]> git.ipfire.org Git - thirdparty/git.git/blame - builtin/receive-pack.c
projects / thirdparty / git.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
The sixth batch
[thirdparty/git.git] / builtin / receive-pack.c
CommitLineData
03eae9af 1#define USE_THE_REPOSITORY_VARIABLE
41f43b82
PS		 2#define DISABLE_SIGN_COMPARE_WARNINGS
3
1e4cd68c 4#include "builtin.h"
0b027f6c 5#include "abspath.h"
03eae9af 6
b2141fc1 7#include "config.h"
32a8f510 8#include "environment.h"
f394e093 9#include "gettext.h"
41771fa4 10#include "hex.h"
697cc8ef 11#include "lockfile.h"
fc04c412 12#include "pack.h"
8a65ff76 13#include "refs.h"
f3a3214e 14#include "pkt-line.h"
38a81b4e 15#include "sideband.h"
b1bf95bb 16#include "run-command.h"
5e3aba33 17#include "hook.h"
d807c4a0 18#include "exec-cmd.h"
11031d7e
JS		 19#include "commit.h"
20#include "object.h"
d79796bc 21#include "remote.h"
47a59185 22#include "connect.h"
da3efdb1 23#include "string-list.h"
fe299ec5 24#include "oid-array.h"
52fed6e1 25#include "connected.h"
dbbcd44f 26#include "strvec.h"
ff5effdf 27#include "version.h"
d05b9618 28#include "gpg-interface.h"
ec7dbd14 29#include "sigchain.h"
5d477a33 30#include "fsck.h"
722ff7f8 31#include "tmp-objdir.h"
ab6eea6f 32#include "oidset.h"
3836d88a 33#include "packfile.h"
d9f517d0 34#include "object-file.h"
dabab1d6 35#include "object-name.h"
68cd492a 36#include "object-store.h"
c339932b 37#include "path.h"
aa9bab29 38#include "protocol.h"
64043556 39#include "commit-reach.h"
623b80be 40#include "server-info.h"
74ea5c95
EN		 41#include "trace.h"
42#include "trace2.h"
4ef34648 43#include "worktree.h"
120ad2b0 44#include "shallow.h"
49fd5511 45#include "parse-options.h"
575f4974 46
1b68387e
SS		 47static const char * const receive_pack_usage[] = {
48 N_("git receive-pack <git-dir>"),
49 NULL
50};
575f4974 51
986e8239 52enum deny_action {
3d95d92b 53 DENY_UNCONFIGURED,
986e8239
JK		 54 DENY_IGNORE,
55 DENY_WARN,
1404bcbb
JS		 56 DENY_REFUSE,
57 DENY_UPDATE_INSTEAD
986e8239
JK		 58};
59
1b53a076
JH		 60static int deny_deletes;
61static int deny_non_fast_forwards;
3d95d92b 62static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
747ca245 63static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
dab76d3a
JH		 64static int receive_fsck_objects = -1;
65static int transfer_fsck_objects = -1;
5d477a33 66static struct strbuf fsck_msg_types = STRBUF_INIT;
e28714c5
JH		 67static int receive_unpack_limit = -1;
68static int transfer_unpack_limit = -1;
1b70fe5d 69static int advertise_atomic_push = 1;
c714e45f 70static int advertise_push_options;
8073d75b 71static int advertise_sid;
46732fae 72static int unpack_limit = 100;
c08db5a2 73static off_t max_input_size;
96f1e58f 74static int report_status;
63518a57 75static int report_status_v2;
38a81b4e 76static int use_sideband;
68deed29 77static int use_atomic;
c714e45f 78static int use_push_options;
c207e34f 79static int quiet;
b74fce16 80static int prefer_ofs_delta = 1;
77e3efbf
JH		 81static int auto_update_server_info;
82static int auto_gc = 1;
1b68387e 83static int reject_thin;
68cb0b52 84static int skip_connectivity_check;
5732373d
JH		 85static int stateless_rpc;
86static const char *service_dir;
747ca245 87static const char *head_name;
96ec7b1e 88static void *head_name_to_free;
185c04e0 89static int sent_capabilities;
0a1bc12b 90static int shallow_update;
5dbd7676 91static const char *alt_shallow_file;
a85b377d 92static struct strbuf push_cert = STRBUF_INIT;
a09c985e 93static struct object_id push_cert_oid;
d05b9618 94static struct signature_check sigcheck;
b89363e4 95static const char *push_cert_nonce;
1b261c20 96static char *cert_nonce_seed;
c45841ff 97static struct strvec hidden_refs = STRVEC_INIT;
b89363e4
JH		 98
99static const char *NONCE_UNSOLICITED = "UNSOLICITED";
100static const char *NONCE_BAD = "BAD";
101static const char *NONCE_MISSING = "MISSING";
102static const char *NONCE_OK = "OK";
5732373d 103static const char *NONCE_SLOP = "SLOP";
b89363e4 104static const char *nonce_status;
5732373d 105static long nonce_stamp_slop;
dddbad72 106static timestamp_t nonce_stamp_slop_limit;
222368c6 107static struct ref_transaction *transaction;
cfee10a7 108
83558686
JK		 109static enum {
110 KEEPALIVE_NEVER = 0,
111 KEEPALIVE_AFTER_NUL,
112 KEEPALIVE_ALWAYS
113} use_keepalive;
114static int keepalive_in_sec = 5;
115
722ff7f8
JK		 116static struct tmp_objdir *tmp_objdir;
117
31e8595a
JX		 118static struct proc_receive_ref {
119 unsigned int want_add:1,
120 want_delete:1,
121 want_modify:1,
122 negative_ref:1;
123 char *ref_prefix;
124 struct proc_receive_ref *next;
125} *proc_receive_ref;
126
127static void proc_receive_ref_append(const char *prefix);
128
986e8239
JK		 129static enum deny_action parse_deny_action(const char *var, const char *value)
130{
131 if (value) {
132 if (!strcasecmp(value, "ignore"))
133 return DENY_IGNORE;
134 if (!strcasecmp(value, "warn"))
135 return DENY_WARN;
136 if (!strcasecmp(value, "refuse"))
137 return DENY_REFUSE;
1404bcbb
JS		 138 if (!strcasecmp(value, "updateinstead"))
139 return DENY_UPDATE_INSTEAD;
986e8239
JK		 140 }
141 if (git_config_bool(var, value))
142 return DENY_REFUSE;
143 return DENY_IGNORE;
144}
145
a4e7e317
GC		 146static int receive_pack_config(const char *var, const char *value,
147 const struct config_context *ctx, void *cb)
6fb75bed 148{
d49cb162 149 const char *msg_id;
9b67eb6f 150 int status = parse_hide_refs_config(var, value, "receive", &hidden_refs);
daebaa78
JH		 151
152 if (status)
153 return status;
154
a240de11
JK		 155 if (strcmp(var, "receive.denydeletes") == 0) {
156 deny_deletes = git_config_bool(var, value);
157 return 0;
158 }
159
e28714c5 160 if (strcmp(var, "receive.denynonfastforwards") == 0) {
6fb75bed
SP		 161 deny_non_fast_forwards = git_config_bool(var, value);
162 return 0;
163 }
164
e28714c5 165 if (strcmp(var, "receive.unpacklimit") == 0) {
8868b1eb 166 receive_unpack_limit = git_config_int(var, value, ctx->kvi);
fc04c412
SP		 167 return 0;
168 }
169
e28714c5 170 if (strcmp(var, "transfer.unpacklimit") == 0) {
8868b1eb 171 transfer_unpack_limit = git_config_int(var, value, ctx->kvi);
e28714c5
JH		 172 return 0;
173 }
174
cd94c6f9 175 if (strcmp(var, "receive.fsck.skiplist") == 0) {
6073b3b5 176 char *path;
cd94c6f9
JS		 177
178 if (git_config_pathname(&path, var, value))
ca715807 179 return -1;
cd94c6f9
JS		 180 strbuf_addf(&fsck_msg_types, "%cskiplist=%s",
181 fsck_msg_types.len ? ',' : '=', path);
6073b3b5 182 free(path);
cd94c6f9
JS		 183 return 0;
184 }
185
d49cb162
JK		 186 if (skip_prefix(var, "receive.fsck.", &msg_id)) {
187 if (!value)
188 return config_error_nonbool(var);
189 if (is_valid_msg_type(msg_id, value))
5d477a33 190 strbuf_addf(&fsck_msg_types, "%c%s=%s",
d49cb162 191 fsck_msg_types.len ? ',' : '=', msg_id, value);
5d477a33 192 else
d49cb162 193 warning("skipping unknown msg id '%s'", msg_id);
5d477a33
JS		 194 return 0;
195 }
196
20dc0016
MK		 197 if (strcmp(var, "receive.fsckobjects") == 0) {
198 receive_fsck_objects = git_config_bool(var, value);
199 return 0;
200 }
201
dab76d3a
JH		 202 if (strcmp(var, "transfer.fsckobjects") == 0) {
203 transfer_fsck_objects = git_config_bool(var, value);
204 return 0;
205 }
206
986e8239
JK		 207 if (!strcmp(var, "receive.denycurrentbranch")) {
208 deny_current_branch = parse_deny_action(var, value);
209 return 0;
210 }
211
747ca245
JH		 212 if (strcmp(var, "receive.denydeletecurrent") == 0) {
213 deny_delete_current = parse_deny_action(var, value);
214 return 0;
215 }
216
b74fce16
NP		 217 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
218 prefer_ofs_delta = git_config_bool(var, value);
219 return 0;
220 }
221
77e3efbf
JH		 222 if (strcmp(var, "receive.updateserverinfo") == 0) {
223 auto_update_server_info = git_config_bool(var, value);
224 return 0;
225 }
226
227 if (strcmp(var, "receive.autogc") == 0) {
228 auto_gc = git_config_bool(var, value);
229 return 0;
230 }
231
0a1bc12b
NTND		 232 if (strcmp(var, "receive.shallowupdate") == 0) {
233 shallow_update = git_config_bool(var, value);
234 return 0;
235 }
236
b89363e4
JH		 237 if (strcmp(var, "receive.certnonceseed") == 0)
238 return git_config_string(&cert_nonce_seed, var, value);
a85b377d 239
5732373d 240 if (strcmp(var, "receive.certnonceslop") == 0) {
8868b1eb 241 nonce_stamp_slop_limit = git_config_ulong(var, value, ctx->kvi);
5732373d
JH		 242 return 0;
243 }
244
1b70fe5d
RS		 245 if (strcmp(var, "receive.advertiseatomic") == 0) {
246 advertise_atomic_push = git_config_bool(var, value);
247 return 0;
248 }
249
c714e45f
SB		 250 if (strcmp(var, "receive.advertisepushoptions") == 0) {
251 advertise_push_options = git_config_bool(var, value);
252 return 0;
253 }
254
83558686 255 if (strcmp(var, "receive.keepalive") == 0) {
8868b1eb 256 keepalive_in_sec = git_config_int(var, value, ctx->kvi);
83558686
JK		 257 return 0;
258 }
259
c08db5a2 260 if (strcmp(var, "receive.maxinputsize") == 0) {
8868b1eb 261 max_input_size = git_config_int64(var, value, ctx->kvi);
c08db5a2
JK		 262 return 0;
263 }
264
31e8595a
JX		 265 if (strcmp(var, "receive.procreceiverefs") == 0) {
266 if (!value)
267 return config_error_nonbool(var);
268 proc_receive_ref_append(value);
269 return 0;
270 }
271
8073d75b
JS		 272 if (strcmp(var, "transfer.advertisesid") == 0) {
273 advertise_sid = git_config_bool(var, value);
274 return 0;
275 }
276
a4e7e317 277 return git_default_config(var, value, ctx, cb);
6fb75bed
SP		 278}
279
1b7ba794 280static void show_ref(const char *path, const struct object_id *oid)
575f4974 281{
52d2ae58 282 if (sent_capabilities) {
1b7ba794 283 packet_write_fmt(1, "%s %s\n", oid_to_hex(oid), path);
52d2ae58
JH		 284 } else {
285 struct strbuf cap = STRBUF_INIT;
286
287 strbuf_addstr(&cap,
63518a57 288 "report-status report-status-v2 delete-refs side-band-64k quiet");
1b70fe5d
RS		 289 if (advertise_atomic_push)
290 strbuf_addstr(&cap, " atomic");
52d2ae58
JH		 291 if (prefer_ofs_delta)
292 strbuf_addstr(&cap, " ofs-delta");
b89363e4
JH		 293 if (push_cert_nonce)
294 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
c714e45f
SB		 295 if (advertise_push_options)
296 strbuf_addstr(&cap, " push-options");
8073d75b
JS		 297 if (advertise_sid)
298 strbuf_addf(&cap, " session-id=%s", trace2_session_id());
bf30dbf8 299 strbuf_addf(&cap, " object-format=%s", the_hash_algo->name);
52d2ae58 300 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
81c634e9 301 packet_write_fmt(1, "%s %s%c%s\n",
1b7ba794 302 oid_to_hex(oid), path, 0, cap.buf);
52d2ae58
JH		 303 strbuf_release(&cap);
304 sent_capabilities = 1;
305 }
575f4974
LT		 306}
307
e8207717 308static int show_ref_cb(const char *path_full, const char *referent UNUSED, const struct object_id *oid,
5cf88fd8 309 int flag UNUSED, void *data)
6b01ecfe 310{
8b24b9e7 311 struct oidset *seen = data;
78a766ab
LF		 312 const char *path = strip_namespace(path_full);
313
9b67eb6f 314 if (ref_is_hidden(path, path_full, &hidden_refs))
78a766ab
LF		 315 return 0;
316
6b01ecfe
JT		 317 /*
318 * Advertise refs outside our current namespace as ".have"
319 * refs, so that the client can use them to minimize data
fea6c47f 320 * transfer but will otherwise ignore them.
6b01ecfe 321 */
8b24b9e7
JK		 322 if (!path) {
323 if (oidset_insert(seen, oid))
324 return 0;
6b01ecfe 325 path = ".have";
63d428e6
JK		 326 } else {
327 oidset_insert(seen, oid);
8b24b9e7 328 }
1b7ba794 329 show_ref(path, oid);
bc98201d 330 return 0;
6b01ecfe
JT		 331}
332
bdf4276c 333static void show_one_alternate_ref(const struct object_id *oid,
ab6eea6f 334 void *data)
b7a025d9 335{
ab6eea6f 336 struct oidset *seen = data;
b7a025d9 337
ab6eea6f
JK		 338 if (oidset_insert(seen, oid))
339 return;
340
1b7ba794 341 show_ref(".have", oid);
6b01ecfe
JT		 342}
343
8a65ff76 344static void write_head_info(void)
575f4974 345{
ab6eea6f 346 static struct oidset seen = OIDSET_INIT;
d8faf50c
PS		 347 struct strvec excludes_vector = STRVEC_INIT;
348 const char **exclude_patterns;
349
350 /*
351 * We need access to the reference names both with and without their
352 * namespace and thus cannot use `refs_for_each_namespaced_ref()`. We
353 * thus have to adapt exclude patterns to carry the namespace prefix
354 * ourselves.
355 */
356 exclude_patterns = get_namespaced_exclude_patterns(
357 hidden_refs_to_excludes(&hidden_refs),
358 get_git_namespace(), &excludes_vector);
2b2a5be3 359
cc2a1f98 360 refs_for_each_fullref_in(get_main_ref_store(the_repository), "",
d8faf50c 361 exclude_patterns, show_ref_cb, &seen);
ab6eea6f 362 for_each_alternate_ref(show_one_alternate_ref, &seen);
d8faf50c 363
ab6eea6f 364 oidset_clear(&seen);
d8faf50c
PS		 365 strvec_clear(&excludes_vector);
366
185c04e0 367 if (!sent_capabilities)
7d70b29c 368 show_ref("capabilities^{}", null_oid(the_hash_algo));
cfee10a7 369
ad491366
NTND		 370 advertise_shallow_grafts(1);
371
b7a025d9
MH		 372 /* EOF */
373 packet_flush(1);
575f4974
LT		 374}
375
15d3af5e
JX		 376#define RUN_PROC_RECEIVE_SCHEDULED 1
377#define RUN_PROC_RECEIVE_RETURNED 2
eb1af2df
LT		 378struct command {
379 struct command *next;
cfee10a7 380 const char *error_string;
a6c30623 381 char *error_string_owned;
15d3af5e 382 struct ref_push_report *report;
160b81ed 383 unsigned int skip_update:1,
15d3af5e
JX		 384 did_not_exist:1,
385 run_proc_receive:2;
5dbd7676 386 int index;
9c44ea44 387 struct object_id old_oid;
388 struct object_id new_oid;
8f1d2e6f 389 char ref_name[FLEX_ARRAY]; /* more */
575f4974
LT		 390};
391
31e8595a
JX		 392static void proc_receive_ref_append(const char *prefix)
393{
394 struct proc_receive_ref *ref_pattern;
395 char *p;
396 int len;
397
ca56dadb 398 CALLOC_ARRAY(ref_pattern, 1);
31e8595a
JX		 399 p = strchr(prefix, ':');
400 if (p) {
401 while (prefix < p) {
402 if (*prefix == 'a')
403 ref_pattern->want_add = 1;
404 else if (*prefix == 'd')
405 ref_pattern->want_delete = 1;
406 else if (*prefix == 'm')
407 ref_pattern->want_modify = 1;
408 else if (*prefix == '!')
409 ref_pattern->negative_ref = 1;
410 prefix++;
411 }
412 prefix++;
413 } else {
414 ref_pattern->want_add = 1;
415 ref_pattern->want_delete = 1;
416 ref_pattern->want_modify = 1;
417 }
418 len = strlen(prefix);
419 while (len && prefix[len - 1] == '/')
420 len--;
421 ref_pattern->ref_prefix = xmemdupz(prefix, len);
422 if (!proc_receive_ref) {
423 proc_receive_ref = ref_pattern;
424 } else {
425 struct proc_receive_ref *end;
426
427 end = proc_receive_ref;
428 while (end->next)
429 end = end->next;
430 end->next = ref_pattern;
431 }
432}
433
434static int proc_receive_ref_matches(struct command *cmd)
435{
436 struct proc_receive_ref *p;
437
438 if (!proc_receive_ref)
439 return 0;
440
441 for (p = proc_receive_ref; p; p = p->next) {
442 const char *match = p->ref_prefix;
443 const char *remains;
444
445 if (!p->want_add && is_null_oid(&cmd->old_oid))
446 continue;
447 else if (!p->want_delete && is_null_oid(&cmd->new_oid))
448 continue;
449 else if (!p->want_modify &&
450 !is_null_oid(&cmd->old_oid) &&
451 !is_null_oid(&cmd->new_oid))
452 continue;
453
454 if (skip_prefix(cmd->ref_name, match, &remains) &&
455 (!*remains || *remains == '/')) {
456 if (!p->negative_ref)
457 return 1;
458 } else if (p->negative_ref) {
459 return 1;
460 }
461 }
462 return 0;
463}
464
466dbc42
SP		 465static void report_message(const char *prefix, const char *err, va_list params)
466{
b7115a35 467 int sz;
466dbc42
SP		 468 char msg[4096];
469
b7115a35 470 sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
466dbc42
SP		 471 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
472 if (sz > (sizeof(msg) - 1))
473 sz = sizeof(msg) - 1;
474 msg[sz++] = '\n';
475
476 if (use_sideband)
477 send_sideband(1, 2, msg, sz, use_sideband);
478 else
479 xwrite(2, msg, sz);
480}
481
103e02c7 482__attribute__((format (printf, 1, 2)))
466dbc42
SP		 483static void rp_warning(const char *err, ...)
484{
485 va_list params;
486 va_start(params, err);
487 report_message("warning: ", err, params);
488 va_end(params);
489}
490
103e02c7 491__attribute__((format (printf, 1, 2)))
466dbc42
SP		 492static void rp_error(const char *err, ...)
493{
494 va_list params;
495 va_start(params, err);
496 report_message("error: ", err, params);
497 va_end(params);
498}
499
5cf88fd8 500static int copy_to_sideband(int in, int out UNUSED, void *arg UNUSED)
6d525d38
SP		 501{
502 char data[128];
83558686
JK		 503 int keepalive_active = 0;
504
505 if (keepalive_in_sec <= 0)
506 use_keepalive = KEEPALIVE_NEVER;
507 if (use_keepalive == KEEPALIVE_ALWAYS)
508 keepalive_active = 1;
509
6d525d38 510 while (1) {
83558686
JK		 511 ssize_t sz;
512
513 if (keepalive_active) {
514 struct pollfd pfd;
515 int ret;
516
517 pfd.fd = in;
518 pfd.events = POLLIN;
519 ret = poll(&pfd, 1, 1000 * keepalive_in_sec);
520
521 if (ret < 0) {
522 if (errno == EINTR)
523 continue;
524 else
525 break;
526 } else if (ret == 0) {
527 /* no data; send a keepalive packet */
528 static const char buf[] = "0005\1";
529 write_or_die(1, buf, sizeof(buf) - 1);
530 continue;
531 } /* else there is actual data to read */
532 }
533
534 sz = xread(in, data, sizeof(data));
6d525d38
SP		 535 if (sz <= 0)
536 break;
83558686
JK		 537
538 if (use_keepalive == KEEPALIVE_AFTER_NUL && !keepalive_active) {
539 const char *p = memchr(data, '\0', sz);
540 if (p) {
541 /*
542 * The NUL tells us to start sending keepalives. Make
543 * sure we send any other data we read along
544 * with it.
545 */
546 keepalive_active = 1;
547 send_sideband(1, 2, data, p - data, use_sideband);
548 send_sideband(1, 2, p + 1, sz - (p - data + 1), use_sideband);
549 continue;
550 }
551 }
552
553 /*
554 * Either we're not looking for a NUL signal, or we didn't see
555 * it yet; just pass along the data.
556 */
6d525d38
SP		 557 send_sideband(1, 2, data, sz, use_sideband);
558 }
559 close(in);
560 return 0;
561}
562
3013118e 563static void hmac_hash(unsigned char *out,
b89363e4
JH		 564 const char *key_in, size_t key_len,
565 const char *text, size_t text_len)
566{
fabec2c5 567 unsigned char key[GIT_MAX_BLKSZ];
568 unsigned char k_ipad[GIT_MAX_BLKSZ];
569 unsigned char k_opad[GIT_MAX_BLKSZ];
b89363e4 570 int i;
7346e340 571 struct git_hash_ctx ctx;
b89363e4
JH		 572
573 /* RFC 2104 2. (1) */
fabec2c5 574 memset(key, '\0', GIT_MAX_BLKSZ);
575 if (the_hash_algo->blksz < key_len) {
576 the_hash_algo->init_fn(&ctx);
0578f1e6
PS		 577 git_hash_update(&ctx, key_in, key_len);
578 git_hash_final(key, &ctx);
b89363e4
JH		 579 } else {
580 memcpy(key, key_in, key_len);
581 }
582
583 /* RFC 2104 2. (2) & (5) */
584 for (i = 0; i < sizeof(key); i++) {
585 k_ipad[i] = key[i] ^ 0x36;
586 k_opad[i] = key[i] ^ 0x5c;
587 }
588
589 /* RFC 2104 2. (3) & (4) */
fabec2c5 590 the_hash_algo->init_fn(&ctx);
0578f1e6
PS		 591 git_hash_update(&ctx, k_ipad, sizeof(k_ipad));
592 git_hash_update(&ctx, text, text_len);
593 git_hash_final(out, &ctx);
b89363e4
JH		 594
595 /* RFC 2104 2. (6) & (7) */
fabec2c5 596 the_hash_algo->init_fn(&ctx);
0578f1e6
PS		 597 git_hash_update(&ctx, k_opad, sizeof(k_opad));
598 git_hash_update(&ctx, out, the_hash_algo->rawsz);
599 git_hash_final(out, &ctx);
b89363e4
JH		 600}
601
dddbad72 602static char *prepare_push_cert_nonce(const char *path, timestamp_t stamp)
b89363e4
JH		 603{
604 struct strbuf buf = STRBUF_INIT;
fabec2c5 605 unsigned char hash[GIT_MAX_RAWSZ];
b89363e4 606
cb71f8bd 607 strbuf_addf(&buf, "%s:%"PRItime, path, stamp);
3013118e 608 hmac_hash(hash, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));
b89363e4
JH		 609 strbuf_release(&buf);
610
3013118e 611 /* RFC 2104 5. HMAC-SHA1 or HMAC-SHA256 */
fc06be3b 612 strbuf_addf(&buf, "%"PRItime"-%.*s", stamp, (int)the_hash_algo->hexsz, hash_to_hex(hash));
b89363e4
JH		 613 return strbuf_detach(&buf, NULL);
614}
615
edc6dccf 616/*
617 * Return zero if a and b are equal up to n bytes and nonzero if they are not.
618 * This operation is guaranteed to run in constant time to avoid leaking data.
619 */
620static int constant_memequal(const char *a, const char *b, size_t n)
621{
622 int res = 0;
719483e5
JH		 623 size_t i;
624
625 for (i = 0; i < n; i++)
edc6dccf 626 res |= a[i] ^ b[i];
627 return res;
628}
629
020456cb 630static const char *check_nonce(const char *buf)
b89363e4 631{
020456cb
RS		 632 size_t noncelen;
633 const char *found = find_commit_header(buf, "nonce", &noncelen);
634 char *nonce = found ? xmemdupz(found, noncelen) : NULL;
dddbad72 635 timestamp_t stamp, ostamp;
5732373d 636 char *bohmac, *expect = NULL;
b89363e4
JH		 637 const char *retval = NONCE_BAD;
638
639 if (!nonce) {
640 retval = NONCE_MISSING;
641 goto leave;
642 } else if (!push_cert_nonce) {
643 retval = NONCE_UNSOLICITED;
644 goto leave;
645 } else if (!strcmp(push_cert_nonce, nonce)) {
646 retval = NONCE_OK;
647 goto leave;
648 }
649
5732373d
JH		 650 if (!stateless_rpc) {
651 /* returned nonce MUST match what we gave out earlier */
652 retval = NONCE_BAD;
653 goto leave;
654 }
655
656 /*
657 * In stateless mode, we may be receiving a nonce issued by
658 * another instance of the server that serving the same
659 * repository, and the timestamps may not match, but the
660 * nonce-seed and dir should match, so we can recompute and
661 * report the time slop.
662 *
663 * In addition, when a nonce issued by another instance has
664 * timestamp within receive.certnonceslop seconds, we pretend
665 * as if we issued that nonce when reporting to the hook.
666 */
667
668 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
669 if (*nonce <= '0' || '9' < *nonce) {
670 retval = NONCE_BAD;
671 goto leave;
672 }
1aeb7e75 673 stamp = parse_timestamp(nonce, &bohmac, 10);
5732373d
JH		 674 if (bohmac == nonce || bohmac[0] != '-') {
675 retval = NONCE_BAD;
676 goto leave;
677 }
678
679 expect = prepare_push_cert_nonce(service_dir, stamp);
edc6dccf 680 if (noncelen != strlen(expect)) {
681 /* This is not even the right size. */
682 retval = NONCE_BAD;
683 goto leave;
684 }
685 if (constant_memequal(expect, nonce, noncelen)) {
5732373d
JH		 686 /* Not what we would have signed earlier */
687 retval = NONCE_BAD;
688 goto leave;
689 }
690
691 /*
692 * By how many seconds is this nonce stale? Negative value
693 * would mean it was issued by another server with its clock
694 * skewed in the future.
695 */
1aeb7e75 696 ostamp = parse_timestamp(push_cert_nonce, NULL, 10);
5732373d
JH		 697 nonce_stamp_slop = (long)ostamp - (long)stamp;
698
699 if (nonce_stamp_slop_limit &&
31a8aa1e 700 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
5732373d
JH		 701 /*
702 * Pretend as if the received nonce (which passes the
703 * HMAC check, so it is not a forged by third-party)
704 * is what we issued.
705 */
706 free((void *)push_cert_nonce);
707 push_cert_nonce = xstrdup(nonce);
708 retval = NONCE_OK;
709 } else {
710 retval = NONCE_SLOP;
711 }
b89363e4
JH		 712
713leave:
714 free(nonce);
5732373d 715 free(expect);
b89363e4
JH		 716 return retval;
717}
718
cbaf82cc
JT		 719/*
720 * Return 1 if there is no push_cert or if the push options in push_cert are
721 * the same as those in the argument; 0 otherwise.
722 */
723static int check_cert_push_options(const struct string_list *push_options)
724{
725 const char *buf = push_cert.buf;
cbaf82cc 726
f51d790b
RS		 727 const char *option;
728 size_t optionlen;
cbaf82cc
JT		 729 int options_seen = 0;
730
731 int retval = 1;
732
f51d790b 733 if (!*buf)
cbaf82cc
JT		 734 return 1;
735
f51d790b
RS		 736 while ((option = find_commit_header(buf, "push-option", &optionlen))) {
737 buf = option + optionlen + 1;
cbaf82cc
JT		 738 options_seen++;
739 if (options_seen > push_options->nr
020456cb
RS		 740 || xstrncmpz(push_options->items[options_seen - 1].string,
741 option, optionlen))
f51d790b 742 return 0;
cbaf82cc
JT		 743 }
744
745 if (options_seen != push_options->nr)
746 retval = 0;
747
cbaf82cc
JT		 748 return retval;
749}
750
a85b377d
JH		 751static void prepare_push_cert_sha1(struct child_process *proc)
752{
753 static int already_done;
a85b377d
JH		 754
755 if (!push_cert.len)
756 return;
757
758 if (!already_done) {
d05b9618
JH		 759 int bogs /* beginning_of_gpg_sig */;
760
a85b377d 761 already_done = 1;
c80d226a 762 if (write_object_file(push_cert.buf, push_cert.len, OBJ_BLOB,
a09c985e 763 &push_cert_oid))
9da95bda 764 oidclr(&push_cert_oid, the_repository->hash_algo);
d05b9618
JH		 765
766 memset(&sigcheck, '\0', sizeof(sigcheck));
d05b9618 767
482c1191 768 bogs = parse_signed_buffer(push_cert.buf, push_cert.len);
02769437
FS		 769 sigcheck.payload = xmemdupz(push_cert.buf, bogs);
770 sigcheck.payload_len = bogs;
771 check_signature(&sigcheck, push_cert.buf + bogs,
772 push_cert.len - bogs);
d05b9618 773
020456cb 774 nonce_status = check_nonce(sigcheck.payload);
a85b377d 775 }
a09c985e 776 if (!is_null_oid(&push_cert_oid)) {
29fda24d 777 strvec_pushf(&proc->env, "GIT_PUSH_CERT=%s",
f6d8942b 778 oid_to_hex(&push_cert_oid));
29fda24d 779 strvec_pushf(&proc->env, "GIT_PUSH_CERT_SIGNER=%s",
f6d8942b 780 sigcheck.signer ? sigcheck.signer : "");
29fda24d 781 strvec_pushf(&proc->env, "GIT_PUSH_CERT_KEY=%s",
f6d8942b 782 sigcheck.key ? sigcheck.key : "");
29fda24d 783 strvec_pushf(&proc->env, "GIT_PUSH_CERT_STATUS=%c",
f6d8942b 784 sigcheck.result);
b89363e4 785 if (push_cert_nonce) {
29fda24d 786 strvec_pushf(&proc->env,
f6d8942b
JK		 787 "GIT_PUSH_CERT_NONCE=%s",
788 push_cert_nonce);
29fda24d 789 strvec_pushf(&proc->env,
f6d8942b
JK		 790 "GIT_PUSH_CERT_NONCE_STATUS=%s",
791 nonce_status);
5732373d 792 if (nonce_status == NONCE_SLOP)
29fda24d 793 strvec_pushf(&proc->env,
f6d8942b
JK		 794 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
795 nonce_stamp_slop);
b89363e4 796 }
a85b377d
JH		 797 }
798}
799
77a9745d
SB		 800struct receive_hook_feed_state {
801 struct command *cmd;
195d6eae 802 struct ref_push_report *report;
77a9745d
SB		 803 int skip_broken;
804 struct strbuf buf;
805 const struct string_list *push_options;
806};
807
9684e44a 808typedef int (*feed_fn)(void *, const char **, size_t *);
77a9745d
SB		 809static int run_and_feed_hook(const char *hook_name, feed_fn feed,
810 struct receive_hook_feed_state *feed_state)
b1bf95bb 811{
d3180279 812 struct child_process proc = CHILD_PROCESS_INIT;
6d525d38 813 struct async muxer;
9684e44a 814 int code;
169c9797 815 const char *hook_path = find_hook(the_repository, hook_name);
b1bf95bb 816
7f14609e 817 if (!hook_path)
b1bf95bb 818 return 0;
c8dd2771 819
7f14609e 820 strvec_push(&proc.args, hook_path);
f43cd49f
SP		 821 proc.in = -1;
822 proc.stdout_to_stderr = 1;
6206286e
JH		 823 proc.trace2_hook_name = hook_name;
824
77a9745d 825 if (feed_state->push_options) {
99d60545 826 size_t i;
77a9745d 827 for (i = 0; i < feed_state->push_options->nr; i++)
29fda24d 828 strvec_pushf(&proc.env,
99d60545
ÆAB		 829 "GIT_PUSH_OPTION_%"PRIuMAX"=%s",
830 (uintmax_t)i,
f6d8942b 831 feed_state->push_options->items[i].string);
29fda24d 832 strvec_pushf(&proc.env, "GIT_PUSH_OPTION_COUNT=%"PRIuMAX"",
99d60545 833 (uintmax_t)feed_state->push_options->nr);
77a9745d 834 } else
29fda24d 835 strvec_pushf(&proc.env, "GIT_PUSH_OPTION_COUNT");
f43cd49f 836
722ff7f8 837 if (tmp_objdir)
29fda24d 838 strvec_pushv(&proc.env, tmp_objdir_env(tmp_objdir));
722ff7f8 839
6d525d38
SP		 840 if (use_sideband) {
841 memset(&muxer, 0, sizeof(muxer));
842 muxer.proc = copy_to_sideband;
843 muxer.in = -1;
844 code = start_async(&muxer);
845 if (code)
846 return code;
847 proc.err = muxer.in;
848 }
849
5d222c09
RS		 850 prepare_push_cert_sha1(&proc);
851
f43cd49f 852 code = start_command(&proc);
6d525d38
SP		 853 if (code) {
854 if (use_sideband)
855 finish_async(&muxer);
90e41a89 856 return code;
6d525d38
SP		 857 }
858
ec7dbd14
JH		 859 sigchain_push(SIGPIPE, SIG_IGN);
860
9684e44a
JH		 861 while (1) {
862 const char *buf;
863 size_t n;
864 if (feed(feed_state, &buf, &n))
865 break;
06f46f23 866 if (write_in_full(proc.in, buf, n) < 0)
9684e44a 867 break;
c8dd2771 868 }
e72ae288 869 close(proc.in);
6d525d38
SP		 870 if (use_sideband)
871 finish_async(&muxer);
ec7dbd14
JH		 872
873 sigchain_pop(SIGPIPE);
874
90e41a89 875 return finish_command(&proc);
b1bf95bb
JW		 876}
877
9684e44a
JH		 878static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
879{
880 struct receive_hook_feed_state *state = state_;
881 struct command *cmd = state->cmd;
882
cdc2b2f3
JH		 883 while (cmd &&
884 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
9684e44a
JH		 885 cmd = cmd->next;
886 if (!cmd)
887 return -1; /* EOF */
195d6eae
JX		 888 if (!bufp)
889 return 0; /* OK, can feed something. */
9684e44a 890 strbuf_reset(&state->buf);
195d6eae
JX		 891 if (!state->report)
892 state->report = cmd->report;
893 if (state->report) {
894 struct object_id *old_oid;
895 struct object_id *new_oid;
896 const char *ref_name;
897
898 old_oid = state->report->old_oid ? state->report->old_oid : &cmd->old_oid;
899 new_oid = state->report->new_oid ? state->report->new_oid : &cmd->new_oid;
900 ref_name = state->report->ref_name ? state->report->ref_name : cmd->ref_name;
901 strbuf_addf(&state->buf, "%s %s %s\n",
902 oid_to_hex(old_oid), oid_to_hex(new_oid),
903 ref_name);
904 state->report = state->report->next;
905 if (!state->report)
906 state->cmd = cmd->next;
907 } else {
908 strbuf_addf(&state->buf, "%s %s %s\n",
909 oid_to_hex(&cmd->old_oid), oid_to_hex(&cmd->new_oid),
910 cmd->ref_name);
911 state->cmd = cmd->next;
912 }
9684e44a
JH		 913 if (bufp) {
914 *bufp = state->buf.buf;
915 *sizep = state->buf.len;
916 }
917 return 0;
918}
919
77a9745d
SB		 920static int run_receive_hook(struct command *commands,
921 const char *hook_name,
922 int skip_broken,
923 const struct string_list *push_options)
9684e44a
JH		 924{
925 struct receive_hook_feed_state state;
926 int status;
927
928 strbuf_init(&state.buf, 0);
929 state.cmd = commands;
cdc2b2f3 930 state.skip_broken = skip_broken;
195d6eae 931 state.report = NULL;
9684e44a
JH		 932 if (feed_receive_hook(&state, NULL, NULL))
933 return 0;
934 state.cmd = commands;
77a9745d 935 state.push_options = push_options;
9684e44a
JH		 936 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
937 strbuf_release(&state.buf);
938 return status;
939}
940
1d9e8b56
SP		 941static int run_update_hook(struct command *cmd)
942{
d3180279 943 struct child_process proc = CHILD_PROCESS_INIT;
6d525d38 944 int code;
169c9797 945 const char *hook_path = find_hook(the_repository, "update");
1d9e8b56 946
7f14609e 947 if (!hook_path)
1d9e8b56
SP		 948 return 0;
949
7f14609e
ÆAB		 950 strvec_push(&proc.args, hook_path);
951 strvec_push(&proc.args, cmd->ref_name);
952 strvec_push(&proc.args, oid_to_hex(&cmd->old_oid));
953 strvec_push(&proc.args, oid_to_hex(&cmd->new_oid));
1d9e8b56 954
6d525d38
SP		 955 proc.no_stdin = 1;
956 proc.stdout_to_stderr = 1;
957 proc.err = use_sideband ? -1 : 0;
6206286e 958 proc.trace2_hook_name = "update";
6d525d38
SP		 959
960 code = start_command(&proc);
961 if (code)
962 return code;
963 if (use_sideband)
964 copy_to_sideband(proc.err, -1, NULL);
965 return finish_command(&proc);
1d9e8b56
SP		 966}
967
15d3af5e
JX		 968static struct command *find_command_by_refname(struct command *list,
969 const char *refname)
970{
971 for (; list; list = list->next)
972 if (!strcmp(list->ref_name, refname))
973 return list;
974 return NULL;
975}
976
977static int read_proc_receive_report(struct packet_reader *reader,
978 struct command *commands,
979 struct strbuf *errmsg)
980{
981 struct command *cmd;
982 struct command *hint = NULL;
983 struct ref_push_report *report = NULL;
984 int new_report = 0;
985 int code = 0;
986 int once = 0;
f65003b4 987 int response = 0;
15d3af5e
JX		 988
989 for (;;) {
990 struct object_id old_oid, new_oid;
991 const char *head;
992 const char *refname;
993 char *p;
f65003b4
JX		 994 enum packet_read_status status;
995
996 status = packet_reader_read(reader);
997 if (status != PACKET_READ_NORMAL) {
998 /* Check whether proc-receive exited abnormally */
999 if (status == PACKET_READ_EOF && !response) {
1000 strbuf_addstr(errmsg, "proc-receive exited abnormally");
1001 return -1;
1002 }
15d3af5e 1003 break;
f65003b4
JX		 1004 }
1005 response++;
15d3af5e
JX		 1006
1007 head = reader->line;
1008 p = strchr(head, ' ');
1009 if (!p) {
1010 strbuf_addf(errmsg, "proc-receive reported incomplete status line: '%s'\n", head);
1011 code = -1;
1012 continue;
1013 }
1014 *p++ = '\0';
1015 if (!strcmp(head, "option")) {
1016 const char *key, *val;
1017
1018 if (!hint || !(report || new_report)) {
1019 if (!once++)
1020 strbuf_addstr(errmsg, "proc-receive reported 'option' without a matching 'ok/ng' directive\n");
1021 code = -1;
1022 continue;
1023 }
1024 if (new_report) {
1025 if (!hint->report) {
ca56dadb 1026 CALLOC_ARRAY(hint->report, 1);
15d3af5e
JX		 1027 report = hint->report;
1028 } else {
1029 report = hint->report;
1030 while (report->next)
1031 report = report->next;
1032 report->next = xcalloc(1, sizeof(struct ref_push_report));
1033 report = report->next;
1034 }
1035 new_report = 0;
1036 }
1037 key = p;
1038 p = strchr(key, ' ');
1039 if (p)
1040 *p++ = '\0';
1041 val = p;
1042 if (!strcmp(key, "refname"))
1043 report->ref_name = xstrdup_or_null(val);
1044 else if (!strcmp(key, "old-oid") && val &&
1045 !parse_oid_hex(val, &old_oid, &val))
1046 report->old_oid = oiddup(&old_oid);
1047 else if (!strcmp(key, "new-oid") && val &&
1048 !parse_oid_hex(val, &new_oid, &val))
1049 report->new_oid = oiddup(&new_oid);
1050 else if (!strcmp(key, "forced-update"))
1051 report->forced_update = 1;
1052 else if (!strcmp(key, "fall-through"))
1053 /* Fall through, let 'receive-pack' to execute it. */
1054 hint->run_proc_receive = 0;
1055 continue;
1056 }
1057
1058 report = NULL;
1059 new_report = 0;
1060 refname = p;
1061 p = strchr(refname, ' ');
1062 if (p)
1063 *p++ = '\0';
1064 if (strcmp(head, "ok") && strcmp(head, "ng")) {
1065 strbuf_addf(errmsg, "proc-receive reported bad status '%s' on ref '%s'\n",
1066 head, refname);
1067 code = -1;
1068 continue;
1069 }
1070
1071 /* first try searching at our hint, falling back to all refs */
1072 if (hint)
1073 hint = find_command_by_refname(hint, refname);
1074 if (!hint)
1075 hint = find_command_by_refname(commands, refname);
1076 if (!hint) {
1077 strbuf_addf(errmsg, "proc-receive reported status on unknown ref: %s\n",
1078 refname);
1079 code = -1;
1080 continue;
1081 }
1082 if (!hint->run_proc_receive) {
1083 strbuf_addf(errmsg, "proc-receive reported status on unexpected ref: %s\n",
1084 refname);
1085 code = -1;
1086 continue;
1087 }
1088 hint->run_proc_receive |= RUN_PROC_RECEIVE_RETURNED;
1089 if (!strcmp(head, "ng")) {
1090 if (p)
a6c30623 1091 hint->error_string = hint->error_string_owned = xstrdup(p);
15d3af5e
JX		 1092 else
1093 hint->error_string = "failed";
1094 code = -1;
1095 continue;
1096 }
1097 new_report = 1;
1098 }
1099
1100 for (cmd = commands; cmd; cmd = cmd->next)
1101 if (cmd->run_proc_receive && !cmd->error_string &&
1102 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED)) {
1103 cmd->error_string = "proc-receive failed to report status";
1104 code = -1;
1105 }
1106 return code;
1107}
1108
1109static int run_proc_receive_hook(struct command *commands,
1110 const struct string_list *push_options)
1111{
1112 struct child_process proc = CHILD_PROCESS_INIT;
1113 struct async muxer;
1114 struct command *cmd;
15d3af5e
JX		 1115 struct packet_reader reader;
1116 struct strbuf cap = STRBUF_INIT;
1117 struct strbuf errmsg = STRBUF_INIT;
1118 int hook_use_push_options = 0;
1119 int version = 0;
1120 int code;
169c9797 1121 const char *hook_path = find_hook(the_repository, "proc-receive");
15d3af5e 1122
7f14609e 1123 if (!hook_path) {
15d3af5e
JX		 1124 rp_error("cannot find hook 'proc-receive'");
1125 return -1;
1126 }
15d3af5e 1127
7f14609e 1128 strvec_push(&proc.args, hook_path);
15d3af5e
JX		 1129 proc.in = -1;
1130 proc.out = -1;
1131 proc.trace2_hook_name = "proc-receive";
1132
1133 if (use_sideband) {
1134 memset(&muxer, 0, sizeof(muxer));
1135 muxer.proc = copy_to_sideband;
1136 muxer.in = -1;
1137 code = start_async(&muxer);
1138 if (code)
1139 return code;
1140 proc.err = muxer.in;
1141 } else {
1142 proc.err = 0;
1143 }
1144
1145 code = start_command(&proc);
1146 if (code) {
1147 if (use_sideband)
1148 finish_async(&muxer);
1149 return code;
1150 }
1151
1152 sigchain_push(SIGPIPE, SIG_IGN);
1153
1154 /* Version negotiaton */
1155 packet_reader_init(&reader, proc.out, NULL, 0,
1156 PACKET_READ_CHOMP_NEWLINE |
1157 PACKET_READ_GENTLE_ON_EOF);
1158 if (use_atomic)
1159 strbuf_addstr(&cap, " atomic");
1160 if (use_push_options)
1161 strbuf_addstr(&cap, " push-options");
1162 if (cap.len) {
f65003b4 1163 code = packet_write_fmt_gently(proc.in, "version=1%c%s\n", '\0', cap.buf + 1);
15d3af5e
JX		 1164 strbuf_release(&cap);
1165 } else {
f65003b4 1166 code = packet_write_fmt_gently(proc.in, "version=1\n");
15d3af5e 1167 }
f65003b4
JX		 1168 if (!code)
1169 code = packet_flush_gently(proc.in);
1170
1171 if (!code)
1172 for (;;) {
1173 int linelen;
1174 enum packet_read_status status;
1175
1176 status = packet_reader_read(&reader);
1177 if (status != PACKET_READ_NORMAL) {
1178 /* Check whether proc-receive exited abnormally */
1179 if (status == PACKET_READ_EOF)
1180 code = -1;
1181 break;
1182 }
15d3af5e 1183
f65003b4
JX		 1184 if (reader.pktlen > 8 && starts_with(reader.line, "version=")) {
1185 version = atoi(reader.line + 8);
1186 linelen = strlen(reader.line);
1187 if (linelen < reader.pktlen) {
1188 const char *feature_list = reader.line + linelen + 1;
1189 if (parse_feature_request(feature_list, "push-options"))
1190 hook_use_push_options = 1;
1191 }
15d3af5e
JX		 1192 }
1193 }
f65003b4
JX		 1194
1195 if (code) {
1196 strbuf_addstr(&errmsg, "fail to negotiate version with proc-receive hook");
1197 goto cleanup;
15d3af5e
JX		 1198 }
1199
80ffeb94
JX		 1200 switch (version) {
1201 case 0:
1202 /* fallthrough */
1203 case 1:
1204 break;
1205 default:
15d3af5e
JX		 1206 strbuf_addf(&errmsg, "proc-receive version '%d' is not supported",
1207 version);
1208 code = -1;
1209 goto cleanup;
1210 }
1211
1212 /* Send commands */
1213 for (cmd = commands; cmd; cmd = cmd->next) {
1214 if (!cmd->run_proc_receive || cmd->skip_update || cmd->error_string)
1215 continue;
f65003b4
JX		 1216 code = packet_write_fmt_gently(proc.in, "%s %s %s",
1217 oid_to_hex(&cmd->old_oid),
1218 oid_to_hex(&cmd->new_oid),
1219 cmd->ref_name);
1220 if (code)
1221 break;
1222 }
1223 if (!code)
1224 code = packet_flush_gently(proc.in);
1225 if (code) {
1226 strbuf_addstr(&errmsg, "fail to write commands to proc-receive hook");
1227 goto cleanup;
15d3af5e 1228 }
15d3af5e
JX		 1229
1230 /* Send push options */
1231 if (hook_use_push_options) {
1232 struct string_list_item *item;
1233
f65003b4
JX		 1234 for_each_string_list_item(item, push_options) {
1235 code = packet_write_fmt_gently(proc.in, "%s", item->string);
1236 if (code)
1237 break;
1238 }
1239 if (!code)
1240 code = packet_flush_gently(proc.in);
1241 if (code) {
1242 strbuf_addstr(&errmsg,
1243 "fail to write push-options to proc-receive hook");
1244 goto cleanup;
1245 }
15d3af5e
JX		 1246 }
1247
1248 /* Read result from proc-receive */
1249 code = read_proc_receive_report(&reader, commands, &errmsg);
1250
1251cleanup:
1252 close(proc.in);
1253 close(proc.out);
1254 if (use_sideband)
1255 finish_async(&muxer);
1256 if (finish_command(&proc))
1257 code = -1;
1258 if (errmsg.len >0) {
1259 char *p = errmsg.buf;
1260
1261 p += errmsg.len - 1;
1262 if (*p == '\n')
1263 *p = '\0';
1264 rp_error("%s", errmsg.buf);
1265 strbuf_release(&errmsg);
1266 }
1267 sigchain_pop(SIGPIPE);
1268
1269 return code;
1270}
1271
b567004b 1272static const char *refuse_unconfigured_deny_msg =
8ba35a2d
VA		 1273 N_("By default, updating the current branch in a non-bare repository\n"
1274 "is denied, because it will make the index and work tree inconsistent\n"
1275 "with what you pushed, and will require 'git reset --hard' to match\n"
1276 "the work tree to HEAD.\n"
1277 "\n"
2ddaa427
AH		 1278 "You can set the 'receive.denyCurrentBranch' configuration variable\n"
1279 "to 'ignore' or 'warn' in the remote repository to allow pushing into\n"
8ba35a2d
VA		 1280 "its current branch; however, this is not recommended unless you\n"
1281 "arranged to update its work tree to match what you pushed in some\n"
1282 "other way.\n"
1283 "\n"
1284 "To squelch this message and still keep the default behaviour, set\n"
1285 "'receive.denyCurrentBranch' configuration variable to 'refuse'.");
3d95d92b 1286
acd2a45b 1287static void refuse_unconfigured_deny(void)
3d95d92b 1288{
8ba35a2d 1289 rp_error("%s", _(refuse_unconfigured_deny_msg));
3d95d92b
JH		 1290}
1291
b567004b 1292static const char *refuse_unconfigured_deny_delete_current_msg =
8ba35a2d
VA		 1293 N_("By default, deleting the current branch is denied, because the next\n"
1294 "'git clone' won't result in any file checked out, causing confusion.\n"
1295 "\n"
1296 "You can set 'receive.denyDeleteCurrent' configuration variable to\n"
1297 "'warn' or 'ignore' in the remote repository to allow deleting the\n"
1298 "current branch, with or without a warning message.\n"
1299 "\n"
1300 "To squelch this message, you can set it to 'refuse'.");
747ca245 1301
375881fa 1302static void refuse_unconfigured_deny_delete_current(void)
747ca245 1303{
8ba35a2d 1304 rp_error("%s", _(refuse_unconfigured_deny_delete_current_msg));
747ca245
JH		 1305}
1306
9fec7b21 1307static const struct object_id *command_singleton_iterator(void *cb_data);
0a1bc12b
NTND		 1308static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
1309{
cac4b8e2 1310 struct shallow_lock shallow_lock = SHALLOW_LOCK_INIT;
910650d2 1311 struct oid_array extra = OID_ARRAY_INIT;
7043c707 1312 struct check_connected_options opt = CHECK_CONNECTED_INIT;
0a1bc12b
NTND		 1313 uint32_t mask = 1 << (cmd->index % 32);
1314 int i;
1315
6aa30857 1316 trace_printf_key(&trace_shallow,
0a1bc12b
NTND		 1317 "shallow: update_shallow_ref %s\n", cmd->ref_name);
1318 for (i = 0; i < si->shallow->nr; i++)
1319 if (si->used_shallow[i] &&
1320 (si->used_shallow[i][cmd->index / 32] & mask) &&
1321 !delayed_reachability_test(si, i))
910650d2 1322 oid_array_append(&extra, &si->shallow->oid[i]);
0a1bc12b 1323
722ff7f8 1324 opt.env = tmp_objdir_env(tmp_objdir);
7043c707
JK		 1325 setup_alternate_shallow(&shallow_lock, &opt.shallow_file, &extra);
1326 if (check_connected(command_singleton_iterator, cmd, &opt)) {
37b9dcab 1327 rollback_shallow_file(the_repository, &shallow_lock);
910650d2 1328 oid_array_clear(&extra);
0a1bc12b
NTND		 1329 return -1;
1330 }
1331
37b9dcab 1332 commit_shallow_file(the_repository, &shallow_lock);
0a1bc12b
NTND		 1333
1334 /*
1335 * Make sure setup_alternate_shallow() for the next ref does
1336 * not lose these new roots..
1337 */
1338 for (i = 0; i < extra.nr; i++)
19143f13 1339 register_shallow(the_repository, &extra.oid[i]);
0a1bc12b
NTND		 1340
1341 si->shallow_ref[cmd->index] = 0;
910650d2 1342 oid_array_clear(&extra);
0a1bc12b
NTND		 1343 return 0;
1344}
1345
1a51b524 1346/*
ed4d4f38 1347 * NEEDSWORK: we should consolidate various implementations of "are we
1a51b524
JH		 1348 * on an unborn branch?" test into one, and make the unified one more
1349 * robust. !get_sha1() based check used here and elsewhere would not
1350 * allow us to tell an unborn branch from corrupt ref, for example.
1351 * For the purpose of fixing "deploy-to-update does not work when
1352 * pushing into an empty repository" issue, this should suffice for
1353 * now.
1354 */
1355static int head_has_history(void)
1356{
15be4a5d 1357 struct object_id oid;
1a51b524 1358
d850b7a5 1359 return !repo_get_oid(the_repository, "HEAD", &oid);
1a51b524
JH		 1360}
1361
21b138d0 1362static const char *push_to_deploy(unsigned char *sha1,
22f9b7f3 1363 struct strvec *env,
21b138d0 1364 const char *work_tree)
1404bcbb 1365{
1404bcbb
JS		 1366 struct child_process child = CHILD_PROCESS_INIT;
1367
2b709893
ÆAB		 1368 strvec_pushl(&child.args, "update-index", "-q", "--ignore-submodules",
1369 "--refresh", NULL);
29fda24d 1370 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1371 child.dir = work_tree;
1372 child.no_stdin = 1;
1373 child.stdout_to_stderr = 1;
1374 child.git_cmd = 1;
21b138d0 1375 if (run_command(&child))
1404bcbb 1376 return "Up-to-date check failed";
1404bcbb
JS		 1377
1378 /* run_command() does not clean up completely; reinitialize */
1379 child_process_init(&child);
2b709893
ÆAB		 1380 strvec_pushl(&child.args, "diff-files", "--quiet",
1381 "--ignore-submodules", "--", NULL);
29fda24d 1382 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1383 child.dir = work_tree;
1384 child.no_stdin = 1;
1385 child.stdout_to_stderr = 1;
1386 child.git_cmd = 1;
21b138d0 1387 if (run_command(&child))
1404bcbb 1388 return "Working directory has unstaged changes";
1404bcbb
JS		 1389
1390 child_process_init(&child);
2b709893
ÆAB		 1391 strvec_pushl(&child.args, "diff-index", "--quiet", "--cached",
1392 "--ignore-submodules",
1393 /* diff-index with either HEAD or an empty tree */
7abbca0e 1394 head_has_history() ? "HEAD" : empty_tree_oid_hex(the_repository->hash_algo),
2b709893 1395 "--", NULL);
29fda24d 1396 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1397 child.no_stdin = 1;
1398 child.no_stdout = 1;
1399 child.stdout_to_stderr = 0;
1400 child.git_cmd = 1;
21b138d0 1401 if (run_command(&child))
1404bcbb 1402 return "Working directory has staged changes";
1404bcbb 1403
1404bcbb 1404 child_process_init(&child);
2b709893
ÆAB		 1405 strvec_pushl(&child.args, "read-tree", "-u", "-m", hash_to_hex(sha1),
1406 NULL);
29fda24d 1407 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1408 child.dir = work_tree;
1409 child.no_stdin = 1;
1410 child.no_stdout = 1;
1411 child.stdout_to_stderr = 0;
1412 child.git_cmd = 1;
21b138d0 1413 if (run_command(&child))
1404bcbb 1414 return "Could not update working tree to new HEAD";
1404bcbb 1415
1404bcbb
JS		 1416 return NULL;
1417}
1418
08553319
JH		 1419static const char *push_to_checkout_hook = "push-to-checkout";
1420
fc06be3b 1421static const char *push_to_checkout(unsigned char *hash,
a8cc5943 1422 int *invoked_hook,
22f9b7f3 1423 struct strvec *env,
08553319
JH		 1424 const char *work_tree)
1425{
306f445e 1426 struct run_hooks_opt opt = RUN_HOOKS_OPT_INIT;
a8cc5943 1427 opt.invoked_hook = invoked_hook;
306f445e 1428
22f9b7f3 1429 strvec_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
306f445e
ES		 1430 strvec_pushv(&opt.env, env->v);
1431 strvec_push(&opt.args, hash_to_hex(hash));
169c9797 1432 if (run_hooks_opt(the_repository, push_to_checkout_hook, &opt))
08553319
JH		 1433 return "push-to-checkout hook declined";
1434 else
1435 return NULL;
1436}
1437
4ef34648 1438static const char *update_worktree(unsigned char *sha1, const struct worktree *worktree)
21b138d0 1439{
8e4710f0
PS		 1440 const char *retval;
1441 char *git_dir;
22f9b7f3 1442 struct strvec env = STRVEC_INIT;
a8cc5943 1443 int invoked_hook;
21b138d0 1444
38baae6c
AK		 1445 if (!worktree || !worktree->path)
1446 BUG("worktree->path must be non-NULL");
4ef34648 1447
9fdf4f1d 1448 if (worktree->is_bare)
21b138d0 1449 return "denyCurrentBranch = updateInstead needs a worktree";
38baae6c 1450 git_dir = get_worktree_git_dir(worktree);
21b138d0 1451
22f9b7f3 1452 strvec_pushf(&env, "GIT_DIR=%s", absolute_path(git_dir));
21b138d0 1453
a8cc5943
ÆAB		 1454 retval = push_to_checkout(sha1, &invoked_hook, &env, worktree->path);
1455 if (!invoked_hook)
38baae6c 1456 retval = push_to_deploy(sha1, &env, worktree->path);
21b138d0 1457
22f9b7f3 1458 strvec_clear(&env);
8e4710f0 1459 free(git_dir);
21b138d0
JH		 1460 return retval;
1461}
1462
0a1bc12b 1463static const char *update(struct command *cmd, struct shallow_info *si)
2eca23da 1464{
cfee10a7 1465 const char *name = cmd->ref_name;
6b01ecfe 1466 struct strbuf namespaced_name_buf = STRBUF_INIT;
bda6e828
JS		 1467 static char *namespaced_name;
1468 const char *ret;
9c44ea44 1469 struct object_id *old_oid = &cmd->old_oid;
1470 struct object_id *new_oid = &cmd->new_oid;
b072a25f 1471 int do_update_worktree = 0;
c8dd491f
AK		 1472 struct worktree **worktrees = get_worktrees();
1473 const struct worktree *worktree =
9fdf4f1d 1474 find_shared_symref(worktrees, "HEAD", name);
2eca23da 1475
061d6b9a 1476 /* only refs/... are allowed */
7c3c5502
ZH		 1477 if (!starts_with(name, "refs/") ||
1478 check_refname_format(name + 5, is_null_oid(new_oid) ?
1479 REFNAME_ALLOW_ONELEVEL : 0)) {
d81ba50a 1480 rp_error("refusing to update funny ref '%s' remotely", name);
c8dd491f
AK		 1481 ret = "funny refname";
1482 goto out;
cfee10a7 1483 }
d8a1deec 1484
6b01ecfe 1485 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
bda6e828 1486 free(namespaced_name);
6b01ecfe
JT		 1487 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
1488
9fdf4f1d 1489 if (worktree && !worktree->is_bare) {
3d95d92b
JH		 1490 switch (deny_current_branch) {
1491 case DENY_IGNORE:
986e8239 1492 break;
3d95d92b 1493 case DENY_WARN:
466dbc42 1494 rp_warning("updating the current branch");
986e8239 1495 break;
3d95d92b 1496 case DENY_REFUSE:
acd2a45b 1497 case DENY_UNCONFIGURED:
466dbc42 1498 rp_error("refusing to update checked out branch: %s", name);
acd2a45b
JH		 1499 if (deny_current_branch == DENY_UNCONFIGURED)
1500 refuse_unconfigured_deny();
c8dd491f
AK		 1501 ret = "branch is currently checked out";
1502 goto out;
1404bcbb 1503 case DENY_UPDATE_INSTEAD:
b072a25f
JH		 1504 /* pass -- let other checks intervene first */
1505 do_update_worktree = 1;
1404bcbb 1506 break;
3d95d92b 1507 }
986e8239
JK		 1508 }
1509
062b914c
PS		 1510 if (!is_null_oid(new_oid) &&
1511 !has_object(the_repository, new_oid,
1512 HAS_OBJECT_RECHECK_PACKED | HAS_OBJECT_FETCH_PROMISOR)) {
8aaf7d64 1513 error("unpack should have generated %s, "
9c44ea44 1514 "but I can't find it!", oid_to_hex(new_oid));
c8dd491f
AK		 1515 ret = "bad pack";
1516 goto out;
cfee10a7 1517 }
747ca245 1518
9c44ea44 1519 if (!is_null_oid(old_oid) && is_null_oid(new_oid)) {
59556548 1520 if (deny_deletes && starts_with(name, "refs/heads/")) {
466dbc42 1521 rp_error("denying ref deletion for %s", name);
c8dd491f
AK		 1522 ret = "deletion prohibited";
1523 goto out;
747ca245
JH		 1524 }
1525
4ef34648 1526 if (worktree || (head_name && !strcmp(namespaced_name, head_name))) {
747ca245
JH		 1527 switch (deny_delete_current) {
1528 case DENY_IGNORE:
1529 break;
1530 case DENY_WARN:
466dbc42 1531 rp_warning("deleting the current branch");
747ca245
JH		 1532 break;
1533 case DENY_REFUSE:
375881fa 1534 case DENY_UNCONFIGURED:
1404bcbb 1535 case DENY_UPDATE_INSTEAD:
375881fa
JH		 1536 if (deny_delete_current == DENY_UNCONFIGURED)
1537 refuse_unconfigured_deny_delete_current();
466dbc42 1538 rp_error("refusing to delete the current branch: %s", name);
c8dd491f
AK		 1539 ret = "deletion of the current branch prohibited";
1540 goto out;
1404bcbb 1541 default:
c8dd491f
AK		 1542 ret = "Invalid denyDeleteCurrent setting";
1543 goto out;
747ca245
JH		 1544 }
1545 }
a240de11 1546 }
747ca245 1547
9c44ea44 1548 if (deny_non_fast_forwards && !is_null_oid(new_oid) &&
1549 !is_null_oid(old_oid) &&
59556548 1550 starts_with(name, "refs/heads/")) {
eab82707 1551 struct object *old_object, *new_object;
11031d7e 1552 struct commit *old_commit, *new_commit;
24876ebf 1553 int ret2;
11031d7e 1554
109cd76d
SB		 1555 old_object = parse_object(the_repository, old_oid);
1556 new_object = parse_object(the_repository, new_oid);
eab82707
MK		 1557
1558 if (!old_object || !new_object ||
1559 old_object->type != OBJ_COMMIT ||
1560 new_object->type != OBJ_COMMIT) {
1561 error("bad sha1 objects for %s", name);
c8dd491f
AK		 1562 ret = "bad ref";
1563 goto out;
eab82707
MK		 1564 }
1565 old_commit = (struct commit *)old_object;
1566 new_commit = (struct commit *)new_object;
24876ebf
JS		 1567 ret2 = repo_in_merge_bases(the_repository, old_commit, new_commit);
1568 if (ret2 < 0)
1569 exit(128);
1570 if (!ret2) {
466dbc42
SP		 1571 rp_error("denying non-fast-forward %s"
1572 " (you should pull first)", name);
c8dd491f
AK		 1573 ret = "non-fast-forward";
1574 goto out;
8aaf7d64 1575 }
11031d7e 1576 }
1d9e8b56 1577 if (run_update_hook(cmd)) {
466dbc42 1578 rp_error("hook declined to update %s", name);
c8dd491f
AK		 1579 ret = "hook declined";
1580 goto out;
b1bf95bb 1581 }
3159c8dc 1582
b072a25f 1583 if (do_update_worktree) {
38baae6c 1584 ret = update_worktree(new_oid->hash, worktree);
b072a25f 1585 if (ret)
c8dd491f 1586 goto out;
b072a25f
JH		 1587 }
1588
9c44ea44 1589 if (is_null_oid(new_oid)) {
222368c6 1590 struct strbuf err = STRBUF_INIT;
109cd76d 1591 if (!parse_object(the_repository, old_oid)) {
9c44ea44 1592 old_oid = NULL;
2e5c4758 1593 if (refs_ref_exists(get_main_ref_store(the_repository), name)) {
c25edee9 1594 rp_warning("allowing deletion of corrupt ref");
160b81ed 1595 } else {
c25edee9 1596 rp_warning("deleting a non-existent ref");
160b81ed
PYH		 1597 cmd->did_not_exist = 1;
1598 }
28391a80 1599 }
222368c6
SB		 1600 if (ref_transaction_delete(transaction,
1601 namespaced_name,
89f3bbdd 1602 old_oid,
23437209
KN		 1603 NULL, 0,
1604 "push", &err)) {
222368c6 1605 rp_error("%s", err.buf);
c8dd491f
AK		 1606 ret = "failed to delete";
1607 } else {
1608 ret = NULL; /* good */
d4f694ba 1609 }
222368c6 1610 strbuf_release(&err);
d4f694ba
JH		 1611 }
1612 else {
6629ea2d 1613 struct strbuf err = STRBUF_INIT;
0a1bc12b 1614 if (shallow_update && si->shallow_ref[cmd->index] &&
c8dd491f
AK		 1615 update_shallow_ref(cmd, si)) {
1616 ret = "shallow error";
1617 goto out;
1618 }
0a1bc12b 1619
222368c6
SB		 1620 if (ref_transaction_update(transaction,
1621 namespaced_name,
89f3bbdd 1622 new_oid, old_oid,
1bc4cc3f 1623 NULL, NULL,
1d147bdf 1624 0, "push",
222368c6 1625 &err)) {
6629ea2d 1626 rp_error("%s", err.buf);
c8dd491f
AK		 1627 ret = "failed to update ref";
1628 } else {
1629 ret = NULL; /* good */
ef203f08 1630 }
6629ea2d 1631 strbuf_release(&err);
19614330 1632 }
c8dd491f
AK		 1633
1634out:
1635 free_worktrees(worktrees);
1636 return ret;
2eca23da
LT		 1637}
1638
5e1c71fd 1639static void run_update_post_hook(struct command *commands)
19614330 1640{
5e1c71fd 1641 struct command *cmd;
d3180279 1642 struct child_process proc = CHILD_PROCESS_INIT;
dcf69262 1643 const char *hook;
19614330 1644
169c9797 1645 hook = find_hook(the_repository, "post-update");
dce96c41 1646 if (!hook)
3e6e152c 1647 return;
5a7da2dc 1648
850d2fec 1649 for (cmd = commands; cmd; cmd = cmd->next) {
160b81ed 1650 if (cmd->error_string || cmd->did_not_exist)
19614330 1651 continue;
d70a9eb6 1652 if (!proc.args.nr)
22f9b7f3
JK		 1653 strvec_push(&proc.args, hook);
1654 strvec_push(&proc.args, cmd->ref_name);
19614330 1655 }
d70a9eb6 1656 if (!proc.args.nr)
dce96c41 1657 return;
6d525d38 1658
6d525d38
SP		 1659 proc.no_stdin = 1;
1660 proc.stdout_to_stderr = 1;
1661 proc.err = use_sideband ? -1 : 0;
6206286e 1662 proc.trace2_hook_name = "post-update";
6d525d38
SP		 1663
1664 if (!start_command(&proc)) {
1665 if (use_sideband)
1666 copy_to_sideband(proc.err, -1, NULL);
1667 finish_command(&proc);
1668 }
19614330 1669}
2eca23da 1670
99036237
ÆAB		 1671static void check_aliased_update_internal(struct command *cmd,
1672 struct string_list *list,
1673 const char *dst_name, int flag)
da3efdb1
JS		 1674{
1675 struct string_list_item *item;
1676 struct command *dst_cmd;
da3efdb1
JS		 1677
1678 if (!(flag & REF_ISSYMREF))
1679 return;
1680
6b01ecfe
JT		 1681 if (!dst_name) {
1682 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1683 cmd->skip_update = 1;
1684 cmd->error_string = "broken symref";
1685 return;
1686 }
ded83936 1687 dst_name = strip_namespace(dst_name);
6b01ecfe 1688
afe8a907 1689 if (!(item = string_list_lookup(list, dst_name)))
da3efdb1
JS		 1690 return;
1691
1692 cmd->skip_update = 1;
1693
1694 dst_cmd = (struct command *) item->util;
1695
4a7e27e9
JK		 1696 if (oideq(&cmd->old_oid, &dst_cmd->old_oid) &&
1697 oideq(&cmd->new_oid, &dst_cmd->new_oid))
da3efdb1
JS		 1698 return;
1699
1700 dst_cmd->skip_update = 1;
1701
da3efdb1
JS		 1702 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1703 " its target '%s' (%s..%s)",
ef2ed501 1704 cmd->ref_name,
d850b7a5
ÆAB		 1705 repo_find_unique_abbrev(the_repository, &cmd->old_oid, DEFAULT_ABBREV),
1706 repo_find_unique_abbrev(the_repository, &cmd->new_oid, DEFAULT_ABBREV),
ef2ed501 1707 dst_cmd->ref_name,
d850b7a5
ÆAB		 1708 repo_find_unique_abbrev(the_repository, &dst_cmd->old_oid, DEFAULT_ABBREV),
1709 repo_find_unique_abbrev(the_repository, &dst_cmd->new_oid, DEFAULT_ABBREV));
da3efdb1
JS		 1710
1711 cmd->error_string = dst_cmd->error_string =
1712 "inconsistent aliased update";
1713}
1714
99036237
ÆAB		 1715static void check_aliased_update(struct command *cmd, struct string_list *list)
1716{
1717 struct strbuf buf = STRBUF_INIT;
1718 const char *dst_name;
1719 int flag;
1720
1721 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
2e5c4758
PS		 1722 dst_name = refs_resolve_ref_unsafe(get_main_ref_store(the_repository),
1723 buf.buf, 0, NULL, &flag);
99036237
ÆAB		 1724 check_aliased_update_internal(cmd, list, dst_name, flag);
1725 strbuf_release(&buf);
1726}
1727
da3efdb1
JS		 1728static void check_aliased_updates(struct command *commands)
1729{
1730 struct command *cmd;
183113a5 1731 struct string_list ref_list = STRING_LIST_INIT_NODUP;
da3efdb1
JS		 1732
1733 for (cmd = commands; cmd; cmd = cmd->next) {
1734 struct string_list_item *item =
1d2f80fa 1735 string_list_append(&ref_list, cmd->ref_name);
da3efdb1
JS		 1736 item->util = (void *)cmd;
1737 }
3383e199 1738 string_list_sort(&ref_list);
da3efdb1 1739
ef7e93d9
CB		 1740 for (cmd = commands; cmd; cmd = cmd->next) {
1741 if (!cmd->error_string)
1742 check_aliased_update(cmd, &ref_list);
1743 }
da3efdb1
JS		 1744
1745 string_list_clear(&ref_list, 0);
1746}
1747
9fec7b21 1748static const struct object_id *command_singleton_iterator(void *cb_data)
52fed6e1
JH		 1749{
1750 struct command **cmd_list = cb_data;
1751 struct command *cmd = *cmd_list;
1752
9c44ea44 1753 if (!cmd || is_null_oid(&cmd->new_oid))
9fec7b21 1754 return NULL;
52fed6e1 1755 *cmd_list = NULL; /* this returns only one */
9fec7b21 1756 return &cmd->new_oid;
52fed6e1
JH		 1757}
1758
0a1bc12b
NTND		 1759static void set_connectivity_errors(struct command *commands,
1760 struct shallow_info *si)
52fed6e1
JH		 1761{
1762 struct command *cmd;
1763
1764 for (cmd = commands; cmd; cmd = cmd->next) {
1765 struct command *singleton = cmd;
722ff7f8
JK		 1766 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1767
0a1bc12b
NTND		 1768 if (shallow_update && si->shallow_ref[cmd->index])
1769 /* to be checked in update_shallow_ref() */
1770 continue;
722ff7f8
JK		 1771
1772 opt.env = tmp_objdir_env(tmp_objdir);
7043c707 1773 if (!check_connected(command_singleton_iterator, &singleton,
722ff7f8 1774 &opt))
52fed6e1 1775 continue;
722ff7f8 1776
52fed6e1
JH		 1777 cmd->error_string = "missing necessary objects";
1778 }
1779}
1780
0a1bc12b
NTND		 1781struct iterate_data {
1782 struct command *cmds;
1783 struct shallow_info *si;
1784};
1785
9fec7b21 1786static const struct object_id *iterate_receive_command_list(void *cb_data)
52fed6e1 1787{
0a1bc12b
NTND		 1788 struct iterate_data *data = cb_data;
1789 struct command **cmd_list = &data->cmds;
52fed6e1
JH		 1790 struct command *cmd = *cmd_list;
1791
0a1bc12b
NTND		 1792 for (; cmd; cmd = cmd->next) {
1793 if (shallow_update && data->si->shallow_ref[cmd->index])
1794 /* to be checked in update_shallow_ref() */
1795 continue;
9c44ea44 1796 if (!is_null_oid(&cmd->new_oid) && !cmd->skip_update) {
ee6dfb2d 1797 *cmd_list = cmd->next;
9fec7b21 1798 return &cmd->new_oid;
ee6dfb2d 1799 }
ee6dfb2d 1800 }
9fec7b21 1801 return NULL;
52fed6e1
JH		 1802}
1803
daebaa78
JH		 1804static void reject_updates_to_hidden(struct command *commands)
1805{
78a766ab
LF		 1806 struct strbuf refname_full = STRBUF_INIT;
1807 size_t prefix_len;
daebaa78
JH		 1808 struct command *cmd;
1809
78a766ab
LF		 1810 strbuf_addstr(&refname_full, get_git_namespace());
1811 prefix_len = refname_full.len;
1812
daebaa78 1813 for (cmd = commands; cmd; cmd = cmd->next) {
78a766ab
LF		 1814 if (cmd->error_string)
1815 continue;
1816
1817 strbuf_setlen(&refname_full, prefix_len);
1818 strbuf_addstr(&refname_full, cmd->ref_name);
1819
9b67eb6f 1820 if (!ref_is_hidden(cmd->ref_name, refname_full.buf, &hidden_refs))
daebaa78 1821 continue;
9c44ea44 1822 if (is_null_oid(&cmd->new_oid))
daebaa78
JH		 1823 cmd->error_string = "deny deleting a hidden ref";
1824 else
1825 cmd->error_string = "deny updating a hidden ref";
1826 }
78a766ab
LF		 1827
1828 strbuf_release(&refname_full);
daebaa78
JH		 1829}
1830
a6a84319
SB		 1831static int should_process_cmd(struct command *cmd)
1832{
1833 return !cmd->error_string && !cmd->skip_update;
1834}
1835
07b1d8f1 1836static void BUG_if_skipped_connectivity_check(struct command *commands,
a6a84319
SB		 1837 struct shallow_info *si)
1838{
1839 struct command *cmd;
a6a84319
SB		 1840
1841 for (cmd = commands; cmd; cmd = cmd->next) {
07b1d8f1
ÆAB		 1842 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index])
1843 bug("connectivity check has not been run on ref %s",
1844 cmd->ref_name);
a6a84319 1845 }
07b1d8f1 1846 BUG_if_bug("connectivity check skipped???");
a6a84319
SB		 1847}
1848
a1a26145
SB		 1849static void execute_commands_non_atomic(struct command *commands,
1850 struct shallow_info *si)
1851{
1852 struct command *cmd;
222368c6
SB		 1853 struct strbuf err = STRBUF_INIT;
1854
a1a26145 1855 for (cmd = commands; cmd; cmd = cmd->next) {
15d3af5e 1856 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
a1a26145
SB		 1857 continue;
1858
2e5c4758 1859 transaction = ref_store_transaction_begin(get_main_ref_store(the_repository),
a0efef14 1860 0, &err);
222368c6
SB		 1861 if (!transaction) {
1862 rp_error("%s", err.buf);
1863 strbuf_reset(&err);
1864 cmd->error_string = "transaction failed to start";
1865 continue;
1866 }
1867
a1a26145 1868 cmd->error_string = update(cmd, si);
222368c6
SB		 1869
1870 if (!cmd->error_string
1871 && ref_transaction_commit(transaction, &err)) {
1872 rp_error("%s", err.buf);
1873 strbuf_reset(&err);
1874 cmd->error_string = "failed to update ref";
1875 }
1876 ref_transaction_free(transaction);
a1a26145 1877 }
68deed29
SB		 1878 strbuf_release(&err);
1879}
222368c6 1880
68deed29
SB		 1881static void execute_commands_atomic(struct command *commands,
1882 struct shallow_info *si)
1883{
1884 struct command *cmd;
1885 struct strbuf err = STRBUF_INIT;
1886 const char *reported_error = "atomic push failure";
1887
2e5c4758 1888 transaction = ref_store_transaction_begin(get_main_ref_store(the_repository),
a0efef14 1889 0, &err);
68deed29
SB		 1890 if (!transaction) {
1891 rp_error("%s", err.buf);
1892 strbuf_reset(&err);
1893 reported_error = "transaction failed to start";
1894 goto failure;
1895 }
1896
1897 for (cmd = commands; cmd; cmd = cmd->next) {
15d3af5e 1898 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
68deed29
SB		 1899 continue;
1900
1901 cmd->error_string = update(cmd, si);
1902
1903 if (cmd->error_string)
1904 goto failure;
1905 }
1906
1907 if (ref_transaction_commit(transaction, &err)) {
1908 rp_error("%s", err.buf);
1909 reported_error = "atomic transaction failed";
1910 goto failure;
1911 }
1912 goto cleanup;
1913
1914failure:
1915 for (cmd = commands; cmd; cmd = cmd->next)
1916 if (!cmd->error_string)
1917 cmd->error_string = reported_error;
1918
1919cleanup:
1920 ref_transaction_free(transaction);
222368c6 1921 strbuf_release(&err);
a1a26145
SB		 1922}
1923
0a1bc12b
NTND		 1924static void execute_commands(struct command *commands,
1925 const char *unpacker_error,
77a9745d
SB		 1926 struct shallow_info *si,
1927 const struct string_list *push_options)
575f4974 1928{
d415092a 1929 struct check_connected_options opt = CHECK_CONNECTED_INIT;
5e1c71fd 1930 struct command *cmd;
0a1bc12b 1931 struct iterate_data data;
d415092a
JK		 1932 struct async muxer;
1933 int err_fd = 0;
15d3af5e 1934 int run_proc_receive = 0;
8aaf7d64
SP		 1935
1936 if (unpacker_error) {
5e1c71fd 1937 for (cmd = commands; cmd; cmd = cmd->next)
74eb32d3 1938 cmd->error_string = "unpacker error";
8aaf7d64
SP		 1939 return;
1940 }
1941
68cb0b52
JT		 1942 if (!skip_connectivity_check) {
1943 if (use_sideband) {
1944 memset(&muxer, 0, sizeof(muxer));
1945 muxer.proc = copy_to_sideband;
1946 muxer.in = -1;
1947 if (!start_async(&muxer))
1948 err_fd = muxer.in;
1949 /* ...else, continue without relaying sideband */
1950 }
d415092a 1951
68cb0b52
JT		 1952 data.cmds = commands;
1953 data.si = si;
1954 opt.err_fd = err_fd;
1955 opt.progress = err_fd && !quiet;
1956 opt.env = tmp_objdir_env(tmp_objdir);
1957 opt.exclude_hidden_refs_section = "receive";
bcec6780 1958
68cb0b52
JT		 1959 if (check_connected(iterate_receive_command_list, &data, &opt))
1960 set_connectivity_errors(commands, si);
52fed6e1 1961
68cb0b52
JT		 1962 if (use_sideband)
1963 finish_async(&muxer);
1964 }
d415092a 1965
daebaa78
JH		 1966 reject_updates_to_hidden(commands);
1967
15d3af5e
JX		 1968 /*
1969 * Try to find commands that have special prefix in their reference names,
1970 * and mark them to run an external "proc-receive" hook later.
1971 */
31e8595a
JX		 1972 if (proc_receive_ref) {
1973 for (cmd = commands; cmd; cmd = cmd->next) {
1974 if (!should_process_cmd(cmd))
1975 continue;
15d3af5e 1976
31e8595a
JX		 1977 if (proc_receive_ref_matches(cmd)) {
1978 cmd->run_proc_receive = RUN_PROC_RECEIVE_SCHEDULED;
1979 run_proc_receive = 1;
1980 }
15d3af5e
JX		 1981 }
1982 }
1983
77a9745d 1984 if (run_receive_hook(commands, "pre-receive", 0, push_options)) {
ef7e93d9
CB		 1985 for (cmd = commands; cmd; cmd = cmd->next) {
1986 if (!cmd->error_string)
1987 cmd->error_string = "pre-receive hook declined";
1988 }
05ef58ec
SP		 1989 return;
1990 }
1991
54077640
CB		 1992 /*
1993 * If there is no command ready to run, should return directly to destroy
1994 * temporary data in the quarantine area.
1995 */
1996 for (cmd = commands; cmd && cmd->error_string; cmd = cmd->next)
1997 ; /* nothing */
1998 if (!cmd)
1999 return;
2000
722ff7f8
JK		 2001 /*
2002 * Now we'll start writing out refs, which means the objects need
2003 * to be in their final positions so that other processes can see them.
2004 */
2005 if (tmp_objdir_migrate(tmp_objdir) < 0) {
2006 for (cmd = commands; cmd; cmd = cmd->next) {
2007 if (!cmd->error_string)
2008 cmd->error_string = "unable to migrate objects to permanent storage";
2009 }
2010 return;
2011 }
2012 tmp_objdir = NULL;
2013
da3efdb1
JS		 2014 check_aliased_updates(commands);
2015
96ec7b1e 2016 free(head_name_to_free);
2e5c4758
PS		 2017 head_name = head_name_to_free = refs_resolve_refdup(get_main_ref_store(the_repository),
2018 "HEAD", 0, NULL,
2019 NULL);
747ca245 2020
15d3af5e
JX		 2021 if (run_proc_receive &&
2022 run_proc_receive_hook(commands, push_options))
2023 for (cmd = commands; cmd; cmd = cmd->next)
2024 if (!cmd->error_string &&
2025 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED) &&
2026 (cmd->run_proc_receive || use_atomic))
2027 cmd->error_string = "fail to run proc-receive hook";
2028
68deed29
SB		 2029 if (use_atomic)
2030 execute_commands_atomic(commands, si);
2031 else
2032 execute_commands_non_atomic(commands, si);
0a1bc12b 2033
a6a84319 2034 if (shallow_update)
07b1d8f1 2035 BUG_if_skipped_connectivity_check(commands, si);
575f4974
LT		 2036}
2037
39895c74
JH		 2038static struct command **queue_command(struct command **tail,
2039 const char *line,
2040 int linelen)
2041{
9c44ea44 2042 struct object_id old_oid, new_oid;
39895c74
JH		 2043 struct command *cmd;
2044 const char *refname;
2045 int reflen;
9c44ea44 2046 const char *p;
39895c74 2047
9c44ea44 2048 if (parse_oid_hex(line, &old_oid, &p) ||
2049 *p++ != ' ' ||
2050 parse_oid_hex(p, &new_oid, &p) ||
2051 *p++ != ' ')
39895c74
JH		 2052 die("protocol error: expected old/new/ref, got '%s'", line);
2053
9c44ea44 2054 refname = p;
2055 reflen = linelen - (p - line);
ddd0bfac 2056 FLEX_ALLOC_MEM(cmd, ref_name, refname, reflen);
9c44ea44 2057 oidcpy(&cmd->old_oid, &old_oid);
2058 oidcpy(&cmd->new_oid, &new_oid);
39895c74
JH		 2059 *tail = cmd;
2060 return &cmd->next;
2061}
2062
1fdd31cf
ÆAB		 2063static void free_commands(struct command *commands)
2064{
2065 while (commands) {
2066 struct command *next = commands->next;
2067
a6c30623
PS		 2068 ref_push_report_free(commands->report);
2069 free(commands->error_string_owned);
1fdd31cf
ÆAB		 2070 free(commands);
2071 commands = next;
2072 }
2073}
2074
4adf569d
JH		 2075static void queue_commands_from_cert(struct command **tail,
2076 struct strbuf *push_cert)
2077{
2078 const char *boc, *eoc;
2079
2080 if (*tail)
2081 die("protocol error: got both push certificate and unsigned commands");
2082
2083 boc = strstr(push_cert->buf, "\n\n");
2084 if (!boc)
2085 die("malformed push certificate %.*s", 100, push_cert->buf);
2086 else
2087 boc += 2;
482c1191 2088 eoc = push_cert->buf + parse_signed_buffer(push_cert->buf, push_cert->len);
4adf569d
JH		 2089
2090 while (boc < eoc) {
2091 const char *eol = memchr(boc, '\n', eoc - boc);
f2214ded 2092 tail = queue_command(tail, boc, eol ? eol - boc : eoc - boc);
4adf569d
JH		 2093 boc = eol ? eol + 1 : eoc;
2094 }
2095}
2096
01f9ec64
MS		 2097static struct command *read_head_info(struct packet_reader *reader,
2098 struct oid_array *shallow)
575f4974 2099{
5e1c71fd 2100 struct command *commands = NULL;
eb1af2df 2101 struct command **p = &commands;
575f4974 2102 for (;;) {
01f9ec64 2103 int linelen;
eb1af2df 2104
01f9ec64 2105 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
575f4974 2106 break;
5dbd7676 2107
01f9ec64 2108 if (reader->pktlen > 8 && starts_with(reader->line, "shallow ")) {
9c44ea44 2109 struct object_id oid;
01f9ec64 2110 if (get_oid_hex(reader->line + 8, &oid))
c09b71cc 2111 die("protocol error: expected shallow sha, got '%s'",
01f9ec64 2112 reader->line + 8);
910650d2 2113 oid_array_append(shallow, &oid);
5dbd7676
NTND		 2114 continue;
2115 }
2116
01f9ec64
MS		 2117 linelen = strlen(reader->line);
2118 if (linelen < reader->pktlen) {
2119 const char *feature_list = reader->line + linelen + 1;
bb095d08 2120 const char *hash = NULL;
a2a066d9 2121 const char *client_sid;
7ce4c8f7 2122 size_t len = 0;
f47182c8 2123 if (parse_feature_request(feature_list, "report-status"))
cfee10a7 2124 report_status = 1;
63518a57
JX		 2125 if (parse_feature_request(feature_list, "report-status-v2"))
2126 report_status_v2 = 1;
f47182c8 2127 if (parse_feature_request(feature_list, "side-band-64k"))
38a81b4e 2128 use_sideband = LARGE_PACKET_MAX;
c207e34f
CB		 2129 if (parse_feature_request(feature_list, "quiet"))
2130 quiet = 1;
1b70fe5d
RS		 2131 if (advertise_atomic_push
2132 && parse_feature_request(feature_list, "atomic"))
2133 use_atomic = 1;
c714e45f
SB		 2134 if (advertise_push_options
2135 && parse_feature_request(feature_list, "push-options"))
2136 use_push_options = 1;
bb095d08 2137 hash = parse_feature_value(feature_list, "object-format", &len, NULL);
2138 if (!hash) {
2139 hash = hash_algos[GIT_HASH_SHA1].name;
2140 len = strlen(hash);
2141 }
2142 if (xstrncmpz(the_hash_algo->name, hash, len))
2143 die("error: unsupported object format '%s'", hash);
a2a066d9
JS		 2144 client_sid = parse_feature_value(feature_list, "session-id", &len, NULL);
2145 if (client_sid) {
2146 char *sid = xstrndup(client_sid, len);
2147 trace2_data_string("transfer", NULL, "client-sid", client_sid);
2148 free(sid);
2149 }
cfee10a7 2150 }
0e3c339b 2151
01f9ec64 2152 if (!strcmp(reader->line, "push-cert")) {
a85b377d 2153 int true_flush = 0;
01f9ec64
MS		 2154 int saved_options = reader->options;
2155 reader->options &= ~PACKET_READ_CHOMP_NEWLINE;
a85b377d
JH		 2156
2157 for (;;) {
01f9ec64
MS		 2158 packet_reader_read(reader);
2159 if (reader->status == PACKET_READ_FLUSH) {
a85b377d
JH		 2160 true_flush = 1;
2161 break;
2162 }
01f9ec64
MS		 2163 if (reader->status != PACKET_READ_NORMAL) {
2164 die("protocol error: got an unexpected packet");
2165 }
2166 if (!strcmp(reader->line, "push-cert-end\n"))
a85b377d 2167 break; /* end of cert */
01f9ec64 2168 strbuf_addstr(&push_cert, reader->line);
a85b377d 2169 }
01f9ec64 2170 reader->options = saved_options;
a85b377d
JH		 2171
2172 if (true_flush)
2173 break;
2174 continue;
2175 }
2176
01f9ec64 2177 p = queue_command(p, reader->line, linelen);
575f4974 2178 }
4adf569d
JH		 2179
2180 if (push_cert.len)
2181 queue_commands_from_cert(p, &push_cert);
2182
5e1c71fd 2183 return commands;
575f4974
LT		 2184}
2185
01f9ec64
MS		 2186static void read_push_options(struct packet_reader *reader,
2187 struct string_list *options)
c714e45f
SB		 2188{
2189 while (1) {
01f9ec64 2190 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
c714e45f
SB		 2191 break;
2192
01f9ec64 2193 string_list_append(options, reader->line);
c714e45f
SB		 2194 }
2195}
2196
fc04c412
SP		 2197static const char *parse_pack_header(struct pack_header *hdr)
2198{
a69e5429
JH		 2199 switch (read_pack_header(0, hdr)) {
2200 case PH_ERROR_EOF:
2201 return "eof before pack header was fully read";
2202
2203 case PH_ERROR_PACK_SIGNATURE:
fc04c412 2204 return "protocol error (pack signature mismatch detected)";
a69e5429
JH		 2205
2206 case PH_ERROR_PROTOCOL:
fc04c412 2207 return "protocol error (pack version unsupported)";
a69e5429
JH		 2208
2209 default:
2210 return "unknown error in parse_pack_header";
2211
2212 case 0:
2213 return NULL;
2214 }
fc04c412
SP		 2215}
2216
c55c3066 2217static struct tempfile *pack_lockfile;
576162a4 2218
22f9b7f3 2219static void push_header_arg(struct strvec *args, struct pack_header *hdr)
446d5d91 2220{
22f9b7f3 2221 strvec_pushf(args, "--pack_header=%"PRIu32",%"PRIu32,
f6d8942b 2222 ntohl(hdr->hdr_version), ntohl(hdr->hdr_entries));
446d5d91
JK		 2223}
2224
5dbd7676 2225static const char *unpack(int err_fd, struct shallow_info *si)
575f4974 2226{
fc04c412
SP		 2227 struct pack_header hdr;
2228 const char *hdr_err;
31c42bff 2229 int status;
d3180279 2230 struct child_process child = CHILD_PROCESS_INIT;
dab76d3a
JH		 2231 int fsck_objects = (receive_fsck_objects >= 0
2232 ? receive_fsck_objects
2233 : transfer_fsck_objects >= 0
2234 ? transfer_fsck_objects
2235 : 0);
fc04c412
SP		 2236
2237 hdr_err = parse_pack_header(&hdr);
49ecfa13
JK		 2238 if (hdr_err) {
2239 if (err_fd > 0)
2240 close(err_fd);
fc04c412 2241 return hdr_err;
49ecfa13 2242 }
fc04c412 2243
5dbd7676
NTND		 2244 if (si->nr_ours || si->nr_theirs) {
2245 alt_shallow_file = setup_temporary_shallow(si->shallow);
22f9b7f3
JK		 2246 strvec_push(&child.args, "--shallow-file");
2247 strvec_push(&child.args, alt_shallow_file);
5dbd7676
NTND		 2248 }
2249
727c71a1 2250 tmp_objdir = tmp_objdir_create(the_repository, "incoming");
6cdad1f1
JK		 2251 if (!tmp_objdir) {
2252 if (err_fd > 0)
2253 close(err_fd);
722ff7f8 2254 return "unable to create temporary object directory";
6cdad1f1 2255 }
c21fa3bb 2256 strvec_pushv(&child.env, tmp_objdir_env(tmp_objdir));
722ff7f8
JK		 2257
2258 /*
2259 * Normally we just pass the tmp_objdir environment to the child
2260 * processes that do the heavy lifting, but we may need to see these
2261 * objects ourselves to set up shallow information.
2262 */
2263 tmp_objdir_add_as_alternate(tmp_objdir);
2264
fc04c412 2265 if (ntohl(hdr.hdr_entries) < unpack_limit) {
22f9b7f3 2266 strvec_push(&child.args, "unpack-objects");
446d5d91 2267 push_header_arg(&child.args, &hdr);
c207e34f 2268 if (quiet)
22f9b7f3 2269 strvec_push(&child.args, "-q");
dab76d3a 2270 if (fsck_objects)
22f9b7f3 2271 strvec_pushf(&child.args, "--strict%s",
f6d8942b 2272 fsck_msg_types.buf);
c08db5a2 2273 if (max_input_size)
22f9b7f3 2274 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
f6d8942b 2275 (uintmax_t)max_input_size);
59bfdfb8 2276 child.no_stdout = 1;
a22e6f85 2277 child.err = err_fd;
59bfdfb8 2278 child.git_cmd = 1;
31c42bff
NTND		 2279 status = run_command(&child);
2280 if (status)
2281 return "unpack-objects abnormal exit";
576162a4 2282 } else {
da25bdb7 2283 char hostname[HOST_NAME_MAX + 1];
c55c3066 2284 char *lockfile;
576162a4 2285
22f9b7f3 2286 strvec_pushl(&child.args, "index-pack", "--stdin", NULL);
446d5d91 2287 push_header_arg(&child.args, &hdr);
b26cb7c7 2288
5781a9a2 2289 if (xgethostname(hostname, sizeof(hostname)))
b26cb7c7 2290 xsnprintf(hostname, sizeof(hostname), "localhost");
22f9b7f3 2291 strvec_pushf(&child.args,
f6d8942b
JK		 2292 "--keep=receive-pack %"PRIuMAX" on %s",
2293 (uintmax_t)getpid(),
2294 hostname);
b26cb7c7 2295
d06303bb 2296 if (!quiet && err_fd)
22f9b7f3 2297 strvec_push(&child.args, "--show-resolving-progress");
83558686 2298 if (use_sideband)
22f9b7f3 2299 strvec_push(&child.args, "--report-end-of-input");
dab76d3a 2300 if (fsck_objects)
22f9b7f3 2301 strvec_pushf(&child.args, "--strict%s",
f6d8942b 2302 fsck_msg_types.buf);
1b68387e 2303 if (!reject_thin)
22f9b7f3 2304 strvec_push(&child.args, "--fix-thin");
c08db5a2 2305 if (max_input_size)
22f9b7f3 2306 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
f6d8942b 2307 (uintmax_t)max_input_size);
31c42bff
NTND		 2308 child.out = -1;
2309 child.err = err_fd;
2310 child.git_cmd = 1;
2311 status = start_command(&child);
2312 if (status)
576162a4 2313 return "index-pack fork failed";
c55c3066 2314
e2f6f765 2315 lockfile = index_pack_lockfile(the_repository, child.out, NULL);
c55c3066
PS		 2316 if (lockfile) {
2317 pack_lockfile = register_tempfile(lockfile);
2318 free(lockfile);
2319 }
31c42bff 2320 close(child.out);
c55c3066 2321
31c42bff
NTND		 2322 status = finish_command(&child);
2323 if (status)
2324 return "index-pack abnormal exit";
a49d2834 2325 reprepare_packed_git(the_repository);
cfee10a7 2326 }
31c42bff 2327 return NULL;
cfee10a7
JH		 2328}
2329
5dbd7676 2330static const char *unpack_with_sideband(struct shallow_info *si)
a22e6f85
JK		 2331{
2332 struct async muxer;
2333 const char *ret;
2334
2335 if (!use_sideband)
5dbd7676 2336 return unpack(0, si);
a22e6f85 2337
83558686 2338 use_keepalive = KEEPALIVE_AFTER_NUL;
a22e6f85
JK		 2339 memset(&muxer, 0, sizeof(muxer));
2340 muxer.proc = copy_to_sideband;
2341 muxer.in = -1;
2342 if (start_async(&muxer))
2343 return NULL;
2344
5dbd7676 2345 ret = unpack(muxer.in, si);
a22e6f85
JK		 2346
2347 finish_async(&muxer);
2348 return ret;
2349}
2350
c95fc72f 2351static void prepare_shallow_update(struct shallow_info *si)
0a1bc12b 2352{
42c78a21 2353 int i, j, k, bitmap_size = DIV_ROUND_UP(si->ref->nr, 32);
0a1bc12b 2354
b32fa95f 2355 ALLOC_ARRAY(si->used_shallow, si->shallow->nr);
0a1bc12b
NTND		 2356 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
2357
486f4bd1
JH		 2358 CALLOC_ARRAY(si->need_reachability_test, si->shallow->nr);
2359 CALLOC_ARRAY(si->reachable, si->shallow->nr);
2360 CALLOC_ARRAY(si->shallow_ref, si->ref->nr);
0a1bc12b
NTND		 2361
2362 for (i = 0; i < si->nr_ours; i++)
2363 si->need_reachability_test[si->ours[i]] = 1;
2364
2365 for (i = 0; i < si->shallow->nr; i++) {
2366 if (!si->used_shallow[i])
2367 continue;
2368 for (j = 0; j < bitmap_size; j++) {
2369 if (!si->used_shallow[i][j])
2370 continue;
2371 si->need_reachability_test[i]++;
2372 for (k = 0; k < 32; k++)
9a93c668 2373 if (si->used_shallow[i][j] & (1U << k))
0a1bc12b
NTND		 2374 si->shallow_ref[j * 32 + k]++;
2375 }
2376
2377 /*
2378 * true for those associated with some refs and belong
2379 * in "ours" list aka "step 7 not done yet"
2380 */
2381 si->need_reachability_test[i] =
2382 si->need_reachability_test[i] > 1;
2383 }
2384
2385 /*
2386 * keep hooks happy by forcing a temporary shallow file via
2387 * env variable because we can't add --shallow-file to every
7987d223 2388 * command. check_connected() will be done with
0a1bc12b
NTND		 2389 * true .git/shallow though.
2390 */
2391 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
2392}
2393
5dbd7676
NTND		 2394static void update_shallow_info(struct command *commands,
2395 struct shallow_info *si,
910650d2 2396 struct oid_array *ref)
5dbd7676
NTND		 2397{
2398 struct command *cmd;
2399 int *ref_status;
2400 remove_nonexistent_theirs_shallow(si);
0a1bc12b
NTND		 2401 if (!si->nr_ours && !si->nr_theirs) {
2402 shallow_update = 0;
5dbd7676 2403 return;
0a1bc12b 2404 }
5dbd7676
NTND		 2405
2406 for (cmd = commands; cmd; cmd = cmd->next) {
9c44ea44 2407 if (is_null_oid(&cmd->new_oid))
5dbd7676 2408 continue;
910650d2 2409 oid_array_append(ref, &cmd->new_oid);
5dbd7676
NTND		 2410 cmd->index = ref->nr - 1;
2411 }
2412 si->ref = ref;
2413
0a1bc12b 2414 if (shallow_update) {
c95fc72f 2415 prepare_shallow_update(si);
0a1bc12b
NTND		 2416 return;
2417 }
2418
b32fa95f 2419 ALLOC_ARRAY(ref_status, ref->nr);
5dbd7676
NTND		 2420 assign_shallow_commits_to_refs(si, NULL, ref_status);
2421 for (cmd = commands; cmd; cmd = cmd->next) {
9c44ea44 2422 if (is_null_oid(&cmd->new_oid))
5dbd7676
NTND		 2423 continue;
2424 if (ref_status[cmd->index]) {
2425 cmd->error_string = "shallow update not allowed";
2426 cmd->skip_update = 1;
2427 }
2428 }
5dbd7676
NTND		 2429 free(ref_status);
2430}
2431
5e1c71fd 2432static void report(struct command *commands, const char *unpack_status)
cfee10a7
JH		 2433{
2434 struct command *cmd;
38a81b4e
SP		 2435 struct strbuf buf = STRBUF_INIT;
2436
2437 packet_buf_write(&buf, "unpack %s\n",
2438 unpack_status ? unpack_status : "ok");
cfee10a7
JH		 2439 for (cmd = commands; cmd; cmd = cmd->next) {
2440 if (!cmd->error_string)
38a81b4e
SP		 2441 packet_buf_write(&buf, "ok %s\n",
2442 cmd->ref_name);
cfee10a7 2443 else
38a81b4e
SP		 2444 packet_buf_write(&buf, "ng %s %s\n",
2445 cmd->ref_name, cmd->error_string);
575f4974 2446 }
38a81b4e
SP		 2447 packet_buf_flush(&buf);
2448
2449 if (use_sideband)
2450 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2451 else
cdf4fb8e 2452 write_or_die(1, buf.buf, buf.len);
38a81b4e 2453 strbuf_release(&buf);
575f4974
LT		 2454}
2455
63518a57
JX		 2456static void report_v2(struct command *commands, const char *unpack_status)
2457{
2458 struct command *cmd;
2459 struct strbuf buf = STRBUF_INIT;
2460 struct ref_push_report *report;
2461
2462 packet_buf_write(&buf, "unpack %s\n",
2463 unpack_status ? unpack_status : "ok");
2464 for (cmd = commands; cmd; cmd = cmd->next) {
2465 int count = 0;
2466
2467 if (cmd->error_string) {
2468 packet_buf_write(&buf, "ng %s %s\n",
2469 cmd->ref_name,
2470 cmd->error_string);
2471 continue;
2472 }
2473 packet_buf_write(&buf, "ok %s\n",
2474 cmd->ref_name);
2475 for (report = cmd->report; report; report = report->next) {
2476 if (count++ > 0)
2477 packet_buf_write(&buf, "ok %s\n",
2478 cmd->ref_name);
2479 if (report->ref_name)
2480 packet_buf_write(&buf, "option refname %s\n",
2481 report->ref_name);
2482 if (report->old_oid)
2483 packet_buf_write(&buf, "option old-oid %s\n",
2484 oid_to_hex(report->old_oid));
2485 if (report->new_oid)
2486 packet_buf_write(&buf, "option new-oid %s\n",
2487 oid_to_hex(report->new_oid));
2488 if (report->forced_update)
2489 packet_buf_write(&buf, "option forced-update\n");
2490 }
2491 }
2492 packet_buf_flush(&buf);
2493
2494 if (use_sideband)
2495 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2496 else
2497 write_or_die(1, buf.buf, buf.len);
2498 strbuf_release(&buf);
2499}
2500
5e1c71fd 2501static int delete_only(struct command *commands)
d4f694ba 2502{
5e1c71fd
JS		 2503 struct command *cmd;
2504 for (cmd = commands; cmd; cmd = cmd->next) {
9c44ea44 2505 if (!is_null_oid(&cmd->new_oid))
d4f694ba 2506 return 0;
d4f694ba
JH		 2507 }
2508 return 1;
2509}
2510
9b1cb507
JC		 2511int cmd_receive_pack(int argc,
2512 const char **argv,
2513 const char *prefix,
2514 struct repository *repo UNUSED)
575f4974 2515{
42526b47 2516 int advertise_refs = 0;
5e1c71fd 2517 struct command *commands;
910650d2 2518 struct oid_array shallow = OID_ARRAY_INIT;
2519 struct oid_array ref = OID_ARRAY_INIT;
5dbd7676 2520 struct shallow_info si;
01f9ec64 2521 struct packet_reader reader;
575f4974 2522
1b68387e
SS		 2523 struct option options[] = {
2524 OPT__QUIET(&quiet, N_("quiet")),
68cb0b52 2525 OPT_HIDDEN_BOOL(0, "skip-connectivity-check", &skip_connectivity_check, NULL),
1b68387e 2526 OPT_HIDDEN_BOOL(0, "stateless-rpc", &stateless_rpc, NULL),
98e2d9d6
ÆAB		 2527 OPT_HIDDEN_BOOL(0, "http-backend-info-refs", &advertise_refs, NULL),
2528 OPT_ALIAS(0, "advertise-refs", "http-backend-info-refs"),
1b68387e
SS		 2529 OPT_HIDDEN_BOOL(0, "reject-thin-pack-for-testing", &reject_thin, NULL),
2530 OPT_END()
2531 };
bbc30f99 2532
1b68387e 2533 packet_trace_identity("receive-pack");
575f4974 2534
1b68387e 2535 argc = parse_options(argc, argv, prefix, options, receive_pack_usage, 0);
c207e34f 2536
1b68387e 2537 if (argc > 1)
c25edee9 2538 usage_msg_opt(_("too many arguments"), receive_pack_usage, options);
1b68387e 2539 if (argc == 0)
c25edee9 2540 usage_msg_opt(_("you must specify a directory"), receive_pack_usage, options);
42526b47 2541
1b68387e 2542 service_dir = argv[0];
575f4974 2543
e1464ca7 2544 setup_path();
5c09f321 2545
5732373d
JH		 2546 if (!enter_repo(service_dir, 0))
2547 die("'%s' does not appear to be a git repository", service_dir);
575f4974 2548
ef90d6d4 2549 git_config(receive_pack_config, NULL);
b89363e4 2550 if (cert_nonce_seed)
5732373d 2551 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
6fb75bed 2552
f3d33f8c 2553 if (0 <= receive_unpack_limit)
e28714c5 2554 unpack_limit = receive_unpack_limit;
f3d33f8c
JH		 2555 else if (0 <= transfer_unpack_limit)
2556 unpack_limit = transfer_unpack_limit;
e28714c5 2557
aa9bab29 2558 switch (determine_protocol_version_server()) {
8f6982b4
BW		 2559 case protocol_v2:
2560 /*
2561 * push support for protocol v2 has not been implemented yet,
2562 * so ignore the request to use v2 and fallback to using v0.
2563 */
2564 break;
aa9bab29
BW		 2565 case protocol_v1:
2566 /*
2567 * v1 is just the original protocol with a version string,
2568 * so just fall through after writing the version string.
2569 */
2570 if (advertise_refs || !stateless_rpc)
2571 packet_write_fmt(1, "version 1\n");
2572
2573 /* fallthrough */
2574 case protocol_v0:
2575 break;
2576 case protocol_unknown_version:
2577 BUG("unknown protocol version");
2578 }
2579
42526b47 2580 if (advertise_refs || !stateless_rpc) {
42526b47 2581 write_head_info();
42526b47
SP		 2582 }
2583 if (advertise_refs)
2584 return 0;
575f4974 2585
2d103c31
MS		 2586 packet_reader_init(&reader, 0, NULL, 0,
2587 PACKET_READ_CHOMP_NEWLINE |
2588 PACKET_READ_DIE_ON_ERR_PACKET);
01f9ec64 2589
afe8a907 2590 if ((commands = read_head_info(&reader, &shallow))) {
d4f694ba 2591 const char *unpack_status = NULL;
77a9745d 2592 struct string_list push_options = STRING_LIST_INIT_DUP;
d4f694ba 2593
c714e45f 2594 if (use_push_options)
01f9ec64 2595 read_push_options(&reader, &push_options);
cbaf82cc
JT		 2596 if (!check_cert_push_options(&push_options)) {
2597 struct command *cmd;
2598 for (cmd = commands; cmd; cmd = cmd->next)
2599 cmd->error_string = "inconsistent push options";
2600 }
c714e45f 2601
5dbd7676 2602 prepare_shallow_info(&si, &shallow);
0a1bc12b
NTND		 2603 if (!si.nr_ours && !si.nr_theirs)
2604 shallow_update = 0;
5dbd7676
NTND		 2605 if (!delete_only(commands)) {
2606 unpack_status = unpack_with_sideband(&si);
2607 update_shallow_info(commands, &si, &ref);
2608 }
83558686 2609 use_keepalive = KEEPALIVE_ALWAYS;
77a9745d
SB		 2610 execute_commands(commands, unpack_status, &si,
2611 &push_options);
c55c3066 2612 delete_tempfile(&pack_lockfile);
d34182b9 2613 sigchain_push(SIGPIPE, SIG_IGN);
63518a57
JX		 2614 if (report_status_v2)
2615 report_v2(commands, unpack_status);
2616 else if (report_status)
5e1c71fd 2617 report(commands, unpack_status);
d34182b9 2618 sigchain_pop(SIGPIPE);
77a9745d
SB		 2619 run_receive_hook(commands, "post-receive", 1,
2620 &push_options);
8e663d9e 2621 run_update_post_hook(commands);
1fdd31cf 2622 free_commands(commands);
4432dd6b 2623 string_list_clear(&push_options, 0);
77e3efbf 2624 if (auto_gc) {
860a2ebe
LF		 2625 struct child_process proc = CHILD_PROCESS_INIT;
2626
7bf3057d
PS		 2627 if (prepare_auto_maintenance(1, &proc)) {
2628 proc.no_stdin = 1;
2629 proc.stdout_to_stderr = 1;
2630 proc.err = use_sideband ? -1 : 0;
2631
2632 if (!start_command(&proc)) {
2633 if (use_sideband)
2634 copy_to_sideband(proc.err, -1, NULL);
2635 finish_command(&proc);
2636 }
860a2ebe 2637 }
77e3efbf
JH		 2638 }
2639 if (auto_update_server_info)
c365dbb4 2640 update_server_info(the_repository, 0);
5dbd7676 2641 clear_shallow_info(&si);
7f8e9828 2642 }
38a81b4e
SP		 2643 if (use_sideband)
2644 packet_flush(1);
910650d2 2645 oid_array_clear(&shallow);
2646 oid_array_clear(&ref);
c45841ff 2647 strvec_clear(&hidden_refs);
b89363e4 2648 free((void *)push_cert_nonce);
575f4974
LT		 2649 return 0;
2650}
Unnamed repository; edit this file 'description' to name the repository.