mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
241 Commits
17 Branches
Tree: e656609b0d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e656609b0d'
${ noResults }
gitea/models/publickey.go

publickey.go 4.8KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models

  6. 

  7. import (

  8. 	"bufio"

  9. 	"errors"

  10. 	"fmt"

  11. 	"io"

  12. 	"io/ioutil"

  13. 	"os"

  14. 	"os/exec"

  15. 	"path"

  16. 	"path/filepath"

  17. 	"strings"

  18. 	"sync"

  19. 	"time"

  20. 

  21. 	"github.com/Unknwon/com"

  22. )

  23. 

  24. const (

  25. 	// "### autogenerated by gitgos, DO NOT EDIT\n"

  26. 	TPL_PUBLICK_KEY = `command="%s serv key-%d",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty %s`

  27. )

  28. 

  29. var (

  30. 	sshOpLocker = sync.Mutex{}

  31. 

  32. 	sshPath string

  33. 	appPath string

  34. )

  35. 

  36. // exePath returns the executable path.

  37. func exePath() (string, error) {

  38. 	file, err := exec.LookPath(os.Args[0])

  39. 	if err != nil {

  40. 		return "", err

  41. 	}

  42. 	return filepath.Abs(file)

  43. }

  44. 

  45. // homeDir returns the home directory of current user.

  46. func homeDir() string {

  47. 	home, err := com.HomeDir()

  48. 	if err != nil {

  49. 		return "/"

  50. 	}

  51. 	return home

  52. }

  53. 

  54. func init() {

  55. 	var err error

  56. 

  57. 	appPath, err = exePath()

  58. 	if err != nil {

  59. 		fmt.Printf("publickey.init(fail to get app path): %v\n", err)

  60. 		os.Exit(2)

  61. 	}

  62. 

  63. 	// Determine and create .ssh path.

  64. 	sshPath = filepath.Join(homeDir(), ".ssh")

  65. 	if err = os.MkdirAll(sshPath, os.ModePerm); err != nil {

  66. 		fmt.Printf("publickey.init(fail to create sshPath(%s)): %v\n", sshPath, err)

  67. 		os.Exit(2)

  68. 	}

  69. }

  70. 

  71. // PublicKey represents a SSH key of user.

  72. type PublicKey struct {

  73. 	Id          int64

  74. 	OwnerId     int64  `xorm:"index"`

  75. 	Name        string `xorm:"unique not null"`

  76. 	Fingerprint string

  77. 	Content     string    `xorm:"text not null"`

  78. 	Created     time.Time `xorm:"created"`

  79. 	Updated     time.Time `xorm:"updated"`

  80. }

  81. 

  82. var (

  83. 	ErrKeyAlreadyExist = errors.New("Public key already exist")

  84. )

  85. 

  86. // GenAuthorizedKey returns formatted public key string.

  87. func GenAuthorizedKey(keyId int64, key string) string {

  88. 	return fmt.Sprintf(TPL_PUBLICK_KEY+"\n", appPath, keyId, key)

  89. }

  90. 

  91. // AddPublicKey adds new public key to database and SSH key file.

  92. func AddPublicKey(key *PublicKey) (err error) {

  93. 	// Check if public key name has been used.

  94. 	has, err := orm.Get(key)

  95. 	if err != nil {

  96. 		return err

  97. 	} else if has {

  98. 		return ErrKeyAlreadyExist

  99. 	}

  100. 

  101. 	// Calculate fingerprint.

  102. 	tmpPath := filepath.Join(os.TempDir(), fmt.Sprintf("%d", time.Now().Nanosecond()),

  103. 		"id_rsa.pub")

  104. 	os.MkdirAll(path.Dir(tmpPath), os.ModePerm)

  105. 	if err = ioutil.WriteFile(tmpPath, []byte(key.Content), os.ModePerm); err != nil {

  106. 		return err

  107. 	}

  108. 	stdout, _, err := com.ExecCmd("ssh-keygen", "-l", "-f", tmpPath)

  109. 	if err != nil {

  110. 		return err

  111. 	} else if len(stdout) < 2 {

  112. 		return errors.New("Not enough output for calculating fingerprint")

  113. 	}

  114. 	key.Fingerprint = strings.Split(stdout, " ")[1]

  115. 

  116. 	// Save SSH key.

  117. 	if _, err = orm.Insert(key); err != nil {

  118. 		return err

  119. 	}

  120. 	if err = SaveAuthorizedKeyFile(key); err != nil {

  121. 		if _, err2 := orm.Delete(key); err2 != nil {

  122. 			return err2

  123. 		}

  124. 		return err

  125. 	}

  126. 

  127. 	return nil

  128. }

  129. 

  130. // DeletePublicKey deletes SSH key information both in database and authorized_keys file.

  131. func DeletePublicKey(key *PublicKey) (err error) {

  132. 	// Delete SSH key in database.

  133. 	has, err := orm.Id(key.Id).Get(key)

  134. 	if err != nil {

  135. 		return err

  136. 	} else if !has {

  137. 		return errors.New("Public key does not exist")

  138. 	}

  139. 	if _, err = orm.Delete(key); err != nil {

  140. 		return err

  141. 	}

  142. 

  143. 	// Delete SSH key in SSH key file.

  144. 	sshOpLocker.Lock()

  145. 	defer sshOpLocker.Unlock()

  146. 

  147. 	p := filepath.Join(sshPath, "authorized_keys")

  148. 	tmpP := filepath.Join(sshPath, "authorized_keys.tmp")

  149. 	fr, err := os.Open(p)

  150. 	if err != nil {

  151. 		return err

  152. 	}

  153. 	defer fr.Close()

  154. 

  155. 	fw, err := os.Create(tmpP)

  156. 	if err != nil {

  157. 		return err

  158. 	}

  159. 	defer fw.Close()

  160. 

  161. 	buf := bufio.NewReader(fr)

  162. 	for {

  163. 		line, errRead := buf.ReadString('\n')

  164. 		line = strings.TrimSpace(line)

  165. 

  166. 		if errRead != nil {

  167. 			if errRead != io.EOF {

  168. 				return errRead

  169. 			}

  170. 

  171. 			// Reached end of file, if nothing to read then break,

  172. 			// otherwise handle the last line.

  173. 			if len(line) == 0 {

  174. 				break

  175. 			}

  176. 		}

  177. 

  178. 		// Found the line and copy rest of file.

  179. 		if strings.Contains(line, fmt.Sprintf("key-%d", key.Id)) && strings.Contains(line, key.Content) {

  180. 			continue

  181. 		}

  182. 		// Still finding the line, copy the line that currently read.

  183. 		if _, err = fw.WriteString(line + "\n"); err != nil {

  184. 			return err

  185. 		}

  186. 

  187. 		if errRead == io.EOF {

  188. 			break

  189. 		}

  190. 	}

  191. 

  192. 	if err = os.Remove(p); err != nil {

  193. 		return err

  194. 	}

  195. 	return os.Rename(tmpP, p)

  196. }

  197. 

  198. // ListPublicKey returns a list of public keys that user has.

  199. func ListPublicKey(userId int64) ([]PublicKey, error) {

  200. 	keys := make([]PublicKey, 0)

  201. 	err := orm.Find(&keys, &PublicKey{OwnerId: userId})

  202. 	return keys, err

  203. }

  204. 

  205. // SaveAuthorizedKeyFile writes SSH key content to SSH key file.

  206. func SaveAuthorizedKeyFile(key *PublicKey) error {

  207. 	sshOpLocker.Lock()

  208. 	defer sshOpLocker.Unlock()

  209. 

  210. 	p := filepath.Join(sshPath, "authorized_keys")

  211. 	f, err := os.OpenFile(p, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0600)

  212. 	if err != nil {

  213. 		return err

  214. 	}

  215. 	defer f.Close()

  216. 

  217. 	_, err = f.WriteString(GenAuthorizedKey(key.Id, key.Content))

  218. 	return err

  219. }