Avoid out of bounds error by using strings.HasPrefix to check for
starting SSH2 text rather than assuming user input has at least 31
characters.
Add tests for bad input as well.
Fixes#8800
* Ensure .ssh dir exists before rewriting public keys
* Ensure .ssh dir exists before appending to authorized_keys
* Log the error because it would be useful to know where it is trying to MkdirAll
* Only try to create RootPath if it's not empty
* display ui time with customize time location
* fix lint
* rename UILocation to DefaultUILocation
* move time related functions to modules/timeutil
* fix tests
* fix tests
* fix build
* fix swagger
* Strip newlines from SSH keys before adding them
Fixes: https://github.com/go-gitea/gitea/issues/7500
* add test for CheckPublicKeyString
* add one more test
* simplify test
* further simplify
* make fmt
* Use go method to calculate key fingerprint
* add gitea copyright
* use native go method only for built-in server
* refactor and add tests
* add gitea copyright
* Panic don't fatal on create new logger
Fixes#5854
Signed-off-by: Andrew Thornton <art27@cantab.net>
* partial broken
* Update the logging infrastrcture
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Reset the skip levels for Fatal and Error
Signed-off-by: Andrew Thornton <art27@cantab.net>
* broken ncsa
* More log.Error fixes
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove nal
* set log-levels to lowercase
* Make console_test test all levels
* switch to lowercased levels
* OK now working
* Fix vetting issues
* Fix lint
* Fix tests
* change default logging to match current gitea
* Improve log testing
Signed-off-by: Andrew Thornton <art27@cantab.net>
* reset error skip levels to 0
* Update documentation and access logger configuration
* Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE
* Fix broken level caching
* Refactor the router log
* Add Router logger
* Add colorizing options
* Adjust router colors
* Only create logger if they will be used
* update app.ini.sample
* rename Attribute ColorAttribute
* Change from white to green for function
* Set fatal/error levels
* Restore initial trace logger
* Fix Trace arguments in modules/auth/auth.go
* Properly handle XORMLogger
* Improve admin/config page
* fix fmt
* Add auto-compression of old logs
* Update error log levels
* Remove the unnecessary skip argument from Error, Fatal and Critical
* Add stacktrace support
* Fix tests
* Remove x/sync from vendors?
* Add stderr option to console logger
* Use filepath.ToSlash to protect against Windows in tests
* Remove prefixed underscores from names in colors.go
* Remove not implemented database logger
This was removed from Gogs on 4 Mar 2016 but left in the configuration
since then.
* Ensure that log paths are relative to ROOT_PATH
* use path.Join
* rename jsonConfig to logConfig
* Rename "config" to "jsonConfig" to make it clearer
* Requested changes
* Requested changes: XormLogger
* Try to color the windows terminal
If successful default to colorizing the console logs
* fixup
* Colorize initially too
* update vendor
* Colorize logs on default and remove if this is not a colorizing logger
* Fix documentation
* fix test
* Use go-isatty to detect if on windows we are on msys or cygwin
* Fix spelling mistake
* Add missing vendors
* More changes
* Rationalise the ANSI writer protection
* Adjust colors on advice from @0x5c
* Make Flags a comma separated list
* Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING
* Ensure matching is done on the non-colored message - to simpify EXPRESSION
1. A key can either be an ssh user key or a deploy key. It cannot be both.
2. If a key is a user key - it can only be associated with one user.
3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different.
4. If a repository is deleted, its deploy keys must be deleted too.
We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints:
- [x] You should not be able to add the same user key as another user
- [x] You should not be able to add a ssh user key which is being used as a deploy key
- [x] You should not be able to add a ssh deploy key which is being used as a user key
- [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode.
- [x] If you delete a repository you must delete all its deploy keys.
Fix#1357
* Add private information to the deploy keys api
This commit adds more information to the deploy keys to allow for back
reference in to the main keys list. It also adds information about the
repository that the key is referring to.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add private information to the user keys API
This adjusts the keys API to give out private information to user keys if
the current user is the owner or an admin.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add ability to search keys by fingerprint
This commit adds the functionality to search ssh-keys by fingerprint of
the ssh-key. Deploy keys per repository can also be searched. There is
no current clear API point to allow search of all deploy keys by
fingerprint or keyID.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add integration test
* Add LDAP Key Synchronization feature
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Add migration: add login source id column for public_key table
* Only update keys if needed
* Add function to only list pubkey synchronized from ldap
* Only list pub ssh keys synchronized from ldap. Do not sort strings as ExistsInSlice does it.
* Only get keys belonging to current login source id
* Set default login source id to 0
* Some minor cleanup. Add integration tests (updete dep testify)
* test: integration add git cli tests
Extracted form for easing review process and debug #3152
* test: integration add git cli big file commit
* fix: Don't rewrite key if internal server
* refactor struct's time to remove unnecessary memory usage
* use AsTimePtr simple code
* fix tests
* fix time compare
* fix template on gpg
* use AddDuration instead of Add
* Delete a user's public key via admin api
* Test admin ssh endpoint for creating a new ssh key
* Adapt public ssh key test to also test the delete operation
* Test that deleting a missing key will result in a 404
* Test that a normal user can't delete another user's ssh key
* Make DeletePublicKey return err
* Update swagger doc
* cleanup old comments for ed25519
These comments were added when x/crypto/ed25519 could not yet handle
ed25519. It does now, so it should be removed.
Also the key type is now replaced with the proper constant.
* move the minimum key size config before the check
This moves the actual config lookup before any check is done. This
avoids problems with calling to ssh-keygen which doesn't support the
expected output format and returning an error, when the check is disabled.
* use created & updated instead BeforeInsert & BeforeUpdate
* fix vendor checksum
* only show generated SQL when development mode
* remove extra update column updated_unix
* remove trace config
* Add setting to disable authorized_keys backup when rewriting public keys
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Update default value to comply with documentation
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Use tmp-file instead of bak-file for saving manually added keys.
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Change casing
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Change casing and build bakpath with sprintf only
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Only close file once
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Do not modify calcFingerprint
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Fix casing
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Change style from disable to enable
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Change name, just SSH_BACKUP_AUTHORIZED_KEYS
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Do not check for directory existence if backup is disabled
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Delete public key tmp file after calculating fingerprint
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Move line
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Remove defer statement
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Readd defer statement and move remove
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* Delete space
Signed-off-by: Magnus Lindvall <magnus@dnmgns.com>
* add internal routes for ssh hook comands
* fix lint
* add comment on why package named private not internal but the route name is internal
* add comment above package private why package named private not internal but the route name is internal
* remove exp time on internal access
* move routes from /internal to /api/internal
* add comment and defer on UpdatePublicKeyUpdated
This change corrects a few logging issues:
* Standardized formatting errors with '%v'.
* Standardized failure warning word usage.
* Corrected an instance of using the standard log library when
the gitea log library should be used instead.
