aboutsummaryrefslogtreecommitdiff
path: root/gitosis/init.py
diff options
context:
space:
mode:
authorTommi Virtanen <tv@eagain.net>2007-12-11 22:43:05 +0200
committerTommi Virtanen <tv@eagain.net>2007-12-11 22:43:05 +0200
commitcbea1785d068bfb1e402234e08d8d74512a70c5e (patch)
tree9f6d9353a21a9d1059462225bd92eca170f4736a /gitosis/init.py
parentCreate ~git/gitosis in gitosis-init. (diff)
downloadgitosis-dakkar-cbea1785d068bfb1e402234e08d8d74512a70c5e.tar.gz
gitosis-dakkar-cbea1785d068bfb1e402234e08d8d74512a70c5e.tar.bz2
gitosis-dakkar-cbea1785d068bfb1e402234e08d8d74512a70c5e.zip
Enforce safe usernames also when reading public key files from keydir.
Warning: if your keyfiles contain more than just a-z0-9, at sign, dots or dashes, you will likely end up cutting off your access to your gitosis repository with this upgrade.
Diffstat (limited to 'gitosis/init.py')
-rw-r--r--gitosis/init.py6
1 files changed, 2 insertions, 4 deletions
diff --git a/gitosis/init.py b/gitosis/init.py
index c7443b1..87ad9a7 100644
--- a/gitosis/init.py
+++ b/gitosis/init.py
@@ -5,7 +5,6 @@ Initialize a user account for use with gitosis.
import errno
import logging
import os
-import re
import sys
from pkg_resources import resource_filename
@@ -14,6 +13,7 @@ from ConfigParser import RawConfigParser
from gitosis import repository
from gitosis import run_hook
+from gitosis import ssh
from gitosis import util
from gitosis import app
@@ -25,8 +25,6 @@ def read_ssh_pubkey(fp=None):
line = fp.readline()
return line
-_ACCEPTABLE_USER_RE = re.compile(r'^[a-z][a-z0-9]*(@[a-z][a-z0-9.-]*)?$')
-
class InsecureSSHKeyUsername(Exception):
"""Username contains not allowed characters"""
@@ -35,7 +33,7 @@ class InsecureSSHKeyUsername(Exception):
def ssh_extract_user(pubkey):
_, user = pubkey.rsplit(None, 1)
- if _ACCEPTABLE_USER_RE.match(user):
+ if ssh.isSafeUsername(user):
return user
else:
raise InsecureSSHKeyUsername(repr(user))
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-20 19:30:37 +0000