send-pack.con commit t1430: clean up broken refs/tags/shadow (45669a7)
   1#include "builtin.h"
   2#include "commit.h"
   3#include "refs.h"
   4#include "pkt-line.h"
   5#include "sideband.h"
   6#include "run-command.h"
   7#include "remote.h"
   8#include "connect.h"
   9#include "send-pack.h"
  10#include "quote.h"
  11#include "transport.h"
  12#include "version.h"
  13#include "sha1-array.h"
  14#include "gpg-interface.h"
  15#include "cache.h"
  16
  17int option_parse_push_signed(const struct option *opt,
  18                             const char *arg, int unset)
  19{
  20        if (unset) {
  21                *(int *)(opt->value) = SEND_PACK_PUSH_CERT_NEVER;
  22                return 0;
  23        }
  24        switch (git_parse_maybe_bool(arg)) {
  25        case 1:
  26                *(int *)(opt->value) = SEND_PACK_PUSH_CERT_ALWAYS;
  27                return 0;
  28        case 0:
  29                *(int *)(opt->value) = SEND_PACK_PUSH_CERT_NEVER;
  30                return 0;
  31        }
  32        if (!strcasecmp("if-asked", arg)) {
  33                *(int *)(opt->value) = SEND_PACK_PUSH_CERT_IF_ASKED;
  34                return 0;
  35        }
  36        die("bad %s argument: %s", opt->long_name, arg);
  37}
  38
  39static int feed_object(const unsigned char *sha1, int fd, int negative)
  40{
  41        char buf[42];
  42
  43        if (negative && !has_sha1_file(sha1))
  44                return 1;
  45
  46        memcpy(buf + negative, sha1_to_hex(sha1), 40);
  47        if (negative)
  48                buf[0] = '^';
  49        buf[40 + negative] = '\n';
  50        return write_or_whine(fd, buf, 41 + negative, "send-pack: send refs");
  51}
  52
  53/*
  54 * Make a pack stream and spit it out into file descriptor fd
  55 */
  56static int pack_objects(int fd, struct ref *refs, struct sha1_array *extra, struct send_pack_args *args)
  57{
  58        /*
  59         * The child becomes pack-objects --revs; we feed
  60         * the revision parameters to it via its stdin and
  61         * let its stdout go back to the other end.
  62         */
  63        const char *argv[] = {
  64                "pack-objects",
  65                "--all-progress-implied",
  66                "--revs",
  67                "--stdout",
  68                NULL,
  69                NULL,
  70                NULL,
  71                NULL,
  72                NULL,
  73                NULL,
  74        };
  75        struct child_process po = CHILD_PROCESS_INIT;
  76        int i;
  77
  78        i = 4;
  79        if (args->use_thin_pack)
  80                argv[i++] = "--thin";
  81        if (args->use_ofs_delta)
  82                argv[i++] = "--delta-base-offset";
  83        if (args->quiet || !args->progress)
  84                argv[i++] = "-q";
  85        if (args->progress)
  86                argv[i++] = "--progress";
  87        if (is_repository_shallow())
  88                argv[i++] = "--shallow";
  89        po.argv = argv;
  90        po.in = -1;
  91        po.out = args->stateless_rpc ? -1 : fd;
  92        po.git_cmd = 1;
  93        if (start_command(&po))
  94                die_errno("git pack-objects failed");
  95
  96        /*
  97         * We feed the pack-objects we just spawned with revision
  98         * parameters by writing to the pipe.
  99         */
 100        for (i = 0; i < extra->nr; i++)
 101                if (!feed_object(extra->sha1[i], po.in, 1))
 102                        break;
 103
 104        while (refs) {
 105                if (!is_null_oid(&refs->old_oid) &&
 106                    !feed_object(refs->old_oid.hash, po.in, 1))
 107                        break;
 108                if (!is_null_oid(&refs->new_oid) &&
 109                    !feed_object(refs->new_oid.hash, po.in, 0))
 110                        break;
 111                refs = refs->next;
 112        }
 113
 114        close(po.in);
 115
 116        if (args->stateless_rpc) {
 117                char *buf = xmalloc(LARGE_PACKET_MAX);
 118                while (1) {
 119                        ssize_t n = xread(po.out, buf, LARGE_PACKET_MAX);
 120                        if (n <= 0)
 121                                break;
 122                        send_sideband(fd, -1, buf, n, LARGE_PACKET_MAX);
 123                }
 124                free(buf);
 125                close(po.out);
 126                po.out = -1;
 127        }
 128
 129        if (finish_command(&po))
 130                return -1;
 131        return 0;
 132}
 133
 134static int receive_status(int in, struct ref *refs)
 135{
 136        struct ref *hint;
 137        int ret = 0;
 138        char *line = packet_read_line(in, NULL);
 139        if (!starts_with(line, "unpack "))
 140                return error("did not receive remote status");
 141        if (strcmp(line, "unpack ok")) {
 142                error("unpack failed: %s", line + 7);
 143                ret = -1;
 144        }
 145        hint = NULL;
 146        while (1) {
 147                char *refname;
 148                char *msg;
 149                line = packet_read_line(in, NULL);
 150                if (!line)
 151                        break;
 152                if (!starts_with(line, "ok ") && !starts_with(line, "ng ")) {
 153                        error("invalid ref status from remote: %s", line);
 154                        ret = -1;
 155                        break;
 156                }
 157
 158                refname = line + 3;
 159                msg = strchr(refname, ' ');
 160                if (msg)
 161                        *msg++ = '\0';
 162
 163                /* first try searching at our hint, falling back to all refs */
 164                if (hint)
 165                        hint = find_ref_by_name(hint, refname);
 166                if (!hint)
 167                        hint = find_ref_by_name(refs, refname);
 168                if (!hint) {
 169                        warning("remote reported status on unknown ref: %s",
 170                                        refname);
 171                        continue;
 172                }
 173                if (hint->status != REF_STATUS_EXPECTING_REPORT) {
 174                        warning("remote reported status on unexpected ref: %s",
 175                                        refname);
 176                        continue;
 177                }
 178
 179                if (line[0] == 'o' && line[1] == 'k')
 180                        hint->status = REF_STATUS_OK;
 181                else {
 182                        hint->status = REF_STATUS_REMOTE_REJECT;
 183                        ret = -1;
 184                }
 185                if (msg)
 186                        hint->remote_status = xstrdup(msg);
 187                /* start our next search from the next ref */
 188                hint = hint->next;
 189        }
 190        return ret;
 191}
 192
 193static int sideband_demux(int in, int out, void *data)
 194{
 195        int *fd = data, ret;
 196#ifdef NO_PTHREADS
 197        close(fd[1]);
 198#endif
 199        ret = recv_sideband("send-pack", fd[0], out);
 200        close(out);
 201        return ret;
 202}
 203
 204static int advertise_shallow_grafts_cb(const struct commit_graft *graft, void *cb)
 205{
 206        struct strbuf *sb = cb;
 207        if (graft->nr_parent == -1)
 208                packet_buf_write(sb, "shallow %s\n", oid_to_hex(&graft->oid));
 209        return 0;
 210}
 211
 212static void advertise_shallow_grafts_buf(struct strbuf *sb)
 213{
 214        if (!is_repository_shallow())
 215                return;
 216        for_each_commit_graft(advertise_shallow_grafts_cb, sb);
 217}
 218
 219#define CHECK_REF_NO_PUSH -1
 220#define CHECK_REF_STATUS_REJECTED -2
 221#define CHECK_REF_UPTODATE -3
 222static int check_to_send_update(const struct ref *ref, const struct send_pack_args *args)
 223{
 224        if (!ref->peer_ref && !args->send_mirror)
 225                return CHECK_REF_NO_PUSH;
 226
 227        /* Check for statuses set by set_ref_status_for_push() */
 228        switch (ref->status) {
 229        case REF_STATUS_REJECT_NONFASTFORWARD:
 230        case REF_STATUS_REJECT_ALREADY_EXISTS:
 231        case REF_STATUS_REJECT_FETCH_FIRST:
 232        case REF_STATUS_REJECT_NEEDS_FORCE:
 233        case REF_STATUS_REJECT_STALE:
 234        case REF_STATUS_REJECT_NODELETE:
 235                return CHECK_REF_STATUS_REJECTED;
 236        case REF_STATUS_UPTODATE:
 237                return CHECK_REF_UPTODATE;
 238        default:
 239                return 0;
 240        }
 241}
 242
 243/*
 244 * the beginning of the next line, or the end of buffer.
 245 *
 246 * NEEDSWORK: perhaps move this to git-compat-util.h or somewhere and
 247 * convert many similar uses found by "git grep -A4 memchr".
 248 */
 249static const char *next_line(const char *line, size_t len)
 250{
 251        const char *nl = memchr(line, '\n', len);
 252        if (!nl)
 253                return line + len; /* incomplete line */
 254        return nl + 1;
 255}
 256
 257static int generate_push_cert(struct strbuf *req_buf,
 258                              const struct ref *remote_refs,
 259                              struct send_pack_args *args,
 260                              const char *cap_string,
 261                              const char *push_cert_nonce)
 262{
 263        const struct ref *ref;
 264        char *signing_key = xstrdup(get_signing_key());
 265        const char *cp, *np;
 266        struct strbuf cert = STRBUF_INIT;
 267        int update_seen = 0;
 268
 269        strbuf_addf(&cert, "certificate version 0.1\n");
 270        strbuf_addf(&cert, "pusher %s ", signing_key);
 271        datestamp(&cert);
 272        strbuf_addch(&cert, '\n');
 273        if (args->url && *args->url) {
 274                char *anon_url = transport_anonymize_url(args->url);
 275                strbuf_addf(&cert, "pushee %s\n", anon_url);
 276                free(anon_url);
 277        }
 278        if (push_cert_nonce[0])
 279                strbuf_addf(&cert, "nonce %s\n", push_cert_nonce);
 280        strbuf_addstr(&cert, "\n");
 281
 282        for (ref = remote_refs; ref; ref = ref->next) {
 283                if (check_to_send_update(ref, args) < 0)
 284                        continue;
 285                update_seen = 1;
 286                strbuf_addf(&cert, "%s %s %s\n",
 287                            oid_to_hex(&ref->old_oid),
 288                            oid_to_hex(&ref->new_oid),
 289                            ref->name);
 290        }
 291        if (!update_seen)
 292                goto free_return;
 293
 294        if (sign_buffer(&cert, &cert, signing_key))
 295                die(_("failed to sign the push certificate"));
 296
 297        packet_buf_write(req_buf, "push-cert%c%s", 0, cap_string);
 298        for (cp = cert.buf; cp < cert.buf + cert.len; cp = np) {
 299                np = next_line(cp, cert.buf + cert.len - cp);
 300                packet_buf_write(req_buf,
 301                                 "%.*s", (int)(np - cp), cp);
 302        }
 303        packet_buf_write(req_buf, "push-cert-end\n");
 304
 305free_return:
 306        free(signing_key);
 307        strbuf_release(&cert);
 308        return update_seen;
 309}
 310
 311
 312static int atomic_push_failure(struct send_pack_args *args,
 313                               struct ref *remote_refs,
 314                               struct ref *failing_ref)
 315{
 316        struct ref *ref;
 317        /* Mark other refs as failed */
 318        for (ref = remote_refs; ref; ref = ref->next) {
 319                if (!ref->peer_ref && !args->send_mirror)
 320                        continue;
 321
 322                switch (ref->status) {
 323                case REF_STATUS_EXPECTING_REPORT:
 324                        ref->status = REF_STATUS_ATOMIC_PUSH_FAILED;
 325                        continue;
 326                default:
 327                        break; /* do nothing */
 328                }
 329        }
 330        return error("atomic push failed for ref %s. status: %d\n",
 331                     failing_ref->name, failing_ref->status);
 332}
 333
 334#define NONCE_LEN_LIMIT 256
 335
 336static void reject_invalid_nonce(const char *nonce, int len)
 337{
 338        int i = 0;
 339
 340        if (NONCE_LEN_LIMIT <= len)
 341                die("the receiving end asked to sign an invalid nonce <%.*s>",
 342                    len, nonce);
 343
 344        for (i = 0; i < len; i++) {
 345                int ch = nonce[i] & 0xFF;
 346                if (isalnum(ch) ||
 347                    ch == '-' || ch == '.' ||
 348                    ch == '/' || ch == '+' ||
 349                    ch == '=' || ch == '_')
 350                        continue;
 351                die("the receiving end asked to sign an invalid nonce <%.*s>",
 352                    len, nonce);
 353        }
 354}
 355
 356int send_pack(struct send_pack_args *args,
 357              int fd[], struct child_process *conn,
 358              struct ref *remote_refs,
 359              struct sha1_array *extra_have)
 360{
 361        int in = fd[0];
 362        int out = fd[1];
 363        struct strbuf req_buf = STRBUF_INIT;
 364        struct strbuf cap_buf = STRBUF_INIT;
 365        struct ref *ref;
 366        int need_pack_data = 0;
 367        int allow_deleting_refs = 0;
 368        int status_report = 0;
 369        int use_sideband = 0;
 370        int quiet_supported = 0;
 371        int agent_supported = 0;
 372        int use_atomic = 0;
 373        int atomic_supported = 0;
 374        unsigned cmds_sent = 0;
 375        int ret;
 376        struct async demux;
 377        const char *push_cert_nonce = NULL;
 378
 379        /* Does the other end support the reporting? */
 380        if (server_supports("report-status"))
 381                status_report = 1;
 382        if (server_supports("delete-refs"))
 383                allow_deleting_refs = 1;
 384        if (server_supports("ofs-delta"))
 385                args->use_ofs_delta = 1;
 386        if (server_supports("side-band-64k"))
 387                use_sideband = 1;
 388        if (server_supports("quiet"))
 389                quiet_supported = 1;
 390        if (server_supports("agent"))
 391                agent_supported = 1;
 392        if (server_supports("no-thin"))
 393                args->use_thin_pack = 0;
 394        if (server_supports("atomic"))
 395                atomic_supported = 1;
 396
 397        if (args->push_cert != SEND_PACK_PUSH_CERT_NEVER) {
 398                int len;
 399                push_cert_nonce = server_feature_value("push-cert", &len);
 400                if (push_cert_nonce) {
 401                        reject_invalid_nonce(push_cert_nonce, len);
 402                        push_cert_nonce = xmemdupz(push_cert_nonce, len);
 403                } else if (args->push_cert == SEND_PACK_PUSH_CERT_ALWAYS) {
 404                        die(_("the receiving end does not support --signed push"));
 405                } else if (args->push_cert == SEND_PACK_PUSH_CERT_IF_ASKED) {
 406                        warning(_("not sending a push certificate since the"
 407                                  " receiving end does not support --signed"
 408                                  " push"));
 409                }
 410        }
 411
 412        if (!remote_refs) {
 413                fprintf(stderr, "No refs in common and none specified; doing nothing.\n"
 414                        "Perhaps you should specify a branch such as 'master'.\n");
 415                return 0;
 416        }
 417        if (args->atomic && !atomic_supported)
 418                die(_("the receiving end does not support --atomic push"));
 419
 420        use_atomic = atomic_supported && args->atomic;
 421
 422        if (status_report)
 423                strbuf_addstr(&cap_buf, " report-status");
 424        if (use_sideband)
 425                strbuf_addstr(&cap_buf, " side-band-64k");
 426        if (quiet_supported && (args->quiet || !args->progress))
 427                strbuf_addstr(&cap_buf, " quiet");
 428        if (use_atomic)
 429                strbuf_addstr(&cap_buf, " atomic");
 430        if (agent_supported)
 431                strbuf_addf(&cap_buf, " agent=%s", git_user_agent_sanitized());
 432
 433        /*
 434         * NEEDSWORK: why does delete-refs have to be so specific to
 435         * send-pack machinery that set_ref_status_for_push() cannot
 436         * set this bit for us???
 437         */
 438        for (ref = remote_refs; ref; ref = ref->next)
 439                if (ref->deletion && !allow_deleting_refs)
 440                        ref->status = REF_STATUS_REJECT_NODELETE;
 441
 442        if (!args->dry_run)
 443                advertise_shallow_grafts_buf(&req_buf);
 444
 445        if (!args->dry_run && push_cert_nonce)
 446                cmds_sent = generate_push_cert(&req_buf, remote_refs, args,
 447                                               cap_buf.buf, push_cert_nonce);
 448
 449        /*
 450         * Clear the status for each ref and see if we need to send
 451         * the pack data.
 452         */
 453        for (ref = remote_refs; ref; ref = ref->next) {
 454                switch (check_to_send_update(ref, args)) {
 455                case 0: /* no error */
 456                        break;
 457                case CHECK_REF_STATUS_REJECTED:
 458                        /*
 459                         * When we know the server would reject a ref update if
 460                         * we were to send it and we're trying to send the refs
 461                         * atomically, abort the whole operation.
 462                         */
 463                        if (use_atomic)
 464                                return atomic_push_failure(args, remote_refs, ref);
 465                        /* Fallthrough for non atomic case. */
 466                default:
 467                        continue;
 468                }
 469                if (!ref->deletion)
 470                        need_pack_data = 1;
 471
 472                if (args->dry_run || !status_report)
 473                        ref->status = REF_STATUS_OK;
 474                else
 475                        ref->status = REF_STATUS_EXPECTING_REPORT;
 476        }
 477
 478        /*
 479         * Finally, tell the other end!
 480         */
 481        for (ref = remote_refs; ref; ref = ref->next) {
 482                char *old_hex, *new_hex;
 483
 484                if (args->dry_run || push_cert_nonce)
 485                        continue;
 486
 487                if (check_to_send_update(ref, args) < 0)
 488                        continue;
 489
 490                old_hex = oid_to_hex(&ref->old_oid);
 491                new_hex = oid_to_hex(&ref->new_oid);
 492                if (!cmds_sent) {
 493                        packet_buf_write(&req_buf,
 494                                         "%s %s %s%c%s",
 495                                         old_hex, new_hex, ref->name, 0,
 496                                         cap_buf.buf);
 497                        cmds_sent = 1;
 498                } else {
 499                        packet_buf_write(&req_buf, "%s %s %s",
 500                                         old_hex, new_hex, ref->name);
 501                }
 502        }
 503
 504        if (args->stateless_rpc) {
 505                if (!args->dry_run && (cmds_sent || is_repository_shallow())) {
 506                        packet_buf_flush(&req_buf);
 507                        send_sideband(out, -1, req_buf.buf, req_buf.len, LARGE_PACKET_MAX);
 508                }
 509        } else {
 510                write_or_die(out, req_buf.buf, req_buf.len);
 511                packet_flush(out);
 512        }
 513        strbuf_release(&req_buf);
 514        strbuf_release(&cap_buf);
 515
 516        if (use_sideband && cmds_sent) {
 517                memset(&demux, 0, sizeof(demux));
 518                demux.proc = sideband_demux;
 519                demux.data = fd;
 520                demux.out = -1;
 521                if (start_async(&demux))
 522                        die("send-pack: unable to fork off sideband demultiplexer");
 523                in = demux.out;
 524        }
 525
 526        if (need_pack_data && cmds_sent) {
 527                if (pack_objects(out, remote_refs, extra_have, args) < 0) {
 528                        for (ref = remote_refs; ref; ref = ref->next)
 529                                ref->status = REF_STATUS_NONE;
 530                        if (args->stateless_rpc)
 531                                close(out);
 532                        if (git_connection_is_socket(conn))
 533                                shutdown(fd[0], SHUT_WR);
 534                        if (use_sideband)
 535                                finish_async(&demux);
 536                        fd[1] = -1;
 537                        return -1;
 538                }
 539                if (!args->stateless_rpc)
 540                        /* Closed by pack_objects() via start_command() */
 541                        fd[1] = -1;
 542        }
 543        if (args->stateless_rpc && cmds_sent)
 544                packet_flush(out);
 545
 546        if (status_report && cmds_sent)
 547                ret = receive_status(in, remote_refs);
 548        else
 549                ret = 0;
 550        if (args->stateless_rpc)
 551                packet_flush(out);
 552
 553        if (use_sideband && cmds_sent) {
 554                if (finish_async(&demux)) {
 555                        error("error in sideband demultiplexer");
 556                        ret = -1;
 557                }
 558                close(demux.out);
 559        }
 560
 561        if (ret < 0)
 562                return ret;
 563
 564        if (args->porcelain)
 565                return 0;
 566
 567        for (ref = remote_refs; ref; ref = ref->next) {
 568                switch (ref->status) {
 569                case REF_STATUS_NONE:
 570                case REF_STATUS_UPTODATE:
 571                case REF_STATUS_OK:
 572                        break;
 573                default:
 574                        return -1;
 575                }
 576        }
 577        return 0;
 578}