mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
13220 Commits
17 Branches
Tree: 4ca1d7547a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4ca1d7547a'
${ noResults }
gitea/routers/web/repo/http.go

http.go 17KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Copyright 2019 The Gitea Authors. All rights reserved.

  3. // Use of this source code is governed by a MIT-style

  4. // license that can be found in the LICENSE file.

  5. 

  6. package repo

  7. 

  8. import (

  9. 	"bytes"

  10. 	"compress/gzip"

  11. 	gocontext "context"

  12. 	"fmt"

  13. 	"net/http"

  14. 	"os"

  15. 	"path"

  16. 	"regexp"

  17. 	"strconv"

  18. 	"strings"

  19. 	"sync"

  20. 	"time"

  21. 

  22. 	"code.gitea.io/gitea/models"

  23. 	"code.gitea.io/gitea/models/auth"

  24. 	"code.gitea.io/gitea/models/perm"

  25. 	repo_model "code.gitea.io/gitea/models/repo"

  26. 	"code.gitea.io/gitea/models/unit"

  27. 	"code.gitea.io/gitea/modules/context"

  28. 	"code.gitea.io/gitea/modules/git"

  29. 	"code.gitea.io/gitea/modules/log"

  30. 	repo_module "code.gitea.io/gitea/modules/repository"

  31. 	"code.gitea.io/gitea/modules/setting"

  32. 	"code.gitea.io/gitea/modules/structs"

  33. 	"code.gitea.io/gitea/modules/util"

  34. 	repo_service "code.gitea.io/gitea/services/repository"

  35. )

  36. 

  37. // httpBase implementation git smart HTTP protocol

  38. func httpBase(ctx *context.Context) (h *serviceHandler) {

  39. 	if setting.Repository.DisableHTTPGit {

  40. 		ctx.Resp.WriteHeader(http.StatusForbidden)

  41. 		_, err := ctx.Resp.Write([]byte("Interacting with repositories by HTTP protocol is not allowed"))

  42. 		if err != nil {

  43. 			log.Error(err.Error())

  44. 		}

  45. 		return

  46. 	}

  47. 

  48. 	if len(setting.Repository.AccessControlAllowOrigin) > 0 {

  49. 		allowedOrigin := setting.Repository.AccessControlAllowOrigin

  50. 		// Set CORS headers for browser-based git clients

  51. 		ctx.Resp.Header().Set("Access-Control-Allow-Origin", allowedOrigin)

  52. 		ctx.Resp.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization, User-Agent")

  53. 

  54. 		// Handle preflight OPTIONS request

  55. 		if ctx.Req.Method == "OPTIONS" {

  56. 			if allowedOrigin == "*" {

  57. 				ctx.Status(http.StatusOK)

  58. 			} else if allowedOrigin == "null" {

  59. 				ctx.Status(http.StatusForbidden)

  60. 			} else {

  61. 				origin := ctx.Req.Header.Get("Origin")

  62. 				if len(origin) > 0 && origin == allowedOrigin {

  63. 					ctx.Status(http.StatusOK)

  64. 				} else {

  65. 					ctx.Status(http.StatusForbidden)

  66. 				}

  67. 			}

  68. 			return

  69. 		}

  70. 	}

  71. 

  72. 	username := ctx.Params(":username")

  73. 	reponame := strings.TrimSuffix(ctx.Params(":reponame"), ".git")

  74. 

  75. 	if ctx.FormString("go-get") == "1" {

  76. 		context.EarlyResponseForGoGetMeta(ctx)

  77. 		return

  78. 	}

  79. 

  80. 	var isPull, receivePack bool

  81. 	service := ctx.FormString("service")

  82. 	if service == "git-receive-pack" ||

  83. 		strings.HasSuffix(ctx.Req.URL.Path, "git-receive-pack") {

  84. 		isPull = false

  85. 		receivePack = true

  86. 	} else if service == "git-upload-pack" ||

  87. 		strings.HasSuffix(ctx.Req.URL.Path, "git-upload-pack") {

  88. 		isPull = true

  89. 	} else if service == "git-upload-archive" ||

  90. 		strings.HasSuffix(ctx.Req.URL.Path, "git-upload-archive") {

  91. 		isPull = true

  92. 	} else {

  93. 		isPull = ctx.Req.Method == "GET"

  94. 	}

  95. 

  96. 	var accessMode perm.AccessMode

  97. 	if isPull {

  98. 		accessMode = perm.AccessModeRead

  99. 	} else {

  100. 		accessMode = perm.AccessModeWrite

  101. 	}

  102. 

  103. 	isWiki := false

  104. 	unitType := unit.TypeCode

  105. 	var wikiRepoName string

  106. 	if strings.HasSuffix(reponame, ".wiki") {

  107. 		isWiki = true

  108. 		unitType = unit.TypeWiki

  109. 		wikiRepoName = reponame

  110. 		reponame = reponame[:len(reponame)-5]

  111. 	}

  112. 

  113. 	owner := ctx.ContextUser

  114. 	if !owner.IsOrganization() && !owner.IsActive {

  115. 		ctx.PlainText(http.StatusForbidden, "Repository cannot be accessed. You cannot push or open issues/pull-requests.")

  116. 		return

  117. 	}

  118. 

  119. 	repoExist := true

  120. 	repo, err := repo_model.GetRepositoryByName(owner.ID, reponame)

  121. 	if err != nil {

  122. 		if repo_model.IsErrRepoNotExist(err) {

  123. 			if redirectRepoID, err := repo_model.LookupRedirect(owner.ID, reponame); err == nil {

  124. 				context.RedirectToRepo(ctx, redirectRepoID)

  125. 				return

  126. 			}

  127. 			repoExist = false

  128. 		} else {

  129. 			ctx.ServerError("GetRepositoryByName", err)

  130. 			return

  131. 		}

  132. 	}

  133. 

  134. 	// Don't allow pushing if the repo is archived

  135. 	if repoExist && repo.IsArchived && !isPull {

  136. 		ctx.PlainText(http.StatusForbidden, "This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.")

  137. 		return

  138. 	}

  139. 

  140. 	// Only public pull don't need auth.

  141. 	isPublicPull := repoExist && !repo.IsPrivate && isPull

  142. 	var (

  143. 		askAuth = !isPublicPull || setting.Service.RequireSignInView

  144. 		environ []string

  145. 	)

  146. 

  147. 	// don't allow anonymous pulls if organization is not public

  148. 	if isPublicPull {

  149. 		if err := repo.GetOwner(ctx); err != nil {

  150. 			ctx.ServerError("GetOwner", err)

  151. 			return

  152. 		}

  153. 

  154. 		askAuth = askAuth || (repo.Owner.Visibility != structs.VisibleTypePublic)

  155. 	}

  156. 

  157. 	// check access

  158. 	if askAuth {

  159. 		// rely on the results of Contexter

  160. 		if !ctx.IsSigned {

  161. 			// TODO: support digit auth - which would be Authorization header with digit

  162. 			ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=\".\"")

  163. 			ctx.Error(http.StatusUnauthorized)

  164. 			return

  165. 		}

  166. 

  167. 		if ctx.IsBasicAuth && ctx.Data["IsApiToken"] != true {

  168. 			_, err = auth.GetTwoFactorByUID(ctx.Doer.ID)

  169. 			if err == nil {

  170. 				// TODO: This response should be changed to "invalid credentials" for security reasons once the expectation behind it (creating an app token to authenticate) is properly documented

  171. 				ctx.PlainText(http.StatusUnauthorized, "Users with two-factor authentication enabled cannot perform HTTP/HTTPS operations via plain username and password. Please create and use a personal access token on the user settings page")

  172. 				return

  173. 			} else if !auth.IsErrTwoFactorNotEnrolled(err) {

  174. 				ctx.ServerError("IsErrTwoFactorNotEnrolled", err)

  175. 				return

  176. 			}

  177. 		}

  178. 

  179. 		if !ctx.Doer.IsActive || ctx.Doer.ProhibitLogin {

  180. 			ctx.PlainText(http.StatusForbidden, "Your account is disabled.")

  181. 			return

  182. 		}

  183. 

  184. 		if repoExist {

  185. 			p, err := models.GetUserRepoPermission(ctx, repo, ctx.Doer)

  186. 			if err != nil {

  187. 				ctx.ServerError("GetUserRepoPermission", err)

  188. 				return

  189. 			}

  190. 

  191. 			// Because of special ref "refs/for" .. , need delay write permission check

  192. 			if git.SupportProcReceive {

  193. 				accessMode = perm.AccessModeRead

  194. 			}

  195. 

  196. 			if !p.CanAccess(accessMode, unitType) {

  197. 				ctx.PlainText(http.StatusForbidden, "User permission denied")

  198. 				return

  199. 			}

  200. 

  201. 			if !isPull && repo.IsMirror {

  202. 				ctx.PlainText(http.StatusForbidden, "mirror repository is read-only")

  203. 				return

  204. 			}

  205. 		}

  206. 

  207. 		environ = []string{

  208. 			repo_module.EnvRepoUsername + "=" + username,

  209. 			repo_module.EnvRepoName + "=" + reponame,

  210. 			repo_module.EnvPusherName + "=" + ctx.Doer.Name,

  211. 			repo_module.EnvPusherID + fmt.Sprintf("=%d", ctx.Doer.ID),

  212. 			repo_module.EnvAppURL + "=" + setting.AppURL,

  213. 		}

  214. 

  215. 		if !ctx.Doer.KeepEmailPrivate {

  216. 			environ = append(environ, repo_module.EnvPusherEmail+"="+ctx.Doer.Email)

  217. 		}

  218. 

  219. 		if isWiki {

  220. 			environ = append(environ, repo_module.EnvRepoIsWiki+"=true")

  221. 		} else {

  222. 			environ = append(environ, repo_module.EnvRepoIsWiki+"=false")

  223. 		}

  224. 	}

  225. 

  226. 	if !repoExist {

  227. 		if !receivePack {

  228. 			ctx.PlainText(http.StatusNotFound, "Repository not found")

  229. 			return

  230. 		}

  231. 

  232. 		if isWiki { // you cannot send wiki operation before create the repository

  233. 			ctx.PlainText(http.StatusNotFound, "Repository not found")

  234. 			return

  235. 		}

  236. 

  237. 		if owner.IsOrganization() && !setting.Repository.EnablePushCreateOrg {

  238. 			ctx.PlainText(http.StatusForbidden, "Push to create is not enabled for organizations.")

  239. 			return

  240. 		}

  241. 		if !owner.IsOrganization() && !setting.Repository.EnablePushCreateUser {

  242. 			ctx.PlainText(http.StatusForbidden, "Push to create is not enabled for users.")

  243. 			return

  244. 		}

  245. 

  246. 		// Return dummy payload if GET receive-pack

  247. 		if ctx.Req.Method == http.MethodGet {

  248. 			dummyInfoRefs(ctx)

  249. 			return

  250. 		}

  251. 

  252. 		repo, err = repo_service.PushCreateRepo(ctx.Doer, owner, reponame)

  253. 		if err != nil {

  254. 			log.Error("pushCreateRepo: %v", err)

  255. 			ctx.Status(http.StatusNotFound)

  256. 			return

  257. 		}

  258. 	}

  259. 

  260. 	if isWiki {

  261. 		// Ensure the wiki is enabled before we allow access to it

  262. 		if _, err := repo.GetUnit(unit.TypeWiki); err != nil {

  263. 			if repo_model.IsErrUnitTypeNotExist(err) {

  264. 				ctx.PlainText(http.StatusForbidden, "repository wiki is disabled")

  265. 				return

  266. 			}

  267. 			log.Error("Failed to get the wiki unit in %-v Error: %v", repo, err)

  268. 			ctx.ServerError("GetUnit(UnitTypeWiki) for "+repo.FullName(), err)

  269. 			return

  270. 		}

  271. 	}

  272. 

  273. 	environ = append(environ, repo_module.EnvRepoID+fmt.Sprintf("=%d", repo.ID))

  274. 

  275. 	w := ctx.Resp

  276. 	r := ctx.Req

  277. 	cfg := &serviceConfig{

  278. 		UploadPack:  true,

  279. 		ReceivePack: true,

  280. 		Env:         environ,

  281. 	}

  282. 

  283. 	r.URL.Path = strings.ToLower(r.URL.Path) // blue: In case some repo name has upper case name

  284. 

  285. 	dir := repo_model.RepoPath(username, reponame)

  286. 	if isWiki {

  287. 		dir = repo_model.RepoPath(username, wikiRepoName)

  288. 	}

  289. 

  290. 	return &serviceHandler{cfg, w, r, dir, cfg.Env}

  291. }

  292. 

  293. var (

  294. 	infoRefsCache []byte

  295. 	infoRefsOnce  sync.Once

  296. )

  297. 

  298. func dummyInfoRefs(ctx *context.Context) {

  299. 	infoRefsOnce.Do(func() {

  300. 		tmpDir, err := os.MkdirTemp(os.TempDir(), "gitea-info-refs-cache")

  301. 		if err != nil {

  302. 			log.Error("Failed to create temp dir for git-receive-pack cache: %v", err)

  303. 			return

  304. 		}

  305. 

  306. 		defer func() {

  307. 			if err := util.RemoveAll(tmpDir); err != nil {

  308. 				log.Error("RemoveAll: %v", err)

  309. 			}

  310. 		}()

  311. 

  312. 		if err := git.InitRepository(ctx, tmpDir, true); err != nil {

  313. 			log.Error("Failed to init bare repo for git-receive-pack cache: %v", err)

  314. 			return

  315. 		}

  316. 

  317. 		refs, _, err := git.NewCommand(ctx, "receive-pack", "--stateless-rpc", "--advertise-refs", ".").RunStdBytes(&git.RunOpts{Dir: tmpDir})

  318. 		if err != nil {

  319. 			log.Error(fmt.Sprintf("%v - %s", err, string(refs)))

  320. 		}

  321. 

  322. 		log.Debug("populating infoRefsCache: \n%s", string(refs))

  323. 		infoRefsCache = refs

  324. 	})

  325. 

  326. 	ctx.RespHeader().Set("Expires", "Fri, 01 Jan 1980 00:00:00 GMT")

  327. 	ctx.RespHeader().Set("Pragma", "no-cache")

  328. 	ctx.RespHeader().Set("Cache-Control", "no-cache, max-age=0, must-revalidate")

  329. 	ctx.RespHeader().Set("Content-Type", "application/x-git-receive-pack-advertisement")

  330. 	_, _ = ctx.Write(packetWrite("# service=git-receive-pack\n"))

  331. 	_, _ = ctx.Write([]byte("0000"))

  332. 	_, _ = ctx.Write(infoRefsCache)

  333. }

  334. 

  335. type serviceConfig struct {

  336. 	UploadPack  bool

  337. 	ReceivePack bool

  338. 	Env         []string

  339. }

  340. 

  341. type serviceHandler struct {

  342. 	cfg     *serviceConfig

  343. 	w       http.ResponseWriter

  344. 	r       *http.Request

  345. 	dir     string

  346. 	environ []string

  347. }

  348. 

  349. func (h *serviceHandler) setHeaderNoCache() {

  350. 	h.w.Header().Set("Expires", "Fri, 01 Jan 1980 00:00:00 GMT")

  351. 	h.w.Header().Set("Pragma", "no-cache")

  352. 	h.w.Header().Set("Cache-Control", "no-cache, max-age=0, must-revalidate")

  353. }

  354. 

  355. func (h *serviceHandler) setHeaderCacheForever() {

  356. 	now := time.Now().Unix()

  357. 	expires := now + 31536000

  358. 	h.w.Header().Set("Date", fmt.Sprintf("%d", now))

  359. 	h.w.Header().Set("Expires", fmt.Sprintf("%d", expires))

  360. 	h.w.Header().Set("Cache-Control", "public, max-age=31536000")

  361. }

  362. 

  363. func containsParentDirectorySeparator(v string) bool {

  364. 	if !strings.Contains(v, "..") {

  365. 		return false

  366. 	}

  367. 	for _, ent := range strings.FieldsFunc(v, isSlashRune) {

  368. 		if ent == ".." {

  369. 			return true

  370. 		}

  371. 	}

  372. 	return false

  373. }

  374. 

  375. func isSlashRune(r rune) bool { return r == '/' || r == '\\' }

  376. 

  377. func (h *serviceHandler) sendFile(contentType, file string) {

  378. 	if containsParentDirectorySeparator(file) {

  379. 		log.Error("request file path contains invalid path: %v", file)

  380. 		h.w.WriteHeader(http.StatusBadRequest)

  381. 		return

  382. 	}

  383. 	reqFile := path.Join(h.dir, file)

  384. 

  385. 	fi, err := os.Stat(reqFile)

  386. 	if os.IsNotExist(err) {

  387. 		h.w.WriteHeader(http.StatusNotFound)

  388. 		return

  389. 	}

  390. 

  391. 	h.w.Header().Set("Content-Type", contentType)

  392. 	h.w.Header().Set("Content-Length", fmt.Sprintf("%d", fi.Size()))

  393. 	h.w.Header().Set("Last-Modified", fi.ModTime().Format(http.TimeFormat))

  394. 	http.ServeFile(h.w, h.r, reqFile)

  395. }

  396. 

  397. // one or more key=value pairs separated by colons

  398. var safeGitProtocolHeader = regexp.MustCompile(`^[0-9a-zA-Z]+=[0-9a-zA-Z]+(:[0-9a-zA-Z]+=[0-9a-zA-Z]+)*$`)

  399. 

  400. func getGitConfig(ctx gocontext.Context, option, dir string) string {

  401. 	out, _, err := git.NewCommand(ctx, "config", option).RunStdString(&git.RunOpts{Dir: dir})

  402. 	if err != nil {

  403. 		log.Error("%v - %s", err, out)

  404. 	}

  405. 	return out[0 : len(out)-1]

  406. }

  407. 

  408. func getConfigSetting(ctx gocontext.Context, service, dir string) bool {

  409. 	service = strings.ReplaceAll(service, "-", "")

  410. 	setting := getGitConfig(ctx, "http."+service, dir)

  411. 

  412. 	if service == "uploadpack" {

  413. 		return setting != "false"

  414. 	}

  415. 

  416. 	return setting == "true"

  417. }

  418. 

  419. func hasAccess(ctx gocontext.Context, service string, h serviceHandler, checkContentType bool) bool {

  420. 	if checkContentType {

  421. 		if h.r.Header.Get("Content-Type") != fmt.Sprintf("application/x-git-%s-request", service) {

  422. 			return false

  423. 		}

  424. 	}

  425. 

  426. 	if !(service == "upload-pack" || service == "receive-pack") {

  427. 		return false

  428. 	}

  429. 	if service == "receive-pack" {

  430. 		return h.cfg.ReceivePack

  431. 	}

  432. 	if service == "upload-pack" {

  433. 		return h.cfg.UploadPack

  434. 	}

  435. 

  436. 	return getConfigSetting(ctx, service, h.dir)

  437. }

  438. 

  439. func serviceRPC(ctx gocontext.Context, h serviceHandler, service string) {

  440. 	defer func() {

  441. 		if err := h.r.Body.Close(); err != nil {

  442. 			log.Error("serviceRPC: Close: %v", err)

  443. 		}

  444. 	}()

  445. 

  446. 	if !hasAccess(ctx, service, h, true) {

  447. 		h.w.WriteHeader(http.StatusUnauthorized)

  448. 		return

  449. 	}

  450. 

  451. 	h.w.Header().Set("Content-Type", fmt.Sprintf("application/x-git-%s-result", service))

  452. 

  453. 	var err error

  454. 	reqBody := h.r.Body

  455. 

  456. 	// Handle GZIP.

  457. 	if h.r.Header.Get("Content-Encoding") == "gzip" {

  458. 		reqBody, err = gzip.NewReader(reqBody)

  459. 		if err != nil {

  460. 			log.Error("Fail to create gzip reader: %v", err)

  461. 			h.w.WriteHeader(http.StatusInternalServerError)

  462. 			return

  463. 		}

  464. 	}

  465. 

  466. 	// set this for allow pre-receive and post-receive execute

  467. 	h.environ = append(h.environ, "SSH_ORIGINAL_COMMAND="+service)

  468. 

  469. 	if protocol := h.r.Header.Get("Git-Protocol"); protocol != "" && safeGitProtocolHeader.MatchString(protocol) {

  470. 		h.environ = append(h.environ, "GIT_PROTOCOL="+protocol)

  471. 	}

  472. 

  473. 	var stderr bytes.Buffer

  474. 	cmd := git.NewCommand(h.r.Context(), service, "--stateless-rpc", h.dir)

  475. 	cmd.SetDescription(fmt.Sprintf("%s %s %s [repo_path: %s]", git.GitExecutable, service, "--stateless-rpc", h.dir))

  476. 	if err := cmd.Run(&git.RunOpts{

  477. 		Dir:    h.dir,

  478. 		Env:    append(os.Environ(), h.environ...),

  479. 		Stdout: h.w,

  480. 		Stdin:  reqBody,

  481. 		Stderr: &stderr,

  482. 	}); err != nil {

  483. 		if err.Error() != "signal: killed" {

  484. 			log.Error("Fail to serve RPC(%s) in %s: %v - %s", service, h.dir, err, stderr.String())

  485. 		}

  486. 		return

  487. 	}

  488. }

  489. 

  490. // ServiceUploadPack implements Git Smart HTTP protocol

  491. func ServiceUploadPack(ctx *context.Context) {

  492. 	h := httpBase(ctx)

  493. 	if h != nil {

  494. 		serviceRPC(ctx, *h, "upload-pack")

  495. 	}

  496. }

  497. 

  498. // ServiceReceivePack implements Git Smart HTTP protocol

  499. func ServiceReceivePack(ctx *context.Context) {

  500. 	h := httpBase(ctx)

  501. 	if h != nil {

  502. 		serviceRPC(ctx, *h, "receive-pack")

  503. 	}

  504. }

  505. 

  506. func getServiceType(r *http.Request) string {

  507. 	serviceType := r.FormValue("service")

  508. 	if !strings.HasPrefix(serviceType, "git-") {

  509. 		return ""

  510. 	}

  511. 	return strings.Replace(serviceType, "git-", "", 1)

  512. }

  513. 

  514. func updateServerInfo(ctx gocontext.Context, dir string) []byte {

  515. 	out, _, err := git.NewCommand(ctx, "update-server-info").RunStdBytes(&git.RunOpts{Dir: dir})

  516. 	if err != nil {

  517. 		log.Error(fmt.Sprintf("%v - %s", err, string(out)))

  518. 	}

  519. 	return out

  520. }

  521. 

  522. func packetWrite(str string) []byte {

  523. 	s := strconv.FormatInt(int64(len(str)+4), 16)

  524. 	if len(s)%4 != 0 {

  525. 		s = strings.Repeat("0", 4-len(s)%4) + s

  526. 	}

  527. 	return []byte(s + str)

  528. }

  529. 

  530. // GetInfoRefs implements Git dumb HTTP

  531. func GetInfoRefs(ctx *context.Context) {

  532. 	h := httpBase(ctx)

  533. 	if h == nil {

  534. 		return

  535. 	}

  536. 	h.setHeaderNoCache()

  537. 	if hasAccess(ctx, getServiceType(h.r), *h, false) {

  538. 		service := getServiceType(h.r)

  539. 

  540. 		if protocol := h.r.Header.Get("Git-Protocol"); protocol != "" && safeGitProtocolHeader.MatchString(protocol) {

  541. 			h.environ = append(h.environ, "GIT_PROTOCOL="+protocol)

  542. 		}

  543. 		h.environ = append(os.Environ(), h.environ...)

  544. 

  545. 		refs, _, err := git.NewCommand(ctx, service, "--stateless-rpc", "--advertise-refs", ".").RunStdBytes(&git.RunOpts{Env: h.environ, Dir: h.dir})

  546. 		if err != nil {

  547. 			log.Error(fmt.Sprintf("%v - %s", err, string(refs)))

  548. 		}

  549. 

  550. 		h.w.Header().Set("Content-Type", fmt.Sprintf("application/x-git-%s-advertisement", service))

  551. 		h.w.WriteHeader(http.StatusOK)

  552. 		_, _ = h.w.Write(packetWrite("# service=git-" + service + "\n"))

  553. 		_, _ = h.w.Write([]byte("0000"))

  554. 		_, _ = h.w.Write(refs)

  555. 	} else {

  556. 		updateServerInfo(ctx, h.dir)

  557. 		h.sendFile("text/plain; charset=utf-8", "info/refs")

  558. 	}

  559. }

  560. 

  561. // GetTextFile implements Git dumb HTTP

  562. func GetTextFile(p string) func(*context.Context) {

  563. 	return func(ctx *context.Context) {

  564. 		h := httpBase(ctx)

  565. 		if h != nil {

  566. 			h.setHeaderNoCache()

  567. 			file := ctx.Params("file")

  568. 			if file != "" {

  569. 				h.sendFile("text/plain", "objects/info/"+file)

  570. 			} else {

  571. 				h.sendFile("text/plain", p)

  572. 			}

  573. 		}

  574. 	}

  575. }

  576. 

  577. // GetInfoPacks implements Git dumb HTTP

  578. func GetInfoPacks(ctx *context.Context) {

  579. 	h := httpBase(ctx)

  580. 	if h != nil {

  581. 		h.setHeaderCacheForever()

  582. 		h.sendFile("text/plain; charset=utf-8", "objects/info/packs")

  583. 	}

  584. }

  585. 

  586. // GetLooseObject implements Git dumb HTTP

  587. func GetLooseObject(ctx *context.Context) {

  588. 	h := httpBase(ctx)

  589. 	if h != nil {

  590. 		h.setHeaderCacheForever()

  591. 		h.sendFile("application/x-git-loose-object", fmt.Sprintf("objects/%s/%s",

  592. 			ctx.Params("head"), ctx.Params("hash")))

  593. 	}

  594. }

  595. 

  596. // GetPackFile implements Git dumb HTTP

  597. func GetPackFile(ctx *context.Context) {

  598. 	h := httpBase(ctx)

  599. 	if h != nil {

  600. 		h.setHeaderCacheForever()

  601. 		h.sendFile("application/x-git-packed-objects", "objects/pack/pack-"+ctx.Params("file")+".pack")

  602. 	}

  603. }

  604. 

  605. // GetIdxFile implements Git dumb HTTP

  606. func GetIdxFile(ctx *context.Context) {

  607. 	h := httpBase(ctx)

  608. 	if h != nil {

  609. 		h.setHeaderCacheForever()

  610. 		h.sendFile("application/x-git-packed-objects-toc", "objects/pack/pack-"+ctx.Params("file")+".idx")

  611. 	}

  612. }