chore: factorize user@host:port display in machine_display()

bin/helper/osh-accountModifyPersonalAccess

@@ -81,9 +81,7 @@ if (not grep { $action eq $_ } qw{ add del }) {
 #<PARAMS:ACTION
 
 #>CODE
-my $machine = $ip;
+my $machine = OVH::Bastion::machine_display(ip => $ip, port => $port, user => $user)->value;
-$port and $machine .= ":$port";
-$user and $machine = $user . '@' . $machine;
 
 my $plugin = ($target eq 'self' ? 'self' : 'account') . 'AddPersonalAccess';
 

bin/helper/osh-groupAddServer

@@ -86,9 +86,7 @@ $fnret = OVH::Bastion::Helper::acquire_lock($lock_fh);
 $fnret or HEXIT($fnret);
 
 #>CODE
-my $machine = $ip;
+my $machine = OVH::Bastion::machine_display(ip => $ip, port => $port, user => $user)->value;
-$port and $machine .= ":$port";
-$user and $machine = $user . '@' . $machine;
 
 # access_modify validates all its parameters, don't do it ourselves here for clarity
 $fnret = OVH::Bastion::access_modify(

bin/shell/osh.pl

@@ -1131,7 +1131,11 @@ $user = $user || $config->{'defaultLogin'} || $remoteself || $sysself;
 # log request
 osh_debug("final request : " . "$user\@$ip -p $port -- $command'\n");
 
-my $displayLine = "$hostfrom:$portfrom => $self\@$bastionhost:$bastionport => $user\@$hostto:$port";
+my $displayLine = sprintf("%s => %s => %s",
+    OVH::Bastion::machine_display(ip => $hostfrom,    port => $portfrom)->value,
+    OVH::Bastion::machine_display(ip => $bastionhost, port => $bastionport, user => $self)->value,
+    OVH::Bastion::machine_display(ip => $hostto,      port => $port, user => $user)->value,
+);
 
 if (!$quiet) {
     osh_print("$displayLine ...");

lib/perl/OVH/Bastion.pm

@@ -750,6 +750,19 @@ sub is_valid_remote_user {
     return R('ERR_INVALID_PARAMETER', msg => "Specified user doesn't seem to be valid");
 }
 
+sub machine_display {
+    my %params = @_;
+    my $ip     = $params{'ip'};
+    my $port   = $params{'port'};
+    my $user   = $params{'user'};
+
+    my $machine = (index($ip, ':') >= 0 ? "[$ip]" : $ip);
+    $machine .= ":$port" if $port;
+    $machine = $user . '@' . $machine if $user;
+
+    return R('OK', value => $machine);
+}
+
 sub touch_file {
     my $file  = shift;
     my $perms = shift;

lib/perl/OVH/Bastion/Plugin/groupSetRole.pm

@@ -206,10 +206,12 @@ sub act {
 
                 # foreach guest access, delete
                 foreach my $access (@acl) {
-                    my $machine = $access->{'ip'};
+                    my $machine = OVH::Bastion::machine_display(
-                    $machine .= ':' . $access->{'port'} if defined $access->{'port'};
+                        ip   => $access->{'ip'},
-                    $machine = $access->{'user'} . '@' . $machine if defined $access->{'user'};
+                        port => $access->{'port'},
-                    $fnret   = OVH::Bastion::Plugin::groupSetRole::act(
+                        user => $access->{'user'}
+                    )->value;
+                    $fnret = OVH::Bastion::Plugin::groupSetRole::act(
                         account => $account,
                         group   => $shortGroup,
                         action  => 'del',
@@ -251,9 +253,7 @@ sub act {
 
         # in that case, we need to handle the add/del of the guest access to $user@$host:$port
         # check if group has access to $user@$ip:$port
-        my $machine = $host;
+        my $machine = OVH::Bastion::machine_display(ip => $host, port => $port, user => $user)->value;
-        $port and $machine .= ":$port";
-        $user and $machine = $user . '@' . $machine;
         osh_debug(
             "groupSetRole::act, checking if group $group has access to $machine to $action $type access to $account");
 

lib/perl/OVH/Bastion/Plugin/otherProtocol.pm

@@ -27,7 +27,7 @@ sub has_protocol_access {
         return R('ERR_MISSING_PARAMETERS', msg => "Missing mandatory parameters for has_protocol_access");
     }
 
-    my $machine = "$user\@$ip:$port";
+    my $machine = OVH::Bastion::machine_display(ip => $ip, port => $port, user => $user)->value;
 
     my %keys;
     osh_debug("Checking access 1/2 of $account to $machine...");

lib/perl/OVH/Bastion/allowdeny.inc

@@ -918,9 +918,7 @@ sub is_access_granted {
 
     return R('OK', value => \@grants) if @grants;
 
-    my $machine = $ip;
+    my $machine = OVH::Bastion::machine_display(ip => $ip, port => $port, user => $user)->value;
-    $machine .= ":$port" if $port;
-    $machine = $user . '@' . $machine if $user;
     return R('KO_ACCESS_DENIED', msg => "Access denied for $account to $machine");
 }
 

lib/perl/OVH/Bastion/allowkeeper.inc

@@ -582,10 +582,8 @@ sub access_modify {
         }
 
         # build the line we're either adding or looking for (to delete it)
-        my $entry = $ip;
+        my $machine = OVH::Bastion::machine_display(ip => $ip, port => $port, user => $user)->value;
-        $entry = $user . "@" . $entry if defined $user;
+        my $entry   = $machine;
-        $entry = $entry . ":" . $port if defined $port;
-        my $machine = $entry;
 
         my $t            = localtime(time);
         my $fmt          = "%Y-%m-%d %H:%M:%S";