diff options
| author | Nick Thomas <nick@gitlab.com> | 2017-08-21 11:30:03 +0100 |
|---|---|---|
| committer | Nick Thomas <nick@gitlab.com> | 2017-08-30 20:50:44 +0100 |
| commit | b0f982fbdf69c292ab4530c0aaaf1ab42f4e7a01 (patch) | |
| tree | 0d76c74fb6260de1e3c9694a8501491b2eb486ef /db | |
| parent | 81f08d30e641dc1a6666022ab1f5d36dbcdced7e (diff) | |
| download | gitlab-ce-b0f982fbdf69c292ab4530c0aaaf1ab42f4e7a01.tar.gz | |
Add settings for minimum key strength and allowed key type
This is an amalgamation of:
* Cory Hinshaw: Initial implementation !5552
* Rémy Coutable: Updates !9350
* Nick Thomas: Resolve conflicts and add ED25519 support !13712
Diffstat (limited to 'db')
| -rw-r--r-- | db/migrate/20161020180657_add_minimum_key_length_to_application_settings.rb | 24 | ||||
| -rw-r--r-- | db/schema.rb | 5 |
2 files changed, 29 insertions, 0 deletions
diff --git a/db/migrate/20161020180657_add_minimum_key_length_to_application_settings.rb b/db/migrate/20161020180657_add_minimum_key_length_to_application_settings.rb new file mode 100644 index 00000000000..ce87d8a26b6 --- /dev/null +++ b/db/migrate/20161020180657_add_minimum_key_length_to_application_settings.rb @@ -0,0 +1,24 @@ +class AddMinimumKeyLengthToApplicationSettings < ActiveRecord::Migration + include Gitlab::Database::MigrationHelpers + + # Set this constant to true if this migration requires downtime. + DOWNTIME = false + + disable_ddl_transaction! + + def up + add_column_with_default :application_settings, :minimum_rsa_bits, :integer, default: 1024 + add_column_with_default :application_settings, :minimum_dsa_bits, :integer, default: 1024 + add_column_with_default :application_settings, :minimum_ecdsa_bits, :integer, default: 256 + add_column_with_default :application_settings, :minimum_ed25519_bits, :integer, default: 256 + add_column_with_default :application_settings, :allowed_key_types, :string, default: %w[rsa dsa ecdsa ed25519].to_yaml + end + + def down + remove_column :application_settings, :minimum_rsa_bits + remove_column :application_settings, :minimum_dsa_bits + remove_column :application_settings, :minimum_ecdsa_bits + remove_column :application_settings, :minimum_ed25519_bits + remove_column :application_settings, :allowed_key_types + end +end diff --git a/db/schema.rb b/db/schema.rb index 0f4b0c0c3b3..49ae4b48627 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -129,6 +129,11 @@ ActiveRecord::Schema.define(version: 20170824162758) do t.boolean "password_authentication_enabled" t.boolean "project_export_enabled", default: true, null: false t.boolean "hashed_storage_enabled", default: false, null: false + t.integer "minimum_rsa_bits", default: 1024, null: false + t.integer "minimum_dsa_bits", default: 1024, null: false + t.integer "minimum_ecdsa_bits", default: 256, null: false + t.integer "minimum_ed25519_bits", default: 256, null: false + t.string "allowed_key_types", default: "---\n- rsa\n- dsa\n- ecdsa\n- ed25519\n", null: false end create_table "audit_events", force: :cascade do |t| |