1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-22 14:52:41 +01:00

Fix various issues with SSH receivers

Summary:
  - Original command is in SSH_ORIGINAL_COMMAND, not normal argv.
  - Use PhutilShellLexer to parse it.
  - Fix a protocol encoding issue with ConduitSSHWorkflow. I think I'm going to make this protocol accept multiple commands anyway because SSH pipes are crazy expensive to build (even locally, they're ~300ms).

Test Plan: With other changes, successfully executed "arc list --conduit-uri=ssh://localhost:2222".

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T550

Differential Revision: https://secure.phabricator.com/D4232
This commit is contained in:
epriestley 2012-12-19 11:11:32 -08:00
parent e78898970a
commit 6dd0169873
3 changed files with 36 additions and 24 deletions

View file

@ -6,29 +6,36 @@ require_once $root.'/scripts/__init_script__.php';
$cert = file_get_contents('php://stdin');
$user = null;
if ($cert) {
$user_dao = new PhabricatorUser();
$ssh_dao = new PhabricatorUserSSHKey();
$conn = $user_dao->establishConnection('r');
list($type, $body) = array_merge(
explode(' ', $cert),
array('', ''));
$row = queryfx_one(
$conn,
'SELECT userName FROM %T u JOIN %T ssh ON u.phid = ssh.userPHID
WHERE ssh.keyBody = %s AND ssh.keyType = %s',
$user_dao->getTableName(),
$ssh_dao->getTableName(),
$body,
$type);
if ($row) {
$user = idx($row, 'userName');
}
if (!$cert) {
exit(1);
}
$parts = preg_split('/\s+/', $cert);
if (count($parts) < 2) {
exit(1);
}
list($type, $body) = $parts;
$user_dao = new PhabricatorUser();
$ssh_dao = new PhabricatorUserSSHKey();
$conn_r = $user_dao->establishConnection('r');
$row = queryfx_one(
$conn_r,
'SELECT userName FROM %T u JOIN %T ssh ON u.phid = ssh.userPHID
WHERE ssh.keyType = %s AND ssh.keyBody = %s',
$user_dao->getTableName(),
$ssh_dao->getTableName(),
$type,
$body);
if (!$row) {
exit(1);
}
$user = idx($row, 'userName');
if (!$user) {
exit(1);
}

View file

@ -4,6 +4,10 @@
$root = dirname(dirname(dirname(__FILE__)));
require_once $root.'/scripts/__init_script__.php';
$original_command = getenv('SSH_ORIGINAL_COMMAND');
$original_argv = id(new PhutilShellLexer())->splitArguments($original_command);
$argv = array_merge($argv, $original_argv);
$args = new PhutilArgumentParser($argv);
$args->setTagline('receive SSH requests');
$args->setSynopsis(<<<EOSYNOPSIS
@ -50,7 +54,7 @@ try {
// concise/relevant exceptions when the client is a remote SSH.
$remain = $args->getUnconsumedArgumentVector();
if (empty($remain)) {
throw new Exception("No command.");
throw new Exception("No interactive logins.");
} else {
$command = head($remain);
$workflow_names = mpull($workflows, 'getName', 'getName');

View file

@ -31,9 +31,10 @@ final class ConduitSSHWorkflow extends PhabricatorSSHWorkflow {
throw new Exception("Invalid JSON input.");
}
$params = $raw_params;
$params = idx($raw_params, 'params', array());
$params = json_decode($params, true);
$metadata = idx($params, '__conduit__', array());
unset($params['__conduit__']);
$metadata = idx($raw_params, '__conduit__', array());
$call = null;
$error_code = null;