search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
portable: HOST_NAME_MAX
[got-portable.git] / lib / dial.c
blob6fa757506d48c984249b92d3cdc2b11114394737
1 /*
2 * Copyright (c) 2018, 2019 Ori Bernstein <ori@openbsd.org>
3 * Copyright (c) 2021 Stefan Sperling <stsp@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18 #include "got_compat.h"
19
20 #include <sys/queue.h>
21 #include <sys/types.h>
22 #include <sys/socket.h>
23 #include <netdb.h>
24
25 #include <assert.h>
26 #include <err.h>
27 #include <limits.h>
28 #include <stdio.h>
29 #include <stdlib.h>
30 #include <string.h>
31 #include <unistd.h>
32
33 #include "got_error.h"
34 #include "got_path.h"
35
36 #include "got_compat.h"
37
38 #include "got_lib_dial.h"
39 #include "got_dial.h"
40
41 #ifndef nitems
42 #define nitems(_a) (sizeof((_a)) / sizeof((_a)[0]))
43 #endif
44
45 #ifndef ssizeof
46 #define ssizeof(_x) ((ssize_t)(sizeof(_x)))
47 #endif
48
49 #ifndef MIN
50 #define MIN(_a,_b) ((_a) < (_b) ? (_a) : (_b))
51 #endif
52
53 #ifndef GOT_DIAL_PATH_SSH
54 #define GOT_DIAL_PATH_SSH "/usr/bin/ssh"
55 #endif
56
57 /* IANA assigned */
58 #define GOT_DEFAULT_GIT_PORT 9418
59 #define GOT_DEFAULT_GIT_PORT_STR "9418"
60
61 const struct got_error *
62 got_dial_apply_unveil(const char *proto)
63 {
64 if (strcmp(proto, "git+ssh") == 0 || strcmp(proto, "ssh") == 0) {
65 if (unveil(GOT_DIAL_PATH_SSH, "x") != 0) {
66 return got_error_from_errno2("unveil",
67 GOT_DIAL_PATH_SSH);
68 }
69 }
70
71 return NULL;
72 }
73
74 static int
75 hassuffix(const char *base, const char *suf)
76 {
77 int nb, ns;
78
79 nb = strlen(base);
80 ns = strlen(suf);
81 if (ns <= nb && strcmp(base + (nb - ns), suf) == 0)
82 return 1;
83 return 0;
84 }
85
86 const struct got_error *
87 got_dial_parse_uri(char **proto, char **host, char **port,
88 char **server_path, char **repo_name, const char *uri)
89 {
90 const struct got_error *err = NULL;
91 char *s, *p, *q;
92
93 *proto = *host = *port = *server_path = *repo_name = NULL;
94
95 p = strstr(uri, "://");
96 if (!p) {
97 /* Try parsing Git's "scp" style URL syntax. */
98 *proto = strdup("ssh");
99 if (*proto == NULL) {
100 err = got_error_from_errno("strdup");
101 goto done;
102 }
103 s = (char *)uri;
104 q = strchr(s, ':');
105 if (q == NULL) {
106 err = got_error(GOT_ERR_PARSE_URI);
107 goto done;
108 }
109 /* No slashes allowed before first colon. */
110 p = strchr(s, '/');
111 if (p && q > p) {
112 err = got_error(GOT_ERR_PARSE_URI);
113 goto done;
114 }
115 *host = strndup(s, q - s);
116 if (*host == NULL) {
117 err = got_error_from_errno("strndup");
118 goto done;
119 }
120 if ((*host)[0] == '\0') {
121 err = got_error(GOT_ERR_PARSE_URI);
122 goto done;
123 }
124 p = q + 1;
125 } else {
126 *proto = strndup(uri, p - uri);
127 if (*proto == NULL) {
128 err = got_error_from_errno("strndup");
129 goto done;
130 }
131 s = p + 3;
132
133 p = strstr(s, "/");
134 if (p == NULL || strlen(p) == 1) {
135 err = got_error(GOT_ERR_PARSE_URI);
136 goto done;
137 }
138
139 q = memchr(s, ':', p - s);
140 if (q) {
141 *host = strndup(s, q - s);
142 if (*host == NULL) {
143 err = got_error_from_errno("strndup");
144 goto done;
145 }
146 if ((*host)[0] == '\0') {
147 err = got_error(GOT_ERR_PARSE_URI);
148 goto done;
149 }
150 *port = strndup(q + 1, p - (q + 1));
151 if (*port == NULL) {
152 err = got_error_from_errno("strndup");
153 goto done;
154 }
155 if ((*port)[0] == '\0') {
156 err = got_error(GOT_ERR_PARSE_URI);
157 goto done;
158 }
159 } else {
160 *host = strndup(s, p - s);
161 if (*host == NULL) {
162 err = got_error_from_errno("strndup");
163 goto done;
164 }
165 if ((*host)[0] == '\0') {
166 err = got_error(GOT_ERR_PARSE_URI);
167 goto done;
168 }
169 }
170 }
171
172 while (p[0] == '/' && p[1] == '/')
173 p++;
174 *server_path = strdup(p);
175 if (*server_path == NULL) {
176 err = got_error_from_errno("strdup");
177 goto done;
178 }
179 got_path_strip_trailing_slashes(*server_path);
180 if ((*server_path)[0] == '\0') {
181 err = got_error(GOT_ERR_PARSE_URI);
182 goto done;
183 }
184
185 err = got_path_basename(repo_name, *server_path);
186 if (err)
187 goto done;
188 if (hassuffix(*repo_name, ".git"))
189 (*repo_name)[strlen(*repo_name) - 4] = '\0';
190 if ((*repo_name)[0] == '\0')
191 err = got_error(GOT_ERR_PARSE_URI);
192 done:
193 if (err) {
194 free(*proto);
195 *proto = NULL;
196 free(*host);
197 *host = NULL;
198 free(*port);
199 *port = NULL;
200 free(*server_path);
201 *server_path = NULL;
202 free(*repo_name);
203 *repo_name = NULL;
204 }
205 return err;
206 }
207
208 /*
209 * Escape a given path for the shell which will be started by sshd.
210 * In particular, git-shell is known to require single-quote characters
211 * around its repository path argument and will refuse to run otherwise.
212 */
213 static const struct got_error *
214 escape_path(char *buf, size_t bufsize, const char *path)
215 {
216 const char *p;
217 char *q;
218
219 p = path;
220 q = buf;
221
222 if (bufsize > 1)
223 *q++ = '\'';
224
225 while (*p != '\0' && (q - buf < bufsize)) {
226 /* git escapes ! too */
227 if (*p != '\'' && *p != '!') {
228 *q++ = *p++;
229 continue;
230 }
231
232 if (q - buf + 4 >= bufsize)
233 break;
234 *q++ = '\'';
235 *q++ = '\\';
236 *q++ = *p++;
237 *q++ = '\'';
238 }
239
240 if (*p == '\0' && (q - buf + 1 < bufsize)) {
241 *q++ = '\'';
242 *q = '\0';
243 return NULL;
244 }
245
246 return got_error_fmt(GOT_ERR_NO_SPACE, "overlong path: %s", path);
247 }
248
249 const struct got_error *
250 got_dial_ssh(pid_t *newpid, int *newfd, const char *host,
251 const char *port, const char *path, const char *command, int verbosity)
252 {
253 const struct got_error *error = NULL;
254 int pid, pfd[2];
255 char cmd[64];
256 char escaped_path[PATH_MAX];
257 const char *argv[11];
258 int i = 0, j;
259
260 *newpid = -1;
261 *newfd = -1;
262
263 error = escape_path(escaped_path, sizeof(escaped_path), path);
264 if (error)
265 return error;
266
267 argv[i++] = GOT_DIAL_PATH_SSH;
268 if (port != NULL) {
269 argv[i++] = "-p";
270 argv[i++] = (char *)port;
271 }
272 if (verbosity == -1) {
273 argv[i++] = "-q";
274 } else {
275 /* ssh(1) allows up to 3 "-v" options. */
276 for (j = 0; j < MIN(3, verbosity); j++)
277 argv[i++] = "-v";
278 }
279 argv[i++] = "--";
280 argv[i++] = (char *)host;
281 argv[i++] = (char *)cmd;
282 argv[i++] = (char *)escaped_path;
283 argv[i++] = NULL;
284 assert(i <= nitems(argv));
285
286 if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pfd) == -1)
287 return got_error_from_errno("socketpair");
288
289 pid = fork();
290 if (pid == -1) {
291 error = got_error_from_errno("fork");
292 close(pfd[0]);
293 close(pfd[1]);
294 return error;
295 } else if (pid == 0) {
296 if (close(pfd[1]) == -1)
297 err(1, "close");
298 if (dup2(pfd[0], 0) == -1)
299 err(1, "dup2");
300 if (dup2(pfd[0], 1) == -1)
301 err(1, "dup2");
302 if (strlcpy(cmd, command, sizeof(cmd)) >= sizeof(cmd))
303 err(1, "snprintf");
304 if (execv(GOT_DIAL_PATH_SSH, (char *const *)argv) == -1)
305 err(1, "execv");
306 abort(); /* not reached */
307 } else {
308 if (close(pfd[0]) == -1)
309 return got_error_from_errno("close");
310 *newpid = pid;
311 *newfd = pfd[1];
312 return NULL;
313 }
314 }
315
316 const struct got_error *
317 got_dial_git(int *newfd, const char *host, const char *port,
318 const char *path, const char *command)
319 {
320 const struct got_error *err = NULL;
321 struct addrinfo hints, *servinfo, *p;
322 char *cmd = NULL;
323 int fd = -1, len, r, eaicode;
324
325 *newfd = -1;
326
327 if (port == NULL)
328 port = GOT_DEFAULT_GIT_PORT_STR;
329
330 memset(&hints, 0, sizeof hints);
331 hints.ai_family = AF_UNSPEC;
332 hints.ai_socktype = SOCK_STREAM;
333 eaicode = getaddrinfo(host, port, &hints, &servinfo);
334 if (eaicode) {
335 char msg[512];
336 snprintf(msg, sizeof(msg), "%s: %s", host,
337 gai_strerror(eaicode));
338 return got_error_msg(GOT_ERR_ADDRINFO, msg);
339 }
340
341 for (p = servinfo; p != NULL; p = p->ai_next) {
342 if ((fd = socket(p->ai_family, p->ai_socktype,
343 p->ai_protocol)) == -1)
344 continue;
345 if (connect(fd, p->ai_addr, p->ai_addrlen) == 0) {
346 err = NULL;
347 break;
348 }
349 err = got_error_from_errno("connect");
350 close(fd);
351 }
352 freeaddrinfo(servinfo);
353 if (p == NULL)
354 goto done;
355
356 if (asprintf(&cmd, "%s %s", command, path) == -1) {
357 err = got_error_from_errno("asprintf");
358 goto done;
359 }
360 len = 4 + strlen(cmd) + 1 + strlen("host=") + strlen(host) + 1;
361 r = dprintf(fd, "%04x%s%chost=%s%c", len, cmd, '\0', host, '\0');
362 if (r < 0)
363 err = got_error_from_errno("dprintf");
364 done:
365 free(cmd);
366 if (err) {
367 if (fd != -1)
368 close(fd);
369 } else
370 *newfd = fd;
371 return err;
372 }
373
374 const struct got_error *
375 got_dial_parse_command(char **command, char **repo_path, const char *gitcmd)
376 {
377 const struct got_error *err = NULL;
378 size_t len, cmdlen, pathlen;
379 char *path0 = NULL, *path, *abspath = NULL, *canonpath = NULL;
380 const char *relpath;
381
382 *command = NULL;
383 *repo_path = NULL;
384
385 len = strlen(gitcmd);
386
387 if (len >= strlen(GOT_DIAL_CMD_SEND) &&
388 strncmp(gitcmd, GOT_DIAL_CMD_SEND,
389 strlen(GOT_DIAL_CMD_SEND)) == 0)
390 cmdlen = strlen(GOT_DIAL_CMD_SEND);
391 else if (len >= strlen(GOT_DIAL_CMD_FETCH) &&
392 strncmp(gitcmd, GOT_DIAL_CMD_FETCH,
393 strlen(GOT_DIAL_CMD_FETCH)) == 0)
394 cmdlen = strlen(GOT_DIAL_CMD_FETCH);
395 else
396 return got_error(GOT_ERR_BAD_PACKET);
397
398 if (len <= cmdlen + 1 || gitcmd[cmdlen] != ' ')
399 return got_error(GOT_ERR_BAD_PACKET);
400
401 if (memchr(&gitcmd[cmdlen + 1], '\0', len - cmdlen) == NULL)
402 return got_error(GOT_ERR_BAD_PATH);
403
404 /* Forbid linefeeds in paths, like Git does. */
405 if (memchr(&gitcmd[cmdlen + 1], '\n', len - cmdlen) != NULL)
406 return got_error(GOT_ERR_BAD_PATH);
407
408 path0 = strdup(&gitcmd[cmdlen + 1]);
409 if (path0 == NULL)
410 return got_error_from_errno("strdup");
411 path = path0;
412 pathlen = strlen(path);
413
414 /*
415 * Git clients send a shell command.
416 * Trim spaces and quotes around the path.
417 */
418 while (path[0] == '\'' || path[0] == '\"' || path[0] == ' ') {
419 path++;
420 pathlen--;
421 }
422 while (pathlen > 0 &&
423 (path[pathlen - 1] == '\'' || path[pathlen - 1] == '\"' ||
424 path[pathlen - 1] == ' ')) {
425 path[pathlen - 1] = '\0';
426 pathlen--;
427 }
428
429 /* Deny an empty repository path. */
430 if (path[0] == '\0' || got_path_is_root_dir(path)) {
431 err = got_error(GOT_ERR_NOT_GIT_REPO);
432 goto done;
433 }
434
435 if (asprintf(&abspath, "/%s", path) == -1) {
436 err = got_error_from_errno("asprintf");
437 goto done;
438 }
439 pathlen = strlen(abspath);
440 canonpath = malloc(pathlen + 1);
441 if (canonpath == NULL) {
442 err = got_error_from_errno("malloc");
443 goto done;
444 }
445 err = got_canonpath(abspath, canonpath, pathlen + 1);
446 if (err)
447 goto done;
448
449 relpath = canonpath;
450 while (relpath[0] == '/')
451 relpath++;
452 *repo_path = strdup(relpath);
453 if (*repo_path == NULL) {
454 err = got_error_from_errno("strdup");
455 goto done;
456 }
457 *command = strndup(gitcmd, cmdlen);
458 if (*command == NULL)
459 err = got_error_from_errno("strndup");
460 done:
461 free(path0);
462 free(abspath);
463 free(canonpath);
464 if (err) {
465 free(*repo_path);
466 *repo_path = NULL;
467 }
468 return err;
469 }
portable version of Game of Trees