X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?a=blobdiff_plain;f=git-daemon%2Fgit-daemon.pl;h=645cbc5bce9b0f4c7a2cfcc553fd7887d47dbcf2;hb=5f3e811b5415dcff74f82bdd2f26d3af1f73c555;hp=8e15517e041d46180fc7a8efdabe28891bc12b9e;hpb=6fe98f4a5ae10ba602534559e8685e7979f12be3;p=userv-utils.git diff --git a/git-daemon/git-daemon.pl b/git-daemon/git-daemon.pl index 8e15517..645cbc5 100755 --- a/git-daemon/git-daemon.pl +++ b/git-daemon/git-daemon.pl @@ -2,10 +2,6 @@ # # A git daemon with an added userv security boundary. # -# This reads the first packet-line of the protocol, checks the syntax -# of the pathname and hostname, then uses userv to invoke the -# git-upload-pack as the target user with safe arguments. -# # This was written by Tony Finch # You may do anything with it, at your own risk. # http://creativecommons.org/publicdomain/zero/1.0/ @@ -17,73 +13,53 @@ use POSIX; use Socket; use Sys::Syslog; -use lib '/etc/userv'; - sub ntoa { my $sockaddr = shift; - if (defined $sockaddr) { - my ($port,$addr) = sockaddr_in $sockaddr; - $addr = inet_ntoa $addr; - return ($addr,$port,"[$addr]:$port"); - } else { - return (undef,undef,"[?.?.?.?]:?"); - } + return ('(local)') unless defined $sockaddr; + my ($port,$addr) = sockaddr_in $sockaddr; + $addr = inet_ntoa $addr; + return ("[$addr]:$port",$addr,$port); } - -my ($client_addr,$client_port,$client) = ntoa getpeername STDIN; -my ($server_addr,$server_port,$server) = ntoa getsockname STDIN; +our ($client,$client_addr,$client_port) = ntoa getpeername STDIN; +our ($server,$server_addr,$server_port) = ntoa getsockname STDIN; +our ($service,$path,$host,$user); openlog 'userv-git-daemon', 'pid', 'daemon'; +sub fail { syslog 'err', "$client @_"; exit } -sub fail { - syslog 'err', "$client @_"; - exit; -} +$SIG{ALRM} = sub { fail "timeout" }; +alarm 30; sub xread { my $length = shift; my $buffer = ""; - local $SIG{ALRM} = sub { fail "timeout" }; - alarm 30; while ($length > length $buffer) { my $ret = sysread STDIN, $buffer, $length, length $buffer; - fail "short read: expected $length bytes, got " . length $buffer + fail "Expected $length bytes, got ".length $buffer if defined $ret and $ret == 0; fail "read: $!" if not defined $ret and $! != EINTR and $! != EAGAIN; - $ret = 0 if not defined $ret; } - alarm 0; return $buffer; } - -my $len_hex = xread 4; -fail "non-hex packet length" unless $len_hex =~ m{^[0-9a-fA-F]{4}$}; -my $line = xread hex $len_hex; -unless ($line =~ m{^git-upload-pack ([!-~]+)\0host=([!-~]+)\0$}) { - $line =~ s/[^ -~]+/ /g; - fail "could not parse \"$line\"" +my $hex_len = xread 4; +fail "Bad hex in packet length" unless $hex_len =~ m|^[0-9a-fA-F]{4}$|; +my $line = xread -4 + hex $hex_len; +unless (($service,$path,$host) = $line =~ + m|^(git-[a-z-]+) /*([!-~]+)\0host=([!-~]+)\0$|) { + $line =~ s|[^ -~]+| |g; + fail "Could not parse \"$line\"" } -my ($path,$host) = ($1,$2); -$path =~ s|^/||; -$_ = my $uri = "git://$host/$path"; +our $uri = $_ = "git://$host/$path"; +for my $cf (@ARGV) { do $cf } -my ($user,$repo) = do "git-daemon-urlmap.pl"; -fail "no user configured for $uri" unless defined $user; -syslog 'info', "$client userv $user git-upload-pack $uri"; +fail "No user for $uri" unless defined $user; +syslog 'notice', "$client $service $uri"; -my %vars = ( - REQUEST_HOST => $host, - REQUEST_PATH => $path, - REQUEST_URI => $uri, - CLIENT_ADDR => $client_addr, - CLIENT_PORT => $client_port, - SERVER_ADDR => $server_addr, - SERVER_PORT => $server_port, -); -my @opts = map "-D$_=$vars{$_}", grep defined $vars{$_}, sort keys %vars; +my @opts = map "-D$_=${$::{$_}}", + grep defined ${$::{$_}} && /^[a-z_]+$/, keys %::; +my @cmd = ('userv', @opts, $user, $service); no warnings; # suppress errors to stderr -exec 'userv', @opts, $user, 'git-upload-pack' - or fail "exec userv @opts $user git-upload-pack: $!"; +exec @cmd or fail "exec userv: $!"; # end