grim/hgkeeper

Merge addToKey and loadKeys

2019-05-07, Gary Kramlich
14af6e82af57
Parents d5886fd34dc1
Children ed523f1c967e
Merge addToKey and loadKeys
--- a/access/access.go Wed May 08 02:14:09 2019 +0000
+++ b/access/access.go Tue May 07 22:41:21 2019 -0500
@@ -143,13 +143,38 @@
}
func (a *Access) addToKeys(user string) error {
- ks, err := loadKeys(user)
+ keyfile := filepath.Join(keysDir, user)
+
+ f, err := ioutil.ReadFile(keyfile)
if err != nil {
- return fmt.Errorf("addToKeys: %v", err)
+ return fmt.Errorf("failed to read key file %q: %v", keyfile, err)
+ }
+
+ // if the file is empty, we have nothing to do
+ if len(f) == 0 {
+ return fmt.Errorf("key file %q is empty", keyfile)
}
- for _, key := range ks {
- a.keys[key] = user
+
+ nKeys := 0
+ // loop while we have data in f. f is updated by ssh.ParseAuthorizedKeys
+ // while reading keys.
+ for len(f) > 0 {
+ var pub ssh.PublicKey
+ pub, _, _, f, err = ssh.ParseAuthorizedKey(f)
+ if err != nil {
+ log.Errorf("failed parsing key in %q: %v", keyfile, err)
+ continue
+ }
+
+ fp := ssh.FingerprintSHA256(pub)
+
+ log.Debugf("found key for %q: %s", user, fp)
+ a.keys[fp] = user
+ nKeys++
}
+
+ log.Infof("found %d keys for %s", nKeys, user)
+
return nil
}
@@ -233,27 +258,6 @@
return a, a.Reset()
}
-// loadKeys reads file trying to parse it as an authorized key
-// format, returning the finger prints of all keys found
-func loadKeys(file string) ([]string, error) {
- f, err := ioutil.ReadFile(filepath.Join(keysDir, file))
- if err != nil {
- return nil, fmt.Errorf("loadKeys %q: %v", file, err)
- }
- keys := make([]string, 0, 5)
- for len(f) > 0 {
- var pub ssh.PublicKey
- pub, _, _, f, err = ssh.ParseAuthorizedKey(f)
- if err != nil {
- log.Errorf("loadKeys %s: %v", file, err)
- continue
- }
- keys = append(keys, ssh.FingerprintSHA256(pub))
- }
-
- return keys, nil
-}
-
// isPublic checks whenever u is or not the reserved
// hgkeeper public group
func isPublic(u []byte) bool {