diff options
Diffstat (limited to 'forced-ssh-command')
-rwxr-xr-x | forced-ssh-command | 33 |
1 files changed, 32 insertions, 1 deletions
diff --git a/forced-ssh-command b/forced-ssh-command index 4af26c6..e06d96c 100755 --- a/forced-ssh-command +++ b/forced-ssh-command | |||
@@ -141,14 +141,45 @@ valid_new_public_repo() | |||
141 | esac | 141 | esac |
142 | } | 142 | } |
143 | 143 | ||
144 | GET_NOMIC_USER() | ||
145 | { | ||
146 | local whitelist_dir="$1" a b keytype keyval keyname | ||
147 | if [ "$NOMIC_USER" ] | ||
148 | then | ||
149 | return | ||
150 | elif [ "$SSH_USER_AUTH" ] && [ -f "$SSH_USER_AUTH" ] | ||
151 | then | ||
152 | read authtype keytype keyval < "$SSH_USER_AUTH" | ||
153 | [ "$authtype" = publickey ] || exit | ||
154 | |||
155 | for keyname in "${whitelist_dir}"/* | ||
156 | do | ||
157 | while read a b _ | ||
158 | do | ||
159 | case "$a $b" in | ||
160 | "$keytype $keyval") | ||
161 | NOMIC_USER=${keyname#authorized_keys.d/} | ||
162 | break | ||
163 | ;; | ||
164 | esac | ||
165 | done < "$keyname" | ||
166 | done | ||
167 | true | ||
168 | else | ||
169 | warn "\$SSH_USER_AUTH missing. Try putting 'ExposeAuthInfo yes' in /etc/ssh/sshd_config" | ||
170 | false | ||
171 | fi | ||
172 | } | ||
173 | |||
144 | check_if_ssh_user_owns_repository() | 174 | check_if_ssh_user_owns_repository() |
145 | { | 175 | { |
146 | git --git-dir "$git_dir" config --get-all samizdat.anonymous-ssh-owner | grep -xqF "$SSH_REMOTE_FINGERPRINT_TRIMMED" | 176 | git --git-dir "$git_dir" config --get-all samizdat.anonymous-ssh-owner | grep -xqF "$SSH_REMOTE_FINGERPRINT_TRIMMED" |
147 | } | 177 | } |
178 | |||
148 | ssh_user_owns_repository() | 179 | ssh_user_owns_repository() |
149 | { | 180 | { |
150 | if [ -z "$SSH_USER_OWNS_REPOSITORY" ]; then | 181 | if [ -z "$SSH_USER_OWNS_REPOSITORY" ]; then |
151 | check_if_ssh_user_owns_repository | 182 | check_if_ssh_user_owns_repository || GET_NOMIC_USER "$git_dir" |
152 | SSH_USER_OWNS_REPOSITORY=$? | 183 | SSH_USER_OWNS_REPOSITORY=$? |
153 | fi | 184 | fi |
154 | return $SSH_USER_OWNS_REPOSITORY | 185 | return $SSH_USER_OWNS_REPOSITORY |