]> git.ipfire.org Git - thirdparty/git.git/blob - builtin/receive-pack.c
projects / thirdparty / git.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'pb/ref-filter-with-crlf'
[thirdparty/git.git] / builtin / receive-pack.c
1 #include "builtin.h"
2 #include "repository.h"
3 #include "config.h"
4 #include "lockfile.h"
5 #include "pack.h"
6 #include "refs.h"
7 #include "pkt-line.h"
8 #include "sideband.h"
9 #include "run-command.h"
10 #include "exec-cmd.h"
11 #include "commit.h"
12 #include "object.h"
13 #include "remote.h"
14 #include "connect.h"
15 #include "string-list.h"
16 #include "oid-array.h"
17 #include "connected.h"
18 #include "strvec.h"
19 #include "version.h"
20 #include "tag.h"
21 #include "gpg-interface.h"
22 #include "sigchain.h"
23 #include "fsck.h"
24 #include "tmp-objdir.h"
25 #include "oidset.h"
26 #include "packfile.h"
27 #include "object-store.h"
28 #include "protocol.h"
29 #include "commit-reach.h"
30 #include "worktree.h"
31 #include "shallow.h"
32
33 static const char * const receive_pack_usage[] = {
34 N_("git receive-pack <git-dir>"),
35 NULL
36 };
37
38 enum deny_action {
39 DENY_UNCONFIGURED,
40 DENY_IGNORE,
41 DENY_WARN,
42 DENY_REFUSE,
43 DENY_UPDATE_INSTEAD
44 };
45
46 static int deny_deletes;
47 static int deny_non_fast_forwards;
48 static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
49 static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
50 static int receive_fsck_objects = -1;
51 static int transfer_fsck_objects = -1;
52 static struct strbuf fsck_msg_types = STRBUF_INIT;
53 static int receive_unpack_limit = -1;
54 static int transfer_unpack_limit = -1;
55 static int advertise_atomic_push = 1;
56 static int advertise_push_options;
57 static int unpack_limit = 100;
58 static off_t max_input_size;
59 static int report_status;
60 static int report_status_v2;
61 static int use_sideband;
62 static int use_atomic;
63 static int use_push_options;
64 static int quiet;
65 static int prefer_ofs_delta = 1;
66 static int auto_update_server_info;
67 static int auto_gc = 1;
68 static int reject_thin;
69 static int stateless_rpc;
70 static const char *service_dir;
71 static const char *head_name;
72 static void *head_name_to_free;
73 static int sent_capabilities;
74 static int shallow_update;
75 static const char *alt_shallow_file;
76 static struct strbuf push_cert = STRBUF_INIT;
77 static struct object_id push_cert_oid;
78 static struct signature_check sigcheck;
79 static const char *push_cert_nonce;
80 static const char *cert_nonce_seed;
81
82 static const char *NONCE_UNSOLICITED = "UNSOLICITED";
83 static const char *NONCE_BAD = "BAD";
84 static const char *NONCE_MISSING = "MISSING";
85 static const char *NONCE_OK = "OK";
86 static const char *NONCE_SLOP = "SLOP";
87 static const char *nonce_status;
88 static long nonce_stamp_slop;
89 static timestamp_t nonce_stamp_slop_limit;
90 static struct ref_transaction *transaction;
91
92 static enum {
93 KEEPALIVE_NEVER = 0,
94 KEEPALIVE_AFTER_NUL,
95 KEEPALIVE_ALWAYS
96 } use_keepalive;
97 static int keepalive_in_sec = 5;
98
99 static struct tmp_objdir *tmp_objdir;
100
101 static struct proc_receive_ref {
102 unsigned int want_add:1,
103 want_delete:1,
104 want_modify:1,
105 negative_ref:1;
106 char *ref_prefix;
107 struct proc_receive_ref *next;
108 } *proc_receive_ref;
109
110 static void proc_receive_ref_append(const char *prefix);
111
112 static enum deny_action parse_deny_action(const char *var, const char *value)
113 {
114 if (value) {
115 if (!strcasecmp(value, "ignore"))
116 return DENY_IGNORE;
117 if (!strcasecmp(value, "warn"))
118 return DENY_WARN;
119 if (!strcasecmp(value, "refuse"))
120 return DENY_REFUSE;
121 if (!strcasecmp(value, "updateinstead"))
122 return DENY_UPDATE_INSTEAD;
123 }
124 if (git_config_bool(var, value))
125 return DENY_REFUSE;
126 return DENY_IGNORE;
127 }
128
129 static int receive_pack_config(const char *var, const char *value, void *cb)
130 {
131 int status = parse_hide_refs_config(var, value, "receive");
132
133 if (status)
134 return status;
135
136 if (strcmp(var, "receive.denydeletes") == 0) {
137 deny_deletes = git_config_bool(var, value);
138 return 0;
139 }
140
141 if (strcmp(var, "receive.denynonfastforwards") == 0) {
142 deny_non_fast_forwards = git_config_bool(var, value);
143 return 0;
144 }
145
146 if (strcmp(var, "receive.unpacklimit") == 0) {
147 receive_unpack_limit = git_config_int(var, value);
148 return 0;
149 }
150
151 if (strcmp(var, "transfer.unpacklimit") == 0) {
152 transfer_unpack_limit = git_config_int(var, value);
153 return 0;
154 }
155
156 if (strcmp(var, "receive.fsck.skiplist") == 0) {
157 const char *path;
158
159 if (git_config_pathname(&path, var, value))
160 return 1;
161 strbuf_addf(&fsck_msg_types, "%cskiplist=%s",
162 fsck_msg_types.len ? ',' : '=', path);
163 free((char *)path);
164 return 0;
165 }
166
167 if (skip_prefix(var, "receive.fsck.", &var)) {
168 if (is_valid_msg_type(var, value))
169 strbuf_addf(&fsck_msg_types, "%c%s=%s",
170 fsck_msg_types.len ? ',' : '=', var, value);
171 else
172 warning("Skipping unknown msg id '%s'", var);
173 return 0;
174 }
175
176 if (strcmp(var, "receive.fsckobjects") == 0) {
177 receive_fsck_objects = git_config_bool(var, value);
178 return 0;
179 }
180
181 if (strcmp(var, "transfer.fsckobjects") == 0) {
182 transfer_fsck_objects = git_config_bool(var, value);
183 return 0;
184 }
185
186 if (!strcmp(var, "receive.denycurrentbranch")) {
187 deny_current_branch = parse_deny_action(var, value);
188 return 0;
189 }
190
191 if (strcmp(var, "receive.denydeletecurrent") == 0) {
192 deny_delete_current = parse_deny_action(var, value);
193 return 0;
194 }
195
196 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
197 prefer_ofs_delta = git_config_bool(var, value);
198 return 0;
199 }
200
201 if (strcmp(var, "receive.updateserverinfo") == 0) {
202 auto_update_server_info = git_config_bool(var, value);
203 return 0;
204 }
205
206 if (strcmp(var, "receive.autogc") == 0) {
207 auto_gc = git_config_bool(var, value);
208 return 0;
209 }
210
211 if (strcmp(var, "receive.shallowupdate") == 0) {
212 shallow_update = git_config_bool(var, value);
213 return 0;
214 }
215
216 if (strcmp(var, "receive.certnonceseed") == 0)
217 return git_config_string(&cert_nonce_seed, var, value);
218
219 if (strcmp(var, "receive.certnonceslop") == 0) {
220 nonce_stamp_slop_limit = git_config_ulong(var, value);
221 return 0;
222 }
223
224 if (strcmp(var, "receive.advertiseatomic") == 0) {
225 advertise_atomic_push = git_config_bool(var, value);
226 return 0;
227 }
228
229 if (strcmp(var, "receive.advertisepushoptions") == 0) {
230 advertise_push_options = git_config_bool(var, value);
231 return 0;
232 }
233
234 if (strcmp(var, "receive.keepalive") == 0) {
235 keepalive_in_sec = git_config_int(var, value);
236 return 0;
237 }
238
239 if (strcmp(var, "receive.maxinputsize") == 0) {
240 max_input_size = git_config_int64(var, value);
241 return 0;
242 }
243
244 if (strcmp(var, "receive.procreceiverefs") == 0) {
245 if (!value)
246 return config_error_nonbool(var);
247 proc_receive_ref_append(value);
248 return 0;
249 }
250
251 return git_default_config(var, value, cb);
252 }
253
254 static void show_ref(const char *path, const struct object_id *oid)
255 {
256 if (sent_capabilities) {
257 packet_write_fmt(1, "%s %s\n", oid_to_hex(oid), path);
258 } else {
259 struct strbuf cap = STRBUF_INIT;
260
261 strbuf_addstr(&cap,
262 "report-status report-status-v2 delete-refs side-band-64k quiet");
263 if (advertise_atomic_push)
264 strbuf_addstr(&cap, " atomic");
265 if (prefer_ofs_delta)
266 strbuf_addstr(&cap, " ofs-delta");
267 if (push_cert_nonce)
268 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
269 if (advertise_push_options)
270 strbuf_addstr(&cap, " push-options");
271 strbuf_addf(&cap, " object-format=%s", the_hash_algo->name);
272 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
273 packet_write_fmt(1, "%s %s%c%s\n",
274 oid_to_hex(oid), path, 0, cap.buf);
275 strbuf_release(&cap);
276 sent_capabilities = 1;
277 }
278 }
279
280 static int show_ref_cb(const char *path_full, const struct object_id *oid,
281 int flag, void *data)
282 {
283 struct oidset *seen = data;
284 const char *path = strip_namespace(path_full);
285
286 if (ref_is_hidden(path, path_full))
287 return 0;
288
289 /*
290 * Advertise refs outside our current namespace as ".have"
291 * refs, so that the client can use them to minimize data
292 * transfer but will otherwise ignore them.
293 */
294 if (!path) {
295 if (oidset_insert(seen, oid))
296 return 0;
297 path = ".have";
298 } else {
299 oidset_insert(seen, oid);
300 }
301 show_ref(path, oid);
302 return 0;
303 }
304
305 static void show_one_alternate_ref(const struct object_id *oid,
306 void *data)
307 {
308 struct oidset *seen = data;
309
310 if (oidset_insert(seen, oid))
311 return;
312
313 show_ref(".have", oid);
314 }
315
316 static void write_head_info(void)
317 {
318 static struct oidset seen = OIDSET_INIT;
319
320 for_each_ref(show_ref_cb, &seen);
321 for_each_alternate_ref(show_one_alternate_ref, &seen);
322 oidset_clear(&seen);
323 if (!sent_capabilities)
324 show_ref("capabilities^{}", &null_oid);
325
326 advertise_shallow_grafts(1);
327
328 /* EOF */
329 packet_flush(1);
330 }
331
332 #define RUN_PROC_RECEIVE_SCHEDULED 1
333 #define RUN_PROC_RECEIVE_RETURNED 2
334 struct command {
335 struct command *next;
336 const char *error_string;
337 struct ref_push_report *report;
338 unsigned int skip_update:1,
339 did_not_exist:1,
340 run_proc_receive:2;
341 int index;
342 struct object_id old_oid;
343 struct object_id new_oid;
344 char ref_name[FLEX_ARRAY]; /* more */
345 };
346
347 static void proc_receive_ref_append(const char *prefix)
348 {
349 struct proc_receive_ref *ref_pattern;
350 char *p;
351 int len;
352
353 ref_pattern = xcalloc(1, sizeof(struct proc_receive_ref));
354 p = strchr(prefix, ':');
355 if (p) {
356 while (prefix < p) {
357 if (*prefix == 'a')
358 ref_pattern->want_add = 1;
359 else if (*prefix == 'd')
360 ref_pattern->want_delete = 1;
361 else if (*prefix == 'm')
362 ref_pattern->want_modify = 1;
363 else if (*prefix == '!')
364 ref_pattern->negative_ref = 1;
365 prefix++;
366 }
367 prefix++;
368 } else {
369 ref_pattern->want_add = 1;
370 ref_pattern->want_delete = 1;
371 ref_pattern->want_modify = 1;
372 }
373 len = strlen(prefix);
374 while (len && prefix[len - 1] == '/')
375 len--;
376 ref_pattern->ref_prefix = xmemdupz(prefix, len);
377 if (!proc_receive_ref) {
378 proc_receive_ref = ref_pattern;
379 } else {
380 struct proc_receive_ref *end;
381
382 end = proc_receive_ref;
383 while (end->next)
384 end = end->next;
385 end->next = ref_pattern;
386 }
387 }
388
389 static int proc_receive_ref_matches(struct command *cmd)
390 {
391 struct proc_receive_ref *p;
392
393 if (!proc_receive_ref)
394 return 0;
395
396 for (p = proc_receive_ref; p; p = p->next) {
397 const char *match = p->ref_prefix;
398 const char *remains;
399
400 if (!p->want_add && is_null_oid(&cmd->old_oid))
401 continue;
402 else if (!p->want_delete && is_null_oid(&cmd->new_oid))
403 continue;
404 else if (!p->want_modify &&
405 !is_null_oid(&cmd->old_oid) &&
406 !is_null_oid(&cmd->new_oid))
407 continue;
408
409 if (skip_prefix(cmd->ref_name, match, &remains) &&
410 (!*remains || *remains == '/')) {
411 if (!p->negative_ref)
412 return 1;
413 } else if (p->negative_ref) {
414 return 1;
415 }
416 }
417 return 0;
418 }
419
420 static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
421 static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
422
423 static void report_message(const char *prefix, const char *err, va_list params)
424 {
425 int sz;
426 char msg[4096];
427
428 sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
429 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
430 if (sz > (sizeof(msg) - 1))
431 sz = sizeof(msg) - 1;
432 msg[sz++] = '\n';
433
434 if (use_sideband)
435 send_sideband(1, 2, msg, sz, use_sideband);
436 else
437 xwrite(2, msg, sz);
438 }
439
440 static void rp_warning(const char *err, ...)
441 {
442 va_list params;
443 va_start(params, err);
444 report_message("warning: ", err, params);
445 va_end(params);
446 }
447
448 static void rp_error(const char *err, ...)
449 {
450 va_list params;
451 va_start(params, err);
452 report_message("error: ", err, params);
453 va_end(params);
454 }
455
456 static int copy_to_sideband(int in, int out, void *arg)
457 {
458 char data[128];
459 int keepalive_active = 0;
460
461 if (keepalive_in_sec <= 0)
462 use_keepalive = KEEPALIVE_NEVER;
463 if (use_keepalive == KEEPALIVE_ALWAYS)
464 keepalive_active = 1;
465
466 while (1) {
467 ssize_t sz;
468
469 if (keepalive_active) {
470 struct pollfd pfd;
471 int ret;
472
473 pfd.fd = in;
474 pfd.events = POLLIN;
475 ret = poll(&pfd, 1, 1000 * keepalive_in_sec);
476
477 if (ret < 0) {
478 if (errno == EINTR)
479 continue;
480 else
481 break;
482 } else if (ret == 0) {
483 /* no data; send a keepalive packet */
484 static const char buf[] = "0005\1";
485 write_or_die(1, buf, sizeof(buf) - 1);
486 continue;
487 } /* else there is actual data to read */
488 }
489
490 sz = xread(in, data, sizeof(data));
491 if (sz <= 0)
492 break;
493
494 if (use_keepalive == KEEPALIVE_AFTER_NUL && !keepalive_active) {
495 const char *p = memchr(data, '\0', sz);
496 if (p) {
497 /*
498 * The NUL tells us to start sending keepalives. Make
499 * sure we send any other data we read along
500 * with it.
501 */
502 keepalive_active = 1;
503 send_sideband(1, 2, data, p - data, use_sideband);
504 send_sideband(1, 2, p + 1, sz - (p - data + 1), use_sideband);
505 continue;
506 }
507 }
508
509 /*
510 * Either we're not looking for a NUL signal, or we didn't see
511 * it yet; just pass along the data.
512 */
513 send_sideband(1, 2, data, sz, use_sideband);
514 }
515 close(in);
516 return 0;
517 }
518
519 static void hmac_hash(unsigned char *out,
520 const char *key_in, size_t key_len,
521 const char *text, size_t text_len)
522 {
523 unsigned char key[GIT_MAX_BLKSZ];
524 unsigned char k_ipad[GIT_MAX_BLKSZ];
525 unsigned char k_opad[GIT_MAX_BLKSZ];
526 int i;
527 git_hash_ctx ctx;
528
529 /* RFC 2104 2. (1) */
530 memset(key, '\0', GIT_MAX_BLKSZ);
531 if (the_hash_algo->blksz < key_len) {
532 the_hash_algo->init_fn(&ctx);
533 the_hash_algo->update_fn(&ctx, key_in, key_len);
534 the_hash_algo->final_fn(key, &ctx);
535 } else {
536 memcpy(key, key_in, key_len);
537 }
538
539 /* RFC 2104 2. (2) & (5) */
540 for (i = 0; i < sizeof(key); i++) {
541 k_ipad[i] = key[i] ^ 0x36;
542 k_opad[i] = key[i] ^ 0x5c;
543 }
544
545 /* RFC 2104 2. (3) & (4) */
546 the_hash_algo->init_fn(&ctx);
547 the_hash_algo->update_fn(&ctx, k_ipad, sizeof(k_ipad));
548 the_hash_algo->update_fn(&ctx, text, text_len);
549 the_hash_algo->final_fn(out, &ctx);
550
551 /* RFC 2104 2. (6) & (7) */
552 the_hash_algo->init_fn(&ctx);
553 the_hash_algo->update_fn(&ctx, k_opad, sizeof(k_opad));
554 the_hash_algo->update_fn(&ctx, out, the_hash_algo->rawsz);
555 the_hash_algo->final_fn(out, &ctx);
556 }
557
558 static char *prepare_push_cert_nonce(const char *path, timestamp_t stamp)
559 {
560 struct strbuf buf = STRBUF_INIT;
561 unsigned char hash[GIT_MAX_RAWSZ];
562
563 strbuf_addf(&buf, "%s:%"PRItime, path, stamp);
564 hmac_hash(hash, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));
565 strbuf_release(&buf);
566
567 /* RFC 2104 5. HMAC-SHA1 or HMAC-SHA256 */
568 strbuf_addf(&buf, "%"PRItime"-%.*s", stamp, (int)the_hash_algo->hexsz, hash_to_hex(hash));
569 return strbuf_detach(&buf, NULL);
570 }
571
572 /*
573 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
574 * after dropping "_commit" from its name and possibly moving it out
575 * of commit.c
576 */
577 static char *find_header(const char *msg, size_t len, const char *key,
578 const char **next_line)
579 {
580 int key_len = strlen(key);
581 const char *line = msg;
582
583 while (line && line < msg + len) {
584 const char *eol = strchrnul(line, '\n');
585
586 if ((msg + len <= eol) || line == eol)
587 return NULL;
588 if (line + key_len < eol &&
589 !memcmp(line, key, key_len) && line[key_len] == ' ') {
590 int offset = key_len + 1;
591 if (next_line)
592 *next_line = *eol ? eol + 1 : eol;
593 return xmemdupz(line + offset, (eol - line) - offset);
594 }
595 line = *eol ? eol + 1 : NULL;
596 }
597 return NULL;
598 }
599
600 /*
601 * Return zero if a and b are equal up to n bytes and nonzero if they are not.
602 * This operation is guaranteed to run in constant time to avoid leaking data.
603 */
604 static int constant_memequal(const char *a, const char *b, size_t n)
605 {
606 int res = 0;
607 size_t i;
608
609 for (i = 0; i < n; i++)
610 res |= a[i] ^ b[i];
611 return res;
612 }
613
614 static const char *check_nonce(const char *buf, size_t len)
615 {
616 char *nonce = find_header(buf, len, "nonce", NULL);
617 timestamp_t stamp, ostamp;
618 char *bohmac, *expect = NULL;
619 const char *retval = NONCE_BAD;
620 size_t noncelen;
621
622 if (!nonce) {
623 retval = NONCE_MISSING;
624 goto leave;
625 } else if (!push_cert_nonce) {
626 retval = NONCE_UNSOLICITED;
627 goto leave;
628 } else if (!strcmp(push_cert_nonce, nonce)) {
629 retval = NONCE_OK;
630 goto leave;
631 }
632
633 if (!stateless_rpc) {
634 /* returned nonce MUST match what we gave out earlier */
635 retval = NONCE_BAD;
636 goto leave;
637 }
638
639 /*
640 * In stateless mode, we may be receiving a nonce issued by
641 * another instance of the server that serving the same
642 * repository, and the timestamps may not match, but the
643 * nonce-seed and dir should match, so we can recompute and
644 * report the time slop.
645 *
646 * In addition, when a nonce issued by another instance has
647 * timestamp within receive.certnonceslop seconds, we pretend
648 * as if we issued that nonce when reporting to the hook.
649 */
650
651 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
652 if (*nonce <= '0' || '9' < *nonce) {
653 retval = NONCE_BAD;
654 goto leave;
655 }
656 stamp = parse_timestamp(nonce, &bohmac, 10);
657 if (bohmac == nonce || bohmac[0] != '-') {
658 retval = NONCE_BAD;
659 goto leave;
660 }
661
662 noncelen = strlen(nonce);
663 expect = prepare_push_cert_nonce(service_dir, stamp);
664 if (noncelen != strlen(expect)) {
665 /* This is not even the right size. */
666 retval = NONCE_BAD;
667 goto leave;
668 }
669 if (constant_memequal(expect, nonce, noncelen)) {
670 /* Not what we would have signed earlier */
671 retval = NONCE_BAD;
672 goto leave;
673 }
674
675 /*
676 * By how many seconds is this nonce stale? Negative value
677 * would mean it was issued by another server with its clock
678 * skewed in the future.
679 */
680 ostamp = parse_timestamp(push_cert_nonce, NULL, 10);
681 nonce_stamp_slop = (long)ostamp - (long)stamp;
682
683 if (nonce_stamp_slop_limit &&
684 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
685 /*
686 * Pretend as if the received nonce (which passes the
687 * HMAC check, so it is not a forged by third-party)
688 * is what we issued.
689 */
690 free((void *)push_cert_nonce);
691 push_cert_nonce = xstrdup(nonce);
692 retval = NONCE_OK;
693 } else {
694 retval = NONCE_SLOP;
695 }
696
697 leave:
698 free(nonce);
699 free(expect);
700 return retval;
701 }
702
703 /*
704 * Return 1 if there is no push_cert or if the push options in push_cert are
705 * the same as those in the argument; 0 otherwise.
706 */
707 static int check_cert_push_options(const struct string_list *push_options)
708 {
709 const char *buf = push_cert.buf;
710 int len = push_cert.len;
711
712 char *option;
713 const char *next_line;
714 int options_seen = 0;
715
716 int retval = 1;
717
718 if (!len)
719 return 1;
720
721 while ((option = find_header(buf, len, "push-option", &next_line))) {
722 len -= (next_line - buf);
723 buf = next_line;
724 options_seen++;
725 if (options_seen > push_options->nr
726 || strcmp(option,
727 push_options->items[options_seen - 1].string)) {
728 retval = 0;
729 goto leave;
730 }
731 free(option);
732 }
733
734 if (options_seen != push_options->nr)
735 retval = 0;
736
737 leave:
738 free(option);
739 return retval;
740 }
741
742 static void prepare_push_cert_sha1(struct child_process *proc)
743 {
744 static int already_done;
745
746 if (!push_cert.len)
747 return;
748
749 if (!already_done) {
750 int bogs /* beginning_of_gpg_sig */;
751
752 already_done = 1;
753 if (write_object_file(push_cert.buf, push_cert.len, "blob",
754 &push_cert_oid))
755 oidclr(&push_cert_oid);
756
757 memset(&sigcheck, '\0', sizeof(sigcheck));
758
759 bogs = parse_signature(push_cert.buf, push_cert.len);
760 check_signature(push_cert.buf, bogs, push_cert.buf + bogs,
761 push_cert.len - bogs, &sigcheck);
762
763 nonce_status = check_nonce(push_cert.buf, bogs);
764 }
765 if (!is_null_oid(&push_cert_oid)) {
766 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT=%s",
767 oid_to_hex(&push_cert_oid));
768 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT_SIGNER=%s",
769 sigcheck.signer ? sigcheck.signer : "");
770 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT_KEY=%s",
771 sigcheck.key ? sigcheck.key : "");
772 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT_STATUS=%c",
773 sigcheck.result);
774 if (push_cert_nonce) {
775 strvec_pushf(&proc->env_array,
776 "GIT_PUSH_CERT_NONCE=%s",
777 push_cert_nonce);
778 strvec_pushf(&proc->env_array,
779 "GIT_PUSH_CERT_NONCE_STATUS=%s",
780 nonce_status);
781 if (nonce_status == NONCE_SLOP)
782 strvec_pushf(&proc->env_array,
783 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
784 nonce_stamp_slop);
785 }
786 }
787 }
788
789 struct receive_hook_feed_state {
790 struct command *cmd;
791 struct ref_push_report *report;
792 int skip_broken;
793 struct strbuf buf;
794 const struct string_list *push_options;
795 };
796
797 typedef int (*feed_fn)(void *, const char **, size_t *);
798 static int run_and_feed_hook(const char *hook_name, feed_fn feed,
799 struct receive_hook_feed_state *feed_state)
800 {
801 struct child_process proc = CHILD_PROCESS_INIT;
802 struct async muxer;
803 const char *argv[2];
804 int code;
805
806 argv[0] = find_hook(hook_name);
807 if (!argv[0])
808 return 0;
809
810 argv[1] = NULL;
811
812 proc.argv = argv;
813 proc.in = -1;
814 proc.stdout_to_stderr = 1;
815 proc.trace2_hook_name = hook_name;
816
817 if (feed_state->push_options) {
818 int i;
819 for (i = 0; i < feed_state->push_options->nr; i++)
820 strvec_pushf(&proc.env_array,
821 "GIT_PUSH_OPTION_%d=%s", i,
822 feed_state->push_options->items[i].string);
823 strvec_pushf(&proc.env_array, "GIT_PUSH_OPTION_COUNT=%d",
824 feed_state->push_options->nr);
825 } else
826 strvec_pushf(&proc.env_array, "GIT_PUSH_OPTION_COUNT");
827
828 if (tmp_objdir)
829 strvec_pushv(&proc.env_array, tmp_objdir_env(tmp_objdir));
830
831 if (use_sideband) {
832 memset(&muxer, 0, sizeof(muxer));
833 muxer.proc = copy_to_sideband;
834 muxer.in = -1;
835 code = start_async(&muxer);
836 if (code)
837 return code;
838 proc.err = muxer.in;
839 }
840
841 prepare_push_cert_sha1(&proc);
842
843 code = start_command(&proc);
844 if (code) {
845 if (use_sideband)
846 finish_async(&muxer);
847 return code;
848 }
849
850 sigchain_push(SIGPIPE, SIG_IGN);
851
852 while (1) {
853 const char *buf;
854 size_t n;
855 if (feed(feed_state, &buf, &n))
856 break;
857 if (write_in_full(proc.in, buf, n) < 0)
858 break;
859 }
860 close(proc.in);
861 if (use_sideband)
862 finish_async(&muxer);
863
864 sigchain_pop(SIGPIPE);
865
866 return finish_command(&proc);
867 }
868
869 static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
870 {
871 struct receive_hook_feed_state *state = state_;
872 struct command *cmd = state->cmd;
873
874 while (cmd &&
875 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
876 cmd = cmd->next;
877 if (!cmd)
878 return -1; /* EOF */
879 if (!bufp)
880 return 0; /* OK, can feed something. */
881 strbuf_reset(&state->buf);
882 if (!state->report)
883 state->report = cmd->report;
884 if (state->report) {
885 struct object_id *old_oid;
886 struct object_id *new_oid;
887 const char *ref_name;
888
889 old_oid = state->report->old_oid ? state->report->old_oid : &cmd->old_oid;
890 new_oid = state->report->new_oid ? state->report->new_oid : &cmd->new_oid;
891 ref_name = state->report->ref_name ? state->report->ref_name : cmd->ref_name;
892 strbuf_addf(&state->buf, "%s %s %s\n",
893 oid_to_hex(old_oid), oid_to_hex(new_oid),
894 ref_name);
895 state->report = state->report->next;
896 if (!state->report)
897 state->cmd = cmd->next;
898 } else {
899 strbuf_addf(&state->buf, "%s %s %s\n",
900 oid_to_hex(&cmd->old_oid), oid_to_hex(&cmd->new_oid),
901 cmd->ref_name);
902 state->cmd = cmd->next;
903 }
904 if (bufp) {
905 *bufp = state->buf.buf;
906 *sizep = state->buf.len;
907 }
908 return 0;
909 }
910
911 static int run_receive_hook(struct command *commands,
912 const char *hook_name,
913 int skip_broken,
914 const struct string_list *push_options)
915 {
916 struct receive_hook_feed_state state;
917 int status;
918
919 strbuf_init(&state.buf, 0);
920 state.cmd = commands;
921 state.skip_broken = skip_broken;
922 state.report = NULL;
923 if (feed_receive_hook(&state, NULL, NULL))
924 return 0;
925 state.cmd = commands;
926 state.push_options = push_options;
927 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
928 strbuf_release(&state.buf);
929 return status;
930 }
931
932 static int run_update_hook(struct command *cmd)
933 {
934 const char *argv[5];
935 struct child_process proc = CHILD_PROCESS_INIT;
936 int code;
937
938 argv[0] = find_hook("update");
939 if (!argv[0])
940 return 0;
941
942 argv[1] = cmd->ref_name;
943 argv[2] = oid_to_hex(&cmd->old_oid);
944 argv[3] = oid_to_hex(&cmd->new_oid);
945 argv[4] = NULL;
946
947 proc.no_stdin = 1;
948 proc.stdout_to_stderr = 1;
949 proc.err = use_sideband ? -1 : 0;
950 proc.argv = argv;
951 proc.trace2_hook_name = "update";
952
953 code = start_command(&proc);
954 if (code)
955 return code;
956 if (use_sideband)
957 copy_to_sideband(proc.err, -1, NULL);
958 return finish_command(&proc);
959 }
960
961 static struct command *find_command_by_refname(struct command *list,
962 const char *refname)
963 {
964 for (; list; list = list->next)
965 if (!strcmp(list->ref_name, refname))
966 return list;
967 return NULL;
968 }
969
970 static int read_proc_receive_report(struct packet_reader *reader,
971 struct command *commands,
972 struct strbuf *errmsg)
973 {
974 struct command *cmd;
975 struct command *hint = NULL;
976 struct ref_push_report *report = NULL;
977 int new_report = 0;
978 int code = 0;
979 int once = 0;
980
981 for (;;) {
982 struct object_id old_oid, new_oid;
983 const char *head;
984 const char *refname;
985 char *p;
986
987 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
988 break;
989
990 head = reader->line;
991 p = strchr(head, ' ');
992 if (!p) {
993 strbuf_addf(errmsg, "proc-receive reported incomplete status line: '%s'\n", head);
994 code = -1;
995 continue;
996 }
997 *p++ = '\0';
998 if (!strcmp(head, "option")) {
999 const char *key, *val;
1000
1001 if (!hint || !(report || new_report)) {
1002 if (!once++)
1003 strbuf_addstr(errmsg, "proc-receive reported 'option' without a matching 'ok/ng' directive\n");
1004 code = -1;
1005 continue;
1006 }
1007 if (new_report) {
1008 if (!hint->report) {
1009 hint->report = xcalloc(1, sizeof(struct ref_push_report));
1010 report = hint->report;
1011 } else {
1012 report = hint->report;
1013 while (report->next)
1014 report = report->next;
1015 report->next = xcalloc(1, sizeof(struct ref_push_report));
1016 report = report->next;
1017 }
1018 new_report = 0;
1019 }
1020 key = p;
1021 p = strchr(key, ' ');
1022 if (p)
1023 *p++ = '\0';
1024 val = p;
1025 if (!strcmp(key, "refname"))
1026 report->ref_name = xstrdup_or_null(val);
1027 else if (!strcmp(key, "old-oid") && val &&
1028 !parse_oid_hex(val, &old_oid, &val))
1029 report->old_oid = oiddup(&old_oid);
1030 else if (!strcmp(key, "new-oid") && val &&
1031 !parse_oid_hex(val, &new_oid, &val))
1032 report->new_oid = oiddup(&new_oid);
1033 else if (!strcmp(key, "forced-update"))
1034 report->forced_update = 1;
1035 else if (!strcmp(key, "fall-through"))
1036 /* Fall through, let 'receive-pack' to execute it. */
1037 hint->run_proc_receive = 0;
1038 continue;
1039 }
1040
1041 report = NULL;
1042 new_report = 0;
1043 refname = p;
1044 p = strchr(refname, ' ');
1045 if (p)
1046 *p++ = '\0';
1047 if (strcmp(head, "ok") && strcmp(head, "ng")) {
1048 strbuf_addf(errmsg, "proc-receive reported bad status '%s' on ref '%s'\n",
1049 head, refname);
1050 code = -1;
1051 continue;
1052 }
1053
1054 /* first try searching at our hint, falling back to all refs */
1055 if (hint)
1056 hint = find_command_by_refname(hint, refname);
1057 if (!hint)
1058 hint = find_command_by_refname(commands, refname);
1059 if (!hint) {
1060 strbuf_addf(errmsg, "proc-receive reported status on unknown ref: %s\n",
1061 refname);
1062 code = -1;
1063 continue;
1064 }
1065 if (!hint->run_proc_receive) {
1066 strbuf_addf(errmsg, "proc-receive reported status on unexpected ref: %s\n",
1067 refname);
1068 code = -1;
1069 continue;
1070 }
1071 hint->run_proc_receive |= RUN_PROC_RECEIVE_RETURNED;
1072 if (!strcmp(head, "ng")) {
1073 if (p)
1074 hint->error_string = xstrdup(p);
1075 else
1076 hint->error_string = "failed";
1077 code = -1;
1078 continue;
1079 }
1080 new_report = 1;
1081 }
1082
1083 for (cmd = commands; cmd; cmd = cmd->next)
1084 if (cmd->run_proc_receive && !cmd->error_string &&
1085 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED)) {
1086 cmd->error_string = "proc-receive failed to report status";
1087 code = -1;
1088 }
1089 return code;
1090 }
1091
1092 static int run_proc_receive_hook(struct command *commands,
1093 const struct string_list *push_options)
1094 {
1095 struct child_process proc = CHILD_PROCESS_INIT;
1096 struct async muxer;
1097 struct command *cmd;
1098 const char *argv[2];
1099 struct packet_reader reader;
1100 struct strbuf cap = STRBUF_INIT;
1101 struct strbuf errmsg = STRBUF_INIT;
1102 int hook_use_push_options = 0;
1103 int version = 0;
1104 int code;
1105
1106 argv[0] = find_hook("proc-receive");
1107 if (!argv[0]) {
1108 rp_error("cannot find hook 'proc-receive'");
1109 return -1;
1110 }
1111 argv[1] = NULL;
1112
1113 proc.argv = argv;
1114 proc.in = -1;
1115 proc.out = -1;
1116 proc.trace2_hook_name = "proc-receive";
1117
1118 if (use_sideband) {
1119 memset(&muxer, 0, sizeof(muxer));
1120 muxer.proc = copy_to_sideband;
1121 muxer.in = -1;
1122 code = start_async(&muxer);
1123 if (code)
1124 return code;
1125 proc.err = muxer.in;
1126 } else {
1127 proc.err = 0;
1128 }
1129
1130 code = start_command(&proc);
1131 if (code) {
1132 if (use_sideband)
1133 finish_async(&muxer);
1134 return code;
1135 }
1136
1137 sigchain_push(SIGPIPE, SIG_IGN);
1138
1139 /* Version negotiaton */
1140 packet_reader_init(&reader, proc.out, NULL, 0,
1141 PACKET_READ_CHOMP_NEWLINE |
1142 PACKET_READ_GENTLE_ON_EOF);
1143 if (use_atomic)
1144 strbuf_addstr(&cap, " atomic");
1145 if (use_push_options)
1146 strbuf_addstr(&cap, " push-options");
1147 if (cap.len) {
1148 packet_write_fmt(proc.in, "version=1%c%s\n", '\0', cap.buf + 1);
1149 strbuf_release(&cap);
1150 } else {
1151 packet_write_fmt(proc.in, "version=1\n");
1152 }
1153 packet_flush(proc.in);
1154
1155 for (;;) {
1156 int linelen;
1157
1158 if (packet_reader_read(&reader) != PACKET_READ_NORMAL)
1159 break;
1160
1161 if (reader.pktlen > 8 && starts_with(reader.line, "version=")) {
1162 version = atoi(reader.line + 8);
1163 linelen = strlen(reader.line);
1164 if (linelen < reader.pktlen) {
1165 const char *feature_list = reader.line + linelen + 1;
1166 if (parse_feature_request(feature_list, "push-options"))
1167 hook_use_push_options = 1;
1168 }
1169 }
1170 }
1171
1172 if (version != 1) {
1173 strbuf_addf(&errmsg, "proc-receive version '%d' is not supported",
1174 version);
1175 code = -1;
1176 goto cleanup;
1177 }
1178
1179 /* Send commands */
1180 for (cmd = commands; cmd; cmd = cmd->next) {
1181 if (!cmd->run_proc_receive || cmd->skip_update || cmd->error_string)
1182 continue;
1183 packet_write_fmt(proc.in, "%s %s %s",
1184 oid_to_hex(&cmd->old_oid),
1185 oid_to_hex(&cmd->new_oid),
1186 cmd->ref_name);
1187 }
1188 packet_flush(proc.in);
1189
1190 /* Send push options */
1191 if (hook_use_push_options) {
1192 struct string_list_item *item;
1193
1194 for_each_string_list_item(item, push_options)
1195 packet_write_fmt(proc.in, "%s", item->string);
1196 packet_flush(proc.in);
1197 }
1198
1199 /* Read result from proc-receive */
1200 code = read_proc_receive_report(&reader, commands, &errmsg);
1201
1202 cleanup:
1203 close(proc.in);
1204 close(proc.out);
1205 if (use_sideband)
1206 finish_async(&muxer);
1207 if (finish_command(&proc))
1208 code = -1;
1209 if (errmsg.len >0) {
1210 char *p = errmsg.buf;
1211
1212 p += errmsg.len - 1;
1213 if (*p == '\n')
1214 *p = '\0';
1215 rp_error("%s", errmsg.buf);
1216 strbuf_release(&errmsg);
1217 }
1218 sigchain_pop(SIGPIPE);
1219
1220 return code;
1221 }
1222
1223 static char *refuse_unconfigured_deny_msg =
1224 N_("By default, updating the current branch in a non-bare repository\n"
1225 "is denied, because it will make the index and work tree inconsistent\n"
1226 "with what you pushed, and will require 'git reset --hard' to match\n"
1227 "the work tree to HEAD.\n"
1228 "\n"
1229 "You can set the 'receive.denyCurrentBranch' configuration variable\n"
1230 "to 'ignore' or 'warn' in the remote repository to allow pushing into\n"
1231 "its current branch; however, this is not recommended unless you\n"
1232 "arranged to update its work tree to match what you pushed in some\n"
1233 "other way.\n"
1234 "\n"
1235 "To squelch this message and still keep the default behaviour, set\n"
1236 "'receive.denyCurrentBranch' configuration variable to 'refuse'.");
1237
1238 static void refuse_unconfigured_deny(void)
1239 {
1240 rp_error("%s", _(refuse_unconfigured_deny_msg));
1241 }
1242
1243 static char *refuse_unconfigured_deny_delete_current_msg =
1244 N_("By default, deleting the current branch is denied, because the next\n"
1245 "'git clone' won't result in any file checked out, causing confusion.\n"
1246 "\n"
1247 "You can set 'receive.denyDeleteCurrent' configuration variable to\n"
1248 "'warn' or 'ignore' in the remote repository to allow deleting the\n"
1249 "current branch, with or without a warning message.\n"
1250 "\n"
1251 "To squelch this message, you can set it to 'refuse'.");
1252
1253 static void refuse_unconfigured_deny_delete_current(void)
1254 {
1255 rp_error("%s", _(refuse_unconfigured_deny_delete_current_msg));
1256 }
1257
1258 static int command_singleton_iterator(void *cb_data, struct object_id *oid);
1259 static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
1260 {
1261 struct shallow_lock shallow_lock = SHALLOW_LOCK_INIT;
1262 struct oid_array extra = OID_ARRAY_INIT;
1263 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1264 uint32_t mask = 1 << (cmd->index % 32);
1265 int i;
1266
1267 trace_printf_key(&trace_shallow,
1268 "shallow: update_shallow_ref %s\n", cmd->ref_name);
1269 for (i = 0; i < si->shallow->nr; i++)
1270 if (si->used_shallow[i] &&
1271 (si->used_shallow[i][cmd->index / 32] & mask) &&
1272 !delayed_reachability_test(si, i))
1273 oid_array_append(&extra, &si->shallow->oid[i]);
1274
1275 opt.env = tmp_objdir_env(tmp_objdir);
1276 setup_alternate_shallow(&shallow_lock, &opt.shallow_file, &extra);
1277 if (check_connected(command_singleton_iterator, cmd, &opt)) {
1278 rollback_shallow_file(the_repository, &shallow_lock);
1279 oid_array_clear(&extra);
1280 return -1;
1281 }
1282
1283 commit_shallow_file(the_repository, &shallow_lock);
1284
1285 /*
1286 * Make sure setup_alternate_shallow() for the next ref does
1287 * not lose these new roots..
1288 */
1289 for (i = 0; i < extra.nr; i++)
1290 register_shallow(the_repository, &extra.oid[i]);
1291
1292 si->shallow_ref[cmd->index] = 0;
1293 oid_array_clear(&extra);
1294 return 0;
1295 }
1296
1297 /*
1298 * NEEDSWORK: we should consolidate various implementions of "are we
1299 * on an unborn branch?" test into one, and make the unified one more
1300 * robust. !get_sha1() based check used here and elsewhere would not
1301 * allow us to tell an unborn branch from corrupt ref, for example.
1302 * For the purpose of fixing "deploy-to-update does not work when
1303 * pushing into an empty repository" issue, this should suffice for
1304 * now.
1305 */
1306 static int head_has_history(void)
1307 {
1308 struct object_id oid;
1309
1310 return !get_oid("HEAD", &oid);
1311 }
1312
1313 static const char *push_to_deploy(unsigned char *sha1,
1314 struct strvec *env,
1315 const char *work_tree)
1316 {
1317 const char *update_refresh[] = {
1318 "update-index", "-q", "--ignore-submodules", "--refresh", NULL
1319 };
1320 const char *diff_files[] = {
1321 "diff-files", "--quiet", "--ignore-submodules", "--", NULL
1322 };
1323 const char *diff_index[] = {
1324 "diff-index", "--quiet", "--cached", "--ignore-submodules",
1325 NULL, "--", NULL
1326 };
1327 const char *read_tree[] = {
1328 "read-tree", "-u", "-m", NULL, NULL
1329 };
1330 struct child_process child = CHILD_PROCESS_INIT;
1331
1332 child.argv = update_refresh;
1333 child.env = env->v;
1334 child.dir = work_tree;
1335 child.no_stdin = 1;
1336 child.stdout_to_stderr = 1;
1337 child.git_cmd = 1;
1338 if (run_command(&child))
1339 return "Up-to-date check failed";
1340
1341 /* run_command() does not clean up completely; reinitialize */
1342 child_process_init(&child);
1343 child.argv = diff_files;
1344 child.env = env->v;
1345 child.dir = work_tree;
1346 child.no_stdin = 1;
1347 child.stdout_to_stderr = 1;
1348 child.git_cmd = 1;
1349 if (run_command(&child))
1350 return "Working directory has unstaged changes";
1351
1352 /* diff-index with either HEAD or an empty tree */
1353 diff_index[4] = head_has_history() ? "HEAD" : empty_tree_oid_hex();
1354
1355 child_process_init(&child);
1356 child.argv = diff_index;
1357 child.env = env->v;
1358 child.no_stdin = 1;
1359 child.no_stdout = 1;
1360 child.stdout_to_stderr = 0;
1361 child.git_cmd = 1;
1362 if (run_command(&child))
1363 return "Working directory has staged changes";
1364
1365 read_tree[3] = hash_to_hex(sha1);
1366 child_process_init(&child);
1367 child.argv = read_tree;
1368 child.env = env->v;
1369 child.dir = work_tree;
1370 child.no_stdin = 1;
1371 child.no_stdout = 1;
1372 child.stdout_to_stderr = 0;
1373 child.git_cmd = 1;
1374 if (run_command(&child))
1375 return "Could not update working tree to new HEAD";
1376
1377 return NULL;
1378 }
1379
1380 static const char *push_to_checkout_hook = "push-to-checkout";
1381
1382 static const char *push_to_checkout(unsigned char *hash,
1383 struct strvec *env,
1384 const char *work_tree)
1385 {
1386 strvec_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
1387 if (run_hook_le(env->v, push_to_checkout_hook,
1388 hash_to_hex(hash), NULL))
1389 return "push-to-checkout hook declined";
1390 else
1391 return NULL;
1392 }
1393
1394 static const char *update_worktree(unsigned char *sha1, const struct worktree *worktree)
1395 {
1396 const char *retval, *work_tree, *git_dir = NULL;
1397 struct strvec env = STRVEC_INIT;
1398
1399 if (worktree && worktree->path)
1400 work_tree = worktree->path;
1401 else if (git_work_tree_cfg)
1402 work_tree = git_work_tree_cfg;
1403 else
1404 work_tree = "..";
1405
1406 if (is_bare_repository())
1407 return "denyCurrentBranch = updateInstead needs a worktree";
1408 if (worktree)
1409 git_dir = get_worktree_git_dir(worktree);
1410 if (!git_dir)
1411 git_dir = get_git_dir();
1412
1413 strvec_pushf(&env, "GIT_DIR=%s", absolute_path(git_dir));
1414
1415 if (!find_hook(push_to_checkout_hook))
1416 retval = push_to_deploy(sha1, &env, work_tree);
1417 else
1418 retval = push_to_checkout(sha1, &env, work_tree);
1419
1420 strvec_clear(&env);
1421 return retval;
1422 }
1423
1424 static const char *update(struct command *cmd, struct shallow_info *si)
1425 {
1426 const char *name = cmd->ref_name;
1427 struct strbuf namespaced_name_buf = STRBUF_INIT;
1428 static char *namespaced_name;
1429 const char *ret;
1430 struct object_id *old_oid = &cmd->old_oid;
1431 struct object_id *new_oid = &cmd->new_oid;
1432 int do_update_worktree = 0;
1433 const struct worktree *worktree = is_bare_repository() ? NULL : find_shared_symref("HEAD", name);
1434
1435 /* only refs/... are allowed */
1436 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
1437 rp_error("refusing to create funny ref '%s' remotely", name);
1438 return "funny refname";
1439 }
1440
1441 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
1442 free(namespaced_name);
1443 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
1444
1445 if (worktree) {
1446 switch (deny_current_branch) {
1447 case DENY_IGNORE:
1448 break;
1449 case DENY_WARN:
1450 rp_warning("updating the current branch");
1451 break;
1452 case DENY_REFUSE:
1453 case DENY_UNCONFIGURED:
1454 rp_error("refusing to update checked out branch: %s", name);
1455 if (deny_current_branch == DENY_UNCONFIGURED)
1456 refuse_unconfigured_deny();
1457 return "branch is currently checked out";
1458 case DENY_UPDATE_INSTEAD:
1459 /* pass -- let other checks intervene first */
1460 do_update_worktree = 1;
1461 break;
1462 }
1463 }
1464
1465 if (!is_null_oid(new_oid) && !has_object_file(new_oid)) {
1466 error("unpack should have generated %s, "
1467 "but I can't find it!", oid_to_hex(new_oid));
1468 return "bad pack";
1469 }
1470
1471 if (!is_null_oid(old_oid) && is_null_oid(new_oid)) {
1472 if (deny_deletes && starts_with(name, "refs/heads/")) {
1473 rp_error("denying ref deletion for %s", name);
1474 return "deletion prohibited";
1475 }
1476
1477 if (worktree || (head_name && !strcmp(namespaced_name, head_name))) {
1478 switch (deny_delete_current) {
1479 case DENY_IGNORE:
1480 break;
1481 case DENY_WARN:
1482 rp_warning("deleting the current branch");
1483 break;
1484 case DENY_REFUSE:
1485 case DENY_UNCONFIGURED:
1486 case DENY_UPDATE_INSTEAD:
1487 if (deny_delete_current == DENY_UNCONFIGURED)
1488 refuse_unconfigured_deny_delete_current();
1489 rp_error("refusing to delete the current branch: %s", name);
1490 return "deletion of the current branch prohibited";
1491 default:
1492 return "Invalid denyDeleteCurrent setting";
1493 }
1494 }
1495 }
1496
1497 if (deny_non_fast_forwards && !is_null_oid(new_oid) &&
1498 !is_null_oid(old_oid) &&
1499 starts_with(name, "refs/heads/")) {
1500 struct object *old_object, *new_object;
1501 struct commit *old_commit, *new_commit;
1502
1503 old_object = parse_object(the_repository, old_oid);
1504 new_object = parse_object(the_repository, new_oid);
1505
1506 if (!old_object || !new_object ||
1507 old_object->type != OBJ_COMMIT ||
1508 new_object->type != OBJ_COMMIT) {
1509 error("bad sha1 objects for %s", name);
1510 return "bad ref";
1511 }
1512 old_commit = (struct commit *)old_object;
1513 new_commit = (struct commit *)new_object;
1514 if (!in_merge_bases(old_commit, new_commit)) {
1515 rp_error("denying non-fast-forward %s"
1516 " (you should pull first)", name);
1517 return "non-fast-forward";
1518 }
1519 }
1520 if (run_update_hook(cmd)) {
1521 rp_error("hook declined to update %s", name);
1522 return "hook declined";
1523 }
1524
1525 if (do_update_worktree) {
1526 ret = update_worktree(new_oid->hash, find_shared_symref("HEAD", name));
1527 if (ret)
1528 return ret;
1529 }
1530
1531 if (is_null_oid(new_oid)) {
1532 struct strbuf err = STRBUF_INIT;
1533 if (!parse_object(the_repository, old_oid)) {
1534 old_oid = NULL;
1535 if (ref_exists(name)) {
1536 rp_warning("Allowing deletion of corrupt ref.");
1537 } else {
1538 rp_warning("Deleting a non-existent ref.");
1539 cmd->did_not_exist = 1;
1540 }
1541 }
1542 if (ref_transaction_delete(transaction,
1543 namespaced_name,
1544 old_oid,
1545 0, "push", &err)) {
1546 rp_error("%s", err.buf);
1547 strbuf_release(&err);
1548 return "failed to delete";
1549 }
1550 strbuf_release(&err);
1551 return NULL; /* good */
1552 }
1553 else {
1554 struct strbuf err = STRBUF_INIT;
1555 if (shallow_update && si->shallow_ref[cmd->index] &&
1556 update_shallow_ref(cmd, si))
1557 return "shallow error";
1558
1559 if (ref_transaction_update(transaction,
1560 namespaced_name,
1561 new_oid, old_oid,
1562 0, "push",
1563 &err)) {
1564 rp_error("%s", err.buf);
1565 strbuf_release(&err);
1566
1567 return "failed to update ref";
1568 }
1569 strbuf_release(&err);
1570
1571 return NULL; /* good */
1572 }
1573 }
1574
1575 static void run_update_post_hook(struct command *commands)
1576 {
1577 struct command *cmd;
1578 struct child_process proc = CHILD_PROCESS_INIT;
1579 const char *hook;
1580
1581 hook = find_hook("post-update");
1582 if (!hook)
1583 return;
1584
1585 for (cmd = commands; cmd; cmd = cmd->next) {
1586 if (cmd->error_string || cmd->did_not_exist)
1587 continue;
1588 if (!proc.args.nr)
1589 strvec_push(&proc.args, hook);
1590 strvec_push(&proc.args, cmd->ref_name);
1591 }
1592 if (!proc.args.nr)
1593 return;
1594
1595 proc.no_stdin = 1;
1596 proc.stdout_to_stderr = 1;
1597 proc.err = use_sideband ? -1 : 0;
1598 proc.trace2_hook_name = "post-update";
1599
1600 if (!start_command(&proc)) {
1601 if (use_sideband)
1602 copy_to_sideband(proc.err, -1, NULL);
1603 finish_command(&proc);
1604 }
1605 }
1606
1607 static void check_aliased_update_internal(struct command *cmd,
1608 struct string_list *list,
1609 const char *dst_name, int flag)
1610 {
1611 struct string_list_item *item;
1612 struct command *dst_cmd;
1613
1614 if (!(flag & REF_ISSYMREF))
1615 return;
1616
1617 if (!dst_name) {
1618 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1619 cmd->skip_update = 1;
1620 cmd->error_string = "broken symref";
1621 return;
1622 }
1623 dst_name = strip_namespace(dst_name);
1624
1625 if ((item = string_list_lookup(list, dst_name)) == NULL)
1626 return;
1627
1628 cmd->skip_update = 1;
1629
1630 dst_cmd = (struct command *) item->util;
1631
1632 if (oideq(&cmd->old_oid, &dst_cmd->old_oid) &&
1633 oideq(&cmd->new_oid, &dst_cmd->new_oid))
1634 return;
1635
1636 dst_cmd->skip_update = 1;
1637
1638 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1639 " its target '%s' (%s..%s)",
1640 cmd->ref_name,
1641 find_unique_abbrev(&cmd->old_oid, DEFAULT_ABBREV),
1642 find_unique_abbrev(&cmd->new_oid, DEFAULT_ABBREV),
1643 dst_cmd->ref_name,
1644 find_unique_abbrev(&dst_cmd->old_oid, DEFAULT_ABBREV),
1645 find_unique_abbrev(&dst_cmd->new_oid, DEFAULT_ABBREV));
1646
1647 cmd->error_string = dst_cmd->error_string =
1648 "inconsistent aliased update";
1649 }
1650
1651 static void check_aliased_update(struct command *cmd, struct string_list *list)
1652 {
1653 struct strbuf buf = STRBUF_INIT;
1654 const char *dst_name;
1655 int flag;
1656
1657 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1658 dst_name = resolve_ref_unsafe(buf.buf, 0, NULL, &flag);
1659 check_aliased_update_internal(cmd, list, dst_name, flag);
1660 strbuf_release(&buf);
1661 }
1662
1663 static void check_aliased_updates(struct command *commands)
1664 {
1665 struct command *cmd;
1666 struct string_list ref_list = STRING_LIST_INIT_NODUP;
1667
1668 for (cmd = commands; cmd; cmd = cmd->next) {
1669 struct string_list_item *item =
1670 string_list_append(&ref_list, cmd->ref_name);
1671 item->util = (void *)cmd;
1672 }
1673 string_list_sort(&ref_list);
1674
1675 for (cmd = commands; cmd; cmd = cmd->next) {
1676 if (!cmd->error_string)
1677 check_aliased_update(cmd, &ref_list);
1678 }
1679
1680 string_list_clear(&ref_list, 0);
1681 }
1682
1683 static int command_singleton_iterator(void *cb_data, struct object_id *oid)
1684 {
1685 struct command **cmd_list = cb_data;
1686 struct command *cmd = *cmd_list;
1687
1688 if (!cmd || is_null_oid(&cmd->new_oid))
1689 return -1; /* end of list */
1690 *cmd_list = NULL; /* this returns only one */
1691 oidcpy(oid, &cmd->new_oid);
1692 return 0;
1693 }
1694
1695 static void set_connectivity_errors(struct command *commands,
1696 struct shallow_info *si)
1697 {
1698 struct command *cmd;
1699
1700 for (cmd = commands; cmd; cmd = cmd->next) {
1701 struct command *singleton = cmd;
1702 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1703
1704 if (shallow_update && si->shallow_ref[cmd->index])
1705 /* to be checked in update_shallow_ref() */
1706 continue;
1707
1708 opt.env = tmp_objdir_env(tmp_objdir);
1709 if (!check_connected(command_singleton_iterator, &singleton,
1710 &opt))
1711 continue;
1712
1713 cmd->error_string = "missing necessary objects";
1714 }
1715 }
1716
1717 struct iterate_data {
1718 struct command *cmds;
1719 struct shallow_info *si;
1720 };
1721
1722 static int iterate_receive_command_list(void *cb_data, struct object_id *oid)
1723 {
1724 struct iterate_data *data = cb_data;
1725 struct command **cmd_list = &data->cmds;
1726 struct command *cmd = *cmd_list;
1727
1728 for (; cmd; cmd = cmd->next) {
1729 if (shallow_update && data->si->shallow_ref[cmd->index])
1730 /* to be checked in update_shallow_ref() */
1731 continue;
1732 if (!is_null_oid(&cmd->new_oid) && !cmd->skip_update) {
1733 oidcpy(oid, &cmd->new_oid);
1734 *cmd_list = cmd->next;
1735 return 0;
1736 }
1737 }
1738 *cmd_list = NULL;
1739 return -1; /* end of list */
1740 }
1741
1742 static void reject_updates_to_hidden(struct command *commands)
1743 {
1744 struct strbuf refname_full = STRBUF_INIT;
1745 size_t prefix_len;
1746 struct command *cmd;
1747
1748 strbuf_addstr(&refname_full, get_git_namespace());
1749 prefix_len = refname_full.len;
1750
1751 for (cmd = commands; cmd; cmd = cmd->next) {
1752 if (cmd->error_string)
1753 continue;
1754
1755 strbuf_setlen(&refname_full, prefix_len);
1756 strbuf_addstr(&refname_full, cmd->ref_name);
1757
1758 if (!ref_is_hidden(cmd->ref_name, refname_full.buf))
1759 continue;
1760 if (is_null_oid(&cmd->new_oid))
1761 cmd->error_string = "deny deleting a hidden ref";
1762 else
1763 cmd->error_string = "deny updating a hidden ref";
1764 }
1765
1766 strbuf_release(&refname_full);
1767 }
1768
1769 static int should_process_cmd(struct command *cmd)
1770 {
1771 return !cmd->error_string && !cmd->skip_update;
1772 }
1773
1774 static void warn_if_skipped_connectivity_check(struct command *commands,
1775 struct shallow_info *si)
1776 {
1777 struct command *cmd;
1778 int checked_connectivity = 1;
1779
1780 for (cmd = commands; cmd; cmd = cmd->next) {
1781 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index]) {
1782 error("BUG: connectivity check has not been run on ref %s",
1783 cmd->ref_name);
1784 checked_connectivity = 0;
1785 }
1786 }
1787 if (!checked_connectivity)
1788 BUG("connectivity check skipped???");
1789 }
1790
1791 static void execute_commands_non_atomic(struct command *commands,
1792 struct shallow_info *si)
1793 {
1794 struct command *cmd;
1795 struct strbuf err = STRBUF_INIT;
1796
1797 for (cmd = commands; cmd; cmd = cmd->next) {
1798 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
1799 continue;
1800
1801 transaction = ref_transaction_begin(&err);
1802 if (!transaction) {
1803 rp_error("%s", err.buf);
1804 strbuf_reset(&err);
1805 cmd->error_string = "transaction failed to start";
1806 continue;
1807 }
1808
1809 cmd->error_string = update(cmd, si);
1810
1811 if (!cmd->error_string
1812 && ref_transaction_commit(transaction, &err)) {
1813 rp_error("%s", err.buf);
1814 strbuf_reset(&err);
1815 cmd->error_string = "failed to update ref";
1816 }
1817 ref_transaction_free(transaction);
1818 }
1819 strbuf_release(&err);
1820 }
1821
1822 static void execute_commands_atomic(struct command *commands,
1823 struct shallow_info *si)
1824 {
1825 struct command *cmd;
1826 struct strbuf err = STRBUF_INIT;
1827 const char *reported_error = "atomic push failure";
1828
1829 transaction = ref_transaction_begin(&err);
1830 if (!transaction) {
1831 rp_error("%s", err.buf);
1832 strbuf_reset(&err);
1833 reported_error = "transaction failed to start";
1834 goto failure;
1835 }
1836
1837 for (cmd = commands; cmd; cmd = cmd->next) {
1838 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
1839 continue;
1840
1841 cmd->error_string = update(cmd, si);
1842
1843 if (cmd->error_string)
1844 goto failure;
1845 }
1846
1847 if (ref_transaction_commit(transaction, &err)) {
1848 rp_error("%s", err.buf);
1849 reported_error = "atomic transaction failed";
1850 goto failure;
1851 }
1852 goto cleanup;
1853
1854 failure:
1855 for (cmd = commands; cmd; cmd = cmd->next)
1856 if (!cmd->error_string)
1857 cmd->error_string = reported_error;
1858
1859 cleanup:
1860 ref_transaction_free(transaction);
1861 strbuf_release(&err);
1862 }
1863
1864 static void execute_commands(struct command *commands,
1865 const char *unpacker_error,
1866 struct shallow_info *si,
1867 const struct string_list *push_options)
1868 {
1869 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1870 struct command *cmd;
1871 struct iterate_data data;
1872 struct async muxer;
1873 int err_fd = 0;
1874 int run_proc_receive = 0;
1875
1876 if (unpacker_error) {
1877 for (cmd = commands; cmd; cmd = cmd->next)
1878 cmd->error_string = "unpacker error";
1879 return;
1880 }
1881
1882 if (use_sideband) {
1883 memset(&muxer, 0, sizeof(muxer));
1884 muxer.proc = copy_to_sideband;
1885 muxer.in = -1;
1886 if (!start_async(&muxer))
1887 err_fd = muxer.in;
1888 /* ...else, continue without relaying sideband */
1889 }
1890
1891 data.cmds = commands;
1892 data.si = si;
1893 opt.err_fd = err_fd;
1894 opt.progress = err_fd && !quiet;
1895 opt.env = tmp_objdir_env(tmp_objdir);
1896 if (check_connected(iterate_receive_command_list, &data, &opt))
1897 set_connectivity_errors(commands, si);
1898
1899 if (use_sideband)
1900 finish_async(&muxer);
1901
1902 reject_updates_to_hidden(commands);
1903
1904 /*
1905 * Try to find commands that have special prefix in their reference names,
1906 * and mark them to run an external "proc-receive" hook later.
1907 */
1908 if (proc_receive_ref) {
1909 for (cmd = commands; cmd; cmd = cmd->next) {
1910 if (!should_process_cmd(cmd))
1911 continue;
1912
1913 if (proc_receive_ref_matches(cmd)) {
1914 cmd->run_proc_receive = RUN_PROC_RECEIVE_SCHEDULED;
1915 run_proc_receive = 1;
1916 }
1917 }
1918 }
1919
1920 if (run_receive_hook(commands, "pre-receive", 0, push_options)) {
1921 for (cmd = commands; cmd; cmd = cmd->next) {
1922 if (!cmd->error_string)
1923 cmd->error_string = "pre-receive hook declined";
1924 }
1925 return;
1926 }
1927
1928 /*
1929 * Now we'll start writing out refs, which means the objects need
1930 * to be in their final positions so that other processes can see them.
1931 */
1932 if (tmp_objdir_migrate(tmp_objdir) < 0) {
1933 for (cmd = commands; cmd; cmd = cmd->next) {
1934 if (!cmd->error_string)
1935 cmd->error_string = "unable to migrate objects to permanent storage";
1936 }
1937 return;
1938 }
1939 tmp_objdir = NULL;
1940
1941 check_aliased_updates(commands);
1942
1943 free(head_name_to_free);
1944 head_name = head_name_to_free = resolve_refdup("HEAD", 0, NULL, NULL);
1945
1946 if (run_proc_receive &&
1947 run_proc_receive_hook(commands, push_options))
1948 for (cmd = commands; cmd; cmd = cmd->next)
1949 if (!cmd->error_string &&
1950 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED) &&
1951 (cmd->run_proc_receive || use_atomic))
1952 cmd->error_string = "fail to run proc-receive hook";
1953
1954 if (use_atomic)
1955 execute_commands_atomic(commands, si);
1956 else
1957 execute_commands_non_atomic(commands, si);
1958
1959 if (shallow_update)
1960 warn_if_skipped_connectivity_check(commands, si);
1961 }
1962
1963 static struct command **queue_command(struct command **tail,
1964 const char *line,
1965 int linelen)
1966 {
1967 struct object_id old_oid, new_oid;
1968 struct command *cmd;
1969 const char *refname;
1970 int reflen;
1971 const char *p;
1972
1973 if (parse_oid_hex(line, &old_oid, &p) ||
1974 *p++ != ' ' ||
1975 parse_oid_hex(p, &new_oid, &p) ||
1976 *p++ != ' ')
1977 die("protocol error: expected old/new/ref, got '%s'", line);
1978
1979 refname = p;
1980 reflen = linelen - (p - line);
1981 FLEX_ALLOC_MEM(cmd, ref_name, refname, reflen);
1982 oidcpy(&cmd->old_oid, &old_oid);
1983 oidcpy(&cmd->new_oid, &new_oid);
1984 *tail = cmd;
1985 return &cmd->next;
1986 }
1987
1988 static void queue_commands_from_cert(struct command **tail,
1989 struct strbuf *push_cert)
1990 {
1991 const char *boc, *eoc;
1992
1993 if (*tail)
1994 die("protocol error: got both push certificate and unsigned commands");
1995
1996 boc = strstr(push_cert->buf, "\n\n");
1997 if (!boc)
1998 die("malformed push certificate %.*s", 100, push_cert->buf);
1999 else
2000 boc += 2;
2001 eoc = push_cert->buf + parse_signature(push_cert->buf, push_cert->len);
2002
2003 while (boc < eoc) {
2004 const char *eol = memchr(boc, '\n', eoc - boc);
2005 tail = queue_command(tail, boc, eol ? eol - boc : eoc - boc);
2006 boc = eol ? eol + 1 : eoc;
2007 }
2008 }
2009
2010 static struct command *read_head_info(struct packet_reader *reader,
2011 struct oid_array *shallow)
2012 {
2013 struct command *commands = NULL;
2014 struct command **p = &commands;
2015 for (;;) {
2016 int linelen;
2017
2018 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
2019 break;
2020
2021 if (reader->pktlen > 8 && starts_with(reader->line, "shallow ")) {
2022 struct object_id oid;
2023 if (get_oid_hex(reader->line + 8, &oid))
2024 die("protocol error: expected shallow sha, got '%s'",
2025 reader->line + 8);
2026 oid_array_append(shallow, &oid);
2027 continue;
2028 }
2029
2030 linelen = strlen(reader->line);
2031 if (linelen < reader->pktlen) {
2032 const char *feature_list = reader->line + linelen + 1;
2033 const char *hash = NULL;
2034 int len = 0;
2035 if (parse_feature_request(feature_list, "report-status"))
2036 report_status = 1;
2037 if (parse_feature_request(feature_list, "report-status-v2"))
2038 report_status_v2 = 1;
2039 if (parse_feature_request(feature_list, "side-band-64k"))
2040 use_sideband = LARGE_PACKET_MAX;
2041 if (parse_feature_request(feature_list, "quiet"))
2042 quiet = 1;
2043 if (advertise_atomic_push
2044 && parse_feature_request(feature_list, "atomic"))
2045 use_atomic = 1;
2046 if (advertise_push_options
2047 && parse_feature_request(feature_list, "push-options"))
2048 use_push_options = 1;
2049 hash = parse_feature_value(feature_list, "object-format", &len, NULL);
2050 if (!hash) {
2051 hash = hash_algos[GIT_HASH_SHA1].name;
2052 len = strlen(hash);
2053 }
2054 if (xstrncmpz(the_hash_algo->name, hash, len))
2055 die("error: unsupported object format '%s'", hash);
2056 }
2057
2058 if (!strcmp(reader->line, "push-cert")) {
2059 int true_flush = 0;
2060 int saved_options = reader->options;
2061 reader->options &= ~PACKET_READ_CHOMP_NEWLINE;
2062
2063 for (;;) {
2064 packet_reader_read(reader);
2065 if (reader->status == PACKET_READ_FLUSH) {
2066 true_flush = 1;
2067 break;
2068 }
2069 if (reader->status != PACKET_READ_NORMAL) {
2070 die("protocol error: got an unexpected packet");
2071 }
2072 if (!strcmp(reader->line, "push-cert-end\n"))
2073 break; /* end of cert */
2074 strbuf_addstr(&push_cert, reader->line);
2075 }
2076 reader->options = saved_options;
2077
2078 if (true_flush)
2079 break;
2080 continue;
2081 }
2082
2083 p = queue_command(p, reader->line, linelen);
2084 }
2085
2086 if (push_cert.len)
2087 queue_commands_from_cert(p, &push_cert);
2088
2089 return commands;
2090 }
2091
2092 static void read_push_options(struct packet_reader *reader,
2093 struct string_list *options)
2094 {
2095 while (1) {
2096 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
2097 break;
2098
2099 string_list_append(options, reader->line);
2100 }
2101 }
2102
2103 static const char *parse_pack_header(struct pack_header *hdr)
2104 {
2105 switch (read_pack_header(0, hdr)) {
2106 case PH_ERROR_EOF:
2107 return "eof before pack header was fully read";
2108
2109 case PH_ERROR_PACK_SIGNATURE:
2110 return "protocol error (pack signature mismatch detected)";
2111
2112 case PH_ERROR_PROTOCOL:
2113 return "protocol error (pack version unsupported)";
2114
2115 default:
2116 return "unknown error in parse_pack_header";
2117
2118 case 0:
2119 return NULL;
2120 }
2121 }
2122
2123 static const char *pack_lockfile;
2124
2125 static void push_header_arg(struct strvec *args, struct pack_header *hdr)
2126 {
2127 strvec_pushf(args, "--pack_header=%"PRIu32",%"PRIu32,
2128 ntohl(hdr->hdr_version), ntohl(hdr->hdr_entries));
2129 }
2130
2131 static const char *unpack(int err_fd, struct shallow_info *si)
2132 {
2133 struct pack_header hdr;
2134 const char *hdr_err;
2135 int status;
2136 struct child_process child = CHILD_PROCESS_INIT;
2137 int fsck_objects = (receive_fsck_objects >= 0
2138 ? receive_fsck_objects
2139 : transfer_fsck_objects >= 0
2140 ? transfer_fsck_objects
2141 : 0);
2142
2143 hdr_err = parse_pack_header(&hdr);
2144 if (hdr_err) {
2145 if (err_fd > 0)
2146 close(err_fd);
2147 return hdr_err;
2148 }
2149
2150 if (si->nr_ours || si->nr_theirs) {
2151 alt_shallow_file = setup_temporary_shallow(si->shallow);
2152 strvec_push(&child.args, "--shallow-file");
2153 strvec_push(&child.args, alt_shallow_file);
2154 }
2155
2156 tmp_objdir = tmp_objdir_create();
2157 if (!tmp_objdir) {
2158 if (err_fd > 0)
2159 close(err_fd);
2160 return "unable to create temporary object directory";
2161 }
2162 child.env = tmp_objdir_env(tmp_objdir);
2163
2164 /*
2165 * Normally we just pass the tmp_objdir environment to the child
2166 * processes that do the heavy lifting, but we may need to see these
2167 * objects ourselves to set up shallow information.
2168 */
2169 tmp_objdir_add_as_alternate(tmp_objdir);
2170
2171 if (ntohl(hdr.hdr_entries) < unpack_limit) {
2172 strvec_push(&child.args, "unpack-objects");
2173 push_header_arg(&child.args, &hdr);
2174 if (quiet)
2175 strvec_push(&child.args, "-q");
2176 if (fsck_objects)
2177 strvec_pushf(&child.args, "--strict%s",
2178 fsck_msg_types.buf);
2179 if (max_input_size)
2180 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
2181 (uintmax_t)max_input_size);
2182 child.no_stdout = 1;
2183 child.err = err_fd;
2184 child.git_cmd = 1;
2185 status = run_command(&child);
2186 if (status)
2187 return "unpack-objects abnormal exit";
2188 } else {
2189 char hostname[HOST_NAME_MAX + 1];
2190
2191 strvec_pushl(&child.args, "index-pack", "--stdin", NULL);
2192 push_header_arg(&child.args, &hdr);
2193
2194 if (xgethostname(hostname, sizeof(hostname)))
2195 xsnprintf(hostname, sizeof(hostname), "localhost");
2196 strvec_pushf(&child.args,
2197 "--keep=receive-pack %"PRIuMAX" on %s",
2198 (uintmax_t)getpid(),
2199 hostname);
2200
2201 if (!quiet && err_fd)
2202 strvec_push(&child.args, "--show-resolving-progress");
2203 if (use_sideband)
2204 strvec_push(&child.args, "--report-end-of-input");
2205 if (fsck_objects)
2206 strvec_pushf(&child.args, "--strict%s",
2207 fsck_msg_types.buf);
2208 if (!reject_thin)
2209 strvec_push(&child.args, "--fix-thin");
2210 if (max_input_size)
2211 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
2212 (uintmax_t)max_input_size);
2213 child.out = -1;
2214 child.err = err_fd;
2215 child.git_cmd = 1;
2216 status = start_command(&child);
2217 if (status)
2218 return "index-pack fork failed";
2219 pack_lockfile = index_pack_lockfile(child.out);
2220 close(child.out);
2221 status = finish_command(&child);
2222 if (status)
2223 return "index-pack abnormal exit";
2224 reprepare_packed_git(the_repository);
2225 }
2226 return NULL;
2227 }
2228
2229 static const char *unpack_with_sideband(struct shallow_info *si)
2230 {
2231 struct async muxer;
2232 const char *ret;
2233
2234 if (!use_sideband)
2235 return unpack(0, si);
2236
2237 use_keepalive = KEEPALIVE_AFTER_NUL;
2238 memset(&muxer, 0, sizeof(muxer));
2239 muxer.proc = copy_to_sideband;
2240 muxer.in = -1;
2241 if (start_async(&muxer))
2242 return NULL;
2243
2244 ret = unpack(muxer.in, si);
2245
2246 finish_async(&muxer);
2247 return ret;
2248 }
2249
2250 static void prepare_shallow_update(struct shallow_info *si)
2251 {
2252 int i, j, k, bitmap_size = DIV_ROUND_UP(si->ref->nr, 32);
2253
2254 ALLOC_ARRAY(si->used_shallow, si->shallow->nr);
2255 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
2256
2257 si->need_reachability_test =
2258 xcalloc(si->shallow->nr, sizeof(*si->need_reachability_test));
2259 si->reachable =
2260 xcalloc(si->shallow->nr, sizeof(*si->reachable));
2261 si->shallow_ref = xcalloc(si->ref->nr, sizeof(*si->shallow_ref));
2262
2263 for (i = 0; i < si->nr_ours; i++)
2264 si->need_reachability_test[si->ours[i]] = 1;
2265
2266 for (i = 0; i < si->shallow->nr; i++) {
2267 if (!si->used_shallow[i])
2268 continue;
2269 for (j = 0; j < bitmap_size; j++) {
2270 if (!si->used_shallow[i][j])
2271 continue;
2272 si->need_reachability_test[i]++;
2273 for (k = 0; k < 32; k++)
2274 if (si->used_shallow[i][j] & (1U << k))
2275 si->shallow_ref[j * 32 + k]++;
2276 }
2277
2278 /*
2279 * true for those associated with some refs and belong
2280 * in "ours" list aka "step 7 not done yet"
2281 */
2282 si->need_reachability_test[i] =
2283 si->need_reachability_test[i] > 1;
2284 }
2285
2286 /*
2287 * keep hooks happy by forcing a temporary shallow file via
2288 * env variable because we can't add --shallow-file to every
2289 * command. check_connected() will be done with
2290 * true .git/shallow though.
2291 */
2292 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
2293 }
2294
2295 static void update_shallow_info(struct command *commands,
2296 struct shallow_info *si,
2297 struct oid_array *ref)
2298 {
2299 struct command *cmd;
2300 int *ref_status;
2301 remove_nonexistent_theirs_shallow(si);
2302 if (!si->nr_ours && !si->nr_theirs) {
2303 shallow_update = 0;
2304 return;
2305 }
2306
2307 for (cmd = commands; cmd; cmd = cmd->next) {
2308 if (is_null_oid(&cmd->new_oid))
2309 continue;
2310 oid_array_append(ref, &cmd->new_oid);
2311 cmd->index = ref->nr - 1;
2312 }
2313 si->ref = ref;
2314
2315 if (shallow_update) {
2316 prepare_shallow_update(si);
2317 return;
2318 }
2319
2320 ALLOC_ARRAY(ref_status, ref->nr);
2321 assign_shallow_commits_to_refs(si, NULL, ref_status);
2322 for (cmd = commands; cmd; cmd = cmd->next) {
2323 if (is_null_oid(&cmd->new_oid))
2324 continue;
2325 if (ref_status[cmd->index]) {
2326 cmd->error_string = "shallow update not allowed";
2327 cmd->skip_update = 1;
2328 }
2329 }
2330 free(ref_status);
2331 }
2332
2333 static void report(struct command *commands, const char *unpack_status)
2334 {
2335 struct command *cmd;
2336 struct strbuf buf = STRBUF_INIT;
2337
2338 packet_buf_write(&buf, "unpack %s\n",
2339 unpack_status ? unpack_status : "ok");
2340 for (cmd = commands; cmd; cmd = cmd->next) {
2341 if (!cmd->error_string)
2342 packet_buf_write(&buf, "ok %s\n",
2343 cmd->ref_name);
2344 else
2345 packet_buf_write(&buf, "ng %s %s\n",
2346 cmd->ref_name, cmd->error_string);
2347 }
2348 packet_buf_flush(&buf);
2349
2350 if (use_sideband)
2351 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2352 else
2353 write_or_die(1, buf.buf, buf.len);
2354 strbuf_release(&buf);
2355 }
2356
2357 static void report_v2(struct command *commands, const char *unpack_status)
2358 {
2359 struct command *cmd;
2360 struct strbuf buf = STRBUF_INIT;
2361 struct ref_push_report *report;
2362
2363 packet_buf_write(&buf, "unpack %s\n",
2364 unpack_status ? unpack_status : "ok");
2365 for (cmd = commands; cmd; cmd = cmd->next) {
2366 int count = 0;
2367
2368 if (cmd->error_string) {
2369 packet_buf_write(&buf, "ng %s %s\n",
2370 cmd->ref_name,
2371 cmd->error_string);
2372 continue;
2373 }
2374 packet_buf_write(&buf, "ok %s\n",
2375 cmd->ref_name);
2376 for (report = cmd->report; report; report = report->next) {
2377 if (count++ > 0)
2378 packet_buf_write(&buf, "ok %s\n",
2379 cmd->ref_name);
2380 if (report->ref_name)
2381 packet_buf_write(&buf, "option refname %s\n",
2382 report->ref_name);
2383 if (report->old_oid)
2384 packet_buf_write(&buf, "option old-oid %s\n",
2385 oid_to_hex(report->old_oid));
2386 if (report->new_oid)
2387 packet_buf_write(&buf, "option new-oid %s\n",
2388 oid_to_hex(report->new_oid));
2389 if (report->forced_update)
2390 packet_buf_write(&buf, "option forced-update\n");
2391 }
2392 }
2393 packet_buf_flush(&buf);
2394
2395 if (use_sideband)
2396 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2397 else
2398 write_or_die(1, buf.buf, buf.len);
2399 strbuf_release(&buf);
2400 }
2401
2402 static int delete_only(struct command *commands)
2403 {
2404 struct command *cmd;
2405 for (cmd = commands; cmd; cmd = cmd->next) {
2406 if (!is_null_oid(&cmd->new_oid))
2407 return 0;
2408 }
2409 return 1;
2410 }
2411
2412 int cmd_receive_pack(int argc, const char **argv, const char *prefix)
2413 {
2414 int advertise_refs = 0;
2415 struct command *commands;
2416 struct oid_array shallow = OID_ARRAY_INIT;
2417 struct oid_array ref = OID_ARRAY_INIT;
2418 struct shallow_info si;
2419 struct packet_reader reader;
2420
2421 struct option options[] = {
2422 OPT__QUIET(&quiet, N_("quiet")),
2423 OPT_HIDDEN_BOOL(0, "stateless-rpc", &stateless_rpc, NULL),
2424 OPT_HIDDEN_BOOL(0, "advertise-refs", &advertise_refs, NULL),
2425 OPT_HIDDEN_BOOL(0, "reject-thin-pack-for-testing", &reject_thin, NULL),
2426 OPT_END()
2427 };
2428
2429 packet_trace_identity("receive-pack");
2430
2431 argc = parse_options(argc, argv, prefix, options, receive_pack_usage, 0);
2432
2433 if (argc > 1)
2434 usage_msg_opt(_("Too many arguments."), receive_pack_usage, options);
2435 if (argc == 0)
2436 usage_msg_opt(_("You must specify a directory."), receive_pack_usage, options);
2437
2438 service_dir = argv[0];
2439
2440 setup_path();
2441
2442 if (!enter_repo(service_dir, 0))
2443 die("'%s' does not appear to be a git repository", service_dir);
2444
2445 git_config(receive_pack_config, NULL);
2446 if (cert_nonce_seed)
2447 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
2448
2449 if (0 <= transfer_unpack_limit)
2450 unpack_limit = transfer_unpack_limit;
2451 else if (0 <= receive_unpack_limit)
2452 unpack_limit = receive_unpack_limit;
2453
2454 switch (determine_protocol_version_server()) {
2455 case protocol_v2:
2456 /*
2457 * push support for protocol v2 has not been implemented yet,
2458 * so ignore the request to use v2 and fallback to using v0.
2459 */
2460 break;
2461 case protocol_v1:
2462 /*
2463 * v1 is just the original protocol with a version string,
2464 * so just fall through after writing the version string.
2465 */
2466 if (advertise_refs || !stateless_rpc)
2467 packet_write_fmt(1, "version 1\n");
2468
2469 /* fallthrough */
2470 case protocol_v0:
2471 break;
2472 case protocol_unknown_version:
2473 BUG("unknown protocol version");
2474 }
2475
2476 if (advertise_refs || !stateless_rpc) {
2477 write_head_info();
2478 }
2479 if (advertise_refs)
2480 return 0;
2481
2482 packet_reader_init(&reader, 0, NULL, 0,
2483 PACKET_READ_CHOMP_NEWLINE |
2484 PACKET_READ_DIE_ON_ERR_PACKET);
2485
2486 if ((commands = read_head_info(&reader, &shallow)) != NULL) {
2487 const char *unpack_status = NULL;
2488 struct string_list push_options = STRING_LIST_INIT_DUP;
2489
2490 if (use_push_options)
2491 read_push_options(&reader, &push_options);
2492 if (!check_cert_push_options(&push_options)) {
2493 struct command *cmd;
2494 for (cmd = commands; cmd; cmd = cmd->next)
2495 cmd->error_string = "inconsistent push options";
2496 }
2497
2498 prepare_shallow_info(&si, &shallow);
2499 if (!si.nr_ours && !si.nr_theirs)
2500 shallow_update = 0;
2501 if (!delete_only(commands)) {
2502 unpack_status = unpack_with_sideband(&si);
2503 update_shallow_info(commands, &si, &ref);
2504 }
2505 use_keepalive = KEEPALIVE_ALWAYS;
2506 execute_commands(commands, unpack_status, &si,
2507 &push_options);
2508 if (pack_lockfile)
2509 unlink_or_warn(pack_lockfile);
2510 if (report_status_v2)
2511 report_v2(commands, unpack_status);
2512 else if (report_status)
2513 report(commands, unpack_status);
2514 run_receive_hook(commands, "post-receive", 1,
2515 &push_options);
2516 run_update_post_hook(commands);
2517 string_list_clear(&push_options, 0);
2518 if (auto_gc) {
2519 const char *argv_gc_auto[] = {
2520 "gc", "--auto", "--quiet", NULL,
2521 };
2522 struct child_process proc = CHILD_PROCESS_INIT;
2523
2524 proc.no_stdin = 1;
2525 proc.stdout_to_stderr = 1;
2526 proc.err = use_sideband ? -1 : 0;
2527 proc.git_cmd = 1;
2528 proc.argv = argv_gc_auto;
2529
2530 close_object_store(the_repository->objects);
2531 if (!start_command(&proc)) {
2532 if (use_sideband)
2533 copy_to_sideband(proc.err, -1, NULL);
2534 finish_command(&proc);
2535 }
2536 }
2537 if (auto_update_server_info)
2538 update_server_info(0);
2539 clear_shallow_info(&si);
2540 }
2541 if (use_sideband)
2542 packet_flush(1);
2543 oid_array_clear(&shallow);
2544 oid_array_clear(&ref);
2545 free((void *)push_cert_nonce);
2546 return 0;
2547 }
Unnamed repository; edit this file 'description' to name the repository.