New process check_ssh_key

2013-09-03 15:10:42 +02:00 · 2013-09-03 15:10:42 +02:00 · 87a728b634
commit 87a728b634
parent 49a1c9a8b9
1 changed files with 50 additions and 0 deletions
--- a/process/ldap/check_ssh_key.pl
+++ b/process/ldap/check_ssh_key.pl
@ -0,0 +1,50 @@
+#! /usr/bin/env perl
+
+use v5.10.1;
+use strict;
+use warnings;
+use File::Temp qw/ tempfile /;
+use Pod::Usage;
+
+BEGIN {
+    push @INC, "../../";
+}
+
+use ACU::Process;
+use ACU::API::Base;
+
+sub process
+{
+    my ($given_args, $args) = @_;
+
+    my ($fh, $filename) = tempfile();
+    # Write key to file
+    print $fh $args->{param}{key};
+
+    # Call ssh-keygen
+    if (`ssh-keygen -l -f $filename 2> /dev/null` =~ /^([0-9]+) [0-9a-f:]+ [a-zA-Z0-9\/_-]+ \(([A-Z]+)\)$/)
+    {
+	if ($2 eq "RSA") {
+	    if ($1 >= 4096) {
+		return API::Base::make_response("0", "Clef RSA valide.");
+	    }
+	    else {
+		return API::Base::make_response("2", "Clef RSA trop petite, utilisez ssh-keygen -t rsa -b 4096.");
+	    }
+	}
+	elsif ($2 eq "ECDSA") {
+	    return API::Base::make_response("0", "Clef ECDSA valide.");
+	}
+	elsif ($2 eq "DSA") {
+	    return API::Base::make_response("3", "Veuillez utiliser ssh-keygen -t rsa ou ssh-keygen -t ecdsa");
+	}
+    }
+    else {
+	return API::Base::make_response("4", "Veuillez utiliser ssh-keygen -t rsa ou ssh-keygen -t ecdsa");
+    }
+
+    close $fh;
+    unlink $filename;
+}
+
+Process::register("check_ssh_key", \&process);