From 22ad514297b1958f93913aacbb88b81a94113a1e Mon Sep 17 00:00:00 2001 From: Jerry Jacobs Date: Wed, 31 Oct 2018 01:08:30 +0100 Subject: [PATCH] Fix issue where ecdsa and other key types are not synced from LDAP (#5092) (#5094) * Fix issue where ecdsa and other key types are not synced from LDAP authentication provider fixes #5092 * integrations/auth_ldap_test.go: Add Hermes Conrad new ecdsa-sha2-nistp256 publickey fingerprint * integrations/auth_ldap_test.go: Use ssh-keygen -lf -E sha256 --- integrations/auth_ldap_test.go | 1 + models/user.go | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/integrations/auth_ldap_test.go b/integrations/auth_ldap_test.go index f31f598fa..52fe0fd73 100644 --- a/integrations/auth_ldap_test.go +++ b/integrations/auth_ldap_test.go @@ -43,6 +43,7 @@ var gitLDAPUsers = []ldapUser{ SSHKeys: []string{ "SHA256:qLY06smKfHoW/92yXySpnxFR10QFrLdRjf/GNPvwcW8", "SHA256:QlVTuM5OssDatqidn2ffY+Lc4YA5Fs78U+0KOHI51jQ", + "SHA256:DXdeUKYOJCSSmClZuwrb60hUq7367j4fA+udNC3FdRI", }, IsAdmin: true, }, diff --git a/models/user.go b/models/user.go index 32e7dda2c..9469d6e79 100644 --- a/models/user.go +++ b/models/user.go @@ -29,6 +29,7 @@ import ( "github.com/go-xorm/xorm" "github.com/nfnt/resize" "golang.org/x/crypto/pbkdf2" + "golang.org/x/crypto/ssh" "code.gitea.io/git" api "code.gitea.io/sdk/gitea" @@ -1454,7 +1455,8 @@ func deleteKeysMarkedForDeletion(keys []string) (bool, error) { func addLdapSSHPublicKeys(s *LoginSource, usr *User, SSHPublicKeys []string) bool { var sshKeysNeedUpdate bool for _, sshKey := range SSHPublicKeys { - if strings.HasPrefix(strings.ToLower(sshKey), "ssh") { + _, _, _, _, err := ssh.ParseAuthorizedKey([]byte(sshKey)) + if err == nil { sshKeyName := fmt.Sprintf("%s-%s", s.Name, sshKey[0:40]) if _, err := AddPublicKey(usr.ID, sshKeyName, sshKey, s.ID); err != nil { log.Error(4, "addLdapSSHPublicKeys[%s]: Error adding LDAP Public SSH Key for user %s: %v", s.Name, usr.Name, err)