+ /* We should do a single write so that it is atomic and output
+ * of several processes do not get intermingled. */
+ char buf[1024];
+ int buflen;
+ int maxlen, msglen;
+
+ /* sizeof(buf) should be big enough for "[pid] \n" */
+ buflen = snprintf(buf, sizeof(buf), "[%ld] ", (long) getpid());
+
+ maxlen = sizeof(buf) - buflen - 1; /* -1 for our own LF */
+ msglen = vsnprintf(buf + buflen, maxlen, err, params);
+
+ if (log_syslog) {
+ syslog(priority, "%s", buf);
+ return;
+ }
+
+ /* maxlen counted our own LF but also counts space given to
+ * vsnprintf for the terminating NUL. We want to make sure that
+ * we have space for our own LF and NUL after the "meat" of the
+ * message, so truncate it at maxlen - 1.
+ */
+ if (msglen > maxlen - 1)
+ msglen = maxlen - 1;
+ else if (msglen < 0)
+ msglen = 0; /* Protect against weird return values. */
+ buflen += msglen;
+
+ buf[buflen++] = '\n';
+ buf[buflen] = '\0';
+
+ write(2, buf, buflen);
+}
+
+static void logerror(const char *err, ...)
+{
+ va_list params;
+ va_start(params, err);
+ logreport(LOG_ERR, err, params);
+ va_end(params);
+}
+
+static void loginfo(const char *err, ...)
+{
+ va_list params;
+ if (!verbose)
+ return;
+ va_start(params, err);
+ logreport(LOG_INFO, err, params);
+ va_end(params);
+}
+
+static char *path_ok(char *dir)
+{
+ char *path = enter_repo(dir, strict_paths);
+
+ if (!path) {
+ logerror("'%s': unable to chdir or not a git archive", dir);
+ return NULL;
+ }
+
+ if ( ok_paths && *ok_paths ) {
+ char **pp;
+ int pathlen = strlen(path);
+
+ /* The validation is done on the paths after enter_repo
+ * canonicalization, so whitelist should be written in
+ * terms of real pathnames (i.e. after ~user is expanded
+ * and symlinks resolved).
+ */
+ for ( pp = ok_paths ; *pp ; pp++ ) {
+ int len = strlen(*pp);
+ if (len <= pathlen &&
+ !memcmp(*pp, path, len) &&
+ (path[len] == '\0' ||
+ (!strict_paths && path[len] == '/')))
+ return path;
+ }
+ }
+ else {
+ /* be backwards compatible */
+ if (!strict_paths)
+ return path;
+ }
+
+ logerror("'%s': not in whitelist", path);
+ return NULL; /* Fallthrough. Deny by default */
+}
+
+static int upload(char *dir)
+{
+ /* Timeout as string */
+ char timeout_buf[64];
+ const char *path;
+
+ loginfo("Request for '%s'", dir);
+
+ if (!(path = path_ok(dir)))