check that ssh public key received over the wire is sane

author: Joey Hess <joey@kitenet.net> 2012-09-10 18:18:55 -0400
committer: Joey Hess <joey@kitenet.net> 2012-09-10 18:18:55 -0400
commit: a41255723c55d0046e8a9953a7ebaef9d2196bb5 (patch)
tree: 5a62b90130f0c8ecdac220392191fd3dbf04c93b /Assistant/Ssh.hs
parent: c20d6f4189e1e0c3a1e8339f772df587fac38748 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/Assistant/Ssh.hs b/Assistant/Ssh.hs
index 7e72dd99d..c158f7dd2 100644
--- a/Assistant/Ssh.hs
+++ b/Assistant/Ssh.hs
@@ -83,6 +83,19 @@ sshTranscript opts input = do
 	return ()
 	return (transcript, ok)
 
+{- Ensure that the ssh public key doesn't include any ssh options, like
+ - command=foo, or other weirdness -}
+validateSshPubKey :: SshPubKey -> IO ()
+validateSshPubKey pubkey = do
+	let ws = words pubkey
+	when (length ws > 3 || length ws < 2) $
+		error $ "wrong number of words in ssh public key " ++ pubkey
+	let (ssh, keytype) = separate (== '-') (ws !! 0)
+	unless (ssh == "ssh" && all isAlphaNum keytype) $
+		error $ "bad ssh public key prefix " ++ ws !! 0
+	when (length ws == 3) $
+		unless (all (\c -> isAlphaNum c || c == '@') (ws !! 2)) $
+			error $ "bad comment in ssh public key " ++ pubkey
 
 makeAuthorizedKeys :: Bool -> SshPubKey -> IO Bool
 makeAuthorizedKeys rsynconly pubkey = boolSystem "sh"
author	Joey Hess <joey@kitenet.net>	2012-09-10 18:18:55 -0400
committer	Joey Hess <joey@kitenet.net>	2012-09-10 18:18:55 -0400
commit	a41255723c55d0046e8a9953a7ebaef9d2196bb5 (patch)
tree	5a62b90130f0c8ecdac220392191fd3dbf04c93b /Assistant/Ssh.hs
parent	c20d6f4189e1e0c3a1e8339f772df587fac38748 (diff)