commit f24d6bdcdfd5f955cbc72ae9e0eb2d2778ecf06a
parent c9fcfbf294edb01b149a75465a4beb14c3a5dd56
Author: Laurent Bercot <ska-skaware@skarnet.org>
Date: Fri, 23 Jul 2021 20:01:58 +0000
Prepare for 2.11.0.0, adapt to skalibs-2.11.0.0 (cdb changes)
Signed-off-by: Laurent Bercot <ska@appnovation.com>
Diffstat:
17 files changed, 116 insertions(+), 123 deletions(-)
diff --git a/INSTALL b/INSTALL
@@ -6,7 +6,7 @@ Build Instructions
- A POSIX-compliant C development environment
- GNU make version 3.81 or later
- - skalibs version 2.10.0.3 or later: https://skarnet.org/software/skalibs/
+ - skalibs version 2.11.0.0 or later: https://skarnet.org/software/skalibs/
- execline version 2.8.0.1 or later: https://skarnet.org/software/execline/
(You can disable this requirement at configure time, but will
lose some functionality.)
diff --git a/NEWS b/NEWS
@@ -1,8 +1,9 @@
Changelog for s6.
-In 2.10.1.0
+In 2.11.0.0
-----------
+ - Adaptation to skalibs-2.11.0.0.
- Bugfixes.
- s6-svwait now supports -r and -R options to wait for restarts.
- New service directory file: lock-fd, to take a lock before
diff --git a/doc/index.html b/doc/index.html
@@ -83,7 +83,7 @@ with s6</a> </li>
<li> A POSIX-compliant system with a standard C development environment </li>
<li> GNU make, version 3.81 or later </li>
<li> <a href="//skarnet.org/software/skalibs/">skalibs</a> version
-2.10.0.3 or later. It's a build-time requirement. It's also a run-time
+2.11.0.0 or later. It's a build-time requirement. It's also a run-time
requirement if you link against the shared version of the skalibs
library. </li>
<li> (Optional, but really recommended for full functionality):
@@ -115,7 +115,7 @@ want nsswitch-like functionality:
<h3> Download </h3>
<ul>
- <li> The current released version of s6 is <a href="s6-2.10.1.0.tar.gz">2.10.1.0</a>. </li>
+ <li> The current released version of s6 is <a href="s6-2.11.0.0.tar.gz">2.10.0.0</a>. </li>
<li> Alternatively, you can checkout a copy of the
<a href="//git.skarnet.org/cgi-bin/cgit.cgi/s6/">s6
git repository</a>:
diff --git a/doc/upgrade.html b/doc/upgrade.html
@@ -18,9 +18,11 @@
<h1> What has changed in s6 </h1>
-<h2> in 2.10.1.0 </h2>
+<h2> in 2.11.0.0 </h2>
<ul>
+ <li> <a href="//skarnet.org/software/skalibs/">skalibs</a>
+dependency bumped to 2.11.0.0. </li>
<li> <a href="s6-svwait.html">s6-svwait</a> now supports the
<tt>-r</tt> and <tt>-R</tt> options, to wait for service restarts. </li>
</ul>
diff --git a/package/info b/package/info
@@ -1,4 +1,4 @@
package=s6
-version=2.10.1.0
+version=2.11.0.0
category=admin
package_macro_name=S6
diff --git a/src/conn-tools/s6-accessrules-cdb-from-fs.c b/src/conn-tools/s6-accessrules-cdb-from-fs.c
@@ -5,9 +5,10 @@
#include <errno.h>
#include <stdlib.h>
#include <stdio.h>
+
#include <skalibs/posixplz.h>
#include <skalibs/types.h>
-#include <skalibs/cdb_make.h>
+#include <skalibs/cdbmake.h>
#include <skalibs/strerr2.h>
#include <skalibs/stralloc.h>
#include <skalibs/env.h>
@@ -31,7 +32,7 @@ static void dienomem (void)
strerr_diefu1sys(111, "stralloc_catb") ;
}
-static void doit (struct cdb_make *c, stralloc *sa, size_t start)
+static void doit (cdbmaker *c, stralloc *sa, size_t start)
{
size_t tmpbase = tmp.len ;
unsigned int k = sa->len ;
@@ -54,10 +55,10 @@ static void doit (struct cdb_make *c, stralloc *sa, size_t start)
strerr_diefu2sys(111, "access ", sa->s) ;
}
else return ;
- else if (cdb_make_add(c, sa->s + start, k - start, "D", 1) < 0)
+ else if (!cdbmake_add(c, sa->s + start, k - start, "D", 1))
{
cleanup() ;
- strerr_diefu1sys(111, "cdb_make_add") ;
+ strerr_diefu1sys(111, "cdbmake_add") ;
}
}
else
@@ -93,10 +94,10 @@ static void doit (struct cdb_make *c, stralloc *sa, size_t start)
if (r > 0) execlen = r ;
if (execlen == 4096) strerr_warnw2x("possibly truncated file ", sa->s) ;
uint16_pack_big(tmp.s + tmpbase + 3 + envlen, execlen) ;
- if (cdb_make_add(c, sa->s + start, k - start, tmp.s + tmpbase, 5 + envlen + execlen) < 0)
+ if (!cdbmake_add(c, sa->s + start, k - start, tmp.s + tmpbase, 5 + envlen + execlen))
{
cleanup() ;
- strerr_diefu1sys(111, "cdb_make_add") ;
+ strerr_diefu1sys(111, "cdbmake_add") ;
}
}
}
@@ -104,7 +105,7 @@ static void doit (struct cdb_make *c, stralloc *sa, size_t start)
int main (int argc, char const *const *argv)
{
stralloc sa = STRALLOC_ZERO ;
- struct cdb_make c = CDB_MAKE_ZERO ;
+ cdbmaker c = CDBMAKER_ZERO ;
DIR *dir ;
size_t start ;
int fd ;
@@ -116,10 +117,10 @@ int main (int argc, char const *const *argv)
stralloc_catb(&tmp, SUFFIX, sizeof(SUFFIX)) ;
fd = mkstemp(tmp.s) ;
if (fd < 0) strerr_diefu2sys(111, "mkstemp ", tmp.s) ;
- if (cdb_make_start(&c, fd) < 0)
+ if (!cdbmake_start(&c, fd))
{
cleanup() ;
- strerr_diefu1sys(111, "cdb_make_start") ;
+ strerr_diefu1sys(111, "cdbmake_start") ;
}
dir = opendir(argv[2]) ;
if (!dir)
@@ -173,7 +174,7 @@ int main (int argc, char const *const *argv)
strerr_diefu2sys(111, "readdir ", argv[2]) ;
}
dir_close(dir) ;
- if (cdb_make_finish(&c) < 0)
+ if (!cdbmake_finish(&c))
{
cleanup() ;
strerr_diefu1sys(111, "cdb_make_finish") ;
diff --git a/src/conn-tools/s6-accessrules-fs-from-cdb.c b/src/conn-tools/s6-accessrules-fs-from-cdb.c
@@ -5,6 +5,7 @@
#include <sys/stat.h>
#include <errno.h>
#include <unistd.h>
+
#include <skalibs/bytestr.h>
#include <skalibs/types.h>
#include <skalibs/cdb.h>
@@ -51,11 +52,15 @@ static void mkdirp (char *s)
static void touchtrunc (char const *file)
{
int fd = open_trunc(file) ;
- if (fd < 0) strerr_diefu2sys(111, "open_trunc ", file) ;
+ if (fd < 0)
+ {
+ cleanup() ;
+ strerr_diefu2sys(111, "open_trunc ", file) ;
+ }
fd_close(fd) ;
}
-static int doenv (char const *dir, size_t dirlen, char *env, size_t envlen)
+static int doenv (char const *dir, size_t dirlen, char const *env, uint32_t envlen)
{
mode_t m = umask(0) ;
size_t i = 0 ;
@@ -78,12 +83,12 @@ static int doenv (char const *dir, size_t dirlen, char *env, size_t envlen)
tmp[dirlen + p + 1] = 0 ;
if (p < n)
{
- env[i+n] = '\n' ;
- if (!openwritenclose_unsafe(tmp, env + i + p + 1, n - p))
- {
- cleanup() ;
- strerr_diefu2sys(111, "openwritenclose_unsafe ", tmp) ;
- }
+ struct iovec v[2] = { { .iov_base = (char *)env + i + p + 1, .iov_len = n - p - 1 }, { .iov_base = "\n", .iov_len = 1 } } ;
+ if (!openwritevnclose_unsafe(tmp, v, 2))
+ {
+ cleanup() ;
+ strerr_diefu2sys(111, "openwritenclose_unsafe ", tmp) ;
+ }
}
else touchtrunc(tmp) ;
}
@@ -92,48 +97,41 @@ static int doenv (char const *dir, size_t dirlen, char *env, size_t envlen)
return 1 ;
}
-static int doit (struct cdb *c)
+static int doit (char const *key, uint32_t klen, char const *data, uint32_t dlen)
{
- unsigned int klen = cdb_keylen(c) ;
- unsigned int dlen = cdb_datalen(c) ;
+ uint16_t envlen, execlen ;
+ char name[basedirlen + klen + 8] ;
+ if (!dlen || (dlen > 8201)) return 0 ;
+ memcpy(name, basedir, basedirlen) ;
+ name[basedirlen] = '/' ;
+ memcpy(name + basedirlen + 1, key, klen) ;
+ name[basedirlen + klen + 1 + klen] = 0 ;
+ mkdirp(name) ;
+ name[basedirlen + klen + 1] = '/' ;
+ if (data[0] == 'A')
+ {
+ memcpy(name + basedirlen + klen + 2, "allow", 6) ;
+ touchtrunc(name) ;
+ }
+ else if (data[0] == 'D')
+ {
+ memcpy(name + basedirlen + klen + 2, "deny", 5) ;
+ touchtrunc(name) ;
+ }
+ if (dlen < 3) return 1 ;
+ uint16_unpack_big(data + 1, &envlen) ;
+ if ((envlen > 4096U) || (3U + envlen > dlen)) return 0 ;
+ uint16_unpack_big(data + 3 + envlen, &execlen) ;
+ if ((execlen > 4096U) || (5U + envlen + execlen != dlen)) return 0 ;
+ if (envlen)
+ {
+ memcpy(name + basedirlen + klen + 2, "env", 4) ;
+ if (!doenv(name, basedirlen + klen + 5, data + 3, envlen)) return 0 ;
+ }
+ if (execlen)
{
- uint16_t envlen, execlen ;
- char name[basedirlen + klen + 8] ;
- char data[dlen] ;
- memcpy(name, basedir, basedirlen) ;
- name[basedirlen] = '/' ;
- if (!dlen || (dlen > 8201)) return (errno = EINVAL, 0) ;
- if ((cdb_read(c, name+basedirlen+1, klen, cdb_keypos(c)) < 0)
- || (cdb_read(c, data, dlen, cdb_datapos(c)) < 0))
- {
- cleanup() ;
- strerr_diefu1sys(111, "cdb_read") ;
- }
- name[basedirlen + klen + 1] = 0 ;
- mkdirp(name) ;
- name[basedirlen + klen + 1] = '/' ;
- if (data[0] == 'A')
- {
- memcpy(name + basedirlen + klen + 2, "allow", 6) ;
- touchtrunc(name) ;
- }
- else if (data[0] == 'D')
- {
- memcpy(name + basedirlen + klen + 2, "deny", 5) ;
- touchtrunc(name) ;
- }
- if (dlen < 3) return 1 ;
- uint16_unpack_big(data + 1, &envlen) ;
- if ((envlen > 4096U) || (3U + envlen > dlen)) return (errno = EINVAL, 0) ;
- uint16_unpack_big(data + 3 + envlen, &execlen) ;
- if ((execlen > 4096U) || (5U + envlen + execlen != dlen)) return (errno = EINVAL, 0) ;
- if (envlen)
- {
- memcpy(name + basedirlen + klen + 2, "env", 4) ;
- if (!doenv(name, basedirlen + klen + 5, data + 3, envlen)) return (errno = EINVAL, 0) ;
- }
memcpy(name + basedirlen + klen + 2, "exec", 5) ;
- if (execlen && !openwritenclose_unsafe(name, data + 5 + envlen, execlen))
+ if (!openwritenclose_unsafe(name, data + 5 + envlen, execlen))
{
cleanup() ;
strerr_diefu2sys(111, "openwritenclose_unsafe ", name) ;
@@ -144,11 +142,11 @@ static int doit (struct cdb *c)
int main (int argc, char const *const *argv)
{
- struct cdb c = CDB_ZERO ;
- uint32_t kpos ;
+ cdb c = CDB_ZERO ;
+ uint32_t pos = CDB_TRAVERSE_INIT() ;
PROG = "s6-accessrules-fs-from-cdb" ;
if (argc < 3) strerr_dieusage(100, USAGE) ;
- if (cdb_mapfile(&c, argv[2]) < 0) strerr_diefu1sys(111, "cdb_mapfile") ;
+ if (!cdb_init(&c, argv[2])) strerr_diefu1sys(111, "cdb_init") ;
basedir = argv[1] ;
basedirlen = strlen(argv[1]) ;
{
@@ -157,20 +155,20 @@ int main (int argc, char const *const *argv)
strerr_diefu2sys(111, "mkdir ", basedir) ;
umask(m) ;
}
- cdb_traverse_init(&c, &kpos) ;
for (;;)
{
- int r = cdb_nextkey(&c, &kpos) ;
+ cdb_data key, data ;
+ int r = cdb_traverse_next(&c, &key, &data, &pos) ;
if (r < 0)
{
cleanup() ;
- strerr_diefu1sys(111, "cdb_nextkey") ;
+ strerr_diefu1x(111, "cdb_traverse_next: invalid cdb") ;
}
else if (!r) break ;
- else if (!doit(&c))
+ else if (!doit(key.s, key.len, data.s, data.len))
{
cleanup() ;
- strerr_diefu1sys(111, "handle key") ;
+ strerr_diefu3x(111, "handle cdb record: ", argv[2], " does not contain valid accessrules data") ;
}
}
return 0 ;
diff --git a/src/conn-tools/s6-ipcserver-access.c b/src/conn-tools/s6-ipcserver-access.c
@@ -75,14 +75,11 @@ static inline void log_deny (pid_t pid, uid_t uid, gid_t gid)
static s6_accessrules_result_t check_cdb (uid_t uid, gid_t gid, char const *file, s6_accessrules_params_t *params)
{
- struct cdb c = CDB_ZERO ;
- int fd = open_readb(file) ;
+ cdb c = CDB_ZERO ;
s6_accessrules_result_t r ;
- if (fd < 0) return -1 ;
- if (cdb_init(&c, fd) < 0) strerr_diefu2sys(111, "cdb_init ", file) ;
+ if (!cdb_init(&c, file)) strerr_diefu2sys(111, "cdb_init ", file) ;
r = s6_accessrules_uidgid_cdb(uid, gid, &c, params) ;
cdb_free(&c) ;
- fd_close(fd) ;
return r ;
}
diff --git a/src/fdholder/s6-fdholderd.c b/src/fdholder/s6-fdholderd.c
@@ -47,8 +47,7 @@ static tain_t const nano1 = { .sec = TAI_ZERO, .nano = 1 } ;
static unsigned int rulestype = 0 ;
static char const *rules = 0 ;
-static int cdbfd = -1 ;
-static struct cdb cdbmap = CDB_ZERO ;
+static cdb cdbmap = CDB_ZERO ;
static void handle_signals (void)
{
@@ -67,19 +66,10 @@ static void handle_signals (void)
}
case SIGHUP :
{
- int fd ;
- struct cdb c = CDB_ZERO ;
+ cdb c = CDB_ZERO ;
if (rulestype != 2) break ;
- fd = open_readb(rules) ;
- if (fd < 0) break ;
- if (cdb_init(&c, fd) < 0)
- {
- fd_close(fd) ;
- break ;
- }
+ if (!cdb_init(&c, rules)) break ;
cdb_free(&cdbmap) ;
- fd_close(cdbfd) ;
- cdbfd = fd ;
cdbmap = c ;
}
break ;
@@ -723,9 +713,7 @@ int main (int argc, char const *const *argv, char const *const *envp)
if (rulestype == 2)
{
- cdbfd = open_readb(rules) ;
- if (cdbfd < 0) strerr_diefu3sys(111, "open ", rules, " for reading") ;
- if (cdb_init(&cdbmap, cdbfd) < 0)
+ if (!cdb_init(&cdbmap, rules))
strerr_diefu2sys(111, "cdb_init ", rules) ;
}
diff --git a/src/include/s6/accessrules.h b/src/include/s6/accessrules.h
@@ -35,13 +35,13 @@ enum s6_accessrules_result_e
S6_ACCESSRULES_NOTFOUND = 2
} ;
-typedef s6_accessrules_result_t s6_accessrules_backend_func_t (char const *, size_t, void *, s6_accessrules_params_t *) ;
+typedef s6_accessrules_result_t s6_accessrules_backend_func_t (char const *, size_t, void const *, s6_accessrules_params_t *) ;
typedef s6_accessrules_backend_func_t *s6_accessrules_backend_func_t_ref ;
extern s6_accessrules_backend_func_t s6_accessrules_backend_fs ;
extern s6_accessrules_backend_func_t s6_accessrules_backend_cdb ;
-typedef s6_accessrules_result_t s6_accessrules_keycheck_func_t (void const *, void *, s6_accessrules_params_t *, s6_accessrules_backend_func_t_ref) ;
+typedef s6_accessrules_result_t s6_accessrules_keycheck_func_t (void const *, void const *, s6_accessrules_params_t *, s6_accessrules_backend_func_t_ref) ;
typedef s6_accessrules_keycheck_func_t *s6_accessrules_keycheck_func_t_ref ;
extern s6_accessrules_keycheck_func_t s6_accessrules_keycheck_uidgid ;
@@ -50,7 +50,7 @@ extern s6_accessrules_keycheck_func_t s6_accessrules_keycheck_ip6 ;
extern s6_accessrules_keycheck_func_t s6_accessrules_keycheck_reversedns ;
#define s6_accessrules_keycheck_ip46(key, data, params, f) (ip46_is6((ip46_t const *)(key)) ? s6_accessrules_keycheck_ip6(((ip46_t const *)(key))->ip, data, params, f) : s6_accessrules_keycheck_ip4(((ip46_t const *)(key))->ip, data, params, f))
-extern s6_accessrules_result_t s6_accessrules_uidgid_cdb (uid_t, gid_t, struct cdb *, s6_accessrules_params_t *) ;
+extern s6_accessrules_result_t s6_accessrules_uidgid_cdb (uid_t, gid_t, cdb const *, s6_accessrules_params_t *) ;
extern s6_accessrules_result_t s6_accessrules_uidgid_fs (uid_t, gid_t, char const *, s6_accessrules_params_t *) ;
#define s6_accessrules_ip4_cdb(ip4, c, params) s6_accessrules_keycheck_ip4(ip4, c, (params), &s6_accessrules_backend_cdb)
#define s6_accessrules_ip4_fs(ip4, rulesdir, params) s6_accessrules_keycheck_ip4(ip4, rulesdir, (params), &s6_accessrules_backend_fs)
diff --git a/src/libs6/s6_accessrules_backend_cdb.c b/src/libs6/s6_accessrules_backend_cdb.c
@@ -3,38 +3,44 @@
#include <string.h>
#include <stdint.h>
#include <errno.h>
+
#include <skalibs/uint16.h>
#include <skalibs/cdb.h>
#include <skalibs/stralloc.h>
#include <s6/accessrules.h>
-s6_accessrules_result_t s6_accessrules_backend_cdb (char const *key, size_t keylen, void *data, s6_accessrules_params_t *params)
+s6_accessrules_result_t s6_accessrules_backend_cdb (char const *key, size_t keylen, void const *arg, s6_accessrules_params_t *params)
{
- struct cdb *c = data ;
- size_t execbase ;
- unsigned int n ;
+ cdb_data data ;
+ int wasnull = !params->env.s ;
uint16_t envlen, execlen ;
- int r = cdb_find(c, key, keylen) ;
+ cdb const *c = arg ;
+ cdb_reader reader = CDB_READER_ZERO ;
+ int r = cdb_find(c, &reader, &data, key, keylen) ;
if (r < 0) return S6_ACCESSRULES_ERROR ;
else if (!r) return S6_ACCESSRULES_NOTFOUND ;
- n = cdb_datalen(c) ;
- if (!n || n > 8197) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
- if (!stralloc_readyplus(¶ms->exec, n)) return S6_ACCESSRULES_ERROR ;
- execbase = params->exec.len ;
- if (cdb_read(c, params->exec.s + execbase, n, cdb_datapos(c)) < 0) return S6_ACCESSRULES_ERROR ;
- if (params->exec.s[execbase] == 'D') return S6_ACCESSRULES_DENY ;
- else if (params->exec.s[execbase] != 'A') return S6_ACCESSRULES_NOTFOUND ;
- else if (n < 5) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
- uint16_unpack_big(params->exec.s + execbase + 1, &envlen) ;
- if ((envlen > 4096) || (envlen + 5 > n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
- uint16_unpack_big(params->exec.s + execbase + 3 + envlen, &execlen) ;
- if ((execlen > 4096) || (5 + envlen + execlen != n)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
- if (!stralloc_catb(¶ms->env, params->exec.s + execbase + 3, envlen)) return S6_ACCESSRULES_ERROR ;
- memcpy(params->exec.s + execbase, params->exec.s + execbase + 5 + envlen, execlen) ;
+ if (!data.len || data.len > 8197) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
+ if (data.s[0] == 'D') return S6_ACCESSRULES_DENY ;
+ if (data.s[0] != 'A') return S6_ACCESSRULES_NOTFOUND ;
+ if (data.len < 5) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
+ uint16_unpack_big(data.s + 1, &envlen) ;
+ if ((envlen > 4096) || (data.len - 5 < envlen)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
+ uint16_unpack_big(data.s + 3 + envlen, &execlen) ;
+ if ((execlen > 4096) || (5 + envlen + execlen != data.len)) return (errno = EINVAL, S6_ACCESSRULES_ERROR) ;
+ if (envlen && !stralloc_catb(¶ms->env, data.s + 3, envlen)) return S6_ACCESSRULES_ERROR ;
if (execlen)
{
- params->exec.len += execlen ;
- params->exec.s[params->exec.len++] = 0 ;
+ if (!stralloc_readyplus(¶ms->exec, execlen + 1))
+ {
+ if (envlen)
+ {
+ if (wasnull) stralloc_free(¶ms->env) ;
+ else params->env.len -= envlen ;
+ }
+ return S6_ACCESSRULES_ERROR ;
+ }
+ stralloc_catb(¶ms->exec, data.s + 5 + envlen, execlen) ;
+ stralloc_0(¶ms->exec) ;
}
return S6_ACCESSRULES_ALLOW ;
}
diff --git a/src/libs6/s6_accessrules_backend_fs.c b/src/libs6/s6_accessrules_backend_fs.c
@@ -8,9 +8,9 @@
#include <skalibs/djbunix.h>
#include <s6/accessrules.h>
-s6_accessrules_result_t s6_accessrules_backend_fs (char const *key, size_t keylen, void *data, s6_accessrules_params_t *params)
+s6_accessrules_result_t s6_accessrules_backend_fs (char const *key, size_t keylen, void const *data, s6_accessrules_params_t *params)
{
- char *dir = data ;
+ char const *dir = data ;
size_t dirlen = strlen(dir) ;
size_t envbase = params->env.len ;
int wasnull = !params->env.s ;
diff --git a/src/libs6/s6_accessrules_keycheck_ip4.c b/src/libs6/s6_accessrules_keycheck_ip4.c
@@ -5,7 +5,7 @@
#include <skalibs/fmtscan.h>
#include <s6/accessrules.h>
-s6_accessrules_result_t s6_accessrules_keycheck_ip4 (void const *key, void *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1)
+s6_accessrules_result_t s6_accessrules_keycheck_ip4 (void const *key, void const *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1)
{
char fmt[IP4_FMT + UINT_FMT + 6] = "ip4/" ;
uint32_t ip ;
diff --git a/src/libs6/s6_accessrules_keycheck_ip6.c b/src/libs6/s6_accessrules_keycheck_ip6.c
@@ -6,7 +6,7 @@
#include <skalibs/fmtscan.h>
#include <s6/accessrules.h>
-s6_accessrules_result_t s6_accessrules_keycheck_ip6 (void const *key, void *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1)
+s6_accessrules_result_t s6_accessrules_keycheck_ip6 (void const *key, void const *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1)
{
char fmt[IP6_FMT + UINT_FMT + 6] = "ip6/" ;
char ip6[16] ;
diff --git a/src/libs6/s6_accessrules_keycheck_reversedns.c b/src/libs6/s6_accessrules_keycheck_reversedns.c
@@ -5,7 +5,7 @@
#include <skalibs/bytestr.h>
#include <s6/accessrules.h>
-s6_accessrules_result_t s6_accessrules_keycheck_reversedns (void const *key, void *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1)
+s6_accessrules_result_t s6_accessrules_keycheck_reversedns (void const *key, void const *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1)
{
char const *name = key ;
size_t len = strlen(name) ;
diff --git a/src/libs6/s6_accessrules_keycheck_uidgid.c b/src/libs6/s6_accessrules_keycheck_uidgid.c
@@ -6,7 +6,7 @@
#include <skalibs/types.h>
#include <s6/accessrules.h>
-s6_accessrules_result_t s6_accessrules_keycheck_uidgid (void const *key, void *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1)
+s6_accessrules_result_t s6_accessrules_keycheck_uidgid (void const *key, void const *data, s6_accessrules_params_t *params, s6_accessrules_backend_func_t_ref check1)
{
uidgid_t const *uidgid = key ;
char fmt[4 + UINT64_FMT] = "uid/" ;
diff --git a/src/libs6/s6_accessrules_uidgid_cdb.c b/src/libs6/s6_accessrules_uidgid_cdb.c
@@ -2,7 +2,7 @@
#include <s6/accessrules.h>
-s6_accessrules_result_t s6_accessrules_uidgid_cdb (uid_t uid, gid_t gid, struct cdb *c, s6_accessrules_params_t *params)
+s6_accessrules_result_t s6_accessrules_uidgid_cdb (uid_t uid, gid_t gid, cdb const *c, s6_accessrules_params_t *params)
{
uidgid_t uidgid = { .left = uid, .right = gid } ;
return s6_accessrules_keycheck_uidgid(&uidgid, c, params, &s6_accessrules_backend_cdb) ;