Better way of handling environmental variables with embedded quotes.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2011-09-10 15:46:26 -07:00
parent 8ce60ce825
commit e46b76789e

View File

@ -383,6 +383,12 @@ my $iptables; # Path to iptables/ip6tables
my $tc; # Path to tc my $tc; # Path to tc
my $ip; # Path to ip my $ip; # Path to ip
my $shell; # Type of shell that processed the params file
use constant { BASH => 1,
OLDBASH => 2,
ASH => 3 };
use constant { MIN_VERBOSITY => -1, use constant { MIN_VERBOSITY => -1,
MAX_VERBOSITY => 2 , MAX_VERBOSITY => 2 ,
F_IPV4 => 4, F_IPV4 => 4,
@ -3269,6 +3275,8 @@ sub get_params() {
# - Embedded double quotes are escaped with '\\' # - Embedded double quotes are escaped with '\\'
# - Valueless variables are supported (e.g., 'declare -x foo') # - Valueless variables are supported (e.g., 'declare -x foo')
# #
$shell = BASH;
for ( @params ) { for ( @params ) {
if ( /^declare -x (.*?)="(.*[^\\])"$/ ) { if ( /^declare -x (.*?)="(.*[^\\])"$/ ) {
$params{$1} = $2 unless $1 eq '_'; $params{$1} = $2 unless $1 eq '_';
@ -3277,11 +3285,11 @@ sub get_params() {
} elsif ( /^declare -x (.*)\s+$/ || /^declare -x (.*)=""$/ ) { } elsif ( /^declare -x (.*)\s+$/ || /^declare -x (.*)=""$/ ) {
$params{$1} = ''; $params{$1} = '';
} else { } else {
chomp;
if ($variable) { if ($variable) {
s/"$//; s/"$//;
$params{$variable} .= $_; $params{$variable} .= $_;
} else { } else {
chomp;
warning_message "Param line ($_) ignored" unless $bug++; warning_message "Param line ($_) ignored" unless $bug++;
} }
} }
@ -3295,6 +3303,8 @@ sub get_params() {
# - Embedded single quotes are escaped with '\' # - Embedded single quotes are escaped with '\'
# - Valueless variables ( e.g., 'export foo') are supported # - Valueless variables ( e.g., 'export foo') are supported
# #
$shell = OLDBASH;
for ( @params ) { for ( @params ) {
if ( /^export (.*?)="(.*[^\\])"$/ ) { if ( /^export (.*?)="(.*[^\\])"$/ ) {
$params{$1} = $2 unless $1 eq '_'; $params{$1} = $2 unless $1 eq '_';
@ -3303,11 +3313,11 @@ sub get_params() {
} elsif ( /^export ([^\s=]+)\s*$/ || /^export (.*)=""$/ ) { } elsif ( /^export ([^\s=]+)\s*$/ || /^export (.*)=""$/ ) {
$params{$1} = ''; $params{$1} = '';
} else { } else {
chomp;
if ($variable) { if ($variable) {
s/"$//; s/"$//;
$params{$variable} .= $_; $params{$variable} .= $_;
} else { } else {
chomp;
warning_message "Param line ($_) ignored" unless $bug++; warning_message "Param line ($_) ignored" unless $bug++;
} }
} }
@ -3320,6 +3330,8 @@ sub get_params() {
# - Param values are delimited by single quotes. # - Param values are delimited by single quotes.
# - Embedded single quotes are transformed to the five characters '"'"' # - Embedded single quotes are transformed to the five characters '"'"'
# #
$shell = ASH;
for ( @params ) { for ( @params ) {
if ( /^export (.*?)='(.*'"'"')$/ ) { if ( /^export (.*?)='(.*'"'"')$/ ) {
$params{$variable=$1}="${2}\n"; $params{$variable=$1}="${2}\n";
@ -3328,11 +3340,11 @@ sub get_params() {
} elsif ( /^export (.*?)='(.*)$/ ) { } elsif ( /^export (.*?)='(.*)$/ ) {
$params{$variable=$1}="${2}\n"; $params{$variable=$1}="${2}\n";
} else { } else {
chomp;
if ($variable) { if ($variable) {
s/'$//; s/'$//;
$params{$variable} .= $_; $params{$variable} .= $_;
} else { } else {
chomp;
warning_message "Param line ($_) ignored" unless $bug++; warning_message "Param line ($_) ignored" unless $bug++;
} }
} }
@ -3371,24 +3383,29 @@ sub export_params() {
# #
next if exists $compiler_params{$param}; next if exists $compiler_params{$param};
# #
# Values in %params are generated from the output of 'export -p'.
# The different shells have different conventions for delimiting
# the value and for escaping embedded instances of the delimiter.
# The following logic removes the escape characters.
#
if ( $shell == BASH ) {
$value =~ s/\\"/"/g;
} elsif ( $shell == OLDBASH ) {
$value =~ s/\\'/'/g;
} else {
$value =~ s/'"'"'/'/g;
}
#
# Don't export pairs from %ENV # Don't export pairs from %ENV
# #
if ( exists $ENV{$param} ) { next if defined $ENV{$param} && $value eq $ENV{$param};
next unless defined $ENV{$param};
next if $value eq $ENV{$param};
#
# Don't export anything from %ENV that contains quotes.
# We don't know that $SHOREWALL_SHELL was used to
# process the params file (may even be processed on a
# different system) so we don't know $SHOREWALL_SHELL's
# convention for escaping quotes
#
next if $value =~ /[\n'"]/;
}
emit "#\n# From the params file\n#" unless $count++; emit "#\n# From the params file\n#" unless $count++;
#
if ( $value =~ /[\s()[`]/ ) { # We will use double quotes and escape embedded quotes with \.
#
if ( $value =~ /[\s()['"]/ ) {
$value =~ s/"/\\"/g;
emit "$param='$value'"; emit "$param='$value'";
} else { } else {
emit "$param=$value"; emit "$param=$value";
@ -3397,9 +3414,10 @@ sub export_params() {
} }
# #
# - Process the params file
# - Read the shorewall.conf file # - Read the shorewall.conf file
# - Read the capabilities file, if any # - Read the capabilities file, if any
# - establish global hashes %config , %globals and %capabilities # - establish global hashes %params, %config , %globals and %capabilities
# #
sub get_configuration( $$$ ) { sub get_configuration( $$$ ) {