sshkeys: Add key management commands

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>

diff --git a/daemon/cmdlistener.rs b/daemon/cmdlistener.rs
index 04d41de31ba9cc690b0aa68842548d798c5da66e..8d48aee8d5698772f1026782649cfd275942b968 100644 (file)
--- a/daemon/cmdlistener.rs
+++ b/daemon/cmdlistener.rs
@@ -136,6 +136,17 @@ fn execute_and_respond<W>(cs: &mut CommandStreamData, cmd: MgmtCommand,
     (r, auth)
   }
 
+  #[throws(MgmtError)]
+  fn start_access_ssh_keys(cs: &CommandStreamData)
+      -> (AccountsGuard, AccountId, Authorisation<AccountScope>)
+  {
+    let ag = AccountsGuard::lock();
+    let wanted = &cs.current_account()?.notional_account;
+    let acctid = ag.check(wanted)?;
+    let auth = authorise_scope_direct(cs, &ag, &wanted.scope)?;
+    (ag, acctid, auth)
+  }
+
   let resp = (|| Ok::<_,MgmtError>(match cmd {
     MC::Noop => Fine,
 
@@ -427,6 +438,22 @@ fn execute_and_respond<W>(cs: &mut CommandStreamData, cmd: MgmtCommand,
       MR::LibraryItems(results)
     }
 
+    MC::SshListKeys => {
+      let (ag, acctid, auth) = start_access_ssh_keys(&cs)?;
+      let list = ag.sshkeys_report(acctid, auth)?;
+      MR::SshKeys(list)
+    }
+    MC::SshAddKey { akl } => {
+      let (mut ag, acctid, auth) = start_access_ssh_keys(&cs)?;
+      let (index, id) = ag.sshkeys_add(acctid, akl, auth)?;
+      MR::SshKey { index, id }
+    }
+    MC::SshDeleteKey { index, id } => {
+      let (mut ag, acctid, auth) = start_access_ssh_keys(&cs)?;
+      ag.sshkeys_remove(acctid, index, id, auth)?;
+      MR::Fine
+    }
+
     MC::LoadFakeRng(ents) => {
       let superuser = cs.superuser()
         .ok_or(ME::SuperuserAuthorisationRequired)?;

diff --git a/src/commands.rs b/src/commands.rs
index 18f69ec50d2985a6c39182b555d5ce8717009701..a0e34236fe3628c351215b98bee62a44b5cfa66a 100644 (file)
--- a/src/commands.rs
+++ b/src/commands.rs
@@ -59,6 +59,10 @@ pub enum MgmtCommand {
     pat: String,
   },
 
+  SshListKeys,
+  SshAddKey { akl: sshkeys::AuthkeysLine },
+  SshDeleteKey { index: usize, id: sshkeys::Id },
+
   LoadFakeRng(Vec<String>),
 }
 
@@ -98,6 +102,8 @@ pub enum MgmtResponse {
   LibraryItems(Vec<ItemEnquiryData>),
   Bundles { bundles: MgmtBundleList },
   Bundle { bundle: bundles::Id },
+  SshKeys(Vec<sshkeys::MgmtKeyReport>),
+  SshKey { index: usize, id: sshkeys::Id },
 }
 
 pub type MgmtBundleList = BTreeMap<bundles::Id, bundles::State>;

diff --git a/src/mgmtchannel.rs b/src/mgmtchannel.rs
index f19a5aab827262ae382fc01744a288482ff22af2..5682a0fd0c55fbc8f3ee181bda189e0808142b8e 100644 (file)
--- a/src/mgmtchannel.rs
+++ b/src/mgmtchannel.rs
@@ -114,6 +114,7 @@ impl MgmtChannel {
       Progress(_) => panic!(),
       Fine | AccountsList{..} | GamesList{..} |
       Libraries(_) | LibraryItems(_) | Bundles{..} | Bundle{..} => { },
+      SshKeys(..) | SshKey{..} => { },
       AlterGame { error: None, .. } => { },
       Error { error } => {
         Err(error.clone()).context(