lib/zold/commands/pay.rb in zold-0.26.19 vs lib/zold/commands/pay.rb in zold-0.29.20
- old
+ new
@@ -20,10 +20,11 @@
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
require 'slop'
require 'rainbow'
+require 'shellwords'
require_relative 'thread_badge'
require_relative 'args'
require_relative '../id'
require_relative '../amount'
require_relative '../log'
@@ -89,11 +90,12 @@
raise 'Recepient\'s invoice or wallet ID is required as the second argument' if mine[1].nil?
invoice = mine[1]
unless invoice.include?('@')
require_relative 'invoice'
invoice = Invoice.new(wallets: @wallets, remotes: @remotes, copies: @copies, log: @log).run(
- ['invoice', invoice, "--tolerate-quorum=#{opts['tolerate-quorum']}", "--network=#{opts['network']}"] +
+ ['invoice', invoice, "--tolerate-quorum=#{Shellwords.escape(opts['tolerate-quorum'])}"] +
+ ["--network=#{Shellwords.escape(opts['network'])}"] +
(opts['tolerate-edges'] ? ['--tolerate-edges'] : [])
)
end
raise 'Amount is required (in ZLD) as the third argument' if mine[2].nil?
amount = amount(mine[2].strip)
@@ -121,11 +123,12 @@
Tax.new(wallet).in_debt? && !opts['dont-pay-taxes']
end
return unless debt
require_relative 'taxes'
Taxes.new(wallets: @wallets, remotes: @remotes, log: @log).run(
- ['taxes', 'pay', "--private-key=#{opts['private-key']}", id.to_s, "--keygap=#{opts['keygap']}"]
+ ['taxes', 'pay', "--private-key=#{Shellwords.escape(opts['private-key'])}"] +
+ [id.to_s, "--keygap=#{Shellwords.escape(opts['keygap'])}"]
)
end
def pay(from, invoice, amount, details, opts)
unless opts.force?
@@ -136,9 +139,10 @@
the difference is #{(amount - from.balance).to_i} zents"
end
end
pem = IO.read(opts['private-key'])
unless opts['keygap'].empty?
+ puts opts['keygap']
pem = pem.sub('*' * opts['keygap'].length, opts['keygap'])
@log.debug("Keygap \"#{'*' * opts['keygap'].length}\" injected into the RSA private key")
end
key = Zold::Key.new(text: pem)
txn = from.sub(amount, invoice, key, details, time: Txn.parse_time(opts['time']))