]> git.ipfire.org Git - thirdparty/git.git/blob - http.c
projects / thirdparty / git.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
t1300: demonstrate failure when renaming sections with long lines
[thirdparty/git.git] / http.c
1 #include "git-compat-util.h"
2 #include "http.h"
3 #include "config.h"
4 #include "pack.h"
5 #include "sideband.h"
6 #include "run-command.h"
7 #include "url.h"
8 #include "urlmatch.h"
9 #include "credential.h"
10 #include "version.h"
11 #include "pkt-line.h"
12 #include "gettext.h"
13 #include "transport.h"
14 #include "packfile.h"
15 #include "protocol.h"
16 #include "string-list.h"
17 #include "object-store.h"
18
19 static struct trace_key trace_curl = TRACE_KEY_INIT(CURL);
20 static int trace_curl_data = 1;
21 static int trace_curl_redact = 1;
22 #if LIBCURL_VERSION_NUM >= 0x070a08
23 long int git_curl_ipresolve = CURL_IPRESOLVE_WHATEVER;
24 #else
25 long int git_curl_ipresolve;
26 #endif
27 int active_requests;
28 int http_is_verbose;
29 ssize_t http_post_buffer = 16 * LARGE_PACKET_MAX;
30
31 #if LIBCURL_VERSION_NUM >= 0x070a06
32 #define LIBCURL_CAN_HANDLE_AUTH_ANY
33 #endif
34
35 static int min_curl_sessions = 1;
36 static int curl_session_count;
37 #ifdef USE_CURL_MULTI
38 static int max_requests = -1;
39 static CURLM *curlm;
40 #endif
41 #ifndef NO_CURL_EASY_DUPHANDLE
42 static CURL *curl_default;
43 #endif
44
45 #define PREV_BUF_SIZE 4096
46
47 char curl_errorstr[CURL_ERROR_SIZE];
48
49 static int curl_ssl_verify = -1;
50 static int curl_ssl_try;
51 static const char *curl_http_version = NULL;
52 static const char *ssl_cert;
53 static const char *ssl_cipherlist;
54 static const char *ssl_version;
55 static struct {
56 const char *name;
57 long ssl_version;
58 } sslversions[] = {
59 { "sslv2", CURL_SSLVERSION_SSLv2 },
60 { "sslv3", CURL_SSLVERSION_SSLv3 },
61 { "tlsv1", CURL_SSLVERSION_TLSv1 },
62 #if LIBCURL_VERSION_NUM >= 0x072200
63 { "tlsv1.0", CURL_SSLVERSION_TLSv1_0 },
64 { "tlsv1.1", CURL_SSLVERSION_TLSv1_1 },
65 { "tlsv1.2", CURL_SSLVERSION_TLSv1_2 },
66 #endif
67 #if LIBCURL_VERSION_NUM >= 0x073400
68 { "tlsv1.3", CURL_SSLVERSION_TLSv1_3 },
69 #endif
70 };
71 #if LIBCURL_VERSION_NUM >= 0x070903
72 static const char *ssl_key;
73 #endif
74 #if LIBCURL_VERSION_NUM >= 0x070908
75 static const char *ssl_capath;
76 #endif
77 #if LIBCURL_VERSION_NUM >= 0x071304
78 static const char *curl_no_proxy;
79 #endif
80 #if LIBCURL_VERSION_NUM >= 0x072c00
81 static const char *ssl_pinnedkey;
82 #endif
83 static const char *ssl_cainfo;
84 static long curl_low_speed_limit = -1;
85 static long curl_low_speed_time = -1;
86 static int curl_ftp_no_epsv;
87 static const char *curl_http_proxy;
88 static const char *http_proxy_authmethod;
89
90 static const char *http_proxy_ssl_cert;
91 static const char *http_proxy_ssl_key;
92 static const char *http_proxy_ssl_ca_info;
93 static struct credential proxy_cert_auth = CREDENTIAL_INIT;
94 static int proxy_ssl_cert_password_required;
95
96 static struct {
97 const char *name;
98 long curlauth_param;
99 } proxy_authmethods[] = {
100 { "basic", CURLAUTH_BASIC },
101 { "digest", CURLAUTH_DIGEST },
102 { "negotiate", CURLAUTH_GSSNEGOTIATE },
103 { "ntlm", CURLAUTH_NTLM },
104 #ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
105 { "anyauth", CURLAUTH_ANY },
106 #endif
107 /*
108 * CURLAUTH_DIGEST_IE has no corresponding command-line option in
109 * curl(1) and is not included in CURLAUTH_ANY, so we leave it out
110 * here, too
111 */
112 };
113 #ifdef CURLGSSAPI_DELEGATION_FLAG
114 static const char *curl_deleg;
115 static struct {
116 const char *name;
117 long curl_deleg_param;
118 } curl_deleg_levels[] = {
119 { "none", CURLGSSAPI_DELEGATION_NONE },
120 { "policy", CURLGSSAPI_DELEGATION_POLICY_FLAG },
121 { "always", CURLGSSAPI_DELEGATION_FLAG },
122 };
123 #endif
124
125 static struct credential proxy_auth = CREDENTIAL_INIT;
126 static const char *curl_proxyuserpwd;
127 static const char *curl_cookie_file;
128 static int curl_save_cookies;
129 struct credential http_auth = CREDENTIAL_INIT;
130 static int http_proactive_auth;
131 static const char *user_agent;
132 static int curl_empty_auth = -1;
133
134 enum http_follow_config http_follow_config = HTTP_FOLLOW_INITIAL;
135
136 #if LIBCURL_VERSION_NUM >= 0x071700
137 /* Use CURLOPT_KEYPASSWD as is */
138 #elif LIBCURL_VERSION_NUM >= 0x070903
139 #define CURLOPT_KEYPASSWD CURLOPT_SSLKEYPASSWD
140 #else
141 #define CURLOPT_KEYPASSWD CURLOPT_SSLCERTPASSWD
142 #endif
143
144 static struct credential cert_auth = CREDENTIAL_INIT;
145 static int ssl_cert_password_required;
146 #ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
147 static unsigned long http_auth_methods = CURLAUTH_ANY;
148 static int http_auth_methods_restricted;
149 /* Modes for which empty_auth cannot actually help us. */
150 static unsigned long empty_auth_useless =
151 CURLAUTH_BASIC
152 #ifdef CURLAUTH_DIGEST_IE
153 | CURLAUTH_DIGEST_IE
154 #endif
155 | CURLAUTH_DIGEST;
156 #endif
157
158 static struct curl_slist *pragma_header;
159 static struct curl_slist *no_pragma_header;
160 static struct string_list extra_http_headers = STRING_LIST_INIT_DUP;
161
162 static struct active_request_slot *active_queue_head;
163
164 static char *cached_accept_language;
165
166 static char *http_ssl_backend;
167
168 static int http_schannel_check_revoke = 1;
169 /*
170 * With the backend being set to `schannel`, setting sslCAinfo would override
171 * the Certificate Store in cURL v7.60.0 and later, which is not what we want
172 * by default.
173 */
174 static int http_schannel_use_ssl_cainfo;
175
176 size_t fread_buffer(char *ptr, size_t eltsize, size_t nmemb, void *buffer_)
177 {
178 size_t size = eltsize * nmemb;
179 struct buffer *buffer = buffer_;
180
181 if (size > buffer->buf.len - buffer->posn)
182 size = buffer->buf.len - buffer->posn;
183 memcpy(ptr, buffer->buf.buf + buffer->posn, size);
184 buffer->posn += size;
185
186 return size / eltsize;
187 }
188
189 #ifndef NO_CURL_SEEK
190 int seek_buffer(void *clientp, curl_off_t offset, int origin)
191 {
192 struct buffer *buffer = clientp;
193
194 if (origin != SEEK_SET)
195 BUG("seek_buffer only handles SEEK_SET");
196 if (offset < 0 || offset >= buffer->buf.len) {
197 error("curl seek would be outside of buffer");
198 return CURL_SEEKFUNC_FAIL;
199 }
200
201 buffer->posn = offset;
202 return CURL_SEEKFUNC_OK;
203 }
204 #endif
205
206 size_t fwrite_buffer(char *ptr, size_t eltsize, size_t nmemb, void *buffer_)
207 {
208 size_t size = eltsize * nmemb;
209 struct strbuf *buffer = buffer_;
210
211 strbuf_add(buffer, ptr, size);
212 return nmemb;
213 }
214
215 size_t fwrite_null(char *ptr, size_t eltsize, size_t nmemb, void *strbuf)
216 {
217 return nmemb;
218 }
219
220 static void closedown_active_slot(struct active_request_slot *slot)
221 {
222 active_requests--;
223 slot->in_use = 0;
224 }
225
226 static void finish_active_slot(struct active_request_slot *slot)
227 {
228 closedown_active_slot(slot);
229 curl_easy_getinfo(slot->curl, CURLINFO_HTTP_CODE, &slot->http_code);
230
231 if (slot->finished != NULL)
232 (*slot->finished) = 1;
233
234 /* Store slot results so they can be read after the slot is reused */
235 if (slot->results != NULL) {
236 slot->results->curl_result = slot->curl_result;
237 slot->results->http_code = slot->http_code;
238 #if LIBCURL_VERSION_NUM >= 0x070a08
239 curl_easy_getinfo(slot->curl, CURLINFO_HTTPAUTH_AVAIL,
240 &slot->results->auth_avail);
241 #else
242 slot->results->auth_avail = 0;
243 #endif
244
245 curl_easy_getinfo(slot->curl, CURLINFO_HTTP_CONNECTCODE,
246 &slot->results->http_connectcode);
247 }
248
249 /* Run callback if appropriate */
250 if (slot->callback_func != NULL)
251 slot->callback_func(slot->callback_data);
252 }
253
254 static void xmulti_remove_handle(struct active_request_slot *slot)
255 {
256 #ifdef USE_CURL_MULTI
257 curl_multi_remove_handle(curlm, slot->curl);
258 #endif
259 }
260
261 #ifdef USE_CURL_MULTI
262 static void process_curl_messages(void)
263 {
264 int num_messages;
265 struct active_request_slot *slot;
266 CURLMsg *curl_message = curl_multi_info_read(curlm, &num_messages);
267
268 while (curl_message != NULL) {
269 if (curl_message->msg == CURLMSG_DONE) {
270 int curl_result = curl_message->data.result;
271 slot = active_queue_head;
272 while (slot != NULL &&
273 slot->curl != curl_message->easy_handle)
274 slot = slot->next;
275 if (slot != NULL) {
276 xmulti_remove_handle(slot);
277 slot->curl_result = curl_result;
278 finish_active_slot(slot);
279 } else {
280 fprintf(stderr, "Received DONE message for unknown request!\n");
281 }
282 } else {
283 fprintf(stderr, "Unknown CURL message received: %d\n",
284 (int)curl_message->msg);
285 }
286 curl_message = curl_multi_info_read(curlm, &num_messages);
287 }
288 }
289 #endif
290
291 static int http_options(const char *var, const char *value, void *cb)
292 {
293 if (!strcmp("http.version", var)) {
294 return git_config_string(&curl_http_version, var, value);
295 }
296 if (!strcmp("http.sslverify", var)) {
297 curl_ssl_verify = git_config_bool(var, value);
298 return 0;
299 }
300 if (!strcmp("http.sslcipherlist", var))
301 return git_config_string(&ssl_cipherlist, var, value);
302 if (!strcmp("http.sslversion", var))
303 return git_config_string(&ssl_version, var, value);
304 if (!strcmp("http.sslcert", var))
305 return git_config_pathname(&ssl_cert, var, value);
306 #if LIBCURL_VERSION_NUM >= 0x070903
307 if (!strcmp("http.sslkey", var))
308 return git_config_pathname(&ssl_key, var, value);
309 #endif
310 #if LIBCURL_VERSION_NUM >= 0x070908
311 if (!strcmp("http.sslcapath", var))
312 return git_config_pathname(&ssl_capath, var, value);
313 #endif
314 if (!strcmp("http.sslcainfo", var))
315 return git_config_pathname(&ssl_cainfo, var, value);
316 if (!strcmp("http.sslcertpasswordprotected", var)) {
317 ssl_cert_password_required = git_config_bool(var, value);
318 return 0;
319 }
320 if (!strcmp("http.ssltry", var)) {
321 curl_ssl_try = git_config_bool(var, value);
322 return 0;
323 }
324 if (!strcmp("http.sslbackend", var)) {
325 free(http_ssl_backend);
326 http_ssl_backend = xstrdup_or_null(value);
327 return 0;
328 }
329
330 if (!strcmp("http.schannelcheckrevoke", var)) {
331 http_schannel_check_revoke = git_config_bool(var, value);
332 return 0;
333 }
334
335 if (!strcmp("http.schannelusesslcainfo", var)) {
336 http_schannel_use_ssl_cainfo = git_config_bool(var, value);
337 return 0;
338 }
339
340 if (!strcmp("http.minsessions", var)) {
341 min_curl_sessions = git_config_int(var, value);
342 #ifndef USE_CURL_MULTI
343 if (min_curl_sessions > 1)
344 min_curl_sessions = 1;
345 #endif
346 return 0;
347 }
348 #ifdef USE_CURL_MULTI
349 if (!strcmp("http.maxrequests", var)) {
350 max_requests = git_config_int(var, value);
351 return 0;
352 }
353 #endif
354 if (!strcmp("http.lowspeedlimit", var)) {
355 curl_low_speed_limit = (long)git_config_int(var, value);
356 return 0;
357 }
358 if (!strcmp("http.lowspeedtime", var)) {
359 curl_low_speed_time = (long)git_config_int(var, value);
360 return 0;
361 }
362
363 if (!strcmp("http.noepsv", var)) {
364 curl_ftp_no_epsv = git_config_bool(var, value);
365 return 0;
366 }
367 if (!strcmp("http.proxy", var))
368 return git_config_string(&curl_http_proxy, var, value);
369
370 if (!strcmp("http.proxyauthmethod", var))
371 return git_config_string(&http_proxy_authmethod, var, value);
372
373 if (!strcmp("http.proxysslcert", var))
374 return git_config_string(&http_proxy_ssl_cert, var, value);
375
376 if (!strcmp("http.proxysslkey", var))
377 return git_config_string(&http_proxy_ssl_key, var, value);
378
379 if (!strcmp("http.proxysslcainfo", var))
380 return git_config_string(&http_proxy_ssl_ca_info, var, value);
381
382 if (!strcmp("http.proxysslcertpasswordprotected", var)) {
383 proxy_ssl_cert_password_required = git_config_bool(var, value);
384 return 0;
385 }
386
387 if (!strcmp("http.cookiefile", var))
388 return git_config_pathname(&curl_cookie_file, var, value);
389 if (!strcmp("http.savecookies", var)) {
390 curl_save_cookies = git_config_bool(var, value);
391 return 0;
392 }
393
394 if (!strcmp("http.postbuffer", var)) {
395 http_post_buffer = git_config_ssize_t(var, value);
396 if (http_post_buffer < 0)
397 warning(_("negative value for http.postbuffer; defaulting to %d"), LARGE_PACKET_MAX);
398 if (http_post_buffer < LARGE_PACKET_MAX)
399 http_post_buffer = LARGE_PACKET_MAX;
400 return 0;
401 }
402
403 if (!strcmp("http.useragent", var))
404 return git_config_string(&user_agent, var, value);
405
406 if (!strcmp("http.emptyauth", var)) {
407 if (value && !strcmp("auto", value))
408 curl_empty_auth = -1;
409 else
410 curl_empty_auth = git_config_bool(var, value);
411 return 0;
412 }
413
414 if (!strcmp("http.delegation", var)) {
415 #ifdef CURLGSSAPI_DELEGATION_FLAG
416 return git_config_string(&curl_deleg, var, value);
417 #else
418 warning(_("Delegation control is not supported with cURL < 7.22.0"));
419 return 0;
420 #endif
421 }
422
423 if (!strcmp("http.pinnedpubkey", var)) {
424 #if LIBCURL_VERSION_NUM >= 0x072c00
425 return git_config_pathname(&ssl_pinnedkey, var, value);
426 #else
427 warning(_("Public key pinning not supported with cURL < 7.44.0"));
428 return 0;
429 #endif
430 }
431
432 if (!strcmp("http.extraheader", var)) {
433 if (!value) {
434 return config_error_nonbool(var);
435 } else if (!*value) {
436 string_list_clear(&extra_http_headers, 0);
437 } else {
438 string_list_append(&extra_http_headers, value);
439 }
440 return 0;
441 }
442
443 if (!strcmp("http.followredirects", var)) {
444 if (value && !strcmp(value, "initial"))
445 http_follow_config = HTTP_FOLLOW_INITIAL;
446 else if (git_config_bool(var, value))
447 http_follow_config = HTTP_FOLLOW_ALWAYS;
448 else
449 http_follow_config = HTTP_FOLLOW_NONE;
450 return 0;
451 }
452
453 /* Fall back on the default ones */
454 return git_default_config(var, value, cb);
455 }
456
457 static int curl_empty_auth_enabled(void)
458 {
459 if (curl_empty_auth >= 0)
460 return curl_empty_auth;
461
462 #ifndef LIBCURL_CAN_HANDLE_AUTH_ANY
463 /*
464 * Our libcurl is too old to do AUTH_ANY in the first place;
465 * just default to turning the feature off.
466 */
467 #else
468 /*
469 * In the automatic case, kick in the empty-auth
470 * hack as long as we would potentially try some
471 * method more exotic than "Basic" or "Digest".
472 *
473 * But only do this when this is our second or
474 * subsequent request, as by then we know what
475 * methods are available.
476 */
477 if (http_auth_methods_restricted &&
478 (http_auth_methods & ~empty_auth_useless))
479 return 1;
480 #endif
481 return 0;
482 }
483
484 static void init_curl_http_auth(CURL *result)
485 {
486 if (!http_auth.username || !*http_auth.username) {
487 if (curl_empty_auth_enabled())
488 curl_easy_setopt(result, CURLOPT_USERPWD, ":");
489 return;
490 }
491
492 credential_fill(&http_auth);
493
494 #if LIBCURL_VERSION_NUM >= 0x071301
495 curl_easy_setopt(result, CURLOPT_USERNAME, http_auth.username);
496 curl_easy_setopt(result, CURLOPT_PASSWORD, http_auth.password);
497 #else
498 {
499 static struct strbuf up = STRBUF_INIT;
500 /*
501 * Note that we assume we only ever have a single set of
502 * credentials in a given program run, so we do not have
503 * to worry about updating this buffer, only setting its
504 * initial value.
505 */
506 if (!up.len)
507 strbuf_addf(&up, "%s:%s",
508 http_auth.username, http_auth.password);
509 curl_easy_setopt(result, CURLOPT_USERPWD, up.buf);
510 }
511 #endif
512 }
513
514 /* *var must be free-able */
515 static void var_override(const char **var, char *value)
516 {
517 if (value) {
518 free((void *)*var);
519 *var = xstrdup(value);
520 }
521 }
522
523 static void set_proxyauth_name_password(CURL *result)
524 {
525 #if LIBCURL_VERSION_NUM >= 0x071301
526 curl_easy_setopt(result, CURLOPT_PROXYUSERNAME,
527 proxy_auth.username);
528 curl_easy_setopt(result, CURLOPT_PROXYPASSWORD,
529 proxy_auth.password);
530 #else
531 struct strbuf s = STRBUF_INIT;
532
533 strbuf_addstr_urlencode(&s, proxy_auth.username,
534 is_rfc3986_unreserved);
535 strbuf_addch(&s, ':');
536 strbuf_addstr_urlencode(&s, proxy_auth.password,
537 is_rfc3986_unreserved);
538 curl_proxyuserpwd = strbuf_detach(&s, NULL);
539 curl_easy_setopt(result, CURLOPT_PROXYUSERPWD, curl_proxyuserpwd);
540 #endif
541 }
542
543 static void init_curl_proxy_auth(CURL *result)
544 {
545 if (proxy_auth.username) {
546 if (!proxy_auth.password)
547 credential_fill(&proxy_auth);
548 set_proxyauth_name_password(result);
549 }
550
551 var_override(&http_proxy_authmethod, getenv("GIT_HTTP_PROXY_AUTHMETHOD"));
552
553 #if LIBCURL_VERSION_NUM >= 0x070a07 /* CURLOPT_PROXYAUTH and CURLAUTH_ANY */
554 if (http_proxy_authmethod) {
555 int i;
556 for (i = 0; i < ARRAY_SIZE(proxy_authmethods); i++) {
557 if (!strcmp(http_proxy_authmethod, proxy_authmethods[i].name)) {
558 curl_easy_setopt(result, CURLOPT_PROXYAUTH,
559 proxy_authmethods[i].curlauth_param);
560 break;
561 }
562 }
563 if (i == ARRAY_SIZE(proxy_authmethods)) {
564 warning("unsupported proxy authentication method %s: using anyauth",
565 http_proxy_authmethod);
566 curl_easy_setopt(result, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
567 }
568 }
569 else
570 curl_easy_setopt(result, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
571 #endif
572 }
573
574 static int has_cert_password(void)
575 {
576 if (ssl_cert == NULL || ssl_cert_password_required != 1)
577 return 0;
578 if (!cert_auth.password) {
579 cert_auth.protocol = xstrdup("cert");
580 cert_auth.host = xstrdup("");
581 cert_auth.username = xstrdup("");
582 cert_auth.path = xstrdup(ssl_cert);
583 credential_fill(&cert_auth);
584 }
585 return 1;
586 }
587
588 #if LIBCURL_VERSION_NUM >= 0x073400
589 static int has_proxy_cert_password(void)
590 {
591 if (http_proxy_ssl_cert == NULL || proxy_ssl_cert_password_required != 1)
592 return 0;
593 if (!proxy_cert_auth.password) {
594 proxy_cert_auth.protocol = xstrdup("cert");
595 proxy_cert_auth.host = xstrdup("");
596 proxy_cert_auth.username = xstrdup("");
597 proxy_cert_auth.path = xstrdup(http_proxy_ssl_cert);
598 credential_fill(&proxy_cert_auth);
599 }
600 return 1;
601 }
602 #endif
603
604 #if LIBCURL_VERSION_NUM >= 0x071900
605 static void set_curl_keepalive(CURL *c)
606 {
607 curl_easy_setopt(c, CURLOPT_TCP_KEEPALIVE, 1);
608 }
609
610 #elif LIBCURL_VERSION_NUM >= 0x071000
611 static int sockopt_callback(void *client, curl_socket_t fd, curlsocktype type)
612 {
613 int ka = 1;
614 int rc;
615 socklen_t len = (socklen_t)sizeof(ka);
616
617 if (type != CURLSOCKTYPE_IPCXN)
618 return 0;
619
620 rc = setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, (void *)&ka, len);
621 if (rc < 0)
622 warning_errno("unable to set SO_KEEPALIVE on socket");
623
624 return 0; /* CURL_SOCKOPT_OK only exists since curl 7.21.5 */
625 }
626
627 static void set_curl_keepalive(CURL *c)
628 {
629 curl_easy_setopt(c, CURLOPT_SOCKOPTFUNCTION, sockopt_callback);
630 }
631
632 #else
633 static void set_curl_keepalive(CURL *c)
634 {
635 /* not supported on older curl versions */
636 }
637 #endif
638
639 static void redact_sensitive_header(struct strbuf *header)
640 {
641 const char *sensitive_header;
642
643 if (trace_curl_redact &&
644 (skip_prefix(header->buf, "Authorization:", &sensitive_header) ||
645 skip_prefix(header->buf, "Proxy-Authorization:", &sensitive_header))) {
646 /* The first token is the type, which is OK to log */
647 while (isspace(*sensitive_header))
648 sensitive_header++;
649 while (*sensitive_header && !isspace(*sensitive_header))
650 sensitive_header++;
651 /* Everything else is opaque and possibly sensitive */
652 strbuf_setlen(header, sensitive_header - header->buf);
653 strbuf_addstr(header, " <redacted>");
654 } else if (trace_curl_redact &&
655 skip_prefix(header->buf, "Cookie:", &sensitive_header)) {
656 struct strbuf redacted_header = STRBUF_INIT;
657 const char *cookie;
658
659 while (isspace(*sensitive_header))
660 sensitive_header++;
661
662 cookie = sensitive_header;
663
664 while (cookie) {
665 char *equals;
666 char *semicolon = strstr(cookie, "; ");
667 if (semicolon)
668 *semicolon = 0;
669 equals = strchrnul(cookie, '=');
670 if (!equals) {
671 /* invalid cookie, just append and continue */
672 strbuf_addstr(&redacted_header, cookie);
673 continue;
674 }
675 strbuf_add(&redacted_header, cookie, equals - cookie);
676 strbuf_addstr(&redacted_header, "=<redacted>");
677 if (semicolon) {
678 /*
679 * There are more cookies. (Or, for some
680 * reason, the input string ends in "; ".)
681 */
682 strbuf_addstr(&redacted_header, "; ");
683 cookie = semicolon + strlen("; ");
684 } else {
685 cookie = NULL;
686 }
687 }
688
689 strbuf_setlen(header, sensitive_header - header->buf);
690 strbuf_addbuf(header, &redacted_header);
691 }
692 }
693
694 static void curl_dump_header(const char *text, unsigned char *ptr, size_t size, int hide_sensitive_header)
695 {
696 struct strbuf out = STRBUF_INIT;
697 struct strbuf **headers, **header;
698
699 strbuf_addf(&out, "%s, %10.10ld bytes (0x%8.8lx)\n",
700 text, (long)size, (long)size);
701 trace_strbuf(&trace_curl, &out);
702 strbuf_reset(&out);
703 strbuf_add(&out, ptr, size);
704 headers = strbuf_split_max(&out, '\n', 0);
705
706 for (header = headers; *header; header++) {
707 if (hide_sensitive_header)
708 redact_sensitive_header(*header);
709 strbuf_insertstr((*header), 0, text);
710 strbuf_insertstr((*header), strlen(text), ": ");
711 strbuf_rtrim((*header));
712 strbuf_addch((*header), '\n');
713 trace_strbuf(&trace_curl, (*header));
714 }
715 strbuf_list_free(headers);
716 strbuf_release(&out);
717 }
718
719 static void curl_dump_data(const char *text, unsigned char *ptr, size_t size)
720 {
721 size_t i;
722 struct strbuf out = STRBUF_INIT;
723 unsigned int width = 60;
724
725 strbuf_addf(&out, "%s, %10.10ld bytes (0x%8.8lx)\n",
726 text, (long)size, (long)size);
727 trace_strbuf(&trace_curl, &out);
728
729 for (i = 0; i < size; i += width) {
730 size_t w;
731
732 strbuf_reset(&out);
733 strbuf_addf(&out, "%s: ", text);
734 for (w = 0; (w < width) && (i + w < size); w++) {
735 unsigned char ch = ptr[i + w];
736
737 strbuf_addch(&out,
738 (ch >= 0x20) && (ch < 0x80)
739 ? ch : '.');
740 }
741 strbuf_addch(&out, '\n');
742 trace_strbuf(&trace_curl, &out);
743 }
744 strbuf_release(&out);
745 }
746
747 static int curl_trace(CURL *handle, curl_infotype type, char *data, size_t size, void *userp)
748 {
749 const char *text;
750 enum { NO_FILTER = 0, DO_FILTER = 1 };
751
752 switch (type) {
753 case CURLINFO_TEXT:
754 trace_printf_key(&trace_curl, "== Info: %s", data);
755 break;
756 case CURLINFO_HEADER_OUT:
757 text = "=> Send header";
758 curl_dump_header(text, (unsigned char *)data, size, DO_FILTER);
759 break;
760 case CURLINFO_DATA_OUT:
761 if (trace_curl_data) {
762 text = "=> Send data";
763 curl_dump_data(text, (unsigned char *)data, size);
764 }
765 break;
766 case CURLINFO_SSL_DATA_OUT:
767 if (trace_curl_data) {
768 text = "=> Send SSL data";
769 curl_dump_data(text, (unsigned char *)data, size);
770 }
771 break;
772 case CURLINFO_HEADER_IN:
773 text = "<= Recv header";
774 curl_dump_header(text, (unsigned char *)data, size, NO_FILTER);
775 break;
776 case CURLINFO_DATA_IN:
777 if (trace_curl_data) {
778 text = "<= Recv data";
779 curl_dump_data(text, (unsigned char *)data, size);
780 }
781 break;
782 case CURLINFO_SSL_DATA_IN:
783 if (trace_curl_data) {
784 text = "<= Recv SSL data";
785 curl_dump_data(text, (unsigned char *)data, size);
786 }
787 break;
788
789 default: /* we ignore unknown types by default */
790 return 0;
791 }
792 return 0;
793 }
794
795 void http_trace_curl_no_data(void)
796 {
797 trace_override_envvar(&trace_curl, "1");
798 trace_curl_data = 0;
799 }
800
801 void setup_curl_trace(CURL *handle)
802 {
803 if (!trace_want(&trace_curl))
804 return;
805 curl_easy_setopt(handle, CURLOPT_VERBOSE, 1L);
806 curl_easy_setopt(handle, CURLOPT_DEBUGFUNCTION, curl_trace);
807 curl_easy_setopt(handle, CURLOPT_DEBUGDATA, NULL);
808 }
809
810 #ifdef CURLPROTO_HTTP
811 static void proto_list_append(struct strbuf *list, const char *proto)
812 {
813 if (!list)
814 return;
815 if (list->len)
816 strbuf_addch(list, ',');
817 strbuf_addstr(list, proto);
818 }
819
820 static long get_curl_allowed_protocols(int from_user, struct strbuf *list)
821 {
822 long bits = 0;
823
824 if (is_transport_allowed("http", from_user)) {
825 bits |= CURLPROTO_HTTP;
826 proto_list_append(list, "http");
827 }
828 if (is_transport_allowed("https", from_user)) {
829 bits |= CURLPROTO_HTTPS;
830 proto_list_append(list, "https");
831 }
832 if (is_transport_allowed("ftp", from_user)) {
833 bits |= CURLPROTO_FTP;
834 proto_list_append(list, "ftp");
835 }
836 if (is_transport_allowed("ftps", from_user)) {
837 bits |= CURLPROTO_FTPS;
838 proto_list_append(list, "ftps");
839 }
840
841 return bits;
842 }
843 #endif
844
845 #if LIBCURL_VERSION_NUM >=0x072f00
846 static int get_curl_http_version_opt(const char *version_string, long *opt)
847 {
848 int i;
849 static struct {
850 const char *name;
851 long opt_token;
852 } choice[] = {
853 { "HTTP/1.1", CURL_HTTP_VERSION_1_1 },
854 { "HTTP/2", CURL_HTTP_VERSION_2 }
855 };
856
857 for (i = 0; i < ARRAY_SIZE(choice); i++) {
858 if (!strcmp(version_string, choice[i].name)) {
859 *opt = choice[i].opt_token;
860 return 0;
861 }
862 }
863
864 warning("unknown value given to http.version: '%s'", version_string);
865 return -1; /* not found */
866 }
867
868 #endif
869
870 static CURL *get_curl_handle(void)
871 {
872 CURL *result = curl_easy_init();
873
874 if (!result)
875 die("curl_easy_init failed");
876
877 if (!curl_ssl_verify) {
878 curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 0);
879 curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 0);
880 } else {
881 /* Verify authenticity of the peer's certificate */
882 curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 1);
883 /* The name in the cert must match whom we tried to connect */
884 curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 2);
885 }
886
887 #if LIBCURL_VERSION_NUM >= 0x072f00 // 7.47.0
888 if (curl_http_version) {
889 long opt;
890 if (!get_curl_http_version_opt(curl_http_version, &opt)) {
891 /* Set request use http version */
892 curl_easy_setopt(result, CURLOPT_HTTP_VERSION, opt);
893 }
894 }
895 #endif
896
897 #if LIBCURL_VERSION_NUM >= 0x070907
898 curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
899 #endif
900 #ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
901 curl_easy_setopt(result, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
902 #endif
903
904 #ifdef CURLGSSAPI_DELEGATION_FLAG
905 if (curl_deleg) {
906 int i;
907 for (i = 0; i < ARRAY_SIZE(curl_deleg_levels); i++) {
908 if (!strcmp(curl_deleg, curl_deleg_levels[i].name)) {
909 curl_easy_setopt(result, CURLOPT_GSSAPI_DELEGATION,
910 curl_deleg_levels[i].curl_deleg_param);
911 break;
912 }
913 }
914 if (i == ARRAY_SIZE(curl_deleg_levels))
915 warning("Unknown delegation method '%s': using default",
916 curl_deleg);
917 }
918 #endif
919
920 if (http_ssl_backend && !strcmp("schannel", http_ssl_backend) &&
921 !http_schannel_check_revoke) {
922 #if LIBCURL_VERSION_NUM >= 0x072c00
923 curl_easy_setopt(result, CURLOPT_SSL_OPTIONS, CURLSSLOPT_NO_REVOKE);
924 #else
925 warning(_("CURLSSLOPT_NO_REVOKE not supported with cURL < 7.44.0"));
926 #endif
927 }
928
929 if (http_proactive_auth)
930 init_curl_http_auth(result);
931
932 if (getenv("GIT_SSL_VERSION"))
933 ssl_version = getenv("GIT_SSL_VERSION");
934 if (ssl_version && *ssl_version) {
935 int i;
936 for (i = 0; i < ARRAY_SIZE(sslversions); i++) {
937 if (!strcmp(ssl_version, sslversions[i].name)) {
938 curl_easy_setopt(result, CURLOPT_SSLVERSION,
939 sslversions[i].ssl_version);
940 break;
941 }
942 }
943 if (i == ARRAY_SIZE(sslversions))
944 warning("unsupported ssl version %s: using default",
945 ssl_version);
946 }
947
948 if (getenv("GIT_SSL_CIPHER_LIST"))
949 ssl_cipherlist = getenv("GIT_SSL_CIPHER_LIST");
950 if (ssl_cipherlist != NULL && *ssl_cipherlist)
951 curl_easy_setopt(result, CURLOPT_SSL_CIPHER_LIST,
952 ssl_cipherlist);
953
954 if (ssl_cert != NULL)
955 curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert);
956 if (has_cert_password())
957 curl_easy_setopt(result, CURLOPT_KEYPASSWD, cert_auth.password);
958 #if LIBCURL_VERSION_NUM >= 0x070903
959 if (ssl_key != NULL)
960 curl_easy_setopt(result, CURLOPT_SSLKEY, ssl_key);
961 #endif
962 #if LIBCURL_VERSION_NUM >= 0x070908
963 if (ssl_capath != NULL)
964 curl_easy_setopt(result, CURLOPT_CAPATH, ssl_capath);
965 #endif
966 #if LIBCURL_VERSION_NUM >= 0x072c00
967 if (ssl_pinnedkey != NULL)
968 curl_easy_setopt(result, CURLOPT_PINNEDPUBLICKEY, ssl_pinnedkey);
969 #endif
970 if (http_ssl_backend && !strcmp("schannel", http_ssl_backend) &&
971 !http_schannel_use_ssl_cainfo) {
972 curl_easy_setopt(result, CURLOPT_CAINFO, NULL);
973 #if LIBCURL_VERSION_NUM >= 0x073400
974 curl_easy_setopt(result, CURLOPT_PROXY_CAINFO, NULL);
975 #endif
976 } else if (ssl_cainfo != NULL || http_proxy_ssl_ca_info != NULL) {
977 if (ssl_cainfo != NULL)
978 curl_easy_setopt(result, CURLOPT_CAINFO, ssl_cainfo);
979 #if LIBCURL_VERSION_NUM >= 0x073400
980 if (http_proxy_ssl_ca_info != NULL)
981 curl_easy_setopt(result, CURLOPT_PROXY_CAINFO, http_proxy_ssl_ca_info);
982 #endif
983 }
984
985 if (curl_low_speed_limit > 0 && curl_low_speed_time > 0) {
986 curl_easy_setopt(result, CURLOPT_LOW_SPEED_LIMIT,
987 curl_low_speed_limit);
988 curl_easy_setopt(result, CURLOPT_LOW_SPEED_TIME,
989 curl_low_speed_time);
990 }
991
992 curl_easy_setopt(result, CURLOPT_MAXREDIRS, 20);
993 #if LIBCURL_VERSION_NUM >= 0x071301
994 curl_easy_setopt(result, CURLOPT_POSTREDIR, CURL_REDIR_POST_ALL);
995 #elif LIBCURL_VERSION_NUM >= 0x071101
996 curl_easy_setopt(result, CURLOPT_POST301, 1);
997 #endif
998 #ifdef CURLPROTO_HTTP
999 #if LIBCURL_VERSION_NUM >= 0x075500
1000 {
1001 struct strbuf buf = STRBUF_INIT;
1002
1003 get_curl_allowed_protocols(0, &buf);
1004 curl_easy_setopt(result, CURLOPT_REDIR_PROTOCOLS_STR, buf.buf);
1005 strbuf_reset(&buf);
1006
1007 get_curl_allowed_protocols(-1, &buf);
1008 curl_easy_setopt(result, CURLOPT_PROTOCOLS_STR, buf.buf);
1009 strbuf_release(&buf);
1010 }
1011 #else
1012 curl_easy_setopt(result, CURLOPT_REDIR_PROTOCOLS,
1013 get_curl_allowed_protocols(0, NULL));
1014 curl_easy_setopt(result, CURLOPT_PROTOCOLS,
1015 get_curl_allowed_protocols(-1, NULL));
1016 #endif
1017 #else
1018 warning(_("Protocol restrictions not supported with cURL < 7.19.4"));
1019 #endif
1020 if (getenv("GIT_CURL_VERBOSE"))
1021 http_trace_curl_no_data();
1022 setup_curl_trace(result);
1023 if (getenv("GIT_TRACE_CURL_NO_DATA"))
1024 trace_curl_data = 0;
1025 if (!git_env_bool("GIT_TRACE_REDACT", 1))
1026 trace_curl_redact = 0;
1027
1028 curl_easy_setopt(result, CURLOPT_USERAGENT,
1029 user_agent ? user_agent : git_user_agent());
1030
1031 if (curl_ftp_no_epsv)
1032 curl_easy_setopt(result, CURLOPT_FTP_USE_EPSV, 0);
1033
1034 #ifdef CURLOPT_USE_SSL
1035 if (curl_ssl_try)
1036 curl_easy_setopt(result, CURLOPT_USE_SSL, CURLUSESSL_TRY);
1037 #endif
1038
1039 /*
1040 * CURL also examines these variables as a fallback; but we need to query
1041 * them here in order to decide whether to prompt for missing password (cf.
1042 * init_curl_proxy_auth()).
1043 *
1044 * Unlike many other common environment variables, these are historically
1045 * lowercase only. It appears that CURL did not know this and implemented
1046 * only uppercase variants, which was later corrected to take both - with
1047 * the exception of http_proxy, which is lowercase only also in CURL. As
1048 * the lowercase versions are the historical quasi-standard, they take
1049 * precedence here, as in CURL.
1050 */
1051 if (!curl_http_proxy) {
1052 if (http_auth.protocol && !strcmp(http_auth.protocol, "https")) {
1053 var_override(&curl_http_proxy, getenv("HTTPS_PROXY"));
1054 var_override(&curl_http_proxy, getenv("https_proxy"));
1055 } else {
1056 var_override(&curl_http_proxy, getenv("http_proxy"));
1057 }
1058 if (!curl_http_proxy) {
1059 var_override(&curl_http_proxy, getenv("ALL_PROXY"));
1060 var_override(&curl_http_proxy, getenv("all_proxy"));
1061 }
1062 }
1063
1064 if (curl_http_proxy && curl_http_proxy[0] == '\0') {
1065 /*
1066 * Handle case with the empty http.proxy value here to keep
1067 * common code clean.
1068 * NB: empty option disables proxying at all.
1069 */
1070 curl_easy_setopt(result, CURLOPT_PROXY, "");
1071 } else if (curl_http_proxy) {
1072 #if LIBCURL_VERSION_NUM >= 0x071800
1073 if (starts_with(curl_http_proxy, "socks5h"))
1074 curl_easy_setopt(result,
1075 CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5_HOSTNAME);
1076 else if (starts_with(curl_http_proxy, "socks5"))
1077 curl_easy_setopt(result,
1078 CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
1079 else if (starts_with(curl_http_proxy, "socks4a"))
1080 curl_easy_setopt(result,
1081 CURLOPT_PROXYTYPE, CURLPROXY_SOCKS4A);
1082 else if (starts_with(curl_http_proxy, "socks"))
1083 curl_easy_setopt(result,
1084 CURLOPT_PROXYTYPE, CURLPROXY_SOCKS4);
1085 #endif
1086 #if LIBCURL_VERSION_NUM >= 0x073400
1087 else if (starts_with(curl_http_proxy, "https")) {
1088 curl_easy_setopt(result, CURLOPT_PROXYTYPE, CURLPROXY_HTTPS);
1089
1090 if (http_proxy_ssl_cert)
1091 curl_easy_setopt(result, CURLOPT_PROXY_SSLCERT, http_proxy_ssl_cert);
1092
1093 if (http_proxy_ssl_key)
1094 curl_easy_setopt(result, CURLOPT_PROXY_SSLKEY, http_proxy_ssl_key);
1095
1096 if (has_proxy_cert_password())
1097 curl_easy_setopt(result, CURLOPT_PROXY_KEYPASSWD, proxy_cert_auth.password);
1098 }
1099 #endif
1100 if (strstr(curl_http_proxy, "://"))
1101 credential_from_url(&proxy_auth, curl_http_proxy);
1102 else {
1103 struct strbuf url = STRBUF_INIT;
1104 strbuf_addf(&url, "http://%s", curl_http_proxy);
1105 credential_from_url(&proxy_auth, url.buf);
1106 strbuf_release(&url);
1107 }
1108
1109 if (!proxy_auth.host)
1110 die("Invalid proxy URL '%s'", curl_http_proxy);
1111
1112 curl_easy_setopt(result, CURLOPT_PROXY, proxy_auth.host);
1113 #if LIBCURL_VERSION_NUM >= 0x071304
1114 var_override(&curl_no_proxy, getenv("NO_PROXY"));
1115 var_override(&curl_no_proxy, getenv("no_proxy"));
1116 curl_easy_setopt(result, CURLOPT_NOPROXY, curl_no_proxy);
1117 #endif
1118 }
1119 init_curl_proxy_auth(result);
1120
1121 set_curl_keepalive(result);
1122
1123 return result;
1124 }
1125
1126 static void set_from_env(const char **var, const char *envname)
1127 {
1128 const char *val = getenv(envname);
1129 if (val)
1130 *var = val;
1131 }
1132
1133 void http_init(struct remote *remote, const char *url, int proactive_auth)
1134 {
1135 char *low_speed_limit;
1136 char *low_speed_time;
1137 char *normalized_url;
1138 struct urlmatch_config config = { STRING_LIST_INIT_DUP };
1139
1140 config.section = "http";
1141 config.key = NULL;
1142 config.collect_fn = http_options;
1143 config.cascade_fn = git_default_config;
1144 config.cb = NULL;
1145
1146 http_is_verbose = 0;
1147 normalized_url = url_normalize(url, &config.url);
1148
1149 git_config(urlmatch_config_entry, &config);
1150 free(normalized_url);
1151 string_list_clear(&config.vars, 1);
1152
1153 #if LIBCURL_VERSION_NUM >= 0x073800
1154 if (http_ssl_backend) {
1155 const curl_ssl_backend **backends;
1156 struct strbuf buf = STRBUF_INIT;
1157 int i;
1158
1159 switch (curl_global_sslset(-1, http_ssl_backend, &backends)) {
1160 case CURLSSLSET_UNKNOWN_BACKEND:
1161 strbuf_addf(&buf, _("Unsupported SSL backend '%s'. "
1162 "Supported SSL backends:"),
1163 http_ssl_backend);
1164 for (i = 0; backends[i]; i++)
1165 strbuf_addf(&buf, "\n\t%s", backends[i]->name);
1166 die("%s", buf.buf);
1167 case CURLSSLSET_NO_BACKENDS:
1168 die(_("Could not set SSL backend to '%s': "
1169 "cURL was built without SSL backends"),
1170 http_ssl_backend);
1171 case CURLSSLSET_TOO_LATE:
1172 die(_("Could not set SSL backend to '%s': already set"),
1173 http_ssl_backend);
1174 case CURLSSLSET_OK:
1175 break; /* Okay! */
1176 }
1177 }
1178 #endif
1179
1180 if (curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK)
1181 die("curl_global_init failed");
1182
1183 http_proactive_auth = proactive_auth;
1184
1185 if (remote && remote->http_proxy)
1186 curl_http_proxy = xstrdup(remote->http_proxy);
1187
1188 if (remote)
1189 var_override(&http_proxy_authmethod, remote->http_proxy_authmethod);
1190
1191 pragma_header = curl_slist_append(http_copy_default_headers(),
1192 "Pragma: no-cache");
1193 no_pragma_header = curl_slist_append(http_copy_default_headers(),
1194 "Pragma:");
1195
1196 #ifdef USE_CURL_MULTI
1197 {
1198 char *http_max_requests = getenv("GIT_HTTP_MAX_REQUESTS");
1199 if (http_max_requests != NULL)
1200 max_requests = atoi(http_max_requests);
1201 }
1202
1203 curlm = curl_multi_init();
1204 if (!curlm)
1205 die("curl_multi_init failed");
1206 #endif
1207
1208 if (getenv("GIT_SSL_NO_VERIFY"))
1209 curl_ssl_verify = 0;
1210
1211 set_from_env(&ssl_cert, "GIT_SSL_CERT");
1212 #if LIBCURL_VERSION_NUM >= 0x070903
1213 set_from_env(&ssl_key, "GIT_SSL_KEY");
1214 #endif
1215 #if LIBCURL_VERSION_NUM >= 0x070908
1216 set_from_env(&ssl_capath, "GIT_SSL_CAPATH");
1217 #endif
1218 set_from_env(&ssl_cainfo, "GIT_SSL_CAINFO");
1219
1220 set_from_env(&user_agent, "GIT_HTTP_USER_AGENT");
1221
1222 low_speed_limit = getenv("GIT_HTTP_LOW_SPEED_LIMIT");
1223 if (low_speed_limit != NULL)
1224 curl_low_speed_limit = strtol(low_speed_limit, NULL, 10);
1225 low_speed_time = getenv("GIT_HTTP_LOW_SPEED_TIME");
1226 if (low_speed_time != NULL)
1227 curl_low_speed_time = strtol(low_speed_time, NULL, 10);
1228
1229 if (curl_ssl_verify == -1)
1230 curl_ssl_verify = 1;
1231
1232 curl_session_count = 0;
1233 #ifdef USE_CURL_MULTI
1234 if (max_requests < 1)
1235 max_requests = DEFAULT_MAX_REQUESTS;
1236 #endif
1237
1238 set_from_env(&http_proxy_ssl_cert, "GIT_PROXY_SSL_CERT");
1239 set_from_env(&http_proxy_ssl_key, "GIT_PROXY_SSL_KEY");
1240 set_from_env(&http_proxy_ssl_ca_info, "GIT_PROXY_SSL_CAINFO");
1241
1242 if (getenv("GIT_PROXY_SSL_CERT_PASSWORD_PROTECTED"))
1243 proxy_ssl_cert_password_required = 1;
1244
1245 if (getenv("GIT_CURL_FTP_NO_EPSV"))
1246 curl_ftp_no_epsv = 1;
1247
1248 if (url) {
1249 credential_from_url(&http_auth, url);
1250 if (!ssl_cert_password_required &&
1251 getenv("GIT_SSL_CERT_PASSWORD_PROTECTED") &&
1252 starts_with(url, "https://"))
1253 ssl_cert_password_required = 1;
1254 }
1255
1256 #ifndef NO_CURL_EASY_DUPHANDLE
1257 curl_default = get_curl_handle();
1258 #endif
1259 }
1260
1261 void http_cleanup(void)
1262 {
1263 struct active_request_slot *slot = active_queue_head;
1264
1265 while (slot != NULL) {
1266 struct active_request_slot *next = slot->next;
1267 if (slot->curl != NULL) {
1268 xmulti_remove_handle(slot);
1269 curl_easy_cleanup(slot->curl);
1270 }
1271 free(slot);
1272 slot = next;
1273 }
1274 active_queue_head = NULL;
1275
1276 #ifndef NO_CURL_EASY_DUPHANDLE
1277 curl_easy_cleanup(curl_default);
1278 #endif
1279
1280 #ifdef USE_CURL_MULTI
1281 curl_multi_cleanup(curlm);
1282 #endif
1283 curl_global_cleanup();
1284
1285 string_list_clear(&extra_http_headers, 0);
1286
1287 curl_slist_free_all(pragma_header);
1288 pragma_header = NULL;
1289
1290 curl_slist_free_all(no_pragma_header);
1291 no_pragma_header = NULL;
1292
1293 if (curl_http_proxy) {
1294 free((void *)curl_http_proxy);
1295 curl_http_proxy = NULL;
1296 }
1297
1298 if (proxy_auth.password) {
1299 memset(proxy_auth.password, 0, strlen(proxy_auth.password));
1300 FREE_AND_NULL(proxy_auth.password);
1301 }
1302
1303 free((void *)curl_proxyuserpwd);
1304 curl_proxyuserpwd = NULL;
1305
1306 free((void *)http_proxy_authmethod);
1307 http_proxy_authmethod = NULL;
1308
1309 if (cert_auth.password != NULL) {
1310 memset(cert_auth.password, 0, strlen(cert_auth.password));
1311 FREE_AND_NULL(cert_auth.password);
1312 }
1313 ssl_cert_password_required = 0;
1314
1315 if (proxy_cert_auth.password != NULL) {
1316 memset(proxy_cert_auth.password, 0, strlen(proxy_cert_auth.password));
1317 FREE_AND_NULL(proxy_cert_auth.password);
1318 }
1319 proxy_ssl_cert_password_required = 0;
1320
1321 FREE_AND_NULL(cached_accept_language);
1322 }
1323
1324 struct active_request_slot *get_active_slot(void)
1325 {
1326 struct active_request_slot *slot = active_queue_head;
1327 struct active_request_slot *newslot;
1328
1329 #ifdef USE_CURL_MULTI
1330 int num_transfers;
1331
1332 /* Wait for a slot to open up if the queue is full */
1333 while (active_requests >= max_requests) {
1334 curl_multi_perform(curlm, &num_transfers);
1335 if (num_transfers < active_requests)
1336 process_curl_messages();
1337 }
1338 #endif
1339
1340 while (slot != NULL && slot->in_use)
1341 slot = slot->next;
1342
1343 if (slot == NULL) {
1344 newslot = xmalloc(sizeof(*newslot));
1345 newslot->curl = NULL;
1346 newslot->in_use = 0;
1347 newslot->next = NULL;
1348
1349 slot = active_queue_head;
1350 if (slot == NULL) {
1351 active_queue_head = newslot;
1352 } else {
1353 while (slot->next != NULL)
1354 slot = slot->next;
1355 slot->next = newslot;
1356 }
1357 slot = newslot;
1358 }
1359
1360 if (slot->curl == NULL) {
1361 #ifdef NO_CURL_EASY_DUPHANDLE
1362 slot->curl = get_curl_handle();
1363 #else
1364 slot->curl = curl_easy_duphandle(curl_default);
1365 #endif
1366 curl_session_count++;
1367 }
1368
1369 active_requests++;
1370 slot->in_use = 1;
1371 slot->results = NULL;
1372 slot->finished = NULL;
1373 slot->callback_data = NULL;
1374 slot->callback_func = NULL;
1375 curl_easy_setopt(slot->curl, CURLOPT_COOKIEFILE, curl_cookie_file);
1376 if (curl_save_cookies)
1377 curl_easy_setopt(slot->curl, CURLOPT_COOKIEJAR, curl_cookie_file);
1378 curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, pragma_header);
1379 curl_easy_setopt(slot->curl, CURLOPT_ERRORBUFFER, curl_errorstr);
1380 curl_easy_setopt(slot->curl, CURLOPT_CUSTOMREQUEST, NULL);
1381 curl_easy_setopt(slot->curl, CURLOPT_READFUNCTION, NULL);
1382 curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION, NULL);
1383 curl_easy_setopt(slot->curl, CURLOPT_POSTFIELDS, NULL);
1384 curl_easy_setopt(slot->curl, CURLOPT_UPLOAD, 0);
1385 curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
1386 curl_easy_setopt(slot->curl, CURLOPT_FAILONERROR, 1);
1387 curl_easy_setopt(slot->curl, CURLOPT_RANGE, NULL);
1388
1389 /*
1390 * Default following to off unless "ALWAYS" is configured; this gives
1391 * callers a sane starting point, and they can tweak for individual
1392 * HTTP_FOLLOW_* cases themselves.
1393 */
1394 if (http_follow_config == HTTP_FOLLOW_ALWAYS)
1395 curl_easy_setopt(slot->curl, CURLOPT_FOLLOWLOCATION, 1);
1396 else
1397 curl_easy_setopt(slot->curl, CURLOPT_FOLLOWLOCATION, 0);
1398
1399 #if LIBCURL_VERSION_NUM >= 0x070a08
1400 curl_easy_setopt(slot->curl, CURLOPT_IPRESOLVE, git_curl_ipresolve);
1401 #endif
1402 #ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
1403 curl_easy_setopt(slot->curl, CURLOPT_HTTPAUTH, http_auth_methods);
1404 #endif
1405 if (http_auth.password || curl_empty_auth_enabled())
1406 init_curl_http_auth(slot->curl);
1407
1408 return slot;
1409 }
1410
1411 int start_active_slot(struct active_request_slot *slot)
1412 {
1413 #ifdef USE_CURL_MULTI
1414 CURLMcode curlm_result = curl_multi_add_handle(curlm, slot->curl);
1415 int num_transfers;
1416
1417 if (curlm_result != CURLM_OK &&
1418 curlm_result != CURLM_CALL_MULTI_PERFORM) {
1419 warning("curl_multi_add_handle failed: %s",
1420 curl_multi_strerror(curlm_result));
1421 active_requests--;
1422 slot->in_use = 0;
1423 return 0;
1424 }
1425
1426 /*
1427 * We know there must be something to do, since we just added
1428 * something.
1429 */
1430 curl_multi_perform(curlm, &num_transfers);
1431 #endif
1432 return 1;
1433 }
1434
1435 #ifdef USE_CURL_MULTI
1436 struct fill_chain {
1437 void *data;
1438 int (*fill)(void *);
1439 struct fill_chain *next;
1440 };
1441
1442 static struct fill_chain *fill_cfg;
1443
1444 void add_fill_function(void *data, int (*fill)(void *))
1445 {
1446 struct fill_chain *new_fill = xmalloc(sizeof(*new_fill));
1447 struct fill_chain **linkp = &fill_cfg;
1448 new_fill->data = data;
1449 new_fill->fill = fill;
1450 new_fill->next = NULL;
1451 while (*linkp)
1452 linkp = &(*linkp)->next;
1453 *linkp = new_fill;
1454 }
1455
1456 void fill_active_slots(void)
1457 {
1458 struct active_request_slot *slot = active_queue_head;
1459
1460 while (active_requests < max_requests) {
1461 struct fill_chain *fill;
1462 for (fill = fill_cfg; fill; fill = fill->next)
1463 if (fill->fill(fill->data))
1464 break;
1465
1466 if (!fill)
1467 break;
1468 }
1469
1470 while (slot != NULL) {
1471 if (!slot->in_use && slot->curl != NULL
1472 && curl_session_count > min_curl_sessions) {
1473 curl_easy_cleanup(slot->curl);
1474 slot->curl = NULL;
1475 curl_session_count--;
1476 }
1477 slot = slot->next;
1478 }
1479 }
1480
1481 void step_active_slots(void)
1482 {
1483 int num_transfers;
1484 CURLMcode curlm_result;
1485
1486 do {
1487 curlm_result = curl_multi_perform(curlm, &num_transfers);
1488 } while (curlm_result == CURLM_CALL_MULTI_PERFORM);
1489 if (num_transfers < active_requests) {
1490 process_curl_messages();
1491 fill_active_slots();
1492 }
1493 }
1494 #endif
1495
1496 void run_active_slot(struct active_request_slot *slot)
1497 {
1498 #ifdef USE_CURL_MULTI
1499 fd_set readfds;
1500 fd_set writefds;
1501 fd_set excfds;
1502 int max_fd;
1503 struct timeval select_timeout;
1504 int finished = 0;
1505
1506 slot->finished = &finished;
1507 while (!finished) {
1508 step_active_slots();
1509
1510 if (slot->in_use) {
1511 #if LIBCURL_VERSION_NUM >= 0x070f04
1512 long curl_timeout;
1513 curl_multi_timeout(curlm, &curl_timeout);
1514 if (curl_timeout == 0) {
1515 continue;
1516 } else if (curl_timeout == -1) {
1517 select_timeout.tv_sec = 0;
1518 select_timeout.tv_usec = 50000;
1519 } else {
1520 select_timeout.tv_sec = curl_timeout / 1000;
1521 select_timeout.tv_usec = (curl_timeout % 1000) * 1000;
1522 }
1523 #else
1524 select_timeout.tv_sec = 0;
1525 select_timeout.tv_usec = 50000;
1526 #endif
1527
1528 max_fd = -1;
1529 FD_ZERO(&readfds);
1530 FD_ZERO(&writefds);
1531 FD_ZERO(&excfds);
1532 curl_multi_fdset(curlm, &readfds, &writefds, &excfds, &max_fd);
1533
1534 /*
1535 * It can happen that curl_multi_timeout returns a pathologically
1536 * long timeout when curl_multi_fdset returns no file descriptors
1537 * to read. See commit message for more details.
1538 */
1539 if (max_fd < 0 &&
1540 (select_timeout.tv_sec > 0 ||
1541 select_timeout.tv_usec > 50000)) {
1542 select_timeout.tv_sec = 0;
1543 select_timeout.tv_usec = 50000;
1544 }
1545
1546 select(max_fd+1, &readfds, &writefds, &excfds, &select_timeout);
1547 }
1548 }
1549 #else
1550 while (slot->in_use) {
1551 slot->curl_result = curl_easy_perform(slot->curl);
1552 finish_active_slot(slot);
1553 }
1554 #endif
1555
1556 /*
1557 * The value of slot->finished we set before the loop was used
1558 * to set our "finished" variable when our request completed.
1559 *
1560 * 1. The slot may not have been reused for another requst
1561 * yet, in which case it still has &finished.
1562 *
1563 * 2. The slot may already be in-use to serve another request,
1564 * which can further be divided into two cases:
1565 *
1566 * (a) If call run_active_slot() hasn't been called for that
1567 * other request, slot->finished would have been cleared
1568 * by get_active_slot() and has NULL.
1569 *
1570 * (b) If the request did call run_active_slot(), then the
1571 * call would have updated slot->finished at the beginning
1572 * of this function, and with the clearing of the member
1573 * below, we would find that slot->finished is now NULL.
1574 *
1575 * In all cases, slot->finished has no useful information to
1576 * anybody at this point. Some compilers warn us for
1577 * attempting to smuggle a pointer that is about to become
1578 * invalid, i.e. &finished. We clear it here to assure them.
1579 */
1580 slot->finished = NULL;
1581 }
1582
1583 static void release_active_slot(struct active_request_slot *slot)
1584 {
1585 closedown_active_slot(slot);
1586 if (slot->curl) {
1587 xmulti_remove_handle(slot);
1588 if (curl_session_count > min_curl_sessions) {
1589 curl_easy_cleanup(slot->curl);
1590 slot->curl = NULL;
1591 curl_session_count--;
1592 }
1593 }
1594 #ifdef USE_CURL_MULTI
1595 fill_active_slots();
1596 #endif
1597 }
1598
1599 void finish_all_active_slots(void)
1600 {
1601 struct active_request_slot *slot = active_queue_head;
1602
1603 while (slot != NULL)
1604 if (slot->in_use) {
1605 run_active_slot(slot);
1606 slot = active_queue_head;
1607 } else {
1608 slot = slot->next;
1609 }
1610 }
1611
1612 /* Helpers for modifying and creating URLs */
1613 static inline int needs_quote(int ch)
1614 {
1615 if (((ch >= 'A') && (ch <= 'Z'))
1616 || ((ch >= 'a') && (ch <= 'z'))
1617 || ((ch >= '0') && (ch <= '9'))
1618 || (ch == '/')
1619 || (ch == '-')
1620 || (ch == '.'))
1621 return 0;
1622 return 1;
1623 }
1624
1625 static char *quote_ref_url(const char *base, const char *ref)
1626 {
1627 struct strbuf buf = STRBUF_INIT;
1628 const char *cp;
1629 int ch;
1630
1631 end_url_with_slash(&buf, base);
1632
1633 for (cp = ref; (ch = *cp) != 0; cp++)
1634 if (needs_quote(ch))
1635 strbuf_addf(&buf, "%%%02x", ch);
1636 else
1637 strbuf_addch(&buf, *cp);
1638
1639 return strbuf_detach(&buf, NULL);
1640 }
1641
1642 void append_remote_object_url(struct strbuf *buf, const char *url,
1643 const char *hex,
1644 int only_two_digit_prefix)
1645 {
1646 end_url_with_slash(buf, url);
1647
1648 strbuf_addf(buf, "objects/%.*s/", 2, hex);
1649 if (!only_two_digit_prefix)
1650 strbuf_addstr(buf, hex + 2);
1651 }
1652
1653 char *get_remote_object_url(const char *url, const char *hex,
1654 int only_two_digit_prefix)
1655 {
1656 struct strbuf buf = STRBUF_INIT;
1657 append_remote_object_url(&buf, url, hex, only_two_digit_prefix);
1658 return strbuf_detach(&buf, NULL);
1659 }
1660
1661 void normalize_curl_result(CURLcode *result, long http_code,
1662 char *errorstr, size_t errorlen)
1663 {
1664 /*
1665 * If we see a failing http code with CURLE_OK, we have turned off
1666 * FAILONERROR (to keep the server's custom error response), and should
1667 * translate the code into failure here.
1668 *
1669 * Likewise, if we see a redirect (30x code), that means we turned off
1670 * redirect-following, and we should treat the result as an error.
1671 */
1672 if (*result == CURLE_OK && http_code >= 300) {
1673 *result = CURLE_HTTP_RETURNED_ERROR;
1674 /*
1675 * Normally curl will already have put the "reason phrase"
1676 * from the server into curl_errorstr; unfortunately without
1677 * FAILONERROR it is lost, so we can give only the numeric
1678 * status code.
1679 */
1680 xsnprintf(errorstr, errorlen,
1681 "The requested URL returned error: %ld",
1682 http_code);
1683 }
1684 }
1685
1686 static int handle_curl_result(struct slot_results *results)
1687 {
1688 normalize_curl_result(&results->curl_result, results->http_code,
1689 curl_errorstr, sizeof(curl_errorstr));
1690
1691 if (results->curl_result == CURLE_OK) {
1692 credential_approve(&http_auth);
1693 if (proxy_auth.password)
1694 credential_approve(&proxy_auth);
1695 return HTTP_OK;
1696 } else if (missing_target(results))
1697 return HTTP_MISSING_TARGET;
1698 else if (results->http_code == 401) {
1699 if (http_auth.username && http_auth.password) {
1700 credential_reject(&http_auth);
1701 return HTTP_NOAUTH;
1702 } else {
1703 #ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
1704 http_auth_methods &= ~CURLAUTH_GSSNEGOTIATE;
1705 if (results->auth_avail) {
1706 http_auth_methods &= results->auth_avail;
1707 http_auth_methods_restricted = 1;
1708 }
1709 #endif
1710 return HTTP_REAUTH;
1711 }
1712 } else {
1713 if (results->http_connectcode == 407)
1714 credential_reject(&proxy_auth);
1715 #if LIBCURL_VERSION_NUM >= 0x070c00
1716 if (!curl_errorstr[0])
1717 strlcpy(curl_errorstr,
1718 curl_easy_strerror(results->curl_result),
1719 sizeof(curl_errorstr));
1720 #endif
1721 return HTTP_ERROR;
1722 }
1723 }
1724
1725 int run_one_slot(struct active_request_slot *slot,
1726 struct slot_results *results)
1727 {
1728 slot->results = results;
1729 if (!start_active_slot(slot)) {
1730 xsnprintf(curl_errorstr, sizeof(curl_errorstr),
1731 "failed to start HTTP request");
1732 return HTTP_START_FAILED;
1733 }
1734
1735 run_active_slot(slot);
1736 return handle_curl_result(results);
1737 }
1738
1739 struct curl_slist *http_copy_default_headers(void)
1740 {
1741 struct curl_slist *headers = NULL;
1742 const struct string_list_item *item;
1743
1744 for_each_string_list_item(item, &extra_http_headers)
1745 headers = curl_slist_append(headers, item->string);
1746
1747 return headers;
1748 }
1749
1750 static CURLcode curlinfo_strbuf(CURL *curl, CURLINFO info, struct strbuf *buf)
1751 {
1752 char *ptr;
1753 CURLcode ret;
1754
1755 strbuf_reset(buf);
1756 ret = curl_easy_getinfo(curl, info, &ptr);
1757 if (!ret && ptr)
1758 strbuf_addstr(buf, ptr);
1759 return ret;
1760 }
1761
1762 /*
1763 * Check for and extract a content-type parameter. "raw"
1764 * should be positioned at the start of the potential
1765 * parameter, with any whitespace already removed.
1766 *
1767 * "name" is the name of the parameter. The value is appended
1768 * to "out".
1769 */
1770 static int extract_param(const char *raw, const char *name,
1771 struct strbuf *out)
1772 {
1773 size_t len = strlen(name);
1774
1775 if (strncasecmp(raw, name, len))
1776 return -1;
1777 raw += len;
1778
1779 if (*raw != '=')
1780 return -1;
1781 raw++;
1782
1783 while (*raw && !isspace(*raw) && *raw != ';')
1784 strbuf_addch(out, *raw++);
1785 return 0;
1786 }
1787
1788 /*
1789 * Extract a normalized version of the content type, with any
1790 * spaces suppressed, all letters lowercased, and no trailing ";"
1791 * or parameters.
1792 *
1793 * Note that we will silently remove even invalid whitespace. For
1794 * example, "text / plain" is specifically forbidden by RFC 2616,
1795 * but "text/plain" is the only reasonable output, and this keeps
1796 * our code simple.
1797 *
1798 * If the "charset" argument is not NULL, store the value of any
1799 * charset parameter there.
1800 *
1801 * Example:
1802 * "TEXT/PLAIN; charset=utf-8" -> "text/plain", "utf-8"
1803 * "text / plain" -> "text/plain"
1804 */
1805 static void extract_content_type(struct strbuf *raw, struct strbuf *type,
1806 struct strbuf *charset)
1807 {
1808 const char *p;
1809
1810 strbuf_reset(type);
1811 strbuf_grow(type, raw->len);
1812 for (p = raw->buf; *p; p++) {
1813 if (isspace(*p))
1814 continue;
1815 if (*p == ';') {
1816 p++;
1817 break;
1818 }
1819 strbuf_addch(type, tolower(*p));
1820 }
1821
1822 if (!charset)
1823 return;
1824
1825 strbuf_reset(charset);
1826 while (*p) {
1827 while (isspace(*p) || *p == ';')
1828 p++;
1829 if (!extract_param(p, "charset", charset))
1830 return;
1831 while (*p && !isspace(*p))
1832 p++;
1833 }
1834
1835 if (!charset->len && starts_with(type->buf, "text/"))
1836 strbuf_addstr(charset, "ISO-8859-1");
1837 }
1838
1839 static void write_accept_language(struct strbuf *buf)
1840 {
1841 /*
1842 * MAX_DECIMAL_PLACES must not be larger than 3. If it is larger than
1843 * that, q-value will be smaller than 0.001, the minimum q-value the
1844 * HTTP specification allows. See
1845 * http://tools.ietf.org/html/rfc7231#section-5.3.1 for q-value.
1846 */
1847 const int MAX_DECIMAL_PLACES = 3;
1848 const int MAX_LANGUAGE_TAGS = 1000;
1849 const int MAX_ACCEPT_LANGUAGE_HEADER_SIZE = 4000;
1850 char **language_tags = NULL;
1851 int num_langs = 0;
1852 const char *s = get_preferred_languages();
1853 int i;
1854 struct strbuf tag = STRBUF_INIT;
1855
1856 /* Don't add Accept-Language header if no language is preferred. */
1857 if (!s)
1858 return;
1859
1860 /*
1861 * Split the colon-separated string of preferred languages into
1862 * language_tags array.
1863 */
1864 do {
1865 /* collect language tag */
1866 for (; *s && (isalnum(*s) || *s == '_'); s++)
1867 strbuf_addch(&tag, *s == '_' ? '-' : *s);
1868
1869 /* skip .codeset, @modifier and any other unnecessary parts */
1870 while (*s && *s != ':')
1871 s++;
1872
1873 if (tag.len) {
1874 num_langs++;
1875 REALLOC_ARRAY(language_tags, num_langs);
1876 language_tags[num_langs - 1] = strbuf_detach(&tag, NULL);
1877 if (num_langs >= MAX_LANGUAGE_TAGS - 1) /* -1 for '*' */
1878 break;
1879 }
1880 } while (*s++);
1881
1882 /* write Accept-Language header into buf */
1883 if (num_langs) {
1884 int last_buf_len = 0;
1885 int max_q;
1886 int decimal_places;
1887 char q_format[32];
1888
1889 /* add '*' */
1890 REALLOC_ARRAY(language_tags, num_langs + 1);
1891 language_tags[num_langs++] = "*"; /* it's OK; this won't be freed */
1892
1893 /* compute decimal_places */
1894 for (max_q = 1, decimal_places = 0;
1895 max_q < num_langs && decimal_places <= MAX_DECIMAL_PLACES;
1896 decimal_places++, max_q *= 10)
1897 ;
1898
1899 xsnprintf(q_format, sizeof(q_format), ";q=0.%%0%dd", decimal_places);
1900
1901 strbuf_addstr(buf, "Accept-Language: ");
1902
1903 for (i = 0; i < num_langs; i++) {
1904 if (i > 0)
1905 strbuf_addstr(buf, ", ");
1906
1907 strbuf_addstr(buf, language_tags[i]);
1908
1909 if (i > 0)
1910 strbuf_addf(buf, q_format, max_q - i);
1911
1912 if (buf->len > MAX_ACCEPT_LANGUAGE_HEADER_SIZE) {
1913 strbuf_remove(buf, last_buf_len, buf->len - last_buf_len);
1914 break;
1915 }
1916
1917 last_buf_len = buf->len;
1918 }
1919 }
1920
1921 /* free language tags -- last one is a static '*' */
1922 for (i = 0; i < num_langs - 1; i++)
1923 free(language_tags[i]);
1924 free(language_tags);
1925 }
1926
1927 /*
1928 * Get an Accept-Language header which indicates user's preferred languages.
1929 *
1930 * Examples:
1931 * LANGUAGE= -> ""
1932 * LANGUAGE=ko:en -> "Accept-Language: ko, en; q=0.9, *; q=0.1"
1933 * LANGUAGE=ko_KR.UTF-8:sr@latin -> "Accept-Language: ko-KR, sr; q=0.9, *; q=0.1"
1934 * LANGUAGE=ko LANG=en_US.UTF-8 -> "Accept-Language: ko, *; q=0.1"
1935 * LANGUAGE= LANG=en_US.UTF-8 -> "Accept-Language: en-US, *; q=0.1"
1936 * LANGUAGE= LANG=C -> ""
1937 */
1938 static const char *get_accept_language(void)
1939 {
1940 if (!cached_accept_language) {
1941 struct strbuf buf = STRBUF_INIT;
1942 write_accept_language(&buf);
1943 if (buf.len > 0)
1944 cached_accept_language = strbuf_detach(&buf, NULL);
1945 }
1946
1947 return cached_accept_language;
1948 }
1949
1950 static void http_opt_request_remainder(CURL *curl, off_t pos)
1951 {
1952 char buf[128];
1953 xsnprintf(buf, sizeof(buf), "%"PRIuMAX"-", (uintmax_t)pos);
1954 curl_easy_setopt(curl, CURLOPT_RANGE, buf);
1955 }
1956
1957 /* http_request() targets */
1958 #define HTTP_REQUEST_STRBUF 0
1959 #define HTTP_REQUEST_FILE 1
1960
1961 static int http_request(const char *url,
1962 void *result, int target,
1963 const struct http_get_options *options)
1964 {
1965 struct active_request_slot *slot;
1966 struct slot_results results;
1967 struct curl_slist *headers = http_copy_default_headers();
1968 struct strbuf buf = STRBUF_INIT;
1969 const char *accept_language;
1970 int ret;
1971
1972 slot = get_active_slot();
1973 curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
1974
1975 if (result == NULL) {
1976 curl_easy_setopt(slot->curl, CURLOPT_NOBODY, 1);
1977 } else {
1978 curl_easy_setopt(slot->curl, CURLOPT_NOBODY, 0);
1979 curl_easy_setopt(slot->curl, CURLOPT_FILE, result);
1980
1981 if (target == HTTP_REQUEST_FILE) {
1982 off_t posn = ftello(result);
1983 curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
1984 fwrite);
1985 if (posn > 0)
1986 http_opt_request_remainder(slot->curl, posn);
1987 } else
1988 curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
1989 fwrite_buffer);
1990 }
1991
1992 accept_language = get_accept_language();
1993
1994 if (accept_language)
1995 headers = curl_slist_append(headers, accept_language);
1996
1997 strbuf_addstr(&buf, "Pragma:");
1998 if (options && options->no_cache)
1999 strbuf_addstr(&buf, " no-cache");
2000 if (options && options->initial_request &&
2001 http_follow_config == HTTP_FOLLOW_INITIAL)
2002 curl_easy_setopt(slot->curl, CURLOPT_FOLLOWLOCATION, 1);
2003
2004 headers = curl_slist_append(headers, buf.buf);
2005
2006 /* Add additional headers here */
2007 if (options && options->extra_headers) {
2008 const struct string_list_item *item;
2009 for_each_string_list_item(item, options->extra_headers) {
2010 headers = curl_slist_append(headers, item->string);
2011 }
2012 }
2013
2014 curl_easy_setopt(slot->curl, CURLOPT_URL, url);
2015 curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, headers);
2016 curl_easy_setopt(slot->curl, CURLOPT_ENCODING, "");
2017 curl_easy_setopt(slot->curl, CURLOPT_FAILONERROR, 0);
2018
2019 ret = run_one_slot(slot, &results);
2020
2021 if (options && options->content_type) {
2022 struct strbuf raw = STRBUF_INIT;
2023 curlinfo_strbuf(slot->curl, CURLINFO_CONTENT_TYPE, &raw);
2024 extract_content_type(&raw, options->content_type,
2025 options->charset);
2026 strbuf_release(&raw);
2027 }
2028
2029 if (options && options->effective_url)
2030 curlinfo_strbuf(slot->curl, CURLINFO_EFFECTIVE_URL,
2031 options->effective_url);
2032
2033 curl_slist_free_all(headers);
2034 strbuf_release(&buf);
2035
2036 return ret;
2037 }
2038
2039 /*
2040 * Update the "base" url to a more appropriate value, as deduced by
2041 * redirects seen when requesting a URL starting with "url".
2042 *
2043 * The "asked" parameter is a URL that we asked curl to access, and must begin
2044 * with "base".
2045 *
2046 * The "got" parameter is the URL that curl reported to us as where we ended
2047 * up.
2048 *
2049 * Returns 1 if we updated the base url, 0 otherwise.
2050 *
2051 * Our basic strategy is to compare "base" and "asked" to find the bits
2052 * specific to our request. We then strip those bits off of "got" to yield the
2053 * new base. So for example, if our base is "http://example.com/foo.git",
2054 * and we ask for "http://example.com/foo.git/info/refs", we might end up
2055 * with "https://other.example.com/foo.git/info/refs". We would want the
2056 * new URL to become "https://other.example.com/foo.git".
2057 *
2058 * Note that this assumes a sane redirect scheme. It's entirely possible
2059 * in the example above to end up at a URL that does not even end in
2060 * "info/refs". In such a case we die. There's not much we can do, such a
2061 * scheme is unlikely to represent a real git repository, and failing to
2062 * rewrite the base opens options for malicious redirects to do funny things.
2063 */
2064 static int update_url_from_redirect(struct strbuf *base,
2065 const char *asked,
2066 const struct strbuf *got)
2067 {
2068 const char *tail;
2069 size_t new_len;
2070
2071 if (!strcmp(asked, got->buf))
2072 return 0;
2073
2074 if (!skip_prefix(asked, base->buf, &tail))
2075 BUG("update_url_from_redirect: %s is not a superset of %s",
2076 asked, base->buf);
2077
2078 new_len = got->len;
2079 if (!strip_suffix_mem(got->buf, &new_len, tail))
2080 die(_("unable to update url base from redirection:\n"
2081 " asked for: %s\n"
2082 " redirect: %s"),
2083 asked, got->buf);
2084
2085 strbuf_reset(base);
2086 strbuf_add(base, got->buf, new_len);
2087
2088 return 1;
2089 }
2090
2091 static int http_request_reauth(const char *url,
2092 void *result, int target,
2093 struct http_get_options *options)
2094 {
2095 int ret = http_request(url, result, target, options);
2096
2097 if (ret != HTTP_OK && ret != HTTP_REAUTH)
2098 return ret;
2099
2100 if (options && options->effective_url && options->base_url) {
2101 if (update_url_from_redirect(options->base_url,
2102 url, options->effective_url)) {
2103 credential_from_url(&http_auth, options->base_url->buf);
2104 url = options->effective_url->buf;
2105 }
2106 }
2107
2108 if (ret != HTTP_REAUTH)
2109 return ret;
2110
2111 /*
2112 * The previous request may have put cruft into our output stream; we
2113 * should clear it out before making our next request.
2114 */
2115 switch (target) {
2116 case HTTP_REQUEST_STRBUF:
2117 strbuf_reset(result);
2118 break;
2119 case HTTP_REQUEST_FILE:
2120 if (fflush(result)) {
2121 error_errno("unable to flush a file");
2122 return HTTP_START_FAILED;
2123 }
2124 rewind(result);
2125 if (ftruncate(fileno(result), 0) < 0) {
2126 error_errno("unable to truncate a file");
2127 return HTTP_START_FAILED;
2128 }
2129 break;
2130 default:
2131 BUG("Unknown http_request target");
2132 }
2133
2134 credential_fill(&http_auth);
2135
2136 return http_request(url, result, target, options);
2137 }
2138
2139 int http_get_strbuf(const char *url,
2140 struct strbuf *result,
2141 struct http_get_options *options)
2142 {
2143 return http_request_reauth(url, result, HTTP_REQUEST_STRBUF, options);
2144 }
2145
2146 /*
2147 * Downloads a URL and stores the result in the given file.
2148 *
2149 * If a previous interrupted download is detected (i.e. a previous temporary
2150 * file is still around) the download is resumed.
2151 */
2152 static int http_get_file(const char *url, const char *filename,
2153 struct http_get_options *options)
2154 {
2155 int ret;
2156 struct strbuf tmpfile = STRBUF_INIT;
2157 FILE *result;
2158
2159 strbuf_addf(&tmpfile, "%s.temp", filename);
2160 result = fopen(tmpfile.buf, "a");
2161 if (!result) {
2162 error("Unable to open local file %s", tmpfile.buf);
2163 ret = HTTP_ERROR;
2164 goto cleanup;
2165 }
2166
2167 ret = http_request_reauth(url, result, HTTP_REQUEST_FILE, options);
2168 fclose(result);
2169
2170 if (ret == HTTP_OK && finalize_object_file(tmpfile.buf, filename))
2171 ret = HTTP_ERROR;
2172 cleanup:
2173 strbuf_release(&tmpfile);
2174 return ret;
2175 }
2176
2177 int http_fetch_ref(const char *base, struct ref *ref)
2178 {
2179 struct http_get_options options = {0};
2180 char *url;
2181 struct strbuf buffer = STRBUF_INIT;
2182 int ret = -1;
2183
2184 options.no_cache = 1;
2185
2186 url = quote_ref_url(base, ref->name);
2187 if (http_get_strbuf(url, &buffer, &options) == HTTP_OK) {
2188 strbuf_rtrim(&buffer);
2189 if (buffer.len == the_hash_algo->hexsz)
2190 ret = get_oid_hex(buffer.buf, &ref->old_oid);
2191 else if (starts_with(buffer.buf, "ref: ")) {
2192 ref->symref = xstrdup(buffer.buf + 5);
2193 ret = 0;
2194 }
2195 }
2196
2197 strbuf_release(&buffer);
2198 free(url);
2199 return ret;
2200 }
2201
2202 /* Helpers for fetching packs */
2203 static char *fetch_pack_index(unsigned char *hash, const char *base_url)
2204 {
2205 char *url, *tmp;
2206 struct strbuf buf = STRBUF_INIT;
2207
2208 if (http_is_verbose)
2209 fprintf(stderr, "Getting index for pack %s\n", hash_to_hex(hash));
2210
2211 end_url_with_slash(&buf, base_url);
2212 strbuf_addf(&buf, "objects/pack/pack-%s.idx", hash_to_hex(hash));
2213 url = strbuf_detach(&buf, NULL);
2214
2215 strbuf_addf(&buf, "%s.temp", sha1_pack_index_name(hash));
2216 tmp = strbuf_detach(&buf, NULL);
2217
2218 if (http_get_file(url, tmp, NULL) != HTTP_OK) {
2219 error("Unable to get pack index %s", url);
2220 FREE_AND_NULL(tmp);
2221 }
2222
2223 free(url);
2224 return tmp;
2225 }
2226
2227 static int fetch_and_setup_pack_index(struct packed_git **packs_head,
2228 unsigned char *sha1, const char *base_url)
2229 {
2230 struct packed_git *new_pack;
2231 char *tmp_idx = NULL;
2232 int ret;
2233
2234 if (has_pack_index(sha1)) {
2235 new_pack = parse_pack_index(sha1, sha1_pack_index_name(sha1));
2236 if (!new_pack)
2237 return -1; /* parse_pack_index() already issued error message */
2238 goto add_pack;
2239 }
2240
2241 tmp_idx = fetch_pack_index(sha1, base_url);
2242 if (!tmp_idx)
2243 return -1;
2244
2245 new_pack = parse_pack_index(sha1, tmp_idx);
2246 if (!new_pack) {
2247 unlink(tmp_idx);
2248 free(tmp_idx);
2249
2250 return -1; /* parse_pack_index() already issued error message */
2251 }
2252
2253 ret = verify_pack_index(new_pack);
2254 if (!ret) {
2255 close_pack_index(new_pack);
2256 ret = finalize_object_file(tmp_idx, sha1_pack_index_name(sha1));
2257 }
2258 free(tmp_idx);
2259 if (ret)
2260 return -1;
2261
2262 add_pack:
2263 new_pack->next = *packs_head;
2264 *packs_head = new_pack;
2265 return 0;
2266 }
2267
2268 int http_get_info_packs(const char *base_url, struct packed_git **packs_head)
2269 {
2270 struct http_get_options options = {0};
2271 int ret = 0;
2272 char *url;
2273 const char *data;
2274 struct strbuf buf = STRBUF_INIT;
2275 struct object_id oid;
2276
2277 end_url_with_slash(&buf, base_url);
2278 strbuf_addstr(&buf, "objects/info/packs");
2279 url = strbuf_detach(&buf, NULL);
2280
2281 options.no_cache = 1;
2282 ret = http_get_strbuf(url, &buf, &options);
2283 if (ret != HTTP_OK)
2284 goto cleanup;
2285
2286 data = buf.buf;
2287 while (*data) {
2288 if (skip_prefix(data, "P pack-", &data) &&
2289 !parse_oid_hex(data, &oid, &data) &&
2290 skip_prefix(data, ".pack", &data) &&
2291 (*data == '\n' || *data == '\0')) {
2292 fetch_and_setup_pack_index(packs_head, oid.hash, base_url);
2293 } else {
2294 data = strchrnul(data, '\n');
2295 }
2296 if (*data)
2297 data++; /* skip past newline */
2298 }
2299
2300 cleanup:
2301 free(url);
2302 return ret;
2303 }
2304
2305 void release_http_pack_request(struct http_pack_request *preq)
2306 {
2307 if (preq->packfile != NULL) {
2308 fclose(preq->packfile);
2309 preq->packfile = NULL;
2310 }
2311 preq->slot = NULL;
2312 strbuf_release(&preq->tmpfile);
2313 free(preq->url);
2314 free(preq);
2315 }
2316
2317 int finish_http_pack_request(struct http_pack_request *preq)
2318 {
2319 struct child_process ip = CHILD_PROCESS_INIT;
2320 int tmpfile_fd;
2321 int ret = 0;
2322
2323 fclose(preq->packfile);
2324 preq->packfile = NULL;
2325
2326 tmpfile_fd = xopen(preq->tmpfile.buf, O_RDONLY);
2327
2328 strvec_push(&ip.args, "index-pack");
2329 strvec_push(&ip.args, "--stdin");
2330 ip.git_cmd = 1;
2331 ip.in = tmpfile_fd;
2332 if (preq->generate_keep) {
2333 strvec_pushf(&ip.args, "--keep=git %"PRIuMAX,
2334 (uintmax_t)getpid());
2335 ip.out = 0;
2336 } else {
2337 ip.no_stdout = 1;
2338 }
2339
2340 if (run_command(&ip)) {
2341 ret = -1;
2342 goto cleanup;
2343 }
2344
2345 cleanup:
2346 close(tmpfile_fd);
2347 unlink(preq->tmpfile.buf);
2348 return ret;
2349 }
2350
2351 void http_install_packfile(struct packed_git *p,
2352 struct packed_git **list_to_remove_from)
2353 {
2354 struct packed_git **lst = list_to_remove_from;
2355
2356 while (*lst != p)
2357 lst = &((*lst)->next);
2358 *lst = (*lst)->next;
2359
2360 install_packed_git(the_repository, p);
2361 }
2362
2363 struct http_pack_request *new_http_pack_request(
2364 const unsigned char *packed_git_hash, const char *base_url) {
2365
2366 struct strbuf buf = STRBUF_INIT;
2367
2368 end_url_with_slash(&buf, base_url);
2369 strbuf_addf(&buf, "objects/pack/pack-%s.pack",
2370 hash_to_hex(packed_git_hash));
2371 return new_direct_http_pack_request(packed_git_hash,
2372 strbuf_detach(&buf, NULL));
2373 }
2374
2375 struct http_pack_request *new_direct_http_pack_request(
2376 const unsigned char *packed_git_hash, char *url)
2377 {
2378 off_t prev_posn = 0;
2379 struct http_pack_request *preq;
2380
2381 preq = xcalloc(1, sizeof(*preq));
2382 strbuf_init(&preq->tmpfile, 0);
2383
2384 preq->url = url;
2385
2386 strbuf_addf(&preq->tmpfile, "%s.temp", sha1_pack_name(packed_git_hash));
2387 preq->packfile = fopen(preq->tmpfile.buf, "a");
2388 if (!preq->packfile) {
2389 error("Unable to open local file %s for pack",
2390 preq->tmpfile.buf);
2391 goto abort;
2392 }
2393
2394 preq->slot = get_active_slot();
2395 curl_easy_setopt(preq->slot->curl, CURLOPT_FILE, preq->packfile);
2396 curl_easy_setopt(preq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite);
2397 curl_easy_setopt(preq->slot->curl, CURLOPT_URL, preq->url);
2398 curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
2399 no_pragma_header);
2400
2401 /*
2402 * If there is data present from a previous transfer attempt,
2403 * resume where it left off
2404 */
2405 prev_posn = ftello(preq->packfile);
2406 if (prev_posn>0) {
2407 if (http_is_verbose)
2408 fprintf(stderr,
2409 "Resuming fetch of pack %s at byte %"PRIuMAX"\n",
2410 hash_to_hex(packed_git_hash),
2411 (uintmax_t)prev_posn);
2412 http_opt_request_remainder(preq->slot->curl, prev_posn);
2413 }
2414
2415 return preq;
2416
2417 abort:
2418 strbuf_release(&preq->tmpfile);
2419 free(preq->url);
2420 free(preq);
2421 return NULL;
2422 }
2423
2424 /* Helpers for fetching objects (loose) */
2425 static size_t fwrite_sha1_file(char *ptr, size_t eltsize, size_t nmemb,
2426 void *data)
2427 {
2428 unsigned char expn[4096];
2429 size_t size = eltsize * nmemb;
2430 int posn = 0;
2431 struct http_object_request *freq = data;
2432 struct active_request_slot *slot = freq->slot;
2433
2434 if (slot) {
2435 CURLcode c = curl_easy_getinfo(slot->curl, CURLINFO_HTTP_CODE,
2436 &slot->http_code);
2437 if (c != CURLE_OK)
2438 BUG("curl_easy_getinfo for HTTP code failed: %s",
2439 curl_easy_strerror(c));
2440 if (slot->http_code >= 300)
2441 return nmemb;
2442 }
2443
2444 do {
2445 ssize_t retval = xwrite(freq->localfile,
2446 (char *) ptr + posn, size - posn);
2447 if (retval < 0)
2448 return posn / eltsize;
2449 posn += retval;
2450 } while (posn < size);
2451
2452 freq->stream.avail_in = size;
2453 freq->stream.next_in = (void *)ptr;
2454 do {
2455 freq->stream.next_out = expn;
2456 freq->stream.avail_out = sizeof(expn);
2457 freq->zret = git_inflate(&freq->stream, Z_SYNC_FLUSH);
2458 the_hash_algo->update_fn(&freq->c, expn,
2459 sizeof(expn) - freq->stream.avail_out);
2460 } while (freq->stream.avail_in && freq->zret == Z_OK);
2461 return nmemb;
2462 }
2463
2464 struct http_object_request *new_http_object_request(const char *base_url,
2465 const struct object_id *oid)
2466 {
2467 char *hex = oid_to_hex(oid);
2468 struct strbuf filename = STRBUF_INIT;
2469 struct strbuf prevfile = STRBUF_INIT;
2470 int prevlocal;
2471 char prev_buf[PREV_BUF_SIZE];
2472 ssize_t prev_read = 0;
2473 off_t prev_posn = 0;
2474 struct http_object_request *freq;
2475
2476 freq = xcalloc(1, sizeof(*freq));
2477 strbuf_init(&freq->tmpfile, 0);
2478 oidcpy(&freq->oid, oid);
2479 freq->localfile = -1;
2480
2481 loose_object_path(the_repository, &filename, oid);
2482 strbuf_addf(&freq->tmpfile, "%s.temp", filename.buf);
2483
2484 strbuf_addf(&prevfile, "%s.prev", filename.buf);
2485 unlink_or_warn(prevfile.buf);
2486 rename(freq->tmpfile.buf, prevfile.buf);
2487 unlink_or_warn(freq->tmpfile.buf);
2488 strbuf_release(&filename);
2489
2490 if (freq->localfile != -1)
2491 error("fd leakage in start: %d", freq->localfile);
2492 freq->localfile = open(freq->tmpfile.buf,
2493 O_WRONLY | O_CREAT | O_EXCL, 0666);
2494 /*
2495 * This could have failed due to the "lazy directory creation";
2496 * try to mkdir the last path component.
2497 */
2498 if (freq->localfile < 0 && errno == ENOENT) {
2499 char *dir = strrchr(freq->tmpfile.buf, '/');
2500 if (dir) {
2501 *dir = 0;
2502 mkdir(freq->tmpfile.buf, 0777);
2503 *dir = '/';
2504 }
2505 freq->localfile = open(freq->tmpfile.buf,
2506 O_WRONLY | O_CREAT | O_EXCL, 0666);
2507 }
2508
2509 if (freq->localfile < 0) {
2510 error_errno("Couldn't create temporary file %s",
2511 freq->tmpfile.buf);
2512 goto abort;
2513 }
2514
2515 git_inflate_init(&freq->stream);
2516
2517 the_hash_algo->init_fn(&freq->c);
2518
2519 freq->url = get_remote_object_url(base_url, hex, 0);
2520
2521 /*
2522 * If a previous temp file is present, process what was already
2523 * fetched.
2524 */
2525 prevlocal = open(prevfile.buf, O_RDONLY);
2526 if (prevlocal != -1) {
2527 do {
2528 prev_read = xread(prevlocal, prev_buf, PREV_BUF_SIZE);
2529 if (prev_read>0) {
2530 if (fwrite_sha1_file(prev_buf,
2531 1,
2532 prev_read,
2533 freq) == prev_read) {
2534 prev_posn += prev_read;
2535 } else {
2536 prev_read = -1;
2537 }
2538 }
2539 } while (prev_read > 0);
2540 close(prevlocal);
2541 }
2542 unlink_or_warn(prevfile.buf);
2543 strbuf_release(&prevfile);
2544
2545 /*
2546 * Reset inflate/SHA1 if there was an error reading the previous temp
2547 * file; also rewind to the beginning of the local file.
2548 */
2549 if (prev_read == -1) {
2550 memset(&freq->stream, 0, sizeof(freq->stream));
2551 git_inflate_init(&freq->stream);
2552 the_hash_algo->init_fn(&freq->c);
2553 if (prev_posn>0) {
2554 prev_posn = 0;
2555 lseek(freq->localfile, 0, SEEK_SET);
2556 if (ftruncate(freq->localfile, 0) < 0) {
2557 error_errno("Couldn't truncate temporary file %s",
2558 freq->tmpfile.buf);
2559 goto abort;
2560 }
2561 }
2562 }
2563
2564 freq->slot = get_active_slot();
2565
2566 curl_easy_setopt(freq->slot->curl, CURLOPT_FILE, freq);
2567 curl_easy_setopt(freq->slot->curl, CURLOPT_FAILONERROR, 0);
2568 curl_easy_setopt(freq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite_sha1_file);
2569 curl_easy_setopt(freq->slot->curl, CURLOPT_ERRORBUFFER, freq->errorstr);
2570 curl_easy_setopt(freq->slot->curl, CURLOPT_URL, freq->url);
2571 curl_easy_setopt(freq->slot->curl, CURLOPT_HTTPHEADER, no_pragma_header);
2572
2573 /*
2574 * If we have successfully processed data from a previous fetch
2575 * attempt, only fetch the data we don't already have.
2576 */
2577 if (prev_posn>0) {
2578 if (http_is_verbose)
2579 fprintf(stderr,
2580 "Resuming fetch of object %s at byte %"PRIuMAX"\n",
2581 hex, (uintmax_t)prev_posn);
2582 http_opt_request_remainder(freq->slot->curl, prev_posn);
2583 }
2584
2585 return freq;
2586
2587 abort:
2588 strbuf_release(&prevfile);
2589 free(freq->url);
2590 free(freq);
2591 return NULL;
2592 }
2593
2594 void process_http_object_request(struct http_object_request *freq)
2595 {
2596 if (freq->slot == NULL)
2597 return;
2598 freq->curl_result = freq->slot->curl_result;
2599 freq->http_code = freq->slot->http_code;
2600 freq->slot = NULL;
2601 }
2602
2603 int finish_http_object_request(struct http_object_request *freq)
2604 {
2605 struct stat st;
2606 struct strbuf filename = STRBUF_INIT;
2607
2608 close(freq->localfile);
2609 freq->localfile = -1;
2610
2611 process_http_object_request(freq);
2612
2613 if (freq->http_code == 416) {
2614 warning("requested range invalid; we may already have all the data.");
2615 } else if (freq->curl_result != CURLE_OK) {
2616 if (stat(freq->tmpfile.buf, &st) == 0)
2617 if (st.st_size == 0)
2618 unlink_or_warn(freq->tmpfile.buf);
2619 return -1;
2620 }
2621
2622 git_inflate_end(&freq->stream);
2623 the_hash_algo->final_fn(freq->real_oid.hash, &freq->c);
2624 if (freq->zret != Z_STREAM_END) {
2625 unlink_or_warn(freq->tmpfile.buf);
2626 return -1;
2627 }
2628 if (!oideq(&freq->oid, &freq->real_oid)) {
2629 unlink_or_warn(freq->tmpfile.buf);
2630 return -1;
2631 }
2632 loose_object_path(the_repository, &filename, &freq->oid);
2633 freq->rename = finalize_object_file(freq->tmpfile.buf, filename.buf);
2634 strbuf_release(&filename);
2635
2636 return freq->rename;
2637 }
2638
2639 void abort_http_object_request(struct http_object_request *freq)
2640 {
2641 unlink_or_warn(freq->tmpfile.buf);
2642
2643 release_http_object_request(freq);
2644 }
2645
2646 void release_http_object_request(struct http_object_request *freq)
2647 {
2648 if (freq->localfile != -1) {
2649 close(freq->localfile);
2650 freq->localfile = -1;
2651 }
2652 FREE_AND_NULL(freq->url);
2653 if (freq->slot != NULL) {
2654 freq->slot->callback_func = NULL;
2655 freq->slot->callback_data = NULL;
2656 release_active_slot(freq->slot);
2657 freq->slot = NULL;
2658 }
2659 strbuf_release(&freq->tmpfile);
2660 }
Unnamed repository; edit this file 'description' to name the repository.