diff options
| author | Tony Finch <dot@dotat.at> | 2010-03-26 18:56:43 +0000 |
|---|---|---|
| committer | Ian Jackson <ian@liberator.relativity.greenend.org.uk> | 2010-05-22 15:54:41 +0100 |
| commit | b8db4eb5d8ffd32a50e5173af7472f6a1cf56f42 (patch) | |
| tree | 4d71d58ebc5b1438fcf428dc9f554f4877c2e13c /git-daemon | |
| parent | 11b88dbb4e21bf4a21e611eb185b1df02d0d7379 (diff) | |
| download | userv-utils-b8db4eb5d8ffd32a50e5173af7472f6a1cf56f42.tar.gz | |
git-daemon: allow virtual hosts to forbit tilde parts in URLs
Diffstat (limited to 'git-daemon')
| -rw-r--r-- | git-daemon/git-daemon-vhosts.pl | 22 | ||||
| -rwxr-xr-x | git-daemon/git-daemon.pl | 9 |
2 files changed, 18 insertions, 13 deletions
diff --git a/git-daemon/git-daemon-vhosts.pl b/git-daemon/git-daemon-vhosts.pl index 2046f9f..7c37b7a 100644 --- a/git-daemon/git-daemon-vhosts.pl +++ b/git-daemon/git-daemon-vhosts.pl @@ -14,22 +14,26 @@ $REPO = qr{[-+._0-9A-Za-z]+}; # The vhost_default_user hash specifies what user handles git requests # for each virtual host, if the URL does not have a tilde part, or if -# the virtual host does not appear in the vhost_user_from_tilde hash. -# If a virtual host does not appear in this hash then URLs without a -# tilde part are forbidden for that virtual host. +# the virtual hosts does not appear in either vhost_tilde hash. If a +# virtual host does not appear in this hash then it does not permit +# URLs without tilde parts. %vhost_default_user = ( 'dotat.at' => 'fanf', ); -# The vhost_user_from_tilde hash lists which virtual hosts allow the -# tilde part to specify the user that should handle the request. If a -# virtual host is not present in this hash then its default user -# handles all requests. If a virtual host is not present in either map -# then no requests are permitted. +# The vhost_tilde_is_user hash specifies which virtual hosts use the +# tilde part of a URL to specify the user that handles the request. -%vhost_user_from_tilde = ( +%vhost_tilde_is_user = ( 'chiark.greenend.org.uk' => 1, ); +# The vhost_tilde_forbidden hash specifies which virtual hosts do not +# permit URLs with tilde parts. + +%vhost_tilde_forbidden = ( + 'dotat.at' => 1, +); + # end diff --git a/git-daemon/git-daemon.pl b/git-daemon/git-daemon.pl index 5458c08..a17412f 100755 --- a/git-daemon/git-daemon.pl +++ b/git-daemon/git-daemon.pl @@ -17,8 +17,8 @@ use POSIX; use Socket; use Sys::Syslog; -use vars qw{ %vhost_default_user %vhost_user_from_tilde - $TILDE $REPO $HOSTNAME }; +use vars qw{ $TILDE $REPO $HOSTNAME + %vhost_default_user %vhost_tilde_is_user %vhost_tilde_forbidden }; use lib '/etc/userv'; require 'git-daemon-vhosts.pl'; @@ -67,8 +67,9 @@ unless ($line =~ m{^git-upload-pack (?:~($TILDE)/)?($REPO[.]git)\0host=($HOSTNAM my ($tilde,$repo,$host) = ($1,$2,$3); my $url = $tilde ? "git://$host/~$tilde/$repo" : "git://$host/$repo"; -my $user = $vhost_user_from_tilde{$host} ? $tilde : $vhost_default_user{$host}; -fail "no user configuration for $url" unless defined $user; +fail "tilde forbidden for $url" if defined $tilde and $vhost_tilde_forbidden{$host}; +my $user = $vhost_tilde_is_user{$host} ? $tilde : $vhost_default_user{$host}; +fail "no user configured for $url" unless defined $user; syslog 'info', "$peer $user $url"; my @opts = ("-DHOST=$host", "-DREPO=$repo"); |