miniroon

caveat_env_is.c (1526B)

---

 #include <assert.h>
 #include <string.h>
 
 #include "verify_common.h"
 #define caveat_name "env-is"
 #include "caveats_impl.h"
 
 miniroon_error miniroon_caveat_prepare_env_is(netstring_chunk *c, miniroon_caveats_state *state){
   bytebuffer name, value;
 
   if(!netstring_chunk_next(c)) {
     return caveat_inv1("missing variable name");
   }
   name = c->inner;
 
   if(!netstring_chunk_next(c)) {
     return caveat_inv1("missing variable value");
   }
   value = c->inner;
 
   if(netstring_chunk_next(c)) {
     return caveat_inv1("unexpected argument");
   }
 
   char name_0[name.len + 1];
   memcpy(name_0, name.data, name.len);
   name_0[name.len] = 0;
 
   miniroon_env_entry *entry = miniroon_env_map_find(&state->emap, name);
   if(entry == NULL) {
     return caveat_fail3("variable '", name_0, "'not in allowlist");
   }
   switch(entry->state) {
     case ENV_NO_CHANGE:
       for(size_t i=0; i<value.len; i++) {
         if(value.data[i] == '\0') {
           return caveat_inv2("invalid value - null bytes not allowed in environment variable: ", name_0);
         }
       }
       entry->state = ENV_SET;
       entry->value = value;
       return MINIROON_OK;
     case ENV_SET:
       if(bbcmp(entry->value, value) != 0) {
         return caveat_fail2("conflicting values for variable", name_0);
       }
     default:
       return caveat_fail2("conflicting state for variable: ", name_0);
   }
 }
 
 miniroon_error miniroon_caveat_validate_env_is(netstring_chunk *c, miniroon_caveats_state *state) {
   return MINIROON_OK;
 }
 
 /*  vim: sts=2 sw=2 et
 */