2023-09-29 18:40:35 +01:00
|
|
|
// Copyright (c) Tailscale Inc & AUTHORS
|
|
|
|
// SPDX-License-Identifier: BSD-3-Clause
|
|
|
|
|
|
|
|
package syspolicy
|
|
|
|
|
|
|
|
import (
|
|
|
|
"errors"
|
|
|
|
"sync/atomic"
|
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
handlerUsed atomic.Bool
|
|
|
|
handler Handler = defaultHandler{}
|
|
|
|
)
|
|
|
|
|
|
|
|
// Handler reads system policies from OS-specific storage.
|
|
|
|
type Handler interface {
|
2024-04-14 01:38:55 +01:00
|
|
|
// ReadString reads the policy setting's string value for the given key.
|
|
|
|
// It should return ErrNoSuchKey if the key does not have a value set.
|
2023-09-29 18:40:35 +01:00
|
|
|
ReadString(key string) (string, error)
|
2024-04-14 01:38:55 +01:00
|
|
|
// ReadUInt64 reads the policy setting's uint64 value for the given key.
|
|
|
|
// It should return ErrNoSuchKey if the key does not have a value set.
|
2023-09-29 18:40:35 +01:00
|
|
|
ReadUInt64(key string) (uint64, error)
|
2024-04-14 01:38:55 +01:00
|
|
|
// ReadBool reads the policy setting's boolean value for the given key.
|
|
|
|
// It should return ErrNoSuchKey if the key does not have a value set.
|
2023-09-30 02:27:04 +01:00
|
|
|
ReadBoolean(key string) (bool, error)
|
2024-04-24 06:23:48 +01:00
|
|
|
// ReadStringArray reads the policy setting's string array value for the given key.
|
|
|
|
// It should return ErrNoSuchKey if the key does not have a value set.
|
|
|
|
ReadStringArray(key string) ([]string, error)
|
2023-09-29 18:40:35 +01:00
|
|
|
}
|
|
|
|
|
2024-04-14 01:38:55 +01:00
|
|
|
// ErrNoSuchKey is returned by a Handler when the specified key does not have a
|
|
|
|
// value set.
|
2023-09-29 18:40:35 +01:00
|
|
|
var ErrNoSuchKey = errors.New("no such key")
|
|
|
|
|
|
|
|
// defaultHandler is the catch all syspolicy type for anything that isn't windows or apple.
|
|
|
|
type defaultHandler struct{}
|
|
|
|
|
|
|
|
func (defaultHandler) ReadString(_ string) (string, error) {
|
|
|
|
return "", ErrNoSuchKey
|
|
|
|
}
|
|
|
|
|
|
|
|
func (defaultHandler) ReadUInt64(_ string) (uint64, error) {
|
|
|
|
return 0, ErrNoSuchKey
|
|
|
|
}
|
|
|
|
|
2023-09-30 02:27:04 +01:00
|
|
|
func (defaultHandler) ReadBoolean(_ string) (bool, error) {
|
|
|
|
return false, ErrNoSuchKey
|
|
|
|
}
|
|
|
|
|
2024-04-24 06:23:48 +01:00
|
|
|
func (defaultHandler) ReadStringArray(_ string) ([]string, error) {
|
|
|
|
return nil, ErrNoSuchKey
|
|
|
|
}
|
|
|
|
|
2023-09-29 18:40:35 +01:00
|
|
|
// markHandlerInUse is called before handler methods are called.
|
|
|
|
func markHandlerInUse() {
|
|
|
|
handlerUsed.Store(true)
|
|
|
|
}
|
|
|
|
|
|
|
|
// RegisterHandler initializes the policy handler and ensures registration will happen once.
|
|
|
|
func RegisterHandler(h Handler) {
|
|
|
|
// Technically this assignment is not concurrency safe, but in the
|
|
|
|
// event that there was any risk of a data race, we will panic due to
|
|
|
|
// the CompareAndSwap failing.
|
|
|
|
handler = h
|
|
|
|
if !handlerUsed.CompareAndSwap(false, true) {
|
|
|
|
panic("handler was already used before registration")
|
|
|
|
}
|
|
|
|
}
|
2023-11-29 21:48:25 +00:00
|
|
|
|
2024-05-24 07:13:32 +01:00
|
|
|
// TB is a subset of testing.TB that we use to set up test helpers.
|
|
|
|
// It's defined here to avoid pulling in the testing package.
|
|
|
|
type TB interface {
|
|
|
|
Helper()
|
|
|
|
Cleanup(func())
|
|
|
|
}
|
|
|
|
|
|
|
|
func SetHandlerForTest(tb TB, h Handler) {
|
2023-11-29 21:48:25 +00:00
|
|
|
tb.Helper()
|
|
|
|
oldHandler := handler
|
|
|
|
handler = h
|
|
|
|
tb.Cleanup(func() { handler = oldHandler })
|
|
|
|
}
|