GUACAMOLE-1174: Remove option use-exec, add snprintf result validation, fix code formatting.

This commit is contained in:
Yaroslav Nikonorov 2020-09-23 14:50:01 +03:00
parent 7683a17d69
commit 164f792b86
5 changed files with 29 additions and 44 deletions

View File

@ -217,7 +217,6 @@ void* guac_kubernetes_client_thread(void* data) {
settings->kubernetes_namespace, settings->kubernetes_namespace,
settings->kubernetes_pod, settings->kubernetes_pod,
settings->kubernetes_container, settings->kubernetes_container,
settings->use_exec,
settings->exec_command)) { settings->exec_command)) {
guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR, guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR,
"Unable to generate path for Kubernetes API endpoint: " "Unable to generate path for Kubernetes API endpoint: "

View File

@ -31,7 +31,6 @@ const char* GUAC_KUBERNETES_CLIENT_ARGS[] = {
"namespace", "namespace",
"pod", "pod",
"container", "container",
"use-exec",
"exec-command", "exec-command",
"use-ssl", "use-ssl",
"client-cert", "client-cert",
@ -89,12 +88,7 @@ enum KUBERNETES_ARGS_IDX {
IDX_CONTAINER, IDX_CONTAINER,
/** /**
* Whether exec call should be used. If omitted, attach call will be used. * The command used by exec call. If omitted, attach call will be used.
*/
IDX_USE_EXEC,
/**
* The command used by exec call.
*/ */
IDX_EXEC_COMMAND, IDX_EXEC_COMMAND,
@ -287,15 +281,10 @@ guac_kubernetes_settings* guac_kubernetes_parse_args(guac_user* user,
guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS, argv, guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
IDX_CONTAINER, NULL); IDX_CONTAINER, NULL);
/* Parse whether exec call should be used */
settings->use_exec =
guac_user_parse_args_boolean(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
IDX_USE_EXEC, false);
/* Read exec command (optional) */ /* Read exec command (optional) */
settings->exec_command = settings->exec_command =
guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS, argv, guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
IDX_EXEC_COMMAND, GUAC_KUBERNETES_DEFAULT_EXEC_COMMAND); IDX_EXEC_COMMAND, NULL);
/* Parse whether SSL should be used */ /* Parse whether SSL should be used */
settings->use_ssl = settings->use_ssl =

View File

@ -47,12 +47,6 @@
*/ */
#define GUAC_KUBERNETES_DEFAULT_NAMESPACE "default" #define GUAC_KUBERNETES_DEFAULT_NAMESPACE "default"
/**
* The command that should be used by default for exec call if no
* specific command is provided.
*/
#define GUAC_KUBERNETES_DEFAULT_EXEC_COMMAND "/bin/sh"
/** /**
* The filename to use for the typescript, if not specified. * The filename to use for the typescript, if not specified.
*/ */
@ -104,12 +98,8 @@ typedef struct guac_kubernetes_settings {
char* kubernetes_container; char* kubernetes_container;
/** /**
* Whether exec call should be used, default attach. * The command to generate api endpoint for call exec.
*/ * If omitted call attach will be used.
bool use_exec;
/**
* Exec command, default /bin/sh.
*/ */
char* exec_command; char* exec_command;

View File

@ -91,7 +91,7 @@ int guac_kubernetes_escape_url_component(char* output, int length,
int guac_kubernetes_endpoint_uri(char* buffer, int length, int guac_kubernetes_endpoint_uri(char* buffer, int length,
const char* kubernetes_namespace, const char* kubernetes_pod, const char* kubernetes_namespace, const char* kubernetes_pod,
const char* kubernetes_container, int use_exec, const char* exec_command) { const char* kubernetes_container, const char* exec_command) {
int written; int written;
@ -111,26 +111,32 @@ int guac_kubernetes_endpoint_uri(char* buffer, int length,
return 1; return 1;
/* Generate endpoint path depending on the call type */ /* Generate endpoint path depending on the call type */
char* call="attach"; char* call = "attach";
if (use_exec) if (exec_command != NULL)
call = "exec"; call = "exec";
char endpoint_path[GUAC_KUBERNETES_MAX_ENDPOINT_LENGTH]; char endpoint_path[GUAC_KUBERNETES_MAX_ENDPOINT_LENGTH];
snprintf(endpoint_path, GUAC_KUBERNETES_MAX_ENDPOINT_LENGTH*3,
"/api/v1/namespaces/%s/pods/%s/%s", escaped_namespace, escaped_pod, call); written = snprintf(endpoint_path, sizeof(endpoint_path),
"/api/v1/namespaces/%s/pods/%s/%s", escaped_namespace, escaped_pod, call);
if (written < 0 || written >= sizeof(endpoint_path))
return 1;
/* Generate endpoint params */ /* Generate endpoint params */
char endpoint_params[GUAC_KUBERNETES_MAX_ENDPOINT_LENGTH]=""; char endpoint_params[GUAC_KUBERNETES_MAX_ENDPOINT_LENGTH]="";
int param_length=0;
if(use_exec){ if (exec_command != NULL) {
/* Escape exec command */ /* Escape exec command */
if (guac_kubernetes_escape_url_component(escaped_exec_command, if (guac_kubernetes_escape_url_component(escaped_exec_command,
sizeof(escaped_exec_command), exec_command)) sizeof(escaped_exec_command), exec_command))
return 1; return 1;
param_length += snprintf(endpoint_params, GUAC_KUBERNETES_MAX_ENDPOINT_LENGTH, written = snprintf(endpoint_params, sizeof(endpoint_params),
"command=%s&", escaped_exec_command); "command=%s&", escaped_exec_command);
if (written < 0 || written >= sizeof(endpoint_params))
return 1;
} }
if (kubernetes_container != NULL) { if (kubernetes_container != NULL) {
@ -139,13 +145,17 @@ int guac_kubernetes_endpoint_uri(char* buffer, int length,
sizeof(escaped_container), kubernetes_container)) sizeof(escaped_container), kubernetes_container))
return 1; return 1;
snprintf(endpoint_params+param_length, GUAC_KUBERNETES_MAX_ENDPOINT_LENGTH-param_length, written = snprintf(endpoint_params, sizeof(endpoint_params),
"container=%s&", escaped_container); "container=%s&", escaped_container);
if (written < 0 || written >= sizeof(endpoint_params))
return 1;
} }
/* Combine path and params to uri */ /* Combine path and params to uri */
written = snprintf(buffer, length, "%s?%sstdin=true&stdout=true&tty=true", written = snprintf(buffer, length, "%s?%sstdin=true&stdout=true&tty=true",
endpoint_path, endpoint_params); endpoint_path, endpoint_params);
/* Endpoint URL was successfully generated if it was written to the given /* Endpoint URL was successfully generated if it was written to the given
* buffer without truncation */ * buffer without truncation */
return !(written < length - 1); return !(written < length - 1);

View File

@ -72,13 +72,10 @@ int guac_kubernetes_escape_url_component(char* output, int length,
* @param kubernetes_container * @param kubernetes_container
* The name of the container to attach to, or NULL to arbitrarily attach * The name of the container to attach to, or NULL to arbitrarily attach
* to the first container in the pod. * to the first container in the pod.
* *
* @param use_exec
* Whether use call exec.
* Execute a command in a container and attach to it instead of main container process.
*
* @param exec_command * @param exec_command
* The command used in conjunction with exec call. * The command used to run a new process and attach to it,
* instead of the main container process.
* *
* @return * @return
* Zero if the endpoint path was successfully written to the provided * Zero if the endpoint path was successfully written to the provided
@ -86,7 +83,7 @@ int guac_kubernetes_escape_url_component(char* output, int length,
*/ */
int guac_kubernetes_endpoint_uri(char* buffer, int length, int guac_kubernetes_endpoint_uri(char* buffer, int length,
const char* kubernetes_namespace, const char* kubernetes_pod, const char* kubernetes_namespace, const char* kubernetes_pod,
const char* kubernetes_container, int use_exec, const char* exec_command); const char* kubernetes_container, const char* exec_command);
#endif #endif