Show More
| @@ -1,57 +1,63 b'' | |||
|
|
1 | 1 | #!/usr/bin/env python |
|
|
2 | 2 | # |
|
|
3 | 3 | # Copyright 2005-2007 by Intevation GmbH <intevation@intevation.de> |
|
|
4 | 4 | # |
|
|
5 | 5 | # Author(s): |
|
|
6 | 6 | # Thomas Arendsen Hein <thomas@intevation.de> |
|
|
7 | 7 | # |
|
|
8 | 8 | # This software may be used and distributed according to the terms of the |
|
|
9 | 9 | # GNU General Public License version 2 or any later version. |
|
|
10 | 10 | |
|
|
11 | 11 | """ |
|
|
12 | 12 | hg-ssh - a wrapper for ssh access to a limited set of mercurial repos |
|
|
13 | 13 | |
|
|
14 | 14 | To be used in ~/.ssh/authorized_keys with the "command" option, see sshd(8): |
|
|
15 | 15 | command="hg-ssh path/to/repo1 /path/to/repo2 ~/repo3 ~user/repo4" ssh-dss ... |
|
|
16 | 16 | (probably together with these other useful options: |
|
|
17 | 17 | no-port-forwarding,no-X11-forwarding,no-agent-forwarding) |
|
|
18 | 18 | |
|
|
19 | 19 | This allows pull/push over ssh from/to the repositories given as arguments. |
|
|
20 | 20 | |
|
|
21 | 21 | If all your repositories are subdirectories of a common directory, you can |
|
|
22 | 22 | allow shorter paths with: |
|
|
23 | 23 | command="cd path/to/my/repositories && hg-ssh repo1 subdir/repo2" |
|
|
24 | 24 | |
|
|
25 | 25 | You can use pattern matching of your normal shell, e.g.: |
|
|
26 | 26 | command="cd repos && hg-ssh user/thomas/* projects/{mercurial,foo}" |
|
|
27 | 27 | """ |
|
|
28 | 28 | |
|
|
29 | 29 | # enable importing on demand to reduce startup time |
|
|
30 | 30 | from mercurial import demandimport; demandimport.enable() |
|
|
31 | 31 | |
|
|
32 | 32 | from mercurial import dispatch |
|
|
33 | 33 | |
|
|
34 | 34 | import sys, os, shlex |
|
|
35 | 35 | |
|
|
36 | cwd = os.getcwd() | |
|
|
37 | allowed_paths = [os.path.normpath(os.path.join(cwd, os.path.expanduser(path))) | |
|
|
38 | for path in sys.argv[1:]] | |
|
|
39 | orig_cmd = os.getenv('SSH_ORIGINAL_COMMAND', '?') | |
|
|
40 | try: | |
|
|
41 | cmdargv = shlex.split(orig_cmd) | |
|
|
42 | except ValueError, e: | |
|
|
43 | sys.stderr.write('Illegal command "%s": %s\n' % (orig_cmd, e)) | |
|
|
44 | sys.exit(255) | |
|
|
36 | def main(): | |
|
|
37 | cwd = os.getcwd() | |
|
|
38 | allowed_paths = [os.path.normpath(os.path.join(cwd, | |
|
|
39 | os.path.expanduser(path))) | |
|
|
40 | for path in sys.argv[1:]] | |
|
|
41 | orig_cmd = os.getenv('SSH_ORIGINAL_COMMAND', '?') | |
|
|
42 | try: | |
|
|
43 | cmdargv = shlex.split(orig_cmd) | |
|
|
44 | except ValueError, e: | |
|
|
45 | sys.stderr.write('Illegal command "%s": %s\n' % (orig_cmd, e)) | |
|
|
46 | sys.exit(255) | |
|
|
45 | 47 | |
|
|
46 | if cmdargv[:2] == ['hg', '-R'] and cmdargv[3:] == ['serve', '--stdio']: | |
|
|
47 | path = cmdargv[2] | |
|
|
48 | repo = os.path.normpath(os.path.join(cwd, os.path.expanduser(path))) | |
|
|
49 | if repo in allowed_paths: | |
|
|
50 |
dispatch.dispatch(dispatch.request(['-R', repo, |
|
|
|
48 | if cmdargv[:2] == ['hg', '-R'] and cmdargv[3:] == ['serve', '--stdio']: | |
|
|
49 | path = cmdargv[2] | |
|
|
50 | repo = os.path.normpath(os.path.join(cwd, os.path.expanduser(path))) | |
|
|
51 | if repo in allowed_paths: | |
|
|
52 | dispatch.dispatch(dispatch.request(['-R', repo, | |
|
|
53 | 'serve', | |
|
|
54 | '--stdio'])) | |
|
|
55 | else: | |
|
|
56 | sys.stderr.write('Illegal repository "%s"\n' % repo) | |
|
|
57 | sys.exit(255) | |
|
|
51 | 58 | else: |
|
|
52 |
sys.stderr.write('Illegal |
|
|
|
59 | sys.stderr.write('Illegal command "%s"\n' % orig_cmd) | |
|
|
53 | 60 | sys.exit(255) |
|
|
54 | else: | |
|
|
55 | sys.stderr.write('Illegal command "%s"\n' % orig_cmd) | |
|
|
56 | sys.exit(255) | |
|
|
57 | 61 | |
|
|
62 | if __name__ == '__main__': | |
|
|
63 | main() | |
General Comments 0
You need to be logged in to leave comments.
Login now