11 def format_command(env_vars
, command
, ssh_opts
, ssh_key
):
13 for key
, var
in env_vars
.items():
14 environment
+= '{}={} '.format(key
, shlex
.quote(var
))
16 command
= shlex
.quote(command
)
17 command
= '{}{}'.format(environment
, command
)
19 # The command is being substituted into an authorized_keys line below,
20 # so we need to escape the double quotes.
21 command
= command
.replace('"', '\\"')
22 msg
= 'command="{}",{} {}'.format(command
, ssh_opts
, ssh_key
)
26 valid_keytypes
= config
.get('auth', 'valid-keytypes').split()
27 username_regex
= config
.get('auth', 'username-regex')
28 git_serve_cmd
= config
.get('auth', 'git-serve-cmd')
29 ssh_opts
= config
.get('auth', 'ssh-options')
33 if keytype
not in valid_keytypes
:
36 conn
= db
.Connection()
38 cur
= conn
.execute("SELECT Users.Username, Users.AccountTypeID FROM Users " +
39 "INNER JOIN SSHPubKeys ON SSHPubKeys.UserID = Users.ID "
40 "WHERE SSHPubKeys.PubKey = ? AND Users.Suspended = 0",
41 (keytype
+ " " + keytext
,))
44 if not row
or cur
.fetchone():
47 user
, account_type
= row
48 if not re
.match(username_regex
, user
):
54 'AUR_PRIVILEGED': '1' if account_type
> 1 else '0',
56 key
= keytype
+ ' ' + keytext
58 print(format_command(env_vars
, git_serve_cmd
, ssh_opts
, key
))