From: Zbigniew Jędrzejewski-Szmek Date: Fri, 27 Jun 2025 12:02:27 +0000 (+0200) Subject: shared/bus-unit-util: define helper for SetCredential=/SetCredentialEncrypted= X-Git-Tag: v258-rc1~183^2~44 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=82e009a212770aea0dc57d55cd07a3b07694edc8;p=thirdparty%2Fsystemd.git shared/bus-unit-util: define helper for SetCredential=/SetCredentialEncrypted= --- diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c index 774dbc78d41..04db19aa475 100644 --- a/src/shared/bus-unit-util.c +++ b/src/shared/bus-unit-util.c @@ -982,6 +982,89 @@ static int bus_append_environment_files(sd_bus_message *m, const char *field, co return 1; } +static int bus_append_set_credential(sd_bus_message *m, const char *field, const char *eq) { + int r; + + r = sd_bus_message_open_container(m, 'r', "sv"); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_append_basic(m, 's', field); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_open_container(m, 'v', "a(say)"); + if (r < 0) + return bus_log_create_error(r); + + if (isempty(eq)) + r = sd_bus_message_append(m, "a(say)", 0); + else { + _cleanup_free_ char *word = NULL; + const char *p = eq; + + r = extract_first_word(&p, &word, ":", EXTRACT_DONT_COALESCE_SEPARATORS); + if (r == -ENOMEM) + return log_oom(); + if (r < 0) + return log_error_errno(r, "Failed to parse %s= parameter: %s", field, eq); + if (r == 0 || !p) + return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Missing argument to %s=.", field); + + r = sd_bus_message_open_container(m, 'a', "(say)"); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_open_container(m, 'r', "say"); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_append(m, "s", word); + if (r < 0) + return bus_log_create_error(r); + + if (streq(field, "SetCredentialEncrypted")) { + _cleanup_free_ void *decoded = NULL; + size_t decoded_size; + + r = unbase64mem(p, &decoded, &decoded_size); + if (r < 0) + return log_error_errno(r, "Failed to base64 decode encrypted credential: %m"); + + r = sd_bus_message_append_array(m, 'y', decoded, decoded_size); + } else { + _cleanup_free_ char *unescaped = NULL; + ssize_t l; + + l = cunescape(p, UNESCAPE_ACCEPT_NUL, &unescaped); + if (l < 0) + return log_error_errno(l, "Failed to unescape %s= value: %s", field, p); + + r = sd_bus_message_append_array(m, 'y', unescaped, l); + } + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_close_container(m); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_close_container(m); + } + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_close_container(m); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_close_container(m); + if (r < 0) + return bus_log_create_error(r); + + return 1; +} + static int bus_append_cgroup_property(sd_bus_message *m, const char *field, const char *eq) { if (STR_IN_SET(field, "DevicePolicy", "Slice", @@ -1252,87 +1335,9 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con if (streq(field, "EnvironmentFile")) return bus_append_environment_files(m, field, eq); + if (STR_IN_SET(field, "SetCredential", "SetCredentialEncrypted")) + return bus_append_set_credential(m, field, eq); - if (STR_IN_SET(field, "SetCredential", "SetCredentialEncrypted")) { - r = sd_bus_message_open_container(m, 'r', "sv"); - if (r < 0) - return bus_log_create_error(r); - - r = sd_bus_message_append_basic(m, 's', field); - if (r < 0) - return bus_log_create_error(r); - - r = sd_bus_message_open_container(m, 'v', "a(say)"); - if (r < 0) - return bus_log_create_error(r); - - if (isempty(eq)) - r = sd_bus_message_append(m, "a(say)", 0); - else { - _cleanup_free_ char *word = NULL; - const char *p = eq; - - r = extract_first_word(&p, &word, ":", EXTRACT_DONT_COALESCE_SEPARATORS); - if (r == -ENOMEM) - return log_oom(); - if (r < 0) - return log_error_errno(r, "Failed to parse %s= parameter: %s", field, eq); - if (r == 0 || !p) - return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Missing argument to %s=.", field); - - r = sd_bus_message_open_container(m, 'a', "(say)"); - if (r < 0) - return bus_log_create_error(r); - - r = sd_bus_message_open_container(m, 'r', "say"); - if (r < 0) - return bus_log_create_error(r); - - r = sd_bus_message_append(m, "s", word); - if (r < 0) - return bus_log_create_error(r); - - if (streq(field, "SetCredentialEncrypted")) { - _cleanup_free_ void *decoded = NULL; - size_t decoded_size; - - r = unbase64mem(p, &decoded, &decoded_size); - if (r < 0) - return log_error_errno(r, "Failed to base64 decode encrypted credential: %m"); - - r = sd_bus_message_append_array(m, 'y', decoded, decoded_size); - } else { - _cleanup_free_ char *unescaped = NULL; - ssize_t l; - - l = cunescape(p, UNESCAPE_ACCEPT_NUL, &unescaped); - if (l < 0) - return log_error_errno(l, "Failed to unescape %s= value: %s", field, p); - - r = sd_bus_message_append_array(m, 'y', unescaped, l); - } - if (r < 0) - return bus_log_create_error(r); - - r = sd_bus_message_close_container(m); - if (r < 0) - return bus_log_create_error(r); - - r = sd_bus_message_close_container(m); - } - if (r < 0) - return bus_log_create_error(r); - - r = sd_bus_message_close_container(m); - if (r < 0) - return bus_log_create_error(r); - - r = sd_bus_message_close_container(m); - if (r < 0) - return bus_log_create_error(r); - - return 1; - } if (STR_IN_SET(field, "LoadCredential", "LoadCredentialEncrypted")) { r = sd_bus_message_open_container(m, 'r', "sv");