mirror of
https://github.com/git/git.git
synced 2024-11-05 08:47:56 +01:00
777e75b605
Communication between the HTTP server and http_backend process can lead to a dead-lock when relaying a large ref negotiation request. Diagnose the situation better, and mitigate it by reading such a request first into core (to a reasonable limit). * jk/http-backend-deadlock: http-backend: spool ref negotiation requests to buffer t5551: factor out tag creation http-backend: fix die recursion with custom handler
277 lines
9.8 KiB
Text
277 lines
9.8 KiB
Text
git-http-backend(1)
|
|
===================
|
|
|
|
NAME
|
|
----
|
|
git-http-backend - Server side implementation of Git over HTTP
|
|
|
|
SYNOPSIS
|
|
--------
|
|
[verse]
|
|
'git http-backend'
|
|
|
|
DESCRIPTION
|
|
-----------
|
|
A simple CGI program to serve the contents of a Git repository to Git
|
|
clients accessing the repository over http:// and https:// protocols.
|
|
The program supports clients fetching using both the smart HTTP protocol
|
|
and the backwards-compatible dumb HTTP protocol, as well as clients
|
|
pushing using the smart HTTP protocol.
|
|
|
|
It verifies that the directory has the magic file
|
|
"git-daemon-export-ok", and it will refuse to export any Git directory
|
|
that hasn't explicitly been marked for export this way (unless the
|
|
GIT_HTTP_EXPORT_ALL environmental variable is set).
|
|
|
|
By default, only the `upload-pack` service is enabled, which serves
|
|
'git fetch-pack' and 'git ls-remote' clients, which are invoked from
|
|
'git fetch', 'git pull', and 'git clone'. If the client is authenticated,
|
|
the `receive-pack` service is enabled, which serves 'git send-pack'
|
|
clients, which is invoked from 'git push'.
|
|
|
|
SERVICES
|
|
--------
|
|
These services can be enabled/disabled using the per-repository
|
|
configuration file:
|
|
|
|
http.getanyfile::
|
|
This serves Git clients older than version 1.6.6 that are unable to use the
|
|
upload pack service. When enabled, clients are able to read
|
|
any file within the repository, including objects that are
|
|
no longer reachable from a branch but are still present.
|
|
It is enabled by default, but a repository can disable it
|
|
by setting this configuration item to `false`.
|
|
|
|
http.uploadpack::
|
|
This serves 'git fetch-pack' and 'git ls-remote' clients.
|
|
It is enabled by default, but a repository can disable it
|
|
by setting this configuration item to `false`.
|
|
|
|
http.receivepack::
|
|
This serves 'git send-pack' clients, allowing push. It is
|
|
disabled by default for anonymous users, and enabled by
|
|
default for users authenticated by the web server. It can be
|
|
disabled by setting this item to `false`, or enabled for all
|
|
users, including anonymous users, by setting it to `true`.
|
|
|
|
URL TRANSLATION
|
|
---------------
|
|
To determine the location of the repository on disk, 'git http-backend'
|
|
concatenates the environment variables PATH_INFO, which is set
|
|
automatically by the web server, and GIT_PROJECT_ROOT, which must be set
|
|
manually in the web server configuration. If GIT_PROJECT_ROOT is not
|
|
set, 'git http-backend' reads PATH_TRANSLATED, which is also set
|
|
automatically by the web server.
|
|
|
|
EXAMPLES
|
|
--------
|
|
All of the following examples map `http://$hostname/git/foo/bar.git`
|
|
to `/var/www/git/foo/bar.git`.
|
|
|
|
Apache 2.x::
|
|
Ensure mod_cgi, mod_alias, and mod_env are enabled, set
|
|
GIT_PROJECT_ROOT (or DocumentRoot) appropriately, and
|
|
create a ScriptAlias to the CGI:
|
|
+
|
|
----------------------------------------------------------------
|
|
SetEnv GIT_PROJECT_ROOT /var/www/git
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
ScriptAlias /git/ /usr/libexec/git-core/git-http-backend/
|
|
----------------------------------------------------------------
|
|
+
|
|
To enable anonymous read access but authenticated write access,
|
|
require authorization for both the initial ref advertisement (which we
|
|
detect as a push via the service parameter in the query string), and the
|
|
receive-pack invocation itself:
|
|
+
|
|
----------------------------------------------------------------
|
|
RewriteCond %{QUERY_STRING} service=git-receive-pack [OR]
|
|
RewriteCond %{REQUEST_URI} /git-receive-pack$
|
|
RewriteRule ^/git/ - [E=AUTHREQUIRED:yes]
|
|
|
|
<LocationMatch "^/git/">
|
|
Order Deny,Allow
|
|
Deny from env=AUTHREQUIRED
|
|
|
|
AuthType Basic
|
|
AuthName "Git Access"
|
|
Require group committers
|
|
Satisfy Any
|
|
...
|
|
</LocationMatch>
|
|
----------------------------------------------------------------
|
|
+
|
|
If you do not have `mod_rewrite` available to match against the query
|
|
string, it is sufficient to just protect `git-receive-pack` itself,
|
|
like:
|
|
+
|
|
----------------------------------------------------------------
|
|
<LocationMatch "^/git/.*/git-receive-pack$">
|
|
AuthType Basic
|
|
AuthName "Git Access"
|
|
Require group committers
|
|
...
|
|
</LocationMatch>
|
|
----------------------------------------------------------------
|
|
+
|
|
In this mode, the server will not request authentication until the
|
|
client actually starts the object negotiation phase of the push, rather
|
|
than during the initial contact. For this reason, you must also enable
|
|
the `http.receivepack` config option in any repositories that should
|
|
accept a push. The default behavior, if `http.receivepack` is not set,
|
|
is to reject any pushes by unauthenticated users; the initial request
|
|
will therefore report `403 Forbidden` to the client, without even giving
|
|
an opportunity for authentication.
|
|
+
|
|
To require authentication for both reads and writes, use a Location
|
|
directive around the repository, or one of its parent directories:
|
|
+
|
|
----------------------------------------------------------------
|
|
<Location /git/private>
|
|
AuthType Basic
|
|
AuthName "Private Git Access"
|
|
Require group committers
|
|
...
|
|
</Location>
|
|
----------------------------------------------------------------
|
|
+
|
|
To serve gitweb at the same url, use a ScriptAliasMatch to only
|
|
those URLs that 'git http-backend' can handle, and forward the
|
|
rest to gitweb:
|
|
+
|
|
----------------------------------------------------------------
|
|
ScriptAliasMatch \
|
|
"(?x)^/git/(.*/(HEAD | \
|
|
info/refs | \
|
|
objects/(info/[^/]+ | \
|
|
[0-9a-f]{2}/[0-9a-f]{38} | \
|
|
pack/pack-[0-9a-f]{40}\.(pack|idx)) | \
|
|
git-(upload|receive)-pack))$" \
|
|
/usr/libexec/git-core/git-http-backend/$1
|
|
|
|
ScriptAlias /git/ /var/www/cgi-bin/gitweb.cgi/
|
|
----------------------------------------------------------------
|
|
+
|
|
To serve multiple repositories from different linkgit:gitnamespaces[7] in a
|
|
single repository:
|
|
+
|
|
----------------------------------------------------------------
|
|
SetEnvIf Request_URI "^/git/([^/]*)" GIT_NAMESPACE=$1
|
|
ScriptAliasMatch ^/git/[^/]*(.*) /usr/libexec/git-core/git-http-backend/storage.git$1
|
|
----------------------------------------------------------------
|
|
|
|
Accelerated static Apache 2.x::
|
|
Similar to the above, but Apache can be used to return static
|
|
files that are stored on disk. On many systems this may
|
|
be more efficient as Apache can ask the kernel to copy the
|
|
file contents from the file system directly to the network:
|
|
+
|
|
----------------------------------------------------------------
|
|
SetEnv GIT_PROJECT_ROOT /var/www/git
|
|
|
|
AliasMatch ^/git/(.*/objects/[0-9a-f]{2}/[0-9a-f]{38})$ /var/www/git/$1
|
|
AliasMatch ^/git/(.*/objects/pack/pack-[0-9a-f]{40}.(pack|idx))$ /var/www/git/$1
|
|
ScriptAlias /git/ /usr/libexec/git-core/git-http-backend/
|
|
----------------------------------------------------------------
|
|
+
|
|
This can be combined with the gitweb configuration:
|
|
+
|
|
----------------------------------------------------------------
|
|
SetEnv GIT_PROJECT_ROOT /var/www/git
|
|
|
|
AliasMatch ^/git/(.*/objects/[0-9a-f]{2}/[0-9a-f]{38})$ /var/www/git/$1
|
|
AliasMatch ^/git/(.*/objects/pack/pack-[0-9a-f]{40}.(pack|idx))$ /var/www/git/$1
|
|
ScriptAliasMatch \
|
|
"(?x)^/git/(.*/(HEAD | \
|
|
info/refs | \
|
|
objects/info/[^/]+ | \
|
|
git-(upload|receive)-pack))$" \
|
|
/usr/libexec/git-core/git-http-backend/$1
|
|
ScriptAlias /git/ /var/www/cgi-bin/gitweb.cgi/
|
|
----------------------------------------------------------------
|
|
|
|
Lighttpd::
|
|
Ensure that `mod_cgi`, `mod_alias`, `mod_auth`, `mod_setenv` are
|
|
loaded, then set `GIT_PROJECT_ROOT` appropriately and redirect
|
|
all requests to the CGI:
|
|
+
|
|
----------------------------------------------------------------
|
|
alias.url += ( "/git" => "/usr/lib/git-core/git-http-backend" )
|
|
$HTTP["url"] =~ "^/git" {
|
|
cgi.assign = ("" => "")
|
|
setenv.add-environment = (
|
|
"GIT_PROJECT_ROOT" => "/var/www/git",
|
|
"GIT_HTTP_EXPORT_ALL" => ""
|
|
)
|
|
}
|
|
----------------------------------------------------------------
|
|
+
|
|
To enable anonymous read access but authenticated write access:
|
|
+
|
|
----------------------------------------------------------------
|
|
$HTTP["querystring"] =~ "service=git-receive-pack" {
|
|
include "git-auth.conf"
|
|
}
|
|
$HTTP["url"] =~ "^/git/.*/git-receive-pack$" {
|
|
include "git-auth.conf"
|
|
}
|
|
----------------------------------------------------------------
|
|
+
|
|
where `git-auth.conf` looks something like:
|
|
+
|
|
----------------------------------------------------------------
|
|
auth.require = (
|
|
"/" => (
|
|
"method" => "basic",
|
|
"realm" => "Git Access",
|
|
"require" => "valid-user"
|
|
)
|
|
)
|
|
# ...and set up auth.backend here
|
|
----------------------------------------------------------------
|
|
+
|
|
To require authentication for both reads and writes:
|
|
+
|
|
----------------------------------------------------------------
|
|
$HTTP["url"] =~ "^/git/private" {
|
|
include "git-auth.conf"
|
|
}
|
|
----------------------------------------------------------------
|
|
|
|
|
|
ENVIRONMENT
|
|
-----------
|
|
'git http-backend' relies upon the CGI environment variables set
|
|
by the invoking web server, including:
|
|
|
|
* PATH_INFO (if GIT_PROJECT_ROOT is set, otherwise PATH_TRANSLATED)
|
|
* REMOTE_USER
|
|
* REMOTE_ADDR
|
|
* CONTENT_TYPE
|
|
* QUERY_STRING
|
|
* REQUEST_METHOD
|
|
|
|
The GIT_HTTP_EXPORT_ALL environmental variable may be passed to
|
|
'git-http-backend' to bypass the check for the "git-daemon-export-ok"
|
|
file in each repository before allowing export of that repository.
|
|
|
|
The `GIT_HTTP_MAX_REQUEST_BUFFER` environment variable (or the
|
|
`http.maxRequestBuffer` config variable) may be set to change the
|
|
largest ref negotiation request that git will handle during a fetch; any
|
|
fetch requiring a larger buffer will not succeed. This value should not
|
|
normally need to be changed, but may be helpful if you are fetching from
|
|
a repository with an extremely large number of refs. The value can be
|
|
specified with a unit (e.g., `100M` for 100 megabytes). The default is
|
|
10 megabytes.
|
|
|
|
The backend process sets GIT_COMMITTER_NAME to '$REMOTE_USER' and
|
|
GIT_COMMITTER_EMAIL to '$\{REMOTE_USER}@http.$\{REMOTE_ADDR\}',
|
|
ensuring that any reflogs created by 'git-receive-pack' contain some
|
|
identifying information of the remote user who performed the push.
|
|
|
|
All CGI environment variables are available to each of the hooks
|
|
invoked by the 'git-receive-pack'.
|
|
|
|
GIT
|
|
---
|
|
Part of the linkgit:git[1] suite
|