2 * Copyright (c) 2022 Stefan Sperling <stsp@openbsd.org>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 #include <sys/queue.h>
20 #include <sys/types.h>
38 #include "got_error.h"
39 #include "got_repository.h"
40 #include "got_object.h"
41 #include "got_reference.h"
44 #include "got_lib_delta.h"
45 #include "got_lib_delta_cache.h"
46 #include "got_lib_object.h"
47 #include "got_lib_object_cache.h"
48 #include "got_lib_ratelimit.h"
49 #include "got_lib_pack.h"
50 #include "got_lib_pack_index.h"
51 #include "got_lib_repository.h"
52 #include "got_lib_poll.h"
54 #include "got_lib_sha1.h" /* XXX temp include for debugging */
58 #include "repo_write.h"
61 #define nitems(_a) (sizeof((_a)) / sizeof((_a)[0]))
64 static struct repo_write {
67 struct got_repository *repo;
72 struct gotd_ref_update {
73 STAILQ_ENTRY(gotd_ref_update) entry;
74 struct got_reference *ref;
76 struct got_object_id old_id;
77 struct got_object_id new_id;
79 STAILQ_HEAD(gotd_ref_updates, gotd_ref_update);
81 struct repo_write_client {
82 STAILQ_ENTRY(repo_write_client) entry;
87 uint8_t pack_sha1[SHA1_DIGEST_LENGTH];
89 struct gotd_ref_updates ref_updates;
92 STAILQ_HEAD(repo_write_clients, repo_write_client);
94 static struct repo_write_clients repo_write_clients[GOTD_CLIENT_TABLE_SIZE];
95 static SIPHASH_KEY clients_hash_key;
98 client_hash(uint32_t client_id)
100 return SipHash24(&clients_hash_key, &client_id, sizeof(client_id));
104 add_client(struct repo_write_client *client, uint32_t client_id, int fd)
108 client->id = client_id;
110 client->pack_pipe[0] = -1;
111 client->pack_pipe[1] = -1;
112 client->packidx_fd = -1;
113 STAILQ_INIT(&client->ref_updates);
114 client->nref_updates = 0;
115 slot = client_hash(client->id) % nitems(repo_write_clients);
116 STAILQ_INSERT_HEAD(&repo_write_clients[slot], client, entry);
119 static struct repo_write_client *
120 find_client(uint32_t client_id)
123 struct repo_write_client *c;
125 slot = client_hash(client_id) % nitems(repo_write_clients);
126 STAILQ_FOREACH(c, &repo_write_clients[slot], entry) {
127 if (c->id == client_id)
134 static volatile sig_atomic_t sigint_received;
135 static volatile sig_atomic_t sigterm_received;
138 catch_sigint(int signo)
144 catch_sigterm(int signo)
146 sigterm_received = 1;
149 static const struct got_error *
150 check_cancelled(void *arg)
152 if (sigint_received || sigterm_received)
153 return got_error(GOT_ERR_CANCELLED);
158 static const struct got_error *
159 send_peeled_tag_ref(struct got_reference *ref, struct got_object *obj,
160 struct imsgbuf *ibuf)
162 const struct got_error *err = NULL;
163 struct got_tag_object *tag;
165 char *peeled_refname = NULL;
166 struct got_object_id *id;
169 err = got_object_tag_open(&tag, repo_write.repo, obj);
173 if (asprintf(&peeled_refname, "%s^{}", got_ref_get_name(ref)) == -1) {
174 err = got_error_from_errno("asprintf");
178 id = got_object_tag_get_object_id(tag);
179 namelen = strlen(peeled_refname);
181 len = sizeof(struct gotd_imsg_ref) + namelen;
182 if (len > MAX_IMSGSIZE - IMSG_HEADER_SIZE) {
183 err = got_error(GOT_ERR_NO_SPACE);
187 wbuf = imsg_create(ibuf, GOTD_IMSG_REF, PROC_REPO_WRITE,
188 repo_write.pid, len);
190 err = got_error_from_errno("imsg_create REF");
194 /* Keep in sync with struct gotd_imsg_ref definition. */
195 if (imsg_add(wbuf, id->sha1, SHA1_DIGEST_LENGTH) == -1) {
196 err = got_error_from_errno("imsg_add REF");
199 if (imsg_add(wbuf, &namelen, sizeof(namelen)) == -1) {
200 err = got_error_from_errno("imsg_add REF");
203 if (imsg_add(wbuf, peeled_refname, namelen) == -1) {
204 err = got_error_from_errno("imsg_add REF");
209 imsg_close(ibuf, wbuf);
211 got_object_tag_close(tag);
215 static const struct got_error *
216 send_ref(struct got_reference *ref, struct imsgbuf *ibuf)
218 const struct got_error *err;
219 const char *refname = got_ref_get_name(ref);
221 struct got_object_id *id = NULL;
222 struct got_object *obj = NULL;
226 namelen = strlen(refname);
228 len = sizeof(struct gotd_imsg_ref) + namelen;
229 if (len > MAX_IMSGSIZE - IMSG_HEADER_SIZE)
230 return got_error(GOT_ERR_NO_SPACE);
232 err = got_ref_resolve(&id, repo_write.repo, ref);
236 wbuf = imsg_create(ibuf, GOTD_IMSG_REF, PROC_REPO_WRITE,
237 repo_write.pid, len);
239 err = got_error_from_errno("imsg_create REF");
243 /* Keep in sync with struct gotd_imsg_ref definition. */
244 if (imsg_add(wbuf, id->sha1, SHA1_DIGEST_LENGTH) == -1)
245 return got_error_from_errno("imsg_add REF");
246 if (imsg_add(wbuf, &namelen, sizeof(namelen)) == -1)
247 return got_error_from_errno("imsg_add REF");
248 if (imsg_add(wbuf, refname, namelen) == -1)
249 return got_error_from_errno("imsg_add REF");
252 imsg_close(ibuf, wbuf);
254 err = got_object_open(&obj, repo_write.repo, id);
257 if (obj->type == GOT_OBJ_TYPE_TAG)
258 err = send_peeled_tag_ref(ref, obj, ibuf);
261 got_object_close(obj);
266 static const struct got_error *
267 list_refs(struct repo_write_client **client, struct imsg *imsg)
269 const struct got_error *err;
270 struct got_reflist_head refs;
271 struct got_reflist_entry *re;
272 struct gotd_imsg_list_refs_internal ireq;
274 struct gotd_imsg_reflist irefs;
276 int client_fd = imsg->fd;
281 return got_error(GOT_ERR_PRIVSEP_NO_FD);
283 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
284 if (datalen != sizeof(ireq))
285 return got_error(GOT_ERR_PRIVSEP_LEN);
286 memcpy(&ireq, imsg->data, sizeof(ireq));
288 *client = find_client(ireq.client_id);
290 return got_error_msg(GOT_ERR_CLIENT_ID, "duplicate client ID");
292 *client = calloc(1, sizeof(**client));
294 return got_error_from_errno("calloc");
295 add_client(*client, ireq.client_id, client_fd);
297 imsg_init(&ibuf, client_fd);
299 err = got_ref_list(&refs, repo_write.repo, "",
300 got_ref_cmp_by_name, NULL);
304 memset(&irefs, 0, sizeof(irefs));
305 TAILQ_FOREACH(re, &refs, entry) {
306 struct got_object_id *id;
309 if (got_ref_is_symbolic(re->ref))
314 /* Account for a peeled tag refs. */
315 err = got_ref_resolve(&id, repo_write.repo, re->ref);
318 err = got_object_get_type(&obj_type, repo_write.repo, id);
322 if (obj_type == GOT_OBJ_TYPE_TAG)
326 if (imsg_compose(&ibuf, GOTD_IMSG_REFLIST, PROC_REPO_WRITE,
327 repo_write.pid, -1, &irefs, sizeof(irefs)) == -1) {
328 err = got_error_from_errno("imsg_compose REFLIST");
332 TAILQ_FOREACH(re, &refs, entry) {
333 if (got_ref_is_symbolic(re->ref))
335 err = send_ref(re->ref, &ibuf);
340 err = gotd_imsg_flush(&ibuf);
342 got_ref_list_free(&refs);
347 static const struct got_error *
348 protect_ref_namespace(struct got_reference *ref, const char *namespace)
350 size_t len = strlen(namespace);
352 if (len < 5 || strncmp("refs/", namespace, 5) != 0 ||
353 namespace[len -1] != '/') {
354 return got_error_fmt(GOT_ERR_BAD_REF_NAME,
355 "reference namespace '%s'", namespace);
358 if (strncmp(namespace, got_ref_get_name(ref), len) == 0)
359 return got_error_fmt(GOT_ERR_REFS_PROTECTED, "%s", namespace);
364 static const struct got_error *
365 recv_ref_update(struct repo_write_client **client, struct imsg *imsg)
367 const struct got_error *err = NULL;
368 struct gotd_imsg_ref_update iref;
370 char *refname = NULL;
371 struct got_reference *ref = NULL;
372 struct got_object_id *id = NULL;
374 struct gotd_ref_update *ref_update = NULL;
376 log_debug("ref-update received");
378 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
379 if (datalen < sizeof(iref))
380 return got_error(GOT_ERR_PRIVSEP_LEN);
381 memcpy(&iref, imsg->data, sizeof(iref));
382 if (datalen != sizeof(iref) + iref.name_len)
383 return got_error(GOT_ERR_PRIVSEP_LEN);
385 *client = find_client(iref.client_id);
387 return got_error(GOT_ERR_CLIENT_ID);
389 imsg_init(&ibuf, (*client)->fd);
391 refname = malloc(iref.name_len + 1);
393 return got_error_from_errno("malloc");
394 memcpy(refname, imsg->data + sizeof(iref), iref.name_len);
395 refname[iref.name_len] = '\0';
397 ref_update = calloc(1, sizeof(*ref_update));
398 if (ref_update == NULL) {
399 err = got_error_from_errno("malloc");
403 memcpy(ref_update->old_id.sha1, iref.old_id, SHA1_DIGEST_LENGTH);
404 memcpy(ref_update->new_id.sha1, iref.new_id, SHA1_DIGEST_LENGTH);
406 err = got_ref_open(&ref, repo_write.repo, refname, 0);
408 if (err->code != GOT_ERR_NOT_REF)
410 err = got_ref_alloc(&ref, refname, &ref_update->new_id);
413 ref_update->ref_is_new = 1;
415 if (got_ref_is_symbolic(ref)) {
416 err = got_error_fmt(GOT_ERR_BAD_REF_TYPE,
417 "'%s' is a symbolic reference and cannot "
418 "be updated", got_ref_get_name(ref));
421 if (strncmp("refs/", got_ref_get_name(ref), 5) != 0) {
422 err = got_error_fmt(GOT_ERR_BAD_REF_NAME,
423 "%s: does not begin with 'refs/'",
424 got_ref_get_name(ref));
428 err = protect_ref_namespace(ref, "refs/got/");
431 err = protect_ref_namespace(ref, "refs/remotes/");
435 if (!ref_update->ref_is_new) {
437 * Ensure the client's idea of this update is still valid.
438 * At this point we can only return an error, to prevent
439 * the client from uploading a pack file which will likely
440 * have to be discarded.
442 err = got_ref_resolve(&id, repo_write.repo, ref);
446 if (got_object_id_cmp(id, &ref_update->old_id) != 0) {
447 err = got_error_fmt(GOT_ERR_REF_BUSY,
448 "%s has been modified by someone else "
449 "while transaction was in progress",
450 got_ref_get_name(ref));
455 gotd_imsg_send_ack(&ref_update->new_id, &ibuf, PROC_REPO_WRITE,
458 ref_update->ref = ref;
459 STAILQ_INSERT_HEAD(&(*client)->ref_updates, ref_update, entry);
460 (*client)->nref_updates++;
472 static const struct got_error *
473 pack_index_progress(void *arg, uint32_t nobj_total, uint32_t nobj_indexed,
474 uint32_t nobj_loose, uint32_t nobj_resolved)
476 int p_indexed = 0, p_resolved = 0;
477 int nobj_delta = nobj_total - nobj_loose;
480 p_indexed = (nobj_indexed * 100) / nobj_total;
483 p_resolved = (nobj_resolved * 100) / nobj_delta;
485 if (p_resolved > 0) {
486 log_debug("indexing %d objects %d%%; resolving %d deltas %d%%",
487 nobj_total, p_indexed, nobj_delta, p_resolved);
489 log_debug("indexing %d objects %d%%", nobj_total, p_indexed);
494 static const struct got_error *
495 read_more_pack_stream(int infd, BUF *buf, size_t minsize)
497 const struct got_error *err = NULL;
498 uint8_t readahead[65536];
501 err = got_poll_read_full(infd, &have,
502 readahead, sizeof(readahead), minsize);
506 err = buf_append(&newlen, buf, readahead, have);
512 static const struct got_error *
513 copy_object_type_and_size(uint8_t *type, uint64_t *size, int infd, int outfd,
514 off_t *outsize, BUF *buf, size_t *buf_pos, SHA1_CTX *ctx)
516 const struct got_error *err = NULL;
521 off_t obj_offset = *outsize;
524 /* We do not support size values which don't fit in 64 bit. */
526 return got_error_fmt(GOT_ERR_OBJ_TOO_LARGE,
527 "packfile offset %llu", obj_offset);
529 if (buf_len(buf) - *buf_pos < sizeof(sizebuf[0])) {
530 err = read_more_pack_stream(infd, buf,
536 sizebuf[i] = buf_getc(buf, *buf_pos);
537 *buf_pos += sizeof(sizebuf[i]);
540 t = (sizebuf[i] & GOT_PACK_OBJ_SIZE0_TYPE_MASK) >>
541 GOT_PACK_OBJ_SIZE0_TYPE_MASK_SHIFT;
542 s = (sizebuf[i] & GOT_PACK_OBJ_SIZE0_VAL_MASK);
544 size_t shift = 4 + 7 * (i - 1);
545 s |= ((sizebuf[i] & GOT_PACK_OBJ_SIZE_VAL_MASK) <<
549 } while (sizebuf[i - 1] & GOT_PACK_OBJ_SIZE_MORE);
551 err = got_pack_hwrite(outfd, sizebuf, i, ctx);
561 static const struct got_error *
562 copy_ref_delta(int infd, int outfd, off_t *outsize, BUF *buf, size_t *buf_pos,
565 const struct got_error *err = NULL;
566 size_t remain = buf_len(buf) - *buf_pos;
568 if (remain < SHA1_DIGEST_LENGTH) {
569 err = read_more_pack_stream(infd, buf,
570 SHA1_DIGEST_LENGTH - remain);
575 err = got_pack_hwrite(outfd, buf_get(buf) + *buf_pos,
576 SHA1_DIGEST_LENGTH, ctx);
580 *buf_pos += SHA1_DIGEST_LENGTH;
584 static const struct got_error *
585 copy_offset_delta(int infd, int outfd, off_t *outsize, BUF *buf, size_t *buf_pos,
588 const struct got_error *err = NULL;
592 off_t obj_offset = *outsize;
595 /* We do not support offset values which don't fit in 64 bit. */
597 return got_error_fmt(GOT_ERR_OBJ_TOO_LARGE,
598 "packfile offset %llu", obj_offset);
600 if (buf_len(buf) - *buf_pos < sizeof(offbuf[0])) {
601 err = read_more_pack_stream(infd, buf,
607 offbuf[i] = buf_getc(buf, *buf_pos);
608 *buf_pos += sizeof(offbuf[i]);
611 o = (offbuf[i] & GOT_PACK_OBJ_DELTA_OFF_VAL_MASK);
615 o += (offbuf[i] & GOT_PACK_OBJ_DELTA_OFF_VAL_MASK);
618 } while (offbuf[i - 1] & GOT_PACK_OBJ_DELTA_OFF_MORE);
620 if (o < sizeof(struct got_packfile_hdr) || o > *outsize)
621 return got_error(GOT_ERR_PACK_OFFSET);
623 err = got_pack_hwrite(outfd, offbuf, i, ctx);
631 static const struct got_error *
632 copy_zstream(int infd, int outfd, off_t *outsize, BUF *buf, size_t *buf_pos,
635 const struct got_error *err = NULL;
639 size_t consumed_total = 0;
640 off_t zstream_offset = *outsize;
642 memset(&z, 0, sizeof(z));
646 zret = inflateInit(&z);
649 return got_error_from_errno("inflateInit");
650 if (zret == Z_MEM_ERROR) {
652 return got_error_from_errno("inflateInit");
654 return got_error_msg(GOT_ERR_DECOMPRESSION,
655 "inflateInit failed");
658 while (zret != Z_STREAM_END) {
659 size_t last_total_in, consumed;
662 * Decompress into the void. Object data will be parsed
663 * later, when the pack file is indexed. For now, we just
664 * want to locate the end of the compressed stream.
666 while (zret != Z_STREAM_END && buf_len(buf) - *buf_pos > 0) {
667 last_total_in = z.total_in;
668 z.next_in = buf_get(buf) + *buf_pos;
669 z.avail_in = buf_len(buf) - *buf_pos;
670 z.next_out = voidbuf;
671 z.avail_out = sizeof(voidbuf);
673 zret = inflate(&z, Z_SYNC_FLUSH);
674 if (zret != Z_OK && zret != Z_BUF_ERROR &&
675 zret != Z_STREAM_END) {
676 err = got_error_fmt(GOT_ERR_DECOMPRESSION,
677 "packfile offset %llu", zstream_offset);
680 consumed = z.total_in - last_total_in;
682 err = got_pack_hwrite(outfd, buf_get(buf) + *buf_pos,
687 err = buf_discard(buf, *buf_pos + consumed);
692 consumed_total += consumed;
695 if (zret != Z_STREAM_END) {
696 err = read_more_pack_stream(infd, buf, 1);
703 *outsize += consumed_total;
709 static const struct got_error *
710 validate_object_type(int obj_type)
713 case GOT_OBJ_TYPE_BLOB:
714 case GOT_OBJ_TYPE_COMMIT:
715 case GOT_OBJ_TYPE_TREE:
716 case GOT_OBJ_TYPE_TAG:
717 case GOT_OBJ_TYPE_REF_DELTA:
718 case GOT_OBJ_TYPE_OFFSET_DELTA:
724 return got_error(GOT_ERR_OBJ_TYPE);
727 static const struct got_error *
728 recv_packdata(off_t *outsize, uint8_t *sha1, int infd, int outfd)
730 const struct got_error *err;
731 struct got_packfile_hdr hdr;
733 uint32_t nobj, nhave = 0;
735 uint8_t expected_sha1[SHA1_DIGEST_LENGTH];
736 char hex[SHA1_DIGEST_STRING_LENGTH];
738 size_t buf_pos = 0, remain;
744 err = got_poll_read_full(infd, &have, &hdr, sizeof(hdr), sizeof(hdr));
747 if (have != sizeof(hdr))
748 return got_error_msg(GOT_ERR_BAD_PACKFILE, "short pack file");
751 if (hdr.signature != htobe32(GOT_PACKFILE_SIGNATURE))
752 return got_error_msg(GOT_ERR_BAD_PACKFILE,
753 "bad packfile signature");
754 if (hdr.version != htobe32(GOT_PACKFILE_VERSION))
755 return got_error_msg(GOT_ERR_BAD_PACKFILE,
756 "bad packfile version");
758 nobj = be32toh(hdr.nobjects);
760 return got_error_msg(GOT_ERR_BAD_PACKFILE,
761 "bad packfile with zero objects");
763 log_debug("expecting %d objects", nobj);
765 err = got_pack_hwrite(outfd, &hdr, sizeof(hdr), &ctx);
769 err = buf_alloc(&buf, 65536);
773 while (nhave != nobj) {
777 err = copy_object_type_and_size(&obj_type, &obj_size,
778 infd, outfd, outsize, buf, &buf_pos, &ctx);
782 err = validate_object_type(obj_type);
786 if (obj_type == GOT_OBJ_TYPE_REF_DELTA) {
787 err = copy_ref_delta(infd, outfd, outsize,
788 buf, &buf_pos, &ctx);
791 } else if (obj_type == GOT_OBJ_TYPE_OFFSET_DELTA) {
792 err = copy_offset_delta(infd, outfd, outsize,
793 buf, &buf_pos, &ctx);
798 err = copy_zstream(infd, outfd, outsize, buf, &buf_pos, &ctx);
805 log_debug("received %u objects", nobj);
807 SHA1Final(expected_sha1, &ctx);
809 remain = buf_len(buf) - buf_pos;
810 if (remain < SHA1_DIGEST_LENGTH) {
811 err = read_more_pack_stream(infd, buf,
812 SHA1_DIGEST_LENGTH - remain);
817 got_sha1_digest_to_str(expected_sha1, hex, sizeof(hex));
818 log_debug("expect SHA1: %s", hex);
819 got_sha1_digest_to_str(buf_get(buf) + buf_pos, hex, sizeof(hex));
820 log_debug("actual SHA1: %s", hex);
822 if (memcmp(buf_get(buf) + buf_pos, expected_sha1,
823 SHA1_DIGEST_LENGTH) != 0) {
824 err = got_error(GOT_ERR_PACKFILE_CSUM);
828 memcpy(sha1, expected_sha1, SHA1_DIGEST_LENGTH);
830 w = write(outfd, expected_sha1, SHA1_DIGEST_LENGTH);
832 err = got_error_from_errno("write");
835 if (w != SHA1_DIGEST_LENGTH) {
836 err = got_error(GOT_ERR_IO);
840 *outsize += SHA1_DIGEST_LENGTH;
842 if (fsync(outfd) == -1) {
843 err = got_error_from_errno("fsync");
846 if (lseek(outfd, 0L, SEEK_SET) == -1) {
847 err = got_error_from_errno("lseek");
855 static const struct got_error *
856 report_pack_status(struct repo_write_client *client,
857 const struct got_error *unpack_err)
859 const struct got_error *err = NULL;
860 struct gotd_imsg_packfile_status istatus;
863 const char *unpack_ok = "unpack ok\n";
866 imsg_init(&ibuf, client->fd);
869 istatus.reason_len = strlen(unpack_err->msg);
871 istatus.reason_len = strlen(unpack_ok);
873 len = sizeof(istatus) + istatus.reason_len;
874 wbuf = imsg_create(&ibuf, GOTD_IMSG_PACKFILE_STATUS, PROC_REPO_WRITE,
875 repo_write.pid, len);
877 err = got_error_from_errno("imsg_create PACKFILE_STATUS");
881 if (imsg_add(wbuf, &istatus, sizeof(istatus)) == -1) {
882 err = got_error_from_errno("imsg_add PACKFILE_STATUS");
886 if (imsg_add(wbuf, err ? err->msg : unpack_ok,
887 istatus.reason_len) == -1) {
888 err = got_error_from_errno("imsg_add PACKFILE_STATUS");
893 imsg_close(&ibuf, wbuf);
895 err = gotd_imsg_flush(&ibuf);
901 static const struct got_error *
902 recv_packfile(struct repo_write_client **client, struct imsg *imsg)
904 const struct got_error *err = NULL, *unpack_err;
905 struct gotd_imsg_recv_packfile ireq;
906 FILE *tempfiles[3] = { NULL, NULL, NULL };
907 struct repo_tempfile {
910 } repo_tempfiles[3] = { { - 1, - 1 }, { - 1, - 1 }, { - 1, - 1 }, };
914 struct got_ratelimit rl;
915 struct got_pack *pack = NULL;
916 off_t pack_filesize = 0;
918 log_debug("packfile request received");
920 got_ratelimit_init(&rl, 2, 0);
922 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
923 if (datalen != sizeof(ireq))
924 return got_error(GOT_ERR_PRIVSEP_LEN);
925 memcpy(&ireq, imsg->data, sizeof(ireq));
927 *client = find_client(ireq.client_id);
928 if (*client == NULL || STAILQ_EMPTY(&(*client)->ref_updates))
929 return got_error(GOT_ERR_CLIENT_ID);
931 if ((*client)->pack_pipe[0] == -1 ||
932 (*client)->pack_pipe[1] == -1 ||
933 (*client)->packidx_fd == -1)
934 return got_error(GOT_ERR_PRIVSEP_NO_FD);
936 imsg_init(&ibuf, (*client)->fd);
939 return got_error(GOT_ERR_PRIVSEP_NO_FD);
941 pack = &(*client)->pack;
942 memset(pack, 0, sizeof(*pack));
944 err = got_delta_cache_alloc(&pack->delta_cache);
948 for (i = 0; i < nitems(repo_tempfiles); i++) {
949 struct repo_tempfile *t = &repo_tempfiles[i];
950 err = got_repo_temp_fds_get(&t->fd, &t->idx, repo_write.repo);
955 for (i = 0; i < nitems(tempfiles); i++) {
956 int fd = dup(repo_tempfiles[i].fd);
959 err = got_error_from_errno("dup");
962 f = fdopen(fd, "w+");
964 err = got_error_from_errno("dup");
971 /* Send pack file pipe to gotsh(1). */
972 if (imsg_compose(&ibuf, GOTD_IMSG_RECV_PACKFILE, PROC_REPO_WRITE,
973 repo_write.pid, (*client)->pack_pipe[1], NULL, 0) == -1) {
974 (*client)->pack_pipe[1] = -1;
975 err = got_error_from_errno("imsg_compose ACK");
979 (*client)->pack_pipe[1] = -1;
980 err = gotd_imsg_flush(&ibuf);
984 log_debug("receiving pack data");
985 unpack_err = recv_packdata(&pack_filesize, (*client)->pack_sha1,
986 (*client)->pack_pipe[0], pack->fd);
987 if (ireq.report_status) {
988 err = report_pack_status(*client, unpack_err);
990 /* Git clients hang up after sending the pack file. */
991 if (err->code == GOT_ERR_EOF)
1000 log_debug("pack data received");
1002 /* XXX size_t vs off_t, both should be off_t */
1003 if (pack_filesize >= SIZE_MAX) {
1004 err = got_error_msg(GOT_ERR_BAD_PACKFILE,
1005 "pack file too large");
1008 pack->filesize = pack_filesize;
1010 log_debug("begin indexing pack (%zu bytes in size)", pack->filesize);
1011 err = got_pack_index(pack, (*client)->packidx_fd,
1012 tempfiles[0], tempfiles[1], tempfiles[2], (*client)->pack_sha1,
1013 pack_index_progress, NULL, &rl);
1016 log_debug("done indexing pack");
1018 if (fsync((*client)->packidx_fd) == -1) {
1019 err = got_error_from_errno("fsync");
1022 if (lseek((*client)->packidx_fd, 0L, SEEK_SET) == -1)
1023 err = got_error_from_errno("lseek");
1025 if (close((*client)->pack_pipe[0]) == -1 && err == NULL)
1026 err = got_error_from_errno("close");
1027 (*client)->pack_pipe[0] = -1;
1028 for (i = 0; i < nitems(repo_tempfiles); i++) {
1029 struct repo_tempfile *t = &repo_tempfiles[i];
1031 got_repo_temp_fds_put(t->idx, repo_write.repo);
1033 for (i = 0; i < nitems(tempfiles); i++) {
1034 if (tempfiles[i] && fclose(tempfiles[i]) == EOF && err == NULL)
1035 err = got_error_from_errno("fclose");
1038 got_pack_close(pack);
1043 static const struct got_error *
1044 verify_packfile(struct repo_write_client *client)
1046 const struct got_error *err = NULL, *close_err;
1047 struct gotd_ref_update *ref_update;
1048 struct got_packidx *packidx = NULL;
1050 char *id_str = NULL;
1053 if (STAILQ_EMPTY(&client->ref_updates)) {
1054 return got_error_msg(GOT_ERR_BAD_REQUEST,
1055 "cannot verify pack file without any ref-updates");
1058 if (client->pack.fd == -1) {
1059 return got_error_msg(GOT_ERR_BAD_REQUEST,
1060 "invalid pack file handle during pack verification");
1062 if (client->packidx_fd == -1) {
1063 return got_error_msg(GOT_ERR_BAD_REQUEST,
1064 "invalid pack index handle during pack verification");
1067 if (fstat(client->packidx_fd, &sb) == -1)
1068 return got_error_from_errno("pack index fstat");
1070 packidx = malloc(sizeof(*packidx));
1071 memset(packidx, 0, sizeof(*packidx));
1072 packidx->fd = client->packidx_fd;
1073 client->packidx_fd = -1;
1074 packidx->len = sb.st_size;
1076 err = got_packidx_init_hdr(packidx, 1, client->pack.filesize);
1080 STAILQ_FOREACH(ref_update, &client->ref_updates, entry) {
1081 err = got_object_id_str(&id_str, &ref_update->new_id);
1085 idx = got_packidx_get_object_idx(packidx, &ref_update->new_id);
1087 err = got_error_fmt(GOT_ERR_BAD_PACKFILE,
1088 "advertised object %s is missing from pack file",
1095 close_err = got_packidx_close(packidx);
1096 if (close_err && err == NULL)
1102 static const struct got_error *
1103 install_packfile(struct repo_write_client *client, struct gotd_imsgev *iev)
1105 struct gotd_imsg_packfile_install inst;
1108 memset(&inst, 0, sizeof(inst));
1109 inst.client_id = client->id;
1110 memcpy(inst.pack_sha1, client->pack_sha1, SHA1_DIGEST_LENGTH);
1112 ret = gotd_imsg_compose_event(iev, GOTD_IMSG_PACKFILE_INSTALL,
1113 PROC_REPO_WRITE, -1, &inst, sizeof(inst));
1115 return got_error_from_errno("imsg_compose PACKFILE_INSTALL");
1120 static const struct got_error *
1121 send_ref_updates_start(struct repo_write_client *client, int nref_updates,
1122 struct gotd_imsgev *iev)
1124 struct gotd_imsg_ref_updates_start istart;
1127 memset(&istart, 0, sizeof(istart));
1128 istart.nref_updates = nref_updates;
1129 istart.client_id = client->id;
1131 ret = gotd_imsg_compose_event(iev, GOTD_IMSG_REF_UPDATES_START,
1132 PROC_REPO_WRITE, -1, &istart, sizeof(istart));
1134 return got_error_from_errno("imsg_compose REF_UPDATES_START");
1140 static const struct got_error *
1141 send_ref_update(struct repo_write_client *client,
1142 struct gotd_ref_update *ref_update, struct gotd_imsgev *iev)
1144 struct gotd_imsg_ref_update iref;
1145 const char *refname = got_ref_get_name(ref_update->ref);
1149 memset(&iref, 0, sizeof(iref));
1150 memcpy(iref.old_id, ref_update->old_id.sha1, SHA1_DIGEST_LENGTH);
1151 memcpy(iref.new_id, ref_update->new_id.sha1, SHA1_DIGEST_LENGTH);
1152 iref.ref_is_new = ref_update->ref_is_new;
1153 iref.client_id = client->id;
1154 iref.name_len = strlen(refname);
1156 len = sizeof(iref) + iref.name_len;
1157 wbuf = imsg_create(&iev->ibuf, GOTD_IMSG_REF_UPDATE, PROC_REPO_WRITE,
1158 repo_write.pid, len);
1160 return got_error_from_errno("imsg_create REF_UPDATE");
1162 if (imsg_add(wbuf, &iref, sizeof(iref)) == -1)
1163 return got_error_from_errno("imsg_add REF_UPDATE");
1164 if (imsg_add(wbuf, refname, iref.name_len) == -1)
1165 return got_error_from_errno("imsg_add REF_UPDATE");
1168 imsg_close(&iev->ibuf, wbuf);
1170 gotd_imsg_event_add(iev);
1174 static const struct got_error *
1175 update_refs(struct repo_write_client *client, struct gotd_imsgev *iev)
1177 const struct got_error *err = NULL;
1178 struct gotd_ref_update *ref_update;
1180 err = send_ref_updates_start(client, client->nref_updates, iev);
1184 STAILQ_FOREACH(ref_update, &client->ref_updates, entry) {
1185 err = send_ref_update(client, ref_update, iev);
1193 static const struct got_error *
1194 recv_disconnect(struct imsg *imsg)
1196 const struct got_error *err = NULL;
1197 struct gotd_imsg_disconnect idisconnect;
1199 int client_fd = -1, pipe0 = -1, pipe1 = - 1, idxfd = -1;
1200 struct repo_write_client *client = NULL;
1203 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1204 if (datalen != sizeof(idisconnect))
1205 return got_error(GOT_ERR_PRIVSEP_LEN);
1206 memcpy(&idisconnect, imsg->data, sizeof(idisconnect));
1208 log_debug("client disconnecting");
1210 client = find_client(idisconnect.client_id);
1212 return got_error(GOT_ERR_CLIENT_ID);
1214 slot = client_hash(client->id) % nitems(repo_write_clients);
1215 STAILQ_REMOVE(&repo_write_clients[slot], client, repo_write_client,
1217 while (!STAILQ_EMPTY(&client->ref_updates)) {
1218 struct gotd_ref_update *ref_update;
1219 ref_update = STAILQ_FIRST(&client->ref_updates);
1220 STAILQ_REMOVE_HEAD(&client->ref_updates, entry);
1221 got_ref_close(ref_update->ref);
1224 err = got_pack_close(&client->pack);
1225 client_fd = client->fd;
1226 pipe0 = client->pack_pipe[0];
1227 pipe1 = client->pack_pipe[1];
1228 idxfd = client->packidx_fd;
1230 if (client_fd != -1 && close(client_fd) == -1)
1231 err = got_error_from_errno("close");
1232 if (pipe0 != -1 && close(pipe0) == -1 && err == NULL)
1233 err = got_error_from_errno("close");
1234 if (pipe1 != -1 && close(pipe1) == -1 && err == NULL)
1235 err = got_error_from_errno("close");
1236 if (idxfd != -1 && close(idxfd) == -1 && err == NULL)
1237 err = got_error_from_errno("close");
1241 static const struct got_error *
1242 receive_pack_pipe(struct repo_write_client **client, struct imsg *imsg,
1243 struct gotd_imsgev *iev)
1245 struct gotd_imsg_packfile_pipe ireq;
1248 log_debug("receving pack pipe descriptor");
1251 return got_error(GOT_ERR_PRIVSEP_NO_FD);
1253 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1254 if (datalen != sizeof(ireq))
1255 return got_error(GOT_ERR_PRIVSEP_LEN);
1256 memcpy(&ireq, imsg->data, sizeof(ireq));
1258 *client = find_client(ireq.client_id);
1259 if (*client == NULL)
1260 return got_error(GOT_ERR_CLIENT_ID);
1261 if ((*client)->pack_pipe[1] != -1)
1262 return got_error(GOT_ERR_PRIVSEP_MSG);
1264 if ((*client)->pack_pipe[0] == -1)
1265 (*client)->pack_pipe[0] = imsg->fd;
1267 (*client)->pack_pipe[1] = imsg->fd;
1272 static const struct got_error *
1273 receive_pack_idx(struct repo_write_client **client, struct imsg *imsg,
1274 struct gotd_imsgev *iev)
1276 struct gotd_imsg_packidx_file ireq;
1279 log_debug("receving pack index output file");
1282 return got_error(GOT_ERR_PRIVSEP_NO_FD);
1284 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1285 if (datalen != sizeof(ireq))
1286 return got_error(GOT_ERR_PRIVSEP_LEN);
1287 memcpy(&ireq, imsg->data, sizeof(ireq));
1289 *client = find_client(ireq.client_id);
1290 if (*client == NULL)
1291 return got_error(GOT_ERR_CLIENT_ID);
1292 if ((*client)->packidx_fd != -1)
1293 return got_error(GOT_ERR_PRIVSEP_MSG);
1295 (*client)->packidx_fd = imsg->fd;
1300 repo_write_dispatch(int fd, short event, void *arg)
1302 const struct got_error *err = NULL;
1303 struct gotd_imsgev *iev = arg;
1304 struct imsgbuf *ibuf = &iev->ibuf;
1306 struct repo_write_client *client = NULL;
1310 if (event & EV_READ) {
1311 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
1312 fatal("imsg_read error");
1313 if (n == 0) /* Connection closed. */
1317 if (event & EV_WRITE) {
1318 n = msgbuf_write(&ibuf->w);
1319 if (n == -1 && errno != EAGAIN)
1320 fatal("msgbuf_write");
1321 if (n == 0) /* Connection closed. */
1326 if ((n = imsg_get(ibuf, &imsg)) == -1)
1327 fatal("%s: imsg_get error", __func__);
1328 if (n == 0) /* No more messages. */
1331 switch (imsg.hdr.type) {
1332 case GOTD_IMSG_LIST_REFS_INTERNAL:
1333 err = list_refs(&client, &imsg);
1335 log_warnx("%s: ls-refs: %s", repo_write.title,
1338 case GOTD_IMSG_REF_UPDATE:
1339 err = recv_ref_update(&client, &imsg);
1341 log_warnx("%s: ref-update: %s",
1342 repo_write.title, err->msg);
1344 case GOTD_IMSG_PACKFILE_PIPE:
1345 err = receive_pack_pipe(&client, &imsg, iev);
1347 log_warnx("%s: receiving pack pipe: %s",
1348 repo_write.title, err->msg);
1352 case GOTD_IMSG_PACKIDX_FILE:
1353 err = receive_pack_idx(&client, &imsg, iev);
1355 log_warnx("%s: receiving pack index: %s",
1356 repo_write.title, err->msg);
1360 case GOTD_IMSG_RECV_PACKFILE:
1361 err = recv_packfile(&client, &imsg);
1363 log_warnx("%s: receive packfile: %s",
1364 repo_write.title, err->msg);
1367 err = verify_packfile(client);
1369 log_warnx("%s: verify packfile: %s",
1370 repo_write.title, err->msg);
1373 err = install_packfile(client, iev);
1375 log_warnx("%s: install packfile: %s",
1376 repo_write.title, err->msg);
1379 err = update_refs(client, iev);
1381 log_warnx("%s: update refs: %s",
1382 repo_write.title, err->msg);
1385 case GOTD_IMSG_DISCONNECT:
1386 err = recv_disconnect(&imsg);
1388 log_warnx("%s: disconnect: %s",
1389 repo_write.title, err->msg);
1392 log_debug("%s: unexpected imsg %d", repo_write.title,
1400 if (!shut && check_cancelled(NULL) == NULL) {
1402 gotd_imsg_send_error_event(iev, PROC_REPO_WRITE,
1403 client ? client->id : 0, err) == -1) {
1404 log_warnx("could not send error to parent: %s",
1407 gotd_imsg_event_add(iev);
1409 /* This pipe is dead. Remove its event handler */
1410 event_del(&iev->ev);
1411 event_loopexit(NULL);
1416 repo_write_main(const char *title, int *pack_fds, int *temp_fds)
1418 const struct got_error *err = NULL;
1419 struct gotd_imsgev iev;
1421 repo_write.title = title;
1422 repo_write.pid = getpid();
1423 repo_write.pack_fds = pack_fds;
1424 repo_write.temp_fds = temp_fds;
1426 arc4random_buf(&clients_hash_key, sizeof(clients_hash_key));
1429 * Open a repository in the root directory.
1430 * We are already in chroot at this point.
1432 err = got_repo_open(&repo_write.repo, "/", NULL, pack_fds);
1435 if (!got_repo_is_bare(repo_write.repo)) {
1436 err = got_error_msg(GOT_ERR_NOT_GIT_REPO,
1437 "bare git repository required");
1441 got_repo_temp_fds_set(repo_write.repo, temp_fds);
1443 signal(SIGINT, catch_sigint);
1444 signal(SIGTERM, catch_sigterm);
1445 signal(SIGPIPE, SIG_IGN);
1446 signal(SIGHUP, SIG_IGN);
1448 imsg_init(&iev.ibuf, GOTD_SOCK_FILENO);
1449 iev.handler = repo_write_dispatch;
1450 iev.events = EV_READ;
1451 iev.handler_arg = NULL;
1452 event_set(&iev.ev, iev.ibuf.fd, EV_READ, repo_write_dispatch, &iev);
1453 if (event_add(&iev.ev, NULL) == -1) {
1454 err = got_error_from_errno("event_add");
1461 log_warnx("%s: %s", title, err->msg);
1462 repo_write_shutdown();
1466 repo_write_shutdown(void)
1468 log_debug("%s: shutting down", repo_write.title);
1469 if (repo_write.repo)
1470 got_repo_close(repo_write.repo);
1471 got_repo_pack_fds_close(repo_write.pack_fds);
1472 got_repo_temp_fds_close(repo_write.pack_fds);