Index: branches/fc15-dev/server/common/oursrc/execsys/ldapize.pl =================================================================== --- branches/fc15-dev/server/common/oursrc/execsys/ldapize.pl (revision 1803) +++ branches/fc15-dev/server/common/oursrc/execsys/ldapize.pl (revision 1878) @@ -7,23 +7,11 @@ use Net::LDAP::Filter; -sub report_error -{ - my $proto = shift; - my $mesg = shift; - - if ($proto eq 'git') { - $mesg = "ERR \n " . $mesg . "\n"; - my $len = length($mesg)+4; - printf "%04x%s", $len, $mesg; - } else { - print $mesg; - } - exit 0; -} - my $url = $ARGV[0]; my ($proto, $hostname, $path) = $url =~ m|^(.*?)://([^/]*)(.*)| or die "Could not match URL"; my $mesg; +my $vhostName = $hostname; + +vhost: # oh my gosh Net::LDAP::Filter SUCKS my $filter = bless({and => @@ -32,10 +20,10 @@ {or => [{equalityMatch => {attributeDesc => 'scriptsVhostName', - assertionValue => $hostname}}, + assertionValue => $vhostName}}, {equalityMatch => {attributeDesc => 'scriptsVhostAlias', - assertionValue => $hostname}}]}]}, + assertionValue => $vhostName}}]}]}, 'Net::LDAP::Filter'); -my $ldap = Net::LDAP->new("ldapi://%2fvar%2frun%2fdirsrv%2fslapd-scripts.socket/"); +my $ldap = Net::LDAP->new("ldapi://%2fvar%2frun%2fslapd-scripts.socket/"); $mesg = $ldap->bind(); $mesg->code && die $mesg->error; @@ -46,8 +34,10 @@ my $vhostEntry = $mesg->pop_entry; -if (!$vhostEntry) -{ - report_error($proto, "Could not find Host $hostname"); +if (!defined $vhostEntry) { + $vhostName ne '*' or die 'No vhost for *'; + $vhostName =~ s/^(?:\*\.)?[^.]*/*/; # Try next wildcard + goto vhost; } + my $vhostDirectory = $vhostEntry->get_value('scriptsVhostDirectory'); @@ -59,13 +49,20 @@ my ($homeDirectory, $uidNumber, $gidNumber) = map { $userEntry->get_value($_) } qw(homeDirectory uidNumber gidNumber); +(my $scriptsdir = $homeDirectory) =~ s{(?:/Scripts)?$}{/Scripts}; if ($proto eq 'svn') { chdir '/usr/libexec/scripts-trusted'; - exec('/usr/sbin/suexec', $uidNumber, $gidNumber, '/usr/libexec/scripts-trusted/svn', "$homeDirectory/Scripts/svn/$vhostDirectory"); + exec('/usr/sbin/suexec', $uidNumber, $gidNumber, '/usr/libexec/scripts-trusted/svn', "$scriptsdir/svn/$vhostDirectory"); } elsif ($proto eq 'git') { + if ($vhostEntry->get_value('scriptsVhostName') eq 'notfound.example.com') { + # git-daemon doesn’t report useful errors yet + my $msg = "ERR No such host $hostname\n"; + printf '%04x%s', length($msg) + 4, $msg; + exit; + } chdir '/usr/libexec/scripts-trusted'; - exec('/usr/sbin/suexec', $uidNumber, $gidNumber, '/usr/libexec/scripts-trusted/git', "$homeDirectory/Scripts/git/$vhostDirectory"); + exec('/usr/sbin/suexec', $uidNumber, $gidNumber, '/usr/libexec/scripts-trusted/git', "$scriptsdir/git/$vhostDirectory"); } elsif ($proto eq 'http') { - print "suexec $uidNumber $gidNumber $homeDirectory/Scripts/web/$vhostDirectory/$path\n"; + print "suexec $uidNumber $gidNumber $scriptsdir/web/$vhostDirectory/$path\n"; } else { die "Unknown protocol\n";