[Dbconfig-common-changes] [dbconfig-common] r365 - in trunk: .
debian dpkg internal
Sean Finney
seanius at alioth.debian.org
Sun Jan 21 19:40:58 CET 2007
Author: seanius
Date: 2007-01-21 19:40:58 +0100 (Sun, 21 Jan 2007)
New Revision: 365
Modified:
trunk/dbconfig-generate-include
trunk/debian/changelog
trunk/dpkg/common
trunk/internal/mysql
trunk/internal/pgsql
Log:
another round of quoting/escaping related changes
Modified: trunk/dbconfig-generate-include
===================================================================
--- trunk/dbconfig-generate-include 2007-01-21 13:16:36 UTC (rev 364)
+++ trunk/dbconfig-generate-include 2007-01-21 18:40:58 UTC (rev 365)
@@ -68,19 +68,27 @@
}
sed_rhs_escape(){
- local str rhsfile
- str=$@
- rhsfile=`mktemp -t dbconfig-generate-include.sedrhs.XXXXXX`
- if [ ! -f "$rhsfile" ]; then
- echo "unable to create temporary file $rhsfile" >&2
- exit 1
- fi
+ sed -e 's/\\/\\&/g' -e 's/&/\\&/g' -e 's,/,\\&,g' << EOF
+$@
+EOF
+}
- sed -e 's/\\/\\&/g' -e 's/&/\\&/g' -e 's,/,\\&,g' < $rhsfile
- rm -f $rhsfile
+sh_sq_escape(){
+ sed -e "s,','\\\\'',g" << EOF
+$@
+EOF
}
+php_sq_escape(){
+ sed -e 's/\\/\\&/g' -e "s,',' . \"'\" . ',g" << EOF
+$@
+EOF
+}
+perl_sq_escape(){
+ php_sq_escape $@
+}
+
TEMP=`getopt -o af:hb::d::m:o:p::u::s::t::C::O:P::Uv --long help,dbuser::,dbname::,dbpass::,dbport::,dbserver::,dbtype::,basepath::,output:,format:,options:,comment::,owner:,mode:,ucf,version -n $0 -- "$@"`
if [ $? != 0 ] ; then usage >&2 ; exit 1 ; fi
@@ -269,13 +277,13 @@
##
EOF
- [ "$use_dbuser" ] && echo "${comment_dbuser}$dbuser_varname='$dbc_dbuser'"
- [ "$use_dbpass" ] && echo "${comment_dbpass}$dbpass_varname='$dbc_dbpass'"
- [ "$use_basepath" ] && echo "${comment_basepath}$basepath_varname='$dbc_basepath'"
- [ "$use_dbname" ] && echo "${comment_dbname}$dbname_varname='$dbc_dbname'"
- [ "$use_dbserver" ] && echo "${comment_dbserver}$dbserver_varname='$dbc_dbserver'"
- [ "$use_dbport" ] && echo "${comment_dbport}$dbport_varname='$dbc_dbport'"
- [ "$use_dbtype" ] && echo "${comment_dbtype}$dbtype_varname='$dbc_dbtype'"
+ [ "$use_dbuser" ] && echo "${comment_dbuser}$dbuser_varname='`sh_sq_escape $dbc_dbuser`'"
+ [ "$use_dbpass" ] && echo "${comment_dbpass}$dbpass_varname='`sh_sq_escape $dbc_dbpass`'"
+ [ "$use_basepath" ] && echo "${comment_basepath}$basepath_varname='`sh_sq_escape $dbc_basepath`'"
+ [ "$use_dbname" ] && echo "${comment_dbname}$dbname_varname='`sh_sq_escape $dbc_dbname`'"
+ [ "$use_dbserver" ] && echo "${comment_dbserver}$dbserver_varname='`sh_sq_escape $dbc_dbserver`'"
+ [ "$use_dbport" ] && echo "${comment_dbport}$dbport_varname='`sh_sq_escape $dbc_dbport`'"
+ [ "$use_dbtype" ] && echo "${comment_dbtype}$dbtype_varname='`sh_sq_escape $dbc_dbtype`'"
;;
php)
@@ -293,13 +301,13 @@
## above too.
##
EOF
- [ "$use_dbuser" ] && echo "${comment_dbuser}\$$dbuser_varname='$dbc_dbuser';"
- [ "$use_dbpass" ] && echo "${comment_dbpass}\$$dbpass_varname='$dbc_dbpass';"
- [ "$use_basepath" ] && echo "${comment_basepath}\$$basepath_varname='$dbc_basepath';"
- [ "$use_dbname" ] && echo "${comment_dbname}\$$dbname_varname='$dbc_dbname';"
- [ "$use_dbserver" ] && echo "${comment_dbserver}\$$dbserver_varname='$dbc_dbserver';"
- [ "$use_dbport" ] && echo "${comment_dbport}\$$dbport_varname='$dbc_dbport';"
- [ "$use_dbtype" ] && echo "${comment_dbtype}\$$dbtype_varname='$dbc_dbtype';"
+ [ "$use_dbuser" ] && echo "${comment_dbuser}\$$dbuser_varname='`php_sq_escape $dbc_dbuser`';"
+ [ "$use_dbpass" ] && echo "${comment_dbpass}\$$dbpass_varname='`php_sq_escape $dbc_dbpass`';"
+ [ "$use_basepath" ] && echo "${comment_basepath}\$$basepath_varname='`php_sq_escape $dbc_basepath`';"
+ [ "$use_dbname" ] && echo "${comment_dbname}\$$dbname_varname='`php_sq_escape $dbc_dbname`';"
+ [ "$use_dbserver" ] && echo "${comment_dbserver}\$$dbserver_varname='`php_sq_escape $dbc_dbserver`';"
+ [ "$use_dbport" ] && echo "${comment_dbport}\$$dbport_varname='`php_sq_escape $dbc_dbport`';"
+ [ "$use_dbtype" ] && echo "${comment_dbtype}\$$dbtype_varname='`php_sq_escape $dbc_dbtype`';"
cat << EOF
EOF
;;
@@ -318,13 +326,13 @@
## above too.
##
EOF
- [ "$use_dbuser" ] && echo "${comment_dbuser}our \$$dbuser_varname='$dbc_dbuser';"
- [ "$use_dbpass" ] && echo "${comment_dbpass}our \$$dbpass_varname='$dbc_dbpass';"
- [ "$use_basepath" ] && echo "${comment_basepath}our \$$basepath_varname='$dbc_basepath';"
- [ "$use_dbname" ] && echo "${comment_dbname}our \$$dbname_varname='$dbc_dbname';"
- [ "$use_dbserver" ] && echo "${comment_dbserver}our \$$dbserver_varname='$dbc_dbserver';"
- [ "$use_dbport" ] && echo "${comment_dbport}our \$$dbport_varname='$dbc_dbport';"
- [ "$use_dbtype" ] && echo "${comment_dbtype}our \$$dbtype_varname='$dbc_dbtype';"
+ [ "$use_dbuser" ] && echo "${comment_dbuser}our \$$dbuser_varname='`perl_sq_escape $dbc_dbuser`';"
+ [ "$use_dbpass" ] && echo "${comment_dbpass}our \$$dbpass_varname='`perl_sq_escape $dbc_dbpass`';"
+ [ "$use_basepath" ] && echo "${comment_basepath}our \$$basepath_varname='`perl_sq_escape $dbc_basepath`';"
+ [ "$use_dbname" ] && echo "${comment_dbname}our \$$dbname_varname='`perl_sq_escape $dbc_dbname`';"
+ [ "$use_dbserver" ] && echo "${comment_dbserver}our \$$dbserver_varname='`perl_sq_escape $dbc_dbserver`';"
+ [ "$use_dbport" ] && echo "${comment_dbport}our \$$dbport_varname='`perl_sq_escape $dbc_dbport`';"
+ [ "$use_dbtype" ] && echo "${comment_dbtype}our \$$dbtype_varname='`perl_sq_escape $dbc_dbtype`';"
cat << EOF
1;
EOF
Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog 2007-01-21 13:16:36 UTC (rev 364)
+++ trunk/debian/changelog 2007-01-21 18:40:58 UTC (rev 365)
@@ -1,14 +1,17 @@
dbconfig-common (1.8.30) UNRELEASED; urgency=low
* NOT RELEASED YET
- * remove some "-a" and "-o" bashisms while i'm thinking about it.
+ * remove some "-a" and "-o" bashisms.
* dbconfig-load-include now returns the exit status of the "exec"
format (where the output is based on running a script), if appropriate.
thanks to Matt Brown for the patch (closes: #397089).
- * escape SQL-sensitive characters (' and \) in passwords for user creation
- SQL snippits.
- * escape shell/sed sensitive character sequences (', /, \) that are
- used in dbconfig-generate-include (closes: #405598).
+ * single-quote settings in /etc/dbconfig-common/package.conf instead
+ of double-quoting them, and make sure any single quotes in the
+ settings are properly escaped when written.
+ * escape SQL-sensitive character sequences in passwords for user
+ creation SQL snippits.
+ * escape shell/sed sensitive character sequences that are used in
+ dbconfig-generate-include (closes: #405598).
* another dpkg order-of-operations corner case: if unpacked but not
(pre-)configured, our debconf templates aren't registered yet, so
if some dependant package tries to use us in such a state (i.e. its
Modified: trunk/dpkg/common
===================================================================
--- trunk/dpkg/common 2007-01-21 13:16:36 UTC (rev 364)
+++ trunk/dpkg/common 2007-01-21 18:40:58 UTC (rev 365)
@@ -170,12 +170,12 @@
# dbc_remember_admin_pass: should we cache administrative passwords?
# set to "true" to keep admin passwords cached in debconf
-dbc_remember_admin_pass="$dbc_remember_admin_pass"
+dbc_remember_admin_pass='$dbc_remember_admin_pass'
# dbc_remote_questions_default: will we be likely to install on remote servers?
# set to "true" to raise the priority of debconf questions related to
# database installation on remote servers (for database types that support this)
-dbc_remote_questions_default="$dbc_remote_questions_default"
+dbc_remote_questions_default='$dbc_remote_questions_default'
EOF
}
@@ -424,54 +424,54 @@
# dbc_install: configure database with dbconfig-common?
# set to anything but "true" to opt out of assistance
-dbc_install="$dbc_install"
+dbc_install='`dbc_sq_escape $dbc_install`'
# dbc_upgrade: upgrade database with dbconfig-common?
# set to anything but "true" to opt out of assistance
-dbc_upgrade="$dbc_upgrade"
+dbc_upgrade='`dbc_sq_escape $dbc_upgrade`'
# dbc_remove: deconfigure database with dbconfig-common?
# set to anything but "true" to opt out of assistance
-dbc_remove="$dbc_remove"
+dbc_remove='`dbc_sq_escape $dbc_remove`'
# dbc_dbtype: type of underlying database to use
# this exists primarily to let dbconfig-common know what database
# type to use when a package supports multiple database types.
# don't change this value unless you know for certain that this
# package supports multiple database types
-dbc_dbtype="$dbc_dbtype"
+dbc_dbtype='`dbc_sq_escape $dbc_dbtype`'
# dbc_dbuser: database user
# the name of the user who we will use to connect to the database.
-dbc_dbuser="$dbc_dbuser"
+dbc_dbuser='`dbc_sq_escape $dbc_dbuser`'
# dbc_dbpass: database user password
# the password to use with the above username when connecting
# to a database, if one is required
-dbc_dbpass="$dbc_dbpass"
+dbc_dbpass='`dbc_sq_escape $dbc_dbpass`'
# dbc_dbserver: database host.
# leave unset to use localhost (or a more efficient local method
# if it exists).
-dbc_dbserver="$dbc_dbserver"
+dbc_dbserver='`dbc_sq_escape $dbc_dbserver`'
# dbc_dbport: remote database port
# leave unset to use the default. only applicable if you are
# using a remote database.
-dbc_dbport="$dbc_dbport"
+dbc_dbport='`dbc_sq_escape $dbc_dbport`'
# dbc_dbname: name of database
# this is the name of your application's database.
-dbc_dbname="$dbc_dbname"
+dbc_dbname='`dbc_sq_escape $dbc_dbname`'
# dbc_dbadmin: name of the administrative user
# this is the administrative user that is used to create all of the above
-dbc_dbadmin="$dbc_dbadmin"
+dbc_dbadmin='`dbc_sq_escape $dbc_dbadmin`'
# dbc_basepath: base directory to hold database files
# leave unset to use the default. only applicable if you are
# using a local (filesystem based) database.
-dbc_basepath="$dbc_basepath"
+dbc_basepath='`dbc_sq_escape $dbc_basepath`'
##
## postgresql specific settings. if you don't use postgresql,
@@ -480,14 +480,14 @@
# dbc_ssl: should we require ssl?
# set to "true" to require that connections use ssl
-dbc_ssl="$dbc_ssl"
+dbc_ssl='`dbc_sq_escape $dbc_ssl`'
# dbc_authmethod_admin: authentication method for admin
# dbc_authmethod_user: authentication method for dbuser
# see the section titled "AUTHENTICATION METHODS" in
# /usr/share/doc/dbconfig-common/README.pgsql for more info
-dbc_authmethod_admin="$dbc_authmethod_admin"
-dbc_authmethod_user="$dbc_authmethod_user"
+dbc_authmethod_admin='`dbc_sq_escape $dbc_authmethod_admin`'
+dbc_authmethod_user='`dbc_sq_escape $dbc_authmethod_user`'
##
## end postgresql specific settings
@@ -859,3 +859,15 @@
db_subst $dbc_package/database-type database_types $dbc_dbtypes
fi
}
+
+###
+### dbc_sq_escape: escape any single quotes present in a string
+###
+### this will safely escape a string which is to be stored inside
+### single quotes. that is as'df -> as'\''df
+###
+dbc_sq_escape(){
+ sed -e "s,','\\\\'',g" << EOF
+$@
+EOF
+}
Modified: trunk/internal/mysql
===================================================================
--- trunk/internal/mysql 2007-01-21 13:16:36 UTC (rev 364)
+++ trunk/internal/mysql 2007-01-21 18:40:58 UTC (rev 365)
@@ -360,10 +360,8 @@
## dbc_mysql_escape_str: properly escape strings passed to mysql queries
##
dbc_mysql_escape_str(){
- local str
- str=$1
- cat << EOF | sed -e 's,\\,\\&,g' -e "s,',\\\\&,g"
-$str
+ sed -e 's,\\,\\&,g' -e "s,',\\\\&,g" << EOF
+$1
EOF
}
Modified: trunk/internal/pgsql
===================================================================
--- trunk/internal/pgsql 2007-01-21 13:16:36 UTC (rev 364)
+++ trunk/internal/pgsql 2007-01-21 18:40:58 UTC (rev 365)
@@ -460,9 +460,7 @@
## dbc_pgsql_escape_str: properly escape strings passed to pgsql queries
##
dbc_pgsql_escape_str(){
- local str
- str=$1
- cat << EOF | sed -e 's,\\,\\&,g' -e "s,',\\\\&,g"
-$str
+ sed -e 's,\\,\\&,g' -e "s,',\\\\&,g" << EOF
+$1
EOF
}
More information about the Dbconfig-common-changes
mailing list