V8.00.000.2025.06.17

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>

func/2015_helper_modules.sh

@@ -0,0 +1,211 @@
+#!/bin/bash
+# SPDX-Version: 3.0
+# SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; <msw@coresecret.dev>
+# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git
+# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
+# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
+# SPDX-FileType: SOURCE
+# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
+# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
+# SPDX-PackageName: CISS.debian.installer
+# SPDX-Security-Contact: security@coresecret.eu
+
+#######################################
+# Wrapper for executing commands in the desired chroot environment.
+# Globals:
+#   TERM
+# Arguments:
+#   $1: Target of the chroot environment.
+#   $@: Commands and options and parameters to be executed in chroot.
+#######################################
+do_in_target() {
+  declare var_chroot_target="$1"; shift
+  declare ary_chroot_command=("$@")
+  do_log "info" "false" "Executing in the target system '${var_chroot_target}' command: '${ary_chroot_command[*]}'."
+  chroot "${var_chroot_target}" /usr/bin/env -i \
+    HOME=/root \
+    PATH=/usr/sbin:/usr/bin:/sbin:/bin \
+    TERM="${TERM}" \
+    "${ary_chroot_command[@]}"
+}
+
+#######################################
+# Wrapper around 'printf' for clean code.
+# Globals:
+#   C_RES
+# Arguments:
+#   $1: One of "${C_BLA}" | "${C_RED}" | "${C_GRE}" | "${C_YEL}" | "${C_BLU}" | "${C_MAG}" | "${C_CYA}" | "${C_WHI}"
+#   $2: Text string to print on terminal.
+#######################################
+do_print_color() {
+  printf "%s\n" "${1}${2}${C_RES}"
+}
+
+#######################################
+# Wrapper around 'printf' for clean, uniform terminal output and line fold for long text strings for better readability.
+# Globals:
+#   C_RES
+# Arguments:
+#   $1: One of "${C_BLA}" | "${C_RED}" | "${C_GRE}" | "${C_YEL}" | "${C_BLU}" | "${C_MAG}" | "${C_CYA}" | "${C_WHI}"
+#   $2: Text string to print on terminal.
+#######################################
+do_print_fold() {
+  declare var_color="$1"; shift
+  declare var_msg_string="$*"
+  declare var_formatted_String="${var_color}${var_msg_string}${C_RES}"
+  printf "%b\n" "${var_formatted_String}" | fold -s -w 76 | sed '1! s/^/    /'
+}
+
+#######################################
+# Wrapper around 'printf' for logfile redirect.
+# Arguments:
+#   $1: Text string to redirect to a log file.
+#######################################
+do_print_log() {
+  printf "%s\n" "${1}"
+}
+
+#######################################
+# Helper Module to generate a Subnet Mask out of an IP in CCDIR Notation.
+# Arguments:
+#   $1: IPv4 in CCDIR Notation, e.g.,: 192.168.128.128/24
+# Returns:
+#   0 : In every case a zero return value is delivered.
+#######################################
+generate_subnetmask() {
+  declare var_arg="$1"
+  declare var_prefix="${var_arg#*/}"
+  declare var_mask_int=""
+  declare var_has_ipv4_subnet=""
+  var_mask_int=$((0xFFFFFFFF << (32 - var_prefix) & 0xFFFFFFFF))
+  var_has_ipv4_subnet=$(printf "%d.%d.%d.%d" \
+    $(((var_mask_int >> 24) & 0xFF)) \
+    $(((var_mask_int >> 16) & 0xFF)) \
+    $(((var_mask_int >> 8) & 0xFF)) \
+    $((var_mask_int & 0xFF)))
+  echo "${var_has_ipv4_subnet}"
+  return 0
+}
+
+#######################################
+# Converts characters such as spaces, inverted commas, backslashes, and other special
+# characters so that they can be safely used as arguments in a shell command.
+# Arguments:
+#   $1: String to sanitize.
+#######################################
+sanitize_input() {
+  # shellcheck disable=SC2155
+  declare var_safe_out=$(printf "%q" "$1")
+  echo "${var_safe_out}"
+}
+
+#######################################
+# Remove any leading or trailing whitespace.
+# Arguments:
+#   $1: String to clean.
+#######################################
+remove_whitespace() {
+  # shellcheck disable=SC2155
+  declare var_out=$(printf "%s" "$1" | xargs)
+  echo "${var_out}"
+}
+
+#######################################
+# Function to escape all shell metacharacters
+# Arguments:
+#   $1: String to Sanitize
+#######################################
+sanitize_shell_literal() {
+  declare input="$1"
+  ### %q quotes the string so that the shell re-reads it as the original literal
+  printf '%q' "${input}"
+}
+
+#######################################
+# Function to remove any character not in the allowed set
+# Arguments:
+#   $1: String to Sanitize
+#######################################
+sanitize_string() {
+  declare input="$1"
+  ### Define allowed characters:
+  ### letters, digits, dot, underscore, slash, equals, [, ], colon, double-quote, hyphen, space.
+  declare allowed='a-zA-Z0-9._/=\[\]:"\-+ '
+  printf '%s' "${input}" | tr -cd "${allowed}"
+}
+
+#######################################
+# Helper module for full upgrade, autoremove and autoclean.
+# Arguments:
+#   None
+#######################################
+update_upgrade() {
+  apt-get update -y
+  apt-get upgrade -y
+  apt-get autoclean -y
+  apt-get autopurge -y
+  apt-get autoremove -y
+}
+
+#######################################
+# Wrapper for secure curl.
+# Globals:
+#   ERR_DOWNLOAD_FAILED
+#   ERR_NO_DOWNLOAD_ARG
+# Arguments:
+#   $1: URL from which to download a specific file.
+#   $2: /path/to/file to be saved to.
+# Returns:
+#   ${ERR_DOWNLOAD_FAILED}: Download failed.
+#   ${ERR_NO_DOWNLOAD_ARG}: No arguments specified.
+#######################################
+scurl() {
+  if [[ $# -ne 2 ]]; then
+    do_log "error" "false" "Usage: scurl <URL> <path/to/file>"
+    return "${ERR_NO_DOWNLOAD_ARG}"
+  fi
+  declare url="$1"
+  declare output_path="$2"
+  if ! curl --doh-url "https://dns01.eddns.eu/dns-query" \
+            --doh-cert-status \
+            --tlsv1.3 \
+            -sSf \
+            -o "${output_path}" \
+            "${url}"
+  then
+    do_log "error" "false" "Download failed for URL: '${1}'."
+    return "${ERR_DOWNLOAD_FAILED}"
+  fi
+}
+
+#######################################
+# Wrapper for secure wget.
+# Globals:
+#   ERR_DOWNLOAD_FAILED
+#   ERR_NO_DOWNLOAD_ARG
+# Arguments:
+#   $1: URL from which to download a specific file.
+#   $2: /path/to/file to be saved to.
+# Returns:
+#   ${ERR_DOWNLOAD_FAILED}: Download failed.
+#   ${ERR_NO_DOWNLOAD_ARG}: No arguments specified.
+#######################################
+swget() {
+  if [[ $# -ne 2 ]]; then
+    do_log "error" "false" "Usage: swget <URL> <path/to/file>"
+    return "${ERR_NO_DOWNLOAD_ARG}"
+  fi
+  declare url="$1"
+  declare output_path="$2"
+  if ! wget --show-progress \
+            --no-clobber \
+            --https-only \
+            --secure-protocol=TLSv1_3 \
+            -qO "${output_path}" \
+            "${url}"
+  then
+    do_log "error" "false" "Download failed for URL: '${1}'."
+    return "${ERR_DOWNLOAD_FAILED}"
+  fi
+}
+# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh