Handle type conversion and quoting in write_settings() (refs: #17136)

Also, use shlex.quote() instead of the deprecated pipes.quote(). See https://docs.python.org/2/library/pipes.html#pipes.quote

Handle type conversion and quoting in write_settings() (refs: #17136)
Also, use shlex.quote() instead of the deprecated pipes.quote(). See https://docs.python.org/2/library/pipes.html#pipes.quote
8f738eb7 · segfault · 53ec9327 · 8f738eb7 · 8f738eb7 · 8f738eb7
Commit 8f738eb7 authored Feb 13, 2020 by segfault
7 changed files
--- a/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/settings/admin.py
+++ b/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/settings/admin.py
 import os
 import os.path
 import logging
-import pipes
+import shlex
 import subprocess

 import tailsgreeter.config
@@ -18,14 +18,14 @@ class AdminSetting(object):
            # mkpasswd generates a salt if none is provided (even though the
            # man page doesn't explicitly state this).
            ["mkpasswd", "--stdin", "--method=sha512crypt"],
-            input=pipes.quote(password).encode(),
+            input=shlex.quote(password).encode(),
            capture_output=True,
            check=True,
        )
        hashed_and_salted_pw = proc.stdout.decode().strip()

        write_settings(self.settings_file, {
-            'TAILS_USER_PASSWORD': pipes.quote(hashed_and_salted_pw),
+            'TAILS_USER_PASSWORD': hashed_and_salted_pw,
            'TAILS_PASSWORD_HASH_FUNCTION': 'SHA512',
        })
        logging.debug('password written to %s', self.settings_file)

--- a/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/settings/formats.py
+++ b/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/settings/formats.py
@@ -20,7 +20,7 @@ class FormatsSetting(LocalizationSetting):
    def save(self, locale: str, is_default: bool):
        write_settings(self.settings_file, {
            'TAILS_FORMATS': locale,
-            'IS_DEFAULT': str(is_default).lower(),
+            'IS_DEFAULT': is_default,
        })

    def load(self) -> ({str, None}, bool):

--- a/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/settings/keyboard.py
+++ b/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/settings/keyboard.py
@@ -33,7 +33,7 @@ class KeyboardSetting(LocalizationSetting):
            'TAILS_XKBMODEL': 'pc105',
            'TAILS_XKBLAYOUT': layout,
            'TAILS_XKBVARIANT': variant,
-            'IS_DEFAULT': str(is_default).lower(),
+            'IS_DEFAULT': is_default,
        })

    def load(self) -> ({str, None}, bool):

--- a/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/settings/language.py
+++ b/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/settings/language.py
@@ -21,7 +21,6 @@ from collections import OrderedDict
 import gi
 import logging
 import locale
-import pipes

 import tailsgreeter.config
 from tailsgreeter.settings.localization import LocalizationSetting, \
@@ -49,8 +48,8 @@ class LanguageSetting(LocalizationSetting):

    def save(self, language: str, is_default: bool):
        write_settings(self.settings_file, {
-            'TAILS_LOCALE_NAME': pipes.quote(language),
-            'IS_DEFAULT': str(is_default).lower(),
+            'TAILS_LOCALE_NAME': language,
+            'IS_DEFAULT': is_default,
        })

    def load(self) -> ({str, None}, bool):

--- a/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/settings/macspoof.py
+++ b/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/settings/macspoof.py
 import logging
-import pipes

 import tailsgreeter.config
 from tailsgreeter.settings.utils import read_settings, write_settings
@@ -13,7 +12,7 @@ class MacSpoofSetting(object):

    def save(self, value: bool):
        write_settings(self.settings_file, {
-            'TAILS_MACSPOOF_ENABLED': pipes.quote(str(value)).lower(),
+            'TAILS_MACSPOOF_ENABLED': value,
        })
        logging.debug('macspoof setting written to %s', self.settings_file)


--- a/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/settings/network.py
+++ b/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/settings/network.py
 import logging
-import pipes

 import tailsgreeter.config
 from tailsgreeter.settings.utils import read_settings, write_settings
@@ -17,7 +16,7 @@ class NetworkSetting(object):

    def save(self, value: str):
        write_settings(self.settings_file, {
-            'TAILS_NETCONF': pipes.quote(value),
+            'TAILS_NETCONF': value,
        })
        logging.debug('network setting written to %s', self.settings_file)


--- a/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/settings/utils.py
+++ b/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/settings/utils.py
 import os
-from typing import Dict
+import shlex
+from typing import Dict, Union


-def write_settings(filename: str, settings: Dict[str, str]):
+def write_settings(filename: str, settings: Dict[str, Union[str, bool]]):
    with open(filename, 'w') as f:
        os.chmod(filename, 0o600)
        for key, value in settings.items():
+            if type(value) is bool:
+                value = str(value).lower()
+            # shell-escape the value, but only if it's non-empty, because
+            # for an empty string the result will be "''", which is non-empty
+            value = shlex.quote(value) if value else ''
            f.write('%s=%s\n' % (key, value))