github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta.git synced 2025-01-12 05:52:53 -08:00
Code Issues Packages Projects Releases Wiki Activity
myvesta/func/main.sh
Serghey Rodin 45fd7dc75b default backend
2015-10-30 13:53:41 +02:00

955 lines
27 KiB
Bash
Raw Permalink Blame History

# Internal variables
DATE=$(date +%F)
TIME=$(date +%T)
SCRIPT=$(basename $0)
HOMEDIR='/home'
BACKUP='/backup'
BACKUP_GZIP=5
BACKUP_DISK_LIMIT=95
BACKUP_LA_LIMIT=5
RRD_STEP=300
RRD_IFACE_EXCLUDE=lo
PW_MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
PW_LENGHT='10'
BIN=$VESTA/bin
USER_DATA=$VESTA/data/users/$user
WEBTPL=$VESTA/data/templates/web
DNSTPL=$VESTA/data/templates/dns
RRD=$VESTA/web/rrd
send_mail="$VESTA/web/inc/mail-wrapper.php"
# Return codes
OK=0
E_ARGS=1
E_INVALID=2
E_NOTEXIST=3
E_EXISTS=4
E_SUSPENDED=5
E_UNSUSPENDED=6
E_INUSE=7
E_LIMIT=8
E_PASSWORD=9
E_FORBIDEN=10
E_DISABLED=11
E_PARSING=12
E_DISK=13
E_LA=14
E_CONNECT=15
E_FTP=16
E_DB=17
E_RRD=18
E_UPDATE=19
E_RESTART=20
# Event string for logger
EVENT="$DATE $TIME $SCRIPT"
for ((I=1; I <= $# ; I++)); do
if [[ "$HIDE" != $I ]]; then
EVENT="$EVENT '$(eval echo \$${I})'"
else
EVENT="$EVENT '******'"
fi
done
# Log event function
log_event() {
if [ "$1" -eq 0 ]; then
echo "$2" >> $VESTA/log/system.log
else
echo "$2 [Error $1]" >> $VESTA/log/error.log
fi
}
# Log user history
log_history() {
cmd=$1
undo=${2-no}
log_user=${3-$user}
log=$VESTA/data/users/$log_user/history.log
touch $log
if [ '99' -lt "$(wc -l $log |cut -f 1 -d ' ')" ]; then
tail -n 49 $log > $log.moved
mv -f $log.moved $log
chmod 660 $log
fi
curr_str=$(grep "ID=" $log | cut -f 2 -d \' | sort -n | tail -n1)
id="$((curr_str +1))"
echo "ID='$id' DATE='$DATE' TIME='$TIME' CMD='$cmd' UNDO='$undo'" >> $log
}
# Result checker
check_result() {
if [ $1 -ne 0 ]; then
echo "Error: $2"
if [ ! -z "$3" ]; then
log_event $3 $EVENT
exit $3
else
log_event $1 $EVENT
exit $1
fi
fi
}
# Argument list checker
check_args() {
if [ "$1" -gt "$2" ]; then
echo "Error: not enought arguments"
echo "Usage: $SCRIPT $3"
log_event "$E_ARGS" "$EVENT"
exit $E_ARGS
fi
}
# Subsystem checker
is_system_enabled() {
if [ -z "$1" ] || [ "$1" = no ]; then
echo "Error: $2 is not enabled in the $VESTA/conf/vesta.conf"
log_event "$E_DISABLED" "$EVENT"
exit $E_DISABLED
fi
}
# User package check
is_package_full() {
case "$1" in
WEB_DOMAINS) used=$(wc -l $USER_DATA/web.conf|cut -f1 -d \ );;
WEB_ALIASES) used=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf |\
awk -F "ALIAS='" '{print $2}' | cut -f 1 -d \' | tr ',' '\n' |\
wc -l );;
DNS_DOMAINS) used=$(wc -l $USER_DATA/dns.conf |cut -f1 -d \ );;
DNS_RECORDS) used=$(wc -l $USER_DATA/dns/$domain.conf |cut -f1 -d \ );;
MAIL_DOMAINS) used=$(wc -l $USER_DATA/mail.conf |cut -f1 -d \ );;
MAIL_ACCOUNTS) used=$(wc -l $USER_DATA/mail/$domain.conf |\
cut -f1 -d \ );;
DATABASES) used=$(wc -l $USER_DATA/db.conf |cut -f1 -d \ );;
CRON_JOBS) used=$(wc -l $USER_DATA/cron.conf |cut -f1 -d \ );;
esac
limit=$(grep "^$1=" $USER_DATA/user.conf | cut -f 2 -d \' )
if [ "$limit" != 'unlimited' ] && [ "$used" -ge "$limit" ]; then
echo "Error: Limit is reached, please upgrade hosting package"
log_event "$E_LIMIT" "$EVENT"
exit $E_LIMIT
fi
}
# Random password generator
gen_password() {
pw_matrix=${1-$PW_MATRIX}
pw_lenght=${2-$PW_LENGHT}
while [ ${n:=1} -le $pw_lenght ]; do
pass="$pass${pw_matrix:$(($RANDOM%${#pw_matrix})):1}"
let n+=1
done
echo "$pass"
}
# Package existance check
is_package_valid() {
if [ -z "$1" ]; then
pkg_dir="$VESTA/data/packages"
fi
if [ ! -e "$pkg_dir/$package.pkg" ]; then
echo "Error: package $package doesn't exist"
log_event "$E_NOTEXIST" "$EVENT"
exit $E_NOTEXIST
fi
}
# Validate system type
is_type_valid() {
if [ -z "$(echo $1 | grep -w $2)" ]; then
echo "Error: $2 is unknown type"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Check if backup is available for user
is_backup_available() {
b_owner=$(echo $user |\
sed -e "s/\.[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9].tar//")
if [ "$user" != "$b_owner" ]; then
echo "Error: User $user don't have permission to use $backup"
log_event "$E_FORBIDEN" "$EVENT"
exit $E_FORBIDEN
fi
}
# Check user backup settings
is_backup_enabled() {
BACKUPS=$(grep "^BACKUPS=" $USER_DATA/user.conf | cut -f2 -d \')
if [ -z "$BACKUPS" ] || [[ "$BACKUPS" -le '0' ]]; then
echo "Error: user backup disabled"
log_event "$E_DISABLED" "$EVENT"
exit $E_DISABLED
fi
}
# Check user backup settings
is_backup_scheduled() {
if [ -e "$VESTA/data/queue/backup.pipe" ]; then
check_q=$(grep " $user " $VESTA/data/queue/backup.pipe | grep $1)
if [ ! -z "$check_q" ]; then
echo "Error: $1 is already scheduled"
log_event "$E_EXISTS" "$EVENT"
exit $E_EXISTS
fi
fi
}
# Check if object is new
is_object_new() {
if [ $2 = 'USER' ]; then
if [ -d "$USER_DATA" ]; then
object="OK"
fi
else
object=$(grep "$2='$3'" $USER_DATA/$1.conf)
fi
if [ ! -z "$object" ]; then
echo "Error: $2 with value $3 exists"
log_event "$E_EXISTS" "$EVENT"
exit $E_EXISTS
fi
}
# Check if object exists and can be used
is_object_valid() {
if [ $2 = 'USER' ]; then
if [ -d "$VESTA/data/users/$user" ]; then
sobject="OK"
fi
else
if [ $2 = 'DBHOST' ]; then
sobject=$(grep "HOST='$host'" $VESTA/conf/$type.conf)
else
sobject=$(grep "$2='$3'" $VESTA/data/users/$user/$1.conf)
fi
fi
if [ -z "$sobject" ]; then
echo "Error: $2 $3 doesn't exist"
log_event "$E_NOTEXIST" "$EVENT"
exit $E_NOTEXIST
fi
}
# Check if object is supended
is_object_suspended() {
if [ $2 = 'USER' ]; then
spnd=$(cat $USER_DATA/$1.conf|grep "SUSPENDED='yes'")
else
spnd=$(grep "$2='$3'" $USER_DATA/$1.conf|grep "SUSPENDED='yes'")
fi
if [ -z "$spnd" ]; then
echo "Error: $(basename $1) $3 is not suspended"
log_event "$E_SUSPENDED" "$EVENT"
exit $E_SUSPENDED
fi
}
# Check if object is unsupended
is_object_unsuspended() {
if [ $2 = 'USER' ]; then
spnd=$(cat $USER_DATA/$1.conf|grep "SUSPENDED='yes'")
else
spnd=$(grep "$2='$3'" $USER_DATA/$1.conf|grep "SUSPENDED='yes'")
fi
if [ ! -z "$spnd" ]; then
echo "Error: $(basename $1) $3 is suspended"
log_event "$E_UNSUSPENDED" "$EVENT"
exit $E_UNSUSPENDED
fi
}
# Check if object value is empty
is_object_value_empty() {
str=$(grep "$2='$3'" $USER_DATA/$1.conf)
eval $str
eval value=$4
if [ ! -z "$value" ] && [ "$value" != 'no' ]; then
echo "Error: ${4//$}=$value (not empty)"
log_event "$E_EXISTS" "$EVENT"
exit $E_EXISTS
fi
}
# Check if object value is empty
is_object_value_exist() {
str=$(grep "$2='$3'" $USER_DATA/$1.conf)
eval $str
eval value=$4
if [ -z "$value" ] || [ "$value" = 'no' ]; then
echo "Error: ${4//$}=$value (doesn't exist)"
log_event "$E_NOTEXIST" "$EVENT"
exit $E_NOTEXIST
fi
}
# Check if password is transmitted via file
is_password_valid() {
if [[ "$password" =~ ^/tmp/ ]]; then
if [ -f "$password" ]; then
password=$(head -n1 $password)
fi
fi
}
# Get object value
get_object_value() {
object=$(grep "$2='$3'" $USER_DATA/$1.conf)
eval "$object"
eval echo $4
}
# Update object value
update_object_value() {
row=$(grep -nF "$2='$3'" $USER_DATA/$1.conf)
lnr=$(echo $row | cut -f 1 -d ':')
object=$(echo $row | sed "s/^$lnr://")
eval "$object"
eval old="$4"
old=$(echo "$old" | sed -e 's/\\/\\\\/g' -e 's/&/\\&/g' -e 's/\//\\\//g')
new=$(echo "$5" | sed -e 's/\\/\\\\/g' -e 's/&/\\&/g' -e 's/\//\\\//g')
sed -i "$lnr s/${4//$/}='${old//\*/\\*}'/${4//$/}='${new//\*/\\*}'/g" \
$USER_DATA/$1.conf
}
# Add object key
add_object_key() {
row=$(grep -n "$2='$3'" $USER_DATA/$1.conf)
lnr=$(echo $row | cut -f 1 -d ':')
object=$(echo $row | sed "s/^$lnr://")
if [ -z "$(echo $object |grep $4=)" ]; then
eval old="$4"
sed -i "$lnr s/$5='/$4='' $5='/" $USER_DATA/$1.conf
fi
}
# Search objects
search_objects() {
OLD_IFS="$IFS"
IFS=$'\n'
for line in $(grep $2=\'$3\' $USER_DATA/$1.conf); do
eval $line
eval echo \$$4
done
IFS="$OLD_IFS"
}
# Get user value
get_user_value() {
grep "^${1//$/}=" $USER_DATA/user.conf |awk -F "'" '{print $2}'
}
# Update user value in user.conf
update_user_value() {
key="${2//$}"
lnr=$(grep -n "^$key='" $VESTA/data/users/$1/user.conf |cut -f 1 -d ':')
if [ ! -z "$lnr" ]; then
sed -i "$lnr d" $VESTA/data/users/$1/user.conf
sed -i "$lnr i\\$key='${3}'" $VESTA/data/users/$1/user.conf
fi
}
# Increase user counter
increase_user_value() {
key="${2//$}"
factor="${3-1}"
conf="$VESTA/data/users/$1/user.conf"
old=$(grep "$key=" $conf | cut -f 2 -d \')
if [ -z "$old" ]; then
old=0
fi
new=$((old + factor))
sed -i "s/$key='$old'/$key='$new'/g" $conf
}
# Decrease user counter
decrease_user_value() {
key="${2//$}"
factor="${3-1}"
conf="$VESTA/data/users/$1/user.conf"
old=$(grep "$key=" $conf | cut -f 2 -d \')
if [ -z "$old" ]; then
old=0
fi
if [ "$old" -le 1 ]; then
new=0
else
new=$((old - factor))
fi
if [ "$new" -lt 0 ]; then
new=0
fi
sed -i "s/$key='$old'/$key='$new'/g" $conf
}
# Json listing function
json_list() {
echo '{'
fileds_count=$(echo $fields| wc -w )
#for line in $(cat $conf); do
while read line; do
eval $line
if [ -n "$data_output" ]; then
echo -e ' },'
fi
i=1
for field in $fields; do
eval value=$field
if [ $i -eq 1 ]; then
(( ++i))
echo -e "\t\"$value\": {"
else
if [ $i -lt $fileds_count ]; then
(( ++i))
echo -e "\t\t\"${field//$/}\": \"$value\","
else
echo -e "\t\t\"${field//$/}\": \"$value\""
data_output=yes
fi
fi
done
done < $conf
if [ "$data_output" = 'yes' ]; then
echo -e ' }'
fi
echo -e '}'
}
# Shell listing function
shell_list() {
if [ -z "$nohead" ] ; then
echo "${fields//$/}"
for a in $fields; do
echo -e "------ \c"
done
echo
fi
while read line ; do
eval $line
for field in $fields; do
eval value=$field
if [ -z "$value" ]; then
value='NULL'
fi
echo -n "$value "
done
echo
done < $conf
}
# Recalculate U_DISK value
recalc_user_disk_usage() {
u_usage=0
if [ -f "$USER_DATA/web.conf" ]; then
usage=0
dusage=$(grep 'U_DISK=' $USER_DATA/web.conf |\
awk -F "U_DISK='" '{print $2}' | cut -f 1 -d \')
for disk_usage in $dusage; do
usage=$((usage + disk_usage))
done
d=$(grep "U_DISK_WEB='" $USER_DATA/user.conf | cut -f 2 -d \')
sed -i "s/U_DISK_WEB='$d'/U_DISK_WEB='$usage'/g" $USER_DATA/user.conf
u_usage=$((u_usage + usage))
fi
if [ -f "$USER_DATA/mail.conf" ]; then
usage=0
dusage=$(grep 'U_DISK=' $USER_DATA/mail.conf |\
awk -F "U_DISK='" '{print $2}' | cut -f 1 -d \')
for disk_usage in $dusage; do
usage=$((usage + disk_usage))
done
d=$(grep "U_DISK_MAIL='" $USER_DATA/user.conf | cut -f 2 -d \')
sed -i "s/U_DISK_MAIL='$d'/U_DISK_MAIL='$usage'/g" $USER_DATA/user.conf
u_usage=$((u_usage + usage))
fi
if [ -f "$USER_DATA/db.conf" ]; then
usage=0
dusage=$(grep 'U_DISK=' $USER_DATA/db.conf |\
awk -F "U_DISK='" '{print $2}' | cut -f 1 -d \')
for disk_usage in $dusage; do
usage=$((usage + disk_usage))
done
d=$(grep "U_DISK_DB='" $USER_DATA/user.conf | cut -f 2 -d \')
sed -i "s/U_DISK_DB='$d'/U_DISK_DB='$usage'/g" $USER_DATA/user.conf
u_usage=$((u_usage + usage))
fi
usage=$(grep 'U_DISK_DIRS=' $USER_DATA/user.conf | cut -f 2 -d "'")
u_usage=$((u_usage + usage))
old=$(grep "U_DISK='" $USER_DATA/user.conf | cut -f 2 -d \')
sed -i "s/U_DISK='$old'/U_DISK='$u_usage'/g" $USER_DATA/user.conf
}
# Recalculate U_BANDWIDTH value
recalc_user_bandwidth_usage() {
usage=0
bandwidth_usage=$(grep 'U_BANDWIDTH=' $USER_DATA/web.conf |\
awk -F "U_BANDWIDTH='" '{print $2}'|cut -f 1 -d \')
for bandwidth in $bandwidth_usage; do
usage=$((usage + bandwidth))
done
old=$(grep "U_BANDWIDTH='" $USER_DATA/user.conf | cut -f 2 -d \')
sed -i "s/U_BANDWIDTH='$old'/U_BANDWIDTH='$usage'/g" $USER_DATA/user.conf
}
# Get next cron job id
get_next_cronjob() {
if [ -z "$job" ]; then
curr_str=$(grep "JOB=" $USER_DATA/cron.conf|cut -f 2 -d \'|\
sort -n|tail -n1)
job="$((curr_str +1))"
fi
}
# Sort cron jobs by id
sort_cron_jobs() {
cat $USER_DATA/cron.conf |sort -n -k 2 -t \' > $USER_DATA/cron.tmp
mv -f $USER_DATA/cron.tmp $USER_DATA/cron.conf
}
# Sync cronjobs with system cron
sync_cron_jobs() {
source $USER_DATA/user.conf
if [ -e "/var/spool/cron/crontabs" ]; then
sys_cron="/var/spool/cron/crontabs/$user"
else
sys_cron="/var/spool/cron/$user"
fi
rm -f $sys_cron
if [ "$CRON_REPORTS" = 'yes' ]; then
echo "MAILTO=$CONTACT" > $sys_cron
fi
while read line; do
eval $line
if [ "$SUSPENDED" = 'no' ]; then
echo "$MIN $HOUR $DAY $MONTH $WDAY $CMD" |\
sed -e "s/%quote%/'/g" -e "s/%dots%/:/g" \
>> $sys_cron
fi
done < $USER_DATA/cron.conf
# Set proper permissions
chown $user:$user $sys_cron
chmod 600 $sys_cron
}
### Format Validators ###
# Shell
validate_format_shell() {
if [ -z "$(grep -w $1 /etc/shells)" ]; then
echo "Error: shell $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Password
validate_format_password() {
if [ "${#1}" -lt '6' ]; then
echo "Error: password is too short"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Integer
validate_format_int() {
if ! [[ "$1" =~ ^[0-9]+$ ]] ; then
echo "Error: $2 $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Boolean
validate_format_boolean() {
if [ "$1" != 'yes' ] && [ "$1" != 'no' ]; then
echo "Error: $2 $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Network interface
validate_format_interface() {
netdevices=$(cat /proc/net/dev | grep : | cut -f 1 -d : | tr -d ' ')
if [ -z $(echo "$netdevices"| grep -x $1) ]; then
echo "Error: intreface $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# IP address
validate_format_ip() {
t_ip=$(echo $1 |awk -F / '{print $1}')
t_cidr=$(echo $1 |awk -F / '{print $2}')
valid_octets=0
valid_cidr=1
for octet in ${t_ip//./ }; do
if [[ $octet =~ ^[0-9]{1,3}$ ]] && [[ $octet -le 255 ]]; then
((++valid_octets))
fi
done
if [ ! -z "$(echo $1|grep '/')" ]; then
if [[ "$t_cidr" -lt 0 ]] || [[ "$t_cidr" -gt 32 ]]; then
valid_cidr=0
fi
if ! [[ "$t_cidr" =~ ^[0-9]+$ ]]; then
valid_cidr=0
fi
fi
if [ "$valid_octets" -lt 4 ] || [ "$valid_cidr" -eq 0 ]; then
echo "Error: ip $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# IP address status
validate_format_ip_status() {
if [ -z "$(echo shared,dedicated | grep -w $1 )" ]; then
echo "Error: ip_status $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Email address
validate_format_email() {
if [[ ! "$1" =~ "@" ]] ; then
echo "Error: email $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Name
validate_format_name() {
if ! [[ "$1" =~ ^[[:alnum:]][-|\.|_[:alnum:]]{0,28}[[:alnum:]]$ ]]; then
echo "Error: $2 $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Name with space
validate_format_name_s() {
if ! [[ "$1" =~ ^[[:alnum:]][-|\ |\.|_[:alnum:]]{0,28}[[:alnum:]]$ ]]; then
echo "Error: $2 $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Username
validate_format_username() {
if [ "${#1}" -eq 1 ]; then
if ! [[ "$1" =~ [a-z] ]]; then
echo "Error: $2 $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit 1
fi
else
if ! [[ "$1" =~ ^[a-zA-Z0-9][-|\.|_|a-zA-Z0-9]{0,28}[a-zA-Z0-9]$ ]]
then
echo "Error: $2 $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit 1
fi
fi
}
# Domain
validate_format_domain() {
exclude="[!|@|#|$|^|&|*|(|)|+|=|{|}|:|,|<|>|?|_|/|\|\"|'|;|%|\`| ]"
if [[ "$1" =~ $exclude ]] || [[ "$1" =~ "^[0-9]+$" ]]; then
echo "Error: $2 $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Domain alias
validate_format_domain_alias() {
exclude="[!|@|#|$|^|&|(|)|+|=|{|}|:|,|<|>|?|_|/|\|\"|'|;|%|\`| ]"
if [[ "$1" =~ $exclude ]] || [[ "$1" =~ "^[0-9]+$" ]]; then
echo "Error: $2 $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Database
validate_format_database() {
exclude="[!|@|#|$|^|&|*|(|)|+|=|{|}|:|,|<|>|?|/|\|\"|'|;|%|\`| ]"
if [[ "$1" =~ $exclude ]] || [ 65 -le ${#1} ]; then
echo "Error: $2 $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Database user
validate_format_dbuser() {
exclude="[!|@|#|$|^|&|*|(|)|+|=|{|}|:|,|<|>|?|/|\|\"|'|;|%|\`| ]"
if [[ "$1" =~ $exclude ]] || [ 17 -le ${#1} ]; then
echo "Error: $2 $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# DNS type
validate_format_dns_type() {
known_dnstype='A,AAAA,NS,CNAME,MX,TXT,SRV,DNSKEY,KEY,IPSECKEY,PTR,SPF'
if [ -z "$(echo $known_dnstype | grep -w $1)" ]; then
echo "Error: dnstype $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# DKIM key size
validate_format_key_size() {
known_size='128,256,512,768,1024,2048'
if [ -z "$(echo $known_size | grep -w $1)" ]; then
echo "Error: key_size $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Minute / Hour / Day / Month / Day of Week
validate_format_mhdmw() {
limit=60
check_format=''
if [ "$2" = 'day' ]; then
limit=31
fi
if [ "$2" = 'month' ]; then
limit=12
fi
if [ "$2" = 'wday' ]; then
limit=7
fi
if [ "$1" = '*' ]; then
check_format='ok'
fi
if [[ "$1" =~ ^[\*]+[/]+[0-9] ]]; then
if [ "$(echo $1 |cut -f 2 -d /)" -lt $limit ]; then
check_format='ok'
fi
fi
if [[ "$1" =~ ^[0-9][-|,|0-9]{0,28}[0-9]$ ]]; then
check_format='ok'
crn_values=${1//,/ }
crn_values=${crn_values//-/ }
for crn_vl in $crn_values; do
if [ "$crn_vl" -gt $limit ]; then
check_format='invalid'
fi
done
fi
if [[ "$1" =~ ^[0-9]+$ ]] && [ "$1" -lt $limit ]; then
check_format='ok'
fi
if [ "$check_format" != 'ok' ]; then
echo "Error: $2 $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# proxy extention or DNS record
validate_format_common() {
exclude="[!|#|$|^|&|(|)|+|=|{|}|:|<|>|?|/|\|\"|'|;|%|\`| ]"
if [[ "$1" =~ $exclude ]]; then
echo "Error: $2 $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
if [ 400 -le ${#1} ]; then
echo "Error: $2 $1 is too long"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
if [[ "$1" =~ @ ]] && [ ${#1} -gt 1 ] ; then
echo "Error: @ can not be mixed"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
if [[ $1 =~ \* ]]; then
if [ "$(echo $1 | grep -o '*'|wc -l)" -gt 1 ]; then
log_event "$E_INVALID" "$EVENT"
echo "Error: * can be used only once"
fi
fi
}
# DNS record value
validate_format_dvalue() {
record_types="$(echo A,AAAA,NS,CNAME | grep -w "$rtype")"
if [[ "$1" =~ [\ ] ]] && [ ! -z "$record_types" ]; then
echo "Error: dvalue $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
if [ "$rtype" = 'A' ]; then
validate_format_ip "$1"
fi
if [ "$rtype" = 'NS' ]; then
validate_format_domain "$1" 'ns_record'
fi
if [ "$rtype" = 'MX' ]; then
validate_format_domain "$1" 'mx_record'
validate_format_int "$priority" 'priority_record'
fi
}
# Date
validate_format_date() {
if ! [[ "$1" =~ ^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]$ ]]; then
echo "Error: date $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Autoreply
validate_format_autoreply() {
exclude="[$|\`]"
if [[ "$1" =~ $exclude ]] || [ 10240 -le ${#1} ]; then
echo "Error: autoreply is not valid"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Firewall action
validate_format_fw_action() {
if [ "$1" != "ACCEPT" ] && [ "$1" != 'DROP' ] ; then
echo "Error: $1 is not valid action"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Firewall protocol
validate_format_fw_protocol() {
if [ "$1" != "ICMP" ] && [ "$1" != 'UDP' ] && [ "$1" != 'TCP' ] ; then
echo "Error: $1 is not valid protocol"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
}
# Firewall port
validate_format_fw_port() {
if [ "${#1}" -eq 1 ]; then
if ! [[ "$1" =~ [0-9] ]]; then
echo "Error: port $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit 1
fi
else
if ! [[ "$1" =~ ^[0-9][-|,|:|0-9]{0,30}[0-9]$ ]]
then
echo "Error: port $1 is not valid"
log_event "$E_INVALID" "$EVENT"
exit 1
fi
fi
}
# Format validation controller
validate_format(){
for arg_name in $*; do
eval arg=\$$arg_name
if [ -z "$arg" ]; then
echo "Error: argument $arg_name is not valid (empty)"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
case $arg_name in
account) validate_format_username "$arg" "$arg_name" ;;
action) validate_format_fw_action "$arg";;
antispam) validate_format_boolean "$arg" 'antispam' ;;
antivirus) validate_format_boolean "$arg" 'antivirus' ;;
autoreply) validate_format_autoreply "$arg" ;;
backup) validate_format_domain "$arg" 'backup' ;;
charset) validate_format_name "$arg" "$arg_name" ;;
charsets) validate_format_common "$arg" 'charsets' ;;
comment) validate_format_name "$arg" 'comment' ;;
database) validate_format_database "$arg" 'database';;
day) validate_format_mhdmw "$arg" $arg_name ;;
dbpass) validate_format_password "$arg" ;;
dbuser) validate_format_dbuser "$arg" 'db_user';;
dkim) validate_format_boolean "$arg" 'dkim' ;;
dkim_size) validate_format_key_size "$arg" ;;
domain) validate_format_domain "$arg" 'domain';;
dom_alias) validate_format_domain_alias "$arg" 'alias';;
dvalue) validate_format_dvalue "$arg";;
email) validate_format_email "$arg" ;;
exp) validate_format_date "$arg" ;;
extentions) validate_format_common "$arg" 'extentions' ;;
fname) validate_format_name_s "$arg" "$arg_name" ;;
forward) validate_format_email "$arg" ;;
ftp_password) validate_format_password "$arg" ;;
ftp_user) validate_format_username "$arg" "$arg_name" ;;
host) validate_format_domain "$arg" "$arg_name" 'host';;
hour) validate_format_mhdmw "$arg" $arg_name ;;
id) validate_format_int "$arg" 'id' ;;
interface) validate_format_interface "$arg" ;;
ip) validate_format_ip "$arg" ;;
ip_name) validate_format_domain "$arg" 'domain';;
ip_status) validate_format_ip_status "$arg" ;;
job) validate_format_int "$arg" 'job' ;;
key) validate_format_username "$arg" "$arg_name" ;;
lname) validate_format_name_s "$arg" "$arg_name" ;;
malias) validate_format_username "$arg" "$arg_name" ;;
max_db) validate_format_int "$arg" 'max db';;
min) validate_format_mhdmw "$arg" $arg_name ;;
month) validate_format_mhdmw "$arg" $arg_name ;;
nat_ip) validate_format_ip "$arg" ;;
netmask) validate_format_ip "$arg" ;;
newid) validate_format_int "$arg" 'id' ;;
ns1) validate_format_domain "$arg" 'name_server';;
ns2) validate_format_domain "$arg" 'name_server';;
ns3) validate_format_domain "$arg" 'name_server';;
ns4) validate_format_domain "$arg" 'name_server';;
object) validate_format_name_s "$arg" 'object';;
package) validate_format_name "$arg" "$arg_name" ;;
password) validate_format_password "$arg" ;;
port) validate_format_int "$arg" 'port' ;;
port_ext) validate_format_fw_port "$arg";;
protocol) validate_format_fw_protocol "$arg" ;;
quota) validate_format_int "$arg" 'quota' ;;
restart) validate_format_boolean "$arg" 'restart' ;;
record) validate_format_common "$arg" 'record';;
rtype) validate_format_dns_type "$arg" ;;
rule) validate_format_int "$arg" "rule id" ;;
shell) validate_format_shell "$arg" ;;
soa) validate_format_domain "$arg" 'soa_record';;
stats_pass) validate_format_password "$arg" ;;
stats_user) validate_format_username "$arg" "$arg_name" ;;
template) validate_format_name "$arg" "$arg_name" ;;
ttl) validate_format_int "$arg" 'ttl';;
user) validate_format_username "$arg" "$arg_name" ;;
wday) validate_format_mhdmw "$arg" $arg_name ;;
esac
done
}
Reference in New Issue View Git Blame Copy Permalink