2 #include "repository.h"
9 #include "run-command.h"
15 #include "string-list.h"
16 #include "oid-array.h"
17 #include "connected.h"
21 #include "gpg-interface.h"
24 #include "tmp-objdir.h"
27 #include "object-store.h"
29 #include "commit-reach.h"
33 static const char * const receive_pack_usage[] = {
34 N_("git receive-pack <git-dir>"),
46 static int deny_deletes;
47 static int deny_non_fast_forwards;
48 static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
49 static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
50 static int receive_fsck_objects = -1;
51 static int transfer_fsck_objects = -1;
52 static struct strbuf fsck_msg_types = STRBUF_INIT;
53 static int receive_unpack_limit = -1;
54 static int transfer_unpack_limit = -1;
55 static int advertise_atomic_push = 1;
56 static int advertise_push_options;
57 static int advertise_sid;
58 static int unpack_limit = 100;
59 static off_t max_input_size;
60 static int report_status;
61 static int report_status_v2;
62 static int use_sideband;
63 static int use_atomic;
64 static int use_push_options;
66 static int prefer_ofs_delta = 1;
67 static int auto_update_server_info;
68 static int auto_gc = 1;
69 static int reject_thin;
70 static int stateless_rpc;
71 static const char *service_dir;
72 static const char *head_name;
73 static void *head_name_to_free;
74 static int sent_capabilities;
75 static int shallow_update;
76 static const char *alt_shallow_file;
77 static struct strbuf push_cert = STRBUF_INIT;
78 static struct object_id push_cert_oid;
79 static struct signature_check sigcheck;
80 static const char *push_cert_nonce;
81 static const char *cert_nonce_seed;
83 static const char *NONCE_UNSOLICITED = "UNSOLICITED";
84 static const char *NONCE_BAD = "BAD";
85 static const char *NONCE_MISSING = "MISSING";
86 static const char *NONCE_OK = "OK";
87 static const char *NONCE_SLOP = "SLOP";
88 static const char *nonce_status;
89 static long nonce_stamp_slop;
90 static timestamp_t nonce_stamp_slop_limit;
91 static struct ref_transaction *transaction;
98 static int keepalive_in_sec = 5;
100 static struct tmp_objdir *tmp_objdir;
102 static struct proc_receive_ref {
103 unsigned int want_add:1,
108 struct proc_receive_ref *next;
111 static void proc_receive_ref_append(const char *prefix);
113 static enum deny_action parse_deny_action(const char *var, const char *value)
116 if (!strcasecmp(value, "ignore"))
118 if (!strcasecmp(value, "warn"))
120 if (!strcasecmp(value, "refuse"))
122 if (!strcasecmp(value, "updateinstead"))
123 return DENY_UPDATE_INSTEAD;
125 if (git_config_bool(var, value))
130 static int receive_pack_config(const char *var, const char *value, void *cb)
132 int status = parse_hide_refs_config(var, value, "receive");
137 if (strcmp(var, "receive.denydeletes") == 0) {
138 deny_deletes = git_config_bool(var, value);
142 if (strcmp(var, "receive.denynonfastforwards") == 0) {
143 deny_non_fast_forwards = git_config_bool(var, value);
147 if (strcmp(var, "receive.unpacklimit") == 0) {
148 receive_unpack_limit = git_config_int(var, value);
152 if (strcmp(var, "transfer.unpacklimit") == 0) {
153 transfer_unpack_limit = git_config_int(var, value);
157 if (strcmp(var, "receive.fsck.skiplist") == 0) {
160 if (git_config_pathname(&path, var, value))
162 strbuf_addf(&fsck_msg_types, "%cskiplist=%s",
163 fsck_msg_types.len ? ',' : '=', path);
168 if (skip_prefix(var, "receive.fsck.", &var)) {
169 if (is_valid_msg_type(var, value))
170 strbuf_addf(&fsck_msg_types, "%c%s=%s",
171 fsck_msg_types.len ? ',' : '=', var, value);
173 warning("Skipping unknown msg id '%s'", var);
177 if (strcmp(var, "receive.fsckobjects") == 0) {
178 receive_fsck_objects = git_config_bool(var, value);
182 if (strcmp(var, "transfer.fsckobjects") == 0) {
183 transfer_fsck_objects = git_config_bool(var, value);
187 if (!strcmp(var, "receive.denycurrentbranch")) {
188 deny_current_branch = parse_deny_action(var, value);
192 if (strcmp(var, "receive.denydeletecurrent") == 0) {
193 deny_delete_current = parse_deny_action(var, value);
197 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
198 prefer_ofs_delta = git_config_bool(var, value);
202 if (strcmp(var, "receive.updateserverinfo") == 0) {
203 auto_update_server_info = git_config_bool(var, value);
207 if (strcmp(var, "receive.autogc") == 0) {
208 auto_gc = git_config_bool(var, value);
212 if (strcmp(var, "receive.shallowupdate") == 0) {
213 shallow_update = git_config_bool(var, value);
217 if (strcmp(var, "receive.certnonceseed") == 0)
218 return git_config_string(&cert_nonce_seed, var, value);
220 if (strcmp(var, "receive.certnonceslop") == 0) {
221 nonce_stamp_slop_limit = git_config_ulong(var, value);
225 if (strcmp(var, "receive.advertiseatomic") == 0) {
226 advertise_atomic_push = git_config_bool(var, value);
230 if (strcmp(var, "receive.advertisepushoptions") == 0) {
231 advertise_push_options = git_config_bool(var, value);
235 if (strcmp(var, "receive.keepalive") == 0) {
236 keepalive_in_sec = git_config_int(var, value);
240 if (strcmp(var, "receive.maxinputsize") == 0) {
241 max_input_size = git_config_int64(var, value);
245 if (strcmp(var, "receive.procreceiverefs") == 0) {
247 return config_error_nonbool(var);
248 proc_receive_ref_append(value);
252 if (strcmp(var, "transfer.advertisesid") == 0) {
253 advertise_sid = git_config_bool(var, value);
257 return git_default_config(var, value, cb);
260 static void show_ref(const char *path, const struct object_id *oid)
262 if (sent_capabilities) {
263 packet_write_fmt(1, "%s %s\n", oid_to_hex(oid), path);
265 struct strbuf cap = STRBUF_INIT;
268 "report-status report-status-v2 delete-refs side-band-64k quiet");
269 if (advertise_atomic_push)
270 strbuf_addstr(&cap, " atomic");
271 if (prefer_ofs_delta)
272 strbuf_addstr(&cap, " ofs-delta");
274 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
275 if (advertise_push_options)
276 strbuf_addstr(&cap, " push-options");
278 strbuf_addf(&cap, " session-id=%s", trace2_session_id());
279 strbuf_addf(&cap, " object-format=%s", the_hash_algo->name);
280 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
281 packet_write_fmt(1, "%s %s%c%s\n",
282 oid_to_hex(oid), path, 0, cap.buf);
283 strbuf_release(&cap);
284 sent_capabilities = 1;
288 static int show_ref_cb(const char *path_full, const struct object_id *oid,
289 int flag, void *data)
291 struct oidset *seen = data;
292 const char *path = strip_namespace(path_full);
294 if (ref_is_hidden(path, path_full))
298 * Advertise refs outside our current namespace as ".have"
299 * refs, so that the client can use them to minimize data
300 * transfer but will otherwise ignore them.
303 if (oidset_insert(seen, oid))
307 oidset_insert(seen, oid);
313 static void show_one_alternate_ref(const struct object_id *oid,
316 struct oidset *seen = data;
318 if (oidset_insert(seen, oid))
321 show_ref(".have", oid);
324 static void write_head_info(void)
326 static struct oidset seen = OIDSET_INIT;
328 for_each_ref(show_ref_cb, &seen);
329 for_each_alternate_ref(show_one_alternate_ref, &seen);
331 if (!sent_capabilities)
332 show_ref("capabilities^{}", &null_oid);
334 advertise_shallow_grafts(1);
340 #define RUN_PROC_RECEIVE_SCHEDULED 1
341 #define RUN_PROC_RECEIVE_RETURNED 2
343 struct command *next;
344 const char *error_string;
345 struct ref_push_report *report;
346 unsigned int skip_update:1,
350 struct object_id old_oid;
351 struct object_id new_oid;
352 char ref_name[FLEX_ARRAY]; /* more */
355 static void proc_receive_ref_append(const char *prefix)
357 struct proc_receive_ref *ref_pattern;
361 ref_pattern = xcalloc(1, sizeof(struct proc_receive_ref));
362 p = strchr(prefix, ':');
366 ref_pattern->want_add = 1;
367 else if (*prefix == 'd')
368 ref_pattern->want_delete = 1;
369 else if (*prefix == 'm')
370 ref_pattern->want_modify = 1;
371 else if (*prefix == '!')
372 ref_pattern->negative_ref = 1;
377 ref_pattern->want_add = 1;
378 ref_pattern->want_delete = 1;
379 ref_pattern->want_modify = 1;
381 len = strlen(prefix);
382 while (len && prefix[len - 1] == '/')
384 ref_pattern->ref_prefix = xmemdupz(prefix, len);
385 if (!proc_receive_ref) {
386 proc_receive_ref = ref_pattern;
388 struct proc_receive_ref *end;
390 end = proc_receive_ref;
393 end->next = ref_pattern;
397 static int proc_receive_ref_matches(struct command *cmd)
399 struct proc_receive_ref *p;
401 if (!proc_receive_ref)
404 for (p = proc_receive_ref; p; p = p->next) {
405 const char *match = p->ref_prefix;
408 if (!p->want_add && is_null_oid(&cmd->old_oid))
410 else if (!p->want_delete && is_null_oid(&cmd->new_oid))
412 else if (!p->want_modify &&
413 !is_null_oid(&cmd->old_oid) &&
414 !is_null_oid(&cmd->new_oid))
417 if (skip_prefix(cmd->ref_name, match, &remains) &&
418 (!*remains || *remains == '/')) {
419 if (!p->negative_ref)
421 } else if (p->negative_ref) {
428 static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
429 static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
431 static void report_message(const char *prefix, const char *err, va_list params)
436 sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
437 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
438 if (sz > (sizeof(msg) - 1))
439 sz = sizeof(msg) - 1;
443 send_sideband(1, 2, msg, sz, use_sideband);
448 static void rp_warning(const char *err, ...)
451 va_start(params, err);
452 report_message("warning: ", err, params);
456 static void rp_error(const char *err, ...)
459 va_start(params, err);
460 report_message("error: ", err, params);
464 static int copy_to_sideband(int in, int out, void *arg)
467 int keepalive_active = 0;
469 if (keepalive_in_sec <= 0)
470 use_keepalive = KEEPALIVE_NEVER;
471 if (use_keepalive == KEEPALIVE_ALWAYS)
472 keepalive_active = 1;
477 if (keepalive_active) {
483 ret = poll(&pfd, 1, 1000 * keepalive_in_sec);
490 } else if (ret == 0) {
491 /* no data; send a keepalive packet */
492 static const char buf[] = "0005\1";
493 write_or_die(1, buf, sizeof(buf) - 1);
495 } /* else there is actual data to read */
498 sz = xread(in, data, sizeof(data));
502 if (use_keepalive == KEEPALIVE_AFTER_NUL && !keepalive_active) {
503 const char *p = memchr(data, '\0', sz);
506 * The NUL tells us to start sending keepalives. Make
507 * sure we send any other data we read along
510 keepalive_active = 1;
511 send_sideband(1, 2, data, p - data, use_sideband);
512 send_sideband(1, 2, p + 1, sz - (p - data + 1), use_sideband);
518 * Either we're not looking for a NUL signal, or we didn't see
519 * it yet; just pass along the data.
521 send_sideband(1, 2, data, sz, use_sideband);
527 static void hmac_hash(unsigned char *out,
528 const char *key_in, size_t key_len,
529 const char *text, size_t text_len)
531 unsigned char key[GIT_MAX_BLKSZ];
532 unsigned char k_ipad[GIT_MAX_BLKSZ];
533 unsigned char k_opad[GIT_MAX_BLKSZ];
537 /* RFC 2104 2. (1) */
538 memset(key, '\0', GIT_MAX_BLKSZ);
539 if (the_hash_algo->blksz < key_len) {
540 the_hash_algo->init_fn(&ctx);
541 the_hash_algo->update_fn(&ctx, key_in, key_len);
542 the_hash_algo->final_fn(key, &ctx);
544 memcpy(key, key_in, key_len);
547 /* RFC 2104 2. (2) & (5) */
548 for (i = 0; i < sizeof(key); i++) {
549 k_ipad[i] = key[i] ^ 0x36;
550 k_opad[i] = key[i] ^ 0x5c;
553 /* RFC 2104 2. (3) & (4) */
554 the_hash_algo->init_fn(&ctx);
555 the_hash_algo->update_fn(&ctx, k_ipad, sizeof(k_ipad));
556 the_hash_algo->update_fn(&ctx, text, text_len);
557 the_hash_algo->final_fn(out, &ctx);
559 /* RFC 2104 2. (6) & (7) */
560 the_hash_algo->init_fn(&ctx);
561 the_hash_algo->update_fn(&ctx, k_opad, sizeof(k_opad));
562 the_hash_algo->update_fn(&ctx, out, the_hash_algo->rawsz);
563 the_hash_algo->final_fn(out, &ctx);
566 static char *prepare_push_cert_nonce(const char *path, timestamp_t stamp)
568 struct strbuf buf = STRBUF_INIT;
569 unsigned char hash[GIT_MAX_RAWSZ];
571 strbuf_addf(&buf, "%s:%"PRItime, path, stamp);
572 hmac_hash(hash, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));
573 strbuf_release(&buf);
575 /* RFC 2104 5. HMAC-SHA1 or HMAC-SHA256 */
576 strbuf_addf(&buf, "%"PRItime"-%.*s", stamp, (int)the_hash_algo->hexsz, hash_to_hex(hash));
577 return strbuf_detach(&buf, NULL);
581 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
582 * after dropping "_commit" from its name and possibly moving it out
585 static char *find_header(const char *msg, size_t len, const char *key,
586 const char **next_line)
588 int key_len = strlen(key);
589 const char *line = msg;
591 while (line && line < msg + len) {
592 const char *eol = strchrnul(line, '\n');
594 if ((msg + len <= eol) || line == eol)
596 if (line + key_len < eol &&
597 !memcmp(line, key, key_len) && line[key_len] == ' ') {
598 int offset = key_len + 1;
600 *next_line = *eol ? eol + 1 : eol;
601 return xmemdupz(line + offset, (eol - line) - offset);
603 line = *eol ? eol + 1 : NULL;
609 * Return zero if a and b are equal up to n bytes and nonzero if they are not.
610 * This operation is guaranteed to run in constant time to avoid leaking data.
612 static int constant_memequal(const char *a, const char *b, size_t n)
617 for (i = 0; i < n; i++)
622 static const char *check_nonce(const char *buf, size_t len)
624 char *nonce = find_header(buf, len, "nonce", NULL);
625 timestamp_t stamp, ostamp;
626 char *bohmac, *expect = NULL;
627 const char *retval = NONCE_BAD;
631 retval = NONCE_MISSING;
633 } else if (!push_cert_nonce) {
634 retval = NONCE_UNSOLICITED;
636 } else if (!strcmp(push_cert_nonce, nonce)) {
641 if (!stateless_rpc) {
642 /* returned nonce MUST match what we gave out earlier */
648 * In stateless mode, we may be receiving a nonce issued by
649 * another instance of the server that serving the same
650 * repository, and the timestamps may not match, but the
651 * nonce-seed and dir should match, so we can recompute and
652 * report the time slop.
654 * In addition, when a nonce issued by another instance has
655 * timestamp within receive.certnonceslop seconds, we pretend
656 * as if we issued that nonce when reporting to the hook.
659 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
660 if (*nonce <= '0' || '9' < *nonce) {
664 stamp = parse_timestamp(nonce, &bohmac, 10);
665 if (bohmac == nonce || bohmac[0] != '-') {
670 noncelen = strlen(nonce);
671 expect = prepare_push_cert_nonce(service_dir, stamp);
672 if (noncelen != strlen(expect)) {
673 /* This is not even the right size. */
677 if (constant_memequal(expect, nonce, noncelen)) {
678 /* Not what we would have signed earlier */
684 * By how many seconds is this nonce stale? Negative value
685 * would mean it was issued by another server with its clock
686 * skewed in the future.
688 ostamp = parse_timestamp(push_cert_nonce, NULL, 10);
689 nonce_stamp_slop = (long)ostamp - (long)stamp;
691 if (nonce_stamp_slop_limit &&
692 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
694 * Pretend as if the received nonce (which passes the
695 * HMAC check, so it is not a forged by third-party)
698 free((void *)push_cert_nonce);
699 push_cert_nonce = xstrdup(nonce);
712 * Return 1 if there is no push_cert or if the push options in push_cert are
713 * the same as those in the argument; 0 otherwise.
715 static int check_cert_push_options(const struct string_list *push_options)
717 const char *buf = push_cert.buf;
718 int len = push_cert.len;
721 const char *next_line;
722 int options_seen = 0;
729 while ((option = find_header(buf, len, "push-option", &next_line))) {
730 len -= (next_line - buf);
733 if (options_seen > push_options->nr
735 push_options->items[options_seen - 1].string)) {
742 if (options_seen != push_options->nr)
750 static void prepare_push_cert_sha1(struct child_process *proc)
752 static int already_done;
758 int bogs /* beginning_of_gpg_sig */;
761 if (write_object_file(push_cert.buf, push_cert.len, "blob",
763 oidclr(&push_cert_oid);
765 memset(&sigcheck, '\0', sizeof(sigcheck));
767 bogs = parse_signed_buffer(push_cert.buf, push_cert.len);
768 check_signature(push_cert.buf, bogs, push_cert.buf + bogs,
769 push_cert.len - bogs, &sigcheck);
771 nonce_status = check_nonce(push_cert.buf, bogs);
773 if (!is_null_oid(&push_cert_oid)) {
774 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT=%s",
775 oid_to_hex(&push_cert_oid));
776 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT_SIGNER=%s",
777 sigcheck.signer ? sigcheck.signer : "");
778 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT_KEY=%s",
779 sigcheck.key ? sigcheck.key : "");
780 strvec_pushf(&proc->env_array, "GIT_PUSH_CERT_STATUS=%c",
782 if (push_cert_nonce) {
783 strvec_pushf(&proc->env_array,
784 "GIT_PUSH_CERT_NONCE=%s",
786 strvec_pushf(&proc->env_array,
787 "GIT_PUSH_CERT_NONCE_STATUS=%s",
789 if (nonce_status == NONCE_SLOP)
790 strvec_pushf(&proc->env_array,
791 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
797 struct receive_hook_feed_state {
799 struct ref_push_report *report;
802 const struct string_list *push_options;
805 typedef int (*feed_fn)(void *, const char **, size_t *);
806 static int run_and_feed_hook(const char *hook_name, feed_fn feed,
807 struct receive_hook_feed_state *feed_state)
809 struct child_process proc = CHILD_PROCESS_INIT;
814 argv[0] = find_hook(hook_name);
822 proc.stdout_to_stderr = 1;
823 proc.trace2_hook_name = hook_name;
825 if (feed_state->push_options) {
827 for (i = 0; i < feed_state->push_options->nr; i++)
828 strvec_pushf(&proc.env_array,
829 "GIT_PUSH_OPTION_%d=%s", i,
830 feed_state->push_options->items[i].string);
831 strvec_pushf(&proc.env_array, "GIT_PUSH_OPTION_COUNT=%d",
832 feed_state->push_options->nr);
834 strvec_pushf(&proc.env_array, "GIT_PUSH_OPTION_COUNT");
837 strvec_pushv(&proc.env_array, tmp_objdir_env(tmp_objdir));
840 memset(&muxer, 0, sizeof(muxer));
841 muxer.proc = copy_to_sideband;
843 code = start_async(&muxer);
849 prepare_push_cert_sha1(&proc);
851 code = start_command(&proc);
854 finish_async(&muxer);
858 sigchain_push(SIGPIPE, SIG_IGN);
863 if (feed(feed_state, &buf, &n))
865 if (write_in_full(proc.in, buf, n) < 0)
870 finish_async(&muxer);
872 sigchain_pop(SIGPIPE);
874 return finish_command(&proc);
877 static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
879 struct receive_hook_feed_state *state = state_;
880 struct command *cmd = state->cmd;
883 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
888 return 0; /* OK, can feed something. */
889 strbuf_reset(&state->buf);
891 state->report = cmd->report;
893 struct object_id *old_oid;
894 struct object_id *new_oid;
895 const char *ref_name;
897 old_oid = state->report->old_oid ? state->report->old_oid : &cmd->old_oid;
898 new_oid = state->report->new_oid ? state->report->new_oid : &cmd->new_oid;
899 ref_name = state->report->ref_name ? state->report->ref_name : cmd->ref_name;
900 strbuf_addf(&state->buf, "%s %s %s\n",
901 oid_to_hex(old_oid), oid_to_hex(new_oid),
903 state->report = state->report->next;
905 state->cmd = cmd->next;
907 strbuf_addf(&state->buf, "%s %s %s\n",
908 oid_to_hex(&cmd->old_oid), oid_to_hex(&cmd->new_oid),
910 state->cmd = cmd->next;
913 *bufp = state->buf.buf;
914 *sizep = state->buf.len;
919 static int run_receive_hook(struct command *commands,
920 const char *hook_name,
922 const struct string_list *push_options)
924 struct receive_hook_feed_state state;
927 strbuf_init(&state.buf, 0);
928 state.cmd = commands;
929 state.skip_broken = skip_broken;
931 if (feed_receive_hook(&state, NULL, NULL))
933 state.cmd = commands;
934 state.push_options = push_options;
935 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
936 strbuf_release(&state.buf);
940 static int run_update_hook(struct command *cmd)
943 struct child_process proc = CHILD_PROCESS_INIT;
946 argv[0] = find_hook("update");
950 argv[1] = cmd->ref_name;
951 argv[2] = oid_to_hex(&cmd->old_oid);
952 argv[3] = oid_to_hex(&cmd->new_oid);
956 proc.stdout_to_stderr = 1;
957 proc.err = use_sideband ? -1 : 0;
959 proc.trace2_hook_name = "update";
961 code = start_command(&proc);
965 copy_to_sideband(proc.err, -1, NULL);
966 return finish_command(&proc);
969 static struct command *find_command_by_refname(struct command *list,
972 for (; list; list = list->next)
973 if (!strcmp(list->ref_name, refname))
978 static int read_proc_receive_report(struct packet_reader *reader,
979 struct command *commands,
980 struct strbuf *errmsg)
983 struct command *hint = NULL;
984 struct ref_push_report *report = NULL;
991 struct object_id old_oid, new_oid;
995 enum packet_read_status status;
997 status = packet_reader_read(reader);
998 if (status != PACKET_READ_NORMAL) {
999 /* Check whether proc-receive exited abnormally */
1000 if (status == PACKET_READ_EOF && !response) {
1001 strbuf_addstr(errmsg, "proc-receive exited abnormally");
1008 head = reader->line;
1009 p = strchr(head, ' ');
1011 strbuf_addf(errmsg, "proc-receive reported incomplete status line: '%s'\n", head);
1016 if (!strcmp(head, "option")) {
1017 const char *key, *val;
1019 if (!hint || !(report || new_report)) {
1021 strbuf_addstr(errmsg, "proc-receive reported 'option' without a matching 'ok/ng' directive\n");
1026 if (!hint->report) {
1027 hint->report = xcalloc(1, sizeof(struct ref_push_report));
1028 report = hint->report;
1030 report = hint->report;
1031 while (report->next)
1032 report = report->next;
1033 report->next = xcalloc(1, sizeof(struct ref_push_report));
1034 report = report->next;
1039 p = strchr(key, ' ');
1043 if (!strcmp(key, "refname"))
1044 report->ref_name = xstrdup_or_null(val);
1045 else if (!strcmp(key, "old-oid") && val &&
1046 !parse_oid_hex(val, &old_oid, &val))
1047 report->old_oid = oiddup(&old_oid);
1048 else if (!strcmp(key, "new-oid") && val &&
1049 !parse_oid_hex(val, &new_oid, &val))
1050 report->new_oid = oiddup(&new_oid);
1051 else if (!strcmp(key, "forced-update"))
1052 report->forced_update = 1;
1053 else if (!strcmp(key, "fall-through"))
1054 /* Fall through, let 'receive-pack' to execute it. */
1055 hint->run_proc_receive = 0;
1062 p = strchr(refname, ' ');
1065 if (strcmp(head, "ok") && strcmp(head, "ng")) {
1066 strbuf_addf(errmsg, "proc-receive reported bad status '%s' on ref '%s'\n",
1072 /* first try searching at our hint, falling back to all refs */
1074 hint = find_command_by_refname(hint, refname);
1076 hint = find_command_by_refname(commands, refname);
1078 strbuf_addf(errmsg, "proc-receive reported status on unknown ref: %s\n",
1083 if (!hint->run_proc_receive) {
1084 strbuf_addf(errmsg, "proc-receive reported status on unexpected ref: %s\n",
1089 hint->run_proc_receive |= RUN_PROC_RECEIVE_RETURNED;
1090 if (!strcmp(head, "ng")) {
1092 hint->error_string = xstrdup(p);
1094 hint->error_string = "failed";
1101 for (cmd = commands; cmd; cmd = cmd->next)
1102 if (cmd->run_proc_receive && !cmd->error_string &&
1103 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED)) {
1104 cmd->error_string = "proc-receive failed to report status";
1110 static int run_proc_receive_hook(struct command *commands,
1111 const struct string_list *push_options)
1113 struct child_process proc = CHILD_PROCESS_INIT;
1115 struct command *cmd;
1116 const char *argv[2];
1117 struct packet_reader reader;
1118 struct strbuf cap = STRBUF_INIT;
1119 struct strbuf errmsg = STRBUF_INIT;
1120 int hook_use_push_options = 0;
1124 argv[0] = find_hook("proc-receive");
1126 rp_error("cannot find hook 'proc-receive'");
1134 proc.trace2_hook_name = "proc-receive";
1137 memset(&muxer, 0, sizeof(muxer));
1138 muxer.proc = copy_to_sideband;
1140 code = start_async(&muxer);
1143 proc.err = muxer.in;
1148 code = start_command(&proc);
1151 finish_async(&muxer);
1155 sigchain_push(SIGPIPE, SIG_IGN);
1157 /* Version negotiaton */
1158 packet_reader_init(&reader, proc.out, NULL, 0,
1159 PACKET_READ_CHOMP_NEWLINE |
1160 PACKET_READ_GENTLE_ON_EOF);
1162 strbuf_addstr(&cap, " atomic");
1163 if (use_push_options)
1164 strbuf_addstr(&cap, " push-options");
1166 code = packet_write_fmt_gently(proc.in, "version=1%c%s\n", '\0', cap.buf + 1);
1167 strbuf_release(&cap);
1169 code = packet_write_fmt_gently(proc.in, "version=1\n");
1172 code = packet_flush_gently(proc.in);
1177 enum packet_read_status status;
1179 status = packet_reader_read(&reader);
1180 if (status != PACKET_READ_NORMAL) {
1181 /* Check whether proc-receive exited abnormally */
1182 if (status == PACKET_READ_EOF)
1187 if (reader.pktlen > 8 && starts_with(reader.line, "version=")) {
1188 version = atoi(reader.line + 8);
1189 linelen = strlen(reader.line);
1190 if (linelen < reader.pktlen) {
1191 const char *feature_list = reader.line + linelen + 1;
1192 if (parse_feature_request(feature_list, "push-options"))
1193 hook_use_push_options = 1;
1199 strbuf_addstr(&errmsg, "fail to negotiate version with proc-receive hook");
1209 strbuf_addf(&errmsg, "proc-receive version '%d' is not supported",
1216 for (cmd = commands; cmd; cmd = cmd->next) {
1217 if (!cmd->run_proc_receive || cmd->skip_update || cmd->error_string)
1219 code = packet_write_fmt_gently(proc.in, "%s %s %s",
1220 oid_to_hex(&cmd->old_oid),
1221 oid_to_hex(&cmd->new_oid),
1227 code = packet_flush_gently(proc.in);
1229 strbuf_addstr(&errmsg, "fail to write commands to proc-receive hook");
1233 /* Send push options */
1234 if (hook_use_push_options) {
1235 struct string_list_item *item;
1237 for_each_string_list_item(item, push_options) {
1238 code = packet_write_fmt_gently(proc.in, "%s", item->string);
1243 code = packet_flush_gently(proc.in);
1245 strbuf_addstr(&errmsg,
1246 "fail to write push-options to proc-receive hook");
1251 /* Read result from proc-receive */
1252 code = read_proc_receive_report(&reader, commands, &errmsg);
1258 finish_async(&muxer);
1259 if (finish_command(&proc))
1261 if (errmsg.len >0) {
1262 char *p = errmsg.buf;
1264 p += errmsg.len - 1;
1267 rp_error("%s", errmsg.buf);
1268 strbuf_release(&errmsg);
1270 sigchain_pop(SIGPIPE);
1275 static char *refuse_unconfigured_deny_msg =
1276 N_("By default, updating the current branch in a non-bare repository\n"
1277 "is denied, because it will make the index and work tree inconsistent\n"
1278 "with what you pushed, and will require 'git reset --hard' to match\n"
1279 "the work tree to HEAD.\n"
1281 "You can set the 'receive.denyCurrentBranch' configuration variable\n"
1282 "to 'ignore' or 'warn' in the remote repository to allow pushing into\n"
1283 "its current branch; however, this is not recommended unless you\n"
1284 "arranged to update its work tree to match what you pushed in some\n"
1287 "To squelch this message and still keep the default behaviour, set\n"
1288 "'receive.denyCurrentBranch' configuration variable to 'refuse'.");
1290 static void refuse_unconfigured_deny(void)
1292 rp_error("%s", _(refuse_unconfigured_deny_msg));
1295 static char *refuse_unconfigured_deny_delete_current_msg =
1296 N_("By default, deleting the current branch is denied, because the next\n"
1297 "'git clone' won't result in any file checked out, causing confusion.\n"
1299 "You can set 'receive.denyDeleteCurrent' configuration variable to\n"
1300 "'warn' or 'ignore' in the remote repository to allow deleting the\n"
1301 "current branch, with or without a warning message.\n"
1303 "To squelch this message, you can set it to 'refuse'.");
1305 static void refuse_unconfigured_deny_delete_current(void)
1307 rp_error("%s", _(refuse_unconfigured_deny_delete_current_msg));
1310 static int command_singleton_iterator(void *cb_data, struct object_id *oid);
1311 static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
1313 struct shallow_lock shallow_lock = SHALLOW_LOCK_INIT;
1314 struct oid_array extra = OID_ARRAY_INIT;
1315 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1316 uint32_t mask = 1 << (cmd->index % 32);
1319 trace_printf_key(&trace_shallow,
1320 "shallow: update_shallow_ref %s\n", cmd->ref_name);
1321 for (i = 0; i < si->shallow->nr; i++)
1322 if (si->used_shallow[i] &&
1323 (si->used_shallow[i][cmd->index / 32] & mask) &&
1324 !delayed_reachability_test(si, i))
1325 oid_array_append(&extra, &si->shallow->oid[i]);
1327 opt.env = tmp_objdir_env(tmp_objdir);
1328 setup_alternate_shallow(&shallow_lock, &opt.shallow_file, &extra);
1329 if (check_connected(command_singleton_iterator, cmd, &opt)) {
1330 rollback_shallow_file(the_repository, &shallow_lock);
1331 oid_array_clear(&extra);
1335 commit_shallow_file(the_repository, &shallow_lock);
1338 * Make sure setup_alternate_shallow() for the next ref does
1339 * not lose these new roots..
1341 for (i = 0; i < extra.nr; i++)
1342 register_shallow(the_repository, &extra.oid[i]);
1344 si->shallow_ref[cmd->index] = 0;
1345 oid_array_clear(&extra);
1350 * NEEDSWORK: we should consolidate various implementions of "are we
1351 * on an unborn branch?" test into one, and make the unified one more
1352 * robust. !get_sha1() based check used here and elsewhere would not
1353 * allow us to tell an unborn branch from corrupt ref, for example.
1354 * For the purpose of fixing "deploy-to-update does not work when
1355 * pushing into an empty repository" issue, this should suffice for
1358 static int head_has_history(void)
1360 struct object_id oid;
1362 return !get_oid("HEAD", &oid);
1365 static const char *push_to_deploy(unsigned char *sha1,
1367 const char *work_tree)
1369 const char *update_refresh[] = {
1370 "update-index", "-q", "--ignore-submodules", "--refresh", NULL
1372 const char *diff_files[] = {
1373 "diff-files", "--quiet", "--ignore-submodules", "--", NULL
1375 const char *diff_index[] = {
1376 "diff-index", "--quiet", "--cached", "--ignore-submodules",
1379 const char *read_tree[] = {
1380 "read-tree", "-u", "-m", NULL, NULL
1382 struct child_process child = CHILD_PROCESS_INIT;
1384 child.argv = update_refresh;
1386 child.dir = work_tree;
1388 child.stdout_to_stderr = 1;
1390 if (run_command(&child))
1391 return "Up-to-date check failed";
1393 /* run_command() does not clean up completely; reinitialize */
1394 child_process_init(&child);
1395 child.argv = diff_files;
1397 child.dir = work_tree;
1399 child.stdout_to_stderr = 1;
1401 if (run_command(&child))
1402 return "Working directory has unstaged changes";
1404 /* diff-index with either HEAD or an empty tree */
1405 diff_index[4] = head_has_history() ? "HEAD" : empty_tree_oid_hex();
1407 child_process_init(&child);
1408 child.argv = diff_index;
1411 child.no_stdout = 1;
1412 child.stdout_to_stderr = 0;
1414 if (run_command(&child))
1415 return "Working directory has staged changes";
1417 read_tree[3] = hash_to_hex(sha1);
1418 child_process_init(&child);
1419 child.argv = read_tree;
1421 child.dir = work_tree;
1423 child.no_stdout = 1;
1424 child.stdout_to_stderr = 0;
1426 if (run_command(&child))
1427 return "Could not update working tree to new HEAD";
1432 static const char *push_to_checkout_hook = "push-to-checkout";
1434 static const char *push_to_checkout(unsigned char *hash,
1436 const char *work_tree)
1438 strvec_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
1439 if (run_hook_le(env->v, push_to_checkout_hook,
1440 hash_to_hex(hash), NULL))
1441 return "push-to-checkout hook declined";
1446 static const char *update_worktree(unsigned char *sha1, const struct worktree *worktree)
1448 const char *retval, *work_tree, *git_dir = NULL;
1449 struct strvec env = STRVEC_INIT;
1451 if (worktree && worktree->path)
1452 work_tree = worktree->path;
1453 else if (git_work_tree_cfg)
1454 work_tree = git_work_tree_cfg;
1458 if (is_bare_repository())
1459 return "denyCurrentBranch = updateInstead needs a worktree";
1461 git_dir = get_worktree_git_dir(worktree);
1463 git_dir = get_git_dir();
1465 strvec_pushf(&env, "GIT_DIR=%s", absolute_path(git_dir));
1467 if (!find_hook(push_to_checkout_hook))
1468 retval = push_to_deploy(sha1, &env, work_tree);
1470 retval = push_to_checkout(sha1, &env, work_tree);
1476 static const char *update(struct command *cmd, struct shallow_info *si)
1478 const char *name = cmd->ref_name;
1479 struct strbuf namespaced_name_buf = STRBUF_INIT;
1480 static char *namespaced_name;
1482 struct object_id *old_oid = &cmd->old_oid;
1483 struct object_id *new_oid = &cmd->new_oid;
1484 int do_update_worktree = 0;
1485 const struct worktree *worktree = is_bare_repository() ? NULL : find_shared_symref("HEAD", name);
1487 /* only refs/... are allowed */
1488 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
1489 rp_error("refusing to create funny ref '%s' remotely", name);
1490 return "funny refname";
1493 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
1494 free(namespaced_name);
1495 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
1498 switch (deny_current_branch) {
1502 rp_warning("updating the current branch");
1505 case DENY_UNCONFIGURED:
1506 rp_error("refusing to update checked out branch: %s", name);
1507 if (deny_current_branch == DENY_UNCONFIGURED)
1508 refuse_unconfigured_deny();
1509 return "branch is currently checked out";
1510 case DENY_UPDATE_INSTEAD:
1511 /* pass -- let other checks intervene first */
1512 do_update_worktree = 1;
1517 if (!is_null_oid(new_oid) && !has_object_file(new_oid)) {
1518 error("unpack should have generated %s, "
1519 "but I can't find it!", oid_to_hex(new_oid));
1523 if (!is_null_oid(old_oid) && is_null_oid(new_oid)) {
1524 if (deny_deletes && starts_with(name, "refs/heads/")) {
1525 rp_error("denying ref deletion for %s", name);
1526 return "deletion prohibited";
1529 if (worktree || (head_name && !strcmp(namespaced_name, head_name))) {
1530 switch (deny_delete_current) {
1534 rp_warning("deleting the current branch");
1537 case DENY_UNCONFIGURED:
1538 case DENY_UPDATE_INSTEAD:
1539 if (deny_delete_current == DENY_UNCONFIGURED)
1540 refuse_unconfigured_deny_delete_current();
1541 rp_error("refusing to delete the current branch: %s", name);
1542 return "deletion of the current branch prohibited";
1544 return "Invalid denyDeleteCurrent setting";
1549 if (deny_non_fast_forwards && !is_null_oid(new_oid) &&
1550 !is_null_oid(old_oid) &&
1551 starts_with(name, "refs/heads/")) {
1552 struct object *old_object, *new_object;
1553 struct commit *old_commit, *new_commit;
1555 old_object = parse_object(the_repository, old_oid);
1556 new_object = parse_object(the_repository, new_oid);
1558 if (!old_object || !new_object ||
1559 old_object->type != OBJ_COMMIT ||
1560 new_object->type != OBJ_COMMIT) {
1561 error("bad sha1 objects for %s", name);
1564 old_commit = (struct commit *)old_object;
1565 new_commit = (struct commit *)new_object;
1566 if (!in_merge_bases(old_commit, new_commit)) {
1567 rp_error("denying non-fast-forward %s"
1568 " (you should pull first)", name);
1569 return "non-fast-forward";
1572 if (run_update_hook(cmd)) {
1573 rp_error("hook declined to update %s", name);
1574 return "hook declined";
1577 if (do_update_worktree) {
1578 ret = update_worktree(new_oid->hash, find_shared_symref("HEAD", name));
1583 if (is_null_oid(new_oid)) {
1584 struct strbuf err = STRBUF_INIT;
1585 if (!parse_object(the_repository, old_oid)) {
1587 if (ref_exists(name)) {
1588 rp_warning("Allowing deletion of corrupt ref.");
1590 rp_warning("Deleting a non-existent ref.");
1591 cmd->did_not_exist = 1;
1594 if (ref_transaction_delete(transaction,
1598 rp_error("%s", err.buf);
1599 strbuf_release(&err);
1600 return "failed to delete";
1602 strbuf_release(&err);
1603 return NULL; /* good */
1606 struct strbuf err = STRBUF_INIT;
1607 if (shallow_update && si->shallow_ref[cmd->index] &&
1608 update_shallow_ref(cmd, si))
1609 return "shallow error";
1611 if (ref_transaction_update(transaction,
1616 rp_error("%s", err.buf);
1617 strbuf_release(&err);
1619 return "failed to update ref";
1621 strbuf_release(&err);
1623 return NULL; /* good */
1627 static void run_update_post_hook(struct command *commands)
1629 struct command *cmd;
1630 struct child_process proc = CHILD_PROCESS_INIT;
1633 hook = find_hook("post-update");
1637 for (cmd = commands; cmd; cmd = cmd->next) {
1638 if (cmd->error_string || cmd->did_not_exist)
1641 strvec_push(&proc.args, hook);
1642 strvec_push(&proc.args, cmd->ref_name);
1648 proc.stdout_to_stderr = 1;
1649 proc.err = use_sideband ? -1 : 0;
1650 proc.trace2_hook_name = "post-update";
1652 if (!start_command(&proc)) {
1654 copy_to_sideband(proc.err, -1, NULL);
1655 finish_command(&proc);
1659 static void check_aliased_update_internal(struct command *cmd,
1660 struct string_list *list,
1661 const char *dst_name, int flag)
1663 struct string_list_item *item;
1664 struct command *dst_cmd;
1666 if (!(flag & REF_ISSYMREF))
1670 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1671 cmd->skip_update = 1;
1672 cmd->error_string = "broken symref";
1675 dst_name = strip_namespace(dst_name);
1677 if ((item = string_list_lookup(list, dst_name)) == NULL)
1680 cmd->skip_update = 1;
1682 dst_cmd = (struct command *) item->util;
1684 if (oideq(&cmd->old_oid, &dst_cmd->old_oid) &&
1685 oideq(&cmd->new_oid, &dst_cmd->new_oid))
1688 dst_cmd->skip_update = 1;
1690 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1691 " its target '%s' (%s..%s)",
1693 find_unique_abbrev(&cmd->old_oid, DEFAULT_ABBREV),
1694 find_unique_abbrev(&cmd->new_oid, DEFAULT_ABBREV),
1696 find_unique_abbrev(&dst_cmd->old_oid, DEFAULT_ABBREV),
1697 find_unique_abbrev(&dst_cmd->new_oid, DEFAULT_ABBREV));
1699 cmd->error_string = dst_cmd->error_string =
1700 "inconsistent aliased update";
1703 static void check_aliased_update(struct command *cmd, struct string_list *list)
1705 struct strbuf buf = STRBUF_INIT;
1706 const char *dst_name;
1709 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1710 dst_name = resolve_ref_unsafe(buf.buf, 0, NULL, &flag);
1711 check_aliased_update_internal(cmd, list, dst_name, flag);
1712 strbuf_release(&buf);
1715 static void check_aliased_updates(struct command *commands)
1717 struct command *cmd;
1718 struct string_list ref_list = STRING_LIST_INIT_NODUP;
1720 for (cmd = commands; cmd; cmd = cmd->next) {
1721 struct string_list_item *item =
1722 string_list_append(&ref_list, cmd->ref_name);
1723 item->util = (void *)cmd;
1725 string_list_sort(&ref_list);
1727 for (cmd = commands; cmd; cmd = cmd->next) {
1728 if (!cmd->error_string)
1729 check_aliased_update(cmd, &ref_list);
1732 string_list_clear(&ref_list, 0);
1735 static int command_singleton_iterator(void *cb_data, struct object_id *oid)
1737 struct command **cmd_list = cb_data;
1738 struct command *cmd = *cmd_list;
1740 if (!cmd || is_null_oid(&cmd->new_oid))
1741 return -1; /* end of list */
1742 *cmd_list = NULL; /* this returns only one */
1743 oidcpy(oid, &cmd->new_oid);
1747 static void set_connectivity_errors(struct command *commands,
1748 struct shallow_info *si)
1750 struct command *cmd;
1752 for (cmd = commands; cmd; cmd = cmd->next) {
1753 struct command *singleton = cmd;
1754 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1756 if (shallow_update && si->shallow_ref[cmd->index])
1757 /* to be checked in update_shallow_ref() */
1760 opt.env = tmp_objdir_env(tmp_objdir);
1761 if (!check_connected(command_singleton_iterator, &singleton,
1765 cmd->error_string = "missing necessary objects";
1769 struct iterate_data {
1770 struct command *cmds;
1771 struct shallow_info *si;
1774 static int iterate_receive_command_list(void *cb_data, struct object_id *oid)
1776 struct iterate_data *data = cb_data;
1777 struct command **cmd_list = &data->cmds;
1778 struct command *cmd = *cmd_list;
1780 for (; cmd; cmd = cmd->next) {
1781 if (shallow_update && data->si->shallow_ref[cmd->index])
1782 /* to be checked in update_shallow_ref() */
1784 if (!is_null_oid(&cmd->new_oid) && !cmd->skip_update) {
1785 oidcpy(oid, &cmd->new_oid);
1786 *cmd_list = cmd->next;
1791 return -1; /* end of list */
1794 static void reject_updates_to_hidden(struct command *commands)
1796 struct strbuf refname_full = STRBUF_INIT;
1798 struct command *cmd;
1800 strbuf_addstr(&refname_full, get_git_namespace());
1801 prefix_len = refname_full.len;
1803 for (cmd = commands; cmd; cmd = cmd->next) {
1804 if (cmd->error_string)
1807 strbuf_setlen(&refname_full, prefix_len);
1808 strbuf_addstr(&refname_full, cmd->ref_name);
1810 if (!ref_is_hidden(cmd->ref_name, refname_full.buf))
1812 if (is_null_oid(&cmd->new_oid))
1813 cmd->error_string = "deny deleting a hidden ref";
1815 cmd->error_string = "deny updating a hidden ref";
1818 strbuf_release(&refname_full);
1821 static int should_process_cmd(struct command *cmd)
1823 return !cmd->error_string && !cmd->skip_update;
1826 static void warn_if_skipped_connectivity_check(struct command *commands,
1827 struct shallow_info *si)
1829 struct command *cmd;
1830 int checked_connectivity = 1;
1832 for (cmd = commands; cmd; cmd = cmd->next) {
1833 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index]) {
1834 error("BUG: connectivity check has not been run on ref %s",
1836 checked_connectivity = 0;
1839 if (!checked_connectivity)
1840 BUG("connectivity check skipped???");
1843 static void execute_commands_non_atomic(struct command *commands,
1844 struct shallow_info *si)
1846 struct command *cmd;
1847 struct strbuf err = STRBUF_INIT;
1849 for (cmd = commands; cmd; cmd = cmd->next) {
1850 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
1853 transaction = ref_transaction_begin(&err);
1855 rp_error("%s", err.buf);
1857 cmd->error_string = "transaction failed to start";
1861 cmd->error_string = update(cmd, si);
1863 if (!cmd->error_string
1864 && ref_transaction_commit(transaction, &err)) {
1865 rp_error("%s", err.buf);
1867 cmd->error_string = "failed to update ref";
1869 ref_transaction_free(transaction);
1871 strbuf_release(&err);
1874 static void execute_commands_atomic(struct command *commands,
1875 struct shallow_info *si)
1877 struct command *cmd;
1878 struct strbuf err = STRBUF_INIT;
1879 const char *reported_error = "atomic push failure";
1881 transaction = ref_transaction_begin(&err);
1883 rp_error("%s", err.buf);
1885 reported_error = "transaction failed to start";
1889 for (cmd = commands; cmd; cmd = cmd->next) {
1890 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
1893 cmd->error_string = update(cmd, si);
1895 if (cmd->error_string)
1899 if (ref_transaction_commit(transaction, &err)) {
1900 rp_error("%s", err.buf);
1901 reported_error = "atomic transaction failed";
1907 for (cmd = commands; cmd; cmd = cmd->next)
1908 if (!cmd->error_string)
1909 cmd->error_string = reported_error;
1912 ref_transaction_free(transaction);
1913 strbuf_release(&err);
1916 static void execute_commands(struct command *commands,
1917 const char *unpacker_error,
1918 struct shallow_info *si,
1919 const struct string_list *push_options)
1921 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1922 struct command *cmd;
1923 struct iterate_data data;
1926 int run_proc_receive = 0;
1928 if (unpacker_error) {
1929 for (cmd = commands; cmd; cmd = cmd->next)
1930 cmd->error_string = "unpacker error";
1935 memset(&muxer, 0, sizeof(muxer));
1936 muxer.proc = copy_to_sideband;
1938 if (!start_async(&muxer))
1940 /* ...else, continue without relaying sideband */
1943 data.cmds = commands;
1945 opt.err_fd = err_fd;
1946 opt.progress = err_fd && !quiet;
1947 opt.env = tmp_objdir_env(tmp_objdir);
1948 if (check_connected(iterate_receive_command_list, &data, &opt))
1949 set_connectivity_errors(commands, si);
1952 finish_async(&muxer);
1954 reject_updates_to_hidden(commands);
1957 * Try to find commands that have special prefix in their reference names,
1958 * and mark them to run an external "proc-receive" hook later.
1960 if (proc_receive_ref) {
1961 for (cmd = commands; cmd; cmd = cmd->next) {
1962 if (!should_process_cmd(cmd))
1965 if (proc_receive_ref_matches(cmd)) {
1966 cmd->run_proc_receive = RUN_PROC_RECEIVE_SCHEDULED;
1967 run_proc_receive = 1;
1972 if (run_receive_hook(commands, "pre-receive", 0, push_options)) {
1973 for (cmd = commands; cmd; cmd = cmd->next) {
1974 if (!cmd->error_string)
1975 cmd->error_string = "pre-receive hook declined";
1981 * Now we'll start writing out refs, which means the objects need
1982 * to be in their final positions so that other processes can see them.
1984 if (tmp_objdir_migrate(tmp_objdir) < 0) {
1985 for (cmd = commands; cmd; cmd = cmd->next) {
1986 if (!cmd->error_string)
1987 cmd->error_string = "unable to migrate objects to permanent storage";
1993 check_aliased_updates(commands);
1995 free(head_name_to_free);
1996 head_name = head_name_to_free = resolve_refdup("HEAD", 0, NULL, NULL);
1998 if (run_proc_receive &&
1999 run_proc_receive_hook(commands, push_options))
2000 for (cmd = commands; cmd; cmd = cmd->next)
2001 if (!cmd->error_string &&
2002 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED) &&
2003 (cmd->run_proc_receive || use_atomic))
2004 cmd->error_string = "fail to run proc-receive hook";
2007 execute_commands_atomic(commands, si);
2009 execute_commands_non_atomic(commands, si);
2012 warn_if_skipped_connectivity_check(commands, si);
2015 static struct command **queue_command(struct command **tail,
2019 struct object_id old_oid, new_oid;
2020 struct command *cmd;
2021 const char *refname;
2025 if (parse_oid_hex(line, &old_oid, &p) ||
2027 parse_oid_hex(p, &new_oid, &p) ||
2029 die("protocol error: expected old/new/ref, got '%s'", line);
2032 reflen = linelen - (p - line);
2033 FLEX_ALLOC_MEM(cmd, ref_name, refname, reflen);
2034 oidcpy(&cmd->old_oid, &old_oid);
2035 oidcpy(&cmd->new_oid, &new_oid);
2040 static void queue_commands_from_cert(struct command **tail,
2041 struct strbuf *push_cert)
2043 const char *boc, *eoc;
2046 die("protocol error: got both push certificate and unsigned commands");
2048 boc = strstr(push_cert->buf, "\n\n");
2050 die("malformed push certificate %.*s", 100, push_cert->buf);
2053 eoc = push_cert->buf + parse_signed_buffer(push_cert->buf, push_cert->len);
2056 const char *eol = memchr(boc, '\n', eoc - boc);
2057 tail = queue_command(tail, boc, eol ? eol - boc : eoc - boc);
2058 boc = eol ? eol + 1 : eoc;
2062 static struct command *read_head_info(struct packet_reader *reader,
2063 struct oid_array *shallow)
2065 struct command *commands = NULL;
2066 struct command **p = &commands;
2070 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
2073 if (reader->pktlen > 8 && starts_with(reader->line, "shallow ")) {
2074 struct object_id oid;
2075 if (get_oid_hex(reader->line + 8, &oid))
2076 die("protocol error: expected shallow sha, got '%s'",
2078 oid_array_append(shallow, &oid);
2082 linelen = strlen(reader->line);
2083 if (linelen < reader->pktlen) {
2084 const char *feature_list = reader->line + linelen + 1;
2085 const char *hash = NULL;
2086 const char *client_sid;
2088 if (parse_feature_request(feature_list, "report-status"))
2090 if (parse_feature_request(feature_list, "report-status-v2"))
2091 report_status_v2 = 1;
2092 if (parse_feature_request(feature_list, "side-band-64k"))
2093 use_sideband = LARGE_PACKET_MAX;
2094 if (parse_feature_request(feature_list, "quiet"))
2096 if (advertise_atomic_push
2097 && parse_feature_request(feature_list, "atomic"))
2099 if (advertise_push_options
2100 && parse_feature_request(feature_list, "push-options"))
2101 use_push_options = 1;
2102 hash = parse_feature_value(feature_list, "object-format", &len, NULL);
2104 hash = hash_algos[GIT_HASH_SHA1].name;
2107 if (xstrncmpz(the_hash_algo->name, hash, len))
2108 die("error: unsupported object format '%s'", hash);
2109 client_sid = parse_feature_value(feature_list, "session-id", &len, NULL);
2111 char *sid = xstrndup(client_sid, len);
2112 trace2_data_string("transfer", NULL, "client-sid", client_sid);
2117 if (!strcmp(reader->line, "push-cert")) {
2119 int saved_options = reader->options;
2120 reader->options &= ~PACKET_READ_CHOMP_NEWLINE;
2123 packet_reader_read(reader);
2124 if (reader->status == PACKET_READ_FLUSH) {
2128 if (reader->status != PACKET_READ_NORMAL) {
2129 die("protocol error: got an unexpected packet");
2131 if (!strcmp(reader->line, "push-cert-end\n"))
2132 break; /* end of cert */
2133 strbuf_addstr(&push_cert, reader->line);
2135 reader->options = saved_options;
2142 p = queue_command(p, reader->line, linelen);
2146 queue_commands_from_cert(p, &push_cert);
2151 static void read_push_options(struct packet_reader *reader,
2152 struct string_list *options)
2155 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
2158 string_list_append(options, reader->line);
2162 static const char *parse_pack_header(struct pack_header *hdr)
2164 switch (read_pack_header(0, hdr)) {
2166 return "eof before pack header was fully read";
2168 case PH_ERROR_PACK_SIGNATURE:
2169 return "protocol error (pack signature mismatch detected)";
2171 case PH_ERROR_PROTOCOL:
2172 return "protocol error (pack version unsupported)";
2175 return "unknown error in parse_pack_header";
2182 static const char *pack_lockfile;
2184 static void push_header_arg(struct strvec *args, struct pack_header *hdr)
2186 strvec_pushf(args, "--pack_header=%"PRIu32",%"PRIu32,
2187 ntohl(hdr->hdr_version), ntohl(hdr->hdr_entries));
2190 static const char *unpack(int err_fd, struct shallow_info *si)
2192 struct pack_header hdr;
2193 const char *hdr_err;
2195 struct child_process child = CHILD_PROCESS_INIT;
2196 int fsck_objects = (receive_fsck_objects >= 0
2197 ? receive_fsck_objects
2198 : transfer_fsck_objects >= 0
2199 ? transfer_fsck_objects
2202 hdr_err = parse_pack_header(&hdr);
2209 if (si->nr_ours || si->nr_theirs) {
2210 alt_shallow_file = setup_temporary_shallow(si->shallow);
2211 strvec_push(&child.args, "--shallow-file");
2212 strvec_push(&child.args, alt_shallow_file);
2215 tmp_objdir = tmp_objdir_create();
2219 return "unable to create temporary object directory";
2221 child.env = tmp_objdir_env(tmp_objdir);
2224 * Normally we just pass the tmp_objdir environment to the child
2225 * processes that do the heavy lifting, but we may need to see these
2226 * objects ourselves to set up shallow information.
2228 tmp_objdir_add_as_alternate(tmp_objdir);
2230 if (ntohl(hdr.hdr_entries) < unpack_limit) {
2231 strvec_push(&child.args, "unpack-objects");
2232 push_header_arg(&child.args, &hdr);
2234 strvec_push(&child.args, "-q");
2236 strvec_pushf(&child.args, "--strict%s",
2237 fsck_msg_types.buf);
2239 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
2240 (uintmax_t)max_input_size);
2241 child.no_stdout = 1;
2244 status = run_command(&child);
2246 return "unpack-objects abnormal exit";
2248 char hostname[HOST_NAME_MAX + 1];
2250 strvec_pushl(&child.args, "index-pack", "--stdin", NULL);
2251 push_header_arg(&child.args, &hdr);
2253 if (xgethostname(hostname, sizeof(hostname)))
2254 xsnprintf(hostname, sizeof(hostname), "localhost");
2255 strvec_pushf(&child.args,
2256 "--keep=receive-pack %"PRIuMAX" on %s",
2257 (uintmax_t)getpid(),
2260 if (!quiet && err_fd)
2261 strvec_push(&child.args, "--show-resolving-progress");
2263 strvec_push(&child.args, "--report-end-of-input");
2265 strvec_pushf(&child.args, "--strict%s",
2266 fsck_msg_types.buf);
2268 strvec_push(&child.args, "--fix-thin");
2270 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
2271 (uintmax_t)max_input_size);
2275 status = start_command(&child);
2277 return "index-pack fork failed";
2278 pack_lockfile = index_pack_lockfile(child.out, NULL);
2280 status = finish_command(&child);
2282 return "index-pack abnormal exit";
2283 reprepare_packed_git(the_repository);
2288 static const char *unpack_with_sideband(struct shallow_info *si)
2294 return unpack(0, si);
2296 use_keepalive = KEEPALIVE_AFTER_NUL;
2297 memset(&muxer, 0, sizeof(muxer));
2298 muxer.proc = copy_to_sideband;
2300 if (start_async(&muxer))
2303 ret = unpack(muxer.in, si);
2305 finish_async(&muxer);
2309 static void prepare_shallow_update(struct shallow_info *si)
2311 int i, j, k, bitmap_size = DIV_ROUND_UP(si->ref->nr, 32);
2313 ALLOC_ARRAY(si->used_shallow, si->shallow->nr);
2314 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
2316 si->need_reachability_test =
2317 xcalloc(si->shallow->nr, sizeof(*si->need_reachability_test));
2319 xcalloc(si->shallow->nr, sizeof(*si->reachable));
2320 si->shallow_ref = xcalloc(si->ref->nr, sizeof(*si->shallow_ref));
2322 for (i = 0; i < si->nr_ours; i++)
2323 si->need_reachability_test[si->ours[i]] = 1;
2325 for (i = 0; i < si->shallow->nr; i++) {
2326 if (!si->used_shallow[i])
2328 for (j = 0; j < bitmap_size; j++) {
2329 if (!si->used_shallow[i][j])
2331 si->need_reachability_test[i]++;
2332 for (k = 0; k < 32; k++)
2333 if (si->used_shallow[i][j] & (1U << k))
2334 si->shallow_ref[j * 32 + k]++;
2338 * true for those associated with some refs and belong
2339 * in "ours" list aka "step 7 not done yet"
2341 si->need_reachability_test[i] =
2342 si->need_reachability_test[i] > 1;
2346 * keep hooks happy by forcing a temporary shallow file via
2347 * env variable because we can't add --shallow-file to every
2348 * command. check_connected() will be done with
2349 * true .git/shallow though.
2351 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
2354 static void update_shallow_info(struct command *commands,
2355 struct shallow_info *si,
2356 struct oid_array *ref)
2358 struct command *cmd;
2360 remove_nonexistent_theirs_shallow(si);
2361 if (!si->nr_ours && !si->nr_theirs) {
2366 for (cmd = commands; cmd; cmd = cmd->next) {
2367 if (is_null_oid(&cmd->new_oid))
2369 oid_array_append(ref, &cmd->new_oid);
2370 cmd->index = ref->nr - 1;
2374 if (shallow_update) {
2375 prepare_shallow_update(si);
2379 ALLOC_ARRAY(ref_status, ref->nr);
2380 assign_shallow_commits_to_refs(si, NULL, ref_status);
2381 for (cmd = commands; cmd; cmd = cmd->next) {
2382 if (is_null_oid(&cmd->new_oid))
2384 if (ref_status[cmd->index]) {
2385 cmd->error_string = "shallow update not allowed";
2386 cmd->skip_update = 1;
2392 static void report(struct command *commands, const char *unpack_status)
2394 struct command *cmd;
2395 struct strbuf buf = STRBUF_INIT;
2397 packet_buf_write(&buf, "unpack %s\n",
2398 unpack_status ? unpack_status : "ok");
2399 for (cmd = commands; cmd; cmd = cmd->next) {
2400 if (!cmd->error_string)
2401 packet_buf_write(&buf, "ok %s\n",
2404 packet_buf_write(&buf, "ng %s %s\n",
2405 cmd->ref_name, cmd->error_string);
2407 packet_buf_flush(&buf);
2410 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2412 write_or_die(1, buf.buf, buf.len);
2413 strbuf_release(&buf);
2416 static void report_v2(struct command *commands, const char *unpack_status)
2418 struct command *cmd;
2419 struct strbuf buf = STRBUF_INIT;
2420 struct ref_push_report *report;
2422 packet_buf_write(&buf, "unpack %s\n",
2423 unpack_status ? unpack_status : "ok");
2424 for (cmd = commands; cmd; cmd = cmd->next) {
2427 if (cmd->error_string) {
2428 packet_buf_write(&buf, "ng %s %s\n",
2433 packet_buf_write(&buf, "ok %s\n",
2435 for (report = cmd->report; report; report = report->next) {
2437 packet_buf_write(&buf, "ok %s\n",
2439 if (report->ref_name)
2440 packet_buf_write(&buf, "option refname %s\n",
2442 if (report->old_oid)
2443 packet_buf_write(&buf, "option old-oid %s\n",
2444 oid_to_hex(report->old_oid));
2445 if (report->new_oid)
2446 packet_buf_write(&buf, "option new-oid %s\n",
2447 oid_to_hex(report->new_oid));
2448 if (report->forced_update)
2449 packet_buf_write(&buf, "option forced-update\n");
2452 packet_buf_flush(&buf);
2455 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2457 write_or_die(1, buf.buf, buf.len);
2458 strbuf_release(&buf);
2461 static int delete_only(struct command *commands)
2463 struct command *cmd;
2464 for (cmd = commands; cmd; cmd = cmd->next) {
2465 if (!is_null_oid(&cmd->new_oid))
2471 int cmd_receive_pack(int argc, const char **argv, const char *prefix)
2473 int advertise_refs = 0;
2474 struct command *commands;
2475 struct oid_array shallow = OID_ARRAY_INIT;
2476 struct oid_array ref = OID_ARRAY_INIT;
2477 struct shallow_info si;
2478 struct packet_reader reader;
2480 struct option options[] = {
2481 OPT__QUIET(&quiet, N_("quiet")),
2482 OPT_HIDDEN_BOOL(0, "stateless-rpc", &stateless_rpc, NULL),
2483 OPT_HIDDEN_BOOL(0, "advertise-refs", &advertise_refs, NULL),
2484 OPT_HIDDEN_BOOL(0, "reject-thin-pack-for-testing", &reject_thin, NULL),
2488 packet_trace_identity("receive-pack");
2490 argc = parse_options(argc, argv, prefix, options, receive_pack_usage, 0);
2493 usage_msg_opt(_("Too many arguments."), receive_pack_usage, options);
2495 usage_msg_opt(_("You must specify a directory."), receive_pack_usage, options);
2497 service_dir = argv[0];
2501 if (!enter_repo(service_dir, 0))
2502 die("'%s' does not appear to be a git repository", service_dir);
2504 git_config(receive_pack_config, NULL);
2505 if (cert_nonce_seed)
2506 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
2508 if (0 <= transfer_unpack_limit)
2509 unpack_limit = transfer_unpack_limit;
2510 else if (0 <= receive_unpack_limit)
2511 unpack_limit = receive_unpack_limit;
2513 switch (determine_protocol_version_server()) {
2516 * push support for protocol v2 has not been implemented yet,
2517 * so ignore the request to use v2 and fallback to using v0.
2522 * v1 is just the original protocol with a version string,
2523 * so just fall through after writing the version string.
2525 if (advertise_refs || !stateless_rpc)
2526 packet_write_fmt(1, "version 1\n");
2531 case protocol_unknown_version:
2532 BUG("unknown protocol version");
2535 if (advertise_refs || !stateless_rpc) {
2541 packet_reader_init(&reader, 0, NULL, 0,
2542 PACKET_READ_CHOMP_NEWLINE |
2543 PACKET_READ_DIE_ON_ERR_PACKET);
2545 if ((commands = read_head_info(&reader, &shallow)) != NULL) {
2546 const char *unpack_status = NULL;
2547 struct string_list push_options = STRING_LIST_INIT_DUP;
2549 if (use_push_options)
2550 read_push_options(&reader, &push_options);
2551 if (!check_cert_push_options(&push_options)) {
2552 struct command *cmd;
2553 for (cmd = commands; cmd; cmd = cmd->next)
2554 cmd->error_string = "inconsistent push options";
2557 prepare_shallow_info(&si, &shallow);
2558 if (!si.nr_ours && !si.nr_theirs)
2560 if (!delete_only(commands)) {
2561 unpack_status = unpack_with_sideband(&si);
2562 update_shallow_info(commands, &si, &ref);
2564 use_keepalive = KEEPALIVE_ALWAYS;
2565 execute_commands(commands, unpack_status, &si,
2568 unlink_or_warn(pack_lockfile);
2569 if (report_status_v2)
2570 report_v2(commands, unpack_status);
2571 else if (report_status)
2572 report(commands, unpack_status);
2573 run_receive_hook(commands, "post-receive", 1,
2575 run_update_post_hook(commands);
2576 string_list_clear(&push_options, 0);
2578 const char *argv_gc_auto[] = {
2579 "gc", "--auto", "--quiet", NULL,
2581 struct child_process proc = CHILD_PROCESS_INIT;
2584 proc.stdout_to_stderr = 1;
2585 proc.err = use_sideband ? -1 : 0;
2587 proc.argv = argv_gc_auto;
2589 close_object_store(the_repository->objects);
2590 if (!start_command(&proc)) {
2592 copy_to_sideband(proc.err, -1, NULL);
2593 finish_command(&proc);
2596 if (auto_update_server_info)
2597 update_server_info(0);
2598 clear_shallow_info(&si);
2602 oid_array_clear(&shallow);
2603 oid_array_clear(&ref);
2604 free((void *)push_cert_nonce);