Merge branch 'mh/maint-show-ref-doc'
[git] / http.c
1 #include "http.h"
2 #include "pack.h"
3 #include "sideband.h"
4 #include "run-command.h"
5 #include "url.h"
6 #include "credential.h"
7
8 int active_requests;
9 int http_is_verbose;
10 size_t http_post_buffer = 16 * LARGE_PACKET_MAX;
11
12 #if LIBCURL_VERSION_NUM >= 0x070a06
13 #define LIBCURL_CAN_HANDLE_AUTH_ANY
14 #endif
15
16 static int min_curl_sessions = 1;
17 static int curl_session_count;
18 #ifdef USE_CURL_MULTI
19 static int max_requests = -1;
20 static CURLM *curlm;
21 #endif
22 #ifndef NO_CURL_EASY_DUPHANDLE
23 static CURL *curl_default;
24 #endif
25
26 #define PREV_BUF_SIZE 4096
27 #define RANGE_HEADER_SIZE 30
28
29 char curl_errorstr[CURL_ERROR_SIZE];
30
31 static int curl_ssl_verify = -1;
32 static const char *ssl_cert;
33 #if LIBCURL_VERSION_NUM >= 0x070903
34 static const char *ssl_key;
35 #endif
36 #if LIBCURL_VERSION_NUM >= 0x070908
37 static const char *ssl_capath;
38 #endif
39 static const char *ssl_cainfo;
40 static long curl_low_speed_limit = -1;
41 static long curl_low_speed_time = -1;
42 static int curl_ftp_no_epsv;
43 static const char *curl_http_proxy;
44 static const char *curl_cookie_file;
45 static struct credential http_auth = CREDENTIAL_INIT;
46 static int http_proactive_auth;
47 static const char *user_agent;
48
49 #if LIBCURL_VERSION_NUM >= 0x071700
50 /* Use CURLOPT_KEYPASSWD as is */
51 #elif LIBCURL_VERSION_NUM >= 0x070903
52 #define CURLOPT_KEYPASSWD CURLOPT_SSLKEYPASSWD
53 #else
54 #define CURLOPT_KEYPASSWD CURLOPT_SSLCERTPASSWD
55 #endif
56
57 static struct credential cert_auth = CREDENTIAL_INIT;
58 static int ssl_cert_password_required;
59
60 static struct curl_slist *pragma_header;
61 static struct curl_slist *no_pragma_header;
62
63 static struct active_request_slot *active_queue_head;
64
65 size_t fread_buffer(char *ptr, size_t eltsize, size_t nmemb, void *buffer_)
66 {
67         size_t size = eltsize * nmemb;
68         struct buffer *buffer = buffer_;
69
70         if (size > buffer->buf.len - buffer->posn)
71                 size = buffer->buf.len - buffer->posn;
72         memcpy(ptr, buffer->buf.buf + buffer->posn, size);
73         buffer->posn += size;
74
75         return size;
76 }
77
78 #ifndef NO_CURL_IOCTL
79 curlioerr ioctl_buffer(CURL *handle, int cmd, void *clientp)
80 {
81         struct buffer *buffer = clientp;
82
83         switch (cmd) {
84         case CURLIOCMD_NOP:
85                 return CURLIOE_OK;
86
87         case CURLIOCMD_RESTARTREAD:
88                 buffer->posn = 0;
89                 return CURLIOE_OK;
90
91         default:
92                 return CURLIOE_UNKNOWNCMD;
93         }
94 }
95 #endif
96
97 size_t fwrite_buffer(char *ptr, size_t eltsize, size_t nmemb, void *buffer_)
98 {
99         size_t size = eltsize * nmemb;
100         struct strbuf *buffer = buffer_;
101
102         strbuf_add(buffer, ptr, size);
103         return size;
104 }
105
106 size_t fwrite_null(char *ptr, size_t eltsize, size_t nmemb, void *strbuf)
107 {
108         return eltsize * nmemb;
109 }
110
111 #ifdef USE_CURL_MULTI
112 static void process_curl_messages(void)
113 {
114         int num_messages;
115         struct active_request_slot *slot;
116         CURLMsg *curl_message = curl_multi_info_read(curlm, &num_messages);
117
118         while (curl_message != NULL) {
119                 if (curl_message->msg == CURLMSG_DONE) {
120                         int curl_result = curl_message->data.result;
121                         slot = active_queue_head;
122                         while (slot != NULL &&
123                                slot->curl != curl_message->easy_handle)
124                                 slot = slot->next;
125                         if (slot != NULL) {
126                                 curl_multi_remove_handle(curlm, slot->curl);
127                                 slot->curl_result = curl_result;
128                                 finish_active_slot(slot);
129                         } else {
130                                 fprintf(stderr, "Received DONE message for unknown request!\n");
131                         }
132                 } else {
133                         fprintf(stderr, "Unknown CURL message received: %d\n",
134                                 (int)curl_message->msg);
135                 }
136                 curl_message = curl_multi_info_read(curlm, &num_messages);
137         }
138 }
139 #endif
140
141 static int http_options(const char *var, const char *value, void *cb)
142 {
143         if (!strcmp("http.sslverify", var)) {
144                 curl_ssl_verify = git_config_bool(var, value);
145                 return 0;
146         }
147         if (!strcmp("http.sslcert", var))
148                 return git_config_string(&ssl_cert, var, value);
149 #if LIBCURL_VERSION_NUM >= 0x070903
150         if (!strcmp("http.sslkey", var))
151                 return git_config_string(&ssl_key, var, value);
152 #endif
153 #if LIBCURL_VERSION_NUM >= 0x070908
154         if (!strcmp("http.sslcapath", var))
155                 return git_config_string(&ssl_capath, var, value);
156 #endif
157         if (!strcmp("http.sslcainfo", var))
158                 return git_config_string(&ssl_cainfo, var, value);
159         if (!strcmp("http.sslcertpasswordprotected", var)) {
160                 if (git_config_bool(var, value))
161                         ssl_cert_password_required = 1;
162                 return 0;
163         }
164         if (!strcmp("http.minsessions", var)) {
165                 min_curl_sessions = git_config_int(var, value);
166 #ifndef USE_CURL_MULTI
167                 if (min_curl_sessions > 1)
168                         min_curl_sessions = 1;
169 #endif
170                 return 0;
171         }
172 #ifdef USE_CURL_MULTI
173         if (!strcmp("http.maxrequests", var)) {
174                 max_requests = git_config_int(var, value);
175                 return 0;
176         }
177 #endif
178         if (!strcmp("http.lowspeedlimit", var)) {
179                 curl_low_speed_limit = (long)git_config_int(var, value);
180                 return 0;
181         }
182         if (!strcmp("http.lowspeedtime", var)) {
183                 curl_low_speed_time = (long)git_config_int(var, value);
184                 return 0;
185         }
186
187         if (!strcmp("http.noepsv", var)) {
188                 curl_ftp_no_epsv = git_config_bool(var, value);
189                 return 0;
190         }
191         if (!strcmp("http.proxy", var))
192                 return git_config_string(&curl_http_proxy, var, value);
193
194         if (!strcmp("http.cookiefile", var))
195                 return git_config_string(&curl_cookie_file, var, value);
196
197         if (!strcmp("http.postbuffer", var)) {
198                 http_post_buffer = git_config_int(var, value);
199                 if (http_post_buffer < LARGE_PACKET_MAX)
200                         http_post_buffer = LARGE_PACKET_MAX;
201                 return 0;
202         }
203
204         if (!strcmp("http.useragent", var))
205                 return git_config_string(&user_agent, var, value);
206
207         /* Fall back on the default ones */
208         return git_default_config(var, value, cb);
209 }
210
211 static void init_curl_http_auth(CURL *result)
212 {
213         if (http_auth.username) {
214                 struct strbuf up = STRBUF_INIT;
215                 credential_fill(&http_auth);
216                 strbuf_addf(&up, "%s:%s",
217                             http_auth.username, http_auth.password);
218                 curl_easy_setopt(result, CURLOPT_USERPWD,
219                                  strbuf_detach(&up, NULL));
220         }
221 }
222
223 static int has_cert_password(void)
224 {
225         if (ssl_cert == NULL || ssl_cert_password_required != 1)
226                 return 0;
227         if (!cert_auth.password) {
228                 cert_auth.protocol = xstrdup("cert");
229                 cert_auth.path = xstrdup(ssl_cert);
230                 credential_fill(&cert_auth);
231         }
232         return 1;
233 }
234
235 static CURL *get_curl_handle(void)
236 {
237         CURL *result = curl_easy_init();
238
239         if (!curl_ssl_verify) {
240                 curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 0);
241                 curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 0);
242         } else {
243                 /* Verify authenticity of the peer's certificate */
244                 curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 1);
245                 /* The name in the cert must match whom we tried to connect */
246                 curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 2);
247         }
248
249 #if LIBCURL_VERSION_NUM >= 0x070907
250         curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
251 #endif
252 #ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
253         curl_easy_setopt(result, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
254 #endif
255
256         if (http_proactive_auth)
257                 init_curl_http_auth(result);
258
259         if (ssl_cert != NULL)
260                 curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert);
261         if (has_cert_password())
262                 curl_easy_setopt(result, CURLOPT_KEYPASSWD, cert_auth.password);
263 #if LIBCURL_VERSION_NUM >= 0x070903
264         if (ssl_key != NULL)
265                 curl_easy_setopt(result, CURLOPT_SSLKEY, ssl_key);
266 #endif
267 #if LIBCURL_VERSION_NUM >= 0x070908
268         if (ssl_capath != NULL)
269                 curl_easy_setopt(result, CURLOPT_CAPATH, ssl_capath);
270 #endif
271         if (ssl_cainfo != NULL)
272                 curl_easy_setopt(result, CURLOPT_CAINFO, ssl_cainfo);
273         curl_easy_setopt(result, CURLOPT_FAILONERROR, 1);
274
275         if (curl_low_speed_limit > 0 && curl_low_speed_time > 0) {
276                 curl_easy_setopt(result, CURLOPT_LOW_SPEED_LIMIT,
277                                  curl_low_speed_limit);
278                 curl_easy_setopt(result, CURLOPT_LOW_SPEED_TIME,
279                                  curl_low_speed_time);
280         }
281
282         curl_easy_setopt(result, CURLOPT_FOLLOWLOCATION, 1);
283 #if LIBCURL_VERSION_NUM >= 0x071301
284         curl_easy_setopt(result, CURLOPT_POSTREDIR, CURL_REDIR_POST_ALL);
285 #elif LIBCURL_VERSION_NUM >= 0x071101
286         curl_easy_setopt(result, CURLOPT_POST301, 1);
287 #endif
288
289         if (getenv("GIT_CURL_VERBOSE"))
290                 curl_easy_setopt(result, CURLOPT_VERBOSE, 1);
291
292         curl_easy_setopt(result, CURLOPT_USERAGENT,
293                 user_agent ? user_agent : GIT_HTTP_USER_AGENT);
294
295         if (curl_ftp_no_epsv)
296                 curl_easy_setopt(result, CURLOPT_FTP_USE_EPSV, 0);
297
298         if (curl_http_proxy)
299                 curl_easy_setopt(result, CURLOPT_PROXY, curl_http_proxy);
300
301         return result;
302 }
303
304 static void set_from_env(const char **var, const char *envname)
305 {
306         const char *val = getenv(envname);
307         if (val)
308                 *var = val;
309 }
310
311 void http_init(struct remote *remote, const char *url, int proactive_auth)
312 {
313         char *low_speed_limit;
314         char *low_speed_time;
315
316         http_is_verbose = 0;
317
318         git_config(http_options, NULL);
319
320         curl_global_init(CURL_GLOBAL_ALL);
321
322         http_proactive_auth = proactive_auth;
323
324         if (remote && remote->http_proxy)
325                 curl_http_proxy = xstrdup(remote->http_proxy);
326
327         pragma_header = curl_slist_append(pragma_header, "Pragma: no-cache");
328         no_pragma_header = curl_slist_append(no_pragma_header, "Pragma:");
329
330 #ifdef USE_CURL_MULTI
331         {
332                 char *http_max_requests = getenv("GIT_HTTP_MAX_REQUESTS");
333                 if (http_max_requests != NULL)
334                         max_requests = atoi(http_max_requests);
335         }
336
337         curlm = curl_multi_init();
338         if (curlm == NULL) {
339                 fprintf(stderr, "Error creating curl multi handle.\n");
340                 exit(1);
341         }
342 #endif
343
344         if (getenv("GIT_SSL_NO_VERIFY"))
345                 curl_ssl_verify = 0;
346
347         set_from_env(&ssl_cert, "GIT_SSL_CERT");
348 #if LIBCURL_VERSION_NUM >= 0x070903
349         set_from_env(&ssl_key, "GIT_SSL_KEY");
350 #endif
351 #if LIBCURL_VERSION_NUM >= 0x070908
352         set_from_env(&ssl_capath, "GIT_SSL_CAPATH");
353 #endif
354         set_from_env(&ssl_cainfo, "GIT_SSL_CAINFO");
355
356         set_from_env(&user_agent, "GIT_HTTP_USER_AGENT");
357
358         low_speed_limit = getenv("GIT_HTTP_LOW_SPEED_LIMIT");
359         if (low_speed_limit != NULL)
360                 curl_low_speed_limit = strtol(low_speed_limit, NULL, 10);
361         low_speed_time = getenv("GIT_HTTP_LOW_SPEED_TIME");
362         if (low_speed_time != NULL)
363                 curl_low_speed_time = strtol(low_speed_time, NULL, 10);
364
365         if (curl_ssl_verify == -1)
366                 curl_ssl_verify = 1;
367
368         curl_session_count = 0;
369 #ifdef USE_CURL_MULTI
370         if (max_requests < 1)
371                 max_requests = DEFAULT_MAX_REQUESTS;
372 #endif
373
374         if (getenv("GIT_CURL_FTP_NO_EPSV"))
375                 curl_ftp_no_epsv = 1;
376
377         if (url) {
378                 credential_from_url(&http_auth, url);
379                 if (!ssl_cert_password_required &&
380                     getenv("GIT_SSL_CERT_PASSWORD_PROTECTED") &&
381                     !prefixcmp(url, "https://"))
382                         ssl_cert_password_required = 1;
383         }
384
385 #ifndef NO_CURL_EASY_DUPHANDLE
386         curl_default = get_curl_handle();
387 #endif
388 }
389
390 void http_cleanup(void)
391 {
392         struct active_request_slot *slot = active_queue_head;
393
394         while (slot != NULL) {
395                 struct active_request_slot *next = slot->next;
396                 if (slot->curl != NULL) {
397 #ifdef USE_CURL_MULTI
398                         curl_multi_remove_handle(curlm, slot->curl);
399 #endif
400                         curl_easy_cleanup(slot->curl);
401                 }
402                 free(slot);
403                 slot = next;
404         }
405         active_queue_head = NULL;
406
407 #ifndef NO_CURL_EASY_DUPHANDLE
408         curl_easy_cleanup(curl_default);
409 #endif
410
411 #ifdef USE_CURL_MULTI
412         curl_multi_cleanup(curlm);
413 #endif
414         curl_global_cleanup();
415
416         curl_slist_free_all(pragma_header);
417         pragma_header = NULL;
418
419         curl_slist_free_all(no_pragma_header);
420         no_pragma_header = NULL;
421
422         if (curl_http_proxy) {
423                 free((void *)curl_http_proxy);
424                 curl_http_proxy = NULL;
425         }
426
427         if (cert_auth.password != NULL) {
428                 memset(cert_auth.password, 0, strlen(cert_auth.password));
429                 free(cert_auth.password);
430                 cert_auth.password = NULL;
431         }
432         ssl_cert_password_required = 0;
433 }
434
435 struct active_request_slot *get_active_slot(void)
436 {
437         struct active_request_slot *slot = active_queue_head;
438         struct active_request_slot *newslot;
439
440 #ifdef USE_CURL_MULTI
441         int num_transfers;
442
443         /* Wait for a slot to open up if the queue is full */
444         while (active_requests >= max_requests) {
445                 curl_multi_perform(curlm, &num_transfers);
446                 if (num_transfers < active_requests)
447                         process_curl_messages();
448         }
449 #endif
450
451         while (slot != NULL && slot->in_use)
452                 slot = slot->next;
453
454         if (slot == NULL) {
455                 newslot = xmalloc(sizeof(*newslot));
456                 newslot->curl = NULL;
457                 newslot->in_use = 0;
458                 newslot->next = NULL;
459
460                 slot = active_queue_head;
461                 if (slot == NULL) {
462                         active_queue_head = newslot;
463                 } else {
464                         while (slot->next != NULL)
465                                 slot = slot->next;
466                         slot->next = newslot;
467                 }
468                 slot = newslot;
469         }
470
471         if (slot->curl == NULL) {
472 #ifdef NO_CURL_EASY_DUPHANDLE
473                 slot->curl = get_curl_handle();
474 #else
475                 slot->curl = curl_easy_duphandle(curl_default);
476 #endif
477                 curl_session_count++;
478         }
479
480         active_requests++;
481         slot->in_use = 1;
482         slot->results = NULL;
483         slot->finished = NULL;
484         slot->callback_data = NULL;
485         slot->callback_func = NULL;
486         curl_easy_setopt(slot->curl, CURLOPT_COOKIEFILE, curl_cookie_file);
487         curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, pragma_header);
488         curl_easy_setopt(slot->curl, CURLOPT_ERRORBUFFER, curl_errorstr);
489         curl_easy_setopt(slot->curl, CURLOPT_CUSTOMREQUEST, NULL);
490         curl_easy_setopt(slot->curl, CURLOPT_READFUNCTION, NULL);
491         curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION, NULL);
492         curl_easy_setopt(slot->curl, CURLOPT_POSTFIELDS, NULL);
493         curl_easy_setopt(slot->curl, CURLOPT_UPLOAD, 0);
494         curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
495
496         return slot;
497 }
498
499 int start_active_slot(struct active_request_slot *slot)
500 {
501 #ifdef USE_CURL_MULTI
502         CURLMcode curlm_result = curl_multi_add_handle(curlm, slot->curl);
503         int num_transfers;
504
505         if (curlm_result != CURLM_OK &&
506             curlm_result != CURLM_CALL_MULTI_PERFORM) {
507                 active_requests--;
508                 slot->in_use = 0;
509                 return 0;
510         }
511
512         /*
513          * We know there must be something to do, since we just added
514          * something.
515          */
516         curl_multi_perform(curlm, &num_transfers);
517 #endif
518         return 1;
519 }
520
521 #ifdef USE_CURL_MULTI
522 struct fill_chain {
523         void *data;
524         int (*fill)(void *);
525         struct fill_chain *next;
526 };
527
528 static struct fill_chain *fill_cfg;
529
530 void add_fill_function(void *data, int (*fill)(void *))
531 {
532         struct fill_chain *new = xmalloc(sizeof(*new));
533         struct fill_chain **linkp = &fill_cfg;
534         new->data = data;
535         new->fill = fill;
536         new->next = NULL;
537         while (*linkp)
538                 linkp = &(*linkp)->next;
539         *linkp = new;
540 }
541
542 void fill_active_slots(void)
543 {
544         struct active_request_slot *slot = active_queue_head;
545
546         while (active_requests < max_requests) {
547                 struct fill_chain *fill;
548                 for (fill = fill_cfg; fill; fill = fill->next)
549                         if (fill->fill(fill->data))
550                                 break;
551
552                 if (!fill)
553                         break;
554         }
555
556         while (slot != NULL) {
557                 if (!slot->in_use && slot->curl != NULL
558                         && curl_session_count > min_curl_sessions) {
559                         curl_easy_cleanup(slot->curl);
560                         slot->curl = NULL;
561                         curl_session_count--;
562                 }
563                 slot = slot->next;
564         }
565 }
566
567 void step_active_slots(void)
568 {
569         int num_transfers;
570         CURLMcode curlm_result;
571
572         do {
573                 curlm_result = curl_multi_perform(curlm, &num_transfers);
574         } while (curlm_result == CURLM_CALL_MULTI_PERFORM);
575         if (num_transfers < active_requests) {
576                 process_curl_messages();
577                 fill_active_slots();
578         }
579 }
580 #endif
581
582 void run_active_slot(struct active_request_slot *slot)
583 {
584 #ifdef USE_CURL_MULTI
585         fd_set readfds;
586         fd_set writefds;
587         fd_set excfds;
588         int max_fd;
589         struct timeval select_timeout;
590         int finished = 0;
591
592         slot->finished = &finished;
593         while (!finished) {
594                 step_active_slots();
595
596                 if (slot->in_use) {
597 #if LIBCURL_VERSION_NUM >= 0x070f04
598                         long curl_timeout;
599                         curl_multi_timeout(curlm, &curl_timeout);
600                         if (curl_timeout == 0) {
601                                 continue;
602                         } else if (curl_timeout == -1) {
603                                 select_timeout.tv_sec  = 0;
604                                 select_timeout.tv_usec = 50000;
605                         } else {
606                                 select_timeout.tv_sec  =  curl_timeout / 1000;
607                                 select_timeout.tv_usec = (curl_timeout % 1000) * 1000;
608                         }
609 #else
610                         select_timeout.tv_sec  = 0;
611                         select_timeout.tv_usec = 50000;
612 #endif
613
614                         max_fd = -1;
615                         FD_ZERO(&readfds);
616                         FD_ZERO(&writefds);
617                         FD_ZERO(&excfds);
618                         curl_multi_fdset(curlm, &readfds, &writefds, &excfds, &max_fd);
619
620                         select(max_fd+1, &readfds, &writefds, &excfds, &select_timeout);
621                 }
622         }
623 #else
624         while (slot->in_use) {
625                 slot->curl_result = curl_easy_perform(slot->curl);
626                 finish_active_slot(slot);
627         }
628 #endif
629 }
630
631 static void closedown_active_slot(struct active_request_slot *slot)
632 {
633         active_requests--;
634         slot->in_use = 0;
635 }
636
637 static void release_active_slot(struct active_request_slot *slot)
638 {
639         closedown_active_slot(slot);
640         if (slot->curl && curl_session_count > min_curl_sessions) {
641 #ifdef USE_CURL_MULTI
642                 curl_multi_remove_handle(curlm, slot->curl);
643 #endif
644                 curl_easy_cleanup(slot->curl);
645                 slot->curl = NULL;
646                 curl_session_count--;
647         }
648 #ifdef USE_CURL_MULTI
649         fill_active_slots();
650 #endif
651 }
652
653 void finish_active_slot(struct active_request_slot *slot)
654 {
655         closedown_active_slot(slot);
656         curl_easy_getinfo(slot->curl, CURLINFO_HTTP_CODE, &slot->http_code);
657
658         if (slot->finished != NULL)
659                 (*slot->finished) = 1;
660
661         /* Store slot results so they can be read after the slot is reused */
662         if (slot->results != NULL) {
663                 slot->results->curl_result = slot->curl_result;
664                 slot->results->http_code = slot->http_code;
665         }
666
667         /* Run callback if appropriate */
668         if (slot->callback_func != NULL)
669                 slot->callback_func(slot->callback_data);
670 }
671
672 void finish_all_active_slots(void)
673 {
674         struct active_request_slot *slot = active_queue_head;
675
676         while (slot != NULL)
677                 if (slot->in_use) {
678                         run_active_slot(slot);
679                         slot = active_queue_head;
680                 } else {
681                         slot = slot->next;
682                 }
683 }
684
685 /* Helpers for modifying and creating URLs */
686 static inline int needs_quote(int ch)
687 {
688         if (((ch >= 'A') && (ch <= 'Z'))
689                         || ((ch >= 'a') && (ch <= 'z'))
690                         || ((ch >= '0') && (ch <= '9'))
691                         || (ch == '/')
692                         || (ch == '-')
693                         || (ch == '.'))
694                 return 0;
695         return 1;
696 }
697
698 static char *quote_ref_url(const char *base, const char *ref)
699 {
700         struct strbuf buf = STRBUF_INIT;
701         const char *cp;
702         int ch;
703
704         end_url_with_slash(&buf, base);
705
706         for (cp = ref; (ch = *cp) != 0; cp++)
707                 if (needs_quote(ch))
708                         strbuf_addf(&buf, "%%%02x", ch);
709                 else
710                         strbuf_addch(&buf, *cp);
711
712         return strbuf_detach(&buf, NULL);
713 }
714
715 void append_remote_object_url(struct strbuf *buf, const char *url,
716                               const char *hex,
717                               int only_two_digit_prefix)
718 {
719         end_url_with_slash(buf, url);
720
721         strbuf_addf(buf, "objects/%.*s/", 2, hex);
722         if (!only_two_digit_prefix)
723                 strbuf_addf(buf, "%s", hex+2);
724 }
725
726 char *get_remote_object_url(const char *url, const char *hex,
727                             int only_two_digit_prefix)
728 {
729         struct strbuf buf = STRBUF_INIT;
730         append_remote_object_url(&buf, url, hex, only_two_digit_prefix);
731         return strbuf_detach(&buf, NULL);
732 }
733
734 /* http_request() targets */
735 #define HTTP_REQUEST_STRBUF     0
736 #define HTTP_REQUEST_FILE       1
737
738 static int http_request(const char *url, void *result, int target, int options)
739 {
740         struct active_request_slot *slot;
741         struct slot_results results;
742         struct curl_slist *headers = NULL;
743         struct strbuf buf = STRBUF_INIT;
744         int ret;
745
746         slot = get_active_slot();
747         slot->results = &results;
748         curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
749
750         if (result == NULL) {
751                 curl_easy_setopt(slot->curl, CURLOPT_NOBODY, 1);
752         } else {
753                 curl_easy_setopt(slot->curl, CURLOPT_NOBODY, 0);
754                 curl_easy_setopt(slot->curl, CURLOPT_FILE, result);
755
756                 if (target == HTTP_REQUEST_FILE) {
757                         long posn = ftell(result);
758                         curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
759                                          fwrite);
760                         if (posn > 0) {
761                                 strbuf_addf(&buf, "Range: bytes=%ld-", posn);
762                                 headers = curl_slist_append(headers, buf.buf);
763                                 strbuf_reset(&buf);
764                         }
765                 } else
766                         curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
767                                          fwrite_buffer);
768         }
769
770         strbuf_addstr(&buf, "Pragma:");
771         if (options & HTTP_NO_CACHE)
772                 strbuf_addstr(&buf, " no-cache");
773
774         headers = curl_slist_append(headers, buf.buf);
775
776         curl_easy_setopt(slot->curl, CURLOPT_URL, url);
777         curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, headers);
778
779         if (start_active_slot(slot)) {
780                 run_active_slot(slot);
781                 if (results.curl_result == CURLE_OK)
782                         ret = HTTP_OK;
783                 else if (missing_target(&results))
784                         ret = HTTP_MISSING_TARGET;
785                 else if (results.http_code == 401) {
786                         if (http_auth.username && http_auth.password) {
787                                 credential_reject(&http_auth);
788                                 ret = HTTP_NOAUTH;
789                         } else {
790                                 credential_fill(&http_auth);
791                                 init_curl_http_auth(slot->curl);
792                                 ret = HTTP_REAUTH;
793                         }
794                 } else {
795                         if (!curl_errorstr[0])
796                                 strlcpy(curl_errorstr,
797                                         curl_easy_strerror(results.curl_result),
798                                         sizeof(curl_errorstr));
799                         ret = HTTP_ERROR;
800                 }
801         } else {
802                 error("Unable to start HTTP request for %s", url);
803                 ret = HTTP_START_FAILED;
804         }
805
806         curl_slist_free_all(headers);
807         strbuf_release(&buf);
808
809         if (ret == HTTP_OK)
810                 credential_approve(&http_auth);
811
812         return ret;
813 }
814
815 static int http_request_reauth(const char *url, void *result, int target,
816                                int options)
817 {
818         int ret = http_request(url, result, target, options);
819         if (ret != HTTP_REAUTH)
820                 return ret;
821         return http_request(url, result, target, options);
822 }
823
824 int http_get_strbuf(const char *url, struct strbuf *result, int options)
825 {
826         return http_request_reauth(url, result, HTTP_REQUEST_STRBUF, options);
827 }
828
829 /*
830  * Downloads an url and stores the result in the given file.
831  *
832  * If a previous interrupted download is detected (i.e. a previous temporary
833  * file is still around) the download is resumed.
834  */
835 static int http_get_file(const char *url, const char *filename, int options)
836 {
837         int ret;
838         struct strbuf tmpfile = STRBUF_INIT;
839         FILE *result;
840
841         strbuf_addf(&tmpfile, "%s.temp", filename);
842         result = fopen(tmpfile.buf, "a");
843         if (! result) {
844                 error("Unable to open local file %s", tmpfile.buf);
845                 ret = HTTP_ERROR;
846                 goto cleanup;
847         }
848
849         ret = http_request_reauth(url, result, HTTP_REQUEST_FILE, options);
850         fclose(result);
851
852         if ((ret == HTTP_OK) && move_temp_to_file(tmpfile.buf, filename))
853                 ret = HTTP_ERROR;
854 cleanup:
855         strbuf_release(&tmpfile);
856         return ret;
857 }
858
859 int http_error(const char *url, int ret)
860 {
861         /* http_request has already handled HTTP_START_FAILED. */
862         if (ret != HTTP_START_FAILED)
863                 error("%s while accessing %s", curl_errorstr, url);
864
865         return ret;
866 }
867
868 int http_fetch_ref(const char *base, struct ref *ref)
869 {
870         char *url;
871         struct strbuf buffer = STRBUF_INIT;
872         int ret = -1;
873
874         url = quote_ref_url(base, ref->name);
875         if (http_get_strbuf(url, &buffer, HTTP_NO_CACHE) == HTTP_OK) {
876                 strbuf_rtrim(&buffer);
877                 if (buffer.len == 40)
878                         ret = get_sha1_hex(buffer.buf, ref->old_sha1);
879                 else if (!prefixcmp(buffer.buf, "ref: ")) {
880                         ref->symref = xstrdup(buffer.buf + 5);
881                         ret = 0;
882                 }
883         }
884
885         strbuf_release(&buffer);
886         free(url);
887         return ret;
888 }
889
890 /* Helpers for fetching packs */
891 static char *fetch_pack_index(unsigned char *sha1, const char *base_url)
892 {
893         char *url, *tmp;
894         struct strbuf buf = STRBUF_INIT;
895
896         if (http_is_verbose)
897                 fprintf(stderr, "Getting index for pack %s\n", sha1_to_hex(sha1));
898
899         end_url_with_slash(&buf, base_url);
900         strbuf_addf(&buf, "objects/pack/pack-%s.idx", sha1_to_hex(sha1));
901         url = strbuf_detach(&buf, NULL);
902
903         strbuf_addf(&buf, "%s.temp", sha1_pack_index_name(sha1));
904         tmp = strbuf_detach(&buf, NULL);
905
906         if (http_get_file(url, tmp, 0) != HTTP_OK) {
907                 error("Unable to get pack index %s\n", url);
908                 free(tmp);
909                 tmp = NULL;
910         }
911
912         free(url);
913         return tmp;
914 }
915
916 static int fetch_and_setup_pack_index(struct packed_git **packs_head,
917         unsigned char *sha1, const char *base_url)
918 {
919         struct packed_git *new_pack;
920         char *tmp_idx = NULL;
921         int ret;
922
923         if (has_pack_index(sha1)) {
924                 new_pack = parse_pack_index(sha1, NULL);
925                 if (!new_pack)
926                         return -1; /* parse_pack_index() already issued error message */
927                 goto add_pack;
928         }
929
930         tmp_idx = fetch_pack_index(sha1, base_url);
931         if (!tmp_idx)
932                 return -1;
933
934         new_pack = parse_pack_index(sha1, tmp_idx);
935         if (!new_pack) {
936                 unlink(tmp_idx);
937                 free(tmp_idx);
938
939                 return -1; /* parse_pack_index() already issued error message */
940         }
941
942         ret = verify_pack_index(new_pack);
943         if (!ret) {
944                 close_pack_index(new_pack);
945                 ret = move_temp_to_file(tmp_idx, sha1_pack_index_name(sha1));
946         }
947         free(tmp_idx);
948         if (ret)
949                 return -1;
950
951 add_pack:
952         new_pack->next = *packs_head;
953         *packs_head = new_pack;
954         return 0;
955 }
956
957 int http_get_info_packs(const char *base_url, struct packed_git **packs_head)
958 {
959         int ret = 0, i = 0;
960         char *url, *data;
961         struct strbuf buf = STRBUF_INIT;
962         unsigned char sha1[20];
963
964         end_url_with_slash(&buf, base_url);
965         strbuf_addstr(&buf, "objects/info/packs");
966         url = strbuf_detach(&buf, NULL);
967
968         ret = http_get_strbuf(url, &buf, HTTP_NO_CACHE);
969         if (ret != HTTP_OK)
970                 goto cleanup;
971
972         data = buf.buf;
973         while (i < buf.len) {
974                 switch (data[i]) {
975                 case 'P':
976                         i++;
977                         if (i + 52 <= buf.len &&
978                             !prefixcmp(data + i, " pack-") &&
979                             !prefixcmp(data + i + 46, ".pack\n")) {
980                                 get_sha1_hex(data + i + 6, sha1);
981                                 fetch_and_setup_pack_index(packs_head, sha1,
982                                                       base_url);
983                                 i += 51;
984                                 break;
985                         }
986                 default:
987                         while (i < buf.len && data[i] != '\n')
988                                 i++;
989                 }
990                 i++;
991         }
992
993 cleanup:
994         free(url);
995         return ret;
996 }
997
998 void release_http_pack_request(struct http_pack_request *preq)
999 {
1000         if (preq->packfile != NULL) {
1001                 fclose(preq->packfile);
1002                 preq->packfile = NULL;
1003         }
1004         if (preq->range_header != NULL) {
1005                 curl_slist_free_all(preq->range_header);
1006                 preq->range_header = NULL;
1007         }
1008         preq->slot = NULL;
1009         free(preq->url);
1010 }
1011
1012 int finish_http_pack_request(struct http_pack_request *preq)
1013 {
1014         struct packed_git **lst;
1015         struct packed_git *p = preq->target;
1016         char *tmp_idx;
1017         struct child_process ip;
1018         const char *ip_argv[8];
1019
1020         close_pack_index(p);
1021
1022         fclose(preq->packfile);
1023         preq->packfile = NULL;
1024
1025         lst = preq->lst;
1026         while (*lst != p)
1027                 lst = &((*lst)->next);
1028         *lst = (*lst)->next;
1029
1030         tmp_idx = xstrdup(preq->tmpfile);
1031         strcpy(tmp_idx + strlen(tmp_idx) - strlen(".pack.temp"),
1032                ".idx.temp");
1033
1034         ip_argv[0] = "index-pack";
1035         ip_argv[1] = "-o";
1036         ip_argv[2] = tmp_idx;
1037         ip_argv[3] = preq->tmpfile;
1038         ip_argv[4] = NULL;
1039
1040         memset(&ip, 0, sizeof(ip));
1041         ip.argv = ip_argv;
1042         ip.git_cmd = 1;
1043         ip.no_stdin = 1;
1044         ip.no_stdout = 1;
1045
1046         if (run_command(&ip)) {
1047                 unlink(preq->tmpfile);
1048                 unlink(tmp_idx);
1049                 free(tmp_idx);
1050                 return -1;
1051         }
1052
1053         unlink(sha1_pack_index_name(p->sha1));
1054
1055         if (move_temp_to_file(preq->tmpfile, sha1_pack_name(p->sha1))
1056          || move_temp_to_file(tmp_idx, sha1_pack_index_name(p->sha1))) {
1057                 free(tmp_idx);
1058                 return -1;
1059         }
1060
1061         install_packed_git(p);
1062         free(tmp_idx);
1063         return 0;
1064 }
1065
1066 struct http_pack_request *new_http_pack_request(
1067         struct packed_git *target, const char *base_url)
1068 {
1069         long prev_posn = 0;
1070         char range[RANGE_HEADER_SIZE];
1071         struct strbuf buf = STRBUF_INIT;
1072         struct http_pack_request *preq;
1073
1074         preq = xcalloc(1, sizeof(*preq));
1075         preq->target = target;
1076
1077         end_url_with_slash(&buf, base_url);
1078         strbuf_addf(&buf, "objects/pack/pack-%s.pack",
1079                 sha1_to_hex(target->sha1));
1080         preq->url = strbuf_detach(&buf, NULL);
1081
1082         snprintf(preq->tmpfile, sizeof(preq->tmpfile), "%s.temp",
1083                 sha1_pack_name(target->sha1));
1084         preq->packfile = fopen(preq->tmpfile, "a");
1085         if (!preq->packfile) {
1086                 error("Unable to open local file %s for pack",
1087                       preq->tmpfile);
1088                 goto abort;
1089         }
1090
1091         preq->slot = get_active_slot();
1092         curl_easy_setopt(preq->slot->curl, CURLOPT_FILE, preq->packfile);
1093         curl_easy_setopt(preq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite);
1094         curl_easy_setopt(preq->slot->curl, CURLOPT_URL, preq->url);
1095         curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
1096                 no_pragma_header);
1097
1098         /*
1099          * If there is data present from a previous transfer attempt,
1100          * resume where it left off
1101          */
1102         prev_posn = ftell(preq->packfile);
1103         if (prev_posn>0) {
1104                 if (http_is_verbose)
1105                         fprintf(stderr,
1106                                 "Resuming fetch of pack %s at byte %ld\n",
1107                                 sha1_to_hex(target->sha1), prev_posn);
1108                 sprintf(range, "Range: bytes=%ld-", prev_posn);
1109                 preq->range_header = curl_slist_append(NULL, range);
1110                 curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
1111                         preq->range_header);
1112         }
1113
1114         return preq;
1115
1116 abort:
1117         free(preq->url);
1118         free(preq);
1119         return NULL;
1120 }
1121
1122 /* Helpers for fetching objects (loose) */
1123 static size_t fwrite_sha1_file(char *ptr, size_t eltsize, size_t nmemb,
1124                                void *data)
1125 {
1126         unsigned char expn[4096];
1127         size_t size = eltsize * nmemb;
1128         int posn = 0;
1129         struct http_object_request *freq =
1130                 (struct http_object_request *)data;
1131         do {
1132                 ssize_t retval = xwrite(freq->localfile,
1133                                         (char *) ptr + posn, size - posn);
1134                 if (retval < 0)
1135                         return posn;
1136                 posn += retval;
1137         } while (posn < size);
1138
1139         freq->stream.avail_in = size;
1140         freq->stream.next_in = (void *)ptr;
1141         do {
1142                 freq->stream.next_out = expn;
1143                 freq->stream.avail_out = sizeof(expn);
1144                 freq->zret = git_inflate(&freq->stream, Z_SYNC_FLUSH);
1145                 git_SHA1_Update(&freq->c, expn,
1146                                 sizeof(expn) - freq->stream.avail_out);
1147         } while (freq->stream.avail_in && freq->zret == Z_OK);
1148         return size;
1149 }
1150
1151 struct http_object_request *new_http_object_request(const char *base_url,
1152         unsigned char *sha1)
1153 {
1154         char *hex = sha1_to_hex(sha1);
1155         char *filename;
1156         char prevfile[PATH_MAX];
1157         int prevlocal;
1158         char prev_buf[PREV_BUF_SIZE];
1159         ssize_t prev_read = 0;
1160         long prev_posn = 0;
1161         char range[RANGE_HEADER_SIZE];
1162         struct curl_slist *range_header = NULL;
1163         struct http_object_request *freq;
1164
1165         freq = xcalloc(1, sizeof(*freq));
1166         hashcpy(freq->sha1, sha1);
1167         freq->localfile = -1;
1168
1169         filename = sha1_file_name(sha1);
1170         snprintf(freq->tmpfile, sizeof(freq->tmpfile),
1171                  "%s.temp", filename);
1172
1173         snprintf(prevfile, sizeof(prevfile), "%s.prev", filename);
1174         unlink_or_warn(prevfile);
1175         rename(freq->tmpfile, prevfile);
1176         unlink_or_warn(freq->tmpfile);
1177
1178         if (freq->localfile != -1)
1179                 error("fd leakage in start: %d", freq->localfile);
1180         freq->localfile = open(freq->tmpfile,
1181                                O_WRONLY | O_CREAT | O_EXCL, 0666);
1182         /*
1183          * This could have failed due to the "lazy directory creation";
1184          * try to mkdir the last path component.
1185          */
1186         if (freq->localfile < 0 && errno == ENOENT) {
1187                 char *dir = strrchr(freq->tmpfile, '/');
1188                 if (dir) {
1189                         *dir = 0;
1190                         mkdir(freq->tmpfile, 0777);
1191                         *dir = '/';
1192                 }
1193                 freq->localfile = open(freq->tmpfile,
1194                                        O_WRONLY | O_CREAT | O_EXCL, 0666);
1195         }
1196
1197         if (freq->localfile < 0) {
1198                 error("Couldn't create temporary file %s: %s",
1199                       freq->tmpfile, strerror(errno));
1200                 goto abort;
1201         }
1202
1203         git_inflate_init(&freq->stream);
1204
1205         git_SHA1_Init(&freq->c);
1206
1207         freq->url = get_remote_object_url(base_url, hex, 0);
1208
1209         /*
1210          * If a previous temp file is present, process what was already
1211          * fetched.
1212          */
1213         prevlocal = open(prevfile, O_RDONLY);
1214         if (prevlocal != -1) {
1215                 do {
1216                         prev_read = xread(prevlocal, prev_buf, PREV_BUF_SIZE);
1217                         if (prev_read>0) {
1218                                 if (fwrite_sha1_file(prev_buf,
1219                                                      1,
1220                                                      prev_read,
1221                                                      freq) == prev_read) {
1222                                         prev_posn += prev_read;
1223                                 } else {
1224                                         prev_read = -1;
1225                                 }
1226                         }
1227                 } while (prev_read > 0);
1228                 close(prevlocal);
1229         }
1230         unlink_or_warn(prevfile);
1231
1232         /*
1233          * Reset inflate/SHA1 if there was an error reading the previous temp
1234          * file; also rewind to the beginning of the local file.
1235          */
1236         if (prev_read == -1) {
1237                 memset(&freq->stream, 0, sizeof(freq->stream));
1238                 git_inflate_init(&freq->stream);
1239                 git_SHA1_Init(&freq->c);
1240                 if (prev_posn>0) {
1241                         prev_posn = 0;
1242                         lseek(freq->localfile, 0, SEEK_SET);
1243                         if (ftruncate(freq->localfile, 0) < 0) {
1244                                 error("Couldn't truncate temporary file %s: %s",
1245                                           freq->tmpfile, strerror(errno));
1246                                 goto abort;
1247                         }
1248                 }
1249         }
1250
1251         freq->slot = get_active_slot();
1252
1253         curl_easy_setopt(freq->slot->curl, CURLOPT_FILE, freq);
1254         curl_easy_setopt(freq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite_sha1_file);
1255         curl_easy_setopt(freq->slot->curl, CURLOPT_ERRORBUFFER, freq->errorstr);
1256         curl_easy_setopt(freq->slot->curl, CURLOPT_URL, freq->url);
1257         curl_easy_setopt(freq->slot->curl, CURLOPT_HTTPHEADER, no_pragma_header);
1258
1259         /*
1260          * If we have successfully processed data from a previous fetch
1261          * attempt, only fetch the data we don't already have.
1262          */
1263         if (prev_posn>0) {
1264                 if (http_is_verbose)
1265                         fprintf(stderr,
1266                                 "Resuming fetch of object %s at byte %ld\n",
1267                                 hex, prev_posn);
1268                 sprintf(range, "Range: bytes=%ld-", prev_posn);
1269                 range_header = curl_slist_append(range_header, range);
1270                 curl_easy_setopt(freq->slot->curl,
1271                                  CURLOPT_HTTPHEADER, range_header);
1272         }
1273
1274         return freq;
1275
1276 abort:
1277         free(freq->url);
1278         free(freq);
1279         return NULL;
1280 }
1281
1282 void process_http_object_request(struct http_object_request *freq)
1283 {
1284         if (freq->slot == NULL)
1285                 return;
1286         freq->curl_result = freq->slot->curl_result;
1287         freq->http_code = freq->slot->http_code;
1288         freq->slot = NULL;
1289 }
1290
1291 int finish_http_object_request(struct http_object_request *freq)
1292 {
1293         struct stat st;
1294
1295         close(freq->localfile);
1296         freq->localfile = -1;
1297
1298         process_http_object_request(freq);
1299
1300         if (freq->http_code == 416) {
1301                 warning("requested range invalid; we may already have all the data.");
1302         } else if (freq->curl_result != CURLE_OK) {
1303                 if (stat(freq->tmpfile, &st) == 0)
1304                         if (st.st_size == 0)
1305                                 unlink_or_warn(freq->tmpfile);
1306                 return -1;
1307         }
1308
1309         git_inflate_end(&freq->stream);
1310         git_SHA1_Final(freq->real_sha1, &freq->c);
1311         if (freq->zret != Z_STREAM_END) {
1312                 unlink_or_warn(freq->tmpfile);
1313                 return -1;
1314         }
1315         if (hashcmp(freq->sha1, freq->real_sha1)) {
1316                 unlink_or_warn(freq->tmpfile);
1317                 return -1;
1318         }
1319         freq->rename =
1320                 move_temp_to_file(freq->tmpfile, sha1_file_name(freq->sha1));
1321
1322         return freq->rename;
1323 }
1324
1325 void abort_http_object_request(struct http_object_request *freq)
1326 {
1327         unlink_or_warn(freq->tmpfile);
1328
1329         release_http_object_request(freq);
1330 }
1331
1332 void release_http_object_request(struct http_object_request *freq)
1333 {
1334         if (freq->localfile != -1) {
1335                 close(freq->localfile);
1336                 freq->localfile = -1;
1337         }
1338         if (freq->url != NULL) {
1339                 free(freq->url);
1340                 freq->url = NULL;
1341         }
1342         if (freq->slot != NULL) {
1343                 freq->slot->callback_func = NULL;
1344                 freq->slot->callback_data = NULL;
1345                 release_active_slot(freq->slot);
1346                 freq->slot = NULL;
1347         }
1348 }