diff options
| author | Jacob Vosmaer <jacob@gitlab.com> | 2016-09-16 11:43:05 +0200 |
|---|---|---|
| committer | Jacob Vosmaer <jacob@gitlab.com> | 2016-09-16 11:49:11 +0200 |
| commit | 67ec96e3e0ea9d25356ed3de0be12c0d92ed6d16 (patch) | |
| tree | e470e02d29c3b67fd372c8efed473ca1d466fa85 /lib | |
| parent | 82b8cc5d66655605091b1fa089b6a3e946bd536d (diff) | |
| download | gitlab-ce-67ec96e3e0ea9d25356ed3de0be12c0d92ed6d16.tar.gz | |
Strip comments before sending keys to gitlab-shell
Avoid issues with text encoding by not sending out non-7-bit ASCII
text.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/22167
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/gitlab/backend/shell.rb | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/lib/gitlab/backend/shell.rb b/lib/gitlab/backend/shell.rb index c412249a01e..79eac66b364 100644 --- a/lib/gitlab/backend/shell.rb +++ b/lib/gitlab/backend/shell.rb @@ -6,7 +6,12 @@ module Gitlab KeyAdder = Struct.new(:io) do def add_key(id, key) - key.gsub!(/[[:space:]]+/, ' ').strip! + key = Gitlab::Shell.strip_key(key) + # Newline and tab are part of the 'protocol' used to transmit id+key to the other end + if key.include?("\t") || key.include?("\n") + raise Error.new("Invalid key: #{key.inspect}") + end + io.puts("#{id}\t#{key}") end end @@ -16,6 +21,10 @@ module Gitlab @version_required ||= File.read(Rails.root. join('GITLAB_SHELL_VERSION')).strip end + + def strip_key(key) + key.split(/ /)[0, 2].join(' ') + end end # Init new repository @@ -107,7 +116,7 @@ module Gitlab # def add_key(key_id, key_content) Gitlab::Utils.system_silent([gitlab_shell_keys_path, - 'add-key', key_id, key_content]) + 'add-key', key_id, self.class.strip_key(key_content)]) end # Batch-add keys to authorized_keys |