From 11b3b47ba3ab5ed25b77aab3ce5759c55c9c9627 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Touceda?= Date: Wed, 24 Jul 2013 13:28:18 -0300 Subject: Escape the domain value to avoid problematic paths --- src/leap/config/providerconfig.py | 20 +++++++++++++++++++- src/leap/services/eip/providerbootstrapper.py | 2 +- 2 files changed, 20 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/leap/config/providerconfig.py b/src/leap/config/providerconfig.py index 8b72153a..744199f8 100644 --- a/src/leap/config/providerconfig.py +++ b/src/leap/config/providerconfig.py @@ -60,8 +60,26 @@ class ProviderConfig(BaseConfig): def get_description(self): return self._safe_get_value("description") + @classmethod + def sanitize_path_component(cls, component): + """ + If the provider tries to instrument the component of a path + that is controlled by them, this will take care of + removing/escaping all the necessary elements. + + :param component: Path component to process + :type component: unicode or str + + :returns: The path component properly escaped + :rtype: unicode or str + """ + # TODO: Fix for windows, names like "aux" or "con" aren't + # allowed. + return component.replace(os.path.sep, "") + def get_domain(self): - return self._safe_get_value("domain") + return ProviderConfig.sanitize_path_component( + self._safe_get_value("domain")) def get_enrollment_policy(self): """ diff --git a/src/leap/services/eip/providerbootstrapper.py b/src/leap/services/eip/providerbootstrapper.py index 274fd3bd..15609620 100644 --- a/src/leap/services/eip/providerbootstrapper.py +++ b/src/leap/services/eip/providerbootstrapper.py @@ -179,7 +179,7 @@ class ProviderBootstrapper(AbstractBootstrapper): """ leap_assert(domain and len(domain) > 0, "We need a domain!") - self._domain = domain + self._domain = ProviderConfig.sanitize_path_component(domain) self._download_if_needed = download_if_needed cb_chain = [ -- cgit v1.2.3