]> git.ipfire.org Git - people/ms/network.git/blob - src/functions/functions.util
projects / people / ms / network.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ipsec: Properly validate FQDNs
[people/ms/network.git] / src / functions / functions.util
1 #!/bin/bash
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2010 Michael Tremer & Christian Schmidt #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 # A simple print statement
23 print() {
24 local fmt=${1}; shift
25
26 printf -- "${fmt}\n" "$@"
27 }
28
29 print_indent() {
30 local i=${1}
31 shift
32
33 while (( i-- )); do
34 printf "\t"
35 done
36
37 print "%s" "$@"
38 }
39
40 # The args() function takes a number of arguments like
41 # var1="abc d" var2="abc" var3="abcd e"
42 # and splits them into several arguments, devided by newline
43 args() {
44 echo "$@" | xargs printf "%s\n"
45 }
46
47 unquote() {
48 local var="$@"
49
50 if [ "${var:0:1}" = "\"" ]; then
51 var=${var:1}
52 fi
53
54 local last=$(( ${#var} - 1 ))
55 if [ ${last} -ge 0 ] && [ "${var:${last}:1}" = "\"" ]; then
56 var=${var:0:${last}}
57 fi
58
59 print "${var}"
60 }
61
62 quote() {
63 print "\"%s\"" "$@"
64 }
65
66 strip() {
67 local value="$@"
68
69 # remove leading whitespace characters
70 value="${value#"${value%%[![:space:]]*}"}"
71
72 # remove trailing whitespace characters
73 value="${value%"${value##*[![:space:]]}"}"
74
75 print "${value}"
76 }
77
78 # Print a pretty error message
79 error() {
80 echo -e " ${CLR_RED_B}ERROR${CLR_RESET} : $@" >&2
81 }
82
83 error_log() {
84 log ERROR "$@"
85 }
86
87 # Print a pretty warn message
88 warning() {
89 echo -e " ${CLR_YELLOW_B}WARNING${CLR_RESET}: $@" >&2
90 }
91
92 warning_log() {
93 log WARNING "$@"
94 }
95
96 # Speedup function to avoid a call of the basename binary
97 basename() {
98 echo "${1##*/}"
99 }
100
101 format() {
102 local key=${1}
103 assert isset key
104
105 local format=${2}
106 assert isset format
107
108 shift 2
109
110 printf -v "${key}" "${format}" "$@"
111 }
112
113 format_time() {
114 local s=${1}
115 local ret m
116
117 local units="s m h"
118
119 local unit
120 for unit in ${units}; do
121 m=$(( ${s} % 60 ))
122 s=$(( ${s} / 60 ))
123
124 if [ ${m} -gt 0 ]; then
125 ret="${m}${unit} ${ret}"
126 fi
127 done
128
129 # Remove whitespace
130 echo ${ret}
131 }
132
133 parse_time() {
134 local ret=0
135
136 local arg
137 for arg in "$@"; do
138 local unit
139
140 case "${arg}" in
141 *h|*m|*s)
142 # Store unit
143 unit="${arg: -1}"
144
145 # Remove unit
146 arg="${arg:0:-1}"
147 ;;
148 esac
149
150 if ! isinteger arg; then
151 return ${EXIT_ERROR}
152 fi
153
154 # Convert hours and minutes into seconds
155 case "${unit}" in
156 h)
157 arg=$(( ${arg} * 3600 ))
158 ;;
159 m)
160 arg=$(( ${arg} * 60 ))
161 ;;
162 esac
163
164 # Add up everything
165 ret=$(( ${ret} + ${arg} ))
166 done
167
168 print "${ret}"
169 }
170
171 assign() {
172 local key=${1}
173 assert isset key
174 shift
175
176 format "${key}" "%s" "$@"
177 }
178
179 fread() {
180 local file=${1}
181 assert isset file
182
183 [ -r "${file}" ] || return ${EXIT_ERROR}
184
185 print "$(<${file})"
186 }
187
188 fwrite() {
189 local file=${1}
190 assert isset file
191 shift
192
193 if ! print "%s" "$@" > ${file} 2>/dev/null; then
194 error "Could not write to file: ${file}"
195 return ${EXIT_ERROR}
196 fi
197
198 return ${EXIT_OK}
199 }
200
201 fappend() {
202 local file=${1}
203 assert isset file
204 shift
205
206 if [ -e "${file}" ] && [ ! -w "${file}" ]; then
207 log ERROR "${file}: No such file"
208 return ${EXIT_ERROR}
209 fi
210
211 print "%s" "$@" >> ${file} 2>/dev/null
212 }
213
214 file_delete() {
215 local file=${1}
216
217 unlink "${file}" 2>/dev/null
218 }
219
220 file_exists() {
221 local file=${1}
222
223 [ -e "${file}" ] && return ${EXIT_TRUE} || return ${EXIT_FALSE}
224 }
225
226 file_is_newer_than() {
227 local file1="${1}"
228 local file2="${2}"
229
230 local age1=$(file_get_age "${file1}")
231 local age2=$(file_get_age "${file2}")
232
233 if [ ${age1} -gt ${age2} ]; then
234 return ${EXIT_TRUE}
235 else
236 return ${EXIT_FALSE}
237 fi
238 }
239
240 file_get_age() {
241 local file="${1}"
242
243 if [ -e "${file}" ]; then
244 stat --format="%Y" "${file}"
245 return $?
246 fi
247
248 return ${EXIT_ERROR}
249 }
250
251 make_directory() {
252 local path="${1}"
253
254 mkdir -p "${path}"
255 }
256
257 make_parent_directory() {
258 local path="${1}"
259
260 make_directory "$(dirname "${path}")"
261 }
262
263 enabled() {
264 local param=${1}
265
266 list_match "${!param}" yes on true 1
267 }
268
269 mac_generate() {
270 local b="$(random 12)"
271
272 # Remove multicast bit
273 # and set address is software assigned
274 local first_byte=$(( 0x${b:0:2} & 0xfe ))
275 first_byte=$(( ${first_byte} | 0x02 ))
276
277 local output
278 printf -v output "%02x" "${first_byte}"
279
280 output="${output}:${b:2:2}:${b:4:2}:${b:6:2}:${b:8:2}:${b:10:2}"
281
282 # Check if output is valid
283 assert mac_is_valid "${output}"
284
285 echo "${output}"
286 }
287
288 mac_format() {
289 local mac=${1}
290 assert isset mac
291
292 # Remove all colons and make the rest lowercase.
293 mac=${mac//:/}
294 mac=${mac,,}
295
296 local output
297 if [ "${#mac}" = "12" ]; then
298 # Add colons (:) to mac address
299 output=${mac:0:2}
300 local i
301 for i in 2 4 6 8 10; do
302 output="${output}:${mac:${i}:2}"
303 done
304 else
305 output=${mac}
306 fi
307
308 assert mac_is_valid ${output}
309
310 print "${output}"
311 }
312
313 mac_is_valid() {
314 local mac=${1}
315
316 [[ ${mac} =~ ^([0-9a-f]{2}\:){5}[0-9a-f]{2}$ ]]
317 }
318
319 # Converts the given string to lowercase and returns true if it is a valid FQDN
320 fqdn_is_valid() {
321 local fqdn="${1}"
322
323 if grep -qP "^(?!:\/\/)(?=.{1,255}$)((.{1,63}\.){1,127}(?![0-9]*$)[a-z0-9-]+\.?)$" <<< "${fqdn,,}"; then
324 return ${EXIT_TRUE}
325 fi
326
327 return ${EXIT_FALSE}
328 }
329
330 uuid() {
331 echo $(</proc/sys/kernel/random/uuid)
332 }
333
334 abs() {
335 local val=${1}
336
337 if [ ${val} -lt 0 ]; then
338 (( val *= -1 ))
339 fi
340
341 echo ${val}
342 }
343
344 rand() {
345 local uuid="$(uuid)"
346 echo "${uuid//-/}"
347 }
348
349 random() {
350 local length="${1:-8}"
351
352 local random
353 while [ ${#random} -lt ${length} ]; do
354 random="${random}$(rand)"
355 done
356
357 echo "${random:0:${length}}"
358 }
359
360 isset() {
361 local var=${1}
362
363 [ -n "${!var}" ]
364 }
365
366 isoneof() {
367 local var=${!1}
368 shift
369
370 list_match "${var}" "$@"
371 }
372
373 isbool() {
374 local var=${1}
375
376 isoneof ${var} 0 1 no yes on off true false
377 }
378
379 isinteger() {
380 local var=${!1}
381
382 [[ ${var} =~ ^[0-9]+$ ]]
383 }
384
385 ismac() {
386 local mac=${!1}
387
388 mac_is_valid ${mac}
389 }
390
391 isipaddress() {
392 local addr=${!1}
393
394 ip_is_valid ${addr}
395 }
396
397 mtu_is_valid() {
398 local proto=${1}
399 local mtu=${2}
400
401 case ${proto} in
402 ipv4)
403 [ ${mtu} -ge 576 ] && [ ${mtu} -le 9000 ]
404 ;;
405 ipv6)
406 [ ${mtu} -ge 1280 ] && [ ${mtu} -le 9000 ]
407 ;;
408 *)
409 error "${proto} is not a valid proto"
410 return ${EXIT_ERROR}
411 ;;
412 esac
413 }
414
415 backtrace() {
416 local start=1
417
418 echo # Empty line
419 error_log "Backtrace (most recent call in first line):"
420
421 local i source
422 for i in $(seq ${start} ${#BASH_SOURCE[*]}); do
423 [ -z "${FUNCNAME[${i}]}" ] && continue
424
425 # Print called binary with arguments.
426 if [ "${FUNCNAME[${i}]}" == "main" ]; then
427 local args="$(list_reverse ${BASH_ARGV[*]})"
428 printf -v source "%20s" "$0"
429 error_log " ${source} ${args}"
430 continue
431 fi
432
433 source=${BASH_SOURCE[$(( ${i} + 1 ))]}
434 error_log " $(printf "%20s" "'${FUNCNAME[${i}]}'") called from ${source:-<shell>}:${BASH_LINENO[${i}]}"
435 done
436 }
437
438 assert() {
439 local assertion="$@"
440
441 if ! ${assertion}; then
442 error_log "Assertion '${assertion}' failed."
443 backtrace
444 exit ${EXIT_ERROR_ASSERT}
445 fi
446
447 return ${EXIT_OK}
448 }
449
450 # This function checks, if the given argument is an assert error
451 # exit code. If this is the case, the script will halt immediately.
452 assert_check_retval() {
453 local ret=${1}
454
455 if [ ${ret} -eq ${EXIT_ERROR_ASSERT} ]; then
456 exit ${EXIT_ERROR_ASSERT}
457 fi
458
459 return ${ret}
460 }
461
462 # This function executes the given command and inverses the return code
463 not() {
464 local command="$@"
465
466 ${command} && return ${EXIT_FALSE} || return ${EXIT_TRUE}
467 }
468
469 exec_cmd() {
470 local cmd=$@
471
472 log DEBUG "Running command: ${cmd}"
473
474 DEBUG=${DEBUG} \
475 LOG_DISABLE_STDOUT="${LOG_DISABLE_STDOUT}" \
476 LOG_FACILITY="${LOG_FACILITY}" \
477 ${SHELL} ${cmd}
478 local ret=$?
479
480 #log DEBUG "Returned with code '${ret}'"
481
482 if [ ${ret} -eq ${EXIT_ERROR_ASSERT} ]; then
483 error_log "Stopping parent process due to assertion error in child process: ${cmd}"
484 exit ${EXIT_ERROR_ASSERT}
485 fi
486
487 return ${ret}
488 }
489
490 cmd() {
491 local cmd=$@
492
493 log DEBUG "Running command: ${cmd}"
494
495 env -i -- \
496 HOME="${HOME}" \
497 PATH="${PATH}" \
498 TERM="${TERM}" \
499 ${cmd}
500 local ret=$?
501
502 case "${ret}" in
503 ${EXIT_OK})
504 return ${EXIT_OK}
505 ;;
506 *)
507 log DEBUG "Returned with code '${ret}'"
508 return ${ret}
509 ;;
510 esac
511 }
512
513 cmd_quiet() {
514 cmd "$@" &>/dev/null
515 }
516
517 cmd_exec() {
518 local cmd=$@
519
520 log DEBUG "Exec'ing command: ${cmd}"
521
522 exec ${cmd}
523
524 log ERROR "Could not exec-ute: ${cmd}"
525 exit ${EXIT_ERROR}
526 }
527
528 cmd_not_implemented() {
529 assert false "not implemented"
530 }
531
532 # Executes the given command in background
533 cmd_background() {
534 cmd_quiet "$@" &
535 }
536
537 # Prints the PID of the process that was started last
538 cmd_background_get_pid() {
539 print "${!}"
540 }
541
542 cmd_background_result() {
543 local pids=$@
544
545 wait ${pids}
546 }
547
548 # Increase security of the read command
549 read() {
550 builtin read -r "$@"
551 }
552
553 seq() {
554 if [ $# -eq 2 ]; then
555 eval echo {${1}..${2}}
556 elif [ $# -eq 3 ]; then
557 eval echo {${1}..${3}..${2}}
558 fi
559 }
560
561 range() {
562 eval echo {0..$(( ${1} - 1 ))}
563 }
564
565 count() {
566 local i=0
567
568 while read; do
569 ((i++))
570 done
571
572 echo ${i}
573 }
574
575 which() {
576 type -P "$@"
577 }
578
579 # Prints the number of seconds since epoch.
580 timestamp() {
581 date -u "+%s"
582 }
583
584 beautify_time() {
585 local value=${1}
586
587 local unit
588 local limit
589 for unit in s m h d w; do
590 case "${unit}" in
591 s|m|h)
592 limit=60
593 ;;
594 d)
595 limit=24
596 ;;
597 w)
598 limit=7
599 ;;
600 esac
601
602 [ ${value} -lt ${limit} ] && break
603
604 value=$(( ${value} / ${limit} ))
605 done
606
607 echo "${value}${unit}"
608 }
609
610 beautify_bytes() {
611 local value=${1}
612
613 local unit
614 local limit=1024
615 for unit in B k M G T; do
616 [ ${value} -lt ${limit} ] && break
617 value=$(( ${value} / ${limit} ))
618 done
619
620 echo "${value}${unit}"
621 }
622
623 module_load() {
624 local module=${1}
625
626 # Do nothing if the module is already loaded
627 if [ -d "/sys/module/${module//-/_}" ]; then
628 return ${EXIT_OK}
629 fi
630
631 log DEBUG "Loading kernel module ${module}"
632 modprobe "${module}"
633 }
634
635 binary_exists() {
636 local binary=${1}
637
638 if [ -n "$(type -p ${binary})" ]; then
639 return ${EXIT_OK}
640 fi
641
642 return ${EXIT_ERROR}
643 }
644
645 function_exists() {
646 local function="${1}"
647
648 if [ "$(type -t "${function}")" = "function" ]; then
649 return ${EXIT_TRUE}
650 fi
651
652 return ${EXIT_FALSE}
653 }
654
655 process_kill() {
656 local process=${1}
657
658 if ! isinteger process; then
659 process=$(pidof ${process})
660 fi
661
662 local pid
663 local sig
664 for pid in ${process}; do
665 for sig in 15 9; do
666 [ -d "/proc/${pid}" ] || break
667
668 kill -${sig} ${pid}
669 sleep 1
670 done
671 done
672 }
673
674 dec() {
675 local hex=${1}
676
677 if [ "${hex:0:2}" != "0x" ]; then
678 hex="0x${hex}"
679 fi
680
681 printf "%d\n" "${hex}"
682 }
683
684 chr() {
685 local char="${1}"
686
687 [ ${char} -lt 256 ] || return ${EXIT_ERROR}
688
689 printf "\\$(( ${char} / 64 * 100 + ${char} % 64 / 8 * 10 + ${char} % 8 ))\n"
690 }
691
692 ord() {
693 LC_CTYPE="C" printf "%d\n" "'${1}"
694 }
695
696 hex() {
697 printf "%X\n" "${1}"
698 }
699
700 network_is_running() {
701 # Check, if the network service is running.
702 service_is_active network
703 }
704
705 contains_spaces() {
706 local var="$@"
707
708 # Eliminate spaces.
709 local var2=${var// /}
710
711 if [ ${#var} -ne ${#var2} ]; then
712 return ${EXIT_TRUE}
713 fi
714
715 return ${EXIT_FALSE}
716 }
717
718 string_match() {
719 local match=${1}
720 local string=${2}
721
722 [[ ${string} =~ ${match} ]] && return ${EXIT_TRUE} || return ${EXIT_FALSE}
723 }
724
725 string_split() {
726 local string="$@"
727
728 local pos=0
729 while [ ${pos} -lt ${#string} ]; do
730 print "${string:${pos}:1}"
731 pos=$(( ${pos} + 1 ))
732 done
733
734 return ${EXIT_OK}
735 }
736
737 string_reverse() {
738 local string="$@"
739
740 local output
741 local pos=0
742 while [ ${pos} -lt ${#string} ]; do
743 output="${string:${pos}:1}${output}"
744 pos=$(( ${pos} + 1 ))
745 done
746
747 print "${output}"
748 return ${EXIT_OK}
749 }
750
751 dec2bin() {
752 local number="${1}"
753
754 local output
755
756 local i div
757 for i in 7 6 5 4 3 2 1; do
758 div=$(( 2 ** ${i} ))
759
760 if [ $(( ${number} / ${div} )) -eq 1 ]; then
761 output="${output}1"
762 else
763 output="${output}0"
764 fi
765 number="$(( ${number} % ${div} ))"
766 done
767
768 if [ $(( ${number} % 2 )) -eq 1 ]; then
769 output="${output}1"
770 else
771 output="${output}0"
772 fi
773
774 print "${output}"
775 }
776
777 bin2dec() {
778 local string="${1}"
779 local number=0
780
781 local pos=0 char
782 while [ ${pos} -lt ${#string} ]; do
783 char="${string:${pos}:1}"
784 pos=$(( ${pos} + 1 ))
785
786 number=$(( ${number} << 1 ))
787
788 case "${char}" in
789 0) ;;
790 1)
791 number=$(( ${number} + 1 ))
792 ;;
793 *)
794 assert false "Invalid character: ${char}"
795 ;;
796 esac
797 done
798
799 print "${number}"
800 return ${EXIT_OK}
801 }
802
803 char2bin() {
804 local dec="$(ord "${1}")"
805
806 dec2bin "${dec}"
807 }
808
809 bin2char() {
810 local dec="$(bin2dec "$@")"
811
812 chr "${dec}"
813 }
814
815 bin2hex() {
816 local dec="$(bin2dec "$@")"
817
818 dec2hex "${dec}"
819 }
820
821 hex2bin() {
822 local dec="$(hex2dec "$@")"
823
824 dec2bin "${dec}"
825 }
826
827 hex2dec() {
828 local hex="${1}"
829
830 # Prepend 0x if necessary.
831 [ "${hex:0:2}" = "0x" ] || hex="0x${hex}"
832
833 printf "%d\n" "${hex}"
834 }
835
836 dec2hex() {
837 printf "%02x\n" "${1}"
838 }
839
840 # This function just copy config files
841 copy() {
842 assert [ $# -eq 2 ]
843
844 local src=${1}
845 local dst=${2}
846
847 # Check if we can read from the source
848 if [ ! -r "${src}" ]; then
849 log ERROR "Cannot read ${src}"
850 return ${EXIT_ERROR}
851 fi
852
853 # Check if ${dst} is a directory
854 if [ -d "${dst}" ]; then
855 log ERROR "${dst} is a directory"
856 return ${EXIT_ERROR}
857 fi
858
859 if ! fread "${src}" > "${dst}"; then
860 log ERROR "Could not copy data from ${src} to ${dst}"
861 return ${EXIT_ERROR}
862 fi
863 }
864
865 normalize() {
866 local string="$@"
867
868 tr -sc [:alnum:] "-" < <(printf "%s" "${string,,}")
869 }
Networking code of IPFire 3.x.