From 3910e8343605e3c2ada468a94f6d00c7d953d6a2 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 15 Dec 2025 09:57:42 -0500 Subject: [PATCH] Update Validation --- setup/so-functions | 44 ++++++++++++++++++++++++++++++++++++++++++++ setup/so-whiptail | 11 ++++++++++- 2 files changed, 54 insertions(+), 1 deletion(-) diff --git a/setup/so-functions b/setup/so-functions index 07f0f1f4f..ae0c639a1 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1762,6 +1762,50 @@ backup_dir() { } drop_install_options() { + # Ensure values written to install.txt won't later fail manager-side parsing in so-minion + strip_control_chars() { + # bash: remove ASCII control characters (incl. newlines/tabs/ESC) + printf '%s' "$1" | tr -d '[:cntrl:]' + } + + validate_install_txt_vars() { + # Sanitize first (fail closed if still invalid) + MAINIP="$(strip_control_chars "$MAINIP")" + MNIC="$(strip_control_chars "$MNIC")" + NODE_DESCRIPTION="$(strip_control_chars "$NODE_DESCRIPTION")" + ES_HEAP_SIZE="$(strip_control_chars "$ES_HEAP_SIZE")" + PATCHSCHEDULENAME="$(strip_control_chars "$PATCHSCHEDULENAME")" + INTERFACE="$(strip_control_chars "$INTERFACE")" + HOSTNAME="$(strip_control_chars "$HOSTNAME")" + LS_HEAP_SIZE="$(strip_control_chars "$LS_HEAP_SIZE")" + IDH_MGTRESTRICT="$(strip_control_chars "$IDH_MGTRESTRICT")" + IDH_SERVICES="$(strip_control_chars "$IDH_SERVICES")" + + valid_ip4 "$MAINIP" || return 1 + [[ "$MNIC" =~ ^[A-Za-z0-9_.:-]+$ ]] || return 1 + [[ "$NODE_DESCRIPTION" =~ ^[[:print:]]{0,256}$ ]] || return 1 + [[ "$ES_HEAP_SIZE" =~ ^[0-9]+[kKmMgGtTpPeE]?$ ]] || return 1 + [[ "$PATCHSCHEDULENAME" =~ ^[A-Za-z0-9._-]*$ ]] || return 1 + [[ "$INTERFACE" =~ ^[A-Za-z0-9._:,-]+$ ]] || return 1 + valid_hostname "$HOSTNAME" || return 1 + [[ "$LS_HEAP_SIZE" =~ ^[0-9]+[kKmMgGtTpPeE]?$ ]] || return 1 + [[ "$lb_procs" =~ ^[0-9]+$ ]] || return 1 + [[ "$num_cpu_cores" =~ ^[0-9]+$ ]] || return 1 + [[ -z "$IDH_MGTRESTRICT" || "$IDH_MGTRESTRICT" == "True" || "$IDH_MGTRESTRICT" == "False" ]] || return 1 + [[ -z "$IDH_SERVICES" || "$IDH_SERVICES" =~ ^[[:print:]]{0,512}$ ]] || return 1 + + return 0 + } + + if ! validate_install_txt_vars; then + if declare -F whiptail_error_message >/dev/null; then + whiptail_error_message "One or more setup values were invalid and would cause the manager to reject this node when adding it. Please re-run setup and verify hostname, management IP/interface, and node description." + else + echo "Error: invalid setup values detected; refusing to write /opt/so/install.txt" + fi + return 1 + fi + # Drop the install Variable echo "MAINIP=$MAINIP" > /opt/so/install.txt echo "MNIC=$MNIC" >> /opt/so/install.txt diff --git a/setup/so-whiptail b/setup/so-whiptail index 6fc5cbba5..80e8b48a4 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -903,8 +903,9 @@ whiptail_management_nic() { local exitstatus=$? whiptail_check_exitstatus $exitstatus - while [ -z "$MNIC" ] + while [ -z "$MNIC" ] || [[ "$MNIC" =~ [[:cntrl:]] ]] || [[ ! "$MNIC" =~ ^[A-Za-z0-9_.:-]+$ ]] do + whiptail_invalid_input MNIC=$(whiptail --title "$whiptail_title" --menu "Please select the NIC you would like to use for management.\n\nUse the arrow keys to move around and the Enter key to select." 22 75 12 "${nic_list_management[@]}" 3>&1 1>&2 2>&3 ) local exitstatus=$? whiptail_check_exitstatus $exitstatus @@ -1098,6 +1099,14 @@ whiptail_node_description() { local exitstatus=$? whiptail_check_exitstatus $exitstatus + + while [[ "$NODE_DESCRIPTION" =~ [[:cntrl:]] ]]; do + whiptail_error_message "Node description cannot contain control characters. Please enter a new description." + NODE_DESCRIPTION=$(whiptail --title "$whiptail_title" \ + --inputbox "Enter a short description for the node or press ENTER to leave blank:" 10 75 3>&1 1>&2 2>&3) + local exitstatus=$? + whiptail_check_exitstatus $exitstatus + done } whiptail_ntp_ask() {