From 11eb4b51accebf8a163e8f46f99b067eda80f7b9 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Fri, 23 May 2014 08:29:14 -0400
Subject: [PATCH] Remove GitBlit static singleton reference from localclone.groovy

---
 src/main/java/com/gitblit/transport/ssh/FileKeyManager.java |  129 ++++++++++++++++++++++++++++++------------
 1 files changed, 92 insertions(+), 37 deletions(-)

diff --git a/src/main/java/com/gitblit/transport/ssh/FileKeyManager.java b/src/main/java/com/gitblit/transport/ssh/FileKeyManager.java
index 1eb470b..a063dc7 100644
--- a/src/main/java/com/gitblit/transport/ssh/FileKeyManager.java
+++ b/src/main/java/com/gitblit/transport/ssh/FileKeyManager.java
@@ -17,15 +17,13 @@
 
 import java.io.File;
 import java.io.IOException;
-import java.security.PublicKey;
 import java.text.MessageFormat;
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
 
-import org.apache.commons.codec.binary.Base64;
-import org.apache.sshd.common.util.Buffer;
-import org.eclipse.jgit.lib.Constants;
-
+import com.gitblit.Constants.AccessPermission;
 import com.gitblit.Keys;
 import com.gitblit.manager.IRuntimeManager;
 import com.google.common.base.Charsets;
@@ -33,17 +31,20 @@
 import com.google.common.io.Files;
 
 /**
- * Manages SSH keys on the filesystem.
+ * Manages public keys on the filesystem.
  *
  * @author James Moger
  *
  */
-public class FileKeyManager implements IKeyManager {
+public class FileKeyManager extends IPublicKeyManager {
 
 	protected final IRuntimeManager runtimeManager;
 
+	protected final Map<File, Long> lastModifieds;
+
 	public FileKeyManager(IRuntimeManager runtimeManager) {
 		this.runtimeManager = runtimeManager;
+		this.lastModifieds = new ConcurrentHashMap<File, Long>();
 	}
 
 	@Override
@@ -54,6 +55,7 @@
 
 	@Override
 	public FileKeyManager start() {
+		log.info(toString());
 		return this;
 	}
 
@@ -68,15 +70,34 @@
 	}
 
 	@Override
-	public List<PublicKey> getKeys(String username) {
+	protected boolean isStale(String username) {
+		File keystore = getKeystore(username);
+		if (!keystore.exists()) {
+			// keystore may have been deleted
+			return true;
+		}
+
+		if (lastModifieds.containsKey(keystore)) {
+			// compare modification times
+			long lastModified = lastModifieds.get(keystore);
+			return lastModified != keystore.lastModified();
+		}
+
+		// assume stale
+		return true;
+	}
+
+	@Override
+	protected List<SshKey> getKeysImpl(String username) {
 		try {
-			File keys = getKeystore(username);
-			if (!keys.exists()) {
+			log.info("loading ssh keystore for {}", username);
+			File keystore = getKeystore(username);
+			if (!keystore.exists()) {
 				return null;
 			}
-			if (keys.exists()) {
-				List<PublicKey> list = new ArrayList<PublicKey>();
-				for (String entry : Files.readLines(keys, Charsets.ISO_8859_1)) {
+			if (keystore.exists()) {
+				List<SshKey> list = new ArrayList<SshKey>();
+				for (String entry : Files.readLines(keystore, Charsets.ISO_8859_1)) {
 					if (entry.trim().length() == 0) {
 						// skip blanks
 						continue;
@@ -85,18 +106,29 @@
 						// skip comments
 						continue;
 					}
-					final String[] parts = entry.split(" ");
-					final byte[] bin = Base64.decodeBase64(Constants.encodeASCII(parts[1]));
-					list.add(new Buffer(bin).getRawPublicKey());
+					String [] parts = entry.split(" ", 2);
+					AccessPermission perm = AccessPermission.fromCode(parts[0]);
+					if (perm.equals(AccessPermission.NONE)) {
+						// ssh-rsa DATA COMMENT
+						SshKey key = new SshKey(entry);
+						list.add(key);
+					} else if (perm.exceeds(AccessPermission.NONE)) {
+						// PERMISSION ssh-rsa DATA COMMENT
+						SshKey key = new SshKey(parts[1]);
+						key.setPermission(perm);
+						list.add(key);
+					}
 				}
 
 				if (list.isEmpty()) {
 					return null;
 				}
+
+				lastModifieds.put(keystore, keystore.lastModified());
 				return list;
 			}
 		} catch (IOException e) {
-			throw new RuntimeException("Canot read ssh keys", e);
+			throw new RuntimeException("Cannot read ssh keys", e);
 		}
 		return null;
 	}
@@ -106,10 +138,9 @@
 	 * by disregarding the comment/description field during key comparisons.
 	 */
 	@Override
-	public boolean addKey(String username, String data) {
+	public boolean addKey(String username, SshKey key) {
 		try {
-			String newKey = stripCommentFromKey(data);
-
+			boolean replaced = false;
 			List<String> lines = new ArrayList<String>();
 			File keystore = getKeystore(username);
 			if (keystore.exists()) {
@@ -126,20 +157,29 @@
 						continue;
 					}
 
-					// only add keys that do not match the new key
-					String oldKey = stripCommentFromKey(line);
-					if (!newKey.equals(oldKey)) {
+					SshKey oldKey = parseKey(line);
+					if (key.equals(oldKey)) {
+						// replace key
+						lines.add(key.getPermission() + " " + key.getRawData());
+						replaced = true;
+					} else {
+						// retain key
 						lines.add(entry);
 					}
 				}
 			}
 
-			// add new key
-			lines.add(data);
+			if (!replaced) {
+				// new key, append
+				lines.add(key.getPermission() + " " + key.getRawData());
+			}
 
 			// write keystore
 			String content = Joiner.on("\n").join(lines).trim().concat("\n");
 			Files.write(content, keystore, Charsets.ISO_8859_1);
+
+			lastModifieds.remove(keystore);
+			keyCache.invalidate(username);
 			return true;
 		} catch (IOException e) {
 			throw new RuntimeException("Cannot add ssh key", e);
@@ -147,13 +187,11 @@
 	}
 
 	/**
-	 * Removes a key from the keystore.
+	 * Removes the specified key from the keystore.
 	 */
 	@Override
-	public boolean removeKey(String username, String data) {
+	public boolean removeKey(String username, SshKey key) {
 		try {
-			String rmKey = stripCommentFromKey(data);
-
 			File keystore = getKeystore(username);
 			if (keystore.exists()) {
 				List<String> lines = new ArrayList<String>();
@@ -171,8 +209,8 @@
 					}
 
 					// only include keys that are NOT rmKey
-					String oldKey = stripCommentFromKey(line);
-					if (!rmKey.equals(oldKey)) {
+					SshKey oldKey = parseKey(line);
+					if (!key.equals(oldKey)) {
 						lines.add(entry);
 					}
 				}
@@ -183,6 +221,9 @@
 					String content = Joiner.on("\n").join(lines).trim().concat("\n");
 					Files.write(content, keystore, Charsets.ISO_8859_1);
 				}
+
+				lastModifieds.remove(keystore);
+				keyCache.invalidate(username);
 				return true;
 			}
 		} catch (IOException e) {
@@ -193,7 +234,13 @@
 
 	@Override
 	public boolean removeAllKeys(String username) {
-		return getKeystore(username).delete();
+		File keystore = getKeystore(username);
+		if (keystore.delete()) {
+			lastModifieds.remove(keystore);
+			keyCache.invalidate(username);
+			return true;
+		}
+		return false;
 	}
 
 	protected File getKeystore(String username) {
@@ -203,10 +250,18 @@
 		return keys;
 	}
 
-	/* Strips the comment from the key data and eliminates whitespace diffs */
-	protected String stripCommentFromKey(String data) {
-		String [] cols = data.split(" ");
-		String key = Joiner.on(" ").join(cols[0], cols[1]);
-		return key;
+	protected SshKey parseKey(String line) {
+		String [] parts = line.split(" ", 2);
+		AccessPermission perm = AccessPermission.fromCode(parts[0]);
+		if (perm.equals(AccessPermission.NONE)) {
+			// ssh-rsa DATA COMMENT
+			SshKey key = new SshKey(line);
+			return key;
+		} else {
+			// PERMISSION ssh-rsa DATA COMMENT
+			SshKey key = new SshKey(parts[1]);
+			key.setPermission(perm);
+			return key;
+		}
 	}
 }

--
Gitblit v1.9.1