transport: refactor protocol whitelist code

The current callers only want to die when their transport is prohibited. But future callers want to query the mechanism without dying. Let's break out a few query functions, and also save the results in a static list so we don't have to re-parse for each query. Based-on-a-patch-by: Blake Burkhart <bburky@bburky.com> Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
git-mirror · Sep 25, 2015 · 5088d3b · 5088d3b
1 parent 33cfccb
commit 5088d3b
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 10 deletions.
diff --git a/transport.c b/transport.c
@@ -909,18 +909,40 @@ static int external_specification_len(const char *url)
 	return strchr(url, ':') - url;
 }
 
-void transport_check_allowed(const char *type)
+static const struct string_list *protocol_whitelist(void)
 {
-	struct string_list allowed = STRING_LIST_INIT_DUP;
-	const char *v = getenv("GIT_ALLOW_PROTOCOL");
+	static int enabled = -1;
+	static struct string_list allowed = STRING_LIST_INIT_DUP;
+
+	if (enabled < 0) {
+		const char *v = getenv("GIT_ALLOW_PROTOCOL");
+		if (v) {
+			string_list_split(&allowed, v, ':', -1);
+			string_list_sort(&allowed);
+			enabled = 1;
+		} else {
+			enabled = 0;
+		}
+	}
 
-	if (!v)
-		return;
+	return enabled ? &allowed : NULL;
+}
+
+int is_transport_allowed(const char *type)
+{
+	const struct string_list *allowed = protocol_whitelist();
+	return !allowed || string_list_has_string(allowed, type);
+}
 
-	string_list_split(&allowed, v, ':', -1);
-	if (!unsorted_string_list_has_string(&allowed, type))
+void transport_check_allowed(const char *type)
+{
+	if (!is_transport_allowed(type))
 		die("transport '%s' not allowed", type);
-	string_list_clear(&allowed, 0);
+}
+
+int transport_restrict_protocols(void)
+{
+	return !!protocol_whitelist();
 }
 
 struct transport *transport_get(struct remote *remote, const char *url)

diff --git a/transport.h b/transport.h
@@ -132,13 +132,24 @@ struct transport {
 /* Returns a transport suitable for the url */
 struct transport *transport_get(struct remote *, const char *);
 
+/*
+ * Check whether a transport is allowed by the environment. Type should
+ * generally be the URL scheme, as described in Documentation/git.txt
+ */
+int is_transport_allowed(const char *type);
+
 /*
  * Check whether a transport is allowed by the environment,
- * and die otherwise. type should generally be the URL scheme,
- * as described in Documentation/git.txt
+ * and die otherwise.
  */
 void transport_check_allowed(const char *type);
 
+/*
+ * Returns true if the user has attempted to turn on protocol
+ * restrictions at all.
+ */
+int transport_restrict_protocols(void);
+
 /* Transport options which apply to git:// and scp-style URLs */
 
 /* The program to use on the remote side to send a pack */