Remove gravitational/configure dependency (gravitational#32447)

This repo hasn't been updated in 7 years and is not up to our current quality or security standards. In addition, we only leveraged a single function from it. Updates gravitational#5685
Somith11 · Sep 25, 2023 · 91b887d · 91b887d
1 parent bf2e57c
commit 91b887d
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 5 deletions.
diff --git a/go.mod b/go.mod
@@ -93,7 +93,6 @@ require (
 	github.com/google/uuid v1.3.1
 	github.com/googleapis/gax-go/v2 v2.12.0
 	github.com/gorilla/websocket v1.5.0
-	github.com/gravitational/configure v0.0.0-20180808141939-c3428bd84c23
 	github.com/gravitational/form v0.0.0-20151109031454-c4048f792f70
 	github.com/gravitational/license v0.0.0-20210218173955-6d8fb49b117a
 	github.com/gravitational/oxy v0.0.0-20221029012416-9fbf4c444680

diff --git a/go.sum b/go.sum
@@ -795,8 +795,6 @@ github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoA
 github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
 github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
-github.com/gravitational/configure v0.0.0-20180808141939-c3428bd84c23 h1:havbccuFO5fRj0O67oHXI7doShLig3rSIXfMrd/UnkA=
-github.com/gravitational/configure v0.0.0-20180808141939-c3428bd84c23/go.mod h1:XL9nebvlfNVvRzRPWdDcWootcyA0l7THiH/A+W1233g=
 github.com/gravitational/form v0.0.0-20151109031454-c4048f792f70 h1:To76nCJtM3DI0mdq3nGLzXqTV1wNOJByxv01+u9/BxM=
 github.com/gravitational/form v0.0.0-20151109031454-c4048f792f70/go.mod h1:88hFR45MpUd23d2vNWE/dYtesU50jKsbz0I9kH7UaBY=
 github.com/gravitational/go-cassandra-native-protocol v0.0.0-20221005103706-b9e66c056e90 h1:fPNJE2kaWC0Oy2YKxk1tbnqhKl3aTeXVAfjXzphJmI8=

diff --git a/lib/services/role.go b/lib/services/role.go
@@ -28,7 +28,6 @@ import (
 
 	"github.com/aws/aws-sdk-go/aws/arn"
 	"github.com/google/uuid"
-	"github.com/gravitational/configure/cstrings"
 	"github.com/gravitational/trace"
 	log "github.com/sirupsen/logrus"
 	"github.com/vulcand/predicate"
@@ -371,7 +370,7 @@ func filterInvalidUnixLogins(candidates []string) []string {
 	var output []string
 
 	for _, candidate := range candidates {
-		if cstrings.IsValidUnixUser(candidate) {
+		if utils.IsValidUnixUser(candidate) {
 			// A valid variable was found in the traits, append it to the list of logins.
 			output = append(output, candidate)
 			continue

diff --git a/lib/utils/utils.go b/lib/utils/utils.go
@@ -33,6 +33,7 @@ import (
 	"strings"
 	"sync"
 	"time"
+	"unicode"
 
 	"github.com/google/uuid"
 	"github.com/gravitational/trace"
@@ -322,6 +323,31 @@ func IsValidHostname(hostname string) bool {
 	return true
 }
 
+// IsValidUnixUser checks if a string represents a valid
+// UNIX username.
+func IsValidUnixUser(u string) bool {
+	// See http://www.unix.com/man-page/linux/8/useradd:
+	//
+	// On Debian, the only constraints are that usernames must neither start with a dash ('-')
+	// nor contain a colon (':') or a whitespace (space: ' ', end of line: '\n', tabulation:
+	// '\t', etc.). Note that using a slash ('/') may break the default algorithm for the
+	// definition of the user's home directory.
+
+	const maxUsernameLen = 32
+	if len(u) > maxUsernameLen || len(u) == 0 || u[0] == '-' {
+		return false
+	}
+	if strings.ContainsAny(u, ":/") {
+		return false
+	}
+	for _, r := range u {
+		if unicode.IsSpace(r) || unicode.IsControl(r) {
+			return false
+		}
+	}
+	return true
+}
+
 // ReadPath reads file contents
 func ReadPath(path string) ([]byte, error) {
 	if path == "" {