6 #include "run-command.h"
12 #include "transport.h"
13 #include "string-list.h"
14 #include "sha1-array.h"
15 #include "connected.h"
16 #include "argv-array.h"
19 #include "gpg-interface.h"
21 static const char receive_pack_usage[] = "git receive-pack <git-dir>";
30 static int deny_deletes;
31 static int deny_non_fast_forwards;
32 static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
33 static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
34 static int receive_fsck_objects = -1;
35 static int transfer_fsck_objects = -1;
36 static int receive_unpack_limit = -1;
37 static int transfer_unpack_limit = -1;
38 static int unpack_limit = 100;
39 static int report_status;
40 static int use_sideband;
42 static int prefer_ofs_delta = 1;
43 static int auto_update_server_info;
44 static int auto_gc = 1;
45 static int fix_thin = 1;
46 static const char *head_name;
47 static void *head_name_to_free;
48 static int sent_capabilities;
49 static int shallow_update;
50 static const char *alt_shallow_file;
51 static struct strbuf push_cert = STRBUF_INIT;
52 static unsigned char push_cert_sha1[20];
53 static struct signature_check sigcheck;
54 static const char *push_cert_nonce;
55 static const char *cert_nonce_seed;
57 static const char *NONCE_UNSOLICITED = "UNSOLICITED";
58 static const char *NONCE_BAD = "BAD";
59 static const char *NONCE_MISSING = "MISSING";
60 static const char *NONCE_OK = "OK";
61 static const char *nonce_status;
63 static enum deny_action parse_deny_action(const char *var, const char *value)
66 if (!strcasecmp(value, "ignore"))
68 if (!strcasecmp(value, "warn"))
70 if (!strcasecmp(value, "refuse"))
73 if (git_config_bool(var, value))
78 static int receive_pack_config(const char *var, const char *value, void *cb)
80 int status = parse_hide_refs_config(var, value, "receive");
85 if (strcmp(var, "receive.denydeletes") == 0) {
86 deny_deletes = git_config_bool(var, value);
90 if (strcmp(var, "receive.denynonfastforwards") == 0) {
91 deny_non_fast_forwards = git_config_bool(var, value);
95 if (strcmp(var, "receive.unpacklimit") == 0) {
96 receive_unpack_limit = git_config_int(var, value);
100 if (strcmp(var, "transfer.unpacklimit") == 0) {
101 transfer_unpack_limit = git_config_int(var, value);
105 if (strcmp(var, "receive.fsckobjects") == 0) {
106 receive_fsck_objects = git_config_bool(var, value);
110 if (strcmp(var, "transfer.fsckobjects") == 0) {
111 transfer_fsck_objects = git_config_bool(var, value);
115 if (!strcmp(var, "receive.denycurrentbranch")) {
116 deny_current_branch = parse_deny_action(var, value);
120 if (strcmp(var, "receive.denydeletecurrent") == 0) {
121 deny_delete_current = parse_deny_action(var, value);
125 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
126 prefer_ofs_delta = git_config_bool(var, value);
130 if (strcmp(var, "receive.updateserverinfo") == 0) {
131 auto_update_server_info = git_config_bool(var, value);
135 if (strcmp(var, "receive.autogc") == 0) {
136 auto_gc = git_config_bool(var, value);
140 if (strcmp(var, "receive.shallowupdate") == 0) {
141 shallow_update = git_config_bool(var, value);
145 if (strcmp(var, "receive.certnonceseed") == 0)
146 return git_config_string(&cert_nonce_seed, var, value);
148 return git_default_config(var, value, cb);
151 static void show_ref(const char *path, const unsigned char *sha1)
153 if (ref_is_hidden(path))
156 if (sent_capabilities) {
157 packet_write(1, "%s %s\n", sha1_to_hex(sha1), path);
159 struct strbuf cap = STRBUF_INIT;
162 "report-status delete-refs side-band-64k quiet");
163 if (prefer_ofs_delta)
164 strbuf_addstr(&cap, " ofs-delta");
166 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
167 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
168 packet_write(1, "%s %s%c%s\n",
169 sha1_to_hex(sha1), path, 0, cap.buf);
170 strbuf_release(&cap);
171 sent_capabilities = 1;
175 static int show_ref_cb(const char *path, const unsigned char *sha1, int flag, void *unused)
177 path = strip_namespace(path);
179 * Advertise refs outside our current namespace as ".have"
180 * refs, so that the client can use them to minimize data
181 * transfer but will otherwise ignore them. This happens to
182 * cover ".have" that are thrown in by add_one_alternate_ref()
183 * to mark histories that are complete in our alternates as
188 show_ref(path, sha1);
192 static void show_one_alternate_sha1(const unsigned char sha1[20], void *unused)
194 show_ref(".have", sha1);
197 static void collect_one_alternate_ref(const struct ref *ref, void *data)
199 struct sha1_array *sa = data;
200 sha1_array_append(sa, ref->old_sha1);
203 static void write_head_info(void)
205 struct sha1_array sa = SHA1_ARRAY_INIT;
206 for_each_alternate_ref(collect_one_alternate_ref, &sa);
207 sha1_array_for_each_unique(&sa, show_one_alternate_sha1, NULL);
208 sha1_array_clear(&sa);
209 for_each_ref(show_ref_cb, NULL);
210 if (!sent_capabilities)
211 show_ref("capabilities^{}", null_sha1);
213 advertise_shallow_grafts(1);
220 struct command *next;
221 const char *error_string;
222 unsigned int skip_update:1,
225 unsigned char old_sha1[20];
226 unsigned char new_sha1[20];
227 char ref_name[FLEX_ARRAY]; /* more */
230 static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
231 static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
233 static void report_message(const char *prefix, const char *err, va_list params)
235 int sz = strlen(prefix);
238 strncpy(msg, prefix, sz);
239 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
240 if (sz > (sizeof(msg) - 1))
241 sz = sizeof(msg) - 1;
245 send_sideband(1, 2, msg, sz, use_sideband);
250 static void rp_warning(const char *err, ...)
253 va_start(params, err);
254 report_message("warning: ", err, params);
258 static void rp_error(const char *err, ...)
261 va_start(params, err);
262 report_message("error: ", err, params);
266 static int copy_to_sideband(int in, int out, void *arg)
270 ssize_t sz = xread(in, data, sizeof(data));
273 send_sideband(1, 2, data, sz, use_sideband);
279 #define HMAC_BLOCK_SIZE 64
281 static void hmac_sha1(unsigned char out[20],
282 const char *key_in, size_t key_len,
283 const char *text, size_t text_len)
285 unsigned char key[HMAC_BLOCK_SIZE];
286 unsigned char k_ipad[HMAC_BLOCK_SIZE];
287 unsigned char k_opad[HMAC_BLOCK_SIZE];
291 /* RFC 2104 2. (1) */
292 memset(key, '\0', HMAC_BLOCK_SIZE);
293 if (HMAC_BLOCK_SIZE < key_len) {
295 git_SHA1_Update(&ctx, key_in, key_len);
296 git_SHA1_Final(key, &ctx);
298 memcpy(key, key_in, key_len);
301 /* RFC 2104 2. (2) & (5) */
302 for (i = 0; i < sizeof(key); i++) {
303 k_ipad[i] = key[i] ^ 0x36;
304 k_opad[i] = key[i] ^ 0x5c;
307 /* RFC 2104 2. (3) & (4) */
309 git_SHA1_Update(&ctx, k_ipad, sizeof(k_ipad));
310 git_SHA1_Update(&ctx, text, text_len);
311 git_SHA1_Final(out, &ctx);
313 /* RFC 2104 2. (6) & (7) */
315 git_SHA1_Update(&ctx, k_opad, sizeof(k_opad));
316 git_SHA1_Update(&ctx, out, sizeof(out));
317 git_SHA1_Final(out, &ctx);
320 static char *prepare_push_cert_nonce(const char *path, unsigned long stamp)
322 struct strbuf buf = STRBUF_INIT;
323 unsigned char sha1[20];
325 strbuf_addf(&buf, "%s:%lu", path, stamp);
326 hmac_sha1(sha1, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));;
327 strbuf_release(&buf);
329 /* RFC 2104 5. HMAC-SHA1-80 */
330 strbuf_addf(&buf, "%lu-%.*s", stamp, 20, sha1_to_hex(sha1));
331 return strbuf_detach(&buf, NULL);
335 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
336 * after dropping "_commit" from its name and possibly moving it out
339 static char *find_header(const char *msg, size_t len, const char *key)
341 int key_len = strlen(key);
342 const char *line = msg;
344 while (line && line < msg + len) {
345 const char *eol = strchrnul(line, '\n');
347 if ((msg + len <= eol) || line == eol)
349 if (line + key_len < eol &&
350 !memcmp(line, key, key_len) && line[key_len] == ' ') {
351 int offset = key_len + 1;
352 return xmemdupz(line + offset, (eol - line) - offset);
354 line = *eol ? eol + 1 : NULL;
359 static const char *check_nonce(const char *buf, size_t len)
361 char *nonce = find_header(buf, len, "nonce");
362 const char *retval = NONCE_BAD;
365 retval = NONCE_MISSING;
367 } else if (!push_cert_nonce) {
368 retval = NONCE_UNSOLICITED;
370 } else if (!strcmp(push_cert_nonce, nonce)) {
375 /* returned nonce MUST match what we gave out earlier */
383 static void prepare_push_cert_sha1(struct child_process *proc)
385 static int already_done;
386 struct argv_array env = ARGV_ARRAY_INIT;
392 struct strbuf gpg_output = STRBUF_INIT;
393 struct strbuf gpg_status = STRBUF_INIT;
394 int bogs /* beginning_of_gpg_sig */;
397 if (write_sha1_file(push_cert.buf, push_cert.len, "blob", push_cert_sha1))
398 hashclr(push_cert_sha1);
400 memset(&sigcheck, '\0', sizeof(sigcheck));
401 sigcheck.result = 'N';
403 bogs = parse_signature(push_cert.buf, push_cert.len);
404 if (verify_signed_buffer(push_cert.buf, bogs,
405 push_cert.buf + bogs, push_cert.len - bogs,
406 &gpg_output, &gpg_status) < 0) {
407 ; /* error running gpg */
409 sigcheck.payload = push_cert.buf;
410 sigcheck.gpg_output = gpg_output.buf;
411 sigcheck.gpg_status = gpg_status.buf;
412 parse_gpg_output(&sigcheck);
415 strbuf_release(&gpg_output);
416 strbuf_release(&gpg_status);
417 nonce_status = check_nonce(push_cert.buf, bogs);
419 if (!is_null_sha1(push_cert_sha1)) {
420 argv_array_pushf(&env, "GIT_PUSH_CERT=%s", sha1_to_hex(push_cert_sha1));
421 argv_array_pushf(&env, "GIT_PUSH_CERT_SIGNER=%s",
422 sigcheck.signer ? sigcheck.signer : "");
423 argv_array_pushf(&env, "GIT_PUSH_CERT_KEY=%s",
424 sigcheck.key ? sigcheck.key : "");
425 argv_array_pushf(&env, "GIT_PUSH_CERT_STATUS=%c", sigcheck.result);
426 if (push_cert_nonce) {
427 argv_array_pushf(&env, "GIT_PUSH_CERT_NONCE=%s", push_cert_nonce);
428 argv_array_pushf(&env, "GIT_PUSH_CERT_NONCE_STATUS=%s", nonce_status);
430 proc->env = env.argv;
434 typedef int (*feed_fn)(void *, const char **, size_t *);
435 static int run_and_feed_hook(const char *hook_name, feed_fn feed, void *feed_state)
437 struct child_process proc;
442 argv[0] = find_hook(hook_name);
448 memset(&proc, 0, sizeof(proc));
451 proc.stdout_to_stderr = 1;
453 prepare_push_cert_sha1(&proc);
456 memset(&muxer, 0, sizeof(muxer));
457 muxer.proc = copy_to_sideband;
459 code = start_async(&muxer);
465 code = start_command(&proc);
468 finish_async(&muxer);
475 if (feed(feed_state, &buf, &n))
477 if (write_in_full(proc.in, buf, n) != n)
482 finish_async(&muxer);
483 return finish_command(&proc);
486 struct receive_hook_feed_state {
492 static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
494 struct receive_hook_feed_state *state = state_;
495 struct command *cmd = state->cmd;
498 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
502 strbuf_reset(&state->buf);
503 strbuf_addf(&state->buf, "%s %s %s\n",
504 sha1_to_hex(cmd->old_sha1), sha1_to_hex(cmd->new_sha1),
506 state->cmd = cmd->next;
508 *bufp = state->buf.buf;
509 *sizep = state->buf.len;
514 static int run_receive_hook(struct command *commands, const char *hook_name,
517 struct receive_hook_feed_state state;
520 strbuf_init(&state.buf, 0);
521 state.cmd = commands;
522 state.skip_broken = skip_broken;
523 if (feed_receive_hook(&state, NULL, NULL))
525 state.cmd = commands;
526 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
527 strbuf_release(&state.buf);
531 static int run_update_hook(struct command *cmd)
534 struct child_process proc;
537 argv[0] = find_hook("update");
541 argv[1] = cmd->ref_name;
542 argv[2] = sha1_to_hex(cmd->old_sha1);
543 argv[3] = sha1_to_hex(cmd->new_sha1);
546 memset(&proc, 0, sizeof(proc));
548 proc.stdout_to_stderr = 1;
549 proc.err = use_sideband ? -1 : 0;
552 code = start_command(&proc);
556 copy_to_sideband(proc.err, -1, NULL);
557 return finish_command(&proc);
560 static int is_ref_checked_out(const char *ref)
562 if (is_bare_repository())
567 return !strcmp(head_name, ref);
570 static char *refuse_unconfigured_deny_msg[] = {
571 "By default, updating the current branch in a non-bare repository",
572 "is denied, because it will make the index and work tree inconsistent",
573 "with what you pushed, and will require 'git reset --hard' to match",
574 "the work tree to HEAD.",
576 "You can set 'receive.denyCurrentBranch' configuration variable to",
577 "'ignore' or 'warn' in the remote repository to allow pushing into",
578 "its current branch; however, this is not recommended unless you",
579 "arranged to update its work tree to match what you pushed in some",
582 "To squelch this message and still keep the default behaviour, set",
583 "'receive.denyCurrentBranch' configuration variable to 'refuse'."
586 static void refuse_unconfigured_deny(void)
589 for (i = 0; i < ARRAY_SIZE(refuse_unconfigured_deny_msg); i++)
590 rp_error("%s", refuse_unconfigured_deny_msg[i]);
593 static char *refuse_unconfigured_deny_delete_current_msg[] = {
594 "By default, deleting the current branch is denied, because the next",
595 "'git clone' won't result in any file checked out, causing confusion.",
597 "You can set 'receive.denyDeleteCurrent' configuration variable to",
598 "'warn' or 'ignore' in the remote repository to allow deleting the",
599 "current branch, with or without a warning message.",
601 "To squelch this message, you can set it to 'refuse'."
604 static void refuse_unconfigured_deny_delete_current(void)
608 i < ARRAY_SIZE(refuse_unconfigured_deny_delete_current_msg);
610 rp_error("%s", refuse_unconfigured_deny_delete_current_msg[i]);
613 static int command_singleton_iterator(void *cb_data, unsigned char sha1[20]);
614 static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
616 static struct lock_file shallow_lock;
617 struct sha1_array extra = SHA1_ARRAY_INIT;
618 const char *alt_file;
619 uint32_t mask = 1 << (cmd->index % 32);
622 trace_printf_key(&trace_shallow,
623 "shallow: update_shallow_ref %s\n", cmd->ref_name);
624 for (i = 0; i < si->shallow->nr; i++)
625 if (si->used_shallow[i] &&
626 (si->used_shallow[i][cmd->index / 32] & mask) &&
627 !delayed_reachability_test(si, i))
628 sha1_array_append(&extra, si->shallow->sha1[i]);
630 setup_alternate_shallow(&shallow_lock, &alt_file, &extra);
631 if (check_shallow_connected(command_singleton_iterator,
633 rollback_lock_file(&shallow_lock);
634 sha1_array_clear(&extra);
638 commit_lock_file(&shallow_lock);
641 * Make sure setup_alternate_shallow() for the next ref does
642 * not lose these new roots..
644 for (i = 0; i < extra.nr; i++)
645 register_shallow(extra.sha1[i]);
647 si->shallow_ref[cmd->index] = 0;
648 sha1_array_clear(&extra);
652 static const char *update(struct command *cmd, struct shallow_info *si)
654 const char *name = cmd->ref_name;
655 struct strbuf namespaced_name_buf = STRBUF_INIT;
656 const char *namespaced_name;
657 unsigned char *old_sha1 = cmd->old_sha1;
658 unsigned char *new_sha1 = cmd->new_sha1;
659 struct ref_lock *lock;
661 /* only refs/... are allowed */
662 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
663 rp_error("refusing to create funny ref '%s' remotely", name);
664 return "funny refname";
667 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
668 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
670 if (is_ref_checked_out(namespaced_name)) {
671 switch (deny_current_branch) {
675 rp_warning("updating the current branch");
678 case DENY_UNCONFIGURED:
679 rp_error("refusing to update checked out branch: %s", name);
680 if (deny_current_branch == DENY_UNCONFIGURED)
681 refuse_unconfigured_deny();
682 return "branch is currently checked out";
686 if (!is_null_sha1(new_sha1) && !has_sha1_file(new_sha1)) {
687 error("unpack should have generated %s, "
688 "but I can't find it!", sha1_to_hex(new_sha1));
692 if (!is_null_sha1(old_sha1) && is_null_sha1(new_sha1)) {
693 if (deny_deletes && starts_with(name, "refs/heads/")) {
694 rp_error("denying ref deletion for %s", name);
695 return "deletion prohibited";
698 if (!strcmp(namespaced_name, head_name)) {
699 switch (deny_delete_current) {
703 rp_warning("deleting the current branch");
706 case DENY_UNCONFIGURED:
707 if (deny_delete_current == DENY_UNCONFIGURED)
708 refuse_unconfigured_deny_delete_current();
709 rp_error("refusing to delete the current branch: %s", name);
710 return "deletion of the current branch prohibited";
715 if (deny_non_fast_forwards && !is_null_sha1(new_sha1) &&
716 !is_null_sha1(old_sha1) &&
717 starts_with(name, "refs/heads/")) {
718 struct object *old_object, *new_object;
719 struct commit *old_commit, *new_commit;
721 old_object = parse_object(old_sha1);
722 new_object = parse_object(new_sha1);
724 if (!old_object || !new_object ||
725 old_object->type != OBJ_COMMIT ||
726 new_object->type != OBJ_COMMIT) {
727 error("bad sha1 objects for %s", name);
730 old_commit = (struct commit *)old_object;
731 new_commit = (struct commit *)new_object;
732 if (!in_merge_bases(old_commit, new_commit)) {
733 rp_error("denying non-fast-forward %s"
734 " (you should pull first)", name);
735 return "non-fast-forward";
738 if (run_update_hook(cmd)) {
739 rp_error("hook declined to update %s", name);
740 return "hook declined";
743 if (is_null_sha1(new_sha1)) {
744 if (!parse_object(old_sha1)) {
746 if (ref_exists(name)) {
747 rp_warning("Allowing deletion of corrupt ref.");
749 rp_warning("Deleting a non-existent ref.");
750 cmd->did_not_exist = 1;
753 if (delete_ref(namespaced_name, old_sha1, 0)) {
754 rp_error("failed to delete %s", name);
755 return "failed to delete";
757 return NULL; /* good */
760 if (shallow_update && si->shallow_ref[cmd->index] &&
761 update_shallow_ref(cmd, si))
762 return "shallow error";
764 lock = lock_any_ref_for_update(namespaced_name, old_sha1,
767 rp_error("failed to lock %s", name);
768 return "failed to lock";
770 if (write_ref_sha1(lock, new_sha1, "push")) {
771 return "failed to write"; /* error() already called */
773 return NULL; /* good */
777 static void run_update_post_hook(struct command *commands)
782 struct child_process proc;
785 hook = find_hook("post-update");
786 for (argc = 0, cmd = commands; cmd; cmd = cmd->next) {
787 if (cmd->error_string || cmd->did_not_exist)
794 argv = xmalloc(sizeof(*argv) * (2 + argc));
797 for (argc = 1, cmd = commands; cmd; cmd = cmd->next) {
798 if (cmd->error_string || cmd->did_not_exist)
800 argv[argc] = xstrdup(cmd->ref_name);
805 memset(&proc, 0, sizeof(proc));
807 proc.stdout_to_stderr = 1;
808 proc.err = use_sideband ? -1 : 0;
811 if (!start_command(&proc)) {
813 copy_to_sideband(proc.err, -1, NULL);
814 finish_command(&proc);
818 static void check_aliased_update(struct command *cmd, struct string_list *list)
820 struct strbuf buf = STRBUF_INIT;
821 const char *dst_name;
822 struct string_list_item *item;
823 struct command *dst_cmd;
824 unsigned char sha1[20];
825 char cmd_oldh[41], cmd_newh[41], dst_oldh[41], dst_newh[41];
828 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
829 dst_name = resolve_ref_unsafe(buf.buf, sha1, 0, &flag);
830 strbuf_release(&buf);
832 if (!(flag & REF_ISSYMREF))
835 dst_name = strip_namespace(dst_name);
837 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
838 cmd->skip_update = 1;
839 cmd->error_string = "broken symref";
843 if ((item = string_list_lookup(list, dst_name)) == NULL)
846 cmd->skip_update = 1;
848 dst_cmd = (struct command *) item->util;
850 if (!hashcmp(cmd->old_sha1, dst_cmd->old_sha1) &&
851 !hashcmp(cmd->new_sha1, dst_cmd->new_sha1))
854 dst_cmd->skip_update = 1;
856 strcpy(cmd_oldh, find_unique_abbrev(cmd->old_sha1, DEFAULT_ABBREV));
857 strcpy(cmd_newh, find_unique_abbrev(cmd->new_sha1, DEFAULT_ABBREV));
858 strcpy(dst_oldh, find_unique_abbrev(dst_cmd->old_sha1, DEFAULT_ABBREV));
859 strcpy(dst_newh, find_unique_abbrev(dst_cmd->new_sha1, DEFAULT_ABBREV));
860 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
861 " its target '%s' (%s..%s)",
862 cmd->ref_name, cmd_oldh, cmd_newh,
863 dst_cmd->ref_name, dst_oldh, dst_newh);
865 cmd->error_string = dst_cmd->error_string =
866 "inconsistent aliased update";
869 static void check_aliased_updates(struct command *commands)
872 struct string_list ref_list = STRING_LIST_INIT_NODUP;
874 for (cmd = commands; cmd; cmd = cmd->next) {
875 struct string_list_item *item =
876 string_list_append(&ref_list, cmd->ref_name);
877 item->util = (void *)cmd;
879 sort_string_list(&ref_list);
881 for (cmd = commands; cmd; cmd = cmd->next) {
882 if (!cmd->error_string)
883 check_aliased_update(cmd, &ref_list);
886 string_list_clear(&ref_list, 0);
889 static int command_singleton_iterator(void *cb_data, unsigned char sha1[20])
891 struct command **cmd_list = cb_data;
892 struct command *cmd = *cmd_list;
894 if (!cmd || is_null_sha1(cmd->new_sha1))
895 return -1; /* end of list */
896 *cmd_list = NULL; /* this returns only one */
897 hashcpy(sha1, cmd->new_sha1);
901 static void set_connectivity_errors(struct command *commands,
902 struct shallow_info *si)
906 for (cmd = commands; cmd; cmd = cmd->next) {
907 struct command *singleton = cmd;
908 if (shallow_update && si->shallow_ref[cmd->index])
909 /* to be checked in update_shallow_ref() */
911 if (!check_everything_connected(command_singleton_iterator,
914 cmd->error_string = "missing necessary objects";
918 struct iterate_data {
919 struct command *cmds;
920 struct shallow_info *si;
923 static int iterate_receive_command_list(void *cb_data, unsigned char sha1[20])
925 struct iterate_data *data = cb_data;
926 struct command **cmd_list = &data->cmds;
927 struct command *cmd = *cmd_list;
929 for (; cmd; cmd = cmd->next) {
930 if (shallow_update && data->si->shallow_ref[cmd->index])
931 /* to be checked in update_shallow_ref() */
933 if (!is_null_sha1(cmd->new_sha1) && !cmd->skip_update) {
934 hashcpy(sha1, cmd->new_sha1);
935 *cmd_list = cmd->next;
940 return -1; /* end of list */
943 static void reject_updates_to_hidden(struct command *commands)
947 for (cmd = commands; cmd; cmd = cmd->next) {
948 if (cmd->error_string || !ref_is_hidden(cmd->ref_name))
950 if (is_null_sha1(cmd->new_sha1))
951 cmd->error_string = "deny deleting a hidden ref";
953 cmd->error_string = "deny updating a hidden ref";
957 static void execute_commands(struct command *commands,
958 const char *unpacker_error,
959 struct shallow_info *si)
961 int checked_connectivity;
963 unsigned char sha1[20];
964 struct iterate_data data;
966 if (unpacker_error) {
967 for (cmd = commands; cmd; cmd = cmd->next)
968 cmd->error_string = "unpacker error";
972 data.cmds = commands;
974 if (check_everything_connected(iterate_receive_command_list, 0, &data))
975 set_connectivity_errors(commands, si);
977 reject_updates_to_hidden(commands);
979 if (run_receive_hook(commands, "pre-receive", 0)) {
980 for (cmd = commands; cmd; cmd = cmd->next) {
981 if (!cmd->error_string)
982 cmd->error_string = "pre-receive hook declined";
987 check_aliased_updates(commands);
989 free(head_name_to_free);
990 head_name = head_name_to_free = resolve_refdup("HEAD", sha1, 0, NULL);
992 checked_connectivity = 1;
993 for (cmd = commands; cmd; cmd = cmd->next) {
994 if (cmd->error_string)
997 if (cmd->skip_update)
1000 cmd->error_string = update(cmd, si);
1001 if (shallow_update && !cmd->error_string &&
1002 si->shallow_ref[cmd->index]) {
1003 error("BUG: connectivity check has not been run on ref %s",
1005 checked_connectivity = 0;
1009 if (shallow_update && !checked_connectivity)
1010 error("BUG: run 'git fsck' for safety.\n"
1011 "If there are errors, try to remove "
1012 "the reported refs above");
1015 static struct command **queue_command(struct command **tail,
1019 unsigned char old_sha1[20], new_sha1[20];
1020 struct command *cmd;
1021 const char *refname;
1027 get_sha1_hex(line, old_sha1) ||
1028 get_sha1_hex(line + 41, new_sha1))
1029 die("protocol error: expected old/new/ref, got '%s'", line);
1031 refname = line + 82;
1032 reflen = linelen - 82;
1033 cmd = xcalloc(1, sizeof(struct command) + reflen + 1);
1034 hashcpy(cmd->old_sha1, old_sha1);
1035 hashcpy(cmd->new_sha1, new_sha1);
1036 memcpy(cmd->ref_name, refname, reflen);
1037 cmd->ref_name[reflen] = '\0';
1042 static void queue_commands_from_cert(struct command **tail,
1043 struct strbuf *push_cert)
1045 const char *boc, *eoc;
1048 die("protocol error: got both push certificate and unsigned commands");
1050 boc = strstr(push_cert->buf, "\n\n");
1052 die("malformed push certificate %.*s", 100, push_cert->buf);
1055 eoc = push_cert->buf + parse_signature(push_cert->buf, push_cert->len);
1058 const char *eol = memchr(boc, '\n', eoc - boc);
1059 tail = queue_command(tail, boc, eol ? eol - boc : eoc - eol);
1060 boc = eol ? eol + 1 : eoc;
1064 static struct command *read_head_info(struct sha1_array *shallow)
1066 struct command *commands = NULL;
1067 struct command **p = &commands;
1072 line = packet_read_line(0, &len);
1076 if (len == 48 && starts_with(line, "shallow ")) {
1077 unsigned char sha1[20];
1078 if (get_sha1_hex(line + 8, sha1))
1079 die("protocol error: expected shallow sha, got '%s'",
1081 sha1_array_append(shallow, sha1);
1085 linelen = strlen(line);
1086 if (linelen < len) {
1087 const char *feature_list = line + linelen + 1;
1088 if (parse_feature_request(feature_list, "report-status"))
1090 if (parse_feature_request(feature_list, "side-band-64k"))
1091 use_sideband = LARGE_PACKET_MAX;
1092 if (parse_feature_request(feature_list, "quiet"))
1096 if (!strcmp(line, "push-cert")) {
1101 len = packet_read(0, NULL, NULL,
1102 certbuf, sizeof(certbuf), 0);
1107 if (!strcmp(certbuf, "push-cert-end\n"))
1108 break; /* end of cert */
1109 strbuf_addstr(&push_cert, certbuf);
1117 p = queue_command(p, line, linelen);
1121 queue_commands_from_cert(p, &push_cert);
1126 static const char *parse_pack_header(struct pack_header *hdr)
1128 switch (read_pack_header(0, hdr)) {
1130 return "eof before pack header was fully read";
1132 case PH_ERROR_PACK_SIGNATURE:
1133 return "protocol error (pack signature mismatch detected)";
1135 case PH_ERROR_PROTOCOL:
1136 return "protocol error (pack version unsupported)";
1139 return "unknown error in parse_pack_header";
1146 static const char *pack_lockfile;
1148 static const char *unpack(int err_fd, struct shallow_info *si)
1150 struct pack_header hdr;
1151 struct argv_array av = ARGV_ARRAY_INIT;
1152 const char *hdr_err;
1155 struct child_process child;
1156 int fsck_objects = (receive_fsck_objects >= 0
1157 ? receive_fsck_objects
1158 : transfer_fsck_objects >= 0
1159 ? transfer_fsck_objects
1162 hdr_err = parse_pack_header(&hdr);
1168 snprintf(hdr_arg, sizeof(hdr_arg),
1169 "--pack_header=%"PRIu32",%"PRIu32,
1170 ntohl(hdr.hdr_version), ntohl(hdr.hdr_entries));
1172 if (si->nr_ours || si->nr_theirs) {
1173 alt_shallow_file = setup_temporary_shallow(si->shallow);
1174 argv_array_pushl(&av, "--shallow-file", alt_shallow_file, NULL);
1177 memset(&child, 0, sizeof(child));
1178 if (ntohl(hdr.hdr_entries) < unpack_limit) {
1179 argv_array_pushl(&av, "unpack-objects", hdr_arg, NULL);
1181 argv_array_push(&av, "-q");
1183 argv_array_push(&av, "--strict");
1184 child.argv = av.argv;
1185 child.no_stdout = 1;
1188 status = run_command(&child);
1190 return "unpack-objects abnormal exit";
1195 s = sprintf(keep_arg, "--keep=receive-pack %"PRIuMAX" on ", (uintmax_t) getpid());
1196 if (gethostname(keep_arg + s, sizeof(keep_arg) - s))
1197 strcpy(keep_arg + s, "localhost");
1199 argv_array_pushl(&av, "index-pack",
1200 "--stdin", hdr_arg, keep_arg, NULL);
1202 argv_array_push(&av, "--strict");
1204 argv_array_push(&av, "--fix-thin");
1205 child.argv = av.argv;
1209 status = start_command(&child);
1211 return "index-pack fork failed";
1212 pack_lockfile = index_pack_lockfile(child.out);
1214 status = finish_command(&child);
1216 return "index-pack abnormal exit";
1217 reprepare_packed_git();
1222 static const char *unpack_with_sideband(struct shallow_info *si)
1228 return unpack(0, si);
1230 memset(&muxer, 0, sizeof(muxer));
1231 muxer.proc = copy_to_sideband;
1233 if (start_async(&muxer))
1236 ret = unpack(muxer.in, si);
1238 finish_async(&muxer);
1242 static void prepare_shallow_update(struct command *commands,
1243 struct shallow_info *si)
1245 int i, j, k, bitmap_size = (si->ref->nr + 31) / 32;
1247 si->used_shallow = xmalloc(sizeof(*si->used_shallow) *
1249 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
1251 si->need_reachability_test =
1252 xcalloc(si->shallow->nr, sizeof(*si->need_reachability_test));
1254 xcalloc(si->shallow->nr, sizeof(*si->reachable));
1255 si->shallow_ref = xcalloc(si->ref->nr, sizeof(*si->shallow_ref));
1257 for (i = 0; i < si->nr_ours; i++)
1258 si->need_reachability_test[si->ours[i]] = 1;
1260 for (i = 0; i < si->shallow->nr; i++) {
1261 if (!si->used_shallow[i])
1263 for (j = 0; j < bitmap_size; j++) {
1264 if (!si->used_shallow[i][j])
1266 si->need_reachability_test[i]++;
1267 for (k = 0; k < 32; k++)
1268 if (si->used_shallow[i][j] & (1 << k))
1269 si->shallow_ref[j * 32 + k]++;
1273 * true for those associated with some refs and belong
1274 * in "ours" list aka "step 7 not done yet"
1276 si->need_reachability_test[i] =
1277 si->need_reachability_test[i] > 1;
1281 * keep hooks happy by forcing a temporary shallow file via
1282 * env variable because we can't add --shallow-file to every
1283 * command. check_everything_connected() will be done with
1284 * true .git/shallow though.
1286 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
1289 static void update_shallow_info(struct command *commands,
1290 struct shallow_info *si,
1291 struct sha1_array *ref)
1293 struct command *cmd;
1295 remove_nonexistent_theirs_shallow(si);
1296 if (!si->nr_ours && !si->nr_theirs) {
1301 for (cmd = commands; cmd; cmd = cmd->next) {
1302 if (is_null_sha1(cmd->new_sha1))
1304 sha1_array_append(ref, cmd->new_sha1);
1305 cmd->index = ref->nr - 1;
1309 if (shallow_update) {
1310 prepare_shallow_update(commands, si);
1314 ref_status = xmalloc(sizeof(*ref_status) * ref->nr);
1315 assign_shallow_commits_to_refs(si, NULL, ref_status);
1316 for (cmd = commands; cmd; cmd = cmd->next) {
1317 if (is_null_sha1(cmd->new_sha1))
1319 if (ref_status[cmd->index]) {
1320 cmd->error_string = "shallow update not allowed";
1321 cmd->skip_update = 1;
1327 static void report(struct command *commands, const char *unpack_status)
1329 struct command *cmd;
1330 struct strbuf buf = STRBUF_INIT;
1332 packet_buf_write(&buf, "unpack %s\n",
1333 unpack_status ? unpack_status : "ok");
1334 for (cmd = commands; cmd; cmd = cmd->next) {
1335 if (!cmd->error_string)
1336 packet_buf_write(&buf, "ok %s\n",
1339 packet_buf_write(&buf, "ng %s %s\n",
1340 cmd->ref_name, cmd->error_string);
1342 packet_buf_flush(&buf);
1345 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
1347 write_or_die(1, buf.buf, buf.len);
1348 strbuf_release(&buf);
1351 static int delete_only(struct command *commands)
1353 struct command *cmd;
1354 for (cmd = commands; cmd; cmd = cmd->next) {
1355 if (!is_null_sha1(cmd->new_sha1))
1361 int cmd_receive_pack(int argc, const char **argv, const char *prefix)
1363 int advertise_refs = 0;
1364 int stateless_rpc = 0;
1366 const char *dir = NULL;
1367 struct command *commands;
1368 struct sha1_array shallow = SHA1_ARRAY_INIT;
1369 struct sha1_array ref = SHA1_ARRAY_INIT;
1370 struct shallow_info si;
1372 packet_trace_identity("receive-pack");
1375 for (i = 1; i < argc; i++) {
1376 const char *arg = *argv++;
1379 if (!strcmp(arg, "--quiet")) {
1384 if (!strcmp(arg, "--advertise-refs")) {
1388 if (!strcmp(arg, "--stateless-rpc")) {
1392 if (!strcmp(arg, "--reject-thin-pack-for-testing")) {
1397 usage(receive_pack_usage);
1400 usage(receive_pack_usage);
1404 usage(receive_pack_usage);
1408 if (!enter_repo(dir, 0))
1409 die("'%s' does not appear to be a git repository", dir);
1411 git_config(receive_pack_config, NULL);
1412 if (cert_nonce_seed)
1413 push_cert_nonce = prepare_push_cert_nonce(dir, time(NULL));
1415 if (0 <= transfer_unpack_limit)
1416 unpack_limit = transfer_unpack_limit;
1417 else if (0 <= receive_unpack_limit)
1418 unpack_limit = receive_unpack_limit;
1420 if (advertise_refs || !stateless_rpc) {
1426 if ((commands = read_head_info(&shallow)) != NULL) {
1427 const char *unpack_status = NULL;
1429 prepare_shallow_info(&si, &shallow);
1430 if (!si.nr_ours && !si.nr_theirs)
1432 if (!delete_only(commands)) {
1433 unpack_status = unpack_with_sideband(&si);
1434 update_shallow_info(commands, &si, &ref);
1436 execute_commands(commands, unpack_status, &si);
1438 unlink_or_warn(pack_lockfile);
1440 report(commands, unpack_status);
1441 run_receive_hook(commands, "post-receive", 1);
1442 run_update_post_hook(commands);
1444 const char *argv_gc_auto[] = {
1445 "gc", "--auto", "--quiet", NULL,
1447 int opt = RUN_GIT_CMD | RUN_COMMAND_STDOUT_TO_STDERR;
1448 run_command_v_opt(argv_gc_auto, opt);
1450 if (auto_update_server_info)
1451 update_server_info(0);
1452 clear_shallow_info(&si);
1456 sha1_array_clear(&shallow);
1457 sha1_array_clear(&ref);
1458 free((void *)push_cert_nonce);