strip trailing whitespace from config values, closes #288

2018-10-24 23:40:13 -04:00 · 2018-10-24 23:40:13 -04:00 · bacd054b13
commit bacd054b13
parent 7ac347fbdd
7 changed files with 54 additions and 0 deletions
--- a/client/config_init.c
+++ b/client/config_init.c
@ -576,6 +576,10 @@ is_rc_param(const char *line, rc_file_param_t *param)
    var[MAX_LINE_LEN-1] = 0x0;
    val[MAX_LINE_LEN-1] = 0x0;

+    /* Remove any trailing whitespace from the value
+    */
+    chop_whitespace(val);
+
    /* Copy back the val and var in the structure */
    strlcpy(param->name, var, sizeof(param->name));
    strlcpy(param->val, val, sizeof(param->val));
--- a/common/fko_util.c
+++ b/common/fko_util.c
@ -562,6 +562,24 @@ strtol_wrapper(const char * const str, const int min,
    return val;
 }

+/* Chop whitespace off the end of a string (must be NULL-terminated)
+*/
+void
+chop_whitespace(char *str)
+{
+    int i;
+    for (i=strlen(str)-1; i > 0; i--)
+    {
+        if (! isspace(str[i]))
+        {
+            if (i < strlen(str)-1)
+                str[i+1] = 0x0;
+            break;
+        }
+    }
+    return;
+}
+
 /* zero out a buffer before free()
 */
 int zero_free(char *buf, int len)
--- a/common/fko_util.h
+++ b/common/fko_util.h
@ -53,6 +53,7 @@ short   digest_inttostr(int digest, char* digest_str, size_t digest_size);
 short   hmac_digest_strtoint(const char *dt_str);
 short   hmac_digest_inttostr(int digest, char* digest_str, size_t digest_size);
 int     constant_runtime_cmp(const char *a, const char *b, int len);
+void    chop_whitespace(char *buf);
 int     zero_free(char *buf, int len);
 int     zero_buf(char *buf, int len);

--- a/server/access.c
+++ b/server/access.c
@ -1560,6 +1560,10 @@ parse_access_file(fko_srv_options_t *opts, char *access_filename, int *depth)
        var[MAX_LINE_LEN-1] = 0x0;
        val[MAX_LINE_LEN-1] = 0x0;

+        /* Remove any trailing whitespace from the value
+        */
+        chop_whitespace(val);
+
        if (opts->verbose > 3)
            log_msg(LOG_DEBUG,
                "ACCESS FILE: %s, LINE: %s\tVar: %s, Val: '%s'",
--- a/server/config_init.c
+++ b/server/config_init.c
@ -332,6 +332,9 @@ parse_config_file(fko_srv_options_t *opts, const char *config_file)
            );
            continue;
        }
+        /* Remove any trailing whitespace from the value
+        */
+        chop_whitespace(val);

        good_ent = 0;
        for(i=0; i<NUMBER_OF_CONFIG_ENTRIES; i++)
--- a/test/test-fwknop.pl
+++ b/test/test-fwknop.pl
@ -272,6 +272,7 @@ my $enable_perl_module_checks = 0;
 my $enable_perl_module_fuzzing_spa_pkt_generation = 0;
 my $enable_python_module_checks = 0;
 my $enable_openssl_compatibility_tests = 0;
+my $disable_openssl_compatibility_tests = 0;
 my $enable_cunit_tests = 0;
 my $openssl_success_ctr = 0;
 my $openssl_failure_ctr = 0;
@ -383,6 +384,7 @@ exit 1 unless GetOptions(
    'enable-distcheck'  => \$enable_make_distcheck,
    'enable-dist-check' => \$enable_make_distcheck,  ### synonym
    'enable-openssl-checks' => \$enable_openssl_compatibility_tests,
+    'disable-openssl-checks' => \$disable_openssl_compatibility_tests,
    'enable-cunit' => \$enable_cunit_tests,
    'gdb-test=s'        => \$gdb_test_file,
    'List-mode'         => \$list_mode,
@ -744,6 +746,9 @@ unless (-d $output_dir) {
    mkdir $output_dir or die "[*] Could not mkdir $output_dir: $!";
 }

+### allow OpenSSL tests to be disabled even when --enable-all is set
+$enable_openssl_compatibility_tests = 0 if $disable_openssl_compatibility_tests;
+
 ### create an anonymized tar file of test suite results that can be
 ### emailed around to assist in debugging fwknop communications
 exit &anonymize_results() if $anonymize_results;
@ -8655,6 +8660,7 @@ sub usage() {
                                         $fuzzing_pkts_file
    --enable-openssl-checks            - Enable tests to verify that Rijndael
                                         cipher usage is compatible with openssl.
+    --disable-openssl-checks           - Disable OpenSSL verification tests.
    --gdb-test <test file>             - Run the same command a previous test suite
                                         execution through gdb by specifying the
                                         output/ test file.
--- a/test/tests/basic_operations.pl
+++ b/test/tests/basic_operations.pl
@ -1047,6 +1047,24 @@
        'positive_output_matches' => [qr/skipping stanza/],
        'negative_output_matches' => [qr/Could not find valid SOURCE stanza/],
    },
+
+    {
+        'category' => 'basic operations',
+        'subcategory' => 'server',
+        'detail'   => 'source trailing chars',
+        'function' => \&server_conf_files,
+        'fwknopd_cmdline' => "$server_rewrite_conf_files --exit-parse-config",
+        'exec_err' => $YES,
+        'server_access_file' => [
+            'SOURCE     192.168.10.1      #test',
+            'KEY        testtest'
+        ],
+        'server_conf_file' => [
+            '### comment'
+        ],
+        'positive_output_matches' => [qr/Setting gid/],
+    },
+
    {
        'category' => 'basic operations',
        'subcategory' => 'server',