X-Git-Url: https://git.distorted.org.uk/~mdw/userv-utils/blobdiff_plain/b8db4eb5d8ffd32a50e5173af7472f6a1cf56f42..18c4999f61d703d687b3c96e419ec9f4d81541fe:/git-daemon/git-daemon.pl?ds=sidebyside diff --git a/git-daemon/git-daemon.pl b/git-daemon/git-daemon.pl index a17412f..74942a0 100755 --- a/git-daemon/git-daemon.pl +++ b/git-daemon/git-daemon.pl @@ -2,10 +2,6 @@ # # A git daemon with an added userv security boundary. # -# This reads the first packet-line of the protocol, checks the syntax -# of the pathname and hostname, then uses userv to invoke the -# git-upload-pack as the target user with safe arguments. -# # This was written by Tony Finch # You may do anything with it, at your own risk. # http://creativecommons.org/publicdomain/zero/1.0/ @@ -17,27 +13,23 @@ use POSIX; use Socket; use Sys::Syslog; -use vars qw{ $TILDE $REPO $HOSTNAME - %vhost_default_user %vhost_tilde_is_user %vhost_tilde_forbidden }; - -use lib '/etc/userv'; -require 'git-daemon-vhosts.pl'; - -my $peer = getpeername STDIN; -my ($port,$addr); -if (defined $peer) { - ($port,$addr) = sockaddr_in $peer; +sub ntoa { + my $sockaddr = shift; + return ('[?.?.?.?]:?') unless defined $sockaddr; + my ($port,$addr) = sockaddr_in $sockaddr; $addr = inet_ntoa $addr; - $peer = "[$addr]:$port"; -} else { - $peer = "[?.?.?.?]:?"; - undef $!; + return ("[$addr]:$port",$addr,$port); +} +{ + package cf; + our ($client,$client_addr,$client_port) = ::ntoa(getpeername(STDIN)); + our ($server,$server_addr,$server_port) = ::ntoa(getsockname(STDIN)); } openlog 'userv-git-daemon', 'pid', 'daemon'; sub fail { - syslog 'err', "$peer @_"; + syslog 'err', "$cf::client @_"; exit; } @@ -51,32 +43,35 @@ sub xread { fail "short read: expected $length bytes, got " . length $buffer if defined $ret and $ret == 0; fail "read: $!" if not defined $ret and $! != EINTR and $! != EAGAIN; - $ret = 0 if not defined $ret; } alarm 0; return $buffer; } my $len_hex = xread 4; -fail "non-hexadecimal packet length" unless $len_hex =~ m{^[0-9a-zA-Z]{4}$}; +fail "non-hex packet length" unless $len_hex =~ m{^[0-9a-fA-F]{4}$}; my $line = xread hex $len_hex; -unless ($line =~ m{^git-upload-pack (?:~($TILDE)/)?($REPO[.]git)\0host=($HOSTNAME)\0$}) { - $line =~ s/[^ -~]+/ /g; +if ($line =~ m{^(git-[a-z-]+) ([!-~]+)\0host=([!-~]+)\0$}) { + package cf; + our ($service,$path,$host) = ($1,$2,$3); + $path =~ s|^/*||; + our $uri = $_ = "git://$host/$path"; +} else { + $line =~ s|[^ -~]+| |g; fail "could not parse \"$line\"" } -my ($tilde,$repo,$host) = ($1,$2,$3); -my $url = $tilde ? "git://$host/~$tilde/$repo" : "git://$host/$repo"; -fail "tilde forbidden for $url" if defined $tilde and $vhost_tilde_forbidden{$host}; -my $user = $vhost_tilde_is_user{$host} ? $tilde : $vhost_default_user{$host}; -fail "no user configured for $url" unless defined $user; -syslog 'info', "$peer $user $url"; +for my $cf (@ARGV) { + package cf; + our ($user,$dir,$repo); + do $cf; +} +fail "no user configured for $cf::uri" unless defined $cf::user; +syslog 'info', "$cf::client $cf::service $cf::uri"; -my @opts = ("-DHOST=$host", "-DREPO=$repo"); -push @opts, "-DTILDE=$tilde" if defined $tilde; -push @opts, "-DCLIENT=$addr" if defined $addr; +my @opts = map "-D$_=${$cf::{$_}}", grep defined ${$cf::{$_}}, sort keys %cf::; +my @cmd = ('userv', @opts, $cf::user, $cf::service); no warnings; # suppress errors to stderr -exec 'userv', @opts, $user, 'git-upload-pack' - or fail "exec userv: $!"; +exec @cmd or fail "exec @cmd: $!"; # end