]>
Commit | Line | Data |
---|---|---|
e143e9d8 DM |
1 | package PVE::Tools; |
2 | ||
3 | use strict; | |
c36f332e | 4 | use warnings; |
dc4bc969 | 5 | |
2531c455 TL |
6 | use Date::Format qw(time2str); |
7 | use Digest::MD5; | |
8 | use Digest::SHA; | |
9 | use Encode; | |
10 | use Fcntl qw(:DEFAULT :flock); | |
e143e9d8 DM |
11 | use File::Basename; |
12 | use File::Path qw(make_path); | |
97c8c857 | 13 | use Filesys::Df (); # don't overwrite our df() |
7eb283fb | 14 | use IO::Dir; |
2531c455 | 15 | use IO::File; |
21c56a96 | 16 | use IO::Handle; |
2531c455 TL |
17 | use IO::Pipe; |
18 | use IO::Select; | |
19 | use IO::Socket::IP; | |
e143e9d8 | 20 | use IPC::Open3; |
f2c72fc3 | 21 | use JSON; |
2531c455 TL |
22 | use POSIX qw(EINTR EEXIST EOPNOTSUPP); |
23 | use Scalar::Util 'weaken'; | |
24 | use Socket qw(AF_INET AF_INET6 AI_ALL AI_V4MAPPED AI_CANONNAME SOCK_DGRAM IPPROTO_TCP); | |
7514b23a | 25 | use String::ShellQuote; |
2531c455 | 26 | use Text::ParseWords; |
c38cea65 | 27 | use Time::HiRes qw(usleep gettimeofday tv_interval alarm); |
2531c455 TL |
28 | use URI::Escape; |
29 | use base 'Exporter'; | |
b18826ce | 30 | |
c8e94d4b | 31 | use PVE::Syscall; |
e143e9d8 | 32 | |
57eeea0c DM |
33 | # avoid warning when parsing long hex values with hex() |
34 | no warnings 'portable'; # Support for 64-bit ints required | |
35 | ||
e143e9d8 | 36 | our @EXPORT_OK = qw( |
602ec0cd DM |
37 | $IPV6RE |
38 | $IPV4RE | |
813a5c0d | 39 | lock_file |
493004a2 | 40 | lock_file_full |
813a5c0d DC |
41 | run_command |
42 | file_set_contents | |
e143e9d8 DM |
43 | file_get_contents |
44 | file_read_firstline | |
7eb283fb DM |
45 | dir_glob_regex |
46 | dir_glob_foreach | |
e143e9d8 DM |
47 | split_list |
48 | template_replace | |
49 | safe_print | |
50 | trim | |
51 | extract_param | |
40682a69 | 52 | extract_sensitive_params |
23e0e0d7 | 53 | file_copy |
ce007e99 | 54 | get_host_arch |
c0647765 WB |
55 | O_PATH |
56 | O_TMPFILE | |
1b0bc6c0 WB |
57 | AT_EMPTY_PATH |
58 | AT_FDCWD | |
59 | CLONE_NEWNS | |
60 | CLONE_NEWUTS | |
61 | CLONE_NEWIPC | |
62 | CLONE_NEWUSER | |
63 | CLONE_NEWPID | |
64 | CLONE_NEWNET | |
e143e9d8 DM |
65 | ); |
66 | ||
67 | my $pvelogdir = "/var/log/pve"; | |
68 | my $pvetaskdir = "$pvelogdir/tasks"; | |
69 | ||
70 | mkdir $pvelogdir; | |
71 | mkdir $pvetaskdir; | |
72 | ||
cd9bd252 | 73 | my $IPV4OCTET = "(?:25[0-5]|(?:2[0-4]|1[0-9]|[1-9])?[0-9])"; |
602ec0cd DM |
74 | our $IPV4RE = "(?:(?:$IPV4OCTET\\.){3}$IPV4OCTET)"; |
75 | my $IPV6H16 = "(?:[0-9a-fA-F]{1,4})"; | |
76 | my $IPV6LS32 = "(?:(?:$IPV4RE|$IPV6H16:$IPV6H16))"; | |
77 | ||
78 | our $IPV6RE = "(?:" . | |
79 | "(?:(?:" . "(?:$IPV6H16:){6})$IPV6LS32)|" . | |
80 | "(?:(?:" . "::(?:$IPV6H16:){5})$IPV6LS32)|" . | |
81 | "(?:(?:(?:" . "$IPV6H16)?::(?:$IPV6H16:){4})$IPV6LS32)|" . | |
82 | "(?:(?:(?:(?:$IPV6H16:){0,1}$IPV6H16)?::(?:$IPV6H16:){3})$IPV6LS32)|" . | |
83 | "(?:(?:(?:(?:$IPV6H16:){0,2}$IPV6H16)?::(?:$IPV6H16:){2})$IPV6LS32)|" . | |
84 | "(?:(?:(?:(?:$IPV6H16:){0,3}$IPV6H16)?::(?:$IPV6H16:){1})$IPV6LS32)|" . | |
85 | "(?:(?:(?:(?:$IPV6H16:){0,4}$IPV6H16)?::" . ")$IPV6LS32)|" . | |
86 | "(?:(?:(?:(?:$IPV6H16:){0,5}$IPV6H16)?::" . ")$IPV6H16)|" . | |
87 | "(?:(?:(?:(?:$IPV6H16:){0,6}$IPV6H16)?::" . ")))"; | |
88 | ||
176b1186 WB |
89 | our $IPRE = "(?:$IPV4RE|$IPV6RE)"; |
90 | ||
4c4bd104 FE |
91 | our $EMAIL_USER_RE = qr/[\w\+\-\~]+(\.[\w\+\-\~]+)*/; |
92 | our $EMAIL_RE = qr/$EMAIL_USER_RE@[a-zA-Z0-9\-]+(\.[a-zA-Z0-9\-]+)*/; | |
93 | ||
be8f0477 | 94 | use constant {CLONE_NEWNS => 0x00020000, |
952fd95e WB |
95 | CLONE_NEWUTS => 0x04000000, |
96 | CLONE_NEWIPC => 0x08000000, | |
97 | CLONE_NEWUSER => 0x10000000, | |
98 | CLONE_NEWPID => 0x20000000, | |
be8f0477 | 99 | CLONE_NEWNET => 0x40000000}; |
952fd95e | 100 | |
26598a51 | 101 | use constant {O_PATH => 0x00200000, |
b260d4e3 | 102 | O_CLOEXEC => 0x00080000, |
4cb946a8 | 103 | O_TMPFILE => 0x00400000 | O_DIRECTORY}; |
44acb12c | 104 | |
1b0bc6c0 WB |
105 | use constant {AT_EMPTY_PATH => 0x1000, |
106 | AT_FDCWD => -100}; | |
6cf6b404 | 107 | |
bd9eb367 WB |
108 | # from <linux/fs.h> |
109 | use constant {RENAME_NOREPLACE => (1 << 0), | |
110 | RENAME_EXCHANGE => (1 << 1), | |
111 | RENAME_WHITEOUT => (1 << 2)}; | |
112 | ||
0f0990f1 DM |
113 | sub run_with_timeout { |
114 | my ($timeout, $code, @param) = @_; | |
e143e9d8 | 115 | |
0f0990f1 | 116 | die "got timeout\n" if $timeout <= 0; |
e143e9d8 | 117 | |
c38cea65 | 118 | my $prev_alarm = alarm 0; # suspend outer alarm early |
0f0990f1 DM |
119 | |
120 | my $sigcount = 0; | |
e143e9d8 DM |
121 | |
122 | my $res; | |
123 | ||
e143e9d8 | 124 | eval { |
0f0990f1 DM |
125 | local $SIG{ALRM} = sub { $sigcount++; die "got timeout\n"; }; |
126 | local $SIG{PIPE} = sub { $sigcount++; die "broken pipe\n" }; | |
127 | local $SIG{__DIE__}; # see SA bug 4631 | |
e143e9d8 | 128 | |
c38cea65 | 129 | alarm($timeout); |
e143e9d8 | 130 | |
c38cea65 | 131 | eval { $res = &$code(@param); }; |
0f0990f1 DM |
132 | |
133 | alarm(0); # avoid race conditions | |
c38cea65 WB |
134 | |
135 | die $@ if $@; | |
0f0990f1 DM |
136 | }; |
137 | ||
138 | my $err = $@; | |
139 | ||
c38cea65 | 140 | alarm $prev_alarm; |
0f0990f1 | 141 | |
c38cea65 | 142 | # this shouldn't happen anymore? |
0f0990f1 DM |
143 | die "unknown error" if $sigcount && !$err; # seems to happen sometimes |
144 | ||
145 | die $err if $err; | |
146 | ||
147 | return $res; | |
148 | } | |
e143e9d8 | 149 | |
0f0990f1 | 150 | # flock: we use one file handle per process, so lock file |
d9f86d0d WB |
151 | # can be nested multiple times and succeeds for the same process. |
152 | # | |
153 | # Since this is the only way we lock now and we don't have the old | |
154 | # 'lock(); code(); unlock();' pattern anymore we do not actually need to | |
155 | # count how deep we're nesting. Therefore this hash now stores a weak reference | |
156 | # to a boolean telling us whether we already have a lock. | |
0f0990f1 DM |
157 | |
158 | my $lock_handles = {}; | |
159 | ||
493004a2 DM |
160 | sub lock_file_full { |
161 | my ($filename, $timeout, $shared, $code, @param) = @_; | |
0f0990f1 DM |
162 | |
163 | $timeout = 10 if !$timeout; | |
164 | ||
493004a2 DM |
165 | my $mode = $shared ? LOCK_SH : LOCK_EX; |
166 | ||
d9f86d0d | 167 | my $lockhash = ($lock_handles->{$$} //= {}); |
e143e9d8 | 168 | |
d9f86d0d WB |
169 | # Returns a locked file handle. |
170 | my $get_locked_file = sub { | |
171 | my $fh = IO::File->new(">>$filename") | |
172 | or die "can't open file - $!\n"; | |
173 | ||
174 | if (!flock($fh, $mode|LOCK_NB)) { | |
91bae4c0 | 175 | print STDERR "trying to acquire lock...\n"; |
b5d12b08 DM |
176 | my $success; |
177 | while(1) { | |
d9f86d0d | 178 | $success = flock($fh, $mode); |
b5d12b08 DM |
179 | # try again on EINTR (see bug #273) |
180 | if ($success || ($! != EINTR)) { | |
181 | last; | |
182 | } | |
183 | } | |
d9f86d0d WB |
184 | if (!$success) { |
185 | print STDERR " failed\n"; | |
186 | die "can't acquire lock '$filename' - $!\n"; | |
187 | } | |
188 | print STDERR " OK\n"; | |
189 | } | |
190 | ||
191 | return $fh; | |
e143e9d8 DM |
192 | }; |
193 | ||
0f0990f1 | 194 | my $res; |
d9f86d0d WB |
195 | my $checkptr = $lockhash->{$filename}; |
196 | my $check = 0; # This must not go out of scope before running the code. | |
197 | my $local_fh; # This must stay local | |
198 | if (!$checkptr || !$$checkptr) { | |
199 | # We cannot create a weak reference in a single atomic step, so we first | |
200 | # create a false-value, then create a reference to it, then weaken it, | |
201 | # and after successfully locking the file we change the boolean value. | |
202 | # | |
203 | # The reason for this is that if an outer SIGALRM throws an exception | |
204 | # between creating the reference and weakening it, a subsequent call to | |
205 | # lock_file_full() will see a leftover full reference to a valid | |
206 | # variable. This variable must be 0 in order for said call to attempt to | |
207 | # lock the file anew. | |
208 | # | |
209 | # An externally triggered exception elsewhere in the code will cause the | |
210 | # weak reference to become 'undef', and since the file handle is only | |
211 | # stored in the local scope in $local_fh, the file will be closed by | |
212 | # perl's cleanup routines as well. | |
213 | # | |
214 | # This still assumes that an IO::File handle can properly deal with such | |
215 | # exceptions thrown during its own destruction, but that's up to perls | |
216 | # guts now. | |
217 | $lockhash->{$filename} = \$check; | |
218 | weaken $lockhash->{$filename}; | |
219 | $local_fh = eval { run_with_timeout($timeout, $get_locked_file) }; | |
220 | if ($@) { | |
221 | $@ = "can't lock file '$filename' - $@"; | |
222 | return undef; | |
f127adab | 223 | } |
d9f86d0d | 224 | $check = 1; |
e143e9d8 | 225 | } |
d9f86d0d WB |
226 | $res = eval { &$code(@param); }; |
227 | return undef if $@; | |
e143e9d8 DM |
228 | return $res; |
229 | } | |
230 | ||
493004a2 DM |
231 | |
232 | sub lock_file { | |
233 | my ($filename, $timeout, $code, @param) = @_; | |
234 | ||
235 | return lock_file_full($filename, $timeout, 0, $code, @param); | |
236 | } | |
237 | ||
e143e9d8 DM |
238 | sub file_set_contents { |
239 | my ($filename, $data, $perm) = @_; | |
240 | ||
241 | $perm = 0644 if !defined($perm); | |
242 | ||
243 | my $tmpname = "$filename.tmp.$$"; | |
244 | ||
245 | eval { | |
ce338f4f WB |
246 | my ($fh, $tries) = (undef, 0); |
247 | while (!$fh && $tries++ < 3) { | |
248 | $fh = IO::File->new($tmpname, O_WRONLY|O_CREAT|O_EXCL, $perm); | |
249 | if (!$fh && $! == EEXIST) { | |
250 | unlink($tmpname) or die "unable to delete old temp file: $!\n"; | |
251 | } | |
252 | } | |
e143e9d8 DM |
253 | die "unable to open file '$tmpname' - $!\n" if !$fh; |
254 | die "unable to write '$tmpname' - $!\n" unless print $fh $data; | |
255 | die "closing file '$tmpname' failed - $!\n" unless close $fh; | |
256 | }; | |
257 | my $err = $@; | |
258 | ||
259 | if ($err) { | |
260 | unlink $tmpname; | |
261 | die $err; | |
262 | } | |
263 | ||
264 | if (!rename($tmpname, $filename)) { | |
265 | my $msg = "close (rename) atomic file '$filename' failed: $!\n"; | |
266 | unlink $tmpname; | |
813a5c0d | 267 | die $msg; |
e143e9d8 DM |
268 | } |
269 | } | |
270 | ||
271 | sub file_get_contents { | |
272 | my ($filename, $max) = @_; | |
273 | ||
274 | my $fh = IO::File->new($filename, "r") || | |
275 | die "can't open '$filename' - $!\n"; | |
276 | ||
034a8181 | 277 | my $content = safe_read_from($fh, $max, 0, $filename); |
e143e9d8 DM |
278 | |
279 | close $fh; | |
280 | ||
281 | return $content; | |
282 | } | |
283 | ||
23e0e0d7 WL |
284 | sub file_copy { |
285 | my ($filename, $dst, $max, $perm) = @_; | |
286 | ||
287 | file_set_contents ($dst, file_get_contents($filename, $max), $perm); | |
288 | } | |
289 | ||
e143e9d8 DM |
290 | sub file_read_firstline { |
291 | my ($filename) = @_; | |
292 | ||
293 | my $fh = IO::File->new ($filename, "r"); | |
294 | return undef if !$fh; | |
295 | my $res = <$fh>; | |
88955a2e | 296 | chomp $res if $res; |
e143e9d8 DM |
297 | $fh->close; |
298 | return $res; | |
299 | } | |
300 | ||
301 | sub safe_read_from { | |
034a8181 | 302 | my ($fh, $max, $oneline, $filename) = @_; |
e143e9d8 | 303 | |
8fb28ab9 | 304 | # pmxcfs file size limit |
d94f7005 | 305 | $max = 1024 * 1024 if !$max; |
e143e9d8 | 306 | |
034a8181 DM |
307 | my $subject = defined($filename) ? "file '$filename'" : 'input'; |
308 | ||
e143e9d8 DM |
309 | my $br = 0; |
310 | my $input = ''; | |
311 | my $count; | |
312 | while ($count = sysread($fh, $input, 8192, $br)) { | |
313 | $br += $count; | |
034a8181 | 314 | die "$subject too long - aborting\n" if $br > $max; |
e143e9d8 DM |
315 | if ($oneline && $input =~ m/^(.*)\n/) { |
316 | $input = $1; | |
317 | last; | |
318 | } | |
813a5c0d | 319 | } |
034a8181 | 320 | die "unable to read $subject - $!\n" if !defined($count); |
e143e9d8 DM |
321 | |
322 | return $input; | |
323 | } | |
324 | ||
bd9c3a36 WB |
325 | # The $cmd parameter can be: |
326 | # -) a string | |
327 | # This is generally executed by passing it to the shell with the -c option. | |
328 | # However, it can be executed in one of two ways, depending on whether | |
329 | # there's a pipe involved: | |
330 | # *) with pipe: passed explicitly to bash -c, prefixed with: | |
331 | # set -o pipefail && | |
332 | # *) without a pipe: passed to perl's open3 which uses 'sh -c' | |
333 | # (Note that this may result in two different syntax requirements!) | |
334 | # FIXME? | |
335 | # -) an array of arguments (strings) | |
336 | # Will be executed without interference from a shell. (Parameters are passed | |
337 | # as is, no escape sequences of strings will be touched.) | |
fcdc0cfc WB |
338 | # -) an array of arrays |
339 | # Each array represents a command, and each command's output is piped into | |
340 | # the following command's standard input. | |
341 | # For this a shell command string is created with pipe symbols between each | |
342 | # command. | |
343 | # Each command is a list of strings meant to end up in the final command | |
344 | # unchanged. In order to achieve this, every argument is shell-quoted. | |
345 | # Quoting can be disabled for a particular argument by turning it into a | |
346 | # reference, this allows inserting arbitrary shell options. | |
347 | # For instance: the $cmd [ [ 'echo', 'hello', \'>/dev/null' ] ] will not | |
348 | # produce any output, while the $cmd [ [ 'echo', 'hello', '>/dev/null' ] ] | |
349 | # will literally print: hello >/dev/null | |
e143e9d8 DM |
350 | sub run_command { |
351 | my ($cmd, %param) = @_; | |
352 | ||
353 | my $old_umask; | |
ded47a61 | 354 | my $cmdstr; |
e143e9d8 | 355 | |
fcdc0cfc WB |
356 | if (my $ref = ref($cmd)) { |
357 | if (ref($cmd->[0])) { | |
358 | $cmdstr = 'set -o pipefail && '; | |
359 | my $pipe = ''; | |
360 | foreach my $command (@$cmd) { | |
361 | # concatenate quoted parameters | |
362 | # strings which are passed by reference are NOT shell quoted | |
363 | $cmdstr .= $pipe . join(' ', map { ref($_) ? $$_ : shellquote($_) } @$command); | |
364 | $pipe = ' | '; | |
365 | } | |
1a0c0103 | 366 | $cmd = [ '/bin/bash', '-c', "$cmdstr" ]; |
fcdc0cfc WB |
367 | } else { |
368 | $cmdstr = cmd2string($cmd); | |
369 | } | |
370 | } else { | |
ded47a61 | 371 | $cmdstr = $cmd; |
22d4efe6 | 372 | if ($cmd =~ m/\|/) { |
e0cabd2c DM |
373 | # see 'man bash' for option pipefail |
374 | $cmd = [ '/bin/bash', '-c', "set -o pipefail && $cmd" ]; | |
375 | } else { | |
376 | $cmd = [ $cmd ]; | |
377 | } | |
ded47a61 | 378 | } |
e143e9d8 DM |
379 | |
380 | my $errmsg; | |
381 | my $laststderr; | |
382 | my $timeout; | |
383 | my $oldtimeout; | |
384 | my $pid; | |
38d9aa12 | 385 | my $exitcode = -1; |
e143e9d8 | 386 | |
4630cb95 DM |
387 | my $outfunc; |
388 | my $errfunc; | |
389 | my $logfunc; | |
390 | my $input; | |
391 | my $output; | |
a417477c | 392 | my $afterfork; |
7e826928 | 393 | my $noerr; |
0f3f314e | 394 | my $keeplocale; |
ed61b9d6 | 395 | my $quiet; |
4630cb95 | 396 | |
e143e9d8 | 397 | eval { |
e143e9d8 DM |
398 | |
399 | foreach my $p (keys %param) { | |
400 | if ($p eq 'timeout') { | |
401 | $timeout = $param{$p}; | |
402 | } elsif ($p eq 'umask') { | |
eb9e24df | 403 | $old_umask = umask($param{$p}); |
e143e9d8 DM |
404 | } elsif ($p eq 'errmsg') { |
405 | $errmsg = $param{$p}; | |
e143e9d8 DM |
406 | } elsif ($p eq 'input') { |
407 | $input = $param{$p}; | |
1c50a24a DM |
408 | } elsif ($p eq 'output') { |
409 | $output = $param{$p}; | |
e143e9d8 DM |
410 | } elsif ($p eq 'outfunc') { |
411 | $outfunc = $param{$p}; | |
412 | } elsif ($p eq 'errfunc') { | |
413 | $errfunc = $param{$p}; | |
776fbfa8 DM |
414 | } elsif ($p eq 'logfunc') { |
415 | $logfunc = $param{$p}; | |
a417477c DM |
416 | } elsif ($p eq 'afterfork') { |
417 | $afterfork = $param{$p}; | |
7e826928 TL |
418 | } elsif ($p eq 'noerr') { |
419 | $noerr = $param{$p}; | |
0f3f314e DC |
420 | } elsif ($p eq 'keeplocale') { |
421 | $keeplocale = $param{$p}; | |
ed61b9d6 TL |
422 | } elsif ($p eq 'quiet') { |
423 | $quiet = $param{$p}; | |
e143e9d8 DM |
424 | } else { |
425 | die "got unknown parameter '$p' for run_command\n"; | |
426 | } | |
427 | } | |
428 | ||
4630cb95 DM |
429 | if ($errmsg) { |
430 | my $origerrfunc = $errfunc; | |
431 | $errfunc = sub { | |
432 | if ($laststderr) { | |
433 | if ($origerrfunc) { | |
434 | &$origerrfunc("$laststderr\n"); | |
435 | } else { | |
436 | print STDERR "$laststderr\n" if $laststderr; | |
437 | } | |
438 | } | |
813a5c0d | 439 | $laststderr = shift; |
4630cb95 DM |
440 | }; |
441 | } | |
442 | ||
1c50a24a DM |
443 | my $reader = $output && $output =~ m/^>&/ ? $output : IO::File->new(); |
444 | my $writer = $input && $input =~ m/^<&/ ? $input : IO::File->new(); | |
445 | my $error = IO::File->new(); | |
446 | ||
e143e9d8 DM |
447 | my $orig_pid = $$; |
448 | ||
449 | eval { | |
0f3f314e | 450 | local $ENV{LC_ALL} = 'C' if !$keeplocale; |
e143e9d8 DM |
451 | |
452 | # suppress LVM warnings like: "File descriptor 3 left open"; | |
453 | local $ENV{LVM_SUPPRESS_FD_WARNINGS} = "1"; | |
454 | ||
455 | $pid = open3($writer, $reader, $error, @$cmd) || die $!; | |
f38995ab | 456 | |
b296c4dd TL |
457 | # if we pipe fron STDIN, open3 closes STDIN, so we get a perl warning like |
458 | # "Filehandle STDIN reopened as GENXYZ .. " as soon as we open a new file. | |
f38995ab DM |
459 | # to avoid that we open /dev/null |
460 | if (!ref($writer) && !defined(fileno(STDIN))) { | |
461 | POSIX::close(0); | |
7ac222d1 | 462 | open(STDIN, '<', '/dev/null'); |
f38995ab | 463 | } |
e143e9d8 DM |
464 | }; |
465 | ||
466 | my $err = $@; | |
467 | ||
468 | # catch exec errors | |
469 | if ($orig_pid != $$) { | |
470 | warn "ERROR: $err"; | |
813a5c0d DC |
471 | POSIX::_exit (1); |
472 | kill ('KILL', $$); | |
e143e9d8 DM |
473 | } |
474 | ||
475 | die $err if $err; | |
476 | ||
477 | local $SIG{ALRM} = sub { die "got timeout\n"; } if $timeout; | |
478 | $oldtimeout = alarm($timeout) if $timeout; | |
479 | ||
a417477c DM |
480 | &$afterfork() if $afterfork; |
481 | ||
f38995ab DM |
482 | if (ref($writer)) { |
483 | print $writer $input if defined $input; | |
484 | close $writer; | |
485 | } | |
e143e9d8 | 486 | |
7ac222d1 | 487 | my $select = IO::Select->new(); |
f38995ab | 488 | $select->add($reader) if ref($reader); |
e143e9d8 DM |
489 | $select->add($error); |
490 | ||
491 | my $outlog = ''; | |
492 | my $errlog = ''; | |
493 | ||
494 | my $starttime = time(); | |
495 | ||
496 | while ($select->count) { | |
497 | my @handles = $select->can_read(1); | |
498 | ||
499 | foreach my $h (@handles) { | |
500 | my $buf = ''; | |
501 | my $count = sysread ($h, $buf, 4096); | |
502 | if (!defined ($count)) { | |
503 | my $err = $!; | |
504 | kill (9, $pid); | |
505 | waitpid ($pid, 0); | |
506 | die $err; | |
507 | } | |
508 | $select->remove ($h) if !$count; | |
509 | if ($h eq $reader) { | |
776fbfa8 | 510 | if ($outfunc || $logfunc) { |
e143e9d8 | 511 | eval { |
ba104d67 | 512 | while ($buf =~ s/^([^\010\r\n]*)(?:\n|(?:\010)+|\r\n?)//) { |
cb9db10c DC |
513 | my $line = $outlog . $1; |
514 | $outlog = ''; | |
776fbfa8 DM |
515 | &$outfunc($line) if $outfunc; |
516 | &$logfunc($line) if $logfunc; | |
e143e9d8 | 517 | } |
cb9db10c | 518 | $outlog .= $buf; |
e143e9d8 DM |
519 | }; |
520 | my $err = $@; | |
521 | if ($err) { | |
522 | kill (9, $pid); | |
523 | waitpid ($pid, 0); | |
524 | die $err; | |
525 | } | |
ed61b9d6 | 526 | } elsif (!$quiet) { |
e143e9d8 DM |
527 | print $buf; |
528 | *STDOUT->flush(); | |
529 | } | |
530 | } elsif ($h eq $error) { | |
776fbfa8 | 531 | if ($errfunc || $logfunc) { |
e143e9d8 | 532 | eval { |
ba104d67 | 533 | while ($buf =~ s/^([^\010\r\n]*)(?:\n|(?:\010)+|\r\n?)//) { |
cb9db10c DC |
534 | my $line = $errlog . $1; |
535 | $errlog = ''; | |
776fbfa8 DM |
536 | &$errfunc($line) if $errfunc; |
537 | &$logfunc($line) if $logfunc; | |
e143e9d8 | 538 | } |
cb9db10c | 539 | $errlog .= $buf; |
e143e9d8 DM |
540 | }; |
541 | my $err = $@; | |
542 | if ($err) { | |
543 | kill (9, $pid); | |
544 | waitpid ($pid, 0); | |
545 | die $err; | |
546 | } | |
ed61b9d6 | 547 | } elsif (!$quiet) { |
e143e9d8 DM |
548 | print STDERR $buf; |
549 | *STDERR->flush(); | |
550 | } | |
551 | } | |
552 | } | |
553 | } | |
554 | ||
555 | &$outfunc($outlog) if $outfunc && $outlog; | |
776fbfa8 DM |
556 | &$logfunc($outlog) if $logfunc && $outlog; |
557 | ||
e143e9d8 | 558 | &$errfunc($errlog) if $errfunc && $errlog; |
776fbfa8 | 559 | &$logfunc($errlog) if $logfunc && $errlog; |
e143e9d8 DM |
560 | |
561 | waitpid ($pid, 0); | |
813a5c0d | 562 | |
e143e9d8 DM |
563 | if ($? == -1) { |
564 | die "failed to execute\n"; | |
565 | } elsif (my $sig = ($? & 127)) { | |
566 | die "got signal $sig\n"; | |
7e826928 TL |
567 | } elsif ($exitcode = ($? >> 8)) { |
568 | if (!($exitcode == 24 && ($cmdstr =~ m|^(\S+/)?rsync\s|))) { | |
1c50a24a DM |
569 | if ($errmsg && $laststderr) { |
570 | my $lerr = $laststderr; | |
571 | $laststderr = undef; | |
572 | die "$lerr\n"; | |
573 | } | |
7e826928 | 574 | die "exit code $exitcode\n"; |
e143e9d8 | 575 | } |
e143e9d8 DM |
576 | } |
577 | ||
578 | alarm(0); | |
579 | }; | |
580 | ||
581 | my $err = $@; | |
582 | ||
583 | alarm(0); | |
584 | ||
4630cb95 DM |
585 | if ($errmsg && $laststderr) { |
586 | &$errfunc(undef); # flush laststderr | |
587 | } | |
e143e9d8 DM |
588 | |
589 | umask ($old_umask) if defined($old_umask); | |
590 | ||
591 | alarm($oldtimeout) if $oldtimeout; | |
592 | ||
593 | if ($err) { | |
594 | if ($pid && ($err eq "got timeout\n")) { | |
595 | kill (9, $pid); | |
596 | waitpid ($pid, 0); | |
597 | die "command '$cmdstr' failed: $err"; | |
598 | } | |
599 | ||
600 | if ($errmsg) { | |
adbc988d | 601 | $err =~ s/^usermod:\s*// if $cmdstr =~ m|^(\S+/)?usermod\s|; |
e143e9d8 | 602 | die "$errmsg: $err"; |
7e826928 | 603 | } elsif(!$noerr) { |
e143e9d8 DM |
604 | die "command '$cmdstr' failed: $err"; |
605 | } | |
606 | } | |
1c50a24a | 607 | |
7e826928 | 608 | return $exitcode; |
e143e9d8 DM |
609 | } |
610 | ||
2d38b8a1 TL |
611 | # Run a command with a tcp socket as standard input. |
612 | sub pipe_socket_to_command { | |
613 | my ($cmd, $ip, $port) = @_; | |
614 | ||
615 | my $params = { | |
616 | Listen => 1, | |
617 | ReuseAddr => 1, | |
618 | Proto => &Socket::IPPROTO_TCP, | |
619 | GetAddrInfoFlags => 0, | |
620 | LocalAddr => $ip, | |
621 | LocalPort => $port, | |
622 | }; | |
623 | my $socket = IO::Socket::IP->new(%$params) or die "failed to open socket: $!\n"; | |
624 | ||
625 | print "$ip\n$port\n"; # tell remote where to connect | |
626 | *STDOUT->flush(); | |
627 | ||
628 | alarm 0; | |
629 | local $SIG{ALRM} = sub { die "timed out waiting for client\n" }; | |
630 | alarm 30; | |
631 | my $client = $socket->accept; # Wait for a client | |
632 | alarm 0; | |
633 | close($socket); | |
634 | ||
635 | # We want that the command talks over the TCP socket and takes | |
636 | # ownership of it, so that when it closes it the connection is | |
637 | # terminated, so we need to be able to close the socket. So we | |
638 | # can't really use PVE::Tools::run_command(). | |
639 | my $pid = fork() // die "fork failed: $!\n"; | |
640 | if (!$pid) { | |
641 | POSIX::dup2(fileno($client), 0); | |
642 | POSIX::dup2(fileno($client), 1); | |
643 | close($client); | |
644 | exec {$cmd->[0]} @$cmd or do { | |
645 | warn "exec failed: $!\n"; | |
646 | POSIX::_exit(1); | |
647 | }; | |
648 | } | |
649 | ||
650 | close($client); | |
651 | if (waitpid($pid, 0) != $pid) { | |
652 | kill(15 => $pid); # if we got interrupted terminate the child | |
653 | my $count = 0; | |
654 | while (waitpid($pid, POSIX::WNOHANG) != $pid) { | |
655 | usleep(100000); | |
656 | $count++; | |
657 | kill(9 => $pid), last if $count > 300; # 30 second timeout | |
658 | } | |
659 | } | |
660 | if (my $sig = ($? & 127)) { | |
661 | die "got signal $sig\n"; | |
662 | } elsif (my $exitcode = ($? >> 8)) { | |
663 | die "exit code $exitcode\n"; | |
664 | } | |
665 | ||
666 | return undef; | |
667 | } | |
668 | ||
e143e9d8 | 669 | sub split_list { |
0a3de87e | 670 | my $listtxt = shift // ''; |
e143e9d8 | 671 | |
d2b0374d | 672 | return split (/\0/, $listtxt) if $listtxt =~ m/\0/; |
813a5c0d | 673 | |
d2b0374d | 674 | $listtxt =~ s/[,;]/ /g; |
e143e9d8 DM |
675 | $listtxt =~ s/^\s+//; |
676 | ||
677 | my @data = split (/\s+/, $listtxt); | |
678 | ||
679 | return @data; | |
680 | } | |
681 | ||
682 | sub trim { | |
683 | my $txt = shift; | |
684 | ||
685 | return $txt if !defined($txt); | |
686 | ||
687 | $txt =~ s/^\s+//; | |
688 | $txt =~ s/\s+$//; | |
813a5c0d | 689 | |
e143e9d8 DM |
690 | return $txt; |
691 | } | |
692 | ||
693 | # simple uri templates like "/vms/{vmid}" | |
694 | sub template_replace { | |
695 | my ($tmpl, $data) = @_; | |
696 | ||
3250f5c7 | 697 | return $tmpl if !$tmpl; |
813a5c0d | 698 | |
e143e9d8 | 699 | my $res = ''; |
14410e5f | 700 | while ($tmpl =~ m/([^{]+)?(\{([^}]+)\})?/g) { |
e143e9d8 DM |
701 | $res .= $1 if $1; |
702 | $res .= ($data->{$3} || '-') if $2; | |
703 | } | |
704 | return $res; | |
705 | } | |
706 | ||
707 | sub safe_print { | |
708 | my ($filename, $fh, $data) = @_; | |
709 | ||
710 | return if !$data; | |
711 | ||
712 | my $res = print $fh $data; | |
713 | ||
714 | die "write to '$filename' failed\n" if !$res; | |
715 | } | |
716 | ||
717 | sub debmirrors { | |
718 | ||
719 | return { | |
720 | 'at' => 'ftp.at.debian.org', | |
721 | 'au' => 'ftp.au.debian.org', | |
722 | 'be' => 'ftp.be.debian.org', | |
723 | 'bg' => 'ftp.bg.debian.org', | |
724 | 'br' => 'ftp.br.debian.org', | |
725 | 'ca' => 'ftp.ca.debian.org', | |
726 | 'ch' => 'ftp.ch.debian.org', | |
727 | 'cl' => 'ftp.cl.debian.org', | |
728 | 'cz' => 'ftp.cz.debian.org', | |
729 | 'de' => 'ftp.de.debian.org', | |
730 | 'dk' => 'ftp.dk.debian.org', | |
731 | 'ee' => 'ftp.ee.debian.org', | |
732 | 'es' => 'ftp.es.debian.org', | |
733 | 'fi' => 'ftp.fi.debian.org', | |
734 | 'fr' => 'ftp.fr.debian.org', | |
735 | 'gr' => 'ftp.gr.debian.org', | |
736 | 'hk' => 'ftp.hk.debian.org', | |
737 | 'hr' => 'ftp.hr.debian.org', | |
738 | 'hu' => 'ftp.hu.debian.org', | |
739 | 'ie' => 'ftp.ie.debian.org', | |
740 | 'is' => 'ftp.is.debian.org', | |
741 | 'it' => 'ftp.it.debian.org', | |
742 | 'jp' => 'ftp.jp.debian.org', | |
743 | 'kr' => 'ftp.kr.debian.org', | |
744 | 'mx' => 'ftp.mx.debian.org', | |
745 | 'nl' => 'ftp.nl.debian.org', | |
746 | 'no' => 'ftp.no.debian.org', | |
747 | 'nz' => 'ftp.nz.debian.org', | |
748 | 'pl' => 'ftp.pl.debian.org', | |
749 | 'pt' => 'ftp.pt.debian.org', | |
750 | 'ro' => 'ftp.ro.debian.org', | |
751 | 'ru' => 'ftp.ru.debian.org', | |
752 | 'se' => 'ftp.se.debian.org', | |
753 | 'si' => 'ftp.si.debian.org', | |
754 | 'sk' => 'ftp.sk.debian.org', | |
755 | 'tr' => 'ftp.tr.debian.org', | |
756 | 'tw' => 'ftp.tw.debian.org', | |
757 | 'gb' => 'ftp.uk.debian.org', | |
758 | 'us' => 'ftp.us.debian.org', | |
759 | }; | |
760 | } | |
761 | ||
910d57b0 DM |
762 | my $keymaphash = { |
763 | 'dk' => ['Danish', 'da', 'qwerty/dk-latin1.kmap.gz', 'dk', 'nodeadkeys'], | |
764 | 'de' => ['German', 'de', 'qwertz/de-latin1-nodeadkeys.kmap.gz', 'de', 'nodeadkeys' ], | |
813a5c0d | 765 | 'de-ch' => ['Swiss-German', 'de-ch', 'qwertz/sg-latin1.kmap.gz', 'ch', 'de_nodeadkeys' ], |
5a5ca434 DM |
766 | 'en-gb' => ['United Kingdom', 'en-gb', 'qwerty/uk.kmap.gz' , 'gb', undef], |
767 | 'en-us' => ['U.S. English', 'en-us', 'qwerty/us-latin1.kmap.gz', 'us', undef ], | |
910d57b0 DM |
768 | 'es' => ['Spanish', 'es', 'qwerty/es.kmap.gz', 'es', 'nodeadkeys'], |
769 | #'et' => [], # Ethopia or Estonia ?? | |
770 | 'fi' => ['Finnish', 'fi', 'qwerty/fi-latin1.kmap.gz', 'fi', 'nodeadkeys'], | |
771 | #'fo' => ['Faroe Islands', 'fo', ???, 'fo', 'nodeadkeys'], | |
772 | 'fr' => ['French', 'fr', 'azerty/fr-latin1.kmap.gz', 'fr', 'nodeadkeys'], | |
773 | 'fr-be' => ['Belgium-French', 'fr-be', 'azerty/be2-latin1.kmap.gz', 'be', 'nodeadkeys'], | |
774 | 'fr-ca' => ['Canada-French', 'fr-ca', 'qwerty/cf.kmap.gz', 'ca', 'fr-legacy'], | |
775 | 'fr-ch' => ['Swiss-French', 'fr-ch', 'qwertz/fr_CH-latin1.kmap.gz', 'ch', 'fr_nodeadkeys'], | |
776 | #'hr' => ['Croatia', 'hr', 'qwertz/croat.kmap.gz', 'hr', ??], # latin2? | |
777 | 'hu' => ['Hungarian', 'hu', 'qwertz/hu.kmap.gz', 'hu', undef], | |
778 | 'is' => ['Icelandic', 'is', 'qwerty/is-latin1.kmap.gz', 'is', 'nodeadkeys'], | |
779 | 'it' => ['Italian', 'it', 'qwerty/it2.kmap.gz', 'it', 'nodeadkeys'], | |
780 | 'jp' => ['Japanese', 'ja', 'qwerty/jp106.kmap.gz', 'jp', undef], | |
781 | 'lt' => ['Lithuanian', 'lt', 'qwerty/lt.kmap.gz', 'lt', 'std'], | |
782 | #'lv' => ['Latvian', 'lv', 'qwerty/lv-latin4.kmap.gz', 'lv', ??], # latin4 or latin7? | |
783 | 'mk' => ['Macedonian', 'mk', 'qwerty/mk.kmap.gz', 'mk', 'nodeadkeys'], | |
784 | 'nl' => ['Dutch', 'nl', 'qwerty/nl.kmap.gz', 'nl', undef], | |
785 | #'nl-be' => ['Belgium-Dutch', 'nl-be', ?, ?, ?], | |
813a5c0d | 786 | 'no' => ['Norwegian', 'no', 'qwerty/no-latin1.kmap.gz', 'no', 'nodeadkeys'], |
910d57b0 DM |
787 | 'pl' => ['Polish', 'pl', 'qwerty/pl.kmap.gz', 'pl', undef], |
788 | 'pt' => ['Portuguese', 'pt', 'qwerty/pt-latin1.kmap.gz', 'pt', 'nodeadkeys'], | |
789 | 'pt-br' => ['Brazil-Portuguese', 'pt-br', 'qwerty/br-latin1.kmap.gz', 'br', 'nodeadkeys'], | |
fb3a1b29 | 790 | #'ru' => ['Russian', 'ru', 'qwerty/ru.kmap.gz', 'ru', undef], # don't know? |
910d57b0 | 791 | 'si' => ['Slovenian', 'sl', 'qwertz/slovene.kmap.gz', 'si', undef], |
9934cd0b | 792 | 'se' => ['Swedish', 'sv', 'qwerty/se-latin1.kmap.gz', 'se', 'nodeadkeys'], |
910d57b0 | 793 | #'th' => [], |
c10cc112 | 794 | 'tr' => ['Turkish', 'tr', 'qwerty/trq.kmap.gz', 'tr', undef], |
910d57b0 DM |
795 | }; |
796 | ||
797 | my $kvmkeymaparray = []; | |
0a7de820 | 798 | foreach my $lc (sort keys %$keymaphash) { |
910d57b0 DM |
799 | push @$kvmkeymaparray, $keymaphash->{$lc}->[1]; |
800 | } | |
801 | ||
e143e9d8 | 802 | sub kvmkeymaps { |
910d57b0 DM |
803 | return $keymaphash; |
804 | } | |
805 | ||
806 | sub kvmkeymaplist { | |
807 | return $kvmkeymaparray; | |
e143e9d8 DM |
808 | } |
809 | ||
810 | sub extract_param { | |
811 | my ($param, $key) = @_; | |
812 | ||
813 | my $res = $param->{$key}; | |
814 | delete $param->{$key}; | |
815 | ||
816 | return $res; | |
817 | } | |
818 | ||
9d52694b | 819 | # For extracting sensitive keys (e.g. password), to avoid writing them to www-data owned configs |
40682a69 DC |
820 | sub extract_sensitive_params :prototype($$$) { |
821 | my ($param, $sensitive_list, $delete_list) = @_; | |
822 | ||
40682a69 DC |
823 | my %delete = map { $_ => 1 } ($delete_list || [])->@*; |
824 | ||
9d52694b | 825 | my $sensitive = {}; |
40682a69 | 826 | for my $opt (@$sensitive_list) { |
9d52694b TL |
827 | # handle deletions as explicitly setting `undef`, so subs which only have $param but not |
828 | # $delete_list available can recognize them. Afterwards new values may override. | |
40682a69 DC |
829 | if (exists($delete{$opt})) { |
830 | $sensitive->{$opt} = undef; | |
831 | } | |
832 | ||
833 | if (defined(my $value = extract_param($param, $opt))) { | |
834 | $sensitive->{$opt} = $value; | |
835 | } | |
836 | } | |
837 | ||
838 | return $sensitive; | |
839 | } | |
840 | ||
eb7047f6 | 841 | # Note: we use this to wait until vncterm/spiceterm is ready |
ec6d95b4 | 842 | sub wait_for_vnc_port { |
590b924e | 843 | my ($port, $family, $timeout) = @_; |
ec6d95b4 DM |
844 | |
845 | $timeout = 5 if !$timeout; | |
eb7047f6 DM |
846 | my $sleeptime = 0; |
847 | my $starttime = [gettimeofday]; | |
848 | my $elapsed; | |
ec6d95b4 | 849 | |
590b924e TL |
850 | my $cmd = ['/bin/ss', '-Htln', "sport = :$port"]; |
851 | push @$cmd, $family == AF_INET6 ? '-6' : '-4' if defined($family); | |
852 | ||
9a41a7b7 | 853 | my $found; |
eb7047f6 | 854 | while (($elapsed = tv_interval($starttime)) < $timeout) { |
9a41a7b7 | 855 | # -Htln = don't print header, tcp, listening sockets only, numeric ports |
590b924e | 856 | run_command($cmd, outfunc => sub { |
9a41a7b7 TL |
857 | my $line = shift; |
858 | if ($line =~ m/^LISTEN\s+\d+\s+\d+\s+\S+:(\d+)\s/) { | |
859 | $found = 1 if ($port == $1); | |
ec6d95b4 | 860 | } |
9a41a7b7 TL |
861 | }); |
862 | return 1 if $found; | |
eb7047f6 DM |
863 | $sleeptime += 100000 if $sleeptime < 1000000; |
864 | usleep($sleeptime); | |
ec6d95b4 DM |
865 | } |
866 | ||
8fd0d634 | 867 | die "Timeout while waiting for port '$port' to get ready!\n"; |
ec6d95b4 DM |
868 | } |
869 | ||
59b3f563 | 870 | sub next_unused_port { |
c14960cc | 871 | my ($range_start, $range_end, $family, $address) = @_; |
59b3f563 DM |
872 | |
873 | # We use a file to register allocated ports. | |
874 | # Those registrations expires after $expiretime. | |
875 | # We use this to avoid race conditions between | |
876 | # allocation and use of ports. | |
877 | ||
878 | my $filename = "/var/tmp/pve-reserved-ports"; | |
e143e9d8 | 879 | |
59b3f563 | 880 | my $code = sub { |
e143e9d8 | 881 | |
59b3f563 DM |
882 | my $expiretime = 5; |
883 | my $ctime = time(); | |
e143e9d8 | 884 | |
59b3f563 DM |
885 | my $ports = {}; |
886 | ||
887 | if (my $fh = IO::File->new ($filename, "r")) { | |
888 | while (my $line = <$fh>) { | |
889 | if ($line =~ m/^(\d+)\s(\d+)$/) { | |
890 | my ($port, $timestamp) = ($1, $2); | |
891 | if (($timestamp + $expiretime) > $ctime) { | |
892 | $ports->{$port} = $timestamp; # not expired | |
813a5c0d | 893 | } |
59b3f563 DM |
894 | } |
895 | } | |
e143e9d8 | 896 | } |
813a5c0d | 897 | |
59b3f563 | 898 | my $newport; |
c14960cc WB |
899 | my %sockargs = (Listen => 5, |
900 | ReuseAddr => 1, | |
901 | Family => $family, | |
a0ecb159 | 902 | Proto => IPPROTO_TCP, |
c14960cc WB |
903 | GetAddrInfoFlags => 0); |
904 | $sockargs{LocalAddr} = $address if defined($address); | |
59b3f563 DM |
905 | |
906 | for (my $p = $range_start; $p < $range_end; $p++) { | |
907 | next if $ports->{$p}; # reserved | |
908 | ||
c14960cc WB |
909 | $sockargs{LocalPort} = $p; |
910 | my $sock = IO::Socket::IP->new(%sockargs); | |
59b3f563 DM |
911 | |
912 | if ($sock) { | |
913 | close($sock); | |
914 | $newport = $p; | |
915 | $ports->{$p} = $ctime; | |
916 | last; | |
917 | } | |
918 | } | |
813a5c0d | 919 | |
59b3f563 DM |
920 | my $data = ""; |
921 | foreach my $p (keys %$ports) { | |
922 | $data .= "$p $ports->{$p}\n"; | |
923 | } | |
813a5c0d | 924 | |
59b3f563 | 925 | file_set_contents($filename, $data); |
e143e9d8 | 926 | |
59b3f563 DM |
927 | return $newport; |
928 | }; | |
929 | ||
3c476ed5 | 930 | my $p = lock_file('/var/lock/pve-ports.lck', 10, $code); |
59b3f563 | 931 | die $@ if $@; |
813a5c0d | 932 | |
59b3f563 DM |
933 | die "unable to find free port (${range_start}-${range_end})\n" if !$p; |
934 | ||
935 | return $p; | |
936 | } | |
937 | ||
938 | sub next_migrate_port { | |
c14960cc WB |
939 | my ($family, $address) = @_; |
940 | return next_unused_port(60000, 60050, $family, $address); | |
59b3f563 DM |
941 | } |
942 | ||
943 | sub next_vnc_port { | |
c14960cc WB |
944 | my ($family, $address) = @_; |
945 | return next_unused_port(5900, 6000, $family, $address); | |
59b3f563 | 946 | } |
e143e9d8 | 947 | |
30aeac2e DC |
948 | sub spice_port_range { |
949 | return (61000, 61999); | |
950 | } | |
951 | ||
2f13cbb5 | 952 | sub next_spice_port { |
c14960cc | 953 | my ($family, $address) = @_; |
30aeac2e | 954 | return next_unused_port(spice_port_range(), $family, $address); |
2f13cbb5 DM |
955 | } |
956 | ||
893ec6f2 WB |
957 | sub must_stringify { |
958 | my ($value) = @_; | |
959 | eval { $value = "$value" }; | |
960 | return "error turning value into a string: $@" if $@; | |
961 | return $value; | |
962 | } | |
963 | ||
72fba911 EK |
964 | # sigkill after $timeout a $sub running in a fork if it can't write a pipe |
965 | # the $sub has to return a single scalar | |
966 | sub run_fork_with_timeout { | |
967 | my ($timeout, $sub) = @_; | |
968 | ||
969 | my $res; | |
970 | my $error; | |
971 | my $pipe_out = IO::Pipe->new(); | |
72fba911 EK |
972 | |
973 | # disable pending alarms, save their remaining time | |
974 | my $prev_alarm = alarm 0; | |
975 | ||
eead1cca | 976 | # avoid leaving a zombie if the parent gets interrupted |
72fba911 | 977 | my $sig_received; |
72fba911 EK |
978 | |
979 | my $child = fork(); | |
980 | if (!defined($child)) { | |
981 | die "fork failed: $!\n"; | |
982 | return $res; | |
983 | } | |
984 | ||
985 | if (!$child) { | |
986 | $pipe_out->writer(); | |
72fba911 EK |
987 | |
988 | eval { | |
989 | $res = $sub->(); | |
f2c72fc3 | 990 | print {$pipe_out} encode_json({ result => $res }); |
72fba911 EK |
991 | $pipe_out->flush(); |
992 | }; | |
993 | if (my $err = $@) { | |
893ec6f2 | 994 | print {$pipe_out} encode_json({ error => must_stringify($err) }); |
f2c72fc3 | 995 | $pipe_out->flush(); |
72fba911 EK |
996 | POSIX::_exit(1); |
997 | } | |
998 | POSIX::_exit(0); | |
999 | } | |
1000 | ||
2e353dfb DC |
1001 | local $SIG{INT} = sub { $sig_received++; }; |
1002 | local $SIG{TERM} = sub { | |
1003 | $error //= "interrupted by unexpected signal\n"; | |
1004 | kill('TERM', $child); | |
1005 | }; | |
1006 | ||
72fba911 | 1007 | $pipe_out->reader(); |
72fba911 EK |
1008 | |
1009 | my $readvalues = sub { | |
1010 | local $/ = undef; | |
2e353dfb | 1011 | my $child_res = decode_json(readline_nointr($pipe_out)); |
f2c72fc3 TL |
1012 | $res = $child_res->{result}; |
1013 | $error = $child_res->{error}; | |
72fba911 EK |
1014 | }; |
1015 | eval { | |
a2d049af WB |
1016 | if (defined($timeout)) { |
1017 | run_with_timeout($timeout, $readvalues); | |
1018 | } else { | |
1019 | $readvalues->(); | |
1020 | } | |
72fba911 EK |
1021 | }; |
1022 | warn $@ if $@; | |
1023 | $pipe_out->close(); | |
72fba911 | 1024 | kill('KILL', $child); |
c663330d | 1025 | # FIXME: hangs if $child doesn't exits?! (D state) |
72fba911 EK |
1026 | waitpid($child, 0); |
1027 | ||
1028 | alarm $prev_alarm; | |
1029 | die "interrupted by unexpected signal\n" if $sig_received; | |
1030 | ||
1031 | die $error if $error; | |
1032 | return $res; | |
1033 | } | |
1034 | ||
a2d049af WB |
1035 | sub run_fork { |
1036 | my ($code) = @_; | |
1037 | return run_fork_with_timeout(undef, $code); | |
1038 | } | |
1039 | ||
813a5c0d | 1040 | # NOTE: NFS syscall can't be interrupted, so alarm does |
e143e9d8 DM |
1041 | # not work to provide timeouts. |
1042 | # from 'man nfs': "Only SIGKILL can interrupt a pending NFS operation" | |
97c8c857 | 1043 | # So fork() before using Filesys::Df |
e143e9d8 DM |
1044 | sub df { |
1045 | my ($path, $timeout) = @_; | |
1046 | ||
4fdc9659 | 1047 | my $df = sub { return Filesys::Df::df($path, 1) }; |
97c8c857 | 1048 | |
4fdc9659 TL |
1049 | my $res = eval { run_fork_with_timeout($timeout, $df) } // {}; |
1050 | warn $@ if $@; | |
97c8c857 | 1051 | |
8bc99fda TL |
1052 | # untaint, but be flexible: PB usage can result in scientific notation |
1053 | my ($blocks, $used, $bavail) = map { defined($_) ? (/^([\d\.e\-+]+)$/) : 0 } | |
fd58bb2b DC |
1054 | $res->@{qw(blocks used bavail)}; |
1055 | ||
4fdc9659 | 1056 | return { |
fd58bb2b DC |
1057 | total => $blocks, |
1058 | used => $used, | |
1059 | avail => $bavail, | |
e143e9d8 | 1060 | }; |
e143e9d8 DM |
1061 | } |
1062 | ||
62635f92 DM |
1063 | sub du { |
1064 | my ($path, $timeout) = @_; | |
1065 | ||
1066 | my $size; | |
1067 | ||
1068 | $timeout //= 10; | |
1069 | ||
1070 | my $parser = sub { | |
1071 | my $line = shift; | |
1072 | ||
1073 | if ($line =~ m/^(\d+)\s+total$/) { | |
1074 | $size = $1; | |
1075 | } | |
1076 | }; | |
1077 | ||
1078 | run_command(['du', '-scb', $path], outfunc => $parser, timeout => $timeout); | |
1079 | ||
1080 | return $size; | |
1081 | } | |
1082 | ||
e143e9d8 DM |
1083 | # UPID helper |
1084 | # We use this to uniquely identify a process. | |
813a5c0d | 1085 | # An 'Unique Process ID' has the following format: |
e143e9d8 DM |
1086 | # "UPID:$node:$pid:$pstart:$startime:$dtype:$id:$user" |
1087 | ||
1088 | sub upid_encode { | |
1089 | my $d = shift; | |
1090 | ||
19cec230 DM |
1091 | # Note: pstart can be > 32bit if uptime > 497 days, so this can result in |
1092 | # more that 8 characters for pstart | |
813a5c0d DC |
1093 | return sprintf("UPID:%s:%08X:%08X:%08X:%s:%s:%s:", $d->{node}, $d->{pid}, |
1094 | $d->{pstart}, $d->{starttime}, $d->{type}, $d->{id}, | |
e143e9d8 DM |
1095 | $d->{user}); |
1096 | } | |
1097 | ||
1098 | sub upid_decode { | |
1099 | my ($upid, $noerr) = @_; | |
1100 | ||
1101 | my $res; | |
1102 | my $filename; | |
1103 | ||
1104 | # "UPID:$node:$pid:$pstart:$startime:$dtype:$id:$user" | |
19cec230 DM |
1105 | # Note: allow up to 9 characters for pstart (work until 20 years uptime) |
1106 | if ($upid =~ m/^UPID:([a-zA-Z0-9]([a-zA-Z0-9\-]*[a-zA-Z0-9])?):([0-9A-Fa-f]{8}):([0-9A-Fa-f]{8,9}):([0-9A-Fa-f]{8}):([^:\s]+):([^:\s]*):([^:\s]+):$/) { | |
e143e9d8 | 1107 | $res->{node} = $1; |
3702f038 DM |
1108 | $res->{pid} = hex($3); |
1109 | $res->{pstart} = hex($4); | |
1110 | $res->{starttime} = hex($5); | |
1111 | $res->{type} = $6; | |
1112 | $res->{id} = $7; | |
1113 | $res->{user} = $8; | |
1114 | ||
1115 | my $subdir = substr($5, 7, 8); | |
e143e9d8 DM |
1116 | $filename = "$pvetaskdir/$subdir/$upid"; |
1117 | ||
1118 | } else { | |
1119 | return undef if $noerr; | |
1120 | die "unable to parse worker upid '$upid'\n"; | |
1121 | } | |
1122 | ||
1123 | return wantarray ? ($res, $filename) : $res; | |
1124 | } | |
1125 | ||
1126 | sub upid_open { | |
1127 | my ($upid) = @_; | |
1128 | ||
813a5c0d | 1129 | my ($task, $filename) = upid_decode($upid); |
e143e9d8 DM |
1130 | |
1131 | my $dirname = dirname($filename); | |
1132 | make_path($dirname); | |
1133 | ||
1134 | my $wwwid = getpwnam('www-data') || | |
1135 | die "getpwnam failed"; | |
1136 | ||
1137 | my $perm = 0640; | |
813a5c0d | 1138 | |
e143e9d8 DM |
1139 | my $outfh = IO::File->new ($filename, O_WRONLY|O_CREAT|O_EXCL, $perm) || |
1140 | die "unable to create output file '$filename' - $!\n"; | |
2b8e0f12 | 1141 | chown $wwwid, -1, $outfh; |
e143e9d8 DM |
1142 | |
1143 | return $outfh; | |
1144 | }; | |
1145 | ||
1146 | sub upid_read_status { | |
1147 | my ($upid) = @_; | |
1148 | ||
1149 | my ($task, $filename) = upid_decode($upid); | |
1150 | my $fh = IO::File->new($filename, "r"); | |
1151 | return "unable to open file - $!" if !$fh; | |
cc9121d3 | 1152 | my $maxlen = 4096; |
e143e9d8 DM |
1153 | sysseek($fh, -$maxlen, 2); |
1154 | my $readbuf = ''; | |
1155 | my $br = sysread($fh, $readbuf, $maxlen); | |
1156 | close($fh); | |
1157 | if ($br) { | |
1158 | return "unable to extract last line" | |
1159 | if $readbuf !~ m/\n?(.+)$/; | |
1160 | my $line = $1; | |
1161 | if ($line =~ m/^TASK OK$/) { | |
1162 | return 'OK'; | |
1163 | } elsif ($line =~ m/^TASK ERROR: (.+)$/) { | |
1164 | return $1; | |
ff79ee65 FE |
1165 | } elsif ($line =~ m/^TASK (WARNINGS: \d+)$/) { |
1166 | return $1; | |
e143e9d8 DM |
1167 | } else { |
1168 | return "unexpected status"; | |
1169 | } | |
1170 | } | |
1171 | return "unable to read tail (got $br bytes)"; | |
1172 | } | |
1173 | ||
4cc5b13d FE |
1174 | # Check if the status returned by upid_read_status is an error status. |
1175 | # If the status could not be parsed it's also treated as an error. | |
1176 | sub upid_status_is_error { | |
1177 | my ($status) = @_; | |
1178 | ||
1179 | return !($status eq 'OK' || $status =~ m/^WARNINGS: \d+$/); | |
1180 | } | |
1181 | ||
ae54eabf TL |
1182 | # takes the parsed status and returns the type, either ok, warning, error or unknown |
1183 | sub upid_normalize_status_type { | |
4e536038 DC |
1184 | my ($status) = @_; |
1185 | ||
1186 | if (!$status) { | |
1187 | return 'unknown'; | |
ae54eabf | 1188 | } elsif ($status eq 'OK') { |
4e536038 DC |
1189 | return 'ok'; |
1190 | } elsif ($status =~ m/^WARNINGS: \d+$/) { | |
1191 | return 'warning'; | |
1192 | } elsif ($status eq 'unexpected status') { | |
1193 | return 'unknown'; | |
1194 | } else { | |
1195 | return 'error'; | |
1196 | } | |
1197 | } | |
1198 | ||
813a5c0d | 1199 | # useful functions to store comments in config files |
e143e9d8 DM |
1200 | sub encode_text { |
1201 | my ($text) = @_; | |
1202 | ||
1203 | # all control and hi-bit characters, and ':' | |
1204 | my $unsafe = "^\x20-\x39\x3b-\x7e"; | |
1205 | return uri_escape(Encode::encode("utf8", $text), $unsafe); | |
1206 | } | |
1207 | ||
1208 | sub decode_text { | |
1209 | my ($data) = @_; | |
1210 | ||
1211 | return Encode::decode("utf8", uri_unescape($data)); | |
1212 | } | |
1213 | ||
a45a1df1 | 1214 | # NOTE: deprecated - do not use! we now decode all parameters by default |
815b2aba DM |
1215 | sub decode_utf8_parameters { |
1216 | my ($param) = @_; | |
1217 | ||
34ebb226 | 1218 | foreach my $p (qw(comment description firstname lastname)) { |
815b2aba DM |
1219 | $param->{$p} = decode('utf8', $param->{$p}) if $param->{$p}; |
1220 | } | |
1221 | ||
1222 | return $param; | |
1223 | } | |
1224 | ||
a413a515 | 1225 | sub random_ether_addr { |
12392173 | 1226 | my ($prefix) = @_; |
a413a515 | 1227 | |
46a11c00 DM |
1228 | my ($seconds, $microseconds) = gettimeofday; |
1229 | ||
d743b69c | 1230 | my $rand = Digest::SHA::sha1($$, rand(), $seconds, $microseconds); |
a413a515 | 1231 | |
85d5625a | 1232 | # clear multicast, set local id |
de9a267f | 1233 | vec($rand, 0, 8) = (vec($rand, 0, 8) & 0xfe) | 2; |
a413a515 | 1234 | |
12392173 WB |
1235 | my $addr = sprintf("%02X:%02X:%02X:%02X:%02X:%02X", unpack("C6", $rand)); |
1236 | if (defined($prefix)) { | |
1237 | $addr = uc($prefix) . substr($addr, length($prefix)); | |
1238 | } | |
1239 | return $addr; | |
a413a515 | 1240 | } |
e143e9d8 | 1241 | |
762e3223 DM |
1242 | sub shellquote { |
1243 | my $str = shift; | |
1244 | ||
7514b23a | 1245 | return String::ShellQuote::shell_quote($str); |
762e3223 DM |
1246 | } |
1247 | ||
65e1d3fc DM |
1248 | sub cmd2string { |
1249 | my ($cmd) = @_; | |
1250 | ||
1251 | die "no arguments" if !$cmd; | |
1252 | ||
1253 | return $cmd if !ref($cmd); | |
1254 | ||
1255 | my @qa = (); | |
1256 | foreach my $arg (@$cmd) { push @qa, shellquote($arg); } | |
1257 | ||
1258 | return join (' ', @qa); | |
1259 | } | |
1260 | ||
e38bcd35 | 1261 | # split an shell argument string into an array, |
f9125663 DM |
1262 | sub split_args { |
1263 | my ($str) = @_; | |
1264 | ||
e38bcd35 | 1265 | return $str ? [ Text::ParseWords::shellwords($str) ] : []; |
f9125663 DM |
1266 | } |
1267 | ||
12a0ec18 CE |
1268 | sub dump_logfile_by_filehandle { |
1269 | my ($fh, $filter, $state) = @_; | |
804b1041 | 1270 | |
12a0ec18 CE |
1271 | my $count = ($state->{count} //= 0); |
1272 | my $lines = ($state->{lines} //= []); | |
1273 | my $start = ($state->{start} //= 0); | |
1274 | my $limit = ($state->{limit} //= 50); | |
1275 | my $final = ($state->{final} //= 1); | |
1276 | my $read_until_end = ($state->{read_until_end} //= $limit == 0); | |
804b1041 DM |
1277 | |
1278 | my $line; | |
eb7e5538 DM |
1279 | if ($filter) { |
1280 | # duplicate code, so that we do not slow down normal path | |
1281 | while (defined($line = <$fh>)) { | |
12a0ec18 CE |
1282 | if (ref($filter) eq 'CODE') { |
1283 | next if !$filter->($line); | |
1284 | } else { | |
1285 | next if $line !~ m/$filter/; | |
1286 | } | |
eb7e5538 | 1287 | next if $count++ < $start; |
f0c1b0c0 DT |
1288 | if (!$read_until_end) { |
1289 | next if $limit <= 0; | |
1290 | $limit--; | |
1291 | } | |
eb7e5538 DM |
1292 | chomp $line; |
1293 | push @$lines, { n => $count, t => $line}; | |
eb7e5538 DM |
1294 | } |
1295 | } else { | |
1296 | while (defined($line = <$fh>)) { | |
1297 | next if $count++ < $start; | |
f0c1b0c0 DT |
1298 | if (!$read_until_end) { |
1299 | next if $limit <= 0; | |
1300 | $limit--; | |
1301 | } | |
eb7e5538 DM |
1302 | chomp $line; |
1303 | push @$lines, { n => $count, t => $line}; | |
eb7e5538 | 1304 | } |
804b1041 DM |
1305 | } |
1306 | ||
6de95a66 DM |
1307 | # HACK: ExtJS store.guaranteeRange() does not like empty array |
1308 | # so we add a line | |
12a0ec18 | 1309 | if (!$count && $final) { |
6de95a66 DM |
1310 | $count++; |
1311 | push @$lines, { n => $count, t => "no content"}; | |
1312 | } | |
1313 | ||
12a0ec18 CE |
1314 | $state->{count} = $count; |
1315 | $state->{limit} = $limit; | |
1316 | } | |
1317 | ||
1318 | sub dump_logfile { | |
1319 | my ($filename, $start, $limit, $filter) = @_; | |
1320 | ||
1321 | my $fh = IO::File->new($filename, "r"); | |
1322 | if (!$fh) { | |
1323 | return (1, { n => 1, t => "unable to open file - $!"}); | |
1324 | } | |
1325 | ||
1326 | my %state = ( | |
1327 | 'count' => 0, | |
1328 | 'lines' => [], | |
1329 | 'start' => $start, | |
1330 | 'limit' => $limit, | |
1331 | ); | |
1332 | ||
1333 | dump_logfile_by_filehandle($fh, $filter, \%state); | |
1334 | ||
1335 | close($fh); | |
1336 | ||
1337 | return ($state{'count'}, $state{'lines'}); | |
6de95a66 DM |
1338 | } |
1339 | ||
1340 | sub dump_journal { | |
ccf60d3b | 1341 | my ($start, $limit, $since, $until, $service) = @_; |
6de95a66 DM |
1342 | |
1343 | my $lines = []; | |
1344 | my $count = 0; | |
813a5c0d | 1345 | |
6de95a66 DM |
1346 | $start = 0 if !$start; |
1347 | $limit = 50 if !$limit; | |
1348 | ||
1349 | my $parser = sub { | |
1350 | my $line = shift; | |
1351 | ||
1352 | return if $count++ < $start; | |
1353 | return if $limit <= 0; | |
1354 | push @$lines, { n => int($count), t => $line}; | |
1355 | $limit--; | |
1356 | }; | |
1357 | ||
1358 | my $cmd = ['journalctl', '-o', 'short', '--no-pager']; | |
19e95cd0 | 1359 | |
ccf60d3b | 1360 | push @$cmd, '--unit', $service if $service; |
19e95cd0 TL |
1361 | push @$cmd, '--since', $since if $since; |
1362 | push @$cmd, '--until', $until if $until; | |
6de95a66 DM |
1363 | run_command($cmd, outfunc => $parser); |
1364 | ||
804b1041 DM |
1365 | # HACK: ExtJS store.guaranteeRange() does not like empty array |
1366 | # so we add a line | |
1367 | if (!$count) { | |
1368 | $count++; | |
1369 | push @$lines, { n => $count, t => "no content"}; | |
1370 | } | |
1371 | ||
1372 | return ($count, $lines); | |
1373 | } | |
1374 | ||
7eb283fb DM |
1375 | sub dir_glob_regex { |
1376 | my ($dir, $regex) = @_; | |
1377 | ||
1378 | my $dh = IO::Dir->new ($dir); | |
1379 | return wantarray ? () : undef if !$dh; | |
813a5c0d DC |
1380 | |
1381 | while (defined(my $tmp = $dh->read)) { | |
7eb283fb DM |
1382 | if (my @res = $tmp =~ m/^($regex)$/) { |
1383 | $dh->close; | |
1384 | return wantarray ? @res : $tmp; | |
1385 | } | |
1386 | } | |
1387 | $dh->close; | |
1388 | ||
1389 | return wantarray ? () : undef; | |
1390 | } | |
1391 | ||
1392 | sub dir_glob_foreach { | |
1393 | my ($dir, $regex, $func) = @_; | |
1394 | ||
1395 | my $dh = IO::Dir->new ($dir); | |
1396 | if (defined $dh) { | |
1397 | while (defined(my $tmp = $dh->read)) { | |
1398 | if (my @res = $tmp =~ m/^($regex)$/) { | |
1399 | &$func (@res); | |
1400 | } | |
1401 | } | |
813a5c0d | 1402 | } |
7eb283fb DM |
1403 | } |
1404 | ||
a345b9d5 DM |
1405 | sub assert_if_modified { |
1406 | my ($digest1, $digest2) = @_; | |
1407 | ||
1408 | if ($digest1 && $digest2 && ($digest1 ne $digest2)) { | |
212fc0b7 | 1409 | die "detected modified configuration - file changed by other user? Try again.\n"; |
a345b9d5 DM |
1410 | } |
1411 | } | |
1412 | ||
2d3bca34 DM |
1413 | # Digest for short strings |
1414 | # like FNV32a, but we only return 31 bits (positive numbers) | |
1415 | sub fnv31a { | |
1416 | my ($string) = @_; | |
1417 | ||
1418 | my $hval = 0x811c9dc5; | |
1419 | ||
1420 | foreach my $c (unpack('C*', $string)) { | |
1421 | $hval ^= $c; | |
1422 | $hval += ( | |
1423 | (($hval << 1) ) + | |
1424 | (($hval << 4) ) + | |
1425 | (($hval << 7) ) + | |
1426 | (($hval << 8) ) + | |
1427 | (($hval << 24) ) ); | |
1428 | $hval = $hval & 0xffffffff; | |
1429 | } | |
1430 | return $hval & 0x7fffffff; | |
1431 | } | |
1432 | ||
1433 | sub fnv31a_hex { return sprintf("%X", fnv31a(@_)); } | |
1434 | ||
8df6b794 WB |
1435 | sub unpack_sockaddr_in46 { |
1436 | my ($sin) = @_; | |
1437 | my $family = Socket::sockaddr_family($sin); | |
1438 | my ($port, $host) = ($family == AF_INET6 ? Socket::unpack_sockaddr_in6($sin) | |
1439 | : Socket::unpack_sockaddr_in($sin)); | |
1440 | return ($family, $port, $host); | |
1441 | } | |
1442 | ||
a0b6ef52 WB |
1443 | sub getaddrinfo_all { |
1444 | my ($hostname, @opts) = @_; | |
7a2e8ca1 TL |
1445 | my %hints = ( |
1446 | flags => AI_V4MAPPED | AI_ALL, | |
1447 | @opts, | |
1448 | ); | |
a956854f | 1449 | my ($err, @res) = Socket::getaddrinfo($hostname, '0', \%hints); |
a0b6ef52 WB |
1450 | die "failed to get address info for: $hostname: $err\n" if $err; |
1451 | return @res; | |
1452 | } | |
a956854f | 1453 | |
a0b6ef52 WB |
1454 | sub get_host_address_family { |
1455 | my ($hostname, $socktype) = @_; | |
1456 | my @res = getaddrinfo_all($hostname, socktype => $socktype); | |
1457 | return $res[0]->{family}; | |
a956854f WB |
1458 | } |
1459 | ||
d3c8f0c1 EK |
1460 | # get the fully qualified domain name of a host |
1461 | # same logic as hostname(1): The FQDN is the name getaddrinfo(3) returns, | |
1462 | # given a nodename as a parameter | |
1463 | sub get_fqdn { | |
1464 | my ($nodename) = @_; | |
1465 | ||
1466 | my $hints = { | |
1467 | flags => AI_CANONNAME, | |
1468 | socktype => SOCK_DGRAM | |
1469 | }; | |
1470 | ||
1471 | my ($err, @addrs) = Socket::getaddrinfo($nodename, undef, $hints); | |
1472 | ||
1473 | die "getaddrinfo: $err" if $err; | |
1474 | ||
1475 | return $addrs[0]->{canonname}; | |
1476 | } | |
1477 | ||
b2613777 WB |
1478 | # Parses any sane kind of host, or host+port pair: |
1479 | # The port is always optional and thus may be undef. | |
1480 | sub parse_host_and_port { | |
1481 | my ($address) = @_; | |
1482 | if ($address =~ /^($IPV4RE|[[:alnum:]\-.]+)(?::(\d+))?$/ || # ipv4 or host with optional ':port' | |
1483 | $address =~ /^\[($IPV6RE|$IPV4RE|[[:alnum:]\-.]+)\](?::(\d+))?$/ || # anything in brackets with optional ':port' | |
1484 | $address =~ /^($IPV6RE)(?:\.(\d+))?$/) # ipv6 with optional port separated by dot | |
1485 | { | |
1486 | return ($1, $2, 1); # end with 1 to support simple if(parse...) tests | |
1487 | } | |
1488 | return; # nothing | |
1489 | } | |
1490 | ||
0c078e66 SI |
1491 | sub setresuid($$$) { |
1492 | my ($ruid, $euid, $suid) = @_; | |
6647801c | 1493 | return 0 == syscall(PVE::Syscall::setresuid, int($ruid), int($euid), int($suid)); |
0c078e66 SI |
1494 | } |
1495 | ||
817c6be0 | 1496 | sub unshare($) { |
952fd95e | 1497 | my ($flags) = @_; |
6647801c | 1498 | return 0 == syscall(PVE::Syscall::unshare, int($flags)); |
952fd95e WB |
1499 | } |
1500 | ||
891b224a WB |
1501 | sub setns($$) { |
1502 | my ($fileno, $nstype) = @_; | |
6647801c | 1503 | return 0 == syscall(PVE::Syscall::setns, int($fileno), int($nstype)); |
891b224a WB |
1504 | } |
1505 | ||
44acb12c WB |
1506 | sub syncfs($) { |
1507 | my ($fileno) = @_; | |
6647801c | 1508 | return 0 == syscall(PVE::Syscall::syncfs, int($fileno)); |
44acb12c WB |
1509 | } |
1510 | ||
cee0e23a TL |
1511 | sub fsync($) { |
1512 | my ($fileno) = @_; | |
6647801c | 1513 | return 0 == syscall(PVE::Syscall::fsync, int($fileno)); |
cee0e23a TL |
1514 | } |
1515 | ||
bd9eb367 WB |
1516 | sub renameat2($$$$$) { |
1517 | my ($olddirfd, $oldpath, $newdirfd, $newpath, $flags) = @_; | |
6647801c WB |
1518 | return 0 == syscall( |
1519 | PVE::Syscall::renameat2, | |
1520 | int($olddirfd), | |
1521 | $oldpath, | |
1522 | int($newdirfd), | |
1523 | $newpath, | |
1524 | int($flags), | |
1525 | ); | |
bd9eb367 WB |
1526 | } |
1527 | ||
44acb12c WB |
1528 | sub sync_mountpoint { |
1529 | my ($path) = @_; | |
b260d4e3 | 1530 | sysopen my $fd, $path, O_RDONLY|O_CLOEXEC or die "failed to open $path: $!\n"; |
09d47f9d TL |
1531 | my $syncfs_err; |
1532 | if (!syncfs(fileno($fd))) { | |
1533 | $syncfs_err = "$!"; | |
1534 | } | |
44acb12c | 1535 | close($fd); |
09d47f9d | 1536 | die "syncfs '$path' failed - $syncfs_err\n" if defined $syncfs_err; |
44acb12c WB |
1537 | } |
1538 | ||
9915a41b TL |
1539 | my sub check_mail_addr { |
1540 | my ($addr) = @_; | |
1541 | die "'$addr' does not look like a valid email address or username\n" | |
1542 | if $addr !~ /^$EMAIL_RE$/ && $addr !~ /^$EMAIL_USER_RE$/; | |
1543 | } | |
1544 | ||
b61a47db TL |
1545 | # support sending multi-part mail messages with a text and or a HTML part |
1546 | # mailto may be a single email string or an array of receivers | |
1547 | sub sendmail { | |
1548 | my ($mailto, $subject, $text, $html, $mailfrom, $author) = @_; | |
1549 | ||
5a873e6d | 1550 | $mailto = [ $mailto ] if !ref($mailto); |
b61a47db | 1551 | |
9915a41b TL |
1552 | check_mail_addr($_) for $mailto->@*; |
1553 | my $to_quoted = [ map { shellquote($_) } $mailto->@* ]; | |
b61a47db TL |
1554 | |
1555 | $mailfrom = $mailfrom || "root"; | |
9915a41b TL |
1556 | check_mail_addr($mailfrom); |
1557 | my $from_quoted = shellquote($mailfrom); | |
c9c6d910 | 1558 | |
a24d91ea | 1559 | $author = $author // 'Proxmox VE'; |
b61a47db | 1560 | |
9915a41b | 1561 | open (my $mail, "|-", "sendmail", "-B", "8BITMIME", "-f", $from_quoted, "--", $to_quoted->@*) |
7ac222d1 | 1562 | or die "unable to open 'sendmail' - $!"; |
b61a47db | 1563 | |
b18826ce | 1564 | my $is_multipart = $text && $html; |
9915a41b | 1565 | my $boundary = "----_=_NextPart_001_" . int(time()) . $$; # multipart spec, see rfc 1521 |
b18826ce | 1566 | |
9915a41b | 1567 | $subject = Encode::encode('MIME-Header', $subject) if $subject =~ /[^[:ascii:]]/; |
b61a47db | 1568 | |
9915a41b | 1569 | print $mail "MIME-Version: 1.0\n" if $subject =~ /[^[:ascii:]]/ || $is_multipart; |
b61a47db | 1570 | |
7ac222d1 | 1571 | print $mail "From: $author <$mailfrom>\n"; |
9915a41b TL |
1572 | print $mail "To: " . join(', ', @$mailto) ."\n"; |
1573 | print $mail "Date: " . time2str('%a, %d %b %Y %H:%M:%S %z', time()) . "\n"; | |
7ac222d1 | 1574 | print $mail "Subject: $subject\n"; |
b18826ce SI |
1575 | |
1576 | if ($is_multipart) { | |
7ac222d1 TL |
1577 | print $mail "Content-Type: multipart/alternative;\n"; |
1578 | print $mail "\tboundary=\"$boundary\"\n"; | |
1579 | print $mail "\n"; | |
1580 | print $mail "This is a multi-part message in MIME format.\n\n"; | |
1581 | print $mail "--$boundary\n"; | |
b18826ce | 1582 | } |
b61a47db | 1583 | |
5a873e6d | 1584 | if (defined($text)) { |
7ac222d1 TL |
1585 | print $mail "Content-Type: text/plain;\n"; |
1586 | print $mail "\tcharset=\"UTF-8\"\n"; | |
1587 | print $mail "Content-Transfer-Encoding: 8bit\n"; | |
1588 | print $mail "\n"; | |
b61a47db TL |
1589 | |
1590 | # avoid 'remove extra line breaks' issue (MS Outlook) | |
1591 | my $fill = ' '; | |
1592 | $text =~ s/^/$fill/gm; | |
1593 | ||
7ac222d1 | 1594 | print $mail $text; |
b61a47db | 1595 | |
7ac222d1 | 1596 | print $mail "\n--$boundary\n" if $is_multipart; |
b61a47db TL |
1597 | } |
1598 | ||
5a873e6d | 1599 | if (defined($html)) { |
7ac222d1 TL |
1600 | print $mail "Content-Type: text/html;\n"; |
1601 | print $mail "\tcharset=\"UTF-8\"\n"; | |
1602 | print $mail "Content-Transfer-Encoding: 8bit\n"; | |
1603 | print $mail "\n"; | |
b61a47db | 1604 | |
7ac222d1 | 1605 | print $mail $html; |
b61a47db | 1606 | |
7ac222d1 | 1607 | print $mail "\n--$boundary--\n" if $is_multipart; |
b61a47db TL |
1608 | } |
1609 | ||
7ac222d1 | 1610 | close($mail); |
b61a47db TL |
1611 | } |
1612 | ||
85237c0b TL |
1613 | # creates a temporary file that does not shows up on the file system hierarchy. |
1614 | # | |
1615 | # Uses O_TMPFILE if available, which makes it just an anon inode that never shows up in the FS. | |
1616 | # If O_TMPFILE is not available, which unlikely nowadays (added in 3.11 kernel and all FS relevant | |
1617 | # for us support it) back to open-create + immediate unlink while still holding the file handle. | |
1618 | # | |
1619 | # TODO: to avoid FS dependent features we could (transparently) switch to memfd_create as backend | |
26598a51 WB |
1620 | sub tempfile { |
1621 | my ($perm, %opts) = @_; | |
1622 | ||
1623 | # default permissions are stricter than with file_set_contents | |
1624 | $perm = 0600 if !defined($perm); | |
1625 | ||
9cccad5e TL |
1626 | my $dir = $opts{dir}; |
1627 | if (!$dir) { | |
1628 | if (-d "/run/user/$<") { | |
1629 | $dir = "/run/user/$<"; | |
1630 | } elsif ($< == 0) { | |
1631 | $dir = "/run"; | |
1632 | } else { | |
1633 | $dir = "/tmp"; | |
1634 | } | |
1635 | } | |
26598a51 WB |
1636 | my $mode = $opts{mode} // O_RDWR; |
1637 | $mode |= O_EXCL if !$opts{allow_links}; | |
1638 | ||
7e1ee743 WB |
1639 | my $fh = IO::File->new($dir, $mode | O_TMPFILE, $perm); |
1640 | if (!$fh && $! == EOPNOTSUPP) { | |
77b2b96f | 1641 | $dir = '/tmp' if !defined($opts{dir}); |
7e1ee743 WB |
1642 | $dir .= "/.tmpfile.$$"; |
1643 | $fh = IO::File->new($dir, $mode | O_CREAT | O_EXCL, $perm); | |
1644 | unlink($dir) if $fh; | |
1645 | } | |
1646 | die "failed to create tempfile: $!\n" if !$fh; | |
26598a51 WB |
1647 | return $fh; |
1648 | } | |
1649 | ||
85237c0b | 1650 | # create an (ideally) anon file with the $data as content and return its FD-path and FH |
26598a51 WB |
1651 | sub tempfile_contents { |
1652 | my ($data, $perm, %opts) = @_; | |
1653 | ||
1654 | my $fh = tempfile($perm, %opts); | |
1655 | eval { | |
1656 | die "unable to write to tempfile: $!\n" if !print {$fh} $data; | |
1657 | die "unable to flush to tempfile: $!\n" if !defined($fh->flush()); | |
1658 | }; | |
1659 | if (my $err = $@) { | |
1660 | close $fh; | |
1661 | die $err; | |
1662 | } | |
1663 | ||
1664 | return ("/proc/$$/fd/".$fh->fileno, $fh); | |
1665 | } | |
1666 | ||
48df47a4 FG |
1667 | sub validate_ssh_public_keys { |
1668 | my ($raw) = @_; | |
1669 | my @lines = split(/\n/, $raw); | |
1670 | ||
1671 | foreach my $line (@lines) { | |
1672 | next if $line =~ m/^\s*$/; | |
1673 | eval { | |
1674 | my ($filename, $handle) = tempfile_contents($line); | |
1675 | run_command(["ssh-keygen", "-l", "-f", $filename], | |
1676 | outfunc => sub {}, errfunc => sub {}); | |
1677 | }; | |
1678 | die "SSH public key validation error\n" if $@; | |
1679 | } | |
1680 | } | |
1681 | ||
21c56a96 WB |
1682 | sub openat($$$;$) { |
1683 | my ($dirfd, $pathname, $flags, $mode) = @_; | |
6647801c WB |
1684 | $dirfd = int($dirfd); |
1685 | $flags = int($flags); | |
1686 | $mode = int($mode // 0); | |
1687 | ||
1688 | my $fd = syscall(PVE::Syscall::openat, $dirfd, $pathname, $flags, $mode); | |
21c56a96 WB |
1689 | return undef if $fd < 0; |
1690 | # sysopen() doesn't deal with numeric file descriptors apparently | |
1691 | # so we need to convert to a mode string for IO::Handle->new_from_fd | |
1692 | my $flagstr = ($flags & O_RDWR) ? 'rw' : ($flags & O_WRONLY) ? 'w' : 'r'; | |
1693 | my $handle = IO::Handle->new_from_fd($fd, $flagstr); | |
1694 | return $handle if $handle; | |
1695 | my $err = $!; # save error before closing the raw fd | |
c8e94d4b | 1696 | syscall(PVE::Syscall::close, $fd); # close |
21c56a96 WB |
1697 | $! = $err; |
1698 | return undef; | |
1699 | } | |
1700 | ||
1701 | sub mkdirat($$$) { | |
1702 | my ($dirfd, $name, $mode) = @_; | |
6647801c | 1703 | return syscall(PVE::Syscall::mkdirat, int($dirfd), $name, int($mode)) == 0; |
21c56a96 WB |
1704 | } |
1705 | ||
6cf6b404 FG |
1706 | sub fchownat($$$$$) { |
1707 | my ($dirfd, $pathname, $owner, $group, $flags) = @_; | |
6647801c WB |
1708 | return syscall( |
1709 | PVE::Syscall::fchownat, | |
1710 | int($dirfd), | |
1711 | $pathname, | |
1712 | int($owner), | |
1713 | int($group), | |
1714 | int($flags), | |
1715 | ) == 0; | |
6cf6b404 FG |
1716 | } |
1717 | ||
9867ff7a DM |
1718 | my $salt_starter = time(); |
1719 | ||
1720 | sub encrypt_pw { | |
1721 | my ($pw) = @_; | |
1722 | ||
1723 | $salt_starter++; | |
1724 | my $salt = substr(Digest::SHA::sha1_base64(time() + $salt_starter + $$), 0, 8); | |
1725 | ||
1726 | # crypt does not want '+' in salt (see 'man crypt') | |
1727 | $salt =~ s/\+/X/g; | |
1728 | ||
1729 | return crypt(encode("utf8", $pw), "\$5\$$salt\$"); | |
1730 | } | |
1731 | ||
8e677e74 | 1732 | # intended usage: convert_size($val, "kb" => "gb") |
95386daf DC |
1733 | # we round up to the next integer by default |
1734 | # E.g. `convert_size(1023, "b" => "kb")` returns 1 | |
8e677e74 | 1735 | # use $no_round_up to switch this off, above example would then return 0 |
95386daf DC |
1736 | # this is also true for converting down e.g. 0.0005 gb to mb returns 1 |
1737 | # (0 if $no_round_up is true) | |
1738 | # allowed formats for value: | |
1739 | # 1234 | |
1740 | # 1234. | |
1741 | # 1234.1234 | |
1742 | # .1234 | |
8e677e74 TL |
1743 | sub convert_size { |
1744 | my ($value, $from, $to, $no_round_up) = @_; | |
1745 | ||
1746 | my $units = { | |
1747 | b => 0, | |
1748 | kb => 1, | |
1749 | mb => 2, | |
1750 | gb => 3, | |
1751 | tb => 4, | |
1752 | pb => 5, | |
1753 | }; | |
1754 | ||
95386daf DC |
1755 | die "no value given" |
1756 | if !defined($value) || $value eq ""; | |
1757 | ||
1758 | $from = lc($from // ''); $to = lc($to // ''); | |
8e677e74 | 1759 | die "unknown 'from' and/or 'to' units ($from => $to)" |
95386daf | 1760 | if !defined($units->{$from}) || !defined($units->{$to}); |
8e677e74 | 1761 | |
95386daf DC |
1762 | die "value '$value' is not a valid, positive number" |
1763 | if $value !~ m/^(?:[0-9]+\.?[0-9]*|[0-9]*\.[0-9]+)$/; | |
8e677e74 | 1764 | |
95386daf DC |
1765 | my $shift_amount = ($units->{$from} - $units->{$to}) * 10; |
1766 | ||
1767 | $value *= 2**$shift_amount; | |
1768 | $value++ if !$no_round_up && ($value - int($value)) > 0.0; | |
8e677e74 | 1769 | |
95386daf | 1770 | return int($value); |
8e677e74 TL |
1771 | } |
1772 | ||
e03a8365 DC |
1773 | # uninterruptible readline |
1774 | # retries on EINTR | |
1775 | sub readline_nointr { | |
1776 | my ($fh) = @_; | |
1777 | my $line; | |
1778 | while (1) { | |
1779 | $line = <$fh>; | |
1780 | last if defined($line) || ($! != EINTR); | |
1781 | } | |
1782 | return $line; | |
1783 | } | |
1784 | ||
ce007e99 | 1785 | my $host_arch; |
b8faece3 | 1786 | sub get_host_arch { |
ce007e99 SR |
1787 | $host_arch = (POSIX::uname())[4] if !$host_arch; |
1788 | return $host_arch; | |
732b693f DM |
1789 | } |
1790 | ||
243c4e58 WB |
1791 | # Devices are: [ (12 bits minor) (12 bits major) (8 bits minor) ] |
1792 | sub dev_t_major($) { | |
1793 | my ($dev_t) = @_; | |
1794 | return (int($dev_t) & 0xfff00) >> 8; | |
1795 | } | |
1796 | ||
1797 | sub dev_t_minor($) { | |
1798 | my ($dev_t) = @_; | |
1799 | $dev_t = int($dev_t); | |
1800 | return (($dev_t >> 12) & 0xfff00) | ($dev_t & 0xff); | |
1801 | } | |
1802 | ||
a59544e7 SR |
1803 | # Given an array of array refs [ \[a b c], \[a b b], \[e b a] ] |
1804 | # Returns the intersection of elements as a single array [a b] | |
1805 | sub array_intersect { | |
1806 | my ($arrays) = @_; | |
1807 | ||
3982313e TL |
1808 | if (!ref($arrays->[0])) { |
1809 | $arrays = [ grep { ref($_) eq 'ARRAY' } @_ ]; | |
1810 | } | |
1811 | ||
38586028 TL |
1812 | return [] if scalar(@$arrays) == 0; |
1813 | return $arrays->[0] if scalar(@$arrays) == 1; | |
a59544e7 | 1814 | |
4c28a8bc TL |
1815 | my $array_unique = sub { |
1816 | my %seen = (); | |
1817 | return grep { ! $seen{ $_ }++ } @_; | |
1818 | }; | |
1819 | ||
38586028 TL |
1820 | # base idea is to get all unique members from the first array, then |
1821 | # check the common elements with the next (uniquely made) one, only keep | |
1822 | # those. Repeat for every array and at the end we only have those left | |
1823 | # which exist in all arrays | |
1824 | my $return_arr = [ $array_unique->(@{$arrays->[0]}) ]; | |
a59544e7 SR |
1825 | for my $i (1 .. $#$arrays) { |
1826 | my %count = (); | |
38586028 | 1827 | # $return_arr is already unique, explicit at before the loop, implicit below. |
4c28a8bc | 1828 | foreach my $element (@$return_arr, $array_unique->(@{$arrays->[$i]})) { |
a59544e7 SR |
1829 | $count{$element}++; |
1830 | } | |
1831 | $return_arr = []; | |
1832 | foreach my $element (keys %count) { | |
1833 | push @$return_arr, $element if $count{$element} > 1; | |
1834 | } | |
26a68cf6 | 1835 | last if scalar(@$return_arr) == 0; # empty intersection, early exit |
a59544e7 SR |
1836 | } |
1837 | ||
1838 | return $return_arr; | |
1839 | } | |
1840 | ||
76c5fee8 WB |
1841 | sub open_tree($$$) { |
1842 | my ($dfd, $pathname, $flags) = @_; | |
1843 | return PVE::Syscall::file_handle_result(syscall( | |
1844 | &PVE::Syscall::open_tree, | |
6647801c | 1845 | int($dfd), |
76c5fee8 | 1846 | $pathname, |
6647801c | 1847 | int($flags), |
76c5fee8 WB |
1848 | )); |
1849 | } | |
1850 | ||
1851 | sub move_mount($$$$$) { | |
1852 | my ($from_dirfd, $from_pathname, $to_dirfd, $to_pathname, $flags) = @_; | |
1853 | return 0 == syscall( | |
1854 | &PVE::Syscall::move_mount, | |
6647801c | 1855 | int($from_dirfd), |
76c5fee8 | 1856 | $from_pathname, |
6647801c | 1857 | int($to_dirfd), |
76c5fee8 | 1858 | $to_pathname, |
6647801c | 1859 | int($flags), |
76c5fee8 WB |
1860 | ); |
1861 | } | |
1862 | ||
1863 | sub fsopen($$) { | |
1864 | my ($fsname, $flags) = @_; | |
6647801c | 1865 | return PVE::Syscall::file_handle_result(syscall(&PVE::Syscall::fsopen, $fsname, int($flags))); |
76c5fee8 WB |
1866 | } |
1867 | ||
1868 | sub fsmount($$$) { | |
1869 | my ($fd, $flags, $mount_attrs) = @_; | |
1870 | return PVE::Syscall::file_handle_result(syscall( | |
1871 | &PVE::Syscall::fsmount, | |
6647801c WB |
1872 | int($fd), |
1873 | int($flags), | |
1874 | int($mount_attrs), | |
76c5fee8 WB |
1875 | )); |
1876 | } | |
1877 | ||
1878 | sub fspick($$$) { | |
1879 | my ($dirfd, $pathname, $flags) = @_; | |
1880 | return PVE::Syscall::file_handle_result(syscall( | |
1881 | &PVE::Syscall::fspick, | |
6647801c | 1882 | int($dirfd), |
76c5fee8 | 1883 | $pathname, |
6647801c | 1884 | int($flags), |
76c5fee8 WB |
1885 | )); |
1886 | } | |
1887 | ||
1888 | sub fsconfig($$$$$) { | |
1889 | my ($fd, $command, $key, $value, $aux) = @_; | |
6647801c WB |
1890 | return 0 == syscall( |
1891 | &PVE::Syscall::fsconfig, | |
1892 | int($fd), | |
1893 | int($command), | |
1894 | $key, | |
1895 | $value, | |
1896 | int($aux), | |
1897 | ); | |
76c5fee8 WB |
1898 | } |
1899 | ||
1900 | # "raw" mount, old api, not for generic use (as it does not invoke any helpers). | |
1901 | # use for lower level stuff such as bind/remount/... or simple tmpfs mounts | |
1902 | sub mount($$$$$) { | |
1903 | my ($source, $target, $filesystemtype, $mountflags, $data) = @_; | |
1904 | return 0 == syscall( | |
1905 | &PVE::Syscall::mount, | |
1906 | $source, | |
1907 | $target, | |
1908 | $filesystemtype, | |
6647801c | 1909 | int($mountflags), |
76c5fee8 WB |
1910 | $data, |
1911 | ); | |
1912 | } | |
a59544e7 | 1913 | |
4c0c5c90 | 1914 | # size is optional and defaults to 256, note that xattr limits are FS specific and that xattrs can |
c1e4c83c | 1915 | # get arbitrary long. pass `0` for $size in array context to get the actual size of a value |
4c0c5c90 TL |
1916 | sub getxattr($$;$) { |
1917 | my ($path_or_handle, $name, $size) = @_; | |
1918 | $size //= 256; | |
1919 | my $buf = pack("x${size}"); | |
1920 | ||
1921 | my $xattr_size = -1; # the actual size of the xattr, can be zero | |
1922 | if (defined(my $fd = fileno($path_or_handle))) { | |
6647801c | 1923 | $xattr_size = syscall(&PVE::Syscall::fgetxattr, $fd, $name, $buf, int($size)); |
4c0c5c90 | 1924 | } else { |
6647801c | 1925 | $xattr_size = syscall(&PVE::Syscall::getxattr, $path_or_handle, $name, $buf, int($size)); |
4c0c5c90 TL |
1926 | } |
1927 | if ($xattr_size < 0) { | |
4c0c5c90 | 1928 | return undef; |
4c0c5c90 | 1929 | } |
d9339d01 | 1930 | $buf = substr($buf, 0, $xattr_size); |
4c0c5c90 TL |
1931 | return wantarray ? ($buf, $xattr_size) : $buf; |
1932 | } | |
1933 | ||
1934 | # NOTE: can take either a path or an open file handle, i.e., its multiplexing setxattr and fsetxattr | |
1935 | sub setxattr($$$;$) { | |
1936 | my ($path_or_handle, $name, $value, $flags) = @_; | |
1937 | my $size = length($value); # NOTE: seems to get correct length also for wide-characters in text.. | |
1938 | ||
1939 | if (defined(my $fd = fileno($path_or_handle))) { | |
6647801c WB |
1940 | return 0 == syscall( |
1941 | &PVE::Syscall::fsetxattr, | |
1942 | $fd, | |
1943 | $name, | |
1944 | $value, | |
1945 | int($size), | |
1946 | int($flags // 0), | |
1947 | ); | |
4c0c5c90 | 1948 | } else { |
6647801c WB |
1949 | return 0 == syscall( |
1950 | &PVE::Syscall::setxattr, | |
1951 | $path_or_handle, | |
1952 | $name, | |
1953 | $value, | |
1954 | int($size), | |
1955 | int($flags // 0), | |
1956 | ); | |
4c0c5c90 TL |
1957 | } |
1958 | } | |
1959 | ||
890d25d9 FE |
1960 | sub safe_compare { |
1961 | my ($left, $right, $cmp) = @_; | |
1962 | ||
1963 | return 0 if !defined($left) && !defined($right); | |
1964 | return -1 if !defined($left); | |
1965 | return 1 if !defined($right); | |
1966 | return $cmp->($left, $right); | |
1967 | } | |
1968 | ||
a3327ea6 | 1969 | |
60fb1c26 | 1970 | # opts is a hash ref with the following known properties |
06c1c13f | 1971 | # allow_overwrite - if 1, overwriting existing files is allowed, use with care. Default to false |
60fb1c26 TL |
1972 | # hash_required - if 1, at least one checksum has to be specified otherwise an error will be thrown |
1973 | # http_proxy | |
1974 | # https_proxy | |
1975 | # verify_certificates - if 0 (false) we tell wget to ignore untrusted TLS certs. Default to true | |
1976 | # md5sum|sha(1|224|256|384|512)sum - the respective expected checksum string | |
a3327ea6 LS |
1977 | sub download_file_from_url { |
1978 | my ($dest, $url, $opts) = @_; | |
1979 | ||
60fb1c26 | 1980 | my ($checksum_algorithm, $checksum_expected); |
a3327ea6 LS |
1981 | for ('sha512', 'sha384', 'sha256', 'sha224', 'sha1', 'md5') { |
1982 | if (defined($opts->{"${_}sum"})) { | |
60fb1c26 TL |
1983 | $checksum_algorithm = $_; |
1984 | $checksum_expected = $opts->{"${_}sum"}; | |
a3327ea6 LS |
1985 | last; |
1986 | } | |
1987 | } | |
60fb1c26 | 1988 | die "checksum required but not specified\n" if ($opts->{hash_required} && !$checksum_algorithm); |
a3327ea6 | 1989 | |
60fb1c26 | 1990 | print "downloading $url to $dest\n"; |
a3327ea6 | 1991 | |
06c1c13f TL |
1992 | if (-f $dest) { |
1993 | if ($checksum_algorithm) { | |
1994 | print "calculating checksum of existing file..."; | |
1995 | my $checksum_got = get_file_hash($checksum_algorithm, $dest); | |
a3327ea6 | 1996 | |
06c1c13f TL |
1997 | if (lc($checksum_got) eq lc($checksum_expected)) { |
1998 | print "OK, got correct file already, no need to download\n"; | |
1999 | return; | |
2000 | } elsif ($opts->{allow_overwrite}) { | |
2001 | print "checksum mismatch: got '$checksum_got' != expect '$checksum_expected', re-download\n"; | |
2002 | } else { | |
2003 | print "\n"; # the front end expects the error to reside at the last line without any noise | |
2004 | die "checksum mismatch: got '$checksum_got' != expect '$checksum_expected', aborting\n"; | |
2005 | } | |
2006 | } elsif (!$opts->{allow_overwrite}) { | |
2007 | die "refusing to override existing file '$dest'\n"; | |
60fb1c26 | 2008 | } |
f52ecff9 | 2009 | } |
a3327ea6 | 2010 | |
f52ecff9 LS |
2011 | my $tmpdest = "$dest.tmp.$$"; |
2012 | eval { | |
3a946485 TL |
2013 | local $SIG{INT} = sub { |
2014 | unlink $tmpdest or warn "could not cleanup temporary file: $!"; | |
2015 | die "got interrupted by signal\n"; | |
2016 | }; | |
2017 | ||
60fb1c26 | 2018 | { # limit the scope of the ENV change |
a3327ea6 LS |
2019 | local %ENV; |
2020 | if ($opts->{http_proxy}) { | |
2021 | $ENV{http_proxy} = $opts->{http_proxy}; | |
2022 | } | |
2023 | if ($opts->{https_proxy}) { | |
2024 | $ENV{https_proxy} = $opts->{https_proxy}; | |
2025 | } | |
2026 | ||
60fb1c26 | 2027 | my $cmd = ['wget', '--progress=dot:giga', '-O', $tmpdest, $url]; |
a3327ea6 | 2028 | |
60fb1c26 TL |
2029 | if (!($opts->{verify_certificates} // 1)) { # default to true |
2030 | push @$cmd, '--no-check-certificate'; | |
a3327ea6 LS |
2031 | } |
2032 | ||
60fb1c26 TL |
2033 | run_command($cmd, errmsg => "download failed"); |
2034 | } | |
2035 | ||
2036 | if ($checksum_algorithm) { | |
2037 | print "calculating checksum..."; | |
a3327ea6 | 2038 | |
60fb1c26 | 2039 | my $checksum_got = get_file_hash($checksum_algorithm, $tmpdest); |
a3327ea6 | 2040 | |
60fb1c26 TL |
2041 | if (lc($checksum_got) eq lc($checksum_expected)) { |
2042 | print "OK, checksum verified\n"; | |
a3327ea6 | 2043 | } else { |
43cb80c5 LS |
2044 | print "\n"; # the front end expects the error to reside at the last line without any noise |
2045 | die "checksum mismatch: got '$checksum_got' != expect '$checksum_expected'\n"; | |
a3327ea6 | 2046 | } |
a3327ea6 LS |
2047 | } |
2048 | ||
60fb1c26 | 2049 | rename($tmpdest, $dest) or die "unable to rename temporary file: $!\n"; |
a3327ea6 | 2050 | }; |
60fb1c26 TL |
2051 | if (my $err = $@) { |
2052 | unlink $tmpdest or warn "could not cleanup temporary file: $!"; | |
2053 | die $err; | |
2054 | } | |
a3327ea6 | 2055 | |
60fb1c26 | 2056 | print "download of '$url' to '$dest' finished\n"; |
a3327ea6 LS |
2057 | } |
2058 | ||
60fb1c26 TL |
2059 | sub get_file_hash { |
2060 | my ($algorithm, $filename) = @_; | |
a3327ea6 LS |
2061 | |
2062 | my $algorithm_map = { | |
2063 | 'md5' => sub { Digest::MD5->new }, | |
2064 | 'sha1' => sub { Digest::SHA->new(1) }, | |
2065 | 'sha224' => sub { Digest::SHA->new(224) }, | |
2066 | 'sha256' => sub { Digest::SHA->new(256) }, | |
2067 | 'sha384' => sub { Digest::SHA->new(384) }, | |
2068 | 'sha512' => sub { Digest::SHA->new(512) }, | |
2069 | }; | |
2070 | ||
2071 | my $digester = $algorithm_map->{$algorithm}->() or die "unknown algorithm '$algorithm'\n"; | |
2072 | ||
2073 | open(my $fh, '<', $filename) or die "unable to open '$filename': $!\n"; | |
2074 | binmode($fh); | |
2075 | ||
2076 | my $digest = $digester->addfile($fh)->hexdigest; | |
2077 | ||
60fb1c26 | 2078 | return lc($digest); |
a3327ea6 LS |
2079 | } |
2080 | ||
e143e9d8 | 2081 | 1; |