forked from extern/shorewall_code
Better way of handling environmental variables with embedded quotes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
fb6d4ffaf9
commit
d4b37d1c52
@ -383,6 +383,12 @@ my $iptables; # Path to iptables/ip6tables
|
|||||||
my $tc; # Path to tc
|
my $tc; # Path to tc
|
||||||
my $ip; # Path to ip
|
my $ip; # Path to ip
|
||||||
|
|
||||||
|
my $shell; # Type of shell that processed the params file
|
||||||
|
|
||||||
|
use constant { BASH => 1,
|
||||||
|
OLDBASH => 2,
|
||||||
|
ASH => 3 };
|
||||||
|
|
||||||
use constant { MIN_VERBOSITY => -1,
|
use constant { MIN_VERBOSITY => -1,
|
||||||
MAX_VERBOSITY => 2 ,
|
MAX_VERBOSITY => 2 ,
|
||||||
F_IPV4 => 4,
|
F_IPV4 => 4,
|
||||||
@ -3269,6 +3275,8 @@ sub get_params() {
|
|||||||
# - Embedded double quotes are escaped with '\\'
|
# - Embedded double quotes are escaped with '\\'
|
||||||
# - Valueless variables are supported (e.g., 'declare -x foo')
|
# - Valueless variables are supported (e.g., 'declare -x foo')
|
||||||
#
|
#
|
||||||
|
$shell = BASH;
|
||||||
|
|
||||||
for ( @params ) {
|
for ( @params ) {
|
||||||
if ( /^declare -x (.*?)="(.*[^\\])"$/ ) {
|
if ( /^declare -x (.*?)="(.*[^\\])"$/ ) {
|
||||||
$params{$1} = $2 unless $1 eq '_';
|
$params{$1} = $2 unless $1 eq '_';
|
||||||
@ -3277,11 +3285,11 @@ sub get_params() {
|
|||||||
} elsif ( /^declare -x (.*)\s+$/ || /^declare -x (.*)=""$/ ) {
|
} elsif ( /^declare -x (.*)\s+$/ || /^declare -x (.*)=""$/ ) {
|
||||||
$params{$1} = '';
|
$params{$1} = '';
|
||||||
} else {
|
} else {
|
||||||
|
chomp;
|
||||||
if ($variable) {
|
if ($variable) {
|
||||||
s/"$//;
|
s/"$//;
|
||||||
$params{$variable} .= $_;
|
$params{$variable} .= $_;
|
||||||
} else {
|
} else {
|
||||||
chomp;
|
|
||||||
warning_message "Param line ($_) ignored" unless $bug++;
|
warning_message "Param line ($_) ignored" unless $bug++;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -3295,6 +3303,8 @@ sub get_params() {
|
|||||||
# - Embedded single quotes are escaped with '\'
|
# - Embedded single quotes are escaped with '\'
|
||||||
# - Valueless variables ( e.g., 'export foo') are supported
|
# - Valueless variables ( e.g., 'export foo') are supported
|
||||||
#
|
#
|
||||||
|
$shell = OLDBASH;
|
||||||
|
|
||||||
for ( @params ) {
|
for ( @params ) {
|
||||||
if ( /^export (.*?)="(.*[^\\])"$/ ) {
|
if ( /^export (.*?)="(.*[^\\])"$/ ) {
|
||||||
$params{$1} = $2 unless $1 eq '_';
|
$params{$1} = $2 unless $1 eq '_';
|
||||||
@ -3303,11 +3313,11 @@ sub get_params() {
|
|||||||
} elsif ( /^export ([^\s=]+)\s*$/ || /^export (.*)=""$/ ) {
|
} elsif ( /^export ([^\s=]+)\s*$/ || /^export (.*)=""$/ ) {
|
||||||
$params{$1} = '';
|
$params{$1} = '';
|
||||||
} else {
|
} else {
|
||||||
|
chomp;
|
||||||
if ($variable) {
|
if ($variable) {
|
||||||
s/"$//;
|
s/"$//;
|
||||||
$params{$variable} .= $_;
|
$params{$variable} .= $_;
|
||||||
} else {
|
} else {
|
||||||
chomp;
|
|
||||||
warning_message "Param line ($_) ignored" unless $bug++;
|
warning_message "Param line ($_) ignored" unless $bug++;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -3320,6 +3330,8 @@ sub get_params() {
|
|||||||
# - Param values are delimited by single quotes.
|
# - Param values are delimited by single quotes.
|
||||||
# - Embedded single quotes are transformed to the five characters '"'"'
|
# - Embedded single quotes are transformed to the five characters '"'"'
|
||||||
#
|
#
|
||||||
|
$shell = ASH;
|
||||||
|
|
||||||
for ( @params ) {
|
for ( @params ) {
|
||||||
if ( /^export (.*?)='(.*'"'"')$/ ) {
|
if ( /^export (.*?)='(.*'"'"')$/ ) {
|
||||||
$params{$variable=$1}="${2}\n";
|
$params{$variable=$1}="${2}\n";
|
||||||
@ -3328,11 +3340,11 @@ sub get_params() {
|
|||||||
} elsif ( /^export (.*?)='(.*)$/ ) {
|
} elsif ( /^export (.*?)='(.*)$/ ) {
|
||||||
$params{$variable=$1}="${2}\n";
|
$params{$variable=$1}="${2}\n";
|
||||||
} else {
|
} else {
|
||||||
|
chomp;
|
||||||
if ($variable) {
|
if ($variable) {
|
||||||
s/'$//;
|
s/'$//;
|
||||||
$params{$variable} .= $_;
|
$params{$variable} .= $_;
|
||||||
} else {
|
} else {
|
||||||
chomp;
|
|
||||||
warning_message "Param line ($_) ignored" unless $bug++;
|
warning_message "Param line ($_) ignored" unless $bug++;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -3371,24 +3383,29 @@ sub export_params() {
|
|||||||
#
|
#
|
||||||
next if exists $compiler_params{$param};
|
next if exists $compiler_params{$param};
|
||||||
#
|
#
|
||||||
|
# Values in %params are generated from the output of 'export -p'.
|
||||||
|
# The different shells have different conventions for delimiting
|
||||||
|
# the value and for escaping embedded instances of the delimiter.
|
||||||
|
# The following logic removes the escape characters.
|
||||||
|
#
|
||||||
|
if ( $shell == BASH ) {
|
||||||
|
$value =~ s/\\"/"/g;
|
||||||
|
} elsif ( $shell == OLDBASH ) {
|
||||||
|
$value =~ s/\\'/'/g;
|
||||||
|
} else {
|
||||||
|
$value =~ s/'"'"'/'/g;
|
||||||
|
}
|
||||||
|
#
|
||||||
# Don't export pairs from %ENV
|
# Don't export pairs from %ENV
|
||||||
#
|
#
|
||||||
if ( exists $ENV{$param} ) {
|
next if defined $ENV{$param} && $value eq $ENV{$param};
|
||||||
next unless defined $ENV{$param};
|
|
||||||
next if $value eq $ENV{$param};
|
|
||||||
#
|
|
||||||
# Don't export anything from %ENV that contains quotes.
|
|
||||||
# We don't know that $SHOREWALL_SHELL was used to
|
|
||||||
# process the params file (may even be processed on a
|
|
||||||
# different system) so we don't know $SHOREWALL_SHELL's
|
|
||||||
# convention for escaping quotes
|
|
||||||
#
|
|
||||||
next if $value =~ /[\n'"]/;
|
|
||||||
}
|
|
||||||
|
|
||||||
emit "#\n# From the params file\n#" unless $count++;
|
emit "#\n# From the params file\n#" unless $count++;
|
||||||
|
#
|
||||||
if ( $value =~ /[\s()[`]/ ) {
|
# We will use double quotes and escape embedded quotes with \.
|
||||||
|
#
|
||||||
|
if ( $value =~ /[\s()['"]/ ) {
|
||||||
|
$value =~ s/"/\\"/g;
|
||||||
emit "$param='$value'";
|
emit "$param='$value'";
|
||||||
} else {
|
} else {
|
||||||
emit "$param=$value";
|
emit "$param=$value";
|
||||||
@ -3397,9 +3414,10 @@ sub export_params() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
|
# - Process the params file
|
||||||
# - Read the shorewall.conf file
|
# - Read the shorewall.conf file
|
||||||
# - Read the capabilities file, if any
|
# - Read the capabilities file, if any
|
||||||
# - establish global hashes %config , %globals and %capabilities
|
# - establish global hashes %params, %config , %globals and %capabilities
|
||||||
#
|
#
|
||||||
sub get_configuration( $$$ ) {
|
sub get_configuration( $$$ ) {
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user