1 /* 2 * This work is licensed under the terms of the GNU GPL, version 2 or later. 3 * See the COPYING file in the top-level directory. 4 */ 5 #include "qemu/osdep.h" 6 7 #include <glib-unix.h> 8 #include <glib/gstdio.h> 9 #include <locale.h> 10 #include <pwd.h> 11 12 #include "qapi/error.h" 13 #include "qga-qapi-commands.h" 14 15 #ifdef QGA_BUILD_UNIT_TEST 16 static struct passwd * 17 test_get_passwd_entry(const gchar *user_name, GError **error) 18 { 19 struct passwd *p; 20 int ret; 21 22 if (!user_name || g_strcmp0(user_name, g_get_user_name())) { 23 g_set_error(error, G_UNIX_ERROR, 0, "Invalid user name"); 24 return NULL; 25 } 26 27 p = g_new0(struct passwd, 1); 28 p->pw_dir = (char *)g_get_home_dir(); 29 p->pw_uid = geteuid(); 30 p->pw_gid = getegid(); 31 32 ret = g_mkdir_with_parents(p->pw_dir, 0700); 33 g_assert(ret == 0); 34 35 return p; 36 } 37 38 #define g_unix_get_passwd_entry_qemu(username, err) \ 39 test_get_passwd_entry(username, err) 40 #endif 41 42 static struct passwd * 43 get_passwd_entry(const char *username, Error **errp) 44 { 45 g_autoptr(GError) err = NULL; 46 struct passwd *p; 47 48 ERRP_GUARD(); 49 50 p = g_unix_get_passwd_entry_qemu(username, &err); 51 if (p == NULL) { 52 error_setg(errp, "failed to lookup user '%s': %s", 53 username, err->message); 54 return NULL; 55 } 56 57 return p; 58 } 59 60 static bool 61 mkdir_for_user(const char *path, const struct passwd *p, 62 mode_t mode, Error **errp) 63 { 64 ERRP_GUARD(); 65 66 if (g_mkdir(path, mode) == -1) { 67 error_setg(errp, "failed to create directory '%s': %s", 68 path, g_strerror(errno)); 69 return false; 70 } 71 72 if (chown(path, p->pw_uid, p->pw_gid) == -1) { 73 error_setg(errp, "failed to set ownership of directory '%s': %s", 74 path, g_strerror(errno)); 75 return false; 76 } 77 78 if (chmod(path, mode) == -1) { 79 error_setg(errp, "failed to set permissions of directory '%s': %s", 80 path, g_strerror(errno)); 81 return false; 82 } 83 84 return true; 85 } 86 87 static bool 88 check_openssh_pub_key(const char *key, Error **errp) 89 { 90 ERRP_GUARD(); 91 92 /* simple sanity-check, we may want more? */ 93 if (!key || key[0] == '#' || strchr(key, '\n')) { 94 error_setg(errp, "invalid OpenSSH public key: '%s'", key); 95 return false; 96 } 97 98 return true; 99 } 100 101 static bool 102 check_openssh_pub_keys(strList *keys, size_t *nkeys, Error **errp) 103 { 104 size_t n = 0; 105 strList *k; 106 107 ERRP_GUARD(); 108 109 for (k = keys; k != NULL; k = k->next) { 110 if (!check_openssh_pub_key(k->value, errp)) { 111 return false; 112 } 113 n++; 114 } 115 116 if (nkeys) { 117 *nkeys = n; 118 } 119 return true; 120 } 121 122 static bool 123 write_authkeys(const char *path, const GStrv keys, 124 const struct passwd *p, Error **errp) 125 { 126 g_autofree char *contents = NULL; 127 g_autoptr(GError) err = NULL; 128 129 ERRP_GUARD(); 130 131 contents = g_strjoinv("\n", keys); 132 if (!g_file_set_contents(path, contents, -1, &err)) { 133 error_setg(errp, "failed to write to '%s': %s", path, err->message); 134 return false; 135 } 136 137 if (chown(path, p->pw_uid, p->pw_gid) == -1) { 138 error_setg(errp, "failed to set ownership of directory '%s': %s", 139 path, g_strerror(errno)); 140 return false; 141 } 142 143 if (chmod(path, 0600) == -1) { 144 error_setg(errp, "failed to set permissions of '%s': %s", 145 path, g_strerror(errno)); 146 return false; 147 } 148 149 return true; 150 } 151 152 static GStrv 153 read_authkeys(const char *path, Error **errp) 154 { 155 g_autoptr(GError) err = NULL; 156 g_autofree char *contents = NULL; 157 158 ERRP_GUARD(); 159 160 if (!g_file_get_contents(path, &contents, NULL, &err)) { 161 error_setg(errp, "failed to read '%s': %s", path, err->message); 162 return NULL; 163 } 164 165 return g_strsplit(contents, "\n", -1); 166 167 } 168 169 void 170 qmp_guest_ssh_add_authorized_keys(const char *username, strList *keys, 171 bool has_reset, bool reset, 172 Error **errp) 173 { 174 g_autofree struct passwd *p = NULL; 175 g_autofree char *ssh_path = NULL; 176 g_autofree char *authkeys_path = NULL; 177 g_auto(GStrv) authkeys = NULL; 178 strList *k; 179 size_t nkeys, nauthkeys; 180 181 ERRP_GUARD(); 182 reset = has_reset && reset; 183 184 if (!check_openssh_pub_keys(keys, &nkeys, errp)) { 185 return; 186 } 187 188 p = get_passwd_entry(username, errp); 189 if (p == NULL) { 190 return; 191 } 192 193 ssh_path = g_build_filename(p->pw_dir, ".ssh", NULL); 194 authkeys_path = g_build_filename(ssh_path, "authorized_keys", NULL); 195 196 if (!reset) { 197 authkeys = read_authkeys(authkeys_path, NULL); 198 } 199 if (authkeys == NULL) { 200 if (!g_file_test(ssh_path, G_FILE_TEST_IS_DIR) && 201 !mkdir_for_user(ssh_path, p, 0700, errp)) { 202 return; 203 } 204 } 205 206 nauthkeys = authkeys ? g_strv_length(authkeys) : 0; 207 authkeys = g_realloc_n(authkeys, nauthkeys + nkeys + 1, sizeof(char *)); 208 memset(authkeys + nauthkeys, 0, (nkeys + 1) * sizeof(char *)); 209 210 for (k = keys; k != NULL; k = k->next) { 211 if (g_strv_contains((const gchar * const *)authkeys, k->value)) { 212 continue; 213 } 214 authkeys[nauthkeys++] = g_strdup(k->value); 215 } 216 217 write_authkeys(authkeys_path, authkeys, p, errp); 218 } 219 220 void 221 qmp_guest_ssh_remove_authorized_keys(const char *username, strList *keys, 222 Error **errp) 223 { 224 g_autofree struct passwd *p = NULL; 225 g_autofree char *authkeys_path = NULL; 226 g_autofree GStrv new_keys = NULL; /* do not own the strings */ 227 g_auto(GStrv) authkeys = NULL; 228 GStrv a; 229 size_t nkeys = 0; 230 231 ERRP_GUARD(); 232 233 if (!check_openssh_pub_keys(keys, NULL, errp)) { 234 return; 235 } 236 237 p = get_passwd_entry(username, errp); 238 if (p == NULL) { 239 return; 240 } 241 242 authkeys_path = g_build_filename(p->pw_dir, ".ssh", 243 "authorized_keys", NULL); 244 if (!g_file_test(authkeys_path, G_FILE_TEST_EXISTS)) { 245 return; 246 } 247 authkeys = read_authkeys(authkeys_path, errp); 248 if (authkeys == NULL) { 249 return; 250 } 251 252 new_keys = g_new0(char *, g_strv_length(authkeys) + 1); 253 for (a = authkeys; *a != NULL; a++) { 254 strList *k; 255 256 for (k = keys; k != NULL; k = k->next) { 257 if (g_str_equal(k->value, *a)) { 258 break; 259 } 260 } 261 if (k != NULL) { 262 continue; 263 } 264 265 new_keys[nkeys++] = *a; 266 } 267 268 write_authkeys(authkeys_path, new_keys, p, errp); 269 } 270 271 GuestAuthorizedKeys * 272 qmp_guest_ssh_get_authorized_keys(const char *username, Error **errp) 273 { 274 g_autofree struct passwd *p = NULL; 275 g_autofree char *authkeys_path = NULL; 276 g_auto(GStrv) authkeys = NULL; 277 g_autoptr(GuestAuthorizedKeys) ret = NULL; 278 int i; 279 280 ERRP_GUARD(); 281 282 p = get_passwd_entry(username, errp); 283 if (p == NULL) { 284 return NULL; 285 } 286 287 authkeys_path = g_build_filename(p->pw_dir, ".ssh", 288 "authorized_keys", NULL); 289 authkeys = read_authkeys(authkeys_path, errp); 290 if (authkeys == NULL) { 291 return NULL; 292 } 293 294 ret = g_new0(GuestAuthorizedKeys, 1); 295 for (i = 0; authkeys[i] != NULL; i++) { 296 strList *new; 297 298 g_strstrip(authkeys[i]); 299 if (!authkeys[i][0] || authkeys[i][0] == '#') { 300 continue; 301 } 302 303 new = g_new0(strList, 1); 304 new->value = g_strdup(authkeys[i]); 305 new->next = ret->keys; 306 ret->keys = new; 307 } 308 309 return g_steal_pointer(&ret); 310 } 311 312 #ifdef QGA_BUILD_UNIT_TEST 313 #if GLIB_CHECK_VERSION(2, 60, 0) 314 static const strList test_key2 = { 315 .value = (char *)"algo key2 comments" 316 }; 317 318 static const strList test_key1_2 = { 319 .value = (char *)"algo key1 comments", 320 .next = (strList *)&test_key2, 321 }; 322 323 static char * 324 test_get_authorized_keys_path(void) 325 { 326 return g_build_filename(g_get_home_dir(), ".ssh", "authorized_keys", NULL); 327 } 328 329 static void 330 test_authorized_keys_set(const char *contents) 331 { 332 g_autoptr(GError) err = NULL; 333 g_autofree char *path = NULL; 334 int ret; 335 336 path = g_build_filename(g_get_home_dir(), ".ssh", NULL); 337 ret = g_mkdir_with_parents(path, 0700); 338 g_assert(ret == 0); 339 g_free(path); 340 341 path = test_get_authorized_keys_path(); 342 g_file_set_contents(path, contents, -1, &err); 343 g_assert(err == NULL); 344 } 345 346 static void 347 test_authorized_keys_equal(const char *expected) 348 { 349 g_autoptr(GError) err = NULL; 350 g_autofree char *path = NULL; 351 g_autofree char *contents = NULL; 352 353 path = test_get_authorized_keys_path(); 354 g_file_get_contents(path, &contents, NULL, &err); 355 g_assert(err == NULL); 356 357 g_assert(g_strcmp0(contents, expected) == 0); 358 } 359 360 static void 361 test_invalid_user(void) 362 { 363 Error *err = NULL; 364 365 qmp_guest_ssh_add_authorized_keys("", NULL, FALSE, FALSE, &err); 366 error_free_or_abort(&err); 367 368 qmp_guest_ssh_remove_authorized_keys("", NULL, &err); 369 error_free_or_abort(&err); 370 } 371 372 static void 373 test_invalid_key(void) 374 { 375 strList key = { 376 .value = (char *)"not a valid\nkey" 377 }; 378 Error *err = NULL; 379 380 qmp_guest_ssh_add_authorized_keys(g_get_user_name(), &key, 381 FALSE, FALSE, &err); 382 error_free_or_abort(&err); 383 384 qmp_guest_ssh_remove_authorized_keys(g_get_user_name(), &key, &err); 385 error_free_or_abort(&err); 386 } 387 388 static void 389 test_add_keys(void) 390 { 391 Error *err = NULL; 392 393 qmp_guest_ssh_add_authorized_keys(g_get_user_name(), 394 (strList *)&test_key2, 395 FALSE, FALSE, 396 &err); 397 g_assert(err == NULL); 398 399 test_authorized_keys_equal("algo key2 comments"); 400 401 qmp_guest_ssh_add_authorized_keys(g_get_user_name(), 402 (strList *)&test_key1_2, 403 FALSE, FALSE, 404 &err); 405 g_assert(err == NULL); 406 407 /* key2 came first, and should'nt be duplicated */ 408 test_authorized_keys_equal("algo key2 comments\n" 409 "algo key1 comments"); 410 } 411 412 static void 413 test_add_reset_keys(void) 414 { 415 Error *err = NULL; 416 417 qmp_guest_ssh_add_authorized_keys(g_get_user_name(), 418 (strList *)&test_key1_2, 419 FALSE, FALSE, 420 &err); 421 g_assert(err == NULL); 422 423 /* reset with key2 only */ 424 test_authorized_keys_equal("algo key1 comments\n" 425 "algo key2 comments"); 426 427 qmp_guest_ssh_add_authorized_keys(g_get_user_name(), 428 (strList *)&test_key2, 429 TRUE, TRUE, 430 &err); 431 g_assert(err == NULL); 432 433 test_authorized_keys_equal("algo key2 comments"); 434 435 /* empty should clear file */ 436 qmp_guest_ssh_add_authorized_keys(g_get_user_name(), 437 (strList *)NULL, 438 TRUE, TRUE, 439 &err); 440 g_assert(err == NULL); 441 442 test_authorized_keys_equal(""); 443 } 444 445 static void 446 test_remove_keys(void) 447 { 448 Error *err = NULL; 449 static const char *authkeys = 450 "algo key1 comments\n" 451 /* originally duplicated */ 452 "algo key1 comments\n" 453 "# a commented line\n" 454 "algo some-key another\n"; 455 456 test_authorized_keys_set(authkeys); 457 qmp_guest_ssh_remove_authorized_keys(g_get_user_name(), 458 (strList *)&test_key2, &err); 459 g_assert(err == NULL); 460 test_authorized_keys_equal(authkeys); 461 462 qmp_guest_ssh_remove_authorized_keys(g_get_user_name(), 463 (strList *)&test_key1_2, &err); 464 g_assert(err == NULL); 465 test_authorized_keys_equal("# a commented line\n" 466 "algo some-key another\n"); 467 } 468 469 static void 470 test_get_keys(void) 471 { 472 Error *err = NULL; 473 static const char *authkeys = 474 "algo key1 comments\n" 475 "# a commented line\n" 476 "algo some-key another\n"; 477 g_autoptr(GuestAuthorizedKeys) ret = NULL; 478 strList *k; 479 size_t len = 0; 480 481 test_authorized_keys_set(authkeys); 482 483 ret = qmp_guest_ssh_get_authorized_keys(g_get_user_name(), &err); 484 g_assert(err == NULL); 485 486 for (len = 0, k = ret->keys; k != NULL; k = k->next) { 487 g_assert(g_str_has_prefix(k->value, "algo ")); 488 len++; 489 } 490 491 g_assert(len == 2); 492 } 493 494 int main(int argc, char *argv[]) 495 { 496 setlocale(LC_ALL, ""); 497 498 g_test_init(&argc, &argv, G_TEST_OPTION_ISOLATE_DIRS, NULL); 499 500 g_test_add_func("/qga/ssh/invalid_user", test_invalid_user); 501 g_test_add_func("/qga/ssh/invalid_key", test_invalid_key); 502 g_test_add_func("/qga/ssh/add_keys", test_add_keys); 503 g_test_add_func("/qga/ssh/add_reset_keys", test_add_reset_keys); 504 g_test_add_func("/qga/ssh/remove_keys", test_remove_keys); 505 g_test_add_func("/qga/ssh/get_keys", test_get_keys); 506 507 return g_test_run(); 508 } 509 #else 510 int main(int argc, char *argv[]) 511 { 512 g_test_message("test skipped, needs glib >= 2.60"); 513 return 0; 514 } 515 #endif /* GLIB_2_60 */ 516 #endif /* BUILD_UNIT_TEST */ 517