From b03f875d6d654d6e7c47d314283a12e85f4239b8 Mon Sep 17 00:00:00 2001 From: Eric Garver Date: Wed, 6 Jan 2021 14:30:17 -0500 Subject: [PATCH] Revert "fix(rich): non-printable characters removed from rich rules" This reverts commit 9f597467e76888d895303ce7ccc094b7f05eb1b6. --- src/firewall/core/rich.py | 2 -- src/firewall/functions.py | 10 +--------- src/tests/regression/regression.at | 1 - src/tests/regression/rhbz1596304.at | 24 ------------------------ 4 files changed, 1 insertion(+), 36 deletions(-) delete mode 100644 src/tests/regression/rhbz1596304.at diff --git a/src/firewall/core/rich.py b/src/firewall/core/rich.py index 03bc194c2b28..86c0c998a478 100644 --- a/src/firewall/core/rich.py +++ b/src/firewall/core/rich.py @@ -307,8 +307,6 @@ class Rich_Rule(object): if not rule_str: raise FirewallError(errors.INVALID_RULE, 'empty rule') - rule_str = functions.stripNonPrintableCharacters(rule_str) - self.priority = 0 self.family = None self.source = None diff --git a/src/firewall/functions.py b/src/firewall/functions.py index add2a497e2c8..de4e2442c4d8 100644 --- a/src/firewall/functions.py +++ b/src/firewall/functions.py @@ -27,8 +27,7 @@ __all__ = [ "PY2", "getPortID", "getPortRange", "portStr", "getServiceName", "check_single_address", "check_mac", "uniqify", "ppid_of_pid", "max_zone_name_len", "checkUser", "checkUid", "checkCommand", "checkContext", "joinArgs", "splitArgs", - "b2u", "u2b", "u2b_if_py2", "max_policy_name_len", - "stripNonPrintableCharacters"] + "b2u", "u2b", "u2b_if_py2", "max_policy_name_len"] import socket import os @@ -43,10 +42,6 @@ from firewall.config import FIREWALLD_TEMPDIR, FIREWALLD_PIDFILE PY2 = sys.version < '3' -NOPRINT_TRANS_TABLE = { - i: None for i in range(0, sys.maxunicode + 1) if not chr(i).isprintable() -} - def getPortID(port): """ Check and Get port id from port string or port id using socket.getservbyname @@ -316,9 +311,6 @@ def checkIPnMask(ip): return False return True -def stripNonPrintableCharacters(rule_str): - return rule_str.translate(NOPRINT_TRANS_TABLE) - def checkIP6nMask(ip): if "/" in ip: addr = ip[:ip.index("/")] diff --git a/src/tests/regression/regression.at b/src/tests/regression/regression.at index dcd4f6df84ef..d619cc8ab9db 100644 --- a/src/tests/regression/regression.at +++ b/src/tests/regression/regression.at @@ -36,4 +36,3 @@ m4_include([regression/rhbz1483921.at]) m4_include([regression/rhbz1541077.at]) m4_include([regression/rhbz1855140.at]) m4_include([regression/rhbz1871298.at]) -m4_include([regression/rhbz1596304.at]) diff --git a/src/tests/regression/rhbz1596304.at b/src/tests/regression/rhbz1596304.at deleted file mode 100644 index c20706c5a49a..000000000000 --- a/src/tests/regression/rhbz1596304.at +++ /dev/null @@ -1,24 +0,0 @@ -FWD_START_TEST([rich rules strip non-printable characters]) -AT_KEYWORDS(rich rhbz1596304) - -dnl source address contains a tab character -FWD_CHECK([--permanent --zone=public --add-rich-rule 'rule family="ipv4" source address="104.243.250.0/22 " port port=80 protocol=tcp accept'],0,ignore) -FWD_RELOAD -FWD_CHECK([--list-all | TRIM_WHITESPACE], 0, [m4_strip([dnl - public - target: default - icmp-block-inversion: no - interfaces: - sources: - services: dhcpv6-client ssh - ports: - protocols: - forward: no - masquerade: no - forward-ports: - source-ports: - icmp-blocks: - rich rules: - rule family="ipv4" source address="104.243.250.0/22" port port="80" protocol="tcp" accept - ])]) -FWD_END_TEST -- 2.28.0