[pve-devel] [PATCH 17/20] cloudinit: limit sshkey to 1024 bytes

Alexandre Derumier aderumier at odiso.com
Sun Jun 18 15:03:23 CEST 2017


From: Wolfgang Bumiller <w.bumiller at proxmox.com>

Also allowing multiple keys since with some key types and
lengths 1024 would fit quite a number of them...

Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
 PVE/QemuServer.pm | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index bb93c12..2ac98ba 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -521,7 +521,8 @@ my $confdesc_cloudinit = {
     },
     sshkey => {
 	optional => 1,
-	type => 'string',
+	type => 'string', format => 'urlencoded',
+	maxLength => 1024,
 	description => "cloud-init: ssh keys for root",
     },
     hostname => {
@@ -6733,12 +6734,19 @@ sub generate_cloudinit_userdata {
     $content .= "  - ifdown -a\n";
     $content .= "  - ifup -a\n";
 
-    if ($conf->{sshkey}) {
+    my $keys = $conf->{sshkey};
+    if ($keys) {
+	$keys = URI::Escape::uri_unescape($keys);
+	$keys = [map { chomp $_; $_ } split(/\n/, $keys)];
+	$keys = [grep { /\S/ } @$keys];
+
 	$content .= "users:\n";
 	$content .= "  - default\n";
 	$content .= "  - name: root\n";
 	$content .= "    ssh-authorized-keys:\n";
-	$content .= "      - $conf->{sshkey}\n";
+	foreach my $k (@$keys) {
+	    $content .= "      - $k\n";
+	}
     }
 
     $content .= "package_upgrade: true\n";
-- 
2.11.0




More information about the pve-devel mailing list