CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Validate list of ntp servers (ip4, hostname, or fqdn)

Browse Source
This commit is contained in:
William Wernert
2021-03-25 14:45:33 -04:00
parent 150e724a4a
commit eb674b3b93
5 changed files with 27 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
salt/common/tools/sbin/so-common
View File

@@ -419,6 +419,20 @@ valid_proxy() {
[[ $has_prefix == true ]] && [[ $valid_url == true ]] && return 0 || return 1 [[ $has_prefix == true ]] && [[ $valid_url == true ]] && return 0 || return 1
} }
valid_ntp_list() {
local string=$1
local ntp_arr
IFS="," read -r -a ntp_arr <<< "$string"
for ntp in "${ntp_arr[@]}"; do
if ! valid_ip4 "$ntp" && ! valid_hostname "$ntp" && ! valid_fqdn "$ntp"; then
return 1
fi
done
return 0
}
valid_string() { valid_string() {
local str=$1 local str=$1
local min_length=${2:-1} local min_length=${2:-1}

13
setup/so-functions
View File

@@ -489,10 +489,17 @@ collect_node_ls_pipeline_worker_count() {
collect_ntp_servers() { collect_ntp_servers() {
if [[ $is_airgap || "$NSMSETUP" = 'ADVANCED' || "$MANAGERADV" = 'ADVANCED' || -n $so_proxy ]]; then if [[ $is_airgap || "$NSMSETUP" = 'ADVANCED' || "$MANAGERADV" = 'ADVANCED' || -n $so_proxy ]]; then
if whiptail_ntp_ask; then if whiptail_ntp_ask; then
[[ $is_airgap ]] && ntp_servers="" [[ $is_airgap ]] && ntp_servers=()
whiptail_ntp_servers "$ntp_servers" whiptail_ntp_servers "$ntp_string"
while ! valid_ntp_list "$ntp_string"; do
whiptail_invalid_input
whiptail_ntp_servers "$ntp_string"
done
IFS="," read -r -a ntp_servers <<< "$ntp_string" # Split string on commas into array
else else
ntp_servers="" ntp_servers=()
fi fi
fi fi
} }

2
setup/so-setup
View File

@@ -584,7 +584,7 @@ set_redirect >> $setup_log 2>&1
# Show initial progress message # Show initial progress message
set_progress_str 0 'Running initial configuration steps' set_progress_str 0 'Running initial configuration steps'
[[ -z $ntp_configured ]] && [[ -n $ntp_servers ]] && configure_ntp >> $setup_log 2>&1 [[ -z $ntp_configured ]] && [[ ${#ntp_servers[@]} -gt 0 ]] && configure_ntp >> $setup_log 2>&1
reserve_ports reserve_ports

4
setup/so-variables
View File

@@ -73,5 +73,5 @@ export install_opt_file
net_init_file=/root/net_init net_init_file=/root/net_init
export net_init_file export net_init_file
ntp_servers="0.pool.ntp.org,1.pool.ntp.org" ntp_string="0.pool.ntp.org,1.pool.ntp.org"
export ntp_servers export ntp_string

2
setup/so-whiptail
View File

@@ -1119,8 +1119,6 @@ whiptail_ntp_servers() {
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
IFS="," read -r -a ntp_servers <<< "$ntp_string" # Split string on commas into array
} }
whiptail_oinkcode() { whiptail_oinkcode() {