[secure] start to update secure-mode

2 years ago · 1abc77e129
parent 5ea55afd74
commit 1abc77e129
14 changed files with 80 additions and 26 deletions
--- a/docs/schemas/format-v1.schema.json
+++ b/docs/schemas/format-v1.schema.json
@ -268,7 +268,10 @@
                                "rewriter": {
                                    "title": "/<format_name>/value/<value_name>/rewriter",
                                    "description": "A command that will rewrite this field when pretty-printing",
-                                    "type": "string"
+                                    "type": "string",
+                                    "examples": [
+                                        ";SELECT :sc_status || ' (' || (SELECT message FROM http_status_codes WHERE status = :sc_status) || ') '"
+                                    ]
                                },
                                "description": {
                                    "title": "/<format_name>/value/<value_name>/description",
--- a/src/bound_tags.hh
+++ b/src/bound_tags.hh
@ -32,13 +32,25 @@
 #ifndef lnav_bound_tags_hh
 #define lnav_bound_tags_hh

-struct last_relative_time_tag {
-};
+struct last_relative_time_tag {};

-struct sqlite_db_tag {
-};
+struct sqlite_db_tag {};
+
+struct sql_cmd_map_tag {};

-struct sql_cmd_map_tag {
+enum {
+    LNB_HEADLESS,
+    LNB_MANAGEMENT,
+    LNB_SECURE_MODE,
 };

+/** Flags set on the lnav command-line. */
+typedef enum {
+    LNF_HEADLESS = (1L << LNB_HEADLESS),
+    LNF_MANAGEMENT = (1L << LNB_MANAGEMENT),
+    LNF_SECURE_MODE = (1L << LNB_SECURE_MODE),
+} lnav_flags_t;
+
+struct lnav_flags_tag {};
+
 #endif
--- a/src/fstat_vtab.cc
+++ b/src/fstat_vtab.cc
@ -38,6 +38,7 @@
 #include "base/auto_mem.hh"
 #include "base/injector.hh"
 #include "base/lnav_log.hh"
+#include "bound_tags.hh"
 #include "config.h"
 #include "sql_util.hh"
 #include "vtab_module.hh"
@ -359,6 +360,12 @@ register_fstat_vtab(sqlite3* db)
    FSTAT_MODULE.vm_module.xBestIndex = rcBestIndex;
    FSTAT_MODULE.vm_module.xFilter = rcFilter;

+    static auto& lnav_flags = injector::get<unsigned long&, lnav_flags_tag>();
+
+    if (lnav_flags & LNF_SECURE_MODE) {
+        return SQLITE_OK;
+    }
+
    rc = FSTAT_MODULE.create(db, "fstat");

    ensure(rc == SQLITE_OK);
--- a/src/lnav.cc
+++ b/src/lnav.cc
@ -230,6 +230,10 @@ static auto bound_sqlite_db
    = injector::bind<auto_mem<sqlite3, sqlite_close_wrapper>,
                     sqlite_db_tag>::to_instance(&lnav_data.ld_db);

+static auto bound_lnav_flags
+    = injector::bind<unsigned long, lnav_flags_tag>::to_instance(
+        &lnav_data.ld_flags);
+
 static auto bound_last_rel_time
    = injector::bind<relative_time, last_relative_time_tag>::to_singleton();

@ -263,6 +267,12 @@ force_linking(sqlite_db_tag anno)
 {
 }

+template<>
+void
+force_linking(lnav_flags_tag anno)
+{
+}
+
 template<>
 void
 force_linking(services::curl_streamer_t anno)
--- a/src/lnav.hh
+++ b/src/lnav.hh
@ -47,6 +47,7 @@
 #include "base/future_util.hh"
 #include "base/isc.hh"
 #include "bottom_status_source.hh"
+#include "bound_tags.hh"
 #include "command_executor.hh"
 #include "config.h"
 #include "db_sub_source.hh"
@ -76,19 +77,6 @@
 class spectrogram_source;
 class spectro_status_source;

-enum {
-    LNB_HEADLESS,
-    LNB_MANAGEMENT,
-    LNB_SECURE_MODE,
-};
-
-/** Flags set on the lnav command-line. */
-typedef enum {
-    LNF_HEADLESS = (1L << LNB_HEADLESS),
-    LNF_MANAGEMENT = (1L << LNB_MANAGEMENT),
-    LNF_SECURE_MODE = (1L << LNB_SECURE_MODE),
-} lnav_flags_t;
-
 extern const std::vector<std::string> lnav_zoom_strings;

 /** The status bars. */
--- a/src/lnav_commands.cc
+++ b/src/lnav_commands.cc
@ -941,10 +941,6 @@ com_save_to(exec_context& ec,
        return Ok(std::string());
    }

-    if (lnav_data.ld_flags & LNF_SECURE_MODE) {
-        return ec.make_error("{} -- unavailable in secure mode", args[0]);
-    }
-
    fn = trim(remaining_args(cmdline, args));

    std::vector<std::string> split_args;
@ -1035,7 +1031,9 @@ com_save_to(exec_context& ec,
        }
        auto holder = open_res.unwrap();
        toclose = outfile = holder.release();
-        closer = holder.get_free_func<int(*)(FILE*)>();
+        closer = holder.get_free_func<int (*)(FILE*)>();
+    } else if (lnav_data.ld_flags & LNF_SECURE_MODE) {
+        return ec.make_error("{} -- unavailable in secure mode", args[0]);
    } else if ((outfile = fopen(split_args[0].c_str(), mode)) == nullptr) {
        return ec.make_error("unable to open file -- {}", split_args[0]);
    } else {
@ -1593,6 +1591,8 @@ com_redirect_to(exec_context& ec,

        auto holder = out.unwrap();
        ec.set_output(split_args[0], holder.release(), holder.get_free_func<int(*)(FILE*)>());
+    } else if (lnav_data.ld_flags & LNF_SECURE_MODE) {
+        return ec.make_error("{} -- unavailable in secure mode", args[0]);
    } else {
        FILE* file = fopen(split_args[0].c_str(), "w");
        if (file == nullptr) {
--- a/src/log_actions.cc
+++ b/src/log_actions.cc
@ -30,12 +30,20 @@
 #include "log_actions.hh"

 #include "base/fs_util.hh"
+#include "base/injector.hh"
+#include "bound_tags.hh"
 #include "config.h"
 #include "piper_proc.hh"

 std::string
 action_delegate::execute_action(const std::string& action_name)
 {
+    static auto& lnav_flags = injector::get<unsigned long&, lnav_flags_tag>();
+
+    if (lnav_flags & LNF_SECURE_MODE) {
+        return "unavailable in secure mode";
+    }
+
    auto& ldh = this->ad_log_helper;
    auto value_index = this->ad_press_value;
    logline_value& lv = ldh.ldh_line_values[value_index];
--- a/src/log_format_loader.cc
+++ b/src/log_format_loader.cc
@ -594,7 +594,9 @@ static struct json_path_container value_def_handlers = {
        .with_synopsis("<command>")
        .with_description(
            "A command that will rewrite this field when pretty-printing")
-        .for_field(&external_log_format::value_def::vd_rewriter),
+        .for_field(&external_log_format::value_def::vd_rewriter)
+        .with_example(";SELECT :sc_status || ' (' || (SELECT message FROM "
+                      "http_status_codes WHERE status = :sc_status) || ') '"),

    yajlpp::property_handler("description")
        .with_synopsis("<string>")
--- a/src/sql_commands.cc
+++ b/src/sql_commands.cc
@ -48,6 +48,7 @@ sql_cmd_dump(exec_context& ec,
    static auto& lnav_db
        = injector::get<auto_mem<sqlite3, sqlite_close_wrapper>&,
                        sqlite_db_tag>();
+    static auto& lnav_flags = injector::get<unsigned long&, lnav_flags_tag>();

    std::string retval;

@ -61,6 +62,10 @@ sql_cmd_dump(exec_context& ec,
        return ec.make_error("expecting a file name to write to");
    }

+    if (lnav_flags & LNF_SECURE_MODE) {
+        return ec.make_error("{} -- unavailable in secure mode", args[0]);
+    }
+
    auto_mem<FILE> file(fclose);

    if ((file = fopen(args[1].c_str(), "w+")) == nullptr) {
@ -88,6 +93,7 @@ sql_cmd_read(exec_context& ec,
    static auto& lnav_db
        = injector::get<auto_mem<sqlite3, sqlite_close_wrapper>&,
                        sqlite_db_tag>();
+    static auto& lnav_flags = injector::get<unsigned long&, lnav_flags_tag>();

    std::string retval;

@ -96,6 +102,10 @@ sql_cmd_read(exec_context& ec,
        return Ok(retval);
    }

+    if (lnav_flags & LNF_SECURE_MODE) {
+        return ec.make_error("{} -- unavailable in secure mode", args[0]);
+    }
+
    std::vector<std::string> split_args;
    shlex lexer(cmdline);

--- a/test/expected/expected.am
+++ b/test/expected/expected.am
@ -116,6 +116,8 @@ EXPECTED_FILES = \
    $(srcdir)/%reldir%/test_cmds.sh_876116da8ab46c0c8a212ce230d1b8a13970f78f.out \
    $(srcdir)/%reldir%/test_cmds.sh_8765cbf326648e9014f8cf5f761895010fff443a.err \
    $(srcdir)/%reldir%/test_cmds.sh_8765cbf326648e9014f8cf5f761895010fff443a.out \
+    $(srcdir)/%reldir%/test_cmds.sh_89afa826d1b33be6926df48443faa1d1c5f285a7.err \
+    $(srcdir)/%reldir%/test_cmds.sh_89afa826d1b33be6926df48443faa1d1c5f285a7.out \
    $(srcdir)/%reldir%/test_cmds.sh_8d5b43c693e78804a8fb06989392fa8cccb46b7b.err \
    $(srcdir)/%reldir%/test_cmds.sh_8d5b43c693e78804a8fb06989392fa8cccb46b7b.out \
    $(srcdir)/%reldir%/test_cmds.sh_9445861db011dfa2d21a44788047de345ee291e8.err \
--- a/test/expected/test_cmds.sh_89afa826d1b33be6926df48443faa1d1c5f285a7.err
+++ b/test/expected/test_cmds.sh_89afa826d1b33be6926df48443faa1d1c5f285a7.err
@ -0,0 +1,6 @@
+[1m[31m✘ error[0m: write-json-to -- unavailable in secure mode
+[36m --> [0m[1mcommand-option[0m:2
+[36m | [0m[37m[40m:[0m[1m[36m[40mwrite-json-to[0m[37m[40m /tmp/bad                 [0m
+[36m =[0m [36mhelp[0m: [4m:[0m[1m[4mwrite-json-to[0m[4m [0m[4mpath[0m
+         ══════════════════════════════════════════════════════════════════════
+           Write SQL results to the given file in JSON format
--- a/test/expected/test_cmds.sh_89afa826d1b33be6926df48443faa1d1c5f285a7.out
+++ b/test/expected/test_cmds.sh_89afa826d1b33be6926df48443faa1d1c5f285a7.out
--- a/test/test_cmds.sh
+++ b/test/test_cmds.sh
@ -335,7 +335,7 @@ run_cap_test ${lnav_test} -n \
 export LNAVSECURE=1
 run_cap_test env TEST_COMMENT="secure mode write test" ${lnav_test} -n \
    -c ";select * from access_log" \
-    -c ':write-json-to -' \
+    -c ':write-json-to /tmp/bad' \
    ${test_dir}/logfile_access_log.0

 unset LNAVSECURE
--- a/test/test_stubs.cc
+++ b/test/test_stubs.cc
@ -78,6 +78,12 @@ force_linking(sqlite_db_tag anno)
 {
 }

+template<>
+void
+force_linking(lnav_flags_tag anno)
+{
+}
+
 template<>
 void
 force_linking(services::curl_streamer_t anno)