From: Clemens Buchacher <drizzd@aon.at>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>, Jeff King <peff@peff.net>
Subject: [PATCH 2/2] daemon: report permission denied error to clients
Date: Mon, 17 Oct 2011 00:11:16 +0200 [thread overview]
Message-ID: <1318803076-4229-2-git-send-email-drizzd@aon.at> (raw)
In-Reply-To: <1318803076-4229-1-git-send-email-drizzd@aon.at>
If passed an inaccessible url, git daemon returns the
following error:
$ git clone git://host/repo
fatal: remote error: no such repository: /repo
In case of a permission denied error, return the following
instead:
fatal: remote error: permission denied: /repo
Signed-off-by: Clemens Buchacher <drizzd@aon.at>
---
daemon.c | 32 +++++++++++++++++++++-----------
path.c | 31 +++++++++++++++++++++----------
t/t5570-git-daemon.sh | 2 +-
3 files changed, 43 insertions(+), 22 deletions(-)
diff --git a/daemon.c b/daemon.c
index 72fb53a..1442b5b 100644
--- a/daemon.c
+++ b/daemon.c
@@ -109,7 +109,7 @@ static void NORETURN daemon_die(const char *err, va_list params)
exit(1);
}
-static char *path_ok(char *directory)
+static int path_ok(char *directory, const char **return_path)
{
static char rpath[PATH_MAX];
static char interp_path[PATH_MAX];
@@ -120,13 +120,13 @@ static char *path_ok(char *directory)
if (daemon_avoid_alias(dir)) {
logerror("'%s': aliased", dir);
- return NULL;
+ return -1;
}
if (*dir == '~') {
if (!user_path) {
logerror("'%s': User-path not allowed", dir);
- return NULL;
+ return EACCES;
}
if (*user_path) {
/* Got either "~alice" or "~alice/foo";
@@ -158,7 +158,7 @@ static char *path_ok(char *directory)
if (*dir != '/') {
/* Allow only absolute */
logerror("'%s': Non-absolute path denied (interpolated-path active)", dir);
- return NULL;
+ return EACCES;
}
strbuf_expand(&expanded_path, interpolated_path,
@@ -173,7 +173,7 @@ static char *path_ok(char *directory)
if (*dir != '/') {
/* Allow only absolute */
logerror("'%s': Non-absolute path denied (base-path active)", dir);
- return NULL;
+ return EACCES;
}
snprintf(rpath, PATH_MAX, "%s%s", base_path, dir);
dir = rpath;
@@ -190,10 +190,14 @@ static char *path_ok(char *directory)
}
if (!path) {
+ int ret = -1;
+ if (errno == EACCES)
+ ret = EACCES;
logerror("'%s' does not appear to be a git repository", dir);
- return NULL;
+ return ret;
}
+ *return_path = path;
if ( ok_paths && *ok_paths ) {
char **pp;
int pathlen = strlen(path);
@@ -211,17 +215,17 @@ static char *path_ok(char *directory)
!memcmp(*pp, path, len) &&
(path[len] == '\0' ||
(!strict_paths && path[len] == '/')))
- return path;
+ return 0;
}
}
else {
/* be backwards compatible */
if (!strict_paths)
- return path;
+ return 0;
}
logerror("'%s': not in whitelist", path);
- return NULL; /* Fallthrough. Deny by default */
+ return EACCES; /* Fallthrough. Deny by default */
}
typedef int (*daemon_service_fn)(void);
@@ -258,6 +262,7 @@ static int daemon_error(const char *dir, const char *msg)
static int run_service(char *dir, struct daemon_service *service)
{
+ int err;
const char *path;
int enabled = service->enabled;
@@ -269,8 +274,13 @@ static int run_service(char *dir, struct daemon_service *service)
return daemon_error(dir, "service not enabled");
}
- if (!(path = path_ok(dir)))
- return daemon_error(dir, "no such repository");
+ err = path_ok(dir, &path);
+ if (err) {
+ if (err == EACCES)
+ return daemon_error(dir, "permission denied");
+ else
+ return daemon_error(dir, "no such repository");
+ }
/*
* Security on the cheap.
diff --git a/path.c b/path.c
index 6f3f5d5..227d8d7 100644
--- a/path.c
+++ b/path.c
@@ -288,6 +288,7 @@ char *enter_repo(char *path, int strict)
static char used_path[PATH_MAX];
static char validated_path[PATH_MAX];
+ errno = 0;
if (!path)
return NULL;
@@ -301,12 +302,15 @@ char *enter_repo(char *path, int strict)
path[len-1] = 0;
len--;
}
- if (PATH_MAX <= len)
+ if (PATH_MAX <= len) {
+ errno = ENAMETOOLONG;
return NULL;
+ }
if (path[0] == '~') {
char *newpath = expand_user_path(path);
if (!newpath || (PATH_MAX - 10 < strlen(newpath))) {
free(newpath);
+ errno = 0;
return NULL;
}
/*
@@ -319,9 +323,10 @@ char *enter_repo(char *path, int strict)
strcpy(validated_path, path);
path = used_path;
}
- else if (PATH_MAX - 10 < len)
+ else if (PATH_MAX - 10 < len) {
+ errno = ENAMETOOLONG;
return NULL;
- else {
+ } else {
path = strcpy(used_path, path);
strcpy(validated_path, path);
}
@@ -331,23 +336,29 @@ char *enter_repo(char *path, int strict)
if (!access(path, F_OK)) {
strcat(validated_path, suffix[i]);
break;
+ } else if (errno == EACCES) {
+ return NULL;
}
}
- if (!suffix[i] || chdir(path))
+ if (!suffix[i])
+ return NULL;
+ if (chdir(path))
return NULL;
path = validated_path;
}
else if (chdir(path))
return NULL;
- if (access("objects", X_OK) == 0 && access("refs", X_OK) == 0 &&
- validate_headref("HEAD") == 0) {
- set_git_dir(".");
- check_repository_format();
- return path;
+ if (access("objects", X_OK) || access("refs", X_OK))
+ return NULL;
+ if (validate_headref("HEAD")) {
+ errno = 0;
+ return NULL;
}
- return NULL;
+ set_git_dir(".");
+ check_repository_format();
+ return path;
}
int set_shared_perm(const char *path, int mode)
diff --git a/t/t5570-git-daemon.sh b/t/t5570-git-daemon.sh
index aa5771a..e6482eb 100755
--- a/t/t5570-git-daemon.sh
+++ b/t/t5570-git-daemon.sh
@@ -141,7 +141,7 @@ start_daemon --informative-errors
test_expect_success 'clone non-existent' "test_remote_error clone nowhere.git 'no such repository'"
test_expect_success 'push disabled' "test_remote_error push repo.git 'service not enabled'"
-test_expect_success 'read access denied' "test_remote_error -x fetch repo.git 'no such repository'"
+test_expect_success 'read access denied' "test_remote_error -x fetch repo.git 'permission denied'"
test_expect_success 'not exported' "test_remote_error -n fetch repo.git 'repository not exported'"
stop_daemon
--
1.7.7
next prev parent reply other threads:[~2011-10-16 22:10 UTC|newest]
Thread overview: 117+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-10-01 1:26 [PATCH] transport: do not allow to push over git:// protocol Nguyễn Thái Ngọc Duy
2011-10-01 2:25 ` Ilari Liusvaara
2011-10-01 4:27 ` Nguyen Thai Ngoc Duy
2011-10-01 5:29 ` Jonathan Nieder
2011-10-03 9:12 ` Nguyen Thai Ngoc Duy
[not found] ` <20111002223805.0bd6678b@zappedws>
2011-10-02 21:11 ` Nguyen Thai Ngoc Duy
2011-10-03 7:42 ` Jeff King
2011-10-03 8:44 ` Johannes Sixt
2011-10-03 9:39 ` Jeff King
2011-10-03 9:44 ` Nguyen Thai Ngoc Duy
2011-10-03 9:47 ` Jeff King
2011-10-03 9:52 ` Nguyen Thai Ngoc Duy
2011-10-03 11:13 ` Jonathan Nieder
2011-10-03 19:28 ` [PATCH] daemon: print "access denied" if a service does not work Nguyễn Thái Ngọc Duy
2011-10-03 19:54 ` Jonathan Nieder
2011-10-03 19:57 ` Junio C Hamano
2011-10-03 21:55 ` [PATCH] daemon: return "access denied" if a service is not allowed Nguyễn Thái Ngọc Duy
2011-10-03 22:20 ` Junio C Hamano
2011-10-12 20:09 ` Jeff King
2011-10-13 2:14 ` Jonathan Nieder
2011-10-13 4:45 ` Nguyen Thai Ngoc Duy
2011-10-13 5:59 ` Jonathan Nieder
2011-10-13 6:56 ` Nguyen Thai Ngoc Duy
2011-10-13 7:02 ` Nguyen Thai Ngoc Duy
2011-10-13 18:28 ` Jeff King
2011-10-14 5:01 ` Junio C Hamano
2011-10-14 13:10 ` Jeff King
2011-10-14 19:23 ` Jeff King
2011-10-14 19:27 ` Jeff King
2011-10-14 20:24 ` Junio C Hamano
2011-10-14 20:34 ` Jeff King
2011-10-14 20:48 ` Junio C Hamano
2011-10-14 21:05 ` Jeff King
2011-10-14 21:06 ` Jonathan Nieder
2011-10-14 21:20 ` Jonathan Nieder
2011-10-14 21:02 ` Jonathan Nieder
2011-10-14 21:12 ` Jeff King
2011-10-14 21:19 ` [PATCHv3] daemon: give friendlier error messages to clients Jeff King
2011-10-14 21:52 ` Junio C Hamano
2011-10-14 23:39 ` Sitaram Chamarty
2011-10-15 5:55 ` Junio C Hamano
2011-10-15 7:09 ` Sitaram Chamarty
2011-10-15 8:16 ` Jakub Narebski
2011-10-15 8:26 ` Jonathan Nieder
2011-10-15 20:13 ` Junio C Hamano
2011-10-15 22:17 ` Jonathan Nieder
2011-10-16 1:51 ` Sitaram Chamarty
2011-10-15 0:51 ` Nguyen Thai Ngoc Duy
2011-10-16 22:11 ` [PATCH 1/2] daemon: add tests Clemens Buchacher
2011-10-16 22:11 ` Clemens Buchacher [this message]
2011-10-17 2:09 ` [PATCH 2/2] daemon: report permission denied error to clients Jeff King
2011-10-17 19:48 ` Clemens Buchacher
2011-10-17 19:51 ` Jeff King
2011-10-17 21:03 ` Junio C Hamano
2011-10-18 20:41 ` Clemens Buchacher
2011-10-19 6:33 ` Clemens Buchacher
2011-10-17 19:58 ` [PATCH v2 " Clemens Buchacher
2011-10-21 19:25 ` Junio C Hamano
2011-10-17 2:01 ` [PATCH 1/2] daemon: add tests Jeff King
2011-10-17 19:55 ` [PATCH] use test number as port number Clemens Buchacher
2011-10-17 20:57 ` Junio C Hamano
2011-10-18 20:09 ` Clemens Buchacher
2011-10-17 20:05 ` [PATCH 1/2] daemon: add tests Clemens Buchacher
2011-10-17 20:08 ` Jeff King
2012-01-02 9:25 ` Jonathan Nieder
2012-01-02 19:47 ` Clemens Buchacher
2012-01-03 19:18 ` Jeff King
2012-01-03 19:34 ` Junio C Hamano
2012-01-04 15:55 ` Clemens Buchacher
2012-01-04 15:55 ` [PATCH 1/6] t5550: repack everything into one file Clemens Buchacher
2012-01-04 18:05 ` Junio C Hamano
2012-01-04 15:55 ` [PATCH 2/6] daemon: add tests Clemens Buchacher
2012-01-04 15:55 ` [PATCH 3/6] avoid use of pkill Clemens Buchacher
2012-01-04 15:55 ` [PATCH 4/6] explain expected exit code Clemens Buchacher
2012-01-04 15:55 ` [PATCH 5/6] t5570: repack everything into one file Clemens Buchacher
2012-01-04 15:55 ` [PATCH 6/6] chmod: use lower-case x Clemens Buchacher
2012-01-04 18:00 ` [PATCH 1/2] daemon: add tests Junio C Hamano
2012-01-04 20:13 ` Junio C Hamano
2012-01-04 20:40 ` Clemens Buchacher
2012-01-04 22:15 ` Junio C Hamano
2012-01-04 22:26 ` Jeff King
2012-01-05 0:07 ` Clemens Buchacher
2012-01-05 0:24 ` Junio C Hamano
2012-01-05 0:38 ` Clemens Buchacher
2012-01-05 2:55 ` Jeff King
2012-01-05 16:06 ` Clemens Buchacher
2012-01-06 15:52 ` Jeff King
2012-01-06 19:48 ` Clemens Buchacher
2012-01-06 22:32 ` Jeff King
2012-01-07 11:54 ` [PATCH] credentials: unable to connect to cache daemon Clemens Buchacher
2012-01-07 14:55 ` Jeff King
2012-01-06 22:49 ` [PATCH 1/2] daemon: add tests Junio C Hamano
2012-01-07 11:42 ` Clemens Buchacher
2012-01-07 11:42 ` [PATCH 1/5] run-command: optionally kill children on exit Clemens Buchacher
2012-01-07 12:45 ` Erik Faye-Lund
2012-01-08 20:56 ` Clemens Buchacher
2012-01-07 14:41 ` Jeff King
2012-01-07 11:42 ` [PATCH 2/5] run-command: kill children on exit by default Clemens Buchacher
2012-01-07 14:50 ` Jeff King
2012-01-08 6:26 ` Junio C Hamano
2012-01-08 20:41 ` [PATCH 2/5 v2] dashed externals: kill children on exit Clemens Buchacher
2012-01-08 21:07 ` Jeff King
2012-01-07 11:42 ` [PATCH 3/5] git-daemon: add tests Clemens Buchacher
2012-01-07 11:42 ` [PATCH 4/5] git-daemon: produce output when ready Clemens Buchacher
2012-01-07 11:42 ` [PATCH 5/5] git-daemon tests: wait until daemon is ready Clemens Buchacher
2012-01-05 2:24 ` [PATCH 1/2] daemon: add tests Jakub Narebski
2012-01-05 2:51 ` Jeff King
2012-01-06 23:35 ` Jakub Narebski
2012-01-07 11:46 ` Clemens Buchacher
2012-01-06 6:17 ` Brian Gernhardt
2011-10-03 9:49 ` [PATCH] transport: do not allow to push over git:// protocol Jakub Narebski
2011-10-03 10:02 ` Jeff King
2011-10-03 11:01 ` Ilari Liusvaara
2011-10-03 11:26 ` [PATCH] Support ERR in remote archive like in fetch/push Jonathan Nieder
2011-10-03 11:45 ` René Scharfe
2011-10-03 18:13 ` [PATCH] transport: do not allow to push over git:// protocol Nguyen Thai Ngoc Duy
2011-10-03 20:27 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1318803076-4229-2-git-send-email-drizzd@aon.at \
--to=drizzd@aon.at \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).