1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
#!/usr/bin/perl
#
# A git daemon with an added userv security boundary.
#
# This was written by Tony Finch <dot@dotat.at>
# You may do anything with it, at your own risk.
# http://creativecommons.org/publicdomain/zero/1.0/
use strict;
use warnings;
use POSIX;
use Socket;
use Sys::Syslog;
sub ntoa {
my $sockaddr = shift;
return ('(local)') unless defined $sockaddr;
my ($port,$addr) = sockaddr_in $sockaddr;
$addr = inet_ntoa $addr;
return ("[$addr]:$port",$addr,$port);
}
our ($client,$client_addr,$client_port) = ntoa getpeername STDIN;
our ($server,$server_addr,$server_port) = ntoa getsockname STDIN;
our ($service,$path,$host,$user);
openlog 'userv-git-daemon', 'pid', 'daemon';
sub fail { syslog 'err', "$client @_"; exit }
$SIG{ALRM} = sub { fail "timeout" };
alarm 30;
sub xread {
my $length = shift; $_ = "";
while ($length > length) {
my $ret = sysread STDIN, $_, $length, length;
fail "Expected $length bytes, got ".length
if defined $ret and $ret == 0;
fail "read: $!" if not defined $ret and $! != EINTR and $! != EAGAIN;
}
}
xread 4;
fail "Bad hex in packet length" unless m|^[0-9a-fA-F]{4}$|;
xread hex;
unless (($service,$path,$host) =
m|^(git-[a-z-]+) /*([!-~]+)\0host=([!-~]+)\0$|) {
s|[^ -~]+| |g;
fail "Could not parse \"$_\""
}
our $uri = $_ = "git://$host/$path";
for my $cf (@ARGV) { do $cf }
fail "No user for $uri" unless defined $user;
syslog 'notice', "$client $service $uri";
my @opts = map "-D$_=${$::{$_}}",
grep defined ${$::{$_}} && /^[a-z_]+$/, keys %::;
my @cmd = ('userv', @opts, $user, $service);
no warnings; # suppress errors to stderr
exec @cmd or fail "exec userv: $!";
# end
|
