forked from extern/shorewall_code
Better way of handling environmental variables with embedded quotes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
fb6d4ffaf9
commit
d4b37d1c52
@ -383,6 +383,12 @@ my $iptables; # Path to iptables/ip6tables
|
||||
my $tc; # Path to tc
|
||||
my $ip; # Path to ip
|
||||
|
||||
my $shell; # Type of shell that processed the params file
|
||||
|
||||
use constant { BASH => 1,
|
||||
OLDBASH => 2,
|
||||
ASH => 3 };
|
||||
|
||||
use constant { MIN_VERBOSITY => -1,
|
||||
MAX_VERBOSITY => 2 ,
|
||||
F_IPV4 => 4,
|
||||
@ -3269,6 +3275,8 @@ sub get_params() {
|
||||
# - Embedded double quotes are escaped with '\\'
|
||||
# - Valueless variables are supported (e.g., 'declare -x foo')
|
||||
#
|
||||
$shell = BASH;
|
||||
|
||||
for ( @params ) {
|
||||
if ( /^declare -x (.*?)="(.*[^\\])"$/ ) {
|
||||
$params{$1} = $2 unless $1 eq '_';
|
||||
@ -3277,11 +3285,11 @@ sub get_params() {
|
||||
} elsif ( /^declare -x (.*)\s+$/ || /^declare -x (.*)=""$/ ) {
|
||||
$params{$1} = '';
|
||||
} else {
|
||||
chomp;
|
||||
if ($variable) {
|
||||
s/"$//;
|
||||
$params{$variable} .= $_;
|
||||
} else {
|
||||
chomp;
|
||||
warning_message "Param line ($_) ignored" unless $bug++;
|
||||
}
|
||||
}
|
||||
@ -3295,6 +3303,8 @@ sub get_params() {
|
||||
# - Embedded single quotes are escaped with '\'
|
||||
# - Valueless variables ( e.g., 'export foo') are supported
|
||||
#
|
||||
$shell = OLDBASH;
|
||||
|
||||
for ( @params ) {
|
||||
if ( /^export (.*?)="(.*[^\\])"$/ ) {
|
||||
$params{$1} = $2 unless $1 eq '_';
|
||||
@ -3303,11 +3313,11 @@ sub get_params() {
|
||||
} elsif ( /^export ([^\s=]+)\s*$/ || /^export (.*)=""$/ ) {
|
||||
$params{$1} = '';
|
||||
} else {
|
||||
chomp;
|
||||
if ($variable) {
|
||||
s/"$//;
|
||||
$params{$variable} .= $_;
|
||||
} else {
|
||||
chomp;
|
||||
warning_message "Param line ($_) ignored" unless $bug++;
|
||||
}
|
||||
}
|
||||
@ -3320,6 +3330,8 @@ sub get_params() {
|
||||
# - Param values are delimited by single quotes.
|
||||
# - Embedded single quotes are transformed to the five characters '"'"'
|
||||
#
|
||||
$shell = ASH;
|
||||
|
||||
for ( @params ) {
|
||||
if ( /^export (.*?)='(.*'"'"')$/ ) {
|
||||
$params{$variable=$1}="${2}\n";
|
||||
@ -3328,11 +3340,11 @@ sub get_params() {
|
||||
} elsif ( /^export (.*?)='(.*)$/ ) {
|
||||
$params{$variable=$1}="${2}\n";
|
||||
} else {
|
||||
chomp;
|
||||
if ($variable) {
|
||||
s/'$//;
|
||||
$params{$variable} .= $_;
|
||||
} else {
|
||||
chomp;
|
||||
warning_message "Param line ($_) ignored" unless $bug++;
|
||||
}
|
||||
}
|
||||
@ -3371,24 +3383,29 @@ sub export_params() {
|
||||
#
|
||||
next if exists $compiler_params{$param};
|
||||
#
|
||||
# Values in %params are generated from the output of 'export -p'.
|
||||
# The different shells have different conventions for delimiting
|
||||
# the value and for escaping embedded instances of the delimiter.
|
||||
# The following logic removes the escape characters.
|
||||
#
|
||||
if ( $shell == BASH ) {
|
||||
$value =~ s/\\"/"/g;
|
||||
} elsif ( $shell == OLDBASH ) {
|
||||
$value =~ s/\\'/'/g;
|
||||
} else {
|
||||
$value =~ s/'"'"'/'/g;
|
||||
}
|
||||
#
|
||||
# Don't export pairs from %ENV
|
||||
#
|
||||
if ( exists $ENV{$param} ) {
|
||||
next unless defined $ENV{$param};
|
||||
next if $value eq $ENV{$param};
|
||||
#
|
||||
# Don't export anything from %ENV that contains quotes.
|
||||
# We don't know that $SHOREWALL_SHELL was used to
|
||||
# process the params file (may even be processed on a
|
||||
# different system) so we don't know $SHOREWALL_SHELL's
|
||||
# convention for escaping quotes
|
||||
#
|
||||
next if $value =~ /[\n'"]/;
|
||||
}
|
||||
next if defined $ENV{$param} && $value eq $ENV{$param};
|
||||
|
||||
emit "#\n# From the params file\n#" unless $count++;
|
||||
|
||||
if ( $value =~ /[\s()[`]/ ) {
|
||||
#
|
||||
# We will use double quotes and escape embedded quotes with \.
|
||||
#
|
||||
if ( $value =~ /[\s()['"]/ ) {
|
||||
$value =~ s/"/\\"/g;
|
||||
emit "$param='$value'";
|
||||
} else {
|
||||
emit "$param=$value";
|
||||
@ -3397,9 +3414,10 @@ sub export_params() {
|
||||
}
|
||||
|
||||
#
|
||||
# - Process the params file
|
||||
# - Read the shorewall.conf file
|
||||
# - Read the capabilities file, if any
|
||||
# - establish global hashes %config , %globals and %capabilities
|
||||
# - establish global hashes %params, %config , %globals and %capabilities
|
||||
#
|
||||
sub get_configuration( $$$ ) {
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user