nss/libsubid: simplify the ranges variable for list_owner_ranges

Following alexey-tikhonov's suggestion.

Since we've dropped the 'owner' field in the data returned for
get_subid_ranges, we can just return a single allocated array of
simple structs.  This means we can return a ** instead of ***, and
we can get rid of the subid_free_ranges() helper, since the caller
can just free() the returned data.

Signed-off-by: Serge Hallyn <serge@hallyn.com>
This commit is contained in:
Serge Hallyn 2021-05-22 12:16:50 -05:00
parent 322db32971
commit 3d670ba7ed
8 changed files with 39 additions and 74 deletions

View File

@ -1,6 +1,6 @@
dnl Process this file with autoconf to produce a configure script. dnl Process this file with autoconf to produce a configure script.
AC_PREREQ([2.69]) AC_PREREQ([2.69])
m4_define([libsubid_abi_major], 2) m4_define([libsubid_abi_major], 3)
m4_define([libsubid_abi_minor], 0) m4_define([libsubid_abi_minor], 0)
m4_define([libsubid_abi_micro], 0) m4_define([libsubid_abi_micro], 0)
m4_define([libsubid_abi], [libsubid_abi_major.libsubid_abi_minor.libsubid_abi_micro]) m4_define([libsubid_abi], [libsubid_abi_major.libsubid_abi_minor.libsubid_abi_micro])

View File

@ -300,16 +300,15 @@ struct subid_nss_ops {
* *
* @owner - string representing username being queried * @owner - string representing username being queried
* @id_type - subuid or subgid * @id_type - subuid or subgid
* @ranges - pointer to an array of struct subid_range pointers, or * @ranges - pointer to an array of struct subid_range, or NULL. The
* NULL. The returned array of struct subid_range and its * returned array must be freed by the caller.
* members must be freed by the caller.
* @count - pointer to an integer into which the number of returned ranges * @count - pointer to an integer into which the number of returned ranges
* is written. * is written.
* returns success if the module was able to determine an answer, * returns success if the module was able to determine an answer,
* else an error status. * else an error status.
*/ */
enum subid_status (*list_owner_ranges)(const char *owner, enum subid_type id_type, struct subid_range ***ranges, int *count); enum subid_status (*list_owner_ranges)(const char *owner, enum subid_type id_type, struct subid_range **ranges, int *count);
/* /*
* nss_find_subid_owners: find uids who own a given subuid or subgid. * nss_find_subid_owners: find uids who own a given subuid or subgid.

View File

@ -17,23 +17,6 @@
#include <ctype.h> #include <ctype.h>
#include <fcntl.h> #include <fcntl.h>
/* subid_free_ranges: free a subid_range
*
* @ranges: an array of subid_ranges to free
* @count: number of items in the array
*
* The subid_range is a subordinate_range without the owner field,
* defined in subid.h
*/
void subid_free_ranges(struct subid_range **ranges, int count)
{
int i;
for (i = 0; i < count; i++)
free(ranges[i]);
free(ranges);
}
/* /*
* subordinate_dup: create a duplicate range * subordinate_dup: create a duplicate range
* *
@ -326,26 +309,21 @@ static bool have_range(struct commonio_db *db,
return false; return false;
} }
static bool append_range(struct subid_range ***ranges, const struct subordinate_range *new, int n) static bool append_range(struct subid_range **ranges, const struct subordinate_range *new, int n)
{ {
struct subid_range *tmp;
if (!*ranges) { if (!*ranges) {
*ranges = malloc(sizeof(struct subid_range *)); *ranges = malloc(sizeof(struct subid_range));
if (!*ranges) if (!*ranges)
return false; return false;
} else { } else {
struct subid_range **new; struct subid_range *alloced;
new = realloc(*ranges, (n + 1) * (sizeof(struct subid_range *))); alloced = realloc(*ranges, (n + 1) * (sizeof(struct subid_range)));
if (!new) if (!alloced)
return false; return false;
*ranges = new; *ranges = alloced;
} }
(*ranges)[n] = NULL; (*ranges)[n].start = new->start;
tmp = malloc(sizeof(*tmp)); (*ranges)[n].count = new->count;
if (!tmp)
return false;
memcpy(tmp, new, sizeof(*tmp));
(*ranges)[n] = tmp;
return true; return true;
} }
@ -804,10 +782,10 @@ gid_t sub_gid_find_free_range(gid_t min, gid_t max, unsigned long count)
* *
* The caller must free the subordinate range list. * The caller must free the subordinate range list.
*/ */
int list_owner_ranges(const char *owner, enum subid_type id_type, struct subid_range ***in_ranges) int list_owner_ranges(const char *owner, enum subid_type id_type, struct subid_range **in_ranges)
{ {
// TODO - need to handle owner being either uid or username // TODO - need to handle owner being either uid or username
struct subid_range **ranges = NULL; struct subid_range *ranges = NULL;
const struct subordinate_range *range; const struct subordinate_range *range;
struct commonio_db *db; struct commonio_db *db;
enum subid_status status; enum subid_status status;
@ -845,7 +823,7 @@ int list_owner_ranges(const char *owner, enum subid_type id_type, struct subid_r
while ((range = commonio_next(db)) != NULL) { while ((range = commonio_next(db)) != NULL) {
if (0 == strcmp(range->owner, owner)) { if (0 == strcmp(range->owner, owner)) {
if (!append_range(&ranges, range, count++)) { if (!append_range(&ranges, range, count++)) {
subid_free_ranges(ranges, count-1); free(ranges);
ranges = NULL; ranges = NULL;
count = -1; count = -1;
goto out; goto out;

View File

@ -25,7 +25,7 @@ extern int sub_uid_unlock (void);
extern int sub_uid_add (const char *owner, uid_t start, unsigned long count); extern int sub_uid_add (const char *owner, uid_t start, unsigned long count);
extern int sub_uid_remove (const char *owner, uid_t start, unsigned long count); extern int sub_uid_remove (const char *owner, uid_t start, unsigned long count);
extern uid_t sub_uid_find_free_range(uid_t min, uid_t max, unsigned long count); extern uid_t sub_uid_find_free_range(uid_t min, uid_t max, unsigned long count);
extern int list_owner_ranges(const char *owner, enum subid_type id_type, struct subid_range ***ranges); extern int list_owner_ranges(const char *owner, enum subid_type id_type, struct subid_range **ranges);
extern bool new_subid_range(struct subordinate_range *range, enum subid_type id_type, bool reuse); extern bool new_subid_range(struct subordinate_range *range, enum subid_type id_type, bool reuse);
extern bool release_subid_range(struct subordinate_range *range, enum subid_type id_type); extern bool release_subid_range(struct subordinate_range *range, enum subid_type id_type);
extern int find_subid_owners(unsigned long id, enum subid_type id_type, uid_t **uids); extern int find_subid_owners(unsigned long id, enum subid_type id_type, uid_t **uids);

View File

@ -66,17 +66,17 @@ bool libsubid_init(const char *progname, FILE * logfd)
} }
static static
int get_subid_ranges(const char *owner, enum subid_type id_type, struct subid_range ***ranges) int get_subid_ranges(const char *owner, enum subid_type id_type, struct subid_range **ranges)
{ {
return list_owner_ranges(owner, id_type, ranges); return list_owner_ranges(owner, id_type, ranges);
} }
int get_subuid_ranges(const char *owner, struct subid_range ***ranges) int get_subuid_ranges(const char *owner, struct subid_range **ranges)
{ {
return get_subid_ranges(owner, ID_TYPE_UID, ranges); return get_subid_ranges(owner, ID_TYPE_UID, ranges);
} }
int get_subgid_ranges(const char *owner, struct subid_range ***ranges) int get_subgid_ranges(const char *owner, struct subid_range **ranges)
{ {
return get_subid_ranges(owner, ID_TYPE_GID, ranges); return get_subid_ranges(owner, ID_TYPE_GID, ranges);
} }

View File

@ -50,32 +50,27 @@ bool libsubid_init(const char *progname, FILE *logfd);
* get_subuid_ranges: return a list of UID ranges for a user * get_subuid_ranges: return a list of UID ranges for a user
* *
* @owner: username being queried * @owner: username being queried
* @ranges: a pointer to a subordinate range ** in which the result will be * @ranges: a pointer to an array of subid_range structs in which the result
* returned. * will be returned.
*
* The caller must free(ranges) when done.
* *
* returns: number of ranges found, ir < 0 on error. * returns: number of ranges found, ir < 0 on error.
*/ */
int get_subuid_ranges(const char *owner, struct subid_range ***ranges); int get_subuid_ranges(const char *owner, struct subid_range **ranges);
/* /*
* get_subgid_ranges: return a list of GID ranges for a user * get_subgid_ranges: return a list of GID ranges for a user
* *
* @owner: username being queried * @owner: username being queried
* @ranges: a pointer to a subordinate range ** in which the result will be * @ranges: a pointer to an array of subid_range structs in which the result
* returned. * will be returned.
*
* The caller must free(ranges) when done.
* *
* returns: number of ranges found, ir < 0 on error. * returns: number of ranges found, ir < 0 on error.
*/ */
int get_subgid_ranges(const char *owner, struct subid_range ***ranges); int get_subgid_ranges(const char *owner, struct subid_range **ranges);
/*
* subid_free_ranges: free an array of subordinate_ranges returned by either
* get_subuid_ranges() or get_subgid_ranges().
*
* @ranges: the ranges to free
* @count: the number of ranges in @ranges
*/
void subid_free_ranges(struct subid_range **ranges, int count);
/* /*
* get_subuid_owners: return a list of uids to which the given uid has been * get_subuid_owners: return a list of uids to which the given uid has been

View File

@ -17,7 +17,7 @@ void usage(void)
int main(int argc, char *argv[]) int main(int argc, char *argv[])
{ {
int i, count=0; int i, count=0;
struct subid_range **ranges; struct subid_range *ranges;
const char *owner; const char *owner;
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
@ -39,8 +39,7 @@ int main(int argc, char *argv[])
} }
for (i = 0; i < count; i++) { for (i = 0; i < count; i++) {
printf("%d: %s %lu %lu\n", i, owner, printf("%d: %s %lu %lu\n", i, owner,
ranges[i]->start, ranges[i]->count); ranges[i].start, ranges[i].count);
} }
subid_free_ranges(ranges, count);
return 0; return 0;
} }

View File

@ -101,9 +101,9 @@ enum subid_status shadow_subid_find_subid_owners(unsigned long id, enum subid_ty
return SUBID_STATUS_SUCCESS; return SUBID_STATUS_SUCCESS;
} }
enum subid_status shadow_subid_list_owner_ranges(const char *owner, enum subid_type id_type, struct subid_range ***in_ranges, int *count) enum subid_status shadow_subid_list_owner_ranges(const char *owner, enum subid_type id_type, struct subid_range **in_ranges, int *count)
{ {
struct subid_range **ranges; struct subid_range *ranges;
*count = 0; *count = 0;
if (strcmp(owner, "error") == 0) if (strcmp(owner, "error") == 0)
@ -113,7 +113,7 @@ enum subid_status shadow_subid_list_owner_ranges(const char *owner, enum subid_t
if (strcmp(owner, "conn") == 0) if (strcmp(owner, "conn") == 0)
return SUBID_STATUS_ERROR_CONN; return SUBID_STATUS_ERROR_CONN;
*ranges = NULL; *in_ranges = NULL;
if (strcmp(owner, "user1") != 0 && strcmp(owner, "ubuntu") != 0 && if (strcmp(owner, "user1") != 0 && strcmp(owner, "ubuntu") != 0 &&
strcmp(owner, "group1") != 0) strcmp(owner, "group1") != 0)
return SUBID_STATUS_SUCCESS; return SUBID_STATUS_SUCCESS;
@ -121,21 +121,15 @@ enum subid_status shadow_subid_list_owner_ranges(const char *owner, enum subid_t
return SUBID_STATUS_SUCCESS; return SUBID_STATUS_SUCCESS;
if (id_type == ID_TYPE_UID && strcmp(owner, "group1") == 0) if (id_type == ID_TYPE_UID && strcmp(owner, "group1") == 0)
return SUBID_STATUS_SUCCESS; return SUBID_STATUS_SUCCESS;
ranges = (struct subid_range **)malloc(sizeof(struct subid_range *)); ranges = (struct subid_range *)malloc(sizeof(struct subid_range));
if (!*ranges) if (!*ranges)
return SUBID_STATUS_ERROR; return SUBID_STATUS_ERROR;
ranges[0] = (struct subid_range *)malloc(sizeof(struct subid_range));
if (!ranges[0]) {
free(*ranges);
*ranges = NULL;
return SUBID_STATUS_ERROR;
}
if (strcmp(owner, "user1") == 0 || strcmp(owner, "group1") == 0) { if (strcmp(owner, "user1") == 0 || strcmp(owner, "group1") == 0) {
ranges[0]->start = 100000; ranges[0].start = 100000;
ranges[0]->count = 65536; ranges[0].count = 65536;
} else { } else {
ranges[0]->start = 200000; ranges[0].start = 200000;
ranges[0]->count = 100000; ranges[0].count = 100000;
} }
*count = 1; *count = 1;