2 * Copyright (c) 2019 Ori Bernstein <ori@openbsd.org>
3 * Copyright (c) 2021 Stefan Sperling <stsp@openbsd.org>
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 #include <sys/types.h>
19 #include <sys/queue.h>
37 #include "got_error.h"
38 #include "got_object.h"
40 #include "got_version.h"
41 #include "got_fetch.h"
42 #include "got_reference.h"
44 #include "got_lib_sha1.h"
45 #include "got_lib_delta.h"
46 #include "got_lib_object.h"
47 #include "got_lib_object_parse.h"
48 #include "got_lib_privsep.h"
49 #include "got_lib_pack.h"
50 #include "got_lib_pkt.h"
51 #include "got_lib_gitproto.h"
52 #include "got_lib_ratelimit.h"
55 #define nitems(_a) (sizeof((_a)) / sizeof((_a)[0]))
58 struct got_object *indexed;
61 static const struct got_capability got_capabilities[] = {
62 { GOT_CAPA_AGENT, "got/" GOT_VERSION_STR },
63 { GOT_CAPA_OFS_DELTA, NULL },
65 { GOT_CAPA_SIDE_BAND_64K, NULL },
67 { GOT_CAPA_REPORT_STATUS, NULL },
68 { GOT_CAPA_DELETE_REFS, NULL },
71 static const struct got_error *
72 send_upload_progress(struct imsgbuf *ibuf, off_t bytes,
73 struct got_ratelimit *rl)
75 const struct got_error *err = NULL;
79 err = got_ratelimit_check(&elapsed, rl);
84 if (imsg_compose(ibuf, GOT_IMSG_SEND_UPLOAD_PROGRESS, 0, 0, -1,
85 &bytes, sizeof(bytes)) == -1)
86 return got_error_from_errno(
87 "imsg_compose SEND_UPLOAD_PROGRESS");
89 return got_privsep_flush_imsg(ibuf);
92 static const struct got_error *
93 send_pack_request(struct imsgbuf *ibuf)
95 if (imsg_compose(ibuf, GOT_IMSG_SEND_PACK_REQUEST, 0, 0, -1,
97 return got_error_from_errno("imsg_compose SEND_PACK_REQUEST");
98 return got_privsep_flush_imsg(ibuf);
101 static const struct got_error *
102 send_done(struct imsgbuf *ibuf)
104 if (imsg_compose(ibuf, GOT_IMSG_SEND_DONE, 0, 0, -1, NULL, 0) == -1)
105 return got_error_from_errno("imsg_compose SEND_DONE");
106 return got_privsep_flush_imsg(ibuf);
109 static const struct got_error *
110 recv_packfd(int *packfd, struct imsgbuf *ibuf)
112 const struct got_error *err;
117 err = got_privsep_recv_imsg(&imsg, ibuf, 0);
121 if (imsg.hdr.type == GOT_IMSG_STOP) {
122 err = got_error(GOT_ERR_CANCELLED);
126 if (imsg.hdr.type != GOT_IMSG_SEND_PACKFD) {
127 err = got_error(GOT_ERR_PRIVSEP_MSG);
131 if (imsg.hdr.len - IMSG_HEADER_SIZE != 0) {
132 err = got_error(GOT_ERR_PRIVSEP_LEN);
142 static const struct got_error *
143 send_pack_file(int sendfd, int packfd, struct imsgbuf *ibuf)
145 const struct got_error *err;
146 unsigned char buf[8192];
149 struct got_ratelimit rl;
151 if (lseek(packfd, 0L, SEEK_SET) == -1)
152 return got_error_from_errno("lseek");
154 got_ratelimit_init(&rl, 0, 500);
157 r = read(packfd, buf, sizeof(buf));
159 return got_error_from_errno("read");
162 w = write(sendfd, buf, r);
164 return got_error_from_errno("write");
166 return got_error(GOT_ERR_IO);
168 err = send_upload_progress(ibuf, wtotal, &rl);
173 return send_upload_progress(ibuf, wtotal, NULL);
176 static const struct got_error *
177 send_error(const char *buf, size_t len)
179 static char msg[1024];
182 for (i = 0; i < len && i < sizeof(msg) - 1; i++) {
183 if (!isprint(buf[i]))
184 return got_error_msg(GOT_ERR_BAD_PACKET,
185 "non-printable error message received from server");
189 return got_error_msg(GOT_ERR_SEND_FAILED, msg);
192 static const struct got_error *
193 send_their_ref(struct imsgbuf *ibuf, struct got_object_id *refid,
197 size_t len, reflen = strlen(refname);
199 len = sizeof(struct got_imsg_send_remote_ref) + reflen;
200 if (len >= MAX_IMSGSIZE - IMSG_HEADER_SIZE)
201 return got_error(GOT_ERR_NO_SPACE);
203 wbuf = imsg_create(ibuf, GOT_IMSG_SEND_REMOTE_REF, 0, 0, len);
205 return got_error_from_errno("imsg_create SEND_REMOTE_REF");
207 /* Keep in sync with struct got_imsg_send_remote_ref definition! */
208 if (imsg_add(wbuf, refid->sha1, SHA1_DIGEST_LENGTH) == -1)
209 return got_error_from_errno("imsg_add SEND_REMOTE_REF");
210 if (imsg_add(wbuf, &reflen, sizeof(reflen)) == -1)
211 return got_error_from_errno("imsg_add SEND_REMOTE_REF");
212 if (imsg_add(wbuf, refname, reflen) == -1)
213 return got_error_from_errno("imsg_add SEND_REMOTE_REF");
216 imsg_close(ibuf, wbuf);
217 return got_privsep_flush_imsg(ibuf);
220 static const struct got_error *
221 send_ref_status(struct imsgbuf *ibuf, const char *refname, int success,
222 struct got_pathlist_head *refs, struct got_pathlist_head *delete_refs)
225 size_t len, reflen = strlen(refname);
226 struct got_pathlist_entry *pe;
230 eol = strchr(refname, '\n');
232 return got_error_msg(GOT_ERR_BAD_PACKET,
233 "unexpected message from server");
237 TAILQ_FOREACH(pe, refs, entry) {
238 if (strcmp(refname, pe->path) == 0) {
244 TAILQ_FOREACH(pe, delete_refs, entry) {
245 if (strcmp(refname, pe->path) == 0) {
252 return got_error_msg(GOT_ERR_BAD_PACKET,
253 "unexpected message from server");
256 len = sizeof(struct got_imsg_send_ref_status) + reflen;
257 if (len >= MAX_IMSGSIZE - IMSG_HEADER_SIZE)
258 return got_error(GOT_ERR_NO_SPACE);
260 wbuf = imsg_create(ibuf, GOT_IMSG_SEND_REF_STATUS,
263 return got_error_from_errno("imsg_create SEND_REF_STATUS");
265 /* Keep in sync with struct got_imsg_send_ref_status definition! */
266 if (imsg_add(wbuf, &success, sizeof(success)) == -1)
267 return got_error_from_errno("imsg_add SEND_REF_STATUS");
268 if (imsg_add(wbuf, &reflen, sizeof(reflen)) == -1)
269 return got_error_from_errno("imsg_add SEND_REF_STATUS");
270 if (imsg_add(wbuf, refname, reflen) == -1)
271 return got_error_from_errno("imsg_add SEND_REF_STATUS");
274 imsg_close(ibuf, wbuf);
275 return got_privsep_flush_imsg(ibuf);
278 static const struct got_error *
279 describe_refchange(int *n, int *sent_my_capabilites,
280 const char *my_capabilities, char *buf, size_t bufsize,
281 const char *refname, const char *old_hashstr, const char *new_hashstr)
283 *n = snprintf(buf, bufsize, "%s %s %s",
284 old_hashstr, new_hashstr, refname);
285 if (*n < 0 || (size_t)*n >= bufsize)
286 return got_error(GOT_ERR_NO_SPACE);
289 * We must announce our capabilities along with the first
290 * reference. Unfortunately, the protocol requires an embedded
291 * NUL as a separator between reference name and capabilities,
292 * which we have to deal with here.
293 * It also requires a linefeed for terminating packet data.
295 if (!*sent_my_capabilites && my_capabilities != NULL) {
297 if (*n >= bufsize - 1)
298 return got_error(GOT_ERR_NO_SPACE);
299 m = snprintf(buf + *n + 1, /* offset after '\0' */
300 bufsize - (*n + 1), "%s\n", my_capabilities);
301 if (m < 0 || *n + m >= bufsize)
302 return got_error(GOT_ERR_NO_SPACE);
304 *sent_my_capabilites = 1;
306 *n = strlcat(buf, "\n", bufsize);
308 return got_error(GOT_ERR_NO_SPACE);
314 static const struct got_error *
315 send_pack(int fd, struct got_pathlist_head *refs,
316 struct got_pathlist_head *delete_refs, struct imsgbuf *ibuf)
318 const struct got_error *err = NULL;
319 char buf[GOT_PKT_MAX];
320 const unsigned char zero_id[SHA1_DIGEST_LENGTH] = { 0 };
321 char old_hashstr[SHA1_DIGEST_STRING_LENGTH];
322 char new_hashstr[SHA1_DIGEST_STRING_LENGTH];
323 struct got_pathlist_head their_refs;
327 char *id_str = NULL, *refname = NULL;
328 struct got_object_id *id = NULL;
329 char *server_capabilities = NULL, *my_capabilities = NULL;
330 struct got_pathlist_entry *pe;
331 int sent_my_capabilites = 0;
333 TAILQ_INIT(&their_refs);
335 if (TAILQ_EMPTY(refs) && TAILQ_EMPTY(delete_refs))
336 return got_error(GOT_ERR_SEND_EMPTY);
339 err = got_pkt_readpkt(&n, fd, buf, sizeof(buf), chattygot);
344 if (n >= 4 && strncmp(buf, "ERR ", 4) == 0) {
345 err = send_error(&buf[4], n - 4);
350 err = got_gitproto_parse_refline(&id_str, &refname,
351 &server_capabilities, buf, n);
355 if (chattygot && server_capabilities[0] != '\0')
356 fprintf(stderr, "%s: server capabilities: %s\n",
357 getprogname(), server_capabilities);
358 err = got_gitproto_match_capabilities(&my_capabilities,
359 NULL, server_capabilities, got_capabilities,
360 nitems(got_capabilities));
364 fprintf(stderr, "%s: my capabilities:%s\n",
365 getprogname(), my_capabilities);
368 if (strstr(refname, "^{}")) {
370 fprintf(stderr, "%s: ignoring %s\n",
371 getprogname(), refname);
376 id = malloc(sizeof(*id));
378 err = got_error_from_errno("malloc");
381 if (!got_parse_sha1_digest(id->sha1, id_str)) {
382 err = got_error(GOT_ERR_BAD_OBJ_ID_STR);
385 err = send_their_ref(ibuf, id, refname);
389 err = got_pathlist_append(&their_refs, refname, id);
394 fprintf(stderr, "%s: remote has %s %s\n",
395 getprogname(), refname, id_str);
398 refname = NULL; /* do not free; owned by their_refs */
399 id = NULL; /* do not free; owned by their_refs */
402 if (!TAILQ_EMPTY(delete_refs)) {
403 if (my_capabilities == NULL ||
404 strstr(my_capabilities, GOT_CAPA_DELETE_REFS) == NULL) {
405 err = got_error(GOT_ERR_CAPA_DELETE_REFS);
410 TAILQ_FOREACH(pe, delete_refs, entry) {
411 const char *refname = pe->path;
412 struct got_pathlist_entry *their_pe;
413 struct got_object_id *their_id = NULL;
415 TAILQ_FOREACH(their_pe, &their_refs, entry) {
416 const char *their_refname = their_pe->path;
417 if (got_path_cmp(refname, their_refname,
418 strlen(refname), strlen(their_refname)) == 0) {
419 their_id = their_pe->data;
423 if (their_id == NULL) {
424 err = got_error_fmt(GOT_ERR_NOT_REF,
425 "%s does not exist in remote repository",
430 got_sha1_digest_to_str(their_id->sha1, old_hashstr,
431 sizeof(old_hashstr));
432 got_sha1_digest_to_str(zero_id, new_hashstr,
433 sizeof(new_hashstr));
434 err = describe_refchange(&n, &sent_my_capabilites,
435 my_capabilities, buf, sizeof(buf), refname,
436 old_hashstr, new_hashstr);
439 err = got_pkt_writepkt(fd, buf, n, chattygot);
443 fprintf(stderr, "%s: deleting %s %s\n",
444 getprogname(), refname, old_hashstr);
449 TAILQ_FOREACH(pe, refs, entry) {
450 const char *refname = pe->path;
451 struct got_object_id *id = pe->data;
452 struct got_object_id *their_id = NULL;
453 struct got_pathlist_entry *their_pe;
455 TAILQ_FOREACH(their_pe, &their_refs, entry) {
456 const char *their_refname = their_pe->path;
457 if (got_path_cmp(refname, their_refname,
458 strlen(refname), strlen(their_refname)) == 0) {
459 their_id = their_pe->data;
464 if (got_object_id_cmp(id, their_id) == 0) {
467 "%s: no change for %s\n",
468 getprogname(), refname);
472 got_sha1_digest_to_str(their_id->sha1, old_hashstr,
473 sizeof(old_hashstr));
475 got_sha1_digest_to_str(zero_id, old_hashstr,
476 sizeof(old_hashstr));
478 got_sha1_digest_to_str(id->sha1, new_hashstr,
479 sizeof(new_hashstr));
480 err = describe_refchange(&n, &sent_my_capabilites,
481 my_capabilities, buf, sizeof(buf), refname,
482 old_hashstr, new_hashstr);
485 err = got_pkt_writepkt(fd, buf, n, chattygot);
490 fprintf(stderr, "%s: updating %s %s -> %s\n",
491 getprogname(), refname, old_hashstr,
494 fprintf(stderr, "%s: creating %s %s\n",
495 getprogname(), refname, new_hashstr);
500 err = got_pkt_flushpkt(fd, chattygot);
504 err = send_pack_request(ibuf);
508 err = recv_packfd(&packfd, ibuf);
513 err = send_pack_file(fd, packfd, ibuf);
518 err = got_pkt_readpkt(&n, fd, buf, sizeof(buf), chattygot);
521 if (n >= 4 && strncmp(buf, "ERR ", 4) == 0) {
522 err = send_error(&buf[4], n - 4);
524 } else if (n < 10 || strncmp(buf, "unpack ok\n", 10) != 0) {
525 err = got_error_msg(GOT_ERR_BAD_PACKET,
526 "unexpected message from server");
531 err = got_pkt_readpkt(&n, fd, buf, sizeof(buf), chattygot);
535 err = got_error_msg(GOT_ERR_BAD_PACKET,
536 "unexpected message from server");
538 } else if (strncmp(buf, "ok ", 3) == 0) {
539 err = send_ref_status(ibuf, buf + 3, 1,
543 } else if (strncmp(buf, "ng ", 3) == 0) {
544 err = send_ref_status(ibuf, buf + 3, 0,
549 err = got_error_msg(GOT_ERR_BAD_PACKET,
550 "unexpected message from server");
556 err = send_done(ibuf);
558 TAILQ_FOREACH(pe, &their_refs, entry) {
559 free((void *)pe->path);
562 got_pathlist_free(&their_refs);
566 free(server_capabilities);
571 main(int argc, char **argv)
573 const struct got_error *err = NULL;
577 struct got_pathlist_head refs;
578 struct got_pathlist_head delete_refs;
579 struct got_pathlist_entry *pe;
580 struct got_imsg_send_request send_req;
581 struct got_imsg_send_ref href;
590 TAILQ_INIT(&delete_refs);
592 imsg_init(&ibuf, GOT_IMSG_FD_CHILD);
594 /* revoke access to most system calls */
595 if (pledge("stdio recvfd", NULL) == -1) {
596 err = got_error_from_errno("pledge");
597 got_privsep_send_error(&ibuf, err);
601 /* revoke fs access */
602 if (landlock_no_fs() == -1) {
603 err = got_error_from_errno("landlock_no_fs");
604 got_privsep_send_error(&ibuf, err);
607 if (cap_enter() == -1) {
608 err = got_error_from_errno("cap_enter");
609 got_privsep_send_error(&ibuf, err);
613 if ((err = got_privsep_recv_imsg(&imsg, &ibuf, 0)) != 0) {
614 if (err->code == GOT_ERR_PRIVSEP_PIPE)
618 if (imsg.hdr.type == GOT_IMSG_STOP)
620 if (imsg.hdr.type != GOT_IMSG_SEND_REQUEST) {
621 err = got_error(GOT_ERR_PRIVSEP_MSG);
624 datalen = imsg.hdr.len - IMSG_HEADER_SIZE;
625 if (datalen < sizeof(send_req)) {
626 err = got_error(GOT_ERR_PRIVSEP_LEN);
629 memcpy(&send_req, imsg.data, sizeof(send_req));
633 if (send_req.verbosity > 0)
634 chattygot += send_req.verbosity;
636 for (i = 0; i < send_req.nrefs; i++) {
637 struct got_object_id *id;
640 if ((err = got_privsep_recv_imsg(&imsg, &ibuf, 0)) != 0) {
641 if (err->code == GOT_ERR_PRIVSEP_PIPE)
645 if (imsg.hdr.type == GOT_IMSG_STOP)
647 if (imsg.hdr.type != GOT_IMSG_SEND_REF) {
648 err = got_error(GOT_ERR_PRIVSEP_MSG);
651 datalen = imsg.hdr.len - IMSG_HEADER_SIZE;
652 if (datalen < sizeof(href)) {
653 err = got_error(GOT_ERR_PRIVSEP_LEN);
656 memcpy(&href, imsg.data, sizeof(href));
657 if (datalen - sizeof(href) < href.name_len) {
658 err = got_error(GOT_ERR_PRIVSEP_LEN);
661 refname = malloc(href.name_len + 1);
662 if (refname == NULL) {
663 err = got_error_from_errno("malloc");
666 memcpy(refname, imsg.data + sizeof(href), href.name_len);
667 refname[href.name_len] = '\0';
670 * Prevent sending of references that won't make any
671 * sense outside the local repository's context.
673 if (strncmp(refname, "refs/got/", 9) == 0 ||
674 strncmp(refname, "refs/remotes/", 13) == 0) {
675 err = got_error_fmt(GOT_ERR_SEND_BAD_REF,
680 id = malloc(sizeof(*id));
683 err = got_error_from_errno("malloc");
686 memcpy(id->sha1, href.id, SHA1_DIGEST_LENGTH);
688 err = got_pathlist_append(&delete_refs, refname, id);
690 err = got_pathlist_append(&refs, refname, id);
700 err = send_pack(sendfd, &refs, &delete_refs, &ibuf);
702 TAILQ_FOREACH(pe, &refs, entry) {
703 free((char *)pe->path);
706 got_pathlist_free(&refs);
707 TAILQ_FOREACH(pe, &delete_refs, entry) {
708 free((char *)pe->path);
711 got_pathlist_free(&delete_refs);
712 if (sendfd != -1 && close(sendfd) == -1 && err == NULL)
713 err = got_error_from_errno("close");
714 if (err != NULL && err->code != GOT_ERR_CANCELLED) {
715 fprintf(stderr, "%s: %s\n", getprogname(), err->msg);
716 got_privsep_send_error(&ibuf, err);
