From cb9bf00da4221cbcd3b055eb6e5f459d2738a03c Mon Sep 17 00:00:00 2001
From: Mercier Pierre-Olivier <nemunaire@acu.epita.fr>
Date: Sun, 12 Jan 2014 05:02:00 +0100
Subject: [PATCH] check_ssh_key: now check file content before type validity

---
 process/ldap/check_ssh_key.pl | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/process/ldap/check_ssh_key.pl b/process/ldap/check_ssh_key.pl
index 99584a1..4295e53 100644
--- a/process/ldap/check_ssh_key.pl
+++ b/process/ldap/check_ssh_key.pl
@@ -17,8 +17,16 @@ use ACU::Log;
 sub check_key($)
 {
     my $filename = shift;
+
+    # Check file content format
+    open my $fh, "<", $filename;
+    my $fcnt = <$fh>;
+    close $fh;
+    chomp($fcnt);
+
     # Call ssh-keygen
-    if (`ssh-keygen -l -f $filename 2> /dev/null` =~ /^([0-9]+) +[0-9a-f:]+ +.+ +\(([A-Z]+)\)$/)
+    if ($fcnt =~ /^(ssh|ecdsa)-[a-z0-9-]+ [a-zA-Z0-9+=\/]+( .*)?$/ &&
+	`ssh-keygen -l -f $filename 2> /dev/null` =~ /^([0-9]+) +[0-9a-f:]+ +.+ +\(([A-Z]+)\)$/)
     {
 	log INFO, "Receive valid key: type $2, size $1";
 	if ($2 eq "RSA") {