From 235213bd3b79af385e2cab5638623acd41a070e9 Mon Sep 17 00:00:00 2001
From: Brian Duffy <bmduffy@gmail.com>
Date: Fri, 16 Feb 2018 16:06:33 +0000
Subject: [PATCH] updated regex

---
 awx/main/tests/unit/test_validators.py | 13 +++++++++++--
 awx/main/validators.py                 |  4 ++--
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/awx/main/tests/unit/test_validators.py b/awx/main/tests/unit/test_validators.py
index 2221f241da..78c9f279cf 100644
--- a/awx/main/tests/unit/test_validators.py
+++ b/awx/main/tests/unit/test_validators.py
@@ -26,7 +26,7 @@ def test_invalid_keys():
         "-----BEGIN FOO-----foobar---END FOO----",
         "-----  BEGIN FOO  ----- foobar -----  FAIL FOO  ----",
         "-----  FAIL FOO ----- foobar -----  END FOO  ----",
-        "----BEGIN FOO----foobar----END FOO--------BEGIN FOO----foobar----END FOO----"
+        "----BEGIN FOO----foobar----END BAR----"
     ]
     for invalid_key in invalid_keys:
         with pytest.raises(ValidationError):
@@ -37,6 +37,16 @@ def test_invalid_keys():
             validate_ssh_private_key(invalid_key)
 
 
+def test_invalid_rsa_key():
+    invalid_key = TEST_SSH_KEY_DATA.replace('-----END', '----END')
+    with pytest.raises(ValidationError):
+        validate_private_key(invalid_key)
+    with pytest.raises(ValidationError):
+        validate_certificate(invalid_key)
+    with pytest.raises(ValidationError):
+        validate_ssh_private_key(invalid_key)
+
+
 def test_valid_catted_rsa_key():
     valid_key = TEST_CATTED_SSH_KEY_DATA
     pem_objects = validate_private_key(valid_key)
@@ -48,7 +58,6 @@ def test_valid_catted_rsa_key():
     assert pem_objects[0]['key_type'] == 'rsa'
     assert not pem_objects[0]['key_enc']
 
-
 def test_valid_rsa_key():
     valid_key = TEST_SSH_KEY_DATA
     pem_objects = validate_private_key(valid_key)
diff --git a/awx/main/validators.py b/awx/main/validators.py
index ad6fdb02fd..390a2f16e6 100644
--- a/awx/main/validators.py
+++ b/awx/main/validators.py
@@ -48,9 +48,9 @@ def validate_pem(data, min_keys=0, max_keys=None, min_certs=0, max_certs=None):
 
     # Build regular expressions for matching each object in the PEM file.
     pem_obj_re = re.compile(
-        r'^-{4,} *BEGIN (?P<type>[A-Z ]+?) *-{4,}' +
+        r'^(?P<dashes>-{4,}) *BEGIN (?P<type>[A-Z ]+?) *(?P=dashes)' +
         r'\s*(?P<data>.+?)\s*' +
-        r'-{4,} *END [A-Z ]+? *-{4,}' +
+        r'(?P=dashes) *END (?P=type) *(?P=dashes)' +
         r'(?P<next>.*?)$', re.DOTALL
     )
     pem_obj_header_re = re.compile(r'^(.+?):\s*?(.+?)(\\??)$')