summaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
authorStephen Hemminger <stephen.hemminger@vyatta.com>2010-02-17 12:00:12 -0800
committerStephen Hemminger <stephen.hemminger@vyatta.com>2010-02-17 12:45:03 -0800
commit3577a4f420d71c8d1040341776a2039ce232b7dd (patch)
treeea129dcd4345cc9e793823d4ae52d1cfc48960d3 /scripts
parent3ec0331cad6790982f9b1b2b4137eaadbc006b52 (diff)
downloadvyatta-cfg-system-3577a4f420d71c8d1040341776a2039ce232b7dd.tar.gz
vyatta-cfg-system-3577a4f420d71c8d1040341776a2039ce232b7dd.zip
Add support for options in keyfile
The sshd file format has optional options; copy them to a placeholder node and generate to authorized_keys Better error message when wrong number of arguments.
Diffstat (limited to 'scripts')
-rwxr-xr-xscripts/vyatta-load-user-key.pl44
1 files changed, 22 insertions, 22 deletions
diff --git a/scripts/vyatta-load-user-key.pl b/scripts/vyatta-load-user-key.pl
index 96114d45..29163f6a 100755
--- a/scripts/vyatta-load-user-key.pl
+++ b/scripts/vyatta-load-user-key.pl
@@ -27,11 +27,6 @@ use Vyatta::Config;
my $sbindir = $ENV{vyatta_sbindir};
-sub usage {
- print "Usage: $0 user filename|url\n";
- exit 1;
-}
-
sub check_http {
my ($url) = @_;
@@ -82,10 +77,6 @@ sub geturl {
return $curl;
}
-sub badkey {
- die "Not a valid key file format (see man sshd)"
-}
-
sub getkeys {
my ($user, $in) = @_;
@@ -95,33 +86,42 @@ sub getkeys {
next if /^#/; # ignore comments
# public key (format 2) consist of:
- # options, keytype, base64-encoded key, comment.
- my $pos = index $_, "ssh-";
- badkey
- unless ($pos >= 0); # missing keytype
+ # [options] keytype base64-encoded key comment
+ my @fields = split / /;
- my ($keytype, $keycode, $comment) = split / /, substr($_, $pos);
+ my $options;
+ $options = shift @fields
+ if ($#fields == 3);
- badkey
- unless defined($keytype) && defined($keycode) && defined($comment);
+ die "Not a valid key file format (see man sshd)"
+ unless $#fields == 2;
- badkey
+ my ($keytype, $keycode, $comment) = @fields;
+ die "Unknown key type $keytype : must be ssh-rsa or ssh-dss\n"
unless ($keytype eq 'ssh-rsa' || $keytype eq 'ssh-dss');
my $cmd
= "set system login user $user authentication public-keys $comment";
+ if ($options) {
+ system ("$sbindir/my_$cmd" . " options $options");
+ die "\"$cmd\" at "
+ if ($? >> 8);
+ }
+
system ("$sbindir/my_$cmd" . " type $keytype");
- die "\"$cmd\" type failed\n"
+ die "\"$cmd\" at "
if ($? >> 8);
- system ("$sbindir/my_$cmd" . " key \"$keycode\"");
- die "\"$cmd\" key failed\n"
+ system ("$sbindir/my_$cmd" . " key $keycode");
+ die "\"$cmd\" at "
if ($? >> 8);
}
}
-usage unless ($#ARGV == 1);
+die "Incorrect number of arguments, expect\n",
+ " loadkey user filename|url\n"
+ unless ($#ARGV == 1);
my $user = $ARGV[0];
my $source = $ARGV[1];
@@ -132,7 +132,7 @@ $config->setLevel("system login user");
die "User $user does not exist in current configuration\n"
unless $config->exists($user);
-addkeys($user, geturl($source));
+getkeys($user, geturl($source));
system("$sbindir/my_commit");
if ( $? >> 8 ) {