From 57836836f33830a00b6991e1f218f144adceaeb1 Mon Sep 17 00:00:00 2001
From: "Robin H. Johnson" <robbat2@gentoo.org>
Date: Tue, 22 Jan 2008 01:42:09 -0800
Subject: Include the from option in ssh keys for security where desired by
 users.

---
 gitosis/ssh.py | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/gitosis/ssh.py b/gitosis/ssh.py
index 604d5b3..b3d5bd0 100644
--- a/gitosis/ssh.py
+++ b/gitosis/ssh.py
@@ -32,17 +32,23 @@ def readKeys(keydir):
         fp.close()
 
 COMMENT = '### autogenerated by gitosis, DO NOT EDIT'
+SSH_KEY_ACCEPTED_OPTIONS = ['from']
 
 def generateAuthorizedKeys(keys):
     """
     Genarate the lines for the Gitosis ~/.ssh/authorized_keys.
     """
-    TEMPLATE = ('command="gitosis-serve %(user)s",no-port-forwarding,'
-                +'no-X11-forwarding,no-agent-forwarding,no-pty %(key)s %(comment)s')
+    TEMPLATE = ('%(options)s %(key)s %(comment)s')
+    OPTIONS = ('command="gitosis-serve %(user)s",no-port-forwarding,'
+               +'no-X11-forwarding,no-agent-forwarding,no-pty')
 
     yield COMMENT
     for (user, key) in keys:
-        yield TEMPLATE % dict(user=user, key=key.key, comment=key.comment)
+        options = OPTIONS % dict(user=user, )
+        for k in SSH_KEY_ACCEPTED_OPTIONS:
+            if k in key.options:
+                options += (',%s="%s"' % (k, key.options[k]))
+        yield TEMPLATE % dict(user=user, key=key.key, comment=key.comment, options=options)
 
 _GITOSIS_CMD_RE = '(/[^ "]+/)?gitosis-serve [^ "]+$'
 _COMMAND_RE = re.compile(_GITOSIS_CMD_RE)
-- 
cgit v1.2.3