diff options
| author | Agata Olender <agata.olender@intel.com> | 2020-01-13 19:51:24 +0300 |
|---|---|---|
| committer | Olender, Agata <agata.olender@intel.com> | 2020-02-06 12:10:36 +0300 |
| commit | c33ba00b914c267d14f395a1127aca5dda17fee2 (patch) | |
| tree | b8e8778384cd0c69d9a04d43658662133831fabd /virtual-media/src/smb.hpp | |
| parent | a8b6b77d79bac80543033cc3bd140ff6cf4ba2f5 (diff) | |
| download | provingground-c33ba00b914c267d14f395a1127aca5dda17fee2.tar.xz | |
Authentication support for Legacy mode
This change introduces new 'Mount' API argument - UNIX_FD for named pipe.
This named pipe is utilized to securely send secret data over D-Bus.
Currently data consists of null-terminated char buffers with username and
password.
Data on receiving side is encapsulated into classes whose role is to:
- keep secret as short-lived as possible
- erase secret from memory when it's not needed
- pass secrets (and format them) to another secure container with above
capabilities
New classes:
- Credentials: is a class encapsulating login and password. It zeroes them
at destruction.
- CredentialProvider: contains Credentials, specifies SecureBuffer, allows
to store credentials in SecureBuffer
- SecureBuffer: char vector which zeroes itself at destruction,
used to provision secret data
- VolatileFile: class creating temporary file with 'owner-only' permissions
in /tmp; at destruction overwrites it's contents with '*' and removes it
New behavior:
- when UNIX_FD is provided over D-Bus it's treated as open unix pipe. Data
is read from this pipe and stored securely into CredentialsProvider
- credentials are stored in applications inside CredentialsProvider object,
encapsulated by unique_ptr for as long as it's needed
- strings containing secrets are zeroed immediately after use
- VolatileFile is used to securely pass credentials to nbdkit curl plugin
instead of command line parameters.
Tested:
Manual and automated tests on WilsonCity platform:
- positive and negative tests for authentication on both CIFS and HTTPS
resources
- error injection (ill-formed data transfered over pipe, pipe broken etc.)
Change-Id: I608ae0380b8ad57110bc0939f71eb48604e7dc99
Signed-off-by: Adrian Ambrożewicz <adrian.ambrozewicz@linux.intel.com>
Signed-off-by: Agata Olender <agata.olender@intel.com>
Diffstat (limited to 'virtual-media/src/smb.hpp')
| -rw-r--r-- | virtual-media/src/smb.hpp | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/virtual-media/src/smb.hpp b/virtual-media/src/smb.hpp index 3189770..62c3a44 100644 --- a/virtual-media/src/smb.hpp +++ b/virtual-media/src/smb.hpp @@ -1,6 +1,7 @@ #pragma once #include "logger.hpp" +#include "utils.hpp" #include <sys/mount.h> @@ -16,7 +17,8 @@ class SmbShare { } - bool mount(const fs::path& remote, bool rw) + bool mount(const fs::path& remote, bool rw, + const std::unique_ptr<utils::CredentialsProvider>& credentials) { LogMsg(Logger::Debug, "Trying to mount remote : ", remote); @@ -25,8 +27,27 @@ class SmbShare auto options = params + "," + perm; LogMsg(Logger::Debug, "Mounting with options: ", options); + std::string credentialsOpt; + if (!credentials) + { + LogMsg(Logger::Info, "Mounting as Guest"); + credentialsOpt = "guest,user=OpenBmc"; + } + else + { + LogMsg(Logger::Info, "Authenticating as ", credentials->user()); + credentialsOpt = "user=" + credentials->user() + + ",password=" + credentials->password(); + } + + options += "," + credentialsOpt; + auto ec = ::mount(remote.c_str(), mountDir.c_str(), "cifs", 0, options.c_str()); + + utils::secureCleanup(options); + utils::secureCleanup(credentialsOpt); + if (ec) { LogMsg(Logger::Error, "Mount failed with ec = ", ec, |