aboutsummaryrefslogtreecommitdiff
path: root/gitosis/ssh.py
diff options
context:
space:
mode:
authorTommi Virtanen <tv@eagain.net>2007-12-11 22:43:05 +0200
committerTommi Virtanen <tv@eagain.net>2007-12-11 22:43:05 +0200
commitcbea1785d068bfb1e402234e08d8d74512a70c5e (patch)
tree9f6d9353a21a9d1059462225bd92eca170f4736a /gitosis/ssh.py
parentCreate ~git/gitosis in gitosis-init. (diff)
downloadgitosis-dakkar-cbea1785d068bfb1e402234e08d8d74512a70c5e.tar.gz
gitosis-dakkar-cbea1785d068bfb1e402234e08d8d74512a70c5e.tar.bz2
gitosis-dakkar-cbea1785d068bfb1e402234e08d8d74512a70c5e.zip
Enforce safe usernames also when reading public key files from keydir.
Warning: if your keyfiles contain more than just a-z0-9, at sign, dots or dashes, you will likely end up cutting off your access to your gitosis repository with this upgrade.
Diffstat (limited to 'gitosis/ssh.py')
-rw-r--r--gitosis/ssh.py13
1 files changed, 13 insertions, 0 deletions
diff --git a/gitosis/ssh.py b/gitosis/ssh.py
index 3eb5c37..9e8d258 100644
--- a/gitosis/ssh.py
+++ b/gitosis/ssh.py
@@ -1,4 +1,13 @@
import os, errno, re
+import logging
+
+log = logging.getLogger('gitosis.ssh')
+
+_ACCEPTABLE_USER_RE = re.compile(r'^[a-z][a-z0-9]*(@[a-z][a-z0-9.-]*)?$')
+
+def isSafeUsername(user):
+ match = _ACCEPTABLE_USER_RE.match(user)
+ return (match is not None)
def readKeys(keydir):
"""
@@ -11,6 +20,10 @@ def readKeys(keydir):
if ext != '.pub':
continue
+ if not isSafeUsername(basename):
+ log.warn('Unsafe SSH username in keyfile: %r', filename)
+ continue
+
path = os.path.join(keydir, filename)
f = file(path)
for line in f:
generated by cgit v1.2.3 (git 2.46.0) at 2025-04-30 21:32:12 +0000