diff options
| author | Robin H. Johnson <robbat2@gentoo.org> | 2008-01-22 01:42:09 -0800 |
|---|---|---|
| committer | Robin H. Johnson <robbat2@gentoo.org> | 2008-01-22 01:42:09 -0800 |
| commit | 57836836f33830a00b6991e1f218f144adceaeb1 (patch) | |
| tree | 141618cc8d63ad8f9ac4cdd01881cb8c0b571f47 | |
| parent | Remove old comment. (diff) | |
| download | gitosis-dakkar-57836836f33830a00b6991e1f218f144adceaeb1.tar.gz gitosis-dakkar-57836836f33830a00b6991e1f218f144adceaeb1.tar.bz2 gitosis-dakkar-57836836f33830a00b6991e1f218f144adceaeb1.zip | |
Include the from option in ssh keys for security where desired by users.
| -rw-r--r-- | gitosis/ssh.py | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/gitosis/ssh.py b/gitosis/ssh.py index 604d5b3..b3d5bd0 100644 --- a/gitosis/ssh.py +++ b/gitosis/ssh.py @@ -32,17 +32,23 @@ def readKeys(keydir): fp.close() COMMENT = '### autogenerated by gitosis, DO NOT EDIT' +SSH_KEY_ACCEPTED_OPTIONS = ['from'] def generateAuthorizedKeys(keys): """ Genarate the lines for the Gitosis ~/.ssh/authorized_keys. """ - TEMPLATE = ('command="gitosis-serve %(user)s",no-port-forwarding,' - +'no-X11-forwarding,no-agent-forwarding,no-pty %(key)s %(comment)s') + TEMPLATE = ('%(options)s %(key)s %(comment)s') + OPTIONS = ('command="gitosis-serve %(user)s",no-port-forwarding,' + +'no-X11-forwarding,no-agent-forwarding,no-pty') yield COMMENT for (user, key) in keys: - yield TEMPLATE % dict(user=user, key=key.key, comment=key.comment) + options = OPTIONS % dict(user=user, ) + for k in SSH_KEY_ACCEPTED_OPTIONS: + if k in key.options: + options += (',%s="%s"' % (k, key.options[k])) + yield TEMPLATE % dict(user=user, key=key.key, comment=key.comment, options=options) _GITOSIS_CMD_RE = '(/[^ "]+/)?gitosis-serve [^ "]+$' _COMMAND_RE = re.compile(_GITOSIS_CMD_RE) |