From 8e91e7edbebce334a040c53f25057a232a7e8b0b Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Thu, 19 Jan 2017 13:11:45 +0100
Subject: [PATCH] admin: sanitize use of InitialName when needed

---
 admin/api/certificate.go | 6 +++---
 admin/api/team.go        | 2 +-
 libfic/certificate.go    | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/admin/api/certificate.go b/admin/api/certificate.go
index da669e21..60622d78 100644
--- a/admin/api/certificate.go
+++ b/admin/api/certificate.go
@@ -19,7 +19,7 @@ func init() {
 		func(_ httprouter.Params, _ []byte) (interface{}, error) { return fic.GenerateCRL() }))
 
 
-	router.GET("/api/teams/:tid/certificate/", apiHandler(teamHandler(GetTeamCertificate)))
+	router.GET("/api/teams/:tid/certificate.p12", apiHandler(teamHandler(GetTeamCertificate)))
 	router.GET("/api/teams/:tid/certificate/generate", apiHandler(teamHandler(
 		func(team fic.Team, _ []byte) (interface{}, error) { return team.GenerateCert() })))
 	router.GET("/api/teams/:tid/certificate/revoke", apiHandler(teamHandler(
@@ -49,9 +49,9 @@ func GetCRL(_ httprouter.Params, _ []byte) (interface{}, error) {
 
 
 func GetTeamCertificate(team fic.Team, _ []byte) (interface{}, error) {
-	if _, err := os.Stat("../PKI/pkcs/" + team.Name + ".p12"); os.IsNotExist(err) {
+	if _, err := os.Stat("../PKI/pkcs/" + team.InitialName + ".p12"); os.IsNotExist(err) {
 		return nil, errors.New("Unable to locate the p12. Have you generated it?")
-	} else if fd, err := os.Open("../PKI/pkcs/" + team.Name + ".p12"); err == nil {
+	} else if fd, err := os.Open("../PKI/pkcs/" + team.InitialName + ".p12"); err == nil {
 		return ioutil.ReadAll(fd)
 	} else {
 		return nil, err
diff --git a/admin/api/team.go b/admin/api/team.go
index 733fdab7..7b04dfe9 100644
--- a/admin/api/team.go
+++ b/admin/api/team.go
@@ -59,7 +59,7 @@ func init() {
 			return team.GetMembers() })))
 	router.GET("/api/teams/:tid/name", apiHandler(teamHandler(
 		func(team fic.Team, _ []byte) (interface{}, error) {
-			return team.Name, nil })))
+			return team.InitialName, nil })))
 }
 
 func nginxGenMember() (string, error) {
diff --git a/libfic/certificate.go b/libfic/certificate.go
index f65544d0..e13a11d1 100644
--- a/libfic/certificate.go
+++ b/libfic/certificate.go
@@ -23,13 +23,13 @@ func GenerateCRL() (string, error) {
 }
 
 func (t Team) GenerateCert() (string, error) {
-	cmd := exec.Command("/bin/bash", "./CA.sh", "-newclient", t.Name)
+	cmd := exec.Command("/bin/bash", "./CA.sh", "-newclient", t.InitialName)
 
 	return convOutput(cmd.CombinedOutput())
 }
 
 func (t Team) RevokeCert() (string, error) {
-	cmd := exec.Command("/bin/bash", "./CA.sh", "-revoke", t.Name)
+	cmd := exec.Command("/bin/bash", "./CA.sh", "-revoke", t.InitialName)
 
 	return convOutput(cmd.CombinedOutput())
 }