Commit 82e6bb75 authored by Leigh Stoller's avatar Leigh Stoller

Add ssh2 key support to all of the pages that deal with ssh keys.

parent 606d516e
......@@ -88,10 +88,10 @@ if ($canceled) {
if (!$confirmed) {
PAGEHEADER("SSH Public Key Maintenance");
echo "<center><h2><br>
echo "<center><h3><br>
Are you <b>REALLY</b>
sure you want to delete SSH Public Key '$key' for user '$target_uid'?
</h2>\n";
sure you want to delete this SSH Public Key for user '$target_uid'?
</h3>\n";
echo "<form action='deletepubkey.php3?target_uid=$target_uid&key=$key'
method=post>";
......
......@@ -415,11 +415,6 @@ if (! $returning) {
$formfields[usr_email], $checkerror)) {
$errors["Password"] = "$checkerror";
}
if (isset($formfields[usr_key]) &&
strcmp($formfields[usr_key], "") &&
! ereg("^[0-9a-zA-Z\@\. ]*$", $formfields[usr_key])) {
$errors["PubKey"] = "Invalid characters";
}
}
if (!isset($formfields[pid]) ||
strcmp($formfields[pid], "") == 0) {
......@@ -460,7 +455,21 @@ if (!$returning) {
#
if (isset($formfields[usr_key]) &&
strcmp($formfields[usr_key], "")) {
$usr_key[] = $formfields[usr_key];
#
# Replace any embedded newlines first.
#
$formfields[usr_key] = ereg_replace("[\n]", "", $formfields[usr_key]);
if (! preg_match("/^[-\w\s\.\@\+\/\=]*$/", $formfields[usr_key])) {
$errors["PubKey"] = "Invalid characters";
SPITFORM($formfields, $errors);
PAGEFOOTER();
return;
}
else {
$usr_key[] = $formfields[usr_key];
}
}
#
......@@ -477,7 +486,10 @@ if (!$returning) {
while (!feof($fp)) {
$buffer = fgets($fp, 4096);
if (! ereg("^[0-9a-zA-Z\@\. \n]*$", $buffer)) {
if (ereg("^[\n\#]", $buffer))
continue;
if (! preg_match("/^[-\w\s\.\@\+\/\=\r\n]*$/", $buffer)) {
$errors["PubKey File Contents"] = "Invalid characters";
fclose($fp);
......@@ -562,16 +574,20 @@ if (! $returning) {
#
$pieces = explode(" ", $stuff);
if (count($pieces) != 4) {
if (count($pieces) != 1) {
TBERROR("Bad Key for $joining_uid: $stuff", 0);
}
if (count($pieces) == 4) {
$key = "$pieces[0] $pieces[1] $pieces[2] $pieces[3]";
$comment = $pieces[3];
}
elseif (count($pieces) == 3) {
$key = "$pieces[0] $pieces[1] $pieces[2]";
$comment = $pieces[0] . "-" . $pieces[2];
}
elseif (count($pieces) == 1) {
continue;
}
# These have already been tested for bad chars above (ereg).
$key = "$pieces[0] $pieces[1] $pieces[2] $pieces[3]";
$comment = $pieces[3];
else {
TBERROR("Improper key: $stuff", 0);
}
DBQueryFatal("replace into user_pubkeys ".
"values ('$joining_uid', '$comment', '$key', now())");
}
......
......@@ -693,7 +693,21 @@ if (!$returning) {
#
if (isset($formfields[usr_key]) &&
strcmp($formfields[usr_key], "")) {
$usr_key[] = $formfields[usr_key];
#
# Replace any embedded newlines first.
#
$formfields[usr_key] = ereg_replace("[\n]", "", $formfields[usr_key]);
if (! preg_match("/^[-\w\s\.\@\+\/\=]*$/", $formfields[usr_key])) {
$errors["PubKey"] = "Invalid characters";
SPITFORM($formfields, $errors);
PAGEFOOTER();
return;
}
else {
$usr_key[] = $formfields[usr_key];
}
}
#
......@@ -710,7 +724,10 @@ if (!$returning) {
while (!feof($fp)) {
$buffer = fgets($fp, 4096);
if (! ereg("^[0-9a-zA-Z\@\. \n]*$", $buffer)) {
if (ereg("^[\n\#]", $buffer))
continue;
if (! preg_match("/^[-\w\s\.\@\+\/\=\r\n]*$/", $buffer)) {
$errors["PubKey File Contents"] = "Invalid characters";
fclose($fp);
......@@ -804,16 +821,20 @@ if (! $returning) {
#
$pieces = explode(" ", $stuff);
if (count($pieces) != 4) {
if (count($pieces) != 1) {
TBERROR("Bad Key for $proj_head_uid: $stuff", 0);
}
if (count($pieces) == 4) {
$key = "$pieces[0] $pieces[1] $pieces[2] $pieces[3]";
$comment = $pieces[3];
}
elseif (count($pieces) == 3) {
$key = "$pieces[0] $pieces[1] $pieces[2]";
$comment = $pieces[0] . "-" . $pieces[2];
}
elseif (count($pieces) == 1) {
continue;
}
# These have already been tested for bad chars above (ereg).
$key = "$pieces[0] $pieces[1] $pieces[2] $pieces[3]";
$comment = $pieces[3];
else {
TBERROR("Improper key: $stuff", 0);
}
DBQueryFatal("replace into user_pubkeys ".
"values ('$proj_head_uid', ".
" '$comment', '$key', now())");
......
......@@ -107,7 +107,8 @@ function SPITFORM($formfields, $errors)
echo "<br><hr size=4>\n";
echo "<center>
Enter new ssh public keys for user ${target_uid}[<b>1,2</b>].
Enter ssh (protocol 1 or 2) public keys for user
${target_uid}[<b>1,2</b>].
</center><br>\n";
if ($errors) {
......@@ -223,7 +224,7 @@ if (isset($formfields[usr_key]) &&
#
$formfields[usr_key] = ereg_replace("[\n]", "", $formfields[usr_key]);
if (! ereg("^[0-9a-zA-Z\@\. ]*$", $formfields[usr_key])) {
if (! preg_match("/^[-\w\s\.\@\+\/\=]*$/", $formfields[usr_key])) {
$errors["PubKey"] = "Invalid characters";
SPITFORM($formfields, $errors);
......@@ -252,7 +253,7 @@ if (isset($usr_keyfile) &&
if (ereg("^[\n\#]", $buffer))
continue;
if (! ereg("^[0-9a-zA-Z\@\.[:space:]\r\n]*$", $buffer)) {
if (! preg_match("/^[-\w\s\.\@\+\/\=\r\n]*$/", $buffer)) {
$errors["PubKey File Contents"] = "Invalid characters";
fclose($fp);
......@@ -294,16 +295,20 @@ if (isset($usr_key)) {
#
$pieces = explode(" ", $stuff);
if (count($pieces) != 4) {
if (count($pieces) != 1) {
TBERROR("Bad Key for $target_uid: $stuff", 0);
}
if (count($pieces) == 4) {
$key = "$pieces[0] $pieces[1] $pieces[2] $pieces[3]";
$comment = $pieces[3];
}
elseif (count($pieces) == 3) {
$key = "$pieces[0] $pieces[1] $pieces[2]";
$comment = $pieces[0] . "-" . $pieces[2];
}
elseif (count($pieces) == 1) {
continue;
}
# These have already been tested for bad chars above (ereg).
$key = "$pieces[0] $pieces[1] $pieces[2] $pieces[3]";
$comment = $pieces[3];
else {
TBERROR("Improper key: $stuff", 0);
}
DBQueryFatal("replace into user_pubkeys ".
"values ('$target_uid', '$comment', '$key', now())");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment