Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Retry SSH key verification with additional CRLF if it failed #28392

Merged
merged 11 commits into from
Dec 14, 2023
Merged

Retry SSH key verification with additional CRLF if it failed #28392

merged 11 commits into from
Dec 14, 2023

Conversation

nekrondev
Copy link
Contributor

@nekrondev nekrondev commented Dec 7, 2023
edited
Loading

Windows-based shells will add a CRLF when piping the token into ssh-keygen command resulting in
verification error. This resolves #21527.

fix(asymkey): verify token + CRLF input
b4e31fe 
Window-based shells will add a CRLF when piping the token into
ssh-keygen command resulting in
verification error. This resolves go-gitea#21527.
@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Dec 7, 2023
@pull-request-size pull-request-size bot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Dec 7, 2023
nekrondev and others added 4 commits December 8, 2023 09:10
@nekrondev @wxiaoguang
asymkey: postpone verification for windows CRLF token
d2b4900 
This will reduce  the signature verification call by attempting to check the Windows CRLFed token only if the former check failed.

Co-authored-by: wxiaoguang <[email protected]>
@nekrondev
Merge branch 'main' into fix/sshkey-validation
58427fc
asymkey: reduce clutter for CRLF token check
3c388dd
Merge branch 'fix/sshkey-validation' of https://github.com/nekrondev/…
9a7edc0 
…gitea into fix/sshkey-validation
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Dec 8, 2023
@KN4CK3R
Copy link
Member

KN4CK3R commented Dec 9, 2023

Are we sure we want this workaround in Gitea? The error is produced outside of Gitea just because a tool behaves not as intended.

@delvh delvh changed the title fix(asymkey): verify token + CRLF input Retry SSH key verification with additional CRLF if it failed Dec 9, 2023
@nekrondev
Copy link
Contributor Author

nekrondev commented Dec 9, 2023
edited
Loading

Are we sure we want this workaround in Gitea? The error is produced outside of Gitea just because a tool behaves not as intended.

Yes that's right, it's a Windows Powershell issue that's pending since so many years. However a lot of Windows-based users will run into this issue if they try to verify their key and wonder what's wrong. You can see it at #21527 how many folks struggle with this. Until this issue gets fixed by Powershell the workaround even if GT is not the source of trouble should be implemented but YMMV and it's up for discussion here.

@KN4CK3R
Copy link
Member

KN4CK3R commented Dec 11, 2023

Here is the related PowerShell issue: PowerShell/PowerShell#5974

@lunny
Copy link
Member

lunny commented Dec 12, 2023
edited
Loading

Since the upstream issue existed for about 5 years. Maybe the workaround is valuable. Add a comment and ref to upstream issue link is prefered.

@nekrondev
Copy link
Contributor Author

Since the upstream issue existed for about 5 years. Maybe the workaround is valuable. Add a comment and ref to upstream issue link is prefered.

Hi @lunny I added a comment referencing the Powershell issue.

@wxiaoguang
Copy link
Contributor

wxiaoguang commented Dec 13, 2023
edited
Loading

I can vote my approval if the code is not that compact. I really dislike the long if statements which contain complex expressions and function calls. #28392 (comment)

@pull-request-size pull-request-size bot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Dec 13, 2023
@nekrondev
Copy link
Contributor Author

I can vote my approval if the code is not that compact. I really dislike the long if statements which contain complex expressions and function calls. #28392 (comment)

@wxiaoguang I changed the coding to be more explicit making it easier to read and understand.

@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Dec 13, 2023
@lunny lunny added reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. backport/v1.21 This PR should be backported to Gitea 1.21 labels Dec 14, 2023
@lunny lunny enabled auto-merge (squash) December 14, 2023 02:05
@lunny lunny merged commit 52046b9 into go-gitea:main Dec 14, 2023
25 checks passed
@GiteaBot GiteaBot added this to the 1.22.0 milestone Dec 14, 2023
@GiteaBot GiteaBot mentioned this pull request Dec 14, 2023
Merged
GiteaBot pushed a commit to GiteaBot/gitea that referenced this pull request Dec 14, 2023
@nekrondev @wxiaoguang @GiteaBot
Retry SSH key verification with additional CRLF if it failed (go-gite…
bd96571 
…a#28392)

Windows-based shells will add a CRLF when piping the token into
ssh-keygen command resulting in
verification error. This resolves go-gitea#21527.

---------

Co-authored-by: Heiko Besemann <[email protected]>
Co-authored-by: wxiaoguang <[email protected]>
@GiteaBot GiteaBot added backport/done All backports for this PR have been created and removed reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. labels Dec 14, 2023
zjjhot added a commit to zjjhot/gitea that referenced this pull request Dec 14, 2023
@zjjhot
Merge remote-tracking branch 'upstream/main'
d53d40b 
* upstream/main:
  Retry SSH key verification with additional CRLF if it failed (go-gitea#28392)
wxiaoguang added a commit that referenced this pull request Dec 14, 2023
@GiteaBot @nekrondev @wxiaoguang
Retry SSH key verification with additional CRLF if it failed (#28392) (
b47482d 
…#28464)

Backport #28392 by @nekrondev

Windows-based shells will add a CRLF when piping the token into
ssh-keygen command resulting in
verification error. This resolves #21527.

Co-authored-by: nekrondev <[email protected]>
Co-authored-by: Heiko Besemann <[email protected]>
Co-authored-by: wxiaoguang <[email protected]>
fuxiaohei pushed a commit to fuxiaohei/gitea that referenced this pull request Jan 17, 2024
@nekrondev @wxiaoguang @fuxiaohei
Retry SSH key verification with additional CRLF if it failed (go-gite…
bc035aa 
…a#28392)

Windows-based shells will add a CRLF when piping the token into
ssh-keygen command resulting in
verification error. This resolves go-gitea#21527.

---------

Co-authored-by: Heiko Besemann <[email protected]>
Co-authored-by: wxiaoguang <[email protected]>
silverwind pushed a commit to silverwind/gitea that referenced this pull request Feb 20, 2024
@nekrondev @wxiaoguang @silverwind
Retry SSH key verification with additional CRLF if it failed (go-gite…
d81cc15 
…a#28392)

Windows-based shells will add a CRLF when piping the token into
ssh-keygen command resulting in
verification error. This resolves go-gitea#21527.

---------

Co-authored-by: Heiko Besemann <[email protected]>
Co-authored-by: wxiaoguang <[email protected]>
@go-gitea go-gitea locked as resolved and limited conversation to collaborators Mar 13, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@techknowlogick techknowlogick techknowlogick left review comments

@delvh delvh delvh approved these changes

@wxiaoguang wxiaoguang wxiaoguang approved these changes

Assignees
No one assigned
Labels
backport/done All backports for this PR have been created backport/v1.21 This PR should be backported to Gitea 1.21 lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
1.22.0
Development

Successfully merging this pull request may close these issues.

Command for verifying SSH key doesn't work under Windows
7 participants
@nekrondev @KN4CK3R @lunny @wxiaoguang @techknowlogick @delvh @GiteaBot