2 5dcb3a43 2023-04-01 thomas * Copyright (c) 2023 Stefan Sperling <stsp@openbsd.org>
4 5dcb3a43 2023-04-01 thomas * Permission to use, copy, modify, and distribute this software for any
5 5dcb3a43 2023-04-01 thomas * purpose with or without fee is hereby granted, provided that the above
6 5dcb3a43 2023-04-01 thomas * copyright notice and this permission notice appear in all copies.
8 5dcb3a43 2023-04-01 thomas * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 5dcb3a43 2023-04-01 thomas * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 5dcb3a43 2023-04-01 thomas * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 5dcb3a43 2023-04-01 thomas * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 5dcb3a43 2023-04-01 thomas * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 5dcb3a43 2023-04-01 thomas * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 5dcb3a43 2023-04-01 thomas * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 5dcb3a43 2023-04-01 thomas * Resolve path namespace conflicts for git-upload-pack and git-receive-pack.
21 5dcb3a43 2023-04-01 thomas #include <sys/queue.h>
22 5dcb3a43 2023-04-01 thomas #include <sys/types.h>
23 5dcb3a43 2023-04-01 thomas #include <sys/uio.h>
24 5dcb3a43 2023-04-01 thomas #include <sys/wait.h>
26 5dcb3a43 2023-04-01 thomas #include <err.h>
27 5dcb3a43 2023-04-01 thomas #include <errno.h>
28 5dcb3a43 2023-04-01 thomas #include <event.h>
29 5dcb3a43 2023-04-01 thomas #include <imsg.h>
30 5dcb3a43 2023-04-01 thomas #include <limits.h>
31 5dcb3a43 2023-04-01 thomas #include <stdio.h>
32 5dcb3a43 2023-04-01 thomas #include <stdlib.h>
33 5dcb3a43 2023-04-01 thomas #include <string.h>
34 5dcb3a43 2023-04-01 thomas #include <sha1.h>
35 5dcb3a43 2023-04-01 thomas #include <sha2.h>
36 5dcb3a43 2023-04-01 thomas #include <syslog.h>
37 5dcb3a43 2023-04-01 thomas #include <util.h>
38 5dcb3a43 2023-04-01 thomas #include <unistd.h>
40 5dcb3a43 2023-04-01 thomas #include "got_error.h"
41 5dcb3a43 2023-04-01 thomas #include "got_path.h"
42 5dcb3a43 2023-04-01 thomas #include "got_serve.h"
44 5dcb3a43 2023-04-01 thomas #include "gotd.h"
45 5dcb3a43 2023-04-01 thomas #include "log.h"
47 5dcb3a43 2023-04-01 thomas #ifndef GITWRAPPER_GIT_LIBEXEC_DIR
48 5dcb3a43 2023-04-01 thomas #define GITWRAPPER_GIT_LIBEXEC_DIR "/usr/local/libexec/git"
51 5dcb3a43 2023-04-01 thomas #ifndef GITWRAPPER_MY_SERVER_PROG
52 5dcb3a43 2023-04-01 thomas #define GITWRAPPER_MY_SERVER_PROG "gotsh"
56 5dcb3a43 2023-04-01 thomas __dead static void
57 5dcb3a43 2023-04-01 thomas usage(void)
59 5dcb3a43 2023-04-01 thomas fprintf(stderr, "usage: %s -c '%s|%s repository-path'\n",
60 5dcb3a43 2023-04-01 thomas getprogname(), GOT_SERVE_CMD_SEND, GOT_SERVE_CMD_FETCH);
65 5dcb3a43 2023-04-01 thomas * Unveil the specific programs we want to start and hide everything else.
66 5dcb3a43 2023-04-01 thomas * This is important to limit the impact of our "exec" pledge.
68 5dcb3a43 2023-04-01 thomas static const struct got_error *
69 5dcb3a43 2023-04-01 thomas apply_unveil(const char *myserver)
71 5dcb3a43 2023-04-01 thomas const char *fetchcmd = GITWRAPPER_GIT_LIBEXEC_DIR "/" \
72 5dcb3a43 2023-04-01 thomas GOT_SERVE_CMD_FETCH;
73 5dcb3a43 2023-04-01 thomas const char *sendcmd = GITWRAPPER_GIT_LIBEXEC_DIR "/" \
74 5dcb3a43 2023-04-01 thomas GOT_SERVE_CMD_SEND;
76 5dcb3a43 2023-04-01 thomas #ifdef PROFILE
77 5dcb3a43 2023-04-01 thomas if (unveil("gmon.out", "rwc") != 0)
78 5dcb3a43 2023-04-01 thomas return got_error_from_errno2("unveil", "gmon.out");
80 5dcb3a43 2023-04-01 thomas if (unveil(fetchcmd, "x") != 0)
81 5dcb3a43 2023-04-01 thomas return got_error_from_errno2("unveil", fetchcmd);
83 5dcb3a43 2023-04-01 thomas if (unveil(sendcmd, "x") != 0)
84 5dcb3a43 2023-04-01 thomas return got_error_from_errno2("unveil", sendcmd);
86 5dcb3a43 2023-04-01 thomas if (myserver && unveil(myserver, "x") != 0)
87 5dcb3a43 2023-04-01 thomas return got_error_from_errno2("unveil", myserver);
89 5dcb3a43 2023-04-01 thomas if (unveil(NULL, NULL) != 0)
90 5dcb3a43 2023-04-01 thomas return got_error_from_errno("unveil");
92 5dcb3a43 2023-04-01 thomas return NULL;
96 5dcb3a43 2023-04-01 thomas main(int argc, char *argv[])
98 5dcb3a43 2023-04-01 thomas const struct got_error *error;
99 5dcb3a43 2023-04-01 thomas const char *confpath = NULL;
100 5dcb3a43 2023-04-01 thomas char *command = NULL, *repo_name = NULL; /* for matching gotd.conf */
101 5dcb3a43 2023-04-01 thomas char *myserver = NULL;
102 5dcb3a43 2023-04-01 thomas const char *repo_path = NULL; /* as passed on the command line */
103 5dcb3a43 2023-04-01 thomas const char *relpath;
104 5dcb3a43 2023-04-01 thomas char *gitcommand = NULL;
105 5dcb3a43 2023-04-01 thomas struct gotd gotd;
106 5dcb3a43 2023-04-01 thomas struct gotd_repo *repo = NULL;
107 5dcb3a43 2023-04-01 thomas pid_t pid;
108 5dcb3a43 2023-04-01 thomas int st = -1;
110 5dcb3a43 2023-04-01 thomas log_init(1, LOG_USER); /* Log to stderr. */
112 5dcb3a43 2023-04-01 thomas #ifndef PROFILE
113 5dcb3a43 2023-04-01 thomas if (pledge("stdio rpath proc exec unveil", NULL) == -1)
114 5dcb3a43 2023-04-01 thomas err(1, "pledge");
118 5dcb3a43 2023-04-01 thomas * Look up our own server program in PATH so we can unveil(2) it.
119 5dcb3a43 2023-04-01 thomas * This call only errors out upon memory allocation failure.
120 5dcb3a43 2023-04-01 thomas * If the program cannot be found then myserver will be set to NULL.
122 5dcb3a43 2023-04-01 thomas error = got_path_find_prog(&myserver, GITWRAPPER_MY_SERVER_PROG);
123 5dcb3a43 2023-04-01 thomas if (error)
124 5dcb3a43 2023-04-01 thomas goto done;
127 5dcb3a43 2023-04-01 thomas * Run parse_config() before unveil(2) because parse_config()
128 5dcb3a43 2023-04-01 thomas * checks whether repository paths exist on disk.
129 5dcb3a43 2023-04-01 thomas * Parsing errors and warnings will be logged to stderr.
130 5dcb3a43 2023-04-01 thomas * Upon failure we will run Git's native tooling so do not
131 5dcb3a43 2023-04-01 thomas * bother checking for errors here.
133 5dcb3a43 2023-04-01 thomas confpath = getenv("GOTD_CONF_PATH");
134 5dcb3a43 2023-04-01 thomas if (confpath == NULL)
135 5dcb3a43 2023-04-01 thomas confpath = GOTD_CONF_PATH;
136 5dcb3a43 2023-04-01 thomas parse_config(confpath, PROC_GOTD, &gotd);
138 5dcb3a43 2023-04-01 thomas error = apply_unveil(myserver);
139 5dcb3a43 2023-04-01 thomas if (error)
140 5dcb3a43 2023-04-01 thomas goto done;
142 5dcb3a43 2023-04-01 thomas #ifndef PROFILE
143 5dcb3a43 2023-04-01 thomas if (pledge("stdio proc exec", NULL) == -1)
144 5dcb3a43 2023-04-01 thomas err(1, "pledge");
147 5dcb3a43 2023-04-01 thomas if (strcmp(getprogname(), GOT_SERVE_CMD_SEND) == 0 ||
148 5dcb3a43 2023-04-01 thomas strcmp(getprogname(), GOT_SERVE_CMD_FETCH) == 0) {
149 5dcb3a43 2023-04-01 thomas if (argc != 2)
151 5dcb3a43 2023-04-01 thomas command = strdup(getprogname());
152 5dcb3a43 2023-04-01 thomas if (command == NULL) {
153 5dcb3a43 2023-04-01 thomas error = got_error_from_errno("strdup");
154 5dcb3a43 2023-04-01 thomas goto done;
156 5dcb3a43 2023-04-01 thomas repo_path = argv[1];
157 5dcb3a43 2023-04-01 thomas relpath = argv[1];
158 5dcb3a43 2023-04-01 thomas while (relpath[0] == '/')
159 5dcb3a43 2023-04-01 thomas relpath++;
160 5dcb3a43 2023-04-01 thomas repo_name = strdup(relpath);
161 5dcb3a43 2023-04-01 thomas if (repo_name == NULL) {
162 5dcb3a43 2023-04-01 thomas error = got_error_from_errno("strdup");
163 5dcb3a43 2023-04-01 thomas goto done;
166 5dcb3a43 2023-04-01 thomas if (argc != 3 || strcmp(argv[1], "-c") != 0)
168 5dcb3a43 2023-04-01 thomas repo_path = argv[2];
169 5dcb3a43 2023-04-01 thomas error = got_serve_parse_command(&command, &repo_name,
170 5dcb3a43 2023-04-01 thomas repo_path);
171 5dcb3a43 2023-04-01 thomas if (error && error->code == GOT_ERR_BAD_PACKET)
173 5dcb3a43 2023-04-01 thomas if (error)
174 5dcb3a43 2023-04-01 thomas goto done;
177 5dcb3a43 2023-04-01 thomas repo = gotd_find_repo_by_name(repo_name, &gotd);
180 5dcb3a43 2023-04-01 thomas * Invoke our custom Git server if it was found in PATH and
181 5dcb3a43 2023-04-01 thomas * if the repository was found in gotd.conf.
182 5dcb3a43 2023-04-01 thomas * Otherwise invoke native git(1) tooling.
184 5dcb3a43 2023-04-01 thomas switch (pid = fork()) {
186 5dcb3a43 2023-04-01 thomas goto done;
188 5dcb3a43 2023-04-01 thomas if (repo && myserver) {
189 5dcb3a43 2023-04-01 thomas if (execl(myserver, command, repo_name,
190 5dcb3a43 2023-04-01 thomas (char *)NULL) == -1) {
191 5dcb3a43 2023-04-01 thomas error = got_error_from_errno2("execl",
192 5dcb3a43 2023-04-01 thomas myserver);
193 5dcb3a43 2023-04-01 thomas goto done;
196 5dcb3a43 2023-04-01 thomas if (asprintf(&gitcommand, "%s/%s",
197 5dcb3a43 2023-04-01 thomas GITWRAPPER_GIT_LIBEXEC_DIR, command) == -1) {
198 5dcb3a43 2023-04-01 thomas error = got_error_from_errno("asprintf");
199 5dcb3a43 2023-04-01 thomas goto done;
201 5dcb3a43 2023-04-01 thomas if (execl(gitcommand, gitcommand, repo_path,
202 5dcb3a43 2023-04-01 thomas (char *)NULL) == -1) {
203 5dcb3a43 2023-04-01 thomas error = got_error_from_errno2("execl",
204 5dcb3a43 2023-04-01 thomas gitcommand);
205 5dcb3a43 2023-04-01 thomas goto done;
208 5dcb3a43 2023-04-01 thomas _exit(127);
211 5dcb3a43 2023-04-01 thomas while (waitpid(pid, &st, 0) == -1) {
212 5dcb3a43 2023-04-01 thomas if (errno != EINTR)
216 5dcb3a43 2023-04-01 thomas free(command);
217 5dcb3a43 2023-04-01 thomas free(repo_name);
218 5dcb3a43 2023-04-01 thomas free(myserver);
219 5dcb3a43 2023-04-01 thomas free(gitcommand);
220 5dcb3a43 2023-04-01 thomas if (error) {
221 5dcb3a43 2023-04-01 thomas fprintf(stderr, "%s: %s\n", getprogname(), error->msg);
222 5dcb3a43 2023-04-01 thomas return 1;
225 5dcb3a43 2023-04-01 thomas return 0;