2 #include "repository.h"
9 #include "run-command.h"
15 #include "string-list.h"
16 #include "oid-array.h"
17 #include "connected.h"
21 #include "gpg-interface.h"
24 #include "tmp-objdir.h"
27 #include "object-store.h"
29 #include "commit-reach.h"
33 static const char * const receive_pack_usage[] = {
34 N_("git receive-pack <git-dir>"),
46 static int deny_deletes;
47 static int deny_non_fast_forwards;
48 static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
49 static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
50 static int receive_fsck_objects = -1;
51 static int transfer_fsck_objects = -1;
52 static struct strbuf fsck_msg_types = STRBUF_INIT;
53 static int receive_unpack_limit = -1;
54 static int transfer_unpack_limit = -1;
55 static int advertise_atomic_push = 1;
56 static int advertise_push_options;
57 static int unpack_limit = 100;
58 static off_t max_input_size;
59 static int report_status;
60 static int report_status_v2;
61 static int use_sideband;
62 static int use_atomic;
63 static int use_push_options;
65 static int prefer_ofs_delta = 1;
66 static int auto_update_server_info;
67 static int auto_gc = 1;
68 static int reject_thin;
69 static int stateless_rpc;
70 static const char *service_dir;
71 static const char *head_name;
72 static void *head_name_to_free;
73 static int sent_capabilities;
74 static int shallow_update;
75 static const char *alt_shallow_file;
76 static struct strbuf push_cert = STRBUF_INIT;
77 static struct object_id push_cert_oid;
78 static struct signature_check sigcheck;
79 static const char *push_cert_nonce;
80 static const char *cert_nonce_seed;
82 static const char *NONCE_UNSOLICITED = "UNSOLICITED";
83 static const char *NONCE_BAD = "BAD";
84 static const char *NONCE_MISSING = "MISSING";
85 static const char *NONCE_OK = "OK";
86 static const char *NONCE_SLOP = "SLOP";
87 static const char *nonce_status;
88 static long nonce_stamp_slop;
89 static timestamp_t nonce_stamp_slop_limit;
90 static struct ref_transaction *transaction;
97 static int keepalive_in_sec = 5;
99 static struct tmp_objdir *tmp_objdir;
101 static struct proc_receive_ref {
102 unsigned int want_add:1,
107 struct proc_receive_ref *next;
110 static void proc_receive_ref_append(const char *prefix);
112 static enum deny_action parse_deny_action(const char *var, const char *value)
115 if (!strcasecmp(value, "ignore"))
117 if (!strcasecmp(value, "warn"))
119 if (!strcasecmp(value, "refuse"))
121 if (!strcasecmp(value, "updateinstead"))
122 return DENY_UPDATE_INSTEAD;
124 if (git_config_bool(var, value))
129 static int receive_pack_config(const char *var, const char *value, void *cb)
131 int status = parse_hide_refs_config(var, value, "receive");
136 if (strcmp(var, "receive.denydeletes") == 0) {
137 deny_deletes = git_config_bool(var, value);
141 if (strcmp(var, "receive.denynonfastforwards") == 0) {
142 deny_non_fast_forwards = git_config_bool(var, value);
146 if (strcmp(var, "receive.unpacklimit") == 0) {
147 receive_unpack_limit = git_config_int(var, value);
151 if (strcmp(var, "transfer.unpacklimit") == 0) {
152 transfer_unpack_limit = git_config_int(var, value);
156 if (strcmp(var, "receive.fsck.skiplist") == 0) {
159 if (git_config_pathname(&path, var, value))
161 strbuf_addf(&fsck_msg_types, "%cskiplist=%s",
162 fsck_msg_types.len ? ',' : '=', path);
167 if (skip_prefix(var, "receive.fsck.", &var)) {
168 if (is_valid_msg_type(var, value))
169 strbuf_addf(&fsck_msg_types, "%c%s=%s",
170 fsck_msg_types.len ? ',' : '=', var, value);
172 warning("Skipping unknown msg id '%s'", var);
176 if (strcmp(var, "receive.fsckobjects") == 0) {
177 receive_fsck_objects = git_config_bool(var, value);
181 if (strcmp(var, "transfer.fsckobjects") == 0) {
182 transfer_fsck_objects = git_config_bool(var, value);
186 if (!strcmp(var, "receive.denycurrentbranch")) {
187 deny_current_branch = parse_deny_action(var, value);
191 if (strcmp(var, "receive.denydeletecurrent") == 0) {
192 deny_delete_current = parse_deny_action(var, value);
196 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
197 prefer_ofs_delta = git_config_bool(var, value);
201 if (strcmp(var, "receive.updateserverinfo") == 0) {
202 auto_update_server_info = git_config_bool(var, value);
206 if (strcmp(var, "receive.autogc") == 0) {
207 auto_gc = git_config_bool(var, value);
211 if (strcmp(var, "receive.shallowupdate") == 0) {
212 shallow_update = git_config_bool(var, value);
216 if (strcmp(var, "receive.certnonceseed") == 0)
217 return git_config_string(&cert_nonce_seed, var, value);
219 if (strcmp(var, "receive.certnonceslop") == 0) {
220 nonce_stamp_slop_limit = git_config_ulong(var, value);
224 if (strcmp(var, "receive.advertiseatomic") == 0) {
225 advertise_atomic_push = git_config_bool(var, value);
229 if (strcmp(var, "receive.advertisepushoptions") == 0) {
230 advertise_push_options = git_config_bool(var, value);
234 if (strcmp(var, "receive.keepalive") == 0) {
235 keepalive_in_sec = git_config_int(var, value);
239 if (strcmp(var, "receive.maxinputsize") == 0) {
240 max_input_size = git_config_int64(var, value);
244 if (strcmp(var, "receive.procreceiverefs") == 0) {
246 return config_error_nonbool(var);
247 proc_receive_ref_append(value);
251 return git_default_config(var, value, cb);
254 static void show_ref(const char *path, const struct object_id *oid)
256 if (sent_capabilities) {
257 packet_write_fmt(1, "%s %s\n", oid_to_hex(oid), path);
259 struct strbuf cap = STRBUF_INIT;
262 "report-status report-status-v2 delete-refs side-band-64k quiet");
263 if (advertise_atomic_push)
264 strbuf_addstr(&cap, " atomic");
265 if (prefer_ofs_delta)
266 strbuf_addstr(&cap, " ofs-delta");
268 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
269 if (advertise_push_options)
270 strbuf_addstr(&cap, " push-options");
271 strbuf_addf(&cap, " object-format=%s", the_hash_algo->name);
272 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
273 packet_write_fmt(1, "%s %s%c%s\n",
274 oid_to_hex(oid), path, 0, cap.buf);
275 strbuf_release(&cap);
276 sent_capabilities = 1;
280 static int show_ref_cb(const char *path_full, const struct object_id *oid,
281 int flag, void *data)
283 struct oidset *seen = data;
284 const char *path = strip_namespace(path_full);
286 if (ref_is_hidden(path, path_full))
290 * Advertise refs outside our current namespace as ".have"
291 * refs, so that the client can use them to minimize data
292 * transfer but will otherwise ignore them.
295 if (oidset_insert(seen, oid))
299 oidset_insert(seen, oid);
305 static void show_one_alternate_ref(const struct object_id *oid,
308 struct oidset *seen = data;
310 if (oidset_insert(seen, oid))
313 show_ref(".have", oid);
316 static void write_head_info(void)
318 static struct oidset seen = OIDSET_INIT;
320 for_each_ref(show_ref_cb, &seen);
321 for_each_alternate_ref(show_one_alternate_ref, &seen);
323 if (!sent_capabilities)
324 show_ref("capabilities^{}", &null_oid);
326 advertise_shallow_grafts(1);
332 #define RUN_PROC_RECEIVE_SCHEDULED 1
333 #define RUN_PROC_RECEIVE_RETURNED 2
335 struct command *next;
336 const char *error_string;
337 struct ref_push_report *report;
338 unsigned int skip_update:1,
342 struct object_id old_oid;
343 struct object_id new_oid;
344 char ref_name[FLEX_ARRAY]; /* more */
347 static void proc_receive_ref_append(const char *prefix)
349 struct proc_receive_ref *ref_pattern;
353 ref_pattern = xcalloc(1, sizeof(struct proc_receive_ref));
354 p = strchr(prefix, ':');
358 ref_pattern->want_add = 1;
359 else if (*prefix == 'd')
360 ref_pattern->want_delete = 1;
361 else if (*prefix == 'm')
362 ref_pattern->want_modify = 1;
363 else if (*prefix == '!')
364 ref_pattern->negative_ref = 1;
369 ref_pattern->want_add = 1;
370 ref_pattern->want_delete = 1;
371 ref_pattern->want_modify = 1;
373 len = strlen(prefix);
374 while (len && prefix[len - 1] == '/')
376 ref_pattern->ref_prefix = xmemdupz(prefix, len);
377 if (!proc_receive_ref) {
378 proc_receive_ref = ref_pattern;
380 struct proc_receive_ref *end;
382 end = proc_receive_ref;
385 end->next = ref_pattern;
389 static int proc_receive_ref_matches(struct command *cmd)
391 struct proc_receive_ref *p;
393 if (!proc_receive_ref)
396 for (p = proc_receive_ref; p; p = p->next) {
397 const char *match = p->ref_prefix;
400 if (!p->want_add && is_null_oid(&cmd->old_oid))
402 else if (!p->want_delete && is_null_oid(&cmd->new_oid))
404 else if (!p->want_modify &&
405 !is_null_oid(&cmd->old_oid) &&
406 !is_null_oid(&cmd->new_oid))
409 if (skip_prefix(cmd->ref_name, match, &remains) &&
410 (!*remains || *remains == '/')) {
411 if (!p->negative_ref)
413 } else if (p->negative_ref) {
420 static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
421 static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
423 static void report_message(const char *prefix, const char *err, va_list params)
428 sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
429 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
430 if (sz > (sizeof(msg) - 1))
431 sz = sizeof(msg) - 1;
435 send_sideband(1, 2, msg, sz, use_sideband);
440 static void rp_warning(const char *err, ...)
443 va_start(params, err);
444 report_message("warning: ", err, params);
448 static void rp_error(const char *err, ...)
451 va_start(params, err);
452 report_message("error: ", err, params);
456 static int copy_to_sideband(int in, int out, void *arg)
459 int keepalive_active = 0;
461 if (keepalive_in_sec <= 0)
462 use_keepalive = KEEPALIVE_NEVER;
463 if (use_keepalive == KEEPALIVE_ALWAYS)
464 keepalive_active = 1;
469 if (keepalive_active) {
475 ret = poll(&pfd, 1, 1000 * keepalive_in_sec);
482 } else if (ret == 0) {
483 /* no data; send a keepalive packet */
484 static const char buf[] = "0005\1";
485 write_or_die(1, buf, sizeof(buf) - 1);
487 } /* else there is actual data to read */
490 sz = xread(in, data, sizeof(data));
494 if (use_keepalive == KEEPALIVE_AFTER_NUL && !keepalive_active) {
495 const char *p = memchr(data, '\0', sz);
498 * The NUL tells us to start sending keepalives. Make
499 * sure we send any other data we read along
502 keepalive_active = 1;
503 send_sideband(1, 2, data, p - data, use_sideband);
504 send_sideband(1, 2, p + 1, sz - (p - data + 1), use_sideband);
510 * Either we're not looking for a NUL signal, or we didn't see
511 * it yet; just pass along the data.
513 send_sideband(1, 2, data, sz, use_sideband);
519 static void hmac_hash(unsigned char *out,
520 const char *key_in, size_t key_len,
521 const char *text, size_t text_len)
523 unsigned char key[GIT_MAX_BLKSZ];
524 unsigned char k_ipad[GIT_MAX_BLKSZ];
525 unsigned char k_opad[GIT_MAX_BLKSZ];
529 /* RFC 2104 2. (1) */
530 memset(key, '\0', GIT_MAX_BLKSZ);
531 if (the_hash_algo->blksz < key_len) {
532 the_hash_algo->init_fn(&ctx);
533 the_hash_algo->update_fn(&ctx, key_in, key_len);
534 the_hash_algo->final_fn(key, &ctx);
536 memcpy(key, key_in, key_len);
539 /* RFC 2104 2. (2) & (5) */
540 for (i = 0; i < sizeof(key); i++) {
541 k_ipad[i] = key[i] ^ 0x36;
542 k_opad[i] = key[i] ^ 0x5c;
545 /* RFC 2104 2. (3) & (4) */
546 the_hash_algo->init_fn(&ctx);
547 the_hash_algo->update_fn(&ctx, k_ipad, sizeof(k_ipad));
548 the_hash_algo->update_fn(&ctx, text, text_len);
549 the_hash_algo->final_fn(out, &ctx);
551 /* RFC 2104 2. (6) & (7) */
552 the_hash_algo->init_fn(&ctx);
553 the_hash_algo->update_fn(&ctx, k_opad, sizeof(k_opad));
554 the_hash_algo->update_fn(&ctx, out, the_hash_algo->rawsz);
555 the_hash_algo->final_fn(out, &ctx);
558 static char *prepare_push_cert_nonce(const char *path, timestamp_t stamp)
560 struct strbuf buf = STRBUF_INIT;
561 unsigned char hash[GIT_MAX_RAWSZ];
563 strbuf_addf(&buf, "%s:%"PRItime, path, stamp);
564 hmac_hash(hash, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));
565 strbuf_release(&buf);
567 /* RFC 2104 5. HMAC-SHA1 or HMAC-SHA256 */
568 strbuf_addf(&buf, "%"PRItime"-%.*s", stamp, (int)the_hash_algo->hexsz, hash_to_hex(hash));
569 return strbuf_detach(&buf, NULL);
573 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
574 * after dropping "_commit" from its name and possibly moving it out
577 static char *find_header(const char *msg, size_t len, const char *key,
578 const char **next_line)
580 int key_len = strlen(key);
581 const char *line = msg;
583 while (line && line < msg + len) {
584 const char *eol = strchrnul(line, '\n');
586 if ((msg + len <= eol) || line == eol)
588 if (line + key_len < eol &&
589 !memcmp(line, key, key_len) && line[key_len] == ' ') {
590 int offset = key_len + 1;
592 *next_line = *eol ? eol + 1 : eol;
593 return xmemdupz(line + offset, (eol - line) - offset);
595 line = *eol ? eol + 1 : NULL;
601 * Return zero if a and b are equal up to n bytes and nonzero if they are not.
602 * This operation is guaranteed to run in constant time to avoid leaking data.
604 static int constant_memequal(const char *a, const char *b, size_t n)
609 for (i = 0; i < n; i++)
614 static const char *check_nonce(const char *buf, size_t len)
616 char *nonce = find_header(buf, len, "nonce", NULL);
617 timestamp_t stamp, ostamp;
618 char *bohmac, *expect = NULL;
619 const char *retval = NONCE_BAD;
623 retval = NONCE_MISSING;
625 } else if (!push_cert_nonce) {
626 retval = NONCE_UNSOLICITED;
628 } else if (!strcmp(push_cert_nonce, nonce)) {
633 if (!stateless_rpc) {
634 /* returned nonce MUST match what we gave out earlier */
640 * In stateless mode, we may be receiving a nonce issued by
641 * another instance of the server that serving the same
642 * repository, and the timestamps may not match, but the
643 * nonce-seed and dir should match, so we can recompute and
644 * report the time slop.
646 * In addition, when a nonce issued by another instance has
647 * timestamp within receive.certnonceslop seconds, we pretend
648 * as if we issued that nonce when reporting to the hook.
651 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
652 if (*nonce <= '0' || '9' < *nonce) {
656 stamp = parse_timestamp(nonce, &bohmac, 10);
657 if (bohmac == nonce || bohmac[0] != '-') {
662 noncelen = strlen(nonce);
663 expect = prepare_push_cert_nonce(service_dir, stamp);
664 if (noncelen != strlen(expect)) {
665 /* This is not even the right size. */
669 if (constant_memequal(expect, nonce, noncelen)) {
670 /* Not what we would have signed earlier */
676 * By how many seconds is this nonce stale? Negative value
677 * would mean it was issued by another server with its clock
678 * skewed in the future.
680 ostamp = parse_timestamp(push_cert_nonce, NULL, 10);
681 nonce_stamp_slop = (long)ostamp - (long)stamp;
683 if (nonce_stamp_slop_limit &&
684 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
686 * Pretend as if the received nonce (which passes the
687 * HMAC check, so it is not a forged by third-party)
690 free((void *)push_cert_nonce);
691 push_cert_nonce = xstrdup(nonce);
704 * Return 1 if there is no push_cert or if the push options in push_cert are
705 * the same as those in the argument; 0 otherwise.
707 static int check_cert_push_options(const struct string_list *push_options)
709 const char *buf = push_cert.buf;
710 int len = push_cert.len;
713 const char *next_line;
714 int options_seen = 0;
721 while ((option = find_header(buf, len, "push-option", &next_line))) {
722 len -= (next_line - buf);
725 if (options_seen > push_options->nr
727 push_options->items[options_seen - 1].string)) {
734 if (options_seen != push_options->nr)
742 static void prepare_push_cert_sha1(struct child_process *proc)
744 static int already_done;
750 int bogs /* beginning_of_gpg_sig */;
753 if (write_object_file(push_cert.buf, push_cert.len, "blob",
755 oidclr(&push_cert_oid);
757 memset(&sigcheck, '\0', sizeof(sigcheck));
759 bogs = parse_signature(push_cert.buf, push_cert.len);
760 check_signature(push_cert.buf, bogs, push_cert.buf + bogs,
761 push_cert.len - bogs, &sigcheck);
763 nonce_status = check_nonce(push_cert.buf, bogs);
765 if (!is_null_oid(&push_cert_oid)) {
766 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT=%s",
767 oid_to_hex(&push_cert_oid));
768 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT_SIGNER=%s",
769 sigcheck.signer ? sigcheck.signer : "");
770 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT_KEY=%s",
771 sigcheck.key ? sigcheck.key : "");
772 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT_STATUS=%c",
774 if (push_cert_nonce) {
775 strvec_pushf(&proc->env_array,
776 "GIT_PUSH_CERT_NONCE=%s",
778 strvec_pushf(&proc->env_array,
779 "GIT_PUSH_CERT_NONCE_STATUS=%s",
781 if (nonce_status == NONCE_SLOP)
782 strvec_pushf(&proc->env_array,
783 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
789 struct receive_hook_feed_state {
791 struct ref_push_report *report;
794 const struct string_list *push_options;
797 typedef int (*feed_fn)(void *, const char **, size_t *);
798 static int run_and_feed_hook(const char *hook_name, feed_fn feed,
799 struct receive_hook_feed_state *feed_state)
801 struct child_process proc = CHILD_PROCESS_INIT;
806 argv[0] = find_hook(hook_name);
814 proc.stdout_to_stderr = 1;
815 proc.trace2_hook_name = hook_name;
817 if (feed_state->push_options) {
819 for (i = 0; i < feed_state->push_options->nr; i++)
820 strvec_pushf(&proc.env_array,
821 "GIT_PUSH_OPTION_%d=%s", i,
822 feed_state->push_options->items[i].string);
823 strvec_pushf(&proc.env_array, "GIT_PUSH_OPTION_COUNT=%d",
824 feed_state->push_options->nr);
826 strvec_pushf(&proc.env_array, "GIT_PUSH_OPTION_COUNT");
829 strvec_pushv(&proc.env_array, tmp_objdir_env(tmp_objdir));
832 memset(&muxer, 0, sizeof(muxer));
833 muxer.proc = copy_to_sideband;
835 code = start_async(&muxer);
841 prepare_push_cert_sha1(&proc);
843 code = start_command(&proc);
846 finish_async(&muxer);
850 sigchain_push(SIGPIPE, SIG_IGN);
855 if (feed(feed_state, &buf, &n))
857 if (write_in_full(proc.in, buf, n) < 0)
862 finish_async(&muxer);
864 sigchain_pop(SIGPIPE);
866 return finish_command(&proc);
869 static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
871 struct receive_hook_feed_state *state = state_;
872 struct command *cmd = state->cmd;
875 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
880 return 0; /* OK, can feed something. */
881 strbuf_reset(&state->buf);
883 state->report = cmd->report;
885 struct object_id *old_oid;
886 struct object_id *new_oid;
887 const char *ref_name;
889 old_oid = state->report->old_oid ? state->report->old_oid : &cmd->old_oid;
890 new_oid = state->report->new_oid ? state->report->new_oid : &cmd->new_oid;
891 ref_name = state->report->ref_name ? state->report->ref_name : cmd->ref_name;
892 strbuf_addf(&state->buf, "%s %s %s\n",
893 oid_to_hex(old_oid), oid_to_hex(new_oid),
895 state->report = state->report->next;
897 state->cmd = cmd->next;
899 strbuf_addf(&state->buf, "%s %s %s\n",
900 oid_to_hex(&cmd->old_oid), oid_to_hex(&cmd->new_oid),
902 state->cmd = cmd->next;
905 *bufp = state->buf.buf;
906 *sizep = state->buf.len;
911 static int run_receive_hook(struct command *commands,
912 const char *hook_name,
914 const struct string_list *push_options)
916 struct receive_hook_feed_state state;
919 strbuf_init(&state.buf, 0);
920 state.cmd = commands;
921 state.skip_broken = skip_broken;
923 if (feed_receive_hook(&state, NULL, NULL))
925 state.cmd = commands;
926 state.push_options = push_options;
927 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
928 strbuf_release(&state.buf);
932 static int run_update_hook(struct command *cmd)
935 struct child_process proc = CHILD_PROCESS_INIT;
938 argv[0] = find_hook("update");
942 argv[1] = cmd->ref_name;
943 argv[2] = oid_to_hex(&cmd->old_oid);
944 argv[3] = oid_to_hex(&cmd->new_oid);
948 proc.stdout_to_stderr = 1;
949 proc.err = use_sideband ? -1 : 0;
951 proc.trace2_hook_name = "update";
953 code = start_command(&proc);
957 copy_to_sideband(proc.err, -1, NULL);
958 return finish_command(&proc);
961 static struct command *find_command_by_refname(struct command *list,
964 for (; list; list = list->next)
965 if (!strcmp(list->ref_name, refname))
970 static int read_proc_receive_report(struct packet_reader *reader,
971 struct command *commands,
972 struct strbuf *errmsg)
975 struct command *hint = NULL;
976 struct ref_push_report *report = NULL;
983 struct object_id old_oid, new_oid;
987 enum packet_read_status status;
989 status = packet_reader_read(reader);
990 if (status != PACKET_READ_NORMAL) {
991 /* Check whether proc-receive exited abnormally */
992 if (status == PACKET_READ_EOF && !response) {
993 strbuf_addstr(errmsg, "proc-receive exited abnormally");
1000 head = reader->line;
1001 p = strchr(head, ' ');
1003 strbuf_addf(errmsg, "proc-receive reported incomplete status line: '%s'\n", head);
1008 if (!strcmp(head, "option")) {
1009 const char *key, *val;
1011 if (!hint || !(report || new_report)) {
1013 strbuf_addstr(errmsg, "proc-receive reported 'option' without a matching 'ok/ng' directive\n");
1018 if (!hint->report) {
1019 hint->report = xcalloc(1, sizeof(struct ref_push_report));
1020 report = hint->report;
1022 report = hint->report;
1023 while (report->next)
1024 report = report->next;
1025 report->next = xcalloc(1, sizeof(struct ref_push_report));
1026 report = report->next;
1031 p = strchr(key, ' ');
1035 if (!strcmp(key, "refname"))
1036 report->ref_name = xstrdup_or_null(val);
1037 else if (!strcmp(key, "old-oid") && val &&
1038 !parse_oid_hex(val, &old_oid, &val))
1039 report->old_oid = oiddup(&old_oid);
1040 else if (!strcmp(key, "new-oid") && val &&
1041 !parse_oid_hex(val, &new_oid, &val))
1042 report->new_oid = oiddup(&new_oid);
1043 else if (!strcmp(key, "forced-update"))
1044 report->forced_update = 1;
1045 else if (!strcmp(key, "fall-through"))
1046 /* Fall through, let 'receive-pack' to execute it. */
1047 hint->run_proc_receive = 0;
1054 p = strchr(refname, ' ');
1057 if (strcmp(head, "ok") && strcmp(head, "ng")) {
1058 strbuf_addf(errmsg, "proc-receive reported bad status '%s' on ref '%s'\n",
1064 /* first try searching at our hint, falling back to all refs */
1066 hint = find_command_by_refname(hint, refname);
1068 hint = find_command_by_refname(commands, refname);
1070 strbuf_addf(errmsg, "proc-receive reported status on unknown ref: %s\n",
1075 if (!hint->run_proc_receive) {
1076 strbuf_addf(errmsg, "proc-receive reported status on unexpected ref: %s\n",
1081 hint->run_proc_receive |= RUN_PROC_RECEIVE_RETURNED;
1082 if (!strcmp(head, "ng")) {
1084 hint->error_string = xstrdup(p);
1086 hint->error_string = "failed";
1093 for (cmd = commands; cmd; cmd = cmd->next)
1094 if (cmd->run_proc_receive && !cmd->error_string &&
1095 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED)) {
1096 cmd->error_string = "proc-receive failed to report status";
1102 static int run_proc_receive_hook(struct command *commands,
1103 const struct string_list *push_options)
1105 struct child_process proc = CHILD_PROCESS_INIT;
1107 struct command *cmd;
1108 const char *argv[2];
1109 struct packet_reader reader;
1110 struct strbuf cap = STRBUF_INIT;
1111 struct strbuf errmsg = STRBUF_INIT;
1112 int hook_use_push_options = 0;
1116 argv[0] = find_hook("proc-receive");
1118 rp_error("cannot find hook 'proc-receive'");
1126 proc.trace2_hook_name = "proc-receive";
1129 memset(&muxer, 0, sizeof(muxer));
1130 muxer.proc = copy_to_sideband;
1132 code = start_async(&muxer);
1135 proc.err = muxer.in;
1140 code = start_command(&proc);
1143 finish_async(&muxer);
1147 sigchain_push(SIGPIPE, SIG_IGN);
1149 /* Version negotiaton */
1150 packet_reader_init(&reader, proc.out, NULL, 0,
1151 PACKET_READ_CHOMP_NEWLINE |
1152 PACKET_READ_GENTLE_ON_EOF);
1154 strbuf_addstr(&cap, " atomic");
1155 if (use_push_options)
1156 strbuf_addstr(&cap, " push-options");
1158 code = packet_write_fmt_gently(proc.in, "version=1%c%s\n", '\0', cap.buf + 1);
1159 strbuf_release(&cap);
1161 code = packet_write_fmt_gently(proc.in, "version=1\n");
1164 code = packet_flush_gently(proc.in);
1169 enum packet_read_status status;
1171 status = packet_reader_read(&reader);
1172 if (status != PACKET_READ_NORMAL) {
1173 /* Check whether proc-receive exited abnormally */
1174 if (status == PACKET_READ_EOF)
1179 if (reader.pktlen > 8 && starts_with(reader.line, "version=")) {
1180 version = atoi(reader.line + 8);
1181 linelen = strlen(reader.line);
1182 if (linelen < reader.pktlen) {
1183 const char *feature_list = reader.line + linelen + 1;
1184 if (parse_feature_request(feature_list, "push-options"))
1185 hook_use_push_options = 1;
1191 strbuf_addstr(&errmsg, "fail to negotiate version with proc-receive hook");
1201 strbuf_addf(&errmsg, "proc-receive version '%d' is not supported",
1208 for (cmd = commands; cmd; cmd = cmd->next) {
1209 if (!cmd->run_proc_receive || cmd->skip_update || cmd->error_string)
1211 code = packet_write_fmt_gently(proc.in, "%s %s %s",
1212 oid_to_hex(&cmd->old_oid),
1213 oid_to_hex(&cmd->new_oid),
1219 code = packet_flush_gently(proc.in);
1221 strbuf_addstr(&errmsg, "fail to write commands to proc-receive hook");
1225 /* Send push options */
1226 if (hook_use_push_options) {
1227 struct string_list_item *item;
1229 for_each_string_list_item(item, push_options) {
1230 code = packet_write_fmt_gently(proc.in, "%s", item->string);
1235 code = packet_flush_gently(proc.in);
1237 strbuf_addstr(&errmsg,
1238 "fail to write push-options to proc-receive hook");
1243 /* Read result from proc-receive */
1244 code = read_proc_receive_report(&reader, commands, &errmsg);
1250 finish_async(&muxer);
1251 if (finish_command(&proc))
1253 if (errmsg.len >0) {
1254 char *p = errmsg.buf;
1256 p += errmsg.len - 1;
1259 rp_error("%s", errmsg.buf);
1260 strbuf_release(&errmsg);
1262 sigchain_pop(SIGPIPE);
1267 static char *refuse_unconfigured_deny_msg =
1268 N_("By default, updating the current branch in a non-bare repository\n"
1269 "is denied, because it will make the index and work tree inconsistent\n"
1270 "with what you pushed, and will require 'git reset --hard' to match\n"
1271 "the work tree to HEAD.\n"
1273 "You can set the 'receive.denyCurrentBranch' configuration variable\n"
1274 "to 'ignore' or 'warn' in the remote repository to allow pushing into\n"
1275 "its current branch; however, this is not recommended unless you\n"
1276 "arranged to update its work tree to match what you pushed in some\n"
1279 "To squelch this message and still keep the default behaviour, set\n"
1280 "'receive.denyCurrentBranch' configuration variable to 'refuse'.");
1282 static void refuse_unconfigured_deny(void)
1284 rp_error("%s", _(refuse_unconfigured_deny_msg));
1287 static char *refuse_unconfigured_deny_delete_current_msg =
1288 N_("By default, deleting the current branch is denied, because the next\n"
1289 "'git clone' won't result in any file checked out, causing confusion.\n"
1291 "You can set 'receive.denyDeleteCurrent' configuration variable to\n"
1292 "'warn' or 'ignore' in the remote repository to allow deleting the\n"
1293 "current branch, with or without a warning message.\n"
1295 "To squelch this message, you can set it to 'refuse'.");
1297 static void refuse_unconfigured_deny_delete_current(void)
1299 rp_error("%s", _(refuse_unconfigured_deny_delete_current_msg));
1302 static int command_singleton_iterator(void *cb_data, struct object_id *oid);
1303 static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
1305 struct shallow_lock shallow_lock = SHALLOW_LOCK_INIT;
1306 struct oid_array extra = OID_ARRAY_INIT;
1307 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1308 uint32_t mask = 1 << (cmd->index % 32);
1311 trace_printf_key(&trace_shallow,
1312 "shallow: update_shallow_ref %s\n", cmd->ref_name);
1313 for (i = 0; i < si->shallow->nr; i++)
1314 if (si->used_shallow[i] &&
1315 (si->used_shallow[i][cmd->index / 32] & mask) &&
1316 !delayed_reachability_test(si, i))
1317 oid_array_append(&extra, &si->shallow->oid[i]);
1319 opt.env = tmp_objdir_env(tmp_objdir);
1320 setup_alternate_shallow(&shallow_lock, &opt.shallow_file, &extra);
1321 if (check_connected(command_singleton_iterator, cmd, &opt)) {
1322 rollback_shallow_file(the_repository, &shallow_lock);
1323 oid_array_clear(&extra);
1327 commit_shallow_file(the_repository, &shallow_lock);
1330 * Make sure setup_alternate_shallow() for the next ref does
1331 * not lose these new roots..
1333 for (i = 0; i < extra.nr; i++)
1334 register_shallow(the_repository, &extra.oid[i]);
1336 si->shallow_ref[cmd->index] = 0;
1337 oid_array_clear(&extra);
1342 * NEEDSWORK: we should consolidate various implementions of "are we
1343 * on an unborn branch?" test into one, and make the unified one more
1344 * robust. !get_sha1() based check used here and elsewhere would not
1345 * allow us to tell an unborn branch from corrupt ref, for example.
1346 * For the purpose of fixing "deploy-to-update does not work when
1347 * pushing into an empty repository" issue, this should suffice for
1350 static int head_has_history(void)
1352 struct object_id oid;
1354 return !get_oid("HEAD", &oid);
1357 static const char *push_to_deploy(unsigned char *sha1,
1359 const char *work_tree)
1361 const char *update_refresh[] = {
1362 "update-index", "-q", "--ignore-submodules", "--refresh", NULL
1364 const char *diff_files[] = {
1365 "diff-files", "--quiet", "--ignore-submodules", "--", NULL
1367 const char *diff_index[] = {
1368 "diff-index", "--quiet", "--cached", "--ignore-submodules",
1371 const char *read_tree[] = {
1372 "read-tree", "-u", "-m", NULL, NULL
1374 struct child_process child = CHILD_PROCESS_INIT;
1376 child.argv = update_refresh;
1378 child.dir = work_tree;
1380 child.stdout_to_stderr = 1;
1382 if (run_command(&child))
1383 return "Up-to-date check failed";
1385 /* run_command() does not clean up completely; reinitialize */
1386 child_process_init(&child);
1387 child.argv = diff_files;
1389 child.dir = work_tree;
1391 child.stdout_to_stderr = 1;
1393 if (run_command(&child))
1394 return "Working directory has unstaged changes";
1396 /* diff-index with either HEAD or an empty tree */
1397 diff_index[4] = head_has_history() ? "HEAD" : empty_tree_oid_hex();
1399 child_process_init(&child);
1400 child.argv = diff_index;
1403 child.no_stdout = 1;
1404 child.stdout_to_stderr = 0;
1406 if (run_command(&child))
1407 return "Working directory has staged changes";
1409 read_tree[3] = hash_to_hex(sha1);
1410 child_process_init(&child);
1411 child.argv = read_tree;
1413 child.dir = work_tree;
1415 child.no_stdout = 1;
1416 child.stdout_to_stderr = 0;
1418 if (run_command(&child))
1419 return "Could not update working tree to new HEAD";
1424 static const char *push_to_checkout_hook = "push-to-checkout";
1426 static const char *push_to_checkout(unsigned char *hash,
1428 const char *work_tree)
1430 strvec_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
1431 if (run_hook_le(env->v, push_to_checkout_hook,
1432 hash_to_hex(hash), NULL))
1433 return "push-to-checkout hook declined";
1438 static const char *update_worktree(unsigned char *sha1, const struct worktree *worktree)
1440 const char *retval, *work_tree, *git_dir = NULL;
1441 struct strvec env = STRVEC_INIT;
1443 if (worktree && worktree->path)
1444 work_tree = worktree->path;
1445 else if (git_work_tree_cfg)
1446 work_tree = git_work_tree_cfg;
1450 if (is_bare_repository())
1451 return "denyCurrentBranch = updateInstead needs a worktree";
1453 git_dir = get_worktree_git_dir(worktree);
1455 git_dir = get_git_dir();
1457 strvec_pushf(&env, "GIT_DIR=%s", absolute_path(git_dir));
1459 if (!find_hook(push_to_checkout_hook))
1460 retval = push_to_deploy(sha1, &env, work_tree);
1462 retval = push_to_checkout(sha1, &env, work_tree);
1468 static const char *update(struct command *cmd, struct shallow_info *si)
1470 const char *name = cmd->ref_name;
1471 struct strbuf namespaced_name_buf = STRBUF_INIT;
1472 static char *namespaced_name;
1474 struct object_id *old_oid = &cmd->old_oid;
1475 struct object_id *new_oid = &cmd->new_oid;
1476 int do_update_worktree = 0;
1477 const struct worktree *worktree = is_bare_repository() ? NULL : find_shared_symref("HEAD", name);
1479 /* only refs/... are allowed */
1480 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
1481 rp_error("refusing to create funny ref '%s' remotely", name);
1482 return "funny refname";
1485 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
1486 free(namespaced_name);
1487 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
1490 switch (deny_current_branch) {
1494 rp_warning("updating the current branch");
1497 case DENY_UNCONFIGURED:
1498 rp_error("refusing to update checked out branch: %s", name);
1499 if (deny_current_branch == DENY_UNCONFIGURED)
1500 refuse_unconfigured_deny();
1501 return "branch is currently checked out";
1502 case DENY_UPDATE_INSTEAD:
1503 /* pass -- let other checks intervene first */
1504 do_update_worktree = 1;
1509 if (!is_null_oid(new_oid) && !has_object_file(new_oid)) {
1510 error("unpack should have generated %s, "
1511 "but I can't find it!", oid_to_hex(new_oid));
1515 if (!is_null_oid(old_oid) && is_null_oid(new_oid)) {
1516 if (deny_deletes && starts_with(name, "refs/heads/")) {
1517 rp_error("denying ref deletion for %s", name);
1518 return "deletion prohibited";
1521 if (worktree || (head_name && !strcmp(namespaced_name, head_name))) {
1522 switch (deny_delete_current) {
1526 rp_warning("deleting the current branch");
1529 case DENY_UNCONFIGURED:
1530 case DENY_UPDATE_INSTEAD:
1531 if (deny_delete_current == DENY_UNCONFIGURED)
1532 refuse_unconfigured_deny_delete_current();
1533 rp_error("refusing to delete the current branch: %s", name);
1534 return "deletion of the current branch prohibited";
1536 return "Invalid denyDeleteCurrent setting";
1541 if (deny_non_fast_forwards && !is_null_oid(new_oid) &&
1542 !is_null_oid(old_oid) &&
1543 starts_with(name, "refs/heads/")) {
1544 struct object *old_object, *new_object;
1545 struct commit *old_commit, *new_commit;
1547 old_object = parse_object(the_repository, old_oid);
1548 new_object = parse_object(the_repository, new_oid);
1550 if (!old_object || !new_object ||
1551 old_object->type != OBJ_COMMIT ||
1552 new_object->type != OBJ_COMMIT) {
1553 error("bad sha1 objects for %s", name);
1556 old_commit = (struct commit *)old_object;
1557 new_commit = (struct commit *)new_object;
1558 if (!in_merge_bases(old_commit, new_commit)) {
1559 rp_error("denying non-fast-forward %s"
1560 " (you should pull first)", name);
1561 return "non-fast-forward";
1564 if (run_update_hook(cmd)) {
1565 rp_error("hook declined to update %s", name);
1566 return "hook declined";
1569 if (do_update_worktree) {
1570 ret = update_worktree(new_oid->hash, find_shared_symref("HEAD", name));
1575 if (is_null_oid(new_oid)) {
1576 struct strbuf err = STRBUF_INIT;
1577 if (!parse_object(the_repository, old_oid)) {
1579 if (ref_exists(name)) {
1580 rp_warning("Allowing deletion of corrupt ref.");
1582 rp_warning("Deleting a non-existent ref.");
1583 cmd->did_not_exist = 1;
1586 if (ref_transaction_delete(transaction,
1590 rp_error("%s", err.buf);
1591 strbuf_release(&err);
1592 return "failed to delete";
1594 strbuf_release(&err);
1595 return NULL; /* good */
1598 struct strbuf err = STRBUF_INIT;
1599 if (shallow_update && si->shallow_ref[cmd->index] &&
1600 update_shallow_ref(cmd, si))
1601 return "shallow error";
1603 if (ref_transaction_update(transaction,
1608 rp_error("%s", err.buf);
1609 strbuf_release(&err);
1611 return "failed to update ref";
1613 strbuf_release(&err);
1615 return NULL; /* good */
1619 static void run_update_post_hook(struct command *commands)
1621 struct command *cmd;
1622 struct child_process proc = CHILD_PROCESS_INIT;
1625 hook = find_hook("post-update");
1629 for (cmd = commands; cmd; cmd = cmd->next) {
1630 if (cmd->error_string || cmd->did_not_exist)
1633 strvec_push(&proc.args, hook);
1634 strvec_push(&proc.args, cmd->ref_name);
1640 proc.stdout_to_stderr = 1;
1641 proc.err = use_sideband ? -1 : 0;
1642 proc.trace2_hook_name = "post-update";
1644 if (!start_command(&proc)) {
1646 copy_to_sideband(proc.err, -1, NULL);
1647 finish_command(&proc);
1651 static void check_aliased_update_internal(struct command *cmd,
1652 struct string_list *list,
1653 const char *dst_name, int flag)
1655 struct string_list_item *item;
1656 struct command *dst_cmd;
1658 if (!(flag & REF_ISSYMREF))
1662 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1663 cmd->skip_update = 1;
1664 cmd->error_string = "broken symref";
1667 dst_name = strip_namespace(dst_name);
1669 if ((item = string_list_lookup(list, dst_name)) == NULL)
1672 cmd->skip_update = 1;
1674 dst_cmd = (struct command *) item->util;
1676 if (oideq(&cmd->old_oid, &dst_cmd->old_oid) &&
1677 oideq(&cmd->new_oid, &dst_cmd->new_oid))
1680 dst_cmd->skip_update = 1;
1682 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1683 " its target '%s' (%s..%s)",
1685 find_unique_abbrev(&cmd->old_oid, DEFAULT_ABBREV),
1686 find_unique_abbrev(&cmd->new_oid, DEFAULT_ABBREV),
1688 find_unique_abbrev(&dst_cmd->old_oid, DEFAULT_ABBREV),
1689 find_unique_abbrev(&dst_cmd->new_oid, DEFAULT_ABBREV));
1691 cmd->error_string = dst_cmd->error_string =
1692 "inconsistent aliased update";
1695 static void check_aliased_update(struct command *cmd, struct string_list *list)
1697 struct strbuf buf = STRBUF_INIT;
1698 const char *dst_name;
1701 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1702 dst_name = resolve_ref_unsafe(buf.buf, 0, NULL, &flag);
1703 check_aliased_update_internal(cmd, list, dst_name, flag);
1704 strbuf_release(&buf);
1707 static void check_aliased_updates(struct command *commands)
1709 struct command *cmd;
1710 struct string_list ref_list = STRING_LIST_INIT_NODUP;
1712 for (cmd = commands; cmd; cmd = cmd->next) {
1713 struct string_list_item *item =
1714 string_list_append(&ref_list, cmd->ref_name);
1715 item->util = (void *)cmd;
1717 string_list_sort(&ref_list);
1719 for (cmd = commands; cmd; cmd = cmd->next) {
1720 if (!cmd->error_string)
1721 check_aliased_update(cmd, &ref_list);
1724 string_list_clear(&ref_list, 0);
1727 static int command_singleton_iterator(void *cb_data, struct object_id *oid)
1729 struct command **cmd_list = cb_data;
1730 struct command *cmd = *cmd_list;
1732 if (!cmd || is_null_oid(&cmd->new_oid))
1733 return -1; /* end of list */
1734 *cmd_list = NULL; /* this returns only one */
1735 oidcpy(oid, &cmd->new_oid);
1739 static void set_connectivity_errors(struct command *commands,
1740 struct shallow_info *si)
1742 struct command *cmd;
1744 for (cmd = commands; cmd; cmd = cmd->next) {
1745 struct command *singleton = cmd;
1746 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1748 if (shallow_update && si->shallow_ref[cmd->index])
1749 /* to be checked in update_shallow_ref() */
1752 opt.env = tmp_objdir_env(tmp_objdir);
1753 if (!check_connected(command_singleton_iterator, &singleton,
1757 cmd->error_string = "missing necessary objects";
1761 struct iterate_data {
1762 struct command *cmds;
1763 struct shallow_info *si;
1766 static int iterate_receive_command_list(void *cb_data, struct object_id *oid)
1768 struct iterate_data *data = cb_data;
1769 struct command **cmd_list = &data->cmds;
1770 struct command *cmd = *cmd_list;
1772 for (; cmd; cmd = cmd->next) {
1773 if (shallow_update && data->si->shallow_ref[cmd->index])
1774 /* to be checked in update_shallow_ref() */
1776 if (!is_null_oid(&cmd->new_oid) && !cmd->skip_update) {
1777 oidcpy(oid, &cmd->new_oid);
1778 *cmd_list = cmd->next;
1783 return -1; /* end of list */
1786 static void reject_updates_to_hidden(struct command *commands)
1788 struct strbuf refname_full = STRBUF_INIT;
1790 struct command *cmd;
1792 strbuf_addstr(&refname_full, get_git_namespace());
1793 prefix_len = refname_full.len;
1795 for (cmd = commands; cmd; cmd = cmd->next) {
1796 if (cmd->error_string)
1799 strbuf_setlen(&refname_full, prefix_len);
1800 strbuf_addstr(&refname_full, cmd->ref_name);
1802 if (!ref_is_hidden(cmd->ref_name, refname_full.buf))
1804 if (is_null_oid(&cmd->new_oid))
1805 cmd->error_string = "deny deleting a hidden ref";
1807 cmd->error_string = "deny updating a hidden ref";
1810 strbuf_release(&refname_full);
1813 static int should_process_cmd(struct command *cmd)
1815 return !cmd->error_string && !cmd->skip_update;
1818 static void warn_if_skipped_connectivity_check(struct command *commands,
1819 struct shallow_info *si)
1821 struct command *cmd;
1822 int checked_connectivity = 1;
1824 for (cmd = commands; cmd; cmd = cmd->next) {
1825 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index]) {
1826 error("BUG: connectivity check has not been run on ref %s",
1828 checked_connectivity = 0;
1831 if (!checked_connectivity)
1832 BUG("connectivity check skipped???");
1835 static void execute_commands_non_atomic(struct command *commands,
1836 struct shallow_info *si)
1838 struct command *cmd;
1839 struct strbuf err = STRBUF_INIT;
1841 for (cmd = commands; cmd; cmd = cmd->next) {
1842 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
1845 transaction = ref_transaction_begin(&err);
1847 rp_error("%s", err.buf);
1849 cmd->error_string = "transaction failed to start";
1853 cmd->error_string = update(cmd, si);
1855 if (!cmd->error_string
1856 && ref_transaction_commit(transaction, &err)) {
1857 rp_error("%s", err.buf);
1859 cmd->error_string = "failed to update ref";
1861 ref_transaction_free(transaction);
1863 strbuf_release(&err);
1866 static void execute_commands_atomic(struct command *commands,
1867 struct shallow_info *si)
1869 struct command *cmd;
1870 struct strbuf err = STRBUF_INIT;
1871 const char *reported_error = "atomic push failure";
1873 transaction = ref_transaction_begin(&err);
1875 rp_error("%s", err.buf);
1877 reported_error = "transaction failed to start";
1881 for (cmd = commands; cmd; cmd = cmd->next) {
1882 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
1885 cmd->error_string = update(cmd, si);
1887 if (cmd->error_string)
1891 if (ref_transaction_commit(transaction, &err)) {
1892 rp_error("%s", err.buf);
1893 reported_error = "atomic transaction failed";
1899 for (cmd = commands; cmd; cmd = cmd->next)
1900 if (!cmd->error_string)
1901 cmd->error_string = reported_error;
1904 ref_transaction_free(transaction);
1905 strbuf_release(&err);
1908 static void execute_commands(struct command *commands,
1909 const char *unpacker_error,
1910 struct shallow_info *si,
1911 const struct string_list *push_options)
1913 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1914 struct command *cmd;
1915 struct iterate_data data;
1918 int run_proc_receive = 0;
1920 if (unpacker_error) {
1921 for (cmd = commands; cmd; cmd = cmd->next)
1922 cmd->error_string = "unpacker error";
1927 memset(&muxer, 0, sizeof(muxer));
1928 muxer.proc = copy_to_sideband;
1930 if (!start_async(&muxer))
1932 /* ...else, continue without relaying sideband */
1935 data.cmds = commands;
1937 opt.err_fd = err_fd;
1938 opt.progress = err_fd && !quiet;
1939 opt.env = tmp_objdir_env(tmp_objdir);
1940 if (check_connected(iterate_receive_command_list, &data, &opt))
1941 set_connectivity_errors(commands, si);
1944 finish_async(&muxer);
1946 reject_updates_to_hidden(commands);
1949 * Try to find commands that have special prefix in their reference names,
1950 * and mark them to run an external "proc-receive" hook later.
1952 if (proc_receive_ref) {
1953 for (cmd = commands; cmd; cmd = cmd->next) {
1954 if (!should_process_cmd(cmd))
1957 if (proc_receive_ref_matches(cmd)) {
1958 cmd->run_proc_receive = RUN_PROC_RECEIVE_SCHEDULED;
1959 run_proc_receive = 1;
1964 if (run_receive_hook(commands, "pre-receive", 0, push_options)) {
1965 for (cmd = commands; cmd; cmd = cmd->next) {
1966 if (!cmd->error_string)
1967 cmd->error_string = "pre-receive hook declined";
1973 * Now we'll start writing out refs, which means the objects need
1974 * to be in their final positions so that other processes can see them.
1976 if (tmp_objdir_migrate(tmp_objdir) < 0) {
1977 for (cmd = commands; cmd; cmd = cmd->next) {
1978 if (!cmd->error_string)
1979 cmd->error_string = "unable to migrate objects to permanent storage";
1985 check_aliased_updates(commands);
1987 free(head_name_to_free);
1988 head_name = head_name_to_free = resolve_refdup("HEAD", 0, NULL, NULL);
1990 if (run_proc_receive &&
1991 run_proc_receive_hook(commands, push_options))
1992 for (cmd = commands; cmd; cmd = cmd->next)
1993 if (!cmd->error_string &&
1994 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED) &&
1995 (cmd->run_proc_receive || use_atomic))
1996 cmd->error_string = "fail to run proc-receive hook";
1999 execute_commands_atomic(commands, si);
2001 execute_commands_non_atomic(commands, si);
2004 warn_if_skipped_connectivity_check(commands, si);
2007 static struct command **queue_command(struct command **tail,
2011 struct object_id old_oid, new_oid;
2012 struct command *cmd;
2013 const char *refname;
2017 if (parse_oid_hex(line, &old_oid, &p) ||
2019 parse_oid_hex(p, &new_oid, &p) ||
2021 die("protocol error: expected old/new/ref, got '%s'", line);
2024 reflen = linelen - (p - line);
2025 FLEX_ALLOC_MEM(cmd, ref_name, refname, reflen);
2026 oidcpy(&cmd->old_oid, &old_oid);
2027 oidcpy(&cmd->new_oid, &new_oid);
2032 static void queue_commands_from_cert(struct command **tail,
2033 struct strbuf *push_cert)
2035 const char *boc, *eoc;
2038 die("protocol error: got both push certificate and unsigned commands");
2040 boc = strstr(push_cert->buf, "\n\n");
2042 die("malformed push certificate %.*s", 100, push_cert->buf);
2045 eoc = push_cert->buf + parse_signature(push_cert->buf, push_cert->len);
2048 const char *eol = memchr(boc, '\n', eoc - boc);
2049 tail = queue_command(tail, boc, eol ? eol - boc : eoc - boc);
2050 boc = eol ? eol + 1 : eoc;
2054 static struct command *read_head_info(struct packet_reader *reader,
2055 struct oid_array *shallow)
2057 struct command *commands = NULL;
2058 struct command **p = &commands;
2062 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
2065 if (reader->pktlen > 8 && starts_with(reader->line, "shallow ")) {
2066 struct object_id oid;
2067 if (get_oid_hex(reader->line + 8, &oid))
2068 die("protocol error: expected shallow sha, got '%s'",
2070 oid_array_append(shallow, &oid);
2074 linelen = strlen(reader->line);
2075 if (linelen < reader->pktlen) {
2076 const char *feature_list = reader->line + linelen + 1;
2077 const char *hash = NULL;
2079 if (parse_feature_request(feature_list, "report-status"))
2081 if (parse_feature_request(feature_list, "report-status-v2"))
2082 report_status_v2 = 1;
2083 if (parse_feature_request(feature_list, "side-band-64k"))
2084 use_sideband = LARGE_PACKET_MAX;
2085 if (parse_feature_request(feature_list, "quiet"))
2087 if (advertise_atomic_push
2088 && parse_feature_request(feature_list, "atomic"))
2090 if (advertise_push_options
2091 && parse_feature_request(feature_list, "push-options"))
2092 use_push_options = 1;
2093 hash = parse_feature_value(feature_list, "object-format", &len, NULL);
2095 hash = hash_algos[GIT_HASH_SHA1].name;
2098 if (xstrncmpz(the_hash_algo->name, hash, len))
2099 die("error: unsupported object format '%s'", hash);
2102 if (!strcmp(reader->line, "push-cert")) {
2104 int saved_options = reader->options;
2105 reader->options &= ~PACKET_READ_CHOMP_NEWLINE;
2108 packet_reader_read(reader);
2109 if (reader->status == PACKET_READ_FLUSH) {
2113 if (reader->status != PACKET_READ_NORMAL) {
2114 die("protocol error: got an unexpected packet");
2116 if (!strcmp(reader->line, "push-cert-end\n"))
2117 break; /* end of cert */
2118 strbuf_addstr(&push_cert, reader->line);
2120 reader->options = saved_options;
2127 p = queue_command(p, reader->line, linelen);
2131 queue_commands_from_cert(p, &push_cert);
2136 static void read_push_options(struct packet_reader *reader,
2137 struct string_list *options)
2140 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
2143 string_list_append(options, reader->line);
2147 static const char *parse_pack_header(struct pack_header *hdr)
2149 switch (read_pack_header(0, hdr)) {
2151 return "eof before pack header was fully read";
2153 case PH_ERROR_PACK_SIGNATURE:
2154 return "protocol error (pack signature mismatch detected)";
2156 case PH_ERROR_PROTOCOL:
2157 return "protocol error (pack version unsupported)";
2160 return "unknown error in parse_pack_header";
2167 static const char *pack_lockfile;
2169 static void push_header_arg(struct strvec *args, struct pack_header *hdr)
2171 strvec_pushf(args, "--pack_header=%"PRIu32",%"PRIu32,
2172 ntohl(hdr->hdr_version), ntohl(hdr->hdr_entries));
2175 static const char *unpack(int err_fd, struct shallow_info *si)
2177 struct pack_header hdr;
2178 const char *hdr_err;
2180 struct child_process child = CHILD_PROCESS_INIT;
2181 int fsck_objects = (receive_fsck_objects >= 0
2182 ? receive_fsck_objects
2183 : transfer_fsck_objects >= 0
2184 ? transfer_fsck_objects
2187 hdr_err = parse_pack_header(&hdr);
2194 if (si->nr_ours || si->nr_theirs) {
2195 alt_shallow_file = setup_temporary_shallow(si->shallow);
2196 strvec_push(&child.args, "--shallow-file");
2197 strvec_push(&child.args, alt_shallow_file);
2200 tmp_objdir = tmp_objdir_create();
2204 return "unable to create temporary object directory";
2206 child.env = tmp_objdir_env(tmp_objdir);
2209 * Normally we just pass the tmp_objdir environment to the child
2210 * processes that do the heavy lifting, but we may need to see these
2211 * objects ourselves to set up shallow information.
2213 tmp_objdir_add_as_alternate(tmp_objdir);
2215 if (ntohl(hdr.hdr_entries) < unpack_limit) {
2216 strvec_push(&child.args, "unpack-objects");
2217 push_header_arg(&child.args, &hdr);
2219 strvec_push(&child.args, "-q");
2221 strvec_pushf(&child.args, "--strict%s",
2222 fsck_msg_types.buf);
2224 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
2225 (uintmax_t)max_input_size);
2226 child.no_stdout = 1;
2229 status = run_command(&child);
2231 return "unpack-objects abnormal exit";
2233 char hostname[HOST_NAME_MAX + 1];
2235 strvec_pushl(&child.args, "index-pack", "--stdin", NULL);
2236 push_header_arg(&child.args, &hdr);
2238 if (xgethostname(hostname, sizeof(hostname)))
2239 xsnprintf(hostname, sizeof(hostname), "localhost");
2240 strvec_pushf(&child.args,
2241 "--keep=receive-pack %"PRIuMAX" on %s",
2242 (uintmax_t)getpid(),
2245 if (!quiet && err_fd)
2246 strvec_push(&child.args, "--show-resolving-progress");
2248 strvec_push(&child.args, "--report-end-of-input");
2250 strvec_pushf(&child.args, "--strict%s",
2251 fsck_msg_types.buf);
2253 strvec_push(&child.args, "--fix-thin");
2255 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
2256 (uintmax_t)max_input_size);
2260 status = start_command(&child);
2262 return "index-pack fork failed";
2263 pack_lockfile = index_pack_lockfile(child.out);
2265 status = finish_command(&child);
2267 return "index-pack abnormal exit";
2268 reprepare_packed_git(the_repository);
2273 static const char *unpack_with_sideband(struct shallow_info *si)
2279 return unpack(0, si);
2281 use_keepalive = KEEPALIVE_AFTER_NUL;
2282 memset(&muxer, 0, sizeof(muxer));
2283 muxer.proc = copy_to_sideband;
2285 if (start_async(&muxer))
2288 ret = unpack(muxer.in, si);
2290 finish_async(&muxer);
2294 static void prepare_shallow_update(struct shallow_info *si)
2296 int i, j, k, bitmap_size = DIV_ROUND_UP(si->ref->nr, 32);
2298 ALLOC_ARRAY(si->used_shallow, si->shallow->nr);
2299 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
2301 si->need_reachability_test =
2302 xcalloc(si->shallow->nr, sizeof(*si->need_reachability_test));
2304 xcalloc(si->shallow->nr, sizeof(*si->reachable));
2305 si->shallow_ref = xcalloc(si->ref->nr, sizeof(*si->shallow_ref));
2307 for (i = 0; i < si->nr_ours; i++)
2308 si->need_reachability_test[si->ours[i]] = 1;
2310 for (i = 0; i < si->shallow->nr; i++) {
2311 if (!si->used_shallow[i])
2313 for (j = 0; j < bitmap_size; j++) {
2314 if (!si->used_shallow[i][j])
2316 si->need_reachability_test[i]++;
2317 for (k = 0; k < 32; k++)
2318 if (si->used_shallow[i][j] & (1U << k))
2319 si->shallow_ref[j * 32 + k]++;
2323 * true for those associated with some refs and belong
2324 * in "ours" list aka "step 7 not done yet"
2326 si->need_reachability_test[i] =
2327 si->need_reachability_test[i] > 1;
2331 * keep hooks happy by forcing a temporary shallow file via
2332 * env variable because we can't add --shallow-file to every
2333 * command. check_connected() will be done with
2334 * true .git/shallow though.
2336 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
2339 static void update_shallow_info(struct command *commands,
2340 struct shallow_info *si,
2341 struct oid_array *ref)
2343 struct command *cmd;
2345 remove_nonexistent_theirs_shallow(si);
2346 if (!si->nr_ours && !si->nr_theirs) {
2351 for (cmd = commands; cmd; cmd = cmd->next) {
2352 if (is_null_oid(&cmd->new_oid))
2354 oid_array_append(ref, &cmd->new_oid);
2355 cmd->index = ref->nr - 1;
2359 if (shallow_update) {
2360 prepare_shallow_update(si);
2364 ALLOC_ARRAY(ref_status, ref->nr);
2365 assign_shallow_commits_to_refs(si, NULL, ref_status);
2366 for (cmd = commands; cmd; cmd = cmd->next) {
2367 if (is_null_oid(&cmd->new_oid))
2369 if (ref_status[cmd->index]) {
2370 cmd->error_string = "shallow update not allowed";
2371 cmd->skip_update = 1;
2377 static void report(struct command *commands, const char *unpack_status)
2379 struct command *cmd;
2380 struct strbuf buf = STRBUF_INIT;
2382 packet_buf_write(&buf, "unpack %s\n",
2383 unpack_status ? unpack_status : "ok");
2384 for (cmd = commands; cmd; cmd = cmd->next) {
2385 if (!cmd->error_string)
2386 packet_buf_write(&buf, "ok %s\n",
2389 packet_buf_write(&buf, "ng %s %s\n",
2390 cmd->ref_name, cmd->error_string);
2392 packet_buf_flush(&buf);
2395 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2397 write_or_die(1, buf.buf, buf.len);
2398 strbuf_release(&buf);
2401 static void report_v2(struct command *commands, const char *unpack_status)
2403 struct command *cmd;
2404 struct strbuf buf = STRBUF_INIT;
2405 struct ref_push_report *report;
2407 packet_buf_write(&buf, "unpack %s\n",
2408 unpack_status ? unpack_status : "ok");
2409 for (cmd = commands; cmd; cmd = cmd->next) {
2412 if (cmd->error_string) {
2413 packet_buf_write(&buf, "ng %s %s\n",
2418 packet_buf_write(&buf, "ok %s\n",
2420 for (report = cmd->report; report; report = report->next) {
2422 packet_buf_write(&buf, "ok %s\n",
2424 if (report->ref_name)
2425 packet_buf_write(&buf, "option refname %s\n",
2427 if (report->old_oid)
2428 packet_buf_write(&buf, "option old-oid %s\n",
2429 oid_to_hex(report->old_oid));
2430 if (report->new_oid)
2431 packet_buf_write(&buf, "option new-oid %s\n",
2432 oid_to_hex(report->new_oid));
2433 if (report->forced_update)
2434 packet_buf_write(&buf, "option forced-update\n");
2437 packet_buf_flush(&buf);
2440 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2442 write_or_die(1, buf.buf, buf.len);
2443 strbuf_release(&buf);
2446 static int delete_only(struct command *commands)
2448 struct command *cmd;
2449 for (cmd = commands; cmd; cmd = cmd->next) {
2450 if (!is_null_oid(&cmd->new_oid))
2456 int cmd_receive_pack(int argc, const char **argv, const char *prefix)
2458 int advertise_refs = 0;
2459 struct command *commands;
2460 struct oid_array shallow = OID_ARRAY_INIT;
2461 struct oid_array ref = OID_ARRAY_INIT;
2462 struct shallow_info si;
2463 struct packet_reader reader;
2465 struct option options[] = {
2466 OPT__QUIET(&quiet, N_("quiet")),
2467 OPT_HIDDEN_BOOL(0, "stateless-rpc", &stateless_rpc, NULL),
2468 OPT_HIDDEN_BOOL(0, "advertise-refs", &advertise_refs, NULL),
2469 OPT_HIDDEN_BOOL(0, "reject-thin-pack-for-testing", &reject_thin, NULL),
2473 packet_trace_identity("receive-pack");
2475 argc = parse_options(argc, argv, prefix, options, receive_pack_usage, 0);
2478 usage_msg_opt(_("Too many arguments."), receive_pack_usage, options);
2480 usage_msg_opt(_("You must specify a directory."), receive_pack_usage, options);
2482 service_dir = argv[0];
2486 if (!enter_repo(service_dir, 0))
2487 die("'%s' does not appear to be a git repository", service_dir);
2489 git_config(receive_pack_config, NULL);
2490 if (cert_nonce_seed)
2491 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
2493 if (0 <= transfer_unpack_limit)
2494 unpack_limit = transfer_unpack_limit;
2495 else if (0 <= receive_unpack_limit)
2496 unpack_limit = receive_unpack_limit;
2498 switch (determine_protocol_version_server()) {
2501 * push support for protocol v2 has not been implemented yet,
2502 * so ignore the request to use v2 and fallback to using v0.
2507 * v1 is just the original protocol with a version string,
2508 * so just fall through after writing the version string.
2510 if (advertise_refs || !stateless_rpc)
2511 packet_write_fmt(1, "version 1\n");
2516 case protocol_unknown_version:
2517 BUG("unknown protocol version");
2520 if (advertise_refs || !stateless_rpc) {
2526 packet_reader_init(&reader, 0, NULL, 0,
2527 PACKET_READ_CHOMP_NEWLINE |
2528 PACKET_READ_DIE_ON_ERR_PACKET);
2530 if ((commands = read_head_info(&reader, &shallow)) != NULL) {
2531 const char *unpack_status = NULL;
2532 struct string_list push_options = STRING_LIST_INIT_DUP;
2534 if (use_push_options)
2535 read_push_options(&reader, &push_options);
2536 if (!check_cert_push_options(&push_options)) {
2537 struct command *cmd;
2538 for (cmd = commands; cmd; cmd = cmd->next)
2539 cmd->error_string = "inconsistent push options";
2542 prepare_shallow_info(&si, &shallow);
2543 if (!si.nr_ours && !si.nr_theirs)
2545 if (!delete_only(commands)) {
2546 unpack_status = unpack_with_sideband(&si);
2547 update_shallow_info(commands, &si, &ref);
2549 use_keepalive = KEEPALIVE_ALWAYS;
2550 execute_commands(commands, unpack_status, &si,
2553 unlink_or_warn(pack_lockfile);
2554 if (report_status_v2)
2555 report_v2(commands, unpack_status);
2556 else if (report_status)
2557 report(commands, unpack_status);
2558 run_receive_hook(commands, "post-receive", 1,
2560 run_update_post_hook(commands);
2561 string_list_clear(&push_options, 0);
2563 const char *argv_gc_auto[] = {
2564 "gc", "--auto", "--quiet", NULL,
2566 struct child_process proc = CHILD_PROCESS_INIT;
2569 proc.stdout_to_stderr = 1;
2570 proc.err = use_sideband ? -1 : 0;
2572 proc.argv = argv_gc_auto;
2574 close_object_store(the_repository->objects);
2575 if (!start_command(&proc)) {
2577 copy_to_sideband(proc.err, -1, NULL);
2578 finish_command(&proc);
2581 if (auto_update_server_info)
2582 update_server_info(0);
2583 clear_shallow_info(&si);
2587 oid_array_clear(&shallow);
2588 oid_array_clear(&ref);
2589 free((void *)push_cert_nonce);