aboutsummaryrefslogtreecommitdiffstats
path: root/models/user.go
diff options
context:
space:
mode:
Diffstat (limited to 'models/user.go')
-rw-r--r--models/user.go30
1 files changed, 22 insertions, 8 deletions
diff --git a/models/user.go b/models/user.go
index e2b2593006..4bf9e196a0 100644
--- a/models/user.go
+++ b/models/user.go
@@ -1589,20 +1589,34 @@ func deleteKeysMarkedForDeletion(keys []string) (bool, error) {
func addLdapSSHPublicKeys(usr *User, s *LoginSource, sshPublicKeys []string) bool {
var sshKeysNeedUpdate bool
for _, sshKey := range sshPublicKeys {
- _, _, _, _, err := ssh.ParseAuthorizedKey([]byte(sshKey))
- if err == nil {
- sshKeyName := fmt.Sprintf("%s-%s", s.Name, sshKey[0:40])
- if _, err := AddPublicKey(usr.ID, sshKeyName, sshKey, s.ID); err != nil {
+ var err error
+ found := false
+ keys := []byte(sshKey)
+ loop:
+ for len(keys) > 0 && err == nil {
+ var out ssh.PublicKey
+ // We ignore options as they are not relevant to Gitea
+ out, _, _, keys, err = ssh.ParseAuthorizedKey(keys)
+ if err != nil {
+ break loop
+ }
+ found = true
+ marshalled := string(ssh.MarshalAuthorizedKey(out))
+ marshalled = marshalled[:len(marshalled)-1]
+ sshKeyName := fmt.Sprintf("%s-%s", s.Name, ssh.FingerprintSHA256(out))
+
+ if _, err := AddPublicKey(usr.ID, sshKeyName, marshalled, s.ID); err != nil {
if IsErrKeyAlreadyExist(err) {
- log.Trace("addLdapSSHPublicKeys[%s]: LDAP Public SSH Key %s already exists for user", s.Name, usr.Name)
+ log.Trace("addLdapSSHPublicKeys[%s]: LDAP Public SSH Key %s already exists for user", sshKeyName, usr.Name)
} else {
- log.Error("addLdapSSHPublicKeys[%s]: Error adding LDAP Public SSH Key for user %s: %v", s.Name, usr.Name, err)
+ log.Error("addLdapSSHPublicKeys[%s]: Error adding LDAP Public SSH Key for user %s: %v", sshKeyName, usr.Name, err)
}
} else {
- log.Trace("addLdapSSHPublicKeys[%s]: Added LDAP Public SSH Key for user %s", s.Name, usr.Name)
+ log.Trace("addLdapSSHPublicKeys[%s]: Added LDAP Public SSH Key for user %s", sshKeyName, usr.Name)
sshKeysNeedUpdate = true
}
- } else {
+ }
+ if !found && err != nil {
log.Warn("addLdapSSHPublicKeys[%s]: Skipping invalid LDAP Public SSH Key for user %s: %v", s.Name, usr.Name, sshKey)
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-08 17:25:06 +0000