Update modules/ssh/init.go

wxiaoguang · zeripath · wxiaoguang · commit d42f0a4203c4 · 2022-07-10T00:06:03.000+08:00
Co-authored-by: zeripath &lt;art27@cantab.net&gt;
diff --git a/modules/ssh/init.go b/modules/ssh/init.go
@@ -23,24 +23,27 @@ func Init() error {
 			net.JoinHostPort(setting.SSH.ListenHost, strconv.Itoa(setting.SSH.ListenPort)),
 			setting.SSH.ServerCiphers, setting.SSH.ServerKeyExchanges, setting.SSH.ServerMACs,
 		)
-	} else {
-		builtinUnused()
-		// FIXME: why 0o644 for a directory .....
-		if err := os.MkdirAll(setting.SSH.KeyTestPath, 0o644); err != nil {
-			return fmt.Errorf("failed to create directory %q for ssh key test: %w", setting.SSH.KeyTestPath, err)
+		return nil
+	}
+
+	builtinUnused()
+
+	// FIXME: why 0o644 for a directory .....
+	if err := os.MkdirAll(setting.SSH.KeyTestPath, 0o644); err != nil {
+		return fmt.Errorf("failed to create directory %q for ssh key test: %w", setting.SSH.KeyTestPath, err)
+	}
+
+	if len(setting.SSH.TrustedUserCAKeys) > 0 && setting.SSH.AuthorizedPrincipalsEnabled {
+		caKeysFileName := setting.SSH.TrustedUserCAKeysFile
+		caKeysFileDir := filepath.Dir(caKeysFileName)
+
+		err := os.MkdirAll(caKeysFileDir, 0o700) // it should be the SSH.RootPath by default (`~/.ssh` in most cases)
+		if err != nil {
+			return fmt.Errorf("failed to create directory %q for ssh trusted ca keys: %w", caKeysFileDir, err)
 		}
-		if len(setting.SSH.TrustedUserCAKeys) > 0 && setting.SSH.AuthorizedPrincipalsEnabled {
-			caKeysFileName := setting.SSH.TrustedUserCAKeysFile
-			caKeysFileDir := filepath.Dir(caKeysFileName)
-
-			err := os.MkdirAll(caKeysFileDir, 0o700) // it should be the `~/.ssh` directory in most cases
-			if err != nil {
-				return fmt.Errorf("failed to create directory %q for ssh trusted ca keys: %w", caKeysFileDir, err)
-			}
-
-			if err := os.WriteFile(caKeysFileName, []byte(strings.Join(setting.SSH.TrustedUserCAKeys, "\n")), 0o600); err != nil {
-				return fmt.Errorf("failed to write ssh trusted ca keys to %q: %w", caKeysFileName, err)
-			}
+
+		if err := os.WriteFile(caKeysFileName, []byte(strings.Join(setting.SSH.TrustedUserCAKeys, "\n")), 0o600); err != nil {
+			return fmt.Errorf("failed to write ssh trusted ca keys to %q: %w", caKeysFileName, err)
 		}
 	}
 
