From nobody Sat Jan 14 18:48:38 2023 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NvS3p5Rvqz2skvh; Sat, 14 Jan 2023 18:48:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NvS3p507Xz47VC; Sat, 14 Jan 2023 18:48:38 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1673722118; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=qam8xJGBvC59nWlIK1Sduea9PGoySKjdtyBD6Fp7O+w=; b=KENpBQjJHwtajQ6gCgPEhXfn/GlKUjyX9JirDY0Kk+qfhOJp6mH+F8AJWaMFIhFKjYBDda eTjbW6UYH70cRm3HvXHSegAdRpULfLmwzsSCPpcbUQF20y+Qj7/nfJzLRySTSINzP8l7GV olcor3gXYNkkXCv8cpRGZ+I4VYc7lUQaVwuRu7xNjos4cs88B2EPnjLYFSSXGoCH2FQQ7m 3p0GDW705k3OSBEd4RzraKwceVSmdjbjyV0mIBs8dV0hj0skIhRvXYZVN4mzoJ91HaYFWN Xa5IyqXXYDfStRaK37OOweKGF6K04ViDyJqoR4P1pAzDm/xsrwhh6VunxGtrTQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1673722118; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=qam8xJGBvC59nWlIK1Sduea9PGoySKjdtyBD6Fp7O+w=; b=c3YFUtf+asWUzqb5xBarD8BrIc633cZaU4E6ix2/cQ+9hxaM2zGLBPikmsp3wUcNV140ov 29Ky/pG1ygBt55Ccxc30O9QnmmY0mYaqTxu2r9hnR1SoRi/sGdFXfDUJshRgdMngYyU9Nx lg8xckQ12jEJNEMqRnuqed2qPj9syVhP+VQFkeVddF3W8CGA25TYYWGPW16l+69aopM18i yB4qTaoMryzdirMPWsYlqhiyyTJYxjNTJCuQqBuc0wpU7fOewo1sTKZWbb9QuN/AGiGm4r 9+ITrOjiX77IkgHZ88s7aYjKw3ooH3bcdacVQZ0+flgDjfsAC1t6Q40PjdTCTg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1673722118; a=rsa-sha256; cv=none; b=Av3JYdaAI8ElbBKAcn4QoHIPdftV94IQG6dpNpTUmXB/GtFhXgPpWcpebxggiVO+g0T35v HQk0ZQI6lRCsD0yLm8Fwwm5NQYswU+yRswFt/eVtH+5N6gvhALS9yGpv1iLhGKfIy8ymgC ri1VBUEZsQKCfYo4+TEG/yxNjHOgUmujAXboWT3BaDBH/XiWHR8K5Tc52cUAHJFHFWOi3m EmeOFa0fLhIoT+uZFiXwuQZuboMohgI/VyT+I7R8DQjTj1210OjFgoxSjlHKviEnWjFV65 2xyhQUecfL57obdsx3mPqp7c1xYKFHa7iy/kMaDQJhRX7Bg49BjuQjRTvq3mPw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4NvS3p42RKzyMQ; Sat, 14 Jan 2023 18:48:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 30EImcvG077471; Sat, 14 Jan 2023 18:48:38 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 30EImcEZ077470; Sat, 14 Jan 2023 18:48:38 GMT (envelope-from git) Date: Sat, 14 Jan 2023 18:48:38 GMT Message-Id: <202301141848.30EImcEZ077470@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Sean Eric Fagan Subject: git: f32db406504e - main - Allow a comma-separated list in login class capabilities, by adding a version of strcspn that allows quoting. List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: sef X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: f32db406504ece1b28f43dc816736e081fe22826 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by sef: URL: https://cgit.FreeBSD.org/src/commit/?id=f32db406504ece1b28f43dc816736e081fe22826 commit f32db406504ece1b28f43dc816736e081fe22826 Author: Sean Eric Fagan AuthorDate: 2023-01-14 18:37:31 +0000 Commit: Sean Eric Fagan CommitDate: 2023-01-14 18:48:29 +0000 Allow a comma-separated list in login class capabilities, by adding a version of strcspn that allows quoting. --- lib/libutil/login_cap.c | 109 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 107 insertions(+), 2 deletions(-) diff --git a/lib/libutil/login_cap.c b/lib/libutil/login_cap.c index cea7630698af..ffefb865ed5e 100644 --- a/lib/libutil/login_cap.c +++ b/lib/libutil/login_cap.c @@ -94,6 +94,101 @@ allocarray(size_t sz) } +/* + * This is a variant of strcspn, which checks for quoted + * strings. That is,: + * strcspn_quote("how 'now, brown' cow", ",", NULL); + * will return the index for the nul, rather than the comma, because + * the string is quoted. It does not handle escaped characters + * at this time. + */ +static size_t +strcspn_quote(const char *str, const char *exclude, int *is_quoted) +{ + size_t indx = 0; + char quote = 0; + + if (str == NULL) + return 0; + + if (is_quoted) + *is_quoted = 0; + + for (indx = 0; str[indx] != 0; indx++) { + if (quote && str[indx] == quote) { + if (is_quoted) + *is_quoted = 1; + quote = 0; + continue; + } + if (quote == 0 && + (str[indx] == '\'' || str[indx] == '"')) { + quote = str[indx]; + continue; + } + if (quote == 0 && + strchr(exclude, str[indx]) != NULL) + return indx; + } + return indx; +} + +/* + * Remove quotes from the given string. + * It's a very simplistic approach: the first + * single or double quote it finds, it looks for + * the next one, and if it finds it, moves the + * entire string backwards in two chunks + * (first quote + 1 to first quote, length + * rest of string, and then second quote + 1 + * to second quote, length rest of the string). + */ +static void +remove_quotes(char *str) +{ + static const char *quote_chars = "'\""; + char qc = 0; + int found = 0; + + do { + char *loc = NULL; + + found = 0; + /* + * If qc is 0, then we haven't found + * a quote yet, so do a strcspn search. + */ + if (qc == 0) { + size_t indx; + indx = strcspn(str, quote_chars); + if (str[indx] == '\0') + return; /* We're done */ + loc = str + indx; + qc = str[indx]; + } else { + /* + * We've found a quote character, + * so use strchr to find the next one. + */ + loc = strchr(str, qc); + if (loc == NULL) + return; + qc = 0; + } + if (loc) { + /* + * This gives us the location of the + * quoted character. We need to move + * the entire string down, from loc+1 + * to loc. + */ + size_t len = strlen(loc + 1) + 1; + memmove(loc, loc + 1, len); + found = 1; + } + } while (found != 0); +} + /* * arrayize() * Turn a simple string separated by any of @@ -112,7 +207,7 @@ arrayize(const char *str, const char *chars, int *size) /* count the sub-strings */ for (i = 0, cptr = str; *cptr; i++) { - int count = strcspn(cptr, chars); + int count = strcspn_quote(cptr, chars, NULL); cptr += count; if (*cptr) ++cptr; @@ -126,11 +221,21 @@ arrayize(const char *str, const char *chars, int *size) /* now split the string */ i = 0; while (*ptr) { - int count = strcspn(ptr, chars); + int quoted = 0; + int count = strcspn_quote(ptr, chars, "ed); + char *base = ptr; res[i++] = ptr; ptr += count; if (*ptr) *ptr++ = '\0'; + /* + * If the string contains a quoted element, we + * need to remove the quotes. + */ + if (quoted) { + remove_quotes(base); + } + } res[i] = NULL; }