From: Michael Tremer Date: Thu, 18 Oct 2018 10:09:50 +0000 (+0100) Subject: people: Use SHA256 to identify an SSH key X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=44b7537010cbc62cac0f05ab7c017a68ed743b16;p=ipfire.org.git people: Use SHA256 to identify an SSH key Signed-off-by: Michael Tremer --- diff --git a/src/backend/accounts.py b/src/backend/accounts.py index 9f67e4a4..1c956c8b 100644 --- a/src/backend/accounts.py +++ b/src/backend/accounts.py @@ -619,9 +619,9 @@ class Account(Object): return ret - def get_ssh_key_by_hash_md5(self, hash_md5): + def get_ssh_key_by_hash_sha256(self, hash_sha256): for key in self.ssh_keys: - if not key.hash_md5() == hash_md5: + if not key.hash_sha256() == hash_sha256: continue return key diff --git a/src/templates/people/ssh-keys/index.html b/src/templates/people/ssh-keys/index.html index 250a2125..30d94533 100644 --- a/src/templates/people/ssh-keys/index.html +++ b/src/templates/people/ssh-keys/index.html @@ -9,7 +9,7 @@ {% for key in account.ssh_keys %}
  • - + {{ key.comment or _("%s Key") % key.key_type.decode() }}
    @@ -37,7 +37,7 @@ {% end %} {% if account.can_be_managed_by(current_user) %} - + {{ _("Delete") }} {% end %} diff --git a/src/web/__init__.py b/src/web/__init__.py index 041839ce..e721dbfa 100644 --- a/src/web/__init__.py +++ b/src/web/__init__.py @@ -261,8 +261,8 @@ class Application(tornado.web.Application): (r"/users/(\w+)/edit", people.UserEditHandler), (r"/users/(\w+)/passwd", people.UserPasswdHandler), (r"/users/(\w+)/ssh-keys", people.SSHKeysIndexHandler), - (r"/users/(\w+)/ssh-keys/(MD5\:.*)/delete", people.SSHKeysDeleteHandler), - (r"/users/(\w+)/ssh-keys/(MD5\:.*)", people.SSHKeysDownloadHandler), + (r"/users/(\w+)/ssh-keys/(SHA256\:.*)/delete", people.SSHKeysDeleteHandler), + (r"/users/(\w+)/ssh-keys/(SHA256\:.*)", people.SSHKeysDownloadHandler), (r"/users/(\w+)/ssh-keys/upload", people.SSHKeysUploadHandler), (r"/users/(\w+)/sip", people.SIPHandler), ] + authentication_handlers) diff --git a/src/web/people.py b/src/web/people.py index 8b537bfe..f6e615e4 100644 --- a/src/web/people.py +++ b/src/web/people.py @@ -116,15 +116,15 @@ class SSHKeysIndexHandler(base.BaseHandler): class SSHKeysDownloadHandler(base.BaseHandler): @tornado.web.authenticated - def get(self, uid, hash_md5): + def get(self, uid, hash_sha256): account = self.backend.accounts.get_by_uid(uid) if not account: raise tornado.web.HTTPError(404, "Could not find account %s" % uid) # Get SSH key - key = account.get_ssh_key_by_hash_md5(hash_md5) + key = account.get_ssh_key_by_hash_sha256(hash_sha256) if not key: - raise tornado.web.HTTPError(404, "Could not find key: %s" % hash_md5) + raise tornado.web.HTTPError(404, "Could not find key: %s" % hash_sha256) # Set HTTP Headers self.add_header("Content-Type", "text/plain") @@ -175,28 +175,28 @@ class SSHKeysUploadHandler(base.BaseHandler): class SSHKeysDeleteHandler(base.BaseHandler): @tornado.web.authenticated - def get(self, uid, hash_md5): + def get(self, uid, hash_sha256): account = self.backend.accounts.get_by_uid(uid) if not account: raise tornado.web.HTTPError(404, "Could not find account %s" % uid) # Get SSH key - key = account.get_ssh_key_by_hash_md5(hash_md5) + key = account.get_ssh_key_by_hash_sha256(hash_sha256) if not key: - raise tornado.web.HTTPError(404, "Could not find key: %s" % hash_md5) + raise tornado.web.HTTPError(404, "Could not find key: %s" % hash_sha256) self.render("people/ssh-keys/delete.html", account=account, key=key) @tornado.web.authenticated - def post(self, uid, hash_md5): + def post(self, uid, hash_sha256): account = self.backend.accounts.get_by_uid(uid) if not account: raise tornado.web.HTTPError(404, "Could not find account %s" % uid) # Get SSH key - key = account.get_ssh_key_by_hash_md5(hash_md5) + key = account.get_ssh_key_by_hash_sha256(hash_sha256) if not key: - raise tornado.web.HTTPError(404, "Could not find key: %s" % hash_md5) + raise tornado.web.HTTPError(404, "Could not find key: %s" % hash_sha256) # Verify password password = self.get_argument("password")