osbzr
/
com
项目红包剩余9514,下一贡献奖励5%,即 476个红包
Watch 15
Star 7
Wiki 捐赠
本站源代码
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tree: 4f0cac5ea6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4f0cac5ea6'
${ noResults }
com/models/ssh_key.go

999 lines
27KB
Raw Blame History 

  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Copyright 2019 The Gitea Authors. All rights reserved.

  3. // Use of this source code is governed by a MIT-style

  4. // license that can be found in the LICENSE file.

  5. 

  6. package models

  7. 

  8. import (

  9. 	"bufio"

  10. 	"crypto/rsa"

  11. 	"crypto/x509"

  12. 	"encoding/asn1"

  13. 	"encoding/base64"

  14. 	"encoding/binary"

  15. 	"encoding/pem"

  16. 	"errors"

  17. 	"fmt"

  18. 	"io/ioutil"

  19. 	"math/big"

  20. 	"os"

  21. 	"path/filepath"

  22. 	"strings"

  23. 	"sync"

  24. 	"time"

  25. 

  26. 	"code.gitea.io/gitea/modules/log"

  27. 	"code.gitea.io/gitea/modules/process"

  28. 	"code.gitea.io/gitea/modules/setting"

  29. 	"code.gitea.io/gitea/modules/timeutil"

  30. 

  31. 	"github.com/unknwon/com"

  32. 	"golang.org/x/crypto/ssh"

  33. 	"xorm.io/builder"

  34. 	"xorm.io/xorm"

  35. )

  36. 

  37. const (

  38. 	tplCommentPrefix = `# gitea public key`

  39. 	tplPublicKey     = tplCommentPrefix + "\n" + `command="%s --config='%s' serv key-%d",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty %s` + "\n"

  40. )

  41. 

  42. var sshOpLocker sync.Mutex

  43. 

  44. // KeyType specifies the key type

  45. type KeyType int

  46. 

  47. const (

  48. 	// KeyTypeUser specifies the user key

  49. 	KeyTypeUser = iota + 1

  50. 	// KeyTypeDeploy specifies the deploy key

  51. 	KeyTypeDeploy

  52. )

  53. 

  54. // PublicKey represents a user or deploy SSH public key.

  55. type PublicKey struct {

  56. 	ID            int64      `xorm:"pk autoincr"`

  57. 	OwnerID       int64      `xorm:"INDEX NOT NULL"`

  58. 	Name          string     `xorm:"NOT NULL"`

  59. 	Fingerprint   string     `xorm:"INDEX NOT NULL"`

  60. 	Content       string     `xorm:"TEXT NOT NULL"`

  61. 	Mode          AccessMode `xorm:"NOT NULL DEFAULT 2"`

  62. 	Type          KeyType    `xorm:"NOT NULL DEFAULT 1"`

  63. 	LoginSourceID int64      `xorm:"NOT NULL DEFAULT 0"`

  64. 

  65. 	CreatedUnix       timeutil.TimeStamp `xorm:"created"`

  66. 	UpdatedUnix       timeutil.TimeStamp `xorm:"updated"`

  67. 	HasRecentActivity bool               `xorm:"-"`

  68. 	HasUsed           bool               `xorm:"-"`

  69. }

  70. 

  71. // AfterLoad is invoked from XORM after setting the values of all fields of this object.

  72. func (key *PublicKey) AfterLoad() {

  73. 	key.HasUsed = key.UpdatedUnix > key.CreatedUnix

  74. 	key.HasRecentActivity = key.UpdatedUnix.AddDuration(7*24*time.Hour) > timeutil.TimeStampNow()

  75. }

  76. 

  77. // OmitEmail returns content of public key without email address.

  78. func (key *PublicKey) OmitEmail() string {

  79. 	return strings.Join(strings.Split(key.Content, " ")[:2], " ")

  80. }

  81. 

  82. // AuthorizedString returns formatted public key string for authorized_keys file.

  83. func (key *PublicKey) AuthorizedString() string {

  84. 	return fmt.Sprintf(tplPublicKey, setting.AppPath, setting.CustomConf, key.ID, key.Content)

  85. }

  86. 

  87. func extractTypeFromBase64Key(key string) (string, error) {

  88. 	b, err := base64.StdEncoding.DecodeString(key)

  89. 	if err != nil || len(b) < 4 {

  90. 		return "", fmt.Errorf("invalid key format: %v", err)

  91. 	}

  92. 

  93. 	keyLength := int(binary.BigEndian.Uint32(b))

  94. 	if len(b) < 4+keyLength {

  95. 		return "", fmt.Errorf("invalid key format: not enough length %d", keyLength)

  96. 	}

  97. 

  98. 	return string(b[4 : 4+keyLength]), nil

  99. }

  100. 

  101. const ssh2keyStart = "---- BEGIN SSH2 PUBLIC KEY ----"

  102. 

  103. // parseKeyString parses any key string in OpenSSH or SSH2 format to clean OpenSSH string (RFC4253).

  104. func parseKeyString(content string) (string, error) {

  105. 	// remove whitespace at start and end

  106. 	content = strings.TrimSpace(content)

  107. 

  108. 	var keyType, keyContent, keyComment string

  109. 

  110. 	if content[:len(ssh2keyStart)] == ssh2keyStart {

  111. 		// Parse SSH2 file format.

  112. 

  113. 		// Transform all legal line endings to a single "\n".

  114. 		content = strings.NewReplacer("\r\n", "\n", "\r", "\n").Replace(content)

  115. 

  116. 		lines := strings.Split(content, "\n")

  117. 		continuationLine := false

  118. 

  119. 		for _, line := range lines {

  120. 			// Skip lines that:

  121. 			// 1) are a continuation of the previous line,

  122. 			// 2) contain ":" as that are comment lines

  123. 			// 3) contain "-" as that are begin and end tags

  124. 			if continuationLine || strings.ContainsAny(line, ":-") {

  125. 				continuationLine = strings.HasSuffix(line, "\\")

  126. 			} else {

  127. 				keyContent += line

  128. 			}

  129. 		}

  130. 

  131. 		t, err := extractTypeFromBase64Key(keyContent)

  132. 		if err != nil {

  133. 			return "", fmt.Errorf("extractTypeFromBase64Key: %v", err)

  134. 		}

  135. 		keyType = t

  136. 	} else {

  137. 		if strings.Contains(content, "-----BEGIN") {

  138. 			// Convert PEM Keys to OpenSSH format

  139. 			// Transform all legal line endings to a single "\n".

  140. 			content = strings.NewReplacer("\r\n", "\n", "\r", "\n").Replace(content)

  141. 

  142. 			block, _ := pem.Decode([]byte(content))

  143. 			if block == nil {

  144. 				return "", fmt.Errorf("failed to parse PEM block containing the public key")

  145. 			}

  146. 

  147. 			pub, err := x509.ParsePKIXPublicKey(block.Bytes)

  148. 			if err != nil {

  149. 				var pk rsa.PublicKey

  150. 				_, err2 := asn1.Unmarshal(block.Bytes, &pk)

  151. 				if err2 != nil {

  152. 					return "", fmt.Errorf("failed to parse DER encoded public key as either PKIX or PEM RSA Key: %v %v", err, err2)

  153. 				}

  154. 				pub = &pk

  155. 			}

  156. 

  157. 			sshKey, err := ssh.NewPublicKey(pub)

  158. 			if err != nil {

  159. 				return "", fmt.Errorf("unable to convert to ssh public key: %v", err)

  160. 			}

  161. 			content = string(ssh.MarshalAuthorizedKey(sshKey))

  162. 		}

  163. 		// Parse OpenSSH format.

  164. 

  165. 		// Remove all newlines

  166. 		content = strings.NewReplacer("\r\n", "", "\n", "").Replace(content)

  167. 

  168. 		parts := strings.SplitN(content, " ", 3)

  169. 		switch len(parts) {

  170. 		case 0:

  171. 			return "", errors.New("empty key")

  172. 		case 1:

  173. 			keyContent = parts[0]

  174. 		case 2:

  175. 			keyType = parts[0]

  176. 			keyContent = parts[1]

  177. 		default:

  178. 			keyType = parts[0]

  179. 			keyContent = parts[1]

  180. 			keyComment = parts[2]

  181. 		}

  182. 

  183. 		// If keyType is not given, extract it from content. If given, validate it.

  184. 		t, err := extractTypeFromBase64Key(keyContent)

  185. 		if err != nil {

  186. 			return "", fmt.Errorf("extractTypeFromBase64Key: %v", err)

  187. 		}

  188. 		if len(keyType) == 0 {

  189. 			keyType = t

  190. 		} else if keyType != t {

  191. 			return "", fmt.Errorf("key type and content does not match: %s - %s", keyType, t)

  192. 		}

  193. 	}

  194. 	// Finally we need to check whether we can actually read the proposed key:

  195. 	_, _, _, _, err := ssh.ParseAuthorizedKey([]byte(keyType + " " + keyContent + " " + keyComment))

  196. 	if err != nil {

  197. 		return "", fmt.Errorf("invalid ssh public key: %v", err)

  198. 	}

  199. 	return keyType + " " + keyContent + " " + keyComment, nil

  200. }

  201. 

  202. // writeTmpKeyFile writes key content to a temporary file

  203. // and returns the name of that file, along with any possible errors.

  204. func writeTmpKeyFile(content string) (string, error) {

  205. 	tmpFile, err := ioutil.TempFile(setting.SSH.KeyTestPath, "gitea_keytest")

  206. 	if err != nil {

  207. 		return "", fmt.Errorf("TempFile: %v", err)

  208. 	}

  209. 	defer tmpFile.Close()

  210. 

  211. 	if _, err = tmpFile.WriteString(content); err != nil {

  212. 		return "", fmt.Errorf("WriteString: %v", err)

  213. 	}

  214. 	return tmpFile.Name(), nil

  215. }

  216. 

  217. // SSHKeyGenParsePublicKey extracts key type and length using ssh-keygen.

  218. func SSHKeyGenParsePublicKey(key string) (string, int, error) {

  219. 	// The ssh-keygen in Windows does not print key type, so no need go further.

  220. 	if setting.IsWindows {

  221. 		return "", 0, nil

  222. 	}

  223. 

  224. 	tmpName, err := writeTmpKeyFile(key)

  225. 	if err != nil {

  226. 		return "", 0, fmt.Errorf("writeTmpKeyFile: %v", err)

  227. 	}

  228. 	defer os.Remove(tmpName)

  229. 

  230. 	stdout, stderr, err := process.GetManager().Exec("SSHKeyGenParsePublicKey", setting.SSH.KeygenPath, "-lf", tmpName)

  231. 	if err != nil {

  232. 		return "", 0, fmt.Errorf("fail to parse public key: %s - %s", err, stderr)

  233. 	}

  234. 	if strings.Contains(stdout, "is not a public key file") {

  235. 		return "", 0, ErrKeyUnableVerify{stdout}

  236. 	}

  237. 

  238. 	fields := strings.Split(stdout, " ")

  239. 	if len(fields) < 4 {

  240. 		return "", 0, fmt.Errorf("invalid public key line: %s", stdout)

  241. 	}

  242. 

  243. 	keyType := strings.Trim(fields[len(fields)-1], "()\r\n")

  244. 	return strings.ToLower(keyType), com.StrTo(fields[0]).MustInt(), nil

  245. }

  246. 

  247. // SSHNativeParsePublicKey extracts the key type and length using the golang SSH library.

  248. func SSHNativeParsePublicKey(keyLine string) (string, int, error) {

  249. 	fields := strings.Fields(keyLine)

  250. 	if len(fields) < 2 {

  251. 		return "", 0, fmt.Errorf("not enough fields in public key line: %s", keyLine)

  252. 	}

  253. 

  254. 	raw, err := base64.StdEncoding.DecodeString(fields[1])

  255. 	if err != nil {

  256. 		return "", 0, err

  257. 	}

  258. 

  259. 	pkey, err := ssh.ParsePublicKey(raw)

  260. 	if err != nil {

  261. 		if strings.Contains(err.Error(), "ssh: unknown key algorithm") {

  262. 			return "", 0, ErrKeyUnableVerify{err.Error()}

  263. 		}

  264. 		return "", 0, fmt.Errorf("ParsePublicKey: %v", err)

  265. 	}

  266. 

  267. 	// The ssh library can parse the key, so next we find out what key exactly we have.

  268. 	switch pkey.Type() {

  269. 	case ssh.KeyAlgoDSA:

  270. 		rawPub := struct {

  271. 			Name       string

  272. 			P, Q, G, Y *big.Int

  273. 		}{}

  274. 		if err := ssh.Unmarshal(pkey.Marshal(), &rawPub); err != nil {

  275. 			return "", 0, err

  276. 		}

  277. 		// as per https://bugzilla.mindrot.org/show_bug.cgi?id=1647 we should never

  278. 		// see dsa keys != 1024 bit, but as it seems to work, we will not check here

  279. 		return "dsa", rawPub.P.BitLen(), nil // use P as per crypto/dsa/dsa.go (is L)

  280. 	case ssh.KeyAlgoRSA:

  281. 		rawPub := struct {

  282. 			Name string

  283. 			E    *big.Int

  284. 			N    *big.Int

  285. 		}{}

  286. 		if err := ssh.Unmarshal(pkey.Marshal(), &rawPub); err != nil {

  287. 			return "", 0, err

  288. 		}

  289. 		return "rsa", rawPub.N.BitLen(), nil // use N as per crypto/rsa/rsa.go (is bits)

  290. 	case ssh.KeyAlgoECDSA256:

  291. 		return "ecdsa", 256, nil

  292. 	case ssh.KeyAlgoECDSA384:

  293. 		return "ecdsa", 384, nil

  294. 	case ssh.KeyAlgoECDSA521:

  295. 		return "ecdsa", 521, nil

  296. 	case ssh.KeyAlgoED25519:

  297. 		return "ed25519", 256, nil

  298. 	}

  299. 	return "", 0, fmt.Errorf("unsupported key length detection for type: %s", pkey.Type())

  300. }

  301. 

  302. // CheckPublicKeyString checks if the given public key string is recognized by SSH.

  303. // It returns the actual public key line on success.

  304. func CheckPublicKeyString(content string) (_ string, err error) {

  305. 	if setting.SSH.Disabled {

  306. 		return "", ErrSSHDisabled{}

  307. 	}

  308. 

  309. 	content, err = parseKeyString(content)

  310. 	if err != nil {

  311. 		return "", err

  312. 	}

  313. 

  314. 	content = strings.TrimRight(content, "\n\r")

  315. 	if strings.ContainsAny(content, "\n\r") {

  316. 		return "", errors.New("only a single line with a single key please")

  317. 	}

  318. 

  319. 	// remove any unnecessary whitespace now

  320. 	content = strings.TrimSpace(content)

  321. 

  322. 	if !setting.SSH.MinimumKeySizeCheck {

  323. 		return content, nil

  324. 	}

  325. 

  326. 	var (

  327. 		fnName  string

  328. 		keyType string

  329. 		length  int

  330. 	)

  331. 	if setting.SSH.StartBuiltinServer {

  332. 		fnName = "SSHNativeParsePublicKey"

  333. 		keyType, length, err = SSHNativeParsePublicKey(content)

  334. 	} else {

  335. 		fnName = "SSHKeyGenParsePublicKey"

  336. 		keyType, length, err = SSHKeyGenParsePublicKey(content)

  337. 	}

  338. 	if err != nil {

  339. 		return "", fmt.Errorf("%s: %v", fnName, err)

  340. 	}

  341. 	log.Trace("Key info [native: %v]: %s-%d", setting.SSH.StartBuiltinServer, keyType, length)

  342. 

  343. 	if minLen, found := setting.SSH.MinimumKeySizes[keyType]; found && length >= minLen {

  344. 		return content, nil

  345. 	} else if found && length < minLen {

  346. 		return "", fmt.Errorf("key length is not enough: got %d, needs %d", length, minLen)

  347. 	}

  348. 	return "", fmt.Errorf("key type is not allowed: %s", keyType)

  349. }

  350. 

  351. // appendAuthorizedKeysToFile appends new SSH keys' content to authorized_keys file.

  352. func appendAuthorizedKeysToFile(keys ...*PublicKey) error {

  353. 	// Don't need to rewrite this file if builtin SSH server is enabled.

  354. 	if setting.SSH.StartBuiltinServer {

  355. 		return nil

  356. 	}

  357. 

  358. 	sshOpLocker.Lock()

  359. 	defer sshOpLocker.Unlock()

  360. 

  361. 	if setting.SSH.RootPath != "" {

  362. 		// First of ensure that the RootPath is present, and if not make it with 0700 permissions

  363. 		// This of course doesn't guarantee that this is the right directory for authorized_keys

  364. 		// but at least if it's supposed to be this directory and it doesn't exist and we're the

  365. 		// right user it will at least be created properly.

  366. 		err := os.MkdirAll(setting.SSH.RootPath, 0700)

  367. 		if err != nil {

  368. 			log.Error("Unable to MkdirAll(%s): %v", setting.SSH.RootPath, err)

  369. 			return err

  370. 		}

  371. 	}

  372. 

  373. 	fPath := filepath.Join(setting.SSH.RootPath, "authorized_keys")

  374. 	f, err := os.OpenFile(fPath, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0600)

  375. 	if err != nil {

  376. 		return err

  377. 	}

  378. 	defer f.Close()

  379. 

  380. 	// Note: chmod command does not support in Windows.

  381. 	if !setting.IsWindows {

  382. 		fi, err := f.Stat()

  383. 		if err != nil {

  384. 			return err

  385. 		}

  386. 

  387. 		// .ssh directory should have mode 700, and authorized_keys file should have mode 600.

  388. 		if fi.Mode().Perm() > 0600 {

  389. 			log.Error("authorized_keys file has unusual permission flags: %s - setting to -rw-------", fi.Mode().Perm().String())

  390. 			if err = f.Chmod(0600); err != nil {

  391. 				return err

  392. 			}

  393. 		}

  394. 	}

  395. 

  396. 	for _, key := range keys {

  397. 		if _, err = f.WriteString(key.AuthorizedString()); err != nil {

  398. 			return err

  399. 		}

  400. 	}

  401. 	return nil

  402. }

  403. 

  404. // checkKeyFingerprint only checks if key fingerprint has been used as public key,

  405. // it is OK to use same key as deploy key for multiple repositories/users.

  406. func checkKeyFingerprint(e Engine, fingerprint string) error {

  407. 	has, err := e.Get(&PublicKey{

  408. 		Fingerprint: fingerprint,

  409. 	})

  410. 	if err != nil {

  411. 		return err

  412. 	} else if has {

  413. 		return ErrKeyAlreadyExist{0, fingerprint, ""}

  414. 	}

  415. 	return nil

  416. }

  417. 

  418. func calcFingerprintSSHKeygen(publicKeyContent string) (string, error) {

  419. 	// Calculate fingerprint.

  420. 	tmpPath, err := writeTmpKeyFile(publicKeyContent)

  421. 	if err != nil {

  422. 		return "", err

  423. 	}

  424. 	defer os.Remove(tmpPath)

  425. 	stdout, stderr, err := process.GetManager().Exec("AddPublicKey", "ssh-keygen", "-lf", tmpPath)

  426. 	if err != nil {

  427. 		return "", fmt.Errorf("'ssh-keygen -lf %s' failed with error '%s': %s", tmpPath, err, stderr)

  428. 	} else if len(stdout) < 2 {

  429. 		return "", errors.New("not enough output for calculating fingerprint: " + stdout)

  430. 	}

  431. 	return strings.Split(stdout, " ")[1], nil

  432. }

  433. 

  434. func calcFingerprintNative(publicKeyContent string) (string, error) {

  435. 	// Calculate fingerprint.

  436. 	pk, _, _, _, err := ssh.ParseAuthorizedKey([]byte(publicKeyContent))

  437. 	if err != nil {

  438. 		return "", err

  439. 	}

  440. 	return ssh.FingerprintSHA256(pk), nil

  441. }

  442. 

  443. func calcFingerprint(publicKeyContent string) (string, error) {

  444. 	//Call the method based on configuration

  445. 	var (

  446. 		fnName, fp string

  447. 		err        error

  448. 	)

  449. 	if setting.SSH.StartBuiltinServer {

  450. 		fnName = "calcFingerprintNative"

  451. 		fp, err = calcFingerprintNative(publicKeyContent)

  452. 	} else {

  453. 		fnName = "calcFingerprintSSHKeygen"

  454. 		fp, err = calcFingerprintSSHKeygen(publicKeyContent)

  455. 	}

  456. 	if err != nil {

  457. 		return "", fmt.Errorf("%s: %v", fnName, err)

  458. 	}

  459. 	return fp, nil

  460. }

  461. 

  462. func addKey(e Engine, key *PublicKey) (err error) {

  463. 	if len(key.Fingerprint) == 0 {

  464. 		key.Fingerprint, err = calcFingerprint(key.Content)

  465. 		if err != nil {

  466. 			return err

  467. 		}

  468. 	}

  469. 

  470. 	// Save SSH key.

  471. 	if _, err = e.Insert(key); err != nil {

  472. 		return err

  473. 	}

  474. 

  475. 	return appendAuthorizedKeysToFile(key)

  476. }

  477. 

  478. // AddPublicKey adds new public key to database and authorized_keys file.

  479. func AddPublicKey(ownerID int64, name, content string, loginSourceID int64) (*PublicKey, error) {

  480. 	log.Trace(content)

  481. 

  482. 	fingerprint, err := calcFingerprint(content)

  483. 	if err != nil {

  484. 		return nil, err

  485. 	}

  486. 

  487. 	sess := x.NewSession()

  488. 	defer sess.Close()

  489. 	if err = sess.Begin(); err != nil {

  490. 		return nil, err

  491. 	}

  492. 

  493. 	if err := checkKeyFingerprint(sess, fingerprint); err != nil {

  494. 		return nil, err

  495. 	}

  496. 

  497. 	// Key name of same user cannot be duplicated.

  498. 	has, err := sess.

  499. 		Where("owner_id = ? AND name = ?", ownerID, name).

  500. 		Get(new(PublicKey))

  501. 	if err != nil {

  502. 		return nil, err

  503. 	} else if has {

  504. 		return nil, ErrKeyNameAlreadyUsed{ownerID, name}

  505. 	}

  506. 

  507. 	key := &PublicKey{

  508. 		OwnerID:       ownerID,

  509. 		Name:          name,

  510. 		Fingerprint:   fingerprint,

  511. 		Content:       content,

  512. 		Mode:          AccessModeWrite,

  513. 		Type:          KeyTypeUser,

  514. 		LoginSourceID: loginSourceID,

  515. 	}

  516. 	if err = addKey(sess, key); err != nil {

  517. 		return nil, fmt.Errorf("addKey: %v", err)

  518. 	}

  519. 

  520. 	return key, sess.Commit()

  521. }

  522. 

  523. // GetPublicKeyByID returns public key by given ID.

  524. func GetPublicKeyByID(keyID int64) (*PublicKey, error) {

  525. 	key := new(PublicKey)

  526. 	has, err := x.

  527. 		Id(keyID).

  528. 		Get(key)

  529. 	if err != nil {

  530. 		return nil, err

  531. 	} else if !has {

  532. 		return nil, ErrKeyNotExist{keyID}

  533. 	}

  534. 	return key, nil

  535. }

  536. 

  537. func searchPublicKeyByContentWithEngine(e Engine, content string) (*PublicKey, error) {

  538. 	key := new(PublicKey)

  539. 	has, err := e.

  540. 		Where("content like ?", content+"%").

  541. 		Get(key)

  542. 	if err != nil {

  543. 		return nil, err

  544. 	} else if !has {

  545. 		return nil, ErrKeyNotExist{}

  546. 	}

  547. 	return key, nil

  548. }

  549. 

  550. // SearchPublicKeyByContent searches content as prefix (leak e-mail part)

  551. // and returns public key found.

  552. func SearchPublicKeyByContent(content string) (*PublicKey, error) {

  553. 	return searchPublicKeyByContentWithEngine(x, content)

  554. }

  555. 

  556. // SearchPublicKey returns a list of public keys matching the provided arguments.

  557. func SearchPublicKey(uid int64, fingerprint string) ([]*PublicKey, error) {

  558. 	keys := make([]*PublicKey, 0, 5)

  559. 	cond := builder.NewCond()

  560. 	if uid != 0 {

  561. 		cond = cond.And(builder.Eq{"owner_id": uid})

  562. 	}

  563. 	if fingerprint != "" {

  564. 		cond = cond.And(builder.Eq{"fingerprint": fingerprint})

  565. 	}

  566. 	return keys, x.Where(cond).Find(&keys)

  567. }

  568. 

  569. // ListPublicKeys returns a list of public keys belongs to given user.

  570. func ListPublicKeys(uid int64) ([]*PublicKey, error) {

  571. 	keys := make([]*PublicKey, 0, 5)

  572. 	return keys, x.

  573. 		Where("owner_id = ?", uid).

  574. 		Find(&keys)

  575. }

  576. 

  577. // ListPublicLdapSSHKeys returns a list of synchronized public ldap ssh keys belongs to given user and login source.

  578. func ListPublicLdapSSHKeys(uid int64, loginSourceID int64) ([]*PublicKey, error) {

  579. 	keys := make([]*PublicKey, 0, 5)

  580. 	return keys, x.

  581. 		Where("owner_id = ? AND login_source_id = ?", uid, loginSourceID).

  582. 		Find(&keys)

  583. }

  584. 

  585. // UpdatePublicKeyUpdated updates public key use time.

  586. func UpdatePublicKeyUpdated(id int64) error {

  587. 	// Check if key exists before update as affected rows count is unreliable

  588. 	//    and will return 0 affected rows if two updates are made at the same time

  589. 	if cnt, err := x.ID(id).Count(&PublicKey{}); err != nil {

  590. 		return err

  591. 	} else if cnt != 1 {

  592. 		return ErrKeyNotExist{id}

  593. 	}

  594. 

  595. 	_, err := x.ID(id).Cols("updated_unix").Update(&PublicKey{

  596. 		UpdatedUnix: timeutil.TimeStampNow(),

  597. 	})

  598. 	if err != nil {

  599. 		return err

  600. 	}

  601. 	return nil

  602. }

  603. 

  604. // deletePublicKeys does the actual key deletion but does not update authorized_keys file.

  605. func deletePublicKeys(e Engine, keyIDs ...int64) error {

  606. 	if len(keyIDs) == 0 {

  607. 		return nil

  608. 	}

  609. 

  610. 	_, err := e.In("id", keyIDs).Delete(new(PublicKey))

  611. 	return err

  612. }

  613. 

  614. // DeletePublicKey deletes SSH key information both in database and authorized_keys file.

  615. func DeletePublicKey(doer *User, id int64) (err error) {

  616. 	key, err := GetPublicKeyByID(id)

  617. 	if err != nil {

  618. 		return err

  619. 	}

  620. 

  621. 	// Check if user has access to delete this key.

  622. 	if !doer.IsAdmin && doer.ID != key.OwnerID {

  623. 		return ErrKeyAccessDenied{doer.ID, key.ID, "public"}

  624. 	}

  625. 

  626. 	sess := x.NewSession()

  627. 	defer sess.Close()

  628. 	if err = sess.Begin(); err != nil {

  629. 		return err

  630. 	}

  631. 

  632. 	if err = deletePublicKeys(sess, id); err != nil {

  633. 		return err

  634. 	}

  635. 

  636. 	if err = sess.Commit(); err != nil {

  637. 		return err

  638. 	}

  639. 	sess.Close()

  640. 

  641. 	return RewriteAllPublicKeys()

  642. }

  643. 

  644. // RewriteAllPublicKeys removes any authorized key and rewrite all keys from database again.

  645. // Note: x.Iterate does not get latest data after insert/delete, so we have to call this function

  646. // outside any session scope independently.

  647. func RewriteAllPublicKeys() error {

  648. 	return rewriteAllPublicKeys(x)

  649. }

  650. 

  651. func rewriteAllPublicKeys(e Engine) error {

  652. 	//Don't rewrite key if internal server

  653. 	if setting.SSH.StartBuiltinServer || !setting.SSH.CreateAuthorizedKeysFile {

  654. 		return nil

  655. 	}

  656. 

  657. 	sshOpLocker.Lock()

  658. 	defer sshOpLocker.Unlock()

  659. 

  660. 	if setting.SSH.RootPath != "" {

  661. 		// First of ensure that the RootPath is present, and if not make it with 0700 permissions

  662. 		// This of course doesn't guarantee that this is the right directory for authorized_keys

  663. 		// but at least if it's supposed to be this directory and it doesn't exist and we're the

  664. 		// right user it will at least be created properly.

  665. 		err := os.MkdirAll(setting.SSH.RootPath, 0700)

  666. 		if err != nil {

  667. 			log.Error("Unable to MkdirAll(%s): %v", setting.SSH.RootPath, err)

  668. 			return err

  669. 		}

  670. 	}

  671. 

  672. 	fPath := filepath.Join(setting.SSH.RootPath, "authorized_keys")

  673. 	tmpPath := fPath + ".tmp"

  674. 	t, err := os.OpenFile(tmpPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)

  675. 	if err != nil {

  676. 		return err

  677. 	}

  678. 	defer func() {

  679. 		t.Close()

  680. 		os.Remove(tmpPath)

  681. 	}()

  682. 

  683. 	if setting.SSH.AuthorizedKeysBackup && com.IsExist(fPath) {

  684. 		bakPath := fmt.Sprintf("%s_%d.gitea_bak", fPath, time.Now().Unix())

  685. 		if err = com.Copy(fPath, bakPath); err != nil {

  686. 			return err

  687. 		}

  688. 	}

  689. 

  690. 	err = e.Iterate(new(PublicKey), func(idx int, bean interface{}) (err error) {

  691. 		_, err = t.WriteString((bean.(*PublicKey)).AuthorizedString())

  692. 		return err

  693. 	})

  694. 	if err != nil {

  695. 		return err

  696. 	}

  697. 

  698. 	if com.IsExist(fPath) {

  699. 		f, err := os.Open(fPath)

  700. 		if err != nil {

  701. 			return err

  702. 		}

  703. 		scanner := bufio.NewScanner(f)

  704. 		for scanner.Scan() {

  705. 			line := scanner.Text()

  706. 			if strings.HasPrefix(line, tplCommentPrefix) {

  707. 				scanner.Scan()

  708. 				continue

  709. 			}

  710. 			_, err = t.WriteString(line + "\n")

  711. 			if err != nil {

  712. 				f.Close()

  713. 				return err

  714. 			}

  715. 		}

  716. 		f.Close()

  717. 	}

  718. 

  719. 	t.Close()

  720. 	return os.Rename(tmpPath, fPath)

  721. }

  722. 

  723. // ________                .__                 ____  __.

  724. // \______ \   ____ ______ |  |   ____ ___.__.|    |/ _|____ ___.__.

  725. //  |    |  \_/ __ \\____ \|  |  /  _ <   |  ||      <_/ __ <   |  |

  726. //  |    `   \  ___/|  |_> >  |_(  <_> )___  ||    |  \  ___/\___  |

  727. // /_______  /\___  >   __/|____/\____// ____||____|__ \___  > ____|

  728. //         \/     \/|__|               \/             \/   \/\/

  729. 

  730. // DeployKey represents deploy key information and its relation with repository.

  731. type DeployKey struct {

  732. 	ID          int64 `xorm:"pk autoincr"`

  733. 	KeyID       int64 `xorm:"UNIQUE(s) INDEX"`

  734. 	RepoID      int64 `xorm:"UNIQUE(s) INDEX"`

  735. 	Name        string

  736. 	Fingerprint string

  737. 	Content     string `xorm:"-"`

  738. 

  739. 	Mode AccessMode `xorm:"NOT NULL DEFAULT 1"`

  740. 

  741. 	CreatedUnix       timeutil.TimeStamp `xorm:"created"`

  742. 	UpdatedUnix       timeutil.TimeStamp `xorm:"updated"`

  743. 	HasRecentActivity bool               `xorm:"-"`

  744. 	HasUsed           bool               `xorm:"-"`

  745. }

  746. 

  747. // AfterLoad is invoked from XORM after setting the values of all fields of this object.

  748. func (key *DeployKey) AfterLoad() {

  749. 	key.HasUsed = key.UpdatedUnix > key.CreatedUnix

  750. 	key.HasRecentActivity = key.UpdatedUnix.AddDuration(7*24*time.Hour) > timeutil.TimeStampNow()

  751. }

  752. 

  753. // GetContent gets associated public key content.

  754. func (key *DeployKey) GetContent() error {

  755. 	pkey, err := GetPublicKeyByID(key.KeyID)

  756. 	if err != nil {

  757. 		return err

  758. 	}

  759. 	key.Content = pkey.Content

  760. 	return nil

  761. }

  762. 

  763. // IsReadOnly checks if the key can only be used for read operations

  764. func (key *DeployKey) IsReadOnly() bool {

  765. 	return key.Mode == AccessModeRead

  766. }

  767. 

  768. func checkDeployKey(e Engine, keyID, repoID int64, name string) error {

  769. 	// Note: We want error detail, not just true or false here.

  770. 	has, err := e.

  771. 		Where("key_id = ? AND repo_id = ?", keyID, repoID).

  772. 		Get(new(DeployKey))

  773. 	if err != nil {

  774. 		return err

  775. 	} else if has {

  776. 		return ErrDeployKeyAlreadyExist{keyID, repoID}

  777. 	}

  778. 

  779. 	has, err = e.

  780. 		Where("repo_id = ? AND name = ?", repoID, name).

  781. 		Get(new(DeployKey))

  782. 	if err != nil {

  783. 		return err

  784. 	} else if has {

  785. 		return ErrDeployKeyNameAlreadyUsed{repoID, name}

  786. 	}

  787. 

  788. 	return nil

  789. }

  790. 

  791. // addDeployKey adds new key-repo relation.

  792. func addDeployKey(e *xorm.Session, keyID, repoID int64, name, fingerprint string, mode AccessMode) (*DeployKey, error) {

  793. 	if err := checkDeployKey(e, keyID, repoID, name); err != nil {

  794. 		return nil, err

  795. 	}

  796. 

  797. 	key := &DeployKey{

  798. 		KeyID:       keyID,

  799. 		RepoID:      repoID,

  800. 		Name:        name,

  801. 		Fingerprint: fingerprint,

  802. 		Mode:        mode,

  803. 	}

  804. 	_, err := e.Insert(key)

  805. 	return key, err

  806. }

  807. 

  808. // HasDeployKey returns true if public key is a deploy key of given repository.

  809. func HasDeployKey(keyID, repoID int64) bool {

  810. 	has, _ := x.

  811. 		Where("key_id = ? AND repo_id = ?", keyID, repoID).

  812. 		Get(new(DeployKey))

  813. 	return has

  814. }

  815. 

  816. // AddDeployKey add new deploy key to database and authorized_keys file.

  817. func AddDeployKey(repoID int64, name, content string, readOnly bool) (*DeployKey, error) {

  818. 	fingerprint, err := calcFingerprint(content)

  819. 	if err != nil {

  820. 		return nil, err

  821. 	}

  822. 

  823. 	accessMode := AccessModeRead

  824. 	if !readOnly {

  825. 		accessMode = AccessModeWrite

  826. 	}

  827. 

  828. 	sess := x.NewSession()

  829. 	defer sess.Close()

  830. 	if err = sess.Begin(); err != nil {

  831. 		return nil, err

  832. 	}

  833. 

  834. 	pkey := &PublicKey{

  835. 		Fingerprint: fingerprint,

  836. 	}

  837. 	has, err := sess.Get(pkey)

  838. 	if err != nil {

  839. 		return nil, err

  840. 	}

  841. 

  842. 	if has {

  843. 		if pkey.Type != KeyTypeDeploy {

  844. 			return nil, ErrKeyAlreadyExist{0, fingerprint, ""}

  845. 		}

  846. 	} else {

  847. 		// First time use this deploy key.

  848. 		pkey.Mode = accessMode

  849. 		pkey.Type = KeyTypeDeploy

  850. 		pkey.Content = content

  851. 		pkey.Name = name

  852. 		if err = addKey(sess, pkey); err != nil {

  853. 			return nil, fmt.Errorf("addKey: %v", err)

  854. 		}

  855. 	}

  856. 

  857. 	key, err := addDeployKey(sess, pkey.ID, repoID, name, pkey.Fingerprint, accessMode)

  858. 	if err != nil {

  859. 		return nil, err

  860. 	}

  861. 

  862. 	return key, sess.Commit()

  863. }

  864. 

  865. // GetDeployKeyByID returns deploy key by given ID.

  866. func GetDeployKeyByID(id int64) (*DeployKey, error) {

  867. 	return getDeployKeyByID(x, id)

  868. }

  869. 

  870. func getDeployKeyByID(e Engine, id int64) (*DeployKey, error) {

  871. 	key := new(DeployKey)

  872. 	has, err := e.ID(id).Get(key)

  873. 	if err != nil {

  874. 		return nil, err

  875. 	} else if !has {

  876. 		return nil, ErrDeployKeyNotExist{id, 0, 0}

  877. 	}

  878. 	return key, nil

  879. }

  880. 

  881. // GetDeployKeyByRepo returns deploy key by given public key ID and repository ID.

  882. func GetDeployKeyByRepo(keyID, repoID int64) (*DeployKey, error) {

  883. 	return getDeployKeyByRepo(x, keyID, repoID)

  884. }

  885. 

  886. func getDeployKeyByRepo(e Engine, keyID, repoID int64) (*DeployKey, error) {

  887. 	key := &DeployKey{

  888. 		KeyID:  keyID,

  889. 		RepoID: repoID,

  890. 	}

  891. 	has, err := e.Get(key)

  892. 	if err != nil {

  893. 		return nil, err

  894. 	} else if !has {

  895. 		return nil, ErrDeployKeyNotExist{0, keyID, repoID}

  896. 	}

  897. 	return key, nil

  898. }

  899. 

  900. // UpdateDeployKeyCols updates deploy key information in the specified columns.

  901. func UpdateDeployKeyCols(key *DeployKey, cols ...string) error {

  902. 	_, err := x.ID(key.ID).Cols(cols...).Update(key)

  903. 	return err

  904. }

  905. 

  906. // UpdateDeployKey updates deploy key information.

  907. func UpdateDeployKey(key *DeployKey) error {

  908. 	_, err := x.ID(key.ID).AllCols().Update(key)

  909. 	return err

  910. }

  911. 

  912. // DeleteDeployKey deletes deploy key from its repository authorized_keys file if needed.

  913. func DeleteDeployKey(doer *User, id int64) error {

  914. 	sess := x.NewSession()

  915. 	defer sess.Close()

  916. 	if err := sess.Begin(); err != nil {

  917. 		return err

  918. 	}

  919. 	if err := deleteDeployKey(sess, doer, id); err != nil {

  920. 		return err

  921. 	}

  922. 	return sess.Commit()

  923. }

  924. 

  925. func deleteDeployKey(sess Engine, doer *User, id int64) error {

  926. 	key, err := getDeployKeyByID(sess, id)

  927. 	if err != nil {

  928. 		if IsErrDeployKeyNotExist(err) {

  929. 			return nil

  930. 		}

  931. 		return fmt.Errorf("GetDeployKeyByID: %v", err)

  932. 	}

  933. 

  934. 	// Check if user has access to delete this key.

  935. 	if !doer.IsAdmin {

  936. 		repo, err := getRepositoryByID(sess, key.RepoID)

  937. 		if err != nil {

  938. 			return fmt.Errorf("GetRepositoryByID: %v", err)

  939. 		}

  940. 		has, err := isUserRepoAdmin(sess, repo, doer)

  941. 		if err != nil {

  942. 			return fmt.Errorf("GetUserRepoPermission: %v", err)

  943. 		} else if !has {

  944. 			return ErrKeyAccessDenied{doer.ID, key.ID, "deploy"}

  945. 		}

  946. 	}

  947. 

  948. 	if _, err = sess.ID(key.ID).Delete(new(DeployKey)); err != nil {

  949. 		return fmt.Errorf("delete deploy key [%d]: %v", key.ID, err)

  950. 	}

  951. 

  952. 	// Check if this is the last reference to same key content.

  953. 	has, err := sess.

  954. 		Where("key_id = ?", key.KeyID).

  955. 		Get(new(DeployKey))

  956. 	if err != nil {

  957. 		return err

  958. 	} else if !has {

  959. 		if err = deletePublicKeys(sess, key.KeyID); err != nil {

  960. 			return err

  961. 		}

  962. 

  963. 		// after deleted the public keys, should rewrite the public keys file

  964. 		if err = rewriteAllPublicKeys(sess); err != nil {

  965. 			return err

  966. 		}

  967. 	}

  968. 

  969. 	return nil

  970. }

  971. 

  972. // ListDeployKeys returns all deploy keys by given repository ID.

  973. func ListDeployKeys(repoID int64) ([]*DeployKey, error) {

  974. 	return listDeployKeys(x, repoID)

  975. }

  976. 

  977. func listDeployKeys(e Engine, repoID int64) ([]*DeployKey, error) {

  978. 	keys := make([]*DeployKey, 0, 5)

  979. 	return keys, e.

  980. 		Where("repo_id = ?", repoID).

  981. 		Find(&keys)

  982. }

  983. 

  984. // SearchDeployKeys returns a list of deploy keys matching the provided arguments.

  985. func SearchDeployKeys(repoID int64, keyID int64, fingerprint string) ([]*DeployKey, error) {

  986. 	keys := make([]*DeployKey, 0, 5)

  987. 	cond := builder.NewCond()

  988. 	if repoID != 0 {

  989. 		cond = cond.And(builder.Eq{"repo_id": repoID})

  990. 	}

  991. 	if keyID != 0 {

  992. 		cond = cond.And(builder.Eq{"key_id": keyID})

  993. 	}

  994. 	if fingerprint != "" {

  995. 		cond = cond.And(builder.Eq{"fingerprint": fingerprint})

  996. 	}

  997. 	return keys, x.Where(cond).Find(&keys)

  998. }
上海开阖软件有限公司 沪ICP备12045867号-1