grim/hgkeeper
Clone
Summary
Browse
Changes
Graph
Spit out a warning if we find a duplicated key.
22 months ago, Gary Kramlich
dc46af0b583b
Spit out a warning if we find a duplicated key.
We're going to continue the existing behavior of overwriting the keys to not
break potential set ups for the time being.
Fixes HGKEEPER-22
package
http
import
(
"fmt"
"net/http"
"strings"
log
"github.com/sirupsen/logrus"
"keep.imfreedom.org/grim/hgkeeper/access"
)
func
authorizedKeysHandler
(
externalHostname
,
externalPort
string
)
http
.
Handler
{
return
http
.
HandlerFunc
(
func
(
w
http
.
ResponseWriter
,
r
*
http
.
Request
)
{
fp
:=
r
.
URL
.
Query
().
Get
(
"fp"
)
if
fp
==
""
{
w
.
WriteHeader
(
http
.
StatusBadRequest
)
fmt
.
Fprintf
(
w
,
"missing fp parameter"
)
return
}
pubkey
,
err
:=
access
.
PubkeyFromFingerprint
(
fp
)
if
err
!=
nil
{
w
.
WriteHeader
(
http
.
StatusNotFound
)
fmt
.
Fprintf
(
w
,
"failed to find fingerprint %q"
,
fp
)
log
.
Errorf
(
"failed to find fingerprint for %s: %v"
,
fp
,
err
)
return
}
options
:=
[]
string
{
fmt
.
Sprintf
(
"command=\"ssh -T %s -p %s $SSH_ORIGINAL_COMMAND\""
,
externalHostname
,
externalPort
,
),
"restrict"
,
"agent-forwarding"
,
}
w
.
WriteHeader
(
http
.
StatusOK
)
fmt
.
Fprintf
(
w
,
fmt
.
Sprintf
(
"%s %s"
,
strings
.
Join
(
options
,
","
),
pubkey
))
})
}