(#7114) Improve value validation for authorized_key

Whitespaces in any of the properties can lead to incorrect entries in
the authorized_keys file.

Reviewed-By: Nick Lewis
Reviewed-By: Josh Cooper

1 files changed, 12 insertions, 0 deletions

diff --git a/lib/puppet/type/ssh_authorized_key.rb b/lib/puppet/type/ssh_authorized_key.rb
index 8338e2d64..170dc8383 100644
--- a/lib/puppet/type/ssh_authorized_key.rb
+++ b/lib/puppet/type/ssh_authorized_key.rb
@@ -14,6 +14,10 @@ module Puppet
       system-wide primary key and therefore has to be unique."
 
       isnamevar
+
+      validate do |value|
+        raise Puppet::Error, "Resourcename must not contain whitespace: #{value}" if value =~ /\s/
+      end
     end
 
     newproperty(:type) do
@@ -28,6 +32,10 @@ module Puppet
 
     newproperty(:key) do
       desc "The key itself; generally a long string of hex digits."
+
+      validate do |value|
+        raise Puppet::Error, "Key must not contain whitespace: #{value}" if value =~ /\s/
+      end
     end
 
     newproperty(:user) do
@@ -82,6 +90,10 @@ module Puppet
           value.join(",")
         end
       end
+
+      validate do |value|
+        raise Puppet::Error, "Options must be provided as an array, not a comma separated list" if value != :absent and value.include?(',')
+      end
     end
 
     autorequire(:user) do