2020-04-24 07:55:46 +00:00
|
|
|
use std::path::Path;
|
|
|
|
use std::process::Command;
|
2020-04-20 12:15:57 +00:00
|
|
|
use std::collections::HashMap;
|
2020-04-21 08:32:54 +00:00
|
|
|
|
|
|
|
use anyhow::{Error, bail, format_err};
|
2020-04-20 12:15:57 +00:00
|
|
|
use lazy_static::lazy_static;
|
2020-04-21 08:32:54 +00:00
|
|
|
use nix::sys::socket::{socket, AddressFamily, SockType, SockFlag};
|
|
|
|
use nix::ioctl_read_bad;
|
|
|
|
use regex::Regex;
|
2020-04-20 12:15:57 +00:00
|
|
|
|
2020-04-22 06:45:13 +00:00
|
|
|
use proxmox::*; // for IP macros
|
|
|
|
|
2020-04-20 12:15:57 +00:00
|
|
|
pub static IPV4_REVERSE_MASK: &[&'static str] = &[
|
|
|
|
"0.0.0.0",
|
|
|
|
"128.0.0.0",
|
|
|
|
"192.0.0.0",
|
|
|
|
"224.0.0.0",
|
|
|
|
"240.0.0.0",
|
|
|
|
"248.0.0.0",
|
|
|
|
"252.0.0.0",
|
|
|
|
"254.0.0.0",
|
|
|
|
"255.0.0.0",
|
|
|
|
"255.128.0.0",
|
|
|
|
"255.192.0.0",
|
|
|
|
"255.224.0.0",
|
|
|
|
"255.240.0.0",
|
|
|
|
"255.248.0.0",
|
|
|
|
"255.252.0.0",
|
|
|
|
"255.254.0.0",
|
|
|
|
"255.255.0.0",
|
|
|
|
"255.255.128.0",
|
|
|
|
"255.255.192.0",
|
|
|
|
"255.255.224.0",
|
|
|
|
"255.255.240.0",
|
|
|
|
"255.255.248.0",
|
|
|
|
"255.255.252.0",
|
|
|
|
"255.255.254.0",
|
|
|
|
"255.255.255.0",
|
|
|
|
"255.255.255.128",
|
|
|
|
"255.255.255.192",
|
|
|
|
"255.255.255.224",
|
|
|
|
"255.255.255.240",
|
|
|
|
"255.255.255.248",
|
|
|
|
"255.255.255.252",
|
|
|
|
"255.255.255.254",
|
|
|
|
"255.255.255.255",
|
|
|
|
];
|
|
|
|
|
|
|
|
lazy_static! {
|
|
|
|
pub static ref IPV4_MASK_HASH_LOCALNET: HashMap<&'static str, u8> = {
|
|
|
|
let mut map = HashMap::new();
|
|
|
|
for i in 8..32 {
|
|
|
|
map.insert(IPV4_REVERSE_MASK[i], i as u8);
|
|
|
|
}
|
|
|
|
map
|
|
|
|
};
|
|
|
|
}
|
2020-04-21 08:32:54 +00:00
|
|
|
|
2020-04-22 06:45:13 +00:00
|
|
|
pub fn parse_cidr(cidr: &str) -> Result<(String, u8, bool), Error> {
|
|
|
|
|
|
|
|
lazy_static! {
|
|
|
|
pub static ref CIDR_V4_REGEX: Regex = Regex::new(
|
2020-04-22 08:52:31 +00:00
|
|
|
concat!(r"^(", IPV4RE!(), r")(?:/(\d{1,2}))$")
|
2020-04-22 06:45:13 +00:00
|
|
|
).unwrap();
|
|
|
|
pub static ref CIDR_V6_REGEX: Regex = Regex::new(
|
2020-04-22 08:52:31 +00:00
|
|
|
concat!(r"^(", IPV6RE!(), r")(?:/(\d{1,3}))$")
|
2020-04-22 06:45:13 +00:00
|
|
|
).unwrap();
|
|
|
|
}
|
|
|
|
|
|
|
|
if let Some(caps) = CIDR_V4_REGEX.captures(&cidr) {
|
|
|
|
let address = &caps[1];
|
|
|
|
let mask = &caps[2];
|
|
|
|
let mask = u8::from_str_radix(mask, 10)
|
|
|
|
.map(|mask| {
|
|
|
|
if !(mask > 0 && mask <= 32) {
|
|
|
|
bail!("IPv4 mask '{}' is out of range (1..32).", mask);
|
|
|
|
}
|
|
|
|
Ok(mask)
|
|
|
|
})?;
|
|
|
|
return Ok((address.to_string(), mask.unwrap(), false));
|
|
|
|
} else if let Some(caps) = CIDR_V6_REGEX.captures(&cidr) {
|
|
|
|
let address = &caps[1];
|
|
|
|
let mask = &caps[2];
|
|
|
|
let mask = u8::from_str_radix(mask, 10)
|
|
|
|
.map(|mask| {
|
|
|
|
if !(mask >= 1 && mask <= 128) {
|
|
|
|
bail!("IPv6 mask '{}' is out of range (1..128).", mask);
|
|
|
|
}
|
|
|
|
Ok(mask)
|
|
|
|
})?;
|
|
|
|
return Ok((address.to_string(), mask.unwrap(), true));
|
|
|
|
} else {
|
|
|
|
bail!("invalid address/mask '{}'", cidr);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-04-21 08:32:54 +00:00
|
|
|
pub fn get_network_interfaces() -> Result<HashMap<String, bool>, Error> {
|
|
|
|
|
|
|
|
const PROC_NET_DEV: &str = "/proc/net/dev";
|
|
|
|
|
|
|
|
#[repr(C)]
|
|
|
|
pub struct ifreq {
|
|
|
|
ifr_name: [libc::c_uchar; libc::IFNAMSIZ],
|
|
|
|
ifru_flags: libc::c_short,
|
|
|
|
}
|
|
|
|
|
|
|
|
ioctl_read_bad!(get_interface_flags, libc::SIOCGIFFLAGS, ifreq);
|
|
|
|
|
|
|
|
lazy_static!{
|
|
|
|
static ref IFACE_LINE_REGEX: Regex = Regex::new(r"^\s*([^:\s]+):").unwrap();
|
|
|
|
}
|
|
|
|
let raw = std::fs::read_to_string(PROC_NET_DEV)
|
|
|
|
.map_err(|err| format_err!("unable to read {} - {}", PROC_NET_DEV, err))?;
|
|
|
|
|
|
|
|
let lines = raw.lines();
|
|
|
|
|
|
|
|
let sock = socket(AddressFamily::Inet, SockType::Datagram, SockFlag::empty(), None)
|
|
|
|
.or_else(|_| socket(AddressFamily::Inet6, SockType::Datagram, SockFlag::empty(), None))?;
|
|
|
|
|
|
|
|
let mut interface_list = HashMap::new();
|
|
|
|
|
|
|
|
for line in lines {
|
|
|
|
if let Some(cap) = IFACE_LINE_REGEX.captures(line) {
|
|
|
|
let ifname = &cap[1];
|
|
|
|
|
|
|
|
let mut req = ifreq { ifr_name: *b"0000000000000000", ifru_flags: 0 };
|
|
|
|
for (i, b) in std::ffi::CString::new(ifname)?.as_bytes_with_nul().iter().enumerate() {
|
|
|
|
if i < (libc::IFNAMSIZ-1) { req.ifr_name[i] = *b as libc::c_uchar; }
|
|
|
|
}
|
|
|
|
let res = unsafe { get_interface_flags(sock, &mut req)? };
|
|
|
|
if res != 0 {
|
|
|
|
bail!("ioctl get_interface_flags for '{}' failed ({})", ifname, res);
|
|
|
|
}
|
|
|
|
let is_up = (req.ifru_flags & (libc::IFF_UP as libc::c_short)) != 0;
|
|
|
|
interface_list.insert(ifname.to_string(), is_up);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(interface_list)
|
|
|
|
}
|
2020-04-24 07:55:46 +00:00
|
|
|
|
|
|
|
pub fn compute_file_diff(filename: &str, shadow: &str) -> Result<String, Error> {
|
|
|
|
|
|
|
|
let output = Command::new("/usr/bin/diff")
|
|
|
|
.arg("-b")
|
|
|
|
.arg("-u")
|
|
|
|
.arg(filename)
|
|
|
|
.arg(shadow)
|
|
|
|
.output()
|
|
|
|
.map_err(|err| format_err!("failed to execute diff - {}", err))?;
|
|
|
|
|
|
|
|
if !output.status.success() {
|
|
|
|
match output.status.code() {
|
|
|
|
Some(code) => {
|
|
|
|
if code == 0 { return Ok(String::new()); }
|
|
|
|
if code != 1 {
|
|
|
|
let msg = String::from_utf8(output.stderr)
|
|
|
|
.map(|m| if m.is_empty() { String::from("no error message") } else { m })
|
|
|
|
.unwrap_or_else(|_| String::from("non utf8 error message (suppressed)"));
|
|
|
|
|
|
|
|
bail!("diff failed with status code: {} - {}", code, msg);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
None => bail!("diff terminated by signal"),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
let diff = String::from_utf8(output.stdout)?;
|
|
|
|
|
|
|
|
Ok(diff)
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn assert_ifupdown2_installed() -> Result<(), Error> {
|
|
|
|
if !Path::new("/usr/share/ifupdown2").exists() {
|
|
|
|
bail!("ifupdown2 is not installed.");
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn network_reload() -> Result<(), Error> {
|
|
|
|
|
|
|
|
let status = Command::new("/sbin/ifreload")
|
|
|
|
.arg("-a")
|
|
|
|
.status()
|
|
|
|
.map_err(|err| format_err!("failed to execute ifreload: - {}", err))?;
|
|
|
|
|
|
|
|
if !status.success() {
|
|
|
|
match status.code() {
|
|
|
|
Some(code) => bail!("ifreload failed with status code: {}", code),
|
|
|
|
None => bail!("ifreload terminated by signal")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
}
|