···
securejoin "github.com/cyphar/filepath-securejoin"
"github.com/urfave/cli/v3"
"tangled.org/core/idresolver"
19
-
"tangled.org/core/log"
func Command() *cli.Command {
···
func Run(ctx context.Context, cmd *cli.Command) error {
58
-
l := log.FromContext(ctx)
incomingUser := cmd.String("user")
gitDir := cmd.String("git-dir")
logPath := cmd.String("log-path")
endpoint := cmd.String("internal-api")
motdFile := cmd.String("motd-file")
63
+
stream := io.Discard
logFile, err := os.OpenFile(logPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
68
-
l.Error("failed to open log file", "error", err)
71
-
fileHandler := slog.NewJSONHandler(logFile, &slog.HandlerOptions{Level: slog.LevelInfo})
72
-
l = slog.New(fileHandler)
69
+
fileHandler := slog.NewJSONHandler(stream, &slog.HandlerOptions{Level: slog.LevelInfo})
70
+
slog.SetDefault(slog.New(fileHandler))
if connInfo := os.Getenv("SSH_CONNECTION"); connInfo != "" {
parts := strings.Fields(connInfo)
···
84
-
l.Error("access denied: no user specified")
81
+
slog.Error("access denied: no user specified")
fmt.Fprintln(os.Stderr, "access denied: no user specified")
sshCommand := os.Getenv("SSH_ORIGINAL_COMMAND")
91
-
l.Info("connection attempt",
88
+
slog.Info("connection attempt",
97
-
l.Info("access denied: no interactive shells", "user", incomingUser)
94
+
slog.Info("access denied: no interactive shells", "user", incomingUser)
fmt.Fprintf(os.Stderr, "Hi @%s! You've successfully authenticated.\n", incomingUser)
cmdParts := strings.Fields(sshCommand)
104
-
l.Error("invalid command format", "command", sshCommand)
101
+
slog.Error("invalid command format", "command", sshCommand)
fmt.Fprintln(os.Stderr, "invalid command format")
···
// any of the above with a leading slash (/)
components := strings.Split(strings.TrimPrefix(strings.Trim(cmdParts[1], "'"), "/"), "/")
116
-
l.Info("command components", "components", components)
113
+
slog.Info("command components", "components", components)
if len(components) != 2 {
119
-
l.Error("invalid repo format", "components", components)
116
+
slog.Error("invalid repo format", "components", components)
fmt.Fprintln(os.Stderr, "invalid repo format, needs <user>/<repo> or /<user>/<repo>")
didOrHandle := components[0]
125
-
identity := resolveIdentity(ctx, l, didOrHandle)
122
+
identity := resolveIdentity(ctx, didOrHandle)
did := identity.DID.String()
repoName := components[1]
qualifiedRepoName, _ := securejoin.SecureJoin(did, repoName)
···
"git-upload-archive": true,
if !validCommands[gitCommand] {
136
-
l.Error("access denied: invalid git command", "command", gitCommand)
133
+
slog.Error("access denied: invalid git command", "command", gitCommand)
fmt.Fprintln(os.Stderr, "access denied: invalid git command")
return fmt.Errorf("access denied: invalid git command")
if gitCommand != "git-upload-pack" {
142
-
if !isPushPermitted(l, incomingUser, qualifiedRepoName, endpoint) {
143
-
l.Error("access denied: user not allowed",
139
+
if !isPushPermitted(incomingUser, qualifiedRepoName, endpoint) {
140
+
slog.Error("access denied: user not allowed",
"reponame", qualifiedRepoName)
fmt.Fprintln(os.Stderr, "access denied: user not allowed")
···
fullPath, _ := securejoin.SecureJoin(gitDir, qualifiedRepoName)
153
-
l.Info("processing command",
150
+
slog.Info("processing command",
···
if reader, err := os.Open(motdFile); err != nil {
if !errors.Is(err, os.ErrNotExist) {
163
-
l.Error("failed to read motd file", "error", err)
160
+
slog.Error("failed to read motd file", "error", err)
motdReader = strings.NewReader("Welcome to this knot!\n")
···
if err := gitCmd.Run(); err != nil {
184
-
l.Error("command failed", "error", err)
181
+
slog.Error("command failed", "error", err)
fmt.Fprintf(os.Stderr, "command failed: %v\n", err)
return fmt.Errorf("command failed: %v", err)
189
-
l.Info("command completed",
186
+
slog.Info("command completed",
···
198
-
func resolveIdentity(ctx context.Context, l *slog.Logger, didOrHandle string) *identity.Identity {
195
+
func resolveIdentity(ctx context.Context, didOrHandle string) *identity.Identity {
resolver := idresolver.DefaultResolver()
ident, err := resolver.ResolveIdent(ctx, didOrHandle)
202
-
l.Error("Error resolving handle", "error", err, "handle", didOrHandle)
199
+
slog.Error("Error resolving handle", "error", err, "handle", didOrHandle)
fmt.Fprintf(os.Stderr, "error resolving handle: %v\n", err)
if ident.Handle.IsInvalidHandle() {
207
-
l.Error("Error resolving handle", "invalid handle", didOrHandle)
204
+
slog.Error("Error resolving handle", "invalid handle", didOrHandle)
fmt.Fprintf(os.Stderr, "error resolving handle: invalid handle\n")
214
-
func isPushPermitted(l *slog.Logger, user, qualifiedRepoName, endpoint string) bool {
211
+
func isPushPermitted(user, qualifiedRepoName, endpoint string) bool {
u, _ := url.Parse(endpoint + "/push-allowed")
···
req, err := http.Get(u.String())
223
-
l.Error("Error verifying permissions", "error", err)
220
+
slog.Error("Error verifying permissions", "error", err)
fmt.Fprintf(os.Stderr, "error verifying permissions: %v\n", err)
228
-
l.Info("Checking push permission",
225
+
slog.Info("checking push permission",
oppi.li