##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

url: 'ssh known host'-like checking of fingerprints of HTTPS certificates...
url: 'ssh known host'-like checking of fingerprints of HTTPS certificates Known fingerprints of HTTPS servers can now be configured in the hostfingerprints section. That makes it possible to verify the identify of web servers without configuring and trusting the CA chain. Limitations: * Portnumbers are ignored, just like with ordinary certificates. * Host name matching is case sensitive.
Matt Mackall - - Load All Authors

File last commit:

r10263:25e57239 stable
r13314:8dc488df stable
Show More
hg-ssh
52 lines | 1.7 KiB | text/plain | TextLexer
/ contrib / hg-ssh
History | Source | Raw |Copy content |Copy permalink
Thomas Arendsen Hein
Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos...
 r1537 #!/usr/bin/env python
#
Thomas Arendsen Hein
Adjust contrib/hg-ssh for moved dispatch() function.
 r5191 # Copyright 2005-2007 by Intevation GmbH <intevation@intevation.de>
Martin Geisler
add blank line after copyright notices and after header
 r8228 #
Thomas Arendsen Hein
Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos...
 r1537 # Author(s):
# Thomas Arendsen Hein <thomas@intevation.de>
#
Martin Geisler
updated license to be explicit about GPL version 2
 r8225 # This software may be used and distributed according to the terms of the
Matt Mackall
Update license to GPLv2+
 r10263 # GNU General Public License version 2 or any later version.
Thomas Arendsen Hein
Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos...
 r1537
"""
hg-ssh - a wrapper for ssh access to a limited set of mercurial repos
To be used in ~/.ssh/authorized_keys with the "command" option, see sshd(8):
command="hg-ssh path/to/repo1 /path/to/repo2 ~/repo3 ~user/repo4" ssh-dss ...
(probably together with these other useful options:
no-port-forwarding,no-X11-forwarding,no-agent-forwarding)
This allows pull/push over ssh to to the repositories given as arguments.
If all your repositories are subdirectories of a common directory, you can
allow shorter paths with:
command="cd path/to/my/repositories && hg-ssh repo1 subdir/repo2"
Thomas Arendsen Hein
Added hint to hg-ssh that you can use shell pattern matching.
 r1640
You can use pattern matching of your normal shell, e.g.:
command="cd repos && hg-ssh user/thomas/* projects/{mercurial,foo}"
Thomas Arendsen Hein
Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos...
 r1537 """
Thomas Arendsen Hein
Enable demandimport only in scripts, not in importable modules (issue605)...
 r5197 # enable importing on demand to reduce startup time
from mercurial import demandimport; demandimport.enable()
Thomas Arendsen Hein
Adjust contrib/hg-ssh for moved dispatch() function.
 r5191 from mercurial import dispatch
Thomas Arendsen Hein
Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos...
 r1537
import sys, os
cwd = os.getcwd()
allowed_paths = [os.path.normpath(os.path.join(cwd, os.path.expanduser(path)))
for path in sys.argv[1:]]
orig_cmd = os.getenv('SSH_ORIGINAL_COMMAND', '?')
if orig_cmd.startswith('hg -R ') and orig_cmd.endswith(' serve --stdio'):
path = orig_cmd[6:-14]
repo = os.path.normpath(os.path.join(cwd, os.path.expanduser(path)))
if repo in allowed_paths:
Thomas Arendsen Hein
Adjust contrib/hg-ssh for moved dispatch() function.
 r5191 dispatch.dispatch(['-R', repo, 'serve', '--stdio'])
Thomas Arendsen Hein
Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos...
 r1537 else:
sys.stderr.write("Illegal repository %r\n" % repo)
sys.exit(-1)
else:
sys.stderr.write("Illegal command %r\n" % orig_cmd)
sys.exit(-1)