code: plan9front

Download patch

ref: fdbe335d3ac0ba5307b2b5ab97d694af0d2256a7
parent: 5dd9b370a07b49a072025f5cd401361e8988c9e7
author: Jacob Moody <moody@posixcafe.org>
date: Mon May 16 23:25:30 EDT 2022

aux/listen: remove special cases for depreciated datakit

The getserv function has remained mostly unchanged since
1ed. These checks are for handling string local ports
or lack thereof. This was used by datakit at the time,
where 'ports' were service strings. This made the default
datakit service 'login' when a connector did not give
a specific service. The checks for directory traversal also
seemed specifically to guard against a connector from providing
a malicious service string. With datakit gone all current protocols
use numerics as ports so these checks and defaults become uneeded.

1ed reference:
https://github.com/plan9foundation/plan9/tree/1e-1992-09-21

--- a/sys/src/cmd/aux/listen.c

+++ b/sys/src/cmd/aux/listen.c

@@ -481,28 +481,19 @@

 	long n;

 	readstr(dir, "remote", s->remote, sizeof(s->remote)-1);

-	if(p = utfrune(s->remote, L'\n'))

+	if(p = utfrune(s->remote, '\n'))

 		*p = '\0';

 	n = readstr(dir, "local", addr, sizeof(addr)-1);

 	if(n <= 0)

 		return 0;

-	if(p = utfrune(addr, L'\n'))

+	if(p = utfrune(addr, '\n'))

 		*p = '\0';

-	serv = utfrune(addr, L'!');

+	serv = utfrune(addr, '!');

 	if(!serv)

-		serv = "login";

-	else

-		serv++;

-

-	/*

-	 * disallow service names like

-	 * ../../usr/user/bin/rc/su

-	 */

-	if(strlen(serv) +strlen(proto) >= NAMELEN || utfrune(serv, L'/') || *serv == '.')

 		return 0;

-	snprint(s->serv, sizeof s->serv, "%s%s", proto, serv);

+	snprint(s->serv, sizeof s->serv, "%s%s", proto, serv+1);

 	return 1;

 }