src/mercurialserver/refreshauth.py
changeset 107 84e9e33d866b
parent 106 0519745e7a57
child 165 3606d60b07e5
--- a/src/mercurialserver/refreshauth.py	Mon Oct 12 16:04:07 2009 +0100
+++ b/src/mercurialserver/refreshauth.py	Mon Oct 12 16:25:02 2009 +0100
@@ -6,13 +6,14 @@
 # WARNING
 
 import re
+import base64
 import os
 import os.path
 import pwd
 import subprocess
 from mercurialserver import paths
 
-goodkey = re.compile("[A-Za-z0-9._-]+$")
+goodkey = re.compile("[/A-Za-z0-9._-]+$")
 
 def refreshAuth(pw_dir):
     akeyfile = pw_dir + "/.ssh/authorized_keys"
@@ -40,11 +41,9 @@
                     raise Exception("Inconsistent behaviour in os.walk, bailing")
                 #print "Processing file", ffn
                 keyname = ffn[len(kr):]
-                # FIXME: still too strict
-                if not goodkey.match(keyname)
-                    # ignore any path that contains dodgy characters
-                    print "Ignoring key that contains banned character:", ffn
-                    continue
+                if not goodkey.match(keyname):
+                    # Encode it for safe quoting
+                    keyname = "--base64 " + base64.b64encode(keyname)
                 p = subprocess.Popen(("ssh-keygen", "-i", "-f", ffn), 
                     stdout=subprocess.PIPE, stderr=subprocess.PIPE)
                 newkey = p.communicate()[0]