From 45d95be7e3b67c7acd83ba9878a342a214f23078 Mon Sep 17 00:00:00 2001
From: Dehan Meng <demeng@redhat.com>
Date: Tue, 6 Aug 2024 18:42:48 +0800
Subject: [PATCH] qemu_guest_agent: Add ssh-key injection support for windows

Add public ssh-key injection support for windows. Linux had been
supported already.
Add script Install_config_OpenSSH.ps1 to prepare OPenSSH.

Signed-off-by: Dehan Meng <demeng@redhat.com>
---
 qemu/tests/cfg/qemu_guest_agent.cfg | 33 +++++++++++++++++++++++------
 qemu/tests/qemu_guest_agent.py      | 28 +++++++++++++++---------
 2 files changed, 45 insertions(+), 16 deletions(-)

diff --git a/qemu/tests/cfg/qemu_guest_agent.cfg b/qemu/tests/cfg/qemu_guest_agent.cfg
index d7553a109e..8d82a4acef 100644
--- a/qemu/tests/cfg/qemu_guest_agent.cfg
+++ b/qemu/tests/cfg/qemu_guest_agent.cfg
@@ -546,30 +546,51 @@
             input_dev_type_input2 = mouse
             input_dev_type_input3 = tablet
         - gagent_ssh_public_key_injection:
-            only Linux
             no  RHEL.7 RHEL.8 RHEL.9.0 RHEL.9.1
             gagent_check_type = ssh_public_key_injection
             set_sebool = "setsebool virt_qemu_ga_read_nonsecurity_files on ; setsebool virt_qemu_ga_manage_ssh on"
             cmd_clean_keys = rm -rf ~/.ssh/*
             ssh_keygen_cmd =  "ssh-keygen -t rsa -P "" -f ~/.ssh/id_rsa"
             cmd_get_hostkey = "cat ~/.ssh/id_rsa.pub"
+            add_line_at_end = "echo >> ${guest_homepath}/.ssh/authorized_keys"
+            cmd_get_guestkey = "cat ${guest_homepath}/.ssh/authorized_keys"
+            cmd_del_key_file = "rm -rf ${guest_homepath}/.ssh/authorized_keys"
             variants:
                 - root:
+                    only Linux
                     guest_user = "root"
                     guest_homepath = /${guest_user}
-                    test_login_guest = ssh ${guest_user}@%s -o stricthostkeychecking=no ls ${guest_homepath}
+                    test_login_guest = ssh ${guest_user}@%s -o StrictHostKeyChecking=no ls ${guest_homepath}
                     output_check_str = 'anaconda-ks.cfg'
                 - non_root_user:
+                    only Linux
                     guest_user = "fedora"
                     guest_user_passwd = "redhat"
                     guest_homepath = "/home/${guest_user}"
                     cmd_add_user_set_passwd = useradd ${guest_user} && echo ${guest_user_passwd} | passwd --stdin ${guest_user}
                     cmd_remove_user = userdel -rf ${guest_user}
-                    test_login_guest = ssh ${guest_user}@%s -o stricthostkeychecking=no ls '/home'
+                    test_login_guest = ssh ${guest_user}@%s -o StrictHostKeyChecking=no ls '/home'
                     output_check_str = '${guest_user}'
-            add_line_at_end = "echo >> ${guest_homepath}/.ssh/authorized_keys"
-            cmd_get_guestkey = "cat ${guest_homepath}/.ssh/authorized_keys"
-            cmd_del_key_file = "rm -rf ${guest_homepath}/.ssh/authorized_keys"
+                - administrator:
+                    only Windows
+                    guest_user = "Administrator"
+                    guest_user_passwd = 'Kvm_autotest'
+                    guest_homepath = "C:\Users\${guest_user}"
+                    cmd_get_guestkey = "powershell.exe Get-Content C:\ProgramData\ssh\administrators_authorized_keys"
+                - non_admin_user:
+                    only Windows
+                    guest_user = "nonadminuser"
+                    guest_user_passwd = "Redhat."
+                    guest_homepath = "C:\Users\${guest_user}"
+                    guest_sshdir = "${guest_homepath}\.ssh"
+                    cmd_add_user_set_passwd = "powershell.exe $securePassword = ConvertTo-SecureString -String ${guest_user_passwd} -AsPlainText -Force;New-LocalUser -Name ${guest_user} -Password $securePassword -FullName 'New User' -Description 'Standard non-admin user';Add-LocalGroupMember -Group 'Users' -Member ${guest_user}"
+                    cmd_remove_user = "powershell.exe Remove-LocalUser -Name ${guest_user}"
+                    cmd_get_guestkey = "powershell.exe Get-Content ${guest_homepath}\.ssh\authorized_keys"
+            Windows:
+                install_config_openssh = "powershell.exe Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process -Force; WIN_UTILS:\Install_config_OpenSSH.ps1"
+                first_ssh_VM = sshpass -p ${guest_user_passwd} ssh ${guest_user}@%s -o StrictHostKeyChecking=no dir "${guest_homepath}"
+                test_login_guest = ssh ${guest_user}@%s -o StrictHostKeyChecking=no dir "${guest_homepath}"
+                output_check_str = "Downloads"
         - check_get_cpustats:
             only Linux
             no  RHEL.7 RHEL.8 RHEL.9.1 RHEL.9.0
diff --git a/qemu/tests/qemu_guest_agent.py b/qemu/tests/qemu_guest_agent.py
index cf7a94b4b4..42b5efaff7 100644
--- a/qemu/tests/qemu_guest_agent.py
+++ b/qemu/tests/qemu_guest_agent.py
@@ -1322,10 +1322,10 @@ def ssh_key_test(operation, guest_name, *keys, **kwargs):
             op_func(guest_name, *keys, **kwargs)
             keys_ga = self.gagent.ssh_get_authorized_keys(guest_name)
 
-            add_line_at_end = params["add_line_at_end"]
+            if os_type == "linux":
+                add_line_at_end = params["add_line_at_end"]
+                session.cmd(add_line_at_end)
             cmd_guest_keys = params["cmd_get_guestkey"]
-
-            session.cmd(add_line_at_end)
             keys_guest = session.cmd_output(cmd_guest_keys).strip()
             _value_compared_ga_guest(keys_ga, keys_guest, operation)
             return keys_ga, keys_guest
@@ -1338,15 +1338,20 @@ def _prepared_n_restore_env(prepare=True):
             """
 
             if prepare:
-                output = session.cmd_output("getenforce")
-                if str(output) == "Permissive":
-                    session.cmd("setenforce 1")
-                session.cmd(params["set_sebool"])
-                if guest_user != "root":
+                if os_type == "linux":
+                    if session.cmd_output("getenforce") == "Permissive":
+                        session.cmd("setenforce 1")
+                    session.cmd(params["set_sebool"])
+                else:
+                    install_config_openssh_cmd = utils_misc.set_winutils_letter(
+                        session, self.params["install_config_openssh"])
+                    session.cmd(install_config_openssh_cmd, timeout=720)
+                if guest_user not in ["root", "Administrator"]:
                     session.cmd(params["cmd_add_user_set_passwd"])
             else:
-                session.cmd(params["cmd_del_key_file"])
-                if guest_user != "root":
+                if os_type == "linux":
+                    session.cmd(params["cmd_del_key_file"])
+                if guest_user not in ["root", "Administrator"]:
                     session.cmd(params["cmd_remove_user"])
 
         def _generate_host_keys():
@@ -1407,6 +1412,9 @@ def _value_compared_ga_guest(return_value_ga,
 
         error_context.context("Check the basic function ",
                               LOG_JOB.info)
+        if os_type == "windows":
+            cmd_first_ssh = params["first_ssh_VM"] % guest_ip_ipv4
+            process.system(cmd_first_ssh, shell=True)
         host_key1 = _generate_host_keys()
         ssh_key_test("add", guest_user, host_key1, reset=False)
         _login_guest_test(guest_ip_ipv4)