mirrors
/
gitea
镜像来自 https://github.com/go-gitea/gitea.git
關注 1
收藏 0
複製 0
程式碼 問題 0 版本發佈 211 Wiki 活動
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
18004 提交
17 分支
目錄樹: 196346b6ad
分支列表 標籤
${ item.name }
建立分支 ${ searchTerm }
從 '196346b6ad'
${ noResults }
gitea/routers/web/repo/githttp.go

githttp.go 18KB
原始文件 Blame 歷史記錄

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Copyright 2019 The Gitea Authors. All rights reserved.

  3. // SPDX-License-Identifier: MIT

  4. 

  5. package repo

  6. 

  7. import (

  8. 	"bytes"

  9. 	"compress/gzip"

  10. 	gocontext "context"

  11. 	"fmt"

  12. 	"net/http"

  13. 	"os"

  14. 	"path/filepath"

  15. 	"regexp"

  16. 	"strconv"

  17. 	"strings"

  18. 	"sync"

  19. 	"time"

  20. 

  21. 	actions_model "code.gitea.io/gitea/models/actions"

  22. 	auth_model "code.gitea.io/gitea/models/auth"

  23. 	"code.gitea.io/gitea/models/perm"

  24. 	access_model "code.gitea.io/gitea/models/perm/access"

  25. 	repo_model "code.gitea.io/gitea/models/repo"

  26. 	"code.gitea.io/gitea/models/unit"

  27. 	"code.gitea.io/gitea/modules/git"

  28. 	"code.gitea.io/gitea/modules/log"

  29. 	repo_module "code.gitea.io/gitea/modules/repository"

  30. 	"code.gitea.io/gitea/modules/setting"

  31. 	"code.gitea.io/gitea/modules/structs"

  32. 	"code.gitea.io/gitea/modules/util"

  33. 	"code.gitea.io/gitea/services/context"

  34. 	repo_service "code.gitea.io/gitea/services/repository"

  35. 

  36. 	"github.com/go-chi/cors"

  37. )

  38. 

  39. func HTTPGitEnabledHandler(ctx *context.Context) {

  40. 	if setting.Repository.DisableHTTPGit {

  41. 		ctx.Resp.WriteHeader(http.StatusForbidden)

  42. 		_, _ = ctx.Resp.Write([]byte("Interacting with repositories by HTTP protocol is not allowed"))

  43. 	}

  44. }

  45. 

  46. func CorsHandler() func(next http.Handler) http.Handler {

  47. 	if setting.Repository.AccessControlAllowOrigin != "" {

  48. 		return cors.Handler(cors.Options{

  49. 			AllowedOrigins: []string{setting.Repository.AccessControlAllowOrigin},

  50. 			AllowedHeaders: []string{"Content-Type", "Authorization", "User-Agent"},

  51. 		})

  52. 	}

  53. 	return func(next http.Handler) http.Handler {

  54. 		return next

  55. 	}

  56. }

  57. 

  58. // httpBase implementation git smart HTTP protocol

  59. func httpBase(ctx *context.Context) *serviceHandler {

  60. 	username := ctx.Params(":username")

  61. 	reponame := strings.TrimSuffix(ctx.Params(":reponame"), ".git")

  62. 

  63. 	if ctx.FormString("go-get") == "1" {

  64. 		context.EarlyResponseForGoGetMeta(ctx)

  65. 		return nil

  66. 	}

  67. 

  68. 	var isPull, receivePack bool

  69. 	service := ctx.FormString("service")

  70. 	if service == "git-receive-pack" ||

  71. 		strings.HasSuffix(ctx.Req.URL.Path, "git-receive-pack") {

  72. 		isPull = false

  73. 		receivePack = true

  74. 	} else if service == "git-upload-pack" ||

  75. 		strings.HasSuffix(ctx.Req.URL.Path, "git-upload-pack") {

  76. 		isPull = true

  77. 	} else if service == "git-upload-archive" ||

  78. 		strings.HasSuffix(ctx.Req.URL.Path, "git-upload-archive") {

  79. 		isPull = true

  80. 	} else {

  81. 		isPull = ctx.Req.Method == "GET"

  82. 	}

  83. 

  84. 	var accessMode perm.AccessMode

  85. 	if isPull {

  86. 		accessMode = perm.AccessModeRead

  87. 	} else {

  88. 		accessMode = perm.AccessModeWrite

  89. 	}

  90. 

  91. 	isWiki := false

  92. 	unitType := unit.TypeCode

  93. 

  94. 	if strings.HasSuffix(reponame, ".wiki") {

  95. 		isWiki = true

  96. 		unitType = unit.TypeWiki

  97. 		reponame = reponame[:len(reponame)-5]

  98. 	}

  99. 

  100. 	owner := ctx.ContextUser

  101. 	if !owner.IsOrganization() && !owner.IsActive {

  102. 		ctx.PlainText(http.StatusForbidden, "Repository cannot be accessed. You cannot push or open issues/pull-requests.")

  103. 		return nil

  104. 	}

  105. 

  106. 	repoExist := true

  107. 	repo, err := repo_model.GetRepositoryByName(ctx, owner.ID, reponame)

  108. 	if err != nil {

  109. 		if !repo_model.IsErrRepoNotExist(err) {

  110. 			ctx.ServerError("GetRepositoryByName", err)

  111. 			return nil

  112. 		}

  113. 

  114. 		if redirectRepoID, err := repo_model.LookupRedirect(ctx, owner.ID, reponame); err == nil {

  115. 			context.RedirectToRepo(ctx.Base, redirectRepoID)

  116. 			return nil

  117. 		}

  118. 		repoExist = false

  119. 	}

  120. 

  121. 	// Don't allow pushing if the repo is archived

  122. 	if repoExist && repo.IsArchived && !isPull {

  123. 		ctx.PlainText(http.StatusForbidden, "This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.")

  124. 		return nil

  125. 	}

  126. 

  127. 	// Only public pull don't need auth.

  128. 	isPublicPull := repoExist && !repo.IsPrivate && isPull

  129. 	var (

  130. 		askAuth = !isPublicPull || setting.Service.RequireSignInView

  131. 		environ []string

  132. 	)

  133. 

  134. 	// don't allow anonymous pulls if organization is not public

  135. 	if isPublicPull {

  136. 		if err := repo.LoadOwner(ctx); err != nil {

  137. 			ctx.ServerError("LoadOwner", err)

  138. 			return nil

  139. 		}

  140. 

  141. 		askAuth = askAuth || (repo.Owner.Visibility != structs.VisibleTypePublic)

  142. 	}

  143. 

  144. 	// check access

  145. 	if askAuth {

  146. 		// rely on the results of Contexter

  147. 		if !ctx.IsSigned {

  148. 			// TODO: support digit auth - which would be Authorization header with digit

  149. 			ctx.Resp.Header().Set("WWW-Authenticate", `Basic realm="Gitea"`)

  150. 			ctx.Error(http.StatusUnauthorized)

  151. 			return nil

  152. 		}

  153. 

  154. 		context.CheckRepoScopedToken(ctx, repo, auth_model.GetScopeLevelFromAccessMode(accessMode))

  155. 		if ctx.Written() {

  156. 			return nil

  157. 		}

  158. 

  159. 		if ctx.IsBasicAuth && ctx.Data["IsApiToken"] != true && ctx.Data["IsActionsToken"] != true {

  160. 			_, err = auth_model.GetTwoFactorByUID(ctx, ctx.Doer.ID)

  161. 			if err == nil {

  162. 				// TODO: This response should be changed to "invalid credentials" for security reasons once the expectation behind it (creating an app token to authenticate) is properly documented

  163. 				ctx.PlainText(http.StatusUnauthorized, "Users with two-factor authentication enabled cannot perform HTTP/HTTPS operations via plain username and password. Please create and use a personal access token on the user settings page")

  164. 				return nil

  165. 			} else if !auth_model.IsErrTwoFactorNotEnrolled(err) {

  166. 				ctx.ServerError("IsErrTwoFactorNotEnrolled", err)

  167. 				return nil

  168. 			}

  169. 		}

  170. 

  171. 		if !ctx.Doer.IsActive || ctx.Doer.ProhibitLogin {

  172. 			ctx.PlainText(http.StatusForbidden, "Your account is disabled.")

  173. 			return nil

  174. 		}

  175. 

  176. 		environ = []string{

  177. 			repo_module.EnvRepoUsername + "=" + username,

  178. 			repo_module.EnvRepoName + "=" + reponame,

  179. 			repo_module.EnvPusherName + "=" + ctx.Doer.Name,

  180. 			repo_module.EnvPusherID + fmt.Sprintf("=%d", ctx.Doer.ID),

  181. 			repo_module.EnvAppURL + "=" + setting.AppURL,

  182. 		}

  183. 

  184. 		if repoExist {

  185. 			// Because of special ref "refs/for" .. , need delay write permission check

  186. 			if git.DefaultFeatures().SupportProcReceive {

  187. 				accessMode = perm.AccessModeRead

  188. 			}

  189. 

  190. 			if ctx.Data["IsActionsToken"] == true {

  191. 				taskID := ctx.Data["ActionsTaskID"].(int64)

  192. 				task, err := actions_model.GetTaskByID(ctx, taskID)

  193. 				if err != nil {

  194. 					ctx.ServerError("GetTaskByID", err)

  195. 					return nil

  196. 				}

  197. 				if task.RepoID != repo.ID {

  198. 					ctx.PlainText(http.StatusForbidden, "User permission denied")

  199. 					return nil

  200. 				}

  201. 

  202. 				if task.IsForkPullRequest {

  203. 					if accessMode > perm.AccessModeRead {

  204. 						ctx.PlainText(http.StatusForbidden, "User permission denied")

  205. 						return nil

  206. 					}

  207. 					environ = append(environ, fmt.Sprintf("%s=%d", repo_module.EnvActionPerm, perm.AccessModeRead))

  208. 				} else {

  209. 					if accessMode > perm.AccessModeWrite {

  210. 						ctx.PlainText(http.StatusForbidden, "User permission denied")

  211. 						return nil

  212. 					}

  213. 					environ = append(environ, fmt.Sprintf("%s=%d", repo_module.EnvActionPerm, perm.AccessModeWrite))

  214. 				}

  215. 			} else {

  216. 				p, err := access_model.GetUserRepoPermission(ctx, repo, ctx.Doer)

  217. 				if err != nil {

  218. 					ctx.ServerError("GetUserRepoPermission", err)

  219. 					return nil

  220. 				}

  221. 

  222. 				if !p.CanAccess(accessMode, unitType) {

  223. 					ctx.PlainText(http.StatusNotFound, "Repository not found")

  224. 					return nil

  225. 				}

  226. 			}

  227. 

  228. 			if !isPull && repo.IsMirror {

  229. 				ctx.PlainText(http.StatusForbidden, "mirror repository is read-only")

  230. 				return nil

  231. 			}

  232. 		}

  233. 

  234. 		if !ctx.Doer.KeepEmailPrivate {

  235. 			environ = append(environ, repo_module.EnvPusherEmail+"="+ctx.Doer.Email)

  236. 		}

  237. 

  238. 		if isWiki {

  239. 			environ = append(environ, repo_module.EnvRepoIsWiki+"=true")

  240. 		} else {

  241. 			environ = append(environ, repo_module.EnvRepoIsWiki+"=false")

  242. 		}

  243. 	}

  244. 

  245. 	if !repoExist {

  246. 		if !receivePack {

  247. 			ctx.PlainText(http.StatusNotFound, "Repository not found")

  248. 			return nil

  249. 		}

  250. 

  251. 		if isWiki { // you cannot send wiki operation before create the repository

  252. 			ctx.PlainText(http.StatusNotFound, "Repository not found")

  253. 			return nil

  254. 		}

  255. 

  256. 		if owner.IsOrganization() && !setting.Repository.EnablePushCreateOrg {

  257. 			ctx.PlainText(http.StatusForbidden, "Push to create is not enabled for organizations.")

  258. 			return nil

  259. 		}

  260. 		if !owner.IsOrganization() && !setting.Repository.EnablePushCreateUser {

  261. 			ctx.PlainText(http.StatusForbidden, "Push to create is not enabled for users.")

  262. 			return nil

  263. 		}

  264. 

  265. 		// Return dummy payload if GET receive-pack

  266. 		if ctx.Req.Method == http.MethodGet {

  267. 			dummyInfoRefs(ctx)

  268. 			return nil

  269. 		}

  270. 

  271. 		repo, err = repo_service.PushCreateRepo(ctx, ctx.Doer, owner, reponame)

  272. 		if err != nil {

  273. 			log.Error("pushCreateRepo: %v", err)

  274. 			ctx.Status(http.StatusNotFound)

  275. 			return nil

  276. 		}

  277. 	}

  278. 

  279. 	if isWiki {

  280. 		// Ensure the wiki is enabled before we allow access to it

  281. 		if _, err := repo.GetUnit(ctx, unit.TypeWiki); err != nil {

  282. 			if repo_model.IsErrUnitTypeNotExist(err) {

  283. 				ctx.PlainText(http.StatusForbidden, "repository wiki is disabled")

  284. 				return nil

  285. 			}

  286. 			log.Error("Failed to get the wiki unit in %-v Error: %v", repo, err)

  287. 			ctx.ServerError("GetUnit(UnitTypeWiki) for "+repo.FullName(), err)

  288. 			return nil

  289. 		}

  290. 	}

  291. 

  292. 	environ = append(environ, repo_module.EnvRepoID+fmt.Sprintf("=%d", repo.ID))

  293. 

  294. 	ctx.Req.URL.Path = strings.ToLower(ctx.Req.URL.Path) // blue: In case some repo name has upper case name

  295. 

  296. 	return &serviceHandler{repo, isWiki, environ}

  297. }

  298. 

  299. var (

  300. 	infoRefsCache []byte

  301. 	infoRefsOnce  sync.Once

  302. )

  303. 

  304. func dummyInfoRefs(ctx *context.Context) {

  305. 	infoRefsOnce.Do(func() {

  306. 		tmpDir, err := os.MkdirTemp(os.TempDir(), "gitea-info-refs-cache")

  307. 		if err != nil {

  308. 			log.Error("Failed to create temp dir for git-receive-pack cache: %v", err)

  309. 			return

  310. 		}

  311. 

  312. 		defer func() {

  313. 			if err := util.RemoveAll(tmpDir); err != nil {

  314. 				log.Error("RemoveAll: %v", err)

  315. 			}

  316. 		}()

  317. 

  318. 		if err := git.InitRepository(ctx, tmpDir, true, git.Sha1ObjectFormat.Name()); err != nil {

  319. 			log.Error("Failed to init bare repo for git-receive-pack cache: %v", err)

  320. 			return

  321. 		}

  322. 

  323. 		refs, _, err := git.NewCommand(ctx, "receive-pack", "--stateless-rpc", "--advertise-refs", ".").RunStdBytes(&git.RunOpts{Dir: tmpDir})

  324. 		if err != nil {

  325. 			log.Error(fmt.Sprintf("%v - %s", err, string(refs)))

  326. 		}

  327. 

  328. 		log.Debug("populating infoRefsCache: \n%s", string(refs))

  329. 		infoRefsCache = refs

  330. 	})

  331. 

  332. 	ctx.RespHeader().Set("Expires", "Fri, 01 Jan 1980 00:00:00 GMT")

  333. 	ctx.RespHeader().Set("Pragma", "no-cache")

  334. 	ctx.RespHeader().Set("Cache-Control", "no-cache, max-age=0, must-revalidate")

  335. 	ctx.RespHeader().Set("Content-Type", "application/x-git-receive-pack-advertisement")

  336. 	_, _ = ctx.Write(packetWrite("# service=git-receive-pack\n"))

  337. 	_, _ = ctx.Write([]byte("0000"))

  338. 	_, _ = ctx.Write(infoRefsCache)

  339. }

  340. 

  341. type serviceHandler struct {

  342. 	repo    *repo_model.Repository

  343. 	isWiki  bool

  344. 	environ []string

  345. }

  346. 

  347. func (h *serviceHandler) getRepoDir() string {

  348. 	if h.isWiki {

  349. 		return h.repo.WikiPath()

  350. 	}

  351. 	return h.repo.RepoPath()

  352. }

  353. 

  354. func setHeaderNoCache(ctx *context.Context) {

  355. 	ctx.Resp.Header().Set("Expires", "Fri, 01 Jan 1980 00:00:00 GMT")

  356. 	ctx.Resp.Header().Set("Pragma", "no-cache")

  357. 	ctx.Resp.Header().Set("Cache-Control", "no-cache, max-age=0, must-revalidate")

  358. }

  359. 

  360. func setHeaderCacheForever(ctx *context.Context) {

  361. 	now := time.Now().Unix()

  362. 	expires := now + 31536000

  363. 	ctx.Resp.Header().Set("Date", fmt.Sprintf("%d", now))

  364. 	ctx.Resp.Header().Set("Expires", fmt.Sprintf("%d", expires))

  365. 	ctx.Resp.Header().Set("Cache-Control", "public, max-age=31536000")

  366. }

  367. 

  368. func containsParentDirectorySeparator(v string) bool {

  369. 	if !strings.Contains(v, "..") {

  370. 		return false

  371. 	}

  372. 	for _, ent := range strings.FieldsFunc(v, isSlashRune) {

  373. 		if ent == ".." {

  374. 			return true

  375. 		}

  376. 	}

  377. 	return false

  378. }

  379. 

  380. func isSlashRune(r rune) bool { return r == '/' || r == '\\' }

  381. 

  382. func (h *serviceHandler) sendFile(ctx *context.Context, contentType, file string) {

  383. 	if containsParentDirectorySeparator(file) {

  384. 		log.Error("request file path contains invalid path: %v", file)

  385. 		ctx.Resp.WriteHeader(http.StatusBadRequest)

  386. 		return

  387. 	}

  388. 	reqFile := filepath.Join(h.getRepoDir(), file)

  389. 

  390. 	fi, err := os.Stat(reqFile)

  391. 	if os.IsNotExist(err) {

  392. 		ctx.Resp.WriteHeader(http.StatusNotFound)

  393. 		return

  394. 	}

  395. 

  396. 	ctx.Resp.Header().Set("Content-Type", contentType)

  397. 	ctx.Resp.Header().Set("Content-Length", fmt.Sprintf("%d", fi.Size()))

  398. 	ctx.Resp.Header().Set("Last-Modified", fi.ModTime().Format(http.TimeFormat))

  399. 	http.ServeFile(ctx.Resp, ctx.Req, reqFile)

  400. }

  401. 

  402. // one or more key=value pairs separated by colons

  403. var safeGitProtocolHeader = regexp.MustCompile(`^[0-9a-zA-Z]+=[0-9a-zA-Z]+(:[0-9a-zA-Z]+=[0-9a-zA-Z]+)*$`)

  404. 

  405. func prepareGitCmdWithAllowedService(ctx *context.Context, service string) (*git.Command, error) {

  406. 	if service == "receive-pack" {

  407. 		return git.NewCommand(ctx, "receive-pack"), nil

  408. 	}

  409. 	if service == "upload-pack" {

  410. 		return git.NewCommand(ctx, "upload-pack"), nil

  411. 	}

  412. 

  413. 	return nil, fmt.Errorf("service %q is not allowed", service)

  414. }

  415. 

  416. func serviceRPC(ctx *context.Context, h *serviceHandler, service string) {

  417. 	defer func() {

  418. 		if err := ctx.Req.Body.Close(); err != nil {

  419. 			log.Error("serviceRPC: Close: %v", err)

  420. 		}

  421. 	}()

  422. 

  423. 	expectedContentType := fmt.Sprintf("application/x-git-%s-request", service)

  424. 	if ctx.Req.Header.Get("Content-Type") != expectedContentType {

  425. 		log.Error("Content-Type (%q) doesn't match expected: %q", ctx.Req.Header.Get("Content-Type"), expectedContentType)

  426. 		ctx.Resp.WriteHeader(http.StatusUnauthorized)

  427. 		return

  428. 	}

  429. 

  430. 	cmd, err := prepareGitCmdWithAllowedService(ctx, service)

  431. 	if err != nil {

  432. 		log.Error("Failed to prepareGitCmdWithService: %v", err)

  433. 		ctx.Resp.WriteHeader(http.StatusUnauthorized)

  434. 		return

  435. 	}

  436. 

  437. 	ctx.Resp.Header().Set("Content-Type", fmt.Sprintf("application/x-git-%s-result", service))

  438. 

  439. 	reqBody := ctx.Req.Body

  440. 

  441. 	// Handle GZIP.

  442. 	if ctx.Req.Header.Get("Content-Encoding") == "gzip" {

  443. 		reqBody, err = gzip.NewReader(reqBody)

  444. 		if err != nil {

  445. 			log.Error("Fail to create gzip reader: %v", err)

  446. 			ctx.Resp.WriteHeader(http.StatusInternalServerError)

  447. 			return

  448. 		}

  449. 	}

  450. 

  451. 	// set this for allow pre-receive and post-receive execute

  452. 	h.environ = append(h.environ, "SSH_ORIGINAL_COMMAND="+service)

  453. 

  454. 	if protocol := ctx.Req.Header.Get("Git-Protocol"); protocol != "" && safeGitProtocolHeader.MatchString(protocol) {

  455. 		h.environ = append(h.environ, "GIT_PROTOCOL="+protocol)

  456. 	}

  457. 

  458. 	var stderr bytes.Buffer

  459. 	cmd.AddArguments("--stateless-rpc").AddDynamicArguments(h.getRepoDir())

  460. 	cmd.SetDescription(fmt.Sprintf("%s %s %s [repo_path: %s]", git.GitExecutable, service, "--stateless-rpc", h.getRepoDir()))

  461. 	if err := cmd.Run(&git.RunOpts{

  462. 		Dir:               h.getRepoDir(),

  463. 		Env:               append(os.Environ(), h.environ...),

  464. 		Stdout:            ctx.Resp,

  465. 		Stdin:             reqBody,

  466. 		Stderr:            &stderr,

  467. 		UseContextTimeout: true,

  468. 	}); err != nil {

  469. 		if err.Error() != "signal: killed" {

  470. 			log.Error("Fail to serve RPC(%s) in %s: %v - %s", service, h.getRepoDir(), err, stderr.String())

  471. 		}

  472. 		return

  473. 	}

  474. }

  475. 

  476. // ServiceUploadPack implements Git Smart HTTP protocol

  477. func ServiceUploadPack(ctx *context.Context) {

  478. 	h := httpBase(ctx)

  479. 	if h != nil {

  480. 		serviceRPC(ctx, h, "upload-pack")

  481. 	}

  482. }

  483. 

  484. // ServiceReceivePack implements Git Smart HTTP protocol

  485. func ServiceReceivePack(ctx *context.Context) {

  486. 	h := httpBase(ctx)

  487. 	if h != nil {

  488. 		serviceRPC(ctx, h, "receive-pack")

  489. 	}

  490. }

  491. 

  492. func getServiceType(ctx *context.Context) string {

  493. 	serviceType := ctx.Req.FormValue("service")

  494. 	if !strings.HasPrefix(serviceType, "git-") {

  495. 		return ""

  496. 	}

  497. 	return strings.TrimPrefix(serviceType, "git-")

  498. }

  499. 

  500. func updateServerInfo(ctx gocontext.Context, dir string) []byte {

  501. 	out, _, err := git.NewCommand(ctx, "update-server-info").RunStdBytes(&git.RunOpts{Dir: dir})

  502. 	if err != nil {

  503. 		log.Error(fmt.Sprintf("%v - %s", err, string(out)))

  504. 	}

  505. 	return out

  506. }

  507. 

  508. func packetWrite(str string) []byte {

  509. 	s := strconv.FormatInt(int64(len(str)+4), 16)

  510. 	if len(s)%4 != 0 {

  511. 		s = strings.Repeat("0", 4-len(s)%4) + s

  512. 	}

  513. 	return []byte(s + str)

  514. }

  515. 

  516. // GetInfoRefs implements Git dumb HTTP

  517. func GetInfoRefs(ctx *context.Context) {

  518. 	h := httpBase(ctx)

  519. 	if h == nil {

  520. 		return

  521. 	}

  522. 	setHeaderNoCache(ctx)

  523. 	service := getServiceType(ctx)

  524. 	cmd, err := prepareGitCmdWithAllowedService(ctx, service)

  525. 	if err == nil {

  526. 		if protocol := ctx.Req.Header.Get("Git-Protocol"); protocol != "" && safeGitProtocolHeader.MatchString(protocol) {

  527. 			h.environ = append(h.environ, "GIT_PROTOCOL="+protocol)

  528. 		}

  529. 		h.environ = append(os.Environ(), h.environ...)

  530. 

  531. 		refs, _, err := cmd.AddArguments("--stateless-rpc", "--advertise-refs", ".").RunStdBytes(&git.RunOpts{Env: h.environ, Dir: h.getRepoDir()})

  532. 		if err != nil {

  533. 			log.Error(fmt.Sprintf("%v - %s", err, string(refs)))

  534. 		}

  535. 

  536. 		ctx.Resp.Header().Set("Content-Type", fmt.Sprintf("application/x-git-%s-advertisement", service))

  537. 		ctx.Resp.WriteHeader(http.StatusOK)

  538. 		_, _ = ctx.Resp.Write(packetWrite("# service=git-" + service + "\n"))

  539. 		_, _ = ctx.Resp.Write([]byte("0000"))

  540. 		_, _ = ctx.Resp.Write(refs)

  541. 	} else {

  542. 		updateServerInfo(ctx, h.getRepoDir())

  543. 		h.sendFile(ctx, "text/plain; charset=utf-8", "info/refs")

  544. 	}

  545. }

  546. 

  547. // GetTextFile implements Git dumb HTTP

  548. func GetTextFile(p string) func(*context.Context) {

  549. 	return func(ctx *context.Context) {

  550. 		h := httpBase(ctx)

  551. 		if h != nil {

  552. 			setHeaderNoCache(ctx)

  553. 			file := ctx.Params("file")

  554. 			if file != "" {

  555. 				h.sendFile(ctx, "text/plain", "objects/info/"+file)

  556. 			} else {

  557. 				h.sendFile(ctx, "text/plain", p)

  558. 			}

  559. 		}

  560. 	}

  561. }

  562. 

  563. // GetInfoPacks implements Git dumb HTTP

  564. func GetInfoPacks(ctx *context.Context) {

  565. 	h := httpBase(ctx)

  566. 	if h != nil {

  567. 		setHeaderCacheForever(ctx)

  568. 		h.sendFile(ctx, "text/plain; charset=utf-8", "objects/info/packs")

  569. 	}

  570. }

  571. 

  572. // GetLooseObject implements Git dumb HTTP

  573. func GetLooseObject(ctx *context.Context) {

  574. 	h := httpBase(ctx)

  575. 	if h != nil {

  576. 		setHeaderCacheForever(ctx)

  577. 		h.sendFile(ctx, "application/x-git-loose-object", fmt.Sprintf("objects/%s/%s",

  578. 			ctx.Params("head"), ctx.Params("hash")))

  579. 	}

  580. }

  581. 

  582. // GetPackFile implements Git dumb HTTP

  583. func GetPackFile(ctx *context.Context) {

  584. 	h := httpBase(ctx)

  585. 	if h != nil {

  586. 		setHeaderCacheForever(ctx)

  587. 		h.sendFile(ctx, "application/x-git-packed-objects", "objects/pack/pack-"+ctx.Params("file")+".pack")

  588. 	}

  589. }

  590. 

  591. // GetIdxFile implements Git dumb HTTP

  592. func GetIdxFile(ctx *context.Context) {

  593. 	h := httpBase(ctx)

  594. 	if h != nil {

  595. 		setHeaderCacheForever(ctx)

  596. 		h.sendFile(ctx, "application/x-git-packed-objects-toc", "objects/pack/pack-"+ctx.Params("file")+".idx")

  597. 	}

  598. }