From 3e3581286bdf064cabb46b2c30bca73e6a78ea58 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Fri, 25 Apr 2014 14:48:29 -0400
Subject: [PATCH] Merged #50 "Prohibit creation and storage of empty ssh keys"
---
src/main/java/com/gitblit/transport/ssh/keys/KeysDispatcher.java | 64 ++++++++++++++++++++++++++++---
1 files changed, 57 insertions(+), 7 deletions(-)
diff --git a/src/main/java/com/gitblit/transport/ssh/keys/KeysDispatcher.java b/src/main/java/com/gitblit/transport/ssh/keys/KeysDispatcher.java
index 3f58146..da58584 100644
--- a/src/main/java/com/gitblit/transport/ssh/keys/KeysDispatcher.java
+++ b/src/main/java/com/gitblit/transport/ssh/keys/KeysDispatcher.java
@@ -25,7 +25,6 @@
import org.slf4j.LoggerFactory;
import com.gitblit.Constants.AccessPermission;
-import com.gitblit.models.UserModel;
import com.gitblit.transport.ssh.IPublicKeyManager;
import com.gitblit.transport.ssh.SshKey;
import com.gitblit.transport.ssh.commands.CommandMetaData;
@@ -47,12 +46,13 @@
public class KeysDispatcher extends DispatchCommand {
@Override
- protected void setup(UserModel user) {
- register(user, AddKey.class);
- register(user, RemoveKey.class);
- register(user, ListKeys.class);
- register(user, WhichKey.class);
- register(user, CommentKey.class);
+ protected void setup() {
+ register(AddKey.class);
+ register(RemoveKey.class);
+ register(ListKeys.class);
+ register(WhichKey.class);
+ register(CommentKey.class);
+ register(PermissionKey.class);
}
@CommandMetaData(name = "add", description = "Add an SSH public key to your account")
@@ -79,8 +79,21 @@
public void run() throws IOException, Failure {
String username = getContext().getClient().getUsername();
List<String> keys = readKeys(addKeys);
+ if (keys.isEmpty()) {
+ throw new UnloggedFailure("No public keys were read from STDIN!");
+ }
for (String key : keys) {
SshKey sshKey = parseKey(key);
+ try {
+ // this method parses the rawdata and produces a public key
+ // if it fails it will throw a Buffer.BufferException
+ // the null check is a QC verification on top of that
+ if (sshKey.getPublicKey() == null) {
+ throw new RuntimeException();
+ }
+ } catch (RuntimeException e) {
+ throw new UnloggedFailure("The data read from SDTIN can not be parsed as an SSH public key!");
+ }
if (!StringUtils.isEmpty(permission)) {
AccessPermission ap = AccessPermission.fromCode(permission);
if (ap.exceeds(AccessPermission.NONE)) {
@@ -265,4 +278,41 @@
}
}
+
+ @CommandMetaData(name = "permission", description = "Set the permission of an SSH public key")
+ @UsageExample(syntax = "${cmd} 3 RW", description = "Set the permission for key #3 to PUSH (PW)")
+ public static class PermissionKey extends SshCommand {
+
+ @Argument(index = 0, metaVar = "INDEX", usage = "the key index", required = true)
+ private int index;
+
+ @Argument(index = 1, metaVar = "PERMISSION", usage = "the new permission", required = true)
+ private String value;
+
+ @Override
+ public void run() throws Failure {
+ final String username = getContext().getClient().getUsername();
+ IPublicKeyManager keyManager = getContext().getGitblit().getPublicKeyManager();
+ List<SshKey> keys = keyManager.getKeys(username);
+ if (index > keys.size()) {
+ throw new UnloggedFailure(1, "Invalid key index!");
+ }
+
+ SshKey key = keys.get(index - 1);
+ AccessPermission permission = AccessPermission.fromCode(value);
+ if (permission.exceeds(AccessPermission.NONE)) {
+ try {
+ key.setPermission(permission);
+ } catch (IllegalArgumentException e) {
+ throw new Failure(1, e.getMessage());
+ }
+ }
+ if (keyManager.addKey(username, key)) {
+ stdout.println(String.format("Updated the permission for key #%d.", index));
+ } else {
+ throw new Failure(1, String.format("Failed to update the comment for key #%d!", index));
+ }
+ }
+
+ }
}
--
Gitblit v1.9.1