Revert "fix(rich): non-printable characters removed from rich rules"
This commit is contained in:
		
							parent
							
								
									d689baa262
								
							
						
					
					
						commit
						3e47f58b1a
					
				
							
								
								
									
										105
									
								
								0001-Revert-fix-rich-non-printable-characters-removed-fro.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										105
									
								
								0001-Revert-fix-rich-non-printable-characters-removed-fro.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,105 @@ | |||||||
|  | From b03f875d6d654d6e7c47d314283a12e85f4239b8 Mon Sep 17 00:00:00 2001 | ||||||
|  | From: Eric Garver <eric@garver.life> | ||||||
|  | Date: Wed, 6 Jan 2021 14:30:17 -0500 | ||||||
|  | Subject: [PATCH] Revert "fix(rich): non-printable characters removed from rich | ||||||
|  |  rules" | ||||||
|  | 
 | ||||||
|  | This reverts commit 9f597467e76888d895303ce7ccc094b7f05eb1b6. | ||||||
|  | ---
 | ||||||
|  |  src/firewall/core/rich.py           |  2 -- | ||||||
|  |  src/firewall/functions.py           | 10 +--------- | ||||||
|  |  src/tests/regression/regression.at  |  1 - | ||||||
|  |  src/tests/regression/rhbz1596304.at | 24 ------------------------ | ||||||
|  |  4 files changed, 1 insertion(+), 36 deletions(-) | ||||||
|  |  delete mode 100644 src/tests/regression/rhbz1596304.at | ||||||
|  | 
 | ||||||
|  | diff --git a/src/firewall/core/rich.py b/src/firewall/core/rich.py
 | ||||||
|  | index 03bc194c2b28..86c0c998a478 100644
 | ||||||
|  | --- a/src/firewall/core/rich.py
 | ||||||
|  | +++ b/src/firewall/core/rich.py
 | ||||||
|  | @@ -307,8 +307,6 @@ class Rich_Rule(object):
 | ||||||
|  |          if not rule_str: | ||||||
|  |              raise FirewallError(errors.INVALID_RULE, 'empty rule') | ||||||
|  |   | ||||||
|  | -        rule_str = functions.stripNonPrintableCharacters(rule_str)
 | ||||||
|  | -
 | ||||||
|  |          self.priority = 0 | ||||||
|  |          self.family = None | ||||||
|  |          self.source = None | ||||||
|  | diff --git a/src/firewall/functions.py b/src/firewall/functions.py
 | ||||||
|  | index add2a497e2c8..de4e2442c4d8 100644
 | ||||||
|  | --- a/src/firewall/functions.py
 | ||||||
|  | +++ b/src/firewall/functions.py
 | ||||||
|  | @@ -27,8 +27,7 @@ __all__ = [ "PY2", "getPortID", "getPortRange", "portStr", "getServiceName",
 | ||||||
|  |              "check_single_address", "check_mac", "uniqify", "ppid_of_pid", | ||||||
|  |              "max_zone_name_len", "checkUser", "checkUid", "checkCommand", | ||||||
|  |              "checkContext", "joinArgs", "splitArgs", | ||||||
|  | -            "b2u", "u2b", "u2b_if_py2", "max_policy_name_len",
 | ||||||
|  | -            "stripNonPrintableCharacters"]
 | ||||||
|  | +            "b2u", "u2b", "u2b_if_py2", "max_policy_name_len"]
 | ||||||
|  |   | ||||||
|  |  import socket | ||||||
|  |  import os | ||||||
|  | @@ -43,10 +42,6 @@ from firewall.config import FIREWALLD_TEMPDIR, FIREWALLD_PIDFILE
 | ||||||
|  |   | ||||||
|  |  PY2 = sys.version < '3' | ||||||
|  |   | ||||||
|  | -NOPRINT_TRANS_TABLE = {
 | ||||||
|  | -    i: None for i in range(0, sys.maxunicode + 1) if not chr(i).isprintable()
 | ||||||
|  | -}
 | ||||||
|  | -
 | ||||||
|  |  def getPortID(port): | ||||||
|  |      """ Check and Get port id from port string or port id using socket.getservbyname | ||||||
|  |   | ||||||
|  | @@ -316,9 +311,6 @@ def checkIPnMask(ip):
 | ||||||
|  |                  return False | ||||||
|  |      return True | ||||||
|  |   | ||||||
|  | -def stripNonPrintableCharacters(rule_str):
 | ||||||
|  | -    return rule_str.translate(NOPRINT_TRANS_TABLE)
 | ||||||
|  | -
 | ||||||
|  |  def checkIP6nMask(ip): | ||||||
|  |      if "/" in ip: | ||||||
|  |          addr = ip[:ip.index("/")] | ||||||
|  | diff --git a/src/tests/regression/regression.at b/src/tests/regression/regression.at
 | ||||||
|  | index dcd4f6df84ef..d619cc8ab9db 100644
 | ||||||
|  | --- a/src/tests/regression/regression.at
 | ||||||
|  | +++ b/src/tests/regression/regression.at
 | ||||||
|  | @@ -36,4 +36,3 @@ m4_include([regression/rhbz1483921.at])
 | ||||||
|  |  m4_include([regression/rhbz1541077.at]) | ||||||
|  |  m4_include([regression/rhbz1855140.at]) | ||||||
|  |  m4_include([regression/rhbz1871298.at]) | ||||||
|  | -m4_include([regression/rhbz1596304.at])
 | ||||||
|  | diff --git a/src/tests/regression/rhbz1596304.at b/src/tests/regression/rhbz1596304.at
 | ||||||
|  | deleted file mode 100644 | ||||||
|  | index c20706c5a49a..000000000000
 | ||||||
|  | --- a/src/tests/regression/rhbz1596304.at
 | ||||||
|  | +++ /dev/null
 | ||||||
|  | @@ -1,24 +0,0 @@
 | ||||||
|  | -FWD_START_TEST([rich rules strip non-printable characters])
 | ||||||
|  | -AT_KEYWORDS(rich rhbz1596304)
 | ||||||
|  | -
 | ||||||
|  | -dnl source address contains a tab character
 | ||||||
|  | -FWD_CHECK([--permanent --zone=public --add-rich-rule 'rule family="ipv4" source address="104.243.250.0/22	" port port=80 protocol=tcp accept'],0,ignore)
 | ||||||
|  | -FWD_RELOAD
 | ||||||
|  | -FWD_CHECK([--list-all | TRIM_WHITESPACE], 0, [m4_strip([dnl
 | ||||||
|  | -        public
 | ||||||
|  | -        target: default
 | ||||||
|  | -        icmp-block-inversion: no
 | ||||||
|  | -        interfaces:
 | ||||||
|  | -        sources:
 | ||||||
|  | -        services: dhcpv6-client ssh
 | ||||||
|  | -        ports:
 | ||||||
|  | -        protocols:
 | ||||||
|  | -        forward: no
 | ||||||
|  | -        masquerade: no
 | ||||||
|  | -        forward-ports:
 | ||||||
|  | -        source-ports:
 | ||||||
|  | -        icmp-blocks:
 | ||||||
|  | -        rich rules:
 | ||||||
|  | -	rule family="ipv4" source address="104.243.250.0/22" port port="80" protocol="tcp" accept
 | ||||||
|  | -    ])])
 | ||||||
|  | -FWD_END_TEST
 | ||||||
|  | -- 
 | ||||||
|  | 2.28.0 | ||||||
|  | 
 | ||||||
| @ -1,13 +1,14 @@ | |||||||
| Summary: A firewall daemon with D-Bus interface providing a dynamic firewall | Summary: A firewall daemon with D-Bus interface providing a dynamic firewall | ||||||
| Name: firewalld | Name: firewalld | ||||||
| Version: 0.9.2 | Version: 0.9.2 | ||||||
| Release: 1%{?dist} | Release: 2%{?dist} | ||||||
| URL:     http://www.firewalld.org | URL:     http://www.firewalld.org | ||||||
| License: GPLv2+ | License: GPLv2+ | ||||||
| Source0: https://github.com/firewalld/firewalld/releases/download/v%{version}/firewalld-%{version}.tar.gz | Source0: https://github.com/firewalld/firewalld/releases/download/v%{version}/firewalld-%{version}.tar.gz | ||||||
| Source1: FedoraServer.xml | Source1: FedoraServer.xml | ||||||
| Source2: FedoraWorkstation.xml | Source2: FedoraWorkstation.xml | ||||||
| Patch0: firewalld-0.2.6-MDNS-default.patch | Patch0: firewalld-0.2.6-MDNS-default.patch | ||||||
|  | Patch1: 0001-Revert-fix-rich-non-printable-characters-removed-fro.patch | ||||||
| BuildArch: noarch | BuildArch: noarch | ||||||
| BuildRequires: autoconf | BuildRequires: autoconf | ||||||
| BuildRequires: automake | BuildRequires: automake | ||||||
| @ -278,6 +279,9 @@ fi | |||||||
| %{_mandir}/man1/firewall-config*.1* | %{_mandir}/man1/firewall-config*.1* | ||||||
| 
 | 
 | ||||||
| %changelog | %changelog | ||||||
|  | * Wed Jan 06 2021 Eric Garver <eric@garver.life> - 0.9.2-2 | ||||||
|  | - Revert "fix(rich): non-printable characters removed from rich rules" | ||||||
|  | 
 | ||||||
| * Tue Jan 05 2021 Eric Garver <eric@garver.life> - 0.9.2-1 | * Tue Jan 05 2021 Eric Garver <eric@garver.life> - 0.9.2-1 | ||||||
| - rebase package to v0.9.2 | - rebase package to v0.9.2 | ||||||
| 
 | 
 | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user