send-pack: send feature request on push-cert packet

We would want to update the interim protocol so that we do not send
the usual update commands when the push certificate feature is in
use, as the same information is in the certificate.  Once that
happens, the push-cert packet may become the only protocol command,
but then there is no packet to put the feature request behind, like
we always did.

As we have prepared the receiving end that understands the push-cert
feature to accept the feature request on the first protocol packet
(other than "shallow ", which was an unfortunate historical mistake
that has to come before everything else), we can give the feature
request on the push-cert packet instead of the first update protocol
packet, in preparation for the next step to actually update to the
final protocol.

Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/send-pack.c b/send-pack.c
index ef93f33aa5cacfb1713bbe6e9507dbae79c5eda2..d392f5b3a009e16b2cf08933dd0348de3a416bb0 100644 (file)
--- a/send-pack.c
+++ b/send-pack.c
@@ -225,9 +225,10 @@ static const char *next_line(const char *line, size_t len)
        return nl + 1;
 }
 
-static void generate_push_cert(struct strbuf *req_buf,
-                              const struct ref *remote_refs,
-                              struct send_pack_args *args)
+static int generate_push_cert(struct strbuf *req_buf,
+                             const struct ref *remote_refs,
+                             struct send_pack_args *args,
+                             const char *cap_string)
 {
        const struct ref *ref;
        char stamp[60];
@@ -256,7 +257,7 @@ static void generate_push_cert(struct strbuf *req_buf,
        if (sign_buffer(&cert, &cert, signing_key))
                die(_("failed to sign the push certificate"));
 
-       packet_buf_write(req_buf, "push-cert\n");
+       packet_buf_write(req_buf, "push-cert%c%s", 0, cap_string);
        for (cp = cert.buf; cp < cert.buf + cert.len; cp = np) {
                np = next_line(cp, cert.buf + cert.len - cp);
                packet_buf_write(req_buf,
@@ -267,6 +268,7 @@ static void generate_push_cert(struct strbuf *req_buf,
 free_return:
        free(signing_key);
        strbuf_release(&cert);
+       return update_seen;
 }
 
 int send_pack(struct send_pack_args *args,
@@ -335,7 +337,8 @@ int send_pack(struct send_pack_args *args,
                advertise_shallow_grafts_buf(&req_buf);
 
        if (!args->dry_run && args->push_cert)
-               generate_push_cert(&req_buf, remote_refs, args);
+               cmds_sent = generate_push_cert(&req_buf, remote_refs, args,
+                                              cap_buf.buf);
 
        /*
         * Clear the status for each ref and see if we need to send

diff --git a/t/t5534-push-signed.sh b/t/t5534-push-signed.sh
index 4198b6a2fbf2164476ee84c7f4122c5a12b92839..2f4b74ed8303e4fd638f1850a471c5410276a5b7 100755 (executable)
--- a/t/t5534-push-signed.sh
+++ b/t/t5534-push-signed.sh
@@ -73,6 +73,19 @@ test_expect_success 'push --signed fails with a receiver without push certificat
        test_i18ngrep "the receiving end does not support" err
 '
 
+test_expect_success GPG 'no certificate for a signed push with no update' '
+       prepare_dst &&
+       mkdir -p dst/.git/hooks &&
+       write_script dst/.git/hooks/post-receive <<-\EOF &&
+       if test -n "${GIT_PUSH_CERT-}"
+       then
+               git cat-file blob $GIT_PUSH_CERT >../push-cert
+       fi
+       EOF
+       git push dst noop &&
+       ! test -f dst/push-cert
+'
+
 test_expect_success GPG 'signed push sends push certificate' '
        prepare_dst &&
        mkdir -p dst/.git/hooks &&