fic/server
Archived
1
0
Fork 0
Code Issues Pull requests 10 Releases Wiki Activity

admin: sanitize use of InitialName when needed

Browse source
This commit is contained in:
nemunaire 2017-01-19 13:11:45 +01:00 committed by nemunaire
parent 6ee9b342f1
commit a46739ac36
3 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

4
admin/api/certificate.go
View file

@ -19,7 +19,7 @@ func init() {
func(_ httprouter.Params, _ []byte) (interface{}, error) { return fic.GenerateCRL() })) func(_ httprouter.Params, _ []byte) (interface{}, error) { return fic.GenerateCRL() }))
router.GET("/api/teams/:tid/certificate/", apiHandler(teamHandler(GetTeamCertificate))) router.GET("/api/teams/:tid/certificate.p12", apiHandler(teamHandler(GetTeamCertificate)))
router.GET("/api/teams/:tid/certificate/generate", apiHandler(teamHandler( router.GET("/api/teams/:tid/certificate/generate", apiHandler(teamHandler(
func(team fic.Team, _ []byte) (interface{}, error) { return team.GenerateCert() }))) func(team fic.Team, _ []byte) (interface{}, error) { return team.GenerateCert() })))
router.GET("/api/teams/:tid/certificate/revoke", apiHandler(teamHandler( router.GET("/api/teams/:tid/certificate/revoke", apiHandler(teamHandler(
@ -51,7 +51,7 @@ func GetCRL(_ httprouter.Params, _ []byte) (interface{}, error) {
func GetTeamCertificate(team fic.Team, _ []byte) (interface{}, error) { func GetTeamCertificate(team fic.Team, _ []byte) (interface{}, error) {
if _, err := os.Stat("../PKI/pkcs/" + team.Name + ".p12"); os.IsNotExist(err) { if _, err := os.Stat("../PKI/pkcs/" + team.Name + ".p12"); os.IsNotExist(err) {
return nil, errors.New("Unable to locate the p12. Have you generated it?") return nil, errors.New("Unable to locate the p12. Have you generated it?")
} else if fd, err := os.Open("../PKI/pkcs/" + team.Name + ".p12"); err == nil { } else if fd, err := os.Open("../PKI/pkcs/" + team.InitialName + ".p12"); err == nil {
return ioutil.ReadAll(fd) return ioutil.ReadAll(fd)
} else { } else {
return nil, err return nil, err

2
admin/api/team.go
View file

@ -59,7 +59,7 @@ func init() {
return team.GetMembers() }))) return team.GetMembers() })))
router.GET("/api/teams/:tid/name", apiHandler(teamHandler( router.GET("/api/teams/:tid/name", apiHandler(teamHandler(
func(team fic.Team, _ []byte) (interface{}, error) { func(team fic.Team, _ []byte) (interface{}, error) {
return team.Name, nil }))) return team.InitialName, nil })))
} }
func nginxGenMember() (string, error) { func nginxGenMember() (string, error) {

4
libfic/certificate.go
View file

@ -23,13 +23,13 @@ func GenerateCRL() (string, error) {
} }
func (t Team) GenerateCert() (string, error) { func (t Team) GenerateCert() (string, error) {
cmd := exec.Command("/bin/bash", "./CA.sh", "-newclient", t.Name) cmd := exec.Command("/bin/bash", "./CA.sh", "-newclient", t.InitialName)
return convOutput(cmd.CombinedOutput()) return convOutput(cmd.CombinedOutput())
} }
func (t Team) RevokeCert() (string, error) { func (t Team) RevokeCert() (string, error) {
cmd := exec.Command("/bin/bash", "./CA.sh", "-revoke", t.Name) cmd := exec.Command("/bin/bash", "./CA.sh", "-revoke", t.InitialName)
return convOutput(cmd.CombinedOutput()) return convOutput(cmd.CombinedOutput())
} }