Gotweb

Blob

Date:: Mon Apr 29 11:54:13 2024 UTC
Message:: expose authenticated gotd user account in HTTP notifications ok op@
Actions:: History | Blame | Raw File
1 /*
2  * Copyright (c) 2024 Stefan Sperling <stsp@openbsd.org>
3  *
4  * Permission to use, copy, modify, and distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 #include <sys/types.h>
18 #include <sys/queue.h>
19 #include <sys/tree.h>
20 #include <sys/socket.h>
21 #include <sys/wait.h>
22 
23 #include <errno.h>
24 #include <event.h>
25 #include <siphash.h>
26 #include <limits.h>
27 #include <sha1.h>
28 #include <sha2.h>
29 #include <signal.h>
30 #include <stdio.h>
31 #include <stdlib.h>
32 #include <string.h>
33 #include <imsg.h>
34 #include <unistd.h>
35 
36 #include "got_error.h"
37 #include "got_path.h"
38 
39 #include "gotd.h"
40 #include "log.h"
41 #include "notify.h"
42 
43 #ifndef nitems
44 #define nitems(_a)	(sizeof((_a)) / sizeof((_a)[0]))
45 #endif
46 
47 static struct gotd_notify {
48 	pid_t pid;
49 	const char *title;
50 	struct gotd_imsgev parent_iev;
51 	struct gotd_repolist *repos;
52 	const char *default_sender;
53 } gotd_notify;
54 
55 struct gotd_notify_session {
56 	STAILQ_ENTRY(gotd_notify_session) entry;
57 	uint32_t id;
58 	struct gotd_imsgev iev;
59 };
60 STAILQ_HEAD(gotd_notify_sessions, gotd_notify_session);
61 
62 static struct gotd_notify_sessions gotd_notify_sessions[GOTD_CLIENT_TABLE_SIZE];
63 static SIPHASH_KEY sessions_hash_key;
64 
65 static void gotd_notify_shutdown(void);
66 
67 static uint64_t
68 session_hash(uint32_t session_id)
69 {
70 	return SipHash24(&sessions_hash_key, &session_id, sizeof(session_id));
71 }
72 
73 static void
74 add_session(struct gotd_notify_session *session)
75 {
76 	uint64_t slot;
77 
78 	slot = session_hash(session->id) % nitems(gotd_notify_sessions);
79 	STAILQ_INSERT_HEAD(&gotd_notify_sessions[slot], session, entry);
80 }
81 
82 static struct gotd_notify_session *
83 find_session(uint32_t session_id)
84 {
85 	uint64_t slot;
86 	struct gotd_notify_session *s;
87 
88 	slot = session_hash(session_id) % nitems(gotd_notify_sessions);
89 	STAILQ_FOREACH(s, &gotd_notify_sessions[slot], entry) {
90 		if (s->id == session_id)
91 			return s;
92 	}
93 
94 	return NULL;
95 }
96 
97 static struct gotd_notify_session *
98 find_session_by_fd(int fd)
99 {
100 	uint64_t slot;
101 	struct gotd_notify_session *s;
102 
103 	for (slot = 0; slot < nitems(gotd_notify_sessions); slot++) {
104 		STAILQ_FOREACH(s, &gotd_notify_sessions[slot], entry) {
105 			if (s->iev.ibuf.fd == fd)
106 				return s;
107 		}
108 	}
109 
110 	return NULL;
111 }
112 
113 static void
114 remove_session(struct gotd_notify_session *session)
115 {
116 	uint64_t slot;
117 
118 	slot = session_hash(session->id) % nitems(gotd_notify_sessions);
119 	STAILQ_REMOVE(&gotd_notify_sessions[slot], session,
120 	    gotd_notify_session, entry);
121 	close(session->iev.ibuf.fd);
122 	free(session);
123 }
124 
125 static uint32_t
126 get_session_id(void)
127 {
128 	int duplicate = 0;
129 	uint32_t id;
130 
131 	do {
132 		id = arc4random();
133 		duplicate = (find_session(id) != NULL);
134 	} while (duplicate || id == 0);
135 
136 	return id;
137 }
138 
139 static void
140 gotd_notify_sighdlr(int sig, short event, void *arg)
141 {
142 	/*
143 	 * Normal signal handler rules don't apply because libevent
144 	 * decouples for us.
145 	 */
146 
147 	switch (sig) {
148 	case SIGHUP:
149 		log_info("%s: ignoring SIGHUP", __func__);
150 		break;
151 	case SIGUSR1:
152 		log_info("%s: ignoring SIGUSR1", __func__);
153 		break;
154 	case SIGTERM:
155 	case SIGINT:
156 		gotd_notify_shutdown();
157 		/* NOTREACHED */
158 		break;
159 	default:
160 		fatalx("unexpected signal");
161 	}
162 }
163 
164 static void
165 run_notification_helper(const char *prog, const char **argv, int fd,
166     const char *user, const char *pass)
167 {
168 	const struct got_error *err = NULL;
169 	pid_t pid;
170 	int child_status;
171 
172 	pid = fork();
173 	if (pid == -1) {
174 		err = got_error_from_errno("fork");
175 		log_warn("%s", err->msg);
176 		return;
177 	} else if (pid == 0) {
178 		signal(SIGQUIT, SIG_DFL);
179 		signal(SIGINT, SIG_DFL);
180 		signal(SIGCHLD, SIG_DFL);
181 
182 		if (dup2(fd, STDIN_FILENO) == -1) {
183 			fprintf(stderr, "%s: dup2: %s\n", getprogname(),
184 			    strerror(errno));
185 			_exit(1);
186 		}
187 
188 		closefrom(STDERR_FILENO + 1);
189 
190 		if (user != NULL && pass != NULL) {
191 			setenv("GOT_NOTIFY_HTTP_USER", user, 1);
192 			setenv("GOT_NOTIFY_HTTP_PASS", pass, 1);
193 		}
194 
195 		if (execv(prog, (char *const *)argv) == -1) {
196 			fprintf(stderr, "%s: exec %s: %s\n", getprogname(),
197 			    prog, strerror(errno));
198 			_exit(1);
199 		}
200 
201 		/* not reached */
202 	}
203 
204 	if (waitpid(pid, &child_status, 0) == -1) {
205 		err = got_error_from_errno("waitpid");
206 		goto done;
207 	}
208 
209 	if (!WIFEXITED(child_status)) {
210 		err = got_error(GOT_ERR_PRIVSEP_DIED);
211 		goto done;
212 	}
213 
214 	if (WEXITSTATUS(child_status) != 0)
215 		err = got_error(GOT_ERR_PRIVSEP_EXIT);
216 done:
217 	if (err)
218 		log_warnx("%s: child %s pid %d: %s", gotd_notify.title,
219 		    prog, pid, err->msg);
220 }
221 
222 static void
223 notify_email(struct gotd_notification_target *target, const char *subject_line,
224     int fd)
225 {
226 	const char *argv[13];
227 	int i = 0;
228 
229 	argv[i++] = GOTD_PATH_PROG_NOTIFY_EMAIL;
230 
231 	argv[i++] = "-f";
232 	if (target->conf.email.sender)
233 		argv[i++] = target->conf.email.sender;
234 	else
235 		argv[i++] = gotd_notify.default_sender;
236 
237 	if (target->conf.email.responder) {
238 		argv[i++] = "-r";
239 		argv[i++] = target->conf.email.responder;
240 	}
241 
242 	if (target->conf.email.hostname) {
243 		argv[i++] = "-h";
244 		argv[i++] = target->conf.email.hostname;
245 	}
246 
247 	if (target->conf.email.port) {
248 		argv[i++] = "-p";
249 		argv[i++] = target->conf.email.port;
250 	}
251 
252 	argv[i++] = "-s";
253 	argv[i++] = subject_line;
254 
255 	argv[i++] = target->conf.email.recipient;
256 
257 	argv[i] = NULL;
258 
259 	run_notification_helper(GOTD_PATH_PROG_NOTIFY_EMAIL, argv, fd,
260 	    NULL, NULL);
261 }
262 
263 static void
264 notify_http(struct gotd_notification_target *target, const char *repo,
265     const char *username, int fd)
266 {
267 	const char *argv[12];
268 	int argc = 0;
269 
270 	argv[argc++] = GOTD_PATH_PROG_NOTIFY_HTTP;
271 	if (target->conf.http.tls)
272 		argv[argc++] = "-c";
273 
274 	argv[argc++] = "-r";
275 	argv[argc++] = repo;
276 	argv[argc++] = "-h";
277 	argv[argc++] = target->conf.http.hostname;
278 	argv[argc++] = "-p";
279 	argv[argc++] = target->conf.http.port;
280 	argv[argc++] = "-u";
281 	argv[argc++] = username;
282 
283 	argv[argc++] = target->conf.http.path;
284 
285 	argv[argc] = NULL;
286 
287 	run_notification_helper(GOTD_PATH_PROG_NOTIFY_HTTP, argv, fd,
288 	    target->conf.http.user, target->conf.http.password);
289 }
290 
291 static const struct got_error *
292 send_notification(struct imsg *imsg, struct gotd_imsgev *iev)
293 {
294 	const struct got_error *err = NULL;
295 	struct gotd_imsg_notify inotify;
296 	size_t datalen;
297 	struct gotd_repo *repo;
298 	struct gotd_notification_target *target;
299 	int fd;
300 	char *username = NULL;
301 
302 	datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
303 	if (datalen < sizeof(inotify))
304 		return got_error(GOT_ERR_PRIVSEP_LEN);
305 
306 	memcpy(&inotify, imsg->data, sizeof(inotify));
307 	if (datalen != sizeof(inotify) + inotify.username_len)
308 		return got_error(GOT_ERR_PRIVSEP_LEN);
309 
310 	repo = gotd_find_repo_by_name(inotify.repo_name, gotd_notify.repos);
311 	if (repo == NULL)
312 		return got_error(GOT_ERR_PRIVSEP_MSG);
313 
314 	fd = imsg_get_fd(imsg);
315 	if (fd == -1)
316 		return got_error(GOT_ERR_PRIVSEP_NO_FD);
317 
318 	username = strndup(imsg->data + sizeof(inotify), inotify.username_len);
319 	if (username == NULL)
320 		return got_error_from_errno("strndup");
321 
322 	if (lseek(fd, 0, SEEK_SET) == -1) {
323 		err = got_error_from_errno("lseek");
324 		goto done;
325 	}
326 
327 
328 	STAILQ_FOREACH(target, &repo->notification_targets, entry) {
329 		switch (target->type) {
330 		case GOTD_NOTIFICATION_VIA_EMAIL:
331 			notify_email(target, inotify.subject_line, fd);
332 			break;
333 		case GOTD_NOTIFICATION_VIA_HTTP:
334 			notify_http(target, repo->name, username, fd);
335 			break;
336 		}
337 	}
338 
339 	if (gotd_imsg_compose_event(iev, GOTD_IMSG_NOTIFICATION_SENT,
340 	    PROC_NOTIFY, -1, NULL, 0) == -1) {
341 		err = got_error_from_errno("imsg compose NOTIFY");
342 		goto done;
343 	}
344 done:
345 	close(fd);
346 	free(username);
347 	return err;
348 }
349 
350 static void
351 notify_dispatch_session(int fd, short event, void *arg)
352 {
353 	struct gotd_imsgev *iev = arg;
354 	struct imsgbuf *ibuf = &iev->ibuf;
355 	ssize_t n;
356 	int shut = 0;
357 	struct imsg imsg;
358 
359 	if (event & EV_READ) {
360 		if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
361 			fatal("imsg_read error");
362 		if (n == 0) {
363 			/* Connection closed. */
364 			shut = 1;
365 			goto done;
366 		}
367 	}
368 
369 	if (event & EV_WRITE) {
370 		n = msgbuf_write(&ibuf->w);
371 		if (n == -1 && errno != EAGAIN && errno != EPIPE)
372 			fatal("msgbuf_write");
373 		if (n == 0 || (n == -1 && errno == EPIPE)) {
374 			/* Connection closed. */
375 			shut = 1;
376 			goto done;
377 		}
378 	}
379 
380 	for (;;) {
381 		const struct got_error *err = NULL;
382 
383 		if ((n = imsg_get(ibuf, &imsg)) == -1)
384 			fatal("%s: imsg_get error", __func__);
385 		if (n == 0)	/* No more messages. */
386 			break;
387 
388 		switch (imsg.hdr.type) {
389 		case GOTD_IMSG_NOTIFY:
390 			err = send_notification(&imsg, iev);
391 			break;
392 		default:
393 			log_debug("unexpected imsg %d", imsg.hdr.type);
394 			break;
395 		}
396 		imsg_free(&imsg);
397 
398 		if (err)
399 			log_warnx("%s: %s", __func__, err->msg);
400 	}
401 done:
402 	if (!shut) {
403 		gotd_imsg_event_add(iev);
404 	} else {
405 		struct gotd_notify_session *session;
406 
407 		/* This pipe is dead. Remove its event handler */
408 		event_del(&iev->ev);
409 		imsg_clear(&iev->ibuf);
410 
411 		session = find_session_by_fd(fd);
412 		if (session)
413 			remove_session(session);
414 	}
415 }
416 
417 static const struct got_error *
418 recv_session(struct imsg *imsg)
419 {
420 	struct gotd_notify_session *session;
421 	size_t datalen;
422 	int fd;
423 
424 	datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
425 	if (datalen != 0)
426 		return got_error(GOT_ERR_PRIVSEP_LEN);
427 
428 	fd = imsg_get_fd(imsg);
429 	if (fd == -1)
430 		return got_error(GOT_ERR_PRIVSEP_NO_FD);
431 
432 	session = calloc(1, sizeof(*session));
433 	if (session == NULL)
434 		return got_error_from_errno("calloc");
435 
436 	session->id = get_session_id();
437 	imsg_init(&session->iev.ibuf, fd);
438 	session->iev.handler = notify_dispatch_session;
439 	session->iev.events = EV_READ;
440 	session->iev.handler_arg = NULL;
441 	event_set(&session->iev.ev, session->iev.ibuf.fd, EV_READ,
442 	    notify_dispatch_session, &session->iev);
443 	gotd_imsg_event_add(&session->iev);
444 	add_session(session);
445 
446 	return NULL;
447 }
448 
449 static void
450 notify_dispatch(int fd, short event, void *arg)
451 {
452 	struct gotd_imsgev *iev = arg;
453 	struct imsgbuf *ibuf = &iev->ibuf;
454 	ssize_t n;
455 	int shut = 0;
456 	struct imsg imsg;
457 
458 	if (event & EV_READ) {
459 		if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
460 			fatal("imsg_read error");
461 		if (n == 0) {
462 			/* Connection closed. */
463 			shut = 1;
464 			goto done;
465 		}
466 	}
467 
468 	if (event & EV_WRITE) {
469 		n = msgbuf_write(&ibuf->w);
470 		if (n == -1 && errno != EAGAIN)
471 			fatal("msgbuf_write");
472 		if (n == 0) {
473 			/* Connection closed. */
474 			shut = 1;
475 			goto done;
476 		}
477 	}
478 
479 	for (;;) {
480 		const struct got_error *err = NULL;
481 
482 		if ((n = imsg_get(ibuf, &imsg)) == -1)
483 			fatal("%s: imsg_get error", __func__);
484 		if (n == 0)	/* No more messages. */
485 			break;
486 
487 		switch (imsg.hdr.type) {
488 		case GOTD_IMSG_CONNECT_SESSION:
489 			err = recv_session(&imsg);
490 			break;
491 		default:
492 			log_debug("unexpected imsg %d", imsg.hdr.type);
493 			break;
494 		}
495 		imsg_free(&imsg);
496 
497 		if (err)
498 			log_warnx("%s: %s", __func__, err->msg);
499 	}
500 done:
501 	if (!shut) {
502 		gotd_imsg_event_add(iev);
503 	} else {
504 		/* This pipe is dead. Remove its event handler */
505 		event_del(&iev->ev);
506 		event_loopexit(NULL);
507 	}
508 
509 }
510 
511 void
512 notify_main(const char *title, struct gotd_repolist *repos,
513     const char *default_sender)
514 {
515 	const struct got_error *err = NULL;
516 	struct event evsigint, evsigterm, evsighup, evsigusr1;
517 
518 	arc4random_buf(&sessions_hash_key, sizeof(sessions_hash_key));
519 
520 	gotd_notify.title = title;
521 	gotd_notify.repos = repos;
522 	gotd_notify.default_sender = default_sender;
523 	gotd_notify.pid = getpid();
524 
525 	signal_set(&evsigint, SIGINT, gotd_notify_sighdlr, NULL);
526 	signal_set(&evsigterm, SIGTERM, gotd_notify_sighdlr, NULL);
527 	signal_set(&evsighup, SIGHUP, gotd_notify_sighdlr, NULL);
528 	signal_set(&evsigusr1, SIGUSR1, gotd_notify_sighdlr, NULL);
529 	signal(SIGPIPE, SIG_IGN);
530 
531 	signal_add(&evsigint, NULL);
532 	signal_add(&evsigterm, NULL);
533 	signal_add(&evsighup, NULL);
534 	signal_add(&evsigusr1, NULL);
535 
536 	imsg_init(&gotd_notify.parent_iev.ibuf, GOTD_FILENO_MSG_PIPE);
537 	gotd_notify.parent_iev.handler = notify_dispatch;
538 	gotd_notify.parent_iev.events = EV_READ;
539 	gotd_notify.parent_iev.handler_arg = NULL;
540 	event_set(&gotd_notify.parent_iev.ev, gotd_notify.parent_iev.ibuf.fd,
541 	    EV_READ, notify_dispatch, &gotd_notify.parent_iev);
542 	gotd_imsg_event_add(&gotd_notify.parent_iev);
543 
544 	event_dispatch();
545 
546 	if (err)
547 		log_warnx("%s: %s", title, err->msg);
548 	gotd_notify_shutdown();
549 }
550 
551 void
552 gotd_notify_shutdown(void)
553 {
554 	log_debug("%s: shutting down", gotd_notify.title);
555 	exit(0);
556 }