git-cache-proxy: add warning re clients being able to DoS

[chiark-utils.git] / scripts / git-cache-proxy

diff --git a/scripts/git-cache-proxy b/scripts/git-cache-proxy
index 4d55233a5f1a70d9cddd8efee5022e5ce3357a9c..8747eba9cbf788588a9514b601726d2905f9e5cf 100755 (executable)
--- a/scripts/git-cache-proxy
+++ b/scripts/git-cache-proxy
@@ -2,6 +2,12 @@
 #
 # git caching proxy
 
+# Suitable only for exposing to semi-trusted clients: clients are not
+# supposed to be able to take over the server.  However, clients can
+# probably deny service to each other because the current
+# implementation is not very good at handling various out-of-course
+# situations (notably, clients which are too slow).
+
 # usage: run it on some port, and then clone or fetch
 #  "git://<realhost>:<realport>/<real-git-url>[ <options>]"
 # where <real-git-url> is http://<host>/... or git://<host>/...
@@ -370,10 +376,10 @@ sub clonefetch () {
     servinfo "sharing";
     lockfile \*LOCK, $lock, LOCK_SH; # NB releases and relocks
 
-    if (chdir $gitd) {
+    if (stat $gitd) {
        return 1;
     }
-    $!==ENOENT or fail "chdir $gitd: $!";
+    $!==ENOENT or fail "stat $gitd: $!";
 
     # Well, err, someone must have taken the lock in between
     # and garbage collected it.  How annoying.
@@ -457,6 +463,9 @@ sub housekeepingcheck ($$) {
 
 sub runcommand () {
     servinfo "serving";
+
+    chdir $gitd or fail "chdir $gitd: $!";
+
     exec qw(git-upload-pack --strict --timeout=1000 .)
        or fail "exec git-upload-pack: $!";
 }