Commit Graph

9 Commits

Author SHA1 Message Date
Ján Tomko
faf6edfa74 json: do not call json_tokener_free with NULL
Add an error message for the rare case if json_tokener_new
fails (allocation failure) and guard any use of json_tokener_free
where tok might be NULL (this was possible in libvirt-nss
when the json file could not be opened).

https://gitlab.com/libvirt/libvirt/-/issues/581

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reported-by: Simon Pilkington
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
2024-11-04 12:15:10 +01:00
Ján Tomko
84198ad88a nss: convert findMACs to use json-c
While the parsing is still done by 1K buffers, the results
are no longer filtered during the parsing, but the whole JSON
has to live in memory at once, which was also the case before
the NSS plugin dropped its dependency on libvirt_util.

Also, the new parser might be more forgiving of missing elements.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2024-09-24 08:24:00 +02:00
Michal Privoznik
7f463b4c0d nss: Compare hostname case insensitive
There are some tools that convert hostname to lowercase before
resolving it (e.g. ssh). In a way it makes sense because DNS is
case insensitive and in case of ssh the lowercase version is then
used to find matching record in its config file. However, our NSS
module performs case sensitive comparison, which makes it useless
with ssh. Just consider a machine named FooBar.

Therefore, switch to case insensitive string comparison.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1777873
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2022-05-27 13:43:14 +02:00
Michal Privoznik
de1ac5930a Don't pass NULL to yajl_free()
Unfortunately, yajl_free() is not NOP on NULL. It really does
expect a valid pointer. Therefore, check whether the pointer we
want to pass to it is NULL or not.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-03-30 16:11:13 +02:00
Michal Privoznik
0dc84c347a nss: Don't leak memory on parse error
If yajl_parse() fails, we try to print an error message. For
that, yajl_get_error() is used. However, its documentation say
that caller is also responsible for freeing the memory it
allocates by using yajl_free_error().

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-09 12:17:19 +02:00
Michal Privoznik
8be0ab638d nss: Don't stop parsing on unexpected key
Due to latest rewrite of NSS module, we are doing yajl parsing
ourselves. This means, we had to introduce couple of callback
that yajl calls. According to its documentation, a callback can
cancel parsing if it returns a zero value. Well, we do just that
in the string callback (findLeasesParserString()). If the JSON
file we are parsing contains a key that we are not interested in,
zero is returned meaning stop all parsing. This is not correct,
because the JSON file can contain some other keys which are not
harmful for our address translation (e.g. 'client-id').

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-09 12:17:19 +02:00
Daniel P. Berrangé
8242ce4f45 tools: avoid accidentally using files from gnulib
The AM_CPPFLAGS setting includes the gnulib headers, which
means we can get some replacement functions defined. Since
virt-login-shell and the NSS module intentionally don't link
to gnulib, these replacement functions causes link failures.

This was seen cross-compiling on Debian for example:

virt-login-shell.o: In function `main':
/builds/libvirt/libvirt/build/tools/../../tools/virt-login-shell.c:81: undefined reference to `rpl_strerror'
/builds/libvirt/libvirt/build/tools/../../tools/virt-login-shell.c:66: undefined reference to `rpl_strerror'
/builds/libvirt/libvirt/build/tools/../../tools/virt-login-shell.c:75: undefined reference to `rpl_strerror'

The only way to avoid these replacement gnulib headers is
to drop the -Ignulib/lib flags. We do still want to use
gnulib for configmake.h and intprops.h, but those can be
included via their full path.

We must also stop using internal.h, since that expects
-Ignulib/lib to be on the include path in order to resolve
the verify.h header.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-08 13:32:02 +01:00
Daniel P. Berrangé
18a4b2479a nss: custom parser for loading .leases file
The .leases file is currently loaded using the virLease class,
which in turn uses the virJSON parsing code. This pulls in a
heap of libvirt code (logging, hash tables, etc) which we do
not wish to depend on.

This uses the yajl parser code directly, so the only dep is
yajl and plain libc functions.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 16:54:02 +01:00
Daniel P. Berrangé
904d60b06c nss: custom parser for loading .macs file
The .macs file is currently loaded using the virMacMap class,
which in turn uses the virJSON parsing code. This pulls in a
heap of libvirt code (logging, hash tables, objects, etc) which
we do not wish to depend on.

This uses the yajl parser code directly, so the only dep is
yajl and plain libc functions.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 16:54:02 +01:00