mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-22 11:23:10 +00:00
Add specific function and check on validation for sshfp
This commit is contained in:
parent
2846a7fb32
commit
e8a9e64c3f
1 changed files with 26 additions and 7 deletions
|
@ -1276,14 +1276,8 @@ class SshFp(RevMixin, AclMixin, models.Model):
|
||||||
"""Get the hashes for the pub key with correct ID.
|
"""Get the hashes for the pub key with correct ID.
|
||||||
|
|
||||||
See RFC: 1 is sha1 , 2 is sha256.
|
See RFC: 1 is sha1 , 2 is sha256.
|
||||||
|
|
||||||
Because of b64 MUST be divided by 4, we add a "padding" = carracter 3 times.
|
|
||||||
This padding is then ignored if the pubkey is greater than a multiple of 4.
|
|
||||||
More informations on : https://gist.github.com/perrygeo/ee7c65bb1541ff6ac770
|
|
||||||
As said in the thread, this fix is not optimal, however it is very simple as
|
|
||||||
no options on b64decode function exists.
|
|
||||||
"""
|
"""
|
||||||
pubkey = base64.b64decode(self.pub_key_entry + "===")
|
pubkey = self.base64_pubkey()
|
||||||
return {
|
return {
|
||||||
"1": hashlib.sha1(pubkey).hexdigest(),
|
"1": hashlib.sha1(pubkey).hexdigest(),
|
||||||
"2": hashlib.sha256(pubkey).hexdigest(),
|
"2": hashlib.sha256(pubkey).hexdigest(),
|
||||||
|
@ -1303,6 +1297,31 @@ class SshFp(RevMixin, AclMixin, models.Model):
|
||||||
def can_delete(self, user_request, *args, **kwargs):
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
return self.machine.can_delete(user_request, *args, **kwargs)
|
return self.machine.can_delete(user_request, *args, **kwargs)
|
||||||
|
|
||||||
|
def base64_pubkey(self):
|
||||||
|
"""Function to decode in base64 the pub key entry
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
Base64 decoded value of pub_key_entry
|
||||||
|
|
||||||
|
Because of b64 MUST be divided by 4, we add a "padding" = carracter 3 times.
|
||||||
|
This padding is then ignored if the pubkey is greater than a multiple of 4.
|
||||||
|
More informations on : https://gist.github.com/perrygeo/ee7c65bb1541ff6ac770
|
||||||
|
As said in the thread, this fix is not optimal, however it is very simple as
|
||||||
|
no options on b64decode function exists."""
|
||||||
|
return base64.b64decode(self.pub_key_entry + "===")
|
||||||
|
|
||||||
|
def clean(self, *args, **kwargs):
|
||||||
|
"""Check if the pub_key_entry is a valid base64 entry.
|
||||||
|
|
||||||
|
Raises:
|
||||||
|
ValidationError: the pub key entry is not a valid base64 enty.
|
||||||
|
"""
|
||||||
|
try:
|
||||||
|
self.base64_pubkey()
|
||||||
|
except ValueError:
|
||||||
|
raise ValidationError(_("Ssh pub key entry is incorrect base64 entry"))
|
||||||
|
super(SshFp, self).clean(*args, **kwargs)
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return str(self.algo) + " " + str(self.comment)
|
return str(self.algo) + " " + str(self.comment)
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue