[Calypso] patches: git execution, user name in git commit, htpassword parsing

chrysn chrysn at fsfe.org
Tue Jan 17 07:26:23 PST 2012

hi calypso developers,

i've got some patches i'd like to suggest for inclusion in calypso,
mainly concerning git handling:

* 0001: git used to be called using os.system, which invokes a subshell.
  given file names occur in here and they can potentially be manipulated
  by the user, this could effectively give any user shell access.

  the patch re-writes the git calls to subprocess.check_call, which
  works like fork/execv, passing argv as an array to the subprocess.
  additionally, errors in git execution now throw an exception. (which
  is a good thing imo.)

* 0002: reflect logged in user in git commit author

  this is a slightly bigger change, as i have to pass the information
  from the http request handling all the way down to the git calls.

  in order to stay extensible, i've put the relevant information into a
  "context" dictionary, all of whose entries are optional. thus,
  additional information (like a real user name provided by the
  authentication backend, or the user's ip address) can be added to it
  later without having to add another argument to pass around.

  currently, the user id is set as the git author name ("my_user
  <my_user at webdav>"), and the user agent is appended in an additional
  line to the commit message. (i want to store that information in case
  a client goes crazy and destroys data.)

* 0003: htpasswd parsing

  just a minor bugfix against problems with ':' in unencrypted passwords

* a suggestion without patch:

  currently, config paths are hardcoded to ~/.config/calypso/config, and
  the storage defaults to ~/.config/calypso/calendars. there is a
  specification that guides where files should go in the home directory
  and how to find them [1], and there's even a python module
  xdg.BaseDirectory that implements it. this allows for configurable
  places to store configs (instead of ~/.config), and (more importantly)
  distinguishes between configuration (which typically resides in
  ~/.config) and data (in ~/.local/share) directories. this distinction
  is especially important for users who keep there configuration version
  controlled, and don't want anything but config there.

  not writing a patch yet because i'm not sure how to make the
  transition. given the user base is probably quite small and well
  informed at the moment, it might be an option to just change the
  default value for the calendar storage location.

  as far as making the default config file location xdg compliant is
  concerned, i don't expect compatibility problems because hardly anyone
  changes these default values.


[1] http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html

To use raw power is to make yourself infinitely vulnerable to greater powers.
  -- Bene Gesserit axiom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-execute-external-git-calls-using-subprocess.patch
Type: text/x-diff
Size: 2254 bytes
Desc: not available
URL: </pipermail/calypso/attachments/20120117/71f96ce9/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-reflect-http-authentication-in-git-commit.patch
Type: text/x-diff
Size: 13053 bytes
Desc: not available
URL: </pipermail/calypso/attachments/20120117/71f96ce9/attachment-0001.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0003-split-htpasswd-entries-to-no-more-than-two-parts.patch
Type: text/x-diff
Size: 995 bytes
Desc: not available
URL: </pipermail/calypso/attachments/20120117/71f96ce9/attachment-0002.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: </pipermail/calypso/attachments/20120117/71f96ce9/attachment.pgp>

More information about the Calypso mailing list