compile: allow full email addresses as usernames

we had usurped the email style syntax to separate multiple keys
belonging to the same person, like sitaram@desktop.pub and
sitaram@laptop.pub.  If you have so many users that you need the full
email address to disambiguate some of them (or you want to do it for
just plain convenience), you couldn't.

This patch fixes that in a backward compatible way.  See
doc/3-faq-tips-etc.mkd for details.
This commit is contained in:
Sitaram Chamarty 2009-12-08 15:03:38 +05:30
parent 8a4bb453a0
commit 4441ed82e4
4 changed files with 39 additions and 12 deletions

View file

@ -6,9 +6,13 @@
# the description string for gitweb)
# - comments in the normal shell-ish style; no surprises there
# - there are NO continuation lines of any kind
# - user/repo names as simple as possible
# (usernames: only alphanumerics, ".", "_", "-";
# reponames: same, plus "/", but not at the start)
# - user/repo names as simple as possible; they must start with an
# alphanumeric, but after that they can also contain ".", "_", "-".
# - usernames can optionally be followed by an "@" and a domainname
# containing at least one "." (this allows you to use an email
# address as someone's username)
# - reponames can contain "/" characters (this allows you to
# put your repos in a tree-structure for convenience)
# objectives, over and above gitosis:
# - simpler syntax

View file

@ -344,12 +344,36 @@ gitolite knows these two keys belong to the same person.
Note that you don't say "sitaram@laptop" and so on in the **config** file --
as far as the config file is concerned there's just **one** user called
"sitaram" -- so you only say "sitaram" there. Only the **pubkey files** have
the extra "@" stuff.
"sitaram" -- so you only say "sitaram" there.
I think this is easier to maintain if you have to delete or change one of
those keys.
However, now that `sitaramc@gmail.com` is also a valid username, we need to
distinguish between `sitaramc@gmail.com.pub` and `sitaramc@desktop.pub`. We
do that by requiring that the multi-key suffix you use (like "desktop" and
"laptop") should not have a `"."` in it. If it does, it looks like an email
address. The following table lists sample pubkey filenames and the
corresponding derived usernames (which is what goes into the
`conf/gitolite.conf` file):
* old style multikeys; not mistaken for emails because there is no "." in
hostname part
sitaramc.pub sitaramc
sitaramc@laptop.pub sitaramc
sitaramc@desktop.pub sitaramc
* new style, email keys; there is a "." in hostname part; so it's an email
address
sitaramc@gmail.com.pub sitaramc@gmail.com
* multikeys *with* email address
sitaramc@gmail.com@laptop.pub sitaramc@gmail.com
sitaramc@gmail.com@desktop.pub sitaramc@gmail.com
#### support for git installed outside default PATH
The normal solution is to add to the system default PATH somehow, either by

View file

@ -24,9 +24,9 @@ $WARN = "\n\t\t***** WARNING *****\n ";
$R_COMMANDS=qr/^(git[ -]upload-pack|git[ -]upload-archive)$/;
$W_COMMANDS=qr/^git[ -]receive-pack$/;
# note that REPONAME_PATT allows a "/" also, which USERNAME_PATT doesn't
$REPONAME_PATT=qr(^\@?[0-9a-zA-Z][0-9a-zA-Z._/-]*$); # very simple pattern
$USERNAME_PATT=qr(^\@?[0-9a-zA-Z][0-9a-zA-Z._-]*$); # very simple pattern
# note that REPONAME_PATT allows "/", while USERNAME_PATT allows "@"
$REPONAME_PATT=qr(^\@?[0-9a-zA-Z][0-9a-zA-Z._/-]*$); # very simple pattern
$USERNAME_PATT=qr(^\@?[0-9a-zA-Z][0-9a-zA-Z._\@-]*$); # very simple pattern
# ----------------------------------------------------------------------------
# convenience subs

View file

@ -121,7 +121,7 @@ sub expand_list
{
# we test with the slightly more relaxed pattern here; we'll catch the
# "/" in user name thing later; it doesn't affect security anyway
die "$ABRT bad user or repo name $item\n" unless $item =~ $REPONAME_PATT;
die "$ABRT bad user or repo name $item\n" unless $item =~ $REPONAME_PATT or $item =~ $USERNAME_PATT;
if ($item =~ /^@/) # nested group
{
die "$ABRT undefined group $item\n" unless $groups{$item};
@ -174,7 +174,6 @@ sub parse_conf_file
# store the members of each group as hash key. Keep track of when
# the group was *first* created by using $fragment as the *value*
do { $groups{$1}{$_} ||= $fragment } for ( expand_list( split(' ', $2) ) );
# again, we take the more "relaxed" pattern
die "$ABRT bad group $1\n" unless $1 =~ $REPONAME_PATT;
}
# repo(s)
@ -200,7 +199,7 @@ sub parse_conf_file
# expand the user list, unless it is just "@all"
@users = expand_list ( @users )
unless (@users == 1 and $users[0] eq '@all');
do { die "$ABRT bad username $_\n" unless $_ =~ $USERNAME_PATT } for @users;
do { die "$ABRT bad username $_ PATT is $USERNAME_PATT,\n" unless $_ =~ $USERNAME_PATT } for @users;
# ok, we can finally populate the %repos hash
for my $repo (@repos) # each repo in the current stanza
@ -408,7 +407,7 @@ for my $pubkey (glob("*"))
print STDERR "WARNING: pubkey files should end with \".pub\", ignoring $pubkey\n";
next;
}
my $user = $pubkey; $user =~ s/(\@.+)?\.pub$//;
my $user = $pubkey; $user =~ s/(\@[^.]+)?\.pub$//;
# lint check 2
print STDERR "WARNING: pubkey $pubkey exists but user $user not in config\n"
unless $user_list{$user};