mirror of
https://github.com/git/git.git
synced 2024-11-01 06:47:52 +01:00
b0f4c9087e
When git is compiled with "-fsanitize=address" (using clang
or gcc >= 4.8), all invocations of git will check for buffer
overflows. This is similar to running with valgrind, except
that it is more thorough (because of the compiler support,
function-local buffers can be checked, too) and runs much
faster (making it much less painful to run the whole test
suite with the checks turned on).
Unlike valgrind, the magic happens at compile-time, so we
don't need the same infrastructure in the test suite that we
did to support --valgrind. But there are two things we can
help with:
1. On some platforms, the leak-detector is on by default,
and causes every invocation of "git init" (and thus
every test script) to fail. Since running git with
the leak detector is pointless, let's shut it off
automatically in the tests, unless the user has already
configured it.
2. When apache runs a CGI, it clears the environment of
unknown variables. This means that the $ASAN_OPTIONS
config doesn't make it to git-http-backend, and it
dies due to the leak detector. Let's mark the variable
as OK for apache to pass.
With these two changes, running
make CC=clang CFLAGS=-fsanitize=address test
works out of the box.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
190 lines
4.5 KiB
ApacheConf
190 lines
4.5 KiB
ApacheConf
ServerName dummy
|
|
PidFile httpd.pid
|
|
DocumentRoot www
|
|
LogFormat "%h %l %u %t \"%r\" %>s %b" common
|
|
CustomLog access.log common
|
|
ErrorLog error.log
|
|
<IfModule !mod_log_config.c>
|
|
LoadModule log_config_module modules/mod_log_config.so
|
|
</IfModule>
|
|
<IfModule !mod_alias.c>
|
|
LoadModule alias_module modules/mod_alias.so
|
|
</IfModule>
|
|
<IfModule !mod_cgi.c>
|
|
LoadModule cgi_module modules/mod_cgi.so
|
|
</IfModule>
|
|
<IfModule !mod_env.c>
|
|
LoadModule env_module modules/mod_env.so
|
|
</IfModule>
|
|
<IfModule !mod_rewrite.c>
|
|
LoadModule rewrite_module modules/mod_rewrite.so
|
|
</IFModule>
|
|
<IfModule !mod_version.c>
|
|
LoadModule version_module modules/mod_version.so
|
|
</IfModule>
|
|
<IfModule !mod_headers.c>
|
|
LoadModule headers_module modules/mod_headers.so
|
|
</IfModule>
|
|
|
|
<IfVersion < 2.4>
|
|
LockFile accept.lock
|
|
</IfVersion>
|
|
|
|
<IfVersion < 2.1>
|
|
<IfModule !mod_auth.c>
|
|
LoadModule auth_module modules/mod_auth.so
|
|
</IfModule>
|
|
</IfVersion>
|
|
|
|
<IfVersion >= 2.1>
|
|
<IfModule !mod_auth_basic.c>
|
|
LoadModule auth_basic_module modules/mod_auth_basic.so
|
|
</IfModule>
|
|
<IfModule !mod_authn_file.c>
|
|
LoadModule authn_file_module modules/mod_authn_file.so
|
|
</IfModule>
|
|
<IfModule !mod_authz_user.c>
|
|
LoadModule authz_user_module modules/mod_authz_user.so
|
|
</IfModule>
|
|
<IfModule !mod_authz_host.c>
|
|
LoadModule authz_host_module modules/mod_authz_host.so
|
|
</IfModule>
|
|
</IfVersion>
|
|
|
|
<IfVersion >= 2.4>
|
|
<IfModule !mod_authn_core.c>
|
|
LoadModule authn_core_module modules/mod_authn_core.so
|
|
</IfModule>
|
|
<IfModule !mod_authz_core.c>
|
|
LoadModule authz_core_module modules/mod_authz_core.so
|
|
</IfModule>
|
|
<IfModule !mod_access_compat.c>
|
|
LoadModule access_compat_module modules/mod_access_compat.so
|
|
</IfModule>
|
|
<IfModule !mod_mpm_prefork.c>
|
|
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
|
|
</IfModule>
|
|
</IfVersion>
|
|
|
|
PassEnv GIT_VALGRIND
|
|
PassEnv GIT_VALGRIND_OPTIONS
|
|
PassEnv GNUPGHOME
|
|
PassEnv ASAN_OPTIONS
|
|
|
|
Alias /dumb/ www/
|
|
Alias /auth/dumb/ www/auth/dumb/
|
|
|
|
<LocationMatch /smart/>
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
</LocationMatch>
|
|
<LocationMatch /smart_noexport/>
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
|
</LocationMatch>
|
|
<LocationMatch /smart_custom_env/>
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
SetEnv GIT_COMMITTER_NAME "Custom User"
|
|
SetEnv GIT_COMMITTER_EMAIL custom@example.com
|
|
</LocationMatch>
|
|
<LocationMatch /smart_namespace/>
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
SetEnv GIT_NAMESPACE ns
|
|
</LocationMatch>
|
|
<LocationMatch /smart_cookies/>
|
|
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
Header set Set-Cookie name=value
|
|
</LocationMatch>
|
|
ScriptAliasMatch /smart_*[^/]*/(.*) ${GIT_EXEC_PATH}/git-http-backend/$1
|
|
ScriptAlias /broken_smart/ broken-smart-http.sh/
|
|
ScriptAlias /error/ error.sh/
|
|
<Directory ${GIT_EXEC_PATH}>
|
|
Options FollowSymlinks
|
|
</Directory>
|
|
<Files broken-smart-http.sh>
|
|
Options ExecCGI
|
|
</Files>
|
|
<Files error.sh>
|
|
Options ExecCGI
|
|
</Files>
|
|
<Files ${GIT_EXEC_PATH}/git-http-backend>
|
|
Options ExecCGI
|
|
</Files>
|
|
|
|
RewriteEngine on
|
|
RewriteRule ^/smart-redir-perm/(.*)$ /smart/$1 [R=301]
|
|
RewriteRule ^/smart-redir-temp/(.*)$ /smart/$1 [R=302]
|
|
RewriteRule ^/smart-redir-auth/(.*)$ /auth/smart/$1 [R=301]
|
|
RewriteRule ^/smart-redir-limited/(.*)/info/refs$ /smart/$1/info/refs [R=301]
|
|
|
|
<IfDefine SSL>
|
|
LoadModule ssl_module modules/mod_ssl.so
|
|
|
|
SSLCertificateFile httpd.pem
|
|
SSLCertificateKeyFile httpd.pem
|
|
SSLRandomSeed startup file:/dev/urandom 512
|
|
SSLRandomSeed connect file:/dev/urandom 512
|
|
SSLSessionCache none
|
|
SSLMutex file:ssl_mutex
|
|
SSLEngine On
|
|
</IfDefine>
|
|
|
|
<Location /auth/>
|
|
AuthType Basic
|
|
AuthName "git-auth"
|
|
AuthUserFile passwd
|
|
Require valid-user
|
|
</Location>
|
|
|
|
<LocationMatch "^/auth-push/.*/git-receive-pack$">
|
|
AuthType Basic
|
|
AuthName "git-auth"
|
|
AuthUserFile passwd
|
|
Require valid-user
|
|
</LocationMatch>
|
|
|
|
<LocationMatch "^/auth-fetch/.*/git-upload-pack$">
|
|
AuthType Basic
|
|
AuthName "git-auth"
|
|
AuthUserFile passwd
|
|
Require valid-user
|
|
</LocationMatch>
|
|
|
|
RewriteCond %{QUERY_STRING} service=git-receive-pack [OR]
|
|
RewriteCond %{REQUEST_URI} /git-receive-pack$
|
|
RewriteRule ^/half-auth-complete/ - [E=AUTHREQUIRED:yes]
|
|
|
|
<Location /half-auth-complete/>
|
|
Order Deny,Allow
|
|
Deny from env=AUTHREQUIRED
|
|
|
|
AuthType Basic
|
|
AuthName "Git Access"
|
|
AuthUserFile passwd
|
|
Require valid-user
|
|
Satisfy Any
|
|
</Location>
|
|
|
|
<IfDefine DAV>
|
|
LoadModule dav_module modules/mod_dav.so
|
|
LoadModule dav_fs_module modules/mod_dav_fs.so
|
|
|
|
DAVLockDB DAVLock
|
|
<Location /dumb/>
|
|
Dav on
|
|
</Location>
|
|
<Location /auth/dumb>
|
|
Dav on
|
|
</Location>
|
|
</IfDefine>
|
|
|
|
<IfDefine SVN>
|
|
LoadModule dav_svn_module modules/mod_dav_svn.so
|
|
|
|
<Location /svn>
|
|
DAV svn
|
|
SVNPath svnrepo
|
|
</Location>
|
|
</IfDefine>
|