Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-workhorse
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kirill Smelkov
gitlab-workhorse
Commits
fa260e77
Commit
fa260e77
authored
Nov 25, 2015
by
Kirill Smelkov
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
.
parent
548ed041
Pipeline
#105
failed with stage
Changes
4
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
67 additions
and
12 deletions
+67
-12
authorization.go
authorization.go
+6
-0
blob.go
blob.go
+58
-11
git-http.go
git-http.go
+2
-0
upstream.go
upstream.go
+1
-1
No files found.
authorization.go
View file @
fa260e77
...
@@ -5,12 +5,15 @@ import (
...
@@ -5,12 +5,15 @@ import (
"encoding/json"
"encoding/json"
"errors"
"errors"
"io"
"io"
// "os"
"net/http"
"net/http"
"strings"
"strings"
"log"
)
)
func
preAuthorizeHandler
(
handleFunc
serviceHandleFunc
,
suffix
string
)
serviceHandleFunc
{
func
preAuthorizeHandler
(
handleFunc
serviceHandleFunc
,
suffix
string
)
serviceHandleFunc
{
return
func
(
w
http
.
ResponseWriter
,
r
*
gitRequest
)
{
return
func
(
w
http
.
ResponseWriter
,
r
*
gitRequest
)
{
log
.
Printf
(
"AUTH1"
)
authReq
,
err
:=
r
.
u
.
newUpstreamRequest
(
r
.
Request
,
nil
,
suffix
)
authReq
,
err
:=
r
.
u
.
newUpstreamRequest
(
r
.
Request
,
nil
,
suffix
)
if
err
!=
nil
{
if
err
!=
nil
{
fail500
(
w
,
"newUpstreamRequest"
,
err
)
fail500
(
w
,
"newUpstreamRequest"
,
err
)
...
@@ -46,6 +49,8 @@ func preAuthorizeHandler(handleFunc serviceHandleFunc, suffix string) serviceHan
...
@@ -46,6 +49,8 @@ func preAuthorizeHandler(handleFunc serviceHandleFunc, suffix string) serviceHan
// The auth backend validated the client request and told us additional
// The auth backend validated the client request and told us additional
// request metadata. We must extract this information from the auth
// request metadata. We must extract this information from the auth
// response body.
// response body.
//log.Printf("resp body: %s", authResponse.Body)
//io.Copy(os.Stdout, authResponse.Body)
if
err
:=
json
.
NewDecoder
(
authResponse
.
Body
)
.
Decode
(
&
r
.
authorizationResponse
);
err
!=
nil
{
if
err
:=
json
.
NewDecoder
(
authResponse
.
Body
)
.
Decode
(
&
r
.
authorizationResponse
);
err
!=
nil
{
fail500
(
w
,
"decode authorization response"
,
err
)
fail500
(
w
,
"decode authorization response"
,
err
)
return
return
...
@@ -68,6 +73,7 @@ func preAuthorizeHandler(handleFunc serviceHandleFunc, suffix string) serviceHan
...
@@ -68,6 +73,7 @@ func preAuthorizeHandler(handleFunc serviceHandleFunc, suffix string) serviceHan
func
repoPreAuthorizeHandler
(
handleFunc
serviceHandleFunc
)
serviceHandleFunc
{
func
repoPreAuthorizeHandler
(
handleFunc
serviceHandleFunc
)
serviceHandleFunc
{
return
preAuthorizeHandler
(
func
(
w
http
.
ResponseWriter
,
r
*
gitRequest
)
{
return
preAuthorizeHandler
(
func
(
w
http
.
ResponseWriter
,
r
*
gitRequest
)
{
log
.
Printf
(
"AUTH2"
)
if
r
.
RepoPath
==
""
{
if
r
.
RepoPath
==
""
{
fail500
(
w
,
"repoPreAuthorizeHandler"
,
errors
.
New
(
"missing authorization response"
))
fail500
(
w
,
"repoPreAuthorizeHandler"
,
errors
.
New
(
"missing authorization response"
))
return
return
...
...
blob.go
View file @
fa260e77
...
@@ -5,6 +5,10 @@ Handler for raw blob downloads
...
@@ -5,6 +5,10 @@ Handler for raw blob downloads
package
main
package
main
import
(
import
(
"io"
"log"
"strings"
"regexp"
"net/http"
"net/http"
)
)
...
@@ -21,20 +25,63 @@ Content-Type: text/plain; charset=utf-8
...
@@ -21,20 +25,63 @@ Content-Type: text/plain; charset=utf-8
*/
*/
func
blobPreAuthorizeHandler
(
handleFunc
serviceHandleFunc
)
serviceHandleFunc
{
func
blobPreAuthorizeHandler
(
handleFunc
serviceHandleFunc
)
serviceHandleFunc
{
func
(
w
http
.
ResponseWriter
,
r
*
gitRequest
)
{
return
func
(
w
http
.
ResponseWriter
,
r
*
gitRequest
)
{
reqCheckDownload
,
err
:=
http
.
newRequest
(
"GET"
,
requestBlob
.
Path
/*TODO strip after repo*/
+
'
/
git
-
upload
-
pack
'
,
nil
)
if
err
!=
nil
{
fail500
(
w
,
"GET git-upload-pack"
)
return
}
requestBlob
:=
r
.
Request
r
.
Request
=
reqCheckDownload
}
}
}
}
func
handleGetBlobRaw
(
w
http
.
ResponseWriter
,
r
*
gitRequest
)
{
func
handleGetBlobRaw
(
w
http
.
ResponseWriter
,
r
*
gitRequest
)
{
blobCmd
:=
gitCommand
(
""
/*XXX GL_ID*/
,
"git"
,
"--git-dir="
+
r
.
RepoPath
,
"cat-file"
,
"blob"
,
...
)
log
.
Printf
(
"BLOB1"
)
// extract project name
projectRe
:=
regexp
.
MustCompile
(
`^/[\w\.-]+/[\w\.-]+/`
)
project
:=
projectRe
.
FindString
(
r
.
Request
.
URL
.
Path
)
refpath
:=
r
.
Request
.
URL
.
Path
[
len
(
project
)
:
]
if
project
==
""
{
fail500
(
w
,
"extract project name"
,
nil
)
return
}
//assert project[-1] == "/"
project
=
project
[
:
len
(
project
)
-
1
]
log
.
Printf
(
"project: %v"
,
project
)
if
refpath
[
:
4
]
!=
"raw/"
{
fail500
(
w
,
"refpath != raw/..."
,
nil
)
return
}
refpath
=
refpath
[
4
:
]
log
.
Printf
(
"refpath: %v"
,
refpath
)
// request to verify whether download is possible via asking as git fetch would do
// XXX privateToken not propagated ...
reqCheckDownload
,
err
:=
http
.
NewRequest
(
"GET"
,
project
+
".git/info/refs?service=git-upload-pack"
,
nil
)
if
err
!=
nil
{
fail500
(
w
,
"GET git-upload-pack"
,
err
)
return
}
// swap original request to 'verify-download' one
//requestBlob := r.Request
r
.
Request
=
reqCheckDownload
preAuthorizeHandler
(
func
(
w
http
.
ResponseWriter
,
r
*
gitRequest
)
{
handleGetBlobRaw2
(
w
,
r
,
refpath
)
},
""
)
(
w
,
r
)
}
func
handleGetBlobRaw2
(
w
http
.
ResponseWriter
,
r
*
gitRequest
,
refpath
string
)
{
// XXX we assume <ref>/<path> format and ref not containing "/"
// XXX but gitlab allows ref with / and tries to do longest-match to existing refs
s
:=
strings
.
SplitN
(
refpath
,
"/"
,
2
)
log
.
Printf
(
"RAW2 s: %v"
,
s
)
if
len
(
s
)
!=
2
{
fail500
(
w
,
"refpath split"
,
nil
)
return
}
ref
,
path
:=
s
[
0
],
s
[
1
]
blobCmd
:=
gitCommand
(
""
/*XXX GL_ID*/
,
"git"
,
"--git-dir="
+
r
.
RepoPath
,
"cat-file"
,
"blob"
,
ref
+
":"
+
path
)
blobStdout
,
err
:=
blobCmd
.
StdoutPipe
()
blobStdout
,
err
:=
blobCmd
.
StdoutPipe
()
if
err
!=
nil
{
if
err
!=
nil
{
fail500
(
w
,
"handleGetBlobRaw"
,
err
)
fail500
(
w
,
"handleGetBlobRaw"
,
err
)
...
@@ -55,7 +102,7 @@ func handleGetBlobRaw(w http.ResponseWriter, r *gitRequest) {
...
@@ -55,7 +102,7 @@ func handleGetBlobRaw(w http.ResponseWriter, r *gitRequest) {
return
return
}
}
if
err
:=
blobCmd
.
Wait
();
err
!=
nil
{
if
err
:=
blobCmd
.
Wait
();
err
!=
nil
{
logContext
(
"wait"
)
logContext
(
"wait"
,
err
)
return
return
}
}
}
}
git-http.go
View file @
fa260e77
...
@@ -10,9 +10,11 @@ import (
...
@@ -10,9 +10,11 @@ import (
"net/http"
"net/http"
"path/filepath"
"path/filepath"
"strings"
"strings"
"log"
)
)
func
handleGetInfoRefs
(
w
http
.
ResponseWriter
,
r
*
gitRequest
)
{
func
handleGetInfoRefs
(
w
http
.
ResponseWriter
,
r
*
gitRequest
)
{
log
.
Printf
(
"HELLO WORLD"
)
rpc
:=
r
.
URL
.
Query
()
.
Get
(
"service"
)
rpc
:=
r
.
URL
.
Query
()
.
Get
(
"service"
)
if
!
(
rpc
==
"git-upload-pack"
||
rpc
==
"git-receive-pack"
)
{
if
!
(
rpc
==
"git-upload-pack"
||
rpc
==
"git-receive-pack"
)
{
// The 'dumb' Git HTTP protocol is not supported
// The 'dumb' Git HTTP protocol is not supported
...
...
upstream.go
View file @
fa260e77
...
@@ -74,7 +74,7 @@ var gitServices = [...]gitService{
...
@@ -74,7 +74,7 @@ var gitServices = [...]gitService{
gitService
{
"GET"
,
regexp
.
MustCompile
(
`/repository/archive.tar\z`
),
repoPreAuthorizeHandler
(
handleGetArchive
)},
gitService
{
"GET"
,
regexp
.
MustCompile
(
`/repository/archive.tar\z`
),
repoPreAuthorizeHandler
(
handleGetArchive
)},
gitService
{
"GET"
,
regexp
.
MustCompile
(
`/repository/archive.tar.gz\z`
),
repoPreAuthorizeHandler
(
handleGetArchive
)},
gitService
{
"GET"
,
regexp
.
MustCompile
(
`/repository/archive.tar.gz\z`
),
repoPreAuthorizeHandler
(
handleGetArchive
)},
gitService
{
"GET"
,
regexp
.
MustCompile
(
`/repository/archive.tar.bz2\z`
),
repoPreAuthorizeHandler
(
handleGetArchive
)},
gitService
{
"GET"
,
regexp
.
MustCompile
(
`/repository/archive.tar.bz2\z`
),
repoPreAuthorizeHandler
(
handleGetArchive
)},
gitService
(
"GET"
,
regexp
.
MustCompile
(
`/raw/.+\z`
,
blobPreAuthorizeHandler
(
handleGetRawBlob
)
},
gitService
{
"GET"
,
regexp
.
MustCompile
(
`/raw/.+\z`
),
handleGetBlobRaw
},
gitService
{
"GET"
,
regexp
.
MustCompile
(
`/uploads/`
),
handleSendFile
},
gitService
{
"GET"
,
regexp
.
MustCompile
(
`/uploads/`
),
handleSendFile
},
// Git LFS
// Git LFS
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment