]> git.ipfire.org Git - thirdparty/git.git/blame - builtin/receive-pack.c
projects / thirdparty / git.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
signed push: allow stale nonce in stateless mode
[thirdparty/git.git] / builtin / receive-pack.c
CommitLineData
1e4cd68c 1#include "builtin.h"
fc04c412 2#include "pack.h"
8a65ff76 3#include "refs.h"
f3a3214e 4#include "pkt-line.h"
38a81b4e 5#include "sideband.h"
b1bf95bb 6#include "run-command.h"
576162a4 7#include "exec_cmd.h"
11031d7e
JS		 8#include "commit.h"
9#include "object.h"
d79796bc 10#include "remote.h"
47a59185 11#include "connect.h"
d79796bc 12#include "transport.h"
da3efdb1 13#include "string-list.h"
cff38a5e 14#include "sha1-array.h"
52fed6e1 15#include "connected.h"
31c42bff 16#include "argv-array.h"
ff5effdf 17#include "version.h"
d05b9618
JH		 18#include "tag.h"
19#include "gpg-interface.h"
575f4974 20
34263de0 21static const char receive_pack_usage[] = "git receive-pack <git-dir>";
575f4974 22
986e8239 23enum deny_action {
3d95d92b 24 DENY_UNCONFIGURED,
986e8239
JK		 25 DENY_IGNORE,
26 DENY_WARN,
4b05548f 27 DENY_REFUSE
986e8239
JK		 28};
29
1b53a076
JH		 30static int deny_deletes;
31static int deny_non_fast_forwards;
3d95d92b 32static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
747ca245 33static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
dab76d3a
JH		 34static int receive_fsck_objects = -1;
35static int transfer_fsck_objects = -1;
e28714c5
JH		 36static int receive_unpack_limit = -1;
37static int transfer_unpack_limit = -1;
46732fae 38static int unpack_limit = 100;
96f1e58f 39static int report_status;
38a81b4e 40static int use_sideband;
c207e34f 41static int quiet;
b74fce16 42static int prefer_ofs_delta = 1;
77e3efbf
JH		 43static int auto_update_server_info;
44static int auto_gc = 1;
f7c815c3 45static int fix_thin = 1;
5732373d
JH		 46static int stateless_rpc;
47static const char *service_dir;
747ca245 48static const char *head_name;
96ec7b1e 49static void *head_name_to_free;
185c04e0 50static int sent_capabilities;
0a1bc12b 51static int shallow_update;
5dbd7676 52static const char *alt_shallow_file;
a85b377d
JH		 53static struct strbuf push_cert = STRBUF_INIT;
54static unsigned char push_cert_sha1[20];
d05b9618 55static struct signature_check sigcheck;
b89363e4
JH		 56static const char *push_cert_nonce;
57static const char *cert_nonce_seed;
58
59static const char *NONCE_UNSOLICITED = "UNSOLICITED";
60static const char *NONCE_BAD = "BAD";
61static const char *NONCE_MISSING = "MISSING";
62static const char *NONCE_OK = "OK";
5732373d 63static const char *NONCE_SLOP = "SLOP";
b89363e4 64static const char *nonce_status;
5732373d
JH		 65static long nonce_stamp_slop;
66static unsigned long nonce_stamp_slop_limit;
cfee10a7 67
986e8239
JK		 68static enum deny_action parse_deny_action(const char *var, const char *value)
69{
70 if (value) {
71 if (!strcasecmp(value, "ignore"))
72 return DENY_IGNORE;
73 if (!strcasecmp(value, "warn"))
74 return DENY_WARN;
75 if (!strcasecmp(value, "refuse"))
76 return DENY_REFUSE;
77 }
78 if (git_config_bool(var, value))
79 return DENY_REFUSE;
80 return DENY_IGNORE;
81}
82
ef90d6d4 83static int receive_pack_config(const char *var, const char *value, void *cb)
6fb75bed 84{
daebaa78
JH		 85 int status = parse_hide_refs_config(var, value, "receive");
86
87 if (status)
88 return status;
89
a240de11
JK		 90 if (strcmp(var, "receive.denydeletes") == 0) {
91 deny_deletes = git_config_bool(var, value);
92 return 0;
93 }
94
e28714c5 95 if (strcmp(var, "receive.denynonfastforwards") == 0) {
6fb75bed
SP		 96 deny_non_fast_forwards = git_config_bool(var, value);
97 return 0;
98 }
99
e28714c5
JH		 100 if (strcmp(var, "receive.unpacklimit") == 0) {
101 receive_unpack_limit = git_config_int(var, value);
fc04c412
SP		 102 return 0;
103 }
104
e28714c5
JH		 105 if (strcmp(var, "transfer.unpacklimit") == 0) {
106 transfer_unpack_limit = git_config_int(var, value);
107 return 0;
108 }
109
20dc0016
MK		 110 if (strcmp(var, "receive.fsckobjects") == 0) {
111 receive_fsck_objects = git_config_bool(var, value);
112 return 0;
113 }
114
dab76d3a
JH		 115 if (strcmp(var, "transfer.fsckobjects") == 0) {
116 transfer_fsck_objects = git_config_bool(var, value);
117 return 0;
118 }
119
986e8239
JK		 120 if (!strcmp(var, "receive.denycurrentbranch")) {
121 deny_current_branch = parse_deny_action(var, value);
122 return 0;
123 }
124
747ca245
JH		 125 if (strcmp(var, "receive.denydeletecurrent") == 0) {
126 deny_delete_current = parse_deny_action(var, value);
127 return 0;
128 }
129
b74fce16
NP		 130 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
131 prefer_ofs_delta = git_config_bool(var, value);
132 return 0;
133 }
134
77e3efbf
JH		 135 if (strcmp(var, "receive.updateserverinfo") == 0) {
136 auto_update_server_info = git_config_bool(var, value);
137 return 0;
138 }
139
140 if (strcmp(var, "receive.autogc") == 0) {
141 auto_gc = git_config_bool(var, value);
142 return 0;
143 }
144
0a1bc12b
NTND		 145 if (strcmp(var, "receive.shallowupdate") == 0) {
146 shallow_update = git_config_bool(var, value);
147 return 0;
148 }
149
b89363e4
JH		 150 if (strcmp(var, "receive.certnonceseed") == 0)
151 return git_config_string(&cert_nonce_seed, var, value);
a85b377d 152
5732373d
JH		 153 if (strcmp(var, "receive.certnonceslop") == 0) {
154 nonce_stamp_slop_limit = git_config_ulong(var, value);
155 return 0;
156 }
157
ef90d6d4 158 return git_default_config(var, value, cb);
6fb75bed
SP		 159}
160
bc98201d 161static void show_ref(const char *path, const unsigned char *sha1)
575f4974 162{
daebaa78
JH		 163 if (ref_is_hidden(path))
164 return;
165
52d2ae58 166 if (sent_capabilities) {
cfee10a7 167 packet_write(1, "%s %s\n", sha1_to_hex(sha1), path);
52d2ae58
JH		 168 } else {
169 struct strbuf cap = STRBUF_INIT;
170
171 strbuf_addstr(&cap,
172 "report-status delete-refs side-band-64k quiet");
173 if (prefer_ofs_delta)
174 strbuf_addstr(&cap, " ofs-delta");
b89363e4
JH		 175 if (push_cert_nonce)
176 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
52d2ae58
JH		 177 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
178 packet_write(1, "%s %s%c%s\n",
179 sha1_to_hex(sha1), path, 0, cap.buf);
180 strbuf_release(&cap);
181 sent_capabilities = 1;
182 }
575f4974
LT		 183}
184
bc98201d 185static int show_ref_cb(const char *path, const unsigned char *sha1, int flag, void *unused)
6b01ecfe
JT		 186{
187 path = strip_namespace(path);
188 /*
189 * Advertise refs outside our current namespace as ".have"
190 * refs, so that the client can use them to minimize data
191 * transfer but will otherwise ignore them. This happens to
192 * cover ".have" that are thrown in by add_one_alternate_ref()
193 * to mark histories that are complete in our alternates as
194 * well.
195 */
196 if (!path)
197 path = ".have";
bc98201d
MH		 198 show_ref(path, sha1);
199 return 0;
6b01ecfe
JT		 200}
201
85f25104 202static void show_one_alternate_sha1(const unsigned char sha1[20], void *unused)
b7a025d9 203{
85f25104 204 show_ref(".have", sha1);
b7a025d9
MH		 205}
206
207static void collect_one_alternate_ref(const struct ref *ref, void *data)
208{
209 struct sha1_array *sa = data;
210 sha1_array_append(sa, ref->old_sha1);
6b01ecfe
JT		 211}
212
8a65ff76 213static void write_head_info(void)
575f4974 214{
b7a025d9
MH		 215 struct sha1_array sa = SHA1_ARRAY_INIT;
216 for_each_alternate_ref(collect_one_alternate_ref, &sa);
85f25104 217 sha1_array_for_each_unique(&sa, show_one_alternate_sha1, NULL);
b7a025d9 218 sha1_array_clear(&sa);
6b01ecfe 219 for_each_ref(show_ref_cb, NULL);
185c04e0 220 if (!sent_capabilities)
bc98201d 221 show_ref("capabilities^{}", null_sha1);
cfee10a7 222
ad491366
NTND		 223 advertise_shallow_grafts(1);
224
b7a025d9
MH		 225 /* EOF */
226 packet_flush(1);
575f4974
LT		 227}
228
eb1af2df
LT		 229struct command {
230 struct command *next;
cfee10a7 231 const char *error_string;
160b81ed
PYH		 232 unsigned int skip_update:1,
233 did_not_exist:1;
5dbd7676 234 int index;
eb1af2df
LT		 235 unsigned char old_sha1[20];
236 unsigned char new_sha1[20];
8f1d2e6f 237 char ref_name[FLEX_ARRAY]; /* more */
575f4974
LT		 238};
239
466dbc42
SP		 240static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
241static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
242
243static void report_message(const char *prefix, const char *err, va_list params)
244{
245 int sz = strlen(prefix);
246 char msg[4096];
247
248 strncpy(msg, prefix, sz);
249 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
250 if (sz > (sizeof(msg) - 1))
251 sz = sizeof(msg) - 1;
252 msg[sz++] = '\n';
253
254 if (use_sideband)
255 send_sideband(1, 2, msg, sz, use_sideband);
256 else
257 xwrite(2, msg, sz);
258}
259
260static void rp_warning(const char *err, ...)
261{
262 va_list params;
263 va_start(params, err);
264 report_message("warning: ", err, params);
265 va_end(params);
266}
267
268static void rp_error(const char *err, ...)
269{
270 va_list params;
271 va_start(params, err);
272 report_message("error: ", err, params);
273 va_end(params);
274}
275
6d525d38
SP		 276static int copy_to_sideband(int in, int out, void *arg)
277{
278 char data[128];
279 while (1) {
280 ssize_t sz = xread(in, data, sizeof(data));
281 if (sz <= 0)
282 break;
283 send_sideband(1, 2, data, sz, use_sideband);
284 }
285 close(in);
286 return 0;
287}
288
b89363e4
JH		 289#define HMAC_BLOCK_SIZE 64
290
291static void hmac_sha1(unsigned char out[20],
292 const char *key_in, size_t key_len,
293 const char *text, size_t text_len)
294{
295 unsigned char key[HMAC_BLOCK_SIZE];
296 unsigned char k_ipad[HMAC_BLOCK_SIZE];
297 unsigned char k_opad[HMAC_BLOCK_SIZE];
298 int i;
299 git_SHA_CTX ctx;
300
301 /* RFC 2104 2. (1) */
302 memset(key, '\0', HMAC_BLOCK_SIZE);
303 if (HMAC_BLOCK_SIZE < key_len) {
304 git_SHA1_Init(&ctx);
305 git_SHA1_Update(&ctx, key_in, key_len);
306 git_SHA1_Final(key, &ctx);
307 } else {
308 memcpy(key, key_in, key_len);
309 }
310
311 /* RFC 2104 2. (2) & (5) */
312 for (i = 0; i < sizeof(key); i++) {
313 k_ipad[i] = key[i] ^ 0x36;
314 k_opad[i] = key[i] ^ 0x5c;
315 }
316
317 /* RFC 2104 2. (3) & (4) */
318 git_SHA1_Init(&ctx);
319 git_SHA1_Update(&ctx, k_ipad, sizeof(k_ipad));
320 git_SHA1_Update(&ctx, text, text_len);
321 git_SHA1_Final(out, &ctx);
322
323 /* RFC 2104 2. (6) & (7) */
324 git_SHA1_Init(&ctx);
325 git_SHA1_Update(&ctx, k_opad, sizeof(k_opad));
326 git_SHA1_Update(&ctx, out, sizeof(out));
327 git_SHA1_Final(out, &ctx);
328}
329
330static char *prepare_push_cert_nonce(const char *path, unsigned long stamp)
331{
332 struct strbuf buf = STRBUF_INIT;
333 unsigned char sha1[20];
334
335 strbuf_addf(&buf, "%s:%lu", path, stamp);
336 hmac_sha1(sha1, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));;
337 strbuf_release(&buf);
338
339 /* RFC 2104 5. HMAC-SHA1-80 */
340 strbuf_addf(&buf, "%lu-%.*s", stamp, 20, sha1_to_hex(sha1));
341 return strbuf_detach(&buf, NULL);
342}
343
344/*
345 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
346 * after dropping "_commit" from its name and possibly moving it out
347 * of commit.c
348 */
349static char *find_header(const char *msg, size_t len, const char *key)
350{
351 int key_len = strlen(key);
352 const char *line = msg;
353
354 while (line && line < msg + len) {
355 const char *eol = strchrnul(line, '\n');
356
357 if ((msg + len <= eol) || line == eol)
358 return NULL;
359 if (line + key_len < eol &&
360 !memcmp(line, key, key_len) && line[key_len] == ' ') {
361 int offset = key_len + 1;
362 return xmemdupz(line + offset, (eol - line) - offset);
363 }
364 line = *eol ? eol + 1 : NULL;
365 }
366 return NULL;
367}
368
369static const char *check_nonce(const char *buf, size_t len)
370{
371 char *nonce = find_header(buf, len, "nonce");
5732373d
JH		 372 unsigned long stamp, ostamp;
373 char *bohmac, *expect = NULL;
b89363e4
JH		 374 const char *retval = NONCE_BAD;
375
376 if (!nonce) {
377 retval = NONCE_MISSING;
378 goto leave;
379 } else if (!push_cert_nonce) {
380 retval = NONCE_UNSOLICITED;
381 goto leave;
382 } else if (!strcmp(push_cert_nonce, nonce)) {
383 retval = NONCE_OK;
384 goto leave;
385 }
386
5732373d
JH		 387 if (!stateless_rpc) {
388 /* returned nonce MUST match what we gave out earlier */
389 retval = NONCE_BAD;
390 goto leave;
391 }
392
393 /*
394 * In stateless mode, we may be receiving a nonce issued by
395 * another instance of the server that serving the same
396 * repository, and the timestamps may not match, but the
397 * nonce-seed and dir should match, so we can recompute and
398 * report the time slop.
399 *
400 * In addition, when a nonce issued by another instance has
401 * timestamp within receive.certnonceslop seconds, we pretend
402 * as if we issued that nonce when reporting to the hook.
403 */
404
405 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
406 if (*nonce <= '0' || '9' < *nonce) {
407 retval = NONCE_BAD;
408 goto leave;
409 }
410 stamp = strtoul(nonce, &bohmac, 10);
411 if (bohmac == nonce || bohmac[0] != '-') {
412 retval = NONCE_BAD;
413 goto leave;
414 }
415
416 expect = prepare_push_cert_nonce(service_dir, stamp);
417 if (strcmp(expect, nonce)) {
418 /* Not what we would have signed earlier */
419 retval = NONCE_BAD;
420 goto leave;
421 }
422
423 /*
424 * By how many seconds is this nonce stale? Negative value
425 * would mean it was issued by another server with its clock
426 * skewed in the future.
427 */
428 ostamp = strtoul(push_cert_nonce, NULL, 10);
429 nonce_stamp_slop = (long)ostamp - (long)stamp;
430
431 if (nonce_stamp_slop_limit &&
432 abs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
433 /*
434 * Pretend as if the received nonce (which passes the
435 * HMAC check, so it is not a forged by third-party)
436 * is what we issued.
437 */
438 free((void *)push_cert_nonce);
439 push_cert_nonce = xstrdup(nonce);
440 retval = NONCE_OK;
441 } else {
442 retval = NONCE_SLOP;
443 }
b89363e4
JH		 444
445leave:
446 free(nonce);
5732373d 447 free(expect);
b89363e4
JH		 448 return retval;
449}
450
a85b377d
JH		 451static void prepare_push_cert_sha1(struct child_process *proc)
452{
453 static int already_done;
454 struct argv_array env = ARGV_ARRAY_INIT;
455
456 if (!push_cert.len)
457 return;
458
459 if (!already_done) {
d05b9618
JH		 460 struct strbuf gpg_output = STRBUF_INIT;
461 struct strbuf gpg_status = STRBUF_INIT;
462 int bogs /* beginning_of_gpg_sig */;
463
a85b377d
JH		 464 already_done = 1;
465 if (write_sha1_file(push_cert.buf, push_cert.len, "blob", push_cert_sha1))
466 hashclr(push_cert_sha1);
d05b9618
JH		 467
468 memset(&sigcheck, '\0', sizeof(sigcheck));
469 sigcheck.result = 'N';
470
471 bogs = parse_signature(push_cert.buf, push_cert.len);
472 if (verify_signed_buffer(push_cert.buf, bogs,
473 push_cert.buf + bogs, push_cert.len - bogs,
474 &gpg_output, &gpg_status) < 0) {
475 ; /* error running gpg */
476 } else {
477 sigcheck.payload = push_cert.buf;
478 sigcheck.gpg_output = gpg_output.buf;
479 sigcheck.gpg_status = gpg_status.buf;
480 parse_gpg_output(&sigcheck);
481 }
482
483 strbuf_release(&gpg_output);
484 strbuf_release(&gpg_status);
b89363e4 485 nonce_status = check_nonce(push_cert.buf, bogs);
a85b377d
JH		 486 }
487 if (!is_null_sha1(push_cert_sha1)) {
488 argv_array_pushf(&env, "GIT_PUSH_CERT=%s", sha1_to_hex(push_cert_sha1));
d05b9618
JH		 489 argv_array_pushf(&env, "GIT_PUSH_CERT_SIGNER=%s",
490 sigcheck.signer ? sigcheck.signer : "");
491 argv_array_pushf(&env, "GIT_PUSH_CERT_KEY=%s",
492 sigcheck.key ? sigcheck.key : "");
493 argv_array_pushf(&env, "GIT_PUSH_CERT_STATUS=%c", sigcheck.result);
b89363e4
JH		 494 if (push_cert_nonce) {
495 argv_array_pushf(&env, "GIT_PUSH_CERT_NONCE=%s", push_cert_nonce);
496 argv_array_pushf(&env, "GIT_PUSH_CERT_NONCE_STATUS=%s", nonce_status);
5732373d
JH		 497 if (nonce_status == NONCE_SLOP)
498 argv_array_pushf(&env, "GIT_PUSH_CERT_NONCE_SLOP=%ld",
499 nonce_stamp_slop);
b89363e4 500 }
a85b377d
JH		 501 proc->env = env.argv;
502 }
503}
504
9684e44a
JH		 505typedef int (*feed_fn)(void *, const char **, size_t *);
506static int run_and_feed_hook(const char *hook_name, feed_fn feed, void *feed_state)
b1bf95bb 507{
f43cd49f 508 struct child_process proc;
6d525d38 509 struct async muxer;
f43cd49f 510 const char *argv[2];
9684e44a 511 int code;
b1bf95bb 512
5a7da2dc
AS		 513 argv[0] = find_hook(hook_name);
514 if (!argv[0])
b1bf95bb 515 return 0;
c8dd2771 516
f43cd49f
SP		 517 argv[1] = NULL;
518
519 memset(&proc, 0, sizeof(proc));
520 proc.argv = argv;
521 proc.in = -1;
522 proc.stdout_to_stderr = 1;
523
a85b377d
JH		 524 prepare_push_cert_sha1(&proc);
525
6d525d38
SP		 526 if (use_sideband) {
527 memset(&muxer, 0, sizeof(muxer));
528 muxer.proc = copy_to_sideband;
529 muxer.in = -1;
530 code = start_async(&muxer);
531 if (code)
532 return code;
533 proc.err = muxer.in;
534 }
535
f43cd49f 536 code = start_command(&proc);
6d525d38
SP		 537 if (code) {
538 if (use_sideband)
539 finish_async(&muxer);
90e41a89 540 return code;
6d525d38
SP		 541 }
542
9684e44a
JH		 543 while (1) {
544 const char *buf;
545 size_t n;
546 if (feed(feed_state, &buf, &n))
547 break;
548 if (write_in_full(proc.in, buf, n) != n)
549 break;
c8dd2771 550 }
e72ae288 551 close(proc.in);
6d525d38
SP		 552 if (use_sideband)
553 finish_async(&muxer);
90e41a89 554 return finish_command(&proc);
b1bf95bb
JW		 555}
556
9684e44a
JH		 557struct receive_hook_feed_state {
558 struct command *cmd;
cdc2b2f3 559 int skip_broken;
9684e44a
JH		 560 struct strbuf buf;
561};
562
563static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
564{
565 struct receive_hook_feed_state *state = state_;
566 struct command *cmd = state->cmd;
567
cdc2b2f3
JH		 568 while (cmd &&
569 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
9684e44a
JH		 570 cmd = cmd->next;
571 if (!cmd)
572 return -1; /* EOF */
573 strbuf_reset(&state->buf);
574 strbuf_addf(&state->buf, "%s %s %s\n",
575 sha1_to_hex(cmd->old_sha1), sha1_to_hex(cmd->new_sha1),
576 cmd->ref_name);
577 state->cmd = cmd->next;
578 if (bufp) {
579 *bufp = state->buf.buf;
580 *sizep = state->buf.len;
581 }
582 return 0;
583}
584
cdc2b2f3
JH		 585static int run_receive_hook(struct command *commands, const char *hook_name,
586 int skip_broken)
9684e44a
JH		 587{
588 struct receive_hook_feed_state state;
589 int status;
590
591 strbuf_init(&state.buf, 0);
592 state.cmd = commands;
cdc2b2f3 593 state.skip_broken = skip_broken;
9684e44a
JH		 594 if (feed_receive_hook(&state, NULL, NULL))
595 return 0;
596 state.cmd = commands;
597 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
598 strbuf_release(&state.buf);
599 return status;
600}
601
1d9e8b56
SP		 602static int run_update_hook(struct command *cmd)
603{
1d9e8b56 604 const char *argv[5];
6d525d38
SP		 605 struct child_process proc;
606 int code;
1d9e8b56 607
5a7da2dc
AS		 608 argv[0] = find_hook("update");
609 if (!argv[0])
1d9e8b56
SP		 610 return 0;
611
1d9e8b56
SP		 612 argv[1] = cmd->ref_name;
613 argv[2] = sha1_to_hex(cmd->old_sha1);
614 argv[3] = sha1_to_hex(cmd->new_sha1);
615 argv[4] = NULL;
616
6d525d38
SP		 617 memset(&proc, 0, sizeof(proc));
618 proc.no_stdin = 1;
619 proc.stdout_to_stderr = 1;
620 proc.err = use_sideband ? -1 : 0;
621 proc.argv = argv;
622
623 code = start_command(&proc);
624 if (code)
625 return code;
626 if (use_sideband)
627 copy_to_sideband(proc.err, -1, NULL);
628 return finish_command(&proc);
1d9e8b56
SP		 629}
630
986e8239
JK		 631static int is_ref_checked_out(const char *ref)
632{
986e8239
JK		 633 if (is_bare_repository())
634 return 0;
635
747ca245 636 if (!head_name)
986e8239 637 return 0;
747ca245 638 return !strcmp(head_name, ref);
986e8239
JK		 639}
640
acd2a45b
JH		 641static char *refuse_unconfigured_deny_msg[] = {
642 "By default, updating the current branch in a non-bare repository",
643 "is denied, because it will make the index and work tree inconsistent",
644 "with what you pushed, and will require 'git reset --hard' to match",
645 "the work tree to HEAD.",
3d95d92b
JH		 646 "",
647 "You can set 'receive.denyCurrentBranch' configuration variable to",
acd2a45b
JH		 648 "'ignore' or 'warn' in the remote repository to allow pushing into",
649 "its current branch; however, this is not recommended unless you",
650 "arranged to update its work tree to match what you pushed in some",
651 "other way.",
3d95d92b 652 "",
acd2a45b
JH		 653 "To squelch this message and still keep the default behaviour, set",
654 "'receive.denyCurrentBranch' configuration variable to 'refuse'."
3d95d92b
JH		 655};
656
acd2a45b 657static void refuse_unconfigured_deny(void)
3d95d92b
JH		 658{
659 int i;
acd2a45b 660 for (i = 0; i < ARRAY_SIZE(refuse_unconfigured_deny_msg); i++)
a886ba28 661 rp_error("%s", refuse_unconfigured_deny_msg[i]);
3d95d92b
JH		 662}
663
375881fa
JH		 664static char *refuse_unconfigured_deny_delete_current_msg[] = {
665 "By default, deleting the current branch is denied, because the next",
666 "'git clone' won't result in any file checked out, causing confusion.",
747ca245
JH		 667 "",
668 "You can set 'receive.denyDeleteCurrent' configuration variable to",
375881fa
JH		 669 "'warn' or 'ignore' in the remote repository to allow deleting the",
670 "current branch, with or without a warning message.",
747ca245 671 "",
375881fa 672 "To squelch this message, you can set it to 'refuse'."
747ca245
JH		 673};
674
375881fa 675static void refuse_unconfigured_deny_delete_current(void)
747ca245
JH		 676{
677 int i;
678 for (i = 0;
375881fa 679 i < ARRAY_SIZE(refuse_unconfigured_deny_delete_current_msg);
747ca245 680 i++)
a886ba28 681 rp_error("%s", refuse_unconfigured_deny_delete_current_msg[i]);
747ca245
JH		 682}
683
0a1bc12b
NTND		 684static int command_singleton_iterator(void *cb_data, unsigned char sha1[20]);
685static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
686{
687 static struct lock_file shallow_lock;
688 struct sha1_array extra = SHA1_ARRAY_INIT;
689 const char *alt_file;
690 uint32_t mask = 1 << (cmd->index % 32);
691 int i;
692
6aa30857 693 trace_printf_key(&trace_shallow,
0a1bc12b
NTND		 694 "shallow: update_shallow_ref %s\n", cmd->ref_name);
695 for (i = 0; i < si->shallow->nr; i++)
696 if (si->used_shallow[i] &&
697 (si->used_shallow[i][cmd->index / 32] & mask) &&
698 !delayed_reachability_test(si, i))
699 sha1_array_append(&extra, si->shallow->sha1[i]);
700
701 setup_alternate_shallow(&shallow_lock, &alt_file, &extra);
702 if (check_shallow_connected(command_singleton_iterator,
703 0, cmd, alt_file)) {
704 rollback_lock_file(&shallow_lock);
705 sha1_array_clear(&extra);
706 return -1;
707 }
708
709 commit_lock_file(&shallow_lock);
710
711 /*
712 * Make sure setup_alternate_shallow() for the next ref does
713 * not lose these new roots..
714 */
715 for (i = 0; i < extra.nr; i++)
716 register_shallow(extra.sha1[i]);
717
718 si->shallow_ref[cmd->index] = 0;
719 sha1_array_clear(&extra);
720 return 0;
721}
722
723static const char *update(struct command *cmd, struct shallow_info *si)
2eca23da 724{
cfee10a7 725 const char *name = cmd->ref_name;
6b01ecfe
JT		 726 struct strbuf namespaced_name_buf = STRBUF_INIT;
727 const char *namespaced_name;
cfee10a7
JH		 728 unsigned char *old_sha1 = cmd->old_sha1;
729 unsigned char *new_sha1 = cmd->new_sha1;
3159c8dc 730 struct ref_lock *lock;
2eca23da 731
061d6b9a 732 /* only refs/... are allowed */
59556548 733 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
466dbc42 734 rp_error("refusing to create funny ref '%s' remotely", name);
8aaf7d64 735 return "funny refname";
cfee10a7 736 }
d8a1deec 737
6b01ecfe
JT		 738 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
739 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
740
741 if (is_ref_checked_out(namespaced_name)) {
3d95d92b
JH		 742 switch (deny_current_branch) {
743 case DENY_IGNORE:
986e8239 744 break;
3d95d92b 745 case DENY_WARN:
466dbc42 746 rp_warning("updating the current branch");
986e8239 747 break;
3d95d92b 748 case DENY_REFUSE:
acd2a45b 749 case DENY_UNCONFIGURED:
466dbc42 750 rp_error("refusing to update checked out branch: %s", name);
acd2a45b
JH		 751 if (deny_current_branch == DENY_UNCONFIGURED)
752 refuse_unconfigured_deny();
3d95d92b
JH		 753 return "branch is currently checked out";
754 }
986e8239
JK		 755 }
756
d4f694ba 757 if (!is_null_sha1(new_sha1) && !has_sha1_file(new_sha1)) {
8aaf7d64
SP		 758 error("unpack should have generated %s, "
759 "but I can't find it!", sha1_to_hex(new_sha1));
760 return "bad pack";
cfee10a7 761 }
747ca245
JH		 762
763 if (!is_null_sha1(old_sha1) && is_null_sha1(new_sha1)) {
59556548 764 if (deny_deletes && starts_with(name, "refs/heads/")) {
466dbc42 765 rp_error("denying ref deletion for %s", name);
747ca245
JH		 766 return "deletion prohibited";
767 }
768
6b01ecfe 769 if (!strcmp(namespaced_name, head_name)) {
747ca245
JH		 770 switch (deny_delete_current) {
771 case DENY_IGNORE:
772 break;
773 case DENY_WARN:
466dbc42 774 rp_warning("deleting the current branch");
747ca245
JH		 775 break;
776 case DENY_REFUSE:
375881fa
JH		 777 case DENY_UNCONFIGURED:
778 if (deny_delete_current == DENY_UNCONFIGURED)
779 refuse_unconfigured_deny_delete_current();
466dbc42 780 rp_error("refusing to delete the current branch: %s", name);
747ca245
JH		 781 return "deletion of the current branch prohibited";
782 }
783 }
a240de11 784 }
747ca245 785
d4f694ba 786 if (deny_non_fast_forwards && !is_null_sha1(new_sha1) &&
ba988a83 787 !is_null_sha1(old_sha1) &&
59556548 788 starts_with(name, "refs/heads/")) {
eab82707 789 struct object *old_object, *new_object;
11031d7e 790 struct commit *old_commit, *new_commit;
11031d7e 791
eab82707
MK		 792 old_object = parse_object(old_sha1);
793 new_object = parse_object(new_sha1);
794
795 if (!old_object || !new_object ||
796 old_object->type != OBJ_COMMIT ||
797 new_object->type != OBJ_COMMIT) {
798 error("bad sha1 objects for %s", name);
799 return "bad ref";
800 }
801 old_commit = (struct commit *)old_object;
802 new_commit = (struct commit *)new_object;
5d55915c 803 if (!in_merge_bases(old_commit, new_commit)) {
466dbc42
SP		 804 rp_error("denying non-fast-forward %s"
805 " (you should pull first)", name);
a75d7b54 806 return "non-fast-forward";
8aaf7d64 807 }
11031d7e 808 }
1d9e8b56 809 if (run_update_hook(cmd)) {
466dbc42 810 rp_error("hook declined to update %s", name);
8aaf7d64 811 return "hook declined";
b1bf95bb 812 }
3159c8dc 813
d4f694ba 814 if (is_null_sha1(new_sha1)) {
28391a80 815 if (!parse_object(old_sha1)) {
28391a80 816 old_sha1 = NULL;
160b81ed
PYH		 817 if (ref_exists(name)) {
818 rp_warning("Allowing deletion of corrupt ref.");
819 } else {
820 rp_warning("Deleting a non-existent ref.");
821 cmd->did_not_exist = 1;
822 }
28391a80 823 }
6b01ecfe 824 if (delete_ref(namespaced_name, old_sha1, 0)) {
466dbc42 825 rp_error("failed to delete %s", name);
8aaf7d64 826 return "failed to delete";
d4f694ba 827 }
8aaf7d64 828 return NULL; /* good */
d4f694ba
JH		 829 }
830 else {
0a1bc12b
NTND		 831 if (shallow_update && si->shallow_ref[cmd->index] &&
832 update_shallow_ref(cmd, si))
833 return "shallow error";
834
9bbb0fa1
BK		 835 lock = lock_any_ref_for_update(namespaced_name, old_sha1,
836 0, NULL);
d4f694ba 837 if (!lock) {
466dbc42 838 rp_error("failed to lock %s", name);
8aaf7d64 839 return "failed to lock";
d4f694ba 840 }
ef203f08 841 if (write_ref_sha1(lock, new_sha1, "push")) {
8aaf7d64 842 return "failed to write"; /* error() already called */
ef203f08 843 }
8aaf7d64 844 return NULL; /* good */
19614330 845 }
2eca23da
LT		 846}
847
5e1c71fd 848static void run_update_post_hook(struct command *commands)
19614330 849{
5e1c71fd 850 struct command *cmd;
6d525d38 851 int argc;
9201c707 852 const char **argv;
6d525d38 853 struct child_process proc;
5a7da2dc 854 char *hook;
19614330 855
5a7da2dc 856 hook = find_hook("post-update");
5e1c71fd 857 for (argc = 0, cmd = commands; cmd; cmd = cmd->next) {
160b81ed 858 if (cmd->error_string || cmd->did_not_exist)
19614330
JH		 859 continue;
860 argc++;
861 }
5a7da2dc 862 if (!argc || !hook)
3e6e152c 863 return;
5a7da2dc 864
3e6e152c 865 argv = xmalloc(sizeof(*argv) * (2 + argc));
5a7da2dc 866 argv[0] = hook;
19614330 867
5e1c71fd 868 for (argc = 1, cmd = commands; cmd; cmd = cmd->next) {
160b81ed 869 if (cmd->error_string || cmd->did_not_exist)
19614330 870 continue;
95244ae3 871 argv[argc] = xstrdup(cmd->ref_name);
19614330
JH		 872 argc++;
873 }
874 argv[argc] = NULL;
6d525d38
SP		 875
876 memset(&proc, 0, sizeof(proc));
877 proc.no_stdin = 1;
878 proc.stdout_to_stderr = 1;
879 proc.err = use_sideband ? -1 : 0;
880 proc.argv = argv;
881
882 if (!start_command(&proc)) {
883 if (use_sideband)
884 copy_to_sideband(proc.err, -1, NULL);
885 finish_command(&proc);
886 }
19614330 887}
2eca23da 888
da3efdb1
JS		 889static void check_aliased_update(struct command *cmd, struct string_list *list)
890{
6b01ecfe
JT		 891 struct strbuf buf = STRBUF_INIT;
892 const char *dst_name;
da3efdb1
JS		 893 struct string_list_item *item;
894 struct command *dst_cmd;
895 unsigned char sha1[20];
896 char cmd_oldh[41], cmd_newh[41], dst_oldh[41], dst_newh[41];
897 int flag;
898
6b01ecfe 899 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
8cad4744 900 dst_name = resolve_ref_unsafe(buf.buf, sha1, 0, &flag);
6b01ecfe 901 strbuf_release(&buf);
da3efdb1
JS		 902
903 if (!(flag & REF_ISSYMREF))
904 return;
905
6b01ecfe
JT		 906 dst_name = strip_namespace(dst_name);
907 if (!dst_name) {
908 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
909 cmd->skip_update = 1;
910 cmd->error_string = "broken symref";
911 return;
912 }
913
e8c8b713 914 if ((item = string_list_lookup(list, dst_name)) == NULL)
da3efdb1
JS		 915 return;
916
917 cmd->skip_update = 1;
918
919 dst_cmd = (struct command *) item->util;
920
921 if (!hashcmp(cmd->old_sha1, dst_cmd->old_sha1) &&
922 !hashcmp(cmd->new_sha1, dst_cmd->new_sha1))
923 return;
924
925 dst_cmd->skip_update = 1;
926
927 strcpy(cmd_oldh, find_unique_abbrev(cmd->old_sha1, DEFAULT_ABBREV));
0e71bc30 928 strcpy(cmd_newh, find_unique_abbrev(cmd->new_sha1, DEFAULT_ABBREV));
da3efdb1 929 strcpy(dst_oldh, find_unique_abbrev(dst_cmd->old_sha1, DEFAULT_ABBREV));
0e71bc30 930 strcpy(dst_newh, find_unique_abbrev(dst_cmd->new_sha1, DEFAULT_ABBREV));
da3efdb1
JS		 931 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
932 " its target '%s' (%s..%s)",
933 cmd->ref_name, cmd_oldh, cmd_newh,
934 dst_cmd->ref_name, dst_oldh, dst_newh);
935
936 cmd->error_string = dst_cmd->error_string =
937 "inconsistent aliased update";
938}
939
940static void check_aliased_updates(struct command *commands)
941{
942 struct command *cmd;
183113a5 943 struct string_list ref_list = STRING_LIST_INIT_NODUP;
da3efdb1
JS		 944
945 for (cmd = commands; cmd; cmd = cmd->next) {
946 struct string_list_item *item =
1d2f80fa 947 string_list_append(&ref_list, cmd->ref_name);
da3efdb1
JS		 948 item->util = (void *)cmd;
949 }
950 sort_string_list(&ref_list);
951
ef7e93d9
CB		 952 for (cmd = commands; cmd; cmd = cmd->next) {
953 if (!cmd->error_string)
954 check_aliased_update(cmd, &ref_list);
955 }
da3efdb1
JS		 956
957 string_list_clear(&ref_list, 0);
958}
959
52fed6e1
JH		 960static int command_singleton_iterator(void *cb_data, unsigned char sha1[20])
961{
962 struct command **cmd_list = cb_data;
963 struct command *cmd = *cmd_list;
964
ee6dfb2d 965 if (!cmd || is_null_sha1(cmd->new_sha1))
52fed6e1
JH		 966 return -1; /* end of list */
967 *cmd_list = NULL; /* this returns only one */
968 hashcpy(sha1, cmd->new_sha1);
969 return 0;
970}
971
0a1bc12b
NTND		 972static void set_connectivity_errors(struct command *commands,
973 struct shallow_info *si)
52fed6e1
JH		 974{
975 struct command *cmd;
976
977 for (cmd = commands; cmd; cmd = cmd->next) {
978 struct command *singleton = cmd;
0a1bc12b
NTND		 979 if (shallow_update && si->shallow_ref[cmd->index])
980 /* to be checked in update_shallow_ref() */
981 continue;
52fed6e1
JH		 982 if (!check_everything_connected(command_singleton_iterator,
983 0, &singleton))
984 continue;
985 cmd->error_string = "missing necessary objects";
986 }
987}
988
0a1bc12b
NTND		 989struct iterate_data {
990 struct command *cmds;
991 struct shallow_info *si;
992};
993
52fed6e1
JH		 994static int iterate_receive_command_list(void *cb_data, unsigned char sha1[20])
995{
0a1bc12b
NTND		 996 struct iterate_data *data = cb_data;
997 struct command **cmd_list = &data->cmds;
52fed6e1
JH		 998 struct command *cmd = *cmd_list;
999
0a1bc12b
NTND		 1000 for (; cmd; cmd = cmd->next) {
1001 if (shallow_update && data->si->shallow_ref[cmd->index])
1002 /* to be checked in update_shallow_ref() */
1003 continue;
5dbd7676 1004 if (!is_null_sha1(cmd->new_sha1) && !cmd->skip_update) {
ee6dfb2d
JH		 1005 hashcpy(sha1, cmd->new_sha1);
1006 *cmd_list = cmd->next;
1007 return 0;
1008 }
ee6dfb2d
JH		 1009 }
1010 *cmd_list = NULL;
1011 return -1; /* end of list */
52fed6e1
JH		 1012}
1013
daebaa78
JH		 1014static void reject_updates_to_hidden(struct command *commands)
1015{
1016 struct command *cmd;
1017
1018 for (cmd = commands; cmd; cmd = cmd->next) {
1019 if (cmd->error_string || !ref_is_hidden(cmd->ref_name))
1020 continue;
1021 if (is_null_sha1(cmd->new_sha1))
1022 cmd->error_string = "deny deleting a hidden ref";
1023 else
1024 cmd->error_string = "deny updating a hidden ref";
1025 }
1026}
1027
0a1bc12b
NTND		 1028static void execute_commands(struct command *commands,
1029 const char *unpacker_error,
1030 struct shallow_info *si)
575f4974 1031{
0a1bc12b 1032 int checked_connectivity;
5e1c71fd 1033 struct command *cmd;
747ca245 1034 unsigned char sha1[20];
0a1bc12b 1035 struct iterate_data data;
8aaf7d64
SP		 1036
1037 if (unpacker_error) {
5e1c71fd 1038 for (cmd = commands; cmd; cmd = cmd->next)
74eb32d3 1039 cmd->error_string = "unpacker error";
8aaf7d64
SP		 1040 return;
1041 }
1042
0a1bc12b
NTND		 1043 data.cmds = commands;
1044 data.si = si;
1045 if (check_everything_connected(iterate_receive_command_list, 0, &data))
1046 set_connectivity_errors(commands, si);
52fed6e1 1047
daebaa78
JH		 1048 reject_updates_to_hidden(commands);
1049
5a7da2dc 1050 if (run_receive_hook(commands, "pre-receive", 0)) {
ef7e93d9
CB		 1051 for (cmd = commands; cmd; cmd = cmd->next) {
1052 if (!cmd->error_string)
1053 cmd->error_string = "pre-receive hook declined";
1054 }
05ef58ec
SP		 1055 return;
1056 }
1057
da3efdb1
JS		 1058 check_aliased_updates(commands);
1059
96ec7b1e
NTND		 1060 free(head_name_to_free);
1061 head_name = head_name_to_free = resolve_refdup("HEAD", sha1, 0, NULL);
747ca245 1062
0a1bc12b 1063 checked_connectivity = 1;
ef7e93d9
CB		 1064 for (cmd = commands; cmd; cmd = cmd->next) {
1065 if (cmd->error_string)
1066 continue;
1067
1068 if (cmd->skip_update)
1069 continue;
1070
0a1bc12b
NTND		 1071 cmd->error_string = update(cmd, si);
1072 if (shallow_update && !cmd->error_string &&
1073 si->shallow_ref[cmd->index]) {
1074 error("BUG: connectivity check has not been run on ref %s",
1075 cmd->ref_name);
1076 checked_connectivity = 0;
1077 }
1078 }
1079
0179c945
JK		 1080 if (shallow_update && !checked_connectivity)
1081 error("BUG: run 'git fsck' for safety.\n"
1082 "If there are errors, try to remove "
1083 "the reported refs above");
575f4974
LT		 1084}
1085
39895c74
JH		 1086static struct command **queue_command(struct command **tail,
1087 const char *line,
1088 int linelen)
1089{
1090 unsigned char old_sha1[20], new_sha1[20];
1091 struct command *cmd;
1092 const char *refname;
1093 int reflen;
1094
1095 if (linelen < 83 ||
1096 line[40] != ' ' ||
1097 line[81] != ' ' ||
1098 get_sha1_hex(line, old_sha1) ||
1099 get_sha1_hex(line + 41, new_sha1))
1100 die("protocol error: expected old/new/ref, got '%s'", line);
1101
1102 refname = line + 82;
1103 reflen = linelen - 82;
1104 cmd = xcalloc(1, sizeof(struct command) + reflen + 1);
1105 hashcpy(cmd->old_sha1, old_sha1);
1106 hashcpy(cmd->new_sha1, new_sha1);
1107 memcpy(cmd->ref_name, refname, reflen);
1108 cmd->ref_name[reflen] = '\0';
1109 *tail = cmd;
1110 return &cmd->next;
1111}
1112
4adf569d
JH		 1113static void queue_commands_from_cert(struct command **tail,
1114 struct strbuf *push_cert)
1115{
1116 const char *boc, *eoc;
1117
1118 if (*tail)
1119 die("protocol error: got both push certificate and unsigned commands");
1120
1121 boc = strstr(push_cert->buf, "\n\n");
1122 if (!boc)
1123 die("malformed push certificate %.*s", 100, push_cert->buf);
1124 else
1125 boc += 2;
1126 eoc = push_cert->buf + parse_signature(push_cert->buf, push_cert->len);
1127
1128 while (boc < eoc) {
1129 const char *eol = memchr(boc, '\n', eoc - boc);
1130 tail = queue_command(tail, boc, eol ? eol - boc : eoc - eol);
1131 boc = eol ? eol + 1 : eoc;
1132 }
1133}
1134
5dbd7676 1135static struct command *read_head_info(struct sha1_array *shallow)
575f4974 1136{
5e1c71fd 1137 struct command *commands = NULL;
eb1af2df 1138 struct command **p = &commands;
575f4974 1139 for (;;) {
74543a04 1140 char *line;
39895c74 1141 int len, linelen;
eb1af2df 1142
74543a04
JK		 1143 line = packet_read_line(0, &len);
1144 if (!line)
575f4974 1145 break;
5dbd7676 1146
92251b1b 1147 if (len == 48 && starts_with(line, "shallow ")) {
c09b71cc
JH		 1148 unsigned char sha1[20];
1149 if (get_sha1_hex(line + 8, sha1))
1150 die("protocol error: expected shallow sha, got '%s'",
1151 line + 8);
1152 sha1_array_append(shallow, sha1);
5dbd7676
NTND		 1153 continue;
1154 }
1155
0e3c339b
JH		 1156 linelen = strlen(line);
1157 if (linelen < len) {
1158 const char *feature_list = line + linelen + 1;
1159 if (parse_feature_request(feature_list, "report-status"))
1160 report_status = 1;
1161 if (parse_feature_request(feature_list, "side-band-64k"))
1162 use_sideband = LARGE_PACKET_MAX;
1163 if (parse_feature_request(feature_list, "quiet"))
1164 quiet = 1;
1165 }
1166
a85b377d
JH		 1167 if (!strcmp(line, "push-cert")) {
1168 int true_flush = 0;
1169 char certbuf[1024];
1170
1171 for (;;) {
1172 len = packet_read(0, NULL, NULL,
1173 certbuf, sizeof(certbuf), 0);
1174 if (!len) {
1175 true_flush = 1;
1176 break;
1177 }
1178 if (!strcmp(certbuf, "push-cert-end\n"))
1179 break; /* end of cert */
1180 strbuf_addstr(&push_cert, certbuf);
1181 }
1182
1183 if (true_flush)
1184 break;
1185 continue;
1186 }
1187
39895c74 1188 p = queue_command(p, line, linelen);
575f4974 1189 }
4adf569d
JH		 1190
1191 if (push_cert.len)
1192 queue_commands_from_cert(p, &push_cert);
1193
5e1c71fd 1194 return commands;
575f4974
LT		 1195}
1196
fc04c412
SP		 1197static const char *parse_pack_header(struct pack_header *hdr)
1198{
a69e5429
JH		 1199 switch (read_pack_header(0, hdr)) {
1200 case PH_ERROR_EOF:
1201 return "eof before pack header was fully read";
1202
1203 case PH_ERROR_PACK_SIGNATURE:
fc04c412 1204 return "protocol error (pack signature mismatch detected)";
a69e5429
JH		 1205
1206 case PH_ERROR_PROTOCOL:
fc04c412 1207 return "protocol error (pack version unsupported)";
a69e5429
JH		 1208
1209 default:
1210 return "unknown error in parse_pack_header";
1211
1212 case 0:
1213 return NULL;
1214 }
fc04c412
SP		 1215}
1216
576162a4
NP		 1217static const char *pack_lockfile;
1218
5dbd7676 1219static const char *unpack(int err_fd, struct shallow_info *si)
575f4974 1220{
fc04c412 1221 struct pack_header hdr;
31c42bff 1222 struct argv_array av = ARGV_ARRAY_INIT;
fc04c412 1223 const char *hdr_err;
31c42bff 1224 int status;
fc04c412 1225 char hdr_arg[38];
31c42bff 1226 struct child_process child;
dab76d3a
JH		 1227 int fsck_objects = (receive_fsck_objects >= 0
1228 ? receive_fsck_objects
1229 : transfer_fsck_objects >= 0
1230 ? transfer_fsck_objects
1231 : 0);
fc04c412
SP		 1232
1233 hdr_err = parse_pack_header(&hdr);
49ecfa13
JK		 1234 if (hdr_err) {
1235 if (err_fd > 0)
1236 close(err_fd);
fc04c412 1237 return hdr_err;
49ecfa13 1238 }
6e1c2344
RJ		 1239 snprintf(hdr_arg, sizeof(hdr_arg),
1240 "--pack_header=%"PRIu32",%"PRIu32,
fc04c412
SP		 1241 ntohl(hdr.hdr_version), ntohl(hdr.hdr_entries));
1242
5dbd7676
NTND		 1243 if (si->nr_ours || si->nr_theirs) {
1244 alt_shallow_file = setup_temporary_shallow(si->shallow);
1245 argv_array_pushl(&av, "--shallow-file", alt_shallow_file, NULL);
1246 }
1247
31c42bff 1248 memset(&child, 0, sizeof(child));
fc04c412 1249 if (ntohl(hdr.hdr_entries) < unpack_limit) {
31c42bff 1250 argv_array_pushl(&av, "unpack-objects", hdr_arg, NULL);
c207e34f 1251 if (quiet)
31c42bff 1252 argv_array_push(&av, "-q");
dab76d3a 1253 if (fsck_objects)
31c42bff
NTND		 1254 argv_array_push(&av, "--strict");
1255 child.argv = av.argv;
59bfdfb8 1256 child.no_stdout = 1;
a22e6f85 1257 child.err = err_fd;
59bfdfb8 1258 child.git_cmd = 1;
31c42bff
NTND		 1259 status = run_command(&child);
1260 if (status)
1261 return "unpack-objects abnormal exit";
576162a4 1262 } else {
31c42bff 1263 int s;
576162a4 1264 char keep_arg[256];
576162a4 1265
85e72830 1266 s = sprintf(keep_arg, "--keep=receive-pack %"PRIuMAX" on ", (uintmax_t) getpid());
576162a4
NP		 1267 if (gethostname(keep_arg + s, sizeof(keep_arg) - s))
1268 strcpy(keep_arg + s, "localhost");
1269
31c42bff
NTND		 1270 argv_array_pushl(&av, "index-pack",
1271 "--stdin", hdr_arg, keep_arg, NULL);
dab76d3a 1272 if (fsck_objects)
31c42bff 1273 argv_array_push(&av, "--strict");
f7c815c3 1274 if (fix_thin)
31c42bff
NTND		 1275 argv_array_push(&av, "--fix-thin");
1276 child.argv = av.argv;
1277 child.out = -1;
1278 child.err = err_fd;
1279 child.git_cmd = 1;
1280 status = start_command(&child);
1281 if (status)
576162a4 1282 return "index-pack fork failed";
31c42bff
NTND		 1283 pack_lockfile = index_pack_lockfile(child.out);
1284 close(child.out);
1285 status = finish_command(&child);
1286 if (status)
1287 return "index-pack abnormal exit";
1288 reprepare_packed_git();
cfee10a7 1289 }
31c42bff 1290 return NULL;
cfee10a7
JH		 1291}
1292
5dbd7676 1293static const char *unpack_with_sideband(struct shallow_info *si)
a22e6f85
JK		 1294{
1295 struct async muxer;
1296 const char *ret;
1297
1298 if (!use_sideband)
5dbd7676 1299 return unpack(0, si);
a22e6f85
JK		 1300
1301 memset(&muxer, 0, sizeof(muxer));
1302 muxer.proc = copy_to_sideband;
1303 muxer.in = -1;
1304 if (start_async(&muxer))
1305 return NULL;
1306
5dbd7676 1307 ret = unpack(muxer.in, si);
a22e6f85
JK		 1308
1309 finish_async(&muxer);
1310 return ret;
1311}
1312
0a1bc12b
NTND		 1313static void prepare_shallow_update(struct command *commands,
1314 struct shallow_info *si)
1315{
1316 int i, j, k, bitmap_size = (si->ref->nr + 31) / 32;
1317
1318 si->used_shallow = xmalloc(sizeof(*si->used_shallow) *
1319 si->shallow->nr);
1320 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
1321
1322 si->need_reachability_test =
1323 xcalloc(si->shallow->nr, sizeof(*si->need_reachability_test));
1324 si->reachable =
1325 xcalloc(si->shallow->nr, sizeof(*si->reachable));
1326 si->shallow_ref = xcalloc(si->ref->nr, sizeof(*si->shallow_ref));
1327
1328 for (i = 0; i < si->nr_ours; i++)
1329 si->need_reachability_test[si->ours[i]] = 1;
1330
1331 for (i = 0; i < si->shallow->nr; i++) {
1332 if (!si->used_shallow[i])
1333 continue;
1334 for (j = 0; j < bitmap_size; j++) {
1335 if (!si->used_shallow[i][j])
1336 continue;
1337 si->need_reachability_test[i]++;
1338 for (k = 0; k < 32; k++)
1339 if (si->used_shallow[i][j] & (1 << k))
1340 si->shallow_ref[j * 32 + k]++;
1341 }
1342
1343 /*
1344 * true for those associated with some refs and belong
1345 * in "ours" list aka "step 7 not done yet"
1346 */
1347 si->need_reachability_test[i] =
1348 si->need_reachability_test[i] > 1;
1349 }
1350
1351 /*
1352 * keep hooks happy by forcing a temporary shallow file via
1353 * env variable because we can't add --shallow-file to every
1354 * command. check_everything_connected() will be done with
1355 * true .git/shallow though.
1356 */
1357 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
1358}
1359
5dbd7676
NTND		 1360static void update_shallow_info(struct command *commands,
1361 struct shallow_info *si,
1362 struct sha1_array *ref)
1363{
1364 struct command *cmd;
1365 int *ref_status;
1366 remove_nonexistent_theirs_shallow(si);
0a1bc12b
NTND		 1367 if (!si->nr_ours && !si->nr_theirs) {
1368 shallow_update = 0;
5dbd7676 1369 return;
0a1bc12b 1370 }
5dbd7676
NTND		 1371
1372 for (cmd = commands; cmd; cmd = cmd->next) {
1373 if (is_null_sha1(cmd->new_sha1))
1374 continue;
1375 sha1_array_append(ref, cmd->new_sha1);
1376 cmd->index = ref->nr - 1;
1377 }
1378 si->ref = ref;
1379
0a1bc12b
NTND		 1380 if (shallow_update) {
1381 prepare_shallow_update(commands, si);
1382 return;
1383 }
1384
5dbd7676
NTND		 1385 ref_status = xmalloc(sizeof(*ref_status) * ref->nr);
1386 assign_shallow_commits_to_refs(si, NULL, ref_status);
1387 for (cmd = commands; cmd; cmd = cmd->next) {
1388 if (is_null_sha1(cmd->new_sha1))
1389 continue;
1390 if (ref_status[cmd->index]) {
1391 cmd->error_string = "shallow update not allowed";
1392 cmd->skip_update = 1;
1393 }
1394 }
5dbd7676
NTND		 1395 free(ref_status);
1396}
1397
5e1c71fd 1398static void report(struct command *commands, const char *unpack_status)
cfee10a7
JH		 1399{
1400 struct command *cmd;
38a81b4e
SP		 1401 struct strbuf buf = STRBUF_INIT;
1402
1403 packet_buf_write(&buf, "unpack %s\n",
1404 unpack_status ? unpack_status : "ok");
cfee10a7
JH		 1405 for (cmd = commands; cmd; cmd = cmd->next) {
1406 if (!cmd->error_string)
38a81b4e
SP		 1407 packet_buf_write(&buf, "ok %s\n",
1408 cmd->ref_name);
cfee10a7 1409 else
38a81b4e
SP		 1410 packet_buf_write(&buf, "ng %s %s\n",
1411 cmd->ref_name, cmd->error_string);
575f4974 1412 }
38a81b4e
SP		 1413 packet_buf_flush(&buf);
1414
1415 if (use_sideband)
1416 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
1417 else
cdf4fb8e 1418 write_or_die(1, buf.buf, buf.len);
38a81b4e 1419 strbuf_release(&buf);
575f4974
LT		 1420}
1421
5e1c71fd 1422static int delete_only(struct command *commands)
d4f694ba 1423{
5e1c71fd
JS		 1424 struct command *cmd;
1425 for (cmd = commands; cmd; cmd = cmd->next) {
d4f694ba
JH		 1426 if (!is_null_sha1(cmd->new_sha1))
1427 return 0;
d4f694ba
JH		 1428 }
1429 return 1;
1430}
1431
be5908ae 1432int cmd_receive_pack(int argc, const char **argv, const char *prefix)
575f4974 1433{
42526b47 1434 int advertise_refs = 0;
d0efc8a7 1435 int i;
5e1c71fd 1436 struct command *commands;
5dbd7676
NTND		 1437 struct sha1_array shallow = SHA1_ARRAY_INIT;
1438 struct sha1_array ref = SHA1_ARRAY_INIT;
1439 struct shallow_info si;
575f4974 1440
bbc30f99
JK		 1441 packet_trace_identity("receive-pack");
1442
575f4974
LT		 1443 argv++;
1444 for (i = 1; i < argc; i++) {
be5908ae 1445 const char *arg = *argv++;
575f4974
LT		 1446
1447 if (*arg == '-') {
c207e34f
CB		 1448 if (!strcmp(arg, "--quiet")) {
1449 quiet = 1;
1450 continue;
1451 }
1452
42526b47
SP		 1453 if (!strcmp(arg, "--advertise-refs")) {
1454 advertise_refs = 1;
1455 continue;
1456 }
1457 if (!strcmp(arg, "--stateless-rpc")) {
1458 stateless_rpc = 1;
1459 continue;
1460 }
f7c815c3
NTND		 1461 if (!strcmp(arg, "--reject-thin-pack-for-testing")) {
1462 fix_thin = 0;
1463 continue;
1464 }
42526b47 1465
575f4974
LT		 1466 usage(receive_pack_usage);
1467 }
5732373d 1468 if (service_dir)
d0efc8a7 1469 usage(receive_pack_usage);
5732373d 1470 service_dir = arg;
575f4974 1471 }
5732373d 1472 if (!service_dir)
575f4974
LT		 1473 usage(receive_pack_usage);
1474
e1464ca7 1475 setup_path();
5c09f321 1476
5732373d
JH		 1477 if (!enter_repo(service_dir, 0))
1478 die("'%s' does not appear to be a git repository", service_dir);
575f4974 1479
ef90d6d4 1480 git_config(receive_pack_config, NULL);
b89363e4 1481 if (cert_nonce_seed)
5732373d 1482 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
6fb75bed 1483
e28714c5
JH		 1484 if (0 <= transfer_unpack_limit)
1485 unpack_limit = transfer_unpack_limit;
1486 else if (0 <= receive_unpack_limit)
1487 unpack_limit = receive_unpack_limit;
1488
42526b47 1489 if (advertise_refs || !stateless_rpc) {
42526b47 1490 write_head_info();
42526b47
SP		 1491 }
1492 if (advertise_refs)
1493 return 0;
575f4974 1494
5dbd7676 1495 if ((commands = read_head_info(&shallow)) != NULL) {
d4f694ba
JH		 1496 const char *unpack_status = NULL;
1497
5dbd7676 1498 prepare_shallow_info(&si, &shallow);
0a1bc12b
NTND		 1499 if (!si.nr_ours && !si.nr_theirs)
1500 shallow_update = 0;
5dbd7676
NTND		 1501 if (!delete_only(commands)) {
1502 unpack_status = unpack_with_sideband(&si);
1503 update_shallow_info(commands, &si, &ref);
1504 }
0a1bc12b 1505 execute_commands(commands, unpack_status, &si);
576162a4 1506 if (pack_lockfile)
691f1a28 1507 unlink_or_warn(pack_lockfile);
cfee10a7 1508 if (report_status)
5e1c71fd 1509 report(commands, unpack_status);
5a7da2dc 1510 run_receive_hook(commands, "post-receive", 1);
8e663d9e 1511 run_update_post_hook(commands);
77e3efbf
JH		 1512 if (auto_gc) {
1513 const char *argv_gc_auto[] = {
1514 "gc", "--auto", "--quiet", NULL,
1515 };
4b7f2fa4
JH		 1516 int opt = RUN_GIT_CMD | RUN_COMMAND_STDOUT_TO_STDERR;
1517 run_command_v_opt(argv_gc_auto, opt);
77e3efbf
JH		 1518 }
1519 if (auto_update_server_info)
1520 update_server_info(0);
5dbd7676 1521 clear_shallow_info(&si);
7f8e9828 1522 }
38a81b4e
SP		 1523 if (use_sideband)
1524 packet_flush(1);
5dbd7676
NTND		 1525 sha1_array_clear(&shallow);
1526 sha1_array_clear(&ref);
b89363e4 1527 free((void *)push_cert_nonce);
575f4974
LT		 1528 return 0;
1529}
Unnamed repository; edit this file 'description' to name the repository.