On Wed, 2014-06-11 at 16:57 +0200, Jan Cholasta wrote:
On 5.6.2014 16:34, Pavel Reichl wrote:
On Wed, 2014-06-04 at 17:05 +0200, Jan Cholasta wrote:
Hi,
the attached patch fixes https://fedorahosted.org/sssd/ticket/2349.
Honza
sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
Hello Honza,
I'm little confused about this ticket - reporter complained that it's not allowed to have newlines *anywhere* in the public key string, not even at the end. But you added support for newlines only at the end of the file. Does is it make any sense to have newlines at the public key at all? I was not able to quickly find relevant RFC. :-(
My mistake, I was the one who suggested the title of the ticket to the reporter. Newline should indeed not be allowed anywhere in the string except at the end.
OK then, I was thinking of updating trac ticket description but I then noticed it's linked to bugzilla so I'll I just leave it as it is now.
I'm afraid there is no RFC, I used OpenSSH source code as reference.
I also noticed that key is denied if it contains '\r'. From top of my head I would assume that if public key was generated on Windows or Mac that the sequence <CR><LF> or <CR> would be used to mark eol - so we should tolerate them to. Should not we?
Maybe, I don't know. OpenSSH uses only '\n' as line separator in authorized_keys.
I think this patch fixes the ticket and doesn't break anything. ACK
Thanks,
PR
PS: Also unit test would be nice, but I can do it myself later.
Could you please have a look at attached unit test?
If you like it, you are very welcome to extend it.
Thanks,
PR