|
|
914530 |
From 62082b7c8bdb82ebc956d0bd519695d150f515ba Mon Sep 17 00:00:00 2001
|
|
|
914530 |
From: =?UTF-8?q?Mat=C4=9Bj=20T=C3=BD=C4=8D?= <matyc@redhat.com>
|
|
|
914530 |
Date: Fri, 21 Jun 2019 14:31:07 +0200
|
|
|
914530 |
Subject: [PATCH] Made oscap-ssh to work with shell-sensitive args.
|
|
|
914530 |
|
|
|
914530 |
Fixes e.g. the problem of oscap arguments -p (all).
|
|
|
914530 |
Now, (all) is escaped, so it not intercepted by the shell.
|
|
|
914530 |
---
|
|
|
914530 |
utils/oscap-ssh | 9 ++++++++-
|
|
|
914530 |
1 file changed, 8 insertions(+), 1 deletion(-)
|
|
|
914530 |
|
|
|
914530 |
diff --git a/utils/oscap-ssh b/utils/oscap-ssh
|
|
|
914530 |
index 6d60a369e..658cc2ee4 100755
|
|
|
914530 |
--- a/utils/oscap-ssh
|
|
|
914530 |
+++ b/utils/oscap-ssh
|
|
|
914530 |
@@ -115,6 +115,13 @@ function scp_retreive_from_temp_dir {
|
|
|
914530 |
scp -o ControlPath="$MASTER_SOCKET" -P "$SSH_PORT" $SSH_ADDITIONAL_OPTIONS "$SSH_HOST:$REMOTE_TEMP_DIR/$1" "$2"
|
|
|
914530 |
}
|
|
|
914530 |
|
|
|
914530 |
+# $1: The name of the array holding command elements
|
|
|
914530 |
+# Returns: String, where individual command components are double-quoted, so they are not interpreted by the shell.
|
|
|
914530 |
+# For example, an array ('-p' '(all)') will be transformed to "\"-p\" \"(all)\"", so after the shell expansion, it will end up as "-p" "(all)".
|
|
|
914530 |
+function command_array_to_string {
|
|
|
914530 |
+ eval "printf '\"%s\" ' \"\${$1[@]}\""
|
|
|
914530 |
+}
|
|
|
914530 |
+
|
|
|
914530 |
function first_argument_is_sudo {
|
|
|
914530 |
[ "$1" == "sudo" ] || [ "$1" == "--sudo" ]
|
|
|
914530 |
return $?
|
|
|
914530 |
@@ -273,7 +280,7 @@ echo "Starting the evaluation..."
|
|
|
914530 |
# changing directory because of --oval-results support. oval results files are
|
|
|
914530 |
# dumped into PWD, and we can't be sure by the file names - we need controlled
|
|
|
914530 |
# environment
|
|
|
914530 |
-ssh_execute_with_command_and_options "cd $REMOTE_TEMP_DIR; $OSCAP_SUDO oscap ${oscap_args[*]}" "$SSH_TTY_ALLOCATION_OPTION"
|
|
|
914530 |
+ssh_execute_with_command_and_options "cd $REMOTE_TEMP_DIR; $OSCAP_SUDO oscap $(command_array_to_string oscap_args)" "$SSH_TTY_ALLOCATION_OPTION"
|
|
|
914530 |
OSCAP_EXIT_CODE=$?
|
|
|
914530 |
echo "oscap exit code: $OSCAP_EXIT_CODE"
|
|
|
914530 |
|