4 #include "interpolate.h"
9 #define HOST_NAME_MAX 256
12 static int log_syslog
;
16 static const char daemon_usage
[] =
17 "git-daemon [--verbose] [--syslog] [--export-all]\n"
18 " [--timeout=n] [--init-timeout=n] [--strict-paths]\n"
19 " [--base-path=path] [--user-path | --user-path=path]\n"
20 " [--interpolated-path=path]\n"
21 " [--reuseaddr] [--detach] [--pid-file=file]\n"
22 " [--[enable|disable|allow-override|forbid-override]=service]\n"
23 " [--inetd | [--listen=host_or_ipaddr] [--port=n]\n"
24 " [--user=user [--group=group]]\n"
27 /* List of acceptable pathname prefixes */
28 static char **ok_paths
;
29 static int strict_paths
;
31 /* If this is set, git-daemon-export-ok is not required */
32 static int export_all_trees
;
34 /* Take all paths relative to this one if non-NULL */
35 static char *base_path
;
36 static char *interpolated_path
;
38 /* Flag indicating client sent extra args. */
39 static int saw_extended_args
;
41 /* If defined, ~user notation is allowed and the string is inserted
42 * after ~user/. E.g. a request to git://host/~alice/frotz would
43 * go to /home/alice/pub_git/frotz with --user-path=pub_git.
45 static const char *user_path
;
47 /* Timeout, and initial timeout */
48 static unsigned int timeout
;
49 static unsigned int init_timeout
;
52 * Static table for now. Ugh.
53 * Feel free to make dynamic as needed.
55 #define INTERP_SLOT_HOST (0)
56 #define INTERP_SLOT_CANON_HOST (1)
57 #define INTERP_SLOT_IP (2)
58 #define INTERP_SLOT_PORT (3)
59 #define INTERP_SLOT_DIR (4)
60 #define INTERP_SLOT_PERCENT (5)
62 static struct interp interp_table
[] = {
72 static void logreport(int priority
, const char *err
, va_list params
)
74 /* We should do a single write so that it is atomic and output
75 * of several processes do not get intermingled. */
80 /* sizeof(buf) should be big enough for "[pid] \n" */
81 buflen
= snprintf(buf
, sizeof(buf
), "[%ld] ", (long) getpid());
83 maxlen
= sizeof(buf
) - buflen
- 1; /* -1 for our own LF */
84 msglen
= vsnprintf(buf
+ buflen
, maxlen
, err
, params
);
87 syslog(priority
, "%s", buf
);
91 /* maxlen counted our own LF but also counts space given to
92 * vsnprintf for the terminating NUL. We want to make sure that
93 * we have space for our own LF and NUL after the "meat" of the
94 * message, so truncate it at maxlen - 1.
96 if (msglen
> maxlen
- 1)
99 msglen
= 0; /* Protect against weird return values. */
102 buf
[buflen
++] = '\n';
105 write_in_full(2, buf
, buflen
);
108 static void logerror(const char *err
, ...)
111 va_start(params
, err
);
112 logreport(LOG_ERR
, err
, params
);
116 static void loginfo(const char *err
, ...)
121 va_start(params
, err
);
122 logreport(LOG_INFO
, err
, params
);
126 static void NORETURN
daemon_die(const char *err
, va_list params
)
128 logreport(LOG_ERR
, err
, params
);
132 static int avoid_alias(char *p
)
137 * This resurrects the belts and suspenders paranoia check by HPA
138 * done in <435560F7.4080006@zytor.com> thread, now enter_repo()
139 * does not do getcwd() based path canonicalizations.
141 * sl becomes true immediately after seeing '/' and continues to
142 * be true as long as dots continue after that without intervening
145 if (!p
|| (*p
!= '/' && *p
!= '~'))
155 else if (ch
== '/') {
157 /* reject //, /./ and /../ */
162 if (0 < ndot
&& ndot
< 3)
163 /* reject /.$ and /..$ */
172 else if (ch
== '/') {
179 static char *path_ok(struct interp
*itable
)
181 static char rpath
[PATH_MAX
];
182 static char interp_path
[PATH_MAX
];
186 dir
= itable
[INTERP_SLOT_DIR
].value
;
188 if (avoid_alias(dir
)) {
189 logerror("'%s': aliased", dir
);
195 logerror("'%s': User-path not allowed", dir
);
199 /* Got either "~alice" or "~alice/foo";
200 * rewrite them to "~alice/%s" or
203 int namlen
, restlen
= strlen(dir
);
204 char *slash
= strchr(dir
, '/');
206 slash
= dir
+ restlen
;
207 namlen
= slash
- dir
;
209 loginfo("userpath <%s>, request <%s>, namlen %d, restlen %d, slash <%s>", user_path
, dir
, namlen
, restlen
, slash
);
210 snprintf(rpath
, PATH_MAX
, "%.*s/%s%.*s",
211 namlen
, dir
, user_path
, restlen
, slash
);
215 else if (interpolated_path
&& saw_extended_args
) {
217 /* Allow only absolute */
218 logerror("'%s': Non-absolute path denied (interpolated-path active)", dir
);
222 interpolate(interp_path
, PATH_MAX
, interpolated_path
,
223 interp_table
, ARRAY_SIZE(interp_table
));
224 loginfo("Interpolated dir '%s'", interp_path
);
228 else if (base_path
) {
230 /* Allow only absolute */
231 logerror("'%s': Non-absolute path denied (base-path active)", dir
);
234 snprintf(rpath
, PATH_MAX
, "%s%s", base_path
, dir
);
238 path
= enter_repo(dir
, strict_paths
);
241 logerror("'%s': unable to chdir or not a git archive", dir
);
245 if ( ok_paths
&& *ok_paths
) {
247 int pathlen
= strlen(path
);
249 /* The validation is done on the paths after enter_repo
250 * appends optional {.git,.git/.git} and friends, but
251 * it does not use getcwd(). So if your /pub is
252 * a symlink to /mnt/pub, you can whitelist /pub and
253 * do not have to say /mnt/pub.
256 for ( pp
= ok_paths
; *pp
; pp
++ ) {
257 int len
= strlen(*pp
);
258 if (len
<= pathlen
&&
259 !memcmp(*pp
, path
, len
) &&
260 (path
[len
] == '\0' ||
261 (!strict_paths
&& path
[len
] == '/')))
266 /* be backwards compatible */
271 logerror("'%s': not in whitelist", path
);
272 return NULL
; /* Fallthrough. Deny by default */
275 typedef int (*daemon_service_fn
)(void);
276 struct daemon_service
{
278 const char *config_name
;
279 daemon_service_fn fn
;
284 static struct daemon_service
*service_looking_at
;
285 static int service_enabled
;
287 static int git_daemon_config(const char *var
, const char *value
)
289 if (!prefixcmp(var
, "daemon.") &&
290 !strcmp(var
+ 7, service_looking_at
->config_name
)) {
291 service_enabled
= git_config_bool(var
, value
);
295 /* we are not interested in parsing any other configuration here */
299 static int run_service(struct interp
*itable
, struct daemon_service
*service
)
302 int enabled
= service
->enabled
;
304 loginfo("Request %s for '%s'",
306 itable
[INTERP_SLOT_DIR
].value
);
308 if (!enabled
&& !service
->overridable
) {
309 logerror("'%s': service not enabled.", service
->name
);
314 if (!(path
= path_ok(itable
)))
318 * Security on the cheap.
320 * We want a readable HEAD, usable "objects" directory, and
321 * a "git-daemon-export-ok" flag that says that the other side
322 * is ok with us doing this.
324 * path_ok() uses enter_repo() and does whitelist checking.
325 * We only need to make sure the repository is exported.
328 if (!export_all_trees
&& access("git-daemon-export-ok", F_OK
)) {
329 logerror("'%s': repository not exported.", path
);
334 if (service
->overridable
) {
335 service_looking_at
= service
;
336 service_enabled
= -1;
337 git_config(git_daemon_config
);
338 if (0 <= service_enabled
)
339 enabled
= service_enabled
;
342 logerror("'%s': service not enabled for '%s'",
343 service
->name
, path
);
349 * We'll ignore SIGTERM from now on, we have a
352 signal(SIGTERM
, SIG_IGN
);
354 return service
->fn();
357 static int upload_pack(void)
359 /* Timeout as string */
360 char timeout_buf
[64];
362 snprintf(timeout_buf
, sizeof timeout_buf
, "--timeout=%u", timeout
);
364 /* git-upload-pack only ever reads stuff, so this is safe */
365 execl_git_cmd("upload-pack", "--strict", timeout_buf
, ".", NULL
);
369 static int upload_archive(void)
371 execl_git_cmd("upload-archive", ".", NULL
);
375 static int receive_pack(void)
377 execl_git_cmd("receive-pack", ".", NULL
);
381 static struct daemon_service daemon_service
[] = {
382 { "upload-archive", "uploadarch", upload_archive
, 0, 1 },
383 { "upload-pack", "uploadpack", upload_pack
, 1, 1 },
384 { "receive-pack", "receivepack", receive_pack
, 0, 1 },
387 static void enable_service(const char *name
, int ena
) {
389 for (i
= 0; i
< ARRAY_SIZE(daemon_service
); i
++) {
390 if (!strcmp(daemon_service
[i
].name
, name
)) {
391 daemon_service
[i
].enabled
= ena
;
395 die("No such service %s", name
);
398 static void make_service_overridable(const char *name
, int ena
) {
400 for (i
= 0; i
< ARRAY_SIZE(daemon_service
); i
++) {
401 if (!strcmp(daemon_service
[i
].name
, name
)) {
402 daemon_service
[i
].overridable
= ena
;
406 die("No such service %s", name
);
410 * Separate the "extra args" information as supplied by the client connection.
411 * Any resulting data is squirreled away in the given interpolation table.
413 static void parse_extra_args(struct interp
*table
, char *extra_args
, int buflen
)
417 char *end
= extra_args
+ buflen
;
419 while (extra_args
< end
&& *extra_args
) {
420 saw_extended_args
= 1;
421 if (strncasecmp("host=", extra_args
, 5) == 0) {
422 val
= extra_args
+ 5;
423 vallen
= strlen(val
) + 1;
425 /* Split <host>:<port> at colon. */
427 char *port
= strrchr(host
, ':');
431 interp_set_entry(table
, INTERP_SLOT_PORT
, port
);
433 interp_set_entry(table
, INTERP_SLOT_HOST
, host
);
436 /* On to the next one */
437 extra_args
= val
+ vallen
;
442 void fill_in_extra_table_entries(struct interp
*itable
)
447 * Replace literal host with lowercase-ized hostname.
449 hp
= interp_table
[INTERP_SLOT_HOST
].value
;
456 * Locate canonical hostname and its IP address.
460 struct addrinfo hints
;
461 struct addrinfo
*ai
, *ai0
;
463 static char addrbuf
[HOST_NAME_MAX
+ 1];
465 memset(&hints
, 0, sizeof(hints
));
466 hints
.ai_flags
= AI_CANONNAME
;
468 gai
= getaddrinfo(interp_table
[INTERP_SLOT_HOST
].value
, 0, &hints
, &ai0
);
470 for (ai
= ai0
; ai
; ai
= ai
->ai_next
) {
471 struct sockaddr_in
*sin_addr
= (void *)ai
->ai_addr
;
473 inet_ntop(AF_INET
, &sin_addr
->sin_addr
,
474 addrbuf
, sizeof(addrbuf
));
475 interp_set_entry(interp_table
,
476 INTERP_SLOT_CANON_HOST
, ai
->ai_canonname
);
477 interp_set_entry(interp_table
,
478 INTERP_SLOT_IP
, addrbuf
);
486 struct hostent
*hent
;
487 struct sockaddr_in sa
;
489 static char addrbuf
[HOST_NAME_MAX
+ 1];
491 hent
= gethostbyname(interp_table
[INTERP_SLOT_HOST
].value
);
493 ap
= hent
->h_addr_list
;
494 memset(&sa
, 0, sizeof sa
);
495 sa
.sin_family
= hent
->h_addrtype
;
496 sa
.sin_port
= htons(0);
497 memcpy(&sa
.sin_addr
, *ap
, hent
->h_length
);
499 inet_ntop(hent
->h_addrtype
, &sa
.sin_addr
,
500 addrbuf
, sizeof(addrbuf
));
502 interp_set_entry(interp_table
, INTERP_SLOT_CANON_HOST
, hent
->h_name
);
503 interp_set_entry(interp_table
, INTERP_SLOT_IP
, addrbuf
);
509 static int execute(struct sockaddr
*addr
)
511 static char line
[1000];
515 char addrbuf
[256] = "";
518 if (addr
->sa_family
== AF_INET
) {
519 struct sockaddr_in
*sin_addr
= (void *) addr
;
520 inet_ntop(addr
->sa_family
, &sin_addr
->sin_addr
, addrbuf
, sizeof(addrbuf
));
521 port
= sin_addr
->sin_port
;
523 } else if (addr
&& addr
->sa_family
== AF_INET6
) {
524 struct sockaddr_in6
*sin6_addr
= (void *) addr
;
527 *buf
++ = '['; *buf
= '\0'; /* stpcpy() is cool */
528 inet_ntop(AF_INET6
, &sin6_addr
->sin6_addr
, buf
, sizeof(addrbuf
) - 1);
531 port
= sin6_addr
->sin6_port
;
534 loginfo("Connection from %s:%d", addrbuf
, port
);
537 alarm(init_timeout
? init_timeout
: timeout
);
538 pktlen
= packet_read_line(0, line
, sizeof(line
));
543 loginfo("Extended attributes (%d bytes) exist <%.*s>",
545 (int) pktlen
- len
, line
+ len
+ 1);
546 if (len
&& line
[len
-1] == '\n') {
552 * Initialize the path interpolation table for this connection.
554 interp_clear_table(interp_table
, ARRAY_SIZE(interp_table
));
555 interp_set_entry(interp_table
, INTERP_SLOT_PERCENT
, "%");
558 parse_extra_args(interp_table
, line
+ len
+ 1, pktlen
- len
- 1);
559 fill_in_extra_table_entries(interp_table
);
562 for (i
= 0; i
< ARRAY_SIZE(daemon_service
); i
++) {
563 struct daemon_service
*s
= &(daemon_service
[i
]);
564 int namelen
= strlen(s
->name
);
565 if (!prefixcmp(line
, "git-") &&
566 !strncmp(s
->name
, line
+ 4, namelen
) &&
567 line
[namelen
+ 4] == ' ') {
569 * Note: The directory here is probably context sensitive,
570 * and might depend on the actual service being performed.
572 interp_set_entry(interp_table
,
573 INTERP_SLOT_DIR
, line
+ namelen
+ 5);
574 return run_service(interp_table
, s
);
578 logerror("Protocol error: '%s'", line
);
584 * We count spawned/reaped separately, just to avoid any
585 * races when updating them from signals. The SIGCHLD handler
586 * will only update children_reaped, and the fork logic will
587 * only update children_spawned.
589 * MAX_CHILDREN should be a power-of-two to make the modulus
590 * operation cheap. It should also be at least twice
591 * the maximum number of connections we will ever allow.
593 #define MAX_CHILDREN 128
595 static int max_connections
= 25;
597 /* These are updated by the signal handler */
598 static volatile unsigned int children_reaped
;
599 static pid_t dead_child
[MAX_CHILDREN
];
601 /* These are updated by the main loop */
602 static unsigned int children_spawned
;
603 static unsigned int children_deleted
;
605 static struct child
{
608 struct sockaddr_storage address
;
609 } live_child
[MAX_CHILDREN
];
611 static void add_child(int idx
, pid_t pid
, struct sockaddr
*addr
, int addrlen
)
613 live_child
[idx
].pid
= pid
;
614 live_child
[idx
].addrlen
= addrlen
;
615 memcpy(&live_child
[idx
].address
, addr
, addrlen
);
619 * Walk from "deleted" to "spawned", and remove child "pid".
621 * We move everything up by one, since the new "deleted" will
624 static void remove_child(pid_t pid
, unsigned deleted
, unsigned spawned
)
628 deleted
%= MAX_CHILDREN
;
629 spawned
%= MAX_CHILDREN
;
630 if (live_child
[deleted
].pid
== pid
) {
631 live_child
[deleted
].pid
= -1;
634 n
= live_child
[deleted
];
637 deleted
= (deleted
+ 1) % MAX_CHILDREN
;
638 if (deleted
== spawned
)
639 die("could not find dead child %d\n", pid
);
640 m
= live_child
[deleted
];
641 live_child
[deleted
] = n
;
649 * This gets called if the number of connections grows
650 * past "max_connections".
652 * We _should_ start off by searching for connections
653 * from the same IP, and if there is some address wth
654 * multiple connections, we should kill that first.
656 * As it is, we just "randomly" kill 25% of the connections,
657 * and our pseudo-random generator sucks too. I have no
660 * Really, this is just a place-holder for a _real_ algorithm.
662 static void kill_some_children(int signo
, unsigned start
, unsigned stop
)
664 start
%= MAX_CHILDREN
;
665 stop
%= MAX_CHILDREN
;
666 while (start
!= stop
) {
668 kill(live_child
[start
].pid
, signo
);
669 start
= (start
+ 1) % MAX_CHILDREN
;
673 static void check_max_connections(void)
677 unsigned spawned
, reaped
, deleted
;
679 spawned
= children_spawned
;
680 reaped
= children_reaped
;
681 deleted
= children_deleted
;
683 while (deleted
< reaped
) {
684 pid_t pid
= dead_child
[deleted
% MAX_CHILDREN
];
685 remove_child(pid
, deleted
, spawned
);
688 children_deleted
= deleted
;
690 active
= spawned
- deleted
;
691 if (active
<= max_connections
)
694 /* Kill some unstarted connections with SIGTERM */
695 kill_some_children(SIGTERM
, deleted
, spawned
);
696 if (active
<= max_connections
<< 1)
699 /* If the SIGTERM thing isn't helping use SIGKILL */
700 kill_some_children(SIGKILL
, deleted
, spawned
);
705 static void handle(int incoming
, struct sockaddr
*addr
, int addrlen
)
716 idx
= children_spawned
% MAX_CHILDREN
;
718 add_child(idx
, pid
, addr
, addrlen
);
720 check_max_connections();
731 static void child_handler(int signo
)
735 pid_t pid
= waitpid(-1, &status
, WNOHANG
);
738 unsigned reaped
= children_reaped
;
739 dead_child
[reaped
% MAX_CHILDREN
] = pid
;
740 children_reaped
= reaped
+ 1;
741 /* XXX: Custom logging, since we don't wanna getpid() */
743 const char *dead
= "";
744 if (!WIFEXITED(status
) || WEXITSTATUS(status
) > 0)
745 dead
= " (with error)";
747 syslog(LOG_INFO
, "[%d] Disconnected%s", pid
, dead
);
749 fprintf(stderr
, "[%d] Disconnected%s\n", pid
, dead
);
757 static int set_reuse_addr(int sockfd
)
763 return setsockopt(sockfd
, SOL_SOCKET
, SO_REUSEADDR
,
769 static int socksetup(char *listen_addr
, int listen_port
, int **socklist_p
)
771 int socknum
= 0, *socklist
= NULL
;
773 char pbuf
[NI_MAXSERV
];
774 struct addrinfo hints
, *ai0
, *ai
;
778 sprintf(pbuf
, "%d", listen_port
);
779 memset(&hints
, 0, sizeof(hints
));
780 hints
.ai_family
= AF_UNSPEC
;
781 hints
.ai_socktype
= SOCK_STREAM
;
782 hints
.ai_protocol
= IPPROTO_TCP
;
783 hints
.ai_flags
= AI_PASSIVE
;
785 gai
= getaddrinfo(listen_addr
, pbuf
, &hints
, &ai0
);
787 die("getaddrinfo() failed: %s\n", gai_strerror(gai
));
789 for (ai
= ai0
; ai
; ai
= ai
->ai_next
) {
792 sockfd
= socket(ai
->ai_family
, ai
->ai_socktype
, ai
->ai_protocol
);
795 if (sockfd
>= FD_SETSIZE
) {
796 error("too large socket descriptor.");
802 if (ai
->ai_family
== AF_INET6
) {
804 setsockopt(sockfd
, IPPROTO_IPV6
, IPV6_V6ONLY
,
806 /* Note: error is not fatal */
810 if (set_reuse_addr(sockfd
)) {
815 if (bind(sockfd
, ai
->ai_addr
, ai
->ai_addrlen
) < 0) {
817 continue; /* not fatal */
819 if (listen(sockfd
, 5) < 0) {
821 continue; /* not fatal */
824 flags
= fcntl(sockfd
, F_GETFD
, 0);
826 fcntl(sockfd
, F_SETFD
, flags
| FD_CLOEXEC
);
828 socklist
= xrealloc(socklist
, sizeof(int) * (socknum
+ 1));
829 socklist
[socknum
++] = sockfd
;
837 *socklist_p
= socklist
;
843 static int socksetup(char *listen_addr
, int listen_port
, int **socklist_p
)
845 struct sockaddr_in sin
;
849 memset(&sin
, 0, sizeof sin
);
850 sin
.sin_family
= AF_INET
;
851 sin
.sin_port
= htons(listen_port
);
854 /* Well, host better be an IP address here. */
855 if (inet_pton(AF_INET
, listen_addr
, &sin
.sin_addr
.s_addr
) <= 0)
858 sin
.sin_addr
.s_addr
= htonl(INADDR_ANY
);
861 sockfd
= socket(AF_INET
, SOCK_STREAM
, 0);
865 if (set_reuse_addr(sockfd
)) {
870 if ( bind(sockfd
, (struct sockaddr
*)&sin
, sizeof sin
) < 0 ) {
875 if (listen(sockfd
, 5) < 0) {
880 flags
= fcntl(sockfd
, F_GETFD
, 0);
882 fcntl(sockfd
, F_SETFD
, flags
| FD_CLOEXEC
);
884 *socklist_p
= xmalloc(sizeof(int));
885 **socklist_p
= sockfd
;
891 static int service_loop(int socknum
, int *socklist
)
896 pfd
= xcalloc(socknum
, sizeof(struct pollfd
));
898 for (i
= 0; i
< socknum
; i
++) {
899 pfd
[i
].fd
= socklist
[i
];
900 pfd
[i
].events
= POLLIN
;
903 signal(SIGCHLD
, child_handler
);
908 if (poll(pfd
, socknum
, -1) < 0) {
909 if (errno
!= EINTR
) {
910 error("poll failed, resuming: %s",
917 for (i
= 0; i
< socknum
; i
++) {
918 if (pfd
[i
].revents
& POLLIN
) {
919 struct sockaddr_storage ss
;
920 unsigned int sslen
= sizeof(ss
);
921 int incoming
= accept(pfd
[i
].fd
, (struct sockaddr
*)&ss
, &sslen
);
929 die("accept returned %s", strerror(errno
));
932 handle(incoming
, (struct sockaddr
*)&ss
, sslen
);
938 /* if any standard file descriptor is missing open it to /dev/null */
939 static void sanitize_stdfds(void)
941 int fd
= open("/dev/null", O_RDWR
, 0);
942 while (fd
!= -1 && fd
< 2)
945 die("open /dev/null or dup failed: %s", strerror(errno
));
950 static void daemonize(void)
956 die("fork failed: %s", strerror(errno
));
961 die("setsid failed: %s", strerror(errno
));
968 static void store_pid(const char *path
)
970 FILE *f
= fopen(path
, "w");
972 die("cannot open pid file %s: %s", path
, strerror(errno
));
973 if (fprintf(f
, "%d\n", getpid()) < 0 || fclose(f
) != 0)
974 die("failed to write pid file %s: %s", path
, strerror(errno
));
977 static int serve(char *listen_addr
, int listen_port
, struct passwd
*pass
, gid_t gid
)
979 int socknum
, *socklist
;
981 socknum
= socksetup(listen_addr
, listen_port
, &socklist
);
983 die("unable to allocate any listen sockets on host %s port %u",
984 listen_addr
, listen_port
);
987 (initgroups(pass
->pw_name
, gid
) || setgid (gid
) ||
988 setuid(pass
->pw_uid
)))
989 die("cannot drop privileges");
991 return service_loop(socknum
, socklist
);
994 int main(int argc
, char **argv
)
997 char *listen_addr
= NULL
;
999 const char *pid_file
= NULL
, *user_name
= NULL
, *group_name
= NULL
;
1001 struct passwd
*pass
= NULL
;
1002 struct group
*group
;
1006 /* Without this we cannot rely on waitpid() to tell
1007 * what happened to our children.
1009 signal(SIGCHLD
, SIG_DFL
);
1011 for (i
= 1; i
< argc
; i
++) {
1012 char *arg
= argv
[i
];
1014 if (!prefixcmp(arg
, "--listen=")) {
1016 char *ph
= listen_addr
= xmalloc(strlen(arg
+ 9) + 1);
1018 *ph
++ = tolower(*p
++);
1022 if (!prefixcmp(arg
, "--port=")) {
1025 n
= strtoul(arg
+7, &end
, 0);
1026 if (arg
[7] && !*end
) {
1031 if (!strcmp(arg
, "--inetd")) {
1036 if (!strcmp(arg
, "--verbose")) {
1040 if (!strcmp(arg
, "--syslog")) {
1044 if (!strcmp(arg
, "--export-all")) {
1045 export_all_trees
= 1;
1048 if (!prefixcmp(arg
, "--timeout=")) {
1049 timeout
= atoi(arg
+10);
1052 if (!prefixcmp(arg
, "--init-timeout=")) {
1053 init_timeout
= atoi(arg
+15);
1056 if (!strcmp(arg
, "--strict-paths")) {
1060 if (!prefixcmp(arg
, "--base-path=")) {
1064 if (!prefixcmp(arg
, "--interpolated-path=")) {
1065 interpolated_path
= arg
+20;
1068 if (!strcmp(arg
, "--reuseaddr")) {
1072 if (!strcmp(arg
, "--user-path")) {
1076 if (!prefixcmp(arg
, "--user-path=")) {
1077 user_path
= arg
+ 12;
1080 if (!prefixcmp(arg
, "--pid-file=")) {
1081 pid_file
= arg
+ 11;
1084 if (!strcmp(arg
, "--detach")) {
1089 if (!prefixcmp(arg
, "--user=")) {
1090 user_name
= arg
+ 7;
1093 if (!prefixcmp(arg
, "--group=")) {
1094 group_name
= arg
+ 8;
1097 if (!prefixcmp(arg
, "--enable=")) {
1098 enable_service(arg
+ 9, 1);
1101 if (!prefixcmp(arg
, "--disable=")) {
1102 enable_service(arg
+ 10, 0);
1105 if (!prefixcmp(arg
, "--allow-override=")) {
1106 make_service_overridable(arg
+ 17, 1);
1109 if (!prefixcmp(arg
, "--forbid-override=")) {
1110 make_service_overridable(arg
+ 18, 0);
1113 if (!strcmp(arg
, "--")) {
1114 ok_paths
= &argv
[i
+1];
1116 } else if (arg
[0] != '-') {
1117 ok_paths
= &argv
[i
];
1121 usage(daemon_usage
);
1124 if (inetd_mode
&& (group_name
|| user_name
))
1125 die("--user and --group are incompatible with --inetd");
1127 if (inetd_mode
&& (listen_port
|| listen_addr
))
1128 die("--listen= and --port= are incompatible with --inetd");
1129 else if (listen_port
== 0)
1130 listen_port
= DEFAULT_GIT_PORT
;
1132 if (group_name
&& !user_name
)
1133 die("--group supplied without --user");
1136 pass
= getpwnam(user_name
);
1138 die("user not found - %s", user_name
);
1143 group
= getgrnam(group_name
);
1145 die("group not found - %s", group_name
);
1147 gid
= group
->gr_gid
;
1152 openlog("git-daemon", 0, LOG_DAEMON
);
1153 set_die_routine(daemon_die
);
1156 if (strict_paths
&& (!ok_paths
|| !*ok_paths
))
1157 die("option --strict-paths requires a whitelist");
1160 struct sockaddr_storage ss
;
1161 struct sockaddr
*peer
= (struct sockaddr
*)&ss
;
1162 socklen_t slen
= sizeof(ss
);
1164 freopen("/dev/null", "w", stderr
);
1166 if (getpeername(0, peer
, &slen
))
1169 return execute(peer
);
1178 store_pid(pid_file
);
1180 return serve(listen_addr
, listen_port
, pass
, gid
);