From 563a25d7c2cb8b9cb572bf2d2cafd72cd4b1f472 Mon Sep 17 00:00:00 2001 From: catfromplan9 <104175360+catfromplan9@users.noreply.github.com> Date: Mon, 21 Apr 2025 18:39:45 +0000 Subject: [PATCH] handler: Add Www-Authenticate header, update validGitResource (#25) * Add Www-Authenticate header * Include git-receive-pack in validGitResource --- src/core/Handler.cpp | 14 +++++++++++++- src/headers/wwwAuthenticateHeader.hpp | 24 ++++++++++++++++++++++++ src/main.cpp | 2 ++ 3 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 src/headers/wwwAuthenticateHeader.hpp diff --git a/src/core/Handler.cpp b/src/core/Handler.cpp index d8cac1d..c987a34 100644 --- a/src/core/Handler.cpp +++ b/src/core/Handler.cpp @@ -6,6 +6,7 @@ #include "../headers/cfHeader.hpp" #include "../headers/xforwardfor.hpp" #include "../headers/gitProtocolHeader.hpp" +#include "../headers/wwwAuthenticateHeader.hpp" #include "../headers/acceptLanguageHeader.hpp" #include "../headers/setCookieHeader.hpp" #include "../headers/xrealip.hpp" @@ -130,6 +131,7 @@ void CServerHandler::onRequest(const Pistache::Http::Request& req, Pistache::Htt std::shared_ptr xForwardedForHeader; std::shared_ptr authHeader; std::shared_ptr gitProtocolHeader; + std::shared_ptr wwwAuthenticateHeader; try { hostHeader = Pistache::Http::Header::header_cast(HEADERS.get("Host")); @@ -175,6 +177,12 @@ void CServerHandler::onRequest(const Pistache::Http::Request& req, Pistache::Htt ; // silent ignore } + try { + wwwAuthenticateHeader = Pistache::Http::Header::header_cast(HEADERS.get("Www-Authenticate")); + } catch (std::exception& e) { + ; // silent ignore + } + Debug::log(LOG, "New request: {}:{}{}", hostHeader->host(), hostHeader->port().toString(), req.resource()); const auto REQUEST_IP = ipForRequest(req); @@ -202,7 +210,11 @@ void CServerHandler::onRequest(const Pistache::Http::Request& req, Pistache::Htt // TODO: ratelimit this, probably. const auto RES = req.resource(); - bool validGitResource = RES.ends_with("/info/refs") || RES.ends_with("/info/packs") || RES.ends_with("HEAD") || RES.ends_with(".git") || RES.ends_with("/git-upload-pack"); + bool validGitResource = + RES.ends_with("/info/refs") || RES.ends_with("/info/packs") || + RES.ends_with("HEAD") || RES.ends_with(".git") || + RES.ends_with("/git-upload-pack") || + RES.ends_with("/git-receive-pack"); if (RES.contains("/objects/")) { const std::string_view repo = std::string_view{RES}.substr(0, RES.find("/objects/")); diff --git a/src/headers/wwwAuthenticateHeader.hpp b/src/headers/wwwAuthenticateHeader.hpp new file mode 100644 index 0000000..3b088d6 --- /dev/null +++ b/src/headers/wwwAuthenticateHeader.hpp @@ -0,0 +1,24 @@ +#include +#include + +class WwwAuthenticateHeader : public Pistache::Http::Header::Header { + public: + NAME("Www-Authenticate"); + + WwwAuthenticateHeader() = default; + + void parse(const std::string& str) override { + m_text = str; + } + + void write(std::ostream& os) const override { + os << m_text; + } + + std::string text() const { + return m_text; + } + + private: + std::string m_text = ""; +}; diff --git a/src/main.cpp b/src/main.cpp index 4580ffb..b71703d 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -12,6 +12,7 @@ #include "headers/xforwardfor.hpp" #include "headers/cfHeader.hpp" #include "headers/gitProtocolHeader.hpp" +#include "headers/wwwAuthenticateHeader.hpp" #include "headers/acceptLanguageHeader.hpp" #include "headers/setCookieHeader.hpp" #include "headers/xrealip.hpp" @@ -81,6 +82,7 @@ int main(int argc, char** argv, char** envp) { Pistache::Http::Header::Registry::instance().registerHeader(); Pistache::Http::Header::Registry::instance().registerHeader(); Pistache::Http::Header::Registry::instance().registerHeader(); + Pistache::Http::Header::Registry::instance().registerHeader(); Pistache::Http::Header::Registry::instance().registerHeader(); Pistache::Http::Header::Registry::instance().registerHeader(); Pistache::Http::Header::Registry::instance().registerHeader();