diff --git a/src/config/cloud/gce.ipxe b/src/config/cloud/gce.ipxe new file mode 100644 index 00000000..95330d71 --- /dev/null +++ b/src/config/cloud/gce.ipxe @@ -0,0 +1,7 @@ +#!ipxe + +echo Google Compute Engine - iPXE boot via metadata +ifstat || +dhcp || +route || +chain -ar http://metadata.google.internal/computeMetadata/v1/instance/attributes/ipxeboot diff --git a/src/config/cloud/general.h b/src/config/cloud/general.h index e69de29b..99028c14 100644 --- a/src/config/cloud/general.h +++ b/src/config/cloud/general.h @@ -0,0 +1,4 @@ +/* Allow retrieval of metadata (such as an iPXE boot script) from + * Google Compute Engine metadata server. + */ +#define HTTP_HACK_GCE diff --git a/src/config/config_http.c b/src/config/config_http.c index 3f198d22..3c0e7802 100644 --- a/src/config/config_http.c +++ b/src/config/config_http.c @@ -43,3 +43,6 @@ REQUIRE_OBJECT ( httpdigest ); #ifdef HTTP_ENC_PEERDIST REQUIRE_OBJECT ( peerdist ); #endif +#ifdef HTTP_HACK_GCE +REQUIRE_OBJECT ( httpgce ); +#endif diff --git a/src/config/general.h b/src/config/general.h index be0845f6..fb1ac93f 100644 --- a/src/config/general.h +++ b/src/config/general.h @@ -78,6 +78,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); #define HTTP_AUTH_BASIC /* Basic authentication */ #define HTTP_AUTH_DIGEST /* Digest authentication */ //#define HTTP_ENC_PEERDIST /* PeerDist content encoding */ +//#define HTTP_HACK_GCE /* Google Compute Engine hacks */ /* * 802.11 cryptosystems and handshaking protocols diff --git a/src/net/tcp/httpgce.c b/src/net/tcp/httpgce.c new file mode 100644 index 00000000..c5d87902 --- /dev/null +++ b/src/net/tcp/httpgce.c @@ -0,0 +1,72 @@ +/* + * Copyright (C) 2017 Michael Brown . + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + * + * You can also choose to distribute this program under the terms of + * the Unmodified Binary Distribution Licence (as given in the file + * COPYING.UBDL), provided that you have satisfied its requirements. + */ + +FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); + +/** + * @file + * + * Google Compute Engine (GCE) metadata retrieval + * + * For some unspecified "security" reason, the Google Compute Engine + * metadata server will refuse any requests that do not include the + * non-standard HTTP header "Metadata-Flavor: Google". + */ + +#include +#include +#include + +/** Metadata host name + * + * This is used to identify metadata requests, in the absence of any + * more robust mechanism. + */ +#define GCE_METADATA_HOST_NAME "metadata.google.internal" + +/** + * Construct HTTP "Metadata-Flavor" header + * + * @v http HTTP transaction + * @v buf Buffer + * @v len Length of buffer + * @ret len Length of header value, or negative error + */ +static int http_format_metadata_flavor ( struct http_transaction *http, + char *buf, size_t len ) { + + /* Do nothing unless this appears to be a Google Compute + * Engine metadata request. + */ + if ( strcasecmp ( http->request.host, GCE_METADATA_HOST_NAME ) != 0 ) + return 0; + + /* Construct host URI */ + return snprintf ( buf, len, "Google" ); +} + +/** HTTP "Metadata-Flavor" header */ +struct http_request_header http_request_metadata_flavor __http_request_header ={ + .name = "Metadata-Flavor", + .format = http_format_metadata_flavor, +};