Skip to content

Commit

Permalink
escape credential paths when writing server run config
Browse files Browse the repository at this point in the history 
Signed-off-by: R.I.Pienaar <rip@devco.net>
  • Loading branch information
@ripienaar
ripienaar committed Mar 17, 2023
1 parent 0d8f405 commit 7a11339
Show file tree
Hide file tree
Showing 4 changed files with 25 additions and 7 deletions.
7 changes: 6 additions & 1 deletion cli/micro_command.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -299,7 +299,12 @@ func (c *microCmd) infoAction(_ *fisk.ParseContext) error {
fmt.Printf(" Description: %v\n", nfo.Description)
fmt.Printf(" Version: %v\n", nfo.Version)
fmt.Printf(" Subjects: %v\n", strings.Join(nfo.Subjects, ", "))
fmt.Println()
if len(nfo.Metadata) > 0 {
fmt.Println()
fmt.Printf("Metadata:")
dumpMapStrings(nfo.Metadata, 3)
fmt.Println()
}

fmt.Printf("Statistics for %d Endpoint(s):\n\n", len(stats.Endpoints))
for _, e := range stats.Endpoints {
Expand Down
13 changes: 10 additions & 3 deletions cli/server_run_command.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ import (
"github.com/nats-io/jsm.go/natscontext"
"github.com/nats-io/nats-server/v2/server"
"golang.org/x/crypto/bcrypt"
"gopkg.in/alessio/shellescape.v1"
)

type SrvRunCmd struct {
Expand Down Expand Up @@ -107,8 +108,8 @@ leafnodes {
{{- if .ExtendWithContext }}
{
url: "{{.Context.ServerURL}}",
{{- if .Context.Creds }}
credentials: "{{.Context.Creds}}",
{{- if .Context.Creds | escape }}
credentials: "{{.Context.Creds | escape }}",
{{- end }}
account: "USER"
}
Expand Down Expand Up @@ -282,7 +283,13 @@ func (c *SrvRunCmd) writeConfig() (string, error) {
}
defer tf.Close()

t, err := template.New("server.cfg").Parse(serverRunConfig)
funcs := template.FuncMap{
"escape": func(v string) string {
return shellescape.Quote(v)
},
}

t, err := template.New("server.cfg").Funcs(funcs).Parse(serverRunConfig)
if err != nil {
os.Remove(tf.Name())
return "", err
Expand Down
4 changes: 3 additions & 1 deletion go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ require (
github.com/mattn/go-isatty v0.0.17
github.com/nats-io/jsm.go v0.0.36-0.20230307203554-f2ed0dc457b3
github.com/nats-io/nats-server/v2 v2.9.16-0.20230304144210-9f69d8734f66
github.com/nats-io/nats.go v1.24.0
github.com/nats-io/nats.go v1.24.1-0.20230314073701-fa3b1671faba
github.com/nats-io/nuid v1.0.1
github.com/prometheus/client_golang v1.14.0
github.com/prometheus/common v0.40.0
Expand All @@ -28,10 +28,12 @@ require (
github.com/xlab/tablewriter v0.0.0-20160610135559-80b567a11ad5
golang.org/x/crypto v0.7.0
golang.org/x/term v0.6.0
gopkg.in/alessio/shellescape.v1 v1.0.0-20170105083845-52074bc9df61
gopkg.in/yaml.v3 v3.0.1
)

require (
github.com/alessio/shellescape v1.4.1 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/cespare/xxhash/v2 v2.1.2 // indirect
github.com/golang/protobuf v1.5.2 // indirect
Expand Down
8 changes: 6 additions & 2 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ github.com/HdrHistogram/hdrhistogram-go v1.1.2/go.mod h1:yDgFjdqOqDEKOvasDdhWNXY
github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2 h1:+vx7roKuyA63nhn5WAunQHLTznkw5W8b1Xc0dNjp83s=
github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2/go.mod h1:HBCaDeC1lPdgDeDbhX8XFpy1jqjK0IBG8W5K+xYqA0w=
github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw=
github.com/alessio/shellescape v1.4.1 h1:V7yhSDDn8LP4lc4jS8pFkt0zCnzVJlG5JXy9BVKJUX0=
github.com/alessio/shellescape v1.4.1/go.mod h1:PZAiSCk0LJaZkiCSkPv8qIobYglO3FPpyFjDCtHLS30=
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE=
Expand Down Expand Up @@ -90,8 +92,8 @@ github.com/nats-io/jwt/v2 v2.3.1-0.20221227170542-bdf40fa3627b h1:exHeHbghpBp1Jv
github.com/nats-io/jwt/v2 v2.3.1-0.20221227170542-bdf40fa3627b/go.mod h1:DYujvzCMZzUuqB3i1Pnpf1YtkuTwhdI84Aah9wRXkK0=
github.com/nats-io/nats-server/v2 v2.9.16-0.20230304144210-9f69d8734f66 h1:EMCMRzolaFibutE346ppQ7/29GgHpT7pNRo7gGQdIl4=
github.com/nats-io/nats-server/v2 v2.9.16-0.20230304144210-9f69d8734f66/go.mod h1:HjWDmyl3BZvVNKqI5sgJU8y0S83V7eiZCeGGM43omQA=
github.com/nats-io/nats.go v1.24.0 h1:CRiD8L5GOQu/DcfkmgBcTTIQORMwizF+rPk6T0RaHVQ=
github.com/nats-io/nats.go v1.24.0/go.mod h1:dVQF+BK3SzUZpwyzHedXsvH3EO38aVKuOPkkHlv5hXA=
github.com/nats-io/nats.go v1.24.1-0.20230314073701-fa3b1671faba h1:9+WlBPh4lf7nUyRYVROYb95/hmAkDyP5FBKsF2IDIz8=
github.com/nats-io/nats.go v1.24.1-0.20230314073701-fa3b1671faba/go.mod h1:dVQF+BK3SzUZpwyzHedXsvH3EO38aVKuOPkkHlv5hXA=
github.com/nats-io/nkeys v0.3.1-0.20221215194120-47c7408e7546 h1:7ZylVLLiDSFqxJTSibNsO2RjVSXj3QWnDc+zKara2HE=
github.com/nats-io/nkeys v0.3.1-0.20221215194120-47c7408e7546/go.mod h1:JOEZlxMfMnmaLwr+mpmP+RGIYSxLNBFsZykCGaI2PvA=
github.com/nats-io/nuid v1.0.1 h1:5iA8DT8V7q8WK2EScv2padNa/rTESc1KdnPw4TC2paw=
Expand Down Expand Up @@ -181,6 +183,8 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w=
google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
gopkg.in/alessio/shellescape.v1 v1.0.0-20170105083845-52074bc9df61 h1:8ajkpB4hXVftY5ko905id+dOnmorcS2CHNxxHLLDcFM=
gopkg.in/alessio/shellescape.v1 v1.0.0-20170105083845-52074bc9df61/go.mod h1:IfMagxm39Ys4ybJrDb7W3Ob8RwxftP0Yy+or/NVz1O8=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
Expand Down

0 comments on commit 7a11339

Please sign in to comment.