return 1;
} else if (STR_IN_SET(name, "SetCredential", "SetCredentialEncrypted")) {
+ bool encrypted = endswith(name, "Encrypted");
bool isempty = true;
r = sd_bus_message_enter_container(message, 'a', "(say)");
const char *id;
const void *p;
size_t sz;
+ const char *err = NULL;
r = sd_bus_message_enter_container(message, 'r', "say");
if (r < 0)
if (r < 0)
return r;
- if (!credential_name_valid(id))
- return sd_bus_error_setf(reterr_error, SD_BUS_ERROR_INVALID_ARGS, "Credential ID is invalid: %s", id);
-
isempty = false;
- if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
- bool encrypted = endswith(name, "Encrypted");
- _cleanup_free_ char *a = NULL, *b = NULL;
- _cleanup_free_ void *copy = NULL;
-
- copy = memdup(p, sz);
- if (!copy)
- return -ENOMEM;
-
- a = specifier_escape(id);
- if (!a)
- return -ENOMEM;
-
- b = cescape_length(p, sz);
- if (!b)
- return -ENOMEM;
-
- r = exec_context_put_set_credential(c, id, TAKE_PTR(copy), sz, encrypted);
- if (r < 0)
- return r;
-
- (void) unit_write_settingf(u, flags, name, "%s=%s:%s", name, a, b);
- }
+ r = exec_context_apply_set_credential(u, c, id, p, sz, encrypted, flags, &err);
+ if (r == -EINVAL)
+ return sd_bus_error_setf(reterr_error, SD_BUS_ERROR_INVALID_ARGS, "%s: %s", err, id);
+ if (r < 0)
+ return r;
}
r = sd_bus_message_exit_container(message);
#include "cgroup-setup.h"
#include "coredump-util.h"
#include "cpu-set-util.h"
+#include "creds-util.h"
#include "dissect-image.h"
#include "dynamic-user.h"
#include "env-file.h"
#include "env-util.h"
#include "escape.h"
+#include "exec-credential.h"
#include "execute.h"
#include "execute-serialize.h"
#include "fd-util.h"
#include "serialize.h"
#include "set.h"
#include "sort-util.h"
+#include "specifier.h"
#include "string-table.h"
#include "string-util.h"
#include "strv.h"
return 0;
}
+int exec_context_apply_set_credential(
+ Unit *u,
+ ExecContext *c,
+ const char *id,
+ const void *data,
+ size_t size,
+ bool encrypted,
+ UnitWriteFlags flags,
+ const char **reterr_message) {
+
+ int r;
+
+ assert(u);
+ assert(c);
+ assert(id);
+ assert(data || size == 0);
+
+ if (!credential_name_valid(id)) {
+ if (reterr_message)
+ *reterr_message = "Credential ID is invalid";
+ return -EINVAL;
+ }
+
+ if (UNIT_WRITE_FLAGS_NOOP(flags))
+ return 0;
+
+ _cleanup_free_ void *copy = memdup(data, size);
+ if (!copy)
+ return -ENOMEM;
+
+ _cleanup_free_ char *escaped_id = specifier_escape(id);
+ if (!escaped_id)
+ return -ENOMEM;
+
+ _cleanup_free_ char *escaped_value = cescape_length(data, size);
+ if (!escaped_value)
+ return -ENOMEM;
+
+ r = exec_context_put_set_credential(c, id, TAKE_PTR(copy), size, encrypted);
+ if (r < 0)
+ return r;
+
+ const char *name = encrypted ? "SetCredentialEncrypted" : "SetCredential";
+ unit_write_settingf(u, flags, name, "%s=%s:%s", name, escaped_id, escaped_value);
+ return 0;
+}
+
int exec_context_destroy_runtime_directory(const ExecContext *c, const char *runtime_prefix) {
assert(c);
void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix);
int exec_context_apply_environment(Unit *u, ExecContext *c, char **env, UnitWriteFlags flags);
+int exec_context_apply_set_credential(Unit *u, ExecContext *c, const char *id, const void *data, size_t size, bool encrypted, UnitWriteFlags flags, const char **reterr_message);
int exec_context_destroy_runtime_directory(const ExecContext *c, const char *runtime_prefix);
int exec_context_destroy_mount_ns_dir(Unit *u);
projects / thirdparty / systemd.git / commitdiff
