Gotweb

Blob

Date:: Mon Apr 29 12:23:39 2024 UTC
Message:: redo "got-fetch-http: fix GET request URL", without breaking tests My previous fix for ~user in SSH URLs broke ~user in HTTP URLs, as used on sourcehut. Sanitize the amount of leading and embedded slashes in URLs to make things work in all cases. The root cause of the test problem with naddy's previous diff was likely in the http-server script itself, where a request like GET //repo//info/refs?service=git-upload-pack somehow ended up as GET $testroot///info/refs. We work around this here by avoiding the double slashes.
Actions:: History | Blame | Raw File
1 /*
2  * Copyright (c) 2024 Tobias Heider <me@tobhe.de>
3  * Copyright (c) 2022 Omar Polo <op@openbsd.org>
4  *
5  * Permission to use, copy, modify, and distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16  */
17 
18 #include "got_compat.h"
19 
20 #include <sys/types.h>
21 #include <sys/queue.h>
22 #include <sys/socket.h>
23 
24 #include <err.h>
25 #include <errno.h>
26 #include <limits.h>
27 #include <netdb.h>
28 #include <poll.h>
29 #include <stdio.h>
30 #include <stdlib.h>
31 #include <string.h>
32 #include <tls.h>
33 #include <unistd.h>
34 
35 #include "got_error.h"
36 #include "got_path.h"
37 #include "got_version.h"
38 
39 #include "got_lib_pkt.h"
40 
41 #include "bufio.h"
42 
43 #define UPLOAD_PACK_ADV "application/x-git-upload-pack-advertisement"
44 #define UPLOAD_PACK_REQ "application/x-git-upload-pack-request"
45 #define UPLOAD_PACK_RES "application/x-git-upload-pack-result"
46 
47 #define	GOT_USERAGENT	"got/" GOT_VERSION_STR
48 #define MINIMUM(a, b)	((a) < (b) ? (a) : (b))
49 #define hasprfx(str, p)	(strncasecmp(str, p, strlen(p)) == 0)
50 
51 FILE *tmp;
52 
53 static int	verbose;
54 
55 static char *
56 bufio_getdelim_sync(struct bufio *bio, const char *nl, size_t *len)
57 {
58 	int	r;
59 
60 	do {
61 		r = bufio_read(bio);
62 		if (r == -1 && errno != EAGAIN)
63 			errx(1, "bufio_read: %s", bufio_io_err(bio));
64 	} while (r == -1 && errno == EAGAIN);
65 	return buf_getdelim(&bio->rbuf, nl, len);
66 }
67 
68 static size_t
69 bufio_drain_sync(struct bufio *bio, void *d, size_t len)
70 {
71 	int	r;
72 
73 	do {
74 		r = bufio_read(bio);
75 		if (r == -1 && errno != EAGAIN)
76 			errx(1, "bufio_read: %s", bufio_io_err(bio));
77 	} while (r == -1 && errno == EAGAIN);
78 	return bufio_drain(bio, d, len);
79 }
80 
81 static void
82 bufio_close_sync(struct bufio *bio)
83 {
84 	int	 r;
85 
86 	do {
87 		r = bufio_close(bio);
88 		if (r == -1 && errno == EAGAIN)
89 			errx(1, "bufio_read: %s", bufio_io_err(bio));
90 	} while (r == -1 && errno == EAGAIN);
91 }
92 
93 static long long
94 hexstrtonum(const char *str, long long min, long long max, const char **errstr)
95 {
96 	long long	 lval;
97 	char		*cp;
98 
99 	errno = 0;
100 	lval = strtoll(str, &cp, 16);
101 	if (*str == '\0' || *cp != '\0') {
102 		*errstr = "not a number";
103 		return 0;
104 	}
105 	if ((errno == ERANGE && (lval == LONG_MAX || lval == LONG_MIN)) ||
106 	    lval < min || lval > max) {
107 		*errstr = "out of range";
108 		return 0;
109 	}
110 
111 	*errstr = NULL;
112 	return lval;
113 }
114 
115 static int
116 dial(int https, const char *host, const char *port)
117 {
118 	struct addrinfo		 hints, *res, *res0;
119 	int			 error, saved_errno, fd = -1;
120 	const char		*cause = NULL;
121 
122 	memset(&hints, 0, sizeof(hints));
123 	hints.ai_family = AF_UNSPEC;
124 	hints.ai_socktype = SOCK_STREAM;
125 	error = getaddrinfo(host, port, &hints, &res0);
126 	if (error) {
127 		warnx("%s", gai_strerror(error));
128 		return -1;
129 	}
130 
131 	for (res = res0; res; res = res->ai_next) {
132 		fd = socket(res->ai_family, res->ai_socktype,
133 		    res->ai_protocol);
134 		if (fd == -1) {
135 			cause = "socket";
136 			continue;
137 		}
138 
139 		if (connect(fd, res->ai_addr, res->ai_addrlen) == 0)
140 			break;
141 
142 		cause = "connect";
143 		saved_errno = errno;
144 		close(fd);
145 		fd = -1;
146 		errno = saved_errno;
147 	}
148 	freeaddrinfo(res0);
149 
150 	if (fd == -1) {
151 		warn("%s", cause);
152 		return -1;
153 	}
154 
155 	return fd;
156 }
157 
158 static int
159 http_open(struct bufio *bio, int https, const char *method, const char *host, const char *port,
160     const char *path, const char *path_sufx, const char *query, const char *ctype)
161 {
162 	const char	*chdr = NULL, *te = "";
163 	char		*p, *req;
164 	int		 r;
165 	
166 	if (strcmp(method, "POST") == 0)
167 		te = "\r\nTransfer-Encoding: chunked\r\n";
168 
169 	if (ctype)
170 		chdr = "Content-Type: ";
171 
172 	r = asprintf(&p, "%s%s/%s%s%s", got_path_is_absolute(path) ? "" :"/",
173 	    path, path_sufx, query ? "?" : "", query ? query : "");
174 	if (r == -1)
175 		err(1, "asprintf");
176 
177 	r = asprintf(&req, "%s %s HTTP/1.1\r\n"
178 	    "Host: %s\r\n"
179 	    "Connection: close\r\n"
180 	    "User-agent: %s\r\n"
181 	    "%s%s%s\r\n",
182 	    method, p, host, GOT_USERAGENT,
183 	    chdr ? chdr : "", ctype ? ctype : "", te);
184 	if (r == -1)
185 		err(1, "asprintf");
186 	free(p);
187 
188 	if (verbose > 0)
189 		fprintf(stderr, "%s: request: %s\n", getprogname(), req);
190 	
191 
192 	r = bufio_compose(bio, req, r);
193 	if (r == -1)
194 		err(1, "bufio_compose_fmt");
195 	free(req);
196 
197 	do {
198 		r = bufio_write(bio);
199 		if (r == -1 && errno != EAGAIN)
200 			errx(1, "bufio_read: %s", bufio_io_err(bio));
201 	} while (bio->wbuf.len != 0);
202 
203 	return 0;
204 }
205 
206 static int
207 http_parse_reply(struct bufio *bio, int *chunked, const char *expected_ctype)
208 {
209 	char		*cp, *line;
210 	size_t		 linelen;
211 
212 	*chunked = 0;
213 
214 	line = bufio_getdelim_sync(bio, "\r\n", &linelen);
215 	if (line == NULL) {
216 		warnx("%s: bufio_getdelim_sync()", __func__);
217 		return -1;
218 	}
219 
220 	if (verbose > 0)
221 		fprintf(stderr, "%s: response: %s\n", getprogname(), line);
222 
223 	if ((cp = strchr(line, ' ')) == NULL) {
224 		warnx("malformed HTTP response");
225 		return -1;
226 	}
227 	cp++;
228 
229 	if (strncmp(cp, "200 ", 4) != 0) {
230 		warnx("malformed HTTP response");
231 		return -1;
232 	}
233 	buf_drain(&bio->rbuf, linelen);
234 
235 	while(1) {
236 		line = bufio_getdelim_sync(bio, "\r\n", &linelen);
237 		if (line == NULL) {
238 			warnx("%s: bufio_getdelim_sync()", __func__);
239 			return -1;
240 		}
241 		if (*line == '\0') {
242 			buf_drain(&bio->rbuf, linelen);
243 			break;
244 		}
245 
246 		if (hasprfx(line, "content-type:")) {
247 			cp = strchr(line, ':') + 1;
248 			cp += strspn(cp, " \t");
249 			cp[strcspn(cp, " \t")] = '\0';
250 			if (strcmp(cp, expected_ctype) != 0) {
251 				warnx("server not using the \"smart\" "
252 				    "HTTP protocol.");
253 				return -1;
254 			}
255 		}
256 		if (hasprfx(line, "transfer-encoding:")) {
257 			cp = strchr(line, ':') + 1;
258 			cp += strspn(cp, " \t");
259 			cp[strcspn(cp, " \t")] = '\0';
260 			if (strcmp(cp, "chunked") != 0) {
261 				warnx("unknown transfer-encoding");
262 				return -1;
263 			}
264 			*chunked = 1;
265 		}
266 		buf_drain(&bio->rbuf, linelen);
267 	}
268 
269 	return 0;
270 }
271 
272 static ssize_t
273 http_read(struct bufio *bio, int chunked, size_t *chunksz, char *buf, size_t bufsz)
274 {
275 	const char	*errstr;
276 	char		*line = NULL;
277 	size_t		 r;
278 	ssize_t		 ret = 0, linelen;
279 
280 	if (!chunked)
281 		return bufio_drain_sync(bio, buf, bufsz);
282 
283 	while (bufsz > 0) {
284 		if (*chunksz == 0) {
285 		again:
286 			line = bufio_getdelim_sync(bio, "\r\n", &linelen);
287 			if (line == NULL) {
288 				buf_drain(&bio->rbuf, linelen);
289 				break;
290 			}
291 			if (*line == '\0') {
292 				buf_drain(&bio->rbuf, linelen);
293 				goto again; /* was the CRLF after the chunk */
294 			}
295 
296 			*chunksz = hexstrtonum(line, 0, INT_MAX, &errstr);
297 			if (errstr != NULL) {
298 				warnx("invalid HTTP chunk: size is %s (%s)",
299 				    errstr, line);
300 				ret = -1;
301 				break;
302 			}
303 
304 			if (*chunksz == 0) {
305 				buf_drain(&bio->rbuf, linelen);
306 				break;
307 			}
308 			buf_drain(&bio->rbuf, linelen);
309 		}
310 
311 		r = bufio_drain_sync(bio, buf, MINIMUM(*chunksz, bufsz));
312 		if (r == 0) {
313 			break;
314 		}
315 
316 		ret += r;
317 		buf += r;
318 		bufsz -= r;
319 		*chunksz -= r;
320 	}
321 
322 	return ret;
323 }
324 
325 static int
326 http_chunk(struct bufio *bio, const void *buf, size_t len)
327 {
328 	int r;
329 
330 	if (bufio_compose_fmt(bio, "%zx\r\n", len) ||
331 	    bufio_compose(bio, buf, len) ||
332 	    bufio_compose(bio, "\r\n", 2))
333 		return 1;
334 
335 	do {
336 		r = bufio_write(bio);
337 		if (r == -1 && errno != EAGAIN)
338 			errx(1, "bufio_read: %s", bufio_io_err(bio));
339 	} while (bio->wbuf.len != 0);
340 
341 	return 0;
342 }
343 
344 static int
345 get_refs(int https, const char *host, const char *port, const char *path)
346 {
347 	struct bufio		 bio;
348 	char			 buf[GOT_PKT_MAX];
349 	const struct got_error	*e;
350 	size_t			 chunksz = 0;
351 	ssize_t			 r;
352 	int			 skip;
353 	int			 chunked;
354 	int			 sock;
355 	int			 ret = -1;
356 
357 	if ((sock = dial(https, host, port)) == -1)
358 		return -1;
359 
360 	if (bufio_init(&bio)) {
361 		warnx("bufio_init");
362 		goto err;
363 	}
364 	bufio_set_fd(&bio, sock);
365 	if (https && bufio_starttls(&bio, host, 0, NULL, 0, NULL, 0) == -1) {
366 		warnx("bufio_starttls");
367 		goto err;
368 	}
369 
370 	if (http_open(&bio, https, "GET", host, port, path, "info/refs",
371 	    "service=git-upload-pack", NULL) == -1)
372 		goto err;
373 
374 	/* Fetch the initial reference announcement from the server. */
375 	if (http_parse_reply(&bio, &chunked, UPLOAD_PACK_ADV) == -1)
376 		goto err;
377 
378 	/* skip first pack; why git over http is like this? */
379 	r = http_read(&bio, chunked, &chunksz, buf, 4);
380 	if (r <= 0)
381 		goto err;
382 
383 	e = got_pkt_readlen(&skip, buf, verbose);
384 	if (e) {
385 		warnx("%s", e->msg);
386 		goto err;
387 	}
388 
389 	/* TODO: validate it's # service=git-upload-pack\n */
390 	while (skip > 0) {
391 		r = http_read(&bio, chunked, &chunksz, buf,
392 		    MINIMUM(skip, sizeof(buf)));
393 		if (r <= 0)
394 			goto err;
395 		skip -= r;
396 	}
397 
398 	for (;;) {
399 		r = http_read(&bio, chunked, &chunksz, buf, sizeof(buf));
400 		if (r == -1)
401 			goto err;
402 
403 		if (r == 0)
404 			break;
405 
406 		fwrite(buf, 1, r, stdout);
407 	}
408 
409 	fflush(stdout);
410 	ret = 0;
411 err:
412 	bufio_close_sync(&bio);
413 	bufio_free(&bio);
414 	return ret;
415 }
416 
417 static int
418 upload_request(int https, const char *host, const char *port, const char *path,
419     FILE *in)
420 {
421 	struct bufio		 bio;
422 	char			 buf[GOT_PKT_MAX];
423 	const struct got_error	*e;
424 	ssize_t			 r;
425 	size_t			 chunksz = 0;
426 	int			 t;
427 	int			 chunked;
428 	int			 sock;
429 	int			 ret = -1;
430 
431 	if ((sock = dial(https, host, port)) == -1)
432 		return -1;
433 
434 	if (bufio_init(&bio)) {
435 		warnx("bufio_init");
436 		goto err;
437 	}
438 	bufio_set_fd(&bio, sock);
439 	if (https && bufio_starttls(&bio, host, 0, NULL, 0, NULL, 0) == -1) {
440 		warnx("bufio_starttls");
441 		goto err;
442 	}
443 #ifndef PROFILE
444 	/* TODO: can we push this upwards such that get_refs() is covered? */
445 	if (pledge("stdio", NULL) == -1)
446 		err(1, "pledge");
447 #endif
448 	if (http_open(&bio, https, "POST", host, port, path, "git-upload-pack",
449 	    NULL, UPLOAD_PACK_REQ) == -1)
450 		goto err;
451 
452 	/*
453 	 * Read have/want lines generated by got-fetch-pack and forward
454 	 * them to the server in the POST request body.
455 	 */
456 	for (;;) {
457 		r = fread(buf, 1, 4, in);
458 		if (r != 4)
459 			goto err;
460 
461 		e = got_pkt_readlen(&t, buf, verbose);
462 		if (e) {
463 			warnx("%s", e->msg);
464 			goto err;
465 		}
466 
467 		if (t == 0) {
468 			const char *flushpkt = "0000";
469 			if (http_chunk(&bio, flushpkt, strlen(flushpkt)))
470 				goto err;
471 			continue; /* got-fetch-pack will send "done" */
472 		}
473 
474 		if (t < 6) {
475 			warnx("pktline len is too small");
476 			goto err;
477 		}
478 
479 		r = fread(buf + 4, 1, t - 4, in);
480 		if (r != t - 4)
481 			goto err;
482 
483 		if (http_chunk(&bio, buf, t))
484 			goto err;
485 
486 		/*
487 		 * Once got-fetch-pack is done the server will
488 		 * send pack file data.
489 		 */
490 		if (t == 9 && strncmp(buf + 4, "done\n", 5) == 0) {
491 			if (http_chunk(&bio, NULL, 0))
492 				goto err;
493 			break;
494 		}
495 	}
496 
497 	if (http_parse_reply(&bio, &chunked, UPLOAD_PACK_RES) == -1)
498 		goto err;
499 
500 	/* Fetch pack file data from server. */
501 	for (;;) {
502 		r = http_read(&bio, chunked, &chunksz, buf, sizeof(buf));
503 		if (r == -1)
504 			goto err;
505 
506 		if (r == 0)
507 			break;
508 
509 		fwrite(buf, 1, r, stdout);
510 	}
511 
512 	ret = 0;
513 err:
514 	bufio_close_sync(&bio);
515 	bufio_free(&bio);
516 	return ret;
517 }
518 
519 static __dead void
520 usage(void)
521 {
522 	fprintf(stderr, "usage: %s [-qv] proto host port path\n",
523 	     getprogname());
524 	exit(1);
525 }
526 
527 int
528 main(int argc, char **argv)
529 {
530 	struct pollfd	 pfd;
531 	const char	*host, *port;
532 	char		*path;
533 	int		 https = 0;
534 	int		 ch;
535 
536 #ifndef PROFILE
537 	if (pledge("stdio rpath inet dns unveil", NULL) == -1)
538 		err(1, "pledge");
539 #endif
540 
541 	while ((ch = getopt(argc, argv, "qv")) != -1) {
542 		switch (ch) {
543 		case 'q':
544 			verbose = -1;
545 			break;
546 		case 'v':
547 			verbose++;
548 			break;
549 		default:
550 			usage();
551 		}
552 	}
553 	argc -= optind;
554 	argv += optind;
555 
556 	if (argc != 4)
557 		usage();
558 
559 	https = strcmp(argv[0], "https") == 0;
560 #ifndef PROFILE
561 	if (https) {
562 		if (unveil("/etc/ssl/cert.pem", "r") == -1)
563 			err(1, "unveil /etc/ssl/cert.pem");
564 	} else {
565 		/* drop "rpath" */
566 		if (pledge("stdio inet dns unveil", NULL) == -1)
567 			err(1, "pledge");
568 	}
569 #else
570 	if (unveil("gmon.out", "rwc") != 0)
571 		err(1, "unveil gmon.out");
572 #endif
573 	if (unveil(NULL, NULL) == -1)
574 		err(1, "unveil NULL");
575 
576 	host = argv[1];
577 	port = argv[2];
578 	path = argv[3];
579 	got_path_strip_trailing_slashes(path);
580 
581 	if (get_refs(https, host, port, path) == -1)
582 		errx(1, "failed to get refs");
583 
584 	pfd.fd = 0;
585 	pfd.events = POLLIN;
586 	if (poll(&pfd, 1, INFTIM) == -1)
587 		err(1, "poll");
588 
589 	if ((ch = fgetc(stdin)) == EOF)
590 		return 0;
591 
592 	ungetc(ch, stdin);
593 	if (upload_request(https, host, port, path, stdin) == -1) {
594 		fflush(tmp);
595 		errx(1, "failed to upload request");
596 	}
597 
598 	return 0;
599 }