1 files changed, 32 insertions, 1 deletions
diff --git a/forced-ssh-command b/forced-ssh-command
index 4af26c6..e06d96c 100755
--- a/forced-ssh-command
+++ b/forced-ssh-command
@@ -141,14 +141,45 @@ valid_new_public_repo()
  esac
 }
+GET_NOMIC_USER()
+{
+    local whitelist_dir="$1" a b keytype keyval keyname
+    if [ "$NOMIC_USER" ]
+    then
+        return
+    elif [ "$SSH_USER_AUTH" ] && [ -f "$SSH_USER_AUTH" ]
+    then
+        read authtype keytype keyval < "$SSH_USER_AUTH"
+        [ "$authtype" = publickey ] || exit
+        for keyname in "${whitelist_dir}"/*
+        do
+            while read a b _
+            do
+                case "$a $b" in
+                    "$keytype $keyval")
+                        NOMIC_USER=${keyname#authorized_keys.d/}
+                        break
+                        ;;
+                esac
+            done < "$keyname"
+        done
+        true
+    else
+        warn "\$SSH_USER_AUTH missing.  Try putting 'ExposeAuthInfo yes' in /etc/ssh/sshd_config"
+        false
+    fi
+}
 check_if_ssh_user_owns_repository()
 {
  git --git-dir "$git_dir" config --get-all samizdat.anonymous-ssh-owner | grep -xqF "$SSH_REMOTE_FINGERPRINT_TRIMMED"
 }
 ssh_user_owns_repository()
 {
  if [ -z "$SSH_USER_OWNS_REPOSITORY" ]; then
-    check_if_ssh_user_owns_repository
+    check_if_ssh_user_owns_repository || GET_NOMIC_USER "$git_dir"
    SSH_USER_OWNS_REPOSITORY=$?
  fi
  return $SSH_USER_OWNS_REPOSITORY

diff --git a/forced-ssh-command b/forced-ssh-command index 4af26c6..e06d96c 100755 --- a/forced-ssh-command +++ b/forced-ssh-command
@@ -141,14 +141,45 @@ valid_new_public_repo()
141	esac	141	esac
142	}	142	}
143		143
		144	GET_NOMIC_USER()
		145	{
		146	local whitelist_dir="$1" a b keytype keyval keyname
		147	if [ "$NOMIC_USER" ]
		148	then
		149	return
		150	elif [ "$SSH_USER_AUTH" ] && [ -f "$SSH_USER_AUTH" ]
		151	then
		152	read authtype keytype keyval < "$SSH_USER_AUTH"
		153	[ "$authtype" = publickey ] \|\| exit
		154
		155	for keyname in "${whitelist_dir}"/*
		156	do
		157	while read a b _
		158	do
		159	case "$a $b" in
		160	"$keytype $keyval")
		161	NOMIC_USER=${keyname#authorized_keys.d/}
		162	break
		163	;;
		164	esac
		165	done < "$keyname"
		166	done
		167	true
		168	else
		169	warn "\$SSH_USER_AUTH missing. Try putting 'ExposeAuthInfo yes' in /etc/ssh/sshd_config"
		170	false
		171	fi
		172	}
		173
144	check_if_ssh_user_owns_repository()	174	check_if_ssh_user_owns_repository()
145	{	175	{
146	git --git-dir "$git_dir" config --get-all samizdat.anonymous-ssh-owner \| grep -xqF "$SSH_REMOTE_FINGERPRINT_TRIMMED"	176	git --git-dir "$git_dir" config --get-all samizdat.anonymous-ssh-owner \| grep -xqF "$SSH_REMOTE_FINGERPRINT_TRIMMED"
147	}	177	}
		178
148	ssh_user_owns_repository()	179	ssh_user_owns_repository()
149	{	180	{
150	if [ -z "$SSH_USER_OWNS_REPOSITORY" ]; then	181	if [ -z "$SSH_USER_OWNS_REPOSITORY" ]; then
151	check_if_ssh_user_owns_repository	182	check_if_ssh_user_owns_repository \|\| GET_NOMIC_USER "$git_dir"
152	SSH_USER_OWNS_REPOSITORY=$?	183	SSH_USER_OWNS_REPOSITORY=$?
153	fi	184	fi
154	return $SSH_USER_OWNS_REPOSITORY	185	return $SSH_USER_OWNS_REPOSITORY