do not use strict mode for authorized_keys file

natrem · natrem · commit acbca1df8492 · 2018-11-05T16:06:28.000+01:00
diff --git a/src/main/java/com/github/stefanbirkner/fakesftpserver/rule/FakeSftpServerRule.java b/src/main/java/com/github/stefanbirkner/fakesftpserver/rule/FakeSftpServerRule.java
@@ -505,7 +505,10 @@ private boolean authenticatePublicKey(
             return false;
         }
         Path path = usernamesAndIdentities.get(username);
-        return new DefaultAuthorizedKeysAuthenticator(username, path, true).authenticate(username, publicKey, session);
+        // don't load authorized keys in strict mode
+        // strict mode forces checks on 'authorized_keys' files for security
+        // but this is a test rule and CI builders might not force permissions
+        return new DefaultAuthorizedKeysAuthenticator(username, path, false).authenticate(username, publicKey, session);
     }
 
     private void ensureDirectoryOfPathExists(

Original file line number	Diff line number	Diff line change
`@@ -505,7 +505,10 @@ private boolean authenticatePublicKey(`
`505`	`505`	`return false;`
`506`	`506`	`}`
`507`	`507`	`Path path = usernamesAndIdentities.get(username);`
`508`		`- return new DefaultAuthorizedKeysAuthenticator(username, path, true).authenticate(username, publicKey, session);`
	`508`	`+ // don't load authorized keys in strict mode`
	`509`	`+ // strict mode forces checks on 'authorized_keys' files for security`
	`510`	`+ // but this is a test rule and CI builders might not force permissions`
	`511`	`+ return new DefaultAuthorizedKeysAuthenticator(username, path, false).authenticate(username, publicKey, session);`
`509`	`512`	`}`
`510`	`513`
`511`	`514`	`private void ensureDirectoryOfPathExists(`