2 #include "repository.h"
9 #include "run-command.h"
16 #include "string-list.h"
17 #include "oid-array.h"
18 #include "connected.h"
22 #include "gpg-interface.h"
25 #include "tmp-objdir.h"
28 #include "object-store.h"
30 #include "commit-reach.h"
34 static const char * const receive_pack_usage[] = {
35 N_("git receive-pack <git-dir>"),
47 static int deny_deletes;
48 static int deny_non_fast_forwards;
49 static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
50 static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
51 static int receive_fsck_objects = -1;
52 static int transfer_fsck_objects = -1;
53 static struct strbuf fsck_msg_types = STRBUF_INIT;
54 static int receive_unpack_limit = -1;
55 static int transfer_unpack_limit = -1;
56 static int advertise_atomic_push = 1;
57 static int advertise_push_options;
58 static int advertise_sid;
59 static int unpack_limit = 100;
60 static off_t max_input_size;
61 static int report_status;
62 static int report_status_v2;
63 static int use_sideband;
64 static int use_atomic;
65 static int use_push_options;
67 static int prefer_ofs_delta = 1;
68 static int auto_update_server_info;
69 static int auto_gc = 1;
70 static int reject_thin;
71 static int stateless_rpc;
72 static const char *service_dir;
73 static const char *head_name;
74 static void *head_name_to_free;
75 static int sent_capabilities;
76 static int shallow_update;
77 static const char *alt_shallow_file;
78 static struct strbuf push_cert = STRBUF_INIT;
79 static struct object_id push_cert_oid;
80 static struct signature_check sigcheck;
81 static const char *push_cert_nonce;
82 static const char *cert_nonce_seed;
84 static const char *NONCE_UNSOLICITED = "UNSOLICITED";
85 static const char *NONCE_BAD = "BAD";
86 static const char *NONCE_MISSING = "MISSING";
87 static const char *NONCE_OK = "OK";
88 static const char *NONCE_SLOP = "SLOP";
89 static const char *nonce_status;
90 static long nonce_stamp_slop;
91 static timestamp_t nonce_stamp_slop_limit;
92 static struct ref_transaction *transaction;
99 static int keepalive_in_sec = 5;
101 static struct tmp_objdir *tmp_objdir;
103 static struct proc_receive_ref {
104 unsigned int want_add:1,
109 struct proc_receive_ref *next;
112 static void proc_receive_ref_append(const char *prefix);
114 static enum deny_action parse_deny_action(const char *var, const char *value)
117 if (!strcasecmp(value, "ignore"))
119 if (!strcasecmp(value, "warn"))
121 if (!strcasecmp(value, "refuse"))
123 if (!strcasecmp(value, "updateinstead"))
124 return DENY_UPDATE_INSTEAD;
126 if (git_config_bool(var, value))
131 static int receive_pack_config(const char *var, const char *value, void *cb)
133 int status = parse_hide_refs_config(var, value, "receive");
138 if (strcmp(var, "receive.denydeletes") == 0) {
139 deny_deletes = git_config_bool(var, value);
143 if (strcmp(var, "receive.denynonfastforwards") == 0) {
144 deny_non_fast_forwards = git_config_bool(var, value);
148 if (strcmp(var, "receive.unpacklimit") == 0) {
149 receive_unpack_limit = git_config_int(var, value);
153 if (strcmp(var, "transfer.unpacklimit") == 0) {
154 transfer_unpack_limit = git_config_int(var, value);
158 if (strcmp(var, "receive.fsck.skiplist") == 0) {
161 if (git_config_pathname(&path, var, value))
163 strbuf_addf(&fsck_msg_types, "%cskiplist=%s",
164 fsck_msg_types.len ? ',' : '=', path);
169 if (skip_prefix(var, "receive.fsck.", &var)) {
170 if (is_valid_msg_type(var, value))
171 strbuf_addf(&fsck_msg_types, "%c%s=%s",
172 fsck_msg_types.len ? ',' : '=', var, value);
174 warning("Skipping unknown msg id '%s'", var);
178 if (strcmp(var, "receive.fsckobjects") == 0) {
179 receive_fsck_objects = git_config_bool(var, value);
183 if (strcmp(var, "transfer.fsckobjects") == 0) {
184 transfer_fsck_objects = git_config_bool(var, value);
188 if (!strcmp(var, "receive.denycurrentbranch")) {
189 deny_current_branch = parse_deny_action(var, value);
193 if (strcmp(var, "receive.denydeletecurrent") == 0) {
194 deny_delete_current = parse_deny_action(var, value);
198 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
199 prefer_ofs_delta = git_config_bool(var, value);
203 if (strcmp(var, "receive.updateserverinfo") == 0) {
204 auto_update_server_info = git_config_bool(var, value);
208 if (strcmp(var, "receive.autogc") == 0) {
209 auto_gc = git_config_bool(var, value);
213 if (strcmp(var, "receive.shallowupdate") == 0) {
214 shallow_update = git_config_bool(var, value);
218 if (strcmp(var, "receive.certnonceseed") == 0)
219 return git_config_string(&cert_nonce_seed, var, value);
221 if (strcmp(var, "receive.certnonceslop") == 0) {
222 nonce_stamp_slop_limit = git_config_ulong(var, value);
226 if (strcmp(var, "receive.advertiseatomic") == 0) {
227 advertise_atomic_push = git_config_bool(var, value);
231 if (strcmp(var, "receive.advertisepushoptions") == 0) {
232 advertise_push_options = git_config_bool(var, value);
236 if (strcmp(var, "receive.keepalive") == 0) {
237 keepalive_in_sec = git_config_int(var, value);
241 if (strcmp(var, "receive.maxinputsize") == 0) {
242 max_input_size = git_config_int64(var, value);
246 if (strcmp(var, "receive.procreceiverefs") == 0) {
248 return config_error_nonbool(var);
249 proc_receive_ref_append(value);
253 if (strcmp(var, "transfer.advertisesid") == 0) {
254 advertise_sid = git_config_bool(var, value);
258 return git_default_config(var, value, cb);
261 static void show_ref(const char *path, const struct object_id *oid)
263 if (sent_capabilities) {
264 packet_write_fmt(1, "%s %s\n", oid_to_hex(oid), path);
266 struct strbuf cap = STRBUF_INIT;
269 "report-status report-status-v2 delete-refs side-band-64k quiet");
270 if (advertise_atomic_push)
271 strbuf_addstr(&cap, " atomic");
272 if (prefer_ofs_delta)
273 strbuf_addstr(&cap, " ofs-delta");
275 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
276 if (advertise_push_options)
277 strbuf_addstr(&cap, " push-options");
279 strbuf_addf(&cap, " session-id=%s", trace2_session_id());
280 strbuf_addf(&cap, " object-format=%s", the_hash_algo->name);
281 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
282 packet_write_fmt(1, "%s %s%c%s\n",
283 oid_to_hex(oid), path, 0, cap.buf);
284 strbuf_release(&cap);
285 sent_capabilities = 1;
289 static int show_ref_cb(const char *path_full, const struct object_id *oid,
290 int flag, void *data)
292 struct oidset *seen = data;
293 const char *path = strip_namespace(path_full);
295 if (ref_is_hidden(path, path_full))
299 * Advertise refs outside our current namespace as ".have"
300 * refs, so that the client can use them to minimize data
301 * transfer but will otherwise ignore them.
304 if (oidset_insert(seen, oid))
308 oidset_insert(seen, oid);
314 static void show_one_alternate_ref(const struct object_id *oid,
317 struct oidset *seen = data;
319 if (oidset_insert(seen, oid))
322 show_ref(".have", oid);
325 static void write_head_info(void)
327 static struct oidset seen = OIDSET_INIT;
329 for_each_ref(show_ref_cb, &seen);
330 for_each_alternate_ref(show_one_alternate_ref, &seen);
332 if (!sent_capabilities)
333 show_ref("capabilities^{}", null_oid());
335 advertise_shallow_grafts(1);
341 #define RUN_PROC_RECEIVE_SCHEDULED 1
342 #define RUN_PROC_RECEIVE_RETURNED 2
344 struct command *next;
345 const char *error_string;
346 struct ref_push_report *report;
347 unsigned int skip_update:1,
351 struct object_id old_oid;
352 struct object_id new_oid;
353 char ref_name[FLEX_ARRAY]; /* more */
356 static void proc_receive_ref_append(const char *prefix)
358 struct proc_receive_ref *ref_pattern;
362 CALLOC_ARRAY(ref_pattern, 1);
363 p = strchr(prefix, ':');
367 ref_pattern->want_add = 1;
368 else if (*prefix == 'd')
369 ref_pattern->want_delete = 1;
370 else if (*prefix == 'm')
371 ref_pattern->want_modify = 1;
372 else if (*prefix == '!')
373 ref_pattern->negative_ref = 1;
378 ref_pattern->want_add = 1;
379 ref_pattern->want_delete = 1;
380 ref_pattern->want_modify = 1;
382 len = strlen(prefix);
383 while (len && prefix[len - 1] == '/')
385 ref_pattern->ref_prefix = xmemdupz(prefix, len);
386 if (!proc_receive_ref) {
387 proc_receive_ref = ref_pattern;
389 struct proc_receive_ref *end;
391 end = proc_receive_ref;
394 end->next = ref_pattern;
398 static int proc_receive_ref_matches(struct command *cmd)
400 struct proc_receive_ref *p;
402 if (!proc_receive_ref)
405 for (p = proc_receive_ref; p; p = p->next) {
406 const char *match = p->ref_prefix;
409 if (!p->want_add && is_null_oid(&cmd->old_oid))
411 else if (!p->want_delete && is_null_oid(&cmd->new_oid))
413 else if (!p->want_modify &&
414 !is_null_oid(&cmd->old_oid) &&
415 !is_null_oid(&cmd->new_oid))
418 if (skip_prefix(cmd->ref_name, match, &remains) &&
419 (!*remains || *remains == '/')) {
420 if (!p->negative_ref)
422 } else if (p->negative_ref) {
429 static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
430 static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
432 static void report_message(const char *prefix, const char *err, va_list params)
437 sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
438 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
439 if (sz > (sizeof(msg) - 1))
440 sz = sizeof(msg) - 1;
444 send_sideband(1, 2, msg, sz, use_sideband);
449 static void rp_warning(const char *err, ...)
452 va_start(params, err);
453 report_message("warning: ", err, params);
457 static void rp_error(const char *err, ...)
460 va_start(params, err);
461 report_message("error: ", err, params);
465 static int copy_to_sideband(int in, int out, void *arg)
468 int keepalive_active = 0;
470 if (keepalive_in_sec <= 0)
471 use_keepalive = KEEPALIVE_NEVER;
472 if (use_keepalive == KEEPALIVE_ALWAYS)
473 keepalive_active = 1;
478 if (keepalive_active) {
484 ret = poll(&pfd, 1, 1000 * keepalive_in_sec);
491 } else if (ret == 0) {
492 /* no data; send a keepalive packet */
493 static const char buf[] = "0005\1";
494 write_or_die(1, buf, sizeof(buf) - 1);
496 } /* else there is actual data to read */
499 sz = xread(in, data, sizeof(data));
503 if (use_keepalive == KEEPALIVE_AFTER_NUL && !keepalive_active) {
504 const char *p = memchr(data, '\0', sz);
507 * The NUL tells us to start sending keepalives. Make
508 * sure we send any other data we read along
511 keepalive_active = 1;
512 send_sideband(1, 2, data, p - data, use_sideband);
513 send_sideband(1, 2, p + 1, sz - (p - data + 1), use_sideband);
519 * Either we're not looking for a NUL signal, or we didn't see
520 * it yet; just pass along the data.
522 send_sideband(1, 2, data, sz, use_sideband);
528 static void hmac_hash(unsigned char *out,
529 const char *key_in, size_t key_len,
530 const char *text, size_t text_len)
532 unsigned char key[GIT_MAX_BLKSZ];
533 unsigned char k_ipad[GIT_MAX_BLKSZ];
534 unsigned char k_opad[GIT_MAX_BLKSZ];
538 /* RFC 2104 2. (1) */
539 memset(key, '\0', GIT_MAX_BLKSZ);
540 if (the_hash_algo->blksz < key_len) {
541 the_hash_algo->init_fn(&ctx);
542 the_hash_algo->update_fn(&ctx, key_in, key_len);
543 the_hash_algo->final_fn(key, &ctx);
545 memcpy(key, key_in, key_len);
548 /* RFC 2104 2. (2) & (5) */
549 for (i = 0; i < sizeof(key); i++) {
550 k_ipad[i] = key[i] ^ 0x36;
551 k_opad[i] = key[i] ^ 0x5c;
554 /* RFC 2104 2. (3) & (4) */
555 the_hash_algo->init_fn(&ctx);
556 the_hash_algo->update_fn(&ctx, k_ipad, sizeof(k_ipad));
557 the_hash_algo->update_fn(&ctx, text, text_len);
558 the_hash_algo->final_fn(out, &ctx);
560 /* RFC 2104 2. (6) & (7) */
561 the_hash_algo->init_fn(&ctx);
562 the_hash_algo->update_fn(&ctx, k_opad, sizeof(k_opad));
563 the_hash_algo->update_fn(&ctx, out, the_hash_algo->rawsz);
564 the_hash_algo->final_fn(out, &ctx);
567 static char *prepare_push_cert_nonce(const char *path, timestamp_t stamp)
569 struct strbuf buf = STRBUF_INIT;
570 unsigned char hash[GIT_MAX_RAWSZ];
572 strbuf_addf(&buf, "%s:%"PRItime, path, stamp);
573 hmac_hash(hash, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));
574 strbuf_release(&buf);
576 /* RFC 2104 5. HMAC-SHA1 or HMAC-SHA256 */
577 strbuf_addf(&buf, "%"PRItime"-%.*s", stamp, (int)the_hash_algo->hexsz, hash_to_hex(hash));
578 return strbuf_detach(&buf, NULL);
582 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
583 * after dropping "_commit" from its name and possibly moving it out
586 static char *find_header(const char *msg, size_t len, const char *key,
587 const char **next_line)
589 int key_len = strlen(key);
590 const char *line = msg;
592 while (line && line < msg + len) {
593 const char *eol = strchrnul(line, '\n');
595 if ((msg + len <= eol) || line == eol)
597 if (line + key_len < eol &&
598 !memcmp(line, key, key_len) && line[key_len] == ' ') {
599 int offset = key_len + 1;
601 *next_line = *eol ? eol + 1 : eol;
602 return xmemdupz(line + offset, (eol - line) - offset);
604 line = *eol ? eol + 1 : NULL;
610 * Return zero if a and b are equal up to n bytes and nonzero if they are not.
611 * This operation is guaranteed to run in constant time to avoid leaking data.
613 static int constant_memequal(const char *a, const char *b, size_t n)
618 for (i = 0; i < n; i++)
623 static const char *check_nonce(const char *buf, size_t len)
625 char *nonce = find_header(buf, len, "nonce", NULL);
626 timestamp_t stamp, ostamp;
627 char *bohmac, *expect = NULL;
628 const char *retval = NONCE_BAD;
632 retval = NONCE_MISSING;
634 } else if (!push_cert_nonce) {
635 retval = NONCE_UNSOLICITED;
637 } else if (!strcmp(push_cert_nonce, nonce)) {
642 if (!stateless_rpc) {
643 /* returned nonce MUST match what we gave out earlier */
649 * In stateless mode, we may be receiving a nonce issued by
650 * another instance of the server that serving the same
651 * repository, and the timestamps may not match, but the
652 * nonce-seed and dir should match, so we can recompute and
653 * report the time slop.
655 * In addition, when a nonce issued by another instance has
656 * timestamp within receive.certnonceslop seconds, we pretend
657 * as if we issued that nonce when reporting to the hook.
660 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
661 if (*nonce <= '0' || '9' < *nonce) {
665 stamp = parse_timestamp(nonce, &bohmac, 10);
666 if (bohmac == nonce || bohmac[0] != '-') {
671 noncelen = strlen(nonce);
672 expect = prepare_push_cert_nonce(service_dir, stamp);
673 if (noncelen != strlen(expect)) {
674 /* This is not even the right size. */
678 if (constant_memequal(expect, nonce, noncelen)) {
679 /* Not what we would have signed earlier */
685 * By how many seconds is this nonce stale? Negative value
686 * would mean it was issued by another server with its clock
687 * skewed in the future.
689 ostamp = parse_timestamp(push_cert_nonce, NULL, 10);
690 nonce_stamp_slop = (long)ostamp - (long)stamp;
692 if (nonce_stamp_slop_limit &&
693 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
695 * Pretend as if the received nonce (which passes the
696 * HMAC check, so it is not a forged by third-party)
699 free((void *)push_cert_nonce);
700 push_cert_nonce = xstrdup(nonce);
713 * Return 1 if there is no push_cert or if the push options in push_cert are
714 * the same as those in the argument; 0 otherwise.
716 static int check_cert_push_options(const struct string_list *push_options)
718 const char *buf = push_cert.buf;
719 int len = push_cert.len;
722 const char *next_line;
723 int options_seen = 0;
730 while ((option = find_header(buf, len, "push-option", &next_line))) {
731 len -= (next_line - buf);
734 if (options_seen > push_options->nr
736 push_options->items[options_seen - 1].string)) {
743 if (options_seen != push_options->nr)
751 static void prepare_push_cert_sha1(struct run_hooks_opt *opt)
753 static int already_done;
759 int bogs /* beginning_of_gpg_sig */;
762 if (write_object_file(push_cert.buf, push_cert.len, "blob",
764 oidclr(&push_cert_oid);
766 memset(&sigcheck, '\0', sizeof(sigcheck));
768 bogs = parse_signed_buffer(push_cert.buf, push_cert.len);
769 check_signature(push_cert.buf, bogs, push_cert.buf + bogs,
770 push_cert.len - bogs, &sigcheck);
772 nonce_status = check_nonce(push_cert.buf, bogs);
774 if (!is_null_oid(&push_cert_oid)) {
775 strvec_pushf(&opt->env, "GIT_PUSH_CERT=%s",
776 oid_to_hex(&push_cert_oid));
777 strvec_pushf(&opt->env, "GIT_PUSH_CERT_SIGNER=%s",
778 sigcheck.signer ? sigcheck.signer : "");
779 strvec_pushf(&opt->env, "GIT_PUSH_CERT_KEY=%s",
780 sigcheck.key ? sigcheck.key : "");
781 strvec_pushf(&opt->env, "GIT_PUSH_CERT_STATUS=%c",
783 if (push_cert_nonce) {
784 strvec_pushf(&opt->env,
785 "GIT_PUSH_CERT_NONCE=%s",
787 strvec_pushf(&opt->env,
788 "GIT_PUSH_CERT_NONCE_STATUS=%s",
790 if (nonce_status == NONCE_SLOP)
791 strvec_pushf(&opt->env,
792 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
798 struct receive_hook_feed_context {
803 struct receive_hook_feed_state {
805 struct ref_push_report *report;
810 static int feed_receive_hook(void *state_)
812 struct receive_hook_feed_state *state = state_;
813 struct command *cmd = state->cmd;
816 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
819 return 1; /* EOF - close the pipe*/
820 strbuf_reset(&state->buf);
822 state->report = cmd->report;
824 struct object_id *old_oid;
825 struct object_id *new_oid;
826 const char *ref_name;
828 old_oid = state->report->old_oid ? state->report->old_oid : &cmd->old_oid;
829 new_oid = state->report->new_oid ? state->report->new_oid : &cmd->new_oid;
830 ref_name = state->report->ref_name ? state->report->ref_name : cmd->ref_name;
831 strbuf_addf(&state->buf, "%s %s %s\n",
832 oid_to_hex(old_oid), oid_to_hex(new_oid),
834 state->report = state->report->next;
836 state->cmd = cmd->next;
838 strbuf_addf(&state->buf, "%s %s %s\n",
839 oid_to_hex(&cmd->old_oid), oid_to_hex(&cmd->new_oid),
841 state->cmd = cmd->next;
846 static int feed_receive_hook_cb(struct strbuf *pipe, void *pp_cb, void *pp_task_cb)
848 struct hook *hook = pp_task_cb;
849 struct receive_hook_feed_state *feed_state = hook->feed_pipe_cb_data;
852 /* first-time setup */
854 struct hook_cb_data *hook_cb = pp_cb;
855 struct run_hooks_opt *opt = hook_cb->options;
856 struct receive_hook_feed_context *ctx = opt->feed_pipe_ctx;
858 BUG("run_hooks_opt.feed_pipe_ctx required for receive hook");
860 feed_state = xmalloc(sizeof(struct receive_hook_feed_state));
861 strbuf_init(&feed_state->buf, 0);
862 feed_state->cmd = ctx->cmd;
863 feed_state->skip_broken = ctx->skip_broken;
864 feed_state->report = NULL;
866 hook->feed_pipe_cb_data = feed_state;
869 rc = feed_receive_hook(feed_state);
871 strbuf_addbuf(pipe, &feed_state->buf);
875 static void hook_output_to_sideband(struct strbuf *output, void *cb_data)
877 int keepalive_active = 0;
879 if (keepalive_in_sec <= 0)
880 use_keepalive = KEEPALIVE_NEVER;
881 if (use_keepalive == KEEPALIVE_ALWAYS)
882 keepalive_active = 1;
884 /* send a keepalive if there is no data to write */
885 if (keepalive_active && !output->len) {
886 static const char buf[] = "0005\1";
887 write_or_die(1, buf, sizeof(buf) - 1);
891 if (use_keepalive == KEEPALIVE_AFTER_NUL && !keepalive_active) {
892 const char *first_null = memchr(output->buf, '\0', output->len);
894 /* The null bit is excluded. */
895 size_t before_null = first_null - output->buf;
896 size_t after_null = output->len - (before_null + 1);
897 keepalive_active = 1;
898 send_sideband(1, 2, output->buf, before_null, use_sideband);
899 send_sideband(1, 2, first_null + 1, after_null, use_sideband);
905 send_sideband(1, 2, output->buf, output->len, use_sideband);
908 static int run_receive_hook(struct command *commands,
909 const char *hook_name,
911 const struct string_list *push_options)
913 struct run_hooks_opt opt = RUN_HOOKS_OPT_INIT;
914 struct receive_hook_feed_context ctx;
916 struct command *iter = commands;
918 /* if there are no valid commands, don't invoke the hook at all. */
919 while (iter && skip_broken && (iter->error_string || iter->did_not_exist))
924 /* pre-receive hooks should run in series as the hook updates refs */
925 if (!strcmp(hook_name, "pre-receive"))
930 for (i = 0; i < push_options->nr; i++)
931 strvec_pushf(&opt.env, "GIT_PUSH_OPTION_%d=%s", i,
932 push_options->items[i].string);
933 strvec_pushf(&opt.env, "GIT_PUSH_OPTION_COUNT=%d", push_options->nr);
935 strvec_push(&opt.env, "GIT_PUSH_OPTION_COUNT");
938 strvec_pushv(&opt.env, tmp_objdir_env(tmp_objdir));
940 prepare_push_cert_sha1(&opt);
942 /* set up sideband printer */
944 opt.consume_sideband = hook_output_to_sideband;
946 /* set up stdin callback */
948 ctx.skip_broken = skip_broken;
949 opt.feed_pipe = feed_receive_hook_cb;
950 opt.feed_pipe_ctx = &ctx;
952 rc = run_hooks(hook_name, &opt);
953 run_hooks_opt_clear(&opt);
957 static int run_update_hook(struct command *cmd)
959 struct run_hooks_opt opt = RUN_HOOKS_OPT_INIT;
962 strvec_pushl(&opt.args,
964 oid_to_hex(&cmd->old_oid),
965 oid_to_hex(&cmd->new_oid),
969 opt.consume_sideband = hook_output_to_sideband;
971 code = run_hooks("update", &opt);
972 run_hooks_opt_clear(&opt);
976 static struct command *find_command_by_refname(struct command *list,
979 for (; list; list = list->next)
980 if (!strcmp(list->ref_name, refname))
985 static int read_proc_receive_report(struct packet_reader *reader,
986 struct command *commands,
987 struct strbuf *errmsg)
990 struct command *hint = NULL;
991 struct ref_push_report *report = NULL;
998 struct object_id old_oid, new_oid;
1000 const char *refname;
1002 enum packet_read_status status;
1004 status = packet_reader_read(reader);
1005 if (status != PACKET_READ_NORMAL) {
1006 /* Check whether proc-receive exited abnormally */
1007 if (status == PACKET_READ_EOF && !response) {
1008 strbuf_addstr(errmsg, "proc-receive exited abnormally");
1015 head = reader->line;
1016 p = strchr(head, ' ');
1018 strbuf_addf(errmsg, "proc-receive reported incomplete status line: '%s'\n", head);
1023 if (!strcmp(head, "option")) {
1024 const char *key, *val;
1026 if (!hint || !(report || new_report)) {
1028 strbuf_addstr(errmsg, "proc-receive reported 'option' without a matching 'ok/ng' directive\n");
1033 if (!hint->report) {
1034 CALLOC_ARRAY(hint->report, 1);
1035 report = hint->report;
1037 report = hint->report;
1038 while (report->next)
1039 report = report->next;
1040 report->next = xcalloc(1, sizeof(struct ref_push_report));
1041 report = report->next;
1046 p = strchr(key, ' ');
1050 if (!strcmp(key, "refname"))
1051 report->ref_name = xstrdup_or_null(val);
1052 else if (!strcmp(key, "old-oid") && val &&
1053 !parse_oid_hex(val, &old_oid, &val))
1054 report->old_oid = oiddup(&old_oid);
1055 else if (!strcmp(key, "new-oid") && val &&
1056 !parse_oid_hex(val, &new_oid, &val))
1057 report->new_oid = oiddup(&new_oid);
1058 else if (!strcmp(key, "forced-update"))
1059 report->forced_update = 1;
1060 else if (!strcmp(key, "fall-through"))
1061 /* Fall through, let 'receive-pack' to execute it. */
1062 hint->run_proc_receive = 0;
1069 p = strchr(refname, ' ');
1072 if (strcmp(head, "ok") && strcmp(head, "ng")) {
1073 strbuf_addf(errmsg, "proc-receive reported bad status '%s' on ref '%s'\n",
1079 /* first try searching at our hint, falling back to all refs */
1081 hint = find_command_by_refname(hint, refname);
1083 hint = find_command_by_refname(commands, refname);
1085 strbuf_addf(errmsg, "proc-receive reported status on unknown ref: %s\n",
1090 if (!hint->run_proc_receive) {
1091 strbuf_addf(errmsg, "proc-receive reported status on unexpected ref: %s\n",
1096 hint->run_proc_receive |= RUN_PROC_RECEIVE_RETURNED;
1097 if (!strcmp(head, "ng")) {
1099 hint->error_string = xstrdup(p);
1101 hint->error_string = "failed";
1108 for (cmd = commands; cmd; cmd = cmd->next)
1109 if (cmd->run_proc_receive && !cmd->error_string &&
1110 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED)) {
1111 cmd->error_string = "proc-receive failed to report status";
1117 static int run_proc_receive_hook(struct command *commands,
1118 const struct string_list *push_options)
1120 struct child_process proc = CHILD_PROCESS_INIT;
1122 struct command *cmd;
1123 const char *argv[2];
1124 struct packet_reader reader;
1125 struct strbuf cap = STRBUF_INIT;
1126 struct strbuf errmsg = STRBUF_INIT;
1127 int hook_use_push_options = 0;
1131 argv[0] = find_hook("proc-receive");
1133 rp_error("cannot find hook 'proc-receive'");
1141 proc.trace2_hook_name = "proc-receive";
1144 memset(&muxer, 0, sizeof(muxer));
1145 muxer.proc = copy_to_sideband;
1147 code = start_async(&muxer);
1150 proc.err = muxer.in;
1155 code = start_command(&proc);
1158 finish_async(&muxer);
1162 sigchain_push(SIGPIPE, SIG_IGN);
1164 /* Version negotiaton */
1165 packet_reader_init(&reader, proc.out, NULL, 0,
1166 PACKET_READ_CHOMP_NEWLINE |
1167 PACKET_READ_GENTLE_ON_EOF);
1169 strbuf_addstr(&cap, " atomic");
1170 if (use_push_options)
1171 strbuf_addstr(&cap, " push-options");
1173 code = packet_write_fmt_gently(proc.in, "version=1%c%s\n", '\0', cap.buf + 1);
1174 strbuf_release(&cap);
1176 code = packet_write_fmt_gently(proc.in, "version=1\n");
1179 code = packet_flush_gently(proc.in);
1184 enum packet_read_status status;
1186 status = packet_reader_read(&reader);
1187 if (status != PACKET_READ_NORMAL) {
1188 /* Check whether proc-receive exited abnormally */
1189 if (status == PACKET_READ_EOF)
1194 if (reader.pktlen > 8 && starts_with(reader.line, "version=")) {
1195 version = atoi(reader.line + 8);
1196 linelen = strlen(reader.line);
1197 if (linelen < reader.pktlen) {
1198 const char *feature_list = reader.line + linelen + 1;
1199 if (parse_feature_request(feature_list, "push-options"))
1200 hook_use_push_options = 1;
1206 strbuf_addstr(&errmsg, "fail to negotiate version with proc-receive hook");
1216 strbuf_addf(&errmsg, "proc-receive version '%d' is not supported",
1223 for (cmd = commands; cmd; cmd = cmd->next) {
1224 if (!cmd->run_proc_receive || cmd->skip_update || cmd->error_string)
1226 code = packet_write_fmt_gently(proc.in, "%s %s %s",
1227 oid_to_hex(&cmd->old_oid),
1228 oid_to_hex(&cmd->new_oid),
1234 code = packet_flush_gently(proc.in);
1236 strbuf_addstr(&errmsg, "fail to write commands to proc-receive hook");
1240 /* Send push options */
1241 if (hook_use_push_options) {
1242 struct string_list_item *item;
1244 for_each_string_list_item(item, push_options) {
1245 code = packet_write_fmt_gently(proc.in, "%s", item->string);
1250 code = packet_flush_gently(proc.in);
1252 strbuf_addstr(&errmsg,
1253 "fail to write push-options to proc-receive hook");
1258 /* Read result from proc-receive */
1259 code = read_proc_receive_report(&reader, commands, &errmsg);
1265 finish_async(&muxer);
1266 if (finish_command(&proc))
1268 if (errmsg.len >0) {
1269 char *p = errmsg.buf;
1271 p += errmsg.len - 1;
1274 rp_error("%s", errmsg.buf);
1275 strbuf_release(&errmsg);
1277 sigchain_pop(SIGPIPE);
1282 static char *refuse_unconfigured_deny_msg =
1283 N_("By default, updating the current branch in a non-bare repository\n"
1284 "is denied, because it will make the index and work tree inconsistent\n"
1285 "with what you pushed, and will require 'git reset --hard' to match\n"
1286 "the work tree to HEAD.\n"
1288 "You can set the 'receive.denyCurrentBranch' configuration variable\n"
1289 "to 'ignore' or 'warn' in the remote repository to allow pushing into\n"
1290 "its current branch; however, this is not recommended unless you\n"
1291 "arranged to update its work tree to match what you pushed in some\n"
1294 "To squelch this message and still keep the default behaviour, set\n"
1295 "'receive.denyCurrentBranch' configuration variable to 'refuse'.");
1297 static void refuse_unconfigured_deny(void)
1299 rp_error("%s", _(refuse_unconfigured_deny_msg));
1302 static char *refuse_unconfigured_deny_delete_current_msg =
1303 N_("By default, deleting the current branch is denied, because the next\n"
1304 "'git clone' won't result in any file checked out, causing confusion.\n"
1306 "You can set 'receive.denyDeleteCurrent' configuration variable to\n"
1307 "'warn' or 'ignore' in the remote repository to allow deleting the\n"
1308 "current branch, with or without a warning message.\n"
1310 "To squelch this message, you can set it to 'refuse'.");
1312 static void refuse_unconfigured_deny_delete_current(void)
1314 rp_error("%s", _(refuse_unconfigured_deny_delete_current_msg));
1317 static int command_singleton_iterator(void *cb_data, struct object_id *oid);
1318 static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
1320 struct shallow_lock shallow_lock = SHALLOW_LOCK_INIT;
1321 struct oid_array extra = OID_ARRAY_INIT;
1322 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1323 uint32_t mask = 1 << (cmd->index % 32);
1326 trace_printf_key(&trace_shallow,
1327 "shallow: update_shallow_ref %s\n", cmd->ref_name);
1328 for (i = 0; i < si->shallow->nr; i++)
1329 if (si->used_shallow[i] &&
1330 (si->used_shallow[i][cmd->index / 32] & mask) &&
1331 !delayed_reachability_test(si, i))
1332 oid_array_append(&extra, &si->shallow->oid[i]);
1334 opt.env = tmp_objdir_env(tmp_objdir);
1335 setup_alternate_shallow(&shallow_lock, &opt.shallow_file, &extra);
1336 if (check_connected(command_singleton_iterator, cmd, &opt)) {
1337 rollback_shallow_file(the_repository, &shallow_lock);
1338 oid_array_clear(&extra);
1342 commit_shallow_file(the_repository, &shallow_lock);
1345 * Make sure setup_alternate_shallow() for the next ref does
1346 * not lose these new roots..
1348 for (i = 0; i < extra.nr; i++)
1349 register_shallow(the_repository, &extra.oid[i]);
1351 si->shallow_ref[cmd->index] = 0;
1352 oid_array_clear(&extra);
1357 * NEEDSWORK: we should consolidate various implementions of "are we
1358 * on an unborn branch?" test into one, and make the unified one more
1359 * robust. !get_sha1() based check used here and elsewhere would not
1360 * allow us to tell an unborn branch from corrupt ref, for example.
1361 * For the purpose of fixing "deploy-to-update does not work when
1362 * pushing into an empty repository" issue, this should suffice for
1365 static int head_has_history(void)
1367 struct object_id oid;
1369 return !get_oid("HEAD", &oid);
1372 static const char *push_to_deploy(unsigned char *sha1,
1374 const char *work_tree)
1376 const char *update_refresh[] = {
1377 "update-index", "-q", "--ignore-submodules", "--refresh", NULL
1379 const char *diff_files[] = {
1380 "diff-files", "--quiet", "--ignore-submodules", "--", NULL
1382 const char *diff_index[] = {
1383 "diff-index", "--quiet", "--cached", "--ignore-submodules",
1386 const char *read_tree[] = {
1387 "read-tree", "-u", "-m", NULL, NULL
1389 struct child_process child = CHILD_PROCESS_INIT;
1391 child.argv = update_refresh;
1393 child.dir = work_tree;
1395 child.stdout_to_stderr = 1;
1397 if (run_command(&child))
1398 return "Up-to-date check failed";
1400 /* run_command() does not clean up completely; reinitialize */
1401 child_process_init(&child);
1402 child.argv = diff_files;
1404 child.dir = work_tree;
1406 child.stdout_to_stderr = 1;
1408 if (run_command(&child))
1409 return "Working directory has unstaged changes";
1411 /* diff-index with either HEAD or an empty tree */
1412 diff_index[4] = head_has_history() ? "HEAD" : empty_tree_oid_hex();
1414 child_process_init(&child);
1415 child.argv = diff_index;
1418 child.no_stdout = 1;
1419 child.stdout_to_stderr = 0;
1421 if (run_command(&child))
1422 return "Working directory has staged changes";
1424 read_tree[3] = hash_to_hex(sha1);
1425 child_process_init(&child);
1426 child.argv = read_tree;
1428 child.dir = work_tree;
1430 child.no_stdout = 1;
1431 child.stdout_to_stderr = 0;
1433 if (run_command(&child))
1434 return "Could not update working tree to new HEAD";
1439 static const char *push_to_checkout_hook = "push-to-checkout";
1441 static const char *push_to_checkout(unsigned char *hash,
1444 const char *work_tree)
1446 struct run_hooks_opt opt = RUN_HOOKS_OPT_INIT;
1447 opt.invoked_hook = invoked_hook;
1449 strvec_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
1450 strvec_pushv(&opt.env, env->v);
1451 strvec_push(&opt.args, hash_to_hex(hash));
1452 if (run_hooks(push_to_checkout_hook, &opt)) {
1453 run_hooks_opt_clear(&opt);
1454 return "push-to-checkout hook declined";
1456 run_hooks_opt_clear(&opt);
1461 static const char *update_worktree(unsigned char *sha1, const struct worktree *worktree)
1463 const char *retval, *work_tree, *git_dir = NULL;
1464 struct strvec env = STRVEC_INIT;
1465 int invoked_hook = 0;
1467 if (worktree && worktree->path)
1468 work_tree = worktree->path;
1469 else if (git_work_tree_cfg)
1470 work_tree = git_work_tree_cfg;
1474 if (is_bare_repository())
1475 return "denyCurrentBranch = updateInstead needs a worktree";
1477 git_dir = get_worktree_git_dir(worktree);
1479 git_dir = get_git_dir();
1481 strvec_pushf(&env, "GIT_DIR=%s", absolute_path(git_dir));
1483 retval = push_to_checkout(sha1, &invoked_hook, &env, work_tree);
1485 retval = push_to_deploy(sha1, &env, work_tree);
1491 static const char *update(struct command *cmd, struct shallow_info *si)
1493 const char *name = cmd->ref_name;
1494 struct strbuf namespaced_name_buf = STRBUF_INIT;
1495 static char *namespaced_name;
1497 struct object_id *old_oid = &cmd->old_oid;
1498 struct object_id *new_oid = &cmd->new_oid;
1499 int do_update_worktree = 0;
1500 const struct worktree *worktree = is_bare_repository() ? NULL : find_shared_symref("HEAD", name);
1502 /* only refs/... are allowed */
1503 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
1504 rp_error("refusing to create funny ref '%s' remotely", name);
1505 return "funny refname";
1508 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
1509 free(namespaced_name);
1510 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
1513 switch (deny_current_branch) {
1517 rp_warning("updating the current branch");
1520 case DENY_UNCONFIGURED:
1521 rp_error("refusing to update checked out branch: %s", name);
1522 if (deny_current_branch == DENY_UNCONFIGURED)
1523 refuse_unconfigured_deny();
1524 return "branch is currently checked out";
1525 case DENY_UPDATE_INSTEAD:
1526 /* pass -- let other checks intervene first */
1527 do_update_worktree = 1;
1532 if (!is_null_oid(new_oid) && !has_object_file(new_oid)) {
1533 error("unpack should have generated %s, "
1534 "but I can't find it!", oid_to_hex(new_oid));
1538 if (!is_null_oid(old_oid) && is_null_oid(new_oid)) {
1539 if (deny_deletes && starts_with(name, "refs/heads/")) {
1540 rp_error("denying ref deletion for %s", name);
1541 return "deletion prohibited";
1544 if (worktree || (head_name && !strcmp(namespaced_name, head_name))) {
1545 switch (deny_delete_current) {
1549 rp_warning("deleting the current branch");
1552 case DENY_UNCONFIGURED:
1553 case DENY_UPDATE_INSTEAD:
1554 if (deny_delete_current == DENY_UNCONFIGURED)
1555 refuse_unconfigured_deny_delete_current();
1556 rp_error("refusing to delete the current branch: %s", name);
1557 return "deletion of the current branch prohibited";
1559 return "Invalid denyDeleteCurrent setting";
1564 if (deny_non_fast_forwards && !is_null_oid(new_oid) &&
1565 !is_null_oid(old_oid) &&
1566 starts_with(name, "refs/heads/")) {
1567 struct object *old_object, *new_object;
1568 struct commit *old_commit, *new_commit;
1570 old_object = parse_object(the_repository, old_oid);
1571 new_object = parse_object(the_repository, new_oid);
1573 if (!old_object || !new_object ||
1574 old_object->type != OBJ_COMMIT ||
1575 new_object->type != OBJ_COMMIT) {
1576 error("bad sha1 objects for %s", name);
1579 old_commit = (struct commit *)old_object;
1580 new_commit = (struct commit *)new_object;
1581 if (!in_merge_bases(old_commit, new_commit)) {
1582 rp_error("denying non-fast-forward %s"
1583 " (you should pull first)", name);
1584 return "non-fast-forward";
1587 if (run_update_hook(cmd)) {
1588 rp_error("hook declined to update %s", name);
1589 return "hook declined";
1592 if (do_update_worktree) {
1593 ret = update_worktree(new_oid->hash, find_shared_symref("HEAD", name));
1598 if (is_null_oid(new_oid)) {
1599 struct strbuf err = STRBUF_INIT;
1600 if (!parse_object(the_repository, old_oid)) {
1602 if (ref_exists(name)) {
1603 rp_warning("Allowing deletion of corrupt ref.");
1605 rp_warning("Deleting a non-existent ref.");
1606 cmd->did_not_exist = 1;
1609 if (ref_transaction_delete(transaction,
1613 rp_error("%s", err.buf);
1614 strbuf_release(&err);
1615 return "failed to delete";
1617 strbuf_release(&err);
1618 return NULL; /* good */
1621 struct strbuf err = STRBUF_INIT;
1622 if (shallow_update && si->shallow_ref[cmd->index] &&
1623 update_shallow_ref(cmd, si))
1624 return "shallow error";
1626 if (ref_transaction_update(transaction,
1631 rp_error("%s", err.buf);
1632 strbuf_release(&err);
1634 return "failed to update ref";
1636 strbuf_release(&err);
1638 return NULL; /* good */
1642 static void run_update_post_hook(struct command *commands)
1644 struct command *cmd;
1645 struct run_hooks_opt opt = RUN_HOOKS_OPT_INIT;
1647 for (cmd = commands; cmd; cmd = cmd->next) {
1648 if (cmd->error_string || cmd->did_not_exist)
1650 strvec_push(&opt.args, cmd->ref_name);
1656 opt.consume_sideband = hook_output_to_sideband;
1658 run_hooks("post-update", &opt);
1659 run_hooks_opt_clear(&opt);
1662 static void check_aliased_update_internal(struct command *cmd,
1663 struct string_list *list,
1664 const char *dst_name, int flag)
1666 struct string_list_item *item;
1667 struct command *dst_cmd;
1669 if (!(flag & REF_ISSYMREF))
1673 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1674 cmd->skip_update = 1;
1675 cmd->error_string = "broken symref";
1678 dst_name = strip_namespace(dst_name);
1680 if ((item = string_list_lookup(list, dst_name)) == NULL)
1683 cmd->skip_update = 1;
1685 dst_cmd = (struct command *) item->util;
1687 if (oideq(&cmd->old_oid, &dst_cmd->old_oid) &&
1688 oideq(&cmd->new_oid, &dst_cmd->new_oid))
1691 dst_cmd->skip_update = 1;
1693 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1694 " its target '%s' (%s..%s)",
1696 find_unique_abbrev(&cmd->old_oid, DEFAULT_ABBREV),
1697 find_unique_abbrev(&cmd->new_oid, DEFAULT_ABBREV),
1699 find_unique_abbrev(&dst_cmd->old_oid, DEFAULT_ABBREV),
1700 find_unique_abbrev(&dst_cmd->new_oid, DEFAULT_ABBREV));
1702 cmd->error_string = dst_cmd->error_string =
1703 "inconsistent aliased update";
1706 static void check_aliased_update(struct command *cmd, struct string_list *list)
1708 struct strbuf buf = STRBUF_INIT;
1709 const char *dst_name;
1712 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1713 dst_name = resolve_ref_unsafe(buf.buf, 0, NULL, &flag);
1714 check_aliased_update_internal(cmd, list, dst_name, flag);
1715 strbuf_release(&buf);
1718 static void check_aliased_updates(struct command *commands)
1720 struct command *cmd;
1721 struct string_list ref_list = STRING_LIST_INIT_NODUP;
1723 for (cmd = commands; cmd; cmd = cmd->next) {
1724 struct string_list_item *item =
1725 string_list_append(&ref_list, cmd->ref_name);
1726 item->util = (void *)cmd;
1728 string_list_sort(&ref_list);
1730 for (cmd = commands; cmd; cmd = cmd->next) {
1731 if (!cmd->error_string)
1732 check_aliased_update(cmd, &ref_list);
1735 string_list_clear(&ref_list, 0);
1738 static int command_singleton_iterator(void *cb_data, struct object_id *oid)
1740 struct command **cmd_list = cb_data;
1741 struct command *cmd = *cmd_list;
1743 if (!cmd || is_null_oid(&cmd->new_oid))
1744 return -1; /* end of list */
1745 *cmd_list = NULL; /* this returns only one */
1746 oidcpy(oid, &cmd->new_oid);
1750 static void set_connectivity_errors(struct command *commands,
1751 struct shallow_info *si)
1753 struct command *cmd;
1755 for (cmd = commands; cmd; cmd = cmd->next) {
1756 struct command *singleton = cmd;
1757 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1759 if (shallow_update && si->shallow_ref[cmd->index])
1760 /* to be checked in update_shallow_ref() */
1763 opt.env = tmp_objdir_env(tmp_objdir);
1764 if (!check_connected(command_singleton_iterator, &singleton,
1768 cmd->error_string = "missing necessary objects";
1772 struct iterate_data {
1773 struct command *cmds;
1774 struct shallow_info *si;
1777 static int iterate_receive_command_list(void *cb_data, struct object_id *oid)
1779 struct iterate_data *data = cb_data;
1780 struct command **cmd_list = &data->cmds;
1781 struct command *cmd = *cmd_list;
1783 for (; cmd; cmd = cmd->next) {
1784 if (shallow_update && data->si->shallow_ref[cmd->index])
1785 /* to be checked in update_shallow_ref() */
1787 if (!is_null_oid(&cmd->new_oid) && !cmd->skip_update) {
1788 oidcpy(oid, &cmd->new_oid);
1789 *cmd_list = cmd->next;
1794 return -1; /* end of list */
1797 static void reject_updates_to_hidden(struct command *commands)
1799 struct strbuf refname_full = STRBUF_INIT;
1801 struct command *cmd;
1803 strbuf_addstr(&refname_full, get_git_namespace());
1804 prefix_len = refname_full.len;
1806 for (cmd = commands; cmd; cmd = cmd->next) {
1807 if (cmd->error_string)
1810 strbuf_setlen(&refname_full, prefix_len);
1811 strbuf_addstr(&refname_full, cmd->ref_name);
1813 if (!ref_is_hidden(cmd->ref_name, refname_full.buf))
1815 if (is_null_oid(&cmd->new_oid))
1816 cmd->error_string = "deny deleting a hidden ref";
1818 cmd->error_string = "deny updating a hidden ref";
1821 strbuf_release(&refname_full);
1824 static int should_process_cmd(struct command *cmd)
1826 return !cmd->error_string && !cmd->skip_update;
1829 static void warn_if_skipped_connectivity_check(struct command *commands,
1830 struct shallow_info *si)
1832 struct command *cmd;
1833 int checked_connectivity = 1;
1835 for (cmd = commands; cmd; cmd = cmd->next) {
1836 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index]) {
1837 error("BUG: connectivity check has not been run on ref %s",
1839 checked_connectivity = 0;
1842 if (!checked_connectivity)
1843 BUG("connectivity check skipped???");
1846 static void execute_commands_non_atomic(struct command *commands,
1847 struct shallow_info *si)
1849 struct command *cmd;
1850 struct strbuf err = STRBUF_INIT;
1852 for (cmd = commands; cmd; cmd = cmd->next) {
1853 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
1856 transaction = ref_transaction_begin(&err);
1858 rp_error("%s", err.buf);
1860 cmd->error_string = "transaction failed to start";
1864 cmd->error_string = update(cmd, si);
1866 if (!cmd->error_string
1867 && ref_transaction_commit(transaction, &err)) {
1868 rp_error("%s", err.buf);
1870 cmd->error_string = "failed to update ref";
1872 ref_transaction_free(transaction);
1874 strbuf_release(&err);
1877 static void execute_commands_atomic(struct command *commands,
1878 struct shallow_info *si)
1880 struct command *cmd;
1881 struct strbuf err = STRBUF_INIT;
1882 const char *reported_error = "atomic push failure";
1884 transaction = ref_transaction_begin(&err);
1886 rp_error("%s", err.buf);
1888 reported_error = "transaction failed to start";
1892 for (cmd = commands; cmd; cmd = cmd->next) {
1893 if (!should_process_cmd(cmd) || cmd->run_proc_receive)
1896 cmd->error_string = update(cmd, si);
1898 if (cmd->error_string)
1902 if (ref_transaction_commit(transaction, &err)) {
1903 rp_error("%s", err.buf);
1904 reported_error = "atomic transaction failed";
1910 for (cmd = commands; cmd; cmd = cmd->next)
1911 if (!cmd->error_string)
1912 cmd->error_string = reported_error;
1915 ref_transaction_free(transaction);
1916 strbuf_release(&err);
1919 static void execute_commands(struct command *commands,
1920 const char *unpacker_error,
1921 struct shallow_info *si,
1922 const struct string_list *push_options)
1924 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1925 struct command *cmd;
1926 struct iterate_data data;
1929 int run_proc_receive = 0;
1931 if (unpacker_error) {
1932 for (cmd = commands; cmd; cmd = cmd->next)
1933 cmd->error_string = "unpacker error";
1938 memset(&muxer, 0, sizeof(muxer));
1939 muxer.proc = copy_to_sideband;
1941 if (!start_async(&muxer))
1943 /* ...else, continue without relaying sideband */
1946 data.cmds = commands;
1948 opt.err_fd = err_fd;
1949 opt.progress = err_fd && !quiet;
1950 opt.env = tmp_objdir_env(tmp_objdir);
1951 if (check_connected(iterate_receive_command_list, &data, &opt))
1952 set_connectivity_errors(commands, si);
1955 finish_async(&muxer);
1957 reject_updates_to_hidden(commands);
1960 * Try to find commands that have special prefix in their reference names,
1961 * and mark them to run an external "proc-receive" hook later.
1963 if (proc_receive_ref) {
1964 for (cmd = commands; cmd; cmd = cmd->next) {
1965 if (!should_process_cmd(cmd))
1968 if (proc_receive_ref_matches(cmd)) {
1969 cmd->run_proc_receive = RUN_PROC_RECEIVE_SCHEDULED;
1970 run_proc_receive = 1;
1975 if (run_receive_hook(commands, "pre-receive", 0, push_options)) {
1976 for (cmd = commands; cmd; cmd = cmd->next) {
1977 if (!cmd->error_string)
1978 cmd->error_string = "pre-receive hook declined";
1984 * Now we'll start writing out refs, which means the objects need
1985 * to be in their final positions so that other processes can see them.
1987 if (tmp_objdir_migrate(tmp_objdir) < 0) {
1988 for (cmd = commands; cmd; cmd = cmd->next) {
1989 if (!cmd->error_string)
1990 cmd->error_string = "unable to migrate objects to permanent storage";
1996 check_aliased_updates(commands);
1998 free(head_name_to_free);
1999 head_name = head_name_to_free = resolve_refdup("HEAD", 0, NULL, NULL);
2001 if (run_proc_receive &&
2002 run_proc_receive_hook(commands, push_options))
2003 for (cmd = commands; cmd; cmd = cmd->next)
2004 if (!cmd->error_string &&
2005 !(cmd->run_proc_receive & RUN_PROC_RECEIVE_RETURNED) &&
2006 (cmd->run_proc_receive || use_atomic))
2007 cmd->error_string = "fail to run proc-receive hook";
2010 execute_commands_atomic(commands, si);
2012 execute_commands_non_atomic(commands, si);
2015 warn_if_skipped_connectivity_check(commands, si);
2018 static struct command **queue_command(struct command **tail,
2022 struct object_id old_oid, new_oid;
2023 struct command *cmd;
2024 const char *refname;
2028 if (parse_oid_hex(line, &old_oid, &p) ||
2030 parse_oid_hex(p, &new_oid, &p) ||
2032 die("protocol error: expected old/new/ref, got '%s'", line);
2035 reflen = linelen - (p - line);
2036 FLEX_ALLOC_MEM(cmd, ref_name, refname, reflen);
2037 oidcpy(&cmd->old_oid, &old_oid);
2038 oidcpy(&cmd->new_oid, &new_oid);
2043 static void queue_commands_from_cert(struct command **tail,
2044 struct strbuf *push_cert)
2046 const char *boc, *eoc;
2049 die("protocol error: got both push certificate and unsigned commands");
2051 boc = strstr(push_cert->buf, "\n\n");
2053 die("malformed push certificate %.*s", 100, push_cert->buf);
2056 eoc = push_cert->buf + parse_signed_buffer(push_cert->buf, push_cert->len);
2059 const char *eol = memchr(boc, '\n', eoc - boc);
2060 tail = queue_command(tail, boc, eol ? eol - boc : eoc - boc);
2061 boc = eol ? eol + 1 : eoc;
2065 static struct command *read_head_info(struct packet_reader *reader,
2066 struct oid_array *shallow)
2068 struct command *commands = NULL;
2069 struct command **p = &commands;
2073 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
2076 if (reader->pktlen > 8 && starts_with(reader->line, "shallow ")) {
2077 struct object_id oid;
2078 if (get_oid_hex(reader->line + 8, &oid))
2079 die("protocol error: expected shallow sha, got '%s'",
2081 oid_array_append(shallow, &oid);
2085 linelen = strlen(reader->line);
2086 if (linelen < reader->pktlen) {
2087 const char *feature_list = reader->line + linelen + 1;
2088 const char *hash = NULL;
2089 const char *client_sid;
2091 if (parse_feature_request(feature_list, "report-status"))
2093 if (parse_feature_request(feature_list, "report-status-v2"))
2094 report_status_v2 = 1;
2095 if (parse_feature_request(feature_list, "side-band-64k"))
2096 use_sideband = LARGE_PACKET_MAX;
2097 if (parse_feature_request(feature_list, "quiet"))
2099 if (advertise_atomic_push
2100 && parse_feature_request(feature_list, "atomic"))
2102 if (advertise_push_options
2103 && parse_feature_request(feature_list, "push-options"))
2104 use_push_options = 1;
2105 hash = parse_feature_value(feature_list, "object-format", &len, NULL);
2107 hash = hash_algos[GIT_HASH_SHA1].name;
2110 if (xstrncmpz(the_hash_algo->name, hash, len))
2111 die("error: unsupported object format '%s'", hash);
2112 client_sid = parse_feature_value(feature_list, "session-id", &len, NULL);
2114 char *sid = xstrndup(client_sid, len);
2115 trace2_data_string("transfer", NULL, "client-sid", client_sid);
2120 if (!strcmp(reader->line, "push-cert")) {
2122 int saved_options = reader->options;
2123 reader->options &= ~PACKET_READ_CHOMP_NEWLINE;
2126 packet_reader_read(reader);
2127 if (reader->status == PACKET_READ_FLUSH) {
2131 if (reader->status != PACKET_READ_NORMAL) {
2132 die("protocol error: got an unexpected packet");
2134 if (!strcmp(reader->line, "push-cert-end\n"))
2135 break; /* end of cert */
2136 strbuf_addstr(&push_cert, reader->line);
2138 reader->options = saved_options;
2145 p = queue_command(p, reader->line, linelen);
2149 queue_commands_from_cert(p, &push_cert);
2154 static void read_push_options(struct packet_reader *reader,
2155 struct string_list *options)
2158 if (packet_reader_read(reader) != PACKET_READ_NORMAL)
2161 string_list_append(options, reader->line);
2165 static const char *parse_pack_header(struct pack_header *hdr)
2167 switch (read_pack_header(0, hdr)) {
2169 return "eof before pack header was fully read";
2171 case PH_ERROR_PACK_SIGNATURE:
2172 return "protocol error (pack signature mismatch detected)";
2174 case PH_ERROR_PROTOCOL:
2175 return "protocol error (pack version unsupported)";
2178 return "unknown error in parse_pack_header";
2185 static const char *pack_lockfile;
2187 static void push_header_arg(struct strvec *args, struct pack_header *hdr)
2189 strvec_pushf(args, "--pack_header=%"PRIu32",%"PRIu32,
2190 ntohl(hdr->hdr_version), ntohl(hdr->hdr_entries));
2193 static const char *unpack(int err_fd, struct shallow_info *si)
2195 struct pack_header hdr;
2196 const char *hdr_err;
2198 struct child_process child = CHILD_PROCESS_INIT;
2199 int fsck_objects = (receive_fsck_objects >= 0
2200 ? receive_fsck_objects
2201 : transfer_fsck_objects >= 0
2202 ? transfer_fsck_objects
2205 hdr_err = parse_pack_header(&hdr);
2212 if (si->nr_ours || si->nr_theirs) {
2213 alt_shallow_file = setup_temporary_shallow(si->shallow);
2214 strvec_push(&child.args, "--shallow-file");
2215 strvec_push(&child.args, alt_shallow_file);
2218 tmp_objdir = tmp_objdir_create();
2222 return "unable to create temporary object directory";
2224 child.env = tmp_objdir_env(tmp_objdir);
2227 * Normally we just pass the tmp_objdir environment to the child
2228 * processes that do the heavy lifting, but we may need to see these
2229 * objects ourselves to set up shallow information.
2231 tmp_objdir_add_as_alternate(tmp_objdir);
2233 if (ntohl(hdr.hdr_entries) < unpack_limit) {
2234 strvec_push(&child.args, "unpack-objects");
2235 push_header_arg(&child.args, &hdr);
2237 strvec_push(&child.args, "-q");
2239 strvec_pushf(&child.args, "--strict%s",
2240 fsck_msg_types.buf);
2242 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
2243 (uintmax_t)max_input_size);
2244 child.no_stdout = 1;
2247 status = run_command(&child);
2249 return "unpack-objects abnormal exit";
2251 char hostname[HOST_NAME_MAX + 1];
2253 strvec_pushl(&child.args, "index-pack", "--stdin", NULL);
2254 push_header_arg(&child.args, &hdr);
2256 if (xgethostname(hostname, sizeof(hostname)))
2257 xsnprintf(hostname, sizeof(hostname), "localhost");
2258 strvec_pushf(&child.args,
2259 "--keep=receive-pack %"PRIuMAX" on %s",
2260 (uintmax_t)getpid(),
2263 if (!quiet && err_fd)
2264 strvec_push(&child.args, "--show-resolving-progress");
2266 strvec_push(&child.args, "--report-end-of-input");
2268 strvec_pushf(&child.args, "--strict%s",
2269 fsck_msg_types.buf);
2271 strvec_push(&child.args, "--fix-thin");
2273 strvec_pushf(&child.args, "--max-input-size=%"PRIuMAX,
2274 (uintmax_t)max_input_size);
2278 status = start_command(&child);
2280 return "index-pack fork failed";
2281 pack_lockfile = index_pack_lockfile(child.out, NULL);
2283 status = finish_command(&child);
2285 return "index-pack abnormal exit";
2286 reprepare_packed_git(the_repository);
2291 static const char *unpack_with_sideband(struct shallow_info *si)
2297 return unpack(0, si);
2299 use_keepalive = KEEPALIVE_AFTER_NUL;
2300 memset(&muxer, 0, sizeof(muxer));
2301 muxer.proc = copy_to_sideband;
2303 if (start_async(&muxer))
2306 ret = unpack(muxer.in, si);
2308 finish_async(&muxer);
2312 static void prepare_shallow_update(struct shallow_info *si)
2314 int i, j, k, bitmap_size = DIV_ROUND_UP(si->ref->nr, 32);
2316 ALLOC_ARRAY(si->used_shallow, si->shallow->nr);
2317 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
2319 CALLOC_ARRAY(si->need_reachability_test, si->shallow->nr);
2320 CALLOC_ARRAY(si->reachable, si->shallow->nr);
2321 CALLOC_ARRAY(si->shallow_ref, si->ref->nr);
2323 for (i = 0; i < si->nr_ours; i++)
2324 si->need_reachability_test[si->ours[i]] = 1;
2326 for (i = 0; i < si->shallow->nr; i++) {
2327 if (!si->used_shallow[i])
2329 for (j = 0; j < bitmap_size; j++) {
2330 if (!si->used_shallow[i][j])
2332 si->need_reachability_test[i]++;
2333 for (k = 0; k < 32; k++)
2334 if (si->used_shallow[i][j] & (1U << k))
2335 si->shallow_ref[j * 32 + k]++;
2339 * true for those associated with some refs and belong
2340 * in "ours" list aka "step 7 not done yet"
2342 si->need_reachability_test[i] =
2343 si->need_reachability_test[i] > 1;
2347 * keep hooks happy by forcing a temporary shallow file via
2348 * env variable because we can't add --shallow-file to every
2349 * command. check_connected() will be done with
2350 * true .git/shallow though.
2352 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
2355 static void update_shallow_info(struct command *commands,
2356 struct shallow_info *si,
2357 struct oid_array *ref)
2359 struct command *cmd;
2361 remove_nonexistent_theirs_shallow(si);
2362 if (!si->nr_ours && !si->nr_theirs) {
2367 for (cmd = commands; cmd; cmd = cmd->next) {
2368 if (is_null_oid(&cmd->new_oid))
2370 oid_array_append(ref, &cmd->new_oid);
2371 cmd->index = ref->nr - 1;
2375 if (shallow_update) {
2376 prepare_shallow_update(si);
2380 ALLOC_ARRAY(ref_status, ref->nr);
2381 assign_shallow_commits_to_refs(si, NULL, ref_status);
2382 for (cmd = commands; cmd; cmd = cmd->next) {
2383 if (is_null_oid(&cmd->new_oid))
2385 if (ref_status[cmd->index]) {
2386 cmd->error_string = "shallow update not allowed";
2387 cmd->skip_update = 1;
2393 static void report(struct command *commands, const char *unpack_status)
2395 struct command *cmd;
2396 struct strbuf buf = STRBUF_INIT;
2398 packet_buf_write(&buf, "unpack %s\n",
2399 unpack_status ? unpack_status : "ok");
2400 for (cmd = commands; cmd; cmd = cmd->next) {
2401 if (!cmd->error_string)
2402 packet_buf_write(&buf, "ok %s\n",
2405 packet_buf_write(&buf, "ng %s %s\n",
2406 cmd->ref_name, cmd->error_string);
2408 packet_buf_flush(&buf);
2411 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2413 write_or_die(1, buf.buf, buf.len);
2414 strbuf_release(&buf);
2417 static void report_v2(struct command *commands, const char *unpack_status)
2419 struct command *cmd;
2420 struct strbuf buf = STRBUF_INIT;
2421 struct ref_push_report *report;
2423 packet_buf_write(&buf, "unpack %s\n",
2424 unpack_status ? unpack_status : "ok");
2425 for (cmd = commands; cmd; cmd = cmd->next) {
2428 if (cmd->error_string) {
2429 packet_buf_write(&buf, "ng %s %s\n",
2434 packet_buf_write(&buf, "ok %s\n",
2436 for (report = cmd->report; report; report = report->next) {
2438 packet_buf_write(&buf, "ok %s\n",
2440 if (report->ref_name)
2441 packet_buf_write(&buf, "option refname %s\n",
2443 if (report->old_oid)
2444 packet_buf_write(&buf, "option old-oid %s\n",
2445 oid_to_hex(report->old_oid));
2446 if (report->new_oid)
2447 packet_buf_write(&buf, "option new-oid %s\n",
2448 oid_to_hex(report->new_oid));
2449 if (report->forced_update)
2450 packet_buf_write(&buf, "option forced-update\n");
2453 packet_buf_flush(&buf);
2456 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
2458 write_or_die(1, buf.buf, buf.len);
2459 strbuf_release(&buf);
2462 static int delete_only(struct command *commands)
2464 struct command *cmd;
2465 for (cmd = commands; cmd; cmd = cmd->next) {
2466 if (!is_null_oid(&cmd->new_oid))
2472 int cmd_receive_pack(int argc, const char **argv, const char *prefix)
2474 int advertise_refs = 0;
2475 struct command *commands;
2476 struct oid_array shallow = OID_ARRAY_INIT;
2477 struct oid_array ref = OID_ARRAY_INIT;
2478 struct shallow_info si;
2479 struct packet_reader reader;
2481 struct option options[] = {
2482 OPT__QUIET(&quiet, N_("quiet")),
2483 OPT_HIDDEN_BOOL(0, "stateless-rpc", &stateless_rpc, NULL),
2484 OPT_HIDDEN_BOOL(0, "advertise-refs", &advertise_refs, NULL),
2485 OPT_HIDDEN_BOOL(0, "reject-thin-pack-for-testing", &reject_thin, NULL),
2489 packet_trace_identity("receive-pack");
2491 argc = parse_options(argc, argv, prefix, options, receive_pack_usage, 0);
2494 usage_msg_opt(_("Too many arguments."), receive_pack_usage, options);
2496 usage_msg_opt(_("You must specify a directory."), receive_pack_usage, options);
2498 service_dir = argv[0];
2502 if (!enter_repo(service_dir, 0))
2503 die("'%s' does not appear to be a git repository", service_dir);
2505 git_config(receive_pack_config, NULL);
2506 if (cert_nonce_seed)
2507 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
2509 if (0 <= transfer_unpack_limit)
2510 unpack_limit = transfer_unpack_limit;
2511 else if (0 <= receive_unpack_limit)
2512 unpack_limit = receive_unpack_limit;
2514 switch (determine_protocol_version_server()) {
2517 * push support for protocol v2 has not been implemented yet,
2518 * so ignore the request to use v2 and fallback to using v0.
2523 * v1 is just the original protocol with a version string,
2524 * so just fall through after writing the version string.
2526 if (advertise_refs || !stateless_rpc)
2527 packet_write_fmt(1, "version 1\n");
2532 case protocol_unknown_version:
2533 BUG("unknown protocol version");
2536 if (advertise_refs || !stateless_rpc) {
2542 packet_reader_init(&reader, 0, NULL, 0,
2543 PACKET_READ_CHOMP_NEWLINE |
2544 PACKET_READ_DIE_ON_ERR_PACKET);
2546 if ((commands = read_head_info(&reader, &shallow)) != NULL) {
2547 const char *unpack_status = NULL;
2548 struct string_list push_options = STRING_LIST_INIT_DUP;
2550 if (use_push_options)
2551 read_push_options(&reader, &push_options);
2552 if (!check_cert_push_options(&push_options)) {
2553 struct command *cmd;
2554 for (cmd = commands; cmd; cmd = cmd->next)
2555 cmd->error_string = "inconsistent push options";
2558 prepare_shallow_info(&si, &shallow);
2559 if (!si.nr_ours && !si.nr_theirs)
2561 if (!delete_only(commands)) {
2562 unpack_status = unpack_with_sideband(&si);
2563 update_shallow_info(commands, &si, &ref);
2565 use_keepalive = KEEPALIVE_ALWAYS;
2566 execute_commands(commands, unpack_status, &si,
2569 unlink_or_warn(pack_lockfile);
2570 if (report_status_v2)
2571 report_v2(commands, unpack_status);
2572 else if (report_status)
2573 report(commands, unpack_status);
2574 run_receive_hook(commands, "post-receive", 1,
2576 run_update_post_hook(commands);
2577 string_list_clear(&push_options, 0);
2579 const char *argv_gc_auto[] = {
2580 "gc", "--auto", "--quiet", NULL,
2582 struct child_process proc = CHILD_PROCESS_INIT;
2585 proc.stdout_to_stderr = 1;
2586 proc.err = use_sideband ? -1 : 0;
2588 proc.argv = argv_gc_auto;
2590 close_object_store(the_repository->objects);
2591 if (!start_command(&proc)) {
2593 copy_to_sideband(proc.err, -1, NULL);
2594 finish_command(&proc);
2597 if (auto_update_server_info)
2598 update_server_info(0);
2599 clear_shallow_info(&si);
2603 oid_array_clear(&shallow);
2604 oid_array_clear(&ref);
2605 free((void *)push_cert_nonce);
projects / git / blob