The parameter for filter-path is an executable that will receive the service
name, the client hostname and path to the repos the client requests as as
arguments. It is then the responsibility of the script to return a zero
terminated string on its stdout with the real path of the target repository.
Signed-off-by: Johan Sørensen <johan@xxxxxxxxxxxxxxxxx>
---
Documentation/git-daemon.txt | 15 +++++++++++
daemon.c | 54 +++++++++++++++++++++++++++++++++++++++++-
2 files changed, 68 insertions(+), 1 deletions(-)
diff --git a/Documentation/git-daemon.txt b/Documentation/git-daemon.txt
index 36f00ae..bf8d31f 100644
--- a/Documentation/git-daemon.txt
+++ b/Documentation/git-daemon.txt
@@ -13,6 +13,7 @@ SYNOPSIS
[--strict-paths] [--base-path=path] [--base-path-relaxed]
[--user-path | --user-path=path]
[--interpolated-path=pathtemplate]
+ [--path-filter=executable]
[--reuseaddr] [--detach] [--pid-file=file]
[--enable=service] [--disable=service]
[--allow-override=service] [--forbid-override=service]
@@ -71,6 +72,20 @@ OPTIONS
After interpolation, the path is validated against the directory
whitelist.
+--path-filter=executable::
+ To support a more flexible directory layout a path filter script
+ can be used. The executable will receive the service name (upload-pack,
+ upload-archive or receive-pack), the client hostname and the request git
+ directory as arguments. The executable must return a zero-terminated
+ string on stdout which is the real path 'git-daemon' should serve. This
+ is useful when --interpolated-path doesn't buy you enough flexibility.
+ You could for instance keep support for old clone urls if you rename your
+ repository, or fetch a custom url-mapping from a third-party repo manager
+ application, or map deeply nested repository directories to a more
+ sensible layout for the outside world.
+ Please be aware that the executable spawned will have the same privileges
+ as the user you are running the git-daemon under.
+
--export-all::
Allow pulling from all directories that look like GIT repositories
(have the 'objects' and 'refs' subdirectories), even if they
diff --git a/daemon.c b/daemon.c
index d93cf96..e865e78 100644
--- a/daemon.c
+++ b/daemon.c
@@ -1,6 +1,7 @@
#include "cache.h"
#include "pkt-line.h"
#include "exec_cmd.h"
+#include "run-command.h"
#include <syslog.h>
@@ -22,6 +23,7 @@ static const char daemon_usage[] =
" [--strict-paths] [--base-path=path] [--base-path-relaxed]\n"
" [--user-path | --user-path=path]\n"
" [--interpolated-path=path]\n"
+" [--path-filter=path]\n"
" [--reuseaddr] [--detach] [--pid-file=file]\n"
" [--[enable|disable|allow-override|forbid-override]=service]\n"
" [--inetd | [--listen=host_or_ipaddr] [--port=n]\n"
@@ -58,6 +60,11 @@ static char *canon_hostname;
static char *ip_address;
static char *tcp_port;
+/* if defined, the script will be executed with the service name, hostname,
+ * and requested path on stdin and _must_ return with a successful exitcode
+ * and the new path on stdout */
+static char *path_filter_script;
+
static void logreport(int priority, const char *err, va_list params)
{
if (log_syslog) {
@@ -287,6 +294,42 @@ static int git_daemon_config(const char *var, const char *value, void *cb)
return 0;
}
+static char *run_path_filter_script(struct daemon_service *s, char *host,
+ char *dir) {
+ struct strbuf result_buf = STRBUF_INIT;
+ struct child_process filter_cmd;
+ const char *args[] = { path_filter_script, s->name, host, dir, NULL };
+
+ loginfo("Executing path filter script: '%s %s %s %s'",
+ path_filter_script, s->name, host, dir);
+ memset(&filter_cmd, 0, sizeof(filter_cmd));
+ filter_cmd.argv = args;
+ filter_cmd.out = -1;
+
+ if (start_command(&filter_cmd)) {
+ logerror("path filter: unable to fork path_filter_script");
+ return dir;
+ }
+
+ if (strbuf_read(&result_buf, filter_cmd.out, PATH_MAX) < 0) {
+ strbuf_release(&result_buf);
+ close(filter_cmd.out);
+ logerror("path filter: script read returned %s", strerror(errno));
+ return dir;
+ }
+
+ close(filter_cmd.out);
+ if (finish_command(&filter_cmd)) {
+ logerror("path filter script died with strange error");
+ return dir;
+ }
+
+ if (result_buf.len > 0)
+ dir = strbuf_detach(&result_buf, NULL);
+
+ return dir;
+}
+
static int run_service(char *dir, struct daemon_service *service)
{
const char *path;
@@ -557,7 +600,12 @@ static int execute(struct sockaddr *addr)
* Note: The directory here is probably context sensitive,
* and might depend on the actual service being performed.
*/
- return run_service(line + namelen + 5, s);
+ if (path_filter_script) {
+ return run_service(run_path_filter_script(s, hostname,
+ line + namelen + 5), s);
+ } else {
+ return run_service(line + namelen + 5, s);
+ }
}
}
@@ -1018,6 +1066,10 @@ int main(int argc, char **argv)
pid_file = arg + 11;
continue;
}
+ if (!prefixcmp(arg, "--path-filter=")) {
+ path_filter_script = arg + 14;
+ continue;
+ }
if (!strcmp(arg, "--detach")) {
detach = 1;
log_syslog = 1;
--
1.6.1
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
