diff options
| author | Niall Sheridan <nsheridan@gmail.com> | 2016-04-20 22:12:14 +0100 |
|---|---|---|
| committer | Niall Sheridan <nsheridan@gmail.com> | 2016-04-20 22:12:14 +0100 |
| commit | fbac1b1e860f8b8f1aed3f9cde12d5efb331914a (patch) | |
| tree | 25a2fafe0e5bc517a29738b8b9a081fd735c988b /server/signer | |
| parent | c7350ab6f1d8054d1bc6d2d14d071010bfb0e92f (diff) | |
Add comments.
Diffstat (limited to 'server/signer')
| -rw-r--r-- | server/signer/signer.go | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/server/signer/signer.go b/server/signer/signer.go index 4594c35..f897195 100644 --- a/server/signer/signer.go +++ b/server/signer/signer.go @@ -11,6 +11,7 @@ import ( "golang.org/x/crypto/ssh" ) +// KeySigner does the work of signing a ssh public key with the CA key. type KeySigner struct { ca ssh.Signer validity time.Duration @@ -18,6 +19,7 @@ type KeySigner struct { permissions map[string]string } +// SignUserKey returns a signed ssh certificate. func (s *KeySigner) SignUserKey(req *lib.SignRequest) (string, error) { pubkey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(req.Key)) if err != nil { @@ -63,7 +65,8 @@ func makeperms(perms []string) map[string]string { } } -func NewSigner(conf config.SSH) (*KeySigner, error) { +// New creates a new KeySigner from the supplied configuration. +func New(conf config.SSH) (*KeySigner, error) { data, err := ioutil.ReadFile(conf.SigningKey) if err != nil { return nil, fmt.Errorf("unable to read CA key %s: %v", conf.SigningKey, err) |