#1133 add config option [service] DISABLE_MINIMUM_KEY_SIZE_CHECK

conf/app.ini

@@ -83,6 +83,8 @@ ENABLE_NOTIFY_MAIL = false
 ; More detail: https://github.com/gogits/gogs/issues/165
 ENABLE_REVERSE_PROXY_AUTHENTICATION = false
 ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
+; Do not check minimum key size with corresponding type
+DISABLE_MINIMUM_KEY_SIZE_CHECK = false
 
 [webhook]
 ; Cron task interval in minutes

models/publickey.go

@@ -101,17 +101,15 @@ func (key *PublicKey) GetAuthorizedString() string {
 	return fmt.Sprintf(_TPL_PUBLICK_KEY, appPath, key.Id, setting.CustomConf, key.Content)
 }
 
-var (
-	MinimumKeySize = map[string]int{
-		"(ED25519)": 256,
-		"(ECDSA)":   256,
-		"(NTRU)":    1087,
-		"(MCE)":     1702,
-		"(McE)":     1702,
-		"(RSA)":     2048,
-		"(DSA)":     1024,
-	}
-)
+var minimumKeySizes = map[string]int{
+	"(ED25519)": 256,
+	"(ECDSA)":   256,
+	"(NTRU)":    1087,
+	"(MCE)":     1702,
+	"(McE)":     1702,
+	"(RSA)":     2048,
+	"(DSA)":     1024,
+}
 
 func extractTypeFromBase64Key(key string) (string, error) {
 	b, err := base64.StdEncoding.DecodeString(key)
@@ -228,15 +226,17 @@ func CheckPublicKeyString(content string) (bool, error) {
 	}
 
 	// Check if key type and key size match.
-	keySize := com.StrTo(sshKeygenOutput[0]).MustInt()
-	if keySize == 0 {
-		return false, errors.New("cannot get key size of the given key")
-	}
-	keyType := strings.TrimSpace(sshKeygenOutput[len(sshKeygenOutput)-1])
-	if minimumKeySize := MinimumKeySize[keyType]; minimumKeySize == 0 {
-		return false, errors.New("sorry, unrecognized public key type")
-	} else if keySize < minimumKeySize {
-		return false, fmt.Errorf("the minimum accepted size of a public key %s is %d", keyType, minimumKeySize)
+	if !setting.Service.DisableMinimumKeySizeCheck {
+		keySize := com.StrTo(sshKeygenOutput[0]).MustInt()
+		if keySize == 0 {
+			return false, errors.New("cannot get key size of the given key")
+		}
+		keyType := strings.TrimSpace(sshKeygenOutput[len(sshKeygenOutput)-1])
+		if minimumKeySize := minimumKeySizes[keyType]; minimumKeySize == 0 {
+			return false, errors.New("sorry, unrecognized public key type")
+		} else if keySize < minimumKeySize {
+			return false, fmt.Errorf("the minimum accepted size of a public key %s is %d", keyType, minimumKeySize)
+		}
 	}
 
 	return true, nil

modules/setting/setting.go

@@ -339,6 +339,8 @@ func NewConfigContext() {
 }
 
 var Service struct {
+	ActiveCodeLives                int
+	ResetPwdCodeLives              int
 	RegisterEmailConfirm           bool
 	DisableRegistration            bool
 	ShowRegistrationButton         bool
@@ -347,19 +349,20 @@ var Service struct {
 	EnableNotifyMail               bool
 	EnableReverseProxyAuth         bool
 	EnableReverseProxyAutoRegister bool
-	ActiveCodeLives                int
-	ResetPwdCodeLives              int
+	DisableMinimumKeySizeCheck     bool
 }
 
 func newService() {
-	Service.ActiveCodeLives = Cfg.Section("service").Key("ACTIVE_CODE_LIVE_MINUTES").MustInt(180)
-	Service.ResetPwdCodeLives = Cfg.Section("service").Key("RESET_PASSWD_CODE_LIVE_MINUTES").MustInt(180)
-	Service.DisableRegistration = Cfg.Section("service").Key("DISABLE_REGISTRATION").MustBool()
-	Service.ShowRegistrationButton = Cfg.Section("service").Key("SHOW_REGISTRATION_BUTTON").MustBool(!Service.DisableRegistration)
-	Service.RequireSignInView = Cfg.Section("service").Key("REQUIRE_SIGNIN_VIEW").MustBool()
-	Service.EnableCacheAvatar = Cfg.Section("service").Key("ENABLE_CACHE_AVATAR").MustBool()
-	Service.EnableReverseProxyAuth = Cfg.Section("service").Key("ENABLE_REVERSE_PROXY_AUTHENTICATION").MustBool()
-	Service.EnableReverseProxyAutoRegister = Cfg.Section("service").Key("ENABLE_REVERSE_PROXY_AUTO_REGISTRATION").MustBool()
+	sec := Cfg.Section("service")
+	Service.ActiveCodeLives = sec.Key("ACTIVE_CODE_LIVE_MINUTES").MustInt(180)
+	Service.ResetPwdCodeLives = sec.Key("RESET_PASSWD_CODE_LIVE_MINUTES").MustInt(180)
+	Service.DisableRegistration = sec.Key("DISABLE_REGISTRATION").MustBool()
+	Service.ShowRegistrationButton = sec.Key("SHOW_REGISTRATION_BUTTON").MustBool(!Service.DisableRegistration)
+	Service.RequireSignInView = sec.Key("REQUIRE_SIGNIN_VIEW").MustBool()
+	Service.EnableCacheAvatar = sec.Key("ENABLE_CACHE_AVATAR").MustBool()
+	Service.EnableReverseProxyAuth = sec.Key("ENABLE_REVERSE_PROXY_AUTHENTICATION").MustBool()
+	Service.EnableReverseProxyAutoRegister = sec.Key("ENABLE_REVERSE_PROXY_AUTO_REGISTRATION").MustBool()
+	Service.DisableRegistration = sec.Key("DISABLE_MINIMUM_KEY_SIZE_CHECK").MustBool()
 }
 
 var logLevels = map[string]string{