]> git.proxmox.com Git - pmg-api.git/blame - PMG/Utils.pm
projects / pmg-api.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
code cleanup
[pmg-api.git] / PMG / Utils.pm
CommitLineData
758c7b6b
DM		 1package PMG::Utils;
2
3use strict;
4use warnings;
758c7b6b 5use DBI;
b8ea5d5d 6use Net::Cmd;
758c7b6b 7use Net::SMTP;
26357b0a 8use IO::File;
cad3d400 9use File::stat;
d17c5265
DM		 10use POSIX qw(strftime);
11use File::stat;
ff1c5a81 12use File::Basename;
758c7b6b
DM		 13use MIME::Words;
14use MIME::Parser;
8210c7fa 15use Time::HiRes qw (gettimeofday);
26357b0a 16use Xdgmime;
d0d91cda 17use Data::Dumper;
62ebb4bc 18use Digest::SHA;
f609bf7f 19use Net::IP;
9f67f5b3 20use Socket;
dff363d9
DM		 21use RRDs;
22use Filesys::Df;
8208c076 23use Encode;
9a56f771 24use HTML::Entities;
758c7b6b 25
dff363d9 26use PVE::ProcFSTools;
f609bf7f 27use PVE::Network;
5953119e 28use PVE::Tools;
758c7b6b 29use PVE::SafeSyslog;
f609bf7f 30use PVE::ProcFSTools;
d0d91cda 31use PMG::AtomicFile;
8210c7fa 32use PMG::MailQueue;
c4df1b85 33use PMG::SMTPPrinter;
758c7b6b 34
62ebb4bc
DM		 35my $realm_regex = qr/[A-Za-z][A-Za-z0-9\.\-_]+/;
36
37PVE::JSONSchema::register_format('pmg-realm', \&verify_realm);
38sub verify_realm {
39 my ($realm, $noerr) = @_;
40
41 if ($realm !~ m/^${realm_regex}$/) {
42 return undef if $noerr;
43 die "value does not look like a valid realm\n";
44 }
45 return $realm;
46}
47
48PVE::JSONSchema::register_standard_option('realm', {
49 description => "Authentication domain ID",
50 type => 'string', format => 'pmg-realm',
51 maxLength => 32,
52});
53
54PVE::JSONSchema::register_format('pmg-userid', \&verify_username);
55sub verify_username {
56 my ($username, $noerr) = @_;
57
58 $username = '' if !$username;
59 my $len = length($username);
60 if ($len < 3) {
61 die "user name '$username' is too short\n" if !$noerr;
62 return undef;
63 }
64 if ($len > 64) {
65 die "user name '$username' is too long ($len > 64)\n" if !$noerr;
66 return undef;
67 }
68
69 # we only allow a limited set of characters
70 # colon is not allowed, because we store usernames in
71 # colon separated lists)!
72 # slash is not allowed because it is used as pve API delimiter
73 # also see "man useradd"
74 if ($username =~ m!^([^\s:/]+)\@(${realm_regex})$!) {
75 return wantarray ? ($username, $1, $2) : $username;
76 }
77
78 die "value '$username' does not look like a valid user name\n" if !$noerr;
79
80 return undef;
81}
82
83PVE::JSONSchema::register_standard_option('userid', {
84 description => "User ID",
85 type => 'string', format => 'pmg-userid',
6b0180c3 86 minLength => 4,
62ebb4bc 87 maxLength => 64,
6b0180c3 88});
62ebb4bc
DM		 89
90PVE::JSONSchema::register_standard_option('username', {
91 description => "Username (without realm)",
92 type => 'string',
93 pattern => '[^\s:\/\@]{3,60}',
6b0180c3 94 minLength => 4,
62ebb4bc
DM		 95 maxLength => 64,
96});
97
758c7b6b
DM		 98sub lastid {
99 my ($dbh, $seq) = @_;
100
101 return $dbh->last_insert_id(
102 undef, undef, undef, undef, { sequence => $seq});
103}
104
ab466078
DM		 105# quote all regex operators
106sub quote_regex {
107 my $val = shift;
108
109 $val =~ s/([\(\)\[\]\/\}\+\*\?\.\|\^\$\\])/\\$1/g;
110
111 return $val;
112}
113
cad3d400
DM		 114sub file_older_than {
115 my ($filename, $lasttime) = @_;
116
117 my $st = stat($filename);
118
119 return 0 if !defined($st);
120
121 return ($lasttime >= $st->ctime);
122}
123
758c7b6b
DM		 124sub extract_filename {
125 my ($head) = @_;
126
127 if (my $value = $head->recommended_filename()) {
8210c7fa 128 chomp $value;
758c7b6b
DM		 129 if (my $decvalue = MIME::Words::decode_mimewords($value)) {
130 $decvalue =~ s/\0/ /g;
5953119e 131 $decvalue = PVE::Tools::trim($decvalue);
758c7b6b
DM		 132 return $decvalue;
133 }
134 }
135
136 return undef;
137}
138
139sub remove_marks {
140 my ($entity, $add_id, $id) = @_;
141
142 $id //= 1;
143
144 foreach my $tag (grep {/^x-proxmox-tmp/i} $entity->head->tags) {
145 $entity->head->delete ($tag);
146 }
147
148 $entity->head->replace('X-Proxmox-tmp-AID', $id) if $add_id;
149
150 foreach my $part ($entity->parts) {
151 $id = remove_marks($part, $add_id, $id + 1);
152 }
153
154 return $id;
155}
156
157sub subst_values {
158 my ($body, $dh) = @_;
159
160 return if !$body;
161
162 foreach my $k (keys %$dh) {
163 my $v = $dh->{$k};
bd98f5a1
DM		 164 if (defined($v)) {
165 $body =~ s/__\Q${k}\E__/$v/gs;
758c7b6b
DM		 166 }
167 }
168
169 return $body;
170}
171
172sub reinject_mail {
173 my ($entity, $sender, $targets, $xforward, $me, $nodsn) = @_;
174
175 my $smtp;
176 my $resid;
177 my $rescode;
178 my $resmess;
179
180 eval {
181 my $smtp = Net::SMTP->new('127.0.0.1', Port => 10025, Hello => $me) ||
182 die "unable to connect to localhost at port 10025";
183
184 if (defined($xforward)) {
185 my $xfwd;
8210c7fa 186
758c7b6b
DM		 187 foreach my $attr (keys %{$xforward}) {
188 $xfwd .= " $attr=$xforward->{$attr}";
189 }
190
191 if ($xfwd && $smtp->command("XFORWARD", $xfwd)->response() != CMD_OK) {
192 syslog('err', "xforward error - got: %s %s", $smtp->code, scalar($smtp->message));
193 }
194 }
195
196 if (!$smtp->mail($sender)) {
197 syslog('err', "smtp error - got: %s %s", $smtp->code, scalar ($smtp->message));
198 die "smtp from: ERROR";
199 }
200
201 my $dsnopts = $nodsn ? {Notify => ['NEVER']} : {};
202
203 if (!$smtp->to (@$targets, $dsnopts)) {
204 syslog ('err', "smtp error - got: %s %s", $smtp->code, scalar($smtp->message));
205 die "smtp to: ERROR";
206 }
207
208 # Output the head:
209 #$entity->sync_headers ();
210 $smtp->data();
211
212 my $out = PMG::SMTPPrinter->new($smtp);
213 $entity->print($out);
8210c7fa
DM		 214
215 # make sure we always have a newline at the end of the mail
758c7b6b
DM		 216 # else dataend() fails
217 $smtp->datasend("\n");
218
219 if ($smtp->dataend()) {
220 my @msgs = $smtp->message;
8210c7fa
DM		 221 $resmess = $msgs[$#msgs];
222 ($resid) = $resmess =~ m/Ok: queued as ([0-9A-Z]+)/;
758c7b6b
DM		 223 $rescode = $smtp->code;
224 if (!$resid) {
225 die sprintf("unexpected SMTP result - got: %s %s : WARNING", $smtp->code, $resmess);
8210c7fa 226 }
758c7b6b
DM		 227 } else {
228 my @msgs = $smtp->message;
8210c7fa 229 $resmess = $msgs[$#msgs];
758c7b6b
DM		 230 $rescode = $smtp->code;
231 die sprintf("sending data failed - got: %s %s : ERROR", $smtp->code, $resmess);
232 }
233 };
234 my $err = $@;
8210c7fa 235
758c7b6b 236 $smtp->quit if $smtp;
8210c7fa 237
758c7b6b
DM		 238 if ($err) {
239 syslog ('err', $err);
240 }
241
242 return wantarray ? ($resid, $rescode, $resmess) : $resid;
243}
244
8210c7fa
DM		 245sub analyze_virus_clam {
246 my ($queue, $dname, $pmg_cfg) = @_;
247
248 my $timeout = 60*5;
249 my $vinfo;
250
251 my $clamdscan_opts = "--stdout";
252
253 my ($csec, $usec) = gettimeofday();
254
255 my $previous_alarm;
256
257 eval {
258
259 $previous_alarm = alarm($timeout);
260
261 $SIG{ALRM} = sub {
262 die "$queue->{logid}: Maximum time ($timeout sec) exceeded. " .
263 "virus analyze (clamav) failed: ERROR";
264 };
265
266 open(CMD, "/usr/bin/clamdscan $clamdscan_opts '$dname'|") ||
267 die "$queue->{logid}: can't exec clamdscan: $! : ERROR";
268
269 my $ifiles;
8210c7fa 270
54eaf7df
DM		 271 my $response = '';
272 while (defined(my $line = <CMD>)) {
273 if ($line =~ m/^$dname.*:\s+([^ :]*)\s+FOUND$/) {
8210c7fa
DM		 274 # we just use the first detected virus name
275 $vinfo = $1 if !$vinfo;
54eaf7df 276 } elsif ($line =~ m/^Infected files:\s(\d*)$/i) {
8210c7fa
DM		 277 $ifiles = $1;
278 }
279
54eaf7df 280 $response .= $line;
8210c7fa
DM		 281 }
282
283 close(CMD);
284
285 alarm(0); # avoid race conditions
286
287 if (!defined($ifiles)) {
288 die "$queue->{logid}: got undefined output from " .
54eaf7df 289 "virus detector: $response : ERROR";
8210c7fa
DM		 290 }
291
292 if ($vinfo) {
54eaf7df 293 syslog('info', "$queue->{logid}: virus detected: $vinfo (clamav)");
8210c7fa
DM		 294 }
295 };
296 my $err = $@;
297
298 alarm($previous_alarm);
299
300 my ($csec_end, $usec_end) = gettimeofday();
301 $queue->{ptime_clam} =
302 int (($csec_end-$csec)*1000 + ($usec_end - $usec)/1000);
303
304 if ($err) {
305 syslog ('err', $err);
306 $vinfo = undef;
307 $queue->{errors} = 1;
308 }
309
310 $queue->{vinfo_clam} = $vinfo;
311
312 return $vinfo ? "$vinfo (clamav)" : undef;
313}
314
315sub analyze_virus {
316 my ($queue, $filename, $pmg_cfg, $testmode) = @_;
317
318 # TODO: support other virus scanners?
319
320 # always scan with clamav
321 return analyze_virus_clam($queue, $filename, $pmg_cfg);
322}
323
26357b0a
DM		 324sub magic_mime_type_for_file {
325 my ($filename) = @_;
dff363d9 326
26357b0a
DM		 327 # we do not use get_mime_type_for_file, because that considers
328 # filename extensions - we only want magic type detection
329
330 my $bufsize = Xdgmime::xdg_mime_get_max_buffer_extents();
331 die "got strange value for max_buffer_extents" if $bufsize > 4096*10;
332
333 my $ct = "application/octet-stream";
334
dff363d9 335 my $fh = IO::File->new("<$filename") ||
26357b0a
DM		 336 die "unable to open file '$filename' - $!";
337
338 my ($buf, $len);
339 if (($len = $fh->read($buf, $bufsize)) > 0) {
340 $ct = xdg_mime_get_mime_type_for_data($buf, $len);
341 }
342 $fh->close();
dff363d9 343
26357b0a 344 die "unable to read file '$filename' - $!" if ($len < 0);
dff363d9 345
26357b0a
DM		 346 return $ct;
347}
758c7b6b 348
1d4193a1
DM		 349sub add_ct_marks {
350 my ($entity) = @_;
351
352 if (my $path = $entity->{PMX_decoded_path}) {
353
354 # set a reasonable default if magic does not give a result
355 $entity->{PMX_magic_ct} = $entity->head->mime_attr('content-type');
356
357 if (my $ct = magic_mime_type_for_file($path)) {
358 if ($ct ne 'application/octet-stream' || !$entity->{PMX_magic_ct}) {
359 $entity->{PMX_magic_ct} = $ct;
360 }
361 }
362
363 my $filename = $entity->head->recommended_filename;
364 $filename = basename($path) if !defined($filename) || $filename eq '';
365
366 if (my $ct = xdg_mime_get_mime_type_from_file_name($filename)) {
367 $entity->{PMX_glob_ct} = $ct;
368 }
369 }
370
371 foreach my $part ($entity->parts) {
372 add_ct_marks ($part);
373 }
374}
375
f609bf7f
DM		 376# x509 certificate utils
377
896ef634
DM		 378# only write output if something fails
379sub run_silent_cmd {
380 my ($cmd) = @_;
381
382 my $outbuf = '';
383
384 my $record_output = sub {
385 $outbuf .= shift;
386 $outbuf .= "\n";
387 };
388
389 eval {
390 PVE::Tools::run_command($cmd, outfunc => $record_output,
391 errfunc => $record_output);
392 };
393 my $err = $@;
394
395 if ($err) {
396 print STDERR $outbuf;
397 die $err;
398 }
399}
400
3278b571 401my $proxmox_tls_cert_fn = "/etc/pmg/pmg-tls.pem";
f609bf7f
DM		 402
403sub gen_proxmox_tls_cert {
bc44eb02 404 my ($force) = @_;
f609bf7f 405
bc44eb02
DM		 406 my $resolv = PVE::INotify::read_file('resolvconf');
407 my $domain = $resolv->{search};
408
409 my $company = $domain; # what else ?
410 my $cn = "*.$domain";
411
412 return if !$force && -f $proxmox_tls_cert_fn;
f609bf7f
DM		 413
414 my $sslconf = <<__EOD__;
415RANDFILE = /root/.rnd
416extensions = v3_req
417
418[ req ]
419default_bits = 4096
420distinguished_name = req_distinguished_name
421req_extensions = v3_req
422prompt = no
423string_mask = nombstr
424
425[ req_distinguished_name ]
426organizationalUnitName = Proxmox Mail Gateway
427organizationName = $company
428commonName = $cn
429
430[ v3_req ]
431basicConstraints = CA:FALSE
432nsCertType = server
433keyUsage = nonRepudiation, digitalSignature, keyEncipherment
434__EOD__
435
3278b571 436 my $cfgfn = "/tmp/pmgtlsconf-$$.tmp";
f609bf7f
DM		 437 my $fh = IO::File->new ($cfgfn, "w");
438 print $fh $sslconf;
439 close ($fh);
440
441 eval {
896ef634
DM		 442 my $cmd = ['openssl', 'req', '-batch', '-x509', '-new', '-sha256',
443 '-config', $cfgfn, '-days', 3650, '-nodes',
444 '-out', $proxmox_tls_cert_fn,
445 '-keyout', $proxmox_tls_cert_fn];
446 run_silent_cmd($cmd);
f609bf7f
DM		 447 };
448
449 if (my $err = $@) {
450 unlink $proxmox_tls_cert_fn;
451 unlink $cfgfn;
452 die "unable to generate proxmox certificate request:\n$err";
453 }
454
455 unlink $cfgfn;
456}
457
458sub find_local_network_for_ip {
459 my ($ip) = @_;
460
461 my $testip = Net::IP->new($ip);
462
463 my $isv6 = $testip->version == 6;
464 my $routes = $isv6 ?
465 PVE::ProcFSTools::read_proc_net_ipv6_route() :
466 PVE::ProcFSTools::read_proc_net_route();
467
468 foreach my $entry (@$routes) {
469 my $mask;
470 if ($isv6) {
471 $mask = $entry->{prefix};
472 next if !$mask; # skip the default route...
473 } else {
474 $mask = $PVE::Network::ipv4_mask_hash_localnet->{$entry->{mask}};
475 next if !defined($mask);
476 }
477 my $cidr = "$entry->{dest}/$mask";
478 my $testnet = Net::IP->new($cidr);
479 my $overlap = $testnet->overlaps($testip);
480 if ($overlap == $Net::IP::IP_B_IN_A_OVERLAP ||
481 $overlap == $Net::IP::IP_IDENTICAL)
482 {
483 return $cidr;
484 }
485 }
486
487 die "unable to detect local network for ip '$ip'\n";
488}
d0d91cda 489
ef07e4d0
DM		 490my $service_aliases = {
491 'postfix' => 'postfix@-',
492 'postgres' => 'postgresql@9.6-main',
493};
494
495sub lookup_real_service_name {
496 my $alias = shift;
497
498 return $service_aliases->{$alias} // $alias;
499}
500
230b4e03
DM		 501sub get_full_service_state {
502 my ($service) = @_;
503
504 my $res;
505
506 my $parser = sub {
507 my $line = shift;
508 if ($line =~ m/^([^=\s]+)=(.*)$/) {
509 $res->{$1} = $2;
510 }
511 };
512
ef07e4d0 513 $service = $service_aliases->{$service} // $service;
230b4e03
DM		 514 PVE::Tools::run_command(['systemctl', 'show', $service], outfunc => $parser);
515
516 return $res;
517}
518
cfdf6608
DM		 519sub service_wait_stopped {
520 my ($timeout, $service_list) = @_;
521
522 my $starttime = time();
523
524 foreach my $service (@$service_list) {
525 PVE::Tools::run_command(['systemctl', 'stop', $service]);
526 }
527
528 while (1) {
529 my $wait = 0;
530
531 foreach my $service (@$service_list) {
532 my $ss = get_full_service_state($service);
533 my $state = $ss->{ActiveState} // 'unknown';
534
535 if ($state ne 'inactive') {
536 if ((time() - $starttime) > $timeout) {
537 syslog('err', "unable to stop services (got timeout)");
538 $wait = 0;
539 last;
540 }
541 $wait = 1;
542 }
543 }
544
545 last if !$wait;
546
547 sleep(1);
548 }
549}
550
3f85510e
DM		 551sub service_cmd {
552 my ($service, $cmd) = @_;
553
554 die "unknown service command '$cmd'\n"
555 if $cmd !~ m/^(start|stop|restart|reload)$/;
556
557 if ($service eq 'pmgdaemon' || $service eq 'pmgproxy') {
558 if ($cmd eq 'restart') {
559 # OK
560 } else {
561 die "invalid service cmd '$service $cmd': ERROR";
562 }
563 }
564
ef07e4d0 565 $service = $service_aliases->{$service} // $service;
3f85510e
DM		 566 PVE::Tools::run_command(['systemctl', $cmd, $service]);
567};
568
9f67f5b3
DM		 569# this is also used to get the IP of the local node
570sub lookup_node_ip {
571 my ($nodename, $noerr) = @_;
572
573 my ($family, $packed_ip);
574
575 eval {
576 my @res = PVE::Tools::getaddrinfo_all($nodename);
577 $family = $res[0]->{family};
578 $packed_ip = (PVE::Tools::unpack_sockaddr_in46($res[0]->{addr}))[2];
579 };
580
581 if ($@) {
582 die "hostname lookup failed:\n$@" if !$noerr;
583 return undef;
584 }
585
586 my $ip = Socket::inet_ntop($family, $packed_ip);
587 if ($ip =~ m/^127\.|^::1$/) {
588 die "hostname lookup failed - got local IP address ($nodename = $ip)\n" if !$noerr;
589 return undef;
590 }
591
592 return wantarray ? ($ip, $family) : $ip;
593}
594
630d1ae3
DM		 595sub run_postmap {
596 my ($filename) = @_;
597
598 # make sure the file exists (else postmap fails)
599 IO::File->new($filename, 'a', 0644);
600
601 eval {
602 PVE::Tools::run_command(
603 ['/usr/sbin/postmap', $filename],
604 errmsg => "unable to update postfix table $filename");
605 };
606 my $err = $@;
607
608 warn $err if $err;
609}
610
d17c5265
DM		 611sub clamav_dbstat {
612
613 my $res = [];
614
615 my $read_cvd_info = sub {
616 my ($dbname, $dbfile) = @_;
617
618 my $header;
619 my $fh = IO::File->new("<$dbfile");
620 if (!$fh) {
621 warn "cant open ClamAV Database $dbname ($dbfile) - $!\n";
622 return;
623 }
624 $fh->read($header, 512);
625 $fh->close();
626
627 ## ClamAV-VDB:16 Mar 2016 23-17 +0000:57:4218790:60:06386f34a16ebeea2733ab037f0536be:
628 if ($header =~ m/^(ClamAV-VDB):([^:]+):(\d+):(\d+):/) {
629 my ($ftype, $btime, $version, $nsigs) = ($1, $2, $3, $4);
630 push @$res, {
631 name => $dbname,
632 type => $ftype,
633 build_time => $btime,
634 version => $version,
635 nsigs => $nsigs,
636 };
637 } else {
638 warn "unable to parse ClamAV Database $dbname ($dbfile)\n";
639 }
640 };
641
642 # main database
643 my $filename = "/var/lib/clamav/main.inc/main.info";
644 $filename = "/var/lib/clamav/main.cvd" if ! -f $filename;
645
646 $read_cvd_info->('main', $filename) if -f $filename;
647
648 # daily database
649 $filename = "/var/lib/clamav/daily.inc/daily.info";
650 $filename = "/var/lib/clamav/daily.cvd" if ! -f $filename;
651 $filename = "/var/lib/clamav/daily.cld" if ! -f $filename;
652
653 $read_cvd_info->('daily', $filename) if -f $filename;
654
655 $filename = "/var/lib/clamav/bytecode.cvd";
656 $read_cvd_info->('bytecode', $filename) if -f $filename;
657
9860e592
DM		 658 $filename = "/var/lib/clamav/safebrowsing.cvd";
659 $read_cvd_info->('safebrowsing', $filename) if -f $filename;
660
dabcd20e
DM		 661 my $ss_dbs_fn = "/var/lib/clamav-unofficial-sigs/configs/ss-include-dbs.txt";
662 my $ss_dbs_files = {};
663 if (my $ssfh = IO::File->new("<${ss_dbs_fn}")) {
664 while (defined(my $line = <$ssfh>)) {
665 chomp $line;
666 $ss_dbs_files->{$line} = 1;
667 }
668 }
d17c5265
DM		 669 my $last = 0;
670 my $nsigs = 0;
671 foreach $filename (</var/lib/clamav/*>) {
dabcd20e
DM		 672 my $fn = basename($filename);
673 next if !$ss_dbs_files->{$fn};
674
d17c5265
DM		 675 my $fh = IO::File->new("<$filename");
676 next if !defined($fh);
677 my $st = stat($fh);
678 next if !$st;
679 my $mtime = $st->mtime();
680 $last = $mtime if $mtime > $last;
681 while (defined(my $line = <$fh>)) { $nsigs++; }
682 }
683
684 if ($nsigs > 0) {
685 push @$res, {
9860e592 686 name => 'sanesecurity',
d17c5265 687 type => 'unofficial',
2d011fef 688 build_time => strftime("%d %b %Y %H-%M %z", localtime($last)),
d17c5265
DM		 689 nsigs => $nsigs,
690 };
691 }
692
693 return $res;
694}
695
dff363d9
DM		 696# RRD related code
697my $rrd_dir = "/var/lib/rrdcached/db";
698my $rrdcached_socket = "/var/run/rrdcached.sock";
699
700my $rrd_def_node = [
701 "DS:loadavg:GAUGE:120:0:U",
702 "DS:maxcpu:GAUGE:120:0:U",
703 "DS:cpu:GAUGE:120:0:U",
704 "DS:iowait:GAUGE:120:0:U",
705 "DS:memtotal:GAUGE:120:0:U",
706 "DS:memused:GAUGE:120:0:U",
707 "DS:swaptotal:GAUGE:120:0:U",
708 "DS:swapused:GAUGE:120:0:U",
709 "DS:roottotal:GAUGE:120:0:U",
710 "DS:rootused:GAUGE:120:0:U",
711 "DS:netin:DERIVE:120:0:U",
712 "DS:netout:DERIVE:120:0:U",
713
714 "RRA:AVERAGE:0.5:1:70", # 1 min avg - one hour
715 "RRA:AVERAGE:0.5:30:70", # 30 min avg - one day
716 "RRA:AVERAGE:0.5:180:70", # 3 hour avg - one week
717 "RRA:AVERAGE:0.5:720:70", # 12 hour avg - one month
718 "RRA:AVERAGE:0.5:10080:70", # 7 day avg - ony year
719
720 "RRA:MAX:0.5:1:70", # 1 min max - one hour
721 "RRA:MAX:0.5:30:70", # 30 min max - one day
722 "RRA:MAX:0.5:180:70", # 3 hour max - one week
723 "RRA:MAX:0.5:720:70", # 12 hour max - one month
724 "RRA:MAX:0.5:10080:70", # 7 day max - ony year
725];
726
727sub cond_create_rrd_file {
728 my ($filename, $rrddef) = @_;
729
730 return if -f $filename;
731
732 my @args = ($filename);
733
734 push @args, "--daemon" => "unix:${rrdcached_socket}"
735 if -S $rrdcached_socket;
736
737 push @args, '--step', 60;
738
739 push @args, @$rrddef;
740
741 # print "TEST: " . join(' ', @args) . "\n";
742
743 RRDs::create(@args);
744 my $err = RRDs::error;
745 die "RRD error: $err\n" if $err;
746}
747
748sub update_node_status_rrd {
749
750 my $filename = "$rrd_dir/pmg-node-v1.rrd";
751 cond_create_rrd_file($filename, $rrd_def_node);
752
753 my ($avg1, $avg5, $avg15) = PVE::ProcFSTools::read_loadavg();
754
755 my $stat = PVE::ProcFSTools::read_proc_stat();
756
757 my $netdev = PVE::ProcFSTools::read_proc_net_dev();
758
759 my ($uptime) = PVE::ProcFSTools::read_proc_uptime();
760
761 my $cpuinfo = PVE::ProcFSTools::read_cpuinfo();
762
763 my $maxcpu = $cpuinfo->{cpus};
764
765 # traffic from/to physical interface cards
766 my $netin = 0;
767 my $netout = 0;
768 foreach my $dev (keys %$netdev) {
769 next if $dev !~ m/^eth\d+$/;
770 $netin += $netdev->{$dev}->{receive};
771 $netout += $netdev->{$dev}->{transmit};
772 }
773
774 my $meminfo = PVE::ProcFSTools::read_meminfo();
775
776 my $dinfo = df('/', 1); # output is bytes
777
778 my $ctime = time();
779
780 # everything not free is considered to be used
781 my $dused = $dinfo->{blocks} - $dinfo->{bfree};
782
783 my $data = "$ctime:$avg1:$maxcpu:$stat->{cpu}:$stat->{wait}:" .
784 "$meminfo->{memtotal}:$meminfo->{memused}:" .
785 "$meminfo->{swaptotal}:$meminfo->{swapused}:" .
786 "$dinfo->{blocks}:$dused:$netin:$netout";
787
788
789 my @args = ($filename);
790
791 push @args, "--daemon" => "unix:${rrdcached_socket}"
792 if -S $rrdcached_socket;
793
794 push @args, $data;
795
796 # print "TEST: " . join(' ', @args) . "\n";
797
798 RRDs::update(@args);
799 my $err = RRDs::error;
800 die "RRD error: $err\n" if $err;
801}
802
065b2986
DM		 803sub create_rrd_data {
804 my ($rrdname, $timeframe, $cf) = @_;
805
806 my $rrd = "${rrd_dir}/$rrdname";
807
808 my $setup = {
809 hour => [ 60, 70 ],
810 day => [ 60*30, 70 ],
811 week => [ 60*180, 70 ],
812 month => [ 60*720, 70 ],
813 year => [ 60*10080, 70 ],
814 };
815
816 my ($reso, $count) = @{$setup->{$timeframe}};
817 my $ctime = $reso*int(time()/$reso);
818 my $req_start = $ctime - $reso*$count;
819
820 $cf = "AVERAGE" if !$cf;
821
822 my @args = (
823 "-s" => $req_start,
824 "-e" => $ctime - 1,
825 "-r" => $reso,
826 );
827
828 push @args, "--daemon" => "unix:${rrdcached_socket}"
829 if -S $rrdcached_socket;
830
831 my ($start, $step, $names, $data) = RRDs::fetch($rrd, $cf, @args);
832
833 my $err = RRDs::error;
834 die "RRD error: $err\n" if $err;
835
836 die "got wrong time resolution ($step != $reso)\n"
837 if $step != $reso;
838
839 my $res = [];
840 my $fields = scalar(@$names);
841 for my $line (@$data) {
842 my $entry = { 'time' => $start };
843 $start += $step;
844 for (my $i = 0; $i < $fields; $i++) {
845 my $name = $names->[$i];
846 if (defined(my $val = $line->[$i])) {
847 $entry->{$name} = $val;
848 } else {
849 # leave empty fields undefined
850 # maybe make this configurable?
851 }
852 }
853 push @$res, $entry;
854 }
855
856 return $res;
857}
858
8da6f9ec
DM		 859sub decode_to_html {
860 my ($charset, $data) = @_;
861
862 my $res = $data;
863
864 eval { $res = encode_entities(decode($charset, $data)); };
865
866 return $res;
867}
868
46f9e9af
DM		 869sub decode_rfc1522 {
870 my ($enc) = @_;
871
872 my $res = '';
873
874 return '' if !$enc;
875
876 eval {
877 foreach my $r (MIME::Words::decode_mimewords($enc)) {
878 my ($d, $cs) = @$r;
879 if ($d) {
880 if ($cs) {
881 $res .= decode($cs, $d);
882 } else {
883 $res .= $d;
884 }
885 }
886 }
887 };
888
889 $res = $enc if $@;
890
891 return $res;
892}
893
9a56f771
DM		 894sub rfc1522_to_html {
895 my ($enc) = @_;
896
897 my $res = '';
898
899 return '' if !$enc;
900
901 eval {
902 foreach my $r (MIME::Words::decode_mimewords($enc)) {
903 my ($d, $cs) = @$r;
904 if ($d) {
905 if ($cs) {
906 $res .= encode_entities(decode($cs, $d));
907 } else {
908 $res .= encode_entities($d);
909 }
910 }
911 }
912 };
913
914 $res = $enc if $@;
915
916 return $res;
917}
918
9d26ab13
DM		 919# RFC 2047 B-ENCODING http://rfc.net/rfc2047.html
920# (Q-Encoding is complex and error prone)
921sub bencode_header {
922 my $txt = shift;
923
924 my $CRLF = "\015\012";
925
926 # Nonprintables (controls + x7F + 8bit):
927 my $NONPRINT = "\\x00-\\x1F\\x7F-\\xFF";
928
929 # always use utf-8 (work with japanese character sets)
930 $txt = encode("UTF-8", $txt);
931
932 return $txt if $txt !~ /[$NONPRINT]/o;
933
934 my $res = '';
935
936 while ($txt =~ s/^(.{1,42})//sm) {
937 my $t = MIME::Words::encode_mimeword ($1, 'B', 'UTF-8');
938 $res .= $res ? "\015\012\t$t" : $t;
939 }
940
941 return $res;
942}
943
7d89adf4
DM		 944sub load_sa_descriptions {
945
946 my @dirs = ('/usr/share/spamassassin',
947 '/usr/share/spamassassin-extra');
948
949 my $res = {};
950
951 my $parse_sa_file = sub {
952 my ($file) = @_;
953
954 open(my $fh,'<', $file);
955 return if !defined($fh);
956
957 while (defined(my $line = <$fh>)) {
958 if ($line =~ m/^describe\s+(\S+)\s+(.*)\s*$/) {
959 my ($name, $desc) = ($1, $2);
960 next if $res->{$name};
961 $res->{$name}->{desc} = $desc;
962 if ($desc =~ m|[\(\s](http:\/\/\S+\.[^\s\.\)]+\.[^\s\.\)]+)|i) {
963 $res->{$name}->{url} = $1;
964 }
965 }
966 }
967 close($fh);
968 };
969
970 foreach my $dir (@dirs) {
971 foreach my $file (<$dir/*.cf>) {
972 $parse_sa_file->($file);
973 }
974 }
975
976 return $res;
977}
978
758c7b6b 9791;
PMG API