Commit cd57c6ee authored by Leigh B. Stoller's avatar Leigh B. Stoller

Add length restriction on keylen.

Add a little bit more output to help in determining why keys get
rejected.
parent 55d23a53
...@@ -244,6 +244,13 @@ exit 1; ...@@ -244,6 +244,13 @@ exit 1;
sub ParseKey($) { sub ParseKey($) {
my ($keyline) = @_; my ($keyline) = @_;
# Enforce a reasonable length on the key.
if (length($keyline) > 4096) {
print "Key is too long!\n";
print "Key: $keyline\n";
return 0;
}
if ($keyline =~ /^(\d*\s\d*\s[0-9a-zA-Z]*) ([-\w\@\.]*)$/) { if ($keyline =~ /^(\d*\s\d*\s[0-9a-zA-Z]*) ([-\w\@\.]*)$/) {
# Protocol 1 # Protocol 1
...@@ -270,8 +277,11 @@ sub ParseKey($) { ...@@ -270,8 +277,11 @@ sub ParseKey($) {
} }
if (!defined($key)) { if (!defined($key)) {
print "Key cannot be parsed!\n";
print "Key: $keyline\n";
return 0; return 0;
} }
# Do not enter into DB if in verify mode. # Do not enter into DB if in verify mode.
if ($verify) { if ($verify) {
print "Key was good: $type\n"; print "Key was good: $type\n";
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment