From c9f196ccf3408f8717d42b5ab725b85c31b27dfa Mon Sep 17 00:00:00 2001 From: "Chris St. Pierre" Date: Fri, 5 Aug 2011 10:58:49 -0400 Subject: fixed more unescaped shell commands --- src/lib/Server/Plugins/SSHbase.py | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) (limited to 'src/lib/Server/Plugins/SSHbase.py') diff --git a/src/lib/Server/Plugins/SSHbase.py b/src/lib/Server/Plugins/SSHbase.py index 5e6acd39d..3ea2cb959 100644 --- a/src/lib/Server/Plugins/SSHbase.py +++ b/src/lib/Server/Plugins/SSHbase.py @@ -267,16 +267,27 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin, "H_%s" % client]) tempdir = tempfile.mkdtemp() temploc = "%s/%s" % (tempdir, hostkey) - cmd = 'ssh-keygen -q -f %s -N "" -t %s -C root@%s < /dev/null' - os.system(cmd % (temploc, keytype, client)) - shutil.copy(temploc, fileloc) - shutil.copy("%s.pub" % temploc, publoc) + cmd = ["ssh-keygen", "-q", "-f", temploc, "-N", "", + "-t", keytype, "-C", "root@%s" % client] + proc = Popen(cmd, stdout=PIPE, stdin=PIPE) + proc.communicate() + proc.wait() + + try: + shutil.copy(temploc, fileloc) + shutil.copy("%s.pub" % temploc, publoc) + except IOError: + err = sys.exc_info()[1] + self.logger.error("Temporary SSH keys not found: %s" % err) + try: os.unlink(temploc) os.unlink("%s.pub" % temploc) os.rmdir(tempdir) except OSError: - self.logger.error("Failed to unlink temporary ssh keys") + err = sys.exc_info()[1] + self.logger.error("Failed to unlink temporary ssh keys: %s" + % err) def AcceptChoices(self, _, metadata): return [Bcfg2.Server.Plugin.Specificity(hostname=metadata.hostname)] -- cgit v1.2.3-1-g7c22