]> git.ipfire.org Git - thirdparty/git.git/blob - builtin/receive-pack.c
projects / thirdparty / git.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'en/ort-perf-batch-9'
[thirdparty/git.git] / builtin / receive-pack.c
1 #include "builtin.h"
2 #include "repository.h"
3 #include "config.h"
4 #include "lockfile.h"
5 #include "pack.h"
6 #include "refs.h"
7 #include "pkt-line.h"
8 #include "sideband.h"
9 #include "run-command.h"
10 #include "exec-cmd.h"
11 #include "commit.h"
12 #include "object.h"
13 #include "remote.h"
14 #include "connect.h"
15 #include "string-list.h"
16 #include "oid-array.h"
17 #include "connected.h"
18 #include "strvec.h"
19 #include "version.h"
20 #include "tag.h"
21 #include "gpg-interface.h"
22 #include "sigchain.h"
23 #include "fsck.h"
24 #include "tmp-objdir.h"
25 #include "oidset.h"
26 #include "packfile.h"
27 #include "object-store.h"
28 #include "protocol.h"
29 #include "commit-reach.h"
30 #include "worktree.h"
31 #include "shallow.h"
32
33 static const char * const receive_pack_usage[] = {
34 N_("git receive-pack <git-dir>"),
35 NULL
36 };
37
38 enum deny_action {
39 DENY_UNCONFIGURED,
40 DENY_IGNORE,
41 DENY_WARN,
42 DENY_REFUSE,
43 DENY_UPDATE_INSTEAD
44 };
45
46 static int deny_deletes;
47 static int deny_non_fast_forwards;
48 static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
49 static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
50 static int receive_fsck_objects = -1;
51 static int transfer_fsck_objects = -1;
52 static struct strbuf fsck_msg_types = STRBUF_INIT;
53 static int receive_unpack_limit = -1;
54 static int transfer_unpack_limit = -1;
55 static int advertise_atomic_push = 1;
56 static int advertise_push_options;
57 static int advertise_sid;
58 static int unpack_limit = 100;
59 static off_t max_input_size;
60 static int report_status;
61 static int report_status_v2;
62 static int use_sideband;
63 static int use_atomic;
64 static int use_push_options;
65 static int quiet;
66 static int prefer_ofs_delta = 1;
67 static int auto_update_server_info;
68 static int auto_gc = 1;
69 static int reject_thin;
70 static int stateless_rpc;
71 static const char *service_dir;
72 static const char *head_name;
73 static void *head_name_to_free;
74 static int sent_capabilities;
75 static int shallow_update;
76 static const char *alt_shallow_file;
77 static struct strbuf push_cert = STRBUF_INIT;
78 static struct object_id push_cert_oid;
79 static struct signature_check sigcheck;
80 static const char *push_cert_nonce;
81 static const char *cert_nonce_seed;
82
83 static const char *NONCE_UNSOLICITED = "UNSOLICITED";
84 static const char *NONCE_BAD = "BAD";
85 static const char *NONCE_MISSING = "MISSING";
86 static const char *NONCE_OK = "OK";
87 static const char *NONCE_SLOP = "SLOP";
88 static const char *nonce_status;
89 static long nonce_stamp_slop;
90 static timestamp_t nonce_stamp_slop_limit;
91 static struct ref_transaction *transaction;
92
93 static enum {
94 KEEPALIVE_NEVER = 0,
95 KEEPALIVE_AFTER_NUL,
96 KEEPALIVE_ALWAYS
97 } use_keepalive;
98 static int keepalive_in_sec = 5;
99
100 static struct tmp_objdir *tmp_objdir;
101
102 static struct proc_receive_ref {
103 unsigned int want_add:1,
104 want_delete:1,
105 want_modify:1,
106 negative_ref:1;
107 char *ref_prefix;
108 struct proc_receive_ref *next;
109 } *proc_receive_ref;
110
111 static void proc_receive_ref_append(const char *prefix);
112
113 static enum deny_action parse_deny_action(const char *var, const char *value)
114 {
115 if (value) {
116 if (!strcasecmp(value, "ignore"))
117 return DENY_IGNORE;
118 if (!strcasecmp(value, "warn"))
119 return DENY_WARN;
120 if (!strcasecmp(value, "refuse"))
121 return DENY_REFUSE;
122 if (!strcasecmp(value, "updateinstead"))
123 return DENY_UPDATE_INSTEAD;
124 }
125 if (git_config_bool(var, value))
126 return DENY_REFUSE;
127 return DENY_IGNORE;
128 }
129
130 static int receive_pack_config(const char *var, const char *value, void *cb)
131 {
132 int status = parse_hide_refs_config(var, value, "receive");
133
134 if (status)
135 return status;
136
137 if (strcmp(var, "receive.denydeletes") == 0) {
138 deny_deletes = git_config_bool(var, value);
139 return 0;
140 }
141
142 if (strcmp(var, "receive.denynonfastforwards") == 0) {
143 deny_non_fast_forwards = git_config_bool(var, value);
144 return 0;
145 }
146
147 if (strcmp(var, "receive.unpacklimit") == 0) {
148 receive_unpack_limit = git_config_int(var, value);
149 return 0;
150 }
151
152 if (strcmp(var, "transfer.unpacklimit") == 0) {
153 transfer_unpack_limit = git_config_int(var, value);
154 return 0;
155 }
156
157 if (strcmp(var, "receive.fsck.skiplist") == 0) {
158 const char *path;
159
160 if (git_config_pathname(&path, var, value))
161 return 1;
162 strbuf_addf(&fsck_msg_types, "%cskiplist=%s",
163 fsck_msg_types.len ? ',' : '=', path);
164 free((char *)path);
165 return 0;
166 }
167
168 if (skip_prefix(var, "receive.fsck.", &var)) {
169 if (is_valid_msg_type(var, value))
170 strbuf_addf(&fsck_msg_types, "%c%s=%s",
171 fsck_msg_types.len ? ',' : '=', var, value);
172 else
173 warning("Skipping unknown msg id '%s'", var);
174 return 0;
175 }
176
177 if (strcmp(var, "receive.fsckobjects") == 0) {
178 receive_fsck_objects = git_config_bool(var, value);
179 return 0;
180 }
181
182 if (strcmp(var, "transfer.fsckobjects") == 0) {
183 transfer_fsck_objects = git_config_bool(var, value);
184 return 0;
185 }
186
187 if (!strcmp(var, "receive.denycurrentbranch")) {
188 deny_current_branch = parse_deny_action(var, value);
189 return 0;
190 }
191
192 if (strcmp(var, "receive.denydeletecurrent") == 0) {
193 deny_delete_current = parse_deny_action(var, value);
194 return 0;
195 }
196
197 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
198 prefer_ofs_delta = git_config_bool(var, value);
199 return 0;
200 }
201
202 if (strcmp(var, "receive.updateserverinfo") == 0) {
203 auto_update_server_info = git_config_bool(var, value);
204 return 0;
205 }
206
207 if (strcmp(var, "receive.autogc") == 0) {
208 auto_gc = git_config_bool(var, value);
209 return 0;
210 }
211
212 if (strcmp(var, "receive.shallowupdate") == 0) {
213 shallow_update = git_config_bool(var, value);
214 return 0;
215 }
216
217 if (strcmp(var, "receive.certnonceseed") == 0)
218 return git_config_string(&cert_nonce_seed, var, value);
219
220 if (strcmp(var, "receive.certnonceslop") == 0) {
221 nonce_stamp_slop_limit = git_config_ulong(var, value);
222 return 0;
223 }
224
225 if (strcmp(var, "receive.advertiseatomic") == 0) {
226 advertise_atomic_push = git_config_bool(var, value);
227 return 0;
228 }
229
230 if (strcmp(var, "receive.advertisepushoptions") == 0) {
231 advertise_push_options = git_config_bool(var, value);
232 return 0;
233 }
234
235 if (strcmp(var, "receive.keepalive") == 0) {
236 keepalive_in_sec = git_config_int(var, value);
237 return 0;
238 }
239
240 if (strcmp(var, "receive.maxinputsize") == 0) {
241 max_input_size = git_config_int64(var, value);
242 return 0;
243 }
244
245 if (strcmp(var, "receive.procreceiverefs") == 0) {
246 if (!value)
247 return config_error_nonbool(var);
248 proc_receive_ref_append(value);
249 return 0;
250 }
251
252 if (strcmp(var, "transfer.advertisesid") == 0) {
253 advertise_sid = git_config_bool(var, value);
254 return 0;
255 }
256
257 return git_default_config(var, value, cb);
258 }
259
260 static void show_ref(const char *path, const struct object_id *oid)
261 {
262 if (sent_capabilities) {
263 packet_write_fmt(1, "%s %s\n", oid_to_hex(oid), path);
264 } else {
265 struct strbuf cap = STRBUF_INIT;
266
267 strbuf_addstr(&cap,
268 "report-status report-status-v2 delete-refs side-band-64k quiet");
269 if (advertise_atomic_push)
270 strbuf_addstr(&cap, " atomic");
271 if (prefer_ofs_delta)
272 strbuf_addstr(&cap, " ofs-delta");
273 if (push_cert_nonce)
274 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
275 if (advertise_push_options)
276 strbuf_addstr(&cap, " push-options");
277 if (advertise_sid)
278 strbuf_addf(&cap, " session-id=%s", trace2_session_id());
279 strbuf_addf(&cap, " object-format=%s", the_hash_algo->name);
280 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
281 packet_write_fmt(1, "%s %s%c%s\n",
282 oid_to_hex(oid), path, 0, cap.buf);
283 strbuf_release(&cap);
284 sent_capabilities = 1;
285 }
286 }
287
288 static int show_ref_cb(const char *path_full, const struct object_id *oid,
289 int flag, void *data)
290 {
291 struct oidset *seen = data;
292 const char *path = strip_namespace(path_full);
293
294 if (ref_is_hidden(path, path_full))
295 return 0;
296
297 /*
298 * Advertise refs outside our current namespace as ".have"
299 * refs, so that the client can use them to minimize data
300 * transfer but will otherwise ignore them.
301 */
302 if (!path) {
303 if (oidset_insert(seen, oid))
304 return 0;
305 path = ".have";
306 } else {
307 oidset_insert(seen, oid);
308 }
309 show_ref(path, oid);
310 return 0;
311 }
312
313 static void show_one_alternate_ref(const struct object_id *oid,
314 void *data)
315 {
316 struct oidset *seen = data;
317
318 if (oidset_insert(seen, oid))
319 return;
320
321 show_ref(".have", oid);
322 }
323
324 static void write_head_info(void)
325 {
326 static struct oidset seen = OIDSET_INIT;
327
328 for_each_ref(show_ref_cb, &seen);
329 for_each_alternate_ref(show_one_alternate_ref, &seen);
330 oidset_clear(&seen);
331 if (!sent_capabilities)
332 show_ref("capabilities^{}", &null_oid);
333
334 advertise_shallow_grafts(1);
335
336 /* EOF */
337 packet_flush(1);
338 }
339
340 #define RUN_PROC_RECEIVE_SCHEDULED 1
341 #define RUN_PROC_RECEIVE_RETURNED 2
342 struct command {
343 struct command *next;
344 const char *error_string;
345 struct ref_push_report *report;
346 unsigned int skip_update:1,
347 did_not_exist:1,
348 run_proc_receive:2;
349 int index;
350 struct object_id old_oid;
351 struct object_id new_oid;
352 char ref_name[FLEX_ARRAY]; /* more */
353 };
354
355 static void proc_receive_ref_append(const char *prefix)
356 {
357 struct proc_receive_ref *ref_pattern;
358 char *p;
359 int len;
360
361 CALLOC_ARRAY(ref_pattern, 1);
362 p = strchr(prefix, ':');
363 if (p) {
364 while (prefix < p) {
365 if (*prefix == 'a')
366 ref_pattern->want_add = 1;
367 else if (*prefix == 'd')
368 ref_pattern->want_delete = 1;
369 else if (*prefix == 'm')
370 ref_pattern->want_modify = 1;
371 else if (*prefix == '!')
372 ref_pattern->negative_ref = 1;
373 prefix++;
374 }
375 prefix++;
376 } else {
377 ref_pattern->want_add = 1;
378 ref_pattern->want_delete = 1;
379 ref_pattern->want_modify = 1;
380 }
381 len = strlen(prefix);
382 while (len && prefix[len - 1] == '/')
383 len--;
384 ref_pattern->ref_prefix = xmemdupz(prefix, len);
385 if (!proc_receive_ref) {
386 proc_receive_ref = ref_pattern;
387 } else {
388 struct proc_receive_ref *end;
389
390 end = proc_receive_ref;
391 while (end->next)
392 end = end->next;
393 end->next = ref_pattern;
394 }
395 }
396
397 static int proc_receive_ref_matches(struct command *cmd)
398 {
399 struct proc_receive_ref *p;
400
401 if (!proc_receive_ref)
402 return 0;
403
404 for (p = proc_receive_ref; p; p = p->next) {
405 const char *match = p->ref_prefix;
406 const char *remains;
407
408 if (!p->want_add && is_null_oid(&cmd->old_oid))
409 continue;
410 else if (!p->want_delete && is_null_oid(&cmd->new_oid))
411 continue;
412 else if (!p->want_modify &&
413 !is_null_oid(&cmd->old_oid) &&
414 !is_null_oid(&cmd->new_oid))
415 continue;
416
417 if (skip_prefix(cmd->ref_name, match, &remains) &&
418 (!*remains || *remains == '/')) {
419 if (!p->negative_ref)
420 return 1;
421 } else if (p->negative_ref) {
422 return 1;
423 }
424 }
425 return 0;
426 }
427
428 static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
429 static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
430
431 static void report_message(const char *prefix, const char *err, va_list params)
432 {
433 int sz;
434 char msg[4096];
435
436 sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
437 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
438 if (sz > (sizeof(msg) - 1))
439 sz = sizeof(msg) - 1;
440 msg[sz++] = '\n';
441
442 if (use_sideband)
443 send_sideband(1, 2, msg, sz, use_sideband);
444 else
445 xwrite(2, msg, sz);
446 }
447
448 static void rp_warning(const char *err, ...)
449 {
450 va_list params;
451 va_start(params, err);
452 report_message("warning: ", err, params);
453 va_end(params);
454 }
455
456 static void rp_error(const char *err, ...)
457 {
458 va_list params;
459 va_start(params, err);
460 report_message("error: ", err, params);
461 va_end(params);
462 }
463
464 static int copy_to_sideband(int in, int out, void *arg)
465 {
466 char data[128];
467 int keepalive_active = 0;
468
469 if (keepalive_in_sec <= 0)
470 use_keepalive = KEEPALIVE_NEVER;
471 if (use_keepalive == KEEPALIVE_ALWAYS)
472 keepalive_active = 1;
473
474 while (1) {
475 ssize_t sz;
476
477 if (keepalive_active) {
478 struct pollfd pfd;
479 int ret;
480
481 pfd.fd = in;
482 pfd.events = POLLIN;
483 ret = poll(&pfd, 1, 1000 * keepalive_in_sec);
484
485 if (ret < 0) {
486 if (errno == EINTR)
487 continue;
488 else
489 break;
490 } else if (ret == 0) {
491 /* no data; send a keepalive packet */
492 static const char buf[] = "0005\1";
493 write_or_die(1, buf, sizeof(buf) - 1);
494 continue;
495 } /* else there is actual data to read */
496 }
497
498 sz = xread(in, data, sizeof(data));
499 if (sz <= 0)
500 break;
501
502 if (use_keepalive == KEEPALIVE_AFTER_NUL && !keepalive_active) {
503 const char *p = memchr(data, '\0', sz);
504 if (p) {
505 /*
506 * The NUL tells us to start sending keepalives. Make
507 * sure we send any other data we read along
508 * with it.
509 */
510 keepalive_active = 1;
511 send_sideband(1, 2, data, p - data, use_sideband);
512 send_sideband(1, 2, p + 1, sz - (p - data + 1), use_sideband);
513 continue;
514 }
515 }
516
517 /*
518 * Either we're not looking for a NUL signal, or we didn't see
519 * it yet; just pass along the data.
520 */
521 send_sideband(1, 2, data, sz, use_sideband);
522 }
523 close(in);
524 return 0;
525 }
526
527 static void hmac_hash(unsigned char *out,
528 const char *key_in, size_t key_len,
529 const char *text, size_t text_len)
530 {
531 unsigned char key[GIT_MAX_BLKSZ];
532 unsigned char k_ipad[GIT_MAX_BLKSZ];
533 unsigned char k_opad[GIT_MAX_BLKSZ];
534 int i;
535 git_hash_ctx ctx;
536
537 /* RFC 2104 2. (1) */
538 memset(key, '\0', GIT_MAX_BLKSZ);
539 if (the_hash_algo->blksz < key_len) {
540 the_hash_algo->init_fn(&ctx);
541 the_hash_algo->update_fn(&ctx, key_in, key_len);
542 the_hash_algo->final_fn(key, &ctx);
543 } else {
544 memcpy(key, key_in, key_len);
545 }
546
547 /* RFC 2104 2. (2) & (5) */
548 for (i = 0; i < sizeof(key); i++) {
549 k_ipad[i] = key[i] ^ 0x36;
550 k_opad[i] = key[i] ^ 0x5c;
551 }
552
553 /* RFC 2104 2. (3) & (4) */
554 the_hash_algo->init_fn(&ctx);
555 the_hash_algo->update_fn(&ctx, k_ipad, sizeof(k_ipad));
556 the_hash_algo->update_fn(&ctx, text, text_len);
557 the_hash_algo->final_fn(out, &ctx);
558
559 /* RFC 2104 2. (6) & (7) */
560 the_hash_algo->init_fn(&ctx);
561 the_hash_algo->update_fn(&ctx, k_opad, sizeof(k_opad));
562 the_hash_algo->update_fn(&ctx, out, the_hash_algo->rawsz);
563 the_hash_algo->final_fn(out, &ctx);
564 }
565
566 static char *prepare_push_cert_nonce(const char *path, timestamp_t stamp)
567 {
568 struct strbuf buf = STRBUF_INIT;
569 unsigned char hash[GIT_MAX_RAWSZ];
570
571 strbuf_addf(&buf, "%s:%"PRItime, path, stamp);
572 hmac_hash(hash, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));
573 strbuf_release(&buf);
574
575 /* RFC 2104 5. HMAC-SHA1 or HMAC-SHA256 */
576 strbuf_addf(&buf, "%"PRItime"-%.*s", stamp, (int)the_hash_algo->hexsz, hash_to_hex(hash));
577 return strbuf_detach(&buf, NULL);
578 }
579
580 /*
581 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
582 * after dropping "_commit" from its name and possibly moving it out
583 * of commit.c
584 */
585 static char *find_header(const char *msg, size_t len, const char *key,
586 const char **next_line)
587 {
588 int key_len = strlen(key);
589 const char *line = msg;
590
591 while (line && line < msg + len) {
592 const char *eol = strchrnul(line, '\n');
593
594 if ((msg + len <= eol) || line == eol)
595 return NULL;
596 if (line + key_len < eol &&
597 !memcmp(line, key, key_len) && line[key_len] == ' ') {
598 int offset = key_len + 1;
599 if (next_line)
600 *next_line = *eol ? eol + 1 : eol;
601 return xmemdupz(line + offset, (eol - line) - offset);
602 }
603 line = *eol ? eol + 1 : NULL;
604 }
605 return NULL;
606 }
607
608 /*
609 * Return zero if a and b are equal up to n bytes and nonzero if they are not.
610 * This operation is guaranteed to run in constant time to avoid leaking data.
611 */
612 static int constant_memequal(const char *a, const char *b, size_t n)
613 {
614 int res = 0;
615 size_t i;
616
617 for (i = 0; i < n; i++)
618 res |= a[i] ^ b[i];
619 return res;
620 }
621
622 static const char *check_nonce(const char *buf, size_t len)
623 {
624 char *nonce = find_header(buf, len, "nonce", NULL);
625 timestamp_t stamp, ostamp;
626 char *bohmac, *expect = NULL;
627 const char *retval = NONCE_BAD;
628 size_t noncelen;
629
630 if (!nonce) {
631 retval = NONCE_MISSING;
632 goto leave;
633 } else if (!push_cert_nonce) {
634 retval = NONCE_UNSOLICITED;
635 goto leave;
636 } else if (!strcmp(push_cert_nonce, nonce)) {
637 retval = NONCE_OK;
638 goto leave;
639 }
640
641 if (!stateless_rpc) {
642 /* returned nonce MUST match what we gave out earlier */
643 retval = NONCE_BAD;
644 goto leave;
645 }
646
647 /*
648 * In stateless mode, we may be receiving a nonce issued by
649 * another instance of the server that serving the same
650 * repository, and the timestamps may not match, but the
651 * nonce-seed and dir should match, so we can recompute and
652 * report the time slop.
653 *
654 * In addition, when a nonce issued by another instance has
655 * timestamp within receive.certnonceslop seconds, we pretend
656 * as if we issued that nonce when reporting to the hook.
657 */
658
659 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
660 if (*nonce <= '0' || '9' < *nonce) {
661 retval = NONCE_BAD;
662 goto leave;
663 }
664 stamp = parse_timestamp(nonce, &bohmac, 10);
665 if (bohmac == nonce || bohmac[0] != '-') {
666 retval = NONCE_BAD;
667 goto leave;
668 }
669
670 noncelen = strlen(nonce);
671 expect = prepare_push_cert_nonce(service_dir, stamp);
672 if (noncelen != strlen(expect)) {
673 /* This is not even the right size. */
674 retval = NONCE_BAD;
675 goto leave;
676 }
677 if (constant_memequal(expect, nonce, noncelen)) {
678 /* Not what we would have signed earlier */
679 retval = NONCE_BAD;
680 goto leave;
681 }
682
683 /*
684 * By how many seconds is this nonce stale? Negative value
685 * would mean it was issued by another server with its clock
686 * skewed in the future.
687 */
688 ostamp = parse_timestamp(push_cert_nonce, NULL, 10);
689 nonce_stamp_slop = (long)ostamp - (long)stamp;
690
691 if (nonce_stamp_slop_limit &&
692 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
693 /*
694 * Pretend as if the received nonce (which passes the
695 * HMAC check, so it is not a forged by third-party)
696 * is what we issued.
697 */
698 free((void *)push_cert_nonce);
699 push_cert_nonce = xstrdup(nonce);
700 retval = NONCE_OK;
701 } else {
702 retval = NONCE_SLOP;
703 }
704
705 leave:
706 free(nonce);
707 free(expect);
708 return retval;
709 }
710
711 /*
712 * Return 1 if there is no push_cert or if the push options in push_cert are
713 * the same as those in the argument; 0 otherwise.
714 */
715 static int check_cert_push_options(const struct string_list *push_options)
716 {
717 const char *buf = push_cert.buf;
718 int len = push_cert.len;
719
720 char *option;
721 const char *next_line;
722 int options_seen = 0;
723
724 int retval = 1;
725
726 if (!len)
727 return 1;
728
729 while ((option = find_header(buf, len, "push-option", &next_line))) {
730 len -= (next_line - buf);
731 buf = next_line;
732 options_seen++;
733 if (options_seen > push_options->nr
734 || strcmp(option,
735 push_options->items[options_seen - 1].string)) {
736 retval = 0;
737 goto leave;
738 }
739 free(option);
740 }
741
742 if (options_seen != push_options->nr)
743 retval = 0;
744
745 leave:
746 free(option);
747 return retval;
748 }
749
750 static void prepare_push_cert_sha1(struct child_process *proc)
751 {
752 static int already_done;
753
754 if (!push_cert.len)
755 return;
756
757 if (!already_done) {
758 int bogs /* beginning_of_gpg_sig */;
759
760 already_done = 1;
761 if (write_object_file(push_cert.buf, push_cert.len, "blob",
762 &push_cert_oid))
763 oidclr(&push_cert_oid);
764
765 memset(&sigcheck, '\0', sizeof(sigcheck));
766
767 bogs = parse_signed_buffer(push_cert.buf, push_cert.len);
768 check_signature(push_cert.buf, bogs, push_cert.buf + bogs,
769 push_cert.len - bogs, &sigcheck);
770
771 nonce_status = check_nonce(push_cert.buf, bogs);
772 }
773 if (!is_null_oid(&push_cert_oid)) {
774 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT=%s",
775 oid_to_hex(&push_cert_oid));
776 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT_SIGNER=%s",
777 sigcheck.signer ? sigcheck.signer : "");
778 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT_KEY=%s",
779 sigcheck.key ? sigcheck.key : "");
780 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT_STATUS=%c",
781 sigcheck.result);
782 if (push_cert_nonce) {
783 strvec_pushf(&proc->env_array,
784 "GIT_PUSH_CERT_NONCE=%s",
785 push_cert_nonce);
786 strvec_pushf(&proc->env_array,
787 "GIT_PUSH_CERT_NONCE_STATUS=%s",
788 nonce_status);
789 if (nonce_status == NONCE_SLOP)
790 strvec_pushf(&proc->env_array,
791 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
792 nonce_stamp_slop);
793 }
794 }
795 }
796
797 struct receive_hook_feed_state {
798 struct command *cmd;
799 struct ref_push_report *report;
800 int skip_broken;
801 struct strbuf buf;
802 const struct string_list *push_options;
803 };
804
805 typedef int (*feed_fn)(void *, const char **, size_t *);
806 static int run_and_feed_hook(const char *hook_name, feed_fn feed,
807 struct receive_hook_feed_state *feed_state)
808 {
809 struct child_process proc = CHILD_PROCESS_INIT;
810 struct async muxer;
811 const char *argv[2];
812 int code;
813
814 argv[0] = find_hook(hook_name);
815 if (!argv[0])
816 return 0;
817
818 argv[1] = NULL;
819
820 proc.argv = argv;
821 proc.in = -1;
822 proc.stdout_to_stderr = 1;
823 proc.trace2_hook_name = hook_name;
824
825 if (feed_state->push_options) {
826 int i;
827 for (i = 0; i < feed_state->push_options->nr; i++)
828 strvec_pushf(&proc.env_array,
829 "GIT_PUSH_OPTION_%d=%s", i,
830 feed_state->push_options->items[i].string);
831 strvec_pushf(&proc.env_array, "GIT_PUSH_OPTION_COUNT=%d",
832 feed_state->push_options->nr);
833 } else
834 strvec_pushf(&proc.env_array, "GIT_PUSH_OPTION_COUNT");
835
836 if (tmp_objdir)
837 strvec_pushv(&proc.env_array, tmp_objdir_env(tmp_objdir));
838
839 if (use_sideband) {
840 memset(&muxer, 0, sizeof(muxer));
841 muxer.proc = copy_to_sideband;
842 muxer.in = -1;
843 code = start_async(&muxer);
844 if (code)
845 return code;
846 proc.err = muxer.in;
847 }
848
849 prepare_push_cert_sha1(&proc);
850
851 code = start_command(&proc);
852 if (code) {
853 if (use_sideband)
854 finish_async(&muxer);
855 return code;
856 }
857
858 sigchain_push(SIGPIPE, SIG_IGN);
859
860 while (1) {
861 const char *buf;
862 size_t n;
863 if (feed(feed_state, &buf, &n))
864 break;
865 if (write_in_full(proc.in, buf, n) < 0)
866 break;
867 }
868 close(proc.in);
869 if (use_sideband)
870 finish_async(&muxer);
871
872 sigchain_pop(SIGPIPE);
873
874 return finish_command(&proc);
875 }
876
877 static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
878 {
879 struct receive_hook_feed_state *state = state_;
880 struct command *cmd = state->cmd;
881
882 while (cmd &&
883 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
884 cmd = cmd->next;
885 if (!cmd)
886 return -1; /* EOF */
887 if (!bufp)
888 return 0; /* OK, can feed something. */
889 strbuf_reset(&state->buf);
890 if (!state->report)
891 state->report = cmd->report;
892 if (state->report) {
893 struct object_id *old_oid;
894 struct object_id *new_oid;
895 const char *ref_name;
896
897 old_oid = state->report->old_oid ? state->report->old_oid : &cmd->old_oid;
898 new_oid = state->report->new_oid ? state->report->new_oid : &cmd->new_oid;
899 ref_name = state->report->ref_name ? state->report->ref_name : cmd->ref_name;
900 strbuf_addf(&state->buf, "%s %s %s\n",
901 oid_to_hex(old_oid), oid_to_hex(new_oid),
902 ref_name);
903 state->report = state->report->next;
904 if (!state->report)
905 state->cmd = cmd->next;
906 } else {
907 strbuf_addf(&state->buf, "%s %s %s\n",
908 oid_to_hex(&cmd->old_oid), oid_to_hex(&cmd->new_oid),
909 cmd->ref_name);
910 state->cmd = cmd->next;
911 }
912 if (bufp) {
913 *bufp = state->buf.buf;
914 *sizep = state->buf.len;
915 }
916 return 0;
917 }
918
919 static int run_receive_hook(struct command *commands,
920 const char *hook_name,
921 int skip_broken,
922 const struct string_list *push_options)
923 {
924 struct receive_hook_feed_state state;
925 int status;
926
927 strbuf_init(&state.buf, 0);
928 state.cmd = commands;
929 state.skip_broken = skip_broken;
930 state.report = NULL;
931 if (feed_receive_hook(&state, NULL, NULL))
932 return 0;
933 state.cmd = commands;
934 state.push_options = push_options;
935 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
936 strbuf_release(&state.buf);
937 return status;
938 }
939
940 static int run_update_hook(struct command *cmd)
941 {
942 const char *argv[5];
943 struct child_process proc = CHILD_PROCESS_INIT;
944 int code;
945
946 argv[0] = find_hook("update");
947 if (!argv[0])
948 return 0;
949
950 argv[1] = cmd->ref_name;
951 argv[2] = oid_to_hex(&cmd->old_oid);
952 argv[3] = oid_to_hex(&cmd->new_oid);
953 argv[4] = NULL;
954
955 proc.no_stdin = 1;
956 proc.stdout_to_stderr = 1;
957 proc.err = use_sideband ? -1 : 0;
958 proc.argv = argv;
959 proc.trace2_hook_name = "update";
960
961 code = start_command(&proc);
962 if (code)
963 return code;
964 if (use_sideband)
965 copy_to_sideband(proc.err, -1, NULL);
966 return finish_command(&proc);
967 }
968
969 static struct command *find_command_by_refname(struct command *list,
970 const char *refname)
971 {
972 for (; list; list = list->next)
973 if (!strcmp(list->ref_name, refname))
974 return list;
975 return NULL;
976 }
977
978 static int read_proc_receive_report(struct packet_reader *reader,
979 struct command *commands,
980 struct strbuf *errmsg)
981 {
982 struct command *cmd;
983 struct command *hint = NULL;
984 struct ref_push_report *report = NULL;
985 int new_report = 0;
986 int code = 0;
987 int once = 0;
988 int response = 0;
989
990 for (;;) {
991 struct object_id old_oid, new_oid;
992 const char *head;
993 const char *refname;
994 char *p;
995 enum packet_read_status status;
996
997 status = packet_reader_read(reader);
998 if (status != PACKET_READ_NORMAL) {
999 /* Check whether proc-receive exited abnormally */
1000 if (status == PACKET_READ_EOF && !response) {
1001 strbuf_addstr(errmsg, "proc-receive exited abnormally");
1002 return -1;
1003 }
1004 break;
1005 }
1006 response++;
1007
1008 head = reader->line;
1009 p = strchr(head, ' ');
1010 if (!p) {
1011 strbuf_addf(errmsg, "proc-receive reported incomplete status line: '%s'\n", head);
1012 code = -1;
1013 continue;
1014 }
1015 *p++ = '\0';
1016 if (!strcmp(head, "option")) {
1017 const char *key, *val;
1018
1019 if (!hint || !(report || new_report)) {
1020 if (!once++)
1021 strbuf_addstr(errmsg, "proc-receive reported 'option' without a matching 'ok/ng' directive\n");
1022 code = -1;
1023 continue;
1024 }
1025 if (new_report) {
1026 if (!hint->report) {
1027 CALLOC_ARRAY(hint->report, 1);
1028 report = hint->report;
1029 } else {
1030 report = hint->report;
1031 while (report->next)
1032 report = report->next;
1033 report->next = xcalloc(1, sizeof(struct ref_push_report));
1034 report = report->next;
1035 }
1036 new_report = 0;
1037 }
1038 key = p;
1039 p = strchr(key, ' ');
1040 if (p)
1041 *p++ = '\0';
1042 val = p;
1043 if (!strcmp(key, "refname"))
1044 report->ref_name = xstrdup_or_null(val);
1045 else if (!strcmp(key, "old-oid") && val &&
1046 !parse_oid_hex(val, &old_oid, &val))
1047 report->old_oid = oiddup(&old_oid);
1048 else if (!strcmp(key, "new-oid") && val &&
1049 !parse_oid_hex(val, &new_oid, &val))
1050 report->new_oid = oiddup(&new_oid);
1051 else if (!strcmp(key, "forced-update"))
1052 report->forced_update = 1;
1053 else if (!strcmp(key, "fall-through"))
1054 /* Fall through, let 'receive-pack' to execute it. */
1055 hint->run_proc_receive = 0;
1056 continue;
1057 }
1058
1059 report = NULL;
1060 new_report = 0;
1061 refname = p;
1062 p = strchr(refname, ' ');
1063 if (p)
1064 *p++ = '\0';
1065 if (strcmp(head, "ok") && strcmp(head, "ng")) {
1066 strbuf_addf(errmsg, "proc-receive reported bad status '%s' on ref '%s'\n",
1067 head, refname);
1068 code = -1;
1069 continue;
1070 }
1071
1072 /* first try searching at our hint, falling back to all refs */
1073 if (hint)
1074 hint = find_command_by_refname(hint, refname);
1075 if (!hint)
1076 hint = find_command_by_refname(commands, refname);
1077 if (!hint) {
1078 strbuf_addf(errmsg, "proc-receive reported status on unknown ref: %s\n",
1079 refname);
1080 code = -1;
1081 continue;
1082 }
1083 if (!hint->run_proc_receive) {
1084 strbuf_addf(errmsg, "proc-receive reported status on unexpected ref: %s\n",
1085 refname);
1086 code = -1;
1087 continue;
1088 }
1089 hint->run_proc_receive |= RUN_PROC_RECEIVE_RETURNED;
1090 if (!strcmp(head, "ng")) {
1091 if (p)
1092 hint->error_string = xstrdup(p);
1093 else
1094 hint->error_string = "failed";
1095 code = -1;
1096 continue;
1097 }
1098 new_report = 1;
1099 }
1100
1101 for (cmd = commands; cmd; cmd = cmd->next)
1102 if (cmd->run_proc_receive && !cmd->error_string &&
1103 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED)) {
1104 cmd->error_string = "proc-receive failed to report status";
1105 code = -1;
1106 }
1107 return code;
1108 }
1109
1110 static int run_proc_receive_hook(struct command *commands,
1111 const struct string_list *push_options)
1112 {
1113 struct child_process proc = CHILD_PROCESS_INIT;
1114 struct async muxer;
1115 struct command *cmd;
1116 const char *argv[2];
1117 struct packet_reader reader;
1118 struct strbuf cap = STRBUF_INIT;
1119 struct strbuf errmsg = STRBUF_INIT;
1120 int hook_use_push_options = 0;
1121 int version = 0;
1122 int code;
1123
1124 argv[0] = find_hook("proc-receive");
1125 if (!argv[0]) {
1126 rp_error("cannot find hook 'proc-receive'");
1127 return -1;
1128 }
1129 argv[1] = NULL;
1130
1131 proc.argv = argv;
1132 proc.in = -1;
1133 proc.out = -1;
1134 proc.trace2_hook_name = "proc-receive";
1135
1136 if (use_sideband) {
1137 memset(&muxer, 0, sizeof(muxer));
1138 muxer.proc = copy_to_sideband;
1139 muxer.in = -1;
1140 code = start_async(&muxer);
1141 if (code)
1142 return code;
1143 proc.err = muxer.in;
1144 } else {
1145 proc.err = 0;
1146 }
1147
1148 code = start_command(&proc);
1149 if (code) {
1150 if (use_sideband)
1151 finish_async(&muxer);
1152 return code;
1153 }
1154
1155 sigchain_push(SIGPIPE, SIG_IGN);
1156
1157 /* Version negotiaton */
1158 packet_reader_init(&reader, proc.out, NULL, 0,
1159 PACKET_READ_CHOMP_NEWLINE |
1160 PACKET_READ_GENTLE_ON_EOF);
1161 if (use_atomic)
1162 strbuf_addstr(&cap, " atomic");
1163 if (use_push_options)
1164 strbuf_addstr(&cap, " push-options");
1165 if (cap.len) {
1166 code = packet_write_fmt_gently(proc.in, "version=1%c%s\n", '\0', cap.buf + 1);
1167 strbuf_release(&cap);
1168 } else {
1169 code = packet_write_fmt_gently(proc.in, "version=1\n");
1170 }
1171 if (!code)
1172 code = packet_flush_gently(proc.in);
1173
1174 if (!code)
1175 for (;;) {
1176 int linelen;
1177 enum packet_read_status status;
1178
1179 status = packet_reader_read(&reader);
1180 if (status != PACKET_READ_NORMAL) {
1181 /* Check whether proc-receive exited abnormally */
1182 if (status == PACKET_READ_EOF)
1183 code = -1;
1184 break;
1185 }
1186
1187 if (reader.pktlen > 8 && starts_with(reader.line, "version=")) {
1188 version = atoi(reader.line + 8);
1189 linelen = strlen(reader.line);
1190 if (linelen < reader.pktlen) {
1191 const char *feature_list = reader.line + linelen + 1;
1192 if (parse_feature_request(feature_list, "push-options"))
1193 hook_use_push_options = 1;
1194 }
1195 }
1196 }
1197
1198 if (code) {
1199 strbuf_addstr(&errmsg, "fail to negotiate version with proc-receive hook");
1200 goto cleanup;
1201 }
1202
1203 switch (version) {
1204 case 0:
1205 /* fallthrough */
1206 case 1:
1207 break;
1208 default:
1209 strbuf_addf(&errmsg, "proc-receive version '%d' is not supported",
1210 version);
1211 code = -1;
1212 goto cleanup;
1213 }
1214
1215 /* Send commands */
1216 for (cmd = commands; cmd; cmd = cmd->next) {
1217 if (!cmd->run_proc_receive || cmd->skip_update || cmd->error_string)
1218 continue;
1219 code = packet_write_fmt_gently(proc.in, "%s %s %s",
1220 oid_to_hex(&cmd->old_oid),
1221 oid_to_hex(&cmd->new_oid),
1222 cmd->ref_name);
1223 if (code)
1224 break;
1225 }
1226 if (!code)
1227 code = packet_flush_gently(proc.in);
1228 if (code) {
1229 strbuf_addstr(&errmsg, "fail to write commands to proc-receive hook");
1230 goto cleanup;
1231 }
1232
1233 /* Send push options */
1234 if (hook_use_push_options) {
1235 struct string_list_item *item;
1236
1237 for_each_string_list_item(item, push_options) {
1238 code = packet_write_fmt_gently(proc.in, "%s", item->string);
1239 if (code)
1240 break;
1241 }
1242 if (!code)
1243 code = packet_flush_gently(proc.in);
1244 if (code) {
1245 strbuf_addstr(&errmsg,
1246 "fail to write push-options to proc-receive hook");
1247 goto cleanup;
1248 }
1249 }
1250
1251 /* Read result from proc-receive */
1252 code = read_proc_receive_report(&reader, commands, &errmsg);
1253
1254 cleanup:
1255 close(proc.in);
1256 close(proc.out);
1257 if (use_sideband)
1258 finish_async(&muxer);
1259 if (finish_command(&proc))
1260 code = -1;
1261 if (errmsg.len >0) {
1262 char *p = errmsg.buf;
1263
1264 p += errmsg.len - 1;
1265 if (*p == '\n')
1266 *p = '\0';
1267 rp_error("%s", errmsg.buf);
1268 strbuf_release(&errmsg);
1269 }
1270 sigchain_pop(SIGPIPE);
1271
1272 return code;
1273 }
1274
1275 static char *refuse_unconfigured_deny_msg =
1276 N_("By default, updating the current branch in a non-bare repository\n"
1277 "is denied, because it will make the index and work tree inconsistent\n"
1278 "with what you pushed, and will require 'git reset --hard' to match\n"
1279 "the work tree to HEAD.\n"
1280 "\n"
1281 "You can set the 'receive.denyCurrentBranch' configuration variable\n"
1282 "to 'ignore' or 'warn' in the remote repository to allow pushing into\n"
1283 "its current branch; however, this is not recommended unless you\n"
1284 "arranged to update its work tree to match what you pushed in some\n"
1285 "other way.\n"
1286 "\n"
1287 "To squelch this message and still keep the default behaviour, set\n"
1288 "'receive.denyCurrentBranch' configuration variable to 'refuse'.");
1289
1290 static void refuse_unconfigured_deny(void)
1291 {
1292 rp_error("%s", _(refuse_unconfigured_deny_msg));
1293 }
1294
1295 static char *refuse_unconfigured_deny_delete_current_msg =
1296 N_("By default, deleting the current branch is denied, because the next\n"
1297 "'git clone' won't result in any file checked out, causing confusion.\n"
1298 "\n"
1299 "You can set 'receive.denyDeleteCurrent' configuration variable to\n"
1300 "'warn' or 'ignore' in the remote repository to allow deleting the\n"
1301 "current branch, with or without a warning message.\n"
1302 "\n"
1303 "To squelch this message, you can set it to 'refuse'.");
1304
1305 static void refuse_unconfigured_deny_delete_current(void)
1306 {
1307 rp_error("%s", _(refuse_unconfigured_deny_delete_current_msg));
1308 }
1309
1310 static int command_singleton_iterator(void *cb_data, struct object_id *oid);
1311 static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
1312 {
1313 struct shallow_lock shallow_lock = SHALLOW_LOCK_INIT;
1314 struct oid_array extra = OID_ARRAY_INIT;
1315 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1316 uint32_t mask = 1 << (cmd->index % 32);
1317 int i;
1318
1319 trace_printf_key(&trace_shallow,
1320 "shallow: update_shallow_ref %s\n", cmd->ref_name);
1321 for (i = 0; i < si->shallow->nr; i++)
1322 if (si->used_shallow[i] &&
1323 (si->used_shallow[i][cmd->index / 32] & mask) &&
1324 !delayed_reachability_test(si, i))
1325 oid_array_append(&extra, &si->shallow->oid[i]);
1326
1327 opt.env = tmp_objdir_env(tmp_objdir);
1328 setup_alternate_shallow(&shallow_lock, &opt.shallow_file, &extra);
1329 if (check_connected(command_singleton_iterator, cmd, &opt)) {
1330 rollback_shallow_file(the_repository, &shallow_lock);
1331 oid_array_clear(&extra);
1332 return -1;
1333 }
1334
1335 commit_shallow_file(the_repository, &shallow_lock);
1336
1337 /*
1338 * Make sure setup_alternate_shallow() for the next ref does
1339 * not lose these new roots..
1340 */
1341 for (i = 0; i < extra.nr; i++)
1342 register_shallow(the_repository, &extra.oid[i]);
1343
1344 si->shallow_ref[cmd->index] = 0;
1345 oid_array_clear(&extra);
1346 return 0;
1347 }
1348
1349 /*
1350 * NEEDSWORK: we should consolidate various implementions of "are we
1351 * on an unborn branch?" test into one, and make the unified one more
1352 * robust. !get_sha1() based check used here and elsewhere would not
1353 * allow us to tell an unborn branch from corrupt ref, for example.
1354 * For the purpose of fixing "deploy-to-update does not work when
1355 * pushing into an empty repository" issue, this should suffice for
1356 * now.
1357 */
1358 static int head_has_history(void)
1359 {
1360 struct object_id oid;
1361
1362 return !get_oid("HEAD", &oid);
1363 }
1364
1365 static const char *push_to_deploy(unsigned char *sha1,
1366 struct strvec *env,
1367 const char *work_tree)
1368 {
1369 const char *update_refresh[] = {
1370 "update-index", "-q", "--ignore-submodules", "--refresh", NULL
1371 };
1372 const char *diff_files[] = {
1373 "diff-files", "--quiet", "--ignore-submodules", "--", NULL
1374 };
1375 const char *diff_index[] = {
1376 "diff-index", "--quiet", "--cached", "--ignore-submodules",
1377 NULL, "--", NULL
1378 };
1379 const char *read_tree[] = {
1380 "read-tree", "-u", "-m", NULL, NULL
1381 };
1382 struct child_process child = CHILD_PROCESS_INIT;
1383
1384 child.argv = update_refresh;
1385 child.env = env->v;
1386 child.dir = work_tree;
1387 child.no_stdin = 1;
1388 child.stdout_to_stderr = 1;
1389 child.git_cmd = 1;
1390 if (run_command(&child))
1391 return "Up-to-date check failed";
1392
1393 /* run_command() does not clean up completely; reinitialize */
1394 child_process_init(&child);
1395 child.argv = diff_files;
1396 child.env = env->v;
1397 child.dir = work_tree;
1398 child.no_stdin = 1;
1399 child.stdout_to_stderr = 1;
1400 child.git_cmd = 1;
1401 if (run_command(&child))
1402 return "Working directory has unstaged changes";
1403
1404 /* diff-index with either HEAD or an empty tree */
1405 diff_index[4] = head_has_history() ? "HEAD" : empty_tree_oid_hex();
1406
1407 child_process_init(&child);
1408 child.argv = diff_index;
1409 child.env = env->v;
1410 child.no_stdin = 1;
1411 child.no_stdout = 1;
1412 child.stdout_to_stderr = 0;
1413 child.git_cmd = 1;
1414 if (run_command(&child))
1415 return "Working directory has staged changes";
1416
1417 read_tree[3] = hash_to_hex(sha1);
1418 child_process_init(&child);
1419 child.argv = read_tree;
1420 child.env = env->v;
1421 child.dir = work_tree;
1422 child.no_stdin = 1;
1423 child.no_stdout = 1;
1424 child.stdout_to_stderr = 0;
1425 child.git_cmd = 1;
1426 if (run_command(&child))
1427 return "Could not update working tree to new HEAD";
1428
1429 return NULL;
1430 }
1431
1432 static const char *push_to_checkout_hook = "push-to-checkout";
1433
1434 static const char *push_to_checkout(unsigned char *hash,
1435 struct strvec *env,
1436 const char *work_tree)
1437 {
1438 strvec_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
1439 if (run_hook_le(env->v, push_to_checkout_hook,
1440 hash_to_hex(hash), NULL))
1441 return "push-to-checkout hook declined";
1442 else
1443 return NULL;
1444 }
1445
1446 static const char *update_worktree(unsigned char *sha1, const struct worktree *worktree)
1447 {
1448 const char *retval, *work_tree, *git_dir = NULL;
1449 struct strvec env = STRVEC_INIT;
1450
1451 if (worktree && worktree->path)
1452 work_tree = worktree->path;
1453 else if (git_work_tree_cfg)
1454 work_tree = git_work_tree_cfg;
1455 else
1456 work_tree = "..";
1457
1458 if (is_bare_repository())
1459 return "denyCurrentBranch = updateInstead needs a worktree";
1460 if (worktree)
1461 git_dir = get_worktree_git_dir(worktree);
1462 if (!git_dir)
1463 git_dir = get_git_dir();
1464
1465 strvec_pushf(&env, "GIT_DIR=%s", absolute_path(git_dir));
1466
1467 if (!find_hook(push_to_checkout_hook))
1468 retval = push_to_deploy(sha1, &env, work_tree);
1469 else
1470 retval = push_to_checkout(sha1, &env, work_tree);
1471
1472 strvec_clear(&env);
1473 return retval;
1474 }
1475
1476 static const char *update(struct command *cmd, struct shallow_info *si)
1477 {
1478 const char *name = cmd->ref_name;
1479 struct strbuf namespaced_name_buf = STRBUF_INIT;
1480 static char *namespaced_name;
1481 const char *ret;
1482 struct object_id *old_oid = &cmd->old_oid;
1483 struct object_id *new_oid = &cmd->new_oid;
1484 int do_update_worktree = 0;
1485 const struct worktree *worktree = is_bare_repository() ? NULL : find_shared_symref("HEAD", name);
1486
1487 /* only refs/... are allowed */
1488 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
1489 rp_error("refusing to create funny ref '%s' remotely", name);
1490 return "funny refname";
1491 }
1492
1493 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
1494 free(namespaced_name);
1495 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
1496
1497 if (worktree) {
1498 switch (deny_current_branch) {
1499 case DENY_IGNORE:
1500 break;
1501 case DENY_WARN:
1502 rp_warning("updating the current branch");
1503 break;
1504 case DENY_REFUSE:
1505 case DENY_UNCONFIGURED:
1506 rp_error("refusing to update checked out branch: %s", name);
1507 if (deny_current_branch == DENY_UNCONFIGURED)
1508 refuse_unconfigured_deny();
1509 return "branch is currently checked out";
1510 case DENY_UPDATE_INSTEAD:
1511 /* pass -- let other checks intervene first */
1512 do_update_worktree = 1;
1513 break;
1514 }
1515 }
1516
1517 if (!is_null_oid(new_oid) && !has_object_file(new_oid)) {
1518 error("unpack should have generated %s, "
1519 "but I can't find it!", oid_to_hex(new_oid));
1520 return "bad pack";
1521 }
1522
1523 if (!is_null_oid(old_oid) && is_null_oid(new_oid)) {
1524 if (deny_deletes && starts_with(name, "refs/heads/")) {
1525 rp_error("denying ref deletion for %s", name);
1526 return "deletion prohibited";
1527 }
1528
1529 if (worktree || (head_name && !strcmp(namespaced_name, head_name))) {
1530 switch (deny_delete_current) {
1531 case DENY_IGNORE:
1532 break;
1533 case DENY_WARN:
1534 rp_warning("deleting the current branch");
1535 break;
1536 case DENY_REFUSE:
1537 case DENY_UNCONFIGURED:
1538 case DENY_UPDATE_INSTEAD:
1539 if (deny_delete_current == DENY_UNCONFIGURED)
1540 refuse_unconfigured_deny_delete_current();
1541 rp_error("refusing to delete the current branch: %s", name);
1542 return "deletion of the current branch prohibited";
1543 default:
1544 return "Invalid denyDeleteCurrent setting";
1545 }
1546 }
1547 }
1548
1549 if (deny_non_fast_forwards && !is_null_oid(new_oid) &&
1550 !is_null_oid(old_oid) &&
1551 starts_with(name, "refs/heads/")) {
1552 struct object *old_object, *new_object;
1553 struct commit *old_commit, *new_commit;
1554
1555 old_object = parse_object(the_repository, old_oid);
1556 new_object = parse_object(the_repository, new_oid);
1557
1558 if (!old_object || !new_object ||
1559 old_object->type != OBJ_COMMIT ||
1560 new_object->type != OBJ_COMMIT) {
1561 error("bad sha1 objects for %s", name);
1562 return "bad ref";
1563 }
1564 old_commit = (struct commit *)old_object;
1565 new_commit = (struct commit *)new_object;
1566 if (!in_merge_bases(old_commit, new_commit)) {
1567 rp_error("denying non-fast-forward %s"
1568 " (you should pull first)", name);
1569 return "non-fast-forward";
1570 }
1571 }
1572 if (run_update_hook(cmd)) {
1573 rp_error("hook declined to update %s", name);
1574 return "hook declined";
1575 }
1576
1577 if (do_update_worktree) {
1578 ret = update_worktree(new_oid->hash, find_shared_symref("HEAD", name));
1579 if (ret)
1580 return ret;
1581 }
1582
1583 if (is_null_oid(new_oid)) {
1584 struct strbuf err = STRBUF_INIT;
1585 if (!parse_object(the_repository, old_oid)) {
1586 old_oid = NULL;
1587 if (ref_exists(name)) {
1588 rp_warning("Allowing deletion of corrupt ref.");
1589 } else {
1590 rp_warning("Deleting a non-existent ref.");
1591 cmd->did_not_exist = 1;
1592 }
1593 }
1594 if (ref_transaction_delete(transaction,
1595 namespaced_name,
1596 old_oid,
1597 0, "push", &err)) {
1598 rp_error("%s", err.buf);
1599 strbuf_release(&err);
1600 return "failed to delete";
1601 }
1602 strbuf_release(&err);
1603 return NULL; /* good */
1604 }
1605 else {
1606 struct strbuf err = STRBUF_INIT;
1607 if (shallow_update && si->shallow_ref[cmd->index] &&
1608 update_shallow_ref(cmd, si))
1609 return "shallow error";
1610
1611 if (ref_transaction_update(transaction,
1612 namespaced_name,
1613 new_oid, old_oid,
1614 0, "push",
1615 &err)) {
1616 rp_error("%s", err.buf);
1617 strbuf_release(&err);
1618
1619 return "failed to update ref";
1620 }
1621 strbuf_release(&err);
1622
1623 return NULL; /* good */
1624 }
1625 }
1626
1627 static void run_update_post_hook(struct command *commands)
1628 {
1629 struct command *cmd;
1630 struct child_process proc = CHILD_PROCESS_INIT;
1631 const char *hook;
1632
1633 hook = find_hook("post-update");
1634 if (!hook)
1635 return;
1636
1637 for (cmd = commands; cmd; cmd = cmd->next) {
1638 if (cmd->error_string || cmd->did_not_exist)
1639 continue;
1640 if (!proc.args.nr)
1641 strvec_push(&proc.args, hook);
1642 strvec_push(&proc.args, cmd->ref_name);
1643 }
1644 if (!proc.args.nr)
1645 return;
1646
1647 proc.no_stdin = 1;
1648 proc.stdout_to_stderr = 1;
1649 proc.err = use_sideband ? -1 : 0;
1650 proc.trace2_hook_name = "post-update";
1651
1652 if (!start_command(&proc)) {
1653 if (use_sideband)
1654 copy_to_sideband(proc.err, -1, NULL);
1655 finish_command(&proc);
1656 }
1657 }
1658
1659 static void check_aliased_update_internal(struct command *cmd,
1660 struct string_list *list,
1661 const char *dst_name, int flag)
1662 {
1663 struct string_list_item *item;
1664 struct command *dst_cmd;
1665
1666 if (!(flag & REF_ISSYMREF))
1667 return;
1668
1669 if (!dst_name) {
1670 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1671 cmd->skip_update = 1;
1672 cmd->error_string = "broken symref";
1673 return;
1674 }
1675 dst_name = strip_namespace(dst_name);
1676
1677 if ((item = string_list_lookup(list, dst_name)) == NULL)
1678 return;
1679
1680 cmd->skip_update = 1;
1681
1682 dst_cmd = (struct command *) item->util;
1683
1684 if (oideq(&cmd->old_oid, &dst_cmd->old_oid) &&
1685 oideq(&cmd->new_oid, &dst_cmd->new_oid))
1686 return;
1687
1688 dst_cmd->skip_update = 1;
1689
1690 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1691 " its target '%s' (%s..%s)",
1692 cmd->ref_name,
1693 find_unique_abbrev(&cmd->old_oid, DEFAULT_ABBREV),
1694 find_unique_abbrev(&cmd->new_oid, DEFAULT_ABBREV),
1695 dst_cmd->ref_name,
1696 find_unique_abbrev(&dst_cmd->old_oid, DEFAULT_ABBREV),
1697 find_unique_abbrev(&dst_cmd->new_oid, DEFAULT_ABBREV));
1698
1699 cmd->error_string = dst_cmd->error_string =
1700 "inconsistent aliased update";
1701 }
1702
1703 static void check_aliased_update(struct command *cmd, struct string_list *list)
1704 {
1705 struct strbuf buf = STRBUF_INIT;
1706 const char *dst_name;
1707 int flag;
1708
1709 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1710 dst_name = resolve_ref_unsafe(buf.buf, 0, NULL, &flag);
1711 check_aliased_update_internal(cmd, list, dst_name, flag);
1712 strbuf_release(&buf);
1713 }
1714
1715 static void check_aliased_updates(struct command *commands)
1716 {
1717 struct command *cmd;
1718 struct string_list ref_list = STRING_LIST_INIT_NODUP;
1719
1720 for (cmd = commands; cmd; cmd = cmd->next) {
1721 struct string_list_item *item =
1722 string_list_append(&ref_list, cmd->ref_name);
1723 item->util = (void *)cmd;
1724 }
1725 string_list_sort(&ref_list);
1726
1727 for (cmd = commands; cmd; cmd = cmd->next) {
1728 if (!cmd->error_string)
1729 check_aliased_update(cmd, &ref_list);
1730 }
1731
1732 string_list_clear(&ref_list, 0);
1733 }
1734
1735 static int command_singleton_iterator(void *cb_data, struct object_id *oid)
1736 {
1737 struct command **cmd_list = cb_data;
1738 struct command *cmd = *cmd_list;
1739
1740 if (!cmd || is_null_oid(&cmd->new_oid))
1741 return -1; /* end of list */
1742 *cmd_list = NULL; /* this returns only one */
1743 oidcpy(oid, &cmd->new_oid);
1744 return 0;
1745 }
1746
1747 static void set_connectivity_errors(struct command *commands,
1748 struct shallow_info *si)
1749 {
1750 struct command *cmd;
1751
1752 for (cmd = commands; cmd; cmd = cmd->next) {
1753 struct command *singleton = cmd;
1754 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1755
1756 if (shallow_update && si->shallow_ref[cmd->index])
1757 /* to be checked in update_shallow_ref() */
1758 continue;
1759
1760 opt.env = tmp_objdir_env(tmp_objdir);
1761 if (!check_connected(command_singleton_iterator, &singleton,
1762 &opt))
1763 continue;
1764
1765 cmd->error_string = "missing necessary objects";
1766 }
1767 }
1768
1769 struct iterate_data {
1770 struct command *cmds;
1771 struct shallow_info *si;
1772 };
1773
1774 static int iterate_receive_command_list(void *cb_data, struct object_id *oid)
1775 {
1776 struct iterate_data *data = cb_data;
1777 struct command **cmd_list = &data->cmds;
1778 struct command *cmd = *cmd_list;
1779
1780 for (; cmd; cmd = cmd->next) {
1781 if (shallow_update && data->si->shallow_ref[cmd->index])
1782 /* to be checked in update_shallow_ref() */
1783 continue;
1784 if (!is_null_oid(&cmd->new_oid) && !cmd->skip_update) {
1785 oidcpy(oid, &cmd->new_oid);
1786 *cmd_list = cmd->next;
1787 return 0;
1788 }
1789 }
1790 *cmd_list = NULL;
1791 return -1; /* end of list */
1792 }
1793
1794 static void reject_updates_to_hidden(struct command *commands)
1795 {
1796 struct strbuf refname_full = STRBUF_INIT;
1797 size_t prefix_len;
1798 struct command *cmd;
1799
1800 strbuf_addstr(&refname_full, get_git_namespace());
1801 prefix_len = refname_full.len;
1802
1803 for (cmd = commands; cmd; cmd = cmd->next) {
1804 if (cmd->error_string)
1805 continue;
1806
1807 strbuf_setlen(&refname_full, prefix_len);
1808 strbuf_addstr(&refname_full, cmd->ref_name);
1809
1810 if (!ref_is_hidden(cmd->ref_name, refname_full.buf))
1811 continue;
1812 if (is_null_oid(&cmd->new_oid))
1813 cmd->error_string = "deny deleting a hidden ref";
1814 else
1815 cmd->error_string = "deny updating a hidden ref";
1816 }
1817
1818 strbuf_release(&refname_full);
1819 }
1820
1821 static int should_process_cmd(struct command *cmd)
1822 {
1823 return !cmd->error_string && !cmd->skip_update;
1824 }
1825
1826 static void warn_if_skipped_connectivity_check(struct command *commands,
1827 struct shallow_info *si)
1828 {
1829 struct command *cmd;
1830 int checked_connectivity = 1;
1831
1832 for (cmd = commands; cmd; cmd = cmd->next) {
1833 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index]) {
1834 error("BUG: connectivity check has not been run on ref %s",
1835 cmd->ref_name);
1836 checked_connectivity = 0;
1837 }
1838 }
1839 if (!checked_connectivity)
1840 BUG("connectivity check skipped???");
1841 }
1842
1843 static void execute_commands_non_atomic(struct command *commands,
1844 struct shallow_info *si)
1845 {
1846 struct command *cmd;
1847 struct strbuf err = STRBUF_INIT;
1848
1849 for (cmd = commands; cmd; cmd = cmd->next) {
1850 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
1851 continue;
1852
1853 transaction = ref_transaction_begin(&err);
1854 if (!transaction) {
1855 rp_error("%s", err.buf);
1856 strbuf_reset(&err);
1857 cmd->error_string = "transaction failed to start";
1858 continue;
1859 }
1860
1861 cmd->error_string = update(cmd, si);
1862
1863 if (!cmd->error_string
1864 && ref_transaction_commit(transaction, &err)) {
1865 rp_error("%s", err.buf);
1866 strbuf_reset(&err);
1867 cmd->error_string = "failed to update ref";
1868 }
1869 ref_transaction_free(transaction);
1870 }
1871 strbuf_release(&err);
1872 }
1873
1874 static void execute_commands_atomic(struct command *commands,
1875 struct shallow_info *si)
1876 {
1877 struct command *cmd;
1878 struct strbuf err = STRBUF_INIT;
1879 const char *reported_error = "atomic push failure";
1880
1881 transaction = ref_transaction_begin(&err);
1882 if (!transaction) {
1883 rp_error("%s", err.buf);
1884 strbuf_reset(&err);
1885 reported_error = "transaction failed to start";
1886 goto failure;
1887 }
1888
1889 for (cmd = commands; cmd; cmd = cmd->next) {
1890 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
1891 continue;
1892
1893 cmd->error_string = update(cmd, si);
1894
1895 if (cmd->error_string)
1896 goto failure;
1897 }
1898
1899 if (ref_transaction_commit(transaction, &err)) {
1900 rp_error("%s", err.buf);
1901 reported_error = "atomic transaction failed";
1902 goto failure;
1903 }
1904 goto cleanup;
1905
1906 failure:
1907 for (cmd = commands; cmd; cmd = cmd->next)
1908 if (!cmd->error_string)
1909 cmd->error_string = reported_error;
1910
1911 cleanup:
1912 ref_transaction_free(transaction);
1913 strbuf_release(&err);
1914 }
1915
1916 static void execute_commands(struct command *commands,
1917 const char *unpacker_error,
1918 struct shallow_info *si,
1919 const struct string_list *push_options)
1920 {
1921 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1922 struct command *cmd;
1923 struct iterate_data data;
1924 struct async muxer;
1925 int err_fd = 0;
1926 int run_proc_receive = 0;
1927
1928 if (unpacker_error) {
1929 for (cmd = commands; cmd; cmd = cmd->next)
1930 cmd->error_string = "unpacker error";
1931 return;
1932 }
1933
1934 if (use_sideband) {
1935 memset(&muxer, 0, sizeof(muxer));
1936 muxer.proc = copy_to_sideband;
1937 muxer.in = -1;
1938 if (!start_async(&muxer))
1939 err_fd = muxer.in;
1940 /* ...else, continue without relaying sideband */
1941 }
1942
1943 data.cmds = commands;
1944 data.si = si;
1945 opt.err_fd = err_fd;
1946 opt.progress = err_fd && !quiet;
1947 opt.env = tmp_objdir_env(tmp_objdir);
1948 if (check_connected(iterate_receive_command_list, &data, &opt))
1949 set_connectivity_errors(commands, si);
1950
1951 if (use_sideband)
1952 finish_async(&muxer);
1953
1954 reject_updates_to_hidden(commands);
1955
1956 /*
1957 * Try to find commands that have special prefix in their reference names,
1958 * and mark them to run an external "proc-receive" hook later.
1959 */
1960 if (proc_receive_ref) {
1961 for (cmd = commands; cmd; cmd = cmd->next) {
1962 if (!should_process_cmd(cmd))
1963 continue;
1964
1965 if (proc_receive_ref_matches(cmd)) {
1966 cmd->run_proc_receive = RUN_PROC_RECEIVE_SCHEDULED;
1967 run_proc_receive = 1;
1968 }
1969 }
1970 }
1971
1972 if (run_receive_hook(commands, "pre-receive", 0, push_options)) {
1973 for (cmd = commands; cmd; cmd = cmd->next) {
1974 if (!cmd->error_string)
1975 cmd->error_string = "pre-receive hook declined";
1976 }
1977 return;
1978 }
1979
1980 /*
1981 * Now we'll start writing out refs, which means the objects need
1982 * to be in their final positions so that other processes can see them.
1983 */
1984 if (tmp_objdir_migrate(tmp_objdir) < 0) {
1985 for (cmd = commands; cmd; cmd = cmd->next) {
1986 if (!cmd->error_string)
1987 cmd->error_string = "unable to migrate objects to permanent storage";
1988 }
1989 return;
1990 }
1991 tmp_objdir = NULL;
1992
1993 check_aliased_updates(commands);
1994
1995 free(head_name_to_free);
1996 head_name = head_name_to_free = resolve_refdup("HEAD", 0, NULL, NULL);
1997
1998 if (run_proc_receive &&
1999 run_proc_receive_hook(commands, push_options))
2000 for (cmd = commands; cmd; cmd = cmd->next)
2001 if (!cmd->error_string &&
2002 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED) &&
2003 (cmd->run_proc_receive || use_atomic))
2004 cmd->error_string = "fail to run proc-receive hook";
2005
2006 if (use_atomic)
2007 execute_commands_atomic(commands, si);
2008 else
2009 execute_commands_non_atomic(commands, si);
2010
2011 if (shallow_update)
2012 warn_if_skipped_connectivity_check(commands, si);
2013 }
2014
2015 static struct command **queue_command(struct command **tail,
2016 const char *line,
2017 int linelen)
2018 {
2019 struct object_id old_oid, new_oid;
2020 struct command *cmd;
2021 const char *refname;
2022 int reflen;
2023 const char *p;
2024
2025 if (parse_oid_hex(line, &old_oid, &p) ||
2026 *p++ != ' ' ||
2027 parse_oid_hex(p, &new_oid, &p) ||
2028 *p++ != ' ')
2029 die("protocol error: expected old/new/ref, got '%s'", line);
2030
2031 refname = p;
2032 reflen = linelen - (p - line);
2033 FLEX_ALLOC_MEM(cmd, ref_name, refname, reflen);
2034 oidcpy(&cmd->old_oid, &old_oid);
2035 oidcpy(&cmd->new_oid, &new_oid);
2036 *tail = cmd;
2037 return &cmd->next;
2038 }
2039
2040 static void queue_commands_from_cert(struct command **tail,
2041 struct strbuf *push_cert)
2042 {
2043 const char *boc, *eoc;
2044
2045 if (*tail)
2046 die("protocol error: got both push certificate and unsigned commands");
2047
2048 boc = strstr(push_cert->buf, "\n\n");
2049 if (!boc)
2050 die("malformed push certificate %.*s", 100, push_cert->buf);
2051 else
2052 boc += 2;
2053 eoc = push_cert->buf + parse_signed_buffer(push_cert->buf, push_cert->len);
2054
2055 while (boc < eoc) {
2056 const char *eol = memchr(boc, '\n', eoc - boc);
2057 tail = queue_command(tail, boc, eol ? eol - boc : eoc - boc);
2058 boc = eol ? eol + 1 : eoc;
2059 }
2060 }
2061
2062 static struct command *read_head_info(struct packet_reader *reader,
2063 struct oid_array *shallow)
2064 {
2065 struct command *commands = NULL;
2066 struct command **p = &commands;
2067 for (;;) {
2068 int linelen;
2069
2070 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
2071 break;
2072
2073 if (reader->pktlen > 8 && starts_with(reader->line, "shallow ")) {
2074 struct object_id oid;
2075 if (get_oid_hex(reader->line + 8, &oid))
2076 die("protocol error: expected shallow sha, got '%s'",
2077 reader->line + 8);
2078 oid_array_append(shallow, &oid);
2079 continue;
2080 }
2081
2082 linelen = strlen(reader->line);
2083 if (linelen < reader->pktlen) {
2084 const char *feature_list = reader->line + linelen + 1;
2085 const char *hash = NULL;
2086 const char *client_sid;
2087 int len = 0;
2088 if (parse_feature_request(feature_list, "report-status"))
2089 report_status = 1;
2090 if (parse_feature_request(feature_list, "report-status-v2"))
2091 report_status_v2 = 1;
2092 if (parse_feature_request(feature_list, "side-band-64k"))
2093 use_sideband = LARGE_PACKET_MAX;
2094 if (parse_feature_request(feature_list, "quiet"))
2095 quiet = 1;
2096 if (advertise_atomic_push
2097 && parse_feature_request(feature_list, "atomic"))
2098 use_atomic = 1;
2099 if (advertise_push_options
2100 && parse_feature_request(feature_list, "push-options"))
2101 use_push_options = 1;
2102 hash = parse_feature_value(feature_list, "object-format", &len, NULL);
2103 if (!hash) {
2104 hash = hash_algos[GIT_HASH_SHA1].name;
2105 len = strlen(hash);
2106 }
2107 if (xstrncmpz(the_hash_algo->name, hash, len))
2108 die("error: unsupported object format '%s'", hash);
2109 client_sid = parse_feature_value(feature_list, "session-id", &len, NULL);
2110 if (client_sid) {
2111 char *sid = xstrndup(client_sid, len);
2112 trace2_data_string("transfer", NULL, "client-sid", client_sid);
2113 free(sid);
2114 }
2115 }
2116
2117 if (!strcmp(reader->line, "push-cert")) {
2118 int true_flush = 0;
2119 int saved_options = reader->options;
2120 reader->options &= ~PACKET_READ_CHOMP_NEWLINE;
2121
2122 for (;;) {
2123 packet_reader_read(reader);
2124 if (reader->status == PACKET_READ_FLUSH) {
2125 true_flush = 1;
2126 break;
2127 }
2128 if (reader->status != PACKET_READ_NORMAL) {
2129 die("protocol error: got an unexpected packet");
2130 }
2131 if (!strcmp(reader->line, "push-cert-end\n"))
2132 break; /* end of cert */
2133 strbuf_addstr(&push_cert, reader->line);
2134 }
2135 reader->options = saved_options;
2136
2137 if (true_flush)
2138 break;
2139 continue;
2140 }
2141
2142 p = queue_command(p, reader->line, linelen);
2143 }
2144
2145 if (push_cert.len)
2146 queue_commands_from_cert(p, &push_cert);
2147
2148 return commands;
2149 }
2150
2151 static void read_push_options(struct packet_reader *reader,
2152 struct string_list *options)
2153 {
2154 while (1) {
2155 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
2156 break;
2157
2158 string_list_append(options, reader->line);
2159 }
2160 }
2161
2162 static const char *parse_pack_header(struct pack_header *hdr)
2163 {
2164 switch (read_pack_header(0, hdr)) {
2165 case PH_ERROR_EOF:
2166 return "eof before pack header was fully read";
2167
2168 case PH_ERROR_PACK_SIGNATURE:
2169 return "protocol error (pack signature mismatch detected)";
2170
2171 case PH_ERROR_PROTOCOL:
2172 return "protocol error (pack version unsupported)";
2173
2174 default:
2175 return "unknown error in parse_pack_header";
2176
2177 case 0:
2178 return NULL;
2179 }
2180 }
2181
2182 static const char *pack_lockfile;
2183
2184 static void push_header_arg(struct strvec *args, struct pack_header *hdr)
2185 {
2186 strvec_pushf(args, "--pack_header=%"PRIu32",%"PRIu32,
2187 ntohl(hdr->hdr_version), ntohl(hdr->hdr_entries));
2188 }
2189
2190 static const char *unpack(int err_fd, struct shallow_info *si)
2191 {
2192 struct pack_header hdr;
2193 const char *hdr_err;
2194 int status;
2195 struct child_process child = CHILD_PROCESS_INIT;
2196 int fsck_objects = (receive_fsck_objects >= 0
2197 ? receive_fsck_objects
2198 : transfer_fsck_objects >= 0
2199 ? transfer_fsck_objects
2200 : 0);
2201
2202 hdr_err = parse_pack_header(&hdr);
2203 if (hdr_err) {
2204 if (err_fd > 0)
2205 close(err_fd);
2206 return hdr_err;
2207 }
2208
2209 if (si->nr_ours || si->nr_theirs) {
2210 alt_shallow_file = setup_temporary_shallow(si->shallow);
2211 strvec_push(&child.args, "--shallow-file");
2212 strvec_push(&child.args, alt_shallow_file);
2213 }
2214
2215 tmp_objdir = tmp_objdir_create();
2216 if (!tmp_objdir) {
2217 if (err_fd > 0)
2218 close(err_fd);
2219 return "unable to create temporary object directory";
2220 }
2221 child.env = tmp_objdir_env(tmp_objdir);
2222
2223 /*
2224 * Normally we just pass the tmp_objdir environment to the child
2225 * processes that do the heavy lifting, but we may need to see these
2226 * objects ourselves to set up shallow information.
2227 */
2228 tmp_objdir_add_as_alternate(tmp_objdir);
2229
2230 if (ntohl(hdr.hdr_entries) < unpack_limit) {
2231 strvec_push(&child.args, "unpack-objects");
2232 push_header_arg(&child.args, &hdr);
2233 if (quiet)
2234 strvec_push(&child.args, "-q");
2235 if (fsck_objects)
2236 strvec_pushf(&child.args, "--strict%s",
2237 fsck_msg_types.buf);
2238 if (max_input_size)
2239 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
2240 (uintmax_t)max_input_size);
2241 child.no_stdout = 1;
2242 child.err = err_fd;
2243 child.git_cmd = 1;
2244 status = run_command(&child);
2245 if (status)
2246 return "unpack-objects abnormal exit";
2247 } else {
2248 char hostname[HOST_NAME_MAX + 1];
2249
2250 strvec_pushl(&child.args, "index-pack", "--stdin", NULL);
2251 push_header_arg(&child.args, &hdr);
2252
2253 if (xgethostname(hostname, sizeof(hostname)))
2254 xsnprintf(hostname, sizeof(hostname), "localhost");
2255 strvec_pushf(&child.args,
2256 "--keep=receive-pack %"PRIuMAX" on %s",
2257 (uintmax_t)getpid(),
2258 hostname);
2259
2260 if (!quiet && err_fd)
2261 strvec_push(&child.args, "--show-resolving-progress");
2262 if (use_sideband)
2263 strvec_push(&child.args, "--report-end-of-input");
2264 if (fsck_objects)
2265 strvec_pushf(&child.args, "--strict%s",
2266 fsck_msg_types.buf);
2267 if (!reject_thin)
2268 strvec_push(&child.args, "--fix-thin");
2269 if (max_input_size)
2270 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
2271 (uintmax_t)max_input_size);
2272 child.out = -1;
2273 child.err = err_fd;
2274 child.git_cmd = 1;
2275 status = start_command(&child);
2276 if (status)
2277 return "index-pack fork failed";
2278 pack_lockfile = index_pack_lockfile(child.out, NULL);
2279 close(child.out);
2280 status = finish_command(&child);
2281 if (status)
2282 return "index-pack abnormal exit";
2283 reprepare_packed_git(the_repository);
2284 }
2285 return NULL;
2286 }
2287
2288 static const char *unpack_with_sideband(struct shallow_info *si)
2289 {
2290 struct async muxer;
2291 const char *ret;
2292
2293 if (!use_sideband)
2294 return unpack(0, si);
2295
2296 use_keepalive = KEEPALIVE_AFTER_NUL;
2297 memset(&muxer, 0, sizeof(muxer));
2298 muxer.proc = copy_to_sideband;
2299 muxer.in = -1;
2300 if (start_async(&muxer))
2301 return NULL;
2302
2303 ret = unpack(muxer.in, si);
2304
2305 finish_async(&muxer);
2306 return ret;
2307 }
2308
2309 static void prepare_shallow_update(struct shallow_info *si)
2310 {
2311 int i, j, k, bitmap_size = DIV_ROUND_UP(si->ref->nr, 32);
2312
2313 ALLOC_ARRAY(si->used_shallow, si->shallow->nr);
2314 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
2315
2316 CALLOC_ARRAY(si->need_reachability_test, si->shallow->nr);
2317 CALLOC_ARRAY(si->reachable, si->shallow->nr);
2318 CALLOC_ARRAY(si->shallow_ref, si->ref->nr);
2319
2320 for (i = 0; i < si->nr_ours; i++)
2321 si->need_reachability_test[si->ours[i]] = 1;
2322
2323 for (i = 0; i < si->shallow->nr; i++) {
2324 if (!si->used_shallow[i])
2325 continue;
2326 for (j = 0; j < bitmap_size; j++) {
2327 if (!si->used_shallow[i][j])
2328 continue;
2329 si->need_reachability_test[i]++;
2330 for (k = 0; k < 32; k++)
2331 if (si->used_shallow[i][j] & (1U << k))
2332 si->shallow_ref[j * 32 + k]++;
2333 }
2334
2335 /*
2336 * true for those associated with some refs and belong
2337 * in "ours" list aka "step 7 not done yet"
2338 */
2339 si->need_reachability_test[i] =
2340 si->need_reachability_test[i] > 1;
2341 }
2342
2343 /*
2344 * keep hooks happy by forcing a temporary shallow file via
2345 * env variable because we can't add --shallow-file to every
2346 * command. check_connected() will be done with
2347 * true .git/shallow though.
2348 */
2349 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
2350 }
2351
2352 static void update_shallow_info(struct command *commands,
2353 struct shallow_info *si,
2354 struct oid_array *ref)
2355 {
2356 struct command *cmd;
2357 int *ref_status;
2358 remove_nonexistent_theirs_shallow(si);
2359 if (!si->nr_ours && !si->nr_theirs) {
2360 shallow_update = 0;
2361 return;
2362 }
2363
2364 for (cmd = commands; cmd; cmd = cmd->next) {
2365 if (is_null_oid(&cmd->new_oid))
2366 continue;
2367 oid_array_append(ref, &cmd->new_oid);
2368 cmd->index = ref->nr - 1;
2369 }
2370 si->ref = ref;
2371
2372 if (shallow_update) {
2373 prepare_shallow_update(si);
2374 return;
2375 }
2376
2377 ALLOC_ARRAY(ref_status, ref->nr);
2378 assign_shallow_commits_to_refs(si, NULL, ref_status);
2379 for (cmd = commands; cmd; cmd = cmd->next) {
2380 if (is_null_oid(&cmd->new_oid))
2381 continue;
2382 if (ref_status[cmd->index]) {
2383 cmd->error_string = "shallow update not allowed";
2384 cmd->skip_update = 1;
2385 }
2386 }
2387 free(ref_status);
2388 }
2389
2390 static void report(struct command *commands, const char *unpack_status)
2391 {
2392 struct command *cmd;
2393 struct strbuf buf = STRBUF_INIT;
2394
2395 packet_buf_write(&buf, "unpack %s\n",
2396 unpack_status ? unpack_status : "ok");
2397 for (cmd = commands; cmd; cmd = cmd->next) {
2398 if (!cmd->error_string)
2399 packet_buf_write(&buf, "ok %s\n",
2400 cmd->ref_name);
2401 else
2402 packet_buf_write(&buf, "ng %s %s\n",
2403 cmd->ref_name, cmd->error_string);
2404 }
2405 packet_buf_flush(&buf);
2406
2407 if (use_sideband)
2408 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2409 else
2410 write_or_die(1, buf.buf, buf.len);
2411 strbuf_release(&buf);
2412 }
2413
2414 static void report_v2(struct command *commands, const char *unpack_status)
2415 {
2416 struct command *cmd;
2417 struct strbuf buf = STRBUF_INIT;
2418 struct ref_push_report *report;
2419
2420 packet_buf_write(&buf, "unpack %s\n",
2421 unpack_status ? unpack_status : "ok");
2422 for (cmd = commands; cmd; cmd = cmd->next) {
2423 int count = 0;
2424
2425 if (cmd->error_string) {
2426 packet_buf_write(&buf, "ng %s %s\n",
2427 cmd->ref_name,
2428 cmd->error_string);
2429 continue;
2430 }
2431 packet_buf_write(&buf, "ok %s\n",
2432 cmd->ref_name);
2433 for (report = cmd->report; report; report = report->next) {
2434 if (count++ > 0)
2435 packet_buf_write(&buf, "ok %s\n",
2436 cmd->ref_name);
2437 if (report->ref_name)
2438 packet_buf_write(&buf, "option refname %s\n",
2439 report->ref_name);
2440 if (report->old_oid)
2441 packet_buf_write(&buf, "option old-oid %s\n",
2442 oid_to_hex(report->old_oid));
2443 if (report->new_oid)
2444 packet_buf_write(&buf, "option new-oid %s\n",
2445 oid_to_hex(report->new_oid));
2446 if (report->forced_update)
2447 packet_buf_write(&buf, "option forced-update\n");
2448 }
2449 }
2450 packet_buf_flush(&buf);
2451
2452 if (use_sideband)
2453 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2454 else
2455 write_or_die(1, buf.buf, buf.len);
2456 strbuf_release(&buf);
2457 }
2458
2459 static int delete_only(struct command *commands)
2460 {
2461 struct command *cmd;
2462 for (cmd = commands; cmd; cmd = cmd->next) {
2463 if (!is_null_oid(&cmd->new_oid))
2464 return 0;
2465 }
2466 return 1;
2467 }
2468
2469 int cmd_receive_pack(int argc, const char **argv, const char *prefix)
2470 {
2471 int advertise_refs = 0;
2472 struct command *commands;
2473 struct oid_array shallow = OID_ARRAY_INIT;
2474 struct oid_array ref = OID_ARRAY_INIT;
2475 struct shallow_info si;
2476 struct packet_reader reader;
2477
2478 struct option options[] = {
2479 OPT__QUIET(&quiet, N_("quiet")),
2480 OPT_HIDDEN_BOOL(0, "stateless-rpc", &stateless_rpc, NULL),
2481 OPT_HIDDEN_BOOL(0, "advertise-refs", &advertise_refs, NULL),
2482 OPT_HIDDEN_BOOL(0, "reject-thin-pack-for-testing", &reject_thin, NULL),
2483 OPT_END()
2484 };
2485
2486 packet_trace_identity("receive-pack");
2487
2488 argc = parse_options(argc, argv, prefix, options, receive_pack_usage, 0);
2489
2490 if (argc > 1)
2491 usage_msg_opt(_("Too many arguments."), receive_pack_usage, options);
2492 if (argc == 0)
2493 usage_msg_opt(_("You must specify a directory."), receive_pack_usage, options);
2494
2495 service_dir = argv[0];
2496
2497 setup_path();
2498
2499 if (!enter_repo(service_dir, 0))
2500 die("'%s' does not appear to be a git repository", service_dir);
2501
2502 git_config(receive_pack_config, NULL);
2503 if (cert_nonce_seed)
2504 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
2505
2506 if (0 <= transfer_unpack_limit)
2507 unpack_limit = transfer_unpack_limit;
2508 else if (0 <= receive_unpack_limit)
2509 unpack_limit = receive_unpack_limit;
2510
2511 switch (determine_protocol_version_server()) {
2512 case protocol_v2:
2513 /*
2514 * push support for protocol v2 has not been implemented yet,
2515 * so ignore the request to use v2 and fallback to using v0.
2516 */
2517 break;
2518 case protocol_v1:
2519 /*
2520 * v1 is just the original protocol with a version string,
2521 * so just fall through after writing the version string.
2522 */
2523 if (advertise_refs || !stateless_rpc)
2524 packet_write_fmt(1, "version 1\n");
2525
2526 /* fallthrough */
2527 case protocol_v0:
2528 break;
2529 case protocol_unknown_version:
2530 BUG("unknown protocol version");
2531 }
2532
2533 if (advertise_refs || !stateless_rpc) {
2534 write_head_info();
2535 }
2536 if (advertise_refs)
2537 return 0;
2538
2539 packet_reader_init(&reader, 0, NULL, 0,
2540 PACKET_READ_CHOMP_NEWLINE |
2541 PACKET_READ_DIE_ON_ERR_PACKET);
2542
2543 if ((commands = read_head_info(&reader, &shallow)) != NULL) {
2544 const char *unpack_status = NULL;
2545 struct string_list push_options = STRING_LIST_INIT_DUP;
2546
2547 if (use_push_options)
2548 read_push_options(&reader, &push_options);
2549 if (!check_cert_push_options(&push_options)) {
2550 struct command *cmd;
2551 for (cmd = commands; cmd; cmd = cmd->next)
2552 cmd->error_string = "inconsistent push options";
2553 }
2554
2555 prepare_shallow_info(&si, &shallow);
2556 if (!si.nr_ours && !si.nr_theirs)
2557 shallow_update = 0;
2558 if (!delete_only(commands)) {
2559 unpack_status = unpack_with_sideband(&si);
2560 update_shallow_info(commands, &si, &ref);
2561 }
2562 use_keepalive = KEEPALIVE_ALWAYS;
2563 execute_commands(commands, unpack_status, &si,
2564 &push_options);
2565 if (pack_lockfile)
2566 unlink_or_warn(pack_lockfile);
2567 if (report_status_v2)
2568 report_v2(commands, unpack_status);
2569 else if (report_status)
2570 report(commands, unpack_status);
2571 run_receive_hook(commands, "post-receive", 1,
2572 &push_options);
2573 run_update_post_hook(commands);
2574 string_list_clear(&push_options, 0);
2575 if (auto_gc) {
2576 const char *argv_gc_auto[] = {
2577 "gc", "--auto", "--quiet", NULL,
2578 };
2579 struct child_process proc = CHILD_PROCESS_INIT;
2580
2581 proc.no_stdin = 1;
2582 proc.stdout_to_stderr = 1;
2583 proc.err = use_sideband ? -1 : 0;
2584 proc.git_cmd = 1;
2585 proc.argv = argv_gc_auto;
2586
2587 close_object_store(the_repository->objects);
2588 if (!start_command(&proc)) {
2589 if (use_sideband)
2590 copy_to_sideband(proc.err, -1, NULL);
2591 finish_command(&proc);
2592 }
2593 }
2594 if (auto_update_server_info)
2595 update_server_info(0);
2596 clear_shallow_info(&si);
2597 }
2598 if (use_sideband)
2599 packet_flush(1);
2600 oid_array_clear(&shallow);
2601 oid_array_clear(&ref);
2602 free((void *)push_cert_nonce);
2603 return 0;
2604 }
Unnamed repository; edit this file 'description' to name the repository.