#include "exec_cmd.h"
#include "run-command.h"
#include "strbuf.h"
+#include "string-list.h"
#include <syslog.h>
static const char daemon_usage[] =
"git daemon [--verbose] [--syslog] [--export-all]\n"
-" [--timeout=n] [--init-timeout=n] [--max-connections=n]\n"
-" [--strict-paths] [--base-path=path] [--base-path-relaxed]\n"
-" [--user-path | --user-path=path]\n"
-" [--interpolated-path=path]\n"
-" [--reuseaddr] [--detach] [--pid-file=file]\n"
-" [--[enable|disable|allow-override|forbid-override]=service]\n"
-" [--inetd | [--listen=host_or_ipaddr] [--port=n]\n"
-" [--user=user [--group=group]]\n"
-" [directory...]";
+" [--timeout=<n>] [--init-timeout=<n>] [--max-connections=<n>]\n"
+" [--strict-paths] [--base-path=<path>] [--base-path-relaxed]\n"
+" [--user-path | --user-path=<path>]\n"
+" [--interpolated-path=<path>]\n"
+" [--reuseaddr] [--detach] [--pid-file=<file>]\n"
+" [--(enable|disable|allow-override|forbid-override)=<service>]\n"
+" [--inetd | [--listen=<host_or_ipaddr>] [--port=<n>]\n"
+" [--user=<user> [--group=<group>]]\n"
+" [<directory>...]";
/* List of acceptable pathname prefixes */
static char **ok_paths;
}
else if (interpolated_path && saw_extended_args) {
struct strbuf expanded_path = STRBUF_INIT;
- struct strbuf_expand_dict_entry dict[] = {
- { "H", hostname },
- { "CH", canon_hostname },
- { "IP", ip_address },
- { "P", tcp_port },
- { "D", directory },
- { "%", "%" },
- { NULL }
- };
-
+ struct strbuf_expand_dict_entry dict[6];
+
+ dict[0].placeholder = "H"; dict[0].value = hostname;
+ dict[1].placeholder = "CH"; dict[1].value = canon_hostname;
+ dict[2].placeholder = "IP"; dict[2].value = ip_address;
+ dict[3].placeholder = "P"; dict[3].value = tcp_port;
+ dict[4].placeholder = "D"; dict[4].value = directory;
+ dict[5].placeholder = NULL; dict[5].value = NULL;
if (*dir != '/') {
/* Allow only absolute */
logerror("'%s': Non-absolute path denied (interpolated-path active)", dir);
{
/* Timeout as string */
char timeout_buf[64];
- const char *argv[] = { "upload-pack", "--strict", timeout_buf, ".", NULL };
+ const char *argv[] = { "upload-pack", "--strict", NULL, ".", NULL };
+
+ argv[2] = timeout_buf;
snprintf(timeout_buf, sizeof timeout_buf, "--timeout=%u", timeout);
return run_service_command(argv);
return dup;
}
+static void parse_host_and_port(char *hostport, char **host,
+ char **port)
+{
+ if (*hostport == '[') {
+ char *end;
+
+ end = strchr(hostport, ']');
+ if (!end)
+ die("Invalid request ('[' without ']')");
+ *end = '\0';
+ *host = hostport + 1;
+ if (!end[1])
+ *port = NULL;
+ else if (end[1] == ':')
+ *port = end + 2;
+ else
+ die("Garbage after end of host part");
+ } else {
+ *host = hostport;
+ *port = strrchr(hostport, ':');
+ if (*port) {
+ **port = '\0';
+ ++*port;
+ }
+ }
+}
+
/*
* Read the host as supplied by the client connection.
*/
vallen = strlen(val) + 1;
if (*val) {
/* Split <host>:<port> at colon. */
- char *host = val;
- char *port = strrchr(host, ':');
+ char *host;
+ char *port;
+ parse_host_and_port(val, &host, &port);
if (port) {
- *port = 0;
- port++;
free(tcp_port);
tcp_port = xstrdup(port);
}
return -1;
}
+static int addrcmp(const struct sockaddr_storage *s1,
+ const struct sockaddr_storage *s2)
+{
+ const struct sockaddr *sa1 = (const struct sockaddr*) s1;
+ const struct sockaddr *sa2 = (const struct sockaddr*) s2;
+
+ if (sa1->sa_family != sa2->sa_family)
+ return sa1->sa_family - sa2->sa_family;
+ if (sa1->sa_family == AF_INET)
+ return memcmp(&((struct sockaddr_in *)s1)->sin_addr,
+ &((struct sockaddr_in *)s2)->sin_addr,
+ sizeof(struct in_addr));
+#ifndef NO_IPV6
+ if (sa1->sa_family == AF_INET6)
+ return memcmp(&((struct sockaddr_in6 *)s1)->sin6_addr,
+ &((struct sockaddr_in6 *)s2)->sin6_addr,
+ sizeof(struct in6_addr));
+#endif
+ return 0;
+}
+
static int max_connections = 32;
static unsigned int live_children;
{
struct child *newborn, **cradle;
- /*
- * This must be xcalloc() -- we'll compare the whole sockaddr_storage
- * but individual address may be shorter.
- */
newborn = xcalloc(1, sizeof(*newborn));
live_children++;
newborn->pid = pid;
memcpy(&newborn->address, addr, addrlen);
for (cradle = &firstborn; *cradle; cradle = &(*cradle)->next)
- if (!memcmp(&(*cradle)->address, &newborn->address,
- sizeof(newborn->address)))
+ if (!addrcmp(&(*cradle)->address, &newborn->address))
break;
newborn->next = *cradle;
*cradle = newborn;
return;
for (; (next = blanket->next); blanket = next)
- if (!memcmp(&blanket->address, &next->address,
- sizeof(next->address))) {
+ if (!addrcmp(&blanket->address, &next->address)) {
kill(blanket->pid, SIGTERM);
break;
}
&on, sizeof(on));
}
+struct socketlist {
+ int *list;
+ size_t nr;
+ size_t alloc;
+};
+
#ifndef NO_IPV6
-static int socksetup(char *listen_addr, int listen_port, int **socklist_p)
+static int setup_named_sock(char *listen_addr, int listen_port, struct socketlist *socklist)
{
- int socknum = 0, *socklist = NULL;
+ int socknum = 0;
int maxfd = -1;
char pbuf[NI_MAXSERV];
struct addrinfo hints, *ai0, *ai;
hints.ai_flags = AI_PASSIVE;
gai = getaddrinfo(listen_addr, pbuf, &hints, &ai0);
- if (gai)
- die("getaddrinfo() failed: %s", gai_strerror(gai));
+ if (gai) {
+ logerror("getaddrinfo() for %s failed: %s", listen_addr, gai_strerror(gai));
+ return 0;
+ }
for (ai = ai0; ai; ai = ai->ai_next) {
int sockfd;
if (flags >= 0)
fcntl(sockfd, F_SETFD, flags | FD_CLOEXEC);
- socklist = xrealloc(socklist, sizeof(int) * (socknum + 1));
- socklist[socknum++] = sockfd;
+ ALLOC_GROW(socklist->list, socklist->nr + 1, socklist->alloc);
+ socklist->list[socklist->nr++] = sockfd;
+ socknum++;
if (maxfd < sockfd)
maxfd = sockfd;
freeaddrinfo(ai0);
- *socklist_p = socklist;
return socknum;
}
#else /* NO_IPV6 */
-static int socksetup(char *listen_addr, int listen_port, int **socklist_p)
+static int setup_named_sock(char *listen_addr, int listen_port, struct socketlist *socklist)
{
struct sockaddr_in sin;
int sockfd;
if (flags >= 0)
fcntl(sockfd, F_SETFD, flags | FD_CLOEXEC);
- *socklist_p = xmalloc(sizeof(int));
- **socklist_p = sockfd;
+ ALLOC_GROW(socklist->list, socklist->nr + 1, socklist->alloc);
+ socklist->list[socklist->nr++] = sockfd;
return 1;
}
#endif
-static int service_loop(int socknum, int *socklist)
+static void socksetup(struct string_list *listen_addr, int listen_port, struct socketlist *socklist)
+{
+ if (!listen_addr->nr)
+ setup_named_sock(NULL, listen_port, socklist);
+ else {
+ int i, socknum;
+ for (i = 0; i < listen_addr->nr; i++) {
+ socknum = setup_named_sock(listen_addr->items[i].string,
+ listen_port, socklist);
+
+ if (socknum == 0)
+ logerror("unable to allocate any listen sockets for host %s on port %u",
+ listen_addr->items[i].string, listen_port);
+ }
+ }
+}
+
+static int service_loop(struct socketlist *socklist)
{
struct pollfd *pfd;
int i;
- pfd = xcalloc(socknum, sizeof(struct pollfd));
+ pfd = xcalloc(socklist->nr, sizeof(struct pollfd));
- for (i = 0; i < socknum; i++) {
- pfd[i].fd = socklist[i];
+ for (i = 0; i < socklist->nr; i++) {
+ pfd[i].fd = socklist->list[i];
pfd[i].events = POLLIN;
}
check_dead_children();
- if (poll(pfd, socknum, -1) < 0) {
+ if (poll(pfd, socklist->nr, -1) < 0) {
if (errno != EINTR) {
logerror("Poll failed, resuming: %s",
strerror(errno));
continue;
}
- for (i = 0; i < socknum; i++) {
+ for (i = 0; i < socklist->nr; i++) {
if (pfd[i].revents & POLLIN) {
struct sockaddr_storage ss;
unsigned int sslen = sizeof(ss);
die_errno("failed to write pid file '%s'", path);
}
-static int serve(char *listen_addr, int listen_port, struct passwd *pass, gid_t gid)
+static int serve(struct string_list *listen_addr, int listen_port, struct passwd *pass, gid_t gid)
{
- int socknum, *socklist;
+ struct socketlist socklist = { NULL, 0, 0 };
- socknum = socksetup(listen_addr, listen_port, &socklist);
- if (socknum == 0)
- die("unable to allocate any listen sockets on host %s port %u",
- listen_addr, listen_port);
+ socksetup(listen_addr, listen_port, &socklist);
+ if (socklist.nr == 0)
+ die("unable to allocate any listen sockets on port %u",
+ listen_port);
if (pass && gid &&
(initgroups(pass->pw_name, gid) || setgid (gid) ||
setuid(pass->pw_uid)))
die("cannot drop privileges");
- return service_loop(socknum, socklist);
+ return service_loop(&socklist);
}
int main(int argc, char **argv)
{
int listen_port = 0;
- char *listen_addr = NULL;
+ struct string_list listen_addr = STRING_LIST_INIT_NODUP;
int inetd_mode = 0;
const char *pid_file = NULL, *user_name = NULL, *group_name = NULL;
int detach = 0;
char *arg = argv[i];
if (!prefixcmp(arg, "--listen=")) {
- listen_addr = xstrdup_tolower(arg + 9);
+ string_list_append(&listen_addr, xstrdup_tolower(arg + 9));
continue;
}
if (!prefixcmp(arg, "--port=")) {
if (inetd_mode && (group_name || user_name))
die("--user and --group are incompatible with --inetd");
- if (inetd_mode && (listen_port || listen_addr))
+ if (inetd_mode && (listen_port || (listen_addr.nr > 0)))
die("--listen= and --port= are incompatible with --inetd");
else if (listen_port == 0)
listen_port = DEFAULT_GIT_PORT;
if (pid_file)
store_pid(pid_file);
- return serve(listen_addr, listen_port, pass, gid);
+ return serve(&listen_addr, listen_port, pass, gid);
}