From: Amos Jeffries Date: Wed, 3 Dec 2014 14:12:12 +0000 (-0800) Subject: Bug 4135: Support \-escaped character in regex patterns X-Git-Tag: merge-candidate-3-v1~464 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=61a31961e29452ce0ce607f81129b47f90f3f79d;p=thirdparty%2Fsquid.git Bug 4135: Support \-escaped character in regex patterns Squid cannot parse regex patterns as quoted strings since the pattern may itself contain quote characters as part of the syntax. Since we updated the squid.conf ConfigParser it is now possible to handle regex patterns containing quoted-pair (\-escaped) characters properly. Add support for escaping by detecting the '\' characters as token delimiters, and explicitly skipping the following character regardless of whether it is a SP or not. Escape detection is only added during parsing of regex tokens or files listing regex patterns. --- diff --git a/doc/release-notes/release-3.5.sgml b/doc/release-notes/release-3.5.sgml index 060d33db0b..f6da195b6b 100644 --- a/doc/release-notes/release-3.5.sgml +++ b/doc/release-notes/release-3.5.sgml @@ -403,6 +403,12 @@ This section gives a thorough account of those changes in three categories: more circumstances than squid-2 idle connections were. They are also spread over all IPs of the peer. + configuration_includes_quoted_values +

Regex pattern values cannot be parsed in parts of squid.conf when this + directive is configured to ON. Instead of quoted strings Squid + now accepts regex \-escaped characters (including escaped spaces) in all + regex patterns. + external_acl_type

New format code %ssl::>sni to send SSL client SNI.

New format code %ssl::<cert_subject to send SSL server certificate DN. diff --git a/src/ConfigParser.cc b/src/ConfigParser.cc index e92e8d9686..9080d86feb 100644 --- a/src/ConfigParser.cc +++ b/src/ConfigParser.cc @@ -23,6 +23,7 @@ std::queue ConfigParser::CfgLineTokens_; std::queue ConfigParser::Undo_; bool ConfigParser::AllowMacros_ = false; bool ConfigParser::ParseQuotedOrToEol_ = false; +bool ConfigParser::RecognizeQuotedPair_ = false; bool ConfigParser::PreviewMode_ = false; static const char *SQUID_ERROR_TOKEN = "[invalid token]"; @@ -263,10 +264,18 @@ ConfigParser::TokenParse(const char * &nextToken, ConfigParser::TokenType &type) sep = "\n"; else if (!ConfigParser::RecognizeQuotedValues || *nextToken == '(') sep = w_space; + else if (ConfigParser::RecognizeQuotedPair_) + sep = w_space "\\"; else sep = w_space "("; nextToken += strcspn(nextToken, sep); + // NP: do not permit \0 terminator to be escaped. + while (ConfigParser::RecognizeQuotedPair_ && *nextToken && *(nextToken-1) == '\\') { + ++nextToken; // skip the quoted-pair (\-escaped) character + nextToken += strcspn(nextToken, sep); + } + if (ConfigParser::RecognizeQuotedValues && *nextToken == '(') { if (strncmp(tokenStart, "parameters", nextToken - tokenStart) == 0) type = ConfigParser::FunctionParameters; @@ -432,7 +441,9 @@ ConfigParser::RegexStrtokFile() debugs(3, DBG_CRITICAL, "FATAL: Can not read regex expression while configuration_includes_quoted_values is enabled"); self_destruct(); } + ConfigParser::RecognizeQuotedPair_ = true; char * token = strtokFile(); + ConfigParser::RecognizeQuotedPair_ = false; return token; } @@ -443,8 +454,9 @@ ConfigParser::RegexPattern() debugs(3, DBG_CRITICAL, "FATAL: Can not read regex expression while configuration_includes_quoted_values is enabled"); self_destruct(); } - + ConfigParser::RecognizeQuotedPair_ = true; char * token = NextToken(); + ConfigParser::RecognizeQuotedPair_ = false; return token; } diff --git a/src/ConfigParser.h b/src/ConfigParser.h index 5d536e30cb..465edc6e7e 100644 --- a/src/ConfigParser.h +++ b/src/ConfigParser.h @@ -201,6 +201,7 @@ protected: static std::queue Undo_; ///< The list with TokenPutBack() queued elements static bool AllowMacros_; static bool ParseQuotedOrToEol_; ///< The next tokens will be handled as quoted or to_eol token + static bool RecognizeQuotedPair_; ///< The next tokens may contain quoted-pair (\-escaped) characters static bool PreviewMode_; ///< The next token will not poped from cfg files, will just previewd. };