Added escapespecialcharacters to format.lua to escape shell special characters. Reviewed all calls to io.popen and os.execute to escape special characters. Fixed file uploads in openssl and ipsectools with viewfunctions.lua. Tried to fix openssl renew when subject contains special characters, but not done yet.

git-svn-id: svn://svn.alpinelinux.org/acf/ipsec-tools/trunk@1687 ab2d0c66-481e-0410-8bed-d214d4d58bed

1 files changed, 30 insertions, 16 deletions

diff --git a/ipsectools-model.lua b/ipsectools-model.lua
index 433a261..79cadbc 100644
--- a/ipsectools-model.lua
+++ b/ipsectools-model.lua
@@ -4,6 +4,7 @@ module(..., package.seeall)
 require("modelfunctions")
 require("fs")
 require("format")
+require("validator")
 
 -- Set variables
 local configfile = "/etc/racoon/racoon.conf"
@@ -33,9 +34,10 @@ local descr = {
 -- ################################################################################
 -- LOCAL FUNCTIONS
 
+-- Make sure to escape special characters before calling this function
 local function ip_xfrm(mode)
 	local cmd_output_result
-	local cmd = "/bin/ip xfrm " .. mode .. " 2>/dev/null"
+	local cmd = "/bin/ip xfrm " .. (mode or "") .. " 2>/dev/null"
 	local f = io.popen( cmd )
 	local cmd_output_result = f:read("*a")
 	f:close()
@@ -45,8 +47,8 @@ end
 local function phase2details(dst)
 	local output = {}
 	dst = string.match(dst,"^(.*)%.")	-- Removes the portnumber
-	table.insert(output, {label="Outgoing", value=ip_xfrm("state list src ".. dst .. " | grep '^src'")})
-	table.insert(output, {label="Incoming", value=ip_xfrm("state list dst ".. dst .. " | grep '^src'")})
+	table.insert(output, {label="Outgoing", value=ip_xfrm("state list src ".. format.escapespecialcharacters(dst) .. " | grep '^src'")})
+	table.insert(output, {label="Incoming", value=ip_xfrm("state list dst ".. format.escapespecialcharacters(dst) .. " | grep '^src'")})
 	return output
 end
 
@@ -183,19 +185,25 @@ function upload_cert(newcert)
 	-- Trying to upload a cert/key
 	-- The way haserl works, cert contains the temporary file name
 	-- First, get the cert
-	local cmd = path .. "openssl pkcs12 -in "..newcert.value.cert.value.." -out "..newcert.value.cert.value.."cert.pem -password pass:"..newcert.value.password.value.." -nokeys -clcerts 2>&1"
-	local f = io.popen(cmd)
-	local cmdresult = f:read("*a")
-	f:close()
-	local filestats = posix.stat(newcert.value.cert.value.."cert.pem")
-	if not filestats or filestats.size == 0 then
-		newcert.value.cert.errtxt = "Could not open certificate\n"..cmdresult
+	local cmd, f, cmdresult
+	if validator.is_valid_filename(newcert.value.cert.value, "/tmp/") and fs.is_file(newcert.value.cert.value) then
+		cmd = path .. "openssl pkcs12 -in "..format.escapespecialcharacters(newcert.value.cert.value).." -out "..format.escapespecialcharacters(newcert.value.cert.value).."cert.pem -password pass:"..format.escapespecialcharacters(newcert.value.password.value).." -nokeys -clcerts 2>&1"
+		f = io.popen(cmd)
+		cmdresult = f:read("*a")
+		f:close()
+		local filestats = posix.stat(newcert.value.cert.value.."cert.pem")
+		if not filestats or filestats.size == 0 then
+			newcert.value.cert.errtxt = "Could not open certificate\n"..cmdresult
+			success = false
+		end
+	else
+		newcert.value.cert.errtxt = "Invalid certificate"
 		success = false
 	end
 
 	-- Now, get the key and the ca certs
 	if success then
-		cmd = path .. "openssl pkcs12 -in "..newcert.value.cert.value.." -out "..newcert.value.cert.value.."key.pem -password pass:"..newcert.value.password.value.." -nocerts -nodes 2>&1"
+		cmd = path .. "openssl pkcs12 -in "..format.escapespecialcharacters(newcert.value.cert.value).." -out "..format.escapespecialcharacters(newcert.value.cert.value).."key.pem -password pass:"..format.escapespecialcharacters(newcert.value.password.value).." -nocerts -nodes 2>&1"
 		f = io.popen(cmd)
 		cmdresult = f:read("*a")
 		f:close()
@@ -205,7 +213,7 @@ function upload_cert(newcert)
 			success = false
 		end
 
-		cmd = path .. "openssl pkcs12 -in "..newcert.value.cert.value.." -out "..newcert.value.cert.value.."ca.pem -password pass:"..newcert.value.password.value.." -nokeys -cacerts 2>&1"
+		cmd = path .. "openssl pkcs12 -in "..format.escapespecialcharacters(newcert.value.cert.value).." -out "..format.escapespecialcharacters(newcert.value.cert.value).."ca.pem -password pass:"..format.escapespecialcharacters(newcert.value.password.value).." -nokeys -cacerts 2>&1"
 		f = io.popen(cmd)
 		cmdresult = f:read("*a")
 		f:close()
@@ -238,9 +246,15 @@ function upload_cert(newcert)
 	end
 
 	-- Delete the temporary files
-	cmd = "rm "..newcert.value.cert.value.."*"
-	f = io.popen(cmd)
-	f:close()
+	if validator.is_valid_filename(newcert.value.cert.value, "/tmp/") and fs.is_file(newcert.value.cert.value) then
+		cmd = "rm "..format.escapespecialcharacters(newcert.value.cert.value)
+		f = io.popen(cmd.."cert.pem")
+		f:close()
+		f = io.popen(cmd.."key.pem")
+		f:close()
+		f = io.popen(cmd.."ca.pem")
+		f:close()
+	end
 
 	return newcert
 end
@@ -250,7 +264,7 @@ view_cert = function(certname)
 	local cmdresult = "Invalid cert name"
 	for i,cert in ipairs(list.value) do
 		if cert == certname then
-			local cmd = path .. "openssl x509 -in "..baseurl..certname.." -noout -text"
+			local cmd = path .. "openssl x509 -in "..baseurl..format.escapespecialcharacters(certname).." -noout -text"
 			local f = io.popen(cmd)
 			cmdresult = f:read("*a")
 			f:close()