diff --git a/heartbeat/findif.sh b/heartbeat/findif.sh index fd92d9be0..e6a9ea42a 100644 --- a/heartbeat/findif.sh +++ b/heartbeat/findif.sh @@ -1,180 +1,256 @@ #!/bin/sh ipcheck_ipv4() { local r1_to_255="([1-9][0-9]?|1[0-9][0-9]|2[0-4][0-9]|25[0-5])" local r0_to_255="([0-9][0-9]?|1[0-9][0-9]|2[0-4][0-9]|25[0-5])" local r_ipv4="^$r1_to_255\.$r0_to_255\.$r0_to_255\.$r0_to_255$" echo "$1" | grep -q -Ee "$r_ipv4" } ipcheck_ipv6() { ! echo "$1" | grep -qs "[^0-9:a-fA-F]" } ifcheck() { local ifname="$1" $IP2UTIL link show dev $ifname 2>&1 >/dev/null } prefixcheck() { local prefix=$1 local prefix_length=${#prefix} local prefix_check=$2 if [ $prefix_length -gt 3 -o $prefix_length -eq 0 ] ; then return 1 fi echo "$prefix" | grep -qs "[^0-9]" if [ $? = 0 ] ; then return 1 fi if [ $prefix -lt 1 -o $prefix -gt $prefix_check ] ; then return 1 fi return 0 } getnetworkinfo() { local line netinfo ip -o -f inet route list match $OCF_RESKEY_ip table local scope host | (while read line; do netinfo=`echo $line | awk '{print $2}'` case $netinfo in */*) set -- $line break ;; esac done echo $line) } +# previous versions of the IPaddr2 resource agent used to accept a netmask +# in dotted quad notation (and convert to cidr notation implicitly; possibly +# with warnings nobody ever noticed) +# We can do so here as well. +maybe_convert_dotted_quad_to_cidr() +{ + # does this even look like a dotted quad notation? + case $netmask in + # invalid if it contains other than digits and dots + # invalid if it contains adjacent dots, + # or starts or ends with a dot + # or more than three dots + # or more than three digits in a row + *[!0-9.]* | *..* | *.*.*.*.* | .* | *. | *[0-9][0-9][0-9][0-9]* ) + return ;; + + # do we have three dots? + # component range check on <= 255 is done below + *.*.*.*) : ;; + + *) return ;; + esac + + local IFS=. + set -- $netmask + [ $# = 4 ] || return; + + local b m=0 mask; + for b ; do + [ $b -le 255 ] || return; + m=$(( (m << 8) + b )); + done; + case $m in + # for i in `seq 32 -1 0`; do printf "%10u) netmask=$i ;;\n" $(( ((1 << i)-1) << (32 - i) )); done + 4294967295) mask=32 ;; + 4294967294) mask=31 ;; + 4294967292) mask=30 ;; + 4294967288) mask=29 ;; + 4294967280) mask=28 ;; + 4294967264) mask=27 ;; + 4294967232) mask=26 ;; + 4294967168) mask=25 ;; + 4294967040) mask=24 ;; + 4294966784) mask=23 ;; + 4294966272) mask=22 ;; + 4294965248) mask=21 ;; + 4294963200) mask=20 ;; + 4294959104) mask=19 ;; + 4294950912) mask=18 ;; + 4294934528) mask=17 ;; + 4294901760) mask=16 ;; + 4294836224) mask=15 ;; + 4294705152) mask=14 ;; + 4294443008) mask=13 ;; + 4293918720) mask=12 ;; + 4292870144) mask=11 ;; + 4290772992) mask=10 ;; + 4286578688) mask=9 ;; + 4278190080) mask=8 ;; + 4261412864) mask=7 ;; + 4227858432) mask=6 ;; + 4160749568) mask=5 ;; + 4026531840) mask=4 ;; + 3758096384) mask=3 ;; + 3221225472) mask=2 ;; + 2147483648) mask=1 ;; + 0) mask=0 ;; + *) ocf_log err "Bogus netmask: $netmask" ; return ;; + esac + ocf_log warn "Please convert dotted quad netmask $netmask to CIDR notation $mask!" + netmask=$mask +} + findif_check_params() { local family="$1" local match="$OCF_RESKEY_ip" local nic="$OCF_RESKEY_nic" - local netmask="$OCF_RESKEY_cidr_netmask" + # netmask NOT local, see maybe_convert_dotted_quad_to_cidr + netmask="$OCF_RESKEY_cidr_netmask" local brdcast="$OCF_RESKEY_broadcast" local errmsg + maybe_convert_dotted_quad_to_cidr + # Do a sanity check only on start and validate-all # to avoid returning OCF_ERR_CONFIGURED from the monitor operation. case $__OCF_ACTION in start|validate-all) true;; *) return $OCF_SUCCESS;; esac if [ -n "$nic" ] ; then errmsg=`ifcheck $nic` if [ $? -ne 0 ] ; then ocf_log err "Invalid interface name [$nic]: $errmsg" return $OCF_ERR_CONFIGURED fi fi if [ "$family" = "inet6" ] ; then ipcheck_ipv6 $match if [ $? = 1 ] ; then ocf_log err "IP address [$match] not valid." return $OCF_ERR_CONFIGURED fi if [ -z "$nic" ] ; then echo $match | grep -qis '^fe80::' if [ $? = 0 ] ; then ocf_log err "'nic' parameter is mandatory for a link local address [$match]." return $OCF_ERR_CONFIGURED fi fi if [ -n "$netmask" ] ; then prefixcheck $netmask 128 if [ $? = 1 ] ; then ocf_log err "Invalid netmask specification [$netmask]." return $OCF_ERR_CONFIGURED fi fi else # family = inet ipcheck_ipv4 $match if [ $? = 1 ] ; then ocf_log err "IP address [$match] not valid." return $OCF_ERR_CONFIGURED fi if [ -n "$netmask" ] ; then prefixcheck $netmask 32 if [ $? = 1 ] ; then ocf_log err "Invalid netmask specification [$netmask]." return $OCF_ERR_CONFIGURED fi fi if [ -n "$brdcast" ] ; then ipcheck_ipv4 $brdcast if [ $? = 1 ] ; then ocf_log err "Invalid broadcast address [$brdcast]." return $OCF_ERR_CONFIGURED fi fi fi return $OCF_SUCCESS } findif() { local match="$OCF_RESKEY_ip" local family local scope local nic="$OCF_RESKEY_nic" local netmask="$OCF_RESKEY_cidr_netmask" local brdcast="$OCF_RESKEY_broadcast" echo $match | grep -qs ":" if [ $? = 0 ] ; then family="inet6" else family="inet" scope="scope link" fi findif_check_params $family || return $? if [ -n "$netmask" ] ; then match=$match/$netmask fi if [ -n "$nic" ] ; then # NIC supports more than two. set -- `ip -o -f $family route list match $match $scope | grep "dev $nic"` else set -- `ip -o -f $family route list match $match $scope` fi if [ $# = 0 ] ; then case $OCF_RESKEY_ip in 127.*) set -- `getnetworkinfo` shift;; esac fi if [ -z "$nic" -o -z "$netmask" ] ; then if [ $# = 0 ] ; then ocf_log err "Unable to find nic or netmask." return $OCF_ERR_GENERIC fi case $1 in */*) : OK ;; *) ocf_log err "Unable to find cidr_netmask." return $OCF_ERR_GENERIC ;; esac fi [ -z "$nic" ] && nic=$3 [ -z "$netmask" ] && netmask=${1#*/} if [ $family = "inet" ] ; then if [ -z "$brdcast" ] ; then if [ -n "$7" ] ; then set -- `ip -o -f $family addr show | grep $7` [ "$5" = brd ] && brdcast=$6 fi fi else if [ -z "$OCF_RESKEY_nic" -a "$netmask" != "${1#*/}" ] ; then ocf_log err "Unable to find nic, or netmask mismatch." return $OCF_ERR_GENERIC fi fi echo "$nic netmask $netmask broadcast $brdcast" return $OCF_SUCCESS }