Merge branch 'mg/maint-tag-rfc1991'
[git] / http.c
1 #include "http.h"
2 #include "pack.h"
3 #include "sideband.h"
4 #include "run-command.h"
5
6 int data_received;
7 int active_requests;
8 int http_is_verbose;
9 size_t http_post_buffer = 16 * LARGE_PACKET_MAX;
10
11 #if LIBCURL_VERSION_NUM >= 0x070a06
12 #define LIBCURL_CAN_HANDLE_AUTH_ANY
13 #endif
14
15 static int min_curl_sessions = 1;
16 static int curl_session_count;
17 #ifdef USE_CURL_MULTI
18 static int max_requests = -1;
19 static CURLM *curlm;
20 #endif
21 #ifndef NO_CURL_EASY_DUPHANDLE
22 static CURL *curl_default;
23 #endif
24
25 #define PREV_BUF_SIZE 4096
26 #define RANGE_HEADER_SIZE 30
27
28 char curl_errorstr[CURL_ERROR_SIZE];
29
30 static int curl_ssl_verify = -1;
31 static const char *ssl_cert;
32 #if LIBCURL_VERSION_NUM >= 0x070903
33 static const char *ssl_key;
34 #endif
35 #if LIBCURL_VERSION_NUM >= 0x070908
36 static const char *ssl_capath;
37 #endif
38 static const char *ssl_cainfo;
39 static long curl_low_speed_limit = -1;
40 static long curl_low_speed_time = -1;
41 static int curl_ftp_no_epsv;
42 static const char *curl_http_proxy;
43 static char *user_name, *user_pass;
44 static const char *user_agent;
45
46 #if LIBCURL_VERSION_NUM >= 0x071700
47 /* Use CURLOPT_KEYPASSWD as is */
48 #elif LIBCURL_VERSION_NUM >= 0x070903
49 #define CURLOPT_KEYPASSWD CURLOPT_SSLKEYPASSWD
50 #else
51 #define CURLOPT_KEYPASSWD CURLOPT_SSLCERTPASSWD
52 #endif
53
54 static char *ssl_cert_password;
55 static int ssl_cert_password_required;
56
57 static struct curl_slist *pragma_header;
58 static struct curl_slist *no_pragma_header;
59
60 static struct active_request_slot *active_queue_head;
61
62 size_t fread_buffer(void *ptr, size_t eltsize, size_t nmemb, void *buffer_)
63 {
64         size_t size = eltsize * nmemb;
65         struct buffer *buffer = buffer_;
66
67         if (size > buffer->buf.len - buffer->posn)
68                 size = buffer->buf.len - buffer->posn;
69         memcpy(ptr, buffer->buf.buf + buffer->posn, size);
70         buffer->posn += size;
71
72         return size;
73 }
74
75 #ifndef NO_CURL_IOCTL
76 curlioerr ioctl_buffer(CURL *handle, int cmd, void *clientp)
77 {
78         struct buffer *buffer = clientp;
79
80         switch (cmd) {
81         case CURLIOCMD_NOP:
82                 return CURLIOE_OK;
83
84         case CURLIOCMD_RESTARTREAD:
85                 buffer->posn = 0;
86                 return CURLIOE_OK;
87
88         default:
89                 return CURLIOE_UNKNOWNCMD;
90         }
91 }
92 #endif
93
94 size_t fwrite_buffer(const void *ptr, size_t eltsize, size_t nmemb, void *buffer_)
95 {
96         size_t size = eltsize * nmemb;
97         struct strbuf *buffer = buffer_;
98
99         strbuf_add(buffer, ptr, size);
100         data_received++;
101         return size;
102 }
103
104 size_t fwrite_null(const void *ptr, size_t eltsize, size_t nmemb, void *strbuf)
105 {
106         data_received++;
107         return eltsize * nmemb;
108 }
109
110 #ifdef USE_CURL_MULTI
111 static void process_curl_messages(void)
112 {
113         int num_messages;
114         struct active_request_slot *slot;
115         CURLMsg *curl_message = curl_multi_info_read(curlm, &num_messages);
116
117         while (curl_message != NULL) {
118                 if (curl_message->msg == CURLMSG_DONE) {
119                         int curl_result = curl_message->data.result;
120                         slot = active_queue_head;
121                         while (slot != NULL &&
122                                slot->curl != curl_message->easy_handle)
123                                 slot = slot->next;
124                         if (slot != NULL) {
125                                 curl_multi_remove_handle(curlm, slot->curl);
126                                 slot->curl_result = curl_result;
127                                 finish_active_slot(slot);
128                         } else {
129                                 fprintf(stderr, "Received DONE message for unknown request!\n");
130                         }
131                 } else {
132                         fprintf(stderr, "Unknown CURL message received: %d\n",
133                                 (int)curl_message->msg);
134                 }
135                 curl_message = curl_multi_info_read(curlm, &num_messages);
136         }
137 }
138 #endif
139
140 static int http_options(const char *var, const char *value, void *cb)
141 {
142         if (!strcmp("http.sslverify", var)) {
143                 curl_ssl_verify = git_config_bool(var, value);
144                 return 0;
145         }
146         if (!strcmp("http.sslcert", var))
147                 return git_config_string(&ssl_cert, var, value);
148 #if LIBCURL_VERSION_NUM >= 0x070903
149         if (!strcmp("http.sslkey", var))
150                 return git_config_string(&ssl_key, var, value);
151 #endif
152 #if LIBCURL_VERSION_NUM >= 0x070908
153         if (!strcmp("http.sslcapath", var))
154                 return git_config_string(&ssl_capath, var, value);
155 #endif
156         if (!strcmp("http.sslcainfo", var))
157                 return git_config_string(&ssl_cainfo, var, value);
158         if (!strcmp("http.sslcertpasswordprotected", var)) {
159                 if (git_config_bool(var, value))
160                         ssl_cert_password_required = 1;
161                 return 0;
162         }
163         if (!strcmp("http.minsessions", var)) {
164                 min_curl_sessions = git_config_int(var, value);
165 #ifndef USE_CURL_MULTI
166                 if (min_curl_sessions > 1)
167                         min_curl_sessions = 1;
168 #endif
169                 return 0;
170         }
171 #ifdef USE_CURL_MULTI
172         if (!strcmp("http.maxrequests", var)) {
173                 max_requests = git_config_int(var, value);
174                 return 0;
175         }
176 #endif
177         if (!strcmp("http.lowspeedlimit", var)) {
178                 curl_low_speed_limit = (long)git_config_int(var, value);
179                 return 0;
180         }
181         if (!strcmp("http.lowspeedtime", var)) {
182                 curl_low_speed_time = (long)git_config_int(var, value);
183                 return 0;
184         }
185
186         if (!strcmp("http.noepsv", var)) {
187                 curl_ftp_no_epsv = git_config_bool(var, value);
188                 return 0;
189         }
190         if (!strcmp("http.proxy", var))
191                 return git_config_string(&curl_http_proxy, var, value);
192
193         if (!strcmp("http.postbuffer", var)) {
194                 http_post_buffer = git_config_int(var, value);
195                 if (http_post_buffer < LARGE_PACKET_MAX)
196                         http_post_buffer = LARGE_PACKET_MAX;
197                 return 0;
198         }
199
200         if (!strcmp("http.useragent", var))
201                 return git_config_string(&user_agent, var, value);
202
203         /* Fall back on the default ones */
204         return git_default_config(var, value, cb);
205 }
206
207 static void init_curl_http_auth(CURL *result)
208 {
209         if (user_name) {
210                 struct strbuf up = STRBUF_INIT;
211                 if (!user_pass)
212                         user_pass = xstrdup(git_getpass("Password: "));
213                 strbuf_addf(&up, "%s:%s", user_name, user_pass);
214                 curl_easy_setopt(result, CURLOPT_USERPWD,
215                                  strbuf_detach(&up, NULL));
216         }
217 }
218
219 static int has_cert_password(void)
220 {
221         if (ssl_cert_password != NULL)
222                 return 1;
223         if (ssl_cert == NULL || ssl_cert_password_required != 1)
224                 return 0;
225         /* Only prompt the user once. */
226         ssl_cert_password_required = -1;
227         ssl_cert_password = git_getpass("Certificate Password: ");
228         if (ssl_cert_password != NULL) {
229                 ssl_cert_password = xstrdup(ssl_cert_password);
230                 return 1;
231         } else
232                 return 0;
233 }
234
235 static CURL *get_curl_handle(void)
236 {
237         CURL *result = curl_easy_init();
238
239         if (!curl_ssl_verify) {
240                 curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 0);
241                 curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 0);
242         } else {
243                 /* Verify authenticity of the peer's certificate */
244                 curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 1);
245                 /* The name in the cert must match whom we tried to connect */
246                 curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 2);
247         }
248
249 #if LIBCURL_VERSION_NUM >= 0x070907
250         curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
251 #endif
252 #ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
253         curl_easy_setopt(result, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
254 #endif
255
256         init_curl_http_auth(result);
257
258         if (ssl_cert != NULL)
259                 curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert);
260         if (has_cert_password())
261                 curl_easy_setopt(result, CURLOPT_KEYPASSWD, ssl_cert_password);
262 #if LIBCURL_VERSION_NUM >= 0x070903
263         if (ssl_key != NULL)
264                 curl_easy_setopt(result, CURLOPT_SSLKEY, ssl_key);
265 #endif
266 #if LIBCURL_VERSION_NUM >= 0x070908
267         if (ssl_capath != NULL)
268                 curl_easy_setopt(result, CURLOPT_CAPATH, ssl_capath);
269 #endif
270         if (ssl_cainfo != NULL)
271                 curl_easy_setopt(result, CURLOPT_CAINFO, ssl_cainfo);
272         curl_easy_setopt(result, CURLOPT_FAILONERROR, 1);
273
274         if (curl_low_speed_limit > 0 && curl_low_speed_time > 0) {
275                 curl_easy_setopt(result, CURLOPT_LOW_SPEED_LIMIT,
276                                  curl_low_speed_limit);
277                 curl_easy_setopt(result, CURLOPT_LOW_SPEED_TIME,
278                                  curl_low_speed_time);
279         }
280
281         curl_easy_setopt(result, CURLOPT_FOLLOWLOCATION, 1);
282 #if LIBCURL_VERSION_NUM >= 0x071301
283         curl_easy_setopt(result, CURLOPT_POSTREDIR, CURL_REDIR_POST_ALL);
284 #elif LIBCURL_VERSION_NUM >= 0x071101
285         curl_easy_setopt(result, CURLOPT_POST301, 1);
286 #endif
287
288         if (getenv("GIT_CURL_VERBOSE"))
289                 curl_easy_setopt(result, CURLOPT_VERBOSE, 1);
290
291         curl_easy_setopt(result, CURLOPT_USERAGENT,
292                 user_agent ? user_agent : GIT_HTTP_USER_AGENT);
293
294         if (curl_ftp_no_epsv)
295                 curl_easy_setopt(result, CURLOPT_FTP_USE_EPSV, 0);
296
297         if (curl_http_proxy)
298                 curl_easy_setopt(result, CURLOPT_PROXY, curl_http_proxy);
299
300         return result;
301 }
302
303 static void http_auth_init(const char *url)
304 {
305         char *at, *colon, *cp, *slash;
306         int len;
307
308         cp = strstr(url, "://");
309         if (!cp)
310                 return;
311
312         /*
313          * Ok, the URL looks like "proto://something".  Which one?
314          * "proto://<user>:<pass>@<host>/...",
315          * "proto://<user>@<host>/...", or just
316          * "proto://<host>/..."?
317          */
318         cp += 3;
319         at = strchr(cp, '@');
320         colon = strchr(cp, ':');
321         slash = strchrnul(cp, '/');
322         if (!at || slash <= at)
323                 return; /* No credentials */
324         if (!colon || at <= colon) {
325                 /* Only username */
326                 len = at - cp;
327                 user_name = xmalloc(len + 1);
328                 memcpy(user_name, cp, len);
329                 user_name[len] = '\0';
330                 user_pass = NULL;
331         } else {
332                 len = colon - cp;
333                 user_name = xmalloc(len + 1);
334                 memcpy(user_name, cp, len);
335                 user_name[len] = '\0';
336                 len = at - (colon + 1);
337                 user_pass = xmalloc(len + 1);
338                 memcpy(user_pass, colon + 1, len);
339                 user_pass[len] = '\0';
340         }
341 }
342
343 static void set_from_env(const char **var, const char *envname)
344 {
345         const char *val = getenv(envname);
346         if (val)
347                 *var = val;
348 }
349
350 void http_init(struct remote *remote)
351 {
352         char *low_speed_limit;
353         char *low_speed_time;
354
355         http_is_verbose = 0;
356
357         git_config(http_options, NULL);
358
359         curl_global_init(CURL_GLOBAL_ALL);
360
361         if (remote && remote->http_proxy)
362                 curl_http_proxy = xstrdup(remote->http_proxy);
363
364         pragma_header = curl_slist_append(pragma_header, "Pragma: no-cache");
365         no_pragma_header = curl_slist_append(no_pragma_header, "Pragma:");
366
367 #ifdef USE_CURL_MULTI
368         {
369                 char *http_max_requests = getenv("GIT_HTTP_MAX_REQUESTS");
370                 if (http_max_requests != NULL)
371                         max_requests = atoi(http_max_requests);
372         }
373
374         curlm = curl_multi_init();
375         if (curlm == NULL) {
376                 fprintf(stderr, "Error creating curl multi handle.\n");
377                 exit(1);
378         }
379 #endif
380
381         if (getenv("GIT_SSL_NO_VERIFY"))
382                 curl_ssl_verify = 0;
383
384         set_from_env(&ssl_cert, "GIT_SSL_CERT");
385 #if LIBCURL_VERSION_NUM >= 0x070903
386         set_from_env(&ssl_key, "GIT_SSL_KEY");
387 #endif
388 #if LIBCURL_VERSION_NUM >= 0x070908
389         set_from_env(&ssl_capath, "GIT_SSL_CAPATH");
390 #endif
391         set_from_env(&ssl_cainfo, "GIT_SSL_CAINFO");
392
393         set_from_env(&user_agent, "GIT_HTTP_USER_AGENT");
394
395         low_speed_limit = getenv("GIT_HTTP_LOW_SPEED_LIMIT");
396         if (low_speed_limit != NULL)
397                 curl_low_speed_limit = strtol(low_speed_limit, NULL, 10);
398         low_speed_time = getenv("GIT_HTTP_LOW_SPEED_TIME");
399         if (low_speed_time != NULL)
400                 curl_low_speed_time = strtol(low_speed_time, NULL, 10);
401
402         if (curl_ssl_verify == -1)
403                 curl_ssl_verify = 1;
404
405         curl_session_count = 0;
406 #ifdef USE_CURL_MULTI
407         if (max_requests < 1)
408                 max_requests = DEFAULT_MAX_REQUESTS;
409 #endif
410
411         if (getenv("GIT_CURL_FTP_NO_EPSV"))
412                 curl_ftp_no_epsv = 1;
413
414         if (remote && remote->url && remote->url[0]) {
415                 http_auth_init(remote->url[0]);
416                 if (!ssl_cert_password_required &&
417                     getenv("GIT_SSL_CERT_PASSWORD_PROTECTED") &&
418                     !prefixcmp(remote->url[0], "https://"))
419                         ssl_cert_password_required = 1;
420         }
421
422 #ifndef NO_CURL_EASY_DUPHANDLE
423         curl_default = get_curl_handle();
424 #endif
425 }
426
427 void http_cleanup(void)
428 {
429         struct active_request_slot *slot = active_queue_head;
430
431         while (slot != NULL) {
432                 struct active_request_slot *next = slot->next;
433                 if (slot->curl != NULL) {
434 #ifdef USE_CURL_MULTI
435                         curl_multi_remove_handle(curlm, slot->curl);
436 #endif
437                         curl_easy_cleanup(slot->curl);
438                 }
439                 free(slot);
440                 slot = next;
441         }
442         active_queue_head = NULL;
443
444 #ifndef NO_CURL_EASY_DUPHANDLE
445         curl_easy_cleanup(curl_default);
446 #endif
447
448 #ifdef USE_CURL_MULTI
449         curl_multi_cleanup(curlm);
450 #endif
451         curl_global_cleanup();
452
453         curl_slist_free_all(pragma_header);
454         pragma_header = NULL;
455
456         curl_slist_free_all(no_pragma_header);
457         no_pragma_header = NULL;
458
459         if (curl_http_proxy) {
460                 free((void *)curl_http_proxy);
461                 curl_http_proxy = NULL;
462         }
463
464         if (ssl_cert_password != NULL) {
465                 memset(ssl_cert_password, 0, strlen(ssl_cert_password));
466                 free(ssl_cert_password);
467                 ssl_cert_password = NULL;
468         }
469         ssl_cert_password_required = 0;
470 }
471
472 struct active_request_slot *get_active_slot(void)
473 {
474         struct active_request_slot *slot = active_queue_head;
475         struct active_request_slot *newslot;
476
477 #ifdef USE_CURL_MULTI
478         int num_transfers;
479
480         /* Wait for a slot to open up if the queue is full */
481         while (active_requests >= max_requests) {
482                 curl_multi_perform(curlm, &num_transfers);
483                 if (num_transfers < active_requests)
484                         process_curl_messages();
485         }
486 #endif
487
488         while (slot != NULL && slot->in_use)
489                 slot = slot->next;
490
491         if (slot == NULL) {
492                 newslot = xmalloc(sizeof(*newslot));
493                 newslot->curl = NULL;
494                 newslot->in_use = 0;
495                 newslot->next = NULL;
496
497                 slot = active_queue_head;
498                 if (slot == NULL) {
499                         active_queue_head = newslot;
500                 } else {
501                         while (slot->next != NULL)
502                                 slot = slot->next;
503                         slot->next = newslot;
504                 }
505                 slot = newslot;
506         }
507
508         if (slot->curl == NULL) {
509 #ifdef NO_CURL_EASY_DUPHANDLE
510                 slot->curl = get_curl_handle();
511 #else
512                 slot->curl = curl_easy_duphandle(curl_default);
513 #endif
514                 curl_session_count++;
515         }
516
517         active_requests++;
518         slot->in_use = 1;
519         slot->local = NULL;
520         slot->results = NULL;
521         slot->finished = NULL;
522         slot->callback_data = NULL;
523         slot->callback_func = NULL;
524         curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, pragma_header);
525         curl_easy_setopt(slot->curl, CURLOPT_ERRORBUFFER, curl_errorstr);
526         curl_easy_setopt(slot->curl, CURLOPT_CUSTOMREQUEST, NULL);
527         curl_easy_setopt(slot->curl, CURLOPT_READFUNCTION, NULL);
528         curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION, NULL);
529         curl_easy_setopt(slot->curl, CURLOPT_UPLOAD, 0);
530         curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
531
532         return slot;
533 }
534
535 int start_active_slot(struct active_request_slot *slot)
536 {
537 #ifdef USE_CURL_MULTI
538         CURLMcode curlm_result = curl_multi_add_handle(curlm, slot->curl);
539         int num_transfers;
540
541         if (curlm_result != CURLM_OK &&
542             curlm_result != CURLM_CALL_MULTI_PERFORM) {
543                 active_requests--;
544                 slot->in_use = 0;
545                 return 0;
546         }
547
548         /*
549          * We know there must be something to do, since we just added
550          * something.
551          */
552         curl_multi_perform(curlm, &num_transfers);
553 #endif
554         return 1;
555 }
556
557 #ifdef USE_CURL_MULTI
558 struct fill_chain {
559         void *data;
560         int (*fill)(void *);
561         struct fill_chain *next;
562 };
563
564 static struct fill_chain *fill_cfg;
565
566 void add_fill_function(void *data, int (*fill)(void *))
567 {
568         struct fill_chain *new = xmalloc(sizeof(*new));
569         struct fill_chain **linkp = &fill_cfg;
570         new->data = data;
571         new->fill = fill;
572         new->next = NULL;
573         while (*linkp)
574                 linkp = &(*linkp)->next;
575         *linkp = new;
576 }
577
578 void fill_active_slots(void)
579 {
580         struct active_request_slot *slot = active_queue_head;
581
582         while (active_requests < max_requests) {
583                 struct fill_chain *fill;
584                 for (fill = fill_cfg; fill; fill = fill->next)
585                         if (fill->fill(fill->data))
586                                 break;
587
588                 if (!fill)
589                         break;
590         }
591
592         while (slot != NULL) {
593                 if (!slot->in_use && slot->curl != NULL
594                         && curl_session_count > min_curl_sessions) {
595                         curl_easy_cleanup(slot->curl);
596                         slot->curl = NULL;
597                         curl_session_count--;
598                 }
599                 slot = slot->next;
600         }
601 }
602
603 void step_active_slots(void)
604 {
605         int num_transfers;
606         CURLMcode curlm_result;
607
608         do {
609                 curlm_result = curl_multi_perform(curlm, &num_transfers);
610         } while (curlm_result == CURLM_CALL_MULTI_PERFORM);
611         if (num_transfers < active_requests) {
612                 process_curl_messages();
613                 fill_active_slots();
614         }
615 }
616 #endif
617
618 void run_active_slot(struct active_request_slot *slot)
619 {
620 #ifdef USE_CURL_MULTI
621         long last_pos = 0;
622         long current_pos;
623         fd_set readfds;
624         fd_set writefds;
625         fd_set excfds;
626         int max_fd;
627         struct timeval select_timeout;
628         int finished = 0;
629
630         slot->finished = &finished;
631         while (!finished) {
632                 data_received = 0;
633                 step_active_slots();
634
635                 if (!data_received && slot->local != NULL) {
636                         current_pos = ftell(slot->local);
637                         if (current_pos > last_pos)
638                                 data_received++;
639                         last_pos = current_pos;
640                 }
641
642                 if (slot->in_use && !data_received) {
643                         max_fd = 0;
644                         FD_ZERO(&readfds);
645                         FD_ZERO(&writefds);
646                         FD_ZERO(&excfds);
647                         select_timeout.tv_sec = 0;
648                         select_timeout.tv_usec = 50000;
649                         select(max_fd, &readfds, &writefds,
650                                &excfds, &select_timeout);
651                 }
652         }
653 #else
654         while (slot->in_use) {
655                 slot->curl_result = curl_easy_perform(slot->curl);
656                 finish_active_slot(slot);
657         }
658 #endif
659 }
660
661 static void closedown_active_slot(struct active_request_slot *slot)
662 {
663         active_requests--;
664         slot->in_use = 0;
665 }
666
667 static void release_active_slot(struct active_request_slot *slot)
668 {
669         closedown_active_slot(slot);
670         if (slot->curl && curl_session_count > min_curl_sessions) {
671 #ifdef USE_CURL_MULTI
672                 curl_multi_remove_handle(curlm, slot->curl);
673 #endif
674                 curl_easy_cleanup(slot->curl);
675                 slot->curl = NULL;
676                 curl_session_count--;
677         }
678 #ifdef USE_CURL_MULTI
679         fill_active_slots();
680 #endif
681 }
682
683 void finish_active_slot(struct active_request_slot *slot)
684 {
685         closedown_active_slot(slot);
686         curl_easy_getinfo(slot->curl, CURLINFO_HTTP_CODE, &slot->http_code);
687
688         if (slot->finished != NULL)
689                 (*slot->finished) = 1;
690
691         /* Store slot results so they can be read after the slot is reused */
692         if (slot->results != NULL) {
693                 slot->results->curl_result = slot->curl_result;
694                 slot->results->http_code = slot->http_code;
695         }
696
697         /* Run callback if appropriate */
698         if (slot->callback_func != NULL)
699                 slot->callback_func(slot->callback_data);
700 }
701
702 void finish_all_active_slots(void)
703 {
704         struct active_request_slot *slot = active_queue_head;
705
706         while (slot != NULL)
707                 if (slot->in_use) {
708                         run_active_slot(slot);
709                         slot = active_queue_head;
710                 } else {
711                         slot = slot->next;
712                 }
713 }
714
715 /* Helpers for modifying and creating URLs */
716 static inline int needs_quote(int ch)
717 {
718         if (((ch >= 'A') && (ch <= 'Z'))
719                         || ((ch >= 'a') && (ch <= 'z'))
720                         || ((ch >= '0') && (ch <= '9'))
721                         || (ch == '/')
722                         || (ch == '-')
723                         || (ch == '.'))
724                 return 0;
725         return 1;
726 }
727
728 static inline int hex(int v)
729 {
730         if (v < 10)
731                 return '0' + v;
732         else
733                 return 'A' + v - 10;
734 }
735
736 void end_url_with_slash(struct strbuf *buf, const char *url)
737 {
738         strbuf_addstr(buf, url);
739         if (buf->len && buf->buf[buf->len - 1] != '/')
740                 strbuf_addstr(buf, "/");
741 }
742
743 static char *quote_ref_url(const char *base, const char *ref)
744 {
745         struct strbuf buf = STRBUF_INIT;
746         const char *cp;
747         int ch;
748
749         end_url_with_slash(&buf, base);
750
751         for (cp = ref; (ch = *cp) != 0; cp++)
752                 if (needs_quote(ch))
753                         strbuf_addf(&buf, "%%%02x", ch);
754                 else
755                         strbuf_addch(&buf, *cp);
756
757         return strbuf_detach(&buf, NULL);
758 }
759
760 void append_remote_object_url(struct strbuf *buf, const char *url,
761                               const char *hex,
762                               int only_two_digit_prefix)
763 {
764         end_url_with_slash(buf, url);
765
766         strbuf_addf(buf, "objects/%.*s/", 2, hex);
767         if (!only_two_digit_prefix)
768                 strbuf_addf(buf, "%s", hex+2);
769 }
770
771 char *get_remote_object_url(const char *url, const char *hex,
772                             int only_two_digit_prefix)
773 {
774         struct strbuf buf = STRBUF_INIT;
775         append_remote_object_url(&buf, url, hex, only_two_digit_prefix);
776         return strbuf_detach(&buf, NULL);
777 }
778
779 /* http_request() targets */
780 #define HTTP_REQUEST_STRBUF     0
781 #define HTTP_REQUEST_FILE       1
782
783 static int http_request(const char *url, void *result, int target, int options)
784 {
785         struct active_request_slot *slot;
786         struct slot_results results;
787         struct curl_slist *headers = NULL;
788         struct strbuf buf = STRBUF_INIT;
789         int ret;
790
791         slot = get_active_slot();
792         slot->results = &results;
793         curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
794
795         if (result == NULL) {
796                 curl_easy_setopt(slot->curl, CURLOPT_NOBODY, 1);
797         } else {
798                 curl_easy_setopt(slot->curl, CURLOPT_NOBODY, 0);
799                 curl_easy_setopt(slot->curl, CURLOPT_FILE, result);
800
801                 if (target == HTTP_REQUEST_FILE) {
802                         long posn = ftell(result);
803                         curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
804                                          fwrite);
805                         if (posn > 0) {
806                                 strbuf_addf(&buf, "Range: bytes=%ld-", posn);
807                                 headers = curl_slist_append(headers, buf.buf);
808                                 strbuf_reset(&buf);
809                         }
810                         slot->local = result;
811                 } else
812                         curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
813                                          fwrite_buffer);
814         }
815
816         strbuf_addstr(&buf, "Pragma:");
817         if (options & HTTP_NO_CACHE)
818                 strbuf_addstr(&buf, " no-cache");
819
820         headers = curl_slist_append(headers, buf.buf);
821
822         curl_easy_setopt(slot->curl, CURLOPT_URL, url);
823         curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, headers);
824
825         if (start_active_slot(slot)) {
826                 run_active_slot(slot);
827                 if (results.curl_result == CURLE_OK)
828                         ret = HTTP_OK;
829                 else if (missing_target(&results))
830                         ret = HTTP_MISSING_TARGET;
831                 else if (results.http_code == 401) {
832                         if (user_name) {
833                                 ret = HTTP_NOAUTH;
834                         } else {
835                                 /*
836                                  * git_getpass is needed here because its very likely stdin/stdout are
837                                  * pipes to our parent process.  So we instead need to use /dev/tty,
838                                  * but that is non-portable.  Using git_getpass() can at least be stubbed
839                                  * on other platforms with a different implementation if/when necessary.
840                                  */
841                                 user_name = xstrdup(git_getpass("Username: "));
842                                 init_curl_http_auth(slot->curl);
843                                 ret = HTTP_REAUTH;
844                         }
845                 } else
846                         ret = HTTP_ERROR;
847         } else {
848                 error("Unable to start HTTP request for %s", url);
849                 ret = HTTP_START_FAILED;
850         }
851
852         slot->local = NULL;
853         curl_slist_free_all(headers);
854         strbuf_release(&buf);
855
856         return ret;
857 }
858
859 int http_get_strbuf(const char *url, struct strbuf *result, int options)
860 {
861         int http_ret = http_request(url, result, HTTP_REQUEST_STRBUF, options);
862         if (http_ret == HTTP_REAUTH) {
863                 http_ret = http_request(url, result, HTTP_REQUEST_STRBUF, options);
864         }
865         return http_ret;
866 }
867
868 /*
869  * Downloads an url and stores the result in the given file.
870  *
871  * If a previous interrupted download is detected (i.e. a previous temporary
872  * file is still around) the download is resumed.
873  */
874 static int http_get_file(const char *url, const char *filename, int options)
875 {
876         int ret;
877         struct strbuf tmpfile = STRBUF_INIT;
878         FILE *result;
879
880         strbuf_addf(&tmpfile, "%s.temp", filename);
881         result = fopen(tmpfile.buf, "a");
882         if (! result) {
883                 error("Unable to open local file %s", tmpfile.buf);
884                 ret = HTTP_ERROR;
885                 goto cleanup;
886         }
887
888         ret = http_request(url, result, HTTP_REQUEST_FILE, options);
889         fclose(result);
890
891         if ((ret == HTTP_OK) && move_temp_to_file(tmpfile.buf, filename))
892                 ret = HTTP_ERROR;
893 cleanup:
894         strbuf_release(&tmpfile);
895         return ret;
896 }
897
898 int http_error(const char *url, int ret)
899 {
900         /* http_request has already handled HTTP_START_FAILED. */
901         if (ret != HTTP_START_FAILED)
902                 error("%s while accessing %s\n", curl_errorstr, url);
903
904         return ret;
905 }
906
907 int http_fetch_ref(const char *base, struct ref *ref)
908 {
909         char *url;
910         struct strbuf buffer = STRBUF_INIT;
911         int ret = -1;
912
913         url = quote_ref_url(base, ref->name);
914         if (http_get_strbuf(url, &buffer, HTTP_NO_CACHE) == HTTP_OK) {
915                 strbuf_rtrim(&buffer);
916                 if (buffer.len == 40)
917                         ret = get_sha1_hex(buffer.buf, ref->old_sha1);
918                 else if (!prefixcmp(buffer.buf, "ref: ")) {
919                         ref->symref = xstrdup(buffer.buf + 5);
920                         ret = 0;
921                 }
922         }
923
924         strbuf_release(&buffer);
925         free(url);
926         return ret;
927 }
928
929 /* Helpers for fetching packs */
930 static char *fetch_pack_index(unsigned char *sha1, const char *base_url)
931 {
932         char *url, *tmp;
933         struct strbuf buf = STRBUF_INIT;
934
935         if (http_is_verbose)
936                 fprintf(stderr, "Getting index for pack %s\n", sha1_to_hex(sha1));
937
938         end_url_with_slash(&buf, base_url);
939         strbuf_addf(&buf, "objects/pack/pack-%s.idx", sha1_to_hex(sha1));
940         url = strbuf_detach(&buf, NULL);
941
942         strbuf_addf(&buf, "%s.temp", sha1_pack_index_name(sha1));
943         tmp = strbuf_detach(&buf, NULL);
944
945         if (http_get_file(url, tmp, 0) != HTTP_OK) {
946                 error("Unable to get pack index %s\n", url);
947                 free(tmp);
948                 tmp = NULL;
949         }
950
951         free(url);
952         return tmp;
953 }
954
955 static int fetch_and_setup_pack_index(struct packed_git **packs_head,
956         unsigned char *sha1, const char *base_url)
957 {
958         struct packed_git *new_pack;
959         char *tmp_idx = NULL;
960         int ret;
961
962         if (has_pack_index(sha1)) {
963                 new_pack = parse_pack_index(sha1, NULL);
964                 if (!new_pack)
965                         return -1; /* parse_pack_index() already issued error message */
966                 goto add_pack;
967         }
968
969         tmp_idx = fetch_pack_index(sha1, base_url);
970         if (!tmp_idx)
971                 return -1;
972
973         new_pack = parse_pack_index(sha1, tmp_idx);
974         if (!new_pack) {
975                 unlink(tmp_idx);
976                 free(tmp_idx);
977
978                 return -1; /* parse_pack_index() already issued error message */
979         }
980
981         ret = verify_pack_index(new_pack);
982         if (!ret) {
983                 close_pack_index(new_pack);
984                 ret = move_temp_to_file(tmp_idx, sha1_pack_index_name(sha1));
985         }
986         free(tmp_idx);
987         if (ret)
988                 return -1;
989
990 add_pack:
991         new_pack->next = *packs_head;
992         *packs_head = new_pack;
993         return 0;
994 }
995
996 int http_get_info_packs(const char *base_url, struct packed_git **packs_head)
997 {
998         int ret = 0, i = 0;
999         char *url, *data;
1000         struct strbuf buf = STRBUF_INIT;
1001         unsigned char sha1[20];
1002
1003         end_url_with_slash(&buf, base_url);
1004         strbuf_addstr(&buf, "objects/info/packs");
1005         url = strbuf_detach(&buf, NULL);
1006
1007         ret = http_get_strbuf(url, &buf, HTTP_NO_CACHE);
1008         if (ret != HTTP_OK)
1009                 goto cleanup;
1010
1011         data = buf.buf;
1012         while (i < buf.len) {
1013                 switch (data[i]) {
1014                 case 'P':
1015                         i++;
1016                         if (i + 52 <= buf.len &&
1017                             !prefixcmp(data + i, " pack-") &&
1018                             !prefixcmp(data + i + 46, ".pack\n")) {
1019                                 get_sha1_hex(data + i + 6, sha1);
1020                                 fetch_and_setup_pack_index(packs_head, sha1,
1021                                                       base_url);
1022                                 i += 51;
1023                                 break;
1024                         }
1025                 default:
1026                         while (i < buf.len && data[i] != '\n')
1027                                 i++;
1028                 }
1029                 i++;
1030         }
1031
1032 cleanup:
1033         free(url);
1034         return ret;
1035 }
1036
1037 void release_http_pack_request(struct http_pack_request *preq)
1038 {
1039         if (preq->packfile != NULL) {
1040                 fclose(preq->packfile);
1041                 preq->packfile = NULL;
1042                 preq->slot->local = NULL;
1043         }
1044         if (preq->range_header != NULL) {
1045                 curl_slist_free_all(preq->range_header);
1046                 preq->range_header = NULL;
1047         }
1048         preq->slot = NULL;
1049         free(preq->url);
1050 }
1051
1052 int finish_http_pack_request(struct http_pack_request *preq)
1053 {
1054         struct packed_git **lst;
1055         struct packed_git *p = preq->target;
1056         char *tmp_idx;
1057         struct child_process ip;
1058         const char *ip_argv[8];
1059
1060         close_pack_index(p);
1061
1062         fclose(preq->packfile);
1063         preq->packfile = NULL;
1064         preq->slot->local = NULL;
1065
1066         lst = preq->lst;
1067         while (*lst != p)
1068                 lst = &((*lst)->next);
1069         *lst = (*lst)->next;
1070
1071         tmp_idx = xstrdup(preq->tmpfile);
1072         strcpy(tmp_idx + strlen(tmp_idx) - strlen(".pack.temp"),
1073                ".idx.temp");
1074
1075         ip_argv[0] = "index-pack";
1076         ip_argv[1] = "-o";
1077         ip_argv[2] = tmp_idx;
1078         ip_argv[3] = preq->tmpfile;
1079         ip_argv[4] = NULL;
1080
1081         memset(&ip, 0, sizeof(ip));
1082         ip.argv = ip_argv;
1083         ip.git_cmd = 1;
1084         ip.no_stdin = 1;
1085         ip.no_stdout = 1;
1086
1087         if (run_command(&ip)) {
1088                 unlink(preq->tmpfile);
1089                 unlink(tmp_idx);
1090                 free(tmp_idx);
1091                 return -1;
1092         }
1093
1094         unlink(sha1_pack_index_name(p->sha1));
1095
1096         if (move_temp_to_file(preq->tmpfile, sha1_pack_name(p->sha1))
1097          || move_temp_to_file(tmp_idx, sha1_pack_index_name(p->sha1))) {
1098                 free(tmp_idx);
1099                 return -1;
1100         }
1101
1102         install_packed_git(p);
1103         free(tmp_idx);
1104         return 0;
1105 }
1106
1107 struct http_pack_request *new_http_pack_request(
1108         struct packed_git *target, const char *base_url)
1109 {
1110         long prev_posn = 0;
1111         char range[RANGE_HEADER_SIZE];
1112         struct strbuf buf = STRBUF_INIT;
1113         struct http_pack_request *preq;
1114
1115         preq = xmalloc(sizeof(*preq));
1116         preq->target = target;
1117         preq->range_header = NULL;
1118
1119         end_url_with_slash(&buf, base_url);
1120         strbuf_addf(&buf, "objects/pack/pack-%s.pack",
1121                 sha1_to_hex(target->sha1));
1122         preq->url = strbuf_detach(&buf, NULL);
1123
1124         snprintf(preq->tmpfile, sizeof(preq->tmpfile), "%s.temp",
1125                 sha1_pack_name(target->sha1));
1126         preq->packfile = fopen(preq->tmpfile, "a");
1127         if (!preq->packfile) {
1128                 error("Unable to open local file %s for pack",
1129                       preq->tmpfile);
1130                 goto abort;
1131         }
1132
1133         preq->slot = get_active_slot();
1134         preq->slot->local = preq->packfile;
1135         curl_easy_setopt(preq->slot->curl, CURLOPT_FILE, preq->packfile);
1136         curl_easy_setopt(preq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite);
1137         curl_easy_setopt(preq->slot->curl, CURLOPT_URL, preq->url);
1138         curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
1139                 no_pragma_header);
1140
1141         /*
1142          * If there is data present from a previous transfer attempt,
1143          * resume where it left off
1144          */
1145         prev_posn = ftell(preq->packfile);
1146         if (prev_posn>0) {
1147                 if (http_is_verbose)
1148                         fprintf(stderr,
1149                                 "Resuming fetch of pack %s at byte %ld\n",
1150                                 sha1_to_hex(target->sha1), prev_posn);
1151                 sprintf(range, "Range: bytes=%ld-", prev_posn);
1152                 preq->range_header = curl_slist_append(NULL, range);
1153                 curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
1154                         preq->range_header);
1155         }
1156
1157         return preq;
1158
1159 abort:
1160         free(preq->url);
1161         free(preq);
1162         return NULL;
1163 }
1164
1165 /* Helpers for fetching objects (loose) */
1166 static size_t fwrite_sha1_file(void *ptr, size_t eltsize, size_t nmemb,
1167                                void *data)
1168 {
1169         unsigned char expn[4096];
1170         size_t size = eltsize * nmemb;
1171         int posn = 0;
1172         struct http_object_request *freq =
1173                 (struct http_object_request *)data;
1174         do {
1175                 ssize_t retval = xwrite(freq->localfile,
1176                                         (char *) ptr + posn, size - posn);
1177                 if (retval < 0)
1178                         return posn;
1179                 posn += retval;
1180         } while (posn < size);
1181
1182         freq->stream.avail_in = size;
1183         freq->stream.next_in = ptr;
1184         do {
1185                 freq->stream.next_out = expn;
1186                 freq->stream.avail_out = sizeof(expn);
1187                 freq->zret = git_inflate(&freq->stream, Z_SYNC_FLUSH);
1188                 git_SHA1_Update(&freq->c, expn,
1189                                 sizeof(expn) - freq->stream.avail_out);
1190         } while (freq->stream.avail_in && freq->zret == Z_OK);
1191         data_received++;
1192         return size;
1193 }
1194
1195 struct http_object_request *new_http_object_request(const char *base_url,
1196         unsigned char *sha1)
1197 {
1198         char *hex = sha1_to_hex(sha1);
1199         char *filename;
1200         char prevfile[PATH_MAX];
1201         int prevlocal;
1202         unsigned char prev_buf[PREV_BUF_SIZE];
1203         ssize_t prev_read = 0;
1204         long prev_posn = 0;
1205         char range[RANGE_HEADER_SIZE];
1206         struct curl_slist *range_header = NULL;
1207         struct http_object_request *freq;
1208
1209         freq = xmalloc(sizeof(*freq));
1210         hashcpy(freq->sha1, sha1);
1211         freq->localfile = -1;
1212
1213         filename = sha1_file_name(sha1);
1214         snprintf(freq->tmpfile, sizeof(freq->tmpfile),
1215                  "%s.temp", filename);
1216
1217         snprintf(prevfile, sizeof(prevfile), "%s.prev", filename);
1218         unlink_or_warn(prevfile);
1219         rename(freq->tmpfile, prevfile);
1220         unlink_or_warn(freq->tmpfile);
1221
1222         if (freq->localfile != -1)
1223                 error("fd leakage in start: %d", freq->localfile);
1224         freq->localfile = open(freq->tmpfile,
1225                                O_WRONLY | O_CREAT | O_EXCL, 0666);
1226         /*
1227          * This could have failed due to the "lazy directory creation";
1228          * try to mkdir the last path component.
1229          */
1230         if (freq->localfile < 0 && errno == ENOENT) {
1231                 char *dir = strrchr(freq->tmpfile, '/');
1232                 if (dir) {
1233                         *dir = 0;
1234                         mkdir(freq->tmpfile, 0777);
1235                         *dir = '/';
1236                 }
1237                 freq->localfile = open(freq->tmpfile,
1238                                        O_WRONLY | O_CREAT | O_EXCL, 0666);
1239         }
1240
1241         if (freq->localfile < 0) {
1242                 error("Couldn't create temporary file %s: %s",
1243                       freq->tmpfile, strerror(errno));
1244                 goto abort;
1245         }
1246
1247         memset(&freq->stream, 0, sizeof(freq->stream));
1248
1249         git_inflate_init(&freq->stream);
1250
1251         git_SHA1_Init(&freq->c);
1252
1253         freq->url = get_remote_object_url(base_url, hex, 0);
1254
1255         /*
1256          * If a previous temp file is present, process what was already
1257          * fetched.
1258          */
1259         prevlocal = open(prevfile, O_RDONLY);
1260         if (prevlocal != -1) {
1261                 do {
1262                         prev_read = xread(prevlocal, prev_buf, PREV_BUF_SIZE);
1263                         if (prev_read>0) {
1264                                 if (fwrite_sha1_file(prev_buf,
1265                                                      1,
1266                                                      prev_read,
1267                                                      freq) == prev_read) {
1268                                         prev_posn += prev_read;
1269                                 } else {
1270                                         prev_read = -1;
1271                                 }
1272                         }
1273                 } while (prev_read > 0);
1274                 close(prevlocal);
1275         }
1276         unlink_or_warn(prevfile);
1277
1278         /*
1279          * Reset inflate/SHA1 if there was an error reading the previous temp
1280          * file; also rewind to the beginning of the local file.
1281          */
1282         if (prev_read == -1) {
1283                 memset(&freq->stream, 0, sizeof(freq->stream));
1284                 git_inflate_init(&freq->stream);
1285                 git_SHA1_Init(&freq->c);
1286                 if (prev_posn>0) {
1287                         prev_posn = 0;
1288                         lseek(freq->localfile, 0, SEEK_SET);
1289                         if (ftruncate(freq->localfile, 0) < 0) {
1290                                 error("Couldn't truncate temporary file %s: %s",
1291                                           freq->tmpfile, strerror(errno));
1292                                 goto abort;
1293                         }
1294                 }
1295         }
1296
1297         freq->slot = get_active_slot();
1298
1299         curl_easy_setopt(freq->slot->curl, CURLOPT_FILE, freq);
1300         curl_easy_setopt(freq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite_sha1_file);
1301         curl_easy_setopt(freq->slot->curl, CURLOPT_ERRORBUFFER, freq->errorstr);
1302         curl_easy_setopt(freq->slot->curl, CURLOPT_URL, freq->url);
1303         curl_easy_setopt(freq->slot->curl, CURLOPT_HTTPHEADER, no_pragma_header);
1304
1305         /*
1306          * If we have successfully processed data from a previous fetch
1307          * attempt, only fetch the data we don't already have.
1308          */
1309         if (prev_posn>0) {
1310                 if (http_is_verbose)
1311                         fprintf(stderr,
1312                                 "Resuming fetch of object %s at byte %ld\n",
1313                                 hex, prev_posn);
1314                 sprintf(range, "Range: bytes=%ld-", prev_posn);
1315                 range_header = curl_slist_append(range_header, range);
1316                 curl_easy_setopt(freq->slot->curl,
1317                                  CURLOPT_HTTPHEADER, range_header);
1318         }
1319
1320         return freq;
1321
1322 abort:
1323         free(filename);
1324         free(freq->url);
1325         free(freq);
1326         return NULL;
1327 }
1328
1329 void process_http_object_request(struct http_object_request *freq)
1330 {
1331         if (freq->slot == NULL)
1332                 return;
1333         freq->curl_result = freq->slot->curl_result;
1334         freq->http_code = freq->slot->http_code;
1335         freq->slot = NULL;
1336 }
1337
1338 int finish_http_object_request(struct http_object_request *freq)
1339 {
1340         struct stat st;
1341
1342         close(freq->localfile);
1343         freq->localfile = -1;
1344
1345         process_http_object_request(freq);
1346
1347         if (freq->http_code == 416) {
1348                 warning("requested range invalid; we may already have all the data.");
1349         } else if (freq->curl_result != CURLE_OK) {
1350                 if (stat(freq->tmpfile, &st) == 0)
1351                         if (st.st_size == 0)
1352                                 unlink_or_warn(freq->tmpfile);
1353                 return -1;
1354         }
1355
1356         git_inflate_end(&freq->stream);
1357         git_SHA1_Final(freq->real_sha1, &freq->c);
1358         if (freq->zret != Z_STREAM_END) {
1359                 unlink_or_warn(freq->tmpfile);
1360                 return -1;
1361         }
1362         if (hashcmp(freq->sha1, freq->real_sha1)) {
1363                 unlink_or_warn(freq->tmpfile);
1364                 return -1;
1365         }
1366         freq->rename =
1367                 move_temp_to_file(freq->tmpfile, sha1_file_name(freq->sha1));
1368
1369         return freq->rename;
1370 }
1371
1372 void abort_http_object_request(struct http_object_request *freq)
1373 {
1374         unlink_or_warn(freq->tmpfile);
1375
1376         release_http_object_request(freq);
1377 }
1378
1379 void release_http_object_request(struct http_object_request *freq)
1380 {
1381         if (freq->localfile != -1) {
1382                 close(freq->localfile);
1383                 freq->localfile = -1;
1384         }
1385         if (freq->url != NULL) {
1386                 free(freq->url);
1387                 freq->url = NULL;
1388         }
1389         if (freq->slot != NULL) {
1390                 freq->slot->callback_func = NULL;
1391                 freq->slot->callback_data = NULL;
1392                 release_active_slot(freq->slot);
1393                 freq->slot = NULL;
1394         }
1395 }