ApplianceImplPrivate.h@ 59669

Last change on this file since 59669 was 59669, checked in by vboxsync, 9 years ago
ApplianceImplImport.cpp: started on certificate validation.
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 14.1 KB

Line
1	/* $Id: ApplianceImplPrivate.h 59669 2016-02-15 00:36:48Z vboxsync $ */
2	/** @file
3	* VirtualBox Appliance private data definitions
4	*/
5
6	/*
7	* Copyright (C) 2006-2013 Oracle Corporation
8	*
9	* This file is part of VirtualBox Open Source Edition (OSE), as
10	* available from http://www.virtualbox.org. This file is free software;
11	* you can redistribute it and/or modify it under the terms of the GNU
12	* General Public License (GPL) as published by the Free Software
13	* Foundation, in version 2 as it comes in the "COPYING" file of the
14	* VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15	* hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16	*/
17
18	#ifndef ____H_APPLIANCEIMPLPRIVATE
19	#define ____H_APPLIANCEIMPLPRIVATE
20
21	class VirtualSystemDescription;
22
23	#include "ovfreader.h"
24	#include "SecretKeyStore.h"
25	#include "ThreadTask.h"
26	#include <map>
27	#include <vector>
28	#include <iprt/manifest.h>
29	#include <iprt/vfs.h>
30	#include <iprt/crypto/x509.h>
31
32	////////////////////////////////////////////////////////////////////////////////
33	//
34	// Appliance data definition
35	//
36	////////////////////////////////////////////////////////////////////////////////
37
38	typedef std::pair<Utf8Str, Utf8Str> STRPAIR;
39
40	typedef std::vector<com::Guid> GUIDVEC;
41
42	/* Describe a location for the import/export. The location could be a file on a
43	* local hard disk or a remote target based on the supported inet protocols. */
44	struct LocationInfo
45	{
46	LocationInfo()
47	: storageType(VFSType_File) {}
48	VFSType_T storageType; /* Which type of storage should be handled */
49	Utf8Str strPath; /* File path for the import/export */
50	Utf8Str strHostname; /* Hostname on remote storage locations (could be empty) */
51	Utf8Str strUsername; /* Username on remote storage locations (could be empty) */
52	Utf8Str strPassword; /* Password on remote storage locations (could be empty) */
53	};
54
55	// opaque private instance data of Appliance class
56	struct Appliance::Data
57	{
58	enum ApplianceState { ApplianceIdle, ApplianceImporting, ApplianceExporting };
59	enum digest_T {SHA1, SHA256};
60
61	Data()
62	: state(ApplianceIdle)
63	, fDigestTypes(0)
64	, hOurManifest(NIL_RTMANIFEST)
65	, fManifest(true)
66	, fSha256(false)
67	, fDeterminedDigestTypes(false)
68	, hTheirManifest(NIL_RTMANIFEST)
69	, hMemFileTheirManifest(NIL_RTVFSFILE)
70	, fSignerCertLoaded(false)
71	, fCertificateValid(false)
72	, fSignatureValid(false)
73	, pbSignedDigest(NULL)
74	, cbSignedDigest(0)
75	, enmSignedDigestType(RTDIGESTTYPE_INVALID)
76	, fExportISOImages(false)
77	, pReader(NULL)
78	, ulWeightForXmlOperation(0)
79	, ulWeightForManifestOperation(0)
80	, ulTotalDisksMB(0)
81	, cDisks(0)
82	, m_cPwProvided(0)
83	{
84	}
85
86	~Data()
87	{
88	if (pReader)
89	{
90	delete pReader;
91	pReader = NULL;
92	}
93	resetReadData();
94	}
95
96	/**
97	* Resets data used by read.
98	*/
99	void resetReadData(void)
100	{
101	strOvfManifestEntry.setNull();
102	if (hOurManifest != NIL_RTMANIFEST)
103	{
104	RTManifestRelease(hOurManifest);
105	hOurManifest = NIL_RTMANIFEST;
106	}
107	if (hTheirManifest != NIL_RTMANIFEST)
108	{
109	RTManifestRelease(hTheirManifest);
110	hTheirManifest = NIL_RTMANIFEST;
111	}
112	if (hMemFileTheirManifest)
113	{
114	RTVfsFileRelease(hMemFileTheirManifest);
115	hMemFileTheirManifest = NIL_RTVFSFILE;
116	}
117	if (pbSignedDigest)
118	{
119	RTMemFree(pbSignedDigest);
120	pbSignedDigest = NULL;
121	cbSignedDigest = 0;
122	}
123	if (fSignerCertLoaded)
124	{
125	RTCrX509Certificate_Delete(&SignerCert);
126	fSignerCertLoaded = false;
127	}
128	enmSignedDigestType = RTDIGESTTYPE_INVALID;
129	fSignatureValid = false;
130	fCertificateValid = false;
131	fDeterminedDigestTypes = false;
132	fDigestTypes = RTMANIFEST_ATTR_SHA1 \| RTMANIFEST_ATTR_SHA256 \| RTMANIFEST_ATTR_SHA512;
133	}
134
135	ApplianceState state;
136
137	LocationInfo locInfo; // location info for the currently processed OVF
138	/** The digests types to calculate (RTMANIFEST_ATTR_XXX) for the manifest.
139	* This will be a single value when exporting. Zero, one or two. */
140	uint32_t fDigestTypes;
141	/** Manifest created while importing or exporting. */
142	RTMANIFEST hOurManifest;
143
144	/** @name Write data
145	* @{ */
146	bool fManifest; // Create a manifest file on export
147	bool fSha256; // true = SHA256 (OVF 2.0), false = SHA1 (OVF 1.0)
148	/** @} */
149
150	/** @name Read data
151	* @{ */
152	/** The manifest entry name of the OVF-file. */
153	Utf8Str strOvfManifestEntry;
154
155	/** Set if we've parsed the manifest and determined the digest types. */
156	bool fDeterminedDigestTypes;
157
158	/** Manifest read in during read() and kept around for later verification. */
159	RTMANIFEST hTheirManifest;
160	/** Memorized copy of the manifest file for signature checking purposes. */
161	RTVFSFILE hMemFileTheirManifest;
162
163	/** The signer certificate from the signature fiel (.cert).
164	* This will be used in the future provide information about the signer via
165	* the API. */
166	RTCRX509CERTIFICATE SignerCert;
167	/** Set if the SignerCert member contains usable data. */
168	bool fSignerCertLoaded;
169	/** Set by read() when the SignerCert checked out fine. */
170	bool fCertificateValid;
171	/** Set by read() if pbSignedDigest verified correctly against SignerCert. */
172	bool fSignatureValid;
173	/** The signed digest of the manifest. */
174	uint8_t *pbSignedDigest;
175	/** The size of the signed digest. */
176	size_t cbSignedDigest;
177	/** The digest type used to sign the manifest. */
178	RTDIGESTTYPE enmSignedDigestType;
179	/** @} */
180
181	bool fExportISOImages;// when 1 the ISO images are exported
182
183	RTCList<ImportOptions_T> optListImport;
184	RTCList<ExportOptions_T> optListExport;
185
186	ovf::OVFReader *pReader;
187
188	std::list< ComObjPtr<VirtualSystemDescription> >
189	virtualSystemDescriptions;
190
191	std::list<Utf8Str> llWarnings;
192
193	ULONG ulWeightForXmlOperation;
194	ULONG ulWeightForManifestOperation;
195	ULONG ulTotalDisksMB;
196	ULONG cDisks;
197
198	std::list<Guid> llGuidsMachinesCreated;
199
200	/** Sequence of password identifiers to encrypt disk images during export. */
201	std::vector<com::Utf8Str> m_vecPasswordIdentifiers;
202	/** Map to get all medium identifiers assoicated with a given password identifier. */
203	std::map<com::Utf8Str, GUIDVEC> m_mapPwIdToMediumIds;
204	/** Secret key store used to hold the passwords during export. */
205	SecretKeyStore *m_pSecretKeyStore;
206	/** Number of passwords provided. */
207	uint32_t m_cPwProvided;
208	};
209
210	struct Appliance::XMLStack
211	{
212	std::map<Utf8Str, const VirtualSystemDescriptionEntry*> mapDisks;
213	std::map<Utf8Str, bool> mapNetworks;
214	};
215
216	class Appliance::TaskOVF: public ThreadTask
217	{
218	public:
219	enum TaskType
220	{
221	Read,
222	Import,
223	Write
224	};
225
226	TaskOVF(Appliance *aThat,
227	TaskType aType,
228	LocationInfo aLocInfo,
229	ComObjPtr<Progress> &aProgress)
230	: ThreadTask("TaskOVF"),
231	pAppliance(aThat),
232	taskType(aType),
233	locInfo(aLocInfo),
234	pProgress(aProgress),
235	enFormat(ovf::OVFVersion_unknown),
236	rc(S_OK)
237	{
238	switch (taskType)
239	{
240	case TaskOVF::Read: m_strTaskName = "ApplRead"; break;
241	case TaskOVF::Import: m_strTaskName = "ApplImp"; break;
242	case TaskOVF::Write: m_strTaskName = "ApplWrit"; break;
243	default: m_strTaskName = "ApplTask"; break;
244	}
245	}
246
247	static DECLCALLBACK(int) updateProgress(unsigned uPercent, void *pvUser);
248
249	Appliance *pAppliance;
250	TaskType taskType;
251	const LocationInfo locInfo;
252	ComObjPtr<Progress> pProgress;
253
254	ovf::OVFVersion_T enFormat;
255
256	HRESULT rc;
257
258	void handler()
259	{
260	int vrc = Appliance::i_taskThreadImportOrExport(NULL, this); NOREF(vrc);
261	}
262	};
263
264	struct MyHardDiskAttachment
265	{
266	ComPtr<IMachine> pMachine;
267	Bstr controllerType;
268	int32_t lControllerPort; // 0-29 for SATA
269	int32_t lDevice; // IDE: 0 or 1, otherwise 0 always
270	};
271
272	/**
273	* Used by Appliance::importMachineGeneric() to store
274	* input parameters and rollback information.
275	*/
276	struct Appliance::ImportStack
277	{
278	// input pointers
279	const LocationInfo &locInfo; // ptr to location info from Appliance::importFS()
280	Utf8Str strSourceDir; // directory where source files reside
281	const ovf::DiskImagesMap &mapDisks; // ptr to disks map in OVF
282	ComObjPtr<Progress> &pProgress; // progress object passed into Appliance::importFS()
283
284	// input parameters from VirtualSystemDescriptions
285	Utf8Str strNameVBox; // VM name
286	Utf8Str strMachineFolder; // FQ host folder where the VirtualBox machine would be created
287	Utf8Str strOsTypeVBox; // VirtualBox guest OS type as string
288	Utf8Str strDescription;
289	uint32_t cCPUs; // CPU count
290	bool fForceHWVirt; // if true, we force enabling hardware virtualization
291	bool fForceIOAPIC; // if true, we force enabling the IOAPIC
292	uint32_t ulMemorySizeMB; // virtual machine RAM in megabytes
293	#ifdef VBOX_WITH_USB
294	bool fUSBEnabled;
295	#endif
296	Utf8Str strAudioAdapter; // if not empty, then the guest has audio enabled, and this is the decimal
297	// representation of the audio adapter (should always be "0" for AC97 presently)
298
299	// session (not initially created)
300	ComPtr<ISession> pSession; // session opened in Appliance::importFS() for machine manipulation
301	bool fSessionOpen; // true if the pSession is currently open and needs closing
302
303	/** @name File access related stuff (TAR stream)
304	* @{ */
305	/** OVA file system stream handle. NIL if not OVA. */
306	RTVFSFSSTREAM hVfsFssOva;
307	/** OVA lookahead I/O stream object. */
308	RTVFSIOSTREAM hVfsIosOvaLookAhead;
309	/** OVA lookahead I/O stream object name. */
310	char *pszOvaLookAheadName;
311	/** @} */
312
313	// a list of images that we created/imported; this is initially empty
314	// and will be cleaned up on errors
315	std::list<MyHardDiskAttachment> llHardDiskAttachments; // disks that were attached
316	std::map<Utf8Str , Utf8Str> mapNewUUIDsToOriginalUUIDs;
317
318	ImportStack(const LocationInfo &aLocInfo,
319	const ovf::DiskImagesMap &aMapDisks,
320	ComObjPtr<Progress> &aProgress,
321	RTVFSFSSTREAM aVfsFssOva)
322	: locInfo(aLocInfo),
323	mapDisks(aMapDisks),
324	pProgress(aProgress),
325	cCPUs(1),
326	fForceHWVirt(false),
327	fForceIOAPIC(false),
328	ulMemorySizeMB(0),
329	fSessionOpen(false),
330	hVfsFssOva(aVfsFssOva),
331	hVfsIosOvaLookAhead(NIL_RTVFSIOSTREAM),
332	pszOvaLookAheadName(NULL)
333	{
334	if (hVfsFssOva != NIL_RTVFSFSSTREAM)
335	RTVfsFsStrmRetain(hVfsFssOva);
336
337	// disk images have to be on the same place as the OVF file. So
338	// strip the filename out of the full file path
339	strSourceDir = aLocInfo.strPath;
340	strSourceDir.stripFilename();
341	}
342
343	~ImportStack()
344	{
345	if (hVfsFssOva != NIL_RTVFSFSSTREAM)
346	{
347	RTVfsFsStrmRelease(hVfsFssOva);
348	hVfsFssOva = NIL_RTVFSFSSTREAM;
349	}
350	if (hVfsIosOvaLookAhead != NIL_RTVFSIOSTREAM)
351	{
352	RTVfsIoStrmRelease(hVfsIosOvaLookAhead);
353	hVfsIosOvaLookAhead = NIL_RTVFSIOSTREAM;
354	}
355	if (pszOvaLookAheadName)
356	{
357	RTStrFree(pszOvaLookAheadName);
358	pszOvaLookAheadName = NULL;
359	}
360	}
361
362	HRESULT restoreOriginalUUIDOfAttachedDevice(settings::MachineConfigFile *config);
363	HRESULT saveOriginalUUIDOfAttachedDevice(settings::AttachedDevice &device,
364	const Utf8Str &newlyUuid);
365	RTVFSIOSTREAM claimOvaLookAHead(void);
366
367	};
368
369	////////////////////////////////////////////////////////////////////////////////
370	//
371	// VirtualSystemDescription data definition
372	//
373	////////////////////////////////////////////////////////////////////////////////
374
375	struct VirtualSystemDescription::Data
376	{
377	std::vector<VirtualSystemDescriptionEntry>
378	maDescriptions; // item descriptions
379
380	ComPtr<Machine> pMachine; // VirtualBox machine this description was exported from (export only)
381
382	settings::MachineConfigFile
383	*pConfig; // machine config created from <vbox:Machine> element if found (import only)
384	};
385
386	////////////////////////////////////////////////////////////////////////////////
387	//
388	// Internal helpers
389	//
390	////////////////////////////////////////////////////////////////////////////////
391
392	void convertCIMOSType2VBoxOSType(Utf8Str &strType, ovf::CIMOSType_T c, const Utf8Str &cStr);
393
394	ovf::CIMOSType_T convertVBoxOSType2CIMOSType(const char *pcszVBox, BOOL fLongMode);
395
396	Utf8Str convertNetworkAttachmentTypeToString(NetworkAttachmentType_T type);
397
398
399	typedef struct SHASTORAGE
400	{
401	PVDINTERFACE pVDImageIfaces;
402	bool fCreateDigest;
403	bool fSha256; /* false = SHA1 (OVF 1.x), true = SHA256 (OVF 2.0) */
404	Utf8Str strDigest;
405	} SHASTORAGE, *PSHASTORAGE;
406
407	PVDINTERFACEIO ShaCreateInterface();
408	PVDINTERFACEIO FileCreateInterface();
409	PVDINTERFACEIO tarWriterCreateInterface(void);
410
411	int writeBufferToFile(const char pcszFilename, void pvBuf, size_t cbSize, PVDINTERFACEIO pIfIo, void *pvUser);
412
413	#endif // !____H_APPLIANCEIMPLPRIVATE
414

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/VBox/Main/include/ApplianceImplPrivate.h@ 59669

Download in other formats: