]> git.ipfire.org Git - thirdparty/git.git/blob - builtin/receive-pack.c
projects / thirdparty / git.git / blob
? search:


12ecacddb44513a98ad47a43504567e87fc16c83
[thirdparty/git.git] / builtin / receive-pack.c
1 #include "builtin.h"
2 #include "lockfile.h"
3 #include "pack.h"
4 #include "refs.h"
5 #include "pkt-line.h"
6 #include "sideband.h"
7 #include "run-command.h"
8 #include "exec_cmd.h"
9 #include "commit.h"
10 #include "object.h"
11 #include "remote.h"
12 #include "connect.h"
13 #include "transport.h"
14 #include "string-list.h"
15 #include "sha1-array.h"
16 #include "connected.h"
17 #include "argv-array.h"
18 #include "version.h"
19 #include "tag.h"
20 #include "gpg-interface.h"
21 #include "sigchain.h"
22
23 static const char receive_pack_usage[] = "git receive-pack <git-dir>";
24
25 enum deny_action {
26 DENY_UNCONFIGURED,
27 DENY_IGNORE,
28 DENY_WARN,
29 DENY_REFUSE,
30 DENY_UPDATE_INSTEAD
31 };
32
33 static int deny_deletes;
34 static int deny_non_fast_forwards;
35 static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
36 static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
37 static int receive_fsck_objects = -1;
38 static int transfer_fsck_objects = -1;
39 static int receive_unpack_limit = -1;
40 static int transfer_unpack_limit = -1;
41 static int advertise_atomic_push = 1;
42 static int unpack_limit = 100;
43 static int report_status;
44 static int use_sideband;
45 static int use_atomic;
46 static int quiet;
47 static int prefer_ofs_delta = 1;
48 static int auto_update_server_info;
49 static int auto_gc = 1;
50 static int fix_thin = 1;
51 static int stateless_rpc;
52 static const char *service_dir;
53 static const char *head_name;
54 static void *head_name_to_free;
55 static int sent_capabilities;
56 static int shallow_update;
57 static const char *alt_shallow_file;
58 static struct strbuf push_cert = STRBUF_INIT;
59 static unsigned char push_cert_sha1[20];
60 static struct signature_check sigcheck;
61 static const char *push_cert_nonce;
62 static const char *cert_nonce_seed;
63
64 static const char *NONCE_UNSOLICITED = "UNSOLICITED";
65 static const char *NONCE_BAD = "BAD";
66 static const char *NONCE_MISSING = "MISSING";
67 static const char *NONCE_OK = "OK";
68 static const char *NONCE_SLOP = "SLOP";
69 static const char *nonce_status;
70 static long nonce_stamp_slop;
71 static unsigned long nonce_stamp_slop_limit;
72 static struct ref_transaction *transaction;
73
74 static enum deny_action parse_deny_action(const char *var, const char *value)
75 {
76 if (value) {
77 if (!strcasecmp(value, "ignore"))
78 return DENY_IGNORE;
79 if (!strcasecmp(value, "warn"))
80 return DENY_WARN;
81 if (!strcasecmp(value, "refuse"))
82 return DENY_REFUSE;
83 if (!strcasecmp(value, "updateinstead"))
84 return DENY_UPDATE_INSTEAD;
85 }
86 if (git_config_bool(var, value))
87 return DENY_REFUSE;
88 return DENY_IGNORE;
89 }
90
91 static int receive_pack_config(const char *var, const char *value, void *cb)
92 {
93 int status = parse_hide_refs_config(var, value, "receive");
94
95 if (status)
96 return status;
97
98 if (strcmp(var, "receive.denydeletes") == 0) {
99 deny_deletes = git_config_bool(var, value);
100 return 0;
101 }
102
103 if (strcmp(var, "receive.denynonfastforwards") == 0) {
104 deny_non_fast_forwards = git_config_bool(var, value);
105 return 0;
106 }
107
108 if (strcmp(var, "receive.unpacklimit") == 0) {
109 receive_unpack_limit = git_config_int(var, value);
110 return 0;
111 }
112
113 if (strcmp(var, "transfer.unpacklimit") == 0) {
114 transfer_unpack_limit = git_config_int(var, value);
115 return 0;
116 }
117
118 if (strcmp(var, "receive.fsckobjects") == 0) {
119 receive_fsck_objects = git_config_bool(var, value);
120 return 0;
121 }
122
123 if (strcmp(var, "transfer.fsckobjects") == 0) {
124 transfer_fsck_objects = git_config_bool(var, value);
125 return 0;
126 }
127
128 if (!strcmp(var, "receive.denycurrentbranch")) {
129 deny_current_branch = parse_deny_action(var, value);
130 return 0;
131 }
132
133 if (strcmp(var, "receive.denydeletecurrent") == 0) {
134 deny_delete_current = parse_deny_action(var, value);
135 return 0;
136 }
137
138 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
139 prefer_ofs_delta = git_config_bool(var, value);
140 return 0;
141 }
142
143 if (strcmp(var, "receive.updateserverinfo") == 0) {
144 auto_update_server_info = git_config_bool(var, value);
145 return 0;
146 }
147
148 if (strcmp(var, "receive.autogc") == 0) {
149 auto_gc = git_config_bool(var, value);
150 return 0;
151 }
152
153 if (strcmp(var, "receive.shallowupdate") == 0) {
154 shallow_update = git_config_bool(var, value);
155 return 0;
156 }
157
158 if (strcmp(var, "receive.certnonceseed") == 0)
159 return git_config_string(&cert_nonce_seed, var, value);
160
161 if (strcmp(var, "receive.certnonceslop") == 0) {
162 nonce_stamp_slop_limit = git_config_ulong(var, value);
163 return 0;
164 }
165
166 if (strcmp(var, "receive.advertiseatomic") == 0) {
167 advertise_atomic_push = git_config_bool(var, value);
168 return 0;
169 }
170
171 return git_default_config(var, value, cb);
172 }
173
174 static void show_ref(const char *path, const unsigned char *sha1)
175 {
176 if (ref_is_hidden(path))
177 return;
178
179 if (sent_capabilities) {
180 packet_write(1, "%s %s\n", sha1_to_hex(sha1), path);
181 } else {
182 struct strbuf cap = STRBUF_INIT;
183
184 strbuf_addstr(&cap,
185 "report-status delete-refs side-band-64k quiet");
186 if (advertise_atomic_push)
187 strbuf_addstr(&cap, " atomic");
188 if (prefer_ofs_delta)
189 strbuf_addstr(&cap, " ofs-delta");
190 if (push_cert_nonce)
191 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
192 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
193 packet_write(1, "%s %s%c%s\n",
194 sha1_to_hex(sha1), path, 0, cap.buf);
195 strbuf_release(&cap);
196 sent_capabilities = 1;
197 }
198 }
199
200 static int show_ref_cb(const char *path, const unsigned char *sha1, int flag, void *unused)
201 {
202 path = strip_namespace(path);
203 /*
204 * Advertise refs outside our current namespace as ".have"
205 * refs, so that the client can use them to minimize data
206 * transfer but will otherwise ignore them. This happens to
207 * cover ".have" that are thrown in by add_one_alternate_ref()
208 * to mark histories that are complete in our alternates as
209 * well.
210 */
211 if (!path)
212 path = ".have";
213 show_ref(path, sha1);
214 return 0;
215 }
216
217 static void show_one_alternate_sha1(const unsigned char sha1[20], void *unused)
218 {
219 show_ref(".have", sha1);
220 }
221
222 static void collect_one_alternate_ref(const struct ref *ref, void *data)
223 {
224 struct sha1_array *sa = data;
225 sha1_array_append(sa, ref->old_sha1);
226 }
227
228 static void write_head_info(void)
229 {
230 struct sha1_array sa = SHA1_ARRAY_INIT;
231 struct each_ref_fn_sha1_adapter wrapped_show_ref_cb =
232 {show_ref_cb, NULL};
233
234 for_each_alternate_ref(collect_one_alternate_ref, &sa);
235 sha1_array_for_each_unique(&sa, show_one_alternate_sha1, NULL);
236 sha1_array_clear(&sa);
237 for_each_ref(each_ref_fn_adapter, &wrapped_show_ref_cb);
238 if (!sent_capabilities)
239 show_ref("capabilities^{}", null_sha1);
240
241 advertise_shallow_grafts(1);
242
243 /* EOF */
244 packet_flush(1);
245 }
246
247 struct command {
248 struct command *next;
249 const char *error_string;
250 unsigned int skip_update:1,
251 did_not_exist:1;
252 int index;
253 unsigned char old_sha1[20];
254 unsigned char new_sha1[20];
255 char ref_name[FLEX_ARRAY]; /* more */
256 };
257
258 static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
259 static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
260
261 static void report_message(const char *prefix, const char *err, va_list params)
262 {
263 int sz = strlen(prefix);
264 char msg[4096];
265
266 strncpy(msg, prefix, sz);
267 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
268 if (sz > (sizeof(msg) - 1))
269 sz = sizeof(msg) - 1;
270 msg[sz++] = '\n';
271
272 if (use_sideband)
273 send_sideband(1, 2, msg, sz, use_sideband);
274 else
275 xwrite(2, msg, sz);
276 }
277
278 static void rp_warning(const char *err, ...)
279 {
280 va_list params;
281 va_start(params, err);
282 report_message("warning: ", err, params);
283 va_end(params);
284 }
285
286 static void rp_error(const char *err, ...)
287 {
288 va_list params;
289 va_start(params, err);
290 report_message("error: ", err, params);
291 va_end(params);
292 }
293
294 static int copy_to_sideband(int in, int out, void *arg)
295 {
296 char data[128];
297 while (1) {
298 ssize_t sz = xread(in, data, sizeof(data));
299 if (sz <= 0)
300 break;
301 send_sideband(1, 2, data, sz, use_sideband);
302 }
303 close(in);
304 return 0;
305 }
306
307 #define HMAC_BLOCK_SIZE 64
308
309 static void hmac_sha1(unsigned char *out,
310 const char *key_in, size_t key_len,
311 const char *text, size_t text_len)
312 {
313 unsigned char key[HMAC_BLOCK_SIZE];
314 unsigned char k_ipad[HMAC_BLOCK_SIZE];
315 unsigned char k_opad[HMAC_BLOCK_SIZE];
316 int i;
317 git_SHA_CTX ctx;
318
319 /* RFC 2104 2. (1) */
320 memset(key, '\0', HMAC_BLOCK_SIZE);
321 if (HMAC_BLOCK_SIZE < key_len) {
322 git_SHA1_Init(&ctx);
323 git_SHA1_Update(&ctx, key_in, key_len);
324 git_SHA1_Final(key, &ctx);
325 } else {
326 memcpy(key, key_in, key_len);
327 }
328
329 /* RFC 2104 2. (2) & (5) */
330 for (i = 0; i < sizeof(key); i++) {
331 k_ipad[i] = key[i] ^ 0x36;
332 k_opad[i] = key[i] ^ 0x5c;
333 }
334
335 /* RFC 2104 2. (3) & (4) */
336 git_SHA1_Init(&ctx);
337 git_SHA1_Update(&ctx, k_ipad, sizeof(k_ipad));
338 git_SHA1_Update(&ctx, text, text_len);
339 git_SHA1_Final(out, &ctx);
340
341 /* RFC 2104 2. (6) & (7) */
342 git_SHA1_Init(&ctx);
343 git_SHA1_Update(&ctx, k_opad, sizeof(k_opad));
344 git_SHA1_Update(&ctx, out, 20);
345 git_SHA1_Final(out, &ctx);
346 }
347
348 static char *prepare_push_cert_nonce(const char *path, unsigned long stamp)
349 {
350 struct strbuf buf = STRBUF_INIT;
351 unsigned char sha1[20];
352
353 strbuf_addf(&buf, "%s:%lu", path, stamp);
354 hmac_sha1(sha1, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));;
355 strbuf_release(&buf);
356
357 /* RFC 2104 5. HMAC-SHA1-80 */
358 strbuf_addf(&buf, "%lu-%.*s", stamp, 20, sha1_to_hex(sha1));
359 return strbuf_detach(&buf, NULL);
360 }
361
362 /*
363 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
364 * after dropping "_commit" from its name and possibly moving it out
365 * of commit.c
366 */
367 static char *find_header(const char *msg, size_t len, const char *key)
368 {
369 int key_len = strlen(key);
370 const char *line = msg;
371
372 while (line && line < msg + len) {
373 const char *eol = strchrnul(line, '\n');
374
375 if ((msg + len <= eol) || line == eol)
376 return NULL;
377 if (line + key_len < eol &&
378 !memcmp(line, key, key_len) && line[key_len] == ' ') {
379 int offset = key_len + 1;
380 return xmemdupz(line + offset, (eol - line) - offset);
381 }
382 line = *eol ? eol + 1 : NULL;
383 }
384 return NULL;
385 }
386
387 static const char *check_nonce(const char *buf, size_t len)
388 {
389 char *nonce = find_header(buf, len, "nonce");
390 unsigned long stamp, ostamp;
391 char *bohmac, *expect = NULL;
392 const char *retval = NONCE_BAD;
393
394 if (!nonce) {
395 retval = NONCE_MISSING;
396 goto leave;
397 } else if (!push_cert_nonce) {
398 retval = NONCE_UNSOLICITED;
399 goto leave;
400 } else if (!strcmp(push_cert_nonce, nonce)) {
401 retval = NONCE_OK;
402 goto leave;
403 }
404
405 if (!stateless_rpc) {
406 /* returned nonce MUST match what we gave out earlier */
407 retval = NONCE_BAD;
408 goto leave;
409 }
410
411 /*
412 * In stateless mode, we may be receiving a nonce issued by
413 * another instance of the server that serving the same
414 * repository, and the timestamps may not match, but the
415 * nonce-seed and dir should match, so we can recompute and
416 * report the time slop.
417 *
418 * In addition, when a nonce issued by another instance has
419 * timestamp within receive.certnonceslop seconds, we pretend
420 * as if we issued that nonce when reporting to the hook.
421 */
422
423 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
424 if (*nonce <= '0' || '9' < *nonce) {
425 retval = NONCE_BAD;
426 goto leave;
427 }
428 stamp = strtoul(nonce, &bohmac, 10);
429 if (bohmac == nonce || bohmac[0] != '-') {
430 retval = NONCE_BAD;
431 goto leave;
432 }
433
434 expect = prepare_push_cert_nonce(service_dir, stamp);
435 if (strcmp(expect, nonce)) {
436 /* Not what we would have signed earlier */
437 retval = NONCE_BAD;
438 goto leave;
439 }
440
441 /*
442 * By how many seconds is this nonce stale? Negative value
443 * would mean it was issued by another server with its clock
444 * skewed in the future.
445 */
446 ostamp = strtoul(push_cert_nonce, NULL, 10);
447 nonce_stamp_slop = (long)ostamp - (long)stamp;
448
449 if (nonce_stamp_slop_limit &&
450 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
451 /*
452 * Pretend as if the received nonce (which passes the
453 * HMAC check, so it is not a forged by third-party)
454 * is what we issued.
455 */
456 free((void *)push_cert_nonce);
457 push_cert_nonce = xstrdup(nonce);
458 retval = NONCE_OK;
459 } else {
460 retval = NONCE_SLOP;
461 }
462
463 leave:
464 free(nonce);
465 free(expect);
466 return retval;
467 }
468
469 static void prepare_push_cert_sha1(struct child_process *proc)
470 {
471 static int already_done;
472
473 if (!push_cert.len)
474 return;
475
476 if (!already_done) {
477 struct strbuf gpg_output = STRBUF_INIT;
478 struct strbuf gpg_status = STRBUF_INIT;
479 int bogs /* beginning_of_gpg_sig */;
480
481 already_done = 1;
482 if (write_sha1_file(push_cert.buf, push_cert.len, "blob", push_cert_sha1))
483 hashclr(push_cert_sha1);
484
485 memset(&sigcheck, '\0', sizeof(sigcheck));
486 sigcheck.result = 'N';
487
488 bogs = parse_signature(push_cert.buf, push_cert.len);
489 if (verify_signed_buffer(push_cert.buf, bogs,
490 push_cert.buf + bogs, push_cert.len - bogs,
491 &gpg_output, &gpg_status) < 0) {
492 ; /* error running gpg */
493 } else {
494 sigcheck.payload = push_cert.buf;
495 sigcheck.gpg_output = gpg_output.buf;
496 sigcheck.gpg_status = gpg_status.buf;
497 parse_gpg_output(&sigcheck);
498 }
499
500 strbuf_release(&gpg_output);
501 strbuf_release(&gpg_status);
502 nonce_status = check_nonce(push_cert.buf, bogs);
503 }
504 if (!is_null_sha1(push_cert_sha1)) {
505 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT=%s",
506 sha1_to_hex(push_cert_sha1));
507 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_SIGNER=%s",
508 sigcheck.signer ? sigcheck.signer : "");
509 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_KEY=%s",
510 sigcheck.key ? sigcheck.key : "");
511 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_STATUS=%c",
512 sigcheck.result);
513 if (push_cert_nonce) {
514 argv_array_pushf(&proc->env_array,
515 "GIT_PUSH_CERT_NONCE=%s",
516 push_cert_nonce);
517 argv_array_pushf(&proc->env_array,
518 "GIT_PUSH_CERT_NONCE_STATUS=%s",
519 nonce_status);
520 if (nonce_status == NONCE_SLOP)
521 argv_array_pushf(&proc->env_array,
522 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
523 nonce_stamp_slop);
524 }
525 }
526 }
527
528 typedef int (*feed_fn)(void *, const char **, size_t *);
529 static int run_and_feed_hook(const char *hook_name, feed_fn feed, void *feed_state)
530 {
531 struct child_process proc = CHILD_PROCESS_INIT;
532 struct async muxer;
533 const char *argv[2];
534 int code;
535
536 argv[0] = find_hook(hook_name);
537 if (!argv[0])
538 return 0;
539
540 argv[1] = NULL;
541
542 proc.argv = argv;
543 proc.in = -1;
544 proc.stdout_to_stderr = 1;
545
546 if (use_sideband) {
547 memset(&muxer, 0, sizeof(muxer));
548 muxer.proc = copy_to_sideband;
549 muxer.in = -1;
550 code = start_async(&muxer);
551 if (code)
552 return code;
553 proc.err = muxer.in;
554 }
555
556 prepare_push_cert_sha1(&proc);
557
558 code = start_command(&proc);
559 if (code) {
560 if (use_sideband)
561 finish_async(&muxer);
562 return code;
563 }
564
565 sigchain_push(SIGPIPE, SIG_IGN);
566
567 while (1) {
568 const char *buf;
569 size_t n;
570 if (feed(feed_state, &buf, &n))
571 break;
572 if (write_in_full(proc.in, buf, n) != n)
573 break;
574 }
575 close(proc.in);
576 if (use_sideband)
577 finish_async(&muxer);
578
579 sigchain_pop(SIGPIPE);
580
581 return finish_command(&proc);
582 }
583
584 struct receive_hook_feed_state {
585 struct command *cmd;
586 int skip_broken;
587 struct strbuf buf;
588 };
589
590 static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
591 {
592 struct receive_hook_feed_state *state = state_;
593 struct command *cmd = state->cmd;
594
595 while (cmd &&
596 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
597 cmd = cmd->next;
598 if (!cmd)
599 return -1; /* EOF */
600 strbuf_reset(&state->buf);
601 strbuf_addf(&state->buf, "%s %s %s\n",
602 sha1_to_hex(cmd->old_sha1), sha1_to_hex(cmd->new_sha1),
603 cmd->ref_name);
604 state->cmd = cmd->next;
605 if (bufp) {
606 *bufp = state->buf.buf;
607 *sizep = state->buf.len;
608 }
609 return 0;
610 }
611
612 static int run_receive_hook(struct command *commands, const char *hook_name,
613 int skip_broken)
614 {
615 struct receive_hook_feed_state state;
616 int status;
617
618 strbuf_init(&state.buf, 0);
619 state.cmd = commands;
620 state.skip_broken = skip_broken;
621 if (feed_receive_hook(&state, NULL, NULL))
622 return 0;
623 state.cmd = commands;
624 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
625 strbuf_release(&state.buf);
626 return status;
627 }
628
629 static int run_update_hook(struct command *cmd)
630 {
631 const char *argv[5];
632 struct child_process proc = CHILD_PROCESS_INIT;
633 int code;
634
635 argv[0] = find_hook("update");
636 if (!argv[0])
637 return 0;
638
639 argv[1] = cmd->ref_name;
640 argv[2] = sha1_to_hex(cmd->old_sha1);
641 argv[3] = sha1_to_hex(cmd->new_sha1);
642 argv[4] = NULL;
643
644 proc.no_stdin = 1;
645 proc.stdout_to_stderr = 1;
646 proc.err = use_sideband ? -1 : 0;
647 proc.argv = argv;
648
649 code = start_command(&proc);
650 if (code)
651 return code;
652 if (use_sideband)
653 copy_to_sideband(proc.err, -1, NULL);
654 return finish_command(&proc);
655 }
656
657 static int is_ref_checked_out(const char *ref)
658 {
659 if (is_bare_repository())
660 return 0;
661
662 if (!head_name)
663 return 0;
664 return !strcmp(head_name, ref);
665 }
666
667 static char *refuse_unconfigured_deny_msg[] = {
668 "By default, updating the current branch in a non-bare repository",
669 "is denied, because it will make the index and work tree inconsistent",
670 "with what you pushed, and will require 'git reset --hard' to match",
671 "the work tree to HEAD.",
672 "",
673 "You can set 'receive.denyCurrentBranch' configuration variable to",
674 "'ignore' or 'warn' in the remote repository to allow pushing into",
675 "its current branch; however, this is not recommended unless you",
676 "arranged to update its work tree to match what you pushed in some",
677 "other way.",
678 "",
679 "To squelch this message and still keep the default behaviour, set",
680 "'receive.denyCurrentBranch' configuration variable to 'refuse'."
681 };
682
683 static void refuse_unconfigured_deny(void)
684 {
685 int i;
686 for (i = 0; i < ARRAY_SIZE(refuse_unconfigured_deny_msg); i++)
687 rp_error("%s", refuse_unconfigured_deny_msg[i]);
688 }
689
690 static char *refuse_unconfigured_deny_delete_current_msg[] = {
691 "By default, deleting the current branch is denied, because the next",
692 "'git clone' won't result in any file checked out, causing confusion.",
693 "",
694 "You can set 'receive.denyDeleteCurrent' configuration variable to",
695 "'warn' or 'ignore' in the remote repository to allow deleting the",
696 "current branch, with or without a warning message.",
697 "",
698 "To squelch this message, you can set it to 'refuse'."
699 };
700
701 static void refuse_unconfigured_deny_delete_current(void)
702 {
703 int i;
704 for (i = 0;
705 i < ARRAY_SIZE(refuse_unconfigured_deny_delete_current_msg);
706 i++)
707 rp_error("%s", refuse_unconfigured_deny_delete_current_msg[i]);
708 }
709
710 static int command_singleton_iterator(void *cb_data, unsigned char sha1[20]);
711 static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
712 {
713 static struct lock_file shallow_lock;
714 struct sha1_array extra = SHA1_ARRAY_INIT;
715 const char *alt_file;
716 uint32_t mask = 1 << (cmd->index % 32);
717 int i;
718
719 trace_printf_key(&trace_shallow,
720 "shallow: update_shallow_ref %s\n", cmd->ref_name);
721 for (i = 0; i < si->shallow->nr; i++)
722 if (si->used_shallow[i] &&
723 (si->used_shallow[i][cmd->index / 32] & mask) &&
724 !delayed_reachability_test(si, i))
725 sha1_array_append(&extra, si->shallow->sha1[i]);
726
727 setup_alternate_shallow(&shallow_lock, &alt_file, &extra);
728 if (check_shallow_connected(command_singleton_iterator,
729 0, cmd, alt_file)) {
730 rollback_lock_file(&shallow_lock);
731 sha1_array_clear(&extra);
732 return -1;
733 }
734
735 commit_lock_file(&shallow_lock);
736
737 /*
738 * Make sure setup_alternate_shallow() for the next ref does
739 * not lose these new roots..
740 */
741 for (i = 0; i < extra.nr; i++)
742 register_shallow(extra.sha1[i]);
743
744 si->shallow_ref[cmd->index] = 0;
745 sha1_array_clear(&extra);
746 return 0;
747 }
748
749 /*
750 * NEEDSWORK: we should consolidate various implementions of "are we
751 * on an unborn branch?" test into one, and make the unified one more
752 * robust. !get_sha1() based check used here and elsewhere would not
753 * allow us to tell an unborn branch from corrupt ref, for example.
754 * For the purpose of fixing "deploy-to-update does not work when
755 * pushing into an empty repository" issue, this should suffice for
756 * now.
757 */
758 static int head_has_history(void)
759 {
760 unsigned char sha1[20];
761
762 return !get_sha1("HEAD", sha1);
763 }
764
765 static const char *push_to_deploy(unsigned char *sha1,
766 struct argv_array *env,
767 const char *work_tree)
768 {
769 const char *update_refresh[] = {
770 "update-index", "-q", "--ignore-submodules", "--refresh", NULL
771 };
772 const char *diff_files[] = {
773 "diff-files", "--quiet", "--ignore-submodules", "--", NULL
774 };
775 const char *diff_index[] = {
776 "diff-index", "--quiet", "--cached", "--ignore-submodules",
777 NULL, "--", NULL
778 };
779 const char *read_tree[] = {
780 "read-tree", "-u", "-m", NULL, NULL
781 };
782 struct child_process child = CHILD_PROCESS_INIT;
783
784 child.argv = update_refresh;
785 child.env = env->argv;
786 child.dir = work_tree;
787 child.no_stdin = 1;
788 child.stdout_to_stderr = 1;
789 child.git_cmd = 1;
790 if (run_command(&child))
791 return "Up-to-date check failed";
792
793 /* run_command() does not clean up completely; reinitialize */
794 child_process_init(&child);
795 child.argv = diff_files;
796 child.env = env->argv;
797 child.dir = work_tree;
798 child.no_stdin = 1;
799 child.stdout_to_stderr = 1;
800 child.git_cmd = 1;
801 if (run_command(&child))
802 return "Working directory has unstaged changes";
803
804 /* diff-index with either HEAD or an empty tree */
805 diff_index[4] = head_has_history() ? "HEAD" : EMPTY_TREE_SHA1_HEX;
806
807 child_process_init(&child);
808 child.argv = diff_index;
809 child.env = env->argv;
810 child.no_stdin = 1;
811 child.no_stdout = 1;
812 child.stdout_to_stderr = 0;
813 child.git_cmd = 1;
814 if (run_command(&child))
815 return "Working directory has staged changes";
816
817 read_tree[3] = sha1_to_hex(sha1);
818 child_process_init(&child);
819 child.argv = read_tree;
820 child.env = env->argv;
821 child.dir = work_tree;
822 child.no_stdin = 1;
823 child.no_stdout = 1;
824 child.stdout_to_stderr = 0;
825 child.git_cmd = 1;
826 if (run_command(&child))
827 return "Could not update working tree to new HEAD";
828
829 return NULL;
830 }
831
832 static const char *push_to_checkout_hook = "push-to-checkout";
833
834 static const char *push_to_checkout(unsigned char *sha1,
835 struct argv_array *env,
836 const char *work_tree)
837 {
838 argv_array_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
839 if (run_hook_le(env->argv, push_to_checkout_hook,
840 sha1_to_hex(sha1), NULL))
841 return "push-to-checkout hook declined";
842 else
843 return NULL;
844 }
845
846 static const char *update_worktree(unsigned char *sha1)
847 {
848 const char *retval;
849 const char *work_tree = git_work_tree_cfg ? git_work_tree_cfg : "..";
850 struct argv_array env = ARGV_ARRAY_INIT;
851
852 if (is_bare_repository())
853 return "denyCurrentBranch = updateInstead needs a worktree";
854
855 argv_array_pushf(&env, "GIT_DIR=%s", absolute_path(get_git_dir()));
856
857 if (!find_hook(push_to_checkout_hook))
858 retval = push_to_deploy(sha1, &env, work_tree);
859 else
860 retval = push_to_checkout(sha1, &env, work_tree);
861
862 argv_array_clear(&env);
863 return retval;
864 }
865
866 static const char *update(struct command *cmd, struct shallow_info *si)
867 {
868 const char *name = cmd->ref_name;
869 struct strbuf namespaced_name_buf = STRBUF_INIT;
870 const char *namespaced_name, *ret;
871 unsigned char *old_sha1 = cmd->old_sha1;
872 unsigned char *new_sha1 = cmd->new_sha1;
873
874 /* only refs/... are allowed */
875 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
876 rp_error("refusing to create funny ref '%s' remotely", name);
877 return "funny refname";
878 }
879
880 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
881 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
882
883 if (is_ref_checked_out(namespaced_name)) {
884 switch (deny_current_branch) {
885 case DENY_IGNORE:
886 break;
887 case DENY_WARN:
888 rp_warning("updating the current branch");
889 break;
890 case DENY_REFUSE:
891 case DENY_UNCONFIGURED:
892 rp_error("refusing to update checked out branch: %s", name);
893 if (deny_current_branch == DENY_UNCONFIGURED)
894 refuse_unconfigured_deny();
895 return "branch is currently checked out";
896 case DENY_UPDATE_INSTEAD:
897 ret = update_worktree(new_sha1);
898 if (ret)
899 return ret;
900 break;
901 }
902 }
903
904 if (!is_null_sha1(new_sha1) && !has_sha1_file(new_sha1)) {
905 error("unpack should have generated %s, "
906 "but I can't find it!", sha1_to_hex(new_sha1));
907 return "bad pack";
908 }
909
910 if (!is_null_sha1(old_sha1) && is_null_sha1(new_sha1)) {
911 if (deny_deletes && starts_with(name, "refs/heads/")) {
912 rp_error("denying ref deletion for %s", name);
913 return "deletion prohibited";
914 }
915
916 if (!strcmp(namespaced_name, head_name)) {
917 switch (deny_delete_current) {
918 case DENY_IGNORE:
919 break;
920 case DENY_WARN:
921 rp_warning("deleting the current branch");
922 break;
923 case DENY_REFUSE:
924 case DENY_UNCONFIGURED:
925 case DENY_UPDATE_INSTEAD:
926 if (deny_delete_current == DENY_UNCONFIGURED)
927 refuse_unconfigured_deny_delete_current();
928 rp_error("refusing to delete the current branch: %s", name);
929 return "deletion of the current branch prohibited";
930 default:
931 return "Invalid denyDeleteCurrent setting";
932 }
933 }
934 }
935
936 if (deny_non_fast_forwards && !is_null_sha1(new_sha1) &&
937 !is_null_sha1(old_sha1) &&
938 starts_with(name, "refs/heads/")) {
939 struct object *old_object, *new_object;
940 struct commit *old_commit, *new_commit;
941
942 old_object = parse_object(old_sha1);
943 new_object = parse_object(new_sha1);
944
945 if (!old_object || !new_object ||
946 old_object->type != OBJ_COMMIT ||
947 new_object->type != OBJ_COMMIT) {
948 error("bad sha1 objects for %s", name);
949 return "bad ref";
950 }
951 old_commit = (struct commit *)old_object;
952 new_commit = (struct commit *)new_object;
953 if (!in_merge_bases(old_commit, new_commit)) {
954 rp_error("denying non-fast-forward %s"
955 " (you should pull first)", name);
956 return "non-fast-forward";
957 }
958 }
959 if (run_update_hook(cmd)) {
960 rp_error("hook declined to update %s", name);
961 return "hook declined";
962 }
963
964 if (is_null_sha1(new_sha1)) {
965 struct strbuf err = STRBUF_INIT;
966 if (!parse_object(old_sha1)) {
967 old_sha1 = NULL;
968 if (ref_exists(name)) {
969 rp_warning("Allowing deletion of corrupt ref.");
970 } else {
971 rp_warning("Deleting a non-existent ref.");
972 cmd->did_not_exist = 1;
973 }
974 }
975 if (ref_transaction_delete(transaction,
976 namespaced_name,
977 old_sha1,
978 0, "push", &err)) {
979 rp_error("%s", err.buf);
980 strbuf_release(&err);
981 return "failed to delete";
982 }
983 strbuf_release(&err);
984 return NULL; /* good */
985 }
986 else {
987 struct strbuf err = STRBUF_INIT;
988 if (shallow_update && si->shallow_ref[cmd->index] &&
989 update_shallow_ref(cmd, si))
990 return "shallow error";
991
992 if (ref_transaction_update(transaction,
993 namespaced_name,
994 new_sha1, old_sha1,
995 0, "push",
996 &err)) {
997 rp_error("%s", err.buf);
998 strbuf_release(&err);
999
1000 return "failed to update ref";
1001 }
1002 strbuf_release(&err);
1003
1004 return NULL; /* good */
1005 }
1006 }
1007
1008 static void run_update_post_hook(struct command *commands)
1009 {
1010 struct command *cmd;
1011 int argc;
1012 const char **argv;
1013 struct child_process proc = CHILD_PROCESS_INIT;
1014 const char *hook;
1015
1016 hook = find_hook("post-update");
1017 for (argc = 0, cmd = commands; cmd; cmd = cmd->next) {
1018 if (cmd->error_string || cmd->did_not_exist)
1019 continue;
1020 argc++;
1021 }
1022 if (!argc || !hook)
1023 return;
1024
1025 argv = xmalloc(sizeof(*argv) * (2 + argc));
1026 argv[0] = hook;
1027
1028 for (argc = 1, cmd = commands; cmd; cmd = cmd->next) {
1029 if (cmd->error_string || cmd->did_not_exist)
1030 continue;
1031 argv[argc] = xstrdup(cmd->ref_name);
1032 argc++;
1033 }
1034 argv[argc] = NULL;
1035
1036 proc.no_stdin = 1;
1037 proc.stdout_to_stderr = 1;
1038 proc.err = use_sideband ? -1 : 0;
1039 proc.argv = argv;
1040
1041 if (!start_command(&proc)) {
1042 if (use_sideband)
1043 copy_to_sideband(proc.err, -1, NULL);
1044 finish_command(&proc);
1045 }
1046 }
1047
1048 static void check_aliased_update(struct command *cmd, struct string_list *list)
1049 {
1050 struct strbuf buf = STRBUF_INIT;
1051 const char *dst_name;
1052 struct string_list_item *item;
1053 struct command *dst_cmd;
1054 unsigned char sha1[20];
1055 char cmd_oldh[41], cmd_newh[41], dst_oldh[41], dst_newh[41];
1056 int flag;
1057
1058 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1059 dst_name = resolve_ref_unsafe(buf.buf, 0, sha1, &flag);
1060 strbuf_release(&buf);
1061
1062 if (!(flag & REF_ISSYMREF))
1063 return;
1064
1065 dst_name = strip_namespace(dst_name);
1066 if (!dst_name) {
1067 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1068 cmd->skip_update = 1;
1069 cmd->error_string = "broken symref";
1070 return;
1071 }
1072
1073 if ((item = string_list_lookup(list, dst_name)) == NULL)
1074 return;
1075
1076 cmd->skip_update = 1;
1077
1078 dst_cmd = (struct command *) item->util;
1079
1080 if (!hashcmp(cmd->old_sha1, dst_cmd->old_sha1) &&
1081 !hashcmp(cmd->new_sha1, dst_cmd->new_sha1))
1082 return;
1083
1084 dst_cmd->skip_update = 1;
1085
1086 strcpy(cmd_oldh, find_unique_abbrev(cmd->old_sha1, DEFAULT_ABBREV));
1087 strcpy(cmd_newh, find_unique_abbrev(cmd->new_sha1, DEFAULT_ABBREV));
1088 strcpy(dst_oldh, find_unique_abbrev(dst_cmd->old_sha1, DEFAULT_ABBREV));
1089 strcpy(dst_newh, find_unique_abbrev(dst_cmd->new_sha1, DEFAULT_ABBREV));
1090 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1091 " its target '%s' (%s..%s)",
1092 cmd->ref_name, cmd_oldh, cmd_newh,
1093 dst_cmd->ref_name, dst_oldh, dst_newh);
1094
1095 cmd->error_string = dst_cmd->error_string =
1096 "inconsistent aliased update";
1097 }
1098
1099 static void check_aliased_updates(struct command *commands)
1100 {
1101 struct command *cmd;
1102 struct string_list ref_list = STRING_LIST_INIT_NODUP;
1103
1104 for (cmd = commands; cmd; cmd = cmd->next) {
1105 struct string_list_item *item =
1106 string_list_append(&ref_list, cmd->ref_name);
1107 item->util = (void *)cmd;
1108 }
1109 string_list_sort(&ref_list);
1110
1111 for (cmd = commands; cmd; cmd = cmd->next) {
1112 if (!cmd->error_string)
1113 check_aliased_update(cmd, &ref_list);
1114 }
1115
1116 string_list_clear(&ref_list, 0);
1117 }
1118
1119 static int command_singleton_iterator(void *cb_data, unsigned char sha1[20])
1120 {
1121 struct command **cmd_list = cb_data;
1122 struct command *cmd = *cmd_list;
1123
1124 if (!cmd || is_null_sha1(cmd->new_sha1))
1125 return -1; /* end of list */
1126 *cmd_list = NULL; /* this returns only one */
1127 hashcpy(sha1, cmd->new_sha1);
1128 return 0;
1129 }
1130
1131 static void set_connectivity_errors(struct command *commands,
1132 struct shallow_info *si)
1133 {
1134 struct command *cmd;
1135
1136 for (cmd = commands; cmd; cmd = cmd->next) {
1137 struct command *singleton = cmd;
1138 if (shallow_update && si->shallow_ref[cmd->index])
1139 /* to be checked in update_shallow_ref() */
1140 continue;
1141 if (!check_everything_connected(command_singleton_iterator,
1142 0, &singleton))
1143 continue;
1144 cmd->error_string = "missing necessary objects";
1145 }
1146 }
1147
1148 struct iterate_data {
1149 struct command *cmds;
1150 struct shallow_info *si;
1151 };
1152
1153 static int iterate_receive_command_list(void *cb_data, unsigned char sha1[20])
1154 {
1155 struct iterate_data *data = cb_data;
1156 struct command **cmd_list = &data->cmds;
1157 struct command *cmd = *cmd_list;
1158
1159 for (; cmd; cmd = cmd->next) {
1160 if (shallow_update && data->si->shallow_ref[cmd->index])
1161 /* to be checked in update_shallow_ref() */
1162 continue;
1163 if (!is_null_sha1(cmd->new_sha1) && !cmd->skip_update) {
1164 hashcpy(sha1, cmd->new_sha1);
1165 *cmd_list = cmd->next;
1166 return 0;
1167 }
1168 }
1169 *cmd_list = NULL;
1170 return -1; /* end of list */
1171 }
1172
1173 static void reject_updates_to_hidden(struct command *commands)
1174 {
1175 struct command *cmd;
1176
1177 for (cmd = commands; cmd; cmd = cmd->next) {
1178 if (cmd->error_string || !ref_is_hidden(cmd->ref_name))
1179 continue;
1180 if (is_null_sha1(cmd->new_sha1))
1181 cmd->error_string = "deny deleting a hidden ref";
1182 else
1183 cmd->error_string = "deny updating a hidden ref";
1184 }
1185 }
1186
1187 static int should_process_cmd(struct command *cmd)
1188 {
1189 return !cmd->error_string && !cmd->skip_update;
1190 }
1191
1192 static void warn_if_skipped_connectivity_check(struct command *commands,
1193 struct shallow_info *si)
1194 {
1195 struct command *cmd;
1196 int checked_connectivity = 1;
1197
1198 for (cmd = commands; cmd; cmd = cmd->next) {
1199 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index]) {
1200 error("BUG: connectivity check has not been run on ref %s",
1201 cmd->ref_name);
1202 checked_connectivity = 0;
1203 }
1204 }
1205 if (!checked_connectivity)
1206 die("BUG: connectivity check skipped???");
1207 }
1208
1209 static void execute_commands_non_atomic(struct command *commands,
1210 struct shallow_info *si)
1211 {
1212 struct command *cmd;
1213 struct strbuf err = STRBUF_INIT;
1214
1215 for (cmd = commands; cmd; cmd = cmd->next) {
1216 if (!should_process_cmd(cmd))
1217 continue;
1218
1219 transaction = ref_transaction_begin(&err);
1220 if (!transaction) {
1221 rp_error("%s", err.buf);
1222 strbuf_reset(&err);
1223 cmd->error_string = "transaction failed to start";
1224 continue;
1225 }
1226
1227 cmd->error_string = update(cmd, si);
1228
1229 if (!cmd->error_string
1230 && ref_transaction_commit(transaction, &err)) {
1231 rp_error("%s", err.buf);
1232 strbuf_reset(&err);
1233 cmd->error_string = "failed to update ref";
1234 }
1235 ref_transaction_free(transaction);
1236 }
1237 strbuf_release(&err);
1238 }
1239
1240 static void execute_commands_atomic(struct command *commands,
1241 struct shallow_info *si)
1242 {
1243 struct command *cmd;
1244 struct strbuf err = STRBUF_INIT;
1245 const char *reported_error = "atomic push failure";
1246
1247 transaction = ref_transaction_begin(&err);
1248 if (!transaction) {
1249 rp_error("%s", err.buf);
1250 strbuf_reset(&err);
1251 reported_error = "transaction failed to start";
1252 goto failure;
1253 }
1254
1255 for (cmd = commands; cmd; cmd = cmd->next) {
1256 if (!should_process_cmd(cmd))
1257 continue;
1258
1259 cmd->error_string = update(cmd, si);
1260
1261 if (cmd->error_string)
1262 goto failure;
1263 }
1264
1265 if (ref_transaction_commit(transaction, &err)) {
1266 rp_error("%s", err.buf);
1267 reported_error = "atomic transaction failed";
1268 goto failure;
1269 }
1270 goto cleanup;
1271
1272 failure:
1273 for (cmd = commands; cmd; cmd = cmd->next)
1274 if (!cmd->error_string)
1275 cmd->error_string = reported_error;
1276
1277 cleanup:
1278 ref_transaction_free(transaction);
1279 strbuf_release(&err);
1280 }
1281
1282 static void execute_commands(struct command *commands,
1283 const char *unpacker_error,
1284 struct shallow_info *si)
1285 {
1286 struct command *cmd;
1287 unsigned char sha1[20];
1288 struct iterate_data data;
1289
1290 if (unpacker_error) {
1291 for (cmd = commands; cmd; cmd = cmd->next)
1292 cmd->error_string = "unpacker error";
1293 return;
1294 }
1295
1296 data.cmds = commands;
1297 data.si = si;
1298 if (check_everything_connected(iterate_receive_command_list, 0, &data))
1299 set_connectivity_errors(commands, si);
1300
1301 reject_updates_to_hidden(commands);
1302
1303 if (run_receive_hook(commands, "pre-receive", 0)) {
1304 for (cmd = commands; cmd; cmd = cmd->next) {
1305 if (!cmd->error_string)
1306 cmd->error_string = "pre-receive hook declined";
1307 }
1308 return;
1309 }
1310
1311 check_aliased_updates(commands);
1312
1313 free(head_name_to_free);
1314 head_name = head_name_to_free = resolve_refdup("HEAD", 0, sha1, NULL);
1315
1316 if (use_atomic)
1317 execute_commands_atomic(commands, si);
1318 else
1319 execute_commands_non_atomic(commands, si);
1320
1321 if (shallow_update)
1322 warn_if_skipped_connectivity_check(commands, si);
1323 }
1324
1325 static struct command **queue_command(struct command **tail,
1326 const char *line,
1327 int linelen)
1328 {
1329 unsigned char old_sha1[20], new_sha1[20];
1330 struct command *cmd;
1331 const char *refname;
1332 int reflen;
1333
1334 if (linelen < 83 ||
1335 line[40] != ' ' ||
1336 line[81] != ' ' ||
1337 get_sha1_hex(line, old_sha1) ||
1338 get_sha1_hex(line + 41, new_sha1))
1339 die("protocol error: expected old/new/ref, got '%s'", line);
1340
1341 refname = line + 82;
1342 reflen = linelen - 82;
1343 cmd = xcalloc(1, sizeof(struct command) + reflen + 1);
1344 hashcpy(cmd->old_sha1, old_sha1);
1345 hashcpy(cmd->new_sha1, new_sha1);
1346 memcpy(cmd->ref_name, refname, reflen);
1347 cmd->ref_name[reflen] = '\0';
1348 *tail = cmd;
1349 return &cmd->next;
1350 }
1351
1352 static void queue_commands_from_cert(struct command **tail,
1353 struct strbuf *push_cert)
1354 {
1355 const char *boc, *eoc;
1356
1357 if (*tail)
1358 die("protocol error: got both push certificate and unsigned commands");
1359
1360 boc = strstr(push_cert->buf, "\n\n");
1361 if (!boc)
1362 die("malformed push certificate %.*s", 100, push_cert->buf);
1363 else
1364 boc += 2;
1365 eoc = push_cert->buf + parse_signature(push_cert->buf, push_cert->len);
1366
1367 while (boc < eoc) {
1368 const char *eol = memchr(boc, '\n', eoc - boc);
1369 tail = queue_command(tail, boc, eol ? eol - boc : eoc - eol);
1370 boc = eol ? eol + 1 : eoc;
1371 }
1372 }
1373
1374 static struct command *read_head_info(struct sha1_array *shallow)
1375 {
1376 struct command *commands = NULL;
1377 struct command **p = &commands;
1378 for (;;) {
1379 char *line;
1380 int len, linelen;
1381
1382 line = packet_read_line(0, &len);
1383 if (!line)
1384 break;
1385
1386 if (len == 48 && starts_with(line, "shallow ")) {
1387 unsigned char sha1[20];
1388 if (get_sha1_hex(line + 8, sha1))
1389 die("protocol error: expected shallow sha, got '%s'",
1390 line + 8);
1391 sha1_array_append(shallow, sha1);
1392 continue;
1393 }
1394
1395 linelen = strlen(line);
1396 if (linelen < len) {
1397 const char *feature_list = line + linelen + 1;
1398 if (parse_feature_request(feature_list, "report-status"))
1399 report_status = 1;
1400 if (parse_feature_request(feature_list, "side-band-64k"))
1401 use_sideband = LARGE_PACKET_MAX;
1402 if (parse_feature_request(feature_list, "quiet"))
1403 quiet = 1;
1404 if (advertise_atomic_push
1405 && parse_feature_request(feature_list, "atomic"))
1406 use_atomic = 1;
1407 }
1408
1409 if (!strcmp(line, "push-cert")) {
1410 int true_flush = 0;
1411 char certbuf[1024];
1412
1413 for (;;) {
1414 len = packet_read(0, NULL, NULL,
1415 certbuf, sizeof(certbuf), 0);
1416 if (!len) {
1417 true_flush = 1;
1418 break;
1419 }
1420 if (!strcmp(certbuf, "push-cert-end\n"))
1421 break; /* end of cert */
1422 strbuf_addstr(&push_cert, certbuf);
1423 }
1424
1425 if (true_flush)
1426 break;
1427 continue;
1428 }
1429
1430 p = queue_command(p, line, linelen);
1431 }
1432
1433 if (push_cert.len)
1434 queue_commands_from_cert(p, &push_cert);
1435
1436 return commands;
1437 }
1438
1439 static const char *parse_pack_header(struct pack_header *hdr)
1440 {
1441 switch (read_pack_header(0, hdr)) {
1442 case PH_ERROR_EOF:
1443 return "eof before pack header was fully read";
1444
1445 case PH_ERROR_PACK_SIGNATURE:
1446 return "protocol error (pack signature mismatch detected)";
1447
1448 case PH_ERROR_PROTOCOL:
1449 return "protocol error (pack version unsupported)";
1450
1451 default:
1452 return "unknown error in parse_pack_header";
1453
1454 case 0:
1455 return NULL;
1456 }
1457 }
1458
1459 static const char *pack_lockfile;
1460
1461 static const char *unpack(int err_fd, struct shallow_info *si)
1462 {
1463 struct pack_header hdr;
1464 const char *hdr_err;
1465 int status;
1466 char hdr_arg[38];
1467 struct child_process child = CHILD_PROCESS_INIT;
1468 int fsck_objects = (receive_fsck_objects >= 0
1469 ? receive_fsck_objects
1470 : transfer_fsck_objects >= 0
1471 ? transfer_fsck_objects
1472 : 0);
1473
1474 hdr_err = parse_pack_header(&hdr);
1475 if (hdr_err) {
1476 if (err_fd > 0)
1477 close(err_fd);
1478 return hdr_err;
1479 }
1480 snprintf(hdr_arg, sizeof(hdr_arg),
1481 "--pack_header=%"PRIu32",%"PRIu32,
1482 ntohl(hdr.hdr_version), ntohl(hdr.hdr_entries));
1483
1484 if (si->nr_ours || si->nr_theirs) {
1485 alt_shallow_file = setup_temporary_shallow(si->shallow);
1486 argv_array_push(&child.args, "--shallow-file");
1487 argv_array_push(&child.args, alt_shallow_file);
1488 }
1489
1490 if (ntohl(hdr.hdr_entries) < unpack_limit) {
1491 argv_array_pushl(&child.args, "unpack-objects", hdr_arg, NULL);
1492 if (quiet)
1493 argv_array_push(&child.args, "-q");
1494 if (fsck_objects)
1495 argv_array_push(&child.args, "--strict");
1496 child.no_stdout = 1;
1497 child.err = err_fd;
1498 child.git_cmd = 1;
1499 status = run_command(&child);
1500 if (status)
1501 return "unpack-objects abnormal exit";
1502 } else {
1503 int s;
1504 char keep_arg[256];
1505
1506 s = sprintf(keep_arg, "--keep=receive-pack %"PRIuMAX" on ", (uintmax_t) getpid());
1507 if (gethostname(keep_arg + s, sizeof(keep_arg) - s))
1508 strcpy(keep_arg + s, "localhost");
1509
1510 argv_array_pushl(&child.args, "index-pack",
1511 "--stdin", hdr_arg, keep_arg, NULL);
1512 if (fsck_objects)
1513 argv_array_push(&child.args, "--strict");
1514 if (fix_thin)
1515 argv_array_push(&child.args, "--fix-thin");
1516 child.out = -1;
1517 child.err = err_fd;
1518 child.git_cmd = 1;
1519 status = start_command(&child);
1520 if (status)
1521 return "index-pack fork failed";
1522 pack_lockfile = index_pack_lockfile(child.out);
1523 close(child.out);
1524 status = finish_command(&child);
1525 if (status)
1526 return "index-pack abnormal exit";
1527 reprepare_packed_git();
1528 }
1529 return NULL;
1530 }
1531
1532 static const char *unpack_with_sideband(struct shallow_info *si)
1533 {
1534 struct async muxer;
1535 const char *ret;
1536
1537 if (!use_sideband)
1538 return unpack(0, si);
1539
1540 memset(&muxer, 0, sizeof(muxer));
1541 muxer.proc = copy_to_sideband;
1542 muxer.in = -1;
1543 if (start_async(&muxer))
1544 return NULL;
1545
1546 ret = unpack(muxer.in, si);
1547
1548 finish_async(&muxer);
1549 return ret;
1550 }
1551
1552 static void prepare_shallow_update(struct command *commands,
1553 struct shallow_info *si)
1554 {
1555 int i, j, k, bitmap_size = (si->ref->nr + 31) / 32;
1556
1557 si->used_shallow = xmalloc(sizeof(*si->used_shallow) *
1558 si->shallow->nr);
1559 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
1560
1561 si->need_reachability_test =
1562 xcalloc(si->shallow->nr, sizeof(*si->need_reachability_test));
1563 si->reachable =
1564 xcalloc(si->shallow->nr, sizeof(*si->reachable));
1565 si->shallow_ref = xcalloc(si->ref->nr, sizeof(*si->shallow_ref));
1566
1567 for (i = 0; i < si->nr_ours; i++)
1568 si->need_reachability_test[si->ours[i]] = 1;
1569
1570 for (i = 0; i < si->shallow->nr; i++) {
1571 if (!si->used_shallow[i])
1572 continue;
1573 for (j = 0; j < bitmap_size; j++) {
1574 if (!si->used_shallow[i][j])
1575 continue;
1576 si->need_reachability_test[i]++;
1577 for (k = 0; k < 32; k++)
1578 if (si->used_shallow[i][j] & (1 << k))
1579 si->shallow_ref[j * 32 + k]++;
1580 }
1581
1582 /*
1583 * true for those associated with some refs and belong
1584 * in "ours" list aka "step 7 not done yet"
1585 */
1586 si->need_reachability_test[i] =
1587 si->need_reachability_test[i] > 1;
1588 }
1589
1590 /*
1591 * keep hooks happy by forcing a temporary shallow file via
1592 * env variable because we can't add --shallow-file to every
1593 * command. check_everything_connected() will be done with
1594 * true .git/shallow though.
1595 */
1596 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
1597 }
1598
1599 static void update_shallow_info(struct command *commands,
1600 struct shallow_info *si,
1601 struct sha1_array *ref)
1602 {
1603 struct command *cmd;
1604 int *ref_status;
1605 remove_nonexistent_theirs_shallow(si);
1606 if (!si->nr_ours && !si->nr_theirs) {
1607 shallow_update = 0;
1608 return;
1609 }
1610
1611 for (cmd = commands; cmd; cmd = cmd->next) {
1612 if (is_null_sha1(cmd->new_sha1))
1613 continue;
1614 sha1_array_append(ref, cmd->new_sha1);
1615 cmd->index = ref->nr - 1;
1616 }
1617 si->ref = ref;
1618
1619 if (shallow_update) {
1620 prepare_shallow_update(commands, si);
1621 return;
1622 }
1623
1624 ref_status = xmalloc(sizeof(*ref_status) * ref->nr);
1625 assign_shallow_commits_to_refs(si, NULL, ref_status);
1626 for (cmd = commands; cmd; cmd = cmd->next) {
1627 if (is_null_sha1(cmd->new_sha1))
1628 continue;
1629 if (ref_status[cmd->index]) {
1630 cmd->error_string = "shallow update not allowed";
1631 cmd->skip_update = 1;
1632 }
1633 }
1634 free(ref_status);
1635 }
1636
1637 static void report(struct command *commands, const char *unpack_status)
1638 {
1639 struct command *cmd;
1640 struct strbuf buf = STRBUF_INIT;
1641
1642 packet_buf_write(&buf, "unpack %s\n",
1643 unpack_status ? unpack_status : "ok");
1644 for (cmd = commands; cmd; cmd = cmd->next) {
1645 if (!cmd->error_string)
1646 packet_buf_write(&buf, "ok %s\n",
1647 cmd->ref_name);
1648 else
1649 packet_buf_write(&buf, "ng %s %s\n",
1650 cmd->ref_name, cmd->error_string);
1651 }
1652 packet_buf_flush(&buf);
1653
1654 if (use_sideband)
1655 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
1656 else
1657 write_or_die(1, buf.buf, buf.len);
1658 strbuf_release(&buf);
1659 }
1660
1661 static int delete_only(struct command *commands)
1662 {
1663 struct command *cmd;
1664 for (cmd = commands; cmd; cmd = cmd->next) {
1665 if (!is_null_sha1(cmd->new_sha1))
1666 return 0;
1667 }
1668 return 1;
1669 }
1670
1671 int cmd_receive_pack(int argc, const char **argv, const char *prefix)
1672 {
1673 int advertise_refs = 0;
1674 int i;
1675 struct command *commands;
1676 struct sha1_array shallow = SHA1_ARRAY_INIT;
1677 struct sha1_array ref = SHA1_ARRAY_INIT;
1678 struct shallow_info si;
1679
1680 packet_trace_identity("receive-pack");
1681
1682 argv++;
1683 for (i = 1; i < argc; i++) {
1684 const char *arg = *argv++;
1685
1686 if (*arg == '-') {
1687 if (!strcmp(arg, "--quiet")) {
1688 quiet = 1;
1689 continue;
1690 }
1691
1692 if (!strcmp(arg, "--advertise-refs")) {
1693 advertise_refs = 1;
1694 continue;
1695 }
1696 if (!strcmp(arg, "--stateless-rpc")) {
1697 stateless_rpc = 1;
1698 continue;
1699 }
1700 if (!strcmp(arg, "--reject-thin-pack-for-testing")) {
1701 fix_thin = 0;
1702 continue;
1703 }
1704
1705 usage(receive_pack_usage);
1706 }
1707 if (service_dir)
1708 usage(receive_pack_usage);
1709 service_dir = arg;
1710 }
1711 if (!service_dir)
1712 usage(receive_pack_usage);
1713
1714 setup_path();
1715
1716 if (!enter_repo(service_dir, 0))
1717 die("'%s' does not appear to be a git repository", service_dir);
1718
1719 git_config(receive_pack_config, NULL);
1720 if (cert_nonce_seed)
1721 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
1722
1723 if (0 <= transfer_unpack_limit)
1724 unpack_limit = transfer_unpack_limit;
1725 else if (0 <= receive_unpack_limit)
1726 unpack_limit = receive_unpack_limit;
1727
1728 if (advertise_refs || !stateless_rpc) {
1729 write_head_info();
1730 }
1731 if (advertise_refs)
1732 return 0;
1733
1734 if ((commands = read_head_info(&shallow)) != NULL) {
1735 const char *unpack_status = NULL;
1736
1737 prepare_shallow_info(&si, &shallow);
1738 if (!si.nr_ours && !si.nr_theirs)
1739 shallow_update = 0;
1740 if (!delete_only(commands)) {
1741 unpack_status = unpack_with_sideband(&si);
1742 update_shallow_info(commands, &si, &ref);
1743 }
1744 execute_commands(commands, unpack_status, &si);
1745 if (pack_lockfile)
1746 unlink_or_warn(pack_lockfile);
1747 if (report_status)
1748 report(commands, unpack_status);
1749 run_receive_hook(commands, "post-receive", 1);
1750 run_update_post_hook(commands);
1751 if (auto_gc) {
1752 const char *argv_gc_auto[] = {
1753 "gc", "--auto", "--quiet", NULL,
1754 };
1755 int opt = RUN_GIT_CMD | RUN_COMMAND_STDOUT_TO_STDERR;
1756 run_command_v_opt(argv_gc_auto, opt);
1757 }
1758 if (auto_update_server_info)
1759 update_server_info(0);
1760 clear_shallow_info(&si);
1761 }
1762 if (use_sideband)
1763 packet_flush(1);
1764 sha1_array_clear(&shallow);
1765 sha1_array_clear(&ref);
1766 free((void *)push_cert_nonce);
1767 return 0;
1768 }
Unnamed repository; edit this file 'description' to name the repository.