Backup_Repos/filestash
1
0
Fork 0
mirror of https://github.com/mickael-kerjean/filestash synced 2025-12-28 03:05:35 +01:00
Code Issues Projects Releases Wiki Activity

fix (#279): detect private key in SFTP password

Browse source
This commit is contained in:
Mickael Kerjean 2020-06-07 12:28:23 +10:00
parent 210118b3a9
commit 851142284c
1 changed files with 20 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
server/model/backend/sftp.go
View file

@ -7,6 +7,7 @@ import (
"io"
"net"
"os"
"regexp"
"strings"
)
@ -53,12 +54,28 @@ func (s Sftp) Init(params map[string]string, app *App) (IBackend, error) {
addr := p.hostname + ":" + p.port
var auth []ssh.AuthMethod
isPrivateKey := func(pass string) bool {
p := strings.TrimSpace(pass)
if len(pass) > 1000 && strings.HasPrefix(p, "-----") && strings.HasSuffix(p, "-----") {
return true
keyStartMatcher := regexp.MustCompile(`^-----BEGIN [A-Z\ ]+-----`)
keyEndMatcher := regexp.MustCompile(`-----END [A-Z\ ]+-----$`)
keyContentMatcher := regexp.MustCompile(`^[a-zA-Z0-9\+\/\=\n]+$`)
// match private key beginning
if keyStartMatcher.FindStringIndex(p) == nil {
return false
}
return false
p = keyStartMatcher.ReplaceAllString(p, "")
// match private key ending
if keyEndMatcher.FindStringIndex(p) == nil {
return false
}
p = keyEndMatcher.ReplaceAllString(p, "")
// match private key content
if keyContentMatcher.FindStringIndex(p) == nil {
return false
}
return true
}
if isPrivateKey(p.password) {