Check-in [1af745f0f9]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Setting/unsetting environment variables in the constructor causes issues when objects are created and destroyed, leaving environment variables unset -- instead paramaterize the call to Fossil, this is better anyway
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:1af745f0f99fb19bae7ff2087825b4c8b60e3f04
User & Date: rkeene 2016-10-03 16:51:52
Context
2016-10-03
16:56
Ensure username is properly sanitized check-in: ec1cc1e2e0 user: rkeene tags: trunk
16:51
Setting/unsetting environment variables in the constructor causes issues when objects are created and destroyed, leaving environment variables unset -- instead paramaterize the call to Fossil, this is better anyway check-in: 1af745f0f9 user: rkeene tags: trunk
2016-09-13
19:05
Made nano Fossil more unified in setting HOME and USER to something random check-in: 38be9473fe user: rkeene tags: trunk
Changes

Changes to nano/fossil.php.

9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25


















26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
...
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
...
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
...
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
...
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
...
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
    public function __construct($user)
    {
        $this->path = $_SERVER['DOCUMENT_ROOT'] . '/../repos/' . $user['username'] . '/';
        $this->user = $user;
        $this->workdir = "/tmp/workdir-flint-" . bin2hex(openssl_random_pseudo_bytes(20));

        mkdir($this->workdir);
        putenv("HOME={$this->workdir}");
        putenv("USER={$this->user['username']}");
        putenv("GATEWAY_INTERFACE");
    }

    public function __destruct() {
        putenv("HOME");
        putenv("USER");
        system("rm -rf '{$this->workdir}'");
    }



















    public function newRepo($repo, $password = null, $private = 0, $projectCode = null)
    {
        if (!file_exists($this->path)) {
            mkdir($this->path);

            $content = "#!/usr/local/bin/fossil\ndirectory: ./\nnotfound: http://{$_SERVER['SERVER_NAME']}/notfound";
            file_put_contents("{$this->path}repository", $content);
            chmod("{$this->path}repository", 0555);
        }

        if (!file_exists("{$this->path}{$repo}.fossil")) {
            exec("/usr/local/bin/fossil new -A " . escapeshellarg($this->user['username']) . " " . escapeshellarg("{$this->path}{$repo}.fossil"), $output, $return);

            if ($return !== 0) {
                if (file_exists("{$this->path}{$repo}.fossil")) {
                    unlink("{$this->path}{$repo}.fossil");
                }

                return false;
            }

            /* Install default configuration */
            exec("/usr/local/bin/fossil configuration import -R " . escapeshellarg("{$this->path}{$repo}.fossil") . " " . escapeshellarg($_SERVER['DOCUMENT_ROOT'] . "/../config/fossil-default.cnf"), $output, $return);

            $sql = "INSERT INTO repositories
                           (user_id, name, private, cloned, auto_update)
                    VALUES (:id, :name, :private, 0, 0)";

            $bind = array('id' => $this->user['id'], 'name' => $repo, 'private' => $private);

................................................................................

            $content = "#!/usr/local/bin/fossil\ndirectory: ./\nnotfound: http://{$_SERVER['SERVER_NAME']}/notfound";
            file_put_contents("{$this->path}repository", $content);
            chmod("{$this->path}repository", 0555);
        }

        if (!file_exists("{$this->path}{$repo}.fossil")) {
            exec("timeout 3600 /usr/local/bin/fossil clone -A " . escapeshellarg($this->user['username']) . " " . escapeshellarg($url) . " " . escapeshellarg("{$this->path}{$repo}.fossil"), $output,
                 $return);

            if ($return !== 0) {
                if (file_exists("{$this->path}{$repo}.fossil")) {
                    unlink("{$this->path}{$repo}.fossil");
                }

................................................................................
        }

        if (!file_exists("{$this->path}{$repo}.fossil")) {
            if (!@move_uploaded_file($file['tmp_name'], "{$this->path}{$repo}.fossil")) {
                return false;
            }

            exec("/usr/local/bin/fossil config -R " . escapeshellarg("{$this->path}{$repo}.fossil") . " export project /tmp/config",
                 $output, $return);

            if (file_exists('/tmp/config')) {
                unlink('/tmp/config');
            }

            if ($return !== 0) {
................................................................................
                if (file_exists("{$this->path}{$repo}.fossil")) {
                    unlink("{$this->path}{$repo}.fossil");
                }

                return false;
            }

            exec("/usr/local/bin/fossil user new " . escapeshellarg($this->user['username']) . " 'Flint User' {$password} -R " . escapeshellarg("{$this->path}{$repo}.fossil"),
                $output, $return);

            if ($return == 0) {
                exec("/usr/local/bin/fossil user capabilities " . escapeshellarg($this->user['username']) . " s -R " . escapeshellarg("{$this->path}{$repo}.fossil"),
                    $output, $return);

                if ($return !== 0) {
                    unlink("{$this->path}{$repo}.fossil");
                    return false;
                }
            }
................................................................................
                $outputstr = "Invalid URL";
                return false;
            }
        }

        if (file_exists("{$this->path}{$repo}.fossil")) {
            if ($url == '') {
                exec("timeout 3600 /usr/local/bin/fossil pull -R " . escapeshellarg("{$this->path}{$repo}.fossil") . " 2>&1",
                  $output, $return);
            } else {
                exec("timeout 3600 /usr/local/bin/fossil pull " . escapeshellarg($url) . " -R " . escapeshellarg("{$this->path}{$repo}.fossil") . " 2>&1",
                  $output, $return);
            }

            $outputstr = join("\n", $output);

            if ($return !== 0) {
                return false;
................................................................................

        $sql  = "SELECT value FROM config WHERE name = 'last-sync-pw'";

        if ($result = Nano_Db::query($sql)) {
            $password           = array_pop($result);
            $return['clone-pw'] = $password['value'];

            exec("/usr/local/bin/fossil test-obscure " . escapeshellarg($return['clone-pw']), $output, $returnCode);

            if ($returnCode === 0) {
                if (preg_match('/^UNOBSCURE: (.*) -> (.*)$/', $output[1], $matches)) {
                    $return['clone-pw'] = $matches[2];
                }
            }
        }







<
<
<



<
<


>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>












|










|







 







|







 







|







 







|



|







 







|


|







 







|







9
10
11
12
13
14
15



16
17
18


19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
...
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
...
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
...
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
...
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
...
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
    public function __construct($user)
    {
        $this->path = $_SERVER['DOCUMENT_ROOT'] . '/../repos/' . $user['username'] . '/';
        $this->user = $user;
        $this->workdir = "/tmp/workdir-flint-" . bin2hex(openssl_random_pseudo_bytes(20));

        mkdir($this->workdir);



    }

    public function __destruct() {


        system("rm -rf '{$this->workdir}'");
    }

    private function getFossilCommand($timeout = 0, $cgi = false) {
        $fossil = "/usr/local/bin/fossil";

        if ($timeout) {
            $fossil = "timeout {$timeout} {$fossil}";
        }

        $cmd = "HOME={$this->workdir} USER={$this->user['username']} {$fossil}";

        if ($cgi) {
            $cmd = "GATEWAY_INTERFACE=1 {$cmd}";
        } else {
            $cmd = "unset GATEWAY_INTERFACE; {$cmd}";
        }

        return $cmd;
    }

    public function newRepo($repo, $password = null, $private = 0, $projectCode = null)
    {
        if (!file_exists($this->path)) {
            mkdir($this->path);

            $content = "#!/usr/local/bin/fossil\ndirectory: ./\nnotfound: http://{$_SERVER['SERVER_NAME']}/notfound";
            file_put_contents("{$this->path}repository", $content);
            chmod("{$this->path}repository", 0555);
        }

        if (!file_exists("{$this->path}{$repo}.fossil")) {
            exec($this->getFossilCommand() . " new -A " . escapeshellarg($this->user['username']) . " " . escapeshellarg("{$this->path}{$repo}.fossil"), $output, $return);

            if ($return !== 0) {
                if (file_exists("{$this->path}{$repo}.fossil")) {
                    unlink("{$this->path}{$repo}.fossil");
                }

                return false;
            }

            /* Install default configuration */
            exec($this->getFossilCommand() . " configuration import -R " . escapeshellarg("{$this->path}{$repo}.fossil") . " " . escapeshellarg($_SERVER['DOCUMENT_ROOT'] . "/../config/fossil-default.cnf"), $output, $return);

            $sql = "INSERT INTO repositories
                           (user_id, name, private, cloned, auto_update)
                    VALUES (:id, :name, :private, 0, 0)";

            $bind = array('id' => $this->user['id'], 'name' => $repo, 'private' => $private);

................................................................................

            $content = "#!/usr/local/bin/fossil\ndirectory: ./\nnotfound: http://{$_SERVER['SERVER_NAME']}/notfound";
            file_put_contents("{$this->path}repository", $content);
            chmod("{$this->path}repository", 0555);
        }

        if (!file_exists("{$this->path}{$repo}.fossil")) {
            exec($this->getFossilCommand(3600) . " clone -A " . escapeshellarg($this->user['username']) . " " . escapeshellarg($url) . " " . escapeshellarg("{$this->path}{$repo}.fossil"), $output,
                 $return);

            if ($return !== 0) {
                if (file_exists("{$this->path}{$repo}.fossil")) {
                    unlink("{$this->path}{$repo}.fossil");
                }

................................................................................
        }

        if (!file_exists("{$this->path}{$repo}.fossil")) {
            if (!@move_uploaded_file($file['tmp_name'], "{$this->path}{$repo}.fossil")) {
                return false;
            }

            exec($this->getFossilCommand() . " config -R " . escapeshellarg("{$this->path}{$repo}.fossil") . " export project /tmp/config",
                 $output, $return);

            if (file_exists('/tmp/config')) {
                unlink('/tmp/config');
            }

            if ($return !== 0) {
................................................................................
                if (file_exists("{$this->path}{$repo}.fossil")) {
                    unlink("{$this->path}{$repo}.fossil");
                }

                return false;
            }

            exec($this->getFossilCommand() . " user new " . escapeshellarg($this->user['username']) . " 'Flint User' {$password} -R " . escapeshellarg("{$this->path}{$repo}.fossil"),
                $output, $return);

            if ($return == 0) {
                exec($this->getFossilCommand() . " user capabilities " . escapeshellarg($this->user['username']) . " s -R " . escapeshellarg("{$this->path}{$repo}.fossil"),
                    $output, $return);

                if ($return !== 0) {
                    unlink("{$this->path}{$repo}.fossil");
                    return false;
                }
            }
................................................................................
                $outputstr = "Invalid URL";
                return false;
            }
        }

        if (file_exists("{$this->path}{$repo}.fossil")) {
            if ($url == '') {
                exec($this->getFossilCommand(3600) . " pull -R " . escapeshellarg("{$this->path}{$repo}.fossil") . " 2>&1",
                  $output, $return);
            } else {
                exec($this->getFossilCommand(3600) . " pull " . escapeshellarg($url) . " -R " . escapeshellarg("{$this->path}{$repo}.fossil") . " 2>&1",
                  $output, $return);
            }

            $outputstr = join("\n", $output);

            if ($return !== 0) {
                return false;
................................................................................

        $sql  = "SELECT value FROM config WHERE name = 'last-sync-pw'";

        if ($result = Nano_Db::query($sql)) {
            $password           = array_pop($result);
            $return['clone-pw'] = $password['value'];

            exec($this->getFossilCommand() . " test-obscure " . escapeshellarg($return['clone-pw']), $output, $returnCode);

            if ($returnCode === 0) {
                if (preg_match('/^UNOBSCURE: (.*) -> (.*)$/', $output[1], $matches)) {
                    $return['clone-pw'] = $matches[2];
                }
            }
        }