From ea69ec6f0feb357b82dc2572f88184db507e383b Mon Sep 17 00:00:00 2001
From: zeripath <art27@cantab.net>
Date: Fri, 9 Oct 2020 07:52:57 +0100
Subject: Disable DSA ssh keys by default (#13056)

* Disable DSA ssh keys by default

OpenSSH has disabled DSA keys since version 7.0

As the docker runs openssh > v7.0 we should just disable
DSA keys by default.

Refers to #11417

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Just disable DSA keys by default

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Appears we need to set the minimum key sizes too

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Appears we need to set the minimum key sizes too

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove DSA type

* Fix Tests

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
---
 models/ssh_key_test.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'models')

diff --git a/models/ssh_key_test.go b/models/ssh_key_test.go
index 95cd4eeb1a..282c26e736 100644
--- a/models/ssh_key_test.go
+++ b/models/ssh_key_test.go
@@ -57,6 +57,8 @@ func Test_SSHParsePublicKey(t *testing.T) {
 }
 
 func Test_CheckPublicKeyString(t *testing.T) {
+	oldValue := setting.SSH.MinimumKeySizeCheck
+	setting.SSH.MinimumKeySizeCheck = false
 	for _, test := range []struct {
 		content string
 	}{
@@ -131,7 +133,7 @@ AAAAC3NzaC1lZDI1NTE5AAAAICV0MGX/W9IvLA4FXpIuUcdDcbj5KX4syHgsTy7soVgf
 		_, err := CheckPublicKeyString(test.content)
 		assert.NoError(t, err)
 	}
-
+	setting.SSH.MinimumKeySizeCheck = oldValue
 	for _, invalidKeys := range []struct {
 		content string
 	}{
-- 
cgit v1.2.3