[proxmox-backup.git] / src / tools / mod.rs

//! Tools and utilities
//!
//! This is a collection of small and useful tools.
use std::any::Any;
use std::os::unix::io::RawFd;

use anyhow::{bail, format_err, Error};
use openssl::hash::{hash, DigestBytes, MessageDigest};

pub use proxmox::tools::fd::Fd;
use proxmox::tools::fs::{create_path, CreateOptions};

use proxmox_http::{
    client::SimpleHttp,
    client::SimpleHttpOptions,
    ProxyConfig,
};

pub use pbs_tools::json;
pub use pbs_tools::nom;
pub use pbs_tools::{run_command, command_output, command_output_as_string};
pub use pbs_tools::process_locker::{
    ProcessLocker, ProcessLockExclusiveGuard, ProcessLockSharedGuard
};

pub mod apt;
pub mod async_io;
pub mod compression;
pub mod config;
pub mod cpio;
pub mod daemon;
pub mod disks;
pub mod fuse_loop;

mod memcom;
pub use memcom::Memcom;

pub mod logrotate;
pub mod loopdev;
pub mod serde_filter;
pub mod statistics;
pub mod subscription;
pub mod systemd;
pub mod ticket;
pub mod sgutils2;
pub mod paperkey;

pub mod parallel_handler;
pub use parallel_handler::ParallelHandler;

mod file_logger;
pub use file_logger::{FileLogger, FileLogOptions};

pub use pbs_tools::broadcast_future::{BroadcastData, BroadcastFuture};
pub use pbs_tools::ops::ControlFlow;

/// The `BufferedRead` trait provides a single function
/// `buffered_read`. It returns a reference to an internal buffer. The
/// purpose of this traid is to avoid unnecessary data copies.
pub trait BufferedRead {
    /// This functions tries to fill the internal buffers, then
    /// returns a reference to the available data. It returns an empty
    /// buffer if `offset` points to the end of the file.
    fn buffered_read(&mut self, offset: u64) -> Result<&[u8], Error>;
}

/// Shortcut for md5 sums.
pub fn md5sum(data: &[u8]) -> Result<DigestBytes, Error> {
    hash(MessageDigest::md5(), data).map_err(Error::from)
}

pub fn get_hardware_address() -> Result<String, Error> {
    static FILENAME: &str = "/etc/ssh/ssh_host_rsa_key.pub";

    let contents = proxmox::tools::fs::file_get_contents(FILENAME)
        .map_err(|e| format_err!("Error getting host key - {}", e))?;
    let digest = md5sum(&contents)
        .map_err(|e| format_err!("Error digesting host key - {}", e))?;

    Ok(proxmox::tools::bin_to_hex(&digest).to_uppercase())
}

pub fn assert_if_modified(digest1: &str, digest2: &str) -> Result<(), Error> {
    if digest1 != digest2 {
        bail!("detected modified configuration - file changed by other user? Try again.");
    }
    Ok(())
}

/// Extract a specific cookie from cookie header.
/// We assume cookie_name is already url encoded.
pub fn extract_cookie(cookie: &str, cookie_name: &str) -> Option<String> {
    for pair in cookie.split(';') {
        let (name, value) = match pair.find('=') {
            Some(i) => (pair[..i].trim(), pair[(i + 1)..].trim()),
            None => return None, // Cookie format error
        };

        if name == cookie_name {
            use percent_encoding::percent_decode;
            if let Ok(value) = percent_decode(value.as_bytes()).decode_utf8() {
                return Some(value.into());
            } else {
                return None; // Cookie format error
            }
        }
    }

    None
}

/// Detect modified configuration files
///
/// This function fails with a reasonable error message if checksums do not match.
pub fn detect_modified_configuration_file(digest1: &[u8;32], digest2: &[u8;32]) -> Result<(), Error> {
    if digest1 != digest2 {
        bail!("detected modified configuration - file changed by other user? Try again.");
    }
    Ok(())
}

/// normalize uri path
///
/// Do not allow ".", "..", or hidden files ".XXXX"
/// Also remove empty path components
pub fn normalize_uri_path(path: &str) -> Result<(String, Vec<&str>), Error> {
    let items = path.split('/');

    let mut path = String::new();
    let mut components = vec![];

    for name in items {
        if name.is_empty() {
            continue;
        }
        if name.starts_with('.') {
            bail!("Path contains illegal components.");
        }
        path.push('/');
        path.push_str(name);
        components.push(name);
    }

    Ok((path, components))
}

pub fn fd_change_cloexec(fd: RawFd, on: bool) -> Result<(), Error> {
    use nix::fcntl::{fcntl, FdFlag, F_GETFD, F_SETFD};
    let mut flags = FdFlag::from_bits(fcntl(fd, F_GETFD)?)
        .ok_or_else(|| format_err!("unhandled file flags"))?; // nix crate is stupid this way...
    flags.set(FdFlag::FD_CLOEXEC, on);
    fcntl(fd, F_SETFD(flags))?;
    Ok(())
}

static mut SHUTDOWN_REQUESTED: bool = false;

pub fn request_shutdown() {
    unsafe {
        SHUTDOWN_REQUESTED = true;
    }
    crate::server::server_shutdown();
}

#[inline(always)]
pub fn shutdown_requested() -> bool {
    unsafe { SHUTDOWN_REQUESTED }
}

pub fn fail_on_shutdown() -> Result<(), Error> {
    if shutdown_requested() {
        bail!("Server shutdown requested - aborting task");
    }
    Ok(())
}

/// safe wrapper for `nix::unistd::pipe2` defaulting to `O_CLOEXEC` and guarding the file
/// descriptors.
pub fn pipe() -> Result<(Fd, Fd), Error> {
    let (pin, pout) = nix::unistd::pipe2(nix::fcntl::OFlag::O_CLOEXEC)?;
    Ok((Fd(pin), Fd(pout)))
}

/// safe wrapper for `nix::sys::socket::socketpair` defaulting to `O_CLOEXEC` and guarding the file
/// descriptors.
pub fn socketpair() -> Result<(Fd, Fd), Error> {
    use nix::sys::socket;
    let (pa, pb) = socket::socketpair(
        socket::AddressFamily::Unix,
        socket::SockType::Stream,
        None,
        socket::SockFlag::SOCK_CLOEXEC,
    )?;
    Ok((Fd(pa), Fd(pb)))
}


/// An easy way to convert types to Any
///
/// Mostly useful to downcast trait objects (see RpcEnvironment).
pub trait AsAny {
    fn as_any(&self) -> &dyn Any;
}

impl<T: Any> AsAny for T {
    fn as_any(&self) -> &dyn Any {
        self
    }
}

/// The default 2 hours are far too long for PBS
pub const PROXMOX_BACKUP_TCP_KEEPALIVE_TIME: u32 = 120;
pub const DEFAULT_USER_AGENT_STRING: &'static str = "proxmox-backup-client/1.0";

/// Returns a new instance of `SimpleHttp` configured for PBS usage.
pub fn pbs_simple_http(proxy_config: Option<ProxyConfig>) -> SimpleHttp {
    let options = SimpleHttpOptions {
        proxy_config,
        user_agent: Some(DEFAULT_USER_AGENT_STRING.to_string()),
        tcp_keepalive: Some(PROXMOX_BACKUP_TCP_KEEPALIVE_TIME),
        ..Default::default()
    };

    SimpleHttp::with_options(options)
}

pub fn setup_safe_path_env() {
    std::env::set_var("PATH", "/sbin:/bin:/usr/sbin:/usr/bin");
    // Make %ENV safer - as suggested by https://perldoc.perl.org/perlsec.html
    for name in &["IFS", "CDPATH", "ENV", "BASH_ENV"] {
        std::env::remove_var(name);
    }
}

/// Create the base run-directory.
///
/// This exists to fixate the permissions for the run *base* directory while allowing intermediate
/// directories after it to have different permissions.
pub fn create_run_dir() -> Result<(), Error> {
    let backup_user = crate::backup::backup_user()?;
    let opts = CreateOptions::new()
        .owner(backup_user.uid)
        .group(backup_user.gid);
    let _: bool = create_path(pbs_buildcfg::PROXMOX_BACKUP_RUN_DIR_M!(), None, Some(opts))?;
    Ok(())
}
Commit	Line	Data
51b499db DM	1	//! Tools and utilities
	2	//!
	3	//! This is a collection of small and useful tools.
6100071f	4	use std::any::Any;
98c259b4	5	use std::os::unix::io::RawFd;
365bb90f	6
f7d4e4b5	7	use anyhow::{bail, format_err, Error};
c5946faf	8	use openssl::hash::{hash, DigestBytes, MessageDigest};
0fe5d605	9
00ec8d16	10	pub use proxmox::tools::fd::Fd;
95f36925	11	use proxmox::tools::fs::{create_path, CreateOptions};
00ec8d16	12
1d781c5b	13	use proxmox_http::{
7d2be91b FG	14	client::SimpleHttp,
	15	client::SimpleHttpOptions,
	16	ProxyConfig,
	17	};
57889533	18
a5951b4f	19	pub use pbs_tools::json;
18cdf20a	20	pub use pbs_tools::nom;
e57841c4	21	pub use pbs_tools::{run_command, command_output, command_output_as_string};
83771aa0 WB	22	pub use pbs_tools::process_locker::{
	23	ProcessLocker, ProcessLockExclusiveGuard, ProcessLockSharedGuard
	24	};
e57841c4	25
e6513bd5	26	pub mod apt;
556eb70e	27	pub mod async_io;
ea62611d	28	pub mod compression;
bc5c1a9a	29	pub mod config;
a5bdc987	30	pub mod cpio;
6100071f	31	pub mod daemon;
10effc98	32	pub mod disks;
fb01fd3a	33	pub mod fuse_loop;
e5ef69ec	34
fda19dcc DM	35	mod memcom;
	36	pub use memcom::Memcom;
	37
8074d2b0	38	pub mod logrotate;
45f9b32e	39	pub mod loopdev;
59e94227	40	pub mod serde_filter;
fb01fd3a	41	pub mod statistics;
7b22fb25	42	pub mod subscription;
fb01fd3a WB	43	pub mod systemd;
fb01fd3a WB	44	pub mod ticket;
9372c078	45	pub mod sgutils2;
639a6782	46	pub mod paperkey;
f1d99e3f	47
fb01fd3a WB	48	pub mod parallel_handler;
fb01fd3a WB	49	pub use parallel_handler::ParallelHandler;
3c9b3702	50
3b151414	51	mod file_logger;
fb01fd3a	52	pub use file_logger::{FileLogger, FileLogOptions};
3b151414	53
4805edc4	54	pub use pbs_tools::broadcast_future::{BroadcastData, BroadcastFuture};
2b7f8dd5	55	pub use pbs_tools::ops::ControlFlow;
490be29e	56
fded74d0	57	/// The `BufferedRead` trait provides a single function
0a72e267 DM	58	/// `buffered_read`. It returns a reference to an internal buffer. The
0a72e267 DM	59	/// purpose of this traid is to avoid unnecessary data copies.
fded74d0	60	pub trait BufferedRead {
318564ac DM	61	/// This functions tries to fill the internal buffers, then
	62	/// returns a reference to the available data. It returns an empty
	63	/// buffer if `offset` points to the end of the file.
0a72e267 DM	64	fn buffered_read(&mut self, offset: u64) -> Result<&[u8], Error>;
	65	}
	66
c5946faf WB	67	/// Shortcut for md5 sums.
	68	pub fn md5sum(data: &[u8]) -> Result<DigestBytes, Error> {
	69	hash(MessageDigest::md5(), data).map_err(Error::from)
	70	}
	71
7e13b2d6	72	pub fn get_hardware_address() -> Result<String, Error> {
1631c54f	73	static FILENAME: &str = "/etc/ssh/ssh_host_rsa_key.pub";
7e13b2d6	74
72c0e102 TL	75	let contents = proxmox::tools::fs::file_get_contents(FILENAME)
	76	.map_err(\|e\| format_err!("Error getting host key - {}", e))?;
	77	let digest = md5sum(&contents)
	78	.map_err(\|e\| format_err!("Error digesting host key - {}", e))?;
7e13b2d6	79
52fe9e8e	80	Ok(proxmox::tools::bin_to_hex(&digest).to_uppercase())
7e13b2d6	81	}
22968600	82
af2fddea DM	83	pub fn assert_if_modified(digest1: &str, digest2: &str) -> Result<(), Error> {
af2fddea DM	84	if digest1 != digest2 {
6100071f	85	bail!("detected modified configuration - file changed by other user? Try again.");
af2fddea DM	86	}
	87	Ok(())
	88	}
b9903d63	89
09f12d1c	90	/// Extract a specific cookie from cookie header.
b9903d63	91	/// We assume cookie_name is already url encoded.
09f12d1c	92	pub fn extract_cookie(cookie: &str, cookie_name: &str) -> Option<String> {
b9903d63	93	for pair in cookie.split(';') {
b9903d63 DM	94	let (name, value) = match pair.find('=') {
	95	Some(i) => (pair[..i].trim(), pair[(i + 1)..].trim()),
	96	None => return None, // Cookie format error
	97	};
	98
	99	if name == cookie_name {
8a1028e0	100	use percent_encoding::percent_decode;
b9903d63 DM	101	if let Ok(value) = percent_decode(value.as_bytes()).decode_utf8() {
	102	return Some(value.into());
	103	} else {
	104	return None; // Cookie format error
	105	}
	106	}
	107	}
	108
	109	None
	110	}
af53186e	111
002a191a DM	112	/// Detect modified configuration files
002a191a DM	113	///
add5861e	114	/// This function fails with a reasonable error message if checksums do not match.
002a191a DM	115	pub fn detect_modified_configuration_file(digest1: &[u8;32], digest2: &[u8;32]) -> Result<(), Error> {
002a191a DM	116	if digest1 != digest2 {
a4ba60be	117	bail!("detected modified configuration - file changed by other user? Try again.");
002a191a DM	118	}
	119	Ok(())
	120	}
	121
3578d99f DM	122	/// normalize uri path
	123	///
	124	/// Do not allow ".", "..", or hidden files ".XXXX"
	125	/// Also remove empty path components
	126	pub fn normalize_uri_path(path: &str) -> Result<(String, Vec<&str>), Error> {
3578d99f DM	127	let items = path.split('/');
	128
	129	let mut path = String::new();
	130	let mut components = vec![];
	131
	132	for name in items {
6100071f WB	133	if name.is_empty() {
	134	continue;
	135	}
62ee2eb4	136	if name.starts_with('.') {
3578d99f DM	137	bail!("Path contains illegal components.");
	138	}
	139	path.push('/');
	140	path.push_str(name);
	141	components.push(name);
	142	}
	143
	144	Ok((path, components))
	145	}
	146
ff7049d4	147	pub fn fd_change_cloexec(fd: RawFd, on: bool) -> Result<(), Error> {
6100071f	148	use nix::fcntl::{fcntl, FdFlag, F_GETFD, F_SETFD};
ff7049d4 WB	149	let mut flags = FdFlag::from_bits(fcntl(fd, F_GETFD)?)
	150	.ok_or_else(\|\| format_err!("unhandled file flags"))?; // nix crate is stupid this way...
	151	flags.set(FdFlag::FD_CLOEXEC, on);
	152	fcntl(fd, F_SETFD(flags))?;
	153	Ok(())
	154	}
9136f857	155
9136f857 DM	156	static mut SHUTDOWN_REQUESTED: bool = false;
	157
	158	pub fn request_shutdown() {
6100071f WB	159	unsafe {
	160	SHUTDOWN_REQUESTED = true;
	161	}
7a630df7	162	crate::server::server_shutdown();
9136f857 DM	163	}
	164
	165	#[inline(always)]
	166	pub fn shutdown_requested() -> bool {
	167	unsafe { SHUTDOWN_REQUESTED }
	168	}
92da93b2 DM	169
	170	pub fn fail_on_shutdown() -> Result<(), Error> {
	171	if shutdown_requested() {
	172	bail!("Server shutdown requested - aborting task");
	173	}
	174	Ok(())
	175	}
d96bb7f1	176
c4044009 WB	177	/// safe wrapper for `nix::unistd::pipe2` defaulting to `O_CLOEXEC` and guarding the file
c4044009 WB	178	/// descriptors.
efd1536e WB	179	pub fn pipe() -> Result<(Fd, Fd), Error> {
	180	let (pin, pout) = nix::unistd::pipe2(nix::fcntl::OFlag::O_CLOEXEC)?;
	181	Ok((Fd(pin), Fd(pout)))
	182	}
2edc341b	183
c4044009 WB	184	/// safe wrapper for `nix::sys::socket::socketpair` defaulting to `O_CLOEXEC` and guarding the file
	185	/// descriptors.
	186	pub fn socketpair() -> Result<(Fd, Fd), Error> {
	187	use nix::sys::socket;
	188	let (pa, pb) = socket::socketpair(
	189	socket::AddressFamily::Unix,
	190	socket::SockType::Stream,
	191	None,
	192	socket::SockFlag::SOCK_CLOEXEC,
	193	)?;
	194	Ok((Fd(pa), Fd(pb)))
	195	}
	196
	197
2edc341b DM	198	/// An easy way to convert types to Any
	199	///
	200	/// Mostly useful to downcast trait objects (see RpcEnvironment).
	201	pub trait AsAny {
dd5495d6	202	fn as_any(&self) -> &dyn Any;
2edc341b DM	203	}
	204
	205	impl<T: Any> AsAny for T {
6100071f WB	206	fn as_any(&self) -> &dyn Any {
	207	self
	208	}
2edc341b	209	}
8a1028e0	210
32413921 FG	211	/// The default 2 hours are far too long for PBS
32413921 FG	212	pub const PROXMOX_BACKUP_TCP_KEEPALIVE_TIME: u32 = 120;
57889533 FG	213	pub const DEFAULT_USER_AGENT_STRING: &'static str = "proxmox-backup-client/1.0";
	214
	215	/// Returns a new instance of `SimpleHttp` configured for PBS usage.
	216	pub fn pbs_simple_http(proxy_config: Option<ProxyConfig>) -> SimpleHttp {
	217	let options = SimpleHttpOptions {
	218	proxy_config,
	219	user_agent: Some(DEFAULT_USER_AGENT_STRING.to_string()),
	220	tcp_keepalive: Some(PROXMOX_BACKUP_TCP_KEEPALIVE_TIME),
	221	..Default::default()
	222	};
	223
	224	SimpleHttp::with_options(options)
	225	}
32413921	226
ac7513e3 DM	227	pub fn setup_safe_path_env() {
	228	std::env::set_var("PATH", "/sbin:/bin:/usr/sbin:/usr/bin");
	229	// Make %ENV safer - as suggested by https://perldoc.perl.org/perlsec.html
	230	for name in &["IFS", "CDPATH", "ENV", "BASH_ENV"] {
	231	std::env::remove_var(name);
	232	}
	233	}
cdf1da28	234
014dc5f9 WB	235	/// Create the base run-directory.
	236	///
	237	/// This exists to fixate the permissions for the run base directory while allowing intermediate
	238	/// directories after it to have different permissions.
	239	pub fn create_run_dir() -> Result<(), Error> {
95f36925 WB	240	let backup_user = crate::backup::backup_user()?;
	241	let opts = CreateOptions::new()
	242	.owner(backup_user.uid)
	243	.group(backup_user.gid);
af06decd	244	let _: bool = create_path(pbs_buildcfg::PROXMOX_BACKUP_RUN_DIR_M!(), None, Some(opts))?;
014dc5f9 WB	245	Ok(())
014dc5f9 WB	246	}