search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
bump version number
[got-portable.git] / gotd / gotd.h
blobacefa6519debfc5c87690b651960279456a9ac9d
1 /*
2 * Copyright (c) 2022 Stefan Sperling <stsp@openbsd.org>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #include "got_compat.h"
18
19 #define GOTD_UNIX_SOCKET "/var/run/gotd.sock"
20 #define GOTD_UNIX_SOCKET_BACKLOG 10
21 #define GOTD_USER "_gotd"
22 #define GOTD_CONF_PATH "/etc/gotd.conf"
23 #define GOTD_SECRETS_PATH "/etc/gotd-secrets.conf"
24 #ifndef GOTD_EMPTY_PATH
25 #define GOTD_EMPTY_PATH "/var/empty"
26 #endif
27
28 #ifndef GOT_LIBEXECDIR
29 #define GOT_LIBEXECDIR /usr/libexec
30 #endif
31
32 #define GOTD_STRINGIFY(x) #x
33 #define GOTD_STRINGVAL(x) GOTD_STRINGIFY(x)
34
35 #define GOTD_PROG_NOTIFY_EMAIL got-notify-email
36 #define GOTD_PROG_NOTIFY_HTTP got-notify-http
37
38 #define GOTD_PATH_PROG_NOTIFY_EMAIL \
39 GOTD_STRINGVAL(GOT_LIBEXECDIR) "/" \
40 GOTD_STRINGVAL(GOTD_PROG_NOTIFY_EMAIL)
41 #define GOTD_PATH_PROG_NOTIFY_HTTP \
42 GOTD_STRINGVAL(GOT_LIBEXECDIR) "/" \
43 GOTD_STRINGVAL(GOTD_PROG_NOTIFY_HTTP)
44
45 #define GOTD_MAXCLIENTS 1024
46 #define GOTD_MAX_CONN_PER_UID 4
47 #define GOTD_FD_RESERVE 5
48 #define GOTD_FD_NEEDED 6
49 #define GOTD_FILENO_MSG_PIPE 3
50
51 #define GOTD_DEFAULT_REQUEST_TIMEOUT 3600
52
53 /* Client hash tables need some extra room. */
54 #define GOTD_CLIENT_TABLE_SIZE (GOTD_MAXCLIENTS * 4)
55
56 enum gotd_procid {
57 PROC_GOTD = 0,
58 PROC_LISTEN,
59 PROC_AUTH,
60 PROC_SESSION_READ,
61 PROC_SESSION_WRITE,
62 PROC_REPO_READ,
63 PROC_REPO_WRITE,
64 PROC_GITWRAPPER,
65 PROC_NOTIFY,
66 PROC_MAX,
67 };
68
69 struct gotd_imsgev {
70 struct imsgbuf ibuf;
71 void (*handler)(int, short, void *);
72 void *handler_arg;
73 struct event ev;
74 short events;
75 };
76
77 enum gotd_access {
78 GOTD_ACCESS_DENIED = -1,
79 GOTD_ACCESS_PERMITTED = 1
80 };
81
82 struct gotd_access_rule {
83 STAILQ_ENTRY(gotd_access_rule) entry;
84
85 enum gotd_access access;
86
87 int authorization;
88 #define GOTD_AUTH_READ 0x1
89 #define GOTD_AUTH_WRITE 0x2
90
91 char *identifier;
92 };
93 STAILQ_HEAD(gotd_access_rule_list, gotd_access_rule);
94
95 enum gotd_notification_target_type {
96 GOTD_NOTIFICATION_VIA_EMAIL,
97 GOTD_NOTIFICATION_VIA_HTTP
98 };
99
100 struct gotd_notification_target {
101 STAILQ_ENTRY(gotd_notification_target) entry;
102
103 enum gotd_notification_target_type type;
104 union {
105 struct {
106 char *sender;
107 char *recipient;
108 char *responder;
109 char *hostname;
110 char *port;
111 } email;
112 struct {
113 int tls;
114 char *hostname;
115 char *port;
116 char *path;
117 char *auth;
118 char *hmac;
119 } http;
120 } conf;
121 };
122 STAILQ_HEAD(gotd_notification_targets, gotd_notification_target);
123
124 struct gotd_repo {
125 TAILQ_ENTRY(gotd_repo) entry;
126
127 char name[NAME_MAX];
128 char path[PATH_MAX];
129
130 struct gotd_access_rule_list rules;
131 struct got_pathlist_head protected_tag_namespaces;
132 struct got_pathlist_head protected_branch_namespaces;
133 struct got_pathlist_head protected_branches;
134
135 struct got_pathlist_head notification_refs;
136 struct got_pathlist_head notification_ref_namespaces;
137 struct gotd_notification_targets notification_targets;
138 };
139 TAILQ_HEAD(gotd_repolist, gotd_repo);
140
141 struct gotd_client_capability {
142 char *key;
143 char *value;
144 };
145
146 struct gotd_object_id_array {
147 struct got_object_id **ids;
148 size_t nalloc;
149 size_t nids;
150 };
151
152 struct gotd_uid_connection_limit {
153 uid_t uid;
154 int max_connections;
155 };
156
157 struct gotd_child_proc;
158
159 struct gotd_secrets;
160 struct gotd {
161 pid_t pid;
162 char unix_socket_path[PATH_MAX];
163 char user_name[32];
164 struct gotd_repolist repos;
165 int nrepos;
166 struct gotd_child_proc *listen_proc;
167 struct gotd_child_proc *notify_proc;
168 int notifications_enabled;
169 struct timeval request_timeout;
170 struct timeval auth_timeout;
171 struct gotd_uid_connection_limit *connection_limits;
172 size_t nconnection_limits;
173 struct gotd_secrets *secrets;
174
175 char *argv0;
176 const char *confpath;
177 int daemonize;
178 int verbosity;
179 };
180
181 enum gotd_imsg_type {
182 /* An error occurred while processing a request. */
183 GOTD_IMSG_ERROR,
184
185 /* Commands used by gotctl(8). */
186 GOTD_IMSG_INFO,
187 GOTD_IMSG_INFO_REPO,
188 GOTD_IMSG_INFO_CLIENT,
189 GOTD_IMSG_STOP,
190
191 /* Request a list of references. */
192 GOTD_IMSG_LIST_REFS,
193 GOTD_IMSG_LIST_REFS_INTERNAL,
194
195 /* References. */
196 GOTD_IMSG_REFLIST,
197 GOTD_IMSG_REF,
198 GOTD_IMSG_SYMREF,
199
200 /* Git protocol capabilities. */
201 GOTD_IMSG_CAPABILITIES,
202 GOTD_IMSG_CAPABILITY,
203
204 /* Git protocol chatter. */
205 GOTD_IMSG_WANT, /* The client wants an object. */
206 GOTD_IMSG_HAVE, /* The client has an object. */
207 GOTD_IMSG_ACK, /* The server has an object or a reference. */
208 GOTD_IMSG_NAK, /* The server does not have an object/ref. */
209 GOTD_IMSG_REF_UPDATE, /* The client wants to update a reference. */
210 GOTD_IMSG_REF_DELETE, /* The client wants to delete a reference. */
211 GOTD_IMSG_FLUSH, /* The client sent a flush packet. */
212 GOTD_IMSG_DONE, /* The client is done chatting. */
213
214 /* Sending or receiving a pack file. */
215 GOTD_IMSG_SEND_PACKFILE, /* The server is sending a pack file. */
216 GOTD_IMSG_RECV_PACKFILE, /* The server is receiving a pack file. */
217 GOTD_IMSG_PACKIDX_FILE, /* Temporary file handle for new pack index. */
218 GOTD_IMSG_PACKFILE_PIPE, /* Pipe to send/receive a pack file stream. */
219 GOTD_IMSG_PACKFILE_PROGRESS, /* Progress reporting. */
220 GOTD_IMSG_PACKFILE_READY, /* Pack file is ready to be sent. */
221 GOTD_IMSG_PACKFILE_STATUS, /* Received pack success/failure status. */
222 GOTD_IMSG_PACKFILE_INSTALL, /* Received pack file can be installed. */
223 GOTD_IMSG_PACKFILE_DONE, /* Pack file has been sent/received. */
224
225 /* Reference updates. */
226 GOTD_IMSG_REF_UPDATES_START, /* Ref updates starting. */
227 GOTD_IMSG_REF_UPDATE_OK, /* Update went OK. */
228 GOTD_IMSG_REF_UPDATE_NG, /* Update was not good. */
229 GOTD_IMSG_REFS_UPDATED, /* The server processed all ref updates. */
230
231 /* Client connections. */
232 GOTD_IMSG_DISCONNECT,
233 GOTD_IMSG_CONNECT,
234
235 /* Child process management. */
236 GOTD_IMSG_CLIENT_SESSION_READY,
237 GOTD_IMSG_REPO_CHILD_READY,
238 GOTD_IMSG_CONNECT_REPO_CHILD,
239
240 /* Auth child process. */
241 GOTD_IMSG_AUTHENTICATE,
242 GOTD_IMSG_ACCESS_GRANTED,
243
244 /* Notify child process. */
245 GOTD_IMSG_CONNECT_NOTIFIER,
246 GOTD_IMSG_CONNECT_SESSION,
247 GOTD_IMSG_NOTIFY,
248 GOTD_IMSG_NOTIFICATION_SENT,
249
250 /* Secrets. */
251 GOTD_IMSG_SECRETS, /* number of secrets */
252 GOTD_IMSG_SECRET,
253 };
254
255 /* Structure for GOTD_IMSG_ERROR. */
256 struct gotd_imsg_error {
257 int code; /* an error code from got_error.h */
258 int errno_code; /* in case code equals GOT_ERR_ERRNO */
259 uint32_t client_id;
260 char msg[GOT_ERR_MAX_MSG_SIZE];
261 } __attribute__((__packed__));
262
263 /* Structure for GOTD_IMSG_INFO. */
264 struct gotd_imsg_info {
265 pid_t pid;
266 int verbosity;
267 int nrepos;
268 int nclients;
269
270 /* Followed by nrepos GOTD_IMSG_INFO_REPO messages. */
271 /* Followed by nclients GOTD_IMSG_INFO_CLIENT messages. */
272 };
273
274 /* Structure for GOTD_IMSG_INFO_REPO. */
275 struct gotd_imsg_info_repo {
276 char repo_name[NAME_MAX];
277 char repo_path[PATH_MAX];
278 };
279
280 /* Structure for GOTD_IMSG_INFO_CLIENT */
281 struct gotd_imsg_info_client {
282 uid_t euid;
283 gid_t egid;
284 char repo_name[NAME_MAX];
285 int is_writing;
286 pid_t session_child_pid;
287 pid_t repo_child_pid;
288 };
289
290 /* Structure for GOTD_IMSG_LIST_REFS. */
291 struct gotd_imsg_list_refs {
292 char repo_name[NAME_MAX];
293 int client_is_reading; /* 1 if reading, 0 if writing */
294 };
295
296 /* Structure for GOTD_IMSG_REFLIST. */
297 struct gotd_imsg_reflist {
298 size_t nrefs;
299
300 /* Followed by nrefs times of gotd_imsg_ref/gotd_imsg_symref data. */
301 } __attribute__((__packed__));
302
303 /* Structure for GOTD_IMSG_REF data. */
304 struct gotd_imsg_ref {
305 uint8_t id[SHA1_DIGEST_LENGTH];
306 size_t name_len;
307 /* Followed by name_len data bytes. */
308 } __attribute__((__packed__));
309
310 /* Structure for GOTD_IMSG_SYMREF data. */
311 struct gotd_imsg_symref {
312 size_t name_len;
313 size_t target_len;
314 uint8_t target_id[SHA1_DIGEST_LENGTH];
315
316 /*
317 * Followed by name_len + target_len data bytes.
318 */
319 } __attribute__((__packed__));
320
321 /* Structure for GOTD_IMSG_CAPABILITIES data. */
322 struct gotd_imsg_capabilities {
323 size_t ncapabilities;
324
325 /*
326 * Followed by ncapabilities * GOTD_IMSG_CAPABILITY.
327 */
328 } __attribute__((__packed__));
329
330 /* Structure for GOTD_IMSG_CAPABILITY data. */
331 struct gotd_imsg_capability {
332 size_t key_len;
333 size_t value_len;
334
335 /*
336 * Followed by key_len + value_len data bytes.
337 */
338 } __attribute__((__packed__));
339
340 /* Structure for GOTD_IMSG_WANT data. */
341 struct gotd_imsg_want {
342 uint8_t object_id[SHA1_DIGEST_LENGTH];
343 } __attribute__((__packed__));
344
345 /* Structure for GOTD_IMSG_HAVE data. */
346 struct gotd_imsg_have {
347 uint8_t object_id[SHA1_DIGEST_LENGTH];
348 } __attribute__((__packed__));
349
350 /* Structure for GOTD_IMSG_ACK data. */
351 struct gotd_imsg_ack {
352 uint8_t object_id[SHA1_DIGEST_LENGTH];
353 } __attribute__((__packed__));
354
355 /* Structure for GOTD_IMSG_NAK data. */
356 struct gotd_imsg_nak {
357 uint8_t object_id[SHA1_DIGEST_LENGTH];
358 } __attribute__((__packed__));
359
360 /* Structure for GOTD_IMSG_PACKFILE_STATUS data. */
361 struct gotd_imsg_packfile_status {
362 size_t reason_len;
363
364 /* Followed by reason_len data bytes. */
365 } __attribute__((__packed__));
366
367
368 /* Structure for GOTD_IMSG_REF_UPDATE data. */
369 struct gotd_imsg_ref_update {
370 uint8_t old_id[SHA1_DIGEST_LENGTH];
371 uint8_t new_id[SHA1_DIGEST_LENGTH];
372 int ref_is_new;
373 int delete_ref;
374 size_t name_len;
375
376 /* Followed by name_len data bytes. */
377 } __attribute__((__packed__));
378
379 /* Structure for GOTD_IMSG_REF_UPDATES_START data. */
380 struct gotd_imsg_ref_updates_start {
381 int nref_updates;
382
383 /* Followed by nref_updates GOT_IMSG_REF_UPDATE_OK/NG messages. */
384 };
385
386 /* Structure for GOTD_IMSG_REF_UPDATE_OK data. */
387 struct gotd_imsg_ref_update_ok {
388 uint8_t old_id[SHA1_DIGEST_LENGTH];
389 uint8_t new_id[SHA1_DIGEST_LENGTH];
390 int ref_is_new;
391 size_t name_len;
392
393 /* Followed by name_len data bytes. */
394 } __attribute__((__packed__));
395
396 /* Structure for GOTD_IMSG_REF_UPDATE_NG data. */
397 struct gotd_imsg_ref_update_ng {
398 uint8_t old_id[SHA1_DIGEST_LENGTH];
399 uint8_t new_id[SHA1_DIGEST_LENGTH];
400 size_t name_len;
401 size_t reason_len;
402
403 /* Followed by name_len + reason_len data bytes. */
404 } __attribute__((__packed__));
405
406 /* Structure for GOTD_IMSG_SEND_PACKFILE data. */
407 struct gotd_imsg_send_packfile {
408 int report_progress;
409
410 /* delta cache file is sent as a file descriptor */
411
412 /* followed by two GOTD_IMSG_PACKFILE_PIPE messages */
413 };
414
415 /* Structure for GOTD_IMSG_RECV_PACKFILE data. */
416 struct gotd_imsg_recv_packfile {
417 int report_status;
418
419 /* pack destination temp file is sent as a file descriptor */
420 };
421
422 /*
423 * Structure for GOTD_IMSG_PACKFILE_PROGRESS and
424 * GOTD_IMSG_PACKFILE_READY data.
425 */
426 struct gotd_imsg_packfile_progress {
427 int ncolored;
428 int nfound;
429 int ntrees;
430 off_t packfile_size;
431 int ncommits;
432 int nobj_total;
433 int nobj_deltify;
434 int nobj_written;
435 };
436
437 /* Structure for GOTD_IMSG_PACKFILE_INSTALL. */
438 struct gotd_imsg_packfile_install {
439 uint8_t pack_sha1[SHA1_DIGEST_LENGTH];
440 };
441
442 /* Structure for GOTD_IMSG_DISCONNECT data. */
443 struct gotd_imsg_disconnect {
444 uint32_t client_id;
445 };
446
447 /* Structure for GOTD_IMSG_CONNECT. */
448 struct gotd_imsg_connect {
449 uint32_t client_id;
450 uid_t euid;
451 gid_t egid;
452 size_t username_len;
453
454 /* Followed by username_len data bytes. */
455 };
456
457 /* Structure for GOTD_IMSG_CONNECT_REPO_CHILD. */
458 struct gotd_imsg_connect_repo_child {
459 enum gotd_procid proc_id;
460
461 /* repo child imsg pipe is passed via imsg fd */
462 };
463
464 /* Structure for GOTD_IMSG_AUTHENTICATE. */
465 struct gotd_imsg_auth {
466 uid_t euid;
467 gid_t egid;
468 int required_auth;
469 uint32_t client_id;
470 };
471
472 /* Structures for GOTD_IMSG_NOTIFY. */
473 enum gotd_notification_action {
474 GOTD_NOTIF_ACTION_CREATED,
475 GOTD_NOTIF_ACTION_REMOVED,
476 GOTD_NOTIF_ACTION_CHANGED
477 };
478 /* IMSG_NOTIFY session <-> repo_write */
479 struct gotd_imsg_notification_content {
480 enum gotd_notification_action action;
481 struct got_object_id old_id;
482 struct got_object_id new_id;
483 size_t refname_len;
484 /* Followed by refname_len data bytes. */
485 };
486 /* IMSG_NOTIFY session -> notify*/
487 struct gotd_imsg_notify {
488 char repo_name[NAME_MAX];
489 char subject_line[64];
490 size_t username_len;
491 /* Followed by username_len data bytes. */
492 };
493
494 int enter_chroot(const char *);
495 int parse_config(const char *, enum gotd_procid, struct gotd_secrets *,
496 struct gotd *);
497 struct gotd_repo *gotd_find_repo_by_name(const char *, struct gotd_repolist *);
498 struct gotd_repo *gotd_find_repo_by_path(const char *, struct gotd *);
499 struct gotd_uid_connection_limit *gotd_find_uid_connection_limit(
500 struct gotd_uid_connection_limit *limits, size_t nlimits, uid_t uid);
501 int gotd_parseuid(const char *s, uid_t *uid);
502 const struct got_error *gotd_parse_url(char **, char **, char **,
503 char **, const char *);
504
505 /* imsg.c */
506 const struct got_error *gotd_imsg_flush(struct imsgbuf *);
507 const struct got_error *gotd_imsg_recv(struct imsg *, struct imsgbuf *, size_t);
508 const struct got_error *gotd_imsg_poll_recv(struct imsg *, struct imsgbuf *,
509 size_t);
510 const struct got_error *gotd_imsg_recv_error(uint32_t *client_id,
511 struct imsg *imsg);
512 int gotd_imsg_send_error(struct imsgbuf *ibuf, uint32_t, uint32_t,
513 const struct got_error *);
514 int gotd_imsg_send_error_event(struct gotd_imsgev *, uint32_t, uint32_t,
515 const struct got_error *);
516 void gotd_imsg_event_add(struct gotd_imsgev *);
517 int gotd_imsg_compose_event(struct gotd_imsgev *, uint16_t, uint32_t, int,
518 void *, uint16_t);
519 int gotd_imsg_forward(struct gotd_imsgev *, struct imsg *, int);
520
521 void gotd_imsg_send_ack(struct got_object_id *, struct imsgbuf *,
522 uint32_t, pid_t);
523 void gotd_imsg_send_nak(struct got_object_id *, struct imsgbuf *,
524 uint32_t, pid_t);
portable version of Game of Trees