2 #include "repository.h"
9 #include "run-command.h"
16 #include "string-list.h"
17 #include "oid-array.h"
18 #include "connected.h"
22 #include "gpg-interface.h"
25 #include "tmp-objdir.h"
28 #include "object-store.h"
30 #include "commit-reach.h"
34 static const char * const receive_pack_usage[] = {
35 N_("git receive-pack <git-dir>"),
47 static int deny_deletes;
48 static int deny_non_fast_forwards;
49 static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
50 static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
51 static int receive_fsck_objects = -1;
52 static int transfer_fsck_objects = -1;
53 static struct strbuf fsck_msg_types = STRBUF_INIT;
54 static int receive_unpack_limit = -1;
55 static int transfer_unpack_limit = -1;
56 static int advertise_atomic_push = 1;
57 static int advertise_push_options;
58 static int advertise_sid;
59 static int unpack_limit = 100;
60 static off_t max_input_size;
61 static int report_status;
62 static int report_status_v2;
63 static int use_sideband;
64 static int use_atomic;
65 static int use_push_options;
67 static int prefer_ofs_delta = 1;
68 static int auto_update_server_info;
69 static int auto_gc = 1;
70 static int reject_thin;
71 static int stateless_rpc;
72 static const char *service_dir;
73 static const char *head_name;
74 static void *head_name_to_free;
75 static int sent_capabilities;
76 static int shallow_update;
77 static const char *alt_shallow_file;
78 static struct strbuf push_cert = STRBUF_INIT;
79 static struct object_id push_cert_oid;
80 static struct signature_check sigcheck;
81 static const char *push_cert_nonce;
82 static const char *cert_nonce_seed;
84 static const char *NONCE_UNSOLICITED = "UNSOLICITED";
85 static const char *NONCE_BAD = "BAD";
86 static const char *NONCE_MISSING = "MISSING";
87 static const char *NONCE_OK = "OK";
88 static const char *NONCE_SLOP = "SLOP";
89 static const char *nonce_status;
90 static long nonce_stamp_slop;
91 static timestamp_t nonce_stamp_slop_limit;
92 static struct ref_transaction *transaction;
99 static int keepalive_in_sec = 5;
101 static struct tmp_objdir *tmp_objdir;
103 static struct proc_receive_ref {
104 unsigned int want_add:1,
109 struct proc_receive_ref *next;
112 static void proc_receive_ref_append(const char *prefix);
114 static enum deny_action parse_deny_action(const char *var, const char *value)
117 if (!strcasecmp(value, "ignore"))
119 if (!strcasecmp(value, "warn"))
121 if (!strcasecmp(value, "refuse"))
123 if (!strcasecmp(value, "updateinstead"))
124 return DENY_UPDATE_INSTEAD;
126 if (git_config_bool(var, value))
131 static int receive_pack_config(const char *var, const char *value, void *cb)
133 int status = parse_hide_refs_config(var, value, "receive");
138 if (strcmp(var, "receive.denydeletes") == 0) {
139 deny_deletes = git_config_bool(var, value);
143 if (strcmp(var, "receive.denynonfastforwards") == 0) {
144 deny_non_fast_forwards = git_config_bool(var, value);
148 if (strcmp(var, "receive.unpacklimit") == 0) {
149 receive_unpack_limit = git_config_int(var, value);
153 if (strcmp(var, "transfer.unpacklimit") == 0) {
154 transfer_unpack_limit = git_config_int(var, value);
158 if (strcmp(var, "receive.fsck.skiplist") == 0) {
161 if (git_config_pathname(&path, var, value))
163 strbuf_addf(&fsck_msg_types, "%cskiplist=%s",
164 fsck_msg_types.len ? ',' : '=', path);
169 if (skip_prefix(var, "receive.fsck.", &var)) {
170 if (is_valid_msg_type(var, value))
171 strbuf_addf(&fsck_msg_types, "%c%s=%s",
172 fsck_msg_types.len ? ',' : '=', var, value);
174 warning("Skipping unknown msg id '%s'", var);
178 if (strcmp(var, "receive.fsckobjects") == 0) {
179 receive_fsck_objects = git_config_bool(var, value);
183 if (strcmp(var, "transfer.fsckobjects") == 0) {
184 transfer_fsck_objects = git_config_bool(var, value);
188 if (!strcmp(var, "receive.denycurrentbranch")) {
189 deny_current_branch = parse_deny_action(var, value);
193 if (strcmp(var, "receive.denydeletecurrent") == 0) {
194 deny_delete_current = parse_deny_action(var, value);
198 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
199 prefer_ofs_delta = git_config_bool(var, value);
203 if (strcmp(var, "receive.updateserverinfo") == 0) {
204 auto_update_server_info = git_config_bool(var, value);
208 if (strcmp(var, "receive.autogc") == 0) {
209 auto_gc = git_config_bool(var, value);
213 if (strcmp(var, "receive.shallowupdate") == 0) {
214 shallow_update = git_config_bool(var, value);
218 if (strcmp(var, "receive.certnonceseed") == 0)
219 return git_config_string(&cert_nonce_seed, var, value);
221 if (strcmp(var, "receive.certnonceslop") == 0) {
222 nonce_stamp_slop_limit = git_config_ulong(var, value);
226 if (strcmp(var, "receive.advertiseatomic") == 0) {
227 advertise_atomic_push = git_config_bool(var, value);
231 if (strcmp(var, "receive.advertisepushoptions") == 0) {
232 advertise_push_options = git_config_bool(var, value);
236 if (strcmp(var, "receive.keepalive") == 0) {
237 keepalive_in_sec = git_config_int(var, value);
241 if (strcmp(var, "receive.maxinputsize") == 0) {
242 max_input_size = git_config_int64(var, value);
246 if (strcmp(var, "receive.procreceiverefs") == 0) {
248 return config_error_nonbool(var);
249 proc_receive_ref_append(value);
253 if (strcmp(var, "transfer.advertisesid") == 0) {
254 advertise_sid = git_config_bool(var, value);
258 return git_default_config(var, value, cb);
261 static void show_ref(const char *path, const struct object_id *oid)
263 if (sent_capabilities) {
264 packet_write_fmt(1, "%s %s\n", oid_to_hex(oid), path);
266 struct strbuf cap = STRBUF_INIT;
269 "report-status report-status-v2 delete-refs side-band-64k quiet");
270 if (advertise_atomic_push)
271 strbuf_addstr(&cap, " atomic");
272 if (prefer_ofs_delta)
273 strbuf_addstr(&cap, " ofs-delta");
275 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
276 if (advertise_push_options)
277 strbuf_addstr(&cap, " push-options");
279 strbuf_addf(&cap, " session-id=%s", trace2_session_id());
280 strbuf_addf(&cap, " object-format=%s", the_hash_algo->name);
281 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
282 packet_write_fmt(1, "%s %s%c%s\n",
283 oid_to_hex(oid), path, 0, cap.buf);
284 strbuf_release(&cap);
285 sent_capabilities = 1;
289 static int show_ref_cb(const char *path_full, const struct object_id *oid,
290 int flag, void *data)
292 struct oidset *seen = data;
293 const char *path = strip_namespace(path_full);
295 if (ref_is_hidden(path, path_full))
299 * Advertise refs outside our current namespace as ".have"
300 * refs, so that the client can use them to minimize data
301 * transfer but will otherwise ignore them.
304 if (oidset_insert(seen, oid))
308 oidset_insert(seen, oid);
314 static void show_one_alternate_ref(const struct object_id *oid,
317 struct oidset *seen = data;
319 if (oidset_insert(seen, oid))
322 show_ref(".have", oid);
325 static void write_head_info(void)
327 static struct oidset seen = OIDSET_INIT;
329 for_each_ref(show_ref_cb, &seen);
330 for_each_alternate_ref(show_one_alternate_ref, &seen);
332 if (!sent_capabilities)
333 show_ref("capabilities^{}", null_oid());
335 advertise_shallow_grafts(1);
341 #define RUN_PROC_RECEIVE_SCHEDULED 1
342 #define RUN_PROC_RECEIVE_RETURNED 2
344 struct command *next;
345 const char *error_string;
346 struct ref_push_report *report;
347 unsigned int skip_update:1,
351 struct object_id old_oid;
352 struct object_id new_oid;
353 char ref_name[FLEX_ARRAY]; /* more */
356 static void proc_receive_ref_append(const char *prefix)
358 struct proc_receive_ref *ref_pattern;
362 CALLOC_ARRAY(ref_pattern, 1);
363 p = strchr(prefix, ':');
367 ref_pattern->want_add = 1;
368 else if (*prefix == 'd')
369 ref_pattern->want_delete = 1;
370 else if (*prefix == 'm')
371 ref_pattern->want_modify = 1;
372 else if (*prefix == '!')
373 ref_pattern->negative_ref = 1;
378 ref_pattern->want_add = 1;
379 ref_pattern->want_delete = 1;
380 ref_pattern->want_modify = 1;
382 len = strlen(prefix);
383 while (len && prefix[len - 1] == '/')
385 ref_pattern->ref_prefix = xmemdupz(prefix, len);
386 if (!proc_receive_ref) {
387 proc_receive_ref = ref_pattern;
389 struct proc_receive_ref *end;
391 end = proc_receive_ref;
394 end->next = ref_pattern;
398 static int proc_receive_ref_matches(struct command *cmd)
400 struct proc_receive_ref *p;
402 if (!proc_receive_ref)
405 for (p = proc_receive_ref; p; p = p->next) {
406 const char *match = p->ref_prefix;
409 if (!p->want_add && is_null_oid(&cmd->old_oid))
411 else if (!p->want_delete && is_null_oid(&cmd->new_oid))
413 else if (!p->want_modify &&
414 !is_null_oid(&cmd->old_oid) &&
415 !is_null_oid(&cmd->new_oid))
418 if (skip_prefix(cmd->ref_name, match, &remains) &&
419 (!*remains || *remains == '/')) {
420 if (!p->negative_ref)
422 } else if (p->negative_ref) {
429 static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
430 static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
432 static void report_message(const char *prefix, const char *err, va_list params)
437 sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
438 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
439 if (sz > (sizeof(msg) - 1))
440 sz = sizeof(msg) - 1;
444 send_sideband(1, 2, msg, sz, use_sideband);
449 static void rp_warning(const char *err, ...)
452 va_start(params, err);
453 report_message("warning: ", err, params);
457 static void rp_error(const char *err, ...)
460 va_start(params, err);
461 report_message("error: ", err, params);
465 static int copy_to_sideband(int in, int out, void *arg)
468 int keepalive_active = 0;
470 if (keepalive_in_sec <= 0)
471 use_keepalive = KEEPALIVE_NEVER;
472 if (use_keepalive == KEEPALIVE_ALWAYS)
473 keepalive_active = 1;
478 if (keepalive_active) {
484 ret = poll(&pfd, 1, 1000 * keepalive_in_sec);
491 } else if (ret == 0) {
492 /* no data; send a keepalive packet */
493 static const char buf[] = "0005\1";
494 write_or_die(1, buf, sizeof(buf) - 1);
496 } /* else there is actual data to read */
499 sz = xread(in, data, sizeof(data));
503 if (use_keepalive == KEEPALIVE_AFTER_NUL && !keepalive_active) {
504 const char *p = memchr(data, '\0', sz);
507 * The NUL tells us to start sending keepalives. Make
508 * sure we send any other data we read along
511 keepalive_active = 1;
512 send_sideband(1, 2, data, p - data, use_sideband);
513 send_sideband(1, 2, p + 1, sz - (p - data + 1), use_sideband);
519 * Either we're not looking for a NUL signal, or we didn't see
520 * it yet; just pass along the data.
522 send_sideband(1, 2, data, sz, use_sideband);
528 static void hmac_hash(unsigned char *out,
529 const char *key_in, size_t key_len,
530 const char *text, size_t text_len)
532 unsigned char key[GIT_MAX_BLKSZ];
533 unsigned char k_ipad[GIT_MAX_BLKSZ];
534 unsigned char k_opad[GIT_MAX_BLKSZ];
538 /* RFC 2104 2. (1) */
539 memset(key, '\0', GIT_MAX_BLKSZ);
540 if (the_hash_algo->blksz < key_len) {
541 the_hash_algo->init_fn(&ctx);
542 the_hash_algo->update_fn(&ctx, key_in, key_len);
543 the_hash_algo->final_fn(key, &ctx);
545 memcpy(key, key_in, key_len);
548 /* RFC 2104 2. (2) & (5) */
549 for (i = 0; i < sizeof(key); i++) {
550 k_ipad[i] = key[i] ^ 0x36;
551 k_opad[i] = key[i] ^ 0x5c;
554 /* RFC 2104 2. (3) & (4) */
555 the_hash_algo->init_fn(&ctx);
556 the_hash_algo->update_fn(&ctx, k_ipad, sizeof(k_ipad));
557 the_hash_algo->update_fn(&ctx, text, text_len);
558 the_hash_algo->final_fn(out, &ctx);
560 /* RFC 2104 2. (6) & (7) */
561 the_hash_algo->init_fn(&ctx);
562 the_hash_algo->update_fn(&ctx, k_opad, sizeof(k_opad));
563 the_hash_algo->update_fn(&ctx, out, the_hash_algo->rawsz);
564 the_hash_algo->final_fn(out, &ctx);
567 static char *prepare_push_cert_nonce(const char *path, timestamp_t stamp)
569 struct strbuf buf = STRBUF_INIT;
570 unsigned char hash[GIT_MAX_RAWSZ];
572 strbuf_addf(&buf, "%s:%"PRItime, path, stamp);
573 hmac_hash(hash, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));
574 strbuf_release(&buf);
576 /* RFC 2104 5. HMAC-SHA1 or HMAC-SHA256 */
577 strbuf_addf(&buf, "%"PRItime"-%.*s", stamp, (int)the_hash_algo->hexsz, hash_to_hex(hash));
578 return strbuf_detach(&buf, NULL);
582 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
583 * after dropping "_commit" from its name and possibly moving it out
586 static char *find_header(const char *msg, size_t len, const char *key,
587 const char **next_line)
589 int key_len = strlen(key);
590 const char *line = msg;
592 while (line && line < msg + len) {
593 const char *eol = strchrnul(line, '\n');
595 if ((msg + len <= eol) || line == eol)
597 if (line + key_len < eol &&
598 !memcmp(line, key, key_len) && line[key_len] == ' ') {
599 int offset = key_len + 1;
601 *next_line = *eol ? eol + 1 : eol;
602 return xmemdupz(line + offset, (eol - line) - offset);
604 line = *eol ? eol + 1 : NULL;
610 * Return zero if a and b are equal up to n bytes and nonzero if they are not.
611 * This operation is guaranteed to run in constant time to avoid leaking data.
613 static int constant_memequal(const char *a, const char *b, size_t n)
618 for (i = 0; i < n; i++)
623 static const char *check_nonce(const char *buf, size_t len)
625 char *nonce = find_header(buf, len, "nonce", NULL);
626 timestamp_t stamp, ostamp;
627 char *bohmac, *expect = NULL;
628 const char *retval = NONCE_BAD;
632 retval = NONCE_MISSING;
634 } else if (!push_cert_nonce) {
635 retval = NONCE_UNSOLICITED;
637 } else if (!strcmp(push_cert_nonce, nonce)) {
642 if (!stateless_rpc) {
643 /* returned nonce MUST match what we gave out earlier */
649 * In stateless mode, we may be receiving a nonce issued by
650 * another instance of the server that serving the same
651 * repository, and the timestamps may not match, but the
652 * nonce-seed and dir should match, so we can recompute and
653 * report the time slop.
655 * In addition, when a nonce issued by another instance has
656 * timestamp within receive.certnonceslop seconds, we pretend
657 * as if we issued that nonce when reporting to the hook.
660 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
661 if (*nonce <= '0' || '9' < *nonce) {
665 stamp = parse_timestamp(nonce, &bohmac, 10);
666 if (bohmac == nonce || bohmac[0] != '-') {
671 noncelen = strlen(nonce);
672 expect = prepare_push_cert_nonce(service_dir, stamp);
673 if (noncelen != strlen(expect)) {
674 /* This is not even the right size. */
678 if (constant_memequal(expect, nonce, noncelen)) {
679 /* Not what we would have signed earlier */
685 * By how many seconds is this nonce stale? Negative value
686 * would mean it was issued by another server with its clock
687 * skewed in the future.
689 ostamp = parse_timestamp(push_cert_nonce, NULL, 10);
690 nonce_stamp_slop = (long)ostamp - (long)stamp;
692 if (nonce_stamp_slop_limit &&
693 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
695 * Pretend as if the received nonce (which passes the
696 * HMAC check, so it is not a forged by third-party)
699 free((void *)push_cert_nonce);
700 push_cert_nonce = xstrdup(nonce);
713 * Return 1 if there is no push_cert or if the push options in push_cert are
714 * the same as those in the argument; 0 otherwise.
716 static int check_cert_push_options(const struct string_list *push_options)
718 const char *buf = push_cert.buf;
719 int len = push_cert.len;
722 const char *next_line;
723 int options_seen = 0;
730 while ((option = find_header(buf, len, "push-option", &next_line))) {
731 len -= (next_line - buf);
734 if (options_seen > push_options->nr
736 push_options->items[options_seen - 1].string)) {
743 if (options_seen != push_options->nr)
751 static void prepare_push_cert_sha1(struct child_process *proc)
753 static int already_done;
759 int bogs /* beginning_of_gpg_sig */;
762 if (write_object_file(push_cert.buf, push_cert.len, "blob",
764 oidclr(&push_cert_oid);
766 memset(&sigcheck, '\0', sizeof(sigcheck));
768 bogs = parse_signed_buffer(push_cert.buf, push_cert.len);
769 check_signature(push_cert.buf, bogs, push_cert.buf + bogs,
770 push_cert.len - bogs, &sigcheck);
772 nonce_status = check_nonce(push_cert.buf, bogs);
774 if (!is_null_oid(&push_cert_oid)) {
775 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT=%s",
776 oid_to_hex(&push_cert_oid));
777 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT_SIGNER=%s",
778 sigcheck.signer ? sigcheck.signer : "");
779 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT_KEY=%s",
780 sigcheck.key ? sigcheck.key : "");
781 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT_STATUS=%c",
783 if (push_cert_nonce) {
784 strvec_pushf(&proc->env_array,
785 "GIT_PUSH_CERT_NONCE=%s",
787 strvec_pushf(&proc->env_array,
788 "GIT_PUSH_CERT_NONCE_STATUS=%s",
790 if (nonce_status == NONCE_SLOP)
791 strvec_pushf(&proc->env_array,
792 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
798 struct receive_hook_feed_state {
800 struct ref_push_report *report;
803 const struct string_list *push_options;
806 typedef int (*feed_fn)(void *, const char **, size_t *);
807 static int run_and_feed_hook(const char *hook_name, feed_fn feed,
808 struct receive_hook_feed_state *feed_state)
810 struct child_process proc = CHILD_PROCESS_INIT;
815 argv[0] = find_hook(hook_name);
823 proc.stdout_to_stderr = 1;
824 proc.trace2_hook_name = hook_name;
826 if (feed_state->push_options) {
828 for (i = 0; i < feed_state->push_options->nr; i++)
829 strvec_pushf(&proc.env_array,
830 "GIT_PUSH_OPTION_%d=%s", i,
831 feed_state->push_options->items[i].string);
832 strvec_pushf(&proc.env_array, "GIT_PUSH_OPTION_COUNT=%d",
833 feed_state->push_options->nr);
835 strvec_pushf(&proc.env_array, "GIT_PUSH_OPTION_COUNT");
838 strvec_pushv(&proc.env_array, tmp_objdir_env(tmp_objdir));
841 memset(&muxer, 0, sizeof(muxer));
842 muxer.proc = copy_to_sideband;
844 code = start_async(&muxer);
850 prepare_push_cert_sha1(&proc);
852 code = start_command(&proc);
855 finish_async(&muxer);
859 sigchain_push(SIGPIPE, SIG_IGN);
864 if (feed(feed_state, &buf, &n))
866 if (write_in_full(proc.in, buf, n) < 0)
871 finish_async(&muxer);
873 sigchain_pop(SIGPIPE);
875 return finish_command(&proc);
878 static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
880 struct receive_hook_feed_state *state = state_;
881 struct command *cmd = state->cmd;
884 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
889 return 0; /* OK, can feed something. */
890 strbuf_reset(&state->buf);
892 state->report = cmd->report;
894 struct object_id *old_oid;
895 struct object_id *new_oid;
896 const char *ref_name;
898 old_oid = state->report->old_oid ? state->report->old_oid : &cmd->old_oid;
899 new_oid = state->report->new_oid ? state->report->new_oid : &cmd->new_oid;
900 ref_name = state->report->ref_name ? state->report->ref_name : cmd->ref_name;
901 strbuf_addf(&state->buf, "%s %s %s\n",
902 oid_to_hex(old_oid), oid_to_hex(new_oid),
904 state->report = state->report->next;
906 state->cmd = cmd->next;
908 strbuf_addf(&state->buf, "%s %s %s\n",
909 oid_to_hex(&cmd->old_oid), oid_to_hex(&cmd->new_oid),
911 state->cmd = cmd->next;
914 *bufp = state->buf.buf;
915 *sizep = state->buf.len;
920 static int run_receive_hook(struct command *commands,
921 const char *hook_name,
923 const struct string_list *push_options)
925 struct receive_hook_feed_state state;
928 strbuf_init(&state.buf, 0);
929 state.cmd = commands;
930 state.skip_broken = skip_broken;
932 if (feed_receive_hook(&state, NULL, NULL))
934 state.cmd = commands;
935 state.push_options = push_options;
936 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
937 strbuf_release(&state.buf);
941 static int run_update_hook(struct command *cmd)
944 struct child_process proc = CHILD_PROCESS_INIT;
947 argv[0] = find_hook("update");
951 argv[1] = cmd->ref_name;
952 argv[2] = oid_to_hex(&cmd->old_oid);
953 argv[3] = oid_to_hex(&cmd->new_oid);
957 proc.stdout_to_stderr = 1;
958 proc.err = use_sideband ? -1 : 0;
960 proc.trace2_hook_name = "update";
962 code = start_command(&proc);
966 copy_to_sideband(proc.err, -1, NULL);
967 return finish_command(&proc);
970 static struct command *find_command_by_refname(struct command *list,
973 for (; list; list = list->next)
974 if (!strcmp(list->ref_name, refname))
979 static int read_proc_receive_report(struct packet_reader *reader,
980 struct command *commands,
981 struct strbuf *errmsg)
984 struct command *hint = NULL;
985 struct ref_push_report *report = NULL;
992 struct object_id old_oid, new_oid;
996 enum packet_read_status status;
998 status = packet_reader_read(reader);
999 if (status != PACKET_READ_NORMAL) {
1000 /* Check whether proc-receive exited abnormally */
1001 if (status == PACKET_READ_EOF && !response) {
1002 strbuf_addstr(errmsg, "proc-receive exited abnormally");
1009 head = reader->line;
1010 p = strchr(head, ' ');
1012 strbuf_addf(errmsg, "proc-receive reported incomplete status line: '%s'\n", head);
1017 if (!strcmp(head, "option")) {
1018 const char *key, *val;
1020 if (!hint || !(report || new_report)) {
1022 strbuf_addstr(errmsg, "proc-receive reported 'option' without a matching 'ok/ng' directive\n");
1027 if (!hint->report) {
1028 CALLOC_ARRAY(hint->report, 1);
1029 report = hint->report;
1031 report = hint->report;
1032 while (report->next)
1033 report = report->next;
1034 report->next = xcalloc(1, sizeof(struct ref_push_report));
1035 report = report->next;
1040 p = strchr(key, ' ');
1044 if (!strcmp(key, "refname"))
1045 report->ref_name = xstrdup_or_null(val);
1046 else if (!strcmp(key, "old-oid") && val &&
1047 !parse_oid_hex(val, &old_oid, &val))
1048 report->old_oid = oiddup(&old_oid);
1049 else if (!strcmp(key, "new-oid") && val &&
1050 !parse_oid_hex(val, &new_oid, &val))
1051 report->new_oid = oiddup(&new_oid);
1052 else if (!strcmp(key, "forced-update"))
1053 report->forced_update = 1;
1054 else if (!strcmp(key, "fall-through"))
1055 /* Fall through, let 'receive-pack' to execute it. */
1056 hint->run_proc_receive = 0;
1063 p = strchr(refname, ' ');
1066 if (strcmp(head, "ok") && strcmp(head, "ng")) {
1067 strbuf_addf(errmsg, "proc-receive reported bad status '%s' on ref '%s'\n",
1073 /* first try searching at our hint, falling back to all refs */
1075 hint = find_command_by_refname(hint, refname);
1077 hint = find_command_by_refname(commands, refname);
1079 strbuf_addf(errmsg, "proc-receive reported status on unknown ref: %s\n",
1084 if (!hint->run_proc_receive) {
1085 strbuf_addf(errmsg, "proc-receive reported status on unexpected ref: %s\n",
1090 hint->run_proc_receive |= RUN_PROC_RECEIVE_RETURNED;
1091 if (!strcmp(head, "ng")) {
1093 hint->error_string = xstrdup(p);
1095 hint->error_string = "failed";
1102 for (cmd = commands; cmd; cmd = cmd->next)
1103 if (cmd->run_proc_receive && !cmd->error_string &&
1104 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED)) {
1105 cmd->error_string = "proc-receive failed to report status";
1111 static int run_proc_receive_hook(struct command *commands,
1112 const struct string_list *push_options)
1114 struct child_process proc = CHILD_PROCESS_INIT;
1116 struct command *cmd;
1117 const char *argv[2];
1118 struct packet_reader reader;
1119 struct strbuf cap = STRBUF_INIT;
1120 struct strbuf errmsg = STRBUF_INIT;
1121 int hook_use_push_options = 0;
1125 argv[0] = find_hook("proc-receive");
1127 rp_error("cannot find hook 'proc-receive'");
1135 proc.trace2_hook_name = "proc-receive";
1138 memset(&muxer, 0, sizeof(muxer));
1139 muxer.proc = copy_to_sideband;
1141 code = start_async(&muxer);
1144 proc.err = muxer.in;
1149 code = start_command(&proc);
1152 finish_async(&muxer);
1156 sigchain_push(SIGPIPE, SIG_IGN);
1158 /* Version negotiaton */
1159 packet_reader_init(&reader, proc.out, NULL, 0,
1160 PACKET_READ_CHOMP_NEWLINE |
1161 PACKET_READ_GENTLE_ON_EOF);
1163 strbuf_addstr(&cap, " atomic");
1164 if (use_push_options)
1165 strbuf_addstr(&cap, " push-options");
1167 code = packet_write_fmt_gently(proc.in, "version=1%c%s\n", '\0', cap.buf + 1);
1168 strbuf_release(&cap);
1170 code = packet_write_fmt_gently(proc.in, "version=1\n");
1173 code = packet_flush_gently(proc.in);
1178 enum packet_read_status status;
1180 status = packet_reader_read(&reader);
1181 if (status != PACKET_READ_NORMAL) {
1182 /* Check whether proc-receive exited abnormally */
1183 if (status == PACKET_READ_EOF)
1188 if (reader.pktlen > 8 && starts_with(reader.line, "version=")) {
1189 version = atoi(reader.line + 8);
1190 linelen = strlen(reader.line);
1191 if (linelen < reader.pktlen) {
1192 const char *feature_list = reader.line + linelen + 1;
1193 if (parse_feature_request(feature_list, "push-options"))
1194 hook_use_push_options = 1;
1200 strbuf_addstr(&errmsg, "fail to negotiate version with proc-receive hook");
1210 strbuf_addf(&errmsg, "proc-receive version '%d' is not supported",
1217 for (cmd = commands; cmd; cmd = cmd->next) {
1218 if (!cmd->run_proc_receive || cmd->skip_update || cmd->error_string)
1220 code = packet_write_fmt_gently(proc.in, "%s %s %s",
1221 oid_to_hex(&cmd->old_oid),
1222 oid_to_hex(&cmd->new_oid),
1228 code = packet_flush_gently(proc.in);
1230 strbuf_addstr(&errmsg, "fail to write commands to proc-receive hook");
1234 /* Send push options */
1235 if (hook_use_push_options) {
1236 struct string_list_item *item;
1238 for_each_string_list_item(item, push_options) {
1239 code = packet_write_fmt_gently(proc.in, "%s", item->string);
1244 code = packet_flush_gently(proc.in);
1246 strbuf_addstr(&errmsg,
1247 "fail to write push-options to proc-receive hook");
1252 /* Read result from proc-receive */
1253 code = read_proc_receive_report(&reader, commands, &errmsg);
1259 finish_async(&muxer);
1260 if (finish_command(&proc))
1262 if (errmsg.len >0) {
1263 char *p = errmsg.buf;
1265 p += errmsg.len - 1;
1268 rp_error("%s", errmsg.buf);
1269 strbuf_release(&errmsg);
1271 sigchain_pop(SIGPIPE);
1276 static char *refuse_unconfigured_deny_msg =
1277 N_("By default, updating the current branch in a non-bare repository\n"
1278 "is denied, because it will make the index and work tree inconsistent\n"
1279 "with what you pushed, and will require 'git reset --hard' to match\n"
1280 "the work tree to HEAD.\n"
1282 "You can set the 'receive.denyCurrentBranch' configuration variable\n"
1283 "to 'ignore' or 'warn' in the remote repository to allow pushing into\n"
1284 "its current branch; however, this is not recommended unless you\n"
1285 "arranged to update its work tree to match what you pushed in some\n"
1288 "To squelch this message and still keep the default behaviour, set\n"
1289 "'receive.denyCurrentBranch' configuration variable to 'refuse'.");
1291 static void refuse_unconfigured_deny(void)
1293 rp_error("%s", _(refuse_unconfigured_deny_msg));
1296 static char *refuse_unconfigured_deny_delete_current_msg =
1297 N_("By default, deleting the current branch is denied, because the next\n"
1298 "'git clone' won't result in any file checked out, causing confusion.\n"
1300 "You can set 'receive.denyDeleteCurrent' configuration variable to\n"
1301 "'warn' or 'ignore' in the remote repository to allow deleting the\n"
1302 "current branch, with or without a warning message.\n"
1304 "To squelch this message, you can set it to 'refuse'.");
1306 static void refuse_unconfigured_deny_delete_current(void)
1308 rp_error("%s", _(refuse_unconfigured_deny_delete_current_msg));
1311 static int command_singleton_iterator(void *cb_data, struct object_id *oid);
1312 static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
1314 struct shallow_lock shallow_lock = SHALLOW_LOCK_INIT;
1315 struct oid_array extra = OID_ARRAY_INIT;
1316 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1317 uint32_t mask = 1 << (cmd->index % 32);
1320 trace_printf_key(&trace_shallow,
1321 "shallow: update_shallow_ref %s\n", cmd->ref_name);
1322 for (i = 0; i < si->shallow->nr; i++)
1323 if (si->used_shallow[i] &&
1324 (si->used_shallow[i][cmd->index / 32] & mask) &&
1325 !delayed_reachability_test(si, i))
1326 oid_array_append(&extra, &si->shallow->oid[i]);
1328 opt.env = tmp_objdir_env(tmp_objdir);
1329 setup_alternate_shallow(&shallow_lock, &opt.shallow_file, &extra);
1330 if (check_connected(command_singleton_iterator, cmd, &opt)) {
1331 rollback_shallow_file(the_repository, &shallow_lock);
1332 oid_array_clear(&extra);
1336 commit_shallow_file(the_repository, &shallow_lock);
1339 * Make sure setup_alternate_shallow() for the next ref does
1340 * not lose these new roots..
1342 for (i = 0; i < extra.nr; i++)
1343 register_shallow(the_repository, &extra.oid[i]);
1345 si->shallow_ref[cmd->index] = 0;
1346 oid_array_clear(&extra);
1351 * NEEDSWORK: we should consolidate various implementions of "are we
1352 * on an unborn branch?" test into one, and make the unified one more
1353 * robust. !get_sha1() based check used here and elsewhere would not
1354 * allow us to tell an unborn branch from corrupt ref, for example.
1355 * For the purpose of fixing "deploy-to-update does not work when
1356 * pushing into an empty repository" issue, this should suffice for
1359 static int head_has_history(void)
1361 struct object_id oid;
1363 return !get_oid("HEAD", &oid);
1366 static const char *push_to_deploy(unsigned char *sha1,
1368 const char *work_tree)
1370 const char *update_refresh[] = {
1371 "update-index", "-q", "--ignore-submodules", "--refresh", NULL
1373 const char *diff_files[] = {
1374 "diff-files", "--quiet", "--ignore-submodules", "--", NULL
1376 const char *diff_index[] = {
1377 "diff-index", "--quiet", "--cached", "--ignore-submodules",
1380 const char *read_tree[] = {
1381 "read-tree", "-u", "-m", NULL, NULL
1383 struct child_process child = CHILD_PROCESS_INIT;
1385 child.argv = update_refresh;
1387 child.dir = work_tree;
1389 child.stdout_to_stderr = 1;
1391 if (run_command(&child))
1392 return "Up-to-date check failed";
1394 /* run_command() does not clean up completely; reinitialize */
1395 child_process_init(&child);
1396 child.argv = diff_files;
1398 child.dir = work_tree;
1400 child.stdout_to_stderr = 1;
1402 if (run_command(&child))
1403 return "Working directory has unstaged changes";
1405 /* diff-index with either HEAD or an empty tree */
1406 diff_index[4] = head_has_history() ? "HEAD" : empty_tree_oid_hex();
1408 child_process_init(&child);
1409 child.argv = diff_index;
1412 child.no_stdout = 1;
1413 child.stdout_to_stderr = 0;
1415 if (run_command(&child))
1416 return "Working directory has staged changes";
1418 read_tree[3] = hash_to_hex(sha1);
1419 child_process_init(&child);
1420 child.argv = read_tree;
1422 child.dir = work_tree;
1424 child.no_stdout = 1;
1425 child.stdout_to_stderr = 0;
1427 if (run_command(&child))
1428 return "Could not update working tree to new HEAD";
1433 static const char *push_to_checkout_hook = "push-to-checkout";
1435 static const char *push_to_checkout(unsigned char *hash,
1437 const char *work_tree)
1439 struct run_hooks_opt opt = RUN_HOOKS_OPT_INIT;
1441 strvec_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
1442 strvec_pushv(&opt.env, env->v);
1443 strvec_push(&opt.args, hash_to_hex(hash));
1444 if (run_hooks(push_to_checkout_hook, &opt)) {
1445 run_hooks_opt_clear(&opt);
1446 return "push-to-checkout hook declined";
1448 run_hooks_opt_clear(&opt);
1453 static const char *update_worktree(unsigned char *sha1, const struct worktree *worktree)
1455 const char *retval, *work_tree, *git_dir = NULL;
1456 struct strvec env = STRVEC_INIT;
1458 if (worktree && worktree->path)
1459 work_tree = worktree->path;
1460 else if (git_work_tree_cfg)
1461 work_tree = git_work_tree_cfg;
1465 if (is_bare_repository())
1466 return "denyCurrentBranch = updateInstead needs a worktree";
1468 git_dir = get_worktree_git_dir(worktree);
1470 git_dir = get_git_dir();
1472 strvec_pushf(&env, "GIT_DIR=%s", absolute_path(git_dir));
1474 if (!hook_exists(push_to_checkout_hook))
1475 retval = push_to_deploy(sha1, &env, work_tree);
1477 retval = push_to_checkout(sha1, &env, work_tree);
1483 static const char *update(struct command *cmd, struct shallow_info *si)
1485 const char *name = cmd->ref_name;
1486 struct strbuf namespaced_name_buf = STRBUF_INIT;
1487 static char *namespaced_name;
1489 struct object_id *old_oid = &cmd->old_oid;
1490 struct object_id *new_oid = &cmd->new_oid;
1491 int do_update_worktree = 0;
1492 const struct worktree *worktree = is_bare_repository() ? NULL : find_shared_symref("HEAD", name);
1494 /* only refs/... are allowed */
1495 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
1496 rp_error("refusing to create funny ref '%s' remotely", name);
1497 return "funny refname";
1500 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
1501 free(namespaced_name);
1502 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
1505 switch (deny_current_branch) {
1509 rp_warning("updating the current branch");
1512 case DENY_UNCONFIGURED:
1513 rp_error("refusing to update checked out branch: %s", name);
1514 if (deny_current_branch == DENY_UNCONFIGURED)
1515 refuse_unconfigured_deny();
1516 return "branch is currently checked out";
1517 case DENY_UPDATE_INSTEAD:
1518 /* pass -- let other checks intervene first */
1519 do_update_worktree = 1;
1524 if (!is_null_oid(new_oid) && !has_object_file(new_oid)) {
1525 error("unpack should have generated %s, "
1526 "but I can't find it!", oid_to_hex(new_oid));
1530 if (!is_null_oid(old_oid) && is_null_oid(new_oid)) {
1531 if (deny_deletes && starts_with(name, "refs/heads/")) {
1532 rp_error("denying ref deletion for %s", name);
1533 return "deletion prohibited";
1536 if (worktree || (head_name && !strcmp(namespaced_name, head_name))) {
1537 switch (deny_delete_current) {
1541 rp_warning("deleting the current branch");
1544 case DENY_UNCONFIGURED:
1545 case DENY_UPDATE_INSTEAD:
1546 if (deny_delete_current == DENY_UNCONFIGURED)
1547 refuse_unconfigured_deny_delete_current();
1548 rp_error("refusing to delete the current branch: %s", name);
1549 return "deletion of the current branch prohibited";
1551 return "Invalid denyDeleteCurrent setting";
1556 if (deny_non_fast_forwards && !is_null_oid(new_oid) &&
1557 !is_null_oid(old_oid) &&
1558 starts_with(name, "refs/heads/")) {
1559 struct object *old_object, *new_object;
1560 struct commit *old_commit, *new_commit;
1562 old_object = parse_object(the_repository, old_oid);
1563 new_object = parse_object(the_repository, new_oid);
1565 if (!old_object || !new_object ||
1566 old_object->type != OBJ_COMMIT ||
1567 new_object->type != OBJ_COMMIT) {
1568 error("bad sha1 objects for %s", name);
1571 old_commit = (struct commit *)old_object;
1572 new_commit = (struct commit *)new_object;
1573 if (!in_merge_bases(old_commit, new_commit)) {
1574 rp_error("denying non-fast-forward %s"
1575 " (you should pull first)", name);
1576 return "non-fast-forward";
1579 if (run_update_hook(cmd)) {
1580 rp_error("hook declined to update %s", name);
1581 return "hook declined";
1584 if (do_update_worktree) {
1585 ret = update_worktree(new_oid->hash, find_shared_symref("HEAD", name));
1590 if (is_null_oid(new_oid)) {
1591 struct strbuf err = STRBUF_INIT;
1592 if (!parse_object(the_repository, old_oid)) {
1594 if (ref_exists(name)) {
1595 rp_warning("Allowing deletion of corrupt ref.");
1597 rp_warning("Deleting a non-existent ref.");
1598 cmd->did_not_exist = 1;
1601 if (ref_transaction_delete(transaction,
1605 rp_error("%s", err.buf);
1606 strbuf_release(&err);
1607 return "failed to delete";
1609 strbuf_release(&err);
1610 return NULL; /* good */
1613 struct strbuf err = STRBUF_INIT;
1614 if (shallow_update && si->shallow_ref[cmd->index] &&
1615 update_shallow_ref(cmd, si))
1616 return "shallow error";
1618 if (ref_transaction_update(transaction,
1623 rp_error("%s", err.buf);
1624 strbuf_release(&err);
1626 return "failed to update ref";
1628 strbuf_release(&err);
1630 return NULL; /* good */
1634 static void run_update_post_hook(struct command *commands)
1636 struct command *cmd;
1637 struct child_process proc = CHILD_PROCESS_INIT;
1640 hook = find_hook("post-update");
1644 for (cmd = commands; cmd; cmd = cmd->next) {
1645 if (cmd->error_string || cmd->did_not_exist)
1648 strvec_push(&proc.args, hook);
1649 strvec_push(&proc.args, cmd->ref_name);
1655 proc.stdout_to_stderr = 1;
1656 proc.err = use_sideband ? -1 : 0;
1657 proc.trace2_hook_name = "post-update";
1659 if (!start_command(&proc)) {
1661 copy_to_sideband(proc.err, -1, NULL);
1662 finish_command(&proc);
1666 static void check_aliased_update_internal(struct command *cmd,
1667 struct string_list *list,
1668 const char *dst_name, int flag)
1670 struct string_list_item *item;
1671 struct command *dst_cmd;
1673 if (!(flag & REF_ISSYMREF))
1677 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1678 cmd->skip_update = 1;
1679 cmd->error_string = "broken symref";
1682 dst_name = strip_namespace(dst_name);
1684 if ((item = string_list_lookup(list, dst_name)) == NULL)
1687 cmd->skip_update = 1;
1689 dst_cmd = (struct command *) item->util;
1691 if (oideq(&cmd->old_oid, &dst_cmd->old_oid) &&
1692 oideq(&cmd->new_oid, &dst_cmd->new_oid))
1695 dst_cmd->skip_update = 1;
1697 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1698 " its target '%s' (%s..%s)",
1700 find_unique_abbrev(&cmd->old_oid, DEFAULT_ABBREV),
1701 find_unique_abbrev(&cmd->new_oid, DEFAULT_ABBREV),
1703 find_unique_abbrev(&dst_cmd->old_oid, DEFAULT_ABBREV),
1704 find_unique_abbrev(&dst_cmd->new_oid, DEFAULT_ABBREV));
1706 cmd->error_string = dst_cmd->error_string =
1707 "inconsistent aliased update";
1710 static void check_aliased_update(struct command *cmd, struct string_list *list)
1712 struct strbuf buf = STRBUF_INIT;
1713 const char *dst_name;
1716 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1717 dst_name = resolve_ref_unsafe(buf.buf, 0, NULL, &flag);
1718 check_aliased_update_internal(cmd, list, dst_name, flag);
1719 strbuf_release(&buf);
1722 static void check_aliased_updates(struct command *commands)
1724 struct command *cmd;
1725 struct string_list ref_list = STRING_LIST_INIT_NODUP;
1727 for (cmd = commands; cmd; cmd = cmd->next) {
1728 struct string_list_item *item =
1729 string_list_append(&ref_list, cmd->ref_name);
1730 item->util = (void *)cmd;
1732 string_list_sort(&ref_list);
1734 for (cmd = commands; cmd; cmd = cmd->next) {
1735 if (!cmd->error_string)
1736 check_aliased_update(cmd, &ref_list);
1739 string_list_clear(&ref_list, 0);
1742 static int command_singleton_iterator(void *cb_data, struct object_id *oid)
1744 struct command **cmd_list = cb_data;
1745 struct command *cmd = *cmd_list;
1747 if (!cmd || is_null_oid(&cmd->new_oid))
1748 return -1; /* end of list */
1749 *cmd_list = NULL; /* this returns only one */
1750 oidcpy(oid, &cmd->new_oid);
1754 static void set_connectivity_errors(struct command *commands,
1755 struct shallow_info *si)
1757 struct command *cmd;
1759 for (cmd = commands; cmd; cmd = cmd->next) {
1760 struct command *singleton = cmd;
1761 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1763 if (shallow_update && si->shallow_ref[cmd->index])
1764 /* to be checked in update_shallow_ref() */
1767 opt.env = tmp_objdir_env(tmp_objdir);
1768 if (!check_connected(command_singleton_iterator, &singleton,
1772 cmd->error_string = "missing necessary objects";
1776 struct iterate_data {
1777 struct command *cmds;
1778 struct shallow_info *si;
1781 static int iterate_receive_command_list(void *cb_data, struct object_id *oid)
1783 struct iterate_data *data = cb_data;
1784 struct command **cmd_list = &data->cmds;
1785 struct command *cmd = *cmd_list;
1787 for (; cmd; cmd = cmd->next) {
1788 if (shallow_update && data->si->shallow_ref[cmd->index])
1789 /* to be checked in update_shallow_ref() */
1791 if (!is_null_oid(&cmd->new_oid) && !cmd->skip_update) {
1792 oidcpy(oid, &cmd->new_oid);
1793 *cmd_list = cmd->next;
1798 return -1; /* end of list */
1801 static void reject_updates_to_hidden(struct command *commands)
1803 struct strbuf refname_full = STRBUF_INIT;
1805 struct command *cmd;
1807 strbuf_addstr(&refname_full, get_git_namespace());
1808 prefix_len = refname_full.len;
1810 for (cmd = commands; cmd; cmd = cmd->next) {
1811 if (cmd->error_string)
1814 strbuf_setlen(&refname_full, prefix_len);
1815 strbuf_addstr(&refname_full, cmd->ref_name);
1817 if (!ref_is_hidden(cmd->ref_name, refname_full.buf))
1819 if (is_null_oid(&cmd->new_oid))
1820 cmd->error_string = "deny deleting a hidden ref";
1822 cmd->error_string = "deny updating a hidden ref";
1825 strbuf_release(&refname_full);
1828 static int should_process_cmd(struct command *cmd)
1830 return !cmd->error_string && !cmd->skip_update;
1833 static void warn_if_skipped_connectivity_check(struct command *commands,
1834 struct shallow_info *si)
1836 struct command *cmd;
1837 int checked_connectivity = 1;
1839 for (cmd = commands; cmd; cmd = cmd->next) {
1840 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index]) {
1841 error("BUG: connectivity check has not been run on ref %s",
1843 checked_connectivity = 0;
1846 if (!checked_connectivity)
1847 BUG("connectivity check skipped???");
1850 static void execute_commands_non_atomic(struct command *commands,
1851 struct shallow_info *si)
1853 struct command *cmd;
1854 struct strbuf err = STRBUF_INIT;
1856 for (cmd = commands; cmd; cmd = cmd->next) {
1857 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
1860 transaction = ref_transaction_begin(&err);
1862 rp_error("%s", err.buf);
1864 cmd->error_string = "transaction failed to start";
1868 cmd->error_string = update(cmd, si);
1870 if (!cmd->error_string
1871 && ref_transaction_commit(transaction, &err)) {
1872 rp_error("%s", err.buf);
1874 cmd->error_string = "failed to update ref";
1876 ref_transaction_free(transaction);
1878 strbuf_release(&err);
1881 static void execute_commands_atomic(struct command *commands,
1882 struct shallow_info *si)
1884 struct command *cmd;
1885 struct strbuf err = STRBUF_INIT;
1886 const char *reported_error = "atomic push failure";
1888 transaction = ref_transaction_begin(&err);
1890 rp_error("%s", err.buf);
1892 reported_error = "transaction failed to start";
1896 for (cmd = commands; cmd; cmd = cmd->next) {
1897 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
1900 cmd->error_string = update(cmd, si);
1902 if (cmd->error_string)
1906 if (ref_transaction_commit(transaction, &err)) {
1907 rp_error("%s", err.buf);
1908 reported_error = "atomic transaction failed";
1914 for (cmd = commands; cmd; cmd = cmd->next)
1915 if (!cmd->error_string)
1916 cmd->error_string = reported_error;
1919 ref_transaction_free(transaction);
1920 strbuf_release(&err);
1923 static void execute_commands(struct command *commands,
1924 const char *unpacker_error,
1925 struct shallow_info *si,
1926 const struct string_list *push_options)
1928 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1929 struct command *cmd;
1930 struct iterate_data data;
1933 int run_proc_receive = 0;
1935 if (unpacker_error) {
1936 for (cmd = commands; cmd; cmd = cmd->next)
1937 cmd->error_string = "unpacker error";
1942 memset(&muxer, 0, sizeof(muxer));
1943 muxer.proc = copy_to_sideband;
1945 if (!start_async(&muxer))
1947 /* ...else, continue without relaying sideband */
1950 data.cmds = commands;
1952 opt.err_fd = err_fd;
1953 opt.progress = err_fd && !quiet;
1954 opt.env = tmp_objdir_env(tmp_objdir);
1955 if (check_connected(iterate_receive_command_list, &data, &opt))
1956 set_connectivity_errors(commands, si);
1959 finish_async(&muxer);
1961 reject_updates_to_hidden(commands);
1964 * Try to find commands that have special prefix in their reference names,
1965 * and mark them to run an external "proc-receive" hook later.
1967 if (proc_receive_ref) {
1968 for (cmd = commands; cmd; cmd = cmd->next) {
1969 if (!should_process_cmd(cmd))
1972 if (proc_receive_ref_matches(cmd)) {
1973 cmd->run_proc_receive = RUN_PROC_RECEIVE_SCHEDULED;
1974 run_proc_receive = 1;
1979 if (run_receive_hook(commands, "pre-receive", 0, push_options)) {
1980 for (cmd = commands; cmd; cmd = cmd->next) {
1981 if (!cmd->error_string)
1982 cmd->error_string = "pre-receive hook declined";
1988 * Now we'll start writing out refs, which means the objects need
1989 * to be in their final positions so that other processes can see them.
1991 if (tmp_objdir_migrate(tmp_objdir) < 0) {
1992 for (cmd = commands; cmd; cmd = cmd->next) {
1993 if (!cmd->error_string)
1994 cmd->error_string = "unable to migrate objects to permanent storage";
2000 check_aliased_updates(commands);
2002 free(head_name_to_free);
2003 head_name = head_name_to_free = resolve_refdup("HEAD", 0, NULL, NULL);
2005 if (run_proc_receive &&
2006 run_proc_receive_hook(commands, push_options))
2007 for (cmd = commands; cmd; cmd = cmd->next)
2008 if (!cmd->error_string &&
2009 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED) &&
2010 (cmd->run_proc_receive || use_atomic))
2011 cmd->error_string = "fail to run proc-receive hook";
2014 execute_commands_atomic(commands, si);
2016 execute_commands_non_atomic(commands, si);
2019 warn_if_skipped_connectivity_check(commands, si);
2022 static struct command **queue_command(struct command **tail,
2026 struct object_id old_oid, new_oid;
2027 struct command *cmd;
2028 const char *refname;
2032 if (parse_oid_hex(line, &old_oid, &p) ||
2034 parse_oid_hex(p, &new_oid, &p) ||
2036 die("protocol error: expected old/new/ref, got '%s'", line);
2039 reflen = linelen - (p - line);
2040 FLEX_ALLOC_MEM(cmd, ref_name, refname, reflen);
2041 oidcpy(&cmd->old_oid, &old_oid);
2042 oidcpy(&cmd->new_oid, &new_oid);
2047 static void queue_commands_from_cert(struct command **tail,
2048 struct strbuf *push_cert)
2050 const char *boc, *eoc;
2053 die("protocol error: got both push certificate and unsigned commands");
2055 boc = strstr(push_cert->buf, "\n\n");
2057 die("malformed push certificate %.*s", 100, push_cert->buf);
2060 eoc = push_cert->buf + parse_signed_buffer(push_cert->buf, push_cert->len);
2063 const char *eol = memchr(boc, '\n', eoc - boc);
2064 tail = queue_command(tail, boc, eol ? eol - boc : eoc - boc);
2065 boc = eol ? eol + 1 : eoc;
2069 static struct command *read_head_info(struct packet_reader *reader,
2070 struct oid_array *shallow)
2072 struct command *commands = NULL;
2073 struct command **p = &commands;
2077 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
2080 if (reader->pktlen > 8 && starts_with(reader->line, "shallow ")) {
2081 struct object_id oid;
2082 if (get_oid_hex(reader->line + 8, &oid))
2083 die("protocol error: expected shallow sha, got '%s'",
2085 oid_array_append(shallow, &oid);
2089 linelen = strlen(reader->line);
2090 if (linelen < reader->pktlen) {
2091 const char *feature_list = reader->line + linelen + 1;
2092 const char *hash = NULL;
2093 const char *client_sid;
2095 if (parse_feature_request(feature_list, "report-status"))
2097 if (parse_feature_request(feature_list, "report-status-v2"))
2098 report_status_v2 = 1;
2099 if (parse_feature_request(feature_list, "side-band-64k"))
2100 use_sideband = LARGE_PACKET_MAX;
2101 if (parse_feature_request(feature_list, "quiet"))
2103 if (advertise_atomic_push
2104 && parse_feature_request(feature_list, "atomic"))
2106 if (advertise_push_options
2107 && parse_feature_request(feature_list, "push-options"))
2108 use_push_options = 1;
2109 hash = parse_feature_value(feature_list, "object-format", &len, NULL);
2111 hash = hash_algos[GIT_HASH_SHA1].name;
2114 if (xstrncmpz(the_hash_algo->name, hash, len))
2115 die("error: unsupported object format '%s'", hash);
2116 client_sid = parse_feature_value(feature_list, "session-id", &len, NULL);
2118 char *sid = xstrndup(client_sid, len);
2119 trace2_data_string("transfer", NULL, "client-sid", client_sid);
2124 if (!strcmp(reader->line, "push-cert")) {
2126 int saved_options = reader->options;
2127 reader->options &= ~PACKET_READ_CHOMP_NEWLINE;
2130 packet_reader_read(reader);
2131 if (reader->status == PACKET_READ_FLUSH) {
2135 if (reader->status != PACKET_READ_NORMAL) {
2136 die("protocol error: got an unexpected packet");
2138 if (!strcmp(reader->line, "push-cert-end\n"))
2139 break; /* end of cert */
2140 strbuf_addstr(&push_cert, reader->line);
2142 reader->options = saved_options;
2149 p = queue_command(p, reader->line, linelen);
2153 queue_commands_from_cert(p, &push_cert);
2158 static void read_push_options(struct packet_reader *reader,
2159 struct string_list *options)
2162 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
2165 string_list_append(options, reader->line);
2169 static const char *parse_pack_header(struct pack_header *hdr)
2171 switch (read_pack_header(0, hdr)) {
2173 return "eof before pack header was fully read";
2175 case PH_ERROR_PACK_SIGNATURE:
2176 return "protocol error (pack signature mismatch detected)";
2178 case PH_ERROR_PROTOCOL:
2179 return "protocol error (pack version unsupported)";
2182 return "unknown error in parse_pack_header";
2189 static const char *pack_lockfile;
2191 static void push_header_arg(struct strvec *args, struct pack_header *hdr)
2193 strvec_pushf(args, "--pack_header=%"PRIu32",%"PRIu32,
2194 ntohl(hdr->hdr_version), ntohl(hdr->hdr_entries));
2197 static const char *unpack(int err_fd, struct shallow_info *si)
2199 struct pack_header hdr;
2200 const char *hdr_err;
2202 struct child_process child = CHILD_PROCESS_INIT;
2203 int fsck_objects = (receive_fsck_objects >= 0
2204 ? receive_fsck_objects
2205 : transfer_fsck_objects >= 0
2206 ? transfer_fsck_objects
2209 hdr_err = parse_pack_header(&hdr);
2216 if (si->nr_ours || si->nr_theirs) {
2217 alt_shallow_file = setup_temporary_shallow(si->shallow);
2218 strvec_push(&child.args, "--shallow-file");
2219 strvec_push(&child.args, alt_shallow_file);
2222 tmp_objdir = tmp_objdir_create();
2226 return "unable to create temporary object directory";
2228 child.env = tmp_objdir_env(tmp_objdir);
2231 * Normally we just pass the tmp_objdir environment to the child
2232 * processes that do the heavy lifting, but we may need to see these
2233 * objects ourselves to set up shallow information.
2235 tmp_objdir_add_as_alternate(tmp_objdir);
2237 if (ntohl(hdr.hdr_entries) < unpack_limit) {
2238 strvec_push(&child.args, "unpack-objects");
2239 push_header_arg(&child.args, &hdr);
2241 strvec_push(&child.args, "-q");
2243 strvec_pushf(&child.args, "--strict%s",
2244 fsck_msg_types.buf);
2246 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
2247 (uintmax_t)max_input_size);
2248 child.no_stdout = 1;
2251 status = run_command(&child);
2253 return "unpack-objects abnormal exit";
2255 char hostname[HOST_NAME_MAX + 1];
2257 strvec_pushl(&child.args, "index-pack", "--stdin", NULL);
2258 push_header_arg(&child.args, &hdr);
2260 if (xgethostname(hostname, sizeof(hostname)))
2261 xsnprintf(hostname, sizeof(hostname), "localhost");
2262 strvec_pushf(&child.args,
2263 "--keep=receive-pack %"PRIuMAX" on %s",
2264 (uintmax_t)getpid(),
2267 if (!quiet && err_fd)
2268 strvec_push(&child.args, "--show-resolving-progress");
2270 strvec_push(&child.args, "--report-end-of-input");
2272 strvec_pushf(&child.args, "--strict%s",
2273 fsck_msg_types.buf);
2275 strvec_push(&child.args, "--fix-thin");
2277 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
2278 (uintmax_t)max_input_size);
2282 status = start_command(&child);
2284 return "index-pack fork failed";
2285 pack_lockfile = index_pack_lockfile(child.out, NULL);
2287 status = finish_command(&child);
2289 return "index-pack abnormal exit";
2290 reprepare_packed_git(the_repository);
2295 static const char *unpack_with_sideband(struct shallow_info *si)
2301 return unpack(0, si);
2303 use_keepalive = KEEPALIVE_AFTER_NUL;
2304 memset(&muxer, 0, sizeof(muxer));
2305 muxer.proc = copy_to_sideband;
2307 if (start_async(&muxer))
2310 ret = unpack(muxer.in, si);
2312 finish_async(&muxer);
2316 static void prepare_shallow_update(struct shallow_info *si)
2318 int i, j, k, bitmap_size = DIV_ROUND_UP(si->ref->nr, 32);
2320 ALLOC_ARRAY(si->used_shallow, si->shallow->nr);
2321 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
2323 CALLOC_ARRAY(si->need_reachability_test, si->shallow->nr);
2324 CALLOC_ARRAY(si->reachable, si->shallow->nr);
2325 CALLOC_ARRAY(si->shallow_ref, si->ref->nr);
2327 for (i = 0; i < si->nr_ours; i++)
2328 si->need_reachability_test[si->ours[i]] = 1;
2330 for (i = 0; i < si->shallow->nr; i++) {
2331 if (!si->used_shallow[i])
2333 for (j = 0; j < bitmap_size; j++) {
2334 if (!si->used_shallow[i][j])
2336 si->need_reachability_test[i]++;
2337 for (k = 0; k < 32; k++)
2338 if (si->used_shallow[i][j] & (1U << k))
2339 si->shallow_ref[j * 32 + k]++;
2343 * true for those associated with some refs and belong
2344 * in "ours" list aka "step 7 not done yet"
2346 si->need_reachability_test[i] =
2347 si->need_reachability_test[i] > 1;
2351 * keep hooks happy by forcing a temporary shallow file via
2352 * env variable because we can't add --shallow-file to every
2353 * command. check_connected() will be done with
2354 * true .git/shallow though.
2356 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
2359 static void update_shallow_info(struct command *commands,
2360 struct shallow_info *si,
2361 struct oid_array *ref)
2363 struct command *cmd;
2365 remove_nonexistent_theirs_shallow(si);
2366 if (!si->nr_ours && !si->nr_theirs) {
2371 for (cmd = commands; cmd; cmd = cmd->next) {
2372 if (is_null_oid(&cmd->new_oid))
2374 oid_array_append(ref, &cmd->new_oid);
2375 cmd->index = ref->nr - 1;
2379 if (shallow_update) {
2380 prepare_shallow_update(si);
2384 ALLOC_ARRAY(ref_status, ref->nr);
2385 assign_shallow_commits_to_refs(si, NULL, ref_status);
2386 for (cmd = commands; cmd; cmd = cmd->next) {
2387 if (is_null_oid(&cmd->new_oid))
2389 if (ref_status[cmd->index]) {
2390 cmd->error_string = "shallow update not allowed";
2391 cmd->skip_update = 1;
2397 static void report(struct command *commands, const char *unpack_status)
2399 struct command *cmd;
2400 struct strbuf buf = STRBUF_INIT;
2402 packet_buf_write(&buf, "unpack %s\n",
2403 unpack_status ? unpack_status : "ok");
2404 for (cmd = commands; cmd; cmd = cmd->next) {
2405 if (!cmd->error_string)
2406 packet_buf_write(&buf, "ok %s\n",
2409 packet_buf_write(&buf, "ng %s %s\n",
2410 cmd->ref_name, cmd->error_string);
2412 packet_buf_flush(&buf);
2415 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2417 write_or_die(1, buf.buf, buf.len);
2418 strbuf_release(&buf);
2421 static void report_v2(struct command *commands, const char *unpack_status)
2423 struct command *cmd;
2424 struct strbuf buf = STRBUF_INIT;
2425 struct ref_push_report *report;
2427 packet_buf_write(&buf, "unpack %s\n",
2428 unpack_status ? unpack_status : "ok");
2429 for (cmd = commands; cmd; cmd = cmd->next) {
2432 if (cmd->error_string) {
2433 packet_buf_write(&buf, "ng %s %s\n",
2438 packet_buf_write(&buf, "ok %s\n",
2440 for (report = cmd->report; report; report = report->next) {
2442 packet_buf_write(&buf, "ok %s\n",
2444 if (report->ref_name)
2445 packet_buf_write(&buf, "option refname %s\n",
2447 if (report->old_oid)
2448 packet_buf_write(&buf, "option old-oid %s\n",
2449 oid_to_hex(report->old_oid));
2450 if (report->new_oid)
2451 packet_buf_write(&buf, "option new-oid %s\n",
2452 oid_to_hex(report->new_oid));
2453 if (report->forced_update)
2454 packet_buf_write(&buf, "option forced-update\n");
2457 packet_buf_flush(&buf);
2460 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2462 write_or_die(1, buf.buf, buf.len);
2463 strbuf_release(&buf);
2466 static int delete_only(struct command *commands)
2468 struct command *cmd;
2469 for (cmd = commands; cmd; cmd = cmd->next) {
2470 if (!is_null_oid(&cmd->new_oid))
2476 int cmd_receive_pack(int argc, const char **argv, const char *prefix)
2478 int advertise_refs = 0;
2479 struct command *commands;
2480 struct oid_array shallow = OID_ARRAY_INIT;
2481 struct oid_array ref = OID_ARRAY_INIT;
2482 struct shallow_info si;
2483 struct packet_reader reader;
2485 struct option options[] = {
2486 OPT__QUIET(&quiet, N_("quiet")),
2487 OPT_HIDDEN_BOOL(0, "stateless-rpc", &stateless_rpc, NULL),
2488 OPT_HIDDEN_BOOL(0, "advertise-refs", &advertise_refs, NULL),
2489 OPT_HIDDEN_BOOL(0, "reject-thin-pack-for-testing", &reject_thin, NULL),
2493 packet_trace_identity("receive-pack");
2495 argc = parse_options(argc, argv, prefix, options, receive_pack_usage, 0);
2498 usage_msg_opt(_("Too many arguments."), receive_pack_usage, options);
2500 usage_msg_opt(_("You must specify a directory."), receive_pack_usage, options);
2502 service_dir = argv[0];
2506 if (!enter_repo(service_dir, 0))
2507 die("'%s' does not appear to be a git repository", service_dir);
2509 git_config(receive_pack_config, NULL);
2510 if (cert_nonce_seed)
2511 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
2513 if (0 <= transfer_unpack_limit)
2514 unpack_limit = transfer_unpack_limit;
2515 else if (0 <= receive_unpack_limit)
2516 unpack_limit = receive_unpack_limit;
2518 switch (determine_protocol_version_server()) {
2521 * push support for protocol v2 has not been implemented yet,
2522 * so ignore the request to use v2 and fallback to using v0.
2527 * v1 is just the original protocol with a version string,
2528 * so just fall through after writing the version string.
2530 if (advertise_refs || !stateless_rpc)
2531 packet_write_fmt(1, "version 1\n");
2536 case protocol_unknown_version:
2537 BUG("unknown protocol version");
2540 if (advertise_refs || !stateless_rpc) {
2546 packet_reader_init(&reader, 0, NULL, 0,
2547 PACKET_READ_CHOMP_NEWLINE |
2548 PACKET_READ_DIE_ON_ERR_PACKET);
2550 if ((commands = read_head_info(&reader, &shallow)) != NULL) {
2551 const char *unpack_status = NULL;
2552 struct string_list push_options = STRING_LIST_INIT_DUP;
2554 if (use_push_options)
2555 read_push_options(&reader, &push_options);
2556 if (!check_cert_push_options(&push_options)) {
2557 struct command *cmd;
2558 for (cmd = commands; cmd; cmd = cmd->next)
2559 cmd->error_string = "inconsistent push options";
2562 prepare_shallow_info(&si, &shallow);
2563 if (!si.nr_ours && !si.nr_theirs)
2565 if (!delete_only(commands)) {
2566 unpack_status = unpack_with_sideband(&si);
2567 update_shallow_info(commands, &si, &ref);
2569 use_keepalive = KEEPALIVE_ALWAYS;
2570 execute_commands(commands, unpack_status, &si,
2573 unlink_or_warn(pack_lockfile);
2574 if (report_status_v2)
2575 report_v2(commands, unpack_status);
2576 else if (report_status)
2577 report(commands, unpack_status);
2578 run_receive_hook(commands, "post-receive", 1,
2580 run_update_post_hook(commands);
2581 string_list_clear(&push_options, 0);
2583 const char *argv_gc_auto[] = {
2584 "gc", "--auto", "--quiet", NULL,
2586 struct child_process proc = CHILD_PROCESS_INIT;
2589 proc.stdout_to_stderr = 1;
2590 proc.err = use_sideband ? -1 : 0;
2592 proc.argv = argv_gc_auto;
2594 close_object_store(the_repository->objects);
2595 if (!start_command(&proc)) {
2597 copy_to_sideband(proc.err, -1, NULL);
2598 finish_command(&proc);
2601 if (auto_update_server_info)
2602 update_server_info(0);
2603 clear_shallow_info(&si);
2607 oid_array_clear(&shallow);
2608 oid_array_clear(&ref);
2609 free((void *)push_cert_nonce);
projects / git / blob