コード例 #1
0
#!/usr/bin/env python
# We'll need the schema module to play with the database.
from schema import db
import schema
users = schema.get_table('users')
repo_acls = schema.get_table('repository_acls')

# We'll also need some SQLAlchemy functionality to write queries.
from sqlalchemy.sql import select

# We need hashlib to play with password hashes.
import hashlib

# random and string for salt generation
import string, random


def generate_salt(size=16, chars=string.ascii_letters + string.digits):
    """
    Generates a salt according to `this StackOverflow answer
    <http://stackoverflow.com/a/2257449>`_.
    """
    return ''.join(random.choice(chars) for x in range(size))


def hash_password(password, salt):
    """
    Salts and hashes the password, returning hex-encoded string of the
    SHA256 hash.
    """
    return hashlib.sha256(salt + password).hexdigest()
コード例 #2
0
ファイル: repos.py プロジェクト: jgilik/gitzebo
#!/usr/bin/env python
"""
Module to manipulate git repositories and their hooks.
"""

# We'll need the schema module to play with the database.
from schema import db
import schema
repos = schema.get_table('repositories')
repo_acls = schema.get_table('repository_acls')
users = schema.get_table('users')  # repository ACLs refer to users

repo_root = "/opt/git"
base_hook_dir = 'default_hooks'  # name of directory from which we grab hook code

# We'll also need some SQLAlchemy functionality to write queries.
from sqlalchemy.sql import select
from sqlalchemy.sql.expression import and_, or_, join, outerjoin, subquery

# We do a lot of path manipulation...
import os


def format_name(name):
    # append .git extension if missing; it seems to be a convention
    if len(name) < 4 or name[-4:] != ".git":
        name += ".git"

    # make sure the path derives from the root
    # TODO: we need canonicalization here to prevent traversal attacks
    path = os.path.join(repo_root, name)
コード例 #3
0
ファイル: keys.py プロジェクト: jgilik/gitzebo
#!/usr/bin/env python
# We'll need the schema module to play with the database.
from schema import db
import schema
keys = schema.get_table('keys')
users = schema.get_table('users') # used when generating authorized_keys

# We'll also need some SQLAlchemy functionality to write queries.
from sqlalchemy.sql import select

# os.path and errno are used in rewriting the authorized_keys file
import os, errno

# TODO: We assume RSA keys at the moment.

def validate_key(key):
    """
    Validate that a given string looks like a proper public key.
    """
    # Validate that the string parses
    import base64, binascii
    try:
        base64.decodestring(key)
    except binascii.Error:
        return False

    # Validate the Base64 alphabet described in RFC 3548
    valid_chars = [chr(ord('A') + i) for i in range(26)]
    valid_chars += [chr(ord('a') + i) for i in range(26)]
    valid_chars += [chr(ord('0') + i) for i in range(10)]
    valid_chars += ['+', '/', '=']
コード例 #4
0
ファイル: repos.py プロジェクト: jgilik/gitzebo
#!/usr/bin/env python
"""
Module to manipulate git repositories and their hooks.
"""

# We'll need the schema module to play with the database.
from schema import db
import schema

repos = schema.get_table("repositories")
repo_acls = schema.get_table("repository_acls")
users = schema.get_table("users")  # repository ACLs refer to users

repo_root = "/opt/git"
base_hook_dir = "default_hooks"  # name of directory from which we grab hook code

# We'll also need some SQLAlchemy functionality to write queries.
from sqlalchemy.sql import select
from sqlalchemy.sql.expression import and_, or_, join, outerjoin, subquery

# We do a lot of path manipulation...
import os


def format_name(name):
    # append .git extension if missing; it seems to be a convention
    if len(name) < 4 or name[-4:] != ".git":
        name += ".git"

    # make sure the path derives from the root
    # TODO: we need canonicalization here to prevent traversal attacks
コード例 #5
0
ファイル: users.py プロジェクト: jgilik/gitzebo
#!/usr/bin/env python
# We'll need the schema module to play with the database.
from schema import db
import schema
users = schema.get_table('users')
repo_acls = schema.get_table('repository_acls')

# We'll also need some SQLAlchemy functionality to write queries.
from sqlalchemy.sql import select

# We need hashlib to play with password hashes.
import hashlib

# random and string for salt generation
import string, random

def generate_salt(size=16, chars=string.ascii_letters + string.digits):
    """
    Generates a salt according to `this StackOverflow answer
    <http://stackoverflow.com/a/2257449>`_.
    """
    return ''.join(random.choice(chars) for x in range(size))

def hash_password(password, salt):
    """
    Salts and hashes the password, returning hex-encoded string of the
    SHA256 hash.
    """
    return hashlib.sha256(salt + password).hexdigest()

def create_user(name, password, commit_name=None, commit_email=None, can_create_users=False, can_create_repositories=False):
コード例 #6
0
#!/usr/bin/env python
# We'll need the schema module to play with the database.
from schema import db
import schema
keys = schema.get_table('keys')
users = schema.get_table('users')  # used when generating authorized_keys

# We'll also need some SQLAlchemy functionality to write queries.
from sqlalchemy.sql import select

# os.path and errno are used in rewriting the authorized_keys file
import os, errno

# TODO: We assume RSA keys at the moment.


def validate_key(key):
    """
    Validate that a given string looks like a proper public key.
    """
    # Validate that the string parses
    import base64, binascii
    try:
        base64.decodestring(key)
    except binascii.Error:
        return False

    # Validate the Base64 alphabet described in RFC 3548
    valid_chars = [chr(ord('A') + i) for i in range(26)]
    valid_chars += [chr(ord('a') + i) for i in range(26)]
    valid_chars += [chr(ord('0') + i) for i in range(10)]