11 use Digest
::SHA1
qw(sha1_hex);
16 filedb_atomic_append
(jailed_file
('/etc/passwd'),
17 join(':', $self->{name
}, 'x', '\i', 65534, $self->{email
}, '/', '/bin/git-shell'));
22 '/etc/sshkeys/'.$self->{name
};
27 open F
, "<".jailed_file
($self->_sshkey_path) or die "sshkey load failed: $!";
32 if (/^ssh-(?:dss|rsa) /) {
34 } elsif (/^# REPOAUTH ([0-9a-f]+) (\d+)/) {
36 $auth = $1 unless (time >= $expire);
40 my $keys = join('', @keys); chomp $keys;
46 open F
, ">".jailed_file
($self->_sshkey_path) or die "sshkey failed: $!";
47 if (defined($self->{auth
}) && $self->{auth
}) {
48 my $expire = time + 24 * 3600;
49 print F
"# REPOAUTH $self->{auth} $expire\n";
51 print F
$self->{keys}."\n";
53 chmod 0664, jailed_file
($self->_sshkey_path);
56 # private constructor, do not use
60 Girocco
::User
::valid_name
($name) or die "refusing to create user with invalid name ($name)!";
61 my $proj = { name
=> $name };
66 # public constructor #0
67 # creates a virtual user not connected to disk record
68 # you can conjure() it later to disk
72 my $self = $class->_new($name);
76 # public constructor #1
81 open F
, jailed_file
("/etc/passwd") or die "user load failed: $!";
85 next unless (shift eq $name);
87 my $self = $class->_new($name);
89 (undef, $self->{uid
}, undef, $self->{email
}) = @_;
90 ($self->{keys}, $self->{auth
}) = $self->_sshkey_load;
98 # $user may not be in sane state if this returns false!
102 my $cgi = $gcgi->cgi;
104 $self->{name
} = $gcgi->wparam('name');
105 Girocco
::User
::valid_name
($self->{name
})
106 or $gcgi->err("Name contains invalid characters.");
108 $self->{email
} = $gcgi->wparam('email');
109 valid_email
($self->{email
})
110 or $gcgi->err("Your email sure looks weird...?");
112 $self->keys_fill($gcgi);
118 my $cgi = $gcgi->cgi;
120 $self->{keys} = $cgi->param('keys');
121 length($self->{keys}) <= 4096
122 or $gcgi->err("The list of keys is more than 4kb. Do you really need that much?");
123 foreach (split /\r?\n/, $self->{keys}) {
124 /^ssh-(?:dss|rsa) .* \S+@\S+$/ or $gcgi->err("Your ssh key (\"$_\") appears to have invalid format (do not start by ssh-dss|rsa or do not end with @-identifier) - maybe your browser has split a single key to multiple lines?");
127 not $gcgi->err_check;
139 $self->{auth
} = Digest
::SHA1
::sha1_hex
(time . $$ . rand() . $self->{keys});
147 delete $self->{auth
};
161 /^[a-zA-Z0-9+._-]+$/;
166 Girocco
::User
::valid_name
($name) or die "tried to query for user with invalid name $name!";
167 (-e jailed_file
("/etc/sshkeys/$name"));
176 $Girocco::Config
::chrooted
and undef; # TODO for ACLs within chroot
177 scalar(getpwnam($name));