Fix erroneous microk8s join invocations by adding validation (#4397)

Author: skatsaounis

.gitignore

@@ -15,6 +15,7 @@ tests/__pycache__
 /installer/**/__pycache__
 /installer/dist/
 /installer/build/
+.tox/
 .tox_env/
 __pycache__/
 microk8s_*.txt #Remote build log

scripts/wrappers/add_token.py

@@ -6,7 +6,7 @@
 import argparse
 import subprocess
 
-from common.cluster.utils import is_node_running_dqlite
+from common.cluster.utils import is_node_running_dqlite, TOKEN_ΜΙΝ_LEN
 
 try:
     from secrets import token_hex
@@ -165,7 +165,7 @@ def print_short(token, check):
     else:
         token = token_hex(16)
 
-    if len(token) < 32:
+    if len(token) < TOKEN_ΜΙΝ_LEN:
         print("Invalid token size.  It must be 32 characters long.")
         exit(1)
 

scripts/wrappers/common/cluster/utils.py

@@ -1,5 +1,6 @@
 import base64
 import datetime
+import ipaddress
 import json
 import os
 import random
@@ -14,6 +15,13 @@
 
 import yaml
 
+FINGERPRINT_MIN_LEN = 12
+TOKEN_ΜΙΝ_LEN = 32
+
+
+class InvalidConnectionError(Exception):
+    pass
+
 
 def is_strict():
     snap_yaml = snap() / "meta/snap.yaml"
@@ -544,3 +552,45 @@ def rebuild_x509_auth_client_configs():
         stdout=subprocess.DEVNULL,
         stderr=subprocess.DEVNULL,
     )
+
+
+def get_valid_connection_parts(connection):
+    """
+    Ensure that connection has a valid format <master_ip>:<master_port>/<token>[/<fingerprint>]
+
+    :param connection: the connection string
+    :return: connection parts
+    :raise:
+        InvalidConnectionError: if connection string is not valid
+    """
+    connection_parts = connection.split("/")
+
+    if len(connection_parts) not in range(2, 3):
+        raise InvalidConnectionError(
+            "Expected format: <master_IP>:<master_PORT>/<token>[/<fingerprint>]"
+        )
+
+    master_ep = connection_parts[0].split(":")
+    if len(master_ep) != 2:
+        raise InvalidConnectionError(
+            "Expected format: <master_IP>:<master_PORT>/<token>[/<fingerprint>]"
+        )
+
+    try:
+        ipaddress.ip(master_ep[0])
+    except ValueError:
+        raise InvalidConnectionError("Invalid master IP")
+
+    try:
+        if int(master_ep[1]) not in range(1, 65535):
+            raise InvalidConnectionError("Master PORT not in range 1:65535")
+    except ValueError:
+        raise InvalidConnectionError("Master PORT not a number")
+
+    if len(connection_parts[1]) < TOKEN_ΜΙΝ_LEN:
+        raise InvalidConnectionError(f"Cluster token size should be at least {TOKEN_ΜΙΝ_LEN} bytes")
+
+    if len(connection_parts) == 3 and len(connection_parts[2]) < FINGERPRINT_MIN_LEN:
+        raise InvalidConnectionError(f"Fingerprint should be at least {FINGERPRINT_MIN_LEN} bytes")
+
+    return connection_parts

scripts/wrappers/join.py

@@ -23,6 +23,7 @@
     get_cluster_agent_port,
     get_cluster_cidr,
     get_token,
+    get_valid_connection_parts,
     is_low_memory_guard_enabled,
     is_node_running_dqlite,
     is_token_auth_enabled,
@@ -34,6 +35,8 @@
     try_set_file_permissions,
     snap,
     snap_data,
+    FINGERPRINT_MIN_LEN,
+    InvalidConnectionError,
 )
 
 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
@@ -53,8 +56,6 @@
 cluster_cert_file = "{}/cluster.crt".format(cluster_dir)
 cluster_key_file = "{}/cluster.key".format(cluster_dir)
 
-FINGERPRINT_MIN_LEN = 12
-
 
 def get_traefik_port():
     """
@@ -969,7 +970,12 @@ def join(connection, worker, skip_verify, disable_low_memory_guard):
 
     CONNECTION: the cluster connection endpoint in format <master>:<port>/<token>
     """
-    connection_parts = connection.split("/")
+    try:
+        connection_parts = get_valid_connection_parts(connection)
+    except InvalidConnectionError as err:
+        print("Invalid connection:", err)
+        sys.exit(1)
+
     verify = not skip_verify
 
     if is_low_memory_guard_enabled() and disable_low_memory_guard: