Fix user ssh key exporting and tests (#37256)

1. Make sure OmitEmail won't panic 2. SSH principal keys are not for signing or authentication
2026-05-08 14:34:49 +09:00 · 2026-04-18 00:57:20 +08:00
parent 18064f772d
commit 279bf84066
4 changed files with 54 additions and 28 deletions
--- a/models/asymkey/ssh_key.go
+++ b/models/asymkey/ssh_key.go
@@ -15,6 +15,7 @@ import (
 	"code.gitea.io/gitea/models/perm"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/timeutil"
 	"code.gitea.io/gitea/modules/util"

@@ -64,7 +65,12 @@ func (key *PublicKey) AfterLoad() {

 // OmitEmail returns content of public key without email address.
 func (key *PublicKey) OmitEmail() string {
-	return strings.Join(strings.Split(key.Content, " ")[:2], " ")
+	fields := strings.Split(key.Content, " ") // format: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC... comment
+	if len(fields) < 2 {
+		setting.PanicInDevOrTesting("invalid public key %d content: %s", key.ID, key.Content)
+		return "" // not a valid public key, it shouldn't really happen, the value is managed internally
+	}
+	return strings.Join(fields[:2], " ")
 }

 func addKey(ctx context.Context, key *PublicKey) (err error) {