5 # usage: run it on some port, and then clone or fetch
6 # "git://<realhost>:<realport>/<real-git-url>[ <options>]"
7 # where <real-git-url> is http://<host>/... or git://<host>/...
8 # and <options> is zero or more (whitespace-separated) of
9 # [<some-option>] will be ignored if not recognised
10 # {<some-option>} error if not recognised
11 # options currently known:
12 # fetch=must fail if the fetch/clone from upstream fails
13 # fetch=no just use what is in the cache
14 # fetch=try use what is in the cache if the fetch/clone fails
15 # timeout=<seconds> length of time to allow for fetch/clone
23 use Fcntl qw(:flock SEEK_SET);
25 our $us = 'git-cache-proxy';
26 our $log; # filehandle (ref), or "1" meaning syslog
29 open STDERR, ">/dev/null" or exit 255;
30 open TEMPERR, "+>", undef or exit 255;
31 open STDERR, ">&TEMPERR" or exit 255;
35 return ('(local)') unless defined $sockaddr;
36 my ($port,$addr) = sockaddr_in $sockaddr;
37 $addr = inet_ntoa $addr;
38 return ("[$addr]:$port",$addr,$port);
41 our ($client,$client_addr,$client_port) = ntoa getpeername STDIN;
42 our ($server,$server_addr,$server_port) = ntoa getsockname STDIN;
46 openlog $us, qw(pid), 'daemon';
53 my $mainmsg = sprintf "%s-%s: %s", $server, $client, $msg;
55 my $wholemsg = sprintf("%s [%d] %s: %s\n",
56 strftime("%Y-%m-%d %H:%M:%S Z", gmtime),
62 syslog $pri, $mainmsg;
67 if ($?) { logm 'crit', "crashing ($?)"; }
68 seek TEMPERR, 0, SEEK_SET;
77 our $fetchtimeout = 1800;
78 our $maxfetchtimeout = 3600;
91 my $gitmsg = "ERR $us: $msg";
92 $gitmsg = substr($gitmsg,0,65535); # just in case
93 printf "%04x%s", length($gitmsg)+4, $gitmsg;
98 our $cachedir = '/var/cache/git-cache-proxy';
102 last unless $ARGV[0] =~ m/^-/;
108 open STDERR, ">>", $logfile or fail "open $logfile: $!";
110 } elsif (s/^-d(.*)$//) {
112 } elsif (s/^--(maxfetchtimeout|fetchtimeout)=(\d+)$//) {
115 fail "bad usage: unknown option `$_'";
120 !@ARGV or fail "bad usage: no non-option arguments permitted";
122 chdir $cachedir or fail "chdir $cachedir: $!";
124 our ($service,$specpath,$spechost);
126 $SIG{ALRM} = sub { fail "timeout" };
132 while ($length > length $buffer) {
133 my $ret = sysread STDIN, $buffer, $length, length $buffer;
134 fail "Expected $length bytes, got ".length $buffer
135 if defined $ret and $ret == 0;
136 fail "read: $!" if not defined $ret and $! != EINTR and $! != EAGAIN;
140 my $hex_len = xread 4;
141 fail "Bad hex in packet length" unless $hex_len =~ m|^[0-9a-fA-F]{4}$|;
142 my $line = xread -4 + hex $hex_len;
143 unless (($service,$specpath,$spechost) = $line =~
144 m|^(git-[a-z-]+) /*([!-~ ]+)\0host=([!-~]+)\0$|) {
145 $line =~ s|[^ -~]+| |g;
146 gitfail "unknown/unsupported instruction `$line'"
151 $service eq 'git-upload-pack'
152 or gitfail "unknown/unsupported service `$service'";
154 my $fetch = 2; # 0:don't; 1:try; 2:force
157 while ($url =~ s#\s+(\[)([^][{}]+)\]$## ||
158 $url =~ s#\s+(\{)([^][{}]+)\}$##) {
160 my $must = $1 eq '{';
161 if (m/^fetch=try$/) {
163 } elsif (m/^fetch=no$/) {
165 } elsif (m/^fetch=must$/) {
166 $fetch = 2; # the default
167 } elsif (m/^timeout=(\d+)$/) {
168 $fetchtimeout = $1 <= $maxfetchtimeout ? $1 : $maxfetchtimeout;
170 gitfail "unknown/unsupported option `$_'";
174 $url =~ m{^(?:https?|git)://[-.0-9a-z]+/}
175 or gitfail "unknown/unsupported url scheme or format `$url'";
178 $subdir =~ s|\\|\\\\|g;
179 $subdir =~ s|,|\\,|g;
182 logm 'info', "$specpath locking";
184 my $tmpd= "$subdir\\.tmp";
185 my $gitd= "$subdir\\.git";
186 my $lock = "$subdir\\.lock";
189 open LOCK, "+>", $lock or fail "open/create $lock: $!";
190 flock LOCK, LOCK_EX or fail "lock exclusive $lock: $!";
192 my $exists = stat $gitd;
193 $exists or $!==ENOENT or fail "stat $gitd: $!";
202 system qw(rm -rf --), $tmpd;
203 @cmd = (qw(git clone -q --mirror), $url, $tmpd);
204 logm 'info', "$specpath cloning @cmd";
206 @cmd = (qw(git remote update --prune));
207 logm 'info', "$specpath fetching @cmd";
209 my $cmd = "@cmd[0..1]";
211 my $child = open FETCHERR, "-|";
212 defined $child or fail "fork: $!";
215 chdir $gitd or fail "chdir $gitd: $!";
217 setpgrp or fail "setpgrp: $!";
218 open STDERR, ">&STDOUT" or fail "redirect stderr: $!";
219 exec @cmd or fail "exec $cmd[0]: $!";
225 local $SIG{ALRM} = sub {
226 logm 'info', "$specpath fetch/clone timeout";
227 $timedout=1; kill 9, -$child;
229 logm 'info', "timeout=$fetchtimeout";
230 alarm($fetchtimeout);
231 $!=0; { local $/=undef; $fetcherr = <FETCHERR>; }
232 !FETCHERR->error or fail "read pipe from fetch/clone: $!";
236 kill -9, $child or fail "kill fetch/clone: $!";
237 $!=0; $?=0; if (!close FETCHERR) {
238 fail "reap fetch/clone: $!" if $!;
240 !($? & 255) ? "$cmd died with error exit code ".($? >> 8) :
241 $? != 9 ? "$cmd died due to fatal signa, status $?" :
242 $timedout ? "$cmd timed out (${fetchtimeout}s)" :
243 "$cmd died due to unexpected SIGKILL";
244 if (length $fetcherr) {
245 $fetchfail .= "\n$fetcherr";
246 $fetchfail =~ s/\n$//;
247 $fetchfail =~ s{\n}{ // }g;
252 logm 'info', "$specpath fetch/clone failed: $fetchfail";
257 rename $tmpd, $gitd or fail "rename fresh $tmpd to $gitd: $!";
261 $fetchfail = 'not attempted';
265 gitfail "no cached data, and not cloned: $fetchfail";
268 logm 'info', "$specpath sharing";
269 flock LOCK, LOCK_UN or fail "unlock $lock: $!";
270 flock LOCK, LOCK_SH or fail "lock shared $lock: $!";
271 # actually, just relocking as shared would have the same semantics
272 # but it's best to be explicit
277 $!==ENOENT or fail "chdir $gitd: $!";
279 # Well, err, someone must have taken the lock in between
280 # and garbage collected it. How annoying.
283 logm 'info', "$specpath servicing";
284 exec qw(git-upload-pack --strict --timeout=1000 .)
285 or fail "exec git-upload-pack: $!";