1 /*
2  * Copyright (c) 2020 Stefan Sperling <stsp@openbsd.org>
3  *
4  * Permission to use, copy, modify, and distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 #include <sys/types.h>
18 #include <sys/uio.h>
19 #include <sys/time.h>
20 
21 #include <stdint.h>
22 #include <limits.h>
23 #include <signal.h>
24 #include <stdio.h>
25 #include <stdlib.h>
26 #include <string.h>
27 #include <unistd.h>
28 #include <zlib.h>
29 
30 #include "got_compat.h"
31 
32 #include "got_error.h"
33 #include "got_object.h"
34 #include "got_path.h"
35 #include "got_repository.h"
36 
37 #include "got_lib_delta.h"
38 #include "got_lib_object.h"
39 #include "got_lib_privsep.h"
40 
41 #include "gotconfig.h"
42 
43 /* parse.y */
44 static volatile sig_atomic_t sigint_received;
45 
46 static void
47 catch_sigint(int signo)
48 {
49 	sigint_received = 1;
50 }
51 
52 static const struct got_error *
53 make_fetch_url(char **url, struct gotconfig_remote_repo *repo)
54 {
55 	const struct got_error *err = NULL;
56 	char *s = NULL, *p = NULL;
57 	const char *protocol, *server, *repo_path;
58 	int port;
59 
60 	*url = NULL;
61 
62 	if (repo->fetch_config && repo->fetch_config->protocol)
63 		protocol = repo->fetch_config->protocol;
64 	else
65 		protocol = repo->protocol;
66 	if (protocol == NULL)
67 		return got_error_fmt(GOT_ERR_PARSE_CONFIG,
68 		    "fetch protocol required for remote repository \"%s\"",
69 		    repo->name);
70 	if (asprintf(&s, "%s://", protocol) == -1)
71 		return got_error_from_errno("asprintf");
72 
73 	if (repo->fetch_config && repo->fetch_config->server)
74 		server = repo->fetch_config->server;
75 	else
76 		server = repo->server;
77 	if (server == NULL)
78 		return got_error_fmt(GOT_ERR_PARSE_CONFIG,
79 		    "fetch server required for remote repository \"%s\"",
80 		    repo->name);
81 	p = s;
82 	s = NULL;
83 	if (asprintf(&s, "%s%s", p, server) == -1) {
84 		err = got_error_from_errno("asprintf");
85 		goto done;
86 	}
87 	free(p);
88 	p = NULL;
89 
90 	if (repo->fetch_config && repo->fetch_config->server)
91 		port = repo->fetch_config->port;
92 	else
93 		port = repo->port;
94 	if (port) {
95 		p = s;
96 		s = NULL;
97 		if (asprintf(&s, "%s:%d", p, repo->port) == -1) {
98 			err = got_error_from_errno("asprintf");
99 			goto done;
100 		}
101 		free(p);
102 		p = NULL;
103 	}
104 
105 	if (repo->fetch_config && repo->fetch_config->repository)
106 		repo_path = repo->fetch_config->repository;
107 	else
108 		repo_path = repo->repository;
109 	if (repo_path == NULL)
110 		return got_error_fmt(GOT_ERR_PARSE_CONFIG,
111 		    "fetch repository path required for remote "
112 		    "repository \"%s\"", repo->name);
113 
114 	while (repo_path[0] == '/')
115 		repo_path++;
116 	p = s;
117 	s = NULL;
118 	if (asprintf(&s, "%s/%s", p, repo_path) == -1) {
119 		err = got_error_from_errno("asprintf");
120 		goto done;
121 	}
122 	free(p);
123 	p = NULL;
124 
125 	got_path_strip_trailing_slashes(s);
126 done:
127 	if (err) {
128 		free(s);
129 		free(p);
130 	} else
131 		*url = s;
132 	return err;
133 }
134 
135 static const struct got_error *
136 make_send_url(char **url, struct gotconfig_remote_repo *repo)
137 {
138 	const struct got_error *err = NULL;
139 	char *s = NULL, *p = NULL;
140 	const char *protocol, *server, *repo_path;
141 	int port;
142 
143 	*url = NULL;
144 
145 	if (repo->send_config && repo->send_config->protocol)
146 		protocol = repo->send_config->protocol;
147 	else
148 		protocol = repo->protocol;
149 	if (protocol == NULL)
150 		return got_error_fmt(GOT_ERR_PARSE_CONFIG,
151 		    "send protocol required for remote repository \"%s\"",
152 		    repo->name);
153 	if (asprintf(&s, "%s://", protocol) == -1)
154 		return got_error_from_errno("asprintf");
155 
156 	if (repo->send_config && repo->send_config->server)
157 		server = repo->send_config->server;
158 	else
159 		server = repo->server;
160 	if (server == NULL)
161 		return got_error_fmt(GOT_ERR_PARSE_CONFIG,
162 		    "send server required for remote repository \"%s\"",
163 		    repo->name);
164 	p = s;
165 	s = NULL;
166 	if (asprintf(&s, "%s%s", p, server) == -1) {
167 		err = got_error_from_errno("asprintf");
168 		goto done;
169 	}
170 	free(p);
171 	p = NULL;
172 
173 	if (repo->send_config && repo->send_config->server)
174 		port = repo->send_config->port;
175 	else
176 		port = repo->port;
177 	if (port) {
178 		p = s;
179 		s = NULL;
180 		if (asprintf(&s, "%s:%d", p, repo->port) == -1) {
181 			err = got_error_from_errno("asprintf");
182 			goto done;
183 		}
184 		free(p);
185 		p = NULL;
186 	}
187 
188 	if (repo->send_config && repo->send_config->repository)
189 		repo_path = repo->send_config->repository;
190 	else
191 		repo_path = repo->repository;
192 	if (repo_path == NULL)
193 		return got_error_fmt(GOT_ERR_PARSE_CONFIG,
194 		    "send repository path required for remote "
195 		    "repository \"%s\"", repo->name);
196 
197 	while (repo_path[0] == '/')
198 		repo_path++;
199 	p = s;
200 	s = NULL;
201 	if (asprintf(&s, "%s/%s", p, repo_path) == -1) {
202 		err = got_error_from_errno("asprintf");
203 		goto done;
204 	}
205 	free(p);
206 	p = NULL;
207 
208 	got_path_strip_trailing_slashes(s);
209 done:
210 	if (err) {
211 		free(s);
212 		free(p);
213 	} else
214 		*url = s;
215 	return err;
216 }
217 
218 static const struct got_error *
219 send_gotconfig_str(struct imsgbuf *ibuf, const char *value)
220 {
221 	size_t len = value ? strlen(value) : 0;
222 
223 	if (imsg_compose(ibuf, GOT_IMSG_GOTCONFIG_STR_VAL, 0, 0, -1,
224 	    value, len) == -1)
225 		return got_error_from_errno("imsg_compose GOTCONFIG_STR_VAL");
226 
227 	return got_privsep_flush_imsg(ibuf);
228 }
229 
230 static const struct got_error *
231 send_gotconfig_remotes(struct imsgbuf *ibuf,
232     struct gotconfig_remote_repo_list *remotes, int nremotes)
233 {
234 	const struct got_error *err = NULL;
235 	struct got_imsg_remotes iremotes;
236 	struct gotconfig_remote_repo *repo;
237 	char *fetch_url = NULL, *send_url = NULL;
238 
239 	iremotes.nremotes = nremotes;
240 	if (imsg_compose(ibuf, GOT_IMSG_GOTCONFIG_REMOTES, 0, 0, -1,
241 	    &iremotes, sizeof(iremotes)) == -1)
242 		return got_error_from_errno("imsg_compose GOTCONFIG_REMOTES");
243 
244 	err = got_privsep_flush_imsg(ibuf);
245 	imsg_clear(ibuf);
246 	if (err)
247 		return err;
248 
249 	TAILQ_FOREACH(repo, remotes, entry) {
250 		struct got_imsg_remote iremote;
251 		size_t len = sizeof(iremote);
252 		struct ibuf *wbuf;
253 		struct node_branch *branch;
254 		struct node_ref *ref;
255 		int nfetch_branches = 0, nsend_branches = 0, nfetch_refs = 0;
256 
257 		if (repo->fetch_config && repo->fetch_config->branch)
258 			branch = repo->fetch_config->branch;
259 		else
260 			branch = repo->branch;
261 		while (branch) {
262 			branch = branch->next;
263 			nfetch_branches++;
264 		}
265 
266 		if (repo->send_config && repo->send_config->branch)
267 			branch = repo->send_config->branch;
268 		else
269 			branch = repo->branch;
270 		while (branch) {
271 			branch = branch->next;
272 			nsend_branches++;
273 		}
274 
275 		ref = repo->fetch_ref;
276 		while (ref) {
277 			ref = ref->next;
278 			nfetch_refs++;
279 		}
280 
281 		iremote.nfetch_branches = nfetch_branches;
282 		iremote.nsend_branches = nsend_branches;
283 		iremote.nfetch_refs = nfetch_refs;
284 		iremote.mirror_references = repo->mirror_references;
285 		iremote.fetch_all_branches = repo->fetch_all_branches;
286 
287 		iremote.name_len = strlen(repo->name);
288 		len += iremote.name_len;
289 
290 		err = make_fetch_url(&fetch_url, repo);
291 		if (err)
292 			break;
293 		iremote.fetch_url_len = strlen(fetch_url);
294 		len += iremote.fetch_url_len;
295 
296 		err = make_send_url(&send_url, repo);
297 		if (err)
298 			break;
299 		iremote.send_url_len = strlen(send_url);
300 		len += iremote.send_url_len;
301 
302 		wbuf = imsg_create(ibuf, GOT_IMSG_GOTCONFIG_REMOTE, 0, 0, len);
303 		if (wbuf == NULL) {
304 			err = got_error_from_errno(
305 			    "imsg_create GOTCONFIG_REMOTE");
306 			break;
307 		}
308 
309 		if (imsg_add(wbuf, &iremote, sizeof(iremote)) == -1) {
310 			err = got_error_from_errno(
311 			    "imsg_add GOTCONFIG_REMOTE");
312 			ibuf_free(wbuf);
313 			break;
314 		}
315 
316 		if (imsg_add(wbuf, repo->name, iremote.name_len) == -1) {
317 			err = got_error_from_errno(
318 			    "imsg_add GOTCONFIG_REMOTE");
319 			ibuf_free(wbuf);
320 			break;
321 		}
322 		if (imsg_add(wbuf, fetch_url, iremote.fetch_url_len) == -1) {
323 			err = got_error_from_errno(
324 			    "imsg_add GOTCONFIG_REMOTE");
325 			ibuf_free(wbuf);
326 			break;
327 		}
328 		if (imsg_add(wbuf, send_url, iremote.send_url_len) == -1) {
329 			err = got_error_from_errno(
330 			    "imsg_add GOTCONFIG_REMOTE");
331 			ibuf_free(wbuf);
332 			break;
333 		}
334 
335 		wbuf->fd = -1;
336 		imsg_close(ibuf, wbuf);
337 		err = got_privsep_flush_imsg(ibuf);
338 		if (err)
339 			break;
340 
341 		free(fetch_url);
342 		fetch_url = NULL;
343 		free(send_url);
344 		send_url = NULL;
345 
346 		if (repo->fetch_config && repo->fetch_config->branch)
347 			branch = repo->fetch_config->branch;
348 		else
349 			branch = repo->branch;
350 		while (branch) {
351 			err = send_gotconfig_str(ibuf, branch->branch_name);
352 			if (err)
353 				break;
354 			branch = branch->next;
355 		}
356 
357 		if (repo->send_config && repo->send_config->branch)
358 			branch = repo->send_config->branch;
359 		else
360 			branch = repo->branch;
361 		while (branch) {
362 			err = send_gotconfig_str(ibuf, branch->branch_name);
363 			if (err)
364 				break;
365 			branch = branch->next;
366 		}
367 
368 		ref = repo->fetch_ref;
369 		while (ref) {
370 			err = send_gotconfig_str(ibuf, ref->ref_name);
371 			if (err)
372 				break;
373 			ref = ref->next;
374 		}
375 	}
376 
377 	free(fetch_url);
378 	free(send_url);
379 	return err;
380 }
381 
382 static const struct got_error *
383 validate_protocol(const char *protocol, const char *repo_name)
384 {
385 	static char msg[512];
386 
387 	if (strcmp(protocol, "ssh") != 0 &&
388 	    strcmp(protocol, "git+ssh") != 0 &&
389 	    strcmp(protocol, "git") != 0) {
390 		snprintf(msg, sizeof(msg),"unknown protocol \"%s\" "
391 		    "for remote repository \"%s\"", protocol, repo_name);
392 		return got_error_msg(GOT_ERR_PARSE_CONFIG, msg);
393 	}
394 
395 	return NULL;
396 }
397 
398 static const struct got_error *
399 validate_config(struct gotconfig *gotconfig)
400 {
401 	const struct got_error *err;
402 	struct gotconfig_remote_repo *repo, *repo2;
403 	static char msg[512];
404 
405 	TAILQ_FOREACH(repo, &gotconfig->remotes, entry) {
406 		if (repo->name == NULL) {
407 			return got_error_msg(GOT_ERR_PARSE_CONFIG,
408 			    "name required for remote repository");
409 		}
410 
411 		TAILQ_FOREACH(repo2, &gotconfig->remotes, entry) {
412 			if (repo == repo2 ||
413 			    strcmp(repo->name, repo2->name) != 0)
414 				continue;
415 			snprintf(msg, sizeof(msg),
416 			    "duplicate remote repository name '%s'",
417 			    repo->name);
418 			return got_error_msg(GOT_ERR_PARSE_CONFIG, msg);
419 		}
420 
421 		if (repo->server == NULL &&
422 		    (repo->fetch_config == NULL ||
423 		    repo->fetch_config->server == NULL) &&
424 		    (repo->send_config == NULL ||
425 		    repo->send_config->server == NULL)) {
426 			snprintf(msg, sizeof(msg),
427 			    "server required for remote repository \"%s\"",
428 			    repo->name);
429 			return got_error_msg(GOT_ERR_PARSE_CONFIG, msg);
430 		}
431 
432 		if (repo->protocol == NULL &&
433 		    (repo->fetch_config == NULL ||
434 		    repo->fetch_config->protocol == NULL) &&
435 		    (repo->send_config == NULL ||
436 		    repo->send_config->protocol == NULL)) {
437 			snprintf(msg, sizeof(msg),
438 			    "protocol required for remote repository \"%s\"",
439 			    repo->name);
440 			return got_error_msg(GOT_ERR_PARSE_CONFIG, msg);
441 		}
442 
443 		if (repo->protocol) {
444 			err = validate_protocol(repo->protocol, repo->name);
445 			if (err)
446 				return err;
447 		}
448 		if (repo->fetch_config && repo->fetch_config->protocol) {
449 			err = validate_protocol(repo->fetch_config->protocol,
450 			    repo->name);
451 			if (err)
452 				return err;
453 		}
454 		if (repo->send_config && repo->send_config->protocol) {
455 			err = validate_protocol(repo->send_config->protocol,
456 			    repo->name);
457 			if (err)
458 				return err;
459 		}
460 
461 		if (repo->repository == NULL &&
462 		    (repo->fetch_config == NULL ||
463 		    repo->fetch_config->repository == NULL) &&
464 		    (repo->send_config == NULL ||
465 		    repo->send_config->repository == NULL)) {
466 			snprintf(msg, sizeof(msg),
467 			    "repository path required for remote "
468 			    "repository \"%s\"", repo->name);
469 			return got_error_msg(GOT_ERR_PARSE_CONFIG, msg);
470 		}
471 	}
472 
473 	return NULL;
474 }
475 
476 int
477 main(int argc, char *argv[])
478 {
479 	const struct got_error *err = NULL;
480 	struct imsgbuf ibuf;
481 	struct gotconfig *gotconfig = NULL;
482 	size_t datalen;
483 	const char *filename = "got.conf";
484 #if 0
485 	static int attached;
486 
487 	while (!attached)
488 		sleep(1);
489 #endif
490 	signal(SIGINT, catch_sigint);
491 
492 	imsg_init(&ibuf, GOT_IMSG_FD_CHILD);
493 
494 #ifndef PROFILE
495 	/* revoke access to most system calls */
496 	if (pledge("stdio recvfd", NULL) == -1) {
497 		err = got_error_from_errno("pledge");
498 		got_privsep_send_error(&ibuf, err);
499 		return 1;
500 	}
501 #endif
502 
503 	if (argc > 1)
504 		filename = argv[1];
505 
506 	for (;;) {
507 		struct imsg imsg;
508 
509 		memset(&imsg, 0, sizeof(imsg));
510 		imsg.fd = -1;
511 
512 		if (sigint_received) {
513 			err = got_error(GOT_ERR_CANCELLED);
514 			break;
515 		}
516 
517 		err = got_privsep_recv_imsg(&imsg, &ibuf, 0);
518 		if (err) {
519 			if (err->code == GOT_ERR_PRIVSEP_PIPE)
520 				err = NULL;
521 			break;
522 		}
523 
524 		if (imsg.hdr.type == GOT_IMSG_STOP)
525 			break;
526 
527 		switch (imsg.hdr.type) {
528 		case GOT_IMSG_GOTCONFIG_PARSE_REQUEST:
529 			datalen = imsg.hdr.len - IMSG_HEADER_SIZE;
530 			if (datalen != 0) {
531 				err = got_error(GOT_ERR_PRIVSEP_LEN);
532 				break;
533 			}
534 			if (imsg.fd == -1){
535 				err = got_error(GOT_ERR_PRIVSEP_NO_FD);
536 				break;
537 			}
538 
539 			if (gotconfig)
540 				gotconfig_free(gotconfig);
541 			err = gotconfig_parse(&gotconfig, filename, &imsg.fd);
542 			if (err)
543 				break;
544 			err = validate_config(gotconfig);
545 			break;
546 		case GOT_IMSG_GOTCONFIG_AUTHOR_REQUEST:
547 			if (gotconfig == NULL) {
548 				err = got_error(GOT_ERR_PRIVSEP_MSG);
549 				break;
550 			}
551 			err = send_gotconfig_str(&ibuf,
552 			    gotconfig->author ?  gotconfig->author : "");
553 			break;
554 		case GOT_IMSG_GOTCONFIG_REMOTES_REQUEST:
555 			if (gotconfig == NULL) {
556 				err = got_error(GOT_ERR_PRIVSEP_MSG);
557 				break;
558 			}
559 			err = send_gotconfig_remotes(&ibuf,
560 			    &gotconfig->remotes, gotconfig->nremotes);
561 			break;
562 		default:
563 			err = got_error(GOT_ERR_PRIVSEP_MSG);
564 			break;
565 		}
566 
567 		if (imsg.fd != -1) {
568 			if (close(imsg.fd) == -1 && err == NULL)
569 				err = got_error_from_errno("close");
570 		}
571 
572 		imsg_free(&imsg);
573 		if (err)
574 			break;
575 	}
576 
577 	imsg_clear(&ibuf);
578 	if (err) {
579 		if (!sigint_received && err->code != GOT_ERR_PRIVSEP_PIPE) {
580 			fprintf(stderr, "%s: %s\n", getprogname(), err->msg);
581 			got_privsep_send_error(&ibuf, err);
582 		}
583 	}
584 	if (close(GOT_IMSG_FD_CHILD) == -1 && err == NULL)
585 		err = got_error_from_errno("close");
586 	return err ? 1 : 0;
587 }