X-Git-Url: https://git.distorted.org.uk/~mdw/userv-utils/blobdiff_plain/abb80356bb59bcc101a57949badbb85fde4db9ba..9ad7f5edd331027061b3d41bff050fe97d19b866:/git-daemon/git-daemon.pl diff --git a/git-daemon/git-daemon.pl b/git-daemon/git-daemon.pl index 4f8a774..91dd727 100755 --- a/git-daemon/git-daemon.pl +++ b/git-daemon/git-daemon.pl @@ -2,10 +2,6 @@ # # A git daemon with an added userv security boundary. # -# This reads the first packet-line of the protocol, checks the syntax -# of the pathname and hostname, then uses userv to invoke the -# git-upload-pack as the target user with safe arguments. -# # This was written by Tony Finch # You may do anything with it, at your own risk. # http://creativecommons.org/publicdomain/zero/1.0/ @@ -17,67 +13,51 @@ use POSIX; use Socket; use Sys::Syslog; -use vars qw{ %vhost_default_user %vhost_user_from_tilde - $TILDE $REPO $HOSTNAME }; - -use lib '/etc/userv'; -require 'git-daemon-vhosts.pl'; - -my $peer = getpeername STDIN; -my ($port,$addr); -if (defined $peer) { - ($port,$addr) = sockaddr_in $peer; +sub ntoa { + my $sockaddr = shift; + return ('(local)') unless defined $sockaddr; + my ($port,$addr) = sockaddr_in $sockaddr; $addr = inet_ntoa $addr; - $peer = "[$addr]:$port"; -} else { - $peer = "[?.?.?.?]:?"; - undef $!; + return ("[$addr]:$port",$addr,$port); } +our ($client,$client_addr,$client_port) = ntoa getpeername STDIN; +our ($server,$server_addr,$server_port) = ntoa getsockname STDIN; +our ($service,$path,$host,$user); openlog 'userv-git-daemon', 'pid', 'daemon'; +sub fail { syslog 'err', "$client @_"; exit } -sub fail { - syslog 'err', "$peer @_"; - exit; -} +$SIG{ALRM} = sub { fail "timeout" }; +alarm 30; sub xread { - my $length = shift; - my $buffer = ""; - # simply die if the client takes too long - alarm 30; - while ($length > length $buffer) { - my $ret = sysread STDIN, $buffer, $length, length $buffer; - fail "short read: expected $length bytes, got " . length $buffer + my $length = shift; $_ = ""; + while ($length > length) { + my $ret = sysread STDIN, $_, $length, length; + fail "Expected $length bytes, got ".length if defined $ret and $ret == 0; fail "read: $!" if not defined $ret and $! != EINTR and $! != EAGAIN; - $ret = 0 if not defined $ret; } - alarm 0; - return $buffer; } - -my $len_hex = xread 4; -fail "non-hexadecimal packet length" unless $len_hex =~ m{^[0-9a-zA-Z]{4}$}; -my $len = hex $len_hex; - -my $line = xread $len; -unless ($line =~ m{^git-upload-pack (?:~($TILDE)/)?($REPO[.]git)\0host=($HOSTNAME)\0$}) { - $line =~ s/[^ -~]+/ /g; - fail "could not parse \"$line\"" +xread 4; +fail "Bad hex in packet length" unless m|^[0-9a-fA-F]{4}$|; +xread hex; +unless (($service,$path,$host) = + m|^(git-[a-z-]+) /*([!-~]+)\0host=([!-~]+)\0$|) { + s|[^ -~]+| |g; + fail "Could not parse \"$_\"" } -my ($tilde,$repo,$host) = ($1,$2,$3); -my $url = $tilde ? "git://$host/~$tilde/$repo" : "git://$host/$repo"; - -my $user = $vhost_user_from_tilde{$host} ? $tilde : $vhost_default_user{$host}; -fail "no user configuration for $url" unless defined $user; +our $uri = $_ = "git://$host/$path"; +for my $cf (@ARGV) { do $cf } -syslog 'info', "$peer $user $url"; +fail "No user for $uri" unless defined $user; +syslog 'notice', "$client $service $uri"; -my @opts = ("-DCLIENT=$addr", "-DHOST=$host", "-DREPO=$repo"); -push @opts, "-DTILDE=$tilde" if defined $tilde; +my @opts = map "-D$_=${$::{$_}}", + grep defined ${$::{$_}} && /^[a-z_]+$/, keys %::; -exec 'userv', @opts, $user, 'git-upload-pack' - or fail "exec userv: $!"; +my @cmd = ('userv', @opts, $user, $service); +no warnings; # suppress errors to stderr +exec @cmd or fail "exec userv: $!"; # end