1 /*
2  * Copyright (c) 2022 Stefan Sperling <stsp@openbsd.org>
3  *
4  * Permission to use, copy, modify, and distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 
18 #define GOTD_UNIX_SOCKET "/var/run/gotd.sock"
19 #define GOTD_UNIX_SOCKET_BACKLOG 10
20 #define GOTD_USER	"_gotd"
21 #define GOTD_CONF_PATH	"/etc/gotd.conf"
22 #define GOTD_EMPTY_PATH	"/var/empty"
23 
24 #define GOTD_MAXCLIENTS		1024
25 #define GOTD_MAX_CONN_PER_UID	4
26 #define GOTD_FD_RESERVE		5
27 #define GOTD_FD_NEEDED		6
28 #define GOTD_FILENO_MSG_PIPE	3
29 
30 #define GOTD_DEFAULT_REQUEST_TIMEOUT	3600
31 
32 /* Client hash tables need some extra room. */
33 #define GOTD_CLIENT_TABLE_SIZE (GOTD_MAXCLIENTS * 4)
34 
35 enum gotd_procid {
36 	PROC_GOTD	= 0,
37 	PROC_LISTEN,
38 	PROC_AUTH,
39 	PROC_SESSION_READ,
40 	PROC_SESSION_WRITE,
41 	PROC_REPO_READ,
42 	PROC_REPO_WRITE,
43 	PROC_MAX,
44 };
45 
46 struct gotd_imsgev {
47 	struct imsgbuf	 ibuf;
48 	void		(*handler)(int, short, void *);
49 	void		*handler_arg;
50 	struct event	 ev;
51 	short		 events;
52 };
53 
54 struct gotd_child_proc {
55 	pid_t pid;
56 	enum gotd_procid type;
57 	char repo_name[NAME_MAX];
58 	char repo_path[PATH_MAX];
59 	int pipe[2];
60 	struct gotd_imsgev iev;
61 	size_t nhelpers;
62 };
63 
64 enum gotd_access {
65 	GOTD_ACCESS_PERMITTED = 1,
66 	GOTD_ACCESS_DENIED
67 };
68 
69 struct gotd_access_rule {
70 	STAILQ_ENTRY(gotd_access_rule) entry;
71 
72 	enum gotd_access access;
73 
74 	int authorization;
75 #define GOTD_AUTH_READ		0x1
76 #define GOTD_AUTH_WRITE		0x2
77 
78 	char *identifier;
79 };
80 STAILQ_HEAD(gotd_access_rule_list, gotd_access_rule);
81 
82 struct gotd_repo {
83 	TAILQ_ENTRY(gotd_repo)	 entry;
84 
85 	char name[NAME_MAX];
86 	char path[PATH_MAX];
87 
88 	struct gotd_access_rule_list rules;
89 	struct got_pathlist_head protected_tag_namespaces;
90 	struct got_pathlist_head protected_branch_namespaces;
91 	struct got_pathlist_head protected_branches;
92 };
93 TAILQ_HEAD(gotd_repolist, gotd_repo);
94 
95 enum gotd_session_state {
96 	GOTD_STATE_EXPECT_LIST_REFS,
97 	GOTD_STATE_EXPECT_CAPABILITIES,
98 	GOTD_STATE_EXPECT_WANT,
99 	GOTD_STATE_EXPECT_REF_UPDATE,
100 	GOTD_STATE_EXPECT_MORE_REF_UPDATES,
101 	GOTD_STATE_EXPECT_HAVE,
102 	GOTD_STATE_EXPECT_PACKFILE,
103 	GOTD_STATE_EXPECT_DONE,
104 	GOTD_STATE_DONE,
105 };
106 
107 struct gotd_client_capability {
108 	char *key;
109 	char *value;
110 };
111 
112 struct gotd_object_id_array {
113 	struct got_object_id		**ids;
114 	size_t				 nalloc;
115 	size_t				 nids;
116 };
117 
118 struct gotd_uid_connection_limit {
119 	uid_t uid;
120 	int max_connections;
121 };
122 
123 struct gotd {
124 	pid_t pid;
125 	char unix_socket_path[PATH_MAX];
126 	char user_name[32];
127 	struct gotd_repolist repos;
128 	int nrepos;
129 	struct gotd_child_proc listen_proc;
130 	struct timeval request_timeout;
131 	struct timeval auth_timeout;
132 	struct gotd_uid_connection_limit *connection_limits;
133 	size_t nconnection_limits;
134 
135 	char *argv0;
136 	const char *confpath;
137 	int daemonize;
138 	int verbosity;
139 };
140 
141 enum gotd_imsg_type {
142 	/* An error occured while processing a request. */
143 	GOTD_IMSG_ERROR,
144 
145 	/* Commands used by gotctl(8). */
146 	GOTD_IMSG_INFO,
147 	GOTD_IMSG_INFO_REPO,
148 	GOTD_IMSG_INFO_CLIENT,
149 	GOTD_IMSG_STOP,
150 
151 	/* Request a list of references. */
152 	GOTD_IMSG_LIST_REFS,
153 	GOTD_IMSG_LIST_REFS_INTERNAL,
154 
155 	/* References. */
156 	GOTD_IMSG_REFLIST,
157 	GOTD_IMSG_REF,
158 	GOTD_IMSG_SYMREF,
159 
160 	/* Git protocol capabilities. */
161 	GOTD_IMSG_CAPABILITIES,
162 	GOTD_IMSG_CAPABILITY,
163 
164 	/* Git protocol chatter. */
165 	GOTD_IMSG_WANT,		/* The client wants an object. */
166 	GOTD_IMSG_HAVE,		/* The client has an object. */
167 	GOTD_IMSG_ACK,		/* The server has an object or a reference. */
168 	GOTD_IMSG_NAK,		/* The server does not have an object/ref. */
169 	GOTD_IMSG_REF_UPDATE,	/* The client wants to update a reference. */
170 	GOTD_IMSG_REF_DELETE,	/* The client wants to delete a reference. */
171 	GOTD_IMSG_FLUSH,	/* The client sent a flush packet. */
172 	GOTD_IMSG_DONE,		/* The client is done chatting. */
173 
174 	/* Sending or receiving a pack file. */
175 	GOTD_IMSG_SEND_PACKFILE, /* The server is sending a pack file. */
176 	GOTD_IMSG_RECV_PACKFILE, /* The server is receiving a pack file. */
177 	GOTD_IMSG_PACKIDX_FILE,  /* Temporary file handle for new pack index. */
178 	GOTD_IMSG_PACKFILE_PIPE, /* Pipe to send/receive a pack file stream. */
179 	GOTD_IMSG_PACKFILE_PROGRESS, /* Progress reporting. */
180 	GOTD_IMSG_PACKFILE_READY, /* Pack file is ready to be sent. */
181 	GOTD_IMSG_PACKFILE_STATUS, /* Received pack success/failure status. */
182 	GOTD_IMSG_PACKFILE_INSTALL, /* Received pack file can be installed. */
183 	GOTD_IMSG_PACKFILE_DONE, /* Pack file has been sent/received. */
184 
185 	/* Reference updates. */
186 	GOTD_IMSG_REF_UPDATES_START, /* Ref updates starting. */
187 	GOTD_IMSG_REF_UPDATE_OK, /* Update went OK. */
188 	GOTD_IMSG_REF_UPDATE_NG, /* Update was not good. */
189 	GOTD_IMSG_REFS_UPDATED, /* The server proccessed all ref updates. */
190 
191 	/* Client connections. */
192 	GOTD_IMSG_DISCONNECT,
193 	GOTD_IMSG_CONNECT,
194 
195 	/* Child process management. */
196 	GOTD_IMSG_CLIENT_SESSION_READY,
197 	GOTD_IMSG_REPO_CHILD_READY,
198 	GOTD_IMSG_CONNECT_REPO_CHILD,
199 
200 	/* Auth child process. */
201 	GOTD_IMSG_AUTHENTICATE,
202 	GOTD_IMSG_ACCESS_GRANTED,
203 };
204 
205 /* Structure for GOTD_IMSG_ERROR. */
206 struct gotd_imsg_error {
207 	int code; /* an error code from got_error.h */
208 	int errno_code; /* in case code equals GOT_ERR_ERRNO */
209 	uint32_t client_id;
210 	char msg[GOT_ERR_MAX_MSG_SIZE];
211 } __attribute__((__packed__));
212 
213 /* Structure for GOTD_IMSG_INFO. */
214 struct gotd_imsg_info {
215 	pid_t pid;
216 	int verbosity;
217 	int nrepos;
218 	int nclients;
219 
220 	/* Followed by nrepos GOTD_IMSG_INFO_REPO messages. */
221 	/* Followed by nclients GOTD_IMSG_INFO_CLIENT messages. */
222 };
223 
224 /* Structure for GOTD_IMSG_INFO_REPO. */
225 struct gotd_imsg_info_repo {
226 	char repo_name[NAME_MAX];
227 	char repo_path[PATH_MAX];
228 };
229 
230 /* Structure for GOTD_IMSG_INFO_CLIENT */
231 struct gotd_imsg_info_client {
232 	uid_t euid;
233 	gid_t egid;
234 	char repo_name[NAME_MAX];
235 	int is_writing;
236 	pid_t session_child_pid;
237 	pid_t repo_child_pid;
238 };
239 
240 /* Structure for GOTD_IMSG_LIST_REFS. */
241 struct gotd_imsg_list_refs {
242 	char repo_name[NAME_MAX];
243 	int client_is_reading; /* 1 if reading, 0 if writing */
244 };
245 
246 /* Structure for GOTD_IMSG_LIST_REFS_INTERNAL. */
247 struct gotd_imsg_list_refs_internal {
248 	uint32_t client_id;
249 };
250 
251 /* Structure for GOTD_IMSG_REFLIST. */
252 struct gotd_imsg_reflist {
253 	size_t nrefs;
254 
255 	/* Followed by nrefs times of gotd_imsg_ref/gotd_imsg_symref data. */
256 } __attribute__((__packed__));
257 
258 /* Structure for GOTD_IMSG_REF data. */
259 struct gotd_imsg_ref {
260 	uint8_t id[SHA1_DIGEST_LENGTH];
261 	size_t name_len;
262 	/* Followed by name_len data bytes. */
263 } __attribute__((__packed__));
264 
265 /* Structure for GOTD_IMSG_SYMREF data. */
266 struct gotd_imsg_symref {
267 	size_t name_len;
268 	size_t target_len;
269 	uint8_t target_id[SHA1_DIGEST_LENGTH];
270 
271 	/*
272 	 * Followed by name_len + target_len data bytes.
273 	 */
274 } __attribute__((__packed__));
275 
276 /* Structure for GOTD_IMSG_CAPABILITIES data. */
277 struct gotd_imsg_capabilities {
278 	size_t ncapabilities;
279 
280 	/*
281 	 * Followed by ncapabilities * GOTD_IMSG_CAPABILITY.
282 	 */
283 } __attribute__((__packed__));
284 
285 /* Structure for GOTD_IMSG_CAPABILITY data. */
286 struct gotd_imsg_capability {
287 	size_t key_len;
288 	size_t value_len;
289 
290 	/*
291 	 * Followed by key_len + value_len data bytes.
292 	 */
293 } __attribute__((__packed__));
294 
295 /* Structure for GOTD_IMSG_WANT data. */
296 struct gotd_imsg_want {
297 	uint8_t object_id[SHA1_DIGEST_LENGTH];
298 	uint32_t client_id;
299 } __attribute__((__packed__));
300 
301 /* Structure for GOTD_IMSG_HAVE data. */
302 struct gotd_imsg_have {
303 	uint8_t object_id[SHA1_DIGEST_LENGTH];
304 	uint32_t client_id;
305 } __attribute__((__packed__));
306 
307 /* Structure for GOTD_IMSG_ACK data. */
308 struct gotd_imsg_ack {
309 	uint8_t object_id[SHA1_DIGEST_LENGTH];
310 	uint32_t client_id;
311 } __attribute__((__packed__));
312 
313 /* Structure for GOTD_IMSG_NAK data. */
314 struct gotd_imsg_nak {
315 	uint8_t object_id[SHA1_DIGEST_LENGTH];
316 	uint32_t client_id;
317 } __attribute__((__packed__));
318 
319 /* Structure for GOTD_IMSG_PACKFILE_STATUS data. */
320 struct gotd_imsg_packfile_status {
321 	size_t reason_len;
322 
323 	/* Followed by reason_len data bytes. */
324 } __attribute__((__packed__));
325 
326 
327 /* Structure for GOTD_IMSG_REF_UPDATE data. */
328 struct gotd_imsg_ref_update {
329 	uint8_t old_id[SHA1_DIGEST_LENGTH];
330 	uint8_t new_id[SHA1_DIGEST_LENGTH];
331 	int ref_is_new;
332 	int delete_ref;
333 	uint32_t client_id;
334 	size_t name_len;
335 
336 	/* Followed by name_len data bytes. */
337 } __attribute__((__packed__));
338 
339 /* Structure for GOTD_IMSG_REF_UPDATES_START data. */
340 struct gotd_imsg_ref_updates_start {
341 	int nref_updates;
342 	uint32_t client_id;
343 
344 	/* Followed by nref_updates GOT_IMSG_REF_UPDATE_OK/NG messages. */
345 };
346 
347 /* Structure for GOTD_IMSG_REF_UPDATE_OK data. */
348 struct gotd_imsg_ref_update_ok {
349 	uint8_t old_id[SHA1_DIGEST_LENGTH];
350 	uint8_t new_id[SHA1_DIGEST_LENGTH];
351 	int ref_is_new;
352 	uint32_t client_id;
353 	size_t name_len;
354 
355 	/* Followed by name_len data bytes. */
356 } __attribute__((__packed__));
357 
358 /* Structure for GOTD_IMSG_REF_UPDATE_NG data. */
359 struct gotd_imsg_ref_update_ng {
360 	uint8_t old_id[SHA1_DIGEST_LENGTH];
361 	uint8_t new_id[SHA1_DIGEST_LENGTH];
362 	uint32_t client_id;
363 	size_t name_len;
364 	size_t reason_len;
365 
366 	/* Followed by name_len + reason_len data bytes. */
367 } __attribute__((__packed__));
368 
369 /* Structure for GOTD_IMSG_SEND_PACKFILE data. */
370 struct gotd_imsg_send_packfile {
371 	uint32_t client_id;
372 	int report_progress;
373 
374 	/* delta cache file is sent as a file descriptor */
375 
376 	/* followed by two GOTD_IMSG_PACKFILE_PIPE messages */
377 };
378 
379 /* Structure for GOTD_IMSG_RECV_PACKFILE data. */
380 struct gotd_imsg_recv_packfile {
381 	uint32_t client_id;
382 	int report_status;
383 
384 	/* pack destination temp file is sent as a file descriptor */
385 };
386 
387 /* Structure for GOTD_IMSG_PACKFILE_PIPE data. */
388 struct gotd_imsg_packfile_pipe {
389 	uint32_t client_id;
390 };
391 
392 /* Structure for GOTD_IMSG_PACKIDX_FILE data. */
393 struct gotd_imsg_packidx_file {
394 	uint32_t client_id;
395 };
396 
397 
398 /*
399  * Structure for GOTD_IMSG_PACKFILE_PROGRESS and
400  * GOTD_IMSG_PACKFILE_READY data.
401  */
402 struct gotd_imsg_packfile_progress {
403 	uint32_t client_id;
404 	int ncolored;
405 	int nfound;
406 	int ntrees;
407 	off_t packfile_size;
408 	int ncommits;
409 	int nobj_total;
410 	int nobj_deltify;
411 	int nobj_written;
412 };
413 
414 /* Structure for GOTD_IMSG_PACKFILE_INSTALL. */
415 struct gotd_imsg_packfile_install {
416 	uint32_t client_id;
417 	uint8_t pack_sha1[SHA1_DIGEST_LENGTH];
418 };
419 
420 /* Structure for GOTD_IMSG_PACKFILE_DONE data. */
421 struct gotd_imsg_packfile_done {
422 	uint32_t client_id;
423 };
424 
425 /* Structure for GOTD_IMSG_DISCONNECT data. */
426 struct gotd_imsg_disconnect {
427 	uint32_t client_id;
428 };
429 
430 /* Structure for GOTD_IMSG_CONNECT. */
431 struct gotd_imsg_connect {
432 	uint32_t client_id;
433 	uid_t euid;
434 	gid_t egid;
435 };
436 
437 /* Structure for GOTD_IMSG_CONNECT_REPO_CHILD. */
438 struct gotd_imsg_connect_repo_child {
439 	uint32_t client_id;
440 	enum gotd_procid proc_id;
441 
442 	/* repo child imsg pipe is passed via imsg fd */
443 };
444 
445 /* Structure for GOTD_IMSG_AUTHENTICATE. */
446 struct gotd_imsg_auth {
447 	uid_t euid;
448 	gid_t egid;
449 	int required_auth;
450 	uint32_t client_id;
451 };
452 
453 int parse_config(const char *, enum gotd_procid, struct gotd *, int);
454 struct gotd_repo *gotd_find_repo_by_name(const char *, struct gotd *);
455 struct gotd_repo *gotd_find_repo_by_path(const char *, struct gotd *);
456 struct gotd_uid_connection_limit *gotd_find_uid_connection_limit(
457     struct gotd_uid_connection_limit *limits, size_t nlimits, uid_t uid);
458 int gotd_parseuid(const char *s, uid_t *uid);
459 
460 /* imsg.c */
461 const struct got_error *gotd_imsg_flush(struct imsgbuf *);
462 const struct got_error *gotd_imsg_recv(struct imsg *, struct imsgbuf *, size_t);
463 const struct got_error *gotd_imsg_poll_recv(struct imsg *, struct imsgbuf *,
464     size_t);
465 const struct got_error *gotd_imsg_recv_error(uint32_t *client_id,
466     struct imsg *imsg);
467 int gotd_imsg_send_error(struct imsgbuf *ibuf, uint32_t, uint32_t,
468     const struct got_error *);
469 int gotd_imsg_send_error_event(struct gotd_imsgev *, uint32_t, uint32_t,
470     const struct got_error *);
471 void gotd_imsg_event_add(struct gotd_imsgev *);
472 int gotd_imsg_compose_event(struct gotd_imsgev *, uint16_t, uint32_t, int,
473     void *, uint16_t);
474 int gotd_imsg_forward(struct gotd_imsgev *, struct imsg *, int);
475 
476 void gotd_imsg_send_ack(struct got_object_id *, struct imsgbuf *,
477     uint32_t, pid_t);
478 void gotd_imsg_send_nak(struct got_object_id *, struct imsgbuf *,
479     uint32_t, pid_t);