[aur-dev] [PATCH v3 2/5] git: Use AUR_USER env var instead of ForceCommand argument

Johannes Löthberg johannes at kyriasis.com
Tue Jun 23 10:26:35 UTC 2015


Also add an utility function for formatting the ForceCommand, using
shlex.quote to quote the value.

Manually replacing '\"' with '\\"' is required under OpenSSH due to it 
replacing `\"` with `"`, which breaks any command part that contains a 
double quote character.

Signed-off-by: Johannes Löthberg <johannes at kyriasis.com>
---
 git-interface/git-auth.py  | 24 ++++++++++++++++++++++--
 git-interface/git-serve.py |  2 +-
 2 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/git-interface/git-auth.py b/git-interface/git-auth.py
index c9e1f01..f355332 100755
--- a/git-interface/git-auth.py
+++ b/git-interface/git-auth.py
@@ -2,10 +2,26 @@
 
 import configparser
 import mysql.connector
+import shlex
 import os
 import re
 import sys
 
+
+def format_command(env_vars, command, ssh_opts, key):
+    environment = ''
+    for key, var in env_vars.items():
+        environment += '{}={} && '.format(key, shlex.quote(var))
+
+    command = shlex.quote(command)
+    command = '{}{}'.format(environment, command)
+
+    # OpenSSH replaces '\"' with '"', so manually escape slash
+    command = command.replace('"', '\\"')
+    msg = 'command="{}",{} {}'.format(command, ssh_opts, key)
+    return msg
+
+
 config = configparser.RawConfigParser()
 config.read(os.path.dirname(os.path.realpath(__file__)) + "/../conf/config")
 
@@ -40,5 +56,9 @@ user = cur.fetchone()[0]
 if not re.match(username_regex, user):
     exit(1)
 
-print('command="%s %s",%s %s' % (git_serve_cmd, user, ssh_opts,
-    keytype + " " + keytext))
+env_vars = {
+    'AUR_USER': user,
+}
+key = keytype + ' ' + keytext
+
+print(format_command(env_vars, git_serve_cmd, ssh_opts, key))
diff --git a/git-interface/git-serve.py b/git-interface/git-serve.py
index 02086e0..9c9bddd 100755
--- a/git-interface/git-serve.py
+++ b/git-interface/git-serve.py
@@ -106,7 +106,7 @@ def die(msg):
 def die_with_help(msg):
     die(msg + "\nTry `{:s} help` for a list of commands.".format(ssh_cmdline))
 
-user = sys.argv[1]
+user = os.environ.get("AUR_USER")
 cmd = os.environ.get("SSH_ORIGINAL_COMMAND")
 if not cmd:
     die_with_help("Interactive shell is disabled.")
-- 
2.4.4


More information about the aur-dev mailing list