diff options
Diffstat (limited to 'lib/ssh/src/ssh_file.erl')
-rwxr-xr-x | lib/ssh/src/ssh_file.erl | 40 |
1 files changed, 30 insertions, 10 deletions
diff --git a/lib/ssh/src/ssh_file.erl b/lib/ssh/src/ssh_file.erl index 5572349fe7..ff23f714cd 100755 --- a/lib/ssh/src/ssh_file.erl +++ b/lib/ssh/src/ssh_file.erl @@ -27,14 +27,16 @@ -include("PKCS-1.hrl"). -include("DSS.hrl"). +-include_lib("kernel/include/file.hrl"). + -export([public_host_dsa_key/2,private_host_dsa_key/2, public_host_rsa_key/2,private_host_rsa_key/2, public_host_key/2,private_host_key/2, lookup_host_key/3, add_host_key/3, % del_host_key/2, lookup_user_key/3, ssh_dir/2, file_name/3]). --export([private_identity_key/2]). -%% , public_identity_key/2, +-export([private_identity_key/2, + public_identity_key/2]). %% identity_keys/2]). -export([encode_public_key/1, decode_public_key_v2/2]). @@ -43,6 +45,9 @@ -define(DBG_PATHS, true). +-define(PERM_700, 8#700). +-define(PERM_644, 8#644). + %% API public_host_dsa_key(Type, Opts) -> File = file_name(Type, "ssh_host_dsa_key.pub", Opts), @@ -113,8 +118,10 @@ do_lookup_host_key(Host, Alg, Opts) -> add_host_key(Host, Key, Opts) -> Host1 = add_ip(replace_localhost(Host)), - case file:open(file_name(user, "known_hosts", Opts),[write,append]) of + KnownHosts = file_name(user, "known_hosts", Opts), + case file:open(KnownHosts, [write,append]) of {ok, Fd} -> + ok = file:change_mode(KnownHosts, ?PERM_644), Res = add_key_fd(Fd, Host1, Key), file:close(Fd), Res; @@ -140,6 +147,11 @@ private_identity_key(Alg, Opts) -> Path = file_name(user, identity_key_filename(Alg), Opts), read_private_key_v2(Path, Alg). +public_identity_key(Alg, Opts) -> + Path = file_name(user, identity_key_filename(Alg) ++ ".pub", Opts), + read_public_key_v2(Path, Alg). + + read_public_key_v2(File, Type) -> case file:read_file(File) of {ok,Bin} -> @@ -198,12 +210,17 @@ read_public_key_v1(File) -> %% pem_type("ssh-rsa") -> "RSA". read_private_key_v2(File, Type) -> - case catch (public_key:pem_to_der(File)) of - {ok, [{_, Bin, not_encrypted}]} -> - decode_private_key_v2(Bin, Type); - Error -> %% Note we do not handle password encrypted keys at the moment - {error, Error} - end. + case file:read_file(File) of + {ok, PemBin} -> + case catch (public_key:pem_decode(PemBin)) of + [{_, Bin, not_encrypted}] -> + decode_private_key_v2(Bin, Type); + Error -> %% Note we do not handle password encrypted keys at the moment + {error, Error} + end; + {error, Reason} -> + {error, Reason} + end. %% case file:read_file(File) of %% {ok,Bin} -> %% case read_pem(binary_to_list(Bin), pem_type(Type)) of @@ -527,4 +544,7 @@ file_name(Type, Name, Opts) -> default_user_dir()-> {ok,[[Home|_]]} = init:get_argument(home), - filename:join(Home, ".ssh"). + UserDir = filename:join(Home, ".ssh"), + ok = filelib:ensure_dir(filename:join(UserDir, "dummy")), + ok = file:change_mode(UserDir, ?PERM_700), + UserDir. |