From 48ca5d1e423b5a3ac78d25c2252f7a45bacc7474 Mon Sep 17 00:00:00 2001 From: Félix Sipma Date: Mon, 7 Mar 2016 15:01:45 +0100 Subject: Network: escape interfaceDFile names (cherry picked from commit 125135ea5d42d623346a385faf7ed404f8878891) --- src/Propellor/Property/Network.hs | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/src/Propellor/Property/Network.hs b/src/Propellor/Property/Network.hs index 1908bbb3..0d079899 100644 --- a/src/Propellor/Property/Network.hs +++ b/src/Propellor/Property/Network.hs @@ -45,7 +45,7 @@ dhcp iface = hasContent (interfaceDFile iface) -- -- If the interface file already exists, this property does nothing, -- no matter its content. --- +-- -- (ipv6 addresses are not included because it's assumed they come up -- automatically in most situations.) static :: Interface -> Property NoInfo @@ -96,8 +96,19 @@ interfacesFile :: FilePath interfacesFile = "/etc/network/interfaces" -- | A file in the interfaces.d directory. +-- /etc/network/interfaces.d/ files have to match -- ^[a-zA-Z0-9_-]+$ +-- see "man 5 interfaces" interfaceDFile :: Interface -> FilePath -interfaceDFile iface = "/etc/network/interfaces.d" iface +interfaceDFile i = interfaceDFile' (escapeInterfaceDName i) + +interfaceDFile' :: Interface -> FilePath +interfaceDFile' iface = "/etc/network/interfaces.d" iface + +escapeInterfaceDName :: Interface -> FilePath +escapeInterfaceDName "" = "" +escapeInterfaceDName (':' : xs) = escapeInterfaceDName xs +escapeInterfaceDName ('.' : xs) = escapeInterfaceDName xs +escapeInterfaceDName (x : xs) = x : escapeInterfaceDName xs -- | Ensures that files in the the interfaces.d directory are used. interfacesDEnabled :: Property NoInfo -- cgit v1.2.3 From 91ce6e0f3898b08eec2ec7e6e8c3d31c12d941ab Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Mon, 7 Mar 2016 12:16:24 -0400 Subject: improve filtering of interface files --- src/Propellor/Property/Network.hs | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/src/Propellor/Property/Network.hs b/src/Propellor/Property/Network.hs index 0d079899..382f5d9d 100644 --- a/src/Propellor/Property/Network.hs +++ b/src/Propellor/Property/Network.hs @@ -3,6 +3,8 @@ module Propellor.Property.Network where import Propellor.Base import Propellor.Property.File +import Data.Char + type Interface = String ifUp :: Interface -> Property NoInfo @@ -96,19 +98,13 @@ interfacesFile :: FilePath interfacesFile = "/etc/network/interfaces" -- | A file in the interfaces.d directory. --- /etc/network/interfaces.d/ files have to match -- ^[a-zA-Z0-9_-]+$ --- see "man 5 interfaces" interfaceDFile :: Interface -> FilePath -interfaceDFile i = interfaceDFile' (escapeInterfaceDName i) - -interfaceDFile' :: Interface -> FilePath -interfaceDFile' iface = "/etc/network/interfaces.d" iface +interfaceDFile i = "/etc/network/interfaces.d" escapeInterfaceDName i +-- | /etc/network/interfaces.d/ files have to match -- ^[a-zA-Z0-9_-]+$ +-- see "man 5 interfaces" escapeInterfaceDName :: Interface -> FilePath -escapeInterfaceDName "" = "" -escapeInterfaceDName (':' : xs) = escapeInterfaceDName xs -escapeInterfaceDName ('.' : xs) = escapeInterfaceDName xs -escapeInterfaceDName (x : xs) = x : escapeInterfaceDName xs +escapeInterfaceDName = filter (\c -> isAscii c && (isAlphaNum c || c `elem` "_-")) -- | Ensures that files in the the interfaces.d directory are used. interfacesDEnabled :: Property NoInfo -- cgit v1.2.3 From 9003983998e50f11e85e7f29e3eae3c486c0f6d0 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Mon, 7 Mar 2016 12:17:50 -0400 Subject: changelog --- debian/changelog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/debian/changelog b/debian/changelog index 008ac687..7a37cd9b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -15,6 +15,8 @@ propellor (2.17.0) UNRELEASED; urgency=medium which modified the locale.gen file and sometimes caused the property to need to make changes every time. * Force ssh, scp, and git commands to be run in the foreground. + * Network: Filter out characters not allowed in interfaces.d files. + Thanks, Félix Sipma. -- Joey Hess Mon, 29 Feb 2016 17:58:08 -0400 -- cgit v1.2.3