From 5b71123c2d0a01c33c215e8595e3af10438cd1c9 Mon Sep 17 00:00:00 2001
From: "Kyle J. McKay" <mackyle@gmail.com>
Date: Tue, 6 Oct 2020 03:19:08 -0700
Subject: [PATCH] Girocco/Config.pm: add git-daemon host matching settings

If $git_daemon_any_host is explicitly set to any true value (default
is undef) then the extra "host=" parameter will never be required
or inspected by the `git-daemon-verify` script.

The new $git_daemon_host_list variable contains a space-separated
list of acceptable host (port ignored) names and, unless
$git_daemon_any_host has been set to true, `git-daemon-verify` will
reject the request unless the extra "host=" parameter is present
and the host part (port ignored) matches one of the names in
$git_daemon_host_list.

$git_daemon_host_list defaults to the hostname from $gitpullurl
plus several variants of localhost.  If $gitpullurl is undef,
$git_daemon_host_list defaults to undef too.

If $git_daemon_host_list is undefined or empty, no host name
matching takes place.

Signed-off-by: Kyle J. McKay <mackyle@gmail.com>
---
 Girocco/Config.pm | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)

diff --git a/Girocco/Config.pm b/Girocco/Config.pm
index 070c3f4..00125f3 100644
--- a/Girocco/Config.pm
+++ b/Girocco/Config.pm
@@ -1120,6 +1120,29 @@ our $suppress_git_ssh_logging = 0;
 # RECOMMENDED VALUE: undef
 our $sshd_bin = undef;
 
+# Allow any git-daemon host
+# If set to a true value, then the extra "host=" parameter received
+# by git-daemon (if present) will be ignored.  If the $gitpullurl value
+# is undefined or does not start with "git://<hostname>" then any host
+# will be allowed by default.
+# RECOMMENDED VALUE: undef
+our $git_daemon_any_host = undef;
+
+# Restrict git-daemon host names
+# If $git_daemon_any_host is any false value (or undef) AND this
+# value is set to a space-separated list of host names WITHOUT any
+# port numbers, then the "host=" parameter MUST be provided by
+# a git daemon client AND it must match one of the names in this
+# all-lowercase, space-separated list.  Note that IPv6 literal
+# addresses MUST NOT be enclosed in brackets.  If this value is
+# empty or undef it will default to the hostname extracted from
+# $gitpullurl if that is set plus several variants of localhost.
+# Note, do NOT terminate DNS names with a final "." or they will
+# never match!
+# EXAMPLE:
+#   our $git_daemon_host_list = "foo.example.com localhost ::1 127.0.0.1";
+our $git_daemon_host_list = undef;
+
 
 #
 ##  ------------------------
@@ -1171,6 +1194,25 @@ $SmartHTTPOnly = $SmartHTTPOnly ? 1 : '';
 $TLSHost = $TLSHost ? 1 : '';
 $pretrustedroot = $pretrustedroot ? 1 : '';
 $suppress_git_ssh_logging = $suppress_git_ssh_logging ? 1 : '';
+$git_daemon_any_host = $git_daemon_any_host ? 1 : '';
+if ((!defined($git_daemon_host_list) || $git_daemon_host_list =~ /^\s*$/) &&
+    (defined($gitpullurl) && $gitpullurl =~ m{^git://\[?[A-Za-z0-9.-:]}i)) {
+	if ($gitpullurl =~ m{^[gG][iI][tT]://([A-Za-z0-9.-]+)(?:[/:]|$)} ||
+	    $gitpullurl =~ m{^[gG][iI][tT]://\[([0-9a-zA-Z.:%]+)\](?:[/:]|$)}) {
+		my $gdhn = lc($1);
+		$gdhn ne "." and $gdhn =~ s/\.$//;
+		my $gdhnl = $gdhn; $gdhnl =~ s/(?<!^)(?<!\.)\..*$//;
+		$git_daemon_host_list="$gdhn";
+		$git_daemon_host_list.=" $gdhnl" unless $gdhnl eq $gdhn;
+		$git_daemon_host_list.=" localhost ::1 127.0.0.1";
+	}
+}
+if (defined($git_daemon_host_list)) {
+	$git_daemon_host_list = lc($git_daemon_host_list);
+	$git_daemon_host_list =~ s/^\s+//;
+	$git_daemon_host_list =~ s/\s+$//;
+	$git_daemon_host_list = undef if $git_daemon_host_list eq "";
+}
 ($mirror or $push) or die "Girocco::Config: neither \$mirror nor \$push is set?!";
 (not $push or ($pushurl or $httpspushurl or $gitpullurl or $httppullurl)) or die "Girocco::Config: no pull URL is set";
 (not $push or ($pushurl or $httpspushurl)) or die "Girocco::Config: \$push set but \$pushurl and \$httpspushurl are undef";
-- 
2.11.4.GIT