opendev/gerrit
Code Issues Proposed changes

Consider all accounts which have the same email address during login

Browse Source 
We just examine every single potential account during the SSH login.
Its unlikely two accounts will share the same email address *and*
the same public key.

Signed-off-by: Shawn O. Pearce <sop@google.com>
This commit is contained in:
Shawn O. Pearce
2008-12-31 08:56:00 -08:00
parent 8e798c87af
commit 19dead4468
1 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
appjar/src/main/java/com/google/gerrit/server/ssh/SshUtil.java
View File

@@ -35,6 +35,7 @@ import java.security.PublicKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.LinkedHashMap;
import java.util.List;
@@ -169,11 +170,14 @@ public class SshUtil {
db.accounts().byPreferredEmail(username).toList();
if (matches.isEmpty()) {
return Collections.<AccountSshKey> emptyList();
} else if (matches.size() > 1) {
// TODO log accounts with duplicate emails
return Collections.<AccountSshKey> emptyList();
}
kl = db.accountSshKeys().valid(matches.get(0).getId()).toList();
kl = new ArrayList<AccountSshKey>();
for (final Account a : matches) {
for (final AccountSshKey k : db.accountSshKeys().valid(a.getId())) {
kl.add(k);
}
}
} finally {
db.close();
}