Mercurial: contrib/hg-ssh@99ebde4fec99 (annotated)

1537 583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	1	#!/usr/bin/env python
583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	2	#
5191 831ebc408ffb Adjust contrib/hg-ssh for moved dispatch() function. Thomas Arendsen Hein <thomas@intevation.de> parents: 1640 diff changeset	3	# Copyright 2005-2007 by Intevation GmbH <intevation@intevation.de>
8228 eee2319c5895 add blank line after copyright notices and after header Martin Geisler <mg@lazybytes.net> parents: 8225 diff changeset	4	#
1537 583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	5	# Author(s):
583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	6	# Thomas Arendsen Hein <thomas@intevation.de>
583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	7	#
8225 46293a0c7e9f updated license to be explicit about GPL version 2 Martin Geisler <mg@lazybytes.net> parents: 5197 diff changeset	8	# This software may be used and distributed according to the terms of the
10263 25e572394f5c Update license to GPLv2+ Matt Mackall <mpm@selenic.com> parents: 8228 diff changeset	9	# GNU General Public License version 2 or any later version.
1537 583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	10
583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	11	"""
583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	12	hg-ssh - a wrapper for ssh access to a limited set of mercurial repos
583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	13
583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	14	To be used in ~/.ssh/authorized_keys with the "command" option, see sshd(8):
583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	15	command="hg-ssh path/to/repo1 /path/to/repo2 ~/repo3 ~user/repo4" ssh-dss ...
583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	16	(probably together with these other useful options:
583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	17	no-port-forwarding,no-X11-forwarding,no-agent-forwarding)
583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	18
13996 1cafa0426a1a hg-ssh: fix duplicate word in docstring Andreas Freimuth <andreas.freimuth@united-bits.de> parents: 10263 diff changeset	19	This allows pull/push over ssh from/to the repositories given as arguments.
1537 583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	20
583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	21	If all your repositories are subdirectories of a common directory, you can
583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	22	allow shorter paths with:
583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	23	command="cd path/to/my/repositories && hg-ssh repo1 subdir/repo2"
1640 9a5b778f7e2d Added hint to hg-ssh that you can use shell pattern matching. Thomas Arendsen Hein <thomas@intevation.de> parents: 1537 diff changeset	24
9a5b778f7e2d Added hint to hg-ssh that you can use shell pattern matching. Thomas Arendsen Hein <thomas@intevation.de> parents: 1537 diff changeset	25	You can use pattern matching of your normal shell, e.g.:
9a5b778f7e2d Added hint to hg-ssh that you can use shell pattern matching. Thomas Arendsen Hein <thomas@intevation.de> parents: 1537 diff changeset	26	command="cd repos && hg-ssh user/thomas/* projects/{mercurial,foo}"
16836 1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	27
1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	28	You can also add a --read-only flag to allow read-only access to a key, e.g.:
1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	29	command="hg-ssh --read-only repos/*"
1537 583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	30	"""
33891 42bc7f39376b contrib: update hg-ssh to conform with import style checks Augie Fackler <raf@durin42.com> parents: 32050 diff changeset	31	from __future__ import absolute_import
42bc7f39376b contrib: update hg-ssh to conform with import style checks Augie Fackler <raf@durin42.com> parents: 32050 diff changeset	32
42bc7f39376b contrib: update hg-ssh to conform with import style checks Augie Fackler <raf@durin42.com> parents: 32050 diff changeset	33	import os
42bc7f39376b contrib: update hg-ssh to conform with import style checks Augie Fackler <raf@durin42.com> parents: 32050 diff changeset	34	import shlex
42bc7f39376b contrib: update hg-ssh to conform with import style checks Augie Fackler <raf@durin42.com> parents: 32050 diff changeset	35	import sys
1537 583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	36
5197 55860a45bbf2 Enable demandimport only in scripts, not in importable modules (issue605) Thomas Arendsen Hein <thomas@intevation.de> parents: 5191 diff changeset	37	# enable importing on demand to reduce startup time
33891 42bc7f39376b contrib: update hg-ssh to conform with import style checks Augie Fackler <raf@durin42.com> parents: 32050 diff changeset	38	import hgdemandimport ; hgdemandimport.enable()
5197 55860a45bbf2 Enable demandimport only in scripts, not in importable modules (issue605) Thomas Arendsen Hein <thomas@intevation.de> parents: 5191 diff changeset	39
33891 42bc7f39376b contrib: update hg-ssh to conform with import style checks Augie Fackler <raf@durin42.com> parents: 32050 diff changeset	40	from mercurial import (
42bc7f39376b contrib: update hg-ssh to conform with import style checks Augie Fackler <raf@durin42.com> parents: 32050 diff changeset	41	dispatch,
38109 666d90ace0bb py3: use pycompat.fsencode to convert path to bytes Pulkit Goyal <7895pulkit@gmail.com> parents: 38107 diff changeset	42	pycompat,
33891 42bc7f39376b contrib: update hg-ssh to conform with import style checks Augie Fackler <raf@durin42.com> parents: 32050 diff changeset	43	ui as uimod,
42bc7f39376b contrib: update hg-ssh to conform with import style checks Augie Fackler <raf@durin42.com> parents: 32050 diff changeset	44	)
1537 583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	45
16779 67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	46	def main():
37944 dc1ed7fe33e4 sshserver: do setbinary() by caller (API) Yuya Nishihara <yuya@tcha.org> parents: 33891 diff changeset	47	# Prevent insertion/deletion of CRs
dc1ed7fe33e4 sshserver: do setbinary() by caller (API) Yuya Nishihara <yuya@tcha.org> parents: 33891 diff changeset	48	dispatch.initstdio()
dc1ed7fe33e4 sshserver: do setbinary() by caller (API) Yuya Nishihara <yuya@tcha.org> parents: 33891 diff changeset	49
16779 67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	50	cwd = os.getcwd()
16836 1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	51	readonly = False
1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	52	args = sys.argv[1:]
1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	53	while len(args):
1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	54	if args[0] == '--read-only':
1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	55	readonly = True
1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	56	args.pop(0)
1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	57	else:
1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	58	break
16779 67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	59	allowed_paths = [os.path.normpath(os.path.join(cwd,
67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	60	os.path.expanduser(path)))
16836 1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	61	for path in args]
16779 67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	62	orig_cmd = os.getenv('SSH_ORIGINAL_COMMAND', '?')
67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	63	try:
67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	64	cmdargv = shlex.split(orig_cmd)
28047 863075fd4cd0 misc: use modern exception syntax FUJIWARA Katsunori <foozy@lares.dti.ne.jp> parents: 28045 diff changeset	65	except ValueError as e:
16779 67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	66	sys.stderr.write('Illegal command "%s": %s\n' % (orig_cmd, e))
67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	67	sys.exit(255)
1537 583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	68
16779 67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	69	if cmdargv[:2] == ['hg', '-R'] and cmdargv[3:] == ['serve', '--stdio']:
67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	70	path = cmdargv[2]
67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	71	repo = os.path.normpath(os.path.join(cwd, os.path.expanduser(path)))
67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	72	if repo in allowed_paths:
38109 666d90ace0bb py3: use pycompat.fsencode to convert path to bytes Pulkit Goyal <7895pulkit@gmail.com> parents: 38107 diff changeset	73	cmd = [b'-R', pycompat.fsencode(repo), b'serve', b'--stdio']
32050 77eaf9539499 dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Augie Fackler <augie@google.com> parents: 28047 diff changeset	74	req = dispatch.request(cmd)
16836 1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	75	if readonly:
32050 77eaf9539499 dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Augie Fackler <augie@google.com> parents: 28047 diff changeset	76	if not req.ui:
77eaf9539499 dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Augie Fackler <augie@google.com> parents: 28047 diff changeset	77	req.ui = uimod.ui.load()
38107 44ef9bb7ccd9 py3: add b'' prefixes in contrib/hg-ssh Pulkit Goyal <7895pulkit@gmail.com> parents: 37944 diff changeset	78	req.ui.setconfig(b'hooks', b'pretxnopen.hg-ssh',
44ef9bb7ccd9 py3: add b'' prefixes in contrib/hg-ssh Pulkit Goyal <7895pulkit@gmail.com> parents: 37944 diff changeset	79	b'python:__main__.rejectpush', b'hg-ssh')
44ef9bb7ccd9 py3: add b'' prefixes in contrib/hg-ssh Pulkit Goyal <7895pulkit@gmail.com> parents: 37944 diff changeset	80	req.ui.setconfig(b'hooks', b'prepushkey.hg-ssh',
44ef9bb7ccd9 py3: add b'' prefixes in contrib/hg-ssh Pulkit Goyal <7895pulkit@gmail.com> parents: 37944 diff changeset	81	b'python:__main__.rejectpush', b'hg-ssh')
32050 77eaf9539499 dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Augie Fackler <augie@google.com> parents: 28047 diff changeset	82	dispatch.dispatch(req)
16779 67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	83	else:
67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	84	sys.stderr.write('Illegal repository "%s"\n' % repo)
67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	85	sys.exit(255)
1537 583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	86	else:
16779 67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	87	sys.stderr.write('Illegal command "%s"\n' % orig_cmd)
16607 feb1fd2d13a9 hg-ssh: exit with 255 instead of -1 on error Mads Kiilerich <mads@kiilerich.com> parents: 16606 diff changeset	88	sys.exit(255)
1537 583b3696d24d Added hg-ssh - a wrapper for ssh access to a limited set of mercurial repos Thomas Arendsen Hein <thomas@intevation.de> parents: diff changeset	89
16836 1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	90	def rejectpush(ui, **kwargs):
38107 44ef9bb7ccd9 py3: add b'' prefixes in contrib/hg-ssh Pulkit Goyal <7895pulkit@gmail.com> parents: 37944 diff changeset	91	ui.warn((b"Permission denied\n"))
16836 1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	92	# mercurial hooks use unix process conventions for hook return values
1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	93	# so a truthy return means failure
1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	94	return True
1ba3e17186c8 hg-ssh: read-only flag David Schleimer <dschleimer@fb.com> parents: 16779 diff changeset	95
16779 67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	96	if __name__ == '__main__':
67bfe7f64e57 hg-ssh: refactor to have main() method David Schleimer <dschleimer@fb.com> parents: 16607 diff changeset	97	main()

author	Valentin Gatien-Baron <valentin.gatienbaron@gmail.com>
	Tue, 02 Jul 2019 12:59:58 -0400
changeset 42621	99ebde4fec99
parent 38109	666d90ace0bb
child 43659	99e231afc29c
permissions	-rwxr-xr-x