- commit
- 271b447
- parent
- 230aa8b
- author
- Eric Bower
- date
- 2024-04-28 10:55:59 -0400 EDT
guard cmds
1 files changed,
+11,
-1
M
main.go
M
main.go
+11,
-1
1@@ -7,6 +7,7 @@ import (
2 "os"
3 "os/signal"
4 "path/filepath"
5+ "slices"
6 "syscall"
7 "time"
8
9@@ -20,6 +21,11 @@ func authHandler(ctx ssh.Context, key ssh.PublicKey) bool {
10 return true
11 }
12
13+var cmdAllowlist = []string{
14+ "git-receive-pack",
15+ "git-upload-pack",
16+}
17+
18 func GitServerMiddleware(cfg *GitCfg) wish.Middleware {
19 return func(next ssh.Handler) ssh.Handler {
20 return func(sesh ssh.Session) {
21@@ -31,7 +37,11 @@ func GitServerMiddleware(cfg *GitCfg) wish.Middleware {
22
23 args := sesh.Command()
24 cmd := args[0]
25- fmt.Println(args)
26+
27+ if !slices.Contains(cmdAllowlist, cmd) {
28+ wish.Fatalf(sesh, "%s not a valid command", cmd)
29+ return
30+ }
31
32 name := utils.SanitizeRepo(args[1])
33 // git bare repositories should end in ".git"