]> git.ipfire.org Git - thirdparty/git.git/blame - builtin/receive-pack.c
projects / thirdparty / git.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
refs.h: implement `hidden_refs_to_excludes()`
[thirdparty/git.git] / builtin / receive-pack.c
CommitLineData
1e4cd68c 1#include "builtin.h"
0b027f6c 2#include "abspath.h"
a49d2834 3#include "repository.h"
b2141fc1 4#include "config.h"
32a8f510 5#include "environment.h"
f394e093 6#include "gettext.h"
41771fa4 7#include "hex.h"
697cc8ef 8#include "lockfile.h"
fc04c412 9#include "pack.h"
8a65ff76 10#include "refs.h"
f3a3214e 11#include "pkt-line.h"
38a81b4e 12#include "sideband.h"
b1bf95bb 13#include "run-command.h"
5e3aba33 14#include "hook.h"
d807c4a0 15#include "exec-cmd.h"
11031d7e
JS		 16#include "commit.h"
17#include "object.h"
d79796bc 18#include "remote.h"
47a59185 19#include "connect.h"
da3efdb1 20#include "string-list.h"
fe299ec5 21#include "oid-array.h"
52fed6e1 22#include "connected.h"
dbbcd44f 23#include "strvec.h"
ff5effdf 24#include "version.h"
d05b9618
JH		 25#include "tag.h"
26#include "gpg-interface.h"
ec7dbd14 27#include "sigchain.h"
5d477a33 28#include "fsck.h"
722ff7f8 29#include "tmp-objdir.h"
ab6eea6f 30#include "oidset.h"
3836d88a 31#include "packfile.h"
dabab1d6 32#include "object-name.h"
cbd53a21 33#include "object-store.h"
aa9bab29 34#include "protocol.h"
64043556 35#include "commit-reach.h"
623b80be 36#include "server-info.h"
74ea5c95
EN		 37#include "trace.h"
38#include "trace2.h"
4ef34648 39#include "worktree.h"
120ad2b0 40#include "shallow.h"
49fd5511 41#include "parse-options.h"
d5ebb50d 42#include "wrapper.h"
575f4974 43
1b68387e
SS		 44static const char * const receive_pack_usage[] = {
45 N_("git receive-pack <git-dir>"),
46 NULL
47};
575f4974 48
986e8239 49enum deny_action {
3d95d92b 50 DENY_UNCONFIGURED,
986e8239
JK		 51 DENY_IGNORE,
52 DENY_WARN,
1404bcbb
JS		 53 DENY_REFUSE,
54 DENY_UPDATE_INSTEAD
986e8239
JK		 55};
56
1b53a076
JH		 57static int deny_deletes;
58static int deny_non_fast_forwards;
3d95d92b 59static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
747ca245 60static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
dab76d3a
JH		 61static int receive_fsck_objects = -1;
62static int transfer_fsck_objects = -1;
5d477a33 63static struct strbuf fsck_msg_types = STRBUF_INIT;
e28714c5
JH		 64static int receive_unpack_limit = -1;
65static int transfer_unpack_limit = -1;
1b70fe5d 66static int advertise_atomic_push = 1;
c714e45f 67static int advertise_push_options;
8073d75b 68static int advertise_sid;
46732fae 69static int unpack_limit = 100;
c08db5a2 70static off_t max_input_size;
96f1e58f 71static int report_status;
63518a57 72static int report_status_v2;
38a81b4e 73static int use_sideband;
68deed29 74static int use_atomic;
c714e45f 75static int use_push_options;
c207e34f 76static int quiet;
b74fce16 77static int prefer_ofs_delta = 1;
77e3efbf
JH		 78static int auto_update_server_info;
79static int auto_gc = 1;
1b68387e 80static int reject_thin;
5732373d
JH		 81static int stateless_rpc;
82static const char *service_dir;
747ca245 83static const char *head_name;
96ec7b1e 84static void *head_name_to_free;
185c04e0 85static int sent_capabilities;
0a1bc12b 86static int shallow_update;
5dbd7676 87static const char *alt_shallow_file;
a85b377d 88static struct strbuf push_cert = STRBUF_INIT;
a09c985e 89static struct object_id push_cert_oid;
d05b9618 90static struct signature_check sigcheck;
b89363e4
JH		 91static const char *push_cert_nonce;
92static const char *cert_nonce_seed;
c45841ff 93static struct strvec hidden_refs = STRVEC_INIT;
b89363e4
JH		 94
95static const char *NONCE_UNSOLICITED = "UNSOLICITED";
96static const char *NONCE_BAD = "BAD";
97static const char *NONCE_MISSING = "MISSING";
98static const char *NONCE_OK = "OK";
5732373d 99static const char *NONCE_SLOP = "SLOP";
b89363e4 100static const char *nonce_status;
5732373d 101static long nonce_stamp_slop;
dddbad72 102static timestamp_t nonce_stamp_slop_limit;
222368c6 103static struct ref_transaction *transaction;
cfee10a7 104
83558686
JK		 105static enum {
106 KEEPALIVE_NEVER = 0,
107 KEEPALIVE_AFTER_NUL,
108 KEEPALIVE_ALWAYS
109} use_keepalive;
110static int keepalive_in_sec = 5;
111
722ff7f8
JK		 112static struct tmp_objdir *tmp_objdir;
113
31e8595a
JX		 114static struct proc_receive_ref {
115 unsigned int want_add:1,
116 want_delete:1,
117 want_modify:1,
118 negative_ref:1;
119 char *ref_prefix;
120 struct proc_receive_ref *next;
121} *proc_receive_ref;
122
123static void proc_receive_ref_append(const char *prefix);
124
986e8239
JK		 125static enum deny_action parse_deny_action(const char *var, const char *value)
126{
127 if (value) {
128 if (!strcasecmp(value, "ignore"))
129 return DENY_IGNORE;
130 if (!strcasecmp(value, "warn"))
131 return DENY_WARN;
132 if (!strcasecmp(value, "refuse"))
133 return DENY_REFUSE;
1404bcbb
JS		 134 if (!strcasecmp(value, "updateinstead"))
135 return DENY_UPDATE_INSTEAD;
986e8239
JK		 136 }
137 if (git_config_bool(var, value))
138 return DENY_REFUSE;
139 return DENY_IGNORE;
140}
141
ef90d6d4 142static int receive_pack_config(const char *var, const char *value, void *cb)
6fb75bed 143{
9b67eb6f 144 int status = parse_hide_refs_config(var, value, "receive", &hidden_refs);
daebaa78
JH		 145
146 if (status)
147 return status;
148
a240de11
JK		 149 if (strcmp(var, "receive.denydeletes") == 0) {
150 deny_deletes = git_config_bool(var, value);
151 return 0;
152 }
153
e28714c5 154 if (strcmp(var, "receive.denynonfastforwards") == 0) {
6fb75bed
SP		 155 deny_non_fast_forwards = git_config_bool(var, value);
156 return 0;
157 }
158
e28714c5
JH		 159 if (strcmp(var, "receive.unpacklimit") == 0) {
160 receive_unpack_limit = git_config_int(var, value);
fc04c412
SP		 161 return 0;
162 }
163
e28714c5
JH		 164 if (strcmp(var, "transfer.unpacklimit") == 0) {
165 transfer_unpack_limit = git_config_int(var, value);
166 return 0;
167 }
168
cd94c6f9
JS		 169 if (strcmp(var, "receive.fsck.skiplist") == 0) {
170 const char *path;
171
172 if (git_config_pathname(&path, var, value))
173 return 1;
174 strbuf_addf(&fsck_msg_types, "%cskiplist=%s",
175 fsck_msg_types.len ? ',' : '=', path);
176 free((char *)path);
177 return 0;
178 }
179
5d477a33
JS		 180 if (skip_prefix(var, "receive.fsck.", &var)) {
181 if (is_valid_msg_type(var, value))
182 strbuf_addf(&fsck_msg_types, "%c%s=%s",
183 fsck_msg_types.len ? ',' : '=', var, value);
184 else
c25edee9 185 warning("skipping unknown msg id '%s'", var);
5d477a33
JS		 186 return 0;
187 }
188
20dc0016
MK		 189 if (strcmp(var, "receive.fsckobjects") == 0) {
190 receive_fsck_objects = git_config_bool(var, value);
191 return 0;
192 }
193
dab76d3a
JH		 194 if (strcmp(var, "transfer.fsckobjects") == 0) {
195 transfer_fsck_objects = git_config_bool(var, value);
196 return 0;
197 }
198
986e8239
JK		 199 if (!strcmp(var, "receive.denycurrentbranch")) {
200 deny_current_branch = parse_deny_action(var, value);
201 return 0;
202 }
203
747ca245
JH		 204 if (strcmp(var, "receive.denydeletecurrent") == 0) {
205 deny_delete_current = parse_deny_action(var, value);
206 return 0;
207 }
208
b74fce16
NP		 209 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
210 prefer_ofs_delta = git_config_bool(var, value);
211 return 0;
212 }
213
77e3efbf
JH		 214 if (strcmp(var, "receive.updateserverinfo") == 0) {
215 auto_update_server_info = git_config_bool(var, value);
216 return 0;
217 }
218
219 if (strcmp(var, "receive.autogc") == 0) {
220 auto_gc = git_config_bool(var, value);
221 return 0;
222 }
223
0a1bc12b
NTND		 224 if (strcmp(var, "receive.shallowupdate") == 0) {
225 shallow_update = git_config_bool(var, value);
226 return 0;
227 }
228
b89363e4
JH		 229 if (strcmp(var, "receive.certnonceseed") == 0)
230 return git_config_string(&cert_nonce_seed, var, value);
a85b377d 231
5732373d
JH		 232 if (strcmp(var, "receive.certnonceslop") == 0) {
233 nonce_stamp_slop_limit = git_config_ulong(var, value);
234 return 0;
235 }
236
1b70fe5d
RS		 237 if (strcmp(var, "receive.advertiseatomic") == 0) {
238 advertise_atomic_push = git_config_bool(var, value);
239 return 0;
240 }
241
c714e45f
SB		 242 if (strcmp(var, "receive.advertisepushoptions") == 0) {
243 advertise_push_options = git_config_bool(var, value);
244 return 0;
245 }
246
83558686
JK		 247 if (strcmp(var, "receive.keepalive") == 0) {
248 keepalive_in_sec = git_config_int(var, value);
249 return 0;
250 }
251
c08db5a2
JK		 252 if (strcmp(var, "receive.maxinputsize") == 0) {
253 max_input_size = git_config_int64(var, value);
254 return 0;
255 }
256
31e8595a
JX		 257 if (strcmp(var, "receive.procreceiverefs") == 0) {
258 if (!value)
259 return config_error_nonbool(var);
260 proc_receive_ref_append(value);
261 return 0;
262 }
263
8073d75b
JS		 264 if (strcmp(var, "transfer.advertisesid") == 0) {
265 advertise_sid = git_config_bool(var, value);
266 return 0;
267 }
268
ef90d6d4 269 return git_default_config(var, value, cb);
6fb75bed
SP		 270}
271
1b7ba794 272static void show_ref(const char *path, const struct object_id *oid)
575f4974 273{
52d2ae58 274 if (sent_capabilities) {
1b7ba794 275 packet_write_fmt(1, "%s %s\n", oid_to_hex(oid), path);
52d2ae58
JH		 276 } else {
277 struct strbuf cap = STRBUF_INIT;
278
279 strbuf_addstr(&cap,
63518a57 280 "report-status report-status-v2 delete-refs side-band-64k quiet");
1b70fe5d
RS		 281 if (advertise_atomic_push)
282 strbuf_addstr(&cap, " atomic");
52d2ae58
JH		 283 if (prefer_ofs_delta)
284 strbuf_addstr(&cap, " ofs-delta");
b89363e4
JH		 285 if (push_cert_nonce)
286 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
c714e45f
SB		 287 if (advertise_push_options)
288 strbuf_addstr(&cap, " push-options");
8073d75b
JS		 289 if (advertise_sid)
290 strbuf_addf(&cap, " session-id=%s", trace2_session_id());
bf30dbf8 291 strbuf_addf(&cap, " object-format=%s", the_hash_algo->name);
52d2ae58 292 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
81c634e9 293 packet_write_fmt(1, "%s %s%c%s\n",
1b7ba794 294 oid_to_hex(oid), path, 0, cap.buf);
52d2ae58
JH		 295 strbuf_release(&cap);
296 sent_capabilities = 1;
297 }
575f4974
LT		 298}
299
78a766ab 300static int show_ref_cb(const char *path_full, const struct object_id *oid,
5cf88fd8 301 int flag UNUSED, void *data)
6b01ecfe 302{
8b24b9e7 303 struct oidset *seen = data;
78a766ab
LF		 304 const char *path = strip_namespace(path_full);
305
9b67eb6f 306 if (ref_is_hidden(path, path_full, &hidden_refs))
78a766ab
LF		 307 return 0;
308
6b01ecfe
JT		 309 /*
310 * Advertise refs outside our current namespace as ".have"
311 * refs, so that the client can use them to minimize data
fea6c47f 312 * transfer but will otherwise ignore them.
6b01ecfe 313 */
8b24b9e7
JK		 314 if (!path) {
315 if (oidset_insert(seen, oid))
316 return 0;
6b01ecfe 317 path = ".have";
63d428e6
JK		 318 } else {
319 oidset_insert(seen, oid);
8b24b9e7 320 }
1b7ba794 321 show_ref(path, oid);
bc98201d 322 return 0;
6b01ecfe
JT		 323}
324
bdf4276c 325static void show_one_alternate_ref(const struct object_id *oid,
ab6eea6f 326 void *data)
b7a025d9 327{
ab6eea6f 328 struct oidset *seen = data;
b7a025d9 329
ab6eea6f
JK		 330 if (oidset_insert(seen, oid))
331 return;
332
1b7ba794 333 show_ref(".have", oid);
6b01ecfe
JT		 334}
335
8a65ff76 336static void write_head_info(void)
575f4974 337{
ab6eea6f 338 static struct oidset seen = OIDSET_INIT;
2b2a5be3 339
63d428e6 340 for_each_ref(show_ref_cb, &seen);
ab6eea6f
JK		 341 for_each_alternate_ref(show_one_alternate_ref, &seen);
342 oidset_clear(&seen);
185c04e0 343 if (!sent_capabilities)
14228447 344 show_ref("capabilities^{}", null_oid());
cfee10a7 345
ad491366
NTND		 346 advertise_shallow_grafts(1);
347
b7a025d9
MH		 348 /* EOF */
349 packet_flush(1);
575f4974
LT		 350}
351
15d3af5e
JX		 352#define RUN_PROC_RECEIVE_SCHEDULED 1
353#define RUN_PROC_RECEIVE_RETURNED 2
eb1af2df
LT		 354struct command {
355 struct command *next;
cfee10a7 356 const char *error_string;
15d3af5e 357 struct ref_push_report *report;
160b81ed 358 unsigned int skip_update:1,
15d3af5e
JX		 359 did_not_exist:1,
360 run_proc_receive:2;
5dbd7676 361 int index;
9c44ea44 362 struct object_id old_oid;
363 struct object_id new_oid;
8f1d2e6f 364 char ref_name[FLEX_ARRAY]; /* more */
575f4974
LT		 365};
366
31e8595a
JX		 367static void proc_receive_ref_append(const char *prefix)
368{
369 struct proc_receive_ref *ref_pattern;
370 char *p;
371 int len;
372
ca56dadb 373 CALLOC_ARRAY(ref_pattern, 1);
31e8595a
JX		 374 p = strchr(prefix, ':');
375 if (p) {
376 while (prefix < p) {
377 if (*prefix == 'a')
378 ref_pattern->want_add = 1;
379 else if (*prefix == 'd')
380 ref_pattern->want_delete = 1;
381 else if (*prefix == 'm')
382 ref_pattern->want_modify = 1;
383 else if (*prefix == '!')
384 ref_pattern->negative_ref = 1;
385 prefix++;
386 }
387 prefix++;
388 } else {
389 ref_pattern->want_add = 1;
390 ref_pattern->want_delete = 1;
391 ref_pattern->want_modify = 1;
392 }
393 len = strlen(prefix);
394 while (len && prefix[len - 1] == '/')
395 len--;
396 ref_pattern->ref_prefix = xmemdupz(prefix, len);
397 if (!proc_receive_ref) {
398 proc_receive_ref = ref_pattern;
399 } else {
400 struct proc_receive_ref *end;
401
402 end = proc_receive_ref;
403 while (end->next)
404 end = end->next;
405 end->next = ref_pattern;
406 }
407}
408
409static int proc_receive_ref_matches(struct command *cmd)
410{
411 struct proc_receive_ref *p;
412
413 if (!proc_receive_ref)
414 return 0;
415
416 for (p = proc_receive_ref; p; p = p->next) {
417 const char *match = p->ref_prefix;
418 const char *remains;
419
420 if (!p->want_add && is_null_oid(&cmd->old_oid))
421 continue;
422 else if (!p->want_delete && is_null_oid(&cmd->new_oid))
423 continue;
424 else if (!p->want_modify &&
425 !is_null_oid(&cmd->old_oid) &&
426 !is_null_oid(&cmd->new_oid))
427 continue;
428
429 if (skip_prefix(cmd->ref_name, match, &remains) &&
430 (!*remains || *remains == '/')) {
431 if (!p->negative_ref)
432 return 1;
433 } else if (p->negative_ref) {
434 return 1;
435 }
436 }
437 return 0;
438}
439
466dbc42
SP		 440static void report_message(const char *prefix, const char *err, va_list params)
441{
b7115a35 442 int sz;
466dbc42
SP		 443 char msg[4096];
444
b7115a35 445 sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
466dbc42
SP		 446 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
447 if (sz > (sizeof(msg) - 1))
448 sz = sizeof(msg) - 1;
449 msg[sz++] = '\n';
450
451 if (use_sideband)
452 send_sideband(1, 2, msg, sz, use_sideband);
453 else
454 xwrite(2, msg, sz);
455}
456
103e02c7 457__attribute__((format (printf, 1, 2)))
466dbc42
SP		 458static void rp_warning(const char *err, ...)
459{
460 va_list params;
461 va_start(params, err);
462 report_message("warning: ", err, params);
463 va_end(params);
464}
465
103e02c7 466__attribute__((format (printf, 1, 2)))
466dbc42
SP		 467static void rp_error(const char *err, ...)
468{
469 va_list params;
470 va_start(params, err);
471 report_message("error: ", err, params);
472 va_end(params);
473}
474
5cf88fd8 475static int copy_to_sideband(int in, int out UNUSED, void *arg UNUSED)
6d525d38
SP		 476{
477 char data[128];
83558686
JK		 478 int keepalive_active = 0;
479
480 if (keepalive_in_sec <= 0)
481 use_keepalive = KEEPALIVE_NEVER;
482 if (use_keepalive == KEEPALIVE_ALWAYS)
483 keepalive_active = 1;
484
6d525d38 485 while (1) {
83558686
JK		 486 ssize_t sz;
487
488 if (keepalive_active) {
489 struct pollfd pfd;
490 int ret;
491
492 pfd.fd = in;
493 pfd.events = POLLIN;
494 ret = poll(&pfd, 1, 1000 * keepalive_in_sec);
495
496 if (ret < 0) {
497 if (errno == EINTR)
498 continue;
499 else
500 break;
501 } else if (ret == 0) {
502 /* no data; send a keepalive packet */
503 static const char buf[] = "0005\1";
504 write_or_die(1, buf, sizeof(buf) - 1);
505 continue;
506 } /* else there is actual data to read */
507 }
508
509 sz = xread(in, data, sizeof(data));
6d525d38
SP		 510 if (sz <= 0)
511 break;
83558686
JK		 512
513 if (use_keepalive == KEEPALIVE_AFTER_NUL && !keepalive_active) {
514 const char *p = memchr(data, '\0', sz);
515 if (p) {
516 /*
517 * The NUL tells us to start sending keepalives. Make
518 * sure we send any other data we read along
519 * with it.
520 */
521 keepalive_active = 1;
522 send_sideband(1, 2, data, p - data, use_sideband);
523 send_sideband(1, 2, p + 1, sz - (p - data + 1), use_sideband);
524 continue;
525 }
526 }
527
528 /*
529 * Either we're not looking for a NUL signal, or we didn't see
530 * it yet; just pass along the data.
531 */
6d525d38
SP		 532 send_sideband(1, 2, data, sz, use_sideband);
533 }
534 close(in);
535 return 0;
536}
537
3013118e 538static void hmac_hash(unsigned char *out,
b89363e4
JH		 539 const char *key_in, size_t key_len,
540 const char *text, size_t text_len)
541{
fabec2c5 542 unsigned char key[GIT_MAX_BLKSZ];
543 unsigned char k_ipad[GIT_MAX_BLKSZ];
544 unsigned char k_opad[GIT_MAX_BLKSZ];
b89363e4 545 int i;
fabec2c5 546 git_hash_ctx ctx;
b89363e4
JH		 547
548 /* RFC 2104 2. (1) */
fabec2c5 549 memset(key, '\0', GIT_MAX_BLKSZ);
550 if (the_hash_algo->blksz < key_len) {
551 the_hash_algo->init_fn(&ctx);
552 the_hash_algo->update_fn(&ctx, key_in, key_len);
553 the_hash_algo->final_fn(key, &ctx);
b89363e4
JH		 554 } else {
555 memcpy(key, key_in, key_len);
556 }
557
558 /* RFC 2104 2. (2) & (5) */
559 for (i = 0; i < sizeof(key); i++) {
560 k_ipad[i] = key[i] ^ 0x36;
561 k_opad[i] = key[i] ^ 0x5c;
562 }
563
564 /* RFC 2104 2. (3) & (4) */
fabec2c5 565 the_hash_algo->init_fn(&ctx);
566 the_hash_algo->update_fn(&ctx, k_ipad, sizeof(k_ipad));
567 the_hash_algo->update_fn(&ctx, text, text_len);
568 the_hash_algo->final_fn(out, &ctx);
b89363e4
JH		 569
570 /* RFC 2104 2. (6) & (7) */
fabec2c5 571 the_hash_algo->init_fn(&ctx);
572 the_hash_algo->update_fn(&ctx, k_opad, sizeof(k_opad));
573 the_hash_algo->update_fn(&ctx, out, the_hash_algo->rawsz);
574 the_hash_algo->final_fn(out, &ctx);
b89363e4
JH		 575}
576
dddbad72 577static char *prepare_push_cert_nonce(const char *path, timestamp_t stamp)
b89363e4
JH		 578{
579 struct strbuf buf = STRBUF_INIT;
fabec2c5 580 unsigned char hash[GIT_MAX_RAWSZ];
b89363e4 581
cb71f8bd 582 strbuf_addf(&buf, "%s:%"PRItime, path, stamp);
3013118e 583 hmac_hash(hash, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));
b89363e4
JH		 584 strbuf_release(&buf);
585
3013118e 586 /* RFC 2104 5. HMAC-SHA1 or HMAC-SHA256 */
fc06be3b 587 strbuf_addf(&buf, "%"PRItime"-%.*s", stamp, (int)the_hash_algo->hexsz, hash_to_hex(hash));
b89363e4
JH		 588 return strbuf_detach(&buf, NULL);
589}
590
cbaf82cc
JT		 591static char *find_header(const char *msg, size_t len, const char *key,
592 const char **next_line)
b89363e4 593{
cfc5cf42
JC		 594 size_t out_len;
595 const char *val = find_header_mem(msg, len, key, &out_len);
596
597 if (!val)
598 return NULL;
599
600 if (next_line)
601 *next_line = val + out_len + 1;
602
603 return xmemdupz(val, out_len);
b89363e4
JH		 604}
605
edc6dccf 606/*
607 * Return zero if a and b are equal up to n bytes and nonzero if they are not.
608 * This operation is guaranteed to run in constant time to avoid leaking data.
609 */
610static int constant_memequal(const char *a, const char *b, size_t n)
611{
612 int res = 0;
719483e5
JH		 613 size_t i;
614
615 for (i = 0; i < n; i++)
edc6dccf 616 res |= a[i] ^ b[i];
617 return res;
618}
619
b89363e4
JH		 620static const char *check_nonce(const char *buf, size_t len)
621{
cbaf82cc 622 char *nonce = find_header(buf, len, "nonce", NULL);
dddbad72 623 timestamp_t stamp, ostamp;
5732373d 624 char *bohmac, *expect = NULL;
b89363e4 625 const char *retval = NONCE_BAD;
edc6dccf 626 size_t noncelen;
b89363e4
JH		 627
628 if (!nonce) {
629 retval = NONCE_MISSING;
630 goto leave;
631 } else if (!push_cert_nonce) {
632 retval = NONCE_UNSOLICITED;
633 goto leave;
634 } else if (!strcmp(push_cert_nonce, nonce)) {
635 retval = NONCE_OK;
636 goto leave;
637 }
638
5732373d
JH		 639 if (!stateless_rpc) {
640 /* returned nonce MUST match what we gave out earlier */
641 retval = NONCE_BAD;
642 goto leave;
643 }
644
645 /*
646 * In stateless mode, we may be receiving a nonce issued by
647 * another instance of the server that serving the same
648 * repository, and the timestamps may not match, but the
649 * nonce-seed and dir should match, so we can recompute and
650 * report the time slop.
651 *
652 * In addition, when a nonce issued by another instance has
653 * timestamp within receive.certnonceslop seconds, we pretend
654 * as if we issued that nonce when reporting to the hook.
655 */
656
657 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
658 if (*nonce <= '0' || '9' < *nonce) {
659 retval = NONCE_BAD;
660 goto leave;
661 }
1aeb7e75 662 stamp = parse_timestamp(nonce, &bohmac, 10);
5732373d
JH		 663 if (bohmac == nonce || bohmac[0] != '-') {
664 retval = NONCE_BAD;
665 goto leave;
666 }
667
edc6dccf 668 noncelen = strlen(nonce);
5732373d 669 expect = prepare_push_cert_nonce(service_dir, stamp);
edc6dccf 670 if (noncelen != strlen(expect)) {
671 /* This is not even the right size. */
672 retval = NONCE_BAD;
673 goto leave;
674 }
675 if (constant_memequal(expect, nonce, noncelen)) {
5732373d
JH		 676 /* Not what we would have signed earlier */
677 retval = NONCE_BAD;
678 goto leave;
679 }
680
681 /*
682 * By how many seconds is this nonce stale? Negative value
683 * would mean it was issued by another server with its clock
684 * skewed in the future.
685 */
1aeb7e75 686 ostamp = parse_timestamp(push_cert_nonce, NULL, 10);
5732373d
JH		 687 nonce_stamp_slop = (long)ostamp - (long)stamp;
688
689 if (nonce_stamp_slop_limit &&
31a8aa1e 690 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
5732373d
JH		 691 /*
692 * Pretend as if the received nonce (which passes the
693 * HMAC check, so it is not a forged by third-party)
694 * is what we issued.
695 */
696 free((void *)push_cert_nonce);
697 push_cert_nonce = xstrdup(nonce);
698 retval = NONCE_OK;
699 } else {
700 retval = NONCE_SLOP;
701 }
b89363e4
JH		 702
703leave:
704 free(nonce);
5732373d 705 free(expect);
b89363e4
JH		 706 return retval;
707}
708
cbaf82cc
JT		 709/*
710 * Return 1 if there is no push_cert or if the push options in push_cert are
711 * the same as those in the argument; 0 otherwise.
712 */
713static int check_cert_push_options(const struct string_list *push_options)
714{
715 const char *buf = push_cert.buf;
716 int len = push_cert.len;
717
718 char *option;
719 const char *next_line;
720 int options_seen = 0;
721
722 int retval = 1;
723
724 if (!len)
725 return 1;
726
727 while ((option = find_header(buf, len, "push-option", &next_line))) {
728 len -= (next_line - buf);
729 buf = next_line;
730 options_seen++;
731 if (options_seen > push_options->nr
732 || strcmp(option,
733 push_options->items[options_seen - 1].string)) {
734 retval = 0;
735 goto leave;
736 }
737 free(option);
738 }
739
740 if (options_seen != push_options->nr)
741 retval = 0;
742
743leave:
744 free(option);
745 return retval;
746}
747
a85b377d
JH		 748static void prepare_push_cert_sha1(struct child_process *proc)
749{
750 static int already_done;
a85b377d
JH		 751
752 if (!push_cert.len)
753 return;
754
755 if (!already_done) {
d05b9618
JH		 756 int bogs /* beginning_of_gpg_sig */;
757
a85b377d 758 already_done = 1;
c80d226a 759 if (write_object_file(push_cert.buf, push_cert.len, OBJ_BLOB,
a09c985e
PO		 760 &push_cert_oid))
761 oidclr(&push_cert_oid);
d05b9618
JH		 762
763 memset(&sigcheck, '\0', sizeof(sigcheck));
d05b9618 764
482c1191 765 bogs = parse_signed_buffer(push_cert.buf, push_cert.len);
02769437
FS		 766 sigcheck.payload = xmemdupz(push_cert.buf, bogs);
767 sigcheck.payload_len = bogs;
768 check_signature(&sigcheck, push_cert.buf + bogs,
769 push_cert.len - bogs);
d05b9618 770
b89363e4 771 nonce_status = check_nonce(push_cert.buf, bogs);
a85b377d 772 }
a09c985e 773 if (!is_null_oid(&push_cert_oid)) {
29fda24d 774 strvec_pushf(&proc->env, "GIT_PUSH_CERT=%s",
f6d8942b 775 oid_to_hex(&push_cert_oid));
29fda24d 776 strvec_pushf(&proc->env, "GIT_PUSH_CERT_SIGNER=%s",
f6d8942b 777 sigcheck.signer ? sigcheck.signer : "");
29fda24d 778 strvec_pushf(&proc->env, "GIT_PUSH_CERT_KEY=%s",
f6d8942b 779 sigcheck.key ? sigcheck.key : "");
29fda24d 780 strvec_pushf(&proc->env, "GIT_PUSH_CERT_STATUS=%c",
f6d8942b 781 sigcheck.result);
b89363e4 782 if (push_cert_nonce) {
29fda24d 783 strvec_pushf(&proc->env,
f6d8942b
JK		 784 "GIT_PUSH_CERT_NONCE=%s",
785 push_cert_nonce);
29fda24d 786 strvec_pushf(&proc->env,
f6d8942b
JK		 787 "GIT_PUSH_CERT_NONCE_STATUS=%s",
788 nonce_status);
5732373d 789 if (nonce_status == NONCE_SLOP)
29fda24d 790 strvec_pushf(&proc->env,
f6d8942b
JK		 791 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
792 nonce_stamp_slop);
b89363e4 793 }
a85b377d
JH		 794 }
795}
796
77a9745d
SB		 797struct receive_hook_feed_state {
798 struct command *cmd;
195d6eae 799 struct ref_push_report *report;
77a9745d
SB		 800 int skip_broken;
801 struct strbuf buf;
802 const struct string_list *push_options;
803};
804
9684e44a 805typedef int (*feed_fn)(void *, const char **, size_t *);
77a9745d
SB		 806static int run_and_feed_hook(const char *hook_name, feed_fn feed,
807 struct receive_hook_feed_state *feed_state)
b1bf95bb 808{
d3180279 809 struct child_process proc = CHILD_PROCESS_INIT;
6d525d38 810 struct async muxer;
9684e44a 811 int code;
7f14609e 812 const char *hook_path = find_hook(hook_name);
b1bf95bb 813
7f14609e 814 if (!hook_path)
b1bf95bb 815 return 0;
c8dd2771 816
7f14609e 817 strvec_push(&proc.args, hook_path);
f43cd49f
SP		 818 proc.in = -1;
819 proc.stdout_to_stderr = 1;
6206286e
JH		 820 proc.trace2_hook_name = hook_name;
821
77a9745d 822 if (feed_state->push_options) {
99d60545 823 size_t i;
77a9745d 824 for (i = 0; i < feed_state->push_options->nr; i++)
29fda24d 825 strvec_pushf(&proc.env,
99d60545
ÆAB		 826 "GIT_PUSH_OPTION_%"PRIuMAX"=%s",
827 (uintmax_t)i,
f6d8942b 828 feed_state->push_options->items[i].string);
29fda24d 829 strvec_pushf(&proc.env, "GIT_PUSH_OPTION_COUNT=%"PRIuMAX"",
99d60545 830 (uintmax_t)feed_state->push_options->nr);
77a9745d 831 } else
29fda24d 832 strvec_pushf(&proc.env, "GIT_PUSH_OPTION_COUNT");
f43cd49f 833
722ff7f8 834 if (tmp_objdir)
29fda24d 835 strvec_pushv(&proc.env, tmp_objdir_env(tmp_objdir));
722ff7f8 836
6d525d38
SP		 837 if (use_sideband) {
838 memset(&muxer, 0, sizeof(muxer));
839 muxer.proc = copy_to_sideband;
840 muxer.in = -1;
841 code = start_async(&muxer);
842 if (code)
843 return code;
844 proc.err = muxer.in;
845 }
846
5d222c09
RS		 847 prepare_push_cert_sha1(&proc);
848
f43cd49f 849 code = start_command(&proc);
6d525d38
SP		 850 if (code) {
851 if (use_sideband)
852 finish_async(&muxer);
90e41a89 853 return code;
6d525d38
SP		 854 }
855
ec7dbd14
JH		 856 sigchain_push(SIGPIPE, SIG_IGN);
857
9684e44a
JH		 858 while (1) {
859 const char *buf;
860 size_t n;
861 if (feed(feed_state, &buf, &n))
862 break;
06f46f23 863 if (write_in_full(proc.in, buf, n) < 0)
9684e44a 864 break;
c8dd2771 865 }
e72ae288 866 close(proc.in);
6d525d38
SP		 867 if (use_sideband)
868 finish_async(&muxer);
ec7dbd14
JH		 869
870 sigchain_pop(SIGPIPE);
871
90e41a89 872 return finish_command(&proc);
b1bf95bb
JW		 873}
874
9684e44a
JH		 875static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
876{
877 struct receive_hook_feed_state *state = state_;
878 struct command *cmd = state->cmd;
879
cdc2b2f3
JH		 880 while (cmd &&
881 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
9684e44a
JH		 882 cmd = cmd->next;
883 if (!cmd)
884 return -1; /* EOF */
195d6eae
JX		 885 if (!bufp)
886 return 0; /* OK, can feed something. */
9684e44a 887 strbuf_reset(&state->buf);
195d6eae
JX		 888 if (!state->report)
889 state->report = cmd->report;
890 if (state->report) {
891 struct object_id *old_oid;
892 struct object_id *new_oid;
893 const char *ref_name;
894
895 old_oid = state->report->old_oid ? state->report->old_oid : &cmd->old_oid;
896 new_oid = state->report->new_oid ? state->report->new_oid : &cmd->new_oid;
897 ref_name = state->report->ref_name ? state->report->ref_name : cmd->ref_name;
898 strbuf_addf(&state->buf, "%s %s %s\n",
899 oid_to_hex(old_oid), oid_to_hex(new_oid),
900 ref_name);
901 state->report = state->report->next;
902 if (!state->report)
903 state->cmd = cmd->next;
904 } else {
905 strbuf_addf(&state->buf, "%s %s %s\n",
906 oid_to_hex(&cmd->old_oid), oid_to_hex(&cmd->new_oid),
907 cmd->ref_name);
908 state->cmd = cmd->next;
909 }
9684e44a
JH		 910 if (bufp) {
911 *bufp = state->buf.buf;
912 *sizep = state->buf.len;
913 }
914 return 0;
915}
916
77a9745d
SB		 917static int run_receive_hook(struct command *commands,
918 const char *hook_name,
919 int skip_broken,
920 const struct string_list *push_options)
9684e44a
JH		 921{
922 struct receive_hook_feed_state state;
923 int status;
924
925 strbuf_init(&state.buf, 0);
926 state.cmd = commands;
cdc2b2f3 927 state.skip_broken = skip_broken;
195d6eae 928 state.report = NULL;
9684e44a
JH		 929 if (feed_receive_hook(&state, NULL, NULL))
930 return 0;
931 state.cmd = commands;
77a9745d 932 state.push_options = push_options;
9684e44a
JH		 933 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
934 strbuf_release(&state.buf);
935 return status;
936}
937
1d9e8b56
SP		 938static int run_update_hook(struct command *cmd)
939{
d3180279 940 struct child_process proc = CHILD_PROCESS_INIT;
6d525d38 941 int code;
7f14609e 942 const char *hook_path = find_hook("update");
1d9e8b56 943
7f14609e 944 if (!hook_path)
1d9e8b56
SP		 945 return 0;
946
7f14609e
ÆAB		 947 strvec_push(&proc.args, hook_path);
948 strvec_push(&proc.args, cmd->ref_name);
949 strvec_push(&proc.args, oid_to_hex(&cmd->old_oid));
950 strvec_push(&proc.args, oid_to_hex(&cmd->new_oid));
1d9e8b56 951
6d525d38
SP		 952 proc.no_stdin = 1;
953 proc.stdout_to_stderr = 1;
954 proc.err = use_sideband ? -1 : 0;
6206286e 955 proc.trace2_hook_name = "update";
6d525d38
SP		 956
957 code = start_command(&proc);
958 if (code)
959 return code;
960 if (use_sideband)
961 copy_to_sideband(proc.err, -1, NULL);
962 return finish_command(&proc);
1d9e8b56
SP		 963}
964
15d3af5e
JX		 965static struct command *find_command_by_refname(struct command *list,
966 const char *refname)
967{
968 for (; list; list = list->next)
969 if (!strcmp(list->ref_name, refname))
970 return list;
971 return NULL;
972}
973
974static int read_proc_receive_report(struct packet_reader *reader,
975 struct command *commands,
976 struct strbuf *errmsg)
977{
978 struct command *cmd;
979 struct command *hint = NULL;
980 struct ref_push_report *report = NULL;
981 int new_report = 0;
982 int code = 0;
983 int once = 0;
f65003b4 984 int response = 0;
15d3af5e
JX		 985
986 for (;;) {
987 struct object_id old_oid, new_oid;
988 const char *head;
989 const char *refname;
990 char *p;
f65003b4
JX		 991 enum packet_read_status status;
992
993 status = packet_reader_read(reader);
994 if (status != PACKET_READ_NORMAL) {
995 /* Check whether proc-receive exited abnormally */
996 if (status == PACKET_READ_EOF && !response) {
997 strbuf_addstr(errmsg, "proc-receive exited abnormally");
998 return -1;
999 }
15d3af5e 1000 break;
f65003b4
JX		 1001 }
1002 response++;
15d3af5e
JX		 1003
1004 head = reader->line;
1005 p = strchr(head, ' ');
1006 if (!p) {
1007 strbuf_addf(errmsg, "proc-receive reported incomplete status line: '%s'\n", head);
1008 code = -1;
1009 continue;
1010 }
1011 *p++ = '\0';
1012 if (!strcmp(head, "option")) {
1013 const char *key, *val;
1014
1015 if (!hint || !(report || new_report)) {
1016 if (!once++)
1017 strbuf_addstr(errmsg, "proc-receive reported 'option' without a matching 'ok/ng' directive\n");
1018 code = -1;
1019 continue;
1020 }
1021 if (new_report) {
1022 if (!hint->report) {
ca56dadb 1023 CALLOC_ARRAY(hint->report, 1);
15d3af5e
JX		 1024 report = hint->report;
1025 } else {
1026 report = hint->report;
1027 while (report->next)
1028 report = report->next;
1029 report->next = xcalloc(1, sizeof(struct ref_push_report));
1030 report = report->next;
1031 }
1032 new_report = 0;
1033 }
1034 key = p;
1035 p = strchr(key, ' ');
1036 if (p)
1037 *p++ = '\0';
1038 val = p;
1039 if (!strcmp(key, "refname"))
1040 report->ref_name = xstrdup_or_null(val);
1041 else if (!strcmp(key, "old-oid") && val &&
1042 !parse_oid_hex(val, &old_oid, &val))
1043 report->old_oid = oiddup(&old_oid);
1044 else if (!strcmp(key, "new-oid") && val &&
1045 !parse_oid_hex(val, &new_oid, &val))
1046 report->new_oid = oiddup(&new_oid);
1047 else if (!strcmp(key, "forced-update"))
1048 report->forced_update = 1;
1049 else if (!strcmp(key, "fall-through"))
1050 /* Fall through, let 'receive-pack' to execute it. */
1051 hint->run_proc_receive = 0;
1052 continue;
1053 }
1054
1055 report = NULL;
1056 new_report = 0;
1057 refname = p;
1058 p = strchr(refname, ' ');
1059 if (p)
1060 *p++ = '\0';
1061 if (strcmp(head, "ok") && strcmp(head, "ng")) {
1062 strbuf_addf(errmsg, "proc-receive reported bad status '%s' on ref '%s'\n",
1063 head, refname);
1064 code = -1;
1065 continue;
1066 }
1067
1068 /* first try searching at our hint, falling back to all refs */
1069 if (hint)
1070 hint = find_command_by_refname(hint, refname);
1071 if (!hint)
1072 hint = find_command_by_refname(commands, refname);
1073 if (!hint) {
1074 strbuf_addf(errmsg, "proc-receive reported status on unknown ref: %s\n",
1075 refname);
1076 code = -1;
1077 continue;
1078 }
1079 if (!hint->run_proc_receive) {
1080 strbuf_addf(errmsg, "proc-receive reported status on unexpected ref: %s\n",
1081 refname);
1082 code = -1;
1083 continue;
1084 }
1085 hint->run_proc_receive |= RUN_PROC_RECEIVE_RETURNED;
1086 if (!strcmp(head, "ng")) {
1087 if (p)
1088 hint->error_string = xstrdup(p);
1089 else
1090 hint->error_string = "failed";
1091 code = -1;
1092 continue;
1093 }
1094 new_report = 1;
1095 }
1096
1097 for (cmd = commands; cmd; cmd = cmd->next)
1098 if (cmd->run_proc_receive && !cmd->error_string &&
1099 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED)) {
1100 cmd->error_string = "proc-receive failed to report status";
1101 code = -1;
1102 }
1103 return code;
1104}
1105
1106static int run_proc_receive_hook(struct command *commands,
1107 const struct string_list *push_options)
1108{
1109 struct child_process proc = CHILD_PROCESS_INIT;
1110 struct async muxer;
1111 struct command *cmd;
15d3af5e
JX		 1112 struct packet_reader reader;
1113 struct strbuf cap = STRBUF_INIT;
1114 struct strbuf errmsg = STRBUF_INIT;
1115 int hook_use_push_options = 0;
1116 int version = 0;
1117 int code;
7f14609e 1118 const char *hook_path = find_hook("proc-receive");
15d3af5e 1119
7f14609e 1120 if (!hook_path) {
15d3af5e
JX		 1121 rp_error("cannot find hook 'proc-receive'");
1122 return -1;
1123 }
15d3af5e 1124
7f14609e 1125 strvec_push(&proc.args, hook_path);
15d3af5e
JX		 1126 proc.in = -1;
1127 proc.out = -1;
1128 proc.trace2_hook_name = "proc-receive";
1129
1130 if (use_sideband) {
1131 memset(&muxer, 0, sizeof(muxer));
1132 muxer.proc = copy_to_sideband;
1133 muxer.in = -1;
1134 code = start_async(&muxer);
1135 if (code)
1136 return code;
1137 proc.err = muxer.in;
1138 } else {
1139 proc.err = 0;
1140 }
1141
1142 code = start_command(&proc);
1143 if (code) {
1144 if (use_sideband)
1145 finish_async(&muxer);
1146 return code;
1147 }
1148
1149 sigchain_push(SIGPIPE, SIG_IGN);
1150
1151 /* Version negotiaton */
1152 packet_reader_init(&reader, proc.out, NULL, 0,
1153 PACKET_READ_CHOMP_NEWLINE |
1154 PACKET_READ_GENTLE_ON_EOF);
1155 if (use_atomic)
1156 strbuf_addstr(&cap, " atomic");
1157 if (use_push_options)
1158 strbuf_addstr(&cap, " push-options");
1159 if (cap.len) {
f65003b4 1160 code = packet_write_fmt_gently(proc.in, "version=1%c%s\n", '\0', cap.buf + 1);
15d3af5e
JX		 1161 strbuf_release(&cap);
1162 } else {
f65003b4 1163 code = packet_write_fmt_gently(proc.in, "version=1\n");
15d3af5e 1164 }
f65003b4
JX		 1165 if (!code)
1166 code = packet_flush_gently(proc.in);
1167
1168 if (!code)
1169 for (;;) {
1170 int linelen;
1171 enum packet_read_status status;
1172
1173 status = packet_reader_read(&reader);
1174 if (status != PACKET_READ_NORMAL) {
1175 /* Check whether proc-receive exited abnormally */
1176 if (status == PACKET_READ_EOF)
1177 code = -1;
1178 break;
1179 }
15d3af5e 1180
f65003b4
JX		 1181 if (reader.pktlen > 8 && starts_with(reader.line, "version=")) {
1182 version = atoi(reader.line + 8);
1183 linelen = strlen(reader.line);
1184 if (linelen < reader.pktlen) {
1185 const char *feature_list = reader.line + linelen + 1;
1186 if (parse_feature_request(feature_list, "push-options"))
1187 hook_use_push_options = 1;
1188 }
15d3af5e
JX		 1189 }
1190 }
f65003b4
JX		 1191
1192 if (code) {
1193 strbuf_addstr(&errmsg, "fail to negotiate version with proc-receive hook");
1194 goto cleanup;
15d3af5e
JX		 1195 }
1196
80ffeb94
JX		 1197 switch (version) {
1198 case 0:
1199 /* fallthrough */
1200 case 1:
1201 break;
1202 default:
15d3af5e
JX		 1203 strbuf_addf(&errmsg, "proc-receive version '%d' is not supported",
1204 version);
1205 code = -1;
1206 goto cleanup;
1207 }
1208
1209 /* Send commands */
1210 for (cmd = commands; cmd; cmd = cmd->next) {
1211 if (!cmd->run_proc_receive || cmd->skip_update || cmd->error_string)
1212 continue;
f65003b4
JX		 1213 code = packet_write_fmt_gently(proc.in, "%s %s %s",
1214 oid_to_hex(&cmd->old_oid),
1215 oid_to_hex(&cmd->new_oid),
1216 cmd->ref_name);
1217 if (code)
1218 break;
1219 }
1220 if (!code)
1221 code = packet_flush_gently(proc.in);
1222 if (code) {
1223 strbuf_addstr(&errmsg, "fail to write commands to proc-receive hook");
1224 goto cleanup;
15d3af5e 1225 }
15d3af5e
JX		 1226
1227 /* Send push options */
1228 if (hook_use_push_options) {
1229 struct string_list_item *item;
1230
f65003b4
JX		 1231 for_each_string_list_item(item, push_options) {
1232 code = packet_write_fmt_gently(proc.in, "%s", item->string);
1233 if (code)
1234 break;
1235 }
1236 if (!code)
1237 code = packet_flush_gently(proc.in);
1238 if (code) {
1239 strbuf_addstr(&errmsg,
1240 "fail to write push-options to proc-receive hook");
1241 goto cleanup;
1242 }
15d3af5e
JX		 1243 }
1244
1245 /* Read result from proc-receive */
1246 code = read_proc_receive_report(&reader, commands, &errmsg);
1247
1248cleanup:
1249 close(proc.in);
1250 close(proc.out);
1251 if (use_sideband)
1252 finish_async(&muxer);
1253 if (finish_command(&proc))
1254 code = -1;
1255 if (errmsg.len >0) {
1256 char *p = errmsg.buf;
1257
1258 p += errmsg.len - 1;
1259 if (*p == '\n')
1260 *p = '\0';
1261 rp_error("%s", errmsg.buf);
1262 strbuf_release(&errmsg);
1263 }
1264 sigchain_pop(SIGPIPE);
1265
1266 return code;
1267}
1268
8ba35a2d
VA		 1269static char *refuse_unconfigured_deny_msg =
1270 N_("By default, updating the current branch in a non-bare repository\n"
1271 "is denied, because it will make the index and work tree inconsistent\n"
1272 "with what you pushed, and will require 'git reset --hard' to match\n"
1273 "the work tree to HEAD.\n"
1274 "\n"
2ddaa427
AH		 1275 "You can set the 'receive.denyCurrentBranch' configuration variable\n"
1276 "to 'ignore' or 'warn' in the remote repository to allow pushing into\n"
8ba35a2d
VA		 1277 "its current branch; however, this is not recommended unless you\n"
1278 "arranged to update its work tree to match what you pushed in some\n"
1279 "other way.\n"
1280 "\n"
1281 "To squelch this message and still keep the default behaviour, set\n"
1282 "'receive.denyCurrentBranch' configuration variable to 'refuse'.");
3d95d92b 1283
acd2a45b 1284static void refuse_unconfigured_deny(void)
3d95d92b 1285{
8ba35a2d 1286 rp_error("%s", _(refuse_unconfigured_deny_msg));
3d95d92b
JH		 1287}
1288
8ba35a2d
VA		 1289static char *refuse_unconfigured_deny_delete_current_msg =
1290 N_("By default, deleting the current branch is denied, because the next\n"
1291 "'git clone' won't result in any file checked out, causing confusion.\n"
1292 "\n"
1293 "You can set 'receive.denyDeleteCurrent' configuration variable to\n"
1294 "'warn' or 'ignore' in the remote repository to allow deleting the\n"
1295 "current branch, with or without a warning message.\n"
1296 "\n"
1297 "To squelch this message, you can set it to 'refuse'.");
747ca245 1298
375881fa 1299static void refuse_unconfigured_deny_delete_current(void)
747ca245 1300{
8ba35a2d 1301 rp_error("%s", _(refuse_unconfigured_deny_delete_current_msg));
747ca245
JH		 1302}
1303
9fec7b21 1304static const struct object_id *command_singleton_iterator(void *cb_data);
0a1bc12b
NTND		 1305static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
1306{
cac4b8e2 1307 struct shallow_lock shallow_lock = SHALLOW_LOCK_INIT;
910650d2 1308 struct oid_array extra = OID_ARRAY_INIT;
7043c707 1309 struct check_connected_options opt = CHECK_CONNECTED_INIT;
0a1bc12b
NTND		 1310 uint32_t mask = 1 << (cmd->index % 32);
1311 int i;
1312
6aa30857 1313 trace_printf_key(&trace_shallow,
0a1bc12b
NTND		 1314 "shallow: update_shallow_ref %s\n", cmd->ref_name);
1315 for (i = 0; i < si->shallow->nr; i++)
1316 if (si->used_shallow[i] &&
1317 (si->used_shallow[i][cmd->index / 32] & mask) &&
1318 !delayed_reachability_test(si, i))
910650d2 1319 oid_array_append(&extra, &si->shallow->oid[i]);
0a1bc12b 1320
722ff7f8 1321 opt.env = tmp_objdir_env(tmp_objdir);
7043c707
JK		 1322 setup_alternate_shallow(&shallow_lock, &opt.shallow_file, &extra);
1323 if (check_connected(command_singleton_iterator, cmd, &opt)) {
37b9dcab 1324 rollback_shallow_file(the_repository, &shallow_lock);
910650d2 1325 oid_array_clear(&extra);
0a1bc12b
NTND		 1326 return -1;
1327 }
1328
37b9dcab 1329 commit_shallow_file(the_repository, &shallow_lock);
0a1bc12b
NTND		 1330
1331 /*
1332 * Make sure setup_alternate_shallow() for the next ref does
1333 * not lose these new roots..
1334 */
1335 for (i = 0; i < extra.nr; i++)
19143f13 1336 register_shallow(the_repository, &extra.oid[i]);
0a1bc12b
NTND		 1337
1338 si->shallow_ref[cmd->index] = 0;
910650d2 1339 oid_array_clear(&extra);
0a1bc12b
NTND		 1340 return 0;
1341}
1342
1a51b524
JH		 1343/*
1344 * NEEDSWORK: we should consolidate various implementions of "are we
1345 * on an unborn branch?" test into one, and make the unified one more
1346 * robust. !get_sha1() based check used here and elsewhere would not
1347 * allow us to tell an unborn branch from corrupt ref, for example.
1348 * For the purpose of fixing "deploy-to-update does not work when
1349 * pushing into an empty repository" issue, this should suffice for
1350 * now.
1351 */
1352static int head_has_history(void)
1353{
15be4a5d 1354 struct object_id oid;
1a51b524 1355
d850b7a5 1356 return !repo_get_oid(the_repository, "HEAD", &oid);
1a51b524
JH		 1357}
1358
21b138d0 1359static const char *push_to_deploy(unsigned char *sha1,
22f9b7f3 1360 struct strvec *env,
21b138d0 1361 const char *work_tree)
1404bcbb 1362{
1404bcbb
JS		 1363 struct child_process child = CHILD_PROCESS_INIT;
1364
2b709893
ÆAB		 1365 strvec_pushl(&child.args, "update-index", "-q", "--ignore-submodules",
1366 "--refresh", NULL);
29fda24d 1367 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1368 child.dir = work_tree;
1369 child.no_stdin = 1;
1370 child.stdout_to_stderr = 1;
1371 child.git_cmd = 1;
21b138d0 1372 if (run_command(&child))
1404bcbb 1373 return "Up-to-date check failed";
1404bcbb
JS		 1374
1375 /* run_command() does not clean up completely; reinitialize */
1376 child_process_init(&child);
2b709893
ÆAB		 1377 strvec_pushl(&child.args, "diff-files", "--quiet",
1378 "--ignore-submodules", "--", NULL);
29fda24d 1379 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1380 child.dir = work_tree;
1381 child.no_stdin = 1;
1382 child.stdout_to_stderr = 1;
1383 child.git_cmd = 1;
21b138d0 1384 if (run_command(&child))
1404bcbb 1385 return "Working directory has unstaged changes";
1404bcbb
JS		 1386
1387 child_process_init(&child);
2b709893
ÆAB		 1388 strvec_pushl(&child.args, "diff-index", "--quiet", "--cached",
1389 "--ignore-submodules",
1390 /* diff-index with either HEAD or an empty tree */
1391 head_has_history() ? "HEAD" : empty_tree_oid_hex(),
1392 "--", NULL);
29fda24d 1393 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1394 child.no_stdin = 1;
1395 child.no_stdout = 1;
1396 child.stdout_to_stderr = 0;
1397 child.git_cmd = 1;
21b138d0 1398 if (run_command(&child))
1404bcbb 1399 return "Working directory has staged changes";
1404bcbb 1400
1404bcbb 1401 child_process_init(&child);
2b709893
ÆAB		 1402 strvec_pushl(&child.args, "read-tree", "-u", "-m", hash_to_hex(sha1),
1403 NULL);
29fda24d 1404 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1405 child.dir = work_tree;
1406 child.no_stdin = 1;
1407 child.no_stdout = 1;
1408 child.stdout_to_stderr = 0;
1409 child.git_cmd = 1;
21b138d0 1410 if (run_command(&child))
1404bcbb 1411 return "Could not update working tree to new HEAD";
1404bcbb 1412
1404bcbb
JS		 1413 return NULL;
1414}
1415
08553319
JH		 1416static const char *push_to_checkout_hook = "push-to-checkout";
1417
fc06be3b 1418static const char *push_to_checkout(unsigned char *hash,
a8cc5943 1419 int *invoked_hook,
22f9b7f3 1420 struct strvec *env,
08553319
JH		 1421 const char *work_tree)
1422{
306f445e 1423 struct run_hooks_opt opt = RUN_HOOKS_OPT_INIT;
a8cc5943 1424 opt.invoked_hook = invoked_hook;
306f445e 1425
22f9b7f3 1426 strvec_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
306f445e
ES		 1427 strvec_pushv(&opt.env, env->v);
1428 strvec_push(&opt.args, hash_to_hex(hash));
1429 if (run_hooks_opt(push_to_checkout_hook, &opt))
08553319
JH		 1430 return "push-to-checkout hook declined";
1431 else
1432 return NULL;
1433}
1434
4ef34648 1435static const char *update_worktree(unsigned char *sha1, const struct worktree *worktree)
21b138d0 1436{
38baae6c 1437 const char *retval, *git_dir;
22f9b7f3 1438 struct strvec env = STRVEC_INIT;
a8cc5943 1439 int invoked_hook;
21b138d0 1440
38baae6c
AK		 1441 if (!worktree || !worktree->path)
1442 BUG("worktree->path must be non-NULL");
4ef34648 1443
9fdf4f1d 1444 if (worktree->is_bare)
21b138d0 1445 return "denyCurrentBranch = updateInstead needs a worktree";
38baae6c 1446 git_dir = get_worktree_git_dir(worktree);
21b138d0 1447
22f9b7f3 1448 strvec_pushf(&env, "GIT_DIR=%s", absolute_path(git_dir));
21b138d0 1449
a8cc5943
ÆAB		 1450 retval = push_to_checkout(sha1, &invoked_hook, &env, worktree->path);
1451 if (!invoked_hook)
38baae6c 1452 retval = push_to_deploy(sha1, &env, worktree->path);
21b138d0 1453
22f9b7f3 1454 strvec_clear(&env);
21b138d0
JH		 1455 return retval;
1456}
1457
0a1bc12b 1458static const char *update(struct command *cmd, struct shallow_info *si)
2eca23da 1459{
cfee10a7 1460 const char *name = cmd->ref_name;
6b01ecfe 1461 struct strbuf namespaced_name_buf = STRBUF_INIT;
bda6e828
JS		 1462 static char *namespaced_name;
1463 const char *ret;
9c44ea44 1464 struct object_id *old_oid = &cmd->old_oid;
1465 struct object_id *new_oid = &cmd->new_oid;
b072a25f 1466 int do_update_worktree = 0;
c8dd491f
AK		 1467 struct worktree **worktrees = get_worktrees();
1468 const struct worktree *worktree =
9fdf4f1d 1469 find_shared_symref(worktrees, "HEAD", name);
2eca23da 1470
061d6b9a 1471 /* only refs/... are allowed */
7c3c5502
ZH		 1472 if (!starts_with(name, "refs/") ||
1473 check_refname_format(name + 5, is_null_oid(new_oid) ?
1474 REFNAME_ALLOW_ONELEVEL : 0)) {
d81ba50a 1475 rp_error("refusing to update funny ref '%s' remotely", name);
c8dd491f
AK		 1476 ret = "funny refname";
1477 goto out;
cfee10a7 1478 }
d8a1deec 1479
6b01ecfe 1480 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
bda6e828 1481 free(namespaced_name);
6b01ecfe
JT		 1482 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
1483
9fdf4f1d 1484 if (worktree && !worktree->is_bare) {
3d95d92b
JH		 1485 switch (deny_current_branch) {
1486 case DENY_IGNORE:
986e8239 1487 break;
3d95d92b 1488 case DENY_WARN:
466dbc42 1489 rp_warning("updating the current branch");
986e8239 1490 break;
3d95d92b 1491 case DENY_REFUSE:
acd2a45b 1492 case DENY_UNCONFIGURED:
466dbc42 1493 rp_error("refusing to update checked out branch: %s", name);
acd2a45b
JH		 1494 if (deny_current_branch == DENY_UNCONFIGURED)
1495 refuse_unconfigured_deny();
c8dd491f
AK		 1496 ret = "branch is currently checked out";
1497 goto out;
1404bcbb 1498 case DENY_UPDATE_INSTEAD:
b072a25f
JH		 1499 /* pass -- let other checks intervene first */
1500 do_update_worktree = 1;
1404bcbb 1501 break;
3d95d92b 1502 }
986e8239
JK		 1503 }
1504
bc726bd0 1505 if (!is_null_oid(new_oid) && !repo_has_object_file(the_repository, new_oid)) {
8aaf7d64 1506 error("unpack should have generated %s, "
9c44ea44 1507 "but I can't find it!", oid_to_hex(new_oid));
c8dd491f
AK		 1508 ret = "bad pack";
1509 goto out;
cfee10a7 1510 }
747ca245 1511
9c44ea44 1512 if (!is_null_oid(old_oid) && is_null_oid(new_oid)) {
59556548 1513 if (deny_deletes && starts_with(name, "refs/heads/")) {
466dbc42 1514 rp_error("denying ref deletion for %s", name);
c8dd491f
AK		 1515 ret = "deletion prohibited";
1516 goto out;
747ca245
JH		 1517 }
1518
4ef34648 1519 if (worktree || (head_name && !strcmp(namespaced_name, head_name))) {
747ca245
JH		 1520 switch (deny_delete_current) {
1521 case DENY_IGNORE:
1522 break;
1523 case DENY_WARN:
466dbc42 1524 rp_warning("deleting the current branch");
747ca245
JH		 1525 break;
1526 case DENY_REFUSE:
375881fa 1527 case DENY_UNCONFIGURED:
1404bcbb 1528 case DENY_UPDATE_INSTEAD:
375881fa
JH		 1529 if (deny_delete_current == DENY_UNCONFIGURED)
1530 refuse_unconfigured_deny_delete_current();
466dbc42 1531 rp_error("refusing to delete the current branch: %s", name);
c8dd491f
AK		 1532 ret = "deletion of the current branch prohibited";
1533 goto out;
1404bcbb 1534 default:
c8dd491f
AK		 1535 ret = "Invalid denyDeleteCurrent setting";
1536 goto out;
747ca245
JH		 1537 }
1538 }
a240de11 1539 }
747ca245 1540
9c44ea44 1541 if (deny_non_fast_forwards && !is_null_oid(new_oid) &&
1542 !is_null_oid(old_oid) &&
59556548 1543 starts_with(name, "refs/heads/")) {
eab82707 1544 struct object *old_object, *new_object;
11031d7e 1545 struct commit *old_commit, *new_commit;
11031d7e 1546
109cd76d
SB		 1547 old_object = parse_object(the_repository, old_oid);
1548 new_object = parse_object(the_repository, new_oid);
eab82707
MK		 1549
1550 if (!old_object || !new_object ||
1551 old_object->type != OBJ_COMMIT ||
1552 new_object->type != OBJ_COMMIT) {
1553 error("bad sha1 objects for %s", name);
c8dd491f
AK		 1554 ret = "bad ref";
1555 goto out;
eab82707
MK		 1556 }
1557 old_commit = (struct commit *)old_object;
1558 new_commit = (struct commit *)new_object;
cb338c23 1559 if (!repo_in_merge_bases(the_repository, old_commit, new_commit)) {
466dbc42
SP		 1560 rp_error("denying non-fast-forward %s"
1561 " (you should pull first)", name);
c8dd491f
AK		 1562 ret = "non-fast-forward";
1563 goto out;
8aaf7d64 1564 }
11031d7e 1565 }
1d9e8b56 1566 if (run_update_hook(cmd)) {
466dbc42 1567 rp_error("hook declined to update %s", name);
c8dd491f
AK		 1568 ret = "hook declined";
1569 goto out;
b1bf95bb 1570 }
3159c8dc 1571
b072a25f 1572 if (do_update_worktree) {
38baae6c 1573 ret = update_worktree(new_oid->hash, worktree);
b072a25f 1574 if (ret)
c8dd491f 1575 goto out;
b072a25f
JH		 1576 }
1577
9c44ea44 1578 if (is_null_oid(new_oid)) {
222368c6 1579 struct strbuf err = STRBUF_INIT;
109cd76d 1580 if (!parse_object(the_repository, old_oid)) {
9c44ea44 1581 old_oid = NULL;
160b81ed 1582 if (ref_exists(name)) {
c25edee9 1583 rp_warning("allowing deletion of corrupt ref");
160b81ed 1584 } else {
c25edee9 1585 rp_warning("deleting a non-existent ref");
160b81ed
PYH		 1586 cmd->did_not_exist = 1;
1587 }
28391a80 1588 }
222368c6
SB		 1589 if (ref_transaction_delete(transaction,
1590 namespaced_name,
89f3bbdd 1591 old_oid,
fb5a6bb6 1592 0, "push", &err)) {
222368c6 1593 rp_error("%s", err.buf);
c8dd491f
AK		 1594 ret = "failed to delete";
1595 } else {
1596 ret = NULL; /* good */
d4f694ba 1597 }
222368c6 1598 strbuf_release(&err);
d4f694ba
JH		 1599 }
1600 else {
6629ea2d 1601 struct strbuf err = STRBUF_INIT;
0a1bc12b 1602 if (shallow_update && si->shallow_ref[cmd->index] &&
c8dd491f
AK		 1603 update_shallow_ref(cmd, si)) {
1604 ret = "shallow error";
1605 goto out;
1606 }
0a1bc12b 1607
222368c6
SB		 1608 if (ref_transaction_update(transaction,
1609 namespaced_name,
89f3bbdd 1610 new_oid, old_oid,
1d147bdf 1611 0, "push",
222368c6 1612 &err)) {
6629ea2d 1613 rp_error("%s", err.buf);
c8dd491f
AK		 1614 ret = "failed to update ref";
1615 } else {
1616 ret = NULL; /* good */
ef203f08 1617 }
6629ea2d 1618 strbuf_release(&err);
19614330 1619 }
c8dd491f
AK		 1620
1621out:
1622 free_worktrees(worktrees);
1623 return ret;
2eca23da
LT		 1624}
1625
5e1c71fd 1626static void run_update_post_hook(struct command *commands)
19614330 1627{
5e1c71fd 1628 struct command *cmd;
d3180279 1629 struct child_process proc = CHILD_PROCESS_INIT;
dcf69262 1630 const char *hook;
19614330 1631
5a7da2dc 1632 hook = find_hook("post-update");
dce96c41 1633 if (!hook)
3e6e152c 1634 return;
5a7da2dc 1635
850d2fec 1636 for (cmd = commands; cmd; cmd = cmd->next) {
160b81ed 1637 if (cmd->error_string || cmd->did_not_exist)
19614330 1638 continue;
d70a9eb6 1639 if (!proc.args.nr)
22f9b7f3
JK		 1640 strvec_push(&proc.args, hook);
1641 strvec_push(&proc.args, cmd->ref_name);
19614330 1642 }
d70a9eb6 1643 if (!proc.args.nr)
dce96c41 1644 return;
6d525d38 1645
6d525d38
SP		 1646 proc.no_stdin = 1;
1647 proc.stdout_to_stderr = 1;
1648 proc.err = use_sideband ? -1 : 0;
6206286e 1649 proc.trace2_hook_name = "post-update";
6d525d38
SP		 1650
1651 if (!start_command(&proc)) {
1652 if (use_sideband)
1653 copy_to_sideband(proc.err, -1, NULL);
1654 finish_command(&proc);
1655 }
19614330 1656}
2eca23da 1657
99036237
ÆAB		 1658static void check_aliased_update_internal(struct command *cmd,
1659 struct string_list *list,
1660 const char *dst_name, int flag)
da3efdb1
JS		 1661{
1662 struct string_list_item *item;
1663 struct command *dst_cmd;
da3efdb1
JS		 1664
1665 if (!(flag & REF_ISSYMREF))
1666 return;
1667
6b01ecfe
JT		 1668 if (!dst_name) {
1669 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1670 cmd->skip_update = 1;
1671 cmd->error_string = "broken symref";
1672 return;
1673 }
ded83936 1674 dst_name = strip_namespace(dst_name);
6b01ecfe 1675
afe8a907 1676 if (!(item = string_list_lookup(list, dst_name)))
da3efdb1
JS		 1677 return;
1678
1679 cmd->skip_update = 1;
1680
1681 dst_cmd = (struct command *) item->util;
1682
4a7e27e9
JK		 1683 if (oideq(&cmd->old_oid, &dst_cmd->old_oid) &&
1684 oideq(&cmd->new_oid, &dst_cmd->new_oid))
da3efdb1
JS		 1685 return;
1686
1687 dst_cmd->skip_update = 1;
1688
da3efdb1
JS		 1689 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1690 " its target '%s' (%s..%s)",
ef2ed501 1691 cmd->ref_name,
d850b7a5
ÆAB		 1692 repo_find_unique_abbrev(the_repository, &cmd->old_oid, DEFAULT_ABBREV),
1693 repo_find_unique_abbrev(the_repository, &cmd->new_oid, DEFAULT_ABBREV),
ef2ed501 1694 dst_cmd->ref_name,
d850b7a5
ÆAB		 1695 repo_find_unique_abbrev(the_repository, &dst_cmd->old_oid, DEFAULT_ABBREV),
1696 repo_find_unique_abbrev(the_repository, &dst_cmd->new_oid, DEFAULT_ABBREV));
da3efdb1
JS		 1697
1698 cmd->error_string = dst_cmd->error_string =
1699 "inconsistent aliased update";
1700}
1701
99036237
ÆAB		 1702static void check_aliased_update(struct command *cmd, struct string_list *list)
1703{
1704 struct strbuf buf = STRBUF_INIT;
1705 const char *dst_name;
1706 int flag;
1707
1708 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1709 dst_name = resolve_ref_unsafe(buf.buf, 0, NULL, &flag);
1710 check_aliased_update_internal(cmd, list, dst_name, flag);
1711 strbuf_release(&buf);
1712}
1713
da3efdb1
JS		 1714static void check_aliased_updates(struct command *commands)
1715{
1716 struct command *cmd;
183113a5 1717 struct string_list ref_list = STRING_LIST_INIT_NODUP;
da3efdb1
JS		 1718
1719 for (cmd = commands; cmd; cmd = cmd->next) {
1720 struct string_list_item *item =
1d2f80fa 1721 string_list_append(&ref_list, cmd->ref_name);
da3efdb1
JS		 1722 item->util = (void *)cmd;
1723 }
3383e199 1724 string_list_sort(&ref_list);
da3efdb1 1725
ef7e93d9
CB		 1726 for (cmd = commands; cmd; cmd = cmd->next) {
1727 if (!cmd->error_string)
1728 check_aliased_update(cmd, &ref_list);
1729 }
da3efdb1
JS		 1730
1731 string_list_clear(&ref_list, 0);
1732}
1733
9fec7b21 1734static const struct object_id *command_singleton_iterator(void *cb_data)
52fed6e1
JH		 1735{
1736 struct command **cmd_list = cb_data;
1737 struct command *cmd = *cmd_list;
1738
9c44ea44 1739 if (!cmd || is_null_oid(&cmd->new_oid))
9fec7b21 1740 return NULL;
52fed6e1 1741 *cmd_list = NULL; /* this returns only one */
9fec7b21 1742 return &cmd->new_oid;
52fed6e1
JH		 1743}
1744
0a1bc12b
NTND		 1745static void set_connectivity_errors(struct command *commands,
1746 struct shallow_info *si)
52fed6e1
JH		 1747{
1748 struct command *cmd;
1749
1750 for (cmd = commands; cmd; cmd = cmd->next) {
1751 struct command *singleton = cmd;
722ff7f8
JK		 1752 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1753
0a1bc12b
NTND		 1754 if (shallow_update && si->shallow_ref[cmd->index])
1755 /* to be checked in update_shallow_ref() */
1756 continue;
722ff7f8
JK		 1757
1758 opt.env = tmp_objdir_env(tmp_objdir);
7043c707 1759 if (!check_connected(command_singleton_iterator, &singleton,
722ff7f8 1760 &opt))
52fed6e1 1761 continue;
722ff7f8 1762
52fed6e1
JH		 1763 cmd->error_string = "missing necessary objects";
1764 }
1765}
1766
0a1bc12b
NTND		 1767struct iterate_data {
1768 struct command *cmds;
1769 struct shallow_info *si;
1770};
1771
9fec7b21 1772static const struct object_id *iterate_receive_command_list(void *cb_data)
52fed6e1 1773{
0a1bc12b
NTND		 1774 struct iterate_data *data = cb_data;
1775 struct command **cmd_list = &data->cmds;
52fed6e1
JH		 1776 struct command *cmd = *cmd_list;
1777
0a1bc12b
NTND		 1778 for (; cmd; cmd = cmd->next) {
1779 if (shallow_update && data->si->shallow_ref[cmd->index])
1780 /* to be checked in update_shallow_ref() */
1781 continue;
9c44ea44 1782 if (!is_null_oid(&cmd->new_oid) && !cmd->skip_update) {
ee6dfb2d 1783 *cmd_list = cmd->next;
9fec7b21 1784 return &cmd->new_oid;
ee6dfb2d 1785 }
ee6dfb2d 1786 }
9fec7b21 1787 return NULL;
52fed6e1
JH		 1788}
1789
daebaa78
JH		 1790static void reject_updates_to_hidden(struct command *commands)
1791{
78a766ab
LF		 1792 struct strbuf refname_full = STRBUF_INIT;
1793 size_t prefix_len;
daebaa78
JH		 1794 struct command *cmd;
1795
78a766ab
LF		 1796 strbuf_addstr(&refname_full, get_git_namespace());
1797 prefix_len = refname_full.len;
1798
daebaa78 1799 for (cmd = commands; cmd; cmd = cmd->next) {
78a766ab
LF		 1800 if (cmd->error_string)
1801 continue;
1802
1803 strbuf_setlen(&refname_full, prefix_len);
1804 strbuf_addstr(&refname_full, cmd->ref_name);
1805
9b67eb6f 1806 if (!ref_is_hidden(cmd->ref_name, refname_full.buf, &hidden_refs))
daebaa78 1807 continue;
9c44ea44 1808 if (is_null_oid(&cmd->new_oid))
daebaa78
JH		 1809 cmd->error_string = "deny deleting a hidden ref";
1810 else
1811 cmd->error_string = "deny updating a hidden ref";
1812 }
78a766ab
LF		 1813
1814 strbuf_release(&refname_full);
daebaa78
JH		 1815}
1816
a6a84319
SB		 1817static int should_process_cmd(struct command *cmd)
1818{
1819 return !cmd->error_string && !cmd->skip_update;
1820}
1821
07b1d8f1 1822static void BUG_if_skipped_connectivity_check(struct command *commands,
a6a84319
SB		 1823 struct shallow_info *si)
1824{
1825 struct command *cmd;
a6a84319
SB		 1826
1827 for (cmd = commands; cmd; cmd = cmd->next) {
07b1d8f1
ÆAB		 1828 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index])
1829 bug("connectivity check has not been run on ref %s",
1830 cmd->ref_name);
a6a84319 1831 }
07b1d8f1 1832 BUG_if_bug("connectivity check skipped???");
a6a84319
SB		 1833}
1834
a1a26145
SB		 1835static void execute_commands_non_atomic(struct command *commands,
1836 struct shallow_info *si)
1837{
1838 struct command *cmd;
222368c6
SB		 1839 struct strbuf err = STRBUF_INIT;
1840
a1a26145 1841 for (cmd = commands; cmd; cmd = cmd->next) {
15d3af5e 1842 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
a1a26145
SB		 1843 continue;
1844
222368c6
SB		 1845 transaction = ref_transaction_begin(&err);
1846 if (!transaction) {
1847 rp_error("%s", err.buf);
1848 strbuf_reset(&err);
1849 cmd->error_string = "transaction failed to start";
1850 continue;
1851 }
1852
a1a26145 1853 cmd->error_string = update(cmd, si);
222368c6
SB		 1854
1855 if (!cmd->error_string
1856 && ref_transaction_commit(transaction, &err)) {
1857 rp_error("%s", err.buf);
1858 strbuf_reset(&err);
1859 cmd->error_string = "failed to update ref";
1860 }
1861 ref_transaction_free(transaction);
a1a26145 1862 }
68deed29
SB		 1863 strbuf_release(&err);
1864}
222368c6 1865
68deed29
SB		 1866static void execute_commands_atomic(struct command *commands,
1867 struct shallow_info *si)
1868{
1869 struct command *cmd;
1870 struct strbuf err = STRBUF_INIT;
1871 const char *reported_error = "atomic push failure";
1872
1873 transaction = ref_transaction_begin(&err);
1874 if (!transaction) {
1875 rp_error("%s", err.buf);
1876 strbuf_reset(&err);
1877 reported_error = "transaction failed to start";
1878 goto failure;
1879 }
1880
1881 for (cmd = commands; cmd; cmd = cmd->next) {
15d3af5e 1882 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
68deed29
SB		 1883 continue;
1884
1885 cmd->error_string = update(cmd, si);
1886
1887 if (cmd->error_string)
1888 goto failure;
1889 }
1890
1891 if (ref_transaction_commit(transaction, &err)) {
1892 rp_error("%s", err.buf);
1893 reported_error = "atomic transaction failed";
1894 goto failure;
1895 }
1896 goto cleanup;
1897
1898failure:
1899 for (cmd = commands; cmd; cmd = cmd->next)
1900 if (!cmd->error_string)
1901 cmd->error_string = reported_error;
1902
1903cleanup:
1904 ref_transaction_free(transaction);
222368c6 1905 strbuf_release(&err);
a1a26145
SB		 1906}
1907
0a1bc12b
NTND		 1908static void execute_commands(struct command *commands,
1909 const char *unpacker_error,
77a9745d
SB		 1910 struct shallow_info *si,
1911 const struct string_list *push_options)
575f4974 1912{
d415092a 1913 struct check_connected_options opt = CHECK_CONNECTED_INIT;
5e1c71fd 1914 struct command *cmd;
0a1bc12b 1915 struct iterate_data data;
d415092a
JK		 1916 struct async muxer;
1917 int err_fd = 0;
15d3af5e 1918 int run_proc_receive = 0;
8aaf7d64
SP		 1919
1920 if (unpacker_error) {
5e1c71fd 1921 for (cmd = commands; cmd; cmd = cmd->next)
74eb32d3 1922 cmd->error_string = "unpacker error";
8aaf7d64
SP		 1923 return;
1924 }
1925
d415092a
JK		 1926 if (use_sideband) {
1927 memset(&muxer, 0, sizeof(muxer));
1928 muxer.proc = copy_to_sideband;
1929 muxer.in = -1;
1930 if (!start_async(&muxer))
1931 err_fd = muxer.in;
1932 /* ...else, continue without relaying sideband */
1933 }
1934
0a1bc12b
NTND		 1935 data.cmds = commands;
1936 data.si = si;
d415092a 1937 opt.err_fd = err_fd;
6b4cd2f8 1938 opt.progress = err_fd && !quiet;
722ff7f8 1939 opt.env = tmp_objdir_env(tmp_objdir);
bcec6780
PS		 1940 opt.exclude_hidden_refs_section = "receive";
1941
d415092a 1942 if (check_connected(iterate_receive_command_list, &data, &opt))
0a1bc12b 1943 set_connectivity_errors(commands, si);
52fed6e1 1944
d415092a
JK		 1945 if (use_sideband)
1946 finish_async(&muxer);
1947
daebaa78
JH		 1948 reject_updates_to_hidden(commands);
1949
15d3af5e
JX		 1950 /*
1951 * Try to find commands that have special prefix in their reference names,
1952 * and mark them to run an external "proc-receive" hook later.
1953 */
31e8595a
JX		 1954 if (proc_receive_ref) {
1955 for (cmd = commands; cmd; cmd = cmd->next) {
1956 if (!should_process_cmd(cmd))
1957 continue;
15d3af5e 1958
31e8595a
JX		 1959 if (proc_receive_ref_matches(cmd)) {
1960 cmd->run_proc_receive = RUN_PROC_RECEIVE_SCHEDULED;
1961 run_proc_receive = 1;
1962 }
15d3af5e
JX		 1963 }
1964 }
1965
77a9745d 1966 if (run_receive_hook(commands, "pre-receive", 0, push_options)) {
ef7e93d9
CB		 1967 for (cmd = commands; cmd; cmd = cmd->next) {
1968 if (!cmd->error_string)
1969 cmd->error_string = "pre-receive hook declined";
1970 }
05ef58ec
SP		 1971 return;
1972 }
1973
54077640
CB		 1974 /*
1975 * If there is no command ready to run, should return directly to destroy
1976 * temporary data in the quarantine area.
1977 */
1978 for (cmd = commands; cmd && cmd->error_string; cmd = cmd->next)
1979 ; /* nothing */
1980 if (!cmd)
1981 return;
1982
722ff7f8
JK		 1983 /*
1984 * Now we'll start writing out refs, which means the objects need
1985 * to be in their final positions so that other processes can see them.
1986 */
1987 if (tmp_objdir_migrate(tmp_objdir) < 0) {
1988 for (cmd = commands; cmd; cmd = cmd->next) {
1989 if (!cmd->error_string)
1990 cmd->error_string = "unable to migrate objects to permanent storage";
1991 }
1992 return;
1993 }
1994 tmp_objdir = NULL;
1995
da3efdb1
JS		 1996 check_aliased_updates(commands);
1997
96ec7b1e 1998 free(head_name_to_free);
efbd4fdf 1999 head_name = head_name_to_free = resolve_refdup("HEAD", 0, NULL, NULL);
747ca245 2000
15d3af5e
JX		 2001 if (run_proc_receive &&
2002 run_proc_receive_hook(commands, push_options))
2003 for (cmd = commands; cmd; cmd = cmd->next)
2004 if (!cmd->error_string &&
2005 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED) &&
2006 (cmd->run_proc_receive || use_atomic))
2007 cmd->error_string = "fail to run proc-receive hook";
2008
68deed29
SB		 2009 if (use_atomic)
2010 execute_commands_atomic(commands, si);
2011 else
2012 execute_commands_non_atomic(commands, si);
0a1bc12b 2013
a6a84319 2014 if (shallow_update)
07b1d8f1 2015 BUG_if_skipped_connectivity_check(commands, si);
575f4974
LT		 2016}
2017
39895c74
JH		 2018static struct command **queue_command(struct command **tail,
2019 const char *line,
2020 int linelen)
2021{
9c44ea44 2022 struct object_id old_oid, new_oid;
39895c74
JH		 2023 struct command *cmd;
2024 const char *refname;
2025 int reflen;
9c44ea44 2026 const char *p;
39895c74 2027
9c44ea44 2028 if (parse_oid_hex(line, &old_oid, &p) ||
2029 *p++ != ' ' ||
2030 parse_oid_hex(p, &new_oid, &p) ||
2031 *p++ != ' ')
39895c74
JH		 2032 die("protocol error: expected old/new/ref, got '%s'", line);
2033
9c44ea44 2034 refname = p;
2035 reflen = linelen - (p - line);
ddd0bfac 2036 FLEX_ALLOC_MEM(cmd, ref_name, refname, reflen);
9c44ea44 2037 oidcpy(&cmd->old_oid, &old_oid);
2038 oidcpy(&cmd->new_oid, &new_oid);
39895c74
JH		 2039 *tail = cmd;
2040 return &cmd->next;
2041}
2042
1fdd31cf
ÆAB		 2043static void free_commands(struct command *commands)
2044{
2045 while (commands) {
2046 struct command *next = commands->next;
2047
2048 free(commands);
2049 commands = next;
2050 }
2051}
2052
4adf569d
JH		 2053static void queue_commands_from_cert(struct command **tail,
2054 struct strbuf *push_cert)
2055{
2056 const char *boc, *eoc;
2057
2058 if (*tail)
2059 die("protocol error: got both push certificate and unsigned commands");
2060
2061 boc = strstr(push_cert->buf, "\n\n");
2062 if (!boc)
2063 die("malformed push certificate %.*s", 100, push_cert->buf);
2064 else
2065 boc += 2;
482c1191 2066 eoc = push_cert->buf + parse_signed_buffer(push_cert->buf, push_cert->len);
4adf569d
JH		 2067
2068 while (boc < eoc) {
2069 const char *eol = memchr(boc, '\n', eoc - boc);
f2214ded 2070 tail = queue_command(tail, boc, eol ? eol - boc : eoc - boc);
4adf569d
JH		 2071 boc = eol ? eol + 1 : eoc;
2072 }
2073}
2074
01f9ec64
MS		 2075static struct command *read_head_info(struct packet_reader *reader,
2076 struct oid_array *shallow)
575f4974 2077{
5e1c71fd 2078 struct command *commands = NULL;
eb1af2df 2079 struct command **p = &commands;
575f4974 2080 for (;;) {
01f9ec64 2081 int linelen;
eb1af2df 2082
01f9ec64 2083 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
575f4974 2084 break;
5dbd7676 2085
01f9ec64 2086 if (reader->pktlen > 8 && starts_with(reader->line, "shallow ")) {
9c44ea44 2087 struct object_id oid;
01f9ec64 2088 if (get_oid_hex(reader->line + 8, &oid))
c09b71cc 2089 die("protocol error: expected shallow sha, got '%s'",
01f9ec64 2090 reader->line + 8);
910650d2 2091 oid_array_append(shallow, &oid);
5dbd7676
NTND		 2092 continue;
2093 }
2094
01f9ec64
MS		 2095 linelen = strlen(reader->line);
2096 if (linelen < reader->pktlen) {
2097 const char *feature_list = reader->line + linelen + 1;
bb095d08 2098 const char *hash = NULL;
a2a066d9 2099 const char *client_sid;
7ce4c8f7 2100 size_t len = 0;
f47182c8 2101 if (parse_feature_request(feature_list, "report-status"))
cfee10a7 2102 report_status = 1;
63518a57
JX		 2103 if (parse_feature_request(feature_list, "report-status-v2"))
2104 report_status_v2 = 1;
f47182c8 2105 if (parse_feature_request(feature_list, "side-band-64k"))
38a81b4e 2106 use_sideband = LARGE_PACKET_MAX;
c207e34f
CB		 2107 if (parse_feature_request(feature_list, "quiet"))
2108 quiet = 1;
1b70fe5d
RS		 2109 if (advertise_atomic_push
2110 && parse_feature_request(feature_list, "atomic"))
2111 use_atomic = 1;
c714e45f
SB		 2112 if (advertise_push_options
2113 && parse_feature_request(feature_list, "push-options"))
2114 use_push_options = 1;
bb095d08 2115 hash = parse_feature_value(feature_list, "object-format", &len, NULL);
2116 if (!hash) {
2117 hash = hash_algos[GIT_HASH_SHA1].name;
2118 len = strlen(hash);
2119 }
2120 if (xstrncmpz(the_hash_algo->name, hash, len))
2121 die("error: unsupported object format '%s'", hash);
a2a066d9
JS		 2122 client_sid = parse_feature_value(feature_list, "session-id", &len, NULL);
2123 if (client_sid) {
2124 char *sid = xstrndup(client_sid, len);
2125 trace2_data_string("transfer", NULL, "client-sid", client_sid);
2126 free(sid);
2127 }
cfee10a7 2128 }
0e3c339b 2129
01f9ec64 2130 if (!strcmp(reader->line, "push-cert")) {
a85b377d 2131 int true_flush = 0;
01f9ec64
MS		 2132 int saved_options = reader->options;
2133 reader->options &= ~PACKET_READ_CHOMP_NEWLINE;
a85b377d
JH		 2134
2135 for (;;) {
01f9ec64
MS		 2136 packet_reader_read(reader);
2137 if (reader->status == PACKET_READ_FLUSH) {
a85b377d
JH		 2138 true_flush = 1;
2139 break;
2140 }
01f9ec64
MS		 2141 if (reader->status != PACKET_READ_NORMAL) {
2142 die("protocol error: got an unexpected packet");
2143 }
2144 if (!strcmp(reader->line, "push-cert-end\n"))
a85b377d 2145 break; /* end of cert */
01f9ec64 2146 strbuf_addstr(&push_cert, reader->line);
a85b377d 2147 }
01f9ec64 2148 reader->options = saved_options;
a85b377d
JH		 2149
2150 if (true_flush)
2151 break;
2152 continue;
2153 }
2154
01f9ec64 2155 p = queue_command(p, reader->line, linelen);
575f4974 2156 }
4adf569d
JH		 2157
2158 if (push_cert.len)
2159 queue_commands_from_cert(p, &push_cert);
2160
5e1c71fd 2161 return commands;
575f4974
LT		 2162}
2163
01f9ec64
MS		 2164static void read_push_options(struct packet_reader *reader,
2165 struct string_list *options)
c714e45f
SB		 2166{
2167 while (1) {
01f9ec64 2168 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
c714e45f
SB		 2169 break;
2170
01f9ec64 2171 string_list_append(options, reader->line);
c714e45f
SB		 2172 }
2173}
2174
fc04c412
SP		 2175static const char *parse_pack_header(struct pack_header *hdr)
2176{
a69e5429
JH		 2177 switch (read_pack_header(0, hdr)) {
2178 case PH_ERROR_EOF:
2179 return "eof before pack header was fully read";
2180
2181 case PH_ERROR_PACK_SIGNATURE:
fc04c412 2182 return "protocol error (pack signature mismatch detected)";
a69e5429
JH		 2183
2184 case PH_ERROR_PROTOCOL:
fc04c412 2185 return "protocol error (pack version unsupported)";
a69e5429
JH		 2186
2187 default:
2188 return "unknown error in parse_pack_header";
2189
2190 case 0:
2191 return NULL;
2192 }
fc04c412
SP		 2193}
2194
c55c3066 2195static struct tempfile *pack_lockfile;
576162a4 2196
22f9b7f3 2197static void push_header_arg(struct strvec *args, struct pack_header *hdr)
446d5d91 2198{
22f9b7f3 2199 strvec_pushf(args, "--pack_header=%"PRIu32",%"PRIu32,
f6d8942b 2200 ntohl(hdr->hdr_version), ntohl(hdr->hdr_entries));
446d5d91
JK		 2201}
2202
5dbd7676 2203static const char *unpack(int err_fd, struct shallow_info *si)
575f4974 2204{
fc04c412
SP		 2205 struct pack_header hdr;
2206 const char *hdr_err;
31c42bff 2207 int status;
d3180279 2208 struct child_process child = CHILD_PROCESS_INIT;
dab76d3a
JH		 2209 int fsck_objects = (receive_fsck_objects >= 0
2210 ? receive_fsck_objects
2211 : transfer_fsck_objects >= 0
2212 ? transfer_fsck_objects
2213 : 0);
fc04c412
SP		 2214
2215 hdr_err = parse_pack_header(&hdr);
49ecfa13
JK		 2216 if (hdr_err) {
2217 if (err_fd > 0)
2218 close(err_fd);
fc04c412 2219 return hdr_err;
49ecfa13 2220 }
fc04c412 2221
5dbd7676
NTND		 2222 if (si->nr_ours || si->nr_theirs) {
2223 alt_shallow_file = setup_temporary_shallow(si->shallow);
22f9b7f3
JK		 2224 strvec_push(&child.args, "--shallow-file");
2225 strvec_push(&child.args, alt_shallow_file);
5dbd7676
NTND		 2226 }
2227
b3cecf49 2228 tmp_objdir = tmp_objdir_create("incoming");
6cdad1f1
JK		 2229 if (!tmp_objdir) {
2230 if (err_fd > 0)
2231 close(err_fd);
722ff7f8 2232 return "unable to create temporary object directory";
6cdad1f1 2233 }
c21fa3bb 2234 strvec_pushv(&child.env, tmp_objdir_env(tmp_objdir));
722ff7f8
JK		 2235
2236 /*
2237 * Normally we just pass the tmp_objdir environment to the child
2238 * processes that do the heavy lifting, but we may need to see these
2239 * objects ourselves to set up shallow information.
2240 */
2241 tmp_objdir_add_as_alternate(tmp_objdir);
2242
fc04c412 2243 if (ntohl(hdr.hdr_entries) < unpack_limit) {
22f9b7f3 2244 strvec_push(&child.args, "unpack-objects");
446d5d91 2245 push_header_arg(&child.args, &hdr);
c207e34f 2246 if (quiet)
22f9b7f3 2247 strvec_push(&child.args, "-q");
dab76d3a 2248 if (fsck_objects)
22f9b7f3 2249 strvec_pushf(&child.args, "--strict%s",
f6d8942b 2250 fsck_msg_types.buf);
c08db5a2 2251 if (max_input_size)
22f9b7f3 2252 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
f6d8942b 2253 (uintmax_t)max_input_size);
59bfdfb8 2254 child.no_stdout = 1;
a22e6f85 2255 child.err = err_fd;
59bfdfb8 2256 child.git_cmd = 1;
31c42bff
NTND		 2257 status = run_command(&child);
2258 if (status)
2259 return "unpack-objects abnormal exit";
576162a4 2260 } else {
da25bdb7 2261 char hostname[HOST_NAME_MAX + 1];
c55c3066 2262 char *lockfile;
576162a4 2263
22f9b7f3 2264 strvec_pushl(&child.args, "index-pack", "--stdin", NULL);
446d5d91 2265 push_header_arg(&child.args, &hdr);
b26cb7c7 2266
5781a9a2 2267 if (xgethostname(hostname, sizeof(hostname)))
b26cb7c7 2268 xsnprintf(hostname, sizeof(hostname), "localhost");
22f9b7f3 2269 strvec_pushf(&child.args,
f6d8942b
JK		 2270 "--keep=receive-pack %"PRIuMAX" on %s",
2271 (uintmax_t)getpid(),
2272 hostname);
b26cb7c7 2273
d06303bb 2274 if (!quiet && err_fd)
22f9b7f3 2275 strvec_push(&child.args, "--show-resolving-progress");
83558686 2276 if (use_sideband)
22f9b7f3 2277 strvec_push(&child.args, "--report-end-of-input");
dab76d3a 2278 if (fsck_objects)
22f9b7f3 2279 strvec_pushf(&child.args, "--strict%s",
f6d8942b 2280 fsck_msg_types.buf);
1b68387e 2281 if (!reject_thin)
22f9b7f3 2282 strvec_push(&child.args, "--fix-thin");
c08db5a2 2283 if (max_input_size)
22f9b7f3 2284 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
f6d8942b 2285 (uintmax_t)max_input_size);
31c42bff
NTND		 2286 child.out = -1;
2287 child.err = err_fd;
2288 child.git_cmd = 1;
2289 status = start_command(&child);
2290 if (status)
576162a4 2291 return "index-pack fork failed";
c55c3066
PS		 2292
2293 lockfile = index_pack_lockfile(child.out, NULL);
2294 if (lockfile) {
2295 pack_lockfile = register_tempfile(lockfile);
2296 free(lockfile);
2297 }
31c42bff 2298 close(child.out);
c55c3066 2299
31c42bff
NTND		 2300 status = finish_command(&child);
2301 if (status)
2302 return "index-pack abnormal exit";
a49d2834 2303 reprepare_packed_git(the_repository);
cfee10a7 2304 }
31c42bff 2305 return NULL;
cfee10a7
JH		 2306}
2307
5dbd7676 2308static const char *unpack_with_sideband(struct shallow_info *si)
a22e6f85
JK		 2309{
2310 struct async muxer;
2311 const char *ret;
2312
2313 if (!use_sideband)
5dbd7676 2314 return unpack(0, si);
a22e6f85 2315
83558686 2316 use_keepalive = KEEPALIVE_AFTER_NUL;
a22e6f85
JK		 2317 memset(&muxer, 0, sizeof(muxer));
2318 muxer.proc = copy_to_sideband;
2319 muxer.in = -1;
2320 if (start_async(&muxer))
2321 return NULL;
2322
5dbd7676 2323 ret = unpack(muxer.in, si);
a22e6f85
JK		 2324
2325 finish_async(&muxer);
2326 return ret;
2327}
2328
c95fc72f 2329static void prepare_shallow_update(struct shallow_info *si)
0a1bc12b 2330{
42c78a21 2331 int i, j, k, bitmap_size = DIV_ROUND_UP(si->ref->nr, 32);
0a1bc12b 2332
b32fa95f 2333 ALLOC_ARRAY(si->used_shallow, si->shallow->nr);
0a1bc12b
NTND		 2334 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
2335
486f4bd1
JH		 2336 CALLOC_ARRAY(si->need_reachability_test, si->shallow->nr);
2337 CALLOC_ARRAY(si->reachable, si->shallow->nr);
2338 CALLOC_ARRAY(si->shallow_ref, si->ref->nr);
0a1bc12b
NTND		 2339
2340 for (i = 0; i < si->nr_ours; i++)
2341 si->need_reachability_test[si->ours[i]] = 1;
2342
2343 for (i = 0; i < si->shallow->nr; i++) {
2344 if (!si->used_shallow[i])
2345 continue;
2346 for (j = 0; j < bitmap_size; j++) {
2347 if (!si->used_shallow[i][j])
2348 continue;
2349 si->need_reachability_test[i]++;
2350 for (k = 0; k < 32; k++)
9a93c668 2351 if (si->used_shallow[i][j] & (1U << k))
0a1bc12b
NTND		 2352 si->shallow_ref[j * 32 + k]++;
2353 }
2354
2355 /*
2356 * true for those associated with some refs and belong
2357 * in "ours" list aka "step 7 not done yet"
2358 */
2359 si->need_reachability_test[i] =
2360 si->need_reachability_test[i] > 1;
2361 }
2362
2363 /*
2364 * keep hooks happy by forcing a temporary shallow file via
2365 * env variable because we can't add --shallow-file to every
7987d223 2366 * command. check_connected() will be done with
0a1bc12b
NTND		 2367 * true .git/shallow though.
2368 */
2369 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
2370}
2371
5dbd7676
NTND		 2372static void update_shallow_info(struct command *commands,
2373 struct shallow_info *si,
910650d2 2374 struct oid_array *ref)
5dbd7676
NTND		 2375{
2376 struct command *cmd;
2377 int *ref_status;
2378 remove_nonexistent_theirs_shallow(si);
0a1bc12b
NTND		 2379 if (!si->nr_ours && !si->nr_theirs) {
2380 shallow_update = 0;
5dbd7676 2381 return;
0a1bc12b 2382 }
5dbd7676
NTND		 2383
2384 for (cmd = commands; cmd; cmd = cmd->next) {
9c44ea44 2385 if (is_null_oid(&cmd->new_oid))
5dbd7676 2386 continue;
910650d2 2387 oid_array_append(ref, &cmd->new_oid);
5dbd7676
NTND		 2388 cmd->index = ref->nr - 1;
2389 }
2390 si->ref = ref;
2391
0a1bc12b 2392 if (shallow_update) {
c95fc72f 2393 prepare_shallow_update(si);
0a1bc12b
NTND		 2394 return;
2395 }
2396
b32fa95f 2397 ALLOC_ARRAY(ref_status, ref->nr);
5dbd7676
NTND		 2398 assign_shallow_commits_to_refs(si, NULL, ref_status);
2399 for (cmd = commands; cmd; cmd = cmd->next) {
9c44ea44 2400 if (is_null_oid(&cmd->new_oid))
5dbd7676
NTND		 2401 continue;
2402 if (ref_status[cmd->index]) {
2403 cmd->error_string = "shallow update not allowed";
2404 cmd->skip_update = 1;
2405 }
2406 }
5dbd7676
NTND		 2407 free(ref_status);
2408}
2409
5e1c71fd 2410static void report(struct command *commands, const char *unpack_status)
cfee10a7
JH		 2411{
2412 struct command *cmd;
38a81b4e
SP		 2413 struct strbuf buf = STRBUF_INIT;
2414
2415 packet_buf_write(&buf, "unpack %s\n",
2416 unpack_status ? unpack_status : "ok");
cfee10a7
JH		 2417 for (cmd = commands; cmd; cmd = cmd->next) {
2418 if (!cmd->error_string)
38a81b4e
SP		 2419 packet_buf_write(&buf, "ok %s\n",
2420 cmd->ref_name);
cfee10a7 2421 else
38a81b4e
SP		 2422 packet_buf_write(&buf, "ng %s %s\n",
2423 cmd->ref_name, cmd->error_string);
575f4974 2424 }
38a81b4e
SP		 2425 packet_buf_flush(&buf);
2426
2427 if (use_sideband)
2428 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2429 else
cdf4fb8e 2430 write_or_die(1, buf.buf, buf.len);
38a81b4e 2431 strbuf_release(&buf);
575f4974
LT		 2432}
2433
63518a57
JX		 2434static void report_v2(struct command *commands, const char *unpack_status)
2435{
2436 struct command *cmd;
2437 struct strbuf buf = STRBUF_INIT;
2438 struct ref_push_report *report;
2439
2440 packet_buf_write(&buf, "unpack %s\n",
2441 unpack_status ? unpack_status : "ok");
2442 for (cmd = commands; cmd; cmd = cmd->next) {
2443 int count = 0;
2444
2445 if (cmd->error_string) {
2446 packet_buf_write(&buf, "ng %s %s\n",
2447 cmd->ref_name,
2448 cmd->error_string);
2449 continue;
2450 }
2451 packet_buf_write(&buf, "ok %s\n",
2452 cmd->ref_name);
2453 for (report = cmd->report; report; report = report->next) {
2454 if (count++ > 0)
2455 packet_buf_write(&buf, "ok %s\n",
2456 cmd->ref_name);
2457 if (report->ref_name)
2458 packet_buf_write(&buf, "option refname %s\n",
2459 report->ref_name);
2460 if (report->old_oid)
2461 packet_buf_write(&buf, "option old-oid %s\n",
2462 oid_to_hex(report->old_oid));
2463 if (report->new_oid)
2464 packet_buf_write(&buf, "option new-oid %s\n",
2465 oid_to_hex(report->new_oid));
2466 if (report->forced_update)
2467 packet_buf_write(&buf, "option forced-update\n");
2468 }
2469 }
2470 packet_buf_flush(&buf);
2471
2472 if (use_sideband)
2473 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2474 else
2475 write_or_die(1, buf.buf, buf.len);
2476 strbuf_release(&buf);
2477}
2478
5e1c71fd 2479static int delete_only(struct command *commands)
d4f694ba 2480{
5e1c71fd
JS		 2481 struct command *cmd;
2482 for (cmd = commands; cmd; cmd = cmd->next) {
9c44ea44 2483 if (!is_null_oid(&cmd->new_oid))
d4f694ba 2484 return 0;
d4f694ba
JH		 2485 }
2486 return 1;
2487}
2488
be5908ae 2489int cmd_receive_pack(int argc, const char **argv, const char *prefix)
575f4974 2490{
42526b47 2491 int advertise_refs = 0;
5e1c71fd 2492 struct command *commands;
910650d2 2493 struct oid_array shallow = OID_ARRAY_INIT;
2494 struct oid_array ref = OID_ARRAY_INIT;
5dbd7676 2495 struct shallow_info si;
01f9ec64 2496 struct packet_reader reader;
575f4974 2497
1b68387e
SS		 2498 struct option options[] = {
2499 OPT__QUIET(&quiet, N_("quiet")),
2500 OPT_HIDDEN_BOOL(0, "stateless-rpc", &stateless_rpc, NULL),
98e2d9d6
ÆAB		 2501 OPT_HIDDEN_BOOL(0, "http-backend-info-refs", &advertise_refs, NULL),
2502 OPT_ALIAS(0, "advertise-refs", "http-backend-info-refs"),
1b68387e
SS		 2503 OPT_HIDDEN_BOOL(0, "reject-thin-pack-for-testing", &reject_thin, NULL),
2504 OPT_END()
2505 };
bbc30f99 2506
1b68387e 2507 packet_trace_identity("receive-pack");
575f4974 2508
1b68387e 2509 argc = parse_options(argc, argv, prefix, options, receive_pack_usage, 0);
c207e34f 2510
1b68387e 2511 if (argc > 1)
c25edee9 2512 usage_msg_opt(_("too many arguments"), receive_pack_usage, options);
1b68387e 2513 if (argc == 0)
c25edee9 2514 usage_msg_opt(_("you must specify a directory"), receive_pack_usage, options);
42526b47 2515
1b68387e 2516 service_dir = argv[0];
575f4974 2517
e1464ca7 2518 setup_path();
5c09f321 2519
5732373d
JH		 2520 if (!enter_repo(service_dir, 0))
2521 die("'%s' does not appear to be a git repository", service_dir);
575f4974 2522
ef90d6d4 2523 git_config(receive_pack_config, NULL);
b89363e4 2524 if (cert_nonce_seed)
5732373d 2525 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
6fb75bed 2526
e28714c5
JH		 2527 if (0 <= transfer_unpack_limit)
2528 unpack_limit = transfer_unpack_limit;
2529 else if (0 <= receive_unpack_limit)
2530 unpack_limit = receive_unpack_limit;
2531
aa9bab29 2532 switch (determine_protocol_version_server()) {
8f6982b4
BW		 2533 case protocol_v2:
2534 /*
2535 * push support for protocol v2 has not been implemented yet,
2536 * so ignore the request to use v2 and fallback to using v0.
2537 */
2538 break;
aa9bab29
BW		 2539 case protocol_v1:
2540 /*
2541 * v1 is just the original protocol with a version string,
2542 * so just fall through after writing the version string.
2543 */
2544 if (advertise_refs || !stateless_rpc)
2545 packet_write_fmt(1, "version 1\n");
2546
2547 /* fallthrough */
2548 case protocol_v0:
2549 break;
2550 case protocol_unknown_version:
2551 BUG("unknown protocol version");
2552 }
2553
42526b47 2554 if (advertise_refs || !stateless_rpc) {
42526b47 2555 write_head_info();
42526b47
SP		 2556 }
2557 if (advertise_refs)
2558 return 0;
575f4974 2559
2d103c31
MS		 2560 packet_reader_init(&reader, 0, NULL, 0,
2561 PACKET_READ_CHOMP_NEWLINE |
2562 PACKET_READ_DIE_ON_ERR_PACKET);
01f9ec64 2563
afe8a907 2564 if ((commands = read_head_info(&reader, &shallow))) {
d4f694ba 2565 const char *unpack_status = NULL;
77a9745d 2566 struct string_list push_options = STRING_LIST_INIT_DUP;
d4f694ba 2567
c714e45f 2568 if (use_push_options)
01f9ec64 2569 read_push_options(&reader, &push_options);
cbaf82cc
JT		 2570 if (!check_cert_push_options(&push_options)) {
2571 struct command *cmd;
2572 for (cmd = commands; cmd; cmd = cmd->next)
2573 cmd->error_string = "inconsistent push options";
2574 }
c714e45f 2575
5dbd7676 2576 prepare_shallow_info(&si, &shallow);
0a1bc12b
NTND		 2577 if (!si.nr_ours && !si.nr_theirs)
2578 shallow_update = 0;
5dbd7676
NTND		 2579 if (!delete_only(commands)) {
2580 unpack_status = unpack_with_sideband(&si);
2581 update_shallow_info(commands, &si, &ref);
2582 }
83558686 2583 use_keepalive = KEEPALIVE_ALWAYS;
77a9745d
SB		 2584 execute_commands(commands, unpack_status, &si,
2585 &push_options);
c55c3066 2586 delete_tempfile(&pack_lockfile);
d34182b9 2587 sigchain_push(SIGPIPE, SIG_IGN);
63518a57
JX		 2588 if (report_status_v2)
2589 report_v2(commands, unpack_status);
2590 else if (report_status)
5e1c71fd 2591 report(commands, unpack_status);
d34182b9 2592 sigchain_pop(SIGPIPE);
77a9745d
SB		 2593 run_receive_hook(commands, "post-receive", 1,
2594 &push_options);
8e663d9e 2595 run_update_post_hook(commands);
1fdd31cf 2596 free_commands(commands);
4432dd6b 2597 string_list_clear(&push_options, 0);
77e3efbf 2598 if (auto_gc) {
860a2ebe
LF		 2599 struct child_process proc = CHILD_PROCESS_INIT;
2600
2601 proc.no_stdin = 1;
2602 proc.stdout_to_stderr = 1;
2603 proc.err = use_sideband ? -1 : 0;
c4dee2c0 2604 proc.git_cmd = proc.close_object_store = 1;
2b709893
ÆAB		 2605 strvec_pushl(&proc.args, "gc", "--auto", "--quiet",
2606 NULL);
860a2ebe 2607
860a2ebe
LF		 2608 if (!start_command(&proc)) {
2609 if (use_sideband)
2610 copy_to_sideband(proc.err, -1, NULL);
2611 finish_command(&proc);
2612 }
77e3efbf
JH		 2613 }
2614 if (auto_update_server_info)
2615 update_server_info(0);
5dbd7676 2616 clear_shallow_info(&si);
7f8e9828 2617 }
38a81b4e
SP		 2618 if (use_sideband)
2619 packet_flush(1);
910650d2 2620 oid_array_clear(&shallow);
2621 oid_array_clear(&ref);
c45841ff 2622 strvec_clear(&hidden_refs);
b89363e4 2623 free((void *)push_cert_nonce);
575f4974
LT		 2624 return 0;
2625}
Unnamed repository; edit this file 'description' to name the repository.