From 5d0d13c42acc36aaed4cb5b76d84bb7b86981489 Mon Sep 17 00:00:00 2001
From: Matthijs Abma <4146168+abmaonline@users.noreply.github.com>
Date: Sun, 1 Dec 2019 17:58:29 +0100
Subject: [PATCH] Add simple integrity check for authorized_keys file, in case
 you put something interesting in your BORG_SERVE_ARGS

---
 data/run.sh | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/data/run.sh b/data/run.sh
index 0e360bd..3ffd137 100755
--- a/data/run.sh
+++ b/data/run.sh
@@ -78,6 +78,13 @@ for keyfile in $(find "${SSH_KEY_DIR}/clients" ! -regex '.*/\..*' -a -type f); d
 	cat ${keyfile} >> ${AUTHORIZED_KEYS_PATH}
 done
 
+echo " * Validating structure of generated ${AUTHORIZED_KEYS_PATH}..."
+ERROR=$(ssh-keygen -lf ${AUTHORIZED_KEYS_PATH} 2>&1 >/dev/null)
+if [ $? -ne 0 ]; then
+    echo "ERROR: ${ERROR}"
+    exit 1
+fi
+
 chown -R borg:borg ${BORG_DATA_DIR}
 chown borg:borg ${AUTHORIZED_KEYS_PATH}
 chmod 600 ${AUTHORIZED_KEYS_PATH}