##// END OF EJS Templates
copies-rust: start recording overwrite as they happens...
copies-rust: start recording overwrite as they happens If a revision has information overwriting data from another revision, the overwriting revision is a descendant of the overwritten one. So we could warm the Oracle cache with such information to avoid potential future `is_ancestors` call. This provide us with a large speedup in the most expensive cases: Repo Case Source-Rev Dest-Rev # of revisions old time new time Difference Factor time per rev --------------------------------------------------------------------------------------------------------------------------------------------------------------- mozilla-try x00000_revs_x00000_added_x0000_copies 1b661134e2ca 1ae03d022d6d : 228985 revs, 41.113063 s, 36.001255 s, -5.111808 s, × 0.8757, 157 µs/rev mozilla-try x00000_revs_x00000_added_x000_copies 9b2a99adc05e 8e29777b48e6 : 382065 revs, 27.891612 s, 14.340641 s, -13.550971 s, × 0.5142, 37 µs/rev Full comparison below: Repo Case Source-Rev Dest-Rev # of revisions old time new time Difference Factor time per rev --------------------------------------------------------------------------------------------------------------------------------------------------------------- mercurial x_revs_x_added_0_copies ad6b123de1c7 39cfcef4f463 : 1 revs, 0.000042 s, 0.000042 s, +0.000000 s, × 1.0000, 42 µs/rev mercurial x_revs_x_added_x_copies 2b1c78674230 0c1d10351869 : 6 revs, 0.000114 s, 0.000109 s, -0.000005 s, × 0.9561, 18 µs/rev mercurial x000_revs_x000_added_x_copies 81f8ff2a9bf2 dd3267698d84 : 1032 revs, 0.004934 s, 0.004953 s, +0.000019 s, × 1.0039, 4 µs/rev pypy x_revs_x_added_0_copies aed021ee8ae8 099ed31b181b : 9 revs, 0.000195 s, 0.000237 s, +0.000042 s, × 1.2154, 26 µs/rev pypy x_revs_x000_added_0_copies 4aa4e1f8e19a 359343b9ac0e : 1 revs, 0.000050 s, 0.000050 s, +0.000000 s, × 1.0000, 50 µs/rev pypy x_revs_x_added_x_copies ac52eb7bbbb0 72e022663155 : 7 revs, 0.000113 s, 0.000113 s, +0.000000 s, × 1.0000, 16 µs/rev pypy x_revs_x00_added_x_copies c3b14617fbd7 ace7255d9a26 : 1 revs, 0.6f1f4a s, 0.6f1f4a s, +0.000000 s, × 1.0000, 322 µs/rev pypy x_revs_x000_added_x000_copies df6f7a526b60 a83dc6a2d56f : 6 revs, 0.010788 s, 0.010702 s, -0.000086 s, × 0.9920, 1783 µs/rev pypy x000_revs_xx00_added_0_copies 89a76aede314 2f22446ff07e : 4785 revs, 0.050880 s, 0.050504 s, -0.000376 s, × 0.9926, 10 µs/rev pypy x000_revs_x000_added_x_copies 8a3b5bfd266e 2c68e87c3efe : 6780 revs, 0.081760 s, 0.080159 s, -0.001601 s, × 0.9804, 11 µs/rev pypy x000_revs_x000_added_x000_copies 89a76aede314 7b3dda341c84 : 5441 revs, 0.061382 s, 0.060058 s, -0.001324 s, × 0.9784, 11 µs/rev pypy x0000_revs_x_added_0_copies d1defd0dc478 c9cb1334cc78 : 43645 revs, 0.585802 s, 0.536950 s, -0.048852 s, × 0.9166, 12 µs/rev pypy x0000_revs_xx000_added_0_copies bf2c629d0071 4ffed77c095c : 2 revs, 0.012803 s, 0.012868 s, +0.000065 s, × 1.0051, 6434 µs/rev pypy x0000_revs_xx000_added_x000_copies 08ea3258278e d9fa043f30c0 : 11316 revs, 0.113558 s, 0.112806 s, -0.000752 s, × 0.9934, 9 µs/rev netbeans x_revs_x_added_0_copies fb0955ffcbcd a01e9239f9e7 : 2 revs, 0.000085 s, 0.000084 s, -0.000001 s, × 0.9882, 42 µs/rev netbeans x_revs_x000_added_0_copies 6f360122949f 20eb231cc7d0 : 2 revs, 0.000106 s, 0.000106 s, +0.000000 s, × 1.0000, 53 µs/rev netbeans x_revs_x_added_x_copies 1ada3faf6fb6 5a39d12eecf4 : 3 revs, 0.000175 s, 0.000174 s, -0.000001 s, × 0.9943, 58 µs/rev netbeans x_revs_x00_added_x_copies 35be93ba1e2c 9eec5e90c05f : 9 revs, 0.000721 s, 0.000726 s, +0.000005 s, × 1.0069, 80 µs/rev netbeans x000_revs_xx00_added_0_copies eac3045b4fdd 51d4ae7f1290 : 1421 revs, 0.010127 s, 0.010105 s, -0.000022 s, × 0.9978, 7 µs/rev netbeans x000_revs_x000_added_x_copies e2063d266acd 6081d72689dc : 1533 revs, 0.015616 s, 0.015748 s, +0.000132 s, × 1.0085, 10 µs/rev netbeans x000_revs_x000_added_x000_copies ff453e9fee32 411350406ec2 : 5750 revs, 0.061341 s, 0.060357 s, -0.000984 s, × 0.9840, 10 µs/rev netbeans x0000_revs_xx000_added_x000_copies 588c2d1ced70 1aad62e59ddd : 66949 revs, 0.542214 s, 0.499356 s, -0.042858 s, × 0.9210, 7 µs/rev mozilla-central x_revs_x_added_0_copies 3697f962bb7b 7015fcdd43a2 : 2 revs, 0.000089 s, 0.000092 s, +0.000003 s, × 1.0337, 46 µs/rev mozilla-central x_revs_x000_added_0_copies dd390860c6c9 40d0c5bed75d : 8 revs, 0.000279 s, 0.000279 s, +0.000000 s, × 1.0000, 34 µs/rev mozilla-central x_revs_x_added_x_copies 8d198483ae3b 14207ffc2b2f : 9 revs, 0.000184 s, 0.000186 s, +0.000002 s, × 1.0109, 20 µs/rev mozilla-central x_revs_x00_added_x_copies 98cbc58cc6bc 446a150332c3 : 7 revs, 0.000661 s, 0.000660 s, -0.000001 s, × 0.9985, 94 µs/rev mozilla-central x_revs_x000_added_x000_copies 3c684b4b8f68 0a5e72d1b479 : 3 revs, 0.003377 s, 0.003372 s, -0.000005 s, × 0.9985, 1124 µs/rev mozilla-central x_revs_x0000_added_x0000_copies effb563bb7e5 c07a39dc4e80 : 6 revs, 0.070508 s, 0.070294 s, -0.000214 s, × 0.9970, 11715 µs/rev mozilla-central x000_revs_xx00_added_0_copies 6100d773079a 04a55431795e : 1593 revs, 0.006576 s, 0.006545 s, -0.000031 s, × 0.9953, 4 µs/rev mozilla-central x000_revs_x000_added_x_copies 9f17a6fc04f9 2d37b966abed : 41 revs, 0.004809 s, 0.004998 s, +0.000189 s, × 1.0393, 121 µs/rev mozilla-central x000_revs_x000_added_x000_copies 7c97034feb78 4407bd0c6330 : 7839 revs, 0.064872 s, 0.063348 s, -0.001524 s, × 0.9765, 8 µs/rev mozilla-central x0000_revs_xx000_added_0_copies 9eec5917337d 67118cc6dcad : 615 revs, 0.026142 s, 0.026154 s, +0.000012 s, × 1.0005, 42 µs/rev mozilla-central x0000_revs_xx000_added_x000_copies f78c615a656c 96a38b690156 : 30263 revs, 0.203956 s, 0.199063 s, -0.004893 s, × 0.9760, 6 µs/rev mozilla-central x00000_revs_x0000_added_x0000_copies 6832ae71433c 4c222a1d9a00 : 153721 revs, 1.763853 s, 1.277320 s, -0.486533 s, × 0.7242, 8 µs/rev mozilla-central x00000_revs_x00000_added_x000_copies 76caed42cf7c 1daa622bbe42 : 204976 revs, 2.609761 s, 1.698794 s, -0.910967 s, × 0.6509, 8 µs/rev mozilla-try x_revs_x_added_0_copies aaf6dde0deb8 9790f499805a : 2 revs, 0.000847 s, 0.000842 s, -0.000005 s, × 0.9941, 421 µs/rev mozilla-try x_revs_x000_added_0_copies d8d0222927b4 5bb8ce8c7450 : 2 revs, 0.000867 s, 0.000865 s, -0.000002 s, × 0.9977, 432 µs/rev mozilla-try x_revs_x_added_x_copies 092fcca11bdb 936255a0384a : 4 revs, 0.000161 s, 0.000160 s, -0.000001 s, × 0.9938, 40 µs/rev mozilla-try x_revs_x00_added_x_copies b53d2fadbdb5 017afae788ec : 2 revs, 0.001131 s, 0.001122 s, -0.000009 s, × 0.9920, 561 µs/rev mozilla-try x_revs_x000_added_x000_copies 20408ad61ce5 6f0ee96e21ad : 1 revs, 0.033114 s, 0.032743 s, -0.000371 s, × 0.9888, 32743 µs/rev mozilla-try x_revs_x0000_added_x0000_copies effb563bb7e5 c07a39dc4e80 : 6 revs, 0.071092 s, 0.071529 s, +0.000437 s, × 1.0061, 11921 µs/rev mozilla-try x000_revs_xx00_added_0_copies 6100d773079a 04a55431795e : 1593 revs, 0.006554 s, 0.006593 s, +0.000039 s, × 1.0060, 4 µs/rev mozilla-try x000_revs_x000_added_x_copies 9f17a6fc04f9 2d37b966abed : 41 revs, 0.005160 s, 0.005311 s, +0.000151 s, × 1.0293, 129 µs/rev mozilla-try x000_revs_x000_added_x000_copies 1346fd0130e4 4c65cbdabc1f : 6657 revs, 0.065063 s, 0.063063 s, -0.002000 s, × 0.9693, 9 µs/rev mozilla-try x0000_revs_x_added_0_copies 63519bfd42ee a36a2a865d92 : 40314 revs, 0.297118 s, 0.312363 s, +0.015245 s, × 1.0513, 7 µs/rev mozilla-try x0000_revs_x_added_x_copies 9fe69ff0762d bcabf2a78927 : 38690 revs, 0.284002 s, 0.283106 s, -0.000896 s, × 0.9968, 7 µs/rev mozilla-try x0000_revs_xx000_added_x_copies 156f6e2674f2 4d0f2c178e66 : 8598 revs, 0.086311 s, 0.083817 s, -0.002494 s, × 0.9711, 9 µs/rev mozilla-try x0000_revs_xx000_added_0_copies 9eec5917337d 67118cc6dcad : 615 revs, 0.026738 s, 0.026516 s, -0.000222 s, × 0.9917, 43 µs/rev mozilla-try x0000_revs_xx000_added_x000_copies 89294cd501d9 7ccb2fc7ccb5 : 97052 revs, 1.514270 s, 1.304865 s, -0.209405 s, × 0.8617, 13 µs/rev mozilla-try x0000_revs_x0000_added_x0000_copies e928c65095ed e951f4ad123a : 52031 revs, 0.735875 s, 0.681088 s, -0.054787 s, × 0.9255, 13 µs/rev mozilla-try x00000_revs_x_added_0_copies 6a320851d377 1ebb79acd503 : 363753 revs, 4.843329 s, 4.454320 s, -0.389009 s, × 0.9197, 12 µs/rev mozilla-try x00000_revs_x00000_added_0_copies dc8a3ca7010e d16fde900c9c : 34414 revs, 0.591752 s, 0.567913 s, -0.023839 s, × 0.9597, 16 µs/rev mozilla-try x00000_revs_x_added_x_copies 5173c4b6f97c 95d83ee7242d : 362229 revs, 4.760563 s, 4.547043 s, -0.213520 s, × 0.9551, 12 µs/rev mozilla-try x00000_revs_x000_added_x_copies 9126823d0e9c ca82787bb23c : 359344 revs, 4.751942 s, 4.378579 s, -0.373363 s, × 0.9214, 12 µs/rev mozilla-try x00000_revs_x0000_added_x0000_copies 8d3fafa80d4b eb884023b810 : 192665 revs, 2.605014 s, 1.703622 s, -0.901392 s, × 0.6540, 8 µs/rev mozilla-try x00000_revs_x00000_added_x0000_copies 1b661134e2ca 1ae03d022d6d : 228985 revs, 41.113063 s, 36.001255 s, -5.111808 s, × 0.8757, 157 µs/rev mozilla-try x00000_revs_x00000_added_x000_copies 9b2a99adc05e 8e29777b48e6 : 382065 revs, 27.891612 s, 14.340641 s, -13.550971 s, × 0.5142, 37 µs/rev Differential Revision: https://phab.mercurial-scm.org/D9497

File last commit:

r35978:580f7b1b default
r46770:fce2f20a default
Show More
hgsh.c
438 lines | 8.5 KiB | text/x-c | CLexer
Vadim Gelfer
contrib: add restricted shell.
r2341 /*
* hgsh.c - restricted login shell for mercurial
*
* Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com>
*
* This software may be used and distributed according to the terms of the
* GNU General Public License, incorporated herein by reference.
*
* this program is login shell for dedicated mercurial user account. it
* only allows few actions:
*
* 1. run hg in server mode on specific repository. no other hg commands
* are allowed. we try to verify that repo to be accessed exists under
* given top-level directory.
*
* 2. (optional) forward ssh connection from firewall/gateway machine to
* "real" mercurial host, to let users outside intranet pull and push
* changes through firewall.
*
* 3. (optional) run normal shell, to allow to "su" to mercurial user, use
* "sudo" to run programs as that user, or run cron jobs as that user.
*
* only tested on linux yet. patches for non-linux systems welcome.
*/
#ifndef _GNU_SOURCE
#define _GNU_SOURCE /* for asprintf */
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sysexits.h>
#include <unistd.h>
/*
* user config.
*
* if you see a hostname below, just use first part of hostname. example,
* if you have host named foo.bar.com, use "foo".
*/
/*
* HG_GATEWAY: hostname of gateway/firewall machine that people outside your
* intranet ssh into if they need to ssh to other machines. if you do not
* have such machine, set to NULL.
*/
#ifndef HG_GATEWAY
Augie Fackler
hgsh: enable clang-format...
r35978 #define HG_GATEWAY "gateway"
Vadim Gelfer
contrib: add restricted shell.
r2341 #endif
/*
* HG_HOST: hostname of mercurial server. if any machine is allowed, set to
* NULL.
*/
#ifndef HG_HOST
Augie Fackler
hgsh: enable clang-format...
r35978 #define HG_HOST "mercurial"
Vadim Gelfer
contrib: add restricted shell.
r2341 #endif
/*
* HG_USER: username to log in from HG_GATEWAY to HG_HOST. if gateway and
* host username are same, set to NULL.
*/
#ifndef HG_USER
Augie Fackler
hgsh: enable clang-format...
r35978 #define HG_USER "hg"
Vadim Gelfer
contrib: add restricted shell.
r2341 #endif
/*
* HG_ROOT: root of tree full of mercurial repos. if you do not want to
* validate location of repo when someone is try to access, set to NULL.
*/
#ifndef HG_ROOT
Augie Fackler
hgsh: enable clang-format...
r35978 #define HG_ROOT "/home/hg/repos"
Vadim Gelfer
contrib: add restricted shell.
r2341 #endif
/*
* HG: path to the mercurial executable to run.
*/
#ifndef HG
Augie Fackler
hgsh: enable clang-format...
r35978 #define HG "/home/hg/bin/hg"
Vadim Gelfer
contrib: add restricted shell.
r2341 #endif
/*
* HG_SHELL: shell to use for actions like "sudo" and "su" access to
* mercurial user, and cron jobs. if you want to make these things
* impossible, set to NULL.
*/
#ifndef HG_SHELL
Augie Fackler
hgsh: enable clang-format...
r35978 #define HG_SHELL NULL
Matt Mackall
many, many trivial check-code fixups
r10282 /* #define HG_SHELL "/bin/bash" */
Vadim Gelfer
contrib: add restricted shell.
r2341 #endif
/*
* HG_HELP: some way for users to get support if they have problem. if they
* should not get helpful message, set to NULL.
*/
#ifndef HG_HELP
Augie Fackler
hgsh: enable clang-format...
r35978 #define HG_HELP "please contact support@example.com for help."
Vadim Gelfer
contrib: add restricted shell.
r2341 #endif
/*
* SSH: path to ssh executable to run, if forwarding from HG_GATEWAY to
* HG_HOST. if you want to use rsh instead (why?), you need to modify
* arguments it is called with. see forward_through_gateway.
*/
#ifndef SSH
Augie Fackler
hgsh: enable clang-format...
r35978 #define SSH "/usr/bin/ssh"
Vadim Gelfer
contrib: add restricted shell.
r2341 #endif
/*
* tell whether to print command that is to be executed. useful for
* debugging. should not interfere with mercurial operation, since
* mercurial only cares about stdin and stdout, and this prints to stderr.
*/
static const int debug = 0;
static void print_cmdline(int argc, char **argv)
{
Matt Mackall
many, many trivial check-code fixups
r10282 FILE *fp = stderr;
int i;
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 fputs("command: ", fp);
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 for (i = 0; i < argc; i++) {
char *spc = strpbrk(argv[i], " \t\r\n");
if (spc) {
fputc('\'', fp);
}
fputs(argv[i], fp);
if (spc) {
fputc('\'', fp);
}
if (i < argc - 1) {
fputc(' ', fp);
}
}
fputc('\n', fp);
fflush(fp);
Vadim Gelfer
contrib: add restricted shell.
r2341 }
static void usage(const char *reason, int exitcode)
{
Matt Mackall
many, many trivial check-code fixups
r10282 char *hg_help = HG_HELP;
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 if (reason) {
fprintf(stderr, "*** Error: %s.\n", reason);
}
fprintf(stderr, "*** This program has been invoked incorrectly.\n");
if (hg_help) {
fprintf(stderr, "*** %s\n", hg_help);
}
exit(exitcode ? exitcode : EX_USAGE);
Vadim Gelfer
contrib: add restricted shell.
r2341 }
/*
* run on gateway host to make another ssh connection, to "real" mercurial
* server. it sends its command line unmodified to far end.
*
* never called if HG_GATEWAY is NULL.
*/
static void forward_through_gateway(int argc, char **argv)
{
Matt Mackall
many, many trivial check-code fixups
r10282 char *ssh = SSH;
char *hg_host = HG_HOST;
char *hg_user = HG_USER;
char **nargv = alloca((10 + argc) * sizeof(char *));
int i = 0, j;
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 nargv[i++] = ssh;
nargv[i++] = "-q";
nargv[i++] = "-T";
nargv[i++] = "-x";
if (hg_user) {
nargv[i++] = "-l";
nargv[i++] = hg_user;
}
nargv[i++] = hg_host;
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 /*
* sshd called us with added "-c", because it thinks we are a shell.
* drop it if we find it.
*/
j = 1;
if (j < argc && strcmp(argv[j], "-c") == 0) {
j++;
}
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 for (; j < argc; i++, j++) {
nargv[i] = argv[j];
}
nargv[i] = NULL;
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 if (debug) {
print_cmdline(i, nargv);
}
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 execv(ssh, nargv);
perror(ssh);
exit(EX_UNAVAILABLE);
Vadim Gelfer
contrib: add restricted shell.
r2341 }
/*
* run shell. let administrator "su" to mercurial user's account to do
* administrative works.
*
* never called if HG_SHELL is NULL.
*/
static void run_shell(int argc, char **argv)
{
Matt Mackall
many, many trivial check-code fixups
r10282 char *hg_shell = HG_SHELL;
char **nargv;
char *c;
int i;
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 nargv = alloca((argc + 3) * sizeof(char *));
c = strrchr(hg_shell, '/');
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 /* tell "real" shell it is login shell, if needed. */
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 if (argv[0][0] == '-' && c) {
nargv[0] = strdup(c);
if (nargv[0] == NULL) {
perror("malloc");
exit(EX_OSERR);
}
nargv[0][0] = '-';
} else {
nargv[0] = hg_shell;
}
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 for (i = 1; i < argc; i++) {
nargv[i] = argv[i];
}
nargv[i] = NULL;
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 if (debug) {
print_cmdline(i, nargv);
}
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 execv(hg_shell, nargv);
perror(hg_shell);
exit(EX_OSFILE);
Vadim Gelfer
contrib: add restricted shell.
r2341 }
Vadim Gelfer
contrib/hgsh: make to work with remote clone over ssh.
r2602 enum cmdline {
Matt Mackall
many, many trivial check-code fixups
r10282 hg_init,
hg_serve,
Vadim Gelfer
contrib/hgsh: make to work with remote clone over ssh.
r2602 };
Vadim Gelfer
contrib: add restricted shell.
r2341 /*
Bryan O'Sullivan
contrib/hgsh: Check for .hg/store as well as .hg/data....
r4419 * attempt to verify that a directory is really a hg repo, by testing
* for the existence of a subdirectory.
*/
static int validate_repo(const char *repo_root, const char *subdir)
{
Matt Mackall
many, many trivial check-code fixups
r10282 char *abs_path;
struct stat st;
int ret;
Bryan O'Sullivan
contrib/hgsh: Check for .hg/store as well as .hg/data....
r4419
Matt Mackall
many, many trivial check-code fixups
r10282 if (asprintf(&abs_path, "%s.hg/%s", repo_root, subdir) == -1) {
ret = -1;
goto bail;
}
Bryan O'Sullivan
contrib/hgsh: Check for .hg/store as well as .hg/data....
r4419
Matt Mackall
many, many trivial check-code fixups
r10282 /* verify that we really are looking at valid repo. */
Bryan O'Sullivan
contrib/hgsh: Check for .hg/store as well as .hg/data....
r4419
Matt Mackall
many, many trivial check-code fixups
r10282 if (stat(abs_path, &st) == -1) {
ret = 0;
} else {
ret = 1;
}
Bryan O'Sullivan
contrib/hgsh: Check for .hg/store as well as .hg/data....
r4419
bail:
Matt Mackall
many, many trivial check-code fixups
r10282 return ret;
Bryan O'Sullivan
contrib/hgsh: Check for .hg/store as well as .hg/data....
r4419 }
/*
Vadim Gelfer
contrib: add restricted shell.
r2341 * paranoid wrapper, runs hg executable in server mode.
*/
static void serve_data(int argc, char **argv)
{
Matt Mackall
many, many trivial check-code fixups
r10282 char *hg_root = HG_ROOT;
char *repo, *repo_root;
enum cmdline cmd;
char *nargv[6];
size_t repolen;
int i;
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 /*
* check argv for looking okay. we should be invoked with argv
* resembling like this:
*
* hgsh
* -c
* hg -R some/path serve --stdio
*
* the "-c" is added by sshd, because it thinks we are login shell.
*/
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 if (argc != 3) {
goto badargs;
}
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 if (strcmp(argv[1], "-c") != 0) {
goto badargs;
}
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 if (sscanf(argv[2], "hg init %as", &repo) == 1) {
cmd = hg_init;
Augie Fackler
hgsh: enable clang-format...
r35978 } else if (sscanf(argv[2], "hg -R %as serve --stdio", &repo) == 1) {
Matt Mackall
many, many trivial check-code fixups
r10282 cmd = hg_serve;
} else {
Vadim Gelfer
contrib/hgsh: make to work with remote clone over ssh.
r2602 goto badargs;
Matt Mackall
many, many trivial check-code fixups
r10282 }
Thomas Arendsen Hein
Remove trailing spaces
r5081
Matt Mackall
many, many trivial check-code fixups
r10282 repolen = repo ? strlen(repo) : 0;
Vadim Gelfer
contrib/hgsh: make to work with remote clone over ssh.
r2602
Matt Mackall
many, many trivial check-code fixups
r10282 if (repolen == 0) {
goto badargs;
Vadim Gelfer
contrib/hgsh: make to work with remote clone over ssh.
r2602 }
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 if (hg_root) {
if (asprintf(&repo_root, "%s/%s/", hg_root, repo) == -1) {
goto badargs;
}
/*
* attempt to stop break out from inside the
* repository tree. could do something more clever
* here, because e.g. we could traverse a symlink that
* looks safe, but really breaks us out of tree.
*/
if (strstr(repo_root, "/../") != NULL) {
goto badargs;
}
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 /* only hg init expects no repo. */
if (cmd != hg_init) {
int valid;
valid = validate_repo(repo_root, "data");
if (valid == -1) {
goto badargs;
}
if (valid == 0) {
valid = validate_repo(repo_root, "store");
if (valid == -1) {
goto badargs;
}
}
Vadim Gelfer
contrib/hgsh: make to work with remote clone over ssh.
r2602
Matt Mackall
many, many trivial check-code fixups
r10282 if (valid == 0) {
perror(repo);
exit(EX_DATAERR);
}
}
if (chdir(hg_root) == -1) {
perror(hg_root);
exit(EX_SOFTWARE);
}
}
i = 0;
Thomas Arendsen Hein
Remove trailing spaces
r5081
Matt Mackall
many, many trivial check-code fixups
r10282 switch (cmd) {
case hg_serve:
nargv[i++] = HG;
nargv[i++] = "-R";
nargv[i++] = repo;
nargv[i++] = "serve";
nargv[i++] = "--stdio";
break;
case hg_init:
nargv[i++] = HG;
nargv[i++] = "init";
nargv[i++] = repo;
break;
}
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 nargv[i] = NULL;
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 if (debug) {
print_cmdline(i, nargv);
}
execv(HG, nargv);
perror(HG);
exit(EX_UNAVAILABLE);
Vadim Gelfer
contrib: add restricted shell.
r2341
badargs:
Matt Mackall
many, many trivial check-code fixups
r10282 /* print useless error message. */
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 usage("invalid arguments", EX_DATAERR);
Vadim Gelfer
contrib: add restricted shell.
r2341 }
int main(int argc, char **argv)
{
Matt Mackall
many, many trivial check-code fixups
r10282 char host[1024];
char *c;
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 if (gethostname(host, sizeof(host)) == -1) {
perror("gethostname");
exit(EX_OSERR);
}
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 if ((c = strchr(host, '.')) != NULL) {
*c = '\0';
}
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 if (getenv("SSH_CLIENT")) {
char *hg_gateway = HG_GATEWAY;
char *hg_host = HG_HOST;
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 if (hg_gateway && strcmp(host, hg_gateway) == 0) {
forward_through_gateway(argc, argv);
}
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 if (hg_host && strcmp(host, hg_host) != 0) {
usage("invoked on unexpected host", EX_USAGE);
}
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 serve_data(argc, argv);
} else if (HG_SHELL) {
run_shell(argc, argv);
} else {
usage("invalid arguments", EX_DATAERR);
}
Vadim Gelfer
contrib: add restricted shell.
r2341
Matt Mackall
many, many trivial check-code fixups
r10282 return 0;
Vadim Gelfer
contrib: add restricted shell.
r2341 }