5 #include <sys/socket.h>
7 #include <netinet/in.h>
9 static const char daemon_usage[] = "git-daemon [--inetd | --port=n]";
11 static int upload(char *dir, int dirlen)
18 * Security on the cheap.
20 * We want a readable HEAD, usable "objects" directory, and
21 * a "git-daemon-export-ok" flag that says that the other side
22 * is ok with us doing this.
24 if (access("git-daemon-export-ok", F_OK) ||
25 access("objects/00", X_OK) ||
30 * We'll ignore SIGTERM from now on, we have a
33 signal(SIGTERM, SIG_IGN);
35 /* git-upload-pack only ever reads stuff, so this is safe */
36 execlp("git-upload-pack", "git-upload-pack", ".", NULL);
40 static int execute(void)
42 static char line[1000];
45 len = packet_read_line(0, line, sizeof(line));
47 if (len && line[len-1] == '\n')
50 if (!strncmp("git-upload-pack /", line, 17))
51 return upload(line + 16, len - 16);
53 fprintf(stderr, "got bad connection '%s'\n", line);
59 * We count spawned/reaped separately, just to avoid any
60 * races when updating them from signals. The SIGCHLD handler
61 * will only update children_reaped, and the fork logic will
62 * only update children_spawned.
64 * MAX_CHILDREN should be a power-of-two to make the modulus
65 * operation cheap. It should also be at least twice
66 * the maximum number of connections we will ever allow.
68 #define MAX_CHILDREN 128
70 static int max_connections = 25;
72 /* These are updated by the signal handler */
73 static volatile unsigned int children_reaped = 0;
74 static pid_t dead_child[MAX_CHILDREN];
76 /* These are updated by the main loop */
77 static unsigned int children_spawned = 0;
78 static unsigned int children_deleted = 0;
83 struct sockaddr_storage address;
84 } live_child[MAX_CHILDREN];
86 static void add_child(int idx, pid_t pid, struct sockaddr *addr, socklen_t addrlen)
88 live_child[idx].pid = pid;
89 live_child[idx].addrlen = addrlen;
90 memcpy(&live_child[idx].address, addr, addrlen);
94 * Walk from "deleted" to "spawned", and remove child "pid".
96 * We move everything up by one, since the new "deleted" will
99 static void remove_child(pid_t pid, unsigned deleted, unsigned spawned)
103 deleted %= MAX_CHILDREN;
104 spawned %= MAX_CHILDREN;
105 if (live_child[deleted].pid == pid) {
106 live_child[deleted].pid = -1;
109 n = live_child[deleted];
112 deleted = (deleted + 1) % MAX_CHILDREN;
113 if (deleted == spawned)
114 die("could not find dead child %d\n", pid);
115 m = live_child[deleted];
116 live_child[deleted] = n;
124 * This gets called if the number of connections grows
125 * past "max_connections".
127 * We _should_ start off by searching for connections
128 * from the same IP, and if there is some address wth
129 * multiple connections, we should kill that first.
131 * As it is, we just "randomly" kill 25% of the connections,
132 * and our pseudo-random generator sucks too. I have no
135 * Really, this is just a place-holder for a _real_ algorithm.
137 static void kill_some_children(int signo, unsigned start, unsigned stop)
139 start %= MAX_CHILDREN;
140 stop %= MAX_CHILDREN;
141 while (start != stop) {
143 kill(live_child[start].pid, signo);
144 start = (start + 1) % MAX_CHILDREN;
148 static void check_max_connections(void)
152 unsigned spawned, reaped, deleted;
154 spawned = children_spawned;
155 reaped = children_reaped;
156 deleted = children_deleted;
158 while (deleted < reaped) {
159 pid_t pid = dead_child[deleted % MAX_CHILDREN];
160 remove_child(pid, deleted, spawned);
163 children_deleted = deleted;
165 active = spawned - deleted;
166 if (active <= max_connections)
169 /* Kill some unstarted connections with SIGTERM */
170 kill_some_children(SIGTERM, deleted, spawned);
171 if (active <= max_connections << 1)
174 /* If the SIGTERM thing isn't helping use SIGKILL */
175 kill_some_children(SIGKILL, deleted, spawned);
180 static void handle(int incoming, struct sockaddr *addr, socklen_t addrlen)
191 idx = children_spawned % MAX_CHILDREN;
193 add_child(idx, pid, addr, addrlen);
195 check_max_connections();
205 static void child_handler(int signo)
208 pid_t pid = waitpid(-1, NULL, WNOHANG);
211 unsigned reaped = children_reaped;
212 dead_child[reaped % MAX_CHILDREN] = pid;
213 children_reaped = reaped + 1;
220 static int serve(int port)
222 struct addrinfo hints, *ai0, *ai;
224 int socknum = 0, *socklist = NULL;
226 fd_set fds_init, fds;
227 char pbuf[NI_MAXSERV];
229 signal(SIGCHLD, child_handler);
231 sprintf(pbuf, "%d", port);
232 memset(&hints, 0, sizeof(hints));
233 hints.ai_family = AF_UNSPEC;
234 hints.ai_socktype = SOCK_STREAM;
235 hints.ai_protocol = IPPROTO_TCP;
236 hints.ai_flags = AI_PASSIVE;
238 gai = getaddrinfo(NULL, pbuf, &hints, &ai0);
240 die("getaddrinfo() failed: %s\n", gai_strerror(gai));
244 for (ai = ai0; ai; ai = ai->ai_next) {
248 sockfd = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
251 if (sockfd >= FD_SETSIZE) {
252 error("too large socket descriptor.");
258 if (ai->ai_family == AF_INET6) {
260 setsockopt(sockfd, IPPROTO_IPV6, IPV6_V6ONLY,
262 /* Note: error is not fatal */
266 if (bind(sockfd, ai->ai_addr, ai->ai_addrlen) < 0) {
268 continue; /* not fatal */
270 if (listen(sockfd, 5) < 0) {
272 continue; /* not fatal */
275 newlist = realloc(socklist, sizeof(int) * (socknum + 1));
277 die("memory allocation failed: %s", strerror(errno));
280 socklist[socknum++] = sockfd;
282 FD_SET(sockfd, &fds_init);
290 die("unable to allocate any listen sockets on port %u", port);
296 if (select(maxfd + 1, &fds, NULL, NULL, NULL) < 0) {
297 if (errno != EINTR) {
298 error("select failed, resuming: %s",
305 for (i = 0; i < socknum; i++) {
306 int sockfd = socklist[i];
308 if (FD_ISSET(sockfd, &fds)) {
309 struct sockaddr_storage ss;
310 socklen_t sslen = sizeof(ss);
311 int incoming = accept(sockfd, (struct sockaddr *)&ss, &sslen);
319 die("accept returned %s", strerror(errno));
322 handle(incoming, (struct sockaddr *)&ss, sslen);
328 int main(int argc, char **argv)
330 int port = DEFAULT_GIT_PORT;
334 for (i = 1; i < argc; i++) {
337 if (!strncmp(arg, "--port=", 7)) {
340 n = strtoul(arg+7, &end, 0);
341 if (arg[7] && !*end) {
347 if (!strcmp(arg, "--inetd")) {