diff --git a/callouts/tests/dispatcher-external b/callouts/tests/dispatcher-external index 8c9224146..a8c129c9e 100644 --- a/callouts/tests/dispatcher-external +++ b/callouts/tests/dispatcher-external @@ -14,7 +14,7 @@ path=/org/freedesktop/NetworkManager/Devices/0 [proxy] pac-url=http://networkmanager.com/proxy.pac -pac-script=path/to/script +pac-script="function FindProxyForURL (url, host) {}" [ip4] addresses=192.168.122.1/24 0.0.0.0 @@ -31,7 +31,7 @@ CONNECTION_EXTERNAL=1 DEVICE_IFACE=virbr0 DEVICE_IP_IFACE=virbr0 PROXY_PAC_URL=http://networkmanager.com/proxy.pac -PROXY_PAC_SCRIPT=path/to/script +PROXY_PAC_SCRIPT="function FindProxyForURL (url, host) {}" IP4_NUM_ADDRESSES=1 IP4_ADDRESS_0=192.168.122.1/24 0.0.0.0 IP4_GATEWAY=0.0.0.0 diff --git a/callouts/tests/dispatcher-up b/callouts/tests/dispatcher-up index 01d932a22..44eb9f7c2 100644 --- a/callouts/tests/dispatcher-up +++ b/callouts/tests/dispatcher-up @@ -27,7 +27,7 @@ expiry=1304300446 [proxy] pac-url=http://networkmanager.com/proxy.pac -pac-script=path/to/script +pac-script="function FindProxyForURL (url, host) {}" [ip4] addresses=192.168.1.119/24 192.168.1.1 @@ -43,7 +43,7 @@ CONNECTION_FILENAME=/callouts/tests/dispatcher-up DEVICE_IFACE=wlan0 DEVICE_IP_IFACE=wlan0 PROXY_PAC_URL=http://networkmanager.com/proxy.pac -PROXY_PAC_SCRIPT=path/to/script +PROXY_PAC_SCRIPT="function FindProxyForURL (url, host) {}" IP4_ADDRESS_0=192.168.1.119/24 192.168.1.1 IP4_NUM_ADDRESSES=1 IP4_NAMESERVERS=68.87.77.134 68.87.72.134 192.168.1.1 diff --git a/callouts/tests/dispatcher-vpn-down b/callouts/tests/dispatcher-vpn-down index 8215eb7a3..1de7e233a 100644 --- a/callouts/tests/dispatcher-vpn-down +++ b/callouts/tests/dispatcher-vpn-down @@ -27,7 +27,7 @@ expiry=1304349405 [proxy] pac-url=http://networkmanager.com/proxy.pac -pac-script=path/to/script +pac-script="function FindProxyForURL (url, host) {}" [ip4] addresses=192.168.1.119/24 192.168.1.1 @@ -43,7 +43,7 @@ CONNECTION_FILENAME=/callouts/tests/dispatcher-vpn-down DEVICE_IFACE=wlan0 DEVICE_IP_IFACE=tun0 PROXY_PAC_URL=http://networkmanager.com/proxy.pac -PROXY_PAC_SCRIPT=path/to/script +PROXY_PAC_SCRIPT="function FindProxyForURL (url, host) {}" IP4_ADDRESS_0=192.168.1.119/24 192.168.1.1 IP4_NUM_ADDRESSES=1 IP4_NAMESERVERS=68.87.77.134 68.87.72.134 192.168.1.1 diff --git a/callouts/tests/dispatcher-vpn-up b/callouts/tests/dispatcher-vpn-up index 6a89023e6..d16e58234 100644 --- a/callouts/tests/dispatcher-vpn-up +++ b/callouts/tests/dispatcher-vpn-up @@ -27,7 +27,7 @@ expiry=1304349405 [proxy] pac-url=http://networkmanager.com/proxy.pac -pac-script=path/to/script +pac-script="function FindProxyForURL (url, host) {}" [ip4] addresses=192.168.1.119/24 192.168.1.1 @@ -43,7 +43,7 @@ CONNECTION_FILENAME=/callouts/tests/dispatcher-vpn-up DEVICE_IFACE=wlan0 DEVICE_IP_IFACE=tun0 PROXY_PAC_URL=http://networkmanager.com/proxy.pac -PROXY_PAC_SCRIPT=path/to/script +PROXY_PAC_SCRIPT="function FindProxyForURL (url, host) {}" IP4_ADDRESS_0=192.168.1.119/24 192.168.1.1 IP4_NUM_ADDRESSES=1 IP4_NAMESERVERS=68.87.77.134 68.87.72.134 192.168.1.1 diff --git a/clients/cli/common.c b/clients/cli/common.c index efe41cc6e..d3c118e16 100644 --- a/clients/cli/common.c +++ b/clients/cli/common.c @@ -899,6 +899,50 @@ nmc_team_check_config (const char *config, char **out_config, GError **error) return TRUE; } +/* + * nmc_proxy_check_script: + * @script: file name with PAC script, or raw PAC Script data + * @out_script: raw PAC Script (with removed new-line characters) + * @error: location to store error, or %NULL + * + * Check PAC Script from @script parameter and return the checked/sanitized + * config in @out_script. + * + * Returns: %TRUE if the script is valid, %FALSE if it is invalid + */ +gboolean +nmc_proxy_check_script (const char *script, char **out_script, GError **error) +{ + char *contents = NULL; + size_t c_len = 0; + + *out_script = NULL; + + if (!script || strlen (script) == strspn (script, " \t")) + return TRUE; + + /* 'script' can be either a file name or raw PAC Script data */ + if (g_file_test (script, G_FILE_TEST_EXISTS)) + (void) g_file_get_contents (script, &contents, NULL, NULL); + else + contents = g_strdup (script); + + if (contents) { + g_strstrip (contents); + c_len = strlen (contents); + } + + /* Do a simple validity check */ + if (!contents || !contents[0] || c_len > 100000 || !strstr (contents, "FindProxyForURL")) { + g_set_error (error, NMCLI_ERROR, NMC_RESULT_ERROR_USER_INPUT, + _("'%s' is not a valid PAC Script or file name."), script); + g_free (contents); + return FALSE; + } + *out_script = g_strdelimit (contents, "\t\r\n", ' '); + return TRUE; +} + /* * nmc_find_connection: * @connections: array of NMConnections to search in diff --git a/clients/cli/common.h b/clients/cli/common.h index 114a8e634..1887e910b 100644 --- a/clients/cli/common.h +++ b/clients/cli/common.h @@ -44,6 +44,7 @@ nmc_vlan_parse_priority_maps (const char *priority_map, const char *nmc_bond_validate_mode (const char *mode, GError **error); gboolean nmc_team_check_config (const char *config, char **out_config, GError **error); +gboolean nmc_proxy_check_script (const char *script, char **out_script, GError **error); NMConnection *nmc_find_connection (const GPtrArray *connections, const char *filter_type, diff --git a/clients/cli/settings.c b/clients/cli/settings.c index 1926c8655..dd777b2b2 100644 --- a/clients/cli/settings.c +++ b/clients/cli/settings.c @@ -2131,7 +2131,7 @@ nmc_property_proxy_get_method (NMSetting *setting, NmcPropertyGetType get_type) static gboolean nmc_property_proxy_set_method (NMSetting *setting, const char *prop, - const char *val, GError **error) + const char *val, GError **error) { NMSettingProxyMethod method; gboolean ret; @@ -2157,6 +2157,22 @@ nmc_property_proxy_set_method (NMSetting *setting, const char *prop, return TRUE; } +static gboolean +nmc_property_proxy_set_pac_script (NMSetting *setting, const char *prop, + const char *val, GError **error) +{ + char *script = NULL; + + g_return_val_if_fail (error == NULL || *error == NULL, FALSE); + + if (!nmc_proxy_check_script (val, &script, error)) { + return FALSE; + } + g_object_set (setting, prop, script, NULL); + g_free (script); + return TRUE; +} + /*----------------------------------------------------------------------------*/ static void @@ -7897,7 +7913,7 @@ nmc_properties_init (void) NULL); nmc_add_prop_funcs (GLUE (PROXY, PAC_SCRIPT), nmc_property_proxy_get_pac_script, - nmc_property_set_string, + nmc_property_proxy_set_pac_script, NULL, NULL, NULL, diff --git a/libnm-core/nm-setting-proxy.c b/libnm-core/nm-setting-proxy.c index 33cb7363c..1d82d22e5 100644 --- a/libnm-core/nm-setting-proxy.c +++ b/libnm-core/nm-setting-proxy.c @@ -134,7 +134,7 @@ nm_setting_proxy_get_pac_url (NMSettingProxy *setting) * nm_setting_proxy_get_pac_script: * @setting: the #NMSettingProxy * - * Returns: the path to PAC Script + * Returns: the PAC Script * * Since: 1.6 **/ @@ -308,7 +308,7 @@ nm_setting_proxy_class_init (NMSettingProxyClass *setting_class) /** * NMSettingProxy:pac-script: * - * PAC Script location. + * PAC Script For the connection. * * Since: 1.6 **/ diff --git a/src/nm-pacrunner-manager.c b/src/nm-pacrunner-manager.c index 3631257f3..353b44f58 100644 --- a/src/nm-pacrunner-manager.c +++ b/src/nm-pacrunner-manager.c @@ -116,13 +116,9 @@ add_proxy_config (NMPacRunnerManager *self, GVariantBuilder *proxy_data, const N pac_script = nm_proxy_config_get_pac_script (proxy_config); if (pac_script) { - char *contents; - - if (g_file_get_contents (pac_script, &contents, NULL, NULL)) { - g_variant_builder_add (proxy_data, "{sv}", - "Script", - g_variant_new_take_string (contents)); - } + g_variant_builder_add (proxy_data, "{sv}", + "Script", + g_variant_new_string (pac_script)); } }