natalie/indefero
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix a couple of issues with our key parsing / validating code.

Browse Source 
- be explicit and expect only ssh-dss or ssh-rsa keys
- allow any character (even line breaks and whitespace) in the optional comment,
  but shrink all of them to simple spaces (fixes issue 679)
- test the newly uploaded key against existing keys only by the base key data,
  not the fully uploaded string (that might contain a changed comment line or
  the like) to avoid duplicates; also only check the keys of the user for
  duplicates, not all existing keys in the forge (if for whatever reason two
  user accounts share a key)
This commit is contained in:
Thomas Keller
2011-05-25 02:13:50 +02:00
parent 8502a36481
commit 5b82efa0be
3 changed files with 15 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/IDF/Key.php
View File

@@ -80,7 +80,7 @@ class IDF_Key extends Pluf_Model
if (preg_match('#^\[pubkey ([^\]]+)\]\s*(\S+)\s*\[end\]$#', $this->content, $m)) {
return array('mtn', $m[1], $m[2]);
}
else if (preg_match('#^ssh\-[a-z]{3}\s(\S+)(?:\s(\S*))?$#', $this->content, $m)) {
else if (preg_match('#^ssh\-(?:dss|rsa)\s(\S+)(?:\s(.*))?$#', $this->content, $m)) {
if (!isset($m[2])) {
$m[2] = "";
}