search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
store ibuf used by got_repo_read_gitconfig() on the stack
[got-portable.git] / gotd / parse.y
blob2d2a7b3a220783eaababbeadf16ab78ab3c234d6
1 /*
2 * Copyright (c) 2022 Stefan Sperling <stsp@openbsd.org>
3 * Copyright (c) 2016-2019, 2020-2021 Tracey Emery <tracey@traceyemery.net>
4 * Copyright (c) 2004, 2005 Esben Norby <norby@openbsd.org>
5 * Copyright (c) 2004 Ryan McBride <mcbride@openbsd.org>
6 * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org>
7 * Copyright (c) 2001 Markus Friedl. All rights reserved.
8 * Copyright (c) 2001 Daniel Hartmeier. All rights reserved.
9 * Copyright (c) 2001 Theo de Raadt. All rights reserved.
10 *
11 * Permission to use, copy, modify, and distribute this software for any
12 * purpose with or without fee is hereby granted, provided that the above
13 * copyright notice and this permission notice appear in all copies.
14 *
15 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
16 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
17 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
18 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
19 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22 */
23
24 %{
25 #include "got_compat.h"
26
27 #include <sys/time.h>
28 #include <sys/types.h>
29 #include <sys/queue.h>
30 #include <sys/tree.h>
31 #include <sys/stat.h>
32
33 #include <ctype.h>
34 #include <err.h>
35 #include <errno.h>
36 #include <event.h>
37 #include <imsg.h>
38 #include <limits.h>
39 #include <pwd.h>
40 #include <stdarg.h>
41 #include <stdlib.h>
42 #include <stdio.h>
43 #include <string.h>
44 #include <syslog.h>
45 #include <unistd.h>
46
47 #include "got_error.h"
48 #include "got_object.h"
49 #include "got_path.h"
50 #include "got_reference.h"
51
52 #include "log.h"
53 #include "gotd.h"
54 #include "auth.h"
55 #include "listen.h"
56 #include "secrets.h"
57
58 TAILQ_HEAD(files, file) files = TAILQ_HEAD_INITIALIZER(files);
59 static struct file {
60 TAILQ_ENTRY(file) entry;
61 FILE *stream;
62 char *name;
63 int lineno;
64 int errors;
65 } *file;
66 struct file *newfile(const char *, int, int);
67 static void closefile(struct file *);
68 int check_file_secrecy(int, const char *);
69 int yyparse(void);
70 int yylex(void);
71 int yyerror(const char *, ...)
72 __attribute__((__format__ (printf, 1, 2)))
73 __attribute__((__nonnull__ (1)));
74 int kw_cmp(const void *, const void *);
75 int lookup(char *);
76 int lgetc(int);
77 int lungetc(int);
78 int findeol(void);
79 static char *port_sprintf(int);
80
81 TAILQ_HEAD(symhead, sym) symhead = TAILQ_HEAD_INITIALIZER(symhead);
82 struct sym {
83 TAILQ_ENTRY(sym) entry;
84 int used;
85 int persist;
86 char *nam;
87 char *val;
88 };
89
90 int symset(const char *, const char *, int);
91 char *symget(const char *);
92
93 static int errors;
94
95 static struct gotd *gotd;
96 static struct gotd_repo *new_repo;
97 static int conf_limit_user_connections(const char *, int);
98 static struct gotd_repo *conf_new_repo(const char *);
99 static void conf_new_access_rule(struct gotd_repo *,
100 enum gotd_access, int, char *);
101 static int conf_protect_ref_namespace(char **,
102 struct got_pathlist_head *, char *);
103 static int conf_protect_tag_namespace(struct gotd_repo *,
104 char *);
105 static int conf_protect_branch_namespace(
106 struct gotd_repo *, char *);
107 static int conf_protect_branch(struct gotd_repo *,
108 char *);
109 static int conf_notify_branch(struct gotd_repo *,
110 char *);
111 static int conf_notify_ref_namespace(struct gotd_repo *,
112 char *);
113 static int conf_notify_email(struct gotd_repo *,
114 char *, char *, char *, char *, char *);
115 static int conf_notify_http(struct gotd_repo *,
116 char *, char *, char *, int);
117 static enum gotd_procid gotd_proc_id;
118
119 typedef struct {
120 union {
121 long long number;
122 char *string;
123 struct timeval tv;
124 } v;
125 int lineno;
126 } YYSTYPE;
127
128 %}
129
130 %token PATH ERROR LISTEN ON USER REPOSITORY PERMIT DENY
131 %token RO RW CONNECTION LIMIT REQUEST TIMEOUT
132 %token PROTECT NAMESPACE BRANCH TAG REFERENCE RELAY PORT
133 %token NOTIFY EMAIL FROM REPLY TO URL INSECURE HMAC AUTH
134
135 %token <v.string> STRING
136 %token <v.number> NUMBER
137 %type <v.tv> timeout
138 %type <v.string> numberstring
139
140 %%
141
142 grammar :
143 | grammar '\n'
144 | grammar varset '\n'
145 | grammar main '\n'
146 | grammar repository '\n'
147 ;
148
149 varset : STRING '=' STRING {
150 char *s = $1;
151 while (*s++) {
152 if (isspace((unsigned char)*s)) {
153 yyerror("macro name cannot contain "
154 "whitespace");
155 free($1);
156 free($3);
157 YYERROR;
158 }
159 }
160 if (symset($1, $3, 0) == -1)
161 fatal("cannot store variable");
162 free($1);
163 free($3);
164 }
165 ;
166
167 numberstring : STRING
168 | NUMBER {
169 if (asprintf(&$$, "%lld", (long long)$1) == -1) {
170 yyerror("asprintf: %s", strerror(errno));
171 YYERROR;
172 }
173 }
174 ;
175
176 timeout : NUMBER {
177 if ($1 < 0) {
178 yyerror("invalid timeout: %lld", $1);
179 YYERROR;
180 }
181 $$.tv_sec = $1;
182 $$.tv_usec = 0;
183 }
184 | STRING {
185 const char *errstr;
186 const char *type = "seconds";
187 size_t len;
188 int mul = 1;
189
190 if (*$1 == '\0') {
191 yyerror("invalid number of seconds: %s", $1);
192 free($1);
193 YYERROR;
194 }
195
196 len = strlen($1);
197 switch ($1[len - 1]) {
198 case 'S':
199 case 's':
200 $1[len - 1] = '\0';
201 break;
202 case 'M':
203 case 'm':
204 type = "minutes";
205 mul = 60;
206 $1[len - 1] = '\0';
207 break;
208 case 'H':
209 case 'h':
210 type = "hours";
211 mul = 60 * 60;
212 $1[len - 1] = '\0';
213 break;
214 }
215
216 $$.tv_usec = 0;
217 $$.tv_sec = strtonum($1, 0, INT_MAX / mul, &errstr);
218 if (errstr) {
219 yyerror("number of %s is %s: %s", type,
220 errstr, $1);
221 free($1);
222 YYERROR;
223 }
224
225 $$.tv_sec *= mul;
226 free($1);
227 }
228 ;
229
230 main : LISTEN ON STRING {
231 if (!got_path_is_absolute($3))
232 yyerror("bad unix socket path \"%s\": "
233 "must be an absolute path", $3);
234
235 if (gotd_proc_id == PROC_LISTEN) {
236 if (strlcpy(gotd->unix_socket_path, $3,
237 sizeof(gotd->unix_socket_path)) >=
238 sizeof(gotd->unix_socket_path)) {
239 yyerror("%s: unix socket path too long",
240 __func__);
241 free($3);
242 YYERROR;
243 }
244 }
245 free($3);
246 }
247 | USER numberstring {
248 if (strlcpy(gotd->user_name, $2,
249 sizeof(gotd->user_name)) >=
250 sizeof(gotd->user_name)) {
251 yyerror("%s: user name too long", __func__);
252 free($2);
253 YYERROR;
254 }
255 free($2);
256 }
257 | connection
258 ;
259
260 connection : CONNECTION '{' optnl conflags_l '}'
261 | CONNECTION conflags
262
263 conflags_l : conflags optnl conflags_l
264 | conflags optnl
265 ;
266
267 conflags : REQUEST TIMEOUT timeout {
268 if ($3.tv_sec <= 0) {
269 yyerror("invalid timeout: %lld",
270 (long long)$3.tv_sec);
271 YYERROR;
272 }
273 memcpy(&gotd->request_timeout, &$3,
274 sizeof(gotd->request_timeout));
275 }
276 | LIMIT USER STRING NUMBER {
277 if (gotd_proc_id == PROC_LISTEN &&
278 conf_limit_user_connections($3, $4) == -1) {
279 free($3);
280 YYERROR;
281 }
282 free($3);
283 }
284 ;
285
286 protect : PROTECT '{' optnl protectflags_l '}'
287 | PROTECT protectflags
288
289 protectflags_l : protectflags optnl protectflags_l
290 | protectflags optnl
291 ;
292
293 protectflags : TAG NAMESPACE STRING {
294 if (gotd_proc_id == PROC_GOTD ||
295 gotd_proc_id == PROC_REPO_WRITE) {
296 if (conf_protect_tag_namespace(new_repo, $3)) {
297 free($3);
298 YYERROR;
299 }
300 }
301 free($3);
302 }
303 | BRANCH NAMESPACE STRING {
304 if (gotd_proc_id == PROC_GOTD ||
305 gotd_proc_id == PROC_REPO_WRITE) {
306 if (conf_protect_branch_namespace(new_repo,
307 $3)) {
308 free($3);
309 YYERROR;
310 }
311 }
312 free($3);
313 }
314 | BRANCH STRING {
315 if (gotd_proc_id == PROC_GOTD ||
316 gotd_proc_id == PROC_REPO_WRITE) {
317 if (conf_protect_branch(new_repo, $2)) {
318 free($2);
319 YYERROR;
320 }
321 }
322 free($2);
323 }
324 ;
325
326 notify : NOTIFY '{' optnl notifyflags_l '}'
327 | NOTIFY notifyflags
328
329 notifyflags_l : notifyflags optnl notifyflags_l
330 | notifyflags optnl
331 ;
332
333 notifyflags : BRANCH STRING {
334 if (gotd_proc_id == PROC_GOTD ||
335 gotd_proc_id == PROC_SESSION_WRITE ||
336 gotd_proc_id == PROC_NOTIFY) {
337 if (conf_notify_branch(new_repo, $2)) {
338 free($2);
339 YYERROR;
340 }
341 }
342 free($2);
343 }
344 | REFERENCE NAMESPACE STRING {
345 if (gotd_proc_id == PROC_GOTD ||
346 gotd_proc_id == PROC_SESSION_WRITE ||
347 gotd_proc_id == PROC_NOTIFY) {
348 if (conf_notify_ref_namespace(new_repo, $3)) {
349 free($3);
350 YYERROR;
351 }
352 }
353 free($3);
354 }
355 | EMAIL TO STRING {
356 if (gotd_proc_id == PROC_GOTD ||
357 gotd_proc_id == PROC_SESSION_WRITE ||
358 gotd_proc_id == PROC_NOTIFY) {
359 if (conf_notify_email(new_repo, NULL, $3,
360 NULL, NULL, NULL)) {
361 free($3);
362 YYERROR;
363 }
364 }
365 free($3);
366 }
367 | EMAIL FROM STRING TO STRING {
368 if (gotd_proc_id == PROC_GOTD ||
369 gotd_proc_id == PROC_SESSION_WRITE ||
370 gotd_proc_id == PROC_NOTIFY) {
371 if (conf_notify_email(new_repo, $3, $5,
372 NULL, NULL, NULL)) {
373 free($3);
374 free($5);
375 YYERROR;
376 }
377 }
378 free($3);
379 free($5);
380 }
381 | EMAIL TO STRING REPLY TO STRING {
382 if (gotd_proc_id == PROC_GOTD ||
383 gotd_proc_id == PROC_SESSION_WRITE ||
384 gotd_proc_id == PROC_NOTIFY) {
385 if (conf_notify_email(new_repo, NULL, $3,
386 $6, NULL, NULL)) {
387 free($3);
388 free($6);
389 YYERROR;
390 }
391 }
392 free($3);
393 free($6);
394 }
395 | EMAIL FROM STRING TO STRING REPLY TO STRING {
396 if (gotd_proc_id == PROC_GOTD ||
397 gotd_proc_id == PROC_SESSION_WRITE ||
398 gotd_proc_id == PROC_NOTIFY) {
399 if (conf_notify_email(new_repo, $3, $5,
400 $8, NULL, NULL)) {
401 free($3);
402 free($5);
403 free($8);
404 YYERROR;
405 }
406 }
407 free($3);
408 free($5);
409 free($8);
410 }
411 | EMAIL TO STRING RELAY STRING {
412 if (gotd_proc_id == PROC_GOTD ||
413 gotd_proc_id == PROC_SESSION_WRITE ||
414 gotd_proc_id == PROC_NOTIFY) {
415 if (conf_notify_email(new_repo, NULL, $3,
416 NULL, $5, NULL)) {
417 free($3);
418 free($5);
419 YYERROR;
420 }
421 }
422 free($3);
423 free($5);
424 }
425 | EMAIL FROM STRING TO STRING RELAY STRING {
426 if (gotd_proc_id == PROC_GOTD ||
427 gotd_proc_id == PROC_SESSION_WRITE ||
428 gotd_proc_id == PROC_NOTIFY) {
429 if (conf_notify_email(new_repo, $3, $5,
430 NULL, $7, NULL)) {
431 free($3);
432 free($5);
433 free($7);
434 YYERROR;
435 }
436 }
437 free($3);
438 free($5);
439 free($7);
440 }
441 | EMAIL TO STRING REPLY TO STRING RELAY STRING {
442 if (gotd_proc_id == PROC_GOTD ||
443 gotd_proc_id == PROC_SESSION_WRITE ||
444 gotd_proc_id == PROC_NOTIFY) {
445 if (conf_notify_email(new_repo, NULL, $3,
446 $6, $8, NULL)) {
447 free($3);
448 free($6);
449 free($8);
450 YYERROR;
451 }
452 }
453 free($3);
454 free($6);
455 free($8);
456 }
457 | EMAIL FROM STRING TO STRING REPLY TO STRING RELAY STRING {
458 if (gotd_proc_id == PROC_GOTD ||
459 gotd_proc_id == PROC_SESSION_WRITE ||
460 gotd_proc_id == PROC_NOTIFY) {
461 if (conf_notify_email(new_repo, $3, $5,
462 $8, $10, NULL)) {
463 free($3);
464 free($5);
465 free($8);
466 free($10);
467 YYERROR;
468 }
469 }
470 free($3);
471 free($5);
472 free($8);
473 free($10);
474 }
475 | EMAIL TO STRING RELAY STRING PORT STRING {
476 if (gotd_proc_id == PROC_GOTD ||
477 gotd_proc_id == PROC_SESSION_WRITE ||
478 gotd_proc_id == PROC_NOTIFY) {
479 if (conf_notify_email(new_repo, NULL, $3,
480 NULL, $5, $7)) {
481 free($3);
482 free($5);
483 free($7);
484 YYERROR;
485 }
486 }
487 free($3);
488 free($5);
489 free($7);
490 }
491 | EMAIL FROM STRING TO STRING RELAY STRING PORT STRING {
492 if (gotd_proc_id == PROC_GOTD ||
493 gotd_proc_id == PROC_SESSION_WRITE ||
494 gotd_proc_id == PROC_NOTIFY) {
495 if (conf_notify_email(new_repo, $3, $5,
496 NULL, $7, $9)) {
497 free($3);
498 free($5);
499 free($7);
500 free($9);
501 YYERROR;
502 }
503 }
504 free($3);
505 free($5);
506 free($7);
507 free($9);
508 }
509 | EMAIL TO STRING REPLY TO STRING RELAY STRING PORT STRING {
510 if (gotd_proc_id == PROC_GOTD ||
511 gotd_proc_id == PROC_SESSION_WRITE ||
512 gotd_proc_id == PROC_NOTIFY) {
513 if (conf_notify_email(new_repo, NULL, $3,
514 $6, $8, $10)) {
515 free($3);
516 free($6);
517 free($8);
518 free($10);
519 YYERROR;
520 }
521 }
522 free($3);
523 free($6);
524 free($8);
525 free($10);
526 }
527 | EMAIL FROM STRING TO STRING REPLY TO STRING RELAY STRING PORT STRING {
528 if (gotd_proc_id == PROC_GOTD ||
529 gotd_proc_id == PROC_SESSION_WRITE ||
530 gotd_proc_id == PROC_NOTIFY) {
531 if (conf_notify_email(new_repo, $3, $5,
532 $8, $10, $12)) {
533 free($3);
534 free($5);
535 free($8);
536 free($10);
537 free($12);
538 YYERROR;
539 }
540 }
541 free($3);
542 free($5);
543 free($8);
544 free($10);
545 free($12);
546 }
547 | EMAIL TO STRING RELAY STRING PORT NUMBER {
548 if (gotd_proc_id == PROC_GOTD ||
549 gotd_proc_id == PROC_SESSION_WRITE ||
550 gotd_proc_id == PROC_NOTIFY) {
551 if (conf_notify_email(new_repo, NULL, $3,
552 NULL, $5, port_sprintf($7))) {
553 free($3);
554 free($5);
555 YYERROR;
556 }
557 }
558 free($3);
559 free($5);
560 }
561 | EMAIL FROM STRING TO STRING RELAY STRING PORT NUMBER {
562 if (gotd_proc_id == PROC_GOTD ||
563 gotd_proc_id == PROC_SESSION_WRITE ||
564 gotd_proc_id == PROC_NOTIFY) {
565 if (conf_notify_email(new_repo, $3, $5,
566 NULL, $7, port_sprintf($9))) {
567 free($3);
568 free($5);
569 free($7);
570 YYERROR;
571 }
572 }
573 free($3);
574 free($5);
575 free($7);
576 }
577 | EMAIL TO STRING REPLY TO STRING RELAY STRING PORT NUMBER {
578 if (gotd_proc_id == PROC_GOTD ||
579 gotd_proc_id == PROC_SESSION_WRITE ||
580 gotd_proc_id == PROC_NOTIFY) {
581 if (conf_notify_email(new_repo, NULL, $3,
582 $6, $8, port_sprintf($10))) {
583 free($3);
584 free($6);
585 free($8);
586 YYERROR;
587 }
588 }
589 free($3);
590 free($6);
591 free($8);
592 }
593 | EMAIL FROM STRING TO STRING REPLY TO STRING RELAY STRING PORT NUMBER {
594 if (gotd_proc_id == PROC_GOTD ||
595 gotd_proc_id == PROC_SESSION_WRITE ||
596 gotd_proc_id == PROC_NOTIFY) {
597 if (conf_notify_email(new_repo, $3, $5,
598 $8, $10, port_sprintf($12))) {
599 free($3);
600 free($5);
601 free($8);
602 free($10);
603 YYERROR;
604 }
605 }
606 free($3);
607 free($5);
608 free($8);
609 free($10);
610 }
611 | URL STRING {
612 if (gotd_proc_id == PROC_GOTD ||
613 gotd_proc_id == PROC_SESSION_WRITE ||
614 gotd_proc_id == PROC_NOTIFY) {
615 if (conf_notify_http(new_repo, $2, NULL,
616 NULL, 0)) {
617 free($2);
618 YYERROR;
619 }
620 }
621 free($2);
622 }
623 | URL STRING AUTH STRING {
624 if (gotd_proc_id == PROC_GOTD ||
625 gotd_proc_id == PROC_SESSION_WRITE ||
626 gotd_proc_id == PROC_NOTIFY) {
627 if (conf_notify_http(new_repo, $2, $4, NULL,
628 0)) {
629 free($2);
630 free($4);
631 YYERROR;
632 }
633 }
634 free($2);
635 free($4);
636 }
637 | URL STRING AUTH STRING INSECURE {
638 if (gotd_proc_id == PROC_GOTD ||
639 gotd_proc_id == PROC_SESSION_WRITE ||
640 gotd_proc_id == PROC_NOTIFY) {
641 if (conf_notify_http(new_repo, $2, $4, NULL,
642 1)) {
643 free($2);
644 free($4);
645 YYERROR;
646 }
647 }
648 free($2);
649 free($4);
650 }
651 | URL STRING HMAC STRING {
652 if (gotd_proc_id == PROC_GOTD ||
653 gotd_proc_id == PROC_SESSION_WRITE ||
654 gotd_proc_id == PROC_NOTIFY) {
655 if (conf_notify_http(new_repo, $2, NULL, $4,
656 0)) {
657 free($2);
658 free($4);
659 YYERROR;
660 }
661 }
662 free($2);
663 free($4);
664 }
665 | URL STRING AUTH STRING HMAC STRING {
666 if (gotd_proc_id == PROC_GOTD ||
667 gotd_proc_id == PROC_SESSION_WRITE ||
668 gotd_proc_id == PROC_NOTIFY) {
669 if (conf_notify_http(new_repo, $2, $4, $6,
670 0)) {
671 free($2);
672 free($4);
673 free($6);
674 YYERROR;
675 }
676 }
677 free($2);
678 free($4);
679 free($6);
680 }
681 | URL STRING AUTH STRING INSECURE HMAC STRING {
682 if (gotd_proc_id == PROC_GOTD ||
683 gotd_proc_id == PROC_SESSION_WRITE ||
684 gotd_proc_id == PROC_NOTIFY) {
685 if (conf_notify_http(new_repo, $2, $4, $7,
686 1)) {
687 free($2);
688 free($4);
689 free($7);
690 YYERROR;
691 }
692 }
693 free($2);
694 free($4);
695 free($7);
696 }
697 ;
698
699 repository : REPOSITORY STRING {
700 struct gotd_repo *repo;
701
702 TAILQ_FOREACH(repo, &gotd->repos, entry) {
703 if (strcmp(repo->name, $2) == 0) {
704 yyerror("duplicate repository '%s'", $2);
705 free($2);
706 YYERROR;
707 }
708 }
709
710 if (gotd_proc_id == PROC_GOTD ||
711 gotd_proc_id == PROC_AUTH ||
712 gotd_proc_id == PROC_REPO_WRITE ||
713 gotd_proc_id == PROC_SESSION_WRITE ||
714 gotd_proc_id == PROC_GITWRAPPER |
715 gotd_proc_id == PROC_NOTIFY) {
716 new_repo = conf_new_repo($2);
717 }
718 free($2);
719 } '{' optnl repoopts2 '}' {
720 }
721 ;
722
723 repoopts1 : PATH STRING {
724 if (gotd_proc_id == PROC_GOTD ||
725 gotd_proc_id == PROC_AUTH ||
726 gotd_proc_id == PROC_REPO_WRITE ||
727 gotd_proc_id == PROC_SESSION_WRITE ||
728 gotd_proc_id == PROC_GITWRAPPER ||
729 gotd_proc_id == PROC_NOTIFY) {
730 if (!got_path_is_absolute($2)) {
731 yyerror("%s: path %s is not absolute",
732 __func__, $2);
733 free($2);
734 YYERROR;
735 }
736 if (realpath($2, new_repo->path) == NULL) {
737 /*
738 * To give admins a chance to create
739 * missing repositories at run-time
740 * we only warn about ENOENT here.
741 *
742 * And ignore 'permission denied' when
743 * running in gitwrapper. Users may be
744 * able to access this repository via
745 * gotd regardless.
746 */
747 if (errno == ENOENT) {
748 log_warn("%s", $2);
749 } else if (errno != EACCES ||
750 gotd_proc_id != PROC_GITWRAPPER) {
751 yyerror("realpath %s: %s", $2,
752 strerror(errno));
753 free($2);
754 YYERROR;
755 }
756
757 if (strlcpy(new_repo->path, $2,
758 sizeof(new_repo->path)) >=
759 sizeof(new_repo->path))
760 yyerror("path too long");
761 }
762 }
763 free($2);
764 }
765 | PERMIT RO numberstring {
766 if (gotd_proc_id == PROC_AUTH) {
767 conf_new_access_rule(new_repo,
768 GOTD_ACCESS_PERMITTED, GOTD_AUTH_READ, $3);
769 } else
770 free($3);
771 }
772 | PERMIT RW numberstring {
773 if (gotd_proc_id == PROC_AUTH) {
774 conf_new_access_rule(new_repo,
775 GOTD_ACCESS_PERMITTED,
776 GOTD_AUTH_READ | GOTD_AUTH_WRITE, $3);
777 } else
778 free($3);
779 }
780 | DENY numberstring {
781 if (gotd_proc_id == PROC_AUTH) {
782 conf_new_access_rule(new_repo,
783 GOTD_ACCESS_DENIED, 0, $2);
784 } else
785 free($2);
786 }
787 | protect
788 | notify
789 ;
790
791 repoopts2 : repoopts2 repoopts1 nl
792 | repoopts1 optnl
793 ;
794
795 nl : '\n' optnl
796 ;
797
798 optnl : '\n' optnl /* zero or more newlines */
799 | /* empty */
800 ;
801
802 %%
803
804 struct keywords {
805 const char *k_name;
806 int k_val;
807 };
808
809 int
810 yyerror(const char *fmt, ...)
811 {
812 va_list ap;
813 char *msg;
814
815 file->errors++;
816 va_start(ap, fmt);
817 if (vasprintf(&msg, fmt, ap) == -1)
818 fatalx("yyerror vasprintf");
819 va_end(ap);
820 logit(LOG_CRIT, "%s:%d: %s", file->name, yylval.lineno, msg);
821 free(msg);
822 return (0);
823 }
824
825 int
826 kw_cmp(const void *k, const void *e)
827 {
828 return (strcmp(k, ((const struct keywords *)e)->k_name));
829 }
830
831 int
832 lookup(char *s)
833 {
834 /* This has to be sorted always. */
835 static const struct keywords keywords[] = {
836 { "auth", AUTH },
837 { "branch", BRANCH },
838 { "connection", CONNECTION },
839 { "deny", DENY },
840 { "email", EMAIL },
841 { "from", FROM },
842 { "hmac", HMAC },
843 { "insecure", INSECURE },
844 { "limit", LIMIT },
845 { "listen", LISTEN },
846 { "namespace", NAMESPACE },
847 { "notify", NOTIFY },
848 { "on", ON },
849 { "path", PATH },
850 { "permit", PERMIT },
851 { "port", PORT },
852 { "protect", PROTECT },
853 { "reference", REFERENCE },
854 { "relay", RELAY },
855 { "reply", REPLY },
856 { "repository", REPOSITORY },
857 { "request", REQUEST },
858 { "ro", RO },
859 { "rw", RW },
860 { "tag", TAG },
861 { "timeout", TIMEOUT },
862 { "to", TO },
863 { "url", URL },
864 { "user", USER },
865 };
866 const struct keywords *p;
867
868 p = bsearch(s, keywords, sizeof(keywords)/sizeof(keywords[0]),
869 sizeof(keywords[0]), kw_cmp);
870
871 if (p)
872 return (p->k_val);
873 else
874 return (STRING);
875 }
876
877 #define MAXPUSHBACK 128
878
879 unsigned char *parsebuf;
880 int parseindex;
881 unsigned char pushback_buffer[MAXPUSHBACK];
882 int pushback_index = 0;
883
884 int
885 lgetc(int quotec)
886 {
887 int c, next;
888
889 if (parsebuf) {
890 /* Read character from the parsebuffer instead of input. */
891 if (parseindex >= 0) {
892 c = parsebuf[parseindex++];
893 if (c != '\0')
894 return (c);
895 parsebuf = NULL;
896 } else
897 parseindex++;
898 }
899
900 if (pushback_index)
901 return (pushback_buffer[--pushback_index]);
902
903 if (quotec) {
904 c = getc(file->stream);
905 if (c == EOF)
906 yyerror("reached end of file while parsing "
907 "quoted string");
908 return (c);
909 }
910
911 c = getc(file->stream);
912 while (c == '\\') {
913 next = getc(file->stream);
914 if (next != '\n') {
915 c = next;
916 break;
917 }
918 yylval.lineno = file->lineno;
919 file->lineno++;
920 c = getc(file->stream);
921 }
922
923 return (c);
924 }
925
926 int
927 lungetc(int c)
928 {
929 if (c == EOF)
930 return (EOF);
931 if (parsebuf) {
932 parseindex--;
933 if (parseindex >= 0)
934 return (c);
935 }
936 if (pushback_index < MAXPUSHBACK-1)
937 return (pushback_buffer[pushback_index++] = c);
938 else
939 return (EOF);
940 }
941
942 int
943 findeol(void)
944 {
945 int c;
946
947 parsebuf = NULL;
948
949 /* Skip to either EOF or the first real EOL. */
950 while (1) {
951 if (pushback_index)
952 c = pushback_buffer[--pushback_index];
953 else
954 c = lgetc(0);
955 if (c == '\n') {
956 file->lineno++;
957 break;
958 }
959 if (c == EOF)
960 break;
961 }
962 return (ERROR);
963 }
964
965 int
966 yylex(void)
967 {
968 unsigned char buf[8096];
969 unsigned char *p, *val;
970 int quotec, next, c;
971 int token;
972
973 top:
974 p = buf;
975 c = lgetc(0);
976 while (c == ' ' || c == '\t')
977 c = lgetc(0); /* nothing */
978
979 yylval.lineno = file->lineno;
980 if (c == '#') {
981 c = lgetc(0);
982 while (c != '\n' && c != EOF)
983 c = lgetc(0); /* nothing */
984 }
985 if (c == '$' && parsebuf == NULL) {
986 while (1) {
987 c = lgetc(0);
988 if (c == EOF)
989 return (0);
990
991 if (p + 1 >= buf + sizeof(buf) - 1) {
992 yyerror("string too long");
993 return (findeol());
994 }
995 if (isalnum(c) || c == '_') {
996 *p++ = c;
997 continue;
998 }
999 *p = '\0';
1000 lungetc(c);
1001 break;
1002 }
1003 val = symget(buf);
1004 if (val == NULL) {
1005 yyerror("macro '%s' not defined", buf);
1006 return (findeol());
1007 }
1008 parsebuf = val;
1009 parseindex = 0;
1010 goto top;
1011 }
1012
1013 switch (c) {
1014 case '\'':
1015 case '"':
1016 quotec = c;
1017 while (1) {
1018 c = lgetc(quotec);
1019 if (c == EOF)
1020 return (0);
1021 if (c == '\n') {
1022 file->lineno++;
1023 continue;
1024 } else if (c == '\\') {
1025 next = lgetc(quotec);
1026 if (next == EOF)
1027 return (0);
1028 if (next == quotec || c == ' ' || c == '\t')
1029 c = next;
1030 else if (next == '\n') {
1031 file->lineno++;
1032 continue;
1033 } else
1034 lungetc(next);
1035 } else if (c == quotec) {
1036 *p = '\0';
1037 break;
1038 } else if (c == '\0') {
1039 yyerror("syntax error");
1040 return (findeol());
1041 }
1042 if (p + 1 >= buf + sizeof(buf) - 1) {
1043 yyerror("string too long");
1044 return (findeol());
1045 }
1046 *p++ = c;
1047 }
1048 yylval.v.string = strdup(buf);
1049 if (yylval.v.string == NULL)
1050 err(1, "yylex: strdup");
1051 return (STRING);
1052 }
1053
1054 #define allowed_to_end_number(x) \
1055 (isspace(x) || x == ')' || x ==',' || x == '/' || x == '}' || x == '=')
1056
1057 if (c == '-' || isdigit(c)) {
1058 do {
1059 *p++ = c;
1060 if ((unsigned)(p-buf) >= sizeof(buf)) {
1061 yyerror("string too long");
1062 return (findeol());
1063 }
1064 c = lgetc(0);
1065 } while (c != EOF && isdigit(c));
1066 lungetc(c);
1067 if (p == buf + 1 && buf[0] == '-')
1068 goto nodigits;
1069 if (c == EOF || allowed_to_end_number(c)) {
1070 const char *errstr = NULL;
1071
1072 *p = '\0';
1073 yylval.v.number = strtonum(buf, LLONG_MIN,
1074 LLONG_MAX, &errstr);
1075 if (errstr) {
1076 yyerror("\"%s\" invalid number: %s",
1077 buf, errstr);
1078 return (findeol());
1079 }
1080 return (NUMBER);
1081 } else {
1082 nodigits:
1083 while (p > buf + 1)
1084 lungetc(*--p);
1085 c = *--p;
1086 if (c == '-')
1087 return (c);
1088 }
1089 }
1090
1091 #define allowed_in_string(x) \
1092 (isalnum(x) || (ispunct(x) && x != '(' && x != ')' && \
1093 x != '{' && x != '}' && \
1094 x != '!' && x != '=' && x != '#' && \
1095 x != ','))
1096
1097 if (isalnum(c) || c == ':' || c == '_') {
1098 do {
1099 *p++ = c;
1100 if ((unsigned)(p-buf) >= sizeof(buf)) {
1101 yyerror("string too long");
1102 return (findeol());
1103 }
1104 c = lgetc(0);
1105 } while (c != EOF && (allowed_in_string(c)));
1106 lungetc(c);
1107 *p = '\0';
1108 token = lookup(buf);
1109 if (token == STRING) {
1110 yylval.v.string = strdup(buf);
1111 if (yylval.v.string == NULL)
1112 err(1, "yylex: strdup");
1113 }
1114 return (token);
1115 }
1116 if (c == '\n') {
1117 yylval.lineno = file->lineno;
1118 file->lineno++;
1119 }
1120 if (c == EOF)
1121 return (0);
1122 return (c);
1123 }
1124
1125 int
1126 check_file_secrecy(int fd, const char *fname)
1127 {
1128 struct stat st;
1129
1130 if (fstat(fd, &st)) {
1131 log_warn("cannot stat %s", fname);
1132 return (-1);
1133 }
1134 if (st.st_uid != 0 && st.st_uid != getuid()) {
1135 log_warnx("%s: owner not root or current user", fname);
1136 return (-1);
1137 }
1138 if (st.st_mode & (S_IWGRP | S_IXGRP | S_IRWXO)) {
1139 log_warnx("%s: group writable or world read/writable", fname);
1140 return (-1);
1141 }
1142 return (0);
1143 }
1144
1145 struct file *
1146 newfile(const char *name, int secret, int required)
1147 {
1148 struct file *nfile;
1149
1150 nfile = calloc(1, sizeof(struct file));
1151 if (nfile == NULL) {
1152 log_warn("calloc");
1153 return (NULL);
1154 }
1155 nfile->name = strdup(name);
1156 if (nfile->name == NULL) {
1157 log_warn("strdup");
1158 free(nfile);
1159 return (NULL);
1160 }
1161 nfile->stream = fopen(nfile->name, "r");
1162 if (nfile->stream == NULL) {
1163 if (required)
1164 log_warn("open %s", nfile->name);
1165 free(nfile->name);
1166 free(nfile);
1167 return (NULL);
1168 } else if (secret &&
1169 check_file_secrecy(fileno(nfile->stream), nfile->name)) {
1170 fclose(nfile->stream);
1171 free(nfile->name);
1172 free(nfile);
1173 return (NULL);
1174 }
1175 nfile->lineno = 1;
1176 return (nfile);
1177 }
1178
1179 static void
1180 closefile(struct file *xfile)
1181 {
1182 fclose(xfile->stream);
1183 free(xfile->name);
1184 free(xfile);
1185 }
1186
1187 int
1188 parse_config(const char *filename, enum gotd_procid proc_id,
1189 struct gotd_secrets *secrets, struct gotd *env)
1190 {
1191 struct sym *sym, *next;
1192 struct gotd_repo *repo;
1193 int require_config_file = (proc_id != PROC_GITWRAPPER);
1194
1195 memset(env, 0, sizeof(*env));
1196
1197 gotd = env;
1198 gotd_proc_id = proc_id;
1199 gotd->secrets = secrets;
1200 TAILQ_INIT(&gotd->repos);
1201
1202 /* Apply default values. */
1203 if (strlcpy(gotd->unix_socket_path, GOTD_UNIX_SOCKET,
1204 sizeof(gotd->unix_socket_path)) >= sizeof(gotd->unix_socket_path)) {
1205 fprintf(stderr, "%s: unix socket path too long", __func__);
1206 return -1;
1207 }
1208 if (strlcpy(gotd->user_name, GOTD_USER,
1209 sizeof(gotd->user_name)) >= sizeof(gotd->user_name)) {
1210 fprintf(stderr, "%s: user name too long", __func__);
1211 return -1;
1212 }
1213
1214 gotd->request_timeout.tv_sec = GOTD_DEFAULT_REQUEST_TIMEOUT;
1215 gotd->request_timeout.tv_usec = 0;
1216
1217 file = newfile(filename, 0, require_config_file);
1218 if (file == NULL)
1219 return require_config_file ? -1 : 0;
1220
1221 yyparse();
1222 errors = file->errors;
1223 closefile(file);
1224
1225 /* Free macros and check which have not been used. */
1226 TAILQ_FOREACH_SAFE(sym, &symhead, entry, next) {
1227 if ((gotd->verbosity > 1) && !sym->used)
1228 fprintf(stderr, "warning: macro '%s' not used\n",
1229 sym->nam);
1230 if (!sym->persist) {
1231 free(sym->nam);
1232 free(sym->val);
1233 TAILQ_REMOVE(&symhead, sym, entry);
1234 free(sym);
1235 }
1236 }
1237
1238 if (errors)
1239 return (-1);
1240
1241 TAILQ_FOREACH(repo, &gotd->repos, entry) {
1242 if (repo->path[0] == '\0') {
1243 log_warnx("repository \"%s\": no path provided in "
1244 "configuration file", repo->name);
1245 return (-1);
1246 }
1247 }
1248
1249 if (proc_id == PROC_GOTD && TAILQ_EMPTY(&gotd->repos)) {
1250 log_warnx("no repository defined in configuration file");
1251 return (-1);
1252 }
1253
1254 return (0);
1255 }
1256
1257 static int
1258 uid_connection_limit_cmp(const void *pa, const void *pb)
1259 {
1260 const struct gotd_uid_connection_limit *a = pa, *b = pb;
1261
1262 if (a->uid < b->uid)
1263 return -1;
1264 else if (a->uid > b->uid);
1265 return 1;
1266
1267 return 0;
1268 }
1269
1270 static int
1271 conf_limit_user_connections(const char *user, int maximum)
1272 {
1273 uid_t uid;
1274 struct gotd_uid_connection_limit *limit;
1275 size_t nlimits;
1276
1277 if (maximum < 1) {
1278 yyerror("max connections cannot be smaller 1");
1279 return -1;
1280 }
1281 if (maximum > GOTD_MAXCLIENTS) {
1282 yyerror("max connections must be <= %d", GOTD_MAXCLIENTS);
1283 return -1;
1284 }
1285
1286 if (gotd_parseuid(user, &uid) == -1) {
1287 yyerror("%s: no such user", user);
1288 return -1;
1289 }
1290
1291 limit = gotd_find_uid_connection_limit(gotd->connection_limits,
1292 gotd->nconnection_limits, uid);
1293 if (limit) {
1294 limit->max_connections = maximum;
1295 return 0;
1296 }
1297
1298 limit = gotd->connection_limits;
1299 nlimits = gotd->nconnection_limits + 1;
1300 limit = reallocarray(limit, nlimits, sizeof(*limit));
1301 if (limit == NULL)
1302 fatal("reallocarray");
1303
1304 limit[nlimits - 1].uid = uid;
1305 limit[nlimits - 1].max_connections = maximum;
1306
1307 gotd->connection_limits = limit;
1308 gotd->nconnection_limits = nlimits;
1309 qsort(gotd->connection_limits, gotd->nconnection_limits,
1310 sizeof(gotd->connection_limits[0]), uid_connection_limit_cmp);
1311
1312 return 0;
1313 }
1314
1315 static struct gotd_repo *
1316 conf_new_repo(const char *name)
1317 {
1318 struct gotd_repo *repo;
1319
1320 if (name[0] == '\0') {
1321 fatalx("syntax error: empty repository name found in %s",
1322 file->name);
1323 }
1324
1325 if (strchr(name, '\n') != NULL)
1326 fatalx("repository names must not contain linefeeds: %s", name);
1327
1328 repo = calloc(1, sizeof(*repo));
1329 if (repo == NULL)
1330 fatalx("%s: calloc", __func__);
1331
1332 STAILQ_INIT(&repo->rules);
1333 RB_INIT(&repo->protected_tag_namespaces);
1334 RB_INIT(&repo->protected_branch_namespaces);
1335 RB_INIT(&repo->protected_branches);
1336 RB_INIT(&repo->protected_branches);
1337 RB_INIT(&repo->notification_refs);
1338 RB_INIT(&repo->notification_ref_namespaces);
1339 STAILQ_INIT(&repo->notification_targets);
1340
1341 if (strlcpy(repo->name, name, sizeof(repo->name)) >=
1342 sizeof(repo->name))
1343 fatalx("%s: strlcpy", __func__);
1344
1345 TAILQ_INSERT_TAIL(&gotd->repos, repo, entry);
1346 gotd->nrepos++;
1347
1348 return repo;
1349 };
1350
1351 static void
1352 conf_new_access_rule(struct gotd_repo *repo, enum gotd_access access,
1353 int authorization, char *identifier)
1354 {
1355 struct gotd_access_rule *rule;
1356
1357 rule = calloc(1, sizeof(*rule));
1358 if (rule == NULL)
1359 fatal("calloc");
1360
1361 rule->access = access;
1362 rule->authorization = authorization;
1363 rule->identifier = identifier;
1364
1365 STAILQ_INSERT_TAIL(&repo->rules, rule, entry);
1366 }
1367
1368 static int
1369 refname_is_valid(char *refname)
1370 {
1371 if (strncmp(refname, "refs/", 5) != 0) {
1372 yyerror("reference name must begin with \"refs/\": %s",
1373 refname);
1374 return 0;
1375 }
1376
1377 if (!got_ref_name_is_valid(refname)) {
1378 yyerror("invalid reference name: %s", refname);
1379 return 0;
1380 }
1381
1382 return 1;
1383 }
1384
1385 static int
1386 conf_protect_ref_namespace(char **new, struct got_pathlist_head *refs,
1387 char *namespace)
1388 {
1389 const struct got_error *error;
1390 struct got_pathlist_entry *pe;
1391 char *s;
1392
1393 *new = NULL;
1394
1395 got_path_strip_trailing_slashes(namespace);
1396 if (!refname_is_valid(namespace))
1397 return -1;
1398 if (asprintf(&s, "%s/", namespace) == -1) {
1399 yyerror("asprintf: %s", strerror(errno));
1400 return -1;
1401 }
1402
1403 error = got_pathlist_insert(&pe, refs, s, NULL);
1404 if (error || pe == NULL) {
1405 free(s);
1406 if (error)
1407 yyerror("got_pathlist_insert: %s", error->msg);
1408 else
1409 yyerror("duplicate protected namespace %s", namespace);
1410 return -1;
1411 }
1412
1413 *new = s;
1414 return 0;
1415 }
1416
1417 static int
1418 conf_protect_tag_namespace(struct gotd_repo *repo, char *namespace)
1419 {
1420 struct got_pathlist_entry *pe;
1421 char *new;
1422
1423 if (conf_protect_ref_namespace(&new, &repo->protected_tag_namespaces,
1424 namespace) == -1)
1425 return -1;
1426
1427 RB_FOREACH(pe, got_pathlist_head, &repo->protected_branch_namespaces) {
1428 if (strcmp(pe->path, new) == 0) {
1429 yyerror("duplicate protected namespace %s", namespace);
1430 return -1;
1431 }
1432 }
1433
1434 return 0;
1435 }
1436
1437 static int
1438 conf_protect_branch_namespace(struct gotd_repo *repo, char *namespace)
1439 {
1440 struct got_pathlist_entry *pe;
1441 char *new;
1442
1443 if (conf_protect_ref_namespace(&new,
1444 &repo->protected_branch_namespaces, namespace) == -1)
1445 return -1;
1446
1447 RB_FOREACH(pe, got_pathlist_head, &repo->protected_tag_namespaces) {
1448 if (strcmp(pe->path, new) == 0) {
1449 yyerror("duplicate protected namespace %s", namespace);
1450 return -1;
1451 }
1452 }
1453
1454 return 0;
1455 }
1456
1457 static int
1458 conf_protect_branch(struct gotd_repo *repo, char *branchname)
1459 {
1460 const struct got_error *error;
1461 struct got_pathlist_entry *new;
1462 char *refname;
1463
1464 if (strncmp(branchname, "refs/heads/", 11) != 0) {
1465 if (asprintf(&refname, "refs/heads/%s", branchname) == -1) {
1466 yyerror("asprintf: %s", strerror(errno));
1467 return -1;
1468 }
1469 } else {
1470 refname = strdup(branchname);
1471 if (refname == NULL) {
1472 yyerror("strdup: %s", strerror(errno));
1473 return -1;
1474 }
1475 }
1476
1477 if (!refname_is_valid(refname)) {
1478 free(refname);
1479 return -1;
1480 }
1481
1482 error = got_pathlist_insert(&new, &repo->protected_branches,
1483 refname, NULL);
1484 if (error || new == NULL) {
1485 free(refname);
1486 if (error)
1487 yyerror("got_pathlist_insert: %s", error->msg);
1488 else
1489 yyerror("duplicate protect branch %s", branchname);
1490 return -1;
1491 }
1492
1493 return 0;
1494 }
1495
1496 static int
1497 conf_notify_branch(struct gotd_repo *repo, char *branchname)
1498 {
1499 const struct got_error *error;
1500 struct got_pathlist_entry *pe;
1501 char *refname;
1502
1503 if (strncmp(branchname, "refs/heads/", 11) != 0) {
1504 if (asprintf(&refname, "refs/heads/%s", branchname) == -1) {
1505 yyerror("asprintf: %s", strerror(errno));
1506 return -1;
1507 }
1508 } else {
1509 refname = strdup(branchname);
1510 if (refname == NULL) {
1511 yyerror("strdup: %s", strerror(errno));
1512 return -1;
1513 }
1514 }
1515
1516 if (!refname_is_valid(refname)) {
1517 free(refname);
1518 return -1;
1519 }
1520
1521 error = got_pathlist_insert(&pe, &repo->notification_refs,
1522 refname, NULL);
1523 if (error) {
1524 free(refname);
1525 yyerror("got_pathlist_insert: %s", error->msg);
1526 return -1;
1527 }
1528 if (pe == NULL)
1529 free(refname);
1530
1531 return 0;
1532 }
1533
1534 static int
1535 conf_notify_ref_namespace(struct gotd_repo *repo, char *namespace)
1536 {
1537 const struct got_error *error;
1538 struct got_pathlist_entry *pe;
1539 char *s;
1540
1541 got_path_strip_trailing_slashes(namespace);
1542 if (!refname_is_valid(namespace))
1543 return -1;
1544
1545 if (asprintf(&s, "%s/", namespace) == -1) {
1546 yyerror("asprintf: %s", strerror(errno));
1547 return -1;
1548 }
1549
1550 error = got_pathlist_insert(&pe, &repo->notification_ref_namespaces,
1551 s, NULL);
1552 if (error) {
1553 free(s);
1554 yyerror("got_pathlist_insert: %s", error->msg);
1555 return -1;
1556 }
1557 if (pe == NULL)
1558 free(s);
1559
1560 return 0;
1561 }
1562
1563 static int
1564 conf_notify_email(struct gotd_repo *repo, char *sender, char *recipient,
1565 char *responder, char *hostname, char *port)
1566 {
1567 struct gotd_notification_target *target;
1568
1569 STAILQ_FOREACH(target, &repo->notification_targets, entry) {
1570 if (target->type != GOTD_NOTIFICATION_VIA_EMAIL)
1571 continue;
1572 if (strcmp(target->conf.email.recipient, recipient) == 0) {
1573 yyerror("duplicate email notification for '%s' in "
1574 "repository '%s'", recipient, repo->name);
1575 return -1;
1576 }
1577 }
1578
1579 target = calloc(1, sizeof(*target));
1580 if (target == NULL)
1581 fatal("calloc");
1582 target->type = GOTD_NOTIFICATION_VIA_EMAIL;
1583 if (sender) {
1584 target->conf.email.sender = strdup(sender);
1585 if (target->conf.email.sender == NULL)
1586 fatal("strdup");
1587 }
1588 target->conf.email.recipient = strdup(recipient);
1589 if (target->conf.email.recipient == NULL)
1590 fatal("strdup");
1591 if (responder) {
1592 target->conf.email.responder = strdup(responder);
1593 if (target->conf.email.responder == NULL)
1594 fatal("strdup");
1595 }
1596 if (hostname) {
1597 target->conf.email.hostname = strdup(hostname);
1598 if (target->conf.email.hostname == NULL)
1599 fatal("strdup");
1600 }
1601 if (port) {
1602 target->conf.email.port = strdup(port);
1603 if (target->conf.email.port == NULL)
1604 fatal("strdup");
1605 }
1606
1607 STAILQ_INSERT_TAIL(&repo->notification_targets, target, entry);
1608 return 0;
1609 }
1610
1611 static int
1612 conf_notify_http(struct gotd_repo *repo, char *url, char *auth, char *hmac,
1613 int insecure)
1614 {
1615 const struct got_error *error;
1616 struct gotd_notification_target *target;
1617 char *proto, *hostname, *port, *path;
1618 int tls = 0, ret = 0;
1619
1620 error = gotd_parse_url(&proto, &hostname, &port, &path, url);
1621 if (error) {
1622 yyerror("invalid HTTP notification URL '%s' in "
1623 "repository '%s': %s", url, repo->name, error->msg);
1624 return -1;
1625 }
1626
1627 tls = !strcmp(proto, "https");
1628
1629 if (strcmp(proto, "http") != 0 && strcmp(proto, "https") != 0) {
1630 yyerror("invalid protocol '%s' in notification URL '%s' in "
1631 "repository '%s", proto, url, repo->name);
1632 ret = -1;
1633 goto done;
1634 }
1635
1636 if (port == NULL) {
1637 if (strcmp(proto, "http") == 0)
1638 port = strdup("80");
1639 if (strcmp(proto, "https") == 0)
1640 port = strdup("443");
1641 if (port == NULL) {
1642 error = got_error_from_errno("strdup");
1643 ret = -1;
1644 goto done;
1645 }
1646 }
1647
1648 if (auth != NULL && gotd_proc_id == PROC_GOTD &&
1649 (gotd->secrets == NULL || gotd_secrets_get(gotd->secrets,
1650 GOTD_SECRET_AUTH, auth) == NULL)) {
1651 yyerror("no auth secret `%s' defined", auth);
1652 ret = -1;
1653 goto done;
1654 }
1655
1656 if (hmac != NULL && gotd_proc_id == PROC_GOTD &&
1657 (gotd->secrets == NULL && gotd_secrets_get(gotd->secrets,
1658 GOTD_SECRET_HMAC, hmac) == NULL)) {
1659 yyerror("no hmac secret `%s' defined", hmac);
1660 ret = -1;
1661 goto done;
1662 }
1663
1664 if (!insecure && strcmp(proto, "http") == 0 && auth) {
1665 yyerror("%s: HTTP notifications with basic authentication "
1666 "over plaintext HTTP will leak credentials; add the "
1667 "'insecure' config keyword if this is intentional", url);
1668 ret = -1;
1669 goto done;
1670 }
1671
1672 STAILQ_FOREACH(target, &repo->notification_targets, entry) {
1673 if (target->type != GOTD_NOTIFICATION_VIA_HTTP)
1674 continue;
1675 if (target->conf.http.tls == tls &&
1676 !strcmp(target->conf.http.hostname, hostname) &&
1677 !strcmp(target->conf.http.port, port) &&
1678 !strcmp(target->conf.http.path, path)) {
1679 yyerror("duplicate notification for URL '%s' in "
1680 "repository '%s'", url, repo->name);
1681 ret = -1;
1682 goto done;
1683 }
1684 }
1685
1686 target = calloc(1, sizeof(*target));
1687 if (target == NULL)
1688 fatal("calloc");
1689 target->type = GOTD_NOTIFICATION_VIA_HTTP;
1690 target->conf.http.tls = tls;
1691 target->conf.http.hostname = hostname;
1692 target->conf.http.port = port;
1693 target->conf.http.path = path;
1694 hostname = port = path = NULL;
1695
1696 if (auth) {
1697 target->conf.http.auth = strdup(auth);
1698 if (target->conf.http.auth == NULL)
1699 fatal("strdup");
1700 }
1701 if (hmac) {
1702 target->conf.http.hmac = strdup(hmac);
1703 if (target->conf.http.hmac == NULL)
1704 fatal("strdup");
1705 }
1706
1707 STAILQ_INSERT_TAIL(&repo->notification_targets, target, entry);
1708 done:
1709 free(proto);
1710 free(hostname);
1711 free(port);
1712 free(path);
1713 return ret;
1714 }
1715
1716 int
1717 symset(const char *nam, const char *val, int persist)
1718 {
1719 struct sym *sym;
1720
1721 TAILQ_FOREACH(sym, &symhead, entry) {
1722 if (strcmp(nam, sym->nam) == 0)
1723 break;
1724 }
1725
1726 if (sym != NULL) {
1727 if (sym->persist == 1)
1728 return (0);
1729 else {
1730 free(sym->nam);
1731 free(sym->val);
1732 TAILQ_REMOVE(&symhead, sym, entry);
1733 free(sym);
1734 }
1735 }
1736 sym = calloc(1, sizeof(*sym));
1737 if (sym == NULL)
1738 return (-1);
1739
1740 sym->nam = strdup(nam);
1741 if (sym->nam == NULL) {
1742 free(sym);
1743 return (-1);
1744 }
1745 sym->val = strdup(val);
1746 if (sym->val == NULL) {
1747 free(sym->nam);
1748 free(sym);
1749 return (-1);
1750 }
1751 sym->used = 0;
1752 sym->persist = persist;
1753 TAILQ_INSERT_TAIL(&symhead, sym, entry);
1754 return (0);
1755 }
1756
1757 char *
1758 symget(const char *nam)
1759 {
1760 struct sym *sym;
1761
1762 TAILQ_FOREACH(sym, &symhead, entry) {
1763 if (strcmp(nam, sym->nam) == 0) {
1764 sym->used = 1;
1765 return (sym->val);
1766 }
1767 }
1768 return (NULL);
1769 }
1770
1771 struct gotd_repo *
1772 gotd_find_repo_by_name(const char *repo_name, struct gotd_repolist *repos)
1773 {
1774 struct gotd_repo *repo;
1775 size_t namelen;
1776
1777 TAILQ_FOREACH(repo, repos, entry) {
1778 namelen = strlen(repo->name);
1779 if (strncmp(repo->name, repo_name, namelen) != 0)
1780 continue;
1781 if (repo_name[namelen] == '\0' ||
1782 strcmp(&repo_name[namelen], ".git") == 0)
1783 return repo;
1784 }
1785
1786 return NULL;
1787 }
1788
1789 struct gotd_repo *
1790 gotd_find_repo_by_path(const char *repo_path, struct gotd *gotd)
1791 {
1792 struct gotd_repo *repo;
1793
1794 TAILQ_FOREACH(repo, &gotd->repos, entry) {
1795 if (strcmp(repo->path, repo_path) == 0)
1796 return repo;
1797 }
1798
1799 return NULL;
1800 }
1801
1802 struct gotd_uid_connection_limit *
1803 gotd_find_uid_connection_limit(struct gotd_uid_connection_limit *limits,
1804 size_t nlimits, uid_t uid)
1805 {
1806 /* This array is always sorted to allow for binary search. */
1807 int i, left = 0, right = nlimits - 1;
1808
1809 while (left <= right) {
1810 i = ((left + right) / 2);
1811 if (limits[i].uid == uid)
1812 return &limits[i];
1813 if (limits[i].uid > uid)
1814 left = i + 1;
1815 else
1816 right = i - 1;
1817 }
1818
1819 return NULL;
1820 }
1821
1822 int
1823 gotd_parseuid(const char *s, uid_t *uid)
1824 {
1825 struct passwd *pw;
1826 const char *errstr;
1827
1828 if ((pw = getpwnam(s)) != NULL) {
1829 *uid = pw->pw_uid;
1830 if (*uid == UID_MAX)
1831 return -1;
1832 return 0;
1833 }
1834 *uid = strtonum(s, 0, UID_MAX - 1, &errstr);
1835 if (errstr)
1836 return -1;
1837 return 0;
1838 }
1839
1840 const struct got_error *
1841 gotd_parse_url(char **proto, char **host, char **port,
1842 char **request_path, const char *url)
1843 {
1844 const struct got_error *err = NULL;
1845 char *s, *p, *q;
1846
1847 *proto = *host = *port = *request_path = NULL;
1848
1849 p = strstr(url, "://");
1850 if (!p)
1851 return got_error(GOT_ERR_PARSE_URI);
1852
1853 *proto = strndup(url, p - url);
1854 if (*proto == NULL) {
1855 err = got_error_from_errno("strndup");
1856 goto done;
1857 }
1858 s = p + 3;
1859
1860 p = strstr(s, "/");
1861 if (p == NULL) {
1862 err = got_error(GOT_ERR_PARSE_URI);
1863 goto done;
1864 }
1865
1866 q = memchr(s, ':', p - s);
1867 if (q) {
1868 *host = strndup(s, q - s);
1869 if (*host == NULL) {
1870 err = got_error_from_errno("strndup");
1871 goto done;
1872 }
1873 if ((*host)[0] == '\0') {
1874 err = got_error(GOT_ERR_PARSE_URI);
1875 goto done;
1876 }
1877 *port = strndup(q + 1, p - (q + 1));
1878 if (*port == NULL) {
1879 err = got_error_from_errno("strndup");
1880 goto done;
1881 }
1882 if ((*port)[0] == '\0') {
1883 err = got_error(GOT_ERR_PARSE_URI);
1884 goto done;
1885 }
1886 } else {
1887 *host = strndup(s, p - s);
1888 if (*host == NULL) {
1889 err = got_error_from_errno("strndup");
1890 goto done;
1891 }
1892 if ((*host)[0] == '\0') {
1893 err = got_error(GOT_ERR_PARSE_URI);
1894 goto done;
1895 }
1896 }
1897
1898 while (p[0] == '/' && p[1] == '/')
1899 p++;
1900 *request_path = strdup(p);
1901 if (*request_path == NULL) {
1902 err = got_error_from_errno("strdup");
1903 goto done;
1904 }
1905 if ((*request_path)[0] == '\0') {
1906 err = got_error(GOT_ERR_PARSE_URI);
1907 goto done;
1908 }
1909 done:
1910 if (err) {
1911 free(*proto);
1912 *proto = NULL;
1913 free(*host);
1914 *host = NULL;
1915 free(*port);
1916 *port = NULL;
1917 free(*request_path);
1918 *request_path = NULL;
1919 }
1920 return err;
1921 }
1922
1923 static char *
1924 port_sprintf(int p)
1925 {
1926 static char portno[32];
1927 int n;
1928
1929 n = snprintf(portno, sizeof(portno), "%lld", (long long)p);
1930 if (n < 0 || (size_t)n >= sizeof(portno))
1931 fatalx("port number too long: %lld", (long long)p);
1932
1933 return portno;
1934 }
portable version of Game of Trees