Allow connections based on authorized_keys file.

[juniorz]

When run with option -a /path/to/authorized_keys, tmate-slave will only authenticate public keys present in the file /path/to/authorized_keys.

The expected format is the same as specified in sshd(8) manpage, section "AUTHORIZED_KEYS FILE FORMAT".

See: tmate-io/tmate-slave#37

[nviennot]

Thank you very much for the pull request. I've added some comments :) :)

[juniorz]

Thanks. I cant see the comments on Github yet. Do you mind to add a link to them?

[nviennot]

http://viennot.com/tmate-slave-pr-38.jpg

[juniorz]

Oh, you used the review feature. You may need to submit the review (https://help.github.com/articles/reviewing-proposed-changes-in-a-pull-request/), if you want me to address the issues you mentioned. I really cant see the comments (and I'm not notified of any change in the review request).

[juniorz]

Please review latest changes. Thank you.

[nviennot]

ohh I wasn't familiar with the review thingy. I've now submitted the review.

1. Can you get into an infinite loop if fgets() fails, return null, but feof() doesn't return null? Shouldn't we just break if fgets() return null? Actually, wouldn't it better to put fgets() in the while condition instead of feof()?
2. Let's use strtok instead of using our own parsing, it seems error prone
3. don't even store the authorized_keys in the client struct, just read tmate_settings->authorized_keys exactly when you need it (In the client auth callback)
4. 0x4000 is good, thank you :))

[juniorz]

@nviennot I guess everything was addressed on dd81f13. Thank you.

[varac]

@nviennot Any updates on this ? Looking forward for this feature!

[juniorz]

@nviennot Let me know if anything else needs to be changed.

[nviennot]

I'll get back to you tonight

[nviennot]

It was all good! Thank you ❤️ ❤️