Adding initialization for SSH policy parameter values in fallback case (

#591)
Azure · Jan 23, 2024 · 5654405 · 5654405
1 parent bef8aef
commit 5654405
Show file tree

Hide file tree

Showing 3 changed files with 185 additions and 112 deletions.
diff --git a/src/adapters/mc/OsConfigResource.c b/src/adapters/mc/OsConfigResource.c
@@ -318,34 +318,42 @@ static MI_Result GetReportedObjectValueFromDevice(const char* who, MI_Context* c
     else
     {
         // Fallback for SSH policy
-        if (0 == (mpiResult = ProcessSshAuditCheck(g_reportedObjectName, NULL, &objectValue, GetLog())))
+        if (0 == (mpiResult = InitializeSshAuditCheck(g_reportedObjectName, g_desiredObjectValue, GetLog())))
         {
-            if (NULL == objectValue)
-            {
-                mpiResult = ENODATA;
-                miResult = MI_RESULT_FAILED;
-                LogError(context, miResult, GetLog(), "[%s] ProcessSshAuditCheck(%s): no payload (%s, %d) (%d)",
-                    who, g_reportedObjectName, objectValue, objectValueLength, mpiResult);
-            }
-            else
+            if (0 == (mpiResult = ProcessSshAuditCheck(g_reportedObjectName, NULL, &objectValue, GetLog())))
             {
-                LogInfo(context, GetLog(), "[%s] ProcessSshAuditCheck(%s): '%s'", who, g_reportedObjectName, objectValue);
-
-                FREE_MEMORY(g_reportedObjectValue);
-                if (NULL == (g_reportedObjectValue = DuplicateString(objectValue)))
+                if (NULL == objectValue)
                 {
-                    mpiResult = ENOMEM;
+                    mpiResult = ENODATA;
                     miResult = MI_RESULT_FAILED;
-                    LogError(context, miResult, GetLog(), "[%s] DuplicateString(%s) failed", who, objectValue);
+                    LogError(context, miResult, GetLog(), "[%s] ProcessSshAuditCheck(%s): no payload (%s, %d) (%d)",
+                        who, g_reportedObjectName, objectValue, objectValueLength, mpiResult);
                 }
+                else
+                {
+                    LogInfo(context, GetLog(), "[%s] ProcessSshAuditCheck(%s): '%s'", who, g_reportedObjectName, objectValue);
 
-                FREE_MEMORY(objectValue);
+                    FREE_MEMORY(g_reportedObjectValue);
+                    if (NULL == (g_reportedObjectValue = DuplicateString(objectValue)))
+                    {
+                        mpiResult = ENOMEM;
+                        miResult = MI_RESULT_FAILED;
+                        LogError(context, miResult, GetLog(), "[%s] DuplicateString(%s) failed", who, objectValue);
+                    }
+
+                    FREE_MEMORY(objectValue);
+                }
+            }
+            else
+            {
+                miResult = MI_RESULT_FAILED;
+                LogError(context, miResult, GetLog(), "[%s] ProcessSshAuditCheck(%s) failed with %d", who, g_reportedObjectName, mpiResult);
             }
         }
         else
         {
             miResult = MI_RESULT_FAILED;
-            LogError(context, miResult, GetLog(), "[%s] ProcessSshAuditCheck(%s) failed with %d", who, g_reportedObjectName, mpiResult);
+            LogError(context, miResult, GetLog(), "[%s] InitializeSshAuditCheck(%s) failed with %d", who, g_reportedObjectName, mpiResult);
         }
     }
 
@@ -462,12 +470,6 @@ void MI_CALL OsConfigResource_Invoke_GetTargetResource(
         LogError(context, miResult, GetLog(), "[OsConfigResource.Get] No DesiredObjectName");
     }
 
-    // Read the reported MIM object value from the local device
-    if (MI_RESULT_OK != (miResult = GetReportedObjectValueFromDevice("OsConfigResource.Get", context)))
-    {
-        goto Exit;
-    }
-
     // Read the desired MIM object value from the input resource values
     if ((in->InputResource.value->DesiredObjectValue.exists == MI_TRUE) && (in->InputResource.value->DesiredObjectValue.value != NULL))
     {
@@ -479,6 +481,12 @@ void MI_CALL OsConfigResource_Invoke_GetTargetResource(
         }
     }
 
+    // Read the reported MIM object value from the local device
+    if (MI_RESULT_OK != (miResult = GetReportedObjectValueFromDevice("OsConfigResource.Get", context)))
+    {
+        goto Exit;
+    }
+
     // Read the expected MIM object value from the input resource values, we'll use this to determine compliance
     if ((in->InputResource.value->ExpectedObjectValue.exists == MI_TRUE) && (in->InputResource.value->ExpectedObjectValue.value != NULL))
     {
@@ -794,6 +802,17 @@ void MI_CALL OsConfigResource_Invoke_TestTargetResource(
         goto Exit;
     }
 
+    // Read the desired MIM object value from the input resource values
+    if ((in->InputResource.value->DesiredObjectValue.exists == MI_TRUE) && (in->InputResource.value->DesiredObjectValue.value != NULL))
+    {
+        FREE_MEMORY(g_desiredObjectValue);
+        if (NULL == (g_desiredObjectValue = DuplicateString(in->InputResource.value->DesiredObjectValue.value)))
+        {
+            LogError(context, miResult, GetLog(), "[OsConfigResource.Test] DuplicateString(%s) failed", in->InputResource.value->DesiredObjectValue.value);
+            g_desiredObjectValue = DuplicateString(g_failValue);
+        }
+    }
+
     // Read the reported MIM object value from the local device
     if (MI_RESULT_OK != (miResult = GetReportedObjectValueFromDevice("OsConfigResource.Test", context)))
     {