0ko 1ef5496055 feat: use AppDomain for key verification (#10429) ... Fixes #10416 Followup to a hardcoded string in [gitea#17743](https://github.com/go-gitea/gitea/pull/17743) * instead of using a hardcoded namespace, use the configured application domain * `ssh-keygen` refuses to work with empty namespace, but `Domain` falls back to `localhost`: 95dca7ff57/modules/setting/server.go (L192) * since `VerifySSHKey` verifies the namespace, I think that using a mostly-unique string instead of a hardcoded one doesn't hurt. Here's what `man ssh-keygen` says on the topic: > An additional signature namespace, used to prevent signature confusion across different domains of use (e.g. file signing vs email signing) must be provided via the -n flag. Namespaces are arbitrary strings, and may include: “file” for file signing, “email” for email signing. For custom uses, it is recommended to use names following a NAMESPACE@YOUR.DOMAIN pattern to generate unambiguous namespaces. ## Testing There's a test `TestFromOpenSSH` but it uses a hardcoded default namespace `file`: 95dca7ff57/models/asymkey/ssh_key_test.go (L334) Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/10429 Reviewed-by: Beowulf <beowulf@beocode.eu> Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: 0ko <0ko@noreply.codeberg.org> Co-committed-by: 0ko <0ko@noreply.codeberg.org>		2025-12-17 17:01:14 +01:00
..
auth	feat: replace cross origin protection (#9830)	2025-10-29 22:43:22 +01:00
dashboard	feat(issue-search): support query syntax (#9109)	2025-11-19 16:05:42 +01:00
notification	feat: replace cross origin protection (#9830)	2025-10-29 22:43:22 +01:00
overview	feat(UI): add package counter to repo/user/org overview pages	2024-07-31 12:40:24 +02:00
settings	feat: use AppDomain for key verification (#10429)	2025-12-17 17:01:14 +01:00
code.tmpl	Unify search boxes (#29530)	2024-03-20 12:31:05 +00:00
heatmap.tmpl	Fix heatmap localization	2024-03-20 08:20:08 +01:00
profile.tmpl	feat: allow any README for .profile (#8798)	2025-09-01 13:58:00 +02:00