Second attempt at preventing zombies (#16326)

* Second attempt at preventing zombies

* Ensure that the pipes are closed in ssh.go
* Ensure that a cancellable context is passed up in cmd/* http requests
* Make cmd.fail return properly so defers are obeyed
* Ensure that something is sent to stdout in case of blocks here

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint 2

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint 3

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fixup

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
tokarchuk/v1.17
zeripath 3 years ago committed by GitHub
parent ee43d70a0c
commit 3dcb3e9073
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 26
      cmd/cmd.go
  2. 45
      cmd/hook.go
  3. 5
      cmd/keys.go
  4. 5
      cmd/mailer.go
  5. 56
      cmd/manager.go
  6. 14
      cmd/restore_repo.go
  7. 84
      cmd/serv.go
  8. 1
      integrations/mssql.ini.tmpl
  9. 1
      integrations/mysql.ini.tmpl
  10. 1
      integrations/mysql8.ini.tmpl
  11. 1
      integrations/pgsql.ini.tmpl
  12. 1
      integrations/sqlite.ini.tmpl
  13. 20
      modules/httplib/httplib.go
  14. 18
      modules/private/hook.go
  15. 15
      modules/private/internal.go
  16. 9
      modules/private/key.go
  17. 5
      modules/private/mail.go
  18. 33
      modules/private/manager.go
  19. 5
      modules/private/restore_repo.go
  20. 9
      modules/private/serv.go
  21. 14
      modules/ssh/ssh.go

@ -7,9 +7,13 @@
package cmd package cmd
import ( import (
"context"
"errors" "errors"
"fmt" "fmt"
"os"
"os/signal"
"strings" "strings"
"syscall"
"code.gitea.io/gitea/models" "code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
@ -66,3 +70,25 @@ func initDBDisableConsole(disableConsole bool) error {
} }
return nil return nil
} }
func installSignals() (context.Context, context.CancelFunc) {
ctx, cancel := context.WithCancel(context.Background())
go func() {
// install notify
signalChannel := make(chan os.Signal, 1)
signal.Notify(
signalChannel,
syscall.SIGINT,
syscall.SIGTERM,
)
select {
case <-signalChannel:
case <-ctx.Done():
}
cancel()
signal.Reset()
}()
return ctx, cancel
}

@ -152,17 +152,18 @@ func runHookPreReceive(c *cli.Context) error {
if os.Getenv(models.EnvIsInternal) == "true" { if os.Getenv(models.EnvIsInternal) == "true" {
return nil return nil
} }
ctx, cancel := installSignals()
defer cancel()
setup("hooks/pre-receive.log", c.Bool("debug")) setup("hooks/pre-receive.log", c.Bool("debug"))
if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 { if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
if setting.OnlyAllowPushIfGiteaEnvironmentSet { if setting.OnlyAllowPushIfGiteaEnvironmentSet {
fail(`Rejecting changes as Gitea environment not set. return fail(`Rejecting changes as Gitea environment not set.
If you are pushing over SSH you must push with a key managed by If you are pushing over SSH you must push with a key managed by
Gitea or set your environment appropriately.`, "") Gitea or set your environment appropriately.`, "")
} else {
return nil
} }
return nil
} }
// the environment is set by serv command // the environment is set by serv command
@ -235,14 +236,14 @@ Gitea or set your environment appropriately.`, "")
hookOptions.OldCommitIDs = oldCommitIDs hookOptions.OldCommitIDs = oldCommitIDs
hookOptions.NewCommitIDs = newCommitIDs hookOptions.NewCommitIDs = newCommitIDs
hookOptions.RefFullNames = refFullNames hookOptions.RefFullNames = refFullNames
statusCode, msg := private.HookPreReceive(username, reponame, hookOptions) statusCode, msg := private.HookPreReceive(ctx, username, reponame, hookOptions)
switch statusCode { switch statusCode {
case http.StatusOK: case http.StatusOK:
// no-op // no-op
case http.StatusInternalServerError: case http.StatusInternalServerError:
fail("Internal Server Error", msg) return fail("Internal Server Error", msg)
default: default:
fail(msg, "") return fail(msg, "")
} }
count = 0 count = 0
lastline = 0 lastline = 0
@ -263,12 +264,12 @@ Gitea or set your environment appropriately.`, "")
fmt.Fprintf(out, " Checking %d references\n", count) fmt.Fprintf(out, " Checking %d references\n", count)
statusCode, msg := private.HookPreReceive(username, reponame, hookOptions) statusCode, msg := private.HookPreReceive(ctx, username, reponame, hookOptions)
switch statusCode { switch statusCode {
case http.StatusInternalServerError: case http.StatusInternalServerError:
fail("Internal Server Error", msg) return fail("Internal Server Error", msg)
case http.StatusForbidden: case http.StatusForbidden:
fail(msg, "") return fail(msg, "")
} }
} else if lastline > 0 { } else if lastline > 0 {
fmt.Fprintf(out, "\n") fmt.Fprintf(out, "\n")
@ -285,8 +286,11 @@ func runHookUpdate(c *cli.Context) error {
} }
func runHookPostReceive(c *cli.Context) error { func runHookPostReceive(c *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
// First of all run update-server-info no matter what // First of all run update-server-info no matter what
if _, err := git.NewCommand("update-server-info").Run(); err != nil { if _, err := git.NewCommand("update-server-info").SetParentContext(ctx).Run(); err != nil {
return fmt.Errorf("Failed to call 'git update-server-info': %v", err) return fmt.Errorf("Failed to call 'git update-server-info': %v", err)
} }
@ -299,12 +303,11 @@ func runHookPostReceive(c *cli.Context) error {
if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 { if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
if setting.OnlyAllowPushIfGiteaEnvironmentSet { if setting.OnlyAllowPushIfGiteaEnvironmentSet {
fail(`Rejecting changes as Gitea environment not set. return fail(`Rejecting changes as Gitea environment not set.
If you are pushing over SSH you must push with a key managed by If you are pushing over SSH you must push with a key managed by
Gitea or set your environment appropriately.`, "") Gitea or set your environment appropriately.`, "")
} else {
return nil
} }
return nil
} }
var out io.Writer var out io.Writer
@ -371,11 +374,11 @@ Gitea or set your environment appropriately.`, "")
hookOptions.OldCommitIDs = oldCommitIDs hookOptions.OldCommitIDs = oldCommitIDs
hookOptions.NewCommitIDs = newCommitIDs hookOptions.NewCommitIDs = newCommitIDs
hookOptions.RefFullNames = refFullNames hookOptions.RefFullNames = refFullNames
resp, err := private.HookPostReceive(repoUser, repoName, hookOptions) resp, err := private.HookPostReceive(ctx, repoUser, repoName, hookOptions)
if resp == nil { if resp == nil {
_ = dWriter.Close() _ = dWriter.Close()
hookPrintResults(results) hookPrintResults(results)
fail("Internal Server Error", err) return fail("Internal Server Error", err)
} }
wasEmpty = wasEmpty || resp.RepoWasEmpty wasEmpty = wasEmpty || resp.RepoWasEmpty
results = append(results, resp.Results...) results = append(results, resp.Results...)
@ -386,9 +389,9 @@ Gitea or set your environment appropriately.`, "")
if count == 0 { if count == 0 {
if wasEmpty && masterPushed { if wasEmpty && masterPushed {
// We need to tell the repo to reset the default branch to master // We need to tell the repo to reset the default branch to master
err := private.SetDefaultBranch(repoUser, repoName, "master") err := private.SetDefaultBranch(ctx, repoUser, repoName, "master")
if err != nil { if err != nil {
fail("Internal Server Error", "SetDefaultBranch failed with Error: %v", err) return fail("Internal Server Error", "SetDefaultBranch failed with Error: %v", err)
} }
} }
fmt.Fprintf(out, "Processed %d references in total\n", total) fmt.Fprintf(out, "Processed %d references in total\n", total)
@ -404,11 +407,11 @@ Gitea or set your environment appropriately.`, "")
fmt.Fprintf(out, " Processing %d references\n", count) fmt.Fprintf(out, " Processing %d references\n", count)
resp, err := private.HookPostReceive(repoUser, repoName, hookOptions) resp, err := private.HookPostReceive(ctx, repoUser, repoName, hookOptions)
if resp == nil { if resp == nil {
_ = dWriter.Close() _ = dWriter.Close()
hookPrintResults(results) hookPrintResults(results)
fail("Internal Server Error", err) return fail("Internal Server Error", err)
} }
wasEmpty = wasEmpty || resp.RepoWasEmpty wasEmpty = wasEmpty || resp.RepoWasEmpty
results = append(results, resp.Results...) results = append(results, resp.Results...)
@ -417,9 +420,9 @@ Gitea or set your environment appropriately.`, "")
if wasEmpty && masterPushed { if wasEmpty && masterPushed {
// We need to tell the repo to reset the default branch to master // We need to tell the repo to reset the default branch to master
err := private.SetDefaultBranch(repoUser, repoName, "master") err := private.SetDefaultBranch(ctx, repoUser, repoName, "master")
if err != nil { if err != nil {
fail("Internal Server Error", "SetDefaultBranch failed with Error: %v", err) return fail("Internal Server Error", "SetDefaultBranch failed with Error: %v", err)
} }
} }
_ = dWriter.Close() _ = dWriter.Close()

@ -62,9 +62,12 @@ func runKeys(c *cli.Context) error {
return errors.New("No key type and content provided") return errors.New("No key type and content provided")
} }
ctx, cancel := installSignals()
defer cancel()
setup("keys.log", false) setup("keys.log", false)
authorizedString, err := private.AuthorizedPublicKeyByContent(content) authorizedString, err := private.AuthorizedPublicKeyByContent(ctx, content)
if err != nil { if err != nil {
return err return err
} }

@ -14,6 +14,9 @@ import (
) )
func runSendMail(c *cli.Context) error { func runSendMail(c *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
setting.NewContext() setting.NewContext()
if err := argsSet(c, "title"); err != nil { if err := argsSet(c, "title"); err != nil {
@ -39,7 +42,7 @@ func runSendMail(c *cli.Context) error {
} }
} }
status, message := private.SendEmail(subject, body, nil) status, message := private.SendEmail(ctx, subject, body, nil)
if status != http.StatusOK { if status != http.StatusOK {
fmt.Printf("error: %s\n", message) fmt.Printf("error: %s\n", message)
return nil return nil

@ -236,10 +236,13 @@ func runRemoveLogger(c *cli.Context) error {
group = log.DEFAULT group = log.DEFAULT
} }
name := c.Args().First() name := c.Args().First()
statusCode, msg := private.RemoveLogger(group, name) ctx, cancel := installSignals()
defer cancel()
statusCode, msg := private.RemoveLogger(ctx, group, name)
switch statusCode { switch statusCode {
case http.StatusInternalServerError: case http.StatusInternalServerError:
fail("InternalServerError", msg) return fail("InternalServerError", msg)
} }
fmt.Fprintln(os.Stdout, msg) fmt.Fprintln(os.Stdout, msg)
@ -371,10 +374,13 @@ func commonAddLogger(c *cli.Context, mode string, vals map[string]interface{}) e
if c.IsSet("name") { if c.IsSet("name") {
name = c.String("name") name = c.String("name")
} }
statusCode, msg := private.AddLogger(group, name, mode, vals) ctx, cancel := installSignals()
defer cancel()
statusCode, msg := private.AddLogger(ctx, group, name, mode, vals)
switch statusCode { switch statusCode {
case http.StatusInternalServerError: case http.StatusInternalServerError:
fail("InternalServerError", msg) return fail("InternalServerError", msg)
} }
fmt.Fprintln(os.Stdout, msg) fmt.Fprintln(os.Stdout, msg)
@ -382,11 +388,14 @@ func commonAddLogger(c *cli.Context, mode string, vals map[string]interface{}) e
} }
func runShutdown(c *cli.Context) error { func runShutdown(c *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
setup("manager", c.Bool("debug")) setup("manager", c.Bool("debug"))
statusCode, msg := private.Shutdown() statusCode, msg := private.Shutdown(ctx)
switch statusCode { switch statusCode {
case http.StatusInternalServerError: case http.StatusInternalServerError:
fail("InternalServerError", msg) return fail("InternalServerError", msg)
} }
fmt.Fprintln(os.Stdout, msg) fmt.Fprintln(os.Stdout, msg)
@ -394,11 +403,14 @@ func runShutdown(c *cli.Context) error {
} }
func runRestart(c *cli.Context) error { func runRestart(c *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
setup("manager", c.Bool("debug")) setup("manager", c.Bool("debug"))
statusCode, msg := private.Restart() statusCode, msg := private.Restart(ctx)
switch statusCode { switch statusCode {
case http.StatusInternalServerError: case http.StatusInternalServerError:
fail("InternalServerError", msg) return fail("InternalServerError", msg)
} }
fmt.Fprintln(os.Stdout, msg) fmt.Fprintln(os.Stdout, msg)
@ -406,11 +418,14 @@ func runRestart(c *cli.Context) error {
} }
func runFlushQueues(c *cli.Context) error { func runFlushQueues(c *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
setup("manager", c.Bool("debug")) setup("manager", c.Bool("debug"))
statusCode, msg := private.FlushQueues(c.Duration("timeout"), c.Bool("non-blocking")) statusCode, msg := private.FlushQueues(ctx, c.Duration("timeout"), c.Bool("non-blocking"))
switch statusCode { switch statusCode {
case http.StatusInternalServerError: case http.StatusInternalServerError:
fail("InternalServerError", msg) return fail("InternalServerError", msg)
} }
fmt.Fprintln(os.Stdout, msg) fmt.Fprintln(os.Stdout, msg)
@ -418,11 +433,14 @@ func runFlushQueues(c *cli.Context) error {
} }
func runPauseLogging(c *cli.Context) error { func runPauseLogging(c *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
setup("manager", c.Bool("debug")) setup("manager", c.Bool("debug"))
statusCode, msg := private.PauseLogging() statusCode, msg := private.PauseLogging(ctx)
switch statusCode { switch statusCode {
case http.StatusInternalServerError: case http.StatusInternalServerError:
fail("InternalServerError", msg) return fail("InternalServerError", msg)
} }
fmt.Fprintln(os.Stdout, msg) fmt.Fprintln(os.Stdout, msg)
@ -430,11 +448,14 @@ func runPauseLogging(c *cli.Context) error {
} }
func runResumeLogging(c *cli.Context) error { func runResumeLogging(c *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
setup("manager", c.Bool("debug")) setup("manager", c.Bool("debug"))
statusCode, msg := private.ResumeLogging() statusCode, msg := private.ResumeLogging(ctx)
switch statusCode { switch statusCode {
case http.StatusInternalServerError: case http.StatusInternalServerError:
fail("InternalServerError", msg) return fail("InternalServerError", msg)
} }
fmt.Fprintln(os.Stdout, msg) fmt.Fprintln(os.Stdout, msg)
@ -442,11 +463,14 @@ func runResumeLogging(c *cli.Context) error {
} }
func runReleaseReopenLogging(c *cli.Context) error { func runReleaseReopenLogging(c *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
setup("manager", c.Bool("debug")) setup("manager", c.Bool("debug"))
statusCode, msg := private.ReleaseReopenLogging() statusCode, msg := private.ReleaseReopenLogging(ctx)
switch statusCode { switch statusCode {
case http.StatusInternalServerError: case http.StatusInternalServerError:
fail("InternalServerError", msg) return fail("InternalServerError", msg)
} }
fmt.Fprintln(os.Stdout, msg) fmt.Fprintln(os.Stdout, msg)

@ -46,14 +46,18 @@ wiki, issues, labels, releases, release_assets, milestones, pull_requests, comme
}, },
} }
func runRestoreRepository(ctx *cli.Context) error { func runRestoreRepository(c *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
setting.NewContext() setting.NewContext()
statusCode, errStr := private.RestoreRepo( statusCode, errStr := private.RestoreRepo(
ctx.String("repo_dir"), ctx,
ctx.String("owner_name"), c.String("repo_dir"),
ctx.String("repo_name"), c.String("owner_name"),
ctx.StringSlice("units"), c.String("repo_name"),
c.StringSlice("units"),
) )
if statusCode == http.StatusOK { if statusCode == http.StatusOK {
return nil return nil

@ -6,17 +6,14 @@
package cmd package cmd
import ( import (
"context"
"fmt" "fmt"
"net/http" "net/http"
"net/url" "net/url"
"os" "os"
"os/exec" "os/exec"
"os/signal"
"regexp" "regexp"
"strconv" "strconv"
"strings" "strings"
"syscall"
"time" "time"
"code.gitea.io/gitea/models" "code.gitea.io/gitea/models"
@ -75,7 +72,10 @@ var (
alphaDashDotPattern = regexp.MustCompile(`[^\w-\.]`) alphaDashDotPattern = regexp.MustCompile(`[^\w-\.]`)
) )
func fail(userMessage, logMessage string, args ...interface{}) { func fail(userMessage, logMessage string, args ...interface{}) error {
// There appears to be a chance to cause a zombie process and failure to read the Exit status
// if nothing is outputted on stdout.
fmt.Fprintln(os.Stdout, "")
fmt.Fprintln(os.Stderr, "Gitea:", userMessage) fmt.Fprintln(os.Stderr, "Gitea:", userMessage)
if len(logMessage) > 0 { if len(logMessage) > 0 {
@ -83,15 +83,19 @@ func fail(userMessage, logMessage string, args ...interface{}) {
fmt.Fprintf(os.Stderr, logMessage+"\n", args...) fmt.Fprintf(os.Stderr, logMessage+"\n", args...)
} }
} }
ctx, cancel := installSignals()
defer cancel()
if len(logMessage) > 0 { if len(logMessage) > 0 {
_ = private.SSHLog(true, fmt.Sprintf(logMessage+": ", args...)) _ = private.SSHLog(ctx, true, fmt.Sprintf(logMessage+": ", args...))
} }
return cli.NewExitError(fmt.Sprintf("Gitea: %s", userMessage), 1)
os.Exit(1)
} }
func runServ(c *cli.Context) error { func runServ(c *cli.Context) error {
ctx, cancel := installSignals()
defer cancel()
// FIXME: This needs to internationalised // FIXME: This needs to internationalised
setup("serv.log", c.Bool("debug")) setup("serv.log", c.Bool("debug"))
@ -109,18 +113,18 @@ func runServ(c *cli.Context) error {
keys := strings.Split(c.Args()[0], "-") keys := strings.Split(c.Args()[0], "-")
if len(keys) != 2 || keys[0] != "key" { if len(keys) != 2 || keys[0] != "key" {
fail("Key ID format error", "Invalid key argument: %s", c.Args()[0]) return fail("Key ID format error", "Invalid key argument: %s", c.Args()[0])
} }
keyID, err := strconv.ParseInt(keys[1], 10, 64) keyID, err := strconv.ParseInt(keys[1], 10, 64)
if err != nil { if err != nil {
fail("Key ID format error", "Invalid key argument: %s", c.Args()[1]) return fail("Key ID format error", "Invalid key argument: %s", c.Args()[1])
} }
cmd := os.Getenv("SSH_ORIGINAL_COMMAND") cmd := os.Getenv("SSH_ORIGINAL_COMMAND")
if len(cmd) == 0 { if len(cmd) == 0 {
key, user, err := private.ServNoCommand(keyID) key, user, err := private.ServNoCommand(ctx, keyID)
if err != nil { if err != nil {
fail("Internal error", "Failed to check provided key: %v", err) return fail("Internal error", "Failed to check provided key: %v", err)
} }
switch key.Type { switch key.Type {
case models.KeyTypeDeploy: case models.KeyTypeDeploy:
@ -138,11 +142,11 @@ func runServ(c *cli.Context) error {
words, err := shellquote.Split(cmd) words, err := shellquote.Split(cmd)
if err != nil { if err != nil {
fail("Error parsing arguments", "Failed to parse arguments: %v", err) return fail("Error parsing arguments", "Failed to parse arguments: %v", err)
} }
if len(words) < 2 { if len(words) < 2 {
fail("Too few arguments", "Too few arguments in cmd: %s", cmd) return fail("Too few arguments", "Too few arguments in cmd: %s", cmd)
} }
verb := words[0] verb := words[0]
@ -154,7 +158,7 @@ func runServ(c *cli.Context) error {
var lfsVerb string var lfsVerb string
if verb == lfsAuthenticateVerb { if verb == lfsAuthenticateVerb {
if !setting.LFS.StartServer { if !setting.LFS.StartServer {
fail("Unknown git command", "LFS authentication request over SSH denied, LFS support is disabled") return fail("Unknown git command", "LFS authentication request over SSH denied, LFS support is disabled")
} }
if len(words) > 2 { if len(words) > 2 {
@ -167,37 +171,37 @@ func runServ(c *cli.Context) error {
rr := strings.SplitN(repoPath, "/", 2) rr := strings.SplitN(repoPath, "/", 2)
if len(rr) != 2 { if len(rr) != 2 {
fail("Invalid repository path", "Invalid repository path: %v", repoPath) return fail("Invalid repository path", "Invalid repository path: %v", repoPath)
} }
username := strings.ToLower(rr[0]) username := strings.ToLower(rr[0])
reponame := strings.ToLower(strings.TrimSuffix(rr[1], ".git")) reponame := strings.ToLower(strings.TrimSuffix(rr[1], ".git"))
if alphaDashDotPattern.MatchString(reponame) { if alphaDashDotPattern.MatchString(reponame) {
fail("Invalid repo name", "Invalid repo name: %s", reponame) return fail("Invalid repo name", "Invalid repo name: %s", reponame)
} }
if setting.EnablePprof || c.Bool("enable-pprof") { if setting.EnablePprof || c.Bool("enable-pprof") {
if err := os.MkdirAll(setting.PprofDataPath, os.ModePerm); err != nil { if err := os.MkdirAll(setting.PprofDataPath, os.ModePerm); err != nil {
fail("Error while trying to create PPROF_DATA_PATH", "Error while trying to create PPROF_DATA_PATH: %v", err) return fail("Error while trying to create PPROF_DATA_PATH", "Error while trying to create PPROF_DATA_PATH: %v", err)
} }
stopCPUProfiler, err := pprof.DumpCPUProfileForUsername(setting.PprofDataPath, username) stopCPUProfiler, err := pprof.DumpCPUProfileForUsername(setting.PprofDataPath, username)
if err != nil { if err != nil {
fail("Internal Server Error", "Unable to start CPU profile: %v", err) return fail("Internal Server Error", "Unable to start CPU profile: %v", err)
} }
defer func() { defer func() {
stopCPUProfiler() stopCPUProfiler()
err := pprof.DumpMemProfileForUsername(setting.PprofDataPath, username) err := pprof.DumpMemProfileForUsername(setting.PprofDataPath, username)
if err != nil { if err != nil {
fail("Internal Server Error", "Unable to dump Mem Profile: %v", err) _ = fail("Internal Server Error", "Unable to dump Mem Profile: %v", err)
} }
}() }()
} }
requestedMode, has := allowedCommands[verb] requestedMode, has := allowedCommands[verb]
if !has { if !has {
fail("Unknown git command", "Unknown git command %s", verb) return fail("Unknown git command", "Unknown git command %s", verb)
} }
if verb == lfsAuthenticateVerb { if verb == lfsAuthenticateVerb {
@ -206,21 +210,20 @@ func runServ(c *cli.Context) error {
} else if lfsVerb == "download" { } else if lfsVerb == "download" {
requestedMode = models.AccessModeRead requestedMode = models.AccessModeRead
} else { } else {
fail("Unknown LFS verb", "Unknown lfs verb %s", lfsVerb) return fail("Unknown LFS verb", "Unknown lfs verb %s", lfsVerb)
} }
} }
results, err := private.ServCommand(keyID, username, reponame, requestedMode, verb, lfsVerb) results, err := private.ServCommand(ctx, keyID, username, reponame, requestedMode, verb, lfsVerb)
if err != nil { if err != nil {
if private.IsErrServCommand(err) { if private.IsErrServCommand(err) {
errServCommand := err.(private.ErrServCommand) errServCommand := err.(private.ErrServCommand)
if errServCommand.StatusCode != http.StatusInternalServerError { if errServCommand.StatusCode != http.StatusInternalServerError {
fail("Unauthorized", "%s", errServCommand.Error()) return fail("Unauthorized", "%s", errServCommand.Error())
} else {
fail("Internal Server Error", "%s", errServCommand.Error())
} }
return fail("Internal Server Error", "%s", errServCommand.Error())
} }
fail("Internal Server Error", "%s", err.Error()) return fail("Internal Server Error", "%s", err.Error())
} }
os.Setenv(models.EnvRepoIsWiki, strconv.FormatBool(results.IsWiki)) os.Setenv(models.EnvRepoIsWiki, strconv.FormatBool(results.IsWiki))
os.Setenv(models.EnvRepoName, results.RepoName) os.Setenv(models.EnvRepoName, results.RepoName)
@ -253,7 +256,7 @@ func runServ(c *cli.Context) error {
// Sign and get the complete encoded token as a string using the secret // Sign and get the complete encoded token as a string using the secret
tokenString, err := token.SignedString(setting.LFS.JWTSecretBytes) tokenString, err := token.SignedString(setting.LFS.JWTSecretBytes)
if err != nil { if err != nil {
fail("Internal error", "Failed to sign JWT token: %v", err) return fail("Internal error", "Failed to sign JWT token: %v", err)
} }
tokenAuthentication := &models.LFSTokenResponse{ tokenAuthentication := &models.LFSTokenResponse{
@ -266,7 +269,7 @@ func runServ(c *cli.Context) error {
enc := json.NewEncoder(os.Stdout) enc := json.NewEncoder(os.Stdout)
err = enc.Encode(tokenAuthentication) err = enc.Encode(tokenAuthentication)
if err != nil { if err != nil {
fail("Internal error", "Failed to encode LFS json response: %v", err) return fail("Internal error", "Failed to encode LFS json response: %v", err)
} }
return nil return nil
} }
@ -276,25 +279,6 @@ func runServ(c *cli.Context) error {
verb = strings.Replace(verb, "-", " ", 1) verb = strings.Replace(verb, "-", " ", 1)
} }
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
go func() {
// install notify
signalChannel := make(chan os.Signal, 1)
signal.Notify(
signalChannel,
syscall.SIGINT,
syscall.SIGTERM,
)
select {
case <-signalChannel:
case <-ctx.Done():
}
cancel()
signal.Reset()
}()
var gitcmd *exec.Cmd var gitcmd *exec.Cmd
verbs := strings.Split(verb, " ") verbs := strings.Split(verb, " ")
if len(verbs) == 2 { if len(verbs) == 2 {
@ -308,13 +292,13 @@ func runServ(c *cli.Context) error {
gitcmd.Stdin = os.Stdin gitcmd.Stdin = os.Stdin
gitcmd.Stderr = os.Stderr gitcmd.Stderr = os.Stderr
if err = gitcmd.Run(); err != nil { if err = gitcmd.Run(); err != nil {
fail("Internal error", "Failed to execute git command: %v", err) return fail("Internal error", "Failed to execute git command: %v", err)
} }
// Update user key activity. // Update user key activity.
if results.KeyID > 0 { if results.KeyID > 0 {
if err = private.UpdatePublicKeyInRepo(results.KeyID, results.RepoID); err != nil { if err = private.UpdatePublicKeyInRepo(ctx, results.KeyID, results.RepoID); err != nil {
fail("Internal error", "UpdatePublicKeyInRepo: %v", err) return fail("Internal error", "UpdatePublicKeyInRepo: %v", err)
} }
} }

@ -83,6 +83,7 @@ MODE = test,file
ROOT_PATH = mssql-log ROOT_PATH = mssql-log
ROUTER = , ROUTER = ,
XORM = file XORM = file
ENABLE_SSH_LOG = true
[log.test] [log.test]
LEVEL = Info LEVEL = Info

@ -101,6 +101,7 @@ MODE = test,file
ROOT_PATH = mysql-log ROOT_PATH = mysql-log
ROUTER = , ROUTER = ,
XORM = file XORM = file
ENABLE_SSH_LOG = true
[log.test] [log.test]
LEVEL = Info LEVEL = Info

@ -80,6 +80,7 @@ MODE = test,file
ROOT_PATH = mysql8-log ROOT_PATH = mysql8-log
ROUTER = , ROUTER = ,
XORM = file XORM = file
ENABLE_SSH_LOG = true
[log.test] [log.test]
LEVEL = Info LEVEL = Info

@ -84,6 +84,7 @@ MODE = test,file
ROOT_PATH = pgsql-log ROOT_PATH = pgsql-log
ROUTER = , ROUTER = ,
XORM = file XORM = file
ENABLE_SSH_LOG = true
[log.test] [log.test]
LEVEL = Info LEVEL = Info

@ -79,6 +79,7 @@ MODE = test,file
ROOT_PATH = sqlite-log ROOT_PATH = sqlite-log
ROUTER = , ROUTER = ,
XORM = file XORM = file
ENABLE_SSH_LOG = true
[log.test] [log.test]
LEVEL = Info LEVEL = Info

@ -7,6 +7,7 @@ package httplib
import ( import (
"bytes" "bytes"
"context"
"crypto/tls" "crypto/tls"
"encoding/xml" "encoding/xml"
"io" "io"
@ -122,6 +123,12 @@ func (r *Request) Setting(setting Settings) *Request {
return r return r
} }
// SetContext sets the request's Context
func (r *Request) SetContext(ctx context.Context) *Request {
r.req = r.req.WithContext(ctx)
return r
}
// SetBasicAuth sets the request's Authorization header to use HTTP Basic Authentication with the provided username and password. // SetBasicAuth sets the request's Authorization header to use HTTP Basic Authentication with the provided username and password.
func (r *Request) SetBasicAuth(username, password string) *Request { func (r *Request) SetBasicAuth(username, password string) *Request {
r.req.SetBasicAuth(username, password) r.req.SetBasicAuth(username, password)
@ -325,7 +332,7 @@ func (r *Request) getResponse() (*http.Response, error) {
trans = &http.Transport{ trans = &http.Transport{
TLSClientConfig: r.setting.TLSClientConfig, TLSClientConfig: r.setting.TLSClientConfig,
Proxy: proxy, Proxy: proxy,
Dial: TimeoutDialer(r.setting.ConnectTimeout), DialContext: TimeoutDialer(r.setting.ConnectTimeout),
} }
} else if t, ok := trans.(*http.Transport); ok { } else if t, ok := trans.(*http.Transport); ok {
if t.TLSClientConfig == nil { if t.TLSClientConfig == nil {
@ -334,8 +341,8 @@ func (r *Request) getResponse() (*http.Response, error) {
if t.Proxy == nil { if t.Proxy == nil {
t.Proxy = r.setting.Proxy t.Proxy = r.setting.Proxy
} }
if t.Dial == nil { if t.DialContext == nil {
t.Dial = TimeoutDialer(r.setting.ConnectTimeout) t.DialContext = TimeoutDialer(r.setting.ConnectTimeout)
} }
} }
@ -458,9 +465,10 @@ func (r *Request) Response() (*http.Response, error) {
} }
// TimeoutDialer returns functions of connection dialer with timeout settings for http.Transport Dial field. // TimeoutDialer returns functions of connection dialer with timeout settings for http.Transport Dial field.
func TimeoutDialer(cTimeout time.Duration) func(net, addr string) (c net.Conn, err error) { func TimeoutDialer(cTimeout time.Duration) func(ctx context.Context, net, addr string) (c net.Conn, err error) {
return func(netw, addr string) (net.Conn, error) { return func(ctx context.Context, netw, addr string) (net.Conn, error) {
conn, err := net.DialTimeout(netw, addr, cTimeout) d := net.Dialer{Timeout: cTimeout}
conn, err := d.DialContext(ctx, netw, addr)
if err != nil { if err != nil {
return nil, err return nil, err
} }

@ -5,6 +5,7 @@
package private package private
import ( import (
"context"
"encoding/json" "encoding/json"
"fmt" "fmt"
"net/http" "net/http"
@ -80,12 +81,12 @@ type HookPostReceiveBranchResult struct {
} }
// HookPreReceive check whether the provided commits are allowed // HookPreReceive check whether the provided commits are allowed
func HookPreReceive(ownerName, repoName string, opts HookOptions) (int, string) { func HookPreReceive(ctx context.Context, ownerName, repoName string, opts HookOptions) (int, string) {
reqURL := setting.LocalURL + fmt.Sprintf("api/internal/hook/pre-receive/%s/%s", reqURL := setting.LocalURL + fmt.Sprintf("api/internal/hook/pre-receive/%s/%s",
url.PathEscape(ownerName), url.PathEscape(ownerName),
url.PathEscape(repoName), url.PathEscape(repoName),
) )
req := newInternalRequest(reqURL, "POST") req := newInternalRequest(ctx, reqURL, "POST")
req = req.Header("Content-Type", "application/json") req = req.Header("Content-Type", "application/json")
json := jsoniter.ConfigCompatibleWithStandardLibrary json := jsoniter.ConfigCompatibleWithStandardLibrary
jsonBytes, _ := json.Marshal(opts) jsonBytes, _ := json.Marshal(opts)
@ -105,13 +106,13 @@ func HookPreReceive(ownerName, repoName string, opts HookOptions) (int, string)
} }
// HookPostReceive updates services and users // HookPostReceive updates services and users
func HookPostReceive(ownerName, repoName string, opts HookOptions) (*HookPostReceiveResult, string) { func HookPostReceive(ctx context.Context, ownerName, repoName string, opts HookOptions) (*HookPostReceiveResult, string) {
reqURL := setting.LocalURL + fmt.Sprintf("api/internal/hook/post-receive/%s/%s", reqURL := setting.LocalURL + fmt.Sprintf("api/internal/hook/post-receive/%s/%s",
url.PathEscape(ownerName), url.PathEscape(ownerName),
url.PathEscape(repoName), url.PathEscape(repoName),
) )
req := newInternalRequest(reqURL, "POST") req := newInternalRequest(ctx, reqURL, "POST")
req = req.Header("Content-Type", "application/json") req = req.Header("Content-Type", "application/json")
req.SetTimeout(60*time.Second, time.Duration(60+len(opts.OldCommitIDs))*time.Second) req.SetTimeout(60*time.Second, time.Duration(60+len(opts.OldCommitIDs))*time.Second)
json := jsoniter.ConfigCompatibleWithStandardLibrary json := jsoniter.ConfigCompatibleWithStandardLibrary
@ -133,13 +134,13 @@ func HookPostReceive(ownerName, repoName string, opts HookOptions) (*HookPostRec
} }
// SetDefaultBranch will set the default branch to the provided branch for the provided repository // SetDefaultBranch will set the default branch to the provided branch for the provided repository
func SetDefaultBranch(ownerName, repoName, branch string) error { func SetDefaultBranch(ctx context.Context, ownerName, repoName, branch string) error {
reqURL := setting.LocalURL + fmt.Sprintf("api/internal/hook/set-default-branch/%s/%s/%s", reqURL := setting.LocalURL + fmt.Sprintf("api/internal/hook/set-default-branch/%s/%s/%s",
url.PathEscape(ownerName), url.PathEscape(ownerName),
url.PathEscape(repoName), url.PathEscape(repoName),
url.PathEscape(branch), url.PathEscape(branch),
) )
req := newInternalRequest(reqURL, "POST") req := newInternalRequest(ctx, reqURL, "POST")
req = req.Header("Content-Type", "application/json") req = req.Header("Content-Type", "application/json")
req.SetTimeout(60*time.Second, 60*time.Second) req.SetTimeout(60*time.Second, 60*time.Second)
@ -155,9 +156,9 @@ func SetDefaultBranch(ownerName, repoName, branch string) error {
} }
// SSHLog sends ssh error log response // SSHLog sends ssh error log response
func SSHLog(isErr bool, msg string) error { func SSHLog(ctx context.Context, isErr bool, msg string) error {
reqURL := setting.LocalURL + "api/internal/ssh/log" reqURL := setting.LocalURL + "api/internal/ssh/log"
req := newInternalRequest(reqURL, "POST") req := newInternalRequest(ctx, reqURL, "POST")
req = req.Header("Content-Type", "application/json") req = req.Header("Content-Type", "application/json")
jsonBytes, _ := json.Marshal(&SSHLogOption{ jsonBytes, _ := json.Marshal(&SSHLogOption{
@ -171,6 +172,7 @@ func SSHLog(isErr bool, msg string) error {
if err != nil { if err != nil {
return fmt.Errorf("unable to contact gitea: %v", err) return fmt.Errorf("unable to contact gitea: %v", err)
} }
defer resp.Body.Close() defer resp.Body.Close()
if resp.StatusCode != http.StatusOK { if resp.StatusCode != http.StatusOK {
return fmt.Errorf("Error returned from gitea: %v", decodeJSONError(resp).Err) return fmt.Errorf("Error returned from gitea: %v", decodeJSONError(resp).Err)

@ -5,6 +5,7 @@
package private package private
import ( import (
"context"
"crypto/tls" "crypto/tls"
"fmt" "fmt"
"net" "net"
@ -15,8 +16,10 @@ import (
jsoniter "github.com/json-iterator/go" jsoniter "github.com/json-iterator/go"
) )
func newRequest(url, method string) *httplib.Request { func newRequest(ctx context.Context, url, method string) *httplib.Request {
return httplib.NewRequest(url, method).Header("Authorization", return httplib.NewRequest(url, method).
SetContext(ctx).
Header("Authorization",
fmt.Sprintf("Bearer %s", setting.InternalToken)) fmt.Sprintf("Bearer %s", setting.InternalToken))
} }
@ -35,8 +38,8 @@ func decodeJSONError(resp *http.Response) *Response {
return &res return &res
} }
func newInternalRequest(url, method string) *httplib.Request { func newInternalRequest(ctx context.Context, url, method string) *httplib.Request {
req := newRequest(url, method).SetTLSClientConfig(&tls.Config{ req := newRequest(ctx, url, method).SetTLSClientConfig(&tls.Config{
InsecureSkipVerify: true, InsecureSkipVerify: true,
ServerName: setting.Domain, ServerName: setting.Domain,
}) })
@ -45,6 +48,10 @@ func newInternalRequest(url, method string) *httplib.Request {
Dial: func(_, _ string) (net.Conn, error) { Dial: func(_, _ string) (net.Conn, error) {
return net.Dial("unix", setting.HTTPAddr) return net.Dial("unix", setting.HTTPAddr)
}, },
DialContext: func(ctx context.Context, _, _ string) (net.Conn, error) {
var d net.Dialer
return d.DialContext(ctx, "unix", setting.HTTPAddr)
},
}) })
} }
return req return req

@ -5,6 +5,7 @@
package private package private
import ( import (
"context"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
"net/http" "net/http"
@ -13,10 +14,10 @@ import (
) )
// UpdatePublicKeyInRepo update public key and if necessary deploy key updates // UpdatePublicKeyInRepo update public key and if necessary deploy key updates
func UpdatePublicKeyInRepo(keyID, repoID int64) error { func UpdatePublicKeyInRepo(ctx context.Context, keyID, repoID int64) error {
// Ask for running deliver hook and test pull request tasks. // Ask for running deliver hook and test pull request tasks.
reqURL := setting.LocalURL + fmt.Sprintf("api/internal/ssh/%d/update/%d", keyID, repoID) reqURL := setting.LocalURL + fmt.Sprintf("api/internal/ssh/%d/update/%d", keyID, repoID)
resp, err := newInternalRequest(reqURL, "POST").Response() resp, err := newInternalRequest(ctx, reqURL, "POST").Response()
if err != nil { if err != nil {
return err return err
} }
@ -32,10 +33,10 @@ func UpdatePublicKeyInRepo(keyID, repoID int64) error {
// AuthorizedPublicKeyByContent searches content as prefix (leak e-mail part) // AuthorizedPublicKeyByContent searches content as prefix (leak e-mail part)
// and returns public key found. // and returns public key found.
func AuthorizedPublicKeyByContent(content string) (string, error) { func AuthorizedPublicKeyByContent(ctx context.Context, content string) (string, error) {
// Ask for running deliver hook and test pull request tasks. // Ask for running deliver hook and test pull request tasks.
reqURL := setting.LocalURL + "api/internal/ssh/authorized_keys" reqURL := setting.LocalURL + "api/internal/ssh/authorized_keys"
req := newInternalRequest(reqURL, "POST") req := newInternalRequest(ctx, reqURL, "POST")
req.Param("content", content) req.Param("content", content)
resp, err := req.Response() resp, err := req.Response()
if err != nil { if err != nil {

@ -5,6 +5,7 @@
package private package private
import ( import (
"context"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
"net/http" "net/http"
@ -27,10 +28,10 @@ type Email struct {
// //
// If to list == nil its supposed to send an email to every // If to list == nil its supposed to send an email to every
// user present in DB // user present in DB
func SendEmail(subject, message string, to []string) (int, string) { func SendEmail(ctx context.Context, subject, message string, to []string) (int, string) {
reqURL := setting.LocalURL + "api/internal/mail/send" reqURL := setting.LocalURL + "api/internal/mail/send"
req := newInternalRequest(reqURL, "POST") req := newInternalRequest(ctx, reqURL, "POST")
req = req.Header("Content-Type", "application/json") req = req.Header("Content-Type", "application/json")
json := jsoniter.ConfigCompatibleWithStandardLibrary json := jsoniter.ConfigCompatibleWithStandardLibrary
jsonBytes, _ := json.Marshal(Email{ jsonBytes, _ := json.Marshal(Email{

@ -5,6 +5,7 @@
package private package private
import ( import (
"context"
"fmt" "fmt"
"net/http" "net/http"
"net/url" "net/url"
@ -15,10 +16,10 @@ import (
) )
// Shutdown calls the internal shutdown function // Shutdown calls the internal shutdown function
func Shutdown() (int, string) { func Shutdown(ctx context.Context) (int, string) {
reqURL := setting.LocalURL + "api/internal/manager/shutdown" reqURL := setting.LocalURL + "api/internal/manager/shutdown"
req := newInternalRequest(reqURL, "POST") req := newInternalRequest(ctx, reqURL, "POST")
resp, err := req.Response() resp, err := req.Response()
if err != nil { if err != nil {
return http.StatusInternalServerError, fmt.Sprintf("Unable to contact gitea: %v", err.Error()) return http.StatusInternalServerError, fmt.Sprintf("Unable to contact gitea: %v", err.Error())
@ -33,10 +34,10 @@ func Shutdown() (int, string) {
} }
// Restart calls the internal restart function // Restart calls the internal restart function
func Restart() (int, string) { func Restart(ctx context.Context) (int, string) {
reqURL := setting.LocalURL + "api/internal/manager/restart" reqURL := setting.LocalURL + "api/internal/manager/restart"
req := newInternalRequest(reqURL, "POST") req := newInternalRequest(ctx, reqURL, "POST")
resp, err := req.Response() resp, err := req.Response()
if err != nil { if err != nil {
return http.StatusInternalServerError, fmt.Sprintf("Unable to contact gitea: %v", err.Error()) return http.StatusInternalServerError, fmt.Sprintf("Unable to contact gitea: %v", err.Error())
@ -57,10 +58,10 @@ type FlushOptions struct {
} }
// FlushQueues calls the internal flush-queues function // FlushQueues calls the internal flush-queues function
func FlushQueues(timeout time.Duration, nonBlocking bool) (int, string) { func FlushQueues(ctx context.Context, timeout time.Duration, nonBlocking bool) (int, string) {
reqURL := setting.LocalURL + "api/internal/manager/flush-queues" reqURL := setting.LocalURL + "api/internal/manager/flush-queues"
req := newInternalRequest(reqURL, "POST") req := newInternalRequest(ctx, reqURL, "POST")
if timeout > 0 { if timeout > 0 {
req.SetTimeout(timeout+10*time.Second, timeout+10*time.Second) req.SetTimeout(timeout+10*time.Second, timeout+10*time.Second)
} }
@ -85,10 +86,10 @@ func FlushQueues(timeout time.Duration, nonBlocking bool) (int, string) {
} }
// PauseLogging pauses logging // PauseLogging pauses logging
func PauseLogging() (int, string) { func PauseLogging(ctx context.Context) (int, string) {
reqURL := setting.LocalURL + "api/internal/manager/pause-logging" reqURL := setting.LocalURL + "api/internal/manager/pause-logging"
req := newInternalRequest(reqURL, "POST") req := newInternalRequest(ctx, reqURL, "POST")
resp, err := req.Response() resp, err := req.Response()
if err != nil { if err != nil {
return http.StatusInternalServerError, fmt.Sprintf("Unable to contact gitea: %v", err.Error()) return http.StatusInternalServerError, fmt.Sprintf("Unable to contact gitea: %v", err.Error())
@ -103,10 +104,10 @@ func PauseLogging() (int, string) {
} }
// ResumeLogging resumes logging // ResumeLogging resumes logging
func ResumeLogging() (int, string) { func ResumeLogging(ctx context.Context) (int, string) {
reqURL := setting.LocalURL + "api/internal/manager/resume-logging" reqURL := setting.LocalURL + "api/internal/manager/resume-logging"
req := newInternalRequest(reqURL, "POST") req := newInternalRequest(ctx, reqURL, "POST")
resp, err := req.Response() resp, err := req.Response()
if err != nil { if err != nil {
return http.StatusInternalServerError, fmt.Sprintf("Unable to contact gitea: %v", err.Error()) return http.StatusInternalServerError, fmt.Sprintf("Unable to contact gitea: %v", err.Error())
@ -121,10 +122,10 @@ func ResumeLogging() (int, string) {
} }
// ReleaseReopenLogging releases and reopens logging files // ReleaseReopenLogging releases and reopens logging files
func ReleaseReopenLogging() (int, string) { func ReleaseReopenLogging(ctx context.Context) (int, string) {
reqURL := setting.LocalURL + "api/internal/manager/release-and-reopen-logging" reqURL := setting.LocalURL + "api/internal/manager/release-and-reopen-logging"
req := newInternalRequest(reqURL, "POST") req := newInternalRequest(ctx, reqURL, "POST")
resp, err := req.Response() resp, err := req.Response()
if err != nil { if err != nil {
return http.StatusInternalServerError, fmt.Sprintf("Unable to contact gitea: %v", err.Error()) return http.StatusInternalServerError, fmt.Sprintf("Unable to contact gitea: %v", err.Error())
@ -147,10 +148,10 @@ type LoggerOptions struct {
} }
// AddLogger adds a logger // AddLogger adds a logger
func AddLogger(group, name, mode string, config map[string]interface{}) (int, string) { func AddLogger(ctx context.Context, group, name, mode string, config map[string]interface{}) (int, string) {
reqURL := setting.LocalURL + "api/internal/manager/add-logger" reqURL := setting.LocalURL + "api/internal/manager/add-logger"
req := newInternalRequest(reqURL, "POST") req := newInternalRequest(ctx, reqURL, "POST")
req = req.Header("Content-Type", "application/json") req = req.Header("Content-Type", "application/json")
json := jsoniter.ConfigCompatibleWithStandardLibrary json := jsoniter.ConfigCompatibleWithStandardLibrary
jsonBytes, _ := json.Marshal(LoggerOptions{ jsonBytes, _ := json.Marshal(LoggerOptions{
@ -175,10 +176,10 @@ func AddLogger(group, name, mode string, config map[string]interface{}) (int, st
} }
// RemoveLogger removes a logger // RemoveLogger removes a logger
func RemoveLogger(group, name string) (int, string) { func RemoveLogger(ctx context.Context, group, name string) (int, string) {
reqURL := setting.LocalURL + fmt.Sprintf("api/internal/manager/remove-logger/%s/%s", url.PathEscape(group), url.PathEscape(name)) reqURL := setting.LocalURL + fmt.Sprintf("api/internal/manager/remove-logger/%s/%s", url.PathEscape(group), url.PathEscape(name))
req := newInternalRequest(reqURL, "POST") req := newInternalRequest(ctx, reqURL, "POST")
resp, err := req.Response() resp, err := req.Response()
if err != nil { if err != nil {
return http.StatusInternalServerError, fmt.Sprintf("Unable to contact gitea: %v", err.Error()) return http.StatusInternalServerError, fmt.Sprintf("Unable to contact gitea: %v", err.Error())

@ -5,6 +5,7 @@
package private package private
import ( import (
"context"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
"net/http" "net/http"
@ -23,10 +24,10 @@ type RestoreParams struct {
} }
// RestoreRepo calls the internal RestoreRepo function // RestoreRepo calls the internal RestoreRepo function
func RestoreRepo(repoDir, ownerName, repoName string, units []string) (int, string) { func RestoreRepo(ctx context.Context, repoDir, ownerName, repoName string, units []string) (int, string) {
reqURL := setting.LocalURL + "api/internal/restore_repo" reqURL := setting.LocalURL + "api/internal/restore_repo"
req := newInternalRequest(reqURL, "POST") req := newInternalRequest(ctx, reqURL, "POST")
req.SetTimeout(3*time.Second, 0) // since the request will spend much time, don't timeout req.SetTimeout(3*time.Second, 0) // since the request will spend much time, don't timeout
req = req.Header("Content-Type", "application/json") req = req.Header("Content-Type", "application/json")
json := jsoniter.ConfigCompatibleWithStandardLibrary json := jsoniter.ConfigCompatibleWithStandardLibrary

@ -5,6 +5,7 @@
package private package private
import ( import (
"context"
"fmt" "fmt"
"net/http" "net/http"
"net/url" "net/url"
@ -21,10 +22,10 @@ type KeyAndOwner struct {
} }
// ServNoCommand returns information about the provided key // ServNoCommand returns information about the provided key
func ServNoCommand(keyID int64) (*models.PublicKey, *models.User, error) { func ServNoCommand(ctx context.Context, keyID int64) (*models.PublicKey, *models.User, error) {
reqURL := setting.LocalURL + fmt.Sprintf("api/internal/serv/none/%d", reqURL := setting.LocalURL + fmt.Sprintf("api/internal/serv/none/%d",
keyID) keyID)
resp, err := newInternalRequest(reqURL, "GET").Response() resp, err := newInternalRequest(ctx, reqURL, "GET").Response()
if err != nil { if err != nil {
return nil, nil, err return nil, nil, err
} }
@ -73,7 +74,7 @@ func IsErrServCommand(err error) bool {
} }
// ServCommand preps for a serv call // ServCommand preps for a serv call
func ServCommand(keyID int64, ownerName, repoName string, mode models.AccessMode, verbs ...string) (*ServCommandResults, error) { func ServCommand(ctx context.Context, keyID int64, ownerName, repoName string, mode models.AccessMode, verbs ...string) (*ServCommandResults, error) {
reqURL := setting.LocalURL + fmt.Sprintf("api/internal/serv/command/%d/%s/%s?mode=%d", reqURL := setting.LocalURL + fmt.Sprintf("api/internal/serv/command/%d/%s/%s?mode=%d",
keyID, keyID,
url.PathEscape(ownerName), url.PathEscape(ownerName),
@ -85,7 +86,7 @@ func ServCommand(keyID int64, ownerName, repoName string, mode models.AccessMode
} }
} }
resp, err := newInternalRequest(reqURL, "GET").Response() resp, err := newInternalRequest(ctx, reqURL, "GET").Response()
if err != nil { if err != nil {
return nil, err return nil, err
} }

@ -6,6 +6,7 @@ package ssh
import ( import (
"bytes" "bytes"
"context"
"crypto/rand" "crypto/rand"
"crypto/rsa" "crypto/rsa"
"crypto/x509" "crypto/x509"
@ -66,7 +67,11 @@ func sessionHandler(session ssh.Session) {
args := []string{"serv", "key-" + keyID, "--config=" + setting.CustomConf} args := []string{"serv", "key-" + keyID, "--config=" + setting.CustomConf}
log.Trace("SSH: Arguments: %v", args) log.Trace("SSH: Arguments: %v", args)
cmd := exec.CommandContext(session.Context(), setting.AppPath, args...)
ctx, cancel := context.WithCancel(session.Context())
defer cancel()
cmd := exec.CommandContext(ctx, setting.AppPath, args...)
cmd.Env = append( cmd.Env = append(
os.Environ(), os.Environ(),
"SSH_ORIGINAL_COMMAND="+command, "SSH_ORIGINAL_COMMAND="+command,
@ -78,16 +83,21 @@ func sessionHandler(session ssh.Session) {
log.Error("SSH: StdoutPipe: %v", err) log.Error("SSH: StdoutPipe: %v", err)
return return
} }
defer stdout.Close()
stderr, err := cmd.StderrPipe() stderr, err := cmd.StderrPipe()
if err != nil { if err != nil {
log.Error("SSH: StderrPipe: %v", err) log.Error("SSH: StderrPipe: %v", err)
return return
} }
defer stderr.Close()
stdin, err := cmd.StdinPipe() stdin, err := cmd.StdinPipe()
if err != nil { if err != nil {
log.Error("SSH: StdinPipe: %v", err) log.Error("SSH: StdinPipe: %v", err)
return return
} }
defer stdin.Close()
wg := &sync.WaitGroup{} wg := &sync.WaitGroup{}
wg.Add(2) wg.Add(2)
@ -106,6 +116,7 @@ func sessionHandler(session ssh.Session) {
go func() { go func() {
defer wg.Done() defer wg.Done()
defer stdout.Close()
if _, err := io.Copy(session, stdout); err != nil { if _, err := io.Copy(session, stdout); err != nil {
log.Error("Failed to write stdout to session. %s", err) log.Error("Failed to write stdout to session. %s", err)
} }
@ -113,6 +124,7 @@ func sessionHandler(session ssh.Session) {
go func() { go func() {
defer wg.Done() defer wg.Done()
defer stderr.Close()
if _, err := io.Copy(session.Stderr(), stderr); err != nil { if _, err := io.Copy(session.Stderr(), stderr); err != nil {
log.Error("Failed to write stderr to session. %s", err) log.Error("Failed to write stderr to session. %s", err)
} }

Loading…
Cancel
Save