Merge branch 'jk/daemon-msgs'
* jk/daemon-msgs: daemon: give friendlier error messages to clients Conflicts: daemon.c
This commit is contained in:
Junio C Hamano
commit
e75a59adfc
@ -161,6 +161,16 @@ the facility of inet daemon to achieve the same before spawning
|
|||||||
repository configuration. By default, all the services
|
repository configuration. By default, all the services
|
||||||
are overridable.
|
are overridable.
|
||||||
|
|
||||||
|
--informative-errors::
|
||||||
|
--no-informative-errors::
|
||||||
|
When informative errors are turned on, git-daemon will report
|
||||||
|
more verbose errors to the client, differentiating conditions
|
||||||
|
like "no such repository" from "repository not exported". This
|
||||||
|
is more convenient for clients, but may leak information about
|
||||||
|
the existence of unexported repositories. When informative
|
||||||
|
errors are not enabled, all errors report "access denied" to the
|
||||||
|
client. The default is --no-informative-errors.
|
||||||
|
|
||||||
<directory>::
|
<directory>::
|
||||||
A directory to add to the whitelist of allowed directories. Unless
|
A directory to add to the whitelist of allowed directories. Unless
|
||||||
--strict-paths is specified this will also include subdirectories
|
--strict-paths is specified this will also include subdirectories
|
||||||
|
|||||||
29
daemon.c
29
daemon.c
@ -20,6 +20,7 @@
|
|||||||
static int log_syslog;
|
static int log_syslog;
|
||||||
static int verbose;
|
static int verbose;
|
||||||
static int reuseaddr;
|
static int reuseaddr;
|
||||||
|
static int informative_errors;
|
||||||
|
|
||||||
static const char daemon_usage[] =
|
static const char daemon_usage[] =
|
||||||
"git daemon [--verbose] [--syslog] [--export-all]\n"
|
"git daemon [--verbose] [--syslog] [--export-all]\n"
|
||||||
@ -247,6 +248,14 @@ static int git_daemon_config(const char *var, const char *value, void *cb)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int daemon_error(const char *dir, const char *msg)
|
||||||
|
{
|
||||||
|
if (!informative_errors)
|
||||||
|
msg = "access denied or repository not exported";
|
||||||
|
packet_write(1, "ERR %s: %s", msg, dir);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
static int run_service(char *dir, struct daemon_service *service)
|
static int run_service(char *dir, struct daemon_service *service)
|
||||||
{
|
{
|
||||||
const char *path;
|
const char *path;
|
||||||
@ -257,11 +266,11 @@ static int run_service(char *dir, struct daemon_service *service)
|
|||||||
if (!enabled && !service->overridable) {
|
if (!enabled && !service->overridable) {
|
||||||
logerror("'%s': service not enabled.", service->name);
|
logerror("'%s': service not enabled.", service->name);
|
||||||
errno = EACCES;
|
errno = EACCES;
|
||||||
goto failed;
|
return daemon_error(dir, "service not enabled");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(path = path_ok(dir)))
|
if (!(path = path_ok(dir)))
|
||||||
goto failed;
|
return daemon_error(dir, "no such repository");
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Security on the cheap.
|
* Security on the cheap.
|
||||||
@ -277,7 +286,7 @@ static int run_service(char *dir, struct daemon_service *service)
|
|||||||
if (!export_all_trees && access("git-daemon-export-ok", F_OK)) {
|
if (!export_all_trees && access("git-daemon-export-ok", F_OK)) {
|
||||||
logerror("'%s': repository not exported.", path);
|
logerror("'%s': repository not exported.", path);
|
||||||
errno = EACCES;
|
errno = EACCES;
|
||||||
goto failed;
|
return daemon_error(dir, "repository not exported");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (service->overridable) {
|
if (service->overridable) {
|
||||||
@ -291,7 +300,7 @@ static int run_service(char *dir, struct daemon_service *service)
|
|||||||
logerror("'%s': service not enabled for '%s'",
|
logerror("'%s': service not enabled for '%s'",
|
||||||
service->name, path);
|
service->name, path);
|
||||||
errno = EACCES;
|
errno = EACCES;
|
||||||
goto failed;
|
return daemon_error(dir, "service not enabled");
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -301,10 +310,6 @@ static int run_service(char *dir, struct daemon_service *service)
|
|||||||
signal(SIGTERM, SIG_IGN);
|
signal(SIGTERM, SIG_IGN);
|
||||||
|
|
||||||
return service->fn();
|
return service->fn();
|
||||||
|
|
||||||
failed:
|
|
||||||
packet_write(1, "ERR %s: access denied", dir);
|
|
||||||
return -1;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static void copy_to_log(int fd)
|
static void copy_to_log(int fd)
|
||||||
@ -1208,6 +1213,14 @@ int main(int argc, char **argv)
|
|||||||
make_service_overridable(arg + 18, 0);
|
make_service_overridable(arg + 18, 0);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
if (!prefixcmp(arg, "--informative-errors")) {
|
||||||
|
informative_errors = 1;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if (!prefixcmp(arg, "--no-informative-errors")) {
|
||||||
|
informative_errors = 0;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
if (!strcmp(arg, "--")) {
|
if (!strcmp(arg, "--")) {
|
||||||
ok_paths = &argv[i+1];
|
ok_paths = &argv[i+1];
|
||||||
break;
|
break;
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user