From e5f163a041d5a45ea72448e11cfc30abb16f10b6 Mon Sep 17 00:00:00 2001 From: Gavin Andresen Date: Tue, 19 Mar 2013 14:08:21 -0400 Subject: [PATCH] -alertnotify= Runs a shell command when an AppliesToMe() alert is received. %s in the string is replaced with the alert.strStatusBar message. --- src/alert.cpp | 33 ++++++++++- src/alert.h | 2 +- src/init.cpp | 1 + src/test/alert_tests.cpp | 119 ++++++++++++++++++++++++++++----------- src/test/data/alertTests | Bin 1123 -> 1283 bytes 5 files changed, 119 insertions(+), 36 deletions(-) diff --git a/src/alert.cpp b/src/alert.cpp index 48920629..4b029840 100644 --- a/src/alert.cpp +++ b/src/alert.cpp @@ -2,6 +2,9 @@ // Alert system // +#include +#include +#include #include #include @@ -165,7 +168,7 @@ CAlert CAlert::getAlertByHash(const uint256 &hash) return retval; } -bool CAlert::ProcessAlert() +bool CAlert::ProcessAlert(bool fThread) { if (!CheckSignature()) return false; @@ -229,9 +232,35 @@ bool CAlert::ProcessAlert() // Add to mapAlerts mapAlerts.insert(make_pair(GetHash(), *this)); - // Notify UI if it applies to me + // Notify UI and -alertnotify if it applies to me if(AppliesToMe()) + { uiInterface.NotifyAlertChanged(GetHash(), CT_NEW); + std::string strCmd = GetArg("-alertnotify", ""); + if (!strCmd.empty()) + { + // Alert text should be plain ascii coming from a trusted source, but to + // be safe we first strip anything not in safeChars, then add single quotes around + // the whole string before passing it to the shell: + std::string singleQuote("'"); + // safeChars chosen to allow simple messages/URLs/email addresses, but avoid anything + // even possibly remotely dangerous like & or > + std::string safeChars("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890 .,;_/:?@"); + std::string safeStatus; + for (std::string::size_type i = 0; i < strStatusBar.size(); i++) + { + if (safeChars.find(strStatusBar[i]) != std::string::npos) + safeStatus.push_back(strStatusBar[i]); + } + safeStatus = singleQuote+safeStatus+singleQuote; + boost::replace_all(strCmd, "%s", safeStatus); + + if (fThread) + boost::thread t(runCommand, strCmd); // thread runs free + else + runCommand(strCmd); + } + } } printf("accepted alert %d, AppliesToMe()=%d\n", nID, AppliesToMe()); diff --git a/src/alert.h b/src/alert.h index 7949c769..25e140f5 100644 --- a/src/alert.h +++ b/src/alert.h @@ -91,7 +91,7 @@ public: bool AppliesToMe() const; bool RelayTo(CNode* pnode) const; bool CheckSignature() const; - bool ProcessAlert(); + bool ProcessAlert(bool fThread = true); /* * Get copy of (active) alert object by hash. Returns a null alert if it is not found. diff --git a/src/init.cpp b/src/init.cpp index 5b843665..b61d1b93 100644 --- a/src/init.cpp +++ b/src/init.cpp @@ -301,6 +301,7 @@ std::string HelpMessage() " -rpcconnect= " + _("Send commands to node running on (default: 127.0.0.1)") + "\n" + " -blocknotify= " + _("Execute command when the best block changes (%s in cmd is replaced by block hash)") + "\n" + " -walletnotify= " + _("Execute command when a wallet transaction changes (%s in cmd is replaced by TxID)") + "\n" + + " -alertnotify= " + _("Execute command when a relevant alert is received (%s in cmd is replaced by message)") + "\n" + " -upgradewallet " + _("Upgrade wallet to latest format") + "\n" + " -keypool= " + _("Set key pool size to (default: 100)") + "\n" + " -rescan " + _("Rescan the block chain for missing wallet transactions") + "\n" + diff --git a/src/test/alert_tests.cpp b/src/test/alert_tests.cpp index c8d409db..f7a11376 100644 --- a/src/test/alert_tests.cpp +++ b/src/test/alert_tests.cpp @@ -4,13 +4,12 @@ #include #include +#include #include "alert.h" #include "serialize.h" #include "util.h" -BOOST_AUTO_TEST_SUITE(Alert_tests) - #if 0 // // alertTests contains 7 alerts, generated with this code: @@ -39,64 +38,89 @@ BOOST_AUTO_TEST_SUITE(Alert_tests) SignAndSave(alert, "test/alertTests"); alert.setSubVer.clear(); - alert.nID = 2; + ++alert.nID; alert.nCancel = 1; + alert.nPriority = 100; alert.strStatusBar = "Alert 2, cancels 1"; SignAndSave(alert, "test/alertTests"); alert.nExpiration += 60; + ++alert.nID; SignAndSave(alert, "test/alertTests"); + ++alert.nID; alert.nMinVer = 11; alert.nMaxVer = 22; SignAndSave(alert, "test/alertTests"); + ++alert.nID; alert.strStatusBar = "Alert 2 for Satoshi 0.1.0"; alert.setSubVer.insert(std::string("/Satoshi:0.1.0/")); SignAndSave(alert, "test/alertTests"); + + ++alert.nID; + alert.nMinVer = 0; + alert.nMaxVer = 999999; + alert.strStatusBar = "Evil Alert'; /bin/ls; echo '"; + alert.setSubVer.clear(); + SignAndSave(alert, "test/alertTests"); } #endif - -std::vector -read_alerts(const std::string& filename) +struct ReadAlerts { - std::vector result; - - namespace fs = boost::filesystem; - fs::path testFile = fs::current_path() / "test" / "data" / filename; -#ifdef TEST_DATA_DIR - if (!fs::exists(testFile)) + ReadAlerts() { - testFile = fs::path(BOOST_PP_STRINGIZE(TEST_DATA_DIR)) / filename; - } -#endif - FILE* fp = fopen(testFile.string().c_str(), "rb"); - if (!fp) return result; - - - CAutoFile filein = CAutoFile(fp, SER_DISK, CLIENT_VERSION); - if (!filein) return result; - - try { - while (!feof(filein)) + std::string filename("alertTests"); + namespace fs = boost::filesystem; + fs::path testFile = fs::current_path() / "test" / "data" / filename; +#ifdef TEST_DATA_DIR + if (!fs::exists(testFile)) { - CAlert alert; - filein >> alert; - result.push_back(alert); + testFile = fs::path(BOOST_PP_STRINGIZE(TEST_DATA_DIR)) / filename; } - } - catch (std::exception) { } +#endif + FILE* fp = fopen(testFile.string().c_str(), "rb"); + if (!fp) return; + + + CAutoFile filein = CAutoFile(fp, SER_DISK, CLIENT_VERSION); + if (!filein) return; + + try { + while (!feof(filein)) + { + CAlert alert; + filein >> alert; + alerts.push_back(alert); + } + } + catch (std::exception) { } + } + ~ReadAlerts() { } + + static std::vector read_lines(boost::filesystem::path filepath) + { + std::vector result; + + std::ifstream f(filepath.string().c_str()); + std::string line; + while (std::getline(f,line)) + result.push_back(line); + + return result; + } + + std::vector alerts; +}; + +BOOST_FIXTURE_TEST_SUITE(Alert_tests, ReadAlerts) - return result; -} BOOST_AUTO_TEST_CASE(AlertApplies) { SetMockTime(11); - std::vector alerts = read_alerts("alertTests"); - BOOST_FOREACH(const CAlert& alert, alerts) { BOOST_CHECK(alert.CheckSignature()); @@ -129,4 +153,33 @@ BOOST_AUTO_TEST_CASE(AlertApplies) SetMockTime(0); } + +// This uses sh 'echo' to test the -alertnotify function, writing to a +// /tmp file. So skip it on Windows: +#ifndef WIN32 +BOOST_AUTO_TEST_CASE(AlertNotify) +{ + SetMockTime(11); + + boost::filesystem::path temp = GetTempPath() / "alertnotify.txt"; + boost::filesystem::remove(temp); + + mapArgs["-alertnotify"] = std::string("echo %s >> ") + temp.string(); + + BOOST_FOREACH(CAlert alert, alerts) + alert.ProcessAlert(false); + + std::vector r = read_lines(temp); + BOOST_CHECK_EQUAL(r.size(), 4u); + BOOST_CHECK_EQUAL(r[0], "Alert 1"); + BOOST_CHECK_EQUAL(r[1], "Alert 2, cancels 1"); + BOOST_CHECK_EQUAL(r[2], "Alert 2, cancels 1"); + BOOST_CHECK_EQUAL(r[3], "Evil Alert; /bin/ls; echo "); // single-quotes should be removed + + boost::filesystem::remove(temp); + + SetMockTime(0); +} +#endif + BOOST_AUTO_TEST_SUITE_END() diff --git a/src/test/data/alertTests b/src/test/data/alertTests index 126954e024e168e20f5b5929cbe3437fe8960577..7fc45289617e1c4b0e40f2244ffa3fab0f9849ce 100644 GIT binary patch delta 763 zcmaFN(abf$$QnT-uE~E*)LzH(jD*gntLbn?FWz9PbVmfZuxe0hRXNqPpVb_^ggg%vrnGLs5)`Iorjx&3zI_5Wxv;d z!YcPM*r;_xq&Ph*ghvm=W+Uw@jGJfi~h;=naC(InU6_`F=etM zld1>A%l(eB;Q=2-8A}bX@$b~^UckOeX*J6c_Vc!qGLpKt)-7dHP~2XtRljO?WWw_O zS52jtnJsZS9DY48LBM12=G~FXt7cB_XA%`=W?*1o1Y$5K6a+F6mMAzIw1@ue%;8uW zUnku2chc-RXO1-9Xs!KU=dyCmfwvz%0YmkT~oxg*)%k6%@ZMyb;Hp?&N2;->}k|$4K5@BSW ze2!U>F=gUGiOC!+B3>Q_Zb0`P876%>`>N->)7>8@ zHvpBKYA;;1{&q^?xl-fHy!MA)mvcOoX#b+)Bv_06E{@i67_( zAcNO2C$*?VAvr%cH#M(B#~p4_d-?OMa^%ea=PrsfDY$&7bx0KYw&YOYAzn43wq56%Zq8NY Q&ZlSx76 z)8hVaRouT$e|7u7G~*j?kF{s<2mgJ#QGesDre2_uZK*|j?mjs9D!a$3YKO|Uv)WI- zbFaSQkX*EPE4Tfk?0Ho{11Co_M!G8K2=dK4cPXKO@n?U>=gIO6f(+-L{y6i!BGJ54Fn?{?6)i80gJ!~ee z3yOY~68}P?|I?nj87^AtW_laG4Jy0|SE%5QD&;KoF0CfeDBiCrZf!t&+%5 z;P_ct$g*R9V33Z-^9{#m-8!o={lX)2zT(NhOsD?)xONNBmWAw=LW^`#Cim^g{_pzv zH%s@ek|iFRv#X2z*v`DYfBP?PTR_%v1F;y0!8logNi`N6q3)Az3jIGFbJ1v3zS*tF zSK>|j;Z=7gn@;|}`J!*O%OrOuh47UO@rPMkeJd;PvjuuYZBB4<^Si$OdxL$Z#s7f+ zpQj~b_1WaJ%!(5aN={~H5pf4wl$7`}X@(l}i6|+hudK(X)YvF8%}>-@AMn4&azTXf q-+m?q!AF<;W%lxH?AJ~?%~j;LSL**}nLTyhU0Y37x_c(qO8@}<9|wg1