From 2a1f14fc26ce3ad4e5acc29bd2a5a2aeb6b0e7b0 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Wed, 19 Jan 2022 10:26:43 +0100 Subject: util.prosodyctl.cert: Pass variables via formatting instead of concatenation Prevents potential weirdness in case there's any %s or such in a host, file or directory name, since show_warning() is printf(). --- util/prosodyctl/cert.lua | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'util') diff --git a/util/prosodyctl/cert.lua b/util/prosodyctl/cert.lua index 4779fdc4..42f529ca 100644 --- a/util/prosodyctl/cert.lua +++ b/util/prosodyctl/cert.lua @@ -80,7 +80,7 @@ function cert_commands.config(arg) local conf_file, err = io.open(conf_filename, "w"); if not conf_file then pctl.show_warning("Could not open OpenSSL config file for writing"); - pctl.show_warning(err); + pctl.show_warning("%s", err); os.exit(1); end conf_file:write(conf:serialize()); @@ -233,7 +233,7 @@ function cert_commands.import(arg) imported[paths.certificate] = true; else -- TODO Say where we looked - pctl.show_warning("No certificate for host "..host.." found :("); + pctl.show_warning("No certificate for host %s found :(", host); end -- TODO Additional checks -- Certificate names matches the hostname @@ -257,18 +257,18 @@ local function cert(arg) lfs = require "lfs"; local cert_dir_attrs = lfs.attributes(cert_basedir); if not cert_dir_attrs then - pctl.show_warning("The directory "..cert_basedir.." does not exist"); + pctl.show_warning("The directory %s does not exist", cert_basedir); return 1; -- TODO Should we create it? end local uid = pposix.getuid(); if uid ~= 0 and uid ~= cert_dir_attrs.uid then - pctl.show_warning("The directory "..cert_basedir.." is not owned by the current user, won't be able to write files to it"); + pctl.show_warning("The directory %s is not owned by the current user, won't be able to write files to it", cert_basedir); return 1; elseif not cert_dir_attrs.permissions then -- COMPAT with LuaFilesystem < 1.6.2 (hey CentOS!) pctl.show_message("Unable to check permissions on %s (LuaFilesystem 1.6.2+ required)", cert_basedir); pctl.show_message("Please confirm that Prosody (and only Prosody) can write to this directory)"); elseif cert_dir_attrs.permissions:match("^%.w..%-..%-.$") then - pctl.show_warning("The directory "..cert_basedir.." not only writable by its owner"); + pctl.show_warning("The directory %s not only writable by its owner", cert_basedir); return 1; end local subcmd = table.remove(arg, 1); -- cgit v1.2.3