From ffb6e8f2c09e6ba89661ec3ef7beb2b5c96159e7 Mon Sep 17 00:00:00 2001
From: kiper220-alt <gedertkj@basealt.ru>
Date: Mon, 11 Nov 2024 17:56:47 +0400
Subject: [PATCH 01/11] wip: add function for split cmdline string into
 `argc`/`argv`

---
 src/util.c | 29 +++++++++++++++++++++++++++++
 src/util.h |  1 +
 2 files changed, 30 insertions(+)

diff --git a/src/util.c b/src/util.c
index 729ce9c..9ccc591 100644
--- a/src/util.c
+++ b/src/util.c
@@ -37,6 +37,35 @@
 #include <string.h>
 #include <unistd.h>
 
+/* Generate argv and argc from argument string (a_str)  */
+char** make_argv(char* a_str, size_t* argc_out, const char a_delim)
+{
+	if (!argc_out)
+	{
+		return NULL;
+	}
+
+	char delim[2] = {a_delim, 0};
+	char** result = NULL;
+	char* token = strtok(a_str, delim);
+
+	(*argc_out) = 0;
+
+	// getopt skip first argument........
+	result = reallocarray(result, ++(*argc_out), sizeof(char*));
+	result[0] = NULL;
+
+	while(token)
+	{
+		result = reallocarray(result, ++(*argc_out), sizeof(char*));
+		result[(*argc_out) - 1] = strdup(token);
+		token = strtok(NULL, delim);
+	}
+
+	return result;
+}
+
+
 /* Write to a file, handling transient errors. */
 ssize_t
 retry_write(int fd, unsigned char *buf, size_t length)
diff --git a/src/util.h b/src/util.h
index f204efe..0c820b6 100644
--- a/src/util.h
+++ b/src/util.h
@@ -31,6 +31,7 @@
 #ifndef oddjob_util_h
 #define oddjob_util_h
 
+char** make_argv(char* a_str, size_t* argc_out, const char a_delim);
 ssize_t retry_write(int fd, unsigned char *buf, size_t length);
 void *oddjob_malloc(size_t size);
 void *oddjob_malloc0(size_t size);

From a69ca62f6fcec5af7f7a5aa3f952f78e5d08c962 Mon Sep 17 00:00:00 2001
From: kiper220-alt <gedertkj@basealt.ru>
Date: Mon, 11 Nov 2024 15:20:13 +0400
Subject: [PATCH 02/11] wip: add function for parsing cmdline

---
 src/gpupdate.c | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 63 insertions(+)

diff --git a/src/gpupdate.c b/src/gpupdate.c
index e7ce39b..dc0e057 100644
--- a/src/gpupdate.c
+++ b/src/gpupdate.c
@@ -55,6 +55,7 @@ static struct passwd *pwd;
 
 #define FLAG_QUIET	(1 << 1)
 #define FLAG_FORCE	(1 << 2)
+#define FLAG_STDIN	(1 << 3)
 
 /*
  * get_gpo_dir
@@ -151,6 +152,68 @@ gpupdate(const char *user, int flags)
 	return 0;
 }
 
+int
+getFlags(int argc, char** argv, char** gpo_exe, char** loglevel, int *flags)
+{
+	if (argc == 0)
+	{
+		return 0;
+	}
+	if (!argv || !gpo_exe || !gpo_exe || !loglevel || !flags)
+	{
+		return -1;
+	}
+
+	if (*gpo_exe)
+	{
+		free(*gpo_exe);
+	}
+	(*gpo_exe) = strdup("/usr/sbin/gpoa");
+	if (*loglevel)
+	{
+		free(*loglevel);
+	}
+	(*loglevel) = strdup("4");
+
+	int ret;
+	while ((ret = getopt(argc, argv, "ifl:p:")) != -1)
+	{
+		switch (ret){
+			case 'f':
+				(*flags) |= FLAG_FORCE;
+				break;
+			case 'p':
+				if (*gpo_exe)
+				{
+					free(*gpo_exe);
+				}
+				(*gpo_exe) = strdup(optarg);
+				break;
+			case 'i': {
+				(*flags) |= FLAG_STDIN;
+				break;
+			}
+			case 'l':
+				if (*loglevel)
+				{
+					free(*loglevel);
+				}
+				(*loglevel) = strdup(optarg);
+				break;
+		default:
+			fprintf(stderr, "Valid options:\n"
+				"-q\tDo not print messages when applying "
+				"a policy.\n"
+				"-f\tForce GPT download.\n"
+				"-p PATH\tOverride the gpo applier "
+				"binary (\"%s\").\n", *gpo_exe);
+			return -1;
+		}
+	}
+
+	return 0;
+}
+
 int
 main(int argc, char **argv)
 {

From dd585817acee47788ebc755fa6355df0bdad52ac Mon Sep 17 00:00:00 2001
From: kiper220-alt <gedertkj@basealt.ru>
Date: Mon, 11 Nov 2024 17:45:10 +0400
Subject: [PATCH 03/11] wip: rewrite main

- wip: replacing `getopt` with `getFlags`
- wip: add support to read arguments from stdin (flag `-i`)
---
 src/gpupdate.c | 128 +++++++++++++++++++++++++++++++++++--------------
 1 file changed, 93 insertions(+), 35 deletions(-)

diff --git a/src/gpupdate.c b/src/gpupdate.c
index dc0e057..d366d76 100644
--- a/src/gpupdate.c
+++ b/src/gpupdate.c
@@ -217,51 +217,109 @@ getFlags(int argc, char** argv, char** gpo_exe, char** loglevel, int *flags)
 int
 main(int argc, char **argv)
 {
-	char **oddjob_argv, *p;
-	int oddjob_argc, ret, flags = 0;
+	char *user = NULL, **oddjob_args, *stdin_args = NULL, *loglevel = NULL;
+	int flags = 0, oddjob_argc, ret = HANDLER_INVALID_INVOCATION;
 
 	openlog(PACKAGE "-gpupdate", LOG_PID, LOG_DAEMON);
-	gpo_exe = "/usr/sbin/gpoa";
 
-	while ((ret = getopt(argc, argv, "qfp:")) != -1) {
-		switch (ret) {
-		case 'q':
-			flags |= FLAG_QUIET;
-			break;
-		case 'f':
-			flags |= FLAG_FORCE;
+	oddjob_args = oddjob_collect_args(stdin);
+	for (oddjob_argc = 0; oddjob_args && oddjob_args[oddjob_argc]; ++oddjob_argc);
+
+	if (getFlags(argc, argv, &gpo_exe, &loglevel, &flags) == -1)
+	{
+		return ret;
+	}
+
+	if (flags & FLAG_STDIN)
+	{
+		// Parse args.
+		switch(oddjob_argc)
+		{
+			case 2:
+				user = oddjob_args[0];
+				stdin_args = oddjob_args[1];
+				break;
+			case 1:
+				stdin_args = oddjob_args[0];
+				break;
+			default:
+				syslog(LOG_ERR, "invoked with wrong arguments");
+
+				free(loglevel);
+				free(gpo_exe);
+
+				return ret;
+		}
+
+		if (!stdin_args || !*stdin_args)
+		{
+			syslog(LOG_ERR, "invoked with wrong arguments");
+
+			free(loglevel);
+			free(gpo_exe);
+
+			return ret;
+		}
+
+		size_t newArgc = 0;
+		// split stdin by ' '.
+		char** newArgv = make_argv(stdin_args, &newArgc, ' ');
+
+		// flags fallback
+		flags = FLAG_STDIN;
+
+		optind = 1;
+		// rerun getFlags with STDIN
+		if (getFlags(newArgc, newArgv, &gpo_exe, &loglevel, &flags) == -1)
+		{
+			return ret;
+		}
+
+		for (int i = newArgc; i > 0; --i)
+		{
+			free(newArgv[i - 1]);
+		}
+		free(newArgv);
+	}
+	else switch(oddjob_argc)
+	{
+		case 1:
+			user = oddjob_args[0];
 			break;
-		case 'p':
-			gpo_exe = optarg;
+		case 0:
 			break;
+
 		default:
-			fprintf(stderr, "Valid options:\n"
-				"-q\tDo not print messages when applying "
-				"a policy.\n"
-				"-f\tForce GPT download.\n"
-				"-p PATH\tOverride the gpo applier "
-				"binary (\"%s\").\n", gpo_exe);
-			return 1;
-		}
+			syslog(LOG_ERR, "invoked with wrong arguments");
+
+			free(loglevel);
+			free(gpo_exe);
+
+			return ret;
 	}
-	ret = HANDLER_INVALID_INVOCATION;
-	oddjob_argv = oddjob_collect_args(stdin);
-	for (oddjob_argc = 0; (oddjob_argv != NULL) && (oddjob_argv[oddjob_argc] != NULL); oddjob_argc++) {
-		if (oddjob_argc > 1)
-			break;
+
+	if (user)
+	{
+		if (strlen(user) == 0)
+		{
+			syslog(LOG_ERR, "invoked with wrong arguments");
+
+			free(loglevel);
+			free(gpo_exe);
+
+			return ret;
+		}
+		ret = gpupdate(user, flags);
 	}
-	switch (oddjob_argc) {
-	case 0:
+	else
+	{
 		ret = gpupdate(NULL, flags);
-		break;
-	case 1:
-		if (strlen(oddjob_argv[0]) > 0)
-			ret = gpupdate(oddjob_argv[0], flags);
-		break;
-	default:
-		syslog(LOG_ERR, "invoked with wrong arguments");
 	}
-	oddjob_free_args(oddjob_argv);
+
+	free(loglevel);
+	free(gpo_exe);
+
+	oddjob_free_args(oddjob_args);
 	closelog();
 	return ret;
 }

From 9703e0c65a90c1d0bf2991cc26b08bc2914f601f Mon Sep 17 00:00:00 2001
From: kiper220-alt <gedertkj@basealt.ru>
Date: Mon, 11 Nov 2024 17:47:23 +0400
Subject: [PATCH 04/11] wip: adding loglevel support into `gpupdate` function

---
 src/gpupdate.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/gpupdate.c b/src/gpupdate.c
index d366d76..18ecbfe 100644
--- a/src/gpupdate.c
+++ b/src/gpupdate.c
@@ -94,11 +94,12 @@ static int apply_gpo(const char *user, int flags)
 
 /* Apply group policies via GPO applier. */
 static int
-gpupdate(const char *user, int flags)
+gpupdate(const char *user, int flags, char* loglevel)
 {
 	int ret;
 	struct stat st;
 	const char *log_user = user;
+	int i_loglevel = atoi(loglevel);
 
 	/* Now make sure that the user or computer
 	   a) no user (computer)
@@ -128,7 +129,7 @@ gpupdate(const char *user, int flags)
 	exe = get_gpo_exe();
 	if (exe != NULL) {
 		/* Set the text of the result message. */
-		if (!(flags & FLAG_QUIET)) {
+		if (!(i_loglevel < 4)) {
 			printf(_("Apply group policies for %s."), log_user);
 		}
 		syslog(LOG_NOTICE, "Apply group policies for %s.", log_user);
@@ -309,11 +310,11 @@ main(int argc, char **argv)
 
 			return ret;
 		}
-		ret = gpupdate(user, flags);
+		ret = gpupdate(user, flags, loglevel);
 	}
 	else
 	{
-		ret = gpupdate(NULL, flags);
+		ret = gpupdate(NULL, flags, loglevel);
 	}
 
 	free(loglevel);

From de0a0ea727f18d9902b4bc8721dd05b09f9f432e Mon Sep 17 00:00:00 2001
From: kiper220-alt <gedertkj@basealt.ru>
Date: Mon, 11 Nov 2024 17:48:04 +0400
Subject: [PATCH 05/11] wip: adding loglevel support into `apply_gpo` function

---
 src/gpupdate.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/gpupdate.c b/src/gpupdate.c
index 18ecbfe..8c044bf 100644
--- a/src/gpupdate.c
+++ b/src/gpupdate.c
@@ -70,7 +70,7 @@ get_gpo_exe(void)
 	return gpo_exe ? gpo_exe : "/usr/sbin/gpoa";
 }
 
-static int apply_gpo(const char *user, int flags)
+static int apply_gpo(const char *user, int flags, char* loglevel)
 {
 	int status;
 	pid_t pid = fork();
@@ -80,9 +80,9 @@ static int apply_gpo(const char *user, int flags)
 		return 1;
 	case 0:
 	if (flags & FLAG_FORCE) {
-		execl(exe, exe, "--force", user, NULL);
+		execl(exe, exe, "--force", "--loglevel", loglevel, user, NULL);
 	} else {
-		execl(exe, exe, user, NULL);
+		execl(exe, exe, "--loglevel", loglevel, user, NULL);
 	}
 		return 3;
 	default:
@@ -143,7 +143,7 @@ gpupdate(const char *user, int flags, char* loglevel)
 				return HANDLER_INVALID_INVOCATION;
 			}
 		}
-		ret = apply_gpo(user, flags);
+		ret = apply_gpo(user, flags, loglevel);
 		if (ret != 0) {
 			syslog(LOG_ERR,
 			       "error applying GPO for %s (error code %d)", log_user, ret);

From f1ee92f0479e1965ee3bcf4927531753babc0a0d Mon Sep 17 00:00:00 2001
From: kiper220-alt <gedertkj@basealt.ru>
Date: Mon, 11 Nov 2024 17:49:01 +0400
Subject: [PATCH 06/11] chore: remove unused macro

---
 src/gpupdate.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/gpupdate.c b/src/gpupdate.c
index 8c044bf..c45f377 100644
--- a/src/gpupdate.c
+++ b/src/gpupdate.c
@@ -53,9 +53,8 @@ static const char *exe;
 static const char *gpo_exe;
 static struct passwd *pwd;
 
-#define FLAG_QUIET	(1 << 1)
+#define FLAG_STDIN	(1 << 1)
 #define FLAG_FORCE	(1 << 2)
-#define FLAG_STDIN	(1 << 3)
 
 /*
  * get_gpo_dir

From 911f843ca4decf3d922cf7a0a1a031424fc7bc88 Mon Sep 17 00:00:00 2001
From: kiper220-alt <gedertkj@basealt.ru>
Date: Mon, 11 Nov 2024 17:49:41 +0400
Subject: [PATCH 07/11] chore: remove `const` from `gpo_exe`

---
 src/gpupdate.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/gpupdate.c b/src/gpupdate.c
index c45f377..4790990 100644
--- a/src/gpupdate.c
+++ b/src/gpupdate.c
@@ -50,7 +50,7 @@
 
 #define _(_x) _x
 static const char *exe;
-static const char *gpo_exe;
+static char *gpo_exe;
 static struct passwd *pwd;
 
 #define FLAG_STDIN	(1 << 1)

From 1659c2f6e958a76083e0aaabb2294a67fe079f39 Mon Sep 17 00:00:00 2001
From: kiper220-alt <gedertkj@basealt.ru>
Date: Mon, 11 Nov 2024 17:53:56 +0400
Subject: [PATCH 08/11] wip: update `oddjobd.conf`

---
 src/oddjobd-gpupdate.conf.in | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/oddjobd-gpupdate.conf.in b/src/oddjobd-gpupdate.conf.in
index 45ec698..850b208 100644
--- a/src/oddjobd-gpupdate.conf.in
+++ b/src/oddjobd-gpupdate.conf.in
@@ -25,20 +25,20 @@
       <interface name="@NAMESPACE@.oddjob_gpupdate">
 
         <method name="gpupdate_computer">
-          <helper exec="@mypkglibexecdir@/gpupdate"
-                  arguments="0"/>
+          <helper exec="@mypkglibexecdir@/gpupdate -i"
+                  arguments="1"/>
           <allow/>
         </method>
 
         <method name="gpupdate">
-          <helper exec="@mypkglibexecdir@/gpupdate"
-                  arguments="0"
+          <helper exec="@mypkglibexecdir@/gpupdate -i"
+                  arguments="1"
                   prepend_user_name="yes"/>
           <allow/>
         </method>
 
         <method name="gpupdatefor">
-          <helper exec="@mypkglibexecdir@/gpupdate"
+          <helper exec="@mypkglibexecdir@/gpupdate -i"
                   arguments="1"/>
           <allow user="root"/>
         </method>

From 51a4ddcbc243c733e1cbece86f0be9858b3c5642 Mon Sep 17 00:00:00 2001
From: kiper220-alt <gedertkj@basealt.ru>
Date: Mon, 11 Nov 2024 18:15:40 +0400
Subject: [PATCH 09/11] wip: add `-l` flag into error message

---
 src/gpupdate.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/gpupdate.c b/src/gpupdate.c
index 4790990..8207e0c 100644
--- a/src/gpupdate.c
+++ b/src/gpupdate.c
@@ -205,6 +205,7 @@ getFlags(int argc, char** argv, char** gpo_exe, char** loglevel, int *flags)
 				"-q\tDo not print messages when applying "
 				"a policy.\n"
 				"-f\tForce GPT download.\n"
+				"-l LEVEL\tSet loglevel.\n"
 				"-p PATH\tOverride the gpo applier "
 				"binary (\"%s\").\n", *gpo_exe);
 			return -1;

From f58d18a68a7fe98b344ef9405f097960f9d49dfb Mon Sep 17 00:00:00 2001
From: kiper220-alt <gedertkj@basealt.ru>
Date: Mon, 18 Nov 2024 14:05:26 +0400
Subject: [PATCH 10/11] fix: rewrite `oddjobd.conf` for legacy support

---
 src/oddjobd-gpupdate.conf.in | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/src/oddjobd-gpupdate.conf.in b/src/oddjobd-gpupdate.conf.in
index 850b208..55474f6 100644
--- a/src/oddjobd-gpupdate.conf.in
+++ b/src/oddjobd-gpupdate.conf.in
@@ -24,21 +24,34 @@
 
       <interface name="@NAMESPACE@.oddjob_gpupdate">
 
-        <method name="gpupdate_computer">
+        <method name="gpupdate_computer_arg">
           <helper exec="@mypkglibexecdir@/gpupdate -i"
                   arguments="1"/>
           <allow/>
         </method>
 
-        <method name="gpupdate">
+        <method name="gpupdate_arg">
           <helper exec="@mypkglibexecdir@/gpupdate -i"
                   arguments="1"
                   prepend_user_name="yes"/>
           <allow/>
         </method>
 
+        <method name="gpupdate_computer">
+          <helper exec="@mypkglibexecdir@/gpupdate"
+                  arguments="0"/>
+          <allow/>
+        </method>
+
+        <method name="gpupdate">
+          <helper exec="@mypkglibexecdir@/gpupdate"
+                  arguments="0"
+                  prepend_user_name="yes"/>
+          <allow/>
+        </method>
+
         <method name="gpupdatefor">
-          <helper exec="@mypkglibexecdir@/gpupdate -i"
+          <helper exec="@mypkglibexecdir@/gpupdate"
                   arguments="1"/>
           <allow user="root"/>
         </method>

From de860f6162ef426355f9ecc9c62c5b9e61a3a6f0 Mon Sep 17 00:00:00 2001
From: kiper220-alt <gedertkj@basealt.ru>
Date: Mon, 18 Nov 2024 14:13:36 +0400
Subject: [PATCH 11/11] wip: adding `gpupdate_arg`/`gpupdate_computer_arg` into
 `oddjob.conf`

---
 src/oddjob-gpupdate.conf.in  | 21 +++++++++++++++++++++
 src/oddjobd-gpupdate.conf.in | 26 +++++++++++++-------------
 2 files changed, 34 insertions(+), 13 deletions(-)

diff --git a/src/oddjob-gpupdate.conf.in b/src/oddjob-gpupdate.conf.in
index 44c6e5a..4c24efd 100644
--- a/src/oddjob-gpupdate.conf.in
+++ b/src/oddjob-gpupdate.conf.in
@@ -55,6 +55,27 @@
            send_member="gpupdate_computer"/>
   </policy>
 
+
+  <!-- Allow anyone to try to call the gpupdate method, which is part of
+       the "gpupdate" interface implemented by the "/" object provided
+       by the @NAMESPACE@.oddjob_gpupdate service. -->
+  <policy context="default">
+    <allow send_destination="@NAMESPACE@.oddjob_gpupdate"
+           send_path="/"
+           send_interface="@NAMESPACE@.oddjob_gpupdate"
+           send_member="gpupdate_arg"/>
+  </policy>
+
+  <!-- Allow anyone to try to call the gpupdate method, which is part of
+       the "gpupdate" interface implemented by the "/" object provided
+       by the @NAMESPACE@.oddjob_gpupdate service. -->
+  <policy context="default">
+    <allow send_destination="@NAMESPACE@.oddjob_gpupdate"
+           send_path="/"
+           send_interface="@NAMESPACE@.oddjob_gpupdate"
+           send_member="gpupdate_computer_arg"/>
+  </policy>
+
   <!-- Allow anyone to try to call the gpupdate method, which is part of
        the "gpupdate" interface implemented by the "/" object provided
        by the @NAMESPACE@.oddjob_gpupdate_force service. -->
diff --git a/src/oddjobd-gpupdate.conf.in b/src/oddjobd-gpupdate.conf.in
index 55474f6..7c51305 100644
--- a/src/oddjobd-gpupdate.conf.in
+++ b/src/oddjobd-gpupdate.conf.in
@@ -24,19 +24,6 @@
 
       <interface name="@NAMESPACE@.oddjob_gpupdate">
 
-        <method name="gpupdate_computer_arg">
-          <helper exec="@mypkglibexecdir@/gpupdate -i"
-                  arguments="1"/>
-          <allow/>
-        </method>
-
-        <method name="gpupdate_arg">
-          <helper exec="@mypkglibexecdir@/gpupdate -i"
-                  arguments="1"
-                  prepend_user_name="yes"/>
-          <allow/>
-        </method>
-
         <method name="gpupdate_computer">
           <helper exec="@mypkglibexecdir@/gpupdate"
                   arguments="0"/>
@@ -56,6 +43,19 @@
           <allow user="root"/>
         </method>
 
+        <method name="gpupdate_computer_arg">
+          <helper exec="@mypkglibexecdir@/gpupdate -i"
+                  arguments="1"/>
+          <allow/>
+        </method>
+
+        <method name="gpupdate_arg">
+          <helper exec="@mypkglibexecdir@/gpupdate -i"
+                  arguments="1"
+                  prepend_user_name="yes"/>
+          <allow/>
+        </method>
+
         <method name="gpupdate_computer_force">
           <helper exec="@mypkglibexecdir@/gpupdate -f"
                   arguments="0"/>