security/crowdsec-firewall-bouncer: fix file quoting

When the api key contains a '/' character, if the yaml field is not quoted it will include the comment as well. fix: quote the field and remove the comment with the bouncer name. PR: 276096 MFH: 2024Q1
freebsd · Mar 19, 2024 · 7873631 · 7873631
1 parent e91ecc7
commit 7873631
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/security/crowdsec-firewall-bouncer/Makefile b/security/crowdsec-firewall-bouncer/Makefile
@@ -1,5 +1,5 @@
 PORTNAME=	crowdsec-firewall-bouncer
-PORTREVISION=	3
+PORTREVISION=	4
 DISTVERSIONPREFIX=	v
 DISTVERSION=	0.0.28
 CATEGORIES=	security

diff --git a/security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in b/security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in
@@ -49,7 +49,7 @@ crowdsec_firewall_precmd() {
             # THEN, register it to the local API
             API_KEY=$($CSCLI bouncers add "${crowdsec_firewall_name}" -o raw)
             if [ -n "$API_KEY" ]; then
-                sed -i "" "s|^${orig_line}|api_key: ${API_KEY}     # ${crowdsec_firewall_name}|" "${crowdsec_firewall_config}"
+                sed -i "" "s|^${orig_line}|api_key: '${API_KEY}'|" "${crowdsec_firewall_config}"
                 echo "Registered: ${crowdsec_firewall_name}"
             fi
         fi
@@ -85,6 +85,7 @@ crowdsec_firewall_stop()
 crowdsec_firewall_start() {
     # ensure we have a backend if the config file was not patched
     export BACKEND=pf
+    # shellcheck disable=SC2086
     /usr/sbin/daemon -f -p "$pidfile" -t "$desc" -- \
         "$command" -c "$crowdsec_firewall_config" ${crowdsec_firewall_flags}
 }