git: 7873631186c8 - main - security/crowdsec-firewall-bouncer: fix file quoting

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Robert Clausecker <fuz_at_FreeBSD.org>
Date: Tue, 19 Mar 2024 14:20:38 UTC
The branch main has been updated by fuz:

URL: https://cgit.FreeBSD.org/ports/commit/?id=7873631186c85b4d5bdcffa307f9dd49155c36c0

commit 7873631186c85b4d5bdcffa307f9dd49155c36c0
Author:     marco <marco@crowdsec.net>
AuthorDate: 2024-01-03 12:03:52 +0000
Commit:     Robert Clausecker <fuz@FreeBSD.org>
CommitDate: 2024-03-19 14:18:50 +0000

    security/crowdsec-firewall-bouncer: fix file quoting
    
    When the api key contains a '/' character, if the yaml field is
    not quoted it will include the comment as well. fix: quote the field and
    remove the comment with the bouncer name.
    
    PR:             276096
    MFH:            2024Q1
---
 security/crowdsec-firewall-bouncer/Makefile                   | 2 +-
 security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/security/crowdsec-firewall-bouncer/Makefile b/security/crowdsec-firewall-bouncer/Makefile
index c07268416620..021a2a0f7078 100644
--- a/security/crowdsec-firewall-bouncer/Makefile
+++ b/security/crowdsec-firewall-bouncer/Makefile
@@ -1,5 +1,5 @@
 PORTNAME=	crowdsec-firewall-bouncer
-PORTREVISION=	3
+PORTREVISION=	4
 DISTVERSIONPREFIX=	v
 DISTVERSION=	0.0.28
 CATEGORIES=	security
diff --git a/security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in b/security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in
index 78fed46c27f2..47c4c25cfae1 100644
--- a/security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in
+++ b/security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in
@@ -49,7 +49,7 @@ crowdsec_firewall_precmd() {
             # THEN, register it to the local API
             API_KEY=$($CSCLI bouncers add "${crowdsec_firewall_name}" -o raw)
             if [ -n "$API_KEY" ]; then
-                sed -i "" "s|^${orig_line}|api_key: ${API_KEY}     # ${crowdsec_firewall_name}|" "${crowdsec_firewall_config}"
+                sed -i "" "s|^${orig_line}|api_key: '${API_KEY}'|" "${crowdsec_firewall_config}"
                 echo "Registered: ${crowdsec_firewall_name}"
             fi
         fi
@@ -85,6 +85,7 @@ crowdsec_firewall_stop()
 crowdsec_firewall_start() {
     # ensure we have a backend if the config file was not patched
     export BACKEND=pf
+    # shellcheck disable=SC2086
     /usr/sbin/daemon -f -p "$pidfile" -t "$desc" -- \
         "$command" -c "$crowdsec_firewall_config" ${crowdsec_firewall_flags}
 }