diff options
| author | Aaron Ball <nullspoon@oper.io> | 2021-07-11 15:58:13 -0600 |
|---|---|---|
| committer | Aaron Ball <nullspoon@oper.io> | 2021-07-11 16:00:50 -0600 |
| commit | 487e72e9d412d9ff5675555c4340d2ad80ae1e46 (patch) | |
| tree | dab2b3efcc1b33c3da9c3eeef4d69be5c0585c28 | |
| parent | 4aac31c788be61de0c1ee5d2d5bf0df723336838 (diff) | |
| download | gitaccess-487e72e9d412d9ff5675555c4340d2ad80ae1e46.tar.gz gitaccess-487e72e9d412d9ff5675555c4340d2ad80ae1e46.tar.xz | |
Rewrite validate_git process
Now the validate_git function takes an additional argument: repo. This
is because rather than having repo be parsed out of the environment
varibale within validate_git via the unwrap function, we now use sscanf
to read it, since the input string is so consistent. This also deletes
the unwrap function completely.
Finally, this updates many of the log messages to be more helpful, since
the repo path is now readily available within main.
| -rw-r--r-- | src/main.c | 57 |
1 files changed, 17 insertions, 40 deletions
@@ -67,30 +67,6 @@ void logmsg(char* msg) { } /** - * unwrap: - * Grabs the text between a delimiter (usually a quote). Will traverse the - * provided string until the first occurence of the delimiter is found, and - * will continue until the closing delimiter is found (or end of line). - * - * @wrapchar Delimiter character wrapping the string - * @line Line to search for the wrapped string - * @buf Output buffer that will contain the wrapped string - * - * @return Pointer to the buffer - */ -char* unwrap(char wrapchar, char* line, char* buf) { - char *start = NULL, *end = NULL; - - start = strchr(line, wrapchar); // Locate first occurrence - start++; // Advance one past it - end = strchr(start, wrapchar); // Locate last occurrence - - strncpy(buf, start, end - start); // Copy to the buffer - buf[end - start] = '\0'; // Null terminate - return buf; -} - -/** * trim: * Function to trim all leading and trailing whitespace. Note that this mutates * the source string by writing a null byte over the first trailing whitespace. @@ -194,22 +170,20 @@ int is_allowed_cmd(char* str) { * * @return 1 if permitted, 0 if not */ -int validate_git(char* user) { - char repopath[128]; // Buffer for the repo path (from SSH_ORIGINAL_COMMAND) +int validate_git(char *user, char *repo) { char userspath[256]; // Path to the repo's users file (if one is specified) - unwrap('\'', getenv("SSH_ORIGINAL_COMMAND"), repopath); - if(strcmp(&repopath[strlen(repopath) - 4], ".git") == 0) - sprintf(userspath, "%s/users", repopath); + if(strcmp(&repo[strlen(repo) - 4], ".git") == 0) + sprintf(userspath, "%s/users", repo); else - sprintf(userspath, "%s.git/users", repopath); + sprintf(userspath, "%s.git/users", repo); if(access(userspath, F_OK) == -1) { - fprintf(stderr, "Repo %s does not exist or is misconfigured.\n", repopath); + fprintf(stderr, "Repo %s does not exist or is misconfigured.\n", repo); return 0; } if(line_in_file(userspath, user) != 1) { - fprintf(stderr, "User %s does not have permission to access repo %s\n", user, repopath); + fprintf(stderr, "User %s does not have permission to access repo %s\n", user, repo); return 0; } return 1; @@ -218,9 +192,10 @@ int validate_git(char* user) { int main(int argc, char* argv[]) { char cmd[128]; // Buffer for the first cmd in SSH_ORIGINAL_COMMAND - char gitsh[256]; // Buffer for the git-shell cmd (from SSH_ORIGINAL_COMMAND) + char repo[128]; // Buffer for the repo path (from SSH_ORIGINAL_COMMAND) + char gitsh[512]; // Buffer for the git-shell cmd (from SSH_ORIGINAL_COMMAND) char* user; - char msg[256]; + char msg[512]; // Ensure username is specified if(argc == 1) { @@ -240,25 +215,27 @@ int main(int argc, char* argv[]) { } // Read the first command in the ssh - sscanf(getenv("SSH_ORIGINAL_COMMAND"), "%s [^\n]", cmd); + sscanf(getenv("SSH_ORIGINAL_COMMAND"), "%128s '%128[^']'[^\n]", cmd, repo); if(is_git_cmd(cmd)) { // Read the repo path (command argument) - if(!validate_git(user)) { - sprintf(msg, "[%s] attempted invalid git command \"%s\"", user, cmd); + if(!validate_git(user, repo)) { + sprintf(msg, "[%s][%s] attempted invalid git command \"%s\"", \ + user, repo, cmd); logmsg(msg); return 1; } } else if(! is_allowed_cmd(cmd)) { - sprintf(msg, "[%s] attempted disallowed command \"%s\"", user, cmd); + sprintf(msg, "[%s][%s] attempted disallowed command \"%s\"", \ + user, repo, cmd); logmsg(msg); fprintf(stderr, "Command '%s' is not allowed\n", cmd); return 1; } - sprintf(msg, "[%s] executed \"%s\"", user, cmd); + sprintf(msg, "[%s][%s] executed \"%s\"", user, repo, cmd); logmsg(msg); - sprintf(gitsh, "/usr/bin/env git-shell -c \"%s\"", cmd); + sprintf(gitsh, "/usr/bin/env git-shell -c \"%s '%s'\"", cmd, repo); system(gitsh); return 0; |