Commit 60acc2df authored by ssrq's avatar ssrq

[type/__easy_rsa_ca] Proper quoting of command arguments

parent a780b603
......@@ -20,6 +20,8 @@
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
quote() { printf "'%s'" "$(printf '%s' "$*" | sed -e "s/'/'\\\\''/g")"; }
base_dir=$(cat "${__object:?}/parameter/dir")
if test -s "${__object:?}/parameter/common-name"
......@@ -48,12 +50,12 @@ test "${state_is}" != 'present' || exit 0
opt_params=
# loop through mapping file
while read -r param_name option_name
while read -r param option
do
if test -s "${__object:?}/parameter/${param_name}"
if test -s "${__object:?}/parameter/${param}"
then
value=$(head -n 1 "${__object:?}/parameter/${param_name}")
opt_params="${opt_params} --${option_name}='${value}'"
value=$(head -n 1 "${__object:?}/parameter/${param}")
opt_params="${opt_params} --${option}=$(quote "${value}")"
fi
done <"${__type:?}/files/param_mapping.txt"
......@@ -67,10 +69,10 @@ check_parameter_validity_digest
if test -s "${__object:?}/parameter/digest"
then
supplied_value=$(head -n 1 "${__object:?}/parameter/digest")
opt_params="${opt_params} --digest='${supplied_value}'"
opt_params="${opt_params} --digest=$(quote "${supplied_value}")"
fi
printf 'cd %s\n' "${base_dir}"
printf 'cd %s\n' "$(quote "${base_dir}")"
printf '%s --pki-dir=%s --vars=%s --req-cn=%s %s --batch build-ca nopass\n' \
"${easyrsa_executable}" "${base_dir}/pki" "${base_dir}/vars" \
"${common_name}" "${opt_params# }"
"${easyrsa_executable}" "$(quote "${base_dir}/pki")" \
"$(quote "${base_dir}/vars")" "$(quote "${common_name}")" "${opt_params# }"
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment