]> git.ipfire.org Git - thirdparty/git.git/blame - builtin/receive-pack.c
projects / thirdparty / git.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge branch 'vd/fsck-submodule-url-test'
[thirdparty/git.git] / builtin / receive-pack.c
CommitLineData
1e4cd68c 1#include "builtin.h"
0b027f6c 2#include "abspath.h"
a49d2834 3#include "repository.h"
b2141fc1 4#include "config.h"
32a8f510 5#include "environment.h"
f394e093 6#include "gettext.h"
41771fa4 7#include "hex.h"
697cc8ef 8#include "lockfile.h"
fc04c412 9#include "pack.h"
8a65ff76 10#include "refs.h"
f3a3214e 11#include "pkt-line.h"
38a81b4e 12#include "sideband.h"
b1bf95bb 13#include "run-command.h"
5e3aba33 14#include "hook.h"
d807c4a0 15#include "exec-cmd.h"
11031d7e
JS		 16#include "commit.h"
17#include "object.h"
d79796bc 18#include "remote.h"
47a59185 19#include "connect.h"
da3efdb1 20#include "string-list.h"
fe299ec5 21#include "oid-array.h"
52fed6e1 22#include "connected.h"
dbbcd44f 23#include "strvec.h"
ff5effdf 24#include "version.h"
d05b9618 25#include "gpg-interface.h"
ec7dbd14 26#include "sigchain.h"
5d477a33 27#include "fsck.h"
722ff7f8 28#include "tmp-objdir.h"
ab6eea6f 29#include "oidset.h"
3836d88a 30#include "packfile.h"
dabab1d6 31#include "object-name.h"
a034e910 32#include "object-store-ll.h"
c339932b 33#include "path.h"
aa9bab29 34#include "protocol.h"
64043556 35#include "commit-reach.h"
623b80be 36#include "server-info.h"
74ea5c95
EN		 37#include "trace.h"
38#include "trace2.h"
4ef34648 39#include "worktree.h"
120ad2b0 40#include "shallow.h"
49fd5511 41#include "parse-options.h"
575f4974 42
1b68387e
SS		 43static const char * const receive_pack_usage[] = {
44 N_("git receive-pack <git-dir>"),
45 NULL
46};
575f4974 47
986e8239 48enum deny_action {
3d95d92b 49 DENY_UNCONFIGURED,
986e8239
JK		 50 DENY_IGNORE,
51 DENY_WARN,
1404bcbb
JS		 52 DENY_REFUSE,
53 DENY_UPDATE_INSTEAD
986e8239
JK		 54};
55
1b53a076
JH		 56static int deny_deletes;
57static int deny_non_fast_forwards;
3d95d92b 58static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
747ca245 59static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
dab76d3a
JH		 60static int receive_fsck_objects = -1;
61static int transfer_fsck_objects = -1;
5d477a33 62static struct strbuf fsck_msg_types = STRBUF_INIT;
e28714c5
JH		 63static int receive_unpack_limit = -1;
64static int transfer_unpack_limit = -1;
1b70fe5d 65static int advertise_atomic_push = 1;
c714e45f 66static int advertise_push_options;
8073d75b 67static int advertise_sid;
46732fae 68static int unpack_limit = 100;
c08db5a2 69static off_t max_input_size;
96f1e58f 70static int report_status;
63518a57 71static int report_status_v2;
38a81b4e 72static int use_sideband;
68deed29 73static int use_atomic;
c714e45f 74static int use_push_options;
c207e34f 75static int quiet;
b74fce16 76static int prefer_ofs_delta = 1;
77e3efbf
JH		 77static int auto_update_server_info;
78static int auto_gc = 1;
1b68387e 79static int reject_thin;
5732373d
JH		 80static int stateless_rpc;
81static const char *service_dir;
747ca245 82static const char *head_name;
96ec7b1e 83static void *head_name_to_free;
185c04e0 84static int sent_capabilities;
0a1bc12b 85static int shallow_update;
5dbd7676 86static const char *alt_shallow_file;
a85b377d 87static struct strbuf push_cert = STRBUF_INIT;
a09c985e 88static struct object_id push_cert_oid;
d05b9618 89static struct signature_check sigcheck;
b89363e4
JH		 90static const char *push_cert_nonce;
91static const char *cert_nonce_seed;
c45841ff 92static struct strvec hidden_refs = STRVEC_INIT;
b89363e4
JH		 93
94static const char *NONCE_UNSOLICITED = "UNSOLICITED";
95static const char *NONCE_BAD = "BAD";
96static const char *NONCE_MISSING = "MISSING";
97static const char *NONCE_OK = "OK";
5732373d 98static const char *NONCE_SLOP = "SLOP";
b89363e4 99static const char *nonce_status;
5732373d 100static long nonce_stamp_slop;
dddbad72 101static timestamp_t nonce_stamp_slop_limit;
222368c6 102static struct ref_transaction *transaction;
cfee10a7 103
83558686
JK		 104static enum {
105 KEEPALIVE_NEVER = 0,
106 KEEPALIVE_AFTER_NUL,
107 KEEPALIVE_ALWAYS
108} use_keepalive;
109static int keepalive_in_sec = 5;
110
722ff7f8
JK		 111static struct tmp_objdir *tmp_objdir;
112
31e8595a
JX		 113static struct proc_receive_ref {
114 unsigned int want_add:1,
115 want_delete:1,
116 want_modify:1,
117 negative_ref:1;
118 char *ref_prefix;
119 struct proc_receive_ref *next;
120} *proc_receive_ref;
121
122static void proc_receive_ref_append(const char *prefix);
123
986e8239
JK		 124static enum deny_action parse_deny_action(const char *var, const char *value)
125{
126 if (value) {
127 if (!strcasecmp(value, "ignore"))
128 return DENY_IGNORE;
129 if (!strcasecmp(value, "warn"))
130 return DENY_WARN;
131 if (!strcasecmp(value, "refuse"))
132 return DENY_REFUSE;
1404bcbb
JS		 133 if (!strcasecmp(value, "updateinstead"))
134 return DENY_UPDATE_INSTEAD;
986e8239
JK		 135 }
136 if (git_config_bool(var, value))
137 return DENY_REFUSE;
138 return DENY_IGNORE;
139}
140
a4e7e317
GC		 141static int receive_pack_config(const char *var, const char *value,
142 const struct config_context *ctx, void *cb)
6fb75bed 143{
d49cb162 144 const char *msg_id;
9b67eb6f 145 int status = parse_hide_refs_config(var, value, "receive", &hidden_refs);
daebaa78
JH		 146
147 if (status)
148 return status;
149
a240de11
JK		 150 if (strcmp(var, "receive.denydeletes") == 0) {
151 deny_deletes = git_config_bool(var, value);
152 return 0;
153 }
154
e28714c5 155 if (strcmp(var, "receive.denynonfastforwards") == 0) {
6fb75bed
SP		 156 deny_non_fast_forwards = git_config_bool(var, value);
157 return 0;
158 }
159
e28714c5 160 if (strcmp(var, "receive.unpacklimit") == 0) {
8868b1eb 161 receive_unpack_limit = git_config_int(var, value, ctx->kvi);
fc04c412
SP		 162 return 0;
163 }
164
e28714c5 165 if (strcmp(var, "transfer.unpacklimit") == 0) {
8868b1eb 166 transfer_unpack_limit = git_config_int(var, value, ctx->kvi);
e28714c5
JH		 167 return 0;
168 }
169
cd94c6f9
JS		 170 if (strcmp(var, "receive.fsck.skiplist") == 0) {
171 const char *path;
172
173 if (git_config_pathname(&path, var, value))
174 return 1;
175 strbuf_addf(&fsck_msg_types, "%cskiplist=%s",
176 fsck_msg_types.len ? ',' : '=', path);
177 free((char *)path);
178 return 0;
179 }
180
d49cb162
JK		 181 if (skip_prefix(var, "receive.fsck.", &msg_id)) {
182 if (!value)
183 return config_error_nonbool(var);
184 if (is_valid_msg_type(msg_id, value))
5d477a33 185 strbuf_addf(&fsck_msg_types, "%c%s=%s",
d49cb162 186 fsck_msg_types.len ? ',' : '=', msg_id, value);
5d477a33 187 else
d49cb162 188 warning("skipping unknown msg id '%s'", msg_id);
5d477a33
JS		 189 return 0;
190 }
191
20dc0016
MK		 192 if (strcmp(var, "receive.fsckobjects") == 0) {
193 receive_fsck_objects = git_config_bool(var, value);
194 return 0;
195 }
196
dab76d3a
JH		 197 if (strcmp(var, "transfer.fsckobjects") == 0) {
198 transfer_fsck_objects = git_config_bool(var, value);
199 return 0;
200 }
201
986e8239
JK		 202 if (!strcmp(var, "receive.denycurrentbranch")) {
203 deny_current_branch = parse_deny_action(var, value);
204 return 0;
205 }
206
747ca245
JH		 207 if (strcmp(var, "receive.denydeletecurrent") == 0) {
208 deny_delete_current = parse_deny_action(var, value);
209 return 0;
210 }
211
b74fce16
NP		 212 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
213 prefer_ofs_delta = git_config_bool(var, value);
214 return 0;
215 }
216
77e3efbf
JH		 217 if (strcmp(var, "receive.updateserverinfo") == 0) {
218 auto_update_server_info = git_config_bool(var, value);
219 return 0;
220 }
221
222 if (strcmp(var, "receive.autogc") == 0) {
223 auto_gc = git_config_bool(var, value);
224 return 0;
225 }
226
0a1bc12b
NTND		 227 if (strcmp(var, "receive.shallowupdate") == 0) {
228 shallow_update = git_config_bool(var, value);
229 return 0;
230 }
231
b89363e4
JH		 232 if (strcmp(var, "receive.certnonceseed") == 0)
233 return git_config_string(&cert_nonce_seed, var, value);
a85b377d 234
5732373d 235 if (strcmp(var, "receive.certnonceslop") == 0) {
8868b1eb 236 nonce_stamp_slop_limit = git_config_ulong(var, value, ctx->kvi);
5732373d
JH		 237 return 0;
238 }
239
1b70fe5d
RS		 240 if (strcmp(var, "receive.advertiseatomic") == 0) {
241 advertise_atomic_push = git_config_bool(var, value);
242 return 0;
243 }
244
c714e45f
SB		 245 if (strcmp(var, "receive.advertisepushoptions") == 0) {
246 advertise_push_options = git_config_bool(var, value);
247 return 0;
248 }
249
83558686 250 if (strcmp(var, "receive.keepalive") == 0) {
8868b1eb 251 keepalive_in_sec = git_config_int(var, value, ctx->kvi);
83558686
JK		 252 return 0;
253 }
254
c08db5a2 255 if (strcmp(var, "receive.maxinputsize") == 0) {
8868b1eb 256 max_input_size = git_config_int64(var, value, ctx->kvi);
c08db5a2
JK		 257 return 0;
258 }
259
31e8595a
JX		 260 if (strcmp(var, "receive.procreceiverefs") == 0) {
261 if (!value)
262 return config_error_nonbool(var);
263 proc_receive_ref_append(value);
264 return 0;
265 }
266
8073d75b
JS		 267 if (strcmp(var, "transfer.advertisesid") == 0) {
268 advertise_sid = git_config_bool(var, value);
269 return 0;
270 }
271
a4e7e317 272 return git_default_config(var, value, ctx, cb);
6fb75bed
SP		 273}
274
1b7ba794 275static void show_ref(const char *path, const struct object_id *oid)
575f4974 276{
52d2ae58 277 if (sent_capabilities) {
1b7ba794 278 packet_write_fmt(1, "%s %s\n", oid_to_hex(oid), path);
52d2ae58
JH		 279 } else {
280 struct strbuf cap = STRBUF_INIT;
281
282 strbuf_addstr(&cap,
63518a57 283 "report-status report-status-v2 delete-refs side-band-64k quiet");
1b70fe5d
RS		 284 if (advertise_atomic_push)
285 strbuf_addstr(&cap, " atomic");
52d2ae58
JH		 286 if (prefer_ofs_delta)
287 strbuf_addstr(&cap, " ofs-delta");
b89363e4
JH		 288 if (push_cert_nonce)
289 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
c714e45f
SB		 290 if (advertise_push_options)
291 strbuf_addstr(&cap, " push-options");
8073d75b
JS		 292 if (advertise_sid)
293 strbuf_addf(&cap, " session-id=%s", trace2_session_id());
bf30dbf8 294 strbuf_addf(&cap, " object-format=%s", the_hash_algo->name);
52d2ae58 295 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
81c634e9 296 packet_write_fmt(1, "%s %s%c%s\n",
1b7ba794 297 oid_to_hex(oid), path, 0, cap.buf);
52d2ae58
JH		 298 strbuf_release(&cap);
299 sent_capabilities = 1;
300 }
575f4974
LT		 301}
302
78a766ab 303static int show_ref_cb(const char *path_full, const struct object_id *oid,
5cf88fd8 304 int flag UNUSED, void *data)
6b01ecfe 305{
8b24b9e7 306 struct oidset *seen = data;
78a766ab
LF		 307 const char *path = strip_namespace(path_full);
308
9b67eb6f 309 if (ref_is_hidden(path, path_full, &hidden_refs))
78a766ab
LF		 310 return 0;
311
6b01ecfe
JT		 312 /*
313 * Advertise refs outside our current namespace as ".have"
314 * refs, so that the client can use them to minimize data
fea6c47f 315 * transfer but will otherwise ignore them.
6b01ecfe 316 */
8b24b9e7
JK		 317 if (!path) {
318 if (oidset_insert(seen, oid))
319 return 0;
6b01ecfe 320 path = ".have";
63d428e6
JK		 321 } else {
322 oidset_insert(seen, oid);
8b24b9e7 323 }
1b7ba794 324 show_ref(path, oid);
bc98201d 325 return 0;
6b01ecfe
JT		 326}
327
bdf4276c 328static void show_one_alternate_ref(const struct object_id *oid,
ab6eea6f 329 void *data)
b7a025d9 330{
ab6eea6f 331 struct oidset *seen = data;
b7a025d9 332
ab6eea6f
JK		 333 if (oidset_insert(seen, oid))
334 return;
335
1b7ba794 336 show_ref(".have", oid);
6b01ecfe
JT		 337}
338
8a65ff76 339static void write_head_info(void)
575f4974 340{
ab6eea6f 341 static struct oidset seen = OIDSET_INIT;
2b2a5be3 342
cc2a1f98
TB		 343 refs_for_each_fullref_in(get_main_ref_store(the_repository), "",
344 hidden_refs_to_excludes(&hidden_refs),
345 show_ref_cb, &seen);
ab6eea6f
JK		 346 for_each_alternate_ref(show_one_alternate_ref, &seen);
347 oidset_clear(&seen);
185c04e0 348 if (!sent_capabilities)
14228447 349 show_ref("capabilities^{}", null_oid());
cfee10a7 350
ad491366
NTND		 351 advertise_shallow_grafts(1);
352
b7a025d9
MH		 353 /* EOF */
354 packet_flush(1);
575f4974
LT		 355}
356
15d3af5e
JX		 357#define RUN_PROC_RECEIVE_SCHEDULED 1
358#define RUN_PROC_RECEIVE_RETURNED 2
eb1af2df
LT		 359struct command {
360 struct command *next;
cfee10a7 361 const char *error_string;
15d3af5e 362 struct ref_push_report *report;
160b81ed 363 unsigned int skip_update:1,
15d3af5e
JX		 364 did_not_exist:1,
365 run_proc_receive:2;
5dbd7676 366 int index;
9c44ea44 367 struct object_id old_oid;
368 struct object_id new_oid;
8f1d2e6f 369 char ref_name[FLEX_ARRAY]; /* more */
575f4974
LT		 370};
371
31e8595a
JX		 372static void proc_receive_ref_append(const char *prefix)
373{
374 struct proc_receive_ref *ref_pattern;
375 char *p;
376 int len;
377
ca56dadb 378 CALLOC_ARRAY(ref_pattern, 1);
31e8595a
JX		 379 p = strchr(prefix, ':');
380 if (p) {
381 while (prefix < p) {
382 if (*prefix == 'a')
383 ref_pattern->want_add = 1;
384 else if (*prefix == 'd')
385 ref_pattern->want_delete = 1;
386 else if (*prefix == 'm')
387 ref_pattern->want_modify = 1;
388 else if (*prefix == '!')
389 ref_pattern->negative_ref = 1;
390 prefix++;
391 }
392 prefix++;
393 } else {
394 ref_pattern->want_add = 1;
395 ref_pattern->want_delete = 1;
396 ref_pattern->want_modify = 1;
397 }
398 len = strlen(prefix);
399 while (len && prefix[len - 1] == '/')
400 len--;
401 ref_pattern->ref_prefix = xmemdupz(prefix, len);
402 if (!proc_receive_ref) {
403 proc_receive_ref = ref_pattern;
404 } else {
405 struct proc_receive_ref *end;
406
407 end = proc_receive_ref;
408 while (end->next)
409 end = end->next;
410 end->next = ref_pattern;
411 }
412}
413
414static int proc_receive_ref_matches(struct command *cmd)
415{
416 struct proc_receive_ref *p;
417
418 if (!proc_receive_ref)
419 return 0;
420
421 for (p = proc_receive_ref; p; p = p->next) {
422 const char *match = p->ref_prefix;
423 const char *remains;
424
425 if (!p->want_add && is_null_oid(&cmd->old_oid))
426 continue;
427 else if (!p->want_delete && is_null_oid(&cmd->new_oid))
428 continue;
429 else if (!p->want_modify &&
430 !is_null_oid(&cmd->old_oid) &&
431 !is_null_oid(&cmd->new_oid))
432 continue;
433
434 if (skip_prefix(cmd->ref_name, match, &remains) &&
435 (!*remains || *remains == '/')) {
436 if (!p->negative_ref)
437 return 1;
438 } else if (p->negative_ref) {
439 return 1;
440 }
441 }
442 return 0;
443}
444
466dbc42
SP		 445static void report_message(const char *prefix, const char *err, va_list params)
446{
b7115a35 447 int sz;
466dbc42
SP		 448 char msg[4096];
449
b7115a35 450 sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
466dbc42
SP		 451 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
452 if (sz > (sizeof(msg) - 1))
453 sz = sizeof(msg) - 1;
454 msg[sz++] = '\n';
455
456 if (use_sideband)
457 send_sideband(1, 2, msg, sz, use_sideband);
458 else
459 xwrite(2, msg, sz);
460}
461
103e02c7 462__attribute__((format (printf, 1, 2)))
466dbc42
SP		 463static void rp_warning(const char *err, ...)
464{
465 va_list params;
466 va_start(params, err);
467 report_message("warning: ", err, params);
468 va_end(params);
469}
470
103e02c7 471__attribute__((format (printf, 1, 2)))
466dbc42
SP		 472static void rp_error(const char *err, ...)
473{
474 va_list params;
475 va_start(params, err);
476 report_message("error: ", err, params);
477 va_end(params);
478}
479
5cf88fd8 480static int copy_to_sideband(int in, int out UNUSED, void *arg UNUSED)
6d525d38
SP		 481{
482 char data[128];
83558686
JK		 483 int keepalive_active = 0;
484
485 if (keepalive_in_sec <= 0)
486 use_keepalive = KEEPALIVE_NEVER;
487 if (use_keepalive == KEEPALIVE_ALWAYS)
488 keepalive_active = 1;
489
6d525d38 490 while (1) {
83558686
JK		 491 ssize_t sz;
492
493 if (keepalive_active) {
494 struct pollfd pfd;
495 int ret;
496
497 pfd.fd = in;
498 pfd.events = POLLIN;
499 ret = poll(&pfd, 1, 1000 * keepalive_in_sec);
500
501 if (ret < 0) {
502 if (errno == EINTR)
503 continue;
504 else
505 break;
506 } else if (ret == 0) {
507 /* no data; send a keepalive packet */
508 static const char buf[] = "0005\1";
509 write_or_die(1, buf, sizeof(buf) - 1);
510 continue;
511 } /* else there is actual data to read */
512 }
513
514 sz = xread(in, data, sizeof(data));
6d525d38
SP		 515 if (sz <= 0)
516 break;
83558686
JK		 517
518 if (use_keepalive == KEEPALIVE_AFTER_NUL && !keepalive_active) {
519 const char *p = memchr(data, '\0', sz);
520 if (p) {
521 /*
522 * The NUL tells us to start sending keepalives. Make
523 * sure we send any other data we read along
524 * with it.
525 */
526 keepalive_active = 1;
527 send_sideband(1, 2, data, p - data, use_sideband);
528 send_sideband(1, 2, p + 1, sz - (p - data + 1), use_sideband);
529 continue;
530 }
531 }
532
533 /*
534 * Either we're not looking for a NUL signal, or we didn't see
535 * it yet; just pass along the data.
536 */
6d525d38
SP		 537 send_sideband(1, 2, data, sz, use_sideband);
538 }
539 close(in);
540 return 0;
541}
542
3013118e 543static void hmac_hash(unsigned char *out,
b89363e4
JH		 544 const char *key_in, size_t key_len,
545 const char *text, size_t text_len)
546{
fabec2c5 547 unsigned char key[GIT_MAX_BLKSZ];
548 unsigned char k_ipad[GIT_MAX_BLKSZ];
549 unsigned char k_opad[GIT_MAX_BLKSZ];
b89363e4 550 int i;
fabec2c5 551 git_hash_ctx ctx;
b89363e4
JH		 552
553 /* RFC 2104 2. (1) */
fabec2c5 554 memset(key, '\0', GIT_MAX_BLKSZ);
555 if (the_hash_algo->blksz < key_len) {
556 the_hash_algo->init_fn(&ctx);
557 the_hash_algo->update_fn(&ctx, key_in, key_len);
558 the_hash_algo->final_fn(key, &ctx);
b89363e4
JH		 559 } else {
560 memcpy(key, key_in, key_len);
561 }
562
563 /* RFC 2104 2. (2) & (5) */
564 for (i = 0; i < sizeof(key); i++) {
565 k_ipad[i] = key[i] ^ 0x36;
566 k_opad[i] = key[i] ^ 0x5c;
567 }
568
569 /* RFC 2104 2. (3) & (4) */
fabec2c5 570 the_hash_algo->init_fn(&ctx);
571 the_hash_algo->update_fn(&ctx, k_ipad, sizeof(k_ipad));
572 the_hash_algo->update_fn(&ctx, text, text_len);
573 the_hash_algo->final_fn(out, &ctx);
b89363e4
JH		 574
575 /* RFC 2104 2. (6) & (7) */
fabec2c5 576 the_hash_algo->init_fn(&ctx);
577 the_hash_algo->update_fn(&ctx, k_opad, sizeof(k_opad));
578 the_hash_algo->update_fn(&ctx, out, the_hash_algo->rawsz);
579 the_hash_algo->final_fn(out, &ctx);
b89363e4
JH		 580}
581
dddbad72 582static char *prepare_push_cert_nonce(const char *path, timestamp_t stamp)
b89363e4
JH		 583{
584 struct strbuf buf = STRBUF_INIT;
fabec2c5 585 unsigned char hash[GIT_MAX_RAWSZ];
b89363e4 586
cb71f8bd 587 strbuf_addf(&buf, "%s:%"PRItime, path, stamp);
3013118e 588 hmac_hash(hash, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));
b89363e4
JH		 589 strbuf_release(&buf);
590
3013118e 591 /* RFC 2104 5. HMAC-SHA1 or HMAC-SHA256 */
fc06be3b 592 strbuf_addf(&buf, "%"PRItime"-%.*s", stamp, (int)the_hash_algo->hexsz, hash_to_hex(hash));
b89363e4
JH		 593 return strbuf_detach(&buf, NULL);
594}
595
cbaf82cc
JT		 596static char *find_header(const char *msg, size_t len, const char *key,
597 const char **next_line)
b89363e4 598{
cfc5cf42
JC		 599 size_t out_len;
600 const char *val = find_header_mem(msg, len, key, &out_len);
601
602 if (!val)
603 return NULL;
604
605 if (next_line)
606 *next_line = val + out_len + 1;
607
608 return xmemdupz(val, out_len);
b89363e4
JH		 609}
610
edc6dccf 611/*
612 * Return zero if a and b are equal up to n bytes and nonzero if they are not.
613 * This operation is guaranteed to run in constant time to avoid leaking data.
614 */
615static int constant_memequal(const char *a, const char *b, size_t n)
616{
617 int res = 0;
719483e5
JH		 618 size_t i;
619
620 for (i = 0; i < n; i++)
edc6dccf 621 res |= a[i] ^ b[i];
622 return res;
623}
624
b89363e4
JH		 625static const char *check_nonce(const char *buf, size_t len)
626{
cbaf82cc 627 char *nonce = find_header(buf, len, "nonce", NULL);
dddbad72 628 timestamp_t stamp, ostamp;
5732373d 629 char *bohmac, *expect = NULL;
b89363e4 630 const char *retval = NONCE_BAD;
edc6dccf 631 size_t noncelen;
b89363e4
JH		 632
633 if (!nonce) {
634 retval = NONCE_MISSING;
635 goto leave;
636 } else if (!push_cert_nonce) {
637 retval = NONCE_UNSOLICITED;
638 goto leave;
639 } else if (!strcmp(push_cert_nonce, nonce)) {
640 retval = NONCE_OK;
641 goto leave;
642 }
643
5732373d
JH		 644 if (!stateless_rpc) {
645 /* returned nonce MUST match what we gave out earlier */
646 retval = NONCE_BAD;
647 goto leave;
648 }
649
650 /*
651 * In stateless mode, we may be receiving a nonce issued by
652 * another instance of the server that serving the same
653 * repository, and the timestamps may not match, but the
654 * nonce-seed and dir should match, so we can recompute and
655 * report the time slop.
656 *
657 * In addition, when a nonce issued by another instance has
658 * timestamp within receive.certnonceslop seconds, we pretend
659 * as if we issued that nonce when reporting to the hook.
660 */
661
662 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
663 if (*nonce <= '0' || '9' < *nonce) {
664 retval = NONCE_BAD;
665 goto leave;
666 }
1aeb7e75 667 stamp = parse_timestamp(nonce, &bohmac, 10);
5732373d
JH		 668 if (bohmac == nonce || bohmac[0] != '-') {
669 retval = NONCE_BAD;
670 goto leave;
671 }
672
edc6dccf 673 noncelen = strlen(nonce);
5732373d 674 expect = prepare_push_cert_nonce(service_dir, stamp);
edc6dccf 675 if (noncelen != strlen(expect)) {
676 /* This is not even the right size. */
677 retval = NONCE_BAD;
678 goto leave;
679 }
680 if (constant_memequal(expect, nonce, noncelen)) {
5732373d
JH		 681 /* Not what we would have signed earlier */
682 retval = NONCE_BAD;
683 goto leave;
684 }
685
686 /*
687 * By how many seconds is this nonce stale? Negative value
688 * would mean it was issued by another server with its clock
689 * skewed in the future.
690 */
1aeb7e75 691 ostamp = parse_timestamp(push_cert_nonce, NULL, 10);
5732373d
JH		 692 nonce_stamp_slop = (long)ostamp - (long)stamp;
693
694 if (nonce_stamp_slop_limit &&
31a8aa1e 695 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
5732373d
JH		 696 /*
697 * Pretend as if the received nonce (which passes the
698 * HMAC check, so it is not a forged by third-party)
699 * is what we issued.
700 */
701 free((void *)push_cert_nonce);
702 push_cert_nonce = xstrdup(nonce);
703 retval = NONCE_OK;
704 } else {
705 retval = NONCE_SLOP;
706 }
b89363e4
JH		 707
708leave:
709 free(nonce);
5732373d 710 free(expect);
b89363e4
JH		 711 return retval;
712}
713
cbaf82cc
JT		 714/*
715 * Return 1 if there is no push_cert or if the push options in push_cert are
716 * the same as those in the argument; 0 otherwise.
717 */
718static int check_cert_push_options(const struct string_list *push_options)
719{
720 const char *buf = push_cert.buf;
721 int len = push_cert.len;
722
723 char *option;
724 const char *next_line;
725 int options_seen = 0;
726
727 int retval = 1;
728
729 if (!len)
730 return 1;
731
732 while ((option = find_header(buf, len, "push-option", &next_line))) {
733 len -= (next_line - buf);
734 buf = next_line;
735 options_seen++;
736 if (options_seen > push_options->nr
737 || strcmp(option,
738 push_options->items[options_seen - 1].string)) {
739 retval = 0;
740 goto leave;
741 }
742 free(option);
743 }
744
745 if (options_seen != push_options->nr)
746 retval = 0;
747
748leave:
749 free(option);
750 return retval;
751}
752
a85b377d
JH		 753static void prepare_push_cert_sha1(struct child_process *proc)
754{
755 static int already_done;
a85b377d
JH		 756
757 if (!push_cert.len)
758 return;
759
760 if (!already_done) {
d05b9618
JH		 761 int bogs /* beginning_of_gpg_sig */;
762
a85b377d 763 already_done = 1;
c80d226a 764 if (write_object_file(push_cert.buf, push_cert.len, OBJ_BLOB,
a09c985e
PO		 765 &push_cert_oid))
766 oidclr(&push_cert_oid);
d05b9618
JH		 767
768 memset(&sigcheck, '\0', sizeof(sigcheck));
d05b9618 769
482c1191 770 bogs = parse_signed_buffer(push_cert.buf, push_cert.len);
02769437
FS		 771 sigcheck.payload = xmemdupz(push_cert.buf, bogs);
772 sigcheck.payload_len = bogs;
773 check_signature(&sigcheck, push_cert.buf + bogs,
774 push_cert.len - bogs);
d05b9618 775
b89363e4 776 nonce_status = check_nonce(push_cert.buf, bogs);
a85b377d 777 }
a09c985e 778 if (!is_null_oid(&push_cert_oid)) {
29fda24d 779 strvec_pushf(&proc->env, "GIT_PUSH_CERT=%s",
f6d8942b 780 oid_to_hex(&push_cert_oid));
29fda24d 781 strvec_pushf(&proc->env, "GIT_PUSH_CERT_SIGNER=%s",
f6d8942b 782 sigcheck.signer ? sigcheck.signer : "");
29fda24d 783 strvec_pushf(&proc->env, "GIT_PUSH_CERT_KEY=%s",
f6d8942b 784 sigcheck.key ? sigcheck.key : "");
29fda24d 785 strvec_pushf(&proc->env, "GIT_PUSH_CERT_STATUS=%c",
f6d8942b 786 sigcheck.result);
b89363e4 787 if (push_cert_nonce) {
29fda24d 788 strvec_pushf(&proc->env,
f6d8942b
JK		 789 "GIT_PUSH_CERT_NONCE=%s",
790 push_cert_nonce);
29fda24d 791 strvec_pushf(&proc->env,
f6d8942b
JK		 792 "GIT_PUSH_CERT_NONCE_STATUS=%s",
793 nonce_status);
5732373d 794 if (nonce_status == NONCE_SLOP)
29fda24d 795 strvec_pushf(&proc->env,
f6d8942b
JK		 796 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
797 nonce_stamp_slop);
b89363e4 798 }
a85b377d
JH		 799 }
800}
801
77a9745d
SB		 802struct receive_hook_feed_state {
803 struct command *cmd;
195d6eae 804 struct ref_push_report *report;
77a9745d
SB		 805 int skip_broken;
806 struct strbuf buf;
807 const struct string_list *push_options;
808};
809
9684e44a 810typedef int (*feed_fn)(void *, const char **, size_t *);
77a9745d
SB		 811static int run_and_feed_hook(const char *hook_name, feed_fn feed,
812 struct receive_hook_feed_state *feed_state)
b1bf95bb 813{
d3180279 814 struct child_process proc = CHILD_PROCESS_INIT;
6d525d38 815 struct async muxer;
9684e44a 816 int code;
7f14609e 817 const char *hook_path = find_hook(hook_name);
b1bf95bb 818
7f14609e 819 if (!hook_path)
b1bf95bb 820 return 0;
c8dd2771 821
7f14609e 822 strvec_push(&proc.args, hook_path);
f43cd49f
SP		 823 proc.in = -1;
824 proc.stdout_to_stderr = 1;
6206286e
JH		 825 proc.trace2_hook_name = hook_name;
826
77a9745d 827 if (feed_state->push_options) {
99d60545 828 size_t i;
77a9745d 829 for (i = 0; i < feed_state->push_options->nr; i++)
29fda24d 830 strvec_pushf(&proc.env,
99d60545
ÆAB		 831 "GIT_PUSH_OPTION_%"PRIuMAX"=%s",
832 (uintmax_t)i,
f6d8942b 833 feed_state->push_options->items[i].string);
29fda24d 834 strvec_pushf(&proc.env, "GIT_PUSH_OPTION_COUNT=%"PRIuMAX"",
99d60545 835 (uintmax_t)feed_state->push_options->nr);
77a9745d 836 } else
29fda24d 837 strvec_pushf(&proc.env, "GIT_PUSH_OPTION_COUNT");
f43cd49f 838
722ff7f8 839 if (tmp_objdir)
29fda24d 840 strvec_pushv(&proc.env, tmp_objdir_env(tmp_objdir));
722ff7f8 841
6d525d38
SP		 842 if (use_sideband) {
843 memset(&muxer, 0, sizeof(muxer));
844 muxer.proc = copy_to_sideband;
845 muxer.in = -1;
846 code = start_async(&muxer);
847 if (code)
848 return code;
849 proc.err = muxer.in;
850 }
851
5d222c09
RS		 852 prepare_push_cert_sha1(&proc);
853
f43cd49f 854 code = start_command(&proc);
6d525d38
SP		 855 if (code) {
856 if (use_sideband)
857 finish_async(&muxer);
90e41a89 858 return code;
6d525d38
SP		 859 }
860
ec7dbd14
JH		 861 sigchain_push(SIGPIPE, SIG_IGN);
862
9684e44a
JH		 863 while (1) {
864 const char *buf;
865 size_t n;
866 if (feed(feed_state, &buf, &n))
867 break;
06f46f23 868 if (write_in_full(proc.in, buf, n) < 0)
9684e44a 869 break;
c8dd2771 870 }
e72ae288 871 close(proc.in);
6d525d38
SP		 872 if (use_sideband)
873 finish_async(&muxer);
ec7dbd14
JH		 874
875 sigchain_pop(SIGPIPE);
876
90e41a89 877 return finish_command(&proc);
b1bf95bb
JW		 878}
879
9684e44a
JH		 880static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
881{
882 struct receive_hook_feed_state *state = state_;
883 struct command *cmd = state->cmd;
884
cdc2b2f3
JH		 885 while (cmd &&
886 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
9684e44a
JH		 887 cmd = cmd->next;
888 if (!cmd)
889 return -1; /* EOF */
195d6eae
JX		 890 if (!bufp)
891 return 0; /* OK, can feed something. */
9684e44a 892 strbuf_reset(&state->buf);
195d6eae
JX		 893 if (!state->report)
894 state->report = cmd->report;
895 if (state->report) {
896 struct object_id *old_oid;
897 struct object_id *new_oid;
898 const char *ref_name;
899
900 old_oid = state->report->old_oid ? state->report->old_oid : &cmd->old_oid;
901 new_oid = state->report->new_oid ? state->report->new_oid : &cmd->new_oid;
902 ref_name = state->report->ref_name ? state->report->ref_name : cmd->ref_name;
903 strbuf_addf(&state->buf, "%s %s %s\n",
904 oid_to_hex(old_oid), oid_to_hex(new_oid),
905 ref_name);
906 state->report = state->report->next;
907 if (!state->report)
908 state->cmd = cmd->next;
909 } else {
910 strbuf_addf(&state->buf, "%s %s %s\n",
911 oid_to_hex(&cmd->old_oid), oid_to_hex(&cmd->new_oid),
912 cmd->ref_name);
913 state->cmd = cmd->next;
914 }
9684e44a
JH		 915 if (bufp) {
916 *bufp = state->buf.buf;
917 *sizep = state->buf.len;
918 }
919 return 0;
920}
921
77a9745d
SB		 922static int run_receive_hook(struct command *commands,
923 const char *hook_name,
924 int skip_broken,
925 const struct string_list *push_options)
9684e44a
JH		 926{
927 struct receive_hook_feed_state state;
928 int status;
929
930 strbuf_init(&state.buf, 0);
931 state.cmd = commands;
cdc2b2f3 932 state.skip_broken = skip_broken;
195d6eae 933 state.report = NULL;
9684e44a
JH		 934 if (feed_receive_hook(&state, NULL, NULL))
935 return 0;
936 state.cmd = commands;
77a9745d 937 state.push_options = push_options;
9684e44a
JH		 938 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
939 strbuf_release(&state.buf);
940 return status;
941}
942
1d9e8b56
SP		 943static int run_update_hook(struct command *cmd)
944{
d3180279 945 struct child_process proc = CHILD_PROCESS_INIT;
6d525d38 946 int code;
7f14609e 947 const char *hook_path = find_hook("update");
1d9e8b56 948
7f14609e 949 if (!hook_path)
1d9e8b56
SP		 950 return 0;
951
7f14609e
ÆAB		 952 strvec_push(&proc.args, hook_path);
953 strvec_push(&proc.args, cmd->ref_name);
954 strvec_push(&proc.args, oid_to_hex(&cmd->old_oid));
955 strvec_push(&proc.args, oid_to_hex(&cmd->new_oid));
1d9e8b56 956
6d525d38
SP		 957 proc.no_stdin = 1;
958 proc.stdout_to_stderr = 1;
959 proc.err = use_sideband ? -1 : 0;
6206286e 960 proc.trace2_hook_name = "update";
6d525d38
SP		 961
962 code = start_command(&proc);
963 if (code)
964 return code;
965 if (use_sideband)
966 copy_to_sideband(proc.err, -1, NULL);
967 return finish_command(&proc);
1d9e8b56
SP		 968}
969
15d3af5e
JX		 970static struct command *find_command_by_refname(struct command *list,
971 const char *refname)
972{
973 for (; list; list = list->next)
974 if (!strcmp(list->ref_name, refname))
975 return list;
976 return NULL;
977}
978
979static int read_proc_receive_report(struct packet_reader *reader,
980 struct command *commands,
981 struct strbuf *errmsg)
982{
983 struct command *cmd;
984 struct command *hint = NULL;
985 struct ref_push_report *report = NULL;
986 int new_report = 0;
987 int code = 0;
988 int once = 0;
f65003b4 989 int response = 0;
15d3af5e
JX		 990
991 for (;;) {
992 struct object_id old_oid, new_oid;
993 const char *head;
994 const char *refname;
995 char *p;
f65003b4
JX		 996 enum packet_read_status status;
997
998 status = packet_reader_read(reader);
999 if (status != PACKET_READ_NORMAL) {
1000 /* Check whether proc-receive exited abnormally */
1001 if (status == PACKET_READ_EOF && !response) {
1002 strbuf_addstr(errmsg, "proc-receive exited abnormally");
1003 return -1;
1004 }
15d3af5e 1005 break;
f65003b4
JX		 1006 }
1007 response++;
15d3af5e
JX		 1008
1009 head = reader->line;
1010 p = strchr(head, ' ');
1011 if (!p) {
1012 strbuf_addf(errmsg, "proc-receive reported incomplete status line: '%s'\n", head);
1013 code = -1;
1014 continue;
1015 }
1016 *p++ = '\0';
1017 if (!strcmp(head, "option")) {
1018 const char *key, *val;
1019
1020 if (!hint || !(report || new_report)) {
1021 if (!once++)
1022 strbuf_addstr(errmsg, "proc-receive reported 'option' without a matching 'ok/ng' directive\n");
1023 code = -1;
1024 continue;
1025 }
1026 if (new_report) {
1027 if (!hint->report) {
ca56dadb 1028 CALLOC_ARRAY(hint->report, 1);
15d3af5e
JX		 1029 report = hint->report;
1030 } else {
1031 report = hint->report;
1032 while (report->next)
1033 report = report->next;
1034 report->next = xcalloc(1, sizeof(struct ref_push_report));
1035 report = report->next;
1036 }
1037 new_report = 0;
1038 }
1039 key = p;
1040 p = strchr(key, ' ');
1041 if (p)
1042 *p++ = '\0';
1043 val = p;
1044 if (!strcmp(key, "refname"))
1045 report->ref_name = xstrdup_or_null(val);
1046 else if (!strcmp(key, "old-oid") && val &&
1047 !parse_oid_hex(val, &old_oid, &val))
1048 report->old_oid = oiddup(&old_oid);
1049 else if (!strcmp(key, "new-oid") && val &&
1050 !parse_oid_hex(val, &new_oid, &val))
1051 report->new_oid = oiddup(&new_oid);
1052 else if (!strcmp(key, "forced-update"))
1053 report->forced_update = 1;
1054 else if (!strcmp(key, "fall-through"))
1055 /* Fall through, let 'receive-pack' to execute it. */
1056 hint->run_proc_receive = 0;
1057 continue;
1058 }
1059
1060 report = NULL;
1061 new_report = 0;
1062 refname = p;
1063 p = strchr(refname, ' ');
1064 if (p)
1065 *p++ = '\0';
1066 if (strcmp(head, "ok") && strcmp(head, "ng")) {
1067 strbuf_addf(errmsg, "proc-receive reported bad status '%s' on ref '%s'\n",
1068 head, refname);
1069 code = -1;
1070 continue;
1071 }
1072
1073 /* first try searching at our hint, falling back to all refs */
1074 if (hint)
1075 hint = find_command_by_refname(hint, refname);
1076 if (!hint)
1077 hint = find_command_by_refname(commands, refname);
1078 if (!hint) {
1079 strbuf_addf(errmsg, "proc-receive reported status on unknown ref: %s\n",
1080 refname);
1081 code = -1;
1082 continue;
1083 }
1084 if (!hint->run_proc_receive) {
1085 strbuf_addf(errmsg, "proc-receive reported status on unexpected ref: %s\n",
1086 refname);
1087 code = -1;
1088 continue;
1089 }
1090 hint->run_proc_receive |= RUN_PROC_RECEIVE_RETURNED;
1091 if (!strcmp(head, "ng")) {
1092 if (p)
1093 hint->error_string = xstrdup(p);
1094 else
1095 hint->error_string = "failed";
1096 code = -1;
1097 continue;
1098 }
1099 new_report = 1;
1100 }
1101
1102 for (cmd = commands; cmd; cmd = cmd->next)
1103 if (cmd->run_proc_receive && !cmd->error_string &&
1104 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED)) {
1105 cmd->error_string = "proc-receive failed to report status";
1106 code = -1;
1107 }
1108 return code;
1109}
1110
1111static int run_proc_receive_hook(struct command *commands,
1112 const struct string_list *push_options)
1113{
1114 struct child_process proc = CHILD_PROCESS_INIT;
1115 struct async muxer;
1116 struct command *cmd;
15d3af5e
JX		 1117 struct packet_reader reader;
1118 struct strbuf cap = STRBUF_INIT;
1119 struct strbuf errmsg = STRBUF_INIT;
1120 int hook_use_push_options = 0;
1121 int version = 0;
1122 int code;
7f14609e 1123 const char *hook_path = find_hook("proc-receive");
15d3af5e 1124
7f14609e 1125 if (!hook_path) {
15d3af5e
JX		 1126 rp_error("cannot find hook 'proc-receive'");
1127 return -1;
1128 }
15d3af5e 1129
7f14609e 1130 strvec_push(&proc.args, hook_path);
15d3af5e
JX		 1131 proc.in = -1;
1132 proc.out = -1;
1133 proc.trace2_hook_name = "proc-receive";
1134
1135 if (use_sideband) {
1136 memset(&muxer, 0, sizeof(muxer));
1137 muxer.proc = copy_to_sideband;
1138 muxer.in = -1;
1139 code = start_async(&muxer);
1140 if (code)
1141 return code;
1142 proc.err = muxer.in;
1143 } else {
1144 proc.err = 0;
1145 }
1146
1147 code = start_command(&proc);
1148 if (code) {
1149 if (use_sideband)
1150 finish_async(&muxer);
1151 return code;
1152 }
1153
1154 sigchain_push(SIGPIPE, SIG_IGN);
1155
1156 /* Version negotiaton */
1157 packet_reader_init(&reader, proc.out, NULL, 0,
1158 PACKET_READ_CHOMP_NEWLINE |
1159 PACKET_READ_GENTLE_ON_EOF);
1160 if (use_atomic)
1161 strbuf_addstr(&cap, " atomic");
1162 if (use_push_options)
1163 strbuf_addstr(&cap, " push-options");
1164 if (cap.len) {
f65003b4 1165 code = packet_write_fmt_gently(proc.in, "version=1%c%s\n", '\0', cap.buf + 1);
15d3af5e
JX		 1166 strbuf_release(&cap);
1167 } else {
f65003b4 1168 code = packet_write_fmt_gently(proc.in, "version=1\n");
15d3af5e 1169 }
f65003b4
JX		 1170 if (!code)
1171 code = packet_flush_gently(proc.in);
1172
1173 if (!code)
1174 for (;;) {
1175 int linelen;
1176 enum packet_read_status status;
1177
1178 status = packet_reader_read(&reader);
1179 if (status != PACKET_READ_NORMAL) {
1180 /* Check whether proc-receive exited abnormally */
1181 if (status == PACKET_READ_EOF)
1182 code = -1;
1183 break;
1184 }
15d3af5e 1185
f65003b4
JX		 1186 if (reader.pktlen > 8 && starts_with(reader.line, "version=")) {
1187 version = atoi(reader.line + 8);
1188 linelen = strlen(reader.line);
1189 if (linelen < reader.pktlen) {
1190 const char *feature_list = reader.line + linelen + 1;
1191 if (parse_feature_request(feature_list, "push-options"))
1192 hook_use_push_options = 1;
1193 }
15d3af5e
JX		 1194 }
1195 }
f65003b4
JX		 1196
1197 if (code) {
1198 strbuf_addstr(&errmsg, "fail to negotiate version with proc-receive hook");
1199 goto cleanup;
15d3af5e
JX		 1200 }
1201
80ffeb94
JX		 1202 switch (version) {
1203 case 0:
1204 /* fallthrough */
1205 case 1:
1206 break;
1207 default:
15d3af5e
JX		 1208 strbuf_addf(&errmsg, "proc-receive version '%d' is not supported",
1209 version);
1210 code = -1;
1211 goto cleanup;
1212 }
1213
1214 /* Send commands */
1215 for (cmd = commands; cmd; cmd = cmd->next) {
1216 if (!cmd->run_proc_receive || cmd->skip_update || cmd->error_string)
1217 continue;
f65003b4
JX		 1218 code = packet_write_fmt_gently(proc.in, "%s %s %s",
1219 oid_to_hex(&cmd->old_oid),
1220 oid_to_hex(&cmd->new_oid),
1221 cmd->ref_name);
1222 if (code)
1223 break;
1224 }
1225 if (!code)
1226 code = packet_flush_gently(proc.in);
1227 if (code) {
1228 strbuf_addstr(&errmsg, "fail to write commands to proc-receive hook");
1229 goto cleanup;
15d3af5e 1230 }
15d3af5e
JX		 1231
1232 /* Send push options */
1233 if (hook_use_push_options) {
1234 struct string_list_item *item;
1235
f65003b4
JX		 1236 for_each_string_list_item(item, push_options) {
1237 code = packet_write_fmt_gently(proc.in, "%s", item->string);
1238 if (code)
1239 break;
1240 }
1241 if (!code)
1242 code = packet_flush_gently(proc.in);
1243 if (code) {
1244 strbuf_addstr(&errmsg,
1245 "fail to write push-options to proc-receive hook");
1246 goto cleanup;
1247 }
15d3af5e
JX		 1248 }
1249
1250 /* Read result from proc-receive */
1251 code = read_proc_receive_report(&reader, commands, &errmsg);
1252
1253cleanup:
1254 close(proc.in);
1255 close(proc.out);
1256 if (use_sideband)
1257 finish_async(&muxer);
1258 if (finish_command(&proc))
1259 code = -1;
1260 if (errmsg.len >0) {
1261 char *p = errmsg.buf;
1262
1263 p += errmsg.len - 1;
1264 if (*p == '\n')
1265 *p = '\0';
1266 rp_error("%s", errmsg.buf);
1267 strbuf_release(&errmsg);
1268 }
1269 sigchain_pop(SIGPIPE);
1270
1271 return code;
1272}
1273
8ba35a2d
VA		 1274static char *refuse_unconfigured_deny_msg =
1275 N_("By default, updating the current branch in a non-bare repository\n"
1276 "is denied, because it will make the index and work tree inconsistent\n"
1277 "with what you pushed, and will require 'git reset --hard' to match\n"
1278 "the work tree to HEAD.\n"
1279 "\n"
2ddaa427
AH		 1280 "You can set the 'receive.denyCurrentBranch' configuration variable\n"
1281 "to 'ignore' or 'warn' in the remote repository to allow pushing into\n"
8ba35a2d
VA		 1282 "its current branch; however, this is not recommended unless you\n"
1283 "arranged to update its work tree to match what you pushed in some\n"
1284 "other way.\n"
1285 "\n"
1286 "To squelch this message and still keep the default behaviour, set\n"
1287 "'receive.denyCurrentBranch' configuration variable to 'refuse'.");
3d95d92b 1288
acd2a45b 1289static void refuse_unconfigured_deny(void)
3d95d92b 1290{
8ba35a2d 1291 rp_error("%s", _(refuse_unconfigured_deny_msg));
3d95d92b
JH		 1292}
1293
8ba35a2d
VA		 1294static char *refuse_unconfigured_deny_delete_current_msg =
1295 N_("By default, deleting the current branch is denied, because the next\n"
1296 "'git clone' won't result in any file checked out, causing confusion.\n"
1297 "\n"
1298 "You can set 'receive.denyDeleteCurrent' configuration variable to\n"
1299 "'warn' or 'ignore' in the remote repository to allow deleting the\n"
1300 "current branch, with or without a warning message.\n"
1301 "\n"
1302 "To squelch this message, you can set it to 'refuse'.");
747ca245 1303
375881fa 1304static void refuse_unconfigured_deny_delete_current(void)
747ca245 1305{
8ba35a2d 1306 rp_error("%s", _(refuse_unconfigured_deny_delete_current_msg));
747ca245
JH		 1307}
1308
9fec7b21 1309static const struct object_id *command_singleton_iterator(void *cb_data);
0a1bc12b
NTND		 1310static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
1311{
cac4b8e2 1312 struct shallow_lock shallow_lock = SHALLOW_LOCK_INIT;
910650d2 1313 struct oid_array extra = OID_ARRAY_INIT;
7043c707 1314 struct check_connected_options opt = CHECK_CONNECTED_INIT;
0a1bc12b
NTND		 1315 uint32_t mask = 1 << (cmd->index % 32);
1316 int i;
1317
6aa30857 1318 trace_printf_key(&trace_shallow,
0a1bc12b
NTND		 1319 "shallow: update_shallow_ref %s\n", cmd->ref_name);
1320 for (i = 0; i < si->shallow->nr; i++)
1321 if (si->used_shallow[i] &&
1322 (si->used_shallow[i][cmd->index / 32] & mask) &&
1323 !delayed_reachability_test(si, i))
910650d2 1324 oid_array_append(&extra, &si->shallow->oid[i]);
0a1bc12b 1325
722ff7f8 1326 opt.env = tmp_objdir_env(tmp_objdir);
7043c707
JK		 1327 setup_alternate_shallow(&shallow_lock, &opt.shallow_file, &extra);
1328 if (check_connected(command_singleton_iterator, cmd, &opt)) {
37b9dcab 1329 rollback_shallow_file(the_repository, &shallow_lock);
910650d2 1330 oid_array_clear(&extra);
0a1bc12b
NTND		 1331 return -1;
1332 }
1333
37b9dcab 1334 commit_shallow_file(the_repository, &shallow_lock);
0a1bc12b
NTND		 1335
1336 /*
1337 * Make sure setup_alternate_shallow() for the next ref does
1338 * not lose these new roots..
1339 */
1340 for (i = 0; i < extra.nr; i++)
19143f13 1341 register_shallow(the_repository, &extra.oid[i]);
0a1bc12b
NTND		 1342
1343 si->shallow_ref[cmd->index] = 0;
910650d2 1344 oid_array_clear(&extra);
0a1bc12b
NTND		 1345 return 0;
1346}
1347
1a51b524
JH		 1348/*
1349 * NEEDSWORK: we should consolidate various implementions of "are we
1350 * on an unborn branch?" test into one, and make the unified one more
1351 * robust. !get_sha1() based check used here and elsewhere would not
1352 * allow us to tell an unborn branch from corrupt ref, for example.
1353 * For the purpose of fixing "deploy-to-update does not work when
1354 * pushing into an empty repository" issue, this should suffice for
1355 * now.
1356 */
1357static int head_has_history(void)
1358{
15be4a5d 1359 struct object_id oid;
1a51b524 1360
d850b7a5 1361 return !repo_get_oid(the_repository, "HEAD", &oid);
1a51b524
JH		 1362}
1363
21b138d0 1364static const char *push_to_deploy(unsigned char *sha1,
22f9b7f3 1365 struct strvec *env,
21b138d0 1366 const char *work_tree)
1404bcbb 1367{
1404bcbb
JS		 1368 struct child_process child = CHILD_PROCESS_INIT;
1369
2b709893
ÆAB		 1370 strvec_pushl(&child.args, "update-index", "-q", "--ignore-submodules",
1371 "--refresh", NULL);
29fda24d 1372 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1373 child.dir = work_tree;
1374 child.no_stdin = 1;
1375 child.stdout_to_stderr = 1;
1376 child.git_cmd = 1;
21b138d0 1377 if (run_command(&child))
1404bcbb 1378 return "Up-to-date check failed";
1404bcbb
JS		 1379
1380 /* run_command() does not clean up completely; reinitialize */
1381 child_process_init(&child);
2b709893
ÆAB		 1382 strvec_pushl(&child.args, "diff-files", "--quiet",
1383 "--ignore-submodules", "--", NULL);
29fda24d 1384 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1385 child.dir = work_tree;
1386 child.no_stdin = 1;
1387 child.stdout_to_stderr = 1;
1388 child.git_cmd = 1;
21b138d0 1389 if (run_command(&child))
1404bcbb 1390 return "Working directory has unstaged changes";
1404bcbb
JS		 1391
1392 child_process_init(&child);
2b709893
ÆAB		 1393 strvec_pushl(&child.args, "diff-index", "--quiet", "--cached",
1394 "--ignore-submodules",
1395 /* diff-index with either HEAD or an empty tree */
1396 head_has_history() ? "HEAD" : empty_tree_oid_hex(),
1397 "--", NULL);
29fda24d 1398 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1399 child.no_stdin = 1;
1400 child.no_stdout = 1;
1401 child.stdout_to_stderr = 0;
1402 child.git_cmd = 1;
21b138d0 1403 if (run_command(&child))
1404bcbb 1404 return "Working directory has staged changes";
1404bcbb 1405
1404bcbb 1406 child_process_init(&child);
2b709893
ÆAB		 1407 strvec_pushl(&child.args, "read-tree", "-u", "-m", hash_to_hex(sha1),
1408 NULL);
29fda24d 1409 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1410 child.dir = work_tree;
1411 child.no_stdin = 1;
1412 child.no_stdout = 1;
1413 child.stdout_to_stderr = 0;
1414 child.git_cmd = 1;
21b138d0 1415 if (run_command(&child))
1404bcbb 1416 return "Could not update working tree to new HEAD";
1404bcbb 1417
1404bcbb
JS		 1418 return NULL;
1419}
1420
08553319
JH		 1421static const char *push_to_checkout_hook = "push-to-checkout";
1422
fc06be3b 1423static const char *push_to_checkout(unsigned char *hash,
a8cc5943 1424 int *invoked_hook,
22f9b7f3 1425 struct strvec *env,
08553319
JH		 1426 const char *work_tree)
1427{
306f445e 1428 struct run_hooks_opt opt = RUN_HOOKS_OPT_INIT;
a8cc5943 1429 opt.invoked_hook = invoked_hook;
306f445e 1430
22f9b7f3 1431 strvec_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
306f445e
ES		 1432 strvec_pushv(&opt.env, env->v);
1433 strvec_push(&opt.args, hash_to_hex(hash));
1434 if (run_hooks_opt(push_to_checkout_hook, &opt))
08553319
JH		 1435 return "push-to-checkout hook declined";
1436 else
1437 return NULL;
1438}
1439
4ef34648 1440static const char *update_worktree(unsigned char *sha1, const struct worktree *worktree)
21b138d0 1441{
38baae6c 1442 const char *retval, *git_dir;
22f9b7f3 1443 struct strvec env = STRVEC_INIT;
a8cc5943 1444 int invoked_hook;
21b138d0 1445
38baae6c
AK		 1446 if (!worktree || !worktree->path)
1447 BUG("worktree->path must be non-NULL");
4ef34648 1448
9fdf4f1d 1449 if (worktree->is_bare)
21b138d0 1450 return "denyCurrentBranch = updateInstead needs a worktree";
38baae6c 1451 git_dir = get_worktree_git_dir(worktree);
21b138d0 1452
22f9b7f3 1453 strvec_pushf(&env, "GIT_DIR=%s", absolute_path(git_dir));
21b138d0 1454
a8cc5943
ÆAB		 1455 retval = push_to_checkout(sha1, &invoked_hook, &env, worktree->path);
1456 if (!invoked_hook)
38baae6c 1457 retval = push_to_deploy(sha1, &env, worktree->path);
21b138d0 1458
22f9b7f3 1459 strvec_clear(&env);
21b138d0
JH		 1460 return retval;
1461}
1462
0a1bc12b 1463static const char *update(struct command *cmd, struct shallow_info *si)
2eca23da 1464{
cfee10a7 1465 const char *name = cmd->ref_name;
6b01ecfe 1466 struct strbuf namespaced_name_buf = STRBUF_INIT;
bda6e828
JS		 1467 static char *namespaced_name;
1468 const char *ret;
9c44ea44 1469 struct object_id *old_oid = &cmd->old_oid;
1470 struct object_id *new_oid = &cmd->new_oid;
b072a25f 1471 int do_update_worktree = 0;
c8dd491f
AK		 1472 struct worktree **worktrees = get_worktrees();
1473 const struct worktree *worktree =
9fdf4f1d 1474 find_shared_symref(worktrees, "HEAD", name);
2eca23da 1475
061d6b9a 1476 /* only refs/... are allowed */
7c3c5502
ZH		 1477 if (!starts_with(name, "refs/") ||
1478 check_refname_format(name + 5, is_null_oid(new_oid) ?
1479 REFNAME_ALLOW_ONELEVEL : 0)) {
d81ba50a 1480 rp_error("refusing to update funny ref '%s' remotely", name);
c8dd491f
AK		 1481 ret = "funny refname";
1482 goto out;
cfee10a7 1483 }
d8a1deec 1484
6b01ecfe 1485 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
bda6e828 1486 free(namespaced_name);
6b01ecfe
JT		 1487 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
1488
9fdf4f1d 1489 if (worktree && !worktree->is_bare) {
3d95d92b
JH		 1490 switch (deny_current_branch) {
1491 case DENY_IGNORE:
986e8239 1492 break;
3d95d92b 1493 case DENY_WARN:
466dbc42 1494 rp_warning("updating the current branch");
986e8239 1495 break;
3d95d92b 1496 case DENY_REFUSE:
acd2a45b 1497 case DENY_UNCONFIGURED:
466dbc42 1498 rp_error("refusing to update checked out branch: %s", name);
acd2a45b
JH		 1499 if (deny_current_branch == DENY_UNCONFIGURED)
1500 refuse_unconfigured_deny();
c8dd491f
AK		 1501 ret = "branch is currently checked out";
1502 goto out;
1404bcbb 1503 case DENY_UPDATE_INSTEAD:
b072a25f
JH		 1504 /* pass -- let other checks intervene first */
1505 do_update_worktree = 1;
1404bcbb 1506 break;
3d95d92b 1507 }
986e8239
JK		 1508 }
1509
bc726bd0 1510 if (!is_null_oid(new_oid) && !repo_has_object_file(the_repository, new_oid)) {
8aaf7d64 1511 error("unpack should have generated %s, "
9c44ea44 1512 "but I can't find it!", oid_to_hex(new_oid));
c8dd491f
AK		 1513 ret = "bad pack";
1514 goto out;
cfee10a7 1515 }
747ca245 1516
9c44ea44 1517 if (!is_null_oid(old_oid) && is_null_oid(new_oid)) {
59556548 1518 if (deny_deletes && starts_with(name, "refs/heads/")) {
466dbc42 1519 rp_error("denying ref deletion for %s", name);
c8dd491f
AK		 1520 ret = "deletion prohibited";
1521 goto out;
747ca245
JH		 1522 }
1523
4ef34648 1524 if (worktree || (head_name && !strcmp(namespaced_name, head_name))) {
747ca245
JH		 1525 switch (deny_delete_current) {
1526 case DENY_IGNORE:
1527 break;
1528 case DENY_WARN:
466dbc42 1529 rp_warning("deleting the current branch");
747ca245
JH		 1530 break;
1531 case DENY_REFUSE:
375881fa 1532 case DENY_UNCONFIGURED:
1404bcbb 1533 case DENY_UPDATE_INSTEAD:
375881fa
JH		 1534 if (deny_delete_current == DENY_UNCONFIGURED)
1535 refuse_unconfigured_deny_delete_current();
466dbc42 1536 rp_error("refusing to delete the current branch: %s", name);
c8dd491f
AK		 1537 ret = "deletion of the current branch prohibited";
1538 goto out;
1404bcbb 1539 default:
c8dd491f
AK		 1540 ret = "Invalid denyDeleteCurrent setting";
1541 goto out;
747ca245
JH		 1542 }
1543 }
a240de11 1544 }
747ca245 1545
9c44ea44 1546 if (deny_non_fast_forwards && !is_null_oid(new_oid) &&
1547 !is_null_oid(old_oid) &&
59556548 1548 starts_with(name, "refs/heads/")) {
eab82707 1549 struct object *old_object, *new_object;
11031d7e 1550 struct commit *old_commit, *new_commit;
11031d7e 1551
109cd76d
SB		 1552 old_object = parse_object(the_repository, old_oid);
1553 new_object = parse_object(the_repository, new_oid);
eab82707
MK		 1554
1555 if (!old_object || !new_object ||
1556 old_object->type != OBJ_COMMIT ||
1557 new_object->type != OBJ_COMMIT) {
1558 error("bad sha1 objects for %s", name);
c8dd491f
AK		 1559 ret = "bad ref";
1560 goto out;
eab82707
MK		 1561 }
1562 old_commit = (struct commit *)old_object;
1563 new_commit = (struct commit *)new_object;
cb338c23 1564 if (!repo_in_merge_bases(the_repository, old_commit, new_commit)) {
466dbc42
SP		 1565 rp_error("denying non-fast-forward %s"
1566 " (you should pull first)", name);
c8dd491f
AK		 1567 ret = "non-fast-forward";
1568 goto out;
8aaf7d64 1569 }
11031d7e 1570 }
1d9e8b56 1571 if (run_update_hook(cmd)) {
466dbc42 1572 rp_error("hook declined to update %s", name);
c8dd491f
AK		 1573 ret = "hook declined";
1574 goto out;
b1bf95bb 1575 }
3159c8dc 1576
b072a25f 1577 if (do_update_worktree) {
38baae6c 1578 ret = update_worktree(new_oid->hash, worktree);
b072a25f 1579 if (ret)
c8dd491f 1580 goto out;
b072a25f
JH		 1581 }
1582
9c44ea44 1583 if (is_null_oid(new_oid)) {
222368c6 1584 struct strbuf err = STRBUF_INIT;
109cd76d 1585 if (!parse_object(the_repository, old_oid)) {
9c44ea44 1586 old_oid = NULL;
160b81ed 1587 if (ref_exists(name)) {
c25edee9 1588 rp_warning("allowing deletion of corrupt ref");
160b81ed 1589 } else {
c25edee9 1590 rp_warning("deleting a non-existent ref");
160b81ed
PYH		 1591 cmd->did_not_exist = 1;
1592 }
28391a80 1593 }
222368c6
SB		 1594 if (ref_transaction_delete(transaction,
1595 namespaced_name,
89f3bbdd 1596 old_oid,
fb5a6bb6 1597 0, "push", &err)) {
222368c6 1598 rp_error("%s", err.buf);
c8dd491f
AK		 1599 ret = "failed to delete";
1600 } else {
1601 ret = NULL; /* good */
d4f694ba 1602 }
222368c6 1603 strbuf_release(&err);
d4f694ba
JH		 1604 }
1605 else {
6629ea2d 1606 struct strbuf err = STRBUF_INIT;
0a1bc12b 1607 if (shallow_update && si->shallow_ref[cmd->index] &&
c8dd491f
AK		 1608 update_shallow_ref(cmd, si)) {
1609 ret = "shallow error";
1610 goto out;
1611 }
0a1bc12b 1612
222368c6
SB		 1613 if (ref_transaction_update(transaction,
1614 namespaced_name,
89f3bbdd 1615 new_oid, old_oid,
1d147bdf 1616 0, "push",
222368c6 1617 &err)) {
6629ea2d 1618 rp_error("%s", err.buf);
c8dd491f
AK		 1619 ret = "failed to update ref";
1620 } else {
1621 ret = NULL; /* good */
ef203f08 1622 }
6629ea2d 1623 strbuf_release(&err);
19614330 1624 }
c8dd491f
AK		 1625
1626out:
1627 free_worktrees(worktrees);
1628 return ret;
2eca23da
LT		 1629}
1630
5e1c71fd 1631static void run_update_post_hook(struct command *commands)
19614330 1632{
5e1c71fd 1633 struct command *cmd;
d3180279 1634 struct child_process proc = CHILD_PROCESS_INIT;
dcf69262 1635 const char *hook;
19614330 1636
5a7da2dc 1637 hook = find_hook("post-update");
dce96c41 1638 if (!hook)
3e6e152c 1639 return;
5a7da2dc 1640
850d2fec 1641 for (cmd = commands; cmd; cmd = cmd->next) {
160b81ed 1642 if (cmd->error_string || cmd->did_not_exist)
19614330 1643 continue;
d70a9eb6 1644 if (!proc.args.nr)
22f9b7f3
JK		 1645 strvec_push(&proc.args, hook);
1646 strvec_push(&proc.args, cmd->ref_name);
19614330 1647 }
d70a9eb6 1648 if (!proc.args.nr)
dce96c41 1649 return;
6d525d38 1650
6d525d38
SP		 1651 proc.no_stdin = 1;
1652 proc.stdout_to_stderr = 1;
1653 proc.err = use_sideband ? -1 : 0;
6206286e 1654 proc.trace2_hook_name = "post-update";
6d525d38
SP		 1655
1656 if (!start_command(&proc)) {
1657 if (use_sideband)
1658 copy_to_sideband(proc.err, -1, NULL);
1659 finish_command(&proc);
1660 }
19614330 1661}
2eca23da 1662
99036237
ÆAB		 1663static void check_aliased_update_internal(struct command *cmd,
1664 struct string_list *list,
1665 const char *dst_name, int flag)
da3efdb1
JS		 1666{
1667 struct string_list_item *item;
1668 struct command *dst_cmd;
da3efdb1
JS		 1669
1670 if (!(flag & REF_ISSYMREF))
1671 return;
1672
6b01ecfe
JT		 1673 if (!dst_name) {
1674 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1675 cmd->skip_update = 1;
1676 cmd->error_string = "broken symref";
1677 return;
1678 }
ded83936 1679 dst_name = strip_namespace(dst_name);
6b01ecfe 1680
afe8a907 1681 if (!(item = string_list_lookup(list, dst_name)))
da3efdb1
JS		 1682 return;
1683
1684 cmd->skip_update = 1;
1685
1686 dst_cmd = (struct command *) item->util;
1687
4a7e27e9
JK		 1688 if (oideq(&cmd->old_oid, &dst_cmd->old_oid) &&
1689 oideq(&cmd->new_oid, &dst_cmd->new_oid))
da3efdb1
JS		 1690 return;
1691
1692 dst_cmd->skip_update = 1;
1693
da3efdb1
JS		 1694 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1695 " its target '%s' (%s..%s)",
ef2ed501 1696 cmd->ref_name,
d850b7a5
ÆAB		 1697 repo_find_unique_abbrev(the_repository, &cmd->old_oid, DEFAULT_ABBREV),
1698 repo_find_unique_abbrev(the_repository, &cmd->new_oid, DEFAULT_ABBREV),
ef2ed501 1699 dst_cmd->ref_name,
d850b7a5
ÆAB		 1700 repo_find_unique_abbrev(the_repository, &dst_cmd->old_oid, DEFAULT_ABBREV),
1701 repo_find_unique_abbrev(the_repository, &dst_cmd->new_oid, DEFAULT_ABBREV));
da3efdb1
JS		 1702
1703 cmd->error_string = dst_cmd->error_string =
1704 "inconsistent aliased update";
1705}
1706
99036237
ÆAB		 1707static void check_aliased_update(struct command *cmd, struct string_list *list)
1708{
1709 struct strbuf buf = STRBUF_INIT;
1710 const char *dst_name;
1711 int flag;
1712
1713 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1714 dst_name = resolve_ref_unsafe(buf.buf, 0, NULL, &flag);
1715 check_aliased_update_internal(cmd, list, dst_name, flag);
1716 strbuf_release(&buf);
1717}
1718
da3efdb1
JS		 1719static void check_aliased_updates(struct command *commands)
1720{
1721 struct command *cmd;
183113a5 1722 struct string_list ref_list = STRING_LIST_INIT_NODUP;
da3efdb1
JS		 1723
1724 for (cmd = commands; cmd; cmd = cmd->next) {
1725 struct string_list_item *item =
1d2f80fa 1726 string_list_append(&ref_list, cmd->ref_name);
da3efdb1
JS		 1727 item->util = (void *)cmd;
1728 }
3383e199 1729 string_list_sort(&ref_list);
da3efdb1 1730
ef7e93d9
CB		 1731 for (cmd = commands; cmd; cmd = cmd->next) {
1732 if (!cmd->error_string)
1733 check_aliased_update(cmd, &ref_list);
1734 }
da3efdb1
JS		 1735
1736 string_list_clear(&ref_list, 0);
1737}
1738
9fec7b21 1739static const struct object_id *command_singleton_iterator(void *cb_data)
52fed6e1
JH		 1740{
1741 struct command **cmd_list = cb_data;
1742 struct command *cmd = *cmd_list;
1743
9c44ea44 1744 if (!cmd || is_null_oid(&cmd->new_oid))
9fec7b21 1745 return NULL;
52fed6e1 1746 *cmd_list = NULL; /* this returns only one */
9fec7b21 1747 return &cmd->new_oid;
52fed6e1
JH		 1748}
1749
0a1bc12b
NTND		 1750static void set_connectivity_errors(struct command *commands,
1751 struct shallow_info *si)
52fed6e1
JH		 1752{
1753 struct command *cmd;
1754
1755 for (cmd = commands; cmd; cmd = cmd->next) {
1756 struct command *singleton = cmd;
722ff7f8
JK		 1757 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1758
0a1bc12b
NTND		 1759 if (shallow_update && si->shallow_ref[cmd->index])
1760 /* to be checked in update_shallow_ref() */
1761 continue;
722ff7f8
JK		 1762
1763 opt.env = tmp_objdir_env(tmp_objdir);
7043c707 1764 if (!check_connected(command_singleton_iterator, &singleton,
722ff7f8 1765 &opt))
52fed6e1 1766 continue;
722ff7f8 1767
52fed6e1
JH		 1768 cmd->error_string = "missing necessary objects";
1769 }
1770}
1771
0a1bc12b
NTND		 1772struct iterate_data {
1773 struct command *cmds;
1774 struct shallow_info *si;
1775};
1776
9fec7b21 1777static const struct object_id *iterate_receive_command_list(void *cb_data)
52fed6e1 1778{
0a1bc12b
NTND		 1779 struct iterate_data *data = cb_data;
1780 struct command **cmd_list = &data->cmds;
52fed6e1
JH		 1781 struct command *cmd = *cmd_list;
1782
0a1bc12b
NTND		 1783 for (; cmd; cmd = cmd->next) {
1784 if (shallow_update && data->si->shallow_ref[cmd->index])
1785 /* to be checked in update_shallow_ref() */
1786 continue;
9c44ea44 1787 if (!is_null_oid(&cmd->new_oid) && !cmd->skip_update) {
ee6dfb2d 1788 *cmd_list = cmd->next;
9fec7b21 1789 return &cmd->new_oid;
ee6dfb2d 1790 }
ee6dfb2d 1791 }
9fec7b21 1792 return NULL;
52fed6e1
JH		 1793}
1794
daebaa78
JH		 1795static void reject_updates_to_hidden(struct command *commands)
1796{
78a766ab
LF		 1797 struct strbuf refname_full = STRBUF_INIT;
1798 size_t prefix_len;
daebaa78
JH		 1799 struct command *cmd;
1800
78a766ab
LF		 1801 strbuf_addstr(&refname_full, get_git_namespace());
1802 prefix_len = refname_full.len;
1803
daebaa78 1804 for (cmd = commands; cmd; cmd = cmd->next) {
78a766ab
LF		 1805 if (cmd->error_string)
1806 continue;
1807
1808 strbuf_setlen(&refname_full, prefix_len);
1809 strbuf_addstr(&refname_full, cmd->ref_name);
1810
9b67eb6f 1811 if (!ref_is_hidden(cmd->ref_name, refname_full.buf, &hidden_refs))
daebaa78 1812 continue;
9c44ea44 1813 if (is_null_oid(&cmd->new_oid))
daebaa78
JH		 1814 cmd->error_string = "deny deleting a hidden ref";
1815 else
1816 cmd->error_string = "deny updating a hidden ref";
1817 }
78a766ab
LF		 1818
1819 strbuf_release(&refname_full);
daebaa78
JH		 1820}
1821
a6a84319
SB		 1822static int should_process_cmd(struct command *cmd)
1823{
1824 return !cmd->error_string && !cmd->skip_update;
1825}
1826
07b1d8f1 1827static void BUG_if_skipped_connectivity_check(struct command *commands,
a6a84319
SB		 1828 struct shallow_info *si)
1829{
1830 struct command *cmd;
a6a84319
SB		 1831
1832 for (cmd = commands; cmd; cmd = cmd->next) {
07b1d8f1
ÆAB		 1833 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index])
1834 bug("connectivity check has not been run on ref %s",
1835 cmd->ref_name);
a6a84319 1836 }
07b1d8f1 1837 BUG_if_bug("connectivity check skipped???");
a6a84319
SB		 1838}
1839
a1a26145
SB		 1840static void execute_commands_non_atomic(struct command *commands,
1841 struct shallow_info *si)
1842{
1843 struct command *cmd;
222368c6
SB		 1844 struct strbuf err = STRBUF_INIT;
1845
a1a26145 1846 for (cmd = commands; cmd; cmd = cmd->next) {
15d3af5e 1847 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
a1a26145
SB		 1848 continue;
1849
222368c6
SB		 1850 transaction = ref_transaction_begin(&err);
1851 if (!transaction) {
1852 rp_error("%s", err.buf);
1853 strbuf_reset(&err);
1854 cmd->error_string = "transaction failed to start";
1855 continue;
1856 }
1857
a1a26145 1858 cmd->error_string = update(cmd, si);
222368c6
SB		 1859
1860 if (!cmd->error_string
1861 && ref_transaction_commit(transaction, &err)) {
1862 rp_error("%s", err.buf);
1863 strbuf_reset(&err);
1864 cmd->error_string = "failed to update ref";
1865 }
1866 ref_transaction_free(transaction);
a1a26145 1867 }
68deed29
SB		 1868 strbuf_release(&err);
1869}
222368c6 1870
68deed29
SB		 1871static void execute_commands_atomic(struct command *commands,
1872 struct shallow_info *si)
1873{
1874 struct command *cmd;
1875 struct strbuf err = STRBUF_INIT;
1876 const char *reported_error = "atomic push failure";
1877
1878 transaction = ref_transaction_begin(&err);
1879 if (!transaction) {
1880 rp_error("%s", err.buf);
1881 strbuf_reset(&err);
1882 reported_error = "transaction failed to start";
1883 goto failure;
1884 }
1885
1886 for (cmd = commands; cmd; cmd = cmd->next) {
15d3af5e 1887 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
68deed29
SB		 1888 continue;
1889
1890 cmd->error_string = update(cmd, si);
1891
1892 if (cmd->error_string)
1893 goto failure;
1894 }
1895
1896 if (ref_transaction_commit(transaction, &err)) {
1897 rp_error("%s", err.buf);
1898 reported_error = "atomic transaction failed";
1899 goto failure;
1900 }
1901 goto cleanup;
1902
1903failure:
1904 for (cmd = commands; cmd; cmd = cmd->next)
1905 if (!cmd->error_string)
1906 cmd->error_string = reported_error;
1907
1908cleanup:
1909 ref_transaction_free(transaction);
222368c6 1910 strbuf_release(&err);
a1a26145
SB		 1911}
1912
0a1bc12b
NTND		 1913static void execute_commands(struct command *commands,
1914 const char *unpacker_error,
77a9745d
SB		 1915 struct shallow_info *si,
1916 const struct string_list *push_options)
575f4974 1917{
d415092a 1918 struct check_connected_options opt = CHECK_CONNECTED_INIT;
5e1c71fd 1919 struct command *cmd;
0a1bc12b 1920 struct iterate_data data;
d415092a
JK		 1921 struct async muxer;
1922 int err_fd = 0;
15d3af5e 1923 int run_proc_receive = 0;
8aaf7d64
SP		 1924
1925 if (unpacker_error) {
5e1c71fd 1926 for (cmd = commands; cmd; cmd = cmd->next)
74eb32d3 1927 cmd->error_string = "unpacker error";
8aaf7d64
SP		 1928 return;
1929 }
1930
d415092a
JK		 1931 if (use_sideband) {
1932 memset(&muxer, 0, sizeof(muxer));
1933 muxer.proc = copy_to_sideband;
1934 muxer.in = -1;
1935 if (!start_async(&muxer))
1936 err_fd = muxer.in;
1937 /* ...else, continue without relaying sideband */
1938 }
1939
0a1bc12b
NTND		 1940 data.cmds = commands;
1941 data.si = si;
d415092a 1942 opt.err_fd = err_fd;
6b4cd2f8 1943 opt.progress = err_fd && !quiet;
722ff7f8 1944 opt.env = tmp_objdir_env(tmp_objdir);
bcec6780
PS		 1945 opt.exclude_hidden_refs_section = "receive";
1946
d415092a 1947 if (check_connected(iterate_receive_command_list, &data, &opt))
0a1bc12b 1948 set_connectivity_errors(commands, si);
52fed6e1 1949
d415092a
JK		 1950 if (use_sideband)
1951 finish_async(&muxer);
1952
daebaa78
JH		 1953 reject_updates_to_hidden(commands);
1954
15d3af5e
JX		 1955 /*
1956 * Try to find commands that have special prefix in their reference names,
1957 * and mark them to run an external "proc-receive" hook later.
1958 */
31e8595a
JX		 1959 if (proc_receive_ref) {
1960 for (cmd = commands; cmd; cmd = cmd->next) {
1961 if (!should_process_cmd(cmd))
1962 continue;
15d3af5e 1963
31e8595a
JX		 1964 if (proc_receive_ref_matches(cmd)) {
1965 cmd->run_proc_receive = RUN_PROC_RECEIVE_SCHEDULED;
1966 run_proc_receive = 1;
1967 }
15d3af5e
JX		 1968 }
1969 }
1970
77a9745d 1971 if (run_receive_hook(commands, "pre-receive", 0, push_options)) {
ef7e93d9
CB		 1972 for (cmd = commands; cmd; cmd = cmd->next) {
1973 if (!cmd->error_string)
1974 cmd->error_string = "pre-receive hook declined";
1975 }
05ef58ec
SP		 1976 return;
1977 }
1978
54077640
CB		 1979 /*
1980 * If there is no command ready to run, should return directly to destroy
1981 * temporary data in the quarantine area.
1982 */
1983 for (cmd = commands; cmd && cmd->error_string; cmd = cmd->next)
1984 ; /* nothing */
1985 if (!cmd)
1986 return;
1987
722ff7f8
JK		 1988 /*
1989 * Now we'll start writing out refs, which means the objects need
1990 * to be in their final positions so that other processes can see them.
1991 */
1992 if (tmp_objdir_migrate(tmp_objdir) < 0) {
1993 for (cmd = commands; cmd; cmd = cmd->next) {
1994 if (!cmd->error_string)
1995 cmd->error_string = "unable to migrate objects to permanent storage";
1996 }
1997 return;
1998 }
1999 tmp_objdir = NULL;
2000
da3efdb1
JS		 2001 check_aliased_updates(commands);
2002
96ec7b1e 2003 free(head_name_to_free);
efbd4fdf 2004 head_name = head_name_to_free = resolve_refdup("HEAD", 0, NULL, NULL);
747ca245 2005
15d3af5e
JX		 2006 if (run_proc_receive &&
2007 run_proc_receive_hook(commands, push_options))
2008 for (cmd = commands; cmd; cmd = cmd->next)
2009 if (!cmd->error_string &&
2010 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED) &&
2011 (cmd->run_proc_receive || use_atomic))
2012 cmd->error_string = "fail to run proc-receive hook";
2013
68deed29
SB		 2014 if (use_atomic)
2015 execute_commands_atomic(commands, si);
2016 else
2017 execute_commands_non_atomic(commands, si);
0a1bc12b 2018
a6a84319 2019 if (shallow_update)
07b1d8f1 2020 BUG_if_skipped_connectivity_check(commands, si);
575f4974
LT		 2021}
2022
39895c74
JH		 2023static struct command **queue_command(struct command **tail,
2024 const char *line,
2025 int linelen)
2026{
9c44ea44 2027 struct object_id old_oid, new_oid;
39895c74
JH		 2028 struct command *cmd;
2029 const char *refname;
2030 int reflen;
9c44ea44 2031 const char *p;
39895c74 2032
9c44ea44 2033 if (parse_oid_hex(line, &old_oid, &p) ||
2034 *p++ != ' ' ||
2035 parse_oid_hex(p, &new_oid, &p) ||
2036 *p++ != ' ')
39895c74
JH		 2037 die("protocol error: expected old/new/ref, got '%s'", line);
2038
9c44ea44 2039 refname = p;
2040 reflen = linelen - (p - line);
ddd0bfac 2041 FLEX_ALLOC_MEM(cmd, ref_name, refname, reflen);
9c44ea44 2042 oidcpy(&cmd->old_oid, &old_oid);
2043 oidcpy(&cmd->new_oid, &new_oid);
39895c74
JH		 2044 *tail = cmd;
2045 return &cmd->next;
2046}
2047
1fdd31cf
ÆAB		 2048static void free_commands(struct command *commands)
2049{
2050 while (commands) {
2051 struct command *next = commands->next;
2052
2053 free(commands);
2054 commands = next;
2055 }
2056}
2057
4adf569d
JH		 2058static void queue_commands_from_cert(struct command **tail,
2059 struct strbuf *push_cert)
2060{
2061 const char *boc, *eoc;
2062
2063 if (*tail)
2064 die("protocol error: got both push certificate and unsigned commands");
2065
2066 boc = strstr(push_cert->buf, "\n\n");
2067 if (!boc)
2068 die("malformed push certificate %.*s", 100, push_cert->buf);
2069 else
2070 boc += 2;
482c1191 2071 eoc = push_cert->buf + parse_signed_buffer(push_cert->buf, push_cert->len);
4adf569d
JH		 2072
2073 while (boc < eoc) {
2074 const char *eol = memchr(boc, '\n', eoc - boc);
f2214ded 2075 tail = queue_command(tail, boc, eol ? eol - boc : eoc - boc);
4adf569d
JH		 2076 boc = eol ? eol + 1 : eoc;
2077 }
2078}
2079
01f9ec64
MS		 2080static struct command *read_head_info(struct packet_reader *reader,
2081 struct oid_array *shallow)
575f4974 2082{
5e1c71fd 2083 struct command *commands = NULL;
eb1af2df 2084 struct command **p = &commands;
575f4974 2085 for (;;) {
01f9ec64 2086 int linelen;
eb1af2df 2087
01f9ec64 2088 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
575f4974 2089 break;
5dbd7676 2090
01f9ec64 2091 if (reader->pktlen > 8 && starts_with(reader->line, "shallow ")) {
9c44ea44 2092 struct object_id oid;
01f9ec64 2093 if (get_oid_hex(reader->line + 8, &oid))
c09b71cc 2094 die("protocol error: expected shallow sha, got '%s'",
01f9ec64 2095 reader->line + 8);
910650d2 2096 oid_array_append(shallow, &oid);
5dbd7676
NTND		 2097 continue;
2098 }
2099
01f9ec64
MS		 2100 linelen = strlen(reader->line);
2101 if (linelen < reader->pktlen) {
2102 const char *feature_list = reader->line + linelen + 1;
bb095d08 2103 const char *hash = NULL;
a2a066d9 2104 const char *client_sid;
7ce4c8f7 2105 size_t len = 0;
f47182c8 2106 if (parse_feature_request(feature_list, "report-status"))
cfee10a7 2107 report_status = 1;
63518a57
JX		 2108 if (parse_feature_request(feature_list, "report-status-v2"))
2109 report_status_v2 = 1;
f47182c8 2110 if (parse_feature_request(feature_list, "side-band-64k"))
38a81b4e 2111 use_sideband = LARGE_PACKET_MAX;
c207e34f
CB		 2112 if (parse_feature_request(feature_list, "quiet"))
2113 quiet = 1;
1b70fe5d
RS		 2114 if (advertise_atomic_push
2115 && parse_feature_request(feature_list, "atomic"))
2116 use_atomic = 1;
c714e45f
SB		 2117 if (advertise_push_options
2118 && parse_feature_request(feature_list, "push-options"))
2119 use_push_options = 1;
bb095d08 2120 hash = parse_feature_value(feature_list, "object-format", &len, NULL);
2121 if (!hash) {
2122 hash = hash_algos[GIT_HASH_SHA1].name;
2123 len = strlen(hash);
2124 }
2125 if (xstrncmpz(the_hash_algo->name, hash, len))
2126 die("error: unsupported object format '%s'", hash);
a2a066d9
JS		 2127 client_sid = parse_feature_value(feature_list, "session-id", &len, NULL);
2128 if (client_sid) {
2129 char *sid = xstrndup(client_sid, len);
2130 trace2_data_string("transfer", NULL, "client-sid", client_sid);
2131 free(sid);
2132 }
cfee10a7 2133 }
0e3c339b 2134
01f9ec64 2135 if (!strcmp(reader->line, "push-cert")) {
a85b377d 2136 int true_flush = 0;
01f9ec64
MS		 2137 int saved_options = reader->options;
2138 reader->options &= ~PACKET_READ_CHOMP_NEWLINE;
a85b377d
JH		 2139
2140 for (;;) {
01f9ec64
MS		 2141 packet_reader_read(reader);
2142 if (reader->status == PACKET_READ_FLUSH) {
a85b377d
JH		 2143 true_flush = 1;
2144 break;
2145 }
01f9ec64
MS		 2146 if (reader->status != PACKET_READ_NORMAL) {
2147 die("protocol error: got an unexpected packet");
2148 }
2149 if (!strcmp(reader->line, "push-cert-end\n"))
a85b377d 2150 break; /* end of cert */
01f9ec64 2151 strbuf_addstr(&push_cert, reader->line);
a85b377d 2152 }
01f9ec64 2153 reader->options = saved_options;
a85b377d
JH		 2154
2155 if (true_flush)
2156 break;
2157 continue;
2158 }
2159
01f9ec64 2160 p = queue_command(p, reader->line, linelen);
575f4974 2161 }
4adf569d
JH		 2162
2163 if (push_cert.len)
2164 queue_commands_from_cert(p, &push_cert);
2165
5e1c71fd 2166 return commands;
575f4974
LT		 2167}
2168
01f9ec64
MS		 2169static void read_push_options(struct packet_reader *reader,
2170 struct string_list *options)
c714e45f
SB		 2171{
2172 while (1) {
01f9ec64 2173 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
c714e45f
SB		 2174 break;
2175
01f9ec64 2176 string_list_append(options, reader->line);
c714e45f
SB		 2177 }
2178}
2179
fc04c412
SP		 2180static const char *parse_pack_header(struct pack_header *hdr)
2181{
a69e5429
JH		 2182 switch (read_pack_header(0, hdr)) {
2183 case PH_ERROR_EOF:
2184 return "eof before pack header was fully read";
2185
2186 case PH_ERROR_PACK_SIGNATURE:
fc04c412 2187 return "protocol error (pack signature mismatch detected)";
a69e5429
JH		 2188
2189 case PH_ERROR_PROTOCOL:
fc04c412 2190 return "protocol error (pack version unsupported)";
a69e5429
JH		 2191
2192 default:
2193 return "unknown error in parse_pack_header";
2194
2195 case 0:
2196 return NULL;
2197 }
fc04c412
SP		 2198}
2199
c55c3066 2200static struct tempfile *pack_lockfile;
576162a4 2201
22f9b7f3 2202static void push_header_arg(struct strvec *args, struct pack_header *hdr)
446d5d91 2203{
22f9b7f3 2204 strvec_pushf(args, "--pack_header=%"PRIu32",%"PRIu32,
f6d8942b 2205 ntohl(hdr->hdr_version), ntohl(hdr->hdr_entries));
446d5d91
JK		 2206}
2207
5dbd7676 2208static const char *unpack(int err_fd, struct shallow_info *si)
575f4974 2209{
fc04c412
SP		 2210 struct pack_header hdr;
2211 const char *hdr_err;
31c42bff 2212 int status;
d3180279 2213 struct child_process child = CHILD_PROCESS_INIT;
dab76d3a
JH		 2214 int fsck_objects = (receive_fsck_objects >= 0
2215 ? receive_fsck_objects
2216 : transfer_fsck_objects >= 0
2217 ? transfer_fsck_objects
2218 : 0);
fc04c412
SP		 2219
2220 hdr_err = parse_pack_header(&hdr);
49ecfa13
JK		 2221 if (hdr_err) {
2222 if (err_fd > 0)
2223 close(err_fd);
fc04c412 2224 return hdr_err;
49ecfa13 2225 }
fc04c412 2226
5dbd7676
NTND		 2227 if (si->nr_ours || si->nr_theirs) {
2228 alt_shallow_file = setup_temporary_shallow(si->shallow);
22f9b7f3
JK		 2229 strvec_push(&child.args, "--shallow-file");
2230 strvec_push(&child.args, alt_shallow_file);
5dbd7676
NTND		 2231 }
2232
b3cecf49 2233 tmp_objdir = tmp_objdir_create("incoming");
6cdad1f1
JK		 2234 if (!tmp_objdir) {
2235 if (err_fd > 0)
2236 close(err_fd);
722ff7f8 2237 return "unable to create temporary object directory";
6cdad1f1 2238 }
c21fa3bb 2239 strvec_pushv(&child.env, tmp_objdir_env(tmp_objdir));
722ff7f8
JK		 2240
2241 /*
2242 * Normally we just pass the tmp_objdir environment to the child
2243 * processes that do the heavy lifting, but we may need to see these
2244 * objects ourselves to set up shallow information.
2245 */
2246 tmp_objdir_add_as_alternate(tmp_objdir);
2247
fc04c412 2248 if (ntohl(hdr.hdr_entries) < unpack_limit) {
22f9b7f3 2249 strvec_push(&child.args, "unpack-objects");
446d5d91 2250 push_header_arg(&child.args, &hdr);
c207e34f 2251 if (quiet)
22f9b7f3 2252 strvec_push(&child.args, "-q");
dab76d3a 2253 if (fsck_objects)
22f9b7f3 2254 strvec_pushf(&child.args, "--strict%s",
f6d8942b 2255 fsck_msg_types.buf);
c08db5a2 2256 if (max_input_size)
22f9b7f3 2257 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
f6d8942b 2258 (uintmax_t)max_input_size);
59bfdfb8 2259 child.no_stdout = 1;
a22e6f85 2260 child.err = err_fd;
59bfdfb8 2261 child.git_cmd = 1;
31c42bff
NTND		 2262 status = run_command(&child);
2263 if (status)
2264 return "unpack-objects abnormal exit";
576162a4 2265 } else {
da25bdb7 2266 char hostname[HOST_NAME_MAX + 1];
c55c3066 2267 char *lockfile;
576162a4 2268
22f9b7f3 2269 strvec_pushl(&child.args, "index-pack", "--stdin", NULL);
446d5d91 2270 push_header_arg(&child.args, &hdr);
b26cb7c7 2271
5781a9a2 2272 if (xgethostname(hostname, sizeof(hostname)))
b26cb7c7 2273 xsnprintf(hostname, sizeof(hostname), "localhost");
22f9b7f3 2274 strvec_pushf(&child.args,
f6d8942b
JK		 2275 "--keep=receive-pack %"PRIuMAX" on %s",
2276 (uintmax_t)getpid(),
2277 hostname);
b26cb7c7 2278
d06303bb 2279 if (!quiet && err_fd)
22f9b7f3 2280 strvec_push(&child.args, "--show-resolving-progress");
83558686 2281 if (use_sideband)
22f9b7f3 2282 strvec_push(&child.args, "--report-end-of-input");
dab76d3a 2283 if (fsck_objects)
22f9b7f3 2284 strvec_pushf(&child.args, "--strict%s",
f6d8942b 2285 fsck_msg_types.buf);
1b68387e 2286 if (!reject_thin)
22f9b7f3 2287 strvec_push(&child.args, "--fix-thin");
c08db5a2 2288 if (max_input_size)
22f9b7f3 2289 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
f6d8942b 2290 (uintmax_t)max_input_size);
31c42bff
NTND		 2291 child.out = -1;
2292 child.err = err_fd;
2293 child.git_cmd = 1;
2294 status = start_command(&child);
2295 if (status)
576162a4 2296 return "index-pack fork failed";
c55c3066
PS		 2297
2298 lockfile = index_pack_lockfile(child.out, NULL);
2299 if (lockfile) {
2300 pack_lockfile = register_tempfile(lockfile);
2301 free(lockfile);
2302 }
31c42bff 2303 close(child.out);
c55c3066 2304
31c42bff
NTND		 2305 status = finish_command(&child);
2306 if (status)
2307 return "index-pack abnormal exit";
a49d2834 2308 reprepare_packed_git(the_repository);
cfee10a7 2309 }
31c42bff 2310 return NULL;
cfee10a7
JH		 2311}
2312
5dbd7676 2313static const char *unpack_with_sideband(struct shallow_info *si)
a22e6f85
JK		 2314{
2315 struct async muxer;
2316 const char *ret;
2317
2318 if (!use_sideband)
5dbd7676 2319 return unpack(0, si);
a22e6f85 2320
83558686 2321 use_keepalive = KEEPALIVE_AFTER_NUL;
a22e6f85
JK		 2322 memset(&muxer, 0, sizeof(muxer));
2323 muxer.proc = copy_to_sideband;
2324 muxer.in = -1;
2325 if (start_async(&muxer))
2326 return NULL;
2327
5dbd7676 2328 ret = unpack(muxer.in, si);
a22e6f85
JK		 2329
2330 finish_async(&muxer);
2331 return ret;
2332}
2333
c95fc72f 2334static void prepare_shallow_update(struct shallow_info *si)
0a1bc12b 2335{
42c78a21 2336 int i, j, k, bitmap_size = DIV_ROUND_UP(si->ref->nr, 32);
0a1bc12b 2337
b32fa95f 2338 ALLOC_ARRAY(si->used_shallow, si->shallow->nr);
0a1bc12b
NTND		 2339 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
2340
486f4bd1
JH		 2341 CALLOC_ARRAY(si->need_reachability_test, si->shallow->nr);
2342 CALLOC_ARRAY(si->reachable, si->shallow->nr);
2343 CALLOC_ARRAY(si->shallow_ref, si->ref->nr);
0a1bc12b
NTND		 2344
2345 for (i = 0; i < si->nr_ours; i++)
2346 si->need_reachability_test[si->ours[i]] = 1;
2347
2348 for (i = 0; i < si->shallow->nr; i++) {
2349 if (!si->used_shallow[i])
2350 continue;
2351 for (j = 0; j < bitmap_size; j++) {
2352 if (!si->used_shallow[i][j])
2353 continue;
2354 si->need_reachability_test[i]++;
2355 for (k = 0; k < 32; k++)
9a93c668 2356 if (si->used_shallow[i][j] & (1U << k))
0a1bc12b
NTND		 2357 si->shallow_ref[j * 32 + k]++;
2358 }
2359
2360 /*
2361 * true for those associated with some refs and belong
2362 * in "ours" list aka "step 7 not done yet"
2363 */
2364 si->need_reachability_test[i] =
2365 si->need_reachability_test[i] > 1;
2366 }
2367
2368 /*
2369 * keep hooks happy by forcing a temporary shallow file via
2370 * env variable because we can't add --shallow-file to every
7987d223 2371 * command. check_connected() will be done with
0a1bc12b
NTND		 2372 * true .git/shallow though.
2373 */
2374 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
2375}
2376
5dbd7676
NTND		 2377static void update_shallow_info(struct command *commands,
2378 struct shallow_info *si,
910650d2 2379 struct oid_array *ref)
5dbd7676
NTND		 2380{
2381 struct command *cmd;
2382 int *ref_status;
2383 remove_nonexistent_theirs_shallow(si);
0a1bc12b
NTND		 2384 if (!si->nr_ours && !si->nr_theirs) {
2385 shallow_update = 0;
5dbd7676 2386 return;
0a1bc12b 2387 }
5dbd7676
NTND		 2388
2389 for (cmd = commands; cmd; cmd = cmd->next) {
9c44ea44 2390 if (is_null_oid(&cmd->new_oid))
5dbd7676 2391 continue;
910650d2 2392 oid_array_append(ref, &cmd->new_oid);
5dbd7676
NTND		 2393 cmd->index = ref->nr - 1;
2394 }
2395 si->ref = ref;
2396
0a1bc12b 2397 if (shallow_update) {
c95fc72f 2398 prepare_shallow_update(si);
0a1bc12b
NTND		 2399 return;
2400 }
2401
b32fa95f 2402 ALLOC_ARRAY(ref_status, ref->nr);
5dbd7676
NTND		 2403 assign_shallow_commits_to_refs(si, NULL, ref_status);
2404 for (cmd = commands; cmd; cmd = cmd->next) {
9c44ea44 2405 if (is_null_oid(&cmd->new_oid))
5dbd7676
NTND		 2406 continue;
2407 if (ref_status[cmd->index]) {
2408 cmd->error_string = "shallow update not allowed";
2409 cmd->skip_update = 1;
2410 }
2411 }
5dbd7676
NTND		 2412 free(ref_status);
2413}
2414
5e1c71fd 2415static void report(struct command *commands, const char *unpack_status)
cfee10a7
JH		 2416{
2417 struct command *cmd;
38a81b4e
SP		 2418 struct strbuf buf = STRBUF_INIT;
2419
2420 packet_buf_write(&buf, "unpack %s\n",
2421 unpack_status ? unpack_status : "ok");
cfee10a7
JH		 2422 for (cmd = commands; cmd; cmd = cmd->next) {
2423 if (!cmd->error_string)
38a81b4e
SP		 2424 packet_buf_write(&buf, "ok %s\n",
2425 cmd->ref_name);
cfee10a7 2426 else
38a81b4e
SP		 2427 packet_buf_write(&buf, "ng %s %s\n",
2428 cmd->ref_name, cmd->error_string);
575f4974 2429 }
38a81b4e
SP		 2430 packet_buf_flush(&buf);
2431
2432 if (use_sideband)
2433 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2434 else
cdf4fb8e 2435 write_or_die(1, buf.buf, buf.len);
38a81b4e 2436 strbuf_release(&buf);
575f4974
LT		 2437}
2438
63518a57
JX		 2439static void report_v2(struct command *commands, const char *unpack_status)
2440{
2441 struct command *cmd;
2442 struct strbuf buf = STRBUF_INIT;
2443 struct ref_push_report *report;
2444
2445 packet_buf_write(&buf, "unpack %s\n",
2446 unpack_status ? unpack_status : "ok");
2447 for (cmd = commands; cmd; cmd = cmd->next) {
2448 int count = 0;
2449
2450 if (cmd->error_string) {
2451 packet_buf_write(&buf, "ng %s %s\n",
2452 cmd->ref_name,
2453 cmd->error_string);
2454 continue;
2455 }
2456 packet_buf_write(&buf, "ok %s\n",
2457 cmd->ref_name);
2458 for (report = cmd->report; report; report = report->next) {
2459 if (count++ > 0)
2460 packet_buf_write(&buf, "ok %s\n",
2461 cmd->ref_name);
2462 if (report->ref_name)
2463 packet_buf_write(&buf, "option refname %s\n",
2464 report->ref_name);
2465 if (report->old_oid)
2466 packet_buf_write(&buf, "option old-oid %s\n",
2467 oid_to_hex(report->old_oid));
2468 if (report->new_oid)
2469 packet_buf_write(&buf, "option new-oid %s\n",
2470 oid_to_hex(report->new_oid));
2471 if (report->forced_update)
2472 packet_buf_write(&buf, "option forced-update\n");
2473 }
2474 }
2475 packet_buf_flush(&buf);
2476
2477 if (use_sideband)
2478 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2479 else
2480 write_or_die(1, buf.buf, buf.len);
2481 strbuf_release(&buf);
2482}
2483
5e1c71fd 2484static int delete_only(struct command *commands)
d4f694ba 2485{
5e1c71fd
JS		 2486 struct command *cmd;
2487 for (cmd = commands; cmd; cmd = cmd->next) {
9c44ea44 2488 if (!is_null_oid(&cmd->new_oid))
d4f694ba 2489 return 0;
d4f694ba
JH		 2490 }
2491 return 1;
2492}
2493
be5908ae 2494int cmd_receive_pack(int argc, const char **argv, const char *prefix)
575f4974 2495{
42526b47 2496 int advertise_refs = 0;
5e1c71fd 2497 struct command *commands;
910650d2 2498 struct oid_array shallow = OID_ARRAY_INIT;
2499 struct oid_array ref = OID_ARRAY_INIT;
5dbd7676 2500 struct shallow_info si;
01f9ec64 2501 struct packet_reader reader;
575f4974 2502
1b68387e
SS		 2503 struct option options[] = {
2504 OPT__QUIET(&quiet, N_("quiet")),
2505 OPT_HIDDEN_BOOL(0, "stateless-rpc", &stateless_rpc, NULL),
98e2d9d6
ÆAB		 2506 OPT_HIDDEN_BOOL(0, "http-backend-info-refs", &advertise_refs, NULL),
2507 OPT_ALIAS(0, "advertise-refs", "http-backend-info-refs"),
1b68387e
SS		 2508 OPT_HIDDEN_BOOL(0, "reject-thin-pack-for-testing", &reject_thin, NULL),
2509 OPT_END()
2510 };
bbc30f99 2511
1b68387e 2512 packet_trace_identity("receive-pack");
575f4974 2513
1b68387e 2514 argc = parse_options(argc, argv, prefix, options, receive_pack_usage, 0);
c207e34f 2515
1b68387e 2516 if (argc > 1)
c25edee9 2517 usage_msg_opt(_("too many arguments"), receive_pack_usage, options);
1b68387e 2518 if (argc == 0)
c25edee9 2519 usage_msg_opt(_("you must specify a directory"), receive_pack_usage, options);
42526b47 2520
1b68387e 2521 service_dir = argv[0];
575f4974 2522
e1464ca7 2523 setup_path();
5c09f321 2524
5732373d
JH		 2525 if (!enter_repo(service_dir, 0))
2526 die("'%s' does not appear to be a git repository", service_dir);
575f4974 2527
ef90d6d4 2528 git_config(receive_pack_config, NULL);
b89363e4 2529 if (cert_nonce_seed)
5732373d 2530 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
6fb75bed 2531
f3d33f8c 2532 if (0 <= receive_unpack_limit)
e28714c5 2533 unpack_limit = receive_unpack_limit;
f3d33f8c
JH		 2534 else if (0 <= transfer_unpack_limit)
2535 unpack_limit = transfer_unpack_limit;
e28714c5 2536
aa9bab29 2537 switch (determine_protocol_version_server()) {
8f6982b4
BW		 2538 case protocol_v2:
2539 /*
2540 * push support for protocol v2 has not been implemented yet,
2541 * so ignore the request to use v2 and fallback to using v0.
2542 */
2543 break;
aa9bab29
BW		 2544 case protocol_v1:
2545 /*
2546 * v1 is just the original protocol with a version string,
2547 * so just fall through after writing the version string.
2548 */
2549 if (advertise_refs || !stateless_rpc)
2550 packet_write_fmt(1, "version 1\n");
2551
2552 /* fallthrough */
2553 case protocol_v0:
2554 break;
2555 case protocol_unknown_version:
2556 BUG("unknown protocol version");
2557 }
2558
42526b47 2559 if (advertise_refs || !stateless_rpc) {
42526b47 2560 write_head_info();
42526b47
SP		 2561 }
2562 if (advertise_refs)
2563 return 0;
575f4974 2564
2d103c31
MS		 2565 packet_reader_init(&reader, 0, NULL, 0,
2566 PACKET_READ_CHOMP_NEWLINE |
2567 PACKET_READ_DIE_ON_ERR_PACKET);
01f9ec64 2568
afe8a907 2569 if ((commands = read_head_info(&reader, &shallow))) {
d4f694ba 2570 const char *unpack_status = NULL;
77a9745d 2571 struct string_list push_options = STRING_LIST_INIT_DUP;
d4f694ba 2572
c714e45f 2573 if (use_push_options)
01f9ec64 2574 read_push_options(&reader, &push_options);
cbaf82cc
JT		 2575 if (!check_cert_push_options(&push_options)) {
2576 struct command *cmd;
2577 for (cmd = commands; cmd; cmd = cmd->next)
2578 cmd->error_string = "inconsistent push options";
2579 }
c714e45f 2580
5dbd7676 2581 prepare_shallow_info(&si, &shallow);
0a1bc12b
NTND		 2582 if (!si.nr_ours && !si.nr_theirs)
2583 shallow_update = 0;
5dbd7676
NTND		 2584 if (!delete_only(commands)) {
2585 unpack_status = unpack_with_sideband(&si);
2586 update_shallow_info(commands, &si, &ref);
2587 }
83558686 2588 use_keepalive = KEEPALIVE_ALWAYS;
77a9745d
SB		 2589 execute_commands(commands, unpack_status, &si,
2590 &push_options);
c55c3066 2591 delete_tempfile(&pack_lockfile);
d34182b9 2592 sigchain_push(SIGPIPE, SIG_IGN);
63518a57
JX		 2593 if (report_status_v2)
2594 report_v2(commands, unpack_status);
2595 else if (report_status)
5e1c71fd 2596 report(commands, unpack_status);
d34182b9 2597 sigchain_pop(SIGPIPE);
77a9745d
SB		 2598 run_receive_hook(commands, "post-receive", 1,
2599 &push_options);
8e663d9e 2600 run_update_post_hook(commands);
1fdd31cf 2601 free_commands(commands);
4432dd6b 2602 string_list_clear(&push_options, 0);
77e3efbf 2603 if (auto_gc) {
860a2ebe
LF		 2604 struct child_process proc = CHILD_PROCESS_INIT;
2605
2606 proc.no_stdin = 1;
2607 proc.stdout_to_stderr = 1;
2608 proc.err = use_sideband ? -1 : 0;
c4dee2c0 2609 proc.git_cmd = proc.close_object_store = 1;
2b709893
ÆAB		 2610 strvec_pushl(&proc.args, "gc", "--auto", "--quiet",
2611 NULL);
860a2ebe 2612
860a2ebe
LF		 2613 if (!start_command(&proc)) {
2614 if (use_sideband)
2615 copy_to_sideband(proc.err, -1, NULL);
2616 finish_command(&proc);
2617 }
77e3efbf
JH		 2618 }
2619 if (auto_update_server_info)
2620 update_server_info(0);
5dbd7676 2621 clear_shallow_info(&si);
7f8e9828 2622 }
38a81b4e
SP		 2623 if (use_sideband)
2624 packet_flush(1);
910650d2 2625 oid_array_clear(&shallow);
2626 oid_array_clear(&ref);
c45841ff 2627 strvec_clear(&hidden_refs);
b89363e4 2628 free((void *)push_cert_nonce);
575f4974
LT		 2629 return 0;
2630}
Unnamed repository; edit this file 'description' to name the repository.