| blob | 6a642e3ba8198babacf66a8123393ca0ff6b076a |
1 /*
2 * QEMU Guest Agent win32-specific command implementations for SSH keys.
3 * The implementation is opinionated and expects the SSH implementation to
4 * be OpenSSH.
5 *
6 * Copyright Schweitzer Engineering Laboratories. 2024
7 *
8 * Authors:
9 * Aidan Leuck <aidan_leuck@selinc.com>
10 *
11 * This work is licensed under the terms of the GNU GPL, version 2 or later.
12 * See the COPYING file in the top-level directory.
13 */
16 #include <aclapi.h>
17 #include <qga-qapi-types.h>
38 /*
39 * Frees userInfo structure. This implements the g_auto cleanup
40 * for the structure.
41 */
43 {
49 }
51 /*
52 * Gets the admin SSH folder for OpenSSH. OpenSSH does not store
53 * the authorized_key file in the users home directory for security reasons and
54 * instead stores it at %PROGRAMDATA%/ssh. This function returns the path to
55 * that directory on the users machine
56 *
57 * parameters:
58 * errp -> error structure to set when an error occurs
59 * returns: The path to the ssh folder in %PROGRAMDATA% or NULL if an error
60 * occurred.
61 */
63 {
64 /* Allocate memory for the program data path */
70 /* Get the KnownFolderPath on the machine. */
71 HRESULT folderResult =
76 }
78 /* Convert from a wide string back to a standard character string. */
86 }
88 /* Build the path to the file. */
91 }
93 /*
94 * Gets the path to the SSH folder for the specified user. If the user is an
95 * admin it returns the ssh folder located at %PROGRAMDATA%/ssh. If the user is
96 * not an admin it returns %USERPROFILE%/.ssh
97 *
98 * parameters:
99 * username -> Username to get the SSH folder for
100 * isAdmin -> Whether the user is an admin or not
101 * errp -> Error structure to set any errors that occur.
102 * returns: path to the ssh folder as a string.
103 */
106 {
112 }
114 /* If not an Admin the SSH key is in the user directory. */
115 /* Get the user profile directory on the machine. */
121 }
123 /* Builds the filename */
125 }
127 /*
128 * Creates an entry for the user so they can access the ssh folder in their
129 * userprofile.
130 *
131 * parameters:
132 * userInfo -> Information about the current user
133 * pACL -> Pointer to an ACL structure
134 * errp -> Error structure to set any errors that occur
135 * returns -> 1 on success, 0 otherwise
136 */
138 {
144 /* Get a pointer to the internal SID object in Windows */
150 }
152 /* Set the permissions for the user. */
160 /* Set the ACL entries */
161 DWORD setResult;
163 /*
164 * If we are given a pointer that is already initialized, then we can merge
165 * the existing entries instead of overwriting them.
166 */
171 }
178 }
180 /* Free any old memory since we are going to overwrite the users pointer. */
186 error:
189 }
191 /*
192 * Creates a base ACL for both normal users and admins to share
193 * pACL -> Pointer to an ACL structure
194 * errp -> Error structure to set any errors that occur
195 * returns: 1 on success, 0 otherwise
196 */
198 {
205 /* Create an entry for the system user. */
211 }
213 /* set permissions for system user */
221 /* Create an entry for the admin user. */
227 }
229 /* Set permissions for admin group. */
237 /* Put the entries in an ACL object. */
239 DWORD setResult;
241 /*
242 *If we are given a pointer that is already initialized, then we can merge
243 *the existing entries instead of overwriting them.
244 */
249 }
253 "failed to set base ACL entries for system user and "
255 setResult);
257 }
262 /* Free any old memory since we are going to overwrite the users pointer. */
269 error:
273 }
275 /*
276 * Sets the access control on the authorized_keys file and any ssh folders that
277 * need to be created. For administrators the required permissions on the
278 * file/folders are that only administrators and the LocalSystem account can
279 * access the folders. For normal user accounts only the specified user,
280 * LocalSystem and Administrators can have access to the key.
281 *
282 * parameters:
283 * userInfo -> pointer to structure that contains information about the user
284 * PACL -> pointer to an access control structure that will be set upon
285 * successful completion of the function.
286 * errp -> error structure that will be set upon error.
287 * returns: 1 upon success 0 upon failure.
288 */
290 {
291 /*
292 * Creates a base ACL that both admins and users will share
293 * This adds the Administrators group and the SYSTEM group
294 */
297 }
299 /*
300 * If the user is not an admin give the user creating the key permission to
301 * access the file.
302 */
306 }
309 }
312 }
313 /*
314 * Create the SSH directory for the user and d sets appropriate permissions.
315 * In general the directory will be %PROGRAMDATA%/ssh if the user is an admin.
316 * %USERPOFILE%/.ssh if not an admin
317 *
318 * parameters:
319 * userInfo -> Contains information about the user
320 * errp -> Structure that will contain errors if the function fails.
321 * returns: zero upon failure, 1 upon success
322 */
324 {
328 /* Gets the appropriate ACL for the user */
331 }
333 /* Allocate memory for a security descriptor */
339 }
341 /* Associate the security descriptor with the ACL permissions. */
346 }
348 /* Set the security attributes on the folder */
349 SECURITY_ATTRIBUTES sAttr;
354 /* Create the directory with the created permissions */
360 }
362 /* Free memory */
365 error:
368 }
370 /*
371 * Sets permissions on the authorized_key_file that is created.
372 *
373 * parameters: userInfo -> Information about the user
374 * errp -> error structure that will contain errors upon failure
375 * returns: 1 upon success, zero upon failure.
376 */
378 {
380 PSID userPSID;
382 /* Creates the access control structure */
385 }
387 /* Get the PSID structure for the user based off the string SID. */
393 }
395 /* Prevents permissions from being inherited and use the DACL provided. */
399 /* Set the ACL on the file. */
407 }
413 error:
418 }
420 /*
421 * Writes the specified keys to the authenticated keys file.
422 * parameters:
423 * userInfo: Information about the user we are writing the authkeys file to.
424 * authkeys: Array of keys to write to disk
425 * errp: Error structure that will contain any errors if they occur.
426 * returns: 1 if successful, 0 otherwise.
427 */
430 {
440 }
444 }
447 }
449 /*
450 * Retrieves information about a Windows user by their username
451 *
452 * parameters:
453 * userInfo -> Double pointer to a WindowsUserInfo structure. Upon success, it
454 * will be allocated with information about the user and need to be freed.
455 * username -> Name of the user to lookup.
456 * errp -> Contains any errors that occur.
457 * returns: 1 upon success, 0 upon failure.
458 */
461 {
468 /*
469 * Converts a string to a Windows wide string since the GetNetUserInfo
470 * function requires it.
471 */
475 }
477 /* allocate data */
480 /* Set pointer so it can be cleaned up by the callee, even upon error. */
483 /* Find the information */
484 NET_API_STATUS result =
487 /* Give a friendlier error message if the user was not found. */
491 }
494 "Received unexpected error when asking for user info: Error "
496 result);
498 }
500 /* Get information from the buffer returned by NetUserGetInfo. */
507 /*
508 * We store the string representation of the SID not SID structure in
509 * memory. Callees wanting to use the SID structure should call
510 * ConvertStringSidToSID.
511 */
516 }
518 /* Store the SSID */
521 /* Get the SSH folder for the user. */
525 }
527 /* Get the authorized key file path */
535 /* Free */
538 error:
541 }
544 }
546 /*
547 * Gets the list of authorized keys for a user.
548 *
549 * parameters:
550 * username -> Username to retrieve the keys for.
551 * errp -> Error structure that will display any errors through QMP.
552 * returns: List of keys associated with the user.
553 */
556 {
562 /* Gets user information */
565 }
567 /* Reads authkeys for the user */
571 }
573 /* Set the GuestAuthorizedKey struct with keys from the file */
579 }
582 }
584 /*
585 * Steal the pointer because it is up for the callee to deallocate the
586 * memory.
587 */
590 }
592 /*
593 * Adds an ssh key for a user.
594 *
595 * parameters:
596 * username -> User to add the SSH key to
597 * strList -> Array of keys to add to the list
598 * has_reset -> Whether the keys have been reset
599 * reset -> Boolean to reset the keys (If this is set the existing list will be
600 * cleared) and the other key reset. errp -> Pointer to an error structure that
601 * will get returned over QMP if anything goes wrong.
602 */
605 {
611 /* Make sure the keys given are valid */
614 }
616 /* Gets user information */
619 }
621 /* Determine whether we should reset the keys */
624 /* Read existing keys into memory */
626 }
628 /* Check that the SSH key directory exists for the user. */
633 }
634 }
636 /* Reallocates the buffer to fit the new keys. */
640 /* zero out the memory for the reallocated buffer */
643 /* Adds the keys */
645 /* Check that the key doesn't already exist */
648 }
651 }
653 /* Write the authkeys to the file. */
655 }
657 /*
658 * Removes an SSH key for a user
659 *
660 * parameters:
661 * username -> Username to remove the key from
662 * strList -> List of strings to remove
663 * errp -> Contains any errors that occur.
664 */
667 {
672 GStrv a;
675 /* Validates the keys passed in by the user */
678 }
680 /* Gets user information */
683 }
685 /* Reads the authkeys for the user */
689 }
691 /* Create a new buffer to hold the keys */
696 /* Filters out keys that are equal to ones the user specified. */
700 }
701 }
705 }
708 }
710 /* Write the new authkeys to the file. */
712 }