From bc01b1a1f5f6f5f63ae8950935d47c1d8d3a6663 Mon Sep 17 00:00:00 2001 From: Zherphy <1123678689@qq.com> Date: Fri, 27 Dec 2024 14:05:09 +0800 Subject: [PATCH 1/4] edit: edit DockerFileSSH (#53) (#54) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 修改1024一下的特权端口 --- DockerFileSSH | 3 +++ auth/gitee.go | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/DockerFileSSH b/DockerFileSSH index b1e771e..12de78c 100644 --- a/DockerFileSSH +++ b/DockerFileSSH @@ -13,6 +13,9 @@ RUN mkdir -p /var/cache/nginx && chown -R nginx:nginx /var/cache/nginx && \ chown -R nginx:nginx /etc/nginx && \ chmod -R 777 /etc/nginx/conf.d && \ sed -i 's/user nginx;/#user nginx;/g' /etc/nginx/nginx.conf +RUN sed -i 's/listen 80;/listen 8080;/g' /etc/nginx/conf.d/default.conf +RUN sed -i 's/listen [::]:80;/listen [::]:8080;/g' /etc/nginx/conf.d/default.conf + USER nginx diff --git a/auth/gitee.go b/auth/gitee.go index fe9943f..ab6fea1 100644 --- a/auth/gitee.go +++ b/auth/gitee.go @@ -231,7 +231,7 @@ func verifyUserDownload(giteeUser *giteeUser, userInRepo UserInRepo) error { func VerifySSHAuthToken(auth string, userInRepo UserInRepo) error { batchCheckRequest := batch.Request{ - Operation: "upload", + Operation: userInRepo.Operation, Transfers: []string{ "lfs-standalone-file", "basic", From 95cae80c6c6a1d44e55562084419fd60150e3a5d Mon Sep 17 00:00:00 2001 From: Zherphy <1123678689@qq.com> Date: Sat, 28 Dec 2024 10:14:49 +0800 Subject: [PATCH 2/4] edit: edit verifySSHAuthToken MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ssh token校验时兼容以.git结尾的url入参 --- auth/gitee.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/auth/gitee.go b/auth/gitee.go index ab6fea1..31767df 100644 --- a/auth/gitee.go +++ b/auth/gitee.go @@ -255,7 +255,7 @@ func VerifySSHAuthToken(auth string, userInRepo UserInRepo) error { return generateError(err, msg) } bodyReader := bytes.NewReader(jsonData) - path := fmt.Sprintf("https://gitee.com/%s/%s.git/info/lfs/objects/batch", userInRepo.Owner, userInRepo.Repo) + path := fmt.Sprintf("https://gitee.com/%s/%s/info/lfs/objects/batch", userInRepo.Owner, userInRepo.Repo) headers := http.Header{ accept: []string{"application/vnd.git-lfs+json"}, userAgent: []string{"git-lfs/3.5.1 (GitHub; linux amd64; go 1.21.8)"}, From 81c13f64462f165bff913f33cc616d6a39ff0381 Mon Sep 17 00:00:00 2001 From: Zherphy <1123678689@qq.com> Date: Sat, 28 Dec 2024 16:25:40 +0800 Subject: [PATCH 3/4] edit: edit handleBatch MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ssh token校验时需要前置校验仓库组织 --- server/server.go | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/server/server.go b/server/server.go index 71bf78f..dacaff5 100644 --- a/server/server.go +++ b/server/server.go @@ -142,15 +142,18 @@ func (s *server) handleBatch(w http.ResponseWriter, r *http.Request) { return } - if err = auth.CheckRepoOwner(userInRepo); req.Operation == "upload" || err != nil { + if err = auth.CheckRepoOwner(userInRepo); req.Operation == "upload" || + (err != nil && strings.HasPrefix(err.Error(), "not_found")) { err := s.dealWithAuthError(userInRepo, w, r) if err != nil { return } + } else if err != nil { + return + } else { + resp := s.handleRequestObject(req) + must(json.NewEncoder(w).Encode(resp)) } - - resp := s.handleRequestObject(req) - must(json.NewEncoder(w).Encode(resp)) } func (s *server) handleRequestObject(req batch.Request) batch.Response { From b4c7c331e54b4cb0a7332dd984570df7b22c0bb4 Mon Sep 17 00:00:00 2001 From: Zherphy <1123678689@qq.com> Date: Sat, 28 Dec 2024 16:49:06 +0800 Subject: [PATCH 4/4] edit: edit handleBatch MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit userRepo删除.git后缀 --- server/server.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/server.go b/server/server.go index dacaff5..4d3b233 100644 --- a/server/server.go +++ b/server/server.go @@ -133,7 +133,7 @@ func (s *server) handleBatch(w http.ResponseWriter, r *http.Request) { userInRepo.Operation = req.Operation userInRepo.Owner = chi.URLParam(r, "owner") userInRepo.Repo = chi.URLParam(r, "repo") - + userInRepo.Repo = strings.TrimSuffix(userInRepo.Repo, ".git") if !validatecfg.ownerRegexp.MatchString(userInRepo.Owner) || !validatecfg.reponameRegexp.MatchString(userInRepo.Repo) { w.WriteHeader(http.StatusBadRequest) must(json.NewEncoder(w).Encode(batch.ErrorResponse{