mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4117 Commits
17 Branches
Tree: a00c932bbc
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a00c932bbc'
${ noResults }
gitea/routers/repo/http.go

http.go 13KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package repo

  6. 

  7. import (

  8. 	"bytes"

  9. 	"compress/gzip"

  10. 	"fmt"

  11. 	"io"

  12. 	"io/ioutil"

  13. 	"net/http"

  14. 	"os"

  15. 	"os/exec"

  16. 	"path"

  17. 	"regexp"

  18. 	"runtime"

  19. 	"strconv"

  20. 	"strings"

  21. 	"time"

  22. 

  23. 	git "github.com/gogits/git-module"

  24. 

  25. 	"github.com/gogits/gogs/models"

  26. 	"github.com/gogits/gogs/modules/base"

  27. 	"github.com/gogits/gogs/modules/context"

  28. 	"github.com/gogits/gogs/modules/log"

  29. 	"github.com/gogits/gogs/modules/setting"

  30. )

  31. 

  32. func HTTP(ctx *context.Context) {

  33. 	username := ctx.Params(":username")

  34. 	reponame := strings.TrimSuffix(ctx.Params(":reponame"), ".git")

  35. 

  36. 	var isPull bool

  37. 	service := ctx.Query("service")

  38. 	if service == "git-receive-pack" ||

  39. 		strings.HasSuffix(ctx.Req.URL.Path, "git-receive-pack") {

  40. 		isPull = false

  41. 	} else if service == "git-upload-pack" ||

  42. 		strings.HasSuffix(ctx.Req.URL.Path, "git-upload-pack") {

  43. 		isPull = true

  44. 	} else {

  45. 		isPull = (ctx.Req.Method == "GET")

  46. 	}

  47. 

  48. 	isWiki := false

  49. 	if strings.HasSuffix(reponame, ".wiki") {

  50. 		isWiki = true

  51. 		reponame = reponame[:len(reponame)-5]

  52. 	}

  53. 

  54. 	repoUser, err := models.GetUserByName(username)

  55. 	if err != nil {

  56. 		if models.IsErrUserNotExist(err) {

  57. 			ctx.Handle(http.StatusNotFound, "GetUserByName", nil)

  58. 		} else {

  59. 			ctx.Handle(http.StatusInternalServerError, "GetUserByName", err)

  60. 		}

  61. 		return

  62. 	}

  63. 

  64. 	repo, err := models.GetRepositoryByName(repoUser.ID, reponame)

  65. 	if err != nil {

  66. 		if models.IsErrRepoNotExist(err) {

  67. 			ctx.Handle(http.StatusNotFound, "GetRepositoryByName", nil)

  68. 		} else {

  69. 			ctx.Handle(http.StatusInternalServerError, "GetRepositoryByName", err)

  70. 		}

  71. 		return

  72. 	}

  73. 

  74. 	// Only public pull don't need auth.

  75. 	isPublicPull := !repo.IsPrivate && isPull

  76. 	var (

  77. 		askAuth      = !isPublicPull || setting.Service.RequireSignInView

  78. 		authUser     *models.User

  79. 		authUsername string

  80. 		authPasswd   string

  81. 	)

  82. 

  83. 	// check access

  84. 	if askAuth {

  85. 		authHead := ctx.Req.Header.Get("Authorization")

  86. 		if len(authHead) == 0 {

  87. 			ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=\".\"")

  88. 			ctx.Error(http.StatusUnauthorized)

  89. 			return

  90. 		}

  91. 

  92. 		auths := strings.Fields(authHead)

  93. 		// currently check basic auth

  94. 		// TODO: support digit auth

  95. 		// FIXME: middlewares/context.go did basic auth check already,

  96. 		// maybe could use that one.

  97. 		if len(auths) != 2 || auths[0] != "Basic" {

  98. 			ctx.HandleText(http.StatusUnauthorized, "no basic auth and digit auth")

  99. 			return

  100. 		}

  101. 		authUsername, authPasswd, err = base.BasicAuthDecode(auths[1])

  102. 		if err != nil {

  103. 			ctx.HandleText(http.StatusUnauthorized, "no basic auth and digit auth")

  104. 			return

  105. 		}

  106. 

  107. 		authUser, err = models.UserSignIn(authUsername, authPasswd)

  108. 		if err != nil {

  109. 			if !models.IsErrUserNotExist(err) {

  110. 				ctx.Handle(http.StatusInternalServerError, "UserSignIn error: %v", err)

  111. 				return

  112. 			}

  113. 

  114. 			// Assume username now is a token.

  115. 			token, err := models.GetAccessTokenBySHA(authUsername)

  116. 			if err != nil {

  117. 				if models.IsErrAccessTokenNotExist(err) || models.IsErrAccessTokenEmpty(err) {

  118. 					ctx.HandleText(http.StatusUnauthorized, "invalid token")

  119. 				} else {

  120. 					ctx.Handle(http.StatusInternalServerError, "GetAccessTokenBySha", err)

  121. 				}

  122. 				return

  123. 			}

  124. 			token.Updated = time.Now()

  125. 			if err = models.UpdateAccessToken(token); err != nil {

  126. 				ctx.Handle(http.StatusInternalServerError, "UpdateAccessToken", err)

  127. 			}

  128. 			authUser, err = models.GetUserByID(token.UID)

  129. 			if err != nil {

  130. 				ctx.Handle(http.StatusInternalServerError, "GetUserByID", err)

  131. 				return

  132. 			}

  133. 		}

  134. 

  135. 		if !isPublicPull {

  136. 			var tp = models.ACCESS_MODE_WRITE

  137. 			if isPull {

  138. 				tp = models.ACCESS_MODE_READ

  139. 			}

  140. 

  141. 			has, err := models.HasAccess(authUser, repo, tp)

  142. 			if err != nil {

  143. 				ctx.Handle(http.StatusInternalServerError, "HasAccess", err)

  144. 				return

  145. 			} else if !has {

  146. 				if tp == models.ACCESS_MODE_READ {

  147. 					has, err = models.HasAccess(authUser, repo, models.ACCESS_MODE_WRITE)

  148. 					if err != nil {

  149. 						ctx.Handle(http.StatusInternalServerError, "HasAccess2", err)

  150. 						return

  151. 					} else if !has {

  152. 						ctx.HandleText(http.StatusForbidden, "User permission denied")

  153. 						return

  154. 					}

  155. 				} else {

  156. 					ctx.HandleText(http.StatusForbidden, "User permission denied")

  157. 					return

  158. 				}

  159. 			}

  160. 

  161. 			if !isPull && repo.IsMirror {

  162. 				ctx.HandleText(http.StatusForbidden, "mirror repository is read-only")

  163. 				return

  164. 			}

  165. 		}

  166. 	}

  167. 

  168. 	callback := func(rpc string, input []byte) {

  169. 		if rpc != "receive-pack" || isWiki {

  170. 			return

  171. 		}

  172. 

  173. 		var lastLine int64 = 0

  174. 		for {

  175. 			head := input[lastLine : lastLine+2]

  176. 			if head[0] == '0' && head[1] == '0' {

  177. 				size, err := strconv.ParseInt(string(input[lastLine+2:lastLine+4]), 16, 32)

  178. 				if err != nil {

  179. 					log.Error(4, "%v", err)

  180. 					return

  181. 				}

  182. 

  183. 				if size == 0 {

  184. 					//fmt.Println(string(input[lastLine:]))

  185. 					break

  186. 				}

  187. 

  188. 				line := input[lastLine : lastLine+size]

  189. 				idx := bytes.IndexRune(line, '\000')

  190. 				if idx > -1 {

  191. 					line = line[:idx]

  192. 				}

  193. 

  194. 				fields := strings.Fields(string(line))

  195. 				if len(fields) >= 3 {

  196. 					oldCommitId := fields[0][4:]

  197. 					newCommitId := fields[1]

  198. 					refFullName := fields[2]

  199. 

  200. 					// FIXME: handle error.

  201. 					if err = models.PushUpdate(models.PushUpdateOptions{

  202. 						RefFullName:  refFullName,

  203. 						OldCommitID:  oldCommitId,

  204. 						NewCommitID:  newCommitId,

  205. 						PusherID:     authUser.ID,

  206. 						PusherName:   authUser.Name,

  207. 						RepoUserName: username,

  208. 						RepoName:     reponame,

  209. 					}); err == nil {

  210. 						go models.AddTestPullRequestTask(authUser, repo.ID, strings.TrimPrefix(refFullName, git.BRANCH_PREFIX), true)

  211. 					}

  212. 

  213. 				}

  214. 				lastLine = lastLine + size

  215. 			} else {

  216. 				break

  217. 			}

  218. 		}

  219. 	}

  220. 

  221. 	HTTPBackend(ctx, &serviceConfig{

  222. 		UploadPack:  true,

  223. 		ReceivePack: true,

  224. 		OnSucceed:   callback,

  225. 	})(ctx.Resp, ctx.Req.Request)

  226. 

  227. 	runtime.GC()

  228. }

  229. 

  230. type serviceConfig struct {

  231. 	UploadPack  bool

  232. 	ReceivePack bool

  233. 	OnSucceed   func(rpc string, input []byte)

  234. }

  235. 

  236. type serviceHandler struct {

  237. 	cfg  *serviceConfig

  238. 	w    http.ResponseWriter

  239. 	r    *http.Request

  240. 	dir  string

  241. 	file string

  242. }

  243. 

  244. func (h *serviceHandler) setHeaderNoCache() {

  245. 	h.w.Header().Set("Expires", "Fri, 01 Jan 1980 00:00:00 GMT")

  246. 	h.w.Header().Set("Pragma", "no-cache")

  247. 	h.w.Header().Set("Cache-Control", "no-cache, max-age=0, must-revalidate")

  248. }

  249. 

  250. func (h *serviceHandler) setHeaderCacheForever() {

  251. 	now := time.Now().Unix()

  252. 	expires := now + 31536000

  253. 	h.w.Header().Set("Date", fmt.Sprintf("%d", now))

  254. 	h.w.Header().Set("Expires", fmt.Sprintf("%d", expires))

  255. 	h.w.Header().Set("Cache-Control", "public, max-age=31536000")

  256. }

  257. 

  258. func (h *serviceHandler) sendFile(contentType string) {

  259. 	reqFile := path.Join(h.dir, h.file)

  260. 

  261. 	fi, err := os.Stat(reqFile)

  262. 	if os.IsNotExist(err) {

  263. 		h.w.WriteHeader(http.StatusNotFound)

  264. 		return

  265. 	}

  266. 

  267. 	h.w.Header().Set("Content-Type", contentType)

  268. 	h.w.Header().Set("Content-Length", fmt.Sprintf("%d", fi.Size()))

  269. 	h.w.Header().Set("Last-Modified", fi.ModTime().Format(http.TimeFormat))

  270. 	http.ServeFile(h.w, h.r, reqFile)

  271. }

  272. 

  273. type route struct {

  274. 	reg     *regexp.Regexp

  275. 	method  string

  276. 	handler func(serviceHandler)

  277. }

  278. 

  279. var routes = []route{

  280. 	{regexp.MustCompile("(.*?)/git-upload-pack$"), "POST", serviceUploadPack},

  281. 	{regexp.MustCompile("(.*?)/git-receive-pack$"), "POST", serviceReceivePack},

  282. 	{regexp.MustCompile("(.*?)/info/refs$"), "GET", getInfoRefs},

  283. 	{regexp.MustCompile("(.*?)/HEAD$"), "GET", getTextFile},

  284. 	{regexp.MustCompile("(.*?)/objects/info/alternates$"), "GET", getTextFile},

  285. 	{regexp.MustCompile("(.*?)/objects/info/http-alternates$"), "GET", getTextFile},

  286. 	{regexp.MustCompile("(.*?)/objects/info/packs$"), "GET", getInfoPacks},

  287. 	{regexp.MustCompile("(.*?)/objects/info/[^/]*$"), "GET", getTextFile},

  288. 	{regexp.MustCompile("(.*?)/objects/[0-9a-f]{2}/[0-9a-f]{38}$"), "GET", getLooseObject},

  289. 	{regexp.MustCompile("(.*?)/objects/pack/pack-[0-9a-f]{40}\\.pack$"), "GET", getPackFile},

  290. 	{regexp.MustCompile("(.*?)/objects/pack/pack-[0-9a-f]{40}\\.idx$"), "GET", getIdxFile},

  291. }

  292. 

  293. // FIXME: use process module

  294. func gitCommand(dir string, args ...string) []byte {

  295. 	cmd := exec.Command("git", args...)

  296. 	cmd.Dir = dir

  297. 	out, err := cmd.Output()

  298. 	if err != nil {

  299. 		log.GitLogger.Error(4, fmt.Sprintf("%v - %s", err, out))

  300. 	}

  301. 	return out

  302. }

  303. 

  304. func getGitConfig(option, dir string) string {

  305. 	out := string(gitCommand(dir, "config", option))

  306. 	return out[0 : len(out)-1]

  307. }

  308. 

  309. func getConfigSetting(service, dir string) bool {

  310. 	service = strings.Replace(service, "-", "", -1)

  311. 	setting := getGitConfig("http."+service, dir)

  312. 

  313. 	if service == "uploadpack" {

  314. 		return setting != "false"

  315. 	}

  316. 

  317. 	return setting == "true"

  318. }

  319. 

  320. func hasAccess(service string, h serviceHandler, checkContentType bool) bool {

  321. 	if checkContentType {

  322. 		if h.r.Header.Get("Content-Type") != fmt.Sprintf("application/x-git-%s-request", service) {

  323. 			return false

  324. 		}

  325. 	}

  326. 

  327. 	if !(service == "upload-pack" || service == "receive-pack") {

  328. 		return false

  329. 	}

  330. 	if service == "receive-pack" {

  331. 		return h.cfg.ReceivePack

  332. 	}

  333. 	if service == "upload-pack" {

  334. 		return h.cfg.UploadPack

  335. 	}

  336. 

  337. 	return getConfigSetting(service, h.dir)

  338. }

  339. 

  340. func serviceRPC(h serviceHandler, service string) {

  341. 	defer h.r.Body.Close()

  342. 

  343. 	if !hasAccess(service, h, true) {

  344. 		h.w.WriteHeader(http.StatusUnauthorized)

  345. 		return

  346. 	}

  347. 	h.w.Header().Set("Content-Type", fmt.Sprintf("application/x-git-%s-result", service))

  348. 

  349. 	var (

  350. 		reqBody = h.r.Body

  351. 		input   []byte

  352. 		br      io.Reader

  353. 		err     error

  354. 	)

  355. 

  356. 	// Handle GZIP.

  357. 	if h.r.Header.Get("Content-Encoding") == "gzip" {

  358. 		reqBody, err = gzip.NewReader(reqBody)

  359. 		if err != nil {

  360. 			log.GitLogger.Error(2, "fail to create gzip reader: %v", err)

  361. 			h.w.WriteHeader(http.StatusInternalServerError)

  362. 			return

  363. 		}

  364. 	}

  365. 

  366. 	if h.cfg.OnSucceed != nil {

  367. 		input, err = ioutil.ReadAll(reqBody)

  368. 		if err != nil {

  369. 			log.GitLogger.Error(2, "fail to read request body: %v", err)

  370. 			h.w.WriteHeader(http.StatusInternalServerError)

  371. 			return

  372. 		}

  373. 

  374. 		br = bytes.NewReader(input)

  375. 	} else {

  376. 		br = reqBody

  377. 	}

  378. 

  379. 	cmd := exec.Command("git", service, "--stateless-rpc", h.dir)

  380. 	cmd.Dir = h.dir

  381. 	cmd.Stdout = h.w

  382. 	cmd.Stdin = br

  383. 	if err := cmd.Run(); err != nil {

  384. 		log.GitLogger.Error(2, "fail to serve RPC(%s): %v", service, err)

  385. 		h.w.WriteHeader(http.StatusInternalServerError)

  386. 		return

  387. 	}

  388. 

  389. 	if h.cfg.OnSucceed != nil {

  390. 		h.cfg.OnSucceed(service, input)

  391. 	}

  392. }

  393. 

  394. func serviceUploadPack(h serviceHandler) {

  395. 	serviceRPC(h, "upload-pack")

  396. }

  397. 

  398. func serviceReceivePack(h serviceHandler) {

  399. 	serviceRPC(h, "receive-pack")

  400. }

  401. 

  402. func getServiceType(r *http.Request) string {

  403. 	serviceType := r.FormValue("service")

  404. 	if !strings.HasPrefix(serviceType, "git-") {

  405. 		return ""

  406. 	}

  407. 	return strings.Replace(serviceType, "git-", "", 1)

  408. }

  409. 

  410. func updateServerInfo(dir string) []byte {

  411. 	return gitCommand(dir, "update-server-info")

  412. }

  413. 

  414. func packetWrite(str string) []byte {

  415. 	s := strconv.FormatInt(int64(len(str)+4), 16)

  416. 	if len(s)%4 != 0 {

  417. 		s = strings.Repeat("0", 4-len(s)%4) + s

  418. 	}

  419. 	return []byte(s + str)

  420. }

  421. 

  422. func getInfoRefs(h serviceHandler) {

  423. 	h.setHeaderNoCache()

  424. 	if hasAccess(getServiceType(h.r), h, false) {

  425. 		service := getServiceType(h.r)

  426. 		refs := gitCommand(h.dir, service, "--stateless-rpc", "--advertise-refs", ".")

  427. 

  428. 		h.w.Header().Set("Content-Type", fmt.Sprintf("application/x-git-%s-advertisement", service))

  429. 		h.w.WriteHeader(http.StatusOK)

  430. 		h.w.Write(packetWrite("# service=git-" + service + "\n"))

  431. 		h.w.Write([]byte("0000"))

  432. 		h.w.Write(refs)

  433. 	} else {

  434. 		updateServerInfo(h.dir)

  435. 		h.sendFile("text/plain; charset=utf-8")

  436. 	}

  437. }

  438. 

  439. func getTextFile(h serviceHandler) {

  440. 	h.setHeaderNoCache()

  441. 	h.sendFile("text/plain")

  442. }

  443. 

  444. func getInfoPacks(h serviceHandler) {

  445. 	h.setHeaderCacheForever()

  446. 	h.sendFile("text/plain; charset=utf-8")

  447. }

  448. 

  449. func getLooseObject(h serviceHandler) {

  450. 	h.setHeaderCacheForever()

  451. 	h.sendFile("application/x-git-loose-object")

  452. }

  453. 

  454. func getPackFile(h serviceHandler) {

  455. 	h.setHeaderCacheForever()

  456. 	h.sendFile("application/x-git-packed-objects")

  457. }

  458. 

  459. func getIdxFile(h serviceHandler) {

  460. 	h.setHeaderCacheForever()

  461. 	h.sendFile("application/x-git-packed-objects-toc")

  462. }

  463. 

  464. func getGitRepoPath(subdir string) (string, error) {

  465. 	if !strings.HasSuffix(subdir, ".git") {

  466. 		subdir += ".git"

  467. 	}

  468. 

  469. 	fpath := path.Join(setting.RepoRootPath, subdir)

  470. 	if _, err := os.Stat(fpath); os.IsNotExist(err) {

  471. 		return "", err

  472. 	}

  473. 

  474. 	return fpath, nil

  475. }

  476. 

  477. func HTTPBackend(ctx *context.Context, cfg *serviceConfig) http.HandlerFunc {

  478. 	return func(w http.ResponseWriter, r *http.Request) {

  479. 		for _, route := range routes {

  480. 			r.URL.Path = strings.ToLower(r.URL.Path) // blue: In case some repo name has upper case name

  481. 			if m := route.reg.FindStringSubmatch(r.URL.Path); m != nil {

  482. 				if route.method != r.Method {

  483. 					if r.Proto == "HTTP/1.1" {

  484. 						w.WriteHeader(http.StatusMethodNotAllowed)

  485. 						w.Write([]byte("Method Not Allowed"))

  486. 					} else {

  487. 						w.WriteHeader(http.StatusBadRequest)

  488. 						w.Write([]byte("Bad Request"))

  489. 					}

  490. 					return

  491. 				}

  492. 

  493. 				file := strings.Replace(r.URL.Path, m[1]+"/", "", 1)

  494. 				dir, err := getGitRepoPath(m[1])

  495. 				if err != nil {

  496. 					log.GitLogger.Error(4, err.Error())

  497. 					ctx.Handle(http.StatusNotFound, "HTTPBackend", err)

  498. 					return

  499. 				}

  500. 

  501. 				route.handler(serviceHandler{cfg, w, r, dir, file})

  502. 				return

  503. 			}

  504. 		}

  505. 

  506. 		ctx.Handle(http.StatusNotFound, "HTTPBackend", nil)

  507. 		return

  508. 	}

  509. }