From 6f105ccd00d0fceaecfeed1904d18c9443229ca6 Mon Sep 17 00:00:00 2001
From: Nalin Dahyabhai <nalin.dahyabhai@pobox.com>
Date: Nov 24 2009 21:07:32 +0000
Subject: - make sure that we don't allow request nicknames that can't be used as

  part of a D-Bus object path

---

diff --git a/certmonger.spec b/certmonger.spec
index d775454..ec29192 100644
--- a/certmonger.spec
+++ b/certmonger.spec
@@ -94,6 +94,8 @@ exit 0
 - update to 0.13
   - change the default so that we default to trying to auto-refresh
     certificates unless told otherwise
+  - preemptively enforce limitations on request nicknames so that they
+    make valid D-Bus object path components
 
 * Tue Nov 24 2009 Nalin Dahyabhai <nalin@redhat.com> 0.12-1
 - update to 0.12
diff --git a/src/tdbush.c b/src/tdbush.c
index 81f8586..f05f647 100644
--- a/src/tdbush.c
+++ b/src/tdbush.c
@@ -255,6 +255,21 @@ send_internal_base_no_such_entry_error(DBusConnection *conn, DBusMessage *req)
 	return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
 }
 
+static int
+cm_tdbush_check_path_component(struct cm_context *ctx, const char *name)
+{
+	if (strlen(name) == 0) {
+		return -1;
+	}
+	if (strspn(name,
+		   "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+		   "abcdefghijklmnopqrstuvwxyz"
+		   "0123456789_") != strlen(name)) {
+		return -1;
+	}
+	return 0;
+}
+
 static DBusHandlerResult
 base_add_request(DBusConnection *conn, DBusMessage *msg,
 		 struct cm_context *ctx)
@@ -372,6 +387,12 @@ base_add_request(DBusConnection *conn, DBusMessage *msg,
 									  NULL);
 			}
 		}
+		if (cm_tdbush_check_path_component(ctx, param->value.s) != 0) {
+			return send_internal_base_bad_arg_error(conn, msg,
+								_("The nickname \"%s\" is not allowed."),
+								param->value.s,
+								"NICKNAME");
+		}
 	}
 	/* Check for a duplicate of another entry's certificate storage
 	 * information. */
@@ -1608,6 +1629,12 @@ request_modify(DBusConnection *conn, DBusMessage *msg, struct cm_context *ctx)
 									  "NICKNAME",
 									  NULL);
 			}
+			if (cm_tdbush_check_path_component(ctx, param->value.s) != 0) {
+				return send_internal_base_bad_arg_error(conn, msg,
+									_("The nickname \"%s\" is not allowed."),
+									param->value.s,
+									"NICKNAME");
+			}
 		}
 		/* If we're being asked to change the CA, check that the new CA
 		 * exists. */