From: Paul Collins <paul@briny.ondioline.org>
To: git@vger.kernel.org
Subject: [PATCH] RFC: proxy-command support for git://
Date: Thu, 03 Nov 2005 15:55:24 +0000 [thread overview]
Message-ID: <87fyqdbuab.fsf@briny.internal.ondioline.org> (raw)
I spend some of my time using a network that only allows outgoing TCP
connections to certain ports, and the git-daemon port is not one of them.
This patch below implements an analogue to ssh's ProxyCommand feature
for git, as a less messy alternative to ssh port forwarding. One can
use it to ssh to a bastion host and netcat to the destination:
$ cat ~/bin/my-git-proxy-command
#!/bin/sh
exec ssh bastionhost nc "$1" "$2"
I've done a few pulls and a clone with it, and it seems to work.
Questions:
* Can git already do this and I just failed to notice?
* Where should git_use_proxy() look? Some git configuration file?
An environment variable? Both? Somewhere else?
It also needs to support non-default ports and probably other things I missed.
diff --git a/connect.c b/connect.c
index c2badc7..646e26f 100644
--- a/connect.c
+++ b/connect.c
@@ -448,6 +448,40 @@ static int git_tcp_connect(int fd[2], co
#endif /* NO_IPV6 */
+static int git_proxy_connect(int fd[2], const char *prog, char *host, char *path)
+{
+ char *command = "my-git-proxy-command"; /* FIXME: cf. git_use_proxy() */
+ char *port = STR(DEFAULT_GIT_PORT);
+ int pipefd[2][2];
+ pid_t pid;
+
+ if (pipe(pipefd[0]) < 0 || pipe(pipefd[1]) < 0)
+ die("unable to create pipe pair for communication");
+ pid = fork();
+ if (!pid) {
+ dup2(pipefd[1][0], 0);
+ dup2(pipefd[0][1], 1);
+ close(pipefd[0][0]);
+ close(pipefd[0][1]);
+ close(pipefd[1][0]);
+ close(pipefd[1][1]);
+ execlp(command, command, host, port, NULL);
+ die("exec failed");
+ }
+ fd[0] = pipefd[0][0];
+ fd[1] = pipefd[1][1];
+ close(pipefd[0][1]);
+ close(pipefd[1][0]);
+ packet_write(fd[1], "%s %s\n", prog, path);
+ return pid;
+}
+
+static int git_use_proxy(void)
+{
+ /* FIXME: look for the proxy command somewhere - repo's config? environment? */
+ return 1;
+}
+
/*
* Yeah, yeah, fixme. Need to pass in the heads etc.
*/
@@ -482,8 +516,11 @@ int git_connect(int fd[2], char *url, co
}
}
- if (protocol == PROTO_GIT)
+ if (protocol == PROTO_GIT) {
+ if (git_use_proxy())
+ return git_proxy_connect(fd, prog, host, path);
return git_tcp_connect(fd, prog, host, path);
+ }
if (pipe(pipefd[0]) < 0 || pipe(pipefd[1]) < 0)
die("unable to create pipe pair for communication");
--
Dag vijandelijk luchtschip de huismeester is dood
next reply other threads:[~2005-11-03 16:00 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-11-03 15:55 Paul Collins [this message]
2005-11-03 18:54 ` [PATCH] RFC: proxy-command support for git:// Junio C Hamano
2005-11-03 19:22 ` Linus Torvalds
2005-11-03 20:41 ` Carl Baldwin
2005-11-03 21:31 ` Junio C Hamano
2005-11-04 14:57 ` [PATCH] v2: " Paul Collins
2005-11-04 16:50 ` Junio C Hamano
2005-11-04 18:57 ` Junio C Hamano
2005-11-04 21:06 ` Paul Collins
2005-11-04 21:42 ` Junio C Hamano
2005-11-04 22:04 ` Paul Collins
2005-11-04 22:15 ` Linus Torvalds
2005-11-19 12:13 ` [PATCH] git-proxy updates Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87fyqdbuab.fsf@briny.internal.ondioline.org \
--to=paul@briny.ondioline.org \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).