[PATCHv4 1/2] Add ability to authorize viewing a repository

[valentin.haenel at gmx.de (Valentin Haenel)]

This provides a mechanism for cgit to query an external program for repository
authorisation, e.g. gitolite. An additional config variable 'authorization-helper'
contains the path and name of the executable to use.

Signed-off-by: Valentin Haenel <valentin.haenel at gmx.de>
---
 cgit.c       |   46 ++++++++++++++++++++++++++++++++++++++++++++++
 cgit.h       |    1 +
 cgitrc.5.txt |    6 ++++++
 3 files changed, 53 insertions(+)

diff --git a/cgit.c b/cgit.c
index a97ed69653..dbce4c2e1c 100644
--- a/cgit.c
+++ b/cgit.c
@@ -126,6 +126,8 @@ void config_cb(const char *name, const char *value)
 		repo_config(ctx.repo, name + 5, value);
 	else if (!strcmp(name, "readme"))
 		ctx.cfg.readme = xstrdup(value);
+	else if (!strcmp(name, "authorization-helper"))
+		ctx.cfg.authorization_helper = xstrdup(value);
 	else if (!strcmp(name, "root-title"))
 		ctx.cfg.root_title = xstrdup(value);
 	else if (!strcmp(name, "root-desc"))
@@ -379,6 +381,7 @@ static void prepare_context(struct cgit_context *ctx)
 	ctx->cfg.summary_tags = 10;
 	ctx->cfg.max_atom_items = 10;
 	ctx->cfg.ssdiff = 0;
+	ctx->cfg.authorization_helper = NULL;
 	ctx->env.cgit_config = xstrdupn(getenv("CGIT_CONFIG"));
 	ctx->env.http_host = xstrdupn(getenv("HTTP_HOST"));
 	ctx->env.https = xstrdupn(getenv("HTTPS"));
@@ -513,6 +516,40 @@ static int prepare_repo_cmd(struct cgit_context *ctx)
 	return 0;
 }
 
+/* Run an external authorization helper via fork/exec/wait.
+ *
+ * Returns the exit code of the authorization helper if this exited
+ * successfully (0 will be success) and -1 in case of any other errors. If
+ * there is no authorization helper configured, it will return 0 too.
+ *
+ * */
+static int run_authorization_helper(struct cgit_context *ctx)
+{
+	if (ctx->cfg.authorization_helper == NULL)
+		return 0;
+	int wait_ret;
+	pid_t pid = fork();
+	switch (pid) {
+		case -1:  /* fork failed */
+			return -1;
+		case 0:   /* child */
+			execl(ctx->cfg.authorization_helper, ctx->cfg.authorization_helper, NULL);
+			/* exec failed */
+			exit(-1);
+		default:  /* parent */
+			if (waitpid(pid, &wait_ret, 0) < 0) {
+				return -1; /* waitpid failed */
+			} else if (WIFSIGNALED(wait_ret)) {
+				return -1; /* helper terminated by signal */
+			} else if (WIFEXITED(wait_ret)) {
+				/* helper exited normally */
+				int status = WEXITSTATUS(wait_ret);
+				return status;
+			}
+	}
+	return -1;
+}
+
 static void process_request(void *cbdata)
 {
 	struct cgit_context *ctx = cbdata;
@@ -554,6 +591,15 @@ static void process_request(void *cbdata)
 	if (ctx->repo && prepare_repo_cmd(ctx))
 		return;
 
+	if (ctx->repo && run_authorization_helper(ctx) != 0){
+		cgit_print_http_headers(ctx);
+		cgit_print_docstart(ctx);
+		cgit_print_pageheader(ctx);
+		cgit_print_error(fmt("Authorization failed"));
+		cgit_print_docend();
+		return;
+	}
+
 	if (cmd->want_layout) {
 		cgit_print_http_headers(ctx);
 		cgit_print_docstart(ctx);
diff --git a/cgit.h b/cgit.h
index 7a99135710..5c95c46502 100644
--- a/cgit.h
+++ b/cgit.h
@@ -166,6 +166,7 @@ struct cgit_query {
 
 struct cgit_config {
 	char *agefile;
+	char *authorization_helper;
 	char *cache_root;
 	char *clone_prefix;
 	char *clone_url;
diff --git a/cgitrc.5.txt b/cgitrc.5.txt
index 5887cee9a8..45ea1fe248 100644
--- a/cgitrc.5.txt
+++ b/cgitrc.5.txt
@@ -40,6 +40,12 @@ agefile::
 	function in libgit. Recommended timestamp-format is "yyyy-mm-dd
 	hh:mm:ss". Default value: "info/web/last-modified".
 
+authorization-helper::
+	Specifies a path to authorization executable. The executable is given the
+	full environment from the webserver, including all "CGIT_*" variables
+	available for filters. The executable is expected to return "0" on
+	authorization success. Default value: none. See also: "FILTER API"
+
 cache-root::
 	Path used to store the cgit cache entries. Default value:
 	"/var/cache/cgit". See also: "MACRO EXPANSION".
-- 
1.7.9.5