Merge lp:~benoit.pierre/sloecode/ssh-key-checks into lp:sloecode

Proposed by Benoit Pierre
Status: Merged
Merge reported by: Thomi Richards
Merged at revision: not available
Proposed branch: lp:~benoit.pierre/sloecode/ssh-key-checks
Merge into: lp:sloecode
Diff against target: 40 lines (+16/-5)
1 file modified
sloecode/model/authkey.py (+16/-5)
To merge this branch: bzr merge lp:~benoit.pierre/sloecode/ssh-key-checks
Reviewer Review Type Date Requested Status
Thomi Richards Pending
Review via email: mp+80625@code.launchpad.net

Description of the change

Right now it's all too easy to screw up when adding an SSH key: invalid line breaks (copy paste from a pager), truncated lines, ... Sloecode will happily accept a lot of invalid input. Of course, authentication will never work.

This patch add more validation checks to prevent this.

To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'sloecode/model/authkey.py'
2--- sloecode/model/authkey.py 2011-05-19 08:25:51 +0000
3+++ sloecode/model/authkey.py 2011-10-27 21:20:43 +0000
4@@ -4,7 +4,9 @@
5 from sqlalchemy import Column
6 from sqlalchemy.types import Integer, Text
7 from sqlalchemy.schema import ForeignKey
8+from twisted.conch.ssh.keys import BadKeyError, Key as SSHKey
9 import formencode
10+import base64
11 import re
12
13 from sloecode.model.meta import Base, QueryMixin
14@@ -43,12 +45,21 @@
15 def _to_python(self, value, state):
16 """Try to validate form data.
17 """
18+ def raise_badkey():
19+ raise formencode.Invalid('Invalid SSH Key.', value, state)
20 match = self.regexp.match(value)
21- if match:
22- return match.groups()
23- else:
24- raise formencode.Invalid(
25- 'Invalid SSH Key.', value, state)
26+ if not match:
27+ raise_badkey()
28+ ssh_type, data, comment = match.groups()
29+ try:
30+ blob = base64.b64decode(data)
31+ except TypeError:
32+ raise_badkey()
33+ try:
34+ key = SSHKey.fromString(blob, type='BLOB')
35+ except BadKeyError:
36+ raise_badkey()
37+ return ssh_type, data, comment
38
39 class AuthKeySchema(formencode.Schema):
40 "A formencode schema for the AuthKey object."

Subscribers

People subscribed via source and target branches