From 95f4c632f7b0e0b2125766bf02036c89a6b50e7a Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 13 Jun 2020 20:30:03 +0100 Subject: [PATCH 1/5] expand valid_ip to allow for custom ports Signed-off-by: Adam Warner --- automated install/basic-install.sh | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index e396e617..4352c578 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1017,21 +1017,29 @@ valid_ip() { local ip=${1} local stat=1 - # If the IP matches the format xxx.xxx.xxx.xxx, - if [[ "${ip}" =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then + # If the IP matches the format xxx.xxx.xxx.xxx (optional port of range #0-65536), also ensure string ends with 0-9 + if [[ "${ip}" =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}#{0,1}[0-9]{0,5}$ && "${ip}" =~ ^.*[0-9]$ ]]; then # Save the old Internal Field Separator in a variable OIFS=$IFS # and set the new one to a dot (period) - IFS='.' + IFS='.#' # Put the IP into an array read -r -a ip <<< "${ip}" # Restore the IFS to what it was IFS=${OIFS} + ## Evaluate each octet by checking if it's less than or equal to 255 (the max for each octet) - [[ "${ip[0]}" -le 255 && "${ip[1]}" -le 255 \ - && "${ip[2]}" -le 255 && "${ip[3]}" -le 255 ]] + [[ "${ip[0]}" -le 255 && "${ip[1]}" -le 255 && "${ip[2]}" -le 255 && "${ip[3]}" -le 255 ]] # Save the exit code stat=$? + + # If there is a 5th part to the array, then it is a port number - check it is between 1 and 65536 + if [[ "${ip[4]}" ]]; then + [[ "${ip[4]}" -ge 1 && "${ip[4]}" -le 65536 ]] + # Save the exit code + stat=$? + fi + fi # Return the exit code return "${stat}" From 0320d850288b5994ae1393ed260d7711d31379b5 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 13 Jun 2020 20:57:57 +0100 Subject: [PATCH 2/5] Additionally source the install script in webpage.sh to validate IP entered on `pihole -a setdns` Signed-off-by: Adam Warner --- advanced/Scripts/webpage.sh | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 0fabdeb4..b7e9c60f 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -10,18 +10,21 @@ # This file is copyright under the latest version of the EUPL. # Please see LICENSE file for your rights under this license. -readonly setupVars="/etc/pihole/setupVars.conf" readonly dnsmasqconfig="/etc/dnsmasq.d/01-pihole.conf" readonly dhcpconfig="/etc/dnsmasq.d/02-pihole-dhcp.conf" readonly FTLconf="/etc/pihole/pihole-FTL.conf" # 03 -> wildcards readonly dhcpstaticconfig="/etc/dnsmasq.d/04-pihole-static-dhcp.conf" -readonly PI_HOLE_BIN_DIR="/usr/local/bin" readonly dnscustomfile="/etc/pihole/custom.list" readonly dnscustomcnamefile="/etc/dnsmasq.d/05-pihole-custom-cname.conf" readonly gravityDBfile="/etc/pihole/gravity.db" +# Source install script for ${setupVars}, ${PI_HOLE_BIN_DIR} and valid_ip() +readonly PI_HOLE_FILES_DIR="/etc/.pihole" +PH_TEST="true" +source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh" + coltable="/opt/pihole/COL_TABLE" if [[ -f ${coltable} ]]; then source ${coltable} @@ -227,7 +230,15 @@ SetDNSServers() { for index in "${!array[@]}" do # Replace possible "\#" by "#". This fixes AdminLTE#1427 - add_setting "PIHOLE_DNS_$((index+1))" "${array[index]//\\#/#}" + local ip + ip="${array[index]//\\#/#}" + + if valid_ip "${ip}" ; then + add_setting "PIHOLE_DNS_$((index+1))" "${ip}" + else + echo -e " ${CROSS} Invalid IP has been passed" + exit 1 + fi done if [[ "${args[3]}" == "domain-needed" ]]; then From 011fa8c6ea8eab58b4ba93e2d89e22b01ab1fdc6 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 13 Jun 2020 21:47:00 +0100 Subject: [PATCH 3/5] fix sticklr complaint Signed-off-by: Adam Warner --- advanced/Scripts/webpage.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index b7e9c60f..3ab0a4a5 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -22,6 +22,7 @@ readonly gravityDBfile="/etc/pihole/gravity.db" # Source install script for ${setupVars}, ${PI_HOLE_BIN_DIR} and valid_ip() readonly PI_HOLE_FILES_DIR="/etc/.pihole" +# shellcheck disable=SC2034 # used in basic-install PH_TEST="true" source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh" From fe30ce10d361c5ceb823aa88131caf03bdab0e6e Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 15 Jun 2020 21:21:40 +0100 Subject: [PATCH 4/5] simpler regex suggested by @MichaIng Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 4352c578..0b2ddef1 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1018,7 +1018,7 @@ valid_ip() { local stat=1 # If the IP matches the format xxx.xxx.xxx.xxx (optional port of range #0-65536), also ensure string ends with 0-9 - if [[ "${ip}" =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}#{0,1}[0-9]{0,5}$ && "${ip}" =~ ^.*[0-9]$ ]]; then + if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}(#[0-9]{1,5})?$ ]]; then # Save the old Internal Field Separator in a variable OIFS=$IFS # and set the new one to a dot (period) From bbfbf67fcf44dbf1c19a5238fc80e1fb191a0095 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 15 Jun 2020 22:52:24 +0100 Subject: [PATCH 5/5] further simplify the function, per @dl6er's suggestion Signed-off-by: Adam Warner --- automated install/basic-install.sh | 30 ++++++++---------------------- 1 file changed, 8 insertions(+), 22 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 0b2ddef1..6e05eda4 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1017,30 +1017,16 @@ valid_ip() { local ip=${1} local stat=1 - # If the IP matches the format xxx.xxx.xxx.xxx (optional port of range #0-65536), also ensure string ends with 0-9 - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}(#[0-9]{1,5})?$ ]]; then - # Save the old Internal Field Separator in a variable - OIFS=$IFS - # and set the new one to a dot (period) - IFS='.#' - # Put the IP into an array - read -r -a ip <<< "${ip}" - # Restore the IFS to what it was - IFS=${OIFS} + # One IPv4 element is 8bit: 0 - 256 + local ipv4elem="(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]?|0)"; + # optional port number starting '#' with range of 1-65536 + local portelem="(#([1-9]|[1-8][0-9]|9[0-9]|[1-8][0-9]{2}|9[0-8][0-9]|99[0-9]|[1-8][0-9]{3}|9[0-8][0-9]{2}|99[0-8][0-9]|999[0-9]|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-6]))?" + # build a full regex string from the above parts + local regex="^${ipv4elem}\.${ipv4elem}\.${ipv4elem}\.${ipv4elem}${portelem}$" - ## Evaluate each octet by checking if it's less than or equal to 255 (the max for each octet) - [[ "${ip[0]}" -le 255 && "${ip[1]}" -le 255 && "${ip[2]}" -le 255 && "${ip[3]}" -le 255 ]] - # Save the exit code - stat=$? + [[ $ip =~ ${regex} ]] - # If there is a 5th part to the array, then it is a port number - check it is between 1 and 65536 - if [[ "${ip[4]}" ]]; then - [[ "${ip[4]}" -ge 1 && "${ip[4]}" -le 65536 ]] - # Save the exit code - stat=$? - fi - - fi + stat=$? # Return the exit code return "${stat}" }