working version

src/api/ssh_keys_post.c

@@ -38,13 +38,16 @@ int callback_ssh_keys_post(const struct _u_request * request,
     ssh_key = json_string_value(json_object_get(json_input, "ssh-key"));
     if (ssh_key == NULL)
     {
+        // TODO: use janson's free function?
+        o_free(ssh_key);
         return send_simple_response(response, 400, "error", "missing ssh-key");
     }
 
     // Call cat to append the command correctly:
     char * command = NULL;
-    asprintf(&command, "echo %s | sed -rf %s", ssh_key, RESTRICT_COMMAND_PATH);
-    FILE *sed_output = popen(command, "r");
+    asprintf(&command, "echo '%s' | sed -rf '%s'", ssh_key, RESTRICT_COMMAND_PATH);
+    o_free(ssh_key);
+    FILE * sed_output = popen(command, "r");
 
     if (!sed_output)
     {
@@ -52,15 +55,15 @@ int callback_ssh_keys_post(const struct _u_request * request,
     }
 
     // Get the output from sed
-    ssh_key = read_from_file(sed_output);
+    char * ssh_key_with_command = read_from_file(sed_output);
 
-    if(!ssh_key)
+    if(!ssh_key_with_command)
     {
         return send_simple_response(response, 500, "error", "Internal error while converting ssh-key");
     }
 
     // Write SSH key to file
-    fprintf(authorized_keys, ssh_key);
+    fprintf(authorized_keys, ssh_key_with_command);
     fclose(authorized_keys);
 
     return send_simple_response(response, 200, "status", "ok");

src/auxiliary.c

@@ -11,6 +11,36 @@ void stop_server()
     write(fifo, msg, strlen(msg) + 1);
 }
 
+/**
+ * Read the contents of an already opened file into a string
+ * @param   file    The file as opened by fopen with "rb"
+ * @return          Contents of the file
+ */
+char * read_from_file(FILE * file)
+{
+    char buf[100];
+    char *str = NULL;
+    char *temp = NULL;
+    unsigned int size = 1;  // start with size of 1 to make room for null terminator
+    unsigned int strlength;
+    if (file)
+    {
+        while (fgets(buf, sizeof(buf), file) != NULL) {
+            strlength = strlen(buf);
+            temp = realloc(str, size + strlength);  // allocate room for the buf that gets appended
+            if (temp == NULL) {
+                // allocation error
+            } else {
+                str = temp;
+            }
+            strcpy(str + size - 1, buf);     // append buffer to str
+            size += strlength; 
+        }
+        pclose(file);
+    }
+    return str;
+}
+
 /**
  * Read a file completely into a string.
  * @param  filename Path to the file to read.
@@ -26,31 +56,6 @@ char * read_file(const char * filename)
     return NULL;
 }
 
-/**
- * Read the contents of an already opened file into a string
- * @param   file    The file as opened by fopen with "rb"
- * @return          Contents of the file
- */
-char * read_from_file(const FILE file)
-{
-    long length;
-    char * buffer = NULL;
-    if (file)
-    {
-        fseek(file, 0, SEEK_END);
-        length = ftell(file);
-        fseek(file, 0, SEEK_SET);
-        buffer = o_malloc(length + 1);
-        if (buffer)
-        {
-            fread(buffer, 1, length, file);
-        }
-        buffer[length] = '\0';
-        fclose (file);
-    }
-    return buffer;
-}
-
 /**
  * Respond to the request with a simple json structure '{$field: $value}'.
  * @param  response    response struct to use

src/cryptops-api.c

@@ -25,7 +25,7 @@ int main(int argc, char ** argv)
     inet_pton(AF_INET, BIND_ADDRESS, &address.sin_addr);
 
     struct _u_instance instance;
-    if (ulfius_init_instance(&instance, PORT, &address, NULL) != U_OK)
+    if (ulfius_init_instance(&instance, PORT, NULL, NULL) != U_OK)
     {
         y_log_message(Y_LOG_LEVEL_ERROR, "Error ulfius_init_instance, abort");
         return(1);

src/includes/settings.h

@@ -15,6 +15,4 @@
 #define AUTHORIZED_KEYS_DIR "/root/.ssh"
 #define AUTHORIZED_KEYS_PATH AUTHORIZED_KEYS_DIR "/authorized_keys"
 #define SSH_HOST_KEY_DIR "/dropbear"
-// FIXME: This means that we need to add copying this script to the initrd to
-// the deploy script
 #define RESTRICT_COMMAND_PATH "/etc/cryptops-api/restrict_command.sed"