6 var SSHPubkeyDecoder
= L
.Class
.singleton({
7 lengthDecode: function(s
, off
)
9 var l
= (s
.charCodeAt(off
++) << 24) |
10 (s
.charCodeAt(off
++) << 16) |
11 (s
.charCodeAt(off
++) << 8) |
14 if (l
< 0 || (off
+ l
) > s
.length
)
22 var parts
= s
.trim().match(/^((?:(?:^|,)[^ =,]+(?:=(?:[^ ",]+|"(?:[^"\\]|\\.)*"))?)+ +)?(ssh-dss|ssh-rsa|ssh-ed25519|ecdsa-sha2-nistp[0-9]+) +([^ ]+)( +.*)?$/);
28 try { key
= atob(parts
[3]); } catch(e
) {}
35 len
= this.lengthDecode(key
, off
);
40 var type
= key
.substr(off
+ 4, len
);
41 if (type
!== parts
[2])
46 var len1
= off
< key
.length
? this.lengthDecode(key
, off
) : 0;
51 if (type
.indexOf('ecdsa-sha2-') === 0) {
52 curve
= key
.substr(off
+ 4, len1
);
54 if (!len1
|| type
.substr(11) !== curve
)
58 curve
= curve
.replace(/^nistp(\d+)$/, 'NIST P-$1');
63 var len2
= off
< key
.length
? this.lengthDecode(key
, off
) : 0;
73 var comment
= (parts
[4] || '').trim(),
74 fprint
= parts
[3].length
> 68 ? parts
[3].substr(0, 33) + '…' + parts
[3].substr(-34) : parts
[3];
77 (parts
[1] || '').trim().replace(/(?:^|,)([^ =,]+)(?:=(?:([^ ",]+)|"((?:[^"\\]|\\.)*)"))?/g, function(m
, k
, p
, q
) {
78 options
= options
|| {};
80 if (options
.hasOwnProperty(k
))
81 options
[k
] += ',' + (q
|| p
|| true);
83 options
[k
] = (q
|| p
|| true);
89 return { type
: 'RSA', bits
: len2
* 8, comment
: comment
, options
: options
, fprint
: fprint
, src
: s
};
92 return { type
: 'DSA', bits
: len1
* 8, comment
: comment
, options
: options
, fprint
: fprint
, src
: s
};
95 return { type
: 'ECDH', curve
: 'Curve25519', comment
: comment
, options
: options
, fprint
: fprint
, src
: s
};
98 return { type
: 'ECDSA', curve
: curve
, comment
: comment
, options
: options
, fprint
: fprint
, src
: s
};
106 function renderKeyItem(pubkey
) {
110 'data-key': pubkey
.src
112 E('strong', [ pubkey
.comment
|| _('Unnamed key') ]), E('br'),
114 '%s, %s'.format(pubkey
.type
, pubkey
.curve
|| _('%d Bit').format(pubkey
.bits
)),
115 pubkey
.options
? E([], [
116 ' / ', _('Options:'), ' ',
117 E('code', Object
.keys(pubkey
.options
).sort().join(', '))
119 E('br'), E('code', pubkey
.fprint
)
124 function renderKeys(keys
) {
125 var list
= document
.querySelector('.cbi-dynlist');
127 while (!matchesElem(list
.firstElementChild
, '.add-item'))
128 list
.removeChild(list
.firstElementChild
);
130 keys
.forEach(function(key
) {
131 var pubkey
= SSHPubkeyDecoder
.decode(key
);
133 list
.insertBefore(renderKeyItem(pubkey
), list
.lastElementChild
);
136 if (list
.firstElementChild
=== list
.lastElementChild
)
137 list
.insertBefore(E('p', _('No public keys present yet.')), list
.lastElementChild
);
140 function saveKeys(keys
) {
141 return fs
.write('/etc/dropbear/authorized_keys', keys
.join('\n') + '\n', 384 /* 0600 */)
142 .then(renderKeys
.bind(this, keys
))
143 .catch(function(e
) { ui
.addNotification(null, E('p', e
.message
)) })
144 .finally(ui
.hideModal
);
147 function addKey(ev
) {
148 var list
= findParent(ev
.target
, '.cbi-dynlist'),
149 input
= list
.querySelector('input[type="text"]'),
150 key
= input
.value
.trim(),
151 pubkey
= SSHPubkeyDecoder
.decode(key
),
157 list
.querySelectorAll('.item').forEach(function(item
) {
158 keys
.push(item
.getAttribute('data-key'));
161 if (keys
.indexOf(key
) !== -1) {
162 ui
.showModal(_('Add key'), [
163 E('div', { class: 'alert-message warning' }, _('The given SSH public key has already been added.')),
164 E('div', { class: 'right' }, E('div', { class: 'btn', click
: L
.hideModal
}, _('Close')))
168 ui
.showModal(_('Add key'), [
169 E('div', { class: 'alert-message warning' }, _('The given SSH public key is invalid. Please supply proper public RSA or ECDSA keys.')),
170 E('div', { class: 'right' }, E('div', { class: 'btn', click
: L
.hideModal
}, _('Close')))
177 return saveKeys(keys
).then(function() {
178 var added
= list
.querySelector('[data-key="%s"]'.format(key
.replace(/["\\]/g, '\\$&')));
180 added
.classList
.add('flash');
185 function removeKey(ev
) {
186 var list
= findParent(ev
.target
, '.cbi-dynlist'),
187 delkey
= ev
.target
.getAttribute('data-key'),
190 list
.querySelectorAll('.item').forEach(function(item
) {
191 var key
= item
.getAttribute('data-key');
196 L
.showModal(_('Delete key'), [
197 E('div', _('Do you really want to delete the following SSH key?')),
199 E('div', { class: 'right' }, [
200 E('div', { class: 'btn', click
: L
.hideModal
}, _('Cancel')),
202 E('div', { class: 'btn danger', click
: ui
.createHandlerFn(this, saveKeys
, keys
) }, _('Delete key')),
207 function dragKey(ev
) {
208 ev
.stopPropagation();
210 ev
.dataTransfer
.dropEffect
= 'copy';
213 function dropKey(ev
) {
214 var file
= ev
.dataTransfer
.files
[0],
215 input
= ev
.currentTarget
.querySelector('input[type="text"]'),
216 reader
= new FileReader();
219 reader
.onload = function(rev
) {
220 input
.value
= rev
.target
.result
.trim();
225 reader
.readAsText(file
);
228 ev
.stopPropagation();
232 function handleWindowDragDropIgnore(ev
) {
238 return fs
.lines('/etc/dropbear/authorized_keys').then(function(lines
) {
239 return lines
.map(function(line
) {
240 return SSHPubkeyDecoder
.decode(line
);
241 }).filter(function(line
) {
247 render: function(keys
) {
248 var list
= E('div', { 'class': 'cbi-dynlist', 'dragover': dragKey
, 'drop': dropKey
}, [
249 E('div', { 'class': 'add-item' }, [
251 'class': 'cbi-input-text',
253 'placeholder': _('Paste or drag SSH key file…') ,
254 'keydown': function(ev
) { if (ev
.keyCode
=== 13) addKey(ev
) }
257 'class': 'cbi-button',
258 'click': ui
.createHandlerFn(this, addKey
)
263 keys
.forEach(L
.bind(function(pubkey
) {
264 list
.insertBefore(renderKeyItem(pubkey
), list
.lastElementChild
);
267 if (list
.firstElementChild
=== list
.lastElementChild
)
268 list
.insertBefore(E('p', _('No public keys present yet.')), list
.lastElementChild
);
270 window
.addEventListener('dragover', handleWindowDragDropIgnore
);
271 window
.addEventListener('drop', handleWindowDragDropIgnore
);
273 return E('div', {}, [
274 E('h2', _('SSH-Keys')),
275 E('div', { 'class': 'cbi-section-descr' }, _('Public keys allow for the passwordless SSH logins with a higher security compared to the use of plain passwords. In order to upload a new key to the device, paste an OpenSSH compatible public key line or drag a <code>.pub</code> file into the input field.')),
276 E('div', { 'class': 'cbi-section-node' }, list
)
280 handleSaveApply
: null,