blob: 2cffec29aa5cacf79bed5d20e5dd04691cab8a82 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
#!/usr/bin/env ruby
require "yaml"
if File.symlink?(__FILE__)
$:.unshift File.dirname(File.readlink(__FILE__)) + "/../lib/gitorious/ssh"
BASE_DIR = File.dirname(File.readlink(__FILE__)) + "/../"
conf_file = File.join(BASE_DIR, "config/gitorious.yml")
else
$:.unshift File.dirname(__FILE__) + "/../lib/gitorious/ssh"
BASE_DIR = File.dirname(__FILE__) + "/../"
conf_file = File.join(BASE_DIR, "config/gitorious.yml")
end
#$DEBUG=true
RAILS_ENV = ENV['RAILS_ENV'] ||= 'production'
GitoriousConfig = YAML::load_file(conf_file)[RAILS_ENV]
ENV["PATH"] = "/usr/local/bin/:/opt/local/bin:#{ENV["PATH"]}"
require "logger"
require "strainer"
require "client"
File.umask(0022)
original_command = ENV["SSH_ORIGINAL_COMMAND"]
user = ARGV[0]
logger = Logger.new(File.join(BASE_DIR, "log", "gitorious_auth.log"))
logger.formatter = Logger::Formatter.new
logger.level = Logger::INFO
logger.formatter.datetime_format = "%Y-%m-%d %H:%M:%S"
logger.info("Connection from #{ENV['SSH_CLIENT'].inspect} (#{user || nil}): #{original_command || nil}")
$stderr.puts "original_command: #{original_command.inspect}" if $DEBUG
if original_command.nil? || original_command.strip.empty?
logger.info("Need SSH_ORIGINAL_COMMAND")
$stderr.puts "Need SSH_ORIGINAL_COMMAND"
exit!(1)
end
$stderr.puts "user: #{user.inspect}" if $DEBUG
if user.nil? || user.strip.empty?
logger.info("Need user arg")
$stderr.puts "Need user arg"
exit!(1)
end
def gitorious_says(msg)
$stderr.puts
$stderr.puts "== Gitorious: " + ("=" * 59)
$stderr.puts msg
$stderr.puts "="*72
$stderr.puts
end
begin
strainer = Gitorious::SSH::Strainer.new(original_command).parse!
client = Gitorious::SSH::Client.new(strainer, user)
args = client.to_git_shell_argument
$stderr.puts "git-shell -c #{args.inspect}" if $DEBUG
ENV['GITORIOUS_WRITABLE_BY_URL'] = client.writable_by_query_url
ENV['GITORIOUS_USER'] = user
ENV['GITORIOUS_BASE_DIR'] = BASE_DIR
ENV['GITORIOUS_DENY_FORCE_PUSHES'] = client.force_pushing_denied? ? "true" : "false"
logger.info("Accepted #{user.inspect} for #{args.inspect}")
if client.pre_receive_hook_exists?
exec("git-shell", "-c", args)
else
logger.fatal("The pre-receive hook is not executable")
gitorious_says "Fatal error, please contact support"
exit!(1)
end
unless $?.success?
logger.fatal("Failed to execute git command")
gitorious_says "Failed to execute git command"
exit!(1)
end
rescue Gitorious::SSH::AccessDeniedError => e
logger.info("Access denied or bad repository path for #{user.inspect}: #{original_command.inspect}")
gitorious_says "Access denied or wrong repository path"
exit!(1)
rescue Gitorious::SSH::BadCommandError => e
logger.info("Access denied or bad command for #{user.inspect}: #{original_command.inspect}")
gitorious_says "Access denied or bad command"
exit!(1)
rescue Errno::ECONNREFUSED => e
logger.fatal("Connection refused querying for paths/permissions")
gitorious_says("Temporary error. Please try again shortly")
exit!(1)
rescue Object => e
if $DEBUG
$stderr.puts "#{e.class.name} #{e.message}"
$stderr.puts e.backtrace.join(" \n")
end
logger.fatal("#{e.class.name} #{e.message}: #{e.backtrace.join("\n ")}")
gitorious_says "fatal error"
exit(1)
end
|
