[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v3 7/7] qga: add ssh-get-authorized-keys
From: |
marcandre . lureau |
Subject: |
[PATCH v3 7/7] qga: add ssh-get-authorized-keys |
Date: |
Tue, 20 Oct 2020 12:12:57 +0400 |
From: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
---
qga/commands-posix-ssh.c | 66 ++++++++++++++++++++++++++++++++++++++++
qga/meson.build | 11 +++++--
qga/qapi-schema.json | 31 +++++++++++++++++++
3 files changed, 106 insertions(+), 2 deletions(-)
diff --git a/qga/commands-posix-ssh.c b/qga/commands-posix-ssh.c
index f974bc4b64..4d75cb0113 100644
--- a/qga/commands-posix-ssh.c
+++ b/qga/commands-posix-ssh.c
@@ -268,6 +268,46 @@ qmp_guest_ssh_remove_authorized_keys(const char *username,
strList *keys,
write_authkeys(authkeys_path, new_keys, p, errp);
}
+GuestAuthorizedKeys *
+qmp_guest_ssh_get_authorized_keys(const char *username, Error **errp)
+{
+ g_autofree struct passwd *p = NULL;
+ g_autofree char *authkeys_path = NULL;
+ g_auto(GStrv) authkeys = NULL;
+ g_autoptr(GuestAuthorizedKeys) ret = NULL;
+ int i;
+
+ ERRP_GUARD();
+
+ p = get_passwd_entry(username, errp);
+ if (p == NULL) {
+ return NULL;
+ }
+
+ authkeys_path = g_build_filename(p->pw_dir, ".ssh",
+ "authorized_keys", NULL);
+ authkeys = read_authkeys(authkeys_path, errp);
+ if (authkeys == NULL) {
+ return NULL;
+ }
+
+ ret = g_new0(GuestAuthorizedKeys, 1);
+ for (i = 0; authkeys[i] != NULL; i++) {
+ strList *new;
+
+ g_strstrip(authkeys[i]);
+ if (!authkeys[i][0] || authkeys[i][0] == '#') {
+ continue;
+ }
+
+ new = g_new0(strList, 1);
+ new->value = g_strdup(authkeys[i]);
+ new->next = ret->keys;
+ ret->keys = new;
+ }
+
+ return g_steal_pointer (&ret);
+}
#ifdef QGA_BUILD_UNIT_TEST
#if GLIB_CHECK_VERSION(2, 60, 0)
@@ -426,6 +466,31 @@ test_remove_keys(void)
"algo some-key another\n");
}
+static void
+test_get_keys(void)
+{
+ Error *err = NULL;
+ static const char *authkeys =
+ "algo key1 comments\n"
+ "# a commented line\n"
+ "algo some-key another\n";
+ g_autoptr(GuestAuthorizedKeys) ret = NULL;
+ strList *k;
+ size_t len = 0;
+
+ test_authorized_keys_set(authkeys);
+
+ ret = qmp_guest_ssh_get_authorized_keys(g_get_user_name(), &err);
+ g_assert_null(err);
+
+ for (len = 0, k = ret->keys; k != NULL; k = k->next) {
+ g_assert(g_str_has_prefix(k->value, "algo "));
+ len++;
+ }
+
+ g_assert_cmpint(len, ==, 2);
+}
+
int main(int argc, char *argv[])
{
setlocale(LC_ALL, "");
@@ -437,6 +502,7 @@ int main(int argc, char *argv[])
g_test_add_func("/qga/ssh/add_keys", test_add_keys);
g_test_add_func("/qga/ssh/add_reset_keys", test_add_reset_keys);
g_test_add_func("/qga/ssh/remove_keys", test_remove_keys);
+ g_test_add_func("/qga/ssh/get_keys", test_get_keys);
return g_test_run();
}
diff --git a/qga/meson.build b/qga/meson.build
index 8340892139..80e7487f32 100644
--- a/qga/meson.build
+++ b/qga/meson.build
@@ -90,8 +90,15 @@ test_env.set('G_TEST_SRCDIR', meson.current_source_dir())
test_env.set('G_TEST_BUILDDIR', meson.current_build_dir())
if 'CONFIG_POSIX' in config_host
- qga_ssh_test = executable('qga-ssh-test',
- files('commands-posix-ssh.c'),
+ srcs = [files('commands-posix-ssh.c')]
+ i = 0
+ foreach output: qga_qapi_outputs
+ if output.startswith('qga-qapi-types') or
output.startswith('qga-qapi-visit')
+ srcs += qga_qapi_files[i]
+ endif
+ i = i + 1
+ endforeach
+ qga_ssh_test = executable('qga-ssh-test', srcs,
dependencies: [qemuutil],
c_args: ['-DQGA_BUILD_UNIT_TEST'])
diff --git a/qga/qapi-schema.json b/qga/qapi-schema.json
index 6b7cb86dee..4702bc7d72 100644
--- a/qga/qapi-schema.json
+++ b/qga/qapi-schema.json
@@ -1307,6 +1307,37 @@
{ 'command': 'guest-get-devices',
'returns': ['GuestDeviceInfo'] }
+##
+# @GuestAuthorizedKeys:
+#
+# @keys: public keys (in OpenSSH/sshd(8) authorized_keys format)
+#
+# Since: 5.2
+##
+{ 'struct': 'GuestAuthorizedKeys',
+ 'data': {
+ 'keys': ['str']
+ },
+ 'if': 'defined(CONFIG_POSIX)' }
+
+
+##
+# @guest-ssh-get-authorized-keys:
+#
+# @username: the user account to add the authorized keys
+#
+# Return the public keys from user .ssh/authorized_keys on Unix systems (not
+# implemented for other systems).
+#
+# Returns: @GuestAuthorizedKeys
+#
+# Since: 5.2
+##
+{ 'command': 'guest-ssh-get-authorized-keys',
+ 'data': { 'username': 'str' },
+ 'returns': 'GuestAuthorizedKeys',
+ 'if': 'defined(CONFIG_POSIX)' }
+
##
# @guest-ssh-add-authorized-keys:
#
--
2.28.0
- [PATCH v3 0/7] qemu-ga: add ssh-{get,add,remove}-authorized-keys, marcandre . lureau, 2020/10/20
- [PATCH v3 1/7] glib-compat: add g_unix_get_passwd_entry_qemu(), marcandre . lureau, 2020/10/20
- [PATCH v3 2/7] qga: add ssh-{add,remove}-authorized-keys, marcandre . lureau, 2020/10/20
- [PATCH v3 3/7] fixup! qga: add ssh-{add,remove}-authorized-keys, marcandre . lureau, 2020/10/20
- [PATCH v3 4/7] fixup! qga: add ssh-{add,remove}-authorized-keys, marcandre . lureau, 2020/10/20
- [PATCH v3 5/7] qga: add *reset argument to ssh-add-authorized-keys, marcandre . lureau, 2020/10/20
- [PATCH v3 6/7] meson: minor simplification, marcandre . lureau, 2020/10/20
- [PATCH v3 7/7] qga: add ssh-get-authorized-keys,
marcandre . lureau <=
- Re: [PATCH v3 0/7] qemu-ga: add ssh-{get,add,remove}-authorized-keys, no-reply, 2020/10/20
- Re: [PATCH v3 0/7] qemu-ga: add ssh-{get,add,remove}-authorized-keys, Marc-André Lureau, 2020/10/26