From 42476f0f65550d71ab668360a799eecdfcb23bc2 Mon Sep 17 00:00:00 2001
From: Fiona Ebner <f.ebner@proxmox.com>
Date: Thu, 8 Feb 2024 10:45:39 +0100
Subject: [PATCH] api: user: add pattern for user keys option

While nowadays, most entries should be just 'x', there can also still
be legacy entries with 'x!u2f', 'x!yubico' and base32 encoded secrets.
For example, some users might be syncing them from LDAP.

Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
(cherry picked from commit 2dabf3c3ae387b571a33b38e6960a89af495ff40)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
 src/PVE/API2/User.pm | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/PVE/API2/User.pm b/src/PVE/API2/User.pm
index ed4cb70..bf74124 100644
--- a/src/PVE/API2/User.pm
+++ b/src/PVE/API2/User.pm
@@ -36,6 +36,7 @@ register_standard_option('user-comment', { type => 'string', optional => 1 });
 register_standard_option('user-keys', {
     description => "Keys for two factor auth (yubico).",
     type => 'string',
+    pattern => '[0-9a-zA-Z!=]{0,4096}',
     optional => 1,
 });
 register_standard_option('group-list', {