Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 14:50:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

Support multiple public keys

Browse Source 
This will parse the public key field as a newline delimited list of public keys.

Return (valid) result on first match.
This commit is contained in:
Jo Vandeginste
2019-07-31 13:42:58 +02:00
committed by drakkan
parent 99e89f59c9
commit c752dd8e81
2 changed files with 20 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
dataprovider/dataprovider.go
View File

@@ -234,11 +234,14 @@ func validateUser(user *User) error {
user.Password = pwd user.Password = pwd
} }
if len(user.PublicKey) > 0 { if len(user.PublicKey) > 0 {
_, _, _, _, err := ssh.ParseAuthorizedKey([]byte(user.PublicKey)) for i, k := range strings.Split(user.PublicKey, "\n") {
_, _, _, _, err := ssh.ParseAuthorizedKey([]byte(k))
if err != nil { if err != nil {
return err return &ValidationError{err: fmt.Sprintf("Could not parse key nr. %d: %s", i, err)}
} }
} }
}
return nil return nil
} }

19
dataprovider/sqlcommon.go
View File

@@ -73,20 +73,21 @@ func sqlCommonValidateUserAndPubKey(username string, pubKey string) (User, error
logger.Warn(logSender, "error authenticating user: %v, error: %v", username, err) logger.Warn(logSender, "error authenticating user: %v, error: %v", username, err)
return user, err return user, err
} }
if len(user.PublicKey) > 0 { if len(user.PublicKey) == 0 {
storedPubKey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(user.PublicKey)) return user, errors.New("Invalid credentials")
}
for i, k := range strings.Split(user.PublicKey, "\n") {
storedPubKey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(k))
if err != nil { if err != nil {
logger.Warn(logSender, "error parsing stored public key for user %v: %v", username, err) logger.Warn(logSender, "error parsing stored public key %d for user %v: %v", i, username, err)
return user, err return user, err
} }
if string(storedPubKey.Marshal()) != pubKey { if string(storedPubKey.Marshal()) == pubKey {
err = errors.New("Invalid credentials") return user, nil
return user, err
} }
} else {
err = errors.New("Invalid credentials")
} }
return user, err return user, errors.New("Invalid credentials")
} }
func sqlCommonGetUserByID(ID int64) (User, error) { func sqlCommonGetUserByID(ID int64) (User, error) {