From 79daf31058a6de8f3763366b586a99bb4b8e632e Mon Sep 17 00:00:00 2001
From: Dan Magnus Lindvall <magnus@dnmgns.com>
Date: Wed, 28 Jun 2017 03:35:35 +0200
Subject: Setting to disable authorized_keys backup (#1856)

* Add setting to disable authorized_keys backup when rewriting public keys

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Update default value to comply with documentation

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Use tmp-file instead of bak-file for saving manually added keys.

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Change casing

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Change casing and build bakpath with sprintf only

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Only close file once

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Do not modify calcFingerprint

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Fix casing

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Change style from disable to enable

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Change name, just SSH_BACKUP_AUTHORIZED_KEYS

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>

* Do not check for directory existence if backup is disabled

Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
---
 modules/setting/setting.go | 24 +++++++++++++-----------
 1 file changed, 13 insertions(+), 11 deletions(-)

(limited to 'modules')

diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index a51e0e7599..d07dce39a0 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -87,17 +87,18 @@ var (
 	EnablePprof          bool
 
 	SSH = struct {
-		Disabled            bool           `ini:"DISABLE_SSH"`
-		StartBuiltinServer  bool           `ini:"START_SSH_SERVER"`
-		Domain              string         `ini:"SSH_DOMAIN"`
-		Port                int            `ini:"SSH_PORT"`
-		ListenHost          string         `ini:"SSH_LISTEN_HOST"`
-		ListenPort          int            `ini:"SSH_LISTEN_PORT"`
-		RootPath            string         `ini:"SSH_ROOT_PATH"`
-		KeyTestPath         string         `ini:"SSH_KEY_TEST_PATH"`
-		KeygenPath          string         `ini:"SSH_KEYGEN_PATH"`
-		MinimumKeySizeCheck bool           `ini:"-"`
-		MinimumKeySizes     map[string]int `ini:"-"`
+		Disabled             bool           `ini:"DISABLE_SSH"`
+		StartBuiltinServer   bool           `ini:"START_SSH_SERVER"`
+		Domain               string         `ini:"SSH_DOMAIN"`
+		Port                 int            `ini:"SSH_PORT"`
+		ListenHost           string         `ini:"SSH_LISTEN_HOST"`
+		ListenPort           int            `ini:"SSH_LISTEN_PORT"`
+		RootPath             string         `ini:"SSH_ROOT_PATH"`
+		KeyTestPath          string         `ini:"SSH_KEY_TEST_PATH"`
+		KeygenPath           string         `ini:"SSH_KEYGEN_PATH"`
+		AuthorizedKeysBackup bool           `ini:"SSH_AUTHORIZED_KEYS_BACKUP"`
+		MinimumKeySizeCheck  bool           `ini:"-"`
+		MinimumKeySizes      map[string]int `ini:"-"`
 	}{
 		Disabled:           false,
 		StartBuiltinServer: false,
@@ -703,6 +704,7 @@ func NewContext() {
 			SSH.MinimumKeySizes[strings.ToLower(key.Name())] = key.MustInt()
 		}
 	}
+	SSH.AuthorizedKeysBackup = sec.Key("SSH_AUTHORIZED_KEYS_BACKUP").MustBool(true)
 
 	if err = Cfg.Section("server").MapTo(&LFS); err != nil {
 		log.Fatal(4, "Failed to map LFS settings: %v", err)
-- 
cgit v1.2.3