From 7886051d8751e8c518cc972a567a7ff367052118 Mon Sep 17 00:00:00 2001
From: imdano <>
Date: Thu, 24 Jan 2008 10:36:22 +0000
Subject: [PATCH] Committed patch from Sabin Iacob to sanitize a user's psk, to
 prevent possible parsing errors and security risks.

---
 misc.py       | 6 +++++-
 networking.py | 3 ++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/misc.py b/misc.py
index 4d33198..7519e15 100644
--- a/misc.py
+++ b/misc.py
@@ -23,6 +23,7 @@ import locale
 import gettext
 import time
 import sys
+import re
 from subprocess import *
 
 if __name__ == '__main__':
@@ -260,6 +261,10 @@ def error(parent, message):
     dialog.run()
     dialog.destroy()
 
+def shell_escape(data):
+    escape_re = re.compile('(?=[^a-zA-Z0-9_.\/\-\x7F-\xFF])')
+    print 'data is',data
+    return escape_re.sub("\\\\", data)
 
 class LogWriter():
     """ A class to provide timestamped logging. """
@@ -308,7 +313,6 @@ class LogWriter():
             if self.eol: self.file.write('\n')
             self.file.close()
 
-
     def get_time(self):
         """ Return a string with the current time nicely formatted.
 
diff --git a/networking.py b/networking.py
index 050e66b..84b9efb 100644
--- a/networking.py
+++ b/networking.py
@@ -446,7 +446,8 @@ class WirelessConnectThread(ConnectThread):
                                          re.I | re.M  | re.S)
                 self.network['psk'] = misc.RunRegex(key_pattern,
                         misc.Run('wpa_passphrase "' + self.network['essid'] +
-                                 '" "' + self.network['key'] + '"'))
+                                 '" "' + misc.shell_escape(self.network['key'])
+                                 + '"'))
             # Generate the wpa_supplicant file...
             if self.network.get('enctype') is not None:
                 self.SetStatus('generating_wpa_config')