This adds two scripts to be used together with Git over SSH:
* git-auth.py is supposed to be used as AuthorizedKeysCommand. It checks
whether the public key belongs to any AUR user and invokes
git-serve.py, passing the name of the corresponding user as a command
line argument, if any.
* git-serve.py is a wrapper around git-shell(1) that checks whether the
user passed as command line argument has access to the Git repository
that a push operation writes to.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Users can now add an SSH public key on the account edit page. This will
later be used to authenticate users via SSH.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
We do not want PHP to parse the values for us. Use raw scanner mode to
avoid issues with certain values, such as regular expressions.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
The number of columns in the SQLs doesn't match the number of rows,
so an error like below occurs:
ERROR 1136 (21S01) at line 50929: Column count doesn't match value count
at row 1
Signed-off-by: Shinya Yamaoka <contact@mail.libmacro.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
We already check for a minimum password length on the account edit page.
Add the same check to the password reset form (which is also used to set
an initial password).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Support for non-virtual URLs has been broken for a long time and is no
longer used on the official AUR setup.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Replace web/lib/config.inc.php with an INI-style configuration file.
This allows us to get rid of several globals and makes it easier to use
the same configuration file in external scripts.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
As a follow-up to 4d7da95 (Add support for architecture-specific fields,
2014-08-10), handle architecture-specific source fields as well.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This can be used to regularly generate lists of packages and package
bases that are made available under /packages.gz and /pkgbase.gz,
respectively.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This adds support for architecture-specific dependencies and relations.
Support for this has recently been added to makepkg, see commit 2b556d8
(PKGBUILD: handle arch specific attributes, 2014-07-25) in the pacman
repository for details.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Only show the request form to users that are logged in.
* Only show the close request form to Trusted Users and developers.
* Check for a valid login in pkgreq_file().
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Return true if and only if the SQL query was executed successfully.
Logins with an unsalted password no longer fail now.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Automatically add users to the notification list when adopting a
package. This used to work bug was broken by 03c6304 (Rework permission
handling, 2014-07-15). Fixes FS#41426.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
When using preg_match() to check for a match that starts at the
beginning of the string and ends at the last character of the string, we
do not want to allow an additional newline character to sneak in.
Amongst other potential loopholes, adding the PCRE_DOLLAR_ENDONLY
modifier prevents users from registering with user names that end with a
newline character.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Trusted Users should almost always wait for two weeks before accepting
an orphan request. Lock orphan requests during the first two weeks.
Package bases can still be orphaned and package requests can still be
closed manually during that period of time.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
When auto-accepting a request, we need to close the package request
before performing the actual action (disown/deletion/merge). Otherwise,
the former maintainer is not included in the Cc list of the
acceptance/rejection notification email.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
