]>
Commit | Line | Data |
---|---|---|
e143e9d8 DM |
1 | package PVE::Tools; |
2 | ||
3 | use strict; | |
c36f332e | 4 | use warnings; |
dc4bc969 | 5 | |
2531c455 TL |
6 | use Date::Format qw(time2str); |
7 | use Digest::MD5; | |
8 | use Digest::SHA; | |
9 | use Encode; | |
10 | use Fcntl qw(:DEFAULT :flock); | |
e143e9d8 DM |
11 | use File::Basename; |
12 | use File::Path qw(make_path); | |
97c8c857 | 13 | use Filesys::Df (); # don't overwrite our df() |
7eb283fb | 14 | use IO::Dir; |
2531c455 | 15 | use IO::File; |
21c56a96 | 16 | use IO::Handle; |
2531c455 TL |
17 | use IO::Pipe; |
18 | use IO::Select; | |
19 | use IO::Socket::IP; | |
e143e9d8 | 20 | use IPC::Open3; |
f2c72fc3 | 21 | use JSON; |
2531c455 TL |
22 | use POSIX qw(EINTR EEXIST EOPNOTSUPP); |
23 | use Scalar::Util 'weaken'; | |
24 | use Socket qw(AF_INET AF_INET6 AI_ALL AI_V4MAPPED AI_CANONNAME SOCK_DGRAM IPPROTO_TCP); | |
7514b23a | 25 | use String::ShellQuote; |
2531c455 | 26 | use Text::ParseWords; |
c38cea65 | 27 | use Time::HiRes qw(usleep gettimeofday tv_interval alarm); |
2531c455 TL |
28 | use URI::Escape; |
29 | use base 'Exporter'; | |
b18826ce | 30 | |
c8e94d4b | 31 | use PVE::Syscall; |
e143e9d8 | 32 | |
57eeea0c DM |
33 | # avoid warning when parsing long hex values with hex() |
34 | no warnings 'portable'; # Support for 64-bit ints required | |
35 | ||
e143e9d8 | 36 | our @EXPORT_OK = qw( |
602ec0cd DM |
37 | $IPV6RE |
38 | $IPV4RE | |
813a5c0d | 39 | lock_file |
493004a2 | 40 | lock_file_full |
813a5c0d DC |
41 | run_command |
42 | file_set_contents | |
e143e9d8 DM |
43 | file_get_contents |
44 | file_read_firstline | |
7eb283fb DM |
45 | dir_glob_regex |
46 | dir_glob_foreach | |
e143e9d8 DM |
47 | split_list |
48 | template_replace | |
49 | safe_print | |
50 | trim | |
51 | extract_param | |
40682a69 | 52 | extract_sensitive_params |
23e0e0d7 | 53 | file_copy |
ce007e99 | 54 | get_host_arch |
c0647765 WB |
55 | O_PATH |
56 | O_TMPFILE | |
1b0bc6c0 WB |
57 | AT_EMPTY_PATH |
58 | AT_FDCWD | |
59 | CLONE_NEWNS | |
60 | CLONE_NEWUTS | |
61 | CLONE_NEWIPC | |
62 | CLONE_NEWUSER | |
63 | CLONE_NEWPID | |
64 | CLONE_NEWNET | |
e143e9d8 DM |
65 | ); |
66 | ||
67 | my $pvelogdir = "/var/log/pve"; | |
68 | my $pvetaskdir = "$pvelogdir/tasks"; | |
69 | ||
70 | mkdir $pvelogdir; | |
71 | mkdir $pvetaskdir; | |
72 | ||
cd9bd252 | 73 | my $IPV4OCTET = "(?:25[0-5]|(?:2[0-4]|1[0-9]|[1-9])?[0-9])"; |
602ec0cd DM |
74 | our $IPV4RE = "(?:(?:$IPV4OCTET\\.){3}$IPV4OCTET)"; |
75 | my $IPV6H16 = "(?:[0-9a-fA-F]{1,4})"; | |
76 | my $IPV6LS32 = "(?:(?:$IPV4RE|$IPV6H16:$IPV6H16))"; | |
77 | ||
78 | our $IPV6RE = "(?:" . | |
79 | "(?:(?:" . "(?:$IPV6H16:){6})$IPV6LS32)|" . | |
80 | "(?:(?:" . "::(?:$IPV6H16:){5})$IPV6LS32)|" . | |
81 | "(?:(?:(?:" . "$IPV6H16)?::(?:$IPV6H16:){4})$IPV6LS32)|" . | |
82 | "(?:(?:(?:(?:$IPV6H16:){0,1}$IPV6H16)?::(?:$IPV6H16:){3})$IPV6LS32)|" . | |
83 | "(?:(?:(?:(?:$IPV6H16:){0,2}$IPV6H16)?::(?:$IPV6H16:){2})$IPV6LS32)|" . | |
84 | "(?:(?:(?:(?:$IPV6H16:){0,3}$IPV6H16)?::(?:$IPV6H16:){1})$IPV6LS32)|" . | |
85 | "(?:(?:(?:(?:$IPV6H16:){0,4}$IPV6H16)?::" . ")$IPV6LS32)|" . | |
86 | "(?:(?:(?:(?:$IPV6H16:){0,5}$IPV6H16)?::" . ")$IPV6H16)|" . | |
87 | "(?:(?:(?:(?:$IPV6H16:){0,6}$IPV6H16)?::" . ")))"; | |
88 | ||
176b1186 WB |
89 | our $IPRE = "(?:$IPV4RE|$IPV6RE)"; |
90 | ||
4c4bd104 FE |
91 | our $EMAIL_USER_RE = qr/[\w\+\-\~]+(\.[\w\+\-\~]+)*/; |
92 | our $EMAIL_RE = qr/$EMAIL_USER_RE@[a-zA-Z0-9\-]+(\.[a-zA-Z0-9\-]+)*/; | |
93 | ||
be8f0477 | 94 | use constant {CLONE_NEWNS => 0x00020000, |
952fd95e WB |
95 | CLONE_NEWUTS => 0x04000000, |
96 | CLONE_NEWIPC => 0x08000000, | |
97 | CLONE_NEWUSER => 0x10000000, | |
98 | CLONE_NEWPID => 0x20000000, | |
be8f0477 | 99 | CLONE_NEWNET => 0x40000000}; |
952fd95e | 100 | |
26598a51 | 101 | use constant {O_PATH => 0x00200000, |
b260d4e3 | 102 | O_CLOEXEC => 0x00080000, |
4cb946a8 | 103 | O_TMPFILE => 0x00400000 | O_DIRECTORY}; |
44acb12c | 104 | |
1b0bc6c0 WB |
105 | use constant {AT_EMPTY_PATH => 0x1000, |
106 | AT_FDCWD => -100}; | |
6cf6b404 | 107 | |
bd9eb367 WB |
108 | # from <linux/fs.h> |
109 | use constant {RENAME_NOREPLACE => (1 << 0), | |
110 | RENAME_EXCHANGE => (1 << 1), | |
111 | RENAME_WHITEOUT => (1 << 2)}; | |
112 | ||
0f0990f1 DM |
113 | sub run_with_timeout { |
114 | my ($timeout, $code, @param) = @_; | |
e143e9d8 | 115 | |
0f0990f1 | 116 | die "got timeout\n" if $timeout <= 0; |
e143e9d8 | 117 | |
c38cea65 | 118 | my $prev_alarm = alarm 0; # suspend outer alarm early |
0f0990f1 DM |
119 | |
120 | my $sigcount = 0; | |
a6aa0ae9 | 121 | my $got_timeout = 0; |
e143e9d8 DM |
122 | |
123 | my $res; | |
124 | ||
e143e9d8 | 125 | eval { |
a6aa0ae9 | 126 | local $SIG{ALRM} = sub { $sigcount++; $got_timeout = 1; die "got timeout\n"; }; |
0f0990f1 DM |
127 | local $SIG{PIPE} = sub { $sigcount++; die "broken pipe\n" }; |
128 | local $SIG{__DIE__}; # see SA bug 4631 | |
e143e9d8 | 129 | |
c38cea65 | 130 | alarm($timeout); |
e143e9d8 | 131 | |
c38cea65 | 132 | eval { $res = &$code(@param); }; |
0f0990f1 DM |
133 | |
134 | alarm(0); # avoid race conditions | |
c38cea65 WB |
135 | |
136 | die $@ if $@; | |
0f0990f1 DM |
137 | }; |
138 | ||
139 | my $err = $@; | |
140 | ||
c38cea65 | 141 | alarm $prev_alarm; |
0f0990f1 | 142 | |
c38cea65 | 143 | # this shouldn't happen anymore? |
0f0990f1 DM |
144 | die "unknown error" if $sigcount && !$err; # seems to happen sometimes |
145 | ||
a6aa0ae9 | 146 | die $err if $err && !wantarray; # assume that user handles timeout err if called in list context |
0f0990f1 | 147 | |
a6aa0ae9 | 148 | return wantarray ? ($res, $got_timeout) : $res; |
0f0990f1 | 149 | } |
e143e9d8 | 150 | |
0f0990f1 | 151 | # flock: we use one file handle per process, so lock file |
d9f86d0d WB |
152 | # can be nested multiple times and succeeds for the same process. |
153 | # | |
154 | # Since this is the only way we lock now and we don't have the old | |
155 | # 'lock(); code(); unlock();' pattern anymore we do not actually need to | |
156 | # count how deep we're nesting. Therefore this hash now stores a weak reference | |
157 | # to a boolean telling us whether we already have a lock. | |
0f0990f1 DM |
158 | |
159 | my $lock_handles = {}; | |
160 | ||
493004a2 DM |
161 | sub lock_file_full { |
162 | my ($filename, $timeout, $shared, $code, @param) = @_; | |
0f0990f1 DM |
163 | |
164 | $timeout = 10 if !$timeout; | |
165 | ||
493004a2 DM |
166 | my $mode = $shared ? LOCK_SH : LOCK_EX; |
167 | ||
d9f86d0d | 168 | my $lockhash = ($lock_handles->{$$} //= {}); |
e143e9d8 | 169 | |
d9f86d0d WB |
170 | # Returns a locked file handle. |
171 | my $get_locked_file = sub { | |
172 | my $fh = IO::File->new(">>$filename") | |
173 | or die "can't open file - $!\n"; | |
174 | ||
175 | if (!flock($fh, $mode|LOCK_NB)) { | |
91bae4c0 | 176 | print STDERR "trying to acquire lock...\n"; |
b5d12b08 DM |
177 | my $success; |
178 | while(1) { | |
d9f86d0d | 179 | $success = flock($fh, $mode); |
b5d12b08 DM |
180 | # try again on EINTR (see bug #273) |
181 | if ($success || ($! != EINTR)) { | |
182 | last; | |
183 | } | |
184 | } | |
d9f86d0d WB |
185 | if (!$success) { |
186 | print STDERR " failed\n"; | |
187 | die "can't acquire lock '$filename' - $!\n"; | |
188 | } | |
189 | print STDERR " OK\n"; | |
190 | } | |
191 | ||
192 | return $fh; | |
e143e9d8 DM |
193 | }; |
194 | ||
0f0990f1 | 195 | my $res; |
d9f86d0d WB |
196 | my $checkptr = $lockhash->{$filename}; |
197 | my $check = 0; # This must not go out of scope before running the code. | |
198 | my $local_fh; # This must stay local | |
199 | if (!$checkptr || !$$checkptr) { | |
200 | # We cannot create a weak reference in a single atomic step, so we first | |
201 | # create a false-value, then create a reference to it, then weaken it, | |
202 | # and after successfully locking the file we change the boolean value. | |
203 | # | |
204 | # The reason for this is that if an outer SIGALRM throws an exception | |
205 | # between creating the reference and weakening it, a subsequent call to | |
206 | # lock_file_full() will see a leftover full reference to a valid | |
207 | # variable. This variable must be 0 in order for said call to attempt to | |
208 | # lock the file anew. | |
209 | # | |
210 | # An externally triggered exception elsewhere in the code will cause the | |
211 | # weak reference to become 'undef', and since the file handle is only | |
212 | # stored in the local scope in $local_fh, the file will be closed by | |
213 | # perl's cleanup routines as well. | |
214 | # | |
215 | # This still assumes that an IO::File handle can properly deal with such | |
216 | # exceptions thrown during its own destruction, but that's up to perls | |
217 | # guts now. | |
218 | $lockhash->{$filename} = \$check; | |
219 | weaken $lockhash->{$filename}; | |
220 | $local_fh = eval { run_with_timeout($timeout, $get_locked_file) }; | |
221 | if ($@) { | |
222 | $@ = "can't lock file '$filename' - $@"; | |
223 | return undef; | |
f127adab | 224 | } |
d9f86d0d | 225 | $check = 1; |
e143e9d8 | 226 | } |
d9f86d0d WB |
227 | $res = eval { &$code(@param); }; |
228 | return undef if $@; | |
e143e9d8 DM |
229 | return $res; |
230 | } | |
231 | ||
493004a2 DM |
232 | |
233 | sub lock_file { | |
234 | my ($filename, $timeout, $code, @param) = @_; | |
235 | ||
236 | return lock_file_full($filename, $timeout, 0, $code, @param); | |
237 | } | |
238 | ||
e143e9d8 DM |
239 | sub file_set_contents { |
240 | my ($filename, $data, $perm) = @_; | |
241 | ||
242 | $perm = 0644 if !defined($perm); | |
243 | ||
244 | my $tmpname = "$filename.tmp.$$"; | |
245 | ||
246 | eval { | |
ce338f4f WB |
247 | my ($fh, $tries) = (undef, 0); |
248 | while (!$fh && $tries++ < 3) { | |
249 | $fh = IO::File->new($tmpname, O_WRONLY|O_CREAT|O_EXCL, $perm); | |
250 | if (!$fh && $! == EEXIST) { | |
251 | unlink($tmpname) or die "unable to delete old temp file: $!\n"; | |
252 | } | |
253 | } | |
e143e9d8 DM |
254 | die "unable to open file '$tmpname' - $!\n" if !$fh; |
255 | die "unable to write '$tmpname' - $!\n" unless print $fh $data; | |
256 | die "closing file '$tmpname' failed - $!\n" unless close $fh; | |
257 | }; | |
258 | my $err = $@; | |
259 | ||
260 | if ($err) { | |
261 | unlink $tmpname; | |
262 | die $err; | |
263 | } | |
264 | ||
265 | if (!rename($tmpname, $filename)) { | |
266 | my $msg = "close (rename) atomic file '$filename' failed: $!\n"; | |
267 | unlink $tmpname; | |
813a5c0d | 268 | die $msg; |
e143e9d8 DM |
269 | } |
270 | } | |
271 | ||
272 | sub file_get_contents { | |
273 | my ($filename, $max) = @_; | |
274 | ||
275 | my $fh = IO::File->new($filename, "r") || | |
276 | die "can't open '$filename' - $!\n"; | |
277 | ||
034a8181 | 278 | my $content = safe_read_from($fh, $max, 0, $filename); |
e143e9d8 DM |
279 | |
280 | close $fh; | |
281 | ||
282 | return $content; | |
283 | } | |
284 | ||
23e0e0d7 WL |
285 | sub file_copy { |
286 | my ($filename, $dst, $max, $perm) = @_; | |
287 | ||
288 | file_set_contents ($dst, file_get_contents($filename, $max), $perm); | |
289 | } | |
290 | ||
e143e9d8 DM |
291 | sub file_read_firstline { |
292 | my ($filename) = @_; | |
293 | ||
294 | my $fh = IO::File->new ($filename, "r"); | |
1ac0a30a TL |
295 | if (!$fh) { |
296 | return undef if $! == POSIX::ENOENT; | |
297 | die "file '$filename' exists but open for reading failed - $!\n"; | |
298 | } | |
e143e9d8 | 299 | my $res = <$fh>; |
88955a2e | 300 | chomp $res if $res; |
e143e9d8 DM |
301 | $fh->close; |
302 | return $res; | |
303 | } | |
304 | ||
305 | sub safe_read_from { | |
034a8181 | 306 | my ($fh, $max, $oneline, $filename) = @_; |
e143e9d8 | 307 | |
8fb28ab9 | 308 | # pmxcfs file size limit |
d94f7005 | 309 | $max = 1024 * 1024 if !$max; |
e143e9d8 | 310 | |
034a8181 DM |
311 | my $subject = defined($filename) ? "file '$filename'" : 'input'; |
312 | ||
e143e9d8 DM |
313 | my $br = 0; |
314 | my $input = ''; | |
315 | my $count; | |
316 | while ($count = sysread($fh, $input, 8192, $br)) { | |
317 | $br += $count; | |
034a8181 | 318 | die "$subject too long - aborting\n" if $br > $max; |
e143e9d8 DM |
319 | if ($oneline && $input =~ m/^(.*)\n/) { |
320 | $input = $1; | |
321 | last; | |
322 | } | |
813a5c0d | 323 | } |
034a8181 | 324 | die "unable to read $subject - $!\n" if !defined($count); |
e143e9d8 DM |
325 | |
326 | return $input; | |
327 | } | |
328 | ||
bd9c3a36 WB |
329 | # The $cmd parameter can be: |
330 | # -) a string | |
331 | # This is generally executed by passing it to the shell with the -c option. | |
332 | # However, it can be executed in one of two ways, depending on whether | |
333 | # there's a pipe involved: | |
334 | # *) with pipe: passed explicitly to bash -c, prefixed with: | |
335 | # set -o pipefail && | |
336 | # *) without a pipe: passed to perl's open3 which uses 'sh -c' | |
337 | # (Note that this may result in two different syntax requirements!) | |
338 | # FIXME? | |
339 | # -) an array of arguments (strings) | |
340 | # Will be executed without interference from a shell. (Parameters are passed | |
341 | # as is, no escape sequences of strings will be touched.) | |
fcdc0cfc WB |
342 | # -) an array of arrays |
343 | # Each array represents a command, and each command's output is piped into | |
344 | # the following command's standard input. | |
345 | # For this a shell command string is created with pipe symbols between each | |
346 | # command. | |
347 | # Each command is a list of strings meant to end up in the final command | |
348 | # unchanged. In order to achieve this, every argument is shell-quoted. | |
349 | # Quoting can be disabled for a particular argument by turning it into a | |
350 | # reference, this allows inserting arbitrary shell options. | |
351 | # For instance: the $cmd [ [ 'echo', 'hello', \'>/dev/null' ] ] will not | |
352 | # produce any output, while the $cmd [ [ 'echo', 'hello', '>/dev/null' ] ] | |
353 | # will literally print: hello >/dev/null | |
e143e9d8 DM |
354 | sub run_command { |
355 | my ($cmd, %param) = @_; | |
356 | ||
357 | my $old_umask; | |
ded47a61 | 358 | my $cmdstr; |
e143e9d8 | 359 | |
fcdc0cfc WB |
360 | if (my $ref = ref($cmd)) { |
361 | if (ref($cmd->[0])) { | |
362 | $cmdstr = 'set -o pipefail && '; | |
363 | my $pipe = ''; | |
364 | foreach my $command (@$cmd) { | |
365 | # concatenate quoted parameters | |
366 | # strings which are passed by reference are NOT shell quoted | |
367 | $cmdstr .= $pipe . join(' ', map { ref($_) ? $$_ : shellquote($_) } @$command); | |
368 | $pipe = ' | '; | |
369 | } | |
1a0c0103 | 370 | $cmd = [ '/bin/bash', '-c', "$cmdstr" ]; |
fcdc0cfc WB |
371 | } else { |
372 | $cmdstr = cmd2string($cmd); | |
373 | } | |
374 | } else { | |
ded47a61 | 375 | $cmdstr = $cmd; |
22d4efe6 | 376 | if ($cmd =~ m/\|/) { |
e0cabd2c DM |
377 | # see 'man bash' for option pipefail |
378 | $cmd = [ '/bin/bash', '-c', "set -o pipefail && $cmd" ]; | |
379 | } else { | |
380 | $cmd = [ $cmd ]; | |
381 | } | |
ded47a61 | 382 | } |
e143e9d8 DM |
383 | |
384 | my $errmsg; | |
385 | my $laststderr; | |
386 | my $timeout; | |
387 | my $oldtimeout; | |
388 | my $pid; | |
38d9aa12 | 389 | my $exitcode = -1; |
e143e9d8 | 390 | |
4630cb95 DM |
391 | my $outfunc; |
392 | my $errfunc; | |
393 | my $logfunc; | |
394 | my $input; | |
395 | my $output; | |
a417477c | 396 | my $afterfork; |
7e826928 | 397 | my $noerr; |
0f3f314e | 398 | my $keeplocale; |
ed61b9d6 | 399 | my $quiet; |
4630cb95 | 400 | |
e143e9d8 | 401 | eval { |
e143e9d8 DM |
402 | |
403 | foreach my $p (keys %param) { | |
404 | if ($p eq 'timeout') { | |
405 | $timeout = $param{$p}; | |
406 | } elsif ($p eq 'umask') { | |
eb9e24df | 407 | $old_umask = umask($param{$p}); |
e143e9d8 DM |
408 | } elsif ($p eq 'errmsg') { |
409 | $errmsg = $param{$p}; | |
e143e9d8 DM |
410 | } elsif ($p eq 'input') { |
411 | $input = $param{$p}; | |
1c50a24a DM |
412 | } elsif ($p eq 'output') { |
413 | $output = $param{$p}; | |
e143e9d8 DM |
414 | } elsif ($p eq 'outfunc') { |
415 | $outfunc = $param{$p}; | |
416 | } elsif ($p eq 'errfunc') { | |
417 | $errfunc = $param{$p}; | |
776fbfa8 DM |
418 | } elsif ($p eq 'logfunc') { |
419 | $logfunc = $param{$p}; | |
a417477c DM |
420 | } elsif ($p eq 'afterfork') { |
421 | $afterfork = $param{$p}; | |
7e826928 TL |
422 | } elsif ($p eq 'noerr') { |
423 | $noerr = $param{$p}; | |
0f3f314e DC |
424 | } elsif ($p eq 'keeplocale') { |
425 | $keeplocale = $param{$p}; | |
ed61b9d6 TL |
426 | } elsif ($p eq 'quiet') { |
427 | $quiet = $param{$p}; | |
e143e9d8 DM |
428 | } else { |
429 | die "got unknown parameter '$p' for run_command\n"; | |
430 | } | |
431 | } | |
432 | ||
4630cb95 DM |
433 | if ($errmsg) { |
434 | my $origerrfunc = $errfunc; | |
435 | $errfunc = sub { | |
436 | if ($laststderr) { | |
437 | if ($origerrfunc) { | |
438 | &$origerrfunc("$laststderr\n"); | |
439 | } else { | |
440 | print STDERR "$laststderr\n" if $laststderr; | |
441 | } | |
442 | } | |
813a5c0d | 443 | $laststderr = shift; |
4630cb95 DM |
444 | }; |
445 | } | |
446 | ||
1c50a24a DM |
447 | my $reader = $output && $output =~ m/^>&/ ? $output : IO::File->new(); |
448 | my $writer = $input && $input =~ m/^<&/ ? $input : IO::File->new(); | |
449 | my $error = IO::File->new(); | |
450 | ||
e143e9d8 DM |
451 | my $orig_pid = $$; |
452 | ||
453 | eval { | |
0f3f314e | 454 | local $ENV{LC_ALL} = 'C' if !$keeplocale; |
e143e9d8 DM |
455 | |
456 | # suppress LVM warnings like: "File descriptor 3 left open"; | |
457 | local $ENV{LVM_SUPPRESS_FD_WARNINGS} = "1"; | |
458 | ||
459 | $pid = open3($writer, $reader, $error, @$cmd) || die $!; | |
f38995ab | 460 | |
b296c4dd TL |
461 | # if we pipe fron STDIN, open3 closes STDIN, so we get a perl warning like |
462 | # "Filehandle STDIN reopened as GENXYZ .. " as soon as we open a new file. | |
f38995ab DM |
463 | # to avoid that we open /dev/null |
464 | if (!ref($writer) && !defined(fileno(STDIN))) { | |
465 | POSIX::close(0); | |
7ac222d1 | 466 | open(STDIN, '<', '/dev/null'); |
f38995ab | 467 | } |
e143e9d8 DM |
468 | }; |
469 | ||
470 | my $err = $@; | |
471 | ||
472 | # catch exec errors | |
473 | if ($orig_pid != $$) { | |
474 | warn "ERROR: $err"; | |
813a5c0d DC |
475 | POSIX::_exit (1); |
476 | kill ('KILL', $$); | |
e143e9d8 DM |
477 | } |
478 | ||
479 | die $err if $err; | |
480 | ||
481 | local $SIG{ALRM} = sub { die "got timeout\n"; } if $timeout; | |
482 | $oldtimeout = alarm($timeout) if $timeout; | |
483 | ||
a417477c DM |
484 | &$afterfork() if $afterfork; |
485 | ||
f38995ab DM |
486 | if (ref($writer)) { |
487 | print $writer $input if defined $input; | |
488 | close $writer; | |
489 | } | |
e143e9d8 | 490 | |
7ac222d1 | 491 | my $select = IO::Select->new(); |
f38995ab | 492 | $select->add($reader) if ref($reader); |
e143e9d8 DM |
493 | $select->add($error); |
494 | ||
495 | my $outlog = ''; | |
496 | my $errlog = ''; | |
497 | ||
498 | my $starttime = time(); | |
499 | ||
500 | while ($select->count) { | |
501 | my @handles = $select->can_read(1); | |
502 | ||
503 | foreach my $h (@handles) { | |
504 | my $buf = ''; | |
505 | my $count = sysread ($h, $buf, 4096); | |
506 | if (!defined ($count)) { | |
507 | my $err = $!; | |
508 | kill (9, $pid); | |
509 | waitpid ($pid, 0); | |
510 | die $err; | |
511 | } | |
512 | $select->remove ($h) if !$count; | |
513 | if ($h eq $reader) { | |
776fbfa8 | 514 | if ($outfunc || $logfunc) { |
e143e9d8 | 515 | eval { |
ba104d67 | 516 | while ($buf =~ s/^([^\010\r\n]*)(?:\n|(?:\010)+|\r\n?)//) { |
cb9db10c DC |
517 | my $line = $outlog . $1; |
518 | $outlog = ''; | |
776fbfa8 DM |
519 | &$outfunc($line) if $outfunc; |
520 | &$logfunc($line) if $logfunc; | |
e143e9d8 | 521 | } |
cb9db10c | 522 | $outlog .= $buf; |
e143e9d8 DM |
523 | }; |
524 | my $err = $@; | |
525 | if ($err) { | |
526 | kill (9, $pid); | |
527 | waitpid ($pid, 0); | |
528 | die $err; | |
529 | } | |
ed61b9d6 | 530 | } elsif (!$quiet) { |
e143e9d8 DM |
531 | print $buf; |
532 | *STDOUT->flush(); | |
533 | } | |
534 | } elsif ($h eq $error) { | |
776fbfa8 | 535 | if ($errfunc || $logfunc) { |
e143e9d8 | 536 | eval { |
ba104d67 | 537 | while ($buf =~ s/^([^\010\r\n]*)(?:\n|(?:\010)+|\r\n?)//) { |
cb9db10c DC |
538 | my $line = $errlog . $1; |
539 | $errlog = ''; | |
776fbfa8 DM |
540 | &$errfunc($line) if $errfunc; |
541 | &$logfunc($line) if $logfunc; | |
e143e9d8 | 542 | } |
cb9db10c | 543 | $errlog .= $buf; |
e143e9d8 DM |
544 | }; |
545 | my $err = $@; | |
546 | if ($err) { | |
547 | kill (9, $pid); | |
548 | waitpid ($pid, 0); | |
549 | die $err; | |
550 | } | |
ed61b9d6 | 551 | } elsif (!$quiet) { |
e143e9d8 DM |
552 | print STDERR $buf; |
553 | *STDERR->flush(); | |
554 | } | |
555 | } | |
556 | } | |
557 | } | |
558 | ||
559 | &$outfunc($outlog) if $outfunc && $outlog; | |
776fbfa8 DM |
560 | &$logfunc($outlog) if $logfunc && $outlog; |
561 | ||
e143e9d8 | 562 | &$errfunc($errlog) if $errfunc && $errlog; |
776fbfa8 | 563 | &$logfunc($errlog) if $logfunc && $errlog; |
e143e9d8 DM |
564 | |
565 | waitpid ($pid, 0); | |
813a5c0d | 566 | |
e143e9d8 DM |
567 | if ($? == -1) { |
568 | die "failed to execute\n"; | |
569 | } elsif (my $sig = ($? & 127)) { | |
570 | die "got signal $sig\n"; | |
7e826928 TL |
571 | } elsif ($exitcode = ($? >> 8)) { |
572 | if (!($exitcode == 24 && ($cmdstr =~ m|^(\S+/)?rsync\s|))) { | |
1c50a24a DM |
573 | if ($errmsg && $laststderr) { |
574 | my $lerr = $laststderr; | |
575 | $laststderr = undef; | |
576 | die "$lerr\n"; | |
577 | } | |
7e826928 | 578 | die "exit code $exitcode\n"; |
e143e9d8 | 579 | } |
e143e9d8 DM |
580 | } |
581 | ||
4bb9bfe7 | 582 | alarm(0); |
e143e9d8 DM |
583 | }; |
584 | ||
585 | my $err = $@; | |
586 | ||
587 | alarm(0); | |
588 | ||
4630cb95 DM |
589 | if ($errmsg && $laststderr) { |
590 | &$errfunc(undef); # flush laststderr | |
591 | } | |
e143e9d8 DM |
592 | |
593 | umask ($old_umask) if defined($old_umask); | |
594 | ||
595 | alarm($oldtimeout) if $oldtimeout; | |
596 | ||
597 | if ($err) { | |
598 | if ($pid && ($err eq "got timeout\n")) { | |
599 | kill (9, $pid); | |
600 | waitpid ($pid, 0); | |
601 | die "command '$cmdstr' failed: $err"; | |
602 | } | |
603 | ||
604 | if ($errmsg) { | |
adbc988d | 605 | $err =~ s/^usermod:\s*// if $cmdstr =~ m|^(\S+/)?usermod\s|; |
e143e9d8 | 606 | die "$errmsg: $err"; |
7e826928 | 607 | } elsif(!$noerr) { |
e143e9d8 DM |
608 | die "command '$cmdstr' failed: $err"; |
609 | } | |
610 | } | |
1c50a24a | 611 | |
7e826928 | 612 | return $exitcode; |
e143e9d8 DM |
613 | } |
614 | ||
2d38b8a1 TL |
615 | # Run a command with a tcp socket as standard input. |
616 | sub pipe_socket_to_command { | |
617 | my ($cmd, $ip, $port) = @_; | |
618 | ||
619 | my $params = { | |
620 | Listen => 1, | |
621 | ReuseAddr => 1, | |
622 | Proto => &Socket::IPPROTO_TCP, | |
623 | GetAddrInfoFlags => 0, | |
624 | LocalAddr => $ip, | |
625 | LocalPort => $port, | |
626 | }; | |
627 | my $socket = IO::Socket::IP->new(%$params) or die "failed to open socket: $!\n"; | |
628 | ||
629 | print "$ip\n$port\n"; # tell remote where to connect | |
630 | *STDOUT->flush(); | |
631 | ||
632 | alarm 0; | |
633 | local $SIG{ALRM} = sub { die "timed out waiting for client\n" }; | |
634 | alarm 30; | |
635 | my $client = $socket->accept; # Wait for a client | |
636 | alarm 0; | |
637 | close($socket); | |
638 | ||
639 | # We want that the command talks over the TCP socket and takes | |
640 | # ownership of it, so that when it closes it the connection is | |
641 | # terminated, so we need to be able to close the socket. So we | |
642 | # can't really use PVE::Tools::run_command(). | |
643 | my $pid = fork() // die "fork failed: $!\n"; | |
644 | if (!$pid) { | |
645 | POSIX::dup2(fileno($client), 0); | |
646 | POSIX::dup2(fileno($client), 1); | |
647 | close($client); | |
648 | exec {$cmd->[0]} @$cmd or do { | |
649 | warn "exec failed: $!\n"; | |
650 | POSIX::_exit(1); | |
651 | }; | |
652 | } | |
653 | ||
654 | close($client); | |
655 | if (waitpid($pid, 0) != $pid) { | |
656 | kill(15 => $pid); # if we got interrupted terminate the child | |
657 | my $count = 0; | |
658 | while (waitpid($pid, POSIX::WNOHANG) != $pid) { | |
659 | usleep(100000); | |
660 | $count++; | |
661 | kill(9 => $pid), last if $count > 300; # 30 second timeout | |
662 | } | |
663 | } | |
664 | if (my $sig = ($? & 127)) { | |
665 | die "got signal $sig\n"; | |
666 | } elsif (my $exitcode = ($? >> 8)) { | |
667 | die "exit code $exitcode\n"; | |
668 | } | |
669 | ||
670 | return undef; | |
671 | } | |
672 | ||
e143e9d8 | 673 | sub split_list { |
0a3de87e | 674 | my $listtxt = shift // ''; |
e143e9d8 | 675 | |
d2b0374d | 676 | return split (/\0/, $listtxt) if $listtxt =~ m/\0/; |
813a5c0d | 677 | |
d2b0374d | 678 | $listtxt =~ s/[,;]/ /g; |
e143e9d8 DM |
679 | $listtxt =~ s/^\s+//; |
680 | ||
681 | my @data = split (/\s+/, $listtxt); | |
682 | ||
683 | return @data; | |
684 | } | |
685 | ||
686 | sub trim { | |
687 | my $txt = shift; | |
688 | ||
689 | return $txt if !defined($txt); | |
690 | ||
691 | $txt =~ s/^\s+//; | |
692 | $txt =~ s/\s+$//; | |
813a5c0d | 693 | |
e143e9d8 DM |
694 | return $txt; |
695 | } | |
696 | ||
697 | # simple uri templates like "/vms/{vmid}" | |
698 | sub template_replace { | |
699 | my ($tmpl, $data) = @_; | |
700 | ||
3250f5c7 | 701 | return $tmpl if !$tmpl; |
813a5c0d | 702 | |
e143e9d8 | 703 | my $res = ''; |
14410e5f | 704 | while ($tmpl =~ m/([^{]+)?(\{([^}]+)\})?/g) { |
e143e9d8 DM |
705 | $res .= $1 if $1; |
706 | $res .= ($data->{$3} || '-') if $2; | |
707 | } | |
708 | return $res; | |
709 | } | |
710 | ||
711 | sub safe_print { | |
712 | my ($filename, $fh, $data) = @_; | |
713 | ||
714 | return if !$data; | |
715 | ||
716 | my $res = print $fh $data; | |
717 | ||
718 | die "write to '$filename' failed\n" if !$res; | |
719 | } | |
720 | ||
721 | sub debmirrors { | |
722 | ||
723 | return { | |
724 | 'at' => 'ftp.at.debian.org', | |
725 | 'au' => 'ftp.au.debian.org', | |
726 | 'be' => 'ftp.be.debian.org', | |
727 | 'bg' => 'ftp.bg.debian.org', | |
728 | 'br' => 'ftp.br.debian.org', | |
729 | 'ca' => 'ftp.ca.debian.org', | |
730 | 'ch' => 'ftp.ch.debian.org', | |
731 | 'cl' => 'ftp.cl.debian.org', | |
732 | 'cz' => 'ftp.cz.debian.org', | |
733 | 'de' => 'ftp.de.debian.org', | |
734 | 'dk' => 'ftp.dk.debian.org', | |
735 | 'ee' => 'ftp.ee.debian.org', | |
736 | 'es' => 'ftp.es.debian.org', | |
737 | 'fi' => 'ftp.fi.debian.org', | |
738 | 'fr' => 'ftp.fr.debian.org', | |
739 | 'gr' => 'ftp.gr.debian.org', | |
740 | 'hk' => 'ftp.hk.debian.org', | |
741 | 'hr' => 'ftp.hr.debian.org', | |
742 | 'hu' => 'ftp.hu.debian.org', | |
743 | 'ie' => 'ftp.ie.debian.org', | |
744 | 'is' => 'ftp.is.debian.org', | |
745 | 'it' => 'ftp.it.debian.org', | |
746 | 'jp' => 'ftp.jp.debian.org', | |
747 | 'kr' => 'ftp.kr.debian.org', | |
748 | 'mx' => 'ftp.mx.debian.org', | |
749 | 'nl' => 'ftp.nl.debian.org', | |
750 | 'no' => 'ftp.no.debian.org', | |
751 | 'nz' => 'ftp.nz.debian.org', | |
752 | 'pl' => 'ftp.pl.debian.org', | |
753 | 'pt' => 'ftp.pt.debian.org', | |
754 | 'ro' => 'ftp.ro.debian.org', | |
755 | 'ru' => 'ftp.ru.debian.org', | |
756 | 'se' => 'ftp.se.debian.org', | |
757 | 'si' => 'ftp.si.debian.org', | |
758 | 'sk' => 'ftp.sk.debian.org', | |
759 | 'tr' => 'ftp.tr.debian.org', | |
760 | 'tw' => 'ftp.tw.debian.org', | |
761 | 'gb' => 'ftp.uk.debian.org', | |
762 | 'us' => 'ftp.us.debian.org', | |
763 | }; | |
764 | } | |
765 | ||
910d57b0 DM |
766 | my $keymaphash = { |
767 | 'dk' => ['Danish', 'da', 'qwerty/dk-latin1.kmap.gz', 'dk', 'nodeadkeys'], | |
768 | 'de' => ['German', 'de', 'qwertz/de-latin1-nodeadkeys.kmap.gz', 'de', 'nodeadkeys' ], | |
813a5c0d | 769 | 'de-ch' => ['Swiss-German', 'de-ch', 'qwertz/sg-latin1.kmap.gz', 'ch', 'de_nodeadkeys' ], |
5a5ca434 DM |
770 | 'en-gb' => ['United Kingdom', 'en-gb', 'qwerty/uk.kmap.gz' , 'gb', undef], |
771 | 'en-us' => ['U.S. English', 'en-us', 'qwerty/us-latin1.kmap.gz', 'us', undef ], | |
910d57b0 DM |
772 | 'es' => ['Spanish', 'es', 'qwerty/es.kmap.gz', 'es', 'nodeadkeys'], |
773 | #'et' => [], # Ethopia or Estonia ?? | |
774 | 'fi' => ['Finnish', 'fi', 'qwerty/fi-latin1.kmap.gz', 'fi', 'nodeadkeys'], | |
775 | #'fo' => ['Faroe Islands', 'fo', ???, 'fo', 'nodeadkeys'], | |
776 | 'fr' => ['French', 'fr', 'azerty/fr-latin1.kmap.gz', 'fr', 'nodeadkeys'], | |
777 | 'fr-be' => ['Belgium-French', 'fr-be', 'azerty/be2-latin1.kmap.gz', 'be', 'nodeadkeys'], | |
778 | 'fr-ca' => ['Canada-French', 'fr-ca', 'qwerty/cf.kmap.gz', 'ca', 'fr-legacy'], | |
779 | 'fr-ch' => ['Swiss-French', 'fr-ch', 'qwertz/fr_CH-latin1.kmap.gz', 'ch', 'fr_nodeadkeys'], | |
780 | #'hr' => ['Croatia', 'hr', 'qwertz/croat.kmap.gz', 'hr', ??], # latin2? | |
781 | 'hu' => ['Hungarian', 'hu', 'qwertz/hu.kmap.gz', 'hu', undef], | |
782 | 'is' => ['Icelandic', 'is', 'qwerty/is-latin1.kmap.gz', 'is', 'nodeadkeys'], | |
783 | 'it' => ['Italian', 'it', 'qwerty/it2.kmap.gz', 'it', 'nodeadkeys'], | |
784 | 'jp' => ['Japanese', 'ja', 'qwerty/jp106.kmap.gz', 'jp', undef], | |
785 | 'lt' => ['Lithuanian', 'lt', 'qwerty/lt.kmap.gz', 'lt', 'std'], | |
786 | #'lv' => ['Latvian', 'lv', 'qwerty/lv-latin4.kmap.gz', 'lv', ??], # latin4 or latin7? | |
787 | 'mk' => ['Macedonian', 'mk', 'qwerty/mk.kmap.gz', 'mk', 'nodeadkeys'], | |
788 | 'nl' => ['Dutch', 'nl', 'qwerty/nl.kmap.gz', 'nl', undef], | |
789 | #'nl-be' => ['Belgium-Dutch', 'nl-be', ?, ?, ?], | |
813a5c0d | 790 | 'no' => ['Norwegian', 'no', 'qwerty/no-latin1.kmap.gz', 'no', 'nodeadkeys'], |
910d57b0 DM |
791 | 'pl' => ['Polish', 'pl', 'qwerty/pl.kmap.gz', 'pl', undef], |
792 | 'pt' => ['Portuguese', 'pt', 'qwerty/pt-latin1.kmap.gz', 'pt', 'nodeadkeys'], | |
793 | 'pt-br' => ['Brazil-Portuguese', 'pt-br', 'qwerty/br-latin1.kmap.gz', 'br', 'nodeadkeys'], | |
fb3a1b29 | 794 | #'ru' => ['Russian', 'ru', 'qwerty/ru.kmap.gz', 'ru', undef], # don't know? |
910d57b0 | 795 | 'si' => ['Slovenian', 'sl', 'qwertz/slovene.kmap.gz', 'si', undef], |
9934cd0b | 796 | 'se' => ['Swedish', 'sv', 'qwerty/se-latin1.kmap.gz', 'se', 'nodeadkeys'], |
910d57b0 | 797 | #'th' => [], |
c10cc112 | 798 | 'tr' => ['Turkish', 'tr', 'qwerty/trq.kmap.gz', 'tr', undef], |
910d57b0 DM |
799 | }; |
800 | ||
801 | my $kvmkeymaparray = []; | |
0a7de820 | 802 | foreach my $lc (sort keys %$keymaphash) { |
910d57b0 DM |
803 | push @$kvmkeymaparray, $keymaphash->{$lc}->[1]; |
804 | } | |
805 | ||
e143e9d8 | 806 | sub kvmkeymaps { |
910d57b0 DM |
807 | return $keymaphash; |
808 | } | |
809 | ||
810 | sub kvmkeymaplist { | |
811 | return $kvmkeymaparray; | |
e143e9d8 DM |
812 | } |
813 | ||
814 | sub extract_param { | |
815 | my ($param, $key) = @_; | |
816 | ||
817 | my $res = $param->{$key}; | |
818 | delete $param->{$key}; | |
819 | ||
820 | return $res; | |
821 | } | |
822 | ||
9d52694b | 823 | # For extracting sensitive keys (e.g. password), to avoid writing them to www-data owned configs |
40682a69 DC |
824 | sub extract_sensitive_params :prototype($$$) { |
825 | my ($param, $sensitive_list, $delete_list) = @_; | |
826 | ||
40682a69 DC |
827 | my %delete = map { $_ => 1 } ($delete_list || [])->@*; |
828 | ||
9d52694b | 829 | my $sensitive = {}; |
40682a69 | 830 | for my $opt (@$sensitive_list) { |
9d52694b TL |
831 | # handle deletions as explicitly setting `undef`, so subs which only have $param but not |
832 | # $delete_list available can recognize them. Afterwards new values may override. | |
40682a69 DC |
833 | if (exists($delete{$opt})) { |
834 | $sensitive->{$opt} = undef; | |
835 | } | |
836 | ||
837 | if (defined(my $value = extract_param($param, $opt))) { | |
838 | $sensitive->{$opt} = $value; | |
839 | } | |
840 | } | |
841 | ||
842 | return $sensitive; | |
843 | } | |
844 | ||
eb7047f6 | 845 | # Note: we use this to wait until vncterm/spiceterm is ready |
ec6d95b4 | 846 | sub wait_for_vnc_port { |
590b924e | 847 | my ($port, $family, $timeout) = @_; |
ec6d95b4 DM |
848 | |
849 | $timeout = 5 if !$timeout; | |
eb7047f6 DM |
850 | my $sleeptime = 0; |
851 | my $starttime = [gettimeofday]; | |
852 | my $elapsed; | |
ec6d95b4 | 853 | |
590b924e TL |
854 | my $cmd = ['/bin/ss', '-Htln', "sport = :$port"]; |
855 | push @$cmd, $family == AF_INET6 ? '-6' : '-4' if defined($family); | |
856 | ||
9a41a7b7 | 857 | my $found; |
eb7047f6 | 858 | while (($elapsed = tv_interval($starttime)) < $timeout) { |
9a41a7b7 | 859 | # -Htln = don't print header, tcp, listening sockets only, numeric ports |
590b924e | 860 | run_command($cmd, outfunc => sub { |
9a41a7b7 TL |
861 | my $line = shift; |
862 | if ($line =~ m/^LISTEN\s+\d+\s+\d+\s+\S+:(\d+)\s/) { | |
863 | $found = 1 if ($port == $1); | |
ec6d95b4 | 864 | } |
9a41a7b7 TL |
865 | }); |
866 | return 1 if $found; | |
eb7047f6 DM |
867 | $sleeptime += 100000 if $sleeptime < 1000000; |
868 | usleep($sleeptime); | |
ec6d95b4 DM |
869 | } |
870 | ||
8fd0d634 | 871 | die "Timeout while waiting for port '$port' to get ready!\n"; |
ec6d95b4 DM |
872 | } |
873 | ||
59b3f563 | 874 | sub next_unused_port { |
c14960cc | 875 | my ($range_start, $range_end, $family, $address) = @_; |
59b3f563 DM |
876 | |
877 | # We use a file to register allocated ports. | |
878 | # Those registrations expires after $expiretime. | |
879 | # We use this to avoid race conditions between | |
880 | # allocation and use of ports. | |
881 | ||
882 | my $filename = "/var/tmp/pve-reserved-ports"; | |
e143e9d8 | 883 | |
59b3f563 | 884 | my $code = sub { |
e143e9d8 | 885 | |
59b3f563 DM |
886 | my $expiretime = 5; |
887 | my $ctime = time(); | |
e143e9d8 | 888 | |
59b3f563 DM |
889 | my $ports = {}; |
890 | ||
891 | if (my $fh = IO::File->new ($filename, "r")) { | |
892 | while (my $line = <$fh>) { | |
893 | if ($line =~ m/^(\d+)\s(\d+)$/) { | |
894 | my ($port, $timestamp) = ($1, $2); | |
895 | if (($timestamp + $expiretime) > $ctime) { | |
896 | $ports->{$port} = $timestamp; # not expired | |
813a5c0d | 897 | } |
59b3f563 DM |
898 | } |
899 | } | |
e143e9d8 | 900 | } |
813a5c0d | 901 | |
59b3f563 | 902 | my $newport; |
c14960cc WB |
903 | my %sockargs = (Listen => 5, |
904 | ReuseAddr => 1, | |
905 | Family => $family, | |
a0ecb159 | 906 | Proto => IPPROTO_TCP, |
c14960cc WB |
907 | GetAddrInfoFlags => 0); |
908 | $sockargs{LocalAddr} = $address if defined($address); | |
59b3f563 DM |
909 | |
910 | for (my $p = $range_start; $p < $range_end; $p++) { | |
911 | next if $ports->{$p}; # reserved | |
912 | ||
c14960cc WB |
913 | $sockargs{LocalPort} = $p; |
914 | my $sock = IO::Socket::IP->new(%sockargs); | |
59b3f563 DM |
915 | |
916 | if ($sock) { | |
917 | close($sock); | |
918 | $newport = $p; | |
919 | $ports->{$p} = $ctime; | |
920 | last; | |
921 | } | |
922 | } | |
813a5c0d | 923 | |
59b3f563 DM |
924 | my $data = ""; |
925 | foreach my $p (keys %$ports) { | |
926 | $data .= "$p $ports->{$p}\n"; | |
927 | } | |
813a5c0d | 928 | |
59b3f563 | 929 | file_set_contents($filename, $data); |
e143e9d8 | 930 | |
59b3f563 DM |
931 | return $newport; |
932 | }; | |
933 | ||
3c476ed5 | 934 | my $p = lock_file('/var/lock/pve-ports.lck', 10, $code); |
59b3f563 | 935 | die $@ if $@; |
813a5c0d | 936 | |
59b3f563 DM |
937 | die "unable to find free port (${range_start}-${range_end})\n" if !$p; |
938 | ||
939 | return $p; | |
940 | } | |
941 | ||
942 | sub next_migrate_port { | |
c14960cc WB |
943 | my ($family, $address) = @_; |
944 | return next_unused_port(60000, 60050, $family, $address); | |
59b3f563 DM |
945 | } |
946 | ||
947 | sub next_vnc_port { | |
c14960cc WB |
948 | my ($family, $address) = @_; |
949 | return next_unused_port(5900, 6000, $family, $address); | |
59b3f563 | 950 | } |
e143e9d8 | 951 | |
30aeac2e DC |
952 | sub spice_port_range { |
953 | return (61000, 61999); | |
954 | } | |
955 | ||
2f13cbb5 | 956 | sub next_spice_port { |
c14960cc | 957 | my ($family, $address) = @_; |
30aeac2e | 958 | return next_unused_port(spice_port_range(), $family, $address); |
2f13cbb5 DM |
959 | } |
960 | ||
893ec6f2 WB |
961 | sub must_stringify { |
962 | my ($value) = @_; | |
963 | eval { $value = "$value" }; | |
964 | return "error turning value into a string: $@" if $@; | |
965 | return $value; | |
966 | } | |
967 | ||
72fba911 EK |
968 | # sigkill after $timeout a $sub running in a fork if it can't write a pipe |
969 | # the $sub has to return a single scalar | |
970 | sub run_fork_with_timeout { | |
971 | my ($timeout, $sub) = @_; | |
972 | ||
973 | my $res; | |
974 | my $error; | |
975 | my $pipe_out = IO::Pipe->new(); | |
72fba911 EK |
976 | |
977 | # disable pending alarms, save their remaining time | |
978 | my $prev_alarm = alarm 0; | |
979 | ||
eead1cca | 980 | # avoid leaving a zombie if the parent gets interrupted |
72fba911 | 981 | my $sig_received; |
72fba911 EK |
982 | |
983 | my $child = fork(); | |
984 | if (!defined($child)) { | |
985 | die "fork failed: $!\n"; | |
986 | return $res; | |
987 | } | |
988 | ||
989 | if (!$child) { | |
990 | $pipe_out->writer(); | |
72fba911 EK |
991 | |
992 | eval { | |
993 | $res = $sub->(); | |
f2c72fc3 | 994 | print {$pipe_out} encode_json({ result => $res }); |
72fba911 EK |
995 | $pipe_out->flush(); |
996 | }; | |
997 | if (my $err = $@) { | |
893ec6f2 | 998 | print {$pipe_out} encode_json({ error => must_stringify($err) }); |
f2c72fc3 | 999 | $pipe_out->flush(); |
72fba911 EK |
1000 | POSIX::_exit(1); |
1001 | } | |
1002 | POSIX::_exit(0); | |
1003 | } | |
1004 | ||
2e353dfb DC |
1005 | local $SIG{INT} = sub { $sig_received++; }; |
1006 | local $SIG{TERM} = sub { | |
1007 | $error //= "interrupted by unexpected signal\n"; | |
1008 | kill('TERM', $child); | |
1009 | }; | |
1010 | ||
72fba911 | 1011 | $pipe_out->reader(); |
72fba911 EK |
1012 | |
1013 | my $readvalues = sub { | |
1014 | local $/ = undef; | |
2e353dfb | 1015 | my $child_res = decode_json(readline_nointr($pipe_out)); |
f2c72fc3 TL |
1016 | $res = $child_res->{result}; |
1017 | $error = $child_res->{error}; | |
72fba911 | 1018 | }; |
a6aa0ae9 | 1019 | my $got_timeout = 0; |
72fba911 | 1020 | eval { |
a2d049af | 1021 | if (defined($timeout)) { |
a6aa0ae9 | 1022 | (undef, $got_timeout) = run_with_timeout($timeout, $readvalues); |
a2d049af WB |
1023 | } else { |
1024 | $readvalues->(); | |
1025 | } | |
72fba911 EK |
1026 | }; |
1027 | warn $@ if $@; | |
1028 | $pipe_out->close(); | |
72fba911 | 1029 | kill('KILL', $child); |
c663330d | 1030 | # FIXME: hangs if $child doesn't exits?! (D state) |
72fba911 EK |
1031 | waitpid($child, 0); |
1032 | ||
1033 | alarm $prev_alarm; | |
1034 | die "interrupted by unexpected signal\n" if $sig_received; | |
1035 | ||
1036 | die $error if $error; | |
a6aa0ae9 | 1037 | return wantarray ? ($res, $got_timeout) : $res; |
72fba911 EK |
1038 | } |
1039 | ||
a2d049af WB |
1040 | sub run_fork { |
1041 | my ($code) = @_; | |
1042 | return run_fork_with_timeout(undef, $code); | |
1043 | } | |
1044 | ||
813a5c0d | 1045 | # NOTE: NFS syscall can't be interrupted, so alarm does |
e143e9d8 DM |
1046 | # not work to provide timeouts. |
1047 | # from 'man nfs': "Only SIGKILL can interrupt a pending NFS operation" | |
97c8c857 | 1048 | # So fork() before using Filesys::Df |
e143e9d8 DM |
1049 | sub df { |
1050 | my ($path, $timeout) = @_; | |
1051 | ||
4fdc9659 | 1052 | my $df = sub { return Filesys::Df::df($path, 1) }; |
97c8c857 | 1053 | |
4fdc9659 TL |
1054 | my $res = eval { run_fork_with_timeout($timeout, $df) } // {}; |
1055 | warn $@ if $@; | |
97c8c857 | 1056 | |
8bc99fda TL |
1057 | # untaint, but be flexible: PB usage can result in scientific notation |
1058 | my ($blocks, $used, $bavail) = map { defined($_) ? (/^([\d\.e\-+]+)$/) : 0 } | |
fd58bb2b DC |
1059 | $res->@{qw(blocks used bavail)}; |
1060 | ||
4fdc9659 | 1061 | return { |
fd58bb2b DC |
1062 | total => $blocks, |
1063 | used => $used, | |
1064 | avail => $bavail, | |
e143e9d8 | 1065 | }; |
e143e9d8 DM |
1066 | } |
1067 | ||
62635f92 DM |
1068 | sub du { |
1069 | my ($path, $timeout) = @_; | |
1070 | ||
1071 | my $size; | |
1072 | ||
1073 | $timeout //= 10; | |
1074 | ||
1075 | my $parser = sub { | |
1076 | my $line = shift; | |
1077 | ||
1078 | if ($line =~ m/^(\d+)\s+total$/) { | |
1079 | $size = $1; | |
1080 | } | |
1081 | }; | |
1082 | ||
1083 | run_command(['du', '-scb', $path], outfunc => $parser, timeout => $timeout); | |
1084 | ||
1085 | return $size; | |
1086 | } | |
1087 | ||
e143e9d8 DM |
1088 | # UPID helper |
1089 | # We use this to uniquely identify a process. | |
813a5c0d | 1090 | # An 'Unique Process ID' has the following format: |
e143e9d8 DM |
1091 | # "UPID:$node:$pid:$pstart:$startime:$dtype:$id:$user" |
1092 | ||
1093 | sub upid_encode { | |
1094 | my $d = shift; | |
1095 | ||
19cec230 DM |
1096 | # Note: pstart can be > 32bit if uptime > 497 days, so this can result in |
1097 | # more that 8 characters for pstart | |
813a5c0d DC |
1098 | return sprintf("UPID:%s:%08X:%08X:%08X:%s:%s:%s:", $d->{node}, $d->{pid}, |
1099 | $d->{pstart}, $d->{starttime}, $d->{type}, $d->{id}, | |
e143e9d8 DM |
1100 | $d->{user}); |
1101 | } | |
1102 | ||
1103 | sub upid_decode { | |
1104 | my ($upid, $noerr) = @_; | |
1105 | ||
1106 | my $res; | |
1107 | my $filename; | |
1108 | ||
1109 | # "UPID:$node:$pid:$pstart:$startime:$dtype:$id:$user" | |
19cec230 DM |
1110 | # Note: allow up to 9 characters for pstart (work until 20 years uptime) |
1111 | if ($upid =~ m/^UPID:([a-zA-Z0-9]([a-zA-Z0-9\-]*[a-zA-Z0-9])?):([0-9A-Fa-f]{8}):([0-9A-Fa-f]{8,9}):([0-9A-Fa-f]{8}):([^:\s]+):([^:\s]*):([^:\s]+):$/) { | |
e143e9d8 | 1112 | $res->{node} = $1; |
3702f038 DM |
1113 | $res->{pid} = hex($3); |
1114 | $res->{pstart} = hex($4); | |
1115 | $res->{starttime} = hex($5); | |
1116 | $res->{type} = $6; | |
1117 | $res->{id} = $7; | |
1118 | $res->{user} = $8; | |
1119 | ||
1120 | my $subdir = substr($5, 7, 8); | |
e143e9d8 DM |
1121 | $filename = "$pvetaskdir/$subdir/$upid"; |
1122 | ||
1123 | } else { | |
1124 | return undef if $noerr; | |
1125 | die "unable to parse worker upid '$upid'\n"; | |
1126 | } | |
1127 | ||
1128 | return wantarray ? ($res, $filename) : $res; | |
1129 | } | |
1130 | ||
1131 | sub upid_open { | |
1132 | my ($upid) = @_; | |
1133 | ||
813a5c0d | 1134 | my ($task, $filename) = upid_decode($upid); |
e143e9d8 DM |
1135 | |
1136 | my $dirname = dirname($filename); | |
1137 | make_path($dirname); | |
1138 | ||
1139 | my $wwwid = getpwnam('www-data') || | |
1140 | die "getpwnam failed"; | |
1141 | ||
1142 | my $perm = 0640; | |
813a5c0d | 1143 | |
e143e9d8 DM |
1144 | my $outfh = IO::File->new ($filename, O_WRONLY|O_CREAT|O_EXCL, $perm) || |
1145 | die "unable to create output file '$filename' - $!\n"; | |
2b8e0f12 | 1146 | chown $wwwid, -1, $outfh; |
e143e9d8 DM |
1147 | |
1148 | return $outfh; | |
1149 | }; | |
1150 | ||
1151 | sub upid_read_status { | |
1152 | my ($upid) = @_; | |
1153 | ||
1154 | my ($task, $filename) = upid_decode($upid); | |
1155 | my $fh = IO::File->new($filename, "r"); | |
1156 | return "unable to open file - $!" if !$fh; | |
cc9121d3 | 1157 | my $maxlen = 4096; |
e143e9d8 DM |
1158 | sysseek($fh, -$maxlen, 2); |
1159 | my $readbuf = ''; | |
1160 | my $br = sysread($fh, $readbuf, $maxlen); | |
1161 | close($fh); | |
1162 | if ($br) { | |
1163 | return "unable to extract last line" | |
1164 | if $readbuf !~ m/\n?(.+)$/; | |
1165 | my $line = $1; | |
1166 | if ($line =~ m/^TASK OK$/) { | |
1167 | return 'OK'; | |
1168 | } elsif ($line =~ m/^TASK ERROR: (.+)$/) { | |
1169 | return $1; | |
ff79ee65 FE |
1170 | } elsif ($line =~ m/^TASK (WARNINGS: \d+)$/) { |
1171 | return $1; | |
e143e9d8 DM |
1172 | } else { |
1173 | return "unexpected status"; | |
1174 | } | |
1175 | } | |
1176 | return "unable to read tail (got $br bytes)"; | |
1177 | } | |
1178 | ||
4cc5b13d FE |
1179 | # Check if the status returned by upid_read_status is an error status. |
1180 | # If the status could not be parsed it's also treated as an error. | |
1181 | sub upid_status_is_error { | |
1182 | my ($status) = @_; | |
1183 | ||
1184 | return !($status eq 'OK' || $status =~ m/^WARNINGS: \d+$/); | |
1185 | } | |
1186 | ||
ae54eabf TL |
1187 | # takes the parsed status and returns the type, either ok, warning, error or unknown |
1188 | sub upid_normalize_status_type { | |
4e536038 DC |
1189 | my ($status) = @_; |
1190 | ||
1191 | if (!$status) { | |
1192 | return 'unknown'; | |
ae54eabf | 1193 | } elsif ($status eq 'OK') { |
4e536038 DC |
1194 | return 'ok'; |
1195 | } elsif ($status =~ m/^WARNINGS: \d+$/) { | |
1196 | return 'warning'; | |
1197 | } elsif ($status eq 'unexpected status') { | |
1198 | return 'unknown'; | |
1199 | } else { | |
1200 | return 'error'; | |
1201 | } | |
1202 | } | |
1203 | ||
813a5c0d | 1204 | # useful functions to store comments in config files |
e143e9d8 DM |
1205 | sub encode_text { |
1206 | my ($text) = @_; | |
1207 | ||
1208 | # all control and hi-bit characters, and ':' | |
1209 | my $unsafe = "^\x20-\x39\x3b-\x7e"; | |
1210 | return uri_escape(Encode::encode("utf8", $text), $unsafe); | |
1211 | } | |
1212 | ||
1213 | sub decode_text { | |
1214 | my ($data) = @_; | |
1215 | ||
1216 | return Encode::decode("utf8", uri_unescape($data)); | |
1217 | } | |
1218 | ||
a45a1df1 | 1219 | # NOTE: deprecated - do not use! we now decode all parameters by default |
815b2aba DM |
1220 | sub decode_utf8_parameters { |
1221 | my ($param) = @_; | |
1222 | ||
34ebb226 | 1223 | foreach my $p (qw(comment description firstname lastname)) { |
815b2aba DM |
1224 | $param->{$p} = decode('utf8', $param->{$p}) if $param->{$p}; |
1225 | } | |
1226 | ||
1227 | return $param; | |
1228 | } | |
1229 | ||
a413a515 | 1230 | sub random_ether_addr { |
12392173 | 1231 | my ($prefix) = @_; |
a413a515 | 1232 | |
46a11c00 DM |
1233 | my ($seconds, $microseconds) = gettimeofday; |
1234 | ||
d743b69c | 1235 | my $rand = Digest::SHA::sha1($$, rand(), $seconds, $microseconds); |
a413a515 | 1236 | |
85d5625a | 1237 | # clear multicast, set local id |
de9a267f | 1238 | vec($rand, 0, 8) = (vec($rand, 0, 8) & 0xfe) | 2; |
a413a515 | 1239 | |
12392173 WB |
1240 | my $addr = sprintf("%02X:%02X:%02X:%02X:%02X:%02X", unpack("C6", $rand)); |
1241 | if (defined($prefix)) { | |
1242 | $addr = uc($prefix) . substr($addr, length($prefix)); | |
1243 | } | |
1244 | return $addr; | |
a413a515 | 1245 | } |
e143e9d8 | 1246 | |
762e3223 DM |
1247 | sub shellquote { |
1248 | my $str = shift; | |
1249 | ||
7514b23a | 1250 | return String::ShellQuote::shell_quote($str); |
762e3223 DM |
1251 | } |
1252 | ||
65e1d3fc DM |
1253 | sub cmd2string { |
1254 | my ($cmd) = @_; | |
1255 | ||
1256 | die "no arguments" if !$cmd; | |
1257 | ||
1258 | return $cmd if !ref($cmd); | |
1259 | ||
1260 | my @qa = (); | |
1261 | foreach my $arg (@$cmd) { push @qa, shellquote($arg); } | |
1262 | ||
1263 | return join (' ', @qa); | |
1264 | } | |
1265 | ||
e38bcd35 | 1266 | # split an shell argument string into an array, |
f9125663 DM |
1267 | sub split_args { |
1268 | my ($str) = @_; | |
1269 | ||
e38bcd35 | 1270 | return $str ? [ Text::ParseWords::shellwords($str) ] : []; |
f9125663 DM |
1271 | } |
1272 | ||
12a0ec18 CE |
1273 | sub dump_logfile_by_filehandle { |
1274 | my ($fh, $filter, $state) = @_; | |
804b1041 | 1275 | |
12a0ec18 CE |
1276 | my $count = ($state->{count} //= 0); |
1277 | my $lines = ($state->{lines} //= []); | |
1278 | my $start = ($state->{start} //= 0); | |
1279 | my $limit = ($state->{limit} //= 50); | |
1280 | my $final = ($state->{final} //= 1); | |
1281 | my $read_until_end = ($state->{read_until_end} //= $limit == 0); | |
804b1041 DM |
1282 | |
1283 | my $line; | |
eb7e5538 DM |
1284 | if ($filter) { |
1285 | # duplicate code, so that we do not slow down normal path | |
1286 | while (defined($line = <$fh>)) { | |
12a0ec18 CE |
1287 | if (ref($filter) eq 'CODE') { |
1288 | next if !$filter->($line); | |
1289 | } else { | |
1290 | next if $line !~ m/$filter/; | |
1291 | } | |
eb7e5538 | 1292 | next if $count++ < $start; |
f0c1b0c0 DT |
1293 | if (!$read_until_end) { |
1294 | next if $limit <= 0; | |
1295 | $limit--; | |
1296 | } | |
eb7e5538 DM |
1297 | chomp $line; |
1298 | push @$lines, { n => $count, t => $line}; | |
eb7e5538 DM |
1299 | } |
1300 | } else { | |
1301 | while (defined($line = <$fh>)) { | |
1302 | next if $count++ < $start; | |
f0c1b0c0 DT |
1303 | if (!$read_until_end) { |
1304 | next if $limit <= 0; | |
1305 | $limit--; | |
1306 | } | |
eb7e5538 DM |
1307 | chomp $line; |
1308 | push @$lines, { n => $count, t => $line}; | |
eb7e5538 | 1309 | } |
804b1041 DM |
1310 | } |
1311 | ||
6de95a66 DM |
1312 | # HACK: ExtJS store.guaranteeRange() does not like empty array |
1313 | # so we add a line | |
12a0ec18 | 1314 | if (!$count && $final) { |
6de95a66 DM |
1315 | $count++; |
1316 | push @$lines, { n => $count, t => "no content"}; | |
1317 | } | |
1318 | ||
12a0ec18 CE |
1319 | $state->{count} = $count; |
1320 | $state->{limit} = $limit; | |
1321 | } | |
1322 | ||
1323 | sub dump_logfile { | |
1324 | my ($filename, $start, $limit, $filter) = @_; | |
1325 | ||
1326 | my $fh = IO::File->new($filename, "r"); | |
1327 | if (!$fh) { | |
1328 | return (1, { n => 1, t => "unable to open file - $!"}); | |
1329 | } | |
1330 | ||
1331 | my %state = ( | |
1332 | 'count' => 0, | |
1333 | 'lines' => [], | |
1334 | 'start' => $start, | |
1335 | 'limit' => $limit, | |
1336 | ); | |
1337 | ||
1338 | dump_logfile_by_filehandle($fh, $filter, \%state); | |
1339 | ||
1340 | close($fh); | |
1341 | ||
1342 | return ($state{'count'}, $state{'lines'}); | |
6de95a66 DM |
1343 | } |
1344 | ||
1345 | sub dump_journal { | |
ccf60d3b | 1346 | my ($start, $limit, $since, $until, $service) = @_; |
6de95a66 DM |
1347 | |
1348 | my $lines = []; | |
1349 | my $count = 0; | |
813a5c0d | 1350 | |
6de95a66 DM |
1351 | $start = 0 if !$start; |
1352 | $limit = 50 if !$limit; | |
1353 | ||
1354 | my $parser = sub { | |
1355 | my $line = shift; | |
1356 | ||
4bb9bfe7 | 1357 | return if $count++ < $start; |
6de95a66 DM |
1358 | return if $limit <= 0; |
1359 | push @$lines, { n => int($count), t => $line}; | |
1360 | $limit--; | |
1361 | }; | |
1362 | ||
1363 | my $cmd = ['journalctl', '-o', 'short', '--no-pager']; | |
19e95cd0 | 1364 | |
ccf60d3b | 1365 | push @$cmd, '--unit', $service if $service; |
19e95cd0 TL |
1366 | push @$cmd, '--since', $since if $since; |
1367 | push @$cmd, '--until', $until if $until; | |
6de95a66 DM |
1368 | run_command($cmd, outfunc => $parser); |
1369 | ||
804b1041 DM |
1370 | # HACK: ExtJS store.guaranteeRange() does not like empty array |
1371 | # so we add a line | |
1372 | if (!$count) { | |
1373 | $count++; | |
1374 | push @$lines, { n => $count, t => "no content"}; | |
1375 | } | |
1376 | ||
1377 | return ($count, $lines); | |
1378 | } | |
1379 | ||
7eb283fb DM |
1380 | sub dir_glob_regex { |
1381 | my ($dir, $regex) = @_; | |
1382 | ||
1383 | my $dh = IO::Dir->new ($dir); | |
1384 | return wantarray ? () : undef if !$dh; | |
813a5c0d DC |
1385 | |
1386 | while (defined(my $tmp = $dh->read)) { | |
7eb283fb DM |
1387 | if (my @res = $tmp =~ m/^($regex)$/) { |
1388 | $dh->close; | |
1389 | return wantarray ? @res : $tmp; | |
1390 | } | |
1391 | } | |
1392 | $dh->close; | |
1393 | ||
1394 | return wantarray ? () : undef; | |
1395 | } | |
1396 | ||
1397 | sub dir_glob_foreach { | |
1398 | my ($dir, $regex, $func) = @_; | |
1399 | ||
1400 | my $dh = IO::Dir->new ($dir); | |
1401 | if (defined $dh) { | |
1402 | while (defined(my $tmp = $dh->read)) { | |
1403 | if (my @res = $tmp =~ m/^($regex)$/) { | |
1404 | &$func (@res); | |
1405 | } | |
1406 | } | |
813a5c0d | 1407 | } |
7eb283fb DM |
1408 | } |
1409 | ||
a345b9d5 DM |
1410 | sub assert_if_modified { |
1411 | my ($digest1, $digest2) = @_; | |
1412 | ||
1413 | if ($digest1 && $digest2 && ($digest1 ne $digest2)) { | |
212fc0b7 | 1414 | die "detected modified configuration - file changed by other user? Try again.\n"; |
a345b9d5 DM |
1415 | } |
1416 | } | |
1417 | ||
2d3bca34 DM |
1418 | # Digest for short strings |
1419 | # like FNV32a, but we only return 31 bits (positive numbers) | |
1420 | sub fnv31a { | |
1421 | my ($string) = @_; | |
1422 | ||
1423 | my $hval = 0x811c9dc5; | |
1424 | ||
1425 | foreach my $c (unpack('C*', $string)) { | |
1426 | $hval ^= $c; | |
1427 | $hval += ( | |
1428 | (($hval << 1) ) + | |
1429 | (($hval << 4) ) + | |
1430 | (($hval << 7) ) + | |
1431 | (($hval << 8) ) + | |
1432 | (($hval << 24) ) ); | |
1433 | $hval = $hval & 0xffffffff; | |
1434 | } | |
1435 | return $hval & 0x7fffffff; | |
1436 | } | |
1437 | ||
1438 | sub fnv31a_hex { return sprintf("%X", fnv31a(@_)); } | |
1439 | ||
8df6b794 WB |
1440 | sub unpack_sockaddr_in46 { |
1441 | my ($sin) = @_; | |
1442 | my $family = Socket::sockaddr_family($sin); | |
1443 | my ($port, $host) = ($family == AF_INET6 ? Socket::unpack_sockaddr_in6($sin) | |
1444 | : Socket::unpack_sockaddr_in($sin)); | |
1445 | return ($family, $port, $host); | |
1446 | } | |
1447 | ||
a0b6ef52 WB |
1448 | sub getaddrinfo_all { |
1449 | my ($hostname, @opts) = @_; | |
7a2e8ca1 TL |
1450 | my %hints = ( |
1451 | flags => AI_V4MAPPED | AI_ALL, | |
1452 | @opts, | |
1453 | ); | |
a956854f | 1454 | my ($err, @res) = Socket::getaddrinfo($hostname, '0', \%hints); |
a0b6ef52 WB |
1455 | die "failed to get address info for: $hostname: $err\n" if $err; |
1456 | return @res; | |
1457 | } | |
a956854f | 1458 | |
a0b6ef52 WB |
1459 | sub get_host_address_family { |
1460 | my ($hostname, $socktype) = @_; | |
1461 | my @res = getaddrinfo_all($hostname, socktype => $socktype); | |
1462 | return $res[0]->{family}; | |
a956854f WB |
1463 | } |
1464 | ||
d3c8f0c1 EK |
1465 | # get the fully qualified domain name of a host |
1466 | # same logic as hostname(1): The FQDN is the name getaddrinfo(3) returns, | |
1467 | # given a nodename as a parameter | |
1468 | sub get_fqdn { | |
1469 | my ($nodename) = @_; | |
1470 | ||
1471 | my $hints = { | |
1472 | flags => AI_CANONNAME, | |
1473 | socktype => SOCK_DGRAM | |
1474 | }; | |
1475 | ||
1476 | my ($err, @addrs) = Socket::getaddrinfo($nodename, undef, $hints); | |
1477 | ||
1478 | die "getaddrinfo: $err" if $err; | |
1479 | ||
1480 | return $addrs[0]->{canonname}; | |
1481 | } | |
1482 | ||
b2613777 WB |
1483 | # Parses any sane kind of host, or host+port pair: |
1484 | # The port is always optional and thus may be undef. | |
1485 | sub parse_host_and_port { | |
1486 | my ($address) = @_; | |
1487 | if ($address =~ /^($IPV4RE|[[:alnum:]\-.]+)(?::(\d+))?$/ || # ipv4 or host with optional ':port' | |
1488 | $address =~ /^\[($IPV6RE|$IPV4RE|[[:alnum:]\-.]+)\](?::(\d+))?$/ || # anything in brackets with optional ':port' | |
1489 | $address =~ /^($IPV6RE)(?:\.(\d+))?$/) # ipv6 with optional port separated by dot | |
1490 | { | |
1491 | return ($1, $2, 1); # end with 1 to support simple if(parse...) tests | |
1492 | } | |
1493 | return; # nothing | |
1494 | } | |
1495 | ||
0c078e66 SI |
1496 | sub setresuid($$$) { |
1497 | my ($ruid, $euid, $suid) = @_; | |
6647801c | 1498 | return 0 == syscall(PVE::Syscall::setresuid, int($ruid), int($euid), int($suid)); |
0c078e66 SI |
1499 | } |
1500 | ||
817c6be0 | 1501 | sub unshare($) { |
952fd95e | 1502 | my ($flags) = @_; |
6647801c | 1503 | return 0 == syscall(PVE::Syscall::unshare, int($flags)); |
952fd95e WB |
1504 | } |
1505 | ||
891b224a WB |
1506 | sub setns($$) { |
1507 | my ($fileno, $nstype) = @_; | |
6647801c | 1508 | return 0 == syscall(PVE::Syscall::setns, int($fileno), int($nstype)); |
891b224a WB |
1509 | } |
1510 | ||
44acb12c WB |
1511 | sub syncfs($) { |
1512 | my ($fileno) = @_; | |
6647801c | 1513 | return 0 == syscall(PVE::Syscall::syncfs, int($fileno)); |
44acb12c WB |
1514 | } |
1515 | ||
cee0e23a TL |
1516 | sub fsync($) { |
1517 | my ($fileno) = @_; | |
6647801c | 1518 | return 0 == syscall(PVE::Syscall::fsync, int($fileno)); |
cee0e23a TL |
1519 | } |
1520 | ||
bd9eb367 WB |
1521 | sub renameat2($$$$$) { |
1522 | my ($olddirfd, $oldpath, $newdirfd, $newpath, $flags) = @_; | |
6647801c WB |
1523 | return 0 == syscall( |
1524 | PVE::Syscall::renameat2, | |
1525 | int($olddirfd), | |
1526 | $oldpath, | |
1527 | int($newdirfd), | |
1528 | $newpath, | |
1529 | int($flags), | |
1530 | ); | |
bd9eb367 WB |
1531 | } |
1532 | ||
44acb12c WB |
1533 | sub sync_mountpoint { |
1534 | my ($path) = @_; | |
b260d4e3 | 1535 | sysopen my $fd, $path, O_RDONLY|O_CLOEXEC or die "failed to open $path: $!\n"; |
09d47f9d TL |
1536 | my $syncfs_err; |
1537 | if (!syncfs(fileno($fd))) { | |
1538 | $syncfs_err = "$!"; | |
1539 | } | |
44acb12c | 1540 | close($fd); |
09d47f9d | 1541 | die "syncfs '$path' failed - $syncfs_err\n" if defined $syncfs_err; |
44acb12c WB |
1542 | } |
1543 | ||
9915a41b TL |
1544 | my sub check_mail_addr { |
1545 | my ($addr) = @_; | |
1546 | die "'$addr' does not look like a valid email address or username\n" | |
1547 | if $addr !~ /^$EMAIL_RE$/ && $addr !~ /^$EMAIL_USER_RE$/; | |
1548 | } | |
1549 | ||
b61a47db TL |
1550 | # support sending multi-part mail messages with a text and or a HTML part |
1551 | # mailto may be a single email string or an array of receivers | |
1552 | sub sendmail { | |
1553 | my ($mailto, $subject, $text, $html, $mailfrom, $author) = @_; | |
1554 | ||
5a873e6d | 1555 | $mailto = [ $mailto ] if !ref($mailto); |
b61a47db | 1556 | |
9915a41b TL |
1557 | check_mail_addr($_) for $mailto->@*; |
1558 | my $to_quoted = [ map { shellquote($_) } $mailto->@* ]; | |
b61a47db TL |
1559 | |
1560 | $mailfrom = $mailfrom || "root"; | |
9915a41b TL |
1561 | check_mail_addr($mailfrom); |
1562 | my $from_quoted = shellquote($mailfrom); | |
c9c6d910 | 1563 | |
a24d91ea | 1564 | $author = $author // 'Proxmox VE'; |
b61a47db | 1565 | |
9915a41b | 1566 | open (my $mail, "|-", "sendmail", "-B", "8BITMIME", "-f", $from_quoted, "--", $to_quoted->@*) |
7ac222d1 | 1567 | or die "unable to open 'sendmail' - $!"; |
b61a47db | 1568 | |
b18826ce | 1569 | my $is_multipart = $text && $html; |
9915a41b | 1570 | my $boundary = "----_=_NextPart_001_" . int(time()) . $$; # multipart spec, see rfc 1521 |
b18826ce | 1571 | |
9915a41b | 1572 | $subject = Encode::encode('MIME-Header', $subject) if $subject =~ /[^[:ascii:]]/; |
b61a47db | 1573 | |
9915a41b | 1574 | print $mail "MIME-Version: 1.0\n" if $subject =~ /[^[:ascii:]]/ || $is_multipart; |
b61a47db | 1575 | |
7ac222d1 | 1576 | print $mail "From: $author <$mailfrom>\n"; |
9915a41b TL |
1577 | print $mail "To: " . join(', ', @$mailto) ."\n"; |
1578 | print $mail "Date: " . time2str('%a, %d %b %Y %H:%M:%S %z', time()) . "\n"; | |
7ac222d1 | 1579 | print $mail "Subject: $subject\n"; |
b18826ce SI |
1580 | |
1581 | if ($is_multipart) { | |
7ac222d1 TL |
1582 | print $mail "Content-Type: multipart/alternative;\n"; |
1583 | print $mail "\tboundary=\"$boundary\"\n"; | |
1584 | print $mail "\n"; | |
1585 | print $mail "This is a multi-part message in MIME format.\n\n"; | |
1586 | print $mail "--$boundary\n"; | |
b18826ce | 1587 | } |
b61a47db | 1588 | |
5a873e6d | 1589 | if (defined($text)) { |
7ac222d1 TL |
1590 | print $mail "Content-Type: text/plain;\n"; |
1591 | print $mail "\tcharset=\"UTF-8\"\n"; | |
1592 | print $mail "Content-Transfer-Encoding: 8bit\n"; | |
1593 | print $mail "\n"; | |
b61a47db TL |
1594 | |
1595 | # avoid 'remove extra line breaks' issue (MS Outlook) | |
1596 | my $fill = ' '; | |
1597 | $text =~ s/^/$fill/gm; | |
1598 | ||
7ac222d1 | 1599 | print $mail $text; |
b61a47db | 1600 | |
7ac222d1 | 1601 | print $mail "\n--$boundary\n" if $is_multipart; |
b61a47db TL |
1602 | } |
1603 | ||
5a873e6d | 1604 | if (defined($html)) { |
7ac222d1 TL |
1605 | print $mail "Content-Type: text/html;\n"; |
1606 | print $mail "\tcharset=\"UTF-8\"\n"; | |
1607 | print $mail "Content-Transfer-Encoding: 8bit\n"; | |
1608 | print $mail "\n"; | |
b61a47db | 1609 | |
7ac222d1 | 1610 | print $mail $html; |
b61a47db | 1611 | |
7ac222d1 | 1612 | print $mail "\n--$boundary--\n" if $is_multipart; |
b61a47db TL |
1613 | } |
1614 | ||
7ac222d1 | 1615 | close($mail); |
b61a47db TL |
1616 | } |
1617 | ||
85237c0b TL |
1618 | # creates a temporary file that does not shows up on the file system hierarchy. |
1619 | # | |
1620 | # Uses O_TMPFILE if available, which makes it just an anon inode that never shows up in the FS. | |
1621 | # If O_TMPFILE is not available, which unlikely nowadays (added in 3.11 kernel and all FS relevant | |
1622 | # for us support it) back to open-create + immediate unlink while still holding the file handle. | |
1623 | # | |
1624 | # TODO: to avoid FS dependent features we could (transparently) switch to memfd_create as backend | |
26598a51 WB |
1625 | sub tempfile { |
1626 | my ($perm, %opts) = @_; | |
1627 | ||
1628 | # default permissions are stricter than with file_set_contents | |
1629 | $perm = 0600 if !defined($perm); | |
1630 | ||
9cccad5e TL |
1631 | my $dir = $opts{dir}; |
1632 | if (!$dir) { | |
1633 | if (-d "/run/user/$<") { | |
1634 | $dir = "/run/user/$<"; | |
1635 | } elsif ($< == 0) { | |
1636 | $dir = "/run"; | |
1637 | } else { | |
1638 | $dir = "/tmp"; | |
1639 | } | |
1640 | } | |
26598a51 WB |
1641 | my $mode = $opts{mode} // O_RDWR; |
1642 | $mode |= O_EXCL if !$opts{allow_links}; | |
1643 | ||
7e1ee743 WB |
1644 | my $fh = IO::File->new($dir, $mode | O_TMPFILE, $perm); |
1645 | if (!$fh && $! == EOPNOTSUPP) { | |
77b2b96f | 1646 | $dir = '/tmp' if !defined($opts{dir}); |
7e1ee743 WB |
1647 | $dir .= "/.tmpfile.$$"; |
1648 | $fh = IO::File->new($dir, $mode | O_CREAT | O_EXCL, $perm); | |
1649 | unlink($dir) if $fh; | |
1650 | } | |
1651 | die "failed to create tempfile: $!\n" if !$fh; | |
26598a51 WB |
1652 | return $fh; |
1653 | } | |
1654 | ||
85237c0b | 1655 | # create an (ideally) anon file with the $data as content and return its FD-path and FH |
26598a51 WB |
1656 | sub tempfile_contents { |
1657 | my ($data, $perm, %opts) = @_; | |
1658 | ||
1659 | my $fh = tempfile($perm, %opts); | |
1660 | eval { | |
1661 | die "unable to write to tempfile: $!\n" if !print {$fh} $data; | |
1662 | die "unable to flush to tempfile: $!\n" if !defined($fh->flush()); | |
1663 | }; | |
1664 | if (my $err = $@) { | |
1665 | close $fh; | |
1666 | die $err; | |
1667 | } | |
1668 | ||
1669 | return ("/proc/$$/fd/".$fh->fileno, $fh); | |
1670 | } | |
1671 | ||
48df47a4 FG |
1672 | sub validate_ssh_public_keys { |
1673 | my ($raw) = @_; | |
1674 | my @lines = split(/\n/, $raw); | |
1675 | ||
1676 | foreach my $line (@lines) { | |
1677 | next if $line =~ m/^\s*$/; | |
1678 | eval { | |
1679 | my ($filename, $handle) = tempfile_contents($line); | |
1680 | run_command(["ssh-keygen", "-l", "-f", $filename], | |
1681 | outfunc => sub {}, errfunc => sub {}); | |
1682 | }; | |
1683 | die "SSH public key validation error\n" if $@; | |
1684 | } | |
1685 | } | |
1686 | ||
21c56a96 WB |
1687 | sub openat($$$;$) { |
1688 | my ($dirfd, $pathname, $flags, $mode) = @_; | |
6647801c WB |
1689 | $dirfd = int($dirfd); |
1690 | $flags = int($flags); | |
1691 | $mode = int($mode // 0); | |
1692 | ||
1693 | my $fd = syscall(PVE::Syscall::openat, $dirfd, $pathname, $flags, $mode); | |
21c56a96 WB |
1694 | return undef if $fd < 0; |
1695 | # sysopen() doesn't deal with numeric file descriptors apparently | |
1696 | # so we need to convert to a mode string for IO::Handle->new_from_fd | |
1697 | my $flagstr = ($flags & O_RDWR) ? 'rw' : ($flags & O_WRONLY) ? 'w' : 'r'; | |
1698 | my $handle = IO::Handle->new_from_fd($fd, $flagstr); | |
1699 | return $handle if $handle; | |
1700 | my $err = $!; # save error before closing the raw fd | |
c8e94d4b | 1701 | syscall(PVE::Syscall::close, $fd); # close |
21c56a96 WB |
1702 | $! = $err; |
1703 | return undef; | |
1704 | } | |
1705 | ||
1706 | sub mkdirat($$$) { | |
1707 | my ($dirfd, $name, $mode) = @_; | |
6647801c | 1708 | return syscall(PVE::Syscall::mkdirat, int($dirfd), $name, int($mode)) == 0; |
21c56a96 WB |
1709 | } |
1710 | ||
6cf6b404 FG |
1711 | sub fchownat($$$$$) { |
1712 | my ($dirfd, $pathname, $owner, $group, $flags) = @_; | |
6647801c WB |
1713 | return syscall( |
1714 | PVE::Syscall::fchownat, | |
1715 | int($dirfd), | |
1716 | $pathname, | |
1717 | int($owner), | |
1718 | int($group), | |
1719 | int($flags), | |
1720 | ) == 0; | |
6cf6b404 FG |
1721 | } |
1722 | ||
9867ff7a DM |
1723 | my $salt_starter = time(); |
1724 | ||
1725 | sub encrypt_pw { | |
1726 | my ($pw) = @_; | |
1727 | ||
1728 | $salt_starter++; | |
1729 | my $salt = substr(Digest::SHA::sha1_base64(time() + $salt_starter + $$), 0, 8); | |
1730 | ||
1731 | # crypt does not want '+' in salt (see 'man crypt') | |
1732 | $salt =~ s/\+/X/g; | |
1733 | ||
1734 | return crypt(encode("utf8", $pw), "\$5\$$salt\$"); | |
1735 | } | |
1736 | ||
8e677e74 | 1737 | # intended usage: convert_size($val, "kb" => "gb") |
95386daf DC |
1738 | # we round up to the next integer by default |
1739 | # E.g. `convert_size(1023, "b" => "kb")` returns 1 | |
8e677e74 | 1740 | # use $no_round_up to switch this off, above example would then return 0 |
95386daf DC |
1741 | # this is also true for converting down e.g. 0.0005 gb to mb returns 1 |
1742 | # (0 if $no_round_up is true) | |
1743 | # allowed formats for value: | |
1744 | # 1234 | |
1745 | # 1234. | |
1746 | # 1234.1234 | |
1747 | # .1234 | |
8e677e74 TL |
1748 | sub convert_size { |
1749 | my ($value, $from, $to, $no_round_up) = @_; | |
1750 | ||
1751 | my $units = { | |
1752 | b => 0, | |
1753 | kb => 1, | |
1754 | mb => 2, | |
1755 | gb => 3, | |
1756 | tb => 4, | |
1757 | pb => 5, | |
1758 | }; | |
1759 | ||
95386daf DC |
1760 | die "no value given" |
1761 | if !defined($value) || $value eq ""; | |
1762 | ||
1763 | $from = lc($from // ''); $to = lc($to // ''); | |
8e677e74 | 1764 | die "unknown 'from' and/or 'to' units ($from => $to)" |
95386daf | 1765 | if !defined($units->{$from}) || !defined($units->{$to}); |
8e677e74 | 1766 | |
95386daf DC |
1767 | die "value '$value' is not a valid, positive number" |
1768 | if $value !~ m/^(?:[0-9]+\.?[0-9]*|[0-9]*\.[0-9]+)$/; | |
8e677e74 | 1769 | |
95386daf DC |
1770 | my $shift_amount = ($units->{$from} - $units->{$to}) * 10; |
1771 | ||
1772 | $value *= 2**$shift_amount; | |
1773 | $value++ if !$no_round_up && ($value - int($value)) > 0.0; | |
8e677e74 | 1774 | |
95386daf | 1775 | return int($value); |
8e677e74 TL |
1776 | } |
1777 | ||
e03a8365 DC |
1778 | # uninterruptible readline |
1779 | # retries on EINTR | |
1780 | sub readline_nointr { | |
1781 | my ($fh) = @_; | |
1782 | my $line; | |
1783 | while (1) { | |
1784 | $line = <$fh>; | |
1785 | last if defined($line) || ($! != EINTR); | |
1786 | } | |
1787 | return $line; | |
1788 | } | |
1789 | ||
ce007e99 | 1790 | my $host_arch; |
b8faece3 | 1791 | sub get_host_arch { |
ce007e99 SR |
1792 | $host_arch = (POSIX::uname())[4] if !$host_arch; |
1793 | return $host_arch; | |
732b693f DM |
1794 | } |
1795 | ||
243c4e58 WB |
1796 | # Devices are: [ (12 bits minor) (12 bits major) (8 bits minor) ] |
1797 | sub dev_t_major($) { | |
1798 | my ($dev_t) = @_; | |
1799 | return (int($dev_t) & 0xfff00) >> 8; | |
1800 | } | |
1801 | ||
1802 | sub dev_t_minor($) { | |
1803 | my ($dev_t) = @_; | |
1804 | $dev_t = int($dev_t); | |
1805 | return (($dev_t >> 12) & 0xfff00) | ($dev_t & 0xff); | |
1806 | } | |
1807 | ||
a59544e7 SR |
1808 | # Given an array of array refs [ \[a b c], \[a b b], \[e b a] ] |
1809 | # Returns the intersection of elements as a single array [a b] | |
1810 | sub array_intersect { | |
1811 | my ($arrays) = @_; | |
1812 | ||
3982313e TL |
1813 | if (!ref($arrays->[0])) { |
1814 | $arrays = [ grep { ref($_) eq 'ARRAY' } @_ ]; | |
1815 | } | |
1816 | ||
38586028 TL |
1817 | return [] if scalar(@$arrays) == 0; |
1818 | return $arrays->[0] if scalar(@$arrays) == 1; | |
a59544e7 | 1819 | |
4c28a8bc TL |
1820 | my $array_unique = sub { |
1821 | my %seen = (); | |
1822 | return grep { ! $seen{ $_ }++ } @_; | |
1823 | }; | |
1824 | ||
38586028 TL |
1825 | # base idea is to get all unique members from the first array, then |
1826 | # check the common elements with the next (uniquely made) one, only keep | |
1827 | # those. Repeat for every array and at the end we only have those left | |
1828 | # which exist in all arrays | |
1829 | my $return_arr = [ $array_unique->(@{$arrays->[0]}) ]; | |
a59544e7 SR |
1830 | for my $i (1 .. $#$arrays) { |
1831 | my %count = (); | |
38586028 | 1832 | # $return_arr is already unique, explicit at before the loop, implicit below. |
4c28a8bc | 1833 | foreach my $element (@$return_arr, $array_unique->(@{$arrays->[$i]})) { |
a59544e7 SR |
1834 | $count{$element}++; |
1835 | } | |
1836 | $return_arr = []; | |
1837 | foreach my $element (keys %count) { | |
1838 | push @$return_arr, $element if $count{$element} > 1; | |
1839 | } | |
26a68cf6 | 1840 | last if scalar(@$return_arr) == 0; # empty intersection, early exit |
a59544e7 SR |
1841 | } |
1842 | ||
1843 | return $return_arr; | |
1844 | } | |
1845 | ||
76c5fee8 WB |
1846 | sub open_tree($$$) { |
1847 | my ($dfd, $pathname, $flags) = @_; | |
1848 | return PVE::Syscall::file_handle_result(syscall( | |
1849 | &PVE::Syscall::open_tree, | |
6647801c | 1850 | int($dfd), |
76c5fee8 | 1851 | $pathname, |
6647801c | 1852 | int($flags), |
76c5fee8 WB |
1853 | )); |
1854 | } | |
1855 | ||
1856 | sub move_mount($$$$$) { | |
1857 | my ($from_dirfd, $from_pathname, $to_dirfd, $to_pathname, $flags) = @_; | |
1858 | return 0 == syscall( | |
1859 | &PVE::Syscall::move_mount, | |
6647801c | 1860 | int($from_dirfd), |
76c5fee8 | 1861 | $from_pathname, |
6647801c | 1862 | int($to_dirfd), |
76c5fee8 | 1863 | $to_pathname, |
6647801c | 1864 | int($flags), |
76c5fee8 WB |
1865 | ); |
1866 | } | |
1867 | ||
1868 | sub fsopen($$) { | |
1869 | my ($fsname, $flags) = @_; | |
6647801c | 1870 | return PVE::Syscall::file_handle_result(syscall(&PVE::Syscall::fsopen, $fsname, int($flags))); |
76c5fee8 WB |
1871 | } |
1872 | ||
1873 | sub fsmount($$$) { | |
1874 | my ($fd, $flags, $mount_attrs) = @_; | |
1875 | return PVE::Syscall::file_handle_result(syscall( | |
1876 | &PVE::Syscall::fsmount, | |
6647801c WB |
1877 | int($fd), |
1878 | int($flags), | |
1879 | int($mount_attrs), | |
76c5fee8 WB |
1880 | )); |
1881 | } | |
1882 | ||
1883 | sub fspick($$$) { | |
1884 | my ($dirfd, $pathname, $flags) = @_; | |
1885 | return PVE::Syscall::file_handle_result(syscall( | |
1886 | &PVE::Syscall::fspick, | |
6647801c | 1887 | int($dirfd), |
76c5fee8 | 1888 | $pathname, |
6647801c | 1889 | int($flags), |
76c5fee8 WB |
1890 | )); |
1891 | } | |
1892 | ||
1893 | sub fsconfig($$$$$) { | |
1894 | my ($fd, $command, $key, $value, $aux) = @_; | |
6647801c WB |
1895 | return 0 == syscall( |
1896 | &PVE::Syscall::fsconfig, | |
1897 | int($fd), | |
1898 | int($command), | |
1899 | $key, | |
1900 | $value, | |
1901 | int($aux), | |
1902 | ); | |
76c5fee8 WB |
1903 | } |
1904 | ||
1905 | # "raw" mount, old api, not for generic use (as it does not invoke any helpers). | |
1906 | # use for lower level stuff such as bind/remount/... or simple tmpfs mounts | |
1907 | sub mount($$$$$) { | |
1908 | my ($source, $target, $filesystemtype, $mountflags, $data) = @_; | |
1909 | return 0 == syscall( | |
1910 | &PVE::Syscall::mount, | |
1911 | $source, | |
1912 | $target, | |
1913 | $filesystemtype, | |
6647801c | 1914 | int($mountflags), |
76c5fee8 WB |
1915 | $data, |
1916 | ); | |
1917 | } | |
a59544e7 | 1918 | |
4c0c5c90 | 1919 | # size is optional and defaults to 256, note that xattr limits are FS specific and that xattrs can |
c1e4c83c | 1920 | # get arbitrary long. pass `0` for $size in array context to get the actual size of a value |
4c0c5c90 TL |
1921 | sub getxattr($$;$) { |
1922 | my ($path_or_handle, $name, $size) = @_; | |
1923 | $size //= 256; | |
1924 | my $buf = pack("x${size}"); | |
1925 | ||
1926 | my $xattr_size = -1; # the actual size of the xattr, can be zero | |
1927 | if (defined(my $fd = fileno($path_or_handle))) { | |
6647801c | 1928 | $xattr_size = syscall(&PVE::Syscall::fgetxattr, $fd, $name, $buf, int($size)); |
4c0c5c90 | 1929 | } else { |
6647801c | 1930 | $xattr_size = syscall(&PVE::Syscall::getxattr, $path_or_handle, $name, $buf, int($size)); |
4c0c5c90 TL |
1931 | } |
1932 | if ($xattr_size < 0) { | |
4c0c5c90 | 1933 | return undef; |
4c0c5c90 | 1934 | } |
d9339d01 | 1935 | $buf = substr($buf, 0, $xattr_size); |
4c0c5c90 TL |
1936 | return wantarray ? ($buf, $xattr_size) : $buf; |
1937 | } | |
1938 | ||
1939 | # NOTE: can take either a path or an open file handle, i.e., its multiplexing setxattr and fsetxattr | |
1940 | sub setxattr($$$;$) { | |
1941 | my ($path_or_handle, $name, $value, $flags) = @_; | |
1942 | my $size = length($value); # NOTE: seems to get correct length also for wide-characters in text.. | |
1943 | ||
1944 | if (defined(my $fd = fileno($path_or_handle))) { | |
6647801c WB |
1945 | return 0 == syscall( |
1946 | &PVE::Syscall::fsetxattr, | |
1947 | $fd, | |
1948 | $name, | |
1949 | $value, | |
1950 | int($size), | |
1951 | int($flags // 0), | |
1952 | ); | |
4c0c5c90 | 1953 | } else { |
6647801c WB |
1954 | return 0 == syscall( |
1955 | &PVE::Syscall::setxattr, | |
1956 | $path_or_handle, | |
1957 | $name, | |
1958 | $value, | |
1959 | int($size), | |
1960 | int($flags // 0), | |
1961 | ); | |
4c0c5c90 TL |
1962 | } |
1963 | } | |
1964 | ||
890d25d9 FE |
1965 | sub safe_compare { |
1966 | my ($left, $right, $cmp) = @_; | |
1967 | ||
1968 | return 0 if !defined($left) && !defined($right); | |
1969 | return -1 if !defined($left); | |
1970 | return 1 if !defined($right); | |
1971 | return $cmp->($left, $right); | |
1972 | } | |
1973 | ||
a3327ea6 | 1974 | |
60fb1c26 | 1975 | # opts is a hash ref with the following known properties |
06c1c13f | 1976 | # allow_overwrite - if 1, overwriting existing files is allowed, use with care. Default to false |
60fb1c26 TL |
1977 | # hash_required - if 1, at least one checksum has to be specified otherwise an error will be thrown |
1978 | # http_proxy | |
1979 | # https_proxy | |
1980 | # verify_certificates - if 0 (false) we tell wget to ignore untrusted TLS certs. Default to true | |
1981 | # md5sum|sha(1|224|256|384|512)sum - the respective expected checksum string | |
a3327ea6 LS |
1982 | sub download_file_from_url { |
1983 | my ($dest, $url, $opts) = @_; | |
1984 | ||
60fb1c26 | 1985 | my ($checksum_algorithm, $checksum_expected); |
a3327ea6 LS |
1986 | for ('sha512', 'sha384', 'sha256', 'sha224', 'sha1', 'md5') { |
1987 | if (defined($opts->{"${_}sum"})) { | |
60fb1c26 TL |
1988 | $checksum_algorithm = $_; |
1989 | $checksum_expected = $opts->{"${_}sum"}; | |
a3327ea6 LS |
1990 | last; |
1991 | } | |
1992 | } | |
60fb1c26 | 1993 | die "checksum required but not specified\n" if ($opts->{hash_required} && !$checksum_algorithm); |
a3327ea6 | 1994 | |
60fb1c26 | 1995 | print "downloading $url to $dest\n"; |
a3327ea6 | 1996 | |
06c1c13f TL |
1997 | if (-f $dest) { |
1998 | if ($checksum_algorithm) { | |
1999 | print "calculating checksum of existing file..."; | |
2000 | my $checksum_got = get_file_hash($checksum_algorithm, $dest); | |
a3327ea6 | 2001 | |
06c1c13f TL |
2002 | if (lc($checksum_got) eq lc($checksum_expected)) { |
2003 | print "OK, got correct file already, no need to download\n"; | |
2004 | return; | |
2005 | } elsif ($opts->{allow_overwrite}) { | |
2006 | print "checksum mismatch: got '$checksum_got' != expect '$checksum_expected', re-download\n"; | |
2007 | } else { | |
2008 | print "\n"; # the front end expects the error to reside at the last line without any noise | |
2009 | die "checksum mismatch: got '$checksum_got' != expect '$checksum_expected', aborting\n"; | |
2010 | } | |
2011 | } elsif (!$opts->{allow_overwrite}) { | |
2012 | die "refusing to override existing file '$dest'\n"; | |
60fb1c26 | 2013 | } |
f52ecff9 | 2014 | } |
a3327ea6 | 2015 | |
7c3e155b PH |
2016 | my $tmp_download = "$dest.tmp_dwnl.$$"; |
2017 | my $tmp_decomp = "$dest.tmp_dcom.$$"; | |
f52ecff9 | 2018 | eval { |
3a946485 | 2019 | local $SIG{INT} = sub { |
0bf2e89a FG |
2020 | unlink $tmp_download or warn "could not cleanup temporary file: $!" |
2021 | if -e $tmp_download; | |
7c3e155b | 2022 | unlink $tmp_decomp or warn "could not cleanup temporary file: $!" |
0bf2e89a | 2023 | if $opts->{decompression_command} && -e $tmp_decomp; |
3a946485 TL |
2024 | die "got interrupted by signal\n"; |
2025 | }; | |
2026 | ||
60fb1c26 | 2027 | { # limit the scope of the ENV change |
a3327ea6 LS |
2028 | local %ENV; |
2029 | if ($opts->{http_proxy}) { | |
2030 | $ENV{http_proxy} = $opts->{http_proxy}; | |
2031 | } | |
2032 | if ($opts->{https_proxy}) { | |
2033 | $ENV{https_proxy} = $opts->{https_proxy}; | |
2034 | } | |
2035 | ||
7c3e155b | 2036 | my $cmd = ['wget', '--progress=dot:giga', '-O', $tmp_download, $url]; |
a3327ea6 | 2037 | |
60fb1c26 TL |
2038 | if (!($opts->{verify_certificates} // 1)) { # default to true |
2039 | push @$cmd, '--no-check-certificate'; | |
a3327ea6 LS |
2040 | } |
2041 | ||
60fb1c26 TL |
2042 | run_command($cmd, errmsg => "download failed"); |
2043 | } | |
2044 | ||
2045 | if ($checksum_algorithm) { | |
2046 | print "calculating checksum..."; | |
a3327ea6 | 2047 | |
7c3e155b | 2048 | my $checksum_got = get_file_hash($checksum_algorithm, $tmp_download); |
a3327ea6 | 2049 | |
60fb1c26 TL |
2050 | if (lc($checksum_got) eq lc($checksum_expected)) { |
2051 | print "OK, checksum verified\n"; | |
a3327ea6 | 2052 | } else { |
43cb80c5 LS |
2053 | print "\n"; # the front end expects the error to reside at the last line without any noise |
2054 | die "checksum mismatch: got '$checksum_got' != expect '$checksum_expected'\n"; | |
a3327ea6 | 2055 | } |
a3327ea6 LS |
2056 | } |
2057 | ||
bf8f0ca2 FG |
2058 | if (my $cmd = $opts->{decompression_command}) { |
2059 | push @$cmd, $tmp_download; | |
2060 | my $fh; | |
2061 | if (!open($fh, ">", "$tmp_decomp")) { | |
2062 | die "cant open temporary file $tmp_decomp for decompresson: $!\n"; | |
2063 | } | |
2064 | print "decompressing $tmp_download to $tmp_decomp\n"; | |
a4df8398 | 2065 | run_command($cmd, output => '>&'.fileno($fh)); |
bf8f0ca2 | 2066 | unlink $tmp_download; |
bf8f0ca2 FG |
2067 | rename($tmp_decomp, $dest) or die "unable to rename temporary file: $!\n"; |
2068 | } else { | |
2069 | rename($tmp_download, $dest) or die "unable to rename temporary file: $!\n"; | |
2070 | } | |
a3327ea6 | 2071 | }; |
60fb1c26 | 2072 | if (my $err = $@) { |
0bf2e89a FG |
2073 | unlink $tmp_download or warn "could not cleanup temporary file: $!" |
2074 | if -e $tmp_download; | |
7c3e155b | 2075 | unlink $tmp_decomp or warn "could not cleanup temporary file: $!" |
0bf2e89a | 2076 | if $opts->{decompression_command} && -e $tmp_decomp; |
60fb1c26 TL |
2077 | die $err; |
2078 | } | |
a3327ea6 | 2079 | |
60fb1c26 | 2080 | print "download of '$url' to '$dest' finished\n"; |
a3327ea6 LS |
2081 | } |
2082 | ||
60fb1c26 TL |
2083 | sub get_file_hash { |
2084 | my ($algorithm, $filename) = @_; | |
a3327ea6 LS |
2085 | |
2086 | my $algorithm_map = { | |
2087 | 'md5' => sub { Digest::MD5->new }, | |
2088 | 'sha1' => sub { Digest::SHA->new(1) }, | |
2089 | 'sha224' => sub { Digest::SHA->new(224) }, | |
2090 | 'sha256' => sub { Digest::SHA->new(256) }, | |
2091 | 'sha384' => sub { Digest::SHA->new(384) }, | |
2092 | 'sha512' => sub { Digest::SHA->new(512) }, | |
2093 | }; | |
2094 | ||
2095 | my $digester = $algorithm_map->{$algorithm}->() or die "unknown algorithm '$algorithm'\n"; | |
2096 | ||
2097 | open(my $fh, '<', $filename) or die "unable to open '$filename': $!\n"; | |
2098 | binmode($fh); | |
2099 | ||
2100 | my $digest = $digester->addfile($fh)->hexdigest; | |
2101 | ||
60fb1c26 | 2102 | return lc($digest); |
a3327ea6 LS |
2103 | } |
2104 | ||
e143e9d8 | 2105 | 1; |