shimun/ssh-cert-dist
1
0
Fork 0
Code Issues 1 Pull Requests 1 Packages Projects Releases Wiki Activity

added: shell-escape

Browse Source
This commit is contained in:
shimun
2023-02-22 15:29:56 +01:00
parent 50ba6c9934
commit c299a4e132
3 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
server/src/api.rs
View File

@@ -9,6 +9,7 @@ use std::time::SystemTime;
use anyhow::Context;
use axum::body;
use axum::extract::{Query, State};
use shell_escape::escape;
use ssh_cert_dist_common::*;
use axum::{http::StatusCode, response::IntoResponse, Json, Router};
@@ -285,14 +286,14 @@ impl From<&Certificate> for CertInfo {
format!("{opt}={val}")
}
})
.map(|arg| format!("-O {arg}"))
.map(|arg| format!("-O {}", escape(arg.into())))
.collect::<Vec<_>>()
.join(" ");
let opts = opts.trim();
let renew_command = format!(
"ssh-keygen -s ./ca_key {host_key} -I {} -n {} -V {validity_days}d {opts}",
cert.key_id(),
cert.valid_principals().join(",")
"ssh-keygen -s ./ca_key {host_key} -I {} -n {} -V {validity_days}d {opts} {}.pub",
escape(cert.key_id().into()),
escape(cert.valid_principals().join(",").into()), escape(cert.key_id().into())
);
CertInfo {
principals: cert.valid_principals().to_vec(),