src/hg-ssh
author Paul Crowley <paul@lshift.net>
Fri, 06 Mar 2009 12:46:22 +0000
changeset 73 5d81ec164e5d
parent 72 582808b47653
child 77 8d14aac93b5d
permissions -rwxr-xr-x
do-refresh-auth now does all the work
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
0
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
     1
#!/usr/bin/env python
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
     2
#
50
77d97aa18f29 update dates and copyright notices
Paul Crowley <paul@lshift.net>
parents: 46
diff changeset
     3
# Copyright 2008-2009 LShift Ltd
0
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
     4
# Copyright 2005-2007 by Intevation GmbH <intevation@intevation.de>
18
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
     5
# Authors:
4
dcd195f3e52c move config out of Python files; don't make hg-ssh-wrapper a dotfile;
Paul Crowley <paul@lshift.net>
parents: 0
diff changeset
     6
# Paul Crowley <paul@lshift.net>
0
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
     7
# Thomas Arendsen Hein <thomas@intevation.de>
4
dcd195f3e52c move config out of Python files; don't make hg-ssh-wrapper a dotfile;
Paul Crowley <paul@lshift.net>
parents: 0
diff changeset
     8
# with ideas from  Mathieu PASQUET <kiorky@cryptelium.net>
0
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
     9
#
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    10
# This software may be used and distributed according to the terms
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    11
# of the GNU General Public License, incorporated herein by reference.
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    12
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    13
"""
10
524b4a45ef0a wrap overlong lines
Paul Crowley <paul@lshift.net>
parents: 7
diff changeset
    14
hg-ssh - limit access to hg repositories reached via ssh.  Part of
36
b3237aabd0fe Change the name to mercurial-server
Paul Crowley <paul@lshift.net>
parents: 33
diff changeset
    15
mercurial-server.
0
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    16
18
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    17
This script is called by hg-ssh-wrapper with no arguments - everything
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    18
should be in enviroment variables:
0
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    19
39
f5055ce263c7 New system. No breaking in, just putting files in /etc/mercurial-server
Paul Crowley <paul@lshift.net>
parents: 36
diff changeset
    20
HG_ACCESS_RULES_PATH identifies the paths to the rule files
18
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    21
REMOTE_USER the remote user (which is the key used by ssh)
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    22
SSH_ORIGINAL_COMMAND the command the user was trying to run
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    23
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    24
It uses SSH_ORIGINAL_COMMAND to determine what the user was trying to
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    25
do and to what repository, and then checks each rule in the rule file
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    26
in turn for a matching rule which decides what to do, defaulting to
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    27
disallowing the action.
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    28
0
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    29
"""
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    30
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    31
# enable importing on demand to reduce startup time
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    32
from mercurial import demandimport; demandimport.enable()
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    33
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    34
from mercurial import dispatch
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    35
18
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    36
import sys, os
70
abb9ed8972e0 Move more into hg-ssh
Paul Crowley <paul@lshift.net>
parents: 69
diff changeset
    37
from mercurialserver import ruleset, paths
0
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    38
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    39
def fail(message):
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    40
    #logfile.write("Fail: %s\n" % message)
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    41
    sys.stderr.write(message + "\n")
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    42
    sys.exit(-1)
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    43
18
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    44
def getpath(path):
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    45
    if path.endswith("/"):
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    46
        path = path[:-1]
19
62ee928ac9b3 fixes following actual testing
Paul Crowley <paul@lshift.net>
parents: 18
diff changeset
    47
    if not ruleset.goodpath(path):
0
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    48
        fail("Disallowing path: %s" % path)
18
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    49
    return path
0
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    50
43
0a7fc4652793 todispatch unnecessary
Paul Crowley <paul@lshift.net>
parents: 39
diff changeset
    51
def try_cmd(rules, cmd):
0
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    52
    if cmd.startswith('hg -R ') and cmd.endswith(' serve --stdio'):
18
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    53
        repo = getpath(cmd[6:-14])
21
59540181a4bb simplify by allowing some params to be preset in rules
Paul Crowley <paul@ciphergoth.org>
parents: 20
diff changeset
    54
        if rules.allow("read", repo=repo):
18
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    55
            os.environ["HG_REPO_PATH"] = repo
43
0a7fc4652793 todispatch unnecessary
Paul Crowley <paul@lshift.net>
parents: 39
diff changeset
    56
            dispatch.dispatch(['-R', repo, 'serve', '--stdio'])
46
d2bbab5ffd0e Introduced a bug in last hg-ssh change
Paul Crowley <paul@lshift.net>
parents: 43
diff changeset
    57
            return
0
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    58
    elif cmd.startswith('hg init '):
18
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    59
        repo = getpath(cmd[8:])
21
59540181a4bb simplify by allowing some params to be preset in rules
Paul Crowley <paul@ciphergoth.org>
parents: 20
diff changeset
    60
        if rules.allow("init", repo=repo):
18
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 15
diff changeset
    61
            os.environ["HG_REPO_PATH"] = repo
43
0a7fc4652793 todispatch unnecessary
Paul Crowley <paul@lshift.net>
parents: 39
diff changeset
    62
            dispatch.dispatch(['init', repo])
46
d2bbab5ffd0e Introduced a bug in last hg-ssh change
Paul Crowley <paul@lshift.net>
parents: 43
diff changeset
    63
            return
0
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    64
    fail("Illegal command %r" % cmd)
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    65
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    66
#logfile = open("/tmp/hg-ssh.%d.txt" % os.getpid(), "w")
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    67
#logfile.write("Started: %s\n" % sys.argv)
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    68
69
e31646deafc8 Starting to move stuff out of hg-ssh-wrapper
Paul Crowley <paul@lshift.net>
parents: 67
diff changeset
    69
if len(sys.argv) != 2:
e31646deafc8 Starting to move stuff out of hg-ssh-wrapper
Paul Crowley <paul@lshift.net>
parents: 67
diff changeset
    70
    fail("hg-ssh must have exactly one argument (%s)" 
0
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    71
        % sys.argv)
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    72
69
e31646deafc8 Starting to move stuff out of hg-ssh-wrapper
Paul Crowley <paul@lshift.net>
parents: 67
diff changeset
    73
remote_user = sys.argv[1]
e31646deafc8 Starting to move stuff out of hg-ssh-wrapper
Paul Crowley <paul@lshift.net>
parents: 67
diff changeset
    74
os.environ['REMOTE_USER'] = remote_user
e31646deafc8 Starting to move stuff out of hg-ssh-wrapper
Paul Crowley <paul@lshift.net>
parents: 67
diff changeset
    75
71
1120f78f81da Move more into hg-ssh
Paul Crowley <paul@lshift.net>
parents: 70
diff changeset
    76
# Use a different hgrc for remote pulls - this way you can set
1120f78f81da Move more into hg-ssh
Paul Crowley <paul@lshift.net>
parents: 70
diff changeset
    77
# up access.py for everything at once without affecting local operations
1120f78f81da Move more into hg-ssh
Paul Crowley <paul@lshift.net>
parents: 70
diff changeset
    78
1120f78f81da Move more into hg-ssh
Paul Crowley <paul@lshift.net>
parents: 70
diff changeset
    79
os.environ['HGRCPATH'] = paths.getEtcPath() + "/remote-hgrc"
1120f78f81da Move more into hg-ssh
Paul Crowley <paul@lshift.net>
parents: 70
diff changeset
    80
72
582808b47653 All work now in hg-ssh
Paul Crowley <paul@lshift.net>
parents: 71
diff changeset
    81
os.chdir('repos')
71
1120f78f81da Move more into hg-ssh
Paul Crowley <paul@lshift.net>
parents: 70
diff changeset
    82
70
abb9ed8972e0 Move more into hg-ssh
Paul Crowley <paul@lshift.net>
parents: 69
diff changeset
    83
os.environ['HG_ACCESS_RULES_PATH'] = (
abb9ed8972e0 Move more into hg-ssh
Paul Crowley <paul@lshift.net>
parents: 69
diff changeset
    84
    paths.getEtcPath() + "/access.conf" + ":" + 
abb9ed8972e0 Move more into hg-ssh
Paul Crowley <paul@lshift.net>
parents: 69
diff changeset
    85
    os.getcwd() + "/hgadmin/access.conf")
abb9ed8972e0 Move more into hg-ssh
Paul Crowley <paul@lshift.net>
parents: 69
diff changeset
    86
39
f5055ce263c7 New system. No breaking in, just putting files in /etc/mercurial-server
Paul Crowley <paul@lshift.net>
parents: 36
diff changeset
    87
rules = ruleset.rules_from_env()
69
e31646deafc8 Starting to move stuff out of hg-ssh-wrapper
Paul Crowley <paul@lshift.net>
parents: 67
diff changeset
    88
rules.set(user = getpath(remote_user))
21
59540181a4bb simplify by allowing some params to be preset in rules
Paul Crowley <paul@ciphergoth.org>
parents: 20
diff changeset
    89
rules.set(branch = None, file = None)
43
0a7fc4652793 todispatch unnecessary
Paul Crowley <paul@lshift.net>
parents: 39
diff changeset
    90
try_cmd(rules, os.environ.get('SSH_ORIGINAL_COMMAND', '?'))