mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-03 21:27:38 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

util.prosodyctl.cert: Pass variables via formatting instead of concatenation

Browse source 
Prevents potential weirdness in case there's any %s or such in a host,
file or directory name, since show_warning() is printf().
This commit is contained in:
Kim Alvefur 2022-01-19 10:26:43 +01:00
parent 456d91e7d7
commit 2a1f14fc26
1 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

10
util/prosodyctl/cert.lua
View file

@ -80,7 +80,7 @@ function cert_commands.config(arg)
local conf_file, err = io.open(conf_filename, "w");
if not conf_file then
pctl.show_warning("Could not open OpenSSL config file for writing");
pctl.show_warning(err);
pctl.show_warning("%s", err);
os.exit(1);
end
conf_file:write(conf:serialize());
@ -233,7 +233,7 @@ function cert_commands.import(arg)
imported[paths.certificate] = true;
else
-- TODO Say where we looked
pctl.show_warning("No certificate for host "..host.." found :(");
pctl.show_warning("No certificate for host %s found :(", host);
end
-- TODO Additional checks
-- Certificate names matches the hostname
@ -257,18 +257,18 @@ local function cert(arg)
lfs = require "lfs";
local cert_dir_attrs = lfs.attributes(cert_basedir);
if not cert_dir_attrs then
pctl.show_warning("The directory "..cert_basedir.." does not exist");
pctl.show_warning("The directory %s does not exist", cert_basedir);
return 1; -- TODO Should we create it?
end
local uid = pposix.getuid();
if uid ~= 0 and uid ~= cert_dir_attrs.uid then
pctl.show_warning("The directory "..cert_basedir.." is not owned by the current user, won't be able to write files to it");
pctl.show_warning("The directory %s is not owned by the current user, won't be able to write files to it", cert_basedir);
return 1;
elseif not cert_dir_attrs.permissions then -- COMPAT with LuaFilesystem < 1.6.2 (hey CentOS!)
pctl.show_message("Unable to check permissions on %s (LuaFilesystem 1.6.2+ required)", cert_basedir);
pctl.show_message("Please confirm that Prosody (and only Prosody) can write to this directory)");
elseif cert_dir_attrs.permissions:match("^%.w..%-..%-.$") then
pctl.show_warning("The directory "..cert_basedir.." not only writable by its owner");
pctl.show_warning("The directory %s not only writable by its owner", cert_basedir);
return 1;
end
local subcmd = table.remove(arg, 1);