commit 3b759a5229fcfaaf3732f296bdda279507ef1081
parent 20e3aaaf3c753fd20d6f9df92e950d3e0cb18f53
Author: Jan Pobrislo <ccx@te2000.cz>
Date: Thu, 7 Nov 2024 18:25:01 +0000
miniroon: WIP environment handling
Diffstat:
| M | src/miniroon.c | | | 51 | ++++++++++++++++++++++++++++++++++++++++++++++++--- |
1 file changed, 48 insertions(+), 3 deletions(-)
diff --git a/src/miniroon.c b/src/miniroon.c
@@ -13,6 +13,8 @@
#include <skalibs/uint64.h>
#include <skalibs/blake2s.h>
#include <skalibs/sha256.h>
+#include <skalibs/stralloc.h>
+#include <skalibs/env.h>
#define USAGE "miniroon directory"
#define PROG "miniroon"
@@ -46,20 +48,37 @@ typedef struct miniroon_header_s {
} miniroon_header;
+typedef struct miniroon_env_entry_s {
+ const bytebuffer name;
+ const bytebuffer value;
+ enum miniroon_env_state {
+ ENV_NO_CHANGE = 0,
+ ENV_SET = 1,
+ ENV_REMOVE = 2
+ } state;
+} miniroon_env_entry;
+
+typedef struct miniroon_env_map_s {
+ miniroon_env_entry env[MAX_ENV_ALLOW];
+ size_t env_count;
+} miniroon_env_map;
+
typedef struct miniroon_data_s {
miniroon_header hdr;
- bytebuffer env_allow[MAX_ENV_ALLOW];
bytebuffer caveats[MAX_CAVEATS];
- size_t env_count;
size_t caveat_count;
} miniroon_data;
/* declarations */
void dbg_print_bb(const bytebuffer bb);
void dbg_print_bb1(const char *text, const bytebuffer bb);
+void miniroon_env_map_init(miniroon_env_map *emap);
+void miniroon_env_map_add(miniroon_env_map *emap, const bytebuffer name);
+int miniroon_env_map_find(miniroon_env_map *emap, const bytebuffer name);
void miniroon_data_init(miniroon_data *data);
void process_payload(const bytebuffer payload);
void process_header(miniroon_header *header, const bytebuffer source);
+void validate_caveats(miniroon_data *data);
void read_secret(const bytebuffer secret); // TODO
void hmac_b2s_256(const bytebuffer key, const bytebuffer msg, const bytebuffer output);
void hmac_sha2_256(const bytebuffer key, const bytebuffer msg, const bytebuffer output);
@@ -144,6 +163,7 @@ bool netstring_chunk_next (netstring_chunk *c) {
void miniroon_data_init(miniroon_data *data) {
memset(data, 0, sizeof(miniroon_data));
+ // data->env_modif = STRALLOC_ZERO ;
}
void fd_block(int fd) {
@@ -247,7 +267,7 @@ void read_payload(const bytebuffer bb) {
void read_secret(const bytebuffer secret){
assert(secret.len == MINIROON_HMAC_SIZE);
size_t bytes_read = 0;
- int secret_fd = open("secret", O_RDONLY);
+ int secret_fd = openc_readb("secret");
if (secret_fd < 0) {
strerr_dief1sys(111, "open(secret)");
}
@@ -270,6 +290,29 @@ void read_secret(const bytebuffer secret){
}
}
+void miniroon_env_map_init(miniroon_env_map *emap) {
+ memset(emap, 0, sizeof(miniroon_env_map));
+}
+void miniroon_env_map_add(miniroon_env_map *emap, const bytebuffer name);
+// TODO
+int miniroon_env_map_find(miniroon_env_map *emap, const bytebuffer name);
+// TODO
+
+void validate_caveats(miniroon_data *md) {
+ miniroon_env_map emap;
+ miniroon_env_map_init(&emap);
+ // stralloc env_modif;
+
+ int env_allow_fd = openc_readb("env.allow");
+ if (env_allow_fd < 0) {
+ strerr_dief1sys(111, "open(env.allow)");
+ }
+
+ if(close(env_allow_fd) != 0) {
+ strerr_dief1sys(111, "close(env_allow_fd)");
+ }
+}
+
void process_payload(const bytebuffer payload) {
miniroon_data md;
miniroon_data_init(&md);
@@ -323,6 +366,8 @@ void process_payload(const bytebuffer payload) {
strerr_dief1x(111, "Invalid miniroon signature");
}
+ validate_caveats(&md);
+
/* iff everything validated correctly */
// TODO: pass unused argv from main() ?
char cmd[] = "./run";
