[Ddclient-support] better password handling for ddclient
Brought to you by:
supersandro2000,
wimpunk
From: Ingo S. <isc...@as...> - 2008-09-30 19:48:30
|
Dear colleagues, reading the ddclient-3.7.3 source code, you will notice that the config file parser tries to handle some of the subtleties of passwords, in particular passwords containing the sharp character ('#'). All the same, there are still a few problems: 1. If there is white space before the keyword 'password', the sharp handling is bypassed. For example, the following line is parsed as password='very' instead of password='very#secret': user=joe, password=very#secret my.host # special password! 2. If there is whitespace behind the password, the rest of the line is lost, including any trailing backslash. For example, with the following pair of lines, password=secret is parsed into the global scope, and user=joe starts a new host line. password=secret, \ user=joe my.host 3. The worst problem is that passwords containing white space cannot be used. Escaping them is not possible. For example, the following line is parsed as password='very' instead of password='very secret': password=very secret At this point i stopped checking, maybe passwords containing the comma character also cause trouble. The patch included below fixes all this by parsing the passwords into a temporary hash and feeding them back once the main parser has finished splitting on whitespace and commas. Optionally, each password can be included in single quotes ("''"). This is required when the password contains white space or itself starts with a single quote. For example, the password "'secret" must be specified as "password=''secret'". The patch is expected to be backward compatible with the exception of passwords starting with a single quote. Feedback is welcome, but expect some delay; i shall be offline for about two weeks starting on Thurday. Yours, Ingo -- Ingo Schwarze <isc...@as...> | Software Engineer | Framework Team Astaro AG | www.astaro.com | 76227 Karlsruhe | Germany ----- 8< ----- schnipp ----- >8 ----- 8< ----- schnapp ----- >8 ----- # # Patch to improve password handling in ddclient-3.7.3 # Copyright (C) 2008 Astaro AG www.astaro.com # Author: Ingo Schwarze <isc...@as...> 30.09.2008 # # This patch is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This patch is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the ddclient program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA, # or look up http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt . # Index: ddclient =================================================================== RCS file: /home/cvs/sources/d/ddclient/ddclient,v retrieving revision 1.1.1.2 diff -u -p -r1.1.1.2 ddclient --- ddclient 15 Sep 2008 11:13:55 -0000 1.1.1.2 +++ ddclient 30 Sep 2008 18:55:52 -0000 @@ -888,6 +888,7 @@ sub _read_config { local $lineno = 0; my $continuation = ''; + my %passwords = (); while (<FD>) { s/[\r\n]//g; @@ -903,10 +904,17 @@ sub _read_config { } $content .= "$_\n" unless /^#/; - # lines contain passwords are a special case, we don't want to - # arbitrarily strip out '#' - if (/^(\S*password\S*)\s*=\s*(\S+)/i) { $_ = "$1=$2"; } - if (/^#/ || !(/password/i) || /#.*password/i) { s/#.*//; } # remove comments + + ## parsing passwords is special + if (/^([^#]*\s)?([^#]*?password\S*?)\s*=\s*('.*'|[^']\S*)(.*)/) { + my ($head, $key, $value, $tail) = ($1 || '', $2, $3, $4); + $value = $1 if $value =~ /^'(.*)'$/; + $passwords{$key} = $value; + $_ = "${head}${key}=dummy${tail}"; + } + + ## remove comments + s/#.*//; ## handle continuation lines $_ = "$continuation$_"; @@ -931,6 +939,7 @@ sub _read_config { ## verify that keywords are valid...and check the value foreach my $k (keys %locals) { + $locals{$k} = $passwords{$k} if defined $passwords{$k}; if (!exists $variables{'merged'}{$k}) { warning("unrecognized keyword '%s' (ignored)", $k); delete $locals{$k}; @@ -969,6 +978,7 @@ sub _read_config { $config{$h}{'host'} = $h; } } + %passwords = (); } close(FD); |