From cf6bd8a7c18140b9a9f8bd10b5b050c0a938113c Mon Sep 17 00:00:00 2001 From: "M.Ravi" Date: Thu, 7 Sep 2017 00:31:09 +0200 Subject: [PATCH] Validating ssh public keys using sshpubkeys --- hosting/forms.py | 27 ++++++++++++------------- hosting/locale/de/LC_MESSAGES/django.po | 8 +++++++- requirements.txt | 1 + 3 files changed, 21 insertions(+), 15 deletions(-) diff --git a/hosting/forms.py b/hosting/forms.py index cf8dd9b7..a4076339 100644 --- a/hosting/forms.py +++ b/hosting/forms.py @@ -6,6 +6,8 @@ import struct from django import forms from django.contrib.auth import authenticate from django.utils.translation import ugettext_lazy as _ +from sshpubkeys import SSHKey +from sshpubkeys.exceptions import InvalidKeyException from membership.models import CustomUser from .models import UserHostingKey @@ -89,28 +91,25 @@ class UserHostingKeyForm(forms.ModelForm): def clean_public_key(self): """ - A simple validation of ssh public key - See https://www.ietf.org/rfc/rfc4716.txt + A function that validates a public ssh key using sshpubkeys module :return: """ if 'generate' in self.request.POST: return self.data.get('public_key') KEY_ERROR_MESSAGE = _("Please input a proper SSH key") - openssh_pubkey = self.data.get('public_key') - data = None + openssh_pubkey_str = self.data.get('public_key') + ssh_key = SSHKey(openssh_pubkey_str) try: - key_type, key_string, comment = openssh_pubkey.split() - data = base64.decodebytes(key_string.encode('utf-8')) - except Exception as e: - logger.error("Exception while decoding ssh key {}".format(e)) + ssh_key.parse() + except InvalidKeyException as err: + logger.error( + "InvalidKeyException while parsing ssh key {0}".format(err)) raise forms.ValidationError(KEY_ERROR_MESSAGE) - int_len = 4 - str_len = struct.unpack('>I', data[:int_len])[0] - if str_len != 7: + except NotImplementedError as err: + logger.error( + "NotImplementedError while parsing ssh key {0}".format(err)) raise forms.ValidationError(KEY_ERROR_MESSAGE) - if data[int_len:int_len + str_len] != key_type.encode('utf-8'): - raise forms.ValidationError(KEY_ERROR_MESSAGE) - return openssh_pubkey + return openssh_pubkey_str def clean_name(self): return self.data.get('name') diff --git a/hosting/locale/de/LC_MESSAGES/django.po b/hosting/locale/de/LC_MESSAGES/django.po index f905d905..eb7db5fe 100644 --- a/hosting/locale/de/LC_MESSAGES/django.po +++ b/hosting/locale/de/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2017-09-02 03:08+0530\n" +"POT-Creation-Date: 2017-09-06 22:27+0000\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -24,6 +24,9 @@ msgstr "Dein Benutzername und/oder Dein Passwort ist falsch." msgid "Your account is not activated yet." msgstr "Dein Account wurde noch nicht aktiviert." +msgid "User does not exist" +msgstr "" + msgid "Paste here your public key" msgstr "Füge deinen Public Key ein" @@ -33,6 +36,9 @@ msgstr "Gebe deinem SSH-Key einen Name" msgid "Key name" msgstr "Key-Name" +msgid "Please input a proper SSH key" +msgstr "" + msgid "My Virtual Machines" msgstr "Meine virtuellen Maschinen" diff --git a/requirements.txt b/requirements.txt index 73f0bc39..89123b46 100644 --- a/requirements.txt +++ b/requirements.txt @@ -97,3 +97,4 @@ billiard==3.5.0.3 amqp==2.2.1 vine==1.1.4 git+https://github.com/ungleich/cdist.git#egg=cdist +sshpubkeys \ No newline at end of file