-# Copyright (C) 2016 all contributors <meta@public-inbox.org>
+# Copyright (C) 2016-2019 all contributors <meta@public-inbox.org>
# License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
# when no endpoints match, fallback to this and serve a static file
-# or smart HTTP
+# or smart HTTP. This is our wrapper for git-http-backend(1)
package PublicInbox::GitHTTPBackend;
use strict;
use warnings;
use Fcntl qw(:seek);
-use IO::File;
-use PublicInbox::Spawn qw(spawn);
+use IO::Handle; # ->flush
use HTTP::Date qw(time2str);
+use PublicInbox::Qspawn;
+use PublicInbox::Tmpfile;
+use PublicInbox::WwwStatic qw(r @NO_CACHE);
+
+# 32 is same as the git-daemon connection limit
+my $default_limiter = PublicInbox::Qspawn::Limiter->new(32);
# n.b. serving "description" and "cloneurl" should be innocuous enough to
# not cause problems. serving "config" might...
-my @text = qw[HEAD info/refs
+my @text = qw[HEAD info/refs info/attributes
objects/info/(?:http-alternates|alternates|packs)
cloneurl description];
objects/pack/pack-[a-f0-9]{40}\.(?:pack|idx)
!;
-our $ANY = join('|', @binary, @text);
+our $ANY = join('|', @binary, @text, 'git-upload-pack');
my $BIN = join('|', @binary);
my $TEXT = join('|', @text);
-my @no_cache = ('Expires', 'Fri, 01 Jan 1980 00:00:00 GMT',
- 'Pragma', 'no-cache',
- 'Cache-Control', 'no-cache, max-age=0, must-revalidate');
-
-my $nextq;
-sub do_next () {
- my $q = $nextq;
- $nextq = undef;
- while (my $cb = shift @$q) {
- $cb->(); # this may redefine nextq
- }
-}
-
-sub r ($) {
- my ($s) = @_;
- [ $s, [qw(Content-Type text/plain Content-Length 0), @no_cache ], [] ]
-}
-
sub serve {
- my ($cgi, $git, $path) = @_;
+ my ($env, $git, $path) = @_;
- my $service = $cgi->param('service') || '';
- if ($service =~ /\Agit-\w+-pack\z/ || $path =~ /\Agit-\w+-pack\z/) {
- my $ok = serve_smart($cgi, $git, $path);
+ # Documentation/technical/http-protocol.txt in git.git
+ # requires one and exactly one query parameter:
+ if ($env->{QUERY_STRING} =~ /\Aservice=git-[A-Za-z0-9_]+-pack\z/ ||
+ $path =~ /\Agit-[A-Za-z0-9_]+-pack\z/) {
+ my $ok = serve_smart($env, $git, $path);
return $ok if $ok;
}
- serve_dumb($cgi, $git, $path);
+ serve_dumb($env, $git, $path);
}
sub err ($@) {
$env->{'psgi.errors'}->print(@msg, "\n");
}
-sub drop_client ($) {
- if (my $io = $_[0]->{'psgix.io'}) {
- $io->close; # this is Danga::Socket::close
- }
+my $prev = 0;
+my $exp;
+sub cache_one_year {
+ my ($h) = @_;
+ my $t = time + 31536000;
+ push @$h, 'Expires', $t == $prev ? $exp : ($exp = time2str($prev = $t)),
+ 'Cache-Control', 'public, max-age=31536000';
}
sub serve_dumb {
- my ($cgi, $git, $path) = @_;
+ my ($env, $git, $path) = @_;
- my @h;
+ my $h = [];
my $type;
- if ($path =~ /\A(?:$BIN)\z/o) {
- $type = 'application/octet-stream';
- push @h, 'Expires', time2str(time + 31536000);
- push @h, 'Cache-Control', 'public, max-age=31536000';
+ if ($path =~ m!\Aobjects/[a-f0-9]{2}/[a-f0-9]{38}\z!) {
+ $type = 'application/x-git-loose-object';
+ cache_one_year($h);
+ } elsif ($path =~ m!\Aobjects/pack/pack-[a-f0-9]{40}\.pack\z!) {
+ $type = 'application/x-git-packed-objects';
+ cache_one_year($h);
+ } elsif ($path =~ m!\Aobjects/pack/pack-[a-f0-9]{40}\.idx\z!) {
+ $type = 'application/x-git-packed-objects-toc';
+ cache_one_year($h);
} elsif ($path =~ /\A(?:$TEXT)\z/o) {
$type = 'text/plain';
- push @h, @no_cache;
+ push @$h, @NO_CACHE;
} else {
return r(404);
}
-
- my $f = "$git->{git_dir}/$path";
- return r(404) unless -f $f && -r _; # just in case it's a FIFO :P
- my @st = stat(_);
- my $size = $st[7];
- my $env = $cgi->{env};
-
- # TODO: If-Modified-Since and Last-Modified?
- open my $in, '<', $f or return r(404);
- my $len = $size;
- my $code = 200;
- push @h, 'Content-Type', $type;
- if (($env->{HTTP_RANGE} || '') =~ /\bbytes=(\d*)-(\d*)\z/) {
- ($code, $len) = prepare_range($cgi, $in, \@h, $1, $2, $size);
- if ($code == 416) {
- push @h, 'Content-Range', "bytes */$size";
- return [ 416, \@h, [] ];
- }
- }
- push @h, 'Content-Length', $len;
- my $n = 65536;
- [ $code, \@h, Plack::Util::inline_object(close => sub { close $in },
- getline => sub {
- return if $len == 0;
- $n = $len if $len < $n;
- my $r = sysread($in, my $buf, $n);
- if (!defined $r) {
- err($env, "$f read error: $!");
- } elsif ($r <= 0) {
- err($env, "$f EOF with $len bytes left");
- } else {
- $len -= $r;
- $n = 8192;
- return $buf;
- }
- drop_client($env);
- return;
- })]
+ $path = "$git->{git_dir}/$path";
+ PublicInbox::WwwStatic::response($env, $h, $path, $type);
}
-sub prepare_range {
- my ($cgi, $in, $h, $beg, $end, $size) = @_;
- my $code = 200;
- my $len = $size;
- if ($beg eq '') {
- if ($end ne '') { # "bytes=-$end" => last N bytes
- $beg = $size - $end;
- $beg = 0 if $beg < 0;
- $end = $size - 1;
- $code = 206;
- } else {
- $code = 416;
- }
- } else {
- if ($beg > $size) {
- $code = 416;
- } elsif ($end eq '' || $end >= $size) {
- $end = $size - 1;
- $code = 206;
- } elsif ($end < $size) {
- $code = 206;
- } else {
- $code = 416;
- }
- }
- if ($code == 206) {
- $len = $end - $beg + 1;
- if ($len <= 0) {
- $code = 416;
- } else {
- sysseek($in, $beg, SEEK_SET) or return [ 500, [], [] ];
- push @$h, qw(Accept-Ranges bytes Content-Range);
- push @$h, "bytes $beg-$end/$size";
-
- # FIXME: Plack::Middleware::Deflater bug?
- $cgi->{env}->{'psgix.no-compress'} = 1;
- }
- }
- ($code, $len);
+sub git_parse_hdr { # {parse_hdr} for Qspawn
+ my ($r, $bref, $dumb_args) = @_;
+ my $res = parse_cgi_headers($r, $bref) or return; # incomplete
+ $res->[0] == 403 ? serve_dumb(@$dumb_args) : $res;
}
# returns undef if 403 so it falls back to dumb HTTP
sub serve_smart {
- my ($cgi, $git, $path) = @_;
- my $env = $cgi->{env};
-
- my $input = $env->{'psgi.input'};
- my $buf;
- my $in;
- my $fd = eval { fileno($input) };
- if (defined $fd && $fd >= 0) {
- $in = $input;
- } else {
- $in = input_to_file($env) or return r(500);
- }
- my ($rpipe, $wpipe);
- unless (pipe($rpipe, $wpipe)) {
- err($env, "error creating pipe: $! - going static");
- return;
- }
+ my ($env, $git, $path) = @_;
my %env = %ENV;
# GIT_COMMITTER_NAME, GIT_COMMITTER_EMAIL
# may be set in the server-process and are passed as-is
my $val = $env->{$name};
$env{$name} = $val if defined $val;
}
- my $git_dir = $git->{git_dir};
+ my $limiter = $git->{-httpbackend_limiter} || $default_limiter;
$env{GIT_HTTP_EXPORT_ALL} = '1';
- $env{PATH_TRANSLATED} = "$git_dir/$path";
- my %rdr = ( 0 => fileno($in), 1 => fileno($wpipe) );
- my $pid = spawn([qw(git http-backend)], \%env, \%rdr);
- unless (defined $pid) {
- err($env, "error spawning: $! - going static");
- return;
- }
- $wpipe = $in = undef;
- $buf = '';
- my ($vin, $fh, $res);
-
- # Danga::Socket users, we queue up the read_enable callback to
- # fire after pending writes are complete:
- my $pi_http = $env->{'psgix.io'};
- my $read_enable = sub { $rpipe->watch_read(1) };
- my $read_disable = sub {
- $rpipe->watch_read(0);
- $pi_http->write($read_enable);
- };
-
- my $end = sub {
- if ($fh) {
- $fh->close;
- $fh = undef;
- }
- if ($rpipe) {
- # _may_ be Danga::Socket::close via
- # PublicInbox::HTTPD::Async::close:
- $rpipe->close;
- $rpipe = undef;
- }
- if (defined $pid) {
- my $e = $pid == waitpid($pid, 0) ?
- $? : "PID:$pid still running?";
- err($env, "git http-backend ($git_dir): $e") if $e;
- }
- return unless $res;
- my $dumb = serve_dumb($cgi, $git, $path);
- ref($dumb) eq 'ARRAY' ? $res->($dumb) : $dumb->($res);
- };
- my $fail = sub {
- if ($!{EAGAIN} || $!{EINTR}) {
- select($vin, undef, undef, undef) if defined $vin;
- # $vin is undef on async, so this is a noop on EAGAIN
- return;
- }
- my $e = $!;
- $end->();
- err($env, "git http-backend ($git_dir): $e\n");
- };
- my $cb = sub { # read git-http-backend output and stream to client
- my $r = $rpipe ? $rpipe->sysread($buf, 8192, length($buf)) : 0;
- return $fail->() unless defined $r;
- return $end->() if $r == 0; # EOF
- if ($fh) { # stream body from git-http-backend to HTTP client
- $fh->write($buf);
- $buf = '';
- $read_disable->() if $read_disable;
- } elsif ($buf =~ s/\A(.*?)\r\n\r\n//s) { # parse headers
- my $h = $1;
- my $code = 200;
- my @h;
- foreach my $l (split(/\r\n/, $h)) {
- my ($k, $v) = split(/:\s*/, $l, 2);
- if ($k =~ /\AStatus\z/i) {
- ($code) = ($v =~ /\b(\d+)\b/);
- } else {
- push @h, $k, $v;
- }
- }
- if ($code == 403) {
- # smart cloning disabled, serve dumbly
- # in $end since we never undef $res in here
- } else { # write response header:
- $fh = $res->([ $code, \@h ]);
- $res = undef;
- $fh->write($buf);
- }
- $buf = '';
- } # else { keep reading ... }
- };
- if (my $async = $env->{'pi-httpd.async'}) {
- # $async is PublicInbox::HTTPD::Async->new($rpipe, $cb)
- $rpipe = $async->($rpipe, $cb);
- sub { ($res) = @_ } # let Danga::Socket handle the rest.
- } else { # synchronous loop for other PSGI servers
- $read_enable = $read_disable = undef;
- $vin = '';
- vec($vin, fileno($rpipe), 1) = 1;
- sub {
- ($res) = @_;
- while ($rpipe) { $cb->() }
- }
- }
+ $env{PATH_TRANSLATED} = "$git->{git_dir}/$path";
+ my $rdr = input_prepare($env) or return r(500);
+ my $qsp = PublicInbox::Qspawn->new([qw(git http-backend)], \%env, $rdr);
+ $qsp->psgi_return($env, $limiter, \&git_parse_hdr, [$env, $git, $path]);
}
-sub input_to_file {
+sub input_prepare {
my ($env) = @_;
- my $in = IO::File->new_tmpfile;
+
my $input = $env->{'psgi.input'};
+ my $fd = eval { fileno($input) };
+ if (defined $fd && $fd >= 0) {
+ return { 0 => $fd };
+ }
+ my $id = "git-http.input.$env->{REMOTE_ADDR}:$env->{REMOTE_PORT}";
+ my $in = tmpfile($id);
+ unless (defined $in) {
+ err($env, "could not open temporary file: $!");
+ return;
+ }
my $buf;
while (1) {
my $r = $input->read($buf, 8192);
err($env, "error reading input: $!");
return;
}
- last if ($r == 0);
- $in->write($buf);
+ last if $r == 0;
+ unless (print $in $buf) {
+ err($env, "error writing temporary file: $!");
+ return;
+ }
+ }
+ # ensure it's visible to git-http-backend(1):
+ unless ($in->flush) {
+ err($env, "error writing temporary file: $!");
+ return;
+ }
+ unless (defined(sysseek($in, 0, SEEK_SET))) {
+ err($env, "error seeking temporary file: $!");
+ return;
+ }
+ { 0 => $in };
+}
+
+sub parse_cgi_headers {
+ my ($r, $bref) = @_;
+ return r(500) unless defined $r && $r >= 0;
+ $$bref =~ s/\A(.*?)\r?\n\r?\n//s or return $r == 0 ? r(500) : undef;
+ my $h = $1;
+ my $code = 200;
+ my @h;
+ foreach my $l (split(/\r?\n/, $h)) {
+ my ($k, $v) = split(/:\s*/, $l, 2);
+ if ($k =~ /\AStatus\z/i) {
+ ($code) = ($v =~ /\b([0-9]+)\b/);
+ } else {
+ push @h, $k, $v;
+ }
}
- $in->flush;
- $in->sysseek(0, SEEK_SET);
- return $in;
+ [ $code, \@h ]
}
1;