1 /*
2  * Copyright (c) 2022 Stefan Sperling <stsp@openbsd.org>
3  *
4  * Permission to use, copy, modify, and distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 #include "got_compat.h"
18 
19 #define GOTD_UNIX_SOCKET "/var/run/gotd.sock"
20 #define GOTD_UNIX_SOCKET_BACKLOG 10
21 #define GOTD_USER	"_gotd"
22 #define GOTD_CONF_PATH	"/etc/gotd.conf"
23 #ifndef GOTD_EMPTY_PATH
24 #define GOTD_EMPTY_PATH	"/var/empty"
25 #endif
26 
27 #ifndef GOT_LIBEXECDIR
28 #define GOT_LIBEXECDIR /usr/libexec
29 #endif
30 
31 #define GOTD_STRINGIFY(x) #x
32 #define GOTD_STRINGVAL(x) GOTD_STRINGIFY(x)
33 
34 #define GOTD_PROG_NOTIFY_EMAIL	got-notify-email
35 #define GOTD_PROG_NOTIFY_HTTP	got-notify-http
36 
37 #define GOTD_PATH_PROG_NOTIFY_EMAIL \
38 	GOTD_STRINGVAL(GOT_LIBEXECDIR) "/" \
39 	GOTD_STRINGVAL(GOTD_PROG_NOTIFY_EMAIL)
40 #define GOTD_PATH_PROG_NOTIFY_HTTP \
41 	GOTD_STRINGVAL(GOT_LIBEXECDIR) "/" \
42 	GOTD_STRINGVAL(GOTD_PROG_NOTIFY_HTTP)
43 
44 #define GOTD_MAXCLIENTS		1024
45 #define GOTD_MAX_CONN_PER_UID	4
46 #define GOTD_FD_RESERVE		5
47 #define GOTD_FD_NEEDED		6
48 #define GOTD_FILENO_MSG_PIPE	3
49 
50 #define GOTD_DEFAULT_REQUEST_TIMEOUT	3600
51 
52 /* Client hash tables need some extra room. */
53 #define GOTD_CLIENT_TABLE_SIZE (GOTD_MAXCLIENTS * 4)
54 
55 enum gotd_procid {
56 	PROC_GOTD	= 0,
57 	PROC_LISTEN,
58 	PROC_AUTH,
59 	PROC_SESSION_READ,
60 	PROC_SESSION_WRITE,
61 	PROC_REPO_READ,
62 	PROC_REPO_WRITE,
63 	PROC_GITWRAPPER,
64 	PROC_NOTIFY,
65 	PROC_MAX,
66 };
67 
68 struct gotd_imsgev {
69 	struct imsgbuf	 ibuf;
70 	void		(*handler)(int, short, void *);
71 	void		*handler_arg;
72 	struct event	 ev;
73 	short		 events;
74 };
75 
76 enum gotd_access {
77 	GOTD_ACCESS_PERMITTED = 1,
78 	GOTD_ACCESS_DENIED
79 };
80 
81 struct gotd_access_rule {
82 	STAILQ_ENTRY(gotd_access_rule) entry;
83 
84 	enum gotd_access access;
85 
86 	int authorization;
87 #define GOTD_AUTH_READ		0x1
88 #define GOTD_AUTH_WRITE		0x2
89 
90 	char *identifier;
91 };
92 STAILQ_HEAD(gotd_access_rule_list, gotd_access_rule);
93 
94 enum gotd_notification_target_type {
95 	GOTD_NOTIFICATION_VIA_EMAIL,
96 	GOTD_NOTIFICATION_VIA_HTTP
97 };
98 
99 struct gotd_notification_target {
100 	STAILQ_ENTRY(gotd_notification_target) entry;
101 
102 	enum gotd_notification_target_type type;
103 	union {
104 		struct {
105 			char *sender;
106 			char *recipient;
107 			char *responder;
108 			char *hostname;
109 			char *port;
110 		} email;
111 		struct {
112 			char *url;
113 			char *user;
114 			char *password;
115 		} http;
116 	} conf;
117 };
118 STAILQ_HEAD(gotd_notification_targets, gotd_notification_target);
119 
120 struct gotd_repo {
121 	TAILQ_ENTRY(gotd_repo)	 entry;
122 
123 	char name[NAME_MAX];
124 	char path[PATH_MAX];
125 
126 	struct gotd_access_rule_list rules;
127 	struct got_pathlist_head protected_tag_namespaces;
128 	struct got_pathlist_head protected_branch_namespaces;
129 	struct got_pathlist_head protected_branches;
130 
131 	struct got_pathlist_head notification_refs;
132 	struct got_pathlist_head notification_ref_namespaces;
133 	struct gotd_notification_targets notification_targets;
134 };
135 TAILQ_HEAD(gotd_repolist, gotd_repo);
136 
137 enum gotd_session_state {
138 	GOTD_STATE_EXPECT_LIST_REFS,
139 	GOTD_STATE_EXPECT_CAPABILITIES,
140 	GOTD_STATE_EXPECT_WANT,
141 	GOTD_STATE_EXPECT_REF_UPDATE,
142 	GOTD_STATE_EXPECT_MORE_REF_UPDATES,
143 	GOTD_STATE_EXPECT_HAVE,
144 	GOTD_STATE_EXPECT_PACKFILE,
145 	GOTD_STATE_EXPECT_DONE,
146 	GOTD_STATE_DONE,
147 	GOTD_STATE_NOTIFY,
148 };
149 
150 struct gotd_client_capability {
151 	char *key;
152 	char *value;
153 };
154 
155 struct gotd_object_id_array {
156 	struct got_object_id		**ids;
157 	size_t				 nalloc;
158 	size_t				 nids;
159 };
160 
161 struct gotd_uid_connection_limit {
162 	uid_t uid;
163 	int max_connections;
164 };
165 
166 struct gotd_child_proc;
167 
168 struct gotd {
169 	pid_t pid;
170 	char unix_socket_path[PATH_MAX];
171 	char user_name[32];
172 	struct gotd_repolist repos;
173 	int nrepos;
174 	struct gotd_child_proc *listen_proc;
175 	struct gotd_child_proc *notify_proc;
176 	int notifications_enabled;
177 	struct timeval request_timeout;
178 	struct timeval auth_timeout;
179 	struct gotd_uid_connection_limit *connection_limits;
180 	size_t nconnection_limits;
181 
182 	char *argv0;
183 	const char *confpath;
184 	int daemonize;
185 	int verbosity;
186 };
187 
188 enum gotd_imsg_type {
189 	/* An error occured while processing a request. */
190 	GOTD_IMSG_ERROR,
191 
192 	/* Commands used by gotctl(8). */
193 	GOTD_IMSG_INFO,
194 	GOTD_IMSG_INFO_REPO,
195 	GOTD_IMSG_INFO_CLIENT,
196 	GOTD_IMSG_STOP,
197 
198 	/* Request a list of references. */
199 	GOTD_IMSG_LIST_REFS,
200 	GOTD_IMSG_LIST_REFS_INTERNAL,
201 
202 	/* References. */
203 	GOTD_IMSG_REFLIST,
204 	GOTD_IMSG_REF,
205 	GOTD_IMSG_SYMREF,
206 
207 	/* Git protocol capabilities. */
208 	GOTD_IMSG_CAPABILITIES,
209 	GOTD_IMSG_CAPABILITY,
210 
211 	/* Git protocol chatter. */
212 	GOTD_IMSG_WANT,		/* The client wants an object. */
213 	GOTD_IMSG_HAVE,		/* The client has an object. */
214 	GOTD_IMSG_ACK,		/* The server has an object or a reference. */
215 	GOTD_IMSG_NAK,		/* The server does not have an object/ref. */
216 	GOTD_IMSG_REF_UPDATE,	/* The client wants to update a reference. */
217 	GOTD_IMSG_REF_DELETE,	/* The client wants to delete a reference. */
218 	GOTD_IMSG_FLUSH,	/* The client sent a flush packet. */
219 	GOTD_IMSG_DONE,		/* The client is done chatting. */
220 
221 	/* Sending or receiving a pack file. */
222 	GOTD_IMSG_SEND_PACKFILE, /* The server is sending a pack file. */
223 	GOTD_IMSG_RECV_PACKFILE, /* The server is receiving a pack file. */
224 	GOTD_IMSG_PACKIDX_FILE,  /* Temporary file handle for new pack index. */
225 	GOTD_IMSG_PACKFILE_PIPE, /* Pipe to send/receive a pack file stream. */
226 	GOTD_IMSG_PACKFILE_PROGRESS, /* Progress reporting. */
227 	GOTD_IMSG_PACKFILE_READY, /* Pack file is ready to be sent. */
228 	GOTD_IMSG_PACKFILE_STATUS, /* Received pack success/failure status. */
229 	GOTD_IMSG_PACKFILE_INSTALL, /* Received pack file can be installed. */
230 	GOTD_IMSG_PACKFILE_DONE, /* Pack file has been sent/received. */
231 
232 	/* Reference updates. */
233 	GOTD_IMSG_REF_UPDATES_START, /* Ref updates starting. */
234 	GOTD_IMSG_REF_UPDATE_OK, /* Update went OK. */
235 	GOTD_IMSG_REF_UPDATE_NG, /* Update was not good. */
236 	GOTD_IMSG_REFS_UPDATED, /* The server proccessed all ref updates. */
237 
238 	/* Client connections. */
239 	GOTD_IMSG_DISCONNECT,
240 	GOTD_IMSG_CONNECT,
241 
242 	/* Child process management. */
243 	GOTD_IMSG_CLIENT_SESSION_READY,
244 	GOTD_IMSG_REPO_CHILD_READY,
245 	GOTD_IMSG_CONNECT_REPO_CHILD,
246 
247 	/* Auth child process. */
248 	GOTD_IMSG_AUTHENTICATE,
249 	GOTD_IMSG_ACCESS_GRANTED,
250 
251 	/* Notify child process. */
252 	GOTD_IMSG_CONNECT_NOTIFIER,
253 	GOTD_IMSG_CONNECT_SESSION,
254 	GOTD_IMSG_NOTIFY,
255 	GOTD_IMSG_NOTIFICATION_SENT
256 };
257 
258 /* Structure for GOTD_IMSG_ERROR. */
259 struct gotd_imsg_error {
260 	int code; /* an error code from got_error.h */
261 	int errno_code; /* in case code equals GOT_ERR_ERRNO */
262 	uint32_t client_id;
263 	char msg[GOT_ERR_MAX_MSG_SIZE];
264 } __attribute__((__packed__));
265 
266 /* Structure for GOTD_IMSG_INFO. */
267 struct gotd_imsg_info {
268 	pid_t pid;
269 	int verbosity;
270 	int nrepos;
271 	int nclients;
272 
273 	/* Followed by nrepos GOTD_IMSG_INFO_REPO messages. */
274 	/* Followed by nclients GOTD_IMSG_INFO_CLIENT messages. */
275 };
276 
277 /* Structure for GOTD_IMSG_INFO_REPO. */
278 struct gotd_imsg_info_repo {
279 	char repo_name[NAME_MAX];
280 	char repo_path[PATH_MAX];
281 };
282 
283 /* Structure for GOTD_IMSG_INFO_CLIENT */
284 struct gotd_imsg_info_client {
285 	uid_t euid;
286 	gid_t egid;
287 	char repo_name[NAME_MAX];
288 	int is_writing;
289 	pid_t session_child_pid;
290 	pid_t repo_child_pid;
291 };
292 
293 /* Structure for GOTD_IMSG_LIST_REFS. */
294 struct gotd_imsg_list_refs {
295 	char repo_name[NAME_MAX];
296 	int client_is_reading; /* 1 if reading, 0 if writing */
297 };
298 
299 /* Structure for GOTD_IMSG_LIST_REFS_INTERNAL. */
300 struct gotd_imsg_list_refs_internal {
301 	uint32_t client_id;
302 };
303 
304 /* Structure for GOTD_IMSG_REFLIST. */
305 struct gotd_imsg_reflist {
306 	size_t nrefs;
307 
308 	/* Followed by nrefs times of gotd_imsg_ref/gotd_imsg_symref data. */
309 } __attribute__((__packed__));
310 
311 /* Structure for GOTD_IMSG_REF data. */
312 struct gotd_imsg_ref {
313 	uint8_t id[SHA1_DIGEST_LENGTH];
314 	size_t name_len;
315 	/* Followed by name_len data bytes. */
316 } __attribute__((__packed__));
317 
318 /* Structure for GOTD_IMSG_SYMREF data. */
319 struct gotd_imsg_symref {
320 	size_t name_len;
321 	size_t target_len;
322 	uint8_t target_id[SHA1_DIGEST_LENGTH];
323 
324 	/*
325 	 * Followed by name_len + target_len data bytes.
326 	 */
327 } __attribute__((__packed__));
328 
329 /* Structure for GOTD_IMSG_CAPABILITIES data. */
330 struct gotd_imsg_capabilities {
331 	size_t ncapabilities;
332 
333 	/*
334 	 * Followed by ncapabilities * GOTD_IMSG_CAPABILITY.
335 	 */
336 } __attribute__((__packed__));
337 
338 /* Structure for GOTD_IMSG_CAPABILITY data. */
339 struct gotd_imsg_capability {
340 	size_t key_len;
341 	size_t value_len;
342 
343 	/*
344 	 * Followed by key_len + value_len data bytes.
345 	 */
346 } __attribute__((__packed__));
347 
348 /* Structure for GOTD_IMSG_WANT data. */
349 struct gotd_imsg_want {
350 	uint8_t object_id[SHA1_DIGEST_LENGTH];
351 	uint32_t client_id;
352 } __attribute__((__packed__));
353 
354 /* Structure for GOTD_IMSG_HAVE data. */
355 struct gotd_imsg_have {
356 	uint8_t object_id[SHA1_DIGEST_LENGTH];
357 	uint32_t client_id;
358 } __attribute__((__packed__));
359 
360 /* Structure for GOTD_IMSG_ACK data. */
361 struct gotd_imsg_ack {
362 	uint8_t object_id[SHA1_DIGEST_LENGTH];
363 	uint32_t client_id;
364 } __attribute__((__packed__));
365 
366 /* Structure for GOTD_IMSG_NAK data. */
367 struct gotd_imsg_nak {
368 	uint8_t object_id[SHA1_DIGEST_LENGTH];
369 	uint32_t client_id;
370 } __attribute__((__packed__));
371 
372 /* Structure for GOTD_IMSG_PACKFILE_STATUS data. */
373 struct gotd_imsg_packfile_status {
374 	size_t reason_len;
375 
376 	/* Followed by reason_len data bytes. */
377 } __attribute__((__packed__));
378 
379 
380 /* Structure for GOTD_IMSG_REF_UPDATE data. */
381 struct gotd_imsg_ref_update {
382 	uint8_t old_id[SHA1_DIGEST_LENGTH];
383 	uint8_t new_id[SHA1_DIGEST_LENGTH];
384 	int ref_is_new;
385 	int delete_ref;
386 	uint32_t client_id;
387 	size_t name_len;
388 
389 	/* Followed by name_len data bytes. */
390 } __attribute__((__packed__));
391 
392 /* Structure for GOTD_IMSG_REF_UPDATES_START data. */
393 struct gotd_imsg_ref_updates_start {
394 	int nref_updates;
395 	uint32_t client_id;
396 
397 	/* Followed by nref_updates GOT_IMSG_REF_UPDATE_OK/NG messages. */
398 };
399 
400 /* Structure for GOTD_IMSG_REF_UPDATE_OK data. */
401 struct gotd_imsg_ref_update_ok {
402 	uint8_t old_id[SHA1_DIGEST_LENGTH];
403 	uint8_t new_id[SHA1_DIGEST_LENGTH];
404 	int ref_is_new;
405 	uint32_t client_id;
406 	size_t name_len;
407 
408 	/* Followed by name_len data bytes. */
409 } __attribute__((__packed__));
410 
411 /* Structure for GOTD_IMSG_REF_UPDATE_NG data. */
412 struct gotd_imsg_ref_update_ng {
413 	uint8_t old_id[SHA1_DIGEST_LENGTH];
414 	uint8_t new_id[SHA1_DIGEST_LENGTH];
415 	uint32_t client_id;
416 	size_t name_len;
417 	size_t reason_len;
418 
419 	/* Followed by name_len + reason_len data bytes. */
420 } __attribute__((__packed__));
421 
422 /* Structure for GOTD_IMSG_SEND_PACKFILE data. */
423 struct gotd_imsg_send_packfile {
424 	uint32_t client_id;
425 	int report_progress;
426 
427 	/* delta cache file is sent as a file descriptor */
428 
429 	/* followed by two GOTD_IMSG_PACKFILE_PIPE messages */
430 };
431 
432 /* Structure for GOTD_IMSG_RECV_PACKFILE data. */
433 struct gotd_imsg_recv_packfile {
434 	uint32_t client_id;
435 	int report_status;
436 
437 	/* pack destination temp file is sent as a file descriptor */
438 };
439 
440 /* Structure for GOTD_IMSG_PACKFILE_PIPE data. */
441 struct gotd_imsg_packfile_pipe {
442 	uint32_t client_id;
443 };
444 
445 /* Structure for GOTD_IMSG_PACKIDX_FILE data. */
446 struct gotd_imsg_packidx_file {
447 	uint32_t client_id;
448 };
449 
450 
451 /*
452  * Structure for GOTD_IMSG_PACKFILE_PROGRESS and
453  * GOTD_IMSG_PACKFILE_READY data.
454  */
455 struct gotd_imsg_packfile_progress {
456 	uint32_t client_id;
457 	int ncolored;
458 	int nfound;
459 	int ntrees;
460 	off_t packfile_size;
461 	int ncommits;
462 	int nobj_total;
463 	int nobj_deltify;
464 	int nobj_written;
465 };
466 
467 /* Structure for GOTD_IMSG_PACKFILE_INSTALL. */
468 struct gotd_imsg_packfile_install {
469 	uint32_t client_id;
470 	uint8_t pack_sha1[SHA1_DIGEST_LENGTH];
471 };
472 
473 /* Structure for GOTD_IMSG_PACKFILE_DONE data. */
474 struct gotd_imsg_packfile_done {
475 	uint32_t client_id;
476 };
477 
478 /* Structure for GOTD_IMSG_DISCONNECT data. */
479 struct gotd_imsg_disconnect {
480 	uint32_t client_id;
481 };
482 
483 /* Structure for GOTD_IMSG_CONNECT. */
484 struct gotd_imsg_connect {
485 	uint32_t client_id;
486 	uid_t euid;
487 	gid_t egid;
488 	size_t username_len;
489 
490 	/* Followed by username_len data bytes. */
491 };
492 
493 /* Structure for GOTD_IMSG_CONNECT_REPO_CHILD. */
494 struct gotd_imsg_connect_repo_child {
495 	uint32_t client_id;
496 	enum gotd_procid proc_id;
497 
498 	/* repo child imsg pipe is passed via imsg fd */
499 };
500 
501 /* Structure for GOTD_IMSG_AUTHENTICATE. */
502 struct gotd_imsg_auth {
503 	uid_t euid;
504 	gid_t egid;
505 	int required_auth;
506 	uint32_t client_id;
507 };
508 
509 /* Structures for GOTD_IMSG_NOTIFY. */
510 enum gotd_notification_action {
511 	GOTD_NOTIF_ACTION_CREATED,
512 	GOTD_NOTIF_ACTION_REMOVED,
513 	GOTD_NOTIF_ACTION_CHANGED
514 };
515 /* IMSG_NOTIFY session <-> repo_write */
516 struct gotd_imsg_notification_content {
517 	uint32_t client_id;
518 	enum gotd_notification_action action;
519 	uint8_t old_id[SHA1_DIGEST_LENGTH];
520 	uint8_t new_id[SHA1_DIGEST_LENGTH];
521 	size_t refname_len;
522 	/* Followed by refname_len data bytes. */
523 };
524 /* IMSG_NOTIFY session -> notify*/
525 struct gotd_imsg_notify {
526 	char repo_name[NAME_MAX];
527 	char subject_line[64];
528 };
529 
530 int enter_chroot(const char *);
531 int parse_config(const char *, enum gotd_procid, struct gotd *);
532 struct gotd_repo *gotd_find_repo_by_name(const char *, struct gotd_repolist *);
533 struct gotd_repo *gotd_find_repo_by_path(const char *, struct gotd *);
534 struct gotd_uid_connection_limit *gotd_find_uid_connection_limit(
535     struct gotd_uid_connection_limit *limits, size_t nlimits, uid_t uid);
536 int gotd_parseuid(const char *s, uid_t *uid);
537 const struct got_error *gotd_parse_url(char **, char **, char **,
538     char **, const char *);
539 
540 /* imsg.c */
541 const struct got_error *gotd_imsg_flush(struct imsgbuf *);
542 const struct got_error *gotd_imsg_recv(struct imsg *, struct imsgbuf *, size_t);
543 const struct got_error *gotd_imsg_poll_recv(struct imsg *, struct imsgbuf *,
544     size_t);
545 const struct got_error *gotd_imsg_recv_error(uint32_t *client_id,
546     struct imsg *imsg);
547 int gotd_imsg_send_error(struct imsgbuf *ibuf, uint32_t, uint32_t,
548     const struct got_error *);
549 int gotd_imsg_send_error_event(struct gotd_imsgev *, uint32_t, uint32_t,
550     const struct got_error *);
551 void gotd_imsg_event_add(struct gotd_imsgev *);
552 int gotd_imsg_compose_event(struct gotd_imsgev *, uint16_t, uint32_t, int,
553     void *, uint16_t);
554 int gotd_imsg_forward(struct gotd_imsgev *, struct imsg *, int);
555 
556 void gotd_imsg_send_ack(struct got_object_id *, struct imsgbuf *,
557     uint32_t, pid_t);
558 void gotd_imsg_send_nak(struct got_object_id *, struct imsgbuf *,
559     uint32_t, pid_t);