Gotweb

Blob

Date:: Sun Apr 28 20:54:45 2024 UTC
Message:: redo "got-fetch-http: fix GET request URL", without breaking tests My previous fix for ~user in SSH URLs broke ~user in HTTP URLs, as used on sourcehut. Sanitize the amount of leading and embedded slashes in URLs to make things work in all cases. The root cause of the test problem with naddy's previous diff was likely in the http-server script itself, where a request like GET //repo//info/refs?service=git-upload-pack somehow ended up as GET $testroot///info/refs. We work around this here by avoiding the double slashes.
Actions:: History | Blame | Raw File
1 /*
2  * Copyright (c) 2024 Tobias Heider <me@tobhe.de>
3  * Copyright (c) 2022 Omar Polo <op@openbsd.org>
4  *
5  * Permission to use, copy, modify, and distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16  */
17 
18 #include <sys/types.h>
19 #include <sys/queue.h>
20 #include <sys/socket.h>
21 
22 #include <err.h>
23 #include <errno.h>
24 #include <limits.h>
25 #include <netdb.h>
26 #include <poll.h>
27 #include <stdio.h>
28 #include <stdlib.h>
29 #include <string.h>
30 #include <tls.h>
31 #include <unistd.h>
32 
33 #include "got_error.h"
34 #include "got_path.h"
35 #include "got_version.h"
36 
37 #include "got_lib_pkt.h"
38 
39 #include "bufio.h"
40 
41 #define UPLOAD_PACK_ADV "application/x-git-upload-pack-advertisement"
42 #define UPLOAD_PACK_REQ "application/x-git-upload-pack-request"
43 #define UPLOAD_PACK_RES "application/x-git-upload-pack-result"
44 
45 #define	GOT_USERAGENT	"got/" GOT_VERSION_STR
46 #define MINIMUM(a, b)	((a) < (b) ? (a) : (b))
47 #define hasprfx(str, p)	(strncasecmp(str, p, strlen(p)) == 0)
48 
49 FILE *tmp;
50 
51 static int	verbose;
52 
53 static char *
54 bufio_getdelim_sync(struct bufio *bio, const char *nl, size_t *len)
55 {
56 	int	r;
57 
58 	do {
59 		r = bufio_read(bio);
60 		if (r == -1 && errno != EAGAIN)
61 			errx(1, "bufio_read: %s", bufio_io_err(bio));
62 	} while (r == -1 && errno == EAGAIN);
63 	return buf_getdelim(&bio->rbuf, nl, len);
64 }
65 
66 static size_t
67 bufio_drain_sync(struct bufio *bio, void *d, size_t len)
68 {
69 	int	r;
70 
71 	do {
72 		r = bufio_read(bio);
73 		if (r == -1 && errno != EAGAIN)
74 			errx(1, "bufio_read: %s", bufio_io_err(bio));
75 	} while (r == -1 && errno == EAGAIN);
76 	return bufio_drain(bio, d, len);
77 }
78 
79 static void
80 bufio_close_sync(struct bufio *bio)
81 {
82 	int	 r;
83 
84 	do {
85 		r = bufio_close(bio);
86 		if (r == -1 && errno == EAGAIN)
87 			errx(1, "bufio_read: %s", bufio_io_err(bio));
88 	} while (r == -1 && errno == EAGAIN);
89 }
90 
91 static long long
92 hexstrtonum(const char *str, long long min, long long max, const char **errstr)
93 {
94 	long long	 lval;
95 	char		*cp;
96 
97 	errno = 0;
98 	lval = strtoll(str, &cp, 16);
99 	if (*str == '\0' || *cp != '\0') {
100 		*errstr = "not a number";
101 		return 0;
102 	}
103 	if ((errno == ERANGE && (lval == LONG_MAX || lval == LONG_MIN)) ||
104 	    lval < min || lval > max) {
105 		*errstr = "out of range";
106 		return 0;
107 	}
108 
109 	*errstr = NULL;
110 	return lval;
111 }
112 
113 static int
114 dial(int https, const char *host, const char *port)
115 {
116 	struct addrinfo		 hints, *res, *res0;
117 	int			 error, saved_errno, fd = -1;
118 	const char		*cause = NULL;
119 
120 	memset(&hints, 0, sizeof(hints));
121 	hints.ai_family = AF_UNSPEC;
122 	hints.ai_socktype = SOCK_STREAM;
123 	error = getaddrinfo(host, port, &hints, &res0);
124 	if (error) {
125 		warnx("%s", gai_strerror(error));
126 		return -1;
127 	}
128 
129 	for (res = res0; res; res = res->ai_next) {
130 		fd = socket(res->ai_family, res->ai_socktype,
131 		    res->ai_protocol);
132 		if (fd == -1) {
133 			cause = "socket";
134 			continue;
135 		}
136 
137 		if (connect(fd, res->ai_addr, res->ai_addrlen) == 0)
138 			break;
139 
140 		cause = "connect";
141 		saved_errno = errno;
142 		close(fd);
143 		fd = -1;
144 		errno = saved_errno;
145 	}
146 	freeaddrinfo(res0);
147 
148 	if (fd == -1) {
149 		warn("%s", cause);
150 		return -1;
151 	}
152 
153 	return fd;
154 }
155 
156 static int
157 http_open(struct bufio *bio, int https, const char *method, const char *host, const char *port,
158     const char *path, const char *path_sufx, const char *query, const char *ctype)
159 {
160 	const char	*chdr = NULL, *te = "";
161 	char		*p, *req;
162 	int		 r;
163 	
164 	if (strcmp(method, "POST") == 0)
165 		te = "\r\nTransfer-Encoding: chunked\r\n";
166 
167 	if (ctype)
168 		chdr = "Content-Type: ";
169 
170 	r = asprintf(&p, "%s%s/%s%s%s", got_path_is_absolute(path) ? "" :"/",
171 	    path, path_sufx, query ? "?" : "", query ? query : "");
172 	if (r == -1)
173 		err(1, "asprintf");
174 
175 	r = asprintf(&req, "%s %s HTTP/1.1\r\n"
176 	    "Host: %s\r\n"
177 	    "Connection: close\r\n"
178 	    "User-agent: %s\r\n"
179 	    "%s%s%s\r\n",
180 	    method, p, host, GOT_USERAGENT,
181 	    chdr ? chdr : "", ctype ? ctype : "", te);
182 	if (r == -1)
183 		err(1, "asprintf");
184 	free(p);
185 
186 	if (verbose > 0)
187 		fprintf(stderr, "%s: request: %s\n", getprogname(), req);
188 	
189 
190 	r = bufio_compose(bio, req, r);
191 	if (r == -1)
192 		err(1, "bufio_compose_fmt");
193 	free(req);
194 
195 	do {
196 		r = bufio_write(bio);
197 		if (r == -1 && errno != EAGAIN)
198 			errx(1, "bufio_read: %s", bufio_io_err(bio));
199 	} while (bio->wbuf.len != 0);
200 
201 	return 0;
202 }
203 
204 static int
205 http_parse_reply(struct bufio *bio, int *chunked, const char *expected_ctype)
206 {
207 	char		*cp, *line;
208 	size_t		 linelen;
209 
210 	*chunked = 0;
211 
212 	line = bufio_getdelim_sync(bio, "\r\n", &linelen);
213 	if (line == NULL) {
214 		warnx("%s: bufio_getdelim_sync()", __func__);
215 		return -1;
216 	}
217 
218 	if (verbose > 0)
219 		fprintf(stderr, "%s: response: %s\n", getprogname(), line);
220 
221 	if ((cp = strchr(line, ' ')) == NULL) {
222 		warnx("malformed HTTP response");
223 		return -1;
224 	}
225 	cp++;
226 
227 	if (strncmp(cp, "200 ", 4) != 0) {
228 		warnx("malformed HTTP response");
229 		return -1;
230 	}
231 	buf_drain(&bio->rbuf, linelen);
232 
233 	while(1) {
234 		line = bufio_getdelim_sync(bio, "\r\n", &linelen);
235 		if (line == NULL) {
236 			warnx("%s: bufio_getdelim_sync()", __func__);
237 			return -1;
238 		}
239 		if (*line == '\0') {
240 			buf_drain(&bio->rbuf, linelen);
241 			break;
242 		}
243 
244 		if (hasprfx(line, "content-type:")) {
245 			cp = strchr(line, ':') + 1;
246 			cp += strspn(cp, " \t");
247 			cp[strcspn(cp, " \t")] = '\0';
248 			if (strcmp(cp, expected_ctype) != 0) {
249 				warnx("server not using the \"smart\" "
250 				    "HTTP protocol.");
251 				return -1;
252 			}
253 		}
254 		if (hasprfx(line, "transfer-encoding:")) {
255 			cp = strchr(line, ':') + 1;
256 			cp += strspn(cp, " \t");
257 			cp[strcspn(cp, " \t")] = '\0';
258 			if (strcmp(cp, "chunked") != 0) {
259 				warnx("unknown transfer-encoding");
260 				return -1;
261 			}
262 			*chunked = 1;
263 		}
264 		buf_drain(&bio->rbuf, linelen);
265 	}
266 
267 	return 0;
268 }
269 
270 static ssize_t
271 http_read(struct bufio *bio, int chunked, size_t *chunksz, char *buf, size_t bufsz)
272 {
273 	const char	*errstr;
274 	char		*line = NULL;
275 	size_t		 r;
276 	ssize_t		 ret = 0, linelen;
277 
278 	if (!chunked)
279 		return bufio_drain_sync(bio, buf, bufsz);
280 
281 	while (bufsz > 0) {
282 		if (*chunksz == 0) {
283 		again:
284 			line = bufio_getdelim_sync(bio, "\r\n", &linelen);
285 			if (line == NULL) {
286 				buf_drain(&bio->rbuf, linelen);
287 				break;
288 			}
289 			if (*line == '\0') {
290 				buf_drain(&bio->rbuf, linelen);
291 				goto again; /* was the CRLF after the chunk */
292 			}
293 
294 			*chunksz = hexstrtonum(line, 0, INT_MAX, &errstr);
295 			if (errstr != NULL) {
296 				warnx("invalid HTTP chunk: size is %s (%s)",
297 				    errstr, line);
298 				ret = -1;
299 				break;
300 			}
301 
302 			if (*chunksz == 0) {
303 				buf_drain(&bio->rbuf, linelen);
304 				break;
305 			}
306 			buf_drain(&bio->rbuf, linelen);
307 		}
308 
309 		r = bufio_drain_sync(bio, buf, MINIMUM(*chunksz, bufsz));
310 		if (r == 0) {
311 			break;
312 		}
313 
314 		ret += r;
315 		buf += r;
316 		bufsz -= r;
317 		*chunksz -= r;
318 	}
319 
320 	return ret;
321 }
322 
323 static int
324 http_chunk(struct bufio *bio, const void *buf, size_t len)
325 {
326 	int r;
327 
328 	if (bufio_compose_fmt(bio, "%zx\r\n", len) ||
329 	    bufio_compose(bio, buf, len) ||
330 	    bufio_compose(bio, "\r\n", 2))
331 		return 1;
332 
333 	do {
334 		r = bufio_write(bio);
335 		if (r == -1 && errno != EAGAIN)
336 			errx(1, "bufio_read: %s", bufio_io_err(bio));
337 	} while (bio->wbuf.len != 0);
338 
339 	return 0;
340 }
341 
342 static int
343 get_refs(int https, const char *host, const char *port, const char *path)
344 {
345 	struct bufio		 bio;
346 	char			 buf[GOT_PKT_MAX];
347 	const struct got_error	*e;
348 	size_t			 chunksz = 0;
349 	ssize_t			 r;
350 	int			 skip;
351 	int			 chunked;
352 	int			 sock;
353 	int			 ret = -1;
354 
355 	if ((sock = dial(https, host, port)) == -1)
356 		return -1;
357 
358 	if (bufio_init(&bio)) {
359 		warnx("bufio_init");
360 		goto err;
361 	}
362 	bufio_set_fd(&bio, sock);
363 	if (https && bufio_starttls(&bio, host, 0, NULL, 0, NULL, 0) == -1) {
364 		warnx("bufio_starttls");
365 		goto err;
366 	}
367 
368 	if (http_open(&bio, https, "GET", host, port, path, "info/refs",
369 	    "service=git-upload-pack", NULL) == -1)
370 		goto err;
371 
372 	/* Fetch the initial reference announcement from the server. */
373 	if (http_parse_reply(&bio, &chunked, UPLOAD_PACK_ADV) == -1)
374 		goto err;
375 
376 	/* skip first pack; why git over http is like this? */
377 	r = http_read(&bio, chunked, &chunksz, buf, 4);
378 	if (r <= 0)
379 		goto err;
380 
381 	e = got_pkt_readlen(&skip, buf, verbose);
382 	if (e) {
383 		warnx("%s", e->msg);
384 		goto err;
385 	}
386 
387 	/* TODO: validate it's # service=git-upload-pack\n */
388 	while (skip > 0) {
389 		r = http_read(&bio, chunked, &chunksz, buf,
390 		    MINIMUM(skip, sizeof(buf)));
391 		if (r <= 0)
392 			goto err;
393 		skip -= r;
394 	}
395 
396 	for (;;) {
397 		r = http_read(&bio, chunked, &chunksz, buf, sizeof(buf));
398 		if (r == -1)
399 			goto err;
400 
401 		if (r == 0)
402 			break;
403 
404 		fwrite(buf, 1, r, stdout);
405 	}
406 
407 	fflush(stdout);
408 	ret = 0;
409 err:
410 	bufio_close_sync(&bio);
411 	bufio_free(&bio);
412 	return ret;
413 }
414 
415 static int
416 upload_request(int https, const char *host, const char *port, const char *path,
417     FILE *in)
418 {
419 	struct bufio		 bio;
420 	char			 buf[GOT_PKT_MAX];
421 	const struct got_error	*e;
422 	ssize_t			 r;
423 	size_t			 chunksz = 0;
424 	int			 t;
425 	int			 chunked;
426 	int			 sock;
427 	int			 ret = -1;
428 
429 	if ((sock = dial(https, host, port)) == -1)
430 		return -1;
431 
432 	if (bufio_init(&bio)) {
433 		warnx("bufio_init");
434 		goto err;
435 	}
436 	bufio_set_fd(&bio, sock);
437 	if (https && bufio_starttls(&bio, host, 0, NULL, 0, NULL, 0) == -1) {
438 		warnx("bufio_starttls");
439 		goto err;
440 	}
441 #ifndef PROFILE
442 	/* TODO: can we push this upwards such that get_refs() is covered? */
443 	if (pledge("stdio", NULL) == -1)
444 		err(1, "pledge");
445 #endif
446 	if (http_open(&bio, https, "POST", host, port, path, "git-upload-pack",
447 	    NULL, UPLOAD_PACK_REQ) == -1)
448 		goto err;
449 
450 	/*
451 	 * Read have/want lines generated by got-fetch-pack and forward
452 	 * them to the server in the POST request body.
453 	 */
454 	for (;;) {
455 		r = fread(buf, 1, 4, in);
456 		if (r != 4)
457 			goto err;
458 
459 		e = got_pkt_readlen(&t, buf, verbose);
460 		if (e) {
461 			warnx("%s", e->msg);
462 			goto err;
463 		}
464 
465 		if (t == 0) {
466 			const char *flushpkt = "0000";
467 			if (http_chunk(&bio, flushpkt, strlen(flushpkt)))
468 				goto err;
469 			continue; /* got-fetch-pack will send "done" */
470 		}
471 
472 		if (t < 6) {
473 			warnx("pktline len is too small");
474 			goto err;
475 		}
476 
477 		r = fread(buf + 4, 1, t - 4, in);
478 		if (r != t - 4)
479 			goto err;
480 
481 		if (http_chunk(&bio, buf, t))
482 			goto err;
483 
484 		/*
485 		 * Once got-fetch-pack is done the server will
486 		 * send pack file data.
487 		 */
488 		if (t == 9 && strncmp(buf + 4, "done\n", 5) == 0) {
489 			if (http_chunk(&bio, NULL, 0))
490 				goto err;
491 			break;
492 		}
493 	}
494 
495 	if (http_parse_reply(&bio, &chunked, UPLOAD_PACK_RES) == -1)
496 		goto err;
497 
498 	/* Fetch pack file data from server. */
499 	for (;;) {
500 		r = http_read(&bio, chunked, &chunksz, buf, sizeof(buf));
501 		if (r == -1)
502 			goto err;
503 
504 		if (r == 0)
505 			break;
506 
507 		fwrite(buf, 1, r, stdout);
508 	}
509 
510 	ret = 0;
511 err:
512 	bufio_close_sync(&bio);
513 	bufio_free(&bio);
514 	return ret;
515 }
516 
517 static __dead void
518 usage(void)
519 {
520 	fprintf(stderr, "usage: %s [-qv] proto host port path\n",
521 	     getprogname());
522 	exit(1);
523 }
524 
525 int
526 main(int argc, char **argv)
527 {
528 	struct pollfd	 pfd;
529 	const char	*host, *port;
530 	char		*path;
531 	int		 https = 0;
532 	int		 ch;
533 
534 #ifndef PROFILE
535 	if (pledge("stdio rpath inet dns unveil", NULL) == -1)
536 		err(1, "pledge");
537 #endif
538 
539 	while ((ch = getopt(argc, argv, "qv")) != -1) {
540 		switch (ch) {
541 		case 'q':
542 			verbose = -1;
543 			break;
544 		case 'v':
545 			verbose++;
546 			break;
547 		default:
548 			usage();
549 		}
550 	}
551 	argc -= optind;
552 	argv += optind;
553 
554 	if (argc != 4)
555 		usage();
556 
557 	https = strcmp(argv[0], "https") == 0;
558 #ifndef PROFILE
559 	if (https) {
560 		if (unveil("/etc/ssl/cert.pem", "r") == -1)
561 			err(1, "unveil /etc/ssl/cert.pem");
562 	} else {
563 		/* drop "rpath" */
564 		if (pledge("stdio inet dns unveil", NULL) == -1)
565 			err(1, "pledge");
566 	}
567 #else
568 	if (unveil("gmon.out", "rwc") != 0)
569 		err(1, "unveil gmon.out");
570 #endif
571 	if (unveil(NULL, NULL) == -1)
572 		err(1, "unveil NULL");
573 
574 	host = argv[1];
575 	port = argv[2];
576 	path = argv[3];
577 	got_path_strip_trailing_slashes(path);
578 
579 	if (get_refs(https, host, port, path) == -1)
580 		errx(1, "failed to get refs");
581 
582 	pfd.fd = 0;
583 	pfd.events = POLLIN;
584 	if (poll(&pfd, 1, INFTIM) == -1)
585 		err(1, "poll");
586 
587 	if ((ch = fgetc(stdin)) == EOF)
588 		return 0;
589 
590 	ungetc(ch, stdin);
591 	if (upload_request(https, host, port, path, stdin) == -1) {
592 		fflush(tmp);
593 		errx(1, "failed to upload request");
594 	}
595 
596 	return 0;
597 }