2005-10-24 01:30:45 +04:00
|
|
|
#include "cache.h"
|
|
|
|
#include "quote.h"
|
2006-01-11 05:12:17 +03:00
|
|
|
#include "exec_cmd.h"
|
2007-10-09 18:33:25 +04:00
|
|
|
#include "strbuf.h"
|
2010-07-28 11:43:03 +04:00
|
|
|
#include "run-command.h"
|
2005-10-24 01:30:45 +04:00
|
|
|
|
2010-07-29 04:31:01 +04:00
|
|
|
#define COMMAND_DIR "git-shell-commands"
|
2010-07-28 11:43:03 +04:00
|
|
|
#define HELP_COMMAND COMMAND_DIR "/help"
|
shell: new no-interactive-login command to print a custom message
If I disable git-shell's interactive mode by removing the
~/git-shell-commands directory, attempts to ssh in to the service
produce a message intended for the administrator:
$ ssh git@myserver
fatal: Interactive git shell is not enabled.
hint: ~/git-shell-commands should exist and have read and execute access.
$
That is helpful for the new admin who is wondering "What? Why isn't
the git-shell I just set up working?", but once the site setup is
complete, it would be better to give the user a friendly hint that she
is on the right track, like GitHub does.
Hi <username>! You've successfully authenticated, but
GitHub does not provide shell access.
An appropriate greeting might even include more complex dynamic
information, like gitolite's list of repositories the user has access
to. Add support for a ~/git-shell-commands/no-interactive-login
command that generates an arbitrary greeting. When the user tries to
log in:
* If the file ~/git-shell-commands/no-interactive-login exists,
run no-interactive-login to let the server say what it likes,
then hang up.
* Otherwise, if ~/git-shell-commands/ is present, start an
interactive read-eval-print loop.
* Otherwise, print the usual configuration hint and hang up.
Reported-by: Ethan Reesor <firelizzard@gmail.com>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Improved-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-03-10 02:00:11 +04:00
|
|
|
#define NOLOGIN_COMMAND COMMAND_DIR "/no-interactive-login"
|
2010-07-29 04:31:01 +04:00
|
|
|
|
2005-10-24 01:30:45 +04:00
|
|
|
static int do_generic_cmd(const char *me, char *arg)
|
|
|
|
{
|
|
|
|
const char *my_argv[4];
|
|
|
|
|
2008-07-21 23:19:52 +04:00
|
|
|
setup_path();
|
2005-11-26 07:57:02 +03:00
|
|
|
if (!arg || !(arg = sq_dequote(arg)))
|
2005-10-24 01:30:45 +04:00
|
|
|
die("bad argument");
|
Mechanical conversion to use prefixcmp()
This mechanically converts strncmp() to use prefixcmp(), but only when
the parameters match specific patterns, so that they can be verified
easily. Leftover from this will be fixed in a separate step, including
idiotic conversions like
if (!strncmp("foo", arg, 3))
=>
if (!(-prefixcmp(arg, "foo")))
This was done by using this script in px.perl
#!/usr/bin/perl -i.bak -p
if (/strncmp\(([^,]+), "([^\\"]*)", (\d+)\)/ && (length($2) == $3)) {
s|strncmp\(([^,]+), "([^\\"]*)", (\d+)\)|prefixcmp($1, "$2")|;
}
if (/strncmp\("([^\\"]*)", ([^,]+), (\d+)\)/ && (length($1) == $3)) {
s|strncmp\("([^\\"]*)", ([^,]+), (\d+)\)|(-prefixcmp($2, "$1"))|;
}
and running:
$ git grep -l strncmp -- '*.c' | xargs perl px.perl
Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-02-20 12:53:29 +03:00
|
|
|
if (prefixcmp(me, "git-"))
|
2006-01-11 05:12:17 +03:00
|
|
|
die("bad command");
|
2005-10-24 01:30:45 +04:00
|
|
|
|
2006-01-11 05:12:17 +03:00
|
|
|
my_argv[0] = me + 4;
|
2005-10-24 01:30:45 +04:00
|
|
|
my_argv[1] = arg;
|
|
|
|
my_argv[2] = NULL;
|
|
|
|
|
2006-03-05 13:47:29 +03:00
|
|
|
return execv_git_cmd(my_argv);
|
2005-10-24 01:30:45 +04:00
|
|
|
}
|
|
|
|
|
2007-10-09 18:33:25 +04:00
|
|
|
static int do_cvs_cmd(const char *me, char *arg)
|
|
|
|
{
|
|
|
|
const char *cvsserver_argv[3] = {
|
|
|
|
"cvsserver", "server", NULL
|
|
|
|
};
|
|
|
|
|
|
|
|
if (!arg || strcmp(arg, "server"))
|
|
|
|
die("git-cvsserver only handles server: %s", arg);
|
|
|
|
|
2008-07-21 23:19:52 +04:00
|
|
|
setup_path();
|
2007-10-09 18:33:25 +04:00
|
|
|
return execv_git_cmd(cvsserver_argv);
|
|
|
|
}
|
|
|
|
|
2010-07-29 04:31:01 +04:00
|
|
|
static int is_valid_cmd_name(const char *cmd)
|
|
|
|
{
|
|
|
|
/* Test command contains no . or / characters */
|
|
|
|
return cmd[strcspn(cmd, "./")] == '\0';
|
|
|
|
}
|
|
|
|
|
|
|
|
static char *make_cmd(const char *prog)
|
|
|
|
{
|
|
|
|
char *prefix = xmalloc((strlen(prog) + strlen(COMMAND_DIR) + 2));
|
|
|
|
strcpy(prefix, COMMAND_DIR);
|
|
|
|
strcat(prefix, "/");
|
|
|
|
strcat(prefix, prog);
|
|
|
|
return prefix;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void cd_to_homedir(void)
|
|
|
|
{
|
|
|
|
const char *home = getenv("HOME");
|
|
|
|
if (!home)
|
|
|
|
die("could not determine user's home directory; HOME is unset");
|
|
|
|
if (chdir(home) == -1)
|
|
|
|
die("could not chdir to user's home directory");
|
|
|
|
}
|
2007-10-09 18:33:25 +04:00
|
|
|
|
2010-07-28 11:43:03 +04:00
|
|
|
static void run_shell(void)
|
|
|
|
{
|
|
|
|
int done = 0;
|
|
|
|
static const char *help_argv[] = { HELP_COMMAND, NULL };
|
shell: new no-interactive-login command to print a custom message
If I disable git-shell's interactive mode by removing the
~/git-shell-commands directory, attempts to ssh in to the service
produce a message intended for the administrator:
$ ssh git@myserver
fatal: Interactive git shell is not enabled.
hint: ~/git-shell-commands should exist and have read and execute access.
$
That is helpful for the new admin who is wondering "What? Why isn't
the git-shell I just set up working?", but once the site setup is
complete, it would be better to give the user a friendly hint that she
is on the right track, like GitHub does.
Hi <username>! You've successfully authenticated, but
GitHub does not provide shell access.
An appropriate greeting might even include more complex dynamic
information, like gitolite's list of repositories the user has access
to. Add support for a ~/git-shell-commands/no-interactive-login
command that generates an arbitrary greeting. When the user tries to
log in:
* If the file ~/git-shell-commands/no-interactive-login exists,
run no-interactive-login to let the server say what it likes,
then hang up.
* Otherwise, if ~/git-shell-commands/ is present, start an
interactive read-eval-print loop.
* Otherwise, print the usual configuration hint and hang up.
Reported-by: Ethan Reesor <firelizzard@gmail.com>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Improved-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-03-10 02:00:11 +04:00
|
|
|
|
|
|
|
if (!access(NOLOGIN_COMMAND, F_OK)) {
|
|
|
|
/* Interactive login disabled. */
|
|
|
|
const char *argv[] = { NOLOGIN_COMMAND, NULL };
|
|
|
|
int status;
|
|
|
|
|
|
|
|
status = run_command_v_opt(argv, 0);
|
|
|
|
if (status < 0)
|
|
|
|
exit(127);
|
|
|
|
exit(status);
|
|
|
|
}
|
|
|
|
|
2010-07-28 11:43:03 +04:00
|
|
|
/* Print help if enabled */
|
|
|
|
run_command_v_opt(help_argv, RUN_SILENT_EXEC_FAILURE);
|
|
|
|
|
|
|
|
do {
|
|
|
|
struct strbuf line = STRBUF_INIT;
|
|
|
|
const char *prog;
|
|
|
|
char *full_cmd;
|
|
|
|
char *rawargs;
|
2010-08-27 09:36:13 +04:00
|
|
|
char *split_args;
|
2010-07-28 11:43:03 +04:00
|
|
|
const char **argv;
|
|
|
|
int code;
|
2010-08-27 09:36:13 +04:00
|
|
|
int count;
|
2010-07-28 11:43:03 +04:00
|
|
|
|
|
|
|
fprintf(stderr, "git> ");
|
|
|
|
if (strbuf_getline(&line, stdin, '\n') == EOF) {
|
|
|
|
fprintf(stderr, "\n");
|
|
|
|
strbuf_release(&line);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
strbuf_trim(&line);
|
|
|
|
rawargs = strbuf_detach(&line, NULL);
|
2010-08-27 09:36:13 +04:00
|
|
|
split_args = xstrdup(rawargs);
|
|
|
|
count = split_cmdline(split_args, &argv);
|
|
|
|
if (count < 0) {
|
|
|
|
fprintf(stderr, "invalid command format '%s': %s\n", rawargs,
|
|
|
|
split_cmdline_strerror(count));
|
|
|
|
free(split_args);
|
2010-07-28 11:43:03 +04:00
|
|
|
free(rawargs);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
prog = argv[0];
|
|
|
|
if (!strcmp(prog, "")) {
|
|
|
|
} else if (!strcmp(prog, "quit") || !strcmp(prog, "logout") ||
|
|
|
|
!strcmp(prog, "exit") || !strcmp(prog, "bye")) {
|
|
|
|
done = 1;
|
|
|
|
} else if (is_valid_cmd_name(prog)) {
|
|
|
|
full_cmd = make_cmd(prog);
|
|
|
|
argv[0] = full_cmd;
|
|
|
|
code = run_command_v_opt(argv, RUN_SILENT_EXEC_FAILURE);
|
|
|
|
if (code == -1 && errno == ENOENT) {
|
|
|
|
fprintf(stderr, "unrecognized command '%s'\n", prog);
|
|
|
|
}
|
|
|
|
free(full_cmd);
|
|
|
|
} else {
|
|
|
|
fprintf(stderr, "invalid command format '%s'\n", prog);
|
|
|
|
}
|
|
|
|
|
|
|
|
free(argv);
|
|
|
|
free(rawargs);
|
|
|
|
} while (!done);
|
|
|
|
}
|
|
|
|
|
2005-10-24 01:30:45 +04:00
|
|
|
static struct commands {
|
|
|
|
const char *name;
|
|
|
|
int (*exec)(const char *me, char *arg);
|
|
|
|
} cmd_list[] = {
|
|
|
|
{ "git-receive-pack", do_generic_cmd },
|
|
|
|
{ "git-upload-pack", do_generic_cmd },
|
2009-04-09 23:58:52 +04:00
|
|
|
{ "git-upload-archive", do_generic_cmd },
|
2007-10-09 18:33:25 +04:00
|
|
|
{ "cvs", do_cvs_cmd },
|
2005-10-24 01:30:45 +04:00
|
|
|
{ NULL },
|
|
|
|
};
|
|
|
|
|
2008-08-26 09:39:17 +04:00
|
|
|
int main(int argc, char **argv)
|
2005-10-24 01:30:45 +04:00
|
|
|
{
|
|
|
|
char *prog;
|
2010-07-29 04:31:01 +04:00
|
|
|
const char **user_argv;
|
2005-10-24 01:30:45 +04:00
|
|
|
struct commands *cmd;
|
2008-08-27 19:20:35 +04:00
|
|
|
int devnull_fd;
|
2010-08-27 09:36:13 +04:00
|
|
|
int count;
|
2008-08-27 19:20:35 +04:00
|
|
|
|
i18n: add infrastructure for translating Git with gettext
Change the skeleton implementation of i18n in Git to one that can show
localized strings to users for our C, Shell and Perl programs using
either GNU libintl or the Solaris gettext implementation.
This new internationalization support is enabled by default. If
gettext isn't available, or if Git is compiled with
NO_GETTEXT=YesPlease, Git falls back on its current behavior of
showing interface messages in English. When using the autoconf script
we'll auto-detect if the gettext libraries are installed and act
appropriately.
This change is somewhat large because as well as adding a C, Shell and
Perl i18n interface we're adding a lot of tests for them, and for
those tests to work we need a skeleton PO file to actually test
translations. A minimal Icelandic translation is included for this
purpose. Icelandic includes multi-byte characters which makes it easy
to test various edge cases, and it's a language I happen to
understand.
The rest of the commit message goes into detail about various
sub-parts of this commit.
= Installation
Gettext .mo files will be installed and looked for in the standard
$(prefix)/share/locale path. GIT_TEXTDOMAINDIR can also be set to
override that, but that's only intended to be used to test Git itself.
= Perl
Perl code that's to be localized should use the new Git::I18n
module. It imports a __ function into the caller's package by default.
Instead of using the high level Locale::TextDomain interface I've
opted to use the low-level (equivalent to the C interface)
Locale::Messages module, which Locale::TextDomain itself uses.
Locale::TextDomain does a lot of redundant work we don't need, and
some of it would potentially introduce bugs. It tries to set the
$TEXTDOMAIN based on package of the caller, and has its own
hardcoded paths where it'll search for messages.
I found it easier just to completely avoid it rather than try to
circumvent its behavior. In any case, this is an issue wholly
internal Git::I18N. Its guts can be changed later if that's deemed
necessary.
See <AANLkTilYD_NyIZMyj9dHtVk-ylVBfvyxpCC7982LWnVd@mail.gmail.com> for
a further elaboration on this topic.
= Shell
Shell code that's to be localized should use the git-sh-i18n
library. It's basically just a wrapper for the system's gettext.sh.
If gettext.sh isn't available we'll fall back on gettext(1) if it's
available. The latter is available without the former on Solaris,
which has its own non-GNU gettext implementation. We also need to
emulate eval_gettext() there.
If neither are present we'll use a dumb printf(1) fall-through
wrapper.
= About libcharset.h and langinfo.h
We use libcharset to query the character set of the current locale if
it's available. I.e. we'll use it instead of nl_langinfo if
HAVE_LIBCHARSET_H is set.
The GNU gettext manual recommends using langinfo.h's
nl_langinfo(CODESET) to acquire the current character set, but on
systems that have libcharset.h's locale_charset() using the latter is
either saner, or the only option on those systems.
GNU and Solaris have a nl_langinfo(CODESET), FreeBSD can use either,
but MinGW and some others need to use libcharset.h's locale_charset()
instead.
=Credits
This patch is based on work by Jeff Epler <jepler@unpythonic.net> who
did the initial Makefile / C work, and a lot of comments from the Git
mailing list, including Jonathan Nieder, Jakub Narebski, Johannes
Sixt, Erik Faye-Lund, Peter Krefting, Junio C Hamano, Thomas Rast and
others.
[jc: squashed a small Makefile fix from Ramsay]
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Ramsay Jones <ramsay@ramsay1.demon.co.uk>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-11-18 03:14:42 +04:00
|
|
|
git_setup_gettext();
|
|
|
|
|
2011-05-05 10:40:17 +04:00
|
|
|
git_extract_argv0_path(argv[0]);
|
|
|
|
|
2008-08-27 19:20:35 +04:00
|
|
|
/*
|
|
|
|
* Always open file descriptors 0/1/2 to avoid clobbering files
|
|
|
|
* in die(). It also avoids not messing up when the pipes are
|
|
|
|
* dup'ed onto stdin/stdout/stderr in the child processes we spawn.
|
|
|
|
*/
|
|
|
|
devnull_fd = open("/dev/null", O_RDWR);
|
|
|
|
while (devnull_fd >= 0 && devnull_fd <= 2)
|
|
|
|
devnull_fd = dup(devnull_fd);
|
|
|
|
if (devnull_fd == -1)
|
2009-06-27 19:58:46 +04:00
|
|
|
die_errno("opening /dev/null failed");
|
2008-08-27 19:20:35 +04:00
|
|
|
close (devnull_fd);
|
2005-10-24 01:30:45 +04:00
|
|
|
|
2007-12-02 09:16:19 +03:00
|
|
|
/*
|
|
|
|
* Special hack to pretend to be a CVS server
|
|
|
|
*/
|
2010-07-28 11:43:03 +04:00
|
|
|
if (argc == 2 && !strcmp(argv[1], "cvs server")) {
|
2007-10-09 18:33:25 +04:00
|
|
|
argv--;
|
2010-07-28 11:43:03 +04:00
|
|
|
} else if (argc == 1) {
|
|
|
|
/* Allow the user to run an interactive shell */
|
|
|
|
cd_to_homedir();
|
2010-08-24 09:36:51 +04:00
|
|
|
if (access(COMMAND_DIR, R_OK | X_OK) == -1) {
|
|
|
|
die("Interactive git shell is not enabled.\n"
|
|
|
|
"hint: ~/" COMMAND_DIR " should exist "
|
|
|
|
"and have read and execute access.");
|
|
|
|
}
|
2010-07-28 11:43:03 +04:00
|
|
|
run_shell();
|
|
|
|
exit(0);
|
|
|
|
} else if (argc != 3 || strcmp(argv[1], "-c")) {
|
|
|
|
/*
|
|
|
|
* We do not accept any other modes except "-c" followed by
|
|
|
|
* "cmd arg", where "cmd" is a very limited subset of git
|
|
|
|
* commands or a command in the COMMAND_DIR
|
|
|
|
*/
|
|
|
|
die("Run with no arguments or with -c cmd");
|
|
|
|
}
|
2005-10-24 01:30:45 +04:00
|
|
|
|
2010-07-29 04:31:01 +04:00
|
|
|
prog = xstrdup(argv[2]);
|
2007-12-02 09:16:19 +03:00
|
|
|
if (!strncmp(prog, "git", 3) && isspace(prog[3]))
|
|
|
|
/* Accept "git foo" as if the caller said "git-foo". */
|
|
|
|
prog[3] = '-';
|
|
|
|
|
2005-10-24 01:30:45 +04:00
|
|
|
for (cmd = cmd_list ; cmd->name ; cmd++) {
|
|
|
|
int len = strlen(cmd->name);
|
|
|
|
char *arg;
|
|
|
|
if (strncmp(cmd->name, prog, len))
|
|
|
|
continue;
|
|
|
|
arg = NULL;
|
|
|
|
switch (prog[len]) {
|
|
|
|
case '\0':
|
|
|
|
arg = NULL;
|
|
|
|
break;
|
|
|
|
case ' ':
|
|
|
|
arg = prog + len + 1;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
exit(cmd->exec(cmd->name, arg));
|
|
|
|
}
|
2010-07-29 04:31:01 +04:00
|
|
|
|
|
|
|
cd_to_homedir();
|
2010-08-27 09:36:13 +04:00
|
|
|
count = split_cmdline(prog, &user_argv);
|
|
|
|
if (count >= 0) {
|
2010-07-29 04:31:01 +04:00
|
|
|
if (is_valid_cmd_name(user_argv[0])) {
|
|
|
|
prog = make_cmd(user_argv[0]);
|
|
|
|
user_argv[0] = prog;
|
|
|
|
execv(user_argv[0], (char *const *) user_argv);
|
|
|
|
}
|
|
|
|
free(prog);
|
|
|
|
free(user_argv);
|
|
|
|
die("unrecognized command '%s'", argv[2]);
|
|
|
|
} else {
|
|
|
|
free(prog);
|
2010-08-27 09:36:13 +04:00
|
|
|
die("invalid command format '%s': %s", argv[2],
|
|
|
|
split_cmdline_strerror(count));
|
2010-07-29 04:31:01 +04:00
|
|
|
}
|
2005-10-24 01:30:45 +04:00
|
|
|
}
|