From 9abe60bc27fb330090b7f67cea7bc6ddec4804b0 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Sat, 14 Dec 2013 17:54:10 -0800
Subject: [PATCH] Implement the -i option of upgrade

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall-core/lib.cli               |   2 +
 Shorewall/Perl/Shorewall/Compiler.pm |   7 +-
 Shorewall/Perl/Shorewall/Config.pm   | 118 ++++++++++++++++++++++++---
 Shorewall/Perl/compiler.pl           |   8 +-
 Shorewall/lib.cli-std                |   5 ++
 5 files changed, 125 insertions(+), 15 deletions(-)

diff --git a/Shorewall-core/lib.cli b/Shorewall-core/lib.cli
index b54b33209..4d4e4e4fe 100644
--- a/Shorewall-core/lib.cli
+++ b/Shorewall-core/lib.cli
@@ -3506,6 +3506,8 @@ shorewall_cli() {
     g_conditional=
     g_file=
     g_doing="Compiling"
+    g_directives
+    g_inline
 
     VERBOSE=
     VERBOSITY=1
diff --git a/Shorewall/Perl/Shorewall/Compiler.pm b/Shorewall/Perl/Shorewall/Compiler.pm
index a6ff12195..1002fffe2 100644
--- a/Shorewall/Perl/Shorewall/Compiler.pm
+++ b/Shorewall/Perl/Shorewall/Compiler.pm
@@ -581,8 +581,8 @@ EOF
 #
 sub compiler {
 
-    my ( $scriptfilename, $directory, $verbosity, $timestamp , $debug, $chains , $log , $log_verbosity, $preview, $confess , $update , $annotate , $convert, $config_path, $shorewallrc                      , $shorewallrc1 , $directives ) =
-       ( '',              '',         -1,          '',          0,      '',       '',   -1,             0,        0,         0,        0,        , 0       , ''          , '/usr/share/shorewall/shorewallrc', ''            , 0 );
+    my ( $scriptfilename, $directory, $verbosity, $timestamp , $debug, $chains , $log , $log_verbosity, $preview, $confess , $update , $annotate , $convert, $config_path, $shorewallrc                      , $shorewallrc1 , $directives, $inline ) =
+       ( '',              '',         -1,          '',          0,      '',       '',   -1,             0,        0,         0,        0,        , 0       , ''          , '/usr/share/shorewall/shorewallrc', ''            , 0 ,          0 );
 
     $export         = 0;
     $test           = 0;
@@ -620,6 +620,7 @@ sub compiler {
 		  update        => { store => \$update,        validate=> \&validate_boolean    } ,
 		  convert       => { store => \$convert,       validate=> \&validate_boolean    } ,
 		  annotate      => { store => \$annotate,      validate=> \&validate_boolean    } ,
+		  inline        => { store => \$inline,        validate=> \&validate_boolean    } ,
 		  directives    => { store => \$directives,    validate=> \&validate_boolean    } ,
 		  config_path   => { store => \$config_path } ,
 		  shorewallrc   => { store => \$shorewallrc } ,
@@ -659,7 +660,7 @@ sub compiler {
     #
     #                      S H O R E W A L L . C O N F  A N D  C A P A B I L I T I E S
     #
-    get_configuration( $export , $update , $annotate , $directives );
+    get_configuration( $export , $update , $annotate , $directives , $inline );
     #
     # Create a temp file to hold the script
     #
diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index 2721d6476..dfde0d0f4 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -5145,7 +5145,8 @@ sub export_params() {
 #
 # Walk the CONFIG_PATH converting FORMAT and COMMENT lines to compiler directives
 #
-sub convert_to_directives() {
+sub convert_to_directives( $ ) {
+    my $inline_matches = $_[0];
     my $sharedir = $shorewallrc{SHAREDIR};
     #
     # Make a copy of @config_path so that the for-loop below doesn't clobber that list
@@ -5158,6 +5159,97 @@ sub convert_to_directives() {
 
     progress_message3 "Converting 'FORMAT' and 'COMMENT' lines to compiler directives...";
 
+    for my $dir ( @path ) {
+	unless ( $dir =~ /$dirtest/ ) {
+	    if ( ! -w $dir ) {
+		warning_message "$dir not processed (not writeable)";
+	    } else {
+		$dir =~ s|/+$||;
+
+		opendir( my $dirhandle, $dir ) || fatal_error "Cannot open directory $dir for reading:$!";
+
+		while ( my $file = readdir( $dirhandle ) ) {
+		    unless ( $file eq 'capabilities'       ||
+			     $file eq 'params'             ||
+			     $file =~ /^shorewall6?.conf$/ ||
+			     $file =~ /\.bak$/ ) {
+			$file = "$dir/$file";
+		
+			if ( -f $file && -w _ ) {
+			    #
+			    # writeable regular file
+			    #
+			    my $result;
+
+			    if ( $inline_matches ) {
+				$result = system << "EOF";
+perl -pi.bak -e '
+/^\\s*FORMAT\\s*/ && s/FORMAT/?FORMAT/;
+if ( /^\\s*COMMENT\\s+/ ) {
+    s/COMMENT/?COMMENT/;
+} elsif ( /^\\s*COMMENT\\s*\$/ ) {
+    s/COMMENT/?COMMENT/;
+}' $file
+EOF
+			    } else {
+				$result = system << "EOF";
+perl -pi.bak -e '
+/^\\s*FORMAT\\s*/ && s/FORMAT/?FORMAT/;
+if ( /^\\s*COMMENT\\s+/ ) {
+    s/COMMENT/?COMMENT/;
+} elsif ( /^\\s*COMMENT\\s*\$/ ) {
+    s/COMMENT/?COMMENT/;
+}
+
+unless ( /^\\s*INLINE[( \\t]/ ) {
+    if ( /^(.+?);(\\s*.*?)(\\s*#.*)?$/ ) {
+	$_  = "$1\\{$2 \\}";
+	$_ .= $3 if defined $3 && $2 ne "";
+	$_ .= "\\n";
+    }
+}' $file
+EOF
+			}
+
+			    if ( $result == 0 ) {
+				if ( system( "diff -q $file ${file}.bak > /dev/null" ) ) {
+				    progress_message3 "   File $file updated - old file renamed ${file}.bak";
+				} elsif ( rename "${file}.bak" , $file ) {
+				    progress_message "   File $file not updated -- no bare 'COMMENT' or 'FORMAT' lines found";
+				} else {
+				    warning message "Unable to rename ${file}.bak to $file:$!";
+				}
+			    } else {
+				warning_message ("Unable to update file ${file}.bak:$!" );
+			    }
+			} else {
+			    warning_message( "$file skipped (not writeable)" ) unless -d _;
+			}
+		    }
+		}
+
+		closedir $dirhandle;
+	    }
+	}
+    }
+}
+
+#
+# Walk the CONFIG_PATH converting '; <column>=<value>[,...]' lines to '{<column>=<value>[,...]}'
+#
+sub convert_alternative_format() {
+    my $sharedir = $shorewallrc{SHAREDIR};
+    #
+    # Make a copy of @config_path so that the for-loop below doesn't clobber that list
+    #
+    my @path = @config_path;
+
+    $sharedir =~ s|/+$||;
+
+    my $dirtest = qr|^$sharedir/+shorewall6?(?:/.*)?$|;
+
+    progress_message3 "Converting '; <column>=<value>[,...]' lines to '{<column>=<value>[,...]}...";
+
     for my $dir ( @path ) {
 	unless ( $dir =~ /$dirtest/ ) {
 	    if ( ! -w $dir ) {
@@ -5179,12 +5271,14 @@ sub convert_to_directives() {
 			    # writeable regular file
 			    #
 			    my $result = system << "EOF";
-perl -pi.bak -e '/^\\s*FORMAT\\s*/ && s/FORMAT/?FORMAT/;
-                 if ( /^\\s*COMMENT\\s+/ ) {
-                     s/COMMENT/?COMMENT/;
-                 } elsif ( /^\\s*COMMENT\\s*\$/ ) {
-                     s/COMMENT/?COMMENT/;
-                 }' $file
+perl -pi.bak -e '
+unless ( /^\\s*INLINE[( \\t]/ ) {
+    if ( /^(.+?);(\\s*.*?)(\\s*#.*)?$/ ) {
+	$_  = "$1\\{$2 \\}";
+	$_ .= $3 if defined $3 && $2 ne "";
+	$_ .= "\\n";
+    }
+}' $file
 EOF
 			    if ( $result == 0 ) {
 				if ( system( "diff -q $file ${file}.bak > /dev/null" ) ) {
@@ -5215,9 +5309,9 @@ EOF
 # - Read the capabilities file, if any
 # - establish global hashes %params, %config , %globals and %capabilities
 #
-sub get_configuration( $$$$ ) {
+sub get_configuration( $$$$$ ) {
 
-    my ( $export, $update, $annotate, $directives ) = @_;
+    my ( $export, $update, $annotate, $directives, $inline ) = @_;
 
     $globals{EXPORT} = $export;
 
@@ -5898,7 +5992,11 @@ sub get_configuration( $$$$ ) {
 	$variables{$var} = $config{$val};
     }
 
-    convert_to_directives if $directives;
+    if ( $directives ) {
+	convert_to_directives(0);
+    } else {
+	convert_alternative_format;
+    }
 
     cleanup_iptables if $sillyname && ! $config{LOAD_HELPERS_ONLY};
 }
diff --git a/Shorewall/Perl/compiler.pl b/Shorewall/Perl/compiler.pl
index 3e614e6f5..1541c0b74 100755
--- a/Shorewall/Perl/compiler.pl
+++ b/Shorewall/Perl/compiler.pl
@@ -40,6 +40,7 @@
 #         --shorewallrc=<path>        # Path to global shorewallrc file.
 #         --shorewallrc1=<path>       # Path to export shorewallrc file.
 #         --config_path=<path-list>   # Search path for config files
+#         --inline                    # Update alternative column specifications
 #
 use strict;
 use FindBin;
@@ -73,10 +74,10 @@ usage: compiler.pl [ <option> ... ] [ <filename> ]
     [ --shorewallrc=<pathname> ]
     [ --shorewallrc1=<pathname> ]
     [ --config_path=<path-list> ]
-
+    [ --inline ]
 _EOF_
 
-    exit shift @_;
+exit shift @_;
 }
 
 #
@@ -102,6 +103,7 @@ my $directives    = 0;
 my $config_path   = '';
 my $shorewallrc   = '';
 my $shorewallrc1  = '';
+my $inline        = 0;
 
 Getopt::Long::Configure ('bundling');
 
@@ -134,6 +136,7 @@ my $result = GetOptions('h'               => \$help,
 			'u'               => \$update,
 			'update'          => \$update,
 			'convert'         => \$convert,
+			'inline'          => \$inline,
 			'config_path=s'   => \$config_path,
 			'shorewallrc=s'   => \$shorewallrc,
 			'shorewallrc1=s'  => \$shorewallrc1,
@@ -162,4 +165,5 @@ compiler( script          => $ARGV[0] || '',
 	  config_path     => $config_path,
 	  shorewallrc     => $shorewallrc,
 	  shorewallrc1    => $shorewallrc1,
+	  inline          => $inline
 	);
diff --git a/Shorewall/lib.cli-std b/Shorewall/lib.cli-std
index b8bcd83bd..81034e7bc 100644
--- a/Shorewall/lib.cli-std
+++ b/Shorewall/lib.cli-std
@@ -422,6 +422,7 @@ compiler() {
     [ -n "$g_convert" ] && options="$options --convert"
     [ -n "$g_annotate" ] && options="$options --annotate"
     [ -n "$g_directives" ] && options="$options --directives"
+    [ -n "$g_inline" ] && options="$options --inline"
 
     if [ -n "$PERL" ]; then
 	if [ ! -x "$PERL" ]; then
@@ -824,6 +825,10 @@ update_command() {
 			    g_directives=Yes
 			    option=${option#D}
 			    ;;
+			i*)
+			    g_inline=Yes
+			    option=${option#i}
+			    ;;
 			*)
 			    usage 1
 			    ;;