From 870e7b848f3c3a8e2846bc377b575466c66bd0ca Mon Sep 17 00:00:00 2001
From: Niall Sheridan <nsheridan@gmail.com>
Date: Mon, 15 Aug 2016 10:52:25 +0100
Subject: [PATCH] Ensure the /sign url is valid before use

---
 cmd/cashier/main.go | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/cmd/cashier/main.go b/cmd/cashier/main.go
index 3a341085..a9c509fd 100644
--- a/cmd/cashier/main.go
+++ b/cmd/cashier/main.go
@@ -9,6 +9,7 @@ import (
 	"log"
 	"net"
 	"net/http"
+	"net/url"
 	"os"
 	"os/user"
 	"path"
@@ -49,7 +50,12 @@ func send(s []byte, token, ca string, ValidateTLSCertificate bool) (*lib.SignRes
 		TLSClientConfig: &tls.Config{InsecureSkipVerify: !ValidateTLSCertificate},
 	}
 	client := &http.Client{Transport: transport}
-	req, err := http.NewRequest("POST", ca+"/sign", bytes.NewReader(s))
+	u, err := url.Parse(ca)
+	if err != nil {
+		return nil, err
+	}
+	u.Path = path.Join(u.Path, "/sign")
+	req, err := http.NewRequest("POST", u.String(), bytes.NewReader(s))
 	if err != nil {
 		return nil, err
 	}
-- 
GitLab