SelfPrivacy/selfprivacy-rest-api
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git synced 2024-10-31 17:17:17 +00:00
Code Issues Projects Releases Wiki Activity

Move SSH key validation to utils

Browse source
This commit is contained in:
Inex Code 2021-11-23 20:32:51 +02:00
parent ec7ff62d59
commit b185724000
2 changed files with 18 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
selfprivacy_api/resources/services/ssh.py
View file

@ -3,7 +3,7 @@
from flask_restful import Resource, reqparse
from selfprivacy_api.resources.services import api
from selfprivacy_api.utils import WriteUserData, ReadUserData
from selfprivacy_api.utils import WriteUserData, ReadUserData, validate_ssh_public_key
class EnableSSH(Resource):
@ -154,10 +154,7 @@ class WriteSSHKey(Resource):
public_key = args["public_key"]
# Validate SSH public key
# It may be ssh-ed25519 or ssh-rsa
if not public_key.startswith("ssh-ed25519"):
if not public_key.startswith("ssh-rsa"):
if not validate_ssh_public_key(public_key):
return {
"error": "Invalid key type. Only ssh-ed25519 and ssh-rsa are supported.",
}, 400
@ -272,10 +269,7 @@ class SSHKeys(Resource):
"error": "Use /ssh/key/send to add root keys",
}, 400
# Validate SSH public key
# It may be ssh-ed25519 or ssh-rsa
if not args["public_key"].startswith("ssh-ed25519"):
if not args["public_key"].startswith("ssh-rsa"):
if not validate_ssh_public_key(args["public_key"]):
return {
"error": "Invalid key type. Only ssh-ed25519 and ssh-rsa are supported.",
}, 400

9
selfprivacy_api/utils.py
View file

@ -49,3 +49,12 @@ class ReadUserData(object):
def __exit__(self, *args):
portalocker.unlock(self.userdata_file)
self.userdata_file.close()
def validate_ssh_public_key(key):
"""Validate SSH public key. It may be ssh-ed25519 or ssh-rsa."""
if not key.startswith("ssh-ed25519"):
if not key.startswith("ssh-rsa"):
return False
return True