10 yıl önce · aae74c793a
--- a/conf/app.ini
+++ b/conf/app.ini
@@ -83,6 +83,8 @@ ENABLE_NOTIFY_MAIL = false
 
				 ; More detail: https://github.com/gogits/gogs/issues/165
			
 
				 ENABLE_REVERSE_PROXY_AUTHENTICATION = false
			
 
				 ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
			
 
				+; Do not check minimum key size with corresponding type
			
 
				+DISABLE_MINIMUM_KEY_SIZE_CHECK = false
			
 
				 
			
 
				 [webhook]
			
 
				 ; Cron task interval in minutes
			
--- a/models/publickey.go
+++ b/models/publickey.go
@@ -101,17 +101,15 @@ func (key *PublicKey) GetAuthorizedString() string {
 
				 	return fmt.Sprintf(_TPL_PUBLICK_KEY, appPath, key.Id, setting.CustomConf, key.Content)
			
 
				 }
			
 
				 
			
 
				-var (
			
 
				-	MinimumKeySize = map[string]int{
			
 
				-		"(ED25519)": 256,
			
 
				-		"(ECDSA)":   256,
			
 
				-		"(NTRU)":    1087,
			
 
				-		"(MCE)":     1702,
			
 
				-		"(McE)":     1702,
			
 
				-		"(RSA)":     2048,
			
 
				-		"(DSA)":     1024,
			
 
				-	}
			
 
				-)
			
 
				+var minimumKeySizes = map[string]int{
			
 
				+	"(ED25519)": 256,
			
 
				+	"(ECDSA)":   256,
			
 
				+	"(NTRU)":    1087,
			
 
				+	"(MCE)":     1702,
			
 
				+	"(McE)":     1702,
			
 
				+	"(RSA)":     2048,
			
 
				+	"(DSA)":     1024,
			
 
				+}
			
 
				 
			
 
				 func extractTypeFromBase64Key(key string) (string, error) {
			
 
				 	b, err := base64.StdEncoding.DecodeString(key)
			
@@ -228,15 +226,17 @@ func CheckPublicKeyString(content string) (bool, error) {
 
				 	}
			
 
				 
			
 
				 	// Check if key type and key size match.
			
 
				-	keySize := com.StrTo(sshKeygenOutput[0]).MustInt()
			
 
				-	if keySize == 0 {
			
 
				-		return false, errors.New("cannot get key size of the given key")
			
 
				-	}
			
 
				-	keyType := strings.TrimSpace(sshKeygenOutput[len(sshKeygenOutput)-1])
			
 
				-	if minimumKeySize := MinimumKeySize[keyType]; minimumKeySize == 0 {
			
 
				-		return false, errors.New("sorry, unrecognized public key type")
			
 
				-	} else if keySize < minimumKeySize {
			
 
				-		return false, fmt.Errorf("the minimum accepted size of a public key %s is %d", keyType, minimumKeySize)
			
 
				+	if !setting.Service.DisableMinimumKeySizeCheck {
			
 
				+		keySize := com.StrTo(sshKeygenOutput[0]).MustInt()
			
 
				+		if keySize == 0 {
			
 
				+			return false, errors.New("cannot get key size of the given key")
			
 
				+		}
			
 
				+		keyType := strings.TrimSpace(sshKeygenOutput[len(sshKeygenOutput)-1])
			
 
				+		if minimumKeySize := minimumKeySizes[keyType]; minimumKeySize == 0 {
			
 
				+			return false, errors.New("sorry, unrecognized public key type")
			
 
				+		} else if keySize < minimumKeySize {
			
 
				+			return false, fmt.Errorf("the minimum accepted size of a public key %s is %d", keyType, minimumKeySize)
			
 
				+		}
			
 
				 	}
			
 
				 
			
 
				 	return true, nil
			
--- a/modules/bindata/bindata.go
+++ b/modules/bindata/bindata.go
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -339,6 +339,8 @@ func NewConfigContext() {
 
				 }
			
 
				 
			
 
				 var Service struct {
			
 
				+	ActiveCodeLives                int
			
 
				+	ResetPwdCodeLives              int
			
 
				 	RegisterEmailConfirm           bool
			
 
				 	DisableRegistration            bool
			
 
				 	ShowRegistrationButton         bool
			
@@ -347,19 +349,20 @@ var Service struct {
 
				 	EnableNotifyMail               bool
			
 
				 	EnableReverseProxyAuth         bool
			
 
				 	EnableReverseProxyAutoRegister bool
			
 
				-	ActiveCodeLives                int
			
 
				-	ResetPwdCodeLives              int
			
 
				+	DisableMinimumKeySizeCheck     bool
			
 
				 }
			
 
				 
			
 
				 func newService() {
			
 
				-	Service.ActiveCodeLives = Cfg.Section("service").Key("ACTIVE_CODE_LIVE_MINUTES").MustInt(180)
			
 
				-	Service.ResetPwdCodeLives = Cfg.Section("service").Key("RESET_PASSWD_CODE_LIVE_MINUTES").MustInt(180)
			
 
				-	Service.DisableRegistration = Cfg.Section("service").Key("DISABLE_REGISTRATION").MustBool()
			
 
				-	Service.ShowRegistrationButton = Cfg.Section("service").Key("SHOW_REGISTRATION_BUTTON").MustBool(!Service.DisableRegistration)
			
 
				-	Service.RequireSignInView = Cfg.Section("service").Key("REQUIRE_SIGNIN_VIEW").MustBool()
			
 
				-	Service.EnableCacheAvatar = Cfg.Section("service").Key("ENABLE_CACHE_AVATAR").MustBool()
			
 
				-	Service.EnableReverseProxyAuth = Cfg.Section("service").Key("ENABLE_REVERSE_PROXY_AUTHENTICATION").MustBool()
			
 
				-	Service.EnableReverseProxyAutoRegister = Cfg.Section("service").Key("ENABLE_REVERSE_PROXY_AUTO_REGISTRATION").MustBool()
			
 
				+	sec := Cfg.Section("service")
			
 
				+	Service.ActiveCodeLives = sec.Key("ACTIVE_CODE_LIVE_MINUTES").MustInt(180)
			
 
				+	Service.ResetPwdCodeLives = sec.Key("RESET_PASSWD_CODE_LIVE_MINUTES").MustInt(180)
			
 
				+	Service.DisableRegistration = sec.Key("DISABLE_REGISTRATION").MustBool()
			
 
				+	Service.ShowRegistrationButton = sec.Key("SHOW_REGISTRATION_BUTTON").MustBool(!Service.DisableRegistration)
			
 
				+	Service.RequireSignInView = sec.Key("REQUIRE_SIGNIN_VIEW").MustBool()
			
 
				+	Service.EnableCacheAvatar = sec.Key("ENABLE_CACHE_AVATAR").MustBool()
			
 
				+	Service.EnableReverseProxyAuth = sec.Key("ENABLE_REVERSE_PROXY_AUTHENTICATION").MustBool()
			
 
				+	Service.EnableReverseProxyAutoRegister = sec.Key("ENABLE_REVERSE_PROXY_AUTO_REGISTRATION").MustBool()
			
 
				+	Service.DisableRegistration = sec.Key("DISABLE_MINIMUM_KEY_SIZE_CHECK").MustBool()
			
 
				 }
			
 
				 
			
 
				 var logLevels = map[string]string{