Store keys in standard format; query with fingerprint not public key
This commit is contained in:
parent
b563f13d09
commit
a9364061c1
|
@ -27,7 +27,7 @@ class SSHKeyController extends ClientApiController
|
|||
{
|
||||
$model = $request->user()->sshKeys()->create([
|
||||
'name' => $request->input('name'),
|
||||
'public_key' => $request->input('public_key'),
|
||||
'public_key' => $request->getPublicKey(),
|
||||
'fingerprint' => $request->getKeyFingerprint(),
|
||||
]);
|
||||
|
||||
|
|
|
@ -7,7 +7,9 @@ use Illuminate\Http\Request;
|
|||
use Pterodactyl\Models\Server;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use Pterodactyl\Models\Permission;
|
||||
use phpseclib3\Crypt\PublicKeyLoader;
|
||||
use Pterodactyl\Http\Controllers\Controller;
|
||||
use phpseclib3\Exception\NoKeyLoadedException;
|
||||
use Illuminate\Foundation\Auth\ThrottlesLogins;
|
||||
use Pterodactyl\Exceptions\Http\HttpForbiddenException;
|
||||
use Pterodactyl\Services\Servers\GetUserPermissionsService;
|
||||
|
@ -52,7 +54,14 @@ class SftpAuthenticationController extends Controller
|
|||
$this->reject($request);
|
||||
}
|
||||
} else {
|
||||
if (!$user->sshKeys()->where('public_key', trim($request->input('password')))->exists()) {
|
||||
$key = null;
|
||||
try {
|
||||
$key = PublicKeyLoader::loadPublicKey(trim($request->input('password')));
|
||||
} catch (NoKeyLoadedException $exception) {
|
||||
// do nothing
|
||||
}
|
||||
|
||||
if (!$key || !$user->sshKeys()->where('fingerprint', $key->getFingerprint('sha256'))->exists()) {
|
||||
$this->reject($request, false);
|
||||
}
|
||||
}
|
||||
|
@ -61,7 +70,6 @@ class SftpAuthenticationController extends Controller
|
|||
|
||||
return new JsonResponse([
|
||||
'server' => $server->uuid,
|
||||
'public_keys' => $user->sshKeys->map(fn ($value) => $value->public_key)->toArray(),
|
||||
'permissions' => $permissions ?? ['*'],
|
||||
]);
|
||||
}
|
||||
|
|
|
@ -57,6 +57,14 @@ class StoreSSHKeyRequest extends ClientApiRequest
|
|||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the public key but formatted in a consistent manner.
|
||||
*/
|
||||
public function getPublicKey(): string
|
||||
{
|
||||
return $this->key->toString('PKCS8');
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the SHA256 fingerprint of the key provided.
|
||||
*/
|
||||
|
|
Loading…
Reference in New Issue