[Summary view] [Print] [Text view]

   1  #!/usr/bin/env php
   2  <?php
   3  
   4  $root = dirname(dirname(dirname(__FILE__)));
   5  require_once $root.'/scripts/__init_script__.php';
   6  
   7  $keys = id(new PhabricatorAuthSSHKeyQuery())
   8    ->setViewer(PhabricatorUser::getOmnipotentUser())
   9    ->execute();
  10  
  11  foreach ($keys as $key => $ssh_key) {
  12    // For now, filter out any keys which don't belong to users. Eventually we
  13    // may allow devices to use this channel.
  14    if (!($ssh_key->getObject() instanceof PhabricatorUser)) {
  15      unset($keys[$key]);
  16      continue;
  17    }
  18  }
  19  
  20  if (!$keys) {
  21    echo pht('No keys found.')."\n";
  22    exit(1);
  23  }
  24  
  25  $bin = $root.'/bin/ssh-exec';
  26  foreach ($keys as $ssh_key) {
  27    $user = $ssh_key->getObject()->getUsername();
  28  
  29    $cmd = csprintf('%s --phabricator-ssh-user %s', $bin, $user);
  30    // This is additional escaping for the SSH 'command="..."' string.
  31    $cmd = addcslashes($cmd, '"\\');
  32  
  33    // Strip out newlines and other nonsense from the key type and key body.
  34  
  35    $type = $ssh_key->getKeyType();
  36    $type = preg_replace('@[\x00-\x20]+@', '', $type);
  37    if (!strlen($type)) {
  38      continue;
  39    }
  40  
  41    $key = $ssh_key->getKeyBody();
  42    $key = preg_replace('@[\x00-\x20]+@', '', $key);
  43    if (!strlen($key)) {
  44      continue;
  45    }
  46  
  47    $options = array(
  48      'command="'.$cmd.'"',
  49      'no-port-forwarding',
  50      'no-X11-forwarding',
  51      'no-agent-forwarding',
  52      'no-pty',
  53    );
  54    $options = implode(',', $options);
  55  
  56    $lines[] = $options.' '.$type.' '.$key."\n";
  57  }
  58  
  59  echo implode('', $lines);
  60  exit(0);