summaryrefslogtreecommitdiff
path: root/kvmd/validators/net.py
blob: f92dc9787631d9c5f7d4be0eed81b126b2296aa6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
# ========================================================================== #
#                                                                            #
#    KVMD - The main PiKVM daemon.                                           #
#                                                                            #
#    Copyright (C) 2018-2022  Maxim Devaev <[email protected]>               #
#                                                                            #
#    This program is free software: you can redistribute it and/or modify    #
#    it under the terms of the GNU General Public License as published by    #
#    the Free Software Foundation, either version 3 of the License, or       #
#    (at your option) any later version.                                     #
#                                                                            #
#    This program is distributed in the hope that it will be useful,         #
#    but WITHOUT ANY WARRANTY; without even the implied warranty of          #
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the           #
#    GNU General Public License for more details.                            #
#                                                                            #
#    You should have received a copy of the GNU General Public License       #
#    along with this program.  If not, see <https://www.gnu.org/licenses/>.  #
#                                                                            #
# ========================================================================== #


import ipaddress
import ssl

from typing import Callable
from typing import Any

from . import ValidatorError
from . import raise_error
from . import check_re_match
from . import check_any

from .basic import valid_number
from .basic import valid_stripped_string_not_empty
from .basic import valid_string_list


# =====
def valid_ip_or_host(arg: Any) -> str:
    name = "IPv4/6 address or RFC-1123 hostname"
    return check_any(
        arg=valid_stripped_string_not_empty(arg, name),
        name=name,
        validators=[
            valid_ip,
            valid_rfc_host,
        ],
    )


def valid_ip(arg: Any, v4: bool=True, v6: bool=True) -> str:
    assert v4 or v6
    validators: list[Callable] = []
    versions: list[str] = []
    if v4:
        validators.append(lambda arg: str(ipaddress.IPv4Address(arg)))
        versions.append("4")
    if v6:
        validators.append(lambda arg: str(ipaddress.IPv6Address(arg)))
        versions.append("6")
    name = f"IPv{'/'.join(versions)} address"
    return check_any(
        arg=valid_stripped_string_not_empty(arg, name),
        name=name,
        validators=validators,
    )


def valid_net(arg: Any, v4: bool=True, v6: bool=True) -> str:
    assert v4 or v6
    validators: list[Callable] = []
    versions: list[str] = []
    if v4:
        validators.append(lambda arg: str(ipaddress.IPv4Network(arg)))
        versions.append("4")
    if v6:
        validators.append(lambda arg: str(ipaddress.IPv6Network(arg)))
        versions.append("6")
    name = f"IPv{'/'.join(versions)} network"
    if "/" not in str(arg):
        raise_error(arg, name)
    return check_any(
        arg=valid_stripped_string_not_empty(arg, name),
        name=name,
        validators=validators,
    )


def valid_rfc_host(arg: Any) -> str:
    # http://stackoverflow.com/questions/106179/regular-expression-to-match-hostname-or-ip-address
    pattern = r"^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*" \
              r"([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$"
    return check_re_match(arg, "RFC-1123 hostname", pattern)


def valid_port(arg: Any) -> int:
    return int(valid_number(arg, min=0, max=65535, name="network port"))


def valid_ports_list(arg: Any) -> list[int]:
    return list(map(int, valid_string_list(arg, subval=valid_port, name="ports list")))


def valid_mac(arg: Any) -> str:
    pattern = ":".join([r"[0-9a-fA-F]{2}"] * 6)
    return check_re_match(arg, "MAC address", pattern).lower()


def valid_ssl_ciphers(arg: Any) -> str:
    name = "SSL ciphers"
    arg = valid_stripped_string_not_empty(arg, name)
    try:
        ssl.SSLContext(ssl.PROTOCOL_TLS).set_ciphers(arg)
    except Exception as err:
        raise ValidatorError(f"The argument {arg!r} is not a valid {name}: {err}")
    return arg


def valid_url(arg: Any) -> str:
    # XXX: VERY primitive
    return check_re_match(arg, "HTTP(S) URL", r"^https?://[\[\w]+\S*")