Gotweb

Blob

Date:: Wed Jul 6 22:30:00 2022 UTC
Message:: add signer_id option to got.conf(5) Setting this option will cause 'got tag' to sign all created tags using the SSH key, unless overridden by the -s flag. ok stsp@
Actions:: History | Blame | Raw File
1 /*
2  * Copyright (c) 2020 Stefan Sperling <stsp@openbsd.org>
3  *
4  * Permission to use, copy, modify, and distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 #include <sys/types.h>
18 #include <sys/uio.h>
19 #include <sys/socket.h>
20 
21 #include <unistd.h>
22 #include <fcntl.h>
23 #include <errno.h>
24 #include <stdlib.h>
25 #include <stdio.h>
26 #include <stdint.h>
27 #include <limits.h>
28 
29 #include "got_compat.h"
30 
31 #include "got_error.h"
32 #include "got_object.h"
33 #include "got_repository.h"
34 
35 #include "got_lib_delta.h"
36 #include "got_lib_object.h"
37 #include "got_lib_privsep.h"
38 #include "got_lib_gotconfig.h"
39 
40 #include "got_gotconfig.h"
41 
42 const struct got_error *
43 got_gotconfig_read(struct got_gotconfig **conf, const char *gotconfig_path)
44 {
45 	const struct got_error *err = NULL, *child_err = NULL;
46 	int fd = -1;
47 	int imsg_fds[2] = { -1, -1 };
48 	pid_t pid;
49 	struct imsgbuf *ibuf;
50 
51 	*conf = calloc(1, sizeof(**conf));
52 	if (*conf == NULL)
53 		return got_error_from_errno("calloc");
54 
55 	fd = open(gotconfig_path, O_RDONLY | O_CLOEXEC);
56 	if (fd == -1) {
57 		if (errno == ENOENT)
58 			return NULL;
59 		return got_error_from_errno2("open", gotconfig_path);
60 	}
61 
62 	ibuf = calloc(1, sizeof(*ibuf));
63 	if (ibuf == NULL) {
64 		err = got_error_from_errno("calloc");
65 		goto done;
66 	}
67 
68 	if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, imsg_fds) == -1) {
69 		err = got_error_from_errno("socketpair");
70 		goto done;
71 	}
72 
73 	pid = fork();
74 	if (pid == -1) {
75 		err = got_error_from_errno("fork");
76 		goto done;
77 	} else if (pid == 0) {
78 		got_privsep_exec_child(imsg_fds, GOT_PATH_PROG_READ_GOTCONFIG,
79 		    gotconfig_path);
80 		/* not reached */
81 	}
82 
83 	if (close(imsg_fds[1]) == -1) {
84 		err = got_error_from_errno("close");
85 		goto done;
86 	}
87 	imsg_fds[1] = -1;
88 	imsg_init(ibuf, imsg_fds[0]);
89 
90 	err = got_privsep_send_gotconfig_parse_req(ibuf, fd);
91 	if (err)
92 		goto done;
93 	fd = -1;
94 
95 	err = got_privsep_send_gotconfig_author_req(ibuf);
96 	if (err)
97 		goto done;
98 
99 	err = got_privsep_recv_gotconfig_str(&(*conf)->author, ibuf);
100 	if (err)
101 		goto done;
102 
103 	err = got_privsep_send_gotconfig_allowed_signers_req(ibuf);
104 	if (err)
105 		goto done;
106 
107 	err = got_privsep_recv_gotconfig_str(&(*conf)->allowed_signers_file,
108 	    ibuf);
109 	if (err)
110 		goto done;
111 
112 	err = got_privsep_send_gotconfig_revoked_signers_req(ibuf);
113 	if (err)
114 		goto done;
115 
116 	err = got_privsep_recv_gotconfig_str(&(*conf)->revoked_signers_file,
117 	    ibuf);
118 	if (err)
119 		goto done;
120 
121 	err = got_privsep_send_gotconfig_signer_id_req(ibuf);
122 	if (err)
123 		goto done;
124 
125 	err = got_privsep_recv_gotconfig_str(&(*conf)->signer_id, ibuf);
126 	if (err)
127 		goto done;
128 
129 	err = got_privsep_send_gotconfig_remotes_req(ibuf);
130 	if (err)
131 		goto done;
132 
133 	err = got_privsep_recv_gotconfig_remotes(&(*conf)->remotes,
134 	    &(*conf)->nremotes, ibuf);
135 	if (err)
136 		goto done;
137 
138 	err = got_privsep_send_stop(imsg_fds[0]);
139 	child_err = got_privsep_wait_for_child(pid);
140 	if (child_err && err == NULL)
141 		err = child_err;
142 done:
143 	if (imsg_fds[0] != -1 && close(imsg_fds[0]) == -1 && err == NULL)
144 		err = got_error_from_errno("close");
145 	if (imsg_fds[1] != -1 && close(imsg_fds[1]) == -1 && err == NULL)
146 		err = got_error_from_errno("close");
147 	if (fd != -1 && close(fd) == -1 && err == NULL)
148 		err = got_error_from_errno2("close", gotconfig_path);
149 	if (err) {
150 		got_gotconfig_free(*conf);
151 		*conf = NULL;
152 	}
153 	free(ibuf);
154 	return err;
155 }
156 
157 void
158 got_gotconfig_free(struct got_gotconfig *conf)
159 {
160 	int i;
161 
162 	if (conf == NULL)
163 		return;
164 
165 	free(conf->author);
166 
167 	for (i = 0; i < conf->nremotes; i++)
168 		got_repo_free_remote_repo_data(&conf->remotes[i]);
169 	free(conf->remotes);
170 	free(conf);
171 }
172 
173 const char *
174 got_gotconfig_get_author(const struct got_gotconfig *conf)
175 {
176 	return conf->author;
177 }
178 
179 void
180 got_gotconfig_get_remotes(int *nremotes, const struct got_remote_repo **remotes,
181     const struct got_gotconfig *conf)
182 {
183 	*nremotes = conf->nremotes;
184 	*remotes = conf->remotes;
185 }
186 
187 const char *
188 got_gotconfig_get_allowed_signers_file(const struct got_gotconfig *conf)
189 {
190 	return conf->allowed_signers_file;
191 }
192 
193 const char *
194 got_gotconfig_get_revoked_signers_file(const struct got_gotconfig *conf)
195 {
196 	return conf->revoked_signers_file;
197 }
198 
199 const char *
200 got_gotconfig_get_signer_id(const struct got_gotconfig *conf)
201 {
202 	return conf->signer_id;
203 }