MEN-4325 File Transfer Limits

ChangeLog:none Signed-off-by: Peter Grzybowski <peter@northern.tech>
mendersoftware · Mar 14, 2021 · db2fa9f · db2fa9f
1 parent c1eb496
commit db2fa9f
Show file tree

Hide file tree

Showing 10 changed files with 1,655 additions and 51 deletions.
diff --git a/app/daemon.go b/app/daemon.go
@@ -16,6 +16,7 @@ package app
 import (
 	"context"
 	"fmt"
+	"github.com/mendersoftware/mender-connect/limits/filetransfer"
 	"os/user"
 	"strconv"
 	"sync"
@@ -93,7 +94,7 @@ func NewDaemon(conf *config.MenderShellConfig) *MenderShellDaemon {
 	// Setup ProtoMsg routes.
 	routes := make(session.ProtoRoutes)
 	if !conf.FileTransfer.Disable {
-		routes[ws.ProtoTypeFileTransfer] = session.FileTransfer()
+		routes[ws.ProtoTypeFileTransfer] = session.FileTransfer(conf.Limits)
 	}
 	if !conf.MenderClient.Disable {
 		routes[ws.ProtoTypeMenderClient] = session.MenderClient()
@@ -192,6 +193,10 @@ func (d *MenderShellDaemon) outputStatus() {
 		log.Infof("   expires:%s active:%s", s.GetExpiresAtFmt(), s.GetActiveAtFmt())
 		log.Infof("   shell:%s", s.GetShellCommandPath())
 	}
+	log.Info("  file-transfer:")
+	tx, rx, txps, rxps := filetransfer.GetCounters()
+	log.Infof("   tx/rx %d/%d", tx, rx)
+	log.Infof("   tx/s rx/s %.2f %.2f", txps, rxps)
 	d.printStatus = false
 }
 

diff --git a/config/config.go b/config/config.go
@@ -17,16 +17,15 @@ package config
 import (
 	"bufio"
 	"encoding/json"
+	"github.com/pkg/errors"
+	log "github.com/sirupsen/logrus"
 	"io/ioutil"
 	"net/url"
 	"os"
 	"os/user"
 	"path/filepath"
 	"strings"
 
-	"github.com/pkg/errors"
-	log "github.com/sirupsen/logrus"
-
 	"github.com/mendersoftware/mender-connect/client/https"
 )
 
@@ -60,6 +59,57 @@ type SessionsConfig struct {
 	MaxPerUser uint32
 }
 
+// Counter for the limits  and restrictions for the File Transfer
+//on and off the device(MEN-4325)
+type Counters struct {
+	// Maximum bytes count allowed to transfer per hours
+	// this is per device global limit, which is consulted
+	// every time there is a transfer starting. if above
+	// the limit, we answer with error message indicating
+	// limit reached.
+	MaxBytesTxPerHour uint64
+	MaxBytesRxPerHour uint64
+}
+
+// Limits and restrictions for the File Transfer on and off the device(MEN-4325)
+type FileTransferLimits struct {
+	// the global parent directory that File Transfer will never escape
+	Chroot string
+	// No way to escape Chroot, even if this one is set the Chroot setting will
+	// be checked for the target of any link and restricted accordingly
+	FollowSymLinks bool
+	// Allow overwrite files
+	AllowOverwrite bool
+	// set the owner of new files to OwnerPut
+	OwnerPut string
+	// set the owner of new files to OwnerPut
+	GroupPut string
+	// allow to get only files owned by OwnerGet
+	OwnerGet string
+	// allow to get only files owned by OwnerGet
+	GroupGet string
+	// umask for new files
+	Umask string
+	// Maximum allowed file size
+	MaxFileSize uint64
+	// Global counters
+	Counters Counters
+	// If true it is allowed to upload files with set user id on execute bit set
+	AllowSuid bool
+	// By default we only allow to send/put regular files
+	RegularFilesOnly bool
+	// By default we preserve the file modes but set one according to
+	//the current umask or configured Umask above
+	DoNotPreserveMode bool
+	// By default we preserve the owner of the file uploaded
+	DoNotPreserveOwner bool
+}
+
+type Limits struct {
+	Enabled      bool               `json:"-"`
+	FileTransfer FileTransferLimits `json:"FileTransfer"`
+}
+
 // MenderShellConfigFromFile holds the configuration settings read from the config file
 type MenderShellConfigFromFile struct {
 	// ClientProtocol "https"
@@ -82,6 +132,8 @@ type MenderShellConfigFromFile struct {
 	Terminal TerminalConfig `json:"Terminal"`
 	// User sessions settings
 	Sessions SessionsConfig `json:"Sessions"`
+	// Limits and restrictions
+	Limits Limits `json:"Limits"`
 	// Reconnect interval
 	ReconnectIntervalSeconds int
 
@@ -255,6 +307,9 @@ func (c *MenderShellConfig) Validate() (err error) {
 	}
 
 	c.HTTPSClient.Validate()
+
+	//enforce the limits by default, if set to false it means permit everything
+	c.Limits.Enabled = true
 	log.Debugf("Verified configuration = %#v", c)
 
 	return nil
@@ -273,7 +328,7 @@ func loadConfigFile(configFile string, config *MenderShellConfig, filesLoadedCou
 		return err
 	}
 
-	(*filesLoadedCount)++
+	*filesLoadedCount++
 	log.Info("Loaded configuration file: ", configFile)
 	return nil
 }

diff --git a/config/config_test.go b/config/config_test.go
@@ -1,4 +1,4 @@
-// Copyright 2020 Northern.tech AS
+// Copyright 2021 Northern.tech AS
 //
 //    Licensed under the Apache License, Version 2.0 (the "License");
 //    you may not use this file except in compliance with the License.
@@ -172,6 +172,28 @@ func validateConfiguration(t *testing.T, actual *MenderShellConfig) {
 			MaxPerUser:      4,
 		},
 		ReconnectIntervalSeconds: DefaultReconnectIntervalsSeconds,
+		Limits: Limits{
+			Enabled: true,
+			FileTransfer: FileTransferLimits{
+				Chroot:         "",
+				FollowSymLinks: false,
+				AllowOverwrite: false,
+				OwnerPut:       "",
+				GroupPut:       "",
+				OwnerGet:       "",
+				GroupGet:       "",
+				Umask:          "",
+				MaxFileSize:    0,
+				Counters: Counters{
+					MaxBytesTxPerHour: 0,
+					MaxBytesRxPerHour: 0,
+				},
+				AllowSuid:          false,
+				RegularFilesOnly:   false,
+				DoNotPreserveMode:  false,
+				DoNotPreserveOwner: false,
+			},
+		},
 	}
 	if !assert.True(t, reflect.DeepEqual(actual, expectedConfig)) {
 		t.Logf("got:      %+v", actual)