From 1dffef87fc2f07763f64eeabc1ea891e68d23541 Mon Sep 17 00:00:00 2001

From: Michal Domonkos <mdomonko@redhat.com>

Date: Tue, 26 Nov 2019 13:05:49 +0100

Subject: [PATCH] [user-agent] Drop the whitelist

 - Stop checking os-release(5) data against a hard-coded whitelist and

   just use them as they are, to avoid a maintenance burden in the

   future (see [1] for details)

 - Clean up the getUserAgent() function a bit

Note that, by removing the whitelist, there's a risk of leaking a

"unique" value from the os-release file now, but a rather small one.

[1] https://github.com/rpm-software-management/libdnf/pull/851

---

 libdnf/utils/os-release.cpp | 58 ++++++++++++++++++++--------------------------------------

 libdnf/utils/os-release.hpp |  7 ++-----

 2 files changed, 22 insertions(+), 43 deletions(-)

diff --git a/libdnf/utils/os-release.cpp b/libdnf/utils/os-release.cpp

index 57be110..1d8a95b 100644

--- a/libdnf/utils/os-release.cpp

+++ b/libdnf/utils/os-release.cpp

@@ -36,17 +36,8 @@

 namespace libdnf {

 // sorted by precedence (see os-release(5) for details)

-static const std::array<const std::string, 2> paths = {"/etc/os-release", "/usr/lib/os-release"};

-// whitelists used for sanity-checking the os-release data when constructing a

-// User-Agent string (to avoid reporting rare systems or platforms that could

-// be tracked)

-static const std::map<std::string, std::vector<std::string>> distros = {

-    // taken from the {fedora,generic}-release.spec files

-    { "Fedora", { "cinnamon", "cloud", "container", "coreos", "generic", "iot",

-                  "kde", "matecompiz", "server", "silverblue", "snappy", "soas",

-                  "workstation", "xfce" } },

-};

-std::array<const std::string, 1> canons = { "Linux" };

+static const std::array<const std::string, 2>

+paths = {"/etc/os-release", "/usr/lib/os-release"};

 std::map<std::string, std::string> getOsReleaseData()

 {

@@ -118,47 +109,38 @@ std::string getUserAgent(const std::map<std::string, std::string> & osReleaseDat

 {

     std::ostringstream oss;

     auto logger(Log::getLogger());

-    std::string msg = "os-release: falling back to basic User-Agent";

-    // start with the basic libdnf string

     oss << USER_AGENT;

+    std::string fallback = oss.str();

-    // mandatory OS data (bail out if missing or unknown)

     if (!osReleaseData.count("NAME") || !osReleaseData.count("VERSION_ID")) {

-        logger->debug(tfm::format("%s: missing NAME or VERSION_ID", msg));

-        return oss.str();

+        logger->debug(tfm::format(

+            "User-Agent: falling back to '%s': missing NAME or VERSION_ID",

+            fallback

+        ));

+        return fallback;

     }

     std::string name = osReleaseData.at("NAME");

     std::string version = osReleaseData.at("VERSION_ID");

-    if (!distros.count(name)) {

-        logger->debug(tfm::format("%s: distro %s not whitelisted", msg, name));

-        return oss.str();

-    }

+    std::string variant = "generic";

+    if (osReleaseData.count("VARIANT_ID"))

+        variant = osReleaseData.at("VARIANT_ID");

-    // mandatory platform data from RPM (bail out if missing or unknown)

     std::string canon = getCanonOs();

     std::string arch = getBaseArch();

-    if (canon.empty() || arch.empty()

-        || std::find(canons.begin(), canons.end(), canon) == canons.end()) {

-        logger->debug(tfm::format("%s: could not detect canonical OS or basearch", msg));

-        return oss.str();

-    }

-

-    // optional OS data (use fallback values if missing or unknown)

-    std::string variant = "generic";

-    auto list = distros.at(name);

-    if (osReleaseData.count("VARIANT_ID")) {

-        std::string value = osReleaseData.at("VARIANT_ID");

-        if (std::find(list.begin(), list.end(), value) != list.end())

-            variant = value;

+    if (canon.empty() || arch.empty()) {

+        logger->debug(tfm::format(

+            "User-Agent: falling back to '%s': could not detect OS or basearch",

+            fallback

+        ));

+        return fallback;

     }

-    // good to go!

-    oss << " (" << name << " " << version << "; " << variant << "; "

-        << canon << "." << arch << ")";

+    oss << " (" << name << " " << version << "; " << variant << "; " << canon

+        << "." << arch << ")";

     std::string result = oss.str();

-    logger->debug(tfm::format("os-release: User-Agent constructed: %s", result));

+    logger->debug(tfm::format("User-Agent: constructed: '%s'", result));

     return result;

 }

diff --git a/libdnf/utils/os-release.hpp b/libdnf/utils/os-release.hpp

index ef4d14f..e7b24a7 100644

--- a/libdnf/utils/os-release.hpp

+++ b/libdnf/utils/os-release.hpp

@@ -50,11 +50,8 @@ getOsReleaseData();

  *   libdnf (NAME VERSION_ID; VARIANT_ID; OS.BASEARCH)

  *

  * where NAME, VERSION_ID and VARIANT_ID are OS identifiers read from the

- * passed os-release data, and OS and BASEARCH (if found) are the canonical OS

- * name and base architecture, respectively, detected using RPM.

- *

- * Note that the OS part (enclosed in parentheses) will only be included for

- * whitelisted values.

+ * passed os-release data, and OS and BASEARCH are the canonical OS name and

+ * base architecture, respectively, detected using RPM.

  *

  * @param  osReleaseData a map containing os-release data (will be loaded from

  *                       disk if not specified)

--

libgit2 0.28.2