Sec: Fix input validation in v-restart-service and add logging

Lupul · Lupul · commit 9b94bbfcd484 · 2019-08-19T08:45:28.000+03:00
added new 'service' global validation format

- restart arg must be bool if used
diff --git a/bin/v-restart-service b/bin/v-restart-service
@@ -11,7 +11,7 @@
 
 # Argument definition
 service=$1
-force=$2
+restart=$2
 
 # Includes
 source $HESTIA/func/main.sh
@@ -23,6 +23,7 @@ PATH="$PATH:/usr/local/sbin:/sbin:/usr/sbin:/root/bin"
 #----------------------------------------------------------#
 
 check_args '1' "$#" 'SERVICE'
+is_format_valid 'service' 'restart'
 
 #----------------------------------------------------------#
 #                       Action                             #
@@ -32,7 +33,7 @@ if [ "$service" = "iptables" ]; then
     # Run the restart rules for iptables firewall
     $BIN/v-stop-firewall
     $BIN/v-update-firewall
-elif [ -z "$force" -o "$force" = "no" ] && [ \
+elif [ -z "$restart" -o "$restart" = "no" ] && [ \
         "$service" = "nginx" -o     \
         "$service" = "apache2" -o   \
         "$service" = "exim4" -o     \
@@ -64,4 +65,7 @@ if [ $? -ne 0 ]; then
     log_history "Restart of $service failed."
 fi
 
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
 exit
diff --git a/func/main.sh b/func/main.sh
@@ -836,6 +836,14 @@ is_format_valid_shell() {
         exit $E_INVALID	
     fi	
 }
+
+# Service name validator
+is_service_format_valid() {
+    if ! [[ "$1" =~ ^[[:alnum:]][-|\.|_[:alnum:]]{0,64}$ ]]; then
+        check_result $E_INVALID "invalid $2 format :: $1"
+    fi
+}
+
 # Format validation controller
 is_format_valid() {
     for arg_name in $*; do
@@ -902,6 +910,7 @@ is_format_valid() {
                 restart)        is_boolean_format_valid "$arg" 'restart' ;;
                 rtype)          is_dns_type_format_valid "$arg" ;;
                 rule)           is_int_format_valid "$arg" "rule id" ;;
+                service)        is_service_format_valid "$arg" "$arg_name" ;;
                 soa)            is_domain_format_valid "$arg" 'SOA' ;;	
                 #missing command: is_format_valid_shell
                 shell)          is_format_valid_shell "$arg" ;;
