diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm index 4e26d406e..26c7f3c93 100644 --- a/Shorewall/Perl/Shorewall/Config.pm +++ b/Shorewall/Perl/Shorewall/Config.pm @@ -383,6 +383,12 @@ my $iptables; # Path to iptables/ip6tables my $tc; # Path to tc my $ip; # Path to ip +my $shell; # Type of shell that processed the params file + +use constant { BASH => 1, + OLDBASH => 2, + ASH => 3 }; + use constant { MIN_VERBOSITY => -1, MAX_VERBOSITY => 2 , F_IPV4 => 4, @@ -3269,6 +3275,8 @@ sub get_params() { # - Embedded double quotes are escaped with '\\' # - Valueless variables are supported (e.g., 'declare -x foo') # + $shell = BASH; + for ( @params ) { if ( /^declare -x (.*?)="(.*[^\\])"$/ ) { $params{$1} = $2 unless $1 eq '_'; @@ -3277,11 +3285,11 @@ sub get_params() { } elsif ( /^declare -x (.*)\s+$/ || /^declare -x (.*)=""$/ ) { $params{$1} = ''; } else { + chomp; if ($variable) { s/"$//; $params{$variable} .= $_; } else { - chomp; warning_message "Param line ($_) ignored" unless $bug++; } } @@ -3295,6 +3303,8 @@ sub get_params() { # - Embedded single quotes are escaped with '\' # - Valueless variables ( e.g., 'export foo') are supported # + $shell = OLDBASH; + for ( @params ) { if ( /^export (.*?)="(.*[^\\])"$/ ) { $params{$1} = $2 unless $1 eq '_'; @@ -3303,11 +3313,11 @@ sub get_params() { } elsif ( /^export ([^\s=]+)\s*$/ || /^export (.*)=""$/ ) { $params{$1} = ''; } else { + chomp; if ($variable) { s/"$//; $params{$variable} .= $_; } else { - chomp; warning_message "Param line ($_) ignored" unless $bug++; } } @@ -3320,6 +3330,8 @@ sub get_params() { # - Param values are delimited by single quotes. # - Embedded single quotes are transformed to the five characters '"'"' # + $shell = ASH; + for ( @params ) { if ( /^export (.*?)='(.*'"'"')$/ ) { $params{$variable=$1}="${2}\n"; @@ -3328,11 +3340,11 @@ sub get_params() { } elsif ( /^export (.*?)='(.*)$/ ) { $params{$variable=$1}="${2}\n"; } else { + chomp; if ($variable) { s/'$//; $params{$variable} .= $_; } else { - chomp; warning_message "Param line ($_) ignored" unless $bug++; } } @@ -3371,24 +3383,29 @@ sub export_params() { # next if exists $compiler_params{$param}; # + # Values in %params are generated from the output of 'export -p'. + # The different shells have different conventions for delimiting + # the value and for escaping embedded instances of the delimiter. + # The following logic removes the escape characters. + # + if ( $shell == BASH ) { + $value =~ s/\\"/"/g; + } elsif ( $shell == OLDBASH ) { + $value =~ s/\\'/'/g; + } else { + $value =~ s/'"'"'/'/g; + } + # # Don't export pairs from %ENV # - if ( exists $ENV{$param} ) { - next unless defined $ENV{$param}; - next if $value eq $ENV{$param}; - # - # Don't export anything from %ENV that contains quotes. - # We don't know that $SHOREWALL_SHELL was used to - # process the params file (may even be processed on a - # different system) so we don't know $SHOREWALL_SHELL's - # convention for escaping quotes - # - next if $value =~ /[\n'"]/; - } + next if defined $ENV{$param} && $value eq $ENV{$param}; emit "#\n# From the params file\n#" unless $count++; - - if ( $value =~ /[\s()[`]/ ) { + # + # We will use double quotes and escape embedded quotes with \. + # + if ( $value =~ /[\s()['"]/ ) { + $value =~ s/"/\\"/g; emit "$param='$value'"; } else { emit "$param=$value"; @@ -3397,9 +3414,10 @@ sub export_params() { } # +# - Process the params file # - Read the shorewall.conf file # - Read the capabilities file, if any -# - establish global hashes %config , %globals and %capabilities +# - establish global hashes %params, %config , %globals and %capabilities # sub get_configuration( $$$ ) {