From b13014c9ab32994b8d5cccc3434e4a409bfb3092 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Sat, 11 Mar 2017 11:21:07 -0800 Subject: [PATCH] Expand variables in .conf except when upgrading Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Config.pm | 37 +++++++++++++++++------------- 1 file changed, 21 insertions(+), 16 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm index 8e722cc47..705690ba3 100644 --- a/Shorewall/Perl/Shorewall/Config.pm +++ b/Shorewall/Perl/Shorewall/Config.pm @@ -5445,9 +5445,11 @@ sub process_shorewall_conf( $$ ) { # Don't expand shell variables or allow embedded scripting # while ( read_a_line( STRIP_COMMENTS | SUPPRESS_WHITESPACE | CHECK_GUNK ) ) { - if ( $currentline =~ /^\s*([a-zA-Z]\w*)=(.*?)\s*$/ ) { + if ( $currentline =~ /^\s*([a-zA-Z]\w*)=(.*)$/ ) { my ($var, $val) = ($1, $2); + expand_variables( $val ) unless $update || $val =~ /^'.*'$/; + if ( exists $config{$var} ) { if ( $eliminated{$var} && ! $update ) { fatal_error "The $var configuration option has been superceded - please run '$product update'"; @@ -5464,6 +5466,7 @@ sub process_shorewall_conf( $$ ) { next; } + $config{$var} = ( $val =~ /\"([^\"]*)\"$/ ? $1 : $val ); warning_message "Option $var=$val is deprecated" @@ -5484,24 +5487,26 @@ sub process_shorewall_conf( $$ ) { # # Now update the config file if asked # - update_config_file( $annotate ) if $update; - # - # Config file update requires that the option values not have - # Shell variables expanded. We do that now. - # - # We must first make LOG_LEVEL a variable because the order in which - # the values are processed below is not the order in which they appear - # in the config file. - # - $config{LOG_LEVEL} = '' unless defined $config{LOG_LEVEL}; + if ( $update ) { + update_config_file( $annotate ); + # + # Config file update requires that the option values not have + # Shell variables expanded. We do that now. + # + # We must first make LOG_LEVEL a variable because the order in which + # the values are processed below is not the order in which they appear + # in the config file. + # + $config{LOG_LEVEL} = '' unless defined $config{LOG_LEVEL}; - my %log_level = ( LOG_LEVEL => $config{LOG_LEVEL} ); + my %log_level = ( LOG_LEVEL => $config{LOG_LEVEL} ); - add_variables( %log_level ); + add_variables( %log_level ); - for ( values %config ) { - if ( supplied $_ ) { - expand_variables( $_ ) unless /^'(.+)'$/; + for ( values %config ) { + if ( supplied $_ ) { + expand_variables( $_ ) unless /^'.*'$/; + } } } }