Import custom functions into Conf Jail (#1929)
This commit is contained in:
Christophe Maudoux
parent
e50e7d09d1
commit
c446f194eb
|
|
@ -86,7 +86,7 @@
|
|||
"authentication" : "Demo",
|
||||
"cfgAuthor" : "The LemonLDAP::NG team",
|
||||
"cfgNum" : 1,
|
||||
"cfgVersion" : "2.0.3",
|
||||
"cfgVersion" : "2.0.6",
|
||||
"cookieName" : "lemonldap",
|
||||
"demoExportedVars" : {
|
||||
"cn" : "cn",
|
||||
|
|
|
|||
|
|
@ -22,14 +22,12 @@ BEGIN {
|
|||
}
|
||||
|
||||
has customFunctions => ( is => 'rw', isa => 'Maybe[Str]' );
|
||||
has useSafeJail => ( is => 'rw', isa => 'Maybe[Int]' );
|
||||
has jail => ( is => 'rw' );
|
||||
has error => ( is => 'rw' );
|
||||
|
||||
has useSafeJail => ( is => 'rw', isa => 'Maybe[Int]' );
|
||||
|
||||
has jail => ( is => 'rw' );
|
||||
|
||||
has error => ( is => 'rw' );
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.0.6';
|
||||
our @builtCustomFunctions;
|
||||
|
||||
## @imethod protected build_jail()
|
||||
# Build and return the security jail used to compile rules and headers.
|
||||
|
|
@ -59,9 +57,9 @@ sub build_jail {
|
|||
}
|
||||
}
|
||||
|
||||
my @t =
|
||||
@builtCustomFunctions =
|
||||
$self->customFunctions ? split( /\s+/, $self->customFunctions ) : ();
|
||||
foreach (@t) {
|
||||
foreach (@builtCustomFunctions) {
|
||||
no warnings 'redefine';
|
||||
$api->logger->debug("Custom function : $_");
|
||||
my $sub = $_;
|
||||
|
|
@ -90,7 +88,7 @@ sub build_jail {
|
|||
$self->jail->share_from( 'Lemonldap::NG::Common::Safelib',
|
||||
$Lemonldap::NG::Common::Safelib::functions );
|
||||
|
||||
$self->jail->share_from( __PACKAGE__, [ @t, '&encrypt', '&token' ] );
|
||||
$self->jail->share_from( __PACKAGE__, [ @builtCustomFunctions, '&encrypt', '&token' ] );
|
||||
$self->jail->share_from( 'MIME::Base64', ['&encode_base64'] );
|
||||
|
||||
#$self->jail->share_from( 'Lemonldap::NG::Handler::Main', ['$_v'] );
|
||||
|
|
|
|||
|
|
@ -7,8 +7,13 @@ sub perlExpr {
|
|||
my ( $val, $conf ) = @_;
|
||||
my $cpt = 'Safe'->new;
|
||||
$cpt->share_from( 'MIME::Base64', ['&encode_base64'] );
|
||||
$cpt->share_from( 'Lemonldap::NG::Handler::Main::Jail',
|
||||
[ '&encrypt', '&token' ] );
|
||||
$cpt->share_from(
|
||||
'Lemonldap::NG::Handler::Main::Jail',
|
||||
[
|
||||
'&encrypt', '&token',
|
||||
@Lemonldap::NG::Handler::Main::Jail::builtCustomFunctions
|
||||
]
|
||||
);
|
||||
$cpt->share_from( 'Lemonldap::NG::Common::Safelib',
|
||||
$Lemonldap::NG::Common::Safelib::functions );
|
||||
$cpt->reval("BEGIN { 'warnings'->unimport; } $val");
|
||||
|
|
@ -137,7 +142,7 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
|
|||
eval {
|
||||
do {
|
||||
qr/$_[0]/;
|
||||
}
|
||||
}
|
||||
};
|
||||
return $@ ? ( 0, "__badRegexp__: $@" ) : 1;
|
||||
}
|
||||
|
|
@ -218,7 +223,8 @@ m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\
|
|||
},
|
||||
'select' => {
|
||||
'test' => sub {
|
||||
my $test = grep( { $_ eq $_[0]; }
|
||||
my $test =
|
||||
grep( { $_ eq $_[0]; }
|
||||
map( { $_->{'k'}; } @{ $_[2]{'select'}; } ) );
|
||||
return $test
|
||||
? 1
|
||||
|
|
@ -1610,7 +1616,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
|
|||
eval {
|
||||
do {
|
||||
qr/$_[0]/;
|
||||
}
|
||||
}
|
||||
};
|
||||
return $@ ? 0 : 1;
|
||||
},
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ sub perlExpr {
|
|||
my $cpt = new Safe;
|
||||
$cpt->share_from( 'MIME::Base64', ['&encode_base64'] );
|
||||
$cpt->share_from( 'Lemonldap::NG::Handler::Main::Jail',
|
||||
[ '&encrypt', '&token' ] );
|
||||
[ '&encrypt', '&token', @Lemonldap::NG::Handler::Main::Jail::builtCustomFunctions ] );
|
||||
$cpt->share_from( 'Lemonldap::NG::Common::Safelib',
|
||||
$Lemonldap::NG::Common::Safelib::functions );
|
||||
$cpt->reval("BEGIN { 'warnings'->unimport; } $val");
|
||||
|
|
|
|||
Loading…
Reference in New Issue