Merge pull request #21 from merlin-northern/men_4325_file_transfer_re…

…strictions_review MEN-4325 File Transfer Limits
mendersoftware · Mar 30, 2021 · 7f567d2 · 7f567d2
2 parents 60b99c3 + 1b72a8a
commit 7f567d2
Show file tree

Hide file tree

Showing 10 changed files with 1,890 additions and 174 deletions.
diff --git a/app/daemon.go b/app/daemon.go
@@ -16,6 +16,7 @@ package app
 import (
 	"context"
 	"fmt"
+	"github.com/mendersoftware/mender-connect/limits/filetransfer"
 	"os/user"
 	"strconv"
 	"sync"
@@ -92,7 +93,7 @@ func NewDaemon(conf *config.MenderShellConfig) *MenderShellDaemon {
 		routes[ws.ProtoTypeShell] = nil
 	}
 	if !conf.FileTransfer.Disable {
-		routes[ws.ProtoTypeFileTransfer] = session.FileTransfer()
+		routes[ws.ProtoTypeFileTransfer] = session.FileTransfer(conf.Limits)
 	}
 	if !conf.PortForward.Disable {
 		routes[ws.ProtoTypePortForward] = session.PortForward()
@@ -198,6 +199,10 @@ func (d *MenderShellDaemon) outputStatus() {
 		log.Infof("   expires:%s active:%s", s.GetExpiresAtFmt(), s.GetActiveAtFmt())
 		log.Infof("   shell:%s", s.GetShellCommandPath())
 	}
+	log.Info("  file-transfer:")
+	tx, rx, tx1m, rx1m := filetransfer.GetCounters()
+	log.Infof("   total: tx/rx %d/%d", tx, rx)
+	log.Infof("   1m: tx rx %.2f %.2f (w)", tx1m, rx1m)
 	d.printStatus = false
 }
 

diff --git a/config/config.go b/config/config.go
@@ -17,16 +17,15 @@ package config
 import (
 	"bufio"
 	"encoding/json"
+	"github.com/pkg/errors"
+	log "github.com/sirupsen/logrus"
 	"io/ioutil"
 	"net/url"
 	"os"
 	"os/user"
 	"path/filepath"
 	"strings"
 
-	"github.com/pkg/errors"
-	log "github.com/sirupsen/logrus"
-
 	"github.com/mendersoftware/mender-connect/client/https"
 )
 
@@ -65,6 +64,57 @@ type SessionsConfig struct {
 	MaxPerUser uint32
 }
 
+// Counter for the limits  and restrictions for the File Transfer
+//on and off the device(MEN-4325)
+type RateLimits struct {
+	// Maximum bytes count allowed to transfer per minute
+	// this is per device global limit, which is consulted
+	// every time there is a transfer starting. if above
+	// the limit, we answer with error message indicating
+	// limit reached.
+	MaxBytesTxPerMinute uint64
+	MaxBytesRxPerMinute uint64
+}
+
+// Limits and restrictions for the File Transfer on and off the device(MEN-4325)
+type FileTransferLimits struct {
+	// the global parent directory that File Transfer will never escape
+	Chroot string
+	// No way to escape Chroot, even if this one is set the Chroot setting will
+	// be checked for the target of any link and restricted accordingly
+	FollowSymLinks bool
+	// Allow overwrite files
+	AllowOverwrite bool
+	// set the owner of new files to OwnerPut
+	OwnerPut string
+	// set the owner of new files to OwnerPut
+	GroupPut string
+	// allow to get only files owned by OwnerGet
+	OwnerGet []string
+	// allow to get only files owned by OwnerGet
+	GroupGet []string
+	// umask for new files
+	Umask string
+	// Maximum allowed file size
+	MaxFileSize uint64
+	// File transfer rate limits
+	Counters RateLimits
+	// If true it is allowed to upload files with set user id on execute bit set
+	AllowSuid bool
+	// By default we only allow to send/put regular files
+	RegularFilesOnly bool
+	// By default we preserve the file modes but set one according to
+	//the current umask or configured Umask above
+	PreserveMode bool
+	// By default we preserve the owner of the file uploaded
+	PreserveOwner bool
+}
+
+type Limits struct {
+	Enabled      bool               `json:"Enabled"`
+	FileTransfer FileTransferLimits `json:"FileTransfer"`
+}
+
 // MenderShellConfigFromFile holds the configuration settings read from the config file
 type MenderShellConfigFromFile struct {
 	// ClientProtocol "https"
@@ -87,6 +137,8 @@ type MenderShellConfigFromFile struct {
 	Terminal TerminalConfig `json:"Terminal"`
 	// User sessions settings
 	Sessions SessionsConfig `json:"Sessions"`
+	// Limits and restrictions
+	Limits Limits `json:"Limits"`
 	// Reconnect interval
 	ReconnectIntervalSeconds int
 	// FileTransfer config
@@ -263,6 +315,10 @@ func (c *MenderShellConfig) Validate() (err error) {
 	}
 
 	c.HTTPSClient.Validate()
+
+	// permit by default, probably will be changed after integration test is modified
+	c.Limits.FileTransfer.PreserveMode = true
+	c.Limits.FileTransfer.PreserveOwner = true
 	log.Debugf("Verified configuration = %#v", c)
 
 	return nil
@@ -281,7 +337,7 @@ func loadConfigFile(configFile string, config *MenderShellConfig, filesLoadedCou
 		return err
 	}
 
-	(*filesLoadedCount)++
+	*filesLoadedCount++
 	log.Info("Loaded configuration file: ", configFile)
 	return nil
 }

diff --git a/config/config_test.go b/config/config_test.go
@@ -1,4 +1,4 @@
-// Copyright 2020 Northern.tech AS
+// Copyright 2021 Northern.tech AS
 //
 //    Licensed under the Apache License, Version 2.0 (the "License");
 //    you may not use this file except in compliance with the License.
@@ -172,6 +172,26 @@ func validateConfiguration(t *testing.T, actual *MenderShellConfig) {
 			MaxPerUser:      4,
 		},
 		ReconnectIntervalSeconds: DefaultReconnectIntervalsSeconds,
+		Limits: Limits{
+			Enabled: false,
+			FileTransfer: FileTransferLimits{
+				Chroot:         "",
+				FollowSymLinks: false,
+				AllowOverwrite: false,
+				OwnerPut:       "",
+				GroupPut:       "",
+				Umask:          "",
+				MaxFileSize:    0,
+				Counters: RateLimits{
+					MaxBytesTxPerMinute: 0,
+					MaxBytesRxPerMinute: 0,
+				},
+				AllowSuid:        false,
+				RegularFilesOnly: false,
+				PreserveMode:     true,
+				PreserveOwner:    true,
+			},
+		},
 	}
 	if !assert.True(t, reflect.DeepEqual(actual, expectedConfig)) {
 		t.Logf("got:      %+v", actual)