113 lines
2.3 KiB
Go
113 lines
2.3 KiB
Go
package db
|
|
|
|
import (
|
|
"net/netip"
|
|
"strings"
|
|
"vppn/hub/errs"
|
|
)
|
|
|
|
func Config_Sanitize(c *Config) {
|
|
}
|
|
|
|
func Config_Validate(c *Config) error {
|
|
return nil
|
|
}
|
|
|
|
func Network_Sanitize(n *Network) {
|
|
n.LocalDomain = strings.TrimSpace(n.LocalDomain)
|
|
|
|
if addr, ok := netip.AddrFromSlice(n.Network); ok {
|
|
n.Network = addr.AsSlice()
|
|
}
|
|
}
|
|
|
|
func Network_Validate(c *Network) error {
|
|
// 15 bytes is linux limit for network interface names. With ending .local,
|
|
// max length is 21.
|
|
if len(c.LocalDomain) == 0 || len(c.LocalDomain) > 21 {
|
|
return errs.ErrInvalidNetName
|
|
}
|
|
|
|
if !strings.HasSuffix(c.LocalDomain, ".local") {
|
|
return errs.ErrNetNameNotLocal
|
|
}
|
|
|
|
for _, c := range strings.TrimSuffix(c.LocalDomain, ".local") {
|
|
if c >= 'a' && c <= 'z' {
|
|
continue
|
|
}
|
|
if c >= '0' && c <= '9' {
|
|
continue
|
|
}
|
|
return errs.ErrInvalidNetName
|
|
}
|
|
|
|
addr, ok := netip.AddrFromSlice(c.Network)
|
|
if !ok || !addr.Is4() || addr.As4()[3] != 0 || addr.As4()[0] == 0 {
|
|
return errs.ErrInvalidIP
|
|
}
|
|
|
|
if !addr.IsPrivate() {
|
|
return errs.ErrNonPrivateIP
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func Peer_Sanitize(p *Peer) {
|
|
p.Name = strings.TrimSpace(strings.ToLower(p.Name))
|
|
if len(p.Addr4) != 0 {
|
|
if addr, ok := netip.AddrFromSlice(p.Addr4); ok {
|
|
// Unmap so an IPv4-mapped form is stored canonically as 4 bytes.
|
|
p.Addr4 = addr.Unmap().AsSlice()
|
|
}
|
|
}
|
|
if len(p.Addr6) != 0 {
|
|
if addr, ok := netip.AddrFromSlice(p.Addr6); ok {
|
|
p.Addr6 = addr.AsSlice()
|
|
}
|
|
}
|
|
if p.Port == 0 {
|
|
p.Port = 51820
|
|
}
|
|
}
|
|
|
|
func Peer_Validate(p *Peer) error {
|
|
if p.PeerIP < 1 || p.PeerIP > 254 {
|
|
return errs.ErrInvalidPeerIP
|
|
}
|
|
if len(p.Addr4) > 0 {
|
|
// Must be a genuine IPv4 address (reject an IPv6 in the v4 field).
|
|
if addr, ok := netip.AddrFromSlice(p.Addr4); !ok || !addr.Is4() {
|
|
return errs.ErrInvalidIP
|
|
}
|
|
}
|
|
if len(p.Addr6) > 0 {
|
|
// Must be a genuine IPv6 address (reject IPv4 / IPv4-mapped in the v6 field).
|
|
if addr, ok := netip.AddrFromSlice(p.Addr6); !ok || !addr.Is6() || addr.Is4In6() {
|
|
return errs.ErrInvalidIP
|
|
}
|
|
}
|
|
if p.Port == 0 {
|
|
return errs.ErrInvalidPort
|
|
}
|
|
|
|
if len(p.Name) == 0 || len(p.Name) > 63 {
|
|
return errs.ErrInvalidPeerName
|
|
}
|
|
for _, c := range p.Name {
|
|
if c >= 'a' && c <= 'z' {
|
|
continue
|
|
}
|
|
if c >= '0' && c <= '9' {
|
|
continue
|
|
}
|
|
if c == '-' {
|
|
continue
|
|
}
|
|
return errs.ErrInvalidPeerName
|
|
}
|
|
|
|
return nil
|
|
}
|