INN commit: branches/2.5/scripts (inncheck.in)

INN Commit rra at isc.org
Sun Jul 17 19:07:27 UTC 2011


    Date: Sunday, July 17, 2011 @ 12:07:27
  Author: iulius
Revision: 9271

inncheck:  improvements in checks

* inncheck was looking for require-ssl instead of require_ssl; and it wasn't
accepting IPv6 addresses in CIDR notation at all.

* Allow uppercase characters in IPv6 addresses.
RFC 5952 section 4 / 4.3 says that all characters in an IPv6 address
MUST be textually represented in lowercase and advises that humans
should do so, too.  At the same time, all implementations must be able to
accept both lowercase and uppercase.

* Suppress (useless and misleading) error messages after an error
is detected, until the parser is back in sync.
The drawback is that it will hide two consecutive errors until the
first one gets fixed.

* Allow not to specify the maximum size in storage.conf.
"size: 16384," was treated as an error though it was totally valid
and meant "no upper limit".

* Recognize inclusions in readers.conf and innfeed.conf.
inncheck will ignore the include statement.
The drawback is that every file must be self-contained on its own:
a file must be a "complete" set of blocks and options.
In order to check the included file, inncheck has to be run again
on it (with for instance the option "readers.conf=/path/to/included/file").

Patch from Florian Schlichting.

Modified:
  branches/2.5/scripts/inncheck.in

-------------+
 inncheck.in |   38 +++++++++++++++++++++++++++++---------
 1 file changed, 29 insertions(+), 9 deletions(-)

Modified: inncheck.in
===================================================================
--- inncheck.in	2011-07-17 18:55:03 UTC (rev 9270)
+++ inncheck.in	2011-07-17 19:07:27 UTC (rev 9271)
@@ -161,14 +161,19 @@
 
 ##  Build regular expressions used for checking configuration values.
 my $dot = '\.';
+my $wildmat = '\[\]\*\?-'; # anybody needing ^ ! @ ??
 my $ip = '(?:25[0-5]|2[0-4][0-9]|[0-1]?[0-9]{1,2})';
 my $ipv4 = "$ip$dot$ip$dot$ip$dot$ip";
 my $ipv4_cidr = "$ip(?:$dot$ip){0,3}\\/[1-3]?\\d";
-my $ipv4_wildmat = '[\d\[\]\*]+(?:\.[\d\[\]\*]+){0,3}';
-my $ipv6 = '[\da-f:.]+'; # e.g. ::ffff:192.168.0.10
+my $ipv4_wildmat = "[\\d$wildmat]+(?:$dot\[\\d$wildmat\]+){0,3}";
+my $ip6 = '\da-fA-F:';
+my $ipv6 = "[$ip6]+(?:$ipv4)?"; # e.g. ::ffff:192.168.0.10
+my $ipv6_cidr = "[$ip6]+\\/1?\\d?\\d";
+my $ipv6_wildmat = "[$ip6$wildmat]+";
 my $hostname = '[\w-]+|[\w.-]+\.[a-zA-Z]{2,}'; # hostname, FQDN
+my $hostname_wildmat = '(?:[-\w\[\]\*\?]+\.)?'."(?:$hostname)"; # Assumption:  wildmat chars only in leftmost subdomain part
 my $hostnameRE = "(?:$hostname|$ipv4|$ipv6)";
-my $hostblockRE = '(?:(?:[-\w\[\]\*\?]+\.)?'."(?:$hostname)|$ipv4_wildmat|$ipv4_cidr|$ipv6)"; # Assumption:  wildmat chars only in leftmost subdomain part
+my $hostblockRE = "(?:$hostname_wildmat|$ipv4_cidr|$ipv4_wildmat|$ipv6|$ipv6_cidr|$ipv6_wildmat)";
 my %type_regex = (
     'boolean'                           => '^(?:true|false)$', # innfeed.conf doesn't allow other
     'floating-point number'             => '^\d+\.\d+$',       # no exponents
@@ -178,8 +183,8 @@
     'IPv6 address / "any / "none"'      => '^(?:' . $ipv6 . '|any|none)$',
     'list of hostnames'                 => '^'.$hostnameRE.'(?:\s*,\s*'.$hostnameRE.')*$',
     'list of hostnames or netblocks'    => '^'.$hostblockRE.'(?:\s*,\s*'.$hostblockRE.')*$',
-    'minsize[,maxsize] definition'      => '^\d+(?:,\d+)?$',
-    'mintime[,maxtime] definition'      => '^(?:\d+[Mdhms])+(?:,(?:\d+[Mdhms])+)?$',
+    'minsize[,maxsize] definition'      => '^\d+(?:,\d*)?$',
+    'mintime[,maxtime] definition'      => '^(?:\d+[Mdhms])+(?:,(?:\d+[Mdhms])*)?$',
     'number'                            => '^\d+$',
     'number / "unlimited" / "none"'     => '^(?:\d+|unlimited|none)$',
     'path'                              => '.*', # useful?
@@ -197,11 +202,13 @@
     my @groups; # our stack of nested groups
     my %return; # flat hash of groups returned to caller for further examination
     my $group = { 'type' => '<global scope>', 'line' => 0, 'name' => '<global scope>' };
+    my $parse_error = 0; # stop printing errors when we've seen unknown text, until re-sync
 
     while (my $word = get_config_word()) {
         if (defined $options->{$word}) {
             # $word starts a new group definition:  "peer news.example.com {"
             my ($name, $curly);
+            $parse_error = 0;
 
             eprint "$file:$line: cannot nest $word in $group->{'type'}!\n"
                 unless ($group->{'type'} eq 'group'
@@ -230,6 +237,7 @@
         }
 
         if ($word eq '}') {
+            $parse_error = 0;
             if (scalar @groups == 0) {
                 eprint "$file:$line: extra closing brace";
             } else {
@@ -239,9 +247,16 @@
             next;
         }
 
+        # include-file hack:  ignore; user needs to check it separately
+        if (defined $options->{'<include>'}->{$word}) {
+            $parse_error = 0;
+            my $includefile = get_config_word();
+            next;
+        }
+
         # $word must be an option key by now
         eprint "$file:$line: option $word must be immediately followed by a colon\n"
-            unless $word =~ s/:$//;
+            unless $word =~ s/:$// or $parse_error;
         eprint "$file:$line: duplicate option $word in $group->{'type'} $group->{'name'}\n"
             if exists $group->{$word} and not defined $options->{'<multi>'}->{$word};
 
@@ -249,12 +264,15 @@
                  : defined $options->{'<anywhere>'}->{$word}     ? $options->{'<anywhere>'}->{$word}
                  : undef;
         if ($type) {
+            $parse_error = 0;
             my $value = get_config_word();
             $group->{$word} = $value;
             eprint "$file:$line: not a valid $type: '$value'\n"
                 unless $value =~ /$type_regex{$type}/;
         } else {
-            eprint "$file:$line: not a valid option name: $word\n";
+            eprint "$file:$line: not a valid option name: $word\n"
+                unless $parse_error;
+            $parse_error = 1;
         }
     }
     while (scalar @groups > 0) {
@@ -601,6 +619,7 @@
             'peer'              => {
                 'ip-name'               => 'hostname',
             },
+            '<include>'         => { '$INCLUDE' => 'ignore' },
         }
     );
     # check presence of required keys in global scope
@@ -915,7 +934,7 @@
                 'default'       => 'string',
                 'default-domain'=> 'string',
                 'key'           => 'string',
-                'require-ssl'   => 'boolean',
+                'require_ssl'   => 'boolean',
                 'perl_access'   => 'path',
                 'python_access' => 'path',
                 'python_dynamic'=> 'path',
@@ -967,7 +986,8 @@
                 'auth'          => 1,
                 'perl_auth'     => 1,
                 'python_auth'   => 1,
-            }
+            },
+            '<include>' => { 'include' => 'ignore' },
         }
     );
     return;




More information about the inn-committers mailing list