diff options
| author | Dan Magnus Lindvall <magnus@dnmgns.com> | 2017-06-28 03:35:35 +0200 |
|---|---|---|
| committer | Lunny Xiao <xiaolunwen@gmail.com> | 2017-06-28 09:35:35 +0800 |
| commit | 79daf31058a6de8f3763366b586a99bb4b8e632e (patch) | |
| tree | 9907118748f741c2c9c4bd852d6be8539834dc36 /models/ssh_key.go | |
| parent | a037cd81ff8fc1a1ed9a7efae6b2cd5bc4bedb86 (diff) | |
| download | gitea-79daf31058a6de8f3763366b586a99bb4b8e632e.tar.gz gitea-79daf31058a6de8f3763366b586a99bb4b8e632e.zip | |
Setting to disable authorized_keys backup (#1856)
* Add setting to disable authorized_keys backup when rewriting public keys
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Update default value to comply with documentation
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Use tmp-file instead of bak-file for saving manually added keys.
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Change casing
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Change casing and build bakpath with sprintf only
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Only close file once
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Do not modify calcFingerprint
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Fix casing
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Change style from disable to enable
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Change name, just SSH_BACKUP_AUTHORIZED_KEYS
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Do not check for directory existence if backup is disabled
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
Diffstat (limited to 'models/ssh_key.go')
| -rw-r--r-- | models/ssh_key.go | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/models/ssh_key.go b/models/ssh_key.go index 947b2dabfd..f70e16c62a 100644 --- a/models/ssh_key.go +++ b/models/ssh_key.go @@ -324,8 +324,8 @@ func appendAuthorizedKeysToFile(keys ...*PublicKey) error { sshOpLocker.Lock() defer sshOpLocker.Unlock() - fpath := filepath.Join(setting.SSH.RootPath, "authorized_keys") - f, err := os.OpenFile(fpath, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0600) + fPath := filepath.Join(setting.SSH.RootPath, "authorized_keys") + f, err := os.OpenFile(fPath, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0600) if err != nil { return err } @@ -558,53 +558,53 @@ func RewriteAllPublicKeys() error { sshOpLocker.Lock() defer sshOpLocker.Unlock() - fpath := filepath.Join(setting.SSH.RootPath, "authorized_keys") - tmpPath := fpath + ".tmp" - f, err := os.OpenFile(tmpPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600) + fPath := filepath.Join(setting.SSH.RootPath, "authorized_keys") + tmpPath := fPath + ".tmp" + t, err := os.OpenFile(tmpPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600) if err != nil { return err } defer func() { - f.Close() + t.Close() os.Remove(tmpPath) }() + if setting.SSH.AuthorizedKeysBackup && com.IsExist(fPath) { + bakPath := fmt.Sprintf("%s_%d.gitea_bak", fPath, time.Now().Unix()) + if err = com.Copy(fPath, bakPath); err != nil { + return err + } + } + err = x.Iterate(new(PublicKey), func(idx int, bean interface{}) (err error) { - _, err = f.WriteString((bean.(*PublicKey)).AuthorizedString()) + _, err = t.WriteString((bean.(*PublicKey)).AuthorizedString()) return err }) if err != nil { return err } - if com.IsExist(fpath) { - bakPath := fpath + fmt.Sprintf("_%d.gitea_bak", time.Now().Unix()) - if err = com.Copy(fpath, bakPath); err != nil { - return err - } - - p, err := os.Open(bakPath) + if com.IsExist(fPath) { + f, err := os.Open(fPath) if err != nil { return err } - defer p.Close() - - scanner := bufio.NewScanner(p) + scanner := bufio.NewScanner(f) for scanner.Scan() { line := scanner.Text() if strings.HasPrefix(line, tplCommentPrefix) { scanner.Scan() continue } - _, err = f.WriteString(line + "\n") + _, err = t.WriteString(line + "\n") if err != nil { return err } } + defer f.Close() } - f.Close() - if err = os.Rename(tmpPath, fpath); err != nil { + if err = os.Rename(tmpPath, fPath); err != nil { return err } |