wangwei
/
aiforge
Not watched
1
0
Fork 0
Code
Releases 128 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
1535 Commits
197 Branches
346 MB
573 Download
Tree: c1ceec45da
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c1ceec45da'
${ noResults }
aiforge/models/publickey.go

publickey.go 8.4 kB
Raw Normal View History

Fix delete SSH key in file
11 years ago
add publickey & access
11 years ago
Fix delete SSH key in file
11 years ago
Bug fix
11 years ago
add publickey & access
11 years ago
Finish issue design
11 years ago
Add postgres support, clean code, code review
11 years ago
add publickey & access
11 years ago
Bug fix
11 years ago
Add generate fingerprint of ssh key
11 years ago
add publickey & access
11 years ago
Fix mirror UI style and work on #475
11 years ago
Fix delete SSH key in file
11 years ago
add publickey & access
11 years ago
Update
11 years ago
Fix SSH key bug in windows
11 years ago
Basic process manager
11 years ago
add publickey & access
11 years ago
Add postgres support, clean code, code review
11 years ago
Finish issue design
11 years ago
Add postgres support, clean code, code review
11 years ago
add publickey & access
11 years ago
Basic admin data table, models changes
11 years ago
Improve delete SSH key
11 years ago
Basic admin data table, models changes
11 years ago
Add postgres support, clean code, code review
11 years ago
Basic admin data table, models changes
11 years ago
Add gogs fix location command
11 years ago
Improve delete SSH key
11 years ago
add publickey & access
11 years ago
Bug fix
11 years ago
Add postgres support, clean code, code review
11 years ago
add run user
11 years ago
Update
11 years ago
add run user
11 years ago
New UI merge in progress
11 years ago
add run user
11 years ago
Update
11 years ago
add run user
11 years ago
add publickey
11 years ago
Add postgres support, clean code, code review
11 years ago
Bug fix
11 years ago
New UI merge in progress
11 years ago
add publickey
11 years ago
New UI merge in progress
11 years ago
add run user
11 years ago
Add postgres support, clean code, code review
11 years ago
Add gogs fix location command
11 years ago
Make sure, .ssh directory and authorized_keys file are kept at correct permissions
11 years ago
New UI merge in progress
11 years ago
Add postgres support, clean code, code review
11 years ago
add publickey
11 years ago
Finish issue design
11 years ago
add publickey & access
11 years ago
New UI merge in progress
11 years ago
add publickey & access
11 years ago
Finish issue design
11 years ago
add publickey & access
11 years ago
New UI merge in progress
11 years ago
Finish issue design
11 years ago
Add gogs fix location command
11 years ago
Finish issue design
11 years ago
Moved defer f.Close() up so there is no chance of returning without closing and handled an error on f.Chmod
11 years ago
Make sure, .ssh directory and authorized_keys file are kept at correct permissions
11 years ago
Fix mirror UI style and work on #475
11 years ago
Moved defer f.Close() up so there is no chance of returning without closing and handled an error on f.Chmod
11 years ago
Make sure, .ssh directory and authorized_keys file are kept at correct permissions
11 years ago
Finish issue design
11 years ago
Add generate fingerprint of ssh key
11 years ago
Fix #165
11 years ago
Add check if public key name has been used
11 years ago
Add generate fingerprint of ssh key
11 years ago
Finish issue design
11 years ago
Fix SSH key bug in windows
11 years ago
Add generate fingerprint of ssh key
11 years ago
Add postgres support, clean code, code review
11 years ago
add publickey & access
11 years ago
Basic process manager
11 years ago
add publickey & access
11 years ago
Mirror fix on public key
11 years ago
Add generate fingerprint of ssh key
11 years ago
Fix #165
11 years ago
Add generate fingerprint of ssh key
11 years ago
Finish issue design
11 years ago
Fix #165
11 years ago
Add generate fingerprint of ssh key
11 years ago
add publickey & access
11 years ago
Finish new web hook pages
11 years ago
Finish issue design
11 years ago
New UI merge in progress
11 years ago
Fix #165
11 years ago
New UI merge in progress
11 years ago
Finish issue design
11 years ago
Improve delete SSH key
11 years ago
Fix SSH key bug in windows
11 years ago
Fix delete SSH key in file
11 years ago
Fix #252
11 years ago
Fix delete SSH key in file
11 years ago
Improve delete SSH key
11 years ago
Finish issue design
11 years ago
Fix delete SSH key in file
11 years ago
Finish issue design
11 years ago
Improve delete SSH key
11 years ago
Bug fix
11 years ago
Fix delete SSH key in file
11 years ago
Finish issue design
11 years ago
Fix delete SSH key in file
11 years ago
Improve delete SSH key
11 years ago
Finish issue design
11 years ago
Fix SSH key bug in windows
11 years ago
Fix delete SSH key in file
11 years ago
Finish new web hook pages
11 years ago
Fix SSH key bug in windows
11 years ago
Improve delete SSH key
11 years ago
Fix #165
11 years ago
Fix SSH key bug in windows
11 years ago
Improve delete SSH key
11 years ago
Fix SSH key bug in windows
11 years ago
Improve delete SSH key
11 years ago
Fix #165
11 years ago
Fix SSH key bug in windows
11 years ago
Add gogs fix location command
11 years ago
Finish issue design
11 years ago
Fix SSH key bug in windows
11 years ago
Finish issue design
11 years ago
Fix delete SSH key in file
11 years ago
Finish issue design
11 years ago
add publickey & access
11 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models

  6. 

  7. import (

  8. 	"bufio"

  9. 	"errors"

  10. 	"fmt"

  11. 	"io"

  12. 	"io/ioutil"

  13. 	"os"

  14. 	"os/exec"

  15. 	"path"

  16. 	"path/filepath"

  17. 	"runtime"

  18. 	"strings"

  19. 	"sync"

  20. 	"time"

  21. 

  22. 	"github.com/Unknwon/com"

  23. 

  24. 	"github.com/gogits/gogs/modules/log"

  25. 	"github.com/gogits/gogs/modules/process"

  26. )

  27. 

  28. const (

  29. 	// "### autogenerated by gitgos, DO NOT EDIT\n"

  30. 	_TPL_PUBLICK_KEY = `command="%s serv key-%d",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty %s` + "\n"

  31. )

  32. 

  33. var (

  34. 	ErrKeyAlreadyExist = errors.New("Public key already exist")

  35. 	ErrKeyNotExist     = errors.New("Public key does not exist")

  36. )

  37. 

  38. var sshOpLocker = sync.Mutex{}

  39. 

  40. var (

  41. 	SshPath string // SSH directory.

  42. 	appPath string // Execution(binary) path.

  43. )

  44. 

  45. // exePath returns the executable path.

  46. func exePath() (string, error) {

  47. 	file, err := exec.LookPath(os.Args[0])

  48. 	if err != nil {

  49. 		return "", err

  50. 	}

  51. 	return filepath.Abs(file)

  52. }

  53. 

  54. // homeDir returns the home directory of current user.

  55. func homeDir() string {

  56. 	home, err := com.HomeDir()

  57. 	if err != nil {

  58. 		log.Fatal(4, "Fail to get home directory: %v", err)

  59. 	}

  60. 	return home

  61. }

  62. 

  63. func init() {

  64. 	var err error

  65. 

  66. 	if appPath, err = exePath(); err != nil {

  67. 		log.Fatal(4, "fail to get app path: %v\n", err)

  68. 	}

  69. 	appPath = strings.Replace(appPath, "\\", "/", -1)

  70. 

  71. 	// Determine and create .ssh path.

  72. 	SshPath = filepath.Join(homeDir(), ".ssh")

  73. 	if err = os.MkdirAll(SshPath, 0700); err != nil {

  74. 		log.Fatal(4, "fail to create SshPath(%s): %v\n", SshPath, err)

  75. 	}

  76. }

  77. 

  78. // PublicKey represents a SSH key.

  79. type PublicKey struct {

  80. 	Id                int64

  81. 	OwnerId           int64  `xorm:"UNIQUE(s) INDEX NOT NULL"`

  82. 	Name              string `xorm:"UNIQUE(s) NOT NULL"`

  83. 	Fingerprint       string

  84. 	Content           string    `xorm:"TEXT NOT NULL"`

  85. 	Created           time.Time `xorm:"CREATED"`

  86. 	Updated           time.Time

  87. 	HasRecentActivity bool `xorm:"-"`

  88. 	HasUsed           bool `xorm:"-"`

  89. }

  90. 

  91. // GetAuthorizedString generates and returns formatted public key string for authorized_keys file.

  92. func (key *PublicKey) GetAuthorizedString() string {

  93. 	return fmt.Sprintf(_TPL_PUBLICK_KEY, appPath, key.Id, key.Content)

  94. }

  95. 

  96. var (

  97. 	MinimumKeySize = map[string]int{

  98. 		"(ED25519)": 256,

  99. 		"(ECDSA)":   256,

  100. 		"(NTRU)":    1087,

  101. 		"(MCE)":     1702,

  102. 		"(McE)":     1702,

  103. 		"(RSA)":     2048,

  104. 	}

  105. )

  106. 

  107. // CheckPublicKeyString checks if the given public key string is recognized by SSH.

  108. func CheckPublicKeyString(content string) (bool, error) {

  109. 	if strings.ContainsAny(content, "\n\r") {

  110. 		return false, errors.New("Only a single line with a single key please")

  111. 	}

  112. 

  113. 	// write the key to a file…

  114. 	tmpFile, err := ioutil.TempFile(os.TempDir(), "keytest")

  115. 	if err != nil {

  116. 		return false, err

  117. 	}

  118. 	tmpPath := tmpFile.Name()

  119. 	defer os.Remove(tmpPath)

  120. 	tmpFile.WriteString(content)

  121. 	tmpFile.Close()

  122. 

  123. 	// … see if ssh-keygen recognizes its contents

  124. 	stdout, stderr, err := process.Exec("CheckPublicKeyString", "ssh-keygen", "-l", "-f", tmpPath)

  125. 	if err != nil {

  126. 		return false, errors.New("ssh-keygen -l -f: " + stderr)

  127. 	} else if len(stdout) < 2 {

  128. 		return false, errors.New("ssh-keygen returned not enough output to evaluate the key")

  129. 	}

  130. 	sshKeygenOutput := strings.Split(stdout, " ")

  131. 	if len(sshKeygenOutput) < 4 {

  132. 		return false, errors.New("Not enough fields returned by ssh-keygen -l -f")

  133. 	}

  134. 	keySize, err := com.StrTo(sshKeygenOutput[0]).Int()

  135. 	if err != nil {

  136. 		return false, errors.New("Cannot get key size of the given key")

  137. 	}

  138. 	keyType := strings.TrimSpace(sshKeygenOutput[len(sshKeygenOutput)-1])

  139. 

  140. 	if minimumKeySize := MinimumKeySize[keyType]; minimumKeySize == 0 {

  141. 		return false, errors.New("Sorry, unrecognized public key type")

  142. 	} else if keySize < minimumKeySize {

  143. 		return false, fmt.Errorf("The minimum accepted size of a public key %s is %d", keyType, minimumKeySize)

  144. 	}

  145. 

  146. 	return true, nil

  147. }

  148. 

  149. // saveAuthorizedKeyFile writes SSH key content to authorized_keys file.

  150. func saveAuthorizedKeyFile(key *PublicKey) error {

  151. 	sshOpLocker.Lock()

  152. 	defer sshOpLocker.Unlock()

  153. 

  154. 	fpath := filepath.Join(SshPath, "authorized_keys")

  155. 	f, err := os.OpenFile(fpath, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0600)

  156. 	if err != nil {

  157. 		return err

  158. 	}

  159. 	defer f.Close()

  160. 	finfo, err := f.Stat()

  161. 	if err != nil {

  162. 		return err

  163. 	}

  164. 

  165. 	// FIXME: following command does not support in Windows.

  166. 	if runtime.GOOS != "windows" {

  167. 		if finfo.Mode().Perm() > 0600 {

  168. 			log.Error(4, "authorized_keys file has unusual permission flags: %s - setting to -rw-------", finfo.Mode().Perm().String())

  169. 			if err = f.Chmod(0600); err != nil {

  170. 				return err

  171. 			}

  172. 		}

  173. 	}

  174. 

  175. 	_, err = f.WriteString(key.GetAuthorizedString())

  176. 	return err

  177. }

  178. 

  179. // AddPublicKey adds new public key to database and authorized_keys file.

  180. func AddPublicKey(key *PublicKey) (err error) {

  181. 	has, err := x.Get(key)

  182. 	if err != nil {

  183. 		return err

  184. 	} else if has {

  185. 		return ErrKeyAlreadyExist

  186. 	}

  187. 

  188. 	// Calculate fingerprint.

  189. 	tmpPath := strings.Replace(path.Join(os.TempDir(), fmt.Sprintf("%d", time.Now().Nanosecond()),

  190. 		"id_rsa.pub"), "\\", "/", -1)

  191. 	os.MkdirAll(path.Dir(tmpPath), os.ModePerm)

  192. 	if err = ioutil.WriteFile(tmpPath, []byte(key.Content), os.ModePerm); err != nil {

  193. 		return err

  194. 	}

  195. 	stdout, stderr, err := process.Exec("AddPublicKey", "ssh-keygen", "-l", "-f", tmpPath)

  196. 	if err != nil {

  197. 		return errors.New("ssh-keygen -l -f: " + stderr)

  198. 	} else if len(stdout) < 2 {

  199. 		return errors.New("Not enough output for calculating fingerprint")

  200. 	}

  201. 	key.Fingerprint = strings.Split(stdout, " ")[1]

  202. 

  203. 	// Save SSH key.

  204. 	if _, err = x.Insert(key); err != nil {

  205. 		return err

  206. 	} else if err = saveAuthorizedKeyFile(key); err != nil {

  207. 		// Roll back.

  208. 		if _, err2 := x.Delete(key); err2 != nil {

  209. 			return err2

  210. 		}

  211. 		return err

  212. 	}

  213. 

  214. 	return nil

  215. }

  216. 

  217. // GetPublicKeyById returns public key by given ID.

  218. func GetPublicKeyById(keyId int64) (*PublicKey, error) {

  219. 	key := new(PublicKey)

  220. 	has, err := x.Id(keyId).Get(key)

  221. 	if err != nil {

  222. 		return nil, err

  223. 	} else if !has {

  224. 		return nil, ErrKeyNotExist

  225. 	}

  226. 	return key, nil

  227. }

  228. 

  229. // ListPublicKey returns a list of all public keys that user has.

  230. func ListPublicKey(uid int64) ([]*PublicKey, error) {

  231. 	keys := make([]*PublicKey, 0, 5)

  232. 	err := x.Find(&keys, &PublicKey{OwnerId: uid})

  233. 	if err != nil {

  234. 		return nil, err

  235. 	}

  236. 

  237. 	for _, key := range keys {

  238. 		key.HasUsed = key.Updated.After(key.Created)

  239. 		key.HasRecentActivity = key.Updated.Add(7 * 24 * time.Hour).After(time.Now())

  240. 	}

  241. 	return keys, nil

  242. }

  243. 

  244. // rewriteAuthorizedKeys finds and deletes corresponding line in authorized_keys file.

  245. func rewriteAuthorizedKeys(key *PublicKey, p, tmpP string) error {

  246. 	sshOpLocker.Lock()

  247. 	defer sshOpLocker.Unlock()

  248. 

  249. 	fr, err := os.Open(p)

  250. 	if err != nil {

  251. 		return err

  252. 	}

  253. 	defer fr.Close()

  254. 

  255. 	fw, err := os.OpenFile(tmpP, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0600)

  256. 	if err != nil {

  257. 		return err

  258. 	}

  259. 	defer fw.Close()

  260. 

  261. 	isFound := false

  262. 	keyword := fmt.Sprintf("key-%d", key.Id)

  263. 	buf := bufio.NewReader(fr)

  264. 	for {

  265. 		line, errRead := buf.ReadString('\n')

  266. 		line = strings.TrimSpace(line)

  267. 

  268. 		if errRead != nil {

  269. 			if errRead != io.EOF {

  270. 				return errRead

  271. 			}

  272. 

  273. 			// Reached end of file, if nothing to read then break,

  274. 			// otherwise handle the last line.

  275. 			if len(line) == 0 {

  276. 				break

  277. 			}

  278. 		}

  279. 

  280. 		// Found the line and copy rest of file.

  281. 		if !isFound && strings.Contains(line, keyword) && strings.Contains(line, key.Content) {

  282. 			isFound = true

  283. 			continue

  284. 		}

  285. 		// Still finding the line, copy the line that currently read.

  286. 		if _, err = fw.WriteString(line + "\n"); err != nil {

  287. 			return err

  288. 		}

  289. 

  290. 		if errRead == io.EOF {

  291. 			break

  292. 		}

  293. 	}

  294. 	return nil

  295. }

  296. 

  297. // UpdatePublicKey updates given public key.

  298. func UpdatePublicKey(key *PublicKey) error {

  299. 	_, err := x.Id(key.Id).AllCols().Update(key)

  300. 	return err

  301. }

  302. 

  303. // DeletePublicKey deletes SSH key information both in database and authorized_keys file.

  304. func DeletePublicKey(key *PublicKey) error {

  305. 	has, err := x.Get(key)

  306. 	if err != nil {

  307. 		return err

  308. 	} else if !has {

  309. 		return ErrKeyNotExist

  310. 	}

  311. 

  312. 	if _, err = x.Delete(key); err != nil {

  313. 		return err

  314. 	}

  315. 

  316. 	fpath := filepath.Join(SshPath, "authorized_keys")

  317. 	tmpPath := filepath.Join(SshPath, "authorized_keys.tmp")

  318. 	if err = rewriteAuthorizedKeys(key, fpath, tmpPath); err != nil {

  319. 		return err

  320. 	} else if err = os.Remove(fpath); err != nil {

  321. 		return err

  322. 	}

  323. 	return os.Rename(tmpPath, fpath)

  324. }

No Description