qusal/salt/sys-ssh-agent/files/server/rpc/qusal.SshAgent

#!/bin/sh

# SPDX-FileCopyrightText: 2023 - 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
#
# SPDX-License-Identifier: AGPL-3.0-or-later

set -eu

die(){
  printf '%s\n' "error: ${1}" >&2
  exit 1
}

# shellcheck disable=SC2154
untrusted_agent="${QREXEC_SERVICE_ARGUMENT}"

if test -z "${untrusted_agent}"; then
  die "Agent name is empty"
fi

if ! (printf '%s\n' "${untrusted_agent}" | \
  grep -q -e "^[A-Za-z0-9][A-Za-z0-9_.-]\+$")
then
  msg="Forbidden characters in agent name."
  msg="${msg} Allowed chars: letters, numbers, hyphen, underscore and dot."
  msg="${msg} Name cannot begin with hyphen, underscore or dot"
  die "${msg}"
fi

## Length arbitrarily set.
if test "${#untrusted_agent}" -gt 128; then
  die "Repository name is too long: ${#untrusted_agent}"
fi

agent="${untrusted_agent}"
socket="/tmp/qusal-ssh-agent/${agent}.sock"

qvm-ssh-agent add "${agent}" >/dev/null
exec socat STDIO UNIX-CLIENT:"${socket}"
refactor: initial commit 2023-11-13 14:33:28 +00:00			`#!/bin/sh`

style: limit line length per file extension Editorconfig can only act based on file extension and path, not attributes, it remains a mean only for multiple collaborators to use the same configuration on their editor. When it is too restrictive, such as not considering the file syntax, use a lint tool for the specific file type instead of trusting editorconfig. Changes were made to increase readability. 2024-07-09 17:42:07 +02:00			`# SPDX-FileCopyrightText: 2023 - 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>`
refactor: initial commit 2023-11-13 14:33:28 +00:00			`#`
			`# SPDX-License-Identifier: AGPL-3.0-or-later`

			`set -eu`

style: limit line length per file extension Editorconfig can only act based on file extension and path, not attributes, it remains a mean only for multiple collaborators to use the same configuration on their editor. When it is too restrictive, such as not considering the file syntax, use a lint tool for the specific file type instead of trusting editorconfig. Changes were made to increase readability. 2024-07-09 17:42:07 +02:00			`die(){`
fix: avoid echo usage Echo can interpret operand as an option and checking every variable to be echoed is troublesome while with printf, if the format specifier is present before the operand, printing as string can be enforced. 2024-08-06 18:15:24 +02:00			`printf '%s\n' "error: ${1}" >&2`
style: limit line length per file extension Editorconfig can only act based on file extension and path, not attributes, it remains a mean only for multiple collaborators to use the same configuration on their editor. When it is too restrictive, such as not considering the file syntax, use a lint tool for the specific file type instead of trusting editorconfig. Changes were made to increase readability. 2024-07-09 17:42:07 +02:00			`exit 1`
			`}`

feat: enable all optional shellcheck validations Make shell a little bit safer with: - add-default-case - check-extra-masked-returns - check-set-e-suppressed - quote-safe-variables - check-unassigned-uppercase Although there are some stylistic decisions for uniformity: - avoid-nullary-conditions - deprecated-which - require-variable-braces 2024-07-10 14:36:05 +02:00			`# shellcheck disable=SC2154`
			`untrusted_agent="${QREXEC_SERVICE_ARGUMENT}"`
fix: unstrusted input marking and sanitization 2023-11-21 14:57:47 +00:00
			`if test -z "${untrusted_agent}"; then`
style: limit line length per file extension Editorconfig can only act based on file extension and path, not attributes, it remains a mean only for multiple collaborators to use the same configuration on their editor. When it is too restrictive, such as not considering the file syntax, use a lint tool for the specific file type instead of trusting editorconfig. Changes were made to increase readability. 2024-07-09 17:42:07 +02:00			`die "Agent name is empty"`
fix: unstrusted input marking and sanitization 2023-11-21 14:57:47 +00:00			`fi`

fix: avoid echo usage Echo can interpret operand as an option and checking every variable to be echoed is troublesome while with printf, if the format specifier is present before the operand, printing as string can be enforced. 2024-08-06 18:15:24 +02:00			`if ! (printf '%s\n' "${untrusted_agent}" \| \`
			`grep -q -e "^[A-Za-z0-9][A-Za-z0-9_.-]\+$")`
fix: unstrusted input marking and sanitization 2023-11-21 14:57:47 +00:00			`then`
style: limit line length per file extension Editorconfig can only act based on file extension and path, not attributes, it remains a mean only for multiple collaborators to use the same configuration on their editor. When it is too restrictive, such as not considering the file syntax, use a lint tool for the specific file type instead of trusting editorconfig. Changes were made to increase readability. 2024-07-09 17:42:07 +02:00			`msg="Forbidden characters in agent name."`
			`msg="${msg} Allowed chars: letters, numbers, hyphen, underscore and dot."`
			`msg="${msg} Name cannot begin with hyphen, underscore or dot"`
			`die "${msg}"`
fix: unstrusted input marking and sanitization 2023-11-21 14:57:47 +00:00			`fi`

			`## Length arbitrarily set.`
			`if test "${#untrusted_agent}" -gt 128; then`
			`die "Repository name is too long: ${#untrusted_agent}"`
			`fi`

			`agent="${untrusted_agent}"`
refactor: prefer systemd sockets over socat - Document preferred method for socket use depending on use case; - Fix Github web-flow key; - Standardize naming of services; - Use sys-ssh in ansible formula; - Start services conditionally with Qubes Service and evaluated by systemd ConditionPathExists= instead of installing on a per qube basis with rc.local scripts; - Change Qusal services to "qusal-" prefix instead of "qubes-" prefix. Fixes: https://github.com/ben-grande/qusal/issues/80 Fixes: https://github.com/ben-grande/qusal/issues/79 2024-06-25 22:16:26 +02:00			`socket="/tmp/qusal-ssh-agent/${agent}.sock"`
refactor: initial commit 2023-11-13 14:33:28 +00:00
			`qvm-ssh-agent add "${agent}" >/dev/null`
fix: unstrusted input marking and sanitization 2023-11-21 14:57:47 +00:00			`exec socat STDIO UNIX-CLIENT:"${socket}"`