Skip to content

Commit

Permalink
fix(clapi): protect password for shell execution (#228)
Browse files Browse the repository at this point in the history
  • Loading branch information
garnier-quentin authored Apr 28, 2022
1 parent 5b2b761 commit b0713ae
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 6 deletions.
9 changes: 8 additions & 1 deletion gorgone/gorgone/class/tpapi/clapi.pm
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,13 @@ sub get_password {
return undef;
}

if (defined($options{protected}) && $options{protected} == 1) {
my $password = $self->{password};
$password =~ s/\$/\\\$/g;
$password =~ s/"/\\"/g;
return $password;
}

return $self->{password};
}

Expand Down Expand Up @@ -91,7 +98,7 @@ sub get_applycfg_command {
return undef;
}

return 'centreon -u ' . $self->{username} . ' -p ' . $self->{password} . ' -a APPLYCFG -v ' . $options{poller_id};
return 'centreon -u "' . $self->{username} . '" -p "' . $self->get_password(protected => 1) . '" -a APPLYCFG -v ' . $options{poller_id};
}

1;
10 changes: 5 additions & 5 deletions gorgone/gorgone/modules/centreon/legacycmd/class.pm
Original file line number Diff line number Diff line change
Expand Up @@ -516,8 +516,8 @@ sub execute_cmd {
}
my $centreon_dir = (defined($connector->{config}->{centreon_dir})) ?
$connector->{config}->{centreon_dir} : '/usr/share/centreon';
my $cmd = $centreon_dir . '/bin/centreon -u ' . $self->{clapi_user} . ' -p ' .
$self->{clapi_password} . ' -w -o CentreonWorker -a processQueue';
my $cmd = $centreon_dir . '/bin/centreon -u "' . $self->{clapi_user} . '" -p "' .
$self->{clapi_password} . '" -w -o CentreonWorker -a processQueue';
$self->send_internal_action(
action => 'COMMAND',
target => undef,
Expand Down Expand Up @@ -571,8 +571,8 @@ sub action_addimporttaskwithparent {

my $centreon_dir = (defined($connector->{config}->{centreon_dir})) ?
$connector->{config}->{centreon_dir} : '/usr/share/centreon';
my $cmd = $centreon_dir . '/bin/centreon -u ' . $self->{clapi_user} . ' -p ' .
$self->{clapi_password} . ' -w -o CentreonWorker -a processQueue';
my $cmd = $centreon_dir . '/bin/centreon -u "' . $self->{clapi_user} . '" -p "' .
$self->{clapi_password} . '" -w -o CentreonWorker -a processQueue';
$self->send_internal_action(
action => 'COMMAND',
token => $options{token},
Expand Down Expand Up @@ -788,7 +788,7 @@ sub run {
);

$self->{clapi_user} = $self->{tpapi_clapi}->get_username();
$self->{clapi_password} = $self->{tpapi_clapi}->get_password();
$self->{clapi_password} = $self->{tpapi_clapi}->get_password(protected => 1);

# Connect internal
$connector->{internal_socket} = gorgone::standard::library::connect_com(
Expand Down

0 comments on commit b0713ae

Please sign in to comment.