diff options
author | marco <marco@crowdsec.net> | 2024-01-03 12:03:52 +0000 |
---|---|---|
committer | Robert Clausecker <fuz@FreeBSD.org> | 2024-03-19 14:23:29 +0000 |
commit | 5ee0dd0975c31e9b0a705766c030d4741ca5c47c (patch) | |
tree | f11adb387530847359093528aee43a395bff9a76 | |
parent | 439a5dbc65ef7ef67ff45fcc1b6f72a31308abdc (diff) | |
download | ports-5ee0dd0975c31e9b0a705766c030d4741ca5c47c.tar.gz ports-5ee0dd0975c31e9b0a705766c030d4741ca5c47c.zip |
security/crowdsec-firewall-bouncer: fix file quoting
When the api key contains a '/' character, if the yaml field is
not quoted it will include the comment as well. fix: quote the field and
remove the comment with the bouncer name.
PR: 276096
MFH: 2024Q1
(cherry picked from commit 7873631186c85b4d5bdcffa307f9dd49155c36c0)
-rw-r--r-- | security/crowdsec-firewall-bouncer/Makefile | 2 | ||||
-rw-r--r-- | security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in | 3 |
2 files changed, 3 insertions, 2 deletions
diff --git a/security/crowdsec-firewall-bouncer/Makefile b/security/crowdsec-firewall-bouncer/Makefile index 1c8190e6538d..021a2a0f7078 100644 --- a/security/crowdsec-firewall-bouncer/Makefile +++ b/security/crowdsec-firewall-bouncer/Makefile @@ -1,5 +1,5 @@ PORTNAME= crowdsec-firewall-bouncer -PORTREVISION= 2 +PORTREVISION= 4 DISTVERSIONPREFIX= v DISTVERSION= 0.0.28 CATEGORIES= security diff --git a/security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in b/security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in index 78fed46c27f2..47c4c25cfae1 100644 --- a/security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in +++ b/security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in @@ -49,7 +49,7 @@ crowdsec_firewall_precmd() { # THEN, register it to the local API API_KEY=$($CSCLI bouncers add "${crowdsec_firewall_name}" -o raw) if [ -n "$API_KEY" ]; then - sed -i "" "s|^${orig_line}|api_key: ${API_KEY} # ${crowdsec_firewall_name}|" "${crowdsec_firewall_config}" + sed -i "" "s|^${orig_line}|api_key: '${API_KEY}'|" "${crowdsec_firewall_config}" echo "Registered: ${crowdsec_firewall_name}" fi fi @@ -85,6 +85,7 @@ crowdsec_firewall_stop() crowdsec_firewall_start() { # ensure we have a backend if the config file was not patched export BACKEND=pf + # shellcheck disable=SC2086 /usr/sbin/daemon -f -p "$pidfile" -t "$desc" -- \ "$command" -c "$crowdsec_firewall_config" ${crowdsec_firewall_flags} } |