commit d24673d64ec2257dc8362ab75ccd9b0c9f0f6353
parent 58a8777908b56e21dcd4eabfc10eb92de259a0e7
Author: Jan Pobrislo <ccx@te2000.cz>
Date: Wed, 4 Dec 2024 06:35:19 +0000
Can set environment now. Fixed blocking input mode setup.
Diffstat:
8 files changed, 72 insertions(+), 13 deletions(-)
diff --git a/cc b/cc
@@ -1,5 +1,5 @@
#!/bin/sh -xe
exec gcc -D_GNU_SOURCE -Werror \
-pipe -std=c11 -fno-exceptions -fno-unwind-tables -fno-asynchronous-unwind-tables -ffunction-sections -fdata-sections \
- "$@" -static
+ "$@" -static -g
# -Wall
diff --git a/src/caveat_env_absent.c b/src/caveat_env_absent.c
@@ -28,7 +28,7 @@ void miniroon_caveat_prepare_env_absent(netstring_chunk *c, miniroon_caveats_sta
}
switch(entry->state) {
case ENV_NO_CHANGE:
- entry->state = ENV_SET;
+ entry->state = ENV_REMOVE;
break;
case ENV_REMOVE:
break;
diff --git a/src/caveats.c b/src/caveats.c
@@ -12,6 +12,10 @@ void miniroon_caveats_state_init(miniroon_caveats_state *state) {
miniroon_env_map_init(&state->emap);
};
+void miniroon_caveats_state_exec(miniroon_caveats_state *state, char const *const *argv) {
+ miniroon_env_map_exec(&state->emap, argv);
+};
+
miniroon_caveat_type caveat_get_type(netstring_chunk *c, const bytebuffer caveat) {
netstring_chunk_init(c, caveat);
diff --git a/src/caveats.h b/src/caveats.h
@@ -8,6 +8,7 @@ typedef struct miniroon_caveats_state_s {
} miniroon_caveats_state;
void miniroon_caveats_state_init(miniroon_caveats_state *state);
+void miniroon_caveats_state_exec(miniroon_caveats_state *state, char const *const *argv);
void miniroon_caveat_prepare(const bytebuffer caveat, miniroon_caveats_state *state);
void miniroon_caveat_validate(const bytebuffer caveat, miniroon_caveats_state *state);
diff --git a/src/envmap.c b/src/envmap.c
@@ -2,7 +2,12 @@
#include <unistd.h> /* write() */
#include <assert.h>
+#include <skalibs/stralloc.h>
+#include <skalibs/env.h>
+#include <skalibs/exec.h>
+
#include "envmap.h"
+#include "verify_common.h"
extern char **environ;
@@ -50,5 +55,52 @@ void miniroon_env_map_init(miniroon_env_map *emap) {
}
}
+#define stralloc_catbb(sa, bb) stralloc_catb(sa, bb.data, bb.len)
+
+void env_add(stralloc *modif, miniroon_env_entry *entry) {
+ assert(entry->state == ENV_SET || entry->state == ENV_REMOVE);
+ assert(entry->name.len);
+ assert(entry->name.data);
+ for(size_t i=0; i<entry->name.len; i++) {
+ if(entry->name.data[i] == '\0') {
+ strerr_dief1x(111, "invalid environment variable name");
+ }
+ }
+ if(!stralloc_catbb(modif, entry->name)) { goto errenv; }
+ if(entry->state == ENV_SET) {
+ assert(entry->value.len);
+ assert(entry->value.data);
+ for(size_t i=0; i<entry->value.len; i++) {
+ if(entry->value.data[i] == '\0') {
+ strerr_dief1x(111, "invalid environment variable value");
+ }
+ }
+ if(!stralloc_catb(modif, "=", 1)) { goto errenv; }
+ if(!stralloc_catbb(modif, entry->value)) { goto errenv; }
+ }
+ if(!stralloc_catb(modif, "\0", 1)) { goto errenv; }
+ return;
+errenv:
+ strerr_dief1x(111, "error preparing environment");
+}
+
+void miniroon_env_map_exec(miniroon_env_map *emap, char const *const *argv) {
+ if(emap->env_count == 0) {
+ xexec(argv);
+ }
+ stralloc modif = STRALLOC_ZERO;
+ for(size_t i=0; i < emap->env_count; i++) {
+ if(emap->env[i].state == ENV_NO_CHANGE) {
+ continue;
+ }
+ env_add(&modif, &emap->env[i]);
+ }
+ if(modif.len) {
+ xmexec_m(argv, modif.s, modif.len);
+ } else {
+ xexec(argv);
+ }
+}
+
/* vim: sts=2 sw=2 et
*/
diff --git a/src/envmap.h b/src/envmap.h
@@ -24,6 +24,7 @@ void miniroon_env_map_zero(miniroon_env_map *emap);
void miniroon_env_map_init(miniroon_env_map *emap);
void miniroon_env_map_add(miniroon_env_map *emap, const bytebuffer name);
miniroon_env_entry * miniroon_env_map_find(miniroon_env_map *emap, const bytebuffer name);
+void miniroon_env_map_exec(miniroon_env_map *emap, char const *const *argv);
#endif
diff --git a/src/miniroon-read.c b/src/miniroon-read.c
@@ -29,7 +29,7 @@ void fd_block(int fd) {
if(flags == -1) {
strerr_dief1sys(111, "fcntl() getfd");
}
- if(fcntl(fd, F_SETFL, flags | ~O_NONBLOCK) < 0) {
+ if(fcntl(fd, F_SETFL, flags & ~O_NONBLOCK) < 0) {
strerr_dief1sys(111, "fcntl() setfd");
}
}
diff --git a/src/miniroon-verify.c b/src/miniroon-verify.c
@@ -32,7 +32,7 @@ typedef struct miniroon_data_s {
/* declarations */
void miniroon_data_init(miniroon_data *data);
void process_payload(const bytebuffer payload);
-void validate_caveats(miniroon_data *data);
+void validate_and_exec(miniroon_data *data);
void read_secret(const bytebuffer secret);
#define MINIROON_HMAC_SIZE 32
@@ -74,7 +74,7 @@ void read_secret(const bytebuffer secret){
}
-void validate_caveats(miniroon_data *md) {
+void validate_and_exec(miniroon_data *md) {
miniroon_caveats_state state;
miniroon_caveats_state_init(&state);
// stralloc env_modif;
@@ -87,6 +87,12 @@ void validate_caveats(miniroon_data *md) {
dbg_print_bb1("Validate caveat", md->caveats[i]);
miniroon_caveat_validate(md->caveats[i], &state);
}
+
+ /* iff everything validated correctly */
+ // TODO: pass unused argv from main() ?
+ char cmd[] = "./run";
+ const char *cmd_argv[2] = {cmd, 0};
+ miniroon_caveats_state_exec(&state, cmd_argv);
}
void process_payload(const bytebuffer payload) {
@@ -142,13 +148,8 @@ void process_payload(const bytebuffer payload) {
strerr_dief1x(111, "Invalid miniroon signature");
}
- validate_caveats(&md);
-
- /* iff everything validated correctly */
- // TODO: pass unused argv from main() ?
- char cmd[] = "./run";
- const char *cmd_argv[2] = {cmd, 0};
- xexec(cmd_argv);
+ validate_and_exec(&md);
+ strerr_dief1x(110, "Internal logic error, should not get here");
}
void read_payload(int payload_fd, const bytebuffer bb) {
@@ -156,7 +157,7 @@ void read_payload(int payload_fd, const bytebuffer bb) {
if(flags == -1) {
strerr_dief1sys(111, "fcntl(payload_fd) getfd");
}
- if(fcntl(payload_fd, F_SETFL, flags | ~O_NONBLOCK) < 0) {
+ if(fcntl(payload_fd, F_SETFL, flags & ~O_NONBLOCK) < 0) {
strerr_dief1sys(111, "fcntl(payload_fd) setfd");
}
