1 /*
2  * Copyright (c) 2024 Tobias Heider <me@tobhe.de>
3  * Copyright (c) 2022 Omar Polo <op@openbsd.org>
4  *
5  * Permission to use, copy, modify, and distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16  */
17 
18 #include <sys/types.h>
19 #include <sys/socket.h>
20 
21 #include <err.h>
22 #include <errno.h>
23 #include <limits.h>
24 #include <netdb.h>
25 #include <poll.h>
26 #include <stdio.h>
27 #include <stdlib.h>
28 #include <string.h>
29 #include <tls.h>
30 #include <unistd.h>
31 
32 #include "got_error.h"
33 #include "got_version.h"
34 
35 #include "got_lib_pkt.h"
36 
37 #include "bufio.h"
38 
39 #define UPLOAD_PACK_ADV "application/x-git-upload-pack-advertisement"
40 #define UPLOAD_PACK_REQ "application/x-git-upload-pack-request"
41 #define UPLOAD_PACK_RES "application/x-git-upload-pack-result"
42 
43 #define	GOT_USERAGENT	"got/" GOT_VERSION_STR
44 #define MINIMUM(a, b)	((a) < (b) ? (a) : (b))
45 #define hasprfx(str, p)	(strncasecmp(str, p, strlen(p)) == 0)
46 
47 FILE *tmp;
48 
49 static int	verbose;
50 
51 static char *
52 bufio_getdelim_sync(struct bufio *bio, const char *nl, size_t *len)
53 {
54 	int	r;
55 
56 	do {
57 		r = bufio_read(bio);
58 		if (r == -1 && errno != EAGAIN)
59 			errx(1, "bufio_read: %s", bufio_io_err(bio));
60 	} while (r == -1 && errno == EAGAIN);
61 	return buf_getdelim(&bio->rbuf, nl, len);
62 }
63 
64 static size_t
65 bufio_drain_sync(struct bufio *bio, void *d, size_t len)
66 {
67 	int	r;
68 
69 	do {
70 		r = bufio_read(bio);
71 		if (r == -1 && errno != EAGAIN)
72 			errx(1, "bufio_read: %s", bufio_io_err(bio));
73 	} while (r == -1 && errno == EAGAIN);
74 	return bufio_drain(bio, d, len);
75 }
76 
77 static void
78 bufio_close_sync(struct bufio *bio)
79 {
80 	int	 r;
81 
82 	do {
83 		r = bufio_close(bio);
84 		if (r == -1 && errno == EAGAIN)
85 			errx(1, "bufio_read: %s", bufio_io_err(bio));
86 	} while (r == -1 && errno == EAGAIN);
87 }
88 
89 static long long
90 hexstrtonum(const char *str, long long min, long long max, const char **errstr)
91 {
92 	long long	 lval;
93 	char		*cp;
94 
95 	errno = 0;
96 	lval = strtoll(str, &cp, 16);
97 	if (*str == '\0' || *cp != '\0') {
98 		*errstr = "not a number";
99 		return 0;
100 	}
101 	if ((errno == ERANGE && (lval == LONG_MAX || lval == LONG_MIN)) ||
102 	    lval < min || lval > max) {
103 		*errstr = "out of range";
104 		return 0;
105 	}
106 
107 	*errstr = NULL;
108 	return lval;
109 }
110 
111 static int
112 dial(int https, const char *host, const char *port)
113 {
114 	struct addrinfo		 hints, *res, *res0;
115 	int			 error, saved_errno, fd = -1;
116 	const char		*cause = NULL;
117 
118 	memset(&hints, 0, sizeof(hints));
119 	hints.ai_family = AF_UNSPEC;
120 	hints.ai_socktype = SOCK_STREAM;
121 	error = getaddrinfo(host, port, &hints, &res0);
122 	if (error) {
123 		warnx("%s", gai_strerror(error));
124 		return -1;
125 	}
126 
127 	for (res = res0; res; res = res->ai_next) {
128 		fd = socket(res->ai_family, res->ai_socktype,
129 		    res->ai_protocol);
130 		if (fd == -1) {
131 			cause = "socket";
132 			continue;
133 		}
134 
135 		if (connect(fd, res->ai_addr, res->ai_addrlen) == 0)
136 			break;
137 
138 		cause = "connect";
139 		saved_errno = errno;
140 		close(fd);
141 		fd = -1;
142 		errno = saved_errno;
143 	}
144 	freeaddrinfo(res0);
145 
146 	if (fd == -1) {
147 		warn("%s", cause);
148 		return -1;
149 	}
150 
151 	return fd;
152 }
153 
154 static int
155 http_open(struct bufio *bio, int https, const char *method, const char *host, const char *port,
156     const char *path, const char *path_sufx, const char *query, const char *ctype)
157 {
158 	const char	*chdr = NULL, *te = "";
159 	char		*p, *req;
160 	int		 r;
161 	
162 	if (path_sufx != NULL && *path && path[strlen(path) - 1] == '/')
163 		path_sufx++; /* skip the slash */
164 
165 	if (strcmp(method, "POST") == 0)
166 		te = "\r\nTransfer-Encoding: chunked\r\n";
167 
168 	if (ctype)
169 		chdr = "Content-Type: ";
170 
171 	r = asprintf(&p, "%s/%s%s%s", path, path_sufx,
172 	    query ? "?" : "", query ? query : "");
173 	if (r == -1)
174 		err(1, "asprintf");
175 
176 	r = asprintf(&req, "%s %s HTTP/1.1\r\n"
177 	    "Host: %s\r\n"
178 	    "Connection: close\r\n"
179 	    "User-agent: %s\r\n"
180 	    "%s%s%s\r\n",
181 	    method, p, host, GOT_USERAGENT,
182 	    chdr ? chdr : "", ctype ? ctype : "", te);
183 	if (r == -1)
184 		err(1, "asprintf");
185 	free(p);
186 
187 	if (verbose > 0)
188 		fprintf(stderr, "%s: request: %s\n", getprogname(), req);
189 	
190 
191 	r = bufio_compose(bio, req, r);
192 	if (r == -1)
193 		err(1, "bufio_compose_fmt");
194 	free(req);
195 
196 	do {
197 		r = bufio_write(bio);
198 		if (r == -1 && errno != EAGAIN)
199 			errx(1, "bufio_read: %s", bufio_io_err(bio));
200 	} while (bio->wbuf.len != 0);
201 
202 	return 0;
203 }
204 
205 static int
206 http_parse_reply(struct bufio *bio, int *chunked, const char *expected_ctype)
207 {
208 	char		*cp, *line;
209 	size_t		 linelen;
210 
211 	*chunked = 0;
212 
213 	line = bufio_getdelim_sync(bio, "\r\n", &linelen);
214 	if (line == NULL) {
215 		warnx("%s: bufio_getdelim_sync()", __func__);
216 		return -1;
217 	}
218 
219 	if (verbose > 0)
220 		fprintf(stderr, "%s: response: %s\n", getprogname(), line);
221 
222 	if ((cp = strchr(line, ' ')) == NULL) {
223 		warnx("malformed HTTP response");
224 		return -1;
225 	}
226 	cp++;
227 
228 	if (strncmp(cp, "200 ", 4) != 0) {
229 		warnx("malformed HTTP response");
230 		return -1;
231 	}
232 	buf_drain(&bio->rbuf, linelen);
233 
234 	while(1) {
235 		line = bufio_getdelim_sync(bio, "\r\n", &linelen);
236 		if (line == NULL) {
237 			warnx("%s: bufio_getdelim_sync()", __func__);
238 			return -1;
239 		}
240 		if (*line == '\0') {
241 			buf_drain(&bio->rbuf, linelen);
242 			break;
243 		}
244 
245 		if (hasprfx(line, "content-type:")) {
246 			cp = strchr(line, ':') + 1;
247 			cp += strspn(cp, " \t");
248 			cp[strcspn(cp, " \t")] = '\0';
249 			if (strcmp(cp, expected_ctype) != 0) {
250 				warnx("server not using the \"smart\" "
251 				    "HTTP protocol.");
252 				return -1;
253 			}
254 		}
255 		if (hasprfx(line, "transfer-encoding:")) {
256 			cp = strchr(line, ':') + 1;
257 			cp += strspn(cp, " \t");
258 			cp[strcspn(cp, " \t")] = '\0';
259 			if (strcmp(cp, "chunked") != 0) {
260 				warnx("unknown transfer-encoding");
261 				return -1;
262 			}
263 			*chunked = 1;
264 		}
265 		buf_drain(&bio->rbuf, linelen);
266 	}
267 
268 	return 0;
269 }
270 
271 static ssize_t
272 http_read(struct bufio *bio, int chunked, size_t *chunksz, char *buf, size_t bufsz)
273 {
274 	const char	*errstr;
275 	char		*line = NULL;
276 	size_t		 r;
277 	ssize_t		 ret = 0, linelen;
278 
279 	if (!chunked) {
280 		r = bufio_drain_sync(bio, buf, bufsz);
281 		if (r == 0)
282 			return -1;
283 		return r;
284 	}
285 
286 	while (bufsz > 0) {
287 		if (*chunksz == 0) {
288 		again:
289 			line = bufio_getdelim_sync(bio, "\r\n", &linelen);
290 			if (line == NULL) {
291 				buf_drain(&bio->rbuf, linelen);
292 				break;
293 			}
294 			if (*line == '\0') {
295 				buf_drain(&bio->rbuf, linelen);
296 				goto again; /* was the CRLF after the chunk */
297 			}
298 
299 			*chunksz = hexstrtonum(line, 0, INT_MAX, &errstr);
300 			if (errstr != NULL) {
301 				warnx("invalid HTTP chunk: size is %s (%s)",
302 				    errstr, line);
303 				ret = -1;
304 				break;
305 			}
306 
307 			if (*chunksz == 0) {
308 				buf_drain(&bio->rbuf, linelen);
309 				break;
310 			}
311 			buf_drain(&bio->rbuf, linelen);
312 		}
313 
314 		r = bufio_drain_sync(bio, buf, MINIMUM(*chunksz, bufsz));
315 		if (r == 0) {
316 			break;
317 		}
318 
319 		ret += r;
320 		buf += r;
321 		bufsz -= r;
322 		*chunksz -= r;
323 	}
324 
325 	return ret;
326 }
327 
328 static int
329 http_chunk(struct bufio *bio, const void *buf, size_t len)
330 {
331 	int r;
332 
333 	if (bufio_compose_fmt(bio, "%zx\r\n", len) ||
334 	    bufio_compose(bio, buf, len) ||
335 	    bufio_compose(bio, "\r\n", 2))
336 		return 1;
337 
338 	do {
339 		r = bufio_write(bio);
340 		if (r == -1 && errno != EAGAIN)
341 			errx(1, "bufio_read: %s", bufio_io_err(bio));
342 	} while (bio->wbuf.len != 0);
343 
344 	return 0;
345 }
346 
347 static int
348 get_refs(int https, const char *host, const char *port, const char *path)
349 {
350 	struct bufio		 bio;
351 	char			 buf[GOT_PKT_MAX];
352 	const struct got_error	*e;
353 	const char		*sufx = "/info/refs";
354 	size_t			 chunksz = 0;
355 	ssize_t			 r;
356 	int			 skip;
357 	int			 chunked;
358 	int			 sock;
359 	int			 ret = -1;
360 
361 	if ((sock = dial(https, host, port)) == -1)
362 		return -1;
363 
364 	if (bufio_init(&bio)) {
365 		warnx("bufio_init");
366 		goto err;
367 	}
368 	bufio_set_fd(&bio, sock);
369 	if (https && bufio_starttls(&bio, host, 0, NULL, 0, NULL, 0) == -1) {
370 		warnx("bufio_starttls");
371 		goto err;
372 	}
373 
374 	if (http_open(&bio, https, "GET", host, port, path, sufx,
375 	    "service=git-upload-pack", NULL) == -1)
376 		goto err;
377 
378 	/* Fetch the initial reference announcement from the server. */
379 	if (http_parse_reply(&bio, &chunked, UPLOAD_PACK_ADV) == -1)
380 		goto err;
381 
382 	/* skip first pack; why git over http is like this? */
383 	r = http_read(&bio, chunked, &chunksz, buf, 4);
384 	if (r <= 0)
385 		goto err;
386 
387 	e = got_pkt_readlen(&skip, buf, verbose);
388 	if (e) {
389 		warnx("%s", e->msg);
390 		goto err;
391 	}
392 
393 	/* TODO: validate it's # service=git-upload-pack\n */
394 	while (skip > 0) {
395 		r = http_read(&bio, chunked, &chunksz, buf,
396 		    MINIMUM(skip, sizeof(buf)));
397 		if (r <= 0)
398 			goto err;
399 		skip -= r;
400 	}
401 
402 	for (;;) {
403 		r = http_read(&bio, chunked, &chunksz, buf, sizeof(buf));
404 		if (r == -1)
405 			goto err;
406 
407 		if (r == 0)
408 			break;
409 
410 		fwrite(buf, 1, r, stdout);
411 	}
412 
413 	fflush(stdout);
414 	ret = 0;
415 err:
416 	bufio_close_sync(&bio);
417 	bufio_free(&bio);
418 	return ret;
419 }
420 
421 static int
422 upload_request(int https, const char *host, const char *port, const char *path,
423     FILE *in)
424 {
425 	struct bufio		 bio;
426 	char			 buf[GOT_PKT_MAX];
427 	const struct got_error	*e;
428 	ssize_t			 r;
429 	size_t			 chunksz = 0;
430 	int			 t;
431 	int			 chunked;
432 	int			 sock;
433 	int			 ret = -1;
434 
435 	if ((sock = dial(https, host, port)) == -1)
436 		return -1;
437 
438 	if (bufio_init(&bio)) {
439 		warnx("bufio_init");
440 		goto err;
441 	}
442 	bufio_set_fd(&bio, sock);
443 	if (https && bufio_starttls(&bio, host, 0, NULL, 0, NULL, 0) == -1) {
444 		warnx("bufio_starttls");
445 		goto err;
446 	}
447 #ifndef PROFILE
448 	/* TODO: can we push this upwards such that get_refs() is covered? */
449 	if (pledge("stdio", NULL) == -1)
450 		err(1, "pledge");
451 #endif
452 	if (http_open(&bio, https, "POST", host, port, path, "/git-upload-pack",
453 	    NULL, UPLOAD_PACK_REQ) == -1)
454 		goto err;
455 
456 	/*
457 	 * Read have/want lines generated by got-fetch-pack and forward
458 	 * them to the server in the POST request body.
459 	 */
460 	for (;;) {
461 		r = fread(buf, 1, 4, in);
462 		if (r != 4)
463 			goto err;
464 
465 		e = got_pkt_readlen(&t, buf, verbose);
466 		if (e) {
467 			warnx("%s", e->msg);
468 			goto err;
469 		}
470 
471 		if (t == 0) {
472 			const char *flushpkt = "0000";
473 			if (http_chunk(&bio, flushpkt, strlen(flushpkt)))
474 				goto err;
475 			continue; /* got-fetch-pack will send "done" */
476 		}
477 
478 		if (t < 6) {
479 			warnx("pktline len is too small");
480 			goto err;
481 		}
482 
483 		r = fread(buf + 4, 1, t - 4, in);
484 		if (r != t - 4)
485 			goto err;
486 
487 		if (http_chunk(&bio, buf, t))
488 			goto err;
489 
490 		/*
491 		 * Once got-fetch-pack is done the server will
492 		 * send pack file data.
493 		 */
494 		if (t == 9 && strncmp(buf + 4, "done\n", 5) == 0) {
495 			if (http_chunk(&bio, NULL, 0))
496 				goto err;
497 			break;
498 		}
499 	}
500 
501 	if (http_parse_reply(&bio, &chunked, UPLOAD_PACK_RES) == -1)
502 		goto err;
503 
504 	/* Fetch pack file data from server. */
505 	for (;;) {
506 		r = http_read(&bio, chunked, &chunksz, buf, sizeof(buf));
507 		if (r == -1)
508 			goto err;
509 
510 		if (r == 0)
511 			break;
512 
513 		fwrite(buf, 1, r, stdout);
514 	}
515 
516 	ret = 0;
517 err:
518 	bufio_close_sync(&bio);
519 	bufio_free(&bio);
520 	return ret;
521 }
522 
523 static __dead void
524 usage(void)
525 {
526 	fprintf(stderr, "usage: %s [-qv] proto host port path\n",
527 	     getprogname());
528 	exit(1);
529 }
530 
531 int
532 main(int argc, char **argv)
533 {
534 	struct pollfd	 pfd;
535 	const char	*host, *port, *path;
536 	int		 https = 0;
537 	int		 ch;
538 
539 #ifndef PROFILE
540 	if (pledge("stdio rpath inet dns unveil", NULL) == -1)
541 		err(1, "pledge");
542 #endif
543 
544 	while ((ch = getopt(argc, argv, "qv")) != -1) {
545 		switch (ch) {
546 		case 'q':
547 			verbose = -1;
548 			break;
549 		case 'v':
550 			verbose++;
551 			break;
552 		default:
553 			usage();
554 		}
555 	}
556 	argc -= optind;
557 	argv += optind;
558 
559 	if (argc != 4)
560 		usage();
561 
562 	https = strcmp(argv[0], "https") == 0;
563 #ifndef PROFILE
564 	if (https) {
565 		if (unveil("/etc/ssl/cert.pem", "r") == -1)
566 			err(1, "unveil /etc/ssl/cert.pem");
567 	} else {
568 		/* drop "rpath" */
569 		if (pledge("stdio inet dns unveil", NULL) == -1)
570 			err(1, "pledge");
571 	}
572 #else
573 	if (unveil("gmon.out", "rwc") != 0)
574 		err(1, "unveil gmon.out");
575 #endif
576 	if (unveil(NULL, NULL) == -1)
577 		err(1, "unveil NULL");
578 
579 	host = argv[1];
580 	port = argv[2];
581 	path = argv[3];
582 
583 	if (get_refs(https, host, port, path) == -1)
584 		errx(1, "failed to get refs");
585 
586 	pfd.fd = 0;
587 	pfd.events = POLLIN;
588 	if (poll(&pfd, 1, INFTIM) == -1)
589 		err(1, "poll");
590 
591 	if ((ch = fgetc(stdin)) == EOF)
592 		return 0;
593 
594 	ungetc(ch, stdin);
595 	if (upload_request(https, host, port, path, stdin) == -1) {
596 		fflush(tmp);
597 		errx(1, "failed to upload request");
598 	}
599 
600 	return 0;
601 }