14554080340

Committed 19 Apr 2025 11:46AM UTC coverage: 72.101% (-0.03%) from 72.13%

Build # 14554080340

Build Type

push

github

Committed by

web-flow

Commit Message

Add two new paragraphs to coding style about header files (#37188)

Coverage Stats

296880 of 411754 relevant lines covered (72.1%)

687547.52 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

25.0

/src/ssh-generator/ssh-proxy.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include <net/if_arp.h>
#include <stdio.h>
#include <unistd.h>

#include "sd-varlink.h"

#include "fd-util.h"
#include "io-util.h"
#include "iovec-util.h"
#include "log.h"
#include "main-func.h"
#include "missing_socket.h"
#include "parse-util.h"
#include "socket-util.h"
#include "string-util.h"
#include "strv.h"
#include "varlink-util.h"

static int process_vsock_cid(unsigned cid, const char *port) {
        int r;

        assert(cid != VMADDR_CID_ANY);
        assert(port);

        union sockaddr_union sa = {
                .vm.svm_cid = cid,
                .vm.svm_family = AF_VSOCK,
        };

        r = vsock_parse_port(port, &sa.vm.svm_port);
        if (r < 0)
                return log_error_errno(r, "Failed to parse vsock port: %s", port);

        _cleanup_close_ int fd = socket(AF_VSOCK, SOCK_STREAM|SOCK_CLOEXEC, 0);
        if (fd < 0)
                return log_error_errno(errno, "Failed to allocate AF_VSOCK socket: %m");

        if (connect(fd, &sa.sa, SOCKADDR_LEN(sa)) < 0)
                return log_error_errno(errno, "Failed to connect to vsock:%u:%u: %m", sa.vm.svm_cid, sa.vm.svm_port);

        /* OpenSSH wants us to send a single byte along with the file descriptor, hence do so */
        r = send_one_fd_iov(STDOUT_FILENO, fd, &iovec_nul_byte, /* n_iovec= */ 1, /* flags= */ 0);
        if (r < 0)
                return log_error_errno(r, "Failed to send socket via STDOUT: %m");

        log_debug("Successfully sent AF_VSOCK socket via STDOUT.");
        return 0;
}

static int process_vsock_string(const char *host, const char *port) {
        unsigned cid;
        int r;

        assert(host);
        assert(port);

        r = vsock_parse_cid(host, &cid);
        if (r < 0)
                return log_error_errno(r, "Failed to parse vsock cid: %s", host);

        return process_vsock_cid(cid, port);
}

static int process_unix(const char *path) {
        int r;

        assert(path);

        /* We assume the path is absolute unless it starts with a dot (or is already explicitly absolute) */
        _cleanup_free_ char *prefixed = NULL;
        if (!STARTSWITH_SET(path, "/", "./")) {
                prefixed = strjoin("/", path);
                if (!prefixed)
                        return log_oom();

                path = prefixed;
        }

        _cleanup_close_ int fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0);
        if (fd < 0)
                return log_error_errno(errno, "Failed to allocate AF_UNIX socket: %m");

        r = connect_unix_path(fd, AT_FDCWD, path);
        if (r < 0)
                return log_error_errno(r, "Failed to connect to AF_UNIX socket %s: %m", path);

        r = send_one_fd_iov(STDOUT_FILENO, fd, &iovec_nul_byte, /* n_iovec= */ 1, /* flags= */ 0);
        if (r < 0)
                return log_error_errno(r, "Failed to send socket via STDOUT: %m");

        log_debug("Successfully sent AF_UNIX socket via STDOUT.");
        return 0;
}

static int process_vsock_mux(const char *path, const char *port) {
        int r;

        assert(path);
        assert(port);

        /* We assume the path is absolute unless it starts with a dot (or is already explicitly absolute) */
        _cleanup_free_ char *prefixed = NULL;
        if (!STARTSWITH_SET(path, "/", "./")) {
                prefixed = strjoin("/", path);
                if (!prefixed)
                        return log_oom();

                path = prefixed;
        }

        _cleanup_close_ int fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0);
        if (fd < 0)
                return log_error_errno(errno, "Failed to allocate AF_UNIX socket: %m");

        r = connect_unix_path(fd, AT_FDCWD, path);
        if (r < 0)
                return log_error_errno(r, "Failed to connect to AF_UNIX socket %s: %m", path);

        /* Based on the protocol as defined here:
         * https://github.com/cloud-hypervisor/cloud-hypervisor/blob/main/docs/vsock.md
         * https://github.com/firecracker-microvm/firecracker/blob/main/docs/vsock.md */
        _cleanup_free_ char *connect_cmd = NULL;
        connect_cmd = strjoin("CONNECT ", port, "\n");
        if (!connect_cmd)
                return log_oom();

        r = loop_write(fd, connect_cmd, SIZE_MAX);
        if (r < 0)
                return log_error_errno(r, "Failed to send CONNECT to %s:%s: %m", path, port);

        r = send_one_fd_iov(STDOUT_FILENO, fd, &iovec_nul_byte, /* n_iovec= */ 1, /* flags= */ 0);
        if (r < 0)
                return log_error_errno(r, "Failed to send socket via STDOUT: %m");

        log_debug("Successfully sent AF_UNIX socket via STDOUT.");
        return 0;
}

static int process_machine(const char *machine, const char *port) {
        _cleanup_(sd_varlink_unrefp) sd_varlink *vl = NULL;
        int r;

        assert(machine);
        assert(port);

        r = sd_varlink_connect_address(&vl, "/run/systemd/machine/io.systemd.Machine");
        if (r < 0)
                return log_error_errno(r, "Failed to connect to machined on /run/systemd/machine/io.systemd.Machine: %m");

        _cleanup_(sd_json_variant_unrefp) sd_json_variant *result = NULL;
        r = varlink_callbo_and_log(
                        vl,
                        "io.systemd.Machine.List",
                        &result,
                        SD_JSON_BUILD_PAIR("name", SD_JSON_BUILD_STRING(machine)));
        if (r < 0)
                return r;

        uint32_t cid = VMADDR_CID_ANY;

        static const sd_json_dispatch_field dispatch_table[] = {
                { "vSockCid", SD_JSON_VARIANT_UNSIGNED, sd_json_dispatch_uint32, 0, 0 },
                {}
        };

        r = sd_json_dispatch(result, dispatch_table, SD_JSON_ALLOW_EXTENSIONS, &cid);
        if (r < 0)
                return log_error_errno(r, "Failed to parse Varlink reply: %m");

        if (cid == VMADDR_CID_ANY)
                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Machine has no AF_VSOCK CID assigned.");

        return process_vsock_cid(cid, port);
}

static char *startswith_sep(const char *s, const char *prefix) {
        const char *p = startswith(s, prefix);

        if (p && IN_SET(*p, '/', ','))
                return (char*) p + 1;

        return NULL;
}

static int run(int argc, char* argv[]) {

        log_setup();

        if (argc != 3)
                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Expected two arguments: host and port.");

        const char *host = argv[1], *port = argv[2];

        const char *p = startswith_sep(host, "vsock");
        if (p)
                return process_vsock_string(p, port);

        p = startswith_sep(host, "unix");
        if (p)
                return process_unix(p);

        p = startswith_sep(host, "vsock-mux");
        if (p)
                return process_vsock_mux(p, port);

        p = startswith_sep(host, "machine");
        if (p)
                return process_machine(p, port);

        return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Don't know how to parse host name specification: %s", host);
}

DEFINE_MAIN_FUNCTION(run);

1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3	#include <net/if_arp.h>
4	#include <stdio.h>
5	#include <unistd.h>
6
7	#include "sd-varlink.h"
8
9	#include "fd-util.h"
10	#include "io-util.h"
11	#include "iovec-util.h"
12	#include "log.h"
13	#include "main-func.h"
14	#include "missing_socket.h"
15	#include "parse-util.h"
16	#include "socket-util.h"
17	#include "string-util.h"
18	#include "strv.h"
19	#include "varlink-util.h"
20
21	static int process_vsock_cid(unsigned cid, const char *port) {	×
22	int r;	×
23
24	assert(cid != VMADDR_CID_ANY);	×
25	assert(port);	×
26
27	union sockaddr_union sa = {	×
28	.vm.svm_cid = cid,
29	.vm.svm_family = AF_VSOCK,
30	};
31
32	r = vsock_parse_port(port, &sa.vm.svm_port);	×
33	if (r < 0)	×
34	return log_error_errno(r, "Failed to parse vsock port: %s", port);	×
35
36	_cleanup_close_ int fd = socket(AF_VSOCK, SOCK_STREAM\|SOCK_CLOEXEC, 0);	×
37	if (fd < 0)	×
38	return log_error_errno(errno, "Failed to allocate AF_VSOCK socket: %m");	×
39
40	if (connect(fd, &sa.sa, SOCKADDR_LEN(sa)) < 0)	×
41	return log_error_errno(errno, "Failed to connect to vsock:%u:%u: %m", sa.vm.svm_cid, sa.vm.svm_port);	×
42
43	/* OpenSSH wants us to send a single byte along with the file descriptor, hence do so */
44	r = send_one_fd_iov(STDOUT_FILENO, fd, &iovec_nul_byte, /* n_iovec= / 1, / flags= */ 0);	×
45	if (r < 0)	×
46	return log_error_errno(r, "Failed to send socket via STDOUT: %m");	×
47
48	log_debug("Successfully sent AF_VSOCK socket via STDOUT.");	×
49	return 0;
50	}
51
52	static int process_vsock_string(const char host, const char port) {	×
53	unsigned cid;	×
54	int r;	×
55
56	assert(host);	×
57	assert(port);	×
58
59	r = vsock_parse_cid(host, &cid);	×
60	if (r < 0)	×
61	return log_error_errno(r, "Failed to parse vsock cid: %s", host);	×
62
63	return process_vsock_cid(cid, port);	×
64	}
65
66	static int process_unix(const char *path) {	3✔
67	int r;	3✔
68
69	assert(path);	3✔
70
71	/* We assume the path is absolute unless it starts with a dot (or is already explicitly absolute) */
72	_cleanup_free_ char *prefixed = NULL;	3✔
73	if (!STARTSWITH_SET(path, "/", "./")) {	3✔
74	prefixed = strjoin("/", path);	3✔
75	if (!prefixed)	3✔
76	return log_oom();	×
77
78	path = prefixed;
79	}
80
81	_cleanup_close_ int fd = socket(AF_UNIX, SOCK_STREAM\|SOCK_CLOEXEC, 0);	6✔
82	if (fd < 0)	3✔
83	return log_error_errno(errno, "Failed to allocate AF_UNIX socket: %m");	×
84
85	r = connect_unix_path(fd, AT_FDCWD, path);	3✔
86	if (r < 0)	3✔
87	return log_error_errno(r, "Failed to connect to AF_UNIX socket %s: %m", path);	×
88
89	r = send_one_fd_iov(STDOUT_FILENO, fd, &iovec_nul_byte, /* n_iovec= / 1, / flags= */ 0);	3✔
90	if (r < 0)	3✔
91	return log_error_errno(r, "Failed to send socket via STDOUT: %m");	×
92
93	log_debug("Successfully sent AF_UNIX socket via STDOUT.");	3✔
94	return 0;
95	}
96
97	static int process_vsock_mux(const char path, const char port) {	×
98	int r;	×
99
100	assert(path);	×
101	assert(port);	×
102
103	/* We assume the path is absolute unless it starts with a dot (or is already explicitly absolute) */
104	_cleanup_free_ char *prefixed = NULL;	×
105	if (!STARTSWITH_SET(path, "/", "./")) {	×
106	prefixed = strjoin("/", path);	×
107	if (!prefixed)	×
108	return log_oom();	×
109
110	path = prefixed;
111	}
112
113	_cleanup_close_ int fd = socket(AF_UNIX, SOCK_STREAM\|SOCK_CLOEXEC, 0);	×
114	if (fd < 0)	×
115	return log_error_errno(errno, "Failed to allocate AF_UNIX socket: %m");	×
116
117	r = connect_unix_path(fd, AT_FDCWD, path);	×
118	if (r < 0)	×
119	return log_error_errno(r, "Failed to connect to AF_UNIX socket %s: %m", path);	×
120
121	/* Based on the protocol as defined here:
122	* https://github.com/cloud-hypervisor/cloud-hypervisor/blob/main/docs/vsock.md
123	* https://github.com/firecracker-microvm/firecracker/blob/main/docs/vsock.md */
124	_cleanup_free_ char *connect_cmd = NULL;	×
125	connect_cmd = strjoin("CONNECT ", port, "\n");	×
126	if (!connect_cmd)	×
127	return log_oom();	×
128
129	r = loop_write(fd, connect_cmd, SIZE_MAX);	×
130	if (r < 0)	×
131	return log_error_errno(r, "Failed to send CONNECT to %s:%s: %m", path, port);	×
132
133	r = send_one_fd_iov(STDOUT_FILENO, fd, &iovec_nul_byte, /* n_iovec= / 1, / flags= */ 0);	×
134	if (r < 0)	×
135	return log_error_errno(r, "Failed to send socket via STDOUT: %m");	×
136
137	log_debug("Successfully sent AF_UNIX socket via STDOUT.");	×
138	return 0;
139	}
140
141	static int process_machine(const char machine, const char port) {	×
142	_cleanup_(sd_varlink_unrefp) sd_varlink *vl = NULL;	×
143	int r;	×
144
145	assert(machine);	×
146	assert(port);	×
147
148	r = sd_varlink_connect_address(&vl, "/run/systemd/machine/io.systemd.Machine");	×
149	if (r < 0)	×
150	return log_error_errno(r, "Failed to connect to machined on /run/systemd/machine/io.systemd.Machine: %m");	×
151
152	_cleanup_(sd_json_variant_unrefp) sd_json_variant *result = NULL;	×
153	r = varlink_callbo_and_log(	×
154	vl,
155	"io.systemd.Machine.List",
156	&result,
157	SD_JSON_BUILD_PAIR("name", SD_JSON_BUILD_STRING(machine)));
158	if (r < 0)	×
159	return r;
160
161	uint32_t cid = VMADDR_CID_ANY;	×
162
163	static const sd_json_dispatch_field dispatch_table[] = {	×
164	{ "vSockCid", SD_JSON_VARIANT_UNSIGNED, sd_json_dispatch_uint32, 0, 0 },
165	{}
166	};
167
168	r = sd_json_dispatch(result, dispatch_table, SD_JSON_ALLOW_EXTENSIONS, &cid);	×
169	if (r < 0)	×
170	return log_error_errno(r, "Failed to parse Varlink reply: %m");	×
171
172	if (cid == VMADDR_CID_ANY)	×
173	return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Machine has no AF_VSOCK CID assigned.");	×
174
175	return process_vsock_cid(cid, port);	×
176	}
177
178	static char startswith_sep(const char s, const char *prefix) {	6✔
179	const char *p = startswith(s, prefix);	6✔
180
181	if (p && IN_SET(*p, '/', ','))	6✔
182	return (char*) p + 1;	3✔
183
184	return NULL;
185	}
186
187	static int run(int argc, char* argv[]) {	3✔
188
189	log_setup();	3✔
190
191	if (argc != 3)	3✔
192	return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Expected two arguments: host and port.");	×
193
194	const char host = argv[1], port = argv[2];	3✔
195
196	const char *p = startswith_sep(host, "vsock");	3✔
197	if (p)	3✔
198	return process_vsock_string(p, port);	×
199
200	p = startswith_sep(host, "unix");	3✔
201	if (p)	3✔
202	return process_unix(p);	3✔
203
204	p = startswith_sep(host, "vsock-mux");	×
205	if (p)	×
206	return process_vsock_mux(p, port);	×
207
208	p = startswith_sep(host, "machine");	×
209	if (p)	×
210	return process_machine(p, port);	×
211
212	return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Don't know how to parse host name specification: %s", host);	×
213	}
214
215	DEFINE_MAIN_FUNCTION(run);	6✔

systemd / systemd / 14554080340

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous