Browse Source

models/ssh_key: don't run ssh-keygen check if disabled (#4519)

* don't load key when key size should not be checked

This makes it possible for users with incompatible ssh-keygen versions
to just disable the check completely without running into errors.

* add proper ed25519 constant

The x/crypto/ssh library has support for ed25519 now, so it is possible
to support it.
pull/4527/head
Gibheer 8 years ago committed by 无闻
parent
commit
1a4ba4c390
  1. 12
      models/ssh_key.go

12
models/ssh_key.go

@ -23,9 +23,9 @@ import (
"golang.org/x/crypto/ssh" "golang.org/x/crypto/ssh"
log "gopkg.in/clog.v1" log "gopkg.in/clog.v1"
"github.com/gogits/gogs/pkg/tool"
"github.com/gogits/gogs/pkg/process" "github.com/gogits/gogs/pkg/process"
"github.com/gogits/gogs/pkg/setting" "github.com/gogits/gogs/pkg/setting"
"github.com/gogits/gogs/pkg/tool"
) )
const ( const (
@ -223,7 +223,6 @@ func SSHKeyGenParsePublicKey(key string) (string, int, error) {
} }
// SSHNativeParsePublicKey extracts the key type and length using the golang SSH library. // SSHNativeParsePublicKey extracts the key type and length using the golang SSH library.
// NOTE: ed25519 is not supported.
func SSHNativeParsePublicKey(keyLine string) (string, int, error) { func SSHNativeParsePublicKey(keyLine string) (string, int, error) {
fields := strings.Fields(keyLine) fields := strings.Fields(keyLine)
if len(fields) < 2 { if len(fields) < 2 {
@ -272,7 +271,7 @@ func SSHNativeParsePublicKey(keyLine string) (string, int, error) {
return "ecdsa", 384, nil return "ecdsa", 384, nil
case ssh.KeyAlgoECDSA521: case ssh.KeyAlgoECDSA521:
return "ecdsa", 521, nil return "ecdsa", 521, nil
case "ssh-ed25519": // TODO: replace with ssh constant when available case ssh.KeyAlgoED25519:
return "ed25519", 256, nil return "ed25519", 256, nil
} }
return "", 0, fmt.Errorf("unsupported key length detection for type: %s", pkey.Type()) return "", 0, fmt.Errorf("unsupported key length detection for type: %s", pkey.Type())
@ -298,6 +297,10 @@ func CheckPublicKeyString(content string) (_ string, err error) {
// remove any unnecessary whitespace now // remove any unnecessary whitespace now
content = strings.TrimSpace(content) content = strings.TrimSpace(content)
if !setting.SSH.MinimumKeySizeCheck {
return content, nil
}
var ( var (
fnName string fnName string
keyType string keyType string
@ -315,9 +318,6 @@ func CheckPublicKeyString(content string) (_ string, err error) {
} }
log.Trace("Key info [native: %v]: %s-%d", setting.SSH.StartBuiltinServer, keyType, length) log.Trace("Key info [native: %v]: %s-%d", setting.SSH.StartBuiltinServer, keyType, length)
if !setting.SSH.MinimumKeySizeCheck {
return content, nil
}
if minLen, found := setting.SSH.MinimumKeySizes[keyType]; found && length >= minLen { if minLen, found := setting.SSH.MinimumKeySizes[keyType]; found && length >= minLen {
return content, nil return content, nil
} else if found && length < minLen { } else if found && length < minLen {

Loading…
Cancel
Save