git

1
// Copyright 2012 Google Inc. All Rights Reserved.
2
//
3
// Licensed under the Apache License, Version 2.0 (the "License");
4
// you may not use this file except in compliance with the License.
5
// You may obtain a copy of the License at
6
//
7
//     http://www.apache.org/licenses/LICENSE-2.0
8
//
9
// Unless required by applicable law or agreed to in writing, software
10
// distributed under the License is distributed on an "AS IS" BASIS,
11
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
// See the License for the specific language governing permissions and
13
// limitations under the License.
14

15
package main
16

17
import (
18
	"bufio"
19
	"errors"
20
	"fmt"
21
	"net"
22
	"net/url"
23
	"os"
24
	"os/exec"
25
	"strings"
26
	"syscall"
27
	"time"
28
)
29

30
type Client struct {
31
	ProxyBin string
32
	Args     []string
33

34
	insecure bool
35
}
36

37
func (c *Client) Run() error {
38
	if err := c.resolveArgs(); err != nil {
39
		return fmt.Errorf("resolveArgs() got error: %v", err)
40
	}
41

42
	// Connect to the proxy.
43
	uconn, hconn, addr, err := c.connect()
44
	if err != nil {
45
		return fmt.Errorf("connect() got error: %v", err)
46
	}
47
	// Keep the unix socket connection open for the duration of the request.
48
	defer uconn.Close()
49
	// Keep a connection to the HTTP server open, so no other user can
50
	// bind on the same address so long as the process is running.
51
	defer hconn.Close()
52

53
	// Start the git-remote-http subprocess.
54
	cargs := []string{"-c", fmt.Sprintf("http.proxy=%v", addr), "remote-http"}
55
	cargs = append(cargs, c.Args...)
56
	cmd := exec.Command("git", cargs...)
57

58
	for _, v := range os.Environ() {
59
		if !strings.HasPrefix(v, "GIT_PERSISTENT_HTTPS_SECURE=") {
60
			cmd.Env = append(cmd.Env, v)
61
		}
62
	}
63
	// Set the GIT_PERSISTENT_HTTPS_SECURE environment variable when
64
	// the proxy is using a SSL connection.  This allows credential helpers
65
	// to identify secure proxy connections, despite being passed an HTTP
66
	// scheme.
67
	if !c.insecure {
68
		cmd.Env = append(cmd.Env, "GIT_PERSISTENT_HTTPS_SECURE=1")
69
	}
70

71
	cmd.Stdin = os.Stdin
72
	cmd.Stdout = os.Stdout
73
	cmd.Stderr = os.Stderr
74
	if err := cmd.Run(); err != nil {
75
		if eerr, ok := err.(*exec.ExitError); ok {
76
			if stat, ok := eerr.ProcessState.Sys().(syscall.WaitStatus); ok && stat.ExitStatus() != 0 {
77
				os.Exit(stat.ExitStatus())
78
			}
79
		}
80
		return fmt.Errorf("git-remote-http subprocess got error: %v", err)
81
	}
82
	return nil
83
}
84

85
func (c *Client) connect() (uconn net.Conn, hconn net.Conn, addr string, err error) {
86
	uconn, err = DefaultSocket.Dial()
87
	if err != nil {
88
		if e, ok := err.(*net.OpError); ok && (os.IsNotExist(e.Err) || e.Err == syscall.ECONNREFUSED) {
89
			if err = c.startProxy(); err == nil {
90
				uconn, err = DefaultSocket.Dial()
91
			}
92
		}
93
		if err != nil {
94
			return
95
		}
96
	}
97

98
	if addr, err = c.readAddr(uconn); err != nil {
99
		return
100
	}
101

102
	// Open a tcp connection to the proxy.
103
	if hconn, err = net.Dial("tcp", addr); err != nil {
104
		return
105
	}
106

107
	// Verify the address hasn't changed ownership.
108
	var addr2 string
109
	if addr2, err = c.readAddr(uconn); err != nil {
110
		return
111
	} else if addr != addr2 {
112
		err = fmt.Errorf("address changed after connect. got %q, want %q", addr2, addr)
113
		return
114
	}
115
	return
116
}
117

118
func (c *Client) readAddr(conn net.Conn) (string, error) {
119
	conn.SetDeadline(time.Now().Add(5 * time.Second))
120
	data := make([]byte, 100)
121
	n, err := conn.Read(data)
122
	if err != nil {
123
		return "", fmt.Errorf("error reading unix socket: %v", err)
124
	} else if n == 0 {
125
		return "", errors.New("empty data response")
126
	}
127
	conn.Write([]byte{1}) // Ack
128

129
	var addr string
130
	if addrs := strings.Split(string(data[:n]), "\n"); len(addrs) != 2 {
131
		return "", fmt.Errorf("got %q, wanted 2 addresses", data[:n])
132
	} else if c.insecure {
133
		addr = addrs[1]
134
	} else {
135
		addr = addrs[0]
136
	}
137
	return addr, nil
138
}
139

140
func (c *Client) startProxy() error {
141
	cmd := exec.Command(c.ProxyBin)
142
	cmd.SysProcAttr = &syscall.SysProcAttr{Setpgid: true}
143
	stdout, err := cmd.StdoutPipe()
144
	if err != nil {
145
		return err
146
	}
147
	defer stdout.Close()
148
	if err := cmd.Start(); err != nil {
149
		return err
150
	}
151
	result := make(chan error)
152
	go func() {
153
		bytes, _, err := bufio.NewReader(stdout).ReadLine()
154
		if line := string(bytes); err == nil && line != "OK" {
155
			err = fmt.Errorf("proxy returned %q, want \"OK\"", line)
156
		}
157
		result <- err
158
	}()
159
	select {
160
	case err := <-result:
161
		return err
162
	case <-time.After(5 * time.Second):
163
		return errors.New("timeout waiting for proxy to start")
164
	}
165
	panic("not reachable")
166
}
167

168
func (c *Client) resolveArgs() error {
169
	if nargs := len(c.Args); nargs == 0 {
170
		return errors.New("remote needed")
171
	} else if nargs > 2 {
172
		return fmt.Errorf("want at most 2 args, got %v", c.Args)
173
	}
174

175
	// Rewrite the url scheme to be http.
176
	idx := len(c.Args) - 1
177
	rawurl := c.Args[idx]
178
	rurl, err := url.Parse(rawurl)
179
	if err != nil {
180
		return fmt.Errorf("invalid remote: %v", err)
181
	}
182
	c.insecure = rurl.Scheme == "persistent-http"
183
	rurl.Scheme = "http"
184
	c.Args[idx] = rurl.String()
185
	if idx != 0 && c.Args[0] == rawurl {
186
		c.Args[0] = c.Args[idx]
187
	}
188
	return nil
189
}
190