0005-Simplify-ssh-keys-memorization-in-ssh-auth.patch

Jean-Philippe Garcia Ballester, 04/17/2013 11:06 AM

Download (2.62 KB)

View differences:

src/authm_mad/remotes/ssh/ssh_auth.rb
48 48 

  		




  49
  49
  
    
        if options[:public_key]

  		




  50
  50
  
    
            @public_key = options[:public_key]

  		




  
  51
  
    
            @public_key = OpenSSL::PKey::RSA.new(Base64::decode64(@public_key))

  		




  51
  52
  
    
        elsif @private_key != nil

  		




  52
  53
  
    
            # Init ssh keys using private key. public key is extracted in a

  		




  53
  
  
    
            # format compatible with openssl. The public key does not contain

  		




  54
  
  
    
            # "---- BEGIN/END PUBLIC KEY ----" and is in a single line

  		




  55
  
  
    
            @public_key = @private_key_rsa.public_key.to_pem.split("\n")

  		




  56
  
  
    
            @public_key = @public_key.reject {|l| l.match(/PUBLIC KEY/) }.join('')

  		




  
  54
  
    
            # format compatible with openssl.

  		




  
  55
  
    
            @public_key = @private_key.public_key

  		




  57
  56
  
    
        end

  		




  58
  
  
    
        @public_key_rsa = OpenSSL::PKey::RSA.new(Base64::decode64(@public_key)) unless @public_key.nil?

  		




  59
  57
  
    

  		




  60
  58
  
    
        if @private_key.nil? && @public_key.nil?

  		




  61
  59
  
    
            raise "You have to define at least one of the keys"

  		




  ......




  96
  94
  
    
    # Returns a valid password string to create a user using this auth driver.

  		




  97
  95
  
    
    # In this case the ssh public key.

  		




  98
  96
  
    
    def password

  		




  99
  
  
    
        @public_key

  		




  
  97
  
    
        # The public key does not contain "---- BEGIN/END PUBLIC KEY ----"

  		




  
  98
  
    
        # and is in a single line

  		




  
  99
  
    
        @public_key.to_pem.split("\n").reject {|l| l.match(/PUBLIC KEY/) }.join('')

  		




  100
  100
  
    
    end

  		




  101
  101
  
    

  		




  102
  102
  
    
    # Checks the proxy created with the login method

  		




  ......




  127
  127
  
    
    # Encrypts data with the private key of the user and returns

  		




  128
  128
  
    
    # base 64 encoded output in a single line

  		




  129
  129
  
    
    def encrypt(data)

  		




  130
  
  
    
        Base64::encode64(@private_key_rsa.private_encrypt(data)).gsub!(/\n/, '').strip

  		




  
  130
  
    
        Base64::encode64(@private_key.private_encrypt(data)).gsub!(/\n/, '').strip

  		




  131
  131
  
    
    end

  		




  132
  132
  
    

  		




  133
  133
  
    
    # Decrypts base 64 encoded data with pub_key (public key)

  		




  134
  134
  
    
    def decrypt(data)

  		




  135
  
  
    
        @public_key_rsa.public_decrypt(Base64::decode64(data))

  		




  
  135
  
    
        @public_key.public_decrypt(Base64::decode64(data))

  		




  136
  136
  
    
    end

  		




  137
  137
  
    
end

  		




  138
  
  
    
-