Changeset - db26a69f6d59
Parent rev.
Child rev.
[Not reviewed]
default
0 1 0
Mads Kiilerich (mads) - 5 years ago 2020-09-28 13:33:18
mads@kiilerich.com
ssh: drop simple key parser for fingerprint calculation in public_key setter - use ssh.parse_pub_key

Avoid having multiple slightly different parsers.
1 file changed with 9 insertions and 5 deletions:
kallithea/model/db.py
9
5
0 comments (0 inline, 0 general)
kallithea/model/db.py
Show inline comments
 
# -*- coding: utf-8 -*-
 
# This program is free software: you can redistribute it and/or modify
 
# it under the terms of the GNU General Public License as published by
 
# the Free Software Foundation, either version 3 of the License, or
 
# (at your option) any later version.
 
#
 
# This program is distributed in the hope that it will be useful,
 
# but WITHOUT ANY WARRANTY; without even the implied warranty of
 
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 
# GNU General Public License for more details.
 
#
 
# You should have received a copy of the GNU General Public License
 
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
"""
 
kallithea.model.db
 
~~~~~~~~~~~~~~~~~~
 

			




	
	
	
		
 
Database Models for Kallithea

			




	
	
	
		
 

			




	
	
	
		
 
This file was forked by the Kallithea project in July 2014.

			




	
	
	
		
 
Original author and date, and relevant copyright and licensing information is below:

			




	
	
	
		
 
:created_on: Apr 08, 2010

			




	
	
	
		
 
:author: marcink

			




	
	
	
		
 
:copyright: (c) 2013 RhodeCode GmbH, and others.

			




	
	
	
		
 
:license: GPLv3, see LICENSE.md for more details.

			




	
	
	
		
 
"""

			




	
	
	
		
 

			




	
	
	
		
 
import base64

			




	
	
	
		
 
import collections

			




	
	
	
		
 
import datetime

			




	
	
	
		
 
import functools

			




	
	
	
		
 
import hashlib

			




	
	
	
		
 
import logging

			




	
	
	
		
 
import os

			




	
	
	
		
 
import time

			




	
	
	
		
 
import traceback

			




	
	
	
		
 

			




	
	
	
		
 
import ipaddr

			




	
	
	
		
 
import sqlalchemy

			




	
	
	
		
 
from sqlalchemy import Boolean, Column, DateTime, Float, ForeignKey, Index, Integer, LargeBinary, String, Unicode, UnicodeText, UniqueConstraint

			




	
	
	
		
 
from sqlalchemy.ext.hybrid import hybrid_property

			




	
	
	
		
 
from sqlalchemy.orm import class_mapper, joinedload, relationship, validates

			




	
	
	
		
 
from tg.i18n import lazy_ugettext as _

			




	
	
	
		
 
from webob.exc import HTTPNotFound

			




	
	
	
		
 

			




	
	
	
		
 
import kallithea

			




	
	
	
		
 
from kallithea.lib import ext_json

			




	
	
	
		
 
from kallithea.lib import ext_json, ssh

			




	
	
	
		
 
from kallithea.lib.exceptions import DefaultUserException

			




	
	
	
		
 
from kallithea.lib.utils2 import (Optional, asbool, ascii_bytes, aslist, get_changeset_safe, get_clone_url, remove_prefix, safe_bytes, safe_int, safe_str,

			




	
	
	
		
 
                                  urlreadable)

			




	
	
	
		
 
from kallithea.lib.vcs import get_backend

			




	
	
	
		
 
from kallithea.lib.vcs.backends.base import EmptyChangeset

			




	
	
	
		
 
from kallithea.lib.vcs.utils.helpers import get_scm

			




	
	
	
		
 
from kallithea.model.meta import Base, Session

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
URL_SEP = '/'

			




	
	
	
		
 
log = logging.getLogger(__name__)

			




	
	
	
		
 

			




	
	
	
		
 
#==============================================================================

			




	
	
	
		
 
# BASE CLASSES

			




	
	
	
		
 
#==============================================================================

			




	
	
	
		
 

			




	
	
	
		
 
class BaseDbModel(object):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    Base Model for all classes

			




	
	
	
		
 
    """

			




	
	
	
		
 

			




	
	
	
		
 
    @classmethod

			




	
	
	
		
 
    def _get_keys(cls):

			




	
	
	
		
 
        """return column names for this model """

			




	
	
	
		
 
        # Note: not a normal dict - iterator gives "users.firstname", but keys gives "firstname"

			




	
	
	
		
 
        return class_mapper(cls).c.keys()

			




	
	
	
		
 

			




	
	
	
		
 
    def get_dict(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        return dict with keys and values corresponding

			




	
	
	
		
 
        to this model data """

			




	
	
	
		
 

			




	
	
	
		
 
        d = {}

			




	
	
	
		
 
        for k in self._get_keys():

			




	
	
	
		
 
            d[k] = getattr(self, k)

			




	
	
	
		
 

			




	
	
	
		
 
        # also use __json__() if present to get additional fields

			




	
	
	
		
 
        _json_attr = getattr(self, '__json__', None)

			




	
	
	
		
 
        if _json_attr:

			




	
	
	
		
 
            # update with attributes from __json__

			




	
	
	
		
 
            if callable(_json_attr):

			




	
	
	
		
 
                _json_attr = _json_attr()

			




	
	
	
		
 
            for k, val in _json_attr.items():

			




	
	
	
		
 
                d[k] = val

			




	
	
	
		
 
        return d

			




	
	
	
		
 

			




	
	
	
		
 
    def get_appstruct(self):

			




	
	
	
		
 
        """return list with keys and values tuples corresponding

			




	
	
		
 
@@ -2255,53 +2255,57 @@ class Gist(Base, BaseDbModel):

			




	
	
	
		
 
            access_id=gist.gist_access_id,

			




	
	
	
		
 
            description=gist.gist_description,

			




	
	
	
		
 
            url=gist.gist_url(),

			




	
	
	
		
 
            expires=gist.gist_expires,

			




	
	
	
		
 
            created_on=gist.created_on,

			




	
	
	
		
 
        )

			




	
	
	
		
 
        return data

			




	
	
	
		
 

			




	
	
	
		
 
    def __json__(self):

			




	
	
	
		
 
        data = dict(

			




	
	
	
		
 
        )

			




	
	
	
		
 
        data.update(self.get_api_data())

			




	
	
	
		
 
        return data

			




	
	
	
		
 

			




	
	
	
		
 
    ## SCM functions

			




	
	
	
		
 

			




	
	
	
		
 
    @property

			




	
	
	
		
 
    def scm_instance(self):

			




	
	
	
		
 
        from kallithea.lib.vcs import get_repo

			




	
	
	
		
 
        from kallithea.model.gist import GIST_STORE_LOC

			




	
	
	
		
 
        gist_base_path = os.path.join(kallithea.CONFIG['base_path'], GIST_STORE_LOC)

			




	
	
	
		
 
        return get_repo(os.path.join(gist_base_path, self.gist_access_id))

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
class UserSshKeys(Base, BaseDbModel):

			




	
	
	
		
 
    __tablename__ = 'user_ssh_keys'

			




	
	
	
		
 
    __table_args__ = (

			




	
	
	
		
 
        Index('usk_fingerprint_idx', 'fingerprint'),

			




	
	
	
		
 
        _table_args_default_dict

			




	
	
	
		
 
    )

			




	
	
	
		
 
    __mapper_args__ = {}

			




	
	
	
		
 

			




	
	
	
		
 
    user_ssh_key_id = Column(Integer(), primary_key=True)

			




	
	
	
		
 
    user_id = Column(Integer(), ForeignKey('users.user_id'), nullable=False)

			




	
	
	
		
 
    _public_key = Column('public_key', UnicodeText(), nullable=False)

			




	
	
	
		
 
    description = Column(UnicodeText(), nullable=False)

			




	
	
	
		
 
    fingerprint = Column(String(255), nullable=False, unique=True)

			




	
	
	
		
 
    created_on = Column(DateTime(timezone=False), nullable=False, default=datetime.datetime.now)

			




	
	
	
		
 
    last_seen = Column(DateTime(timezone=False), nullable=True)

			




	
	
	
		
 

			




	
	
	
		
 
    user = relationship('User')

			




	
	
	
		
 

			




	
	
	
		
 
    @property

			




	
	
	
		
 
    def public_key(self):

			




	
	
	
		
 
        return self._public_key

			




	
	
	
		
 

			




	
	
	
		
 
    @public_key.setter

			




	
	
	
		
 
    def public_key(self, full_key):

			




	
	
	
		
 
        # the full public key is too long to be suitable as database key - instead,

			




	
	
	
		
 
        # use fingerprints similar to 'ssh-keygen -E sha256 -lf ~/.ssh/id_rsa.pub'

			




	
	
	
		
 
        """The full public key is too long to be suitable as database key.

			




	
	
	
		
 
        Instead, as a side-effect of setting the public key string, compute the

			




	
	
	
		
 
        fingerprints according to https://tools.ietf.org/html/rfc4716#section-4

			




	
	
	
		
 
        BUT using sha256 instead of md5, similar to 'ssh-keygen -E sha256 -lf

			




	
	
	
		
 
        ~/.ssh/id_rsa.pub' .

			




	
	
	
		
 
        """

			




	
	
	
		
 
        keytype, key_bytes, comment = ssh.parse_pub_key(full_key)

			




	
	
	
		
 
        self._public_key = full_key

			




	
	
	
		
 
        enc_key = safe_bytes(full_key.split(" ")[1])

			




	
	
	
		
 
        self.fingerprint = base64.b64encode(hashlib.sha256(base64.b64decode(enc_key)).digest()).replace(b'\n', b'').rstrip(b'=').decode()

			




	
	
	
		
 
        self.fingerprint = base64.b64encode(hashlib.sha256(key_bytes).digest()).replace(b'\n', b'').rstrip(b'=').decode()

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        Server instance: clio-7470
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.
            – Support