@@ -41,42 +41,50 @@ func Middleware(repoDir, authorizedKeys, authorizedKeysFile string) wish.Middlew
4141 if len (cmd ) == 2 {
4242 switch cmd [0 ] {
4343 case "git-upload-pack" , "git-upload-archive" , "git-receive-pack" :
44- if len (authedKeys ) > 0 && cmd [0 ] == "git-receive-pack" {
45- authed := false
44+ authed := len (authedKeys ) == 0
45+ r := cmd [1 ]
46+ rp := fmt .Sprintf ("%s%s" , repoDir , r )
47+ ctx := s .Context ()
48+ if len (authedKeys ) > 0 {
4649 for _ , pk := range authedKeys {
4750 if ssh .KeysEqual (pk , s .PublicKey ()) {
4851 authed = true
4952 }
5053 }
54+ }
55+ if cmd [0 ] == "git-receive-pack" {
5156 if ! authed {
5257 fatalGit (s , fmt .Errorf ("you are not authorized to do this" ))
5358 break
5459 }
55- }
56- r := cmd [1 ]
57- rp := fmt .Sprintf ("%s%s" , repoDir , r )
58- ctx := s .Context ()
59- err := ensureRepo (ctx , repoDir , r )
60- if err != nil {
61- fatalGit (s , err )
62- break
63- }
64- err = runCmd (s , "./" , cmd [0 ], rp )
65- if err != nil {
66- fatalGit (s , err )
67- break
68- }
69- err = runCmd (s , rp , "git" , "update-server-info" )
70- if err != nil {
71- fatalGit (s , err )
72- break
73- }
74- if cmd [0 ] == "git-receive-pack" {
60+ err := ensureRepo (ctx , repoDir , r )
61+ if err != nil {
62+ fatalGit (s , err )
63+ break
64+ }
65+ err = runCmd (s , "./" , cmd [0 ], rp )
66+ if err != nil {
67+ fatalGit (s , err )
68+ break
69+ }
70+ err = runCmd (s , rp , "git" , "update-server-info" )
71+ if err != nil {
72+ fatalGit (s , err )
73+ break
74+ }
7575 err = ensureDefaultBranch (s , rp )
7676 if err != nil {
7777 fatalGit (s , err )
7878 break
7979 }
80+ } else if cmd [0 ] == "git-upload-archive" || cmd [0 ] == "git-upload-pack" {
81+ if exists , err := fileExists (rp ); exists && err == nil {
82+ err = runCmd (s , "./" , cmd [0 ], rp )
83+ if err != nil {
84+ fatalGit (s , err )
85+ break
86+ }
87+ }
8088 }
8189 }
8290 }
0 commit comments