diff options
author | Kenneth R Westerback <krw@cvs.openbsd.org> | 2004-03-09 03:58:35 +0000 |
---|---|---|
committer | Kenneth R Westerback <krw@cvs.openbsd.org> | 2004-03-09 03:58:35 +0000 |
commit | 4c7b770b1b9249c9fbea2e76526497a5492282d8 (patch) | |
tree | 525bb377d9376d15b6a09af0c739ad35dd224e13 | |
parent | 1dd355fd19e860635a9959373530ff7c684bcf6a (diff) |
URL-encode all usercode/password characters between 0x20 and 0x7e so that
more weird usercodes and passwords work. Embedded blanks especially.
ok beck@.
-rw-r--r-- | distrib/miniroot/install.sub | 51 |
1 files changed, 43 insertions, 8 deletions
diff --git a/distrib/miniroot/install.sub b/distrib/miniroot/install.sub index 5e2d8aa01d6..e02467fbf5d 100644 --- a/distrib/miniroot/install.sub +++ b/distrib/miniroot/install.sub @@ -1,4 +1,4 @@ -# $OpenBSD: install.sub,v 1.332 2004/02/28 20:24:14 krw Exp $ +# $OpenBSD: install.sub,v 1.333 2004/03/09 03:58:34 krw Exp $ # $NetBSD: install.sub,v 1.5.2.8 1996/09/02 23:25:02 pk Exp $ # # Copyright (c) 1997-2003 Todd Miller, Theo de Raadt, Ken Westerback @@ -823,16 +823,51 @@ __EOT } # Encode $1 as specified for usercodes and passwords in RFC 1738 -# section 3.1, and now supported by our in-tree ftp: +# section 3.1 and section 5. # -# ':' -> '%3a' -# '@' -> '%40' -# '/' -> '%2f' +# Escape everything between 0x20 and 0x7e to avoid both illegal url +# characters and characters causing problems during script processing. # -# *NOTE* quotes around $1 are required to preserve trailing or -# embeddded blanks in usercodes and passwords! +# *NOTE* +# 1) quotes around $1 are required to preserve trailing or +# embeddded blanks in usercodes and passwords. +# 2) substitute '%' FIRST so it doesn't eliminate '%' chars we insert. encode_for_url() { - echo "$1" | sed -e 's/:/%3a/g' -e 's/@/%40/g' -e 's/\//%2f/g' + echo "$1" | sed -e " +s/%/%25/g +s/ /%20/g +s/!/%21/g +s/\"/%22/g +s/#/%23/g +s/\\\$/%24/g +s/&/%26/g +s/'/%27/g +s/(/%28/g +s/)/%29/g +s/\*/%2a/g +s/+/%2b/g +s/,/%2c/g +s/-/%2d/g +s/\./%2e/g +s/\//%2f/g +s/:/%3a/g +s/;/%3b/g +s/</%3c/g +s/=/%3d/g +s/>/%3e/g +s/?/%3f/g +s/@/%40/g +s/\[/%5b/g +s/\\\\/%5c/g +s/]/%5d/g +s/\^/%5e/g +s/_/%5f/g +s/\`/%60/g +s/{/%7b/g +s/|/%7c/g +s/}/%7d/g +s/~/%7e/g +" } # Check for the presence of an error message in the output of the ftp commands |