2 * Copyright (c) 2022, 2023 Stefan Sperling <stsp@openbsd.org>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 #include "got_compat.h"
19 #include <sys/types.h>
20 #include <sys/queue.h>
21 #include <sys/socket.h>
36 #include "got_compat.h"
38 #include "got_error.h"
39 #include "got_repository.h"
40 #include "got_object.h"
42 #include "got_reference.h"
43 #include "got_opentemp.h"
45 #include "got_lib_hash.h"
46 #include "got_lib_delta.h"
47 #include "got_lib_object.h"
48 #include "got_lib_object_cache.h"
49 #include "got_lib_pack.h"
50 #include "got_lib_repository.h"
51 #include "got_lib_gitproto.h"
57 struct gotd_session_notif {
58 STAILQ_ENTRY(gotd_session_notif) entry;
60 enum gotd_notification_action action;
62 struct got_object_id old_id;
63 struct got_object_id new_id;
65 STAILQ_HEAD(gotd_session_notifications, gotd_session_notif) notifications;
67 static struct gotd_session {
70 struct got_repository *repo;
71 struct gotd_repo *repo_cfg;
74 struct gotd_imsgev parent_iev;
75 struct gotd_imsgev notifier_iev;
76 struct timeval request_timeout;
77 enum gotd_procid proc_id;
78 enum gotd_session_state state;
79 struct gotd_imsgev repo_child_iev;
82 static struct gotd_session_client {
84 struct gotd_client_capability *capabilities;
90 struct gotd_imsgev iev;
100 } gotd_session_client;
102 void gotd_session_sighdlr(int sig, short event, void *arg);
103 static void gotd_session_shutdown(void);
106 disconnect(struct gotd_session_client *client)
108 log_debug("uid %d: disconnecting", client->euid);
110 if (gotd_imsg_compose_event(&gotd_session.parent_iev,
111 GOTD_IMSG_DISCONNECT, gotd_session.proc_id, -1, NULL, 0) == -1)
112 log_warn("imsg compose DISCONNECT");
114 imsg_clear(&gotd_session.repo_child_iev.ibuf);
115 event_del(&gotd_session.repo_child_iev.ev);
116 evtimer_del(&client->tmo);
118 if (client->delta_cache_fd != -1)
119 close(client->delta_cache_fd);
120 if (client->packfile_path) {
121 if (unlink(client->packfile_path) == -1 && errno != ENOENT)
122 log_warn("unlink %s: ", client->packfile_path);
123 free(client->packfile_path);
125 if (client->packidx_path) {
126 if (unlink(client->packidx_path) == -1 && errno != ENOENT)
127 log_warn("unlink %s: ", client->packidx_path);
128 free(client->packidx_path);
130 free(client->capabilities);
132 gotd_session_shutdown();
136 disconnect_on_error(struct gotd_session_client *client,
137 const struct got_error *err)
141 if (err->code != GOT_ERR_EOF) {
142 log_warnx("uid %d: %s", client->euid, err->msg);
143 imsg_init(&ibuf, client->fd);
144 gotd_imsg_send_error(&ibuf, 0, gotd_session.proc_id, err);
152 gotd_request_timeout(int fd, short events, void *arg)
154 struct gotd_session_client *client = arg;
156 log_debug("disconnecting uid %d due to timeout", client->euid);
161 gotd_session_sighdlr(int sig, short event, void *arg)
164 * Normal signal handler rules don't apply because libevent
170 log_info("%s: ignoring SIGHUP", __func__);
173 log_info("%s: ignoring SIGUSR1", __func__);
177 gotd_session_shutdown();
181 fatalx("unexpected signal");
185 static const struct got_error *
186 recv_packfile_done(uint32_t *client_id, struct imsg *imsg)
188 struct gotd_imsg_packfile_done idone;
191 log_debug("packfile-done received");
193 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
194 if (datalen != sizeof(idone))
195 return got_error(GOT_ERR_PRIVSEP_LEN);
196 memcpy(&idone, imsg->data, sizeof(idone));
198 *client_id = idone.client_id;
202 static const struct got_error *
203 recv_packfile_install(uint32_t *client_id, struct imsg *imsg)
205 struct gotd_imsg_packfile_install inst;
208 log_debug("packfile-install received");
210 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
211 if (datalen != sizeof(inst))
212 return got_error(GOT_ERR_PRIVSEP_LEN);
213 memcpy(&inst, imsg->data, sizeof(inst));
215 *client_id = inst.client_id;
219 static const struct got_error *
220 recv_ref_updates_start(uint32_t *client_id, struct imsg *imsg)
222 struct gotd_imsg_ref_updates_start istart;
225 log_debug("ref-updates-start received");
227 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
228 if (datalen != sizeof(istart))
229 return got_error(GOT_ERR_PRIVSEP_LEN);
230 memcpy(&istart, imsg->data, sizeof(istart));
232 *client_id = istart.client_id;
236 static const struct got_error *
237 recv_ref_update(uint32_t *client_id, struct imsg *imsg)
239 struct gotd_imsg_ref_update iref;
242 log_debug("ref-update received");
244 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
245 if (datalen < sizeof(iref))
246 return got_error(GOT_ERR_PRIVSEP_LEN);
247 memcpy(&iref, imsg->data, sizeof(iref));
249 *client_id = iref.client_id;
253 static const struct got_error *
254 send_ref_update_ok(struct gotd_session_client *client,
255 struct gotd_imsg_ref_update *iref, const char *refname)
257 struct gotd_imsg_ref_update_ok iok;
258 struct gotd_imsgev *iev = &client->iev;
262 memset(&iok, 0, sizeof(iok));
263 iok.client_id = client->id;
264 memcpy(iok.old_id, iref->old_id, SHA1_DIGEST_LENGTH);
265 memcpy(iok.new_id, iref->new_id, SHA1_DIGEST_LENGTH);
266 iok.name_len = strlen(refname);
268 len = sizeof(iok) + iok.name_len;
269 wbuf = imsg_create(&iev->ibuf, GOTD_IMSG_REF_UPDATE_OK,
270 gotd_session.proc_id, gotd_session.pid, len);
272 return got_error_from_errno("imsg_create REF_UPDATE_OK");
274 if (imsg_add(wbuf, &iok, sizeof(iok)) == -1)
275 return got_error_from_errno("imsg_add REF_UPDATE_OK");
276 if (imsg_add(wbuf, refname, iok.name_len) == -1)
277 return got_error_from_errno("imsg_add REF_UPDATE_OK");
279 imsg_close(&iev->ibuf, wbuf);
280 gotd_imsg_event_add(iev);
285 send_refs_updated(struct gotd_session_client *client)
287 if (gotd_imsg_compose_event(&client->iev, GOTD_IMSG_REFS_UPDATED,
288 gotd_session.proc_id, -1, NULL, 0) == -1)
289 log_warn("imsg compose REFS_UPDATED");
292 static const struct got_error *
293 send_ref_update_ng(struct gotd_session_client *client,
294 struct gotd_imsg_ref_update *iref, const char *refname,
297 const struct got_error *ng_err;
298 struct gotd_imsg_ref_update_ng ing;
299 struct gotd_imsgev *iev = &client->iev;
303 memset(&ing, 0, sizeof(ing));
304 ing.client_id = client->id;
305 memcpy(ing.old_id, iref->old_id, SHA1_DIGEST_LENGTH);
306 memcpy(ing.new_id, iref->new_id, SHA1_DIGEST_LENGTH);
307 ing.name_len = strlen(refname);
309 ng_err = got_error_fmt(GOT_ERR_REF_BUSY, "%s", reason);
310 ing.reason_len = strlen(ng_err->msg);
312 len = sizeof(ing) + ing.name_len + ing.reason_len;
313 wbuf = imsg_create(&iev->ibuf, GOTD_IMSG_REF_UPDATE_NG,
314 gotd_session.proc_id, gotd_session.pid, len);
316 return got_error_from_errno("imsg_create REF_UPDATE_NG");
318 if (imsg_add(wbuf, &ing, sizeof(ing)) == -1)
319 return got_error_from_errno("imsg_add REF_UPDATE_NG");
320 if (imsg_add(wbuf, refname, ing.name_len) == -1)
321 return got_error_from_errno("imsg_add REF_UPDATE_NG");
322 if (imsg_add(wbuf, ng_err->msg, ing.reason_len) == -1)
323 return got_error_from_errno("imsg_add REF_UPDATE_NG");
325 imsg_close(&iev->ibuf, wbuf);
326 gotd_imsg_event_add(iev);
330 static const struct got_error *
331 install_pack(struct gotd_session_client *client, const char *repo_path,
334 const struct got_error *err = NULL;
335 struct gotd_imsg_packfile_install inst;
336 char hex[SHA1_DIGEST_STRING_LENGTH];
338 char *packfile_path = NULL, *packidx_path = NULL;
340 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
341 if (datalen != sizeof(inst))
342 return got_error(GOT_ERR_PRIVSEP_LEN);
343 memcpy(&inst, imsg->data, sizeof(inst));
345 if (client->packfile_path == NULL)
346 return got_error_msg(GOT_ERR_BAD_REQUEST,
347 "client has no pack file");
348 if (client->packidx_path == NULL)
349 return got_error_msg(GOT_ERR_BAD_REQUEST,
350 "client has no pack file index");
352 if (got_sha1_digest_to_str(inst.pack_sha1, hex, sizeof(hex)) == NULL)
353 return got_error_msg(GOT_ERR_NO_SPACE,
354 "could not convert pack file SHA1 to hex");
356 if (asprintf(&packfile_path, "/%s/%s/pack-%s.pack",
357 repo_path, GOT_OBJECTS_PACK_DIR, hex) == -1) {
358 err = got_error_from_errno("asprintf");
362 if (asprintf(&packidx_path, "/%s/%s/pack-%s.idx",
363 repo_path, GOT_OBJECTS_PACK_DIR, hex) == -1) {
364 err = got_error_from_errno("asprintf");
368 if (rename(client->packfile_path, packfile_path) == -1) {
369 err = got_error_from_errno3("rename", client->packfile_path,
374 free(client->packfile_path);
375 client->packfile_path = NULL;
377 if (rename(client->packidx_path, packidx_path) == -1) {
378 err = got_error_from_errno3("rename", client->packidx_path,
383 /* Ensure we re-read the pack index list upon next access. */
384 gotd_session.repo->pack_path_mtime.tv_sec = 0;
385 gotd_session.repo->pack_path_mtime.tv_nsec = 0;
387 free(client->packidx_path);
388 client->packidx_path = NULL;
395 static const struct got_error *
396 begin_ref_updates(struct gotd_session_client *client, struct imsg *imsg)
398 struct gotd_imsg_ref_updates_start istart;
401 if (client->nref_updates != -1)
402 return got_error(GOT_ERR_PRIVSEP_MSG);
404 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
405 if (datalen != sizeof(istart))
406 return got_error(GOT_ERR_PRIVSEP_LEN);
407 memcpy(&istart, imsg->data, sizeof(istart));
409 if (istart.nref_updates <= 0)
410 return got_error(GOT_ERR_PRIVSEP_MSG);
412 client->nref_updates = istart.nref_updates;
416 static const struct got_error *
417 validate_namespace(const char *namespace)
419 size_t len = strlen(namespace);
421 if (len < 5 || strncmp("refs/", namespace, 5) != 0 ||
422 namespace[len - 1] != '/') {
423 return got_error_fmt(GOT_ERR_BAD_REF_NAME,
424 "reference namespace '%s'", namespace);
430 static const struct got_error *
431 queue_notification(struct got_object_id *old_id, struct got_object_id *new_id,
432 struct got_repository *repo, struct got_reference *ref)
434 const struct got_error *err = NULL;
435 struct gotd_repo *repo_cfg = gotd_session.repo_cfg;
436 struct gotd_imsgev *iev = &gotd_session.repo_child_iev;
437 struct got_pathlist_entry *pe;
438 struct gotd_session_notif *notif;
440 if (iev->ibuf.fd == -1 ||
441 STAILQ_EMPTY(&repo_cfg->notification_targets))
442 return NULL; /* notifications unused */
444 TAILQ_FOREACH(pe, &repo_cfg->notification_refs, entry) {
445 const char *refname = pe->path;
446 if (strcmp(got_ref_get_name(ref), refname) == 0)
450 TAILQ_FOREACH(pe, &repo_cfg->notification_ref_namespaces,
452 const char *namespace = pe->path;
454 err = validate_namespace(namespace);
457 if (strncmp(namespace, got_ref_get_name(ref),
458 strlen(namespace)) == 0)
464 * If a branch or a reference namespace was specified in the
465 * configuration file then only send notifications if a match
468 if (pe == NULL && (!TAILQ_EMPTY(&repo_cfg->notification_refs) ||
469 !TAILQ_EMPTY(&repo_cfg->notification_ref_namespaces)))
472 notif = calloc(1, sizeof(*notif));
474 return got_error_from_errno("calloc");
479 notif->action = GOTD_NOTIF_ACTION_CREATED;
480 else if (new_id == NULL)
481 notif->action = GOTD_NOTIF_ACTION_REMOVED;
483 notif->action = GOTD_NOTIF_ACTION_CHANGED;
486 memcpy(¬if->old_id, old_id, sizeof(notif->old_id));
488 memcpy(¬if->new_id, new_id, sizeof(notif->new_id));
490 notif->refname = strdup(got_ref_get_name(ref));
491 if (notif->refname == NULL) {
492 err = got_error_from_errno("strdup");
496 STAILQ_INSERT_TAIL(¬ifications, notif, entry);
499 free(notif->refname);
505 /* Forward notification content to the NOTIFY process. */
506 static const struct got_error *
507 forward_notification(struct gotd_session_client *client, struct imsg *imsg)
509 const struct got_error *err = NULL;
510 struct gotd_imsgev *iev = &gotd_session.notifier_iev;
511 struct gotd_session_notif *notif;
512 struct gotd_imsg_notification_content icontent;
513 char *refname = NULL;
515 struct gotd_imsg_notify inotify;
518 memset(&inotify, 0, sizeof(inotify));
520 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
521 if (datalen < sizeof(icontent))
522 return got_error(GOT_ERR_PRIVSEP_LEN);
523 memcpy(&icontent, imsg->data, sizeof(icontent));
524 if (datalen != sizeof(icontent) + icontent.refname_len)
525 return got_error(GOT_ERR_PRIVSEP_LEN);
526 refname = strndup(imsg->data + sizeof(icontent), icontent.refname_len);
528 return got_error_from_errno("strndup");
530 notif = STAILQ_FIRST(¬ifications);
532 return got_error(GOT_ERR_PRIVSEP_MSG);
534 STAILQ_REMOVE(¬ifications, notif, gotd_session_notif, entry);
536 if (notif->action != icontent.action || notif->fd == -1 ||
537 strcmp(notif->refname, refname) != 0) {
538 err = got_error(GOT_ERR_PRIVSEP_MSG);
541 if (notif->action == GOTD_NOTIF_ACTION_CREATED) {
542 if (memcmp(notif->new_id.sha1, icontent.new_id,
543 SHA1_DIGEST_LENGTH) != 0) {
544 err = got_error_msg(GOT_ERR_PRIVSEP_MSG,
545 "received notification content for unknown event");
548 } else if (notif->action == GOTD_NOTIF_ACTION_REMOVED) {
549 if (memcmp(notif->old_id.sha1, icontent.old_id,
550 SHA1_DIGEST_LENGTH) != 0) {
551 err = got_error_msg(GOT_ERR_PRIVSEP_MSG,
552 "received notification content for unknown event");
555 } else if (memcmp(notif->old_id.sha1, icontent.old_id,
556 SHA1_DIGEST_LENGTH) != 0 ||
557 memcmp(notif->new_id.sha1, icontent.new_id,
558 SHA1_DIGEST_LENGTH) != 0) {
559 err = got_error_msg(GOT_ERR_PRIVSEP_MSG,
560 "received notification content for unknown event");
564 switch (notif->action) {
565 case GOTD_NOTIF_ACTION_CREATED:
568 case GOTD_NOTIF_ACTION_REMOVED:
571 case GOTD_NOTIF_ACTION_CHANGED:
575 err = got_error(GOT_ERR_PRIVSEP_MSG);
579 strlcpy(inotify.repo_name, gotd_session.repo_cfg->name,
580 sizeof(inotify.repo_name));
582 snprintf(inotify.subject_line, sizeof(inotify.subject_line),
583 "%s: %s %s %s", gotd_session.repo_cfg->name,
584 client->username, action, notif->refname);
586 if (gotd_imsg_compose_event(iev, GOTD_IMSG_NOTIFY,
587 PROC_SESSION_WRITE, notif->fd, &inotify, sizeof(inotify))
589 err = got_error_from_errno("imsg compose NOTIFY");
601 /* Request notification content from REPO_WRITE process. */
602 static const struct got_error *
603 request_notification(struct gotd_session_notif *notif)
605 const struct got_error *err = NULL;
606 struct gotd_session_client *client = &gotd_session_client;
607 struct gotd_imsgev *iev = &gotd_session.repo_child_iev;
608 struct gotd_imsg_notification_content icontent;
613 fd = got_opentempfd();
615 return got_error_from_errno("got_opentemp");
617 memset(&icontent, 0, sizeof(icontent));
618 icontent.client_id = client->id;
620 icontent.action = notif->action;
621 memcpy(&icontent.old_id, ¬if->old_id, sizeof(notif->old_id));
622 memcpy(&icontent.new_id, ¬if->new_id, sizeof(notif->new_id));
623 icontent.refname_len = strlen(notif->refname);
625 len = sizeof(icontent) + icontent.refname_len;
626 wbuf = imsg_create(&iev->ibuf, GOTD_IMSG_NOTIFY,
627 gotd_session.proc_id, gotd_session.pid, len);
629 err = got_error_from_errno("imsg_create NOTIFY");
632 if (imsg_add(wbuf, &icontent, sizeof(icontent)) == -1) {
633 err = got_error_from_errno("imsg_add NOTIFY");
636 if (imsg_add(wbuf, notif->refname, icontent.refname_len) == -1) {
637 err = got_error_from_errno("imsg_add NOTIFY");
642 if (notif->fd == -1) {
643 err = got_error_from_errno("dup");
647 ibuf_fd_set(wbuf, fd);
650 imsg_close(&iev->ibuf, wbuf);
651 gotd_imsg_event_add(iev);
658 static const struct got_error *
659 update_ref(int *shut, struct gotd_session_client *client,
660 const char *repo_path, struct imsg *imsg)
662 const struct got_error *err = NULL;
663 struct got_repository *repo = gotd_session.repo;
664 struct got_reference *ref = NULL;
665 struct gotd_imsg_ref_update iref;
666 struct got_object_id old_id, new_id;
667 struct gotd_session_notif *notif;
668 struct got_object_id *id = NULL;
669 char *refname = NULL;
672 char hex1[SHA1_DIGEST_STRING_LENGTH];
673 char hex2[SHA1_DIGEST_STRING_LENGTH];
675 log_debug("update-ref from uid %d", client->euid);
677 if (client->nref_updates <= 0)
678 return got_error(GOT_ERR_PRIVSEP_MSG);
680 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
681 if (datalen < sizeof(iref))
682 return got_error(GOT_ERR_PRIVSEP_LEN);
683 memcpy(&iref, imsg->data, sizeof(iref));
684 if (datalen != sizeof(iref) + iref.name_len)
685 return got_error(GOT_ERR_PRIVSEP_LEN);
686 refname = strndup(imsg->data + sizeof(iref), iref.name_len);
688 return got_error_from_errno("strndup");
690 log_debug("updating ref %s for uid %d", refname, client->euid);
692 memcpy(old_id.sha1, iref.old_id, SHA1_DIGEST_LENGTH);
693 memcpy(new_id.sha1, iref.new_id, SHA1_DIGEST_LENGTH);
694 err = got_repo_find_object_id(iref.delete_ref ? &old_id : &new_id,
699 if (iref.ref_is_new) {
700 err = got_ref_open(&ref, repo, refname, 0);
702 if (err->code != GOT_ERR_NOT_REF)
704 err = got_ref_alloc(&ref, refname, &new_id);
707 err = got_ref_write(ref, repo); /* will lock/unlock */
710 err = queue_notification(NULL, &new_id, repo, ref);
714 err = got_ref_resolve(&id, repo, ref);
717 got_object_id_hex(&new_id, hex1, sizeof(hex1));
718 got_object_id_hex(id, hex2, sizeof(hex2));
719 err = got_error_fmt(GOT_ERR_REF_BUSY,
720 "Addition %s: %s failed; %s: %s has been "
721 "created by someone else while transaction "
723 got_ref_get_name(ref), hex1,
724 got_ref_get_name(ref), hex2);
727 } else if (iref.delete_ref) {
728 err = got_ref_open(&ref, repo, refname, 1 /* lock */);
733 err = got_ref_resolve(&id, repo, ref);
737 if (got_object_id_cmp(id, &old_id) != 0) {
738 got_object_id_hex(&old_id, hex1, sizeof(hex1));
739 got_object_id_hex(id, hex2, sizeof(hex2));
740 err = got_error_fmt(GOT_ERR_REF_BUSY,
741 "Deletion %s: %s failed; %s: %s has been "
742 "created by someone else while transaction "
744 got_ref_get_name(ref), hex1,
745 got_ref_get_name(ref), hex2);
749 err = got_ref_delete(ref, repo);
752 err = queue_notification(&old_id, NULL, repo, ref);
758 err = got_ref_open(&ref, repo, refname, 1 /* lock */);
763 err = got_ref_resolve(&id, repo, ref);
767 if (got_object_id_cmp(id, &old_id) != 0) {
768 got_object_id_hex(&old_id, hex1, sizeof(hex1));
769 got_object_id_hex(id, hex2, sizeof(hex2));
770 err = got_error_fmt(GOT_ERR_REF_BUSY,
771 "Update %s: %s failed; %s: %s has been "
772 "created by someone else while transaction "
774 got_ref_get_name(ref), hex1,
775 got_ref_get_name(ref), hex2);
779 if (got_object_id_cmp(&new_id, &old_id) != 0) {
780 err = got_ref_change_ref(ref, &new_id);
783 err = got_ref_write(ref, repo);
786 err = queue_notification(&old_id, &new_id, repo, ref);
796 if (err->code == GOT_ERR_LOCKFILE_TIMEOUT) {
797 err = got_error_fmt(GOT_ERR_LOCKFILE_TIMEOUT,
798 "could not acquire exclusive file lock for %s",
801 send_ref_update_ng(client, &iref, refname, err->msg);
803 send_ref_update_ok(client, &iref, refname);
805 if (client->nref_updates > 0) {
806 client->nref_updates--;
807 if (client->nref_updates == 0) {
808 send_refs_updated(client);
809 notif = STAILQ_FIRST(¬ifications);
811 gotd_session.state = GOTD_STATE_NOTIFY;
812 err = request_notification(notif);
814 log_warn("could not send notification: "
816 client->flush_disconnect = 1;
819 client->flush_disconnect = 1;
824 const struct got_error *unlock_err;
825 unlock_err = got_ref_unlock(ref);
826 if (unlock_err && err == NULL)
836 static const struct got_error *
837 recv_notification_content(uint32_t *client_id, struct imsg *imsg)
839 struct gotd_imsg_notification_content inotif;
842 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
843 if (datalen < sizeof(inotif))
844 return got_error(GOT_ERR_PRIVSEP_LEN);
845 memcpy(&inotif, imsg->data, sizeof(inotif));
847 *client_id = inotif.client_id;
852 session_dispatch_repo_child(int fd, short event, void *arg)
854 struct gotd_imsgev *iev = arg;
855 struct imsgbuf *ibuf = &iev->ibuf;
856 struct gotd_session_client *client = &gotd_session_client;
861 if (event & EV_READ) {
862 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
863 fatal("imsg_read error");
865 /* Connection closed. */
871 if (event & EV_WRITE) {
872 n = msgbuf_write(&ibuf->w);
873 if (n == -1 && errno != EAGAIN)
874 fatal("msgbuf_write");
876 /* Connection closed. */
883 const struct got_error *err = NULL;
884 uint32_t client_id = 0;
885 int do_disconnect = 0;
886 int do_ref_updates = 0, do_ref_update = 0;
887 int do_packfile_install = 0, do_notify = 0;
889 if ((n = imsg_get(ibuf, &imsg)) == -1)
890 fatal("%s: imsg_get error", __func__);
891 if (n == 0) /* No more messages. */
894 switch (imsg.hdr.type) {
895 case GOTD_IMSG_ERROR:
897 err = gotd_imsg_recv_error(&client_id, &imsg);
899 case GOTD_IMSG_PACKFILE_DONE:
901 err = recv_packfile_done(&client_id, &imsg);
903 case GOTD_IMSG_PACKFILE_INSTALL:
904 err = recv_packfile_install(&client_id, &imsg);
906 do_packfile_install = 1;
908 case GOTD_IMSG_REF_UPDATES_START:
909 err = recv_ref_updates_start(&client_id, &imsg);
913 case GOTD_IMSG_REF_UPDATE:
914 err = recv_ref_update(&client_id, &imsg);
918 case GOTD_IMSG_NOTIFY:
919 err = recv_notification_content(&client_id, &imsg);
924 log_debug("unexpected imsg %d", imsg.hdr.type);
930 disconnect_on_error(client, err);
934 struct gotd_session_notif *notif;
936 if (do_packfile_install)
937 err = install_pack(client,
938 gotd_session.repo->path, &imsg);
939 else if (do_ref_updates)
940 err = begin_ref_updates(client, &imsg);
941 else if (do_ref_update)
942 err = update_ref(&shut, client,
943 gotd_session.repo->path, &imsg);
945 err = forward_notification(client, &imsg);
947 log_warnx("uid %d: %s", client->euid, err->msg);
949 notif = STAILQ_FIRST(¬ifications);
950 if (notif && do_notify) {
951 /* Request content for next notification. */
952 err = request_notification(notif);
954 log_warn("could not send notification: "
964 gotd_imsg_event_add(iev);
966 /* This pipe is dead. Remove its event handler */
968 event_loopexit(NULL);
972 static const struct got_error *
973 recv_capabilities(struct gotd_session_client *client, struct imsg *imsg)
975 struct gotd_imsg_capabilities icapas;
978 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
979 if (datalen != sizeof(icapas))
980 return got_error(GOT_ERR_PRIVSEP_LEN);
981 memcpy(&icapas, imsg->data, sizeof(icapas));
983 client->ncapa_alloc = icapas.ncapabilities;
984 client->capabilities = calloc(client->ncapa_alloc,
985 sizeof(*client->capabilities));
986 if (client->capabilities == NULL) {
987 client->ncapa_alloc = 0;
988 return got_error_from_errno("calloc");
991 log_debug("expecting %zu capabilities from uid %d",
992 client->ncapa_alloc, client->euid);
996 static const struct got_error *
997 recv_capability(struct gotd_session_client *client, struct imsg *imsg)
999 struct gotd_imsg_capability icapa;
1000 struct gotd_client_capability *capa;
1002 char *key, *value = NULL;
1004 if (client->capabilities == NULL ||
1005 client->ncapabilities >= client->ncapa_alloc) {
1006 return got_error_msg(GOT_ERR_BAD_REQUEST,
1007 "unexpected capability received");
1010 memset(&icapa, 0, sizeof(icapa));
1012 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1013 if (datalen < sizeof(icapa))
1014 return got_error(GOT_ERR_PRIVSEP_LEN);
1015 memcpy(&icapa, imsg->data, sizeof(icapa));
1017 if (datalen != sizeof(icapa) + icapa.key_len + icapa.value_len)
1018 return got_error(GOT_ERR_PRIVSEP_LEN);
1020 key = strndup(imsg->data + sizeof(icapa), icapa.key_len);
1022 return got_error_from_errno("strndup");
1023 if (icapa.value_len > 0) {
1024 value = strndup(imsg->data + sizeof(icapa) + icapa.key_len,
1026 if (value == NULL) {
1028 return got_error_from_errno("strndup");
1032 capa = &client->capabilities[client->ncapabilities++];
1034 capa->value = value;
1037 log_debug("uid %d: capability %s=%s", client->euid, key, value);
1039 log_debug("uid %d: capability %s", client->euid, key);
1044 static const struct got_error *
1045 ensure_client_is_reading(struct gotd_session_client *client)
1047 if (client->is_writing) {
1048 return got_error_fmt(GOT_ERR_BAD_PACKET,
1049 "uid %d made a read-request but is not reading from "
1050 "a repository", client->euid);
1056 static const struct got_error *
1057 ensure_client_is_writing(struct gotd_session_client *client)
1059 if (!client->is_writing) {
1060 return got_error_fmt(GOT_ERR_BAD_PACKET,
1061 "uid %d made a write-request but is not writing to "
1062 "a repository", client->euid);
1068 static const struct got_error *
1069 forward_want(struct gotd_session_client *client, struct imsg *imsg)
1071 struct gotd_imsg_want ireq;
1072 struct gotd_imsg_want iwant;
1075 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1076 if (datalen != sizeof(ireq))
1077 return got_error(GOT_ERR_PRIVSEP_LEN);
1079 memcpy(&ireq, imsg->data, datalen);
1081 memset(&iwant, 0, sizeof(iwant));
1082 memcpy(iwant.object_id, ireq.object_id, SHA1_DIGEST_LENGTH);
1083 iwant.client_id = client->id;
1085 if (gotd_imsg_compose_event(&gotd_session.repo_child_iev,
1086 GOTD_IMSG_WANT, gotd_session.proc_id, -1,
1087 &iwant, sizeof(iwant)) == -1)
1088 return got_error_from_errno("imsg compose WANT");
1093 static const struct got_error *
1094 forward_ref_update(struct gotd_session_client *client, struct imsg *imsg)
1096 const struct got_error *err = NULL;
1097 struct gotd_imsg_ref_update ireq;
1098 struct gotd_imsg_ref_update *iref = NULL;
1101 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1102 if (datalen < sizeof(ireq))
1103 return got_error(GOT_ERR_PRIVSEP_LEN);
1104 memcpy(&ireq, imsg->data, sizeof(ireq));
1105 if (datalen != sizeof(ireq) + ireq.name_len)
1106 return got_error(GOT_ERR_PRIVSEP_LEN);
1108 iref = malloc(datalen);
1110 return got_error_from_errno("malloc");
1111 memcpy(iref, imsg->data, datalen);
1113 iref->client_id = client->id;
1114 if (gotd_imsg_compose_event(&gotd_session.repo_child_iev,
1115 GOTD_IMSG_REF_UPDATE, gotd_session.proc_id, -1,
1116 iref, datalen) == -1)
1117 err = got_error_from_errno("imsg compose REF_UPDATE");
1122 static const struct got_error *
1123 forward_have(struct gotd_session_client *client, struct imsg *imsg)
1125 struct gotd_imsg_have ireq;
1126 struct gotd_imsg_have ihave;
1129 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1130 if (datalen != sizeof(ireq))
1131 return got_error(GOT_ERR_PRIVSEP_LEN);
1133 memcpy(&ireq, imsg->data, datalen);
1135 memset(&ihave, 0, sizeof(ihave));
1136 memcpy(ihave.object_id, ireq.object_id, SHA1_DIGEST_LENGTH);
1137 ihave.client_id = client->id;
1139 if (gotd_imsg_compose_event(&gotd_session.repo_child_iev,
1140 GOTD_IMSG_HAVE, gotd_session.proc_id, -1,
1141 &ihave, sizeof(ihave)) == -1)
1142 return got_error_from_errno("imsg compose HAVE");
1148 client_has_capability(struct gotd_session_client *client, const char *capastr)
1150 struct gotd_client_capability *capa;
1153 if (client->ncapabilities == 0)
1156 for (i = 0; i < client->ncapabilities; i++) {
1157 capa = &client->capabilities[i];
1158 if (strcmp(capa->key, capastr) == 0)
1165 static const struct got_error *
1166 recv_packfile(struct gotd_session_client *client)
1168 const struct got_error *err = NULL;
1169 struct gotd_imsg_recv_packfile ipack;
1170 struct gotd_imsg_packfile_pipe ipipe;
1171 struct gotd_imsg_packidx_file ifile;
1172 char *basepath = NULL, *pack_path = NULL, *idx_path = NULL;
1173 int packfd = -1, idxfd = -1;
1174 int pipe[2] = { -1, -1 };
1176 if (client->packfile_path) {
1177 return got_error_fmt(GOT_ERR_PRIVSEP_MSG,
1178 "uid %d already has a pack file", client->euid);
1181 if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pipe) == -1)
1182 return got_error_from_errno("socketpair");
1184 memset(&ipipe, 0, sizeof(ipipe));
1185 ipipe.client_id = client->id;
1187 /* Send pack pipe end 0 to repo child process. */
1188 if (gotd_imsg_compose_event(&gotd_session.repo_child_iev,
1189 GOTD_IMSG_PACKFILE_PIPE, gotd_session.proc_id, pipe[0],
1190 &ipipe, sizeof(ipipe)) == -1) {
1191 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
1197 /* Send pack pipe end 1 to gotsh(1) (expects just an fd, no data). */
1198 if (gotd_imsg_compose_event(&client->iev,
1199 GOTD_IMSG_PACKFILE_PIPE, gotd_session.proc_id, pipe[1],
1201 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
1204 if (asprintf(&basepath, "%s/%s/receiving-from-uid-%d.pack",
1205 got_repo_get_path(gotd_session.repo), GOT_OBJECTS_PACK_DIR,
1206 client->euid) == -1) {
1207 err = got_error_from_errno("asprintf");
1211 err = got_opentemp_named_fd(&pack_path, &packfd, basepath, "");
1214 if (fchmod(packfd, GOT_DEFAULT_PACK_MODE) == -1) {
1215 err = got_error_from_errno2("fchmod", pack_path);
1220 if (asprintf(&basepath, "%s/%s/receiving-from-uid-%d.idx",
1221 got_repo_get_path(gotd_session.repo), GOT_OBJECTS_PACK_DIR,
1222 client->euid) == -1) {
1223 err = got_error_from_errno("asprintf");
1227 err = got_opentemp_named_fd(&idx_path, &idxfd, basepath, "");
1230 if (fchmod(idxfd, GOT_DEFAULT_PACK_MODE) == -1) {
1231 err = got_error_from_errno2("fchmod", idx_path);
1235 memset(&ifile, 0, sizeof(ifile));
1236 ifile.client_id = client->id;
1237 if (gotd_imsg_compose_event(&gotd_session.repo_child_iev,
1238 GOTD_IMSG_PACKIDX_FILE, gotd_session.proc_id,
1239 idxfd, &ifile, sizeof(ifile)) == -1) {
1240 err = got_error_from_errno("imsg compose PACKIDX_FILE");
1246 memset(&ipack, 0, sizeof(ipack));
1247 ipack.client_id = client->id;
1248 if (client_has_capability(client, GOT_CAPA_REPORT_STATUS))
1249 ipack.report_status = 1;
1251 if (gotd_imsg_compose_event(&gotd_session.repo_child_iev,
1252 GOTD_IMSG_RECV_PACKFILE, gotd_session.proc_id, packfd,
1253 &ipack, sizeof(ipack)) == -1) {
1254 err = got_error_from_errno("imsg compose RECV_PACKFILE");
1262 if (pipe[0] != -1 && close(pipe[0]) == -1 && err == NULL)
1263 err = got_error_from_errno("close");
1264 if (pipe[1] != -1 && close(pipe[1]) == -1 && err == NULL)
1265 err = got_error_from_errno("close");
1266 if (packfd != -1 && close(packfd) == -1 && err == NULL)
1267 err = got_error_from_errno("close");
1268 if (idxfd != -1 && close(idxfd) == -1 && err == NULL)
1269 err = got_error_from_errno("close");
1274 client->packfile_path = pack_path;
1275 client->packidx_path = idx_path;
1280 static const struct got_error *
1281 send_packfile(struct gotd_session_client *client)
1283 const struct got_error *err = NULL;
1284 struct gotd_imsg_send_packfile ipack;
1285 struct gotd_imsg_packfile_pipe ipipe;
1288 if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pipe) == -1)
1289 return got_error_from_errno("socketpair");
1291 memset(&ipack, 0, sizeof(ipack));
1292 memset(&ipipe, 0, sizeof(ipipe));
1294 ipack.client_id = client->id;
1295 if (client_has_capability(client, GOT_CAPA_SIDE_BAND_64K))
1296 ipack.report_progress = 1;
1298 client->delta_cache_fd = got_opentempfd();
1299 if (client->delta_cache_fd == -1)
1300 return got_error_from_errno("got_opentempfd");
1302 if (gotd_imsg_compose_event(&gotd_session.repo_child_iev,
1303 GOTD_IMSG_SEND_PACKFILE, PROC_GOTD, client->delta_cache_fd,
1304 &ipack, sizeof(ipack)) == -1) {
1305 err = got_error_from_errno("imsg compose SEND_PACKFILE");
1311 ipipe.client_id = client->id;
1313 /* Send pack pipe end 0 to repo child process. */
1314 if (gotd_imsg_compose_event(&gotd_session.repo_child_iev,
1315 GOTD_IMSG_PACKFILE_PIPE, PROC_GOTD,
1316 pipe[0], &ipipe, sizeof(ipipe)) == -1) {
1317 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
1322 /* Send pack pipe end 1 to gotsh(1) (expects just an fd, no data). */
1323 if (gotd_imsg_compose_event(&client->iev,
1324 GOTD_IMSG_PACKFILE_PIPE, PROC_GOTD, pipe[1], NULL, 0) == -1)
1325 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
1331 session_dispatch_client(int fd, short events, void *arg)
1333 struct gotd_imsgev *iev = arg;
1334 struct imsgbuf *ibuf = &iev->ibuf;
1335 struct gotd_session_client *client = &gotd_session_client;
1336 const struct got_error *err = NULL;
1340 if (events & EV_WRITE) {
1341 while (ibuf->w.queued) {
1342 n = msgbuf_write(&ibuf->w);
1343 if (n == -1 && errno == EPIPE) {
1345 * The client has closed its socket.
1346 * This can happen when Git clients are
1347 * done sending pack file data.
1349 msgbuf_clear(&ibuf->w);
1351 } else if (n == -1 && errno != EAGAIN) {
1352 err = got_error_from_errno("imsg_flush");
1353 disconnect_on_error(client, err);
1357 /* Connection closed. */
1358 err = got_error(GOT_ERR_EOF);
1359 disconnect_on_error(client, err);
1364 if (client->flush_disconnect) {
1370 if ((events & EV_READ) == 0)
1373 memset(&imsg, 0, sizeof(imsg));
1375 while (err == NULL) {
1376 err = gotd_imsg_recv(&imsg, ibuf, 0);
1378 if (err->code == GOT_ERR_PRIVSEP_READ)
1380 else if (err->code == GOT_ERR_EOF &&
1381 gotd_session.state ==
1382 GOTD_STATE_EXPECT_CAPABILITIES) {
1384 * The client has closed its socket before
1385 * sending its capability announcement.
1386 * This can happen when Git clients have
1387 * no ref-updates to send.
1389 disconnect_on_error(client, err);
1395 evtimer_del(&client->tmo);
1397 switch (imsg.hdr.type) {
1398 case GOTD_IMSG_CAPABILITIES:
1399 if (gotd_session.state !=
1400 GOTD_STATE_EXPECT_CAPABILITIES) {
1401 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1402 "unexpected capabilities received");
1405 log_debug("receiving capabilities from uid %d",
1407 err = recv_capabilities(client, &imsg);
1409 case GOTD_IMSG_CAPABILITY:
1410 if (gotd_session.state != GOTD_STATE_EXPECT_CAPABILITIES) {
1411 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1412 "unexpected capability received");
1415 err = recv_capability(client, &imsg);
1416 if (err || client->ncapabilities < client->ncapa_alloc)
1418 if (!client->is_writing) {
1419 gotd_session.state = GOTD_STATE_EXPECT_WANT;
1420 client->accept_flush_pkt = 1;
1421 log_debug("uid %d: expecting want-lines",
1423 } else if (client->is_writing) {
1424 gotd_session.state = GOTD_STATE_EXPECT_REF_UPDATE;
1425 client->accept_flush_pkt = 1;
1426 log_debug("uid %d: expecting ref-update-lines",
1429 fatalx("client %d is both reading and writing",
1432 case GOTD_IMSG_WANT:
1433 if (gotd_session.state != GOTD_STATE_EXPECT_WANT) {
1434 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1435 "unexpected want-line received");
1438 log_debug("received want-line from uid %d",
1440 err = ensure_client_is_reading(client);
1443 client->accept_flush_pkt = 1;
1444 err = forward_want(client, &imsg);
1446 case GOTD_IMSG_REF_UPDATE:
1447 if (gotd_session.state != GOTD_STATE_EXPECT_REF_UPDATE &&
1448 gotd_session.state !=
1449 GOTD_STATE_EXPECT_MORE_REF_UPDATES) {
1450 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1451 "unexpected ref-update-line received");
1454 log_debug("received ref-update-line from uid %d",
1456 err = ensure_client_is_writing(client);
1459 err = forward_ref_update(client, &imsg);
1462 gotd_session.state = GOTD_STATE_EXPECT_MORE_REF_UPDATES;
1463 client->accept_flush_pkt = 1;
1465 case GOTD_IMSG_HAVE:
1466 if (gotd_session.state != GOTD_STATE_EXPECT_HAVE) {
1467 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1468 "unexpected have-line received");
1471 log_debug("received have-line from uid %d",
1473 err = ensure_client_is_reading(client);
1476 err = forward_have(client, &imsg);
1479 client->accept_flush_pkt = 1;
1481 case GOTD_IMSG_FLUSH:
1482 if (gotd_session.state == GOTD_STATE_EXPECT_WANT ||
1483 gotd_session.state == GOTD_STATE_EXPECT_HAVE) {
1484 err = ensure_client_is_reading(client);
1487 } else if (gotd_session.state ==
1488 GOTD_STATE_EXPECT_MORE_REF_UPDATES) {
1489 err = ensure_client_is_writing(client);
1492 } else if (gotd_session.state != GOTD_STATE_EXPECT_DONE) {
1493 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1494 "unexpected flush-pkt received");
1497 if (!client->accept_flush_pkt) {
1498 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1499 "unexpected flush-pkt received");
1504 * Accept just one flush packet at a time.
1505 * Future client state transitions will set this flag
1506 * again if another flush packet is expected.
1508 client->accept_flush_pkt = 0;
1510 log_debug("received flush-pkt from uid %d",
1512 if (gotd_session.state == GOTD_STATE_EXPECT_WANT) {
1513 gotd_session.state = GOTD_STATE_EXPECT_HAVE;
1514 log_debug("uid %d: expecting have-lines",
1516 } else if (gotd_session.state == GOTD_STATE_EXPECT_HAVE) {
1517 gotd_session.state = GOTD_STATE_EXPECT_DONE;
1518 client->accept_flush_pkt = 1;
1519 log_debug("uid %d: expecting 'done'",
1521 } else if (gotd_session.state ==
1522 GOTD_STATE_EXPECT_MORE_REF_UPDATES) {
1523 gotd_session.state = GOTD_STATE_EXPECT_PACKFILE;
1524 log_debug("uid %d: expecting packfile",
1526 err = recv_packfile(client);
1527 } else if (gotd_session.state != GOTD_STATE_EXPECT_DONE) {
1528 /* should not happen, see above */
1529 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1530 "unexpected client state");
1534 case GOTD_IMSG_DONE:
1535 if (gotd_session.state != GOTD_STATE_EXPECT_HAVE &&
1536 gotd_session.state != GOTD_STATE_EXPECT_DONE) {
1537 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1538 "unexpected flush-pkt received");
1541 log_debug("received 'done' from uid %d", client->euid);
1542 err = ensure_client_is_reading(client);
1545 gotd_session.state = GOTD_STATE_DONE;
1546 client->accept_flush_pkt = 1;
1547 err = send_packfile(client);
1550 log_debug("unexpected imsg %d", imsg.hdr.type);
1551 err = got_error(GOT_ERR_PRIVSEP_MSG);
1559 if (err->code != GOT_ERR_EOF ||
1560 gotd_session.state != GOTD_STATE_EXPECT_PACKFILE)
1561 disconnect_on_error(client, err);
1563 gotd_imsg_event_add(iev);
1564 evtimer_add(&client->tmo, &gotd_session.request_timeout);
1568 static const struct got_error *
1569 list_refs_request(void)
1571 static const struct got_error *err;
1572 struct gotd_session_client *client = &gotd_session_client;
1573 struct gotd_imsgev *iev = &gotd_session.repo_child_iev;
1574 struct gotd_imsg_list_refs_internal ilref;
1577 if (gotd_session.state != GOTD_STATE_EXPECT_LIST_REFS)
1578 return got_error(GOT_ERR_PRIVSEP_MSG);
1580 memset(&ilref, 0, sizeof(ilref));
1581 ilref.client_id = client->id;
1583 fd = dup(client->fd);
1585 return got_error_from_errno("dup");
1587 if (gotd_imsg_compose_event(iev, GOTD_IMSG_LIST_REFS_INTERNAL,
1588 gotd_session.proc_id, fd, &ilref, sizeof(ilref)) == -1) {
1589 err = got_error_from_errno("imsg compose LIST_REFS_INTERNAL");
1594 gotd_session.state = GOTD_STATE_EXPECT_CAPABILITIES;
1595 log_debug("uid %d: expecting capabilities", client->euid);
1599 static const struct got_error *
1600 recv_connect(struct imsg *imsg)
1602 struct gotd_session_client *client = &gotd_session_client;
1603 struct gotd_imsg_connect iconnect;
1606 if (gotd_session.state != GOTD_STATE_EXPECT_LIST_REFS)
1607 return got_error(GOT_ERR_PRIVSEP_MSG);
1609 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1610 if (datalen < sizeof(iconnect))
1611 return got_error(GOT_ERR_PRIVSEP_LEN);
1612 memcpy(&iconnect, imsg->data, sizeof(iconnect));
1613 if (iconnect.username_len == 0 ||
1614 datalen != sizeof(iconnect) + iconnect.username_len)
1615 return got_error(GOT_ERR_PRIVSEP_LEN);
1617 client->euid = iconnect.euid;
1618 client->egid = iconnect.egid;
1619 client->fd = imsg_get_fd(imsg);
1620 if (client->fd == -1)
1621 return got_error(GOT_ERR_PRIVSEP_NO_FD);
1623 client->username = strndup(imsg->data + sizeof(iconnect),
1624 iconnect.username_len);
1625 if (client->username == NULL)
1626 return got_error_from_errno("strndup");
1628 imsg_init(&client->iev.ibuf, client->fd);
1629 client->iev.handler = session_dispatch_client;
1630 client->iev.events = EV_READ;
1631 client->iev.handler_arg = NULL;
1632 event_set(&client->iev.ev, client->iev.ibuf.fd, EV_READ,
1633 session_dispatch_client, &client->iev);
1634 gotd_imsg_event_add(&client->iev);
1635 evtimer_set(&client->tmo, gotd_request_timeout, client);
1641 session_dispatch_notifier(int fd, short event, void *arg)
1643 const struct got_error *err;
1644 struct gotd_session_client *client = &gotd_session_client;
1645 struct gotd_imsgev *iev = arg;
1646 struct imsgbuf *ibuf = &iev->ibuf;
1650 struct gotd_session_notif *notif;
1652 if (event & EV_READ) {
1653 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
1654 fatal("imsg_read error");
1656 /* Connection closed. */
1662 if (event & EV_WRITE) {
1663 n = msgbuf_write(&ibuf->w);
1664 if (n == -1 && errno != EAGAIN)
1665 fatal("msgbuf_write");
1667 /* Connection closed. */
1674 if ((n = imsg_get(ibuf, &imsg)) == -1)
1675 fatal("%s: imsg_get error", __func__);
1676 if (n == 0) /* No more messages. */
1679 switch (imsg.hdr.type) {
1680 case GOTD_IMSG_NOTIFICATION_SENT:
1681 if (gotd_session.state != GOTD_STATE_NOTIFY) {
1682 log_warn("unexpected imsg %d", imsg.hdr.type);
1685 notif = STAILQ_FIRST(¬ifications);
1686 if (notif == NULL) {
1688 break; /* NOTREACHED */
1690 /* Request content for the next notification. */
1691 err = request_notification(notif);
1693 log_warn("could not send notification: %s",
1699 log_debug("unexpected imsg %d", imsg.hdr.type);
1707 gotd_imsg_event_add(iev);
1709 /* This pipe is dead. Remove its event handler */
1710 event_del(&iev->ev);
1711 imsg_clear(&iev->ibuf);
1712 imsg_init(&iev->ibuf, -1);
1716 static const struct got_error *
1717 recv_notifier(struct imsg *imsg)
1719 struct gotd_imsgev *iev = &gotd_session.notifier_iev;
1720 struct gotd_session_client *client = &gotd_session_client;
1724 if (gotd_session.state != GOTD_STATE_EXPECT_LIST_REFS)
1725 return got_error(GOT_ERR_PRIVSEP_MSG);
1727 /* We should already have received a pipe to the listener. */
1728 if (client->fd == -1)
1729 return got_error(GOT_ERR_PRIVSEP_MSG);
1731 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1733 return got_error(GOT_ERR_PRIVSEP_LEN);
1735 fd = imsg_get_fd(imsg);
1737 return NULL; /* notifications unused */
1739 imsg_init(&iev->ibuf, fd);
1740 iev->handler = session_dispatch_notifier;
1741 iev->events = EV_READ;
1742 iev->handler_arg = NULL;
1743 event_set(&iev->ev, iev->ibuf.fd, EV_READ,
1744 session_dispatch_notifier, iev);
1745 gotd_imsg_event_add(iev);
1750 static const struct got_error *
1751 recv_repo_child(struct imsg *imsg)
1753 struct gotd_imsg_connect_repo_child ichild;
1754 struct gotd_session_client *client = &gotd_session_client;
1758 if (gotd_session.state != GOTD_STATE_EXPECT_LIST_REFS)
1759 return got_error(GOT_ERR_PRIVSEP_MSG);
1761 /* We should already have received a pipe to the listener. */
1762 if (client->fd == -1)
1763 return got_error(GOT_ERR_PRIVSEP_MSG);
1765 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1766 if (datalen != sizeof(ichild))
1767 return got_error(GOT_ERR_PRIVSEP_LEN);
1769 memcpy(&ichild, imsg->data, sizeof(ichild));
1771 client->id = ichild.client_id;
1772 if (ichild.proc_id == PROC_REPO_WRITE)
1773 client->is_writing = 1;
1774 else if (ichild.proc_id == PROC_REPO_READ)
1775 client->is_writing = 0;
1777 return got_error_msg(GOT_ERR_PRIVSEP_MSG,
1778 "bad child process type");
1780 fd = imsg_get_fd(imsg);
1782 return got_error(GOT_ERR_PRIVSEP_NO_FD);
1784 imsg_init(&gotd_session.repo_child_iev.ibuf, fd);
1785 gotd_session.repo_child_iev.handler = session_dispatch_repo_child;
1786 gotd_session.repo_child_iev.events = EV_READ;
1787 gotd_session.repo_child_iev.handler_arg = NULL;
1788 event_set(&gotd_session.repo_child_iev.ev,
1789 gotd_session.repo_child_iev.ibuf.fd, EV_READ,
1790 session_dispatch_repo_child, &gotd_session.repo_child_iev);
1791 gotd_imsg_event_add(&gotd_session.repo_child_iev);
1793 /* The "recvfd" pledge promise is no longer needed. */
1794 if (pledge("stdio rpath wpath cpath sendfd fattr flock", NULL) == -1)
1801 session_dispatch(int fd, short event, void *arg)
1803 struct gotd_imsgev *iev = arg;
1804 struct imsgbuf *ibuf = &iev->ibuf;
1805 struct gotd_session_client *client = &gotd_session_client;
1810 if (event & EV_READ) {
1811 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
1812 fatal("imsg_read error");
1814 /* Connection closed. */
1820 if (event & EV_WRITE) {
1821 n = msgbuf_write(&ibuf->w);
1822 if (n == -1 && errno != EAGAIN)
1823 fatal("msgbuf_write");
1825 /* Connection closed. */
1832 const struct got_error *err = NULL;
1833 uint32_t client_id = 0;
1834 int do_disconnect = 0, do_list_refs = 0;
1836 if ((n = imsg_get(ibuf, &imsg)) == -1)
1837 fatal("%s: imsg_get error", __func__);
1838 if (n == 0) /* No more messages. */
1841 switch (imsg.hdr.type) {
1842 case GOTD_IMSG_ERROR:
1844 err = gotd_imsg_recv_error(&client_id, &imsg);
1846 case GOTD_IMSG_CONNECT:
1847 err = recv_connect(&imsg);
1849 case GOTD_IMSG_DISCONNECT:
1852 case GOTD_IMSG_CONNECT_NOTIFIER:
1853 err = recv_notifier(&imsg);
1855 case GOTD_IMSG_CONNECT_REPO_CHILD:
1856 err = recv_repo_child(&imsg);
1862 log_debug("unexpected imsg %d", imsg.hdr.type);
1867 if (do_disconnect) {
1869 disconnect_on_error(client, err);
1872 } else if (do_list_refs)
1873 err = list_refs_request();
1876 log_warnx("uid %d: %s", client->euid, err->msg);
1880 gotd_imsg_event_add(iev);
1882 /* This pipe is dead. Remove its event handler */
1883 event_del(&iev->ev);
1884 event_loopexit(NULL);
1889 session_main(const char *title, const char *repo_path,
1890 int *pack_fds, int *temp_fds, struct timeval *request_timeout,
1891 struct gotd_repo *repo_cfg, enum gotd_procid proc_id)
1893 const struct got_error *err = NULL;
1894 struct event evsigint, evsigterm, evsighup, evsigusr1;
1896 STAILQ_INIT(¬ifications);
1898 gotd_session.title = title;
1899 gotd_session.pid = getpid();
1900 gotd_session.pack_fds = pack_fds;
1901 gotd_session.temp_fds = temp_fds;
1902 memcpy(&gotd_session.request_timeout, request_timeout,
1903 sizeof(gotd_session.request_timeout));
1904 gotd_session.repo_cfg = repo_cfg;
1905 gotd_session.proc_id = proc_id;
1907 imsg_init(&gotd_session.notifier_iev.ibuf, -1);
1909 err = got_repo_open(&gotd_session.repo, repo_path, NULL, pack_fds);
1912 if (!got_repo_is_bare(gotd_session.repo)) {
1913 err = got_error_msg(GOT_ERR_NOT_GIT_REPO,
1914 "bare git repository required");
1918 got_repo_temp_fds_set(gotd_session.repo, temp_fds);
1920 signal_set(&evsigint, SIGINT, gotd_session_sighdlr, NULL);
1921 signal_set(&evsigterm, SIGTERM, gotd_session_sighdlr, NULL);
1922 signal_set(&evsighup, SIGHUP, gotd_session_sighdlr, NULL);
1923 signal_set(&evsigusr1, SIGUSR1, gotd_session_sighdlr, NULL);
1924 signal(SIGPIPE, SIG_IGN);
1926 signal_add(&evsigint, NULL);
1927 signal_add(&evsigterm, NULL);
1928 signal_add(&evsighup, NULL);
1929 signal_add(&evsigusr1, NULL);
1931 gotd_session.state = GOTD_STATE_EXPECT_LIST_REFS;
1933 gotd_session_client.fd = -1;
1934 gotd_session_client.nref_updates = -1;
1935 gotd_session_client.delta_cache_fd = -1;
1936 gotd_session_client.accept_flush_pkt = 1;
1938 imsg_init(&gotd_session.parent_iev.ibuf, GOTD_FILENO_MSG_PIPE);
1939 gotd_session.parent_iev.handler = session_dispatch;
1940 gotd_session.parent_iev.events = EV_READ;
1941 gotd_session.parent_iev.handler_arg = NULL;
1942 event_set(&gotd_session.parent_iev.ev, gotd_session.parent_iev.ibuf.fd,
1943 EV_READ, session_dispatch, &gotd_session.parent_iev);
1944 if (gotd_imsg_compose_event(&gotd_session.parent_iev,
1945 GOTD_IMSG_CLIENT_SESSION_READY, gotd_session.proc_id,
1946 -1, NULL, 0) == -1) {
1947 err = got_error_from_errno("imsg compose CLIENT_SESSION_READY");
1954 log_warnx("%s: %s", title, err->msg);
1955 gotd_session_shutdown();
1959 gotd_session_shutdown(void)
1961 struct gotd_session_notif *notif;
1963 log_debug("shutting down");
1965 while (!STAILQ_EMPTY(¬ifications)) {
1966 notif = STAILQ_FIRST(¬ifications);
1967 STAILQ_REMOVE_HEAD(¬ifications, entry);
1968 if (notif->fd != -1)
1970 free(notif->refname);
1974 if (gotd_session.repo)
1975 got_repo_close(gotd_session.repo);
1976 got_repo_pack_fds_close(gotd_session.pack_fds);
1977 got_repo_temp_fds_close(gotd_session.temp_fds);
1978 free(gotd_session_client.username);
