Example #1
0
// makeGitPassHelper writes a GIT_ASKPASS helper that supplies password over stdout.
// You should remove the passHelper (and tempDir if any) after using it.
func makeGitPassHelper(pass string) (passHelper string, tempDir string, err error) {

	tmpFile, dir, err := internal.ScriptFile("go-vcs-gitcmd-ask")
	if err != nil {
		return tmpFile, dir, err
	}

	passPath := filepath.Join(dir, "password")
	err = internal.WriteFileWithPermissions(passPath, []byte(pass), 0600)
	if err != nil {
		return tmpFile, dir, err
	}

	var script string

	// We assume passPath can be escaped with a simple wrapping of single
	// quotes. The path is not user controlled so this assumption should
	// not be violated.
	if runtime.GOOS == "windows" {
		script = "@echo off\ntype " + passPath + "\n"
	} else {
		script = "#!/bin/sh\ncat '" + passPath + "'\n"
	}

	err = internal.WriteFileWithPermissions(tmpFile, []byte(script), 0500)
	return tmpFile, dir, err
}
Example #2
0
// Makes system-dependent SSH wrapper
func gitSSHWrapper(keyFile string, otherOpt string) (sshWrapperFile string, tempDir string, err error) {
	// TODO(sqs): encrypt and store the key in the env so that
	// attackers can't decrypt if they have disk access after our
	// process dies

	var script string

	if runtime.GOOS == "windows" {
		script = `
	@echo off
	ssh -o ControlMaster=no -o ControlPath=none ` + otherOpt + ` -i ` + filepath.ToSlash(keyFile) + ` "%@"
`
	} else {
		script = `
	#!/bin/sh
	exec /usr/bin/ssh -o ControlMaster=no -o ControlPath=none ` + otherOpt + ` -i ` + filepath.ToSlash(keyFile) + ` "$@"
`
	}

	sshWrapperName, tempDir, err := internal.ScriptFile("go-vcs-gitcmd")
	if err != nil {
		return sshWrapperName, tempDir, err
	}

	err = internal.WriteFileWithPermissions(sshWrapperName, []byte(script), 0500)
	return sshWrapperName, tempDir, err
}
Example #3
0
// Makes long file with abbbb... content. Returns file name, file's content, and error if any
func createLongFile() (file string, line []byte, err error) {

	longline := make([]byte, bufio.MaxScanTokenSize+1)
	for i := 0; i < len(longline); i++ {
		if i == 0 {
			longline[i] = 'a'
		} else {
			longline[i] = 'b'
		}
	}

	tmp, err := ioutil.TempFile("", "test")
	if err != nil {
		return "", longline, err
	}
	err = internal.WriteFileWithPermissions(tmp.Name(), longline, 0666)
	return tmp.Name(), longline, err
}
Example #4
0
// makeGitPassHelper writes a GIT_ASKPASS helper that supplies password over stdout.
// You should remove the passHelper (and tempDir if any) after using it.
func makeGitPassHelper(pass string) (passHelper string, tempDir string, err error) {

	tmpFile, dir, err := internal.ScriptFile("go-vcs-gitcmd-ask")
	if err != nil {
		return tmpFile, dir, err
	}

	var script string

	if runtime.GOOS == "windows" {
		script = "@echo off\necho " + pass + "\n"
	} else {
		script = "#!/bin/sh\necho '" + pass + "'\n"
	}

	err = internal.WriteFileWithPermissions(tmpFile, []byte(script), 0500)
	return tmpFile, dir, err
}
Example #5
0
// makeGitSSHWrapper writes a GIT_SSH wrapper that runs ssh with the
// private key. You should remove the sshWrapper, sshWrapperDir and
// the keyFile after using them.
func makeGitSSHWrapper(privKey []byte) (sshWrapper, sshWrapperDir, keyFile string, err error) {
	var otherOpt string
	if InsecureSkipCheckVerifySSH {
		otherOpt = "-o StrictHostKeyChecking=no"
	}

	kf, err := ioutil.TempFile("", "go-vcs-gitcmd-key")
	if err != nil {
		return "", "", "", err
	}
	keyFile = kf.Name()
	err = internal.WriteFileWithPermissions(keyFile, privKey, 0600)
	if err != nil {
		return "", "", keyFile, err
	}

	tmpFile, tmpFileDir, err := gitSSHWrapper(keyFile, otherOpt)
	return tmpFile, tmpFileDir, keyFile, err
}
Example #6
0
func TestServer(t *testing.T) {
	var shellScript string

	if runtime.GOOS == "windows" {
		shellScript = `@echo off
	set flag=%1
	set flag=%flag:"=%
	set args=%2
	set args=%args:"=%
	echo %flag% %args%
`
	} else {
		shellScript = `#!/bin/sh
echo $*
exit
`
	}

	shell, dir, err := internal.ScriptFile("govcs-ssh-shell")
	if err != nil {
		t.Fatal(err)
	}
	defer os.Remove(shell)
	if dir != "" {
		defer os.RemoveAll(dir)
	}

	err = internal.WriteFileWithPermissions(shell, []byte(shellScript), 0700)
	if err != nil {
		t.Fatal(err)
	}

	s, err := NewServer(shell, os.TempDir(), PrivateKey(SamplePrivKey))
	if err != nil {
		t.Fatal(err)
	}
	if err := s.Start(); err != nil {
		t.Fatal(err)
	}

	// Client
	cauth, err := clientAuth(SamplePrivKey)
	if err != nil {
		t.Fatal(err)
	}
	cconf := ssh.ClientConfig{User: "******"}
	cconf.Auth = append(cconf.Auth, cauth)
	sshc, err := ssh.Dial(s.l.Addr().Network(), s.l.Addr().String(), &cconf)
	if err != nil {
		t.Fatal(err)
	}
	defer sshc.Close()

	session, err := sshc.NewSession()
	if err != nil {
		t.Fatal(err)
	}
	defer session.Close()

	out, err := session.CombinedOutput("git-upload-pack 'foo'")
	if err != nil {
		t.Fatal(err)
	}
	if got, want := strings.TrimSpace(string(out)), "-c git-upload-pack 'foo'"; got != want {
		t.Errorf("got ssh session output %q, want %q", got, want)
	}
}