Fix various issues with SSH receivers

Summary:
  - Original command is in SSH_ORIGINAL_COMMAND, not normal argv.
  - Use PhutilShellLexer to parse it.
  - Fix a protocol encoding issue with ConduitSSHWorkflow. I think I'm going to make this protocol accept multiple commands anyway because SSH pipes are crazy expensive to build (even locally, they're ~300ms).

Test Plan: With other changes, successfully executed "arc list --conduit-uri=ssh://localhost:2222".

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T550

Differential Revision: https://secure.phabricator.com/D4232
This commit is contained in:
epriestley
2012-12-19 11:11:32 -08:00
parent e78898970a
commit 6dd0169873
3 changed files with 36 additions and 24 deletions

View File

@@ -6,28 +6,35 @@ require_once $root.'/scripts/__init_script__.php';
$cert = file_get_contents('php://stdin'); $cert = file_get_contents('php://stdin');
$user = null; if (!$cert) {
if ($cert) { exit(1);
}
$parts = preg_split('/\s+/', $cert);
if (count($parts) < 2) {
exit(1);
}
list($type, $body) = $parts;
$user_dao = new PhabricatorUser(); $user_dao = new PhabricatorUser();
$ssh_dao = new PhabricatorUserSSHKey(); $ssh_dao = new PhabricatorUserSSHKey();
$conn = $user_dao->establishConnection('r'); $conn_r = $user_dao->establishConnection('r');
list($type, $body) = array_merge(
explode(' ', $cert),
array('', ''));
$row = queryfx_one( $row = queryfx_one(
$conn, $conn_r,
'SELECT userName FROM %T u JOIN %T ssh ON u.phid = ssh.userPHID 'SELECT userName FROM %T u JOIN %T ssh ON u.phid = ssh.userPHID
WHERE ssh.keyBody = %s AND ssh.keyType = %s', WHERE ssh.keyType = %s AND ssh.keyBody = %s',
$user_dao->getTableName(), $user_dao->getTableName(),
$ssh_dao->getTableName(), $ssh_dao->getTableName(),
$body, $type,
$type); $body);
if ($row) {
if (!$row) {
exit(1);
}
$user = idx($row, 'userName'); $user = idx($row, 'userName');
}
}
if (!$user) { if (!$user) {
exit(1); exit(1);

View File

@@ -4,6 +4,10 @@
$root = dirname(dirname(dirname(__FILE__))); $root = dirname(dirname(dirname(__FILE__)));
require_once $root.'/scripts/__init_script__.php'; require_once $root.'/scripts/__init_script__.php';
$original_command = getenv('SSH_ORIGINAL_COMMAND');
$original_argv = id(new PhutilShellLexer())->splitArguments($original_command);
$argv = array_merge($argv, $original_argv);
$args = new PhutilArgumentParser($argv); $args = new PhutilArgumentParser($argv);
$args->setTagline('receive SSH requests'); $args->setTagline('receive SSH requests');
$args->setSynopsis(<<<EOSYNOPSIS $args->setSynopsis(<<<EOSYNOPSIS
@@ -50,7 +54,7 @@ try {
// concise/relevant exceptions when the client is a remote SSH. // concise/relevant exceptions when the client is a remote SSH.
$remain = $args->getUnconsumedArgumentVector(); $remain = $args->getUnconsumedArgumentVector();
if (empty($remain)) { if (empty($remain)) {
throw new Exception("No command."); throw new Exception("No interactive logins.");
} else { } else {
$command = head($remain); $command = head($remain);
$workflow_names = mpull($workflows, 'getName', 'getName'); $workflow_names = mpull($workflows, 'getName', 'getName');

View File

@@ -31,9 +31,10 @@ final class ConduitSSHWorkflow extends PhabricatorSSHWorkflow {
throw new Exception("Invalid JSON input."); throw new Exception("Invalid JSON input.");
} }
$params = $raw_params; $params = idx($raw_params, 'params', array());
$params = json_decode($params, true);
$metadata = idx($params, '__conduit__', array());
unset($params['__conduit__']); unset($params['__conduit__']);
$metadata = idx($raw_params, '__conduit__', array());
$call = null; $call = null;
$error_code = null; $error_code = null;