search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
delete trailing whitespaces
[got-portable.git] / gotd / notify.c
blobd1d273a304568c2b659dc92d117c0efde5f1718f
1 /*
2 * Copyright (c) 2024 Stefan Sperling <stsp@openbsd.org>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #include "got_compat.h"
18
19 #include <sys/types.h>
20 #include <sys/queue.h>
21 #include <sys/socket.h>
22 #include <sys/wait.h>
23
24 #include <errno.h>
25 #include <event.h>
26 #include <limits.h>
27 #include <signal.h>
28 #include <stdio.h>
29 #include <stdlib.h>
30 #include <string.h>
31 #include <imsg.h>
32 #include <unistd.h>
33
34 #include "got_error.h"
35 #include "got_object.h"
36 #include "got_path.h"
37
38 #include "gotd.h"
39 #include "log.h"
40 #include "notify.h"
41 #include "secrets.h"
42
43 #ifndef nitems
44 #define nitems(_a) (sizeof((_a)) / sizeof((_a)[0]))
45 #endif
46
47 static struct gotd_secrets secrets;
48
49 static struct gotd_notify {
50 pid_t pid;
51 const char *title;
52 struct gotd_imsgev parent_iev;
53 struct gotd_repolist *repos;
54 const char *default_sender;
55 } gotd_notify;
56
57 struct gotd_notify_session {
58 STAILQ_ENTRY(gotd_notify_session) entry;
59 uint32_t id;
60 struct gotd_imsgev iev;
61 };
62 STAILQ_HEAD(gotd_notify_sessions, gotd_notify_session);
63
64 static struct gotd_notify_sessions gotd_notify_sessions[GOTD_CLIENT_TABLE_SIZE];
65 static SIPHASH_KEY sessions_hash_key;
66
67 static void gotd_notify_shutdown(void);
68
69 static uint64_t
70 session_hash(uint32_t session_id)
71 {
72 return SipHash24(&sessions_hash_key, &session_id, sizeof(session_id));
73 }
74
75 static void
76 add_session(struct gotd_notify_session *session)
77 {
78 uint64_t slot;
79
80 slot = session_hash(session->id) % nitems(gotd_notify_sessions);
81 STAILQ_INSERT_HEAD(&gotd_notify_sessions[slot], session, entry);
82 }
83
84 static struct gotd_notify_session *
85 find_session(uint32_t session_id)
86 {
87 uint64_t slot;
88 struct gotd_notify_session *s;
89
90 slot = session_hash(session_id) % nitems(gotd_notify_sessions);
91 STAILQ_FOREACH(s, &gotd_notify_sessions[slot], entry) {
92 if (s->id == session_id)
93 return s;
94 }
95
96 return NULL;
97 }
98
99 static struct gotd_notify_session *
100 find_session_by_fd(int fd)
101 {
102 uint64_t slot;
103 struct gotd_notify_session *s;
104
105 for (slot = 0; slot < nitems(gotd_notify_sessions); slot++) {
106 STAILQ_FOREACH(s, &gotd_notify_sessions[slot], entry) {
107 if (s->iev.ibuf.fd == fd)
108 return s;
109 }
110 }
111
112 return NULL;
113 }
114
115 static void
116 remove_session(struct gotd_notify_session *session)
117 {
118 uint64_t slot;
119
120 slot = session_hash(session->id) % nitems(gotd_notify_sessions);
121 STAILQ_REMOVE(&gotd_notify_sessions[slot], session,
122 gotd_notify_session, entry);
123 close(session->iev.ibuf.fd);
124 free(session);
125 }
126
127 static uint32_t
128 get_session_id(void)
129 {
130 int duplicate = 0;
131 uint32_t id;
132
133 do {
134 id = arc4random();
135 duplicate = (find_session(id) != NULL);
136 } while (duplicate || id == 0);
137
138 return id;
139 }
140
141 static void
142 gotd_notify_sighdlr(int sig, short event, void *arg)
143 {
144 /*
145 * Normal signal handler rules don't apply because libevent
146 * decouples for us.
147 */
148
149 switch (sig) {
150 case SIGHUP:
151 log_info("%s: ignoring SIGHUP", __func__);
152 break;
153 case SIGUSR1:
154 log_info("%s: ignoring SIGUSR1", __func__);
155 break;
156 case SIGTERM:
157 case SIGINT:
158 gotd_notify_shutdown();
159 /* NOTREACHED */
160 break;
161 default:
162 fatalx("unexpected signal");
163 }
164 }
165
166 static void
167 run_notification_helper(const char *prog, const char **argv, int fd,
168 const char *user, const char *pass, const char *hmac_secret)
169 {
170 const struct got_error *err = NULL;
171 pid_t pid;
172 int child_status;
173
174 pid = fork();
175 if (pid == -1) {
176 err = got_error_from_errno("fork");
177 log_warn("%s", err->msg);
178 return;
179 } else if (pid == 0) {
180 signal(SIGQUIT, SIG_DFL);
181 signal(SIGINT, SIG_DFL);
182 signal(SIGCHLD, SIG_DFL);
183
184 if (dup2(fd, STDIN_FILENO) == -1) {
185 fprintf(stderr, "%s: dup2: %s\n", getprogname(),
186 strerror(errno));
187 _exit(1);
188 }
189
190 closefrom(STDERR_FILENO + 1);
191
192 if (user != NULL && pass != NULL) {
193 setenv("GOT_NOTIFY_HTTP_USER", user, 1);
194 setenv("GOT_NOTIFY_HTTP_PASS", pass, 1);
195 } else {
196 unsetenv("GOTD_NOTIFY_HTTP_USER");
197 unsetenv("GOTD_NOTIFY_HTTP_PASS");
198 }
199
200 if (hmac_secret)
201 setenv("GOT_NOTIFY_HTTP_HMAC_SECRET", hmac_secret, 1);
202 else
203 unsetenv("GOT_NOTIFY_HTTP_HMAC_SECRET");
204
205 if (execv(prog, (char *const *)argv) == -1) {
206 fprintf(stderr, "%s: exec %s: %s\n", getprogname(),
207 prog, strerror(errno));
208 _exit(1);
209 }
210
211 /* not reached */
212 }
213
214 if (waitpid(pid, &child_status, 0) == -1) {
215 err = got_error_from_errno("waitpid");
216 goto done;
217 }
218
219 if (!WIFEXITED(child_status)) {
220 err = got_error(GOT_ERR_PRIVSEP_DIED);
221 goto done;
222 }
223
224 if (WEXITSTATUS(child_status) != 0)
225 err = got_error(GOT_ERR_PRIVSEP_EXIT);
226 done:
227 if (err)
228 log_warnx("%s: child %s pid %d: %s", gotd_notify.title,
229 prog, pid, err->msg);
230 }
231
232 static void
233 notify_email(struct gotd_notification_target *target, const char *subject_line,
234 int fd)
235 {
236 const char *argv[13];
237 int i = 0;
238
239 argv[i++] = GOTD_PATH_PROG_NOTIFY_EMAIL;
240
241 argv[i++] = "-f";
242 if (target->conf.email.sender)
243 argv[i++] = target->conf.email.sender;
244 else
245 argv[i++] = gotd_notify.default_sender;
246
247 if (target->conf.email.responder) {
248 argv[i++] = "-r";
249 argv[i++] = target->conf.email.responder;
250 }
251
252 if (target->conf.email.hostname) {
253 argv[i++] = "-h";
254 argv[i++] = target->conf.email.hostname;
255 }
256
257 if (target->conf.email.port) {
258 argv[i++] = "-p";
259 argv[i++] = target->conf.email.port;
260 }
261
262 argv[i++] = "-s";
263 argv[i++] = subject_line;
264
265 argv[i++] = target->conf.email.recipient;
266
267 argv[i] = NULL;
268
269 run_notification_helper(GOTD_PATH_PROG_NOTIFY_EMAIL, argv, fd,
270 NULL, NULL, NULL);
271 }
272
273 static void
274 notify_http(struct gotd_notification_target *target, const char *repo,
275 const char *username, int fd)
276 {
277 struct gotd_secret *secret;
278 const char *http_user = NULL, *http_pass = NULL, *hmac = NULL;
279 const char *argv[12];
280 int argc = 0;
281
282 argv[argc++] = GOTD_PATH_PROG_NOTIFY_HTTP;
283 if (target->conf.http.tls)
284 argv[argc++] = "-c";
285
286 argv[argc++] = "-r";
287 argv[argc++] = repo;
288 argv[argc++] = "-h";
289 argv[argc++] = target->conf.http.hostname;
290 argv[argc++] = "-p";
291 argv[argc++] = target->conf.http.port;
292 argv[argc++] = "-u";
293 argv[argc++] = username;
294
295 argv[argc++] = target->conf.http.path;
296
297 argv[argc] = NULL;
298
299 if (target->conf.http.auth) {
300 secret = gotd_secrets_get(&secrets, GOTD_SECRET_AUTH,
301 target->conf.http.auth);
302 http_user = secret->user;
303 http_pass = secret->pass;
304 }
305 if (target->conf.http.hmac) {
306 secret = gotd_secrets_get(&secrets, GOTD_SECRET_HMAC,
307 target->conf.http.hmac);
308 hmac = secret->hmac;
309 }
310
311 run_notification_helper(GOTD_PATH_PROG_NOTIFY_HTTP, argv, fd,
312 http_user, http_pass, hmac);
313 }
314
315 static const struct got_error *
316 send_notification(struct imsg *imsg, struct gotd_imsgev *iev)
317 {
318 const struct got_error *err = NULL;
319 struct gotd_imsg_notify inotify;
320 size_t datalen;
321 struct gotd_repo *repo;
322 struct gotd_notification_target *target;
323 int fd;
324 char *username = NULL;
325
326 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
327 if (datalen < sizeof(inotify))
328 return got_error(GOT_ERR_PRIVSEP_LEN);
329
330 memcpy(&inotify, imsg->data, sizeof(inotify));
331 if (datalen != sizeof(inotify) + inotify.username_len)
332 return got_error(GOT_ERR_PRIVSEP_LEN);
333
334 repo = gotd_find_repo_by_name(inotify.repo_name, gotd_notify.repos);
335 if (repo == NULL)
336 return got_error(GOT_ERR_PRIVSEP_MSG);
337
338 fd = imsg_get_fd(imsg);
339 if (fd == -1)
340 return got_error(GOT_ERR_PRIVSEP_NO_FD);
341
342 username = strndup(imsg->data + sizeof(inotify), inotify.username_len);
343 if (username == NULL)
344 return got_error_from_errno("strndup");
345
346 STAILQ_FOREACH(target, &repo->notification_targets, entry) {
347 if (lseek(fd, 0, SEEK_SET) == -1) {
348 err = got_error_from_errno("lseek");
349 goto done;
350 }
351 switch (target->type) {
352 case GOTD_NOTIFICATION_VIA_EMAIL:
353 notify_email(target, inotify.subject_line, fd);
354 break;
355 case GOTD_NOTIFICATION_VIA_HTTP:
356 notify_http(target, repo->name, username, fd);
357 break;
358 }
359 }
360
361 if (gotd_imsg_compose_event(iev, GOTD_IMSG_NOTIFICATION_SENT,
362 PROC_NOTIFY, -1, NULL, 0) == -1) {
363 err = got_error_from_errno("imsg compose NOTIFY");
364 goto done;
365 }
366 done:
367 close(fd);
368 free(username);
369 return err;
370 }
371
372 static void
373 notify_dispatch_session(int fd, short event, void *arg)
374 {
375 struct gotd_imsgev *iev = arg;
376 struct imsgbuf *ibuf = &iev->ibuf;
377 ssize_t n;
378 int shut = 0;
379 struct imsg imsg;
380
381 if (event & EV_READ) {
382 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
383 fatal("imsg_read error");
384 if (n == 0) {
385 /* Connection closed. */
386 shut = 1;
387 goto done;
388 }
389 }
390
391 if (event & EV_WRITE) {
392 n = msgbuf_write(&ibuf->w);
393 if (n == -1 && errno != EAGAIN && errno != EPIPE)
394 fatal("msgbuf_write");
395 if (n == 0 || (n == -1 && errno == EPIPE)) {
396 /* Connection closed. */
397 shut = 1;
398 goto done;
399 }
400 }
401
402 for (;;) {
403 const struct got_error *err = NULL;
404
405 if ((n = imsg_get(ibuf, &imsg)) == -1)
406 fatal("%s: imsg_get error", __func__);
407 if (n == 0) /* No more messages. */
408 break;
409
410 switch (imsg.hdr.type) {
411 case GOTD_IMSG_NOTIFY:
412 err = send_notification(&imsg, iev);
413 break;
414 default:
415 log_debug("unexpected imsg %d", imsg.hdr.type);
416 break;
417 }
418 imsg_free(&imsg);
419
420 if (err)
421 log_warnx("%s: %s", __func__, err->msg);
422 }
423 done:
424 if (!shut) {
425 gotd_imsg_event_add(iev);
426 } else {
427 struct gotd_notify_session *session;
428
429 /* This pipe is dead. Remove its event handler */
430 event_del(&iev->ev);
431 imsg_clear(&iev->ibuf);
432
433 session = find_session_by_fd(fd);
434 if (session)
435 remove_session(session);
436 }
437 }
438
439 static const struct got_error *
440 recv_session(struct imsg *imsg)
441 {
442 struct gotd_notify_session *session;
443 size_t datalen;
444 int fd;
445
446 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
447 if (datalen != 0)
448 return got_error(GOT_ERR_PRIVSEP_LEN);
449
450 fd = imsg_get_fd(imsg);
451 if (fd == -1)
452 return got_error(GOT_ERR_PRIVSEP_NO_FD);
453
454 session = calloc(1, sizeof(*session));
455 if (session == NULL)
456 return got_error_from_errno("calloc");
457
458 session->id = get_session_id();
459 imsg_init(&session->iev.ibuf, fd);
460 session->iev.handler = notify_dispatch_session;
461 session->iev.events = EV_READ;
462 session->iev.handler_arg = NULL;
463 event_set(&session->iev.ev, session->iev.ibuf.fd, EV_READ,
464 notify_dispatch_session, &session->iev);
465 gotd_imsg_event_add(&session->iev);
466 add_session(session);
467
468 return NULL;
469 }
470
471 static const struct got_error *
472 notify_ibuf_get_str(char **ret, struct ibuf *ibuf)
473 {
474 const char *str, *end;
475 size_t len;
476
477 *ret = NULL;
478
479 str = ibuf_data(ibuf);
480 len = ibuf_size(ibuf);
481
482 end = memchr(str, '\0', len);
483 if (end == NULL)
484 return got_error(GOT_ERR_PRIVSEP_LEN);
485 *ret = strdup(str);
486 if (*ret == NULL)
487 return got_error_from_errno("strdup");
488
489 if (ibuf_skip(ibuf, end - str + 1) == -1) {
490 free(*ret);
491 *ret = NULL;
492 return got_error(GOT_ERR_PRIVSEP_LEN);
493 }
494
495 return NULL;
496 }
497
498 static void
499 notify_dispatch(int fd, short event, void *arg)
500 {
501 struct gotd_imsgev *iev = arg;
502 struct imsgbuf *imsgbuf = &iev->ibuf;
503 ssize_t n;
504 int shut = 0;
505 struct imsg imsg;
506 struct ibuf ibuf;
507 struct gotd_secret *s;
508
509 if (event & EV_READ) {
510 if ((n = imsg_read(imsgbuf)) == -1 && errno != EAGAIN)
511 fatal("imsg_read error");
512 if (n == 0) {
513 /* Connection closed. */
514 shut = 1;
515 goto done;
516 }
517 }
518
519 if (event & EV_WRITE) {
520 n = msgbuf_write(&imsgbuf->w);
521 if (n == -1 && errno != EAGAIN)
522 fatal("msgbuf_write");
523 if (n == 0) {
524 /* Connection closed. */
525 shut = 1;
526 goto done;
527 }
528 }
529
530 for (;;) {
531 const struct got_error *err = NULL;
532
533 if ((n = imsg_get(imsgbuf, &imsg)) == -1)
534 fatal("%s: imsg_get error", __func__);
535 if (n == 0) /* No more messages. */
536 break;
537
538 switch (imsg.hdr.type) {
539 case GOTD_IMSG_CONNECT_SESSION:
540 err = recv_session(&imsg);
541 break;
542 case GOTD_IMSG_SECRETS:
543 if (secrets.cap != 0)
544 fatal("unexpected GOTD_IMSG_SECRETS");
545 if (imsg_get_data(&imsg, &secrets.cap,
546 sizeof(secrets.cap)) == -1)
547 fatalx("corrupted GOTD_IMSG_SECRETS");
548 if (secrets.cap == 0)
549 break;
550 secrets.secrets = calloc(secrets.cap,
551 sizeof(*secrets.secrets));
552 if (secrets.secrets == NULL)
553 fatal("calloc");
554 break;
555 case GOTD_IMSG_SECRET:
556 if (secrets.len == secrets.cap)
557 fatalx("unexpected GOTD_SECRET_AUTH");
558 s = &secrets.secrets[secrets.len++];
559 if (imsg_get_ibuf(&imsg, &ibuf) == -1)
560 fatal("imsg_get_ibuf");
561 if (ibuf_get(&ibuf, &s->type, sizeof(s->type)) == -1)
562 fatalx("corrupted GOTD_IMSG_SECRET");
563 err = notify_ibuf_get_str(&s->label, &ibuf);
564 if (err)
565 break;
566 if (s->type == GOTD_SECRET_AUTH) {
567 err = notify_ibuf_get_str(&s->user, &ibuf);
568 if (err)
569 break;
570 err = notify_ibuf_get_str(&s->pass, &ibuf);
571 if (err)
572 break;
573 } else {
574 err = notify_ibuf_get_str(&s->hmac, &ibuf);
575 if (err)
576 break;
577 }
578 if (ibuf_size(&ibuf) != 0)
579 fatalx("unexpected extra data in "
580 "GOTD_IMSG_SECRET");
581 break;
582 default:
583 log_debug("unexpected imsg %d", imsg.hdr.type);
584 break;
585 }
586 imsg_free(&imsg);
587
588 if (err)
589 log_warnx("%s: %s", __func__, err->msg);
590 }
591 done:
592 if (!shut) {
593 gotd_imsg_event_add(iev);
594 } else {
595 /* This pipe is dead. Remove its event handler */
596 event_del(&iev->ev);
597 event_loopexit(NULL);
598 }
599
600 }
601
602 void
603 notify_main(const char *title, struct gotd_repolist *repos,
604 const char *default_sender)
605 {
606 const struct got_error *err = NULL;
607 struct event evsigint, evsigterm, evsighup, evsigusr1;
608
609 arc4random_buf(&sessions_hash_key, sizeof(sessions_hash_key));
610
611 gotd_notify.title = title;
612 gotd_notify.repos = repos;
613 gotd_notify.default_sender = default_sender;
614 gotd_notify.pid = getpid();
615
616 signal_set(&evsigint, SIGINT, gotd_notify_sighdlr, NULL);
617 signal_set(&evsigterm, SIGTERM, gotd_notify_sighdlr, NULL);
618 signal_set(&evsighup, SIGHUP, gotd_notify_sighdlr, NULL);
619 signal_set(&evsigusr1, SIGUSR1, gotd_notify_sighdlr, NULL);
620 signal(SIGPIPE, SIG_IGN);
621
622 signal_add(&evsigint, NULL);
623 signal_add(&evsigterm, NULL);
624 signal_add(&evsighup, NULL);
625 signal_add(&evsigusr1, NULL);
626
627 imsg_init(&gotd_notify.parent_iev.ibuf, GOTD_FILENO_MSG_PIPE);
628 gotd_notify.parent_iev.handler = notify_dispatch;
629 gotd_notify.parent_iev.events = EV_READ;
630 gotd_notify.parent_iev.handler_arg = NULL;
631 event_set(&gotd_notify.parent_iev.ev, gotd_notify.parent_iev.ibuf.fd,
632 EV_READ, notify_dispatch, &gotd_notify.parent_iev);
633 gotd_imsg_event_add(&gotd_notify.parent_iev);
634
635 event_dispatch();
636
637 if (err)
638 log_warnx("%s: %s", title, err->msg);
639 gotd_notify_shutdown();
640 }
641
642 void
643 gotd_notify_shutdown(void)
644 {
645 log_debug("%s: shutting down", gotd_notify.title);
646 exit(0);
647 }
portable version of Game of Trees