Smart-http: check if repository is OK to export before serving it

Similar to how git-daemon checks whether a repository is OK to be
exported, smart-http should also check.  This check can be satisfied
in two different ways: the environmental variable GIT_HTTP_EXPORT_ALL
may be set to export all repositories, or the individual repository
may have the file git-daemon-export-ok.

Acked-by: Shawn O. Pearce <spearce@spearce.org>
Signed-off-by: Tarmigan Casebolt <tarmigan+git@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Tarmigan Casebolt 2009-12-28 16:49:00 -05:00 committed by Junio C Hamano
parent 902f235378
commit 8b2bd7cdac
4 changed files with 55 additions and 2 deletions

View File

@ -18,6 +18,11 @@ The program supports clients fetching using both the smart HTTP protcol
and the backwards-compatible dumb HTTP protocol, as well as clients and the backwards-compatible dumb HTTP protocol, as well as clients
pushing using the smart HTTP protocol. pushing using the smart HTTP protocol.
It verifies that the directory has the magic file
"git-daemon-export-ok", and it will refuse to export any git directory
that hasn't explicitly been marked for export this way (unless the
GIT_HTTP_EXPORT_ALL environmental variable is set).
By default, only the `upload-pack` service is enabled, which serves By default, only the `upload-pack` service is enabled, which serves
'git-fetch-pack' and 'git-ls-remote' clients, which are invoked from 'git-fetch-pack' and 'git-ls-remote' clients, which are invoked from
'git-fetch', 'git-pull', and 'git-clone'. If the client is authenticated, 'git-fetch', 'git-pull', and 'git-clone'. If the client is authenticated,
@ -70,6 +75,7 @@ Apache 2.x::
+ +
---------------------------------------------------------------- ----------------------------------------------------------------
SetEnv GIT_PROJECT_ROOT /var/www/git SetEnv GIT_PROJECT_ROOT /var/www/git
SetEnv GIT_HTTP_EXPORT_ALL
ScriptAlias /git/ /usr/libexec/git-core/git-http-backend/ ScriptAlias /git/ /usr/libexec/git-core/git-http-backend/
---------------------------------------------------------------- ----------------------------------------------------------------
+ +
@ -157,6 +163,10 @@ by the invoking web server, including:
* QUERY_STRING * QUERY_STRING
* REQUEST_METHOD * REQUEST_METHOD
The GIT_HTTP_EXPORT_ALL environmental variable may be passed to
'git-http-backend' to bypass the check for the "git-daemon-export-ok"
file in each repository before allowing export of that repository.
The backend process sets GIT_COMMITTER_NAME to '$REMOTE_USER' and The backend process sets GIT_COMMITTER_NAME to '$REMOTE_USER' and
GIT_COMMITTER_EMAIL to '$\{REMOTE_USER}@http.$\{REMOTE_ADDR\}', GIT_COMMITTER_EMAIL to '$\{REMOTE_USER}@http.$\{REMOTE_ADDR\}',
ensuring that any reflogs created by 'git-receive-pack' contain some ensuring that any reflogs created by 'git-receive-pack' contain some

View File

@ -648,6 +648,9 @@ int main(int argc, char **argv)
setup_path(); setup_path();
if (!enter_repo(dir, 0)) if (!enter_repo(dir, 0))
not_found("Not a git repository: '%s'", dir); not_found("Not a git repository: '%s'", dir);
if (!getenv("GIT_HTTP_EXPORT_ALL") &&
access("git-daemon-export-ok", F_OK) )
not_found("Repository not exported: '%s'", dir);
git_config(http_config, NULL); git_config(http_config, NULL);
cmd->imp(cmd_arg); cmd->imp(cmd_arg);

View File

@ -22,8 +22,13 @@ Alias /dumb/ www/
<Location /smart/> <Location /smart/>
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH} SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
SetEnv GIT_HTTP_EXPORT_ALL
</Location>
<Location /smart_noexport/>
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
</Location> </Location>
ScriptAlias /smart/ ${GIT_EXEC_PATH}/git-http-backend/ ScriptAlias /smart/ ${GIT_EXEC_PATH}/git-http-backend/
ScriptAlias /smart_noexport/ ${GIT_EXEC_PATH}/git-http-backend/
<Directory ${GIT_EXEC_PATH}> <Directory ${GIT_EXEC_PATH}>
Options None Options None
</Directory> </Directory>

View File

@ -23,7 +23,7 @@ config() {
} }
GET() { GET() {
curl --include "$HTTPD_URL/smart/repo.git/$1" >out 2>/dev/null && curl --include "$HTTPD_URL/$SMART/repo.git/$1" >out 2>/dev/null &&
tr '\015' Q <out | tr '\015' Q <out |
sed ' sed '
s/Q$// s/Q$//
@ -91,6 +91,7 @@ get_static_files() {
GET $IDX_URL "$1" GET $IDX_URL "$1"
} }
SMART=smart
test_expect_success 'direct refs/heads/master not found' ' test_expect_success 'direct refs/heads/master not found' '
log_div "refs/heads/master" log_div "refs/heads/master"
GET refs/heads/master "404 Not Found" GET refs/heads/master "404 Not Found"
@ -99,6 +100,19 @@ test_expect_success 'static file is ok' '
log_div "getanyfile default" log_div "getanyfile default"
get_static_files "200 OK" get_static_files "200 OK"
' '
SMART=smart_noexport
test_expect_success 'no export by default' '
log_div "no git-daemon-export-ok"
get_static_files "404 Not Found"
'
test_expect_success 'export if git-daemon-export-ok' '
log_div "git-daemon-export-ok"
(cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
touch git-daemon-export-ok
) &&
get_static_files "200 OK"
'
SMART=smart
test_expect_success 'static file if http.getanyfile true is ok' ' test_expect_success 'static file if http.getanyfile true is ok' '
log_div "getanyfile true" log_div "getanyfile true"
config http.getanyfile true && config http.getanyfile true &&
@ -145,7 +159,6 @@ test_expect_success 'http.receivepack false' '
GET info/refs?service=git-receive-pack "403 Forbidden" && GET info/refs?service=git-receive-pack "403 Forbidden" &&
POST git-receive-pack 0000 "403 Forbidden" POST git-receive-pack 0000 "403 Forbidden"
' '
run_backend() { run_backend() {
REQUEST_METHOD=GET \ REQUEST_METHOD=GET \
GIT_PROJECT_ROOT="$HTTPD_DOCUMENT_ROOT_PATH" \ GIT_PROJECT_ROOT="$HTTPD_DOCUMENT_ROOT_PATH" \
@ -194,6 +207,28 @@ GET /smart/repo.git/$LOOSE_URL HTTP/1.1 200
GET /smart/repo.git/$PACK_URL HTTP/1.1 200 GET /smart/repo.git/$PACK_URL HTTP/1.1 200
GET /smart/repo.git/$IDX_URL HTTP/1.1 200 GET /smart/repo.git/$IDX_URL HTTP/1.1 200
### no git-daemon-export-ok
###
GET /smart_noexport/repo.git/HEAD HTTP/1.1 404 -
GET /smart_noexport/repo.git/info/refs HTTP/1.1 404 -
GET /smart_noexport/repo.git/objects/info/packs HTTP/1.1 404 -
GET /smart_noexport/repo.git/objects/info/alternates HTTP/1.1 404 -
GET /smart_noexport/repo.git/objects/info/http-alternates HTTP/1.1 404 -
GET /smart_noexport/repo.git/$LOOSE_URL HTTP/1.1 404 -
GET /smart_noexport/repo.git/$PACK_URL HTTP/1.1 404 -
GET /smart_noexport/repo.git/$IDX_URL HTTP/1.1 404 -
### git-daemon-export-ok
###
GET /smart_noexport/repo.git/HEAD HTTP/1.1 200
GET /smart_noexport/repo.git/info/refs HTTP/1.1 200
GET /smart_noexport/repo.git/objects/info/packs HTTP/1.1 200
GET /smart_noexport/repo.git/objects/info/alternates HTTP/1.1 200 -
GET /smart_noexport/repo.git/objects/info/http-alternates HTTP/1.1 200 -
GET /smart_noexport/repo.git/$LOOSE_URL HTTP/1.1 200
GET /smart_noexport/repo.git/$PACK_URL HTTP/1.1 200
GET /smart_noexport/repo.git/$IDX_URL HTTP/1.1 200
### getanyfile true ### getanyfile true
### ###
GET /smart/repo.git/HEAD HTTP/1.1 200 GET /smart/repo.git/HEAD HTTP/1.1 200