From 59387befbb3ed05488fb96994c45f03dfa2d5683 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <patrick@puiterwijk.org>
Date: Sep 26 2018 09:52:59 +0000
Subject: Allow configuring command for aclchecker to run


Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>

---

diff --git a/doc/configuration.rst b/doc/configuration.rst
index b274f1e..51c1b78 100644
--- a/doc/configuration.rst
+++ b/doc/configuration.rst
@@ -1560,6 +1560,18 @@ to sshd, in the same format as AuthorizedKeysFile
 (see "AUTHORIZED_KEYS FILE FORMAT" in sshd(8)).
 
 
+SSH_COMMAND_REPOSPANNER
+~~~~~~~~~~~~~~~~~~~~~~~
+
+The command to run if a repository is on repospanner when aclchecker is in use.
+
+
+SSH_COMMAND_NON_REPOSPANNER
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The command to run if a repository is not on repospanner when aclchecker is in use.
+
+
 Deprecated configuration keys
 -----------------------------
 
diff --git a/files/aclchecker.py b/files/aclchecker.py
index db3b0b0..3514d05 100644
--- a/files/aclchecker.py
+++ b/files/aclchecker.py
@@ -15,6 +15,10 @@ import subprocess
 import sys
 import os
 
+if "SSH_ORIGINAL_COMMAND" not in os.environ:
+    print("Welcome %s. This server does not offer ssh access." % sys.argv[1])
+    sys.exit(0)
+
 # Since this is run by sshd, we don't have a way to set environment
 # variables ahead of time
 if "PAGURE_CONFIG" not in os.environ and os.path.exists(
@@ -86,8 +90,23 @@ if repotype != "main" and not is_repo_user(project, remoteuser):
     print("Repo not found", file=sys.stderr)
     sys.exit(1)
 
-# Now go run git
+# Now go run the configured command
 # We verified that cmd is either "git-receive-pack" or "git-send-pack"
-# and "gitdir" is a full, absolute, path within GIT_FOLDER that points to
-# the canonical location for this git repo.
-os.execvp(cmd, [cmd, gitdir])
+# and "path" is a path that points to a valid Pagure repository.
+if project.is_on_repospanner:
+    runner, env = pagure_config["SSH_COMMAND_REPOSPANNER"]
+else:
+    runner, env = pagure_config["SSH_COMMAND_NON_REPOSPANNER"]
+
+runenv = {
+    "username": remoteuser,
+    "cmd": cmd,
+    "reponame": path,
+    "repopath": gitdir,
+    "region": project.repospanner_region,
+}
+runargs = [arg % runenv for arg in runner]
+if env:
+    for key in env:
+        os.environ[key] = env[key] % runenv
+os.execvp(runargs[0], runargs)
diff --git a/pagure/default_config.py b/pagure/default_config.py
index 90595cc..287bd62 100644
--- a/pagure/default_config.py
+++ b/pagure/default_config.py
@@ -511,5 +511,27 @@ SSH_KEYS_USERNAME_EXPECT = None
 # Arguments to add to the SSH keys, possible replacements:
 # %(username)s: username owning this key
 SSH_KEYS_OPTIONS = (
-    "restrict,command=/usr/bin/pagure-aclchecker.py %(username)s"
+    "restrict,command=/usr/libexec/pagure-aclchecker.py %(username)s"
+)
+
+# ACL Checker options
+SSH_COMMAND_REPOSPANNER = (
+    [
+        "/usr/libexec/repobridge",
+        "--extra",
+        "username",
+        "%(username)s",
+        "%(cmd)s",
+        "'%(reponame)s'",
+    ],
+    {"REPOBRIDGE_CONFIG": "/etc/repospanner/bridge_%(region)s.json"},
+)
+SSH_COMMAND_NON_REPOSPANNER = (
+    [
+        "/usr/share/gitolite3/gitolite-shell",
+        "%(username)s",
+        "%(cmd)s",
+        "%(reponame)s",
+    ],
+    {},
 )