Fix issue where ecdsa and other key types are not synced from LDAP (#…

…5092) (#5094) * Fix issue where ecdsa and other key types are not synced from LDAP authentication provider fixes #5092 * integrations/auth_ldap_test.go: Add Hermes Conrad new ecdsa-sha2-nistp256 publickey fingerprint * integrations/auth_ldap_test.go: Use ssh-keygen -lf <filename> -E sha256
go-gitea · Oct 31, 2018 · 22ad514 · 22ad514
1 parent b686bd0
commit 22ad514
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/integrations/auth_ldap_test.go b/integrations/auth_ldap_test.go
@@ -43,6 +43,7 @@ var gitLDAPUsers = []ldapUser{
  SSHKeys: []string{
  "SHA256:qLY06smKfHoW/92yXySpnxFR10QFrLdRjf/GNPvwcW8",
  "SHA256:QlVTuM5OssDatqidn2ffY+Lc4YA5Fs78U+0KOHI51jQ",
+ "SHA256:DXdeUKYOJCSSmClZuwrb60hUq7367j4fA+udNC3FdRI",
  },
  IsAdmin: true,
  },

diff --git a/models/user.go b/models/user.go
@@ -29,6 +29,7 @@ import (
  "github.com/go-xorm/xorm"
  "github.com/nfnt/resize"
  "golang.org/x/crypto/pbkdf2"
+ "golang.org/x/crypto/ssh"
 
  "code.gitea.io/git"
  api "code.gitea.io/sdk/gitea"
@@ -1454,7 +1455,8 @@ func deleteKeysMarkedForDeletion(keys []string) (bool, error) {
 func addLdapSSHPublicKeys(s *LoginSource, usr *User, SSHPublicKeys []string) bool {
  var sshKeysNeedUpdate bool
  for _, sshKey := range SSHPublicKeys {
- if strings.HasPrefix(strings.ToLower(sshKey), "ssh") {
+ _, _, _, _, err := ssh.ParseAuthorizedKey([]byte(sshKey))
+ if err == nil {
  sshKeyName := fmt.Sprintf("%s-%s", s.Name, sshKey[0:40])
  if _, err := AddPublicKey(usr.ID, sshKeyName, sshKey, s.ID); err != nil {
  log.Error(4, "addLdapSSHPublicKeys[%s]: Error adding LDAP Public SSH Key for user %s: %v", s.Name, usr.Name, err)