7 #include "run-command.h"
13 #include "transport.h"
14 #include "string-list.h"
15 #include "sha1-array.h"
16 #include "connected.h"
17 #include "argv-array.h"
20 #include "gpg-interface.h"
23 static const char receive_pack_usage[] = "git receive-pack <git-dir>";
32 static int deny_deletes;
33 static int deny_non_fast_forwards;
34 static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
35 static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
36 static int receive_fsck_objects = -1;
37 static int transfer_fsck_objects = -1;
38 static int receive_unpack_limit = -1;
39 static int transfer_unpack_limit = -1;
40 static int unpack_limit = 100;
41 static int report_status;
42 static int use_sideband;
44 static int prefer_ofs_delta = 1;
45 static int auto_update_server_info;
46 static int auto_gc = 1;
47 static int fix_thin = 1;
48 static int stateless_rpc;
49 static const char *service_dir;
50 static const char *head_name;
51 static void *head_name_to_free;
52 static int sent_capabilities;
53 static int shallow_update;
54 static const char *alt_shallow_file;
55 static struct strbuf push_cert = STRBUF_INIT;
56 static unsigned char push_cert_sha1[20];
57 static struct signature_check sigcheck;
58 static const char *push_cert_nonce;
59 static const char *cert_nonce_seed;
61 static const char *NONCE_UNSOLICITED = "UNSOLICITED";
62 static const char *NONCE_BAD = "BAD";
63 static const char *NONCE_MISSING = "MISSING";
64 static const char *NONCE_OK = "OK";
65 static const char *NONCE_SLOP = "SLOP";
66 static const char *nonce_status;
67 static long nonce_stamp_slop;
68 static unsigned long nonce_stamp_slop_limit;
70 static enum deny_action parse_deny_action(const char *var, const char *value)
73 if (!strcasecmp(value, "ignore"))
75 if (!strcasecmp(value, "warn"))
77 if (!strcasecmp(value, "refuse"))
80 if (git_config_bool(var, value))
85 static int receive_pack_config(const char *var, const char *value, void *cb)
87 int status = parse_hide_refs_config(var, value, "receive");
92 if (strcmp(var, "receive.denydeletes") == 0) {
93 deny_deletes = git_config_bool(var, value);
97 if (strcmp(var, "receive.denynonfastforwards") == 0) {
98 deny_non_fast_forwards = git_config_bool(var, value);
102 if (strcmp(var, "receive.unpacklimit") == 0) {
103 receive_unpack_limit = git_config_int(var, value);
107 if (strcmp(var, "transfer.unpacklimit") == 0) {
108 transfer_unpack_limit = git_config_int(var, value);
112 if (strcmp(var, "receive.fsckobjects") == 0) {
113 receive_fsck_objects = git_config_bool(var, value);
117 if (strcmp(var, "transfer.fsckobjects") == 0) {
118 transfer_fsck_objects = git_config_bool(var, value);
122 if (!strcmp(var, "receive.denycurrentbranch")) {
123 deny_current_branch = parse_deny_action(var, value);
127 if (strcmp(var, "receive.denydeletecurrent") == 0) {
128 deny_delete_current = parse_deny_action(var, value);
132 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
133 prefer_ofs_delta = git_config_bool(var, value);
137 if (strcmp(var, "receive.updateserverinfo") == 0) {
138 auto_update_server_info = git_config_bool(var, value);
142 if (strcmp(var, "receive.autogc") == 0) {
143 auto_gc = git_config_bool(var, value);
147 if (strcmp(var, "receive.shallowupdate") == 0) {
148 shallow_update = git_config_bool(var, value);
152 if (strcmp(var, "receive.certnonceseed") == 0)
153 return git_config_string(&cert_nonce_seed, var, value);
155 if (strcmp(var, "receive.certnonceslop") == 0) {
156 nonce_stamp_slop_limit = git_config_ulong(var, value);
160 return git_default_config(var, value, cb);
163 static void show_ref(const char *path, const unsigned char *sha1)
165 if (ref_is_hidden(path))
168 if (sent_capabilities) {
169 packet_write(1, "%s %s\n", sha1_to_hex(sha1), path);
171 struct strbuf cap = STRBUF_INIT;
174 "report-status delete-refs side-band-64k quiet");
175 if (prefer_ofs_delta)
176 strbuf_addstr(&cap, " ofs-delta");
178 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
179 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
180 packet_write(1, "%s %s%c%s\n",
181 sha1_to_hex(sha1), path, 0, cap.buf);
182 strbuf_release(&cap);
183 sent_capabilities = 1;
187 static int show_ref_cb(const char *path, const unsigned char *sha1, int flag, void *unused)
189 path = strip_namespace(path);
191 * Advertise refs outside our current namespace as ".have"
192 * refs, so that the client can use them to minimize data
193 * transfer but will otherwise ignore them. This happens to
194 * cover ".have" that are thrown in by add_one_alternate_ref()
195 * to mark histories that are complete in our alternates as
200 show_ref(path, sha1);
204 static void show_one_alternate_sha1(const unsigned char sha1[20], void *unused)
206 show_ref(".have", sha1);
209 static void collect_one_alternate_ref(const struct ref *ref, void *data)
211 struct sha1_array *sa = data;
212 sha1_array_append(sa, ref->old_sha1);
215 static void write_head_info(void)
217 struct sha1_array sa = SHA1_ARRAY_INIT;
218 for_each_alternate_ref(collect_one_alternate_ref, &sa);
219 sha1_array_for_each_unique(&sa, show_one_alternate_sha1, NULL);
220 sha1_array_clear(&sa);
221 for_each_ref(show_ref_cb, NULL);
222 if (!sent_capabilities)
223 show_ref("capabilities^{}", null_sha1);
225 advertise_shallow_grafts(1);
232 struct command *next;
233 const char *error_string;
234 unsigned int skip_update:1,
237 unsigned char old_sha1[20];
238 unsigned char new_sha1[20];
239 char ref_name[FLEX_ARRAY]; /* more */
242 static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
243 static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
245 static void report_message(const char *prefix, const char *err, va_list params)
247 int sz = strlen(prefix);
250 strncpy(msg, prefix, sz);
251 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
252 if (sz > (sizeof(msg) - 1))
253 sz = sizeof(msg) - 1;
257 send_sideband(1, 2, msg, sz, use_sideband);
262 static void rp_warning(const char *err, ...)
265 va_start(params, err);
266 report_message("warning: ", err, params);
270 static void rp_error(const char *err, ...)
273 va_start(params, err);
274 report_message("error: ", err, params);
278 static int copy_to_sideband(int in, int out, void *arg)
282 ssize_t sz = xread(in, data, sizeof(data));
285 send_sideband(1, 2, data, sz, use_sideband);
291 #define HMAC_BLOCK_SIZE 64
293 static void hmac_sha1(unsigned char *out,
294 const char *key_in, size_t key_len,
295 const char *text, size_t text_len)
297 unsigned char key[HMAC_BLOCK_SIZE];
298 unsigned char k_ipad[HMAC_BLOCK_SIZE];
299 unsigned char k_opad[HMAC_BLOCK_SIZE];
303 /* RFC 2104 2. (1) */
304 memset(key, '\0', HMAC_BLOCK_SIZE);
305 if (HMAC_BLOCK_SIZE < key_len) {
307 git_SHA1_Update(&ctx, key_in, key_len);
308 git_SHA1_Final(key, &ctx);
310 memcpy(key, key_in, key_len);
313 /* RFC 2104 2. (2) & (5) */
314 for (i = 0; i < sizeof(key); i++) {
315 k_ipad[i] = key[i] ^ 0x36;
316 k_opad[i] = key[i] ^ 0x5c;
319 /* RFC 2104 2. (3) & (4) */
321 git_SHA1_Update(&ctx, k_ipad, sizeof(k_ipad));
322 git_SHA1_Update(&ctx, text, text_len);
323 git_SHA1_Final(out, &ctx);
325 /* RFC 2104 2. (6) & (7) */
327 git_SHA1_Update(&ctx, k_opad, sizeof(k_opad));
328 git_SHA1_Update(&ctx, out, 20);
329 git_SHA1_Final(out, &ctx);
332 static char *prepare_push_cert_nonce(const char *path, unsigned long stamp)
334 struct strbuf buf = STRBUF_INIT;
335 unsigned char sha1[20];
337 strbuf_addf(&buf, "%s:%lu", path, stamp);
338 hmac_sha1(sha1, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));;
339 strbuf_release(&buf);
341 /* RFC 2104 5. HMAC-SHA1-80 */
342 strbuf_addf(&buf, "%lu-%.*s", stamp, 20, sha1_to_hex(sha1));
343 return strbuf_detach(&buf, NULL);
347 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
348 * after dropping "_commit" from its name and possibly moving it out
351 static char *find_header(const char *msg, size_t len, const char *key)
353 int key_len = strlen(key);
354 const char *line = msg;
356 while (line && line < msg + len) {
357 const char *eol = strchrnul(line, '\n');
359 if ((msg + len <= eol) || line == eol)
361 if (line + key_len < eol &&
362 !memcmp(line, key, key_len) && line[key_len] == ' ') {
363 int offset = key_len + 1;
364 return xmemdupz(line + offset, (eol - line) - offset);
366 line = *eol ? eol + 1 : NULL;
371 static const char *check_nonce(const char *buf, size_t len)
373 char *nonce = find_header(buf, len, "nonce");
374 unsigned long stamp, ostamp;
375 char *bohmac, *expect = NULL;
376 const char *retval = NONCE_BAD;
379 retval = NONCE_MISSING;
381 } else if (!push_cert_nonce) {
382 retval = NONCE_UNSOLICITED;
384 } else if (!strcmp(push_cert_nonce, nonce)) {
389 if (!stateless_rpc) {
390 /* returned nonce MUST match what we gave out earlier */
396 * In stateless mode, we may be receiving a nonce issued by
397 * another instance of the server that serving the same
398 * repository, and the timestamps may not match, but the
399 * nonce-seed and dir should match, so we can recompute and
400 * report the time slop.
402 * In addition, when a nonce issued by another instance has
403 * timestamp within receive.certnonceslop seconds, we pretend
404 * as if we issued that nonce when reporting to the hook.
407 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
408 if (*nonce <= '0' || '9' < *nonce) {
412 stamp = strtoul(nonce, &bohmac, 10);
413 if (bohmac == nonce || bohmac[0] != '-') {
418 expect = prepare_push_cert_nonce(service_dir, stamp);
419 if (strcmp(expect, nonce)) {
420 /* Not what we would have signed earlier */
426 * By how many seconds is this nonce stale? Negative value
427 * would mean it was issued by another server with its clock
428 * skewed in the future.
430 ostamp = strtoul(push_cert_nonce, NULL, 10);
431 nonce_stamp_slop = (long)ostamp - (long)stamp;
433 if (nonce_stamp_slop_limit &&
434 abs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
436 * Pretend as if the received nonce (which passes the
437 * HMAC check, so it is not a forged by third-party)
440 free((void *)push_cert_nonce);
441 push_cert_nonce = xstrdup(nonce);
453 static void prepare_push_cert_sha1(struct child_process *proc)
455 static int already_done;
456 struct argv_array env = ARGV_ARRAY_INIT;
462 struct strbuf gpg_output = STRBUF_INIT;
463 struct strbuf gpg_status = STRBUF_INIT;
464 int bogs /* beginning_of_gpg_sig */;
467 if (write_sha1_file(push_cert.buf, push_cert.len, "blob", push_cert_sha1))
468 hashclr(push_cert_sha1);
470 memset(&sigcheck, '\0', sizeof(sigcheck));
471 sigcheck.result = 'N';
473 bogs = parse_signature(push_cert.buf, push_cert.len);
474 if (verify_signed_buffer(push_cert.buf, bogs,
475 push_cert.buf + bogs, push_cert.len - bogs,
476 &gpg_output, &gpg_status) < 0) {
477 ; /* error running gpg */
479 sigcheck.payload = push_cert.buf;
480 sigcheck.gpg_output = gpg_output.buf;
481 sigcheck.gpg_status = gpg_status.buf;
482 parse_gpg_output(&sigcheck);
485 strbuf_release(&gpg_output);
486 strbuf_release(&gpg_status);
487 nonce_status = check_nonce(push_cert.buf, bogs);
489 if (!is_null_sha1(push_cert_sha1)) {
490 argv_array_pushf(&env, "GIT_PUSH_CERT=%s", sha1_to_hex(push_cert_sha1));
491 argv_array_pushf(&env, "GIT_PUSH_CERT_SIGNER=%s",
492 sigcheck.signer ? sigcheck.signer : "");
493 argv_array_pushf(&env, "GIT_PUSH_CERT_KEY=%s",
494 sigcheck.key ? sigcheck.key : "");
495 argv_array_pushf(&env, "GIT_PUSH_CERT_STATUS=%c", sigcheck.result);
496 if (push_cert_nonce) {
497 argv_array_pushf(&env, "GIT_PUSH_CERT_NONCE=%s", push_cert_nonce);
498 argv_array_pushf(&env, "GIT_PUSH_CERT_NONCE_STATUS=%s", nonce_status);
499 if (nonce_status == NONCE_SLOP)
500 argv_array_pushf(&env, "GIT_PUSH_CERT_NONCE_SLOP=%ld",
503 proc->env = env.argv;
507 typedef int (*feed_fn)(void *, const char **, size_t *);
508 static int run_and_feed_hook(const char *hook_name, feed_fn feed, void *feed_state)
510 struct child_process proc = CHILD_PROCESS_INIT;
515 argv[0] = find_hook(hook_name);
523 proc.stdout_to_stderr = 1;
525 prepare_push_cert_sha1(&proc);
528 memset(&muxer, 0, sizeof(muxer));
529 muxer.proc = copy_to_sideband;
531 code = start_async(&muxer);
537 code = start_command(&proc);
540 finish_async(&muxer);
544 sigchain_push(SIGPIPE, SIG_IGN);
549 if (feed(feed_state, &buf, &n))
551 if (write_in_full(proc.in, buf, n) != n)
556 finish_async(&muxer);
558 sigchain_pop(SIGPIPE);
560 return finish_command(&proc);
563 struct receive_hook_feed_state {
569 static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
571 struct receive_hook_feed_state *state = state_;
572 struct command *cmd = state->cmd;
575 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
579 strbuf_reset(&state->buf);
580 strbuf_addf(&state->buf, "%s %s %s\n",
581 sha1_to_hex(cmd->old_sha1), sha1_to_hex(cmd->new_sha1),
583 state->cmd = cmd->next;
585 *bufp = state->buf.buf;
586 *sizep = state->buf.len;
591 static int run_receive_hook(struct command *commands, const char *hook_name,
594 struct receive_hook_feed_state state;
597 strbuf_init(&state.buf, 0);
598 state.cmd = commands;
599 state.skip_broken = skip_broken;
600 if (feed_receive_hook(&state, NULL, NULL))
602 state.cmd = commands;
603 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
604 strbuf_release(&state.buf);
608 static int run_update_hook(struct command *cmd)
611 struct child_process proc = CHILD_PROCESS_INIT;
614 argv[0] = find_hook("update");
618 argv[1] = cmd->ref_name;
619 argv[2] = sha1_to_hex(cmd->old_sha1);
620 argv[3] = sha1_to_hex(cmd->new_sha1);
624 proc.stdout_to_stderr = 1;
625 proc.err = use_sideband ? -1 : 0;
628 code = start_command(&proc);
632 copy_to_sideband(proc.err, -1, NULL);
633 return finish_command(&proc);
636 static int is_ref_checked_out(const char *ref)
638 if (is_bare_repository())
643 return !strcmp(head_name, ref);
646 static char *refuse_unconfigured_deny_msg[] = {
647 "By default, updating the current branch in a non-bare repository",
648 "is denied, because it will make the index and work tree inconsistent",
649 "with what you pushed, and will require 'git reset --hard' to match",
650 "the work tree to HEAD.",
652 "You can set 'receive.denyCurrentBranch' configuration variable to",
653 "'ignore' or 'warn' in the remote repository to allow pushing into",
654 "its current branch; however, this is not recommended unless you",
655 "arranged to update its work tree to match what you pushed in some",
658 "To squelch this message and still keep the default behaviour, set",
659 "'receive.denyCurrentBranch' configuration variable to 'refuse'."
662 static void refuse_unconfigured_deny(void)
665 for (i = 0; i < ARRAY_SIZE(refuse_unconfigured_deny_msg); i++)
666 rp_error("%s", refuse_unconfigured_deny_msg[i]);
669 static char *refuse_unconfigured_deny_delete_current_msg[] = {
670 "By default, deleting the current branch is denied, because the next",
671 "'git clone' won't result in any file checked out, causing confusion.",
673 "You can set 'receive.denyDeleteCurrent' configuration variable to",
674 "'warn' or 'ignore' in the remote repository to allow deleting the",
675 "current branch, with or without a warning message.",
677 "To squelch this message, you can set it to 'refuse'."
680 static void refuse_unconfigured_deny_delete_current(void)
684 i < ARRAY_SIZE(refuse_unconfigured_deny_delete_current_msg);
686 rp_error("%s", refuse_unconfigured_deny_delete_current_msg[i]);
689 static int command_singleton_iterator(void *cb_data, unsigned char sha1[20]);
690 static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
692 static struct lock_file shallow_lock;
693 struct sha1_array extra = SHA1_ARRAY_INIT;
694 const char *alt_file;
695 uint32_t mask = 1 << (cmd->index % 32);
698 trace_printf_key(&trace_shallow,
699 "shallow: update_shallow_ref %s\n", cmd->ref_name);
700 for (i = 0; i < si->shallow->nr; i++)
701 if (si->used_shallow[i] &&
702 (si->used_shallow[i][cmd->index / 32] & mask) &&
703 !delayed_reachability_test(si, i))
704 sha1_array_append(&extra, si->shallow->sha1[i]);
706 setup_alternate_shallow(&shallow_lock, &alt_file, &extra);
707 if (check_shallow_connected(command_singleton_iterator,
709 rollback_lock_file(&shallow_lock);
710 sha1_array_clear(&extra);
714 commit_lock_file(&shallow_lock);
717 * Make sure setup_alternate_shallow() for the next ref does
718 * not lose these new roots..
720 for (i = 0; i < extra.nr; i++)
721 register_shallow(extra.sha1[i]);
723 si->shallow_ref[cmd->index] = 0;
724 sha1_array_clear(&extra);
728 static const char *update(struct command *cmd, struct shallow_info *si)
730 const char *name = cmd->ref_name;
731 struct strbuf namespaced_name_buf = STRBUF_INIT;
732 const char *namespaced_name;
733 unsigned char *old_sha1 = cmd->old_sha1;
734 unsigned char *new_sha1 = cmd->new_sha1;
736 /* only refs/... are allowed */
737 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
738 rp_error("refusing to create funny ref '%s' remotely", name);
739 return "funny refname";
742 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
743 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
745 if (is_ref_checked_out(namespaced_name)) {
746 switch (deny_current_branch) {
750 rp_warning("updating the current branch");
753 case DENY_UNCONFIGURED:
754 rp_error("refusing to update checked out branch: %s", name);
755 if (deny_current_branch == DENY_UNCONFIGURED)
756 refuse_unconfigured_deny();
757 return "branch is currently checked out";
761 if (!is_null_sha1(new_sha1) && !has_sha1_file(new_sha1)) {
762 error("unpack should have generated %s, "
763 "but I can't find it!", sha1_to_hex(new_sha1));
767 if (!is_null_sha1(old_sha1) && is_null_sha1(new_sha1)) {
768 if (deny_deletes && starts_with(name, "refs/heads/")) {
769 rp_error("denying ref deletion for %s", name);
770 return "deletion prohibited";
773 if (!strcmp(namespaced_name, head_name)) {
774 switch (deny_delete_current) {
778 rp_warning("deleting the current branch");
781 case DENY_UNCONFIGURED:
782 if (deny_delete_current == DENY_UNCONFIGURED)
783 refuse_unconfigured_deny_delete_current();
784 rp_error("refusing to delete the current branch: %s", name);
785 return "deletion of the current branch prohibited";
790 if (deny_non_fast_forwards && !is_null_sha1(new_sha1) &&
791 !is_null_sha1(old_sha1) &&
792 starts_with(name, "refs/heads/")) {
793 struct object *old_object, *new_object;
794 struct commit *old_commit, *new_commit;
796 old_object = parse_object(old_sha1);
797 new_object = parse_object(new_sha1);
799 if (!old_object || !new_object ||
800 old_object->type != OBJ_COMMIT ||
801 new_object->type != OBJ_COMMIT) {
802 error("bad sha1 objects for %s", name);
805 old_commit = (struct commit *)old_object;
806 new_commit = (struct commit *)new_object;
807 if (!in_merge_bases(old_commit, new_commit)) {
808 rp_error("denying non-fast-forward %s"
809 " (you should pull first)", name);
810 return "non-fast-forward";
813 if (run_update_hook(cmd)) {
814 rp_error("hook declined to update %s", name);
815 return "hook declined";
818 if (is_null_sha1(new_sha1)) {
819 if (!parse_object(old_sha1)) {
821 if (ref_exists(name)) {
822 rp_warning("Allowing deletion of corrupt ref.");
824 rp_warning("Deleting a non-existent ref.");
825 cmd->did_not_exist = 1;
828 if (delete_ref(namespaced_name, old_sha1, 0)) {
829 rp_error("failed to delete %s", name);
830 return "failed to delete";
832 return NULL; /* good */
835 struct strbuf err = STRBUF_INIT;
836 struct ref_transaction *transaction;
838 if (shallow_update && si->shallow_ref[cmd->index] &&
839 update_shallow_ref(cmd, si))
840 return "shallow error";
842 transaction = ref_transaction_begin(&err);
844 ref_transaction_update(transaction, namespaced_name,
845 new_sha1, old_sha1, 0, 1, &err) ||
846 ref_transaction_commit(transaction, "push", &err)) {
847 ref_transaction_free(transaction);
849 rp_error("%s", err.buf);
850 strbuf_release(&err);
851 return "failed to update ref";
854 ref_transaction_free(transaction);
855 strbuf_release(&err);
856 return NULL; /* good */
860 static void run_update_post_hook(struct command *commands)
865 struct child_process proc = CHILD_PROCESS_INIT;
868 hook = find_hook("post-update");
869 for (argc = 0, cmd = commands; cmd; cmd = cmd->next) {
870 if (cmd->error_string || cmd->did_not_exist)
877 argv = xmalloc(sizeof(*argv) * (2 + argc));
880 for (argc = 1, cmd = commands; cmd; cmd = cmd->next) {
881 if (cmd->error_string || cmd->did_not_exist)
883 argv[argc] = xstrdup(cmd->ref_name);
889 proc.stdout_to_stderr = 1;
890 proc.err = use_sideband ? -1 : 0;
893 if (!start_command(&proc)) {
895 copy_to_sideband(proc.err, -1, NULL);
896 finish_command(&proc);
900 static void check_aliased_update(struct command *cmd, struct string_list *list)
902 struct strbuf buf = STRBUF_INIT;
903 const char *dst_name;
904 struct string_list_item *item;
905 struct command *dst_cmd;
906 unsigned char sha1[20];
907 char cmd_oldh[41], cmd_newh[41], dst_oldh[41], dst_newh[41];
910 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
911 dst_name = resolve_ref_unsafe(buf.buf, sha1, 0, &flag);
912 strbuf_release(&buf);
914 if (!(flag & REF_ISSYMREF))
917 dst_name = strip_namespace(dst_name);
919 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
920 cmd->skip_update = 1;
921 cmd->error_string = "broken symref";
925 if ((item = string_list_lookup(list, dst_name)) == NULL)
928 cmd->skip_update = 1;
930 dst_cmd = (struct command *) item->util;
932 if (!hashcmp(cmd->old_sha1, dst_cmd->old_sha1) &&
933 !hashcmp(cmd->new_sha1, dst_cmd->new_sha1))
936 dst_cmd->skip_update = 1;
938 strcpy(cmd_oldh, find_unique_abbrev(cmd->old_sha1, DEFAULT_ABBREV));
939 strcpy(cmd_newh, find_unique_abbrev(cmd->new_sha1, DEFAULT_ABBREV));
940 strcpy(dst_oldh, find_unique_abbrev(dst_cmd->old_sha1, DEFAULT_ABBREV));
941 strcpy(dst_newh, find_unique_abbrev(dst_cmd->new_sha1, DEFAULT_ABBREV));
942 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
943 " its target '%s' (%s..%s)",
944 cmd->ref_name, cmd_oldh, cmd_newh,
945 dst_cmd->ref_name, dst_oldh, dst_newh);
947 cmd->error_string = dst_cmd->error_string =
948 "inconsistent aliased update";
951 static void check_aliased_updates(struct command *commands)
954 struct string_list ref_list = STRING_LIST_INIT_NODUP;
956 for (cmd = commands; cmd; cmd = cmd->next) {
957 struct string_list_item *item =
958 string_list_append(&ref_list, cmd->ref_name);
959 item->util = (void *)cmd;
961 sort_string_list(&ref_list);
963 for (cmd = commands; cmd; cmd = cmd->next) {
964 if (!cmd->error_string)
965 check_aliased_update(cmd, &ref_list);
968 string_list_clear(&ref_list, 0);
971 static int command_singleton_iterator(void *cb_data, unsigned char sha1[20])
973 struct command **cmd_list = cb_data;
974 struct command *cmd = *cmd_list;
976 if (!cmd || is_null_sha1(cmd->new_sha1))
977 return -1; /* end of list */
978 *cmd_list = NULL; /* this returns only one */
979 hashcpy(sha1, cmd->new_sha1);
983 static void set_connectivity_errors(struct command *commands,
984 struct shallow_info *si)
988 for (cmd = commands; cmd; cmd = cmd->next) {
989 struct command *singleton = cmd;
990 if (shallow_update && si->shallow_ref[cmd->index])
991 /* to be checked in update_shallow_ref() */
993 if (!check_everything_connected(command_singleton_iterator,
996 cmd->error_string = "missing necessary objects";
1000 struct iterate_data {
1001 struct command *cmds;
1002 struct shallow_info *si;
1005 static int iterate_receive_command_list(void *cb_data, unsigned char sha1[20])
1007 struct iterate_data *data = cb_data;
1008 struct command **cmd_list = &data->cmds;
1009 struct command *cmd = *cmd_list;
1011 for (; cmd; cmd = cmd->next) {
1012 if (shallow_update && data->si->shallow_ref[cmd->index])
1013 /* to be checked in update_shallow_ref() */
1015 if (!is_null_sha1(cmd->new_sha1) && !cmd->skip_update) {
1016 hashcpy(sha1, cmd->new_sha1);
1017 *cmd_list = cmd->next;
1022 return -1; /* end of list */
1025 static void reject_updates_to_hidden(struct command *commands)
1027 struct command *cmd;
1029 for (cmd = commands; cmd; cmd = cmd->next) {
1030 if (cmd->error_string || !ref_is_hidden(cmd->ref_name))
1032 if (is_null_sha1(cmd->new_sha1))
1033 cmd->error_string = "deny deleting a hidden ref";
1035 cmd->error_string = "deny updating a hidden ref";
1039 static void execute_commands(struct command *commands,
1040 const char *unpacker_error,
1041 struct shallow_info *si)
1043 int checked_connectivity;
1044 struct command *cmd;
1045 unsigned char sha1[20];
1046 struct iterate_data data;
1048 if (unpacker_error) {
1049 for (cmd = commands; cmd; cmd = cmd->next)
1050 cmd->error_string = "unpacker error";
1054 data.cmds = commands;
1056 if (check_everything_connected(iterate_receive_command_list, 0, &data))
1057 set_connectivity_errors(commands, si);
1059 reject_updates_to_hidden(commands);
1061 if (run_receive_hook(commands, "pre-receive", 0)) {
1062 for (cmd = commands; cmd; cmd = cmd->next) {
1063 if (!cmd->error_string)
1064 cmd->error_string = "pre-receive hook declined";
1069 check_aliased_updates(commands);
1071 free(head_name_to_free);
1072 head_name = head_name_to_free = resolve_refdup("HEAD", sha1, 0, NULL);
1074 checked_connectivity = 1;
1075 for (cmd = commands; cmd; cmd = cmd->next) {
1076 if (cmd->error_string)
1079 if (cmd->skip_update)
1082 cmd->error_string = update(cmd, si);
1083 if (shallow_update && !cmd->error_string &&
1084 si->shallow_ref[cmd->index]) {
1085 error("BUG: connectivity check has not been run on ref %s",
1087 checked_connectivity = 0;
1091 if (shallow_update && !checked_connectivity)
1092 error("BUG: run 'git fsck' for safety.\n"
1093 "If there are errors, try to remove "
1094 "the reported refs above");
1097 static struct command **queue_command(struct command **tail,
1101 unsigned char old_sha1[20], new_sha1[20];
1102 struct command *cmd;
1103 const char *refname;
1109 get_sha1_hex(line, old_sha1) ||
1110 get_sha1_hex(line + 41, new_sha1))
1111 die("protocol error: expected old/new/ref, got '%s'", line);
1113 refname = line + 82;
1114 reflen = linelen - 82;
1115 cmd = xcalloc(1, sizeof(struct command) + reflen + 1);
1116 hashcpy(cmd->old_sha1, old_sha1);
1117 hashcpy(cmd->new_sha1, new_sha1);
1118 memcpy(cmd->ref_name, refname, reflen);
1119 cmd->ref_name[reflen] = '\0';
1124 static void queue_commands_from_cert(struct command **tail,
1125 struct strbuf *push_cert)
1127 const char *boc, *eoc;
1130 die("protocol error: got both push certificate and unsigned commands");
1132 boc = strstr(push_cert->buf, "\n\n");
1134 die("malformed push certificate %.*s", 100, push_cert->buf);
1137 eoc = push_cert->buf + parse_signature(push_cert->buf, push_cert->len);
1140 const char *eol = memchr(boc, '\n', eoc - boc);
1141 tail = queue_command(tail, boc, eol ? eol - boc : eoc - eol);
1142 boc = eol ? eol + 1 : eoc;
1146 static struct command *read_head_info(struct sha1_array *shallow)
1148 struct command *commands = NULL;
1149 struct command **p = &commands;
1154 line = packet_read_line(0, &len);
1158 if (len == 48 && starts_with(line, "shallow ")) {
1159 unsigned char sha1[20];
1160 if (get_sha1_hex(line + 8, sha1))
1161 die("protocol error: expected shallow sha, got '%s'",
1163 sha1_array_append(shallow, sha1);
1167 linelen = strlen(line);
1168 if (linelen < len) {
1169 const char *feature_list = line + linelen + 1;
1170 if (parse_feature_request(feature_list, "report-status"))
1172 if (parse_feature_request(feature_list, "side-band-64k"))
1173 use_sideband = LARGE_PACKET_MAX;
1174 if (parse_feature_request(feature_list, "quiet"))
1178 if (!strcmp(line, "push-cert")) {
1183 len = packet_read(0, NULL, NULL,
1184 certbuf, sizeof(certbuf), 0);
1189 if (!strcmp(certbuf, "push-cert-end\n"))
1190 break; /* end of cert */
1191 strbuf_addstr(&push_cert, certbuf);
1199 p = queue_command(p, line, linelen);
1203 queue_commands_from_cert(p, &push_cert);
1208 static const char *parse_pack_header(struct pack_header *hdr)
1210 switch (read_pack_header(0, hdr)) {
1212 return "eof before pack header was fully read";
1214 case PH_ERROR_PACK_SIGNATURE:
1215 return "protocol error (pack signature mismatch detected)";
1217 case PH_ERROR_PROTOCOL:
1218 return "protocol error (pack version unsupported)";
1221 return "unknown error in parse_pack_header";
1228 static const char *pack_lockfile;
1230 static const char *unpack(int err_fd, struct shallow_info *si)
1232 struct pack_header hdr;
1233 struct argv_array av = ARGV_ARRAY_INIT;
1234 const char *hdr_err;
1237 struct child_process child = CHILD_PROCESS_INIT;
1238 int fsck_objects = (receive_fsck_objects >= 0
1239 ? receive_fsck_objects
1240 : transfer_fsck_objects >= 0
1241 ? transfer_fsck_objects
1244 hdr_err = parse_pack_header(&hdr);
1250 snprintf(hdr_arg, sizeof(hdr_arg),
1251 "--pack_header=%"PRIu32",%"PRIu32,
1252 ntohl(hdr.hdr_version), ntohl(hdr.hdr_entries));
1254 if (si->nr_ours || si->nr_theirs) {
1255 alt_shallow_file = setup_temporary_shallow(si->shallow);
1256 argv_array_pushl(&av, "--shallow-file", alt_shallow_file, NULL);
1259 if (ntohl(hdr.hdr_entries) < unpack_limit) {
1260 argv_array_pushl(&av, "unpack-objects", hdr_arg, NULL);
1262 argv_array_push(&av, "-q");
1264 argv_array_push(&av, "--strict");
1265 child.argv = av.argv;
1266 child.no_stdout = 1;
1269 status = run_command(&child);
1271 return "unpack-objects abnormal exit";
1276 s = sprintf(keep_arg, "--keep=receive-pack %"PRIuMAX" on ", (uintmax_t) getpid());
1277 if (gethostname(keep_arg + s, sizeof(keep_arg) - s))
1278 strcpy(keep_arg + s, "localhost");
1280 argv_array_pushl(&av, "index-pack",
1281 "--stdin", hdr_arg, keep_arg, NULL);
1283 argv_array_push(&av, "--strict");
1285 argv_array_push(&av, "--fix-thin");
1286 child.argv = av.argv;
1290 status = start_command(&child);
1292 return "index-pack fork failed";
1293 pack_lockfile = index_pack_lockfile(child.out);
1295 status = finish_command(&child);
1297 return "index-pack abnormal exit";
1298 reprepare_packed_git();
1303 static const char *unpack_with_sideband(struct shallow_info *si)
1309 return unpack(0, si);
1311 memset(&muxer, 0, sizeof(muxer));
1312 muxer.proc = copy_to_sideband;
1314 if (start_async(&muxer))
1317 ret = unpack(muxer.in, si);
1319 finish_async(&muxer);
1323 static void prepare_shallow_update(struct command *commands,
1324 struct shallow_info *si)
1326 int i, j, k, bitmap_size = (si->ref->nr + 31) / 32;
1328 si->used_shallow = xmalloc(sizeof(*si->used_shallow) *
1330 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
1332 si->need_reachability_test =
1333 xcalloc(si->shallow->nr, sizeof(*si->need_reachability_test));
1335 xcalloc(si->shallow->nr, sizeof(*si->reachable));
1336 si->shallow_ref = xcalloc(si->ref->nr, sizeof(*si->shallow_ref));
1338 for (i = 0; i < si->nr_ours; i++)
1339 si->need_reachability_test[si->ours[i]] = 1;
1341 for (i = 0; i < si->shallow->nr; i++) {
1342 if (!si->used_shallow[i])
1344 for (j = 0; j < bitmap_size; j++) {
1345 if (!si->used_shallow[i][j])
1347 si->need_reachability_test[i]++;
1348 for (k = 0; k < 32; k++)
1349 if (si->used_shallow[i][j] & (1 << k))
1350 si->shallow_ref[j * 32 + k]++;
1354 * true for those associated with some refs and belong
1355 * in "ours" list aka "step 7 not done yet"
1357 si->need_reachability_test[i] =
1358 si->need_reachability_test[i] > 1;
1362 * keep hooks happy by forcing a temporary shallow file via
1363 * env variable because we can't add --shallow-file to every
1364 * command. check_everything_connected() will be done with
1365 * true .git/shallow though.
1367 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
1370 static void update_shallow_info(struct command *commands,
1371 struct shallow_info *si,
1372 struct sha1_array *ref)
1374 struct command *cmd;
1376 remove_nonexistent_theirs_shallow(si);
1377 if (!si->nr_ours && !si->nr_theirs) {
1382 for (cmd = commands; cmd; cmd = cmd->next) {
1383 if (is_null_sha1(cmd->new_sha1))
1385 sha1_array_append(ref, cmd->new_sha1);
1386 cmd->index = ref->nr - 1;
1390 if (shallow_update) {
1391 prepare_shallow_update(commands, si);
1395 ref_status = xmalloc(sizeof(*ref_status) * ref->nr);
1396 assign_shallow_commits_to_refs(si, NULL, ref_status);
1397 for (cmd = commands; cmd; cmd = cmd->next) {
1398 if (is_null_sha1(cmd->new_sha1))
1400 if (ref_status[cmd->index]) {
1401 cmd->error_string = "shallow update not allowed";
1402 cmd->skip_update = 1;
1408 static void report(struct command *commands, const char *unpack_status)
1410 struct command *cmd;
1411 struct strbuf buf = STRBUF_INIT;
1413 packet_buf_write(&buf, "unpack %s\n",
1414 unpack_status ? unpack_status : "ok");
1415 for (cmd = commands; cmd; cmd = cmd->next) {
1416 if (!cmd->error_string)
1417 packet_buf_write(&buf, "ok %s\n",
1420 packet_buf_write(&buf, "ng %s %s\n",
1421 cmd->ref_name, cmd->error_string);
1423 packet_buf_flush(&buf);
1426 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
1428 write_or_die(1, buf.buf, buf.len);
1429 strbuf_release(&buf);
1432 static int delete_only(struct command *commands)
1434 struct command *cmd;
1435 for (cmd = commands; cmd; cmd = cmd->next) {
1436 if (!is_null_sha1(cmd->new_sha1))
1442 int cmd_receive_pack(int argc, const char **argv, const char *prefix)
1444 int advertise_refs = 0;
1446 struct command *commands;
1447 struct sha1_array shallow = SHA1_ARRAY_INIT;
1448 struct sha1_array ref = SHA1_ARRAY_INIT;
1449 struct shallow_info si;
1451 packet_trace_identity("receive-pack");
1454 for (i = 1; i < argc; i++) {
1455 const char *arg = *argv++;
1458 if (!strcmp(arg, "--quiet")) {
1463 if (!strcmp(arg, "--advertise-refs")) {
1467 if (!strcmp(arg, "--stateless-rpc")) {
1471 if (!strcmp(arg, "--reject-thin-pack-for-testing")) {
1476 usage(receive_pack_usage);
1479 usage(receive_pack_usage);
1483 usage(receive_pack_usage);
1487 if (!enter_repo(service_dir, 0))
1488 die("'%s' does not appear to be a git repository", service_dir);
1490 git_config(receive_pack_config, NULL);
1491 if (cert_nonce_seed)
1492 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
1494 if (0 <= transfer_unpack_limit)
1495 unpack_limit = transfer_unpack_limit;
1496 else if (0 <= receive_unpack_limit)
1497 unpack_limit = receive_unpack_limit;
1499 if (advertise_refs || !stateless_rpc) {
1505 if ((commands = read_head_info(&shallow)) != NULL) {
1506 const char *unpack_status = NULL;
1508 prepare_shallow_info(&si, &shallow);
1509 if (!si.nr_ours && !si.nr_theirs)
1511 if (!delete_only(commands)) {
1512 unpack_status = unpack_with_sideband(&si);
1513 update_shallow_info(commands, &si, &ref);
1515 execute_commands(commands, unpack_status, &si);
1517 unlink_or_warn(pack_lockfile);
1519 report(commands, unpack_status);
1520 run_receive_hook(commands, "post-receive", 1);
1521 run_update_post_hook(commands);
1523 const char *argv_gc_auto[] = {
1524 "gc", "--auto", "--quiet", NULL,
1526 int opt = RUN_GIT_CMD | RUN_COMMAND_STDOUT_TO_STDERR;
1527 run_command_v_opt(argv_gc_auto, opt);
1529 if (auto_update_server_info)
1530 update_server_info(0);
1531 clear_shallow_info(&si);
1535 sha1_array_clear(&shallow);
1536 sha1_array_clear(&ref);
1537 free((void *)push_cert_nonce);
projects / git / blob