# HG changeset patch
# User Paul Crowley <paul@lshift.net>
# Date 1209746019 -3600
# Node ID 87279134a2128f2cb5aca6c2a31f490c5aa52e4a
# Parent 583ed103e021a233fef3eed9f511ee7e7c32db81
Convert PuTTY-style public keys automatically
diff -r 583ed103e021 -r 87279134a212 refresh-auth
--- a/refresh-auth Thu Apr 24 08:27:30 2008 +0100
+++ b/refresh-auth Fri May 02 17:33:39 2008 +0100
@@ -8,7 +8,8 @@
import sys
import os
import os.path
-import re
+import ruleset
+import subprocess
if len(sys.argv) != 2:
sys.stderr.write("refresh-auth: wrong number of arguments (%s)\n" % sys.argv)
@@ -17,24 +18,32 @@
wrappercommand = sys.argv[1]
akeyfile = os.path.expanduser("~/.ssh/authorized_keys")
-allowedchars = "A-Za-z0-9_.-"
-goodpathre = re.compile("([%s]+/)*[%s]+$" % (allowedchars, allowedchars))
akeys = open(akeyfile + "_new", "w")
for root, dirs, files in os.walk("keys"):
for fn in files:
ffn = os.path.join(root, fn)
- if goodpathre.match(ffn) is None:
+ if not ruleset.goodpath(ffn):
# ignore any path that contains dodgy characters
continue
keyname = ffn[5:]
prefix=('command="%s",no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding'
% ('%s %s' % (wrappercommand, keyname)))
- kf = open(ffn)
- try:
- for l in kf:
- akeys.write("%s %s\n" % (prefix, l.strip()))
- finally:
- kf.close()
+ p = subprocess.Popen(("ssh-keygen", "-i", "-f", ffn),
+ stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+ newkey = p.communicate()[0]
+ if p.wait() == 0:
+ klines = [l.strip() for l in newkey.split("\n")]
+ else:
+ # Conversion failed, read it directly.
+ kf = open(ffn)
+ try:
+ klines = [l.strip() for l in kf]
+ finally:
+ kf.close()
+ for l in klines:
+ if len(l):
+ akeys.write("%s %s\n" % (prefix, l))
+
akeys.close()
os.rename(akeyfile + "_new", akeyfile)