src/hg-ssh
changeset 110 69596fffcf7d
parent 109 72100d3ed1bd
child 117 b6b8a5daf0f4
equal deleted inserted replaced
109:72100d3ed1bd 110:69596fffcf7d
    39 
    39 
    40 def fail(message):
    40 def fail(message):
    41     sys.stderr.write("mercurial-server: %s\n" % message)
    41     sys.stderr.write("mercurial-server: %s\n" % message)
    42     sys.exit(-1)
    42     sys.exit(-1)
    43 
    43 
    44 def checkpath(path):
    44 def checkDots(path):
       
    45     head, tail = os.path.split(path)
       
    46     if tail.startswith("."):
       
    47         fail("paths cannot contain dot file components")
       
    48     if head:
       
    49         checkDots(head)
       
    50 
       
    51 def checkParents(path):
    45     path = os.path.dirname(path)
    52     path = os.path.dirname(path)
    46     if path == "":
    53     if path == "":
    47         return
    54         return
    48     if os.path.exists(path + "/.hg"):
    55     if os.path.exists(path + "/.hg"):
    49         fail("Cannot create repo under existing repo")
    56         fail("Cannot create repo under existing repo")
    50     checkpath(path)
    57     checkParents(path)
    51 
    58 
    52 def getrepo(op, repo):
    59 def getrepo(op, repo):
    53     repo = os.path.normcase(os.path.normpath(repo.rstrip("/")))
    60     # First canonicalise, then check the string, then the rules
       
    61     # and finally the filesystem.
       
    62     repo = repo.rstrip("/")
    54     if len(repo) == 0:
    63     if len(repo) == 0:
    55         fail("path to repository seems to be empty")
    64         fail("path to repository seems to be empty")
    56     if repo.startswith("/"):
    65     if repo.startswith("/"):
    57         fail("absolute paths are not supported")
    66         fail("absolute paths are not supported")
    58     for component in repo.split("/"):
    67     checkDots(path)
    59         if component.startswith("."):
       
    60             fail("paths cannot contain dot file components")
       
    61     ruleset.rules.set(repo=repo)
    68     ruleset.rules.set(repo=repo)
    62     if not ruleset.rules.allow(op, branch=None, file=None):
    69     if not ruleset.rules.allow(op, branch=None, file=None):
    63         fail("access denied")
    70         fail("access denied")
    64     checkpath(repo)
    71     checkParents(repo)
    65     return repo
    72     return repo
    66 
       
    67 #logfile = open("/tmp/hg-ssh.%d.txt" % os.getpid(), "w")
       
    68 #logfile.write("Started: %s\n" % sys.argv)
       
    69 
    73 
    70 paths.setExePath()
    74 paths.setExePath()
    71 
    75 
    72 if len(sys.argv) == 3 and sys.argv[1] == "--base64":
    76 if len(sys.argv) == 3 and sys.argv[1] == "--base64":
    73     ruleset.rules.set(user = base64.b64decode(sys.argv[2]))
    77     ruleset.rules.set(user = base64.b64decode(sys.argv[2]))