annotate contrib/hgsh/hgsh.c @ 20346:42df1fe32552

push: introduce a pushoperation object This object will hold all data and state gathered through the push. This will allow us to split the long function into multiple small one. Smaller function will be easier to maintains and wrap. The idea is to blindly store all information related to the push in this object so that each step and extension can use them if necessary. We start by putting the `repo` variable in the object. More migration in other changeset.
author Pierre-Yves David <pierre-yves.david@logilab.fr>
date Thu, 30 Jan 2014 16:43:11 -0800
parents a4e0908ce35b
children 580f7b1b88c7
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
1 /*
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
2 * hgsh.c - restricted login shell for mercurial
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
3 *
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
4 * Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com>
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
5 *
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
6 * This software may be used and distributed according to the terms of the
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
7 * GNU General Public License, incorporated herein by reference.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
8 *
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
9 * this program is login shell for dedicated mercurial user account. it
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
10 * only allows few actions:
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
11 *
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
12 * 1. run hg in server mode on specific repository. no other hg commands
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
13 * are allowed. we try to verify that repo to be accessed exists under
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
14 * given top-level directory.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
15 *
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
16 * 2. (optional) forward ssh connection from firewall/gateway machine to
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
17 * "real" mercurial host, to let users outside intranet pull and push
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
18 * changes through firewall.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
19 *
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
20 * 3. (optional) run normal shell, to allow to "su" to mercurial user, use
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
21 * "sudo" to run programs as that user, or run cron jobs as that user.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
22 *
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
23 * only tested on linux yet. patches for non-linux systems welcome.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
24 */
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
25
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
26 #ifndef _GNU_SOURCE
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
27 #define _GNU_SOURCE /* for asprintf */
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
28 #endif
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
29
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
30 #include <stdio.h>
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
31 #include <stdlib.h>
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
32 #include <string.h>
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
33 #include <sys/stat.h>
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
34 #include <sys/types.h>
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
35 #include <sysexits.h>
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
36 #include <unistd.h>
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
37
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
38 /*
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
39 * user config.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
40 *
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
41 * if you see a hostname below, just use first part of hostname. example,
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
42 * if you have host named foo.bar.com, use "foo".
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
43 */
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
44
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
45 /*
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
46 * HG_GATEWAY: hostname of gateway/firewall machine that people outside your
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
47 * intranet ssh into if they need to ssh to other machines. if you do not
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
48 * have such machine, set to NULL.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
49 */
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
50 #ifndef HG_GATEWAY
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
51 #define HG_GATEWAY "gateway"
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
52 #endif
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
53
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
54 /*
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
55 * HG_HOST: hostname of mercurial server. if any machine is allowed, set to
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
56 * NULL.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
57 */
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
58 #ifndef HG_HOST
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
59 #define HG_HOST "mercurial"
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
60 #endif
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
61
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
62 /*
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
63 * HG_USER: username to log in from HG_GATEWAY to HG_HOST. if gateway and
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
64 * host username are same, set to NULL.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
65 */
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
66 #ifndef HG_USER
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
67 #define HG_USER "hg"
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
68 #endif
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
69
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
70 /*
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
71 * HG_ROOT: root of tree full of mercurial repos. if you do not want to
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
72 * validate location of repo when someone is try to access, set to NULL.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
73 */
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
74 #ifndef HG_ROOT
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
75 #define HG_ROOT "/home/hg/repos"
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
76 #endif
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
77
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
78 /*
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
79 * HG: path to the mercurial executable to run.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
80 */
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
81 #ifndef HG
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
82 #define HG "/home/hg/bin/hg"
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
83 #endif
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
84
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
85 /*
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
86 * HG_SHELL: shell to use for actions like "sudo" and "su" access to
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
87 * mercurial user, and cron jobs. if you want to make these things
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
88 * impossible, set to NULL.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
89 */
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
90 #ifndef HG_SHELL
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
91 #define HG_SHELL NULL
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
92 /* #define HG_SHELL "/bin/bash" */
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
93 #endif
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
94
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
95 /*
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
96 * HG_HELP: some way for users to get support if they have problem. if they
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
97 * should not get helpful message, set to NULL.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
98 */
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
99 #ifndef HG_HELP
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
100 #define HG_HELP "please contact support@example.com for help."
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
101 #endif
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
102
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
103 /*
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
104 * SSH: path to ssh executable to run, if forwarding from HG_GATEWAY to
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
105 * HG_HOST. if you want to use rsh instead (why?), you need to modify
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
106 * arguments it is called with. see forward_through_gateway.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
107 */
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
108 #ifndef SSH
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
109 #define SSH "/usr/bin/ssh"
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
110 #endif
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
111
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
112 /*
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
113 * tell whether to print command that is to be executed. useful for
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
114 * debugging. should not interfere with mercurial operation, since
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
115 * mercurial only cares about stdin and stdout, and this prints to stderr.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
116 */
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
117 static const int debug = 0;
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
118
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
119 static void print_cmdline(int argc, char **argv)
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
120 {
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
121 FILE *fp = stderr;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
122 int i;
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
123
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
124 fputs("command: ", fp);
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
125
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
126 for (i = 0; i < argc; i++) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
127 char *spc = strpbrk(argv[i], " \t\r\n");
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
128 if (spc) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
129 fputc('\'', fp);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
130 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
131 fputs(argv[i], fp);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
132 if (spc) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
133 fputc('\'', fp);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
134 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
135 if (i < argc - 1) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
136 fputc(' ', fp);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
137 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
138 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
139 fputc('\n', fp);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
140 fflush(fp);
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
141 }
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
142
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
143 static void usage(const char *reason, int exitcode)
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
144 {
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
145 char *hg_help = HG_HELP;
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
146
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
147 if (reason) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
148 fprintf(stderr, "*** Error: %s.\n", reason);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
149 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
150 fprintf(stderr, "*** This program has been invoked incorrectly.\n");
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
151 if (hg_help) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
152 fprintf(stderr, "*** %s\n", hg_help);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
153 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
154 exit(exitcode ? exitcode : EX_USAGE);
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
155 }
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
156
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
157 /*
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
158 * run on gateway host to make another ssh connection, to "real" mercurial
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
159 * server. it sends its command line unmodified to far end.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
160 *
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
161 * never called if HG_GATEWAY is NULL.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
162 */
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
163 static void forward_through_gateway(int argc, char **argv)
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
164 {
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
165 char *ssh = SSH;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
166 char *hg_host = HG_HOST;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
167 char *hg_user = HG_USER;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
168 char **nargv = alloca((10 + argc) * sizeof(char *));
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
169 int i = 0, j;
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
170
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
171 nargv[i++] = ssh;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
172 nargv[i++] = "-q";
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
173 nargv[i++] = "-T";
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
174 nargv[i++] = "-x";
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
175 if (hg_user) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
176 nargv[i++] = "-l";
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
177 nargv[i++] = hg_user;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
178 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
179 nargv[i++] = hg_host;
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
180
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
181 /*
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
182 * sshd called us with added "-c", because it thinks we are a shell.
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
183 * drop it if we find it.
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
184 */
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
185 j = 1;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
186 if (j < argc && strcmp(argv[j], "-c") == 0) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
187 j++;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
188 }
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
189
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
190 for (; j < argc; i++, j++) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
191 nargv[i] = argv[j];
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
192 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
193 nargv[i] = NULL;
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
194
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
195 if (debug) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
196 print_cmdline(i, nargv);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
197 }
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
198
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
199 execv(ssh, nargv);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
200 perror(ssh);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
201 exit(EX_UNAVAILABLE);
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
202 }
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
203
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
204 /*
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
205 * run shell. let administrator "su" to mercurial user's account to do
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
206 * administrative works.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
207 *
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
208 * never called if HG_SHELL is NULL.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
209 */
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
210 static void run_shell(int argc, char **argv)
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
211 {
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
212 char *hg_shell = HG_SHELL;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
213 char **nargv;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
214 char *c;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
215 int i;
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
216
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
217 nargv = alloca((argc + 3) * sizeof(char *));
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
218 c = strrchr(hg_shell, '/');
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
219
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
220 /* tell "real" shell it is login shell, if needed. */
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
221
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
222 if (argv[0][0] == '-' && c) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
223 nargv[0] = strdup(c);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
224 if (nargv[0] == NULL) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
225 perror("malloc");
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
226 exit(EX_OSERR);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
227 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
228 nargv[0][0] = '-';
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
229 } else {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
230 nargv[0] = hg_shell;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
231 }
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
232
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
233 for (i = 1; i < argc; i++) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
234 nargv[i] = argv[i];
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
235 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
236 nargv[i] = NULL;
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
237
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
238 if (debug) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
239 print_cmdline(i, nargv);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
240 }
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
241
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
242 execv(hg_shell, nargv);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
243 perror(hg_shell);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
244 exit(EX_OSFILE);
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
245 }
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
246
2602
9cbeef33eaa3 contrib/hgsh: make to work with remote clone over ssh.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents: 2341
diff changeset
247 enum cmdline {
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
248 hg_init,
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
249 hg_serve,
2602
9cbeef33eaa3 contrib/hgsh: make to work with remote clone over ssh.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents: 2341
diff changeset
250 };
9cbeef33eaa3 contrib/hgsh: make to work with remote clone over ssh.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents: 2341
diff changeset
251
5081
ea7b982b6c08 Remove trailing spaces
Thomas Arendsen Hein <thomas@intevation.de>
parents: 4419
diff changeset
252
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
253 /*
4419
59ddd43f609f contrib/hgsh: Check for .hg/store as well as .hg/data.
Bryan O'Sullivan <bos@serpentine.com>
parents: 2602
diff changeset
254 * attempt to verify that a directory is really a hg repo, by testing
59ddd43f609f contrib/hgsh: Check for .hg/store as well as .hg/data.
Bryan O'Sullivan <bos@serpentine.com>
parents: 2602
diff changeset
255 * for the existence of a subdirectory.
59ddd43f609f contrib/hgsh: Check for .hg/store as well as .hg/data.
Bryan O'Sullivan <bos@serpentine.com>
parents: 2602
diff changeset
256 */
59ddd43f609f contrib/hgsh: Check for .hg/store as well as .hg/data.
Bryan O'Sullivan <bos@serpentine.com>
parents: 2602
diff changeset
257 static int validate_repo(const char *repo_root, const char *subdir)
59ddd43f609f contrib/hgsh: Check for .hg/store as well as .hg/data.
Bryan O'Sullivan <bos@serpentine.com>
parents: 2602
diff changeset
258 {
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
259 char *abs_path;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
260 struct stat st;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
261 int ret;
4419
59ddd43f609f contrib/hgsh: Check for .hg/store as well as .hg/data.
Bryan O'Sullivan <bos@serpentine.com>
parents: 2602
diff changeset
262
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
263 if (asprintf(&abs_path, "%s.hg/%s", repo_root, subdir) == -1) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
264 ret = -1;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
265 goto bail;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
266 }
4419
59ddd43f609f contrib/hgsh: Check for .hg/store as well as .hg/data.
Bryan O'Sullivan <bos@serpentine.com>
parents: 2602
diff changeset
267
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
268 /* verify that we really are looking at valid repo. */
4419
59ddd43f609f contrib/hgsh: Check for .hg/store as well as .hg/data.
Bryan O'Sullivan <bos@serpentine.com>
parents: 2602
diff changeset
269
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
270 if (stat(abs_path, &st) == -1) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
271 ret = 0;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
272 } else {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
273 ret = 1;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
274 }
4419
59ddd43f609f contrib/hgsh: Check for .hg/store as well as .hg/data.
Bryan O'Sullivan <bos@serpentine.com>
parents: 2602
diff changeset
275
59ddd43f609f contrib/hgsh: Check for .hg/store as well as .hg/data.
Bryan O'Sullivan <bos@serpentine.com>
parents: 2602
diff changeset
276 bail:
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
277 return ret;
4419
59ddd43f609f contrib/hgsh: Check for .hg/store as well as .hg/data.
Bryan O'Sullivan <bos@serpentine.com>
parents: 2602
diff changeset
278 }
59ddd43f609f contrib/hgsh: Check for .hg/store as well as .hg/data.
Bryan O'Sullivan <bos@serpentine.com>
parents: 2602
diff changeset
279
59ddd43f609f contrib/hgsh: Check for .hg/store as well as .hg/data.
Bryan O'Sullivan <bos@serpentine.com>
parents: 2602
diff changeset
280 /*
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
281 * paranoid wrapper, runs hg executable in server mode.
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
282 */
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
283 static void serve_data(int argc, char **argv)
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
284 {
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
285 char *hg_root = HG_ROOT;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
286 char *repo, *repo_root;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
287 enum cmdline cmd;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
288 char *nargv[6];
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
289 size_t repolen;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
290 int i;
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
291
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
292 /*
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
293 * check argv for looking okay. we should be invoked with argv
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
294 * resembling like this:
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
295 *
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
296 * hgsh
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
297 * -c
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
298 * hg -R some/path serve --stdio
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
299 *
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
300 * the "-c" is added by sshd, because it thinks we are login shell.
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
301 */
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
302
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
303 if (argc != 3) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
304 goto badargs;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
305 }
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
306
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
307 if (strcmp(argv[1], "-c") != 0) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
308 goto badargs;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
309 }
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
310
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
311 if (sscanf(argv[2], "hg init %as", &repo) == 1) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
312 cmd = hg_init;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
313 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
314 else if (sscanf(argv[2], "hg -R %as serve --stdio", &repo) == 1) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
315 cmd = hg_serve;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
316 } else {
2602
9cbeef33eaa3 contrib/hgsh: make to work with remote clone over ssh.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents: 2341
diff changeset
317 goto badargs;
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
318 }
5081
ea7b982b6c08 Remove trailing spaces
Thomas Arendsen Hein <thomas@intevation.de>
parents: 4419
diff changeset
319
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
320 repolen = repo ? strlen(repo) : 0;
2602
9cbeef33eaa3 contrib/hgsh: make to work with remote clone over ssh.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents: 2341
diff changeset
321
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
322 if (repolen == 0) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
323 goto badargs;
2602
9cbeef33eaa3 contrib/hgsh: make to work with remote clone over ssh.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents: 2341
diff changeset
324 }
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
325
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
326 if (hg_root) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
327 if (asprintf(&repo_root, "%s/%s/", hg_root, repo) == -1) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
328 goto badargs;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
329 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
330
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
331 /*
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
332 * attempt to stop break out from inside the
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
333 * repository tree. could do something more clever
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
334 * here, because e.g. we could traverse a symlink that
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
335 * looks safe, but really breaks us out of tree.
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
336 */
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
337
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
338 if (strstr(repo_root, "/../") != NULL) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
339 goto badargs;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
340 }
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
341
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
342 /* only hg init expects no repo. */
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
343
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
344 if (cmd != hg_init) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
345 int valid;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
346
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
347 valid = validate_repo(repo_root, "data");
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
348
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
349 if (valid == -1) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
350 goto badargs;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
351 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
352
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
353 if (valid == 0) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
354 valid = validate_repo(repo_root, "store");
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
355
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
356 if (valid == -1) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
357 goto badargs;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
358 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
359 }
2602
9cbeef33eaa3 contrib/hgsh: make to work with remote clone over ssh.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents: 2341
diff changeset
360
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
361 if (valid == 0) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
362 perror(repo);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
363 exit(EX_DATAERR);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
364 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
365 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
366
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
367 if (chdir(hg_root) == -1) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
368 perror(hg_root);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
369 exit(EX_SOFTWARE);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
370 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
371 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
372
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
373 i = 0;
5081
ea7b982b6c08 Remove trailing spaces
Thomas Arendsen Hein <thomas@intevation.de>
parents: 4419
diff changeset
374
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
375 switch (cmd) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
376 case hg_serve:
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
377 nargv[i++] = HG;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
378 nargv[i++] = "-R";
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
379 nargv[i++] = repo;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
380 nargv[i++] = "serve";
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
381 nargv[i++] = "--stdio";
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
382 break;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
383 case hg_init:
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
384 nargv[i++] = HG;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
385 nargv[i++] = "init";
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
386 nargv[i++] = repo;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
387 break;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
388 }
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
389
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
390 nargv[i] = NULL;
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
391
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
392 if (debug) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
393 print_cmdline(i, nargv);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
394 }
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
395
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
396 execv(HG, nargv);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
397 perror(HG);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
398 exit(EX_UNAVAILABLE);
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
399
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
400 badargs:
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
401 /* print useless error message. */
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
402
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
403 usage("invalid arguments", EX_DATAERR);
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
404 }
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
405
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
406 int main(int argc, char **argv)
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
407 {
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
408 char host[1024];
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
409 char *c;
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
410
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
411 if (gethostname(host, sizeof(host)) == -1) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
412 perror("gethostname");
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
413 exit(EX_OSERR);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
414 }
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
415
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
416 if ((c = strchr(host, '.')) != NULL) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
417 *c = '\0';
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
418 }
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
419
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
420 if (getenv("SSH_CLIENT")) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
421 char *hg_gateway = HG_GATEWAY;
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
422 char *hg_host = HG_HOST;
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
423
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
424 if (hg_gateway && strcmp(host, hg_gateway) == 0) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
425 forward_through_gateway(argc, argv);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
426 }
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
427
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
428 if (hg_host && strcmp(host, hg_host) != 0) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
429 usage("invoked on unexpected host", EX_USAGE);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
430 }
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
431
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
432 serve_data(argc, argv);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
433 } else if (HG_SHELL) {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
434 run_shell(argc, argv);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
435 } else {
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
436 usage("invalid arguments", EX_DATAERR);
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
437 }
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
438
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 5081
diff changeset
439 return 0;
2341
dbbe7f72d15a contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
440 }