From 0e88dc51b8cb3e2138f84254e6f2ae7853cbe8e3 Mon Sep 17 00:00:00 2001 From: "j. mccann" Date: Sun, 22 Dec 2019 14:22:23 -0500 Subject: [PATCH] Set default ssh.minimum_key_sizes The minimum key size defaults weren't set as suggested in app.ini.sample so if you enabled MINIMUM_KEY_SIZE_CHECK it would always fail since there would be no matching values to check against. This pr adds the default values that should have been there. Should fix #9465 --- modules/setting/setting.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 4354d8cdb8393..dbf43f31ee258 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -130,6 +130,7 @@ var ( ServerKeyExchanges: []string{"diffie-hellman-group1-sha1", "diffie-hellman-group14-sha1", "ecdh-sha2-nistp256", "ecdh-sha2-nistp384", "ecdh-sha2-nistp521", "curve25519-sha256@libssh.org"}, ServerMACs: []string{"hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha1", "hmac-sha1-96"}, KeygenPath: "ssh-keygen", + MinimumKeySizes: map[string]int{"ed25519": 256, "ecdsa": 256, "rsa": 2048, "dsa": 1024}, } LFS struct { @@ -690,7 +691,6 @@ func NewContext() { } SSH.MinimumKeySizeCheck = sec.Key("MINIMUM_KEY_SIZE_CHECK").MustBool() - SSH.MinimumKeySizes = map[string]int{} minimumKeySizes := Cfg.Section("ssh.minimum_key_sizes").Keys() for _, key := range minimumKeySizes { if key.MustInt() != -1 {