diff options
Diffstat (limited to 'src')
| -rwxr-xr-x | src/VREF/MAX_NEWBIN_SIZE | 2 | ||||
| -rwxr-xr-x | src/commands/config | 19 | ||||
| -rw-r--r-- | src/lib/Gitolite/Common.pm | 2 | ||||
| -rw-r--r-- | src/lib/Gitolite/Conf/Load.pm | 9 | ||||
| -rw-r--r-- | src/lib/Gitolite/Triggers/RepoUmask.pm | 4 | ||||
| -rwxr-xr-x | src/triggers/repo-specific-hooks | 18 |
6 files changed, 38 insertions, 16 deletions
diff --git a/src/VREF/MAX_NEWBIN_SIZE b/src/VREF/MAX_NEWBIN_SIZE index 84a9efa..99d51d3 100755 --- a/src/VREF/MAX_NEWBIN_SIZE +++ b/src/VREF/MAX_NEWBIN_SIZE @@ -21,6 +21,8 @@ die "not meant to be run manually" unless $ARGV[7]; my ( $newsha, $oldtree, $newtree, $refex, $max ) = @ARGV[ 2, 3, 4, 6, 7 ]; +exit 0 if $newsha eq '0000000000000000000000000000000000000000'; + # / (.*) +\| Bin 0 -> (\d+) bytes/ chomp( my $author_email = `git log --format=%ae -1 $newsha` ); diff --git a/src/commands/config b/src/commands/config index 7851c11..214158b 100755 --- a/src/commands/config +++ b/src/commands/config @@ -63,8 +63,8 @@ usage() if not @ARGV or $ARGV[0] eq '-h'; my $repo = shift; -my ($op, $key, $val) = @ARGV; -usage() unless $op and exists $nargs{$op} and @ARGV == $nargs{$op}; +my $op = shift; +usage() unless $op and exists $nargs{$op}; # ---------------------------------------------------------------------- # authorisation checks @@ -81,15 +81,30 @@ die "sorry, you are not authorised\n" unless # key validity checks unless ($op eq '--list') { + my $key = shift; + + my $val = ''; + $val = join(" ", @ARGV) if @ARGV; + # values with spaces embedded get flattened by sshd when it passes + # SSH_ORIGINAL_COMMAND to gitolite. In this specific instance, we will + # pretend we know what the user meant, and join up the last 1+ args into + # one space-separated arg. + my $user_configs = option( $repo, 'user-configs' ); # this is a space separated list of allowed config keys my @validkeys = split( ' ', ( $user_configs || '' ) ); my @matched = grep { $key =~ /^$_$/i } @validkeys; _die "config '$key' not allowed\n" if ( @matched < 1 ); + + @ARGV = ($key); + push @ARGV, $val if $val; } # ---------------------------------------------------------------------- # go! +unshift @ARGV, $op; +usage() unless @ARGV == $nargs{$op}; + _chdir("$rc{GL_REPO_BASE}/$repo.git"); _system( "git", "config", @ARGV ); diff --git a/src/lib/Gitolite/Common.pm b/src/lib/Gitolite/Common.pm index af9c875..b06f967 100644 --- a/src/lib/Gitolite/Common.pm +++ b/src/lib/Gitolite/Common.pm @@ -361,7 +361,7 @@ sub ssh_fingerprint_file { my $in = shift; -f $in or die "file not found: $in\n"; my $fh; - open( $fh, "ssh-keygen -l -f $in |" ) or die "could not fork: $!\n"; + open( $fh, "ssh-keygen -l -f $in 2>&1 |" ) or die "could not fork: $!\n"; my $output = <$fh>; chomp $output; # dbg("fp = $fp"); diff --git a/src/lib/Gitolite/Conf/Load.pm b/src/lib/Gitolite/Conf/Load.pm index 8abd386..57d1396 100644 --- a/src/lib/Gitolite/Conf/Load.pm +++ b/src/lib/Gitolite/Conf/Load.pm @@ -436,9 +436,12 @@ sub memberships { push @ret, @{ $groups{$base} } if exists $groups{$base}; push @ret, @{ $groups{$base2} } if $base2 and exists $groups{$base2}; - for my $i ( keys %{ $patterns{groups} } ) { - if ( $base =~ /^$i$/ or $base2 and ( $base2 =~ /^$i$/ ) ) { - push @ret, @{ $groups{$i} }; + if ($type eq 'repo') { + # regexes can only be used for repos, not for users + for my $i ( keys %{ $patterns{groups} } ) { + if ( $base =~ /^$i$/ or $base2 and ( $base2 =~ /^$i$/ ) ) { + push @ret, @{ $groups{$i} }; + } } } diff --git a/src/lib/Gitolite/Triggers/RepoUmask.pm b/src/lib/Gitolite/Triggers/RepoUmask.pm index 109cb31..276cd01 100644 --- a/src/lib/Gitolite/Triggers/RepoUmask.pm +++ b/src/lib/Gitolite/Triggers/RepoUmask.pm @@ -23,6 +23,10 @@ use warnings; option umask = 0027 + * Anytime you add or change the value, if there are existing repos that + would be affected, you will need to do a manual "chmod" adjustment, + because umask only affects newly created files. + =cut # sadly option/config values are not available at pre_create time for normal diff --git a/src/triggers/repo-specific-hooks b/src/triggers/repo-specific-hooks index 7c16f2f..4044cc9 100755 --- a/src/triggers/repo-specific-hooks +++ b/src/triggers/repo-specific-hooks @@ -42,19 +42,17 @@ while (<>) { my @codes = split /\s+/, $codes; - # check for disallowed hook types only if @codes is non-empty - if (@codes) { - # this is a special case - if ( $repo eq 'gitolite-admin' and $hook eq 'post-update' ) { - _warn "repo-specific-hooks: ignoring attempts to set post-update hook for the admin repo"; - next; - } - - unless ( $hook =~ /^(pre-receive|post-receive|post-update|pre-auto-gc)$/ ) { + # bail on disallowed hook types (but warn only if @codes is non-empty) + if ( $repo eq 'gitolite-admin' and $hook eq 'post-update' ) { + _warn "repo-specific-hooks: ignoring attempts to set post-update hook for the admin repo" if @codes; + next; + } + unless ( $hook =~ /^(pre-receive|post-receive|post-update|pre-auto-gc)$/ ) { + if (@codes) { _warn "repo-specific-hooks: '$hook' is not allowed, ignoring"; _warn " (only pre-receive, post-receive, post-update, and pre-auto-gc are allowed)"; - next; } + next; } push @{ $repo_hooks{$repo}{$hook} }, @codes; |