author | Paul Crowley <paul@lshift.net> |
Tue, 15 Apr 2008 16:20:34 +0100 | |
changeset 1 | 5bc7446cd2d1 |
parent 0 | 41ecb5a3172c |
child 4 | dcd195f3e52c |
permissions | -rwxr-xr-x |
0
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
1 |
#!/usr/bin/env python |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
2 |
# |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
3 |
# Copyright 2008 LShift Ltd |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
4 |
# Modified by Paul Crowley <paul@lshift.net> |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
5 |
# with ideas from Mathieu PASQUET <kiorky@cryptelium.net> |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
6 |
# Copyright 2005-2007 by Intevation GmbH <intevation@intevation.de> |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
7 |
# Author(s): |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
8 |
# Thomas Arendsen Hein <thomas@intevation.de> |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
9 |
# |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
10 |
# This software may be used and distributed according to the terms |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
11 |
# of the GNU General Public License, incorporated herein by reference. |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
12 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
13 |
""" |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
14 |
hg-ssh - a wrapper for ssh access to a limited set of mercurial repos |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
15 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
16 |
DO NOT USE WITHOUT READING THE SOURCE! In particular note that we HARDWIRE |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
17 |
the path to hgadmin/hg-ssh-access.conf. |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
18 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
19 |
To be used in ~/.ssh/authorized_keys with the "command" option, see sshd(8): |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
20 |
command="hg-ssh keyid" ssh-dss ... |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
21 |
(probably together with these other useful options: |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
22 |
no-port-forwarding,no-X11-forwarding,no-agent-forwarding) |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
23 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
24 |
This allows pull/push over ssh to to the repositories given as arguments. |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
25 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
26 |
If all your repositories are subdirectories of a common directory, you can |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
27 |
allow shorter paths with: |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
28 |
command="cd path/to/my/repositories && hg-ssh repo1 subdir/repo2" |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
29 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
30 |
You can use pattern matching of your normal shell, e.g.: |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
31 |
command="cd repos && hg-ssh user/thomas/* projects/{mercurial,foo}" |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
32 |
""" |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
33 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
34 |
# enable importing on demand to reduce startup time |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
35 |
from mercurial import demandimport; demandimport.enable() |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
36 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
37 |
from mercurial import dispatch |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
38 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
39 |
import sys, os, re |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
40 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
41 |
def fail(message): |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
42 |
#logfile.write("Fail: %s\n" % message) |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
43 |
sys.stderr.write(message + "\n") |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
44 |
sys.exit(-1) |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
45 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
46 |
allowedchars = "A-Za-z0-9_.-" |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
47 |
goodpathre = re.compile("([%s]+/)*[%s]+$" % (allowedchars, allowedchars)) |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
48 |
def goodpath(path): |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
49 |
if goodpathre.match(path) is None: |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
50 |
fail("Disallowing path: %s" % path) |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
51 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
52 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
53 |
# Don't put anything except *A-Za-z0-9_- in rule globs or |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
54 |
# you'll probably break security. No regexp metachars, not even . |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
55 |
# We may fix this later. |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
56 |
goodglobre = re.compile("[*/%s]+$" % allowedchars) |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
57 |
def globmatch(pattern, match): |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
58 |
if goodglobre.match(pattern) is None: |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
59 |
fail("Bad glob pattern in auth config: %s" % pattern) |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
60 |
pattern = pattern.replace(".", r'\.') |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
61 |
pattern = pattern.replace("*", "[%s]*" % allowedchars) |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
62 |
return re.compile(pattern + "$").match(match) is not None |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
63 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
64 |
def testrule(keyname, path, applicable): |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
65 |
goodpath(keyname) |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
66 |
goodpath(path) |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
67 |
f = open("hgadmin/hg-ssh-access.conf") |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
68 |
try: |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
69 |
for l in f: |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
70 |
l = l.strip() |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
71 |
if l == "" or l.startswith("#"): |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
72 |
continue |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
73 |
rule, rk, rp = l.split() |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
74 |
if globmatch(rk, keyname) and globmatch(rp, path): |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
75 |
#logfile.write("Used rule: %s\n" % l) |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
76 |
return rule in applicable |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
77 |
return False |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
78 |
finally: |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
79 |
f.close() |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
80 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
81 |
def get_cmd(keyname, cmd): |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
82 |
if cmd.startswith('hg -R ') and cmd.endswith(' serve --stdio'): |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
83 |
path = cmd[6:-14] |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
84 |
if testrule(keyname, path, set(["allow", "init"])): |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
85 |
return ['-R', path, 'serve', '--stdio'] |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
86 |
elif cmd.startswith('hg init '): |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
87 |
path = cmd[8:] |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
88 |
if testrule(keyname, path, set(["init"])): |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
89 |
return ['init', path] |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
90 |
fail("Illegal command %r" % cmd) |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
91 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
92 |
#logfile = open("/tmp/hg-ssh.%d.txt" % os.getpid(), "w") |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
93 |
#logfile.write("Started: %s\n" % sys.argv) |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
94 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
95 |
if len(sys.argv) != 2: |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
96 |
fail("Error in hg-ssh configuration in .ssh/authorized_keys: too many arguments (%s)" |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
97 |
% sys.argv) |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
98 |
|
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
99 |
keyname = sys.argv[1] |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
100 |
todispatch = get_cmd(keyname, os.environ.get('SSH_ORIGINAL_COMMAND', '?')) |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
101 |
os.environ["HG_ACL_USER"] = keyname |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
102 |
dispatch.dispatch(todispatch) |
41ecb5a3172c
separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff
changeset
|
103 |