2 * Copyright (c) 2022, 2023 Stefan Sperling <stsp@openbsd.org>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 #include <sys/types.h>
18 #include <sys/queue.h>
20 #include <sys/socket.h>
37 #include "got_error.h"
38 #include "got_repository.h"
39 #include "got_object.h"
41 #include "got_reference.h"
42 #include "got_opentemp.h"
44 #include "got_lib_hash.h"
45 #include "got_lib_delta.h"
46 #include "got_lib_object.h"
47 #include "got_lib_object_cache.h"
48 #include "got_lib_pack.h"
49 #include "got_lib_repository.h"
50 #include "got_lib_gitproto.h"
57 static struct gotd_session {
60 struct got_repository *repo;
63 struct gotd_imsgev parent_iev;
64 struct timeval request_timeout;
67 static struct gotd_session_client {
68 enum gotd_session_state state;
70 struct gotd_client_capability *capabilities;
76 struct gotd_imsgev iev;
77 struct gotd_imsgev repo_child_iev;
85 } gotd_session_client;
87 void gotd_session_sighdlr(int sig, short event, void *arg);
88 static void gotd_session_shutdown(void);
91 disconnect(struct gotd_session_client *client)
93 log_debug("uid %d: disconnecting", client->euid);
95 if (gotd_imsg_compose_event(&gotd_session.parent_iev,
96 GOTD_IMSG_DISCONNECT, PROC_SESSION, -1, NULL, 0) == -1)
97 log_warn("imsg compose DISCONNECT");
99 imsg_clear(&client->repo_child_iev.ibuf);
100 event_del(&client->repo_child_iev.ev);
101 evtimer_del(&client->tmo);
103 if (client->delta_cache_fd != -1)
104 close(client->delta_cache_fd);
105 if (client->packfile_path) {
106 if (unlink(client->packfile_path) == -1 && errno != ENOENT)
107 log_warn("unlink %s: ", client->packfile_path);
108 free(client->packfile_path);
110 if (client->packidx_path) {
111 if (unlink(client->packidx_path) == -1 && errno != ENOENT)
112 log_warn("unlink %s: ", client->packidx_path);
113 free(client->packidx_path);
115 free(client->capabilities);
117 gotd_session_shutdown();
121 disconnect_on_error(struct gotd_session_client *client,
122 const struct got_error *err)
126 log_warnx("uid %d: %s", client->euid, err->msg);
127 if (err->code != GOT_ERR_EOF) {
128 imsg_init(&ibuf, client->fd);
129 gotd_imsg_send_error(&ibuf, 0, PROC_SESSION, err);
137 gotd_request_timeout(int fd, short events, void *arg)
139 struct gotd_session_client *client = arg;
141 log_debug("disconnecting uid %d due to timeout", client->euid);
146 gotd_session_sighdlr(int sig, short event, void *arg)
149 * Normal signal handler rules don't apply because libevent
155 log_info("%s: ignoring SIGHUP", __func__);
158 log_info("%s: ignoring SIGUSR1", __func__);
162 gotd_session_shutdown();
166 fatalx("unexpected signal");
170 static const struct got_error *
171 recv_packfile_done(uint32_t *client_id, struct imsg *imsg)
173 struct gotd_imsg_packfile_done idone;
176 log_debug("packfile-done received");
178 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
179 if (datalen != sizeof(idone))
180 return got_error(GOT_ERR_PRIVSEP_LEN);
181 memcpy(&idone, imsg->data, sizeof(idone));
183 *client_id = idone.client_id;
187 static const struct got_error *
188 recv_packfile_install(uint32_t *client_id, struct imsg *imsg)
190 struct gotd_imsg_packfile_install inst;
193 log_debug("packfile-install received");
195 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
196 if (datalen != sizeof(inst))
197 return got_error(GOT_ERR_PRIVSEP_LEN);
198 memcpy(&inst, imsg->data, sizeof(inst));
200 *client_id = inst.client_id;
204 static const struct got_error *
205 recv_ref_updates_start(uint32_t *client_id, struct imsg *imsg)
207 struct gotd_imsg_ref_updates_start istart;
210 log_debug("ref-updates-start received");
212 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
213 if (datalen != sizeof(istart))
214 return got_error(GOT_ERR_PRIVSEP_LEN);
215 memcpy(&istart, imsg->data, sizeof(istart));
217 *client_id = istart.client_id;
221 static const struct got_error *
222 recv_ref_update(uint32_t *client_id, struct imsg *imsg)
224 struct gotd_imsg_ref_update iref;
227 log_debug("ref-update received");
229 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
230 if (datalen < sizeof(iref))
231 return got_error(GOT_ERR_PRIVSEP_LEN);
232 memcpy(&iref, imsg->data, sizeof(iref));
234 *client_id = iref.client_id;
238 static const struct got_error *
239 send_ref_update_ok(struct gotd_session_client *client,
240 struct gotd_imsg_ref_update *iref, const char *refname)
242 struct gotd_imsg_ref_update_ok iok;
243 struct gotd_imsgev *iev = &client->iev;
247 memset(&iok, 0, sizeof(iok));
248 iok.client_id = client->id;
249 memcpy(iok.old_id, iref->old_id, SHA1_DIGEST_LENGTH);
250 memcpy(iok.new_id, iref->new_id, SHA1_DIGEST_LENGTH);
251 iok.name_len = strlen(refname);
253 len = sizeof(iok) + iok.name_len;
254 wbuf = imsg_create(&iev->ibuf, GOTD_IMSG_REF_UPDATE_OK,
255 PROC_SESSION, gotd_session.pid, len);
257 return got_error_from_errno("imsg_create REF_UPDATE_OK");
259 if (imsg_add(wbuf, &iok, sizeof(iok)) == -1)
260 return got_error_from_errno("imsg_add REF_UPDATE_OK");
261 if (imsg_add(wbuf, refname, iok.name_len) == -1)
262 return got_error_from_errno("imsg_add REF_UPDATE_OK");
265 imsg_close(&iev->ibuf, wbuf);
266 gotd_imsg_event_add(iev);
271 send_refs_updated(struct gotd_session_client *client)
273 if (gotd_imsg_compose_event(&client->iev, GOTD_IMSG_REFS_UPDATED,
274 PROC_SESSION, -1, NULL, 0) == -1)
275 log_warn("imsg compose REFS_UPDATED");
278 static const struct got_error *
279 send_ref_update_ng(struct gotd_session_client *client,
280 struct gotd_imsg_ref_update *iref, const char *refname,
283 const struct got_error *ng_err;
284 struct gotd_imsg_ref_update_ng ing;
285 struct gotd_imsgev *iev = &client->iev;
289 memset(&ing, 0, sizeof(ing));
290 ing.client_id = client->id;
291 memcpy(ing.old_id, iref->old_id, SHA1_DIGEST_LENGTH);
292 memcpy(ing.new_id, iref->new_id, SHA1_DIGEST_LENGTH);
293 ing.name_len = strlen(refname);
295 ng_err = got_error_fmt(GOT_ERR_REF_BUSY, "%s", reason);
296 ing.reason_len = strlen(ng_err->msg);
298 len = sizeof(ing) + ing.name_len + ing.reason_len;
299 wbuf = imsg_create(&iev->ibuf, GOTD_IMSG_REF_UPDATE_NG,
300 PROC_SESSION, gotd_session.pid, len);
302 return got_error_from_errno("imsg_create REF_UPDATE_NG");
304 if (imsg_add(wbuf, &ing, sizeof(ing)) == -1)
305 return got_error_from_errno("imsg_add REF_UPDATE_NG");
306 if (imsg_add(wbuf, refname, ing.name_len) == -1)
307 return got_error_from_errno("imsg_add REF_UPDATE_NG");
308 if (imsg_add(wbuf, ng_err->msg, ing.reason_len) == -1)
309 return got_error_from_errno("imsg_add REF_UPDATE_NG");
312 imsg_close(&iev->ibuf, wbuf);
313 gotd_imsg_event_add(iev);
317 static const struct got_error *
318 install_pack(struct gotd_session_client *client, const char *repo_path,
321 const struct got_error *err = NULL;
322 struct gotd_imsg_packfile_install inst;
323 char hex[SHA1_DIGEST_STRING_LENGTH];
325 char *packfile_path = NULL, *packidx_path = NULL;
327 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
328 if (datalen != sizeof(inst))
329 return got_error(GOT_ERR_PRIVSEP_LEN);
330 memcpy(&inst, imsg->data, sizeof(inst));
332 if (client->packfile_path == NULL)
333 return got_error_msg(GOT_ERR_BAD_REQUEST,
334 "client has no pack file");
335 if (client->packidx_path == NULL)
336 return got_error_msg(GOT_ERR_BAD_REQUEST,
337 "client has no pack file index");
339 if (got_sha1_digest_to_str(inst.pack_sha1, hex, sizeof(hex)) == NULL)
340 return got_error_msg(GOT_ERR_NO_SPACE,
341 "could not convert pack file SHA1 to hex");
343 if (asprintf(&packfile_path, "/%s/%s/pack-%s.pack",
344 repo_path, GOT_OBJECTS_PACK_DIR, hex) == -1) {
345 err = got_error_from_errno("asprintf");
349 if (asprintf(&packidx_path, "/%s/%s/pack-%s.idx",
350 repo_path, GOT_OBJECTS_PACK_DIR, hex) == -1) {
351 err = got_error_from_errno("asprintf");
355 if (rename(client->packfile_path, packfile_path) == -1) {
356 err = got_error_from_errno3("rename", client->packfile_path,
361 free(client->packfile_path);
362 client->packfile_path = NULL;
364 if (rename(client->packidx_path, packidx_path) == -1) {
365 err = got_error_from_errno3("rename", client->packidx_path,
370 free(client->packidx_path);
371 client->packidx_path = NULL;
378 static const struct got_error *
379 begin_ref_updates(struct gotd_session_client *client, struct imsg *imsg)
381 struct gotd_imsg_ref_updates_start istart;
384 if (client->nref_updates != -1)
385 return got_error(GOT_ERR_PRIVSEP_MSG);
387 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
388 if (datalen != sizeof(istart))
389 return got_error(GOT_ERR_PRIVSEP_LEN);
390 memcpy(&istart, imsg->data, sizeof(istart));
392 if (istart.nref_updates <= 0)
393 return got_error(GOT_ERR_PRIVSEP_MSG);
395 client->nref_updates = istart.nref_updates;
399 static const struct got_error *
400 update_ref(int *shut, struct gotd_session_client *client,
401 const char *repo_path, struct imsg *imsg)
403 const struct got_error *err = NULL;
404 struct got_repository *repo = NULL;
405 struct got_reference *ref = NULL;
406 struct gotd_imsg_ref_update iref;
407 struct got_object_id old_id, new_id;
408 struct got_object_id *id = NULL;
409 struct got_object *obj = NULL;
410 char *refname = NULL;
413 char hex1[SHA1_DIGEST_STRING_LENGTH];
414 char hex2[SHA1_DIGEST_STRING_LENGTH];
416 log_debug("update-ref from uid %d", client->euid);
418 if (client->nref_updates <= 0)
419 return got_error(GOT_ERR_PRIVSEP_MSG);
421 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
422 if (datalen < sizeof(iref))
423 return got_error(GOT_ERR_PRIVSEP_LEN);
424 memcpy(&iref, imsg->data, sizeof(iref));
425 if (datalen != sizeof(iref) + iref.name_len)
426 return got_error(GOT_ERR_PRIVSEP_LEN);
427 refname = strndup(imsg->data + sizeof(iref), iref.name_len);
429 return got_error_from_errno("strndup");
431 log_debug("updating ref %s for uid %d", refname, client->euid);
433 err = got_repo_open(&repo, repo_path, NULL, NULL);
437 memcpy(old_id.sha1, iref.old_id, SHA1_DIGEST_LENGTH);
438 memcpy(new_id.sha1, iref.new_id, SHA1_DIGEST_LENGTH);
439 err = got_object_open(&obj, repo,
440 iref.delete_ref ? &old_id : &new_id);
444 if (iref.ref_is_new) {
445 err = got_ref_open(&ref, repo, refname, 0);
447 if (err->code != GOT_ERR_NOT_REF)
449 err = got_ref_alloc(&ref, refname, &new_id);
452 err = got_ref_write(ref, repo); /* will lock/unlock */
456 err = got_ref_resolve(&id, repo, ref);
459 got_object_id_hex(&new_id, hex1, sizeof(hex1));
460 got_object_id_hex(id, hex2, sizeof(hex2));
461 err = got_error_fmt(GOT_ERR_REF_BUSY,
462 "Addition %s: %s failed; %s: %s has been "
463 "created by someone else while transaction "
465 got_ref_get_name(ref), hex1,
466 got_ref_get_name(ref), hex2);
469 } else if (iref.delete_ref) {
470 err = got_ref_open(&ref, repo, refname, 1 /* lock */);
475 err = got_ref_resolve(&id, repo, ref);
479 if (got_object_id_cmp(id, &old_id) != 0) {
480 got_object_id_hex(&old_id, hex1, sizeof(hex1));
481 got_object_id_hex(id, hex2, sizeof(hex2));
482 err = got_error_fmt(GOT_ERR_REF_BUSY,
483 "Deletion %s: %s failed; %s: %s has been "
484 "created by someone else while transaction "
486 got_ref_get_name(ref), hex1,
487 got_ref_get_name(ref), hex2);
491 err = got_ref_delete(ref, repo);
498 err = got_ref_open(&ref, repo, refname, 1 /* lock */);
503 err = got_ref_resolve(&id, repo, ref);
507 if (got_object_id_cmp(id, &old_id) != 0) {
508 got_object_id_hex(&old_id, hex1, sizeof(hex1));
509 got_object_id_hex(id, hex2, sizeof(hex2));
510 err = got_error_fmt(GOT_ERR_REF_BUSY,
511 "Update %s: %s failed; %s: %s has been "
512 "created by someone else while transaction "
514 got_ref_get_name(ref), hex1,
515 got_ref_get_name(ref), hex2);
519 if (got_object_id_cmp(&new_id, &old_id) != 0) {
520 err = got_ref_change_ref(ref, &new_id);
524 err = got_ref_write(ref, repo);
534 if (err->code == GOT_ERR_LOCKFILE_TIMEOUT) {
535 err = got_error_fmt(GOT_ERR_LOCKFILE_TIMEOUT,
536 "could not acquire exclusive file lock for %s",
539 send_ref_update_ng(client, &iref, refname, err->msg);
541 send_ref_update_ok(client, &iref, refname);
543 if (client->nref_updates > 0) {
544 client->nref_updates--;
545 if (client->nref_updates == 0) {
546 send_refs_updated(client);
552 const struct got_error *unlock_err;
553 unlock_err = got_ref_unlock(ref);
554 if (unlock_err && err == NULL)
560 got_object_close(obj);
562 got_repo_close(repo);
569 session_dispatch_repo_child(int fd, short event, void *arg)
571 struct gotd_imsgev *iev = arg;
572 struct imsgbuf *ibuf = &iev->ibuf;
573 struct gotd_session_client *client = &gotd_session_client;
578 if (event & EV_READ) {
579 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
580 fatal("imsg_read error");
582 /* Connection closed. */
588 if (event & EV_WRITE) {
589 n = msgbuf_write(&ibuf->w);
590 if (n == -1 && errno != EAGAIN)
591 fatal("msgbuf_write");
593 /* Connection closed. */
600 const struct got_error *err = NULL;
601 uint32_t client_id = 0;
602 int do_disconnect = 0;
603 int do_ref_updates = 0, do_ref_update = 0;
604 int do_packfile_install = 0;
606 if ((n = imsg_get(ibuf, &imsg)) == -1)
607 fatal("%s: imsg_get error", __func__);
608 if (n == 0) /* No more messages. */
611 switch (imsg.hdr.type) {
612 case GOTD_IMSG_ERROR:
614 err = gotd_imsg_recv_error(&client_id, &imsg);
616 case GOTD_IMSG_PACKFILE_DONE:
618 err = recv_packfile_done(&client_id, &imsg);
620 case GOTD_IMSG_PACKFILE_INSTALL:
621 err = recv_packfile_install(&client_id, &imsg);
623 do_packfile_install = 1;
625 case GOTD_IMSG_REF_UPDATES_START:
626 err = recv_ref_updates_start(&client_id, &imsg);
630 case GOTD_IMSG_REF_UPDATE:
631 err = recv_ref_update(&client_id, &imsg);
636 log_debug("unexpected imsg %d", imsg.hdr.type);
642 disconnect_on_error(client, err);
646 if (do_packfile_install)
647 err = install_pack(client,
648 gotd_session.repo->path, &imsg);
649 else if (do_ref_updates)
650 err = begin_ref_updates(client, &imsg);
651 else if (do_ref_update)
652 err = update_ref(&shut, client,
653 gotd_session.repo->path, &imsg);
655 log_warnx("uid %d: %s", client->euid, err->msg);
661 gotd_imsg_event_add(iev);
663 /* This pipe is dead. Remove its event handler */
665 event_loopexit(NULL);
669 static const struct got_error *
670 recv_capabilities(struct gotd_session_client *client, struct imsg *imsg)
672 struct gotd_imsg_capabilities icapas;
675 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
676 if (datalen != sizeof(icapas))
677 return got_error(GOT_ERR_PRIVSEP_LEN);
678 memcpy(&icapas, imsg->data, sizeof(icapas));
680 client->ncapa_alloc = icapas.ncapabilities;
681 client->capabilities = calloc(client->ncapa_alloc,
682 sizeof(*client->capabilities));
683 if (client->capabilities == NULL) {
684 client->ncapa_alloc = 0;
685 return got_error_from_errno("calloc");
688 log_debug("expecting %zu capabilities from uid %d",
689 client->ncapa_alloc, client->euid);
693 static const struct got_error *
694 recv_capability(struct gotd_session_client *client, struct imsg *imsg)
696 struct gotd_imsg_capability icapa;
697 struct gotd_client_capability *capa;
699 char *key, *value = NULL;
701 if (client->capabilities == NULL ||
702 client->ncapabilities >= client->ncapa_alloc) {
703 return got_error_msg(GOT_ERR_BAD_REQUEST,
704 "unexpected capability received");
707 memset(&icapa, 0, sizeof(icapa));
709 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
710 if (datalen < sizeof(icapa))
711 return got_error(GOT_ERR_PRIVSEP_LEN);
712 memcpy(&icapa, imsg->data, sizeof(icapa));
714 if (datalen != sizeof(icapa) + icapa.key_len + icapa.value_len)
715 return got_error(GOT_ERR_PRIVSEP_LEN);
717 key = strndup(imsg->data + sizeof(icapa), icapa.key_len);
719 return got_error_from_errno("strndup");
720 if (icapa.value_len > 0) {
721 value = strndup(imsg->data + sizeof(icapa) + icapa.key_len,
725 return got_error_from_errno("strndup");
729 capa = &client->capabilities[client->ncapabilities++];
734 log_debug("uid %d: capability %s=%s", client->euid, key, value);
736 log_debug("uid %d: capability %s", client->euid, key);
741 static const struct got_error *
742 ensure_client_is_reading(struct gotd_session_client *client)
744 if (client->is_writing) {
745 return got_error_fmt(GOT_ERR_BAD_PACKET,
746 "uid %d made a read-request but is not reading from "
747 "a repository", client->euid);
753 static const struct got_error *
754 ensure_client_is_writing(struct gotd_session_client *client)
756 if (!client->is_writing) {
757 return got_error_fmt(GOT_ERR_BAD_PACKET,
758 "uid %d made a write-request but is not writing to "
759 "a repository", client->euid);
765 static const struct got_error *
766 forward_want(struct gotd_session_client *client, struct imsg *imsg)
768 struct gotd_imsg_want ireq;
769 struct gotd_imsg_want iwant;
772 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
773 if (datalen != sizeof(ireq))
774 return got_error(GOT_ERR_PRIVSEP_LEN);
776 memcpy(&ireq, imsg->data, datalen);
778 memset(&iwant, 0, sizeof(iwant));
779 memcpy(iwant.object_id, ireq.object_id, SHA1_DIGEST_LENGTH);
780 iwant.client_id = client->id;
782 if (gotd_imsg_compose_event(&client->repo_child_iev, GOTD_IMSG_WANT,
783 PROC_SESSION, -1, &iwant, sizeof(iwant)) == -1)
784 return got_error_from_errno("imsg compose WANT");
789 static const struct got_error *
790 forward_ref_update(struct gotd_session_client *client, struct imsg *imsg)
792 const struct got_error *err = NULL;
793 struct gotd_imsg_ref_update ireq;
794 struct gotd_imsg_ref_update *iref = NULL;
797 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
798 if (datalen < sizeof(ireq))
799 return got_error(GOT_ERR_PRIVSEP_LEN);
800 memcpy(&ireq, imsg->data, sizeof(ireq));
801 if (datalen != sizeof(ireq) + ireq.name_len)
802 return got_error(GOT_ERR_PRIVSEP_LEN);
804 iref = malloc(datalen);
806 return got_error_from_errno("malloc");
807 memcpy(iref, imsg->data, datalen);
809 iref->client_id = client->id;
810 if (gotd_imsg_compose_event(&client->repo_child_iev,
811 GOTD_IMSG_REF_UPDATE, PROC_SESSION, -1, iref, datalen) == -1)
812 err = got_error_from_errno("imsg compose REF_UPDATE");
817 static const struct got_error *
818 forward_have(struct gotd_session_client *client, struct imsg *imsg)
820 struct gotd_imsg_have ireq;
821 struct gotd_imsg_have ihave;
824 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
825 if (datalen != sizeof(ireq))
826 return got_error(GOT_ERR_PRIVSEP_LEN);
828 memcpy(&ireq, imsg->data, datalen);
830 memset(&ihave, 0, sizeof(ihave));
831 memcpy(ihave.object_id, ireq.object_id, SHA1_DIGEST_LENGTH);
832 ihave.client_id = client->id;
834 if (gotd_imsg_compose_event(&client->repo_child_iev, GOTD_IMSG_HAVE,
835 PROC_SESSION, -1, &ihave, sizeof(ihave)) == -1)
836 return got_error_from_errno("imsg compose HAVE");
842 client_has_capability(struct gotd_session_client *client, const char *capastr)
844 struct gotd_client_capability *capa;
847 if (client->ncapabilities == 0)
850 for (i = 0; i < client->ncapabilities; i++) {
851 capa = &client->capabilities[i];
852 if (strcmp(capa->key, capastr) == 0)
859 static const struct got_error *
860 recv_packfile(struct gotd_session_client *client)
862 const struct got_error *err = NULL;
863 struct gotd_imsg_recv_packfile ipack;
864 struct gotd_imsg_packfile_pipe ipipe;
865 struct gotd_imsg_packidx_file ifile;
866 char *basepath = NULL, *pack_path = NULL, *idx_path = NULL;
867 int packfd = -1, idxfd = -1;
868 int pipe[2] = { -1, -1 };
870 if (client->packfile_path) {
871 return got_error_fmt(GOT_ERR_PRIVSEP_MSG,
872 "uid %d already has a pack file", client->euid);
875 if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pipe) == -1)
876 return got_error_from_errno("socketpair");
878 memset(&ipipe, 0, sizeof(ipipe));
879 ipipe.client_id = client->id;
881 /* Send pack pipe end 0 to repo child process. */
882 if (gotd_imsg_compose_event(&client->repo_child_iev,
883 GOTD_IMSG_PACKFILE_PIPE, PROC_SESSION, pipe[0],
884 &ipipe, sizeof(ipipe)) == -1) {
885 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
891 /* Send pack pipe end 1 to gotsh(1) (expects just an fd, no data). */
892 if (gotd_imsg_compose_event(&client->iev,
893 GOTD_IMSG_PACKFILE_PIPE, PROC_SESSION, pipe[1], NULL, 0) == -1)
894 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
897 if (asprintf(&basepath, "%s/%s/receiving-from-uid-%d.pack",
898 got_repo_get_path(gotd_session.repo), GOT_OBJECTS_PACK_DIR,
899 client->euid) == -1) {
900 err = got_error_from_errno("asprintf");
904 err = got_opentemp_named_fd(&pack_path, &packfd, basepath, "");
907 if (fchmod(packfd, GOT_DEFAULT_PACK_MODE) == -1) {
908 err = got_error_from_errno2("fchmod", pack_path);
913 if (asprintf(&basepath, "%s/%s/receiving-from-uid-%d.idx",
914 got_repo_get_path(gotd_session.repo), GOT_OBJECTS_PACK_DIR,
915 client->euid) == -1) {
916 err = got_error_from_errno("asprintf");
920 err = got_opentemp_named_fd(&idx_path, &idxfd, basepath, "");
923 if (fchmod(idxfd, GOT_DEFAULT_PACK_MODE) == -1) {
924 err = got_error_from_errno2("fchmod", idx_path);
928 memset(&ifile, 0, sizeof(ifile));
929 ifile.client_id = client->id;
930 if (gotd_imsg_compose_event(&client->repo_child_iev,
931 GOTD_IMSG_PACKIDX_FILE, PROC_SESSION,
932 idxfd, &ifile, sizeof(ifile)) == -1) {
933 err = got_error_from_errno("imsg compose PACKIDX_FILE");
939 memset(&ipack, 0, sizeof(ipack));
940 ipack.client_id = client->id;
941 if (client_has_capability(client, GOT_CAPA_REPORT_STATUS))
942 ipack.report_status = 1;
944 if (gotd_imsg_compose_event(&client->repo_child_iev,
945 GOTD_IMSG_RECV_PACKFILE, PROC_SESSION, packfd,
946 &ipack, sizeof(ipack)) == -1) {
947 err = got_error_from_errno("imsg compose RECV_PACKFILE");
955 if (pipe[0] != -1 && close(pipe[0]) == -1 && err == NULL)
956 err = got_error_from_errno("close");
957 if (pipe[1] != -1 && close(pipe[1]) == -1 && err == NULL)
958 err = got_error_from_errno("close");
959 if (packfd != -1 && close(packfd) == -1 && err == NULL)
960 err = got_error_from_errno("close");
961 if (idxfd != -1 && close(idxfd) == -1 && err == NULL)
962 err = got_error_from_errno("close");
967 client->packfile_path = pack_path;
968 client->packidx_path = idx_path;
973 static const struct got_error *
974 send_packfile(struct gotd_session_client *client)
976 const struct got_error *err = NULL;
977 struct gotd_imsg_send_packfile ipack;
978 struct gotd_imsg_packfile_pipe ipipe;
981 if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pipe) == -1)
982 return got_error_from_errno("socketpair");
984 memset(&ipack, 0, sizeof(ipack));
985 memset(&ipipe, 0, sizeof(ipipe));
987 ipack.client_id = client->id;
988 if (client_has_capability(client, GOT_CAPA_SIDE_BAND_64K))
989 ipack.report_progress = 1;
991 client->delta_cache_fd = got_opentempfd();
992 if (client->delta_cache_fd == -1)
993 return got_error_from_errno("got_opentempfd");
995 if (gotd_imsg_compose_event(&client->repo_child_iev,
996 GOTD_IMSG_SEND_PACKFILE, PROC_GOTD, client->delta_cache_fd,
997 &ipack, sizeof(ipack)) == -1) {
998 err = got_error_from_errno("imsg compose SEND_PACKFILE");
1004 ipipe.client_id = client->id;
1006 /* Send pack pipe end 0 to repo child process. */
1007 if (gotd_imsg_compose_event(&client->repo_child_iev,
1008 GOTD_IMSG_PACKFILE_PIPE, PROC_GOTD,
1009 pipe[0], &ipipe, sizeof(ipipe)) == -1) {
1010 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
1015 /* Send pack pipe end 1 to gotsh(1) (expects just an fd, no data). */
1016 if (gotd_imsg_compose_event(&client->iev,
1017 GOTD_IMSG_PACKFILE_PIPE, PROC_GOTD, pipe[1], NULL, 0) == -1)
1018 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
1024 session_dispatch_client(int fd, short events, void *arg)
1026 struct gotd_imsgev *iev = arg;
1027 struct imsgbuf *ibuf = &iev->ibuf;
1028 struct gotd_session_client *client = &gotd_session_client;
1029 const struct got_error *err = NULL;
1033 if (events & EV_WRITE) {
1034 while (ibuf->w.queued) {
1035 n = msgbuf_write(&ibuf->w);
1036 if (n == -1 && errno == EPIPE) {
1038 * The client has closed its socket.
1039 * This can happen when Git clients are
1040 * done sending pack file data.
1042 msgbuf_clear(&ibuf->w);
1044 } else if (n == -1 && errno != EAGAIN) {
1045 err = got_error_from_errno("imsg_flush");
1046 disconnect_on_error(client, err);
1050 /* Connection closed. */
1051 err = got_error(GOT_ERR_EOF);
1052 disconnect_on_error(client, err);
1058 if ((events & EV_READ) == 0)
1061 memset(&imsg, 0, sizeof(imsg));
1063 while (err == NULL) {
1064 err = gotd_imsg_recv(&imsg, ibuf, 0);
1066 if (err->code == GOT_ERR_PRIVSEP_READ)
1068 else if (err->code == GOT_ERR_EOF &&
1069 client->state == GOTD_STATE_EXPECT_CAPABILITIES) {
1071 * The client has closed its socket before
1072 * sending its capability announcement.
1073 * This can happen when Git clients have
1074 * no ref-updates to send.
1076 disconnect_on_error(client, err);
1082 evtimer_del(&client->tmo);
1084 switch (imsg.hdr.type) {
1085 case GOTD_IMSG_CAPABILITIES:
1086 if (client->state != GOTD_STATE_EXPECT_CAPABILITIES) {
1087 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1088 "unexpected capabilities received");
1091 log_debug("receiving capabilities from uid %d",
1093 err = recv_capabilities(client, &imsg);
1095 case GOTD_IMSG_CAPABILITY:
1096 if (client->state != GOTD_STATE_EXPECT_CAPABILITIES) {
1097 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1098 "unexpected capability received");
1101 err = recv_capability(client, &imsg);
1102 if (err || client->ncapabilities < client->ncapa_alloc)
1104 if (!client->is_writing) {
1105 client->state = GOTD_STATE_EXPECT_WANT;
1106 client->accept_flush_pkt = 1;
1107 log_debug("uid %d: expecting want-lines",
1109 } else if (client->is_writing) {
1110 client->state = GOTD_STATE_EXPECT_REF_UPDATE;
1111 client->accept_flush_pkt = 1;
1112 log_debug("uid %d: expecting ref-update-lines",
1115 fatalx("client %d is both reading and writing",
1118 case GOTD_IMSG_WANT:
1119 if (client->state != GOTD_STATE_EXPECT_WANT) {
1120 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1121 "unexpected want-line received");
1124 log_debug("received want-line from uid %d",
1126 err = ensure_client_is_reading(client);
1129 client->accept_flush_pkt = 1;
1130 err = forward_want(client, &imsg);
1132 case GOTD_IMSG_REF_UPDATE:
1133 if (client->state != GOTD_STATE_EXPECT_REF_UPDATE &&
1135 GOTD_STATE_EXPECT_MORE_REF_UPDATES) {
1136 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1137 "unexpected ref-update-line received");
1140 log_debug("received ref-update-line from uid %d",
1142 err = ensure_client_is_writing(client);
1145 err = forward_ref_update(client, &imsg);
1148 client->state = GOTD_STATE_EXPECT_MORE_REF_UPDATES;
1149 client->accept_flush_pkt = 1;
1151 case GOTD_IMSG_HAVE:
1152 if (client->state != GOTD_STATE_EXPECT_HAVE) {
1153 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1154 "unexpected have-line received");
1157 log_debug("received have-line from uid %d",
1159 err = ensure_client_is_reading(client);
1162 err = forward_have(client, &imsg);
1165 client->accept_flush_pkt = 1;
1167 case GOTD_IMSG_FLUSH:
1168 if (client->state == GOTD_STATE_EXPECT_WANT ||
1169 client->state == GOTD_STATE_EXPECT_HAVE) {
1170 err = ensure_client_is_reading(client);
1173 } else if (client->state ==
1174 GOTD_STATE_EXPECT_MORE_REF_UPDATES) {
1175 err = ensure_client_is_writing(client);
1178 } else if (client->state != GOTD_STATE_EXPECT_DONE) {
1179 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1180 "unexpected flush-pkt received");
1183 if (!client->accept_flush_pkt) {
1184 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1185 "unexpected flush-pkt received");
1190 * Accept just one flush packet at a time.
1191 * Future client state transitions will set this flag
1192 * again if another flush packet is expected.
1194 client->accept_flush_pkt = 0;
1196 log_debug("received flush-pkt from uid %d",
1198 if (client->state == GOTD_STATE_EXPECT_WANT) {
1199 client->state = GOTD_STATE_EXPECT_HAVE;
1200 log_debug("uid %d: expecting have-lines",
1202 } else if (client->state == GOTD_STATE_EXPECT_HAVE) {
1203 client->state = GOTD_STATE_EXPECT_DONE;
1204 client->accept_flush_pkt = 1;
1205 log_debug("uid %d: expecting 'done'",
1207 } else if (client->state ==
1208 GOTD_STATE_EXPECT_MORE_REF_UPDATES) {
1209 client->state = GOTD_STATE_EXPECT_PACKFILE;
1210 log_debug("uid %d: expecting packfile",
1212 err = recv_packfile(client);
1213 } else if (client->state != GOTD_STATE_EXPECT_DONE) {
1214 /* should not happen, see above */
1215 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1216 "unexpected client state");
1220 case GOTD_IMSG_DONE:
1221 if (client->state != GOTD_STATE_EXPECT_HAVE &&
1222 client->state != GOTD_STATE_EXPECT_DONE) {
1223 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1224 "unexpected flush-pkt received");
1227 log_debug("received 'done' from uid %d", client->euid);
1228 err = ensure_client_is_reading(client);
1231 client->state = GOTD_STATE_DONE;
1232 client->accept_flush_pkt = 1;
1233 err = send_packfile(client);
1236 log_debug("unexpected imsg %d", imsg.hdr.type);
1237 err = got_error(GOT_ERR_PRIVSEP_MSG);
1245 if (err->code != GOT_ERR_EOF ||
1246 client->state != GOTD_STATE_EXPECT_PACKFILE)
1247 disconnect_on_error(client, err);
1249 gotd_imsg_event_add(iev);
1250 evtimer_add(&client->tmo, &gotd_session.request_timeout);
1254 static const struct got_error *
1255 list_refs_request(void)
1257 static const struct got_error *err;
1258 struct gotd_session_client *client = &gotd_session_client;
1259 struct gotd_imsgev *iev = &client->repo_child_iev;
1260 struct gotd_imsg_list_refs_internal ilref;
1263 if (client->state != GOTD_STATE_EXPECT_LIST_REFS)
1264 return got_error(GOT_ERR_PRIVSEP_MSG);
1266 memset(&ilref, 0, sizeof(ilref));
1267 ilref.client_id = client->id;
1269 fd = dup(client->fd);
1271 return got_error_from_errno("dup");
1273 if (gotd_imsg_compose_event(iev, GOTD_IMSG_LIST_REFS_INTERNAL,
1274 PROC_SESSION, fd, &ilref, sizeof(ilref)) == -1) {
1275 err = got_error_from_errno("imsg compose LIST_REFS_INTERNAL");
1280 client->state = GOTD_STATE_EXPECT_CAPABILITIES;
1281 log_debug("uid %d: expecting capabilities", client->euid);
1285 static const struct got_error *
1286 recv_connect(struct imsg *imsg)
1288 struct gotd_session_client *client = &gotd_session_client;
1289 struct gotd_imsg_connect iconnect;
1292 if (client->state != GOTD_STATE_EXPECT_LIST_REFS)
1293 return got_error(GOT_ERR_PRIVSEP_MSG);
1295 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1296 if (datalen != sizeof(iconnect))
1297 return got_error(GOT_ERR_PRIVSEP_LEN);
1298 memcpy(&iconnect, imsg->data, sizeof(iconnect));
1301 return got_error(GOT_ERR_PRIVSEP_NO_FD);
1303 client->fd = imsg->fd;
1304 client->euid = iconnect.euid;
1305 client->egid = iconnect.egid;
1307 imsg_init(&client->iev.ibuf, client->fd);
1308 client->iev.handler = session_dispatch_client;
1309 client->iev.events = EV_READ;
1310 client->iev.handler_arg = NULL;
1311 event_set(&client->iev.ev, client->iev.ibuf.fd, EV_READ,
1312 session_dispatch_client, &client->iev);
1313 gotd_imsg_event_add(&client->iev);
1314 evtimer_set(&client->tmo, gotd_request_timeout, client);
1319 static const struct got_error *
1320 recv_repo_child(struct imsg *imsg)
1322 struct gotd_imsg_connect_repo_child ichild;
1323 struct gotd_session_client *client = &gotd_session_client;
1326 if (client->state != GOTD_STATE_EXPECT_LIST_REFS)
1327 return got_error(GOT_ERR_PRIVSEP_MSG);
1329 /* We should already have received a pipe to the listener. */
1330 if (client->fd == -1)
1331 return got_error(GOT_ERR_PRIVSEP_MSG);
1333 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1334 if (datalen != sizeof(ichild))
1335 return got_error(GOT_ERR_PRIVSEP_LEN);
1337 memcpy(&ichild, imsg->data, sizeof(ichild));
1339 client->id = ichild.client_id;
1340 if (ichild.proc_id == PROC_REPO_WRITE)
1341 client->is_writing = 1;
1342 else if (ichild.proc_id == PROC_REPO_READ)
1343 client->is_writing = 0;
1345 return got_error_msg(GOT_ERR_PRIVSEP_MSG,
1346 "bad child process type");
1349 return got_error(GOT_ERR_PRIVSEP_NO_FD);
1351 imsg_init(&client->repo_child_iev.ibuf, imsg->fd);
1352 client->repo_child_iev.handler = session_dispatch_repo_child;
1353 client->repo_child_iev.events = EV_READ;
1354 client->repo_child_iev.handler_arg = NULL;
1355 event_set(&client->repo_child_iev.ev, client->repo_child_iev.ibuf.fd,
1356 EV_READ, session_dispatch_repo_child, &client->repo_child_iev);
1357 gotd_imsg_event_add(&client->repo_child_iev);
1359 /* The "recvfd" pledge promise is no longer needed. */
1360 if (pledge("stdio rpath wpath cpath sendfd fattr flock", NULL) == -1)
1367 session_dispatch(int fd, short event, void *arg)
1369 struct gotd_imsgev *iev = arg;
1370 struct imsgbuf *ibuf = &iev->ibuf;
1371 struct gotd_session_client *client = &gotd_session_client;
1376 if (event & EV_READ) {
1377 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
1378 fatal("imsg_read error");
1380 /* Connection closed. */
1386 if (event & EV_WRITE) {
1387 n = msgbuf_write(&ibuf->w);
1388 if (n == -1 && errno != EAGAIN)
1389 fatal("msgbuf_write");
1391 /* Connection closed. */
1398 const struct got_error *err = NULL;
1399 uint32_t client_id = 0;
1400 int do_disconnect = 0, do_list_refs = 0;
1402 if ((n = imsg_get(ibuf, &imsg)) == -1)
1403 fatal("%s: imsg_get error", __func__);
1404 if (n == 0) /* No more messages. */
1407 switch (imsg.hdr.type) {
1408 case GOTD_IMSG_ERROR:
1410 err = gotd_imsg_recv_error(&client_id, &imsg);
1412 case GOTD_IMSG_CONNECT:
1413 err = recv_connect(&imsg);
1415 case GOTD_IMSG_DISCONNECT:
1418 case GOTD_IMSG_CONNECT_REPO_CHILD:
1419 err = recv_repo_child(&imsg);
1425 log_debug("unexpected imsg %d", imsg.hdr.type);
1430 if (do_disconnect) {
1432 disconnect_on_error(client, err);
1435 } else if (do_list_refs)
1436 err = list_refs_request();
1439 log_warnx("uid %d: %s", client->euid, err->msg);
1443 gotd_imsg_event_add(iev);
1445 /* This pipe is dead. Remove its event handler */
1446 event_del(&iev->ev);
1447 event_loopexit(NULL);
1452 session_main(const char *title, const char *repo_path,
1453 int *pack_fds, int *temp_fds, struct timeval *request_timeout)
1455 const struct got_error *err = NULL;
1456 struct event evsigint, evsigterm, evsighup, evsigusr1;
1458 gotd_session.title = title;
1459 gotd_session.pid = getpid();
1460 gotd_session.pack_fds = pack_fds;
1461 gotd_session.temp_fds = temp_fds;
1462 memcpy(&gotd_session.request_timeout, request_timeout,
1463 sizeof(gotd_session.request_timeout));
1465 err = got_repo_open(&gotd_session.repo, repo_path, NULL, pack_fds);
1468 if (!got_repo_is_bare(gotd_session.repo)) {
1469 err = got_error_msg(GOT_ERR_NOT_GIT_REPO,
1470 "bare git repository required");
1474 got_repo_temp_fds_set(gotd_session.repo, temp_fds);
1476 signal_set(&evsigint, SIGINT, gotd_session_sighdlr, NULL);
1477 signal_set(&evsigterm, SIGTERM, gotd_session_sighdlr, NULL);
1478 signal_set(&evsighup, SIGHUP, gotd_session_sighdlr, NULL);
1479 signal_set(&evsigusr1, SIGUSR1, gotd_session_sighdlr, NULL);
1480 signal(SIGPIPE, SIG_IGN);
1482 signal_add(&evsigint, NULL);
1483 signal_add(&evsigterm, NULL);
1484 signal_add(&evsighup, NULL);
1485 signal_add(&evsigusr1, NULL);
1487 gotd_session_client.state = GOTD_STATE_EXPECT_LIST_REFS;
1488 gotd_session_client.fd = -1;
1489 gotd_session_client.nref_updates = -1;
1490 gotd_session_client.delta_cache_fd = -1;
1491 gotd_session_client.accept_flush_pkt = 1;
1493 imsg_init(&gotd_session.parent_iev.ibuf, GOTD_FILENO_MSG_PIPE);
1494 gotd_session.parent_iev.handler = session_dispatch;
1495 gotd_session.parent_iev.events = EV_READ;
1496 gotd_session.parent_iev.handler_arg = NULL;
1497 event_set(&gotd_session.parent_iev.ev, gotd_session.parent_iev.ibuf.fd,
1498 EV_READ, session_dispatch, &gotd_session.parent_iev);
1499 if (gotd_imsg_compose_event(&gotd_session.parent_iev,
1500 GOTD_IMSG_CLIENT_SESSION_READY, PROC_SESSION, -1, NULL, 0) == -1) {
1501 err = got_error_from_errno("imsg compose CLIENT_SESSION_READY");
1508 log_warnx("%s: %s", title, err->msg);
1509 gotd_session_shutdown();
1513 gotd_session_shutdown(void)
1515 log_debug("shutting down");
1516 if (gotd_session.repo)
1517 got_repo_close(gotd_session.repo);
1518 got_repo_pack_fds_close(gotd_session.pack_fds);
1519 got_repo_temp_fds_close(gotd_session.temp_fds);
