Public bug reported:

$ aptitude show gitolite
Package: gitolite
State: installed
Automatically installed: no
Version: 2.2-1
Priority: optional
Section: universe/vcs
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
Architecture: all
Uncompressed Size: 541 k
Depends: git (>= 1:1.7.0.4) | git-core (>= 1:1.6.2), perl (>= 5.6.0-16), 
openssh-server, debconf (>= 0.5) | debconf-2.0, adduser
Suggests: git-daemon-run, gitweb
$ aptitude show perl
Package: perl
New: yes
State: installed
Automatically installed: no
Version: 5.14.2-6ubuntu2.1
Priority: optional
Section: perl
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
Architecture: amd64
Uncompressed Size: 17.5 M
Depends: perl-base (= 5.14.2-6ubuntu2.1), perl-modules (>= 5.14.2-6ubuntu2.1), 
libbz2-1.0, libc6 (>= 2.14), libdb5.1, libgdbm3 (>= 1.8.3), zlib1g (>=
         1:1.2.3.3.dfsg)

gl-auth-command
--
my ($verb, $repo) = ($ENV{SSH_ORIGINAL_COMMAND} =~ 
/^\s*(git\s+\S+|\S+)\s+'\/?(.*?)(?:\.git)?'/);
unless ( $verb and ( $verb eq 'git-init' or $verb =~ $R_COMMANDS or $verb =~ 
$W_COMMANDS ) and $repo and $repo =~ $REPONAME_PATT ) {
    special_cmd ($shell_allowed); << Is executed here
    exit 0;
}
--

This regexp unless catches "ssh gitolite@bignysan git-upload-pack 'repo.git' ", 
and terminates with "bad-command".
"git*.git" commands should be interpreted oterwise, and git-upload-pack should 
be allowed I guess.

** Affects: gitolite (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: gitolite gl-auth-command

** Description changed:

- $ aptitude show gitolite 
- Package: gitolite                        
+ $ aptitude show gitolite
+ Package: gitolite
  State: installed
  Automatically installed: no
  Version: 2.2-1
  Priority: optional
  Section: universe/vcs
  Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
  Architecture: all
  Uncompressed Size: 541 k
  Depends: git (>= 1:1.7.0.4) | git-core (>= 1:1.6.2), perl (>= 5.6.0-16), 
openssh-server, debconf (>= 0.5) | debconf-2.0, adduser
  Suggests: git-daemon-run, gitweb
  
  $ aptitude show perl
- Package: perl                            
+ Package: perl
  New: yes
  State: installed
  Automatically installed: no
  Version: 5.14.2-6ubuntu2.1
  Priority: optional
  Section: perl
  Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
  Architecture: amd64
  Uncompressed Size: 17.5 M
  Depends: perl-base (= 5.14.2-6ubuntu2.1), perl-modules (>= 
5.14.2-6ubuntu2.1), libbz2-1.0, libc6 (>= 2.14), libdb5.1, libgdbm3 (>= 1.8.3), 
zlib1g (>=
-          1:1.2.3.3.dfsg)
- 
+          1:1.2.3.3.dfsg)
  
  gl-auth-command
  --
  my ($verb, $repo) = ($ENV{SSH_ORIGINAL_COMMAND} =~ 
/^\s*(git\s+\S+|\S+)\s+'\/?(.*?)(?:\.git)?'/);
  unless ( $verb and ( $verb eq 'git-init' or $verb =~ $R_COMMANDS or $verb =~ 
$W_COMMANDS ) and $repo and $repo =~ $REPONAME_PATT ) {
-     special_cmd ($shell_allowed); << Is executed here
-     exit 0;
+     special_cmd ($shell_allowed); << Is executed here
+     exit 0;
  }
  --
  
- This regexp unless catches "ssh gitolite@bignysan git-upload-pack 
'enea-base.git' ", and terminates with "bad-command".
+ This regexp unless catches "ssh gitolite@bignysan git-upload-pack 'repo.git' 
", and terminates with "bad-command".
  "git*.git" commands should be interpreted oterwise, and git-upload-pack 
should be allowed I guess.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1042677

Title:
  git-upload-pack regexp malconfigured in gl-auth-command

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gitolite/+bug/1042677/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to