Gotweb

Blob

Date:: Sun Apr 28 20:13:30 2024 UTC
Message:: got-fetch-http: backout GET request URL fix It broke the clone regression test.
Actions:: History | Blame | Raw File
1 /*
2  * Copyright (c) 2024 Tobias Heider <me@tobhe.de>
3  * Copyright (c) 2022 Omar Polo <op@openbsd.org>
4  *
5  * Permission to use, copy, modify, and distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16  */
17 
18 #include <sys/types.h>
19 #include <sys/socket.h>
20 
21 #include <err.h>
22 #include <errno.h>
23 #include <limits.h>
24 #include <netdb.h>
25 #include <poll.h>
26 #include <stdio.h>
27 #include <stdlib.h>
28 #include <string.h>
29 #include <tls.h>
30 #include <unistd.h>
31 
32 #include "got_error.h"
33 #include "got_version.h"
34 
35 #include "got_lib_pkt.h"
36 
37 #include "bufio.h"
38 
39 #define UPLOAD_PACK_ADV "application/x-git-upload-pack-advertisement"
40 #define UPLOAD_PACK_REQ "application/x-git-upload-pack-request"
41 #define UPLOAD_PACK_RES "application/x-git-upload-pack-result"
42 
43 #define	GOT_USERAGENT	"got/" GOT_VERSION_STR
44 #define MINIMUM(a, b)	((a) < (b) ? (a) : (b))
45 #define hasprfx(str, p)	(strncasecmp(str, p, strlen(p)) == 0)
46 
47 FILE *tmp;
48 
49 static int	verbose;
50 
51 static char *
52 bufio_getdelim_sync(struct bufio *bio, const char *nl, size_t *len)
53 {
54 	int	r;
55 
56 	do {
57 		r = bufio_read(bio);
58 		if (r == -1 && errno != EAGAIN)
59 			errx(1, "bufio_read: %s", bufio_io_err(bio));
60 	} while (r == -1 && errno == EAGAIN);
61 	return buf_getdelim(&bio->rbuf, nl, len);
62 }
63 
64 static size_t
65 bufio_drain_sync(struct bufio *bio, void *d, size_t len)
66 {
67 	int	r;
68 
69 	do {
70 		r = bufio_read(bio);
71 		if (r == -1 && errno != EAGAIN)
72 			errx(1, "bufio_read: %s", bufio_io_err(bio));
73 	} while (r == -1 && errno == EAGAIN);
74 	return bufio_drain(bio, d, len);
75 }
76 
77 static void
78 bufio_close_sync(struct bufio *bio)
79 {
80 	int	 r;
81 
82 	do {
83 		r = bufio_close(bio);
84 		if (r == -1 && errno == EAGAIN)
85 			errx(1, "bufio_read: %s", bufio_io_err(bio));
86 	} while (r == -1 && errno == EAGAIN);
87 }
88 
89 static long long
90 hexstrtonum(const char *str, long long min, long long max, const char **errstr)
91 {
92 	long long	 lval;
93 	char		*cp;
94 
95 	errno = 0;
96 	lval = strtoll(str, &cp, 16);
97 	if (*str == '\0' || *cp != '\0') {
98 		*errstr = "not a number";
99 		return 0;
100 	}
101 	if ((errno == ERANGE && (lval == LONG_MAX || lval == LONG_MIN)) ||
102 	    lval < min || lval > max) {
103 		*errstr = "out of range";
104 		return 0;
105 	}
106 
107 	*errstr = NULL;
108 	return lval;
109 }
110 
111 static int
112 dial(int https, const char *host, const char *port)
113 {
114 	struct addrinfo		 hints, *res, *res0;
115 	int			 error, saved_errno, fd = -1;
116 	const char		*cause = NULL;
117 
118 	memset(&hints, 0, sizeof(hints));
119 	hints.ai_family = AF_UNSPEC;
120 	hints.ai_socktype = SOCK_STREAM;
121 	error = getaddrinfo(host, port, &hints, &res0);
122 	if (error) {
123 		warnx("%s", gai_strerror(error));
124 		return -1;
125 	}
126 
127 	for (res = res0; res; res = res->ai_next) {
128 		fd = socket(res->ai_family, res->ai_socktype,
129 		    res->ai_protocol);
130 		if (fd == -1) {
131 			cause = "socket";
132 			continue;
133 		}
134 
135 		if (connect(fd, res->ai_addr, res->ai_addrlen) == 0)
136 			break;
137 
138 		cause = "connect";
139 		saved_errno = errno;
140 		close(fd);
141 		fd = -1;
142 		errno = saved_errno;
143 	}
144 	freeaddrinfo(res0);
145 
146 	if (fd == -1) {
147 		warn("%s", cause);
148 		return -1;
149 	}
150 
151 	return fd;
152 }
153 
154 static int
155 http_open(struct bufio *bio, int https, const char *method, const char *host, const char *port,
156     const char *path, const char *path_sufx, const char *query, const char *ctype)
157 {
158 	const char	*chdr = NULL, *te = "";
159 	char		*p, *req;
160 	int		 r;
161 	
162 	if (path_sufx != NULL && *path && path[strlen(path) - 1] == '/')
163 		path_sufx++; /* skip the slash */
164 
165 	if (strcmp(method, "POST") == 0)
166 		te = "\r\nTransfer-Encoding: chunked\r\n";
167 
168 	if (ctype)
169 		chdr = "Content-Type: ";
170 
171 	r = asprintf(&p, "%s/%s%s%s", path, path_sufx,
172 	    query ? "?" : "", query ? query : "");
173 	if (r == -1)
174 		err(1, "asprintf");
175 
176 	r = asprintf(&req, "%s %s HTTP/1.1\r\n"
177 	    "Host: %s\r\n"
178 	    "Connection: close\r\n"
179 	    "User-agent: %s\r\n"
180 	    "%s%s%s\r\n",
181 	    method, p, host, GOT_USERAGENT,
182 	    chdr ? chdr : "", ctype ? ctype : "", te);
183 	if (r == -1)
184 		err(1, "asprintf");
185 	free(p);
186 
187 	if (verbose > 0)
188 		fprintf(stderr, "%s: request: %s\n", getprogname(), req);
189 	
190 
191 	r = bufio_compose(bio, req, r);
192 	if (r == -1)
193 		err(1, "bufio_compose_fmt");
194 	free(req);
195 
196 	do {
197 		r = bufio_write(bio);
198 		if (r == -1 && errno != EAGAIN)
199 			errx(1, "bufio_read: %s", bufio_io_err(bio));
200 	} while (bio->wbuf.len != 0);
201 
202 	return 0;
203 }
204 
205 static int
206 http_parse_reply(struct bufio *bio, int *chunked, const char *expected_ctype)
207 {
208 	char		*cp, *line;
209 	size_t		 linelen;
210 
211 	*chunked = 0;
212 
213 	line = bufio_getdelim_sync(bio, "\r\n", &linelen);
214 	if (line == NULL) {
215 		warnx("%s: bufio_getdelim_sync()", __func__);
216 		return -1;
217 	}
218 
219 	if (verbose > 0)
220 		fprintf(stderr, "%s: response: %s\n", getprogname(), line);
221 
222 	if ((cp = strchr(line, ' ')) == NULL) {
223 		warnx("malformed HTTP response");
224 		return -1;
225 	}
226 	cp++;
227 
228 	if (strncmp(cp, "200 ", 4) != 0) {
229 		warnx("malformed HTTP response");
230 		return -1;
231 	}
232 	buf_drain(&bio->rbuf, linelen);
233 
234 	while(1) {
235 		line = bufio_getdelim_sync(bio, "\r\n", &linelen);
236 		if (line == NULL) {
237 			warnx("%s: bufio_getdelim_sync()", __func__);
238 			return -1;
239 		}
240 		if (*line == '\0') {
241 			buf_drain(&bio->rbuf, linelen);
242 			break;
243 		}
244 
245 		if (hasprfx(line, "content-type:")) {
246 			cp = strchr(line, ':') + 1;
247 			cp += strspn(cp, " \t");
248 			cp[strcspn(cp, " \t")] = '\0';
249 			if (strcmp(cp, expected_ctype) != 0) {
250 				warnx("server not using the \"smart\" "
251 				    "HTTP protocol.");
252 				return -1;
253 			}
254 		}
255 		if (hasprfx(line, "transfer-encoding:")) {
256 			cp = strchr(line, ':') + 1;
257 			cp += strspn(cp, " \t");
258 			cp[strcspn(cp, " \t")] = '\0';
259 			if (strcmp(cp, "chunked") != 0) {
260 				warnx("unknown transfer-encoding");
261 				return -1;
262 			}
263 			*chunked = 1;
264 		}
265 		buf_drain(&bio->rbuf, linelen);
266 	}
267 
268 	return 0;
269 }
270 
271 static ssize_t
272 http_read(struct bufio *bio, int chunked, size_t *chunksz, char *buf, size_t bufsz)
273 {
274 	const char	*errstr;
275 	char		*line = NULL;
276 	size_t		 r;
277 	ssize_t		 ret = 0, linelen;
278 
279 	if (!chunked)
280 		return bufio_drain_sync(bio, buf, bufsz);
281 
282 	while (bufsz > 0) {
283 		if (*chunksz == 0) {
284 		again:
285 			line = bufio_getdelim_sync(bio, "\r\n", &linelen);
286 			if (line == NULL) {
287 				buf_drain(&bio->rbuf, linelen);
288 				break;
289 			}
290 			if (*line == '\0') {
291 				buf_drain(&bio->rbuf, linelen);
292 				goto again; /* was the CRLF after the chunk */
293 			}
294 
295 			*chunksz = hexstrtonum(line, 0, INT_MAX, &errstr);
296 			if (errstr != NULL) {
297 				warnx("invalid HTTP chunk: size is %s (%s)",
298 				    errstr, line);
299 				ret = -1;
300 				break;
301 			}
302 
303 			if (*chunksz == 0) {
304 				buf_drain(&bio->rbuf, linelen);
305 				break;
306 			}
307 			buf_drain(&bio->rbuf, linelen);
308 		}
309 
310 		r = bufio_drain_sync(bio, buf, MINIMUM(*chunksz, bufsz));
311 		if (r == 0) {
312 			break;
313 		}
314 
315 		ret += r;
316 		buf += r;
317 		bufsz -= r;
318 		*chunksz -= r;
319 	}
320 
321 	return ret;
322 }
323 
324 static int
325 http_chunk(struct bufio *bio, const void *buf, size_t len)
326 {
327 	int r;
328 
329 	if (bufio_compose_fmt(bio, "%zx\r\n", len) ||
330 	    bufio_compose(bio, buf, len) ||
331 	    bufio_compose(bio, "\r\n", 2))
332 		return 1;
333 
334 	do {
335 		r = bufio_write(bio);
336 		if (r == -1 && errno != EAGAIN)
337 			errx(1, "bufio_read: %s", bufio_io_err(bio));
338 	} while (bio->wbuf.len != 0);
339 
340 	return 0;
341 }
342 
343 static int
344 get_refs(int https, const char *host, const char *port, const char *path)
345 {
346 	struct bufio		 bio;
347 	char			 buf[GOT_PKT_MAX];
348 	const struct got_error	*e;
349 	const char		*sufx = "/info/refs";
350 	size_t			 chunksz = 0;
351 	ssize_t			 r;
352 	int			 skip;
353 	int			 chunked;
354 	int			 sock;
355 	int			 ret = -1;
356 
357 	if ((sock = dial(https, host, port)) == -1)
358 		return -1;
359 
360 	if (bufio_init(&bio)) {
361 		warnx("bufio_init");
362 		goto err;
363 	}
364 	bufio_set_fd(&bio, sock);
365 	if (https && bufio_starttls(&bio, host, 0, NULL, 0, NULL, 0) == -1) {
366 		warnx("bufio_starttls");
367 		goto err;
368 	}
369 
370 	if (http_open(&bio, https, "GET", host, port, path, sufx,
371 	    "service=git-upload-pack", NULL) == -1)
372 		goto err;
373 
374 	/* Fetch the initial reference announcement from the server. */
375 	if (http_parse_reply(&bio, &chunked, UPLOAD_PACK_ADV) == -1)
376 		goto err;
377 
378 	/* skip first pack; why git over http is like this? */
379 	r = http_read(&bio, chunked, &chunksz, buf, 4);
380 	if (r <= 0)
381 		goto err;
382 
383 	e = got_pkt_readlen(&skip, buf, verbose);
384 	if (e) {
385 		warnx("%s", e->msg);
386 		goto err;
387 	}
388 
389 	/* TODO: validate it's # service=git-upload-pack\n */
390 	while (skip > 0) {
391 		r = http_read(&bio, chunked, &chunksz, buf,
392 		    MINIMUM(skip, sizeof(buf)));
393 		if (r <= 0)
394 			goto err;
395 		skip -= r;
396 	}
397 
398 	for (;;) {
399 		r = http_read(&bio, chunked, &chunksz, buf, sizeof(buf));
400 		if (r == -1)
401 			goto err;
402 
403 		if (r == 0)
404 			break;
405 
406 		fwrite(buf, 1, r, stdout);
407 	}
408 
409 	fflush(stdout);
410 	ret = 0;
411 err:
412 	bufio_close_sync(&bio);
413 	bufio_free(&bio);
414 	return ret;
415 }
416 
417 static int
418 upload_request(int https, const char *host, const char *port, const char *path,
419     FILE *in)
420 {
421 	struct bufio		 bio;
422 	char			 buf[GOT_PKT_MAX];
423 	const struct got_error	*e;
424 	ssize_t			 r;
425 	size_t			 chunksz = 0;
426 	int			 t;
427 	int			 chunked;
428 	int			 sock;
429 	int			 ret = -1;
430 
431 	if ((sock = dial(https, host, port)) == -1)
432 		return -1;
433 
434 	if (bufio_init(&bio)) {
435 		warnx("bufio_init");
436 		goto err;
437 	}
438 	bufio_set_fd(&bio, sock);
439 	if (https && bufio_starttls(&bio, host, 0, NULL, 0, NULL, 0) == -1) {
440 		warnx("bufio_starttls");
441 		goto err;
442 	}
443 #ifndef PROFILE
444 	/* TODO: can we push this upwards such that get_refs() is covered? */
445 	if (pledge("stdio", NULL) == -1)
446 		err(1, "pledge");
447 #endif
448 	if (http_open(&bio, https, "POST", host, port, path, "/git-upload-pack",
449 	    NULL, UPLOAD_PACK_REQ) == -1)
450 		goto err;
451 
452 	/*
453 	 * Read have/want lines generated by got-fetch-pack and forward
454 	 * them to the server in the POST request body.
455 	 */
456 	for (;;) {
457 		r = fread(buf, 1, 4, in);
458 		if (r != 4)
459 			goto err;
460 
461 		e = got_pkt_readlen(&t, buf, verbose);
462 		if (e) {
463 			warnx("%s", e->msg);
464 			goto err;
465 		}
466 
467 		if (t == 0) {
468 			const char *flushpkt = "0000";
469 			if (http_chunk(&bio, flushpkt, strlen(flushpkt)))
470 				goto err;
471 			continue; /* got-fetch-pack will send "done" */
472 		}
473 
474 		if (t < 6) {
475 			warnx("pktline len is too small");
476 			goto err;
477 		}
478 
479 		r = fread(buf + 4, 1, t - 4, in);
480 		if (r != t - 4)
481 			goto err;
482 
483 		if (http_chunk(&bio, buf, t))
484 			goto err;
485 
486 		/*
487 		 * Once got-fetch-pack is done the server will
488 		 * send pack file data.
489 		 */
490 		if (t == 9 && strncmp(buf + 4, "done\n", 5) == 0) {
491 			if (http_chunk(&bio, NULL, 0))
492 				goto err;
493 			break;
494 		}
495 	}
496 
497 	if (http_parse_reply(&bio, &chunked, UPLOAD_PACK_RES) == -1)
498 		goto err;
499 
500 	/* Fetch pack file data from server. */
501 	for (;;) {
502 		r = http_read(&bio, chunked, &chunksz, buf, sizeof(buf));
503 		if (r == -1)
504 			goto err;
505 
506 		if (r == 0)
507 			break;
508 
509 		fwrite(buf, 1, r, stdout);
510 	}
511 
512 	ret = 0;
513 err:
514 	bufio_close_sync(&bio);
515 	bufio_free(&bio);
516 	return ret;
517 }
518 
519 static __dead void
520 usage(void)
521 {
522 	fprintf(stderr, "usage: %s [-qv] proto host port path\n",
523 	     getprogname());
524 	exit(1);
525 }
526 
527 int
528 main(int argc, char **argv)
529 {
530 	struct pollfd	 pfd;
531 	const char	*host, *port, *path;
532 	int		 https = 0;
533 	int		 ch;
534 
535 #ifndef PROFILE
536 	if (pledge("stdio rpath inet dns unveil", NULL) == -1)
537 		err(1, "pledge");
538 #endif
539 
540 	while ((ch = getopt(argc, argv, "qv")) != -1) {
541 		switch (ch) {
542 		case 'q':
543 			verbose = -1;
544 			break;
545 		case 'v':
546 			verbose++;
547 			break;
548 		default:
549 			usage();
550 		}
551 	}
552 	argc -= optind;
553 	argv += optind;
554 
555 	if (argc != 4)
556 		usage();
557 
558 	https = strcmp(argv[0], "https") == 0;
559 #ifndef PROFILE
560 	if (https) {
561 		if (unveil("/etc/ssl/cert.pem", "r") == -1)
562 			err(1, "unveil /etc/ssl/cert.pem");
563 	} else {
564 		/* drop "rpath" */
565 		if (pledge("stdio inet dns unveil", NULL) == -1)
566 			err(1, "pledge");
567 	}
568 #else
569 	if (unveil("gmon.out", "rwc") != 0)
570 		err(1, "unveil gmon.out");
571 #endif
572 	if (unveil(NULL, NULL) == -1)
573 		err(1, "unveil NULL");
574 
575 	host = argv[1];
576 	port = argv[2];
577 	path = argv[3];
578 
579 	if (get_refs(https, host, port, path) == -1)
580 		errx(1, "failed to get refs");
581 
582 	pfd.fd = 0;
583 	pfd.events = POLLIN;
584 	if (poll(&pfd, 1, INFTIM) == -1)
585 		err(1, "poll");
586 
587 	if ((ch = fgetc(stdin)) == EOF)
588 		return 0;
589 
590 	ungetc(ch, stdin);
591 	if (upload_request(https, host, port, path, stdin) == -1) {
592 		fflush(tmp);
593 		errx(1, "failed to upload request");
594 	}
595 
596 	return 0;
597 }