| /* |
| * QEMU Guest Agent win32-specific command implementations for SSH keys. |
| * The implementation is opinionated and expects the SSH implementation to |
| * be OpenSSH. |
| * |
| * Copyright Schweitzer Engineering Laboratories. 2024 |
| * |
| * Authors: |
| * Aidan Leuck <aidan_leuck@selinc.com> |
| * |
| * This work is licensed under the terms of the GNU GPL, version 2 or later. |
| * See the COPYING file in the top-level directory. |
| */ |
| |
| #include "qemu/osdep.h" |
| #include <aclapi.h> |
| #include <qga-qapi-types.h> |
| |
| #include "commands-common-ssh.h" |
| #include "commands-windows-ssh.h" |
| #include "guest-agent-core.h" |
| #include "limits.h" |
| #include "lmaccess.h" |
| #include "lmapibuf.h" |
| #include "lmerr.h" |
| #include "qapi/error.h" |
| |
| #include "qga-qapi-commands.h" |
| #include "sddl.h" |
| #include "shlobj.h" |
| #include "userenv.h" |
| |
| #define AUTHORIZED_KEY_FILE "authorized_keys" |
| #define AUTHORIZED_KEY_FILE_ADMIN "administrators_authorized_keys" |
| #define LOCAL_SYSTEM_SID "S-1-5-18" |
| #define ADMIN_SID "S-1-5-32-544" |
| |
| /* |
| * Frees userInfo structure. This implements the g_auto cleanup |
| * for the structure. |
| */ |
| void free_userInfo(PWindowsUserInfo info) |
| { |
| g_free(info->sshDirectory); |
| g_free(info->authorizedKeyFile); |
| LocalFree(info->SSID); |
| g_free(info->username); |
| g_free(info); |
| } |
| |
| /* |
| * Gets the admin SSH folder for OpenSSH. OpenSSH does not store |
| * the authorized_key file in the users home directory for security reasons and |
| * instead stores it at %PROGRAMDATA%/ssh. This function returns the path to |
| * that directory on the users machine |
| * |
| * parameters: |
| * errp -> error structure to set when an error occurs |
| * returns: The path to the ssh folder in %PROGRAMDATA% or NULL if an error |
| * occurred. |
| */ |
| static char *get_admin_ssh_folder(Error **errp) |
| { |
| /* Allocate memory for the program data path */ |
| g_autofree char *programDataPath = NULL; |
| char *authkeys_path = NULL; |
| PWSTR pgDataW = NULL; |
| g_autoptr(GError) gerr = NULL; |
| |
| /* Get the KnownFolderPath on the machine. */ |
| HRESULT folderResult = |
| SHGetKnownFolderPath(&FOLDERID_ProgramData, 0, NULL, &pgDataW); |
| if (folderResult != S_OK) { |
| error_setg(errp, "Failed to retrieve ProgramData folder"); |
| return NULL; |
| } |
| |
| /* Convert from a wide string back to a standard character string. */ |
| programDataPath = g_utf16_to_utf8(pgDataW, -1, NULL, NULL, &gerr); |
| CoTaskMemFree(pgDataW); |
| if (!programDataPath) { |
| error_setg(errp, |
| "Failed converting ProgramData folder path to UTF-16 %s", |
| gerr->message); |
| return NULL; |
| } |
| |
| /* Build the path to the file. */ |
| authkeys_path = g_build_filename(programDataPath, "ssh", NULL); |
| return authkeys_path; |
| } |
| |
| /* |
| * Gets the path to the SSH folder for the specified user. If the user is an |
| * admin it returns the ssh folder located at %PROGRAMDATA%/ssh. If the user is |
| * not an admin it returns %USERPROFILE%/.ssh |
| * |
| * parameters: |
| * username -> Username to get the SSH folder for |
| * isAdmin -> Whether the user is an admin or not |
| * errp -> Error structure to set any errors that occur. |
| * returns: path to the ssh folder as a string. |
| */ |
| static char *get_ssh_folder(const char *username, const bool isAdmin, |
| Error **errp) |
| { |
| DWORD maxSize = MAX_PATH; |
| g_autofree char *profilesDir = g_new0(char, maxSize); |
| |
| if (isAdmin) { |
| return get_admin_ssh_folder(errp); |
| } |
| |
| /* If not an Admin the SSH key is in the user directory. */ |
| /* Get the user profile directory on the machine. */ |
| BOOL ret = GetProfilesDirectory(profilesDir, &maxSize); |
| if (!ret) { |
| error_setg_win32(errp, GetLastError(), |
| "failed to retrieve profiles directory"); |
| return NULL; |
| } |
| |
| /* Builds the filename */ |
| return g_build_filename(profilesDir, username, ".ssh", NULL); |
| } |
| |
| /* |
| * Creates an entry for the user so they can access the ssh folder in their |
| * userprofile. |
| * |
| * parameters: |
| * userInfo -> Information about the current user |
| * pACL -> Pointer to an ACL structure |
| * errp -> Error structure to set any errors that occur |
| * returns -> 1 on success, 0 otherwise |
| */ |
| static bool create_acl_user(PWindowsUserInfo userInfo, PACL *pACL, Error **errp) |
| { |
| const int aclSize = 1; |
| PACL newACL = NULL; |
| EXPLICIT_ACCESS eAccess[1]; |
| PSID userPSID = NULL; |
| |
| /* Get a pointer to the internal SID object in Windows */ |
| bool converted = ConvertStringSidToSid(userInfo->SSID, &userPSID); |
| if (!converted) { |
| error_setg_win32(errp, GetLastError(), "failed to retrieve user %s SID", |
| userInfo->username); |
| goto error; |
| } |
| |
| /* Set the permissions for the user. */ |
| eAccess[0].grfAccessPermissions = GENERIC_ALL; |
| eAccess[0].grfAccessMode = SET_ACCESS; |
| eAccess[0].grfInheritance = NO_INHERITANCE; |
| eAccess[0].Trustee.TrusteeForm = TRUSTEE_IS_SID; |
| eAccess[0].Trustee.TrusteeType = TRUSTEE_IS_USER; |
| eAccess[0].Trustee.ptstrName = (LPTSTR)userPSID; |
| |
| /* Set the ACL entries */ |
| DWORD setResult; |
| |
| /* |
| * If we are given a pointer that is already initialized, then we can merge |
| * the existing entries instead of overwriting them. |
| */ |
| if (*pACL) { |
| setResult = SetEntriesInAcl(aclSize, eAccess, *pACL, &newACL); |
| } else { |
| setResult = SetEntriesInAcl(aclSize, eAccess, NULL, &newACL); |
| } |
| |
| if (setResult != ERROR_SUCCESS) { |
| error_setg_win32(errp, GetLastError(), |
| "failed to set ACL entries for user %s %lu", |
| userInfo->username, setResult); |
| goto error; |
| } |
| |
| /* Free any old memory since we are going to overwrite the users pointer. */ |
| LocalFree(*pACL); |
| *pACL = newACL; |
| |
| LocalFree(userPSID); |
| return true; |
| error: |
| LocalFree(userPSID); |
| return false; |
| } |
| |
| /* |
| * Creates a base ACL for both normal users and admins to share |
| * pACL -> Pointer to an ACL structure |
| * errp -> Error structure to set any errors that occur |
| * returns: 1 on success, 0 otherwise |
| */ |
| static bool create_acl_base(PACL *pACL, Error **errp) |
| { |
| PSID adminGroupPSID = NULL; |
| PSID systemPSID = NULL; |
| |
| const int aclSize = 2; |
| EXPLICIT_ACCESS eAccess[2]; |
| |
| /* Create an entry for the system user. */ |
| const char *systemSID = LOCAL_SYSTEM_SID; |
| bool converted = ConvertStringSidToSid(systemSID, &systemPSID); |
| if (!converted) { |
| error_setg_win32(errp, GetLastError(), "failed to retrieve system SID"); |
| goto error; |
| } |
| |
| /* set permissions for system user */ |
| eAccess[0].grfAccessPermissions = GENERIC_ALL; |
| eAccess[0].grfAccessMode = SET_ACCESS; |
| eAccess[0].grfInheritance = NO_INHERITANCE; |
| eAccess[0].Trustee.TrusteeForm = TRUSTEE_IS_SID; |
| eAccess[0].Trustee.TrusteeType = TRUSTEE_IS_USER; |
| eAccess[0].Trustee.ptstrName = (LPTSTR)systemPSID; |
| |
| /* Create an entry for the admin user. */ |
| const char *adminSID = ADMIN_SID; |
| converted = ConvertStringSidToSid(adminSID, &adminGroupPSID); |
| if (!converted) { |
| error_setg_win32(errp, GetLastError(), "failed to retrieve Admin SID"); |
| goto error; |
| } |
| |
| /* Set permissions for admin group. */ |
| eAccess[1].grfAccessPermissions = GENERIC_ALL; |
| eAccess[1].grfAccessMode = SET_ACCESS; |
| eAccess[1].grfInheritance = NO_INHERITANCE; |
| eAccess[1].Trustee.TrusteeForm = TRUSTEE_IS_SID; |
| eAccess[1].Trustee.TrusteeType = TRUSTEE_IS_GROUP; |
| eAccess[1].Trustee.ptstrName = (LPTSTR)adminGroupPSID; |
| |
| /* Put the entries in an ACL object. */ |
| PACL pNewACL = NULL; |
| DWORD setResult; |
| |
| /* |
| *If we are given a pointer that is already initialized, then we can merge |
| *the existing entries instead of overwriting them. |
| */ |
| if (*pACL) { |
| setResult = SetEntriesInAcl(aclSize, eAccess, *pACL, &pNewACL); |
| } else { |
| setResult = SetEntriesInAcl(aclSize, eAccess, NULL, &pNewACL); |
| } |
| |
| if (setResult != ERROR_SUCCESS) { |
| error_setg_win32(errp, GetLastError(), |
| "failed to set base ACL entries for system user and " |
| "admin group %lu", |
| setResult); |
| goto error; |
| } |
| |
| LocalFree(adminGroupPSID); |
| LocalFree(systemPSID); |
| |
| /* Free any old memory since we are going to overwrite the users pointer. */ |
| LocalFree(*pACL); |
| |
| *pACL = pNewACL; |
| |
| return true; |
| |
| error: |
| LocalFree(adminGroupPSID); |
| LocalFree(systemPSID); |
| return false; |
| } |
| |
| /* |
| * Sets the access control on the authorized_keys file and any ssh folders that |
| * need to be created. For administrators the required permissions on the |
| * file/folders are that only administrators and the LocalSystem account can |
| * access the folders. For normal user accounts only the specified user, |
| * LocalSystem and Administrators can have access to the key. |
| * |
| * parameters: |
| * userInfo -> pointer to structure that contains information about the user |
| * PACL -> pointer to an access control structure that will be set upon |
| * successful completion of the function. |
| * errp -> error structure that will be set upon error. |
| * returns: 1 upon success 0 upon failure. |
| */ |
| static bool create_acl(PWindowsUserInfo userInfo, PACL *pACL, Error **errp) |
| { |
| /* |
| * Creates a base ACL that both admins and users will share |
| * This adds the Administrators group and the SYSTEM group |
| */ |
| if (!create_acl_base(pACL, errp)) { |
| return false; |
| } |
| |
| /* |
| * If the user is not an admin give the user creating the key permission to |
| * access the file. |
| */ |
| if (!userInfo->isAdmin) { |
| if (!create_acl_user(userInfo, pACL, errp)) { |
| return false; |
| } |
| |
| return true; |
| } |
| |
| return true; |
| } |
| /* |
| * Create the SSH directory for the user and d sets appropriate permissions. |
| * In general the directory will be %PROGRAMDATA%/ssh if the user is an admin. |
| * %USERPOFILE%/.ssh if not an admin |
| * |
| * parameters: |
| * userInfo -> Contains information about the user |
| * errp -> Structure that will contain errors if the function fails. |
| * returns: zero upon failure, 1 upon success |
| */ |
| static bool create_ssh_directory(WindowsUserInfo *userInfo, Error **errp) |
| { |
| PACL pNewACL = NULL; |
| g_autofree PSECURITY_DESCRIPTOR pSD = NULL; |
| |
| /* Gets the appropriate ACL for the user */ |
| if (!create_acl(userInfo, &pNewACL, errp)) { |
| goto error; |
| } |
| |
| /* Allocate memory for a security descriptor */ |
| pSD = g_malloc(SECURITY_DESCRIPTOR_MIN_LENGTH); |
| if (!InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION)) { |
| error_setg_win32(errp, GetLastError(), |
| "Failed to initialize security descriptor"); |
| goto error; |
| } |
| |
| /* Associate the security descriptor with the ACL permissions. */ |
| if (!SetSecurityDescriptorDacl(pSD, TRUE, pNewACL, FALSE)) { |
| error_setg_win32(errp, GetLastError(), |
| "Failed to set security descriptor ACL"); |
| goto error; |
| } |
| |
| /* Set the security attributes on the folder */ |
| SECURITY_ATTRIBUTES sAttr; |
| sAttr.bInheritHandle = FALSE; |
| sAttr.nLength = sizeof(SECURITY_ATTRIBUTES); |
| sAttr.lpSecurityDescriptor = pSD; |
| |
| /* Create the directory with the created permissions */ |
| BOOL created = CreateDirectory(userInfo->sshDirectory, &sAttr); |
| if (!created) { |
| error_setg_win32(errp, GetLastError(), "failed to create directory %s", |
| userInfo->sshDirectory); |
| goto error; |
| } |
| |
| /* Free memory */ |
| LocalFree(pNewACL); |
| return true; |
| error: |
| LocalFree(pNewACL); |
| return false; |
| } |
| |
| /* |
| * Sets permissions on the authorized_key_file that is created. |
| * |
| * parameters: userInfo -> Information about the user |
| * errp -> error structure that will contain errors upon failure |
| * returns: 1 upon success, zero upon failure. |
| */ |
| static bool set_file_permissions(PWindowsUserInfo userInfo, Error **errp) |
| { |
| PACL pACL = NULL; |
| PSID userPSID = NULL; |
| |
| /* Creates the access control structure */ |
| if (!create_acl(userInfo, &pACL, errp)) { |
| goto error; |
| } |
| |
| /* Get the PSID structure for the user based off the string SID. */ |
| bool converted = ConvertStringSidToSid(userInfo->SSID, &userPSID); |
| if (!converted) { |
| error_setg_win32(errp, GetLastError(), "failed to retrieve user %s SID", |
| userInfo->username); |
| goto error; |
| } |
| |
| /* Prevents permissions from being inherited and use the DACL provided. */ |
| const SE_OBJECT_TYPE securityBitFlags = |
| DACL_SECURITY_INFORMATION | PROTECTED_DACL_SECURITY_INFORMATION; |
| |
| /* Set the ACL on the file. */ |
| if (SetNamedSecurityInfo(userInfo->authorizedKeyFile, SE_FILE_OBJECT, |
| securityBitFlags, userPSID, NULL, pACL, |
| NULL) != ERROR_SUCCESS) { |
| error_setg_win32(errp, GetLastError(), |
| "failed to set file security for file %s", |
| userInfo->authorizedKeyFile); |
| goto error; |
| } |
| |
| LocalFree(pACL); |
| LocalFree(userPSID); |
| return true; |
| |
| error: |
| LocalFree(pACL); |
| LocalFree(userPSID); |
| |
| return false; |
| } |
| |
| /* |
| * Writes the specified keys to the authenticated keys file. |
| * parameters: |
| * userInfo: Information about the user we are writing the authkeys file to. |
| * authkeys: Array of keys to write to disk |
| * errp: Error structure that will contain any errors if they occur. |
| * returns: 1 if successful, 0 otherwise. |
| */ |
| static bool write_authkeys(WindowsUserInfo *userInfo, GStrv authkeys, |
| Error **errp) |
| { |
| g_autofree char *contents = NULL; |
| g_autoptr(GError) err = NULL; |
| |
| contents = g_strjoinv("\n", authkeys); |
| |
| if (!g_file_set_contents(userInfo->authorizedKeyFile, contents, -1, &err)) { |
| error_setg(errp, "failed to write to '%s': %s", |
| userInfo->authorizedKeyFile, err->message); |
| return false; |
| } |
| |
| if (!set_file_permissions(userInfo, errp)) { |
| return false; |
| } |
| |
| return true; |
| } |
| |
| /* |
| * Retrieves information about a Windows user by their username |
| * |
| * parameters: |
| * userInfo -> Double pointer to a WindowsUserInfo structure. Upon success, it |
| * will be allocated with information about the user and need to be freed. |
| * username -> Name of the user to lookup. |
| * errp -> Contains any errors that occur. |
| * returns: 1 upon success, 0 upon failure. |
| */ |
| static bool get_user_info(PWindowsUserInfo *userInfo, const char *username, |
| Error **errp) |
| { |
| DWORD infoLevel = 4; |
| LPUSER_INFO_4 uBuf = NULL; |
| g_autofree wchar_t *wideUserName = NULL; |
| g_autoptr(GError) gerr = NULL; |
| PSID psid = NULL; |
| |
| /* |
| * Converts a string to a Windows wide string since the GetNetUserInfo |
| * function requires it. |
| */ |
| wideUserName = g_utf8_to_utf16(username, -1, NULL, NULL, &gerr); |
| if (!wideUserName) { |
| goto error; |
| } |
| |
| /* allocate data */ |
| PWindowsUserInfo uData = g_new0(WindowsUserInfo, 1); |
| |
| /* Set pointer so it can be cleaned up by the callee, even upon error. */ |
| *userInfo = uData; |
| |
| /* Find the information */ |
| NET_API_STATUS result = |
| NetUserGetInfo(NULL, wideUserName, infoLevel, (LPBYTE *)&uBuf); |
| if (result != NERR_Success) { |
| /* Give a friendlier error message if the user was not found. */ |
| if (result == NERR_UserNotFound) { |
| error_setg(errp, "User %s was not found", username); |
| goto error; |
| } |
| |
| error_setg(errp, |
| "Received unexpected error when asking for user info: Error " |
| "Code %lu", |
| result); |
| goto error; |
| } |
| |
| /* Get information from the buffer returned by NetUserGetInfo. */ |
| uData->username = g_strdup(username); |
| uData->isAdmin = uBuf->usri4_priv == USER_PRIV_ADMIN; |
| psid = uBuf->usri4_user_sid; |
| |
| char *sidStr = NULL; |
| |
| /* |
| * We store the string representation of the SID not SID structure in |
| * memory. Callees wanting to use the SID structure should call |
| * ConvertStringSidToSID. |
| */ |
| if (!ConvertSidToStringSid(psid, &sidStr)) { |
| error_setg_win32(errp, GetLastError(), |
| "failed to get SID string for user %s", username); |
| goto error; |
| } |
| |
| /* Store the SSID */ |
| uData->SSID = sidStr; |
| |
| /* Get the SSH folder for the user. */ |
| char *sshFolder = get_ssh_folder(username, uData->isAdmin, errp); |
| if (sshFolder == NULL) { |
| goto error; |
| } |
| |
| /* Get the authorized key file path */ |
| const char *authorizedKeyFile = |
| uData->isAdmin ? AUTHORIZED_KEY_FILE_ADMIN : AUTHORIZED_KEY_FILE; |
| char *authorizedKeyPath = |
| g_build_filename(sshFolder, authorizedKeyFile, NULL); |
| uData->sshDirectory = sshFolder; |
| uData->authorizedKeyFile = authorizedKeyPath; |
| |
| /* Free */ |
| NetApiBufferFree(uBuf); |
| return true; |
| error: |
| if (uBuf) { |
| NetApiBufferFree(uBuf); |
| } |
| |
| return false; |
| } |
| |
| /* |
| * Gets the list of authorized keys for a user. |
| * |
| * parameters: |
| * username -> Username to retrieve the keys for. |
| * errp -> Error structure that will display any errors through QMP. |
| * returns: List of keys associated with the user. |
| */ |
| GuestAuthorizedKeys *qmp_guest_ssh_get_authorized_keys(const char *username, |
| Error **errp) |
| { |
| GuestAuthorizedKeys *keys = NULL; |
| g_auto(GStrv) authKeys = NULL; |
| g_autoptr(GuestAuthorizedKeys) ret = NULL; |
| g_auto(PWindowsUserInfo) userInfo = NULL; |
| |
| /* Gets user information */ |
| if (!get_user_info(&userInfo, username, errp)) { |
| return NULL; |
| } |
| |
| /* Reads authkeys for the user */ |
| authKeys = read_authkeys(userInfo->authorizedKeyFile, errp); |
| if (authKeys == NULL) { |
| return NULL; |
| } |
| |
| /* Set the GuestAuthorizedKey struct with keys from the file */ |
| ret = g_new0(GuestAuthorizedKeys, 1); |
| for (int i = 0; authKeys[i] != NULL; i++) { |
| g_strstrip(authKeys[i]); |
| if (!authKeys[i][0] || authKeys[i][0] == '#') { |
| continue; |
| } |
| |
| QAPI_LIST_PREPEND(ret->keys, g_strdup(authKeys[i])); |
| } |
| |
| /* |
| * Steal the pointer because it is up for the callee to deallocate the |
| * memory. |
| */ |
| keys = g_steal_pointer(&ret); |
| return keys; |
| } |
| |
| /* |
| * Adds an ssh key for a user. |
| * |
| * parameters: |
| * username -> User to add the SSH key to |
| * strList -> Array of keys to add to the list |
| * has_reset -> Whether the keys have been reset |
| * reset -> Boolean to reset the keys (If this is set the existing list will be |
| * cleared) and the other key reset. errp -> Pointer to an error structure that |
| * will get returned over QMP if anything goes wrong. |
| */ |
| void qmp_guest_ssh_add_authorized_keys(const char *username, strList *keys, |
| bool has_reset, bool reset, Error **errp) |
| { |
| g_auto(PWindowsUserInfo) userInfo = NULL; |
| g_auto(GStrv) authkeys = NULL; |
| strList *k; |
| size_t nkeys, nauthkeys; |
| |
| /* Make sure the keys given are valid */ |
| if (!check_openssh_pub_keys(keys, &nkeys, errp)) { |
| return; |
| } |
| |
| /* Gets user information */ |
| if (!get_user_info(&userInfo, username, errp)) { |
| return; |
| } |
| |
| /* Determine whether we should reset the keys */ |
| reset = has_reset && reset; |
| if (!reset) { |
| /* Read existing keys into memory */ |
| authkeys = read_authkeys(userInfo->authorizedKeyFile, NULL); |
| } |
| |
| /* Check that the SSH key directory exists for the user. */ |
| if (!g_file_test(userInfo->sshDirectory, G_FILE_TEST_IS_DIR)) { |
| BOOL success = create_ssh_directory(userInfo, errp); |
| if (!success) { |
| return; |
| } |
| } |
| |
| /* Reallocates the buffer to fit the new keys. */ |
| nauthkeys = authkeys ? g_strv_length(authkeys) : 0; |
| authkeys = g_realloc_n(authkeys, nauthkeys + nkeys + 1, sizeof(char *)); |
| |
| /* zero out the memory for the reallocated buffer */ |
| memset(authkeys + nauthkeys, 0, (nkeys + 1) * sizeof(char *)); |
| |
| /* Adds the keys */ |
| for (k = keys; k != NULL; k = k->next) { |
| /* Check that the key doesn't already exist */ |
| if (g_strv_contains((const gchar *const *)authkeys, k->value)) { |
| continue; |
| } |
| |
| authkeys[nauthkeys++] = g_strdup(k->value); |
| } |
| |
| /* Write the authkeys to the file. */ |
| write_authkeys(userInfo, authkeys, errp); |
| } |
| |
| /* |
| * Removes an SSH key for a user |
| * |
| * parameters: |
| * username -> Username to remove the key from |
| * strList -> List of strings to remove |
| * errp -> Contains any errors that occur. |
| */ |
| void qmp_guest_ssh_remove_authorized_keys(const char *username, strList *keys, |
| Error **errp) |
| { |
| g_auto(PWindowsUserInfo) userInfo = NULL; |
| g_autofree struct passwd *p = NULL; |
| g_autofree GStrv new_keys = NULL; /* do not own the strings */ |
| g_auto(GStrv) authkeys = NULL; |
| GStrv a; |
| size_t nkeys = 0; |
| |
| /* Validates the keys passed in by the user */ |
| if (!check_openssh_pub_keys(keys, NULL, errp)) { |
| return; |
| } |
| |
| /* Gets user information */ |
| if (!get_user_info(&userInfo, username, errp)) { |
| return; |
| } |
| |
| /* Reads the authkeys for the user */ |
| authkeys = read_authkeys(userInfo->authorizedKeyFile, errp); |
| if (authkeys == NULL) { |
| return; |
| } |
| |
| /* Create a new buffer to hold the keys */ |
| new_keys = g_new0(char *, g_strv_length(authkeys) + 1); |
| for (a = authkeys; *a != NULL; a++) { |
| strList *k; |
| |
| /* Filters out keys that are equal to ones the user specified. */ |
| for (k = keys; k != NULL; k = k->next) { |
| if (g_str_equal(k->value, *a)) { |
| break; |
| } |
| } |
| |
| if (k != NULL) { |
| continue; |
| } |
| |
| new_keys[nkeys++] = *a; |
| } |
| |
| /* Write the new authkeys to the file. */ |
| write_authkeys(userInfo, new_keys, errp); |
| } |