#1133 add config option [service] DISABLE_MINIMUM_KEY_SIZE_CHECK

conf/app.ini

@@ -83,6 +83,8 @@ ENABLE_NOTIFY_MAIL = false
 ; More detail: https://github.com/gogits/gogs/issues/165
 ENABLE_REVERSE_PROXY_AUTHENTICATION = false
 ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
+; Do not check minimum key size with corresponding type
+DISABLE_MINIMUM_KEY_SIZE_CHECK = false
 
 [webhook]
 ; Cron task interval in minutes

models/publickey.go

@@ -101,8 +101,7 @@ func (key *PublicKey) GetAuthorizedString() string {
 	return fmt.Sprintf(_TPL_PUBLICK_KEY, appPath, key.Id, setting.CustomConf, key.Content)
 }
 
-var (
+var minimumKeySizes = map[string]int{
-	MinimumKeySize = map[string]int{
 	"(ED25519)": 256,
 	"(ECDSA)":   256,
 	"(NTRU)":    1087,
@@ -110,8 +109,7 @@ var (
 	"(McE)":     1702,
 	"(RSA)":     2048,
 	"(DSA)":     1024,
-	}
+}
-)
 
 func extractTypeFromBase64Key(key string) (string, error) {
 	b, err := base64.StdEncoding.DecodeString(key)
@@ -228,16 +226,18 @@ func CheckPublicKeyString(content string) (bool, error) {
 	}
 
 	// Check if key type and key size match.
+	if !setting.Service.DisableMinimumKeySizeCheck {
 		keySize := com.StrTo(sshKeygenOutput[0]).MustInt()
 		if keySize == 0 {
 			return false, errors.New("cannot get key size of the given key")
 		}
 		keyType := strings.TrimSpace(sshKeygenOutput[len(sshKeygenOutput)-1])
-	if minimumKeySize := MinimumKeySize[keyType]; minimumKeySize == 0 {
+		if minimumKeySize := minimumKeySizes[keyType]; minimumKeySize == 0 {
 			return false, errors.New("sorry, unrecognized public key type")
 		} else if keySize < minimumKeySize {
 			return false, fmt.Errorf("the minimum accepted size of a public key %s is %d", keyType, minimumKeySize)
 		}
+	}
 
 	return true, nil
 }

modules/setting/setting.go

@@ -339,6 +339,8 @@ func NewConfigContext() {
 }
 
 var Service struct {
+	ActiveCodeLives                int
+	ResetPwdCodeLives              int
 	RegisterEmailConfirm           bool
 	DisableRegistration            bool
 	ShowRegistrationButton         bool
@@ -347,19 +349,20 @@ var Service struct {
 	EnableNotifyMail               bool
 	EnableReverseProxyAuth         bool
 	EnableReverseProxyAutoRegister bool
-	ActiveCodeLives                int
+	DisableMinimumKeySizeCheck     bool
-	ResetPwdCodeLives              int
 }
 
 func newService() {
-	Service.ActiveCodeLives = Cfg.Section("service").Key("ACTIVE_CODE_LIVE_MINUTES").MustInt(180)
+	sec := Cfg.Section("service")
-	Service.ResetPwdCodeLives = Cfg.Section("service").Key("RESET_PASSWD_CODE_LIVE_MINUTES").MustInt(180)
+	Service.ActiveCodeLives = sec.Key("ACTIVE_CODE_LIVE_MINUTES").MustInt(180)
-	Service.DisableRegistration = Cfg.Section("service").Key("DISABLE_REGISTRATION").MustBool()
+	Service.ResetPwdCodeLives = sec.Key("RESET_PASSWD_CODE_LIVE_MINUTES").MustInt(180)
-	Service.ShowRegistrationButton = Cfg.Section("service").Key("SHOW_REGISTRATION_BUTTON").MustBool(!Service.DisableRegistration)
+	Service.DisableRegistration = sec.Key("DISABLE_REGISTRATION").MustBool()
-	Service.RequireSignInView = Cfg.Section("service").Key("REQUIRE_SIGNIN_VIEW").MustBool()
+	Service.ShowRegistrationButton = sec.Key("SHOW_REGISTRATION_BUTTON").MustBool(!Service.DisableRegistration)
-	Service.EnableCacheAvatar = Cfg.Section("service").Key("ENABLE_CACHE_AVATAR").MustBool()
+	Service.RequireSignInView = sec.Key("REQUIRE_SIGNIN_VIEW").MustBool()
-	Service.EnableReverseProxyAuth = Cfg.Section("service").Key("ENABLE_REVERSE_PROXY_AUTHENTICATION").MustBool()
+	Service.EnableCacheAvatar = sec.Key("ENABLE_CACHE_AVATAR").MustBool()
-	Service.EnableReverseProxyAutoRegister = Cfg.Section("service").Key("ENABLE_REVERSE_PROXY_AUTO_REGISTRATION").MustBool()
+	Service.EnableReverseProxyAuth = sec.Key("ENABLE_REVERSE_PROXY_AUTHENTICATION").MustBool()
+	Service.EnableReverseProxyAutoRegister = sec.Key("ENABLE_REVERSE_PROXY_AUTO_REGISTRATION").MustBool()
+	Service.DisableRegistration = sec.Key("DISABLE_MINIMUM_KEY_SIZE_CHECK").MustBool()
 }
 
 var logLevels = map[string]string{