Mercurial Mercurial > hg > mercurial-server / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
refresh-auth
changeset 30 98dbde5b13a1
parent 29 87279134a212
child 32 4059dbe9f26a
equal deleted inserted replaced
29:87279134a212 30:98dbde5b13a1 
     9 import os
 
     9 import os
 
    10 import os.path
 
    10 import os.path
 
    11 import ruleset
 
    11 import ruleset
 
    12 import subprocess
 
    12 import subprocess
 
    13 
    13 
    14 if len(sys.argv) != 2:
 
    14 if len(sys.argv) != 3:
 
    15     sys.stderr.write("refresh-auth: wrong number of arguments (%s)\n" % sys.argv)
 
    15     sys.stderr.write("refresh-auth: wrong number of arguments (%s)\n" % sys.argv)
 
    16     sys.exit(-1)
 
    16     sys.exit(-1)
 
    17 
    17 
    18 wrappercommand = sys.argv[1]
 
    18 akeyfile = sys.argv[1]
 
    19 akeyfile = os.path.expanduser("~/.ssh/authorized_keys")
 
    19 wrappercommand = sys.argv[2]
 
       
    20 prefix='no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command='
 
       
    21 
       
    22 if os.path.exists(akeyfile):
 
       
    23     f = open(akeyfile)
 
       
    24     try:
 
       
    25         for l in f:
 
       
    26             if not l.startswith(prefix):
 
       
    27                 raise Exception("Safety check failed, delete %s to continue" % akeyfile)
 
       
    28     finally:
 
       
    29         f.close()
 
    20 
    30 
    21 akeys = open(akeyfile + "_new", "w")
 
    31 akeys = open(akeyfile + "_new", "w")
 
    22 for root, dirs, files in os.walk("keys"):
 
    32 for root, dirs, files in os.walk("keys"):
 
    23     for fn in files:
 
    33     for fn in files:
 
    24         ffn = os.path.join(root, fn)
 
    34         ffn = os.path.join(root, fn)
 
    25         if not ruleset.goodpath(ffn):
 
    35         if not ruleset.goodpath(ffn):
 
    26             # ignore any path that contains dodgy characters
 
    36             # ignore any path that contains dodgy characters
 
    27             continue
 
    37             continue
 
    28         keyname = ffn[5:]
 
    38         keyname = ffn[5:]
 
    29         prefix=('command="%s",no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding'
 
       
    30             % ('%s %s' % (wrappercommand, keyname)))
 
       
    31         p = subprocess.Popen(("ssh-keygen", "-i", "-f", ffn), 
    39         p = subprocess.Popen(("ssh-keygen", "-i", "-f", ffn), 
    32             stdout=subprocess.PIPE, stderr=subprocess.PIPE)
 
    40             stdout=subprocess.PIPE, stderr=subprocess.PIPE)
 
    33         newkey = p.communicate()[0]
 
    41         newkey = p.communicate()[0]
 
    34         if p.wait() == 0:
 
    42         if p.wait() == 0:
 
    35             klines = [l.strip() for l in newkey.split("\n")]
 
    43             klines = [l.strip() for l in newkey.split("\n")]
 
    40                 klines = [l.strip() for l in kf]
 
    48                 klines = [l.strip() for l in kf]
 
    41             finally:
 
    49             finally:
 
    42                 kf.close()
 
    50                 kf.close()
 
    43         for l in klines:
 
    51         for l in klines:
 
    44             if len(l):
 
    52             if len(l):
 
    45                 akeys.write("%s %s\n" % (prefix, l))
 
    53                 akeys.write('%s"%s %s" %s\n' % (prefix, wrappercommand, keyname, l))
 
    46 
    54 
    47 akeys.close()
 
    55 akeys.close()
 
    48 
    56 
    49 os.rename(akeyfile + "_new", akeyfile)
 
    57 os.rename(akeyfile + "_new", akeyfile)
 
    50 
    58
mercurial-server