]> git.ipfire.org Git - thirdparty/git.git/blame - builtin/receive-pack.c
projects / thirdparty / git.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
config: pass kvi to die_bad_number()
[thirdparty/git.git] / builtin / receive-pack.c
CommitLineData
1e4cd68c 1#include "builtin.h"
0b027f6c 2#include "abspath.h"
a49d2834 3#include "repository.h"
b2141fc1 4#include "config.h"
32a8f510 5#include "environment.h"
f394e093 6#include "gettext.h"
41771fa4 7#include "hex.h"
697cc8ef 8#include "lockfile.h"
fc04c412 9#include "pack.h"
8a65ff76 10#include "refs.h"
f3a3214e 11#include "pkt-line.h"
38a81b4e 12#include "sideband.h"
b1bf95bb 13#include "run-command.h"
5e3aba33 14#include "hook.h"
d807c4a0 15#include "exec-cmd.h"
11031d7e
JS		 16#include "commit.h"
17#include "object.h"
d79796bc 18#include "remote.h"
47a59185 19#include "connect.h"
da3efdb1 20#include "string-list.h"
fe299ec5 21#include "oid-array.h"
52fed6e1 22#include "connected.h"
dbbcd44f 23#include "strvec.h"
ff5effdf 24#include "version.h"
d05b9618
JH		 25#include "tag.h"
26#include "gpg-interface.h"
ec7dbd14 27#include "sigchain.h"
5d477a33 28#include "fsck.h"
722ff7f8 29#include "tmp-objdir.h"
ab6eea6f 30#include "oidset.h"
3836d88a 31#include "packfile.h"
dabab1d6 32#include "object-name.h"
cbd53a21 33#include "object-store.h"
aa9bab29 34#include "protocol.h"
64043556 35#include "commit-reach.h"
623b80be 36#include "server-info.h"
74ea5c95
EN		 37#include "trace.h"
38#include "trace2.h"
4ef34648 39#include "worktree.h"
120ad2b0 40#include "shallow.h"
49fd5511 41#include "parse-options.h"
d5ebb50d 42#include "wrapper.h"
575f4974 43
1b68387e
SS		 44static const char * const receive_pack_usage[] = {
45 N_("git receive-pack <git-dir>"),
46 NULL
47};
575f4974 48
986e8239 49enum deny_action {
3d95d92b 50 DENY_UNCONFIGURED,
986e8239
JK		 51 DENY_IGNORE,
52 DENY_WARN,
1404bcbb
JS		 53 DENY_REFUSE,
54 DENY_UPDATE_INSTEAD
986e8239
JK		 55};
56
1b53a076
JH		 57static int deny_deletes;
58static int deny_non_fast_forwards;
3d95d92b 59static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
747ca245 60static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
dab76d3a
JH		 61static int receive_fsck_objects = -1;
62static int transfer_fsck_objects = -1;
5d477a33 63static struct strbuf fsck_msg_types = STRBUF_INIT;
e28714c5
JH		 64static int receive_unpack_limit = -1;
65static int transfer_unpack_limit = -1;
1b70fe5d 66static int advertise_atomic_push = 1;
c714e45f 67static int advertise_push_options;
8073d75b 68static int advertise_sid;
46732fae 69static int unpack_limit = 100;
c08db5a2 70static off_t max_input_size;
96f1e58f 71static int report_status;
63518a57 72static int report_status_v2;
38a81b4e 73static int use_sideband;
68deed29 74static int use_atomic;
c714e45f 75static int use_push_options;
c207e34f 76static int quiet;
b74fce16 77static int prefer_ofs_delta = 1;
77e3efbf
JH		 78static int auto_update_server_info;
79static int auto_gc = 1;
1b68387e 80static int reject_thin;
5732373d
JH		 81static int stateless_rpc;
82static const char *service_dir;
747ca245 83static const char *head_name;
96ec7b1e 84static void *head_name_to_free;
185c04e0 85static int sent_capabilities;
0a1bc12b 86static int shallow_update;
5dbd7676 87static const char *alt_shallow_file;
a85b377d 88static struct strbuf push_cert = STRBUF_INIT;
a09c985e 89static struct object_id push_cert_oid;
d05b9618 90static struct signature_check sigcheck;
b89363e4
JH		 91static const char *push_cert_nonce;
92static const char *cert_nonce_seed;
9b67eb6f 93static struct string_list hidden_refs = STRING_LIST_INIT_DUP;
b89363e4
JH		 94
95static const char *NONCE_UNSOLICITED = "UNSOLICITED";
96static const char *NONCE_BAD = "BAD";
97static const char *NONCE_MISSING = "MISSING";
98static const char *NONCE_OK = "OK";
5732373d 99static const char *NONCE_SLOP = "SLOP";
b89363e4 100static const char *nonce_status;
5732373d 101static long nonce_stamp_slop;
dddbad72 102static timestamp_t nonce_stamp_slop_limit;
222368c6 103static struct ref_transaction *transaction;
cfee10a7 104
83558686
JK		 105static enum {
106 KEEPALIVE_NEVER = 0,
107 KEEPALIVE_AFTER_NUL,
108 KEEPALIVE_ALWAYS
109} use_keepalive;
110static int keepalive_in_sec = 5;
111
722ff7f8
JK		 112static struct tmp_objdir *tmp_objdir;
113
31e8595a
JX		 114static struct proc_receive_ref {
115 unsigned int want_add:1,
116 want_delete:1,
117 want_modify:1,
118 negative_ref:1;
119 char *ref_prefix;
120 struct proc_receive_ref *next;
121} *proc_receive_ref;
122
123static void proc_receive_ref_append(const char *prefix);
124
986e8239
JK		 125static enum deny_action parse_deny_action(const char *var, const char *value)
126{
127 if (value) {
128 if (!strcasecmp(value, "ignore"))
129 return DENY_IGNORE;
130 if (!strcasecmp(value, "warn"))
131 return DENY_WARN;
132 if (!strcasecmp(value, "refuse"))
133 return DENY_REFUSE;
1404bcbb
JS		 134 if (!strcasecmp(value, "updateinstead"))
135 return DENY_UPDATE_INSTEAD;
986e8239
JK		 136 }
137 if (git_config_bool(var, value))
138 return DENY_REFUSE;
139 return DENY_IGNORE;
140}
141
a4e7e317
GC		 142static int receive_pack_config(const char *var, const char *value,
143 const struct config_context *ctx, void *cb)
6fb75bed 144{
9b67eb6f 145 int status = parse_hide_refs_config(var, value, "receive", &hidden_refs);
daebaa78
JH		 146
147 if (status)
148 return status;
149
a240de11
JK		 150 if (strcmp(var, "receive.denydeletes") == 0) {
151 deny_deletes = git_config_bool(var, value);
152 return 0;
153 }
154
e28714c5 155 if (strcmp(var, "receive.denynonfastforwards") == 0) {
6fb75bed
SP		 156 deny_non_fast_forwards = git_config_bool(var, value);
157 return 0;
158 }
159
e28714c5 160 if (strcmp(var, "receive.unpacklimit") == 0) {
8868b1eb 161 receive_unpack_limit = git_config_int(var, value, ctx->kvi);
fc04c412
SP		 162 return 0;
163 }
164
e28714c5 165 if (strcmp(var, "transfer.unpacklimit") == 0) {
8868b1eb 166 transfer_unpack_limit = git_config_int(var, value, ctx->kvi);
e28714c5
JH		 167 return 0;
168 }
169
cd94c6f9
JS		 170 if (strcmp(var, "receive.fsck.skiplist") == 0) {
171 const char *path;
172
173 if (git_config_pathname(&path, var, value))
174 return 1;
175 strbuf_addf(&fsck_msg_types, "%cskiplist=%s",
176 fsck_msg_types.len ? ',' : '=', path);
177 free((char *)path);
178 return 0;
179 }
180
5d477a33
JS		 181 if (skip_prefix(var, "receive.fsck.", &var)) {
182 if (is_valid_msg_type(var, value))
183 strbuf_addf(&fsck_msg_types, "%c%s=%s",
184 fsck_msg_types.len ? ',' : '=', var, value);
185 else
c25edee9 186 warning("skipping unknown msg id '%s'", var);
5d477a33
JS		 187 return 0;
188 }
189
20dc0016
MK		 190 if (strcmp(var, "receive.fsckobjects") == 0) {
191 receive_fsck_objects = git_config_bool(var, value);
192 return 0;
193 }
194
dab76d3a
JH		 195 if (strcmp(var, "transfer.fsckobjects") == 0) {
196 transfer_fsck_objects = git_config_bool(var, value);
197 return 0;
198 }
199
986e8239
JK		 200 if (!strcmp(var, "receive.denycurrentbranch")) {
201 deny_current_branch = parse_deny_action(var, value);
202 return 0;
203 }
204
747ca245
JH		 205 if (strcmp(var, "receive.denydeletecurrent") == 0) {
206 deny_delete_current = parse_deny_action(var, value);
207 return 0;
208 }
209
b74fce16
NP		 210 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
211 prefer_ofs_delta = git_config_bool(var, value);
212 return 0;
213 }
214
77e3efbf
JH		 215 if (strcmp(var, "receive.updateserverinfo") == 0) {
216 auto_update_server_info = git_config_bool(var, value);
217 return 0;
218 }
219
220 if (strcmp(var, "receive.autogc") == 0) {
221 auto_gc = git_config_bool(var, value);
222 return 0;
223 }
224
0a1bc12b
NTND		 225 if (strcmp(var, "receive.shallowupdate") == 0) {
226 shallow_update = git_config_bool(var, value);
227 return 0;
228 }
229
b89363e4
JH		 230 if (strcmp(var, "receive.certnonceseed") == 0)
231 return git_config_string(&cert_nonce_seed, var, value);
a85b377d 232
5732373d 233 if (strcmp(var, "receive.certnonceslop") == 0) {
8868b1eb 234 nonce_stamp_slop_limit = git_config_ulong(var, value, ctx->kvi);
5732373d
JH		 235 return 0;
236 }
237
1b70fe5d
RS		 238 if (strcmp(var, "receive.advertiseatomic") == 0) {
239 advertise_atomic_push = git_config_bool(var, value);
240 return 0;
241 }
242
c714e45f
SB		 243 if (strcmp(var, "receive.advertisepushoptions") == 0) {
244 advertise_push_options = git_config_bool(var, value);
245 return 0;
246 }
247
83558686 248 if (strcmp(var, "receive.keepalive") == 0) {
8868b1eb 249 keepalive_in_sec = git_config_int(var, value, ctx->kvi);
83558686
JK		 250 return 0;
251 }
252
c08db5a2 253 if (strcmp(var, "receive.maxinputsize") == 0) {
8868b1eb 254 max_input_size = git_config_int64(var, value, ctx->kvi);
c08db5a2
JK		 255 return 0;
256 }
257
31e8595a
JX		 258 if (strcmp(var, "receive.procreceiverefs") == 0) {
259 if (!value)
260 return config_error_nonbool(var);
261 proc_receive_ref_append(value);
262 return 0;
263 }
264
8073d75b
JS		 265 if (strcmp(var, "transfer.advertisesid") == 0) {
266 advertise_sid = git_config_bool(var, value);
267 return 0;
268 }
269
a4e7e317 270 return git_default_config(var, value, ctx, cb);
6fb75bed
SP		 271}
272
1b7ba794 273static void show_ref(const char *path, const struct object_id *oid)
575f4974 274{
52d2ae58 275 if (sent_capabilities) {
1b7ba794 276 packet_write_fmt(1, "%s %s\n", oid_to_hex(oid), path);
52d2ae58
JH		 277 } else {
278 struct strbuf cap = STRBUF_INIT;
279
280 strbuf_addstr(&cap,
63518a57 281 "report-status report-status-v2 delete-refs side-band-64k quiet");
1b70fe5d
RS		 282 if (advertise_atomic_push)
283 strbuf_addstr(&cap, " atomic");
52d2ae58
JH		 284 if (prefer_ofs_delta)
285 strbuf_addstr(&cap, " ofs-delta");
b89363e4
JH		 286 if (push_cert_nonce)
287 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
c714e45f
SB		 288 if (advertise_push_options)
289 strbuf_addstr(&cap, " push-options");
8073d75b
JS		 290 if (advertise_sid)
291 strbuf_addf(&cap, " session-id=%s", trace2_session_id());
bf30dbf8 292 strbuf_addf(&cap, " object-format=%s", the_hash_algo->name);
52d2ae58 293 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
81c634e9 294 packet_write_fmt(1, "%s %s%c%s\n",
1b7ba794 295 oid_to_hex(oid), path, 0, cap.buf);
52d2ae58
JH		 296 strbuf_release(&cap);
297 sent_capabilities = 1;
298 }
575f4974
LT		 299}
300
78a766ab 301static int show_ref_cb(const char *path_full, const struct object_id *oid,
5cf88fd8 302 int flag UNUSED, void *data)
6b01ecfe 303{
8b24b9e7 304 struct oidset *seen = data;
78a766ab
LF		 305 const char *path = strip_namespace(path_full);
306
9b67eb6f 307 if (ref_is_hidden(path, path_full, &hidden_refs))
78a766ab
LF		 308 return 0;
309
6b01ecfe
JT		 310 /*
311 * Advertise refs outside our current namespace as ".have"
312 * refs, so that the client can use them to minimize data
fea6c47f 313 * transfer but will otherwise ignore them.
6b01ecfe 314 */
8b24b9e7
JK		 315 if (!path) {
316 if (oidset_insert(seen, oid))
317 return 0;
6b01ecfe 318 path = ".have";
63d428e6
JK		 319 } else {
320 oidset_insert(seen, oid);
8b24b9e7 321 }
1b7ba794 322 show_ref(path, oid);
bc98201d 323 return 0;
6b01ecfe
JT		 324}
325
bdf4276c 326static void show_one_alternate_ref(const struct object_id *oid,
ab6eea6f 327 void *data)
b7a025d9 328{
ab6eea6f 329 struct oidset *seen = data;
b7a025d9 330
ab6eea6f
JK		 331 if (oidset_insert(seen, oid))
332 return;
333
1b7ba794 334 show_ref(".have", oid);
6b01ecfe
JT		 335}
336
8a65ff76 337static void write_head_info(void)
575f4974 338{
ab6eea6f 339 static struct oidset seen = OIDSET_INIT;
2b2a5be3 340
63d428e6 341 for_each_ref(show_ref_cb, &seen);
ab6eea6f
JK		 342 for_each_alternate_ref(show_one_alternate_ref, &seen);
343 oidset_clear(&seen);
185c04e0 344 if (!sent_capabilities)
14228447 345 show_ref("capabilities^{}", null_oid());
cfee10a7 346
ad491366
NTND		 347 advertise_shallow_grafts(1);
348
b7a025d9
MH		 349 /* EOF */
350 packet_flush(1);
575f4974
LT		 351}
352
15d3af5e
JX		 353#define RUN_PROC_RECEIVE_SCHEDULED 1
354#define RUN_PROC_RECEIVE_RETURNED 2
eb1af2df
LT		 355struct command {
356 struct command *next;
cfee10a7 357 const char *error_string;
15d3af5e 358 struct ref_push_report *report;
160b81ed 359 unsigned int skip_update:1,
15d3af5e
JX		 360 did_not_exist:1,
361 run_proc_receive:2;
5dbd7676 362 int index;
9c44ea44 363 struct object_id old_oid;
364 struct object_id new_oid;
8f1d2e6f 365 char ref_name[FLEX_ARRAY]; /* more */
575f4974
LT		 366};
367
31e8595a
JX		 368static void proc_receive_ref_append(const char *prefix)
369{
370 struct proc_receive_ref *ref_pattern;
371 char *p;
372 int len;
373
ca56dadb 374 CALLOC_ARRAY(ref_pattern, 1);
31e8595a
JX		 375 p = strchr(prefix, ':');
376 if (p) {
377 while (prefix < p) {
378 if (*prefix == 'a')
379 ref_pattern->want_add = 1;
380 else if (*prefix == 'd')
381 ref_pattern->want_delete = 1;
382 else if (*prefix == 'm')
383 ref_pattern->want_modify = 1;
384 else if (*prefix == '!')
385 ref_pattern->negative_ref = 1;
386 prefix++;
387 }
388 prefix++;
389 } else {
390 ref_pattern->want_add = 1;
391 ref_pattern->want_delete = 1;
392 ref_pattern->want_modify = 1;
393 }
394 len = strlen(prefix);
395 while (len && prefix[len - 1] == '/')
396 len--;
397 ref_pattern->ref_prefix = xmemdupz(prefix, len);
398 if (!proc_receive_ref) {
399 proc_receive_ref = ref_pattern;
400 } else {
401 struct proc_receive_ref *end;
402
403 end = proc_receive_ref;
404 while (end->next)
405 end = end->next;
406 end->next = ref_pattern;
407 }
408}
409
410static int proc_receive_ref_matches(struct command *cmd)
411{
412 struct proc_receive_ref *p;
413
414 if (!proc_receive_ref)
415 return 0;
416
417 for (p = proc_receive_ref; p; p = p->next) {
418 const char *match = p->ref_prefix;
419 const char *remains;
420
421 if (!p->want_add && is_null_oid(&cmd->old_oid))
422 continue;
423 else if (!p->want_delete && is_null_oid(&cmd->new_oid))
424 continue;
425 else if (!p->want_modify &&
426 !is_null_oid(&cmd->old_oid) &&
427 !is_null_oid(&cmd->new_oid))
428 continue;
429
430 if (skip_prefix(cmd->ref_name, match, &remains) &&
431 (!*remains || *remains == '/')) {
432 if (!p->negative_ref)
433 return 1;
434 } else if (p->negative_ref) {
435 return 1;
436 }
437 }
438 return 0;
439}
440
466dbc42
SP		 441static void report_message(const char *prefix, const char *err, va_list params)
442{
b7115a35 443 int sz;
466dbc42
SP		 444 char msg[4096];
445
b7115a35 446 sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
466dbc42
SP		 447 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
448 if (sz > (sizeof(msg) - 1))
449 sz = sizeof(msg) - 1;
450 msg[sz++] = '\n';
451
452 if (use_sideband)
453 send_sideband(1, 2, msg, sz, use_sideband);
454 else
455 xwrite(2, msg, sz);
456}
457
103e02c7 458__attribute__((format (printf, 1, 2)))
466dbc42
SP		 459static void rp_warning(const char *err, ...)
460{
461 va_list params;
462 va_start(params, err);
463 report_message("warning: ", err, params);
464 va_end(params);
465}
466
103e02c7 467__attribute__((format (printf, 1, 2)))
466dbc42
SP		 468static void rp_error(const char *err, ...)
469{
470 va_list params;
471 va_start(params, err);
472 report_message("error: ", err, params);
473 va_end(params);
474}
475
5cf88fd8 476static int copy_to_sideband(int in, int out UNUSED, void *arg UNUSED)
6d525d38
SP		 477{
478 char data[128];
83558686
JK		 479 int keepalive_active = 0;
480
481 if (keepalive_in_sec <= 0)
482 use_keepalive = KEEPALIVE_NEVER;
483 if (use_keepalive == KEEPALIVE_ALWAYS)
484 keepalive_active = 1;
485
6d525d38 486 while (1) {
83558686
JK		 487 ssize_t sz;
488
489 if (keepalive_active) {
490 struct pollfd pfd;
491 int ret;
492
493 pfd.fd = in;
494 pfd.events = POLLIN;
495 ret = poll(&pfd, 1, 1000 * keepalive_in_sec);
496
497 if (ret < 0) {
498 if (errno == EINTR)
499 continue;
500 else
501 break;
502 } else if (ret == 0) {
503 /* no data; send a keepalive packet */
504 static const char buf[] = "0005\1";
505 write_or_die(1, buf, sizeof(buf) - 1);
506 continue;
507 } /* else there is actual data to read */
508 }
509
510 sz = xread(in, data, sizeof(data));
6d525d38
SP		 511 if (sz <= 0)
512 break;
83558686
JK		 513
514 if (use_keepalive == KEEPALIVE_AFTER_NUL && !keepalive_active) {
515 const char *p = memchr(data, '\0', sz);
516 if (p) {
517 /*
518 * The NUL tells us to start sending keepalives. Make
519 * sure we send any other data we read along
520 * with it.
521 */
522 keepalive_active = 1;
523 send_sideband(1, 2, data, p - data, use_sideband);
524 send_sideband(1, 2, p + 1, sz - (p - data + 1), use_sideband);
525 continue;
526 }
527 }
528
529 /*
530 * Either we're not looking for a NUL signal, or we didn't see
531 * it yet; just pass along the data.
532 */
6d525d38
SP		 533 send_sideband(1, 2, data, sz, use_sideband);
534 }
535 close(in);
536 return 0;
537}
538
3013118e 539static void hmac_hash(unsigned char *out,
b89363e4
JH		 540 const char *key_in, size_t key_len,
541 const char *text, size_t text_len)
542{
fabec2c5 543 unsigned char key[GIT_MAX_BLKSZ];
544 unsigned char k_ipad[GIT_MAX_BLKSZ];
545 unsigned char k_opad[GIT_MAX_BLKSZ];
b89363e4 546 int i;
fabec2c5 547 git_hash_ctx ctx;
b89363e4
JH		 548
549 /* RFC 2104 2. (1) */
fabec2c5 550 memset(key, '\0', GIT_MAX_BLKSZ);
551 if (the_hash_algo->blksz < key_len) {
552 the_hash_algo->init_fn(&ctx);
553 the_hash_algo->update_fn(&ctx, key_in, key_len);
554 the_hash_algo->final_fn(key, &ctx);
b89363e4
JH		 555 } else {
556 memcpy(key, key_in, key_len);
557 }
558
559 /* RFC 2104 2. (2) & (5) */
560 for (i = 0; i < sizeof(key); i++) {
561 k_ipad[i] = key[i] ^ 0x36;
562 k_opad[i] = key[i] ^ 0x5c;
563 }
564
565 /* RFC 2104 2. (3) & (4) */
fabec2c5 566 the_hash_algo->init_fn(&ctx);
567 the_hash_algo->update_fn(&ctx, k_ipad, sizeof(k_ipad));
568 the_hash_algo->update_fn(&ctx, text, text_len);
569 the_hash_algo->final_fn(out, &ctx);
b89363e4
JH		 570
571 /* RFC 2104 2. (6) & (7) */
fabec2c5 572 the_hash_algo->init_fn(&ctx);
573 the_hash_algo->update_fn(&ctx, k_opad, sizeof(k_opad));
574 the_hash_algo->update_fn(&ctx, out, the_hash_algo->rawsz);
575 the_hash_algo->final_fn(out, &ctx);
b89363e4
JH		 576}
577
dddbad72 578static char *prepare_push_cert_nonce(const char *path, timestamp_t stamp)
b89363e4
JH		 579{
580 struct strbuf buf = STRBUF_INIT;
fabec2c5 581 unsigned char hash[GIT_MAX_RAWSZ];
b89363e4 582
cb71f8bd 583 strbuf_addf(&buf, "%s:%"PRItime, path, stamp);
3013118e 584 hmac_hash(hash, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));
b89363e4
JH		 585 strbuf_release(&buf);
586
3013118e 587 /* RFC 2104 5. HMAC-SHA1 or HMAC-SHA256 */
fc06be3b 588 strbuf_addf(&buf, "%"PRItime"-%.*s", stamp, (int)the_hash_algo->hexsz, hash_to_hex(hash));
b89363e4
JH		 589 return strbuf_detach(&buf, NULL);
590}
591
cbaf82cc
JT		 592static char *find_header(const char *msg, size_t len, const char *key,
593 const char **next_line)
b89363e4 594{
cfc5cf42
JC		 595 size_t out_len;
596 const char *val = find_header_mem(msg, len, key, &out_len);
597
598 if (!val)
599 return NULL;
600
601 if (next_line)
602 *next_line = val + out_len + 1;
603
604 return xmemdupz(val, out_len);
b89363e4
JH		 605}
606
edc6dccf 607/*
608 * Return zero if a and b are equal up to n bytes and nonzero if they are not.
609 * This operation is guaranteed to run in constant time to avoid leaking data.
610 */
611static int constant_memequal(const char *a, const char *b, size_t n)
612{
613 int res = 0;
719483e5
JH		 614 size_t i;
615
616 for (i = 0; i < n; i++)
edc6dccf 617 res |= a[i] ^ b[i];
618 return res;
619}
620
b89363e4
JH		 621static const char *check_nonce(const char *buf, size_t len)
622{
cbaf82cc 623 char *nonce = find_header(buf, len, "nonce", NULL);
dddbad72 624 timestamp_t stamp, ostamp;
5732373d 625 char *bohmac, *expect = NULL;
b89363e4 626 const char *retval = NONCE_BAD;
edc6dccf 627 size_t noncelen;
b89363e4
JH		 628
629 if (!nonce) {
630 retval = NONCE_MISSING;
631 goto leave;
632 } else if (!push_cert_nonce) {
633 retval = NONCE_UNSOLICITED;
634 goto leave;
635 } else if (!strcmp(push_cert_nonce, nonce)) {
636 retval = NONCE_OK;
637 goto leave;
638 }
639
5732373d
JH		 640 if (!stateless_rpc) {
641 /* returned nonce MUST match what we gave out earlier */
642 retval = NONCE_BAD;
643 goto leave;
644 }
645
646 /*
647 * In stateless mode, we may be receiving a nonce issued by
648 * another instance of the server that serving the same
649 * repository, and the timestamps may not match, but the
650 * nonce-seed and dir should match, so we can recompute and
651 * report the time slop.
652 *
653 * In addition, when a nonce issued by another instance has
654 * timestamp within receive.certnonceslop seconds, we pretend
655 * as if we issued that nonce when reporting to the hook.
656 */
657
658 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
659 if (*nonce <= '0' || '9' < *nonce) {
660 retval = NONCE_BAD;
661 goto leave;
662 }
1aeb7e75 663 stamp = parse_timestamp(nonce, &bohmac, 10);
5732373d
JH		 664 if (bohmac == nonce || bohmac[0] != '-') {
665 retval = NONCE_BAD;
666 goto leave;
667 }
668
edc6dccf 669 noncelen = strlen(nonce);
5732373d 670 expect = prepare_push_cert_nonce(service_dir, stamp);
edc6dccf 671 if (noncelen != strlen(expect)) {
672 /* This is not even the right size. */
673 retval = NONCE_BAD;
674 goto leave;
675 }
676 if (constant_memequal(expect, nonce, noncelen)) {
5732373d
JH		 677 /* Not what we would have signed earlier */
678 retval = NONCE_BAD;
679 goto leave;
680 }
681
682 /*
683 * By how many seconds is this nonce stale? Negative value
684 * would mean it was issued by another server with its clock
685 * skewed in the future.
686 */
1aeb7e75 687 ostamp = parse_timestamp(push_cert_nonce, NULL, 10);
5732373d
JH		 688 nonce_stamp_slop = (long)ostamp - (long)stamp;
689
690 if (nonce_stamp_slop_limit &&
31a8aa1e 691 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
5732373d
JH		 692 /*
693 * Pretend as if the received nonce (which passes the
694 * HMAC check, so it is not a forged by third-party)
695 * is what we issued.
696 */
697 free((void *)push_cert_nonce);
698 push_cert_nonce = xstrdup(nonce);
699 retval = NONCE_OK;
700 } else {
701 retval = NONCE_SLOP;
702 }
b89363e4
JH		 703
704leave:
705 free(nonce);
5732373d 706 free(expect);
b89363e4
JH		 707 return retval;
708}
709
cbaf82cc
JT		 710/*
711 * Return 1 if there is no push_cert or if the push options in push_cert are
712 * the same as those in the argument; 0 otherwise.
713 */
714static int check_cert_push_options(const struct string_list *push_options)
715{
716 const char *buf = push_cert.buf;
717 int len = push_cert.len;
718
719 char *option;
720 const char *next_line;
721 int options_seen = 0;
722
723 int retval = 1;
724
725 if (!len)
726 return 1;
727
728 while ((option = find_header(buf, len, "push-option", &next_line))) {
729 len -= (next_line - buf);
730 buf = next_line;
731 options_seen++;
732 if (options_seen > push_options->nr
733 || strcmp(option,
734 push_options->items[options_seen - 1].string)) {
735 retval = 0;
736 goto leave;
737 }
738 free(option);
739 }
740
741 if (options_seen != push_options->nr)
742 retval = 0;
743
744leave:
745 free(option);
746 return retval;
747}
748
a85b377d
JH		 749static void prepare_push_cert_sha1(struct child_process *proc)
750{
751 static int already_done;
a85b377d
JH		 752
753 if (!push_cert.len)
754 return;
755
756 if (!already_done) {
d05b9618
JH		 757 int bogs /* beginning_of_gpg_sig */;
758
a85b377d 759 already_done = 1;
c80d226a 760 if (write_object_file(push_cert.buf, push_cert.len, OBJ_BLOB,
a09c985e
PO		 761 &push_cert_oid))
762 oidclr(&push_cert_oid);
d05b9618
JH		 763
764 memset(&sigcheck, '\0', sizeof(sigcheck));
d05b9618 765
482c1191 766 bogs = parse_signed_buffer(push_cert.buf, push_cert.len);
02769437
FS		 767 sigcheck.payload = xmemdupz(push_cert.buf, bogs);
768 sigcheck.payload_len = bogs;
769 check_signature(&sigcheck, push_cert.buf + bogs,
770 push_cert.len - bogs);
d05b9618 771
b89363e4 772 nonce_status = check_nonce(push_cert.buf, bogs);
a85b377d 773 }
a09c985e 774 if (!is_null_oid(&push_cert_oid)) {
29fda24d 775 strvec_pushf(&proc->env, "GIT_PUSH_CERT=%s",
f6d8942b 776 oid_to_hex(&push_cert_oid));
29fda24d 777 strvec_pushf(&proc->env, "GIT_PUSH_CERT_SIGNER=%s",
f6d8942b 778 sigcheck.signer ? sigcheck.signer : "");
29fda24d 779 strvec_pushf(&proc->env, "GIT_PUSH_CERT_KEY=%s",
f6d8942b 780 sigcheck.key ? sigcheck.key : "");
29fda24d 781 strvec_pushf(&proc->env, "GIT_PUSH_CERT_STATUS=%c",
f6d8942b 782 sigcheck.result);
b89363e4 783 if (push_cert_nonce) {
29fda24d 784 strvec_pushf(&proc->env,
f6d8942b
JK		 785 "GIT_PUSH_CERT_NONCE=%s",
786 push_cert_nonce);
29fda24d 787 strvec_pushf(&proc->env,
f6d8942b
JK		 788 "GIT_PUSH_CERT_NONCE_STATUS=%s",
789 nonce_status);
5732373d 790 if (nonce_status == NONCE_SLOP)
29fda24d 791 strvec_pushf(&proc->env,
f6d8942b
JK		 792 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
793 nonce_stamp_slop);
b89363e4 794 }
a85b377d
JH		 795 }
796}
797
77a9745d
SB		 798struct receive_hook_feed_state {
799 struct command *cmd;
195d6eae 800 struct ref_push_report *report;
77a9745d
SB		 801 int skip_broken;
802 struct strbuf buf;
803 const struct string_list *push_options;
804};
805
9684e44a 806typedef int (*feed_fn)(void *, const char **, size_t *);
77a9745d
SB		 807static int run_and_feed_hook(const char *hook_name, feed_fn feed,
808 struct receive_hook_feed_state *feed_state)
b1bf95bb 809{
d3180279 810 struct child_process proc = CHILD_PROCESS_INIT;
6d525d38 811 struct async muxer;
9684e44a 812 int code;
7f14609e 813 const char *hook_path = find_hook(hook_name);
b1bf95bb 814
7f14609e 815 if (!hook_path)
b1bf95bb 816 return 0;
c8dd2771 817
7f14609e 818 strvec_push(&proc.args, hook_path);
f43cd49f
SP		 819 proc.in = -1;
820 proc.stdout_to_stderr = 1;
6206286e
JH		 821 proc.trace2_hook_name = hook_name;
822
77a9745d 823 if (feed_state->push_options) {
99d60545 824 size_t i;
77a9745d 825 for (i = 0; i < feed_state->push_options->nr; i++)
29fda24d 826 strvec_pushf(&proc.env,
99d60545
ÆAB		 827 "GIT_PUSH_OPTION_%"PRIuMAX"=%s",
828 (uintmax_t)i,
f6d8942b 829 feed_state->push_options->items[i].string);
29fda24d 830 strvec_pushf(&proc.env, "GIT_PUSH_OPTION_COUNT=%"PRIuMAX"",
99d60545 831 (uintmax_t)feed_state->push_options->nr);
77a9745d 832 } else
29fda24d 833 strvec_pushf(&proc.env, "GIT_PUSH_OPTION_COUNT");
f43cd49f 834
722ff7f8 835 if (tmp_objdir)
29fda24d 836 strvec_pushv(&proc.env, tmp_objdir_env(tmp_objdir));
722ff7f8 837
6d525d38
SP		 838 if (use_sideband) {
839 memset(&muxer, 0, sizeof(muxer));
840 muxer.proc = copy_to_sideband;
841 muxer.in = -1;
842 code = start_async(&muxer);
843 if (code)
844 return code;
845 proc.err = muxer.in;
846 }
847
5d222c09
RS		 848 prepare_push_cert_sha1(&proc);
849
f43cd49f 850 code = start_command(&proc);
6d525d38
SP		 851 if (code) {
852 if (use_sideband)
853 finish_async(&muxer);
90e41a89 854 return code;
6d525d38
SP		 855 }
856
ec7dbd14
JH		 857 sigchain_push(SIGPIPE, SIG_IGN);
858
9684e44a
JH		 859 while (1) {
860 const char *buf;
861 size_t n;
862 if (feed(feed_state, &buf, &n))
863 break;
06f46f23 864 if (write_in_full(proc.in, buf, n) < 0)
9684e44a 865 break;
c8dd2771 866 }
e72ae288 867 close(proc.in);
6d525d38
SP		 868 if (use_sideband)
869 finish_async(&muxer);
ec7dbd14
JH		 870
871 sigchain_pop(SIGPIPE);
872
90e41a89 873 return finish_command(&proc);
b1bf95bb
JW		 874}
875
9684e44a
JH		 876static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
877{
878 struct receive_hook_feed_state *state = state_;
879 struct command *cmd = state->cmd;
880
cdc2b2f3
JH		 881 while (cmd &&
882 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
9684e44a
JH		 883 cmd = cmd->next;
884 if (!cmd)
885 return -1; /* EOF */
195d6eae
JX		 886 if (!bufp)
887 return 0; /* OK, can feed something. */
9684e44a 888 strbuf_reset(&state->buf);
195d6eae
JX		 889 if (!state->report)
890 state->report = cmd->report;
891 if (state->report) {
892 struct object_id *old_oid;
893 struct object_id *new_oid;
894 const char *ref_name;
895
896 old_oid = state->report->old_oid ? state->report->old_oid : &cmd->old_oid;
897 new_oid = state->report->new_oid ? state->report->new_oid : &cmd->new_oid;
898 ref_name = state->report->ref_name ? state->report->ref_name : cmd->ref_name;
899 strbuf_addf(&state->buf, "%s %s %s\n",
900 oid_to_hex(old_oid), oid_to_hex(new_oid),
901 ref_name);
902 state->report = state->report->next;
903 if (!state->report)
904 state->cmd = cmd->next;
905 } else {
906 strbuf_addf(&state->buf, "%s %s %s\n",
907 oid_to_hex(&cmd->old_oid), oid_to_hex(&cmd->new_oid),
908 cmd->ref_name);
909 state->cmd = cmd->next;
910 }
9684e44a
JH		 911 if (bufp) {
912 *bufp = state->buf.buf;
913 *sizep = state->buf.len;
914 }
915 return 0;
916}
917
77a9745d
SB		 918static int run_receive_hook(struct command *commands,
919 const char *hook_name,
920 int skip_broken,
921 const struct string_list *push_options)
9684e44a
JH		 922{
923 struct receive_hook_feed_state state;
924 int status;
925
926 strbuf_init(&state.buf, 0);
927 state.cmd = commands;
cdc2b2f3 928 state.skip_broken = skip_broken;
195d6eae 929 state.report = NULL;
9684e44a
JH		 930 if (feed_receive_hook(&state, NULL, NULL))
931 return 0;
932 state.cmd = commands;
77a9745d 933 state.push_options = push_options;
9684e44a
JH		 934 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
935 strbuf_release(&state.buf);
936 return status;
937}
938
1d9e8b56
SP		 939static int run_update_hook(struct command *cmd)
940{
d3180279 941 struct child_process proc = CHILD_PROCESS_INIT;
6d525d38 942 int code;
7f14609e 943 const char *hook_path = find_hook("update");
1d9e8b56 944
7f14609e 945 if (!hook_path)
1d9e8b56
SP		 946 return 0;
947
7f14609e
ÆAB		 948 strvec_push(&proc.args, hook_path);
949 strvec_push(&proc.args, cmd->ref_name);
950 strvec_push(&proc.args, oid_to_hex(&cmd->old_oid));
951 strvec_push(&proc.args, oid_to_hex(&cmd->new_oid));
1d9e8b56 952
6d525d38
SP		 953 proc.no_stdin = 1;
954 proc.stdout_to_stderr = 1;
955 proc.err = use_sideband ? -1 : 0;
6206286e 956 proc.trace2_hook_name = "update";
6d525d38
SP		 957
958 code = start_command(&proc);
959 if (code)
960 return code;
961 if (use_sideband)
962 copy_to_sideband(proc.err, -1, NULL);
963 return finish_command(&proc);
1d9e8b56
SP		 964}
965
15d3af5e
JX		 966static struct command *find_command_by_refname(struct command *list,
967 const char *refname)
968{
969 for (; list; list = list->next)
970 if (!strcmp(list->ref_name, refname))
971 return list;
972 return NULL;
973}
974
975static int read_proc_receive_report(struct packet_reader *reader,
976 struct command *commands,
977 struct strbuf *errmsg)
978{
979 struct command *cmd;
980 struct command *hint = NULL;
981 struct ref_push_report *report = NULL;
982 int new_report = 0;
983 int code = 0;
984 int once = 0;
f65003b4 985 int response = 0;
15d3af5e
JX		 986
987 for (;;) {
988 struct object_id old_oid, new_oid;
989 const char *head;
990 const char *refname;
991 char *p;
f65003b4
JX		 992 enum packet_read_status status;
993
994 status = packet_reader_read(reader);
995 if (status != PACKET_READ_NORMAL) {
996 /* Check whether proc-receive exited abnormally */
997 if (status == PACKET_READ_EOF && !response) {
998 strbuf_addstr(errmsg, "proc-receive exited abnormally");
999 return -1;
1000 }
15d3af5e 1001 break;
f65003b4
JX		 1002 }
1003 response++;
15d3af5e
JX		 1004
1005 head = reader->line;
1006 p = strchr(head, ' ');
1007 if (!p) {
1008 strbuf_addf(errmsg, "proc-receive reported incomplete status line: '%s'\n", head);
1009 code = -1;
1010 continue;
1011 }
1012 *p++ = '\0';
1013 if (!strcmp(head, "option")) {
1014 const char *key, *val;
1015
1016 if (!hint || !(report || new_report)) {
1017 if (!once++)
1018 strbuf_addstr(errmsg, "proc-receive reported 'option' without a matching 'ok/ng' directive\n");
1019 code = -1;
1020 continue;
1021 }
1022 if (new_report) {
1023 if (!hint->report) {
ca56dadb 1024 CALLOC_ARRAY(hint->report, 1);
15d3af5e
JX		 1025 report = hint->report;
1026 } else {
1027 report = hint->report;
1028 while (report->next)
1029 report = report->next;
1030 report->next = xcalloc(1, sizeof(struct ref_push_report));
1031 report = report->next;
1032 }
1033 new_report = 0;
1034 }
1035 key = p;
1036 p = strchr(key, ' ');
1037 if (p)
1038 *p++ = '\0';
1039 val = p;
1040 if (!strcmp(key, "refname"))
1041 report->ref_name = xstrdup_or_null(val);
1042 else if (!strcmp(key, "old-oid") && val &&
1043 !parse_oid_hex(val, &old_oid, &val))
1044 report->old_oid = oiddup(&old_oid);
1045 else if (!strcmp(key, "new-oid") && val &&
1046 !parse_oid_hex(val, &new_oid, &val))
1047 report->new_oid = oiddup(&new_oid);
1048 else if (!strcmp(key, "forced-update"))
1049 report->forced_update = 1;
1050 else if (!strcmp(key, "fall-through"))
1051 /* Fall through, let 'receive-pack' to execute it. */
1052 hint->run_proc_receive = 0;
1053 continue;
1054 }
1055
1056 report = NULL;
1057 new_report = 0;
1058 refname = p;
1059 p = strchr(refname, ' ');
1060 if (p)
1061 *p++ = '\0';
1062 if (strcmp(head, "ok") && strcmp(head, "ng")) {
1063 strbuf_addf(errmsg, "proc-receive reported bad status '%s' on ref '%s'\n",
1064 head, refname);
1065 code = -1;
1066 continue;
1067 }
1068
1069 /* first try searching at our hint, falling back to all refs */
1070 if (hint)
1071 hint = find_command_by_refname(hint, refname);
1072 if (!hint)
1073 hint = find_command_by_refname(commands, refname);
1074 if (!hint) {
1075 strbuf_addf(errmsg, "proc-receive reported status on unknown ref: %s\n",
1076 refname);
1077 code = -1;
1078 continue;
1079 }
1080 if (!hint->run_proc_receive) {
1081 strbuf_addf(errmsg, "proc-receive reported status on unexpected ref: %s\n",
1082 refname);
1083 code = -1;
1084 continue;
1085 }
1086 hint->run_proc_receive |= RUN_PROC_RECEIVE_RETURNED;
1087 if (!strcmp(head, "ng")) {
1088 if (p)
1089 hint->error_string = xstrdup(p);
1090 else
1091 hint->error_string = "failed";
1092 code = -1;
1093 continue;
1094 }
1095 new_report = 1;
1096 }
1097
1098 for (cmd = commands; cmd; cmd = cmd->next)
1099 if (cmd->run_proc_receive && !cmd->error_string &&
1100 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED)) {
1101 cmd->error_string = "proc-receive failed to report status";
1102 code = -1;
1103 }
1104 return code;
1105}
1106
1107static int run_proc_receive_hook(struct command *commands,
1108 const struct string_list *push_options)
1109{
1110 struct child_process proc = CHILD_PROCESS_INIT;
1111 struct async muxer;
1112 struct command *cmd;
15d3af5e
JX		 1113 struct packet_reader reader;
1114 struct strbuf cap = STRBUF_INIT;
1115 struct strbuf errmsg = STRBUF_INIT;
1116 int hook_use_push_options = 0;
1117 int version = 0;
1118 int code;
7f14609e 1119 const char *hook_path = find_hook("proc-receive");
15d3af5e 1120
7f14609e 1121 if (!hook_path) {
15d3af5e
JX		 1122 rp_error("cannot find hook 'proc-receive'");
1123 return -1;
1124 }
15d3af5e 1125
7f14609e 1126 strvec_push(&proc.args, hook_path);
15d3af5e
JX		 1127 proc.in = -1;
1128 proc.out = -1;
1129 proc.trace2_hook_name = "proc-receive";
1130
1131 if (use_sideband) {
1132 memset(&muxer, 0, sizeof(muxer));
1133 muxer.proc = copy_to_sideband;
1134 muxer.in = -1;
1135 code = start_async(&muxer);
1136 if (code)
1137 return code;
1138 proc.err = muxer.in;
1139 } else {
1140 proc.err = 0;
1141 }
1142
1143 code = start_command(&proc);
1144 if (code) {
1145 if (use_sideband)
1146 finish_async(&muxer);
1147 return code;
1148 }
1149
1150 sigchain_push(SIGPIPE, SIG_IGN);
1151
1152 /* Version negotiaton */
1153 packet_reader_init(&reader, proc.out, NULL, 0,
1154 PACKET_READ_CHOMP_NEWLINE |
1155 PACKET_READ_GENTLE_ON_EOF);
1156 if (use_atomic)
1157 strbuf_addstr(&cap, " atomic");
1158 if (use_push_options)
1159 strbuf_addstr(&cap, " push-options");
1160 if (cap.len) {
f65003b4 1161 code = packet_write_fmt_gently(proc.in, "version=1%c%s\n", '\0', cap.buf + 1);
15d3af5e
JX		 1162 strbuf_release(&cap);
1163 } else {
f65003b4 1164 code = packet_write_fmt_gently(proc.in, "version=1\n");
15d3af5e 1165 }
f65003b4
JX		 1166 if (!code)
1167 code = packet_flush_gently(proc.in);
1168
1169 if (!code)
1170 for (;;) {
1171 int linelen;
1172 enum packet_read_status status;
1173
1174 status = packet_reader_read(&reader);
1175 if (status != PACKET_READ_NORMAL) {
1176 /* Check whether proc-receive exited abnormally */
1177 if (status == PACKET_READ_EOF)
1178 code = -1;
1179 break;
1180 }
15d3af5e 1181
f65003b4
JX		 1182 if (reader.pktlen > 8 && starts_with(reader.line, "version=")) {
1183 version = atoi(reader.line + 8);
1184 linelen = strlen(reader.line);
1185 if (linelen < reader.pktlen) {
1186 const char *feature_list = reader.line + linelen + 1;
1187 if (parse_feature_request(feature_list, "push-options"))
1188 hook_use_push_options = 1;
1189 }
15d3af5e
JX		 1190 }
1191 }
f65003b4
JX		 1192
1193 if (code) {
1194 strbuf_addstr(&errmsg, "fail to negotiate version with proc-receive hook");
1195 goto cleanup;
15d3af5e
JX		 1196 }
1197
80ffeb94
JX		 1198 switch (version) {
1199 case 0:
1200 /* fallthrough */
1201 case 1:
1202 break;
1203 default:
15d3af5e
JX		 1204 strbuf_addf(&errmsg, "proc-receive version '%d' is not supported",
1205 version);
1206 code = -1;
1207 goto cleanup;
1208 }
1209
1210 /* Send commands */
1211 for (cmd = commands; cmd; cmd = cmd->next) {
1212 if (!cmd->run_proc_receive || cmd->skip_update || cmd->error_string)
1213 continue;
f65003b4
JX		 1214 code = packet_write_fmt_gently(proc.in, "%s %s %s",
1215 oid_to_hex(&cmd->old_oid),
1216 oid_to_hex(&cmd->new_oid),
1217 cmd->ref_name);
1218 if (code)
1219 break;
1220 }
1221 if (!code)
1222 code = packet_flush_gently(proc.in);
1223 if (code) {
1224 strbuf_addstr(&errmsg, "fail to write commands to proc-receive hook");
1225 goto cleanup;
15d3af5e 1226 }
15d3af5e
JX		 1227
1228 /* Send push options */
1229 if (hook_use_push_options) {
1230 struct string_list_item *item;
1231
f65003b4
JX		 1232 for_each_string_list_item(item, push_options) {
1233 code = packet_write_fmt_gently(proc.in, "%s", item->string);
1234 if (code)
1235 break;
1236 }
1237 if (!code)
1238 code = packet_flush_gently(proc.in);
1239 if (code) {
1240 strbuf_addstr(&errmsg,
1241 "fail to write push-options to proc-receive hook");
1242 goto cleanup;
1243 }
15d3af5e
JX		 1244 }
1245
1246 /* Read result from proc-receive */
1247 code = read_proc_receive_report(&reader, commands, &errmsg);
1248
1249cleanup:
1250 close(proc.in);
1251 close(proc.out);
1252 if (use_sideband)
1253 finish_async(&muxer);
1254 if (finish_command(&proc))
1255 code = -1;
1256 if (errmsg.len >0) {
1257 char *p = errmsg.buf;
1258
1259 p += errmsg.len - 1;
1260 if (*p == '\n')
1261 *p = '\0';
1262 rp_error("%s", errmsg.buf);
1263 strbuf_release(&errmsg);
1264 }
1265 sigchain_pop(SIGPIPE);
1266
1267 return code;
1268}
1269
8ba35a2d
VA		 1270static char *refuse_unconfigured_deny_msg =
1271 N_("By default, updating the current branch in a non-bare repository\n"
1272 "is denied, because it will make the index and work tree inconsistent\n"
1273 "with what you pushed, and will require 'git reset --hard' to match\n"
1274 "the work tree to HEAD.\n"
1275 "\n"
2ddaa427
AH		 1276 "You can set the 'receive.denyCurrentBranch' configuration variable\n"
1277 "to 'ignore' or 'warn' in the remote repository to allow pushing into\n"
8ba35a2d
VA		 1278 "its current branch; however, this is not recommended unless you\n"
1279 "arranged to update its work tree to match what you pushed in some\n"
1280 "other way.\n"
1281 "\n"
1282 "To squelch this message and still keep the default behaviour, set\n"
1283 "'receive.denyCurrentBranch' configuration variable to 'refuse'.");
3d95d92b 1284
acd2a45b 1285static void refuse_unconfigured_deny(void)
3d95d92b 1286{
8ba35a2d 1287 rp_error("%s", _(refuse_unconfigured_deny_msg));
3d95d92b
JH		 1288}
1289
8ba35a2d
VA		 1290static char *refuse_unconfigured_deny_delete_current_msg =
1291 N_("By default, deleting the current branch is denied, because the next\n"
1292 "'git clone' won't result in any file checked out, causing confusion.\n"
1293 "\n"
1294 "You can set 'receive.denyDeleteCurrent' configuration variable to\n"
1295 "'warn' or 'ignore' in the remote repository to allow deleting the\n"
1296 "current branch, with or without a warning message.\n"
1297 "\n"
1298 "To squelch this message, you can set it to 'refuse'.");
747ca245 1299
375881fa 1300static void refuse_unconfigured_deny_delete_current(void)
747ca245 1301{
8ba35a2d 1302 rp_error("%s", _(refuse_unconfigured_deny_delete_current_msg));
747ca245
JH		 1303}
1304
9fec7b21 1305static const struct object_id *command_singleton_iterator(void *cb_data);
0a1bc12b
NTND		 1306static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
1307{
cac4b8e2 1308 struct shallow_lock shallow_lock = SHALLOW_LOCK_INIT;
910650d2 1309 struct oid_array extra = OID_ARRAY_INIT;
7043c707 1310 struct check_connected_options opt = CHECK_CONNECTED_INIT;
0a1bc12b
NTND		 1311 uint32_t mask = 1 << (cmd->index % 32);
1312 int i;
1313
6aa30857 1314 trace_printf_key(&trace_shallow,
0a1bc12b
NTND		 1315 "shallow: update_shallow_ref %s\n", cmd->ref_name);
1316 for (i = 0; i < si->shallow->nr; i++)
1317 if (si->used_shallow[i] &&
1318 (si->used_shallow[i][cmd->index / 32] & mask) &&
1319 !delayed_reachability_test(si, i))
910650d2 1320 oid_array_append(&extra, &si->shallow->oid[i]);
0a1bc12b 1321
722ff7f8 1322 opt.env = tmp_objdir_env(tmp_objdir);
7043c707
JK		 1323 setup_alternate_shallow(&shallow_lock, &opt.shallow_file, &extra);
1324 if (check_connected(command_singleton_iterator, cmd, &opt)) {
37b9dcab 1325 rollback_shallow_file(the_repository, &shallow_lock);
910650d2 1326 oid_array_clear(&extra);
0a1bc12b
NTND		 1327 return -1;
1328 }
1329
37b9dcab 1330 commit_shallow_file(the_repository, &shallow_lock);
0a1bc12b
NTND		 1331
1332 /*
1333 * Make sure setup_alternate_shallow() for the next ref does
1334 * not lose these new roots..
1335 */
1336 for (i = 0; i < extra.nr; i++)
19143f13 1337 register_shallow(the_repository, &extra.oid[i]);
0a1bc12b
NTND		 1338
1339 si->shallow_ref[cmd->index] = 0;
910650d2 1340 oid_array_clear(&extra);
0a1bc12b
NTND		 1341 return 0;
1342}
1343
1a51b524
JH		 1344/*
1345 * NEEDSWORK: we should consolidate various implementions of "are we
1346 * on an unborn branch?" test into one, and make the unified one more
1347 * robust. !get_sha1() based check used here and elsewhere would not
1348 * allow us to tell an unborn branch from corrupt ref, for example.
1349 * For the purpose of fixing "deploy-to-update does not work when
1350 * pushing into an empty repository" issue, this should suffice for
1351 * now.
1352 */
1353static int head_has_history(void)
1354{
15be4a5d 1355 struct object_id oid;
1a51b524 1356
d850b7a5 1357 return !repo_get_oid(the_repository, "HEAD", &oid);
1a51b524
JH		 1358}
1359
21b138d0 1360static const char *push_to_deploy(unsigned char *sha1,
22f9b7f3 1361 struct strvec *env,
21b138d0 1362 const char *work_tree)
1404bcbb 1363{
1404bcbb
JS		 1364 struct child_process child = CHILD_PROCESS_INIT;
1365
2b709893
ÆAB		 1366 strvec_pushl(&child.args, "update-index", "-q", "--ignore-submodules",
1367 "--refresh", NULL);
29fda24d 1368 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1369 child.dir = work_tree;
1370 child.no_stdin = 1;
1371 child.stdout_to_stderr = 1;
1372 child.git_cmd = 1;
21b138d0 1373 if (run_command(&child))
1404bcbb 1374 return "Up-to-date check failed";
1404bcbb
JS		 1375
1376 /* run_command() does not clean up completely; reinitialize */
1377 child_process_init(&child);
2b709893
ÆAB		 1378 strvec_pushl(&child.args, "diff-files", "--quiet",
1379 "--ignore-submodules", "--", NULL);
29fda24d 1380 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1381 child.dir = work_tree;
1382 child.no_stdin = 1;
1383 child.stdout_to_stderr = 1;
1384 child.git_cmd = 1;
21b138d0 1385 if (run_command(&child))
1404bcbb 1386 return "Working directory has unstaged changes";
1404bcbb
JS		 1387
1388 child_process_init(&child);
2b709893
ÆAB		 1389 strvec_pushl(&child.args, "diff-index", "--quiet", "--cached",
1390 "--ignore-submodules",
1391 /* diff-index with either HEAD or an empty tree */
1392 head_has_history() ? "HEAD" : empty_tree_oid_hex(),
1393 "--", NULL);
29fda24d 1394 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1395 child.no_stdin = 1;
1396 child.no_stdout = 1;
1397 child.stdout_to_stderr = 0;
1398 child.git_cmd = 1;
21b138d0 1399 if (run_command(&child))
1404bcbb 1400 return "Working directory has staged changes";
1404bcbb 1401
1404bcbb 1402 child_process_init(&child);
2b709893
ÆAB		 1403 strvec_pushl(&child.args, "read-tree", "-u", "-m", hash_to_hex(sha1),
1404 NULL);
29fda24d 1405 strvec_pushv(&child.env, env->v);
1404bcbb
JS		 1406 child.dir = work_tree;
1407 child.no_stdin = 1;
1408 child.no_stdout = 1;
1409 child.stdout_to_stderr = 0;
1410 child.git_cmd = 1;
21b138d0 1411 if (run_command(&child))
1404bcbb 1412 return "Could not update working tree to new HEAD";
1404bcbb 1413
1404bcbb
JS		 1414 return NULL;
1415}
1416
08553319
JH		 1417static const char *push_to_checkout_hook = "push-to-checkout";
1418
fc06be3b 1419static const char *push_to_checkout(unsigned char *hash,
a8cc5943 1420 int *invoked_hook,
22f9b7f3 1421 struct strvec *env,
08553319
JH		 1422 const char *work_tree)
1423{
306f445e 1424 struct run_hooks_opt opt = RUN_HOOKS_OPT_INIT;
a8cc5943 1425 opt.invoked_hook = invoked_hook;
306f445e 1426
22f9b7f3 1427 strvec_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
306f445e
ES		 1428 strvec_pushv(&opt.env, env->v);
1429 strvec_push(&opt.args, hash_to_hex(hash));
1430 if (run_hooks_opt(push_to_checkout_hook, &opt))
08553319
JH		 1431 return "push-to-checkout hook declined";
1432 else
1433 return NULL;
1434}
1435
4ef34648 1436static const char *update_worktree(unsigned char *sha1, const struct worktree *worktree)
21b138d0 1437{
38baae6c 1438 const char *retval, *git_dir;
22f9b7f3 1439 struct strvec env = STRVEC_INIT;
a8cc5943 1440 int invoked_hook;
21b138d0 1441
38baae6c
AK		 1442 if (!worktree || !worktree->path)
1443 BUG("worktree->path must be non-NULL");
4ef34648 1444
9fdf4f1d 1445 if (worktree->is_bare)
21b138d0 1446 return "denyCurrentBranch = updateInstead needs a worktree";
38baae6c 1447 git_dir = get_worktree_git_dir(worktree);
21b138d0 1448
22f9b7f3 1449 strvec_pushf(&env, "GIT_DIR=%s", absolute_path(git_dir));
21b138d0 1450
a8cc5943
ÆAB		 1451 retval = push_to_checkout(sha1, &invoked_hook, &env, worktree->path);
1452 if (!invoked_hook)
38baae6c 1453 retval = push_to_deploy(sha1, &env, worktree->path);
21b138d0 1454
22f9b7f3 1455 strvec_clear(&env);
21b138d0
JH		 1456 return retval;
1457}
1458
0a1bc12b 1459static const char *update(struct command *cmd, struct shallow_info *si)
2eca23da 1460{
cfee10a7 1461 const char *name = cmd->ref_name;
6b01ecfe 1462 struct strbuf namespaced_name_buf = STRBUF_INIT;
bda6e828
JS		 1463 static char *namespaced_name;
1464 const char *ret;
9c44ea44 1465 struct object_id *old_oid = &cmd->old_oid;
1466 struct object_id *new_oid = &cmd->new_oid;
b072a25f 1467 int do_update_worktree = 0;
c8dd491f
AK		 1468 struct worktree **worktrees = get_worktrees();
1469 const struct worktree *worktree =
9fdf4f1d 1470 find_shared_symref(worktrees, "HEAD", name);
2eca23da 1471
061d6b9a 1472 /* only refs/... are allowed */
7c3c5502
ZH		 1473 if (!starts_with(name, "refs/") ||
1474 check_refname_format(name + 5, is_null_oid(new_oid) ?
1475 REFNAME_ALLOW_ONELEVEL : 0)) {
d81ba50a 1476 rp_error("refusing to update funny ref '%s' remotely", name);
c8dd491f
AK		 1477 ret = "funny refname";
1478 goto out;
cfee10a7 1479 }
d8a1deec 1480
6b01ecfe 1481 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
bda6e828 1482 free(namespaced_name);
6b01ecfe
JT		 1483 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
1484
9fdf4f1d 1485 if (worktree && !worktree->is_bare) {
3d95d92b
JH		 1486 switch (deny_current_branch) {
1487 case DENY_IGNORE:
986e8239 1488 break;
3d95d92b 1489 case DENY_WARN:
466dbc42 1490 rp_warning("updating the current branch");
986e8239 1491 break;
3d95d92b 1492 case DENY_REFUSE:
acd2a45b 1493 case DENY_UNCONFIGURED:
466dbc42 1494 rp_error("refusing to update checked out branch: %s", name);
acd2a45b
JH		 1495 if (deny_current_branch == DENY_UNCONFIGURED)
1496 refuse_unconfigured_deny();
c8dd491f
AK		 1497 ret = "branch is currently checked out";
1498 goto out;
1404bcbb 1499 case DENY_UPDATE_INSTEAD:
b072a25f
JH		 1500 /* pass -- let other checks intervene first */
1501 do_update_worktree = 1;
1404bcbb 1502 break;
3d95d92b 1503 }
986e8239
JK		 1504 }
1505
bc726bd0 1506 if (!is_null_oid(new_oid) && !repo_has_object_file(the_repository, new_oid)) {
8aaf7d64 1507 error("unpack should have generated %s, "
9c44ea44 1508 "but I can't find it!", oid_to_hex(new_oid));
c8dd491f
AK		 1509 ret = "bad pack";
1510 goto out;
cfee10a7 1511 }
747ca245 1512
9c44ea44 1513 if (!is_null_oid(old_oid) && is_null_oid(new_oid)) {
59556548 1514 if (deny_deletes && starts_with(name, "refs/heads/")) {
466dbc42 1515 rp_error("denying ref deletion for %s", name);
c8dd491f
AK		 1516 ret = "deletion prohibited";
1517 goto out;
747ca245
JH		 1518 }
1519
4ef34648 1520 if (worktree || (head_name && !strcmp(namespaced_name, head_name))) {
747ca245
JH		 1521 switch (deny_delete_current) {
1522 case DENY_IGNORE:
1523 break;
1524 case DENY_WARN:
466dbc42 1525 rp_warning("deleting the current branch");
747ca245
JH		 1526 break;
1527 case DENY_REFUSE:
375881fa 1528 case DENY_UNCONFIGURED:
1404bcbb 1529 case DENY_UPDATE_INSTEAD:
375881fa
JH		 1530 if (deny_delete_current == DENY_UNCONFIGURED)
1531 refuse_unconfigured_deny_delete_current();
466dbc42 1532 rp_error("refusing to delete the current branch: %s", name);
c8dd491f
AK		 1533 ret = "deletion of the current branch prohibited";
1534 goto out;
1404bcbb 1535 default:
c8dd491f
AK		 1536 ret = "Invalid denyDeleteCurrent setting";
1537 goto out;
747ca245
JH		 1538 }
1539 }
a240de11 1540 }
747ca245 1541
9c44ea44 1542 if (deny_non_fast_forwards && !is_null_oid(new_oid) &&
1543 !is_null_oid(old_oid) &&
59556548 1544 starts_with(name, "refs/heads/")) {
eab82707 1545 struct object *old_object, *new_object;
11031d7e 1546 struct commit *old_commit, *new_commit;
11031d7e 1547
109cd76d
SB		 1548 old_object = parse_object(the_repository, old_oid);
1549 new_object = parse_object(the_repository, new_oid);
eab82707
MK		 1550
1551 if (!old_object || !new_object ||
1552 old_object->type != OBJ_COMMIT ||
1553 new_object->type != OBJ_COMMIT) {
1554 error("bad sha1 objects for %s", name);
c8dd491f
AK		 1555 ret = "bad ref";
1556 goto out;
eab82707
MK		 1557 }
1558 old_commit = (struct commit *)old_object;
1559 new_commit = (struct commit *)new_object;
cb338c23 1560 if (!repo_in_merge_bases(the_repository, old_commit, new_commit)) {
466dbc42
SP		 1561 rp_error("denying non-fast-forward %s"
1562 " (you should pull first)", name);
c8dd491f
AK		 1563 ret = "non-fast-forward";
1564 goto out;
8aaf7d64 1565 }
11031d7e 1566 }
1d9e8b56 1567 if (run_update_hook(cmd)) {
466dbc42 1568 rp_error("hook declined to update %s", name);
c8dd491f
AK		 1569 ret = "hook declined";
1570 goto out;
b1bf95bb 1571 }
3159c8dc 1572
b072a25f 1573 if (do_update_worktree) {
38baae6c 1574 ret = update_worktree(new_oid->hash, worktree);
b072a25f 1575 if (ret)
c8dd491f 1576 goto out;
b072a25f
JH		 1577 }
1578
9c44ea44 1579 if (is_null_oid(new_oid)) {
222368c6 1580 struct strbuf err = STRBUF_INIT;
109cd76d 1581 if (!parse_object(the_repository, old_oid)) {
9c44ea44 1582 old_oid = NULL;
160b81ed 1583 if (ref_exists(name)) {
c25edee9 1584 rp_warning("allowing deletion of corrupt ref");
160b81ed 1585 } else {
c25edee9 1586 rp_warning("deleting a non-existent ref");
160b81ed
PYH		 1587 cmd->did_not_exist = 1;
1588 }
28391a80 1589 }
222368c6
SB		 1590 if (ref_transaction_delete(transaction,
1591 namespaced_name,
89f3bbdd 1592 old_oid,
fb5a6bb6 1593 0, "push", &err)) {
222368c6 1594 rp_error("%s", err.buf);
c8dd491f
AK		 1595 ret = "failed to delete";
1596 } else {
1597 ret = NULL; /* good */
d4f694ba 1598 }
222368c6 1599 strbuf_release(&err);
d4f694ba
JH		 1600 }
1601 else {
6629ea2d 1602 struct strbuf err = STRBUF_INIT;
0a1bc12b 1603 if (shallow_update && si->shallow_ref[cmd->index] &&
c8dd491f
AK		 1604 update_shallow_ref(cmd, si)) {
1605 ret = "shallow error";
1606 goto out;
1607 }
0a1bc12b 1608
222368c6
SB		 1609 if (ref_transaction_update(transaction,
1610 namespaced_name,
89f3bbdd 1611 new_oid, old_oid,
1d147bdf 1612 0, "push",
222368c6 1613 &err)) {
6629ea2d 1614 rp_error("%s", err.buf);
c8dd491f
AK		 1615 ret = "failed to update ref";
1616 } else {
1617 ret = NULL; /* good */
ef203f08 1618 }
6629ea2d 1619 strbuf_release(&err);
19614330 1620 }
c8dd491f
AK		 1621
1622out:
1623 free_worktrees(worktrees);
1624 return ret;
2eca23da
LT		 1625}
1626
5e1c71fd 1627static void run_update_post_hook(struct command *commands)
19614330 1628{
5e1c71fd 1629 struct command *cmd;
d3180279 1630 struct child_process proc = CHILD_PROCESS_INIT;
dcf69262 1631 const char *hook;
19614330 1632
5a7da2dc 1633 hook = find_hook("post-update");
dce96c41 1634 if (!hook)
3e6e152c 1635 return;
5a7da2dc 1636
850d2fec 1637 for (cmd = commands; cmd; cmd = cmd->next) {
160b81ed 1638 if (cmd->error_string || cmd->did_not_exist)
19614330 1639 continue;
d70a9eb6 1640 if (!proc.args.nr)
22f9b7f3
JK		 1641 strvec_push(&proc.args, hook);
1642 strvec_push(&proc.args, cmd->ref_name);
19614330 1643 }
d70a9eb6 1644 if (!proc.args.nr)
dce96c41 1645 return;
6d525d38 1646
6d525d38
SP		 1647 proc.no_stdin = 1;
1648 proc.stdout_to_stderr = 1;
1649 proc.err = use_sideband ? -1 : 0;
6206286e 1650 proc.trace2_hook_name = "post-update";
6d525d38
SP		 1651
1652 if (!start_command(&proc)) {
1653 if (use_sideband)
1654 copy_to_sideband(proc.err, -1, NULL);
1655 finish_command(&proc);
1656 }
19614330 1657}
2eca23da 1658
99036237
ÆAB		 1659static void check_aliased_update_internal(struct command *cmd,
1660 struct string_list *list,
1661 const char *dst_name, int flag)
da3efdb1
JS		 1662{
1663 struct string_list_item *item;
1664 struct command *dst_cmd;
da3efdb1
JS		 1665
1666 if (!(flag & REF_ISSYMREF))
1667 return;
1668
6b01ecfe
JT		 1669 if (!dst_name) {
1670 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1671 cmd->skip_update = 1;
1672 cmd->error_string = "broken symref";
1673 return;
1674 }
ded83936 1675 dst_name = strip_namespace(dst_name);
6b01ecfe 1676
afe8a907 1677 if (!(item = string_list_lookup(list, dst_name)))
da3efdb1
JS		 1678 return;
1679
1680 cmd->skip_update = 1;
1681
1682 dst_cmd = (struct command *) item->util;
1683
4a7e27e9
JK		 1684 if (oideq(&cmd->old_oid, &dst_cmd->old_oid) &&
1685 oideq(&cmd->new_oid, &dst_cmd->new_oid))
da3efdb1
JS		 1686 return;
1687
1688 dst_cmd->skip_update = 1;
1689
da3efdb1
JS		 1690 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1691 " its target '%s' (%s..%s)",
ef2ed501 1692 cmd->ref_name,
d850b7a5
ÆAB		 1693 repo_find_unique_abbrev(the_repository, &cmd->old_oid, DEFAULT_ABBREV),
1694 repo_find_unique_abbrev(the_repository, &cmd->new_oid, DEFAULT_ABBREV),
ef2ed501 1695 dst_cmd->ref_name,
d850b7a5
ÆAB		 1696 repo_find_unique_abbrev(the_repository, &dst_cmd->old_oid, DEFAULT_ABBREV),
1697 repo_find_unique_abbrev(the_repository, &dst_cmd->new_oid, DEFAULT_ABBREV));
da3efdb1
JS		 1698
1699 cmd->error_string = dst_cmd->error_string =
1700 "inconsistent aliased update";
1701}
1702
99036237
ÆAB		 1703static void check_aliased_update(struct command *cmd, struct string_list *list)
1704{
1705 struct strbuf buf = STRBUF_INIT;
1706 const char *dst_name;
1707 int flag;
1708
1709 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1710 dst_name = resolve_ref_unsafe(buf.buf, 0, NULL, &flag);
1711 check_aliased_update_internal(cmd, list, dst_name, flag);
1712 strbuf_release(&buf);
1713}
1714
da3efdb1
JS		 1715static void check_aliased_updates(struct command *commands)
1716{
1717 struct command *cmd;
183113a5 1718 struct string_list ref_list = STRING_LIST_INIT_NODUP;
da3efdb1
JS		 1719
1720 for (cmd = commands; cmd; cmd = cmd->next) {
1721 struct string_list_item *item =
1d2f80fa 1722 string_list_append(&ref_list, cmd->ref_name);
da3efdb1
JS		 1723 item->util = (void *)cmd;
1724 }
3383e199 1725 string_list_sort(&ref_list);
da3efdb1 1726
ef7e93d9
CB		 1727 for (cmd = commands; cmd; cmd = cmd->next) {
1728 if (!cmd->error_string)
1729 check_aliased_update(cmd, &ref_list);
1730 }
da3efdb1
JS		 1731
1732 string_list_clear(&ref_list, 0);
1733}
1734
9fec7b21 1735static const struct object_id *command_singleton_iterator(void *cb_data)
52fed6e1
JH		 1736{
1737 struct command **cmd_list = cb_data;
1738 struct command *cmd = *cmd_list;
1739
9c44ea44 1740 if (!cmd || is_null_oid(&cmd->new_oid))
9fec7b21 1741 return NULL;
52fed6e1 1742 *cmd_list = NULL; /* this returns only one */
9fec7b21 1743 return &cmd->new_oid;
52fed6e1
JH		 1744}
1745
0a1bc12b
NTND		 1746static void set_connectivity_errors(struct command *commands,
1747 struct shallow_info *si)
52fed6e1
JH		 1748{
1749 struct command *cmd;
1750
1751 for (cmd = commands; cmd; cmd = cmd->next) {
1752 struct command *singleton = cmd;
722ff7f8
JK		 1753 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1754
0a1bc12b
NTND		 1755 if (shallow_update && si->shallow_ref[cmd->index])
1756 /* to be checked in update_shallow_ref() */
1757 continue;
722ff7f8
JK		 1758
1759 opt.env = tmp_objdir_env(tmp_objdir);
7043c707 1760 if (!check_connected(command_singleton_iterator, &singleton,
722ff7f8 1761 &opt))
52fed6e1 1762 continue;
722ff7f8 1763
52fed6e1
JH		 1764 cmd->error_string = "missing necessary objects";
1765 }
1766}
1767
0a1bc12b
NTND		 1768struct iterate_data {
1769 struct command *cmds;
1770 struct shallow_info *si;
1771};
1772
9fec7b21 1773static const struct object_id *iterate_receive_command_list(void *cb_data)
52fed6e1 1774{
0a1bc12b
NTND		 1775 struct iterate_data *data = cb_data;
1776 struct command **cmd_list = &data->cmds;
52fed6e1
JH		 1777 struct command *cmd = *cmd_list;
1778
0a1bc12b
NTND		 1779 for (; cmd; cmd = cmd->next) {
1780 if (shallow_update && data->si->shallow_ref[cmd->index])
1781 /* to be checked in update_shallow_ref() */
1782 continue;
9c44ea44 1783 if (!is_null_oid(&cmd->new_oid) && !cmd->skip_update) {
ee6dfb2d 1784 *cmd_list = cmd->next;
9fec7b21 1785 return &cmd->new_oid;
ee6dfb2d 1786 }
ee6dfb2d 1787 }
9fec7b21 1788 return NULL;
52fed6e1
JH		 1789}
1790
daebaa78
JH		 1791static void reject_updates_to_hidden(struct command *commands)
1792{
78a766ab
LF		 1793 struct strbuf refname_full = STRBUF_INIT;
1794 size_t prefix_len;
daebaa78
JH		 1795 struct command *cmd;
1796
78a766ab
LF		 1797 strbuf_addstr(&refname_full, get_git_namespace());
1798 prefix_len = refname_full.len;
1799
daebaa78 1800 for (cmd = commands; cmd; cmd = cmd->next) {
78a766ab
LF		 1801 if (cmd->error_string)
1802 continue;
1803
1804 strbuf_setlen(&refname_full, prefix_len);
1805 strbuf_addstr(&refname_full, cmd->ref_name);
1806
9b67eb6f 1807 if (!ref_is_hidden(cmd->ref_name, refname_full.buf, &hidden_refs))
daebaa78 1808 continue;
9c44ea44 1809 if (is_null_oid(&cmd->new_oid))
daebaa78
JH		 1810 cmd->error_string = "deny deleting a hidden ref";
1811 else
1812 cmd->error_string = "deny updating a hidden ref";
1813 }
78a766ab
LF		 1814
1815 strbuf_release(&refname_full);
daebaa78
JH		 1816}
1817
a6a84319
SB		 1818static int should_process_cmd(struct command *cmd)
1819{
1820 return !cmd->error_string && !cmd->skip_update;
1821}
1822
07b1d8f1 1823static void BUG_if_skipped_connectivity_check(struct command *commands,
a6a84319
SB		 1824 struct shallow_info *si)
1825{
1826 struct command *cmd;
a6a84319
SB		 1827
1828 for (cmd = commands; cmd; cmd = cmd->next) {
07b1d8f1
ÆAB		 1829 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index])
1830 bug("connectivity check has not been run on ref %s",
1831 cmd->ref_name);
a6a84319 1832 }
07b1d8f1 1833 BUG_if_bug("connectivity check skipped???");
a6a84319
SB		 1834}
1835
a1a26145
SB		 1836static void execute_commands_non_atomic(struct command *commands,
1837 struct shallow_info *si)
1838{
1839 struct command *cmd;
222368c6
SB		 1840 struct strbuf err = STRBUF_INIT;
1841
a1a26145 1842 for (cmd = commands; cmd; cmd = cmd->next) {
15d3af5e 1843 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
a1a26145
SB		 1844 continue;
1845
222368c6
SB		 1846 transaction = ref_transaction_begin(&err);
1847 if (!transaction) {
1848 rp_error("%s", err.buf);
1849 strbuf_reset(&err);
1850 cmd->error_string = "transaction failed to start";
1851 continue;
1852 }
1853
a1a26145 1854 cmd->error_string = update(cmd, si);
222368c6
SB		 1855
1856 if (!cmd->error_string
1857 && ref_transaction_commit(transaction, &err)) {
1858 rp_error("%s", err.buf);
1859 strbuf_reset(&err);
1860 cmd->error_string = "failed to update ref";
1861 }
1862 ref_transaction_free(transaction);
a1a26145 1863 }
68deed29
SB		 1864 strbuf_release(&err);
1865}
222368c6 1866
68deed29
SB		 1867static void execute_commands_atomic(struct command *commands,
1868 struct shallow_info *si)
1869{
1870 struct command *cmd;
1871 struct strbuf err = STRBUF_INIT;
1872 const char *reported_error = "atomic push failure";
1873
1874 transaction = ref_transaction_begin(&err);
1875 if (!transaction) {
1876 rp_error("%s", err.buf);
1877 strbuf_reset(&err);
1878 reported_error = "transaction failed to start";
1879 goto failure;
1880 }
1881
1882 for (cmd = commands; cmd; cmd = cmd->next) {
15d3af5e 1883 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
68deed29
SB		 1884 continue;
1885
1886 cmd->error_string = update(cmd, si);
1887
1888 if (cmd->error_string)
1889 goto failure;
1890 }
1891
1892 if (ref_transaction_commit(transaction, &err)) {
1893 rp_error("%s", err.buf);
1894 reported_error = "atomic transaction failed";
1895 goto failure;
1896 }
1897 goto cleanup;
1898
1899failure:
1900 for (cmd = commands; cmd; cmd = cmd->next)
1901 if (!cmd->error_string)
1902 cmd->error_string = reported_error;
1903
1904cleanup:
1905 ref_transaction_free(transaction);
222368c6 1906 strbuf_release(&err);
a1a26145
SB		 1907}
1908
0a1bc12b
NTND		 1909static void execute_commands(struct command *commands,
1910 const char *unpacker_error,
77a9745d
SB		 1911 struct shallow_info *si,
1912 const struct string_list *push_options)
575f4974 1913{
d415092a 1914 struct check_connected_options opt = CHECK_CONNECTED_INIT;
5e1c71fd 1915 struct command *cmd;
0a1bc12b 1916 struct iterate_data data;
d415092a
JK		 1917 struct async muxer;
1918 int err_fd = 0;
15d3af5e 1919 int run_proc_receive = 0;
8aaf7d64
SP		 1920
1921 if (unpacker_error) {
5e1c71fd 1922 for (cmd = commands; cmd; cmd = cmd->next)
74eb32d3 1923 cmd->error_string = "unpacker error";
8aaf7d64
SP		 1924 return;
1925 }
1926
d415092a
JK		 1927 if (use_sideband) {
1928 memset(&muxer, 0, sizeof(muxer));
1929 muxer.proc = copy_to_sideband;
1930 muxer.in = -1;
1931 if (!start_async(&muxer))
1932 err_fd = muxer.in;
1933 /* ...else, continue without relaying sideband */
1934 }
1935
0a1bc12b
NTND		 1936 data.cmds = commands;
1937 data.si = si;
d415092a 1938 opt.err_fd = err_fd;
6b4cd2f8 1939 opt.progress = err_fd && !quiet;
722ff7f8 1940 opt.env = tmp_objdir_env(tmp_objdir);
bcec6780
PS		 1941 opt.exclude_hidden_refs_section = "receive";
1942
d415092a 1943 if (check_connected(iterate_receive_command_list, &data, &opt))
0a1bc12b 1944 set_connectivity_errors(commands, si);
52fed6e1 1945
d415092a
JK		 1946 if (use_sideband)
1947 finish_async(&muxer);
1948
daebaa78
JH		 1949 reject_updates_to_hidden(commands);
1950
15d3af5e
JX		 1951 /*
1952 * Try to find commands that have special prefix in their reference names,
1953 * and mark them to run an external "proc-receive" hook later.
1954 */
31e8595a
JX		 1955 if (proc_receive_ref) {
1956 for (cmd = commands; cmd; cmd = cmd->next) {
1957 if (!should_process_cmd(cmd))
1958 continue;
15d3af5e 1959
31e8595a
JX		 1960 if (proc_receive_ref_matches(cmd)) {
1961 cmd->run_proc_receive = RUN_PROC_RECEIVE_SCHEDULED;
1962 run_proc_receive = 1;
1963 }
15d3af5e
JX		 1964 }
1965 }
1966
77a9745d 1967 if (run_receive_hook(commands, "pre-receive", 0, push_options)) {
ef7e93d9
CB		 1968 for (cmd = commands; cmd; cmd = cmd->next) {
1969 if (!cmd->error_string)
1970 cmd->error_string = "pre-receive hook declined";
1971 }
05ef58ec
SP		 1972 return;
1973 }
1974
54077640
CB		 1975 /*
1976 * If there is no command ready to run, should return directly to destroy
1977 * temporary data in the quarantine area.
1978 */
1979 for (cmd = commands; cmd && cmd->error_string; cmd = cmd->next)
1980 ; /* nothing */
1981 if (!cmd)
1982 return;
1983
722ff7f8
JK		 1984 /*
1985 * Now we'll start writing out refs, which means the objects need
1986 * to be in their final positions so that other processes can see them.
1987 */
1988 if (tmp_objdir_migrate(tmp_objdir) < 0) {
1989 for (cmd = commands; cmd; cmd = cmd->next) {
1990 if (!cmd->error_string)
1991 cmd->error_string = "unable to migrate objects to permanent storage";
1992 }
1993 return;
1994 }
1995 tmp_objdir = NULL;
1996
da3efdb1
JS		 1997 check_aliased_updates(commands);
1998
96ec7b1e 1999 free(head_name_to_free);
efbd4fdf 2000 head_name = head_name_to_free = resolve_refdup("HEAD", 0, NULL, NULL);
747ca245 2001
15d3af5e
JX		 2002 if (run_proc_receive &&
2003 run_proc_receive_hook(commands, push_options))
2004 for (cmd = commands; cmd; cmd = cmd->next)
2005 if (!cmd->error_string &&
2006 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED) &&
2007 (cmd->run_proc_receive || use_atomic))
2008 cmd->error_string = "fail to run proc-receive hook";
2009
68deed29
SB		 2010 if (use_atomic)
2011 execute_commands_atomic(commands, si);
2012 else
2013 execute_commands_non_atomic(commands, si);
0a1bc12b 2014
a6a84319 2015 if (shallow_update)
07b1d8f1 2016 BUG_if_skipped_connectivity_check(commands, si);
575f4974
LT		 2017}
2018
39895c74
JH		 2019static struct command **queue_command(struct command **tail,
2020 const char *line,
2021 int linelen)
2022{
9c44ea44 2023 struct object_id old_oid, new_oid;
39895c74
JH		 2024 struct command *cmd;
2025 const char *refname;
2026 int reflen;
9c44ea44 2027 const char *p;
39895c74 2028
9c44ea44 2029 if (parse_oid_hex(line, &old_oid, &p) ||
2030 *p++ != ' ' ||
2031 parse_oid_hex(p, &new_oid, &p) ||
2032 *p++ != ' ')
39895c74
JH		 2033 die("protocol error: expected old/new/ref, got '%s'", line);
2034
9c44ea44 2035 refname = p;
2036 reflen = linelen - (p - line);
ddd0bfac 2037 FLEX_ALLOC_MEM(cmd, ref_name, refname, reflen);
9c44ea44 2038 oidcpy(&cmd->old_oid, &old_oid);
2039 oidcpy(&cmd->new_oid, &new_oid);
39895c74
JH		 2040 *tail = cmd;
2041 return &cmd->next;
2042}
2043
1fdd31cf
ÆAB		 2044static void free_commands(struct command *commands)
2045{
2046 while (commands) {
2047 struct command *next = commands->next;
2048
2049 free(commands);
2050 commands = next;
2051 }
2052}
2053
4adf569d
JH		 2054static void queue_commands_from_cert(struct command **tail,
2055 struct strbuf *push_cert)
2056{
2057 const char *boc, *eoc;
2058
2059 if (*tail)
2060 die("protocol error: got both push certificate and unsigned commands");
2061
2062 boc = strstr(push_cert->buf, "\n\n");
2063 if (!boc)
2064 die("malformed push certificate %.*s", 100, push_cert->buf);
2065 else
2066 boc += 2;
482c1191 2067 eoc = push_cert->buf + parse_signed_buffer(push_cert->buf, push_cert->len);
4adf569d
JH		 2068
2069 while (boc < eoc) {
2070 const char *eol = memchr(boc, '\n', eoc - boc);
f2214ded 2071 tail = queue_command(tail, boc, eol ? eol - boc : eoc - boc);
4adf569d
JH		 2072 boc = eol ? eol + 1 : eoc;
2073 }
2074}
2075
01f9ec64
MS		 2076static struct command *read_head_info(struct packet_reader *reader,
2077 struct oid_array *shallow)
575f4974 2078{
5e1c71fd 2079 struct command *commands = NULL;
eb1af2df 2080 struct command **p = &commands;
575f4974 2081 for (;;) {
01f9ec64 2082 int linelen;
eb1af2df 2083
01f9ec64 2084 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
575f4974 2085 break;
5dbd7676 2086
01f9ec64 2087 if (reader->pktlen > 8 && starts_with(reader->line, "shallow ")) {
9c44ea44 2088 struct object_id oid;
01f9ec64 2089 if (get_oid_hex(reader->line + 8, &oid))
c09b71cc 2090 die("protocol error: expected shallow sha, got '%s'",
01f9ec64 2091 reader->line + 8);
910650d2 2092 oid_array_append(shallow, &oid);
5dbd7676
NTND		 2093 continue;
2094 }
2095
01f9ec64
MS		 2096 linelen = strlen(reader->line);
2097 if (linelen < reader->pktlen) {
2098 const char *feature_list = reader->line + linelen + 1;
bb095d08 2099 const char *hash = NULL;
a2a066d9 2100 const char *client_sid;
7ce4c8f7 2101 size_t len = 0;
f47182c8 2102 if (parse_feature_request(feature_list, "report-status"))
cfee10a7 2103 report_status = 1;
63518a57
JX		 2104 if (parse_feature_request(feature_list, "report-status-v2"))
2105 report_status_v2 = 1;
f47182c8 2106 if (parse_feature_request(feature_list, "side-band-64k"))
38a81b4e 2107 use_sideband = LARGE_PACKET_MAX;
c207e34f
CB		 2108 if (parse_feature_request(feature_list, "quiet"))
2109 quiet = 1;
1b70fe5d
RS		 2110 if (advertise_atomic_push
2111 && parse_feature_request(feature_list, "atomic"))
2112 use_atomic = 1;
c714e45f
SB		 2113 if (advertise_push_options
2114 && parse_feature_request(feature_list, "push-options"))
2115 use_push_options = 1;
bb095d08 2116 hash = parse_feature_value(feature_list, "object-format", &len, NULL);
2117 if (!hash) {
2118 hash = hash_algos[GIT_HASH_SHA1].name;
2119 len = strlen(hash);
2120 }
2121 if (xstrncmpz(the_hash_algo->name, hash, len))
2122 die("error: unsupported object format '%s'", hash);
a2a066d9
JS		 2123 client_sid = parse_feature_value(feature_list, "session-id", &len, NULL);
2124 if (client_sid) {
2125 char *sid = xstrndup(client_sid, len);
2126 trace2_data_string("transfer", NULL, "client-sid", client_sid);
2127 free(sid);
2128 }
cfee10a7 2129 }
0e3c339b 2130
01f9ec64 2131 if (!strcmp(reader->line, "push-cert")) {
a85b377d 2132 int true_flush = 0;
01f9ec64
MS		 2133 int saved_options = reader->options;
2134 reader->options &= ~PACKET_READ_CHOMP_NEWLINE;
a85b377d
JH		 2135
2136 for (;;) {
01f9ec64
MS		 2137 packet_reader_read(reader);
2138 if (reader->status == PACKET_READ_FLUSH) {
a85b377d
JH		 2139 true_flush = 1;
2140 break;
2141 }
01f9ec64
MS		 2142 if (reader->status != PACKET_READ_NORMAL) {
2143 die("protocol error: got an unexpected packet");
2144 }
2145 if (!strcmp(reader->line, "push-cert-end\n"))
a85b377d 2146 break; /* end of cert */
01f9ec64 2147 strbuf_addstr(&push_cert, reader->line);
a85b377d 2148 }
01f9ec64 2149 reader->options = saved_options;
a85b377d
JH		 2150
2151 if (true_flush)
2152 break;
2153 continue;
2154 }
2155
01f9ec64 2156 p = queue_command(p, reader->line, linelen);
575f4974 2157 }
4adf569d
JH		 2158
2159 if (push_cert.len)
2160 queue_commands_from_cert(p, &push_cert);
2161
5e1c71fd 2162 return commands;
575f4974
LT		 2163}
2164
01f9ec64
MS		 2165static void read_push_options(struct packet_reader *reader,
2166 struct string_list *options)
c714e45f
SB		 2167{
2168 while (1) {
01f9ec64 2169 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
c714e45f
SB		 2170 break;
2171
01f9ec64 2172 string_list_append(options, reader->line);
c714e45f
SB		 2173 }
2174}
2175
fc04c412
SP		 2176static const char *parse_pack_header(struct pack_header *hdr)
2177{
a69e5429
JH		 2178 switch (read_pack_header(0, hdr)) {
2179 case PH_ERROR_EOF:
2180 return "eof before pack header was fully read";
2181
2182 case PH_ERROR_PACK_SIGNATURE:
fc04c412 2183 return "protocol error (pack signature mismatch detected)";
a69e5429
JH		 2184
2185 case PH_ERROR_PROTOCOL:
fc04c412 2186 return "protocol error (pack version unsupported)";
a69e5429
JH		 2187
2188 default:
2189 return "unknown error in parse_pack_header";
2190
2191 case 0:
2192 return NULL;
2193 }
fc04c412
SP		 2194}
2195
c55c3066 2196static struct tempfile *pack_lockfile;
576162a4 2197
22f9b7f3 2198static void push_header_arg(struct strvec *args, struct pack_header *hdr)
446d5d91 2199{
22f9b7f3 2200 strvec_pushf(args, "--pack_header=%"PRIu32",%"PRIu32,
f6d8942b 2201 ntohl(hdr->hdr_version), ntohl(hdr->hdr_entries));
446d5d91
JK		 2202}
2203
5dbd7676 2204static const char *unpack(int err_fd, struct shallow_info *si)
575f4974 2205{
fc04c412
SP		 2206 struct pack_header hdr;
2207 const char *hdr_err;
31c42bff 2208 int status;
d3180279 2209 struct child_process child = CHILD_PROCESS_INIT;
dab76d3a
JH		 2210 int fsck_objects = (receive_fsck_objects >= 0
2211 ? receive_fsck_objects
2212 : transfer_fsck_objects >= 0
2213 ? transfer_fsck_objects
2214 : 0);
fc04c412
SP		 2215
2216 hdr_err = parse_pack_header(&hdr);
49ecfa13
JK		 2217 if (hdr_err) {
2218 if (err_fd > 0)
2219 close(err_fd);
fc04c412 2220 return hdr_err;
49ecfa13 2221 }
fc04c412 2222
5dbd7676
NTND		 2223 if (si->nr_ours || si->nr_theirs) {
2224 alt_shallow_file = setup_temporary_shallow(si->shallow);
22f9b7f3
JK		 2225 strvec_push(&child.args, "--shallow-file");
2226 strvec_push(&child.args, alt_shallow_file);
5dbd7676
NTND		 2227 }
2228
b3cecf49 2229 tmp_objdir = tmp_objdir_create("incoming");
6cdad1f1
JK		 2230 if (!tmp_objdir) {
2231 if (err_fd > 0)
2232 close(err_fd);
722ff7f8 2233 return "unable to create temporary object directory";
6cdad1f1 2234 }
c21fa3bb 2235 strvec_pushv(&child.env, tmp_objdir_env(tmp_objdir));
722ff7f8
JK		 2236
2237 /*
2238 * Normally we just pass the tmp_objdir environment to the child
2239 * processes that do the heavy lifting, but we may need to see these
2240 * objects ourselves to set up shallow information.
2241 */
2242 tmp_objdir_add_as_alternate(tmp_objdir);
2243
fc04c412 2244 if (ntohl(hdr.hdr_entries) < unpack_limit) {
22f9b7f3 2245 strvec_push(&child.args, "unpack-objects");
446d5d91 2246 push_header_arg(&child.args, &hdr);
c207e34f 2247 if (quiet)
22f9b7f3 2248 strvec_push(&child.args, "-q");
dab76d3a 2249 if (fsck_objects)
22f9b7f3 2250 strvec_pushf(&child.args, "--strict%s",
f6d8942b 2251 fsck_msg_types.buf);
c08db5a2 2252 if (max_input_size)
22f9b7f3 2253 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
f6d8942b 2254 (uintmax_t)max_input_size);
59bfdfb8 2255 child.no_stdout = 1;
a22e6f85 2256 child.err = err_fd;
59bfdfb8 2257 child.git_cmd = 1;
31c42bff
NTND		 2258 status = run_command(&child);
2259 if (status)
2260 return "unpack-objects abnormal exit";
576162a4 2261 } else {
da25bdb7 2262 char hostname[HOST_NAME_MAX + 1];
c55c3066 2263 char *lockfile;
576162a4 2264
22f9b7f3 2265 strvec_pushl(&child.args, "index-pack", "--stdin", NULL);
446d5d91 2266 push_header_arg(&child.args, &hdr);
b26cb7c7 2267
5781a9a2 2268 if (xgethostname(hostname, sizeof(hostname)))
b26cb7c7 2269 xsnprintf(hostname, sizeof(hostname), "localhost");
22f9b7f3 2270 strvec_pushf(&child.args,
f6d8942b
JK		 2271 "--keep=receive-pack %"PRIuMAX" on %s",
2272 (uintmax_t)getpid(),
2273 hostname);
b26cb7c7 2274
d06303bb 2275 if (!quiet && err_fd)
22f9b7f3 2276 strvec_push(&child.args, "--show-resolving-progress");
83558686 2277 if (use_sideband)
22f9b7f3 2278 strvec_push(&child.args, "--report-end-of-input");
dab76d3a 2279 if (fsck_objects)
22f9b7f3 2280 strvec_pushf(&child.args, "--strict%s",
f6d8942b 2281 fsck_msg_types.buf);
1b68387e 2282 if (!reject_thin)
22f9b7f3 2283 strvec_push(&child.args, "--fix-thin");
c08db5a2 2284 if (max_input_size)
22f9b7f3 2285 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
f6d8942b 2286 (uintmax_t)max_input_size);
31c42bff
NTND		 2287 child.out = -1;
2288 child.err = err_fd;
2289 child.git_cmd = 1;
2290 status = start_command(&child);
2291 if (status)
576162a4 2292 return "index-pack fork failed";
c55c3066
PS		 2293
2294 lockfile = index_pack_lockfile(child.out, NULL);
2295 if (lockfile) {
2296 pack_lockfile = register_tempfile(lockfile);
2297 free(lockfile);
2298 }
31c42bff 2299 close(child.out);
c55c3066 2300
31c42bff
NTND		 2301 status = finish_command(&child);
2302 if (status)
2303 return "index-pack abnormal exit";
a49d2834 2304 reprepare_packed_git(the_repository);
cfee10a7 2305 }
31c42bff 2306 return NULL;
cfee10a7
JH		 2307}
2308
5dbd7676 2309static const char *unpack_with_sideband(struct shallow_info *si)
a22e6f85
JK		 2310{
2311 struct async muxer;
2312 const char *ret;
2313
2314 if (!use_sideband)
5dbd7676 2315 return unpack(0, si);
a22e6f85 2316
83558686 2317 use_keepalive = KEEPALIVE_AFTER_NUL;
a22e6f85
JK		 2318 memset(&muxer, 0, sizeof(muxer));
2319 muxer.proc = copy_to_sideband;
2320 muxer.in = -1;
2321 if (start_async(&muxer))
2322 return NULL;
2323
5dbd7676 2324 ret = unpack(muxer.in, si);
a22e6f85
JK		 2325
2326 finish_async(&muxer);
2327 return ret;
2328}
2329
c95fc72f 2330static void prepare_shallow_update(struct shallow_info *si)
0a1bc12b 2331{
42c78a21 2332 int i, j, k, bitmap_size = DIV_ROUND_UP(si->ref->nr, 32);
0a1bc12b 2333
b32fa95f 2334 ALLOC_ARRAY(si->used_shallow, si->shallow->nr);
0a1bc12b
NTND		 2335 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
2336
486f4bd1
JH		 2337 CALLOC_ARRAY(si->need_reachability_test, si->shallow->nr);
2338 CALLOC_ARRAY(si->reachable, si->shallow->nr);
2339 CALLOC_ARRAY(si->shallow_ref, si->ref->nr);
0a1bc12b
NTND		 2340
2341 for (i = 0; i < si->nr_ours; i++)
2342 si->need_reachability_test[si->ours[i]] = 1;
2343
2344 for (i = 0; i < si->shallow->nr; i++) {
2345 if (!si->used_shallow[i])
2346 continue;
2347 for (j = 0; j < bitmap_size; j++) {
2348 if (!si->used_shallow[i][j])
2349 continue;
2350 si->need_reachability_test[i]++;
2351 for (k = 0; k < 32; k++)
9a93c668 2352 if (si->used_shallow[i][j] & (1U << k))
0a1bc12b
NTND		 2353 si->shallow_ref[j * 32 + k]++;
2354 }
2355
2356 /*
2357 * true for those associated with some refs and belong
2358 * in "ours" list aka "step 7 not done yet"
2359 */
2360 si->need_reachability_test[i] =
2361 si->need_reachability_test[i] > 1;
2362 }
2363
2364 /*
2365 * keep hooks happy by forcing a temporary shallow file via
2366 * env variable because we can't add --shallow-file to every
7987d223 2367 * command. check_connected() will be done with
0a1bc12b
NTND		 2368 * true .git/shallow though.
2369 */
2370 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
2371}
2372
5dbd7676
NTND		 2373static void update_shallow_info(struct command *commands,
2374 struct shallow_info *si,
910650d2 2375 struct oid_array *ref)
5dbd7676
NTND		 2376{
2377 struct command *cmd;
2378 int *ref_status;
2379 remove_nonexistent_theirs_shallow(si);
0a1bc12b
NTND		 2380 if (!si->nr_ours && !si->nr_theirs) {
2381 shallow_update = 0;
5dbd7676 2382 return;
0a1bc12b 2383 }
5dbd7676
NTND		 2384
2385 for (cmd = commands; cmd; cmd = cmd->next) {
9c44ea44 2386 if (is_null_oid(&cmd->new_oid))
5dbd7676 2387 continue;
910650d2 2388 oid_array_append(ref, &cmd->new_oid);
5dbd7676
NTND		 2389 cmd->index = ref->nr - 1;
2390 }
2391 si->ref = ref;
2392
0a1bc12b 2393 if (shallow_update) {
c95fc72f 2394 prepare_shallow_update(si);
0a1bc12b
NTND		 2395 return;
2396 }
2397
b32fa95f 2398 ALLOC_ARRAY(ref_status, ref->nr);
5dbd7676
NTND		 2399 assign_shallow_commits_to_refs(si, NULL, ref_status);
2400 for (cmd = commands; cmd; cmd = cmd->next) {
9c44ea44 2401 if (is_null_oid(&cmd->new_oid))
5dbd7676
NTND		 2402 continue;
2403 if (ref_status[cmd->index]) {
2404 cmd->error_string = "shallow update not allowed";
2405 cmd->skip_update = 1;
2406 }
2407 }
5dbd7676
NTND		 2408 free(ref_status);
2409}
2410
5e1c71fd 2411static void report(struct command *commands, const char *unpack_status)
cfee10a7
JH		 2412{
2413 struct command *cmd;
38a81b4e
SP		 2414 struct strbuf buf = STRBUF_INIT;
2415
2416 packet_buf_write(&buf, "unpack %s\n",
2417 unpack_status ? unpack_status : "ok");
cfee10a7
JH		 2418 for (cmd = commands; cmd; cmd = cmd->next) {
2419 if (!cmd->error_string)
38a81b4e
SP		 2420 packet_buf_write(&buf, "ok %s\n",
2421 cmd->ref_name);
cfee10a7 2422 else
38a81b4e
SP		 2423 packet_buf_write(&buf, "ng %s %s\n",
2424 cmd->ref_name, cmd->error_string);
575f4974 2425 }
38a81b4e
SP		 2426 packet_buf_flush(&buf);
2427
2428 if (use_sideband)
2429 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2430 else
cdf4fb8e 2431 write_or_die(1, buf.buf, buf.len);
38a81b4e 2432 strbuf_release(&buf);
575f4974
LT		 2433}
2434
63518a57
JX		 2435static void report_v2(struct command *commands, const char *unpack_status)
2436{
2437 struct command *cmd;
2438 struct strbuf buf = STRBUF_INIT;
2439 struct ref_push_report *report;
2440
2441 packet_buf_write(&buf, "unpack %s\n",
2442 unpack_status ? unpack_status : "ok");
2443 for (cmd = commands; cmd; cmd = cmd->next) {
2444 int count = 0;
2445
2446 if (cmd->error_string) {
2447 packet_buf_write(&buf, "ng %s %s\n",
2448 cmd->ref_name,
2449 cmd->error_string);
2450 continue;
2451 }
2452 packet_buf_write(&buf, "ok %s\n",
2453 cmd->ref_name);
2454 for (report = cmd->report; report; report = report->next) {
2455 if (count++ > 0)
2456 packet_buf_write(&buf, "ok %s\n",
2457 cmd->ref_name);
2458 if (report->ref_name)
2459 packet_buf_write(&buf, "option refname %s\n",
2460 report->ref_name);
2461 if (report->old_oid)
2462 packet_buf_write(&buf, "option old-oid %s\n",
2463 oid_to_hex(report->old_oid));
2464 if (report->new_oid)
2465 packet_buf_write(&buf, "option new-oid %s\n",
2466 oid_to_hex(report->new_oid));
2467 if (report->forced_update)
2468 packet_buf_write(&buf, "option forced-update\n");
2469 }
2470 }
2471 packet_buf_flush(&buf);
2472
2473 if (use_sideband)
2474 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2475 else
2476 write_or_die(1, buf.buf, buf.len);
2477 strbuf_release(&buf);
2478}
2479
5e1c71fd 2480static int delete_only(struct command *commands)
d4f694ba 2481{
5e1c71fd
JS		 2482 struct command *cmd;
2483 for (cmd = commands; cmd; cmd = cmd->next) {
9c44ea44 2484 if (!is_null_oid(&cmd->new_oid))
d4f694ba 2485 return 0;
d4f694ba
JH		 2486 }
2487 return 1;
2488}
2489
be5908ae 2490int cmd_receive_pack(int argc, const char **argv, const char *prefix)
575f4974 2491{
42526b47 2492 int advertise_refs = 0;
5e1c71fd 2493 struct command *commands;
910650d2 2494 struct oid_array shallow = OID_ARRAY_INIT;
2495 struct oid_array ref = OID_ARRAY_INIT;
5dbd7676 2496 struct shallow_info si;
01f9ec64 2497 struct packet_reader reader;
575f4974 2498
1b68387e
SS		 2499 struct option options[] = {
2500 OPT__QUIET(&quiet, N_("quiet")),
2501 OPT_HIDDEN_BOOL(0, "stateless-rpc", &stateless_rpc, NULL),
98e2d9d6
ÆAB		 2502 OPT_HIDDEN_BOOL(0, "http-backend-info-refs", &advertise_refs, NULL),
2503 OPT_ALIAS(0, "advertise-refs", "http-backend-info-refs"),
1b68387e
SS		 2504 OPT_HIDDEN_BOOL(0, "reject-thin-pack-for-testing", &reject_thin, NULL),
2505 OPT_END()
2506 };
bbc30f99 2507
1b68387e 2508 packet_trace_identity("receive-pack");
575f4974 2509
1b68387e 2510 argc = parse_options(argc, argv, prefix, options, receive_pack_usage, 0);
c207e34f 2511
1b68387e 2512 if (argc > 1)
c25edee9 2513 usage_msg_opt(_("too many arguments"), receive_pack_usage, options);
1b68387e 2514 if (argc == 0)
c25edee9 2515 usage_msg_opt(_("you must specify a directory"), receive_pack_usage, options);
42526b47 2516
1b68387e 2517 service_dir = argv[0];
575f4974 2518
e1464ca7 2519 setup_path();
5c09f321 2520
5732373d
JH		 2521 if (!enter_repo(service_dir, 0))
2522 die("'%s' does not appear to be a git repository", service_dir);
575f4974 2523
ef90d6d4 2524 git_config(receive_pack_config, NULL);
b89363e4 2525 if (cert_nonce_seed)
5732373d 2526 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
6fb75bed 2527
e28714c5
JH		 2528 if (0 <= transfer_unpack_limit)
2529 unpack_limit = transfer_unpack_limit;
2530 else if (0 <= receive_unpack_limit)
2531 unpack_limit = receive_unpack_limit;
2532
aa9bab29 2533 switch (determine_protocol_version_server()) {
8f6982b4
BW		 2534 case protocol_v2:
2535 /*
2536 * push support for protocol v2 has not been implemented yet,
2537 * so ignore the request to use v2 and fallback to using v0.
2538 */
2539 break;
aa9bab29
BW		 2540 case protocol_v1:
2541 /*
2542 * v1 is just the original protocol with a version string,
2543 * so just fall through after writing the version string.
2544 */
2545 if (advertise_refs || !stateless_rpc)
2546 packet_write_fmt(1, "version 1\n");
2547
2548 /* fallthrough */
2549 case protocol_v0:
2550 break;
2551 case protocol_unknown_version:
2552 BUG("unknown protocol version");
2553 }
2554
42526b47 2555 if (advertise_refs || !stateless_rpc) {
42526b47 2556 write_head_info();
42526b47
SP		 2557 }
2558 if (advertise_refs)
2559 return 0;
575f4974 2560
2d103c31
MS		 2561 packet_reader_init(&reader, 0, NULL, 0,
2562 PACKET_READ_CHOMP_NEWLINE |
2563 PACKET_READ_DIE_ON_ERR_PACKET);
01f9ec64 2564
afe8a907 2565 if ((commands = read_head_info(&reader, &shallow))) {
d4f694ba 2566 const char *unpack_status = NULL;
77a9745d 2567 struct string_list push_options = STRING_LIST_INIT_DUP;
d4f694ba 2568
c714e45f 2569 if (use_push_options)
01f9ec64 2570 read_push_options(&reader, &push_options);
cbaf82cc
JT		 2571 if (!check_cert_push_options(&push_options)) {
2572 struct command *cmd;
2573 for (cmd = commands; cmd; cmd = cmd->next)
2574 cmd->error_string = "inconsistent push options";
2575 }
c714e45f 2576
5dbd7676 2577 prepare_shallow_info(&si, &shallow);
0a1bc12b
NTND		 2578 if (!si.nr_ours && !si.nr_theirs)
2579 shallow_update = 0;
5dbd7676
NTND		 2580 if (!delete_only(commands)) {
2581 unpack_status = unpack_with_sideband(&si);
2582 update_shallow_info(commands, &si, &ref);
2583 }
83558686 2584 use_keepalive = KEEPALIVE_ALWAYS;
77a9745d
SB		 2585 execute_commands(commands, unpack_status, &si,
2586 &push_options);
c55c3066 2587 delete_tempfile(&pack_lockfile);
d34182b9 2588 sigchain_push(SIGPIPE, SIG_IGN);
63518a57
JX		 2589 if (report_status_v2)
2590 report_v2(commands, unpack_status);
2591 else if (report_status)
5e1c71fd 2592 report(commands, unpack_status);
d34182b9 2593 sigchain_pop(SIGPIPE);
77a9745d
SB		 2594 run_receive_hook(commands, "post-receive", 1,
2595 &push_options);
8e663d9e 2596 run_update_post_hook(commands);
1fdd31cf 2597 free_commands(commands);
4432dd6b 2598 string_list_clear(&push_options, 0);
77e3efbf 2599 if (auto_gc) {
860a2ebe
LF		 2600 struct child_process proc = CHILD_PROCESS_INIT;
2601
2602 proc.no_stdin = 1;
2603 proc.stdout_to_stderr = 1;
2604 proc.err = use_sideband ? -1 : 0;
c4dee2c0 2605 proc.git_cmd = proc.close_object_store = 1;
2b709893
ÆAB		 2606 strvec_pushl(&proc.args, "gc", "--auto", "--quiet",
2607 NULL);
860a2ebe 2608
860a2ebe
LF		 2609 if (!start_command(&proc)) {
2610 if (use_sideband)
2611 copy_to_sideband(proc.err, -1, NULL);
2612 finish_command(&proc);
2613 }
77e3efbf
JH		 2614 }
2615 if (auto_update_server_info)
2616 update_server_info(0);
5dbd7676 2617 clear_shallow_info(&si);
7f8e9828 2618 }
38a81b4e
SP		 2619 if (use_sideband)
2620 packet_flush(1);
910650d2 2621 oid_array_clear(&shallow);
2622 oid_array_clear(&ref);
9b67eb6f 2623 string_list_clear(&hidden_refs, 0);
b89363e4 2624 free((void *)push_cert_nonce);
575f4974
LT		 2625 return 0;
2626}
Unnamed repository; edit this file 'description' to name the repository.