Skip to content

Commit 311214d

Browse files
linyowslinyows
authored
Merge pull request #49 from linyows/bugfix
Bugfix
2 parents 3e22cc9 + db44a8d commit 311214d

12 files changed

+793
-407
lines changed

Makefile

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -74,6 +74,7 @@ octopass_cli: build_dir cache_dir ## Build octopass cli
7474
$(CC) $(CFLAGS) -c nss_octopass-shadow_cli.c -o $(BUILD)/nss_octopass-shadow_cli.o
7575
$(CC) $(CFLAGS) -c octopass_cli.c -o $(BUILD)/octopass_cli.o
7676
$(CC) -o $(BUILD)/octopass \
77+
$(BUILD)/octopass.o \
7778
$(BUILD)/octopass_cli.o \
7879
$(BUILD)/nss_octopass-passwd_cli.o \
7980
$(BUILD)/nss_octopass-group_cli.o \

debian/changelog

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,8 @@
1+
octopass (0.9.0-1) DIST; urgency=medium
2+
3+
* Bugfixes
4+
5+
-- linyows <linyows@gmail.com> Mon, 17 Feb 2025 14:00:00 +0900
16
octopass (0.8.0-1) DIST; urgency=medium
27

38
* Bugfixes

nss_octopass-group.c

Lines changed: 126 additions & 77 deletions
Original file line numberDiff line numberDiff line change
@@ -31,67 +31,107 @@ static int pack_group_struct(json_t *root, struct group *result, char *buffer, s
3131

3232
memset(buffer, '\0', buflen);
3333

34-
// Carve off some space for array of members.
35-
result->gr_mem = (char **)next_buf;
36-
result->gr_name = strdup(con->group_name);
34+
size_t team_count = json_array_size(root);
35+
36+
result->gr_mem = (char **)malloc((team_count + 1) * sizeof(char *));
37+
if (!result->gr_mem) {
38+
return -1;
39+
}
40+
41+
result->gr_name = strdup(con->group_name);
42+
if (!result->gr_name) {
43+
free(result->gr_mem);
44+
return -1;
45+
}
46+
3747
result->gr_passwd = "x";
38-
result->gr_gid = con->gid;
48+
result->gr_gid = con->gid;
49+
50+
size_t gr_mem_index = 0;
3951

40-
int i;
41-
for (i = 0; i < json_array_size(root); i++) {
42-
json_t *j_member = json_object_get(json_array_get(root, i), "login");
43-
if (!json_is_string(j_member)) {
44-
return -1;
52+
for (size_t i = 0; i < team_count; i++) {
53+
json_t *j_team_obj = json_array_get(root, i);
54+
if (!j_team_obj) {
55+
continue;
4556
}
46-
const char *login = json_string_value(j_member);
47-
if (bufleft <= strlen(login)) {
48-
return -2;
57+
58+
json_t *j_team_id = json_object_get(j_team_obj, "id");
59+
if (!json_is_integer(j_team_id)) {
60+
continue;
4961
}
50-
result->gr_mem[i] = strdup(login);
5162

52-
next_buf += strlen(result->gr_mem[i]) + 1;
53-
bufleft -= strlen(result->gr_mem[i]) + 1;
63+
json_error_t error;
64+
struct response res;
65+
int team_id = json_integer_value(j_team_id);
66+
int status = octopass_team_members_by_team_id(con, team_id, &res);
67+
if (status != 0) {
68+
free(res.data);
69+
continue;
70+
}
71+
72+
json_t *members_root = NULL;
73+
members_root = json_loads(res.data, 0, &error);
74+
free(res.data);
75+
res.data = NULL;
76+
77+
if (!members_root || !json_is_array(members_root)) {
78+
json_decref(members_root);
79+
continue;
80+
}
81+
82+
for (size_t mi = 0; mi < json_array_size(members_root); mi++) {
83+
json_t *j_member = json_object_get(json_array_get(members_root, mi), "login");
84+
if (!json_is_string(j_member)) {
85+
continue;
86+
}
87+
const char *login = json_string_value(j_member);
88+
size_t login_len = strlen(login);
89+
if (bufleft <= strlen(login)) {
90+
continue;
91+
}
92+
result->gr_mem[gr_mem_index] = strdup(login);
93+
94+
next_buf += login_len + 1;
95+
bufleft -= login_len + 1;
96+
97+
gr_mem_index++;
98+
}
99+
json_decref(members_root);
54100
}
55101

102+
result->gr_mem[gr_mem_index] = NULL;
103+
56104
return 0;
57105
}
58106

59107
enum nss_status _nss_octopass_setgrent_locked(int stayopen)
60108
{
61-
json_t *root;
62-
json_error_t error;
63-
64109
struct config con;
65-
struct response res;
110+
//struct response res;
66111
octopass_config_loading(&con, OCTOPASS_CONFIG_FILE);
112+
67113
if (con.syslog) {
68114
syslog(LOG_INFO, "%s[L%d] -- stayopen: %d", __func__, __LINE__, stayopen);
69115
}
70-
int status = octopass_members(&con, &res);
71116

72-
if (status != 0) {
117+
json_t *root = octopass_teams(&con);
118+
if (!root) {
73119
if (con.syslog) {
74120
syslog(LOG_INFO, "%s[L%d] -- status: %s", __func__, __LINE__, "UNAVAIL");
75121
}
76122
return NSS_STATUS_UNAVAIL;
77123
}
78124

79-
root = json_loads(res.data, 0, &error);
80-
free(res.data);
81-
82-
if (!root) {
125+
if (!json_is_array(root) || json_array_size(root) == 0) {
83126
if (con.syslog) {
84127
syslog(LOG_INFO, "%s[L%d] -- status: %s", __func__, __LINE__, "UNAVAIL");
85128
}
129+
json_decref(root);
86130
return NSS_STATUS_UNAVAIL;
87131
}
88132

89-
if (!json_is_array(root)) {
90-
json_decref(root);
91-
if (con.syslog) {
92-
syslog(LOG_INFO, "%s[L%d] -- status: %s", __func__, __LINE__, "UNAVAIL");
93-
}
94-
return NSS_STATUS_UNAVAIL;
133+
if (ent_json_root) {
134+
json_decref(ent_json_root);
95135
}
96136

97137
ent_json_root = root;
@@ -115,9 +155,8 @@ enum nss_status _nss_octopass_setgrent(int stayopen)
115155
enum nss_status _nss_octopass_endgrent_locked(void)
116156
{
117157
if (ent_json_root) {
118-
while (ent_json_root->refcount > 0) {
119-
json_decref(ent_json_root);
120-
}
158+
json_decref(ent_json_root);
159+
ent_json_root = NULL;
121160
}
122161

123162
ent_json_root = NULL;
@@ -144,23 +183,30 @@ enum nss_status _nss_octopass_getgrent_r_locked(struct group *result, char *buff
144183

145184
if (ent_json_root == NULL) {
146185
ret = _nss_octopass_setgrent_locked(0);
186+
if (ret != NSS_STATUS_SUCCESS || ent_json_root == NULL) {
187+
*errnop = ENOENT;
188+
return NSS_STATUS_UNAVAIL;
189+
}
147190
}
148191

149-
if (ret != NSS_STATUS_SUCCESS) {
150-
return ret;
151-
}
192+
size_t json_size = json_array_size(ent_json_root);
152193

153194
// Return notfound when there's nothing else to read.
154-
if (ent_json_idx > 0) {
195+
if (ent_json_idx >= json_size) {
155196
*errnop = ENOENT;
156197
return NSS_STATUS_NOTFOUND;
157198
}
158199

159200
struct config con;
160-
octopass_config_loading(&con, OCTOPASS_CONFIG_FILE);
201+
if (octopass_config_loading(&con, OCTOPASS_CONFIG_FILE) != 0) {
202+
*errnop = EIO;
203+
return NSS_STATUS_UNAVAIL;
204+
}
205+
161206
if (con.syslog) {
162207
syslog(LOG_INFO, "%s[L%d]", __func__, __LINE__);
163208
}
209+
164210
int pack_result = pack_group_struct(ent_json_root, result, buffer, buflen, &con);
165211

166212
if (pack_result == -1) {
@@ -202,12 +248,14 @@ enum nss_status _nss_octopass_getgrent_r(struct group *result, char *buffer, siz
202248
enum nss_status _nss_octopass_getgrgid_r_locked(gid_t gid, struct group *result, char *buffer, size_t buflen,
203249
int *errnop)
204250
{
205-
json_t *root;
206-
json_error_t error;
207-
251+
enum nss_status status = NSS_STATUS_UNAVAIL;
208252
struct config con;
209-
struct response res;
210-
octopass_config_loading(&con, OCTOPASS_CONFIG_FILE);
253+
254+
if (octopass_config_loading(&con, OCTOPASS_CONFIG_FILE) != 0) {
255+
*errnop = EIO;
256+
return NSS_STATUS_UNAVAIL;
257+
}
258+
211259
if (con.syslog) {
212260
syslog(LOG_INFO, "%s[L%d] -- gid: %d", __func__, __LINE__, gid);
213261
}
@@ -220,54 +268,53 @@ enum nss_status _nss_octopass_getgrgid_r_locked(gid_t gid, struct group *result,
220268
return NSS_STATUS_NOTFOUND;
221269
}
222270

223-
int status = octopass_members(&con, &res);
224-
225-
if (status != 0) {
271+
json_t *root = octopass_teams(&con);
272+
if (!root) {
226273
*errnop = ENOENT;
227274
if (con.syslog) {
228275
syslog(LOG_INFO, "%s[L%d] -- status: %s", __func__, __LINE__, "UNAVAIL");
229276
}
230277
return NSS_STATUS_UNAVAIL;
231278
}
232279

233-
root = json_loads(res.data, 0, &error);
234-
free(res.data);
235-
236-
if (json_array_size(root) == 0) {
237-
json_decref(root);
280+
if (!json_is_array(root) || json_array_size(root) == 0) {
281+
status = NSS_STATUS_NOTFOUND;
238282
*errnop = ENOENT;
239283
if (con.syslog) {
240284
syslog(LOG_INFO, "%s[L%d] -- status: %s", __func__, __LINE__, "NOTFOUND");
241285
}
242-
return NSS_STATUS_NOTFOUND;
286+
goto cleanup;
243287
}
244288

245289
int pack_result = pack_group_struct(root, result, buffer, buflen, &con);
246290

247291
if (pack_result == -1) {
248-
json_decref(root);
292+
status = NSS_STATUS_NOTFOUND;
249293
*errnop = ENOENT;
250294
if (con.syslog) {
251295
syslog(LOG_INFO, "%s[L%d] -- status: %s", __func__, __LINE__, "NOTFOUND");
252296
}
253-
return NSS_STATUS_NOTFOUND;
297+
goto cleanup;
254298
}
255299

256300
if (pack_result == -2) {
257-
json_decref(root);
301+
status = NSS_STATUS_TRYAGAIN;
258302
*errnop = ERANGE;
259303
if (con.syslog) {
260304
syslog(LOG_INFO, "%s[L%d] -- status: %s", __func__, __LINE__, "TRYAGAIN");
261305
}
262-
return NSS_STATUS_TRYAGAIN;
306+
goto cleanup;
263307
}
264308

265309
if (con.syslog) {
266310
syslog(LOG_INFO, "%s[L%d] -- status: %s, gr_name: %s", __func__, __LINE__, "SUCCESS", result->gr_name);
267311
}
268312

313+
status = NSS_STATUS_SUCCESS;
314+
315+
cleanup:
269316
json_decref(root);
270-
return NSS_STATUS_SUCCESS;
317+
return status;
271318
}
272319

273320
// Find a group by gid
@@ -285,12 +332,14 @@ enum nss_status _nss_octopass_getgrgid_r(gid_t gid, struct group *result, char *
285332
enum nss_status _nss_octopass_getgrnam_r_locked(const char *name, struct group *result, char *buffer, size_t buflen,
286333
int *errnop)
287334
{
288-
json_t *root;
289-
json_error_t error;
290-
335+
enum nss_status status = NSS_STATUS_UNAVAIL;
291336
struct config con;
292-
struct response res;
293-
octopass_config_loading(&con, OCTOPASS_CONFIG_FILE);
337+
338+
if (octopass_config_loading(&con, OCTOPASS_CONFIG_FILE) != 0) {
339+
*errnop = EIO;
340+
return NSS_STATUS_UNAVAIL;
341+
}
342+
294343
if (con.syslog) {
295344
syslog(LOG_INFO, "%s[L%d] -- name: %s", __func__, __LINE__, name);
296345
}
@@ -303,53 +352,53 @@ enum nss_status _nss_octopass_getgrnam_r_locked(const char *name, struct group *
303352
return NSS_STATUS_NOTFOUND;
304353
}
305354

306-
int status = octopass_members(&con, &res);
307-
308-
if (status != 0) {
355+
json_t *root = octopass_teams(&con);
356+
if (!root) {
309357
*errnop = ENOENT;
310358
if (con.syslog) {
311359
syslog(LOG_INFO, "%s[L%d] -- status: %s", __func__, __LINE__, "UNAVAIL");
312360
}
313361
return NSS_STATUS_UNAVAIL;
314362
}
315363

316-
root = json_loads(res.data, 0, &error);
317-
free(res.data);
318-
if (!root) {
319-
json_decref(root);
364+
if (!json_is_array(root) || json_array_size(root) == 0) {
365+
status = NSS_STATUS_NOTFOUND;
320366
*errnop = ENOENT;
321367
if (con.syslog) {
322-
syslog(LOG_INFO, "%s[L%d] -- status: %s", __func__, __LINE__, "UNAVAIL");
368+
syslog(LOG_INFO, "%s[L%d] -- status: %s", __func__, __LINE__, "NOTFOUND");
323369
}
324-
return NSS_STATUS_UNAVAIL;
370+
goto cleanup;
325371
}
326372

327373
int pack_result = pack_group_struct(root, result, buffer, buflen, &con);
328374

329375
if (pack_result == -1) {
330-
json_decref(root);
376+
status = NSS_STATUS_NOTFOUND;
331377
*errnop = ENOENT;
332378
if (con.syslog) {
333379
syslog(LOG_INFO, "%s[L%d] -- status: %s", __func__, __LINE__, "NOTFOUND");
334380
}
335-
return NSS_STATUS_NOTFOUND;
381+
goto cleanup;
336382
}
337383

338384
if (pack_result == -2) {
339-
json_decref(root);
385+
status = NSS_STATUS_TRYAGAIN;
340386
*errnop = ERANGE;
341387
if (con.syslog) {
342388
syslog(LOG_INFO, "%s[L%d] -- status: %s", __func__, __LINE__, "TRYAGAIN");
343389
}
344-
return NSS_STATUS_TRYAGAIN;
390+
goto cleanup;
345391
}
346392

347393
if (con.syslog) {
348394
syslog(LOG_INFO, "%s[L%d] -- status: %s, gr_name: %s", __func__, __LINE__, "SUCCESS", result->gr_name);
349395
}
350396

397+
status = NSS_STATUS_SUCCESS;
398+
399+
cleanup:
351400
json_decref(root);
352-
return NSS_STATUS_SUCCESS;
401+
return status;
353402
}
354403

355404
// Find a group by name

0 commit comments

Comments
 (0)