SelfPrivacy/selfprivacy-rest-api
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git synced 2024-11-01 01:27:17 +00:00
Code Issues Projects Releases Wiki Activity

Move SSH key validation to utils

Browse source
This commit is contained in:
Inex Code 2021-11-23 20:32:51 +02:00
parent ec7ff62d59
commit b185724000
2 changed files with 18 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
selfprivacy_api/resources/services/ssh.py
View file

@ -3,7 +3,7 @@
from flask_restful import Resource, reqparse from flask_restful import Resource, reqparse
from selfprivacy_api.resources.services import api from selfprivacy_api.resources.services import api
from selfprivacy_api.utils import WriteUserData, ReadUserData from selfprivacy_api.utils import WriteUserData, ReadUserData, validate_ssh_public_key
class EnableSSH(Resource): class EnableSSH(Resource):
@ -154,13 +154,10 @@ class WriteSSHKey(Resource):
public_key = args["public_key"] public_key = args["public_key"]
# Validate SSH public key if not validate_ssh_public_key(public_key):
# It may be ssh-ed25519 or ssh-rsa return {
if not public_key.startswith("ssh-ed25519"): "error": "Invalid key type. Only ssh-ed25519 and ssh-rsa are supported.",
if not public_key.startswith("ssh-rsa"): }, 400
return {
"error": "Invalid key type. Only ssh-ed25519 and ssh-rsa are supported.",
}, 400
with WriteUserData() as data: with WriteUserData() as data:
if "ssh" not in data: if "ssh" not in data:
@ -272,13 +269,10 @@ class SSHKeys(Resource):
"error": "Use /ssh/key/send to add root keys", "error": "Use /ssh/key/send to add root keys",
}, 400 }, 400
# Validate SSH public key if not validate_ssh_public_key(args["public_key"]):
# It may be ssh-ed25519 or ssh-rsa return {
if not args["public_key"].startswith("ssh-ed25519"): "error": "Invalid key type. Only ssh-ed25519 and ssh-rsa are supported.",
if not args["public_key"].startswith("ssh-rsa"): }, 400
return {
"error": "Invalid key type. Only ssh-ed25519 and ssh-rsa are supported.",
}, 400
with WriteUserData() as data: with WriteUserData() as data:
if username == data["username"]: if username == data["username"]:

9
selfprivacy_api/utils.py
View file

@ -49,3 +49,12 @@ class ReadUserData(object):
def __exit__(self, *args): def __exit__(self, *args):
portalocker.unlock(self.userdata_file) portalocker.unlock(self.userdata_file)
self.userdata_file.close() self.userdata_file.close()
def validate_ssh_public_key(key):
"""Validate SSH public key. It may be ssh-ed25519 or ssh-rsa."""
if not key.startswith("ssh-ed25519"):
if not key.startswith("ssh-rsa"):
return False
return True