#include #include #include #include "v1_pod_security_context.h" static v1_pod_security_context_t *v1_pod_security_context_create_internal( v1_app_armor_profile_t *app_armor_profile, long fs_group, char *fs_group_change_policy, long run_as_group, int run_as_non_root, long run_as_user, char *se_linux_change_policy, v1_se_linux_options_t *se_linux_options, v1_seccomp_profile_t *seccomp_profile, list_t *supplemental_groups, char *supplemental_groups_policy, list_t *sysctls, v1_windows_security_context_options_t *windows_options ) { v1_pod_security_context_t *v1_pod_security_context_local_var = malloc(sizeof(v1_pod_security_context_t)); if (!v1_pod_security_context_local_var) { return NULL; } v1_pod_security_context_local_var->app_armor_profile = app_armor_profile; v1_pod_security_context_local_var->fs_group = fs_group; v1_pod_security_context_local_var->fs_group_change_policy = fs_group_change_policy; v1_pod_security_context_local_var->run_as_group = run_as_group; v1_pod_security_context_local_var->run_as_non_root = run_as_non_root; v1_pod_security_context_local_var->run_as_user = run_as_user; v1_pod_security_context_local_var->se_linux_change_policy = se_linux_change_policy; v1_pod_security_context_local_var->se_linux_options = se_linux_options; v1_pod_security_context_local_var->seccomp_profile = seccomp_profile; v1_pod_security_context_local_var->supplemental_groups = supplemental_groups; v1_pod_security_context_local_var->supplemental_groups_policy = supplemental_groups_policy; v1_pod_security_context_local_var->sysctls = sysctls; v1_pod_security_context_local_var->windows_options = windows_options; v1_pod_security_context_local_var->_library_owned = 1; return v1_pod_security_context_local_var; } __attribute__((deprecated)) v1_pod_security_context_t *v1_pod_security_context_create( v1_app_armor_profile_t *app_armor_profile, long fs_group, char *fs_group_change_policy, long run_as_group, int run_as_non_root, long run_as_user, char *se_linux_change_policy, v1_se_linux_options_t *se_linux_options, v1_seccomp_profile_t *seccomp_profile, list_t *supplemental_groups, char *supplemental_groups_policy, list_t *sysctls, v1_windows_security_context_options_t *windows_options ) { return v1_pod_security_context_create_internal ( app_armor_profile, fs_group, fs_group_change_policy, run_as_group, run_as_non_root, run_as_user, se_linux_change_policy, se_linux_options, seccomp_profile, supplemental_groups, supplemental_groups_policy, sysctls, windows_options ); } void v1_pod_security_context_free(v1_pod_security_context_t *v1_pod_security_context) { if(NULL == v1_pod_security_context){ return ; } if(v1_pod_security_context->_library_owned != 1){ fprintf(stderr, "WARNING: %s() does NOT free objects allocated by the user\n", "v1_pod_security_context_free"); return ; } listEntry_t *listEntry; if (v1_pod_security_context->app_armor_profile) { v1_app_armor_profile_free(v1_pod_security_context->app_armor_profile); v1_pod_security_context->app_armor_profile = NULL; } if (v1_pod_security_context->fs_group_change_policy) { free(v1_pod_security_context->fs_group_change_policy); v1_pod_security_context->fs_group_change_policy = NULL; } if (v1_pod_security_context->se_linux_change_policy) { free(v1_pod_security_context->se_linux_change_policy); v1_pod_security_context->se_linux_change_policy = NULL; } if (v1_pod_security_context->se_linux_options) { v1_se_linux_options_free(v1_pod_security_context->se_linux_options); v1_pod_security_context->se_linux_options = NULL; } if (v1_pod_security_context->seccomp_profile) { v1_seccomp_profile_free(v1_pod_security_context->seccomp_profile); v1_pod_security_context->seccomp_profile = NULL; } if (v1_pod_security_context->supplemental_groups) { list_ForEach(listEntry, v1_pod_security_context->supplemental_groups) { free(listEntry->data); } list_freeList(v1_pod_security_context->supplemental_groups); v1_pod_security_context->supplemental_groups = NULL; } if (v1_pod_security_context->supplemental_groups_policy) { free(v1_pod_security_context->supplemental_groups_policy); v1_pod_security_context->supplemental_groups_policy = NULL; } if (v1_pod_security_context->sysctls) { list_ForEach(listEntry, v1_pod_security_context->sysctls) { v1_sysctl_free(listEntry->data); } list_freeList(v1_pod_security_context->sysctls); v1_pod_security_context->sysctls = NULL; } if (v1_pod_security_context->windows_options) { v1_windows_security_context_options_free(v1_pod_security_context->windows_options); v1_pod_security_context->windows_options = NULL; } free(v1_pod_security_context); } cJSON *v1_pod_security_context_convertToJSON(v1_pod_security_context_t *v1_pod_security_context) { cJSON *item = cJSON_CreateObject(); // v1_pod_security_context->app_armor_profile if(v1_pod_security_context->app_armor_profile) { cJSON *app_armor_profile_local_JSON = v1_app_armor_profile_convertToJSON(v1_pod_security_context->app_armor_profile); if(app_armor_profile_local_JSON == NULL) { goto fail; //model } cJSON_AddItemToObject(item, "appArmorProfile", app_armor_profile_local_JSON); if(item->child == NULL) { goto fail; } } // v1_pod_security_context->fs_group if(v1_pod_security_context->fs_group) { if(cJSON_AddNumberToObject(item, "fsGroup", v1_pod_security_context->fs_group) == NULL) { goto fail; //Numeric } } // v1_pod_security_context->fs_group_change_policy if(v1_pod_security_context->fs_group_change_policy) { if(cJSON_AddStringToObject(item, "fsGroupChangePolicy", v1_pod_security_context->fs_group_change_policy) == NULL) { goto fail; //String } } // v1_pod_security_context->run_as_group if(v1_pod_security_context->run_as_group) { if(cJSON_AddNumberToObject(item, "runAsGroup", v1_pod_security_context->run_as_group) == NULL) { goto fail; //Numeric } } // v1_pod_security_context->run_as_non_root if(v1_pod_security_context->run_as_non_root) { if(cJSON_AddBoolToObject(item, "runAsNonRoot", v1_pod_security_context->run_as_non_root) == NULL) { goto fail; //Bool } } // v1_pod_security_context->run_as_user if(v1_pod_security_context->run_as_user) { if(cJSON_AddNumberToObject(item, "runAsUser", v1_pod_security_context->run_as_user) == NULL) { goto fail; //Numeric } } // v1_pod_security_context->se_linux_change_policy if(v1_pod_security_context->se_linux_change_policy) { if(cJSON_AddStringToObject(item, "seLinuxChangePolicy", v1_pod_security_context->se_linux_change_policy) == NULL) { goto fail; //String } } // v1_pod_security_context->se_linux_options if(v1_pod_security_context->se_linux_options) { cJSON *se_linux_options_local_JSON = v1_se_linux_options_convertToJSON(v1_pod_security_context->se_linux_options); if(se_linux_options_local_JSON == NULL) { goto fail; //model } cJSON_AddItemToObject(item, "seLinuxOptions", se_linux_options_local_JSON); if(item->child == NULL) { goto fail; } } // v1_pod_security_context->seccomp_profile if(v1_pod_security_context->seccomp_profile) { cJSON *seccomp_profile_local_JSON = v1_seccomp_profile_convertToJSON(v1_pod_security_context->seccomp_profile); if(seccomp_profile_local_JSON == NULL) { goto fail; //model } cJSON_AddItemToObject(item, "seccompProfile", seccomp_profile_local_JSON); if(item->child == NULL) { goto fail; } } // v1_pod_security_context->supplemental_groups if(v1_pod_security_context->supplemental_groups) { cJSON *supplemental_groups = cJSON_AddArrayToObject(item, "supplementalGroups"); if(supplemental_groups == NULL) { goto fail; //primitive container } listEntry_t *supplemental_groupsListEntry; list_ForEach(supplemental_groupsListEntry, v1_pod_security_context->supplemental_groups) { if(cJSON_AddNumberToObject(supplemental_groups, "", *(double *)supplemental_groupsListEntry->data) == NULL) { goto fail; } } } // v1_pod_security_context->supplemental_groups_policy if(v1_pod_security_context->supplemental_groups_policy) { if(cJSON_AddStringToObject(item, "supplementalGroupsPolicy", v1_pod_security_context->supplemental_groups_policy) == NULL) { goto fail; //String } } // v1_pod_security_context->sysctls if(v1_pod_security_context->sysctls) { cJSON *sysctls = cJSON_AddArrayToObject(item, "sysctls"); if(sysctls == NULL) { goto fail; //nonprimitive container } listEntry_t *sysctlsListEntry; if (v1_pod_security_context->sysctls) { list_ForEach(sysctlsListEntry, v1_pod_security_context->sysctls) { cJSON *itemLocal = v1_sysctl_convertToJSON(sysctlsListEntry->data); if(itemLocal == NULL) { goto fail; } cJSON_AddItemToArray(sysctls, itemLocal); } } } // v1_pod_security_context->windows_options if(v1_pod_security_context->windows_options) { cJSON *windows_options_local_JSON = v1_windows_security_context_options_convertToJSON(v1_pod_security_context->windows_options); if(windows_options_local_JSON == NULL) { goto fail; //model } cJSON_AddItemToObject(item, "windowsOptions", windows_options_local_JSON); if(item->child == NULL) { goto fail; } } return item; fail: if (item) { cJSON_Delete(item); } return NULL; } v1_pod_security_context_t *v1_pod_security_context_parseFromJSON(cJSON *v1_pod_security_contextJSON){ v1_pod_security_context_t *v1_pod_security_context_local_var = NULL; // define the local variable for v1_pod_security_context->app_armor_profile v1_app_armor_profile_t *app_armor_profile_local_nonprim = NULL; // define the local variable for v1_pod_security_context->se_linux_options v1_se_linux_options_t *se_linux_options_local_nonprim = NULL; // define the local variable for v1_pod_security_context->seccomp_profile v1_seccomp_profile_t *seccomp_profile_local_nonprim = NULL; // define the local list for v1_pod_security_context->supplemental_groups list_t *supplemental_groupsList = NULL; // define the local list for v1_pod_security_context->sysctls list_t *sysctlsList = NULL; // define the local variable for v1_pod_security_context->windows_options v1_windows_security_context_options_t *windows_options_local_nonprim = NULL; // v1_pod_security_context->app_armor_profile cJSON *app_armor_profile = cJSON_GetObjectItemCaseSensitive(v1_pod_security_contextJSON, "appArmorProfile"); if (cJSON_IsNull(app_armor_profile)) { app_armor_profile = NULL; } if (app_armor_profile) { app_armor_profile_local_nonprim = v1_app_armor_profile_parseFromJSON(app_armor_profile); //nonprimitive } // v1_pod_security_context->fs_group cJSON *fs_group = cJSON_GetObjectItemCaseSensitive(v1_pod_security_contextJSON, "fsGroup"); if (cJSON_IsNull(fs_group)) { fs_group = NULL; } if (fs_group) { if(!cJSON_IsNumber(fs_group)) { goto end; //Numeric } } // v1_pod_security_context->fs_group_change_policy cJSON *fs_group_change_policy = cJSON_GetObjectItemCaseSensitive(v1_pod_security_contextJSON, "fsGroupChangePolicy"); if (cJSON_IsNull(fs_group_change_policy)) { fs_group_change_policy = NULL; } if (fs_group_change_policy) { if(!cJSON_IsString(fs_group_change_policy) && !cJSON_IsNull(fs_group_change_policy)) { goto end; //String } } // v1_pod_security_context->run_as_group cJSON *run_as_group = cJSON_GetObjectItemCaseSensitive(v1_pod_security_contextJSON, "runAsGroup"); if (cJSON_IsNull(run_as_group)) { run_as_group = NULL; } if (run_as_group) { if(!cJSON_IsNumber(run_as_group)) { goto end; //Numeric } } // v1_pod_security_context->run_as_non_root cJSON *run_as_non_root = cJSON_GetObjectItemCaseSensitive(v1_pod_security_contextJSON, "runAsNonRoot"); if (cJSON_IsNull(run_as_non_root)) { run_as_non_root = NULL; } if (run_as_non_root) { if(!cJSON_IsBool(run_as_non_root)) { goto end; //Bool } } // v1_pod_security_context->run_as_user cJSON *run_as_user = cJSON_GetObjectItemCaseSensitive(v1_pod_security_contextJSON, "runAsUser"); if (cJSON_IsNull(run_as_user)) { run_as_user = NULL; } if (run_as_user) { if(!cJSON_IsNumber(run_as_user)) { goto end; //Numeric } } // v1_pod_security_context->se_linux_change_policy cJSON *se_linux_change_policy = cJSON_GetObjectItemCaseSensitive(v1_pod_security_contextJSON, "seLinuxChangePolicy"); if (cJSON_IsNull(se_linux_change_policy)) { se_linux_change_policy = NULL; } if (se_linux_change_policy) { if(!cJSON_IsString(se_linux_change_policy) && !cJSON_IsNull(se_linux_change_policy)) { goto end; //String } } // v1_pod_security_context->se_linux_options cJSON *se_linux_options = cJSON_GetObjectItemCaseSensitive(v1_pod_security_contextJSON, "seLinuxOptions"); if (cJSON_IsNull(se_linux_options)) { se_linux_options = NULL; } if (se_linux_options) { se_linux_options_local_nonprim = v1_se_linux_options_parseFromJSON(se_linux_options); //nonprimitive } // v1_pod_security_context->seccomp_profile cJSON *seccomp_profile = cJSON_GetObjectItemCaseSensitive(v1_pod_security_contextJSON, "seccompProfile"); if (cJSON_IsNull(seccomp_profile)) { seccomp_profile = NULL; } if (seccomp_profile) { seccomp_profile_local_nonprim = v1_seccomp_profile_parseFromJSON(seccomp_profile); //nonprimitive } // v1_pod_security_context->supplemental_groups cJSON *supplemental_groups = cJSON_GetObjectItemCaseSensitive(v1_pod_security_contextJSON, "supplementalGroups"); if (cJSON_IsNull(supplemental_groups)) { supplemental_groups = NULL; } if (supplemental_groups) { cJSON *supplemental_groups_local = NULL; if(!cJSON_IsArray(supplemental_groups)) { goto end;//primitive container } supplemental_groupsList = list_createList(); cJSON_ArrayForEach(supplemental_groups_local, supplemental_groups) { if(!cJSON_IsNumber(supplemental_groups_local)) { goto end; } double *supplemental_groups_local_value = calloc(1, sizeof(double)); if(!supplemental_groups_local_value) { goto end; } *supplemental_groups_local_value = supplemental_groups_local->valuedouble; list_addElement(supplemental_groupsList , supplemental_groups_local_value); } } // v1_pod_security_context->supplemental_groups_policy cJSON *supplemental_groups_policy = cJSON_GetObjectItemCaseSensitive(v1_pod_security_contextJSON, "supplementalGroupsPolicy"); if (cJSON_IsNull(supplemental_groups_policy)) { supplemental_groups_policy = NULL; } if (supplemental_groups_policy) { if(!cJSON_IsString(supplemental_groups_policy) && !cJSON_IsNull(supplemental_groups_policy)) { goto end; //String } } // v1_pod_security_context->sysctls cJSON *sysctls = cJSON_GetObjectItemCaseSensitive(v1_pod_security_contextJSON, "sysctls"); if (cJSON_IsNull(sysctls)) { sysctls = NULL; } if (sysctls) { cJSON *sysctls_local_nonprimitive = NULL; if(!cJSON_IsArray(sysctls)){ goto end; //nonprimitive container } sysctlsList = list_createList(); cJSON_ArrayForEach(sysctls_local_nonprimitive,sysctls ) { if(!cJSON_IsObject(sysctls_local_nonprimitive)){ goto end; } v1_sysctl_t *sysctlsItem = v1_sysctl_parseFromJSON(sysctls_local_nonprimitive); list_addElement(sysctlsList, sysctlsItem); } } // v1_pod_security_context->windows_options cJSON *windows_options = cJSON_GetObjectItemCaseSensitive(v1_pod_security_contextJSON, "windowsOptions"); if (cJSON_IsNull(windows_options)) { windows_options = NULL; } if (windows_options) { windows_options_local_nonprim = v1_windows_security_context_options_parseFromJSON(windows_options); //nonprimitive } v1_pod_security_context_local_var = v1_pod_security_context_create_internal ( app_armor_profile ? app_armor_profile_local_nonprim : NULL, fs_group ? fs_group->valuedouble : 0, fs_group_change_policy && !cJSON_IsNull(fs_group_change_policy) ? strdup(fs_group_change_policy->valuestring) : NULL, run_as_group ? run_as_group->valuedouble : 0, run_as_non_root ? run_as_non_root->valueint : 0, run_as_user ? run_as_user->valuedouble : 0, se_linux_change_policy && !cJSON_IsNull(se_linux_change_policy) ? strdup(se_linux_change_policy->valuestring) : NULL, se_linux_options ? se_linux_options_local_nonprim : NULL, seccomp_profile ? seccomp_profile_local_nonprim : NULL, supplemental_groups ? supplemental_groupsList : NULL, supplemental_groups_policy && !cJSON_IsNull(supplemental_groups_policy) ? strdup(supplemental_groups_policy->valuestring) : NULL, sysctls ? sysctlsList : NULL, windows_options ? windows_options_local_nonprim : NULL ); return v1_pod_security_context_local_var; end: if (app_armor_profile_local_nonprim) { v1_app_armor_profile_free(app_armor_profile_local_nonprim); app_armor_profile_local_nonprim = NULL; } if (se_linux_options_local_nonprim) { v1_se_linux_options_free(se_linux_options_local_nonprim); se_linux_options_local_nonprim = NULL; } if (seccomp_profile_local_nonprim) { v1_seccomp_profile_free(seccomp_profile_local_nonprim); seccomp_profile_local_nonprim = NULL; } if (supplemental_groupsList) { listEntry_t *listEntry = NULL; list_ForEach(listEntry, supplemental_groupsList) { free(listEntry->data); listEntry->data = NULL; } list_freeList(supplemental_groupsList); supplemental_groupsList = NULL; } if (sysctlsList) { listEntry_t *listEntry = NULL; list_ForEach(listEntry, sysctlsList) { v1_sysctl_free(listEntry->data); listEntry->data = NULL; } list_freeList(sysctlsList); sysctlsList = NULL; } if (windows_options_local_nonprim) { v1_windows_security_context_options_free(windows_options_local_nonprim); windows_options_local_nonprim = NULL; } return NULL; }