]> git.ipfire.org Git - thirdparty/git.git/blame - builtin/receive-pack.c
projects / thirdparty / git.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge branch 'ba/credential-test-clean-fix'
[thirdparty/git.git] / builtin / receive-pack.c
CommitLineData
1e4cd68c 1#include "builtin.h"
0b027f6c 2#include "abspath.h"
a49d2834 3#include "repository.h"
b2141fc1 4#include "config.h"
32a8f510 5#include "environment.h"
f394e093 6#include "gettext.h"
41771fa4 7#include "hex.h"
697cc8ef 8#include "lockfile.h"
fc04c412 9#include "pack.h"
8a65ff76 10#include "refs.h"
f3a3214e 11#include "pkt-line.h"
38a81b4e 12#include "sideband.h"
b1bf95bb 13#include "run-command.h"
5e3aba33 14#include "hook.h"
d807c4a0 15#include "exec-cmd.h"
11031d7e
JS		 16#include "commit.h"
17#include "object.h"
d79796bc 18#include "remote.h"
47a59185 19#include "connect.h"
da3efdb1 20#include "string-list.h"
fe299ec5 21#include "oid-array.h"
52fed6e1 22#include "connected.h"
dbbcd44f 23#include "strvec.h"
ff5effdf 24#include "version.h"
d05b9618 25#include "gpg-interface.h"
ec7dbd14 26#include "sigchain.h"
5d477a33 27#include "fsck.h"
722ff7f8 28#include "tmp-objdir.h"
ab6eea6f 29#include "oidset.h"
3836d88a 30#include "packfile.h"
dabab1d6 31#include "object-name.h"
a034e910 32#include "object-store-ll.h"
c339932b 33#include "path.h"
aa9bab29 34#include "protocol.h"
64043556 35#include "commit-reach.h"
623b80be 36#include "server-info.h"
74ea5c95
EN		 37#include "trace.h"
38#include "trace2.h"
4ef34648 39#include "worktree.h"
120ad2b0 40#include "shallow.h"
49fd5511 41#include "parse-options.h"
575f4974 42
1b68387e
SS		 43static const char * const receive_pack_usage[] = {
44 N_("git receive-pack <git-dir>"),
45 NULL
46};
575f4974 47
986e8239 48enum deny_action {
3d95d92b 49 DENY_UNCONFIGURED,
986e8239
JK		 50 DENY_IGNORE,
51 DENY_WARN,
1404bcbb
JS		 52 DENY_REFUSE,
53 DENY_UPDATE_INSTEAD
986e8239
JK		 54};
55
1b53a076
JH		 56static int deny_deletes;
57static int deny_non_fast_forwards;
3d95d92b 58static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
747ca245 59static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
dab76d3a
JH		 60static int receive_fsck_objects = -1;
61static int transfer_fsck_objects = -1;
5d477a33 62static struct strbuf fsck_msg_types = STRBUF_INIT;
e28714c5
JH		 63static int receive_unpack_limit = -1;
64static int transfer_unpack_limit = -1;
1b70fe5d 65static int advertise_atomic_push = 1;
c714e45f 66static int advertise_push_options;
8073d75b 67static int advertise_sid;
46732fae 68static int unpack_limit = 100;
c08db5a2 69static off_t max_input_size;
96f1e58f 70static int report_status;
63518a57 71static int report_status_v2;
38a81b4e 72static int use_sideband;
68deed29 73static int use_atomic;
c714e45f 74static int use_push_options;
c207e34f 75static int quiet;
b74fce16 76static int prefer_ofs_delta = 1;
77e3efbf
JH		 77static int auto_update_server_info;
78static int auto_gc = 1;
1b68387e 79static int reject_thin;
5732373d
JH		 80static int stateless_rpc;
81static const char *service_dir;
747ca245 82static const char *head_name;
96ec7b1e 83static void *head_name_to_free;
185c04e0 84static int sent_capabilities;
0a1bc12b 85static int shallow_update;
5dbd7676 86static const char *alt_shallow_file;
a85b377d 87static struct strbuf push_cert = STRBUF_INIT;
a09c985e 88static struct object_id push_cert_oid;
d05b9618 89static struct signature_check sigcheck;
b89363e4
JH		 90static const char *push_cert_nonce;
91static const char *cert_nonce_seed;
c45841ff 92static struct strvec hidden_refs = STRVEC_INIT;
b89363e4
JH		 93
94static const char *NONCE_UNSOLICITED = "UNSOLICITED";
95static const char *NONCE_BAD = "BAD";
96static const char *NONCE_MISSING = "MISSING";
97static const char *NONCE_OK = "OK";
5732373d 98static const char *NONCE_SLOP = "SLOP";
b89363e4 99static const char *nonce_status;
5732373d 100static long nonce_stamp_slop;
dddbad72 101static timestamp_t nonce_stamp_slop_limit;
222368c6 102static struct ref_transaction *transaction;
cfee10a7 103
83558686
JK		 104static enum {
105 KEEPALIVE_NEVER = 0,
106 KEEPALIVE_AFTER_NUL,
107 KEEPALIVE_ALWAYS
108} use_keepalive;
109static int keepalive_in_sec = 5;
110
722ff7f8
JK		 111static struct tmp_objdir *tmp_objdir;
112
31e8595a
JX		 113static struct proc_receive_ref {
114 unsigned int want_add:1,
115 want_delete:1,
116 want_modify:1,
117 negative_ref:1;
118 char *ref_prefix;
119 struct proc_receive_ref *next;
120} *proc_receive_ref;
121
122static void proc_receive_ref_append(const char *prefix);
123
986e8239
JK		 124static enum deny_action parse_deny_action(const char *var, const char *value)
125{
126 if (value) {
127 if (!strcasecmp(value, "ignore"))
128 return DENY_IGNORE;
129 if (!strcasecmp(value, "warn"))
130 return DENY_WARN;
131 if (!strcasecmp(value, "refuse"))
132 return DENY_REFUSE;
1404bcbb
JS		 133 if (!strcasecmp(value, "updateinstead"))
134 return DENY_UPDATE_INSTEAD;
986e8239
JK		 135 }
136 if (git_config_bool(var, value))
137 return DENY_REFUSE;
138 return DENY_IGNORE;
139}
140
a4e7e317
GC		 141static int receive_pack_config(const char *var, const char *value,
142 const struct config_context *ctx, void *cb)
6fb75bed 143{
d49cb162 144 const char *msg_id;
9b67eb6f 145 int status = parse_hide_refs_config(var, value, "receive", &hidden_refs);
daebaa78
JH		 146
147 if (status)
148 return status;
149
a240de11
JK		 150 if (strcmp(var, "receive.denydeletes") == 0) {
151 deny_deletes = git_config_bool(var, value);
152 return 0;
153 }
154
e28714c5 155 if (strcmp(var, "receive.denynonfastforwards") == 0) {
6fb75bed
SP		 156 deny_non_fast_forwards = git_config_bool(var, value);
157 return 0;
158 }
159
e28714c5 160 if (strcmp(var, "receive.unpacklimit") == 0) {
8868b1eb 161 receive_unpack_limit = git_config_int(var, value, ctx->kvi);
fc04c412
SP		 162 return 0;
163 }
164
e28714c5 165 if (strcmp(var, "transfer.unpacklimit") == 0) {
8868b1eb 166 transfer_unpack_limit = git_config_int(var, value, ctx->kvi);
e28714c5
JH		 167 return 0;
168 }
169
cd94c6f9
JS		 170 if (strcmp(var, "receive.fsck.skiplist") == 0) {
171 const char *path;
172
173 if (git_config_pathname(&path, var, value))
174 return 1;
175 strbuf_addf(&fsck_msg_types, "%cskiplist=%s",
176 fsck_msg_types.len ? ',' : '=', path);
177 free((char *)path);
178 return 0;
179 }
180
d49cb162
JK		 181 if (skip_prefix(var, "receive.fsck.", &msg_id)) {
182 if (!value)
183 return config_error_nonbool(var);
184 if (is_valid_msg_type(msg_id, value))
5d477a33 185 strbuf_addf(&fsck_msg_types, "%c%s=%s",
d49cb162 186 fsck_msg_types.len ? ',' : '=', msg_id, value);
5d477a33 187 else
d49cb162 188 warning("skipping unknown msg id '%s'", msg_id);
5d477a33
JS		 189 return 0;
190 }
191
20dc0016
MK		 192 if (strcmp(var, "receive.fsckobjects") == 0) {
193 receive_fsck_objects = git_config_bool(var, value);
194 return 0;
195 }
196
dab76d3a
JH		 197 if (strcmp(var, "transfer.fsckobjects") == 0) {
198 transfer_fsck_objects = git_config_bool(var, value);
199 return 0;
200 }
201
986e8239
JK		 202 if (!strcmp(var, "receive.denycurrentbranch")) {
203 deny_current_branch = parse_deny_action(var, value);
204 return 0;
205 }
206
747ca245
JH		 207 if (strcmp(var, "receive.denydeletecurrent") == 0) {
208 deny_delete_current = parse_deny_action(var, value);
209 return 0;
210 }
211
b74fce16
NP		 212 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
213 prefer_ofs_delta = git_config_bool(var, value);
214 return 0;
215 }
216
77e3efbf
JH		 217 if (strcmp(var, "receive.updateserverinfo") == 0) {
218 auto_update_server_info = git_config_bool(var, value);
219 return 0;
220 }
221
222 if (strcmp(var, "receive.autogc") == 0) {
223 auto_gc = git_config_bool(var, value);
224 return 0;
225 }
226
0a1bc12b
NTND		 227 if (strcmp(var, "receive.shallowupdate") == 0) {
228 shallow_update = git_config_bool(var, value);
229 return 0;
230 }
231
b89363e4
JH		 232 if (strcmp(var, "receive.certnonceseed") == 0)
233 return git_config_string(&cert_nonce_seed, var, value);
a85b377d 234
5732373d 235 if (strcmp(var, "receive.certnonceslop") == 0) {
8868b1eb 236 nonce_stamp_slop_limit = git_config_ulong(var, value, ctx->kvi);
5732373d
JH		 237 return 0;
238 }
239
1b70fe5d
RS		 240 if (strcmp(var, "receive.advertiseatomic") == 0) {
241 advertise_atomic_push = git_config_bool(var, value);
242 return 0;
243 }
244
c714e45f
SB		 245 if (strcmp(var, "receive.advertisepushoptions") == 0) {
246 advertise_push_options = git_config_bool(var, value);
247 return 0;
248 }
249
83558686 250 if (strcmp(var, "receive.keepalive") == 0) {
8868b1eb 251 keepalive_in_sec = git_config_int(var, value, ctx->kvi);
83558686
JK		 252 return 0;
253 }
254
c08db5a2 255 if (strcmp(var, "receive.maxinputsize") == 0) {
8868b1eb 256 max_input_size = git_config_int64(var, value, ctx->kvi);
c08db5a2
JK		 257 return 0;
258 }
259
31e8595a
JX		 260 if (strcmp(var, "receive.procreceiverefs") == 0) {
261 if (!value)
262 return config_error_nonbool(var);
263 proc_receive_ref_append(value);
264 return 0;
265 }
266
8073d75b
JS		 267 if (strcmp(var, "transfer.advertisesid") == 0) {
268 advertise_sid = git_config_bool(var, value);
269 return 0;
270 }
271
a4e7e317 272 return git_default_config(var, value, ctx, cb);
6fb75bed
SP		 273}
274
1b7ba794 275static void show_ref(const char *path, const struct object_id *oid)
575f4974 276{
52d2ae58 277 if (sent_capabilities) {
1b7ba794 278 packet_write_fmt(1, "%s %s\n", oid_to_hex(oid), path);
52d2ae58
JH		 279 } else {
280 struct strbuf cap = STRBUF_INIT;
281
282 strbuf_addstr(&cap,
63518a57 283 "report-status report-status-v2 delete-refs side-band-64k quiet");
1b70fe5d
RS		 284 if (advertise_atomic_push)
285 strbuf_addstr(&cap, " atomic");
52d2ae58
JH		 286 if (prefer_ofs_delta)
287 strbuf_addstr(&cap, " ofs-delta");
b89363e4
JH		 288 if (push_cert_nonce)
289 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
c714e45f
SB		 290 if (advertise_push_options)
291 strbuf_addstr(&cap, " push-options");
8073d75b
JS		 292 if (advertise_sid)
293 strbuf_addf(&cap, " session-id=%s", trace2_session_id());
bf30dbf8 294 strbuf_addf(&cap, " object-format=%s", the_hash_algo->name);
52d2ae58 295 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
81c634e9 296 packet_write_fmt(1, "%s %s%c%s\n",
1b7ba794 297 oid_to_hex(oid), path, 0, cap.buf);
52d2ae58
JH		 298 strbuf_release(&cap);
299 sent_capabilities = 1;
300 }
575f4974
LT		 301}
302
78a766ab 303static int show_ref_cb(const char *path_full, const struct object_id *oid,
5cf88fd8 304 int flag UNUSED, void *data)
6b01ecfe 305{
8b24b9e7 306 struct oidset *seen = data;
78a766ab
LF		 307 const char *path = strip_namespace(path_full);
308
9b67eb6f 309 if (ref_is_hidden(path, path_full, &hidden_refs))
78a766ab
LF		 310 return 0;
311
6b01ecfe
JT		 312 /*
313 * Advertise refs outside our current namespace as ".have"
314 * refs, so that the client can use them to minimize data
fea6c47f 315 * transfer but will otherwise ignore them.
6b01ecfe 316 */
8b24b9e7
JK		 317 if (!path) {
318 if (oidset_insert(seen, oid))
319 return 0;
6b01ecfe 320 path = ".have";
63d428e6
JK		 321 } else {
322 oidset_insert(seen, oid);
8b24b9e7 323 }
1b7ba794 324 show_ref(path, oid);
bc98201d 325 return 0;
6b01ecfe
JT		 326}
327
bdf4276c 328static void show_one_alternate_ref(const struct object_id *oid,
ab6eea6f 329 void *data)
b7a025d9 330{
ab6eea6f 331 struct oidset *seen = data;
b7a025d9 332
ab6eea6f
JK		 333 if (oidset_insert(seen, oid))
334 return;
335
1b7ba794 336 show_ref(".have", oid);
6b01ecfe
JT		 337}
338
8a65ff76 339static void write_head_info(void)
575f4974 340{
ab6eea6f 341 static struct oidset seen = OIDSET_INIT;
2b2a5be3 342
cc2a1f98
TB		 343 refs_for_each_fullref_in(get_main_ref_store(the_repository), "",
344 hidden_refs_to_excludes(&hidden_refs),
345 show_ref_cb, &seen);
ab6eea6f
JK		 346 for_each_alternate_ref(show_one_alternate_ref, &seen);
347 oidset_clear(&seen);
185c04e0 348 if (!sent_capabilities)
14228447 349 show_ref("capabilities^{}", null_oid());
cfee10a7 350
ad491366
NTND		 351 advertise_shallow_grafts(1);
352
b7a025d9
MH		 353 /* EOF */
354 packet_flush(1);
575f4974
LT		 355}
356
15d3af5e
JX		 357#define RUN_PROC_RECEIVE_SCHEDULED 1
358#define RUN_PROC_RECEIVE_RETURNED 2
eb1af2df
LT		 359struct command {
360 struct command *next;
cfee10a7 361 const char *error_string;
15d3af5e 362 struct ref_push_report *report;
160b81ed 363 unsigned int skip_update:1,
15d3af5e
JX		 364 did_not_exist:1,
365 run_proc_receive:2;
5dbd7676 366 int index;
9c44ea44 367 struct object_id old_oid;
368 struct object_id new_oid;
8f1d2e6f 369 char ref_name[FLEX_ARRAY]; /* more */
575f4974
LT		 370};
371
31e8595a
JX		 372static void proc_receive_ref_append(const char *prefix)
373{
374 struct proc_receive_ref *ref_pattern;
375 char *p;
376 int len;
377
ca56dadb 378 CALLOC_ARRAY(ref_pattern, 1);
31e8595a
JX		 379 p = strchr(prefix, ':');
380 if (p) {
381 while (prefix < p) {
382 if (*prefix == 'a')
383 ref_pattern->want_add = 1;
384 else if (*prefix == 'd')
385 ref_pattern->want_delete = 1;
386 else if (*prefix == 'm')
387 ref_pattern->want_modify = 1;
388 else if (*prefix == '!')
389 ref_pattern->negative_ref = 1;
390 prefix++;
391 }
392 prefix++;
393 } else {
394 ref_pattern->want_add = 1;
395 ref_pattern->want_delete = 1;
396 ref_pattern->want_modify = 1;
397 }
398 len = strlen(prefix);
399 while (len && prefix[len - 1] == '/')
400 len--;
401 ref_pattern->ref_prefix = xmemdupz(prefix, len);
402 if (!proc_receive_ref) {
403 proc_receive_ref = ref_pattern;
404 } else {
405 struct proc_receive_ref *end;
406
407 end = proc_receive_ref;
408 while (end->next)
409 end = end->next;
410 end->next = ref_pattern;
411 }
412}
413
414static int proc_receive_ref_matches(struct command *cmd)
415{
416 struct proc_receive_ref *p;
417
418 if (!proc_receive_ref)
419 return 0;
420
421 for (p = proc_receive_ref; p; p = p->next) {
422 const char *match = p->ref_prefix;
423 const char *remains;
424
425 if (!p->want_add && is_null_oid(&cmd->old_oid))
426 continue;
427 else if (!p->want_delete && is_null_oid(&cmd->new_oid))
428 continue;
429 else if (!p->want_modify &&
430 !is_null_oid(&cmd->old_oid) &&
431 !is_null_oid(&cmd->new_oid))
432 continue;
433
434 if (skip_prefix(cmd->ref_name, match, &remains) &&
435 (!*remains || *remains == '/')) {
436 if (!p->negative_ref)
437 return 1;
438 } else if (p->negative_ref) {
439 return 1;
440 }
441 }
442 return 0;
443}
444
466dbc42
SP		 445static void report_message(const char *prefix, const char *err, va_list params)
446{
b7115a35 447 int sz;
466dbc42
SP		 448 char msg[4096];
449
b7115a35 450 sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
466dbc42
SP		 451 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
452 if (sz > (sizeof(msg) - 1))
453 sz = sizeof(msg) - 1;
454 msg[sz++] = '\n';
455
456 if (use_sideband)
457 send_sideband(1, 2, msg, sz, use_sideband);
458 else
459 xwrite(2, msg, sz);
460}
461
103e02c7 462__attribute__((format (printf, 1, 2)))
466dbc42
SP		 463static void rp_warning(const char *err, ...)
464{
465 va_list params;
466 va_start(params, err);
467 report_message("warning: ", err, params);
468 va_end(params);
469}
470
103e02c7 471__attribute__((format (printf, 1, 2)))
466dbc42
SP		 472static void rp_error(const char *err, ...)
473{
474 va_list params;
475 va_start(params, err);
476 report_message("error: ", err, params);
477 va_end(params);
478}
479
5cf88fd8 480static int copy_to_sideband(int in, int out UNUSED, void *arg UNUSED)
6d525d38
SP		 481{
482 char data[128];
83558686
JK		 483 int keepalive_active = 0;
484
485 if (keepalive_in_sec <= 0)
486 use_keepalive = KEEPALIVE_NEVER;
487 if (use_keepalive == KEEPALIVE_ALWAYS)
488 keepalive_active = 1;
489
6d525d38 490 while (1) {
83558686
JK		 491 ssize_t sz;
492
493 if (keepalive_active) {
494 struct pollfd pfd;
495 int ret;
496
497 pfd.fd = in;
498 pfd.events = POLLIN;
499 ret = poll(&pfd, 1, 1000 * keepalive_in_sec);
500
501 if (ret < 0) {
502 if (errno == EINTR)
503 continue;
504 else
505 break;
506 } else if (ret == 0) {
507 /* no data; send a keepalive packet */
508 static const char buf[] = "0005\1";
509 write_or_die(1, buf, sizeof(buf) - 1);
510 continue;
511 } /* else there is actual data to read */
512 }
513
514 sz = xread(in, data, sizeof(data));
6d525d38
SP		 515 if (sz <= 0)
516 break;
83558686
JK		 517
518 if (use_keepalive == KEEPALIVE_AFTER_NUL && !keepalive_active) {
519 const char *p = memchr(data, '\0', sz);
520 if (p) {
521 /*
522 * The NUL tells us to start sending keepalives. Make
523 * sure we send any other data we read along
524 * with it.
525 */
526 keepalive_active = 1;
527 send_sideband(1, 2, data, p - data, use_sideband);
528 send_sideband(1, 2, p + 1, sz - (p - data + 1), use_sideband);
529 continue;
530 }
531 }
532
533 /*
534 * Either we're not looking for a NUL signal, or we didn't see
535 * it yet; just pass along the data.
536 */
6d525d38
SP		 537 send_sideband(1, 2, data, sz, use_sideband);
538 }
539 close(in);
540 return 0;
541}
542
3013118e 543static void hmac_hash(unsigned char *out,
b89363e4
JH		 544 const char *key_in, size_t key_len,
545 const char *text, size_t text_len)
546{
fabec2c5 547 unsigned char key[GIT_MAX_BLKSZ];
548 unsigned char k_ipad[GIT_MAX_BLKSZ];
549 unsigned char k_opad[GIT_MAX_BLKSZ];
b89363e4 550 int i;
fabec2c5 551 git_hash_ctx ctx;
b89363e4
JH		 552
553 /* RFC 2104 2. (1) */
fabec2c5 554 memset(key, '\0', GIT_MAX_BLKSZ);
555 if (the_hash_algo->blksz < key_len) {
556 the_hash_algo->init_fn(&ctx);
557 the_hash_algo->update_fn(&ctx, key_in, key_len);
558 the_hash_algo->final_fn(key, &ctx);
b89363e4
JH		 559 } else {
560 memcpy(key, key_in, key_len);
561 }
562
563 /* RFC 2104 2. (2) & (5) */
564 for (i = 0; i < sizeof(key); i++) {
565 k_ipad[i] = key[i] ^ 0x36;
566 k_opad[i] = key[i] ^ 0x5c;
567 }
568
569 /* RFC 2104 2. (3) & (4) */
fabec2c5 570 the_hash_algo->init_fn(&ctx);
571 the_hash_algo->update_fn(&ctx, k_ipad, sizeof(k_ipad));
572 the_hash_algo->update_fn(&ctx, text, text_len);
573 the_hash_algo->final_fn(out, &ctx);
b89363e4
JH		 574
575 /* RFC 2104 2. (6) & (7) */
fabec2c5 576 the_hash_algo->init_fn(&ctx);
577 the_hash_algo->update_fn(&ctx, k_opad, sizeof(k_opad));
578 the_hash_algo->update_fn(&ctx, out, the_hash_algo->rawsz);
579 the_hash_algo->final_fn(out, &ctx);
b89363e4
JH		 580}
581
dddbad72 582static char *prepare_push_cert_nonce(const char *path, timestamp_t stamp)
b89363e4
JH		 583{
584 struct strbuf buf = STRBUF_INIT;
fabec2c5 585 unsigned char hash[GIT_MAX_RAWSZ];
b89363e4 586
cb71f8bd 587 strbuf_addf(&buf, "%s:%"PRItime, path, stamp);
3013118e 588 hmac_hash(hash, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));
b89363e4
JH		 589 strbuf_release(&buf);
590
3013118e 591 /* RFC 2104 5. HMAC-SHA1 or HMAC-SHA256 */
fc06be3b 592 strbuf_addf(&buf, "%"PRItime"-%.*s", stamp, (int)the_hash_algo->hexsz, hash_to_hex(hash));
b89363e4
JH		 593 return strbuf_detach(&buf, NULL);
594}
595
edc6dccf 596/*
597 * Return zero if a and b are equal up to n bytes and nonzero if they are not.
598 * This operation is guaranteed to run in constant time to avoid leaking data.
599 */
600static int constant_memequal(const char *a, const char *b, size_t n)
601{
602 int res = 0;
719483e5
JH		 603 size_t i;
604
605 for (i = 0; i < n; i++)
edc6dccf 606 res |= a[i] ^ b[i];
607 return res;
608}
609
020456cb 610static const char *check_nonce(const char *buf)
b89363e4 611{
020456cb
RS		 612 size_t noncelen;
613 const char *found = find_commit_header(buf, "nonce", &noncelen);
614 char *nonce = found ? xmemdupz(found, noncelen) : NULL;
dddbad72 615 timestamp_t stamp, ostamp;
5732373d 616 char *bohmac, *expect = NULL;
b89363e4
JH		 617 const char *retval = NONCE_BAD;
618
619 if (!nonce) {
620 retval = NONCE_MISSING;
621 goto leave;
622 } else if (!push_cert_nonce) {
623 retval = NONCE_UNSOLICITED;
624 goto leave;
625 } else if (!strcmp(push_cert_nonce, nonce)) {
626 retval = NONCE_OK;
627 goto leave;
628 }
629
5732373d
JH		 630 if (!stateless_rpc) {
631 /* returned nonce MUST match what we gave out earlier */
632 retval = NONCE_BAD;
633 goto leave;
634 }
635
636 /*
637 * In stateless mode, we may be receiving a nonce issued by
638 * another instance of the server that serving the same
639 * repository, and the timestamps may not match, but the
640 * nonce-seed and dir should match, so we can recompute and
641 * report the time slop.
642 *
643 * In addition, when a nonce issued by another instance has
644 * timestamp within receive.certnonceslop seconds, we pretend
645 * as if we issued that nonce when reporting to the hook.
646 */
647
648 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
649 if (*nonce <= '0' || '9' < *nonce) {
650 retval = NONCE_BAD;
651 goto leave;
652 }
1aeb7e75 653 stamp = parse_timestamp(nonce, &bohmac, 10);
5732373d
JH		 654 if (bohmac == nonce || bohmac[0] != '-') {
655 retval = NONCE_BAD;
656 goto leave;
657 }
658
659 expect = prepare_push_cert_nonce(service_dir, stamp);
edc6dccf 660 if (noncelen != strlen(expect)) {
661 /* This is not even the right size. */
662 retval = NONCE_BAD;
663 goto leave;
664 }
665 if (constant_memequal(expect, nonce, noncelen)) {
5732373d
JH		 666 /* Not what we would have signed earlier */
667 retval = NONCE_BAD;
668 goto leave;
669 }
670
671 /*
672 * By how many seconds is this nonce stale? Negative value
673 * would mean it was issued by another server with its clock
674 * skewed in the future.
675 */
1aeb7e75 676 ostamp = parse_timestamp(push_cert_nonce, NULL, 10);
5732373d
JH		 677 nonce_stamp_slop = (long)ostamp - (long)stamp;
678
679 if (nonce_stamp_slop_limit &&
31a8aa1e 680 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
5732373d
JH		 681 /*
682 * Pretend as if the received nonce (which passes the
683 * HMAC check, so it is not a forged by third-party)
684 * is what we issued.
685 */
686 free((void *)push_cert_nonce);
687 push_cert_nonce = xstrdup(nonce);
688 retval = NONCE_OK;
689 } else {
690 retval = NONCE_SLOP;
691 }
b89363e4
JH		 692
693leave:
694 free(nonce);
5732373d 695 free(expect);
b89363e4
JH		 696 return retval;
697}
698
cbaf82cc
JT		 699/*
700 * Return 1 if there is no push_cert or if the push options in push_cert are
701 * the same as those in the argument; 0 otherwise.
702 */
703static int check_cert_push_options(const struct string_list *push_options)
704{
705 const char *buf = push_cert.buf;
cbaf82cc 706
f51d790b
RS		 707 const char *option;
708 size_t optionlen;
cbaf82cc
JT		 709 int options_seen = 0;
710
711 int retval = 1;
712
f51d790b 713 if (!*buf)
cbaf82cc
JT		 714 return 1;
715
f51d790b
RS		 716 while ((option = find_commit_header(buf, "push-option", &optionlen))) {
717 buf = option + optionlen + 1;
cbaf82cc
JT		 718 options_seen++;
719 if (options_seen > push_options->nr
020456cb
RS		 720 || xstrncmpz(push_options->items[options_seen - 1].string,
721 option, optionlen))
f51d790b 722 return 0;
cbaf82cc
JT		 723 }
724
725 if (options_seen != push_options->nr)
726 retval = 0;
727
cbaf82cc
JT		 728 return retval;
729}
730
a85b377d
JH		 731static void prepare_push_cert_sha1(struct child_process *proc)
732{
733 static int already_done;
a85b377d
JH		 734
735 if (!push_cert.len)
736 return;
737
738 if (!already_done) {
d05b9618
JH		 739 int bogs /* beginning_of_gpg_sig */;
740
a85b377d 741 already_done = 1;
c80d226a 742 if (write_object_file(push_cert.buf, push_cert.len, OBJ_BLOB,
a09c985e
PO		 743 &push_cert_oid))
744 oidclr(&push_cert_oid);
d05b9618
JH		 745
746 memset(&sigcheck, '\0', sizeof(sigcheck));
d05b9618 747
482c1191 748 bogs = parse_signed_buffer(push_cert.buf, push_cert.len);
02769437
FS		 749 sigcheck.payload = xmemdupz(push_cert.buf, bogs);
750 sigcheck.payload_len = bogs;
751 check_signature(&sigcheck, push_cert.buf + bogs,
752 push_cert.len - bogs);
d05b9618 753
020456cb 754 nonce_status = check_nonce(sigcheck.payload);
a85b377d 755 }
a09c985e 756 if (!is_null_oid(&push_cert_oid)) {
29fda24d 757 strvec_pushf(&proc->env, "GIT_PUSH_CERT=%s",
f6d8942b 758 oid_to_hex(&push_cert_oid));
29fda24d 759 strvec_pushf(&proc->env, "GIT_PUSH_CERT_SIGNER=%s",
f6d8942b 760 sigcheck.signer ? sigcheck.signer : "");
29fda24d 761 strvec_pushf(&proc->env, "GIT_PUSH_CERT_KEY=%s",
f6d8942b 762 sigcheck.key ? sigcheck.key : "");
29fda24d 763 strvec_pushf(&proc->env, "GIT_PUSH_CERT_STATUS=%c",
f6d8942b 764 sigcheck.result);
b89363e4 765 if (push_cert_nonce) {
29fda24d 766 strvec_pushf(&proc->env,
f6d8942b
JK		 767 "GIT_PUSH_CERT_NONCE=%s",
768 push_cert_nonce);
29fda24d 769 strvec_pushf(&proc->env,
f6d8942b
JK		 770 "GIT_PUSH_CERT_NONCE_STATUS=%s",
771 nonce_status);
5732373d 772 if (nonce_status == NONCE_SLOP)
29fda24d 773 strvec_pushf(&proc->env,
f6d8942b
JK		 774 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
775 nonce_stamp_slop);
b89363e4 776 }
a85b377d
JH		 777 }
778}
779
77a9745d
SB		 780struct receive_hook_feed_state {
781 struct command *cmd;
195d6eae 782 struct ref_push_report *report;
77a9745d
SB		 783 int skip_broken;
784 struct strbuf buf;
785 const struct string_list *push_options;
786};
787
9684e44a 788typedef int (*feed_fn)(void *, const char **, size_t *);
77a9745d
SB		 789static int run_and_feed_hook(const char *hook_name, feed_fn feed,
790 struct receive_hook_feed_state *feed_state)
b1bf95bb 791{
d3180279 792 struct child_process proc = CHILD_PROCESS_INIT;
6d525d38 793 struct async muxer;
9684e44a 794 int code;
7f14609e 795 const char *hook_path = find_hook(hook_name);
b1bf95bb 796
7f14609e 797 if (!hook_path)
b1bf95bb 798 return 0;
c8dd2771 799
7f14609e 800 strvec_push(&proc.args, hook_path);
f43cd49f
SP		 801 proc.in = -1;
802 proc.stdout_to_stderr = 1;
6206286e
JH		 803 proc.trace2_hook_name = hook_name;
804
77a9745d 805 if (feed_state->push_options) {
99d60545 806 size_t i;
77a9745d 807 for (i = 0; i < feed_state->push_options->nr; i++)
29fda24d 808 strvec_pushf(&proc.env,
99d60545
ÆAB		 809 "GIT_PUSH_OPTION_%"PRIuMAX"=%s",
810 (uintmax_t)i,
f6d8942b 811 feed_state->push_options->items[i].string);
29fda24d 812 strvec_pushf(&proc.env, "GIT_PUSH_OPTION_COUNT=%"PRIuMAX"",
99d60545 813 (uintmax_t)feed_state->push_options->nr);
77a9745d 814 } else
29fda24d 815 strvec_pushf(&proc.env, "GIT_PUSH_OPTION_COUNT");
f43cd49f 816
722ff7f8 817 if (tmp_objdir)
29fda24d 818 strvec_pushv(&proc.env, tmp_objdir_env(tmp_objdir));
722ff7f8 819
6d525d38
SP		 820 if (use_sideband) {
821 memset(&muxer, 0, sizeof(muxer));
822 muxer.proc = copy_to_sideband;
823 muxer.in = -1;
824 code = start_async(&muxer);
825 if (code)
826 return code;
827 proc.err = muxer.in;
828 }
829
5d222c09
RS		 830 prepare_push_cert_sha1(&proc);
831
f43cd49f 832 code = start_command(&proc);
6d525d38
SP		 833 if (code) {
834 if (use_sideband)
835 finish_async(&muxer);
90e41a89 836 return code;
6d525d38
SP		 837 }
838
ec7dbd14
JH		 839 sigchain_push(SIGPIPE, SIG_IGN);
840
9684e44a
JH		 841 while (1) {
842 const char *buf;
843 size_t n;
844 if (feed(feed_state, &buf, &n))
845 break;
06f46f23 846 if (write_in_full(proc.in, buf, n) < 0)
9684e44a 847 break;
c8dd2771 848 }
e72ae288 849 close(proc.in);
6d525d38
SP		 850 if (use_sideband)
851 finish_async(&muxer);
ec7dbd14
JH		 852
853 sigchain_pop(SIGPIPE);
854
90e41a89 855 return finish_command(&proc);
b1bf95bb
JW		 856}
857
9684e44a
JH		 858static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
859{
860 struct receive_hook_feed_state *state = state_;
861 struct command *cmd = state->cmd;
862
cdc2b2f3
JH		 863 while (cmd &&
864 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
9684e44a
JH		 865 cmd = cmd->next;
866 if (!cmd)
867 return -1; /* EOF */
195d6eae
JX		 868 if (!bufp)
869 return 0; /* OK, can feed something. */
9684e44a 870 strbuf_reset(&state->buf);
195d6eae
JX		 871 if (!state->report)
872 state->report = cmd->report;
873 if (state->report) {
874 struct object_id *old_oid;
875 struct object_id *new_oid;
876 const char *ref_name;
877
878 old_oid = state->report->old_oid ? state->report->old_oid : &cmd->old_oid;
879 new_oid = state->report->new_oid ? state->report->new_oid : &cmd->new_oid;
880 ref_name = state->report->ref_name ? state->report->ref_name : cmd->ref_name;
881 strbuf_addf(&state->buf, "%s %s %s\n",
882 oid_to_hex(old_oid), oid_to_hex(new_oid),
883 ref_name);
884 state->report = state->report->next;
885 if (!state->report)
886 state->cmd = cmd->next;
887 } else {
888 strbuf_addf(&state->buf, "%s %s %s\n",
889 oid_to_hex(&cmd->old_oid), oid_to_hex(&cmd->new_oid),
890 cmd->ref_name);
891 state->cmd = cmd->next;
892 }
9684e44a
JH		 893 if (bufp) {
894 *bufp = state->buf.buf;
895 *sizep = state->buf.len;
896 }
897 return 0;
898}
899
77a9745d
SB		 900static int run_receive_hook(struct command *commands,
901 const char *hook_name,
902 int skip_broken,
903 const struct string_list *push_options)
9684e44a
JH		 904{
905 struct receive_hook_feed_state state;
906 int status;
907
908 strbuf_init(&state.buf, 0);
909 state.cmd = commands;
cdc2b2f3 910 state.skip_broken = skip_broken;
195d6eae 911 state.report = NULL;
9684e44a
JH		 912 if (feed_receive_hook(&state, NULL, NULL))
913 return 0;
914 state.cmd = commands;
77a9745d 915 state.push_options = push_options;
9684e44a
JH		 916 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
917 strbuf_release(&state.buf);
918 return status;
919}
920
1d9e8b56
SP		 921static int run_update_hook(struct command *cmd)
922{
d3180279 923 struct child_process proc = CHILD_PROCESS_INIT;
6d525d38 924 int code;
7f14609e 925 const char *hook_path = find_hook("update");
1d9e8b56 926
7f14609e 927 if (!hook_path)
1d9e8b56
SP		 928 return 0;
929
7f14609e
ÆAB		 930 strvec_push(&proc.args, hook_path);
931 strvec_push(&proc.args, cmd->ref_name);
932 strvec_push(&proc.args, oid_to_hex(&cmd->old_oid));
933 strvec_push(&proc.args, oid_to_hex(&cmd->new_oid));
1d9e8b56 934
6d525d38
SP		 935 proc.no_stdin = 1;
936 proc.stdout_to_stderr = 1;
937 proc.err = use_sideband ? -1 : 0;
6206286e 938 proc.trace2_hook_name = "update";
6d525d38
SP		 939
940 code = start_command(&proc);
941 if (code)
942 return code;
943 if (use_sideband)
944 copy_to_sideband(proc.err, -1, NULL);
945 return finish_command(&proc);
1d9e8b56
SP		 946}
947
15d3af5e
JX		 948static struct command *find_command_by_refname(struct command *list,
949 const char *refname)
950{
951 for (; list; list = list->next)
952 if (!strcmp(list->ref_name, refname))
953 return list;
954 return NULL;
955}
956
957static int read_proc_receive_report(struct packet_reader *reader,
958 struct command *commands,
959 struct strbuf *errmsg)
960{
961 struct command *cmd;
962 struct command *hint = NULL;
963 struct ref_push_report *report = NULL;
964 int new_report = 0;
965 int code = 0;
966 int once = 0;
f65003b4 967 int response = 0;
15d3af5e
JX		 968
969 for (;;) {
970 struct object_id old_oid, new_oid;
971 const char *head;
972 const char *refname;
973 char *p;
f65003b4
JX		 974 enum packet_read_status status;
975
976 status = packet_reader_read(reader);
977 if (status != PACKET_READ_NORMAL) {
978 /* Check whether proc-receive exited abnormally */
979 if (status == PACKET_READ_EOF && !response) {
980 strbuf_addstr(errmsg, "proc-receive exited abnormally");
981 return -1;
982 }
15d3af5e 983 break;
f65003b4
JX		 984 }
985 response++;
15d3af5e
JX		 986
987 head = reader->line;
988 p = strchr(head, ' ');
989 if (!p) {
990 strbuf_addf(errmsg, "proc-receive reported incomplete status line: '%s'\n", head);
991 code = -1;
992 continue;
993 }
994 *p++ = '\0';
995 if (!strcmp(head, "option")) {
996 const char *key, *val;
997
998 if (!hint || !(report || new_report)) {
999 if (!once++)
1000 strbuf_addstr(errmsg, "proc-receive reported 'option' without a matching 'ok/ng' directive\n");
1001 code = -1;
1002 continue;
1003 }
1004 if (new_report) {
1005 if (!hint->report) {
ca56dadb 1006 CALLOC_ARRAY(hint->report, 1);
15d3af5e
JX		 1007 report = hint->report;
1008 } else {
1009 report = hint->report;
1010 while (report->next)
1011 report = report->next;
1012 report->next = xcalloc(1, sizeof(struct ref_push_report));
1013 report = report->next;
1014 }
1015 new_report = 0;
1016 }
1017 key = p;
1018 p = strchr(key, ' ');
1019 if (p)
1020 *p++ = '\0';
1021 val = p;
1022 if (!strcmp(key, "refname"))
1023 report->ref_name = xstrdup_or_null(val);
1024 else if (!strcmp(key, "old-oid") && val &&
1025 !parse_oid_hex(val, &old_oid, &val))
1026 report->old_oid = oiddup(&old_oid);
1027 else if (!strcmp(key, "new-oid") && val &&
1028 !parse_oid_hex(val, &new_oid, &val))
1029 report->new_oid = oiddup(&new_oid);
1030 else if (!strcmp(key, "forced-update"))
1031 report->forced_update = 1;
1032 else if (!strcmp(key, "fall-through"))
1033 /* Fall through, let 'receive-pack' to execute it. */
1034 hint->run_proc_receive = 0;
1035 continue;
1036 }
1037
1038 report = NULL;
1039 new_report = 0;
1040 refname = p;
1041 p = strchr(refname, ' ');
1042 if (p)
1043 *p++ = '\0';
1044 if (strcmp(head, "ok") && strcmp(head, "ng")) {
1045 strbuf_addf(errmsg, "proc-receive reported bad status '%s' on ref '%s'\n",
1046 head, refname);
1047 code = -1;
1048 continue;
1049 }
1050
1051 /* first try searching at our hint, falling back to all refs */
1052 if (hint)
1053 hint = find_command_by_refname(hint, refname);
1054 if (!hint)
1055 hint = find_command_by_refname(commands, refname);
1056 if (!hint) {
1057 strbuf_addf(errmsg, "proc-receive reported status on unknown ref: %s\n",
1058 refname);
1059 code = -1;
1060 continue;
1061 }
1062 if (!hint->run_proc_receive) {
1063 strbuf_addf(errmsg, "proc-receive reported status on unexpected ref: %s\n",
1064 refname);
1065 code = -1;
1066 continue;
1067 }
1068 hint->run_proc_receive |= RUN_PROC_RECEIVE_RETURNED;
1069 if (!strcmp(head, "ng")) {
1070 if (p)
1071 hint->error_string = xstrdup(p);
1072 else
1073 hint->error_string = "failed";
1074 code = -1;
1075 continue;
1076 }
1077 new_report = 1;
1078 }
1079
1080 for (cmd = commands; cmd; cmd = cmd->next)
1081 if (cmd->run_proc_receive && !cmd->error_string &&
1082 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED)) {
1083 cmd->error_string = "proc-receive failed to report status";
1084 code = -1;
1085 }
1086 return code;
1087}
1088
1089static int run_proc_receive_hook(struct command *commands,
1090 const struct string_list *push_options)
1091{
1092 struct child_process proc = CHILD_PROCESS_INIT;
1093 struct async muxer;
1094 struct command *cmd;
15d3af5e
JX		 1095 struct packet_reader reader;
1096 struct strbuf cap = STRBUF_INIT;
1097 struct strbuf errmsg = STRBUF_INIT;
1098 int hook_use_push_options = 0;
1099 int version = 0;
1100 int code;
7f14609e 1101 const char *hook_path = find_hook("proc-receive");
15d3af5e 1102
7f14609e 1103 if (!hook_path) {
15d3af5e
JX		 1104 rp_error("cannot find hook 'proc-receive'");
1105 return -1;
1106 }
15d3af5e 1107
7f14609e 1108 strvec_push(&proc.args, hook_path);
15d3af5e
JX		 1109 proc.in = -1;
1110 proc.out = -1;
1111 proc.trace2_hook_name = "proc-receive";
1112
1113 if (use_sideband) {
1114 memset(&muxer, 0, sizeof(muxer));
1115 muxer.proc = copy_to_sideband;
1116 muxer.in = -1;
1117 code = start_async(&muxer);
1118 if (code)
1119 return code;
1120 proc.err = muxer.in;
1121 } else {
1122 proc.err = 0;
1123 }
1124
1125 code = start_command(&proc);
1126 if (code) {
1127 if (use_sideband)
1128 finish_async(&muxer);
1129 return code;
1130 }
1131
1132 sigchain_push(SIGPIPE, SIG_IGN);
1133
1134 /* Version negotiaton */
1135 packet_reader_init(&reader, proc.out, NULL, 0,
1136 PACKET_READ_CHOMP_NEWLINE |
1137 PACKET_READ_GENTLE_ON_EOF);
1138 if (use_atomic)
1139 strbuf_addstr(&cap, " atomic");
1140 if (use_push_options)
1141 strbuf_addstr(&cap, " push-options");
1142 if (cap.len) {
f65003b4 1143 code = packet_write_fmt_gently(proc.in, "version=1%c%s\n", '\0', cap.buf + 1);
15d3af5e
JX		 1144 strbuf_release(&cap);
1145 } else {
f65003b4 1146 code = packet_write_fmt_gently(proc.in, "version=1\n");
15d3af5e 1147 }
f65003b4
JX		 1148 if (!code)
1149 code = packet_flush_gently(proc.in);
1150
1151 if (!code)
1152 for (;;) {
1153 int linelen;
1154 enum packet_read_status status;
1155
1156 status = packet_reader_read(&reader);
1157 if (status != PACKET_READ_NORMAL) {
1158 /* Check whether proc-receive exited abnormally */
1159 if (status == PACKET_READ_EOF)
1160 code = -1;
1161 break;
1162 }
15d3af5e 1163
f65003b4
JX		 1164 if (reader.pktlen > 8 && starts_with(reader.line, "version=")) {
1165 version = atoi(reader.line + 8);
1166 linelen = strlen(reader.line);
1167 if (linelen < reader.pktlen) {
1168 const char *feature_list = reader.line + linelen + 1;
1169 if (parse_feature_request(feature_list, "push-options"))
1170 hook_use_push_options = 1;
1171 }
15d3af5e
JX		 1172 }
1173 }
f65003b4
JX		 1174
1175 if (code) {
1176 strbuf_addstr(&errmsg, "fail to negotiate version with proc-receive hook");
1177 goto cleanup;
15d3af5e
JX		 1178 }
1179
80ffeb94
JX		 1180 switch (version) {
1181 case 0:
1182 /* fallthrough */
1183 case 1:
1184 break;
1185 default:
15d3af5e
JX		 1186 strbuf_addf(&errmsg, "proc-receive version '%d' is not supported",
1187 version);
1188 code = -1;
1189 goto cleanup;
1190 }
1191
1192 /* Send commands */
1193 for (cmd = commands; cmd; cmd = cmd->next) {
1194 if (!cmd->run_proc_receive || cmd->skip_update || cmd->error_string)
1195 continue;
f65003b4
JX		 1196 code = packet_write_fmt_gently(proc.in, "%s %s %s",
1197 oid_to_hex(&cmd->old_oid),
1198 oid_to_hex(&cmd->new_oid),
1199 cmd->ref_name);
1200 if (code)
1201 break;
1202 }
1203 if (!code)
1204 code = packet_flush_gently(proc.in);
1205 if (code) {
1206 strbuf_addstr(&errmsg, "fail to write commands to proc-receive hook");
1207 goto cleanup;
15d3af5e 1208 }
15d3af5e
JX		 1209
1210 /* Send push options */
1211 if (hook_use_push_options) {
1212 struct string_list_item *item;
1213
f65003b4
JX		 1214 for_each_string_list_item(item, push_options) {
1215 code = packet_write_fmt_gently(proc.in, "%s", item->string);
1216 if (code)
1217 break;
1218 }
1219 if (!code)
1220 code = packet_flush_gently(proc.in);
1221 if (code) {
1222 strbuf_addstr(&errmsg,
1223 "fail to write push-options to proc-receive hook");
1224 goto cleanup;
1225 }
15d3af5e
JX		 1226 }
1227
1228 /* Read result from proc-receive */
1229 code = read_proc_receive_report(&reader, commands, &errmsg);
1230
1231cleanup:
1232 close(proc.in);
1233 close(proc.out);
1234 if (use_sideband)
1235 finish_async(&muxer);
1236 if (finish_command(&proc))
1237 code = -1;
1238 if (errmsg.len >0) {
1239 char *p = errmsg.buf;
1240
1241 p += errmsg.len - 1;
1242 if (*p == '\n')
1243 *p = '\0';
1244 rp_error("%s", errmsg.buf);
1245 strbuf_release(&errmsg);
1246 }
1247 sigchain_pop(SIGPIPE);
1248
1249 return code;
1250}
1251
8ba35a2d
VA		 1252static char *refuse_unconfigured_deny_msg =
1253 N_("By default, updating the current branch in a non-bare repository\n"
1254 "is denied, because it will make the index and work tree inconsistent\n"
1255 "with what you pushed, and will require 'git reset --hard' to match\n"
1256 "the work tree to HEAD.\n"
1257 "\n"
2ddaa427
AH		 1258 "You can set the 'receive.denyCurrentBranch' configuration variable\n"
1259 "to 'ignore' or 'warn' in the remote repository to allow pushing into\n"
8ba35a2d
VA		 1260 "its current branch; however, this is not recommended unless you\n"
1261 "arranged to update its work tree to match what you pushed in some\n"
1262 "other way.\n"
1263 "\n"
1264 "To squelch this message and still keep the default behaviour, set\n"
1265 "'receive.denyCurrentBranch' configuration variable to 'refuse'.");
3d95d92b 1266
acd2a45b 1267static void refuse_unconfigured_deny(void)
3d95d92b 1268{
8ba35a2d 1269 rp_error("%s", _(refuse_unconfigured_deny_msg));
3d95d92b
JH		 1270}
1271
8ba35a2d
VA		 1272static char *refuse_unconfigured_deny_delete_current_msg =
1273 N_("By default, deleting the current branch is denied, because the next\n"
1274 "'git clone' won't result in any file checked out, causing confusion.\n"
1275 "\n"
1276 "You can set 'receive.denyDeleteCurrent' configuration variable to\n"
1277 "'warn' or 'ignore' in the remote repository to allow deleting the\n"
1278 "current branch, with or without a warning message.\n"
1279 "\n"
1280 "To squelch this message, you can set it to 'refuse'.");
747ca245 1281
375881fa 1282static void refuse_unconfigured_deny_delete_current(void)
747ca245 1283{
8ba35a2d 1284 rp_error("%s", _(refuse_unconfigured_deny_delete_current_msg));
747ca245
JH		 1285}
1286
9fec7b21 1287static const struct object_id *command_singleton_iterator(void *cb_data);
0a1bc12b
NTND		 1288static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
1289{
cac4b8e2 1290 struct shallow_lock shallow_lock = SHALLOW_LOCK_INIT;
910650d2 1291 struct oid_array extra = OID_ARRAY_INIT;
7043c707 1292 struct check_connected_options opt = CHECK_CONNECTED_INIT;
0a1bc12b
NTND		 1293 uint32_t mask = 1 << (cmd->index % 32);
1294 int i;
1295
6aa30857 1296 trace_printf_key(&trace_shallow,
0a1bc12b
NTND		 1297 "shallow: update_shallow_ref %s\n", cmd->ref_name);
1298 for (i = 0; i < si->shallow->nr; i++)
1299 if (si->used_shallow[i] &&
1300 (si->used_shallow[i][cmd->index / 32] & mask) &&
1301 !delayed_reachability_test(si, i))
910650d2 1302 oid_array_append(&extra, &si->shallow->oid[i]);
0a1bc12b 1303
722ff7f8 1304 opt.env = tmp_objdir_env(tmp_objdir);
7043c707
JK		 1305 setup_alternate_shallow(&shallow_lock, &opt.shallow_file, &extra);
1306 if (check_connected(command_singleton_iterator, cmd, &opt)) {
37b9dcab 1307 rollback_shallow_file(the_repository, &shallow_lock);
910650d2 1308 oid_array_clear(&extra);
0a1bc12b
NTND		 1309 return -1;
1310 }
1311
37b9dcab 1312 commit_shallow_file(the_repository, &shallow_lock);
0a1bc12b
NTND		 1313
1314 /*
1315 * Make sure setup_alternate_shallow() for the next ref does
1316 * not lose these new roots..
1317 */
1318 for (i = 0; i < extra.nr; i++)
19143f13 1319 register_shallow(the_repository, &extra.oid[i]);
0a1bc12b
NTND		 1320
1321 si->shallow_ref[cmd->index] = 0;
910650d2 1322 oid_array_clear(&extra);
0a1bc12b
NTND		 1323 return 0;
1324}
1325
1a51b524
JH		 1326/*
1327 * NEEDSWORK: we should consolidate various implementions of "are we
1328 * on an unborn branch?" test into one, and make the unified one more
1329 * robust. !get_sha1() based check used here and elsewhere would not
1330 * allow us to tell an unborn branch from corrupt ref, for example.
1331 * For the purpose of fixing "deploy-to-update does not work when
1332 * pushing into an empty repository" issue, this should suffice for
1333 * now.
1334 */
1335static int head_has_history(void)
1336{
15be4a5d 1337 struct object_id oid;
1a51b524 1338
d850b7a5 1339 return !repo_get_oid(the_repository, "HEAD", &oid);
1a51b524
JH		 1340}
1341
21b138d0 1342static const char *push_to_deploy(unsigned char *sha1,
22f9b7f3 1343 struct strvec *env,
21b138d0 1344 const char *work_tree)
1404bcbb 1345{
1404bcbb
JS		 1346 struct child_process child = CHILD_PROCESS_INIT;
1347
2b709893
ÆAB		 1348 strvec_pushl(&child.args, "update-index", "-q", "--ignore-submodules",
1349 "--refresh", NULL);
29fda24d 1350 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1351 child.dir = work_tree;
1352 child.no_stdin = 1;
1353 child.stdout_to_stderr = 1;
1354 child.git_cmd = 1;
21b138d0 1355 if (run_command(&child))
1404bcbb 1356 return "Up-to-date check failed";
1404bcbb
JS		 1357
1358 /* run_command() does not clean up completely; reinitialize */
1359 child_process_init(&child);
2b709893
ÆAB		 1360 strvec_pushl(&child.args, "diff-files", "--quiet",
1361 "--ignore-submodules", "--", NULL);
29fda24d 1362 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1363 child.dir = work_tree;
1364 child.no_stdin = 1;
1365 child.stdout_to_stderr = 1;
1366 child.git_cmd = 1;
21b138d0 1367 if (run_command(&child))
1404bcbb 1368 return "Working directory has unstaged changes";
1404bcbb
JS		 1369
1370 child_process_init(&child);
2b709893
ÆAB		 1371 strvec_pushl(&child.args, "diff-index", "--quiet", "--cached",
1372 "--ignore-submodules",
1373 /* diff-index with either HEAD or an empty tree */
1374 head_has_history() ? "HEAD" : empty_tree_oid_hex(),
1375 "--", NULL);
29fda24d 1376 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1377 child.no_stdin = 1;
1378 child.no_stdout = 1;
1379 child.stdout_to_stderr = 0;
1380 child.git_cmd = 1;
21b138d0 1381 if (run_command(&child))
1404bcbb 1382 return "Working directory has staged changes";
1404bcbb 1383
1404bcbb 1384 child_process_init(&child);
2b709893
ÆAB		 1385 strvec_pushl(&child.args, "read-tree", "-u", "-m", hash_to_hex(sha1),
1386 NULL);
29fda24d 1387 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1388 child.dir = work_tree;
1389 child.no_stdin = 1;
1390 child.no_stdout = 1;
1391 child.stdout_to_stderr = 0;
1392 child.git_cmd = 1;
21b138d0 1393 if (run_command(&child))
1404bcbb 1394 return "Could not update working tree to new HEAD";
1404bcbb 1395
1404bcbb
JS		 1396 return NULL;
1397}
1398
08553319
JH		 1399static const char *push_to_checkout_hook = "push-to-checkout";
1400
fc06be3b 1401static const char *push_to_checkout(unsigned char *hash,
a8cc5943 1402 int *invoked_hook,
22f9b7f3 1403 struct strvec *env,
08553319
JH		 1404 const char *work_tree)
1405{
306f445e 1406 struct run_hooks_opt opt = RUN_HOOKS_OPT_INIT;
a8cc5943 1407 opt.invoked_hook = invoked_hook;
306f445e 1408
22f9b7f3 1409 strvec_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
306f445e
ES		 1410 strvec_pushv(&opt.env, env->v);
1411 strvec_push(&opt.args, hash_to_hex(hash));
1412 if (run_hooks_opt(push_to_checkout_hook, &opt))
08553319
JH		 1413 return "push-to-checkout hook declined";
1414 else
1415 return NULL;
1416}
1417
4ef34648 1418static const char *update_worktree(unsigned char *sha1, const struct worktree *worktree)
21b138d0 1419{
38baae6c 1420 const char *retval, *git_dir;
22f9b7f3 1421 struct strvec env = STRVEC_INIT;
a8cc5943 1422 int invoked_hook;
21b138d0 1423
38baae6c
AK		 1424 if (!worktree || !worktree->path)
1425 BUG("worktree->path must be non-NULL");
4ef34648 1426
9fdf4f1d 1427 if (worktree->is_bare)
21b138d0 1428 return "denyCurrentBranch = updateInstead needs a worktree";
38baae6c 1429 git_dir = get_worktree_git_dir(worktree);
21b138d0 1430
22f9b7f3 1431 strvec_pushf(&env, "GIT_DIR=%s", absolute_path(git_dir));
21b138d0 1432
a8cc5943
ÆAB		 1433 retval = push_to_checkout(sha1, &invoked_hook, &env, worktree->path);
1434 if (!invoked_hook)
38baae6c 1435 retval = push_to_deploy(sha1, &env, worktree->path);
21b138d0 1436
22f9b7f3 1437 strvec_clear(&env);
21b138d0
JH		 1438 return retval;
1439}
1440
0a1bc12b 1441static const char *update(struct command *cmd, struct shallow_info *si)
2eca23da 1442{
cfee10a7 1443 const char *name = cmd->ref_name;
6b01ecfe 1444 struct strbuf namespaced_name_buf = STRBUF_INIT;
bda6e828
JS		 1445 static char *namespaced_name;
1446 const char *ret;
9c44ea44 1447 struct object_id *old_oid = &cmd->old_oid;
1448 struct object_id *new_oid = &cmd->new_oid;
b072a25f 1449 int do_update_worktree = 0;
c8dd491f
AK		 1450 struct worktree **worktrees = get_worktrees();
1451 const struct worktree *worktree =
9fdf4f1d 1452 find_shared_symref(worktrees, "HEAD", name);
2eca23da 1453
061d6b9a 1454 /* only refs/... are allowed */
7c3c5502
ZH		 1455 if (!starts_with(name, "refs/") ||
1456 check_refname_format(name + 5, is_null_oid(new_oid) ?
1457 REFNAME_ALLOW_ONELEVEL : 0)) {
d81ba50a 1458 rp_error("refusing to update funny ref '%s' remotely", name);
c8dd491f
AK		 1459 ret = "funny refname";
1460 goto out;
cfee10a7 1461 }
d8a1deec 1462
6b01ecfe 1463 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
bda6e828 1464 free(namespaced_name);
6b01ecfe
JT		 1465 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
1466
9fdf4f1d 1467 if (worktree && !worktree->is_bare) {
3d95d92b
JH		 1468 switch (deny_current_branch) {
1469 case DENY_IGNORE:
986e8239 1470 break;
3d95d92b 1471 case DENY_WARN:
466dbc42 1472 rp_warning("updating the current branch");
986e8239 1473 break;
3d95d92b 1474 case DENY_REFUSE:
acd2a45b 1475 case DENY_UNCONFIGURED:
466dbc42 1476 rp_error("refusing to update checked out branch: %s", name);
acd2a45b
JH		 1477 if (deny_current_branch == DENY_UNCONFIGURED)
1478 refuse_unconfigured_deny();
c8dd491f
AK		 1479 ret = "branch is currently checked out";
1480 goto out;
1404bcbb 1481 case DENY_UPDATE_INSTEAD:
b072a25f
JH		 1482 /* pass -- let other checks intervene first */
1483 do_update_worktree = 1;
1404bcbb 1484 break;
3d95d92b 1485 }
986e8239
JK		 1486 }
1487
bc726bd0 1488 if (!is_null_oid(new_oid) && !repo_has_object_file(the_repository, new_oid)) {
8aaf7d64 1489 error("unpack should have generated %s, "
9c44ea44 1490 "but I can't find it!", oid_to_hex(new_oid));
c8dd491f
AK		 1491 ret = "bad pack";
1492 goto out;
cfee10a7 1493 }
747ca245 1494
9c44ea44 1495 if (!is_null_oid(old_oid) && is_null_oid(new_oid)) {
59556548 1496 if (deny_deletes && starts_with(name, "refs/heads/")) {
466dbc42 1497 rp_error("denying ref deletion for %s", name);
c8dd491f
AK		 1498 ret = "deletion prohibited";
1499 goto out;
747ca245
JH		 1500 }
1501
4ef34648 1502 if (worktree || (head_name && !strcmp(namespaced_name, head_name))) {
747ca245
JH		 1503 switch (deny_delete_current) {
1504 case DENY_IGNORE:
1505 break;
1506 case DENY_WARN:
466dbc42 1507 rp_warning("deleting the current branch");
747ca245
JH		 1508 break;
1509 case DENY_REFUSE:
375881fa 1510 case DENY_UNCONFIGURED:
1404bcbb 1511 case DENY_UPDATE_INSTEAD:
375881fa
JH		 1512 if (deny_delete_current == DENY_UNCONFIGURED)
1513 refuse_unconfigured_deny_delete_current();
466dbc42 1514 rp_error("refusing to delete the current branch: %s", name);
c8dd491f
AK		 1515 ret = "deletion of the current branch prohibited";
1516 goto out;
1404bcbb 1517 default:
c8dd491f
AK		 1518 ret = "Invalid denyDeleteCurrent setting";
1519 goto out;
747ca245
JH		 1520 }
1521 }
a240de11 1522 }
747ca245 1523
9c44ea44 1524 if (deny_non_fast_forwards && !is_null_oid(new_oid) &&
1525 !is_null_oid(old_oid) &&
59556548 1526 starts_with(name, "refs/heads/")) {
eab82707 1527 struct object *old_object, *new_object;
11031d7e 1528 struct commit *old_commit, *new_commit;
11031d7e 1529
109cd76d
SB		 1530 old_object = parse_object(the_repository, old_oid);
1531 new_object = parse_object(the_repository, new_oid);
eab82707
MK		 1532
1533 if (!old_object || !new_object ||
1534 old_object->type != OBJ_COMMIT ||
1535 new_object->type != OBJ_COMMIT) {
1536 error("bad sha1 objects for %s", name);
c8dd491f
AK		 1537 ret = "bad ref";
1538 goto out;
eab82707
MK		 1539 }
1540 old_commit = (struct commit *)old_object;
1541 new_commit = (struct commit *)new_object;
cb338c23 1542 if (!repo_in_merge_bases(the_repository, old_commit, new_commit)) {
466dbc42
SP		 1543 rp_error("denying non-fast-forward %s"
1544 " (you should pull first)", name);
c8dd491f
AK		 1545 ret = "non-fast-forward";
1546 goto out;
8aaf7d64 1547 }
11031d7e 1548 }
1d9e8b56 1549 if (run_update_hook(cmd)) {
466dbc42 1550 rp_error("hook declined to update %s", name);
c8dd491f
AK		 1551 ret = "hook declined";
1552 goto out;
b1bf95bb 1553 }
3159c8dc 1554
b072a25f 1555 if (do_update_worktree) {
38baae6c 1556 ret = update_worktree(new_oid->hash, worktree);
b072a25f 1557 if (ret)
c8dd491f 1558 goto out;
b072a25f
JH		 1559 }
1560
9c44ea44 1561 if (is_null_oid(new_oid)) {
222368c6 1562 struct strbuf err = STRBUF_INIT;
109cd76d 1563 if (!parse_object(the_repository, old_oid)) {
9c44ea44 1564 old_oid = NULL;
160b81ed 1565 if (ref_exists(name)) {
c25edee9 1566 rp_warning("allowing deletion of corrupt ref");
160b81ed 1567 } else {
c25edee9 1568 rp_warning("deleting a non-existent ref");
160b81ed
PYH		 1569 cmd->did_not_exist = 1;
1570 }
28391a80 1571 }
222368c6
SB		 1572 if (ref_transaction_delete(transaction,
1573 namespaced_name,
89f3bbdd 1574 old_oid,
fb5a6bb6 1575 0, "push", &err)) {
222368c6 1576 rp_error("%s", err.buf);
c8dd491f
AK		 1577 ret = "failed to delete";
1578 } else {
1579 ret = NULL; /* good */
d4f694ba 1580 }
222368c6 1581 strbuf_release(&err);
d4f694ba
JH		 1582 }
1583 else {
6629ea2d 1584 struct strbuf err = STRBUF_INIT;
0a1bc12b 1585 if (shallow_update && si->shallow_ref[cmd->index] &&
c8dd491f
AK		 1586 update_shallow_ref(cmd, si)) {
1587 ret = "shallow error";
1588 goto out;
1589 }
0a1bc12b 1590
222368c6
SB		 1591 if (ref_transaction_update(transaction,
1592 namespaced_name,
89f3bbdd 1593 new_oid, old_oid,
1d147bdf 1594 0, "push",
222368c6 1595 &err)) {
6629ea2d 1596 rp_error("%s", err.buf);
c8dd491f
AK		 1597 ret = "failed to update ref";
1598 } else {
1599 ret = NULL; /* good */
ef203f08 1600 }
6629ea2d 1601 strbuf_release(&err);
19614330 1602 }
c8dd491f
AK		 1603
1604out:
1605 free_worktrees(worktrees);
1606 return ret;
2eca23da
LT		 1607}
1608
5e1c71fd 1609static void run_update_post_hook(struct command *commands)
19614330 1610{
5e1c71fd 1611 struct command *cmd;
d3180279 1612 struct child_process proc = CHILD_PROCESS_INIT;
dcf69262 1613 const char *hook;
19614330 1614
5a7da2dc 1615 hook = find_hook("post-update");
dce96c41 1616 if (!hook)
3e6e152c 1617 return;
5a7da2dc 1618
850d2fec 1619 for (cmd = commands; cmd; cmd = cmd->next) {
160b81ed 1620 if (cmd->error_string || cmd->did_not_exist)
19614330 1621 continue;
d70a9eb6 1622 if (!proc.args.nr)
22f9b7f3
JK		 1623 strvec_push(&proc.args, hook);
1624 strvec_push(&proc.args, cmd->ref_name);
19614330 1625 }
d70a9eb6 1626 if (!proc.args.nr)
dce96c41 1627 return;
6d525d38 1628
6d525d38
SP		 1629 proc.no_stdin = 1;
1630 proc.stdout_to_stderr = 1;
1631 proc.err = use_sideband ? -1 : 0;
6206286e 1632 proc.trace2_hook_name = "post-update";
6d525d38
SP		 1633
1634 if (!start_command(&proc)) {
1635 if (use_sideband)
1636 copy_to_sideband(proc.err, -1, NULL);
1637 finish_command(&proc);
1638 }
19614330 1639}
2eca23da 1640
99036237
ÆAB		 1641static void check_aliased_update_internal(struct command *cmd,
1642 struct string_list *list,
1643 const char *dst_name, int flag)
da3efdb1
JS		 1644{
1645 struct string_list_item *item;
1646 struct command *dst_cmd;
da3efdb1
JS		 1647
1648 if (!(flag & REF_ISSYMREF))
1649 return;
1650
6b01ecfe
JT		 1651 if (!dst_name) {
1652 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1653 cmd->skip_update = 1;
1654 cmd->error_string = "broken symref";
1655 return;
1656 }
ded83936 1657 dst_name = strip_namespace(dst_name);
6b01ecfe 1658
afe8a907 1659 if (!(item = string_list_lookup(list, dst_name)))
da3efdb1
JS		 1660 return;
1661
1662 cmd->skip_update = 1;
1663
1664 dst_cmd = (struct command *) item->util;
1665
4a7e27e9
JK		 1666 if (oideq(&cmd->old_oid, &dst_cmd->old_oid) &&
1667 oideq(&cmd->new_oid, &dst_cmd->new_oid))
da3efdb1
JS		 1668 return;
1669
1670 dst_cmd->skip_update = 1;
1671
da3efdb1
JS		 1672 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1673 " its target '%s' (%s..%s)",
ef2ed501 1674 cmd->ref_name,
d850b7a5
ÆAB		 1675 repo_find_unique_abbrev(the_repository, &cmd->old_oid, DEFAULT_ABBREV),
1676 repo_find_unique_abbrev(the_repository, &cmd->new_oid, DEFAULT_ABBREV),
ef2ed501 1677 dst_cmd->ref_name,
d850b7a5
ÆAB		 1678 repo_find_unique_abbrev(the_repository, &dst_cmd->old_oid, DEFAULT_ABBREV),
1679 repo_find_unique_abbrev(the_repository, &dst_cmd->new_oid, DEFAULT_ABBREV));
da3efdb1
JS		 1680
1681 cmd->error_string = dst_cmd->error_string =
1682 "inconsistent aliased update";
1683}
1684
99036237
ÆAB		 1685static void check_aliased_update(struct command *cmd, struct string_list *list)
1686{
1687 struct strbuf buf = STRBUF_INIT;
1688 const char *dst_name;
1689 int flag;
1690
1691 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1692 dst_name = resolve_ref_unsafe(buf.buf, 0, NULL, &flag);
1693 check_aliased_update_internal(cmd, list, dst_name, flag);
1694 strbuf_release(&buf);
1695}
1696
da3efdb1
JS		 1697static void check_aliased_updates(struct command *commands)
1698{
1699 struct command *cmd;
183113a5 1700 struct string_list ref_list = STRING_LIST_INIT_NODUP;
da3efdb1
JS		 1701
1702 for (cmd = commands; cmd; cmd = cmd->next) {
1703 struct string_list_item *item =
1d2f80fa 1704 string_list_append(&ref_list, cmd->ref_name);
da3efdb1
JS		 1705 item->util = (void *)cmd;
1706 }
3383e199 1707 string_list_sort(&ref_list);
da3efdb1 1708
ef7e93d9
CB		 1709 for (cmd = commands; cmd; cmd = cmd->next) {
1710 if (!cmd->error_string)
1711 check_aliased_update(cmd, &ref_list);
1712 }
da3efdb1
JS		 1713
1714 string_list_clear(&ref_list, 0);
1715}
1716
9fec7b21 1717static const struct object_id *command_singleton_iterator(void *cb_data)
52fed6e1
JH		 1718{
1719 struct command **cmd_list = cb_data;
1720 struct command *cmd = *cmd_list;
1721
9c44ea44 1722 if (!cmd || is_null_oid(&cmd->new_oid))
9fec7b21 1723 return NULL;
52fed6e1 1724 *cmd_list = NULL; /* this returns only one */
9fec7b21 1725 return &cmd->new_oid;
52fed6e1
JH		 1726}
1727
0a1bc12b
NTND		 1728static void set_connectivity_errors(struct command *commands,
1729 struct shallow_info *si)
52fed6e1
JH		 1730{
1731 struct command *cmd;
1732
1733 for (cmd = commands; cmd; cmd = cmd->next) {
1734 struct command *singleton = cmd;
722ff7f8
JK		 1735 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1736
0a1bc12b
NTND		 1737 if (shallow_update && si->shallow_ref[cmd->index])
1738 /* to be checked in update_shallow_ref() */
1739 continue;
722ff7f8
JK		 1740
1741 opt.env = tmp_objdir_env(tmp_objdir);
7043c707 1742 if (!check_connected(command_singleton_iterator, &singleton,
722ff7f8 1743 &opt))
52fed6e1 1744 continue;
722ff7f8 1745
52fed6e1
JH		 1746 cmd->error_string = "missing necessary objects";
1747 }
1748}
1749
0a1bc12b
NTND		 1750struct iterate_data {
1751 struct command *cmds;
1752 struct shallow_info *si;
1753};
1754
9fec7b21 1755static const struct object_id *iterate_receive_command_list(void *cb_data)
52fed6e1 1756{
0a1bc12b
NTND		 1757 struct iterate_data *data = cb_data;
1758 struct command **cmd_list = &data->cmds;
52fed6e1
JH		 1759 struct command *cmd = *cmd_list;
1760
0a1bc12b
NTND		 1761 for (; cmd; cmd = cmd->next) {
1762 if (shallow_update && data->si->shallow_ref[cmd->index])
1763 /* to be checked in update_shallow_ref() */
1764 continue;
9c44ea44 1765 if (!is_null_oid(&cmd->new_oid) && !cmd->skip_update) {
ee6dfb2d 1766 *cmd_list = cmd->next;
9fec7b21 1767 return &cmd->new_oid;
ee6dfb2d 1768 }
ee6dfb2d 1769 }
9fec7b21 1770 return NULL;
52fed6e1
JH		 1771}
1772
daebaa78
JH		 1773static void reject_updates_to_hidden(struct command *commands)
1774{
78a766ab
LF		 1775 struct strbuf refname_full = STRBUF_INIT;
1776 size_t prefix_len;
daebaa78
JH		 1777 struct command *cmd;
1778
78a766ab
LF		 1779 strbuf_addstr(&refname_full, get_git_namespace());
1780 prefix_len = refname_full.len;
1781
daebaa78 1782 for (cmd = commands; cmd; cmd = cmd->next) {
78a766ab
LF		 1783 if (cmd->error_string)
1784 continue;
1785
1786 strbuf_setlen(&refname_full, prefix_len);
1787 strbuf_addstr(&refname_full, cmd->ref_name);
1788
9b67eb6f 1789 if (!ref_is_hidden(cmd->ref_name, refname_full.buf, &hidden_refs))
daebaa78 1790 continue;
9c44ea44 1791 if (is_null_oid(&cmd->new_oid))
daebaa78
JH		 1792 cmd->error_string = "deny deleting a hidden ref";
1793 else
1794 cmd->error_string = "deny updating a hidden ref";
1795 }
78a766ab
LF		 1796
1797 strbuf_release(&refname_full);
daebaa78
JH		 1798}
1799
a6a84319
SB		 1800static int should_process_cmd(struct command *cmd)
1801{
1802 return !cmd->error_string && !cmd->skip_update;
1803}
1804
07b1d8f1 1805static void BUG_if_skipped_connectivity_check(struct command *commands,
a6a84319
SB		 1806 struct shallow_info *si)
1807{
1808 struct command *cmd;
a6a84319
SB		 1809
1810 for (cmd = commands; cmd; cmd = cmd->next) {
07b1d8f1
ÆAB		 1811 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index])
1812 bug("connectivity check has not been run on ref %s",
1813 cmd->ref_name);
a6a84319 1814 }
07b1d8f1 1815 BUG_if_bug("connectivity check skipped???");
a6a84319
SB		 1816}
1817
a1a26145
SB		 1818static void execute_commands_non_atomic(struct command *commands,
1819 struct shallow_info *si)
1820{
1821 struct command *cmd;
222368c6
SB		 1822 struct strbuf err = STRBUF_INIT;
1823
a1a26145 1824 for (cmd = commands; cmd; cmd = cmd->next) {
15d3af5e 1825 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
a1a26145
SB		 1826 continue;
1827
222368c6
SB		 1828 transaction = ref_transaction_begin(&err);
1829 if (!transaction) {
1830 rp_error("%s", err.buf);
1831 strbuf_reset(&err);
1832 cmd->error_string = "transaction failed to start";
1833 continue;
1834 }
1835
a1a26145 1836 cmd->error_string = update(cmd, si);
222368c6
SB		 1837
1838 if (!cmd->error_string
1839 && ref_transaction_commit(transaction, &err)) {
1840 rp_error("%s", err.buf);
1841 strbuf_reset(&err);
1842 cmd->error_string = "failed to update ref";
1843 }
1844 ref_transaction_free(transaction);
a1a26145 1845 }
68deed29
SB		 1846 strbuf_release(&err);
1847}
222368c6 1848
68deed29
SB		 1849static void execute_commands_atomic(struct command *commands,
1850 struct shallow_info *si)
1851{
1852 struct command *cmd;
1853 struct strbuf err = STRBUF_INIT;
1854 const char *reported_error = "atomic push failure";
1855
1856 transaction = ref_transaction_begin(&err);
1857 if (!transaction) {
1858 rp_error("%s", err.buf);
1859 strbuf_reset(&err);
1860 reported_error = "transaction failed to start";
1861 goto failure;
1862 }
1863
1864 for (cmd = commands; cmd; cmd = cmd->next) {
15d3af5e 1865 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
68deed29
SB		 1866 continue;
1867
1868 cmd->error_string = update(cmd, si);
1869
1870 if (cmd->error_string)
1871 goto failure;
1872 }
1873
1874 if (ref_transaction_commit(transaction, &err)) {
1875 rp_error("%s", err.buf);
1876 reported_error = "atomic transaction failed";
1877 goto failure;
1878 }
1879 goto cleanup;
1880
1881failure:
1882 for (cmd = commands; cmd; cmd = cmd->next)
1883 if (!cmd->error_string)
1884 cmd->error_string = reported_error;
1885
1886cleanup:
1887 ref_transaction_free(transaction);
222368c6 1888 strbuf_release(&err);
a1a26145
SB		 1889}
1890
0a1bc12b
NTND		 1891static void execute_commands(struct command *commands,
1892 const char *unpacker_error,
77a9745d
SB		 1893 struct shallow_info *si,
1894 const struct string_list *push_options)
575f4974 1895{
d415092a 1896 struct check_connected_options opt = CHECK_CONNECTED_INIT;
5e1c71fd 1897 struct command *cmd;
0a1bc12b 1898 struct iterate_data data;
d415092a
JK		 1899 struct async muxer;
1900 int err_fd = 0;
15d3af5e 1901 int run_proc_receive = 0;
8aaf7d64
SP		 1902
1903 if (unpacker_error) {
5e1c71fd 1904 for (cmd = commands; cmd; cmd = cmd->next)
74eb32d3 1905 cmd->error_string = "unpacker error";
8aaf7d64
SP		 1906 return;
1907 }
1908
d415092a
JK		 1909 if (use_sideband) {
1910 memset(&muxer, 0, sizeof(muxer));
1911 muxer.proc = copy_to_sideband;
1912 muxer.in = -1;
1913 if (!start_async(&muxer))
1914 err_fd = muxer.in;
1915 /* ...else, continue without relaying sideband */
1916 }
1917
0a1bc12b
NTND		 1918 data.cmds = commands;
1919 data.si = si;
d415092a 1920 opt.err_fd = err_fd;
6b4cd2f8 1921 opt.progress = err_fd && !quiet;
722ff7f8 1922 opt.env = tmp_objdir_env(tmp_objdir);
bcec6780
PS		 1923 opt.exclude_hidden_refs_section = "receive";
1924
d415092a 1925 if (check_connected(iterate_receive_command_list, &data, &opt))
0a1bc12b 1926 set_connectivity_errors(commands, si);
52fed6e1 1927
d415092a
JK		 1928 if (use_sideband)
1929 finish_async(&muxer);
1930
daebaa78
JH		 1931 reject_updates_to_hidden(commands);
1932
15d3af5e
JX		 1933 /*
1934 * Try to find commands that have special prefix in their reference names,
1935 * and mark them to run an external "proc-receive" hook later.
1936 */
31e8595a
JX		 1937 if (proc_receive_ref) {
1938 for (cmd = commands; cmd; cmd = cmd->next) {
1939 if (!should_process_cmd(cmd))
1940 continue;
15d3af5e 1941
31e8595a
JX		 1942 if (proc_receive_ref_matches(cmd)) {
1943 cmd->run_proc_receive = RUN_PROC_RECEIVE_SCHEDULED;
1944 run_proc_receive = 1;
1945 }
15d3af5e
JX		 1946 }
1947 }
1948
77a9745d 1949 if (run_receive_hook(commands, "pre-receive", 0, push_options)) {
ef7e93d9
CB		 1950 for (cmd = commands; cmd; cmd = cmd->next) {
1951 if (!cmd->error_string)
1952 cmd->error_string = "pre-receive hook declined";
1953 }
05ef58ec
SP		 1954 return;
1955 }
1956
54077640
CB		 1957 /*
1958 * If there is no command ready to run, should return directly to destroy
1959 * temporary data in the quarantine area.
1960 */
1961 for (cmd = commands; cmd && cmd->error_string; cmd = cmd->next)
1962 ; /* nothing */
1963 if (!cmd)
1964 return;
1965
722ff7f8
JK		 1966 /*
1967 * Now we'll start writing out refs, which means the objects need
1968 * to be in their final positions so that other processes can see them.
1969 */
1970 if (tmp_objdir_migrate(tmp_objdir) < 0) {
1971 for (cmd = commands; cmd; cmd = cmd->next) {
1972 if (!cmd->error_string)
1973 cmd->error_string = "unable to migrate objects to permanent storage";
1974 }
1975 return;
1976 }
1977 tmp_objdir = NULL;
1978
da3efdb1
JS		 1979 check_aliased_updates(commands);
1980
96ec7b1e 1981 free(head_name_to_free);
efbd4fdf 1982 head_name = head_name_to_free = resolve_refdup("HEAD", 0, NULL, NULL);
747ca245 1983
15d3af5e
JX		 1984 if (run_proc_receive &&
1985 run_proc_receive_hook(commands, push_options))
1986 for (cmd = commands; cmd; cmd = cmd->next)
1987 if (!cmd->error_string &&
1988 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED) &&
1989 (cmd->run_proc_receive || use_atomic))
1990 cmd->error_string = "fail to run proc-receive hook";
1991
68deed29
SB		 1992 if (use_atomic)
1993 execute_commands_atomic(commands, si);
1994 else
1995 execute_commands_non_atomic(commands, si);
0a1bc12b 1996
a6a84319 1997 if (shallow_update)
07b1d8f1 1998 BUG_if_skipped_connectivity_check(commands, si);
575f4974
LT		 1999}
2000
39895c74
JH		 2001static struct command **queue_command(struct command **tail,
2002 const char *line,
2003 int linelen)
2004{
9c44ea44 2005 struct object_id old_oid, new_oid;
39895c74
JH		 2006 struct command *cmd;
2007 const char *refname;
2008 int reflen;
9c44ea44 2009 const char *p;
39895c74 2010
9c44ea44 2011 if (parse_oid_hex(line, &old_oid, &p) ||
2012 *p++ != ' ' ||
2013 parse_oid_hex(p, &new_oid, &p) ||
2014 *p++ != ' ')
39895c74
JH		 2015 die("protocol error: expected old/new/ref, got '%s'", line);
2016
9c44ea44 2017 refname = p;
2018 reflen = linelen - (p - line);
ddd0bfac 2019 FLEX_ALLOC_MEM(cmd, ref_name, refname, reflen);
9c44ea44 2020 oidcpy(&cmd->old_oid, &old_oid);
2021 oidcpy(&cmd->new_oid, &new_oid);
39895c74
JH		 2022 *tail = cmd;
2023 return &cmd->next;
2024}
2025
1fdd31cf
ÆAB		 2026static void free_commands(struct command *commands)
2027{
2028 while (commands) {
2029 struct command *next = commands->next;
2030
2031 free(commands);
2032 commands = next;
2033 }
2034}
2035
4adf569d
JH		 2036static void queue_commands_from_cert(struct command **tail,
2037 struct strbuf *push_cert)
2038{
2039 const char *boc, *eoc;
2040
2041 if (*tail)
2042 die("protocol error: got both push certificate and unsigned commands");
2043
2044 boc = strstr(push_cert->buf, "\n\n");
2045 if (!boc)
2046 die("malformed push certificate %.*s", 100, push_cert->buf);
2047 else
2048 boc += 2;
482c1191 2049 eoc = push_cert->buf + parse_signed_buffer(push_cert->buf, push_cert->len);
4adf569d
JH		 2050
2051 while (boc < eoc) {
2052 const char *eol = memchr(boc, '\n', eoc - boc);
f2214ded 2053 tail = queue_command(tail, boc, eol ? eol - boc : eoc - boc);
4adf569d
JH		 2054 boc = eol ? eol + 1 : eoc;
2055 }
2056}
2057
01f9ec64
MS		 2058static struct command *read_head_info(struct packet_reader *reader,
2059 struct oid_array *shallow)
575f4974 2060{
5e1c71fd 2061 struct command *commands = NULL;
eb1af2df 2062 struct command **p = &commands;
575f4974 2063 for (;;) {
01f9ec64 2064 int linelen;
eb1af2df 2065
01f9ec64 2066 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
575f4974 2067 break;
5dbd7676 2068
01f9ec64 2069 if (reader->pktlen > 8 && starts_with(reader->line, "shallow ")) {
9c44ea44 2070 struct object_id oid;
01f9ec64 2071 if (get_oid_hex(reader->line + 8, &oid))
c09b71cc 2072 die("protocol error: expected shallow sha, got '%s'",
01f9ec64 2073 reader->line + 8);
910650d2 2074 oid_array_append(shallow, &oid);
5dbd7676
NTND		 2075 continue;
2076 }
2077
01f9ec64
MS		 2078 linelen = strlen(reader->line);
2079 if (linelen < reader->pktlen) {
2080 const char *feature_list = reader->line + linelen + 1;
bb095d08 2081 const char *hash = NULL;
a2a066d9 2082 const char *client_sid;
7ce4c8f7 2083 size_t len = 0;
f47182c8 2084 if (parse_feature_request(feature_list, "report-status"))
cfee10a7 2085 report_status = 1;
63518a57
JX		 2086 if (parse_feature_request(feature_list, "report-status-v2"))
2087 report_status_v2 = 1;
f47182c8 2088 if (parse_feature_request(feature_list, "side-band-64k"))
38a81b4e 2089 use_sideband = LARGE_PACKET_MAX;
c207e34f
CB		 2090 if (parse_feature_request(feature_list, "quiet"))
2091 quiet = 1;
1b70fe5d
RS		 2092 if (advertise_atomic_push
2093 && parse_feature_request(feature_list, "atomic"))
2094 use_atomic = 1;
c714e45f
SB		 2095 if (advertise_push_options
2096 && parse_feature_request(feature_list, "push-options"))
2097 use_push_options = 1;
bb095d08 2098 hash = parse_feature_value(feature_list, "object-format", &len, NULL);
2099 if (!hash) {
2100 hash = hash_algos[GIT_HASH_SHA1].name;
2101 len = strlen(hash);
2102 }
2103 if (xstrncmpz(the_hash_algo->name, hash, len))
2104 die("error: unsupported object format '%s'", hash);
a2a066d9
JS		 2105 client_sid = parse_feature_value(feature_list, "session-id", &len, NULL);
2106 if (client_sid) {
2107 char *sid = xstrndup(client_sid, len);
2108 trace2_data_string("transfer", NULL, "client-sid", client_sid);
2109 free(sid);
2110 }
cfee10a7 2111 }
0e3c339b 2112
01f9ec64 2113 if (!strcmp(reader->line, "push-cert")) {
a85b377d 2114 int true_flush = 0;
01f9ec64
MS		 2115 int saved_options = reader->options;
2116 reader->options &= ~PACKET_READ_CHOMP_NEWLINE;
a85b377d
JH		 2117
2118 for (;;) {
01f9ec64
MS		 2119 packet_reader_read(reader);
2120 if (reader->status == PACKET_READ_FLUSH) {
a85b377d
JH		 2121 true_flush = 1;
2122 break;
2123 }
01f9ec64
MS		 2124 if (reader->status != PACKET_READ_NORMAL) {
2125 die("protocol error: got an unexpected packet");
2126 }
2127 if (!strcmp(reader->line, "push-cert-end\n"))
a85b377d 2128 break; /* end of cert */
01f9ec64 2129 strbuf_addstr(&push_cert, reader->line);
a85b377d 2130 }
01f9ec64 2131 reader->options = saved_options;
a85b377d
JH		 2132
2133 if (true_flush)
2134 break;
2135 continue;
2136 }
2137
01f9ec64 2138 p = queue_command(p, reader->line, linelen);
575f4974 2139 }
4adf569d
JH		 2140
2141 if (push_cert.len)
2142 queue_commands_from_cert(p, &push_cert);
2143
5e1c71fd 2144 return commands;
575f4974
LT		 2145}
2146
01f9ec64
MS		 2147static void read_push_options(struct packet_reader *reader,
2148 struct string_list *options)
c714e45f
SB		 2149{
2150 while (1) {
01f9ec64 2151 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
c714e45f
SB		 2152 break;
2153
01f9ec64 2154 string_list_append(options, reader->line);
c714e45f
SB		 2155 }
2156}
2157
fc04c412
SP		 2158static const char *parse_pack_header(struct pack_header *hdr)
2159{
a69e5429
JH		 2160 switch (read_pack_header(0, hdr)) {
2161 case PH_ERROR_EOF:
2162 return "eof before pack header was fully read";
2163
2164 case PH_ERROR_PACK_SIGNATURE:
fc04c412 2165 return "protocol error (pack signature mismatch detected)";
a69e5429
JH		 2166
2167 case PH_ERROR_PROTOCOL:
fc04c412 2168 return "protocol error (pack version unsupported)";
a69e5429
JH		 2169
2170 default:
2171 return "unknown error in parse_pack_header";
2172
2173 case 0:
2174 return NULL;
2175 }
fc04c412
SP		 2176}
2177
c55c3066 2178static struct tempfile *pack_lockfile;
576162a4 2179
22f9b7f3 2180static void push_header_arg(struct strvec *args, struct pack_header *hdr)
446d5d91 2181{
22f9b7f3 2182 strvec_pushf(args, "--pack_header=%"PRIu32",%"PRIu32,
f6d8942b 2183 ntohl(hdr->hdr_version), ntohl(hdr->hdr_entries));
446d5d91
JK		 2184}
2185
5dbd7676 2186static const char *unpack(int err_fd, struct shallow_info *si)
575f4974 2187{
fc04c412
SP		 2188 struct pack_header hdr;
2189 const char *hdr_err;
31c42bff 2190 int status;
d3180279 2191 struct child_process child = CHILD_PROCESS_INIT;
dab76d3a
JH		 2192 int fsck_objects = (receive_fsck_objects >= 0
2193 ? receive_fsck_objects
2194 : transfer_fsck_objects >= 0
2195 ? transfer_fsck_objects
2196 : 0);
fc04c412
SP		 2197
2198 hdr_err = parse_pack_header(&hdr);
49ecfa13
JK		 2199 if (hdr_err) {
2200 if (err_fd > 0)
2201 close(err_fd);
fc04c412 2202 return hdr_err;
49ecfa13 2203 }
fc04c412 2204
5dbd7676
NTND		 2205 if (si->nr_ours || si->nr_theirs) {
2206 alt_shallow_file = setup_temporary_shallow(si->shallow);
22f9b7f3
JK		 2207 strvec_push(&child.args, "--shallow-file");
2208 strvec_push(&child.args, alt_shallow_file);
5dbd7676
NTND		 2209 }
2210
b3cecf49 2211 tmp_objdir = tmp_objdir_create("incoming");
6cdad1f1
JK		 2212 if (!tmp_objdir) {
2213 if (err_fd > 0)
2214 close(err_fd);
722ff7f8 2215 return "unable to create temporary object directory";
6cdad1f1 2216 }
c21fa3bb 2217 strvec_pushv(&child.env, tmp_objdir_env(tmp_objdir));
722ff7f8
JK		 2218
2219 /*
2220 * Normally we just pass the tmp_objdir environment to the child
2221 * processes that do the heavy lifting, but we may need to see these
2222 * objects ourselves to set up shallow information.
2223 */
2224 tmp_objdir_add_as_alternate(tmp_objdir);
2225
fc04c412 2226 if (ntohl(hdr.hdr_entries) < unpack_limit) {
22f9b7f3 2227 strvec_push(&child.args, "unpack-objects");
446d5d91 2228 push_header_arg(&child.args, &hdr);
c207e34f 2229 if (quiet)
22f9b7f3 2230 strvec_push(&child.args, "-q");
dab76d3a 2231 if (fsck_objects)
22f9b7f3 2232 strvec_pushf(&child.args, "--strict%s",
f6d8942b 2233 fsck_msg_types.buf);
c08db5a2 2234 if (max_input_size)
22f9b7f3 2235 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
f6d8942b 2236 (uintmax_t)max_input_size);
59bfdfb8 2237 child.no_stdout = 1;
a22e6f85 2238 child.err = err_fd;
59bfdfb8 2239 child.git_cmd = 1;
31c42bff
NTND		 2240 status = run_command(&child);
2241 if (status)
2242 return "unpack-objects abnormal exit";
576162a4 2243 } else {
da25bdb7 2244 char hostname[HOST_NAME_MAX + 1];
c55c3066 2245 char *lockfile;
576162a4 2246
22f9b7f3 2247 strvec_pushl(&child.args, "index-pack", "--stdin", NULL);
446d5d91 2248 push_header_arg(&child.args, &hdr);
b26cb7c7 2249
5781a9a2 2250 if (xgethostname(hostname, sizeof(hostname)))
b26cb7c7 2251 xsnprintf(hostname, sizeof(hostname), "localhost");
22f9b7f3 2252 strvec_pushf(&child.args,
f6d8942b
JK		 2253 "--keep=receive-pack %"PRIuMAX" on %s",
2254 (uintmax_t)getpid(),
2255 hostname);
b26cb7c7 2256
d06303bb 2257 if (!quiet && err_fd)
22f9b7f3 2258 strvec_push(&child.args, "--show-resolving-progress");
83558686 2259 if (use_sideband)
22f9b7f3 2260 strvec_push(&child.args, "--report-end-of-input");
dab76d3a 2261 if (fsck_objects)
22f9b7f3 2262 strvec_pushf(&child.args, "--strict%s",
f6d8942b 2263 fsck_msg_types.buf);
1b68387e 2264 if (!reject_thin)
22f9b7f3 2265 strvec_push(&child.args, "--fix-thin");
c08db5a2 2266 if (max_input_size)
22f9b7f3 2267 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
f6d8942b 2268 (uintmax_t)max_input_size);
31c42bff
NTND		 2269 child.out = -1;
2270 child.err = err_fd;
2271 child.git_cmd = 1;
2272 status = start_command(&child);
2273 if (status)
576162a4 2274 return "index-pack fork failed";
c55c3066
PS		 2275
2276 lockfile = index_pack_lockfile(child.out, NULL);
2277 if (lockfile) {
2278 pack_lockfile = register_tempfile(lockfile);
2279 free(lockfile);
2280 }
31c42bff 2281 close(child.out);
c55c3066 2282
31c42bff
NTND		 2283 status = finish_command(&child);
2284 if (status)
2285 return "index-pack abnormal exit";
a49d2834 2286 reprepare_packed_git(the_repository);
cfee10a7 2287 }
31c42bff 2288 return NULL;
cfee10a7
JH		 2289}
2290
5dbd7676 2291static const char *unpack_with_sideband(struct shallow_info *si)
a22e6f85
JK		 2292{
2293 struct async muxer;
2294 const char *ret;
2295
2296 if (!use_sideband)
5dbd7676 2297 return unpack(0, si);
a22e6f85 2298
83558686 2299 use_keepalive = KEEPALIVE_AFTER_NUL;
a22e6f85
JK		 2300 memset(&muxer, 0, sizeof(muxer));
2301 muxer.proc = copy_to_sideband;
2302 muxer.in = -1;
2303 if (start_async(&muxer))
2304 return NULL;
2305
5dbd7676 2306 ret = unpack(muxer.in, si);
a22e6f85
JK		 2307
2308 finish_async(&muxer);
2309 return ret;
2310}
2311
c95fc72f 2312static void prepare_shallow_update(struct shallow_info *si)
0a1bc12b 2313{
42c78a21 2314 int i, j, k, bitmap_size = DIV_ROUND_UP(si->ref->nr, 32);
0a1bc12b 2315
b32fa95f 2316 ALLOC_ARRAY(si->used_shallow, si->shallow->nr);
0a1bc12b
NTND		 2317 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
2318
486f4bd1
JH		 2319 CALLOC_ARRAY(si->need_reachability_test, si->shallow->nr);
2320 CALLOC_ARRAY(si->reachable, si->shallow->nr);
2321 CALLOC_ARRAY(si->shallow_ref, si->ref->nr);
0a1bc12b
NTND		 2322
2323 for (i = 0; i < si->nr_ours; i++)
2324 si->need_reachability_test[si->ours[i]] = 1;
2325
2326 for (i = 0; i < si->shallow->nr; i++) {
2327 if (!si->used_shallow[i])
2328 continue;
2329 for (j = 0; j < bitmap_size; j++) {
2330 if (!si->used_shallow[i][j])
2331 continue;
2332 si->need_reachability_test[i]++;
2333 for (k = 0; k < 32; k++)
9a93c668 2334 if (si->used_shallow[i][j] & (1U << k))
0a1bc12b
NTND		 2335 si->shallow_ref[j * 32 + k]++;
2336 }
2337
2338 /*
2339 * true for those associated with some refs and belong
2340 * in "ours" list aka "step 7 not done yet"
2341 */
2342 si->need_reachability_test[i] =
2343 si->need_reachability_test[i] > 1;
2344 }
2345
2346 /*
2347 * keep hooks happy by forcing a temporary shallow file via
2348 * env variable because we can't add --shallow-file to every
7987d223 2349 * command. check_connected() will be done with
0a1bc12b
NTND		 2350 * true .git/shallow though.
2351 */
2352 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
2353}
2354
5dbd7676
NTND		 2355static void update_shallow_info(struct command *commands,
2356 struct shallow_info *si,
910650d2 2357 struct oid_array *ref)
5dbd7676
NTND		 2358{
2359 struct command *cmd;
2360 int *ref_status;
2361 remove_nonexistent_theirs_shallow(si);
0a1bc12b
NTND		 2362 if (!si->nr_ours && !si->nr_theirs) {
2363 shallow_update = 0;
5dbd7676 2364 return;
0a1bc12b 2365 }
5dbd7676
NTND		 2366
2367 for (cmd = commands; cmd; cmd = cmd->next) {
9c44ea44 2368 if (is_null_oid(&cmd->new_oid))
5dbd7676 2369 continue;
910650d2 2370 oid_array_append(ref, &cmd->new_oid);
5dbd7676
NTND		 2371 cmd->index = ref->nr - 1;
2372 }
2373 si->ref = ref;
2374
0a1bc12b 2375 if (shallow_update) {
c95fc72f 2376 prepare_shallow_update(si);
0a1bc12b
NTND		 2377 return;
2378 }
2379
b32fa95f 2380 ALLOC_ARRAY(ref_status, ref->nr);
5dbd7676
NTND		 2381 assign_shallow_commits_to_refs(si, NULL, ref_status);
2382 for (cmd = commands; cmd; cmd = cmd->next) {
9c44ea44 2383 if (is_null_oid(&cmd->new_oid))
5dbd7676
NTND		 2384 continue;
2385 if (ref_status[cmd->index]) {
2386 cmd->error_string = "shallow update not allowed";
2387 cmd->skip_update = 1;
2388 }
2389 }
5dbd7676
NTND		 2390 free(ref_status);
2391}
2392
5e1c71fd 2393static void report(struct command *commands, const char *unpack_status)
cfee10a7
JH		 2394{
2395 struct command *cmd;
38a81b4e
SP		 2396 struct strbuf buf = STRBUF_INIT;
2397
2398 packet_buf_write(&buf, "unpack %s\n",
2399 unpack_status ? unpack_status : "ok");
cfee10a7
JH		 2400 for (cmd = commands; cmd; cmd = cmd->next) {
2401 if (!cmd->error_string)
38a81b4e
SP		 2402 packet_buf_write(&buf, "ok %s\n",
2403 cmd->ref_name);
cfee10a7 2404 else
38a81b4e
SP		 2405 packet_buf_write(&buf, "ng %s %s\n",
2406 cmd->ref_name, cmd->error_string);
575f4974 2407 }
38a81b4e
SP		 2408 packet_buf_flush(&buf);
2409
2410 if (use_sideband)
2411 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2412 else
cdf4fb8e 2413 write_or_die(1, buf.buf, buf.len);
38a81b4e 2414 strbuf_release(&buf);
575f4974
LT		 2415}
2416
63518a57
JX		 2417static void report_v2(struct command *commands, const char *unpack_status)
2418{
2419 struct command *cmd;
2420 struct strbuf buf = STRBUF_INIT;
2421 struct ref_push_report *report;
2422
2423 packet_buf_write(&buf, "unpack %s\n",
2424 unpack_status ? unpack_status : "ok");
2425 for (cmd = commands; cmd; cmd = cmd->next) {
2426 int count = 0;
2427
2428 if (cmd->error_string) {
2429 packet_buf_write(&buf, "ng %s %s\n",
2430 cmd->ref_name,
2431 cmd->error_string);
2432 continue;
2433 }
2434 packet_buf_write(&buf, "ok %s\n",
2435 cmd->ref_name);
2436 for (report = cmd->report; report; report = report->next) {
2437 if (count++ > 0)
2438 packet_buf_write(&buf, "ok %s\n",
2439 cmd->ref_name);
2440 if (report->ref_name)
2441 packet_buf_write(&buf, "option refname %s\n",
2442 report->ref_name);
2443 if (report->old_oid)
2444 packet_buf_write(&buf, "option old-oid %s\n",
2445 oid_to_hex(report->old_oid));
2446 if (report->new_oid)
2447 packet_buf_write(&buf, "option new-oid %s\n",
2448 oid_to_hex(report->new_oid));
2449 if (report->forced_update)
2450 packet_buf_write(&buf, "option forced-update\n");
2451 }
2452 }
2453 packet_buf_flush(&buf);
2454
2455 if (use_sideband)
2456 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2457 else
2458 write_or_die(1, buf.buf, buf.len);
2459 strbuf_release(&buf);
2460}
2461
5e1c71fd 2462static int delete_only(struct command *commands)
d4f694ba 2463{
5e1c71fd
JS		 2464 struct command *cmd;
2465 for (cmd = commands; cmd; cmd = cmd->next) {
9c44ea44 2466 if (!is_null_oid(&cmd->new_oid))
d4f694ba 2467 return 0;
d4f694ba
JH		 2468 }
2469 return 1;
2470}
2471
be5908ae 2472int cmd_receive_pack(int argc, const char **argv, const char *prefix)
575f4974 2473{
42526b47 2474 int advertise_refs = 0;
5e1c71fd 2475 struct command *commands;
910650d2 2476 struct oid_array shallow = OID_ARRAY_INIT;
2477 struct oid_array ref = OID_ARRAY_INIT;
5dbd7676 2478 struct shallow_info si;
01f9ec64 2479 struct packet_reader reader;
575f4974 2480
1b68387e
SS		 2481 struct option options[] = {
2482 OPT__QUIET(&quiet, N_("quiet")),
2483 OPT_HIDDEN_BOOL(0, "stateless-rpc", &stateless_rpc, NULL),
98e2d9d6
ÆAB		 2484 OPT_HIDDEN_BOOL(0, "http-backend-info-refs", &advertise_refs, NULL),
2485 OPT_ALIAS(0, "advertise-refs", "http-backend-info-refs"),
1b68387e
SS		 2486 OPT_HIDDEN_BOOL(0, "reject-thin-pack-for-testing", &reject_thin, NULL),
2487 OPT_END()
2488 };
bbc30f99 2489
1b68387e 2490 packet_trace_identity("receive-pack");
575f4974 2491
1b68387e 2492 argc = parse_options(argc, argv, prefix, options, receive_pack_usage, 0);
c207e34f 2493
1b68387e 2494 if (argc > 1)
c25edee9 2495 usage_msg_opt(_("too many arguments"), receive_pack_usage, options);
1b68387e 2496 if (argc == 0)
c25edee9 2497 usage_msg_opt(_("you must specify a directory"), receive_pack_usage, options);
42526b47 2498
1b68387e 2499 service_dir = argv[0];
575f4974 2500
e1464ca7 2501 setup_path();
5c09f321 2502
5732373d
JH		 2503 if (!enter_repo(service_dir, 0))
2504 die("'%s' does not appear to be a git repository", service_dir);
575f4974 2505
ef90d6d4 2506 git_config(receive_pack_config, NULL);
b89363e4 2507 if (cert_nonce_seed)
5732373d 2508 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
6fb75bed 2509
f3d33f8c 2510 if (0 <= receive_unpack_limit)
e28714c5 2511 unpack_limit = receive_unpack_limit;
f3d33f8c
JH		 2512 else if (0 <= transfer_unpack_limit)
2513 unpack_limit = transfer_unpack_limit;
e28714c5 2514
aa9bab29 2515 switch (determine_protocol_version_server()) {
8f6982b4
BW		 2516 case protocol_v2:
2517 /*
2518 * push support for protocol v2 has not been implemented yet,
2519 * so ignore the request to use v2 and fallback to using v0.
2520 */
2521 break;
aa9bab29
BW		 2522 case protocol_v1:
2523 /*
2524 * v1 is just the original protocol with a version string,
2525 * so just fall through after writing the version string.
2526 */
2527 if (advertise_refs || !stateless_rpc)
2528 packet_write_fmt(1, "version 1\n");
2529
2530 /* fallthrough */
2531 case protocol_v0:
2532 break;
2533 case protocol_unknown_version:
2534 BUG("unknown protocol version");
2535 }
2536
42526b47 2537 if (advertise_refs || !stateless_rpc) {
42526b47 2538 write_head_info();
42526b47
SP		 2539 }
2540 if (advertise_refs)
2541 return 0;
575f4974 2542
2d103c31
MS		 2543 packet_reader_init(&reader, 0, NULL, 0,
2544 PACKET_READ_CHOMP_NEWLINE |
2545 PACKET_READ_DIE_ON_ERR_PACKET);
01f9ec64 2546
afe8a907 2547 if ((commands = read_head_info(&reader, &shallow))) {
d4f694ba 2548 const char *unpack_status = NULL;
77a9745d 2549 struct string_list push_options = STRING_LIST_INIT_DUP;
d4f694ba 2550
c714e45f 2551 if (use_push_options)
01f9ec64 2552 read_push_options(&reader, &push_options);
cbaf82cc
JT		 2553 if (!check_cert_push_options(&push_options)) {
2554 struct command *cmd;
2555 for (cmd = commands; cmd; cmd = cmd->next)
2556 cmd->error_string = "inconsistent push options";
2557 }
c714e45f 2558
5dbd7676 2559 prepare_shallow_info(&si, &shallow);
0a1bc12b
NTND		 2560 if (!si.nr_ours && !si.nr_theirs)
2561 shallow_update = 0;
5dbd7676
NTND		 2562 if (!delete_only(commands)) {
2563 unpack_status = unpack_with_sideband(&si);
2564 update_shallow_info(commands, &si, &ref);
2565 }
83558686 2566 use_keepalive = KEEPALIVE_ALWAYS;
77a9745d
SB		 2567 execute_commands(commands, unpack_status, &si,
2568 &push_options);
c55c3066 2569 delete_tempfile(&pack_lockfile);
d34182b9 2570 sigchain_push(SIGPIPE, SIG_IGN);
63518a57
JX		 2571 if (report_status_v2)
2572 report_v2(commands, unpack_status);
2573 else if (report_status)
5e1c71fd 2574 report(commands, unpack_status);
d34182b9 2575 sigchain_pop(SIGPIPE);
77a9745d
SB		 2576 run_receive_hook(commands, "post-receive", 1,
2577 &push_options);
8e663d9e 2578 run_update_post_hook(commands);
1fdd31cf 2579 free_commands(commands);
4432dd6b 2580 string_list_clear(&push_options, 0);
77e3efbf 2581 if (auto_gc) {
860a2ebe
LF		 2582 struct child_process proc = CHILD_PROCESS_INIT;
2583
2584 proc.no_stdin = 1;
2585 proc.stdout_to_stderr = 1;
2586 proc.err = use_sideband ? -1 : 0;
c4dee2c0 2587 proc.git_cmd = proc.close_object_store = 1;
2b709893
ÆAB		 2588 strvec_pushl(&proc.args, "gc", "--auto", "--quiet",
2589 NULL);
860a2ebe 2590
860a2ebe
LF		 2591 if (!start_command(&proc)) {
2592 if (use_sideband)
2593 copy_to_sideband(proc.err, -1, NULL);
2594 finish_command(&proc);
2595 }
77e3efbf
JH		 2596 }
2597 if (auto_update_server_info)
2598 update_server_info(0);
5dbd7676 2599 clear_shallow_info(&si);
7f8e9828 2600 }
38a81b4e
SP		 2601 if (use_sideband)
2602 packet_flush(1);
910650d2 2603 oid_array_clear(&shallow);
2604 oid_array_clear(&ref);
c45841ff 2605 strvec_clear(&hidden_refs);
b89363e4 2606 free((void *)push_cert_nonce);
575f4974
LT		 2607 return 0;
2608}
Unnamed repository; edit this file 'description' to name the repository.