blob: f619143bb29026306c12143f7271f261bf55a9a8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
#!/bin/bash
# gitwrapper.sh
#
# A wrapper for the 'git upload-pack' command
# to automatically create repositories if they are
# pushed to
#
# Set command="" in .ssh/authorized_keys:
#
# command="/path/to/wrapper.sh myrepos" ssh-rsa ... user@example
#
[ -z "$1" ] && >&2 echo Invalid configuration in authorized_keys && exit 1
ALLOWED_REPODIR="$1"
if [ -z "$SSH_ORIGINAL_COMMAND" ]; then
bash
exit $?
fi
repo_path=$(sed -n 's/^git upload-pack \(.*\)$/\1/p' <<< "$SSH_ORIGINAL_COMMAND")
if [ ! -z "$repo_path" ]; then
if grep -q '\.\.' <<< "$repo_path"; then
>&2 echo Invalid file name.
exit 1
fi
reponame_regex='^\w+\.git$'
if [ "$(dirname "$repo_path")" != "$ALLOWED_REPODIR" ] || \
[[ ! "$(basename "$repo_path")" =~ $reponame_regex ]]; then
>&2 echo Invalid repository
exit 1
fi
[ ! -e "$repo_path" ] && git init --bare "$repo_path"
fi
eval $SSH_ORIGINAL_COMMAND
|