Merge branch 'jk/daemon-msgs'
* jk/daemon-msgs: daemon: give friendlier error messages to clients Conflicts: daemon.c
This commit is contained in:
Junio C Hamano
commit
e75a59adfc
@ -161,6 +161,16 @@ the facility of inet daemon to achieve the same before spawning
|
||||
repository configuration. By default, all the services
|
||||
are overridable.
|
||||
|
||||
--informative-errors::
|
||||
--no-informative-errors::
|
||||
When informative errors are turned on, git-daemon will report
|
||||
more verbose errors to the client, differentiating conditions
|
||||
like "no such repository" from "repository not exported". This
|
||||
is more convenient for clients, but may leak information about
|
||||
the existence of unexported repositories. When informative
|
||||
errors are not enabled, all errors report "access denied" to the
|
||||
client. The default is --no-informative-errors.
|
||||
|
||||
<directory>::
|
||||
A directory to add to the whitelist of allowed directories. Unless
|
||||
--strict-paths is specified this will also include subdirectories
|
||||
|
||||
29
daemon.c
29
daemon.c
@ -20,6 +20,7 @@
|
||||
static int log_syslog;
|
||||
static int verbose;
|
||||
static int reuseaddr;
|
||||
static int informative_errors;
|
||||
|
||||
static const char daemon_usage[] =
|
||||
"git daemon [--verbose] [--syslog] [--export-all]\n"
|
||||
@ -247,6 +248,14 @@ static int git_daemon_config(const char *var, const char *value, void *cb)
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int daemon_error(const char *dir, const char *msg)
|
||||
{
|
||||
if (!informative_errors)
|
||||
msg = "access denied or repository not exported";
|
||||
packet_write(1, "ERR %s: %s", msg, dir);
|
||||
return -1;
|
||||
}
|
||||
|
||||
static int run_service(char *dir, struct daemon_service *service)
|
||||
{
|
||||
const char *path;
|
||||
@ -257,11 +266,11 @@ static int run_service(char *dir, struct daemon_service *service)
|
||||
if (!enabled && !service->overridable) {
|
||||
logerror("'%s': service not enabled.", service->name);
|
||||
errno = EACCES;
|
||||
goto failed;
|
||||
return daemon_error(dir, "service not enabled");
|
||||
}
|
||||
|
||||
if (!(path = path_ok(dir)))
|
||||
goto failed;
|
||||
return daemon_error(dir, "no such repository");
|
||||
|
||||
/*
|
||||
* Security on the cheap.
|
||||
@ -277,7 +286,7 @@ static int run_service(char *dir, struct daemon_service *service)
|
||||
if (!export_all_trees && access("git-daemon-export-ok", F_OK)) {
|
||||
logerror("'%s': repository not exported.", path);
|
||||
errno = EACCES;
|
||||
goto failed;
|
||||
return daemon_error(dir, "repository not exported");
|
||||
}
|
||||
|
||||
if (service->overridable) {
|
||||
@ -291,7 +300,7 @@ static int run_service(char *dir, struct daemon_service *service)
|
||||
logerror("'%s': service not enabled for '%s'",
|
||||
service->name, path);
|
||||
errno = EACCES;
|
||||
goto failed;
|
||||
return daemon_error(dir, "service not enabled");
|
||||
}
|
||||
|
||||
/*
|
||||
@ -301,10 +310,6 @@ static int run_service(char *dir, struct daemon_service *service)
|
||||
signal(SIGTERM, SIG_IGN);
|
||||
|
||||
return service->fn();
|
||||
|
||||
failed:
|
||||
packet_write(1, "ERR %s: access denied", dir);
|
||||
return -1;
|
||||
}
|
||||
|
||||
static void copy_to_log(int fd)
|
||||
@ -1208,6 +1213,14 @@ int main(int argc, char **argv)
|
||||
make_service_overridable(arg + 18, 0);
|
||||
continue;
|
||||
}
|
||||
if (!prefixcmp(arg, "--informative-errors")) {
|
||||
informative_errors = 1;
|
||||
continue;
|
||||
}
|
||||
if (!prefixcmp(arg, "--no-informative-errors")) {
|
||||
informative_errors = 0;
|
||||
continue;
|
||||
}
|
||||
if (!strcmp(arg, "--")) {
|
||||
ok_paths = &argv[i+1];
|
||||
break;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user