Error on duplicate pub keys

connectedcars · Jul 27, 2020 · 8d02720 · 8d02720
1 parent 6c75a56
commit 8d02720
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/server/utils.go b/server/utils.go
@@ -37,6 +37,8 @@ func ParseAuthorizedKeys(lines []string, defaultLifetime time.Duration) ([]Allow
 
 	// http://man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE_FORMAT
 	// https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.certkeys
+
+	seenKeys := make(map[string]bool)
 	for i, line := range lines {
 		if strings.HasPrefix(line, "#") {
 			continue
@@ -47,6 +49,13 @@ func ParseAuthorizedKeys(lines []string, defaultLifetime time.Duration) ([]Allow
 			return nil, fmt.Errorf("failed to parse line '%s': %v", line, err)
 		}
 
+		// Return error if there are duplicates
+		strPublicKey := string(ssh.MarshalAuthorizedKey(publicKey))
+		if seenKeys[strPublicKey] {
+			return nil, fmt.Errorf("public key is listed more than once '%s': %v", line, err)
+		}
+		seenKeys[strPublicKey] = true
+
 		key := AllowedKey{
 			Index:      i,
 			Key:        publicKey,