#!/usr/bin/env php <?php // This is a wrapper script for Git, Mercurial, and Subversion. It primarily // serves to inject "-o StrictHostKeyChecking=no" into the SSH arguments. // In some cases, Subversion sends us SIGTERM. If we don't catch the signal and // react to it, we won't run object destructors by default and thus won't clean // up temporary files. Declare ticks so we can install a signal handler. if (function_exists('pcntl_async_signals')) { pcntl_async_signals(true); } else { declare(ticks = 1); } $root = dirname(dirname(dirname(__FILE__))); require_once $root.'/scripts/__init_script__.php'; // Contrary to the documentation, Git may pass a "-p" flag. If it does, respect // it and move it before the "--" argument. $args = new PhutilArgumentParser($argv); $args->parsePartial( array( array( 'name' => 'port', 'short' => 'p', 'param' => pht('port'), 'help' => pht('Port number to connect to.'), ), array( 'name' => 'options', 'short' => 'o', 'param' => pht('options'), 'repeat' => true, 'help' => pht('SSH options.'), ), )); $unconsumed_argv = $args->getUnconsumedArgumentVector(); if (function_exists('pcntl_signal')) { pcntl_signal(SIGTERM, 'ssh_connect_signal'); } function ssh_connect_signal($signo) { // This is just letting destructors fire. In particular, we want to clean // up any temporary files we wrote. See T10547. exit(128 + $signo); } $pattern = array(); $arguments = array(); $pattern[] = 'ssh'; $pattern[] = '-o'; $pattern[] = 'StrictHostKeyChecking=no'; // This prevents "known host" failures, and covers for issues where HOME is set // to something unusual. $pattern[] = '-o'; $pattern[] = 'UserKnownHostsFile=/dev/null'; $as_device = getenv('PHABRICATOR_AS_DEVICE'); $credential_phid = getenv('PHABRICATOR_CREDENTIAL'); if ($as_device) { $device = AlmanacKeys::getLiveDevice(); if (!$device) { throw new Exception( pht( 'Attempting to create an SSH connection that authenticates with '. 'the current device, but this host is not configured as a cluster '. 'device.')); } if ($credential_phid) { throw new Exception( pht( 'Attempting to proxy an SSH connection that authenticates with '. 'both the current device and a specific credential. These options '. 'are mutually exclusive.')); } } if ($credential_phid) { $viewer = PhabricatorUser::getOmnipotentUser(); $key = PassphraseSSHKey::loadFromPHID($credential_phid, $viewer); $pattern[] = '-l %P'; $arguments[] = $key->getUsernameEnvelope(); $pattern[] = '-i %P'; $arguments[] = $key->getKeyfileEnvelope(); } if ($as_device) { $pattern[] = '-l %R'; $arguments[] = AlmanacKeys::getClusterSSHUser(); $pattern[] = '-i %R'; $arguments[] = AlmanacKeys::getKeyPath('device.key'); } // Subversion passes us a host in the form "domain.com:port", which is not // valid for normal SSH but which we can parse into a valid "-p" flag. $passthru_args = $unconsumed_argv; $host = array_shift($passthru_args); $parts = explode(':', $host, 2); $host = $parts[0]; $port = $args->getArg('port'); if (!$port) { if (count($parts) == 2) { $port = $parts[1]; } } if ($port) { $pattern[] = '-p %d'; $arguments[] = $port; } $options = $args->getArg('options'); $allowed_ssh_options = array('SendEnv=GIT_PROTOCOL'); if (!empty($options)) { foreach ($options as $option) { if (array_search($option, $allowed_ssh_options) !== false) { $pattern[] = '-o %s'; $arguments[] = $option; } else { throw new Exception( pht( 'Disallowed ssh option "%s" given with "-o". '. 'Allowed options are: %s.', $option, implode(', ', $allowed_ssh_options))); } } } $pattern[] = '--'; $pattern[] = '%s'; $arguments[] = $host; foreach ($passthru_args as $passthru_arg) { $pattern[] = '%s'; $arguments[] = $passthru_arg; } $pattern = implode(' ', $pattern); array_unshift($arguments, $pattern); $err = newv('PhutilExecPassthru', $arguments) ->execute(); exit($err);