[Da-tools-commits] ./debian/userdir-ldap r398: better check for ssh1 keys (which we do not accept). Merged from alioth but slightly improved regex

Peter Palfrader peter at palfrader.org
Sat May 17 09:18:45 UTC 2008 

------------------------------------------------------------
revno: 398
committer: Peter Palfrader <peter at palfrader.org>
branch nick: userdir-ldap
timestamp: Sat 2008-05-17 11:18:45 +0200
message:
  better check for ssh1 keys (which we do not accept).  Merged from alioth but slightly improved regex
modified:
  debian/changelog
  ud-mailgate
    ------------------------------------------------------------
    revno: 349.2.39
    committer: Joerg Jaspert <joerg at debian.org>
    branch nick: userdir-ldap-common
    timestamp: Thu 2008-05-15 01:02:17 +0200
    message:
      Merge from Debian
    modified:
      debian/changelog
      ud-generate
    ------------------------------------------------------------
    revno: 349.2.40
    committer: Joerg Jaspert <joerg at debian.org>
    branch nick: userdir-ldap-common
    timestamp: Thu 2008-05-15 23:35:13 +0200
    message:
      Modify the SSH1 key check so it matches all RSA1 keys, not only those of size 1024
    modified:
      ud-mailgate
-------------- next part --------------
=== modified file 'debian/changelog'
--- a/debian/changelog	2008-05-14 15:56:01 +0000
+++ b/debian/changelog	2008-05-17 09:18:45 +0000
@@ -1,3 +1,9 @@
+userdir-ldap (0.3.XX) Xnstable; urgency=low
+
+  * ud-mailgate: better regex for ssh1 keys, which we reject. [joerg, weasel]
+
+ -- Peter Palfrader <weasel at debian.org>  Sat, 17 May 2008 11:18:27 +0200
+
 userdir-ldap (0.3.23) unstable; urgency=low
 
   * Fix generation of known_hosts file.

=== modified file 'ud-mailgate'
--- a/ud-mailgate	2008-05-14 14:56:04 +0000
+++ b/ud-mailgate	2008-05-17 09:18:45 +0000
@@ -30,6 +30,7 @@
 DNS = {}
 
 SSHFingerprint = re.compile('^(\d+) ([0-9a-f\:]{47}) (.+)$')
+SSHRSA1Match = re.compile('^^(.* )?\d+ \d+ \d+')
 
 ArbChanges = {"c": "..",
 	      "l": ".*",
@@ -241,9 +242,9 @@
    g = Match.groups()
    typekey = g[1]
    if Match == None:
-      Match = re.compile('^1024 (\d+) ').match(Str)
+      Match = SSHRSA1Match.match(Str)
       if Match is not None:
-         return "SSH1 keys not supported anymore"
+         return "RSA1 keys not supported anymore"
       return None;
 
    (fd, path) = tempfile.mkstemp(".pub", "sshkeytry", "/tmp")

More information about the Da-tools-commits mailing list