gitea/opengist
0
0
Fork 0
mirror of https://github.com/thomiceli/opengist.git synced 2025-07-09 01:18:04 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix SSH pubkey detection

Browse Source
This commit is contained in:
Thomas Miceli
2023-05-01 02:55:34 +02:00
parent 713b5d623e
commit 58d40e211f
6 changed files with 21 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
internal/ssh/git_ssh.go
View File

@ -12,7 +12,7 @@ import (
"strings"
)
func runGitCommand(ch ssh.Channel, gitCmd string, keyID uint, ip string) error {
func runGitCommand(ch ssh.Channel, gitCmd string, key string, ip string) error {
verb, args := parseCommand(gitCmd)
if !strings.HasPrefix(verb, "git-") {
verb = ""
@ -43,7 +43,7 @@ func runGitCommand(ch ssh.Channel, gitCmd string, keyID uint, ip string) error {
}
if verb == "receive-pack" || requireLogin == "1" {
user, err := models.GetUserBySSHKeyID(keyID)
pubKey, err := models.SSHKeyExistsForUser(key, gist.UserID)
if err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
log.Warn().Msg("Invalid SSH authentication attempt from " + ip)
@ -52,15 +52,9 @@ func runGitCommand(ch ssh.Channel, gitCmd string, keyID uint, ip string) error {
errorSsh("Failed to get user by SSH key id", err)
return errors.New("internal server error")
}
if user.ID != gist.UserID {
log.Warn().Msg("Invalid SSH authentication attempt from " + ip)
return errors.New("unauthorized")
}
_ = models.SSHKeyLastUsedNow(pubKey.Content)
}
_ = models.SSHKeyLastUsedNow(keyID)
repositoryPath := git.RepositoryPath(gist.User.Username, gist.Uuid)
cmd := exec.Command("git", verb, repositoryPath)