2 * Copyright (c) 2023 Stefan Sperling <stsp@openbsd.org>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 * Resolve path namespace conflicts for git-upload-pack and git-receive-pack.
21 #include <sys/queue.h>
22 #include <sys/types.h>
39 #include "got_error.h"
40 #include "got_object.h"
43 #include "got_lib_dial.h"
48 #ifndef GITWRAPPER_GIT_LIBEXEC_DIR
49 #define GITWRAPPER_GIT_LIBEXEC_DIR "/usr/local/libexec/git"
52 #ifndef GITWRAPPER_MY_SERVER_PROG
53 #define GITWRAPPER_MY_SERVER_PROG "gotsh"
60 fprintf(stderr, "usage: %s -c '%s|%s repository-path'\n",
61 getprogname(), GOT_DIAL_CMD_SEND, GOT_DIAL_CMD_FETCH);
66 * Unveil the specific programs we want to start and hide everything else.
67 * This is important to limit the impact of our "exec" pledge.
69 static const struct got_error *
70 apply_unveil(const char *myserver)
72 const char *fetchcmd = GITWRAPPER_GIT_LIBEXEC_DIR "/" \
74 const char *sendcmd = GITWRAPPER_GIT_LIBEXEC_DIR "/" \
78 if (unveil("gmon.out", "rwc") != 0)
79 return got_error_from_errno2("unveil", "gmon.out");
81 if (unveil(fetchcmd, "x") != 0 && errno != ENOENT)
82 return got_error_from_errno2("unveil", fetchcmd);
84 if (unveil(sendcmd, "x") != 0 && errno != ENOENT)
85 return got_error_from_errno2("unveil", sendcmd);
87 if (myserver && unveil(myserver, "x") != 0 && errno != ENOENT)
88 return got_error_from_errno2("unveil", myserver);
90 if (unveil(NULL, NULL) != 0)
91 return got_error_from_errno("unveil");
97 main(int argc, char *argv[])
99 const struct got_error *error;
100 const char *confpath = NULL;
101 char *command = NULL, *repo_name = NULL; /* for matching gotd.conf */
102 char *myserver = NULL;
103 const char *repo_path = NULL; /* as passed on the command line */
105 char *gitcommand = NULL;
107 struct gotd_repo *repo = NULL;
109 log_init(1, LOG_USER); /* Log to stderr. */
112 if (pledge("stdio rpath exec unveil", NULL) == -1)
117 * Look up our own server program in PATH so we can unveil(2) it.
118 * This call only errors out upon memory allocation failure.
119 * If the program cannot be found then myserver will be set to NULL.
121 error = got_path_find_prog(&myserver, GITWRAPPER_MY_SERVER_PROG);
126 * Run parse_config() before unveil(2) because parse_config()
127 * checks whether repository paths exist on disk.
128 * Parsing errors and warnings will be logged to stderr.
129 * Upon failure we will run Git's native tooling so do not
130 * bother checking for errors here.
132 confpath = getenv("GOTD_CONF_PATH");
133 if (confpath == NULL)
134 confpath = GOTD_CONF_PATH;
135 parse_config(confpath, PROC_GITWRAPPER, &gotd);
137 error = apply_unveil(myserver);
142 if (pledge("stdio exec", NULL) == -1)
146 if (strcmp(getprogname(), GOT_DIAL_CMD_SEND) == 0 ||
147 strcmp(getprogname(), GOT_DIAL_CMD_FETCH) == 0) {
150 command = strdup(getprogname());
151 if (command == NULL) {
152 error = got_error_from_errno("strdup");
157 while (relpath[0] == '/')
159 repo_name = strdup(relpath);
160 if (repo_name == NULL) {
161 error = got_error_from_errno("strdup");
165 if (argc != 3 || strcmp(argv[1], "-c") != 0)
168 error = got_dial_parse_command(&command, &repo_name,
170 if (error && error->code == GOT_ERR_BAD_PACKET)
176 repo = gotd_find_repo_by_name(repo_name, &gotd.repos);
179 * Invoke our custom Git server if the repository was found
180 * in gotd.conf. Otherwise invoke native git(1) tooling.
183 if (myserver == NULL) {
184 error = got_error_fmt(GOT_ERR_NO_PROG,
186 GITWRAPPER_MY_SERVER_PROG);
189 execl(myserver, command, repo_name, (char *)NULL);
190 error = got_error_from_errno2("execl", myserver);
192 if (asprintf(&gitcommand, "%s/%s",
193 GITWRAPPER_GIT_LIBEXEC_DIR, command) == -1) {
194 error = got_error_from_errno("asprintf");
197 execl(gitcommand, gitcommand, repo_path, (char *)NULL);
198 error = got_error_from_errno2("execl", gitcommand);
207 fprintf(stderr, "%s: %s\n", getprogname(), error->msg);