Feature/fix 20 #21
Feature/fix 20 #21
Conversation
|
@dainnilsson @elibon99 could you please have a look on the proposed bug fixes? We want to introduce this into our development flow but those bugs are currently showstoppers. |
|
Hi @mirisbowring! We are happy to hear that you are interested in incorporating GitBark into your development workflow. Thank you for your detailed feedback and proposed changes. Here are my thoughts on your suggestions:
Nice catch! Your suggestion with
The reason for why you are experiencing the above issues (2 & 3) is because we require SSH public keys to adhere to the format used in the ALLOWED SIGNERS file. In the context of GitBark, this means that a SSH public key file must contain the following space-separated fields: principals (comma-separated list of authorized email addresses), options (optional), keytype, base64-encoded key. This is why we read the first part of the public key file as the list of authorized emails: gitbark-core/bark_core/signatures.py Line 324 in 6bb3f2d We understand that this requirement is not well-documented, and we appreciate your effort in identifying this problem. GitBark is still a work in progress, and we are continually striving to improve it as time allows. As you've already discovered, parsing an SSH public key from an identifier given by |
|
Ah, that makes sense. In this case, wouldn't it make more sense to parse the gitconfig for the authorized_signers file (if configured)? |
I understand your point. However, when parsing a public key from The |
|
I think, having pubkey files per user is not a bad idea for the following reasons:
For the initial import of public Keys it would be great if the user can select which public keys from authorized_signers he wants to include :)
Probably there is a need for an additional function that gets called if the key is read from gitconfig and else the default behaviour steps in? |
Yes! A simple way to accomplish this would be to parse the keytype and the base64-encoded key from the public key file pointed to by |
Additionally this commit introduces a mechanism to check if the configured signing key is an ssh key. If true it creates a tmp pubkey file that contains the user.email and user.signingKey from .gitconfig to form a pubkey with a valid format according to authorized_signers file.
|
Ok, I reverted the initial changes with the index of the email for the public ssh keys. Additionally i modified the After adding the key, this temporary pubkey file gets deleted again. |
|
@elibon99 any chance this gets merged soon? 😊 |
bark_core/signatures.py
Outdated
| @@ -385,6 +387,17 @@ def get_authorized_pubkeys( | |||
|
|
|||
| def get_pubkey_from_git() -> Optional[Pubkey]: | |||
| identifier = cmd("git", "config", "user.signingKey", check=False)[0] | |||
| gpg_format = cmd("git", "config", "gpg.format", check=False)[0] | |||
| # check if signingKey is ssh | |||
| if gpg_format and gpg_format == "ssh": | |||
There was a problem hiding this comment.
There's no need to parse and check gpg_format if identifier is None. I think it would be better to get gpg_format and perform the check here: https://github.com/YubicoLabs/gitbark-core/pull/21/files#diff-398bcc9bee5bed4a56368526a8c80e787bbbc105bb6b064fd6d7339b54413a3fR401.
bark_core/signatures.py
Outdated
| identifier = os.path.expanduser(identifier) # expand path if relative | ||
| with open(identifier, 'r') as file: # read public key | ||
| pubkey = file.read() | ||
| pubkey_tmp = f"{email} {pubkey}" # join email & pubkey to create correct format |
There was a problem hiding this comment.
Instead of creating a temporary file with the correct format, we could return an SshKey object directly: SshKey(f"{email} ".encode() + pubkey.read()).
There was a problem hiding this comment.
This is an awesome idea! Will try it if i have some free time.
|
Hi @elibon99 finally, i had time to implement the proposed changes! |
bark_core/signatures.py
Outdated
| if gpg_format and gpg_format == "ssh": | ||
| email = cmd("git", "config", "user.email", check=False)[0] | ||
| identifier = os.path.expanduser(identifier) # expand path if relative | ||
| with open(identifier, 'r') as file: # read public key |
There was a problem hiding this comment.
Change file reading mode from 'r' to 'rb'.
There was a problem hiding this comment.
You will have to remove pubkey.encode(), since pubkey is now already in bytes.
|
Thanks for your contribution! This has now been merged. |
Hi,
i debugged this plugin and found 2 errors that lead to #20 .
1. Relative Paths
gitbark-core/bark_core/signatures.py
Line 355 in 6bb3f2d
Since this plugin reads a possible public key from
gitconfig, this line resulted in an Error:To fix this issue I propose to use
os.path.expanduserto fix this common mistake:https://github.com/mirisbowring/gitbark-core/blob/d30c7ed2fcd6c0d172f4f7cd7af6433ef3553398/bark_core/signatures.py#L356
2. False starting index
During the
__init__of theSshKeyyou are splitting the read public key to extract the type and the key itself. But during the while iteration you start at 1 instead of 0 which results in an infinite loop until python reaches an out of index sincei > len(parts)is never catched.My proposed fix: Start with index 0
https://github.com/mirisbowring/gitbark-core/blob/d30c7ed2fcd6c0d172f4f7cd7af6433ef3553398/bark_core/signatures.py#L325
3. SSH comment interpreted as mail
While testing the
bark verifyi experienced a behaviour, that ssh signatures (though they are valid) are marked as invalid (without a reason). I did a deep dive into the code and discovered the following problem:gitbark-core/bark_core/signatures.py
Line 324 in 6bb3f2d
The line above ready the first part of the public key as email which will NEVER work since the first part of the public key is always the keyspec like
ssh_ed25519. Therefor, the mail Validation in L342 will always fail:gitbark-core/bark_core/signatures.py
Line 342 in 6bb3f2d
To fix this issue, i set the index of the
partslist to 2 (remember the format: keyspec_pubkey_comment):https://github.com/mirisbowring/gitbark-core/blob/433326c1f1d256260047afa821fdafd7b731d312/bark_core/signatures.py#L324