mirror of
				https://github.com/go-gitea/gitea.git
				synced 2025-10-25 01:24:13 +02:00 
			
		
		
		
	Retry SSH key verification with additional CRLF if it failed (#28392)
Windows-based shells will add a CRLF when piping the token into ssh-keygen command resulting in verification error. This resolves #21527. --------- Co-authored-by: Heiko Besemann <heiko.besemann@qbeyond.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This commit is contained in:
		
							parent
							
								
									cbf923e87b
								
							
						
					
					
						commit
						52046b934d
					
				| @ -30,10 +30,15 @@ func VerifySSHKey(ctx context.Context, ownerID int64, fingerprint, token, signat | |||||||
| 		return "", ErrKeyNotExist{} | 		return "", ErrKeyNotExist{} | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	if err := sshsig.Verify(bytes.NewBuffer([]byte(token)), []byte(signature), []byte(key.Content), "gitea"); err != nil { | 	err = sshsig.Verify(bytes.NewBuffer([]byte(token)), []byte(signature), []byte(key.Content), "gitea") | ||||||
| 		log.Error("Unable to validate token signature. Error: %v", err) | 	if err != nil { | ||||||
| 		return "", ErrSSHInvalidTokenSignature{ | 		// edge case for Windows based shells that will add CR LF if piped to ssh-keygen command | ||||||
| 			Fingerprint: key.Fingerprint, | 		// see https://github.com/PowerShell/PowerShell/issues/5974 | ||||||
|  | 		if sshsig.Verify(bytes.NewBuffer([]byte(token+"\r\n")), []byte(signature), []byte(key.Content), "gitea") != nil { | ||||||
|  | 			log.Error("Unable to validate token signature. Error: %v", err) | ||||||
|  | 			return "", ErrSSHInvalidTokenSignature{ | ||||||
|  | 				Fingerprint: key.Fingerprint, | ||||||
|  | 			} | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user