rezometz/re2o
8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-05 09:26:27 +00:00
Code Issues Releases Wiki Activity

Add specific function and check on validation for sshfp

Browse source
This commit is contained in:
chirac 2021-01-09 00:47:04 +01:00 committed by Gabriel Detraz
parent 2846a7fb32
commit e8a9e64c3f
1 changed files with 26 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
machines/models.py
View file

@ -1276,14 +1276,8 @@ class SshFp(RevMixin, AclMixin, models.Model):
"""Get the hashes for the pub key with correct ID. """Get the hashes for the pub key with correct ID.
See RFC: 1 is sha1 , 2 is sha256. See RFC: 1 is sha1 , 2 is sha256.
Because of b64 MUST be divided by 4, we add a "padding" = carracter 3 times.
This padding is then ignored if the pubkey is greater than a multiple of 4.
More informations on : https://gist.github.com/perrygeo/ee7c65bb1541ff6ac770
As said in the thread, this fix is not optimal, however it is very simple as
no options on b64decode function exists.
""" """
pubkey = base64.b64decode(self.pub_key_entry + "===") pubkey = self.base64_pubkey()
return { return {
"1": hashlib.sha1(pubkey).hexdigest(), "1": hashlib.sha1(pubkey).hexdigest(),
"2": hashlib.sha256(pubkey).hexdigest(), "2": hashlib.sha256(pubkey).hexdigest(),
@ -1303,6 +1297,31 @@ class SshFp(RevMixin, AclMixin, models.Model):
def can_delete(self, user_request, *args, **kwargs): def can_delete(self, user_request, *args, **kwargs):
return self.machine.can_delete(user_request, *args, **kwargs) return self.machine.can_delete(user_request, *args, **kwargs)
def base64_pubkey(self):
"""Function to decode in base64 the pub key entry
Returns:
Base64 decoded value of pub_key_entry
Because of b64 MUST be divided by 4, we add a "padding" = carracter 3 times.
This padding is then ignored if the pubkey is greater than a multiple of 4.
More informations on : https://gist.github.com/perrygeo/ee7c65bb1541ff6ac770
As said in the thread, this fix is not optimal, however it is very simple as
no options on b64decode function exists."""
return base64.b64decode(self.pub_key_entry + "===")
def clean(self, *args, **kwargs):
"""Check if the pub_key_entry is a valid base64 entry.
Raises:
ValidationError: the pub key entry is not a valid base64 enty.
"""
try:
self.base64_pubkey()
except ValueError:
raise ValidationError(_("Ssh pub key entry is incorrect base64 entry"))
super(SshFp, self).clean(*args, **kwargs)
def __str__(self): def __str__(self):
return str(self.algo) + " " + str(self.comment) return str(self.algo) + " " + str(self.comment)