[arch-projects] [PATCH 1/2] Ensure all variables are unset before loading profile

[Dan McGee]

There is a possible leak of profile info from one to the next if
profiles are loaded in sequence, due to the fact that we are running all
of this in a shared environment. Unset all currently known variables at
the start of load_profile().

This is most apparent in several functions in `src/network` which do
looping calls of profile_up or profile_down (which in turn call
load_profile). The script `wpa_actiond/netcfg-wpa_actiond` is safe due
to its use of subshells.

Signed-off-by: Dan McGee <dan at archlinux.org>
---

This sucks a bit, but is a big failing of netcfg I found when writing my next
patch. It screams "there must be a better way", but at the moment I'm not sure
what that may be. The biggest problem is there is no central collection of
these variables which I had to scrape from the various setup scripts. Thoughts?

-Dan

 src-wireless/netcfg-auto-wireless |    1 -
 src/network                       |    9 ++++++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/src-wireless/netcfg-auto-wireless b/src-wireless/netcfg-auto-wireless
index a3e3fb9..671d34e 100644
--- a/src-wireless/netcfg-auto-wireless
+++ b/src-wireless/netcfg-auto-wireless
@@ -37,7 +37,6 @@ wifi_auto()
     while read ap essid; do
         echo $AUTO_PROFILES | while read network; do
             (
-                unset CONNECTION INTERFACE AP ESSID
                 load_profile "$network"
                 case "$CONNECTION" in
                     wireless-old|wireless|wireless-dbus)
diff --git a/src/network b/src/network
index 87c0e77..316183e 100644
--- a/src/network
+++ b/src/network
@@ -8,6 +8,13 @@
 #   source profile, checking whether it exists and is usable
 load_profile()
 {
+    unset ADDR AP AUTH8021X CONNECTION DESCRIPTION
+    unset DHCP_OPTIONS DHCP_TIMEOUT DHCLIENT DNS DNS1 DNS2 DOMAIN
+    unset ESSID GATEWAY HIDDEN IFOPTS INTERFACE IP IPCFG
+    unset IWCONFIG
+    unset KEY NETMASK RFKILL RFKILL_NAME SCAN SEARCH TIMEOUT
+    unset VLAN_ID VLAN_PHYS_DEV
+    unset WPA_CONF WPA_COUNTRY WPA_DRIVER WPA_GROUP WPA_OPTS
     [[ -z "$1" ]] && return 1
     if [[ ! -f "$PROFILE_DIR/$1" ]]; then
         report_err "Profile \"$1\" does not exist"
@@ -24,7 +31,7 @@ load_profile()
         report_debug "Interface level configuration enabled: $IFACE_DIR/$INTERFACE"
         . "$IFACE_DIR/$INTERFACE"
     fi
-    . "$PROFILE_DIR/$1" # we want profile settings to override, so need to source profile again
+    . "$PROFILE_DIR/$1"
     if [[ ! -f "$CONN_DIR/$CONNECTION" ]]; then
         report_err "$CONNECTION is not a valid connection, check spelling or look at examples"
         return 1
-- 
1.7.5.2