Commit ae99f05b authored by haseeb's avatar haseeb Committed by Rémy Coutable

fix #35133 strip new lines from ssh keys

parent 118dcff0
......@@ -16,8 +16,6 @@ class Key < ActiveRecord::Base
presence: true,
length: { maximum: 5000 },
format: { with: /\A(ssh|ecdsa)-.*\Z/ }
validates :key,
format: { without: /\n|\r/, message: 'should be a single line' }
validates :fingerprint,
uniqueness: true,
presence: { message: 'cannot be generated' }
......@@ -31,6 +29,7 @@ class Key < ActiveRecord::Base
after_destroy :post_destroy_hook
def key=(value)
value&.delete!("\n\r")
value.strip! unless value.blank?
write_attribute(:key, value)
end
......
......@@ -94,15 +94,17 @@ describe Key do
expect(key).not_to be_valid
end
it 'rejects the unfingerprintable key (not a key)' do
expect(build(:key, key: 'ssh-rsa an-invalid-key==')).not_to be_valid
it 'accepts a key with newline charecters after stripping them' do
key = build(:key)
key.key = key.key.insert(100, "\n")
key.key = key.key.insert(40, "\r\n")
expect(key).to be_valid
end
it 'rejects the multiple line key' do
key = build(:key)
key.key.tr!(' ', "\n")
expect(key).not_to be_valid
it 'rejects the unfingerprintable key (not a key)' do
expect(build(:key, key: 'ssh-rsa an-invalid-key==')).not_to be_valid
end
end
context 'callbacks' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment