Blame SOURCES/0001-ssh-Allow-the-remote-file-to-be-created.patch

3cdd4c
From 6a2b0aac8be655524ea223e32cac0395fcc9f975 Mon Sep 17 00:00:00 2001
3cdd4c
From: "Richard W.M. Jones" <rjones@redhat.com>
3cdd4c
Date: Fri, 15 Apr 2022 12:08:37 +0100
3cdd4c
Subject: [PATCH] ssh: Allow the remote file to be created
3cdd4c
3cdd4c
This adds new parameters, create=(true|false), create-size=SIZE and
3cdd4c
create-mode=MODE to create and truncate the remote file.
3cdd4c
3cdd4c
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
3cdd4c
(cherry picked from commit 0793f30b1071753532362b2ebf9cb8156a88c3c3)
3cdd4c
---
3cdd4c
 plugins/ssh/nbdkit-ssh-plugin.pod |  34 ++++++++-
3cdd4c
 plugins/ssh/ssh.c                 | 112 +++++++++++++++++++++++++++---
3cdd4c
 tests/test-ssh.sh                 |  13 +++-
3cdd4c
 3 files changed, 146 insertions(+), 13 deletions(-)
3cdd4c
3cdd4c
diff --git a/plugins/ssh/nbdkit-ssh-plugin.pod b/plugins/ssh/nbdkit-ssh-plugin.pod
3cdd4c
index 3f401c15..2bc2c4a7 100644
3cdd4c
--- a/plugins/ssh/nbdkit-ssh-plugin.pod
3cdd4c
+++ b/plugins/ssh/nbdkit-ssh-plugin.pod
3cdd4c
@@ -5,8 +5,10 @@ nbdkit-ssh-plugin - access disk images over the SSH protocol
3cdd4c
 =head1 SYNOPSIS
3cdd4c
 
3cdd4c
  nbdkit ssh host=HOST [path=]PATH
3cdd4c
-            [compression=true] [config=CONFIG_FILE] [identity=FILENAME]
3cdd4c
-            [known-hosts=FILENAME] [password=PASSWORD|-|+FILENAME]
3cdd4c
+            [compression=true] [config=CONFIG_FILE]
3cdd4c
+            [create=true] [create-mode=MODE] [create-size=SIZE]
3cdd4c
+            [identity=FILENAME] [known-hosts=FILENAME]
3cdd4c
+            [password=PASSWORD|-|+FILENAME]
3cdd4c
             [port=PORT] [timeout=SECS] [user=USER]
3cdd4c
             [verify-remote-host=false]
3cdd4c
 
3cdd4c
@@ -62,6 +64,34 @@ The C<config> parameter is optional.  If it is I<not> specified at all
3cdd4c
 then F<~/.ssh/config> and F</etc/ssh/ssh_config> are both read.
3cdd4c
 Missing or unreadable files are ignored.
3cdd4c
 
3cdd4c
+=item B<create=true>
3cdd4c
+
3cdd4c
+(nbdkit E<ge> 1.32)
3cdd4c
+
3cdd4c
+If set, the remote file will be created.  The remote file is created
3cdd4c
+on the first NBD connection to nbdkit, not when nbdkit starts up.  If
3cdd4c
+the file already exists, it will be replaced and any existing content
3cdd4c
+lost.
3cdd4c
+
3cdd4c
+If using this option, you must use C<create-size>.  C<create-mode> can
3cdd4c
+be used to control the permissions of the new file.
3cdd4c
+
3cdd4c
+=item B<create-mode=>MODE
3cdd4c
+
3cdd4c
+(nbdkit E<ge> 1.32)
3cdd4c
+
3cdd4c
+If using C<create=true> specify the default permissions of the new
3cdd4c
+remote file.  You can use octal modes like C<create-mode=0777> or
3cdd4c
+C<create-mode=0644>.  The default is C<0600>, ie. only readable and
3cdd4c
+writable by the remote user.
3cdd4c
+
3cdd4c
+=item B<create-size=>SIZE
3cdd4c
+
3cdd4c
+(nbdkit E<ge> 1.32)
3cdd4c
+
3cdd4c
+If using C<create=true>, specify the virtual size of the new disk.
3cdd4c
+C<SIZE> can use modifiers like C<100M> etc.
3cdd4c
+
3cdd4c
 =item B<host=>HOST
3cdd4c
 
3cdd4c
 Specify the name or IP address of the remote host.
3cdd4c
diff --git a/plugins/ssh/ssh.c b/plugins/ssh/ssh.c
3cdd4c
index 39d77e44..5e314cd7 100644
3cdd4c
--- a/plugins/ssh/ssh.c
3cdd4c
+++ b/plugins/ssh/ssh.c
3cdd4c
@@ -44,6 +44,8 @@
3cdd4c
 #include <fcntl.h>
3cdd4c
 #include <sys/stat.h>
3cdd4c
 
3cdd4c
+#include <pthread.h>
3cdd4c
+
3cdd4c
 #include <libssh/libssh.h>
3cdd4c
 #include <libssh/sftp.h>
3cdd4c
 #include <libssh/callbacks.h>
3cdd4c
@@ -51,6 +53,7 @@
3cdd4c
 #include <nbdkit-plugin.h>
3cdd4c
 
3cdd4c
 #include "array-size.h"
3cdd4c
+#include "cleanup.h"
3cdd4c
 #include "const-string-vector.h"
3cdd4c
 #include "minmax.h"
3cdd4c
 
3cdd4c
@@ -64,6 +67,9 @@ static const char *known_hosts = NULL;
3cdd4c
 static const_string_vector identities = empty_vector;
3cdd4c
 static uint32_t timeout = 0;
3cdd4c
 static bool compression = false;
3cdd4c
+static bool create = false;
3cdd4c
+static int64_t create_size = -1;
3cdd4c
+static unsigned create_mode = S_IRUSR | S_IWUSR /* 0600 */;
3cdd4c
 
3cdd4c
 /* config can be:
3cdd4c
  * NULL => parse options from default file
3cdd4c
@@ -167,6 +173,27 @@ ssh_config (const char *key, const char *value)
3cdd4c
       return -1;
3cdd4c
     compression = r;
3cdd4c
   }
3cdd4c
+  else if (strcmp (key, "create") == 0) {
3cdd4c
+    r = nbdkit_parse_bool (value);
3cdd4c
+    if (r == -1)
3cdd4c
+      return -1;
3cdd4c
+    create = r;
3cdd4c
+  }
3cdd4c
+  else if (strcmp (key, "create-size") == 0) {
3cdd4c
+    create_size = nbdkit_parse_size (value);
3cdd4c
+    if (create_size == -1)
3cdd4c
+      return -1;
3cdd4c
+  }
3cdd4c
+  else if (strcmp (key, "create-mode") == 0) {
3cdd4c
+    r = nbdkit_parse_unsigned (key, value, &create_mode);
3cdd4c
+    if (r == -1)
3cdd4c
+      return -1;
3cdd4c
+    /* OpenSSH checks this too. */
3cdd4c
+    if (create_mode > 0777) {
3cdd4c
+      nbdkit_error ("create-mode must be <= 0777");
3cdd4c
+      return -1;
3cdd4c
+    }
3cdd4c
+  }
3cdd4c
 
3cdd4c
   else {
3cdd4c
     nbdkit_error ("unknown parameter '%s'", key);
3cdd4c
@@ -186,6 +213,13 @@ ssh_config_complete (void)
3cdd4c
     return -1;
3cdd4c
   }
3cdd4c
 
3cdd4c
+  /* If create=true, create-size must be supplied. */
3cdd4c
+  if (create && create_size == -1) {
3cdd4c
+    nbdkit_error ("if using create=true, you must specify the size "
3cdd4c
+                  "of the new remote file using create-size=SIZE");
3cdd4c
+    return -1;
3cdd4c
+  }
3cdd4c
+
3cdd4c
   return 0;
3cdd4c
 }
3cdd4c
 
3cdd4c
@@ -200,7 +234,10 @@ ssh_config_complete (void)
3cdd4c
   "identity=<FILENAME>        Prepend private key (identity) file.\n" \
3cdd4c
   "timeout=SECS               Set SSH connection timeout.\n" \
3cdd4c
   "verify-remote-host=false   Ignore known_hosts.\n" \
3cdd4c
-  "compression=true           Enable compression."
3cdd4c
+  "compression=true           Enable compression.\n" \
3cdd4c
+  "create=true                Create the remote file.\n" \
3cdd4c
+  "create-mode=MODE           Set the permissions of the remote file.\n" \
3cdd4c
+  "create-size=SIZE           Set the size of the remote file."
3cdd4c
 
3cdd4c
 /* Since we must simulate atomic pread and pwrite using seek +
3cdd4c
  * read/write, calls on each handle must be serialized.
3cdd4c
@@ -329,6 +366,65 @@ authenticate (struct ssh_handle *h)
3cdd4c
   return -1;
3cdd4c
 }
3cdd4c
 
3cdd4c
+/* This function opens or creates the remote file (depending on
3cdd4c
+ * create=false|true).  Parallel connections might call this function
3cdd4c
+ * at the same time, and so we must hold a lock to ensure that the
3cdd4c
+ * file is created at most once.
3cdd4c
+ */
3cdd4c
+static pthread_mutex_t create_lock = PTHREAD_MUTEX_INITIALIZER;
3cdd4c
+
3cdd4c
+static sftp_file
3cdd4c
+open_or_create_path (ssh_session session, sftp_session sftp, int readonly)
3cdd4c
+{
3cdd4c
+  ACQUIRE_LOCK_FOR_CURRENT_SCOPE (&create_lock);
3cdd4c
+  int access_type;
3cdd4c
+  int r;
3cdd4c
+  sftp_file file;
3cdd4c
+
3cdd4c
+  access_type = readonly ? O_RDONLY : O_RDWR;
3cdd4c
+  if (create) access_type |= O_CREAT | O_TRUNC;
3cdd4c
+
3cdd4c
+  file = sftp_open (sftp, path, access_type, S_IRWXU);
3cdd4c
+  if (!file) {
3cdd4c
+    nbdkit_error ("cannot %s file for %s: %s",
3cdd4c
+                  create ? "create" : "open",
3cdd4c
+                  readonly ? "reading" : "writing",
3cdd4c
+                  ssh_get_error (session));
3cdd4c
+    return NULL;
3cdd4c
+  }
3cdd4c
+
3cdd4c
+  if (create) {
3cdd4c
+    /* There's no sftp_truncate call.  However OpenSSH lets you call
3cdd4c
+     * SSH_FXP_SETSTAT + SSH_FILEXFER_ATTR_SIZE which invokes
3cdd4c
+     * truncate(2) on the server.  Libssh doesn't provide a binding
3cdd4c
+     * for SSH_FXP_FSETSTAT so we have to pass the session + path.
3cdd4c
+     */
3cdd4c
+    struct sftp_attributes_struct attrs = {
3cdd4c
+      .flags = SSH_FILEXFER_ATTR_SIZE |
3cdd4c
+               SSH_FILEXFER_ATTR_PERMISSIONS,
3cdd4c
+      .size = create_size,
3cdd4c
+      .permissions = create_mode,
3cdd4c
+    };
3cdd4c
+
3cdd4c
+    r = sftp_setstat (sftp, path, &attrs);
3cdd4c
+    if (r != SSH_OK) {
3cdd4c
+      nbdkit_error ("setstat failed: %s", ssh_get_error (session));
3cdd4c
+
3cdd4c
+      /* Best-effort attempt to delete the remote file on failure. */
3cdd4c
+      r = sftp_unlink (sftp, path);
3cdd4c
+      if (r != SSH_OK)
3cdd4c
+        nbdkit_debug ("unlink failed: %s", ssh_get_error (session));
3cdd4c
+
3cdd4c
+      return NULL;
3cdd4c
+    }
3cdd4c
+  }
3cdd4c
+
3cdd4c
+  /* On the next connection, don't create or truncate the file. */
3cdd4c
+  create = false;
3cdd4c
+
3cdd4c
+  return file;
3cdd4c
+}
3cdd4c
+
3cdd4c
 /* Create the per-connection handle. */
3cdd4c
 static void *
3cdd4c
 ssh_open (int readonly)
3cdd4c
@@ -337,7 +433,6 @@ ssh_open (int readonly)
3cdd4c
   const int set = 1;
3cdd4c
   size_t i;
3cdd4c
   int r;
3cdd4c
-  int access_type;
3cdd4c
 
3cdd4c
   h = calloc (1, sizeof *h);
3cdd4c
   if (h == NULL) {
3cdd4c
@@ -471,7 +566,7 @@ ssh_open (int readonly)
3cdd4c
   if (authenticate (h) == -1)
3cdd4c
     goto err;
3cdd4c
 
3cdd4c
-  /* Open the SFTP connection and file. */
3cdd4c
+  /* Open the SFTP connection. */
3cdd4c
   h->sftp = sftp_new (h->session);
3cdd4c
   if (!h->sftp) {
3cdd4c
     nbdkit_error ("failed to allocate sftp session: %s",
3cdd4c
@@ -484,14 +579,11 @@ ssh_open (int readonly)
3cdd4c
                   ssh_get_error (h->session));
3cdd4c
     goto err;
3cdd4c
   }
3cdd4c
-  access_type = readonly ? O_RDONLY : O_RDWR;
3cdd4c
-  h->file = sftp_open (h->sftp, path, access_type, S_IRWXU);
3cdd4c
-  if (!h->file) {
3cdd4c
-    nbdkit_error ("cannot open file for %s: %s",
3cdd4c
-                  readonly ? "reading" : "writing",
3cdd4c
-                  ssh_get_error (h->session));
3cdd4c
+
3cdd4c
+  /* Open or create the remote file. */
3cdd4c
+  h->file = open_or_create_path (h->session, h->sftp, readonly);
3cdd4c
+  if (!h->file)
3cdd4c
     goto err;
3cdd4c
-  }
3cdd4c
 
3cdd4c
   nbdkit_debug ("opened libssh handle");
3cdd4c
 
3cdd4c
diff --git a/tests/test-ssh.sh b/tests/test-ssh.sh
3cdd4c
index 6c0ce410..f04b4488 100755
3cdd4c
--- a/tests/test-ssh.sh
3cdd4c
+++ b/tests/test-ssh.sh
3cdd4c
@@ -36,6 +36,7 @@ set -x
3cdd4c
 
3cdd4c
 requires test -f disk
3cdd4c
 requires nbdcopy --version
3cdd4c
+requires stat --version
3cdd4c
 
3cdd4c
 # Check that ssh to localhost will work without any passwords or phrases.
3cdd4c
 #
3cdd4c
@@ -48,7 +49,7 @@ then
3cdd4c
     exit 77
3cdd4c
 fi
3cdd4c
 
3cdd4c
-files="ssh.img"
3cdd4c
+files="ssh.img ssh2.img"
3cdd4c
 rm -f $files
3cdd4c
 cleanup_fn rm -f $files
3cdd4c
 
3cdd4c
@@ -59,3 +60,13 @@ nbdkit -v -D ssh.log=2 -U - \
3cdd4c
 
3cdd4c
 # The output should be identical.
3cdd4c
 cmp disk ssh.img
3cdd4c
+
3cdd4c
+# Copy local file 'ssh.img' to newly created "remote" 'ssh2.img'
3cdd4c
+size="$(stat -c %s disk)"
3cdd4c
+nbdkit -v -D ssh.log=2 -U - \
3cdd4c
+       ssh host=localhost $PWD/ssh2.img \
3cdd4c
+       create=true create-size=$size \
3cdd4c
+       --run 'nbdcopy ssh.img "$uri"'
3cdd4c
+
3cdd4c
+# The output should be identical.
3cdd4c
+cmp disk ssh2.img
3cdd4c
-- 
3cdd4c
2.31.1
3cdd4c