2008-07-07 22:22:15 +02:00
|
|
|
ServerName dummy
|
2008-02-27 20:28:45 +01:00
|
|
|
PidFile httpd.pid
|
|
|
|
DocumentRoot www
|
2009-01-17 16:11:51 +01:00
|
|
|
LogFormat "%h %l %u %t \"%r\" %>s %b" common
|
|
|
|
CustomLog access.log common
|
2008-02-27 20:28:45 +01:00
|
|
|
ErrorLog error.log
|
2009-03-11 12:47:06 +01:00
|
|
|
<IfModule !mod_log_config.c>
|
|
|
|
LoadModule log_config_module modules/mod_log_config.so
|
|
|
|
</IfModule>
|
2009-10-31 01:47:46 +01:00
|
|
|
<IfModule !mod_alias.c>
|
|
|
|
LoadModule alias_module modules/mod_alias.so
|
|
|
|
</IfModule>
|
2009-10-31 01:47:47 +01:00
|
|
|
<IfModule !mod_cgi.c>
|
|
|
|
LoadModule cgi_module modules/mod_cgi.so
|
|
|
|
</IfModule>
|
|
|
|
<IfModule !mod_env.c>
|
|
|
|
LoadModule env_module modules/mod_env.so
|
|
|
|
</IfModule>
|
2010-09-25 06:20:35 +02:00
|
|
|
<IfModule !mod_rewrite.c>
|
|
|
|
LoadModule rewrite_module modules/mod_rewrite.so
|
|
|
|
</IFModule>
|
2010-11-14 02:51:14 +01:00
|
|
|
<IfModule !mod_version.c>
|
|
|
|
LoadModule version_module modules/mod_version.so
|
|
|
|
</IfModule>
|
2013-07-24 00:40:17 +02:00
|
|
|
<IfModule !mod_headers.c>
|
|
|
|
LoadModule headers_module modules/mod_headers.so
|
|
|
|
</IfModule>
|
2010-11-14 02:51:14 +01:00
|
|
|
|
2013-06-21 20:12:51 +02:00
|
|
|
<IfVersion < 2.4>
|
|
|
|
LockFile accept.lock
|
|
|
|
</IfVersion>
|
|
|
|
|
2010-11-14 02:51:14 +01:00
|
|
|
<IfVersion < 2.1>
|
|
|
|
<IfModule !mod_auth.c>
|
|
|
|
LoadModule auth_module modules/mod_auth.so
|
|
|
|
</IfModule>
|
|
|
|
</IfVersion>
|
|
|
|
|
|
|
|
<IfVersion >= 2.1>
|
|
|
|
<IfModule !mod_auth_basic.c>
|
|
|
|
LoadModule auth_basic_module modules/mod_auth_basic.so
|
|
|
|
</IfModule>
|
|
|
|
<IfModule !mod_authn_file.c>
|
|
|
|
LoadModule authn_file_module modules/mod_authn_file.so
|
|
|
|
</IfModule>
|
|
|
|
<IfModule !mod_authz_user.c>
|
|
|
|
LoadModule authz_user_module modules/mod_authz_user.so
|
|
|
|
</IfModule>
|
2013-04-13 05:33:36 +02:00
|
|
|
<IfModule !mod_authz_host.c>
|
|
|
|
LoadModule authz_host_module modules/mod_authz_host.so
|
|
|
|
</IfModule>
|
2010-11-14 02:51:14 +01:00
|
|
|
</IfVersion>
|
2009-10-31 01:47:46 +01:00
|
|
|
|
2013-06-09 10:08:22 +02:00
|
|
|
<IfVersion >= 2.4>
|
|
|
|
<IfModule !mod_authn_core.c>
|
|
|
|
LoadModule authn_core_module modules/mod_authn_core.so
|
|
|
|
</IfModule>
|
|
|
|
<IfModule !mod_authz_core.c>
|
|
|
|
LoadModule authz_core_module modules/mod_authz_core.so
|
|
|
|
</IfModule>
|
2013-06-09 10:08:45 +02:00
|
|
|
<IfModule !mod_access_compat.c>
|
|
|
|
LoadModule access_compat_module modules/mod_access_compat.so
|
|
|
|
</IfModule>
|
2013-06-09 10:09:32 +02:00
|
|
|
<IfModule !mod_mpm_prefork.c>
|
|
|
|
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
|
|
|
|
</IfModule>
|
2015-05-11 13:54:17 +02:00
|
|
|
<IfModule !mod_unixd.c>
|
|
|
|
LoadModule unixd_module modules/mod_unixd.so
|
|
|
|
</IfModule>
|
2013-06-09 10:08:22 +02:00
|
|
|
</IfVersion>
|
|
|
|
|
2012-07-24 15:43:59 +02:00
|
|
|
PassEnv GIT_VALGRIND
|
|
|
|
PassEnv GIT_VALGRIND_OPTIONS
|
2014-09-15 23:59:00 +02:00
|
|
|
PassEnv GNUPGHOME
|
t: support clang/gcc AddressSanitizer
When git is compiled with "-fsanitize=address" (using clang
or gcc >= 4.8), all invocations of git will check for buffer
overflows. This is similar to running with valgrind, except
that it is more thorough (because of the compiler support,
function-local buffers can be checked, too) and runs much
faster (making it much less painful to run the whole test
suite with the checks turned on).
Unlike valgrind, the magic happens at compile-time, so we
don't need the same infrastructure in the test suite that we
did to support --valgrind. But there are two things we can
help with:
1. On some platforms, the leak-detector is on by default,
and causes every invocation of "git init" (and thus
every test script) to fail. Since running git with
the leak detector is pointless, let's shut it off
automatically in the tests, unless the user has already
configured it.
2. When apache runs a CGI, it clears the environment of
unknown variables. This means that the $ASAN_OPTIONS
config doesn't make it to git-http-backend, and it
dies due to the leak detector. Let's mark the variable
as OK for apache to pass.
With these two changes, running
make CC=clang CFLAGS=-fsanitize=address test
works out of the box.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-12-08 08:47:06 +01:00
|
|
|
PassEnv ASAN_OPTIONS
|
2015-03-13 05:51:15 +01:00
|
|
|
PassEnv GIT_TRACE
|
2016-03-16 01:56:52 +01:00
|
|
|
PassEnv GIT_CONFIG_NOSYSTEM
|
2012-07-24 15:43:59 +02:00
|
|
|
|
2009-10-31 01:47:46 +01:00
|
|
|
Alias /dumb/ www/
|
2012-08-27 15:24:42 +02:00
|
|
|
Alias /auth/dumb/ www/auth/dumb/
|
2008-02-27 20:28:45 +01:00
|
|
|
|
2012-08-27 15:25:21 +02:00
|
|
|
<LocationMatch /smart/>
|
2009-10-31 01:47:47 +01:00
|
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
2009-12-28 22:49:00 +01:00
|
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
2012-08-27 15:25:21 +02:00
|
|
|
</LocationMatch>
|
|
|
|
<LocationMatch /smart_noexport/>
|
2009-12-28 22:49:00 +01:00
|
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
2012-08-27 15:25:21 +02:00
|
|
|
</LocationMatch>
|
|
|
|
<LocationMatch /smart_custom_env/>
|
2012-03-30 09:01:30 +02:00
|
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
|
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
|
|
SetEnv GIT_COMMITTER_NAME "Custom User"
|
|
|
|
SetEnv GIT_COMMITTER_EMAIL custom@example.com
|
2012-08-27 15:25:21 +02:00
|
|
|
</LocationMatch>
|
2013-04-10 02:55:08 +02:00
|
|
|
<LocationMatch /smart_namespace/>
|
|
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
|
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
|
|
SetEnv GIT_NAMESPACE ns
|
|
|
|
</LocationMatch>
|
2013-07-24 00:40:17 +02:00
|
|
|
<LocationMatch /smart_cookies/>
|
|
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
|
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
|
|
Header set Set-Cookie name=value
|
|
|
|
</LocationMatch>
|
2012-08-27 15:25:21 +02:00
|
|
|
ScriptAliasMatch /smart_*[^/]*/(.*) ${GIT_EXEC_PATH}/git-http-backend/$1
|
2013-01-31 22:02:07 +01:00
|
|
|
ScriptAlias /broken_smart/ broken-smart-http.sh/
|
2014-05-22 11:29:03 +02:00
|
|
|
ScriptAlias /error/ error.sh/
|
2009-10-31 01:47:47 +01:00
|
|
|
<Directory ${GIT_EXEC_PATH}>
|
2012-07-24 15:43:59 +02:00
|
|
|
Options FollowSymlinks
|
2009-10-31 01:47:47 +01:00
|
|
|
</Directory>
|
2013-01-31 22:02:07 +01:00
|
|
|
<Files broken-smart-http.sh>
|
|
|
|
Options ExecCGI
|
|
|
|
</Files>
|
2014-05-22 11:29:03 +02:00
|
|
|
<Files error.sh>
|
|
|
|
Options ExecCGI
|
|
|
|
</Files>
|
2009-10-31 01:47:47 +01:00
|
|
|
<Files ${GIT_EXEC_PATH}/git-http-backend>
|
|
|
|
Options ExecCGI
|
|
|
|
</Files>
|
|
|
|
|
2010-09-25 06:20:35 +02:00
|
|
|
RewriteEngine on
|
|
|
|
RewriteRule ^/smart-redir-perm/(.*)$ /smart/$1 [R=301]
|
|
|
|
RewriteRule ^/smart-redir-temp/(.*)$ /smart/$1 [R=302]
|
remote-curl: rewrite base url from info/refs redirects
For efficiency and security reasons, an earlier commit in
this series taught http_get_* to re-write the base url based
on redirections we saw while making a specific request.
This commit wires that option into the info/refs request,
meaning that a redirect from
http://example.com/foo.git/info/refs
to
https://example.com/bar.git/info/refs
will behave as if "https://example.com/bar.git" had been
provided to git in the first place.
The tests bear some explanation. We introduce two new
hierearchies into the httpd test config:
1. Requests to /smart-redir-limited will work only for the
initial info/refs request, but not any subsequent
requests. As a result, we can confirm whether the
client is re-rooting its requests after the initial
contact, since otherwise it will fail (it will ask for
"repo.git/git-upload-pack", which is not redirected).
2. Requests to smart-redir-auth will redirect, and require
auth after the redirection. Since we are using the
redirected base for further requests, we also update
the credential struct, in order not to mislead the user
(or credential helpers) about which credential is
needed. We can therefore check the GIT_ASKPASS prompts
to make sure we are prompting for the new location.
Because we have neither multiple servers nor https
support in our test setup, we can only redirect between
paths, meaning we need to turn on
credential.useHttpPath to see the difference.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2013-09-28 10:35:35 +02:00
|
|
|
RewriteRule ^/smart-redir-auth/(.*)$ /auth/smart/$1 [R=301]
|
|
|
|
RewriteRule ^/smart-redir-limited/(.*)/info/refs$ /smart/$1/info/refs [R=301]
|
http: limit redirection to protocol-whitelist
Previously, libcurl would follow redirection to any protocol
it was compiled for support with. This is desirable to allow
redirection from HTTP to HTTPS. However, it would even
successfully allow redirection from HTTP to SFTP, a protocol
that git does not otherwise support at all. Furthermore
git's new protocol-whitelisting could be bypassed by
following a redirect within the remote helper, as it was
only enforced at transport selection time.
This patch limits redirects within libcurl to HTTP, HTTPS,
FTP and FTPS. If there is a protocol-whitelist present, this
list is limited to those also allowed by the whitelist. As
redirection happens from within libcurl, it is impossible
for an HTTP redirect to a protocol implemented within
another remote helper.
When the curl version git was compiled with is too old to
support restrictions on protocol redirection, we warn the
user if GIT_ALLOW_PROTOCOL restrictions were requested. This
is a little inaccurate, as even without that variable in the
environment, we would still restrict SFTP, etc, and we do
not warn in that case. But anything else means we would
literally warn every time git accesses an http remote.
This commit includes a test, but it is not as robust as we
would hope. It redirects an http request to ftp, and checks
that curl complained about the protocol, which means that we
are relying on curl's specific error message to know what
happened. Ideally we would redirect to a working ftp server
and confirm that we can clone without protocol restrictions,
and not with them. But we do not have a portable way of
providing an ftp server, nor any other protocol that curl
supports (https is the closest, but we would have to deal
with certificates).
[jk: added test and version warning]
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-09-23 00:06:04 +02:00
|
|
|
RewriteRule ^/ftp-redir/(.*)$ ftp://localhost:1000/$1 [R=302]
|
2010-09-25 06:20:35 +02:00
|
|
|
|
2015-09-23 00:06:20 +02:00
|
|
|
RewriteRule ^/loop-redir/x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-(.*) /$1 [R=302]
|
|
|
|
RewriteRule ^/loop-redir/(.*)$ /loop-redir/x-$1 [R=302]
|
|
|
|
|
2008-02-27 20:28:45 +01:00
|
|
|
<IfDefine SSL>
|
|
|
|
LoadModule ssl_module modules/mod_ssl.so
|
|
|
|
|
|
|
|
SSLCertificateFile httpd.pem
|
|
|
|
SSLCertificateKeyFile httpd.pem
|
|
|
|
SSLRandomSeed startup file:/dev/urandom 512
|
|
|
|
SSLRandomSeed connect file:/dev/urandom 512
|
|
|
|
SSLSessionCache none
|
|
|
|
SSLMutex file:ssl_mutex
|
|
|
|
SSLEngine On
|
|
|
|
</IfDefine>
|
|
|
|
|
2010-11-14 02:51:14 +01:00
|
|
|
<Location /auth/>
|
|
|
|
AuthType Basic
|
|
|
|
AuthName "git-auth"
|
|
|
|
AuthUserFile passwd
|
|
|
|
Require valid-user
|
|
|
|
</Location>
|
|
|
|
|
2012-08-27 15:25:53 +02:00
|
|
|
<LocationMatch "^/auth-push/.*/git-receive-pack$">
|
|
|
|
AuthType Basic
|
|
|
|
AuthName "git-auth"
|
|
|
|
AuthUserFile passwd
|
|
|
|
Require valid-user
|
|
|
|
</LocationMatch>
|
|
|
|
|
remote-curl: retry failed requests for auth even with gzip
Commit b81401c taught the post_rpc function to retry the
http request after prompting for credentials. However, it
did not handle two cases:
1. If we have a large request, we do not retry. That's OK,
since we would have sent a probe (with retry) already.
2. If we are gzipping the request, we do not retry. That
was considered OK, because the intended use was for
push (e.g., listing refs is OK, but actually pushing
objects is not), and we never gzip on push.
This patch teaches post_rpc to retry even a gzipped request.
This has two advantages:
1. It is possible to configure a "half-auth" state for
fetching, where the set of refs and their sha1s are
advertised, but one cannot actually fetch objects.
This is not a recommended configuration, as it leaks
some information about what is in the repository (e.g.,
an attacker can try brute-forcing possible content in
your repository and checking whether it matches your
branch sha1). However, it can be slightly more
convenient, since a no-op fetch will not require a
password at all.
2. It future-proofs us should we decide to ever gzip more
requests.
Signed-off-by: Jeff King <peff@peff.net>
2012-10-31 12:29:16 +01:00
|
|
|
<LocationMatch "^/auth-fetch/.*/git-upload-pack$">
|
|
|
|
AuthType Basic
|
|
|
|
AuthName "git-auth"
|
|
|
|
AuthUserFile passwd
|
|
|
|
Require valid-user
|
|
|
|
</LocationMatch>
|
|
|
|
|
2013-04-13 05:33:36 +02:00
|
|
|
RewriteCond %{QUERY_STRING} service=git-receive-pack [OR]
|
|
|
|
RewriteCond %{REQUEST_URI} /git-receive-pack$
|
|
|
|
RewriteRule ^/half-auth-complete/ - [E=AUTHREQUIRED:yes]
|
|
|
|
|
|
|
|
<Location /half-auth-complete/>
|
|
|
|
Order Deny,Allow
|
|
|
|
Deny from env=AUTHREQUIRED
|
|
|
|
|
|
|
|
AuthType Basic
|
|
|
|
AuthName "Git Access"
|
|
|
|
AuthUserFile passwd
|
|
|
|
Require valid-user
|
|
|
|
Satisfy Any
|
|
|
|
</Location>
|
|
|
|
|
2008-02-27 20:28:45 +01:00
|
|
|
<IfDefine DAV>
|
|
|
|
LoadModule dav_module modules/mod_dav.so
|
|
|
|
LoadModule dav_fs_module modules/mod_dav_fs.so
|
|
|
|
|
|
|
|
DAVLockDB DAVLock
|
2009-10-31 01:47:46 +01:00
|
|
|
<Location /dumb/>
|
2008-02-27 20:28:45 +01:00
|
|
|
Dav on
|
|
|
|
</Location>
|
2011-12-13 21:17:04 +01:00
|
|
|
<Location /auth/dumb>
|
|
|
|
Dav on
|
|
|
|
</Location>
|
2008-02-27 20:28:45 +01:00
|
|
|
</IfDefine>
|
|
|
|
|
|
|
|
<IfDefine SVN>
|
|
|
|
LoadModule dav_svn_module modules/mod_dav_svn.so
|
|
|
|
|
|
|
|
<Location /svn>
|
|
|
|
DAV svn
|
|
|
|
SVNPath svnrepo
|
|
|
|
</Location>
|
|
|
|
</IfDefine>
|