Commit graph

17 commits

Author SHA1 Message Date
zeripath
ea69ec6f0f
Disable DSA ssh keys by default (#13056)
* Disable DSA ssh keys by default

OpenSSH has disabled DSA keys since version 7.0

As the docker runs openssh > v7.0 we should just disable
DSA keys by default.

Refers to #11417

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Just disable DSA keys by default

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Appears we need to set the minimum key sizes too

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Appears we need to set the minimum key sizes too

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove DSA type

* Fix Tests

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-10-09 09:52:57 +03:00
mrsdizzie
dce22efbee Fix SSH2 conditonal in key parsing code (#8806)
Avoid out of bounds error by using strings.HasPrefix to check for
starting SSH2 text rather than assuming user input has at least 31
characters.

Add tests for bad input as well.

Fixes #8800
2019-11-03 19:08:18 +08:00
zeripath
18c0e9c2a9
Make PKCS8, PEM and SSH2 keys work (#7600)
* Make PEM and SSH2 keys work

* add ssh2 testcases and PEM cases - and fix PEM

* Add final test to parse the proposed key
2019-07-25 20:33:38 +01:00
silverwind
b10109ffe8 Improve SSH key parser to handle newlines in keys (#7522)
* Strip newlines from SSH keys before adding them

Fixes: https://github.com/go-gitea/gitea/issues/7500

* add test for CheckPublicKeyString

* add one more test

* simplify test

* further simplify

* make fmt
2019-07-23 16:25:06 +03:00
Antoine GIRARD
367aeb169a Use go method to calculate ssh key fingerprint (#7128)
* Use go method to calculate key fingerprint

* add gitea copyright

* use native go method only for built-in server

* refactor and add tests

* add gitea copyright
2019-06-16 08:50:46 +01:00
zeripath
e55c874dd2 Add work path CLI option (#6922)
Makes it possible to set the work path as a CLI option instead of
relying on environment variables which are somewhat opaque
2019-05-14 11:20:35 -04:00
zeripath
8d0d7bc28d Make CustomPath, CustomConf and AppWorkPath configurable at build (#6631) 2019-04-29 14:08:21 -04:00
Ethan Koenig
d2329e1c26 Use assert in legacy unit tests (#867) 2017-02-08 14:29:07 +08:00
Sandro Santilli
4247304f5a Update import paths from github.com/go-gitea to code.gitea.io (#135)
- Update import paths from github.com/go-gitea to code.gitea.io
- Fix import path for travis

See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
2016-11-10 17:24:48 +01:00
Rémy Boulanouar
2d68bd1ef9 Change import reference to match gitea instead of gogs (#37) 2016-11-03 10:29:56 -02:00
Unknwon
15845cb287 Code clean up for new config options 2016-08-14 23:52:24 -07:00
Unknwon
5be881756b #3442 add test suites 2016-08-12 02:56:50 -07:00
Unknwon
8055a0bdac Post work for #2637
Improve test cases, config settings, also show SSH config settings on admin config panel.
2016-02-27 20:48:39 -05:00
Gibheer
2f27ee2232 variable should not use ALL_CAPS 2016-02-23 15:39:05 +01:00
Gibheer
dab74f21b7 remove ed25519 test for now
TravisCI is too old for ed25519, so it can't be tested correctly.
2016-02-17 11:30:48 +01:00
Gibheer
9eef2e706c fix ssh public key tests
The old API was using []byte, but was changed to string without running
the tests again.
It also sets the variables from the configuration to make them work.
Maybe there is a better way to do this.
2016-02-17 09:33:41 +01:00
Gibheer
12403bdfb0 allow native and ssh-keygen public key check
This commit adds the possibibility to use either the native golang
libraries or ssh-keygen to check public keys. The check is adjusted
depending on the settings, so that only supported keys are let through.

This commit also brings back the blacklist feature, which was removed in
7ef9a05588. This allows to blacklist
algorythms or keys based on the key length. This works with the native
and the ssh-keygen way.

Because of #2179 it also includes a way to adjust the path to
ssh-keygen and the working directory for ssh-keygen. With this,
sysadmins should be able to adjust the settings in a way, that SELinux
is okay with it. In the worst case, they can switch to the native
implementation and only loose support for ed25519 keys at the moment.
There are some other places which need adjustment to utilize the
parameters and the native implementation, but this sets the ground work.
2016-02-16 23:01:56 +01:00