]>
Commit | Line | Data |
---|---|---|
1e4cd68c | 1 | #include "builtin.h" |
697cc8ef | 2 | #include "lockfile.h" |
fc04c412 | 3 | #include "pack.h" |
8a65ff76 | 4 | #include "refs.h" |
f3a3214e | 5 | #include "pkt-line.h" |
38a81b4e | 6 | #include "sideband.h" |
b1bf95bb | 7 | #include "run-command.h" |
576162a4 | 8 | #include "exec_cmd.h" |
11031d7e JS |
9 | #include "commit.h" |
10 | #include "object.h" | |
d79796bc | 11 | #include "remote.h" |
47a59185 | 12 | #include "connect.h" |
d79796bc | 13 | #include "transport.h" |
da3efdb1 | 14 | #include "string-list.h" |
cff38a5e | 15 | #include "sha1-array.h" |
52fed6e1 | 16 | #include "connected.h" |
31c42bff | 17 | #include "argv-array.h" |
ff5effdf | 18 | #include "version.h" |
d05b9618 JH |
19 | #include "tag.h" |
20 | #include "gpg-interface.h" | |
ec7dbd14 | 21 | #include "sigchain.h" |
5d477a33 | 22 | #include "fsck.h" |
722ff7f8 | 23 | #include "tmp-objdir.h" |
ab6eea6f | 24 | #include "oidset.h" |
575f4974 | 25 | |
1b68387e SS |
26 | static const char * const receive_pack_usage[] = { |
27 | N_("git receive-pack <git-dir>"), | |
28 | NULL | |
29 | }; | |
575f4974 | 30 | |
986e8239 | 31 | enum deny_action { |
3d95d92b | 32 | DENY_UNCONFIGURED, |
986e8239 JK |
33 | DENY_IGNORE, |
34 | DENY_WARN, | |
1404bcbb JS |
35 | DENY_REFUSE, |
36 | DENY_UPDATE_INSTEAD | |
986e8239 JK |
37 | }; |
38 | ||
1b53a076 JH |
39 | static int deny_deletes; |
40 | static int deny_non_fast_forwards; | |
3d95d92b | 41 | static enum deny_action deny_current_branch = DENY_UNCONFIGURED; |
747ca245 | 42 | static enum deny_action deny_delete_current = DENY_UNCONFIGURED; |
dab76d3a JH |
43 | static int receive_fsck_objects = -1; |
44 | static int transfer_fsck_objects = -1; | |
5d477a33 | 45 | static struct strbuf fsck_msg_types = STRBUF_INIT; |
e28714c5 JH |
46 | static int receive_unpack_limit = -1; |
47 | static int transfer_unpack_limit = -1; | |
1b70fe5d | 48 | static int advertise_atomic_push = 1; |
c714e45f | 49 | static int advertise_push_options; |
46732fae | 50 | static int unpack_limit = 100; |
c08db5a2 | 51 | static off_t max_input_size; |
96f1e58f | 52 | static int report_status; |
38a81b4e | 53 | static int use_sideband; |
68deed29 | 54 | static int use_atomic; |
c714e45f | 55 | static int use_push_options; |
c207e34f | 56 | static int quiet; |
b74fce16 | 57 | static int prefer_ofs_delta = 1; |
77e3efbf JH |
58 | static int auto_update_server_info; |
59 | static int auto_gc = 1; | |
1b68387e | 60 | static int reject_thin; |
5732373d JH |
61 | static int stateless_rpc; |
62 | static const char *service_dir; | |
747ca245 | 63 | static const char *head_name; |
96ec7b1e | 64 | static void *head_name_to_free; |
185c04e0 | 65 | static int sent_capabilities; |
0a1bc12b | 66 | static int shallow_update; |
5dbd7676 | 67 | static const char *alt_shallow_file; |
a85b377d JH |
68 | static struct strbuf push_cert = STRBUF_INIT; |
69 | static unsigned char push_cert_sha1[20]; | |
d05b9618 | 70 | static struct signature_check sigcheck; |
b89363e4 JH |
71 | static const char *push_cert_nonce; |
72 | static const char *cert_nonce_seed; | |
73 | ||
74 | static const char *NONCE_UNSOLICITED = "UNSOLICITED"; | |
75 | static const char *NONCE_BAD = "BAD"; | |
76 | static const char *NONCE_MISSING = "MISSING"; | |
77 | static const char *NONCE_OK = "OK"; | |
5732373d | 78 | static const char *NONCE_SLOP = "SLOP"; |
b89363e4 | 79 | static const char *nonce_status; |
5732373d JH |
80 | static long nonce_stamp_slop; |
81 | static unsigned long nonce_stamp_slop_limit; | |
222368c6 | 82 | static struct ref_transaction *transaction; |
cfee10a7 | 83 | |
83558686 JK |
84 | static enum { |
85 | KEEPALIVE_NEVER = 0, | |
86 | KEEPALIVE_AFTER_NUL, | |
87 | KEEPALIVE_ALWAYS | |
88 | } use_keepalive; | |
89 | static int keepalive_in_sec = 5; | |
90 | ||
722ff7f8 JK |
91 | static struct tmp_objdir *tmp_objdir; |
92 | ||
986e8239 JK |
93 | static enum deny_action parse_deny_action(const char *var, const char *value) |
94 | { | |
95 | if (value) { | |
96 | if (!strcasecmp(value, "ignore")) | |
97 | return DENY_IGNORE; | |
98 | if (!strcasecmp(value, "warn")) | |
99 | return DENY_WARN; | |
100 | if (!strcasecmp(value, "refuse")) | |
101 | return DENY_REFUSE; | |
1404bcbb JS |
102 | if (!strcasecmp(value, "updateinstead")) |
103 | return DENY_UPDATE_INSTEAD; | |
986e8239 JK |
104 | } |
105 | if (git_config_bool(var, value)) | |
106 | return DENY_REFUSE; | |
107 | return DENY_IGNORE; | |
108 | } | |
109 | ||
ef90d6d4 | 110 | static int receive_pack_config(const char *var, const char *value, void *cb) |
6fb75bed | 111 | { |
daebaa78 JH |
112 | int status = parse_hide_refs_config(var, value, "receive"); |
113 | ||
114 | if (status) | |
115 | return status; | |
116 | ||
a240de11 JK |
117 | if (strcmp(var, "receive.denydeletes") == 0) { |
118 | deny_deletes = git_config_bool(var, value); | |
119 | return 0; | |
120 | } | |
121 | ||
e28714c5 | 122 | if (strcmp(var, "receive.denynonfastforwards") == 0) { |
6fb75bed SP |
123 | deny_non_fast_forwards = git_config_bool(var, value); |
124 | return 0; | |
125 | } | |
126 | ||
e28714c5 JH |
127 | if (strcmp(var, "receive.unpacklimit") == 0) { |
128 | receive_unpack_limit = git_config_int(var, value); | |
fc04c412 SP |
129 | return 0; |
130 | } | |
131 | ||
e28714c5 JH |
132 | if (strcmp(var, "transfer.unpacklimit") == 0) { |
133 | transfer_unpack_limit = git_config_int(var, value); | |
134 | return 0; | |
135 | } | |
136 | ||
cd94c6f9 JS |
137 | if (strcmp(var, "receive.fsck.skiplist") == 0) { |
138 | const char *path; | |
139 | ||
140 | if (git_config_pathname(&path, var, value)) | |
141 | return 1; | |
142 | strbuf_addf(&fsck_msg_types, "%cskiplist=%s", | |
143 | fsck_msg_types.len ? ',' : '=', path); | |
144 | free((char *)path); | |
145 | return 0; | |
146 | } | |
147 | ||
5d477a33 JS |
148 | if (skip_prefix(var, "receive.fsck.", &var)) { |
149 | if (is_valid_msg_type(var, value)) | |
150 | strbuf_addf(&fsck_msg_types, "%c%s=%s", | |
151 | fsck_msg_types.len ? ',' : '=', var, value); | |
152 | else | |
153 | warning("Skipping unknown msg id '%s'", var); | |
154 | return 0; | |
155 | } | |
156 | ||
20dc0016 MK |
157 | if (strcmp(var, "receive.fsckobjects") == 0) { |
158 | receive_fsck_objects = git_config_bool(var, value); | |
159 | return 0; | |
160 | } | |
161 | ||
dab76d3a JH |
162 | if (strcmp(var, "transfer.fsckobjects") == 0) { |
163 | transfer_fsck_objects = git_config_bool(var, value); | |
164 | return 0; | |
165 | } | |
166 | ||
986e8239 JK |
167 | if (!strcmp(var, "receive.denycurrentbranch")) { |
168 | deny_current_branch = parse_deny_action(var, value); | |
169 | return 0; | |
170 | } | |
171 | ||
747ca245 JH |
172 | if (strcmp(var, "receive.denydeletecurrent") == 0) { |
173 | deny_delete_current = parse_deny_action(var, value); | |
174 | return 0; | |
175 | } | |
176 | ||
b74fce16 NP |
177 | if (strcmp(var, "repack.usedeltabaseoffset") == 0) { |
178 | prefer_ofs_delta = git_config_bool(var, value); | |
179 | return 0; | |
180 | } | |
181 | ||
77e3efbf JH |
182 | if (strcmp(var, "receive.updateserverinfo") == 0) { |
183 | auto_update_server_info = git_config_bool(var, value); | |
184 | return 0; | |
185 | } | |
186 | ||
187 | if (strcmp(var, "receive.autogc") == 0) { | |
188 | auto_gc = git_config_bool(var, value); | |
189 | return 0; | |
190 | } | |
191 | ||
0a1bc12b NTND |
192 | if (strcmp(var, "receive.shallowupdate") == 0) { |
193 | shallow_update = git_config_bool(var, value); | |
194 | return 0; | |
195 | } | |
196 | ||
b89363e4 JH |
197 | if (strcmp(var, "receive.certnonceseed") == 0) |
198 | return git_config_string(&cert_nonce_seed, var, value); | |
a85b377d | 199 | |
5732373d JH |
200 | if (strcmp(var, "receive.certnonceslop") == 0) { |
201 | nonce_stamp_slop_limit = git_config_ulong(var, value); | |
202 | return 0; | |
203 | } | |
204 | ||
1b70fe5d RS |
205 | if (strcmp(var, "receive.advertiseatomic") == 0) { |
206 | advertise_atomic_push = git_config_bool(var, value); | |
207 | return 0; | |
208 | } | |
209 | ||
c714e45f SB |
210 | if (strcmp(var, "receive.advertisepushoptions") == 0) { |
211 | advertise_push_options = git_config_bool(var, value); | |
212 | return 0; | |
213 | } | |
214 | ||
83558686 JK |
215 | if (strcmp(var, "receive.keepalive") == 0) { |
216 | keepalive_in_sec = git_config_int(var, value); | |
217 | return 0; | |
218 | } | |
219 | ||
c08db5a2 JK |
220 | if (strcmp(var, "receive.maxinputsize") == 0) { |
221 | max_input_size = git_config_int64(var, value); | |
222 | return 0; | |
223 | } | |
224 | ||
ef90d6d4 | 225 | return git_default_config(var, value, cb); |
6fb75bed SP |
226 | } |
227 | ||
bc98201d | 228 | static void show_ref(const char *path, const unsigned char *sha1) |
575f4974 | 229 | { |
52d2ae58 | 230 | if (sent_capabilities) { |
81c634e9 | 231 | packet_write_fmt(1, "%s %s\n", sha1_to_hex(sha1), path); |
52d2ae58 JH |
232 | } else { |
233 | struct strbuf cap = STRBUF_INIT; | |
234 | ||
235 | strbuf_addstr(&cap, | |
236 | "report-status delete-refs side-band-64k quiet"); | |
1b70fe5d RS |
237 | if (advertise_atomic_push) |
238 | strbuf_addstr(&cap, " atomic"); | |
52d2ae58 JH |
239 | if (prefer_ofs_delta) |
240 | strbuf_addstr(&cap, " ofs-delta"); | |
b89363e4 JH |
241 | if (push_cert_nonce) |
242 | strbuf_addf(&cap, " push-cert=%s", push_cert_nonce); | |
c714e45f SB |
243 | if (advertise_push_options) |
244 | strbuf_addstr(&cap, " push-options"); | |
52d2ae58 | 245 | strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized()); |
81c634e9 | 246 | packet_write_fmt(1, "%s %s%c%s\n", |
52d2ae58 JH |
247 | sha1_to_hex(sha1), path, 0, cap.buf); |
248 | strbuf_release(&cap); | |
249 | sent_capabilities = 1; | |
250 | } | |
575f4974 LT |
251 | } |
252 | ||
78a766ab | 253 | static int show_ref_cb(const char *path_full, const struct object_id *oid, |
8b24b9e7 | 254 | int flag, void *data) |
6b01ecfe | 255 | { |
8b24b9e7 | 256 | struct oidset *seen = data; |
78a766ab LF |
257 | const char *path = strip_namespace(path_full); |
258 | ||
259 | if (ref_is_hidden(path, path_full)) | |
260 | return 0; | |
261 | ||
6b01ecfe JT |
262 | /* |
263 | * Advertise refs outside our current namespace as ".have" | |
264 | * refs, so that the client can use them to minimize data | |
fea6c47f | 265 | * transfer but will otherwise ignore them. |
6b01ecfe | 266 | */ |
8b24b9e7 JK |
267 | if (!path) { |
268 | if (oidset_insert(seen, oid)) | |
269 | return 0; | |
6b01ecfe | 270 | path = ".have"; |
63d428e6 JK |
271 | } else { |
272 | oidset_insert(seen, oid); | |
8b24b9e7 | 273 | } |
ce2a9873 | 274 | show_ref(path, oid->hash); |
bc98201d | 275 | return 0; |
6b01ecfe JT |
276 | } |
277 | ||
ab6eea6f JK |
278 | static void show_one_alternate_ref(const char *refname, |
279 | const struct object_id *oid, | |
280 | void *data) | |
b7a025d9 | 281 | { |
ab6eea6f | 282 | struct oidset *seen = data; |
b7a025d9 | 283 | |
ab6eea6f JK |
284 | if (oidset_insert(seen, oid)) |
285 | return; | |
286 | ||
287 | show_ref(".have", oid->hash); | |
6b01ecfe JT |
288 | } |
289 | ||
8a65ff76 | 290 | static void write_head_info(void) |
575f4974 | 291 | { |
ab6eea6f | 292 | static struct oidset seen = OIDSET_INIT; |
2b2a5be3 | 293 | |
63d428e6 | 294 | for_each_ref(show_ref_cb, &seen); |
ab6eea6f JK |
295 | for_each_alternate_ref(show_one_alternate_ref, &seen); |
296 | oidset_clear(&seen); | |
185c04e0 | 297 | if (!sent_capabilities) |
bc98201d | 298 | show_ref("capabilities^{}", null_sha1); |
cfee10a7 | 299 | |
ad491366 NTND |
300 | advertise_shallow_grafts(1); |
301 | ||
b7a025d9 MH |
302 | /* EOF */ |
303 | packet_flush(1); | |
575f4974 LT |
304 | } |
305 | ||
eb1af2df LT |
306 | struct command { |
307 | struct command *next; | |
cfee10a7 | 308 | const char *error_string; |
160b81ed PYH |
309 | unsigned int skip_update:1, |
310 | did_not_exist:1; | |
5dbd7676 | 311 | int index; |
9c44ea44 | 312 | struct object_id old_oid; |
313 | struct object_id new_oid; | |
8f1d2e6f | 314 | char ref_name[FLEX_ARRAY]; /* more */ |
575f4974 LT |
315 | }; |
316 | ||
466dbc42 SP |
317 | static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2))); |
318 | static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2))); | |
319 | ||
320 | static void report_message(const char *prefix, const char *err, va_list params) | |
321 | { | |
b7115a35 | 322 | int sz; |
466dbc42 SP |
323 | char msg[4096]; |
324 | ||
b7115a35 | 325 | sz = xsnprintf(msg, sizeof(msg), "%s", prefix); |
466dbc42 SP |
326 | sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params); |
327 | if (sz > (sizeof(msg) - 1)) | |
328 | sz = sizeof(msg) - 1; | |
329 | msg[sz++] = '\n'; | |
330 | ||
331 | if (use_sideband) | |
332 | send_sideband(1, 2, msg, sz, use_sideband); | |
333 | else | |
334 | xwrite(2, msg, sz); | |
335 | } | |
336 | ||
337 | static void rp_warning(const char *err, ...) | |
338 | { | |
339 | va_list params; | |
340 | va_start(params, err); | |
341 | report_message("warning: ", err, params); | |
342 | va_end(params); | |
343 | } | |
344 | ||
345 | static void rp_error(const char *err, ...) | |
346 | { | |
347 | va_list params; | |
348 | va_start(params, err); | |
349 | report_message("error: ", err, params); | |
350 | va_end(params); | |
351 | } | |
352 | ||
6d525d38 SP |
353 | static int copy_to_sideband(int in, int out, void *arg) |
354 | { | |
355 | char data[128]; | |
83558686 JK |
356 | int keepalive_active = 0; |
357 | ||
358 | if (keepalive_in_sec <= 0) | |
359 | use_keepalive = KEEPALIVE_NEVER; | |
360 | if (use_keepalive == KEEPALIVE_ALWAYS) | |
361 | keepalive_active = 1; | |
362 | ||
6d525d38 | 363 | while (1) { |
83558686 JK |
364 | ssize_t sz; |
365 | ||
366 | if (keepalive_active) { | |
367 | struct pollfd pfd; | |
368 | int ret; | |
369 | ||
370 | pfd.fd = in; | |
371 | pfd.events = POLLIN; | |
372 | ret = poll(&pfd, 1, 1000 * keepalive_in_sec); | |
373 | ||
374 | if (ret < 0) { | |
375 | if (errno == EINTR) | |
376 | continue; | |
377 | else | |
378 | break; | |
379 | } else if (ret == 0) { | |
380 | /* no data; send a keepalive packet */ | |
381 | static const char buf[] = "0005\1"; | |
382 | write_or_die(1, buf, sizeof(buf) - 1); | |
383 | continue; | |
384 | } /* else there is actual data to read */ | |
385 | } | |
386 | ||
387 | sz = xread(in, data, sizeof(data)); | |
6d525d38 SP |
388 | if (sz <= 0) |
389 | break; | |
83558686 JK |
390 | |
391 | if (use_keepalive == KEEPALIVE_AFTER_NUL && !keepalive_active) { | |
392 | const char *p = memchr(data, '\0', sz); | |
393 | if (p) { | |
394 | /* | |
395 | * The NUL tells us to start sending keepalives. Make | |
396 | * sure we send any other data we read along | |
397 | * with it. | |
398 | */ | |
399 | keepalive_active = 1; | |
400 | send_sideband(1, 2, data, p - data, use_sideband); | |
401 | send_sideband(1, 2, p + 1, sz - (p - data + 1), use_sideband); | |
402 | continue; | |
403 | } | |
404 | } | |
405 | ||
406 | /* | |
407 | * Either we're not looking for a NUL signal, or we didn't see | |
408 | * it yet; just pass along the data. | |
409 | */ | |
6d525d38 SP |
410 | send_sideband(1, 2, data, sz, use_sideband); |
411 | } | |
412 | close(in); | |
413 | return 0; | |
414 | } | |
415 | ||
b89363e4 JH |
416 | #define HMAC_BLOCK_SIZE 64 |
417 | ||
6f5ef44e | 418 | static void hmac_sha1(unsigned char *out, |
b89363e4 JH |
419 | const char *key_in, size_t key_len, |
420 | const char *text, size_t text_len) | |
421 | { | |
422 | unsigned char key[HMAC_BLOCK_SIZE]; | |
423 | unsigned char k_ipad[HMAC_BLOCK_SIZE]; | |
424 | unsigned char k_opad[HMAC_BLOCK_SIZE]; | |
425 | int i; | |
426 | git_SHA_CTX ctx; | |
427 | ||
428 | /* RFC 2104 2. (1) */ | |
429 | memset(key, '\0', HMAC_BLOCK_SIZE); | |
430 | if (HMAC_BLOCK_SIZE < key_len) { | |
431 | git_SHA1_Init(&ctx); | |
432 | git_SHA1_Update(&ctx, key_in, key_len); | |
433 | git_SHA1_Final(key, &ctx); | |
434 | } else { | |
435 | memcpy(key, key_in, key_len); | |
436 | } | |
437 | ||
438 | /* RFC 2104 2. (2) & (5) */ | |
439 | for (i = 0; i < sizeof(key); i++) { | |
440 | k_ipad[i] = key[i] ^ 0x36; | |
441 | k_opad[i] = key[i] ^ 0x5c; | |
442 | } | |
443 | ||
444 | /* RFC 2104 2. (3) & (4) */ | |
445 | git_SHA1_Init(&ctx); | |
446 | git_SHA1_Update(&ctx, k_ipad, sizeof(k_ipad)); | |
447 | git_SHA1_Update(&ctx, text, text_len); | |
448 | git_SHA1_Final(out, &ctx); | |
449 | ||
450 | /* RFC 2104 2. (6) & (7) */ | |
451 | git_SHA1_Init(&ctx); | |
452 | git_SHA1_Update(&ctx, k_opad, sizeof(k_opad)); | |
6f5ef44e | 453 | git_SHA1_Update(&ctx, out, 20); |
b89363e4 JH |
454 | git_SHA1_Final(out, &ctx); |
455 | } | |
456 | ||
457 | static char *prepare_push_cert_nonce(const char *path, unsigned long stamp) | |
458 | { | |
459 | struct strbuf buf = STRBUF_INIT; | |
460 | unsigned char sha1[20]; | |
461 | ||
462 | strbuf_addf(&buf, "%s:%lu", path, stamp); | |
463 | hmac_sha1(sha1, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));; | |
464 | strbuf_release(&buf); | |
465 | ||
466 | /* RFC 2104 5. HMAC-SHA1-80 */ | |
467 | strbuf_addf(&buf, "%lu-%.*s", stamp, 20, sha1_to_hex(sha1)); | |
468 | return strbuf_detach(&buf, NULL); | |
469 | } | |
470 | ||
471 | /* | |
472 | * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing | |
473 | * after dropping "_commit" from its name and possibly moving it out | |
474 | * of commit.c | |
475 | */ | |
476 | static char *find_header(const char *msg, size_t len, const char *key) | |
477 | { | |
478 | int key_len = strlen(key); | |
479 | const char *line = msg; | |
480 | ||
481 | while (line && line < msg + len) { | |
482 | const char *eol = strchrnul(line, '\n'); | |
483 | ||
484 | if ((msg + len <= eol) || line == eol) | |
485 | return NULL; | |
486 | if (line + key_len < eol && | |
487 | !memcmp(line, key, key_len) && line[key_len] == ' ') { | |
488 | int offset = key_len + 1; | |
489 | return xmemdupz(line + offset, (eol - line) - offset); | |
490 | } | |
491 | line = *eol ? eol + 1 : NULL; | |
492 | } | |
493 | return NULL; | |
494 | } | |
495 | ||
496 | static const char *check_nonce(const char *buf, size_t len) | |
497 | { | |
498 | char *nonce = find_header(buf, len, "nonce"); | |
5732373d JH |
499 | unsigned long stamp, ostamp; |
500 | char *bohmac, *expect = NULL; | |
b89363e4 JH |
501 | const char *retval = NONCE_BAD; |
502 | ||
503 | if (!nonce) { | |
504 | retval = NONCE_MISSING; | |
505 | goto leave; | |
506 | } else if (!push_cert_nonce) { | |
507 | retval = NONCE_UNSOLICITED; | |
508 | goto leave; | |
509 | } else if (!strcmp(push_cert_nonce, nonce)) { | |
510 | retval = NONCE_OK; | |
511 | goto leave; | |
512 | } | |
513 | ||
5732373d JH |
514 | if (!stateless_rpc) { |
515 | /* returned nonce MUST match what we gave out earlier */ | |
516 | retval = NONCE_BAD; | |
517 | goto leave; | |
518 | } | |
519 | ||
520 | /* | |
521 | * In stateless mode, we may be receiving a nonce issued by | |
522 | * another instance of the server that serving the same | |
523 | * repository, and the timestamps may not match, but the | |
524 | * nonce-seed and dir should match, so we can recompute and | |
525 | * report the time slop. | |
526 | * | |
527 | * In addition, when a nonce issued by another instance has | |
528 | * timestamp within receive.certnonceslop seconds, we pretend | |
529 | * as if we issued that nonce when reporting to the hook. | |
530 | */ | |
531 | ||
532 | /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */ | |
533 | if (*nonce <= '0' || '9' < *nonce) { | |
534 | retval = NONCE_BAD; | |
535 | goto leave; | |
536 | } | |
537 | stamp = strtoul(nonce, &bohmac, 10); | |
538 | if (bohmac == nonce || bohmac[0] != '-') { | |
539 | retval = NONCE_BAD; | |
540 | goto leave; | |
541 | } | |
542 | ||
543 | expect = prepare_push_cert_nonce(service_dir, stamp); | |
544 | if (strcmp(expect, nonce)) { | |
545 | /* Not what we would have signed earlier */ | |
546 | retval = NONCE_BAD; | |
547 | goto leave; | |
548 | } | |
549 | ||
550 | /* | |
551 | * By how many seconds is this nonce stale? Negative value | |
552 | * would mean it was issued by another server with its clock | |
553 | * skewed in the future. | |
554 | */ | |
555 | ostamp = strtoul(push_cert_nonce, NULL, 10); | |
556 | nonce_stamp_slop = (long)ostamp - (long)stamp; | |
557 | ||
558 | if (nonce_stamp_slop_limit && | |
31a8aa1e | 559 | labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) { |
5732373d JH |
560 | /* |
561 | * Pretend as if the received nonce (which passes the | |
562 | * HMAC check, so it is not a forged by third-party) | |
563 | * is what we issued. | |
564 | */ | |
565 | free((void *)push_cert_nonce); | |
566 | push_cert_nonce = xstrdup(nonce); | |
567 | retval = NONCE_OK; | |
568 | } else { | |
569 | retval = NONCE_SLOP; | |
570 | } | |
b89363e4 JH |
571 | |
572 | leave: | |
573 | free(nonce); | |
5732373d | 574 | free(expect); |
b89363e4 JH |
575 | return retval; |
576 | } | |
577 | ||
a85b377d JH |
578 | static void prepare_push_cert_sha1(struct child_process *proc) |
579 | { | |
580 | static int already_done; | |
a85b377d JH |
581 | |
582 | if (!push_cert.len) | |
583 | return; | |
584 | ||
585 | if (!already_done) { | |
d05b9618 JH |
586 | struct strbuf gpg_output = STRBUF_INIT; |
587 | struct strbuf gpg_status = STRBUF_INIT; | |
588 | int bogs /* beginning_of_gpg_sig */; | |
589 | ||
a85b377d JH |
590 | already_done = 1; |
591 | if (write_sha1_file(push_cert.buf, push_cert.len, "blob", push_cert_sha1)) | |
592 | hashclr(push_cert_sha1); | |
d05b9618 JH |
593 | |
594 | memset(&sigcheck, '\0', sizeof(sigcheck)); | |
595 | sigcheck.result = 'N'; | |
596 | ||
597 | bogs = parse_signature(push_cert.buf, push_cert.len); | |
598 | if (verify_signed_buffer(push_cert.buf, bogs, | |
599 | push_cert.buf + bogs, push_cert.len - bogs, | |
600 | &gpg_output, &gpg_status) < 0) { | |
601 | ; /* error running gpg */ | |
602 | } else { | |
603 | sigcheck.payload = push_cert.buf; | |
604 | sigcheck.gpg_output = gpg_output.buf; | |
605 | sigcheck.gpg_status = gpg_status.buf; | |
606 | parse_gpg_output(&sigcheck); | |
607 | } | |
608 | ||
609 | strbuf_release(&gpg_output); | |
610 | strbuf_release(&gpg_status); | |
b89363e4 | 611 | nonce_status = check_nonce(push_cert.buf, bogs); |
a85b377d JH |
612 | } |
613 | if (!is_null_sha1(push_cert_sha1)) { | |
a9154590 RS |
614 | argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT=%s", |
615 | sha1_to_hex(push_cert_sha1)); | |
616 | argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_SIGNER=%s", | |
d05b9618 | 617 | sigcheck.signer ? sigcheck.signer : ""); |
a9154590 | 618 | argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_KEY=%s", |
d05b9618 | 619 | sigcheck.key ? sigcheck.key : ""); |
a9154590 RS |
620 | argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_STATUS=%c", |
621 | sigcheck.result); | |
b89363e4 | 622 | if (push_cert_nonce) { |
a9154590 RS |
623 | argv_array_pushf(&proc->env_array, |
624 | "GIT_PUSH_CERT_NONCE=%s", | |
625 | push_cert_nonce); | |
626 | argv_array_pushf(&proc->env_array, | |
627 | "GIT_PUSH_CERT_NONCE_STATUS=%s", | |
628 | nonce_status); | |
5732373d | 629 | if (nonce_status == NONCE_SLOP) |
a9154590 RS |
630 | argv_array_pushf(&proc->env_array, |
631 | "GIT_PUSH_CERT_NONCE_SLOP=%ld", | |
5732373d | 632 | nonce_stamp_slop); |
b89363e4 | 633 | } |
a85b377d JH |
634 | } |
635 | } | |
636 | ||
77a9745d SB |
637 | struct receive_hook_feed_state { |
638 | struct command *cmd; | |
639 | int skip_broken; | |
640 | struct strbuf buf; | |
641 | const struct string_list *push_options; | |
642 | }; | |
643 | ||
9684e44a | 644 | typedef int (*feed_fn)(void *, const char **, size_t *); |
77a9745d SB |
645 | static int run_and_feed_hook(const char *hook_name, feed_fn feed, |
646 | struct receive_hook_feed_state *feed_state) | |
b1bf95bb | 647 | { |
d3180279 | 648 | struct child_process proc = CHILD_PROCESS_INIT; |
6d525d38 | 649 | struct async muxer; |
f43cd49f | 650 | const char *argv[2]; |
9684e44a | 651 | int code; |
b1bf95bb | 652 | |
5a7da2dc AS |
653 | argv[0] = find_hook(hook_name); |
654 | if (!argv[0]) | |
b1bf95bb | 655 | return 0; |
c8dd2771 | 656 | |
f43cd49f SP |
657 | argv[1] = NULL; |
658 | ||
f43cd49f SP |
659 | proc.argv = argv; |
660 | proc.in = -1; | |
661 | proc.stdout_to_stderr = 1; | |
77a9745d SB |
662 | if (feed_state->push_options) { |
663 | int i; | |
664 | for (i = 0; i < feed_state->push_options->nr; i++) | |
665 | argv_array_pushf(&proc.env_array, | |
666 | "GIT_PUSH_OPTION_%d=%s", i, | |
667 | feed_state->push_options->items[i].string); | |
668 | argv_array_pushf(&proc.env_array, "GIT_PUSH_OPTION_COUNT=%d", | |
669 | feed_state->push_options->nr); | |
670 | } else | |
671 | argv_array_pushf(&proc.env_array, "GIT_PUSH_OPTION_COUNT"); | |
f43cd49f | 672 | |
722ff7f8 JK |
673 | if (tmp_objdir) |
674 | argv_array_pushv(&proc.env_array, tmp_objdir_env(tmp_objdir)); | |
675 | ||
6d525d38 SP |
676 | if (use_sideband) { |
677 | memset(&muxer, 0, sizeof(muxer)); | |
678 | muxer.proc = copy_to_sideband; | |
679 | muxer.in = -1; | |
680 | code = start_async(&muxer); | |
681 | if (code) | |
682 | return code; | |
683 | proc.err = muxer.in; | |
684 | } | |
685 | ||
5d222c09 RS |
686 | prepare_push_cert_sha1(&proc); |
687 | ||
f43cd49f | 688 | code = start_command(&proc); |
6d525d38 SP |
689 | if (code) { |
690 | if (use_sideband) | |
691 | finish_async(&muxer); | |
90e41a89 | 692 | return code; |
6d525d38 SP |
693 | } |
694 | ||
ec7dbd14 JH |
695 | sigchain_push(SIGPIPE, SIG_IGN); |
696 | ||
9684e44a JH |
697 | while (1) { |
698 | const char *buf; | |
699 | size_t n; | |
700 | if (feed(feed_state, &buf, &n)) | |
701 | break; | |
702 | if (write_in_full(proc.in, buf, n) != n) | |
703 | break; | |
c8dd2771 | 704 | } |
e72ae288 | 705 | close(proc.in); |
6d525d38 SP |
706 | if (use_sideband) |
707 | finish_async(&muxer); | |
ec7dbd14 JH |
708 | |
709 | sigchain_pop(SIGPIPE); | |
710 | ||
90e41a89 | 711 | return finish_command(&proc); |
b1bf95bb JW |
712 | } |
713 | ||
9684e44a JH |
714 | static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep) |
715 | { | |
716 | struct receive_hook_feed_state *state = state_; | |
717 | struct command *cmd = state->cmd; | |
718 | ||
cdc2b2f3 JH |
719 | while (cmd && |
720 | state->skip_broken && (cmd->error_string || cmd->did_not_exist)) | |
9684e44a JH |
721 | cmd = cmd->next; |
722 | if (!cmd) | |
723 | return -1; /* EOF */ | |
724 | strbuf_reset(&state->buf); | |
725 | strbuf_addf(&state->buf, "%s %s %s\n", | |
9c44ea44 | 726 | oid_to_hex(&cmd->old_oid), oid_to_hex(&cmd->new_oid), |
9684e44a JH |
727 | cmd->ref_name); |
728 | state->cmd = cmd->next; | |
729 | if (bufp) { | |
730 | *bufp = state->buf.buf; | |
731 | *sizep = state->buf.len; | |
732 | } | |
733 | return 0; | |
734 | } | |
735 | ||
77a9745d SB |
736 | static int run_receive_hook(struct command *commands, |
737 | const char *hook_name, | |
738 | int skip_broken, | |
739 | const struct string_list *push_options) | |
9684e44a JH |
740 | { |
741 | struct receive_hook_feed_state state; | |
742 | int status; | |
743 | ||
744 | strbuf_init(&state.buf, 0); | |
745 | state.cmd = commands; | |
cdc2b2f3 | 746 | state.skip_broken = skip_broken; |
9684e44a JH |
747 | if (feed_receive_hook(&state, NULL, NULL)) |
748 | return 0; | |
749 | state.cmd = commands; | |
77a9745d | 750 | state.push_options = push_options; |
9684e44a JH |
751 | status = run_and_feed_hook(hook_name, feed_receive_hook, &state); |
752 | strbuf_release(&state.buf); | |
753 | return status; | |
754 | } | |
755 | ||
1d9e8b56 SP |
756 | static int run_update_hook(struct command *cmd) |
757 | { | |
1d9e8b56 | 758 | const char *argv[5]; |
d3180279 | 759 | struct child_process proc = CHILD_PROCESS_INIT; |
6d525d38 | 760 | int code; |
1d9e8b56 | 761 | |
5a7da2dc AS |
762 | argv[0] = find_hook("update"); |
763 | if (!argv[0]) | |
1d9e8b56 SP |
764 | return 0; |
765 | ||
1d9e8b56 | 766 | argv[1] = cmd->ref_name; |
9c44ea44 | 767 | argv[2] = oid_to_hex(&cmd->old_oid); |
768 | argv[3] = oid_to_hex(&cmd->new_oid); | |
1d9e8b56 SP |
769 | argv[4] = NULL; |
770 | ||
6d525d38 SP |
771 | proc.no_stdin = 1; |
772 | proc.stdout_to_stderr = 1; | |
773 | proc.err = use_sideband ? -1 : 0; | |
774 | proc.argv = argv; | |
722ff7f8 | 775 | proc.env = tmp_objdir_env(tmp_objdir); |
6d525d38 SP |
776 | |
777 | code = start_command(&proc); | |
778 | if (code) | |
779 | return code; | |
780 | if (use_sideband) | |
781 | copy_to_sideband(proc.err, -1, NULL); | |
782 | return finish_command(&proc); | |
1d9e8b56 SP |
783 | } |
784 | ||
986e8239 JK |
785 | static int is_ref_checked_out(const char *ref) |
786 | { | |
986e8239 JK |
787 | if (is_bare_repository()) |
788 | return 0; | |
789 | ||
747ca245 | 790 | if (!head_name) |
986e8239 | 791 | return 0; |
747ca245 | 792 | return !strcmp(head_name, ref); |
986e8239 JK |
793 | } |
794 | ||
8ba35a2d VA |
795 | static char *refuse_unconfigured_deny_msg = |
796 | N_("By default, updating the current branch in a non-bare repository\n" | |
797 | "is denied, because it will make the index and work tree inconsistent\n" | |
798 | "with what you pushed, and will require 'git reset --hard' to match\n" | |
799 | "the work tree to HEAD.\n" | |
800 | "\n" | |
2ddaa427 AH |
801 | "You can set the 'receive.denyCurrentBranch' configuration variable\n" |
802 | "to 'ignore' or 'warn' in the remote repository to allow pushing into\n" | |
8ba35a2d VA |
803 | "its current branch; however, this is not recommended unless you\n" |
804 | "arranged to update its work tree to match what you pushed in some\n" | |
805 | "other way.\n" | |
806 | "\n" | |
807 | "To squelch this message and still keep the default behaviour, set\n" | |
808 | "'receive.denyCurrentBranch' configuration variable to 'refuse'."); | |
3d95d92b | 809 | |
acd2a45b | 810 | static void refuse_unconfigured_deny(void) |
3d95d92b | 811 | { |
8ba35a2d | 812 | rp_error("%s", _(refuse_unconfigured_deny_msg)); |
3d95d92b JH |
813 | } |
814 | ||
8ba35a2d VA |
815 | static char *refuse_unconfigured_deny_delete_current_msg = |
816 | N_("By default, deleting the current branch is denied, because the next\n" | |
817 | "'git clone' won't result in any file checked out, causing confusion.\n" | |
818 | "\n" | |
819 | "You can set 'receive.denyDeleteCurrent' configuration variable to\n" | |
820 | "'warn' or 'ignore' in the remote repository to allow deleting the\n" | |
821 | "current branch, with or without a warning message.\n" | |
822 | "\n" | |
823 | "To squelch this message, you can set it to 'refuse'."); | |
747ca245 | 824 | |
375881fa | 825 | static void refuse_unconfigured_deny_delete_current(void) |
747ca245 | 826 | { |
8ba35a2d | 827 | rp_error("%s", _(refuse_unconfigured_deny_delete_current_msg)); |
747ca245 JH |
828 | } |
829 | ||
0a1bc12b NTND |
830 | static int command_singleton_iterator(void *cb_data, unsigned char sha1[20]); |
831 | static int update_shallow_ref(struct command *cmd, struct shallow_info *si) | |
832 | { | |
833 | static struct lock_file shallow_lock; | |
834 | struct sha1_array extra = SHA1_ARRAY_INIT; | |
7043c707 | 835 | struct check_connected_options opt = CHECK_CONNECTED_INIT; |
0a1bc12b NTND |
836 | uint32_t mask = 1 << (cmd->index % 32); |
837 | int i; | |
838 | ||
6aa30857 | 839 | trace_printf_key(&trace_shallow, |
0a1bc12b NTND |
840 | "shallow: update_shallow_ref %s\n", cmd->ref_name); |
841 | for (i = 0; i < si->shallow->nr; i++) | |
842 | if (si->used_shallow[i] && | |
843 | (si->used_shallow[i][cmd->index / 32] & mask) && | |
844 | !delayed_reachability_test(si, i)) | |
ee3051bd | 845 | sha1_array_append(&extra, si->shallow->oid[i].hash); |
0a1bc12b | 846 | |
722ff7f8 | 847 | opt.env = tmp_objdir_env(tmp_objdir); |
7043c707 JK |
848 | setup_alternate_shallow(&shallow_lock, &opt.shallow_file, &extra); |
849 | if (check_connected(command_singleton_iterator, cmd, &opt)) { | |
0a1bc12b NTND |
850 | rollback_lock_file(&shallow_lock); |
851 | sha1_array_clear(&extra); | |
852 | return -1; | |
853 | } | |
854 | ||
855 | commit_lock_file(&shallow_lock); | |
856 | ||
857 | /* | |
858 | * Make sure setup_alternate_shallow() for the next ref does | |
859 | * not lose these new roots.. | |
860 | */ | |
861 | for (i = 0; i < extra.nr; i++) | |
ee3051bd | 862 | register_shallow(extra.oid[i].hash); |
0a1bc12b NTND |
863 | |
864 | si->shallow_ref[cmd->index] = 0; | |
865 | sha1_array_clear(&extra); | |
866 | return 0; | |
867 | } | |
868 | ||
1a51b524 JH |
869 | /* |
870 | * NEEDSWORK: we should consolidate various implementions of "are we | |
871 | * on an unborn branch?" test into one, and make the unified one more | |
872 | * robust. !get_sha1() based check used here and elsewhere would not | |
873 | * allow us to tell an unborn branch from corrupt ref, for example. | |
874 | * For the purpose of fixing "deploy-to-update does not work when | |
875 | * pushing into an empty repository" issue, this should suffice for | |
876 | * now. | |
877 | */ | |
878 | static int head_has_history(void) | |
879 | { | |
880 | unsigned char sha1[20]; | |
881 | ||
882 | return !get_sha1("HEAD", sha1); | |
883 | } | |
884 | ||
21b138d0 JH |
885 | static const char *push_to_deploy(unsigned char *sha1, |
886 | struct argv_array *env, | |
887 | const char *work_tree) | |
1404bcbb JS |
888 | { |
889 | const char *update_refresh[] = { | |
890 | "update-index", "-q", "--ignore-submodules", "--refresh", NULL | |
891 | }; | |
892 | const char *diff_files[] = { | |
893 | "diff-files", "--quiet", "--ignore-submodules", "--", NULL | |
894 | }; | |
895 | const char *diff_index[] = { | |
896 | "diff-index", "--quiet", "--cached", "--ignore-submodules", | |
1a51b524 | 897 | NULL, "--", NULL |
1404bcbb JS |
898 | }; |
899 | const char *read_tree[] = { | |
900 | "read-tree", "-u", "-m", NULL, NULL | |
901 | }; | |
1404bcbb JS |
902 | struct child_process child = CHILD_PROCESS_INIT; |
903 | ||
1404bcbb | 904 | child.argv = update_refresh; |
21b138d0 | 905 | child.env = env->argv; |
1404bcbb JS |
906 | child.dir = work_tree; |
907 | child.no_stdin = 1; | |
908 | child.stdout_to_stderr = 1; | |
909 | child.git_cmd = 1; | |
21b138d0 | 910 | if (run_command(&child)) |
1404bcbb | 911 | return "Up-to-date check failed"; |
1404bcbb JS |
912 | |
913 | /* run_command() does not clean up completely; reinitialize */ | |
914 | child_process_init(&child); | |
915 | child.argv = diff_files; | |
21b138d0 | 916 | child.env = env->argv; |
1404bcbb JS |
917 | child.dir = work_tree; |
918 | child.no_stdin = 1; | |
919 | child.stdout_to_stderr = 1; | |
920 | child.git_cmd = 1; | |
21b138d0 | 921 | if (run_command(&child)) |
1404bcbb | 922 | return "Working directory has unstaged changes"; |
1404bcbb | 923 | |
1a51b524 JH |
924 | /* diff-index with either HEAD or an empty tree */ |
925 | diff_index[4] = head_has_history() ? "HEAD" : EMPTY_TREE_SHA1_HEX; | |
926 | ||
1404bcbb JS |
927 | child_process_init(&child); |
928 | child.argv = diff_index; | |
21b138d0 | 929 | child.env = env->argv; |
1404bcbb JS |
930 | child.no_stdin = 1; |
931 | child.no_stdout = 1; | |
932 | child.stdout_to_stderr = 0; | |
933 | child.git_cmd = 1; | |
21b138d0 | 934 | if (run_command(&child)) |
1404bcbb | 935 | return "Working directory has staged changes"; |
1404bcbb JS |
936 | |
937 | read_tree[3] = sha1_to_hex(sha1); | |
938 | child_process_init(&child); | |
939 | child.argv = read_tree; | |
21b138d0 | 940 | child.env = env->argv; |
1404bcbb JS |
941 | child.dir = work_tree; |
942 | child.no_stdin = 1; | |
943 | child.no_stdout = 1; | |
944 | child.stdout_to_stderr = 0; | |
945 | child.git_cmd = 1; | |
21b138d0 | 946 | if (run_command(&child)) |
1404bcbb | 947 | return "Could not update working tree to new HEAD"; |
1404bcbb | 948 | |
1404bcbb JS |
949 | return NULL; |
950 | } | |
951 | ||
08553319 JH |
952 | static const char *push_to_checkout_hook = "push-to-checkout"; |
953 | ||
954 | static const char *push_to_checkout(unsigned char *sha1, | |
955 | struct argv_array *env, | |
956 | const char *work_tree) | |
957 | { | |
958 | argv_array_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree)); | |
959 | if (run_hook_le(env->argv, push_to_checkout_hook, | |
960 | sha1_to_hex(sha1), NULL)) | |
961 | return "push-to-checkout hook declined"; | |
962 | else | |
963 | return NULL; | |
964 | } | |
965 | ||
21b138d0 JH |
966 | static const char *update_worktree(unsigned char *sha1) |
967 | { | |
968 | const char *retval; | |
969 | const char *work_tree = git_work_tree_cfg ? git_work_tree_cfg : ".."; | |
970 | struct argv_array env = ARGV_ARRAY_INIT; | |
971 | ||
972 | if (is_bare_repository()) | |
973 | return "denyCurrentBranch = updateInstead needs a worktree"; | |
974 | ||
975 | argv_array_pushf(&env, "GIT_DIR=%s", absolute_path(get_git_dir())); | |
976 | ||
08553319 JH |
977 | if (!find_hook(push_to_checkout_hook)) |
978 | retval = push_to_deploy(sha1, &env, work_tree); | |
979 | else | |
980 | retval = push_to_checkout(sha1, &env, work_tree); | |
21b138d0 JH |
981 | |
982 | argv_array_clear(&env); | |
983 | return retval; | |
984 | } | |
985 | ||
0a1bc12b | 986 | static const char *update(struct command *cmd, struct shallow_info *si) |
2eca23da | 987 | { |
cfee10a7 | 988 | const char *name = cmd->ref_name; |
6b01ecfe | 989 | struct strbuf namespaced_name_buf = STRBUF_INIT; |
1404bcbb | 990 | const char *namespaced_name, *ret; |
9c44ea44 | 991 | struct object_id *old_oid = &cmd->old_oid; |
992 | struct object_id *new_oid = &cmd->new_oid; | |
2eca23da | 993 | |
061d6b9a | 994 | /* only refs/... are allowed */ |
59556548 | 995 | if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) { |
466dbc42 | 996 | rp_error("refusing to create funny ref '%s' remotely", name); |
8aaf7d64 | 997 | return "funny refname"; |
cfee10a7 | 998 | } |
d8a1deec | 999 | |
6b01ecfe JT |
1000 | strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name); |
1001 | namespaced_name = strbuf_detach(&namespaced_name_buf, NULL); | |
1002 | ||
1003 | if (is_ref_checked_out(namespaced_name)) { | |
3d95d92b JH |
1004 | switch (deny_current_branch) { |
1005 | case DENY_IGNORE: | |
986e8239 | 1006 | break; |
3d95d92b | 1007 | case DENY_WARN: |
466dbc42 | 1008 | rp_warning("updating the current branch"); |
986e8239 | 1009 | break; |
3d95d92b | 1010 | case DENY_REFUSE: |
acd2a45b | 1011 | case DENY_UNCONFIGURED: |
466dbc42 | 1012 | rp_error("refusing to update checked out branch: %s", name); |
acd2a45b JH |
1013 | if (deny_current_branch == DENY_UNCONFIGURED) |
1014 | refuse_unconfigured_deny(); | |
3d95d92b | 1015 | return "branch is currently checked out"; |
1404bcbb | 1016 | case DENY_UPDATE_INSTEAD: |
9c44ea44 | 1017 | ret = update_worktree(new_oid->hash); |
1404bcbb JS |
1018 | if (ret) |
1019 | return ret; | |
1020 | break; | |
3d95d92b | 1021 | } |
986e8239 JK |
1022 | } |
1023 | ||
9c44ea44 | 1024 | if (!is_null_oid(new_oid) && !has_object_file(new_oid)) { |
8aaf7d64 | 1025 | error("unpack should have generated %s, " |
9c44ea44 | 1026 | "but I can't find it!", oid_to_hex(new_oid)); |
8aaf7d64 | 1027 | return "bad pack"; |
cfee10a7 | 1028 | } |
747ca245 | 1029 | |
9c44ea44 | 1030 | if (!is_null_oid(old_oid) && is_null_oid(new_oid)) { |
59556548 | 1031 | if (deny_deletes && starts_with(name, "refs/heads/")) { |
466dbc42 | 1032 | rp_error("denying ref deletion for %s", name); |
747ca245 JH |
1033 | return "deletion prohibited"; |
1034 | } | |
1035 | ||
b112b14d | 1036 | if (head_name && !strcmp(namespaced_name, head_name)) { |
747ca245 JH |
1037 | switch (deny_delete_current) { |
1038 | case DENY_IGNORE: | |
1039 | break; | |
1040 | case DENY_WARN: | |
466dbc42 | 1041 | rp_warning("deleting the current branch"); |
747ca245 JH |
1042 | break; |
1043 | case DENY_REFUSE: | |
375881fa | 1044 | case DENY_UNCONFIGURED: |
1404bcbb | 1045 | case DENY_UPDATE_INSTEAD: |
375881fa JH |
1046 | if (deny_delete_current == DENY_UNCONFIGURED) |
1047 | refuse_unconfigured_deny_delete_current(); | |
466dbc42 | 1048 | rp_error("refusing to delete the current branch: %s", name); |
747ca245 | 1049 | return "deletion of the current branch prohibited"; |
1404bcbb JS |
1050 | default: |
1051 | return "Invalid denyDeleteCurrent setting"; | |
747ca245 JH |
1052 | } |
1053 | } | |
a240de11 | 1054 | } |
747ca245 | 1055 | |
9c44ea44 | 1056 | if (deny_non_fast_forwards && !is_null_oid(new_oid) && |
1057 | !is_null_oid(old_oid) && | |
59556548 | 1058 | starts_with(name, "refs/heads/")) { |
eab82707 | 1059 | struct object *old_object, *new_object; |
11031d7e | 1060 | struct commit *old_commit, *new_commit; |
11031d7e | 1061 | |
9c44ea44 | 1062 | old_object = parse_object(old_oid->hash); |
1063 | new_object = parse_object(new_oid->hash); | |
eab82707 MK |
1064 | |
1065 | if (!old_object || !new_object || | |
1066 | old_object->type != OBJ_COMMIT || | |
1067 | new_object->type != OBJ_COMMIT) { | |
1068 | error("bad sha1 objects for %s", name); | |
1069 | return "bad ref"; | |
1070 | } | |
1071 | old_commit = (struct commit *)old_object; | |
1072 | new_commit = (struct commit *)new_object; | |
5d55915c | 1073 | if (!in_merge_bases(old_commit, new_commit)) { |
466dbc42 SP |
1074 | rp_error("denying non-fast-forward %s" |
1075 | " (you should pull first)", name); | |
a75d7b54 | 1076 | return "non-fast-forward"; |
8aaf7d64 | 1077 | } |
11031d7e | 1078 | } |
1d9e8b56 | 1079 | if (run_update_hook(cmd)) { |
466dbc42 | 1080 | rp_error("hook declined to update %s", name); |
8aaf7d64 | 1081 | return "hook declined"; |
b1bf95bb | 1082 | } |
3159c8dc | 1083 | |
9c44ea44 | 1084 | if (is_null_oid(new_oid)) { |
222368c6 | 1085 | struct strbuf err = STRBUF_INIT; |
9c44ea44 | 1086 | if (!parse_object(old_oid->hash)) { |
1087 | old_oid = NULL; | |
160b81ed PYH |
1088 | if (ref_exists(name)) { |
1089 | rp_warning("Allowing deletion of corrupt ref."); | |
1090 | } else { | |
1091 | rp_warning("Deleting a non-existent ref."); | |
1092 | cmd->did_not_exist = 1; | |
1093 | } | |
28391a80 | 1094 | } |
222368c6 SB |
1095 | if (ref_transaction_delete(transaction, |
1096 | namespaced_name, | |
9c44ea44 | 1097 | old_oid->hash, |
fb5a6bb6 | 1098 | 0, "push", &err)) { |
222368c6 SB |
1099 | rp_error("%s", err.buf); |
1100 | strbuf_release(&err); | |
8aaf7d64 | 1101 | return "failed to delete"; |
d4f694ba | 1102 | } |
222368c6 | 1103 | strbuf_release(&err); |
8aaf7d64 | 1104 | return NULL; /* good */ |
d4f694ba JH |
1105 | } |
1106 | else { | |
6629ea2d | 1107 | struct strbuf err = STRBUF_INIT; |
0a1bc12b NTND |
1108 | if (shallow_update && si->shallow_ref[cmd->index] && |
1109 | update_shallow_ref(cmd, si)) | |
1110 | return "shallow error"; | |
1111 | ||
222368c6 SB |
1112 | if (ref_transaction_update(transaction, |
1113 | namespaced_name, | |
9c44ea44 | 1114 | new_oid->hash, old_oid->hash, |
1d147bdf | 1115 | 0, "push", |
222368c6 | 1116 | &err)) { |
6629ea2d RS |
1117 | rp_error("%s", err.buf); |
1118 | strbuf_release(&err); | |
222368c6 | 1119 | |
6629ea2d | 1120 | return "failed to update ref"; |
ef203f08 | 1121 | } |
6629ea2d | 1122 | strbuf_release(&err); |
222368c6 | 1123 | |
8aaf7d64 | 1124 | return NULL; /* good */ |
19614330 | 1125 | } |
2eca23da LT |
1126 | } |
1127 | ||
5e1c71fd | 1128 | static void run_update_post_hook(struct command *commands) |
19614330 | 1129 | { |
5e1c71fd | 1130 | struct command *cmd; |
d3180279 | 1131 | struct child_process proc = CHILD_PROCESS_INIT; |
dcf69262 | 1132 | const char *hook; |
19614330 | 1133 | |
5a7da2dc | 1134 | hook = find_hook("post-update"); |
dce96c41 | 1135 | if (!hook) |
3e6e152c | 1136 | return; |
5a7da2dc | 1137 | |
850d2fec | 1138 | for (cmd = commands; cmd; cmd = cmd->next) { |
160b81ed | 1139 | if (cmd->error_string || cmd->did_not_exist) |
19614330 | 1140 | continue; |
dce96c41 RS |
1141 | if (!proc.args.argc) |
1142 | argv_array_push(&proc.args, hook); | |
850d2fec | 1143 | argv_array_push(&proc.args, cmd->ref_name); |
19614330 | 1144 | } |
dce96c41 RS |
1145 | if (!proc.args.argc) |
1146 | return; | |
6d525d38 | 1147 | |
6d525d38 SP |
1148 | proc.no_stdin = 1; |
1149 | proc.stdout_to_stderr = 1; | |
1150 | proc.err = use_sideband ? -1 : 0; | |
6d525d38 SP |
1151 | |
1152 | if (!start_command(&proc)) { | |
1153 | if (use_sideband) | |
1154 | copy_to_sideband(proc.err, -1, NULL); | |
1155 | finish_command(&proc); | |
1156 | } | |
19614330 | 1157 | } |
2eca23da | 1158 | |
da3efdb1 JS |
1159 | static void check_aliased_update(struct command *cmd, struct string_list *list) |
1160 | { | |
6b01ecfe JT |
1161 | struct strbuf buf = STRBUF_INIT; |
1162 | const char *dst_name; | |
da3efdb1 JS |
1163 | struct string_list_item *item; |
1164 | struct command *dst_cmd; | |
cd02599c | 1165 | unsigned char sha1[GIT_MAX_RAWSZ]; |
da3efdb1 JS |
1166 | int flag; |
1167 | ||
6b01ecfe | 1168 | strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name); |
7695d118 | 1169 | dst_name = resolve_ref_unsafe(buf.buf, 0, sha1, &flag); |
6b01ecfe | 1170 | strbuf_release(&buf); |
da3efdb1 JS |
1171 | |
1172 | if (!(flag & REF_ISSYMREF)) | |
1173 | return; | |
1174 | ||
6b01ecfe JT |
1175 | if (!dst_name) { |
1176 | rp_error("refusing update to broken symref '%s'", cmd->ref_name); | |
1177 | cmd->skip_update = 1; | |
1178 | cmd->error_string = "broken symref"; | |
1179 | return; | |
1180 | } | |
ded83936 | 1181 | dst_name = strip_namespace(dst_name); |
6b01ecfe | 1182 | |
e8c8b713 | 1183 | if ((item = string_list_lookup(list, dst_name)) == NULL) |
da3efdb1 JS |
1184 | return; |
1185 | ||
1186 | cmd->skip_update = 1; | |
1187 | ||
1188 | dst_cmd = (struct command *) item->util; | |
1189 | ||
9c44ea44 | 1190 | if (!oidcmp(&cmd->old_oid, &dst_cmd->old_oid) && |
1191 | !oidcmp(&cmd->new_oid, &dst_cmd->new_oid)) | |
da3efdb1 JS |
1192 | return; |
1193 | ||
1194 | dst_cmd->skip_update = 1; | |
1195 | ||
da3efdb1 JS |
1196 | rp_error("refusing inconsistent update between symref '%s' (%s..%s) and" |
1197 | " its target '%s' (%s..%s)", | |
ef2ed501 | 1198 | cmd->ref_name, |
9c44ea44 | 1199 | find_unique_abbrev(cmd->old_oid.hash, DEFAULT_ABBREV), |
1200 | find_unique_abbrev(cmd->new_oid.hash, DEFAULT_ABBREV), | |
ef2ed501 | 1201 | dst_cmd->ref_name, |
9c44ea44 | 1202 | find_unique_abbrev(dst_cmd->old_oid.hash, DEFAULT_ABBREV), |
1203 | find_unique_abbrev(dst_cmd->new_oid.hash, DEFAULT_ABBREV)); | |
da3efdb1 JS |
1204 | |
1205 | cmd->error_string = dst_cmd->error_string = | |
1206 | "inconsistent aliased update"; | |
1207 | } | |
1208 | ||
1209 | static void check_aliased_updates(struct command *commands) | |
1210 | { | |
1211 | struct command *cmd; | |
183113a5 | 1212 | struct string_list ref_list = STRING_LIST_INIT_NODUP; |
da3efdb1 JS |
1213 | |
1214 | for (cmd = commands; cmd; cmd = cmd->next) { | |
1215 | struct string_list_item *item = | |
1d2f80fa | 1216 | string_list_append(&ref_list, cmd->ref_name); |
da3efdb1 JS |
1217 | item->util = (void *)cmd; |
1218 | } | |
3383e199 | 1219 | string_list_sort(&ref_list); |
da3efdb1 | 1220 | |
ef7e93d9 CB |
1221 | for (cmd = commands; cmd; cmd = cmd->next) { |
1222 | if (!cmd->error_string) | |
1223 | check_aliased_update(cmd, &ref_list); | |
1224 | } | |
da3efdb1 JS |
1225 | |
1226 | string_list_clear(&ref_list, 0); | |
1227 | } | |
1228 | ||
52fed6e1 JH |
1229 | static int command_singleton_iterator(void *cb_data, unsigned char sha1[20]) |
1230 | { | |
1231 | struct command **cmd_list = cb_data; | |
1232 | struct command *cmd = *cmd_list; | |
1233 | ||
9c44ea44 | 1234 | if (!cmd || is_null_oid(&cmd->new_oid)) |
52fed6e1 JH |
1235 | return -1; /* end of list */ |
1236 | *cmd_list = NULL; /* this returns only one */ | |
9c44ea44 | 1237 | hashcpy(sha1, cmd->new_oid.hash); |
52fed6e1 JH |
1238 | return 0; |
1239 | } | |
1240 | ||
0a1bc12b NTND |
1241 | static void set_connectivity_errors(struct command *commands, |
1242 | struct shallow_info *si) | |
52fed6e1 JH |
1243 | { |
1244 | struct command *cmd; | |
1245 | ||
1246 | for (cmd = commands; cmd; cmd = cmd->next) { | |
1247 | struct command *singleton = cmd; | |
722ff7f8 JK |
1248 | struct check_connected_options opt = CHECK_CONNECTED_INIT; |
1249 | ||
0a1bc12b NTND |
1250 | if (shallow_update && si->shallow_ref[cmd->index]) |
1251 | /* to be checked in update_shallow_ref() */ | |
1252 | continue; | |
722ff7f8 JK |
1253 | |
1254 | opt.env = tmp_objdir_env(tmp_objdir); | |
7043c707 | 1255 | if (!check_connected(command_singleton_iterator, &singleton, |
722ff7f8 | 1256 | &opt)) |
52fed6e1 | 1257 | continue; |
722ff7f8 | 1258 | |
52fed6e1 JH |
1259 | cmd->error_string = "missing necessary objects"; |
1260 | } | |
1261 | } | |
1262 | ||
0a1bc12b NTND |
1263 | struct iterate_data { |
1264 | struct command *cmds; | |
1265 | struct shallow_info *si; | |
1266 | }; | |
1267 | ||
52fed6e1 JH |
1268 | static int iterate_receive_command_list(void *cb_data, unsigned char sha1[20]) |
1269 | { | |
0a1bc12b NTND |
1270 | struct iterate_data *data = cb_data; |
1271 | struct command **cmd_list = &data->cmds; | |
52fed6e1 JH |
1272 | struct command *cmd = *cmd_list; |
1273 | ||
0a1bc12b NTND |
1274 | for (; cmd; cmd = cmd->next) { |
1275 | if (shallow_update && data->si->shallow_ref[cmd->index]) | |
1276 | /* to be checked in update_shallow_ref() */ | |
1277 | continue; | |
9c44ea44 | 1278 | if (!is_null_oid(&cmd->new_oid) && !cmd->skip_update) { |
1279 | hashcpy(sha1, cmd->new_oid.hash); | |
ee6dfb2d JH |
1280 | *cmd_list = cmd->next; |
1281 | return 0; | |
1282 | } | |
ee6dfb2d JH |
1283 | } |
1284 | *cmd_list = NULL; | |
1285 | return -1; /* end of list */ | |
52fed6e1 JH |
1286 | } |
1287 | ||
daebaa78 JH |
1288 | static void reject_updates_to_hidden(struct command *commands) |
1289 | { | |
78a766ab LF |
1290 | struct strbuf refname_full = STRBUF_INIT; |
1291 | size_t prefix_len; | |
daebaa78 JH |
1292 | struct command *cmd; |
1293 | ||
78a766ab LF |
1294 | strbuf_addstr(&refname_full, get_git_namespace()); |
1295 | prefix_len = refname_full.len; | |
1296 | ||
daebaa78 | 1297 | for (cmd = commands; cmd; cmd = cmd->next) { |
78a766ab LF |
1298 | if (cmd->error_string) |
1299 | continue; | |
1300 | ||
1301 | strbuf_setlen(&refname_full, prefix_len); | |
1302 | strbuf_addstr(&refname_full, cmd->ref_name); | |
1303 | ||
1304 | if (!ref_is_hidden(cmd->ref_name, refname_full.buf)) | |
daebaa78 | 1305 | continue; |
9c44ea44 | 1306 | if (is_null_oid(&cmd->new_oid)) |
daebaa78 JH |
1307 | cmd->error_string = "deny deleting a hidden ref"; |
1308 | else | |
1309 | cmd->error_string = "deny updating a hidden ref"; | |
1310 | } | |
78a766ab LF |
1311 | |
1312 | strbuf_release(&refname_full); | |
daebaa78 JH |
1313 | } |
1314 | ||
a6a84319 SB |
1315 | static int should_process_cmd(struct command *cmd) |
1316 | { | |
1317 | return !cmd->error_string && !cmd->skip_update; | |
1318 | } | |
1319 | ||
1320 | static void warn_if_skipped_connectivity_check(struct command *commands, | |
1321 | struct shallow_info *si) | |
1322 | { | |
1323 | struct command *cmd; | |
1324 | int checked_connectivity = 1; | |
1325 | ||
1326 | for (cmd = commands; cmd; cmd = cmd->next) { | |
1327 | if (should_process_cmd(cmd) && si->shallow_ref[cmd->index]) { | |
1328 | error("BUG: connectivity check has not been run on ref %s", | |
1329 | cmd->ref_name); | |
1330 | checked_connectivity = 0; | |
1331 | } | |
1332 | } | |
1333 | if (!checked_connectivity) | |
b6a47885 | 1334 | die("BUG: connectivity check skipped???"); |
a6a84319 SB |
1335 | } |
1336 | ||
a1a26145 SB |
1337 | static void execute_commands_non_atomic(struct command *commands, |
1338 | struct shallow_info *si) | |
1339 | { | |
1340 | struct command *cmd; | |
222368c6 SB |
1341 | struct strbuf err = STRBUF_INIT; |
1342 | ||
a1a26145 SB |
1343 | for (cmd = commands; cmd; cmd = cmd->next) { |
1344 | if (!should_process_cmd(cmd)) | |
1345 | continue; | |
1346 | ||
222368c6 SB |
1347 | transaction = ref_transaction_begin(&err); |
1348 | if (!transaction) { | |
1349 | rp_error("%s", err.buf); | |
1350 | strbuf_reset(&err); | |
1351 | cmd->error_string = "transaction failed to start"; | |
1352 | continue; | |
1353 | } | |
1354 | ||
a1a26145 | 1355 | cmd->error_string = update(cmd, si); |
222368c6 SB |
1356 | |
1357 | if (!cmd->error_string | |
1358 | && ref_transaction_commit(transaction, &err)) { | |
1359 | rp_error("%s", err.buf); | |
1360 | strbuf_reset(&err); | |
1361 | cmd->error_string = "failed to update ref"; | |
1362 | } | |
1363 | ref_transaction_free(transaction); | |
a1a26145 | 1364 | } |
68deed29 SB |
1365 | strbuf_release(&err); |
1366 | } | |
222368c6 | 1367 | |
68deed29 SB |
1368 | static void execute_commands_atomic(struct command *commands, |
1369 | struct shallow_info *si) | |
1370 | { | |
1371 | struct command *cmd; | |
1372 | struct strbuf err = STRBUF_INIT; | |
1373 | const char *reported_error = "atomic push failure"; | |
1374 | ||
1375 | transaction = ref_transaction_begin(&err); | |
1376 | if (!transaction) { | |
1377 | rp_error("%s", err.buf); | |
1378 | strbuf_reset(&err); | |
1379 | reported_error = "transaction failed to start"; | |
1380 | goto failure; | |
1381 | } | |
1382 | ||
1383 | for (cmd = commands; cmd; cmd = cmd->next) { | |
1384 | if (!should_process_cmd(cmd)) | |
1385 | continue; | |
1386 | ||
1387 | cmd->error_string = update(cmd, si); | |
1388 | ||
1389 | if (cmd->error_string) | |
1390 | goto failure; | |
1391 | } | |
1392 | ||
1393 | if (ref_transaction_commit(transaction, &err)) { | |
1394 | rp_error("%s", err.buf); | |
1395 | reported_error = "atomic transaction failed"; | |
1396 | goto failure; | |
1397 | } | |
1398 | goto cleanup; | |
1399 | ||
1400 | failure: | |
1401 | for (cmd = commands; cmd; cmd = cmd->next) | |
1402 | if (!cmd->error_string) | |
1403 | cmd->error_string = reported_error; | |
1404 | ||
1405 | cleanup: | |
1406 | ref_transaction_free(transaction); | |
222368c6 | 1407 | strbuf_release(&err); |
a1a26145 SB |
1408 | } |
1409 | ||
0a1bc12b NTND |
1410 | static void execute_commands(struct command *commands, |
1411 | const char *unpacker_error, | |
77a9745d SB |
1412 | struct shallow_info *si, |
1413 | const struct string_list *push_options) | |
575f4974 | 1414 | { |
d415092a | 1415 | struct check_connected_options opt = CHECK_CONNECTED_INIT; |
5e1c71fd | 1416 | struct command *cmd; |
2928325f | 1417 | struct object_id oid; |
0a1bc12b | 1418 | struct iterate_data data; |
d415092a JK |
1419 | struct async muxer; |
1420 | int err_fd = 0; | |
8aaf7d64 SP |
1421 | |
1422 | if (unpacker_error) { | |
5e1c71fd | 1423 | for (cmd = commands; cmd; cmd = cmd->next) |
74eb32d3 | 1424 | cmd->error_string = "unpacker error"; |
8aaf7d64 SP |
1425 | return; |
1426 | } | |
1427 | ||
d415092a JK |
1428 | if (use_sideband) { |
1429 | memset(&muxer, 0, sizeof(muxer)); | |
1430 | muxer.proc = copy_to_sideband; | |
1431 | muxer.in = -1; | |
1432 | if (!start_async(&muxer)) | |
1433 | err_fd = muxer.in; | |
1434 | /* ...else, continue without relaying sideband */ | |
1435 | } | |
1436 | ||
0a1bc12b NTND |
1437 | data.cmds = commands; |
1438 | data.si = si; | |
d415092a | 1439 | opt.err_fd = err_fd; |
6b4cd2f8 | 1440 | opt.progress = err_fd && !quiet; |
722ff7f8 | 1441 | opt.env = tmp_objdir_env(tmp_objdir); |
d415092a | 1442 | if (check_connected(iterate_receive_command_list, &data, &opt)) |
0a1bc12b | 1443 | set_connectivity_errors(commands, si); |
52fed6e1 | 1444 | |
d415092a JK |
1445 | if (use_sideband) |
1446 | finish_async(&muxer); | |
1447 | ||
daebaa78 JH |
1448 | reject_updates_to_hidden(commands); |
1449 | ||
77a9745d | 1450 | if (run_receive_hook(commands, "pre-receive", 0, push_options)) { |
ef7e93d9 CB |
1451 | for (cmd = commands; cmd; cmd = cmd->next) { |
1452 | if (!cmd->error_string) | |
1453 | cmd->error_string = "pre-receive hook declined"; | |
1454 | } | |
05ef58ec SP |
1455 | return; |
1456 | } | |
1457 | ||
722ff7f8 JK |
1458 | /* |
1459 | * Now we'll start writing out refs, which means the objects need | |
1460 | * to be in their final positions so that other processes can see them. | |
1461 | */ | |
1462 | if (tmp_objdir_migrate(tmp_objdir) < 0) { | |
1463 | for (cmd = commands; cmd; cmd = cmd->next) { | |
1464 | if (!cmd->error_string) | |
1465 | cmd->error_string = "unable to migrate objects to permanent storage"; | |
1466 | } | |
1467 | return; | |
1468 | } | |
1469 | tmp_objdir = NULL; | |
1470 | ||
da3efdb1 JS |
1471 | check_aliased_updates(commands); |
1472 | ||
96ec7b1e | 1473 | free(head_name_to_free); |
2928325f | 1474 | head_name = head_name_to_free = resolve_refdup("HEAD", 0, oid.hash, NULL); |
747ca245 | 1475 | |
68deed29 SB |
1476 | if (use_atomic) |
1477 | execute_commands_atomic(commands, si); | |
1478 | else | |
1479 | execute_commands_non_atomic(commands, si); | |
0a1bc12b | 1480 | |
a6a84319 SB |
1481 | if (shallow_update) |
1482 | warn_if_skipped_connectivity_check(commands, si); | |
575f4974 LT |
1483 | } |
1484 | ||
39895c74 JH |
1485 | static struct command **queue_command(struct command **tail, |
1486 | const char *line, | |
1487 | int linelen) | |
1488 | { | |
9c44ea44 | 1489 | struct object_id old_oid, new_oid; |
39895c74 JH |
1490 | struct command *cmd; |
1491 | const char *refname; | |
1492 | int reflen; | |
9c44ea44 | 1493 | const char *p; |
39895c74 | 1494 | |
9c44ea44 | 1495 | if (parse_oid_hex(line, &old_oid, &p) || |
1496 | *p++ != ' ' || | |
1497 | parse_oid_hex(p, &new_oid, &p) || | |
1498 | *p++ != ' ') | |
39895c74 JH |
1499 | die("protocol error: expected old/new/ref, got '%s'", line); |
1500 | ||
9c44ea44 | 1501 | refname = p; |
1502 | reflen = linelen - (p - line); | |
ddd0bfac | 1503 | FLEX_ALLOC_MEM(cmd, ref_name, refname, reflen); |
9c44ea44 | 1504 | oidcpy(&cmd->old_oid, &old_oid); |
1505 | oidcpy(&cmd->new_oid, &new_oid); | |
39895c74 JH |
1506 | *tail = cmd; |
1507 | return &cmd->next; | |
1508 | } | |
1509 | ||
4adf569d JH |
1510 | static void queue_commands_from_cert(struct command **tail, |
1511 | struct strbuf *push_cert) | |
1512 | { | |
1513 | const char *boc, *eoc; | |
1514 | ||
1515 | if (*tail) | |
1516 | die("protocol error: got both push certificate and unsigned commands"); | |
1517 | ||
1518 | boc = strstr(push_cert->buf, "\n\n"); | |
1519 | if (!boc) | |
1520 | die("malformed push certificate %.*s", 100, push_cert->buf); | |
1521 | else | |
1522 | boc += 2; | |
1523 | eoc = push_cert->buf + parse_signature(push_cert->buf, push_cert->len); | |
1524 | ||
1525 | while (boc < eoc) { | |
1526 | const char *eol = memchr(boc, '\n', eoc - boc); | |
1527 | tail = queue_command(tail, boc, eol ? eol - boc : eoc - eol); | |
1528 | boc = eol ? eol + 1 : eoc; | |
1529 | } | |
1530 | } | |
1531 | ||
5dbd7676 | 1532 | static struct command *read_head_info(struct sha1_array *shallow) |
575f4974 | 1533 | { |
5e1c71fd | 1534 | struct command *commands = NULL; |
eb1af2df | 1535 | struct command **p = &commands; |
575f4974 | 1536 | for (;;) { |
74543a04 | 1537 | char *line; |
39895c74 | 1538 | int len, linelen; |
eb1af2df | 1539 | |
74543a04 JK |
1540 | line = packet_read_line(0, &len); |
1541 | if (!line) | |
575f4974 | 1542 | break; |
5dbd7676 | 1543 | |
9c44ea44 | 1544 | if (len > 8 && starts_with(line, "shallow ")) { |
1545 | struct object_id oid; | |
1546 | if (get_oid_hex(line + 8, &oid)) | |
c09b71cc JH |
1547 | die("protocol error: expected shallow sha, got '%s'", |
1548 | line + 8); | |
9c44ea44 | 1549 | sha1_array_append(shallow, oid.hash); |
5dbd7676 NTND |
1550 | continue; |
1551 | } | |
1552 | ||
0e3c339b JH |
1553 | linelen = strlen(line); |
1554 | if (linelen < len) { | |
1555 | const char *feature_list = line + linelen + 1; | |
f47182c8 | 1556 | if (parse_feature_request(feature_list, "report-status")) |
cfee10a7 | 1557 | report_status = 1; |
f47182c8 | 1558 | if (parse_feature_request(feature_list, "side-band-64k")) |
38a81b4e | 1559 | use_sideband = LARGE_PACKET_MAX; |
c207e34f CB |
1560 | if (parse_feature_request(feature_list, "quiet")) |
1561 | quiet = 1; | |
1b70fe5d RS |
1562 | if (advertise_atomic_push |
1563 | && parse_feature_request(feature_list, "atomic")) | |
1564 | use_atomic = 1; | |
c714e45f SB |
1565 | if (advertise_push_options |
1566 | && parse_feature_request(feature_list, "push-options")) | |
1567 | use_push_options = 1; | |
cfee10a7 | 1568 | } |
0e3c339b | 1569 | |
a85b377d JH |
1570 | if (!strcmp(line, "push-cert")) { |
1571 | int true_flush = 0; | |
1572 | char certbuf[1024]; | |
1573 | ||
1574 | for (;;) { | |
1575 | len = packet_read(0, NULL, NULL, | |
1576 | certbuf, sizeof(certbuf), 0); | |
1577 | if (!len) { | |
1578 | true_flush = 1; | |
1579 | break; | |
1580 | } | |
1581 | if (!strcmp(certbuf, "push-cert-end\n")) | |
1582 | break; /* end of cert */ | |
1583 | strbuf_addstr(&push_cert, certbuf); | |
1584 | } | |
1585 | ||
1586 | if (true_flush) | |
1587 | break; | |
1588 | continue; | |
1589 | } | |
1590 | ||
39895c74 | 1591 | p = queue_command(p, line, linelen); |
575f4974 | 1592 | } |
4adf569d JH |
1593 | |
1594 | if (push_cert.len) | |
1595 | queue_commands_from_cert(p, &push_cert); | |
1596 | ||
5e1c71fd | 1597 | return commands; |
575f4974 LT |
1598 | } |
1599 | ||
c714e45f SB |
1600 | static void read_push_options(struct string_list *options) |
1601 | { | |
1602 | while (1) { | |
1603 | char *line; | |
1604 | int len; | |
1605 | ||
1606 | line = packet_read_line(0, &len); | |
1607 | ||
1608 | if (!line) | |
1609 | break; | |
1610 | ||
1611 | string_list_append(options, line); | |
1612 | } | |
1613 | } | |
1614 | ||
fc04c412 SP |
1615 | static const char *parse_pack_header(struct pack_header *hdr) |
1616 | { | |
a69e5429 JH |
1617 | switch (read_pack_header(0, hdr)) { |
1618 | case PH_ERROR_EOF: | |
1619 | return "eof before pack header was fully read"; | |
1620 | ||
1621 | case PH_ERROR_PACK_SIGNATURE: | |
fc04c412 | 1622 | return "protocol error (pack signature mismatch detected)"; |
a69e5429 JH |
1623 | |
1624 | case PH_ERROR_PROTOCOL: | |
fc04c412 | 1625 | return "protocol error (pack version unsupported)"; |
a69e5429 JH |
1626 | |
1627 | default: | |
1628 | return "unknown error in parse_pack_header"; | |
1629 | ||
1630 | case 0: | |
1631 | return NULL; | |
1632 | } | |
fc04c412 SP |
1633 | } |
1634 | ||
576162a4 NP |
1635 | static const char *pack_lockfile; |
1636 | ||
5dbd7676 | 1637 | static const char *unpack(int err_fd, struct shallow_info *si) |
575f4974 | 1638 | { |
fc04c412 SP |
1639 | struct pack_header hdr; |
1640 | const char *hdr_err; | |
31c42bff | 1641 | int status; |
fc04c412 | 1642 | char hdr_arg[38]; |
d3180279 | 1643 | struct child_process child = CHILD_PROCESS_INIT; |
dab76d3a JH |
1644 | int fsck_objects = (receive_fsck_objects >= 0 |
1645 | ? receive_fsck_objects | |
1646 | : transfer_fsck_objects >= 0 | |
1647 | ? transfer_fsck_objects | |
1648 | : 0); | |
fc04c412 SP |
1649 | |
1650 | hdr_err = parse_pack_header(&hdr); | |
49ecfa13 JK |
1651 | if (hdr_err) { |
1652 | if (err_fd > 0) | |
1653 | close(err_fd); | |
fc04c412 | 1654 | return hdr_err; |
49ecfa13 | 1655 | } |
6e1c2344 RJ |
1656 | snprintf(hdr_arg, sizeof(hdr_arg), |
1657 | "--pack_header=%"PRIu32",%"PRIu32, | |
fc04c412 SP |
1658 | ntohl(hdr.hdr_version), ntohl(hdr.hdr_entries)); |
1659 | ||
5dbd7676 NTND |
1660 | if (si->nr_ours || si->nr_theirs) { |
1661 | alt_shallow_file = setup_temporary_shallow(si->shallow); | |
64a7e92f RS |
1662 | argv_array_push(&child.args, "--shallow-file"); |
1663 | argv_array_push(&child.args, alt_shallow_file); | |
5dbd7676 NTND |
1664 | } |
1665 | ||
722ff7f8 | 1666 | tmp_objdir = tmp_objdir_create(); |
6cdad1f1 JK |
1667 | if (!tmp_objdir) { |
1668 | if (err_fd > 0) | |
1669 | close(err_fd); | |
722ff7f8 | 1670 | return "unable to create temporary object directory"; |
6cdad1f1 | 1671 | } |
722ff7f8 JK |
1672 | child.env = tmp_objdir_env(tmp_objdir); |
1673 | ||
1674 | /* | |
1675 | * Normally we just pass the tmp_objdir environment to the child | |
1676 | * processes that do the heavy lifting, but we may need to see these | |
1677 | * objects ourselves to set up shallow information. | |
1678 | */ | |
1679 | tmp_objdir_add_as_alternate(tmp_objdir); | |
1680 | ||
fc04c412 | 1681 | if (ntohl(hdr.hdr_entries) < unpack_limit) { |
64a7e92f | 1682 | argv_array_pushl(&child.args, "unpack-objects", hdr_arg, NULL); |
c207e34f | 1683 | if (quiet) |
64a7e92f | 1684 | argv_array_push(&child.args, "-q"); |
dab76d3a | 1685 | if (fsck_objects) |
5d477a33 JS |
1686 | argv_array_pushf(&child.args, "--strict%s", |
1687 | fsck_msg_types.buf); | |
c08db5a2 JK |
1688 | if (max_input_size) |
1689 | argv_array_pushf(&child.args, "--max-input-size=%"PRIuMAX, | |
1690 | (uintmax_t)max_input_size); | |
59bfdfb8 | 1691 | child.no_stdout = 1; |
a22e6f85 | 1692 | child.err = err_fd; |
59bfdfb8 | 1693 | child.git_cmd = 1; |
31c42bff NTND |
1694 | status = run_command(&child); |
1695 | if (status) | |
1696 | return "unpack-objects abnormal exit"; | |
576162a4 | 1697 | } else { |
b26cb7c7 | 1698 | char hostname[256]; |
576162a4 | 1699 | |
64a7e92f | 1700 | argv_array_pushl(&child.args, "index-pack", |
b26cb7c7 JK |
1701 | "--stdin", hdr_arg, NULL); |
1702 | ||
1703 | if (gethostname(hostname, sizeof(hostname))) | |
1704 | xsnprintf(hostname, sizeof(hostname), "localhost"); | |
1705 | argv_array_pushf(&child.args, | |
1706 | "--keep=receive-pack %"PRIuMAX" on %s", | |
1707 | (uintmax_t)getpid(), | |
1708 | hostname); | |
1709 | ||
d06303bb JK |
1710 | if (!quiet && err_fd) |
1711 | argv_array_push(&child.args, "--show-resolving-progress"); | |
83558686 JK |
1712 | if (use_sideband) |
1713 | argv_array_push(&child.args, "--report-end-of-input"); | |
dab76d3a | 1714 | if (fsck_objects) |
5d477a33 JS |
1715 | argv_array_pushf(&child.args, "--strict%s", |
1716 | fsck_msg_types.buf); | |
1b68387e | 1717 | if (!reject_thin) |
64a7e92f | 1718 | argv_array_push(&child.args, "--fix-thin"); |
c08db5a2 JK |
1719 | if (max_input_size) |
1720 | argv_array_pushf(&child.args, "--max-input-size=%"PRIuMAX, | |
1721 | (uintmax_t)max_input_size); | |
31c42bff NTND |
1722 | child.out = -1; |
1723 | child.err = err_fd; | |
1724 | child.git_cmd = 1; | |
1725 | status = start_command(&child); | |
1726 | if (status) | |
576162a4 | 1727 | return "index-pack fork failed"; |
31c42bff NTND |
1728 | pack_lockfile = index_pack_lockfile(child.out); |
1729 | close(child.out); | |
1730 | status = finish_command(&child); | |
1731 | if (status) | |
1732 | return "index-pack abnormal exit"; | |
1733 | reprepare_packed_git(); | |
cfee10a7 | 1734 | } |
31c42bff | 1735 | return NULL; |
cfee10a7 JH |
1736 | } |
1737 | ||
5dbd7676 | 1738 | static const char *unpack_with_sideband(struct shallow_info *si) |
a22e6f85 JK |
1739 | { |
1740 | struct async muxer; | |
1741 | const char *ret; | |
1742 | ||
1743 | if (!use_sideband) | |
5dbd7676 | 1744 | return unpack(0, si); |
a22e6f85 | 1745 | |
83558686 | 1746 | use_keepalive = KEEPALIVE_AFTER_NUL; |
a22e6f85 JK |
1747 | memset(&muxer, 0, sizeof(muxer)); |
1748 | muxer.proc = copy_to_sideband; | |
1749 | muxer.in = -1; | |
1750 | if (start_async(&muxer)) | |
1751 | return NULL; | |
1752 | ||
5dbd7676 | 1753 | ret = unpack(muxer.in, si); |
a22e6f85 JK |
1754 | |
1755 | finish_async(&muxer); | |
1756 | return ret; | |
1757 | } | |
1758 | ||
0a1bc12b NTND |
1759 | static void prepare_shallow_update(struct command *commands, |
1760 | struct shallow_info *si) | |
1761 | { | |
1762 | int i, j, k, bitmap_size = (si->ref->nr + 31) / 32; | |
1763 | ||
b32fa95f | 1764 | ALLOC_ARRAY(si->used_shallow, si->shallow->nr); |
0a1bc12b NTND |
1765 | assign_shallow_commits_to_refs(si, si->used_shallow, NULL); |
1766 | ||
1767 | si->need_reachability_test = | |
1768 | xcalloc(si->shallow->nr, sizeof(*si->need_reachability_test)); | |
1769 | si->reachable = | |
1770 | xcalloc(si->shallow->nr, sizeof(*si->reachable)); | |
1771 | si->shallow_ref = xcalloc(si->ref->nr, sizeof(*si->shallow_ref)); | |
1772 | ||
1773 | for (i = 0; i < si->nr_ours; i++) | |
1774 | si->need_reachability_test[si->ours[i]] = 1; | |
1775 | ||
1776 | for (i = 0; i < si->shallow->nr; i++) { | |
1777 | if (!si->used_shallow[i]) | |
1778 | continue; | |
1779 | for (j = 0; j < bitmap_size; j++) { | |
1780 | if (!si->used_shallow[i][j]) | |
1781 | continue; | |
1782 | si->need_reachability_test[i]++; | |
1783 | for (k = 0; k < 32; k++) | |
9a93c668 | 1784 | if (si->used_shallow[i][j] & (1U << k)) |
0a1bc12b NTND |
1785 | si->shallow_ref[j * 32 + k]++; |
1786 | } | |
1787 | ||
1788 | /* | |
1789 | * true for those associated with some refs and belong | |
1790 | * in "ours" list aka "step 7 not done yet" | |
1791 | */ | |
1792 | si->need_reachability_test[i] = | |
1793 | si->need_reachability_test[i] > 1; | |
1794 | } | |
1795 | ||
1796 | /* | |
1797 | * keep hooks happy by forcing a temporary shallow file via | |
1798 | * env variable because we can't add --shallow-file to every | |
1799 | * command. check_everything_connected() will be done with | |
1800 | * true .git/shallow though. | |
1801 | */ | |
1802 | setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1); | |
1803 | } | |
1804 | ||
5dbd7676 NTND |
1805 | static void update_shallow_info(struct command *commands, |
1806 | struct shallow_info *si, | |
1807 | struct sha1_array *ref) | |
1808 | { | |
1809 | struct command *cmd; | |
1810 | int *ref_status; | |
1811 | remove_nonexistent_theirs_shallow(si); | |
0a1bc12b NTND |
1812 | if (!si->nr_ours && !si->nr_theirs) { |
1813 | shallow_update = 0; | |
5dbd7676 | 1814 | return; |
0a1bc12b | 1815 | } |
5dbd7676 NTND |
1816 | |
1817 | for (cmd = commands; cmd; cmd = cmd->next) { | |
9c44ea44 | 1818 | if (is_null_oid(&cmd->new_oid)) |
5dbd7676 | 1819 | continue; |
9c44ea44 | 1820 | sha1_array_append(ref, cmd->new_oid.hash); |
5dbd7676 NTND |
1821 | cmd->index = ref->nr - 1; |
1822 | } | |
1823 | si->ref = ref; | |
1824 | ||
0a1bc12b NTND |
1825 | if (shallow_update) { |
1826 | prepare_shallow_update(commands, si); | |
1827 | return; | |
1828 | } | |
1829 | ||
b32fa95f | 1830 | ALLOC_ARRAY(ref_status, ref->nr); |
5dbd7676 NTND |
1831 | assign_shallow_commits_to_refs(si, NULL, ref_status); |
1832 | for (cmd = commands; cmd; cmd = cmd->next) { | |
9c44ea44 | 1833 | if (is_null_oid(&cmd->new_oid)) |
5dbd7676 NTND |
1834 | continue; |
1835 | if (ref_status[cmd->index]) { | |
1836 | cmd->error_string = "shallow update not allowed"; | |
1837 | cmd->skip_update = 1; | |
1838 | } | |
1839 | } | |
5dbd7676 NTND |
1840 | free(ref_status); |
1841 | } | |
1842 | ||
5e1c71fd | 1843 | static void report(struct command *commands, const char *unpack_status) |
cfee10a7 JH |
1844 | { |
1845 | struct command *cmd; | |
38a81b4e SP |
1846 | struct strbuf buf = STRBUF_INIT; |
1847 | ||
1848 | packet_buf_write(&buf, "unpack %s\n", | |
1849 | unpack_status ? unpack_status : "ok"); | |
cfee10a7 JH |
1850 | for (cmd = commands; cmd; cmd = cmd->next) { |
1851 | if (!cmd->error_string) | |
38a81b4e SP |
1852 | packet_buf_write(&buf, "ok %s\n", |
1853 | cmd->ref_name); | |
cfee10a7 | 1854 | else |
38a81b4e SP |
1855 | packet_buf_write(&buf, "ng %s %s\n", |
1856 | cmd->ref_name, cmd->error_string); | |
575f4974 | 1857 | } |
38a81b4e SP |
1858 | packet_buf_flush(&buf); |
1859 | ||
1860 | if (use_sideband) | |
1861 | send_sideband(1, 1, buf.buf, buf.len, use_sideband); | |
1862 | else | |
cdf4fb8e | 1863 | write_or_die(1, buf.buf, buf.len); |
38a81b4e | 1864 | strbuf_release(&buf); |
575f4974 LT |
1865 | } |
1866 | ||
5e1c71fd | 1867 | static int delete_only(struct command *commands) |
d4f694ba | 1868 | { |
5e1c71fd JS |
1869 | struct command *cmd; |
1870 | for (cmd = commands; cmd; cmd = cmd->next) { | |
9c44ea44 | 1871 | if (!is_null_oid(&cmd->new_oid)) |
d4f694ba | 1872 | return 0; |
d4f694ba JH |
1873 | } |
1874 | return 1; | |
1875 | } | |
1876 | ||
be5908ae | 1877 | int cmd_receive_pack(int argc, const char **argv, const char *prefix) |
575f4974 | 1878 | { |
42526b47 | 1879 | int advertise_refs = 0; |
5e1c71fd | 1880 | struct command *commands; |
5dbd7676 NTND |
1881 | struct sha1_array shallow = SHA1_ARRAY_INIT; |
1882 | struct sha1_array ref = SHA1_ARRAY_INIT; | |
1883 | struct shallow_info si; | |
575f4974 | 1884 | |
1b68387e SS |
1885 | struct option options[] = { |
1886 | OPT__QUIET(&quiet, N_("quiet")), | |
1887 | OPT_HIDDEN_BOOL(0, "stateless-rpc", &stateless_rpc, NULL), | |
1888 | OPT_HIDDEN_BOOL(0, "advertise-refs", &advertise_refs, NULL), | |
1889 | OPT_HIDDEN_BOOL(0, "reject-thin-pack-for-testing", &reject_thin, NULL), | |
1890 | OPT_END() | |
1891 | }; | |
bbc30f99 | 1892 | |
1b68387e | 1893 | packet_trace_identity("receive-pack"); |
575f4974 | 1894 | |
1b68387e | 1895 | argc = parse_options(argc, argv, prefix, options, receive_pack_usage, 0); |
c207e34f | 1896 | |
1b68387e SS |
1897 | if (argc > 1) |
1898 | usage_msg_opt(_("Too many arguments."), receive_pack_usage, options); | |
1899 | if (argc == 0) | |
1900 | usage_msg_opt(_("You must specify a directory."), receive_pack_usage, options); | |
42526b47 | 1901 | |
1b68387e | 1902 | service_dir = argv[0]; |
575f4974 | 1903 | |
e1464ca7 | 1904 | setup_path(); |
5c09f321 | 1905 | |
5732373d JH |
1906 | if (!enter_repo(service_dir, 0)) |
1907 | die("'%s' does not appear to be a git repository", service_dir); | |
575f4974 | 1908 | |
ef90d6d4 | 1909 | git_config(receive_pack_config, NULL); |
b89363e4 | 1910 | if (cert_nonce_seed) |
5732373d | 1911 | push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL)); |
6fb75bed | 1912 | |
e28714c5 JH |
1913 | if (0 <= transfer_unpack_limit) |
1914 | unpack_limit = transfer_unpack_limit; | |
1915 | else if (0 <= receive_unpack_limit) | |
1916 | unpack_limit = receive_unpack_limit; | |
1917 | ||
42526b47 | 1918 | if (advertise_refs || !stateless_rpc) { |
42526b47 | 1919 | write_head_info(); |
42526b47 SP |
1920 | } |
1921 | if (advertise_refs) | |
1922 | return 0; | |
575f4974 | 1923 | |
5dbd7676 | 1924 | if ((commands = read_head_info(&shallow)) != NULL) { |
d4f694ba | 1925 | const char *unpack_status = NULL; |
77a9745d | 1926 | struct string_list push_options = STRING_LIST_INIT_DUP; |
d4f694ba | 1927 | |
c714e45f SB |
1928 | if (use_push_options) |
1929 | read_push_options(&push_options); | |
1930 | ||
5dbd7676 | 1931 | prepare_shallow_info(&si, &shallow); |
0a1bc12b NTND |
1932 | if (!si.nr_ours && !si.nr_theirs) |
1933 | shallow_update = 0; | |
5dbd7676 NTND |
1934 | if (!delete_only(commands)) { |
1935 | unpack_status = unpack_with_sideband(&si); | |
1936 | update_shallow_info(commands, &si, &ref); | |
1937 | } | |
83558686 | 1938 | use_keepalive = KEEPALIVE_ALWAYS; |
77a9745d SB |
1939 | execute_commands(commands, unpack_status, &si, |
1940 | &push_options); | |
576162a4 | 1941 | if (pack_lockfile) |
691f1a28 | 1942 | unlink_or_warn(pack_lockfile); |
cfee10a7 | 1943 | if (report_status) |
5e1c71fd | 1944 | report(commands, unpack_status); |
77a9745d SB |
1945 | run_receive_hook(commands, "post-receive", 1, |
1946 | &push_options); | |
8e663d9e | 1947 | run_update_post_hook(commands); |
4432dd6b | 1948 | string_list_clear(&push_options, 0); |
77e3efbf JH |
1949 | if (auto_gc) { |
1950 | const char *argv_gc_auto[] = { | |
1951 | "gc", "--auto", "--quiet", NULL, | |
1952 | }; | |
860a2ebe LF |
1953 | struct child_process proc = CHILD_PROCESS_INIT; |
1954 | ||
1955 | proc.no_stdin = 1; | |
1956 | proc.stdout_to_stderr = 1; | |
1957 | proc.err = use_sideband ? -1 : 0; | |
1958 | proc.git_cmd = 1; | |
1959 | proc.argv = argv_gc_auto; | |
1960 | ||
d5621020 | 1961 | close_all_packs(); |
860a2ebe LF |
1962 | if (!start_command(&proc)) { |
1963 | if (use_sideband) | |
1964 | copy_to_sideband(proc.err, -1, NULL); | |
1965 | finish_command(&proc); | |
1966 | } | |
77e3efbf JH |
1967 | } |
1968 | if (auto_update_server_info) | |
1969 | update_server_info(0); | |
5dbd7676 | 1970 | clear_shallow_info(&si); |
7f8e9828 | 1971 | } |
38a81b4e SP |
1972 | if (use_sideband) |
1973 | packet_flush(1); | |
5dbd7676 NTND |
1974 | sha1_array_clear(&shallow); |
1975 | sha1_array_clear(&ref); | |
b89363e4 | 1976 | free((void *)push_cert_nonce); |
575f4974 LT |
1977 | return 0; |
1978 | } |