transport: add a protocol-whitelist environment variable
[git] / transport-helper.c
1 #include "cache.h"
2 #include "transport.h"
3 #include "quote.h"
4 #include "run-command.h"
5 #include "commit.h"
6 #include "diff.h"
7 #include "revision.h"
8 #include "remote.h"
9 #include "string-list.h"
10 #include "thread-utils.h"
11 #include "sigchain.h"
12 #include "argv-array.h"
13 #include "refs.h"
14
15 static int debug;
16
17 struct helper_data {
18         const char *name;
19         struct child_process *helper;
20         FILE *out;
21         unsigned fetch : 1,
22                 import : 1,
23                 bidi_import : 1,
24                 export : 1,
25                 option : 1,
26                 push : 1,
27                 connect : 1,
28                 signed_tags : 1,
29                 check_connectivity : 1,
30                 no_disconnect_req : 1,
31                 no_private_update : 1;
32         char *export_marks;
33         char *import_marks;
34         /* These go from remote name (as in "list") to private name */
35         struct refspec *refspecs;
36         int refspec_nr;
37         /* Transport options for fetch-pack/send-pack (should one of
38          * those be invoked).
39          */
40         struct git_transport_options transport_options;
41 };
42
43 static void sendline(struct helper_data *helper, struct strbuf *buffer)
44 {
45         if (debug)
46                 fprintf(stderr, "Debug: Remote helper: -> %s", buffer->buf);
47         if (write_in_full(helper->helper->in, buffer->buf, buffer->len)
48                 != buffer->len)
49                 die_errno("Full write to remote helper failed");
50 }
51
52 static int recvline_fh(FILE *helper, struct strbuf *buffer, const char *name)
53 {
54         strbuf_reset(buffer);
55         if (debug)
56                 fprintf(stderr, "Debug: Remote helper: Waiting...\n");
57         if (strbuf_getline(buffer, helper, '\n') == EOF) {
58                 if (debug)
59                         fprintf(stderr, "Debug: Remote helper quit.\n");
60                 return 1;
61         }
62
63         if (debug)
64                 fprintf(stderr, "Debug: Remote helper: <- %s\n", buffer->buf);
65         return 0;
66 }
67
68 static int recvline(struct helper_data *helper, struct strbuf *buffer)
69 {
70         return recvline_fh(helper->out, buffer, helper->name);
71 }
72
73 static void write_constant(int fd, const char *str)
74 {
75         if (debug)
76                 fprintf(stderr, "Debug: Remote helper: -> %s", str);
77         if (write_in_full(fd, str, strlen(str)) != strlen(str))
78                 die_errno("Full write to remote helper failed");
79 }
80
81 static const char *remove_ext_force(const char *url)
82 {
83         if (url) {
84                 const char *colon = strchr(url, ':');
85                 if (colon && colon[1] == ':')
86                         return colon + 2;
87         }
88         return url;
89 }
90
91 static void do_take_over(struct transport *transport)
92 {
93         struct helper_data *data;
94         data = (struct helper_data *)transport->data;
95         transport_take_over(transport, data->helper);
96         fclose(data->out);
97         free(data);
98 }
99
100 static struct child_process *get_helper(struct transport *transport)
101 {
102         struct helper_data *data = transport->data;
103         struct strbuf buf = STRBUF_INIT;
104         struct child_process *helper;
105         const char **refspecs = NULL;
106         int refspec_nr = 0;
107         int refspec_alloc = 0;
108         int duped;
109         int code;
110
111         if (data->helper)
112                 return data->helper;
113
114         helper = xmalloc(sizeof(*helper));
115         child_process_init(helper);
116         helper->in = -1;
117         helper->out = -1;
118         helper->err = 0;
119         argv_array_pushf(&helper->args, "git-remote-%s", data->name);
120         argv_array_push(&helper->args, transport->remote->name);
121         argv_array_push(&helper->args, remove_ext_force(transport->url));
122         helper->git_cmd = 0;
123         helper->silent_exec_failure = 1;
124
125         argv_array_pushf(&helper->env_array, "%s=%s", GIT_DIR_ENVIRONMENT,
126                          get_git_dir());
127
128         code = start_command(helper);
129         if (code < 0 && errno == ENOENT)
130                 die("Unable to find remote helper for '%s'", data->name);
131         else if (code != 0)
132                 exit(code);
133
134         data->helper = helper;
135         data->no_disconnect_req = 0;
136
137         /*
138          * Open the output as FILE* so strbuf_getline() can be used.
139          * Do this with duped fd because fclose() will close the fd,
140          * and stuff like taking over will require the fd to remain.
141          */
142         duped = dup(helper->out);
143         if (duped < 0)
144                 die_errno("Can't dup helper output fd");
145         data->out = xfdopen(duped, "r");
146
147         write_constant(helper->in, "capabilities\n");
148
149         while (1) {
150                 const char *capname, *arg;
151                 int mandatory = 0;
152                 if (recvline(data, &buf))
153                         exit(128);
154
155                 if (!*buf.buf)
156                         break;
157
158                 if (*buf.buf == '*') {
159                         capname = buf.buf + 1;
160                         mandatory = 1;
161                 } else
162                         capname = buf.buf;
163
164                 if (debug)
165                         fprintf(stderr, "Debug: Got cap %s\n", capname);
166                 if (!strcmp(capname, "fetch"))
167                         data->fetch = 1;
168                 else if (!strcmp(capname, "option"))
169                         data->option = 1;
170                 else if (!strcmp(capname, "push"))
171                         data->push = 1;
172                 else if (!strcmp(capname, "import"))
173                         data->import = 1;
174                 else if (!strcmp(capname, "bidi-import"))
175                         data->bidi_import = 1;
176                 else if (!strcmp(capname, "export"))
177                         data->export = 1;
178                 else if (!strcmp(capname, "check-connectivity"))
179                         data->check_connectivity = 1;
180                 else if (!data->refspecs && skip_prefix(capname, "refspec ", &arg)) {
181                         ALLOC_GROW(refspecs,
182                                    refspec_nr + 1,
183                                    refspec_alloc);
184                         refspecs[refspec_nr++] = xstrdup(arg);
185                 } else if (!strcmp(capname, "connect")) {
186                         data->connect = 1;
187                 } else if (!strcmp(capname, "signed-tags")) {
188                         data->signed_tags = 1;
189                 } else if (skip_prefix(capname, "export-marks ", &arg)) {
190                         data->export_marks = xstrdup(arg);
191                 } else if (skip_prefix(capname, "import-marks ", &arg)) {
192                         data->import_marks = xstrdup(arg);
193                 } else if (starts_with(capname, "no-private-update")) {
194                         data->no_private_update = 1;
195                 } else if (mandatory) {
196                         die("Unknown mandatory capability %s. This remote "
197                             "helper probably needs newer version of Git.",
198                             capname);
199                 }
200         }
201         if (refspecs) {
202                 int i;
203                 data->refspec_nr = refspec_nr;
204                 data->refspecs = parse_fetch_refspec(refspec_nr, refspecs);
205                 for (i = 0; i < refspec_nr; i++)
206                         free((char *)refspecs[i]);
207                 free(refspecs);
208         } else if (data->import || data->bidi_import || data->export) {
209                 warning("This remote helper should implement refspec capability.");
210         }
211         strbuf_release(&buf);
212         if (debug)
213                 fprintf(stderr, "Debug: Capabilities complete.\n");
214         return data->helper;
215 }
216
217 static int disconnect_helper(struct transport *transport)
218 {
219         struct helper_data *data = transport->data;
220         int res = 0;
221
222         if (data->helper) {
223                 if (debug)
224                         fprintf(stderr, "Debug: Disconnecting.\n");
225                 if (!data->no_disconnect_req) {
226                         /*
227                          * Ignore write errors; there's nothing we can do,
228                          * since we're about to close the pipe anyway. And the
229                          * most likely error is EPIPE due to the helper dying
230                          * to report an error itself.
231                          */
232                         sigchain_push(SIGPIPE, SIG_IGN);
233                         xwrite(data->helper->in, "\n", 1);
234                         sigchain_pop(SIGPIPE);
235                 }
236                 close(data->helper->in);
237                 close(data->helper->out);
238                 fclose(data->out);
239                 res = finish_command(data->helper);
240                 free(data->helper);
241                 data->helper = NULL;
242         }
243         return res;
244 }
245
246 static const char *unsupported_options[] = {
247         TRANS_OPT_UPLOADPACK,
248         TRANS_OPT_RECEIVEPACK,
249         TRANS_OPT_THIN,
250         TRANS_OPT_KEEP
251         };
252
253 static const char *boolean_options[] = {
254         TRANS_OPT_THIN,
255         TRANS_OPT_KEEP,
256         TRANS_OPT_FOLLOWTAGS,
257         TRANS_OPT_PUSH_CERT
258         };
259
260 static int set_helper_option(struct transport *transport,
261                           const char *name, const char *value)
262 {
263         struct helper_data *data = transport->data;
264         struct strbuf buf = STRBUF_INIT;
265         int i, ret, is_bool = 0;
266
267         get_helper(transport);
268
269         if (!data->option)
270                 return 1;
271
272         for (i = 0; i < ARRAY_SIZE(unsupported_options); i++) {
273                 if (!strcmp(name, unsupported_options[i]))
274                         return 1;
275         }
276
277         for (i = 0; i < ARRAY_SIZE(boolean_options); i++) {
278                 if (!strcmp(name, boolean_options[i])) {
279                         is_bool = 1;
280                         break;
281                 }
282         }
283
284         strbuf_addf(&buf, "option %s ", name);
285         if (is_bool)
286                 strbuf_addstr(&buf, value ? "true" : "false");
287         else
288                 quote_c_style(value, &buf, NULL, 0);
289         strbuf_addch(&buf, '\n');
290
291         sendline(data, &buf);
292         if (recvline(data, &buf))
293                 exit(128);
294
295         if (!strcmp(buf.buf, "ok"))
296                 ret = 0;
297         else if (starts_with(buf.buf, "error")) {
298                 ret = -1;
299         } else if (!strcmp(buf.buf, "unsupported"))
300                 ret = 1;
301         else {
302                 warning("%s unexpectedly said: '%s'", data->name, buf.buf);
303                 ret = 1;
304         }
305         strbuf_release(&buf);
306         return ret;
307 }
308
309 static void standard_options(struct transport *t)
310 {
311         char buf[16];
312         int n;
313         int v = t->verbose;
314
315         set_helper_option(t, "progress", t->progress ? "true" : "false");
316
317         n = snprintf(buf, sizeof(buf), "%d", v + 1);
318         if (n >= sizeof(buf))
319                 die("impossibly large verbosity value");
320         set_helper_option(t, "verbosity", buf);
321 }
322
323 static int release_helper(struct transport *transport)
324 {
325         int res = 0;
326         struct helper_data *data = transport->data;
327         free_refspec(data->refspec_nr, data->refspecs);
328         data->refspecs = NULL;
329         res = disconnect_helper(transport);
330         free(transport->data);
331         return res;
332 }
333
334 static int fetch_with_fetch(struct transport *transport,
335                             int nr_heads, struct ref **to_fetch)
336 {
337         struct helper_data *data = transport->data;
338         int i;
339         struct strbuf buf = STRBUF_INIT;
340
341         standard_options(transport);
342         if (data->check_connectivity &&
343             data->transport_options.check_self_contained_and_connected)
344                 set_helper_option(transport, "check-connectivity", "true");
345
346         if (transport->cloning)
347                 set_helper_option(transport, "cloning", "true");
348
349         if (data->transport_options.update_shallow)
350                 set_helper_option(transport, "update-shallow", "true");
351
352         for (i = 0; i < nr_heads; i++) {
353                 const struct ref *posn = to_fetch[i];
354                 if (posn->status & REF_STATUS_UPTODATE)
355                         continue;
356
357                 strbuf_addf(&buf, "fetch %s %s\n",
358                             sha1_to_hex(posn->old_sha1),
359                             posn->symref ? posn->symref : posn->name);
360         }
361
362         strbuf_addch(&buf, '\n');
363         sendline(data, &buf);
364
365         while (1) {
366                 if (recvline(data, &buf))
367                         exit(128);
368
369                 if (starts_with(buf.buf, "lock ")) {
370                         const char *name = buf.buf + 5;
371                         if (transport->pack_lockfile)
372                                 warning("%s also locked %s", data->name, name);
373                         else
374                                 transport->pack_lockfile = xstrdup(name);
375                 }
376                 else if (data->check_connectivity &&
377                          data->transport_options.check_self_contained_and_connected &&
378                          !strcmp(buf.buf, "connectivity-ok"))
379                         data->transport_options.self_contained_and_connected = 1;
380                 else if (!buf.len)
381                         break;
382                 else
383                         warning("%s unexpectedly said: '%s'", data->name, buf.buf);
384         }
385         strbuf_release(&buf);
386         return 0;
387 }
388
389 static int get_importer(struct transport *transport, struct child_process *fastimport)
390 {
391         struct child_process *helper = get_helper(transport);
392         struct helper_data *data = transport->data;
393         int cat_blob_fd, code;
394         child_process_init(fastimport);
395         fastimport->in = helper->out;
396         argv_array_push(&fastimport->args, "fast-import");
397         argv_array_push(&fastimport->args, debug ? "--stats" : "--quiet");
398
399         if (data->bidi_import) {
400                 cat_blob_fd = xdup(helper->in);
401                 argv_array_pushf(&fastimport->args, "--cat-blob-fd=%d", cat_blob_fd);
402         }
403         fastimport->git_cmd = 1;
404
405         code = start_command(fastimport);
406         return code;
407 }
408
409 static int get_exporter(struct transport *transport,
410                         struct child_process *fastexport,
411                         struct string_list *revlist_args)
412 {
413         struct helper_data *data = transport->data;
414         struct child_process *helper = get_helper(transport);
415         int i;
416
417         child_process_init(fastexport);
418
419         /* we need to duplicate helper->in because we want to use it after
420          * fastexport is done with it. */
421         fastexport->out = dup(helper->in);
422         argv_array_push(&fastexport->args, "fast-export");
423         argv_array_push(&fastexport->args, "--use-done-feature");
424         argv_array_push(&fastexport->args, data->signed_tags ?
425                 "--signed-tags=verbatim" : "--signed-tags=warn-strip");
426         if (data->export_marks)
427                 argv_array_pushf(&fastexport->args, "--export-marks=%s.tmp", data->export_marks);
428         if (data->import_marks)
429                 argv_array_pushf(&fastexport->args, "--import-marks=%s", data->import_marks);
430
431         for (i = 0; i < revlist_args->nr; i++)
432                 argv_array_push(&fastexport->args, revlist_args->items[i].string);
433
434         fastexport->git_cmd = 1;
435         return start_command(fastexport);
436 }
437
438 static int fetch_with_import(struct transport *transport,
439                              int nr_heads, struct ref **to_fetch)
440 {
441         struct child_process fastimport;
442         struct helper_data *data = transport->data;
443         int i;
444         struct ref *posn;
445         struct strbuf buf = STRBUF_INIT;
446
447         get_helper(transport);
448
449         if (get_importer(transport, &fastimport))
450                 die("Couldn't run fast-import");
451
452         for (i = 0; i < nr_heads; i++) {
453                 posn = to_fetch[i];
454                 if (posn->status & REF_STATUS_UPTODATE)
455                         continue;
456
457                 strbuf_addf(&buf, "import %s\n",
458                             posn->symref ? posn->symref : posn->name);
459                 sendline(data, &buf);
460                 strbuf_reset(&buf);
461         }
462
463         write_constant(data->helper->in, "\n");
464         /*
465          * remote-helpers that advertise the bidi-import capability are required to
466          * buffer the complete batch of import commands until this newline before
467          * sending data to fast-import.
468          * These helpers read back data from fast-import on their stdin, which could
469          * be mixed with import commands, otherwise.
470          */
471
472         if (finish_command(&fastimport))
473                 die("Error while running fast-import");
474
475         /*
476          * The fast-import stream of a remote helper that advertises
477          * the "refspec" capability writes to the refs named after the
478          * right hand side of the first refspec matching each ref we
479          * were fetching.
480          *
481          * (If no "refspec" capability was specified, for historical
482          * reasons we default to the equivalent of *:*.)
483          *
484          * Store the result in to_fetch[i].old_sha1.  Callers such
485          * as "git fetch" can use the value to write feedback to the
486          * terminal, populate FETCH_HEAD, and determine what new value
487          * should be written to peer_ref if the update is a
488          * fast-forward or this is a forced update.
489          */
490         for (i = 0; i < nr_heads; i++) {
491                 char *private, *name;
492                 posn = to_fetch[i];
493                 if (posn->status & REF_STATUS_UPTODATE)
494                         continue;
495                 name = posn->symref ? posn->symref : posn->name;
496                 if (data->refspecs)
497                         private = apply_refspecs(data->refspecs, data->refspec_nr, name);
498                 else
499                         private = xstrdup(name);
500                 if (private) {
501                         read_ref(private, posn->old_sha1);
502                         free(private);
503                 }
504         }
505         strbuf_release(&buf);
506         return 0;
507 }
508
509 static int process_connect_service(struct transport *transport,
510                                    const char *name, const char *exec)
511 {
512         struct helper_data *data = transport->data;
513         struct strbuf cmdbuf = STRBUF_INIT;
514         struct child_process *helper;
515         int r, duped, ret = 0;
516         FILE *input;
517
518         helper = get_helper(transport);
519
520         /*
521          * Yes, dup the pipe another time, as we need unbuffered version
522          * of input pipe as FILE*. fclose() closes the underlying fd and
523          * stream buffering only can be changed before first I/O operation
524          * on it.
525          */
526         duped = dup(helper->out);
527         if (duped < 0)
528                 die_errno("Can't dup helper output fd");
529         input = xfdopen(duped, "r");
530         setvbuf(input, NULL, _IONBF, 0);
531
532         /*
533          * Handle --upload-pack and friends. This is fire and forget...
534          * just warn if it fails.
535          */
536         if (strcmp(name, exec)) {
537                 r = set_helper_option(transport, "servpath", exec);
538                 if (r > 0)
539                         warning("Setting remote service path not supported by protocol.");
540                 else if (r < 0)
541                         warning("Invalid remote service path.");
542         }
543
544         if (data->connect)
545                 strbuf_addf(&cmdbuf, "connect %s\n", name);
546         else
547                 goto exit;
548
549         sendline(data, &cmdbuf);
550         if (recvline_fh(input, &cmdbuf, name))
551                 exit(128);
552
553         if (!strcmp(cmdbuf.buf, "")) {
554                 data->no_disconnect_req = 1;
555                 if (debug)
556                         fprintf(stderr, "Debug: Smart transport connection "
557                                 "ready.\n");
558                 ret = 1;
559         } else if (!strcmp(cmdbuf.buf, "fallback")) {
560                 if (debug)
561                         fprintf(stderr, "Debug: Falling back to dumb "
562                                 "transport.\n");
563         } else
564                 die("Unknown response to connect: %s",
565                         cmdbuf.buf);
566
567 exit:
568         fclose(input);
569         return ret;
570 }
571
572 static int process_connect(struct transport *transport,
573                                      int for_push)
574 {
575         struct helper_data *data = transport->data;
576         const char *name;
577         const char *exec;
578
579         name = for_push ? "git-receive-pack" : "git-upload-pack";
580         if (for_push)
581                 exec = data->transport_options.receivepack;
582         else
583                 exec = data->transport_options.uploadpack;
584
585         return process_connect_service(transport, name, exec);
586 }
587
588 static int connect_helper(struct transport *transport, const char *name,
589                    const char *exec, int fd[2])
590 {
591         struct helper_data *data = transport->data;
592
593         /* Get_helper so connect is inited. */
594         get_helper(transport);
595         if (!data->connect)
596                 die("Operation not supported by protocol.");
597
598         if (!process_connect_service(transport, name, exec))
599                 die("Can't connect to subservice %s.", name);
600
601         fd[0] = data->helper->out;
602         fd[1] = data->helper->in;
603         return 0;
604 }
605
606 static int fetch(struct transport *transport,
607                  int nr_heads, struct ref **to_fetch)
608 {
609         struct helper_data *data = transport->data;
610         int i, count;
611
612         if (process_connect(transport, 0)) {
613                 do_take_over(transport);
614                 return transport->fetch(transport, nr_heads, to_fetch);
615         }
616
617         count = 0;
618         for (i = 0; i < nr_heads; i++)
619                 if (!(to_fetch[i]->status & REF_STATUS_UPTODATE))
620                         count++;
621
622         if (!count)
623                 return 0;
624
625         if (data->fetch)
626                 return fetch_with_fetch(transport, nr_heads, to_fetch);
627
628         if (data->import)
629                 return fetch_with_import(transport, nr_heads, to_fetch);
630
631         return -1;
632 }
633
634 static int push_update_ref_status(struct strbuf *buf,
635                                    struct ref **ref,
636                                    struct ref *remote_refs)
637 {
638         char *refname, *msg;
639         int status, forced = 0;
640
641         if (starts_with(buf->buf, "ok ")) {
642                 status = REF_STATUS_OK;
643                 refname = buf->buf + 3;
644         } else if (starts_with(buf->buf, "error ")) {
645                 status = REF_STATUS_REMOTE_REJECT;
646                 refname = buf->buf + 6;
647         } else
648                 die("expected ok/error, helper said '%s'", buf->buf);
649
650         msg = strchr(refname, ' ');
651         if (msg) {
652                 struct strbuf msg_buf = STRBUF_INIT;
653                 const char *end;
654
655                 *msg++ = '\0';
656                 if (!unquote_c_style(&msg_buf, msg, &end))
657                         msg = strbuf_detach(&msg_buf, NULL);
658                 else
659                         msg = xstrdup(msg);
660                 strbuf_release(&msg_buf);
661
662                 if (!strcmp(msg, "no match")) {
663                         status = REF_STATUS_NONE;
664                         free(msg);
665                         msg = NULL;
666                 }
667                 else if (!strcmp(msg, "up to date")) {
668                         status = REF_STATUS_UPTODATE;
669                         free(msg);
670                         msg = NULL;
671                 }
672                 else if (!strcmp(msg, "non-fast forward")) {
673                         status = REF_STATUS_REJECT_NONFASTFORWARD;
674                         free(msg);
675                         msg = NULL;
676                 }
677                 else if (!strcmp(msg, "already exists")) {
678                         status = REF_STATUS_REJECT_ALREADY_EXISTS;
679                         free(msg);
680                         msg = NULL;
681                 }
682                 else if (!strcmp(msg, "fetch first")) {
683                         status = REF_STATUS_REJECT_FETCH_FIRST;
684                         free(msg);
685                         msg = NULL;
686                 }
687                 else if (!strcmp(msg, "needs force")) {
688                         status = REF_STATUS_REJECT_NEEDS_FORCE;
689                         free(msg);
690                         msg = NULL;
691                 }
692                 else if (!strcmp(msg, "stale info")) {
693                         status = REF_STATUS_REJECT_STALE;
694                         free(msg);
695                         msg = NULL;
696                 }
697                 else if (!strcmp(msg, "forced update")) {
698                         forced = 1;
699                         free(msg);
700                         msg = NULL;
701                 }
702         }
703
704         if (*ref)
705                 *ref = find_ref_by_name(*ref, refname);
706         if (!*ref)
707                 *ref = find_ref_by_name(remote_refs, refname);
708         if (!*ref) {
709                 warning("helper reported unexpected status of %s", refname);
710                 return 1;
711         }
712
713         if ((*ref)->status != REF_STATUS_NONE) {
714                 /*
715                  * Earlier, the ref was marked not to be pushed, so ignore the ref
716                  * status reported by the remote helper if the latter is 'no match'.
717                  */
718                 if (status == REF_STATUS_NONE)
719                         return 1;
720         }
721
722         (*ref)->status = status;
723         (*ref)->forced_update |= forced;
724         (*ref)->remote_status = msg;
725         return !(status == REF_STATUS_OK);
726 }
727
728 static int push_update_refs_status(struct helper_data *data,
729                                     struct ref *remote_refs,
730                                     int flags)
731 {
732         struct strbuf buf = STRBUF_INIT;
733         struct ref *ref = remote_refs;
734         int ret = 0;
735
736         for (;;) {
737                 char *private;
738
739                 if (recvline(data, &buf)) {
740                         ret = 1;
741                         break;
742                 }
743
744                 if (!buf.len)
745                         break;
746
747                 if (push_update_ref_status(&buf, &ref, remote_refs))
748                         continue;
749
750                 if (flags & TRANSPORT_PUSH_DRY_RUN || !data->refspecs || data->no_private_update)
751                         continue;
752
753                 /* propagate back the update to the remote namespace */
754                 private = apply_refspecs(data->refspecs, data->refspec_nr, ref->name);
755                 if (!private)
756                         continue;
757                 update_ref("update by helper", private, ref->new_sha1, NULL, 0, 0);
758                 free(private);
759         }
760         strbuf_release(&buf);
761         return ret;
762 }
763
764 static int push_refs_with_push(struct transport *transport,
765                                struct ref *remote_refs, int flags)
766 {
767         int force_all = flags & TRANSPORT_PUSH_FORCE;
768         int mirror = flags & TRANSPORT_PUSH_MIRROR;
769         struct helper_data *data = transport->data;
770         struct strbuf buf = STRBUF_INIT;
771         struct ref *ref;
772         struct string_list cas_options = STRING_LIST_INIT_DUP;
773         struct string_list_item *cas_option;
774
775         get_helper(transport);
776         if (!data->push)
777                 return 1;
778
779         for (ref = remote_refs; ref; ref = ref->next) {
780                 if (!ref->peer_ref && !mirror)
781                         continue;
782
783                 /* Check for statuses set by set_ref_status_for_push() */
784                 switch (ref->status) {
785                 case REF_STATUS_REJECT_NONFASTFORWARD:
786                 case REF_STATUS_REJECT_STALE:
787                 case REF_STATUS_REJECT_ALREADY_EXISTS:
788                 case REF_STATUS_UPTODATE:
789                         continue;
790                 default:
791                         ; /* do nothing */
792                 }
793
794                 if (force_all)
795                         ref->force = 1;
796
797                 strbuf_addstr(&buf, "push ");
798                 if (!ref->deletion) {
799                         if (ref->force)
800                                 strbuf_addch(&buf, '+');
801                         if (ref->peer_ref)
802                                 strbuf_addstr(&buf, ref->peer_ref->name);
803                         else
804                                 strbuf_addstr(&buf, sha1_to_hex(ref->new_sha1));
805                 }
806                 strbuf_addch(&buf, ':');
807                 strbuf_addstr(&buf, ref->name);
808                 strbuf_addch(&buf, '\n');
809
810                 /*
811                  * The "--force-with-lease" options without explicit
812                  * values to expect have already been expanded into
813                  * the ref->old_sha1_expect[] field; we can ignore
814                  * transport->smart_options->cas altogether and instead
815                  * can enumerate them from the refs.
816                  */
817                 if (ref->expect_old_sha1) {
818                         struct strbuf cas = STRBUF_INIT;
819                         strbuf_addf(&cas, "%s:%s",
820                                     ref->name, sha1_to_hex(ref->old_sha1_expect));
821                         string_list_append(&cas_options, strbuf_detach(&cas, NULL));
822                 }
823         }
824         if (buf.len == 0) {
825                 string_list_clear(&cas_options, 0);
826                 return 0;
827         }
828
829         standard_options(transport);
830         for_each_string_list_item(cas_option, &cas_options)
831                 set_helper_option(transport, "cas", cas_option->string);
832
833         if (flags & TRANSPORT_PUSH_DRY_RUN) {
834                 if (set_helper_option(transport, "dry-run", "true") != 0)
835                         die("helper %s does not support dry-run", data->name);
836         } else if (flags & TRANSPORT_PUSH_CERT) {
837                 if (set_helper_option(transport, TRANS_OPT_PUSH_CERT, "true") != 0)
838                         die("helper %s does not support --signed", data->name);
839         }
840
841         strbuf_addch(&buf, '\n');
842         sendline(data, &buf);
843         strbuf_release(&buf);
844
845         return push_update_refs_status(data, remote_refs, flags);
846 }
847
848 static int push_refs_with_export(struct transport *transport,
849                 struct ref *remote_refs, int flags)
850 {
851         struct ref *ref;
852         struct child_process *helper, exporter;
853         struct helper_data *data = transport->data;
854         struct string_list revlist_args = STRING_LIST_INIT_DUP;
855         struct strbuf buf = STRBUF_INIT;
856
857         if (!data->refspecs)
858                 die("remote-helper doesn't support push; refspec needed");
859
860         if (flags & TRANSPORT_PUSH_DRY_RUN) {
861                 if (set_helper_option(transport, "dry-run", "true") != 0)
862                         die("helper %s does not support dry-run", data->name);
863         } else if (flags & TRANSPORT_PUSH_CERT) {
864                 if (set_helper_option(transport, TRANS_OPT_PUSH_CERT, "true") != 0)
865                         die("helper %s does not support --signed", data->name);
866         }
867
868         if (flags & TRANSPORT_PUSH_FORCE) {
869                 if (set_helper_option(transport, "force", "true") != 0)
870                         warning("helper %s does not support 'force'", data->name);
871         }
872
873         helper = get_helper(transport);
874
875         write_constant(helper->in, "export\n");
876
877         for (ref = remote_refs; ref; ref = ref->next) {
878                 char *private;
879                 unsigned char sha1[20];
880
881                 private = apply_refspecs(data->refspecs, data->refspec_nr, ref->name);
882                 if (private && !get_sha1(private, sha1)) {
883                         strbuf_addf(&buf, "^%s", private);
884                         string_list_append(&revlist_args, strbuf_detach(&buf, NULL));
885                         hashcpy(ref->old_sha1, sha1);
886                 }
887                 free(private);
888
889                 if (ref->peer_ref) {
890                         if (strcmp(ref->name, ref->peer_ref->name)) {
891                                 if (!ref->deletion) {
892                                         const char *name;
893                                         int flag;
894
895                                         /* Follow symbolic refs (mainly for HEAD). */
896                                         name = resolve_ref_unsafe(
897                                                  ref->peer_ref->name,
898                                                  RESOLVE_REF_READING,
899                                                  sha1, &flag);
900                                         if (!name || !(flag & REF_ISSYMREF))
901                                                 name = ref->peer_ref->name;
902
903                                         strbuf_addf(&buf, "%s:%s", name, ref->name);
904                                 } else
905                                         strbuf_addf(&buf, ":%s", ref->name);
906
907                                 string_list_append(&revlist_args, "--refspec");
908                                 string_list_append(&revlist_args, buf.buf);
909                                 strbuf_release(&buf);
910                         }
911                         if (!ref->deletion)
912                                 string_list_append(&revlist_args, ref->peer_ref->name);
913                 }
914         }
915
916         if (get_exporter(transport, &exporter, &revlist_args))
917                 die("Couldn't run fast-export");
918
919         string_list_clear(&revlist_args, 1);
920
921         if (finish_command(&exporter))
922                 die("Error while running fast-export");
923         if (push_update_refs_status(data, remote_refs, flags))
924                 return 1;
925
926         if (data->export_marks) {
927                 strbuf_addf(&buf, "%s.tmp", data->export_marks);
928                 rename(buf.buf, data->export_marks);
929                 strbuf_release(&buf);
930         }
931
932         return 0;
933 }
934
935 static int push_refs(struct transport *transport,
936                 struct ref *remote_refs, int flags)
937 {
938         struct helper_data *data = transport->data;
939
940         if (process_connect(transport, 1)) {
941                 do_take_over(transport);
942                 return transport->push_refs(transport, remote_refs, flags);
943         }
944
945         if (!remote_refs) {
946                 fprintf(stderr, "No refs in common and none specified; doing nothing.\n"
947                         "Perhaps you should specify a branch such as 'master'.\n");
948                 return 0;
949         }
950
951         if (data->push)
952                 return push_refs_with_push(transport, remote_refs, flags);
953
954         if (data->export)
955                 return push_refs_with_export(transport, remote_refs, flags);
956
957         return -1;
958 }
959
960
961 static int has_attribute(const char *attrs, const char *attr) {
962         int len;
963         if (!attrs)
964                 return 0;
965
966         len = strlen(attr);
967         for (;;) {
968                 const char *space = strchrnul(attrs, ' ');
969                 if (len == space - attrs && !strncmp(attrs, attr, len))
970                         return 1;
971                 if (!*space)
972                         return 0;
973                 attrs = space + 1;
974         }
975 }
976
977 static struct ref *get_refs_list(struct transport *transport, int for_push)
978 {
979         struct helper_data *data = transport->data;
980         struct child_process *helper;
981         struct ref *ret = NULL;
982         struct ref **tail = &ret;
983         struct ref *posn;
984         struct strbuf buf = STRBUF_INIT;
985
986         helper = get_helper(transport);
987
988         if (process_connect(transport, for_push)) {
989                 do_take_over(transport);
990                 return transport->get_refs_list(transport, for_push);
991         }
992
993         if (data->push && for_push)
994                 write_str_in_full(helper->in, "list for-push\n");
995         else
996                 write_str_in_full(helper->in, "list\n");
997
998         while (1) {
999                 char *eov, *eon;
1000                 if (recvline(data, &buf))
1001                         exit(128);
1002
1003                 if (!*buf.buf)
1004                         break;
1005
1006                 eov = strchr(buf.buf, ' ');
1007                 if (!eov)
1008                         die("Malformed response in ref list: %s", buf.buf);
1009                 eon = strchr(eov + 1, ' ');
1010                 *eov = '\0';
1011                 if (eon)
1012                         *eon = '\0';
1013                 *tail = alloc_ref(eov + 1);
1014                 if (buf.buf[0] == '@')
1015                         (*tail)->symref = xstrdup(buf.buf + 1);
1016                 else if (buf.buf[0] != '?')
1017                         get_sha1_hex(buf.buf, (*tail)->old_sha1);
1018                 if (eon) {
1019                         if (has_attribute(eon + 1, "unchanged")) {
1020                                 (*tail)->status |= REF_STATUS_UPTODATE;
1021                                 read_ref((*tail)->name, (*tail)->old_sha1);
1022                         }
1023                 }
1024                 tail = &((*tail)->next);
1025         }
1026         if (debug)
1027                 fprintf(stderr, "Debug: Read ref listing.\n");
1028         strbuf_release(&buf);
1029
1030         for (posn = ret; posn; posn = posn->next)
1031                 resolve_remote_symref(posn, ret);
1032
1033         return ret;
1034 }
1035
1036 int transport_helper_init(struct transport *transport, const char *name)
1037 {
1038         struct helper_data *data = xcalloc(1, sizeof(*data));
1039         data->name = name;
1040
1041         transport_check_allowed(name);
1042
1043         if (getenv("GIT_TRANSPORT_HELPER_DEBUG"))
1044                 debug = 1;
1045
1046         transport->data = data;
1047         transport->set_option = set_helper_option;
1048         transport->get_refs_list = get_refs_list;
1049         transport->fetch = fetch;
1050         transport->push_refs = push_refs;
1051         transport->disconnect = release_helper;
1052         transport->connect = connect_helper;
1053         transport->smart_options = &(data->transport_options);
1054         return 0;
1055 }
1056
1057 /*
1058  * Linux pipes can buffer 65536 bytes at once (and most platforms can
1059  * buffer less), so attempt reads and writes with up to that size.
1060  */
1061 #define BUFFERSIZE 65536
1062 /* This should be enough to hold debugging message. */
1063 #define PBUFFERSIZE 8192
1064
1065 /* Print bidirectional transfer loop debug message. */
1066 __attribute__((format (printf, 1, 2)))
1067 static void transfer_debug(const char *fmt, ...)
1068 {
1069         va_list args;
1070         char msgbuf[PBUFFERSIZE];
1071         static int debug_enabled = -1;
1072
1073         if (debug_enabled < 0)
1074                 debug_enabled = getenv("GIT_TRANSLOOP_DEBUG") ? 1 : 0;
1075         if (!debug_enabled)
1076                 return;
1077
1078         va_start(args, fmt);
1079         vsnprintf(msgbuf, PBUFFERSIZE, fmt, args);
1080         va_end(args);
1081         fprintf(stderr, "Transfer loop debugging: %s\n", msgbuf);
1082 }
1083
1084 /* Stream state: More data may be coming in this direction. */
1085 #define SSTATE_TRANSFERING 0
1086 /*
1087  * Stream state: No more data coming in this direction, flushing rest of
1088  * data.
1089  */
1090 #define SSTATE_FLUSHING 1
1091 /* Stream state: Transfer in this direction finished. */
1092 #define SSTATE_FINISHED 2
1093
1094 #define STATE_NEEDS_READING(state) ((state) <= SSTATE_TRANSFERING)
1095 #define STATE_NEEDS_WRITING(state) ((state) <= SSTATE_FLUSHING)
1096 #define STATE_NEEDS_CLOSING(state) ((state) == SSTATE_FLUSHING)
1097
1098 /* Unidirectional transfer. */
1099 struct unidirectional_transfer {
1100         /* Source */
1101         int src;
1102         /* Destination */
1103         int dest;
1104         /* Is source socket? */
1105         int src_is_sock;
1106         /* Is destination socket? */
1107         int dest_is_sock;
1108         /* Transfer state (TRANSFERRING/FLUSHING/FINISHED) */
1109         int state;
1110         /* Buffer. */
1111         char buf[BUFFERSIZE];
1112         /* Buffer used. */
1113         size_t bufuse;
1114         /* Name of source. */
1115         const char *src_name;
1116         /* Name of destination. */
1117         const char *dest_name;
1118 };
1119
1120 /* Closes the target (for writing) if transfer has finished. */
1121 static void udt_close_if_finished(struct unidirectional_transfer *t)
1122 {
1123         if (STATE_NEEDS_CLOSING(t->state) && !t->bufuse) {
1124                 t->state = SSTATE_FINISHED;
1125                 if (t->dest_is_sock)
1126                         shutdown(t->dest, SHUT_WR);
1127                 else
1128                         close(t->dest);
1129                 transfer_debug("Closed %s.", t->dest_name);
1130         }
1131 }
1132
1133 /*
1134  * Tries to read read data from source into buffer. If buffer is full,
1135  * no data is read. Returns 0 on success, -1 on error.
1136  */
1137 static int udt_do_read(struct unidirectional_transfer *t)
1138 {
1139         ssize_t bytes;
1140
1141         if (t->bufuse == BUFFERSIZE)
1142                 return 0;       /* No space for more. */
1143
1144         transfer_debug("%s is readable", t->src_name);
1145         bytes = read(t->src, t->buf + t->bufuse, BUFFERSIZE - t->bufuse);
1146         if (bytes < 0 && errno != EWOULDBLOCK && errno != EAGAIN &&
1147                 errno != EINTR) {
1148                 error("read(%s) failed: %s", t->src_name, strerror(errno));
1149                 return -1;
1150         } else if (bytes == 0) {
1151                 transfer_debug("%s EOF (with %i bytes in buffer)",
1152                         t->src_name, (int)t->bufuse);
1153                 t->state = SSTATE_FLUSHING;
1154         } else if (bytes > 0) {
1155                 t->bufuse += bytes;
1156                 transfer_debug("Read %i bytes from %s (buffer now at %i)",
1157                         (int)bytes, t->src_name, (int)t->bufuse);
1158         }
1159         return 0;
1160 }
1161
1162 /* Tries to write data from buffer into destination. If buffer is empty,
1163  * no data is written. Returns 0 on success, -1 on error.
1164  */
1165 static int udt_do_write(struct unidirectional_transfer *t)
1166 {
1167         ssize_t bytes;
1168
1169         if (t->bufuse == 0)
1170                 return 0;       /* Nothing to write. */
1171
1172         transfer_debug("%s is writable", t->dest_name);
1173         bytes = xwrite(t->dest, t->buf, t->bufuse);
1174         if (bytes < 0 && errno != EWOULDBLOCK) {
1175                 error("write(%s) failed: %s", t->dest_name, strerror(errno));
1176                 return -1;
1177         } else if (bytes > 0) {
1178                 t->bufuse -= bytes;
1179                 if (t->bufuse)
1180                         memmove(t->buf, t->buf + bytes, t->bufuse);
1181                 transfer_debug("Wrote %i bytes to %s (buffer now at %i)",
1182                         (int)bytes, t->dest_name, (int)t->bufuse);
1183         }
1184         return 0;
1185 }
1186
1187
1188 /* State of bidirectional transfer loop. */
1189 struct bidirectional_transfer_state {
1190         /* Direction from program to git. */
1191         struct unidirectional_transfer ptg;
1192         /* Direction from git to program. */
1193         struct unidirectional_transfer gtp;
1194 };
1195
1196 static void *udt_copy_task_routine(void *udt)
1197 {
1198         struct unidirectional_transfer *t = (struct unidirectional_transfer *)udt;
1199         while (t->state != SSTATE_FINISHED) {
1200                 if (STATE_NEEDS_READING(t->state))
1201                         if (udt_do_read(t))
1202                                 return NULL;
1203                 if (STATE_NEEDS_WRITING(t->state))
1204                         if (udt_do_write(t))
1205                                 return NULL;
1206                 if (STATE_NEEDS_CLOSING(t->state))
1207                         udt_close_if_finished(t);
1208         }
1209         return udt;     /* Just some non-NULL value. */
1210 }
1211
1212 #ifndef NO_PTHREADS
1213
1214 /*
1215  * Join thread, with appropriate errors on failure. Name is name for the
1216  * thread (for error messages). Returns 0 on success, 1 on failure.
1217  */
1218 static int tloop_join(pthread_t thread, const char *name)
1219 {
1220         int err;
1221         void *tret;
1222         err = pthread_join(thread, &tret);
1223         if (!tret) {
1224                 error("%s thread failed", name);
1225                 return 1;
1226         }
1227         if (err) {
1228                 error("%s thread failed to join: %s", name, strerror(err));
1229                 return 1;
1230         }
1231         return 0;
1232 }
1233
1234 /*
1235  * Spawn the transfer tasks and then wait for them. Returns 0 on success,
1236  * -1 on failure.
1237  */
1238 static int tloop_spawnwait_tasks(struct bidirectional_transfer_state *s)
1239 {
1240         pthread_t gtp_thread;
1241         pthread_t ptg_thread;
1242         int err;
1243         int ret = 0;
1244         err = pthread_create(&gtp_thread, NULL, udt_copy_task_routine,
1245                 &s->gtp);
1246         if (err)
1247                 die("Can't start thread for copying data: %s", strerror(err));
1248         err = pthread_create(&ptg_thread, NULL, udt_copy_task_routine,
1249                 &s->ptg);
1250         if (err)
1251                 die("Can't start thread for copying data: %s", strerror(err));
1252
1253         ret |= tloop_join(gtp_thread, "Git to program copy");
1254         ret |= tloop_join(ptg_thread, "Program to git copy");
1255         return ret;
1256 }
1257 #else
1258
1259 /* Close the source and target (for writing) for transfer. */
1260 static void udt_kill_transfer(struct unidirectional_transfer *t)
1261 {
1262         t->state = SSTATE_FINISHED;
1263         /*
1264          * Socket read end left open isn't a disaster if nobody
1265          * attempts to read from it (mingw compat headers do not
1266          * have SHUT_RD)...
1267          *
1268          * We can't fully close the socket since otherwise gtp
1269          * task would first close the socket it sends data to
1270          * while closing the ptg file descriptors.
1271          */
1272         if (!t->src_is_sock)
1273                 close(t->src);
1274         if (t->dest_is_sock)
1275                 shutdown(t->dest, SHUT_WR);
1276         else
1277                 close(t->dest);
1278 }
1279
1280 /*
1281  * Join process, with appropriate errors on failure. Name is name for the
1282  * process (for error messages). Returns 0 on success, 1 on failure.
1283  */
1284 static int tloop_join(pid_t pid, const char *name)
1285 {
1286         int tret;
1287         if (waitpid(pid, &tret, 0) < 0) {
1288                 error("%s process failed to wait: %s", name, strerror(errno));
1289                 return 1;
1290         }
1291         if (!WIFEXITED(tret) || WEXITSTATUS(tret)) {
1292                 error("%s process failed", name);
1293                 return 1;
1294         }
1295         return 0;
1296 }
1297
1298 /*
1299  * Spawn the transfer tasks and then wait for them. Returns 0 on success,
1300  * -1 on failure.
1301  */
1302 static int tloop_spawnwait_tasks(struct bidirectional_transfer_state *s)
1303 {
1304         pid_t pid1, pid2;
1305         int ret = 0;
1306
1307         /* Fork thread #1: git to program. */
1308         pid1 = fork();
1309         if (pid1 < 0)
1310                 die_errno("Can't start thread for copying data");
1311         else if (pid1 == 0) {
1312                 udt_kill_transfer(&s->ptg);
1313                 exit(udt_copy_task_routine(&s->gtp) ? 0 : 1);
1314         }
1315
1316         /* Fork thread #2: program to git. */
1317         pid2 = fork();
1318         if (pid2 < 0)
1319                 die_errno("Can't start thread for copying data");
1320         else if (pid2 == 0) {
1321                 udt_kill_transfer(&s->gtp);
1322                 exit(udt_copy_task_routine(&s->ptg) ? 0 : 1);
1323         }
1324
1325         /*
1326          * Close both streams in parent as to not interfere with
1327          * end of file detection and wait for both tasks to finish.
1328          */
1329         udt_kill_transfer(&s->gtp);
1330         udt_kill_transfer(&s->ptg);
1331         ret |= tloop_join(pid1, "Git to program copy");
1332         ret |= tloop_join(pid2, "Program to git copy");
1333         return ret;
1334 }
1335 #endif
1336
1337 /*
1338  * Copies data from stdin to output and from input to stdout simultaneously.
1339  * Additionally filtering through given filter. If filter is NULL, uses
1340  * identity filter.
1341  */
1342 int bidirectional_transfer_loop(int input, int output)
1343 {
1344         struct bidirectional_transfer_state state;
1345
1346         /* Fill the state fields. */
1347         state.ptg.src = input;
1348         state.ptg.dest = 1;
1349         state.ptg.src_is_sock = (input == output);
1350         state.ptg.dest_is_sock = 0;
1351         state.ptg.state = SSTATE_TRANSFERING;
1352         state.ptg.bufuse = 0;
1353         state.ptg.src_name = "remote input";
1354         state.ptg.dest_name = "stdout";
1355
1356         state.gtp.src = 0;
1357         state.gtp.dest = output;
1358         state.gtp.src_is_sock = 0;
1359         state.gtp.dest_is_sock = (input == output);
1360         state.gtp.state = SSTATE_TRANSFERING;
1361         state.gtp.bufuse = 0;
1362         state.gtp.src_name = "stdin";
1363         state.gtp.dest_name = "remote output";
1364
1365         return tloop_spawnwait_tasks(&state);
1366 }