2005-11-13 04:06:02 +03:00
|
|
|
#!/usr/bin/env python
|
|
|
|
#
|
2007-08-17 21:11:16 +04:00
|
|
|
# Copyright 2005-2007 by Intevation GmbH <intevation@intevation.de>
|
2009-04-26 03:25:53 +04:00
|
|
|
#
|
2005-11-13 04:06:02 +03:00
|
|
|
# Author(s):
|
|
|
|
# Thomas Arendsen Hein <thomas@intevation.de>
|
|
|
|
#
|
2009-04-26 03:08:54 +04:00
|
|
|
# This software may be used and distributed according to the terms of the
|
2010-01-20 07:20:08 +03:00
|
|
|
# GNU General Public License version 2 or any later version.
|
2005-11-13 04:06:02 +03:00
|
|
|
|
|
|
|
"""
|
|
|
|
hg-ssh - a wrapper for ssh access to a limited set of mercurial repos
|
|
|
|
|
|
|
|
To be used in ~/.ssh/authorized_keys with the "command" option, see sshd(8):
|
|
|
|
command="hg-ssh path/to/repo1 /path/to/repo2 ~/repo3 ~user/repo4" ssh-dss ...
|
|
|
|
(probably together with these other useful options:
|
|
|
|
no-port-forwarding,no-X11-forwarding,no-agent-forwarding)
|
|
|
|
|
2011-04-22 18:43:06 +04:00
|
|
|
This allows pull/push over ssh from/to the repositories given as arguments.
|
2005-11-13 04:06:02 +03:00
|
|
|
|
|
|
|
If all your repositories are subdirectories of a common directory, you can
|
|
|
|
allow shorter paths with:
|
|
|
|
command="cd path/to/my/repositories && hg-ssh repo1 subdir/repo2"
|
2006-01-26 18:37:31 +03:00
|
|
|
|
|
|
|
You can use pattern matching of your normal shell, e.g.:
|
|
|
|
command="cd repos && hg-ssh user/thomas/* projects/{mercurial,foo}"
|
2012-05-23 02:17:37 +04:00
|
|
|
|
|
|
|
You can also add a --read-only flag to allow read-only access to a key, e.g.:
|
|
|
|
command="hg-ssh --read-only repos/*"
|
2005-11-13 04:06:02 +03:00
|
|
|
"""
|
|
|
|
|
2007-08-18 13:37:08 +04:00
|
|
|
# enable importing on demand to reduce startup time
|
|
|
|
from mercurial import demandimport; demandimport.enable()
|
|
|
|
|
2007-08-17 21:11:16 +04:00
|
|
|
from mercurial import dispatch
|
2005-11-13 04:06:02 +03:00
|
|
|
|
2011-12-08 19:28:18 +04:00
|
|
|
import sys, os, shlex
|
2005-11-13 04:06:02 +03:00
|
|
|
|
2012-05-22 03:19:30 +04:00
|
|
|
def main():
|
|
|
|
cwd = os.getcwd()
|
2012-05-23 02:17:37 +04:00
|
|
|
readonly = False
|
|
|
|
args = sys.argv[1:]
|
|
|
|
while len(args):
|
|
|
|
if args[0] == '--read-only':
|
|
|
|
readonly = True
|
|
|
|
args.pop(0)
|
|
|
|
else:
|
|
|
|
break
|
2012-05-22 03:19:30 +04:00
|
|
|
allowed_paths = [os.path.normpath(os.path.join(cwd,
|
|
|
|
os.path.expanduser(path)))
|
2012-05-23 02:17:37 +04:00
|
|
|
for path in args]
|
2012-05-22 03:19:30 +04:00
|
|
|
orig_cmd = os.getenv('SSH_ORIGINAL_COMMAND', '?')
|
|
|
|
try:
|
|
|
|
cmdargv = shlex.split(orig_cmd)
|
|
|
|
except ValueError, e:
|
|
|
|
sys.stderr.write('Illegal command "%s": %s\n' % (orig_cmd, e))
|
|
|
|
sys.exit(255)
|
|
|
|
|
|
|
|
if cmdargv[:2] == ['hg', '-R'] and cmdargv[3:] == ['serve', '--stdio']:
|
|
|
|
path = cmdargv[2]
|
|
|
|
repo = os.path.normpath(os.path.join(cwd, os.path.expanduser(path)))
|
|
|
|
if repo in allowed_paths:
|
2012-05-23 02:17:37 +04:00
|
|
|
cmd = ['-R', repo, 'serve', '--stdio']
|
|
|
|
if readonly:
|
|
|
|
cmd += [
|
|
|
|
'--config',
|
|
|
|
'hooks.prechangegroup.hg-ssh=python:__main__.rejectpush',
|
|
|
|
'--config',
|
|
|
|
'hooks.prepushkey.hg-ssh=python:__main__.rejectpush'
|
|
|
|
]
|
|
|
|
dispatch.dispatch(dispatch.request(cmd))
|
2012-05-22 03:19:30 +04:00
|
|
|
else:
|
|
|
|
sys.stderr.write('Illegal repository "%s"\n' % repo)
|
|
|
|
sys.exit(255)
|
2005-11-13 04:06:02 +03:00
|
|
|
else:
|
2012-05-22 03:19:30 +04:00
|
|
|
sys.stderr.write('Illegal command "%s"\n' % orig_cmd)
|
2012-05-07 02:52:08 +04:00
|
|
|
sys.exit(255)
|
2005-11-13 04:06:02 +03:00
|
|
|
|
2012-05-23 02:17:37 +04:00
|
|
|
def rejectpush(ui, **kwargs):
|
|
|
|
ui.warn("Permission denied\n")
|
|
|
|
# mercurial hooks use unix process conventions for hook return values
|
|
|
|
# so a truthy return means failure
|
|
|
|
return True
|
|
|
|
|
2012-05-22 03:19:30 +04:00
|
|
|
if __name__ == '__main__':
|
|
|
|
main()
|