]> git.ipfire.org Git - thirdparty/git.git/blob - builtin/receive-pack.c
projects / thirdparty / git.git / blob
? search:


3afe8f80c12904389c4a50aeb32d0b320ff5cec2
[thirdparty/git.git] / builtin / receive-pack.c
1 #include "builtin.h"
2 #include "lockfile.h"
3 #include "pack.h"
4 #include "refs.h"
5 #include "pkt-line.h"
6 #include "sideband.h"
7 #include "run-command.h"
8 #include "exec_cmd.h"
9 #include "commit.h"
10 #include "object.h"
11 #include "remote.h"
12 #include "connect.h"
13 #include "transport.h"
14 #include "string-list.h"
15 #include "sha1-array.h"
16 #include "connected.h"
17 #include "argv-array.h"
18 #include "version.h"
19 #include "tag.h"
20 #include "gpg-interface.h"
21 #include "sigchain.h"
22 #include "fsck.h"
23
24 static const char receive_pack_usage[] = "git receive-pack <git-dir>";
25
26 enum deny_action {
27 DENY_UNCONFIGURED,
28 DENY_IGNORE,
29 DENY_WARN,
30 DENY_REFUSE,
31 DENY_UPDATE_INSTEAD
32 };
33
34 static int deny_deletes;
35 static int deny_non_fast_forwards;
36 static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
37 static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
38 static int receive_fsck_objects = -1;
39 static int transfer_fsck_objects = -1;
40 static struct strbuf fsck_msg_types = STRBUF_INIT;
41 static int receive_unpack_limit = -1;
42 static int transfer_unpack_limit = -1;
43 static int advertise_atomic_push = 1;
44 static int unpack_limit = 100;
45 static int report_status;
46 static int use_sideband;
47 static int use_atomic;
48 static int quiet;
49 static int prefer_ofs_delta = 1;
50 static int auto_update_server_info;
51 static int auto_gc = 1;
52 static int fix_thin = 1;
53 static int stateless_rpc;
54 static const char *service_dir;
55 static const char *head_name;
56 static void *head_name_to_free;
57 static int sent_capabilities;
58 static int shallow_update;
59 static const char *alt_shallow_file;
60 static struct strbuf push_cert = STRBUF_INIT;
61 static unsigned char push_cert_sha1[20];
62 static struct signature_check sigcheck;
63 static const char *push_cert_nonce;
64 static const char *cert_nonce_seed;
65
66 static const char *NONCE_UNSOLICITED = "UNSOLICITED";
67 static const char *NONCE_BAD = "BAD";
68 static const char *NONCE_MISSING = "MISSING";
69 static const char *NONCE_OK = "OK";
70 static const char *NONCE_SLOP = "SLOP";
71 static const char *nonce_status;
72 static long nonce_stamp_slop;
73 static unsigned long nonce_stamp_slop_limit;
74 static struct ref_transaction *transaction;
75
76 static enum deny_action parse_deny_action(const char *var, const char *value)
77 {
78 if (value) {
79 if (!strcasecmp(value, "ignore"))
80 return DENY_IGNORE;
81 if (!strcasecmp(value, "warn"))
82 return DENY_WARN;
83 if (!strcasecmp(value, "refuse"))
84 return DENY_REFUSE;
85 if (!strcasecmp(value, "updateinstead"))
86 return DENY_UPDATE_INSTEAD;
87 }
88 if (git_config_bool(var, value))
89 return DENY_REFUSE;
90 return DENY_IGNORE;
91 }
92
93 static int receive_pack_config(const char *var, const char *value, void *cb)
94 {
95 int status = parse_hide_refs_config(var, value, "receive");
96
97 if (status)
98 return status;
99
100 if (strcmp(var, "receive.denydeletes") == 0) {
101 deny_deletes = git_config_bool(var, value);
102 return 0;
103 }
104
105 if (strcmp(var, "receive.denynonfastforwards") == 0) {
106 deny_non_fast_forwards = git_config_bool(var, value);
107 return 0;
108 }
109
110 if (strcmp(var, "receive.unpacklimit") == 0) {
111 receive_unpack_limit = git_config_int(var, value);
112 return 0;
113 }
114
115 if (strcmp(var, "transfer.unpacklimit") == 0) {
116 transfer_unpack_limit = git_config_int(var, value);
117 return 0;
118 }
119
120 if (skip_prefix(var, "receive.fsck.", &var)) {
121 if (is_valid_msg_type(var, value))
122 strbuf_addf(&fsck_msg_types, "%c%s=%s",
123 fsck_msg_types.len ? ',' : '=', var, value);
124 else
125 warning("Skipping unknown msg id '%s'", var);
126 return 0;
127 }
128
129 if (strcmp(var, "receive.fsckobjects") == 0) {
130 receive_fsck_objects = git_config_bool(var, value);
131 return 0;
132 }
133
134 if (strcmp(var, "transfer.fsckobjects") == 0) {
135 transfer_fsck_objects = git_config_bool(var, value);
136 return 0;
137 }
138
139 if (!strcmp(var, "receive.denycurrentbranch")) {
140 deny_current_branch = parse_deny_action(var, value);
141 return 0;
142 }
143
144 if (strcmp(var, "receive.denydeletecurrent") == 0) {
145 deny_delete_current = parse_deny_action(var, value);
146 return 0;
147 }
148
149 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
150 prefer_ofs_delta = git_config_bool(var, value);
151 return 0;
152 }
153
154 if (strcmp(var, "receive.updateserverinfo") == 0) {
155 auto_update_server_info = git_config_bool(var, value);
156 return 0;
157 }
158
159 if (strcmp(var, "receive.autogc") == 0) {
160 auto_gc = git_config_bool(var, value);
161 return 0;
162 }
163
164 if (strcmp(var, "receive.shallowupdate") == 0) {
165 shallow_update = git_config_bool(var, value);
166 return 0;
167 }
168
169 if (strcmp(var, "receive.certnonceseed") == 0)
170 return git_config_string(&cert_nonce_seed, var, value);
171
172 if (strcmp(var, "receive.certnonceslop") == 0) {
173 nonce_stamp_slop_limit = git_config_ulong(var, value);
174 return 0;
175 }
176
177 if (strcmp(var, "receive.advertiseatomic") == 0) {
178 advertise_atomic_push = git_config_bool(var, value);
179 return 0;
180 }
181
182 return git_default_config(var, value, cb);
183 }
184
185 static void show_ref(const char *path, const unsigned char *sha1)
186 {
187 if (ref_is_hidden(path))
188 return;
189
190 if (sent_capabilities) {
191 packet_write(1, "%s %s\n", sha1_to_hex(sha1), path);
192 } else {
193 struct strbuf cap = STRBUF_INIT;
194
195 strbuf_addstr(&cap,
196 "report-status delete-refs side-band-64k quiet");
197 if (advertise_atomic_push)
198 strbuf_addstr(&cap, " atomic");
199 if (prefer_ofs_delta)
200 strbuf_addstr(&cap, " ofs-delta");
201 if (push_cert_nonce)
202 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
203 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
204 packet_write(1, "%s %s%c%s\n",
205 sha1_to_hex(sha1), path, 0, cap.buf);
206 strbuf_release(&cap);
207 sent_capabilities = 1;
208 }
209 }
210
211 static int show_ref_cb(const char *path, const struct object_id *oid, int flag, void *unused)
212 {
213 path = strip_namespace(path);
214 /*
215 * Advertise refs outside our current namespace as ".have"
216 * refs, so that the client can use them to minimize data
217 * transfer but will otherwise ignore them. This happens to
218 * cover ".have" that are thrown in by add_one_alternate_ref()
219 * to mark histories that are complete in our alternates as
220 * well.
221 */
222 if (!path)
223 path = ".have";
224 show_ref(path, oid->hash);
225 return 0;
226 }
227
228 static void show_one_alternate_sha1(const unsigned char sha1[20], void *unused)
229 {
230 show_ref(".have", sha1);
231 }
232
233 static void collect_one_alternate_ref(const struct ref *ref, void *data)
234 {
235 struct sha1_array *sa = data;
236 sha1_array_append(sa, ref->old_sha1);
237 }
238
239 static void write_head_info(void)
240 {
241 struct sha1_array sa = SHA1_ARRAY_INIT;
242
243 for_each_alternate_ref(collect_one_alternate_ref, &sa);
244 sha1_array_for_each_unique(&sa, show_one_alternate_sha1, NULL);
245 sha1_array_clear(&sa);
246 for_each_ref(show_ref_cb, NULL);
247 if (!sent_capabilities)
248 show_ref("capabilities^{}", null_sha1);
249
250 advertise_shallow_grafts(1);
251
252 /* EOF */
253 packet_flush(1);
254 }
255
256 struct command {
257 struct command *next;
258 const char *error_string;
259 unsigned int skip_update:1,
260 did_not_exist:1;
261 int index;
262 unsigned char old_sha1[20];
263 unsigned char new_sha1[20];
264 char ref_name[FLEX_ARRAY]; /* more */
265 };
266
267 static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
268 static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
269
270 static void report_message(const char *prefix, const char *err, va_list params)
271 {
272 int sz = strlen(prefix);
273 char msg[4096];
274
275 strncpy(msg, prefix, sz);
276 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
277 if (sz > (sizeof(msg) - 1))
278 sz = sizeof(msg) - 1;
279 msg[sz++] = '\n';
280
281 if (use_sideband)
282 send_sideband(1, 2, msg, sz, use_sideband);
283 else
284 xwrite(2, msg, sz);
285 }
286
287 static void rp_warning(const char *err, ...)
288 {
289 va_list params;
290 va_start(params, err);
291 report_message("warning: ", err, params);
292 va_end(params);
293 }
294
295 static void rp_error(const char *err, ...)
296 {
297 va_list params;
298 va_start(params, err);
299 report_message("error: ", err, params);
300 va_end(params);
301 }
302
303 static int copy_to_sideband(int in, int out, void *arg)
304 {
305 char data[128];
306 while (1) {
307 ssize_t sz = xread(in, data, sizeof(data));
308 if (sz <= 0)
309 break;
310 send_sideband(1, 2, data, sz, use_sideband);
311 }
312 close(in);
313 return 0;
314 }
315
316 #define HMAC_BLOCK_SIZE 64
317
318 static void hmac_sha1(unsigned char *out,
319 const char *key_in, size_t key_len,
320 const char *text, size_t text_len)
321 {
322 unsigned char key[HMAC_BLOCK_SIZE];
323 unsigned char k_ipad[HMAC_BLOCK_SIZE];
324 unsigned char k_opad[HMAC_BLOCK_SIZE];
325 int i;
326 git_SHA_CTX ctx;
327
328 /* RFC 2104 2. (1) */
329 memset(key, '\0', HMAC_BLOCK_SIZE);
330 if (HMAC_BLOCK_SIZE < key_len) {
331 git_SHA1_Init(&ctx);
332 git_SHA1_Update(&ctx, key_in, key_len);
333 git_SHA1_Final(key, &ctx);
334 } else {
335 memcpy(key, key_in, key_len);
336 }
337
338 /* RFC 2104 2. (2) & (5) */
339 for (i = 0; i < sizeof(key); i++) {
340 k_ipad[i] = key[i] ^ 0x36;
341 k_opad[i] = key[i] ^ 0x5c;
342 }
343
344 /* RFC 2104 2. (3) & (4) */
345 git_SHA1_Init(&ctx);
346 git_SHA1_Update(&ctx, k_ipad, sizeof(k_ipad));
347 git_SHA1_Update(&ctx, text, text_len);
348 git_SHA1_Final(out, &ctx);
349
350 /* RFC 2104 2. (6) & (7) */
351 git_SHA1_Init(&ctx);
352 git_SHA1_Update(&ctx, k_opad, sizeof(k_opad));
353 git_SHA1_Update(&ctx, out, 20);
354 git_SHA1_Final(out, &ctx);
355 }
356
357 static char *prepare_push_cert_nonce(const char *path, unsigned long stamp)
358 {
359 struct strbuf buf = STRBUF_INIT;
360 unsigned char sha1[20];
361
362 strbuf_addf(&buf, "%s:%lu", path, stamp);
363 hmac_sha1(sha1, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));;
364 strbuf_release(&buf);
365
366 /* RFC 2104 5. HMAC-SHA1-80 */
367 strbuf_addf(&buf, "%lu-%.*s", stamp, 20, sha1_to_hex(sha1));
368 return strbuf_detach(&buf, NULL);
369 }
370
371 /*
372 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
373 * after dropping "_commit" from its name and possibly moving it out
374 * of commit.c
375 */
376 static char *find_header(const char *msg, size_t len, const char *key)
377 {
378 int key_len = strlen(key);
379 const char *line = msg;
380
381 while (line && line < msg + len) {
382 const char *eol = strchrnul(line, '\n');
383
384 if ((msg + len <= eol) || line == eol)
385 return NULL;
386 if (line + key_len < eol &&
387 !memcmp(line, key, key_len) && line[key_len] == ' ') {
388 int offset = key_len + 1;
389 return xmemdupz(line + offset, (eol - line) - offset);
390 }
391 line = *eol ? eol + 1 : NULL;
392 }
393 return NULL;
394 }
395
396 static const char *check_nonce(const char *buf, size_t len)
397 {
398 char *nonce = find_header(buf, len, "nonce");
399 unsigned long stamp, ostamp;
400 char *bohmac, *expect = NULL;
401 const char *retval = NONCE_BAD;
402
403 if (!nonce) {
404 retval = NONCE_MISSING;
405 goto leave;
406 } else if (!push_cert_nonce) {
407 retval = NONCE_UNSOLICITED;
408 goto leave;
409 } else if (!strcmp(push_cert_nonce, nonce)) {
410 retval = NONCE_OK;
411 goto leave;
412 }
413
414 if (!stateless_rpc) {
415 /* returned nonce MUST match what we gave out earlier */
416 retval = NONCE_BAD;
417 goto leave;
418 }
419
420 /*
421 * In stateless mode, we may be receiving a nonce issued by
422 * another instance of the server that serving the same
423 * repository, and the timestamps may not match, but the
424 * nonce-seed and dir should match, so we can recompute and
425 * report the time slop.
426 *
427 * In addition, when a nonce issued by another instance has
428 * timestamp within receive.certnonceslop seconds, we pretend
429 * as if we issued that nonce when reporting to the hook.
430 */
431
432 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
433 if (*nonce <= '0' || '9' < *nonce) {
434 retval = NONCE_BAD;
435 goto leave;
436 }
437 stamp = strtoul(nonce, &bohmac, 10);
438 if (bohmac == nonce || bohmac[0] != '-') {
439 retval = NONCE_BAD;
440 goto leave;
441 }
442
443 expect = prepare_push_cert_nonce(service_dir, stamp);
444 if (strcmp(expect, nonce)) {
445 /* Not what we would have signed earlier */
446 retval = NONCE_BAD;
447 goto leave;
448 }
449
450 /*
451 * By how many seconds is this nonce stale? Negative value
452 * would mean it was issued by another server with its clock
453 * skewed in the future.
454 */
455 ostamp = strtoul(push_cert_nonce, NULL, 10);
456 nonce_stamp_slop = (long)ostamp - (long)stamp;
457
458 if (nonce_stamp_slop_limit &&
459 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
460 /*
461 * Pretend as if the received nonce (which passes the
462 * HMAC check, so it is not a forged by third-party)
463 * is what we issued.
464 */
465 free((void *)push_cert_nonce);
466 push_cert_nonce = xstrdup(nonce);
467 retval = NONCE_OK;
468 } else {
469 retval = NONCE_SLOP;
470 }
471
472 leave:
473 free(nonce);
474 free(expect);
475 return retval;
476 }
477
478 static void prepare_push_cert_sha1(struct child_process *proc)
479 {
480 static int already_done;
481
482 if (!push_cert.len)
483 return;
484
485 if (!already_done) {
486 struct strbuf gpg_output = STRBUF_INIT;
487 struct strbuf gpg_status = STRBUF_INIT;
488 int bogs /* beginning_of_gpg_sig */;
489
490 already_done = 1;
491 if (write_sha1_file(push_cert.buf, push_cert.len, "blob", push_cert_sha1))
492 hashclr(push_cert_sha1);
493
494 memset(&sigcheck, '\0', sizeof(sigcheck));
495 sigcheck.result = 'N';
496
497 bogs = parse_signature(push_cert.buf, push_cert.len);
498 if (verify_signed_buffer(push_cert.buf, bogs,
499 push_cert.buf + bogs, push_cert.len - bogs,
500 &gpg_output, &gpg_status) < 0) {
501 ; /* error running gpg */
502 } else {
503 sigcheck.payload = push_cert.buf;
504 sigcheck.gpg_output = gpg_output.buf;
505 sigcheck.gpg_status = gpg_status.buf;
506 parse_gpg_output(&sigcheck);
507 }
508
509 strbuf_release(&gpg_output);
510 strbuf_release(&gpg_status);
511 nonce_status = check_nonce(push_cert.buf, bogs);
512 }
513 if (!is_null_sha1(push_cert_sha1)) {
514 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT=%s",
515 sha1_to_hex(push_cert_sha1));
516 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_SIGNER=%s",
517 sigcheck.signer ? sigcheck.signer : "");
518 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_KEY=%s",
519 sigcheck.key ? sigcheck.key : "");
520 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_STATUS=%c",
521 sigcheck.result);
522 if (push_cert_nonce) {
523 argv_array_pushf(&proc->env_array,
524 "GIT_PUSH_CERT_NONCE=%s",
525 push_cert_nonce);
526 argv_array_pushf(&proc->env_array,
527 "GIT_PUSH_CERT_NONCE_STATUS=%s",
528 nonce_status);
529 if (nonce_status == NONCE_SLOP)
530 argv_array_pushf(&proc->env_array,
531 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
532 nonce_stamp_slop);
533 }
534 }
535 }
536
537 typedef int (*feed_fn)(void *, const char **, size_t *);
538 static int run_and_feed_hook(const char *hook_name, feed_fn feed, void *feed_state)
539 {
540 struct child_process proc = CHILD_PROCESS_INIT;
541 struct async muxer;
542 const char *argv[2];
543 int code;
544
545 argv[0] = find_hook(hook_name);
546 if (!argv[0])
547 return 0;
548
549 argv[1] = NULL;
550
551 proc.argv = argv;
552 proc.in = -1;
553 proc.stdout_to_stderr = 1;
554
555 if (use_sideband) {
556 memset(&muxer, 0, sizeof(muxer));
557 muxer.proc = copy_to_sideband;
558 muxer.in = -1;
559 code = start_async(&muxer);
560 if (code)
561 return code;
562 proc.err = muxer.in;
563 }
564
565 prepare_push_cert_sha1(&proc);
566
567 code = start_command(&proc);
568 if (code) {
569 if (use_sideband)
570 finish_async(&muxer);
571 return code;
572 }
573
574 sigchain_push(SIGPIPE, SIG_IGN);
575
576 while (1) {
577 const char *buf;
578 size_t n;
579 if (feed(feed_state, &buf, &n))
580 break;
581 if (write_in_full(proc.in, buf, n) != n)
582 break;
583 }
584 close(proc.in);
585 if (use_sideband)
586 finish_async(&muxer);
587
588 sigchain_pop(SIGPIPE);
589
590 return finish_command(&proc);
591 }
592
593 struct receive_hook_feed_state {
594 struct command *cmd;
595 int skip_broken;
596 struct strbuf buf;
597 };
598
599 static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
600 {
601 struct receive_hook_feed_state *state = state_;
602 struct command *cmd = state->cmd;
603
604 while (cmd &&
605 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
606 cmd = cmd->next;
607 if (!cmd)
608 return -1; /* EOF */
609 strbuf_reset(&state->buf);
610 strbuf_addf(&state->buf, "%s %s %s\n",
611 sha1_to_hex(cmd->old_sha1), sha1_to_hex(cmd->new_sha1),
612 cmd->ref_name);
613 state->cmd = cmd->next;
614 if (bufp) {
615 *bufp = state->buf.buf;
616 *sizep = state->buf.len;
617 }
618 return 0;
619 }
620
621 static int run_receive_hook(struct command *commands, const char *hook_name,
622 int skip_broken)
623 {
624 struct receive_hook_feed_state state;
625 int status;
626
627 strbuf_init(&state.buf, 0);
628 state.cmd = commands;
629 state.skip_broken = skip_broken;
630 if (feed_receive_hook(&state, NULL, NULL))
631 return 0;
632 state.cmd = commands;
633 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
634 strbuf_release(&state.buf);
635 return status;
636 }
637
638 static int run_update_hook(struct command *cmd)
639 {
640 const char *argv[5];
641 struct child_process proc = CHILD_PROCESS_INIT;
642 int code;
643
644 argv[0] = find_hook("update");
645 if (!argv[0])
646 return 0;
647
648 argv[1] = cmd->ref_name;
649 argv[2] = sha1_to_hex(cmd->old_sha1);
650 argv[3] = sha1_to_hex(cmd->new_sha1);
651 argv[4] = NULL;
652
653 proc.no_stdin = 1;
654 proc.stdout_to_stderr = 1;
655 proc.err = use_sideband ? -1 : 0;
656 proc.argv = argv;
657
658 code = start_command(&proc);
659 if (code)
660 return code;
661 if (use_sideband)
662 copy_to_sideband(proc.err, -1, NULL);
663 return finish_command(&proc);
664 }
665
666 static int is_ref_checked_out(const char *ref)
667 {
668 if (is_bare_repository())
669 return 0;
670
671 if (!head_name)
672 return 0;
673 return !strcmp(head_name, ref);
674 }
675
676 static char *refuse_unconfigured_deny_msg[] = {
677 "By default, updating the current branch in a non-bare repository",
678 "is denied, because it will make the index and work tree inconsistent",
679 "with what you pushed, and will require 'git reset --hard' to match",
680 "the work tree to HEAD.",
681 "",
682 "You can set 'receive.denyCurrentBranch' configuration variable to",
683 "'ignore' or 'warn' in the remote repository to allow pushing into",
684 "its current branch; however, this is not recommended unless you",
685 "arranged to update its work tree to match what you pushed in some",
686 "other way.",
687 "",
688 "To squelch this message and still keep the default behaviour, set",
689 "'receive.denyCurrentBranch' configuration variable to 'refuse'."
690 };
691
692 static void refuse_unconfigured_deny(void)
693 {
694 int i;
695 for (i = 0; i < ARRAY_SIZE(refuse_unconfigured_deny_msg); i++)
696 rp_error("%s", refuse_unconfigured_deny_msg[i]);
697 }
698
699 static char *refuse_unconfigured_deny_delete_current_msg[] = {
700 "By default, deleting the current branch is denied, because the next",
701 "'git clone' won't result in any file checked out, causing confusion.",
702 "",
703 "You can set 'receive.denyDeleteCurrent' configuration variable to",
704 "'warn' or 'ignore' in the remote repository to allow deleting the",
705 "current branch, with or without a warning message.",
706 "",
707 "To squelch this message, you can set it to 'refuse'."
708 };
709
710 static void refuse_unconfigured_deny_delete_current(void)
711 {
712 int i;
713 for (i = 0;
714 i < ARRAY_SIZE(refuse_unconfigured_deny_delete_current_msg);
715 i++)
716 rp_error("%s", refuse_unconfigured_deny_delete_current_msg[i]);
717 }
718
719 static int command_singleton_iterator(void *cb_data, unsigned char sha1[20]);
720 static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
721 {
722 static struct lock_file shallow_lock;
723 struct sha1_array extra = SHA1_ARRAY_INIT;
724 const char *alt_file;
725 uint32_t mask = 1 << (cmd->index % 32);
726 int i;
727
728 trace_printf_key(&trace_shallow,
729 "shallow: update_shallow_ref %s\n", cmd->ref_name);
730 for (i = 0; i < si->shallow->nr; i++)
731 if (si->used_shallow[i] &&
732 (si->used_shallow[i][cmd->index / 32] & mask) &&
733 !delayed_reachability_test(si, i))
734 sha1_array_append(&extra, si->shallow->sha1[i]);
735
736 setup_alternate_shallow(&shallow_lock, &alt_file, &extra);
737 if (check_shallow_connected(command_singleton_iterator,
738 0, cmd, alt_file)) {
739 rollback_lock_file(&shallow_lock);
740 sha1_array_clear(&extra);
741 return -1;
742 }
743
744 commit_lock_file(&shallow_lock);
745
746 /*
747 * Make sure setup_alternate_shallow() for the next ref does
748 * not lose these new roots..
749 */
750 for (i = 0; i < extra.nr; i++)
751 register_shallow(extra.sha1[i]);
752
753 si->shallow_ref[cmd->index] = 0;
754 sha1_array_clear(&extra);
755 return 0;
756 }
757
758 /*
759 * NEEDSWORK: we should consolidate various implementions of "are we
760 * on an unborn branch?" test into one, and make the unified one more
761 * robust. !get_sha1() based check used here and elsewhere would not
762 * allow us to tell an unborn branch from corrupt ref, for example.
763 * For the purpose of fixing "deploy-to-update does not work when
764 * pushing into an empty repository" issue, this should suffice for
765 * now.
766 */
767 static int head_has_history(void)
768 {
769 unsigned char sha1[20];
770
771 return !get_sha1("HEAD", sha1);
772 }
773
774 static const char *push_to_deploy(unsigned char *sha1,
775 struct argv_array *env,
776 const char *work_tree)
777 {
778 const char *update_refresh[] = {
779 "update-index", "-q", "--ignore-submodules", "--refresh", NULL
780 };
781 const char *diff_files[] = {
782 "diff-files", "--quiet", "--ignore-submodules", "--", NULL
783 };
784 const char *diff_index[] = {
785 "diff-index", "--quiet", "--cached", "--ignore-submodules",
786 NULL, "--", NULL
787 };
788 const char *read_tree[] = {
789 "read-tree", "-u", "-m", NULL, NULL
790 };
791 struct child_process child = CHILD_PROCESS_INIT;
792
793 child.argv = update_refresh;
794 child.env = env->argv;
795 child.dir = work_tree;
796 child.no_stdin = 1;
797 child.stdout_to_stderr = 1;
798 child.git_cmd = 1;
799 if (run_command(&child))
800 return "Up-to-date check failed";
801
802 /* run_command() does not clean up completely; reinitialize */
803 child_process_init(&child);
804 child.argv = diff_files;
805 child.env = env->argv;
806 child.dir = work_tree;
807 child.no_stdin = 1;
808 child.stdout_to_stderr = 1;
809 child.git_cmd = 1;
810 if (run_command(&child))
811 return "Working directory has unstaged changes";
812
813 /* diff-index with either HEAD or an empty tree */
814 diff_index[4] = head_has_history() ? "HEAD" : EMPTY_TREE_SHA1_HEX;
815
816 child_process_init(&child);
817 child.argv = diff_index;
818 child.env = env->argv;
819 child.no_stdin = 1;
820 child.no_stdout = 1;
821 child.stdout_to_stderr = 0;
822 child.git_cmd = 1;
823 if (run_command(&child))
824 return "Working directory has staged changes";
825
826 read_tree[3] = sha1_to_hex(sha1);
827 child_process_init(&child);
828 child.argv = read_tree;
829 child.env = env->argv;
830 child.dir = work_tree;
831 child.no_stdin = 1;
832 child.no_stdout = 1;
833 child.stdout_to_stderr = 0;
834 child.git_cmd = 1;
835 if (run_command(&child))
836 return "Could not update working tree to new HEAD";
837
838 return NULL;
839 }
840
841 static const char *push_to_checkout_hook = "push-to-checkout";
842
843 static const char *push_to_checkout(unsigned char *sha1,
844 struct argv_array *env,
845 const char *work_tree)
846 {
847 argv_array_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
848 if (run_hook_le(env->argv, push_to_checkout_hook,
849 sha1_to_hex(sha1), NULL))
850 return "push-to-checkout hook declined";
851 else
852 return NULL;
853 }
854
855 static const char *update_worktree(unsigned char *sha1)
856 {
857 const char *retval;
858 const char *work_tree = git_work_tree_cfg ? git_work_tree_cfg : "..";
859 struct argv_array env = ARGV_ARRAY_INIT;
860
861 if (is_bare_repository())
862 return "denyCurrentBranch = updateInstead needs a worktree";
863
864 argv_array_pushf(&env, "GIT_DIR=%s", absolute_path(get_git_dir()));
865
866 if (!find_hook(push_to_checkout_hook))
867 retval = push_to_deploy(sha1, &env, work_tree);
868 else
869 retval = push_to_checkout(sha1, &env, work_tree);
870
871 argv_array_clear(&env);
872 return retval;
873 }
874
875 static const char *update(struct command *cmd, struct shallow_info *si)
876 {
877 const char *name = cmd->ref_name;
878 struct strbuf namespaced_name_buf = STRBUF_INIT;
879 const char *namespaced_name, *ret;
880 unsigned char *old_sha1 = cmd->old_sha1;
881 unsigned char *new_sha1 = cmd->new_sha1;
882
883 /* only refs/... are allowed */
884 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
885 rp_error("refusing to create funny ref '%s' remotely", name);
886 return "funny refname";
887 }
888
889 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
890 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
891
892 if (is_ref_checked_out(namespaced_name)) {
893 switch (deny_current_branch) {
894 case DENY_IGNORE:
895 break;
896 case DENY_WARN:
897 rp_warning("updating the current branch");
898 break;
899 case DENY_REFUSE:
900 case DENY_UNCONFIGURED:
901 rp_error("refusing to update checked out branch: %s", name);
902 if (deny_current_branch == DENY_UNCONFIGURED)
903 refuse_unconfigured_deny();
904 return "branch is currently checked out";
905 case DENY_UPDATE_INSTEAD:
906 ret = update_worktree(new_sha1);
907 if (ret)
908 return ret;
909 break;
910 }
911 }
912
913 if (!is_null_sha1(new_sha1) && !has_sha1_file(new_sha1)) {
914 error("unpack should have generated %s, "
915 "but I can't find it!", sha1_to_hex(new_sha1));
916 return "bad pack";
917 }
918
919 if (!is_null_sha1(old_sha1) && is_null_sha1(new_sha1)) {
920 if (deny_deletes && starts_with(name, "refs/heads/")) {
921 rp_error("denying ref deletion for %s", name);
922 return "deletion prohibited";
923 }
924
925 if (!strcmp(namespaced_name, head_name)) {
926 switch (deny_delete_current) {
927 case DENY_IGNORE:
928 break;
929 case DENY_WARN:
930 rp_warning("deleting the current branch");
931 break;
932 case DENY_REFUSE:
933 case DENY_UNCONFIGURED:
934 case DENY_UPDATE_INSTEAD:
935 if (deny_delete_current == DENY_UNCONFIGURED)
936 refuse_unconfigured_deny_delete_current();
937 rp_error("refusing to delete the current branch: %s", name);
938 return "deletion of the current branch prohibited";
939 default:
940 return "Invalid denyDeleteCurrent setting";
941 }
942 }
943 }
944
945 if (deny_non_fast_forwards && !is_null_sha1(new_sha1) &&
946 !is_null_sha1(old_sha1) &&
947 starts_with(name, "refs/heads/")) {
948 struct object *old_object, *new_object;
949 struct commit *old_commit, *new_commit;
950
951 old_object = parse_object(old_sha1);
952 new_object = parse_object(new_sha1);
953
954 if (!old_object || !new_object ||
955 old_object->type != OBJ_COMMIT ||
956 new_object->type != OBJ_COMMIT) {
957 error("bad sha1 objects for %s", name);
958 return "bad ref";
959 }
960 old_commit = (struct commit *)old_object;
961 new_commit = (struct commit *)new_object;
962 if (!in_merge_bases(old_commit, new_commit)) {
963 rp_error("denying non-fast-forward %s"
964 " (you should pull first)", name);
965 return "non-fast-forward";
966 }
967 }
968 if (run_update_hook(cmd)) {
969 rp_error("hook declined to update %s", name);
970 return "hook declined";
971 }
972
973 if (is_null_sha1(new_sha1)) {
974 struct strbuf err = STRBUF_INIT;
975 if (!parse_object(old_sha1)) {
976 old_sha1 = NULL;
977 if (ref_exists(name)) {
978 rp_warning("Allowing deletion of corrupt ref.");
979 } else {
980 rp_warning("Deleting a non-existent ref.");
981 cmd->did_not_exist = 1;
982 }
983 }
984 if (ref_transaction_delete(transaction,
985 namespaced_name,
986 old_sha1,
987 0, "push", &err)) {
988 rp_error("%s", err.buf);
989 strbuf_release(&err);
990 return "failed to delete";
991 }
992 strbuf_release(&err);
993 return NULL; /* good */
994 }
995 else {
996 struct strbuf err = STRBUF_INIT;
997 if (shallow_update && si->shallow_ref[cmd->index] &&
998 update_shallow_ref(cmd, si))
999 return "shallow error";
1000
1001 if (ref_transaction_update(transaction,
1002 namespaced_name,
1003 new_sha1, old_sha1,
1004 0, "push",
1005 &err)) {
1006 rp_error("%s", err.buf);
1007 strbuf_release(&err);
1008
1009 return "failed to update ref";
1010 }
1011 strbuf_release(&err);
1012
1013 return NULL; /* good */
1014 }
1015 }
1016
1017 static void run_update_post_hook(struct command *commands)
1018 {
1019 struct command *cmd;
1020 int argc;
1021 const char **argv;
1022 struct child_process proc = CHILD_PROCESS_INIT;
1023 const char *hook;
1024
1025 hook = find_hook("post-update");
1026 for (argc = 0, cmd = commands; cmd; cmd = cmd->next) {
1027 if (cmd->error_string || cmd->did_not_exist)
1028 continue;
1029 argc++;
1030 }
1031 if (!argc || !hook)
1032 return;
1033
1034 argv = xmalloc(sizeof(*argv) * (2 + argc));
1035 argv[0] = hook;
1036
1037 for (argc = 1, cmd = commands; cmd; cmd = cmd->next) {
1038 if (cmd->error_string || cmd->did_not_exist)
1039 continue;
1040 argv[argc] = xstrdup(cmd->ref_name);
1041 argc++;
1042 }
1043 argv[argc] = NULL;
1044
1045 proc.no_stdin = 1;
1046 proc.stdout_to_stderr = 1;
1047 proc.err = use_sideband ? -1 : 0;
1048 proc.argv = argv;
1049
1050 if (!start_command(&proc)) {
1051 if (use_sideband)
1052 copy_to_sideband(proc.err, -1, NULL);
1053 finish_command(&proc);
1054 }
1055 }
1056
1057 static void check_aliased_update(struct command *cmd, struct string_list *list)
1058 {
1059 struct strbuf buf = STRBUF_INIT;
1060 const char *dst_name;
1061 struct string_list_item *item;
1062 struct command *dst_cmd;
1063 unsigned char sha1[20];
1064 char cmd_oldh[41], cmd_newh[41], dst_oldh[41], dst_newh[41];
1065 int flag;
1066
1067 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1068 dst_name = resolve_ref_unsafe(buf.buf, 0, sha1, &flag);
1069 strbuf_release(&buf);
1070
1071 if (!(flag & REF_ISSYMREF))
1072 return;
1073
1074 dst_name = strip_namespace(dst_name);
1075 if (!dst_name) {
1076 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1077 cmd->skip_update = 1;
1078 cmd->error_string = "broken symref";
1079 return;
1080 }
1081
1082 if ((item = string_list_lookup(list, dst_name)) == NULL)
1083 return;
1084
1085 cmd->skip_update = 1;
1086
1087 dst_cmd = (struct command *) item->util;
1088
1089 if (!hashcmp(cmd->old_sha1, dst_cmd->old_sha1) &&
1090 !hashcmp(cmd->new_sha1, dst_cmd->new_sha1))
1091 return;
1092
1093 dst_cmd->skip_update = 1;
1094
1095 strcpy(cmd_oldh, find_unique_abbrev(cmd->old_sha1, DEFAULT_ABBREV));
1096 strcpy(cmd_newh, find_unique_abbrev(cmd->new_sha1, DEFAULT_ABBREV));
1097 strcpy(dst_oldh, find_unique_abbrev(dst_cmd->old_sha1, DEFAULT_ABBREV));
1098 strcpy(dst_newh, find_unique_abbrev(dst_cmd->new_sha1, DEFAULT_ABBREV));
1099 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1100 " its target '%s' (%s..%s)",
1101 cmd->ref_name, cmd_oldh, cmd_newh,
1102 dst_cmd->ref_name, dst_oldh, dst_newh);
1103
1104 cmd->error_string = dst_cmd->error_string =
1105 "inconsistent aliased update";
1106 }
1107
1108 static void check_aliased_updates(struct command *commands)
1109 {
1110 struct command *cmd;
1111 struct string_list ref_list = STRING_LIST_INIT_NODUP;
1112
1113 for (cmd = commands; cmd; cmd = cmd->next) {
1114 struct string_list_item *item =
1115 string_list_append(&ref_list, cmd->ref_name);
1116 item->util = (void *)cmd;
1117 }
1118 string_list_sort(&ref_list);
1119
1120 for (cmd = commands; cmd; cmd = cmd->next) {
1121 if (!cmd->error_string)
1122 check_aliased_update(cmd, &ref_list);
1123 }
1124
1125 string_list_clear(&ref_list, 0);
1126 }
1127
1128 static int command_singleton_iterator(void *cb_data, unsigned char sha1[20])
1129 {
1130 struct command **cmd_list = cb_data;
1131 struct command *cmd = *cmd_list;
1132
1133 if (!cmd || is_null_sha1(cmd->new_sha1))
1134 return -1; /* end of list */
1135 *cmd_list = NULL; /* this returns only one */
1136 hashcpy(sha1, cmd->new_sha1);
1137 return 0;
1138 }
1139
1140 static void set_connectivity_errors(struct command *commands,
1141 struct shallow_info *si)
1142 {
1143 struct command *cmd;
1144
1145 for (cmd = commands; cmd; cmd = cmd->next) {
1146 struct command *singleton = cmd;
1147 if (shallow_update && si->shallow_ref[cmd->index])
1148 /* to be checked in update_shallow_ref() */
1149 continue;
1150 if (!check_everything_connected(command_singleton_iterator,
1151 0, &singleton))
1152 continue;
1153 cmd->error_string = "missing necessary objects";
1154 }
1155 }
1156
1157 struct iterate_data {
1158 struct command *cmds;
1159 struct shallow_info *si;
1160 };
1161
1162 static int iterate_receive_command_list(void *cb_data, unsigned char sha1[20])
1163 {
1164 struct iterate_data *data = cb_data;
1165 struct command **cmd_list = &data->cmds;
1166 struct command *cmd = *cmd_list;
1167
1168 for (; cmd; cmd = cmd->next) {
1169 if (shallow_update && data->si->shallow_ref[cmd->index])
1170 /* to be checked in update_shallow_ref() */
1171 continue;
1172 if (!is_null_sha1(cmd->new_sha1) && !cmd->skip_update) {
1173 hashcpy(sha1, cmd->new_sha1);
1174 *cmd_list = cmd->next;
1175 return 0;
1176 }
1177 }
1178 *cmd_list = NULL;
1179 return -1; /* end of list */
1180 }
1181
1182 static void reject_updates_to_hidden(struct command *commands)
1183 {
1184 struct command *cmd;
1185
1186 for (cmd = commands; cmd; cmd = cmd->next) {
1187 if (cmd->error_string || !ref_is_hidden(cmd->ref_name))
1188 continue;
1189 if (is_null_sha1(cmd->new_sha1))
1190 cmd->error_string = "deny deleting a hidden ref";
1191 else
1192 cmd->error_string = "deny updating a hidden ref";
1193 }
1194 }
1195
1196 static int should_process_cmd(struct command *cmd)
1197 {
1198 return !cmd->error_string && !cmd->skip_update;
1199 }
1200
1201 static void warn_if_skipped_connectivity_check(struct command *commands,
1202 struct shallow_info *si)
1203 {
1204 struct command *cmd;
1205 int checked_connectivity = 1;
1206
1207 for (cmd = commands; cmd; cmd = cmd->next) {
1208 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index]) {
1209 error("BUG: connectivity check has not been run on ref %s",
1210 cmd->ref_name);
1211 checked_connectivity = 0;
1212 }
1213 }
1214 if (!checked_connectivity)
1215 die("BUG: connectivity check skipped???");
1216 }
1217
1218 static void execute_commands_non_atomic(struct command *commands,
1219 struct shallow_info *si)
1220 {
1221 struct command *cmd;
1222 struct strbuf err = STRBUF_INIT;
1223
1224 for (cmd = commands; cmd; cmd = cmd->next) {
1225 if (!should_process_cmd(cmd))
1226 continue;
1227
1228 transaction = ref_transaction_begin(&err);
1229 if (!transaction) {
1230 rp_error("%s", err.buf);
1231 strbuf_reset(&err);
1232 cmd->error_string = "transaction failed to start";
1233 continue;
1234 }
1235
1236 cmd->error_string = update(cmd, si);
1237
1238 if (!cmd->error_string
1239 && ref_transaction_commit(transaction, &err)) {
1240 rp_error("%s", err.buf);
1241 strbuf_reset(&err);
1242 cmd->error_string = "failed to update ref";
1243 }
1244 ref_transaction_free(transaction);
1245 }
1246 strbuf_release(&err);
1247 }
1248
1249 static void execute_commands_atomic(struct command *commands,
1250 struct shallow_info *si)
1251 {
1252 struct command *cmd;
1253 struct strbuf err = STRBUF_INIT;
1254 const char *reported_error = "atomic push failure";
1255
1256 transaction = ref_transaction_begin(&err);
1257 if (!transaction) {
1258 rp_error("%s", err.buf);
1259 strbuf_reset(&err);
1260 reported_error = "transaction failed to start";
1261 goto failure;
1262 }
1263
1264 for (cmd = commands; cmd; cmd = cmd->next) {
1265 if (!should_process_cmd(cmd))
1266 continue;
1267
1268 cmd->error_string = update(cmd, si);
1269
1270 if (cmd->error_string)
1271 goto failure;
1272 }
1273
1274 if (ref_transaction_commit(transaction, &err)) {
1275 rp_error("%s", err.buf);
1276 reported_error = "atomic transaction failed";
1277 goto failure;
1278 }
1279 goto cleanup;
1280
1281 failure:
1282 for (cmd = commands; cmd; cmd = cmd->next)
1283 if (!cmd->error_string)
1284 cmd->error_string = reported_error;
1285
1286 cleanup:
1287 ref_transaction_free(transaction);
1288 strbuf_release(&err);
1289 }
1290
1291 static void execute_commands(struct command *commands,
1292 const char *unpacker_error,
1293 struct shallow_info *si)
1294 {
1295 struct command *cmd;
1296 unsigned char sha1[20];
1297 struct iterate_data data;
1298
1299 if (unpacker_error) {
1300 for (cmd = commands; cmd; cmd = cmd->next)
1301 cmd->error_string = "unpacker error";
1302 return;
1303 }
1304
1305 data.cmds = commands;
1306 data.si = si;
1307 if (check_everything_connected(iterate_receive_command_list, 0, &data))
1308 set_connectivity_errors(commands, si);
1309
1310 reject_updates_to_hidden(commands);
1311
1312 if (run_receive_hook(commands, "pre-receive", 0)) {
1313 for (cmd = commands; cmd; cmd = cmd->next) {
1314 if (!cmd->error_string)
1315 cmd->error_string = "pre-receive hook declined";
1316 }
1317 return;
1318 }
1319
1320 check_aliased_updates(commands);
1321
1322 free(head_name_to_free);
1323 head_name = head_name_to_free = resolve_refdup("HEAD", 0, sha1, NULL);
1324
1325 if (use_atomic)
1326 execute_commands_atomic(commands, si);
1327 else
1328 execute_commands_non_atomic(commands, si);
1329
1330 if (shallow_update)
1331 warn_if_skipped_connectivity_check(commands, si);
1332 }
1333
1334 static struct command **queue_command(struct command **tail,
1335 const char *line,
1336 int linelen)
1337 {
1338 unsigned char old_sha1[20], new_sha1[20];
1339 struct command *cmd;
1340 const char *refname;
1341 int reflen;
1342
1343 if (linelen < 83 ||
1344 line[40] != ' ' ||
1345 line[81] != ' ' ||
1346 get_sha1_hex(line, old_sha1) ||
1347 get_sha1_hex(line + 41, new_sha1))
1348 die("protocol error: expected old/new/ref, got '%s'", line);
1349
1350 refname = line + 82;
1351 reflen = linelen - 82;
1352 cmd = xcalloc(1, sizeof(struct command) + reflen + 1);
1353 hashcpy(cmd->old_sha1, old_sha1);
1354 hashcpy(cmd->new_sha1, new_sha1);
1355 memcpy(cmd->ref_name, refname, reflen);
1356 cmd->ref_name[reflen] = '\0';
1357 *tail = cmd;
1358 return &cmd->next;
1359 }
1360
1361 static void queue_commands_from_cert(struct command **tail,
1362 struct strbuf *push_cert)
1363 {
1364 const char *boc, *eoc;
1365
1366 if (*tail)
1367 die("protocol error: got both push certificate and unsigned commands");
1368
1369 boc = strstr(push_cert->buf, "\n\n");
1370 if (!boc)
1371 die("malformed push certificate %.*s", 100, push_cert->buf);
1372 else
1373 boc += 2;
1374 eoc = push_cert->buf + parse_signature(push_cert->buf, push_cert->len);
1375
1376 while (boc < eoc) {
1377 const char *eol = memchr(boc, '\n', eoc - boc);
1378 tail = queue_command(tail, boc, eol ? eol - boc : eoc - eol);
1379 boc = eol ? eol + 1 : eoc;
1380 }
1381 }
1382
1383 static struct command *read_head_info(struct sha1_array *shallow)
1384 {
1385 struct command *commands = NULL;
1386 struct command **p = &commands;
1387 for (;;) {
1388 char *line;
1389 int len, linelen;
1390
1391 line = packet_read_line(0, &len);
1392 if (!line)
1393 break;
1394
1395 if (len == 48 && starts_with(line, "shallow ")) {
1396 unsigned char sha1[20];
1397 if (get_sha1_hex(line + 8, sha1))
1398 die("protocol error: expected shallow sha, got '%s'",
1399 line + 8);
1400 sha1_array_append(shallow, sha1);
1401 continue;
1402 }
1403
1404 linelen = strlen(line);
1405 if (linelen < len) {
1406 const char *feature_list = line + linelen + 1;
1407 if (parse_feature_request(feature_list, "report-status"))
1408 report_status = 1;
1409 if (parse_feature_request(feature_list, "side-band-64k"))
1410 use_sideband = LARGE_PACKET_MAX;
1411 if (parse_feature_request(feature_list, "quiet"))
1412 quiet = 1;
1413 if (advertise_atomic_push
1414 && parse_feature_request(feature_list, "atomic"))
1415 use_atomic = 1;
1416 }
1417
1418 if (!strcmp(line, "push-cert")) {
1419 int true_flush = 0;
1420 char certbuf[1024];
1421
1422 for (;;) {
1423 len = packet_read(0, NULL, NULL,
1424 certbuf, sizeof(certbuf), 0);
1425 if (!len) {
1426 true_flush = 1;
1427 break;
1428 }
1429 if (!strcmp(certbuf, "push-cert-end\n"))
1430 break; /* end of cert */
1431 strbuf_addstr(&push_cert, certbuf);
1432 }
1433
1434 if (true_flush)
1435 break;
1436 continue;
1437 }
1438
1439 p = queue_command(p, line, linelen);
1440 }
1441
1442 if (push_cert.len)
1443 queue_commands_from_cert(p, &push_cert);
1444
1445 return commands;
1446 }
1447
1448 static const char *parse_pack_header(struct pack_header *hdr)
1449 {
1450 switch (read_pack_header(0, hdr)) {
1451 case PH_ERROR_EOF:
1452 return "eof before pack header was fully read";
1453
1454 case PH_ERROR_PACK_SIGNATURE:
1455 return "protocol error (pack signature mismatch detected)";
1456
1457 case PH_ERROR_PROTOCOL:
1458 return "protocol error (pack version unsupported)";
1459
1460 default:
1461 return "unknown error in parse_pack_header";
1462
1463 case 0:
1464 return NULL;
1465 }
1466 }
1467
1468 static const char *pack_lockfile;
1469
1470 static const char *unpack(int err_fd, struct shallow_info *si)
1471 {
1472 struct pack_header hdr;
1473 const char *hdr_err;
1474 int status;
1475 char hdr_arg[38];
1476 struct child_process child = CHILD_PROCESS_INIT;
1477 int fsck_objects = (receive_fsck_objects >= 0
1478 ? receive_fsck_objects
1479 : transfer_fsck_objects >= 0
1480 ? transfer_fsck_objects
1481 : 0);
1482
1483 hdr_err = parse_pack_header(&hdr);
1484 if (hdr_err) {
1485 if (err_fd > 0)
1486 close(err_fd);
1487 return hdr_err;
1488 }
1489 snprintf(hdr_arg, sizeof(hdr_arg),
1490 "--pack_header=%"PRIu32",%"PRIu32,
1491 ntohl(hdr.hdr_version), ntohl(hdr.hdr_entries));
1492
1493 if (si->nr_ours || si->nr_theirs) {
1494 alt_shallow_file = setup_temporary_shallow(si->shallow);
1495 argv_array_push(&child.args, "--shallow-file");
1496 argv_array_push(&child.args, alt_shallow_file);
1497 }
1498
1499 if (ntohl(hdr.hdr_entries) < unpack_limit) {
1500 argv_array_pushl(&child.args, "unpack-objects", hdr_arg, NULL);
1501 if (quiet)
1502 argv_array_push(&child.args, "-q");
1503 if (fsck_objects)
1504 argv_array_pushf(&child.args, "--strict%s",
1505 fsck_msg_types.buf);
1506 child.no_stdout = 1;
1507 child.err = err_fd;
1508 child.git_cmd = 1;
1509 status = run_command(&child);
1510 if (status)
1511 return "unpack-objects abnormal exit";
1512 } else {
1513 int s;
1514 char keep_arg[256];
1515
1516 s = sprintf(keep_arg, "--keep=receive-pack %"PRIuMAX" on ", (uintmax_t) getpid());
1517 if (gethostname(keep_arg + s, sizeof(keep_arg) - s))
1518 strcpy(keep_arg + s, "localhost");
1519
1520 argv_array_pushl(&child.args, "index-pack",
1521 "--stdin", hdr_arg, keep_arg, NULL);
1522 if (fsck_objects)
1523 argv_array_pushf(&child.args, "--strict%s",
1524 fsck_msg_types.buf);
1525 if (fix_thin)
1526 argv_array_push(&child.args, "--fix-thin");
1527 child.out = -1;
1528 child.err = err_fd;
1529 child.git_cmd = 1;
1530 status = start_command(&child);
1531 if (status)
1532 return "index-pack fork failed";
1533 pack_lockfile = index_pack_lockfile(child.out);
1534 close(child.out);
1535 status = finish_command(&child);
1536 if (status)
1537 return "index-pack abnormal exit";
1538 reprepare_packed_git();
1539 }
1540 return NULL;
1541 }
1542
1543 static const char *unpack_with_sideband(struct shallow_info *si)
1544 {
1545 struct async muxer;
1546 const char *ret;
1547
1548 if (!use_sideband)
1549 return unpack(0, si);
1550
1551 memset(&muxer, 0, sizeof(muxer));
1552 muxer.proc = copy_to_sideband;
1553 muxer.in = -1;
1554 if (start_async(&muxer))
1555 return NULL;
1556
1557 ret = unpack(muxer.in, si);
1558
1559 finish_async(&muxer);
1560 return ret;
1561 }
1562
1563 static void prepare_shallow_update(struct command *commands,
1564 struct shallow_info *si)
1565 {
1566 int i, j, k, bitmap_size = (si->ref->nr + 31) / 32;
1567
1568 si->used_shallow = xmalloc(sizeof(*si->used_shallow) *
1569 si->shallow->nr);
1570 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
1571
1572 si->need_reachability_test =
1573 xcalloc(si->shallow->nr, sizeof(*si->need_reachability_test));
1574 si->reachable =
1575 xcalloc(si->shallow->nr, sizeof(*si->reachable));
1576 si->shallow_ref = xcalloc(si->ref->nr, sizeof(*si->shallow_ref));
1577
1578 for (i = 0; i < si->nr_ours; i++)
1579 si->need_reachability_test[si->ours[i]] = 1;
1580
1581 for (i = 0; i < si->shallow->nr; i++) {
1582 if (!si->used_shallow[i])
1583 continue;
1584 for (j = 0; j < bitmap_size; j++) {
1585 if (!si->used_shallow[i][j])
1586 continue;
1587 si->need_reachability_test[i]++;
1588 for (k = 0; k < 32; k++)
1589 if (si->used_shallow[i][j] & (1 << k))
1590 si->shallow_ref[j * 32 + k]++;
1591 }
1592
1593 /*
1594 * true for those associated with some refs and belong
1595 * in "ours" list aka "step 7 not done yet"
1596 */
1597 si->need_reachability_test[i] =
1598 si->need_reachability_test[i] > 1;
1599 }
1600
1601 /*
1602 * keep hooks happy by forcing a temporary shallow file via
1603 * env variable because we can't add --shallow-file to every
1604 * command. check_everything_connected() will be done with
1605 * true .git/shallow though.
1606 */
1607 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
1608 }
1609
1610 static void update_shallow_info(struct command *commands,
1611 struct shallow_info *si,
1612 struct sha1_array *ref)
1613 {
1614 struct command *cmd;
1615 int *ref_status;
1616 remove_nonexistent_theirs_shallow(si);
1617 if (!si->nr_ours && !si->nr_theirs) {
1618 shallow_update = 0;
1619 return;
1620 }
1621
1622 for (cmd = commands; cmd; cmd = cmd->next) {
1623 if (is_null_sha1(cmd->new_sha1))
1624 continue;
1625 sha1_array_append(ref, cmd->new_sha1);
1626 cmd->index = ref->nr - 1;
1627 }
1628 si->ref = ref;
1629
1630 if (shallow_update) {
1631 prepare_shallow_update(commands, si);
1632 return;
1633 }
1634
1635 ref_status = xmalloc(sizeof(*ref_status) * ref->nr);
1636 assign_shallow_commits_to_refs(si, NULL, ref_status);
1637 for (cmd = commands; cmd; cmd = cmd->next) {
1638 if (is_null_sha1(cmd->new_sha1))
1639 continue;
1640 if (ref_status[cmd->index]) {
1641 cmd->error_string = "shallow update not allowed";
1642 cmd->skip_update = 1;
1643 }
1644 }
1645 free(ref_status);
1646 }
1647
1648 static void report(struct command *commands, const char *unpack_status)
1649 {
1650 struct command *cmd;
1651 struct strbuf buf = STRBUF_INIT;
1652
1653 packet_buf_write(&buf, "unpack %s\n",
1654 unpack_status ? unpack_status : "ok");
1655 for (cmd = commands; cmd; cmd = cmd->next) {
1656 if (!cmd->error_string)
1657 packet_buf_write(&buf, "ok %s\n",
1658 cmd->ref_name);
1659 else
1660 packet_buf_write(&buf, "ng %s %s\n",
1661 cmd->ref_name, cmd->error_string);
1662 }
1663 packet_buf_flush(&buf);
1664
1665 if (use_sideband)
1666 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
1667 else
1668 write_or_die(1, buf.buf, buf.len);
1669 strbuf_release(&buf);
1670 }
1671
1672 static int delete_only(struct command *commands)
1673 {
1674 struct command *cmd;
1675 for (cmd = commands; cmd; cmd = cmd->next) {
1676 if (!is_null_sha1(cmd->new_sha1))
1677 return 0;
1678 }
1679 return 1;
1680 }
1681
1682 int cmd_receive_pack(int argc, const char **argv, const char *prefix)
1683 {
1684 int advertise_refs = 0;
1685 int i;
1686 struct command *commands;
1687 struct sha1_array shallow = SHA1_ARRAY_INIT;
1688 struct sha1_array ref = SHA1_ARRAY_INIT;
1689 struct shallow_info si;
1690
1691 packet_trace_identity("receive-pack");
1692
1693 argv++;
1694 for (i = 1; i < argc; i++) {
1695 const char *arg = *argv++;
1696
1697 if (*arg == '-') {
1698 if (!strcmp(arg, "--quiet")) {
1699 quiet = 1;
1700 continue;
1701 }
1702
1703 if (!strcmp(arg, "--advertise-refs")) {
1704 advertise_refs = 1;
1705 continue;
1706 }
1707 if (!strcmp(arg, "--stateless-rpc")) {
1708 stateless_rpc = 1;
1709 continue;
1710 }
1711 if (!strcmp(arg, "--reject-thin-pack-for-testing")) {
1712 fix_thin = 0;
1713 continue;
1714 }
1715
1716 usage(receive_pack_usage);
1717 }
1718 if (service_dir)
1719 usage(receive_pack_usage);
1720 service_dir = arg;
1721 }
1722 if (!service_dir)
1723 usage(receive_pack_usage);
1724
1725 setup_path();
1726
1727 if (!enter_repo(service_dir, 0))
1728 die("'%s' does not appear to be a git repository", service_dir);
1729
1730 git_config(receive_pack_config, NULL);
1731 if (cert_nonce_seed)
1732 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
1733
1734 if (0 <= transfer_unpack_limit)
1735 unpack_limit = transfer_unpack_limit;
1736 else if (0 <= receive_unpack_limit)
1737 unpack_limit = receive_unpack_limit;
1738
1739 if (advertise_refs || !stateless_rpc) {
1740 write_head_info();
1741 }
1742 if (advertise_refs)
1743 return 0;
1744
1745 if ((commands = read_head_info(&shallow)) != NULL) {
1746 const char *unpack_status = NULL;
1747
1748 prepare_shallow_info(&si, &shallow);
1749 if (!si.nr_ours && !si.nr_theirs)
1750 shallow_update = 0;
1751 if (!delete_only(commands)) {
1752 unpack_status = unpack_with_sideband(&si);
1753 update_shallow_info(commands, &si, &ref);
1754 }
1755 execute_commands(commands, unpack_status, &si);
1756 if (pack_lockfile)
1757 unlink_or_warn(pack_lockfile);
1758 if (report_status)
1759 report(commands, unpack_status);
1760 run_receive_hook(commands, "post-receive", 1);
1761 run_update_post_hook(commands);
1762 if (auto_gc) {
1763 const char *argv_gc_auto[] = {
1764 "gc", "--auto", "--quiet", NULL,
1765 };
1766 int opt = RUN_GIT_CMD | RUN_COMMAND_STDOUT_TO_STDERR;
1767 run_command_v_opt(argv_gc_auto, opt);
1768 }
1769 if (auto_update_server_info)
1770 update_server_info(0);
1771 clear_shallow_info(&si);
1772 }
1773 if (use_sideband)
1774 packet_flush(1);
1775 sha1_array_clear(&shallow);
1776 sha1_array_clear(&ref);
1777 free((void *)push_cert_nonce);
1778 return 0;
1779 }
Unnamed repository; edit this file 'description' to name the repository.