Commit 113d2ff5 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

store and display public key fingerprint

parent 05a7e8b9
...@@ -15,6 +15,8 @@ ...@@ -15,6 +15,8 @@
require 'digest/md5' require 'digest/md5'
class Key < ActiveRecord::Base class Key < ActiveRecord::Base
include Gitlab::Popen
belongs_to :user belongs_to :user
attr_accessible :key, :title attr_accessible :key, :title
...@@ -34,16 +36,10 @@ class Key < ActiveRecord::Base ...@@ -34,16 +36,10 @@ class Key < ActiveRecord::Base
def fingerprintable_key def fingerprintable_key
return true unless key # Don't test if there is no key. return true unless key # Don't test if there is no key.
file = Tempfile.new('key_file') unless generate_fingerpint
begin errors.add(:key, "can't be fingerprinted")
file.puts key false
file.rewind
fingerprint_output = `ssh-keygen -lf #{file.path} 2>&1` # Catch stderr.
ensure
file.close
file.unlink # deletes the temp file
end end
errors.add(:key, "can't be fingerprinted") if $?.exitstatus != 0
end end
# projects that has this key # projects that has this key
...@@ -54,4 +50,30 @@ class Key < ActiveRecord::Base ...@@ -54,4 +50,30 @@ class Key < ActiveRecord::Base
def shell_id def shell_id
"key-#{id}" "key-#{id}"
end end
private
def generate_fingerpint
cmd_status = 0
cmd_output = ''
file = Tempfile.new('gitlab_key_file')
begin
file.puts key
file.rewind
cmd_output, cmd_status = popen("ssh-keygen -lf #{file.path}", '/tmp')
ensure
file.close
file.unlink # deletes the temp file
end
if cmd_status.zero?
cmd_output.gsub /([\d\h]{2}:)+[\d\h]{2}/ do |match|
self.fingerprint = match
end
true
else
false
end
end
end end
%li %li
= link_to profile_key_path(key) do = link_to profile_key_path(key) do
%strong= key.title %strong= key.title
%span
(#{key.fingerprint})
%span.cgray %span.cgray
added added
= time_ago_in_words(key.created_at) = time_ago_in_words(key.created_at)
ago ago
= link_to 'Remove', profile_key_path(key), confirm: 'Are you sure?', method: :delete, class: "btn btn-small btn-remove delete-key pull-right"
= link_to 'Remove', profile_key_path(key), confirm: 'Are you sure?', method: :delete, class: "btn btn-small btn-remove delete-key pull-right"
...@@ -12,6 +12,9 @@ ...@@ -12,6 +12,9 @@
%strong= @key.created_at.stamp("Aug 21, 2011") %strong= @key.created_at.stamp("Aug 21, 2011")
.span8 .span8
%p
%span.light Fingerprint:
%strong= @key.fingerprint
%pre.well-pre %pre.well-pre
= @key.key = @key.key
......
class AddFingerprintToKey < ActiveRecord::Migration
def change
add_column :keys, :fingerprint, :string
remove_column :keys, :identifier
end
end
...@@ -11,7 +11,7 @@ ...@@ -11,7 +11,7 @@
# #
# It's strongly recommended to check this file into your version control system. # It's strongly recommended to check this file into your version control system.
ActiveRecord::Schema.define(:version => 20130622115340) do ActiveRecord::Schema.define(:version => 20130624162710) do
create_table "deploy_keys_projects", :force => true do |t| create_table "deploy_keys_projects", :force => true do |t|
t.integer "deploy_key_id", :null => false t.integer "deploy_key_id", :null => false
...@@ -77,11 +77,10 @@ ActiveRecord::Schema.define(:version => 20130622115340) do ...@@ -77,11 +77,10 @@ ActiveRecord::Schema.define(:version => 20130622115340) do
t.datetime "updated_at" t.datetime "updated_at"
t.text "key" t.text "key"
t.string "title" t.string "title"
t.string "identifier"
t.string "type" t.string "type"
t.string "fingerprint"
end end
add_index "keys", ["identifier"], :name => "index_keys_on_identifier"
add_index "keys", ["user_id"], :name => "index_keys_on_user_id" add_index "keys", ["user_id"], :name => "index_keys_on_user_id"
create_table "merge_requests", :force => true do |t| create_table "merge_requests", :force => true do |t|
......
desc "GITLAB | Migrate SSH Keys"
task migrate_keys: :environment do
puts "This will add fingerprint to ssh keys in db"
ask_to_continue
Key.find_each(batch_size: 20) do |key|
if key.valid? && key.save
print '.'
else
print 'F'
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment