// Copyright (c) 2021. Huawei Technologies Co., Ltd. All rights reserved.

// Package common this file common validators
package common

import (
   "crypto/tls"
   "errors"
   "net"
   "regexp"
   "time"

   "huawei.com/npu-exporter/hwlog"
   "huawei.com/npu-exporter/utils"

   "huawei.com/mindxdl/base/common/constants"
)

const (
   portLowerLimit    = 1025
   portUpperLimit    = 40000
   nameMaxLength     = 63
   nameMinLength     = 3
   serviceLogMaxSize = 200
   nameFormat        = `^[a-z0-9]+[a-z0-9-]*[a-z0-9]+$`
)

// ServerParam ServerParam
type ServerParam struct {
   IP               string
   Port             int
   Version          bool
   Concurrency      int
   MaxConcurrency   int
   EnableHTTP       bool
   EncryptAlgorithm int
   TLSSuites        int
   CipherSuites     []uint16
   AuthMode         string
   OverdueTime      int
   CheckCertPeriod  time.Duration
   DNSName          string
   DirName          string
   ReadTimeOut      time.Duration
   WriteTimeOut     time.Duration
}

// GetDefaultServiceParam get default service param
func GetDefaultServiceParam() *ServerParam {
   return &ServerParam{
      MaxConcurrency:  MaxConcurrency,
      CheckCertPeriod: time.Hour,
      AuthMode:        TwoWay,
      OverdueTime:     utils.OverdueTime,
      ReadTimeOut:     HTTPServerTimeout,
      WriteTimeOut:    HTTPServerTimeout,
   }
}

// WebParamValid doing param check
func WebParamValid(sp *ServerParam) error {
   if sp.Port < portLowerLimit || sp.Port > portUpperLimit {
      return errors.New("the port is invalid")
   }
   parsedIP := net.ParseIP(sp.IP)
   if parsedIP == nil {
      return errors.New("the listen ip is invalid")
   }
   sp.IP = parsedIP.String()
   hwlog.RunLog.Infof("listen on: %s", sp.IP)

   return nil
}

// ParseTLSParams ParseTLSParams
func ParseTLSParams(sp *ServerParam) {
   if sp.EncryptAlgorithm != utils.Aes128gcm && sp.EncryptAlgorithm != utils.Aes256gcm {
      hwlog.RunLog.Warn("reset invalid encryptAlgorithm = 9")
      sp.EncryptAlgorithm = utils.Aes256gcm
   }
   if sp.TLSSuites != 0 && sp.TLSSuites != 1 {
      hwlog.RunLog.Warn("reset invalid tlsSuites = 1")
      sp.TLSSuites = 1
   }
   if sp.TLSSuites == 0 {
      sp.CipherSuites = []uint16{tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}
   } else {
      sp.CipherSuites = []uint16{tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}
   }
}

// ValidName valid pod name or namespace
func ValidName(nameType, name string, b BaseCtx) bool {
   if name == "" {
      hwlog.RunLog.ErrorfWithCtx(b.Ctx, "%s is empty.", nameType)
      return false
   }
   array := []rune(name)
   if len(array) > nameMaxLength || len(array) < nameMinLength {
      hwlog.RunLog.ErrorfWithCtx(b.Ctx, "%s length (%v) invalid.", nameType, len(array))
      return false
   }
   var reg = regexp.MustCompile(nameFormat)
   ok := reg.MatchString(name)
   if !ok {
      hwlog.RunLog.ErrorfWithCtx(b.Ctx, "%s is not meet requirement.", nameType)
      return false
   }
   return true
}

func validLogLimitOffset(logOffset, logLimit uint64) error {
   if logLimit > serviceLogMaxSize {
      return errors.New("too large of limit")
   }
   if logOffset < 0 {
      return errors.New("offset is less than 0")
   }
   return nil
}

// CheckString check string
func CheckString(passString string) error {
   if matched, err := regexp.MatchString(constants.PassRegex, passString); err != nil || !matched {
      return errors.New("password MatchString failed")
   }

   complexCheckRegexArr := []string{
      constants.LowercaseCharactersRegex,
      constants.UppercaseCharactersRegex,
      constants.BaseNumberRegex,
      constants.SpecialCharactersRegex,
   }
   complexCount := 0
   for _, pattern := range complexCheckRegexArr {
      if matched, err := regexp.MatchString(pattern, passString); matched && err == nil {
         complexCount++
      }
   }
   if complexCount < constants.MinComplexCount {
      return errors.New("password complexCheck failed")
   }
   return nil
}

mindxdl--common--validators.go的更多相关文章

  1. RoR - More Active Record

    Active Record Scope: default_scope:   默认的检索方式 #Use unscoped to break out of the default class Hobby ...

  2. Yii2在Form中处理短信验证码的Validator,耦合度最低的短信验证码验证方式

    短信验证码在目前大多数web应用中都会有,本文介绍一个基于Yii2 Validator方式的验证码验证方式. 在其他文章中看到的方式大多比较难做到一次封装,多次重用. 使用此方式的好处自然不用多说,V ...

  3. ASP.NET - Validators

    ASP.NET validation controls validate the user input data to ensure that useless, unauthenticated, or ...

  4. Socket聊天程序——Common

    写在前面: 上一篇记录了Socket聊天程序的客户端设计,为了记录的完整性,这里还是将Socket聊天的最后一个模块--Common模块记录一下.Common的设计如下: 功能说明: Common模块 ...

  5. angularjs 1 开发简单案例(包含common.js,service.js,controller.js,page)

    common.js var app = angular.module('app', ['ngFileUpload']) .factory('SV_Common', function ($http) { ...

  6. Common Bugs in C Programming

    There are some Common Bugs in C Programming. Most of the contents are directly from or modified from ...

  7. ANSI Common Lisp Practice - My Answers - Chatper - 3

    Ok, Go ahead. 1 (a) (b) (c) (d) 2 注:union 在 Common Lisp 中的作用就是求两个集合的并集.但是这有一个前提,即给的两个列表已经满足集合的属性了.具体 ...

  8. [LeetCode] Lowest Common Ancestor of a Binary Tree 二叉树的最小共同父节点

    Given a binary tree, find the lowest common ancestor (LCA) of two given nodes in the tree. According ...

  9. [LeetCode] Lowest Common Ancestor of a Binary Search Tree 二叉搜索树的最小共同父节点

    Given a binary search tree (BST), find the lowest common ancestor (LCA) of two given nodes in the BS ...

  10. [LeetCode] Longest Common Prefix 最长共同前缀

    Write a function to find the longest common prefix string amongst an array of strings. 这道题让我们求一系列字符串 ...

随机推荐

  1. Mac隔空投送功能

    使用mac 或iphone 的隔空投送功能可以互发文件,亲测可用 具体可以看mac的文档 需要注意的是: 如果是mac传iphone,iphone会显示你需要存储文件的地方,比如选择在文稿中.然后在文 ...

  2. electron 起步

    electron 起步 为什么要学 Electron,因为公司需要调试 electron 的应用. Electron 是 node 和 chromium 的结合体,可以使用 JavaScript,HT ...

  3. 更改elasticsearch中索引的mapping

    文章转载自:https://www.cnblogs.com/uglyliu/p/12331964.html 昨天研发说在kibana中统计userid字段不出图,后来查到该字段显示冲突了,然后再查看了 ...

  4. ProxySQL 防火墙白名单

    ProxySQL 2.0.9 引入了防火墙功能. 在从早期版本版本中,可以通过设置查询规则来创建要阻止的黑名单,或者定义通用规则,实现白名单功能. 但是,如果面对的系统有非常多而且操作内容也不同,这时 ...

  5. MinIO Client完全指南

    官方文档地址:http://docs.minio.org.cn/docs/master/minio-client-complete-guide 下载,添加云存储服务参考这篇文章:https://www ...

  6. 使用nginx反向代理RabbitMQ的web界面

    直接贴nginx的conf配置: server { listen 80; server_name www.xxxxx.com; location / { client_body_buffer_size ...

  7. 使用 systemd 定时器代替 cron 作业

    转载自:https://mp.weixin.qq.com/s/HpDVp1sNYve8b7OdoHdGNw 创建一个定时器 首先,创建一个运行基础东西的简单的服务,例如 free 命令.举个例子,你可 ...

  8. sql中更换函数REPLACE

    update <表名> ser <更换的列名> replace(<更换的列名>,'<更换前的对象>','<更换后的对象>') 例 updat ...

  9. HDU1114 Piggy-Bank (完全背包)

    完全背包模板,和01背包相比不用倒推,因为一种可以选多个. 这道题求最小,dp数组初始化为无穷即可. 1 #include<iostream> 2 #include<cstring& ...

  10. 人生苦短,我用 python 之入门篇

    Python 是一种跨平台的,开源的,免费的,解释型的高级编程语言,它具有丰富和强大的库,其应用领域也非常广泛,在 web 编程/图形处理/黑客编程/大数据处理/网络爬虫和科学计算等领域都能找到其身影 ...