http.con commit Merge branch 'ab/sun-studio-portability' (3572668)
   1#include "http.h"
   2#include "pack.h"
   3#include "sideband.h"
   4#include "run-command.h"
   5#include "url.h"
   6#include "credential.h"
   7
   8int active_requests;
   9int http_is_verbose;
  10size_t http_post_buffer = 16 * LARGE_PACKET_MAX;
  11
  12#if LIBCURL_VERSION_NUM >= 0x070a06
  13#define LIBCURL_CAN_HANDLE_AUTH_ANY
  14#endif
  15
  16static int min_curl_sessions = 1;
  17static int curl_session_count;
  18#ifdef USE_CURL_MULTI
  19static int max_requests = -1;
  20static CURLM *curlm;
  21#endif
  22#ifndef NO_CURL_EASY_DUPHANDLE
  23static CURL *curl_default;
  24#endif
  25
  26#define PREV_BUF_SIZE 4096
  27#define RANGE_HEADER_SIZE 30
  28
  29char curl_errorstr[CURL_ERROR_SIZE];
  30
  31static int curl_ssl_verify = -1;
  32static const char *ssl_cert;
  33#if LIBCURL_VERSION_NUM >= 0x070903
  34static const char *ssl_key;
  35#endif
  36#if LIBCURL_VERSION_NUM >= 0x070908
  37static const char *ssl_capath;
  38#endif
  39static const char *ssl_cainfo;
  40static long curl_low_speed_limit = -1;
  41static long curl_low_speed_time = -1;
  42static int curl_ftp_no_epsv;
  43static const char *curl_http_proxy;
  44static const char *curl_cookie_file;
  45static struct credential http_auth = CREDENTIAL_INIT;
  46static int http_proactive_auth;
  47static const char *user_agent;
  48
  49#if LIBCURL_VERSION_NUM >= 0x071700
  50/* Use CURLOPT_KEYPASSWD as is */
  51#elif LIBCURL_VERSION_NUM >= 0x070903
  52#define CURLOPT_KEYPASSWD CURLOPT_SSLKEYPASSWD
  53#else
  54#define CURLOPT_KEYPASSWD CURLOPT_SSLCERTPASSWD
  55#endif
  56
  57static struct credential cert_auth = CREDENTIAL_INIT;
  58static int ssl_cert_password_required;
  59
  60static struct curl_slist *pragma_header;
  61static struct curl_slist *no_pragma_header;
  62
  63static struct active_request_slot *active_queue_head;
  64
  65size_t fread_buffer(char *ptr, size_t eltsize, size_t nmemb, void *buffer_)
  66{
  67        size_t size = eltsize * nmemb;
  68        struct buffer *buffer = buffer_;
  69
  70        if (size > buffer->buf.len - buffer->posn)
  71                size = buffer->buf.len - buffer->posn;
  72        memcpy(ptr, buffer->buf.buf + buffer->posn, size);
  73        buffer->posn += size;
  74
  75        return size;
  76}
  77
  78#ifndef NO_CURL_IOCTL
  79curlioerr ioctl_buffer(CURL *handle, int cmd, void *clientp)
  80{
  81        struct buffer *buffer = clientp;
  82
  83        switch (cmd) {
  84        case CURLIOCMD_NOP:
  85                return CURLIOE_OK;
  86
  87        case CURLIOCMD_RESTARTREAD:
  88                buffer->posn = 0;
  89                return CURLIOE_OK;
  90
  91        default:
  92                return CURLIOE_UNKNOWNCMD;
  93        }
  94}
  95#endif
  96
  97size_t fwrite_buffer(char *ptr, size_t eltsize, size_t nmemb, void *buffer_)
  98{
  99        size_t size = eltsize * nmemb;
 100        struct strbuf *buffer = buffer_;
 101
 102        strbuf_add(buffer, ptr, size);
 103        return size;
 104}
 105
 106size_t fwrite_null(char *ptr, size_t eltsize, size_t nmemb, void *strbuf)
 107{
 108        return eltsize * nmemb;
 109}
 110
 111#ifdef USE_CURL_MULTI
 112static void process_curl_messages(void)
 113{
 114        int num_messages;
 115        struct active_request_slot *slot;
 116        CURLMsg *curl_message = curl_multi_info_read(curlm, &num_messages);
 117
 118        while (curl_message != NULL) {
 119                if (curl_message->msg == CURLMSG_DONE) {
 120                        int curl_result = curl_message->data.result;
 121                        slot = active_queue_head;
 122                        while (slot != NULL &&
 123                               slot->curl != curl_message->easy_handle)
 124                                slot = slot->next;
 125                        if (slot != NULL) {
 126                                curl_multi_remove_handle(curlm, slot->curl);
 127                                slot->curl_result = curl_result;
 128                                finish_active_slot(slot);
 129                        } else {
 130                                fprintf(stderr, "Received DONE message for unknown request!\n");
 131                        }
 132                } else {
 133                        fprintf(stderr, "Unknown CURL message received: %d\n",
 134                                (int)curl_message->msg);
 135                }
 136                curl_message = curl_multi_info_read(curlm, &num_messages);
 137        }
 138}
 139#endif
 140
 141static int http_options(const char *var, const char *value, void *cb)
 142{
 143        if (!strcmp("http.sslverify", var)) {
 144                curl_ssl_verify = git_config_bool(var, value);
 145                return 0;
 146        }
 147        if (!strcmp("http.sslcert", var))
 148                return git_config_string(&ssl_cert, var, value);
 149#if LIBCURL_VERSION_NUM >= 0x070903
 150        if (!strcmp("http.sslkey", var))
 151                return git_config_string(&ssl_key, var, value);
 152#endif
 153#if LIBCURL_VERSION_NUM >= 0x070908
 154        if (!strcmp("http.sslcapath", var))
 155                return git_config_string(&ssl_capath, var, value);
 156#endif
 157        if (!strcmp("http.sslcainfo", var))
 158                return git_config_string(&ssl_cainfo, var, value);
 159        if (!strcmp("http.sslcertpasswordprotected", var)) {
 160                if (git_config_bool(var, value))
 161                        ssl_cert_password_required = 1;
 162                return 0;
 163        }
 164        if (!strcmp("http.minsessions", var)) {
 165                min_curl_sessions = git_config_int(var, value);
 166#ifndef USE_CURL_MULTI
 167                if (min_curl_sessions > 1)
 168                        min_curl_sessions = 1;
 169#endif
 170                return 0;
 171        }
 172#ifdef USE_CURL_MULTI
 173        if (!strcmp("http.maxrequests", var)) {
 174                max_requests = git_config_int(var, value);
 175                return 0;
 176        }
 177#endif
 178        if (!strcmp("http.lowspeedlimit", var)) {
 179                curl_low_speed_limit = (long)git_config_int(var, value);
 180                return 0;
 181        }
 182        if (!strcmp("http.lowspeedtime", var)) {
 183                curl_low_speed_time = (long)git_config_int(var, value);
 184                return 0;
 185        }
 186
 187        if (!strcmp("http.noepsv", var)) {
 188                curl_ftp_no_epsv = git_config_bool(var, value);
 189                return 0;
 190        }
 191        if (!strcmp("http.proxy", var))
 192                return git_config_string(&curl_http_proxy, var, value);
 193
 194        if (!strcmp("http.cookiefile", var))
 195                return git_config_string(&curl_cookie_file, var, value);
 196
 197        if (!strcmp("http.postbuffer", var)) {
 198                http_post_buffer = git_config_int(var, value);
 199                if (http_post_buffer < LARGE_PACKET_MAX)
 200                        http_post_buffer = LARGE_PACKET_MAX;
 201                return 0;
 202        }
 203
 204        if (!strcmp("http.useragent", var))
 205                return git_config_string(&user_agent, var, value);
 206
 207        /* Fall back on the default ones */
 208        return git_default_config(var, value, cb);
 209}
 210
 211static void init_curl_http_auth(CURL *result)
 212{
 213        if (http_auth.username) {
 214                struct strbuf up = STRBUF_INIT;
 215                credential_fill(&http_auth);
 216                strbuf_addf(&up, "%s:%s",
 217                            http_auth.username, http_auth.password);
 218                curl_easy_setopt(result, CURLOPT_USERPWD,
 219                                 strbuf_detach(&up, NULL));
 220        }
 221}
 222
 223static int has_cert_password(void)
 224{
 225        if (ssl_cert == NULL || ssl_cert_password_required != 1)
 226                return 0;
 227        if (!cert_auth.password) {
 228                cert_auth.protocol = xstrdup("cert");
 229                cert_auth.path = xstrdup(ssl_cert);
 230                credential_fill(&cert_auth);
 231        }
 232        return 1;
 233}
 234
 235static CURL *get_curl_handle(void)
 236{
 237        CURL *result = curl_easy_init();
 238
 239        if (!curl_ssl_verify) {
 240                curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 0);
 241                curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 0);
 242        } else {
 243                /* Verify authenticity of the peer's certificate */
 244                curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 1);
 245                /* The name in the cert must match whom we tried to connect */
 246                curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 2);
 247        }
 248
 249#if LIBCURL_VERSION_NUM >= 0x070907
 250        curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
 251#endif
 252#ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
 253        curl_easy_setopt(result, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
 254#endif
 255
 256        if (http_proactive_auth)
 257                init_curl_http_auth(result);
 258
 259        if (ssl_cert != NULL)
 260                curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert);
 261        if (has_cert_password())
 262                curl_easy_setopt(result, CURLOPT_KEYPASSWD, cert_auth.password);
 263#if LIBCURL_VERSION_NUM >= 0x070903
 264        if (ssl_key != NULL)
 265                curl_easy_setopt(result, CURLOPT_SSLKEY, ssl_key);
 266#endif
 267#if LIBCURL_VERSION_NUM >= 0x070908
 268        if (ssl_capath != NULL)
 269                curl_easy_setopt(result, CURLOPT_CAPATH, ssl_capath);
 270#endif
 271        if (ssl_cainfo != NULL)
 272                curl_easy_setopt(result, CURLOPT_CAINFO, ssl_cainfo);
 273        curl_easy_setopt(result, CURLOPT_FAILONERROR, 1);
 274
 275        if (curl_low_speed_limit > 0 && curl_low_speed_time > 0) {
 276                curl_easy_setopt(result, CURLOPT_LOW_SPEED_LIMIT,
 277                                 curl_low_speed_limit);
 278                curl_easy_setopt(result, CURLOPT_LOW_SPEED_TIME,
 279                                 curl_low_speed_time);
 280        }
 281
 282        curl_easy_setopt(result, CURLOPT_FOLLOWLOCATION, 1);
 283#if LIBCURL_VERSION_NUM >= 0x071301
 284        curl_easy_setopt(result, CURLOPT_POSTREDIR, CURL_REDIR_POST_ALL);
 285#elif LIBCURL_VERSION_NUM >= 0x071101
 286        curl_easy_setopt(result, CURLOPT_POST301, 1);
 287#endif
 288
 289        if (getenv("GIT_CURL_VERBOSE"))
 290                curl_easy_setopt(result, CURLOPT_VERBOSE, 1);
 291
 292        curl_easy_setopt(result, CURLOPT_USERAGENT,
 293                user_agent ? user_agent : GIT_HTTP_USER_AGENT);
 294
 295        if (curl_ftp_no_epsv)
 296                curl_easy_setopt(result, CURLOPT_FTP_USE_EPSV, 0);
 297
 298        if (curl_http_proxy)
 299                curl_easy_setopt(result, CURLOPT_PROXY, curl_http_proxy);
 300
 301        return result;
 302}
 303
 304static void set_from_env(const char **var, const char *envname)
 305{
 306        const char *val = getenv(envname);
 307        if (val)
 308                *var = val;
 309}
 310
 311void http_init(struct remote *remote, const char *url, int proactive_auth)
 312{
 313        char *low_speed_limit;
 314        char *low_speed_time;
 315
 316        http_is_verbose = 0;
 317
 318        git_config(http_options, NULL);
 319
 320        curl_global_init(CURL_GLOBAL_ALL);
 321
 322        http_proactive_auth = proactive_auth;
 323
 324        if (remote && remote->http_proxy)
 325                curl_http_proxy = xstrdup(remote->http_proxy);
 326
 327        pragma_header = curl_slist_append(pragma_header, "Pragma: no-cache");
 328        no_pragma_header = curl_slist_append(no_pragma_header, "Pragma:");
 329
 330#ifdef USE_CURL_MULTI
 331        {
 332                char *http_max_requests = getenv("GIT_HTTP_MAX_REQUESTS");
 333                if (http_max_requests != NULL)
 334                        max_requests = atoi(http_max_requests);
 335        }
 336
 337        curlm = curl_multi_init();
 338        if (curlm == NULL) {
 339                fprintf(stderr, "Error creating curl multi handle.\n");
 340                exit(1);
 341        }
 342#endif
 343
 344        if (getenv("GIT_SSL_NO_VERIFY"))
 345                curl_ssl_verify = 0;
 346
 347        set_from_env(&ssl_cert, "GIT_SSL_CERT");
 348#if LIBCURL_VERSION_NUM >= 0x070903
 349        set_from_env(&ssl_key, "GIT_SSL_KEY");
 350#endif
 351#if LIBCURL_VERSION_NUM >= 0x070908
 352        set_from_env(&ssl_capath, "GIT_SSL_CAPATH");
 353#endif
 354        set_from_env(&ssl_cainfo, "GIT_SSL_CAINFO");
 355
 356        set_from_env(&user_agent, "GIT_HTTP_USER_AGENT");
 357
 358        low_speed_limit = getenv("GIT_HTTP_LOW_SPEED_LIMIT");
 359        if (low_speed_limit != NULL)
 360                curl_low_speed_limit = strtol(low_speed_limit, NULL, 10);
 361        low_speed_time = getenv("GIT_HTTP_LOW_SPEED_TIME");
 362        if (low_speed_time != NULL)
 363                curl_low_speed_time = strtol(low_speed_time, NULL, 10);
 364
 365        if (curl_ssl_verify == -1)
 366                curl_ssl_verify = 1;
 367
 368        curl_session_count = 0;
 369#ifdef USE_CURL_MULTI
 370        if (max_requests < 1)
 371                max_requests = DEFAULT_MAX_REQUESTS;
 372#endif
 373
 374        if (getenv("GIT_CURL_FTP_NO_EPSV"))
 375                curl_ftp_no_epsv = 1;
 376
 377        if (url) {
 378                credential_from_url(&http_auth, url);
 379                if (!ssl_cert_password_required &&
 380                    getenv("GIT_SSL_CERT_PASSWORD_PROTECTED") &&
 381                    !prefixcmp(url, "https://"))
 382                        ssl_cert_password_required = 1;
 383        }
 384
 385#ifndef NO_CURL_EASY_DUPHANDLE
 386        curl_default = get_curl_handle();
 387#endif
 388}
 389
 390void http_cleanup(void)
 391{
 392        struct active_request_slot *slot = active_queue_head;
 393
 394        while (slot != NULL) {
 395                struct active_request_slot *next = slot->next;
 396                if (slot->curl != NULL) {
 397#ifdef USE_CURL_MULTI
 398                        curl_multi_remove_handle(curlm, slot->curl);
 399#endif
 400                        curl_easy_cleanup(slot->curl);
 401                }
 402                free(slot);
 403                slot = next;
 404        }
 405        active_queue_head = NULL;
 406
 407#ifndef NO_CURL_EASY_DUPHANDLE
 408        curl_easy_cleanup(curl_default);
 409#endif
 410
 411#ifdef USE_CURL_MULTI
 412        curl_multi_cleanup(curlm);
 413#endif
 414        curl_global_cleanup();
 415
 416        curl_slist_free_all(pragma_header);
 417        pragma_header = NULL;
 418
 419        curl_slist_free_all(no_pragma_header);
 420        no_pragma_header = NULL;
 421
 422        if (curl_http_proxy) {
 423                free((void *)curl_http_proxy);
 424                curl_http_proxy = NULL;
 425        }
 426
 427        if (cert_auth.password != NULL) {
 428                memset(cert_auth.password, 0, strlen(cert_auth.password));
 429                free(cert_auth.password);
 430                cert_auth.password = NULL;
 431        }
 432        ssl_cert_password_required = 0;
 433}
 434
 435struct active_request_slot *get_active_slot(void)
 436{
 437        struct active_request_slot *slot = active_queue_head;
 438        struct active_request_slot *newslot;
 439
 440#ifdef USE_CURL_MULTI
 441        int num_transfers;
 442
 443        /* Wait for a slot to open up if the queue is full */
 444        while (active_requests >= max_requests) {
 445                curl_multi_perform(curlm, &num_transfers);
 446                if (num_transfers < active_requests)
 447                        process_curl_messages();
 448        }
 449#endif
 450
 451        while (slot != NULL && slot->in_use)
 452                slot = slot->next;
 453
 454        if (slot == NULL) {
 455                newslot = xmalloc(sizeof(*newslot));
 456                newslot->curl = NULL;
 457                newslot->in_use = 0;
 458                newslot->next = NULL;
 459
 460                slot = active_queue_head;
 461                if (slot == NULL) {
 462                        active_queue_head = newslot;
 463                } else {
 464                        while (slot->next != NULL)
 465                                slot = slot->next;
 466                        slot->next = newslot;
 467                }
 468                slot = newslot;
 469        }
 470
 471        if (slot->curl == NULL) {
 472#ifdef NO_CURL_EASY_DUPHANDLE
 473                slot->curl = get_curl_handle();
 474#else
 475                slot->curl = curl_easy_duphandle(curl_default);
 476#endif
 477                curl_session_count++;
 478        }
 479
 480        active_requests++;
 481        slot->in_use = 1;
 482        slot->results = NULL;
 483        slot->finished = NULL;
 484        slot->callback_data = NULL;
 485        slot->callback_func = NULL;
 486        curl_easy_setopt(slot->curl, CURLOPT_COOKIEFILE, curl_cookie_file);
 487        curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, pragma_header);
 488        curl_easy_setopt(slot->curl, CURLOPT_ERRORBUFFER, curl_errorstr);
 489        curl_easy_setopt(slot->curl, CURLOPT_CUSTOMREQUEST, NULL);
 490        curl_easy_setopt(slot->curl, CURLOPT_READFUNCTION, NULL);
 491        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION, NULL);
 492        curl_easy_setopt(slot->curl, CURLOPT_POSTFIELDS, NULL);
 493        curl_easy_setopt(slot->curl, CURLOPT_UPLOAD, 0);
 494        curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
 495
 496        return slot;
 497}
 498
 499int start_active_slot(struct active_request_slot *slot)
 500{
 501#ifdef USE_CURL_MULTI
 502        CURLMcode curlm_result = curl_multi_add_handle(curlm, slot->curl);
 503        int num_transfers;
 504
 505        if (curlm_result != CURLM_OK &&
 506            curlm_result != CURLM_CALL_MULTI_PERFORM) {
 507                active_requests--;
 508                slot->in_use = 0;
 509                return 0;
 510        }
 511
 512        /*
 513         * We know there must be something to do, since we just added
 514         * something.
 515         */
 516        curl_multi_perform(curlm, &num_transfers);
 517#endif
 518        return 1;
 519}
 520
 521#ifdef USE_CURL_MULTI
 522struct fill_chain {
 523        void *data;
 524        int (*fill)(void *);
 525        struct fill_chain *next;
 526};
 527
 528static struct fill_chain *fill_cfg;
 529
 530void add_fill_function(void *data, int (*fill)(void *))
 531{
 532        struct fill_chain *new = xmalloc(sizeof(*new));
 533        struct fill_chain **linkp = &fill_cfg;
 534        new->data = data;
 535        new->fill = fill;
 536        new->next = NULL;
 537        while (*linkp)
 538                linkp = &(*linkp)->next;
 539        *linkp = new;
 540}
 541
 542void fill_active_slots(void)
 543{
 544        struct active_request_slot *slot = active_queue_head;
 545
 546        while (active_requests < max_requests) {
 547                struct fill_chain *fill;
 548                for (fill = fill_cfg; fill; fill = fill->next)
 549                        if (fill->fill(fill->data))
 550                                break;
 551
 552                if (!fill)
 553                        break;
 554        }
 555
 556        while (slot != NULL) {
 557                if (!slot->in_use && slot->curl != NULL
 558                        && curl_session_count > min_curl_sessions) {
 559                        curl_easy_cleanup(slot->curl);
 560                        slot->curl = NULL;
 561                        curl_session_count--;
 562                }
 563                slot = slot->next;
 564        }
 565}
 566
 567void step_active_slots(void)
 568{
 569        int num_transfers;
 570        CURLMcode curlm_result;
 571
 572        do {
 573                curlm_result = curl_multi_perform(curlm, &num_transfers);
 574        } while (curlm_result == CURLM_CALL_MULTI_PERFORM);
 575        if (num_transfers < active_requests) {
 576                process_curl_messages();
 577                fill_active_slots();
 578        }
 579}
 580#endif
 581
 582void run_active_slot(struct active_request_slot *slot)
 583{
 584#ifdef USE_CURL_MULTI
 585        fd_set readfds;
 586        fd_set writefds;
 587        fd_set excfds;
 588        int max_fd;
 589        struct timeval select_timeout;
 590        int finished = 0;
 591
 592        slot->finished = &finished;
 593        while (!finished) {
 594                step_active_slots();
 595
 596                if (slot->in_use) {
 597#if LIBCURL_VERSION_NUM >= 0x070f04
 598                        long curl_timeout;
 599                        curl_multi_timeout(curlm, &curl_timeout);
 600                        if (curl_timeout == 0) {
 601                                continue;
 602                        } else if (curl_timeout == -1) {
 603                                select_timeout.tv_sec  = 0;
 604                                select_timeout.tv_usec = 50000;
 605                        } else {
 606                                select_timeout.tv_sec  =  curl_timeout / 1000;
 607                                select_timeout.tv_usec = (curl_timeout % 1000) * 1000;
 608                        }
 609#else
 610                        select_timeout.tv_sec  = 0;
 611                        select_timeout.tv_usec = 50000;
 612#endif
 613
 614                        max_fd = -1;
 615                        FD_ZERO(&readfds);
 616                        FD_ZERO(&writefds);
 617                        FD_ZERO(&excfds);
 618                        curl_multi_fdset(curlm, &readfds, &writefds, &excfds, &max_fd);
 619
 620                        select(max_fd+1, &readfds, &writefds, &excfds, &select_timeout);
 621                }
 622        }
 623#else
 624        while (slot->in_use) {
 625                slot->curl_result = curl_easy_perform(slot->curl);
 626                finish_active_slot(slot);
 627        }
 628#endif
 629}
 630
 631static void closedown_active_slot(struct active_request_slot *slot)
 632{
 633        active_requests--;
 634        slot->in_use = 0;
 635}
 636
 637static void release_active_slot(struct active_request_slot *slot)
 638{
 639        closedown_active_slot(slot);
 640        if (slot->curl && curl_session_count > min_curl_sessions) {
 641#ifdef USE_CURL_MULTI
 642                curl_multi_remove_handle(curlm, slot->curl);
 643#endif
 644                curl_easy_cleanup(slot->curl);
 645                slot->curl = NULL;
 646                curl_session_count--;
 647        }
 648#ifdef USE_CURL_MULTI
 649        fill_active_slots();
 650#endif
 651}
 652
 653void finish_active_slot(struct active_request_slot *slot)
 654{
 655        closedown_active_slot(slot);
 656        curl_easy_getinfo(slot->curl, CURLINFO_HTTP_CODE, &slot->http_code);
 657
 658        if (slot->finished != NULL)
 659                (*slot->finished) = 1;
 660
 661        /* Store slot results so they can be read after the slot is reused */
 662        if (slot->results != NULL) {
 663                slot->results->curl_result = slot->curl_result;
 664                slot->results->http_code = slot->http_code;
 665        }
 666
 667        /* Run callback if appropriate */
 668        if (slot->callback_func != NULL)
 669                slot->callback_func(slot->callback_data);
 670}
 671
 672void finish_all_active_slots(void)
 673{
 674        struct active_request_slot *slot = active_queue_head;
 675
 676        while (slot != NULL)
 677                if (slot->in_use) {
 678                        run_active_slot(slot);
 679                        slot = active_queue_head;
 680                } else {
 681                        slot = slot->next;
 682                }
 683}
 684
 685/* Helpers for modifying and creating URLs */
 686static inline int needs_quote(int ch)
 687{
 688        if (((ch >= 'A') && (ch <= 'Z'))
 689                        || ((ch >= 'a') && (ch <= 'z'))
 690                        || ((ch >= '0') && (ch <= '9'))
 691                        || (ch == '/')
 692                        || (ch == '-')
 693                        || (ch == '.'))
 694                return 0;
 695        return 1;
 696}
 697
 698static char *quote_ref_url(const char *base, const char *ref)
 699{
 700        struct strbuf buf = STRBUF_INIT;
 701        const char *cp;
 702        int ch;
 703
 704        end_url_with_slash(&buf, base);
 705
 706        for (cp = ref; (ch = *cp) != 0; cp++)
 707                if (needs_quote(ch))
 708                        strbuf_addf(&buf, "%%%02x", ch);
 709                else
 710                        strbuf_addch(&buf, *cp);
 711
 712        return strbuf_detach(&buf, NULL);
 713}
 714
 715void append_remote_object_url(struct strbuf *buf, const char *url,
 716                              const char *hex,
 717                              int only_two_digit_prefix)
 718{
 719        end_url_with_slash(buf, url);
 720
 721        strbuf_addf(buf, "objects/%.*s/", 2, hex);
 722        if (!only_two_digit_prefix)
 723                strbuf_addf(buf, "%s", hex+2);
 724}
 725
 726char *get_remote_object_url(const char *url, const char *hex,
 727                            int only_two_digit_prefix)
 728{
 729        struct strbuf buf = STRBUF_INIT;
 730        append_remote_object_url(&buf, url, hex, only_two_digit_prefix);
 731        return strbuf_detach(&buf, NULL);
 732}
 733
 734/* http_request() targets */
 735#define HTTP_REQUEST_STRBUF     0
 736#define HTTP_REQUEST_FILE       1
 737
 738static int http_request(const char *url, void *result, int target, int options)
 739{
 740        struct active_request_slot *slot;
 741        struct slot_results results;
 742        struct curl_slist *headers = NULL;
 743        struct strbuf buf = STRBUF_INIT;
 744        int ret;
 745
 746        slot = get_active_slot();
 747        slot->results = &results;
 748        curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
 749
 750        if (result == NULL) {
 751                curl_easy_setopt(slot->curl, CURLOPT_NOBODY, 1);
 752        } else {
 753                curl_easy_setopt(slot->curl, CURLOPT_NOBODY, 0);
 754                curl_easy_setopt(slot->curl, CURLOPT_FILE, result);
 755
 756                if (target == HTTP_REQUEST_FILE) {
 757                        long posn = ftell(result);
 758                        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
 759                                         fwrite);
 760                        if (posn > 0) {
 761                                strbuf_addf(&buf, "Range: bytes=%ld-", posn);
 762                                headers = curl_slist_append(headers, buf.buf);
 763                                strbuf_reset(&buf);
 764                        }
 765                } else
 766                        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
 767                                         fwrite_buffer);
 768        }
 769
 770        strbuf_addstr(&buf, "Pragma:");
 771        if (options & HTTP_NO_CACHE)
 772                strbuf_addstr(&buf, " no-cache");
 773
 774        headers = curl_slist_append(headers, buf.buf);
 775
 776        curl_easy_setopt(slot->curl, CURLOPT_URL, url);
 777        curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, headers);
 778
 779        if (start_active_slot(slot)) {
 780                run_active_slot(slot);
 781                if (results.curl_result == CURLE_OK)
 782                        ret = HTTP_OK;
 783                else if (missing_target(&results))
 784                        ret = HTTP_MISSING_TARGET;
 785                else if (results.http_code == 401) {
 786                        if (http_auth.username && http_auth.password) {
 787                                credential_reject(&http_auth);
 788                                ret = HTTP_NOAUTH;
 789                        } else {
 790                                credential_fill(&http_auth);
 791                                init_curl_http_auth(slot->curl);
 792                                ret = HTTP_REAUTH;
 793                        }
 794                } else {
 795                        if (!curl_errorstr[0])
 796                                strlcpy(curl_errorstr,
 797                                        curl_easy_strerror(results.curl_result),
 798                                        sizeof(curl_errorstr));
 799                        ret = HTTP_ERROR;
 800                }
 801        } else {
 802                error("Unable to start HTTP request for %s", url);
 803                ret = HTTP_START_FAILED;
 804        }
 805
 806        curl_slist_free_all(headers);
 807        strbuf_release(&buf);
 808
 809        if (ret == HTTP_OK)
 810                credential_approve(&http_auth);
 811
 812        return ret;
 813}
 814
 815static int http_request_reauth(const char *url, void *result, int target,
 816                               int options)
 817{
 818        int ret = http_request(url, result, target, options);
 819        if (ret != HTTP_REAUTH)
 820                return ret;
 821        return http_request(url, result, target, options);
 822}
 823
 824int http_get_strbuf(const char *url, struct strbuf *result, int options)
 825{
 826        return http_request_reauth(url, result, HTTP_REQUEST_STRBUF, options);
 827}
 828
 829/*
 830 * Downloads an url and stores the result in the given file.
 831 *
 832 * If a previous interrupted download is detected (i.e. a previous temporary
 833 * file is still around) the download is resumed.
 834 */
 835static int http_get_file(const char *url, const char *filename, int options)
 836{
 837        int ret;
 838        struct strbuf tmpfile = STRBUF_INIT;
 839        FILE *result;
 840
 841        strbuf_addf(&tmpfile, "%s.temp", filename);
 842        result = fopen(tmpfile.buf, "a");
 843        if (! result) {
 844                error("Unable to open local file %s", tmpfile.buf);
 845                ret = HTTP_ERROR;
 846                goto cleanup;
 847        }
 848
 849        ret = http_request_reauth(url, result, HTTP_REQUEST_FILE, options);
 850        fclose(result);
 851
 852        if ((ret == HTTP_OK) && move_temp_to_file(tmpfile.buf, filename))
 853                ret = HTTP_ERROR;
 854cleanup:
 855        strbuf_release(&tmpfile);
 856        return ret;
 857}
 858
 859int http_error(const char *url, int ret)
 860{
 861        /* http_request has already handled HTTP_START_FAILED. */
 862        if (ret != HTTP_START_FAILED)
 863                error("%s while accessing %s", curl_errorstr, url);
 864
 865        return ret;
 866}
 867
 868int http_fetch_ref(const char *base, struct ref *ref)
 869{
 870        char *url;
 871        struct strbuf buffer = STRBUF_INIT;
 872        int ret = -1;
 873
 874        url = quote_ref_url(base, ref->name);
 875        if (http_get_strbuf(url, &buffer, HTTP_NO_CACHE) == HTTP_OK) {
 876                strbuf_rtrim(&buffer);
 877                if (buffer.len == 40)
 878                        ret = get_sha1_hex(buffer.buf, ref->old_sha1);
 879                else if (!prefixcmp(buffer.buf, "ref: ")) {
 880                        ref->symref = xstrdup(buffer.buf + 5);
 881                        ret = 0;
 882                }
 883        }
 884
 885        strbuf_release(&buffer);
 886        free(url);
 887        return ret;
 888}
 889
 890/* Helpers for fetching packs */
 891static char *fetch_pack_index(unsigned char *sha1, const char *base_url)
 892{
 893        char *url, *tmp;
 894        struct strbuf buf = STRBUF_INIT;
 895
 896        if (http_is_verbose)
 897                fprintf(stderr, "Getting index for pack %s\n", sha1_to_hex(sha1));
 898
 899        end_url_with_slash(&buf, base_url);
 900        strbuf_addf(&buf, "objects/pack/pack-%s.idx", sha1_to_hex(sha1));
 901        url = strbuf_detach(&buf, NULL);
 902
 903        strbuf_addf(&buf, "%s.temp", sha1_pack_index_name(sha1));
 904        tmp = strbuf_detach(&buf, NULL);
 905
 906        if (http_get_file(url, tmp, 0) != HTTP_OK) {
 907                error("Unable to get pack index %s\n", url);
 908                free(tmp);
 909                tmp = NULL;
 910        }
 911
 912        free(url);
 913        return tmp;
 914}
 915
 916static int fetch_and_setup_pack_index(struct packed_git **packs_head,
 917        unsigned char *sha1, const char *base_url)
 918{
 919        struct packed_git *new_pack;
 920        char *tmp_idx = NULL;
 921        int ret;
 922
 923        if (has_pack_index(sha1)) {
 924                new_pack = parse_pack_index(sha1, NULL);
 925                if (!new_pack)
 926                        return -1; /* parse_pack_index() already issued error message */
 927                goto add_pack;
 928        }
 929
 930        tmp_idx = fetch_pack_index(sha1, base_url);
 931        if (!tmp_idx)
 932                return -1;
 933
 934        new_pack = parse_pack_index(sha1, tmp_idx);
 935        if (!new_pack) {
 936                unlink(tmp_idx);
 937                free(tmp_idx);
 938
 939                return -1; /* parse_pack_index() already issued error message */
 940        }
 941
 942        ret = verify_pack_index(new_pack);
 943        if (!ret) {
 944                close_pack_index(new_pack);
 945                ret = move_temp_to_file(tmp_idx, sha1_pack_index_name(sha1));
 946        }
 947        free(tmp_idx);
 948        if (ret)
 949                return -1;
 950
 951add_pack:
 952        new_pack->next = *packs_head;
 953        *packs_head = new_pack;
 954        return 0;
 955}
 956
 957int http_get_info_packs(const char *base_url, struct packed_git **packs_head)
 958{
 959        int ret = 0, i = 0;
 960        char *url, *data;
 961        struct strbuf buf = STRBUF_INIT;
 962        unsigned char sha1[20];
 963
 964        end_url_with_slash(&buf, base_url);
 965        strbuf_addstr(&buf, "objects/info/packs");
 966        url = strbuf_detach(&buf, NULL);
 967
 968        ret = http_get_strbuf(url, &buf, HTTP_NO_CACHE);
 969        if (ret != HTTP_OK)
 970                goto cleanup;
 971
 972        data = buf.buf;
 973        while (i < buf.len) {
 974                switch (data[i]) {
 975                case 'P':
 976                        i++;
 977                        if (i + 52 <= buf.len &&
 978                            !prefixcmp(data + i, " pack-") &&
 979                            !prefixcmp(data + i + 46, ".pack\n")) {
 980                                get_sha1_hex(data + i + 6, sha1);
 981                                fetch_and_setup_pack_index(packs_head, sha1,
 982                                                      base_url);
 983                                i += 51;
 984                                break;
 985                        }
 986                default:
 987                        while (i < buf.len && data[i] != '\n')
 988                                i++;
 989                }
 990                i++;
 991        }
 992
 993cleanup:
 994        free(url);
 995        return ret;
 996}
 997
 998void release_http_pack_request(struct http_pack_request *preq)
 999{
1000        if (preq->packfile != NULL) {
1001                fclose(preq->packfile);
1002                preq->packfile = NULL;
1003        }
1004        if (preq->range_header != NULL) {
1005                curl_slist_free_all(preq->range_header);
1006                preq->range_header = NULL;
1007        }
1008        preq->slot = NULL;
1009        free(preq->url);
1010}
1011
1012int finish_http_pack_request(struct http_pack_request *preq)
1013{
1014        struct packed_git **lst;
1015        struct packed_git *p = preq->target;
1016        char *tmp_idx;
1017        struct child_process ip;
1018        const char *ip_argv[8];
1019
1020        close_pack_index(p);
1021
1022        fclose(preq->packfile);
1023        preq->packfile = NULL;
1024
1025        lst = preq->lst;
1026        while (*lst != p)
1027                lst = &((*lst)->next);
1028        *lst = (*lst)->next;
1029
1030        tmp_idx = xstrdup(preq->tmpfile);
1031        strcpy(tmp_idx + strlen(tmp_idx) - strlen(".pack.temp"),
1032               ".idx.temp");
1033
1034        ip_argv[0] = "index-pack";
1035        ip_argv[1] = "-o";
1036        ip_argv[2] = tmp_idx;
1037        ip_argv[3] = preq->tmpfile;
1038        ip_argv[4] = NULL;
1039
1040        memset(&ip, 0, sizeof(ip));
1041        ip.argv = ip_argv;
1042        ip.git_cmd = 1;
1043        ip.no_stdin = 1;
1044        ip.no_stdout = 1;
1045
1046        if (run_command(&ip)) {
1047                unlink(preq->tmpfile);
1048                unlink(tmp_idx);
1049                free(tmp_idx);
1050                return -1;
1051        }
1052
1053        unlink(sha1_pack_index_name(p->sha1));
1054
1055        if (move_temp_to_file(preq->tmpfile, sha1_pack_name(p->sha1))
1056         || move_temp_to_file(tmp_idx, sha1_pack_index_name(p->sha1))) {
1057                free(tmp_idx);
1058                return -1;
1059        }
1060
1061        install_packed_git(p);
1062        free(tmp_idx);
1063        return 0;
1064}
1065
1066struct http_pack_request *new_http_pack_request(
1067        struct packed_git *target, const char *base_url)
1068{
1069        long prev_posn = 0;
1070        char range[RANGE_HEADER_SIZE];
1071        struct strbuf buf = STRBUF_INIT;
1072        struct http_pack_request *preq;
1073
1074        preq = xcalloc(1, sizeof(*preq));
1075        preq->target = target;
1076
1077        end_url_with_slash(&buf, base_url);
1078        strbuf_addf(&buf, "objects/pack/pack-%s.pack",
1079                sha1_to_hex(target->sha1));
1080        preq->url = strbuf_detach(&buf, NULL);
1081
1082        snprintf(preq->tmpfile, sizeof(preq->tmpfile), "%s.temp",
1083                sha1_pack_name(target->sha1));
1084        preq->packfile = fopen(preq->tmpfile, "a");
1085        if (!preq->packfile) {
1086                error("Unable to open local file %s for pack",
1087                      preq->tmpfile);
1088                goto abort;
1089        }
1090
1091        preq->slot = get_active_slot();
1092        curl_easy_setopt(preq->slot->curl, CURLOPT_FILE, preq->packfile);
1093        curl_easy_setopt(preq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite);
1094        curl_easy_setopt(preq->slot->curl, CURLOPT_URL, preq->url);
1095        curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
1096                no_pragma_header);
1097
1098        /*
1099         * If there is data present from a previous transfer attempt,
1100         * resume where it left off
1101         */
1102        prev_posn = ftell(preq->packfile);
1103        if (prev_posn>0) {
1104                if (http_is_verbose)
1105                        fprintf(stderr,
1106                                "Resuming fetch of pack %s at byte %ld\n",
1107                                sha1_to_hex(target->sha1), prev_posn);
1108                sprintf(range, "Range: bytes=%ld-", prev_posn);
1109                preq->range_header = curl_slist_append(NULL, range);
1110                curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
1111                        preq->range_header);
1112        }
1113
1114        return preq;
1115
1116abort:
1117        free(preq->url);
1118        free(preq);
1119        return NULL;
1120}
1121
1122/* Helpers for fetching objects (loose) */
1123static size_t fwrite_sha1_file(char *ptr, size_t eltsize, size_t nmemb,
1124                               void *data)
1125{
1126        unsigned char expn[4096];
1127        size_t size = eltsize * nmemb;
1128        int posn = 0;
1129        struct http_object_request *freq =
1130                (struct http_object_request *)data;
1131        do {
1132                ssize_t retval = xwrite(freq->localfile,
1133                                        (char *) ptr + posn, size - posn);
1134                if (retval < 0)
1135                        return posn;
1136                posn += retval;
1137        } while (posn < size);
1138
1139        freq->stream.avail_in = size;
1140        freq->stream.next_in = (void *)ptr;
1141        do {
1142                freq->stream.next_out = expn;
1143                freq->stream.avail_out = sizeof(expn);
1144                freq->zret = git_inflate(&freq->stream, Z_SYNC_FLUSH);
1145                git_SHA1_Update(&freq->c, expn,
1146                                sizeof(expn) - freq->stream.avail_out);
1147        } while (freq->stream.avail_in && freq->zret == Z_OK);
1148        return size;
1149}
1150
1151struct http_object_request *new_http_object_request(const char *base_url,
1152        unsigned char *sha1)
1153{
1154        char *hex = sha1_to_hex(sha1);
1155        char *filename;
1156        char prevfile[PATH_MAX];
1157        int prevlocal;
1158        char prev_buf[PREV_BUF_SIZE];
1159        ssize_t prev_read = 0;
1160        long prev_posn = 0;
1161        char range[RANGE_HEADER_SIZE];
1162        struct curl_slist *range_header = NULL;
1163        struct http_object_request *freq;
1164
1165        freq = xcalloc(1, sizeof(*freq));
1166        hashcpy(freq->sha1, sha1);
1167        freq->localfile = -1;
1168
1169        filename = sha1_file_name(sha1);
1170        snprintf(freq->tmpfile, sizeof(freq->tmpfile),
1171                 "%s.temp", filename);
1172
1173        snprintf(prevfile, sizeof(prevfile), "%s.prev", filename);
1174        unlink_or_warn(prevfile);
1175        rename(freq->tmpfile, prevfile);
1176        unlink_or_warn(freq->tmpfile);
1177
1178        if (freq->localfile != -1)
1179                error("fd leakage in start: %d", freq->localfile);
1180        freq->localfile = open(freq->tmpfile,
1181                               O_WRONLY | O_CREAT | O_EXCL, 0666);
1182        /*
1183         * This could have failed due to the "lazy directory creation";
1184         * try to mkdir the last path component.
1185         */
1186        if (freq->localfile < 0 && errno == ENOENT) {
1187                char *dir = strrchr(freq->tmpfile, '/');
1188                if (dir) {
1189                        *dir = 0;
1190                        mkdir(freq->tmpfile, 0777);
1191                        *dir = '/';
1192                }
1193                freq->localfile = open(freq->tmpfile,
1194                                       O_WRONLY | O_CREAT | O_EXCL, 0666);
1195        }
1196
1197        if (freq->localfile < 0) {
1198                error("Couldn't create temporary file %s: %s",
1199                      freq->tmpfile, strerror(errno));
1200                goto abort;
1201        }
1202
1203        git_inflate_init(&freq->stream);
1204
1205        git_SHA1_Init(&freq->c);
1206
1207        freq->url = get_remote_object_url(base_url, hex, 0);
1208
1209        /*
1210         * If a previous temp file is present, process what was already
1211         * fetched.
1212         */
1213        prevlocal = open(prevfile, O_RDONLY);
1214        if (prevlocal != -1) {
1215                do {
1216                        prev_read = xread(prevlocal, prev_buf, PREV_BUF_SIZE);
1217                        if (prev_read>0) {
1218                                if (fwrite_sha1_file(prev_buf,
1219                                                     1,
1220                                                     prev_read,
1221                                                     freq) == prev_read) {
1222                                        prev_posn += prev_read;
1223                                } else {
1224                                        prev_read = -1;
1225                                }
1226                        }
1227                } while (prev_read > 0);
1228                close(prevlocal);
1229        }
1230        unlink_or_warn(prevfile);
1231
1232        /*
1233         * Reset inflate/SHA1 if there was an error reading the previous temp
1234         * file; also rewind to the beginning of the local file.
1235         */
1236        if (prev_read == -1) {
1237                memset(&freq->stream, 0, sizeof(freq->stream));
1238                git_inflate_init(&freq->stream);
1239                git_SHA1_Init(&freq->c);
1240                if (prev_posn>0) {
1241                        prev_posn = 0;
1242                        lseek(freq->localfile, 0, SEEK_SET);
1243                        if (ftruncate(freq->localfile, 0) < 0) {
1244                                error("Couldn't truncate temporary file %s: %s",
1245                                          freq->tmpfile, strerror(errno));
1246                                goto abort;
1247                        }
1248                }
1249        }
1250
1251        freq->slot = get_active_slot();
1252
1253        curl_easy_setopt(freq->slot->curl, CURLOPT_FILE, freq);
1254        curl_easy_setopt(freq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite_sha1_file);
1255        curl_easy_setopt(freq->slot->curl, CURLOPT_ERRORBUFFER, freq->errorstr);
1256        curl_easy_setopt(freq->slot->curl, CURLOPT_URL, freq->url);
1257        curl_easy_setopt(freq->slot->curl, CURLOPT_HTTPHEADER, no_pragma_header);
1258
1259        /*
1260         * If we have successfully processed data from a previous fetch
1261         * attempt, only fetch the data we don't already have.
1262         */
1263        if (prev_posn>0) {
1264                if (http_is_verbose)
1265                        fprintf(stderr,
1266                                "Resuming fetch of object %s at byte %ld\n",
1267                                hex, prev_posn);
1268                sprintf(range, "Range: bytes=%ld-", prev_posn);
1269                range_header = curl_slist_append(range_header, range);
1270                curl_easy_setopt(freq->slot->curl,
1271                                 CURLOPT_HTTPHEADER, range_header);
1272        }
1273
1274        return freq;
1275
1276abort:
1277        free(freq->url);
1278        free(freq);
1279        return NULL;
1280}
1281
1282void process_http_object_request(struct http_object_request *freq)
1283{
1284        if (freq->slot == NULL)
1285                return;
1286        freq->curl_result = freq->slot->curl_result;
1287        freq->http_code = freq->slot->http_code;
1288        freq->slot = NULL;
1289}
1290
1291int finish_http_object_request(struct http_object_request *freq)
1292{
1293        struct stat st;
1294
1295        close(freq->localfile);
1296        freq->localfile = -1;
1297
1298        process_http_object_request(freq);
1299
1300        if (freq->http_code == 416) {
1301                warning("requested range invalid; we may already have all the data.");
1302        } else if (freq->curl_result != CURLE_OK) {
1303                if (stat(freq->tmpfile, &st) == 0)
1304                        if (st.st_size == 0)
1305                                unlink_or_warn(freq->tmpfile);
1306                return -1;
1307        }
1308
1309        git_inflate_end(&freq->stream);
1310        git_SHA1_Final(freq->real_sha1, &freq->c);
1311        if (freq->zret != Z_STREAM_END) {
1312                unlink_or_warn(freq->tmpfile);
1313                return -1;
1314        }
1315        if (hashcmp(freq->sha1, freq->real_sha1)) {
1316                unlink_or_warn(freq->tmpfile);
1317                return -1;
1318        }
1319        freq->rename =
1320                move_temp_to_file(freq->tmpfile, sha1_file_name(freq->sha1));
1321
1322        return freq->rename;
1323}
1324
1325void abort_http_object_request(struct http_object_request *freq)
1326{
1327        unlink_or_warn(freq->tmpfile);
1328
1329        release_http_object_request(freq);
1330}
1331
1332void release_http_object_request(struct http_object_request *freq)
1333{
1334        if (freq->localfile != -1) {
1335                close(freq->localfile);
1336                freq->localfile = -1;
1337        }
1338        if (freq->url != NULL) {
1339                free(freq->url);
1340                freq->url = NULL;
1341        }
1342        if (freq->slot != NULL) {
1343                freq->slot->callback_func = NULL;
1344                freq->slot->callback_data = NULL;
1345                release_active_slot(freq->slot);
1346                freq->slot = NULL;
1347        }
1348}