Merge branch 'cb/t4201-robustify'
[git] / transport.c
1 #include "cache.h"
2 #include "config.h"
3 #include "transport.h"
4 #include "run-command.h"
5 #include "pkt-line.h"
6 #include "fetch-pack.h"
7 #include "remote.h"
8 #include "connect.h"
9 #include "send-pack.h"
10 #include "walker.h"
11 #include "bundle.h"
12 #include "dir.h"
13 #include "refs.h"
14 #include "branch.h"
15 #include "url.h"
16 #include "submodule.h"
17 #include "string-list.h"
18 #include "sha1-array.h"
19 #include "sigchain.h"
20
21 static void set_upstreams(struct transport *transport, struct ref *refs,
22         int pretend)
23 {
24         struct ref *ref;
25         for (ref = refs; ref; ref = ref->next) {
26                 const char *localname;
27                 const char *tmp;
28                 const char *remotename;
29                 int flag = 0;
30                 /*
31                  * Check suitability for tracking. Must be successful /
32                  * already up-to-date ref create/modify (not delete).
33                  */
34                 if (ref->status != REF_STATUS_OK &&
35                         ref->status != REF_STATUS_UPTODATE)
36                         continue;
37                 if (!ref->peer_ref)
38                         continue;
39                 if (is_null_oid(&ref->new_oid))
40                         continue;
41
42                 /* Follow symbolic refs (mainly for HEAD). */
43                 localname = ref->peer_ref->name;
44                 remotename = ref->name;
45                 tmp = resolve_ref_unsafe(localname, RESOLVE_REF_READING,
46                                          NULL, &flag);
47                 if (tmp && flag & REF_ISSYMREF &&
48                         starts_with(tmp, "refs/heads/"))
49                         localname = tmp;
50
51                 /* Both source and destination must be local branches. */
52                 if (!localname || !starts_with(localname, "refs/heads/"))
53                         continue;
54                 if (!remotename || !starts_with(remotename, "refs/heads/"))
55                         continue;
56
57                 if (!pretend)
58                         install_branch_config(BRANCH_CONFIG_VERBOSE,
59                                 localname + 11, transport->remote->name,
60                                 remotename);
61                 else
62                         printf(_("Would set upstream of '%s' to '%s' of '%s'\n"),
63                                 localname + 11, remotename + 11,
64                                 transport->remote->name);
65         }
66 }
67
68 struct bundle_transport_data {
69         int fd;
70         struct bundle_header header;
71 };
72
73 static struct ref *get_refs_from_bundle(struct transport *transport, int for_push)
74 {
75         struct bundle_transport_data *data = transport->data;
76         struct ref *result = NULL;
77         int i;
78
79         if (for_push)
80                 return NULL;
81
82         if (data->fd > 0)
83                 close(data->fd);
84         data->fd = read_bundle_header(transport->url, &data->header);
85         if (data->fd < 0)
86                 die ("Could not read bundle '%s'.", transport->url);
87         for (i = 0; i < data->header.references.nr; i++) {
88                 struct ref_list_entry *e = data->header.references.list + i;
89                 struct ref *ref = alloc_ref(e->name);
90                 oidcpy(&ref->old_oid, &e->oid);
91                 ref->next = result;
92                 result = ref;
93         }
94         return result;
95 }
96
97 static int fetch_refs_from_bundle(struct transport *transport,
98                                int nr_heads, struct ref **to_fetch)
99 {
100         struct bundle_transport_data *data = transport->data;
101         return unbundle(&data->header, data->fd,
102                         transport->progress ? BUNDLE_VERBOSE : 0);
103 }
104
105 static int close_bundle(struct transport *transport)
106 {
107         struct bundle_transport_data *data = transport->data;
108         if (data->fd > 0)
109                 close(data->fd);
110         free(data);
111         return 0;
112 }
113
114 struct git_transport_data {
115         struct git_transport_options options;
116         struct child_process *conn;
117         int fd[2];
118         unsigned got_remote_heads : 1;
119         struct oid_array extra_have;
120         struct oid_array shallow;
121 };
122
123 static int set_git_option(struct git_transport_options *opts,
124                           const char *name, const char *value)
125 {
126         if (!strcmp(name, TRANS_OPT_UPLOADPACK)) {
127                 opts->uploadpack = value;
128                 return 0;
129         } else if (!strcmp(name, TRANS_OPT_RECEIVEPACK)) {
130                 opts->receivepack = value;
131                 return 0;
132         } else if (!strcmp(name, TRANS_OPT_THIN)) {
133                 opts->thin = !!value;
134                 return 0;
135         } else if (!strcmp(name, TRANS_OPT_FOLLOWTAGS)) {
136                 opts->followtags = !!value;
137                 return 0;
138         } else if (!strcmp(name, TRANS_OPT_KEEP)) {
139                 opts->keep = !!value;
140                 return 0;
141         } else if (!strcmp(name, TRANS_OPT_UPDATE_SHALLOW)) {
142                 opts->update_shallow = !!value;
143                 return 0;
144         } else if (!strcmp(name, TRANS_OPT_DEPTH)) {
145                 if (!value)
146                         opts->depth = 0;
147                 else {
148                         char *end;
149                         opts->depth = strtol(value, &end, 0);
150                         if (*end)
151                                 die(_("transport: invalid depth option '%s'"), value);
152                 }
153                 return 0;
154         } else if (!strcmp(name, TRANS_OPT_DEEPEN_SINCE)) {
155                 opts->deepen_since = value;
156                 return 0;
157         } else if (!strcmp(name, TRANS_OPT_DEEPEN_NOT)) {
158                 opts->deepen_not = (const struct string_list *)value;
159                 return 0;
160         } else if (!strcmp(name, TRANS_OPT_DEEPEN_RELATIVE)) {
161                 opts->deepen_relative = !!value;
162                 return 0;
163         }
164         return 1;
165 }
166
167 static int connect_setup(struct transport *transport, int for_push)
168 {
169         struct git_transport_data *data = transport->data;
170         int flags = transport->verbose > 0 ? CONNECT_VERBOSE : 0;
171
172         if (data->conn)
173                 return 0;
174
175         switch (transport->family) {
176         case TRANSPORT_FAMILY_ALL: break;
177         case TRANSPORT_FAMILY_IPV4: flags |= CONNECT_IPV4; break;
178         case TRANSPORT_FAMILY_IPV6: flags |= CONNECT_IPV6; break;
179         }
180
181         data->conn = git_connect(data->fd, transport->url,
182                                  for_push ? data->options.receivepack :
183                                  data->options.uploadpack,
184                                  flags);
185
186         return 0;
187 }
188
189 static struct ref *get_refs_via_connect(struct transport *transport, int for_push)
190 {
191         struct git_transport_data *data = transport->data;
192         struct ref *refs;
193
194         connect_setup(transport, for_push);
195         get_remote_heads(data->fd[0], NULL, 0, &refs,
196                          for_push ? REF_NORMAL : 0,
197                          &data->extra_have,
198                          &data->shallow);
199         data->got_remote_heads = 1;
200
201         return refs;
202 }
203
204 static int fetch_refs_via_pack(struct transport *transport,
205                                int nr_heads, struct ref **to_fetch)
206 {
207         int ret = 0;
208         struct git_transport_data *data = transport->data;
209         struct ref *refs;
210         char *dest = xstrdup(transport->url);
211         struct fetch_pack_args args;
212         struct ref *refs_tmp = NULL;
213
214         memset(&args, 0, sizeof(args));
215         args.uploadpack = data->options.uploadpack;
216         args.keep_pack = data->options.keep;
217         args.lock_pack = 1;
218         args.use_thin_pack = data->options.thin;
219         args.include_tag = data->options.followtags;
220         args.verbose = (transport->verbose > 1);
221         args.quiet = (transport->verbose < 0);
222         args.no_progress = !transport->progress;
223         args.depth = data->options.depth;
224         args.deepen_since = data->options.deepen_since;
225         args.deepen_not = data->options.deepen_not;
226         args.deepen_relative = data->options.deepen_relative;
227         args.check_self_contained_and_connected =
228                 data->options.check_self_contained_and_connected;
229         args.cloning = transport->cloning;
230         args.update_shallow = data->options.update_shallow;
231
232         if (!data->got_remote_heads) {
233                 connect_setup(transport, 0);
234                 get_remote_heads(data->fd[0], NULL, 0, &refs_tmp, 0,
235                                  NULL, &data->shallow);
236                 data->got_remote_heads = 1;
237         }
238
239         refs = fetch_pack(&args, data->fd, data->conn,
240                           refs_tmp ? refs_tmp : transport->remote_refs,
241                           dest, to_fetch, nr_heads, &data->shallow,
242                           &transport->pack_lockfile);
243         close(data->fd[0]);
244         close(data->fd[1]);
245         if (finish_connect(data->conn))
246                 ret = -1;
247         data->conn = NULL;
248         data->got_remote_heads = 0;
249         data->options.self_contained_and_connected =
250                 args.self_contained_and_connected;
251
252         if (refs == NULL)
253                 ret = -1;
254         if (report_unmatched_refs(to_fetch, nr_heads))
255                 ret = -1;
256
257         free_refs(refs_tmp);
258         free_refs(refs);
259         free(dest);
260         return ret;
261 }
262
263 static int push_had_errors(struct ref *ref)
264 {
265         for (; ref; ref = ref->next) {
266                 switch (ref->status) {
267                 case REF_STATUS_NONE:
268                 case REF_STATUS_UPTODATE:
269                 case REF_STATUS_OK:
270                         break;
271                 default:
272                         return 1;
273                 }
274         }
275         return 0;
276 }
277
278 int transport_refs_pushed(struct ref *ref)
279 {
280         for (; ref; ref = ref->next) {
281                 switch(ref->status) {
282                 case REF_STATUS_NONE:
283                 case REF_STATUS_UPTODATE:
284                         break;
285                 default:
286                         return 1;
287                 }
288         }
289         return 0;
290 }
291
292 void transport_update_tracking_ref(struct remote *remote, struct ref *ref, int verbose)
293 {
294         struct refspec rs;
295
296         if (ref->status != REF_STATUS_OK && ref->status != REF_STATUS_UPTODATE)
297                 return;
298
299         rs.src = ref->name;
300         rs.dst = NULL;
301
302         if (!remote_find_tracking(remote, &rs)) {
303                 if (verbose)
304                         fprintf(stderr, "updating local tracking ref '%s'\n", rs.dst);
305                 if (ref->deletion) {
306                         delete_ref(NULL, rs.dst, NULL, 0);
307                 } else
308                         update_ref("update by push", rs.dst, &ref->new_oid,
309                                    NULL, 0, 0);
310                 free(rs.dst);
311         }
312 }
313
314 static void print_ref_status(char flag, const char *summary,
315                              struct ref *to, struct ref *from, const char *msg,
316                              int porcelain, int summary_width)
317 {
318         if (porcelain) {
319                 if (from)
320                         fprintf(stdout, "%c\t%s:%s\t", flag, from->name, to->name);
321                 else
322                         fprintf(stdout, "%c\t:%s\t", flag, to->name);
323                 if (msg)
324                         fprintf(stdout, "%s (%s)\n", summary, msg);
325                 else
326                         fprintf(stdout, "%s\n", summary);
327         } else {
328                 fprintf(stderr, " %c %-*s ", flag, summary_width, summary);
329                 if (from)
330                         fprintf(stderr, "%s -> %s", prettify_refname(from->name), prettify_refname(to->name));
331                 else
332                         fputs(prettify_refname(to->name), stderr);
333                 if (msg) {
334                         fputs(" (", stderr);
335                         fputs(msg, stderr);
336                         fputc(')', stderr);
337                 }
338                 fputc('\n', stderr);
339         }
340 }
341
342 static void print_ok_ref_status(struct ref *ref, int porcelain, int summary_width)
343 {
344         if (ref->deletion)
345                 print_ref_status('-', "[deleted]", ref, NULL, NULL,
346                                  porcelain, summary_width);
347         else if (is_null_oid(&ref->old_oid))
348                 print_ref_status('*',
349                         (starts_with(ref->name, "refs/tags/") ? "[new tag]" :
350                         "[new branch]"),
351                         ref, ref->peer_ref, NULL, porcelain, summary_width);
352         else {
353                 struct strbuf quickref = STRBUF_INIT;
354                 char type;
355                 const char *msg;
356
357                 strbuf_add_unique_abbrev(&quickref, ref->old_oid.hash,
358                                          DEFAULT_ABBREV);
359                 if (ref->forced_update) {
360                         strbuf_addstr(&quickref, "...");
361                         type = '+';
362                         msg = "forced update";
363                 } else {
364                         strbuf_addstr(&quickref, "..");
365                         type = ' ';
366                         msg = NULL;
367                 }
368                 strbuf_add_unique_abbrev(&quickref, ref->new_oid.hash,
369                                          DEFAULT_ABBREV);
370
371                 print_ref_status(type, quickref.buf, ref, ref->peer_ref, msg,
372                                  porcelain, summary_width);
373                 strbuf_release(&quickref);
374         }
375 }
376
377 static int print_one_push_status(struct ref *ref, const char *dest, int count,
378                                  int porcelain, int summary_width)
379 {
380         if (!count) {
381                 char *url = transport_anonymize_url(dest);
382                 fprintf(porcelain ? stdout : stderr, "To %s\n", url);
383                 free(url);
384         }
385
386         switch(ref->status) {
387         case REF_STATUS_NONE:
388                 print_ref_status('X', "[no match]", ref, NULL, NULL,
389                                  porcelain, summary_width);
390                 break;
391         case REF_STATUS_REJECT_NODELETE:
392                 print_ref_status('!', "[rejected]", ref, NULL,
393                                  "remote does not support deleting refs",
394                                  porcelain, summary_width);
395                 break;
396         case REF_STATUS_UPTODATE:
397                 print_ref_status('=', "[up to date]", ref,
398                                  ref->peer_ref, NULL, porcelain, summary_width);
399                 break;
400         case REF_STATUS_REJECT_NONFASTFORWARD:
401                 print_ref_status('!', "[rejected]", ref, ref->peer_ref,
402                                  "non-fast-forward", porcelain, summary_width);
403                 break;
404         case REF_STATUS_REJECT_ALREADY_EXISTS:
405                 print_ref_status('!', "[rejected]", ref, ref->peer_ref,
406                                  "already exists", porcelain, summary_width);
407                 break;
408         case REF_STATUS_REJECT_FETCH_FIRST:
409                 print_ref_status('!', "[rejected]", ref, ref->peer_ref,
410                                  "fetch first", porcelain, summary_width);
411                 break;
412         case REF_STATUS_REJECT_NEEDS_FORCE:
413                 print_ref_status('!', "[rejected]", ref, ref->peer_ref,
414                                  "needs force", porcelain, summary_width);
415                 break;
416         case REF_STATUS_REJECT_STALE:
417                 print_ref_status('!', "[rejected]", ref, ref->peer_ref,
418                                  "stale info", porcelain, summary_width);
419                 break;
420         case REF_STATUS_REJECT_SHALLOW:
421                 print_ref_status('!', "[rejected]", ref, ref->peer_ref,
422                                  "new shallow roots not allowed",
423                                  porcelain, summary_width);
424                 break;
425         case REF_STATUS_REMOTE_REJECT:
426                 print_ref_status('!', "[remote rejected]", ref,
427                                  ref->deletion ? NULL : ref->peer_ref,
428                                  ref->remote_status, porcelain, summary_width);
429                 break;
430         case REF_STATUS_EXPECTING_REPORT:
431                 print_ref_status('!', "[remote failure]", ref,
432                                  ref->deletion ? NULL : ref->peer_ref,
433                                  "remote failed to report status",
434                                  porcelain, summary_width);
435                 break;
436         case REF_STATUS_ATOMIC_PUSH_FAILED:
437                 print_ref_status('!', "[rejected]", ref, ref->peer_ref,
438                                  "atomic push failed", porcelain, summary_width);
439                 break;
440         case REF_STATUS_OK:
441                 print_ok_ref_status(ref, porcelain, summary_width);
442                 break;
443         }
444
445         return 1;
446 }
447
448 static int measure_abbrev(const struct object_id *oid, int sofar)
449 {
450         char hex[GIT_MAX_HEXSZ + 1];
451         int w = find_unique_abbrev_r(hex, oid->hash, DEFAULT_ABBREV);
452
453         return (w < sofar) ? sofar : w;
454 }
455
456 int transport_summary_width(const struct ref *refs)
457 {
458         int maxw = -1;
459
460         for (; refs; refs = refs->next) {
461                 maxw = measure_abbrev(&refs->old_oid, maxw);
462                 maxw = measure_abbrev(&refs->new_oid, maxw);
463         }
464         if (maxw < 0)
465                 maxw = FALLBACK_DEFAULT_ABBREV;
466         return (2 * maxw + 3);
467 }
468
469 void transport_print_push_status(const char *dest, struct ref *refs,
470                                   int verbose, int porcelain, unsigned int *reject_reasons)
471 {
472         struct ref *ref;
473         int n = 0;
474         char *head;
475         int summary_width = transport_summary_width(refs);
476
477         head = resolve_refdup("HEAD", RESOLVE_REF_READING, NULL, NULL);
478
479         if (verbose) {
480                 for (ref = refs; ref; ref = ref->next)
481                         if (ref->status == REF_STATUS_UPTODATE)
482                                 n += print_one_push_status(ref, dest, n,
483                                                            porcelain, summary_width);
484         }
485
486         for (ref = refs; ref; ref = ref->next)
487                 if (ref->status == REF_STATUS_OK)
488                         n += print_one_push_status(ref, dest, n,
489                                                    porcelain, summary_width);
490
491         *reject_reasons = 0;
492         for (ref = refs; ref; ref = ref->next) {
493                 if (ref->status != REF_STATUS_NONE &&
494                     ref->status != REF_STATUS_UPTODATE &&
495                     ref->status != REF_STATUS_OK)
496                         n += print_one_push_status(ref, dest, n,
497                                                    porcelain, summary_width);
498                 if (ref->status == REF_STATUS_REJECT_NONFASTFORWARD) {
499                         if (head != NULL && !strcmp(head, ref->name))
500                                 *reject_reasons |= REJECT_NON_FF_HEAD;
501                         else
502                                 *reject_reasons |= REJECT_NON_FF_OTHER;
503                 } else if (ref->status == REF_STATUS_REJECT_ALREADY_EXISTS) {
504                         *reject_reasons |= REJECT_ALREADY_EXISTS;
505                 } else if (ref->status == REF_STATUS_REJECT_FETCH_FIRST) {
506                         *reject_reasons |= REJECT_FETCH_FIRST;
507                 } else if (ref->status == REF_STATUS_REJECT_NEEDS_FORCE) {
508                         *reject_reasons |= REJECT_NEEDS_FORCE;
509                 }
510         }
511         free(head);
512 }
513
514 void transport_verify_remote_names(int nr_heads, const char **heads)
515 {
516         int i;
517
518         for (i = 0; i < nr_heads; i++) {
519                 const char *local = heads[i];
520                 const char *remote = strrchr(heads[i], ':');
521
522                 if (*local == '+')
523                         local++;
524
525                 /* A matching refspec is okay.  */
526                 if (remote == local && remote[1] == '\0')
527                         continue;
528
529                 remote = remote ? (remote + 1) : local;
530                 if (check_refname_format(remote,
531                                 REFNAME_ALLOW_ONELEVEL|REFNAME_REFSPEC_PATTERN))
532                         die("remote part of refspec is not a valid name in %s",
533                                 heads[i]);
534         }
535 }
536
537 static int git_transport_push(struct transport *transport, struct ref *remote_refs, int flags)
538 {
539         struct git_transport_data *data = transport->data;
540         struct send_pack_args args;
541         int ret;
542
543         if (!data->got_remote_heads) {
544                 struct ref *tmp_refs;
545                 connect_setup(transport, 1);
546
547                 get_remote_heads(data->fd[0], NULL, 0, &tmp_refs, REF_NORMAL,
548                                  NULL, &data->shallow);
549                 data->got_remote_heads = 1;
550         }
551
552         memset(&args, 0, sizeof(args));
553         args.send_mirror = !!(flags & TRANSPORT_PUSH_MIRROR);
554         args.force_update = !!(flags & TRANSPORT_PUSH_FORCE);
555         args.use_thin_pack = data->options.thin;
556         args.verbose = (transport->verbose > 0);
557         args.quiet = (transport->verbose < 0);
558         args.progress = transport->progress;
559         args.dry_run = !!(flags & TRANSPORT_PUSH_DRY_RUN);
560         args.porcelain = !!(flags & TRANSPORT_PUSH_PORCELAIN);
561         args.atomic = !!(flags & TRANSPORT_PUSH_ATOMIC);
562         args.push_options = transport->push_options;
563         args.url = transport->url;
564
565         if (flags & TRANSPORT_PUSH_CERT_ALWAYS)
566                 args.push_cert = SEND_PACK_PUSH_CERT_ALWAYS;
567         else if (flags & TRANSPORT_PUSH_CERT_IF_ASKED)
568                 args.push_cert = SEND_PACK_PUSH_CERT_IF_ASKED;
569         else
570                 args.push_cert = SEND_PACK_PUSH_CERT_NEVER;
571
572         ret = send_pack(&args, data->fd, data->conn, remote_refs,
573                         &data->extra_have);
574
575         close(data->fd[1]);
576         close(data->fd[0]);
577         ret |= finish_connect(data->conn);
578         data->conn = NULL;
579         data->got_remote_heads = 0;
580
581         return ret;
582 }
583
584 static int connect_git(struct transport *transport, const char *name,
585                        const char *executable, int fd[2])
586 {
587         struct git_transport_data *data = transport->data;
588         data->conn = git_connect(data->fd, transport->url,
589                                  executable, 0);
590         fd[0] = data->fd[0];
591         fd[1] = data->fd[1];
592         return 0;
593 }
594
595 static int disconnect_git(struct transport *transport)
596 {
597         struct git_transport_data *data = transport->data;
598         if (data->conn) {
599                 if (data->got_remote_heads)
600                         packet_flush(data->fd[1]);
601                 close(data->fd[0]);
602                 close(data->fd[1]);
603                 finish_connect(data->conn);
604         }
605
606         free(data);
607         return 0;
608 }
609
610 void transport_take_over(struct transport *transport,
611                          struct child_process *child)
612 {
613         struct git_transport_data *data;
614
615         if (!transport->smart_options)
616                 die("BUG: taking over transport requires non-NULL "
617                     "smart_options field.");
618
619         data = xcalloc(1, sizeof(*data));
620         data->options = *transport->smart_options;
621         data->conn = child;
622         data->fd[0] = data->conn->out;
623         data->fd[1] = data->conn->in;
624         data->got_remote_heads = 0;
625         transport->data = data;
626
627         transport->set_option = NULL;
628         transport->get_refs_list = get_refs_via_connect;
629         transport->fetch = fetch_refs_via_pack;
630         transport->push = NULL;
631         transport->push_refs = git_transport_push;
632         transport->disconnect = disconnect_git;
633         transport->smart_options = &(data->options);
634
635         transport->cannot_reuse = 1;
636 }
637
638 static int is_file(const char *url)
639 {
640         struct stat buf;
641         if (stat(url, &buf))
642                 return 0;
643         return S_ISREG(buf.st_mode);
644 }
645
646 static int external_specification_len(const char *url)
647 {
648         return strchr(url, ':') - url;
649 }
650
651 static const struct string_list *protocol_whitelist(void)
652 {
653         static int enabled = -1;
654         static struct string_list allowed = STRING_LIST_INIT_DUP;
655
656         if (enabled < 0) {
657                 const char *v = getenv("GIT_ALLOW_PROTOCOL");
658                 if (v) {
659                         string_list_split(&allowed, v, ':', -1);
660                         string_list_sort(&allowed);
661                         enabled = 1;
662                 } else {
663                         enabled = 0;
664                 }
665         }
666
667         return enabled ? &allowed : NULL;
668 }
669
670 enum protocol_allow_config {
671         PROTOCOL_ALLOW_NEVER = 0,
672         PROTOCOL_ALLOW_USER_ONLY,
673         PROTOCOL_ALLOW_ALWAYS
674 };
675
676 static enum protocol_allow_config parse_protocol_config(const char *key,
677                                                         const char *value)
678 {
679         if (!strcasecmp(value, "always"))
680                 return PROTOCOL_ALLOW_ALWAYS;
681         else if (!strcasecmp(value, "never"))
682                 return PROTOCOL_ALLOW_NEVER;
683         else if (!strcasecmp(value, "user"))
684                 return PROTOCOL_ALLOW_USER_ONLY;
685
686         die("unknown value for config '%s': %s", key, value);
687 }
688
689 static enum protocol_allow_config get_protocol_config(const char *type)
690 {
691         char *key = xstrfmt("protocol.%s.allow", type);
692         char *value;
693
694         /* first check the per-protocol config */
695         if (!git_config_get_string(key, &value)) {
696                 enum protocol_allow_config ret =
697                         parse_protocol_config(key, value);
698                 free(key);
699                 free(value);
700                 return ret;
701         }
702         free(key);
703
704         /* if defined, fallback to user-defined default for unknown protocols */
705         if (!git_config_get_string("protocol.allow", &value)) {
706                 enum protocol_allow_config ret =
707                         parse_protocol_config("protocol.allow", value);
708                 free(value);
709                 return ret;
710         }
711
712         /* fallback to built-in defaults */
713         /* known safe */
714         if (!strcmp(type, "http") ||
715             !strcmp(type, "https") ||
716             !strcmp(type, "git") ||
717             !strcmp(type, "ssh") ||
718             !strcmp(type, "file"))
719                 return PROTOCOL_ALLOW_ALWAYS;
720
721         /* known scary; err on the side of caution */
722         if (!strcmp(type, "ext"))
723                 return PROTOCOL_ALLOW_NEVER;
724
725         /* unknown; by default let them be used only directly by the user */
726         return PROTOCOL_ALLOW_USER_ONLY;
727 }
728
729 int is_transport_allowed(const char *type, int from_user)
730 {
731         const struct string_list *whitelist = protocol_whitelist();
732         if (whitelist)
733                 return string_list_has_string(whitelist, type);
734
735         switch (get_protocol_config(type)) {
736         case PROTOCOL_ALLOW_ALWAYS:
737                 return 1;
738         case PROTOCOL_ALLOW_NEVER:
739                 return 0;
740         case PROTOCOL_ALLOW_USER_ONLY:
741                 if (from_user < 0)
742                         from_user = git_env_bool("GIT_PROTOCOL_FROM_USER", 1);
743                 return from_user;
744         }
745
746         die("BUG: invalid protocol_allow_config type");
747 }
748
749 void transport_check_allowed(const char *type)
750 {
751         if (!is_transport_allowed(type, -1))
752                 die("transport '%s' not allowed", type);
753 }
754
755 struct transport *transport_get(struct remote *remote, const char *url)
756 {
757         const char *helper;
758         struct transport *ret = xcalloc(1, sizeof(*ret));
759
760         ret->progress = isatty(2);
761
762         if (!remote)
763                 die("No remote provided to transport_get()");
764
765         ret->got_remote_refs = 0;
766         ret->remote = remote;
767         helper = remote->foreign_vcs;
768
769         if (!url && remote->url)
770                 url = remote->url[0];
771         ret->url = url;
772
773         /* maybe it is a foreign URL? */
774         if (url) {
775                 const char *p = url;
776
777                 while (is_urlschemechar(p == url, *p))
778                         p++;
779                 if (starts_with(p, "::"))
780                         helper = xstrndup(url, p - url);
781         }
782
783         if (helper) {
784                 transport_helper_init(ret, helper);
785         } else if (starts_with(url, "rsync:")) {
786                 die("git-over-rsync is no longer supported");
787         } else if (url_is_local_not_ssh(url) && is_file(url) && is_bundle(url, 1)) {
788                 struct bundle_transport_data *data = xcalloc(1, sizeof(*data));
789                 transport_check_allowed("file");
790                 ret->data = data;
791                 ret->get_refs_list = get_refs_from_bundle;
792                 ret->fetch = fetch_refs_from_bundle;
793                 ret->disconnect = close_bundle;
794                 ret->smart_options = NULL;
795         } else if (!is_url(url)
796                 || starts_with(url, "file://")
797                 || starts_with(url, "git://")
798                 || starts_with(url, "ssh://")
799                 || starts_with(url, "git+ssh://") /* deprecated - do not use */
800                 || starts_with(url, "ssh+git://") /* deprecated - do not use */
801                 ) {
802                 /*
803                  * These are builtin smart transports; "allowed" transports
804                  * will be checked individually in git_connect.
805                  */
806                 struct git_transport_data *data = xcalloc(1, sizeof(*data));
807                 ret->data = data;
808                 ret->set_option = NULL;
809                 ret->get_refs_list = get_refs_via_connect;
810                 ret->fetch = fetch_refs_via_pack;
811                 ret->push_refs = git_transport_push;
812                 ret->connect = connect_git;
813                 ret->disconnect = disconnect_git;
814                 ret->smart_options = &(data->options);
815
816                 data->conn = NULL;
817                 data->got_remote_heads = 0;
818         } else {
819                 /* Unknown protocol in URL. Pass to external handler. */
820                 int len = external_specification_len(url);
821                 char *handler = xmemdupz(url, len);
822                 transport_helper_init(ret, handler);
823         }
824
825         if (ret->smart_options) {
826                 ret->smart_options->thin = 1;
827                 ret->smart_options->uploadpack = "git-upload-pack";
828                 if (remote->uploadpack)
829                         ret->smart_options->uploadpack = remote->uploadpack;
830                 ret->smart_options->receivepack = "git-receive-pack";
831                 if (remote->receivepack)
832                         ret->smart_options->receivepack = remote->receivepack;
833         }
834
835         return ret;
836 }
837
838 int transport_set_option(struct transport *transport,
839                          const char *name, const char *value)
840 {
841         int git_reports = 1, protocol_reports = 1;
842
843         if (transport->smart_options)
844                 git_reports = set_git_option(transport->smart_options,
845                                              name, value);
846
847         if (transport->set_option)
848                 protocol_reports = transport->set_option(transport, name,
849                                                         value);
850
851         /* If either report is 0, report 0 (success). */
852         if (!git_reports || !protocol_reports)
853                 return 0;
854         /* If either reports -1 (invalid value), report -1. */
855         if ((git_reports == -1) || (protocol_reports == -1))
856                 return -1;
857         /* Otherwise if both report unknown, report unknown. */
858         return 1;
859 }
860
861 void transport_set_verbosity(struct transport *transport, int verbosity,
862         int force_progress)
863 {
864         if (verbosity >= 1)
865                 transport->verbose = verbosity <= 3 ? verbosity : 3;
866         if (verbosity < 0)
867                 transport->verbose = -1;
868
869         /**
870          * Rules used to determine whether to report progress (processing aborts
871          * when a rule is satisfied):
872          *
873          *   . Report progress, if force_progress is 1 (ie. --progress).
874          *   . Don't report progress, if force_progress is 0 (ie. --no-progress).
875          *   . Don't report progress, if verbosity < 0 (ie. -q/--quiet ).
876          *   . Report progress if isatty(2) is 1.
877          **/
878         if (force_progress >= 0)
879                 transport->progress = !!force_progress;
880         else
881                 transport->progress = verbosity >= 0 && isatty(2);
882 }
883
884 static void die_with_unpushed_submodules(struct string_list *needs_pushing)
885 {
886         int i;
887
888         fprintf(stderr, _("The following submodule paths contain changes that can\n"
889                         "not be found on any remote:\n"));
890         for (i = 0; i < needs_pushing->nr; i++)
891                 fprintf(stderr, "  %s\n", needs_pushing->items[i].string);
892         fprintf(stderr, _("\nPlease try\n\n"
893                           "     git push --recurse-submodules=on-demand\n\n"
894                           "or cd to the path and use\n\n"
895                           "     git push\n\n"
896                           "to push them to a remote.\n\n"));
897
898         string_list_clear(needs_pushing, 0);
899
900         die(_("Aborting."));
901 }
902
903 static int run_pre_push_hook(struct transport *transport,
904                              struct ref *remote_refs)
905 {
906         int ret = 0, x;
907         struct ref *r;
908         struct child_process proc = CHILD_PROCESS_INIT;
909         struct strbuf buf;
910         const char *argv[4];
911
912         if (!(argv[0] = find_hook("pre-push")))
913                 return 0;
914
915         argv[1] = transport->remote->name;
916         argv[2] = transport->url;
917         argv[3] = NULL;
918
919         proc.argv = argv;
920         proc.in = -1;
921
922         if (start_command(&proc)) {
923                 finish_command(&proc);
924                 return -1;
925         }
926
927         sigchain_push(SIGPIPE, SIG_IGN);
928
929         strbuf_init(&buf, 256);
930
931         for (r = remote_refs; r; r = r->next) {
932                 if (!r->peer_ref) continue;
933                 if (r->status == REF_STATUS_REJECT_NONFASTFORWARD) continue;
934                 if (r->status == REF_STATUS_REJECT_STALE) continue;
935                 if (r->status == REF_STATUS_UPTODATE) continue;
936
937                 strbuf_reset(&buf);
938                 strbuf_addf( &buf, "%s %s %s %s\n",
939                          r->peer_ref->name, oid_to_hex(&r->new_oid),
940                          r->name, oid_to_hex(&r->old_oid));
941
942                 if (write_in_full(proc.in, buf.buf, buf.len) < 0) {
943                         /* We do not mind if a hook does not read all refs. */
944                         if (errno != EPIPE)
945                                 ret = -1;
946                         break;
947                 }
948         }
949
950         strbuf_release(&buf);
951
952         x = close(proc.in);
953         if (!ret)
954                 ret = x;
955
956         sigchain_pop(SIGPIPE);
957
958         x = finish_command(&proc);
959         if (!ret)
960                 ret = x;
961
962         return ret;
963 }
964
965 int transport_push(struct transport *transport,
966                    int refspec_nr, const char **refspec, int flags,
967                    unsigned int *reject_reasons)
968 {
969         *reject_reasons = 0;
970         transport_verify_remote_names(refspec_nr, refspec);
971
972         if (transport->push) {
973                 /* Maybe FIXME. But no important transport uses this case. */
974                 if (flags & TRANSPORT_PUSH_SET_UPSTREAM)
975                         die("This transport does not support using --set-upstream");
976
977                 return transport->push(transport, refspec_nr, refspec, flags);
978         } else if (transport->push_refs) {
979                 struct ref *remote_refs;
980                 struct ref *local_refs = get_local_heads();
981                 int match_flags = MATCH_REFS_NONE;
982                 int verbose = (transport->verbose > 0);
983                 int quiet = (transport->verbose < 0);
984                 int porcelain = flags & TRANSPORT_PUSH_PORCELAIN;
985                 int pretend = flags & TRANSPORT_PUSH_DRY_RUN;
986                 int push_ret, ret, err;
987
988                 if (check_push_refs(local_refs, refspec_nr, refspec) < 0)
989                         return -1;
990
991                 remote_refs = transport->get_refs_list(transport, 1);
992
993                 if (flags & TRANSPORT_PUSH_ALL)
994                         match_flags |= MATCH_REFS_ALL;
995                 if (flags & TRANSPORT_PUSH_MIRROR)
996                         match_flags |= MATCH_REFS_MIRROR;
997                 if (flags & TRANSPORT_PUSH_PRUNE)
998                         match_flags |= MATCH_REFS_PRUNE;
999                 if (flags & TRANSPORT_PUSH_FOLLOW_TAGS)
1000                         match_flags |= MATCH_REFS_FOLLOW_TAGS;
1001
1002                 if (match_push_refs(local_refs, &remote_refs,
1003                                     refspec_nr, refspec, match_flags)) {
1004                         return -1;
1005                 }
1006
1007                 if (transport->smart_options &&
1008                     transport->smart_options->cas &&
1009                     !is_empty_cas(transport->smart_options->cas))
1010                         apply_push_cas(transport->smart_options->cas,
1011                                        transport->remote, remote_refs);
1012
1013                 set_ref_status_for_push(remote_refs,
1014                         flags & TRANSPORT_PUSH_MIRROR,
1015                         flags & TRANSPORT_PUSH_FORCE);
1016
1017                 if (!(flags & TRANSPORT_PUSH_NO_HOOK))
1018                         if (run_pre_push_hook(transport, remote_refs))
1019                                 return -1;
1020
1021                 if ((flags & (TRANSPORT_RECURSE_SUBMODULES_ON_DEMAND |
1022                               TRANSPORT_RECURSE_SUBMODULES_ONLY)) &&
1023                     !is_bare_repository()) {
1024                         struct ref *ref = remote_refs;
1025                         struct oid_array commits = OID_ARRAY_INIT;
1026
1027                         for (; ref; ref = ref->next)
1028                                 if (!is_null_oid(&ref->new_oid))
1029                                         oid_array_append(&commits,
1030                                                           &ref->new_oid);
1031
1032                         if (!push_unpushed_submodules(&commits,
1033                                                       transport->remote,
1034                                                       refspec, refspec_nr,
1035                                                       transport->push_options,
1036                                                       pretend)) {
1037                                 oid_array_clear(&commits);
1038                                 die("Failed to push all needed submodules!");
1039                         }
1040                         oid_array_clear(&commits);
1041                 }
1042
1043                 if (((flags & TRANSPORT_RECURSE_SUBMODULES_CHECK) ||
1044                      ((flags & (TRANSPORT_RECURSE_SUBMODULES_ON_DEMAND |
1045                                 TRANSPORT_RECURSE_SUBMODULES_ONLY)) &&
1046                       !pretend)) && !is_bare_repository()) {
1047                         struct ref *ref = remote_refs;
1048                         struct string_list needs_pushing = STRING_LIST_INIT_DUP;
1049                         struct oid_array commits = OID_ARRAY_INIT;
1050
1051                         for (; ref; ref = ref->next)
1052                                 if (!is_null_oid(&ref->new_oid))
1053                                         oid_array_append(&commits,
1054                                                           &ref->new_oid);
1055
1056                         if (find_unpushed_submodules(&commits, transport->remote->name,
1057                                                 &needs_pushing)) {
1058                                 oid_array_clear(&commits);
1059                                 die_with_unpushed_submodules(&needs_pushing);
1060                         }
1061                         string_list_clear(&needs_pushing, 0);
1062                         oid_array_clear(&commits);
1063                 }
1064
1065                 if (!(flags & TRANSPORT_RECURSE_SUBMODULES_ONLY))
1066                         push_ret = transport->push_refs(transport, remote_refs, flags);
1067                 else
1068                         push_ret = 0;
1069                 err = push_had_errors(remote_refs);
1070                 ret = push_ret | err;
1071
1072                 if (!quiet || err)
1073                         transport_print_push_status(transport->url, remote_refs,
1074                                         verbose | porcelain, porcelain,
1075                                         reject_reasons);
1076
1077                 if (flags & TRANSPORT_PUSH_SET_UPSTREAM)
1078                         set_upstreams(transport, remote_refs, pretend);
1079
1080                 if (!(flags & (TRANSPORT_PUSH_DRY_RUN |
1081                                TRANSPORT_RECURSE_SUBMODULES_ONLY))) {
1082                         struct ref *ref;
1083                         for (ref = remote_refs; ref; ref = ref->next)
1084                                 transport_update_tracking_ref(transport->remote, ref, verbose);
1085                 }
1086
1087                 if (porcelain && !push_ret)
1088                         puts("Done");
1089                 else if (!quiet && !ret && !transport_refs_pushed(remote_refs))
1090                         fprintf(stderr, "Everything up-to-date\n");
1091
1092                 return ret;
1093         }
1094         return 1;
1095 }
1096
1097 const struct ref *transport_get_remote_refs(struct transport *transport)
1098 {
1099         if (!transport->got_remote_refs) {
1100                 transport->remote_refs = transport->get_refs_list(transport, 0);
1101                 transport->got_remote_refs = 1;
1102         }
1103
1104         return transport->remote_refs;
1105 }
1106
1107 int transport_fetch_refs(struct transport *transport, struct ref *refs)
1108 {
1109         int rc;
1110         int nr_heads = 0, nr_alloc = 0, nr_refs = 0;
1111         struct ref **heads = NULL;
1112         struct ref *rm;
1113
1114         for (rm = refs; rm; rm = rm->next) {
1115                 nr_refs++;
1116                 if (rm->peer_ref &&
1117                     !is_null_oid(&rm->old_oid) &&
1118                     !oidcmp(&rm->peer_ref->old_oid, &rm->old_oid))
1119                         continue;
1120                 ALLOC_GROW(heads, nr_heads + 1, nr_alloc);
1121                 heads[nr_heads++] = rm;
1122         }
1123
1124         if (!nr_heads) {
1125                 /*
1126                  * When deepening of a shallow repository is requested,
1127                  * then local and remote refs are likely to still be equal.
1128                  * Just feed them all to the fetch method in that case.
1129                  * This condition shouldn't be met in a non-deepening fetch
1130                  * (see builtin/fetch.c:quickfetch()).
1131                  */
1132                 ALLOC_ARRAY(heads, nr_refs);
1133                 for (rm = refs; rm; rm = rm->next)
1134                         heads[nr_heads++] = rm;
1135         }
1136
1137         rc = transport->fetch(transport, nr_heads, heads);
1138
1139         free(heads);
1140         return rc;
1141 }
1142
1143 void transport_unlock_pack(struct transport *transport)
1144 {
1145         if (transport->pack_lockfile) {
1146                 unlink_or_warn(transport->pack_lockfile);
1147                 FREE_AND_NULL(transport->pack_lockfile);
1148         }
1149 }
1150
1151 int transport_connect(struct transport *transport, const char *name,
1152                       const char *exec, int fd[2])
1153 {
1154         if (transport->connect)
1155                 return transport->connect(transport, name, exec, fd);
1156         else
1157                 die("Operation not supported by protocol");
1158 }
1159
1160 int transport_disconnect(struct transport *transport)
1161 {
1162         int ret = 0;
1163         if (transport->disconnect)
1164                 ret = transport->disconnect(transport);
1165         free(transport);
1166         return ret;
1167 }
1168
1169 /*
1170  * Strip username (and password) from a URL and return
1171  * it in a newly allocated string.
1172  */
1173 char *transport_anonymize_url(const char *url)
1174 {
1175         char *scheme_prefix, *anon_part;
1176         size_t anon_len, prefix_len = 0;
1177
1178         anon_part = strchr(url, '@');
1179         if (url_is_local_not_ssh(url) || !anon_part)
1180                 goto literal_copy;
1181
1182         anon_len = strlen(++anon_part);
1183         scheme_prefix = strstr(url, "://");
1184         if (!scheme_prefix) {
1185                 if (!strchr(anon_part, ':'))
1186                         /* cannot be "me@there:/path/name" */
1187                         goto literal_copy;
1188         } else {
1189                 const char *cp;
1190                 /* make sure scheme is reasonable */
1191                 for (cp = url; cp < scheme_prefix; cp++) {
1192                         switch (*cp) {
1193                                 /* RFC 1738 2.1 */
1194                         case '+': case '.': case '-':
1195                                 break; /* ok */
1196                         default:
1197                                 if (isalnum(*cp))
1198                                         break;
1199                                 /* it isn't */
1200                                 goto literal_copy;
1201                         }
1202                 }
1203                 /* @ past the first slash does not count */
1204                 cp = strchr(scheme_prefix + 3, '/');
1205                 if (cp && cp < anon_part)
1206                         goto literal_copy;
1207                 prefix_len = scheme_prefix - url + 3;
1208         }
1209         return xstrfmt("%.*s%.*s", (int)prefix_len, url,
1210                        (int)anon_len, anon_part);
1211 literal_copy:
1212         return xstrdup(url);
1213 }
1214
1215 static void read_alternate_refs(const char *path,
1216                                 alternate_ref_fn *cb,
1217                                 void *data)
1218 {
1219         struct child_process cmd = CHILD_PROCESS_INIT;
1220         struct strbuf line = STRBUF_INIT;
1221         FILE *fh;
1222
1223         cmd.git_cmd = 1;
1224         argv_array_pushf(&cmd.args, "--git-dir=%s", path);
1225         argv_array_push(&cmd.args, "for-each-ref");
1226         argv_array_push(&cmd.args, "--format=%(objectname) %(refname)");
1227         cmd.env = local_repo_env;
1228         cmd.out = -1;
1229
1230         if (start_command(&cmd))
1231                 return;
1232
1233         fh = xfdopen(cmd.out, "r");
1234         while (strbuf_getline_lf(&line, fh) != EOF) {
1235                 struct object_id oid;
1236
1237                 if (get_oid_hex(line.buf, &oid) ||
1238                     line.buf[GIT_SHA1_HEXSZ] != ' ') {
1239                         warning("invalid line while parsing alternate refs: %s",
1240                                 line.buf);
1241                         break;
1242                 }
1243
1244                 cb(line.buf + GIT_SHA1_HEXSZ + 1, &oid, data);
1245         }
1246
1247         fclose(fh);
1248         finish_command(&cmd);
1249 }
1250
1251 struct alternate_refs_data {
1252         alternate_ref_fn *fn;
1253         void *data;
1254 };
1255
1256 static int refs_from_alternate_cb(struct alternate_object_database *e,
1257                                   void *data)
1258 {
1259         struct strbuf path = STRBUF_INIT;
1260         size_t base_len;
1261         struct alternate_refs_data *cb = data;
1262
1263         if (!strbuf_realpath(&path, e->path, 0))
1264                 goto out;
1265         if (!strbuf_strip_suffix(&path, "/objects"))
1266                 goto out;
1267         base_len = path.len;
1268
1269         /* Is this a git repository with refs? */
1270         strbuf_addstr(&path, "/refs");
1271         if (!is_directory(path.buf))
1272                 goto out;
1273         strbuf_setlen(&path, base_len);
1274
1275         read_alternate_refs(path.buf, cb->fn, cb->data);
1276
1277 out:
1278         strbuf_release(&path);
1279         return 0;
1280 }
1281
1282 void for_each_alternate_ref(alternate_ref_fn fn, void *data)
1283 {
1284         struct alternate_refs_data cb;
1285         cb.fn = fn;
1286         cb.data = data;
1287         foreach_alt_odb(refs_from_alternate_cb, &cb);
1288 }