--- a/src/hg-ssh	Mon Oct 12 17:04:26 2009 +0100
+++ b/src/hg-ssh	Tue Oct 13 10:41:24 2009 +0100
@@ -41,32 +41,36 @@
     sys.stderr.write("mercurial-server: %s\n" % message)
     sys.exit(-1)
 
-def checkpath(path):
+def checkDots(path):
+    head, tail = os.path.split(path)
+    if tail.startswith("."):
+        fail("paths cannot contain dot file components")
+    if head:
+        checkDots(head)
+
+def checkParents(path):
     path = os.path.dirname(path)
     if path == "":
         return
     if os.path.exists(path + "/.hg"):
         fail("Cannot create repo under existing repo")
-    checkpath(path)
+    checkParents(path)
 
 def getrepo(op, repo):
-    repo = os.path.normcase(os.path.normpath(repo.rstrip("/")))
+    # First canonicalise, then check the string, then the rules
+    # and finally the filesystem.
+    repo = repo.rstrip("/")
     if len(repo) == 0:
         fail("path to repository seems to be empty")
     if repo.startswith("/"):
         fail("absolute paths are not supported")
-    for component in repo.split("/"):
-        if component.startswith("."):
-            fail("paths cannot contain dot file components")
+    checkDots(path)
     ruleset.rules.set(repo=repo)
     if not ruleset.rules.allow(op, branch=None, file=None):
         fail("access denied")
-    checkpath(repo)
+    checkParents(repo)
     return repo
 
-#logfile = open("/tmp/hg-ssh.%d.txt" % os.getpid(), "w")
-#logfile.write("Started: %s\n" % sys.argv)
-
 paths.setExePath()
 
 if len(sys.argv) == 3 and sys.argv[1] == "--base64":