2 2178c42e 2018-04-22 stsp * Copyright (c) 2018 Stefan Sperling <stsp@openbsd.org>
4 2178c42e 2018-04-22 stsp * Permission to use, copy, modify, and distribute this software for any
5 2178c42e 2018-04-22 stsp * purpose with or without fee is hereby granted, provided that the above
6 2178c42e 2018-04-22 stsp * copyright notice and this permission notice appear in all copies.
8 2178c42e 2018-04-22 stsp * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 2178c42e 2018-04-22 stsp * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 2178c42e 2018-04-22 stsp * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 2178c42e 2018-04-22 stsp * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 2178c42e 2018-04-22 stsp * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 2178c42e 2018-04-22 stsp * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 2178c42e 2018-04-22 stsp * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 2178c42e 2018-04-22 stsp #include <sys/types.h>
18 2178c42e 2018-04-22 stsp #include <sys/queue.h>
19 2178c42e 2018-04-22 stsp #include <sys/uio.h>
21 2178c42e 2018-04-22 stsp #include <stdio.h>
22 2178c42e 2018-04-22 stsp #include <stdlib.h>
23 2178c42e 2018-04-22 stsp #include <string.h>
24 2178c42e 2018-04-22 stsp #include <errno.h>
25 2178c42e 2018-04-22 stsp #include <stdint.h>
26 2178c42e 2018-04-22 stsp #include <poll.h>
27 2178c42e 2018-04-22 stsp #include <imsg.h>
28 2178c42e 2018-04-22 stsp #include <sha1.h>
29 2178c42e 2018-04-22 stsp #include <zlib.h>
31 2178c42e 2018-04-22 stsp #include "got_object.h"
32 2178c42e 2018-04-22 stsp #include "got_error.h"
34 2178c42e 2018-04-22 stsp #include "got_lib_sha1.h"
35 2178c42e 2018-04-22 stsp #include "got_lib_delta.h"
36 2178c42e 2018-04-22 stsp #include "got_lib_zbuf.h"
37 2178c42e 2018-04-22 stsp #include "got_lib_object.h"
38 2178c42e 2018-04-22 stsp #include "got_lib_privsep.h"
41 2178c42e 2018-04-22 stsp #define MIN(_a,_b) ((_a) < (_b) ? (_a) : (_b))
44 2178c42e 2018-04-22 stsp static const struct got_error *
45 2178c42e 2018-04-22 stsp poll_fd(int fd, int events, int timeout)
47 2178c42e 2018-04-22 stsp struct pollfd pfd[1];
50 2178c42e 2018-04-22 stsp pfd[0].fd = fd;
51 2178c42e 2018-04-22 stsp pfd[0].events = events;
53 2178c42e 2018-04-22 stsp n = poll(pfd, 1, timeout);
54 2178c42e 2018-04-22 stsp if (n == -1)
55 2178c42e 2018-04-22 stsp return got_error_from_errno();
57 2178c42e 2018-04-22 stsp return got_error(GOT_ERR_TIMEOUT);
58 2178c42e 2018-04-22 stsp if (pfd[0].revents & (POLLERR | POLLNVAL))
59 2178c42e 2018-04-22 stsp return got_error_from_errno();
60 2178c42e 2018-04-22 stsp if (pfd[0].revents & (events | POLLHUP))
61 2178c42e 2018-04-22 stsp return NULL;
63 2178c42e 2018-04-22 stsp return got_error(GOT_ERR_INTERRUPT);
66 c4eae628 2018-04-23 stsp static const struct got_error *
67 fe36cf76 2018-04-23 stsp recv_one_imsg(struct imsg *imsg, struct imsgbuf *ibuf, size_t min_datalen)
69 fe36cf76 2018-04-23 stsp const struct got_error *err;
70 fe36cf76 2018-04-23 stsp ssize_t n, m;
72 fe36cf76 2018-04-23 stsp err = poll_fd(ibuf->fd, POLLIN, INFTIM);
76 fe36cf76 2018-04-23 stsp n = imsg_read(ibuf);
77 fe36cf76 2018-04-23 stsp if (n == -1) {
78 fe36cf76 2018-04-23 stsp if (errno == EAGAIN) /* Could be a file-descriptor leak. */
79 fe36cf76 2018-04-23 stsp return got_error(GOT_ERR_PRIVSEP_NO_FD);
80 fe36cf76 2018-04-23 stsp return got_error(GOT_ERR_PRIVSEP_READ);
83 fe36cf76 2018-04-23 stsp return got_error(GOT_ERR_PRIVSEP_PIPE);
85 fe36cf76 2018-04-23 stsp m = imsg_get(ibuf, imsg);
87 fe36cf76 2018-04-23 stsp return got_error(GOT_ERR_PRIVSEP_READ);
89 fe36cf76 2018-04-23 stsp if (imsg->hdr.len < IMSG_HEADER_SIZE + min_datalen)
90 fe36cf76 2018-04-23 stsp return got_error(GOT_ERR_PRIVSEP_LEN);
92 fe36cf76 2018-04-23 stsp return NULL;
95 fe36cf76 2018-04-23 stsp static const struct got_error *
96 c4eae628 2018-04-23 stsp recv_imsg_error(struct imsg *imsg, size_t datalen)
98 c4eae628 2018-04-23 stsp struct got_imsg_error ierr;
100 c4eae628 2018-04-23 stsp if (datalen != sizeof(ierr))
101 c4eae628 2018-04-23 stsp return got_error(GOT_ERR_PRIVSEP_LEN);
103 c4eae628 2018-04-23 stsp memcpy(&ierr, imsg->data, sizeof(ierr));
104 c4eae628 2018-04-23 stsp if (ierr.code == GOT_ERR_ERRNO) {
105 c4eae628 2018-04-23 stsp static struct got_error serr;
106 c4eae628 2018-04-23 stsp serr.code = GOT_ERR_ERRNO;
107 c4eae628 2018-04-23 stsp serr.msg = strerror(ierr.errno_code);
108 c4eae628 2018-04-23 stsp return &serr;
111 c4eae628 2018-04-23 stsp return got_error(ierr.code);
114 2178c42e 2018-04-22 stsp /* Attempt to send an error in an imsg. Complain on stderr as a last resort. */
116 2178c42e 2018-04-22 stsp got_privsep_send_error(struct imsgbuf *ibuf, const struct got_error *err)
118 2178c42e 2018-04-22 stsp const struct got_error *poll_err;
119 2178c42e 2018-04-22 stsp struct got_imsg_error ierr;
122 2178c42e 2018-04-22 stsp ierr.code = err->code;
123 2178c42e 2018-04-22 stsp if (err->code == GOT_ERR_ERRNO)
124 2178c42e 2018-04-22 stsp ierr.errno_code = errno;
126 2178c42e 2018-04-22 stsp ierr.errno_code = 0;
127 2178c42e 2018-04-22 stsp ret = imsg_compose(ibuf, GOT_IMSG_ERROR, 0, 0, -1, &ierr, sizeof(ierr));
128 2178c42e 2018-04-22 stsp if (ret != -1) {
129 2178c42e 2018-04-22 stsp fprintf(stderr, "%s: error %d \"%s\": imsg_compose: %s\n",
130 2178c42e 2018-04-22 stsp getprogname(), err->code, err->msg, strerror(errno));
134 2178c42e 2018-04-22 stsp poll_err = poll_fd(ibuf->fd, POLLOUT, INFTIM);
135 5d43e84d 2018-04-23 stsp if (poll_err) {
136 2178c42e 2018-04-22 stsp fprintf(stderr, "%s: error %d \"%s\": poll: %s\n",
137 2178c42e 2018-04-22 stsp getprogname(), err->code, err->msg, poll_err->msg);
141 2178c42e 2018-04-22 stsp ret = imsg_flush(ibuf);
142 5d43e84d 2018-04-23 stsp if (ret == -1) {
143 2178c42e 2018-04-22 stsp fprintf(stderr, "%s: error %d \"%s\": imsg_flush: %s\n",
144 2178c42e 2018-04-22 stsp getprogname(), err->code, err->msg, strerror(errno));
149 2178c42e 2018-04-22 stsp const struct got_error *
150 2178c42e 2018-04-22 stsp got_privsep_send_obj(struct imsgbuf *ibuf, struct got_object *obj, int ndeltas)
152 2178c42e 2018-04-22 stsp const struct got_error *err = NULL;
153 2178c42e 2018-04-22 stsp struct got_imsg_object iobj;
155 2178c42e 2018-04-22 stsp iobj.type = obj->type;
156 2178c42e 2018-04-22 stsp iobj.flags = obj->flags;
157 2178c42e 2018-04-22 stsp iobj.hdrlen = obj->hdrlen;
158 2178c42e 2018-04-22 stsp iobj.size = obj->size;
159 2178c42e 2018-04-22 stsp iobj.ndeltas = ndeltas;
161 2178c42e 2018-04-22 stsp if (ndeltas > 0) {
162 2178c42e 2018-04-22 stsp /* TODO: Handle deltas */
165 2178c42e 2018-04-22 stsp if (imsg_compose(ibuf, GOT_IMSG_OBJECT, 0, 0, -1, &iobj, sizeof(iobj))
167 2178c42e 2018-04-22 stsp return got_error_from_errno();
169 2178c42e 2018-04-22 stsp err = poll_fd(ibuf->fd, POLLOUT, INFTIM);
171 2178c42e 2018-04-22 stsp return err;
173 2178c42e 2018-04-22 stsp if (imsg_flush(ibuf) == -1)
174 2178c42e 2018-04-22 stsp return got_error_from_errno();
176 2178c42e 2018-04-22 stsp return NULL;
179 2178c42e 2018-04-22 stsp const struct got_error *
180 2178c42e 2018-04-22 stsp got_privsep_recv_obj(struct got_object **obj, struct imsgbuf *ibuf)
182 2178c42e 2018-04-22 stsp const struct got_error *err = NULL;
183 2178c42e 2018-04-22 stsp struct imsg imsg;
184 2178c42e 2018-04-22 stsp struct got_imsg_object iobj;
185 2178c42e 2018-04-22 stsp size_t datalen;
187 c4eae628 2018-04-23 stsp const size_t min_datalen =
188 c4eae628 2018-04-23 stsp MIN(sizeof(struct got_imsg_error), sizeof(struct got_imsg_object));
190 2178c42e 2018-04-22 stsp *obj = NULL;
192 fe36cf76 2018-04-23 stsp err = recv_one_imsg(&imsg, ibuf, min_datalen);
194 2178c42e 2018-04-22 stsp return err;
196 2178c42e 2018-04-22 stsp datalen = imsg.hdr.len - IMSG_HEADER_SIZE;
198 2178c42e 2018-04-22 stsp switch (imsg.hdr.type) {
199 2178c42e 2018-04-22 stsp case GOT_IMSG_ERROR:
200 c4eae628 2018-04-23 stsp err = recv_imsg_error(&imsg, datalen);
202 2178c42e 2018-04-22 stsp case GOT_IMSG_OBJECT:
203 2178c42e 2018-04-22 stsp if (datalen != sizeof(iobj)) {
204 2178c42e 2018-04-22 stsp err = got_error(GOT_ERR_PRIVSEP_LEN);
208 2178c42e 2018-04-22 stsp memcpy(&iobj, imsg.data, sizeof(iobj));
209 2178c42e 2018-04-22 stsp if (iobj.ndeltas < 0 ||
210 2178c42e 2018-04-22 stsp iobj.ndeltas > GOT_DELTA_CHAIN_RECURSION_MAX) {
211 2178c42e 2018-04-22 stsp err = got_error(GOT_ERR_PRIVSEP_LEN);
215 2178c42e 2018-04-22 stsp *obj = calloc(1, sizeof(**obj));
216 2178c42e 2018-04-22 stsp if (*obj == NULL) {
217 2178c42e 2018-04-22 stsp err = got_error_from_errno();
221 2178c42e 2018-04-22 stsp (*obj)->type = iobj.type;
222 2178c42e 2018-04-22 stsp (*obj)->hdrlen = iobj.hdrlen;
223 2178c42e 2018-04-22 stsp (*obj)->size = iobj.size;
224 2178c42e 2018-04-22 stsp for (i = 0; i < iobj.ndeltas; i++) {
225 2178c42e 2018-04-22 stsp /* TODO: Handle deltas */
229 8c580685 2018-04-22 stsp err = got_error(GOT_ERR_PRIVSEP_MSG);
233 2178c42e 2018-04-22 stsp imsg_free(&imsg);
235 2178c42e 2018-04-22 stsp return err;