summaryrefslogtreecommitdiff
path: root/git-daemon/git-daemon.in
blob: 1b1b5402afa6656c2baa226d3638f9193f278ecb (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87

#!/usr/bin/perl
#
# A git daemon with an added userv security boundary.
#
# This was written by Tony Finch <dot@dotat.at> and subsequently
# heavily modified by Ian Jackson <ijackson@chiark.greenend.org.uk>
# http://creativecommons.org/publicdomain/zero/1.0/

use strict;
use warnings;

use POSIX;
use Socket;
use Sys::Syslog;

BEGIN {
    if ($ARGV[0] =~ s/^-L//) {
	my $logfile= shift @ARGV;
	open STDERR, ">> $logfile" or die $!;
    }
}

sub ntoa {
    my $sockaddr = shift;
    return ('(local)') unless defined $sockaddr;
    my ($port,$addr) = sockaddr_in $sockaddr;
    $addr = inet_ntoa $addr;
    return ("[$addr]:$port",$addr,$port);
}
our ($client,$client_addr,$client_port) = ntoa getpeername STDIN;
our ($server,$server_addr,$server_port) = ntoa getsockname STDIN;
our ($service,$specpath,$spechost);

printf STDERR "%s [$$] %s %s\n",
    strftime("%Y-%m-%d %H:%M:%S %Z", localtime), $server, $client;

openlog 'userv-git-daemon', 'pid', 'daemon';
sub fail { syslog 'err', "$client @_"; exit }

$SIG{ALRM} = sub { fail "timeout" };
alarm 30;

sub xread {
    my $length = shift;
    my $buffer = "";
    while ($length > length $buffer) {
        my $ret = sysread STDIN, $buffer, $length, length $buffer;
        fail "Expected $length bytes, got ".length $buffer
                            if defined $ret and $ret == 0;
        fail "read: $!" if not defined $ret and $! != EINTR and $! != EAGAIN;
    }
    return $buffer;
}
my $hex_len = xread 4;
fail "Bad hex in packet length" unless $hex_len =~ m|^[0-9a-fA-F]{4}$|;
my $line = xread -4 + hex $hex_len;
unless (($service,$specpath,$spechost) = $line =~
        m|^(git-[a-z-]+) /*([!-~]+)\0host=([!-~]+)\0$|) {
    $line =~ s|[^ -~]+| |g;
    fail "Could not parse \"$line\""
}

@@READ_URLMAP@@

fail "No global mapping for $uri" unless defined $serve_user;

my ($hn,$ha,$at,$naddrs,@addrs) = gethostbyname $spechost;
fail "hostname/address mismatch ($spechost $server_addr)" unless grep {
    $server_addr eq inet_ntoa $_
    } @addrs;

our @opts;

push @opts, "-D$_=${$::{$_}}"
    for qw(service specpath spechost
	   client client_addr client_port
	   server server_addr server_port);

fail "no user $serve_user" unless getpwnam($serve_user);

syslog 'notice', "$client $service $uri $serve_user";

my @cmd = ('userv', '-t300', @opts, $serve_user, $service);
no warnings; # suppress errors to stderr
exec @cmd or fail "exec userv: $!";

# end
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-27 18:05:38 +0000