2 * Copyright (c) 2022, 2023 Stefan Sperling <stsp@openbsd.org>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 #include "got_compat.h"
19 #include <sys/types.h>
20 #include <sys/queue.h>
21 #include <sys/socket.h>
36 #include "got_compat.h"
38 #include "got_error.h"
39 #include "got_repository.h"
40 #include "got_object.h"
42 #include "got_reference.h"
43 #include "got_opentemp.h"
45 #include "got_lib_hash.h"
46 #include "got_lib_delta.h"
47 #include "got_lib_object.h"
48 #include "got_lib_object_cache.h"
49 #include "got_lib_pack.h"
50 #include "got_lib_repository.h"
51 #include "got_lib_gitproto.h"
58 static struct gotd_session {
61 struct got_repository *repo;
64 struct gotd_imsgev parent_iev;
65 struct timeval request_timeout;
66 enum gotd_procid proc_id;
69 static struct gotd_session_client {
70 enum gotd_session_state state;
72 struct gotd_client_capability *capabilities;
78 struct gotd_imsgev iev;
79 struct gotd_imsgev repo_child_iev;
88 } gotd_session_client;
90 void gotd_session_sighdlr(int sig, short event, void *arg);
91 static void gotd_session_shutdown(void);
94 disconnect(struct gotd_session_client *client)
96 log_debug("uid %d: disconnecting", client->euid);
98 if (gotd_imsg_compose_event(&gotd_session.parent_iev,
99 GOTD_IMSG_DISCONNECT, gotd_session.proc_id, -1, NULL, 0) == -1)
100 log_warn("imsg compose DISCONNECT");
102 imsg_clear(&client->repo_child_iev.ibuf);
103 event_del(&client->repo_child_iev.ev);
104 evtimer_del(&client->tmo);
106 if (client->delta_cache_fd != -1)
107 close(client->delta_cache_fd);
108 if (client->packfile_path) {
109 if (unlink(client->packfile_path) == -1 && errno != ENOENT)
110 log_warn("unlink %s: ", client->packfile_path);
111 free(client->packfile_path);
113 if (client->packidx_path) {
114 if (unlink(client->packidx_path) == -1 && errno != ENOENT)
115 log_warn("unlink %s: ", client->packidx_path);
116 free(client->packidx_path);
118 free(client->capabilities);
120 gotd_session_shutdown();
124 disconnect_on_error(struct gotd_session_client *client,
125 const struct got_error *err)
129 if (err->code != GOT_ERR_EOF) {
130 log_warnx("uid %d: %s", client->euid, err->msg);
131 imsg_init(&ibuf, client->fd);
132 gotd_imsg_send_error(&ibuf, 0, gotd_session.proc_id, err);
140 gotd_request_timeout(int fd, short events, void *arg)
142 struct gotd_session_client *client = arg;
144 log_debug("disconnecting uid %d due to timeout", client->euid);
149 gotd_session_sighdlr(int sig, short event, void *arg)
152 * Normal signal handler rules don't apply because libevent
158 log_info("%s: ignoring SIGHUP", __func__);
161 log_info("%s: ignoring SIGUSR1", __func__);
165 gotd_session_shutdown();
169 fatalx("unexpected signal");
173 static const struct got_error *
174 recv_packfile_done(uint32_t *client_id, struct imsg *imsg)
176 struct gotd_imsg_packfile_done idone;
179 log_debug("packfile-done received");
181 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
182 if (datalen != sizeof(idone))
183 return got_error(GOT_ERR_PRIVSEP_LEN);
184 memcpy(&idone, imsg->data, sizeof(idone));
186 *client_id = idone.client_id;
190 static const struct got_error *
191 recv_packfile_install(uint32_t *client_id, struct imsg *imsg)
193 struct gotd_imsg_packfile_install inst;
196 log_debug("packfile-install received");
198 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
199 if (datalen != sizeof(inst))
200 return got_error(GOT_ERR_PRIVSEP_LEN);
201 memcpy(&inst, imsg->data, sizeof(inst));
203 *client_id = inst.client_id;
207 static const struct got_error *
208 recv_ref_updates_start(uint32_t *client_id, struct imsg *imsg)
210 struct gotd_imsg_ref_updates_start istart;
213 log_debug("ref-updates-start received");
215 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
216 if (datalen != sizeof(istart))
217 return got_error(GOT_ERR_PRIVSEP_LEN);
218 memcpy(&istart, imsg->data, sizeof(istart));
220 *client_id = istart.client_id;
224 static const struct got_error *
225 recv_ref_update(uint32_t *client_id, struct imsg *imsg)
227 struct gotd_imsg_ref_update iref;
230 log_debug("ref-update received");
232 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
233 if (datalen < sizeof(iref))
234 return got_error(GOT_ERR_PRIVSEP_LEN);
235 memcpy(&iref, imsg->data, sizeof(iref));
237 *client_id = iref.client_id;
241 static const struct got_error *
242 send_ref_update_ok(struct gotd_session_client *client,
243 struct gotd_imsg_ref_update *iref, const char *refname)
245 struct gotd_imsg_ref_update_ok iok;
246 struct gotd_imsgev *iev = &client->iev;
250 memset(&iok, 0, sizeof(iok));
251 iok.client_id = client->id;
252 memcpy(iok.old_id, iref->old_id, SHA1_DIGEST_LENGTH);
253 memcpy(iok.new_id, iref->new_id, SHA1_DIGEST_LENGTH);
254 iok.name_len = strlen(refname);
256 len = sizeof(iok) + iok.name_len;
257 wbuf = imsg_create(&iev->ibuf, GOTD_IMSG_REF_UPDATE_OK,
258 gotd_session.proc_id, gotd_session.pid, len);
260 return got_error_from_errno("imsg_create REF_UPDATE_OK");
262 if (imsg_add(wbuf, &iok, sizeof(iok)) == -1)
263 return got_error_from_errno("imsg_add REF_UPDATE_OK");
264 if (imsg_add(wbuf, refname, iok.name_len) == -1)
265 return got_error_from_errno("imsg_add REF_UPDATE_OK");
267 imsg_close(&iev->ibuf, wbuf);
268 gotd_imsg_event_add(iev);
273 send_refs_updated(struct gotd_session_client *client)
275 if (gotd_imsg_compose_event(&client->iev, GOTD_IMSG_REFS_UPDATED,
276 gotd_session.proc_id, -1, NULL, 0) == -1)
277 log_warn("imsg compose REFS_UPDATED");
280 static const struct got_error *
281 send_ref_update_ng(struct gotd_session_client *client,
282 struct gotd_imsg_ref_update *iref, const char *refname,
285 const struct got_error *ng_err;
286 struct gotd_imsg_ref_update_ng ing;
287 struct gotd_imsgev *iev = &client->iev;
291 memset(&ing, 0, sizeof(ing));
292 ing.client_id = client->id;
293 memcpy(ing.old_id, iref->old_id, SHA1_DIGEST_LENGTH);
294 memcpy(ing.new_id, iref->new_id, SHA1_DIGEST_LENGTH);
295 ing.name_len = strlen(refname);
297 ng_err = got_error_fmt(GOT_ERR_REF_BUSY, "%s", reason);
298 ing.reason_len = strlen(ng_err->msg);
300 len = sizeof(ing) + ing.name_len + ing.reason_len;
301 wbuf = imsg_create(&iev->ibuf, GOTD_IMSG_REF_UPDATE_NG,
302 gotd_session.proc_id, gotd_session.pid, len);
304 return got_error_from_errno("imsg_create REF_UPDATE_NG");
306 if (imsg_add(wbuf, &ing, sizeof(ing)) == -1)
307 return got_error_from_errno("imsg_add REF_UPDATE_NG");
308 if (imsg_add(wbuf, refname, ing.name_len) == -1)
309 return got_error_from_errno("imsg_add REF_UPDATE_NG");
310 if (imsg_add(wbuf, ng_err->msg, ing.reason_len) == -1)
311 return got_error_from_errno("imsg_add REF_UPDATE_NG");
313 imsg_close(&iev->ibuf, wbuf);
314 gotd_imsg_event_add(iev);
318 static const struct got_error *
319 install_pack(struct gotd_session_client *client, const char *repo_path,
322 const struct got_error *err = NULL;
323 struct gotd_imsg_packfile_install inst;
324 char hex[SHA1_DIGEST_STRING_LENGTH];
326 char *packfile_path = NULL, *packidx_path = NULL;
328 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
329 if (datalen != sizeof(inst))
330 return got_error(GOT_ERR_PRIVSEP_LEN);
331 memcpy(&inst, imsg->data, sizeof(inst));
333 if (client->packfile_path == NULL)
334 return got_error_msg(GOT_ERR_BAD_REQUEST,
335 "client has no pack file");
336 if (client->packidx_path == NULL)
337 return got_error_msg(GOT_ERR_BAD_REQUEST,
338 "client has no pack file index");
340 if (got_sha1_digest_to_str(inst.pack_sha1, hex, sizeof(hex)) == NULL)
341 return got_error_msg(GOT_ERR_NO_SPACE,
342 "could not convert pack file SHA1 to hex");
344 if (asprintf(&packfile_path, "/%s/%s/pack-%s.pack",
345 repo_path, GOT_OBJECTS_PACK_DIR, hex) == -1) {
346 err = got_error_from_errno("asprintf");
350 if (asprintf(&packidx_path, "/%s/%s/pack-%s.idx",
351 repo_path, GOT_OBJECTS_PACK_DIR, hex) == -1) {
352 err = got_error_from_errno("asprintf");
356 if (rename(client->packfile_path, packfile_path) == -1) {
357 err = got_error_from_errno3("rename", client->packfile_path,
362 free(client->packfile_path);
363 client->packfile_path = NULL;
365 if (rename(client->packidx_path, packidx_path) == -1) {
366 err = got_error_from_errno3("rename", client->packidx_path,
371 /* Ensure we re-read the pack index list upon next access. */
372 gotd_session.repo->pack_path_mtime.tv_sec = 0;
373 gotd_session.repo->pack_path_mtime.tv_nsec = 0;
375 free(client->packidx_path);
376 client->packidx_path = NULL;
383 static const struct got_error *
384 begin_ref_updates(struct gotd_session_client *client, struct imsg *imsg)
386 struct gotd_imsg_ref_updates_start istart;
389 if (client->nref_updates != -1)
390 return got_error(GOT_ERR_PRIVSEP_MSG);
392 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
393 if (datalen != sizeof(istart))
394 return got_error(GOT_ERR_PRIVSEP_LEN);
395 memcpy(&istart, imsg->data, sizeof(istart));
397 if (istart.nref_updates <= 0)
398 return got_error(GOT_ERR_PRIVSEP_MSG);
400 client->nref_updates = istart.nref_updates;
404 static const struct got_error *
405 update_ref(int *shut, struct gotd_session_client *client,
406 const char *repo_path, struct imsg *imsg)
408 const struct got_error *err = NULL;
409 struct got_repository *repo = gotd_session.repo;
410 struct got_reference *ref = NULL;
411 struct gotd_imsg_ref_update iref;
412 struct got_object_id old_id, new_id;
413 struct got_object_id *id = NULL;
414 char *refname = NULL;
417 char hex1[SHA1_DIGEST_STRING_LENGTH];
418 char hex2[SHA1_DIGEST_STRING_LENGTH];
420 log_debug("update-ref from uid %d", client->euid);
422 if (client->nref_updates <= 0)
423 return got_error(GOT_ERR_PRIVSEP_MSG);
425 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
426 if (datalen < sizeof(iref))
427 return got_error(GOT_ERR_PRIVSEP_LEN);
428 memcpy(&iref, imsg->data, sizeof(iref));
429 if (datalen != sizeof(iref) + iref.name_len)
430 return got_error(GOT_ERR_PRIVSEP_LEN);
431 refname = strndup(imsg->data + sizeof(iref), iref.name_len);
433 return got_error_from_errno("strndup");
435 log_debug("updating ref %s for uid %d", refname, client->euid);
437 memcpy(old_id.sha1, iref.old_id, SHA1_DIGEST_LENGTH);
438 memcpy(new_id.sha1, iref.new_id, SHA1_DIGEST_LENGTH);
439 err = got_repo_find_object_id(iref.delete_ref ? &old_id : &new_id,
444 if (iref.ref_is_new) {
445 err = got_ref_open(&ref, repo, refname, 0);
447 if (err->code != GOT_ERR_NOT_REF)
449 err = got_ref_alloc(&ref, refname, &new_id);
452 err = got_ref_write(ref, repo); /* will lock/unlock */
456 err = got_ref_resolve(&id, repo, ref);
459 got_object_id_hex(&new_id, hex1, sizeof(hex1));
460 got_object_id_hex(id, hex2, sizeof(hex2));
461 err = got_error_fmt(GOT_ERR_REF_BUSY,
462 "Addition %s: %s failed; %s: %s has been "
463 "created by someone else while transaction "
465 got_ref_get_name(ref), hex1,
466 got_ref_get_name(ref), hex2);
469 } else if (iref.delete_ref) {
470 err = got_ref_open(&ref, repo, refname, 1 /* lock */);
475 err = got_ref_resolve(&id, repo, ref);
479 if (got_object_id_cmp(id, &old_id) != 0) {
480 got_object_id_hex(&old_id, hex1, sizeof(hex1));
481 got_object_id_hex(id, hex2, sizeof(hex2));
482 err = got_error_fmt(GOT_ERR_REF_BUSY,
483 "Deletion %s: %s failed; %s: %s has been "
484 "created by someone else while transaction "
486 got_ref_get_name(ref), hex1,
487 got_ref_get_name(ref), hex2);
491 err = got_ref_delete(ref, repo);
498 err = got_ref_open(&ref, repo, refname, 1 /* lock */);
503 err = got_ref_resolve(&id, repo, ref);
507 if (got_object_id_cmp(id, &old_id) != 0) {
508 got_object_id_hex(&old_id, hex1, sizeof(hex1));
509 got_object_id_hex(id, hex2, sizeof(hex2));
510 err = got_error_fmt(GOT_ERR_REF_BUSY,
511 "Update %s: %s failed; %s: %s has been "
512 "created by someone else while transaction "
514 got_ref_get_name(ref), hex1,
515 got_ref_get_name(ref), hex2);
519 if (got_object_id_cmp(&new_id, &old_id) != 0) {
520 err = got_ref_change_ref(ref, &new_id);
524 err = got_ref_write(ref, repo);
534 if (err->code == GOT_ERR_LOCKFILE_TIMEOUT) {
535 err = got_error_fmt(GOT_ERR_LOCKFILE_TIMEOUT,
536 "could not acquire exclusive file lock for %s",
539 send_ref_update_ng(client, &iref, refname, err->msg);
541 send_ref_update_ok(client, &iref, refname);
543 if (client->nref_updates > 0) {
544 client->nref_updates--;
545 if (client->nref_updates == 0) {
546 send_refs_updated(client);
547 client->flush_disconnect = 1;
552 const struct got_error *unlock_err;
553 unlock_err = got_ref_unlock(ref);
554 if (unlock_err && err == NULL)
565 session_dispatch_repo_child(int fd, short event, void *arg)
567 struct gotd_imsgev *iev = arg;
568 struct imsgbuf *ibuf = &iev->ibuf;
569 struct gotd_session_client *client = &gotd_session_client;
574 if (event & EV_READ) {
575 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
576 fatal("imsg_read error");
578 /* Connection closed. */
584 if (event & EV_WRITE) {
585 n = msgbuf_write(&ibuf->w);
586 if (n == -1 && errno != EAGAIN)
587 fatal("msgbuf_write");
589 /* Connection closed. */
596 const struct got_error *err = NULL;
597 uint32_t client_id = 0;
598 int do_disconnect = 0;
599 int do_ref_updates = 0, do_ref_update = 0;
600 int do_packfile_install = 0;
602 if ((n = imsg_get(ibuf, &imsg)) == -1)
603 fatal("%s: imsg_get error", __func__);
604 if (n == 0) /* No more messages. */
607 switch (imsg.hdr.type) {
608 case GOTD_IMSG_ERROR:
610 err = gotd_imsg_recv_error(&client_id, &imsg);
612 case GOTD_IMSG_PACKFILE_DONE:
614 err = recv_packfile_done(&client_id, &imsg);
616 case GOTD_IMSG_PACKFILE_INSTALL:
617 err = recv_packfile_install(&client_id, &imsg);
619 do_packfile_install = 1;
621 case GOTD_IMSG_REF_UPDATES_START:
622 err = recv_ref_updates_start(&client_id, &imsg);
626 case GOTD_IMSG_REF_UPDATE:
627 err = recv_ref_update(&client_id, &imsg);
632 log_debug("unexpected imsg %d", imsg.hdr.type);
638 disconnect_on_error(client, err);
642 if (do_packfile_install)
643 err = install_pack(client,
644 gotd_session.repo->path, &imsg);
645 else if (do_ref_updates)
646 err = begin_ref_updates(client, &imsg);
647 else if (do_ref_update)
648 err = update_ref(&shut, client,
649 gotd_session.repo->path, &imsg);
651 log_warnx("uid %d: %s", client->euid, err->msg);
657 gotd_imsg_event_add(iev);
659 /* This pipe is dead. Remove its event handler */
661 event_loopexit(NULL);
665 static const struct got_error *
666 recv_capabilities(struct gotd_session_client *client, struct imsg *imsg)
668 struct gotd_imsg_capabilities icapas;
671 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
672 if (datalen != sizeof(icapas))
673 return got_error(GOT_ERR_PRIVSEP_LEN);
674 memcpy(&icapas, imsg->data, sizeof(icapas));
676 client->ncapa_alloc = icapas.ncapabilities;
677 client->capabilities = calloc(client->ncapa_alloc,
678 sizeof(*client->capabilities));
679 if (client->capabilities == NULL) {
680 client->ncapa_alloc = 0;
681 return got_error_from_errno("calloc");
684 log_debug("expecting %zu capabilities from uid %d",
685 client->ncapa_alloc, client->euid);
689 static const struct got_error *
690 recv_capability(struct gotd_session_client *client, struct imsg *imsg)
692 struct gotd_imsg_capability icapa;
693 struct gotd_client_capability *capa;
695 char *key, *value = NULL;
697 if (client->capabilities == NULL ||
698 client->ncapabilities >= client->ncapa_alloc) {
699 return got_error_msg(GOT_ERR_BAD_REQUEST,
700 "unexpected capability received");
703 memset(&icapa, 0, sizeof(icapa));
705 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
706 if (datalen < sizeof(icapa))
707 return got_error(GOT_ERR_PRIVSEP_LEN);
708 memcpy(&icapa, imsg->data, sizeof(icapa));
710 if (datalen != sizeof(icapa) + icapa.key_len + icapa.value_len)
711 return got_error(GOT_ERR_PRIVSEP_LEN);
713 key = strndup(imsg->data + sizeof(icapa), icapa.key_len);
715 return got_error_from_errno("strndup");
716 if (icapa.value_len > 0) {
717 value = strndup(imsg->data + sizeof(icapa) + icapa.key_len,
721 return got_error_from_errno("strndup");
725 capa = &client->capabilities[client->ncapabilities++];
730 log_debug("uid %d: capability %s=%s", client->euid, key, value);
732 log_debug("uid %d: capability %s", client->euid, key);
737 static const struct got_error *
738 ensure_client_is_reading(struct gotd_session_client *client)
740 if (client->is_writing) {
741 return got_error_fmt(GOT_ERR_BAD_PACKET,
742 "uid %d made a read-request but is not reading from "
743 "a repository", client->euid);
749 static const struct got_error *
750 ensure_client_is_writing(struct gotd_session_client *client)
752 if (!client->is_writing) {
753 return got_error_fmt(GOT_ERR_BAD_PACKET,
754 "uid %d made a write-request but is not writing to "
755 "a repository", client->euid);
761 static const struct got_error *
762 forward_want(struct gotd_session_client *client, struct imsg *imsg)
764 struct gotd_imsg_want ireq;
765 struct gotd_imsg_want iwant;
768 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
769 if (datalen != sizeof(ireq))
770 return got_error(GOT_ERR_PRIVSEP_LEN);
772 memcpy(&ireq, imsg->data, datalen);
774 memset(&iwant, 0, sizeof(iwant));
775 memcpy(iwant.object_id, ireq.object_id, SHA1_DIGEST_LENGTH);
776 iwant.client_id = client->id;
778 if (gotd_imsg_compose_event(&client->repo_child_iev, GOTD_IMSG_WANT,
779 gotd_session.proc_id, -1, &iwant, sizeof(iwant)) == -1)
780 return got_error_from_errno("imsg compose WANT");
785 static const struct got_error *
786 forward_ref_update(struct gotd_session_client *client, struct imsg *imsg)
788 const struct got_error *err = NULL;
789 struct gotd_imsg_ref_update ireq;
790 struct gotd_imsg_ref_update *iref = NULL;
793 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
794 if (datalen < sizeof(ireq))
795 return got_error(GOT_ERR_PRIVSEP_LEN);
796 memcpy(&ireq, imsg->data, sizeof(ireq));
797 if (datalen != sizeof(ireq) + ireq.name_len)
798 return got_error(GOT_ERR_PRIVSEP_LEN);
800 iref = malloc(datalen);
802 return got_error_from_errno("malloc");
803 memcpy(iref, imsg->data, datalen);
805 iref->client_id = client->id;
806 if (gotd_imsg_compose_event(&client->repo_child_iev,
807 GOTD_IMSG_REF_UPDATE, gotd_session.proc_id, -1,
808 iref, datalen) == -1)
809 err = got_error_from_errno("imsg compose REF_UPDATE");
814 static const struct got_error *
815 forward_have(struct gotd_session_client *client, struct imsg *imsg)
817 struct gotd_imsg_have ireq;
818 struct gotd_imsg_have ihave;
821 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
822 if (datalen != sizeof(ireq))
823 return got_error(GOT_ERR_PRIVSEP_LEN);
825 memcpy(&ireq, imsg->data, datalen);
827 memset(&ihave, 0, sizeof(ihave));
828 memcpy(ihave.object_id, ireq.object_id, SHA1_DIGEST_LENGTH);
829 ihave.client_id = client->id;
831 if (gotd_imsg_compose_event(&client->repo_child_iev, GOTD_IMSG_HAVE,
832 gotd_session.proc_id, -1, &ihave, sizeof(ihave)) == -1)
833 return got_error_from_errno("imsg compose HAVE");
839 client_has_capability(struct gotd_session_client *client, const char *capastr)
841 struct gotd_client_capability *capa;
844 if (client->ncapabilities == 0)
847 for (i = 0; i < client->ncapabilities; i++) {
848 capa = &client->capabilities[i];
849 if (strcmp(capa->key, capastr) == 0)
856 static const struct got_error *
857 recv_packfile(struct gotd_session_client *client)
859 const struct got_error *err = NULL;
860 struct gotd_imsg_recv_packfile ipack;
861 struct gotd_imsg_packfile_pipe ipipe;
862 struct gotd_imsg_packidx_file ifile;
863 char *basepath = NULL, *pack_path = NULL, *idx_path = NULL;
864 int packfd = -1, idxfd = -1;
865 int pipe[2] = { -1, -1 };
867 if (client->packfile_path) {
868 return got_error_fmt(GOT_ERR_PRIVSEP_MSG,
869 "uid %d already has a pack file", client->euid);
872 if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pipe) == -1)
873 return got_error_from_errno("socketpair");
875 memset(&ipipe, 0, sizeof(ipipe));
876 ipipe.client_id = client->id;
878 /* Send pack pipe end 0 to repo child process. */
879 if (gotd_imsg_compose_event(&client->repo_child_iev,
880 GOTD_IMSG_PACKFILE_PIPE, gotd_session.proc_id, pipe[0],
881 &ipipe, sizeof(ipipe)) == -1) {
882 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
888 /* Send pack pipe end 1 to gotsh(1) (expects just an fd, no data). */
889 if (gotd_imsg_compose_event(&client->iev,
890 GOTD_IMSG_PACKFILE_PIPE, gotd_session.proc_id, pipe[1],
892 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
895 if (asprintf(&basepath, "%s/%s/receiving-from-uid-%d.pack",
896 got_repo_get_path(gotd_session.repo), GOT_OBJECTS_PACK_DIR,
897 client->euid) == -1) {
898 err = got_error_from_errno("asprintf");
902 err = got_opentemp_named_fd(&pack_path, &packfd, basepath, "");
905 if (fchmod(packfd, GOT_DEFAULT_PACK_MODE) == -1) {
906 err = got_error_from_errno2("fchmod", pack_path);
911 if (asprintf(&basepath, "%s/%s/receiving-from-uid-%d.idx",
912 got_repo_get_path(gotd_session.repo), GOT_OBJECTS_PACK_DIR,
913 client->euid) == -1) {
914 err = got_error_from_errno("asprintf");
918 err = got_opentemp_named_fd(&idx_path, &idxfd, basepath, "");
921 if (fchmod(idxfd, GOT_DEFAULT_PACK_MODE) == -1) {
922 err = got_error_from_errno2("fchmod", idx_path);
926 memset(&ifile, 0, sizeof(ifile));
927 ifile.client_id = client->id;
928 if (gotd_imsg_compose_event(&client->repo_child_iev,
929 GOTD_IMSG_PACKIDX_FILE, gotd_session.proc_id,
930 idxfd, &ifile, sizeof(ifile)) == -1) {
931 err = got_error_from_errno("imsg compose PACKIDX_FILE");
937 memset(&ipack, 0, sizeof(ipack));
938 ipack.client_id = client->id;
939 if (client_has_capability(client, GOT_CAPA_REPORT_STATUS))
940 ipack.report_status = 1;
942 if (gotd_imsg_compose_event(&client->repo_child_iev,
943 GOTD_IMSG_RECV_PACKFILE, gotd_session.proc_id, packfd,
944 &ipack, sizeof(ipack)) == -1) {
945 err = got_error_from_errno("imsg compose RECV_PACKFILE");
953 if (pipe[0] != -1 && close(pipe[0]) == -1 && err == NULL)
954 err = got_error_from_errno("close");
955 if (pipe[1] != -1 && close(pipe[1]) == -1 && err == NULL)
956 err = got_error_from_errno("close");
957 if (packfd != -1 && close(packfd) == -1 && err == NULL)
958 err = got_error_from_errno("close");
959 if (idxfd != -1 && close(idxfd) == -1 && err == NULL)
960 err = got_error_from_errno("close");
965 client->packfile_path = pack_path;
966 client->packidx_path = idx_path;
971 static const struct got_error *
972 send_packfile(struct gotd_session_client *client)
974 const struct got_error *err = NULL;
975 struct gotd_imsg_send_packfile ipack;
976 struct gotd_imsg_packfile_pipe ipipe;
979 if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pipe) == -1)
980 return got_error_from_errno("socketpair");
982 memset(&ipack, 0, sizeof(ipack));
983 memset(&ipipe, 0, sizeof(ipipe));
985 ipack.client_id = client->id;
986 if (client_has_capability(client, GOT_CAPA_SIDE_BAND_64K))
987 ipack.report_progress = 1;
989 client->delta_cache_fd = got_opentempfd();
990 if (client->delta_cache_fd == -1)
991 return got_error_from_errno("got_opentempfd");
993 if (gotd_imsg_compose_event(&client->repo_child_iev,
994 GOTD_IMSG_SEND_PACKFILE, PROC_GOTD, client->delta_cache_fd,
995 &ipack, sizeof(ipack)) == -1) {
996 err = got_error_from_errno("imsg compose SEND_PACKFILE");
1002 ipipe.client_id = client->id;
1004 /* Send pack pipe end 0 to repo child process. */
1005 if (gotd_imsg_compose_event(&client->repo_child_iev,
1006 GOTD_IMSG_PACKFILE_PIPE, PROC_GOTD,
1007 pipe[0], &ipipe, sizeof(ipipe)) == -1) {
1008 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
1013 /* Send pack pipe end 1 to gotsh(1) (expects just an fd, no data). */
1014 if (gotd_imsg_compose_event(&client->iev,
1015 GOTD_IMSG_PACKFILE_PIPE, PROC_GOTD, pipe[1], NULL, 0) == -1)
1016 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
1022 session_dispatch_client(int fd, short events, void *arg)
1024 struct gotd_imsgev *iev = arg;
1025 struct imsgbuf *ibuf = &iev->ibuf;
1026 struct gotd_session_client *client = &gotd_session_client;
1027 const struct got_error *err = NULL;
1031 if (events & EV_WRITE) {
1032 while (ibuf->w.queued) {
1033 n = msgbuf_write(&ibuf->w);
1034 if (n == -1 && errno == EPIPE) {
1036 * The client has closed its socket.
1037 * This can happen when Git clients are
1038 * done sending pack file data.
1040 msgbuf_clear(&ibuf->w);
1042 } else if (n == -1 && errno != EAGAIN) {
1043 err = got_error_from_errno("imsg_flush");
1044 disconnect_on_error(client, err);
1048 /* Connection closed. */
1049 err = got_error(GOT_ERR_EOF);
1050 disconnect_on_error(client, err);
1055 if (client->flush_disconnect) {
1061 if ((events & EV_READ) == 0)
1064 memset(&imsg, 0, sizeof(imsg));
1066 while (err == NULL) {
1067 err = gotd_imsg_recv(&imsg, ibuf, 0);
1069 if (err->code == GOT_ERR_PRIVSEP_READ)
1071 else if (err->code == GOT_ERR_EOF &&
1072 client->state == GOTD_STATE_EXPECT_CAPABILITIES) {
1074 * The client has closed its socket before
1075 * sending its capability announcement.
1076 * This can happen when Git clients have
1077 * no ref-updates to send.
1079 disconnect_on_error(client, err);
1085 evtimer_del(&client->tmo);
1087 switch (imsg.hdr.type) {
1088 case GOTD_IMSG_CAPABILITIES:
1089 if (client->state != GOTD_STATE_EXPECT_CAPABILITIES) {
1090 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1091 "unexpected capabilities received");
1094 log_debug("receiving capabilities from uid %d",
1096 err = recv_capabilities(client, &imsg);
1098 case GOTD_IMSG_CAPABILITY:
1099 if (client->state != GOTD_STATE_EXPECT_CAPABILITIES) {
1100 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1101 "unexpected capability received");
1104 err = recv_capability(client, &imsg);
1105 if (err || client->ncapabilities < client->ncapa_alloc)
1107 if (!client->is_writing) {
1108 client->state = GOTD_STATE_EXPECT_WANT;
1109 client->accept_flush_pkt = 1;
1110 log_debug("uid %d: expecting want-lines",
1112 } else if (client->is_writing) {
1113 client->state = GOTD_STATE_EXPECT_REF_UPDATE;
1114 client->accept_flush_pkt = 1;
1115 log_debug("uid %d: expecting ref-update-lines",
1118 fatalx("client %d is both reading and writing",
1121 case GOTD_IMSG_WANT:
1122 if (client->state != GOTD_STATE_EXPECT_WANT) {
1123 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1124 "unexpected want-line received");
1127 log_debug("received want-line from uid %d",
1129 err = ensure_client_is_reading(client);
1132 client->accept_flush_pkt = 1;
1133 err = forward_want(client, &imsg);
1135 case GOTD_IMSG_REF_UPDATE:
1136 if (client->state != GOTD_STATE_EXPECT_REF_UPDATE &&
1138 GOTD_STATE_EXPECT_MORE_REF_UPDATES) {
1139 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1140 "unexpected ref-update-line received");
1143 log_debug("received ref-update-line from uid %d",
1145 err = ensure_client_is_writing(client);
1148 err = forward_ref_update(client, &imsg);
1151 client->state = GOTD_STATE_EXPECT_MORE_REF_UPDATES;
1152 client->accept_flush_pkt = 1;
1154 case GOTD_IMSG_HAVE:
1155 if (client->state != GOTD_STATE_EXPECT_HAVE) {
1156 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1157 "unexpected have-line received");
1160 log_debug("received have-line from uid %d",
1162 err = ensure_client_is_reading(client);
1165 err = forward_have(client, &imsg);
1168 client->accept_flush_pkt = 1;
1170 case GOTD_IMSG_FLUSH:
1171 if (client->state == GOTD_STATE_EXPECT_WANT ||
1172 client->state == GOTD_STATE_EXPECT_HAVE) {
1173 err = ensure_client_is_reading(client);
1176 } else if (client->state ==
1177 GOTD_STATE_EXPECT_MORE_REF_UPDATES) {
1178 err = ensure_client_is_writing(client);
1181 } else if (client->state != GOTD_STATE_EXPECT_DONE) {
1182 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1183 "unexpected flush-pkt received");
1186 if (!client->accept_flush_pkt) {
1187 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1188 "unexpected flush-pkt received");
1193 * Accept just one flush packet at a time.
1194 * Future client state transitions will set this flag
1195 * again if another flush packet is expected.
1197 client->accept_flush_pkt = 0;
1199 log_debug("received flush-pkt from uid %d",
1201 if (client->state == GOTD_STATE_EXPECT_WANT) {
1202 client->state = GOTD_STATE_EXPECT_HAVE;
1203 log_debug("uid %d: expecting have-lines",
1205 } else if (client->state == GOTD_STATE_EXPECT_HAVE) {
1206 client->state = GOTD_STATE_EXPECT_DONE;
1207 client->accept_flush_pkt = 1;
1208 log_debug("uid %d: expecting 'done'",
1210 } else if (client->state ==
1211 GOTD_STATE_EXPECT_MORE_REF_UPDATES) {
1212 client->state = GOTD_STATE_EXPECT_PACKFILE;
1213 log_debug("uid %d: expecting packfile",
1215 err = recv_packfile(client);
1216 } else if (client->state != GOTD_STATE_EXPECT_DONE) {
1217 /* should not happen, see above */
1218 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1219 "unexpected client state");
1223 case GOTD_IMSG_DONE:
1224 if (client->state != GOTD_STATE_EXPECT_HAVE &&
1225 client->state != GOTD_STATE_EXPECT_DONE) {
1226 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1227 "unexpected flush-pkt received");
1230 log_debug("received 'done' from uid %d", client->euid);
1231 err = ensure_client_is_reading(client);
1234 client->state = GOTD_STATE_DONE;
1235 client->accept_flush_pkt = 1;
1236 err = send_packfile(client);
1239 log_debug("unexpected imsg %d", imsg.hdr.type);
1240 err = got_error(GOT_ERR_PRIVSEP_MSG);
1248 if (err->code != GOT_ERR_EOF ||
1249 client->state != GOTD_STATE_EXPECT_PACKFILE)
1250 disconnect_on_error(client, err);
1252 gotd_imsg_event_add(iev);
1253 evtimer_add(&client->tmo, &gotd_session.request_timeout);
1257 static const struct got_error *
1258 list_refs_request(void)
1260 static const struct got_error *err;
1261 struct gotd_session_client *client = &gotd_session_client;
1262 struct gotd_imsgev *iev = &client->repo_child_iev;
1263 struct gotd_imsg_list_refs_internal ilref;
1266 if (client->state != GOTD_STATE_EXPECT_LIST_REFS)
1267 return got_error(GOT_ERR_PRIVSEP_MSG);
1269 memset(&ilref, 0, sizeof(ilref));
1270 ilref.client_id = client->id;
1272 fd = dup(client->fd);
1274 return got_error_from_errno("dup");
1276 if (gotd_imsg_compose_event(iev, GOTD_IMSG_LIST_REFS_INTERNAL,
1277 gotd_session.proc_id, fd, &ilref, sizeof(ilref)) == -1) {
1278 err = got_error_from_errno("imsg compose LIST_REFS_INTERNAL");
1283 client->state = GOTD_STATE_EXPECT_CAPABILITIES;
1284 log_debug("uid %d: expecting capabilities", client->euid);
1288 static const struct got_error *
1289 recv_connect(struct imsg *imsg)
1291 struct gotd_session_client *client = &gotd_session_client;
1292 struct gotd_imsg_connect iconnect;
1295 if (client->state != GOTD_STATE_EXPECT_LIST_REFS)
1296 return got_error(GOT_ERR_PRIVSEP_MSG);
1298 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1299 if (datalen != sizeof(iconnect))
1300 return got_error(GOT_ERR_PRIVSEP_LEN);
1301 memcpy(&iconnect, imsg->data, sizeof(iconnect));
1303 client->euid = iconnect.euid;
1304 client->egid = iconnect.egid;
1305 client->fd = imsg_get_fd(imsg);
1306 if (client->fd == -1)
1307 return got_error(GOT_ERR_PRIVSEP_NO_FD);
1309 imsg_init(&client->iev.ibuf, client->fd);
1310 client->iev.handler = session_dispatch_client;
1311 client->iev.events = EV_READ;
1312 client->iev.handler_arg = NULL;
1313 event_set(&client->iev.ev, client->iev.ibuf.fd, EV_READ,
1314 session_dispatch_client, &client->iev);
1315 gotd_imsg_event_add(&client->iev);
1316 evtimer_set(&client->tmo, gotd_request_timeout, client);
1321 static const struct got_error *
1322 recv_repo_child(struct imsg *imsg)
1324 struct gotd_imsg_connect_repo_child ichild;
1325 struct gotd_session_client *client = &gotd_session_client;
1329 if (client->state != GOTD_STATE_EXPECT_LIST_REFS)
1330 return got_error(GOT_ERR_PRIVSEP_MSG);
1332 /* We should already have received a pipe to the listener. */
1333 if (client->fd == -1)
1334 return got_error(GOT_ERR_PRIVSEP_MSG);
1336 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1337 if (datalen != sizeof(ichild))
1338 return got_error(GOT_ERR_PRIVSEP_LEN);
1340 memcpy(&ichild, imsg->data, sizeof(ichild));
1342 client->id = ichild.client_id;
1343 if (ichild.proc_id == PROC_REPO_WRITE)
1344 client->is_writing = 1;
1345 else if (ichild.proc_id == PROC_REPO_READ)
1346 client->is_writing = 0;
1348 return got_error_msg(GOT_ERR_PRIVSEP_MSG,
1349 "bad child process type");
1351 fd = imsg_get_fd(imsg);
1353 return got_error(GOT_ERR_PRIVSEP_NO_FD);
1355 imsg_init(&client->repo_child_iev.ibuf, fd);
1356 client->repo_child_iev.handler = session_dispatch_repo_child;
1357 client->repo_child_iev.events = EV_READ;
1358 client->repo_child_iev.handler_arg = NULL;
1359 event_set(&client->repo_child_iev.ev, client->repo_child_iev.ibuf.fd,
1360 EV_READ, session_dispatch_repo_child, &client->repo_child_iev);
1361 gotd_imsg_event_add(&client->repo_child_iev);
1363 /* The "recvfd" pledge promise is no longer needed. */
1364 if (pledge("stdio rpath wpath cpath sendfd fattr flock", NULL) == -1)
1371 session_dispatch(int fd, short event, void *arg)
1373 struct gotd_imsgev *iev = arg;
1374 struct imsgbuf *ibuf = &iev->ibuf;
1375 struct gotd_session_client *client = &gotd_session_client;
1380 if (event & EV_READ) {
1381 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
1382 fatal("imsg_read error");
1384 /* Connection closed. */
1390 if (event & EV_WRITE) {
1391 n = msgbuf_write(&ibuf->w);
1392 if (n == -1 && errno != EAGAIN)
1393 fatal("msgbuf_write");
1395 /* Connection closed. */
1402 const struct got_error *err = NULL;
1403 uint32_t client_id = 0;
1404 int do_disconnect = 0, do_list_refs = 0;
1406 if ((n = imsg_get(ibuf, &imsg)) == -1)
1407 fatal("%s: imsg_get error", __func__);
1408 if (n == 0) /* No more messages. */
1411 switch (imsg.hdr.type) {
1412 case GOTD_IMSG_ERROR:
1414 err = gotd_imsg_recv_error(&client_id, &imsg);
1416 case GOTD_IMSG_CONNECT:
1417 err = recv_connect(&imsg);
1419 case GOTD_IMSG_DISCONNECT:
1422 case GOTD_IMSG_CONNECT_REPO_CHILD:
1423 err = recv_repo_child(&imsg);
1429 log_debug("unexpected imsg %d", imsg.hdr.type);
1434 if (do_disconnect) {
1436 disconnect_on_error(client, err);
1439 } else if (do_list_refs)
1440 err = list_refs_request();
1443 log_warnx("uid %d: %s", client->euid, err->msg);
1447 gotd_imsg_event_add(iev);
1449 /* This pipe is dead. Remove its event handler */
1450 event_del(&iev->ev);
1451 event_loopexit(NULL);
1456 session_main(const char *title, const char *repo_path,
1457 int *pack_fds, int *temp_fds, struct timeval *request_timeout,
1458 enum gotd_procid proc_id)
1460 const struct got_error *err = NULL;
1461 struct event evsigint, evsigterm, evsighup, evsigusr1;
1463 gotd_session.title = title;
1464 gotd_session.pid = getpid();
1465 gotd_session.pack_fds = pack_fds;
1466 gotd_session.temp_fds = temp_fds;
1467 memcpy(&gotd_session.request_timeout, request_timeout,
1468 sizeof(gotd_session.request_timeout));
1469 gotd_session.proc_id = proc_id;
1471 err = got_repo_open(&gotd_session.repo, repo_path, NULL, pack_fds);
1474 if (!got_repo_is_bare(gotd_session.repo)) {
1475 err = got_error_msg(GOT_ERR_NOT_GIT_REPO,
1476 "bare git repository required");
1480 got_repo_temp_fds_set(gotd_session.repo, temp_fds);
1482 signal_set(&evsigint, SIGINT, gotd_session_sighdlr, NULL);
1483 signal_set(&evsigterm, SIGTERM, gotd_session_sighdlr, NULL);
1484 signal_set(&evsighup, SIGHUP, gotd_session_sighdlr, NULL);
1485 signal_set(&evsigusr1, SIGUSR1, gotd_session_sighdlr, NULL);
1486 signal(SIGPIPE, SIG_IGN);
1488 signal_add(&evsigint, NULL);
1489 signal_add(&evsigterm, NULL);
1490 signal_add(&evsighup, NULL);
1491 signal_add(&evsigusr1, NULL);
1493 gotd_session_client.state = GOTD_STATE_EXPECT_LIST_REFS;
1494 gotd_session_client.fd = -1;
1495 gotd_session_client.nref_updates = -1;
1496 gotd_session_client.delta_cache_fd = -1;
1497 gotd_session_client.accept_flush_pkt = 1;
1499 imsg_init(&gotd_session.parent_iev.ibuf, GOTD_FILENO_MSG_PIPE);
1500 gotd_session.parent_iev.handler = session_dispatch;
1501 gotd_session.parent_iev.events = EV_READ;
1502 gotd_session.parent_iev.handler_arg = NULL;
1503 event_set(&gotd_session.parent_iev.ev, gotd_session.parent_iev.ibuf.fd,
1504 EV_READ, session_dispatch, &gotd_session.parent_iev);
1505 if (gotd_imsg_compose_event(&gotd_session.parent_iev,
1506 GOTD_IMSG_CLIENT_SESSION_READY, gotd_session.proc_id,
1507 -1, NULL, 0) == -1) {
1508 err = got_error_from_errno("imsg compose CLIENT_SESSION_READY");
1515 log_warnx("%s: %s", title, err->msg);
1516 gotd_session_shutdown();
1520 gotd_session_shutdown(void)
1522 log_debug("shutting down");
1523 if (gotd_session.repo)
1524 got_repo_close(gotd_session.repo);
1525 got_repo_pack_fds_close(gotd_session.pack_fds);
1526 got_repo_temp_fds_close(gotd_session.temp_fds);