HGKeeper

Make sure we have an ssh public key before we add it to version control. This is a safety feature to make sure no one accidentally adds their private key to the repository.

2019-09-12, Gary Kramlich

6837cd82348c

Parents 8f41bf671a91
Children d13c14d4fadb

Make sure we have an ssh public key before we add it to version control. This is a safety feature to make sure no one accidentally adds their private key to the repository.

1 files changed, 23 insertions(+), 0 deletions(-)

+23 -0

setup/command.go

~~--- a/setup/command.go Wed Sep 11 23:29:12 2019 -0500~~

+++ b/setup/command.go Thu Sep 12 00:14:32 2019 -0500

@@ -9,6 +9,8 @@

"strings"

"text/template"

+ "golang.org/x/crypto/ssh"

+

"bitbucket.org/rw_grim/hgkeeper/globals"

"bitbucket.org/rw_grim/hgkeeper/hg"

)

@@ -153,7 +155,28 @@

return nil

}

+func isPubkey(filename string) error {

+ bytes, err := ioutil.ReadFile(filename)

+ if err != nil {

+ return err

+ }

+

+ if _, err := ssh.ParsePublicKey(bytes); err != nil {

+ return err

+ }

+

+ return nil

+}

+

func (c *Command) Run(g *globals.Globals) error {

+ // make sure the adminPubkey is an SSH pubkey as it is too easy to

+ // accidentally give the path to the private key rather than the public

+ // key, and we do no want the private key in the repository.

+ if err := isPubkey(c.AdminSSHPubkey); err != nil {

+ return fmt.Errorf("%s is not a public key file", c.AdminSSHPubkey)

+ }

+

+ // create the admin repo

if err := c.createAdminRepo(g.ReposPath, g.AdminRepo); err != nil {

// do clean up

return err