grim/hgkeeper

move KeysDir to a private variable in users.go

2019-09-08, Gary Kramlich
8098dd6d3587
move KeysDir to a private variable in users.go
package access
import (
"fmt"
"io/ioutil"
"os"
"path/filepath"
log "github.com/sirupsen/logrus"
"golang.org/x/crypto/ssh"
)
const (
keysDir = "keys"
)
func (a *Access) loadSshKeys(users []string) error {
USERS:
for _, username := range users {
keyfile := filepath.Join(a.repoPath, keysDir, username)
if _, err := os.Stat(keyfile); os.IsNotExist(err) {
log.Warnf("no keys found for user %s", username)
continue
}
buffer, err := ioutil.ReadFile(keyfile)
if err != nil {
log.Warnf("failed to read keyfile for user %s: %v", username, err)
continue
}
for len(buffer) > 0 {
var pubkey ssh.PublicKey
pubkey, _, _, buffer, err = ssh.ParseAuthorizedKey(buffer)
if err != nil {
log.Warnf("failed to parse key file for user %s: %v", username, err)
continue USERS
}
fingerprint := ssh.FingerprintSHA256(pubkey)
a.fingerprintIndex[fingerprint] = username
}
}
return nil
}
// UsernameFromFingerprint looks up a username from an SSH key's fingerprint
// and returns the username if found, or err if not found.
func (a *Access) UsernameFromFingerprint(fingerprint string) (string, error) {
a.lock.Lock()
defer a.lock.Unlock()
username, found := a.fingerprintIndex[fingerprint]
if !found {
return "", fmt.Errorf("user not found")
}
return username, nil
}
func (a *Access) UsernameFromPubkey(pubkey ssh.PublicKey) (string, error) {
return a.UsernameFromFingerprint(ssh.FingerprintSHA256(pubkey))
}