Mercurial Mercurial > hg > mercurial-server / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/mercurialserver/refreshauth.py
branchdebian
changeset 115 731a72b742db
parent 107 84e9e33d866b
child 165 3606d60b07e5
equal deleted inserted replaced
99:e99262dfa950 115:731a72b742db 
     3 # WARNING
 
     3 # WARNING
 
     4 # This hook completely destroys your ~/.ssh/authorized_keys
 
     4 # This hook completely destroys your ~/.ssh/authorized_keys
 
     5 # file every time it is run
 
     5 # file every time it is run
 
     6 # WARNING
 
     6 # WARNING
 
     7 
     7 
     8 import sys
 
     8 import re
 
       
     9 import base64
 
     9 import os
 
    10 import os
 
    10 import os.path
 
    11 import os.path
 
    11 import pwd
 
    12 import pwd
 
    12 import subprocess
 
    13 import subprocess
 
    13 from mercurialserver import ruleset, paths
 
    14 from mercurialserver import paths
 
       
    15 
       
    16 goodkey = re.compile("[/A-Za-z0-9._-]+$")
 
    14 
    17 
    15 def refreshAuth(pw_dir):
 
    18 def refreshAuth(pw_dir):
 
    16     akeyfile = pw_dir + "/.ssh/authorized_keys"
 
    19     akeyfile = pw_dir + "/.ssh/authorized_keys"
 
    17     wrappercommand = paths.getExePath() + "/hg-ssh"
 
    20     wrappercommand = paths.getExePath() + "/hg-ssh"
 
    18     keydirs = [paths.getEtcPath() + "/keys", pw_dir + "/repos/hgadmin/keys"]
 
    21     keydirs = [paths.getEtcPath() + "/keys", pw_dir + "/repos/hgadmin/keys"]
 
    36                 ffn = os.path.join(root, fn)
 
    39                 ffn = os.path.join(root, fn)
 
    37                 if not ffn.startswith(kr):
 
    40                 if not ffn.startswith(kr):
 
    38                     raise Exception("Inconsistent behaviour in os.walk, bailing")
 
    41                     raise Exception("Inconsistent behaviour in os.walk, bailing")
 
    39                 #print "Processing file", ffn
 
    42                 #print "Processing file", ffn
 
    40                 keyname = ffn[len(kr):]
 
    43                 keyname = ffn[len(kr):]
 
    41                 if not ruleset.goodpath(keyname):
 
    44                 if not goodkey.match(keyname):
 
    42                     # ignore any path that contains dodgy characters
 
    45                     # Encode it for safe quoting
 
    43                     #print "Ignoring file", ffn
 
    46                     keyname = "--base64 " + base64.b64encode(keyname)
 
    44                     continue
 
       
    45                 p = subprocess.Popen(("ssh-keygen", "-i", "-f", ffn), 
    47                 p = subprocess.Popen(("ssh-keygen", "-i", "-f", ffn), 
    46                     stdout=subprocess.PIPE, stderr=subprocess.PIPE)
 
    48                     stdout=subprocess.PIPE, stderr=subprocess.PIPE)
 
    47                 newkey = p.communicate()[0]
 
    49                 newkey = p.communicate()[0]
 
    48                 if p.wait() == 0:
 
    50                 if p.wait() == 0:
 
    49                     klines = [l.strip() for l in newkey.split("\n")]
 
    51                     klines = [l.strip() for l in newkey.split("\n")]
mercurial-server