src/mercurialserver/refreshauth.py
branchdebian
changeset 172 5dd3698fad54
parent 165 3606d60b07e5
child 211 0cd59649772c
equal deleted inserted replaced
118:107906bfe2c6 172:5dd3698fad54
     7 
     7 
     8 import re
     8 import re
     9 import base64
     9 import base64
    10 import os
    10 import os
    11 import os.path
    11 import os.path
    12 import pwd
       
    13 import subprocess
    12 import subprocess
    14 from mercurialserver import paths
    13 from mercurialserver import paths
    15 
    14 
    16 goodkey = re.compile("[/A-Za-z0-9._-]+$")
    15 goodkey = re.compile("[/A-Za-z0-9._-]+$")
    17 
    16 
    18 def refreshAuth(pw_dir):
    17 def refreshAuth():
    19     akeyfile = pw_dir + "/.ssh/authorized_keys"
    18     akeyfile = os.path.expanduser("~/.ssh/authorized_keys")
    20     wrappercommand = paths.getExePath() + "/hg-ssh"
    19     wrappercommand = paths.getExePath() + "/hg-ssh"
    21     keydirs = [paths.getEtcPath() + "/keys", pw_dir + "/repos/hgadmin/keys"]
       
    22     prefix='no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command='
    20     prefix='no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command='
    23 
    21 
    24     if os.path.exists(akeyfile):
    22     if os.path.exists(akeyfile):
    25         f = open(akeyfile)
    23         f = open(akeyfile)
    26         try:
    24         try:
    29                     raise Exception("Safety check failed, delete %s to continue" % akeyfile)
    27                     raise Exception("Safety check failed, delete %s to continue" % akeyfile)
    30         finally:
    28         finally:
    31             f.close()
    29             f.close()
    32 
    30 
    33     akeys = open(akeyfile + "_new", "w")
    31     akeys = open(akeyfile + "_new", "w")
    34     for keyroot in keydirs:
    32     for keyroot in paths.getKeysPaths():
    35         kr = keyroot + "/"
    33         kr = keyroot + "/"
    36         #print "Processing keyroot", keyroot
    34         #print "Processing keyroot", keyroot
    37         for root, dirs, files in os.walk(keyroot):
    35         for root, dirs, files in os.walk(keyroot):
    38             for fn in files:
    36             for fn in files:
    39                 ffn = os.path.join(root, fn)
    37                 ffn = os.path.join(root, fn)
    61                         akeys.write('%s"%s %s" %s\n' % (prefix, wrappercommand, keyname, l))
    59                         akeys.write('%s"%s %s" %s\n' % (prefix, wrappercommand, keyname, l))
    62     akeys.close()
    60     akeys.close()
    63     os.rename(akeyfile + "_new", akeyfile)
    61     os.rename(akeyfile + "_new", akeyfile)
    64     
    62     
    65 def hook(ui, repo, hooktype, node=None, source=None, **kwargs):
    63 def hook(ui, repo, hooktype, node=None, source=None, **kwargs):
    66     pentry = pwd.getpwuid(os.geteuid())
    64     refreshAuth()
    67     refreshAuth(pentry.pw_dir)
       
    68 
    65