summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTed Trask <ttrask01@yahoo.com>2009-09-22 09:11:30 +0000
committerTed Trask <ttrask01@yahoo.com>2009-09-22 09:11:30 +0000
commitc18573e42bb6a092b73690021994c6e585c85cfb (patch)
treea2c0076db1d23b6f9c2f766250f1388d5e2f6564
parent12a83e0de075073da98f06c2a72fa597b3ba4775 (diff)
downloadacf-openssh-c18573e42bb6a092b73690021994c6e585c85cfb.tar.bz2
acf-openssh-c18573e42bb6a092b73690021994c6e585c85cfb.tar.xz
Allow to insert multiple certs and certs with \n. Sorted users and cert ids.
-rw-r--r--openssh-model.lua62
1 files changed, 40 insertions, 22 deletions
diff --git a/openssh-model.lua b/openssh-model.lua
index 4543866..6c44d34 100644
--- a/openssh-model.lua
+++ b/openssh-model.lua
@@ -187,6 +187,7 @@ function list_users()
for user in posix.files("/home") do
if fs.is_dir("/home/" .. user) and not string.find(user, "^%.") then users[#users + 1] = user end
end
+ table.sort(users)
return cfe({ type="list", value=users, label="User list" })
end
@@ -222,6 +223,7 @@ function list_auths(user)
table.insert(cmdresult.value.auth.value, parseauthline(line))
end
end
+ table.sort(cmdresult.value.auth.value, function(a,b) return a.id < b.id end)
return cmdresult
end
@@ -268,36 +270,52 @@ function create_auth(authstr)
authstr.value.user.errtxt = "Invalid user"
success = false
end
- -- not sure how to validate the cert
- authstr.value.cert.value = string.gsub(format.dostounix(authstr.value.cert.value), "\n", "")
- local val = parseauthline(authstr.value.cert.value)
- if not val then
- authstr.value.cert.errtxt = "Invalid format"
- success = false
- end
+ -- parse the current file to get existing keys
+ local file = "/"..authstr.value.user.value.."/.ssh/authorized_keys"
+ if authstr.value.user.value ~= "root" then file = "/home"..file end
+ local lines = {}
+ local auths = {}
if success then
- local file = "/"..authstr.value.user.value.."/.ssh/authorized_keys"
- if authstr.value.user.value ~= "root" then file = "/home"..file end
local data = fs.read_file(file) or ""
- if string.match(data, "^[%s\n]*$") then
- data = authstr.value.cert.value
+ for line in string.gmatch(data, "([^\n]+)\n?") do
+ auths[#auths+1] = parseauthline(line)
+ lines[#lines+1] = line
+ end
+ end
+ -- not sure how to validate the cert
+ -- try to handle certs that wrap lines and multiple certs in the entry
+ local certs = {}
+ for line in string.gmatch(format.dostounix(authstr.value.cert.value), "([^\n]*)\n?") do
+ if string.match(line, "^%s*ssh") then
+ certs[#certs+1] = line
else
- data = string.match(data, "^[%s\n]*(.*%S)[%s\n]*$")
- for line in string.gmatch(data, "([^\n]+)\n?") do
- local val2 = parseauthline(line)
- if val.id == val2.id or val.key == val2.key then
- authstr.value.cert.errtxt = "This key / ID already exists"
- success = false
- break
- end
+ certs[#certs] = certs[#certs] .. line
+ end
+ end
+ for i,cert in ipairs(certs) do
+ local val = parseauthline(cert)
+ if not val then
+ authstr.value.cert.errtxt = "Invalid format"
+ success = false
+ break
+ end
+ for j,au in ipairs(auths) do
+ if val.id == au.id or val.key == au.key then
+ authstr.value.cert.errtxt = "This key / ID already exists"
+ success = false
+ break
end
- data = string.gsub(data, "\n*$", "\n"..authstr.value.cert.value)
end
if success then
- fs.write_file(file, data)
+ lines[#lines+1] = cert
+ auths[#auths+1] = val
+ else
+ break
end
end
- if not success then
+ if success then
+ fs.write_file(file, table.concat(lines, "\n") or "")
+ else
authstr.errtxt = "Failed to add key"
end
return authstr