diff options
| author |   Christian Ruppert <idl0r@gentoo.org> | 2012-02-18 01:43:41 +0100 |
|---|---|---|
| committer | Christian Ruppert <idl0r@gentoo.org> | 2012-02-18 18:30:16 +0100 |
| commit | 74bc6bd9cb67192a5450ed4a74928e997733de0c (patch) | |
| tree | 392721f2195fa518f8d17897e412f17eb803fb35 | |
| parent | Improved setup_authkeys() function (diff) | |
| download | gitolite-gentoo-74bc6bd9cb67192a5450ed4a74928e997733de0c.tar.gz gitolite-gentoo-74bc6bd9cb67192a5450ed4a74928e997733de0c.tar.bz2 gitolite-gentoo-74bc6bd9cb67192a5450ed4a74928e997733de0c.zip | |
Parse and export metadata
| -rw-r--r-- | conf/example.gitolite.rc | 8 | ||||
| -rw-r--r-- | src/gitolite.pm | 24 | ||||
| -rw-r--r-- | src/gitolite_rc.pm | 2 | ||||
| -rwxr-xr-x | src/gl-auth-command | 10 |
4 files changed, 44 insertions, 0 deletions
diff --git a/conf/example.gitolite.rc b/conf/example.gitolite.rc index 9e3b39d..38dd2cc 100644 --- a/conf/example.gitolite.rc +++ b/conf/example.gitolite.rc @@ -39,6 +39,14 @@ $GL_NO_DAEMON_NO_GITWEB = 0; # $GL_NICE_VALUE = 0; # $BIG_INFO_CAP = 20; +# Define which metadata variables shall be exported to the gitolite environment. +# Those variables can be used in hooks, e.g. for cia.vc +# A pubkey file might contain one or more of those variable. +# They can be defined by e.g:"# git-username: idl0r" +# Each '-' (dash) will be replaced by an '_' (underscore). +#@GL_METADATA = ( "git-username", "git-email", "git-realname", "git-realname-ascii", "cia-vc-username" ); +#@GL_METADATA_REQUIRED = ( "git-username", "git-email", "git-realname" ); + # ------------------------------------------------------------------------------ # VARIABLES WITH A SECURITY IMPACT. READ DOCS BEFORE CHANGING THESE! # http://github.com/sitaramc/gitolite/blob/pu/doc/gitolite.rc.mkd#_variables_with_a_security_impact diff --git a/src/gitolite.pm b/src/gitolite.pm index 04b3ac1..1b9a1ce 100644 --- a/src/gitolite.pm +++ b/src/gitolite.pm @@ -1107,6 +1107,30 @@ sub setup_authkeys push @not_in_config, "$user($pubkey)" if %$user_list_p and not $user_list_p->{$user}; $user_list_p->{$user} = 'has pubkey' if %$user_list_p; + # lint check 3 -- Ensure that all required metadata variables are + # defined. + my @not_met = @GL_METADATA_REQUIRED; + open(PUBKEY, '<', $pubkey); + while(defined(my $line = <PUBKEY>)) { + chomp($line); + next if $line !~ m/^\s*#/; + $line =~ s/^\s*#\s*//; + + my ($variable, $value) = split(/:\s*/, $line, 2); + + if(grep(/^\Q${variable}\E$/, @GL_METADATA_REQUIRED)) { + if(length($value) > 0) { + @not_met = grep(!/^\Q${variable}\E$/, @not_met); + } + } + } + close(PUBKEY); + if( $#not_met ne -1 ) { + print STDERR "$WARN Skipping '${pubkey}' due to missed required variables:\n"; + print STDERR join(", ", sort @not_met), "\n"; + next; + } + # Parse the pubkey including all options etc... # Use strict mode to abort on faulty files. my $akf = Net::SSH::AuthorizedKeysFile->new( strict => 1, ); diff --git a/src/gitolite_rc.pm b/src/gitolite_rc.pm index 9f65a7d..d7fde29 100644 --- a/src/gitolite_rc.pm +++ b/src/gitolite_rc.pm @@ -27,6 +27,8 @@ use Exporter 'import'; $GL_HOSTNAME $GL_HTTP_ANON_USER + + @GL_METADATA @GL_METADATA_REQUIRED ); # ------------------------------------------------------------------------------ diff --git a/src/gl-auth-command b/src/gl-auth-command index 6861b56..63b8478 100755 --- a/src/gl-auth-command +++ b/src/gl-auth-command @@ -182,6 +182,16 @@ if (-x "$REPO_BASE/$repo.git/hooks/gl-pre-git") { # over to git now # ---------------------------------------------------------------------------- +my $metaenv = "Metadata ENV:"; +export_key_metadata($user); +foreach my $metadata (@GL_METADATA) { + $metadata =~ s/-/_/g; + if(defined($ENV{$metadata})) { + $metaenv = join(" ", $metaenv, "${metadata}=\"$ENV{$metadata}\""); + } +} +log_it($metaenv); + if ($ENV{REQUEST_URI}) { log_it($ENV{REQUEST_URI}); exec $ENV{GIT_HTTP_BACKEND}; |