From c299a4e132fcfc27f509d5df954fdd83131b7395 Mon Sep 17 00:00:00 2001
From: shimun <shimun@shimun.net>
Date: Wed, 22 Feb 2023 15:29:56 +0100
Subject: [PATCH] added: shell-escape

---
 Cargo.lock        | 7 +++++++
 server/Cargo.toml | 1 +
 server/src/api.rs | 9 +++++----
 3 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 24ea918..519cebe 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1503,6 +1503,12 @@ dependencies = [
  "lazy_static",
 ]
 
+[[package]]
+name = "shell-escape"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "45bb67a18fa91266cc7807181f62f9178a6873bfad7dc788c42e6430db40184f"
+
 [[package]]
 name = "signature"
 version = "2.0.0"
@@ -1606,6 +1612,7 @@ dependencies = [
  "jwt-compact",
  "rand",
  "serde",
+ "shell-escape",
  "ssh-cert-dist-common",
  "ssh-key",
  "tempfile",
diff --git a/server/Cargo.toml b/server/Cargo.toml
index b213a4e..07ee978 100644
--- a/server/Cargo.toml
+++ b/server/Cargo.toml
@@ -32,6 +32,7 @@ tower-http = { version = "0.3.4", features = ["map-request-body", "trace"] }
 tracing = { version = "0.1.37", features = ["release_max_level_debug"] }
 tracing-subscriber = "0.3.16"
 ssh-cert-dist-common = { path = "../common" }
+shell-escape = "0.1.5"
 
 [dev-dependencies]
 tempfile = "3.3.0"
diff --git a/server/src/api.rs b/server/src/api.rs
index c3ff4db..52ca446 100644
--- a/server/src/api.rs
+++ b/server/src/api.rs
@@ -9,6 +9,7 @@ use std::time::SystemTime;
 use anyhow::Context;
 use axum::body;
 use axum::extract::{Query, State};
+use shell_escape::escape;
 use ssh_cert_dist_common::*;
 
 use axum::{http::StatusCode, response::IntoResponse, Json, Router};
@@ -285,14 +286,14 @@ impl From<&Certificate> for CertInfo {
                     format!("{opt}={val}")
                 }
             })
-            .map(|arg| format!("-O {arg}"))
+            .map(|arg| format!("-O {}", escape(arg.into())))
             .collect::<Vec<_>>()
             .join(" ");
         let opts = opts.trim();
         let renew_command = format!(
-            "ssh-keygen -s ./ca_key {host_key} -I {} -n {} -V {validity_days}d {opts}",
-            cert.key_id(),
-            cert.valid_principals().join(",")
+            "ssh-keygen -s ./ca_key {host_key} -I {} -n {} -V {validity_days}d {opts} {}.pub",
+            escape(cert.key_id().into()),
+            escape(cert.valid_principals().join(",").into()), escape(cert.key_id().into())
         );
         CertInfo {
             principals: cert.valid_principals().to_vec(),