diff options
author | Lukas Fleischer <lfleischer@archlinux.org> | 2015-04-11 13:25:59 +0200 |
---|---|---|
committer | Lukas Fleischer <lfleischer@archlinux.org> | 2015-04-11 14:08:30 +0200 |
commit | ef1f3798a0d06fa5e3ba9ae9cda0d1000e4cc57b (patch) | |
tree | 7d0b8fe5ee9534c82e2a0a80067ae61115acc2c3 /scripts/git-integration/git-auth.py | |
parent | 4f4cfff620ecaa27e4b50f542f6f1e9af9d08e30 (diff) | |
download | aur-ef1f3798a0d06fa5e3ba9ae9cda0d1000e4cc57b.tar.gz aur-ef1f3798a0d06fa5e3ba9ae9cda0d1000e4cc57b.tar.xz |
Update the OpenSSH patch
Use the latest version of Damien Miller's patch to extend the parameters
to the AuthorizedKeysCommand.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Diffstat (limited to 'scripts/git-integration/git-auth.py')
-rwxr-xr-x | scripts/git-integration/git-auth.py | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/scripts/git-integration/git-auth.py b/scripts/git-integration/git-auth.py index 801a1d36..09dadecf 100755 --- a/scripts/git-integration/git-auth.py +++ b/scripts/git-integration/git-auth.py @@ -4,6 +4,7 @@ import configparser import mysql.connector import os import re +import sys config = configparser.RawConfigParser() config.read(os.path.dirname(os.path.realpath(__file__)) + "/../../conf/config") @@ -14,14 +15,14 @@ aur_db_user = config.get('database', 'user') aur_db_pass = config.get('database', 'password') aur_db_socket = config.get('database', 'socket') -key_prefixes = config.get('auth', 'key-prefixes').split() +valid_keytypes = config.get('auth', 'valid-keytypes').split() username_regex = config.get('auth', 'username-regex') git_serve_cmd = config.get('auth', 'git-serve-cmd') ssh_opts = config.get('auth', 'ssh-options') -pubkey = os.environ.get("SSH_KEY") -valid_prefixes = tuple(p + " " for p in key_prefixes) -if pubkey is None or not pubkey.startswith(valid_prefixes): +keytype = sys.argv[1] +keytext = sys.argv[2] +if not keytype in valid_keytypes: exit(1) db = mysql.connector.connect(host=aur_db_host, user=aur_db_user, @@ -30,7 +31,7 @@ db = mysql.connector.connect(host=aur_db_host, user=aur_db_user, cur = db.cursor() cur.execute("SELECT Username FROM Users WHERE SSHPubKey = %s " + - "AND Suspended = 0", (pubkey,)) + "AND Suspended = 0", (keytype + " " + keytext,)) if cur.rowcount != 1: exit(1) @@ -39,4 +40,5 @@ user = cur.fetchone()[0] if not re.match(username_regex, user): exit(1) -print('command="%s %s",%s %s' % (git_serve_cmd, user, ssh_opts, pubkey)) +print('command="%s %s",%s %s' % (git_serve_cmd, user, ssh_opts, + keytype + " " + keytext)) |