Commit 236d7964 authored by tbrehm's avatar tbrehm
Browse files

Fixed: FS#1858 - Old SSH-RSA Public Key not deleted from authorized_keys when deleted or changed

parent a046bff7
......@@ -254,26 +254,41 @@ class shelluser_base_plugin {
$app->file->remove_blank_lines($sshkeys);
$this->app->log("ssh-rsa authorisation keyfile created in ".$sshkeys,LOGLEVEL_DEBUG);
}
if ($sshrsa != ''){
// Remove duplicate keys
$existing_keys = file($sshkeys);
$new_keys = explode("\n", $sshrsa);
$final_keys_arr = array_merge($existing_keys, $new_keys);
$new_final_keys_arr = array();
if(is_array($final_keys_arr) && !empty($final_keys_arr)){
foreach($final_keys_arr as $key => $val){
$new_final_keys_arr[$key] = trim($val);
}
//* Get the keys
$existing_keys = file($sshkeys);
$new_keys = explode("\n", $sshrsa);
$old_keys = explode("\n",$this->data['old']['ssh_rsa']);
//* Remove all old keys
if(is_array($old_keys)) {
foreach($old_keys as $key => $val) {
$k = array_search(trim($val),$existing_keys);
unset($existing_keys[$k]);
}
$final_keys = implode("\n", array_flip(array_flip($new_final_keys_arr)));
}
// add the custom key
file_put_contents($sshkeys, $final_keys);
$app->file->remove_blank_lines($sshkeys);
$this->app->log("ssh-rsa key updated in ".$sshkeys,LOGLEVEL_DEBUG);
//* merge the remaining keys and the ones fom the ispconfig database.
if(is_array($new_keys)) {
$final_keys_arr = array_merge($existing_keys, $new_keys);
} else {
$final_keys_arr = $existing_keys;
}
$new_final_keys_arr = array();
if(is_array($final_keys_arr) && !empty($final_keys_arr)){
foreach($final_keys_arr as $key => $val){
$new_final_keys_arr[$key] = trim($val);
}
}
$final_keys = implode("\n", array_flip(array_flip($new_final_keys_arr)));
// add the custom key
file_put_contents($sshkeys, $final_keys);
$app->file->remove_blank_lines($sshkeys);
$this->app->log("ssh-rsa key updated in ".$sshkeys,LOGLEVEL_DEBUG);
// set proper file permissions
// exec("chown -R ".escapeshellcmd($this->data['new']['puser']).":".escapeshellcmd($this->data['new']['pgroup'])." ".$usrdir);
exec("chown -R ".escapeshellcmd($this->data['new']['puser']).":".escapeshellcmd($this->data['new']['pgroup'])." ".$sshdir);
exec("chmod 600 '$sshkeys'");
......
......@@ -91,7 +91,7 @@ class shelluser_jailkit_plugin {
$this->_add_jailkit_user();
// call the ssh-rsa update function
//* call the ssh-rsa update function
$this->_setup_ssh_rsa();
$command .= 'usermod -s /usr/sbin/jk_chrootsh -U '.escapeshellcmd($data['new']['username']);
......@@ -132,7 +132,7 @@ class shelluser_jailkit_plugin {
$this->_setup_jailkit_chroot();
$this->_add_jailkit_user();
// call the ssh-rsa update function
//* call the ssh-rsa update function
$this->_setup_ssh_rsa();
$this->_update_website_security_level();
......@@ -392,26 +392,40 @@ class shelluser_jailkit_plugin {
$app->file->remove_blank_lines($sshkeys);
$this->app->log("ssh-rsa authorisation keyfile created in ".$sshkeys,LOGLEVEL_DEBUG);
}
if ($sshrsa != ''){
// Remove duplicate keys
$existing_keys = file($sshkeys);
$new_keys = explode("\n", $sshrsa);
$final_keys_arr = array_merge($existing_keys, $new_keys);
$new_final_keys_arr = array();
if(is_array($final_keys_arr) && !empty($final_keys_arr)){
foreach($final_keys_arr as $key => $val){
$new_final_keys_arr[$key] = trim($val);
}
//* Get the keys
$existing_keys = file($sshkeys);
$new_keys = explode("\n", $sshrsa);
$old_keys = explode("\n",$this->data['old']['ssh_rsa']);
//* Remove all old keys
if(is_array($old_keys)) {
foreach($old_keys as $key => $val) {
$k = array_search(trim($val),$existing_keys);
unset($existing_keys[$k]);
}
$final_keys = implode("\n", array_flip(array_flip($new_final_keys_arr)));
}
// add the custom key
file_put_contents($sshkeys, $final_keys);
$app->file->remove_blank_lines($sshkeys);
$this->app->log("ssh-rsa key updated in ".$sshkeys,LOGLEVEL_DEBUG);
//* merge the remaining keys and the ones fom the ispconfig database.
if(is_array($new_keys)) {
$final_keys_arr = array_merge($existing_keys, $new_keys);
} else {
$final_keys_arr = $existing_keys;
}
$new_final_keys_arr = array();
if(is_array($final_keys_arr) && !empty($final_keys_arr)){
foreach($final_keys_arr as $key => $val){
$new_final_keys_arr[$key] = trim($val);
}
}
$final_keys = implode("\n", array_flip(array_flip($new_final_keys_arr)));
// add the custom key
file_put_contents($sshkeys, $final_keys);
$app->file->remove_blank_lines($sshkeys);
$this->app->log("ssh-rsa key updated in ".$sshkeys,LOGLEVEL_DEBUG);
// set proper file permissions
// exec("chown -R ".escapeshellcmd($this->data['new']['puser']).":".escapeshellcmd($this->data['new']['pgroup'])." ".$usrdir);
exec("chown -R ".escapeshellcmd($this->data['new']['puser']).":".escapeshellcmd($this->data['new']['pgroup'])." ".$sshdir);
exec("chmod 700 ".$sshdir);
exec("chmod 600 '$sshkeys'");
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment