From 3e47f58b1a0d6b17fa4269df239daec24090939c Mon Sep 17 00:00:00 2001
From: Eric Garver <eric@garver.life>
Date: Wed, 6 Jan 2021 14:34:06 -0500
Subject: [PATCH] Revert "fix(rich): non-printable characters removed from rich
 rules"

---
 ...non-printable-characters-removed-fro.patch | 105 ++++++++++++++++++
 firewalld.spec                                |   6 +-
 2 files changed, 110 insertions(+), 1 deletion(-)
 create mode 100644 0001-Revert-fix-rich-non-printable-characters-removed-fro.patch

diff --git a/0001-Revert-fix-rich-non-printable-characters-removed-fro.patch b/0001-Revert-fix-rich-non-printable-characters-removed-fro.patch
new file mode 100644
index 0000000..eb79186
--- /dev/null
+++ b/0001-Revert-fix-rich-non-printable-characters-removed-fro.patch
@@ -0,0 +1,105 @@
+From b03f875d6d654d6e7c47d314283a12e85f4239b8 Mon Sep 17 00:00:00 2001
+From: Eric Garver <eric@garver.life>
+Date: Wed, 6 Jan 2021 14:30:17 -0500
+Subject: [PATCH] Revert "fix(rich): non-printable characters removed from rich
+ rules"
+
+This reverts commit 9f597467e76888d895303ce7ccc094b7f05eb1b6.
+---
+ src/firewall/core/rich.py           |  2 --
+ src/firewall/functions.py           | 10 +---------
+ src/tests/regression/regression.at  |  1 -
+ src/tests/regression/rhbz1596304.at | 24 ------------------------
+ 4 files changed, 1 insertion(+), 36 deletions(-)
+ delete mode 100644 src/tests/regression/rhbz1596304.at
+
+diff --git a/src/firewall/core/rich.py b/src/firewall/core/rich.py
+index 03bc194c2b28..86c0c998a478 100644
+--- a/src/firewall/core/rich.py
++++ b/src/firewall/core/rich.py
+@@ -307,8 +307,6 @@ class Rich_Rule(object):
+         if not rule_str:
+             raise FirewallError(errors.INVALID_RULE, 'empty rule')
+ 
+-        rule_str = functions.stripNonPrintableCharacters(rule_str)
+-
+         self.priority = 0
+         self.family = None
+         self.source = None
+diff --git a/src/firewall/functions.py b/src/firewall/functions.py
+index add2a497e2c8..de4e2442c4d8 100644
+--- a/src/firewall/functions.py
++++ b/src/firewall/functions.py
+@@ -27,8 +27,7 @@ __all__ = [ "PY2", "getPortID", "getPortRange", "portStr", "getServiceName",
+             "check_single_address", "check_mac", "uniqify", "ppid_of_pid",
+             "max_zone_name_len", "checkUser", "checkUid", "checkCommand",
+             "checkContext", "joinArgs", "splitArgs",
+-            "b2u", "u2b", "u2b_if_py2", "max_policy_name_len",
+-            "stripNonPrintableCharacters"]
++            "b2u", "u2b", "u2b_if_py2", "max_policy_name_len"]
+ 
+ import socket
+ import os
+@@ -43,10 +42,6 @@ from firewall.config import FIREWALLD_TEMPDIR, FIREWALLD_PIDFILE
+ 
+ PY2 = sys.version < '3'
+ 
+-NOPRINT_TRANS_TABLE = {
+-    i: None for i in range(0, sys.maxunicode + 1) if not chr(i).isprintable()
+-}
+-
+ def getPortID(port):
+     """ Check and Get port id from port string or port id using socket.getservbyname
+ 
+@@ -316,9 +311,6 @@ def checkIPnMask(ip):
+                 return False
+     return True
+ 
+-def stripNonPrintableCharacters(rule_str):
+-    return rule_str.translate(NOPRINT_TRANS_TABLE)
+-
+ def checkIP6nMask(ip):
+     if "/" in ip:
+         addr = ip[:ip.index("/")]
+diff --git a/src/tests/regression/regression.at b/src/tests/regression/regression.at
+index dcd4f6df84ef..d619cc8ab9db 100644
+--- a/src/tests/regression/regression.at
++++ b/src/tests/regression/regression.at
+@@ -36,4 +36,3 @@ m4_include([regression/rhbz1483921.at])
+ m4_include([regression/rhbz1541077.at])
+ m4_include([regression/rhbz1855140.at])
+ m4_include([regression/rhbz1871298.at])
+-m4_include([regression/rhbz1596304.at])
+diff --git a/src/tests/regression/rhbz1596304.at b/src/tests/regression/rhbz1596304.at
+deleted file mode 100644
+index c20706c5a49a..000000000000
+--- a/src/tests/regression/rhbz1596304.at
++++ /dev/null
+@@ -1,24 +0,0 @@
+-FWD_START_TEST([rich rules strip non-printable characters])
+-AT_KEYWORDS(rich rhbz1596304)
+-
+-dnl source address contains a tab character
+-FWD_CHECK([--permanent --zone=public --add-rich-rule 'rule family="ipv4" source address="104.243.250.0/22	" port port=80 protocol=tcp accept'],0,ignore)
+-FWD_RELOAD
+-FWD_CHECK([--list-all | TRIM_WHITESPACE], 0, [m4_strip([dnl
+-        public
+-        target: default
+-        icmp-block-inversion: no
+-        interfaces:
+-        sources:
+-        services: dhcpv6-client ssh
+-        ports:
+-        protocols:
+-        forward: no
+-        masquerade: no
+-        forward-ports:
+-        source-ports:
+-        icmp-blocks:
+-        rich rules:
+-	rule family="ipv4" source address="104.243.250.0/22" port port="80" protocol="tcp" accept
+-    ])])
+-FWD_END_TEST
+-- 
+2.28.0
+
diff --git a/firewalld.spec b/firewalld.spec
index 1c3e074..c80ddb7 100644
--- a/firewalld.spec
+++ b/firewalld.spec
@@ -1,13 +1,14 @@
 Summary: A firewall daemon with D-Bus interface providing a dynamic firewall
 Name: firewalld
 Version: 0.9.2
-Release: 1%{?dist}
+Release: 2%{?dist}
 URL:     http://www.firewalld.org
 License: GPLv2+
 Source0: https://github.com/firewalld/firewalld/releases/download/v%{version}/firewalld-%{version}.tar.gz
 Source1: FedoraServer.xml
 Source2: FedoraWorkstation.xml
 Patch0: firewalld-0.2.6-MDNS-default.patch
+Patch1: 0001-Revert-fix-rich-non-printable-characters-removed-fro.patch
 BuildArch: noarch
 BuildRequires: autoconf
 BuildRequires: automake
@@ -278,6 +279,9 @@ fi
 %{_mandir}/man1/firewall-config*.1*
 
 %changelog
+* Wed Jan 06 2021 Eric Garver <eric@garver.life> - 0.9.2-2
+- Revert "fix(rich): non-printable characters removed from rich rules"
+
 * Tue Jan 05 2021 Eric Garver <eric@garver.life> - 0.9.2-1
 - rebase package to v0.9.2