Changeset - db26a69f6d59
Parent rev.
Child rev.
[Not reviewed]
default
0 1 0
Mads Kiilerich (mads) - 5 years ago 2020-09-28 13:33:18
mads@kiilerich.com
ssh: drop simple key parser for fingerprint calculation in public_key setter - use ssh.parse_pub_key

Avoid having multiple slightly different parsers.
1 file changed with 9 insertions and 5 deletions:
kallithea/model/db.py
9
5
0 comments (0 inline, 0 general)
kallithea/model/db.py
Show inline comments
 
@@ -23,49 +23,49 @@ Original author and date, and relevant c
 
:author: marcink
 
:copyright: (c) 2013 RhodeCode GmbH, and others.
 
:license: GPLv3, see LICENSE.md for more details.
 
"""
 

			




	
	
	
		
 
import base64

			




	
	
	
		
 
import collections

			




	
	
	
		
 
import datetime

			




	
	
	
		
 
import functools

			




	
	
	
		
 
import hashlib

			




	
	
	
		
 
import logging

			




	
	
	
		
 
import os

			




	
	
	
		
 
import time

			




	
	
	
		
 
import traceback

			




	
	
	
		
 

			




	
	
	
		
 
import ipaddr

			




	
	
	
		
 
import sqlalchemy

			




	
	
	
		
 
from sqlalchemy import Boolean, Column, DateTime, Float, ForeignKey, Index, Integer, LargeBinary, String, Unicode, UnicodeText, UniqueConstraint

			




	
	
	
		
 
from sqlalchemy.ext.hybrid import hybrid_property

			




	
	
	
		
 
from sqlalchemy.orm import class_mapper, joinedload, relationship, validates

			




	
	
	
		
 
from tg.i18n import lazy_ugettext as _

			




	
	
	
		
 
from webob.exc import HTTPNotFound

			




	
	
	
		
 

			




	
	
	
		
 
import kallithea

			




	
	
	
		
 
from kallithea.lib import ext_json

			




	
	
	
		
 
from kallithea.lib import ext_json, ssh

			




	
	
	
		
 
from kallithea.lib.exceptions import DefaultUserException

			




	
	
	
		
 
from kallithea.lib.utils2 import (Optional, asbool, ascii_bytes, aslist, get_changeset_safe, get_clone_url, remove_prefix, safe_bytes, safe_int, safe_str,

			




	
	
	
		
 
                                  urlreadable)

			




	
	
	
		
 
from kallithea.lib.vcs import get_backend

			




	
	
	
		
 
from kallithea.lib.vcs.backends.base import EmptyChangeset

			




	
	
	
		
 
from kallithea.lib.vcs.utils.helpers import get_scm

			




	
	
	
		
 
from kallithea.model.meta import Base, Session

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
URL_SEP = '/'

			




	
	
	
		
 
log = logging.getLogger(__name__)

			




	
	
	
		
 

			




	
	
	
		
 
#==============================================================================

			




	
	
	
		
 
# BASE CLASSES

			




	
	
	
		
 
#==============================================================================

			




	
	
	
		
 

			




	
	
	
		
 
class BaseDbModel(object):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    Base Model for all classes

			




	
	
	
		
 
    """

			




	
	
	
		
 

			




	
	
	
		
 
    @classmethod

			




	
	
	
		
 
    def _get_keys(cls):

			




	
	
	
		
 
        """return column names for this model """

			




	
	
		
 
@@ -2279,29 +2279,33 @@ class Gist(Base, BaseDbModel):

			




	
	
	
		
 
class UserSshKeys(Base, BaseDbModel):

			




	
	
	
		
 
    __tablename__ = 'user_ssh_keys'

			




	
	
	
		
 
    __table_args__ = (

			




	
	
	
		
 
        Index('usk_fingerprint_idx', 'fingerprint'),

			




	
	
	
		
 
        _table_args_default_dict

			




	
	
	
		
 
    )

			




	
	
	
		
 
    __mapper_args__ = {}

			




	
	
	
		
 

			




	
	
	
		
 
    user_ssh_key_id = Column(Integer(), primary_key=True)

			




	
	
	
		
 
    user_id = Column(Integer(), ForeignKey('users.user_id'), nullable=False)

			




	
	
	
		
 
    _public_key = Column('public_key', UnicodeText(), nullable=False)

			




	
	
	
		
 
    description = Column(UnicodeText(), nullable=False)

			




	
	
	
		
 
    fingerprint = Column(String(255), nullable=False, unique=True)

			




	
	
	
		
 
    created_on = Column(DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

			




	
	
	
		
 
    last_seen = Column(DateTime(timezone=False), nullable=True)

			




	
	
	
		
 

			




	
	
	
		
 
    user = relationship('User')

			




	
	
	
		
 

			




	
	
	
		
 
    @property

			




	
	
	
		
 
    def public_key(self):

			




	
	
	
		
 
        return self._public_key

			




	
	
	
		
 

			




	
	
	
		
 
    @public_key.setter

			




	
	
	
		
 
    def public_key(self, full_key):

			




	
	
	
		
 
        # the full public key is too long to be suitable as database key - instead,

			




	
	
	
		
 
        # use fingerprints similar to 'ssh-keygen -E sha256 -lf ~/.ssh/id_rsa.pub'

			




	
	
	
		
 
        """The full public key is too long to be suitable as database key.

			




	
	
	
		
 
        Instead, as a side-effect of setting the public key string, compute the

			




	
	
	
		
 
        fingerprints according to https://tools.ietf.org/html/rfc4716#section-4

			




	
	
	
		
 
        BUT using sha256 instead of md5, similar to 'ssh-keygen -E sha256 -lf

			




	
	
	
		
 
        ~/.ssh/id_rsa.pub' .

			




	
	
	
		
 
        """

			




	
	
	
		
 
        keytype, key_bytes, comment = ssh.parse_pub_key(full_key)

			




	
	
	
		
 
        self._public_key = full_key

			




	
	
	
		
 
        enc_key = safe_bytes(full_key.split(" ")[1])

			




	
	
	
		
 
        self.fingerprint = base64.b64encode(hashlib.sha256(base64.b64decode(enc_key)).digest()).replace(b'\n', b'').rstrip(b'=').decode()

			




	
	
	
		
 
        self.fingerprint = base64.b64encode(hashlib.sha256(key_bytes).digest()).replace(b'\n', b'').rstrip(b'=').decode()

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        Server instance: clio-6775
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.
            – Support