Added extra protections against sshd_config errors.

This commit is contained in:
GRMrGecko 2020-07-11 11:01:21 -05:00
parent 166a2285aa
commit b85850b5a5

View File

@ -169,6 +169,12 @@ func sign(c *cli.Context) error {
// We pull the configuration name. // We pull the configuration name.
conf := line[:i] conf := line[:i]
// If we find a Match configuration, we want to stop here as anything below this line is specific to the match.
if conf == "Match" {
lastReadLine = line
break
}
// If we found the host keys already, we check to see if this line is another host key or host certificate. // If we found the host keys already, we check to see if this line is another host key or host certificate.
// If it is not, we are done reading at this point and we need to store the line for writing after we isnert our config. // If it is not, we are done reading at this point and we need to store the line for writing after we isnert our config.
if foundHostKeys && conf != "HostKey" && conf != "HostCertificate" { if foundHostKeys && conf != "HostKey" && conf != "HostCertificate" {
@ -240,8 +246,20 @@ func sign(c *cli.Context) error {
newConfig.WriteString(line) newConfig.WriteString(line)
} }
// We can finialize the new configuration file and replace the old one. // Check new configuration.
newConfig.Close() newConfig.Close()
fileinfo, err := os.Stat(sshdConfig + "_new")
if err != nil {
return err
}
// If new configuration is smaller than 256 bytes, something happened...
if fileinfo.Size() <= 256 {
os.Remove(sshdConfig + "_new")
return fmt.Errorf("File size of new ssd_config is too small.")
}
// We can now replace the old configuration with new modified configuration.
err = os.Rename(sshdConfig+"_new", sshdConfig) err = os.Rename(sshdConfig+"_new", sshdConfig)
if err != nil { if err != nil {
return err return err