Bug#629118: allow the configuration file location to be overridden

Fri, 03 Jun 2011 10:06:31 -0700 

Package: drraw
Version: 2.2b2-3
Severity: wishlist
X-Debbugs-Cc: Igor Shmakov <[email protected]>

        Currently, drraw could only read the system configuration file,
        located at /etc/drraw/drraw.conf:

    50  # The configuration file is expected to be found in the same directory
    51  # as drraw itself.  You may customize this to be elsewhere.
    52  my $config = "/etc/drraw/drraw.conf"; # Untaint

        However, it may sometimes be useful to allow for either several
        drraw instances, or an instance configured by an unprivileged
        user (e. g., for testing purposes.)

        This configuration could, actually, be quite easy to set up,
        like:

$ cat < PUBLIC_HTML/drraw/.htaccess 
Order allow,deny
Allow from all

<FilesMatch "^drraw\.cgi$">
    SetHandler cgi-script
    ForceType text/html
</FilesMatch>
$ cat < PUBLIC_HTML/drraw/drraw.cgi 
#!/bin/sh
exec /usr/lib/cgi-bin/drraw/drraw.cgi
$ 

        Provided that drraw.cgi tries to locate ‘drraw.conf’ in the
        current working directory first, resorting to use the “/etc”
        version if that fails.

        Please thus consider the patch MIME'd.  (Inspired by Gitweb.)

        TIA.

-- 
FSF associate member #7257

--- /usr/lib/cgi-bin/drraw/drraw.cgi	2010-06-10 02:41:45.000000000 +0700
+++ drraw.cgi	2011-06-03 23:21:51.000000000 +0700
@@ -37,6 +37,7 @@
 use CGI qw(:standard :html3 *table *ul -no_xhtml -nosticky);
 use CGI::Carp qw(fatalsToBrowser);
 use Config;
+use Cwd qw (abs_path);
 use Fcntl;
 use File::Basename;
 use File::Find;
@@ -49,7 +50,21 @@
 
 # The configuration file is expected to be found in the same directory
 # as drraw itself.  You may customize this to be elsewhere.
-my $config = "/etc/drraw/drraw.conf"; # Untaint
+# my $config = "/etc/drraw/drraw.conf"; # Untaint
+sub untaint {
+    my @r;
+    foreach my $v (@_) {
+        my %h = ($v, 1);
+        push (@r, keys (%h));
+    }
+    ## .
+    wantarray () ? @r : $r[0];
+}
+our $DRRAW_CONFIG
+    = untaint (abs_path (($ENV{'DRRAW_CONFIG'} || "drraw.conf")));
+our $DRRAW_CONFIG_SYSTEM
+    = untaint (abs_path (($ENV{'DRRAW_CONFIG_SYSTEM'}
+                          || "/etc/drraw/drraw.conf")));
 
 # This needs to be manually set for stupid stupid File::Find to work
 # in tainted mode.
@@ -255,7 +270,10 @@
 ###############################################################################
 
 # Now load the user configuration
-unless ( do $config ) {
+my $config;
+unless ((-e $DRRAW_CONFIG
+         ?  do ($config = $DRRAW_CONFIG)
+         :  do ($config = $DRRAW_CONFIG_SYSTEM))) {
     my $err = ( $@ ne '' ) ? "$@" : "$!";
     print
         header(-status=>500),

Reply via email to