]> git.ipfire.org Git - thirdparty/git.git/blob - setup.c
projects / thirdparty / git.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'maint-2.35' into maint-2.36
[thirdparty/git.git] / setup.c
1 #include "cache.h"
2 #include "repository.h"
3 #include "config.h"
4 #include "dir.h"
5 #include "string-list.h"
6 #include "chdir-notify.h"
7 #include "promisor-remote.h"
8 #include "quote.h"
9
10 static int inside_git_dir = -1;
11 static int inside_work_tree = -1;
12 static int work_tree_config_is_bogus;
13
14 static struct startup_info the_startup_info;
15 struct startup_info *startup_info = &the_startup_info;
16 const char *tmp_original_cwd;
17
18 /*
19 * The input parameter must contain an absolute path, and it must already be
20 * normalized.
21 *
22 * Find the part of an absolute path that lies inside the work tree by
23 * dereferencing symlinks outside the work tree, for example:
24 * /dir1/repo/dir2/file (work tree is /dir1/repo) -> dir2/file
25 * /dir/file (work tree is /) -> dir/file
26 * /dir/symlink1/symlink2 (symlink1 points to work tree) -> symlink2
27 * /dir/repolink/file (repolink points to /dir/repo) -> file
28 * /dir/repo (exactly equal to work tree) -> (empty string)
29 */
30 static int abspath_part_inside_repo(char *path)
31 {
32 size_t len;
33 size_t wtlen;
34 char *path0;
35 int off;
36 const char *work_tree = get_git_work_tree();
37 struct strbuf realpath = STRBUF_INIT;
38
39 if (!work_tree)
40 return -1;
41 wtlen = strlen(work_tree);
42 len = strlen(path);
43 off = offset_1st_component(path);
44
45 /* check if work tree is already the prefix */
46 if (wtlen <= len && !fspathncmp(path, work_tree, wtlen)) {
47 if (path[wtlen] == '/') {
48 memmove(path, path + wtlen + 1, len - wtlen);
49 return 0;
50 } else if (path[wtlen - 1] == '/' || path[wtlen] == '\0') {
51 /* work tree is the root, or the whole path */
52 memmove(path, path + wtlen, len - wtlen + 1);
53 return 0;
54 }
55 /* work tree might match beginning of a symlink to work tree */
56 off = wtlen;
57 }
58 path0 = path;
59 path += off;
60
61 /* check each '/'-terminated level */
62 while (*path) {
63 path++;
64 if (*path == '/') {
65 *path = '\0';
66 strbuf_realpath(&realpath, path0, 1);
67 if (fspathcmp(realpath.buf, work_tree) == 0) {
68 memmove(path0, path + 1, len - (path - path0));
69 strbuf_release(&realpath);
70 return 0;
71 }
72 *path = '/';
73 }
74 }
75
76 /* check whole path */
77 strbuf_realpath(&realpath, path0, 1);
78 if (fspathcmp(realpath.buf, work_tree) == 0) {
79 *path0 = '\0';
80 strbuf_release(&realpath);
81 return 0;
82 }
83
84 strbuf_release(&realpath);
85 return -1;
86 }
87
88 /*
89 * Normalize "path", prepending the "prefix" for relative paths. If
90 * remaining_prefix is not NULL, return the actual prefix still
91 * remains in the path. For example, prefix = sub1/sub2/ and path is
92 *
93 * foo -> sub1/sub2/foo (full prefix)
94 * ../foo -> sub1/foo (remaining prefix is sub1/)
95 * ../../bar -> bar (no remaining prefix)
96 * ../../sub1/sub2/foo -> sub1/sub2/foo (but no remaining prefix)
97 * `pwd`/../bar -> sub1/bar (no remaining prefix)
98 */
99 char *prefix_path_gently(const char *prefix, int len,
100 int *remaining_prefix, const char *path)
101 {
102 const char *orig = path;
103 char *sanitized;
104 if (is_absolute_path(orig)) {
105 sanitized = xmallocz(strlen(path));
106 if (remaining_prefix)
107 *remaining_prefix = 0;
108 if (normalize_path_copy_len(sanitized, path, remaining_prefix)) {
109 free(sanitized);
110 return NULL;
111 }
112 if (abspath_part_inside_repo(sanitized)) {
113 free(sanitized);
114 return NULL;
115 }
116 } else {
117 sanitized = xstrfmt("%.*s%s", len, len ? prefix : "", path);
118 if (remaining_prefix)
119 *remaining_prefix = len;
120 if (normalize_path_copy_len(sanitized, sanitized, remaining_prefix)) {
121 free(sanitized);
122 return NULL;
123 }
124 }
125 return sanitized;
126 }
127
128 char *prefix_path(const char *prefix, int len, const char *path)
129 {
130 char *r = prefix_path_gently(prefix, len, NULL, path);
131 if (!r) {
132 const char *hint_path = get_git_work_tree();
133 if (!hint_path)
134 hint_path = get_git_dir();
135 die(_("'%s' is outside repository at '%s'"), path,
136 absolute_path(hint_path));
137 }
138 return r;
139 }
140
141 int path_inside_repo(const char *prefix, const char *path)
142 {
143 int len = prefix ? strlen(prefix) : 0;
144 char *r = prefix_path_gently(prefix, len, NULL, path);
145 if (r) {
146 free(r);
147 return 1;
148 }
149 return 0;
150 }
151
152 int check_filename(const char *prefix, const char *arg)
153 {
154 char *to_free = NULL;
155 struct stat st;
156
157 if (skip_prefix(arg, ":/", &arg)) {
158 if (!*arg) /* ":/" is root dir, always exists */
159 return 1;
160 prefix = NULL;
161 } else if (skip_prefix(arg, ":!", &arg) ||
162 skip_prefix(arg, ":^", &arg)) {
163 if (!*arg) /* excluding everything is silly, but allowed */
164 return 1;
165 }
166
167 if (prefix)
168 arg = to_free = prefix_filename(prefix, arg);
169
170 if (!lstat(arg, &st)) {
171 free(to_free);
172 return 1; /* file exists */
173 }
174 if (is_missing_file_error(errno)) {
175 free(to_free);
176 return 0; /* file does not exist */
177 }
178 die_errno(_("failed to stat '%s'"), arg);
179 }
180
181 static void NORETURN die_verify_filename(struct repository *r,
182 const char *prefix,
183 const char *arg,
184 int diagnose_misspelt_rev)
185 {
186 if (!diagnose_misspelt_rev)
187 die(_("%s: no such path in the working tree.\n"
188 "Use 'git <command> -- <path>...' to specify paths that do not exist locally."),
189 arg);
190 /*
191 * Saying "'(icase)foo' does not exist in the index" when the
192 * user gave us ":(icase)foo" is just stupid. A magic pathspec
193 * begins with a colon and is followed by a non-alnum; do not
194 * let maybe_die_on_misspelt_object_name() even trigger.
195 */
196 if (!(arg[0] == ':' && !isalnum(arg[1])))
197 maybe_die_on_misspelt_object_name(r, arg, prefix);
198
199 /* ... or fall back the most general message. */
200 die(_("ambiguous argument '%s': unknown revision or path not in the working tree.\n"
201 "Use '--' to separate paths from revisions, like this:\n"
202 "'git <command> [<revision>...] -- [<file>...]'"), arg);
203
204 }
205
206 /*
207 * Check for arguments that don't resolve as actual files,
208 * but which look sufficiently like pathspecs that we'll consider
209 * them such for the purposes of rev/pathspec DWIM parsing.
210 */
211 static int looks_like_pathspec(const char *arg)
212 {
213 const char *p;
214 int escaped = 0;
215
216 /*
217 * Wildcard characters imply the user is looking to match pathspecs
218 * that aren't in the filesystem. Note that this doesn't include
219 * backslash even though it's a glob special; by itself it doesn't
220 * cause any increase in the match. Likewise ignore backslash-escaped
221 * wildcard characters.
222 */
223 for (p = arg; *p; p++) {
224 if (escaped) {
225 escaped = 0;
226 } else if (is_glob_special(*p)) {
227 if (*p == '\\')
228 escaped = 1;
229 else
230 return 1;
231 }
232 }
233
234 /* long-form pathspec magic */
235 if (starts_with(arg, ":("))
236 return 1;
237
238 return 0;
239 }
240
241 /*
242 * Verify a filename that we got as an argument for a pathspec
243 * entry. Note that a filename that begins with "-" never verifies
244 * as true, because even if such a filename were to exist, we want
245 * it to be preceded by the "--" marker (or we want the user to
246 * use a format like "./-filename")
247 *
248 * The "diagnose_misspelt_rev" is used to provide a user-friendly
249 * diagnosis when dying upon finding that "name" is not a pathname.
250 * If set to 1, the diagnosis will try to diagnose "name" as an
251 * invalid object name (e.g. HEAD:foo). If set to 0, the diagnosis
252 * will only complain about an inexisting file.
253 *
254 * This function is typically called to check that a "file or rev"
255 * argument is unambiguous. In this case, the caller will want
256 * diagnose_misspelt_rev == 1 when verifying the first non-rev
257 * argument (which could have been a revision), and
258 * diagnose_misspelt_rev == 0 for the next ones (because we already
259 * saw a filename, there's not ambiguity anymore).
260 */
261 void verify_filename(const char *prefix,
262 const char *arg,
263 int diagnose_misspelt_rev)
264 {
265 if (*arg == '-')
266 die(_("option '%s' must come before non-option arguments"), arg);
267 if (looks_like_pathspec(arg) || check_filename(prefix, arg))
268 return;
269 die_verify_filename(the_repository, prefix, arg, diagnose_misspelt_rev);
270 }
271
272 /*
273 * Opposite of the above: the command line did not have -- marker
274 * and we parsed the arg as a refname. It should not be interpretable
275 * as a filename.
276 */
277 void verify_non_filename(const char *prefix, const char *arg)
278 {
279 if (!is_inside_work_tree() || is_inside_git_dir())
280 return;
281 if (*arg == '-')
282 return; /* flag */
283 if (!check_filename(prefix, arg))
284 return;
285 die(_("ambiguous argument '%s': both revision and filename\n"
286 "Use '--' to separate paths from revisions, like this:\n"
287 "'git <command> [<revision>...] -- [<file>...]'"), arg);
288 }
289
290 int get_common_dir(struct strbuf *sb, const char *gitdir)
291 {
292 const char *git_env_common_dir = getenv(GIT_COMMON_DIR_ENVIRONMENT);
293 if (git_env_common_dir) {
294 strbuf_addstr(sb, git_env_common_dir);
295 return 1;
296 } else {
297 return get_common_dir_noenv(sb, gitdir);
298 }
299 }
300
301 int get_common_dir_noenv(struct strbuf *sb, const char *gitdir)
302 {
303 struct strbuf data = STRBUF_INIT;
304 struct strbuf path = STRBUF_INIT;
305 int ret = 0;
306
307 strbuf_addf(&path, "%s/commondir", gitdir);
308 if (file_exists(path.buf)) {
309 if (strbuf_read_file(&data, path.buf, 0) <= 0)
310 die_errno(_("failed to read %s"), path.buf);
311 while (data.len && (data.buf[data.len - 1] == '\n' ||
312 data.buf[data.len - 1] == '\r'))
313 data.len--;
314 data.buf[data.len] = '\0';
315 strbuf_reset(&path);
316 if (!is_absolute_path(data.buf))
317 strbuf_addf(&path, "%s/", gitdir);
318 strbuf_addbuf(&path, &data);
319 strbuf_add_real_path(sb, path.buf);
320 ret = 1;
321 } else {
322 strbuf_addstr(sb, gitdir);
323 }
324
325 strbuf_release(&data);
326 strbuf_release(&path);
327 return ret;
328 }
329
330 /*
331 * Test if it looks like we're at a git directory.
332 * We want to see:
333 *
334 * - either an objects/ directory _or_ the proper
335 * GIT_OBJECT_DIRECTORY environment variable
336 * - a refs/ directory
337 * - either a HEAD symlink or a HEAD file that is formatted as
338 * a proper "ref:", or a regular file HEAD that has a properly
339 * formatted sha1 object name.
340 */
341 int is_git_directory(const char *suspect)
342 {
343 struct strbuf path = STRBUF_INIT;
344 int ret = 0;
345 size_t len;
346
347 /* Check worktree-related signatures */
348 strbuf_addstr(&path, suspect);
349 strbuf_complete(&path, '/');
350 strbuf_addstr(&path, "HEAD");
351 if (validate_headref(path.buf))
352 goto done;
353
354 strbuf_reset(&path);
355 get_common_dir(&path, suspect);
356 len = path.len;
357
358 /* Check non-worktree-related signatures */
359 if (getenv(DB_ENVIRONMENT)) {
360 if (access(getenv(DB_ENVIRONMENT), X_OK))
361 goto done;
362 }
363 else {
364 strbuf_setlen(&path, len);
365 strbuf_addstr(&path, "/objects");
366 if (access(path.buf, X_OK))
367 goto done;
368 }
369
370 strbuf_setlen(&path, len);
371 strbuf_addstr(&path, "/refs");
372 if (access(path.buf, X_OK))
373 goto done;
374
375 ret = 1;
376 done:
377 strbuf_release(&path);
378 return ret;
379 }
380
381 int is_nonbare_repository_dir(struct strbuf *path)
382 {
383 int ret = 0;
384 int gitfile_error;
385 size_t orig_path_len = path->len;
386 assert(orig_path_len != 0);
387 strbuf_complete(path, '/');
388 strbuf_addstr(path, ".git");
389 if (read_gitfile_gently(path->buf, &gitfile_error) || is_git_directory(path->buf))
390 ret = 1;
391 if (gitfile_error == READ_GITFILE_ERR_OPEN_FAILED ||
392 gitfile_error == READ_GITFILE_ERR_READ_FAILED)
393 ret = 1;
394 strbuf_setlen(path, orig_path_len);
395 return ret;
396 }
397
398 int is_inside_git_dir(void)
399 {
400 if (inside_git_dir < 0)
401 inside_git_dir = is_inside_dir(get_git_dir());
402 return inside_git_dir;
403 }
404
405 int is_inside_work_tree(void)
406 {
407 if (inside_work_tree < 0)
408 inside_work_tree = is_inside_dir(get_git_work_tree());
409 return inside_work_tree;
410 }
411
412 void setup_work_tree(void)
413 {
414 const char *work_tree;
415 static int initialized = 0;
416
417 if (initialized)
418 return;
419
420 if (work_tree_config_is_bogus)
421 die(_("unable to set up work tree using invalid config"));
422
423 work_tree = get_git_work_tree();
424 if (!work_tree || chdir_notify(work_tree))
425 die(_("this operation must be run in a work tree"));
426
427 /*
428 * Make sure subsequent git processes find correct worktree
429 * if $GIT_WORK_TREE is set relative
430 */
431 if (getenv(GIT_WORK_TREE_ENVIRONMENT))
432 setenv(GIT_WORK_TREE_ENVIRONMENT, ".", 1);
433
434 initialized = 1;
435 }
436
437 static void setup_original_cwd(void)
438 {
439 struct strbuf tmp = STRBUF_INIT;
440 const char *worktree = NULL;
441 int offset = -1;
442
443 if (!tmp_original_cwd)
444 return;
445
446 /*
447 * startup_info->original_cwd points to the current working
448 * directory we inherited from our parent process, which is a
449 * directory we want to avoid removing.
450 *
451 * For convience, we would like to have the path relative to the
452 * worktree instead of an absolute path.
453 *
454 * Yes, startup_info->original_cwd is usually the same as 'prefix',
455 * but differs in two ways:
456 * - prefix has a trailing '/'
457 * - if the user passes '-C' to git, that modifies the prefix but
458 * not startup_info->original_cwd.
459 */
460
461 /* Normalize the directory */
462 strbuf_realpath(&tmp, tmp_original_cwd, 1);
463 free((char*)tmp_original_cwd);
464 tmp_original_cwd = NULL;
465 startup_info->original_cwd = strbuf_detach(&tmp, NULL);
466
467 /*
468 * Get our worktree; we only protect the current working directory
469 * if it's in the worktree.
470 */
471 worktree = get_git_work_tree();
472 if (!worktree)
473 goto no_prevention_needed;
474
475 offset = dir_inside_of(startup_info->original_cwd, worktree);
476 if (offset >= 0) {
477 /*
478 * If startup_info->original_cwd == worktree, that is already
479 * protected and we don't need original_cwd as a secondary
480 * protection measure.
481 */
482 if (!*(startup_info->original_cwd + offset))
483 goto no_prevention_needed;
484
485 /*
486 * original_cwd was inside worktree; precompose it just as
487 * we do prefix so that built up paths will match
488 */
489 startup_info->original_cwd = \
490 precompose_string_if_needed(startup_info->original_cwd
491 + offset);
492 return;
493 }
494
495 no_prevention_needed:
496 free((char*)startup_info->original_cwd);
497 startup_info->original_cwd = NULL;
498 }
499
500 static int read_worktree_config(const char *var, const char *value, void *vdata)
501 {
502 struct repository_format *data = vdata;
503
504 if (strcmp(var, "core.bare") == 0) {
505 data->is_bare = git_config_bool(var, value);
506 } else if (strcmp(var, "core.worktree") == 0) {
507 if (!value)
508 return config_error_nonbool(var);
509 free(data->work_tree);
510 data->work_tree = xstrdup(value);
511 }
512 return 0;
513 }
514
515 enum extension_result {
516 EXTENSION_ERROR = -1, /* compatible with error(), etc */
517 EXTENSION_UNKNOWN = 0,
518 EXTENSION_OK = 1
519 };
520
521 /*
522 * Do not add new extensions to this function. It handles extensions which are
523 * respected even in v0-format repositories for historical compatibility.
524 */
525 static enum extension_result handle_extension_v0(const char *var,
526 const char *value,
527 const char *ext,
528 struct repository_format *data)
529 {
530 if (!strcmp(ext, "noop")) {
531 return EXTENSION_OK;
532 } else if (!strcmp(ext, "preciousobjects")) {
533 data->precious_objects = git_config_bool(var, value);
534 return EXTENSION_OK;
535 } else if (!strcmp(ext, "partialclone")) {
536 data->partial_clone = xstrdup(value);
537 return EXTENSION_OK;
538 } else if (!strcmp(ext, "worktreeconfig")) {
539 data->worktree_config = git_config_bool(var, value);
540 return EXTENSION_OK;
541 }
542
543 return EXTENSION_UNKNOWN;
544 }
545
546 /*
547 * Record any new extensions in this function.
548 */
549 static enum extension_result handle_extension(const char *var,
550 const char *value,
551 const char *ext,
552 struct repository_format *data)
553 {
554 if (!strcmp(ext, "noop-v1")) {
555 return EXTENSION_OK;
556 } else if (!strcmp(ext, "objectformat")) {
557 int format;
558
559 if (!value)
560 return config_error_nonbool(var);
561 format = hash_algo_by_name(value);
562 if (format == GIT_HASH_UNKNOWN)
563 return error(_("invalid value for '%s': '%s'"),
564 "extensions.objectformat", value);
565 data->hash_algo = format;
566 return EXTENSION_OK;
567 }
568 return EXTENSION_UNKNOWN;
569 }
570
571 static int check_repo_format(const char *var, const char *value, void *vdata)
572 {
573 struct repository_format *data = vdata;
574 const char *ext;
575
576 if (strcmp(var, "core.repositoryformatversion") == 0)
577 data->version = git_config_int(var, value);
578 else if (skip_prefix(var, "extensions.", &ext)) {
579 switch (handle_extension_v0(var, value, ext, data)) {
580 case EXTENSION_ERROR:
581 return -1;
582 case EXTENSION_OK:
583 return 0;
584 case EXTENSION_UNKNOWN:
585 break;
586 }
587
588 switch (handle_extension(var, value, ext, data)) {
589 case EXTENSION_ERROR:
590 return -1;
591 case EXTENSION_OK:
592 string_list_append(&data->v1_only_extensions, ext);
593 return 0;
594 case EXTENSION_UNKNOWN:
595 string_list_append(&data->unknown_extensions, ext);
596 return 0;
597 }
598 }
599
600 return read_worktree_config(var, value, vdata);
601 }
602
603 static int check_repository_format_gently(const char *gitdir, struct repository_format *candidate, int *nongit_ok)
604 {
605 struct strbuf sb = STRBUF_INIT;
606 struct strbuf err = STRBUF_INIT;
607 int has_common;
608
609 has_common = get_common_dir(&sb, gitdir);
610 strbuf_addstr(&sb, "/config");
611 read_repository_format(candidate, sb.buf);
612 strbuf_release(&sb);
613
614 /*
615 * For historical use of check_repository_format() in git-init,
616 * we treat a missing config as a silent "ok", even when nongit_ok
617 * is unset.
618 */
619 if (candidate->version < 0)
620 return 0;
621
622 if (verify_repository_format(candidate, &err) < 0) {
623 if (nongit_ok) {
624 warning("%s", err.buf);
625 strbuf_release(&err);
626 *nongit_ok = -1;
627 return -1;
628 }
629 die("%s", err.buf);
630 }
631
632 repository_format_precious_objects = candidate->precious_objects;
633 repository_format_worktree_config = candidate->worktree_config;
634 string_list_clear(&candidate->unknown_extensions, 0);
635 string_list_clear(&candidate->v1_only_extensions, 0);
636
637 if (repository_format_worktree_config) {
638 /*
639 * pick up core.bare and core.worktree from per-worktree
640 * config if present
641 */
642 strbuf_addf(&sb, "%s/config.worktree", gitdir);
643 git_config_from_file(read_worktree_config, sb.buf, candidate);
644 strbuf_release(&sb);
645 has_common = 0;
646 }
647
648 if (!has_common) {
649 if (candidate->is_bare != -1) {
650 is_bare_repository_cfg = candidate->is_bare;
651 if (is_bare_repository_cfg == 1)
652 inside_work_tree = -1;
653 }
654 if (candidate->work_tree) {
655 free(git_work_tree_cfg);
656 git_work_tree_cfg = xstrdup(candidate->work_tree);
657 inside_work_tree = -1;
658 }
659 }
660
661 return 0;
662 }
663
664 int upgrade_repository_format(int target_version)
665 {
666 struct strbuf sb = STRBUF_INIT;
667 struct strbuf err = STRBUF_INIT;
668 struct strbuf repo_version = STRBUF_INIT;
669 struct repository_format repo_fmt = REPOSITORY_FORMAT_INIT;
670
671 strbuf_git_common_path(&sb, the_repository, "config");
672 read_repository_format(&repo_fmt, sb.buf);
673 strbuf_release(&sb);
674
675 if (repo_fmt.version >= target_version)
676 return 0;
677
678 if (verify_repository_format(&repo_fmt, &err) < 0) {
679 error("cannot upgrade repository format from %d to %d: %s",
680 repo_fmt.version, target_version, err.buf);
681 strbuf_release(&err);
682 return -1;
683 }
684 if (!repo_fmt.version && repo_fmt.unknown_extensions.nr)
685 return error("cannot upgrade repository format: "
686 "unknown extension %s",
687 repo_fmt.unknown_extensions.items[0].string);
688
689 strbuf_addf(&repo_version, "%d", target_version);
690 git_config_set("core.repositoryformatversion", repo_version.buf);
691 strbuf_release(&repo_version);
692 return 1;
693 }
694
695 static void init_repository_format(struct repository_format *format)
696 {
697 const struct repository_format fresh = REPOSITORY_FORMAT_INIT;
698
699 memcpy(format, &fresh, sizeof(fresh));
700 }
701
702 int read_repository_format(struct repository_format *format, const char *path)
703 {
704 clear_repository_format(format);
705 git_config_from_file(check_repo_format, path, format);
706 if (format->version == -1)
707 clear_repository_format(format);
708 return format->version;
709 }
710
711 void clear_repository_format(struct repository_format *format)
712 {
713 string_list_clear(&format->unknown_extensions, 0);
714 string_list_clear(&format->v1_only_extensions, 0);
715 free(format->work_tree);
716 free(format->partial_clone);
717 init_repository_format(format);
718 }
719
720 int verify_repository_format(const struct repository_format *format,
721 struct strbuf *err)
722 {
723 if (GIT_REPO_VERSION_READ < format->version) {
724 strbuf_addf(err, _("Expected git repo version <= %d, found %d"),
725 GIT_REPO_VERSION_READ, format->version);
726 return -1;
727 }
728
729 if (format->version >= 1 && format->unknown_extensions.nr) {
730 int i;
731
732 strbuf_addstr(err, Q_("unknown repository extension found:",
733 "unknown repository extensions found:",
734 format->unknown_extensions.nr));
735
736 for (i = 0; i < format->unknown_extensions.nr; i++)
737 strbuf_addf(err, "\n\t%s",
738 format->unknown_extensions.items[i].string);
739 return -1;
740 }
741
742 if (format->version == 0 && format->v1_only_extensions.nr) {
743 int i;
744
745 strbuf_addstr(err,
746 Q_("repo version is 0, but v1-only extension found:",
747 "repo version is 0, but v1-only extensions found:",
748 format->v1_only_extensions.nr));
749
750 for (i = 0; i < format->v1_only_extensions.nr; i++)
751 strbuf_addf(err, "\n\t%s",
752 format->v1_only_extensions.items[i].string);
753 return -1;
754 }
755
756 return 0;
757 }
758
759 void read_gitfile_error_die(int error_code, const char *path, const char *dir)
760 {
761 switch (error_code) {
762 case READ_GITFILE_ERR_STAT_FAILED:
763 case READ_GITFILE_ERR_NOT_A_FILE:
764 /* non-fatal; follow return path */
765 break;
766 case READ_GITFILE_ERR_OPEN_FAILED:
767 die_errno(_("error opening '%s'"), path);
768 case READ_GITFILE_ERR_TOO_LARGE:
769 die(_("too large to be a .git file: '%s'"), path);
770 case READ_GITFILE_ERR_READ_FAILED:
771 die(_("error reading %s"), path);
772 case READ_GITFILE_ERR_INVALID_FORMAT:
773 die(_("invalid gitfile format: %s"), path);
774 case READ_GITFILE_ERR_NO_PATH:
775 die(_("no path in gitfile: %s"), path);
776 case READ_GITFILE_ERR_NOT_A_REPO:
777 die(_("not a git repository: %s"), dir);
778 default:
779 BUG("unknown error code");
780 }
781 }
782
783 /*
784 * Try to read the location of the git directory from the .git file,
785 * return path to git directory if found. The return value comes from
786 * a shared buffer.
787 *
788 * On failure, if return_error_code is not NULL, return_error_code
789 * will be set to an error code and NULL will be returned. If
790 * return_error_code is NULL the function will die instead (for most
791 * cases).
792 */
793 const char *read_gitfile_gently(const char *path, int *return_error_code)
794 {
795 const int max_file_size = 1 << 20; /* 1MB */
796 int error_code = 0;
797 char *buf = NULL;
798 char *dir = NULL;
799 const char *slash;
800 struct stat st;
801 int fd;
802 ssize_t len;
803 static struct strbuf realpath = STRBUF_INIT;
804
805 if (stat(path, &st)) {
806 /* NEEDSWORK: discern between ENOENT vs other errors */
807 error_code = READ_GITFILE_ERR_STAT_FAILED;
808 goto cleanup_return;
809 }
810 if (!S_ISREG(st.st_mode)) {
811 error_code = READ_GITFILE_ERR_NOT_A_FILE;
812 goto cleanup_return;
813 }
814 if (st.st_size > max_file_size) {
815 error_code = READ_GITFILE_ERR_TOO_LARGE;
816 goto cleanup_return;
817 }
818 fd = open(path, O_RDONLY);
819 if (fd < 0) {
820 error_code = READ_GITFILE_ERR_OPEN_FAILED;
821 goto cleanup_return;
822 }
823 buf = xmallocz(st.st_size);
824 len = read_in_full(fd, buf, st.st_size);
825 close(fd);
826 if (len != st.st_size) {
827 error_code = READ_GITFILE_ERR_READ_FAILED;
828 goto cleanup_return;
829 }
830 if (!starts_with(buf, "gitdir: ")) {
831 error_code = READ_GITFILE_ERR_INVALID_FORMAT;
832 goto cleanup_return;
833 }
834 while (buf[len - 1] == '\n' || buf[len - 1] == '\r')
835 len--;
836 if (len < 9) {
837 error_code = READ_GITFILE_ERR_NO_PATH;
838 goto cleanup_return;
839 }
840 buf[len] = '\0';
841 dir = buf + 8;
842
843 if (!is_absolute_path(dir) && (slash = strrchr(path, '/'))) {
844 size_t pathlen = slash+1 - path;
845 dir = xstrfmt("%.*s%.*s", (int)pathlen, path,
846 (int)(len - 8), buf + 8);
847 free(buf);
848 buf = dir;
849 }
850 if (!is_git_directory(dir)) {
851 error_code = READ_GITFILE_ERR_NOT_A_REPO;
852 goto cleanup_return;
853 }
854
855 strbuf_realpath(&realpath, dir, 1);
856 path = realpath.buf;
857
858 cleanup_return:
859 if (return_error_code)
860 *return_error_code = error_code;
861 else if (error_code)
862 read_gitfile_error_die(error_code, path, dir);
863
864 free(buf);
865 return error_code ? NULL : path;
866 }
867
868 static const char *setup_explicit_git_dir(const char *gitdirenv,
869 struct strbuf *cwd,
870 struct repository_format *repo_fmt,
871 int *nongit_ok)
872 {
873 const char *work_tree_env = getenv(GIT_WORK_TREE_ENVIRONMENT);
874 const char *worktree;
875 char *gitfile;
876 int offset;
877
878 if (PATH_MAX - 40 < strlen(gitdirenv))
879 die(_("'$%s' too big"), GIT_DIR_ENVIRONMENT);
880
881 gitfile = (char*)read_gitfile(gitdirenv);
882 if (gitfile) {
883 gitfile = xstrdup(gitfile);
884 gitdirenv = gitfile;
885 }
886
887 if (!is_git_directory(gitdirenv)) {
888 if (nongit_ok) {
889 *nongit_ok = 1;
890 free(gitfile);
891 return NULL;
892 }
893 die(_("not a git repository: '%s'"), gitdirenv);
894 }
895
896 if (check_repository_format_gently(gitdirenv, repo_fmt, nongit_ok)) {
897 free(gitfile);
898 return NULL;
899 }
900
901 /* #3, #7, #11, #15, #19, #23, #27, #31 (see t1510) */
902 if (work_tree_env)
903 set_git_work_tree(work_tree_env);
904 else if (is_bare_repository_cfg > 0) {
905 if (git_work_tree_cfg) {
906 /* #22.2, #30 */
907 warning("core.bare and core.worktree do not make sense");
908 work_tree_config_is_bogus = 1;
909 }
910
911 /* #18, #26 */
912 set_git_dir(gitdirenv, 0);
913 free(gitfile);
914 return NULL;
915 }
916 else if (git_work_tree_cfg) { /* #6, #14 */
917 if (is_absolute_path(git_work_tree_cfg))
918 set_git_work_tree(git_work_tree_cfg);
919 else {
920 char *core_worktree;
921 if (chdir(gitdirenv))
922 die_errno(_("cannot chdir to '%s'"), gitdirenv);
923 if (chdir(git_work_tree_cfg))
924 die_errno(_("cannot chdir to '%s'"), git_work_tree_cfg);
925 core_worktree = xgetcwd();
926 if (chdir(cwd->buf))
927 die_errno(_("cannot come back to cwd"));
928 set_git_work_tree(core_worktree);
929 free(core_worktree);
930 }
931 }
932 else if (!git_env_bool(GIT_IMPLICIT_WORK_TREE_ENVIRONMENT, 1)) {
933 /* #16d */
934 set_git_dir(gitdirenv, 0);
935 free(gitfile);
936 return NULL;
937 }
938 else /* #2, #10 */
939 set_git_work_tree(".");
940
941 /* set_git_work_tree() must have been called by now */
942 worktree = get_git_work_tree();
943
944 /* both get_git_work_tree() and cwd are already normalized */
945 if (!strcmp(cwd->buf, worktree)) { /* cwd == worktree */
946 set_git_dir(gitdirenv, 0);
947 free(gitfile);
948 return NULL;
949 }
950
951 offset = dir_inside_of(cwd->buf, worktree);
952 if (offset >= 0) { /* cwd inside worktree? */
953 set_git_dir(gitdirenv, 1);
954 if (chdir(worktree))
955 die_errno(_("cannot chdir to '%s'"), worktree);
956 strbuf_addch(cwd, '/');
957 free(gitfile);
958 return cwd->buf + offset;
959 }
960
961 /* cwd outside worktree */
962 set_git_dir(gitdirenv, 0);
963 free(gitfile);
964 return NULL;
965 }
966
967 static const char *setup_discovered_git_dir(const char *gitdir,
968 struct strbuf *cwd, int offset,
969 struct repository_format *repo_fmt,
970 int *nongit_ok)
971 {
972 if (check_repository_format_gently(gitdir, repo_fmt, nongit_ok))
973 return NULL;
974
975 /* --work-tree is set without --git-dir; use discovered one */
976 if (getenv(GIT_WORK_TREE_ENVIRONMENT) || git_work_tree_cfg) {
977 char *to_free = NULL;
978 const char *ret;
979
980 if (offset != cwd->len && !is_absolute_path(gitdir))
981 gitdir = to_free = real_pathdup(gitdir, 1);
982 if (chdir(cwd->buf))
983 die_errno(_("cannot come back to cwd"));
984 ret = setup_explicit_git_dir(gitdir, cwd, repo_fmt, nongit_ok);
985 free(to_free);
986 return ret;
987 }
988
989 /* #16.2, #17.2, #20.2, #21.2, #24, #25, #28, #29 (see t1510) */
990 if (is_bare_repository_cfg > 0) {
991 set_git_dir(gitdir, (offset != cwd->len));
992 if (chdir(cwd->buf))
993 die_errno(_("cannot come back to cwd"));
994 return NULL;
995 }
996
997 /* #0, #1, #5, #8, #9, #12, #13 */
998 set_git_work_tree(".");
999 if (strcmp(gitdir, DEFAULT_GIT_DIR_ENVIRONMENT))
1000 set_git_dir(gitdir, 0);
1001 inside_git_dir = 0;
1002 inside_work_tree = 1;
1003 if (offset >= cwd->len)
1004 return NULL;
1005
1006 /* Make "offset" point past the '/' (already the case for root dirs) */
1007 if (offset != offset_1st_component(cwd->buf))
1008 offset++;
1009 /* Add a '/' at the end */
1010 strbuf_addch(cwd, '/');
1011 return cwd->buf + offset;
1012 }
1013
1014 /* #16.1, #17.1, #20.1, #21.1, #22.1 (see t1510) */
1015 static const char *setup_bare_git_dir(struct strbuf *cwd, int offset,
1016 struct repository_format *repo_fmt,
1017 int *nongit_ok)
1018 {
1019 int root_len;
1020
1021 if (check_repository_format_gently(".", repo_fmt, nongit_ok))
1022 return NULL;
1023
1024 setenv(GIT_IMPLICIT_WORK_TREE_ENVIRONMENT, "0", 1);
1025
1026 /* --work-tree is set without --git-dir; use discovered one */
1027 if (getenv(GIT_WORK_TREE_ENVIRONMENT) || git_work_tree_cfg) {
1028 static const char *gitdir;
1029
1030 gitdir = offset == cwd->len ? "." : xmemdupz(cwd->buf, offset);
1031 if (chdir(cwd->buf))
1032 die_errno(_("cannot come back to cwd"));
1033 return setup_explicit_git_dir(gitdir, cwd, repo_fmt, nongit_ok);
1034 }
1035
1036 inside_git_dir = 1;
1037 inside_work_tree = 0;
1038 if (offset != cwd->len) {
1039 if (chdir(cwd->buf))
1040 die_errno(_("cannot come back to cwd"));
1041 root_len = offset_1st_component(cwd->buf);
1042 strbuf_setlen(cwd, offset > root_len ? offset : root_len);
1043 set_git_dir(cwd->buf, 0);
1044 }
1045 else
1046 set_git_dir(".", 0);
1047 return NULL;
1048 }
1049
1050 static dev_t get_device_or_die(const char *path, const char *prefix, int prefix_len)
1051 {
1052 struct stat buf;
1053 if (stat(path, &buf)) {
1054 die_errno(_("failed to stat '%*s%s%s'"),
1055 prefix_len,
1056 prefix ? prefix : "",
1057 prefix ? "/" : "", path);
1058 }
1059 return buf.st_dev;
1060 }
1061
1062 /*
1063 * A "string_list_each_func_t" function that canonicalizes an entry
1064 * from GIT_CEILING_DIRECTORIES using real_pathdup(), or
1065 * discards it if unusable. The presence of an empty entry in
1066 * GIT_CEILING_DIRECTORIES turns off canonicalization for all
1067 * subsequent entries.
1068 */
1069 static int canonicalize_ceiling_entry(struct string_list_item *item,
1070 void *cb_data)
1071 {
1072 int *empty_entry_found = cb_data;
1073 char *ceil = item->string;
1074
1075 if (!*ceil) {
1076 *empty_entry_found = 1;
1077 return 0;
1078 } else if (!is_absolute_path(ceil)) {
1079 return 0;
1080 } else if (*empty_entry_found) {
1081 /* Keep entry but do not canonicalize it */
1082 return 1;
1083 } else {
1084 char *real_path = real_pathdup(ceil, 0);
1085 if (!real_path) {
1086 return 0;
1087 }
1088 free(item->string);
1089 item->string = real_path;
1090 return 1;
1091 }
1092 }
1093
1094 struct safe_directory_data {
1095 const char *path;
1096 int is_safe;
1097 };
1098
1099 static int safe_directory_cb(const char *key, const char *value, void *d)
1100 {
1101 struct safe_directory_data *data = d;
1102
1103 if (strcmp(key, "safe.directory"))
1104 return 0;
1105
1106 if (!value || !*value) {
1107 data->is_safe = 0;
1108 } else if (!strcmp(value, "*")) {
1109 data->is_safe = 1;
1110 } else {
1111 const char *interpolated = NULL;
1112
1113 if (!git_config_pathname(&interpolated, key, value) &&
1114 !fspathcmp(data->path, interpolated ? interpolated : value))
1115 data->is_safe = 1;
1116
1117 free((char *)interpolated);
1118 }
1119
1120 return 0;
1121 }
1122
1123 /*
1124 * Check if a repository is safe, by verifying the ownership of the
1125 * worktree (if any), the git directory, and the gitfile (if any).
1126 *
1127 * Exemptions for known-safe repositories can be added via `safe.directory`
1128 * config settings; for non-bare repositories, their worktree needs to be
1129 * added, for bare ones their git directory.
1130 */
1131 static int ensure_valid_ownership(const char *gitfile,
1132 const char *worktree, const char *gitdir)
1133 {
1134 struct safe_directory_data data = {
1135 .path = worktree ? worktree : gitdir
1136 };
1137
1138 if (!git_env_bool("GIT_TEST_ASSUME_DIFFERENT_OWNER", 0) &&
1139 (!gitfile || is_path_owned_by_current_user(gitfile)) &&
1140 (!worktree || is_path_owned_by_current_user(worktree)) &&
1141 (!gitdir || is_path_owned_by_current_user(gitdir)))
1142 return 1;
1143
1144 /*
1145 * data.path is the "path" that identifies the repository and it is
1146 * constant regardless of what failed above. data.is_safe should be
1147 * initialized to false, and might be changed by the callback.
1148 */
1149 read_very_early_config(safe_directory_cb, &data);
1150
1151 return data.is_safe;
1152 }
1153
1154 enum discovery_result {
1155 GIT_DIR_NONE = 0,
1156 GIT_DIR_EXPLICIT,
1157 GIT_DIR_DISCOVERED,
1158 GIT_DIR_BARE,
1159 /* these are errors */
1160 GIT_DIR_HIT_CEILING = -1,
1161 GIT_DIR_HIT_MOUNT_POINT = -2,
1162 GIT_DIR_INVALID_GITFILE = -3,
1163 GIT_DIR_INVALID_OWNERSHIP = -4
1164 };
1165
1166 /*
1167 * We cannot decide in this function whether we are in the work tree or
1168 * not, since the config can only be read _after_ this function was called.
1169 *
1170 * Also, we avoid changing any global state (such as the current working
1171 * directory) to allow early callers.
1172 *
1173 * The directory where the search should start needs to be passed in via the
1174 * `dir` parameter; upon return, the `dir` buffer will contain the path of
1175 * the directory where the search ended, and `gitdir` will contain the path of
1176 * the discovered .git/ directory, if any. If `gitdir` is not absolute, it
1177 * is relative to `dir` (i.e. *not* necessarily the cwd).
1178 */
1179 static enum discovery_result setup_git_directory_gently_1(struct strbuf *dir,
1180 struct strbuf *gitdir,
1181 int die_on_error)
1182 {
1183 const char *env_ceiling_dirs = getenv(CEILING_DIRECTORIES_ENVIRONMENT);
1184 struct string_list ceiling_dirs = STRING_LIST_INIT_DUP;
1185 const char *gitdirenv;
1186 int ceil_offset = -1, min_offset = offset_1st_component(dir->buf);
1187 dev_t current_device = 0;
1188 int one_filesystem = 1;
1189
1190 /*
1191 * If GIT_DIR is set explicitly, we're not going
1192 * to do any discovery, but we still do repository
1193 * validation.
1194 */
1195 gitdirenv = getenv(GIT_DIR_ENVIRONMENT);
1196 if (gitdirenv) {
1197 strbuf_addstr(gitdir, gitdirenv);
1198 return GIT_DIR_EXPLICIT;
1199 }
1200
1201 if (env_ceiling_dirs) {
1202 int empty_entry_found = 0;
1203
1204 string_list_split(&ceiling_dirs, env_ceiling_dirs, PATH_SEP, -1);
1205 filter_string_list(&ceiling_dirs, 0,
1206 canonicalize_ceiling_entry, &empty_entry_found);
1207 ceil_offset = longest_ancestor_length(dir->buf, &ceiling_dirs);
1208 string_list_clear(&ceiling_dirs, 0);
1209 }
1210
1211 if (ceil_offset < 0)
1212 ceil_offset = min_offset - 2;
1213
1214 if (min_offset && min_offset == dir->len &&
1215 !is_dir_sep(dir->buf[min_offset - 1])) {
1216 strbuf_addch(dir, '/');
1217 min_offset++;
1218 }
1219
1220 /*
1221 * Test in the following order (relative to the dir):
1222 * - .git (file containing "gitdir: <path>")
1223 * - .git/
1224 * - ./ (bare)
1225 * - ../.git
1226 * - ../.git/
1227 * - ../ (bare)
1228 * - ../../.git
1229 * etc.
1230 */
1231 one_filesystem = !git_env_bool("GIT_DISCOVERY_ACROSS_FILESYSTEM", 0);
1232 if (one_filesystem)
1233 current_device = get_device_or_die(dir->buf, NULL, 0);
1234 for (;;) {
1235 int offset = dir->len, error_code = 0;
1236 char *gitdir_path = NULL;
1237 char *gitfile = NULL;
1238
1239 if (offset > min_offset)
1240 strbuf_addch(dir, '/');
1241 strbuf_addstr(dir, DEFAULT_GIT_DIR_ENVIRONMENT);
1242 gitdirenv = read_gitfile_gently(dir->buf, die_on_error ?
1243 NULL : &error_code);
1244 if (!gitdirenv) {
1245 if (die_on_error ||
1246 error_code == READ_GITFILE_ERR_NOT_A_FILE) {
1247 /* NEEDSWORK: fail if .git is not file nor dir */
1248 if (is_git_directory(dir->buf)) {
1249 gitdirenv = DEFAULT_GIT_DIR_ENVIRONMENT;
1250 gitdir_path = xstrdup(dir->buf);
1251 }
1252 } else if (error_code != READ_GITFILE_ERR_STAT_FAILED)
1253 return GIT_DIR_INVALID_GITFILE;
1254 } else
1255 gitfile = xstrdup(dir->buf);
1256 /*
1257 * Earlier, we tentatively added DEFAULT_GIT_DIR_ENVIRONMENT
1258 * to check that directory for a repository.
1259 * Now trim that tentative addition away, because we want to
1260 * focus on the real directory we are in.
1261 */
1262 strbuf_setlen(dir, offset);
1263 if (gitdirenv) {
1264 enum discovery_result ret;
1265
1266 if (ensure_valid_ownership(gitfile,
1267 dir->buf,
1268 (gitdir_path ? gitdir_path : gitdirenv))) {
1269 strbuf_addstr(gitdir, gitdirenv);
1270 ret = GIT_DIR_DISCOVERED;
1271 } else
1272 ret = GIT_DIR_INVALID_OWNERSHIP;
1273
1274 /*
1275 * Earlier, during discovery, we might have allocated
1276 * string copies for gitdir_path or gitfile so make
1277 * sure we don't leak by freeing them now, before
1278 * leaving the loop and function.
1279 *
1280 * Note: gitdirenv will be non-NULL whenever these are
1281 * allocated, therefore we need not take care of releasing
1282 * them outside of this conditional block.
1283 */
1284 free(gitdir_path);
1285 free(gitfile);
1286
1287 return ret;
1288 }
1289
1290 if (is_git_directory(dir->buf)) {
1291 if (!ensure_valid_ownership(NULL, NULL, dir->buf))
1292 return GIT_DIR_INVALID_OWNERSHIP;
1293 strbuf_addstr(gitdir, ".");
1294 return GIT_DIR_BARE;
1295 }
1296
1297 if (offset <= min_offset)
1298 return GIT_DIR_HIT_CEILING;
1299
1300 while (--offset > ceil_offset && !is_dir_sep(dir->buf[offset]))
1301 ; /* continue */
1302 if (offset <= ceil_offset)
1303 return GIT_DIR_HIT_CEILING;
1304
1305 strbuf_setlen(dir, offset > min_offset ? offset : min_offset);
1306 if (one_filesystem &&
1307 current_device != get_device_or_die(dir->buf, NULL, offset))
1308 return GIT_DIR_HIT_MOUNT_POINT;
1309 }
1310 }
1311
1312 int discover_git_directory(struct strbuf *commondir,
1313 struct strbuf *gitdir)
1314 {
1315 struct strbuf dir = STRBUF_INIT, err = STRBUF_INIT;
1316 size_t gitdir_offset = gitdir->len, cwd_len;
1317 size_t commondir_offset = commondir->len;
1318 struct repository_format candidate = REPOSITORY_FORMAT_INIT;
1319
1320 if (strbuf_getcwd(&dir))
1321 return -1;
1322
1323 cwd_len = dir.len;
1324 if (setup_git_directory_gently_1(&dir, gitdir, 0) <= 0) {
1325 strbuf_release(&dir);
1326 return -1;
1327 }
1328
1329 /*
1330 * The returned gitdir is relative to dir, and if dir does not reflect
1331 * the current working directory, we simply make the gitdir absolute.
1332 */
1333 if (dir.len < cwd_len && !is_absolute_path(gitdir->buf + gitdir_offset)) {
1334 /* Avoid a trailing "/." */
1335 if (!strcmp(".", gitdir->buf + gitdir_offset))
1336 strbuf_setlen(gitdir, gitdir_offset);
1337 else
1338 strbuf_addch(&dir, '/');
1339 strbuf_insert(gitdir, gitdir_offset, dir.buf, dir.len);
1340 }
1341
1342 get_common_dir(commondir, gitdir->buf + gitdir_offset);
1343
1344 strbuf_reset(&dir);
1345 strbuf_addf(&dir, "%s/config", commondir->buf + commondir_offset);
1346 read_repository_format(&candidate, dir.buf);
1347 strbuf_release(&dir);
1348
1349 if (verify_repository_format(&candidate, &err) < 0) {
1350 warning("ignoring git dir '%s': %s",
1351 gitdir->buf + gitdir_offset, err.buf);
1352 strbuf_release(&err);
1353 strbuf_setlen(commondir, commondir_offset);
1354 strbuf_setlen(gitdir, gitdir_offset);
1355 clear_repository_format(&candidate);
1356 return -1;
1357 }
1358
1359 /* take ownership of candidate.partial_clone */
1360 the_repository->repository_format_partial_clone =
1361 candidate.partial_clone;
1362 candidate.partial_clone = NULL;
1363
1364 clear_repository_format(&candidate);
1365 return 0;
1366 }
1367
1368 const char *setup_git_directory_gently(int *nongit_ok)
1369 {
1370 static struct strbuf cwd = STRBUF_INIT;
1371 struct strbuf dir = STRBUF_INIT, gitdir = STRBUF_INIT;
1372 const char *prefix = NULL;
1373 struct repository_format repo_fmt = REPOSITORY_FORMAT_INIT;
1374
1375 /*
1376 * We may have read an incomplete configuration before
1377 * setting-up the git directory. If so, clear the cache so
1378 * that the next queries to the configuration reload complete
1379 * configuration (including the per-repo config file that we
1380 * ignored previously).
1381 */
1382 git_config_clear();
1383
1384 /*
1385 * Let's assume that we are in a git repository.
1386 * If it turns out later that we are somewhere else, the value will be
1387 * updated accordingly.
1388 */
1389 if (nongit_ok)
1390 *nongit_ok = 0;
1391
1392 if (strbuf_getcwd(&cwd))
1393 die_errno(_("Unable to read current working directory"));
1394 strbuf_addbuf(&dir, &cwd);
1395
1396 switch (setup_git_directory_gently_1(&dir, &gitdir, 1)) {
1397 case GIT_DIR_EXPLICIT:
1398 prefix = setup_explicit_git_dir(gitdir.buf, &cwd, &repo_fmt, nongit_ok);
1399 break;
1400 case GIT_DIR_DISCOVERED:
1401 if (dir.len < cwd.len && chdir(dir.buf))
1402 die(_("cannot change to '%s'"), dir.buf);
1403 prefix = setup_discovered_git_dir(gitdir.buf, &cwd, dir.len,
1404 &repo_fmt, nongit_ok);
1405 break;
1406 case GIT_DIR_BARE:
1407 if (dir.len < cwd.len && chdir(dir.buf))
1408 die(_("cannot change to '%s'"), dir.buf);
1409 prefix = setup_bare_git_dir(&cwd, dir.len, &repo_fmt, nongit_ok);
1410 break;
1411 case GIT_DIR_HIT_CEILING:
1412 if (!nongit_ok)
1413 die(_("not a git repository (or any of the parent directories): %s"),
1414 DEFAULT_GIT_DIR_ENVIRONMENT);
1415 *nongit_ok = 1;
1416 break;
1417 case GIT_DIR_HIT_MOUNT_POINT:
1418 if (!nongit_ok)
1419 die(_("not a git repository (or any parent up to mount point %s)\n"
1420 "Stopping at filesystem boundary (GIT_DISCOVERY_ACROSS_FILESYSTEM not set)."),
1421 dir.buf);
1422 *nongit_ok = 1;
1423 break;
1424 case GIT_DIR_INVALID_OWNERSHIP:
1425 if (!nongit_ok) {
1426 struct strbuf quoted = STRBUF_INIT;
1427
1428 sq_quote_buf_pretty(&quoted, dir.buf);
1429 die(_("detected dubious ownership in repository at '%s'\n"
1430 "To add an exception for this directory, call:\n"
1431 "\n"
1432 "\tgit config --global --add safe.directory %s"),
1433 dir.buf, quoted.buf);
1434 }
1435 *nongit_ok = 1;
1436 break;
1437 case GIT_DIR_NONE:
1438 /*
1439 * As a safeguard against setup_git_directory_gently_1 returning
1440 * this value, fallthrough to BUG. Otherwise it is possible to
1441 * set startup_info->have_repository to 1 when we did nothing to
1442 * find a repository.
1443 */
1444 default:
1445 BUG("unhandled setup_git_directory_1() result");
1446 }
1447
1448 /*
1449 * At this point, nongit_ok is stable. If it is non-NULL and points
1450 * to a non-zero value, then this means that we haven't found a
1451 * repository and that the caller expects startup_info to reflect
1452 * this.
1453 *
1454 * Regardless of the state of nongit_ok, startup_info->prefix and
1455 * the GIT_PREFIX environment variable must always match. For details
1456 * see Documentation/config/alias.txt.
1457 */
1458 if (nongit_ok && *nongit_ok)
1459 startup_info->have_repository = 0;
1460 else
1461 startup_info->have_repository = 1;
1462
1463 /*
1464 * Not all paths through the setup code will call 'set_git_dir()' (which
1465 * directly sets up the environment) so in order to guarantee that the
1466 * environment is in a consistent state after setup, explicitly setup
1467 * the environment if we have a repository.
1468 *
1469 * NEEDSWORK: currently we allow bogus GIT_DIR values to be set in some
1470 * code paths so we also need to explicitly setup the environment if
1471 * the user has set GIT_DIR. It may be beneficial to disallow bogus
1472 * GIT_DIR values at some point in the future.
1473 */
1474 if (/* GIT_DIR_EXPLICIT, GIT_DIR_DISCOVERED, GIT_DIR_BARE */
1475 startup_info->have_repository ||
1476 /* GIT_DIR_EXPLICIT */
1477 getenv(GIT_DIR_ENVIRONMENT)) {
1478 if (!the_repository->gitdir) {
1479 const char *gitdir = getenv(GIT_DIR_ENVIRONMENT);
1480 if (!gitdir)
1481 gitdir = DEFAULT_GIT_DIR_ENVIRONMENT;
1482 setup_git_env(gitdir);
1483 }
1484 if (startup_info->have_repository) {
1485 repo_set_hash_algo(the_repository, repo_fmt.hash_algo);
1486 /* take ownership of repo_fmt.partial_clone */
1487 the_repository->repository_format_partial_clone =
1488 repo_fmt.partial_clone;
1489 repo_fmt.partial_clone = NULL;
1490 }
1491 }
1492 /*
1493 * Since precompose_string_if_needed() needs to look at
1494 * the core.precomposeunicode configuration, this
1495 * has to happen after the above block that finds
1496 * out where the repository is, i.e. a preparation
1497 * for calling git_config_get_bool().
1498 */
1499 if (prefix) {
1500 prefix = precompose_string_if_needed(prefix);
1501 startup_info->prefix = prefix;
1502 setenv(GIT_PREFIX_ENVIRONMENT, prefix, 1);
1503 } else {
1504 startup_info->prefix = NULL;
1505 setenv(GIT_PREFIX_ENVIRONMENT, "", 1);
1506 }
1507
1508 setup_original_cwd();
1509
1510 strbuf_release(&dir);
1511 strbuf_release(&gitdir);
1512 clear_repository_format(&repo_fmt);
1513
1514 return prefix;
1515 }
1516
1517 int git_config_perm(const char *var, const char *value)
1518 {
1519 int i;
1520 char *endptr;
1521
1522 if (value == NULL)
1523 return PERM_GROUP;
1524
1525 if (!strcmp(value, "umask"))
1526 return PERM_UMASK;
1527 if (!strcmp(value, "group"))
1528 return PERM_GROUP;
1529 if (!strcmp(value, "all") ||
1530 !strcmp(value, "world") ||
1531 !strcmp(value, "everybody"))
1532 return PERM_EVERYBODY;
1533
1534 /* Parse octal numbers */
1535 i = strtol(value, &endptr, 8);
1536
1537 /* If not an octal number, maybe true/false? */
1538 if (*endptr != 0)
1539 return git_config_bool(var, value) ? PERM_GROUP : PERM_UMASK;
1540
1541 /*
1542 * Treat values 0, 1 and 2 as compatibility cases, otherwise it is
1543 * a chmod value to restrict to.
1544 */
1545 switch (i) {
1546 case PERM_UMASK: /* 0 */
1547 return PERM_UMASK;
1548 case OLD_PERM_GROUP: /* 1 */
1549 return PERM_GROUP;
1550 case OLD_PERM_EVERYBODY: /* 2 */
1551 return PERM_EVERYBODY;
1552 }
1553
1554 /* A filemode value was given: 0xxx */
1555
1556 if ((i & 0600) != 0600)
1557 die(_("problem with core.sharedRepository filemode value "
1558 "(0%.3o).\nThe owner of files must always have "
1559 "read and write permissions."), i);
1560
1561 /*
1562 * Mask filemode value. Others can not get write permission.
1563 * x flags for directories are handled separately.
1564 */
1565 return -(i & 0666);
1566 }
1567
1568 void check_repository_format(struct repository_format *fmt)
1569 {
1570 struct repository_format repo_fmt = REPOSITORY_FORMAT_INIT;
1571 if (!fmt)
1572 fmt = &repo_fmt;
1573 check_repository_format_gently(get_git_dir(), fmt, NULL);
1574 startup_info->have_repository = 1;
1575 repo_set_hash_algo(the_repository, fmt->hash_algo);
1576 the_repository->repository_format_partial_clone =
1577 xstrdup_or_null(fmt->partial_clone);
1578 clear_repository_format(&repo_fmt);
1579 }
1580
1581 /*
1582 * Returns the "prefix", a path to the current working directory
1583 * relative to the work tree root, or NULL, if the current working
1584 * directory is not a strict subdirectory of the work tree root. The
1585 * prefix always ends with a '/' character.
1586 */
1587 const char *setup_git_directory(void)
1588 {
1589 return setup_git_directory_gently(NULL);
1590 }
1591
1592 const char *resolve_gitdir_gently(const char *suspect, int *return_error_code)
1593 {
1594 if (is_git_directory(suspect))
1595 return suspect;
1596 return read_gitfile_gently(suspect, return_error_code);
1597 }
1598
1599 /* if any standard file descriptor is missing open it to /dev/null */
1600 void sanitize_stdfds(void)
1601 {
1602 int fd = xopen("/dev/null", O_RDWR);
1603 while (fd < 2)
1604 fd = xdup(fd);
1605 if (fd > 2)
1606 close(fd);
1607 }
1608
1609 int daemonize(void)
1610 {
1611 #ifdef NO_POSIX_GOODIES
1612 errno = ENOSYS;
1613 return -1;
1614 #else
1615 switch (fork()) {
1616 case 0:
1617 break;
1618 case -1:
1619 die_errno(_("fork failed"));
1620 default:
1621 exit(0);
1622 }
1623 if (setsid() == -1)
1624 die_errno(_("setsid failed"));
1625 close(0);
1626 close(1);
1627 close(2);
1628 sanitize_stdfds();
1629 return 0;
1630 #endif
1631 }
Unnamed repository; edit this file 'description' to name the repository.