grim/hgkeeper
Clone
Summary
Browse
Changes
Graph
move KeysDir to a private variable in users.go
2019-09-08, Gary Kramlich
8098dd6d3587
move KeysDir to a private variable in users.go
package
access
import
(
"fmt"
"io/ioutil"
"os"
"path/filepath"
log
"github.com/sirupsen/logrus"
"golang.org/x/crypto/ssh"
)
const
(
keysDir
=
"keys"
)
func
(
a
*
Access
)
loadSshKeys
(
users
[]
string
)
error
{
USERS
:
for
_
,
username
:=
range
users
{
keyfile
:=
filepath
.
Join
(
a
.
repoPath
,
keysDir
,
username
)
if
_
,
err
:=
os
.
Stat
(
keyfile
);
os
.
IsNotExist
(
err
)
{
log
.
Warnf
(
"no keys found for user %s"
,
username
)
continue
}
buffer
,
err
:=
ioutil
.
ReadFile
(
keyfile
)
if
err
!=
nil
{
log
.
Warnf
(
"failed to read keyfile for user %s: %v"
,
username
,
err
)
continue
}
for
len
(
buffer
)
>
0
{
var
pubkey
ssh
.
PublicKey
pubkey
,
_
,
_
,
buffer
,
err
=
ssh
.
ParseAuthorizedKey
(
buffer
)
if
err
!=
nil
{
log
.
Warnf
(
"failed to parse key file for user %s: %v"
,
username
,
err
)
continue
USERS
}
fingerprint
:=
ssh
.
FingerprintSHA256
(
pubkey
)
a
.
fingerprintIndex
[
fingerprint
]
=
username
}
}
return
nil
}
// UsernameFromFingerprint looks up a username from an SSH key's fingerprint
// and returns the username if found, or err if not found.
func
(
a
*
Access
)
UsernameFromFingerprint
(
fingerprint
string
)
(
string
,
error
)
{
a
.
lock
.
Lock
()
defer
a
.
lock
.
Unlock
()
username
,
found
:=
a
.
fingerprintIndex
[
fingerprint
]
if
!
found
{
return
""
,
fmt
.
Errorf
(
"user not found"
)
}
return
username
,
nil
}
func
(
a
*
Access
)
UsernameFromPubkey
(
pubkey
ssh
.
PublicKey
)
(
string
,
error
)
{
return
a
.
UsernameFromFingerprint
(
ssh
.
FingerprintSHA256
(
pubkey
))
}