diff options
Diffstat (limited to 'server/signer/signer.go')
-rw-r--r-- | server/signer/signer.go | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/server/signer/signer.go b/server/signer/signer.go index 0bff1c3..5ee170a 100644 --- a/server/signer/signer.go +++ b/server/signer/signer.go @@ -27,7 +27,7 @@ type KeySigner struct { } // SignUserKey returns a signed ssh certificate. -func (s *KeySigner) SignUserKey(req *lib.SignRequest) (*ssh.Certificate, error) { +func (s *KeySigner) SignUserKey(req *lib.SignRequest, username string) (*ssh.Certificate, error) { pubkey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(req.Key)) if err != nil { return nil, err @@ -39,11 +39,11 @@ func (s *KeySigner) SignUserKey(req *lib.SignRequest) (*ssh.Certificate, error) cert := &ssh.Certificate{ CertType: ssh.UserCert, Key: pubkey, - KeyId: fmt.Sprintf("%s_%d", req.Principal, time.Now().UTC().Unix()), + KeyId: fmt.Sprintf("%s_%d", username, time.Now().UTC().Unix()), ValidBefore: uint64(req.ValidUntil.Unix()), ValidAfter: uint64(time.Now().UTC().Add(-5 * time.Minute).Unix()), } - cert.ValidPrincipals = append(cert.ValidPrincipals, req.Principal) + cert.ValidPrincipals = append(cert.ValidPrincipals, username) cert.ValidPrincipals = append(cert.ValidPrincipals, s.principals...) cert.Extensions = s.permissions if err := cert.SignCert(rand.Reader, s.ca); err != nil { |