catalinux / rocketgit (public) (License: Affero GPLv3) (since 2015-03-19) (hash sha1)
Main RocketGit repo
Clone URLs: https://rocketgit.com/user/catalinux/rocketgit ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit git://git.rocketgit.com/user/catalinux/rocketgit
v0.0 v0.1 v0.10 v0.11 v0.12 v0.13 v0.14 v0.15 v0.17 v0.18 v0.19 v0.2 v0.20 v0.21 v0.22 v0.23 v0.24 v0.25 v0.27 v0.28 v0.29 v0.31 v0.32 v0.33 v0.34 v0.35 v0.36 v0.38 v0.39 v0.40 v0.41 v0.42 v0.43 v0.44 v0.45 v0.46 v0.47 v0.48 v0.49 v0.50 v0.51 v0.52 v0.53 v0.54 v0.55 v0.56 v0.57 v0.58 v0.60 v0.61 v0.62 v0.63 v0.64 v0.65 v0.66 v0.67 v0.68 v0.69 v0.70 v0.71 v0.72 v0.73 v0.77 v0.78 v0.79 v0.80 group1/branch1 group2/subgroup1/branch2 main master release

/scripts/remote.php (efda942f73bcc0542c804977ca65e5fc9e074467) (6460 bytes) (mode 100644) (type blob)

<?php
// It is called by a remote client that does a push/fetch by git/ssh.
error_reporting(E_ALL);
ini_set("track_errors", "On");

require_once("/etc/rocketgit/config.php");

$INC = dirname(__FILE__) . "/../inc";
require_once($INC . "/init.inc.php");
require_once($INC . "/util.inc.php");
require_once($INC . "/log.inc.php");
require_once($INC . "/sql.inc.php");
require_once($INC . "/struct.inc.php");
require_once($INC . "/repo.inc.php");
require_once($INC . "/prof.inc.php");
require_once($INC . "/ssh.inc.php");
require_once($INC . "/keys.inc.php");
require_once($INC . "/fixes.inc.php");
require_once($INC . "/plan.inc.php");
require_once($INC . "/ver.php");

rg_prof_start("remote.php");

rg_log_set_file($rg_log_dir . "/remote.log");

function info($str)
{
	rg_log("Sending: " . $str);
	$str2 = "RocketGit: Info: " . $str . "\n";
	if (isset($_SERVER['SSH_CONNECTION'])) {
		// ssh
		fwrite(STDERR, $str2);
	} else {
		// Keep in mind we did not negotiated yet the side-band feat.
		// So, seems we cannot send nice messages to the user.
	}
}

function fatal($str)
{
	rg_log("Sending: " . $str);
	$str2 = "RocketGit: Error: " . $str . "\n";
	if (isset($_SERVER['SSH_CONNECTION'])) {
		// ssh
		fwrite(STDERR, $str2);
	} else {
		// See above for 'info' function
		// But, keep in mind that at least git archive --remote
		// expects a 4 byte len!
		//echo "\n" . $str2;
		echo rg_git_pack('ERR ' . $str2);
	}
	exit(1);
}

@umask(0022);

// Without next lines the STDOUT/STDERR are mixed
@stream_set_write_buffer(STDOUT, 0);
@stream_set_write_buffer(STDERR, 0);


rg_log("Start ($rocketgit_version)...");
// DEBUG SELinux
$label = @file_get_contents("/proc/self/attr/current");
rg_log("SELINUX: " . $label);

rg_sql_app("rg-remote");
$db = rg_sql_open($rg_sql);
if ($db === FALSE)
	fatal("Internal error (db)!");

// Force ste state loading, for sure we will need it
rg_cache_get('state');

if (rg_struct_ok($db) === FALSE)
	fatal("We are in a short maintenance window. Try again later.");

$hostname = rg_state_get($db, 'hostname');
$http_allow = rg_state_get($db, 'http_allow');
$https_allow = rg_state_get($db, 'https_allow');
rg_base_url_build($hostname, $http_allow, $https_allow);
rg_log('DEBUG: base_url=' . rg_base_url());

$login_ui = array('uid' => 0,
	'username' => 'anonymous user',
	'organization' => 0);

if (isset($_SERVER['SSH_CONNECTION'])) {
	rg_log("SSH connection: " . $_SERVER['SSH_CONNECTION']);

	// we do not have host info
	$host = '';

	// first parameter must be uid of the user
	$login_uid = isset($_SERVER['argv'][1]) ? $_SERVER['argv'][1] : 0;
	rg_log("uid is $login_uid.");

	// second parameter must be the ssh key id
	$key_id = isset($_SERVER['argv'][2]) ? $_SERVER['argv'][2] : 0;
	// TODO: because of build system, 0 may be valid.
	//if ($key_id == 0)
	//	fatal("key_id not provided!");
	rg_log("key_id is $key_id.");

	// Third para is 'flags'
	$flags = isset($_SERVER['argv'][3]) ? $_SERVER['argv'][3] : '';
	rg_log('flags=' . $flags);

	if (!isset($_SERVER['SSH_ORIGINAL_COMMAND']))
		$cmd_repo = "";
	else
		$cmd_repo = trim($_SERVER['SSH_ORIGINAL_COMMAND']);

	$ssh_client = getenv("SSH_CLIENT");
	$_t = explode(" ", $ssh_client);
	$ip = rg_fix_ip($_t[0]);

	info('== Welcome to RocketGit! ==');
	info('you are connecting from IP ' . $ip . '.');
	info('date/time: ' . gmdate('Y-m-d H:i:s')
		. ', debug id ' . $rg_log_sid . '.');

	if (strstr($flags, 'N')) {
		$login_ui = rg_user_info($db, $login_uid, '', '');
		if ($login_ui['exists'] != 1)
			fatal("User does not exists (conn).");
		info('you are connecting as user \''
			. $login_ui['username'] . '\'.');

		putenv('ROCKETGIT_SHOW_INFO=0');
	}

	// Only normal keys can execute some commands
	if (strstr($flags, 'N'))
		$must_exit = rg_ssh_dispatch($db, $ip, $login_uid, $cmd_repo);
	else
		$must_exit = FALSE;

	// Only normal keys can update stats
	if (strstr($flags, 'N')) {
		// We do this operation after dispatch to not impact the latency.
		// TODO: This should be put in a queue for performance reasons
		// At the same time, update stats? events?
		$_r = rg_keys_update_use($db, $login_ui['uid'], $key_id, $ip,
			$cmd_repo);
		if ($_r !== TRUE)
			rg_internal_error("Cannot update key last_use!");
	}

	if ($must_exit) {
		rg_prof_end("remote.php");
		rg_prof_log();
		exit(0);
	}
} else {
	rg_log("git-daemon connection...");

	// we have no client info
	$login_uid = 0;
	$key_id = 0;
	$flags = '';

	$line = @fread(STDIN, 8000);
	$line_len = strlen($line);
	rg_log("line=[$line]");
	if ($line_len < 4)
		fatal("Line is too short!");
	$len = @hexdec(substr($line, 0, 4));
	if ($line_len < $len)
		fatal("Too less data ($line_len/$len) received!");

	// parse something like: 002bgit-upload-pack /aa.git[0x00]host=localhost:9418[0x00]
	$line = substr($line, 4); // skip length
	$v = explode("\0", $line);
	$cmd_repo = trim($v[0]);
	$host_port = isset($v[1]) ? trim(substr($v[1], 5)) : '';
	$v = explode(':', $host_port);
	$host = $v[0];

	$ip = rg_fix_ip(getenv("REMOTE_HOST"));
}

if (strncasecmp($cmd_repo, 'git-upload-pack', 15) == 0) {
	$cmd = 'git-upload-pack';
} else if (strncasecmp($cmd_repo, 'git-receive-pack', 16) == 0) {
	$cmd = 'git-receive-pack';
} else {
	$cmd = $cmd_repo;
}

// extract repository name
$_t = substr($cmd_repo, strlen($cmd)); // skip cmd
$_t = trim($_t, "' ");
$_t = ltrim($_t, "/");
$_t = preg_replace('/\.git$/' , '', $_t);
$_t = explode("/", $_t);
if (strcmp($_t[0], "user") == 0) {
	$prefix = "/user";
	$user = isset($_t[1]) ? $_t[1] : "";
	$repo = isset($_t[2]) ? $_t[2] : "";
} else {
	$prefix = "";
	$user = isset($_t[0]) ? $_t[0] : "";
	$repo = isset($_t[1]) ? $_t[1] : "";
}

rg_log("host=[$host] cmd=[$cmd] prefix=[$prefix] user=[$user] repo=[$repo].");

if (strstr($flags, 'W')) {
	// We are a worker, the command may be only for cloning!
	if (strcmp($cmd, 'git-upload-pack') != 0)
		fatal('A worker can only clone!');
}

$r = rg_repo_fetch_push_helper($db, $host, $ip, $login_ui, $prefix, $user,
	$repo, $cmd);
rg_log_ml('DEBUG: repo_fetch_push_helper: ' . print_r($r, TRUE));
if (($r['ok'] !== 1) || ($r['allow'] !== 1))
	fatal($r['errmsg']);

$run = "git-shell -c \"" . $cmd . " " . escapeshellarg($r['repo_path']) . "\"";
//$run = $cmd . ' ' . escapeshellarg($r['repo_path']);
rg_log("Running [$run]...");
rg_prof_start($cmd);
// TODO: shouldn't we use rg_exec to capture stderr?
passthru($run, $ret);
rg_prof_end($cmd);
rg_log("[$run] returned $ret.");

rg_prof_end("remote.php");
rg_prof_log();
?>

Mode Type Size Ref File
100644 blob 9 f3c7a7c5da68804a1bdf391127ba34aed33c3cca .exclude
100644 blob 102 eaeb7d777062c60a55cdd4b5734902cdf6e1790c .gitignore
100644 blob 341 4f4fc30b693128521d8deabbd0e1a09e46b6ced5 AUTHORS
100644 blob 1132 dd65951315f3de6d52d52a82fca59889d1d95187 Certs.txt
100644 blob 1133 f2d3e450d46e4f55fd21d2b3b46fc4926a396738 History.txt
100644 blob 34520 dba13ed2ddf783ee8118c6a581dbf75305f816a3 LICENSE
100644 blob 3398 cf75b360b8a3e6ef86bc4a42648e353bd58c2a80 Makefile.in
100644 blob 5774 4a18249bf06d04d1e27d97623f12a7a2d51f83c0 README
100644 blob 134375 09a528c88d096c0fa432ccca534f1b00454e8345 TODO
100644 blob 1294 f22911eb777f0695fcf81ad686eac133eb11fcc4 TODO-plans
100644 blob 203 a2863c67c3da44126b61a15a6f09738c25e0fbe0 TODO.perf
100644 blob 1044 9bb3652b3937eb624dba0f2d8efff7ce6c0ce0e2 TODO.vm
040000 tree - 21928e906ad2907a55c2e81c2a8b0502b586b8a0 artwork
100644 blob 4707 0da219f933a61fe4d34eb59e1a3829e19e3d246e compare.csv
100755 blob 30 92c4bc48245c00408cd7e1fd89bc1a03058f4ce4 configure
040000 tree - 69114e8648f8e0e7173c76e30ca6bbfcece7df31 debian
040000 tree - e1f903261de934d6a656f07278d8c99446eaf9e9 docker
040000 tree - f67d3605efbd6422a8acdd953578991139266391 docs
100755 blob 16720 52405deef0d3708e7553022e1e9db73faa28d05c duilder
100644 blob 536 96c75f943c5bf93b54dbddf678e8a99d7ba4ff93 duilder.conf
040000 tree - 2f3d689ae2a6df46f805b6a1d7e0036ad8304874 hooks
040000 tree - 94eb80ce844b4f07f8f68cc15078cc2b2b9ea9b4 inc
040000 tree - c070ac2ad296b44903e5e3495d81a905802a3d78 misc
100644 blob 3752 8b4e6c6aa563552bd7ec4f19633d5c35afebbf4e rocketgit.spec.in
040000 tree - d0119e3a198c8fd5fd0bcd825dcaf61c6a8da2a8 root
040000 tree - f5b93a8234710140b4030158ab991a8069a8c2e8 samples
040000 tree - 51c0f5b33d366f7946dc94b4a2e04b68068e7c0c scripts
040000 tree - 7456b4c661715981201fc09aed79979bc28391de selinux
100755 blob 256 462ccd108c431f54e380cdac2329129875a318b5 spell_check.sh
040000 tree - cb54e074b3ca35943edfcda9dd9cfcd281bcd9e7 techdocs
040000 tree - cd505f8547d44c9c0dc31dff236f61982d3ddc6c tests
040000 tree - 63f68e921ac8d6a62ea9c3d180e072c7c4725b7d tools
Hints:
Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):
git clone https://rocketgit.com/user/catalinux/rocketgit

Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit

Clone this repository using git:
git clone git://git.rocketgit.com/user/catalinux/rocketgit

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:
... clone the repository ...
... make some changes and some commits ...
git push origin main