use Socket;
use Sys::Syslog;
-use vars qw{ %vhost_default_user %vhost_user_from_tilde
- $TILDE $REPO $HOSTNAME };
+use vars qw{ $TILDE $REPO $HOSTNAME
+ %vhost_default_user %vhost_tilde_is_user %vhost_tilde_forbidden };
use lib '/etc/userv';
require 'git-daemon-vhosts.pl';
sub xread {
my $length = shift;
my $buffer = "";
- # simply die if the client takes too long
+ local $SIG{ALRM} = sub { fail "timeout" };
alarm 30;
while ($length > length $buffer) {
my $ret = sysread STDIN, $buffer, $length, length $buffer;
my $len_hex = xread 4;
fail "non-hexadecimal packet length" unless $len_hex =~ m{^[0-9a-zA-Z]{4}$};
-my $len = hex $len_hex;
-
-my $line = xread $len;
+my $line = xread hex $len_hex;
unless ($line =~ m{^git-upload-pack (?:~($TILDE)/)?($REPO[.]git)\0host=($HOSTNAME)\0$}) {
$line =~ s/[^ -~]+/ /g;
fail "could not parse \"$line\""
my ($tilde,$repo,$host) = ($1,$2,$3);
my $url = $tilde ? "git://$host/~$tilde/$repo" : "git://$host/$repo";
-my $user = $vhost_user_from_tilde{$host} ? $tilde : $vhost_default_user{$host};
-fail "no user configuration for $url" unless defined $user;
-
+fail "tilde forbidden for $url" if defined $tilde and $vhost_tilde_forbidden{$host};
+my $user = $vhost_tilde_is_user{$host} ? $tilde : $vhost_default_user{$host};
+fail "no user configured for $url" unless defined $user;
syslog 'info', "$peer $user $url";
-my @opts = ("-DCLIENT=$addr", "-DHOST=$host", "-DREPO=$repo");
+my @opts = ("-DHOST=$host", "-DREPO=$repo");
push @opts, "-DTILDE=$tilde" if defined $tilde;
-
+push @opts, "-DCLIENT=$addr" if defined $addr;
+no warnings; # suppress errors to stderr
exec 'userv', @opts, $user, 'git-upload-pack'
or fail "exec userv: $!";