diff --git a/doc/mirroring.mkd b/doc/mirroring.mkd index 0e5b2ce..8b50dc7 100644 --- a/doc/mirroring.mkd +++ b/doc/mirroring.mkd @@ -132,8 +132,9 @@ and 'gollum' as examples here. (Remember the "rc" file is NOT mirrored; it is meant to be site-local). - Note: if `GL_HOSTNAME` is undefined, all mirroring features are disabled - on that server, regardless of other settings. + Note: if `GL_HOSTNAME` is undefined, you cannot push to repos which have + the 'gitolite.mirror.master' config variable set. (See 'details' section + below for more info on this variable). 5. On each machine, add the keys for all other machines. For example, on frodo you'd run these two commands: diff --git a/src/gitolite.pm b/src/gitolite.pm index 8345f32..28b403a 100644 --- a/src/gitolite.pm +++ b/src/gitolite.pm @@ -1208,9 +1208,11 @@ sub mirror_listslaves { return ( `git config --file $REPO_BASE/$repo.git/config --get gitolite.mirror.slaves` || '' ); } +# is a redirect ok for this repo from this slave? sub mirror_redirectOK { my $repo = shift; - my $slave = shift || ''; + my $slave = shift || return 0; + # if we don't know who's asking, the answer is "no" my $gmrOK = `git config --file $REPO_BASE/$repo.git/config --get gitolite.mirror.redirectOK` || ''; chomp $gmrOK; diff --git a/src/gl-auth-command b/src/gl-auth-command index c12d7f5..61b2f5a 100755 --- a/src/gl-auth-command +++ b/src/gl-auth-command @@ -140,8 +140,9 @@ $ENV{GL_REPO}=$repo; my $aa = ($verb =~ $R_COMMANDS ? 'R' : 'W'); # writes may get redirected under certain conditions -if ( $GL_HOSTNAME and $aa eq 'W' and mirror_mode($repo) =~ /^slave of (\S+)/ ) { +if ( $aa eq 'W' and mirror_mode($repo) =~ /^slave of (\S+)/ ) { my $master = $1; + die "$ABRT GL_HOSTNAME not set; rejecting push to non-local repo\n" unless $GL_HOSTNAME; die "$ABRT $GL_HOSTNAME not the master, please push to $master\n" unless mirror_redirectOK($repo, $GL_HOSTNAME); print STDERR "$GL_HOSTNAME ==== $user ($repo) ===> $master\n"; exec("ssh", $master, "USER=$user", "SOC=$ENV{SSH_ORIGINAL_COMMAND}");