search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Include local copy of HTML::Email::Obfuscate
[girocco.git] / bin / git-shell-verify
blobe6bf17c175e0a064894dd31e04e88d1d5703c528
1 #!/bin/sh
2 #
3 # Abort any push early if the pushing user doesn't have any push permissions
4 # at all. This avoids unnecessary traffic and unpacked object pollution.
5 #
6 # This script is intended for use from within the chroot jail and may or may
7 # not work properly outside it.
8
9 set -e
10
11 if ! [ -x /usr/bin/perl ]; then
12 # We are INSIDE the chroot
13 reporoot=/@jailreporoot@
14 else
15 # We are NOT INSIDE the chroot
16 reporoot=@reporoot@
17 fi
18 mob=@mob@
19 webadmurl=@webadmurl@
20
21 # Only the following commands are allowed:
22 #
23 # git-shell -c 'git-receive-pack dir'
24 # git-shell -c 'git receive-pack dir'
25 # git-shell -c 'git-upload-pack dir'
26 # git-shell -c 'git upload-pack dir'
27 # git-shell -c 'git-upload-archive dir'
28 # git-shell -c 'git upload-archive dir'
29 #
30 # where dir must start with $reporoot/ but a leading/trailing '/' is optional
31 # as well as the final .git
32
33 if [ "$1" != "-c" ]; then
34 echo forbidden >&2
35 exit 1
36 fi
37
38 dir="$2"
39 type=''
40 case "$2" in
41 "git-receive-pack "*) type='receive-pack'; dir="${dir#git-receive-pack }";;
42 "git receive-pack "*) type='receive-pack'; dir="${dir#git receive-pack }";;
43 "git-upload-pack "*) type='upload-pack'; dir="${dir#git-upload-pack }";;
44 "git upload-pack "*) type='upload-pack'; dir="${dir#git upload-pack }";;
45 "git-upload-archive "*) type='upload-archive'; dir="${dir#git-upload-archive }";;
46 "git upload-archive "*) type='upload-archive'; dir="${dir#git upload-archive }";;
47 *)
48 echo forbidden >&2
49 exit 1
50 esac
51
52 # valid project names only allow 0-9A-Za-z._+- plus the / separator and they
53 # are always single quoted so the only valid directory names will always start
54 # with a single quote and end with a single quote and not contain any internal
55 # character that needs to be escaped.
56
57 case "$dir" in
58 "'"*) :;;
59 *)
60 echo forbidden >&2
61 exit 1
62 esac
63 case "$dir" in
64 *"'") :;;
65 *)
66 echo forbidden >&2
67 exit 1
68 esac
69
70 dir="${dir#\'}"; dir="${dir%\'}"
71
72 # add a missing leading /
73 case "$dir" in
74 /*) :;;
75 *)
76 dir="/$dir"
77 esac
78
79 # remove a trailing /
80 case "$dir" in
81 *?/)
82 dir="${dir%/}"
83 esac
84
85 # add a missing trailing .git
86 case "$dir" in
87 *.git) :;;
88 *)
89 dir="$dir.git"
90 esac
91
92 case "$dir" in
93 "$reporoot/"*) :;;
94 *)
95 echo forbidden >&2
96 exit 1
97 esac
98
99 if ! [ -d "$dir" ] || ! [ -f "$dir/HEAD" ] || ! [ -d "$dir/objects" ]; then
100 echo forbidden >&2
101 exit 1
102 fi
103
104 proj="${dir#$reporoot/}"; projbare="${proj%.git}"
105
106 if [ "$type" = 'receive-pack' ] && ! [ -f "$dir/.nofetch" ]; then
107 echo "The $proj project is a mirror and may not be pushed to, sorry" >&2
108 exit 3
109 fi
110
111 if ! [ -x /usr/bin/perl ] && [ "$type" = 'receive-pack' ]; then
112 # We are INSIDE the chroot trying to push
113
114 if ! can_user_push "$projbare"; then
115 # If mob is enabled and mob has push permissions and
116 # the current user is not the mob then it's a personal mob push
117 # presuming the special mob directory has been set up
118 if [ "$mob" = "mob" -a "$LOGNAME" != "mob" -a -d "$reporoot/$proj/mob" ] &&
119 can_user_push "$projbare" mob; then
120 exec git-shell -c "git-receive-pack '$reporoot/$proj/mob'"
121 exit 1
122 fi
123 echo "The user '$LOGNAME' does not have push permissions for project '$proj'" >&2
124 echo "You may adjust push permissions at $webadmurl/editproj.cgi?name=$proj" >&2
125 exit 3
126 fi
127 fi
128
129 exec git-shell "$@"
130 exit 1
The repo.or.cz duct tape "Girocco"