diff options
author | Rémy Coutable <remy@rymai.me> | 2017-02-22 18:58:54 +0100 |
---|---|---|
committer | Rémy Coutable <remy@rymai.me> | 2017-02-23 10:36:13 +0100 |
commit | 3e3198b87d7dbd2adf71bdb5135ce878840f6c30 (patch) | |
tree | 3c1ae6e5e62149d5c6bf846eb096e28f3adb4b46 | |
parent | b58e2b519ab691c07e8f8f0e480609e4fda87014 (diff) | |
download | gitlab-ce-3e3198b87d7dbd2adf71bdb5135ce878840f6c30.tar.gz |
Increase default minimum RSA key length to 2048 bits
Signed-off-by: Rémy Coutable <remy@rymai.me>
-rw-r--r-- | app/models/application_setting.rb | 2 | ||||
-rw-r--r-- | db/migrate/20161020180657_add_minimum_key_length_to_application_settings.rb | 2 | ||||
-rw-r--r-- | db/schema.rb | 2 | ||||
-rw-r--r-- | spec/factories/keys.rb | 4 | ||||
-rw-r--r-- | spec/lib/gitlab/ssh_public_key_spec.rb | 2 | ||||
-rw-r--r-- | spec/models/key_spec.rb | 4 |
6 files changed, 8 insertions, 8 deletions
diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb index b10283464d3..1818e724944 100644 --- a/app/models/application_setting.rb +++ b/app/models/application_setting.rb @@ -207,7 +207,7 @@ class ApplicationSetting < ActiveRecord::Base max_artifacts_size: Settings.artifacts['max_size'], max_attachment_size: Settings.gitlab['max_attachment_size'], minimum_ecdsa_bits: 256, - minimum_rsa_bits: 1024, + minimum_rsa_bits: 2048, plantuml_enabled: false, plantuml_url: nil, recaptcha_enabled: false, diff --git a/db/migrate/20161020180657_add_minimum_key_length_to_application_settings.rb b/db/migrate/20161020180657_add_minimum_key_length_to_application_settings.rb index 327e260484e..a7b12501e28 100644 --- a/db/migrate/20161020180657_add_minimum_key_length_to_application_settings.rb +++ b/db/migrate/20161020180657_add_minimum_key_length_to_application_settings.rb @@ -7,7 +7,7 @@ class AddMinimumKeyLengthToApplicationSettings < ActiveRecord::Migration disable_ddl_transaction! def up - add_column_with_default :application_settings, :minimum_rsa_bits, :integer, default: 1024 + add_column_with_default :application_settings, :minimum_rsa_bits, :integer, default: 2048 add_column_with_default :application_settings, :minimum_ecdsa_bits, :integer, default: 256 add_column_with_default :application_settings, :allowed_key_types, :string, default: %w[rsa dsa ecdsa].to_yaml end diff --git a/db/schema.rb b/db/schema.rb index d39ca120dd2..60d5ce5e31b 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -98,9 +98,9 @@ ActiveRecord::Schema.define(version: 20170215200045) do t.text "help_page_text_html" t.text "shared_runners_text_html" t.text "after_sign_up_text_html" - t.integer "minimum_rsa_bits", default: 1024, null: false t.integer "minimum_ecdsa_bits", default: 256, null: false t.string "allowed_key_types", default: "---\n- rsa\n- dsa\n- ecdsa\n", null: false + t.integer "minimum_rsa_bits", default: 2048, null: false t.boolean "housekeeping_enabled", default: true, null: false t.boolean "housekeeping_bitmaps_enabled", default: true, null: false t.integer "housekeeping_incremental_repack_period", default: 10, null: false diff --git a/spec/factories/keys.rb b/spec/factories/keys.rb index 958eb04df7d..b8d3c26127d 100644 --- a/spec/factories/keys.rb +++ b/spec/factories/keys.rb @@ -1,8 +1,8 @@ FactoryGirl.define do - factory :key do + factory :key, aliases: [:rsa_key_2048] do title key do - 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAiPWx6WM4lhHNedGfBpPJNPpZ7yKu+dnn1SJejgt4596k6YjzGGphH2TUxwKzxcKDKKezwkpfnxPkSMkuEspGRt/aZZ9wa++Oi7Qkr8prgHc4soW6NUlfDzpvZK2H5E7eQaSeP3SAwGmQKUFHCddNaP0L+hM7zhFNzjFvpaMgJw0= dummy@gitlab.com' + 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFf6RYK3qu/RKF/3ndJmL5xgMLp3O96x8lTay+QGZ0+9FnnAXMdUqBq/ZU6d/gyMB4IaW3nHzM1w049++yAB6UPCzMB8Uo27K5/jyZCtj7Vm9PFNjF/8am1kp46c/SeYicQgQaSBdzIW3UDEa1Ef68qroOlvpi9PYZ/tA7M0YP0K5PXX+E36zaIRnJVMPT3f2k+GnrxtjafZrwFdpOP/Fol5BQLBgcsyiU+LM1SuaCrzd8c9vyaTA1CxrkxaZh+buAi0PmdDtaDrHd42gqZkXCKavyvgM5o2CkQ5LJHCgzpXy05qNFzmThBSkb+XtoxbyagBiGbVZtSVow6Xa7qewz= dummy@gitlab.com' end factory :deploy_key, class: 'DeployKey' do diff --git a/spec/lib/gitlab/ssh_public_key_spec.rb b/spec/lib/gitlab/ssh_public_key_spec.rb index 092ca1962a3..61e6ef85a87 100644 --- a/spec/lib/gitlab/ssh_public_key_spec.rb +++ b/spec/lib/gitlab/ssh_public_key_spec.rb @@ -1,7 +1,7 @@ require 'spec_helper' describe Gitlab::SSHPublicKey, lib: true do - let(:key) { attributes_for(:key)[:key] } + let(:key) { attributes_for(:rsa_key_2048)[:key] } let(:public_key) { described_class.new(key) } describe '.technology_names' do diff --git a/spec/models/key_spec.rb b/spec/models/key_spec.rb index f461b3ba49d..f0d4480d944 100644 --- a/spec/models/key_spec.rb +++ b/spec/models/key_spec.rb @@ -21,7 +21,7 @@ describe Key, models: true do it { is_expected.to validate_length_of(:key).is_at_most(5000) } it { is_expected.to allow_value(attributes_for(:dsa_key)[:key]).for(:key) } it { is_expected.to allow_value(attributes_for(:ecdsa_key)[:key]).for(:key) } - it { is_expected.to allow_value(attributes_for(:key)[:key]).for(:key) } + it { is_expected.to allow_value(attributes_for(:rsa_key_2048)[:key]).for(:key) } it { is_expected.not_to allow_value('foo-bar').for(:key) } end @@ -120,7 +120,7 @@ describe Key, models: true do end it 'rejects a RSA key below minimum bit length' do - stub_application_setting(minimum_rsa_bits: 2048) + stub_application_setting(minimum_rsa_bits: 4096) expect(build(:key)).not_to be_valid end |