Re: [Openvpn-devel] [PATCH] Implement "status 4" (JSON) for management interface

Tue, 14 Nov 2017 04:41:01 -0800 

On 14/11/17 12:02, Gert Doering wrote:
> JSON is very trivial to produce (unlike XML, or netlink).  The escaping
> rules on producing are also very easy - basically, encode things in double
> quotes, and escape the set of { BS, FF, NL, CR, Tab, Backslash, Quote }
> with a single backslash before the corresponding character.
>
>
<https://stackoverflow.com/questions/19176024/how-to-escape-special-characters-in-building-a-json-string>

Right, all those are single byte characters - and that's fairly simple
... but that ignores various quirks which easily appears with multi-byte
characters - especially when "looping" through a value, byte by byte.
We support UTF-8 in certificate subject fields.  So this escaper needs
to handle those classes the stackoverflow mentions, plus beware of
multi-byte strings (so we need to use the plethora of mb* related
functions).

In a clean 8-bit ASCII only-world, things are less complicated.

Heiko and I have looked into the "simple" world of revamping the argv
parser (to avoid our own "homebrewed" printf-like processing and base it
on what is in the C library) and even this pre-parsing we need to do
have popped up with surprises.  The argv caller scope mostly covers
parsing strings which is defined by us developers so the variations are
not as broad, and luckily format strings is not expected to contain
UTF-8 chars.  But I do not for a second think processing certificate
subject strings will as easy as those values we need to parse (typically
CN) are not generated by us but a broad range of users.  Who knows what
kind of funny tricks they'll throw at our code?

But sure, we can start with our own string parser to escape JSON and see
how it works and then revisit using a library if the maintenance gets
too annoying.


-- 
kind regards,

David Sommerseth
OpenVPN, Inc

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to