In order to correctly set the ownership of the authorized_keys file, the function was using libc directly with some unsafe blocks. It's tricky to correctly use the C APIs and in this case, both getpwnam() and getgrnam() return NULL if a matching entry isn't found or if an error occurred. Since we weren't checking the return value this would result in a null pointer dereference.
nix provides safe APIs to retrieve the user and group ids so rather than implementing it ourselves, just use those. This also refactors the two separate APIs for creating the directory and writing the keys to a single call that handles it all.
This is extracted from #91 as it's not really related to the API design.
In order to correctly set the ownership of the authorized_keys file, the function was using libc directly with some unsafe blocks. It's tricky to correctly use the C APIs and in this case, both getpwnam() and getgrnam() return NULL if a matching entry isn't found or if an error occurred. Since we weren't checking the return value this would result in a null pointer dereference.
nix
provides safe APIs to retrieve the user and group ids so rather than implementing it ourselves, just use those. This also refactors the two separate APIs for creating the directory and writing the keys to a single call that handles it all.This is extracted from #91 as it's not really related to the API design.