NetworkManager/shared/systemd/nm-sd-utils-shared.c

// SPDX-License-Identifier: LGPL-2.1+
/*
 * Copyright (C) 2018 Red Hat, Inc.
 */

#include "nm-default.h"

#include "nm-sd-utils-shared.h"

#include "nm-sd-adapt-shared.h"

#include "dns-domain.h"
#include "hexdecoct.h"
#include "hostname-util.h"
#include "path-util.h"
#include "web-util.h"

/*****************************************************************************/

const bool mempool_use_allowed = true;

/*****************************************************************************/

gboolean
nm_sd_utils_path_equal (const char *a, const char *b)
{
	return path_equal (a, b);
}

char *
nm_sd_utils_path_simplify (char *path, gboolean kill_dots)
{
	return path_simplify (path, kill_dots);
}

const char *
nm_sd_utils_path_startswith (const char *path, const char *prefix)
{
	return path_startswith (path, prefix);
}

/*****************************************************************************/

int
nm_sd_utils_unbase64char (char ch, gboolean accept_padding_equal)
{
	if (   ch == '='
	    && accept_padding_equal)
		return G_MAXINT;
	return unbase64char (ch);
}

/**
 * nm_sd_utils_unbase64mem:
 * @p: a valid base64 string. Whitespace is ignored, but invalid encodings
 *   will cause the function to fail.
 * @l: the length of @p. @p is not treated as NUL terminated string but
 *   merely as a buffer of ascii characters.
 * @secure: whether the temporary memory will be cleared to avoid leaving
 *   secrets in memory (see also nm_explict_bzero()).
 * @mem: (transfer full): the decoded buffer on success.
 * @len: the length of @mem on success.
 *
 * glib provides g_base64_decode(), but that does not report any errors
 * from invalid encodings. Expose systemd's implementation which does
 * reject invalid inputs.
 *
 * Returns: a non-negative code on success. Invalid encoding let the
 *   function fail.
 */
int
nm_sd_utils_unbase64mem (const char *p,
                         size_t l,
                         gboolean secure,
                         guint8 **mem,
                         size_t *len)
{
	return unbase64mem_full (p, l, secure, (void **) mem, len);
}

int nm_sd_dns_name_to_wire_format (const char *domain,
                                   guint8 *buffer,
                                   size_t len,
                                   gboolean canonical)
{
	return dns_name_to_wire_format (domain, buffer, len, canonical);
}

int nm_sd_dns_name_is_valid (const char *s)
{
	return dns_name_is_valid (s);
}

gboolean nm_sd_hostname_is_valid (const char *s, bool allow_trailing_dot)
{
	return hostname_is_valid (s, allow_trailing_dot);
}

/*****************************************************************************/

static gboolean
_http_url_is_valid (const char *url)
{
	if (   !url
	    || !url[0])
		return FALSE;

	if (NM_STR_HAS_PREFIX (url, "http://"))
		url += NM_STRLEN ("http://");
	else if (NM_STR_HAS_PREFIX (url, "https://"))
		url += NM_STRLEN ("https://");
	else
		return FALSE;

	if (!url[0])
		return FALSE;

	return !NM_STRCHAR_ANY (url, ch, (guchar) ch >= 128u);
}

gboolean
nm_sd_http_url_is_valid (const char *url)
{
	gboolean v;

	/* http_url_is_valid() is part of our API, as we use it to validate connection
	 * properties. That means, it's behavior must remain stable (or only change
	 * with care).
	 *
	 * Thus, reimplement it, and make sure that our implementation agrees. */
	v = _http_url_is_valid (url);
	nm_assert (v == http_url_is_valid (url));
	return v;
}
all: SPDX header conversion $ find * -type f \|xargs perl contrib/scripts/spdx.pl $ git rm contrib/scripts/spdx.pl 2019-09-10 11:19:01 +02:00			`// SPDX-License-Identifier: LGPL-2.1+`
all: manually drop code comments with file description 2019-09-25 13:13:40 +02:00			`/*`
			`* Copyright (C) 2018 Red Hat, Inc.`
core: add "nm-sd-utils.h" to access system internal helper We have a fork of a lot of useful systemd helper code. However, until now we shyed away from using it aside from the bits that we really need. That means, although we have some really nice implementations in our source-tree, we didn't use them. Either we were missing them, or we had to re-implement them. Add "nm-sd-utils.h" header to very carefully make internal systemd API accessible to the rest of core. This is not intended as a vehicle to access all of internal API. Instead, this must be used with care, and only a hand picked selection of functions must be exposed. Use with caution, but where it makes sense. 2018-10-03 21:50:27 +02:00			`*/`

			`#include "nm-default.h"`

systemd: move basic systemd library to shared/nm-utils For better or worse, we already pull in large parts of systemd sources. I need a base64 decode implementation (because glib's g_base64_decode() cannot reject invalid encodings). Instead of coming up with my own or copy-paste if from somewhere, reuse systemd's unbase64mem(). But for that, make systemd's basic bits an independent static library first because I will need it in libnm-core. This doesn't really change anything except making "libnm-systemd-core.la" an indpendent static library that could be used from "libnm-core". We shall still be mindful about which internal code of systemd we use, and only access functionality that is exposed via "systemd/nm-sd-utils-shared.h". 2018-12-28 18:11:16 +01:00			`#include "nm-sd-utils-shared.h"`
core: add "nm-sd-utils.h" to access system internal helper We have a fork of a lot of useful systemd helper code. However, until now we shyed away from using it aside from the bits that we really need. That means, although we have some really nice implementations in our source-tree, we didn't use them. Either we were missing them, or we had to re-implement them. Add "nm-sd-utils.h" header to very carefully make internal systemd API accessible to the rest of core. This is not intended as a vehicle to access all of internal API. Instead, this must be used with care, and only a hand picked selection of functions must be exposed. Use with caution, but where it makes sense. 2018-10-03 21:50:27 +02:00
systemd: move basic systemd library to shared/nm-utils For better or worse, we already pull in large parts of systemd sources. I need a base64 decode implementation (because glib's g_base64_decode() cannot reject invalid encodings). Instead of coming up with my own or copy-paste if from somewhere, reuse systemd's unbase64mem(). But for that, make systemd's basic bits an independent static library first because I will need it in libnm-core. This doesn't really change anything except making "libnm-systemd-core.la" an indpendent static library that could be used from "libnm-core". We shall still be mindful about which internal code of systemd we use, and only access functionality that is exposed via "systemd/nm-sd-utils-shared.h". 2018-12-28 18:11:16 +01:00			`#include "nm-sd-adapt-shared.h"`
core: add "nm-sd-utils.h" to access system internal helper We have a fork of a lot of useful systemd helper code. However, until now we shyed away from using it aside from the bits that we really need. That means, although we have some really nice implementations in our source-tree, we didn't use them. Either we were missing them, or we had to re-implement them. Add "nm-sd-utils.h" header to very carefully make internal systemd API accessible to the rest of core. This is not intended as a vehicle to access all of internal API. Instead, this must be used with care, and only a hand picked selection of functions must be exposed. Use with caution, but where it makes sense. 2018-10-03 21:50:27 +02:00
shared: add nm_sd_dns_name_to_wire_format() Add nm_sd_dns_name_to_wire_format() based on systemd utilities to convert a name into its wire format according to RFC 1035 section 3.1. It will be used to build the content of the DHCP FQDN option. 2019-06-25 13:53:35 +02:00			`#include "dns-domain.h"`
shared: export systemd dns and hostname validation functions 2019-10-17 17:39:56 +02:00			`#include "hexdecoct.h"`
			`#include "hostname-util.h"`
			`#include "path-util.h"`
systemd: add nm_sd_http_url_is_valid() to access internal http_url_is_valid() 2020-04-24 09:35:12 +02:00			`#include "web-util.h"`
core: add "nm-sd-utils.h" to access system internal helper We have a fork of a lot of useful systemd helper code. However, until now we shyed away from using it aside from the bits that we really need. That means, although we have some really nice implementations in our source-tree, we didn't use them. Either we were missing them, or we had to re-implement them. Add "nm-sd-utils.h" header to very carefully make internal systemd API accessible to the rest of core. This is not intended as a vehicle to access all of internal API. Instead, this must be used with care, and only a hand picked selection of functions must be exposed. Use with caution, but where it makes sense. 2018-10-03 21:50:27 +02:00
			`/*****************************************************************************/`

systemd: merge branch systemd into master 2019-07-26 14:47:35 +02:00			`const bool mempool_use_allowed = true;`

			`/*****************************************************************************/`

core: add "nm-sd-utils.h" to access system internal helper We have a fork of a lot of useful systemd helper code. However, until now we shyed away from using it aside from the bits that we really need. That means, although we have some really nice implementations in our source-tree, we didn't use them. Either we were missing them, or we had to re-implement them. Add "nm-sd-utils.h" header to very carefully make internal systemd API accessible to the rest of core. This is not intended as a vehicle to access all of internal API. Instead, this must be used with care, and only a hand picked selection of functions must be exposed. Use with caution, but where it makes sense. 2018-10-03 21:50:27 +02:00			`gboolean`
			`nm_sd_utils_path_equal (const char a, const char b)`
			`{`
			`return path_equal (a, b);`
			`}`

			`char *`
			`nm_sd_utils_path_simplify (char *path, gboolean kill_dots)`
			`{`
			`return path_simplify (path, kill_dots);`
			`}`

			`const char *`
			`nm_sd_utils_path_startswith (const char path, const char prefix)`
			`{`
			`return path_startswith (path, prefix);`
			`}`
systemd: expose unbase64mem() as nm_sd_utils_unbase64mem() glib has an base64 implementation, but g_base64_decode() et al. gives no way to detect invalid encodings. All invalid codes are silently ignored. That is not suitable for strictly validating user input. Instead of reimplementing of copy-pasting the code from somewhere, reuse systemd's unbase64mem(). But don't use "hexdecoct.h" directly. Instead, add a single accessor function to our "nm-sd-utils-shared.h" gateway. We want to be careful about which bits from systemd we use, because otherwise re-importing systemd code becomes fragile as you don't know which relevant parts changed. 2018-12-28 19:56:19 +01:00
			`/*****************************************************************************/`

shared: fix function return value 2019-10-17 17:59:24 +02:00			`int`
systemd: expose unbase64mem() as nm_sd_utils_unbase64mem() glib has an base64 implementation, but g_base64_decode() et al. gives no way to detect invalid encodings. All invalid codes are silently ignored. That is not suitable for strictly validating user input. Instead of reimplementing of copy-pasting the code from somewhere, reuse systemd's unbase64mem(). But don't use "hexdecoct.h" directly. Instead, add a single accessor function to our "nm-sd-utils-shared.h" gateway. We want to be careful about which bits from systemd we use, because otherwise re-importing systemd code becomes fragile as you don't know which relevant parts changed. 2018-12-28 19:56:19 +01:00			`nm_sd_utils_unbase64char (char ch, gboolean accept_padding_equal)`
			`{`
			`if ( ch == '='`
			`&& accept_padding_equal)`
			`return G_MAXINT;`
			`return unbase64char (ch);`
			`}`

			`/**`
			`* nm_sd_utils_unbase64mem:`
			`* @p: a valid base64 string. Whitespace is ignored, but invalid encodings`
			`* will cause the function to fail.`
			`* @l: the length of @p. @p is not treated as NUL terminated string but`
			`* merely as a buffer of ascii characters.`
libnm,shared: bzero secrets on failure in nm_utils_base64secret_decode() Now that unbase64mem_full() understands a secure flag, we can get this right. 2019-04-12 07:39:48 +02:00			`* @secure: whether the temporary memory will be cleared to avoid leaving`
			`* secrets in memory (see also nm_explict_bzero()).`
systemd: expose unbase64mem() as nm_sd_utils_unbase64mem() glib has an base64 implementation, but g_base64_decode() et al. gives no way to detect invalid encodings. All invalid codes are silently ignored. That is not suitable for strictly validating user input. Instead of reimplementing of copy-pasting the code from somewhere, reuse systemd's unbase64mem(). But don't use "hexdecoct.h" directly. Instead, add a single accessor function to our "nm-sd-utils-shared.h" gateway. We want to be careful about which bits from systemd we use, because otherwise re-importing systemd code becomes fragile as you don't know which relevant parts changed. 2018-12-28 19:56:19 +01:00			`* @mem: (transfer full): the decoded buffer on success.`
			`* @len: the length of @mem on success.`
			`*`
			`* glib provides g_base64_decode(), but that does not report any errors`
			`* from invalid encodings. Expose systemd's implementation which does`
			`* reject invalid inputs.`
			`*`
			`* Returns: a non-negative code on success. Invalid encoding let the`
			`* function fail.`
			`*/`
			`int`
			`nm_sd_utils_unbase64mem (const char *p,`
			`size_t l,`
libnm,shared: bzero secrets on failure in nm_utils_base64secret_decode() Now that unbase64mem_full() understands a secure flag, we can get this right. 2019-04-12 07:39:48 +02:00			`gboolean secure,`
systemd: expose unbase64mem() as nm_sd_utils_unbase64mem() glib has an base64 implementation, but g_base64_decode() et al. gives no way to detect invalid encodings. All invalid codes are silently ignored. That is not suitable for strictly validating user input. Instead of reimplementing of copy-pasting the code from somewhere, reuse systemd's unbase64mem(). But don't use "hexdecoct.h" directly. Instead, add a single accessor function to our "nm-sd-utils-shared.h" gateway. We want to be careful about which bits from systemd we use, because otherwise re-importing systemd code becomes fragile as you don't know which relevant parts changed. 2018-12-28 19:56:19 +01:00			`guint8 **mem,`
			`size_t *len)`
			`{`
libnm,shared: bzero secrets on failure in nm_utils_base64secret_decode() Now that unbase64mem_full() understands a secure flag, we can get this right. 2019-04-12 07:39:48 +02:00			`return unbase64mem_full (p, l, secure, (void **) mem, len);`
systemd: expose unbase64mem() as nm_sd_utils_unbase64mem() glib has an base64 implementation, but g_base64_decode() et al. gives no way to detect invalid encodings. All invalid codes are silently ignored. That is not suitable for strictly validating user input. Instead of reimplementing of copy-pasting the code from somewhere, reuse systemd's unbase64mem(). But don't use "hexdecoct.h" directly. Instead, add a single accessor function to our "nm-sd-utils-shared.h" gateway. We want to be careful about which bits from systemd we use, because otherwise re-importing systemd code becomes fragile as you don't know which relevant parts changed. 2018-12-28 19:56:19 +01:00			`}`
shared: add nm_sd_dns_name_to_wire_format() Add nm_sd_dns_name_to_wire_format() based on systemd utilities to convert a name into its wire format according to RFC 1035 section 3.1. It will be used to build the content of the DHCP FQDN option. 2019-06-25 13:53:35 +02:00
			`int nm_sd_dns_name_to_wire_format (const char *domain,`
			`guint8 *buffer,`
			`size_t len,`
			`gboolean canonical)`
			`{`
			`return dns_name_to_wire_format (domain, buffer, len, canonical);`
			`}`
shared: export systemd dns and hostname validation functions 2019-10-17 17:39:56 +02:00
			`int nm_sd_dns_name_is_valid (const char *s)`
			`{`
			`return dns_name_is_valid (s);`
			`}`

			`gboolean nm_sd_hostname_is_valid (const char *s, bool allow_trailing_dot)`
			`{`
			`return hostname_is_valid (s, allow_trailing_dot);`
			`}`
systemd: add nm_sd_http_url_is_valid() to access internal http_url_is_valid() 2020-04-24 09:35:12 +02:00
			`/*****************************************************************************/`

			`static gboolean`
			`_http_url_is_valid (const char *url)`
			`{`
			`if ( !url`
			`\|\| !url[0])`
			`return FALSE;`

			`if (NM_STR_HAS_PREFIX (url, "http://"))`
			`url += NM_STRLEN ("http://");`
			`else if (NM_STR_HAS_PREFIX (url, "https://"))`
			`url += NM_STRLEN ("https://");`
			`else`
			`return FALSE;`

			`if (!url[0])`
			`return FALSE;`

			`return !NM_STRCHAR_ANY (url, ch, (guchar) ch >= 128u);`
			`}`

			`gboolean`
			`nm_sd_http_url_is_valid (const char *url)`
			`{`
			`gboolean v;`

			`/* http_url_is_valid() is part of our API, as we use it to validate connection`
			`* properties. That means, it's behavior must remain stable (or only change`
			`* with care).`
			`*`
			`* Thus, reimplement it, and make sure that our implementation agrees. */`
			`v = _http_url_is_valid (url);`
			`nm_assert (v == http_url_is_valid (url));`
			`return v;`
			`}`