X-Git-Url: https://git.distorted.org.uk/~mdw/chopwood/blobdiff_plain/71d74dcfa355c55076eca33939f56d6f8a7b87ce..HEAD:/chpwd diff --git a/chpwd b/chpwd index 3872715..2d6c75c 100755 --- a/chpwd +++ b/chpwd @@ -30,6 +30,7 @@ import optparse as OP import os as OS; ENV = OS.environ import shlex as SL import sys as SYS +import syslog as L from auto import HOME, VERSION import cgi as CGI @@ -75,6 +76,9 @@ for short, long, props in [ 'default': ENV.get('CHPWD_CONFIG', OS.path.join(HOME, 'chpwd.conf')), 'help': 'read configuration from FILE.' }), + ('-i', '--ignore-policy', { + 'dest': 'ignpol', 'default': False, 'action': 'store_true', + 'help': 'ignore the operation policy (for administrators)' }), ('-s', '--ssl', { 'dest': 'sslp', 'action': 'store_true', 'help': 'pretend CGI connection is carried over SSL/TLS' }), @@ -83,6 +87,20 @@ for short, long, props in [ 'help': "impersonate USER, and default context to `userv'." })]: OPTPARSE.add_option(short, long, **props) +def parse_options(): + """ + Parse the main command-line options, returning the positional arguments. + """ + global OPTS + OPTS, args = OPTPARSE.parse_args() + OPTPARSE.show_global_opts = False + CFG.OPTS = OPTS + ## It's tempting to load the configuration here. Don't do that. Some + ## contexts will want to check that the command line was handled properly + ## upstream before believing it for anything, such as executing arbitrary + ## Python code. + return args + ###-------------------------------------------------------------------------- ### CGI dispatch. @@ -95,10 +113,9 @@ CGI.SPECIAL['%user'] = None ## issuing redirects in the early setup phase fails because we don't know ## the script name. So package the setup here. def cgi_setup(ctx = 'cgi-noauth'): - global OPTS if OPTS: return OPTPARSE.context = ctx - OPTS, args = OPTPARSE.parse_args() + args = parse_options() if args: raise U.ExpectedError, (500, 'Unexpected arguments to CGI') CONF.loadconfig(OPTS.config) D.opendb() @@ -200,24 +217,30 @@ def cli_errors(): if __name__ == '__main__': + L.openlog(OS.path.basename(SYS.argv[0]), 0, L.LOG_AUTH) + if 'REQUEST_METHOD' in ENV: ## This looks like a CGI request. The heavy lifting for authentication ## over HTTP is done in `dispatch_cgi'. with OUT.redirect_to(CGI.HTTPOutput()): - with CGI.cgi_errors(cgi_setup): dispatch_cgi() + with U.Escape() as CGI.HEADER_DONE: + with CGI.cgi_errors(cgi_setup): + dispatch_cgi() elif 'USERV_SERVICE' in ENV: ## This is a Userv request. The caller's user name is helpfully in the ## `USERV_USER' environment variable. with cli_errors(): - OPTS, args = OPTPARSE.parse_args() - CONF.loadconfig(OPTS.config) - try: CU.set_user(ENV['USERV_USER']) - except KeyError: raise ExpectedError, (500, 'USERV_USER unset') with OUT.redirect_to(O.FileOutput()): - OPTPARSE.dispatch('userv', [ENV['USERV_SERVICE']] + args) + args = parse_options() + if not args or args[0] != 'userv': + raise U.ExpectedError, (500, 'missing userv token') + CONF.loadconfig(OPTS.config) + try: CU.set_user(ENV['USERV_USER']) + except KeyError: raise ExpectedError, (500, 'USERV_USER unset') + OPTPARSE.dispatch('userv', [ENV['USERV_SERVICE']] + args[1:]) elif 'SSH_ORIGINAL_COMMAND' in ENV: ## This looks like an SSH request; but we present two different @@ -226,8 +249,7 @@ if __name__ == '__main__': def ssh_setup(): """Extract and parse the client's request from where SSH left it.""" - global OPTS - OPTS, args = OPTPARSE.parse_args() + args = parse_options() CONF.loadconfig(OPTS.config) cmd = SL.split(ENV['SSH_ORIGINAL_COMMAND']) if args: raise U.ExpectedError, (500, 'Unexpected arguments via SSH') @@ -238,10 +260,9 @@ if __name__ == '__main__': ## of telling us that this is a user request, so treat it like Userv. with cli_errors(): - cmd = ssh_setup() - CU.set_user(ENV['CHPWD_SSH_USER']) - S.SERVICES['master'].find(CU.USER) with OUT.redirect_to(O.FileOutput()): + cmd = ssh_setup() + CU.set_user(ENV['CHPWD_SSH_USER']) OPTPARSE.dispatch('userv', cmd) elif 'CHPWD_SSH_MASTER' in ENV: @@ -251,8 +272,8 @@ if __name__ == '__main__': ## a user. try: - cmd = ssh_setup() with OUT.redirect_to(O.RemoteOutput()): + cmd = ssh_setup() OPTPARSE.dispatch('remote', map(CGI.urldecode, cmd)) except U.ExpectedError, e: print 'ERR', e.code, e.msg @@ -273,17 +294,20 @@ if __name__ == '__main__': ## as we are. with cli_errors(): - OPTS, args = OPTPARSE.parse_args() - CONF.loadconfig(OPTS.config) - CGI.SSLP = OPTS.sslp - ctx = OPTS.context - if OPTS.user: - CU.set_user(OPTS.user) - if ctx is None: ctx = 'userv' - else: - D.opendb() - if ctx is None: ctx = 'admin' with OUT.redirect_to(O.FileOutput()): + args = parse_options() + CONF.loadconfig(OPTS.config) + CGI.SSLP = OPTS.sslp + ctx = OPTS.context + if OPTS.user: + CU.set_user(OPTS.user) + CGI.STATE.kw['user'] = OPTS.user + if ctx is None: ctx = 'userv' + else: + D.opendb() + if ctx is None: + ctx = 'admin' + OPTPARSE.show_global_opts = True OPTPARSE.dispatch(ctx, args) ###----- That's all, folks --------------------------------------------------