From dba3de4451f29fc0b8cb6474b9bbb18ed61d9eac Mon Sep 17 00:00:00 2001
From: Niall Sheridan <nsheridan@gmail.com>
Date: Thu, 1 Sep 2016 22:28:12 +0100
Subject: Remove the Principal field from the request

The server will always overwrite this field with the username obtained from
the auth provider. Allowing the client to set it is a waste of time.
---
 server/signer/signer.go      |  6 +++---
 server/signer/signer_test.go | 11 ++++-------
 2 files changed, 7 insertions(+), 10 deletions(-)

(limited to 'server')

diff --git a/server/signer/signer.go b/server/signer/signer.go
index 0bff1c3..5ee170a 100644
--- a/server/signer/signer.go
+++ b/server/signer/signer.go
@@ -27,7 +27,7 @@ type KeySigner struct {
 }
 
 // SignUserKey returns a signed ssh certificate.
-func (s *KeySigner) SignUserKey(req *lib.SignRequest) (*ssh.Certificate, error) {
+func (s *KeySigner) SignUserKey(req *lib.SignRequest, username string) (*ssh.Certificate, error) {
 	pubkey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(req.Key))
 	if err != nil {
 		return nil, err
@@ -39,11 +39,11 @@ func (s *KeySigner) SignUserKey(req *lib.SignRequest) (*ssh.Certificate, error)
 	cert := &ssh.Certificate{
 		CertType:    ssh.UserCert,
 		Key:         pubkey,
-		KeyId:       fmt.Sprintf("%s_%d", req.Principal, time.Now().UTC().Unix()),
+		KeyId:       fmt.Sprintf("%s_%d", username, time.Now().UTC().Unix()),
 		ValidBefore: uint64(req.ValidUntil.Unix()),
 		ValidAfter:  uint64(time.Now().UTC().Add(-5 * time.Minute).Unix()),
 	}
-	cert.ValidPrincipals = append(cert.ValidPrincipals, req.Principal)
+	cert.ValidPrincipals = append(cert.ValidPrincipals, username)
 	cert.ValidPrincipals = append(cert.ValidPrincipals, s.principals...)
 	cert.Extensions = s.permissions
 	if err := cert.SignCert(rand.Reader, s.ca); err != nil {
diff --git a/server/signer/signer_test.go b/server/signer/signer_test.go
index 805f0fc..cdfb4ca 100644
--- a/server/signer/signer_test.go
+++ b/server/signer/signer_test.go
@@ -27,10 +27,9 @@ func TestCert(t *testing.T) {
 	t.Parallel()
 	r := &lib.SignRequest{
 		Key:        string(testdata.Pub),
-		Principal:  "gopher1",
 		ValidUntil: time.Now().Add(1 * time.Hour),
 	}
-	cert, err := signer.SignUserKey(r)
+	cert, err := signer.SignUserKey(r, "gopher1")
 	if err != nil {
 		t.Error(err)
 	}
@@ -38,7 +37,7 @@ func TestCert(t *testing.T) {
 		t.Error("Cert signer and server signer don't match")
 	}
 	var principals []string
-	principals = append(principals, r.Principal)
+	principals = append(principals, "gopher1")
 	principals = append(principals, signer.principals...)
 	if !reflect.DeepEqual(cert.ValidPrincipals, principals) {
 		t.Errorf("Expected %s, got %s", cert.ValidPrincipals, principals)
@@ -57,12 +56,10 @@ func TestRevocationList(t *testing.T) {
 	t.Parallel()
 	r := &lib.SignRequest{
 		Key:        string(testdata.Pub),
-		Principal:  "revoked",
 		ValidUntil: time.Now().Add(1 * time.Hour),
 	}
-	cert1, _ := signer.SignUserKey(r)
-	r.Principal = "ok"
-	cert2, _ := signer.SignUserKey(r)
+	cert1, _ := signer.SignUserKey(r, "revoked")
+	cert2, _ := signer.SignUserKey(r, "ok")
 	var rec []*store.CertRecord
 	rec = append(rec, &store.CertRecord{
 		KeyID: cert1.KeyId,
-- 
cgit v1.2.3