aboutsummaryrefslogtreecommitdiff
path: root/server/signer/signer.go
diff options
context:
space:
mode:
Diffstat (limited to 'server/signer/signer.go')
-rw-r--r--server/signer/signer.go6
1 files changed, 3 insertions, 3 deletions
diff --git a/server/signer/signer.go b/server/signer/signer.go
index 0bff1c3..5ee170a 100644
--- a/server/signer/signer.go
+++ b/server/signer/signer.go
@@ -27,7 +27,7 @@ type KeySigner struct {
}
// SignUserKey returns a signed ssh certificate.
-func (s *KeySigner) SignUserKey(req *lib.SignRequest) (*ssh.Certificate, error) {
+func (s *KeySigner) SignUserKey(req *lib.SignRequest, username string) (*ssh.Certificate, error) {
pubkey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(req.Key))
if err != nil {
return nil, err
@@ -39,11 +39,11 @@ func (s *KeySigner) SignUserKey(req *lib.SignRequest) (*ssh.Certificate, error)
cert := &ssh.Certificate{
CertType: ssh.UserCert,
Key: pubkey,
- KeyId: fmt.Sprintf("%s_%d", req.Principal, time.Now().UTC().Unix()),
+ KeyId: fmt.Sprintf("%s_%d", username, time.Now().UTC().Unix()),
ValidBefore: uint64(req.ValidUntil.Unix()),
ValidAfter: uint64(time.Now().UTC().Add(-5 * time.Minute).Unix()),
}
- cert.ValidPrincipals = append(cert.ValidPrincipals, req.Principal)
+ cert.ValidPrincipals = append(cert.ValidPrincipals, username)
cert.ValidPrincipals = append(cert.ValidPrincipals, s.principals...)
cert.Extensions = s.permissions
if err := cert.SignCert(rand.Reader, s.ca); err != nil {
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-29 23:37:00 +0000