+sub unpack_sockaddr_in46 {
+ my ($sin) = @_;
+ my $family = Socket::sockaddr_family($sin);
+ my ($port, $host) = ($family == AF_INET6 ? Socket::unpack_sockaddr_in6($sin)
+ : Socket::unpack_sockaddr_in($sin));
+ return ($family, $port, $host);
+}
+
+sub getaddrinfo_all {
+ my ($hostname, @opts) = @_;
+ my %hints = ( flags => AI_V4MAPPED | AI_ALL,
+ @opts );
+ my ($err, @res) = Socket::getaddrinfo($hostname, '0', \%hints);
+ die "failed to get address info for: $hostname: $err\n" if $err;
+ return @res;
+}
+
+sub get_host_address_family {
+ my ($hostname, $socktype) = @_;
+ my @res = getaddrinfo_all($hostname, socktype => $socktype);
+ return $res[0]->{family};
+}
+
+# get the fully qualified domain name of a host
+# same logic as hostname(1): The FQDN is the name getaddrinfo(3) returns,
+# given a nodename as a parameter
+sub get_fqdn {
+ my ($nodename) = @_;
+
+ my $hints = {
+ flags => AI_CANONNAME,
+ socktype => SOCK_DGRAM
+ };
+
+ my ($err, @addrs) = Socket::getaddrinfo($nodename, undef, $hints);
+
+ die "getaddrinfo: $err" if $err;
+
+ return $addrs[0]->{canonname};
+}
+
+# Parses any sane kind of host, or host+port pair:
+# The port is always optional and thus may be undef.
+sub parse_host_and_port {
+ my ($address) = @_;
+ if ($address =~ /^($IPV4RE|[[:alnum:]\-.]+)(?::(\d+))?$/ || # ipv4 or host with optional ':port'
+ $address =~ /^\[($IPV6RE|$IPV4RE|[[:alnum:]\-.]+)\](?::(\d+))?$/ || # anything in brackets with optional ':port'
+ $address =~ /^($IPV6RE)(?:\.(\d+))?$/) # ipv6 with optional port separated by dot
+ {
+ return ($1, $2, 1); # end with 1 to support simple if(parse...) tests
+ }
+ return; # nothing
+}
+
+sub unshare($) {
+ my ($flags) = @_;
+ return 0 == syscall(PVE::Syscall::unshare, $flags);
+}
+
+sub setns($$) {
+ my ($fileno, $nstype) = @_;
+ return 0 == syscall(PVE::Syscall::setns, $fileno, $nstype);
+}
+
+sub syncfs($) {
+ my ($fileno) = @_;
+ return 0 == syscall(PVE::Syscall::syncfs, $fileno);
+}
+
+sub sync_mountpoint {
+ my ($path) = @_;
+ sysopen my $fd, $path, O_PATH or die "failed to open $path: $!\n";
+ my $result = syncfs(fileno($fd));
+ close($fd);
+ return $result;
+}
+
+# support sending multi-part mail messages with a text and or a HTML part
+# mailto may be a single email string or an array of receivers
+sub sendmail {
+ my ($mailto, $subject, $text, $html, $mailfrom, $author) = @_;
+ my $mail_re = qr/[^-a-zA-Z0-9+._@]/;
+
+ $mailto = [ $mailto ] if !ref($mailto);
+
+ foreach (@$mailto) {
+ die "illegal character in mailto address\n"
+ if ($_ =~ $mail_re);
+ }
+
+ my $rcvrtxt = join (', ', @$mailto);
+
+ $mailfrom = $mailfrom || "root";
+ die "illegal character in mailfrom address\n"
+ if $mailfrom =~ $mail_re;
+
+ $author = $author || 'Proxmox VE';
+
+ open (MAIL, "|-", "sendmail", "-B", "8BITMIME", "-f", $mailfrom, @$mailto) ||
+ die "unable to open 'sendmail' - $!";
+
+ # multipart spec see https://www.ietf.org/rfc/rfc1521.txt
+ my $boundary = "----_=_NextPart_001_".int(time).$$;
+
+ print MAIL "Content-Type: multipart/alternative;\n";
+ print MAIL "\tboundary=\"$boundary\"\n";
+ print MAIL "MIME-Version: 1.0\n";
+
+ print MAIL "FROM: $author <$mailfrom>\n";
+ print MAIL "TO: $rcvrtxt\n";
+ print MAIL "SUBJECT: $subject\n";
+ print MAIL "\n";
+ print MAIL "This is a multi-part message in MIME format.\n\n";
+ print MAIL "--$boundary\n";
+
+ if (defined($text)) {
+ print MAIL "Content-Type: text/plain;\n";
+ print MAIL "\tcharset=\"UTF8\"\n";
+ print MAIL "Content-Transfer-Encoding: 8bit\n";
+ print MAIL "\n";
+
+ # avoid 'remove extra line breaks' issue (MS Outlook)
+ my $fill = ' ';
+ $text =~ s/^/$fill/gm;
+
+ print MAIL $text;
+
+ print MAIL "\n--$boundary\n";
+ }
+
+ if (defined($html)) {
+ print MAIL "Content-Type: text/html;\n";
+ print MAIL "\tcharset=\"UTF8\"\n";
+ print MAIL "Content-Transfer-Encoding: 8bit\n";
+ print MAIL "\n";
+
+ print MAIL $html;
+
+ print MAIL "\n--$boundary--\n";
+ }
+
+ close(MAIL);
+}
+
+sub tempfile {
+ my ($perm, %opts) = @_;
+
+ # default permissions are stricter than with file_set_contents
+ $perm = 0600 if !defined($perm);
+
+ my $dir = $opts{dir} // '/run';
+ my $mode = $opts{mode} // O_RDWR;
+ $mode |= O_EXCL if !$opts{allow_links};
+
+ my $fh = IO::File->new($dir, $mode | O_TMPFILE, $perm);
+ if (!$fh && $! == EOPNOTSUPP) {
+ $dir = '/tmp' if !defined($opts{dir});
+ $dir .= "/.tmpfile.$$";
+ $fh = IO::File->new($dir, $mode | O_CREAT | O_EXCL, $perm);
+ unlink($dir) if $fh;
+ }
+ die "failed to create tempfile: $!\n" if !$fh;
+ return $fh;
+}
+
+sub tempfile_contents {
+ my ($data, $perm, %opts) = @_;
+
+ my $fh = tempfile($perm, %opts);
+ eval {
+ die "unable to write to tempfile: $!\n" if !print {$fh} $data;
+ die "unable to flush to tempfile: $!\n" if !defined($fh->flush());
+ };
+ if (my $err = $@) {
+ close $fh;
+ die $err;
+ }
+
+ return ("/proc/$$/fd/".$fh->fileno, $fh);
+}
+
+sub validate_ssh_public_keys {
+ my ($raw) = @_;
+ my @lines = split(/\n/, $raw);
+
+ foreach my $line (@lines) {
+ next if $line =~ m/^\s*$/;
+ eval {
+ my ($filename, $handle) = tempfile_contents($line);
+ run_command(["ssh-keygen", "-l", "-f", $filename],
+ outfunc => sub {}, errfunc => sub {});
+ };
+ die "SSH public key validation error\n" if $@;
+ }
+}
+
+sub openat($$$;$) {
+ my ($dirfd, $pathname, $flags, $mode) = @_;
+ my $fd = syscall(PVE::Syscall::openat, $dirfd, $pathname, $flags, $mode//0);
+ return undef if $fd < 0;
+ # sysopen() doesn't deal with numeric file descriptors apparently
+ # so we need to convert to a mode string for IO::Handle->new_from_fd
+ my $flagstr = ($flags & O_RDWR) ? 'rw' : ($flags & O_WRONLY) ? 'w' : 'r';
+ my $handle = IO::Handle->new_from_fd($fd, $flagstr);
+ return $handle if $handle;
+ my $err = $!; # save error before closing the raw fd
+ syscall(PVE::Syscall::close, $fd); # close
+ $! = $err;
+ return undef;
+}
+
+sub mkdirat($$$) {
+ my ($dirfd, $name, $mode) = @_;
+ return syscall(PVE::Syscall::mkdirat, $dirfd, $name, $mode) == 0;
+}
+
+my $salt_starter = time();
+
+sub encrypt_pw {
+ my ($pw) = @_;
+
+ $salt_starter++;
+ my $salt = substr(Digest::SHA::sha1_base64(time() + $salt_starter + $$), 0, 8);
+
+ # crypt does not want '+' in salt (see 'man crypt')
+ $salt =~ s/\+/X/g;
+
+ return crypt(encode("utf8", $pw), "\$5\$$salt\$");
+}
+
+# intended usage: convert_size($val, "kb" => "gb")
+# we round up to the next integer by default
+# E.g. `convert_size(1023, "b" => "kb")` returns 1
+# use $no_round_up to switch this off, above example would then return 0
+# this is also true for converting down e.g. 0.0005 gb to mb returns 1
+# (0 if $no_round_up is true)
+# allowed formats for value:
+# 1234
+# 1234.
+# 1234.1234
+# .1234
+sub convert_size {
+ my ($value, $from, $to, $no_round_up) = @_;
+
+ my $units = {
+ b => 0,
+ kb => 1,
+ mb => 2,
+ gb => 3,
+ tb => 4,
+ pb => 5,
+ };
+
+ die "no value given"
+ if !defined($value) || $value eq "";
+
+ $from = lc($from // ''); $to = lc($to // '');
+ die "unknown 'from' and/or 'to' units ($from => $to)"
+ if !defined($units->{$from}) || !defined($units->{$to});
+
+ die "value '$value' is not a valid, positive number"
+ if $value !~ m/^(?:[0-9]+\.?[0-9]*|[0-9]*\.[0-9]+)$/;
+
+ my $shift_amount = ($units->{$from} - $units->{$to}) * 10;
+
+ $value *= 2**$shift_amount;
+ $value++ if !$no_round_up && ($value - int($value)) > 0.0;
+
+ return int($value);
+}
+
+# uninterruptible readline
+# retries on EINTR
+sub readline_nointr {
+ my ($fh) = @_;
+ my $line;
+ while (1) {
+ $line = <$fh>;
+ last if defined($line) || ($! != EINTR);
+ }
+ return $line;
+}
+