+2

go.mod

reviewed

··· 301 301 replace github.com/mholt/archiver/v3 => code.forgejo.org/forgejo/archiver/v3 v3.5.1 302 302 303 303 replace github.com/goccy/go-json => github.com/grafana/go-json v0.0.0-20241210211703-a119ee5a0a3b 304 304 + 305 305 + replace github.com/gliderlabs/ssh => code.forgejo.org/forgejo/ssh v0.0.0-20241211213324-5fc306ca0616

+2 -2

go.sum

reviewed

··· 10 10 code.forgejo.org/forgejo/archiver/v3 v3.5.1/go.mod h1:e3dqJ7H78uzsRSEACH1joayhuSyhnonssnDhppzS1L4= 11 11 code.forgejo.org/forgejo/reply v1.0.2 h1:dMhQCHV6/O3L5CLWNTol+dNzDAuyCK88z4J/lCdgFuQ= 12 12 code.forgejo.org/forgejo/reply v1.0.2/go.mod h1:RyZUfzQLc+fuLIGjTSQWDAJWPiL4WtKXB/FifT5fM7U= 13 13 + code.forgejo.org/forgejo/ssh v0.0.0-20241211213324-5fc306ca0616 h1:kEZL84+02jY9RxXM4zHBWZ3Fml0B09cmP1LGkDsCfIA= 14 14 + code.forgejo.org/forgejo/ssh v0.0.0-20241211213324-5fc306ca0616/go.mod h1:zpHEXBstFnQYtGnB8k8kQLol82umzn/2/snG7alWVD8= 13 15 code.forgejo.org/go-chi/binding v1.0.0 h1:EIDJtk9brK7WsT7rvS/D4cxX8XlnhY3LMy8ex1jeHu0= 14 16 code.forgejo.org/go-chi/binding v1.0.0/go.mod h1:fWwqaHj0H1/KeCpBqdvKunflq8pYfciEHI5v3UUeE2E= 15 17 code.forgejo.org/go-chi/cache v1.0.0 h1:akLfGxNlHcacmtutovNtYFSTMsbdcp5MGjAEsP4pxnE= ··· 225 227 github.com/fsnotify/fsnotify v1.8.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= 226 228 github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= 227 229 github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= 228 228 - github.com/gliderlabs/ssh v0.3.7 h1:iV3Bqi942d9huXnzEF2Mt+CY9gLu8DNM4Obd+8bODRE= 229 229 - github.com/gliderlabs/ssh v0.3.7/go.mod h1:zpHEXBstFnQYtGnB8k8kQLol82umzn/2/snG7alWVD8= 230 230 github.com/go-ap/activitypub v0.0.0-20231114162308-e219254dc5c9 h1:j2TrkUG/NATGi/EQS+MvEoF79CxiRUmT16ErFroNcKI= 231 231 github.com/go-ap/activitypub v0.0.0-20231114162308-e219254dc5c9/go.mod h1:cJ9Ye0ZNSMN7RzZDBRY3E+8M3Bpf/R1JX22Ir9yX6WI= 232 232 github.com/go-ap/errors v0.0.0-20231003111023-183eef4b31b7 h1:I2nuhyVI/48VXoRCCZR2hYBgnSXa+EuDJf/VyX06TC0=

+9 -8

modules/ssh/ssh.go

reviewed

··· 11 11 "crypto/x509" 12 12 "encoding/pem" 13 13 "errors" 14 14 - "fmt" 15 14 "io" 16 15 "net" 17 16 "os" ··· 32 31 "github.com/gliderlabs/ssh" 33 32 gossh "golang.org/x/crypto/ssh" 34 33 ) 35 35 - 36 36 - type contextKey string 37 37 - 38 38 - const giteaKeyID = contextKey("gitea-key-id") 39 34 40 35 func getExitStatusFromError(err error) int { 41 36 if err == nil { ··· 62 57 } 63 58 64 59 func sessionHandler(session ssh.Session) { 65 65 - keyID := fmt.Sprintf("%d", session.Context().Value(giteaKeyID).(int64)) 60 60 + keyID := session.ConnPermissions().Extensions["forgejo-key-id"] 66 61 67 62 command := session.RawCommand() 68 63 ··· 238 233 if log.IsDebug() { // <- FingerprintSHA256 is kinda expensive so only calculate it if necessary 239 234 log.Debug("Successfully authenticated: %s Certificate Fingerprint: %s Principal: %s", ctx.RemoteAddr(), gossh.FingerprintSHA256(key), principal) 240 235 } 241 241 - ctx.SetValue(giteaKeyID, pkey.ID) 236 236 + if ctx.Permissions().Extensions == nil { 237 237 + ctx.Permissions().Extensions = map[string]string{} 238 238 + } 239 239 + ctx.Permissions().Extensions["forgejo-key-id"] = strconv.FormatInt(pkey.ID, 10) 242 240 243 241 return true 244 242 } ··· 266 264 if log.IsDebug() { // <- FingerprintSHA256 is kinda expensive so only calculate it if necessary 267 265 log.Debug("Successfully authenticated: %s Public Key Fingerprint: %s", ctx.RemoteAddr(), gossh.FingerprintSHA256(key)) 268 266 } 269 269 - ctx.SetValue(giteaKeyID, pkey.ID) 267 267 + if ctx.Permissions().Extensions == nil { 268 268 + ctx.Permissions().Extensions = map[string]string{} 269 269 + } 270 270 + ctx.Permissions().Extensions["forgejo-key-id"] = strconv.FormatInt(pkey.ID, 10) 270 271 271 272 return true 272 273 }