diff options
author | Rémy Coutable <remy@rymai.me> | 2017-02-22 19:06:19 +0100 |
---|---|---|
committer | Rémy Coutable <remy@rymai.me> | 2017-02-23 10:36:49 +0100 |
commit | 03ab9193bedbbb300d1e828677c7f91797d0d62c (patch) | |
tree | f634a4f12c99728b7d2bb2b6e7f5a8ad3e9e0cc8 | |
parent | c16228b5f217ead1ad9c2b6a4b3c1c9aa2e6e7e9 (diff) | |
download | gitlab-ce-03ab9193bedbbb300d1e828677c7f91797d0d62c.tar.gz |
Generate SSH key fingerprint without shelling out
Signed-off-by: Rémy Coutable <remy@rymai.me>
-rw-r--r-- | lib/gitlab/ssh_public_key.rb | 23 | ||||
-rw-r--r-- | spec/lib/gitlab/ssh_public_key_spec.rb | 22 |
2 files changed, 20 insertions, 25 deletions
diff --git a/lib/gitlab/ssh_public_key.rb b/lib/gitlab/ssh_public_key.rb index 76087912913..e176e34ee75 100644 --- a/lib/gitlab/ssh_public_key.rb +++ b/lib/gitlab/ssh_public_key.rb @@ -68,28 +68,7 @@ module Gitlab end def fingerprint - cmd_status = 0 - cmd_output = '' - - Tempfile.open('gitlab_key_file') do |file| - file.puts key_text - file.rewind - - cmd = [] - cmd.push('ssh-keygen') - cmd.push('-E', 'md5') if explicit_fingerprint_algorithm? - cmd.push('-lf', file.path) - - cmd_output, cmd_status = popen(cmd, '/tmp') - end - - return nil unless cmd_status.zero? - - # 16 hex bytes separated by ':', optionally starting with "MD5:" - fingerprint_matches = cmd_output.match(/(MD5:)?(?<fingerprint>(\h{2}:){15}\h{2})/) - return nil unless fingerprint_matches - - fingerprint_matches[:fingerprint] + @fingerprint ||= key&.fingerprint end private diff --git a/spec/lib/gitlab/ssh_public_key_spec.rb b/spec/lib/gitlab/ssh_public_key_spec.rb index cd55102f4a4..65a4c56df44 100644 --- a/spec/lib/gitlab/ssh_public_key_spec.rb +++ b/spec/lib/gitlab/ssh_public_key_spec.rb @@ -109,10 +109,26 @@ describe Gitlab::SSHPublicKey, lib: true do end describe '#fingerprint' do - let(:fingerprint) { '3f:a2:ee:de:b5:de:53:c3:aa:2f:9c:45:24:4c:47:7b' } + context 'for a RSA key' do + it "generates the key's fingerprint" do + expect(public_key.fingerprint).to eq('2e:ca:dc:e0:37:29:ed:fc:f0:1d:bf:66:d4:cd:51:b1') + end + end - it "generates the key's fingerprint" do - expect(public_key.fingerprint).to eq(fingerprint) + context 'for a ECDSA key' do + let(:key) { attributes_for(:ecdsa_key_256)[:key] } + + it "generates the key's fingerprint" do + expect(public_key.fingerprint).to eq('67:a3:a9:7d:b8:e1:15:d4:80:40:21:34:bb:ed:97:38') + end + end + + context 'for a DSA key' do + let(:key) { attributes_for(:dsa_key_2048)[:key] } + + it "generates the key's fingerprint" do + expect(public_key.fingerprint).to eq('bc:c1:a4:be:7e:8c:84:56:b3:58:93:53:c6:80:78:8c') + end end end end |