WireGuard Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH 1012/1012] Support for unicode interface names: only '%', ':' and '/' must be avoided
@ 2018-08-25  1:41 Jorge AC
  2018-08-25  5:26 ` Jason A. Donenfeld
  0 siblings, 1 reply; 5+ messages in thread
From: Jorge AC @ 2018-08-25  1:41 UTC (permalink / raw)
  To: wireguard

---
 src/tools/wg-quick/linux.bash | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/tools/wg-quick/linux.bash b/src/tools/wg-quick/linux.bash
index 48ce163..4317907 100755
--- a/src/tools/wg-quick/linux.bash
+++ b/src/tools/wg-quick/linux.bash
@@ -39,9 +39,9 @@ die() {
 parse_options() {
        local interface_section=0 line key value stripped
        CONFIG_FILE="$1"
-       [[ $CONFIG_FILE =~ ^[a-zA-Z0-9_=+.-]{1,15}$ ]] &&
CONFIG_FILE="/etc/wireguard/$CONFIG_FILE.conf"
+       [[ -e $CONFIG_FILE ]] || CONFIG_FILE="/etc/wireguard/$CONFIG_FILE.conf"
        [[ -e $CONFIG_FILE ]] || die "\`$CONFIG_FILE' does not exist"
-       [[ $CONFIG_FILE =~ (^|/)([a-zA-Z0-9_=+.-]{1,15})\.conf$ ]] ||
die "The config file must be a valid interface name, followed by
.conf"
+       [[ $CONFIG_FILE =~ (^|/)([^%:/]+)\.conf$ ]] || die "The config
file must be a valid interface name, followed by .conf"
        CONFIG_FILE="$(readlink -f "$CONFIG_FILE")"
        ((($(stat -c '0%#a' "$CONFIG_FILE") & $(stat -c '0%#a'
"${CONFIG_FILE%/*}") & 0007) == 0)) || echo "Warning: \`$CONFIG_FILE'
is world accessible" >&2
        INTERFACE="${BASH_REMATCH[2]}"
-- 
2.11.0

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 1012/1012] Support for unicode interface names: only '%', ':' and '/' must be avoided
  2018-08-25  1:41 [PATCH 1012/1012] Support for unicode interface names: only '%', ':' and '/' must be avoided Jorge AC
@ 2018-08-25  5:26 ` Jason A. Donenfeld
  2018-08-25 15:50   ` Jorge AC
  0 siblings, 1 reply; 5+ messages in thread
From: Jason A. Donenfeld @ 2018-08-25  5:26 UTC (permalink / raw)
  To: jorgeanton; +Cc: WireGuard mailing list

Indeed it looks like we could be slightly more permissive. From net/core/dev.c:

/**
*      dev_valid_name - check if name is okay for network device
*      @name: name string
*
*      Network device names need to be valid file names to
*      to allow sysfs to work.  We also disallow any kind of
*      whitespace.
*/
bool dev_valid_name(const char *name)
{
       if (*name == '\0')
               return false;
       if (strnlen(name, IFNAMSIZ) == IFNAMSIZ)
               return false;
       if (!strcmp(name, ".") || !strcmp(name, ".."))
               return false;

       while (*name) {
               if (*name == '/' || *name == ':' || isspace(*name))
                       return false;
               name++;
       }
       return true;
}

And earlier in the callstack, %d is checked for, which indeed adds %
to the blacklist, as your commit indicates.

But should wg-quick enable insane dev names?

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 1012/1012] Support for unicode interface names: only '%', ':' and '/' must be avoided
  2018-08-25  5:26 ` Jason A. Donenfeld
@ 2018-08-25 15:50   ` Jorge AC
  2018-08-26 11:18     ` Jordan Glover
  0 siblings, 1 reply; 5+ messages in thread
From: Jorge AC @ 2018-08-25 15:50 UTC (permalink / raw)
  To: Jason; +Cc: wireguard

Thank you for checking my regex with the kernel code lines :-)

Definetly is insanity what drives me, I enjoy naming interfaces with
unicodes like =E2=98=A2.

Nevertheless, thinking about a legit use, it could be a nice gesture
for those non-latin1 people who wants to use their language.

On Sat, Aug 25, 2018 at 7:26 AM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>
> Indeed it looks like we could be slightly more permissive. From net/core/=
dev.c:
>
> /**
> *      dev_valid_name - check if name is okay for network device
> *      @name: name string
> *
> *      Network device names need to be valid file names to
> *      to allow sysfs to work.  We also disallow any kind of
> *      whitespace.
> */
> bool dev_valid_name(const char *name)
> {
>        if (*name =3D=3D '\0')
>                return false;
>        if (strnlen(name, IFNAMSIZ) =3D=3D IFNAMSIZ)
>                return false;
>        if (!strcmp(name, ".") || !strcmp(name, ".."))
>                return false;
>
>        while (*name) {
>                if (*name =3D=3D '/' || *name =3D=3D ':' || isspace(*name)=
)
>                        return false;
>                name++;
>        }
>        return true;
> }
>
> And earlier in the callstack, %d is checked for, which indeed adds %
> to the blacklist, as your commit indicates.
>
> But should wg-quick enable insane dev names?

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 1012/1012] Support for unicode interface names: only '%', ':' and '/' must be avoided
  2018-08-25 15:50   ` Jorge AC
@ 2018-08-26 11:18     ` Jordan Glover
  2018-08-26 16:57       ` Jorge AC
  0 siblings, 1 reply; 5+ messages in thread
From: Jordan Glover @ 2018-08-26 11:18 UTC (permalink / raw)
  To: Jorge AC; +Cc: wireguard

=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90 Original Me=
ssage =E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90
On August 25, 2018 5:50 PM, Jorge AC <jorgeanton@gmail.com> wrote:

> Thank you for checking my regex with the kernel code lines :-)
>
> Definetly is insanity what drives me, I enjoy naming interfaces with
> unicodes like =E2=98=A2.
>
> Nevertheless, thinking about a legit use, it could be a nice gesture
> for those non-latin1 people who wants to use their language.
>

Wireguard aims to be simple and secure. The name of device is used to
identify it, not to make a gestures to anyone. All wg/wg-quick commands
are in latin (english). I don't see much benefit of executing commands
like 'wg showconf =E2=98=A2' instead of 'wg showconf abc123' other than som=
eone's
egoistic pleasure.

Jordan

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 1012/1012] Support for unicode interface names: only '%', ':' and '/' must be avoided
  2018-08-26 11:18     ` Jordan Glover
@ 2018-08-26 16:57       ` Jorge AC
  0 siblings, 0 replies; 5+ messages in thread
From: Jorge AC @ 2018-08-26 16:57 UTC (permalink / raw)
  To: Golden_Miller83; +Cc: wireguard

[-- Attachment #1: Type: text/plain, Size: 376 bytes --]

Roger that.

Anyone who may want/need it can use "ip link" directly without "wc-quick",
anyway.

Thanks again!

On Sun, Aug 26, 2018 at 1:18 PM Jordan Glover <Golden_Miller83@protonmail.ch>
wrote:

>
> Wireguard aims to be simple and secure. The name of device is used to
> identify it, not to make a gestures to anyone. All wg/wg-quick commands
> are in latin (english).
>
>

[-- Attachment #2: Type: text/html, Size: 753 bytes --]

<div dir="ltr"><div>Roger that. </div><div><br></div><div>Anyone who may want/need it can use &quot;ip link&quot; directly without &quot;wc-quick&quot;, anyway.</div><div><br></div><div>Thanks again!</div><div><br><div class="gmail_quote"><div dir="ltr">On Sun, Aug 26, 2018 at 1:18 PM Jordan Glover &lt;<a href="mailto:Golden_Miller83@protonmail.ch">Golden_Miller83@protonmail.ch</a>&gt; wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br>
Wireguard aims to be simple and secure. The name of device is used to<br>
identify it, not to make a gestures to anyone. All wg/wg-quick commands<br>
are in latin (english). <br><br>
</blockquote></div></div></div>

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, back to index

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-08-25  1:41 [PATCH 1012/1012] Support for unicode interface names: only '%', ':' and '/' must be avoided Jorge AC
2018-08-25  5:26 ` Jason A. Donenfeld
2018-08-25 15:50   ` Jorge AC
2018-08-26 11:18     ` Jordan Glover
2018-08-26 16:57       ` Jorge AC

WireGuard Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/wireguard/0 wireguard/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 wireguard wireguard/ https://lore.kernel.org/wireguard \
		wireguard@lists.zx2c4.com zx2c4-wireguard@archiver.kernel.org
	public-inbox-index wireguard


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/com.zx2c4.lists.wireguard


AGPL code for this site: git clone https://public-inbox.org/ public-inbox