caveat_env_is.c (1445B)
1 #include <assert.h> 2 #include <string.h> 3 4 #include "verify_common.h" 5 #define caveat_name "env-is" 6 #include "caveats_impl.h" 7 8 void miniroon_caveat_prepare_env_is(netstring_chunk *c, miniroon_caveats_state *state){ 9 bytebuffer name, value; 10 11 if(!netstring_chunk_next(c)) { 12 caveat_die1("missing variable name"); 13 } 14 name = c->inner; 15 16 if(!netstring_chunk_next(c)) { 17 caveat_die1("missing variable value"); 18 } 19 value = c->inner; 20 21 if(netstring_chunk_next(c)) { 22 caveat_die1("unexpected argument"); 23 } 24 25 char name_0[name.len + 1]; 26 memcpy(name_0, name.data, name.len); 27 name_0[name.len] = 0; 28 29 miniroon_env_entry *entry = miniroon_env_map_find(&state->emap, name); 30 if(entry == NULL) { 31 caveat_die3("variable '", name_0, "'not in allowlist"); 32 } 33 switch(entry->state) { 34 case ENV_NO_CHANGE: 35 for(size_t i=0; i<value.len; i++) { 36 if(value.data[i] == '\0') { 37 caveat_die2("invalid value - null bytes not allowed in environment variable: ", name_0); 38 } 39 } 40 entry->state = ENV_SET; 41 entry->value = value; 42 break; 43 case ENV_SET: 44 if(bbcmp(entry->value, value) != 0) { 45 caveat_die2("conflicting values for variable", name_0); 46 } 47 break; 48 default: 49 caveat_die2("conflicting state for variable: ", name_0); 50 break; 51 } 52 } 53 54 void miniroon_caveat_validate_env_is(netstring_chunk *c, miniroon_caveats_state *state) { 55 } 56 57 /* vim: sts=2 sw=2 et 58 */