diff options
Diffstat (limited to 'plumbing/transport/ssh/auth_method.go')
| -rw-r--r-- | plumbing/transport/ssh/auth_method.go | 69 |
1 files changed, 46 insertions, 23 deletions
diff --git a/plumbing/transport/ssh/auth_method.go b/plumbing/transport/ssh/auth_method.go index 82e3453..ad92ee1 100644 --- a/plumbing/transport/ssh/auth_method.go +++ b/plumbing/transport/ssh/auth_method.go @@ -3,6 +3,7 @@ package ssh import ( "errors" "fmt" + "io/ioutil" "net" "os" "os/user" @@ -13,6 +14,8 @@ import ( "golang.org/x/crypto/ssh/agent" ) +const DefaultUsername = "git" + var ErrEmptySSHAgentAddr = errors.New("SSH_AUTH_SOCK env variable is required") // AuthMethod is the interface all auth methods for the ssh client @@ -102,14 +105,35 @@ func (a *PasswordCallback) clientConfig() *ssh.ClientConfig { } } -// PublicKeys implements AuthMethod by using the given -// key pairs. +// PublicKeys implements AuthMethod by using the given key pairs. type PublicKeys struct { User string Signer ssh.Signer baseAuthMethod } +// NewPublicKeys returns a PublicKeys from a PEM encoded private key. It +// supports RSA (PKCS#1), DSA (OpenSSL), and ECDSA private keys. +func NewPublicKeys(user string, pemBytes []byte) (AuthMethod, error) { + signer, err := ssh.ParsePrivateKey(pemBytes) + if err != nil { + return nil, err + } + + return &PublicKeys{User: user, Signer: signer}, nil +} + +// NewPublicKeysFromFile returns a PublicKeys from a file containing a PEM +// encoded private key. +func NewPublicKeysFromFile(user string, pemFile string) (AuthMethod, error) { + bytes, err := ioutil.ReadFile(pemFile) + if err != nil { + return nil, err + } + + return NewPublicKeys(user, bytes) +} + func (a *PublicKeys) Name() string { return PublicKeysName } @@ -133,28 +157,12 @@ type PublicKeysCallback struct { baseAuthMethod } -func (a *PublicKeysCallback) Name() string { - return PublicKeysCallbackName -} - -func (a *PublicKeysCallback) String() string { - return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) -} - -func (a *PublicKeysCallback) clientConfig() *ssh.ClientConfig { - return &ssh.ClientConfig{ - User: a.User, - Auth: []ssh.AuthMethod{ssh.PublicKeysCallback(a.Callback)}, - } -} - -const DefaultSSHUsername = "git" - -// NewSSHAgentAuth opens a pipe with the SSH agent and uses the pipe -// as the implementer of the public key callback function. -func NewSSHAgentAuth(user string) (*PublicKeysCallback, error) { +// NewSSHAgentAuth returns a PublicKeysCallback based on a SSH agent, it opens +// a pipe with the SSH agent and uses the pipe as the implementer of the public +// key callback function. +func NewSSHAgentAuth(user string) (AuthMethod, error) { if user == "" { - user = DefaultSSHUsername + user = DefaultUsername } sshAgentAddr := os.Getenv("SSH_AUTH_SOCK") @@ -173,6 +181,21 @@ func NewSSHAgentAuth(user string) (*PublicKeysCallback, error) { }, nil } +func (a *PublicKeysCallback) Name() string { + return PublicKeysCallbackName +} + +func (a *PublicKeysCallback) String() string { + return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) +} + +func (a *PublicKeysCallback) clientConfig() *ssh.ClientConfig { + return &ssh.ClientConfig{ + User: a.User, + Auth: []ssh.AuthMethod{ssh.PublicKeysCallback(a.Callback)}, + } +} + // NewKnownHostsCallback returns ssh.HostKeyCallback based on a file based on a // know_hosts file. http://man.openbsd.org/sshd#SSH_KNOWN_HOSTS_FILE_FORMAT // |