func makeArguments()

in agent/plugins/domainjoin/domainjoin_unix.go [241:344]

• 83 lines of code
• 20 McCabe index (conditional complexity)

func makeArguments(context context.T, scriptPath string, pluginInput DomainJoinPluginInput) (commandArguments string, err error) {

	var buffer bytes.Buffer
	buffer.WriteString(scriptPath)
	log := context.Log()

	// required parameters for the domain join plugin
	if len(pluginInput.DirectoryId) == 0 {
		return "", fmt.Errorf("directoryId is required")
	}

	if isShellInjection(pluginInput.DirectoryId) {
		return "", fmt.Errorf("Shell command injection string " + pluginInput.DirectoryId)
	}

	buffer.WriteString(DirectoryIdArg)
	buffer.WriteString(pluginInput.DirectoryId)

	if len(pluginInput.DirectoryName) == 0 {
		return "", fmt.Errorf("directoryName is required")
	}

	if isShellInjection(pluginInput.DirectoryName) {
		return "", fmt.Errorf("Shell command injection string " + pluginInput.DirectoryName)
	}
	buffer.WriteString(DirectoryNameArg)
	buffer.WriteString(pluginInput.DirectoryName)

	region, err := context.Identity().Region()
	if err != nil || region == "" {
		return "", fmt.Errorf("cannot get the instance region information")
	} else {
		buffer.WriteString(InstanceRegionArg)
		buffer.WriteString(region)
	}

	if isShellInjection(region) {
		return "", fmt.Errorf("Shell command injection string " + region)
	}

	// check if user provides the directory OU parameter
	if len(pluginInput.DirectoryOU) != 0 {
		log.Debugf("Customized directory OU parameter provided: %v", pluginInput.DirectoryOU)
		buffer.WriteString(DirectoryOUArg)
		// when using OU name with spaces, we should expect users passing in the OU parameter within quotation marks
		// need to remove such quotation marks for UNIX shell script
		// adding outer single quotes to indicate the lexical parser this is a single token
		buffer.WriteString("'")
		buffer.WriteString(strings.Trim(pluginInput.DirectoryOU, "\""))
		buffer.WriteString("'")
	}

	if isShellInjection(pluginInput.DirectoryOU) {
		return "", fmt.Errorf("Shell command injection string " + pluginInput.DirectoryName)
	}

	if len(pluginInput.HostName) != 0 {
		if isShellInjection(pluginInput.HostName) {
			return "", fmt.Errorf("Shell command injection string " + pluginInput.DirectoryName)
		}
		buffer.WriteString(SetHostNameArg)
		buffer.WriteString(pluginInput.HostName)

		if len(pluginInput.HostNameNumAppendDigits) != 0 {
			val, err := strconv.Atoi(pluginInput.HostNameNumAppendDigits)
			if err != nil {
				return "", fmt.Errorf("HostNameNumAppendDigits %s has non-digits " + pluginInput.HostNameNumAppendDigits)
			} else {
				log.Debugf("HostNameNumAppendDigits parameter is : %d", val)
			}
			buffer.WriteString(SetHostNameNumAppendDigitsArg)
			buffer.WriteString(pluginInput.HostNameNumAppendDigits)
		}
	}

	if pluginInput.KeepHostName {
		buffer.WriteString(KeepHostNameArgs)
		buffer.WriteString(" ")
	}

	if len(pluginInput.DnsIpAddresses) == 0 {
		log.Debug("Do not provide dns addresses.")
		return buffer.String(), nil
	}

	buffer.WriteString(DnsAddressesArgs)
	buffer.WriteString(" ")
	for index := 0; index < len(pluginInput.DnsIpAddresses); index++ {
		if index != 0 {
			buffer.WriteString(",")
		}
		if isShellInjection(pluginInput.DnsIpAddresses[index]) {
			return "", fmt.Errorf("Shell command injection string " + pluginInput.DnsIpAddresses[index])
		}
		matchesIPPat := isMatchingIPAddress(pluginInput.DnsIpAddresses[index])
		if matchesIPPat {
			buffer.WriteString(pluginInput.DnsIpAddresses[index])
		} else {
			return "", fmt.Errorf("Invalid DNS IP address " + pluginInput.DnsIpAddresses[index])
		}
	}

	return buffer.String(), nil
}