transport.con commit improve error page/httpd logging and file permissions (257c23d)
   1#include "cache.h"
   2#include "config.h"
   3#include "transport.h"
   4#include "run-command.h"
   5#include "pkt-line.h"
   6#include "fetch-pack.h"
   7#include "remote.h"
   8#include "connect.h"
   9#include "send-pack.h"
  10#include "walker.h"
  11#include "bundle.h"
  12#include "dir.h"
  13#include "refs.h"
  14#include "refspec.h"
  15#include "branch.h"
  16#include "url.h"
  17#include "submodule.h"
  18#include "string-list.h"
  19#include "sha1-array.h"
  20#include "sigchain.h"
  21#include "transport-internal.h"
  22#include "protocol.h"
  23#include "object-store.h"
  24#include "color.h"
  25
  26static int transport_use_color = -1;
  27static char transport_colors[][COLOR_MAXLEN] = {
  28        GIT_COLOR_RESET,
  29        GIT_COLOR_RED           /* REJECTED */
  30};
  31
  32enum color_transport {
  33        TRANSPORT_COLOR_RESET = 0,
  34        TRANSPORT_COLOR_REJECTED = 1
  35};
  36
  37static int transport_color_config(void)
  38{
  39        const char *keys[] = {
  40                "color.transport.reset",
  41                "color.transport.rejected"
  42        }, *key = "color.transport";
  43        char *value;
  44        int i;
  45        static int initialized;
  46
  47        if (initialized)
  48                return 0;
  49        initialized = 1;
  50
  51        if (!git_config_get_string(key, &value))
  52                transport_use_color = git_config_colorbool(key, value);
  53
  54        if (!want_color_stderr(transport_use_color))
  55                return 0;
  56
  57        for (i = 0; i < ARRAY_SIZE(keys); i++)
  58                if (!git_config_get_string(keys[i], &value)) {
  59                        if (!value)
  60                                return config_error_nonbool(keys[i]);
  61                        if (color_parse(value, transport_colors[i]) < 0)
  62                                return -1;
  63                }
  64
  65        return 0;
  66}
  67
  68static const char *transport_get_color(enum color_transport ix)
  69{
  70        if (want_color_stderr(transport_use_color))
  71                return transport_colors[ix];
  72        return "";
  73}
  74
  75static void set_upstreams(struct transport *transport, struct ref *refs,
  76        int pretend)
  77{
  78        struct ref *ref;
  79        for (ref = refs; ref; ref = ref->next) {
  80                const char *localname;
  81                const char *tmp;
  82                const char *remotename;
  83                int flag = 0;
  84                /*
  85                 * Check suitability for tracking. Must be successful /
  86                 * already up-to-date ref create/modify (not delete).
  87                 */
  88                if (ref->status != REF_STATUS_OK &&
  89                        ref->status != REF_STATUS_UPTODATE)
  90                        continue;
  91                if (!ref->peer_ref)
  92                        continue;
  93                if (is_null_oid(&ref->new_oid))
  94                        continue;
  95
  96                /* Follow symbolic refs (mainly for HEAD). */
  97                localname = ref->peer_ref->name;
  98                remotename = ref->name;
  99                tmp = resolve_ref_unsafe(localname, RESOLVE_REF_READING,
 100                                         NULL, &flag);
 101                if (tmp && flag & REF_ISSYMREF &&
 102                        starts_with(tmp, "refs/heads/"))
 103                        localname = tmp;
 104
 105                /* Both source and destination must be local branches. */
 106                if (!localname || !starts_with(localname, "refs/heads/"))
 107                        continue;
 108                if (!remotename || !starts_with(remotename, "refs/heads/"))
 109                        continue;
 110
 111                if (!pretend)
 112                        install_branch_config(BRANCH_CONFIG_VERBOSE,
 113                                localname + 11, transport->remote->name,
 114                                remotename);
 115                else
 116                        printf(_("Would set upstream of '%s' to '%s' of '%s'\n"),
 117                                localname + 11, remotename + 11,
 118                                transport->remote->name);
 119        }
 120}
 121
 122struct bundle_transport_data {
 123        int fd;
 124        struct bundle_header header;
 125        unsigned get_refs_from_bundle_called : 1;
 126};
 127
 128static struct ref *get_refs_from_bundle(struct transport *transport,
 129                                        int for_push,
 130                                        const struct argv_array *ref_prefixes)
 131{
 132        struct bundle_transport_data *data = transport->data;
 133        struct ref *result = NULL;
 134        int i;
 135
 136        if (for_push)
 137                return NULL;
 138
 139        data->get_refs_from_bundle_called = 1;
 140
 141        if (data->fd > 0)
 142                close(data->fd);
 143        data->fd = read_bundle_header(transport->url, &data->header);
 144        if (data->fd < 0)
 145                die(_("could not read bundle '%s'"), transport->url);
 146        for (i = 0; i < data->header.references.nr; i++) {
 147                struct ref_list_entry *e = data->header.references.list + i;
 148                struct ref *ref = alloc_ref(e->name);
 149                oidcpy(&ref->old_oid, &e->oid);
 150                ref->next = result;
 151                result = ref;
 152        }
 153        return result;
 154}
 155
 156static int fetch_refs_from_bundle(struct transport *transport,
 157                               int nr_heads, struct ref **to_fetch)
 158{
 159        struct bundle_transport_data *data = transport->data;
 160
 161        if (!data->get_refs_from_bundle_called)
 162                get_refs_from_bundle(transport, 0, NULL);
 163        return unbundle(the_repository, &data->header, data->fd,
 164                        transport->progress ? BUNDLE_VERBOSE : 0);
 165}
 166
 167static int close_bundle(struct transport *transport)
 168{
 169        struct bundle_transport_data *data = transport->data;
 170        if (data->fd > 0)
 171                close(data->fd);
 172        free(data);
 173        return 0;
 174}
 175
 176struct git_transport_data {
 177        struct git_transport_options options;
 178        struct child_process *conn;
 179        int fd[2];
 180        unsigned got_remote_heads : 1;
 181        enum protocol_version version;
 182        struct oid_array extra_have;
 183        struct oid_array shallow;
 184};
 185
 186static int set_git_option(struct git_transport_options *opts,
 187                          const char *name, const char *value)
 188{
 189        if (!strcmp(name, TRANS_OPT_UPLOADPACK)) {
 190                opts->uploadpack = value;
 191                return 0;
 192        } else if (!strcmp(name, TRANS_OPT_RECEIVEPACK)) {
 193                opts->receivepack = value;
 194                return 0;
 195        } else if (!strcmp(name, TRANS_OPT_THIN)) {
 196                opts->thin = !!value;
 197                return 0;
 198        } else if (!strcmp(name, TRANS_OPT_FOLLOWTAGS)) {
 199                opts->followtags = !!value;
 200                return 0;
 201        } else if (!strcmp(name, TRANS_OPT_KEEP)) {
 202                opts->keep = !!value;
 203                return 0;
 204        } else if (!strcmp(name, TRANS_OPT_UPDATE_SHALLOW)) {
 205                opts->update_shallow = !!value;
 206                return 0;
 207        } else if (!strcmp(name, TRANS_OPT_DEPTH)) {
 208                if (!value)
 209                        opts->depth = 0;
 210                else {
 211                        char *end;
 212                        opts->depth = strtol(value, &end, 0);
 213                        if (*end)
 214                                die(_("transport: invalid depth option '%s'"), value);
 215                }
 216                return 0;
 217        } else if (!strcmp(name, TRANS_OPT_DEEPEN_SINCE)) {
 218                opts->deepen_since = value;
 219                return 0;
 220        } else if (!strcmp(name, TRANS_OPT_DEEPEN_NOT)) {
 221                opts->deepen_not = (const struct string_list *)value;
 222                return 0;
 223        } else if (!strcmp(name, TRANS_OPT_DEEPEN_RELATIVE)) {
 224                opts->deepen_relative = !!value;
 225                return 0;
 226        } else if (!strcmp(name, TRANS_OPT_FROM_PROMISOR)) {
 227                opts->from_promisor = !!value;
 228                return 0;
 229        } else if (!strcmp(name, TRANS_OPT_NO_DEPENDENTS)) {
 230                opts->no_dependents = !!value;
 231                return 0;
 232        } else if (!strcmp(name, TRANS_OPT_LIST_OBJECTS_FILTER)) {
 233                list_objects_filter_die_if_populated(&opts->filter_options);
 234                parse_list_objects_filter(&opts->filter_options, value);
 235                return 0;
 236        }
 237        return 1;
 238}
 239
 240static int connect_setup(struct transport *transport, int for_push)
 241{
 242        struct git_transport_data *data = transport->data;
 243        int flags = transport->verbose > 0 ? CONNECT_VERBOSE : 0;
 244
 245        if (data->conn)
 246                return 0;
 247
 248        switch (transport->family) {
 249        case TRANSPORT_FAMILY_ALL: break;
 250        case TRANSPORT_FAMILY_IPV4: flags |= CONNECT_IPV4; break;
 251        case TRANSPORT_FAMILY_IPV6: flags |= CONNECT_IPV6; break;
 252        }
 253
 254        data->conn = git_connect(data->fd, transport->url,
 255                                 for_push ? data->options.receivepack :
 256                                 data->options.uploadpack,
 257                                 flags);
 258
 259        return 0;
 260}
 261
 262static void die_if_server_options(struct transport *transport)
 263{
 264        if (!transport->server_options || !transport->server_options->nr)
 265                return;
 266        advise(_("see protocol.version in 'git help config' for more details"));
 267        die(_("server options require protocol version 2 or later"));
 268}
 269
 270/*
 271 * Obtains the protocol version from the transport and writes it to
 272 * transport->data->version, first connecting if not already connected.
 273 *
 274 * If the protocol version is one that allows skipping the listing of remote
 275 * refs, and must_list_refs is 0, the listing of remote refs is skipped and
 276 * this function returns NULL. Otherwise, this function returns the list of
 277 * remote refs.
 278 */
 279static struct ref *handshake(struct transport *transport, int for_push,
 280                             const struct argv_array *ref_prefixes,
 281                             int must_list_refs)
 282{
 283        struct git_transport_data *data = transport->data;
 284        struct ref *refs = NULL;
 285        struct packet_reader reader;
 286
 287        connect_setup(transport, for_push);
 288
 289        packet_reader_init(&reader, data->fd[0], NULL, 0,
 290                           PACKET_READ_CHOMP_NEWLINE |
 291                           PACKET_READ_GENTLE_ON_EOF |
 292                           PACKET_READ_DIE_ON_ERR_PACKET);
 293
 294        data->version = discover_version(&reader);
 295        switch (data->version) {
 296        case protocol_v2:
 297                if (must_list_refs)
 298                        get_remote_refs(data->fd[1], &reader, &refs, for_push,
 299                                        ref_prefixes,
 300                                        transport->server_options);
 301                break;
 302        case protocol_v1:
 303        case protocol_v0:
 304                die_if_server_options(transport);
 305                get_remote_heads(&reader, &refs,
 306                                 for_push ? REF_NORMAL : 0,
 307                                 &data->extra_have,
 308                                 &data->shallow);
 309                break;
 310        case protocol_unknown_version:
 311                BUG("unknown protocol version");
 312        }
 313        data->got_remote_heads = 1;
 314
 315        if (reader.line_peeked)
 316                BUG("buffer must be empty at the end of handshake()");
 317
 318        return refs;
 319}
 320
 321static struct ref *get_refs_via_connect(struct transport *transport, int for_push,
 322                                        const struct argv_array *ref_prefixes)
 323{
 324        return handshake(transport, for_push, ref_prefixes, 1);
 325}
 326
 327static int fetch_refs_via_pack(struct transport *transport,
 328                               int nr_heads, struct ref **to_fetch)
 329{
 330        int ret = 0;
 331        struct git_transport_data *data = transport->data;
 332        struct ref *refs = NULL;
 333        struct fetch_pack_args args;
 334        struct ref *refs_tmp = NULL;
 335
 336        memset(&args, 0, sizeof(args));
 337        args.uploadpack = data->options.uploadpack;
 338        args.keep_pack = data->options.keep;
 339        args.lock_pack = 1;
 340        args.use_thin_pack = data->options.thin;
 341        args.include_tag = data->options.followtags;
 342        args.verbose = (transport->verbose > 1);
 343        args.quiet = (transport->verbose < 0);
 344        args.no_progress = !transport->progress;
 345        args.depth = data->options.depth;
 346        args.deepen_since = data->options.deepen_since;
 347        args.deepen_not = data->options.deepen_not;
 348        args.deepen_relative = data->options.deepen_relative;
 349        args.check_self_contained_and_connected =
 350                data->options.check_self_contained_and_connected;
 351        args.cloning = transport->cloning;
 352        args.update_shallow = data->options.update_shallow;
 353        args.from_promisor = data->options.from_promisor;
 354        args.no_dependents = data->options.no_dependents;
 355        args.filter_options = data->options.filter_options;
 356        args.stateless_rpc = transport->stateless_rpc;
 357        args.server_options = transport->server_options;
 358        args.negotiation_tips = data->options.negotiation_tips;
 359
 360        if (!data->got_remote_heads) {
 361                int i;
 362                int must_list_refs = 0;
 363                for (i = 0; i < nr_heads; i++) {
 364                        if (!to_fetch[i]->exact_oid) {
 365                                must_list_refs = 1;
 366                                break;
 367                        }
 368                }
 369                refs_tmp = handshake(transport, 0, NULL, must_list_refs);
 370        }
 371
 372        switch (data->version) {
 373        case protocol_v2:
 374                refs = fetch_pack(&args, data->fd,
 375                                  refs_tmp ? refs_tmp : transport->remote_refs,
 376                                  to_fetch, nr_heads, &data->shallow,
 377                                  &transport->pack_lockfile, data->version);
 378                break;
 379        case protocol_v1:
 380        case protocol_v0:
 381                die_if_server_options(transport);
 382                refs = fetch_pack(&args, data->fd,
 383                                  refs_tmp ? refs_tmp : transport->remote_refs,
 384                                  to_fetch, nr_heads, &data->shallow,
 385                                  &transport->pack_lockfile, data->version);
 386                break;
 387        case protocol_unknown_version:
 388                BUG("unknown protocol version");
 389        }
 390
 391        close(data->fd[0]);
 392        close(data->fd[1]);
 393        if (finish_connect(data->conn))
 394                ret = -1;
 395        data->conn = NULL;
 396        data->got_remote_heads = 0;
 397        data->options.self_contained_and_connected =
 398                args.self_contained_and_connected;
 399        data->options.connectivity_checked = args.connectivity_checked;
 400
 401        if (refs == NULL)
 402                ret = -1;
 403        if (report_unmatched_refs(to_fetch, nr_heads))
 404                ret = -1;
 405
 406        free_refs(refs_tmp);
 407        free_refs(refs);
 408        return ret;
 409}
 410
 411static int push_had_errors(struct ref *ref)
 412{
 413        for (; ref; ref = ref->next) {
 414                switch (ref->status) {
 415                case REF_STATUS_NONE:
 416                case REF_STATUS_UPTODATE:
 417                case REF_STATUS_OK:
 418                        break;
 419                default:
 420                        return 1;
 421                }
 422        }
 423        return 0;
 424}
 425
 426int transport_refs_pushed(struct ref *ref)
 427{
 428        for (; ref; ref = ref->next) {
 429                switch(ref->status) {
 430                case REF_STATUS_NONE:
 431                case REF_STATUS_UPTODATE:
 432                        break;
 433                default:
 434                        return 1;
 435                }
 436        }
 437        return 0;
 438}
 439
 440void transport_update_tracking_ref(struct remote *remote, struct ref *ref, int verbose)
 441{
 442        struct refspec_item rs;
 443
 444        if (ref->status != REF_STATUS_OK && ref->status != REF_STATUS_UPTODATE)
 445                return;
 446
 447        rs.src = ref->name;
 448        rs.dst = NULL;
 449
 450        if (!remote_find_tracking(remote, &rs)) {
 451                if (verbose)
 452                        fprintf(stderr, "updating local tracking ref '%s'\n", rs.dst);
 453                if (ref->deletion) {
 454                        delete_ref(NULL, rs.dst, NULL, 0);
 455                } else
 456                        update_ref("update by push", rs.dst, &ref->new_oid,
 457                                   NULL, 0, 0);
 458                free(rs.dst);
 459        }
 460}
 461
 462static void print_ref_status(char flag, const char *summary,
 463                             struct ref *to, struct ref *from, const char *msg,
 464                             int porcelain, int summary_width)
 465{
 466        if (porcelain) {
 467                if (from)
 468                        fprintf(stdout, "%c\t%s:%s\t", flag, from->name, to->name);
 469                else
 470                        fprintf(stdout, "%c\t:%s\t", flag, to->name);
 471                if (msg)
 472                        fprintf(stdout, "%s (%s)\n", summary, msg);
 473                else
 474                        fprintf(stdout, "%s\n", summary);
 475        } else {
 476                const char *red = "", *reset = "";
 477                if (push_had_errors(to)) {
 478                        red = transport_get_color(TRANSPORT_COLOR_REJECTED);
 479                        reset = transport_get_color(TRANSPORT_COLOR_RESET);
 480                }
 481                fprintf(stderr, " %s%c %-*s%s ", red, flag, summary_width,
 482                        summary, reset);
 483                if (from)
 484                        fprintf(stderr, "%s -> %s", prettify_refname(from->name), prettify_refname(to->name));
 485                else
 486                        fputs(prettify_refname(to->name), stderr);
 487                if (msg) {
 488                        fputs(" (", stderr);
 489                        fputs(msg, stderr);
 490                        fputc(')', stderr);
 491                }
 492                fputc('\n', stderr);
 493        }
 494}
 495
 496static void print_ok_ref_status(struct ref *ref, int porcelain, int summary_width)
 497{
 498        if (ref->deletion)
 499                print_ref_status('-', "[deleted]", ref, NULL, NULL,
 500                                 porcelain, summary_width);
 501        else if (is_null_oid(&ref->old_oid))
 502                print_ref_status('*',
 503                        (starts_with(ref->name, "refs/tags/") ? "[new tag]" :
 504                        "[new branch]"),
 505                        ref, ref->peer_ref, NULL, porcelain, summary_width);
 506        else {
 507                struct strbuf quickref = STRBUF_INIT;
 508                char type;
 509                const char *msg;
 510
 511                strbuf_add_unique_abbrev(&quickref, &ref->old_oid,
 512                                         DEFAULT_ABBREV);
 513                if (ref->forced_update) {
 514                        strbuf_addstr(&quickref, "...");
 515                        type = '+';
 516                        msg = "forced update";
 517                } else {
 518                        strbuf_addstr(&quickref, "..");
 519                        type = ' ';
 520                        msg = NULL;
 521                }
 522                strbuf_add_unique_abbrev(&quickref, &ref->new_oid,
 523                                         DEFAULT_ABBREV);
 524
 525                print_ref_status(type, quickref.buf, ref, ref->peer_ref, msg,
 526                                 porcelain, summary_width);
 527                strbuf_release(&quickref);
 528        }
 529}
 530
 531static int print_one_push_status(struct ref *ref, const char *dest, int count,
 532                                 int porcelain, int summary_width)
 533{
 534        if (!count) {
 535                char *url = transport_anonymize_url(dest);
 536                fprintf(porcelain ? stdout : stderr, "To %s\n", url);
 537                free(url);
 538        }
 539
 540        switch(ref->status) {
 541        case REF_STATUS_NONE:
 542                print_ref_status('X', "[no match]", ref, NULL, NULL,
 543                                 porcelain, summary_width);
 544                break;
 545        case REF_STATUS_REJECT_NODELETE:
 546                print_ref_status('!', "[rejected]", ref, NULL,
 547                                 "remote does not support deleting refs",
 548                                 porcelain, summary_width);
 549                break;
 550        case REF_STATUS_UPTODATE:
 551                print_ref_status('=', "[up to date]", ref,
 552                                 ref->peer_ref, NULL, porcelain, summary_width);
 553                break;
 554        case REF_STATUS_REJECT_NONFASTFORWARD:
 555                print_ref_status('!', "[rejected]", ref, ref->peer_ref,
 556                                 "non-fast-forward", porcelain, summary_width);
 557                break;
 558        case REF_STATUS_REJECT_ALREADY_EXISTS:
 559                print_ref_status('!', "[rejected]", ref, ref->peer_ref,
 560                                 "already exists", porcelain, summary_width);
 561                break;
 562        case REF_STATUS_REJECT_FETCH_FIRST:
 563                print_ref_status('!', "[rejected]", ref, ref->peer_ref,
 564                                 "fetch first", porcelain, summary_width);
 565                break;
 566        case REF_STATUS_REJECT_NEEDS_FORCE:
 567                print_ref_status('!', "[rejected]", ref, ref->peer_ref,
 568                                 "needs force", porcelain, summary_width);
 569                break;
 570        case REF_STATUS_REJECT_STALE:
 571                print_ref_status('!', "[rejected]", ref, ref->peer_ref,
 572                                 "stale info", porcelain, summary_width);
 573                break;
 574        case REF_STATUS_REJECT_SHALLOW:
 575                print_ref_status('!', "[rejected]", ref, ref->peer_ref,
 576                                 "new shallow roots not allowed",
 577                                 porcelain, summary_width);
 578                break;
 579        case REF_STATUS_REMOTE_REJECT:
 580                print_ref_status('!', "[remote rejected]", ref,
 581                                 ref->deletion ? NULL : ref->peer_ref,
 582                                 ref->remote_status, porcelain, summary_width);
 583                break;
 584        case REF_STATUS_EXPECTING_REPORT:
 585                print_ref_status('!', "[remote failure]", ref,
 586                                 ref->deletion ? NULL : ref->peer_ref,
 587                                 "remote failed to report status",
 588                                 porcelain, summary_width);
 589                break;
 590        case REF_STATUS_ATOMIC_PUSH_FAILED:
 591                print_ref_status('!', "[rejected]", ref, ref->peer_ref,
 592                                 "atomic push failed", porcelain, summary_width);
 593                break;
 594        case REF_STATUS_OK:
 595                print_ok_ref_status(ref, porcelain, summary_width);
 596                break;
 597        }
 598
 599        return 1;
 600}
 601
 602static int measure_abbrev(const struct object_id *oid, int sofar)
 603{
 604        char hex[GIT_MAX_HEXSZ + 1];
 605        int w = find_unique_abbrev_r(hex, oid, DEFAULT_ABBREV);
 606
 607        return (w < sofar) ? sofar : w;
 608}
 609
 610int transport_summary_width(const struct ref *refs)
 611{
 612        int maxw = -1;
 613
 614        for (; refs; refs = refs->next) {
 615                maxw = measure_abbrev(&refs->old_oid, maxw);
 616                maxw = measure_abbrev(&refs->new_oid, maxw);
 617        }
 618        if (maxw < 0)
 619                maxw = FALLBACK_DEFAULT_ABBREV;
 620        return (2 * maxw + 3);
 621}
 622
 623void transport_print_push_status(const char *dest, struct ref *refs,
 624                                  int verbose, int porcelain, unsigned int *reject_reasons)
 625{
 626        struct ref *ref;
 627        int n = 0;
 628        char *head;
 629        int summary_width = transport_summary_width(refs);
 630
 631        if (transport_color_config() < 0)
 632                warning(_("could not parse transport.color.* config"));
 633
 634        head = resolve_refdup("HEAD", RESOLVE_REF_READING, NULL, NULL);
 635
 636        if (verbose) {
 637                for (ref = refs; ref; ref = ref->next)
 638                        if (ref->status == REF_STATUS_UPTODATE)
 639                                n += print_one_push_status(ref, dest, n,
 640                                                           porcelain, summary_width);
 641        }
 642
 643        for (ref = refs; ref; ref = ref->next)
 644                if (ref->status == REF_STATUS_OK)
 645                        n += print_one_push_status(ref, dest, n,
 646                                                   porcelain, summary_width);
 647
 648        *reject_reasons = 0;
 649        for (ref = refs; ref; ref = ref->next) {
 650                if (ref->status != REF_STATUS_NONE &&
 651                    ref->status != REF_STATUS_UPTODATE &&
 652                    ref->status != REF_STATUS_OK)
 653                        n += print_one_push_status(ref, dest, n,
 654                                                   porcelain, summary_width);
 655                if (ref->status == REF_STATUS_REJECT_NONFASTFORWARD) {
 656                        if (head != NULL && !strcmp(head, ref->name))
 657                                *reject_reasons |= REJECT_NON_FF_HEAD;
 658                        else
 659                                *reject_reasons |= REJECT_NON_FF_OTHER;
 660                } else if (ref->status == REF_STATUS_REJECT_ALREADY_EXISTS) {
 661                        *reject_reasons |= REJECT_ALREADY_EXISTS;
 662                } else if (ref->status == REF_STATUS_REJECT_FETCH_FIRST) {
 663                        *reject_reasons |= REJECT_FETCH_FIRST;
 664                } else if (ref->status == REF_STATUS_REJECT_NEEDS_FORCE) {
 665                        *reject_reasons |= REJECT_NEEDS_FORCE;
 666                }
 667        }
 668        free(head);
 669}
 670
 671static int git_transport_push(struct transport *transport, struct ref *remote_refs, int flags)
 672{
 673        struct git_transport_data *data = transport->data;
 674        struct send_pack_args args;
 675        int ret = 0;
 676
 677        if (transport_color_config() < 0)
 678                return -1;
 679
 680        if (!data->got_remote_heads)
 681                get_refs_via_connect(transport, 1, NULL);
 682
 683        memset(&args, 0, sizeof(args));
 684        args.send_mirror = !!(flags & TRANSPORT_PUSH_MIRROR);
 685        args.force_update = !!(flags & TRANSPORT_PUSH_FORCE);
 686        args.use_thin_pack = data->options.thin;
 687        args.verbose = (transport->verbose > 0);
 688        args.quiet = (transport->verbose < 0);
 689        args.progress = transport->progress;
 690        args.dry_run = !!(flags & TRANSPORT_PUSH_DRY_RUN);
 691        args.porcelain = !!(flags & TRANSPORT_PUSH_PORCELAIN);
 692        args.atomic = !!(flags & TRANSPORT_PUSH_ATOMIC);
 693        args.push_options = transport->push_options;
 694        args.url = transport->url;
 695
 696        if (flags & TRANSPORT_PUSH_CERT_ALWAYS)
 697                args.push_cert = SEND_PACK_PUSH_CERT_ALWAYS;
 698        else if (flags & TRANSPORT_PUSH_CERT_IF_ASKED)
 699                args.push_cert = SEND_PACK_PUSH_CERT_IF_ASKED;
 700        else
 701                args.push_cert = SEND_PACK_PUSH_CERT_NEVER;
 702
 703        switch (data->version) {
 704        case protocol_v2:
 705                die(_("support for protocol v2 not implemented yet"));
 706                break;
 707        case protocol_v1:
 708        case protocol_v0:
 709                ret = send_pack(&args, data->fd, data->conn, remote_refs,
 710                                &data->extra_have);
 711                break;
 712        case protocol_unknown_version:
 713                BUG("unknown protocol version");
 714        }
 715
 716        close(data->fd[1]);
 717        close(data->fd[0]);
 718        ret |= finish_connect(data->conn);
 719        data->conn = NULL;
 720        data->got_remote_heads = 0;
 721
 722        return ret;
 723}
 724
 725static int connect_git(struct transport *transport, const char *name,
 726                       const char *executable, int fd[2])
 727{
 728        struct git_transport_data *data = transport->data;
 729        data->conn = git_connect(data->fd, transport->url,
 730                                 executable, 0);
 731        fd[0] = data->fd[0];
 732        fd[1] = data->fd[1];
 733        return 0;
 734}
 735
 736static int disconnect_git(struct transport *transport)
 737{
 738        struct git_transport_data *data = transport->data;
 739        if (data->conn) {
 740                if (data->got_remote_heads)
 741                        packet_flush(data->fd[1]);
 742                close(data->fd[0]);
 743                close(data->fd[1]);
 744                finish_connect(data->conn);
 745        }
 746
 747        free(data);
 748        return 0;
 749}
 750
 751static struct transport_vtable taken_over_vtable = {
 752        NULL,
 753        get_refs_via_connect,
 754        fetch_refs_via_pack,
 755        git_transport_push,
 756        NULL,
 757        disconnect_git
 758};
 759
 760void transport_take_over(struct transport *transport,
 761                         struct child_process *child)
 762{
 763        struct git_transport_data *data;
 764
 765        if (!transport->smart_options)
 766                BUG("taking over transport requires non-NULL "
 767                    "smart_options field.");
 768
 769        data = xcalloc(1, sizeof(*data));
 770        data->options = *transport->smart_options;
 771        data->conn = child;
 772        data->fd[0] = data->conn->out;
 773        data->fd[1] = data->conn->in;
 774        data->got_remote_heads = 0;
 775        transport->data = data;
 776
 777        transport->vtable = &taken_over_vtable;
 778        transport->smart_options = &(data->options);
 779
 780        transport->cannot_reuse = 1;
 781}
 782
 783static int is_file(const char *url)
 784{
 785        struct stat buf;
 786        if (stat(url, &buf))
 787                return 0;
 788        return S_ISREG(buf.st_mode);
 789}
 790
 791static int external_specification_len(const char *url)
 792{
 793        return strchr(url, ':') - url;
 794}
 795
 796static const struct string_list *protocol_whitelist(void)
 797{
 798        static int enabled = -1;
 799        static struct string_list allowed = STRING_LIST_INIT_DUP;
 800
 801        if (enabled < 0) {
 802                const char *v = getenv("GIT_ALLOW_PROTOCOL");
 803                if (v) {
 804                        string_list_split(&allowed, v, ':', -1);
 805                        string_list_sort(&allowed);
 806                        enabled = 1;
 807                } else {
 808                        enabled = 0;
 809                }
 810        }
 811
 812        return enabled ? &allowed : NULL;
 813}
 814
 815enum protocol_allow_config {
 816        PROTOCOL_ALLOW_NEVER = 0,
 817        PROTOCOL_ALLOW_USER_ONLY,
 818        PROTOCOL_ALLOW_ALWAYS
 819};
 820
 821static enum protocol_allow_config parse_protocol_config(const char *key,
 822                                                        const char *value)
 823{
 824        if (!strcasecmp(value, "always"))
 825                return PROTOCOL_ALLOW_ALWAYS;
 826        else if (!strcasecmp(value, "never"))
 827                return PROTOCOL_ALLOW_NEVER;
 828        else if (!strcasecmp(value, "user"))
 829                return PROTOCOL_ALLOW_USER_ONLY;
 830
 831        die(_("unknown value for config '%s': %s"), key, value);
 832}
 833
 834static enum protocol_allow_config get_protocol_config(const char *type)
 835{
 836        char *key = xstrfmt("protocol.%s.allow", type);
 837        char *value;
 838
 839        /* first check the per-protocol config */
 840        if (!git_config_get_string(key, &value)) {
 841                enum protocol_allow_config ret =
 842                        parse_protocol_config(key, value);
 843                free(key);
 844                free(value);
 845                return ret;
 846        }
 847        free(key);
 848
 849        /* if defined, fallback to user-defined default for unknown protocols */
 850        if (!git_config_get_string("protocol.allow", &value)) {
 851                enum protocol_allow_config ret =
 852                        parse_protocol_config("protocol.allow", value);
 853                free(value);
 854                return ret;
 855        }
 856
 857        /* fallback to built-in defaults */
 858        /* known safe */
 859        if (!strcmp(type, "http") ||
 860            !strcmp(type, "https") ||
 861            !strcmp(type, "git") ||
 862            !strcmp(type, "ssh") ||
 863            !strcmp(type, "file"))
 864                return PROTOCOL_ALLOW_ALWAYS;
 865
 866        /* known scary; err on the side of caution */
 867        if (!strcmp(type, "ext"))
 868                return PROTOCOL_ALLOW_NEVER;
 869
 870        /* unknown; by default let them be used only directly by the user */
 871        return PROTOCOL_ALLOW_USER_ONLY;
 872}
 873
 874int is_transport_allowed(const char *type, int from_user)
 875{
 876        const struct string_list *whitelist = protocol_whitelist();
 877        if (whitelist)
 878                return string_list_has_string(whitelist, type);
 879
 880        switch (get_protocol_config(type)) {
 881        case PROTOCOL_ALLOW_ALWAYS:
 882                return 1;
 883        case PROTOCOL_ALLOW_NEVER:
 884                return 0;
 885        case PROTOCOL_ALLOW_USER_ONLY:
 886                if (from_user < 0)
 887                        from_user = git_env_bool("GIT_PROTOCOL_FROM_USER", 1);
 888                return from_user;
 889        }
 890
 891        BUG("invalid protocol_allow_config type");
 892}
 893
 894void transport_check_allowed(const char *type)
 895{
 896        if (!is_transport_allowed(type, -1))
 897                die(_("transport '%s' not allowed"), type);
 898}
 899
 900static struct transport_vtable bundle_vtable = {
 901        NULL,
 902        get_refs_from_bundle,
 903        fetch_refs_from_bundle,
 904        NULL,
 905        NULL,
 906        close_bundle
 907};
 908
 909static struct transport_vtable builtin_smart_vtable = {
 910        NULL,
 911        get_refs_via_connect,
 912        fetch_refs_via_pack,
 913        git_transport_push,
 914        connect_git,
 915        disconnect_git
 916};
 917
 918struct transport *transport_get(struct remote *remote, const char *url)
 919{
 920        const char *helper;
 921        struct transport *ret = xcalloc(1, sizeof(*ret));
 922
 923        ret->progress = isatty(2);
 924
 925        if (!remote)
 926                BUG("No remote provided to transport_get()");
 927
 928        ret->got_remote_refs = 0;
 929        ret->remote = remote;
 930        helper = remote->foreign_vcs;
 931
 932        if (!url && remote->url)
 933                url = remote->url[0];
 934        ret->url = url;
 935
 936        /* maybe it is a foreign URL? */
 937        if (url) {
 938                const char *p = url;
 939
 940                while (is_urlschemechar(p == url, *p))
 941                        p++;
 942                if (starts_with(p, "::"))
 943                        helper = xstrndup(url, p - url);
 944        }
 945
 946        if (helper) {
 947                transport_helper_init(ret, helper);
 948        } else if (starts_with(url, "rsync:")) {
 949                die(_("git-over-rsync is no longer supported"));
 950        } else if (url_is_local_not_ssh(url) && is_file(url) && is_bundle(url, 1)) {
 951                struct bundle_transport_data *data = xcalloc(1, sizeof(*data));
 952                transport_check_allowed("file");
 953                ret->data = data;
 954                ret->vtable = &bundle_vtable;
 955                ret->smart_options = NULL;
 956        } else if (!is_url(url)
 957                || starts_with(url, "file://")
 958                || starts_with(url, "git://")
 959                || starts_with(url, "ssh://")
 960                || starts_with(url, "git+ssh://") /* deprecated - do not use */
 961                || starts_with(url, "ssh+git://") /* deprecated - do not use */
 962                ) {
 963                /*
 964                 * These are builtin smart transports; "allowed" transports
 965                 * will be checked individually in git_connect.
 966                 */
 967                struct git_transport_data *data = xcalloc(1, sizeof(*data));
 968                ret->data = data;
 969                ret->vtable = &builtin_smart_vtable;
 970                ret->smart_options = &(data->options);
 971
 972                data->conn = NULL;
 973                data->got_remote_heads = 0;
 974        } else {
 975                /* Unknown protocol in URL. Pass to external handler. */
 976                int len = external_specification_len(url);
 977                char *handler = xmemdupz(url, len);
 978                transport_helper_init(ret, handler);
 979        }
 980
 981        if (ret->smart_options) {
 982                ret->smart_options->thin = 1;
 983                ret->smart_options->uploadpack = "git-upload-pack";
 984                if (remote->uploadpack)
 985                        ret->smart_options->uploadpack = remote->uploadpack;
 986                ret->smart_options->receivepack = "git-receive-pack";
 987                if (remote->receivepack)
 988                        ret->smart_options->receivepack = remote->receivepack;
 989        }
 990
 991        return ret;
 992}
 993
 994int transport_set_option(struct transport *transport,
 995                         const char *name, const char *value)
 996{
 997        int git_reports = 1, protocol_reports = 1;
 998
 999        if (transport->smart_options)
1000                git_reports = set_git_option(transport->smart_options,
1001                                             name, value);
1002
1003        if (transport->vtable->set_option)
1004                protocol_reports = transport->vtable->set_option(transport,
1005                                                                 name, value);
1006
1007        /* If either report is 0, report 0 (success). */
1008        if (!git_reports || !protocol_reports)
1009                return 0;
1010        /* If either reports -1 (invalid value), report -1. */
1011        if ((git_reports == -1) || (protocol_reports == -1))
1012                return -1;
1013        /* Otherwise if both report unknown, report unknown. */
1014        return 1;
1015}
1016
1017void transport_set_verbosity(struct transport *transport, int verbosity,
1018        int force_progress)
1019{
1020        if (verbosity >= 1)
1021                transport->verbose = verbosity <= 3 ? verbosity : 3;
1022        if (verbosity < 0)
1023                transport->verbose = -1;
1024
1025        /**
1026         * Rules used to determine whether to report progress (processing aborts
1027         * when a rule is satisfied):
1028         *
1029         *   . Report progress, if force_progress is 1 (ie. --progress).
1030         *   . Don't report progress, if force_progress is 0 (ie. --no-progress).
1031         *   . Don't report progress, if verbosity < 0 (ie. -q/--quiet ).
1032         *   . Report progress if isatty(2) is 1.
1033         **/
1034        if (force_progress >= 0)
1035                transport->progress = !!force_progress;
1036        else
1037                transport->progress = verbosity >= 0 && isatty(2);
1038}
1039
1040static void die_with_unpushed_submodules(struct string_list *needs_pushing)
1041{
1042        int i;
1043
1044        fprintf(stderr, _("The following submodule paths contain changes that can\n"
1045                        "not be found on any remote:\n"));
1046        for (i = 0; i < needs_pushing->nr; i++)
1047                fprintf(stderr, "  %s\n", needs_pushing->items[i].string);
1048        fprintf(stderr, _("\nPlease try\n\n"
1049                          "     git push --recurse-submodules=on-demand\n\n"
1050                          "or cd to the path and use\n\n"
1051                          "     git push\n\n"
1052                          "to push them to a remote.\n\n"));
1053
1054        string_list_clear(needs_pushing, 0);
1055
1056        die(_("Aborting."));
1057}
1058
1059static int run_pre_push_hook(struct transport *transport,
1060                             struct ref *remote_refs)
1061{
1062        int ret = 0, x;
1063        struct ref *r;
1064        struct child_process proc = CHILD_PROCESS_INIT;
1065        struct strbuf buf;
1066        const char *argv[4];
1067
1068        if (!(argv[0] = find_hook("pre-push")))
1069                return 0;
1070
1071        argv[1] = transport->remote->name;
1072        argv[2] = transport->url;
1073        argv[3] = NULL;
1074
1075        proc.argv = argv;
1076        proc.in = -1;
1077        proc.trace2_hook_name = "pre-push";
1078
1079        if (start_command(&proc)) {
1080                finish_command(&proc);
1081                return -1;
1082        }
1083
1084        sigchain_push(SIGPIPE, SIG_IGN);
1085
1086        strbuf_init(&buf, 256);
1087
1088        for (r = remote_refs; r; r = r->next) {
1089                if (!r->peer_ref) continue;
1090                if (r->status == REF_STATUS_REJECT_NONFASTFORWARD) continue;
1091                if (r->status == REF_STATUS_REJECT_STALE) continue;
1092                if (r->status == REF_STATUS_UPTODATE) continue;
1093
1094                strbuf_reset(&buf);
1095                strbuf_addf( &buf, "%s %s %s %s\n",
1096                         r->peer_ref->name, oid_to_hex(&r->new_oid),
1097                         r->name, oid_to_hex(&r->old_oid));
1098
1099                if (write_in_full(proc.in, buf.buf, buf.len) < 0) {
1100                        /* We do not mind if a hook does not read all refs. */
1101                        if (errno != EPIPE)
1102                                ret = -1;
1103                        break;
1104                }
1105        }
1106
1107        strbuf_release(&buf);
1108
1109        x = close(proc.in);
1110        if (!ret)
1111                ret = x;
1112
1113        sigchain_pop(SIGPIPE);
1114
1115        x = finish_command(&proc);
1116        if (!ret)
1117                ret = x;
1118
1119        return ret;
1120}
1121
1122int transport_push(struct repository *r,
1123                   struct transport *transport,
1124                   struct refspec *rs, int flags,
1125                   unsigned int *reject_reasons)
1126{
1127        *reject_reasons = 0;
1128
1129        if (transport_color_config() < 0)
1130                return -1;
1131
1132        if (transport->vtable->push_refs) {
1133                struct ref *remote_refs;
1134                struct ref *local_refs = get_local_heads();
1135                int match_flags = MATCH_REFS_NONE;
1136                int verbose = (transport->verbose > 0);
1137                int quiet = (transport->verbose < 0);
1138                int porcelain = flags & TRANSPORT_PUSH_PORCELAIN;
1139                int pretend = flags & TRANSPORT_PUSH_DRY_RUN;
1140                int push_ret, ret, err;
1141                struct argv_array ref_prefixes = ARGV_ARRAY_INIT;
1142
1143                if (check_push_refs(local_refs, rs) < 0)
1144                        return -1;
1145
1146                refspec_ref_prefixes(rs, &ref_prefixes);
1147
1148                remote_refs = transport->vtable->get_refs_list(transport, 1,
1149                                                               &ref_prefixes);
1150
1151                argv_array_clear(&ref_prefixes);
1152
1153                if (flags & TRANSPORT_PUSH_ALL)
1154                        match_flags |= MATCH_REFS_ALL;
1155                if (flags & TRANSPORT_PUSH_MIRROR)
1156                        match_flags |= MATCH_REFS_MIRROR;
1157                if (flags & TRANSPORT_PUSH_PRUNE)
1158                        match_flags |= MATCH_REFS_PRUNE;
1159                if (flags & TRANSPORT_PUSH_FOLLOW_TAGS)
1160                        match_flags |= MATCH_REFS_FOLLOW_TAGS;
1161
1162                if (match_push_refs(local_refs, &remote_refs, rs, match_flags))
1163                        return -1;
1164
1165                if (transport->smart_options &&
1166                    transport->smart_options->cas &&
1167                    !is_empty_cas(transport->smart_options->cas))
1168                        apply_push_cas(transport->smart_options->cas,
1169                                       transport->remote, remote_refs);
1170
1171                set_ref_status_for_push(remote_refs,
1172                        flags & TRANSPORT_PUSH_MIRROR,
1173                        flags & TRANSPORT_PUSH_FORCE);
1174
1175                if (!(flags & TRANSPORT_PUSH_NO_HOOK))
1176                        if (run_pre_push_hook(transport, remote_refs))
1177                                return -1;
1178
1179                if ((flags & (TRANSPORT_RECURSE_SUBMODULES_ON_DEMAND |
1180                              TRANSPORT_RECURSE_SUBMODULES_ONLY)) &&
1181                    !is_bare_repository()) {
1182                        struct ref *ref = remote_refs;
1183                        struct oid_array commits = OID_ARRAY_INIT;
1184
1185                        for (; ref; ref = ref->next)
1186                                if (!is_null_oid(&ref->new_oid))
1187                                        oid_array_append(&commits,
1188                                                          &ref->new_oid);
1189
1190                        if (!push_unpushed_submodules(r,
1191                                                      &commits,
1192                                                      transport->remote,
1193                                                      rs,
1194                                                      transport->push_options,
1195                                                      pretend)) {
1196                                oid_array_clear(&commits);
1197                                die(_("failed to push all needed submodules"));
1198                        }
1199                        oid_array_clear(&commits);
1200                }
1201
1202                if (((flags & TRANSPORT_RECURSE_SUBMODULES_CHECK) ||
1203                     ((flags & (TRANSPORT_RECURSE_SUBMODULES_ON_DEMAND |
1204                                TRANSPORT_RECURSE_SUBMODULES_ONLY)) &&
1205                      !pretend)) && !is_bare_repository()) {
1206                        struct ref *ref = remote_refs;
1207                        struct string_list needs_pushing = STRING_LIST_INIT_DUP;
1208                        struct oid_array commits = OID_ARRAY_INIT;
1209
1210                        for (; ref; ref = ref->next)
1211                                if (!is_null_oid(&ref->new_oid))
1212                                        oid_array_append(&commits,
1213                                                          &ref->new_oid);
1214
1215                        if (find_unpushed_submodules(r,
1216                                                     &commits,
1217                                                     transport->remote->name,
1218                                                     &needs_pushing)) {
1219                                oid_array_clear(&commits);
1220                                die_with_unpushed_submodules(&needs_pushing);
1221                        }
1222                        string_list_clear(&needs_pushing, 0);
1223                        oid_array_clear(&commits);
1224                }
1225
1226                if (!(flags & TRANSPORT_RECURSE_SUBMODULES_ONLY))
1227                        push_ret = transport->vtable->push_refs(transport, remote_refs, flags);
1228                else
1229                        push_ret = 0;
1230                err = push_had_errors(remote_refs);
1231                ret = push_ret | err;
1232
1233                if ((flags & TRANSPORT_PUSH_ATOMIC) && err) {
1234                        struct ref *it;
1235                        for (it = remote_refs; it; it = it->next)
1236                                switch (it->status) {
1237                                case REF_STATUS_NONE:
1238                                case REF_STATUS_UPTODATE:
1239                                case REF_STATUS_OK:
1240                                        it->status = REF_STATUS_ATOMIC_PUSH_FAILED;
1241                                        break;
1242                                default:
1243                                        break;
1244                                }
1245                }
1246
1247                if (!quiet || err)
1248                        transport_print_push_status(transport->url, remote_refs,
1249                                        verbose | porcelain, porcelain,
1250                                        reject_reasons);
1251
1252                if (flags & TRANSPORT_PUSH_SET_UPSTREAM)
1253                        set_upstreams(transport, remote_refs, pretend);
1254
1255                if (!(flags & (TRANSPORT_PUSH_DRY_RUN |
1256                               TRANSPORT_RECURSE_SUBMODULES_ONLY))) {
1257                        struct ref *ref;
1258                        for (ref = remote_refs; ref; ref = ref->next)
1259                                transport_update_tracking_ref(transport->remote, ref, verbose);
1260                }
1261
1262                if (porcelain && !push_ret)
1263                        puts("Done");
1264                else if (!quiet && !ret && !transport_refs_pushed(remote_refs))
1265                        fprintf(stderr, "Everything up-to-date\n");
1266
1267                return ret;
1268        }
1269        return 1;
1270}
1271
1272const struct ref *transport_get_remote_refs(struct transport *transport,
1273                                            const struct argv_array *ref_prefixes)
1274{
1275        if (!transport->got_remote_refs) {
1276                transport->remote_refs =
1277                        transport->vtable->get_refs_list(transport, 0,
1278                                                         ref_prefixes);
1279                transport->got_remote_refs = 1;
1280        }
1281
1282        return transport->remote_refs;
1283}
1284
1285int transport_fetch_refs(struct transport *transport, struct ref *refs)
1286{
1287        int rc;
1288        int nr_heads = 0, nr_alloc = 0, nr_refs = 0;
1289        struct ref **heads = NULL;
1290        struct ref *rm;
1291
1292        for (rm = refs; rm; rm = rm->next) {
1293                nr_refs++;
1294                if (rm->peer_ref &&
1295                    !is_null_oid(&rm->old_oid) &&
1296                    oideq(&rm->peer_ref->old_oid, &rm->old_oid))
1297                        continue;
1298                ALLOC_GROW(heads, nr_heads + 1, nr_alloc);
1299                heads[nr_heads++] = rm;
1300        }
1301
1302        if (!nr_heads) {
1303                /*
1304                 * When deepening of a shallow repository is requested,
1305                 * then local and remote refs are likely to still be equal.
1306                 * Just feed them all to the fetch method in that case.
1307                 * This condition shouldn't be met in a non-deepening fetch
1308                 * (see builtin/fetch.c:quickfetch()).
1309                 */
1310                ALLOC_ARRAY(heads, nr_refs);
1311                for (rm = refs; rm; rm = rm->next)
1312                        heads[nr_heads++] = rm;
1313        }
1314
1315        rc = transport->vtable->fetch(transport, nr_heads, heads);
1316
1317        free(heads);
1318        return rc;
1319}
1320
1321void transport_unlock_pack(struct transport *transport)
1322{
1323        if (transport->pack_lockfile) {
1324                unlink_or_warn(transport->pack_lockfile);
1325                FREE_AND_NULL(transport->pack_lockfile);
1326        }
1327}
1328
1329int transport_connect(struct transport *transport, const char *name,
1330                      const char *exec, int fd[2])
1331{
1332        if (transport->vtable->connect)
1333                return transport->vtable->connect(transport, name, exec, fd);
1334        else
1335                die(_("operation not supported by protocol"));
1336}
1337
1338int transport_disconnect(struct transport *transport)
1339{
1340        int ret = 0;
1341        if (transport->vtable->disconnect)
1342                ret = transport->vtable->disconnect(transport);
1343        free(transport);
1344        return ret;
1345}
1346
1347/*
1348 * Strip username (and password) from a URL and return
1349 * it in a newly allocated string.
1350 */
1351char *transport_anonymize_url(const char *url)
1352{
1353        char *scheme_prefix, *anon_part;
1354        size_t anon_len, prefix_len = 0;
1355
1356        anon_part = strchr(url, '@');
1357        if (url_is_local_not_ssh(url) || !anon_part)
1358                goto literal_copy;
1359
1360        anon_len = strlen(++anon_part);
1361        scheme_prefix = strstr(url, "://");
1362        if (!scheme_prefix) {
1363                if (!strchr(anon_part, ':'))
1364                        /* cannot be "me@there:/path/name" */
1365                        goto literal_copy;
1366        } else {
1367                const char *cp;
1368                /* make sure scheme is reasonable */
1369                for (cp = url; cp < scheme_prefix; cp++) {
1370                        switch (*cp) {
1371                                /* RFC 1738 2.1 */
1372                        case '+': case '.': case '-':
1373                                break; /* ok */
1374                        default:
1375                                if (isalnum(*cp))
1376                                        break;
1377                                /* it isn't */
1378                                goto literal_copy;
1379                        }
1380                }
1381                /* @ past the first slash does not count */
1382                cp = strchr(scheme_prefix + 3, '/');
1383                if (cp && cp < anon_part)
1384                        goto literal_copy;
1385                prefix_len = scheme_prefix - url + 3;
1386        }
1387        return xstrfmt("%.*s%.*s", (int)prefix_len, url,
1388                       (int)anon_len, anon_part);
1389literal_copy:
1390        return xstrdup(url);
1391}