Mercurial > hg > mercurial-crew-with-dirclash
annotate contrib/hgsh/hgsh.c @ 2474:1e32e2fe8a67
Fix cold cache diff performance
cold cache diff performance has regressed in two ways. localrepo.changes
has optimizations for diffing against the working dir parent that expect
node1 to be None. commands.revpair() usage means that commands.dodiff()
never sends node1 == None. This is fixed in localrepo.changes by checking
against the dirstate parents.
In the non-dirstate parents case, localrepo.changes does a loop comparing
files without first sorting the file names, leading to random access
across the disk.
| author | Chris Mason <mason@suse.com> |
|---|---|
| date | Wed, 21 Jun 2006 09:28:48 -0700 |
| parents | dbbe7f72d15a |
| children | 9cbeef33eaa3 |
| rev | line source |
|---|---|
|
2341
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
1 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
2 * hgsh.c - restricted login shell for mercurial |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
3 * |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
4 * Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com> |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
5 * |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
6 * This software may be used and distributed according to the terms of the |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
7 * GNU General Public License, incorporated herein by reference. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
8 * |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
9 * this program is login shell for dedicated mercurial user account. it |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
10 * only allows few actions: |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
11 * |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
12 * 1. run hg in server mode on specific repository. no other hg commands |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
13 * are allowed. we try to verify that repo to be accessed exists under |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
14 * given top-level directory. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
15 * |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
16 * 2. (optional) forward ssh connection from firewall/gateway machine to |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
17 * "real" mercurial host, to let users outside intranet pull and push |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
18 * changes through firewall. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
19 * |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
20 * 3. (optional) run normal shell, to allow to "su" to mercurial user, use |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
21 * "sudo" to run programs as that user, or run cron jobs as that user. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
22 * |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
23 * only tested on linux yet. patches for non-linux systems welcome. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
24 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
25 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
26 #ifndef _GNU_SOURCE |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
27 #define _GNU_SOURCE /* for asprintf */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
28 #endif |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
29 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
30 #include <stdio.h> |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
31 #include <stdlib.h> |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
32 #include <string.h> |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
33 #include <sys/stat.h> |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
34 #include <sys/types.h> |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
35 #include <sysexits.h> |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
36 #include <unistd.h> |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
37 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
38 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
39 * user config. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
40 * |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
41 * if you see a hostname below, just use first part of hostname. example, |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
42 * if you have host named foo.bar.com, use "foo". |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
43 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
44 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
45 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
46 * HG_GATEWAY: hostname of gateway/firewall machine that people outside your |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
47 * intranet ssh into if they need to ssh to other machines. if you do not |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
48 * have such machine, set to NULL. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
49 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
50 #ifndef HG_GATEWAY |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
51 #define HG_GATEWAY "gateway" |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
52 #endif |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
53 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
54 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
55 * HG_HOST: hostname of mercurial server. if any machine is allowed, set to |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
56 * NULL. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
57 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
58 #ifndef HG_HOST |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
59 #define HG_HOST "mercurial" |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
60 #endif |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
61 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
62 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
63 * HG_USER: username to log in from HG_GATEWAY to HG_HOST. if gateway and |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
64 * host username are same, set to NULL. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
65 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
66 #ifndef HG_USER |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
67 #define HG_USER "hg" |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
68 #endif |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
69 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
70 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
71 * HG_ROOT: root of tree full of mercurial repos. if you do not want to |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
72 * validate location of repo when someone is try to access, set to NULL. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
73 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
74 #ifndef HG_ROOT |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
75 #define HG_ROOT "/home/hg/repos" |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
76 #endif |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
77 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
78 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
79 * HG: path to the mercurial executable to run. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
80 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
81 #ifndef HG |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
82 #define HG "/home/hg/bin/hg" |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
83 #endif |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
84 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
85 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
86 * HG_SHELL: shell to use for actions like "sudo" and "su" access to |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
87 * mercurial user, and cron jobs. if you want to make these things |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
88 * impossible, set to NULL. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
89 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
90 #ifndef HG_SHELL |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
91 #define HG_SHELL NULL |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
92 // #define HG_SHELL "/bin/bash" |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
93 #endif |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
94 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
95 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
96 * HG_HELP: some way for users to get support if they have problem. if they |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
97 * should not get helpful message, set to NULL. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
98 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
99 #ifndef HG_HELP |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
100 #define HG_HELP "please contact support@example.com for help." |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
101 #endif |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
102 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
103 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
104 * SSH: path to ssh executable to run, if forwarding from HG_GATEWAY to |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
105 * HG_HOST. if you want to use rsh instead (why?), you need to modify |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
106 * arguments it is called with. see forward_through_gateway. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
107 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
108 #ifndef SSH |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
109 #define SSH "/usr/bin/ssh" |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
110 #endif |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
111 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
112 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
113 * tell whether to print command that is to be executed. useful for |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
114 * debugging. should not interfere with mercurial operation, since |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
115 * mercurial only cares about stdin and stdout, and this prints to stderr. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
116 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
117 static const int debug = 0; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
118 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
119 static void print_cmdline(int argc, char **argv) |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
120 { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
121 FILE *fp = stderr; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
122 int i; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
123 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
124 fputs("command: ", fp); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
125 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
126 for (i = 0; i < argc; i++) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
127 char *spc = strpbrk(argv[i], " \t\r\n"); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
128 if (spc) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
129 fputc('\'', fp); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
130 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
131 fputs(argv[i], fp); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
132 if (spc) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
133 fputc('\'', fp); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
134 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
135 if (i < argc - 1) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
136 fputc(' ', fp); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
137 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
138 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
139 fputc('\n', fp); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
140 fflush(fp); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
141 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
142 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
143 static void usage(const char *reason, int exitcode) |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
144 { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
145 char *hg_help = HG_HELP; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
146 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
147 if (reason) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
148 fprintf(stderr, "*** Error: %s.\n", reason); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
149 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
150 fprintf(stderr, "*** This program has been invoked incorrectly.\n"); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
151 if (hg_help) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
152 fprintf(stderr, "*** %s\n", hg_help); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
153 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
154 exit(exitcode ? exitcode : EX_USAGE); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
155 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
156 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
157 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
158 * run on gateway host to make another ssh connection, to "real" mercurial |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
159 * server. it sends its command line unmodified to far end. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
160 * |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
161 * never called if HG_GATEWAY is NULL. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
162 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
163 static void forward_through_gateway(int argc, char **argv) |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
164 { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
165 char *ssh = SSH; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
166 char *hg_host = HG_HOST; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
167 char *hg_user = HG_USER; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
168 char **nargv = alloca((10 + argc) * sizeof(char *)); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
169 int i = 0, j; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
170 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
171 nargv[i++] = ssh; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
172 nargv[i++] = "-q"; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
173 nargv[i++] = "-T"; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
174 nargv[i++] = "-x"; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
175 if (hg_user) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
176 nargv[i++] = "-l"; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
177 nargv[i++] = hg_user; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
178 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
179 nargv[i++] = hg_host; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
180 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
181 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
182 * sshd called us with added "-c", because it thinks we are a shell. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
183 * drop it if we find it. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
184 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
185 j = 1; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
186 if (j < argc && strcmp(argv[j], "-c") == 0) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
187 j++; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
188 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
189 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
190 for (; j < argc; i++, j++) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
191 nargv[i] = argv[j]; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
192 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
193 nargv[i] = NULL; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
194 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
195 if (debug) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
196 print_cmdline(i, nargv); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
197 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
198 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
199 execv(ssh, nargv); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
200 perror(ssh); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
201 exit(EX_UNAVAILABLE); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
202 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
203 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
204 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
205 * run shell. let administrator "su" to mercurial user's account to do |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
206 * administrative works. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
207 * |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
208 * never called if HG_SHELL is NULL. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
209 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
210 static void run_shell(int argc, char **argv) |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
211 { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
212 char *hg_shell = HG_SHELL; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
213 char **nargv; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
214 char *c; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
215 int i; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
216 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
217 nargv = alloca((argc + 3) * sizeof(char *)); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
218 c = strrchr(hg_shell, '/'); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
219 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
220 /* tell "real" shell it is login shell, if needed. */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
221 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
222 if (argv[0][0] == '-' && c) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
223 nargv[0] = strdup(c); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
224 if (nargv[0] == NULL) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
225 perror("malloc"); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
226 exit(EX_OSERR); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
227 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
228 nargv[0][0] = '-'; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
229 } else { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
230 nargv[0] = hg_shell; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
231 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
232 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
233 for (i = 1; i < argc; i++) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
234 nargv[i] = argv[i]; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
235 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
236 nargv[i] = NULL; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
237 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
238 if (debug) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
239 print_cmdline(i, nargv); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
240 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
241 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
242 execv(hg_shell, nargv); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
243 perror(hg_shell); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
244 exit(EX_OSFILE); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
245 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
246 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
247 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
248 * paranoid wrapper, runs hg executable in server mode. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
249 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
250 static void serve_data(int argc, char **argv) |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
251 { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
252 char *hg_root = HG_ROOT; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
253 char *repo, *abspath; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
254 char *nargv[6]; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
255 struct stat st; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
256 size_t repolen; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
257 int i; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
258 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
259 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
260 * check argv for looking okay. we should be invoked with argv |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
261 * resembling like this: |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
262 * |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
263 * hgsh |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
264 * -c |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
265 * hg -R some/path serve --stdio |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
266 * |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
267 * the "-c" is added by sshd, because it thinks we are login shell. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
268 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
269 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
270 if (argc != 3) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
271 goto badargs; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
272 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
273 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
274 if (strcmp(argv[1], "-c") != 0) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
275 goto badargs; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
276 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
277 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
278 if (sscanf(argv[2], "hg -R %as serve --stdio", &repo) != 1) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
279 goto badargs; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
280 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
281 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
282 repolen = repo ? strlen(repo) : 0; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
283 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
284 if (repolen == 0) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
285 goto badargs; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
286 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
287 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
288 if (hg_root) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
289 if (asprintf(&abspath, "%s/%s/.hg/data", hg_root, repo) == -1) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
290 goto badargs; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
291 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
292 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
293 /* |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
294 * attempt to stop break out from inside the repository tree. could |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
295 * do something more clever here, because e.g. we could traverse a |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
296 * symlink that looks safe, but really breaks us out of tree. |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
297 */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
298 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
299 if (strstr(abspath, "/../") != NULL) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
300 goto badargs; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
301 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
302 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
303 /* verify that we really are looking at valid repo. */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
304 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
305 if (stat(abspath, &st) == -1) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
306 perror(repo); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
307 exit(EX_DATAERR); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
308 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
309 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
310 if (chdir(hg_root) == -1) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
311 perror(hg_root); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
312 exit(EX_SOFTWARE); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
313 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
314 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
315 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
316 i = 0; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
317 nargv[i++] = HG; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
318 nargv[i++] = "-R"; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
319 nargv[i++] = repo; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
320 nargv[i++] = "serve"; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
321 nargv[i++] = "--stdio"; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
322 nargv[i] = NULL; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
323 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
324 if (debug) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
325 print_cmdline(i, nargv); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
326 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
327 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
328 execv(HG, nargv); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
329 perror(HG); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
330 exit(EX_UNAVAILABLE); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
331 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
332 badargs: |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
333 /* print useless error message. */ |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
334 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
335 usage("invalid arguments", EX_DATAERR); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
336 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
337 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
338 int main(int argc, char **argv) |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
339 { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
340 char host[1024]; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
341 char *c; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
342 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
343 if (gethostname(host, sizeof(host)) == -1) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
344 perror("gethostname"); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
345 exit(EX_OSERR); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
346 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
347 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
348 if ((c = strchr(host, '.')) != NULL) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
349 *c = '\0'; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
350 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
351 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
352 if (getenv("SSH_CLIENT")) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
353 char *hg_gateway = HG_GATEWAY; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
354 char *hg_host = HG_HOST; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
355 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
356 if (hg_gateway && strcmp(host, hg_gateway) == 0) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
357 forward_through_gateway(argc, argv); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
358 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
359 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
360 if (hg_host && strcmp(host, hg_host) != 0) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
361 usage("invoked on unexpected host", EX_USAGE); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
362 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
363 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
364 serve_data(argc, argv); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
365 } else if (HG_SHELL) { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
366 run_shell(argc, argv); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
367 } else { |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
368 usage("invalid arguments", EX_DATAERR); |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
369 } |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
370 |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
371 return 0; |
|
dbbe7f72d15a
contrib: add restricted shell.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff
changeset
|
372 } |