Browse Source

Merge branch 'jl/virtual'

* jl/virtual:
  Removed memory leaks from interpolation table uses.
  Cleaned up git-daemon virtual hosting support.
maint
Junio C Hamano 19 years ago
parent
commit
2d5b459107
  1. 43
      Documentation/git-daemon.txt
  2. 3
      Makefile
  3. 220
      compat/inet_pton.c
  4. 175
      daemon.c
  5. 26
      interpolate.c
  6. 3
      interpolate.h

43
Documentation/git-daemon.txt

@ -8,14 +8,15 @@ git-daemon - A really simple server for git repositories @@ -8,14 +8,15 @@ git-daemon - A really simple server for git repositories
SYNOPSIS
--------
[verse]
'git-daemon' [--verbose] [--syslog] [--inetd | --port=n] [--export-all]
'git-daemon' [--verbose] [--syslog] [--export-all]
[--timeout=n] [--init-timeout=n] [--strict-paths]
[--base-path=path] [--user-path | --user-path=path]
[--interpolated-path=pathtemplate]
[--reuseaddr] [--detach] [--pid-file=file]
[--enable=service] [--disable=service]
[--allow-override=service] [--forbid-override=service]
[--reuseaddr] [--detach] [--pid-file=file]
[--user=user [--group=group]] [directory...]
[--inetd | [--listen=host_or_ipaddr] [--port=n] [--user=user [--group=group]]
[directory...]

DESCRIPTION
-----------
@ -54,8 +55,12 @@ OPTIONS @@ -54,8 +55,12 @@ OPTIONS
--interpolated-path=pathtemplate::
To support virtual hosting, an interpolated path template can be
used to dynamically construct alternate paths. The template
supports %H for the target hostname as supplied by the client,
supports %H for the target hostname as supplied by the client but
converted to all lowercase, %CH for the canonical hostname,
%IP for the server's IP address, %P for the port number,
and %D for the absolute path of the named repository.
After interpolation, the path is validated against the directory
whitelist.

--export-all::
Allow pulling from all directories that look like GIT repositories
@ -64,9 +69,17 @@ OPTIONS @@ -64,9 +69,17 @@ OPTIONS

--inetd::
Have the server run as an inetd service. Implies --syslog.
Incompatible with --port, --listen, --user and --group options.

--listen=host_or_ipaddr::
Listen on an a specific IP address or hostname. IP addresses can
be either an IPv4 address or an IPV6 address if supported. If IPv6
is not supported, then --listen=hostname is also not supported and
--listen must be given an IPv4 address.
Incompatible with '--inetd' option.

--port::
Listen on an alternative port.
--port=n::
Listen on an alternative port. Incompatible with '--inetd' option.

--init-timeout::
Timeout between the moment the connection is established and the
@ -182,6 +195,24 @@ clients, a symlink from `/software` into the appropriate @@ -182,6 +195,24 @@ clients, a symlink from `/software` into the appropriate
default repository could be made as well.


git-daemon as regular daemon for virtual hosts::
To set up `git-daemon` as a regular, non-inetd service that
handles repositories for multiple virtual hosts based on
their IP addresses, start the daemon like this:
+
------------------------------------------------
git-daemon --verbose --export-all
--interpolated-path=/pub/%IP/%D
/pub/192.168.1.200/software
/pub/10.10.220.23/software
------------------------------------------------
+
In this example, the root-level directory `/pub` will contain
a subdirectory for each virtual host IP address supported.
Repositories can still be accessed by hostname though, assuming
they correspond to these IP addresses.


Author
------
Written by Linus Torvalds <torvalds@osdl.org>, YOSHIFUJI Hideaki

3
Makefile

@ -522,6 +522,9 @@ endif @@ -522,6 +522,9 @@ endif
ifdef NO_INET_NTOP
LIB_OBJS += compat/inet_ntop.o
endif
ifdef NO_INET_PTON
LIB_OBJS += compat/inet_pton.o
endif

ifdef NO_ICONV
ALL_CFLAGS += -DNO_ICONV

220
compat/inet_pton.c

@ -0,0 +1,220 @@ @@ -0,0 +1,220 @@
/*
* Copyright (C) 1996-2001 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
* DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
* INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
* FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
* NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/

#include <errno.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <stdio.h>
#include <string.h>

#ifndef NS_INT16SZ
#define NS_INT16SZ 2
#endif

#ifndef NS_INADDRSZ
#define NS_INADDRSZ 4
#endif

#ifndef NS_IN6ADDRSZ
#define NS_IN6ADDRSZ 16
#endif

/*
* WARNING: Don't even consider trying to compile this on a system where
* sizeof(int) < 4. sizeof(int) > 4 is fine; all the world's not a VAX.
*/

static int inet_pton4(const char *src, unsigned char *dst);
static int inet_pton6(const char *src, unsigned char *dst);

/* int
* inet_pton4(src, dst)
* like inet_aton() but without all the hexadecimal and shorthand.
* return:
* 1 if `src' is a valid dotted quad, else 0.
* notice:
* does not touch `dst' unless it's returning 1.
* author:
* Paul Vixie, 1996.
*/
static int
inet_pton4(const char *src, unsigned char *dst)
{
static const char digits[] = "0123456789";
int saw_digit, octets, ch;
unsigned char tmp[NS_INADDRSZ], *tp;

saw_digit = 0;
octets = 0;
*(tp = tmp) = 0;
while ((ch = *src++) != '\0') {
const char *pch;

if ((pch = strchr(digits, ch)) != NULL) {
unsigned int new = *tp * 10 + (pch - digits);

if (new > 255)
return (0);
*tp = new;
if (! saw_digit) {
if (++octets > 4)
return (0);
saw_digit = 1;
}
} else if (ch == '.' && saw_digit) {
if (octets == 4)
return (0);
*++tp = 0;
saw_digit = 0;
} else
return (0);
}
if (octets < 4)
return (0);
memcpy(dst, tmp, NS_INADDRSZ);
return (1);
}

/* int
* inet_pton6(src, dst)
* convert presentation level address to network order binary form.
* return:
* 1 if `src' is a valid [RFC1884 2.2] address, else 0.
* notice:
* (1) does not touch `dst' unless it's returning 1.
* (2) :: in a full address is silently ignored.
* credit:
* inspired by Mark Andrews.
* author:
* Paul Vixie, 1996.
*/

#ifndef NO_IPV6
static int
inet_pton6(const char *src, unsigned char *dst)
{
static const char xdigits_l[] = "0123456789abcdef",
xdigits_u[] = "0123456789ABCDEF";
unsigned char tmp[NS_IN6ADDRSZ], *tp, *endp, *colonp;
const char *xdigits, *curtok;
int ch, saw_xdigit;
unsigned int val;

memset((tp = tmp), '\0', NS_IN6ADDRSZ);
endp = tp + NS_IN6ADDRSZ;
colonp = NULL;
/* Leading :: requires some special handling. */
if (*src == ':')
if (*++src != ':')
return (0);
curtok = src;
saw_xdigit = 0;
val = 0;
while ((ch = *src++) != '\0') {
const char *pch;

if ((pch = strchr((xdigits = xdigits_l), ch)) == NULL)
pch = strchr((xdigits = xdigits_u), ch);
if (pch != NULL) {
val <<= 4;
val |= (pch - xdigits);
if (val > 0xffff)
return (0);
saw_xdigit = 1;
continue;
}
if (ch == ':') {
curtok = src;
if (!saw_xdigit) {
if (colonp)
return (0);
colonp = tp;
continue;
}
if (tp + NS_INT16SZ > endp)
return (0);
*tp++ = (unsigned char) (val >> 8) & 0xff;
*tp++ = (unsigned char) val & 0xff;
saw_xdigit = 0;
val = 0;
continue;
}
if (ch == '.' && ((tp + NS_INADDRSZ) <= endp) &&
inet_pton4(curtok, tp) > 0) {
tp += NS_INADDRSZ;
saw_xdigit = 0;
break; /* '\0' was seen by inet_pton4(). */
}
return (0);
}
if (saw_xdigit) {
if (tp + NS_INT16SZ > endp)
return (0);
*tp++ = (unsigned char) (val >> 8) & 0xff;
*tp++ = (unsigned char) val & 0xff;
}
if (colonp != NULL) {
/*
* Since some memmove()'s erroneously fail to handle
* overlapping regions, we'll do the shift by hand.
*/
const int n = tp - colonp;
int i;

for (i = 1; i <= n; i++) {
endp[- i] = colonp[n - i];
colonp[n - i] = 0;
}
tp = endp;
}
if (tp != endp)
return (0);
memcpy(dst, tmp, NS_IN6ADDRSZ);
return (1);
}
#endif

/* int
* isc_net_pton(af, src, dst)
* convert from presentation format (which usually means ASCII printable)
* to network format (which is usually some kind of binary format).
* return:
* 1 if the address was valid for the specified address family
* 0 if the address wasn't valid (`dst' is untouched in this case)
* -1 if some other error occurred (`dst' is untouched in this case, too)
* author:
* Paul Vixie, 1996.
*/
int
inet_pton(int af, const char *src, void *dst)
{
switch (af) {
case AF_INET:
return (inet_pton4(src, dst));
#ifndef NO_IPV6
case AF_INET6:
return (inet_pton6(src, dst));
#endif
default:
errno = EAFNOSUPPORT;
return (-1);
}
/* NOTREACHED */
}

175
daemon.c

@ -9,6 +9,7 @@ @@ -9,6 +9,7 @@
#include <syslog.h>
#include <pwd.h>
#include <grp.h>
#include <limits.h>
#include "pkt-line.h"
#include "cache.h"
#include "exec_cmd.h"
@ -19,13 +20,15 @@ static int verbose; @@ -19,13 +20,15 @@ static int verbose;
static int reuseaddr;

static const char daemon_usage[] =
"git-daemon [--verbose] [--syslog] [--inetd | --port=n] [--export-all]\n"
"git-daemon [--verbose] [--syslog] [--export-all]\n"
" [--timeout=n] [--init-timeout=n] [--strict-paths]\n"
" [--base-path=path] [--user-path | --user-path=path]\n"
" [--interpolated-path=path]\n"
" [--reuseaddr] [--detach] [--pid-file=file]\n"
" [--[enable|disable|allow-override|forbid-override]=service]\n"
" [--user=user [[--group=group]] [directory...]";
" [--inetd | [--listen=host_or_ipaddr] [--port=n]\n"
" [--user=user [--group=group]]\n"
" [directory...]";

/* List of acceptable pathname prefixes */
static char **ok_paths;
@ -56,13 +59,19 @@ static unsigned int init_timeout; @@ -56,13 +59,19 @@ static unsigned int init_timeout;
* Feel free to make dynamic as needed.
*/
#define INTERP_SLOT_HOST (0)
#define INTERP_SLOT_DIR (1)
#define INTERP_SLOT_PERCENT (2)
#define INTERP_SLOT_CANON_HOST (1)
#define INTERP_SLOT_IP (2)
#define INTERP_SLOT_PORT (3)
#define INTERP_SLOT_DIR (4)
#define INTERP_SLOT_PERCENT (5)

static struct interp interp_table[] = {
{ "%H", 0},
{ "%CH", 0},
{ "%IP", 0},
{ "%P", 0},
{ "%D", 0},
{ "%%", "%"},
{ "%%", 0},
};


@ -396,7 +405,11 @@ static void make_service_overridable(const char *name, int ena) { @@ -396,7 +405,11 @@ static void make_service_overridable(const char *name, int ena) {
die("No such service %s", name);
}

static void parse_extra_args(char *extra_args, int buflen)
/*
* Separate the "extra args" information as supplied by the client connection.
* Any resulting data is squirrelled away in the given interpolation table.
*/
static void parse_extra_args(struct interp *table, char *extra_args, int buflen)
{
char *val;
int vallen;
@ -408,16 +421,88 @@ static void parse_extra_args(char *extra_args, int buflen) @@ -408,16 +421,88 @@ static void parse_extra_args(char *extra_args, int buflen)
val = extra_args + 5;
vallen = strlen(val) + 1;
if (*val) {
char *save = xmalloc(vallen);
interp_table[INTERP_SLOT_HOST].value = save;
strlcpy(save, val, vallen);
/* Split <host>:<port> at colon. */
char *host = val;
char *port = strrchr(host, ':');
if (port) {
*port = 0;
port++;
interp_set_entry(table, INTERP_SLOT_PORT, port);
}
interp_set_entry(table, INTERP_SLOT_HOST, host);
}

/* On to the next one */
extra_args = val + vallen;
}
}
}

void fill_in_extra_table_entries(struct interp *itable)
{
char *hp;

/*
* Replace literal host with lowercase-ized hostname.
*/
hp = interp_table[INTERP_SLOT_HOST].value;
for ( ; *hp; hp++)
*hp = tolower(*hp);

/*
* Locate canonical hostname and its IP address.
*/
#ifndef NO_IPV6
{
struct addrinfo hints;
struct addrinfo *ai, *ai0;
int gai;
static char addrbuf[HOST_NAME_MAX + 1];

memset(&hints, 0, sizeof(hints));
hints.ai_flags = AI_CANONNAME;

gai = getaddrinfo(interp_table[INTERP_SLOT_HOST].value, 0, &hints, &ai0);
if (!gai) {
for (ai = ai0; ai; ai = ai->ai_next) {
struct sockaddr_in *sin_addr = (void *)ai->ai_addr;

inet_ntop(AF_INET, &sin_addr->sin_addr,
addrbuf, sizeof(addrbuf));
interp_set_entry(interp_table,
INTERP_SLOT_CANON_HOST, ai->ai_canonname);
interp_set_entry(interp_table,
INTERP_SLOT_IP, addrbuf);
break;
}
freeaddrinfo(ai0);
}
}
#else
{
struct hostent *hent;
struct sockaddr_in sa;
char **ap;
static char addrbuf[HOST_NAME_MAX + 1];

hent = gethostbyname(interp_table[INTERP_SLOT_HOST].value);

ap = hent->h_addr_list;
memset(&sa, 0, sizeof sa);
sa.sin_family = hent->h_addrtype;
sa.sin_port = htons(0);
memcpy(&sa.sin_addr, *ap, hent->h_length);

inet_ntop(hent->h_addrtype, &sa.sin_addr,
addrbuf, sizeof(addrbuf));

interp_set_entry(interp_table, INTERP_SLOT_CANON_HOST, hent->h_name);
interp_set_entry(interp_table, INTERP_SLOT_IP, addrbuf);
}
#endif
}


static int execute(struct sockaddr *addr)
{
static char line[1000];
@ -458,8 +543,16 @@ static int execute(struct sockaddr *addr) @@ -458,8 +543,16 @@ static int execute(struct sockaddr *addr)
if (len && line[len-1] == '\n')
line[--len] = 0;

if (len != pktlen)
parse_extra_args(line + len + 1, pktlen - len - 1);
/*
* Initialize the path interpolation table for this connection.
*/
interp_clear_table(interp_table, ARRAY_SIZE(interp_table));
interp_set_entry(interp_table, INTERP_SLOT_PERCENT, "%");

if (len != pktlen) {
parse_extra_args(interp_table, line + len + 1, pktlen - len - 1);
fill_in_extra_table_entries(interp_table);
}

for (i = 0; i < ARRAY_SIZE(daemon_service); i++) {
struct daemon_service *s = &(daemon_service[i]);
@ -467,7 +560,12 @@ static int execute(struct sockaddr *addr) @@ -467,7 +560,12 @@ static int execute(struct sockaddr *addr)
if (!strncmp("git-", line, 4) &&
!strncmp(s->name, line + 4, namelen) &&
line[namelen + 4] == ' ') {
interp_table[INTERP_SLOT_DIR].value = line+namelen+5;
/*
* Note: The directory here is probably context sensitive,
* and might depend on the actual service being performed.
*/
interp_set_entry(interp_table,
INTERP_SLOT_DIR, line + namelen + 5);
return run_service(interp_table, s);
}
}
@ -663,23 +761,22 @@ static int set_reuse_addr(int sockfd) @@ -663,23 +761,22 @@ static int set_reuse_addr(int sockfd)

#ifndef NO_IPV6

static int socksetup(int port, int **socklist_p)
static int socksetup(char *listen_addr, int listen_port, int **socklist_p)
{
int socknum = 0, *socklist = NULL;
int maxfd = -1;
char pbuf[NI_MAXSERV];

struct addrinfo hints, *ai0, *ai;
int gai;

sprintf(pbuf, "%d", port);
sprintf(pbuf, "%d", listen_port);
memset(&hints, 0, sizeof(hints));
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
hints.ai_protocol = IPPROTO_TCP;
hints.ai_flags = AI_PASSIVE;

gai = getaddrinfo(NULL, pbuf, &hints, &ai0);
gai = getaddrinfo(listen_addr, pbuf, &hints, &ai0);
if (gai)
die("getaddrinfo() failed: %s\n", gai_strerror(gai));

@ -733,20 +830,27 @@ static int socksetup(int port, int **socklist_p) @@ -733,20 +830,27 @@ static int socksetup(int port, int **socklist_p)

#else /* NO_IPV6 */

static int socksetup(int port, int **socklist_p)
static int socksetup(char *lisen_addr, int listen_port, int **socklist_p)
{
struct sockaddr_in sin;
int sockfd;

memset(&sin, 0, sizeof sin);
sin.sin_family = AF_INET;
sin.sin_port = htons(listen_port);

if (listen_addr) {
/* Well, host better be an IP address here. */
if (inet_pton(AF_INET, listen_addr, &sin.sin_addr.s_addr) <= 0)
return 0;
} else {
sin.sin_addr.s_addr = htonl(INADDR_ANY);
}

sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd < 0)
return 0;

memset(&sin, 0, sizeof sin);
sin.sin_family = AF_INET;
sin.sin_addr.s_addr = htonl(INADDR_ANY);
sin.sin_port = htons(port);

if (set_reuse_addr(sockfd)) {
close(sockfd);
return 0;
@ -855,13 +959,14 @@ static void store_pid(const char *path) @@ -855,13 +959,14 @@ static void store_pid(const char *path)
fclose(f);
}

static int serve(int port, struct passwd *pass, gid_t gid)
static int serve(char *listen_addr, int listen_port, struct passwd *pass, gid_t gid)
{
int socknum, *socklist;

socknum = socksetup(port, &socklist);
socknum = socksetup(listen_addr, listen_port, &socklist);
if (socknum == 0)
die("unable to allocate any listen sockets on port %u", port);
die("unable to allocate any listen sockets on host %s port %u",
listen_addr, listen_port);

if (pass && gid &&
(initgroups(pass->pw_name, gid) || setgid (gid) ||
@ -873,7 +978,8 @@ static int serve(int port, struct passwd *pass, gid_t gid) @@ -873,7 +978,8 @@ static int serve(int port, struct passwd *pass, gid_t gid)

int main(int argc, char **argv)
{
int port = DEFAULT_GIT_PORT;
int listen_port = 0;
char *listen_addr = NULL;
int inetd_mode = 0;
const char *pid_file = NULL, *user_name = NULL, *group_name = NULL;
int detach = 0;
@ -890,12 +996,20 @@ int main(int argc, char **argv) @@ -890,12 +996,20 @@ int main(int argc, char **argv)
for (i = 1; i < argc; i++) {
char *arg = argv[i];

if (!strncmp(arg, "--listen=", 9)) {
char *p = arg + 9;
char *ph = listen_addr = xmalloc(strlen(arg + 9) + 1);
while (*p)
*ph++ = tolower(*p++);
*ph = 0;
continue;
}
if (!strncmp(arg, "--port=", 7)) {
char *end;
unsigned long n;
n = strtoul(arg+7, &end, 0);
if (arg[7] && !*end) {
port = n;
listen_port = n;
continue;
}
}
@ -995,6 +1109,11 @@ int main(int argc, char **argv) @@ -995,6 +1109,11 @@ int main(int argc, char **argv)
if (inetd_mode && (group_name || user_name))
die("--user and --group are incompatible with --inetd");

if (inetd_mode && (listen_port || listen_addr))
die("--listen= and --port= are incompatible with --inetd");
else if (listen_port == 0)
listen_port = DEFAULT_GIT_PORT;

if (group_name && !user_name)
die("--group supplied without --user");

@ -1043,5 +1162,5 @@ int main(int argc, char **argv) @@ -1043,5 +1162,5 @@ int main(int argc, char **argv)
if (pid_file)
store_pid(pid_file);

return serve(port, pass, gid);
return serve(listen_addr, listen_port, pass, gid);
}

26
interpolate.c

@ -4,9 +4,35 @@ @@ -4,9 +4,35 @@

#include <string.h>

#include "git-compat-util.h"
#include "interpolate.h"


void interp_set_entry(struct interp *table, int slot, char *value)
{
char *oldval = table[slot].value;
char *newval = value;

if (oldval)
free(oldval);

if (value)
newval = xstrdup(value);

table[slot].value = newval;
}


void interp_clear_table(struct interp *table, int ninterps)
{
int i;

for (i = 0; i < ninterps; i++) {
interp_set_entry(table, i, NULL);
}
}


/*
* Convert a NUL-terminated string in buffer orig
* into the supplied buffer, result, whose length is reslen,

3
interpolate.h

@ -16,6 +16,9 @@ struct interp { @@ -16,6 +16,9 @@ struct interp {
char *value;
};

extern void interp_set_entry(struct interp *table, int slot, char *value);
extern void interp_clear_table(struct interp *table, int ninterps);

extern int interpolate(char *result, int reslen,
const char *orig,
const struct interp *interps, int ninterps);

Loading…
Cancel
Save