| 366 | } |
| 367 | |
| 368 | static int run_service(const char *dir, struct daemon_service *service, |
| 369 | struct hostinfo *hi, const struct strvec *env) |
| 370 | { |
| 371 | const char *path; |
| 372 | int enabled = service->enabled; |
| 373 | struct strbuf var = STRBUF_INIT; |
| 374 | |
| 375 | loginfo("Request %s for '%s'", service->name, dir); |
| 376 | |
| 377 | if (!enabled && !service->overridable) { |
| 378 | logerror("'%s': service not enabled.", service->name); |
| 379 | errno = EACCES; |
| 380 | return daemon_error(dir, "service not enabled"); |
| 381 | } |
| 382 | |
| 383 | if (!(path = path_ok(dir, hi))) |
| 384 | return daemon_error(dir, "no such repository"); |
| 385 | |
| 386 | /* |
| 387 | * Security on the cheap. |
| 388 | * |
| 389 | * We want a readable HEAD, usable "objects" directory, and |
| 390 | * a "git-daemon-export-ok" flag that says that the other side |
| 391 | * is ok with us doing this. |
| 392 | * |
| 393 | * path_ok() uses enter_repo() and checks for included directories. |
| 394 | * We only need to make sure the repository is exported. |
| 395 | */ |
| 396 | |
| 397 | if (!export_all_trees && access("git-daemon-export-ok", F_OK)) { |
| 398 | logerror("'%s': repository not exported.", path); |
| 399 | errno = EACCES; |
| 400 | return daemon_error(dir, "repository not exported"); |
| 401 | } |
| 402 | |
| 403 | if (service->overridable) { |
| 404 | strbuf_addf(&var, "daemon.%s", service->config_name); |
| 405 | repo_config_get_bool(the_repository, var.buf, &enabled); |
| 406 | strbuf_release(&var); |
| 407 | } |
| 408 | if (!enabled) { |
| 409 | logerror("'%s': service not enabled for '%s'", |
| 410 | service->name, path); |
| 411 | errno = EACCES; |
| 412 | return daemon_error(dir, "service not enabled"); |
| 413 | } |
| 414 | |
| 415 | /* |
| 416 | * Optionally, a hook can choose to deny access to the |
| 417 | * repository depending on the phase of the moon. |
| 418 | */ |
| 419 | if (access_hook && run_access_hook(service, dir, path, hi)) |
| 420 | return -1; |
| 421 | |
| 422 | /* |
| 423 | * We'll ignore SIGTERM from now on, we have a |
| 424 | * good client. |
| 425 | */ |
no test coverage detected