| e732d1e by Johan Sørensen at 2008-01-06 | 1 | #!/usr/bin/env ruby |
| 271e194 by Johan Sørensen at 2007-12-31 | 2 | |
| dc6c46e by Johan Sørensen at 2008-01-06 | 3 | require "yaml" |
| 271e194 by Johan Sørensen at 2007-12-31 | 4 | if File.symlink?(__FILE__) |
| 5 | $:.unshift File.dirname(File.readlink(__FILE__)) + "/../lib/gitorious/ssh" |
|
| 150c93e by Johan Sørensen at 2008-01-26 | 6 | BASE_DIR = File.dirname(File.readlink(__FILE__)) + "/../" |
| 7 | conf_file = File.join(BASE_DIR, "config/gitorious.yml") |
|
| 271e194 by Johan Sørensen at 2007-12-31 | 8 | else |
| 9 | $:.unshift File.dirname(__FILE__) + "/../lib/gitorious/ssh" |
|
| 150c93e by Johan Sørensen at 2008-01-26 | 10 | BASE_DIR = File.dirname(__FILE__) + "/../" |
| 11 | conf_file = File.join(BASE_DIR, "config/gitorious.yml") |
|
| 271e194 by Johan Sørensen at 2007-12-31 | 12 | end |
| 13 | ||
| 98ce813 by Marius Mathiesen at 2009-06-24 | 14 | #$DEBUG=true |
| 15 | ||
| 577b527 by Tor Arne Vestbø at 2009-04-22 | 16 | RAILS_ENV = ENV['RAILS_ENV'] ||= 'production' |
| 17 | ||
| 18 | GitoriousConfig = YAML::load_file(conf_file)[RAILS_ENV] |
|
| fbda043 by Johan Sørensen at 2008-01-06 | 19 | |
| a67761b by Johan Sørensen at 2008-01-07 | 20 | ENV["PATH"] = "/usr/local/bin/:/opt/local/bin:#{ENV["PATH"]}" |
| 271e194 by Johan Sørensen at 2007-12-31 | 21 | |
| 150c93e by Johan Sørensen at 2008-01-26 | 22 | require "logger" |
| 271e194 by Johan Sørensen at 2007-12-31 | 23 | require "strainer" |
| 24 | require "client" |
|
| 25 | ||
| 26 | File.umask(0022) |
|
| 27 | original_command = ENV["SSH_ORIGINAL_COMMAND"] |
|
| 150c93e by Johan Sørensen at 2008-01-26 | 28 | user = ARGV[0] |
| 29 | ||
| 30 | logger = Logger.new(File.join(BASE_DIR, "log", "gitorious_auth.log")) |
|
| 31 | logger.formatter = Logger::Formatter.new |
|
| 32 | logger.level = Logger::INFO |
|
| 33 | logger.formatter.datetime_format = "%Y-%m-%d %H:%M:%S" |
|
| 34 | logger.info("Connection from #{ENV['SSH_CLIENT'].inspect} (#{user || nil}): #{original_command || nil}") |
|
| 35 | ||
| 271e194 by Johan Sørensen at 2007-12-31 | 36 | $stderr.puts "original_command: #{original_command.inspect}" if $DEBUG |
| 37 | if original_command.nil? || original_command.strip.empty? |
|
| bd6054a by Johan Sørensen at 2009-05-19 | 38 | logger.info("Need SSH_ORIGINAL_COMMAND") |
| 271e194 by Johan Sørensen at 2007-12-31 | 39 | $stderr.puts "Need SSH_ORIGINAL_COMMAND" |
| 40 | exit!(1) |
|
| 41 | end |
|
| 42 | ||
| 43 | $stderr.puts "user: #{user.inspect}" if $DEBUG |
|
| 44 | if user.nil? || user.strip.empty? |
|
| bd6054a by Johan Sørensen at 2009-05-19 | 45 | logger.info("Need user arg") |
| ef4f4a0 by Johan Sørensen at 2009-07-21 | 46 | $stderr.puts "Need user arg" |
| 271e194 by Johan Sørensen at 2007-12-31 | 47 | exit!(1) |
| 48 | end |
|
| 49 | ||
| d93bfa1 by Johan Sørensen at 2009-06-29 | 50 | def gitorious_says(msg) |
| 51 | $stderr.puts |
|
| 52 | $stderr.puts "== Gitorious: " + ("=" * 59) |
|
| 53 | $stderr.puts msg |
|
| 54 | $stderr.puts "="*72 |
|
| 55 | $stderr.puts |
|
| 56 | end |
|
| 57 | ||
| 271e194 by Johan Sørensen at 2007-12-31 | 58 | begin |
| 59 | strainer = Gitorious::SSH::Strainer.new(original_command).parse! |
|
| 60 | client = Gitorious::SSH::Client.new(strainer, user) |
|
| 61 | ||
| 98ce813 by Marius Mathiesen at 2009-06-24 | 62 | args = client.to_git_shell_argument |
| 63 | $stderr.puts "git-shell -c #{args.inspect}" if $DEBUG |
|
| 64 | ENV['GITORIOUS_WRITABLE_BY_URL'] = client.writable_by_query_url |
|
| 30582e6 by Marius Mathiesen at 2009-06-24 | 65 | ENV['GITORIOUS_USER'] = user |
| 7280afb by Johan Sørensen at 2009-06-29 | 66 | ENV['GITORIOUS_BASE_DIR'] = BASE_DIR |
| 4303f75 by Johan Sørensen at 2009-07-10 | 67 | ENV['GITORIOUS_DENY_FORCE_PUSHES'] = client.force_pushing_denied? ? "true" : "false" |
| 98ce813 by Marius Mathiesen at 2009-06-24 | 68 | |
| 69 | logger.info("Accepted #{user.inspect} for #{args.inspect}") |
|
| 2fba8e2 by Marius Mathiesen at 2009-06-24 | 70 | if client.pre_receive_hook_exists? |
| d93bfa1 by Johan Sørensen at 2009-06-29 | 71 | exec("git-shell", "-c", args) |
| 2fba8e2 by Marius Mathiesen at 2009-06-24 | 72 | else |
| 73 | logger.fatal("The pre-receive hook is not executable") |
|
| d93bfa1 by Johan Sørensen at 2009-06-29 | 74 | gitorious_says "Fatal error, please contact support" |
| 2fba8e2 by Marius Mathiesen at 2009-06-24 | 75 | exit!(1) |
| 76 | end |
|
| 271e194 by Johan Sørensen at 2007-12-31 | 77 | |
| 78 | unless $?.success? |
|
| bd6054a by Johan Sørensen at 2009-05-19 | 79 | logger.fatal("Failed to execute git command") |
| d93bfa1 by Johan Sørensen at 2009-06-29 | 80 | gitorious_says "Failed to execute git command" |
| 271e194 by Johan Sørensen at 2007-12-31 | 81 | exit!(1) |
| 82 | end |
|
| 83 | rescue Gitorious::SSH::AccessDeniedError => e |
|
| bd6054a by Johan Sørensen at 2009-05-19 | 84 | logger.info("Access denied or bad repository path for #{user.inspect}: #{original_command.inspect}") |
| d93bfa1 by Johan Sørensen at 2009-06-29 | 85 | gitorious_says "Access denied or wrong repository path" |
| 271e194 by Johan Sørensen at 2007-12-31 | 86 | exit!(1) |
| 87 | rescue Gitorious::SSH::BadCommandError => e |
|
| bd6054a by Johan Sørensen at 2009-05-19 | 88 | logger.info("Access denied or bad command for #{user.inspect}: #{original_command.inspect}") |
| d93bfa1 by Johan Sørensen at 2009-06-29 | 89 | gitorious_says "Access denied or bad command" |
| 271e194 by Johan Sørensen at 2007-12-31 | 90 | exit!(1) |
| 4b95da4 by Johan Sørensen at 2009-06-29 | 91 | rescue Errno::ECONNREFUSED => e |
| 92 | logger.fatal("Connection refused querying for paths/permissions") |
|
| 93 | gitorious_says("Temporary error. Please try again shortly") |
|
| 94 | exit!(1) |
|
| 271e194 by Johan Sørensen at 2007-12-31 | 95 | rescue Object => e |
| 96 | if $DEBUG |
|
| 97 | $stderr.puts "#{e.class.name} #{e.message}" |
|
| 98 | $stderr.puts e.backtrace.join(" \n") |
|
| 99 | end |
|
| bd6054a by Johan Sørensen at 2009-05-19 | 100 | logger.fatal("#{e.class.name} #{e.message}: #{e.backtrace.join("\n ")}") |
| d93bfa1 by Johan Sørensen at 2009-06-29 | 101 | gitorious_says "fatal error" |
| 271e194 by Johan Sørensen at 2007-12-31 | 102 | exit(1) |
| 103 | end |
