From 95d78f10cb888aaa2c2f70ddb55519950be5ca76 Mon Sep 17 00:00:00 2001 From: Amos Jeffries Date: Fri, 2 Oct 2015 04:52:54 -0700 Subject: [PATCH] Add shell slash-escaping to libformat quoting types Also, replace external_acl::Quoting with Format::Quoting --- src/cf.data.pre | 3 ++- src/external_acl.cc | 27 ++++++++++++++------------- src/format/ByteCode.h | 1 + src/format/Format.cc | 14 ++++++++++++++ 4 files changed, 31 insertions(+), 14 deletions(-) diff --git a/src/cf.data.pre b/src/cf.data.pre index c59a5bae18..6bb2e07e4f 100644 --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -4051,11 +4051,12 @@ DOC_START modifiers are usually not needed, but can be specified if an explicit output format is desired. - % ["|[|'|#] [-] [[0]width] [{arg}] formatcode [{arg}] + % ["|[|'|#|/] [-] [[0]width] [{arg}] formatcode [{arg}] " output in quoted string format [ output in squid text log format as used by log_mime_hdrs # output in URL quoted format + / output in shell \-escaped format ' output as-is - left aligned diff --git a/src/external_acl.cc b/src/external_acl.cc index e89631acc4..86338a4472 100644 --- a/src/external_acl.cc +++ b/src/external_acl.cc @@ -120,10 +120,7 @@ public: bool require_auth; #endif - enum { - QUOTE_METHOD_SHELL = 1, - QUOTE_METHOD_URL - } quote; + Format::Quoting quote; // default quoting to use, set by protocol= parameter Ip::Address local_addr; }; @@ -146,7 +143,7 @@ external_acl::external_acl() : #if USE_AUTH require_auth(0), #endif - quote(external_acl::QUOTE_METHOD_URL) + quote(Format::LOG_QUOTE_URL) { local_addr.setLocalhost(); } @@ -217,16 +214,16 @@ parse_externalAclHelper(external_acl ** list) } else if (strncmp(token, "grace=", 6) == 0) { a->grace = atoi(token + 6); } else if (strcmp(token, "protocol=2.5") == 0) { - a->quote = external_acl::QUOTE_METHOD_SHELL; + a->quote = Format::LOG_QUOTE_SHELL; } else if (strcmp(token, "protocol=3.0") == 0) { debugs(3, DBG_PARSE_NOTE(2), "WARNING: external_acl_type option protocol=3.0 is deprecated. Remove this from your config."); - a->quote = external_acl::QUOTE_METHOD_URL; + a->quote = Format::LOG_QUOTE_URL; } else if (strcmp(token, "quote=url") == 0) { debugs(3, DBG_PARSE_NOTE(2), "WARNING: external_acl_type option quote=url is deprecated. Remove this from your config."); - a->quote = external_acl::QUOTE_METHOD_URL; + a->quote = Format::LOG_QUOTE_URL; } else if (strcmp(token, "quote=shell") == 0) { debugs(3, DBG_PARSE_NOTE(2), "WARNING: external_acl_type option quote=shell is deprecated. Use protocol=2.5 if still needed."); - a->quote = external_acl::QUOTE_METHOD_SHELL; + a->quote = Format::LOG_QUOTE_SHELL; /* INET6: allow admin to configure some helpers explicitly to bind to IPv4/v6 localhost port. */ @@ -278,6 +275,10 @@ parse_externalAclHelper(external_acl ** list) // these tokens are whitespace delimited (*fmt)->space = true; + // set the default encoding to match the protocol= config + // this will be overridden by explicit %macro attributes + (*fmt)->quote = a->quote; + // compatibility for old tokens incompatible with Format::Token syntax #if USE_OPENSSL // dont bother if we dont have to. if (strncmp(token, "%USER_CERT_", 11) == 0) { @@ -309,8 +310,8 @@ parse_externalAclHelper(external_acl ** list) a->require_auth = true; #endif - if ((*fmt)->type == Format::LFT_EXT_ACL_DATA) - data_used = true; + if ((*fmt)->type == Format::LFT_EXT_ACL_DATA) + data_used = true; fmt = &((*fmt)->next); token = ConfigParser::NextToken(); @@ -380,7 +381,7 @@ dump_externalAclHelper(StoreEntry * sentry, const char *name, const external_acl if (node->cache) storeAppendPrintf(sentry, " cache=%d", node->cache_size); - if (node->quote == external_acl::QUOTE_METHOD_SHELL) + if (node->quote == Format::LOG_QUOTE_SHELL) storeAppendPrintf(sentry, " protocol=2.5"); node->format.dump(sentry, NULL, false); @@ -728,7 +729,7 @@ makeExternalAclKey(ACLFilledChecklist * ch, external_acl_data * acl_data) if (sb.length()) sb.append(" ", 1); - if (acl_data->def->quote == external_acl::QUOTE_METHOD_URL) { + if (acl_data->def->quote == Format::LOG_QUOTE_URL) { const char *quoted = rfc1738_escape(arg->key); sb.append(quoted, strlen(quoted)); } else { diff --git a/src/format/ByteCode.h b/src/format/ByteCode.h index bad01c3e3d..577217a0dd 100644 --- a/src/format/ByteCode.h +++ b/src/format/ByteCode.h @@ -242,6 +242,7 @@ enum Quoting { LOG_QUOTE_QUOTES, LOG_QUOTE_MIMEBLOB, LOG_QUOTE_URL, + LOG_QUOTE_SHELL, LOG_QUOTE_RAW }; diff --git a/src/format/Format.cc b/src/format/Format.cc index e607dd23e2..addc60ba8d 100644 --- a/src/format/Format.cc +++ b/src/format/Format.cc @@ -22,6 +22,7 @@ #include "rfc1738.h" #include "SquidTime.h" #include "Store.h" +#include "tools.h" #include "URL.h" #if USE_OPENSSL #include "ssl/ErrorDetail.h" @@ -226,6 +227,10 @@ Format::Format::dump(StoreEntry * entry, const char *directiveName, bool eol) co entry->append("'", 1); break; + case LOG_QUOTE_SHELL: + entry->append("/", 1); + break; + case LOG_QUOTE_NONE: break; } @@ -1343,6 +1348,15 @@ Format::Format::assemble(MemBuf &mb, const AccessLogEntry::Pointer &al, int logS newout = rfc1738_escape(out); break; + case LOG_QUOTE_SHELL: { + MemBuf mbq; + mbq.init(); + strwordquote(&mbq, out); + newout = mbq.content(); + mbq.stolen = 1; + newfree = 1; + } break; + case LOG_QUOTE_RAW: break; } -- 2.47.2