From: Peter Palfrader <peter@palfrader.org>
Date: Sat, 17 May 2008 09:18:45 +0000 (+0200)
Subject: better check for ssh1 keys (which we do not accept).  Merged from alioth but slightly... 
X-Git-Tag: userdir-ldap-0.3.24~10
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=74d3791d33481944e3960dcda23842838ef3dcd3;hp=653566b328a70f1f4b765967d72660ebae44473e;p=mirror%2Fuserdir-ldap.git

better check for ssh1 keys (which we do not accept).  Merged from alioth but slightly improved regex
---

diff --git a/debian/changelog b/debian/changelog
index 3a77d70..2d1e0ff 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+userdir-ldap (0.3.XX) Xnstable; urgency=low
+
+  * ud-mailgate: better regex for ssh1 keys, which we reject. [joerg, weasel]
+
+ -- Peter Palfrader <weasel@debian.org>  Sat, 17 May 2008 11:18:27 +0200
+
 userdir-ldap (0.3.23) unstable; urgency=low
 
   * Fix generation of known_hosts file.
diff --git a/ud-mailgate b/ud-mailgate
index 51942f1..4da4382 100755
--- a/ud-mailgate
+++ b/ud-mailgate
@@ -30,6 +30,7 @@ SeenList = {}
 DNS = {}
 
 SSHFingerprint = re.compile('^(\d+) ([0-9a-f\:]{47}) (.+)$')
+SSHRSA1Match = re.compile('^^(.* )?\d+ \d+ \d+')
 
 ArbChanges = {"c": "..",
 	      "l": ".*",
@@ -241,9 +242,9 @@ def DoSSH(Str, Attrs, badkeys, uid):
    g = Match.groups()
    typekey = g[1]
    if Match == None:
-      Match = re.compile('^1024 (\d+) ').match(Str)
+      Match = SSHRSA1Match.match(Str)
       if Match is not None:
-         return "SSH1 keys not supported anymore"
+         return "RSA1 keys not supported anymore"
       return None;
 
    (fd, path) = tempfile.mkstemp(".pub", "sshkeytry", "/tmp")