refresh-auth
changeset 4 dcd195f3e52c
parent 3 7e659a6870de
child 6 505d4789f91c
equal deleted inserted replaced
3:7e659a6870de 4:dcd195f3e52c
     1 #!/usr/bin/python
     1 #!/usr/bin/python
     2 
     2 
     3 # WARNING
     3 # WARNING
     4 # This script completely destroys your .ssh/authorized_keys
     4 # This script completely destroys your ~/.ssh/authorized_keys
     5 # file every time it is run
     5 # file every time it is run
     6 # WARNING
     6 # WARNING
     7 
     7 
       
     8 import sys
     8 import os
     9 import os
     9 import os.path
    10 import os.path
    10 import re
    11 import re
    11 
    12 
       
    13 if len(sys.argv) != 2:
       
    14     sys.stderr.write("refresh-auth: wrong number of arguments (%s)" % sys.argv)
       
    15     sys.exit(-1)
       
    16 
       
    17 wrappercommand = sys.argv[1]
    12 akeyfile = os.path.expanduser("~/.ssh/authorized_keys")
    18 akeyfile = os.path.expanduser("~/.ssh/authorized_keys")
    13 
    19 
    14 allowedchars = "A-Za-z0-9_.-"
    20 allowedchars = "A-Za-z0-9_.-"
    15 goodpathre = re.compile("([%s]+/)*[%s]+$" % (allowedchars, allowedchars))
    21 goodpathre = re.compile("([%s]+/)*[%s]+$" % (allowedchars, allowedchars))
    16 akeys = open(akeyfile + "_new", "w")
    22 akeys = open(akeyfile + "_new", "w")
    20         if goodpathre.match(ffn) is None:
    26         if goodpathre.match(ffn) is None:
    21             # ignore any path that contains dodgy characters
    27             # ignore any path that contains dodgy characters
    22             continue
    28             continue
    23         keyname = ffn[5:]
    29         keyname = ffn[5:]
    24         prefix=('command="%s",no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding'
    30         prefix=('command="%s",no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding'
    25             % ('./.hg-ssh-wrapper %s' % keyname))
    31             % ('%s %s' % (wrappercommand, keyname))
    26         kf = open(ffn)
    32         kf = open(ffn)
    27         try:
    33         try:
    28             for l in kf:
    34             for l in kf:
    29                 #prefix='no-port-forwarding,no-X11-forwarding,no-agent-forwarding'
       
    30                 akeys.write("%s %s\n" % (prefix, l.strip()))
    35                 akeys.write("%s %s\n" % (prefix, l.strip()))
    31         finally:
    36         finally:
    32             kf.close()
    37             kf.close()
    33 
    38 
    34 os.rename(akeyfile + "_new", akeyfile)
    39 os.rename(akeyfile + "_new", akeyfile)