED ? "credstore.encrypted" : "credstore";
+
+                _cleanup_strv_free_ char **l = NULL;
+                FOREACH_STRING(d, CONF_PATHS("")) {
+                        char *j = path_join(d, suffix);
+                        if (!j)
+                                return -ENOMEM;
+
+                        r = strv_consume(&l, TAKE_PTR(j));
+                        if (r < 0)
+                                return r;
+                }
+
+                *ret = TAKE_PTR(l);
+                return 0;
         }
 
+        case SD_PATH_USER_SEARCH_CREDENTIAL_STORE:
+        case SD_PATH_USER_SEARCH_CREDENTIAL_STORE_ENCRYPTED: {
+                const char *suffix =
+                        type == SD_PATH_USER_SEARCH_CREDENTIAL_STORE_ENCRYPTED ? "credstore.encrypted" : "credstore";
+
+                static const uint64_t dirs[] = {
+                        SD_PATH_USER_CONFIGURATION,
+                        SD_PATH_USER_RUNTIME,
+                        SD_PATH_USER_LIBRARY_PRIVATE,
+                };
+
+                _cleanup_strv_free_ char **l = NULL;
+                FOREACH_ELEMENT(d, dirs) {
+                        _cleanup_free_ char *p = NULL;
+                        r = sd_path_lookup(*d, suffix, &p);
+                        if (r == -ENXIO)
+                                continue;
+                        if (r < 0)
+                                return r;
+
+                        r = strv_consume(&l, TAKE_PTR(p));
+                        if (r < 0)
+                                return r;
+                }
+
+                *ret = TAKE_PTR(l);
+                return 0;
+        }}
+
         return -EOPNOTSUPP;
 }
 

diff --git a/src/path/path.c b/src/path/path.c
index ad65437c8fe912826d819c4ec323dbb8d818365c..6ca2bd8c3885e002e875903135c4146d7a5b6990 100644 (file)
--- a/src/path/path.c
+++ b/src/path/path.c
@@ -102,6 +102,16 @@ static const char* const path_table[_SD_PATH_MAX] = {
         [SD_PATH_SYSTEMD_USER_ENVIRONMENT_GENERATOR]          = "systemd-user-environment-generator",
         [SD_PATH_SYSTEMD_SEARCH_SYSTEM_ENVIRONMENT_GENERATOR] = "systemd-search-system-environment-generator",
         [SD_PATH_SYSTEMD_SEARCH_USER_ENVIRONMENT_GENERATOR]   = "systemd-search-user-environment-generator",
+
+        [SD_PATH_SYSTEM_CREDENTIAL_STORE]                     = "system-credential-store",
+        [SD_PATH_SYSTEM_SEARCH_CREDENTIAL_STORE]              = "system-search-credential-store",
+        [SD_PATH_SYSTEM_CREDENTIAL_STORE_ENCRYPTED]           = "system-credential-store-encrypted",
+        [SD_PATH_SYSTEM_SEARCH_CREDENTIAL_STORE_ENCRYPTED]    = "system-search-credential-store-encrypted",
+        [SD_PATH_USER_CREDENTIAL_STORE]                       = "user-credential-store",
+        [SD_PATH_USER_SEARCH_CREDENTIAL_STORE]                = "user-search-credential-store",
+        [SD_PATH_USER_CREDENTIAL_STORE_ENCRYPTED]             = "user-credential-store-encrypted",
+        [SD_PATH_USER_SEARCH_CREDENTIAL_STORE_ENCRYPTED]      = "user-search-credential-store-encrypted",
+
 };
 
 static int order_cmp(const size_t *a, const size_t *b) {

diff --git a/src/systemd/sd-path.h b/src/systemd/sd-path.h
index 820116a6f8ba8a4508c99e6b9a0d64728b064ac0..bd3a60150cdb92684dc20d83771d8642dee56d92 100644 (file)
--- a/src/systemd/sd-path.h
+++ b/src/systemd/sd-path.h
@@ -120,6 +120,16 @@ enum {
 
         SD_PATH_USER_STATE_PRIVATE,
 
+        /* credential store */
+        SD_PATH_SYSTEM_CREDENTIAL_STORE,
+        SD_PATH_SYSTEM_SEARCH_CREDENTIAL_STORE,
+        SD_PATH_SYSTEM_CREDENTIAL_STORE_ENCRYPTED,
+        SD_PATH_SYSTEM_SEARCH_CREDENTIAL_STORE_ENCRYPTED,
+        SD_PATH_USER_CREDENTIAL_STORE,
+        SD_PATH_USER_SEARCH_CREDENTIAL_STORE,
+        SD_PATH_USER_CREDENTIAL_STORE_ENCRYPTED,
+        SD_PATH_USER_SEARCH_CREDENTIAL_STORE_ENCRYPTED,
+
         _SD_PATH_MAX
 };