Blob


1 /*
2 * Copyright (c) 2022 Stefan Sperling <stsp@openbsd.org>
3 * Copyright (c) 2016-2019, 2020-2021 Tracey Emery <tracey@traceyemery.net>
4 * Copyright (c) 2004, 2005 Esben Norby <norby@openbsd.org>
5 * Copyright (c) 2004 Ryan McBride <mcbride@openbsd.org>
6 * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org>
7 * Copyright (c) 2001 Markus Friedl. All rights reserved.
8 * Copyright (c) 2001 Daniel Hartmeier. All rights reserved.
9 * Copyright (c) 2001 Theo de Raadt. All rights reserved.
10 *
11 * Permission to use, copy, modify, and distribute this software for any
12 * purpose with or without fee is hereby granted, provided that the above
13 * copyright notice and this permission notice appear in all copies.
14 *
15 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
16 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
17 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
18 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
19 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
20 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
21 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22 */
24 %{
25 #include <sys/time.h>
26 #include <sys/types.h>
27 #include <sys/queue.h>
28 #include <sys/stat.h>
30 #include <ctype.h>
31 #include <err.h>
32 #include <errno.h>
33 #include <event.h>
34 #include <imsg.h>
35 #include <limits.h>
36 #include <pwd.h>
37 #include <sha1.h>
38 #include <sha2.h>
39 #include <stdarg.h>
40 #include <stdlib.h>
41 #include <stdio.h>
42 #include <string.h>
43 #include <syslog.h>
44 #include <unistd.h>
46 #include "got_error.h"
47 #include "got_object.h"
48 #include "got_path.h"
49 #include "got_reference.h"
51 #include "log.h"
52 #include "gotd.h"
53 #include "auth.h"
54 #include "listen.h"
55 #include "secrets.h"
57 TAILQ_HEAD(files, file) files = TAILQ_HEAD_INITIALIZER(files);
58 static struct file {
59 TAILQ_ENTRY(file) entry;
60 FILE *stream;
61 char *name;
62 int lineno;
63 int errors;
64 } *file;
65 struct file *newfile(const char *, int, int);
66 static void closefile(struct file *);
67 int check_file_secrecy(int, const char *);
68 int yyparse(void);
69 int yylex(void);
70 int yyerror(const char *, ...)
71 __attribute__((__format__ (printf, 1, 2)))
72 __attribute__((__nonnull__ (1)));
73 int kw_cmp(const void *, const void *);
74 int lookup(char *);
75 int lgetc(int);
76 int lungetc(int);
77 int findeol(void);
78 static char *port_sprintf(int);
80 TAILQ_HEAD(symhead, sym) symhead = TAILQ_HEAD_INITIALIZER(symhead);
81 struct sym {
82 TAILQ_ENTRY(sym) entry;
83 int used;
84 int persist;
85 char *nam;
86 char *val;
87 };
89 int symset(const char *, const char *, int);
90 char *symget(const char *);
92 static int errors;
94 static struct gotd *gotd;
95 static struct gotd_repo *new_repo;
96 static int conf_limit_user_connections(const char *, int);
97 static struct gotd_repo *conf_new_repo(const char *);
98 static void conf_new_access_rule(struct gotd_repo *,
99 enum gotd_access, int, char *);
100 static int conf_protect_ref_namespace(char **,
101 struct got_pathlist_head *, char *);
102 static int conf_protect_tag_namespace(struct gotd_repo *,
103 char *);
104 static int conf_protect_branch_namespace(
105 struct gotd_repo *, char *);
106 static int conf_protect_branch(struct gotd_repo *,
107 char *);
108 static int conf_notify_branch(struct gotd_repo *,
109 char *);
110 static int conf_notify_ref_namespace(struct gotd_repo *,
111 char *);
112 static int conf_notify_email(struct gotd_repo *,
113 char *, char *, char *, char *, char *);
114 static int conf_notify_http(struct gotd_repo *,
115 char *, char *, char *, int);
116 static enum gotd_procid gotd_proc_id;
118 typedef struct {
119 union {
120 long long number;
121 char *string;
122 struct timeval tv;
123 } v;
124 int lineno;
125 } YYSTYPE;
127 %}
129 %token PATH ERROR LISTEN ON USER REPOSITORY PERMIT DENY
130 %token RO RW CONNECTION LIMIT REQUEST TIMEOUT
131 %token PROTECT NAMESPACE BRANCH TAG REFERENCE RELAY PORT
132 %token NOTIFY EMAIL FROM REPLY TO URL INSECURE HMAC AUTH
134 %token <v.string> STRING
135 %token <v.number> NUMBER
136 %type <v.tv> timeout
137 %type <v.string> numberstring
139 %%
141 grammar :
142 | grammar '\n'
143 | grammar varset '\n'
144 | grammar main '\n'
145 | grammar repository '\n'
148 varset : STRING '=' STRING {
149 char *s = $1;
150 while (*s++) {
151 if (isspace((unsigned char)*s)) {
152 yyerror("macro name cannot contain "
153 "whitespace");
154 free($1);
155 free($3);
156 YYERROR;
159 if (symset($1, $3, 0) == -1)
160 fatal("cannot store variable");
161 free($1);
162 free($3);
166 numberstring : STRING
167 | NUMBER {
168 if (asprintf(&$$, "%lld", (long long)$1) == -1) {
169 yyerror("asprintf: %s", strerror(errno));
170 YYERROR;
175 timeout : NUMBER {
176 if ($1 < 0) {
177 yyerror("invalid timeout: %lld", $1);
178 YYERROR;
180 $$.tv_sec = $1;
181 $$.tv_usec = 0;
183 | STRING {
184 const char *errstr;
185 const char *type = "seconds";
186 size_t len;
187 int mul = 1;
189 if (*$1 == '\0') {
190 yyerror("invalid number of seconds: %s", $1);
191 free($1);
192 YYERROR;
195 len = strlen($1);
196 switch ($1[len - 1]) {
197 case 'S':
198 case 's':
199 $1[len - 1] = '\0';
200 break;
201 case 'M':
202 case 'm':
203 type = "minutes";
204 mul = 60;
205 $1[len - 1] = '\0';
206 break;
207 case 'H':
208 case 'h':
209 type = "hours";
210 mul = 60 * 60;
211 $1[len - 1] = '\0';
212 break;
215 $$.tv_usec = 0;
216 $$.tv_sec = strtonum($1, 0, INT_MAX / mul, &errstr);
217 if (errstr) {
218 yyerror("number of %s is %s: %s", type,
219 errstr, $1);
220 free($1);
221 YYERROR;
224 $$.tv_sec *= mul;
225 free($1);
229 main : LISTEN ON STRING {
230 if (!got_path_is_absolute($3))
231 yyerror("bad unix socket path \"%s\": "
232 "must be an absolute path", $3);
234 if (gotd_proc_id == PROC_LISTEN) {
235 if (strlcpy(gotd->unix_socket_path, $3,
236 sizeof(gotd->unix_socket_path)) >=
237 sizeof(gotd->unix_socket_path)) {
238 yyerror("%s: unix socket path too long",
239 __func__);
240 free($3);
241 YYERROR;
244 free($3);
246 | USER numberstring {
247 if (strlcpy(gotd->user_name, $2,
248 sizeof(gotd->user_name)) >=
249 sizeof(gotd->user_name)) {
250 yyerror("%s: user name too long", __func__);
251 free($2);
252 YYERROR;
254 free($2);
256 | connection
259 connection : CONNECTION '{' optnl conflags_l '}'
260 | CONNECTION conflags
262 conflags_l : conflags optnl conflags_l
263 | conflags optnl
266 conflags : REQUEST TIMEOUT timeout {
267 if ($3.tv_sec <= 0) {
268 yyerror("invalid timeout: %lld",
269 (long long)$3.tv_sec);
270 YYERROR;
272 memcpy(&gotd->request_timeout, &$3,
273 sizeof(gotd->request_timeout));
275 | LIMIT USER STRING NUMBER {
276 if (gotd_proc_id == PROC_LISTEN &&
277 conf_limit_user_connections($3, $4) == -1) {
278 free($3);
279 YYERROR;
281 free($3);
285 protect : PROTECT '{' optnl protectflags_l '}'
286 | PROTECT protectflags
288 protectflags_l : protectflags optnl protectflags_l
289 | protectflags optnl
292 protectflags : TAG NAMESPACE STRING {
293 if (gotd_proc_id == PROC_GOTD ||
294 gotd_proc_id == PROC_REPO_WRITE) {
295 if (conf_protect_tag_namespace(new_repo, $3)) {
296 free($3);
297 YYERROR;
300 free($3);
302 | BRANCH NAMESPACE STRING {
303 if (gotd_proc_id == PROC_GOTD ||
304 gotd_proc_id == PROC_REPO_WRITE) {
305 if (conf_protect_branch_namespace(new_repo,
306 $3)) {
307 free($3);
308 YYERROR;
311 free($3);
313 | BRANCH STRING {
314 if (gotd_proc_id == PROC_GOTD ||
315 gotd_proc_id == PROC_REPO_WRITE) {
316 if (conf_protect_branch(new_repo, $2)) {
317 free($2);
318 YYERROR;
321 free($2);
325 notify : NOTIFY '{' optnl notifyflags_l '}'
326 | NOTIFY notifyflags
328 notifyflags_l : notifyflags optnl notifyflags_l
329 | notifyflags optnl
332 notifyflags : BRANCH STRING {
333 if (gotd_proc_id == PROC_GOTD ||
334 gotd_proc_id == PROC_SESSION_WRITE ||
335 gotd_proc_id == PROC_NOTIFY) {
336 if (conf_notify_branch(new_repo, $2)) {
337 free($2);
338 YYERROR;
341 free($2);
343 | REFERENCE NAMESPACE STRING {
344 if (gotd_proc_id == PROC_GOTD ||
345 gotd_proc_id == PROC_SESSION_WRITE ||
346 gotd_proc_id == PROC_NOTIFY) {
347 if (conf_notify_ref_namespace(new_repo, $3)) {
348 free($3);
349 YYERROR;
352 free($3);
354 | EMAIL TO STRING {
355 if (gotd_proc_id == PROC_GOTD ||
356 gotd_proc_id == PROC_SESSION_WRITE ||
357 gotd_proc_id == PROC_NOTIFY) {
358 if (conf_notify_email(new_repo, NULL, $3,
359 NULL, NULL, NULL)) {
360 free($3);
361 YYERROR;
364 free($3);
366 | EMAIL FROM STRING TO STRING {
367 if (gotd_proc_id == PROC_GOTD ||
368 gotd_proc_id == PROC_SESSION_WRITE ||
369 gotd_proc_id == PROC_NOTIFY) {
370 if (conf_notify_email(new_repo, $3, $5,
371 NULL, NULL, NULL)) {
372 free($3);
373 free($5);
374 YYERROR;
377 free($3);
378 free($5);
380 | EMAIL TO STRING REPLY TO STRING {
381 if (gotd_proc_id == PROC_GOTD ||
382 gotd_proc_id == PROC_SESSION_WRITE ||
383 gotd_proc_id == PROC_NOTIFY) {
384 if (conf_notify_email(new_repo, NULL, $3,
385 $6, NULL, NULL)) {
386 free($3);
387 free($6);
388 YYERROR;
391 free($3);
392 free($6);
394 | EMAIL FROM STRING TO STRING REPLY TO STRING {
395 if (gotd_proc_id == PROC_GOTD ||
396 gotd_proc_id == PROC_SESSION_WRITE ||
397 gotd_proc_id == PROC_NOTIFY) {
398 if (conf_notify_email(new_repo, $3, $5,
399 $8, NULL, NULL)) {
400 free($3);
401 free($5);
402 free($8);
403 YYERROR;
406 free($3);
407 free($5);
408 free($8);
410 | EMAIL TO STRING RELAY STRING {
411 if (gotd_proc_id == PROC_GOTD ||
412 gotd_proc_id == PROC_SESSION_WRITE ||
413 gotd_proc_id == PROC_NOTIFY) {
414 if (conf_notify_email(new_repo, NULL, $3,
415 NULL, $5, NULL)) {
416 free($3);
417 free($5);
418 YYERROR;
421 free($3);
422 free($5);
424 | EMAIL FROM STRING TO STRING RELAY STRING {
425 if (gotd_proc_id == PROC_GOTD ||
426 gotd_proc_id == PROC_SESSION_WRITE ||
427 gotd_proc_id == PROC_NOTIFY) {
428 if (conf_notify_email(new_repo, $3, $5,
429 NULL, $7, NULL)) {
430 free($3);
431 free($5);
432 free($7);
433 YYERROR;
436 free($3);
437 free($5);
438 free($7);
440 | EMAIL TO STRING REPLY TO STRING RELAY STRING {
441 if (gotd_proc_id == PROC_GOTD ||
442 gotd_proc_id == PROC_SESSION_WRITE ||
443 gotd_proc_id == PROC_NOTIFY) {
444 if (conf_notify_email(new_repo, NULL, $3,
445 $6, $8, NULL)) {
446 free($3);
447 free($6);
448 free($8);
449 YYERROR;
452 free($3);
453 free($6);
454 free($8);
456 | EMAIL FROM STRING TO STRING REPLY TO STRING RELAY STRING {
457 if (gotd_proc_id == PROC_GOTD ||
458 gotd_proc_id == PROC_SESSION_WRITE ||
459 gotd_proc_id == PROC_NOTIFY) {
460 if (conf_notify_email(new_repo, $3, $5,
461 $8, $10, NULL)) {
462 free($3);
463 free($5);
464 free($8);
465 free($10);
466 YYERROR;
469 free($3);
470 free($5);
471 free($8);
472 free($10);
474 | EMAIL TO STRING RELAY STRING PORT STRING {
475 if (gotd_proc_id == PROC_GOTD ||
476 gotd_proc_id == PROC_SESSION_WRITE ||
477 gotd_proc_id == PROC_NOTIFY) {
478 if (conf_notify_email(new_repo, NULL, $3,
479 NULL, $5, $7)) {
480 free($3);
481 free($5);
482 free($7);
483 YYERROR;
486 free($3);
487 free($5);
488 free($7);
490 | EMAIL FROM STRING TO STRING RELAY STRING PORT STRING {
491 if (gotd_proc_id == PROC_GOTD ||
492 gotd_proc_id == PROC_SESSION_WRITE ||
493 gotd_proc_id == PROC_NOTIFY) {
494 if (conf_notify_email(new_repo, $3, $5,
495 NULL, $7, $9)) {
496 free($3);
497 free($5);
498 free($7);
499 free($9);
500 YYERROR;
503 free($3);
504 free($5);
505 free($7);
506 free($9);
508 | EMAIL TO STRING REPLY TO STRING RELAY STRING PORT STRING {
509 if (gotd_proc_id == PROC_GOTD ||
510 gotd_proc_id == PROC_SESSION_WRITE ||
511 gotd_proc_id == PROC_NOTIFY) {
512 if (conf_notify_email(new_repo, NULL, $3,
513 $6, $8, $10)) {
514 free($3);
515 free($6);
516 free($8);
517 free($10);
518 YYERROR;
521 free($3);
522 free($6);
523 free($8);
524 free($10);
526 | EMAIL FROM STRING TO STRING REPLY TO STRING RELAY STRING PORT STRING {
527 if (gotd_proc_id == PROC_GOTD ||
528 gotd_proc_id == PROC_SESSION_WRITE ||
529 gotd_proc_id == PROC_NOTIFY) {
530 if (conf_notify_email(new_repo, $3, $5,
531 $8, $10, $12)) {
532 free($3);
533 free($5);
534 free($8);
535 free($10);
536 free($12);
537 YYERROR;
540 free($3);
541 free($5);
542 free($8);
543 free($10);
544 free($12);
546 | EMAIL TO STRING RELAY STRING PORT NUMBER {
547 if (gotd_proc_id == PROC_GOTD ||
548 gotd_proc_id == PROC_SESSION_WRITE ||
549 gotd_proc_id == PROC_NOTIFY) {
550 if (conf_notify_email(new_repo, NULL, $3,
551 NULL, $5, port_sprintf($7))) {
552 free($3);
553 free($5);
554 YYERROR;
557 free($3);
558 free($5);
560 | EMAIL FROM STRING TO STRING RELAY STRING PORT NUMBER {
561 if (gotd_proc_id == PROC_GOTD ||
562 gotd_proc_id == PROC_SESSION_WRITE ||
563 gotd_proc_id == PROC_NOTIFY) {
564 if (conf_notify_email(new_repo, $3, $5,
565 NULL, $7, port_sprintf($9))) {
566 free($3);
567 free($5);
568 free($7);
569 YYERROR;
572 free($3);
573 free($5);
574 free($7);
576 | EMAIL TO STRING REPLY TO STRING RELAY STRING PORT NUMBER {
577 if (gotd_proc_id == PROC_GOTD ||
578 gotd_proc_id == PROC_SESSION_WRITE ||
579 gotd_proc_id == PROC_NOTIFY) {
580 if (conf_notify_email(new_repo, NULL, $3,
581 $6, $8, port_sprintf($10))) {
582 free($3);
583 free($6);
584 free($8);
585 YYERROR;
588 free($3);
589 free($6);
590 free($8);
592 | EMAIL FROM STRING TO STRING REPLY TO STRING RELAY STRING PORT NUMBER {
593 if (gotd_proc_id == PROC_GOTD ||
594 gotd_proc_id == PROC_SESSION_WRITE ||
595 gotd_proc_id == PROC_NOTIFY) {
596 if (conf_notify_email(new_repo, $3, $5,
597 $8, $10, port_sprintf($12))) {
598 free($3);
599 free($5);
600 free($8);
601 free($10);
602 YYERROR;
605 free($3);
606 free($5);
607 free($8);
608 free($10);
610 | URL STRING {
611 if (gotd_proc_id == PROC_GOTD ||
612 gotd_proc_id == PROC_SESSION_WRITE ||
613 gotd_proc_id == PROC_NOTIFY) {
614 if (conf_notify_http(new_repo, $2, NULL,
615 NULL, 0)) {
616 free($2);
617 YYERROR;
620 free($2);
622 | URL STRING AUTH STRING {
623 if (gotd_proc_id == PROC_GOTD ||
624 gotd_proc_id == PROC_SESSION_WRITE ||
625 gotd_proc_id == PROC_NOTIFY) {
626 if (conf_notify_http(new_repo, $2, $4, NULL,
627 0)) {
628 free($2);
629 free($4);
630 YYERROR;
633 free($2);
634 free($4);
636 | URL STRING AUTH STRING INSECURE {
637 if (gotd_proc_id == PROC_GOTD ||
638 gotd_proc_id == PROC_SESSION_WRITE ||
639 gotd_proc_id == PROC_NOTIFY) {
640 if (conf_notify_http(new_repo, $2, $4, NULL,
641 1)) {
642 free($2);
643 free($4);
644 YYERROR;
647 free($2);
648 free($4);
650 | URL STRING HMAC STRING {
651 if (gotd_proc_id == PROC_GOTD ||
652 gotd_proc_id == PROC_SESSION_WRITE ||
653 gotd_proc_id == PROC_NOTIFY) {
654 if (conf_notify_http(new_repo, $2, NULL, $4,
655 0)) {
656 free($2);
657 free($4);
658 YYERROR;
661 free($2);
662 free($4);
664 | URL STRING AUTH STRING HMAC STRING {
665 if (gotd_proc_id == PROC_GOTD ||
666 gotd_proc_id == PROC_SESSION_WRITE ||
667 gotd_proc_id == PROC_NOTIFY) {
668 if (conf_notify_http(new_repo, $2, $4, $6,
669 0)) {
670 free($2);
671 free($4);
672 free($6);
673 YYERROR;
676 free($2);
677 free($4);
678 free($6);
680 | URL STRING AUTH STRING INSECURE HMAC STRING {
681 if (gotd_proc_id == PROC_GOTD ||
682 gotd_proc_id == PROC_SESSION_WRITE ||
683 gotd_proc_id == PROC_NOTIFY) {
684 if (conf_notify_http(new_repo, $2, $4, $7,
685 1)) {
686 free($2);
687 free($4);
688 free($7);
689 YYERROR;
692 free($2);
693 free($4);
694 free($7);
698 repository : REPOSITORY STRING {
699 struct gotd_repo *repo;
701 TAILQ_FOREACH(repo, &gotd->repos, entry) {
702 if (strcmp(repo->name, $2) == 0) {
703 yyerror("duplicate repository '%s'", $2);
704 free($2);
705 YYERROR;
709 if (gotd_proc_id == PROC_GOTD ||
710 gotd_proc_id == PROC_AUTH ||
711 gotd_proc_id == PROC_REPO_WRITE ||
712 gotd_proc_id == PROC_SESSION_WRITE ||
713 gotd_proc_id == PROC_GITWRAPPER |
714 gotd_proc_id == PROC_NOTIFY) {
715 new_repo = conf_new_repo($2);
717 free($2);
718 } '{' optnl repoopts2 '}' {
722 repoopts1 : PATH STRING {
723 if (gotd_proc_id == PROC_GOTD ||
724 gotd_proc_id == PROC_AUTH ||
725 gotd_proc_id == PROC_REPO_WRITE ||
726 gotd_proc_id == PROC_SESSION_WRITE ||
727 gotd_proc_id == PROC_GITWRAPPER ||
728 gotd_proc_id == PROC_NOTIFY) {
729 if (!got_path_is_absolute($2)) {
730 yyerror("%s: path %s is not absolute",
731 __func__, $2);
732 free($2);
733 YYERROR;
735 if (realpath($2, new_repo->path) == NULL) {
736 /*
737 * To give admins a chance to create
738 * missing repositories at run-time
739 * we only warn about ENOENT here.
741 * And ignore 'permission denied' when
742 * running in gitwrapper. Users may be
743 * able to access this repository via
744 * gotd regardless.
745 */
746 if (errno == ENOENT) {
747 log_warn("%s", $2);
748 } else if (errno != EACCES ||
749 gotd_proc_id != PROC_GITWRAPPER) {
750 yyerror("realpath %s: %s", $2,
751 strerror(errno));
752 free($2);
753 YYERROR;
756 if (strlcpy(new_repo->path, $2,
757 sizeof(new_repo->path)) >=
758 sizeof(new_repo->path))
759 yyerror("path too long");
762 free($2);
764 | PERMIT RO numberstring {
765 if (gotd_proc_id == PROC_AUTH) {
766 conf_new_access_rule(new_repo,
767 GOTD_ACCESS_PERMITTED, GOTD_AUTH_READ, $3);
768 } else
769 free($3);
771 | PERMIT RW numberstring {
772 if (gotd_proc_id == PROC_AUTH) {
773 conf_new_access_rule(new_repo,
774 GOTD_ACCESS_PERMITTED,
775 GOTD_AUTH_READ | GOTD_AUTH_WRITE, $3);
776 } else
777 free($3);
779 | DENY numberstring {
780 if (gotd_proc_id == PROC_AUTH) {
781 conf_new_access_rule(new_repo,
782 GOTD_ACCESS_DENIED, 0, $2);
783 } else
784 free($2);
786 | protect
787 | notify
790 repoopts2 : repoopts2 repoopts1 nl
791 | repoopts1 optnl
794 nl : '\n' optnl
797 optnl : '\n' optnl /* zero or more newlines */
798 | /* empty */
801 %%
803 struct keywords {
804 const char *k_name;
805 int k_val;
806 };
808 int
809 yyerror(const char *fmt, ...)
811 va_list ap;
812 char *msg;
814 file->errors++;
815 va_start(ap, fmt);
816 if (vasprintf(&msg, fmt, ap) == -1)
817 fatalx("yyerror vasprintf");
818 va_end(ap);
819 logit(LOG_CRIT, "%s:%d: %s", file->name, yylval.lineno, msg);
820 free(msg);
821 return (0);
824 int
825 kw_cmp(const void *k, const void *e)
827 return (strcmp(k, ((const struct keywords *)e)->k_name));
830 int
831 lookup(char *s)
833 /* This has to be sorted always. */
834 static const struct keywords keywords[] = {
835 { "auth", AUTH },
836 { "branch", BRANCH },
837 { "connection", CONNECTION },
838 { "deny", DENY },
839 { "email", EMAIL },
840 { "from", FROM },
841 { "hmac", HMAC },
842 { "insecure", INSECURE },
843 { "limit", LIMIT },
844 { "listen", LISTEN },
845 { "namespace", NAMESPACE },
846 { "notify", NOTIFY },
847 { "on", ON },
848 { "path", PATH },
849 { "permit", PERMIT },
850 { "port", PORT },
851 { "protect", PROTECT },
852 { "reference", REFERENCE },
853 { "relay", RELAY },
854 { "reply", REPLY },
855 { "repository", REPOSITORY },
856 { "request", REQUEST },
857 { "ro", RO },
858 { "rw", RW },
859 { "tag", TAG },
860 { "timeout", TIMEOUT },
861 { "to", TO },
862 { "url", URL },
863 { "user", USER },
864 };
865 const struct keywords *p;
867 p = bsearch(s, keywords, sizeof(keywords)/sizeof(keywords[0]),
868 sizeof(keywords[0]), kw_cmp);
870 if (p)
871 return (p->k_val);
872 else
873 return (STRING);
876 #define MAXPUSHBACK 128
878 unsigned char *parsebuf;
879 int parseindex;
880 unsigned char pushback_buffer[MAXPUSHBACK];
881 int pushback_index = 0;
883 int
884 lgetc(int quotec)
886 int c, next;
888 if (parsebuf) {
889 /* Read character from the parsebuffer instead of input. */
890 if (parseindex >= 0) {
891 c = parsebuf[parseindex++];
892 if (c != '\0')
893 return (c);
894 parsebuf = NULL;
895 } else
896 parseindex++;
899 if (pushback_index)
900 return (pushback_buffer[--pushback_index]);
902 if (quotec) {
903 c = getc(file->stream);
904 if (c == EOF)
905 yyerror("reached end of file while parsing "
906 "quoted string");
907 return (c);
910 c = getc(file->stream);
911 while (c == '\\') {
912 next = getc(file->stream);
913 if (next != '\n') {
914 c = next;
915 break;
917 yylval.lineno = file->lineno;
918 file->lineno++;
919 c = getc(file->stream);
922 return (c);
925 int
926 lungetc(int c)
928 if (c == EOF)
929 return (EOF);
930 if (parsebuf) {
931 parseindex--;
932 if (parseindex >= 0)
933 return (c);
935 if (pushback_index < MAXPUSHBACK-1)
936 return (pushback_buffer[pushback_index++] = c);
937 else
938 return (EOF);
941 int
942 findeol(void)
944 int c;
946 parsebuf = NULL;
948 /* Skip to either EOF or the first real EOL. */
949 while (1) {
950 if (pushback_index)
951 c = pushback_buffer[--pushback_index];
952 else
953 c = lgetc(0);
954 if (c == '\n') {
955 file->lineno++;
956 break;
958 if (c == EOF)
959 break;
961 return (ERROR);
964 int
965 yylex(void)
967 unsigned char buf[8096];
968 unsigned char *p, *val;
969 int quotec, next, c;
970 int token;
972 top:
973 p = buf;
974 c = lgetc(0);
975 while (c == ' ' || c == '\t')
976 c = lgetc(0); /* nothing */
978 yylval.lineno = file->lineno;
979 if (c == '#') {
980 c = lgetc(0);
981 while (c != '\n' && c != EOF)
982 c = lgetc(0); /* nothing */
984 if (c == '$' && parsebuf == NULL) {
985 while (1) {
986 c = lgetc(0);
987 if (c == EOF)
988 return (0);
990 if (p + 1 >= buf + sizeof(buf) - 1) {
991 yyerror("string too long");
992 return (findeol());
994 if (isalnum(c) || c == '_') {
995 *p++ = c;
996 continue;
998 *p = '\0';
999 lungetc(c);
1000 break;
1002 val = symget(buf);
1003 if (val == NULL) {
1004 yyerror("macro '%s' not defined", buf);
1005 return (findeol());
1007 parsebuf = val;
1008 parseindex = 0;
1009 goto top;
1012 switch (c) {
1013 case '\'':
1014 case '"':
1015 quotec = c;
1016 while (1) {
1017 c = lgetc(quotec);
1018 if (c == EOF)
1019 return (0);
1020 if (c == '\n') {
1021 file->lineno++;
1022 continue;
1023 } else if (c == '\\') {
1024 next = lgetc(quotec);
1025 if (next == EOF)
1026 return (0);
1027 if (next == quotec || c == ' ' || c == '\t')
1028 c = next;
1029 else if (next == '\n') {
1030 file->lineno++;
1031 continue;
1032 } else
1033 lungetc(next);
1034 } else if (c == quotec) {
1035 *p = '\0';
1036 break;
1037 } else if (c == '\0') {
1038 yyerror("syntax error");
1039 return (findeol());
1041 if (p + 1 >= buf + sizeof(buf) - 1) {
1042 yyerror("string too long");
1043 return (findeol());
1045 *p++ = c;
1047 yylval.v.string = strdup(buf);
1048 if (yylval.v.string == NULL)
1049 err(1, "yylex: strdup");
1050 return (STRING);
1053 #define allowed_to_end_number(x) \
1054 (isspace(x) || x == ')' || x ==',' || x == '/' || x == '}' || x == '=')
1056 if (c == '-' || isdigit(c)) {
1057 do {
1058 *p++ = c;
1059 if ((unsigned)(p-buf) >= sizeof(buf)) {
1060 yyerror("string too long");
1061 return (findeol());
1063 c = lgetc(0);
1064 } while (c != EOF && isdigit(c));
1065 lungetc(c);
1066 if (p == buf + 1 && buf[0] == '-')
1067 goto nodigits;
1068 if (c == EOF || allowed_to_end_number(c)) {
1069 const char *errstr = NULL;
1071 *p = '\0';
1072 yylval.v.number = strtonum(buf, LLONG_MIN,
1073 LLONG_MAX, &errstr);
1074 if (errstr) {
1075 yyerror("\"%s\" invalid number: %s",
1076 buf, errstr);
1077 return (findeol());
1079 return (NUMBER);
1080 } else {
1081 nodigits:
1082 while (p > buf + 1)
1083 lungetc(*--p);
1084 c = *--p;
1085 if (c == '-')
1086 return (c);
1090 #define allowed_in_string(x) \
1091 (isalnum(x) || (ispunct(x) && x != '(' && x != ')' && \
1092 x != '{' && x != '}' && \
1093 x != '!' && x != '=' && x != '#' && \
1094 x != ','))
1096 if (isalnum(c) || c == ':' || c == '_') {
1097 do {
1098 *p++ = c;
1099 if ((unsigned)(p-buf) >= sizeof(buf)) {
1100 yyerror("string too long");
1101 return (findeol());
1103 c = lgetc(0);
1104 } while (c != EOF && (allowed_in_string(c)));
1105 lungetc(c);
1106 *p = '\0';
1107 token = lookup(buf);
1108 if (token == STRING) {
1109 yylval.v.string = strdup(buf);
1110 if (yylval.v.string == NULL)
1111 err(1, "yylex: strdup");
1113 return (token);
1115 if (c == '\n') {
1116 yylval.lineno = file->lineno;
1117 file->lineno++;
1119 if (c == EOF)
1120 return (0);
1121 return (c);
1124 int
1125 check_file_secrecy(int fd, const char *fname)
1127 struct stat st;
1129 if (fstat(fd, &st)) {
1130 log_warn("cannot stat %s", fname);
1131 return (-1);
1133 if (st.st_uid != 0 && st.st_uid != getuid()) {
1134 log_warnx("%s: owner not root or current user", fname);
1135 return (-1);
1137 if (st.st_mode & (S_IWGRP | S_IXGRP | S_IRWXO)) {
1138 log_warnx("%s: group writable or world read/writable", fname);
1139 return (-1);
1141 return (0);
1144 struct file *
1145 newfile(const char *name, int secret, int required)
1147 struct file *nfile;
1149 nfile = calloc(1, sizeof(struct file));
1150 if (nfile == NULL) {
1151 log_warn("calloc");
1152 return (NULL);
1154 nfile->name = strdup(name);
1155 if (nfile->name == NULL) {
1156 log_warn("strdup");
1157 free(nfile);
1158 return (NULL);
1160 nfile->stream = fopen(nfile->name, "r");
1161 if (nfile->stream == NULL) {
1162 if (required)
1163 log_warn("open %s", nfile->name);
1164 free(nfile->name);
1165 free(nfile);
1166 return (NULL);
1167 } else if (secret &&
1168 check_file_secrecy(fileno(nfile->stream), nfile->name)) {
1169 fclose(nfile->stream);
1170 free(nfile->name);
1171 free(nfile);
1172 return (NULL);
1174 nfile->lineno = 1;
1175 return (nfile);
1178 static void
1179 closefile(struct file *xfile)
1181 fclose(xfile->stream);
1182 free(xfile->name);
1183 free(xfile);
1186 int
1187 parse_config(const char *filename, enum gotd_procid proc_id,
1188 struct gotd_secrets *secrets, struct gotd *env)
1190 struct sym *sym, *next;
1191 struct gotd_repo *repo;
1192 int require_config_file = (proc_id != PROC_GITWRAPPER);
1194 memset(env, 0, sizeof(*env));
1196 gotd = env;
1197 gotd_proc_id = proc_id;
1198 gotd->secrets = secrets;
1199 TAILQ_INIT(&gotd->repos);
1201 /* Apply default values. */
1202 if (strlcpy(gotd->unix_socket_path, GOTD_UNIX_SOCKET,
1203 sizeof(gotd->unix_socket_path)) >= sizeof(gotd->unix_socket_path)) {
1204 fprintf(stderr, "%s: unix socket path too long", __func__);
1205 return -1;
1207 if (strlcpy(gotd->user_name, GOTD_USER,
1208 sizeof(gotd->user_name)) >= sizeof(gotd->user_name)) {
1209 fprintf(stderr, "%s: user name too long", __func__);
1210 return -1;
1213 gotd->request_timeout.tv_sec = GOTD_DEFAULT_REQUEST_TIMEOUT;
1214 gotd->request_timeout.tv_usec = 0;
1216 file = newfile(filename, 0, require_config_file);
1217 if (file == NULL)
1218 return require_config_file ? -1 : 0;
1220 yyparse();
1221 errors = file->errors;
1222 closefile(file);
1224 /* Free macros and check which have not been used. */
1225 TAILQ_FOREACH_SAFE(sym, &symhead, entry, next) {
1226 if ((gotd->verbosity > 1) && !sym->used)
1227 fprintf(stderr, "warning: macro '%s' not used\n",
1228 sym->nam);
1229 if (!sym->persist) {
1230 free(sym->nam);
1231 free(sym->val);
1232 TAILQ_REMOVE(&symhead, sym, entry);
1233 free(sym);
1237 if (errors)
1238 return (-1);
1240 TAILQ_FOREACH(repo, &gotd->repos, entry) {
1241 if (repo->path[0] == '\0') {
1242 log_warnx("repository \"%s\": no path provided in "
1243 "configuration file", repo->name);
1244 return (-1);
1248 if (proc_id == PROC_GOTD && TAILQ_EMPTY(&gotd->repos)) {
1249 log_warnx("no repository defined in configuration file");
1250 return (-1);
1253 return (0);
1256 static int
1257 uid_connection_limit_cmp(const void *pa, const void *pb)
1259 const struct gotd_uid_connection_limit *a = pa, *b = pb;
1261 if (a->uid < b->uid)
1262 return -1;
1263 else if (a->uid > b->uid);
1264 return 1;
1266 return 0;
1269 static int
1270 conf_limit_user_connections(const char *user, int maximum)
1272 uid_t uid;
1273 struct gotd_uid_connection_limit *limit;
1274 size_t nlimits;
1276 if (maximum < 1) {
1277 yyerror("max connections cannot be smaller 1");
1278 return -1;
1280 if (maximum > GOTD_MAXCLIENTS) {
1281 yyerror("max connections must be <= %d", GOTD_MAXCLIENTS);
1282 return -1;
1285 if (gotd_parseuid(user, &uid) == -1) {
1286 yyerror("%s: no such user", user);
1287 return -1;
1290 limit = gotd_find_uid_connection_limit(gotd->connection_limits,
1291 gotd->nconnection_limits, uid);
1292 if (limit) {
1293 limit->max_connections = maximum;
1294 return 0;
1297 limit = gotd->connection_limits;
1298 nlimits = gotd->nconnection_limits + 1;
1299 limit = reallocarray(limit, nlimits, sizeof(*limit));
1300 if (limit == NULL)
1301 fatal("reallocarray");
1303 limit[nlimits - 1].uid = uid;
1304 limit[nlimits - 1].max_connections = maximum;
1306 gotd->connection_limits = limit;
1307 gotd->nconnection_limits = nlimits;
1308 qsort(gotd->connection_limits, gotd->nconnection_limits,
1309 sizeof(gotd->connection_limits[0]), uid_connection_limit_cmp);
1311 return 0;
1314 static struct gotd_repo *
1315 conf_new_repo(const char *name)
1317 struct gotd_repo *repo;
1319 if (name[0] == '\0') {
1320 fatalx("syntax error: empty repository name found in %s",
1321 file->name);
1324 if (strchr(name, '\n') != NULL)
1325 fatalx("repository names must not contain linefeeds: %s", name);
1327 repo = calloc(1, sizeof(*repo));
1328 if (repo == NULL)
1329 fatalx("%s: calloc", __func__);
1331 STAILQ_INIT(&repo->rules);
1332 TAILQ_INIT(&repo->protected_tag_namespaces);
1333 TAILQ_INIT(&repo->protected_branch_namespaces);
1334 TAILQ_INIT(&repo->protected_branches);
1335 TAILQ_INIT(&repo->protected_branches);
1336 TAILQ_INIT(&repo->notification_refs);
1337 TAILQ_INIT(&repo->notification_ref_namespaces);
1338 STAILQ_INIT(&repo->notification_targets);
1340 if (strlcpy(repo->name, name, sizeof(repo->name)) >=
1341 sizeof(repo->name))
1342 fatalx("%s: strlcpy", __func__);
1344 TAILQ_INSERT_TAIL(&gotd->repos, repo, entry);
1345 gotd->nrepos++;
1347 return repo;
1350 static void
1351 conf_new_access_rule(struct gotd_repo *repo, enum gotd_access access,
1352 int authorization, char *identifier)
1354 struct gotd_access_rule *rule;
1356 rule = calloc(1, sizeof(*rule));
1357 if (rule == NULL)
1358 fatal("calloc");
1360 rule->access = access;
1361 rule->authorization = authorization;
1362 rule->identifier = identifier;
1364 STAILQ_INSERT_TAIL(&repo->rules, rule, entry);
1367 static int
1368 refname_is_valid(char *refname)
1370 if (strncmp(refname, "refs/", 5) != 0) {
1371 yyerror("reference name must begin with \"refs/\": %s",
1372 refname);
1373 return 0;
1376 if (!got_ref_name_is_valid(refname)) {
1377 yyerror("invalid reference name: %s", refname);
1378 return 0;
1381 return 1;
1384 static int
1385 conf_protect_ref_namespace(char **new, struct got_pathlist_head *refs,
1386 char *namespace)
1388 const struct got_error *error;
1389 struct got_pathlist_entry *pe;
1390 char *s;
1392 *new = NULL;
1394 got_path_strip_trailing_slashes(namespace);
1395 if (!refname_is_valid(namespace))
1396 return -1;
1397 if (asprintf(&s, "%s/", namespace) == -1) {
1398 yyerror("asprintf: %s", strerror(errno));
1399 return -1;
1402 error = got_pathlist_insert(&pe, refs, s, NULL);
1403 if (error || pe == NULL) {
1404 free(s);
1405 if (error)
1406 yyerror("got_pathlist_insert: %s", error->msg);
1407 else
1408 yyerror("duplicate protected namespace %s", namespace);
1409 return -1;
1412 *new = s;
1413 return 0;
1416 static int
1417 conf_protect_tag_namespace(struct gotd_repo *repo, char *namespace)
1419 struct got_pathlist_entry *pe;
1420 char *new;
1422 if (conf_protect_ref_namespace(&new, &repo->protected_tag_namespaces,
1423 namespace) == -1)
1424 return -1;
1426 TAILQ_FOREACH(pe, &repo->protected_branch_namespaces, entry) {
1427 if (strcmp(pe->path, new) == 0) {
1428 yyerror("duplicate protected namespace %s", namespace);
1429 return -1;
1433 return 0;
1436 static int
1437 conf_protect_branch_namespace(struct gotd_repo *repo, char *namespace)
1439 struct got_pathlist_entry *pe;
1440 char *new;
1442 if (conf_protect_ref_namespace(&new,
1443 &repo->protected_branch_namespaces, namespace) == -1)
1444 return -1;
1446 TAILQ_FOREACH(pe, &repo->protected_tag_namespaces, entry) {
1447 if (strcmp(pe->path, new) == 0) {
1448 yyerror("duplicate protected namespace %s", namespace);
1449 return -1;
1453 return 0;
1456 static int
1457 conf_protect_branch(struct gotd_repo *repo, char *branchname)
1459 const struct got_error *error;
1460 struct got_pathlist_entry *new;
1461 char *refname;
1463 if (strncmp(branchname, "refs/heads/", 11) != 0) {
1464 if (asprintf(&refname, "refs/heads/%s", branchname) == -1) {
1465 yyerror("asprintf: %s", strerror(errno));
1466 return -1;
1468 } else {
1469 refname = strdup(branchname);
1470 if (refname == NULL) {
1471 yyerror("strdup: %s", strerror(errno));
1472 return -1;
1476 if (!refname_is_valid(refname)) {
1477 free(refname);
1478 return -1;
1481 error = got_pathlist_insert(&new, &repo->protected_branches,
1482 refname, NULL);
1483 if (error || new == NULL) {
1484 free(refname);
1485 if (error)
1486 yyerror("got_pathlist_insert: %s", error->msg);
1487 else
1488 yyerror("duplicate protect branch %s", branchname);
1489 return -1;
1492 return 0;
1495 static int
1496 conf_notify_branch(struct gotd_repo *repo, char *branchname)
1498 const struct got_error *error;
1499 struct got_pathlist_entry *pe;
1500 char *refname;
1502 if (strncmp(branchname, "refs/heads/", 11) != 0) {
1503 if (asprintf(&refname, "refs/heads/%s", branchname) == -1) {
1504 yyerror("asprintf: %s", strerror(errno));
1505 return -1;
1507 } else {
1508 refname = strdup(branchname);
1509 if (refname == NULL) {
1510 yyerror("strdup: %s", strerror(errno));
1511 return -1;
1515 if (!refname_is_valid(refname)) {
1516 free(refname);
1517 return -1;
1520 error = got_pathlist_insert(&pe, &repo->notification_refs,
1521 refname, NULL);
1522 if (error) {
1523 free(refname);
1524 yyerror("got_pathlist_insert: %s", error->msg);
1525 return -1;
1527 if (pe == NULL)
1528 free(refname);
1530 return 0;
1533 static int
1534 conf_notify_ref_namespace(struct gotd_repo *repo, char *namespace)
1536 const struct got_error *error;
1537 struct got_pathlist_entry *pe;
1538 char *s;
1540 got_path_strip_trailing_slashes(namespace);
1541 if (!refname_is_valid(namespace))
1542 return -1;
1544 if (asprintf(&s, "%s/", namespace) == -1) {
1545 yyerror("asprintf: %s", strerror(errno));
1546 return -1;
1549 error = got_pathlist_insert(&pe, &repo->notification_ref_namespaces,
1550 s, NULL);
1551 if (error) {
1552 free(s);
1553 yyerror("got_pathlist_insert: %s", error->msg);
1554 return -1;
1556 if (pe == NULL)
1557 free(s);
1559 return 0;
1562 static int
1563 conf_notify_email(struct gotd_repo *repo, char *sender, char *recipient,
1564 char *responder, char *hostname, char *port)
1566 struct gotd_notification_target *target;
1568 STAILQ_FOREACH(target, &repo->notification_targets, entry) {
1569 if (target->type != GOTD_NOTIFICATION_VIA_EMAIL)
1570 continue;
1571 if (strcmp(target->conf.email.recipient, recipient) == 0) {
1572 yyerror("duplicate email notification for '%s' in "
1573 "repository '%s'", recipient, repo->name);
1574 return -1;
1578 target = calloc(1, sizeof(*target));
1579 if (target == NULL)
1580 fatal("calloc");
1581 target->type = GOTD_NOTIFICATION_VIA_EMAIL;
1582 if (sender) {
1583 target->conf.email.sender = strdup(sender);
1584 if (target->conf.email.sender == NULL)
1585 fatal("strdup");
1587 target->conf.email.recipient = strdup(recipient);
1588 if (target->conf.email.recipient == NULL)
1589 fatal("strdup");
1590 if (responder) {
1591 target->conf.email.responder = strdup(responder);
1592 if (target->conf.email.responder == NULL)
1593 fatal("strdup");
1595 if (hostname) {
1596 target->conf.email.hostname = strdup(hostname);
1597 if (target->conf.email.hostname == NULL)
1598 fatal("strdup");
1600 if (port) {
1601 target->conf.email.port = strdup(port);
1602 if (target->conf.email.port == NULL)
1603 fatal("strdup");
1606 STAILQ_INSERT_TAIL(&repo->notification_targets, target, entry);
1607 return 0;
1610 static int
1611 conf_notify_http(struct gotd_repo *repo, char *url, char *auth, char *hmac,
1612 int insecure)
1614 const struct got_error *error;
1615 struct gotd_notification_target *target;
1616 char *proto, *hostname, *port, *path;
1617 int tls = 0, ret = 0;
1619 error = gotd_parse_url(&proto, &hostname, &port, &path, url);
1620 if (error) {
1621 yyerror("invalid HTTP notification URL '%s' in "
1622 "repository '%s': %s", url, repo->name, error->msg);
1623 return -1;
1626 tls = !strcmp(proto, "https");
1628 if (strcmp(proto, "http") != 0 && strcmp(proto, "https") != 0) {
1629 yyerror("invalid protocol '%s' in notification URL '%s' in "
1630 "repository '%s", proto, url, repo->name);
1631 ret = -1;
1632 goto done;
1635 if (port == NULL) {
1636 if (strcmp(proto, "http") == 0)
1637 port = strdup("80");
1638 if (strcmp(proto, "https") == 0)
1639 port = strdup("443");
1640 if (port == NULL) {
1641 error = got_error_from_errno("strdup");
1642 ret = -1;
1643 goto done;
1647 if (auth != NULL && gotd_proc_id == PROC_GOTD &&
1648 (gotd->secrets == NULL || gotd_secrets_get(gotd->secrets,
1649 GOTD_SECRET_AUTH, auth) == NULL)) {
1650 yyerror("no auth secret `%s' defined", auth);
1651 ret = -1;
1652 goto done;
1655 if (hmac != NULL && gotd_proc_id == PROC_GOTD &&
1656 (gotd->secrets == NULL && gotd_secrets_get(gotd->secrets,
1657 GOTD_SECRET_HMAC, hmac) == NULL)) {
1658 yyerror("no hmac secret `%s' defined", hmac);
1659 ret = -1;
1660 goto done;
1663 if (!insecure && strcmp(proto, "http") == 0 && auth) {
1664 yyerror("%s: HTTP notifications with basic authentication "
1665 "over plaintext HTTP will leak credentials; add the "
1666 "'insecure' config keyword if this is intentional", url);
1667 ret = -1;
1668 goto done;
1671 STAILQ_FOREACH(target, &repo->notification_targets, entry) {
1672 if (target->type != GOTD_NOTIFICATION_VIA_HTTP)
1673 continue;
1674 if (target->conf.http.tls == tls &&
1675 !strcmp(target->conf.http.hostname, hostname) &&
1676 !strcmp(target->conf.http.port, port) &&
1677 !strcmp(target->conf.http.path, path)) {
1678 yyerror("duplicate notification for URL '%s' in "
1679 "repository '%s'", url, repo->name);
1680 ret = -1;
1681 goto done;
1685 target = calloc(1, sizeof(*target));
1686 if (target == NULL)
1687 fatal("calloc");
1688 target->type = GOTD_NOTIFICATION_VIA_HTTP;
1689 target->conf.http.tls = tls;
1690 target->conf.http.hostname = hostname;
1691 target->conf.http.port = port;
1692 target->conf.http.path = path;
1693 hostname = port = path = NULL;
1695 if (auth) {
1696 target->conf.http.auth = strdup(auth);
1697 if (target->conf.http.auth == NULL)
1698 fatal("strdup");
1700 if (hmac) {
1701 target->conf.http.hmac = strdup(hmac);
1702 if (target->conf.http.hmac == NULL)
1703 fatal("strdup");
1706 STAILQ_INSERT_TAIL(&repo->notification_targets, target, entry);
1707 done:
1708 free(proto);
1709 free(hostname);
1710 free(port);
1711 free(path);
1712 return ret;
1715 int
1716 symset(const char *nam, const char *val, int persist)
1718 struct sym *sym;
1720 TAILQ_FOREACH(sym, &symhead, entry) {
1721 if (strcmp(nam, sym->nam) == 0)
1722 break;
1725 if (sym != NULL) {
1726 if (sym->persist == 1)
1727 return (0);
1728 else {
1729 free(sym->nam);
1730 free(sym->val);
1731 TAILQ_REMOVE(&symhead, sym, entry);
1732 free(sym);
1735 sym = calloc(1, sizeof(*sym));
1736 if (sym == NULL)
1737 return (-1);
1739 sym->nam = strdup(nam);
1740 if (sym->nam == NULL) {
1741 free(sym);
1742 return (-1);
1744 sym->val = strdup(val);
1745 if (sym->val == NULL) {
1746 free(sym->nam);
1747 free(sym);
1748 return (-1);
1750 sym->used = 0;
1751 sym->persist = persist;
1752 TAILQ_INSERT_TAIL(&symhead, sym, entry);
1753 return (0);
1756 char *
1757 symget(const char *nam)
1759 struct sym *sym;
1761 TAILQ_FOREACH(sym, &symhead, entry) {
1762 if (strcmp(nam, sym->nam) == 0) {
1763 sym->used = 1;
1764 return (sym->val);
1767 return (NULL);
1770 struct gotd_repo *
1771 gotd_find_repo_by_name(const char *repo_name, struct gotd_repolist *repos)
1773 struct gotd_repo *repo;
1774 size_t namelen;
1776 TAILQ_FOREACH(repo, repos, entry) {
1777 namelen = strlen(repo->name);
1778 if (strncmp(repo->name, repo_name, namelen) != 0)
1779 continue;
1780 if (repo_name[namelen] == '\0' ||
1781 strcmp(&repo_name[namelen], ".git") == 0)
1782 return repo;
1785 return NULL;
1788 struct gotd_repo *
1789 gotd_find_repo_by_path(const char *repo_path, struct gotd *gotd)
1791 struct gotd_repo *repo;
1793 TAILQ_FOREACH(repo, &gotd->repos, entry) {
1794 if (strcmp(repo->path, repo_path) == 0)
1795 return repo;
1798 return NULL;
1801 struct gotd_uid_connection_limit *
1802 gotd_find_uid_connection_limit(struct gotd_uid_connection_limit *limits,
1803 size_t nlimits, uid_t uid)
1805 /* This array is always sorted to allow for binary search. */
1806 int i, left = 0, right = nlimits - 1;
1808 while (left <= right) {
1809 i = ((left + right) / 2);
1810 if (limits[i].uid == uid)
1811 return &limits[i];
1812 if (limits[i].uid > uid)
1813 left = i + 1;
1814 else
1815 right = i - 1;
1818 return NULL;
1821 int
1822 gotd_parseuid(const char *s, uid_t *uid)
1824 struct passwd *pw;
1825 const char *errstr;
1827 if ((pw = getpwnam(s)) != NULL) {
1828 *uid = pw->pw_uid;
1829 if (*uid == UID_MAX)
1830 return -1;
1831 return 0;
1833 *uid = strtonum(s, 0, UID_MAX - 1, &errstr);
1834 if (errstr)
1835 return -1;
1836 return 0;
1839 const struct got_error *
1840 gotd_parse_url(char **proto, char **host, char **port,
1841 char **request_path, const char *url)
1843 const struct got_error *err = NULL;
1844 char *s, *p, *q;
1846 *proto = *host = *port = *request_path = NULL;
1848 p = strstr(url, "://");
1849 if (!p)
1850 return got_error(GOT_ERR_PARSE_URI);
1852 *proto = strndup(url, p - url);
1853 if (*proto == NULL) {
1854 err = got_error_from_errno("strndup");
1855 goto done;
1857 s = p + 3;
1859 p = strstr(s, "/");
1860 if (p == NULL) {
1861 err = got_error(GOT_ERR_PARSE_URI);
1862 goto done;
1865 q = memchr(s, ':', p - s);
1866 if (q) {
1867 *host = strndup(s, q - s);
1868 if (*host == NULL) {
1869 err = got_error_from_errno("strndup");
1870 goto done;
1872 if ((*host)[0] == '\0') {
1873 err = got_error(GOT_ERR_PARSE_URI);
1874 goto done;
1876 *port = strndup(q + 1, p - (q + 1));
1877 if (*port == NULL) {
1878 err = got_error_from_errno("strndup");
1879 goto done;
1881 if ((*port)[0] == '\0') {
1882 err = got_error(GOT_ERR_PARSE_URI);
1883 goto done;
1885 } else {
1886 *host = strndup(s, p - s);
1887 if (*host == NULL) {
1888 err = got_error_from_errno("strndup");
1889 goto done;
1891 if ((*host)[0] == '\0') {
1892 err = got_error(GOT_ERR_PARSE_URI);
1893 goto done;
1897 while (p[0] == '/' && p[1] == '/')
1898 p++;
1899 *request_path = strdup(p);
1900 if (*request_path == NULL) {
1901 err = got_error_from_errno("strdup");
1902 goto done;
1904 if ((*request_path)[0] == '\0') {
1905 err = got_error(GOT_ERR_PARSE_URI);
1906 goto done;
1908 done:
1909 if (err) {
1910 free(*proto);
1911 *proto = NULL;
1912 free(*host);
1913 *host = NULL;
1914 free(*port);
1915 *port = NULL;
1916 free(*request_path);
1917 *request_path = NULL;
1919 return err;
1922 static char *
1923 port_sprintf(int p)
1925 static char portno[32];
1926 int n;
1928 n = snprintf(portno, sizeof(portno), "%lld", (long long)p);
1929 if (n < 0 || (size_t)n >= sizeof(portno))
1930 fatalx("port number too long: %lld", (long long)p);
1932 return portno;