grim/hgkeeper

Spit out a warning if we find a duplicated key.

22 months ago, Gary Kramlich
dc46af0b583b
Spit out a warning if we find a duplicated key.

We're going to continue the existing behavior of overwriting the keys to not
break potential set ups for the time being.

Fixes HGKEEPER-22
package http
import (
"fmt"
"net/http"
"strings"
log "github.com/sirupsen/logrus"
"keep.imfreedom.org/grim/hgkeeper/access"
)
func authorizedKeysHandler(externalHostname, externalPort string) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fp := r.URL.Query().Get("fp")
if fp == "" {
w.WriteHeader(http.StatusBadRequest)
fmt.Fprintf(w, "missing fp parameter")
return
}
pubkey, err := access.PubkeyFromFingerprint(fp)
if err != nil {
w.WriteHeader(http.StatusNotFound)
fmt.Fprintf(w, "failed to find fingerprint %q", fp)
log.Errorf("failed to find fingerprint for %s: %v", fp, err)
return
}
options := []string{
fmt.Sprintf(
"command=\"ssh -T %s -p %s $SSH_ORIGINAL_COMMAND\"",
externalHostname,
externalPort,
),
"restrict",
"agent-forwarding",
}
w.WriteHeader(http.StatusOK)
fmt.Fprintf(w, fmt.Sprintf("%s %s", strings.Join(options, ","), pubkey))
})
}