aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobin H. Johnson <robbat2@gentoo.org>2007-12-24 02:40:36 -0800
committerRobin H. Johnson <robbat2@gentoo.org>2007-12-24 02:40:36 -0800
commit12ae7578fffbe931e9fe6b5417a25a439afa1c71 (patch)
treea4d6addba8373da7d207c9f7febee41bb7ffba00 /gitosis/ssh.py
parentAdd module to deal specifically with SSH public keys properly. (diff)
downloadgitosis-gentoo-12ae7578fffbe931e9fe6b5417a25a439afa1c71.tar.gz
gitosis-gentoo-12ae7578fffbe931e9fe6b5417a25a439afa1c71.tar.bz2
gitosis-gentoo-12ae7578fffbe931e9fe6b5417a25a439afa1c71.zip
Convert existing SSH module to use the sshkey module, including all tests.
Diffstat (limited to 'gitosis/ssh.py')
-rw-r--r--gitosis/ssh.py35
1 files changed, 12 insertions, 23 deletions
diff --git a/gitosis/ssh.py b/gitosis/ssh.py
index a9ed206..7b2c0c3 100644
--- a/gitosis/ssh.py
+++ b/gitosis/ssh.py
@@ -28,7 +28,7 @@ def readKeys(keydir):
fp = file(path)
for line in fp:
line = line.rstrip('\n')
- yield (basename, line)
+ yield (basename, sshkey.get_ssh_pubkey(line))
fp.close()
COMMENT = '### autogenerated by gitosis, DO NOT EDIT'
@@ -38,30 +38,14 @@ def generateAuthorizedKeys(keys):
Genarate the lines for the Gitosis ~/.ssh/authorized_keys.
"""
TEMPLATE = ('command="gitosis-serve %(user)s",no-port-forwarding,'
- +'no-X11-forwarding,no-agent-forwarding,no-pty %(key)s')
+ +'no-X11-forwarding,no-agent-forwarding,no-pty %(key)s %(comment)s')
yield COMMENT
for (user, key) in keys:
- yield TEMPLATE % dict(user=user, key=key)
+ yield TEMPLATE % dict(user=user, key=key.key, comment=key.comment)
-_COMMAND_OPTS_SAFE_CMD = \
- 'command="(/[^ "]+/)?gitosis-serve [^"]+"'
-_COMMAND_OPTS_SAFE = \
- 'no-port-forwarding' \
-+'|no-X11-forwarding' \
-+'|no-agent-forwarding' \
-+'|no-pty' \
-+'|from="[^"]*"'
-_COMMAND_OPTS_UNSAFE = \
- 'environment="[^"]*"' \
-+'|command="[^"]*"' \
-+'|permitopen="[^"]*"' \
-+'|tunnel="[^"]+"'
-
-_COMMAND_RE = re.compile(
-'^'+_COMMAND_OPTS_SAFE_CMD \
-+'(,('+_COMMAND_OPTS_SAFE+'))+' \
-+' .*')
+_GITOSIS_CMD_RE = '(/[^ "]+/)?gitosis-serve [^"]+'
+_COMMAND_RE = re.compile(_GITOSIS_CMD_RE)
def filterAuthorizedKeys(fp):
"""
@@ -74,8 +58,13 @@ def filterAuthorizedKeys(fp):
line = line.rstrip('\n')
if line == COMMENT:
continue
- if _COMMAND_RE.match(line):
- continue
+ try:
+ key = sshkey.get_ssh_pubkey(line)
+ if 'command' in key.options and \
+ _COMMAND_RE.match(key.options['command']):
+ continue
+ except sshkey.MalformedSSHKey:
+ pass
yield line
def writeAuthorizedKeys(path, keydir):