2 * Copyright (c) 2022 Stefan Sperling <stsp@openbsd.org>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 #define GOTD_UNIX_SOCKET "/var/run/gotd.sock"
19 #define GOTD_UNIX_SOCKET_BACKLOG 10
20 #define GOTD_USER "_gotd"
21 #define GOTD_CONF_PATH "/etc/gotd.conf"
22 #define GOTD_EMPTY_PATH "/var/empty"
24 #define GOTD_MAXCLIENTS 1024
25 #define GOTD_MAX_CONN_PER_UID 4
26 #define GOTD_FD_RESERVE 5
27 #define GOTD_FD_NEEDED 6
28 #define GOTD_FILENO_MSG_PIPE 3
30 #define GOTD_DEFAULT_REQUEST_TIMEOUT 3600
32 /* Client hash tables need some extra room. */
33 #define GOTD_CLIENT_TABLE_SIZE (GOTD_MAXCLIENTS * 4)
49 void (*handler)(int, short, void *);
56 GOTD_ACCESS_PERMITTED = 1,
60 struct gotd_access_rule {
61 STAILQ_ENTRY(gotd_access_rule) entry;
63 enum gotd_access access;
66 #define GOTD_AUTH_READ 0x1
67 #define GOTD_AUTH_WRITE 0x2
71 STAILQ_HEAD(gotd_access_rule_list, gotd_access_rule);
74 TAILQ_ENTRY(gotd_repo) entry;
79 struct gotd_access_rule_list rules;
80 struct got_pathlist_head protected_tag_namespaces;
81 struct got_pathlist_head protected_branch_namespaces;
82 struct got_pathlist_head protected_branches;
84 TAILQ_HEAD(gotd_repolist, gotd_repo);
86 enum gotd_session_state {
87 GOTD_STATE_EXPECT_LIST_REFS,
88 GOTD_STATE_EXPECT_CAPABILITIES,
89 GOTD_STATE_EXPECT_WANT,
90 GOTD_STATE_EXPECT_REF_UPDATE,
91 GOTD_STATE_EXPECT_MORE_REF_UPDATES,
92 GOTD_STATE_EXPECT_HAVE,
93 GOTD_STATE_EXPECT_PACKFILE,
94 GOTD_STATE_EXPECT_DONE,
98 struct gotd_client_capability {
103 struct gotd_object_id_array {
104 struct got_object_id **ids;
109 struct gotd_uid_connection_limit {
114 struct gotd_child_proc;
118 char unix_socket_path[PATH_MAX];
120 struct gotd_repolist repos;
122 struct gotd_child_proc *listen_proc;
123 struct timeval request_timeout;
124 struct timeval auth_timeout;
125 struct gotd_uid_connection_limit *connection_limits;
126 size_t nconnection_limits;
129 const char *confpath;
134 enum gotd_imsg_type {
135 /* An error occured while processing a request. */
138 /* Commands used by gotctl(8). */
141 GOTD_IMSG_INFO_CLIENT,
144 /* Request a list of references. */
146 GOTD_IMSG_LIST_REFS_INTERNAL,
153 /* Git protocol capabilities. */
154 GOTD_IMSG_CAPABILITIES,
155 GOTD_IMSG_CAPABILITY,
157 /* Git protocol chatter. */
158 GOTD_IMSG_WANT, /* The client wants an object. */
159 GOTD_IMSG_HAVE, /* The client has an object. */
160 GOTD_IMSG_ACK, /* The server has an object or a reference. */
161 GOTD_IMSG_NAK, /* The server does not have an object/ref. */
162 GOTD_IMSG_REF_UPDATE, /* The client wants to update a reference. */
163 GOTD_IMSG_REF_DELETE, /* The client wants to delete a reference. */
164 GOTD_IMSG_FLUSH, /* The client sent a flush packet. */
165 GOTD_IMSG_DONE, /* The client is done chatting. */
167 /* Sending or receiving a pack file. */
168 GOTD_IMSG_SEND_PACKFILE, /* The server is sending a pack file. */
169 GOTD_IMSG_RECV_PACKFILE, /* The server is receiving a pack file. */
170 GOTD_IMSG_PACKIDX_FILE, /* Temporary file handle for new pack index. */
171 GOTD_IMSG_PACKFILE_PIPE, /* Pipe to send/receive a pack file stream. */
172 GOTD_IMSG_PACKFILE_PROGRESS, /* Progress reporting. */
173 GOTD_IMSG_PACKFILE_READY, /* Pack file is ready to be sent. */
174 GOTD_IMSG_PACKFILE_STATUS, /* Received pack success/failure status. */
175 GOTD_IMSG_PACKFILE_INSTALL, /* Received pack file can be installed. */
176 GOTD_IMSG_PACKFILE_DONE, /* Pack file has been sent/received. */
178 /* Reference updates. */
179 GOTD_IMSG_REF_UPDATES_START, /* Ref updates starting. */
180 GOTD_IMSG_REF_UPDATE_OK, /* Update went OK. */
181 GOTD_IMSG_REF_UPDATE_NG, /* Update was not good. */
182 GOTD_IMSG_REFS_UPDATED, /* The server proccessed all ref updates. */
184 /* Client connections. */
185 GOTD_IMSG_DISCONNECT,
188 /* Child process management. */
189 GOTD_IMSG_CLIENT_SESSION_READY,
190 GOTD_IMSG_REPO_CHILD_READY,
191 GOTD_IMSG_CONNECT_REPO_CHILD,
193 /* Auth child process. */
194 GOTD_IMSG_AUTHENTICATE,
195 GOTD_IMSG_ACCESS_GRANTED,
198 /* Structure for GOTD_IMSG_ERROR. */
199 struct gotd_imsg_error {
200 int code; /* an error code from got_error.h */
201 int errno_code; /* in case code equals GOT_ERR_ERRNO */
203 char msg[GOT_ERR_MAX_MSG_SIZE];
204 } __attribute__((__packed__));
206 /* Structure for GOTD_IMSG_INFO. */
207 struct gotd_imsg_info {
213 /* Followed by nrepos GOTD_IMSG_INFO_REPO messages. */
214 /* Followed by nclients GOTD_IMSG_INFO_CLIENT messages. */
217 /* Structure for GOTD_IMSG_INFO_REPO. */
218 struct gotd_imsg_info_repo {
219 char repo_name[NAME_MAX];
220 char repo_path[PATH_MAX];
223 /* Structure for GOTD_IMSG_INFO_CLIENT */
224 struct gotd_imsg_info_client {
227 char repo_name[NAME_MAX];
229 pid_t session_child_pid;
230 pid_t repo_child_pid;
233 /* Structure for GOTD_IMSG_LIST_REFS. */
234 struct gotd_imsg_list_refs {
235 char repo_name[NAME_MAX];
236 int client_is_reading; /* 1 if reading, 0 if writing */
239 /* Structure for GOTD_IMSG_LIST_REFS_INTERNAL. */
240 struct gotd_imsg_list_refs_internal {
244 /* Structure for GOTD_IMSG_REFLIST. */
245 struct gotd_imsg_reflist {
248 /* Followed by nrefs times of gotd_imsg_ref/gotd_imsg_symref data. */
249 } __attribute__((__packed__));
251 /* Structure for GOTD_IMSG_REF data. */
252 struct gotd_imsg_ref {
253 uint8_t id[SHA1_DIGEST_LENGTH];
255 /* Followed by name_len data bytes. */
256 } __attribute__((__packed__));
258 /* Structure for GOTD_IMSG_SYMREF data. */
259 struct gotd_imsg_symref {
262 uint8_t target_id[SHA1_DIGEST_LENGTH];
265 * Followed by name_len + target_len data bytes.
267 } __attribute__((__packed__));
269 /* Structure for GOTD_IMSG_CAPABILITIES data. */
270 struct gotd_imsg_capabilities {
271 size_t ncapabilities;
274 * Followed by ncapabilities * GOTD_IMSG_CAPABILITY.
276 } __attribute__((__packed__));
278 /* Structure for GOTD_IMSG_CAPABILITY data. */
279 struct gotd_imsg_capability {
284 * Followed by key_len + value_len data bytes.
286 } __attribute__((__packed__));
288 /* Structure for GOTD_IMSG_WANT data. */
289 struct gotd_imsg_want {
290 uint8_t object_id[SHA1_DIGEST_LENGTH];
292 } __attribute__((__packed__));
294 /* Structure for GOTD_IMSG_HAVE data. */
295 struct gotd_imsg_have {
296 uint8_t object_id[SHA1_DIGEST_LENGTH];
298 } __attribute__((__packed__));
300 /* Structure for GOTD_IMSG_ACK data. */
301 struct gotd_imsg_ack {
302 uint8_t object_id[SHA1_DIGEST_LENGTH];
304 } __attribute__((__packed__));
306 /* Structure for GOTD_IMSG_NAK data. */
307 struct gotd_imsg_nak {
308 uint8_t object_id[SHA1_DIGEST_LENGTH];
310 } __attribute__((__packed__));
312 /* Structure for GOTD_IMSG_PACKFILE_STATUS data. */
313 struct gotd_imsg_packfile_status {
316 /* Followed by reason_len data bytes. */
317 } __attribute__((__packed__));
320 /* Structure for GOTD_IMSG_REF_UPDATE data. */
321 struct gotd_imsg_ref_update {
322 uint8_t old_id[SHA1_DIGEST_LENGTH];
323 uint8_t new_id[SHA1_DIGEST_LENGTH];
329 /* Followed by name_len data bytes. */
330 } __attribute__((__packed__));
332 /* Structure for GOTD_IMSG_REF_UPDATES_START data. */
333 struct gotd_imsg_ref_updates_start {
337 /* Followed by nref_updates GOT_IMSG_REF_UPDATE_OK/NG messages. */
340 /* Structure for GOTD_IMSG_REF_UPDATE_OK data. */
341 struct gotd_imsg_ref_update_ok {
342 uint8_t old_id[SHA1_DIGEST_LENGTH];
343 uint8_t new_id[SHA1_DIGEST_LENGTH];
348 /* Followed by name_len data bytes. */
349 } __attribute__((__packed__));
351 /* Structure for GOTD_IMSG_REF_UPDATE_NG data. */
352 struct gotd_imsg_ref_update_ng {
353 uint8_t old_id[SHA1_DIGEST_LENGTH];
354 uint8_t new_id[SHA1_DIGEST_LENGTH];
359 /* Followed by name_len + reason_len data bytes. */
360 } __attribute__((__packed__));
362 /* Structure for GOTD_IMSG_SEND_PACKFILE data. */
363 struct gotd_imsg_send_packfile {
367 /* delta cache file is sent as a file descriptor */
369 /* followed by two GOTD_IMSG_PACKFILE_PIPE messages */
372 /* Structure for GOTD_IMSG_RECV_PACKFILE data. */
373 struct gotd_imsg_recv_packfile {
377 /* pack destination temp file is sent as a file descriptor */
380 /* Structure for GOTD_IMSG_PACKFILE_PIPE data. */
381 struct gotd_imsg_packfile_pipe {
385 /* Structure for GOTD_IMSG_PACKIDX_FILE data. */
386 struct gotd_imsg_packidx_file {
392 * Structure for GOTD_IMSG_PACKFILE_PROGRESS and
393 * GOTD_IMSG_PACKFILE_READY data.
395 struct gotd_imsg_packfile_progress {
407 /* Structure for GOTD_IMSG_PACKFILE_INSTALL. */
408 struct gotd_imsg_packfile_install {
410 uint8_t pack_sha1[SHA1_DIGEST_LENGTH];
413 /* Structure for GOTD_IMSG_PACKFILE_DONE data. */
414 struct gotd_imsg_packfile_done {
418 /* Structure for GOTD_IMSG_DISCONNECT data. */
419 struct gotd_imsg_disconnect {
423 /* Structure for GOTD_IMSG_CONNECT. */
424 struct gotd_imsg_connect {
430 /* Structure for GOTD_IMSG_CONNECT_REPO_CHILD. */
431 struct gotd_imsg_connect_repo_child {
433 enum gotd_procid proc_id;
435 /* repo child imsg pipe is passed via imsg fd */
438 /* Structure for GOTD_IMSG_AUTHENTICATE. */
439 struct gotd_imsg_auth {
446 int parse_config(const char *, enum gotd_procid, struct gotd *);
447 struct gotd_repo *gotd_find_repo_by_name(const char *, struct gotd *);
448 struct gotd_repo *gotd_find_repo_by_path(const char *, struct gotd *);
449 struct gotd_uid_connection_limit *gotd_find_uid_connection_limit(
450 struct gotd_uid_connection_limit *limits, size_t nlimits, uid_t uid);
451 int gotd_parseuid(const char *s, uid_t *uid);
454 const struct got_error *gotd_imsg_flush(struct imsgbuf *);
455 const struct got_error *gotd_imsg_recv(struct imsg *, struct imsgbuf *, size_t);
456 const struct got_error *gotd_imsg_poll_recv(struct imsg *, struct imsgbuf *,
458 const struct got_error *gotd_imsg_recv_error(uint32_t *client_id,
460 int gotd_imsg_send_error(struct imsgbuf *ibuf, uint32_t, uint32_t,
461 const struct got_error *);
462 int gotd_imsg_send_error_event(struct gotd_imsgev *, uint32_t, uint32_t,
463 const struct got_error *);
464 void gotd_imsg_event_add(struct gotd_imsgev *);
465 int gotd_imsg_compose_event(struct gotd_imsgev *, uint16_t, uint32_t, int,
467 int gotd_imsg_forward(struct gotd_imsgev *, struct imsg *, int);
469 void gotd_imsg_send_ack(struct got_object_id *, struct imsgbuf *,
471 void gotd_imsg_send_nak(struct got_object_id *, struct imsgbuf *,