From nobody Thu May 9 23:53:25 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1602778221; cv=none; d=zohomail.com; s=zohoarc; b=DXBL8mEK0E/WWXDY7Tilz8JYQxe7SDB/yVhIpIAbwM04XHlwODo620YqXYvkTVX7vOHTxaEfHsenXGpv6Byswyz1oLwDH2he1UwyVMcrEfHBGgKidkHr14oL+90T1r4VLKwYoMzvMuhcfajUy0NBj8ZJrHw3MrB2A9RJk6UNLm4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1602778221; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=AEwokNpaJuUDVsNHgYdXo/yVHSRMYZs/mGEvGC9b4Ek=; b=VkaD0/x0d1xeWvnDLNHm6asnVGlvTzXxq6bwrVVGiCSC+Lqd8Xs7Gh9iWyV+auHXlor8f77+XEu1xuJREvsXUWGEojPjRUT3rxZRqazd0ndWQFaF6abVSwwg5xf6CsVIMahjkYTpViCqAryHCnuTzUEEVc0U1x7t84QqDC3bTPs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1602778221270394.20366472119247; Thu, 15 Oct 2020 09:10:21 -0700 (PDT) Received: from localhost ([::1]:34606 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kT5pc-0002a8-0a for importer@patchew.org; Thu, 15 Oct 2020 12:10:20 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34274) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kT5o5-0000sN-OI for qemu-devel@nongnu.org; Thu, 15 Oct 2020 12:08:45 -0400 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:31015) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kT5o1-00042r-1r for qemu-devel@nongnu.org; Thu, 15 Oct 2020 12:08:44 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-169-uf02NgvUPXK3uv7tM-NTSw-1; Thu, 15 Oct 2020 12:08:37 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id AAED810A0B81; Thu, 15 Oct 2020 16:08:36 +0000 (UTC) Received: from localhost (unknown [10.36.110.63]) by smtp.corp.redhat.com (Postfix) with ESMTP id E5ED076670; Thu, 15 Oct 2020 16:08:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1602778120; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=AEwokNpaJuUDVsNHgYdXo/yVHSRMYZs/mGEvGC9b4Ek=; b=bNmU0qFdOtx9XnQVcwp7Yn55tygJ44b4aj5qDygOYeHvGptYBZohjukLKetNclbs6TL0qB gUIhxDObuljZ5x2R2GcEsnI0hc/9xnd0SWLNaHvPGCixFVsXh0bZN4lIzyIxAEFBDaI9GC kKoHqUC7K3b5LPfDDcdY553CyyElFd0= X-MC-Unique: uf02NgvUPXK3uv7tM-NTSw-1 From: marcandre.lureau@redhat.com To: qemu-devel@nongnu.org Subject: [PATCH v2 1/2] glib-compat: add g_unix_get_passwd_entry_qemu() Date: Thu, 15 Oct 2020 20:08:18 +0400 Message-Id: <20201015160819.1471144-2-marcandre.lureau@redhat.com> In-Reply-To: <20201015160819.1471144-1-marcandre.lureau@redhat.com> References: <20201015160819.1471144-1-marcandre.lureau@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=marcandre.lureau@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=216.205.24.124; envelope-from=marcandre.lureau@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/10/15 02:38:26 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , berrange@redhat.com, Michael Roth Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Marc-Andr=C3=A9 Lureau The glib function was introduced in 2.64. It's a safer version of getpwnam, and also simpler to use than getpwnam_r. Currently, it's only use by the next patch in qemu-ga, which doesn't (well well...) need the thread safety guarantees. Since the fallback version is still unsafe, I would rather keep the _qemu postfix, to make sure it's not being misused by mistake. When/if necessary, we can implement a safer fallback and drop the _qemu suffix. Signed-off-by: Marc-Andr=C3=A9 Lureau Reviewed-by: Michal Privoznik --- include/glib-compat.h | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/include/glib-compat.h b/include/glib-compat.h index 0b0ec76299..32121320e9 100644 --- a/include/glib-compat.h +++ b/include/glib-compat.h @@ -30,6 +30,11 @@ #pragma GCC diagnostic ignored "-Wdeprecated-declarations" =20 #include +#if defined(G_OS_UNIX) +#include +#include +#include +#endif =20 /* * Note that because of the GLIB_VERSION_MAX_ALLOWED constant above, allow= ing @@ -72,6 +77,27 @@ gint g_poll_fixed(GPollFD *fds, guint nfds, gint timeout); #endif =20 +#if defined(G_OS_UNIX) +/* Note: The fallback implementation is not MT-safe, and it returns a copy= of + * the libc passwd (must be g_free() after use) but not the content. Becau= se of + * these important differences the caller must be aware of, it's not #defi= ne for + * GLib API substitution. */ +static inline struct passwd * +g_unix_get_passwd_entry_qemu(const gchar *user_name, GError **error) +{ +#if GLIB_CHECK_VERSION(2, 64, 0) + return g_unix_get_passwd_entry(user_name, error); +#else + struct passwd *p =3D getpwnam(user_name); + if (!p) { + g_set_error_literal(error, G_UNIX_ERROR, 0, g_strerror(errno)); + return NULL; + } + return g_memdup(p, sizeof(*p)); +#endif +} +#endif /* G_OS_UNIX */ + #pragma GCC diagnostic pop =20 #endif --=20 2.28.0 From nobody Thu May 9 23:53:25 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1602778230; cv=none; d=zohomail.com; s=zohoarc; b=CmeWKNc4WMOcyljTfpVCo7URWTRLk3siaHd2VKuGZxkpBMUaeiJvSSYOfJYFjye/eTNa5id+Cqo3xaPyE1EJB/pmaA6QEOQNq3abdsECfsvQNz2SzDt9poikTpS9NPVuLRVk2UGGajlVIXiq89ufxcDKR5ygbLRc8qlgdqrkbRA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1602778230; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=EQQYyqsWPl19bLlBE5a39LlSvbmfRG/vS/KYm3UQUbI=; b=diD6OfCJefHM95ynUpcgPZ18RD0C1fW+NYpIFzvRG8v7bpaaiewjEhPRqdF6jdEu7fS8yPAflz7JwByZ1xBf9tUAWwKOoGBkp2qsGb/BQXYNW09ofdjDyah0PdxIQpyMVdM8TxqPdM/Qel++Uefnus+wiieXl9Kf13/m8hgweec= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1602778230752739.6125206149073; Thu, 15 Oct 2020 09:10:30 -0700 (PDT) Received: from localhost ([::1]:35464 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kT5pl-0002vf-SE for importer@patchew.org; Thu, 15 Oct 2020 12:10:29 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34330) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kT5oD-00019f-6y for qemu-devel@nongnu.org; Thu, 15 Oct 2020 12:08:53 -0400 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:37297) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kT5oA-00044Y-Oy for qemu-devel@nongnu.org; Thu, 15 Oct 2020 12:08:52 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-151-IzEcfdYgNweNB4_loGf6KQ-1; Thu, 15 Oct 2020 12:08:47 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id CAF7A8030AE; Thu, 15 Oct 2020 16:08:46 +0000 (UTC) Received: from localhost (unknown [10.36.110.63]) by smtp.corp.redhat.com (Postfix) with ESMTP id C790E10013C1; Thu, 15 Oct 2020 16:08:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1602778130; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=EQQYyqsWPl19bLlBE5a39LlSvbmfRG/vS/KYm3UQUbI=; b=U4mV7/2+7dIcrn4naKWv836RHrGmq8ZJMLNmPXJzW5gw7ZeWc3IBnxbzret9zHA7E5RAkx AJhkDWlQeQ6FObyNfKgk1EqYV7s2aBpBYFOC2lcu71rYXynTo4TGj5VTUjvwPDA/EEiIRv 71FEJ1WOxpvcoz2nK4eUBBZNchsjTSw= X-MC-Unique: IzEcfdYgNweNB4_loGf6KQ-1 From: marcandre.lureau@redhat.com To: qemu-devel@nongnu.org Subject: [PATCH v2 2/2] qga: add ssh-{add,remove}-authorized-keys Date: Thu, 15 Oct 2020 20:08:19 +0400 Message-Id: <20201015160819.1471144-3-marcandre.lureau@redhat.com> In-Reply-To: <20201015160819.1471144-1-marcandre.lureau@redhat.com> References: <20201015160819.1471144-1-marcandre.lureau@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=marcandre.lureau@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=216.205.24.124; envelope-from=marcandre.lureau@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/10/15 02:38:26 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , berrange@redhat.com, Michael Roth Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Marc-Andr=C3=A9 Lureau Add new commands to add and remove SSH public keys from ~/.ssh/authorized_keys. I took a different approach for testing, including the unit tests right with the code. I wanted to overwrite the function to get the user details, I couldn't easily do that over QMP. Furthermore, I prefer having unit tests very close to the code, and unit files that are domain specific (commands-posix is too crowded already). FWIW, that coding/testing style is Rust-style (where tests can or should even be part of the documentation!). Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=3D1885332 Signed-off-by: Marc-Andr=C3=A9 Lureau Reviewed-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- qga/commands-posix-ssh.c | 400 +++++++++++++++++++++++++++++++++++++++ qga/commands-win32.c | 12 ++ qga/meson.build | 20 +- qga/qapi-schema.json | 33 ++++ 4 files changed, 464 insertions(+), 1 deletion(-) create mode 100644 qga/commands-posix-ssh.c diff --git a/qga/commands-posix-ssh.c b/qga/commands-posix-ssh.c new file mode 100644 index 0000000000..d41c114c3c --- /dev/null +++ b/qga/commands-posix-ssh.c @@ -0,0 +1,400 @@ + /* + * This work is licensed under the terms of the GNU GPL, version 2 or lat= er. + * See the COPYING file in the top-level directory. + */ +#include "qemu/osdep.h" + +#include +#include +#include +#include + +#include "qapi/error.h" +#include "qga-qapi-commands.h" + +#ifdef QGA_BUILD_UNIT_TEST +static struct passwd * +test_get_passwd_entry(const gchar *user_name, GError **error) +{ + struct passwd *p; + int ret; + + if (!user_name || g_strcmp0(user_name, g_get_user_name())) { + g_set_error(error, G_UNIX_ERROR, 0, "Invalid user name"); + return NULL; + } + + p =3D g_new0(struct passwd, 1); + p->pw_dir =3D (char *)g_get_home_dir(); + p->pw_uid =3D geteuid(); + p->pw_gid =3D getegid(); + + ret =3D g_mkdir_with_parents(p->pw_dir, 0700); + g_assert_cmpint(ret, =3D=3D, 0); + + return p; +} + +#define g_unix_get_passwd_entry_qemu(username, err) \ + test_get_passwd_entry(username, err) +#endif + +static struct passwd * +get_passwd_entry(const char *username, Error **errp) +{ + g_autoptr(GError) err =3D NULL; + struct passwd *p; + + ERRP_GUARD(); + + p =3D g_unix_get_passwd_entry_qemu(username, &err); + if (p =3D=3D NULL) { + error_setg(errp, "failed to lookup user '%s': %s", + username, err->message); + return NULL; + } + + return p; +} + +static bool +mkdir_for_user(const char *path, const struct passwd *p, + mode_t mode, Error **errp) +{ + ERRP_GUARD(); + + if (g_mkdir(path, mode) =3D=3D -1) { + error_setg(errp, "failed to create directory '%s': %s", + path, g_strerror(errno)); + return false; + } + + if (chown(path, p->pw_uid, p->pw_gid) =3D=3D -1) { + error_setg(errp, "failed to set ownership of directory '%s': %s", + path, g_strerror(errno)); + return false; + } + + if (chmod(path, mode) =3D=3D -1) { + error_setg(errp, "failed to set permissions of directory '%s': %s", + path, g_strerror(errno)); + return false; + } + + return true; +} + +static bool +check_openssh_pub_key(const char *key, Error **errp) +{ + ERRP_GUARD(); + + /* simple sanity-check, we may want more? */ + if (!key || key[0] =3D=3D '#' || strchr(key, '\n')) { + error_setg(errp, "invalid OpenSSH public key: '%s'", key); + return false; + } + + return true; +} + +static bool +check_openssh_pub_keys(strList *keys, size_t *nkeys, Error **errp) +{ + size_t n =3D 0; + strList *k; + + ERRP_GUARD(); + + for (k =3D keys; k !=3D NULL; k =3D k->next) { + if (!check_openssh_pub_key(k->value, errp)) { + return false; + } + n++; + } + + if (nkeys) { + *nkeys =3D n; + } + return true; +} + +static bool +write_authkeys(const char *path, const GStrv keys, Error **errp) +{ + g_autofree char *contents =3D NULL; + g_autoptr(GError) err =3D NULL; + + ERRP_GUARD(); + + contents =3D g_strjoinv("\n", keys); + if (!g_file_set_contents(path, contents, -1, &err)) { + error_setg(errp, "failed to write to '%s': %s", path, err->message= ); + return false; + } + + if (chmod(path, 0600) =3D=3D -1) { + error_setg(errp, "failed to set permissions of '%s': %s", + path, g_strerror(errno)); + return false; + } + + return true; +} + +static GStrv +read_authkeys(const char *path, Error **errp) +{ + g_autoptr(GError) err =3D NULL; + g_autofree char *contents =3D NULL; + + ERRP_GUARD(); + + if (!g_file_get_contents(path, &contents, NULL, &err)) { + error_setg(errp, "failed to read '%s': %s", path, err->message); + return NULL; + } + + return g_strsplit(contents, "\n", -1); + +} + +void +qmp_guest_ssh_add_authorized_keys(const char *username, strList *keys, + Error **errp) +{ + g_autofree struct passwd *p =3D NULL; + g_autofree char *ssh_path =3D NULL; + g_autofree char *authkeys_path =3D NULL; + g_auto(GStrv) authkeys =3D NULL; + strList *k; + size_t nkeys, nauthkeys; + + ERRP_GUARD(); + + if (!check_openssh_pub_keys(keys, &nkeys, errp)) { + return; + } + + p =3D get_passwd_entry(username, errp); + if (p =3D=3D NULL) { + return; + } + + ssh_path =3D g_build_filename(p->pw_dir, ".ssh", NULL); + authkeys_path =3D g_build_filename(ssh_path, "authorized_keys", NULL); + + authkeys =3D read_authkeys(authkeys_path, NULL); + if (authkeys =3D=3D NULL) { + if (!g_file_test(ssh_path, G_FILE_TEST_IS_DIR) && + !mkdir_for_user(ssh_path, p, 0700, errp)) { + return; + } + } + + nauthkeys =3D authkeys ? g_strv_length(authkeys) : 0; + authkeys =3D g_realloc_n(authkeys, nauthkeys + nkeys + 1, sizeof(char = *)); + memset(authkeys + nauthkeys, 0, (nkeys + 1) * sizeof(char *)); + + for (k =3D keys; k !=3D NULL; k =3D k->next) { + if (g_strv_contains((const gchar * const *)authkeys, k->value)) { + continue; + } + authkeys[nauthkeys++] =3D g_strdup(k->value); + } + + write_authkeys(authkeys_path, authkeys, errp); +} + +void +qmp_guest_ssh_remove_authorized_keys(const char *username, strList *keys, + Error **errp) +{ + g_autofree struct passwd *p =3D NULL; + g_autofree char *authkeys_path =3D NULL; + g_autofree GStrv new_keys =3D NULL; /* do not own the strings */ + g_auto(GStrv) authkeys =3D NULL; + GStrv a; + size_t nkeys =3D 0; + + ERRP_GUARD(); + + if (!check_openssh_pub_keys(keys, NULL, errp)) { + return; + } + + p =3D get_passwd_entry(username, errp); + if (p =3D=3D NULL) { + return; + } + + authkeys_path =3D g_build_filename(p->pw_dir, ".ssh", + "authorized_keys", NULL); + if (!g_file_test(authkeys_path, G_FILE_TEST_EXISTS)) { + return; + } + authkeys =3D read_authkeys(authkeys_path, errp); + if (authkeys =3D=3D NULL) { + return; + } + + new_keys =3D g_new0(char *, g_strv_length(authkeys) + 1); + for (a =3D authkeys; *a !=3D NULL; a++) { + strList *k; + + for (k =3D keys; k !=3D NULL; k =3D k->next) { + if (g_str_equal(k->value, *a)) { + break; + } + } + if (k !=3D NULL) { + continue; + } + + new_keys[nkeys++] =3D *a; + } + + write_authkeys(authkeys_path, new_keys, errp); +} + + +#ifdef QGA_BUILD_UNIT_TEST +#if GLIB_CHECK_VERSION(2, 60, 0) +static const strList test_key2 =3D { + .value =3D (char *)"algo key2 comments" +}; + +static const strList test_key1_2 =3D { + .value =3D (char *)"algo key1 comments", + .next =3D (strList *)&test_key2, +}; + +static char * +test_get_authorized_keys_path(void) +{ + return g_build_filename(g_get_home_dir(), ".ssh", "authorized_keys", N= ULL); +} + +static void +test_authorized_keys_set(const char *contents) +{ + g_autoptr(GError) err =3D NULL; + g_autofree char *path =3D NULL; + int ret; + + path =3D g_build_filename(g_get_home_dir(), ".ssh", NULL); + ret =3D g_mkdir_with_parents(path, 0700); + g_assert_cmpint(ret, =3D=3D, 0); + g_free(path); + + path =3D test_get_authorized_keys_path(); + g_file_set_contents(path, contents, -1, &err); + g_assert_no_error(err); +} + +static void +test_authorized_keys_equal(const char *expected) +{ + g_autoptr(GError) err =3D NULL; + g_autofree char *path =3D NULL; + g_autofree char *contents =3D NULL; + + path =3D test_get_authorized_keys_path(); + g_file_get_contents(path, &contents, NULL, &err); + g_assert_no_error(err); + + g_assert_cmpstr(contents, =3D=3D, expected); +} + +static void +test_invalid_user(void) +{ + Error *err =3D NULL; + + qmp_guest_ssh_add_authorized_keys("", NULL, &err); + error_free_or_abort(&err); + + qmp_guest_ssh_remove_authorized_keys("", NULL, &err); + error_free_or_abort(&err); +} + +static void +test_invalid_key(void) +{ + strList key =3D { + .value =3D (char *)"not a valid\nkey" + }; + Error *err =3D NULL; + + qmp_guest_ssh_add_authorized_keys(g_get_user_name(), &key, &err); + error_free_or_abort(&err); + + qmp_guest_ssh_remove_authorized_keys(g_get_user_name(), &key, &err); + error_free_or_abort(&err); +} + +static void +test_add_keys(void) +{ + Error *err =3D NULL; + + qmp_guest_ssh_add_authorized_keys(g_get_user_name(), + (strList *)&test_key2, &err); + g_assert_null(err); + + test_authorized_keys_equal("algo key2 comments"); + + qmp_guest_ssh_add_authorized_keys(g_get_user_name(), + (strList *)&test_key1_2, &err); + g_assert_null(err); + + /* key2 came first, and should'nt be duplicated */ + test_authorized_keys_equal("algo key2 comments\n" + "algo key1 comments"); +} + +static void +test_remove_keys(void) +{ + Error *err =3D NULL; + static const char *authkeys =3D + "algo key1 comments\n" + /* originally duplicated */ + "algo key1 comments\n" + "# a commented line\n" + "algo some-key another\n"; + + test_authorized_keys_set(authkeys); + qmp_guest_ssh_remove_authorized_keys(g_get_user_name(), + (strList *)&test_key2, &err); + g_assert_null(err); + test_authorized_keys_equal(authkeys); + + qmp_guest_ssh_remove_authorized_keys(g_get_user_name(), + (strList *)&test_key1_2, &err); + g_assert_null(err); + test_authorized_keys_equal("# a commented line\n" + "algo some-key another\n"); +} + +int main(int argc, char *argv[]) +{ + setlocale(LC_ALL, ""); + + g_test_init(&argc, &argv, G_TEST_OPTION_ISOLATE_DIRS, NULL); + + g_test_add_func("/qga/ssh/invalid_user", test_invalid_user); + g_test_add_func("/qga/ssh/invalid_key", test_invalid_key); + g_test_add_func("/qga/ssh/add_keys", test_add_keys); + g_test_add_func("/qga/ssh/remove_keys", test_remove_keys); + + return g_test_run(); +} +#else +int main(int argc, char *argv[]) +{ + g_test_message("test skipped, needs glib >=3D 2.60"); + return 0; +} +#endif /* GLIB_2_60 */ +#endif /* BUILD_UNIT_TEST */ diff --git a/qga/commands-win32.c b/qga/commands-win32.c index 0c3c05484f..1e188b03d3 100644 --- a/qga/commands-win32.c +++ b/qga/commands-win32.c @@ -2457,3 +2457,15 @@ GuestDeviceInfoList *qmp_guest_get_devices(Error **e= rrp) } return head; } + +void qmp_guest_ssh_add_authorized_keys(const char *username, + strList *keys, Error **errp) +{ + error_setg(errp, QERR_UNSUPPORTED); +} + +void qmp_guest_ssh_remove_authorized_keys(const char *username, + strList *keys, Error **errp) +{ + error_setg(errp, QERR_UNSUPPORTED); +} diff --git a/qga/meson.build b/qga/meson.build index cd08bd953a..6315bb357e 100644 --- a/qga/meson.build +++ b/qga/meson.build @@ -35,7 +35,9 @@ qga_ss.add(files( )) qga_ss.add(when: 'CONFIG_POSIX', if_true: files( 'channel-posix.c', - 'commands-posix.c')) + 'commands-posix.c', + 'commands-posix-ssh.c', +)) qga_ss.add(when: 'CONFIG_WIN32', if_true: files( 'channel-win32.c', 'commands-win32.c', @@ -87,3 +89,19 @@ else endif =20 alias_target('qemu-ga', all_qga) + +test_env =3D environment() +test_env.set('G_TEST_SRCDIR', meson.current_source_dir()) +test_env.set('G_TEST_BUILDDIR', meson.current_build_dir()) + +if 'CONFIG_POSIX' in config_host + qga_ssh_test =3D executable('qga-ssh-test', + files('commands-posix-ssh.c'), + dependencies: [qemuutil], + c_args: ['-DQGA_BUILD_UNIT_TEST']) + + test('qga-ssh-test', + qga_ssh_test, + env: test_env, + suite: ['unit', 'qga']) +endif diff --git a/qga/qapi-schema.json b/qga/qapi-schema.json index cec98c7e06..8486f46fcd 100644 --- a/qga/qapi-schema.json +++ b/qga/qapi-schema.json @@ -1306,3 +1306,36 @@ ## { 'command': 'guest-get-devices', 'returns': ['GuestDeviceInfo'] } + +## +# @guest-ssh-add-authorized-keys: +# +# @username: the user account to add the authorized keys +# @keys: the public keys to add (in OpenSSH format) +# +# Append public keys to user $HOME/.ssh/authorized_keys on Unix systems (n= ot +# implemented for other systems). +# +# Returns: Nothing on success. +# +# Since: 5.2 +## +{ 'command': 'guest-ssh-add-authorized-keys', + 'data': { 'username': 'str', 'keys': ['str'] } } + +## +# @guest-ssh-remove-authorized-keys: +# +# @username: the user account to remove the authorized keys +# @keys: the public keys to remove (in OpenSSH format) +# +# Remove public keys from the user $HOME/.ssh/authorized_keys on Unix syst= ems +# (not implemented for other systems). It's not an error if the key is alr= eady +# missing. +# +# Returns: Nothing on success. +# +# Since: 5.2 +## +{ 'command': 'guest-ssh-remove-authorized-keys', + 'data': { 'username': 'str', 'keys': ['str'] } } --=20 2.28.0