// SPDX-License-Identifier: LGPL-2.1+ #include "nm-default.h" #include "nmcs-provider-gcp.h" #include "nm-cloud-setup-utils.h" /*****************************************************************************/ #define HTTP_TIMEOUT_MS 3000 #define HTTP_REQ_MAX_DATA 512*1024 #define HTTP_POLL_TIMEOUT_MS 10000 #define HTTP_RATE_LIMIT_MS 1000 #define NM_GCP_HOST "metadata.google.internal" #define NM_GCP_BASE "http://" NM_GCP_HOST #define NM_GCP_API_VERSION "/v1" #define NM_GCP_METADATA_URL_BASE NM_GCP_BASE "/computeMetadata" NM_GCP_API_VERSION "/instance" #define NM_GCP_METADATA_URL_NET "/network-interfaces/" #define NM_GCP_METADATA_HEADER "Metadata-Flavor: Google" #define _gcp_uri_concat(...) nmcs_utils_uri_build_concat (NM_GCP_METADATA_URL_BASE, __VA_ARGS__) #define _gcp_uri_interfaces(...) _gcp_uri_concat (NM_GCP_METADATA_URL_NET, ##__VA_ARGS__) /*****************************************************************************/ struct _NMCSProviderGCP { NMCSProvider parent; }; struct _NMCSProviderGCPClass { NMCSProviderClass parent; }; G_DEFINE_TYPE (NMCSProviderGCP, nmcs_provider_gcp, NMCS_TYPE_PROVIDER); /*****************************************************************************/ static void _detect_get_meta_data_done_cb (GObject *source, GAsyncResult *result, gpointer user_data) { gs_unref_object GTask *task = user_data; gs_free_error GError *get_error = NULL; gs_free_error GError *error = NULL; gboolean success; success = nm_http_client_poll_get_finish (NM_HTTP_CLIENT (source), result, NULL, NULL, &get_error); if (nm_utils_error_is_cancelled (get_error)) { g_task_return_error (task, g_steal_pointer (&get_error)); return; } if (get_error) { nm_utils_error_set (&error, NM_UTILS_ERROR_UNKNOWN, "failure to get GCP metadata: %s", get_error->message); g_task_return_error (task, g_steal_pointer (&error)); return; } if (!success) { nm_utils_error_set (&error, NM_UTILS_ERROR_UNKNOWN, "failure to detect GCP metadata"); g_task_return_error (task, g_steal_pointer (&error)); return; } g_task_return_boolean (task, TRUE); } static void detect (NMCSProvider *provider, GTask *task) { NMHttpClient *http_client; gs_free char *uri = NULL; http_client = nmcs_provider_get_http_client (provider); nm_http_client_poll_get (http_client, (uri = _gcp_uri_concat ("id")), HTTP_TIMEOUT_MS, 256*1024, 7000, 1000, NM_MAKE_STRV (NM_GCP_METADATA_HEADER), g_task_get_cancellable (task), NULL, NULL, _detect_get_meta_data_done_cb, task); } /*****************************************************************************/ typedef struct { NMCSProviderGetConfigTaskData *config_data; guint n_ifaces_pending; GError *error; bool success:1; } GCPData; typedef struct { NMCSProviderGetConfigIfaceData *iface_get_config; GCPData *gcp_data; gssize iface_idx; guint n_fips_pending; } GCPIfaceData; static void _get_config_maybe_task_return (GCPData *gcp_data, GError *error_take) { NMCSProviderGetConfigTaskData *config_data = gcp_data->config_data; gs_free_error GError *gcp_error = NULL; if (error_take) { nm_clear_error (&gcp_data->error); gcp_data->error = error_take; } if (gcp_data->n_ifaces_pending) return; gcp_error = gcp_data->error; if (!gcp_data->success) { nm_assert (gcp_error); if (nm_utils_error_is_cancelled (gcp_error)) _LOGD ("get-config: cancelled"); else _LOGD ("get-config: failed: %s", gcp_error->message); g_task_return_error (config_data->task, g_steal_pointer (&gcp_error)); } else { _LOGD ("get-config: success"); g_task_return_pointer (config_data->task, g_hash_table_ref (config_data->result_dict), (GDestroyNotify) g_hash_table_unref); } nm_g_slice_free (gcp_data); g_object_unref (config_data->task); } static void _get_config_fip_cb (GObject *source, GAsyncResult *result, gpointer user_data) { NMCSProviderGetConfigIfaceData *iface_get_config; gs_unref_bytes GBytes *response = NULL; GCPIfaceData *iface_data = user_data; gs_free_error GError *error = NULL; const char *fip_str = NULL; NMIPRoute **routes_arr; NMIPRoute *route_new; GCPData *gcp_data; gcp_data = iface_data->gcp_data; nm_http_client_poll_get_finish (NM_HTTP_CLIENT (source), result, NULL, &response, &error); if (error) goto iface_done; fip_str = g_bytes_get_data (response, NULL); if (!nm_utils_ipaddr_valid (AF_INET, fip_str)) { error = nm_utils_error_new (NM_UTILS_ERROR_UNKNOWN, "forwarded-ip is not a valid ip address"); goto iface_done; } _LOGI ("GCP interface[%"G_GSSIZE_FORMAT"]: adding forwarded-ip %s", iface_data->iface_idx, fip_str); iface_get_config = iface_data->iface_get_config; iface_get_config->iface_idx = iface_data->iface_idx; routes_arr = iface_get_config->iproutes_arr; route_new = nm_ip_route_new (AF_INET, fip_str, 32, NULL, 100, &error); if (error) goto iface_done; nm_ip_route_set_attribute (route_new, NM_IP_ROUTE_ATTRIBUTE_TYPE, g_variant_new_string ("local")); routes_arr[iface_get_config->iproutes_len] = route_new; ++iface_get_config->iproutes_len; gcp_data->success = TRUE; iface_done: --iface_data->n_fips_pending; if (iface_data->n_fips_pending == 0) { nm_g_slice_free (iface_data); --gcp_data->n_ifaces_pending; _get_config_maybe_task_return (gcp_data, g_steal_pointer (&error)); } } static void _get_config_ips_list_cb (GObject *source, GAsyncResult *result, gpointer user_data) { gs_unref_ptrarray GPtrArray *uri_arr = NULL; gs_unref_bytes GBytes *response = NULL; GCPIfaceData *iface_data = user_data; gs_free_error GError *error = NULL; const char *response_str = NULL; gsize response_len; GCPData *gcp_data; const char *line; gsize line_len; guint i; gcp_data = iface_data->gcp_data; nm_http_client_poll_get_finish (NM_HTTP_CLIENT (source), result, NULL, &response, &error); if (error) goto fips_error; uri_arr = g_ptr_array_new_with_free_func (g_free); response_str = g_bytes_get_data (response, &response_len); while (nm_utils_parse_next_line (&response_str, &response_len, &line, &line_len)) { nm_auto_free_gstring GString *gstr = NULL; gint64 fip_index; gstr = g_string_new_len (line, line_len); fip_index = _nm_utils_ascii_str_to_int64 (gstr->str, 10, 0, G_MAXINT64, -1); if (fip_index < 0) { continue; } g_string_printf (gstr, "%"G_GSSIZE_FORMAT"/forwarded-ips/%"G_GINT64_FORMAT, iface_data->iface_idx, fip_index); g_ptr_array_add (uri_arr, g_string_free (g_steal_pointer (&gstr), FALSE)); } iface_data->n_fips_pending = uri_arr->len; _LOGI ("GCP interface[%"G_GSSIZE_FORMAT"]: found %u forwarded ips", iface_data->iface_idx, iface_data->n_fips_pending); if (iface_data->n_fips_pending == 0) { error = nm_utils_error_new (NM_UTILS_ERROR_UNKNOWN, "found no forwarded ip"); goto fips_error; } iface_data->iface_get_config->iproutes_arr = g_new (NMIPRoute *, iface_data->n_fips_pending); for (i = 0; i < uri_arr->len; ++i) { const char *str = uri_arr->pdata[i]; gs_free const char *uri = NULL; nm_http_client_poll_get (NM_HTTP_CLIENT (source), (uri = _gcp_uri_interfaces (str)), HTTP_TIMEOUT_MS, HTTP_REQ_MAX_DATA, HTTP_POLL_TIMEOUT_MS, HTTP_RATE_LIMIT_MS, NM_MAKE_STRV (NM_GCP_METADATA_HEADER), g_task_get_cancellable (gcp_data->config_data->task), NULL, NULL, _get_config_fip_cb, iface_data); } return; fips_error: nm_g_slice_free (iface_data); --gcp_data->n_ifaces_pending; _get_config_maybe_task_return (gcp_data, g_steal_pointer (&error)); } static void _get_config_iface_cb (GObject *source, GAsyncResult *result, gpointer user_data) { gs_unref_bytes GBytes *response = NULL; GCPIfaceData *iface_data = user_data; gs_free_error GError *error = NULL; gs_free const char *hwaddr = NULL; gs_free const char *uri = NULL; gs_free char *str = NULL; GCPData *gcp_data; gcp_data = iface_data->gcp_data; nm_http_client_poll_get_finish (NM_HTTP_CLIENT (source), result, NULL, &response, &error); if (error) goto iface_error; hwaddr = nmcs_utils_hwaddr_normalize (g_bytes_get_data (response, NULL), -1); iface_data->iface_get_config = g_hash_table_lookup (gcp_data->config_data->result_dict, hwaddr); if (!iface_data->iface_get_config) { _LOGI ("GCP interface[%"G_GSSIZE_FORMAT"]: did not find a matching device", iface_data->iface_idx); error = nm_utils_error_new (NM_UTILS_ERROR_UNKNOWN, "no matching hwaddr found for GCP interface"); goto iface_error; } _LOGI ("GCP interface[%"G_GSSIZE_FORMAT"]: found a matching device with hwaddr %s", iface_data->iface_idx, hwaddr); str = g_strdup_printf ("%"G_GSSIZE_FORMAT"/forwarded-ips/", iface_data->iface_idx); nm_http_client_poll_get (NM_HTTP_CLIENT (source), (uri = _gcp_uri_interfaces (str)), HTTP_TIMEOUT_MS, HTTP_REQ_MAX_DATA, HTTP_POLL_TIMEOUT_MS, HTTP_RATE_LIMIT_MS, NM_MAKE_STRV (NM_GCP_METADATA_HEADER), g_task_get_cancellable (gcp_data->config_data->task), NULL, NULL, _get_config_ips_list_cb, iface_data); return; iface_error: nm_g_slice_free (iface_data); --gcp_data->n_ifaces_pending; _get_config_maybe_task_return (gcp_data, g_steal_pointer (&error)); } static void _get_net_ifaces_list_cb (GObject *source, GAsyncResult *result, gpointer user_data) { gs_unref_ptrarray GPtrArray *ifaces_arr = NULL; nm_auto_free_gstring GString *gstr = NULL; gs_unref_bytes GBytes *response = NULL; gs_free_error GError *error = NULL; GCPData *gcp_data = user_data; const char *response_str; const char *token_start; const char *token_end; gsize response_len; const char *line; gsize line_len; guint i; nm_http_client_poll_get_finish (NM_HTTP_CLIENT (source), result, NULL, &response, &error); if (error) { _get_config_maybe_task_return (gcp_data, g_steal_pointer (&error)); return; } response_str = g_bytes_get_data (response, &response_len); ifaces_arr = g_ptr_array_new (); gstr = g_string_new (NULL); while (nm_utils_parse_next_line (&response_str, &response_len, &line, &line_len)) { GCPIfaceData *iface_data; gssize iface_idx; token_start = line; token_end = memchr (token_start, '/', line_len); if (!token_end) continue; g_string_truncate (gstr, 0); g_string_append_len (gstr, token_start, token_end - token_start); iface_idx = _nm_utils_ascii_str_to_int64 (gstr->str, 10, 0, G_MAXSSIZE, -1); if (iface_idx < 0) continue; iface_data = g_slice_new (GCPIfaceData); *iface_data = (GCPIfaceData) { .iface_get_config = NULL, .gcp_data = gcp_data, .iface_idx = iface_idx, .n_fips_pending = 0, }; g_ptr_array_add (ifaces_arr, iface_data); } gcp_data->n_ifaces_pending = ifaces_arr->len; _LOGI ("found GCP interfaces: %u", ifaces_arr->len); for (i = 0; i < ifaces_arr->len; ++i) { GCPIfaceData *data = ifaces_arr->pdata[i]; gs_free const char *uri = NULL; _LOGD ("GCP interface[%"G_GSSIZE_FORMAT"]: retrieving configuration", data->iface_idx); g_string_printf (gstr, "%"G_GSSIZE_FORMAT"/mac", data->iface_idx); nm_http_client_poll_get (NM_HTTP_CLIENT (source), (uri = _gcp_uri_interfaces (gstr->str)), HTTP_TIMEOUT_MS, HTTP_REQ_MAX_DATA, HTTP_POLL_TIMEOUT_MS, HTTP_RATE_LIMIT_MS, NM_MAKE_STRV (NM_GCP_METADATA_HEADER), g_task_get_cancellable (gcp_data->config_data->task), NULL, NULL, _get_config_iface_cb, data); } if (ifaces_arr->len == 0) { error = nm_utils_error_new (NM_UTILS_ERROR_UNKNOWN, "no GCP interfaces found"); _get_config_maybe_task_return (gcp_data, g_steal_pointer (&error)); } } static void get_config (NMCSProvider *provider, NMCSProviderGetConfigTaskData *get_config_data) { gs_free const char *uri = NULL; GCPData *gcp_data; gcp_data = g_slice_new (GCPData); *gcp_data = (GCPData) { .config_data = get_config_data, .n_ifaces_pending = 0, .error = NULL, .success = FALSE, }; nm_http_client_poll_get (nmcs_provider_get_http_client (provider), (uri = _gcp_uri_interfaces ()), HTTP_TIMEOUT_MS, HTTP_REQ_MAX_DATA, HTTP_POLL_TIMEOUT_MS, HTTP_RATE_LIMIT_MS, NM_MAKE_STRV (NM_GCP_METADATA_HEADER), g_task_get_cancellable (gcp_data->config_data->task), NULL, NULL, _get_net_ifaces_list_cb, gcp_data); } /*****************************************************************************/ static void nmcs_provider_gcp_init (NMCSProviderGCP *self) { } static void nmcs_provider_gcp_class_init (NMCSProviderGCPClass *klass) { NMCSProviderClass *provider_class = NMCS_PROVIDER_CLASS (klass); provider_class->_name = "GCP"; provider_class->_env_provider_enabled = NMCS_ENV_VARIABLE ("NM_CLOUD_SETUP_GCP"); provider_class->detect = detect; provider_class->get_config = get_config; }