Files @ 75b0d3fd6303
Branch filter:

Location: kallithea/scripts/dbmigrate-test

75b0d3fd6303 3.5 KiB text/plain Show Annotation Show as Raw Download as Raw
Mads Kiilerich
ssh: handle IPv6 ssh connections

Performing ssh actions towards Kallithea via an IPv6 connection gave the
following error:

$ hg incoming ssh://kallithea@example.com/repo
remote: Traceback (most recent call last):
remote: File ".../bin/kallithea-cli", line 11, in <module>
remote: load_entry_point('Kallithea', 'console_scripts', 'kallithea-cli')()
remote: File ".../python2.7/site-packages/click/core.py", line 764, in __call__
remote: return self.main(*args, **kwargs)
remote: File ".../python2.7/site-packages/click/core.py", line 717, in main
remote: rv = self.invoke(ctx)
remote: File ".../python2.7/site-packages/click/core.py", line 1137, in invoke
remote: return _process_result(sub_ctx.command.invoke(sub_ctx))
remote: File ".../python2.7/site-packages/click/core.py", line 956, in invoke
remote: return ctx.invoke(self.callback, **ctx.params)
remote: File ".../python2.7/site-packages/click/core.py", line 555, in invoke
remote: return callback(*args, **kwargs)
remote: File ".../kallithea/bin/kallithea_cli_base.py", line 79, in runtime_wrapper
remote: return annotated(*args, **kwargs)
remote: File ".../kallithea/bin/kallithea_cli_ssh.py", line 74, in ssh_serve
remote: vcs_handler.serve(user_id, key_id, client_ip)
remote: File ".../kallithea/lib/vcs/backends/ssh.py", line 65, in serve
remote: self.authuser = AuthUser.make(dbuser=dbuser, ip_addr=client_ip)
remote: File ".../kallithea/lib/auth.py", line 407, in make
remote: if not check_ip_access(source_ip=ip_addr, allowed_ips=allowed_ips):
remote: File ".../kallithea/lib/auth.py", line 860, in check_ip_access
remote: if ipaddr.IPAddress(source_ip) in ipaddr.IPNetwork(ip):
remote: File ".../kallithea/lib/ipaddr.py", line 76, in IPAddress
remote:
remote: ValueError: '2' does not appear to be an IPv4 or IPv6 address
abort: no suitable response from remote hg!


This was caused by IPv4-exclusive parsing of the SSH_CONNECTION variable.
With an IPv6 address starting with '2a02:1810:', only the first '2' would
survive.

According to 'man 1 ssh':

SSH_CONNECTION Identifies the client and server ends of the con‐
nection. The variable contains four space-sepa‐
rated values: client IP address, client port num‐
ber, server IP address, and server port number.


So, the client IP address will be the first space-separated word, regardless
of IPv4 or IPv6. Use that knowledge without further parsing.

(commit message by Thomas De Schampheleire)
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
#!/bin/sh -e

if [ $# -lt 2 ] || [ $# -gt 3 ]; then
    cat >&2 <<EOD
usage: $0 CONFIG_FILE FROM_REV [TO_REV]

Runs a database migration from FROM_REV to TO_REV (default: current
working directory parent), using the specified CONFIG_FILE (.ini file).

Test is run using a clean Kallithea install, in a temporary virtual
environment. FROM_REV and (optional) TO_REV should be Mercurial revision
identifiers (e.g. changeset hash or a version number tag). The working
directory is not touched, but the database referenced in the config file
will be (re)created.

Only SQLite is available out of the box; for MySQL or PostgreSQL, set
the EXTRA environment variable to the required package(s), and it'll
be installed in the virtual environment. (E.g. EXTRA=MySQL-python or
EXTRA=psycopg2.)

The temporary directory is not removed, allowing follow-up examination
of the upgrade results. It is, however, created in /tmp by default,
which many Linux distributions automatically clean at regular intervals.
EOD
    exit 1
fi

config_file=$(readlink -f "$1")
from_rev=$2
to_rev=$3
source_repo=$(dirname "$(dirname "$(readlink -f "$0")")")

announce() {
    echo
    echo "$1"
    echo
}

quiet_if_ok() (
    local output
    local st
    set +e
    output=$("$@" < /dev/null 2>&1)
    st=$?
    if [ $st -ne 0 ]; then
        echo "$output" >&2
        echo "Command $@ returned exit status $st." >&2
        exit 1
    fi
)

HG() {
    "${HG:-hg}" --repository "$source_repo" "$@"
}

# If upgrading to "current revision", warn if working directory is dirty.
if [ ! "$to_rev" ] && [ "$(HG status -mard)" ]; then
    announce "Warning: Uncommitted changes in working directory will be ignored!"
fi

from_rev_hash=$(HG id --id --rev "${from_rev:-.}")
to_rev_hash=$(HG id --id --rev "${to_rev:-.}")
temp=$(readlink -f "$(mktemp --tmpdir -d 'dbmigrate-test.XXXXXX')")

cat <<EOD
Config file:    $config_file
EOD
sed -n -e 's/^sqlalchemy\.url *= */Database URL:   /p' "$config_file"
cat <<EOD
Working dir:    $temp
Repository:     $source_repo
Upgrade from:   $from_rev_hash (${from_rev:-current})
Upgrade to:     $to_rev_hash (${to_rev:-current})
Extra packages: ${EXTRA:-(none)}
EOD

mkdir "$temp/repos" # empty

# Enable caching for old pip versions (this will cache the pip upgrade)
# Newer pip versions cache automatically, and don't use this variable.
if [ ! "$PIP_DOWNLOAD_CACHE" ]; then
    export PIP_DOWNLOAD_CACHE=$HOME/.cache/pip/legacy
fi

install_kallithea() {
    local prefix=$1
    local rev=$2

    announce "Installing Kallithea $rev in $prefix..."

    "${VIRTUALENV:-virtualenv}" --quiet "$prefix-env"
    HG archive --rev "$rev" "$prefix"

    (
        cd "$prefix"
        . "$prefix-env/bin/activate"
        pip install --quiet --upgrade pip setuptools mercurial $EXTRA
        pip install --quiet -e .
    )
}

install_kallithea "$temp/from" "$from_rev_hash"
(
    cd "$temp/from"
    . "$temp/from-env/bin/activate"
    announce "Initializing database..."
    quiet_if_ok kallithea-cli db-create -c "$config_file" --repos="$temp/repos" --user=doe --email=doe@example.com --password=123456 --no-public-access --force-yes
    alembic -c "$config_file" current -v
)

install_kallithea "$temp/to" "$to_rev_hash"
(
    cd "$temp/to"
    . "$temp/to-env/bin/activate"

    announce "Commencing database upgrade from shown Alembic revision to head..."
    alembic -c "$config_file" current -v
    alembic -c "$config_file" upgrade head
    announce "Upgrade complete, now at the shown Alembic revision:"
    alembic -c "$config_file" current -v
)
This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3.