[pve-devel] [PATCH 20/20] fix sshkeys verification

Alexandre Derumier aderumier at odiso.com
Sun Jun 18 15:03:26 CEST 2017 

use same verification than lxc

also rename sshkey param to sshkeys (as we can define multiple ssh keys)

Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
 PVE/API2/Qemu.pm  |  7 +++++++
 PVE/QemuServer.pm | 10 +++++-----
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index bc9e5dd..ee8bca2 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -466,6 +466,9 @@ __PACKAGE__->register_method({
 
 	my $storecfg = PVE::Storage::config();
 
+	my $ssh_keys = extract_param($param, 'sshkeys');
+	PVE::Tools::validate_ssh_public_keys($ssh_keys) if defined($ssh_keys);
+
 	PVE::Cluster::check_cfs_quorum();
 
 	if (defined($pool)) {
@@ -921,6 +924,7 @@ my $update_vm_api  = sub {
 
     my $background_delay = extract_param($param, 'background_delay');
 
+
     my @paramarr = (); # used for log message
     foreach my $key (keys %$param) {
 	push @paramarr, "-$key", $param->{$key};
@@ -936,6 +940,9 @@ my $update_vm_api  = sub {
 
     my $force = extract_param($param, 'force');
 
+    my $ssh_keys = extract_param($param, 'sshkeys');
+    PVE::Tools::validate_ssh_public_keys($ssh_keys) if defined($ssh_keys);
+
     die "no options specified\n" if !$delete_str && !$revert_str && !scalar(keys %$param);
 
     my $storecfg = PVE::Storage::config();
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index 084b86a..c5f661b 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -519,11 +519,11 @@ my $confdesc_cloudinit = {
 	type => 'string', format => 'address-list',
 	description => "cloud-init: Sets DNS server IP address for a container. Create will automatically use the setting from the host if neither searchdomain nor nameserver are set.",
     },
-    sshkey => {
+    sshkeys => {
 	optional => 1,
-	type => 'string', format => 'urlencoded',
-	maxLength => 1024,
-	description => "cloud-init: ssh keys for root",
+	type => 'string',
+	description => "cloud-init : Setup public SSH keys (one key per line, " .
+			"OpenSSH format).",
     },
     hostname => {
 	optional => 1,
@@ -6734,7 +6734,7 @@ sub generate_cloudinit_userdata {
     $content .= "  - ifdown -a\n";
     $content .= "  - ifup -a\n";
 
-    my $keys = $conf->{sshkey};
+    my $keys = $conf->{sshkeys};
     if ($keys) {
 	$keys = URI::Escape::uri_unescape($keys);
 	$keys = [map { chomp $_; $_ } split(/\n/, $keys)];
-- 
2.11.0

More information about the pve-devel mailing list