Skip to content

Commit

Permalink
[GITEA] Make atomic ssh keys replacement robust
Browse files Browse the repository at this point in the history
- After stumbling upon golang/go#22397 and
reading the implementations I realized that Forgejo code doesn't have
`Sync()` and it doesn't properly error handle the `Close` function.
- (likely) Resolves https://codeberg.org/forgejo/forgejo/issues/1446

(cherry picked from commit 0efcb33)
(cherry picked from commit 04ef02c)
(cherry picked from commit 85f2065)
(cherry picked from commit 8d36b5c)
(cherry picked from commit 0f406dc)
(cherry picked from commit 347a2e7)
(cherry picked from commit f6c04d6)
(cherry picked from commit cf8b64f)
  • Loading branch information
Gusted authored and earl-warren committed Nov 13, 2023
1 parent a7a7470 commit d6432ca
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 2 deletions.
7 changes: 6 additions & 1 deletion models/asymkey/ssh_key_authorized_keys.go
Original file line number Diff line number Diff line change
Expand Up @@ -169,7 +169,12 @@ func RewriteAllPublicKeys(ctx context.Context) error {
return err
}

t.Close()
if err := t.Sync(); err != nil {
return err
}
if err := t.Close(); err != nil {
return err
}
return util.Rename(tmpPath, fPath)
}

Expand Down
7 changes: 6 additions & 1 deletion models/asymkey/ssh_key_authorized_principals.go
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,12 @@ func RewriteAllPrincipalKeys(ctx context.Context) error {
return err
}

t.Close()
if err := t.Sync(); err != nil {
return err
}
if err := t.Close(); err != nil {
return err
}
return util.Rename(tmpPath, fPath)
}

Expand Down

0 comments on commit d6432ca

Please sign in to comment.