diff --git a/src/api/ssh_keys_post.c b/src/api/ssh_keys_post.c
index f579496f900e716989d64c6b534d8c5cf02b016e..06dcb7231ba185e3e67d7425682a7626776e456c 100644
--- a/src/api/ssh_keys_post.c
+++ b/src/api/ssh_keys_post.c
@@ -38,13 +38,16 @@ int callback_ssh_keys_post(const struct _u_request * request,
ssh_key = json_string_value(json_object_get(json_input, "ssh-key"));
if (ssh_key == NULL)
{
+ // TODO: use janson's free function?
+ o_free(ssh_key);
return send_simple_response(response, 400, "error", "missing ssh-key");
}
// Call cat to append the command correctly:
char * command = NULL;
- asprintf(&command, "echo %s | sed -rf %s", ssh_key, RESTRICT_COMMAND_PATH);
- FILE *sed_output = popen(command, "r");
+ asprintf(&command, "echo '%s' | sed -rf '%s'", ssh_key, RESTRICT_COMMAND_PATH);
+ o_free(ssh_key);
+ FILE * sed_output = popen(command, "r");
if (!sed_output)
{
@@ -52,15 +55,15 @@ int callback_ssh_keys_post(const struct _u_request * request,
}
// Get the output from sed
- ssh_key = read_from_file(sed_output);
+ char * ssh_key_with_command = read_from_file(sed_output);
- if(!ssh_key)
+ if(!ssh_key_with_command)
{
return send_simple_response(response, 500, "error", "Internal error while converting ssh-key");
}
// Write SSH key to file
- fprintf(authorized_keys, ssh_key);
+ fprintf(authorized_keys, ssh_key_with_command);
fclose(authorized_keys);
return send_simple_response(response, 200, "status", "ok");
diff --git a/src/auxiliary.c b/src/auxiliary.c
index 1a0b9b6495226ce7c4062ad18cbf96cd551aa02f..97298788c8a34bc46cdb7b8b1346c605babc9940 100644
--- a/src/auxiliary.c
+++ b/src/auxiliary.c
@@ -11,6 +11,36 @@ void stop_server()
write(fifo, msg, strlen(msg) + 1);
}
+/**
+ * Read the contents of an already opened file into a string
+ * @param file The file as opened by fopen with "rb"
+ * @return Contents of the file
+ */
+char * read_from_file(FILE * file)
+{
+ char buf[100];
+ char *str = NULL;
+ char *temp = NULL;
+ unsigned int size = 1; // start with size of 1 to make room for null terminator
+ unsigned int strlength;
+ if (file)
+ {
+ while (fgets(buf, sizeof(buf), file) != NULL) {
+ strlength = strlen(buf);
+ temp = realloc(str, size + strlength); // allocate room for the buf that gets appended
+ if (temp == NULL) {
+ // allocation error
+ } else {
+ str = temp;
+ }
+ strcpy(str + size - 1, buf); // append buffer to str
+ size += strlength;
+ }
+ pclose(file);
+ }
+ return str;
+}
+
/**
* Read a file completely into a string.
* @param filename Path to the file to read.
@@ -26,31 +56,6 @@ char * read_file(const char * filename)
return NULL;
}
-/**
- * Read the contents of an already opened file into a string
- * @param file The file as opened by fopen with "rb"
- * @return Contents of the file
- */
-char * read_from_file(const FILE file)
-{
- long length;
- char * buffer = NULL;
- if (file)
- {
- fseek(file, 0, SEEK_END);
- length = ftell(file);
- fseek(file, 0, SEEK_SET);
- buffer = o_malloc(length + 1);
- if (buffer)
- {
- fread(buffer, 1, length, file);
- }
- buffer[length] = '\0';
- fclose (file);
- }
- return buffer;
-}
-
/**
* Respond to the request with a simple json structure '{$field: $value}'.
* @param response response struct to use
diff --git a/src/cryptops-api.c b/src/cryptops-api.c
index faaf253e4f8d3df0db6f20b0a6eaba4e17726663..1b2a86717c89e52c4506e11bf4d73c79a8d93cba 100644
--- a/src/cryptops-api.c
+++ b/src/cryptops-api.c
@@ -25,7 +25,7 @@ int main(int argc, char ** argv)
inet_pton(AF_INET, BIND_ADDRESS, &address.sin_addr);
struct _u_instance instance;
- if (ulfius_init_instance(&instance, PORT, &address, NULL) != U_OK)
+ if (ulfius_init_instance(&instance, PORT, NULL, NULL) != U_OK)
{
y_log_message(Y_LOG_LEVEL_ERROR, "Error ulfius_init_instance, abort");
return(1);
diff --git a/src/includes/settings.h b/src/includes/settings.h
index d9e98d50da311245f853a5b329ccc342c1fa9c34..287d675bfab72fd72f97ec217634c39d3e77c92a 100644
--- a/src/includes/settings.h
+++ b/src/includes/settings.h
@@ -15,6 +15,4 @@
#define AUTHORIZED_KEYS_DIR "/root/.ssh"
#define AUTHORIZED_KEYS_PATH AUTHORIZED_KEYS_DIR "/authorized_keys"
#define SSH_HOST_KEY_DIR "/dropbear"
-// FIXME: This means that we need to add copying this script to the initrd to
-// the deploy script
#define RESTRICT_COMMAND_PATH "/etc/cryptops-api/restrict_command.sed"