Don't return owner in list_owner_ranges API call.

Closes: 339

struct subordinate_range is pretty closely tied to the existing
subid code and /etc/subuid format, so it includes an owner.  Dropping
that or even renaming it is more painful than I'd first thought.
So introduce a 'struct subid_range' which is only the start and
count, leaving 'struct subordinate_range' as the owner, start and
count.

Signed-off-by: Serge Hallyn <serge@hallyn.com>

lib/prototypes.h

@@ -300,8 +300,8 @@ struct subid_nss_ops {
 	 *
 	 * @owner - string representing username being queried
 	 * @id_type - subuid or subgid
-	 * @ranges - pointer to an array of struct subordinate_range pointers, or
-	 *           NULL.  The returned array of struct subordinate_range and its
+	 * @ranges - pointer to an array of struct subid_range pointers, or
+	 *           NULL.  The returned array of struct subid_range and its
 	 *           members must be freed by the caller.
 	 * @count - pointer to an integer into which the number of returned ranges
 	 *          is written.
@@ -309,7 +309,7 @@ struct subid_nss_ops {
 	 * returns success if the module was able to determine an answer,
 	 * else an error status.
 	 */
-	enum subid_status (*list_owner_ranges)(const char *owner, enum subid_type id_type, struct subordinate_range ***ranges, int *count);
+	enum subid_status (*list_owner_ranges)(const char *owner, enum subid_type id_type, struct subid_range ***ranges, int *count);
 
 	/*
 	 * nss_find_subid_owners: find uids who own a given subuid or subgid.

lib/subordinateio.c

@@ -11,11 +11,29 @@
 #include <stdio.h>
 #include "commonio.h"
 #include "subordinateio.h"
+#include "../libsubid/subid.h"
 #include <sys/types.h>
 #include <pwd.h>
 #include <ctype.h>
 #include <fcntl.h>
 
+/* subid_free_ranges: free a subid_range
+ *
+ * @ranges: an array of subid_ranges to free
+ * @count: number of items in the array
+ *
+ * The subid_range is a subordinate_range without the owner field,
+ * defined in subid.h
+ */
+void subid_free_ranges(struct subid_range **ranges, int count)
+{
+	int i;
+
+	for (i = 0; i < count; i++)
+		free(ranges[i]);
+	free(ranges);
+}
+
 /*
  * subordinate_dup: create a duplicate range
  *
@@ -308,24 +326,25 @@ static bool have_range(struct commonio_db *db,
 	return false;
 }
 
-static bool append_range(struct subordinate_range ***ranges, const struct subordinate_range *new, int n)
+static bool append_range(struct subid_range ***ranges, const struct subordinate_range *new, int n)
 {
-	struct subordinate_range *tmp;
+	struct subid_range *tmp;
 	if (!*ranges) {
-		*ranges = malloc(sizeof(struct subordinate_range *));
+		*ranges = malloc(sizeof(struct subid_range *));
 		if (!*ranges)
 			return false;
 	} else {
-		struct subordinate_range **new;
-		new = realloc(*ranges, (n + 1) * (sizeof(struct subordinate_range *)));
+		struct subid_range **new;
+		new = realloc(*ranges, (n + 1) * (sizeof(struct subid_range *)));
 		if (!new)
 			return false;
 		*ranges = new;
 	}
 	(*ranges)[n] = NULL;
-	tmp = subordinate_dup(new);
+	tmp = malloc(sizeof(*tmp));
 	if (!tmp)
 		return false;
+	memcpy(tmp, new, sizeof(*tmp));
 	(*ranges)[n] = tmp;
 	return true;
 }
@@ -785,10 +804,10 @@ gid_t sub_gid_find_free_range(gid_t min, gid_t max, unsigned long count)
  *
  * The caller must free the subordinate range list.
  */
-int list_owner_ranges(const char *owner, enum subid_type id_type, struct subordinate_range ***in_ranges)
+int list_owner_ranges(const char *owner, enum subid_type id_type, struct subid_range ***in_ranges)
 {
 	// TODO - need to handle owner being either uid or username
-	struct subordinate_range **ranges = NULL;
+	struct subid_range **ranges = NULL;
 	const struct subordinate_range *range;
 	struct commonio_db *db;
 	enum subid_status status;
@@ -826,7 +845,7 @@ int list_owner_ranges(const char *owner, enum subid_type id_type, struct subordi
 	while ((range = commonio_next(db)) != NULL) {
 		if (0 == strcmp(range->owner, owner)) {
 			if (!append_range(&ranges, range, count++)) {
-				free_subordinate_ranges(ranges, count-1);
+				subid_free_ranges(ranges, count-1);
 				ranges = NULL;
 				count = -1;
 				goto out;

lib/subordinateio.h

@@ -25,7 +25,7 @@ extern int sub_uid_unlock (void);
 extern int sub_uid_add (const char *owner, uid_t start, unsigned long count);
 extern int sub_uid_remove (const char *owner, uid_t start, unsigned long count);
 extern uid_t sub_uid_find_free_range(uid_t min, uid_t max, unsigned long count);
-extern int list_owner_ranges(const char *owner, enum subid_type id_type, struct subordinate_range ***ranges);
+extern int list_owner_ranges(const char *owner, enum subid_type id_type, struct subid_range ***ranges);
 extern bool new_subid_range(struct subordinate_range *range, enum subid_type id_type, bool reuse);
 extern bool release_subid_range(struct subordinate_range *range, enum subid_type id_type);
 extern int find_subid_owners(unsigned long id, enum subid_type id_type, uid_t **uids);

libsubid/api.c

@@ -66,26 +66,21 @@ bool libsubid_init(const char *progname, FILE * logfd)
 }
 
 static
-int get_subid_ranges(const char *owner, enum subid_type id_type, struct subordinate_range ***ranges)
+int get_subid_ranges(const char *owner, enum subid_type id_type, struct subid_range ***ranges)
 {
 	return list_owner_ranges(owner, id_type, ranges);
 }
 
-int get_subuid_ranges(const char *owner, struct subordinate_range ***ranges)
+int get_subuid_ranges(const char *owner, struct subid_range ***ranges)
 {
 	return get_subid_ranges(owner, ID_TYPE_UID, ranges);
 }
 
-int get_subgid_ranges(const char *owner, struct subordinate_range ***ranges)
+int get_subgid_ranges(const char *owner, struct subid_range ***ranges)
 {
 	return get_subid_ranges(owner, ID_TYPE_GID, ranges);
 }
 
-void subid_free_ranges(struct subordinate_range **ranges, int count)
-{
-	return free_subordinate_ranges(ranges, count);
-}
-
 static
 int get_subid_owner(unsigned long id, enum subid_type id_type, uid_t **owner)
 {

libsubid/subid.h

@@ -3,6 +3,15 @@
 
 #ifndef SUBID_RANGE_DEFINED
 #define SUBID_RANGE_DEFINED 1
+
+/* subid_range is just a starting point and size of a range */
+struct subid_range {
+	unsigned long start;
+	unsigned long count;
+};
+
+/* subordinage_range is a subid_range plus an owner, representing
+ * a range in /etc/subuid or /etc/subgid */
 struct subordinate_range {
 	const char *owner;
 	unsigned long start;
@@ -46,7 +55,7 @@ bool libsubid_init(const char *progname, FILE *logfd);
  *
  * returns: number of ranges found, ir < 0 on error.
  */
-int get_subuid_ranges(const char *owner, struct subordinate_range ***ranges);
+int get_subuid_ranges(const char *owner, struct subid_range ***ranges);
 
 /*
  * get_subgid_ranges: return a list of GID ranges for a user
@@ -57,7 +66,7 @@ int get_subuid_ranges(const char *owner, struct subordinate_range ***ranges);
  *
  * returns: number of ranges found, ir < 0 on error.
  */
-int get_subgid_ranges(const char *owner, struct subordinate_range ***ranges);
+int get_subgid_ranges(const char *owner, struct subid_range ***ranges);
 
 /*
  * subid_free_ranges: free an array of subordinate_ranges returned by either
@@ -66,7 +75,7 @@ int get_subgid_ranges(const char *owner, struct subordinate_range ***ranges);
  * @ranges: the ranges to free
  * @count: the number of ranges in @ranges
  */
-void subid_free_ranges(struct subordinate_range **ranges, int count);
+void subid_free_ranges(struct subid_range **ranges, int count);
 
 /*
  * get_subuid_owners: return a list of uids to which the given uid has been

src/list_subid_ranges.c

@@ -17,25 +17,28 @@ void usage(void)
 int main(int argc, char *argv[])
 {
 	int i, count=0;
-	struct subordinate_range **ranges;
+	struct subid_range **ranges;
+	const char *owner;
 
 	Prog = Basename (argv[0]);
 	shadow_logfd = stderr;
-	if (argc < 2) {
+	if (argc < 2)
 		usage();
+	owner = argv[1];
+	if (argc == 3 && strcmp(argv[1], "-g") == 0) {
+		owner = argv[2];
+		count = get_subgid_ranges(owner, &ranges);
+	} else if (argc == 2 && strcmp(argv[1], "-h") == 0) {
+		usage();
+	} else {
+		count = get_subuid_ranges(owner, &ranges);
 	}
-	if (argc == 3 && strcmp(argv[1], "-g") == 0)
-		count = get_subgid_ranges(argv[2], &ranges);
-	else if (argc == 2 && strcmp(argv[1], "-h") == 0)
-		usage();
-	else
-		count = get_subuid_ranges(argv[1], &ranges);
 	if (!ranges) {
 		fprintf(stderr, "Error fetching ranges\n");
 		exit(1);
 	}
 	for (i = 0; i < count; i++) {
-		printf("%d: %s %lu %lu\n", i, ranges[i]->owner,
+		printf("%d: %s %lu %lu\n", i, owner,
 			ranges[i]->start, ranges[i]->count);
 	}
 	subid_free_ranges(ranges, count);

tests/libsubid/04_nss/libsubid_zzz.c

@@ -101,9 +101,9 @@ enum subid_status shadow_subid_find_subid_owners(unsigned long id, enum subid_ty
 	return SUBID_STATUS_SUCCESS;
 }
 
-enum subid_status shadow_subid_list_owner_ranges(const char *owner, enum subid_type id_type, struct subordinate_range ***in_ranges, int *count)
+enum subid_status shadow_subid_list_owner_ranges(const char *owner, enum subid_type id_type, struct subid_range ***in_ranges, int *count)
 {
-	struct subordinate_range **ranges;
+	struct subid_range **ranges;
 
 	*count = 0;
 	if (strcmp(owner, "error") == 0)
@@ -121,16 +121,15 @@ enum subid_status shadow_subid_list_owner_ranges(const char *owner, enum subid_t
 		return SUBID_STATUS_SUCCESS;
 	if (id_type == ID_TYPE_UID && strcmp(owner, "group1") == 0)
 		return SUBID_STATUS_SUCCESS;
-	ranges = (struct subordinate_range **)malloc(sizeof(struct subordinate_range *));
+	ranges = (struct subid_range **)malloc(sizeof(struct subid_range *));
 	if (!*ranges)
 		return SUBID_STATUS_ERROR;
-	ranges[0] = (struct subordinate_range *)malloc(sizeof(struct subordinate_range));
+	ranges[0] = (struct subid_range *)malloc(sizeof(struct subid_range));
 	if (!ranges[0]) {
 		free(*ranges);
 		*ranges = NULL;
 		return SUBID_STATUS_ERROR;
 	}
-	ranges[0]->owner = strdup(owner);
 	if (strcmp(owner, "user1") == 0 || strcmp(owner, "group1") == 0) {
 		ranges[0]->start = 100000;
 		ranges[0]->count = 65536;