Refactor SSH init code, fix directory creation for TrustedUserCAKeys file #20299
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
wxiaoguang
added
type/bug
type/refactoring
zeripath
reviewed
Jul 9, 2022
GiteaBot
added
the
lgtm/need 2
Co-authored-by: zeripath <art27@cantab.net>
zeripath
reviewed
Jul 9, 2022
zeripath
approved these changes
Jul 9, 2022
GiteaBot
added
lgtm/need 1
lunny
reviewed
Jul 10, 2022
lunny
approved these changes
Jul 10, 2022
GiteaBot
added
lgtm/done
Codecov Report
@@ Coverage Diff @@
## main #20299 +/- ##
==========================================
- Coverage 46.91% 46.91% -0.01%
==========================================
Files 973 976 +3
Lines 134721 135007 +286
==========================================
+ Hits 63204 63334 +130
- Misses 63768 63911 +143
- Partials 7749 7762 +13
Continue to review full report at Codecov.
|
wxiaoguang
added a commit
to wxiaoguang/gitea
that referenced
this pull request
Jul 10, 2022
…file (go-gitea#20299) * Refactor SSH init code, fix directory creation for TrustedUserCAKeys file * Update modules/ssh/init.go Co-authored-by: zeripath <art27@cantab.net> * fix lint copyright * Update modules/ssh/init.go Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
wxiaoguang
added
backport/done
zjjhot
added a commit
to zjjhot/gitea
that referenced
this pull request
Jul 11, 2022
* giteaofficial/main: [skip ci] Updated translations via Crowdin Vertical align avatar at middle (go-gitea#20302) Changed scroll to auto for some UI elements. (go-gitea#20294) Add hint to GNUPGHOME environment variable (go-gitea#20134) Refactor SSH init code, fix directory creation for TrustedUserCAKeys file (go-gitea#20299) [skip ci] Updated translations via Crowdin Use dedicated draft PR icon when possible (go-gitea#20303) Update goldmark (go-gitea#20300) Do not create empty ".ssh" directory when loading config (go-gitea#20289)
wxiaoguang
added a commit
that referenced
this pull request
Jul 11, 2022
…file (#20299) (#20306) Backport #20299. Follow #20298. Only the `GlobalInitInstalled` function should prepare the SSH files for external server or starts the builtin server. * `trustedUserCaKeys` is removed, use `SSH.TrustedUserCAKeys` directly * introduce `ssh.Init`, move the SSH init code from `routers/init.go` to it * `ssh.Init` will start builtin SSH server or prepare external SSH server files
vsysoev
pushed a commit
to IntegraSDL/gitea
that referenced
this pull request
Aug 10, 2022
…file (go-gitea#20299) * Refactor SSH init code, fix directory creation for TrustedUserCAKeys file * Update modules/ssh/init.go Co-authored-by: zeripath <art27@cantab.net> * fix lint copyright * Update modules/ssh/init.go Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
zeripath
pushed a commit
that referenced
this pull request
Aug 20, 2022
The graceful manager waits for 4 listeners to be created or to be told that they are not needed. If it is not told about them it will indefinitely and timeout. This leads to SVC hosts not being told of being in the readyState but on Unix would lead to the termination of the process. There was an unfortunate regression in #20299 which missed this subtly and in the case whereby SSH is disabled the `builtinUnused()` is not called. This PR adds a call to `builtinUnused()` when not using the builtin ssh to allow `createServerWaitGroup.Done()` to be called. In addition it was noted that the if/else clauses for timeout informing of the SVC host were in the wrong order. These have been swapped. Fix #20609
Merged
wxiaoguang
pushed a commit
that referenced
this pull request
Aug 21, 2022
) The graceful manager waits for 4 listeners to be created or to be told that they are not needed. If it is not told about them it will indefinitely and timeout. This leads to SVC hosts not being told of being in the readyState but on Unix would lead to the termination of the process. There was an unfortunate regression in #20299 which missed this subtly and in the case whereby SSH is disabled the `builtinUnused()` is not called. This PR adds a call to `builtinUnused()` when not using the builtin ssh to allow `createServerWaitGroup.Done()` to be called. In addition it was noted that the if/else clauses for timeout informing of the SVC host were in the wrong order. These have been swapped. Fix #20609
vsysoev
pushed a commit
to IntegraSDL/gitea
that referenced
this pull request
Aug 28, 2022
The graceful manager waits for 4 listeners to be created or to be told that they are not needed. If it is not told about them it will indefinitely and timeout. This leads to SVC hosts not being told of being in the readyState but on Unix would lead to the termination of the process. There was an unfortunate regression in go-gitea#20299 which missed this subtly and in the case whereby SSH is disabled the `builtinUnused()` is not called. This PR adds a call to `builtinUnused()` when not using the builtin ssh to allow `createServerWaitGroup.Done()` to be called. In addition it was noted that the if/else clauses for timeout informing of the SVC host were in the wrong order. These have been swapped. Fix go-gitea#20609
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Follow #20289
In #20289, the
~/.sshis not created automatically, but that PR is not ideal: indeed, only theGlobalInitInstalledfunction should prepare the SSH files for external server or starts the builtin server.This PR should make the logic clear and reduce some dependencies between modules.
Major changes:
trustedUserCaKeysis removed, useSSH.TrustedUserCAKeysdirectly, it has been parsed by ini module correctlyssh.Init, move the SSH init code fromrouters/init.goto itssh.Initwill start builtin SSH server or prepare external SSH server filesThis PR could also to be considered as a bug fix for #20289, otherwise the
os.WriteFile(fname/*ca file*/,might fail.And a strange FIXME:
os.MkdirAll(setting.SSH.KeyTestPath, 0o644)