From f65cc06675847f395075fa51e8cbaa5a43c59e25 Mon Sep 17 00:00:00 2001 From: Pierre-Yves Chibon Date: Feb 05 2019 15:53:49 +0000 Subject: Write the ssh key to disk rather than relying on /dev/stdin This is required to get the tests to pass in a container where /dev/stdin is not available inside the process running the tests. So rather than relying on /dev/stdin, we just write the key to disk in a temp folder that is cleaned up automatically once we're done checking if the ssh key is valid or not. Signed-off-by: Pierre-Yves Chibon --- diff --git a/pagure/lib/query.py b/pagure/lib/query.py index 80d94a9..69ded51 100644 --- a/pagure/lib/query.py +++ b/pagure/lib/query.py @@ -1,7 +1,7 @@ # -*- coding: utf-8 -*- """ - (c) 2014-2018 - Copyright Red Hat Inc + (c) 2014-2019 - Copyright Red Hat Inc Authors: Pierre-Yves Chibon @@ -30,6 +30,7 @@ import hashlib import logging import os import tempfile +import shutil import subprocess import uuid import markdown @@ -208,15 +209,19 @@ def is_valid_ssh_key(key, fp_hash="SHA256"): key = key.strip() if not key: return None - with tempfile.TemporaryFile() as f: - f.write(key.encode("utf-8")) - f.seek(0) - cmd = ["/usr/bin/ssh-keygen", "-l", "-f", "/dev/stdin", "-E", fp_hash] - proc = subprocess.Popen( - cmd, stdin=f, stdout=subprocess.PIPE, stderr=subprocess.PIPE - ) + tmpdirname = tempfile.mkdtemp() + filename = os.path.join(tmpdirname, "key") + with open(filename, "w") as stream: + stream.write(key) + cmd = ["/usr/bin/ssh-keygen", "-l", "-f", filename, "-E", fp_hash] + proc = subprocess.Popen( + cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE + ) stdout, stderr = proc.communicate() + shutil.rmtree(tmpdirname) if proc.returncode != 0: + _log.warning("STDOUT: %s", stdout) + _log.warning("STDERR: %s", stderr) return False stdout = stdout.decode("utf-8")