]> source.dussan.org Git - gitea.git/commitdiff
projects / gitea.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b686bd0)
Fix issue where ecdsa and other key types are not synced from LDAP (#5092) (#5094)
authorJerry Jacobs <xor-gate@users.noreply.github.com>
Wed, 31 Oct 2018 00:08:30 +0000 (01:08 +0100)
committertechknowlogick <hello@techknowlogick.com>
Wed, 31 Oct 2018 00:08:30 +0000 (20:08 -0400)
* Fix issue where ecdsa and other key types are not synced from LDAP authentication provider fixes #5092

* integrations/auth_ldap_test.go: Add Hermes Conrad new ecdsa-sha2-nistp256 publickey fingerprint

* integrations/auth_ldap_test.go: Use ssh-keygen -lf <filename> -E sha256

integrations/auth_ldap_test.go patch | blob | history
models/user.go patch | blob | history

diff --git a/integrations/auth_ldap_test.go b/integrations/auth_ldap_test.go
index f31f598fa463e60f9d66395d1aab31433f82ece0..52fe0fd73f7517a4486475c6e8b26085c6b4656f 100644 (file)
--- a/integrations/auth_ldap_test.go
+++ b/integrations/auth_ldap_test.go
@@ -43,6 +43,7 @@ var gitLDAPUsers = []ldapUser{
                SSHKeys: []string{
                        "SHA256:qLY06smKfHoW/92yXySpnxFR10QFrLdRjf/GNPvwcW8",
                        "SHA256:QlVTuM5OssDatqidn2ffY+Lc4YA5Fs78U+0KOHI51jQ",
+                       "SHA256:DXdeUKYOJCSSmClZuwrb60hUq7367j4fA+udNC3FdRI",
                },
                IsAdmin: true,
        },
diff --git a/models/user.go b/models/user.go
index 32e7dda2cb3d2a0ad69d8ec680242b50b74ff5f7..9469d6e793d3c85533c72d7b989b3d411f3905a7 100644 (file)
--- a/models/user.go
+++ b/models/user.go
@@ -29,6 +29,7 @@ import (
        "github.com/go-xorm/xorm"
        "github.com/nfnt/resize"
        "golang.org/x/crypto/pbkdf2"
+       "golang.org/x/crypto/ssh"
 
        "code.gitea.io/git"
        api "code.gitea.io/sdk/gitea"
@@ -1454,7 +1455,8 @@ func deleteKeysMarkedForDeletion(keys []string) (bool, error) {
 func addLdapSSHPublicKeys(s *LoginSource, usr *User, SSHPublicKeys []string) bool {
        var sshKeysNeedUpdate bool
        for _, sshKey := range SSHPublicKeys {
-               if strings.HasPrefix(strings.ToLower(sshKey), "ssh") {
+               _, _, _, _, err := ssh.ParseAuthorizedKey([]byte(sshKey))
+               if err == nil {
                        sshKeyName := fmt.Sprintf("%s-%s", s.Name, sshKey[0:40])
                        if _, err := AddPublicKey(usr.ID, sshKeyName, sshKey, s.ID); err != nil {
                                log.Error(4, "addLdapSSHPublicKeys[%s]: Error adding LDAP Public SSH Key for user %s: %v", s.Name, usr.Name, err)
Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD: https://github.com/go-gitea/gitea