Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix empty ssh key importing in ldap #5984

Merged
merged 2 commits into from
Feb 7, 2019
Merged

Fix empty ssh key importing in ldap #5984

merged 2 commits into from
Feb 7, 2019

Conversation

zeripath
Copy link
Contributor

@zeripath zeripath commented Feb 6, 2019

The current implementation assumes that any LDAP will either return a valid SSH public key or none at all. It appears that some LDAPs will simply return "" which will cause an out of bounds in our code.

This code protects the importation of public keys by checking that these can be split in to a space separated string (presumably key type and key content - checked later). If the string provided cannot do this it is ignored.

Many thanks to @silverwind for their excellent bug report.

Fix #5975

@techknowlogick techknowlogick added this to the 1.8.0 milestone Feb 6, 2019
@codecov-io
Copy link

codecov-io commented Feb 6, 2019
edited
Loading

Codecov Report

❗ No coverage uploaded for pull request base (master@44d6a90). Click here to learn what that means.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff            @@
##             master    #5984   +/-   ##
=========================================
  Coverage          ?   38.79%           
=========================================
  Files             ?      330           
  Lines             ?    48731           
  Branches          ?        0           
=========================================
  Hits              ?    18904           
  Misses            ?    27088           
  Partials          ?     2739
Impacted Files Coverage Δ
models/user.go 48.89% <100%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 44d6a90...e7c1d68. Read the comment docs.

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Feb 6, 2019
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Feb 7, 2019
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Feb 7, 2019
@techknowlogick techknowlogick merged commit cc48c12 into go-gitea:master Feb 7, 2019
@techknowlogick
Copy link
Member

@zeripath please backport 😄

zeripath added a commit to zeripath/gitea that referenced this pull request Feb 8, 2019
@zeripath
Fix empty ssh key importing in ldap (go-gitea#5984)
c89d66a
@zeripath zeripath mentioned this pull request Feb 8, 2019
Merged
@zeripath
Copy link
Contributor Author

zeripath commented Feb 8, 2019

I've finally put up the backport as #6009

@zeripath zeripath deleted the issue-5975-fix-LDAP-SSH-problem branch February 8, 2019 23:05
lafriks pushed a commit that referenced this pull request Feb 9, 2019
@zeripath @lafriks
Fix empty ssh key importing in ldap (#5984) (#6009)
b0b574f
@lafriks lafriks added the backport/done All backports for this PR have been created label Feb 9, 2019
@go-gitea go-gitea locked and limited conversation to collaborators Nov 24, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@lafriks lafriks lafriks approved these changes

@lunny lunny lunny approved these changes

Assignees
No one assigned
Labels
backport/done All backports for this PR have been created lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. type/bug
Projects
None yet
Milestone
1.8.0
Development

Successfully merging this pull request may close these issues.

Error "slice bounds out of range" with LDAP SSH keys
6 participants
@zeripath @codecov-io @techknowlogick @lunny @lafriks @GiteaBot