Do map lookup for allowed keys

2026-05-14 04:39:54 +00:00 · 2022-06-04 21:54:55 +02:00
parent 307e08d76d
commit 0d722237c8
1 changed files with 6 additions and 4 deletions
--- a/client/ssh/server.go
+++ b/client/ssh/server.go
@@ -8,12 +8,13 @@ import (
 	gossh "golang.org/x/crypto/ssh"
 	"io"
 	"net"
+	"strings"
 	"sync"
 )

 type Server struct {
 	listener    net.Listener
-	allowedKeys []ssh.PublicKey
+	allowedKeys map[string]ssh.PublicKey
 	mu          sync.Mutex
 }

@@ -21,13 +22,13 @@ func (srv *Server) UpdateKeys(newKeys []string) error {
 	srv.mu.Lock()
 	defer srv.mu.Unlock()

-	srv.allowedKeys = make([]ssh.PublicKey, len(newKeys))
+	srv.allowedKeys = make(map[string]ssh.PublicKey, len(newKeys))
 	for _, strKey := range newKeys {
 		parsedKey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(strKey))
 		if err != nil {
 			return err
 		}
-		srv.allowedKeys = append(srv.allowedKeys, parsedKey)
+		srv.allowedKeys[strKey] = parsedKey
 	}

 	return nil
@@ -62,7 +63,8 @@ func (srv *Server) Start() error {
 		srv.mu.Lock()
 		defer srv.mu.Unlock()

-		for _, allowed := range srv.allowedKeys {
+		k := strings.TrimSpace(string(gossh.MarshalAuthorizedKey(key)))
+		if allowed, ok := srv.allowedKeys[k]; ok {
 			if ssh.KeysEqual(allowed, key) {
 				return true
 			}