connect.con commit http-push: fix off-by-path_len (2064280)
   1#include "git-compat-util.h"
   2#include "cache.h"
   3#include "pkt-line.h"
   4#include "quote.h"
   5#include "refs.h"
   6#include "run-command.h"
   7#include "remote.h"
   8
   9static char *server_capabilities;
  10
  11static int check_ref(const char *name, int len, unsigned int flags)
  12{
  13        if (!flags)
  14                return 1;
  15
  16        if (len < 5 || memcmp(name, "refs/", 5))
  17                return 0;
  18
  19        /* Skip the "refs/" part */
  20        name += 5;
  21        len -= 5;
  22
  23        /* REF_NORMAL means that we don't want the magic fake tag refs */
  24        if ((flags & REF_NORMAL) && check_ref_format(name) < 0)
  25                return 0;
  26
  27        /* REF_HEADS means that we want regular branch heads */
  28        if ((flags & REF_HEADS) && !memcmp(name, "heads/", 6))
  29                return 1;
  30
  31        /* REF_TAGS means that we want tags */
  32        if ((flags & REF_TAGS) && !memcmp(name, "tags/", 5))
  33                return 1;
  34
  35        /* All type bits clear means that we are ok with anything */
  36        return !(flags & ~REF_NORMAL);
  37}
  38
  39int check_ref_type(const struct ref *ref, int flags)
  40{
  41        return check_ref(ref->name, strlen(ref->name), flags);
  42}
  43
  44static void add_extra_have(struct extra_have_objects *extra, unsigned char *sha1)
  45{
  46        ALLOC_GROW(extra->array, extra->nr + 1, extra->alloc);
  47        hashcpy(&(extra->array[extra->nr][0]), sha1);
  48        extra->nr++;
  49}
  50
  51/*
  52 * Read all the refs from the other end
  53 */
  54struct ref **get_remote_heads(int in, struct ref **list,
  55                              int nr_match, char **match,
  56                              unsigned int flags,
  57                              struct extra_have_objects *extra_have)
  58{
  59        *list = NULL;
  60        for (;;) {
  61                struct ref *ref;
  62                unsigned char old_sha1[20];
  63                static char buffer[1000];
  64                char *name;
  65                int len, name_len;
  66
  67                len = packet_read_line(in, buffer, sizeof(buffer));
  68                if (!len)
  69                        break;
  70                if (buffer[len-1] == '\n')
  71                        buffer[--len] = 0;
  72
  73                if (len > 4 && !prefixcmp(buffer, "ERR "))
  74                        die("remote error: %s", buffer + 4);
  75
  76                if (len < 42 || get_sha1_hex(buffer, old_sha1) || buffer[40] != ' ')
  77                        die("protocol error: expected sha/ref, got '%s'", buffer);
  78                name = buffer + 41;
  79
  80                name_len = strlen(name);
  81                if (len != name_len + 41) {
  82                        free(server_capabilities);
  83                        server_capabilities = xstrdup(name + name_len + 1);
  84                }
  85
  86                if (extra_have &&
  87                    name_len == 5 && !memcmp(".have", name, 5)) {
  88                        add_extra_have(extra_have, old_sha1);
  89                        continue;
  90                }
  91
  92                if (!check_ref(name, name_len, flags))
  93                        continue;
  94                if (nr_match && !path_match(name, nr_match, match))
  95                        continue;
  96                ref = alloc_ref(buffer + 41);
  97                hashcpy(ref->old_sha1, old_sha1);
  98                *list = ref;
  99                list = &ref->next;
 100        }
 101        return list;
 102}
 103
 104int server_supports(const char *feature)
 105{
 106        return server_capabilities &&
 107                strstr(server_capabilities, feature) != NULL;
 108}
 109
 110int get_ack(int fd, unsigned char *result_sha1)
 111{
 112        static char line[1000];
 113        int len = packet_read_line(fd, line, sizeof(line));
 114
 115        if (!len)
 116                die("git fetch-pack: expected ACK/NAK, got EOF");
 117        if (line[len-1] == '\n')
 118                line[--len] = 0;
 119        if (!strcmp(line, "NAK"))
 120                return 0;
 121        if (!prefixcmp(line, "ACK ")) {
 122                if (!get_sha1_hex(line+4, result_sha1)) {
 123                        if (strstr(line+45, "continue"))
 124                                return 2;
 125                        return 1;
 126                }
 127        }
 128        die("git fetch_pack: expected ACK/NAK, got '%s'", line);
 129}
 130
 131int path_match(const char *path, int nr, char **match)
 132{
 133        int i;
 134        int pathlen = strlen(path);
 135
 136        for (i = 0; i < nr; i++) {
 137                char *s = match[i];
 138                int len = strlen(s);
 139
 140                if (!len || len > pathlen)
 141                        continue;
 142                if (memcmp(path + pathlen - len, s, len))
 143                        continue;
 144                if (pathlen > len && path[pathlen - len - 1] != '/')
 145                        continue;
 146                *s = 0;
 147                return (i + 1);
 148        }
 149        return 0;
 150}
 151
 152enum protocol {
 153        PROTO_LOCAL = 1,
 154        PROTO_SSH,
 155        PROTO_GIT,
 156};
 157
 158static enum protocol get_protocol(const char *name)
 159{
 160        if (!strcmp(name, "ssh"))
 161                return PROTO_SSH;
 162        if (!strcmp(name, "git"))
 163                return PROTO_GIT;
 164        if (!strcmp(name, "git+ssh"))
 165                return PROTO_SSH;
 166        if (!strcmp(name, "ssh+git"))
 167                return PROTO_SSH;
 168        if (!strcmp(name, "file"))
 169                return PROTO_LOCAL;
 170        die("I don't handle protocol '%s'", name);
 171}
 172
 173#define STR_(s) # s
 174#define STR(s)  STR_(s)
 175
 176#ifndef NO_IPV6
 177
 178static const char *ai_name(const struct addrinfo *ai)
 179{
 180        static char addr[INET_ADDRSTRLEN];
 181        if ( AF_INET == ai->ai_family ) {
 182                struct sockaddr_in *in;
 183                in = (struct sockaddr_in *)ai->ai_addr;
 184                inet_ntop(ai->ai_family, &in->sin_addr, addr, sizeof(addr));
 185        } else if ( AF_INET6 == ai->ai_family ) {
 186                struct sockaddr_in6 *in;
 187                in = (struct sockaddr_in6 *)ai->ai_addr;
 188                inet_ntop(ai->ai_family, &in->sin6_addr, addr, sizeof(addr));
 189        } else {
 190                strcpy(addr, "(unknown)");
 191        }
 192        return addr;
 193}
 194
 195/*
 196 * Returns a connected socket() fd, or else die()s.
 197 */
 198static int git_tcp_connect_sock(char *host, int flags)
 199{
 200        int sockfd = -1, saved_errno = 0;
 201        char *colon, *end;
 202        const char *port = STR(DEFAULT_GIT_PORT);
 203        struct addrinfo hints, *ai0, *ai;
 204        int gai;
 205        int cnt = 0;
 206
 207        if (host[0] == '[') {
 208                end = strchr(host + 1, ']');
 209                if (end) {
 210                        *end = 0;
 211                        end++;
 212                        host++;
 213                } else
 214                        end = host;
 215        } else
 216                end = host;
 217        colon = strchr(end, ':');
 218
 219        if (colon) {
 220                *colon = 0;
 221                port = colon + 1;
 222                if (!*port)
 223                        port = "<none>";
 224        }
 225
 226        memset(&hints, 0, sizeof(hints));
 227        hints.ai_socktype = SOCK_STREAM;
 228        hints.ai_protocol = IPPROTO_TCP;
 229
 230        if (flags & CONNECT_VERBOSE)
 231                fprintf(stderr, "Looking up %s ... ", host);
 232
 233        gai = getaddrinfo(host, port, &hints, &ai);
 234        if (gai)
 235                die("Unable to look up %s (port %s) (%s)", host, port, gai_strerror(gai));
 236
 237        if (flags & CONNECT_VERBOSE)
 238                fprintf(stderr, "done.\nConnecting to %s (port %s) ... ", host, port);
 239
 240        for (ai0 = ai; ai; ai = ai->ai_next) {
 241                sockfd = socket(ai->ai_family,
 242                                ai->ai_socktype, ai->ai_protocol);
 243                if (sockfd < 0) {
 244                        saved_errno = errno;
 245                        continue;
 246                }
 247                if (connect(sockfd, ai->ai_addr, ai->ai_addrlen) < 0) {
 248                        saved_errno = errno;
 249                        fprintf(stderr, "%s[%d: %s]: errno=%s\n",
 250                                host,
 251                                cnt,
 252                                ai_name(ai),
 253                                strerror(saved_errno));
 254                        close(sockfd);
 255                        sockfd = -1;
 256                        continue;
 257                }
 258                if (flags & CONNECT_VERBOSE)
 259                        fprintf(stderr, "%s ", ai_name(ai));
 260                break;
 261        }
 262
 263        freeaddrinfo(ai0);
 264
 265        if (sockfd < 0)
 266                die("unable to connect a socket (%s)", strerror(saved_errno));
 267
 268        if (flags & CONNECT_VERBOSE)
 269                fprintf(stderr, "done.\n");
 270
 271        return sockfd;
 272}
 273
 274#else /* NO_IPV6 */
 275
 276/*
 277 * Returns a connected socket() fd, or else die()s.
 278 */
 279static int git_tcp_connect_sock(char *host, int flags)
 280{
 281        int sockfd = -1, saved_errno = 0;
 282        char *colon, *end;
 283        char *port = STR(DEFAULT_GIT_PORT), *ep;
 284        struct hostent *he;
 285        struct sockaddr_in sa;
 286        char **ap;
 287        unsigned int nport;
 288        int cnt;
 289
 290        if (host[0] == '[') {
 291                end = strchr(host + 1, ']');
 292                if (end) {
 293                        *end = 0;
 294                        end++;
 295                        host++;
 296                } else
 297                        end = host;
 298        } else
 299                end = host;
 300        colon = strchr(end, ':');
 301
 302        if (colon) {
 303                *colon = 0;
 304                port = colon + 1;
 305        }
 306
 307        if (flags & CONNECT_VERBOSE)
 308                fprintf(stderr, "Looking up %s ... ", host);
 309
 310        he = gethostbyname(host);
 311        if (!he)
 312                die("Unable to look up %s (%s)", host, hstrerror(h_errno));
 313        nport = strtoul(port, &ep, 10);
 314        if ( ep == port || *ep ) {
 315                /* Not numeric */
 316                struct servent *se = getservbyname(port,"tcp");
 317                if ( !se )
 318                        die("Unknown port %s\n", port);
 319                nport = se->s_port;
 320        }
 321
 322        if (flags & CONNECT_VERBOSE)
 323                fprintf(stderr, "done.\nConnecting to %s (port %s) ... ", host, port);
 324
 325        for (cnt = 0, ap = he->h_addr_list; *ap; ap++, cnt++) {
 326                sockfd = socket(he->h_addrtype, SOCK_STREAM, 0);
 327                if (sockfd < 0) {
 328                        saved_errno = errno;
 329                        continue;
 330                }
 331
 332                memset(&sa, 0, sizeof sa);
 333                sa.sin_family = he->h_addrtype;
 334                sa.sin_port = htons(nport);
 335                memcpy(&sa.sin_addr, *ap, he->h_length);
 336
 337                if (connect(sockfd, (struct sockaddr *)&sa, sizeof sa) < 0) {
 338                        saved_errno = errno;
 339                        fprintf(stderr, "%s[%d: %s]: errno=%s\n",
 340                                host,
 341                                cnt,
 342                                inet_ntoa(*(struct in_addr *)&sa.sin_addr),
 343                                strerror(saved_errno));
 344                        close(sockfd);
 345                        sockfd = -1;
 346                        continue;
 347                }
 348                if (flags & CONNECT_VERBOSE)
 349                        fprintf(stderr, "%s ",
 350                                inet_ntoa(*(struct in_addr *)&sa.sin_addr));
 351                break;
 352        }
 353
 354        if (sockfd < 0)
 355                die("unable to connect a socket (%s)", strerror(saved_errno));
 356
 357        if (flags & CONNECT_VERBOSE)
 358                fprintf(stderr, "done.\n");
 359
 360        return sockfd;
 361}
 362
 363#endif /* NO_IPV6 */
 364
 365
 366static void git_tcp_connect(int fd[2], char *host, int flags)
 367{
 368        int sockfd = git_tcp_connect_sock(host, flags);
 369
 370        fd[0] = sockfd;
 371        fd[1] = dup(sockfd);
 372}
 373
 374
 375static char *git_proxy_command;
 376static const char *rhost_name;
 377static int rhost_len;
 378
 379static int git_proxy_command_options(const char *var, const char *value,
 380                void *cb)
 381{
 382        if (!strcmp(var, "core.gitproxy")) {
 383                const char *for_pos;
 384                int matchlen = -1;
 385                int hostlen;
 386
 387                if (git_proxy_command)
 388                        return 0;
 389                if (!value)
 390                        return config_error_nonbool(var);
 391                /* [core]
 392                 * ;# matches www.kernel.org as well
 393                 * gitproxy = netcatter-1 for kernel.org
 394                 * gitproxy = netcatter-2 for sample.xz
 395                 * gitproxy = netcatter-default
 396                 */
 397                for_pos = strstr(value, " for ");
 398                if (!for_pos)
 399                        /* matches everybody */
 400                        matchlen = strlen(value);
 401                else {
 402                        hostlen = strlen(for_pos + 5);
 403                        if (rhost_len < hostlen)
 404                                matchlen = -1;
 405                        else if (!strncmp(for_pos + 5,
 406                                          rhost_name + rhost_len - hostlen,
 407                                          hostlen) &&
 408                                 ((rhost_len == hostlen) ||
 409                                  rhost_name[rhost_len - hostlen -1] == '.'))
 410                                matchlen = for_pos - value;
 411                        else
 412                                matchlen = -1;
 413                }
 414                if (0 <= matchlen) {
 415                        /* core.gitproxy = none for kernel.org */
 416                        if (matchlen == 4 &&
 417                            !memcmp(value, "none", 4))
 418                                matchlen = 0;
 419                        git_proxy_command = xmemdupz(value, matchlen);
 420                }
 421                return 0;
 422        }
 423
 424        return git_default_config(var, value, cb);
 425}
 426
 427static int git_use_proxy(const char *host)
 428{
 429        rhost_name = host;
 430        rhost_len = strlen(host);
 431        git_proxy_command = getenv("GIT_PROXY_COMMAND");
 432        git_config(git_proxy_command_options, NULL);
 433        rhost_name = NULL;
 434        return (git_proxy_command && *git_proxy_command);
 435}
 436
 437static void git_proxy_connect(int fd[2], char *host)
 438{
 439        const char *port = STR(DEFAULT_GIT_PORT);
 440        char *colon, *end;
 441        const char *argv[4];
 442        struct child_process proxy;
 443
 444        if (host[0] == '[') {
 445                end = strchr(host + 1, ']');
 446                if (end) {
 447                        *end = 0;
 448                        end++;
 449                        host++;
 450                } else
 451                        end = host;
 452        } else
 453                end = host;
 454        colon = strchr(end, ':');
 455
 456        if (colon) {
 457                *colon = 0;
 458                port = colon + 1;
 459        }
 460
 461        argv[0] = git_proxy_command;
 462        argv[1] = host;
 463        argv[2] = port;
 464        argv[3] = NULL;
 465        memset(&proxy, 0, sizeof(proxy));
 466        proxy.argv = argv;
 467        proxy.in = -1;
 468        proxy.out = -1;
 469        if (start_command(&proxy))
 470                die("cannot start proxy %s", argv[0]);
 471        fd[0] = proxy.out; /* read from proxy stdout */
 472        fd[1] = proxy.in;  /* write to proxy stdin */
 473}
 474
 475#define MAX_CMD_LEN 1024
 476
 477char *get_port(char *host)
 478{
 479        char *end;
 480        char *p = strchr(host, ':');
 481
 482        if (p) {
 483                long port = strtol(p + 1, &end, 10);
 484                if (end != p + 1 && *end == '\0' && 0 <= port && port < 65536) {
 485                        *p = '\0';
 486                        return p+1;
 487                }
 488        }
 489
 490        return NULL;
 491}
 492
 493static struct child_process no_fork;
 494
 495/*
 496 * This returns a dummy child_process if the transport protocol does not
 497 * need fork(2), or a struct child_process object if it does.  Once done,
 498 * finish the connection with finish_connect() with the value returned from
 499 * this function (it is safe to call finish_connect() with NULL to support
 500 * the former case).
 501 *
 502 * If it returns, the connect is successful; it just dies on errors (this
 503 * will hopefully be changed in a libification effort, to return NULL when
 504 * the connection failed).
 505 */
 506struct child_process *git_connect(int fd[2], const char *url_orig,
 507                                  const char *prog, int flags)
 508{
 509        char *url = xstrdup(url_orig);
 510        char *host, *path = url;
 511        char *end;
 512        int c;
 513        struct child_process *conn;
 514        enum protocol protocol = PROTO_LOCAL;
 515        int free_path = 0;
 516        char *port = NULL;
 517        const char **arg;
 518        struct strbuf cmd;
 519
 520        /* Without this we cannot rely on waitpid() to tell
 521         * what happened to our children.
 522         */
 523        signal(SIGCHLD, SIG_DFL);
 524
 525        host = strstr(url, "://");
 526        if(host) {
 527                *host = '\0';
 528                protocol = get_protocol(url);
 529                host += 3;
 530                c = '/';
 531        } else {
 532                host = url;
 533                c = ':';
 534        }
 535
 536        if (host[0] == '[') {
 537                end = strchr(host + 1, ']');
 538                if (end) {
 539                        *end = 0;
 540                        end++;
 541                        host++;
 542                } else
 543                        end = host;
 544        } else
 545                end = host;
 546
 547        path = strchr(end, c);
 548        if (path && !has_dos_drive_prefix(end)) {
 549                if (c == ':') {
 550                        protocol = PROTO_SSH;
 551                        *path++ = '\0';
 552                }
 553        } else
 554                path = end;
 555
 556        if (!path || !*path)
 557                die("No path specified. See 'man git-pull' for valid url syntax");
 558
 559        /*
 560         * null-terminate hostname and point path to ~ for URL's like this:
 561         *    ssh://host.xz/~user/repo
 562         */
 563        if (protocol != PROTO_LOCAL && host != url) {
 564                char *ptr = path;
 565                if (path[1] == '~')
 566                        path++;
 567                else {
 568                        path = xstrdup(ptr);
 569                        free_path = 1;
 570                }
 571
 572                *ptr = '\0';
 573        }
 574
 575        /*
 576         * Add support for ssh port: ssh://host.xy:<port>/...
 577         */
 578        if (protocol == PROTO_SSH && host != url)
 579                port = get_port(host);
 580
 581        if (protocol == PROTO_GIT) {
 582                /* These underlying connection commands die() if they
 583                 * cannot connect.
 584                 */
 585                char *target_host = xstrdup(host);
 586                if (git_use_proxy(host))
 587                        git_proxy_connect(fd, host);
 588                else
 589                        git_tcp_connect(fd, host, flags);
 590                /*
 591                 * Separate original protocol components prog and path
 592                 * from extended components with a NUL byte.
 593                 */
 594                packet_write(fd[1],
 595                             "%s %s%chost=%s%c",
 596                             prog, path, 0,
 597                             target_host, 0);
 598                free(target_host);
 599                free(url);
 600                if (free_path)
 601                        free(path);
 602                return &no_fork;
 603        }
 604
 605        conn = xcalloc(1, sizeof(*conn));
 606
 607        strbuf_init(&cmd, MAX_CMD_LEN);
 608        strbuf_addstr(&cmd, prog);
 609        strbuf_addch(&cmd, ' ');
 610        sq_quote_buf(&cmd, path);
 611        if (cmd.len >= MAX_CMD_LEN)
 612                die("command line too long");
 613
 614        conn->in = conn->out = -1;
 615        conn->argv = arg = xcalloc(6, sizeof(*arg));
 616        if (protocol == PROTO_SSH) {
 617                const char *ssh = getenv("GIT_SSH");
 618                if (!ssh) ssh = "ssh";
 619
 620                *arg++ = ssh;
 621                if (port) {
 622                        *arg++ = "-p";
 623                        *arg++ = port;
 624                }
 625                *arg++ = host;
 626        }
 627        else {
 628                /* remove these from the environment */
 629                const char *env[] = {
 630                        ALTERNATE_DB_ENVIRONMENT,
 631                        DB_ENVIRONMENT,
 632                        GIT_DIR_ENVIRONMENT,
 633                        GIT_WORK_TREE_ENVIRONMENT,
 634                        GRAFT_ENVIRONMENT,
 635                        INDEX_ENVIRONMENT,
 636                        NULL
 637                };
 638                conn->env = env;
 639                *arg++ = "sh";
 640                *arg++ = "-c";
 641        }
 642        *arg++ = cmd.buf;
 643        *arg = NULL;
 644
 645        if (start_command(conn))
 646                die("unable to fork");
 647
 648        fd[0] = conn->out; /* read from child's stdout */
 649        fd[1] = conn->in;  /* write to child's stdin */
 650        strbuf_release(&cmd);
 651        free(url);
 652        if (free_path)
 653                free(path);
 654        return conn;
 655}
 656
 657int finish_connect(struct child_process *conn)
 658{
 659        int code;
 660        if (!conn || conn == &no_fork)
 661                return 0;
 662
 663        code = finish_command(conn);
 664        free(conn->argv);
 665        free(conn);
 666        return code;
 667}