extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-20 09:47:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

Make options argument to read_a_line manditory

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2012-04-14 08:04:28 -07:00
parent 2d1a12f016
commit 24e2fe4a04
12 changed files with 59 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall/Perl/Shorewall/Accounting.pm
View File

@ -394,7 +394,7 @@ sub setup_accounting() {
my $nonEmpty = 0; my $nonEmpty = 0;
$nonEmpty |= process_accounting_rule while read_a_line; $nonEmpty |= process_accounting_rule while read_a_line( NORMAL_READ );
clear_comment; clear_comment;

2
Shorewall/Perl/Shorewall/Compiler.pm
View File

@ -354,7 +354,7 @@ sub generate_script_3($) {
emit 'cat > ${VARDIR}/.modules << EOF'; emit 'cat > ${VARDIR}/.modules << EOF';
open_file $fn; open_file $fn;
emit_unindented $currentline while read_a_line; emit_unindented $currentline while read_a_line( NORMAL_READ );
emit_unindented 'EOF'; emit_unindented 'EOF';
emit '', 'reload_kernel_modules < ${VARDIR}/.modules'; emit '', 'reload_kernel_modules < ${VARDIR}/.modules';

58
Shorewall/Perl/Shorewall/Config.pm
View File

@ -158,6 +158,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_script
SUPPRESS_WHITESPACE SUPPRESS_WHITESPACE
CONFIG_CONTINUATION CONFIG_CONTINUATION
DO_INCLUDE DO_INCLUDE
NORMAL_READ
) ] ); ) ] );
Exporter::export_ok_tags('internal'); Exporter::export_ok_tags('internal');
@ -447,16 +448,18 @@ my $ifstack;
# #
our %shorewallrc; our %shorewallrc;
# #
# read_a_line flags # read_a_line options
# #
use constant { PLAIN_READ => 0, use constant { PLAIN_READ => 0, # No read_a_line options
EMBEDDED_ENABLED => 1, EMBEDDED_ENABLED => 1, # Look for embedded Shell and Perl
EXPAND_VARIABLES => 2, EXPAND_VARIABLES => 2, # Expand Shell variables
STRIP_COMMENTS => 4, STRIP_COMMENTS => 4, # Remove comments
SUPPRESS_WHITESPACE => 8, SUPPRESS_WHITESPACE => 8, # Ignore blank lines
CHECK_GUNK => 16, CHECK_GUNK => 16, # Look for unprintable characters
CONFIG_CONTINUATION => 32, CONFIG_CONTINUATION => 32, # Suppress leading whitespace if
DO_INCLUDE => 64, # continued line ends in ',' or ':'
DO_INCLUDE => 64, # Look for INCLUDE <filename>
NORMAL_READ => -1 # All options
}; };
sub process_shorewallrc($); sub process_shorewallrc($);
@ -1354,9 +1357,7 @@ sub find_file($)
return $filename if $filename =~ '/'; return $filename if $filename =~ '/';
my $directory; for my $directory ( @config_path ) {
for $directory ( @config_path ) {
my $file = "$directory$filename"; my $file = "$directory$filename";
return $file if -f $file; return $file if -f $file;
} }
@ -1953,7 +1954,7 @@ sub first_entry( $ ) {
assert( $reftype eq 'CODE' ) if $reftype; assert( $reftype eq 'CODE' ) if $reftype;
} }
sub read_a_line(;$); sub read_a_line($);
sub embedded_shell( $ ) { sub embedded_shell( $ ) {
my $multiline = shift; my $multiline = shift;
@ -2171,15 +2172,8 @@ sub handle_first_entry() {
# - Handle ?IF, ?ELSE, ?ENDIF # - Handle ?IF, ?ELSE, ?ENDIF
# #
sub read_a_line(;$) { sub read_a_line($) {
my $flags = defined $_[0] ? $_[0] : -1; my $options = $_[0];
my $embedded_enabled = $flags & EMBEDDED_ENABLED;
my $expand_variables = $flags & EXPAND_VARIABLES;
my $strip_comments = $flags & STRIP_COMMENTS;
my $suppress_whitespace = $flags & SUPPRESS_WHITESPACE;
my $check_gunk = $flags & CHECK_GUNK;
my $config_continuation = $flags & CONFIG_CONTINUATION;
my $do_include = $flags & DO_INCLUDE;
while ( $currentfile ) { while ( $currentfile ) {
@ -2194,12 +2188,12 @@ sub read_a_line(;$) {
# #
# Suppress leading whitespace in certain continuation lines # Suppress leading whitespace in certain continuation lines
# #
s/^\s*// if $currentline =~ /[,:]$/ && $config_continuation; s/^\s*// if $currentline =~ /[,:]$/ && $options & CONFIG_CONTINUATION;
# #
# If this is a continued line with a trailing comment, remove comment. Note that # If this is a continued line with a trailing comment, remove comment. Note that
# the result will now end in '\'. # the result will now end in '\'.
# #
s/\s*#.*$// if $strip_comments && /[\\]\s*#.*$/; s/\s*#.*$// if ($options & STRIP_COMMENTS) && /[\\]\s*#.*$/;
# #
# Continuation # Continuation
# #
@ -2222,7 +2216,7 @@ sub read_a_line(;$) {
# #
# Must check for shell/perl before doing variable expansion # Must check for shell/perl before doing variable expansion
# #
if ( $embedded_enabled ) { if ( $options & EMBEDDED_ENABLED ) {
if ( $currentline =~ s/^\s*(BEGIN\s+)?SHELL\s*;?// ) { if ( $currentline =~ s/^\s*(BEGIN\s+)?SHELL\s*;?// ) {
handle_first_entry if $first_entry; handle_first_entry if $first_entry;
embedded_shell( $1 ); embedded_shell( $1 );
@ -2238,11 +2232,11 @@ sub read_a_line(;$) {
# #
# Now remove concatinated comments # Now remove concatinated comments
# #
$currentline =~ s/\s*#.*$// if $strip_comments; $currentline =~ s/\s*#.*$// if $options & STRIP_COMMENTS;
# #
# Ignore ( concatenated ) Blank Lines after comments are removed. # Ignore ( concatenated ) Blank Lines after comments are removed.
# #
$currentline = '', $currentlinenumber = 0, next if $currentline =~ /^\s*$/ && $suppress_whitespace; $currentline = '', $currentlinenumber = 0, next if $currentline =~ /^\s*$/ && ( $options & SUPPRESS_WHITESPACE );
# #
# Line not blank -- Handle any first-entry message/capabilities check # Line not blank -- Handle any first-entry message/capabilities check
# #
@ -2250,9 +2244,9 @@ sub read_a_line(;$) {
# #
# Expand Shell Variables using %params and @actparms # Expand Shell Variables using %params and @actparms
# #
expand_variables( $currentline ) if $expand_variables; expand_variables( $currentline ) if $options & EXPAND_VARIABLES;
if ( $do_include && $currentline =~ /^\s*\??INCLUDE\s/ ) { if ( ( $options & DO_INCLUDE ) && $currentline =~ /^\s*\??INCLUDE\s/ ) {
my @line = split ' ', $currentline; my @line = split ' ', $currentline;
@ -2274,7 +2268,7 @@ sub read_a_line(;$) {
$currentline = ''; $currentline = '';
} else { } else {
fatal_error "Non-ASCII gunk in file" if $check_gunk && $currentline =~ /[^\s[:print:]]/; fatal_error "Non-ASCII gunk in file" if ( $options && CHECK_GUNK ) && $currentline =~ /[^\s[:print:]]/;
print "IN===> $currentline\n" if $debug; print "IN===> $currentline\n" if $debug;
return 1; return 1;
} }
@ -2571,7 +2565,7 @@ sub load_kernel_modules( ) {
my @suffixes = split /\s+/ , $config{MODULE_SUFFIX}; my @suffixes = split /\s+/ , $config{MODULE_SUFFIX};
while ( read_a_line ) { while ( read_a_line( NORMAL_READ ) ) {
fatal_error "Invalid modules file entry" unless ( $currentline =~ /^loadmodule\s+([a-zA-Z]\w*)\s*(.*)$/ ); fatal_error "Invalid modules file entry" unless ( $currentline =~ /^loadmodule\s+([a-zA-Z]\w*)\s*(.*)$/ );
my ( $module, $arguments ) = ( $1, $2 ); my ( $module, $arguments ) = ( $1, $2 );
unless ( $loadedmodules{ $module } ) { unless ( $loadedmodules{ $module } ) {
@ -3248,7 +3242,7 @@ sub ensure_config_path() {
add_param( CONFDIR => $globals{CONFDIR} ); add_param( CONFDIR => $globals{CONFDIR} );
while ( read_a_line ) { while ( read_a_line( NORMAL_READ ) ) {
if ( $currentline =~ /^\s*([a-zA-Z]\w*)=(.*?)\s*$/ ) { if ( $currentline =~ /^\s*([a-zA-Z]\w*)=(.*?)\s*$/ ) {
my ($var, $val) = ($1, $2); my ($var, $val) = ($1, $2);
$config{$var} = ( $val =~ /\"([^\"]*)\"$/ ? $1 : $val ) if exists $config{$var}; $config{$var} = ( $val =~ /\"([^\"]*)\"$/ ? $1 : $val ) if exists $config{$var};

12
Shorewall/Perl/Shorewall/Misc.pm
View File

@ -79,7 +79,7 @@ sub process_tos() {
} }
); );
while ( read_a_line ) { while ( read_a_line( NORMAL_READ ) ) {
my ($src, $dst, $proto, $ports, $sports , $tos, $mark ) = split_line 'tos file entry', { source => 0, dest => 1, proto => 2, dport => 3, sport => 4, tos => 5, mark => 6 } ; my ($src, $dst, $proto, $ports, $sports , $tos, $mark ) = split_line 'tos file entry', { source => 0, dest => 1, proto => 2, dport => 3, sport => 4, tos => 5, mark => 6 } ;
@ -149,7 +149,7 @@ sub setup_ecn()
warning_message 'ECN will not be applied to forwarded packets' unless have_capability 'MANGLE_FORWARD'; warning_message 'ECN will not be applied to forwarded packets' unless have_capability 'MANGLE_FORWARD';
} ); } );
while ( read_a_line ) { while ( read_a_line( NORMAL_READ ) ) {
my ($interface, $hosts ) = split_line 'ecn file entry', { interface => 0, hosts => 1 }; my ($interface, $hosts ) = split_line 'ecn file entry', { interface => 0, hosts => 1 };
@ -227,7 +227,7 @@ sub setup_blacklist() {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
while ( read_a_line ) { while ( read_a_line ( NORMAL_READ ) ) {
if ( $first_entry ) { if ( $first_entry ) {
unless ( @$zones || @$zones1 ) { unless ( @$zones || @$zones1 ) {
@ -396,7 +396,7 @@ sub convert_blacklist() {
first_entry "Converting $fn..."; first_entry "Converting $fn...";
while ( read_a_line ) { while ( read_a_line( NORMAL_READ ) ) {
my ( $networks, $protocol, $ports, $options ) = split_line 'blacklist file', { networks => 0, proto => 1, port => 2, options => 3 }; my ( $networks, $protocol, $ports, $options ) = split_line 'blacklist file', { networks => 0, proto => 1, port => 2, options => 3 };
if ( $options eq '-' ) { if ( $options eq '-' ) {
@ -554,7 +554,7 @@ sub process_routestopped() {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
while ( read_a_line ) { while ( read_a_line ( NORMAL_READ ) ) {
my ($interface, $hosts, $options , $proto, $ports, $sports ) = my ($interface, $hosts, $options , $proto, $ports, $sports ) =
split_line 'routestopped file', { interface => 0, hosts => 1, options => 2, proto => 3, dport => 4, sport => 5 }; split_line 'routestopped file', { interface => 0, hosts => 1, options => 2, proto => 3, dport => 4, sport => 5 };
@ -1097,7 +1097,7 @@ sub setup_mac_lists( $ ) {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
while ( read_a_line ) { while ( read_a_line( NORMAL_READ ) ) {
my ( $original_disposition, $interface, $mac, $addresses ) = split_line1 'maclist file', { disposition => 0, interface => 1, mac => 2, addresses => 3 }; my ( $original_disposition, $interface, $mac, $addresses ) = split_line1 'maclist file', { disposition => 0, interface => 1, mac => 2, addresses => 3 };

6
Shorewall/Perl/Shorewall/Nat.pm
View File

@ -276,7 +276,7 @@ sub setup_masq()
first_entry( sub { progress_message2 "$doing $fn..."; require_capability 'NAT_ENABLED' , 'a non-empty masq file' , 's'; } ); first_entry( sub { progress_message2 "$doing $fn..."; require_capability 'NAT_ENABLED' , 'a non-empty masq file' , 's'; } );
process_one_masq while read_a_line; process_one_masq while read_a_line( NORMAL_READ );
clear_comment; clear_comment;
} }
@ -373,7 +373,7 @@ sub setup_nat() {
first_entry( sub { progress_message2 "$doing $fn..."; require_capability 'NAT_ENABLED' , 'a non-empty nat file' , 's'; } ); first_entry( sub { progress_message2 "$doing $fn..."; require_capability 'NAT_ENABLED' , 'a non-empty nat file' , 's'; } );
while ( read_a_line ) { while ( read_a_line( NORMAL_READ ) ) {
my ( $external, $interfacelist, $internal, $allints, $localnat ) = split_line1 'nat file', { external => 0, interface => 1, internal => 2, allints => 3, local => 4 }; my ( $external, $interfacelist, $internal, $allints, $localnat ) = split_line1 'nat file', { external => 0, interface => 1, internal => 2, allints => 3, local => 4 };
@ -409,7 +409,7 @@ sub setup_netmap() {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
while ( read_a_line ) { while ( read_a_line( NORMAL_READ ) ) {
my ( $type, $net1, $interfacelist, $net2, $net3, $proto, $dport, $sport ) = split_line 'netmap file', { type => 0, net1 => 1, interface => 2, net2 => 3, net3 => 4, proto => 5, dport => 6, sport => 7 }; my ( $type, $net1, $interfacelist, $net2, $net3, $proto, $dport, $sport ) = split_line 'netmap file', { type => 0, net1 => 1, interface => 2, net2 => 3, net3 => 4, proto => 5, dport => 6, sport => 7 };

6
Shorewall/Perl/Shorewall/Providers.pm
View File

@ -1164,7 +1164,7 @@ sub process_providers( $ ) {
if ( my $fn = open_file 'providers' ) { if ( my $fn = open_file 'providers' ) {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
process_a_provider, $providers++ while read_a_line; process_a_provider, $providers++ while read_a_line( NORMAL_READ );
} }
if ( $providers ) { if ( $providers ) {
@ -1183,7 +1183,7 @@ sub process_providers( $ ) {
emit ''; emit '';
add_an_rtrule while read_a_line; add_an_rtrule while read_a_line( NORMAL_READ );
} }
$fn = open_file 'routes'; $fn = open_file 'routes';
@ -1191,7 +1191,7 @@ sub process_providers( $ ) {
if ( $fn ) { if ( $fn ) {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
emit ''; emit '';
add_a_route while read_a_line; add_a_route while read_a_line( NORMAL_READ );
} }
} }

2
Shorewall/Perl/Shorewall/Proxyarp.pm
View File

@ -120,7 +120,7 @@ sub setup_proxy_arp() {
my ( %set, %reset ); my ( %set, %reset );
while ( read_a_line ) { while ( read_a_line( NORMAL_READ ) ) {
my ( $address, $interface, $external, $haveroute, $persistent ) = my ( $address, $interface, $external, $haveroute, $persistent ) =
split_line $file_opt . 'file ', { address => 0, interface => 1, external => 2, haveroute => 3, persistent => 4 }; split_line $file_opt . 'file ', { address => 0, interface => 1, external => 2, haveroute => 3, persistent => 4 };

2
Shorewall/Perl/Shorewall/Raw.pm
View File

@ -130,7 +130,7 @@ sub setup_notrack() {
my $nonEmpty = 0; my $nonEmpty = 0;
while ( read_a_line ) { while ( read_a_line( NORMAL_READ ) ) {
my ( $source, $dest, $proto, $ports, $sports, $user ); my ( $source, $dest, $proto, $ports, $sports, $user );
if ( $format == 1 ) { if ( $format == 1 ) {

12
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -529,7 +529,7 @@ sub process_policies()
if ( my $fn = open_file 'policy' ) { if ( my $fn = open_file 'policy' ) {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
process_a_policy while read_a_line; process_a_policy while read_a_line( NORMAL_READ );
} else { } else {
fatal_error q(The 'policy' file does not exist or has zero size); fatal_error q(The 'policy' file does not exist or has zero size);
} }
@ -1394,7 +1394,7 @@ sub process_actions() {
for my $file ( qw/actions.std actions/ ) { for my $file ( qw/actions.std actions/ ) {
open_file $file; open_file $file;
while ( read_a_line ) { while ( read_a_line( NORMAL_READ ) ) {
my ( $action ) = split_line 'action file' , { action => 0 }; my ( $action ) = split_line 'action file' , { action => 0 };
if ( $action =~ /:/ ) { if ( $action =~ /:/ ) {
@ -1454,7 +1454,7 @@ sub process_action( $) {
push_comment( '' ); push_comment( '' );
while ( read_a_line ) { while ( read_a_line( NORMAL_READ ) ) {
my ($target, $source, $dest, $proto, $ports, $sports, $origdest, $rate, $user, $mark, $connlimit, $time, $headers, $condition ); my ($target, $source, $dest, $proto, $ports, $sports, $origdest, $rate, $user, $mark, $connlimit, $time, $headers, $condition );
@ -1547,7 +1547,7 @@ sub process_macro ( $$$$$$$$$$$$$$$$$$ ) {
push_open $macrofile; push_open $macrofile;
while ( read_a_line ) { while ( read_a_line( NORMAL_READ ) ) {
my ( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $morigdest, $mrate, $muser, $mmark, $mconnlimit, $mtime, $mheaders, $mcondition ); my ( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $morigdest, $mrate, $muser, $mmark, $mconnlimit, $mtime, $mheaders, $mcondition );
@ -2567,7 +2567,7 @@ sub process_rules( $ ) {
} }
); );
process_rule while read_a_line; process_rule while read_a_line( NORMAL_READ );
} }
$section = ''; $section = '';
@ -2585,7 +2585,7 @@ sub process_rules( $ ) {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
process_rule while read_a_line; process_rule while read_a_line( NORMAL_READ );
clear_comment; clear_comment;
} }

14
Shorewall/Perl/Shorewall/Tc.pm
View File

@ -1455,7 +1455,7 @@ sub process_tcfilters() {
first_entry( "$doing $fn..." ); first_entry( "$doing $fn..." );
while ( read_a_line ) { while ( read_a_line( NORMAL_READ ) ) {
if ( $currentline =~ /^\s*IPV4\s*$/ ) { if ( $currentline =~ /^\s*IPV4\s*$/ ) {
Shorewall::IPAddrs::initialize( $family = F_IPV4 ) unless $family == F_IPV4; Shorewall::IPAddrs::initialize( $family = F_IPV4 ) unless $family == F_IPV4;
} elsif ( $currentline =~ /^\s*IPV6\s*$/ ) { } elsif ( $currentline =~ /^\s*IPV6\s*$/ ) {
@ -1555,7 +1555,7 @@ sub process_tcinterfaces() {
if ( $fn ) { if ( $fn ) {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
process_simple_device while read_a_line; process_simple_device while read_a_line( NORMAL_READ );
} }
} }
@ -1573,7 +1573,7 @@ sub process_tcpri() {
warning_message "There are entries in $fn1 but $fn was empty" unless @tcdevices || $family == F_IPV6; warning_message "There are entries in $fn1 but $fn was empty" unless @tcdevices || $family == F_IPV6;
}; };
process_tc_priority while read_a_line; process_tc_priority while read_a_line( NORMAL_READ );
clear_comment; clear_comment;
@ -1604,7 +1604,7 @@ sub process_traffic_shaping() {
if ( $fn ) { if ( $fn ) {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
validate_tc_device while read_a_line; validate_tc_device while read_a_line( NORMAL_READ );
} }
$devnum = $devnum > 10 ? 10 : 1; $devnum = $devnum > 10 ? 10 : 1;
@ -1614,7 +1614,7 @@ sub process_traffic_shaping() {
if ( $fn ) { if ( $fn ) {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
validate_tc_class while read_a_line; validate_tc_class while read_a_line( NORMAL_READ );
} }
process_tcfilters; process_tcfilters;
@ -2038,7 +2038,7 @@ sub setup_tc() {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
process_tc_rule while read_a_line; process_tc_rule while read_a_line( NORMAL_READ );
clear_comment; clear_comment;
} }
@ -2049,7 +2049,7 @@ sub setup_tc() {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
process_secmark_rule while read_a_line; process_secmark_rule while read_a_line( NORMAL_READ );
clear_comment; clear_comment;
} }

2
Shorewall/Perl/Shorewall/Tunnels.pm
View File

@ -283,7 +283,7 @@ sub setup_tunnels() {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
while ( read_a_line ) { while ( read_a_line( NORMAL_READ ) ) {
my ( $kind, $zone, $gateway, $gatewayzones ) = split_line1 'tunnels file', { type => 0, zone => 1, gateway => 2, gateway_zone => 3 }; my ( $kind, $zone, $gateway, $gatewayzones ) = split_line1 'tunnels file', { type => 0, zone => 1, gateway => 2, gateway_zone => 3 };

6
Shorewall/Perl/Shorewall/Zones.pm
View File

@ -545,7 +545,7 @@ sub determine_zones()
if ( my $fn = open_file 'zones' ) { if ( my $fn = open_file 'zones' ) {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
push @z, process_zone( $ip ) while read_a_line; push @z, process_zone( $ip ) while read_a_line( NORMAL_READ );
} else { } else {
fatal_error q(The 'zones' file does not exist or has zero size); fatal_error q(The 'zones' file does not exist or has zero size);
} }
@ -1214,7 +1214,7 @@ sub validate_interfaces_file( $ ) {
if ( my $fn = open_file 'interfaces' ) { if ( my $fn = open_file 'interfaces' ) {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
push @ifaces, process_interface( $nextinum++, $export ) while read_a_line; push @ifaces, process_interface( $nextinum++, $export ) while read_a_line( NORMAL_READ );
} else { } else {
fatal_error q(The 'interfaces' file does not exist or has zero size); fatal_error q(The 'interfaces' file does not exist or has zero size);
} }
@ -1935,7 +1935,7 @@ sub validate_hosts_file()
if ( my $fn = open_file 'hosts' ) { if ( my $fn = open_file 'hosts' ) {
first_entry "$doing $fn..."; first_entry "$doing $fn...";
$ipsec |= process_host while read_a_line; $ipsec |= process_host while read_a_line( NORMAL_READ );
} }
$have_ipsec = $ipsec || haveipseczones; $have_ipsec = $ipsec || haveipseczones;