marmarek/ssh

## ssh
#!/bin/sh

id=`date +%s`-$$

echo "Cmd: $0 $@" >>/tmp/log-$id
# redirect stderr to file, but still have ability to send something to the
# "real" stderr
exec 3>&2
exec 2>/tmp/log-$id-stderr

firstarg=""
while true; do
	if [ "$1" = "-V" ]; then
		exit 0
	elif [ "$1" = "-o" ]; then
		shift
	elif [[ "x$1" = "x-"* ]]; then
		true # simply ignore
	elif [ -z "$firstarg" ]; then
		firstarg="$1"
	else
		break
	fi
	shift
done
echo "Cmd2: $@" >>/tmp/log-$id

if [[ "$0" = *"scp" ]]; then
	src="$firstarg"
	dst_host="${1%:*}"
	dst="${1#*:}"
	if ! [ -r "$src" ]; then
		echo "File not found: $src" >&2
		exit 1
	fi
	tmpname=`mktemp`
	cp "$src" "$tmpname"
	qvm-copy-to-vm $dst_host $tmpname || exit 1
	echo "mv \"/home/user/QubesIncoming/`hostname`/`basename $tmpname`\" \"$dst\"" | qrexec-client-vm $dst_host qubes.VMShell >/dev/null
elif [[ "$0" = *ssh ]]; then
	dst_host="$firstarg"
	tee /tmp/log-$id-in | qrexec-client-vm "$dst_host" qubes.VMShell >/tmp/log-$id-out
	ecode=$?
    # decode executed command (generated by caller)
    cat /tmp/log-$id-in | sed -z 's/.*"""\(.*\)""".*/\1/'|base64 -d > /tmp/log-$id-shim
    delim=$(grep ^OPTIONS.delimiter /tmp/log-$id-shim|cut -f2 -d "'")
    salt_args=$(grep ^ARGS /tmp/log-$id-shim|tail -1|cut -f2 -d "'")
	echo "$delim"
	if [ "$ecode" -eq 11 ]; then
		echo "deploy"
	elif [ "$ecode" -eq 13 ]; then
        	echo "ext_mods"
	else
        if [ "$ecode" -eq 0 ]; then
            ret="true"
        else
            ret="false"
        fi
        echo "$delim" >&3
        echo "salt args: $salt_args" >&2
        if [[ "$salt_args" = 'test.opts_pkg' ]]; then
    		cat <<EOF
{
    "local": {
        "return": {
            "grains": {
                "os": "Linux",
                "os_family": "Debian"
            },
            "state_top": "top.sls",
            "renderer": "yaml_jinja",
            "environment": null
        },
        "retcode": $ecode,
        "id": "$dst_host"
    }
}
EOF
        else
    		cat <<EOF
{
    "local": {
        "return": $ret,
        "retcode": $ecode,
        "id": "$dst_host"
    }
}
EOF
        fi
	fi
	exit $ecode
#/home/user/salt-ssh/bin/shell-wrapper /tmp/$id-e "$@" >/dev/null
else
    #WTF? at least log the input...
	cat >>/tmp/log-$id
fi
	#!/bin/sh

	id=`date +%s`-$$

	echo "Cmd: $0 $@" >>/tmp/log-$id
	# redirect stderr to file, but still have ability to send something to the
	# "real" stderr
	exec 3>&2
	exec 2>/tmp/log-$id-stderr

	firstarg=""
	while true; do
	if [ "$1" = "-V" ]; then
	exit 0
	elif [ "$1" = "-o" ]; then
	shift
	elif [[ "x$1" = "x-"* ]]; then
	true # simply ignore
	elif [ -z "$firstarg" ]; then
	firstarg="$1"
	else
	break
	fi
	shift
	done
	echo "Cmd2: $@" >>/tmp/log-$id

	if [[ "$0" = *"scp" ]]; then
	src="$firstarg"
	dst_host="${1%:*}"
	dst="${1#*:}"
	if ! [ -r "$src" ]; then
	echo "File not found: $src" >&2
	exit 1
	fi
	tmpname=`mktemp`
	cp "$src" "$tmpname"
	qvm-copy-to-vm $dst_host $tmpname \|\| exit 1
	echo "mv \"/home/user/QubesIncoming/`hostname`/`basename $tmpname`\" \"$dst\"" \| qrexec-client-vm $dst_host qubes.VMShell >/dev/null
	elif [[ "$0" = *ssh ]]; then
	dst_host="$firstarg"
	tee /tmp/log-$id-in \| qrexec-client-vm "$dst_host" qubes.VMShell >/tmp/log-$id-out
	ecode=$?
	# decode executed command (generated by caller)
	cat /tmp/log-$id-in \| sed -z 's/."""\(.\)""".*/\1/'\|base64 -d > /tmp/log-$id-shim
	delim=$(grep ^OPTIONS.delimiter /tmp/log-$id-shim\|cut -f2 -d "'")
	salt_args=$(grep ^ARGS /tmp/log-$id-shim\|tail -1\|cut -f2 -d "'")
	echo "$delim"
	if [ "$ecode" -eq 11 ]; then
	echo "deploy"
	elif [ "$ecode" -eq 13 ]; then
	echo "ext_mods"
	else
	if [ "$ecode" -eq 0 ]; then
	ret="true"
	else
	ret="false"
	fi
	echo "$delim" >&3
	echo "salt args: $salt_args" >&2
	if [[ "$salt_args" = 'test.opts_pkg' ]]; then
	cat <<EOF
	{
	"local": {
	"return": {
	"grains": {
	"os": "Linux",
	"os_family": "Debian"
	},
	"state_top": "top.sls",
	"renderer": "yaml_jinja",
	"environment": null
	},
	"retcode": $ecode,
	"id": "$dst_host"
	}
	}
	EOF
	else
	cat <<EOF
	{
	"local": {
	"return": $ret,
	"retcode": $ecode,
	"id": "$dst_host"
	}
	}
	EOF
	fi
	fi
	exit $ecode
	#/home/user/salt-ssh/bin/shell-wrapper /tmp/$id-e "$@" >/dev/null
	else
	#WTF? at least log the input...
	cat >>/tmp/log-$id
	fi