From c18573e42bb6a092b73690021994c6e585c85cfb Mon Sep 17 00:00:00 2001 From: Ted Trask Date: Tue, 22 Sep 2009 09:11:30 +0000 Subject: Allow to insert multiple certs and certs with \n. Sorted users and cert ids. --- openssh-model.lua | 62 +++++++++++++++++++++++++++++++++++-------------------- 1 file changed, 40 insertions(+), 22 deletions(-) diff --git a/openssh-model.lua b/openssh-model.lua index 4543866..6c44d34 100644 --- a/openssh-model.lua +++ b/openssh-model.lua @@ -187,6 +187,7 @@ function list_users() for user in posix.files("/home") do if fs.is_dir("/home/" .. user) and not string.find(user, "^%.") then users[#users + 1] = user end end + table.sort(users) return cfe({ type="list", value=users, label="User list" }) end @@ -222,6 +223,7 @@ function list_auths(user) table.insert(cmdresult.value.auth.value, parseauthline(line)) end end + table.sort(cmdresult.value.auth.value, function(a,b) return a.id < b.id end) return cmdresult end @@ -268,36 +270,52 @@ function create_auth(authstr) authstr.value.user.errtxt = "Invalid user" success = false end - -- not sure how to validate the cert - authstr.value.cert.value = string.gsub(format.dostounix(authstr.value.cert.value), "\n", "") - local val = parseauthline(authstr.value.cert.value) - if not val then - authstr.value.cert.errtxt = "Invalid format" - success = false - end + -- parse the current file to get existing keys + local file = "/"..authstr.value.user.value.."/.ssh/authorized_keys" + if authstr.value.user.value ~= "root" then file = "/home"..file end + local lines = {} + local auths = {} if success then - local file = "/"..authstr.value.user.value.."/.ssh/authorized_keys" - if authstr.value.user.value ~= "root" then file = "/home"..file end local data = fs.read_file(file) or "" - if string.match(data, "^[%s\n]*$") then - data = authstr.value.cert.value + for line in string.gmatch(data, "([^\n]+)\n?") do + auths[#auths+1] = parseauthline(line) + lines[#lines+1] = line + end + end + -- not sure how to validate the cert + -- try to handle certs that wrap lines and multiple certs in the entry + local certs = {} + for line in string.gmatch(format.dostounix(authstr.value.cert.value), "([^\n]*)\n?") do + if string.match(line, "^%s*ssh") then + certs[#certs+1] = line else - data = string.match(data, "^[%s\n]*(.*%S)[%s\n]*$") - for line in string.gmatch(data, "([^\n]+)\n?") do - local val2 = parseauthline(line) - if val.id == val2.id or val.key == val2.key then - authstr.value.cert.errtxt = "This key / ID already exists" - success = false - break - end + certs[#certs] = certs[#certs] .. line + end + end + for i,cert in ipairs(certs) do + local val = parseauthline(cert) + if not val then + authstr.value.cert.errtxt = "Invalid format" + success = false + break + end + for j,au in ipairs(auths) do + if val.id == au.id or val.key == au.key then + authstr.value.cert.errtxt = "This key / ID already exists" + success = false + break end - data = string.gsub(data, "\n*$", "\n"..authstr.value.cert.value) end if success then - fs.write_file(file, data) + lines[#lines+1] = cert + auths[#auths+1] = val + else + break end end - if not success then + if success then + fs.write_file(file, table.concat(lines, "\n") or "") + else authstr.errtxt = "Failed to add key" end return authstr -- cgit v1.2.3