1 /*
2  * Copyright (c) 2022 Stefan Sperling <stsp@openbsd.org>
3  *
4  * Permission to use, copy, modify, and distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 
18 #define GOTD_UNIX_SOCKET "/var/run/gotd.sock"
19 #define GOTD_UNIX_SOCKET_BACKLOG 10
20 #define GOTD_USER	"_gotd"
21 #define GOTD_CONF_PATH	"/etc/gotd.conf"
22 #define GOTD_EMPTY_PATH	"/var/empty"
23 
24 #define GOTD_MAXCLIENTS		1024
25 #define GOTD_MAX_CONN_PER_UID	4
26 #define GOTD_FD_RESERVE		5
27 #define GOTD_FD_NEEDED		6
28 #define GOTD_FILENO_MSG_PIPE	3
29 
30 #define GOTD_DEFAULT_REQUEST_TIMEOUT	3600
31 
32 /* Client hash tables need some extra room. */
33 #define GOTD_CLIENT_TABLE_SIZE (GOTD_MAXCLIENTS * 4)
34 
35 enum gotd_procid {
36 	PROC_GOTD	= 0,
37 	PROC_LISTEN,
38 	PROC_AUTH,
39 	PROC_SESSION_READ,
40 	PROC_SESSION_WRITE,
41 	PROC_REPO_READ,
42 	PROC_REPO_WRITE,
43 	PROC_MAX,
44 };
45 
46 struct gotd_imsgev {
47 	struct imsgbuf	 ibuf;
48 	void		(*handler)(int, short, void *);
49 	void		*handler_arg;
50 	struct event	 ev;
51 	short		 events;
52 };
53 
54 enum gotd_access {
55 	GOTD_ACCESS_PERMITTED = 1,
56 	GOTD_ACCESS_DENIED
57 };
58 
59 struct gotd_access_rule {
60 	STAILQ_ENTRY(gotd_access_rule) entry;
61 
62 	enum gotd_access access;
63 
64 	int authorization;
65 #define GOTD_AUTH_READ		0x1
66 #define GOTD_AUTH_WRITE		0x2
67 
68 	char *identifier;
69 };
70 STAILQ_HEAD(gotd_access_rule_list, gotd_access_rule);
71 
72 struct gotd_repo {
73 	TAILQ_ENTRY(gotd_repo)	 entry;
74 
75 	char name[NAME_MAX];
76 	char path[PATH_MAX];
77 
78 	struct gotd_access_rule_list rules;
79 	struct got_pathlist_head protected_tag_namespaces;
80 	struct got_pathlist_head protected_branch_namespaces;
81 	struct got_pathlist_head protected_branches;
82 };
83 TAILQ_HEAD(gotd_repolist, gotd_repo);
84 
85 enum gotd_session_state {
86 	GOTD_STATE_EXPECT_LIST_REFS,
87 	GOTD_STATE_EXPECT_CAPABILITIES,
88 	GOTD_STATE_EXPECT_WANT,
89 	GOTD_STATE_EXPECT_REF_UPDATE,
90 	GOTD_STATE_EXPECT_MORE_REF_UPDATES,
91 	GOTD_STATE_EXPECT_HAVE,
92 	GOTD_STATE_EXPECT_PACKFILE,
93 	GOTD_STATE_EXPECT_DONE,
94 	GOTD_STATE_DONE,
95 };
96 
97 struct gotd_client_capability {
98 	char *key;
99 	char *value;
100 };
101 
102 struct gotd_object_id_array {
103 	struct got_object_id		**ids;
104 	size_t				 nalloc;
105 	size_t				 nids;
106 };
107 
108 struct gotd_uid_connection_limit {
109 	uid_t uid;
110 	int max_connections;
111 };
112 
113 struct gotd_child_proc;
114 
115 struct gotd {
116 	pid_t pid;
117 	char unix_socket_path[PATH_MAX];
118 	char user_name[32];
119 	struct gotd_repolist repos;
120 	int nrepos;
121 	struct gotd_child_proc *listen_proc;
122 	struct timeval request_timeout;
123 	struct timeval auth_timeout;
124 	struct gotd_uid_connection_limit *connection_limits;
125 	size_t nconnection_limits;
126 
127 	char *argv0;
128 	const char *confpath;
129 	int daemonize;
130 	int verbosity;
131 };
132 
133 enum gotd_imsg_type {
134 	/* An error occured while processing a request. */
135 	GOTD_IMSG_ERROR,
136 
137 	/* Commands used by gotctl(8). */
138 	GOTD_IMSG_INFO,
139 	GOTD_IMSG_INFO_REPO,
140 	GOTD_IMSG_INFO_CLIENT,
141 	GOTD_IMSG_STOP,
142 
143 	/* Request a list of references. */
144 	GOTD_IMSG_LIST_REFS,
145 	GOTD_IMSG_LIST_REFS_INTERNAL,
146 
147 	/* References. */
148 	GOTD_IMSG_REFLIST,
149 	GOTD_IMSG_REF,
150 	GOTD_IMSG_SYMREF,
151 
152 	/* Git protocol capabilities. */
153 	GOTD_IMSG_CAPABILITIES,
154 	GOTD_IMSG_CAPABILITY,
155 
156 	/* Git protocol chatter. */
157 	GOTD_IMSG_WANT,		/* The client wants an object. */
158 	GOTD_IMSG_HAVE,		/* The client has an object. */
159 	GOTD_IMSG_ACK,		/* The server has an object or a reference. */
160 	GOTD_IMSG_NAK,		/* The server does not have an object/ref. */
161 	GOTD_IMSG_REF_UPDATE,	/* The client wants to update a reference. */
162 	GOTD_IMSG_REF_DELETE,	/* The client wants to delete a reference. */
163 	GOTD_IMSG_FLUSH,	/* The client sent a flush packet. */
164 	GOTD_IMSG_DONE,		/* The client is done chatting. */
165 
166 	/* Sending or receiving a pack file. */
167 	GOTD_IMSG_SEND_PACKFILE, /* The server is sending a pack file. */
168 	GOTD_IMSG_RECV_PACKFILE, /* The server is receiving a pack file. */
169 	GOTD_IMSG_PACKIDX_FILE,  /* Temporary file handle for new pack index. */
170 	GOTD_IMSG_PACKFILE_PIPE, /* Pipe to send/receive a pack file stream. */
171 	GOTD_IMSG_PACKFILE_PROGRESS, /* Progress reporting. */
172 	GOTD_IMSG_PACKFILE_READY, /* Pack file is ready to be sent. */
173 	GOTD_IMSG_PACKFILE_STATUS, /* Received pack success/failure status. */
174 	GOTD_IMSG_PACKFILE_INSTALL, /* Received pack file can be installed. */
175 	GOTD_IMSG_PACKFILE_DONE, /* Pack file has been sent/received. */
176 
177 	/* Reference updates. */
178 	GOTD_IMSG_REF_UPDATES_START, /* Ref updates starting. */
179 	GOTD_IMSG_REF_UPDATE_OK, /* Update went OK. */
180 	GOTD_IMSG_REF_UPDATE_NG, /* Update was not good. */
181 	GOTD_IMSG_REFS_UPDATED, /* The server proccessed all ref updates. */
182 
183 	/* Client connections. */
184 	GOTD_IMSG_DISCONNECT,
185 	GOTD_IMSG_CONNECT,
186 
187 	/* Child process management. */
188 	GOTD_IMSG_CLIENT_SESSION_READY,
189 	GOTD_IMSG_REPO_CHILD_READY,
190 	GOTD_IMSG_CONNECT_REPO_CHILD,
191 
192 	/* Auth child process. */
193 	GOTD_IMSG_AUTHENTICATE,
194 	GOTD_IMSG_ACCESS_GRANTED,
195 };
196 
197 /* Structure for GOTD_IMSG_ERROR. */
198 struct gotd_imsg_error {
199 	int code; /* an error code from got_error.h */
200 	int errno_code; /* in case code equals GOT_ERR_ERRNO */
201 	uint32_t client_id;
202 	char msg[GOT_ERR_MAX_MSG_SIZE];
203 } __attribute__((__packed__));
204 
205 /* Structure for GOTD_IMSG_INFO. */
206 struct gotd_imsg_info {
207 	pid_t pid;
208 	int verbosity;
209 	int nrepos;
210 	int nclients;
211 
212 	/* Followed by nrepos GOTD_IMSG_INFO_REPO messages. */
213 	/* Followed by nclients GOTD_IMSG_INFO_CLIENT messages. */
214 };
215 
216 /* Structure for GOTD_IMSG_INFO_REPO. */
217 struct gotd_imsg_info_repo {
218 	char repo_name[NAME_MAX];
219 	char repo_path[PATH_MAX];
220 };
221 
222 /* Structure for GOTD_IMSG_INFO_CLIENT */
223 struct gotd_imsg_info_client {
224 	uid_t euid;
225 	gid_t egid;
226 	char repo_name[NAME_MAX];
227 	int is_writing;
228 	pid_t session_child_pid;
229 	pid_t repo_child_pid;
230 };
231 
232 /* Structure for GOTD_IMSG_LIST_REFS. */
233 struct gotd_imsg_list_refs {
234 	char repo_name[NAME_MAX];
235 	int client_is_reading; /* 1 if reading, 0 if writing */
236 };
237 
238 /* Structure for GOTD_IMSG_LIST_REFS_INTERNAL. */
239 struct gotd_imsg_list_refs_internal {
240 	uint32_t client_id;
241 };
242 
243 /* Structure for GOTD_IMSG_REFLIST. */
244 struct gotd_imsg_reflist {
245 	size_t nrefs;
246 
247 	/* Followed by nrefs times of gotd_imsg_ref/gotd_imsg_symref data. */
248 } __attribute__((__packed__));
249 
250 /* Structure for GOTD_IMSG_REF data. */
251 struct gotd_imsg_ref {
252 	uint8_t id[SHA1_DIGEST_LENGTH];
253 	size_t name_len;
254 	/* Followed by name_len data bytes. */
255 } __attribute__((__packed__));
256 
257 /* Structure for GOTD_IMSG_SYMREF data. */
258 struct gotd_imsg_symref {
259 	size_t name_len;
260 	size_t target_len;
261 	uint8_t target_id[SHA1_DIGEST_LENGTH];
262 
263 	/*
264 	 * Followed by name_len + target_len data bytes.
265 	 */
266 } __attribute__((__packed__));
267 
268 /* Structure for GOTD_IMSG_CAPABILITIES data. */
269 struct gotd_imsg_capabilities {
270 	size_t ncapabilities;
271 
272 	/*
273 	 * Followed by ncapabilities * GOTD_IMSG_CAPABILITY.
274 	 */
275 } __attribute__((__packed__));
276 
277 /* Structure for GOTD_IMSG_CAPABILITY data. */
278 struct gotd_imsg_capability {
279 	size_t key_len;
280 	size_t value_len;
281 
282 	/*
283 	 * Followed by key_len + value_len data bytes.
284 	 */
285 } __attribute__((__packed__));
286 
287 /* Structure for GOTD_IMSG_WANT data. */
288 struct gotd_imsg_want {
289 	uint8_t object_id[SHA1_DIGEST_LENGTH];
290 	uint32_t client_id;
291 } __attribute__((__packed__));
292 
293 /* Structure for GOTD_IMSG_HAVE data. */
294 struct gotd_imsg_have {
295 	uint8_t object_id[SHA1_DIGEST_LENGTH];
296 	uint32_t client_id;
297 } __attribute__((__packed__));
298 
299 /* Structure for GOTD_IMSG_ACK data. */
300 struct gotd_imsg_ack {
301 	uint8_t object_id[SHA1_DIGEST_LENGTH];
302 	uint32_t client_id;
303 } __attribute__((__packed__));
304 
305 /* Structure for GOTD_IMSG_NAK data. */
306 struct gotd_imsg_nak {
307 	uint8_t object_id[SHA1_DIGEST_LENGTH];
308 	uint32_t client_id;
309 } __attribute__((__packed__));
310 
311 /* Structure for GOTD_IMSG_PACKFILE_STATUS data. */
312 struct gotd_imsg_packfile_status {
313 	size_t reason_len;
314 
315 	/* Followed by reason_len data bytes. */
316 } __attribute__((__packed__));
317 
318 
319 /* Structure for GOTD_IMSG_REF_UPDATE data. */
320 struct gotd_imsg_ref_update {
321 	uint8_t old_id[SHA1_DIGEST_LENGTH];
322 	uint8_t new_id[SHA1_DIGEST_LENGTH];
323 	int ref_is_new;
324 	int delete_ref;
325 	uint32_t client_id;
326 	size_t name_len;
327 
328 	/* Followed by name_len data bytes. */
329 } __attribute__((__packed__));
330 
331 /* Structure for GOTD_IMSG_REF_UPDATES_START data. */
332 struct gotd_imsg_ref_updates_start {
333 	int nref_updates;
334 	uint32_t client_id;
335 
336 	/* Followed by nref_updates GOT_IMSG_REF_UPDATE_OK/NG messages. */
337 };
338 
339 /* Structure for GOTD_IMSG_REF_UPDATE_OK data. */
340 struct gotd_imsg_ref_update_ok {
341 	uint8_t old_id[SHA1_DIGEST_LENGTH];
342 	uint8_t new_id[SHA1_DIGEST_LENGTH];
343 	int ref_is_new;
344 	uint32_t client_id;
345 	size_t name_len;
346 
347 	/* Followed by name_len data bytes. */
348 } __attribute__((__packed__));
349 
350 /* Structure for GOTD_IMSG_REF_UPDATE_NG data. */
351 struct gotd_imsg_ref_update_ng {
352 	uint8_t old_id[SHA1_DIGEST_LENGTH];
353 	uint8_t new_id[SHA1_DIGEST_LENGTH];
354 	uint32_t client_id;
355 	size_t name_len;
356 	size_t reason_len;
357 
358 	/* Followed by name_len + reason_len data bytes. */
359 } __attribute__((__packed__));
360 
361 /* Structure for GOTD_IMSG_SEND_PACKFILE data. */
362 struct gotd_imsg_send_packfile {
363 	uint32_t client_id;
364 	int report_progress;
365 
366 	/* delta cache file is sent as a file descriptor */
367 
368 	/* followed by two GOTD_IMSG_PACKFILE_PIPE messages */
369 };
370 
371 /* Structure for GOTD_IMSG_RECV_PACKFILE data. */
372 struct gotd_imsg_recv_packfile {
373 	uint32_t client_id;
374 	int report_status;
375 
376 	/* pack destination temp file is sent as a file descriptor */
377 };
378 
379 /* Structure for GOTD_IMSG_PACKFILE_PIPE data. */
380 struct gotd_imsg_packfile_pipe {
381 	uint32_t client_id;
382 };
383 
384 /* Structure for GOTD_IMSG_PACKIDX_FILE data. */
385 struct gotd_imsg_packidx_file {
386 	uint32_t client_id;
387 };
388 
389 
390 /*
391  * Structure for GOTD_IMSG_PACKFILE_PROGRESS and
392  * GOTD_IMSG_PACKFILE_READY data.
393  */
394 struct gotd_imsg_packfile_progress {
395 	uint32_t client_id;
396 	int ncolored;
397 	int nfound;
398 	int ntrees;
399 	off_t packfile_size;
400 	int ncommits;
401 	int nobj_total;
402 	int nobj_deltify;
403 	int nobj_written;
404 };
405 
406 /* Structure for GOTD_IMSG_PACKFILE_INSTALL. */
407 struct gotd_imsg_packfile_install {
408 	uint32_t client_id;
409 	uint8_t pack_sha1[SHA1_DIGEST_LENGTH];
410 };
411 
412 /* Structure for GOTD_IMSG_PACKFILE_DONE data. */
413 struct gotd_imsg_packfile_done {
414 	uint32_t client_id;
415 };
416 
417 /* Structure for GOTD_IMSG_DISCONNECT data. */
418 struct gotd_imsg_disconnect {
419 	uint32_t client_id;
420 };
421 
422 /* Structure for GOTD_IMSG_CONNECT. */
423 struct gotd_imsg_connect {
424 	uint32_t client_id;
425 	uid_t euid;
426 	gid_t egid;
427 };
428 
429 /* Structure for GOTD_IMSG_CONNECT_REPO_CHILD. */
430 struct gotd_imsg_connect_repo_child {
431 	uint32_t client_id;
432 	enum gotd_procid proc_id;
433 
434 	/* repo child imsg pipe is passed via imsg fd */
435 };
436 
437 /* Structure for GOTD_IMSG_AUTHENTICATE. */
438 struct gotd_imsg_auth {
439 	uid_t euid;
440 	gid_t egid;
441 	int required_auth;
442 	uint32_t client_id;
443 };
444 
445 int parse_config(const char *, enum gotd_procid, struct gotd *, int);
446 struct gotd_repo *gotd_find_repo_by_name(const char *, struct gotd *);
447 struct gotd_repo *gotd_find_repo_by_path(const char *, struct gotd *);
448 struct gotd_uid_connection_limit *gotd_find_uid_connection_limit(
449     struct gotd_uid_connection_limit *limits, size_t nlimits, uid_t uid);
450 int gotd_parseuid(const char *s, uid_t *uid);
451 
452 /* imsg.c */
453 const struct got_error *gotd_imsg_flush(struct imsgbuf *);
454 const struct got_error *gotd_imsg_recv(struct imsg *, struct imsgbuf *, size_t);
455 const struct got_error *gotd_imsg_poll_recv(struct imsg *, struct imsgbuf *,
456     size_t);
457 const struct got_error *gotd_imsg_recv_error(uint32_t *client_id,
458     struct imsg *imsg);
459 int gotd_imsg_send_error(struct imsgbuf *ibuf, uint32_t, uint32_t,
460     const struct got_error *);
461 int gotd_imsg_send_error_event(struct gotd_imsgev *, uint32_t, uint32_t,
462     const struct got_error *);
463 void gotd_imsg_event_add(struct gotd_imsgev *);
464 int gotd_imsg_compose_event(struct gotd_imsgev *, uint16_t, uint32_t, int,
465     void *, uint16_t);
466 int gotd_imsg_forward(struct gotd_imsgev *, struct imsg *, int);
467 
468 void gotd_imsg_send_ack(struct got_object_id *, struct imsgbuf *,
469     uint32_t, pid_t);
470 void gotd_imsg_send_nak(struct got_object_id *, struct imsgbuf *,
471     uint32_t, pid_t);