// Copyright (c) 2021. Huawei Technologies Co., Ltd. All rights reserved.
// Package common this file common validators
package common
import (
"crypto/tls"
"errors"
"net"
"regexp"
"time"
"huawei.com/npu-exporter/hwlog"
"huawei.com/npu-exporter/utils"
"huawei.com/mindxdl/base/common/constants"
)
const (
portLowerLimit = 1025
portUpperLimit = 40000
nameMaxLength = 63
nameMinLength = 3
serviceLogMaxSize = 200
nameFormat = `^[a-z0-9]+[a-z0-9-]*[a-z0-9]+$`
)
// ServerParam ServerParam
type ServerParam struct {
IP string
Port int
Version bool
Concurrency int
MaxConcurrency int
EnableHTTP bool
EncryptAlgorithm int
TLSSuites int
CipherSuites []uint16
AuthMode string
OverdueTime int
CheckCertPeriod time.Duration
DNSName string
DirName string
ReadTimeOut time.Duration
WriteTimeOut time.Duration
}
// GetDefaultServiceParam get default service param
func GetDefaultServiceParam() *ServerParam {
return &ServerParam{
MaxConcurrency: MaxConcurrency,
CheckCertPeriod: time.Hour,
AuthMode: TwoWay,
OverdueTime: utils.OverdueTime,
ReadTimeOut: HTTPServerTimeout,
WriteTimeOut: HTTPServerTimeout,
}
}
// WebParamValid doing param check
func WebParamValid(sp *ServerParam) error {
if sp.Port < portLowerLimit || sp.Port > portUpperLimit {
return errors.New("the port is invalid")
}
parsedIP := net.ParseIP(sp.IP)
if parsedIP == nil {
return errors.New("the listen ip is invalid")
}
sp.IP = parsedIP.String()
hwlog.RunLog.Infof("listen on: %s", sp.IP)
return nil
}
// ParseTLSParams ParseTLSParams
func ParseTLSParams(sp *ServerParam) {
if sp.EncryptAlgorithm != utils.Aes128gcm && sp.EncryptAlgorithm != utils.Aes256gcm {
hwlog.RunLog.Warn("reset invalid encryptAlgorithm = 9")
sp.EncryptAlgorithm = utils.Aes256gcm
}
if sp.TLSSuites != 0 && sp.TLSSuites != 1 {
hwlog.RunLog.Warn("reset invalid tlsSuites = 1")
sp.TLSSuites = 1
}
if sp.TLSSuites == 0 {
sp.CipherSuites = []uint16{tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}
} else {
sp.CipherSuites = []uint16{tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}
}
}
// ValidName valid pod name or namespace
func ValidName(nameType, name string, b BaseCtx) bool {
if name == "" {
hwlog.RunLog.ErrorfWithCtx(b.Ctx, "%s is empty.", nameType)
return false
}
array := []rune(name)
if len(array) > nameMaxLength || len(array) < nameMinLength {
hwlog.RunLog.ErrorfWithCtx(b.Ctx, "%s length (%v) invalid.", nameType, len(array))
return false
}
var reg = regexp.MustCompile(nameFormat)
ok := reg.MatchString(name)
if !ok {
hwlog.RunLog.ErrorfWithCtx(b.Ctx, "%s is not meet requirement.", nameType)
return false
}
return true
}
func validLogLimitOffset(logOffset, logLimit uint64) error {
if logLimit > serviceLogMaxSize {
return errors.New("too large of limit")
}
if logOffset < 0 {
return errors.New("offset is less than 0")
}
return nil
}
// CheckString check string
func CheckString(passString string) error {
if matched, err := regexp.MatchString(constants.PassRegex, passString); err != nil || !matched {
return errors.New("password MatchString failed")
}
complexCheckRegexArr := []string{
constants.LowercaseCharactersRegex,
constants.UppercaseCharactersRegex,
constants.BaseNumberRegex,
constants.SpecialCharactersRegex,
}
complexCount := 0
for _, pattern := range complexCheckRegexArr {
if matched, err := regexp.MatchString(pattern, passString); matched && err == nil {
complexCount++
}
}
if complexCount < constants.MinComplexCount {
return errors.New("password complexCheck failed")
}
return nil
}
mindxdl--common--validators.go的相关教程结束。
