From ed552ba47c02779c270ffd62841d6d1048dade70 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Sun, 22 Nov 2015 14:37:16 -0500
Subject: [PATCH] Merge branch 'develop'

---
 src/main/java/com/gitblit/transport/ssh/FileKeyManager.java |   80 ++++++++++++++++++++++++---------------
 1 files changed, 49 insertions(+), 31 deletions(-)

diff --git a/src/main/java/com/gitblit/transport/ssh/FileKeyManager.java b/src/main/java/com/gitblit/transport/ssh/FileKeyManager.java
index defb4a3..1a2cd68 100644
--- a/src/main/java/com/gitblit/transport/ssh/FileKeyManager.java
+++ b/src/main/java/com/gitblit/transport/ssh/FileKeyManager.java
@@ -17,22 +17,19 @@
 
 import java.io.File;
 import java.io.IOException;
-import java.security.PublicKey;
 import java.text.MessageFormat;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
 
-import org.apache.commons.codec.binary.Base64;
-import org.apache.sshd.common.util.Buffer;
-import org.eclipse.jgit.lib.Constants;
-
+import com.gitblit.Constants.AccessPermission;
 import com.gitblit.Keys;
 import com.gitblit.manager.IRuntimeManager;
 import com.google.common.base.Charsets;
 import com.google.common.base.Joiner;
 import com.google.common.io.Files;
+import com.google.inject.Inject;
 
 /**
  * Manages public keys on the filesystem.
@@ -46,6 +43,7 @@
 
 	protected final Map<File, Long> lastModifieds;
 
+	@Inject
 	public FileKeyManager(IRuntimeManager runtimeManager) {
 		this.runtimeManager = runtimeManager;
 		this.lastModifieds = new ConcurrentHashMap<File, Long>();
@@ -92,15 +90,15 @@
 	}
 
 	@Override
-	protected List<PublicKey> getKeysImpl(String username) {
+	protected List<SshKey> getKeysImpl(String username) {
 		try {
-			log.info("loading keystore for {}", username);
+			log.info("loading ssh keystore for {}", username);
 			File keystore = getKeystore(username);
 			if (!keystore.exists()) {
 				return null;
 			}
 			if (keystore.exists()) {
-				List<PublicKey> list = new ArrayList<PublicKey>();
+				List<SshKey> list = new ArrayList<SshKey>();
 				for (String entry : Files.readLines(keystore, Charsets.ISO_8859_1)) {
 					if (entry.trim().length() == 0) {
 						// skip blanks
@@ -110,9 +108,18 @@
 						// skip comments
 						continue;
 					}
-					final String[] parts = entry.split(" ");
-					final byte[] bin = Base64.decodeBase64(Constants.encodeASCII(parts[1]));
-					list.add(new Buffer(bin).getRawPublicKey());
+					String [] parts = entry.split(" ", 2);
+					AccessPermission perm = AccessPermission.fromCode(parts[0]);
+					if (perm.equals(AccessPermission.NONE)) {
+						// ssh-rsa DATA COMMENT
+						SshKey key = new SshKey(entry);
+						list.add(key);
+					} else if (perm.exceeds(AccessPermission.NONE)) {
+						// PERMISSION ssh-rsa DATA COMMENT
+						SshKey key = new SshKey(parts[1]);
+						key.setPermission(perm);
+						list.add(key);
+					}
 				}
 
 				if (list.isEmpty()) {
@@ -123,7 +130,7 @@
 				return list;
 			}
 		} catch (IOException e) {
-			throw new RuntimeException("Canot read ssh keys", e);
+			throw new RuntimeException("Cannot read ssh keys", e);
 		}
 		return null;
 	}
@@ -133,10 +140,9 @@
 	 * by disregarding the comment/description field during key comparisons.
 	 */
 	@Override
-	public boolean addKey(String username, String data) {
+	public boolean addKey(String username, SshKey key) {
 		try {
-			String newKey = stripCommentFromKey(data);
-
+			boolean replaced = false;
 			List<String> lines = new ArrayList<String>();
 			File keystore = getKeystore(username);
 			if (keystore.exists()) {
@@ -153,16 +159,22 @@
 						continue;
 					}
 
-					// only add keys that do not match the new key
-					String oldKey = stripCommentFromKey(line);
-					if (!newKey.equals(oldKey)) {
+					SshKey oldKey = parseKey(line);
+					if (key.equals(oldKey)) {
+						// replace key
+						lines.add(key.getPermission() + " " + key.getRawData());
+						replaced = true;
+					} else {
+						// retain key
 						lines.add(entry);
 					}
 				}
 			}
 
-			// add new key
-			lines.add(data);
+			if (!replaced) {
+				// new key, append
+				lines.add(key.getPermission() + " " + key.getRawData());
+			}
 
 			// write keystore
 			String content = Joiner.on("\n").join(lines).trim().concat("\n");
@@ -177,13 +189,11 @@
 	}
 
 	/**
-	 * Removes a key from the keystore.
+	 * Removes the specified key from the keystore.
 	 */
 	@Override
-	public boolean removeKey(String username, String data) {
+	public boolean removeKey(String username, SshKey key) {
 		try {
-			String rmKey = stripCommentFromKey(data);
-
 			File keystore = getKeystore(username);
 			if (keystore.exists()) {
 				List<String> lines = new ArrayList<String>();
@@ -201,8 +211,8 @@
 					}
 
 					// only include keys that are NOT rmKey
-					String oldKey = stripCommentFromKey(line);
-					if (!rmKey.equals(oldKey)) {
+					SshKey oldKey = parseKey(line);
+					if (!key.equals(oldKey)) {
 						lines.add(entry);
 					}
 				}
@@ -242,10 +252,18 @@
 		return keys;
 	}
 
-	/* Strips the comment from the key data and eliminates whitespace diffs */
-	protected String stripCommentFromKey(String data) {
-		String [] cols = data.split(" ");
-		String key = Joiner.on(" ").join(cols[0], cols[1]);
-		return key;
+	protected SshKey parseKey(String line) {
+		String [] parts = line.split(" ", 2);
+		AccessPermission perm = AccessPermission.fromCode(parts[0]);
+		if (perm.equals(AccessPermission.NONE)) {
+			// ssh-rsa DATA COMMENT
+			SshKey key = new SshKey(line);
+			return key;
+		} else {
+			// PERMISSION ssh-rsa DATA COMMENT
+			SshKey key = new SshKey(parts[1]);
+			key.setPermission(perm);
+			return key;
+		}
 	}
 }

--
Gitblit v1.9.1