Fix various issues with SSH receivers

Summary:
  - Original command is in SSH_ORIGINAL_COMMAND, not normal argv.
  - Use PhutilShellLexer to parse it.
  - Fix a protocol encoding issue with ConduitSSHWorkflow. I think I'm going to make this protocol accept multiple commands anyway because SSH pipes are crazy expensive to build (even locally, they're ~300ms).

Test Plan: With other changes, successfully executed "arc list --conduit-uri=ssh://localhost:2222".

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T550

Differential Revision: https://secure.phabricator.com/D4232

scripts/ssh/ssh-auth.php

@@ -6,29 +6,36 @@ require_once $root.'/scripts/__init_script__.php';
 
 $cert = file_get_contents('php://stdin');
 
-$user = null;
-if ($cert) {
-  $user_dao = new PhabricatorUser();
-  $ssh_dao = new PhabricatorUserSSHKey();
-  $conn = $user_dao->establishConnection('r');
-
-  list($type, $body) = array_merge(
-    explode(' ', $cert),
-    array('', ''));
-
-  $row = queryfx_one(
-    $conn,
-    'SELECT userName FROM %T u JOIN %T ssh ON u.phid = ssh.userPHID
-      WHERE ssh.keyBody = %s AND ssh.keyType = %s',
-    $user_dao->getTableName(),
-    $ssh_dao->getTableName(),
-    $body,
-    $type);
-  if ($row) {
-    $user = idx($row, 'userName');
-  }
+if (!$cert) {
+  exit(1);
 }
 
+$parts = preg_split('/\s+/', $cert);
+if (count($parts) < 2) {
+  exit(1);
+}
+
+list($type, $body) = $parts;
+
+$user_dao = new PhabricatorUser();
+$ssh_dao = new PhabricatorUserSSHKey();
+$conn_r = $user_dao->establishConnection('r');
+
+$row = queryfx_one(
+  $conn_r,
+  'SELECT userName FROM %T u JOIN %T ssh ON u.phid = ssh.userPHID
+    WHERE ssh.keyType = %s AND ssh.keyBody = %s',
+  $user_dao->getTableName(),
+  $ssh_dao->getTableName(),
+  $type,
+  $body);
+
+if (!$row) {
+  exit(1);
+}
+
+$user = idx($row, 'userName');
+
 if (!$user) {
   exit(1);
 }