6bfd0934b3cc977436f5955992918d8991270dec
   1#include "http.h"
   2#include "pack.h"
   3#include "sideband.h"
   4#include "run-command.h"
   5#include "url.h"
   6#include "urlmatch.h"
   7#include "credential.h"
   8#include "version.h"
   9#include "pkt-line.h"
  10
  11int active_requests;
  12int http_is_verbose;
  13size_t http_post_buffer = 16 * LARGE_PACKET_MAX;
  14
  15#if LIBCURL_VERSION_NUM >= 0x070a06
  16#define LIBCURL_CAN_HANDLE_AUTH_ANY
  17#endif
  18
  19static int min_curl_sessions = 1;
  20static int curl_session_count;
  21#ifdef USE_CURL_MULTI
  22static int max_requests = -1;
  23static CURLM *curlm;
  24#endif
  25#ifndef NO_CURL_EASY_DUPHANDLE
  26static CURL *curl_default;
  27#endif
  28
  29#define PREV_BUF_SIZE 4096
  30#define RANGE_HEADER_SIZE 30
  31
  32char curl_errorstr[CURL_ERROR_SIZE];
  33
  34static int curl_ssl_verify = -1;
  35static int curl_ssl_try;
  36static const char *ssl_cert;
  37#if LIBCURL_VERSION_NUM >= 0x070903
  38static const char *ssl_key;
  39#endif
  40#if LIBCURL_VERSION_NUM >= 0x070908
  41static const char *ssl_capath;
  42#endif
  43static const char *ssl_cainfo;
  44static long curl_low_speed_limit = -1;
  45static long curl_low_speed_time = -1;
  46static int curl_ftp_no_epsv;
  47static const char *curl_http_proxy;
  48static const char *curl_cookie_file;
  49static int curl_save_cookies;
  50struct credential http_auth = CREDENTIAL_INIT;
  51static int http_proactive_auth;
  52static const char *user_agent;
  53
  54#if LIBCURL_VERSION_NUM >= 0x071700
  55/* Use CURLOPT_KEYPASSWD as is */
  56#elif LIBCURL_VERSION_NUM >= 0x070903
  57#define CURLOPT_KEYPASSWD CURLOPT_SSLKEYPASSWD
  58#else
  59#define CURLOPT_KEYPASSWD CURLOPT_SSLCERTPASSWD
  60#endif
  61
  62static struct credential cert_auth = CREDENTIAL_INIT;
  63static int ssl_cert_password_required;
  64
  65static struct curl_slist *pragma_header;
  66static struct curl_slist *no_pragma_header;
  67
  68static struct active_request_slot *active_queue_head;
  69
  70size_t fread_buffer(char *ptr, size_t eltsize, size_t nmemb, void *buffer_)
  71{
  72        size_t size = eltsize * nmemb;
  73        struct buffer *buffer = buffer_;
  74
  75        if (size > buffer->buf.len - buffer->posn)
  76                size = buffer->buf.len - buffer->posn;
  77        memcpy(ptr, buffer->buf.buf + buffer->posn, size);
  78        buffer->posn += size;
  79
  80        return size;
  81}
  82
  83#ifndef NO_CURL_IOCTL
  84curlioerr ioctl_buffer(CURL *handle, int cmd, void *clientp)
  85{
  86        struct buffer *buffer = clientp;
  87
  88        switch (cmd) {
  89        case CURLIOCMD_NOP:
  90                return CURLIOE_OK;
  91
  92        case CURLIOCMD_RESTARTREAD:
  93                buffer->posn = 0;
  94                return CURLIOE_OK;
  95
  96        default:
  97                return CURLIOE_UNKNOWNCMD;
  98        }
  99}
 100#endif
 101
 102size_t fwrite_buffer(char *ptr, size_t eltsize, size_t nmemb, void *buffer_)
 103{
 104        size_t size = eltsize * nmemb;
 105        struct strbuf *buffer = buffer_;
 106
 107        strbuf_add(buffer, ptr, size);
 108        return size;
 109}
 110
 111size_t fwrite_null(char *ptr, size_t eltsize, size_t nmemb, void *strbuf)
 112{
 113        return eltsize * nmemb;
 114}
 115
 116#ifdef USE_CURL_MULTI
 117static void process_curl_messages(void)
 118{
 119        int num_messages;
 120        struct active_request_slot *slot;
 121        CURLMsg *curl_message = curl_multi_info_read(curlm, &num_messages);
 122
 123        while (curl_message != NULL) {
 124                if (curl_message->msg == CURLMSG_DONE) {
 125                        int curl_result = curl_message->data.result;
 126                        slot = active_queue_head;
 127                        while (slot != NULL &&
 128                               slot->curl != curl_message->easy_handle)
 129                                slot = slot->next;
 130                        if (slot != NULL) {
 131                                curl_multi_remove_handle(curlm, slot->curl);
 132                                slot->curl_result = curl_result;
 133                                finish_active_slot(slot);
 134                        } else {
 135                                fprintf(stderr, "Received DONE message for unknown request!\n");
 136                        }
 137                } else {
 138                        fprintf(stderr, "Unknown CURL message received: %d\n",
 139                                (int)curl_message->msg);
 140                }
 141                curl_message = curl_multi_info_read(curlm, &num_messages);
 142        }
 143}
 144#endif
 145
 146static int http_options(const char *var, const char *value, void *cb)
 147{
 148        if (!strcmp("http.sslverify", var)) {
 149                curl_ssl_verify = git_config_bool(var, value);
 150                return 0;
 151        }
 152        if (!strcmp("http.sslcert", var))
 153                return git_config_string(&ssl_cert, var, value);
 154#if LIBCURL_VERSION_NUM >= 0x070903
 155        if (!strcmp("http.sslkey", var))
 156                return git_config_string(&ssl_key, var, value);
 157#endif
 158#if LIBCURL_VERSION_NUM >= 0x070908
 159        if (!strcmp("http.sslcapath", var))
 160                return git_config_string(&ssl_capath, var, value);
 161#endif
 162        if (!strcmp("http.sslcainfo", var))
 163                return git_config_string(&ssl_cainfo, var, value);
 164        if (!strcmp("http.sslcertpasswordprotected", var)) {
 165                ssl_cert_password_required = git_config_bool(var, value);
 166                return 0;
 167        }
 168        if (!strcmp("http.ssltry", var)) {
 169                curl_ssl_try = git_config_bool(var, value);
 170                return 0;
 171        }
 172        if (!strcmp("http.minsessions", var)) {
 173                min_curl_sessions = git_config_int(var, value);
 174#ifndef USE_CURL_MULTI
 175                if (min_curl_sessions > 1)
 176                        min_curl_sessions = 1;
 177#endif
 178                return 0;
 179        }
 180#ifdef USE_CURL_MULTI
 181        if (!strcmp("http.maxrequests", var)) {
 182                max_requests = git_config_int(var, value);
 183                return 0;
 184        }
 185#endif
 186        if (!strcmp("http.lowspeedlimit", var)) {
 187                curl_low_speed_limit = (long)git_config_int(var, value);
 188                return 0;
 189        }
 190        if (!strcmp("http.lowspeedtime", var)) {
 191                curl_low_speed_time = (long)git_config_int(var, value);
 192                return 0;
 193        }
 194
 195        if (!strcmp("http.noepsv", var)) {
 196                curl_ftp_no_epsv = git_config_bool(var, value);
 197                return 0;
 198        }
 199        if (!strcmp("http.proxy", var))
 200                return git_config_string(&curl_http_proxy, var, value);
 201
 202        if (!strcmp("http.cookiefile", var))
 203                return git_config_string(&curl_cookie_file, var, value);
 204        if (!strcmp("http.savecookies", var)) {
 205                curl_save_cookies = git_config_bool(var, value);
 206                return 0;
 207        }
 208
 209        if (!strcmp("http.postbuffer", var)) {
 210                http_post_buffer = git_config_int(var, value);
 211                if (http_post_buffer < LARGE_PACKET_MAX)
 212                        http_post_buffer = LARGE_PACKET_MAX;
 213                return 0;
 214        }
 215
 216        if (!strcmp("http.useragent", var))
 217                return git_config_string(&user_agent, var, value);
 218
 219        /* Fall back on the default ones */
 220        return git_default_config(var, value, cb);
 221}
 222
 223static void init_curl_http_auth(CURL *result)
 224{
 225        if (!http_auth.username)
 226                return;
 227
 228        credential_fill(&http_auth);
 229
 230#if LIBCURL_VERSION_NUM >= 0x071301
 231        curl_easy_setopt(result, CURLOPT_USERNAME, http_auth.username);
 232        curl_easy_setopt(result, CURLOPT_PASSWORD, http_auth.password);
 233#else
 234        {
 235                static struct strbuf up = STRBUF_INIT;
 236                /*
 237                 * Note that we assume we only ever have a single set of
 238                 * credentials in a given program run, so we do not have
 239                 * to worry about updating this buffer, only setting its
 240                 * initial value.
 241                 */
 242                if (!up.len)
 243                        strbuf_addf(&up, "%s:%s",
 244                                http_auth.username, http_auth.password);
 245                curl_easy_setopt(result, CURLOPT_USERPWD, up.buf);
 246        }
 247#endif
 248}
 249
 250static int has_cert_password(void)
 251{
 252        if (ssl_cert == NULL || ssl_cert_password_required != 1)
 253                return 0;
 254        if (!cert_auth.password) {
 255                cert_auth.protocol = xstrdup("cert");
 256                cert_auth.username = xstrdup("");
 257                cert_auth.path = xstrdup(ssl_cert);
 258                credential_fill(&cert_auth);
 259        }
 260        return 1;
 261}
 262
 263#if LIBCURL_VERSION_NUM >= 0x071900
 264static void set_curl_keepalive(CURL *c)
 265{
 266        curl_easy_setopt(c, CURLOPT_TCP_KEEPALIVE, 1);
 267}
 268
 269#elif LIBCURL_VERSION_NUM >= 0x071000
 270static int sockopt_callback(void *client, curl_socket_t fd, curlsocktype type)
 271{
 272        int ka = 1;
 273        int rc;
 274        socklen_t len = (socklen_t)sizeof(ka);
 275
 276        if (type != CURLSOCKTYPE_IPCXN)
 277                return 0;
 278
 279        rc = setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, (void *)&ka, len);
 280        if (rc < 0)
 281                warning("unable to set SO_KEEPALIVE on socket %s",
 282                        strerror(errno));
 283
 284        return 0; /* CURL_SOCKOPT_OK only exists since curl 7.21.5 */
 285}
 286
 287static void set_curl_keepalive(CURL *c)
 288{
 289        curl_easy_setopt(c, CURLOPT_SOCKOPTFUNCTION, sockopt_callback);
 290}
 291
 292#else
 293static void set_curl_keepalive(CURL *c)
 294{
 295        /* not supported on older curl versions */
 296}
 297#endif
 298
 299static CURL *get_curl_handle(void)
 300{
 301        CURL *result = curl_easy_init();
 302
 303        if (!curl_ssl_verify) {
 304                curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 0);
 305                curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 0);
 306        } else {
 307                /* Verify authenticity of the peer's certificate */
 308                curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 1);
 309                /* The name in the cert must match whom we tried to connect */
 310                curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 2);
 311        }
 312
 313#if LIBCURL_VERSION_NUM >= 0x070907
 314        curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
 315#endif
 316#ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
 317        curl_easy_setopt(result, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
 318#endif
 319
 320        if (http_proactive_auth)
 321                init_curl_http_auth(result);
 322
 323        if (ssl_cert != NULL)
 324                curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert);
 325        if (has_cert_password())
 326                curl_easy_setopt(result, CURLOPT_KEYPASSWD, cert_auth.password);
 327#if LIBCURL_VERSION_NUM >= 0x070903
 328        if (ssl_key != NULL)
 329                curl_easy_setopt(result, CURLOPT_SSLKEY, ssl_key);
 330#endif
 331#if LIBCURL_VERSION_NUM >= 0x070908
 332        if (ssl_capath != NULL)
 333                curl_easy_setopt(result, CURLOPT_CAPATH, ssl_capath);
 334#endif
 335        if (ssl_cainfo != NULL)
 336                curl_easy_setopt(result, CURLOPT_CAINFO, ssl_cainfo);
 337
 338        if (curl_low_speed_limit > 0 && curl_low_speed_time > 0) {
 339                curl_easy_setopt(result, CURLOPT_LOW_SPEED_LIMIT,
 340                                 curl_low_speed_limit);
 341                curl_easy_setopt(result, CURLOPT_LOW_SPEED_TIME,
 342                                 curl_low_speed_time);
 343        }
 344
 345        curl_easy_setopt(result, CURLOPT_FOLLOWLOCATION, 1);
 346#if LIBCURL_VERSION_NUM >= 0x071301
 347        curl_easy_setopt(result, CURLOPT_POSTREDIR, CURL_REDIR_POST_ALL);
 348#elif LIBCURL_VERSION_NUM >= 0x071101
 349        curl_easy_setopt(result, CURLOPT_POST301, 1);
 350#endif
 351
 352        if (getenv("GIT_CURL_VERBOSE"))
 353                curl_easy_setopt(result, CURLOPT_VERBOSE, 1);
 354
 355        curl_easy_setopt(result, CURLOPT_USERAGENT,
 356                user_agent ? user_agent : git_user_agent());
 357
 358        if (curl_ftp_no_epsv)
 359                curl_easy_setopt(result, CURLOPT_FTP_USE_EPSV, 0);
 360
 361#ifdef CURLOPT_USE_SSL
 362        if (curl_ssl_try)
 363                curl_easy_setopt(result, CURLOPT_USE_SSL, CURLUSESSL_TRY);
 364#endif
 365
 366        if (curl_http_proxy) {
 367                curl_easy_setopt(result, CURLOPT_PROXY, curl_http_proxy);
 368                curl_easy_setopt(result, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
 369        }
 370
 371        set_curl_keepalive(result);
 372
 373        return result;
 374}
 375
 376static void set_from_env(const char **var, const char *envname)
 377{
 378        const char *val = getenv(envname);
 379        if (val)
 380                *var = val;
 381}
 382
 383void http_init(struct remote *remote, const char *url, int proactive_auth)
 384{
 385        char *low_speed_limit;
 386        char *low_speed_time;
 387        char *normalized_url;
 388        struct urlmatch_config config = { STRING_LIST_INIT_DUP };
 389
 390        config.section = "http";
 391        config.key = NULL;
 392        config.collect_fn = http_options;
 393        config.cascade_fn = git_default_config;
 394        config.cb = NULL;
 395
 396        http_is_verbose = 0;
 397        normalized_url = url_normalize(url, &config.url);
 398
 399        git_config(urlmatch_config_entry, &config);
 400        free(normalized_url);
 401
 402        curl_global_init(CURL_GLOBAL_ALL);
 403
 404        http_proactive_auth = proactive_auth;
 405
 406        if (remote && remote->http_proxy)
 407                curl_http_proxy = xstrdup(remote->http_proxy);
 408
 409        pragma_header = curl_slist_append(pragma_header, "Pragma: no-cache");
 410        no_pragma_header = curl_slist_append(no_pragma_header, "Pragma:");
 411
 412#ifdef USE_CURL_MULTI
 413        {
 414                char *http_max_requests = getenv("GIT_HTTP_MAX_REQUESTS");
 415                if (http_max_requests != NULL)
 416                        max_requests = atoi(http_max_requests);
 417        }
 418
 419        curlm = curl_multi_init();
 420        if (curlm == NULL) {
 421                fprintf(stderr, "Error creating curl multi handle.\n");
 422                exit(1);
 423        }
 424#endif
 425
 426        if (getenv("GIT_SSL_NO_VERIFY"))
 427                curl_ssl_verify = 0;
 428
 429        set_from_env(&ssl_cert, "GIT_SSL_CERT");
 430#if LIBCURL_VERSION_NUM >= 0x070903
 431        set_from_env(&ssl_key, "GIT_SSL_KEY");
 432#endif
 433#if LIBCURL_VERSION_NUM >= 0x070908
 434        set_from_env(&ssl_capath, "GIT_SSL_CAPATH");
 435#endif
 436        set_from_env(&ssl_cainfo, "GIT_SSL_CAINFO");
 437
 438        set_from_env(&user_agent, "GIT_HTTP_USER_AGENT");
 439
 440        low_speed_limit = getenv("GIT_HTTP_LOW_SPEED_LIMIT");
 441        if (low_speed_limit != NULL)
 442                curl_low_speed_limit = strtol(low_speed_limit, NULL, 10);
 443        low_speed_time = getenv("GIT_HTTP_LOW_SPEED_TIME");
 444        if (low_speed_time != NULL)
 445                curl_low_speed_time = strtol(low_speed_time, NULL, 10);
 446
 447        if (curl_ssl_verify == -1)
 448                curl_ssl_verify = 1;
 449
 450        curl_session_count = 0;
 451#ifdef USE_CURL_MULTI
 452        if (max_requests < 1)
 453                max_requests = DEFAULT_MAX_REQUESTS;
 454#endif
 455
 456        if (getenv("GIT_CURL_FTP_NO_EPSV"))
 457                curl_ftp_no_epsv = 1;
 458
 459        if (url) {
 460                credential_from_url(&http_auth, url);
 461                if (!ssl_cert_password_required &&
 462                    getenv("GIT_SSL_CERT_PASSWORD_PROTECTED") &&
 463                    starts_with(url, "https://"))
 464                        ssl_cert_password_required = 1;
 465        }
 466
 467#ifndef NO_CURL_EASY_DUPHANDLE
 468        curl_default = get_curl_handle();
 469#endif
 470}
 471
 472void http_cleanup(void)
 473{
 474        struct active_request_slot *slot = active_queue_head;
 475
 476        while (slot != NULL) {
 477                struct active_request_slot *next = slot->next;
 478                if (slot->curl != NULL) {
 479#ifdef USE_CURL_MULTI
 480                        curl_multi_remove_handle(curlm, slot->curl);
 481#endif
 482                        curl_easy_cleanup(slot->curl);
 483                }
 484                free(slot);
 485                slot = next;
 486        }
 487        active_queue_head = NULL;
 488
 489#ifndef NO_CURL_EASY_DUPHANDLE
 490        curl_easy_cleanup(curl_default);
 491#endif
 492
 493#ifdef USE_CURL_MULTI
 494        curl_multi_cleanup(curlm);
 495#endif
 496        curl_global_cleanup();
 497
 498        curl_slist_free_all(pragma_header);
 499        pragma_header = NULL;
 500
 501        curl_slist_free_all(no_pragma_header);
 502        no_pragma_header = NULL;
 503
 504        if (curl_http_proxy) {
 505                free((void *)curl_http_proxy);
 506                curl_http_proxy = NULL;
 507        }
 508
 509        if (cert_auth.password != NULL) {
 510                memset(cert_auth.password, 0, strlen(cert_auth.password));
 511                free(cert_auth.password);
 512                cert_auth.password = NULL;
 513        }
 514        ssl_cert_password_required = 0;
 515}
 516
 517struct active_request_slot *get_active_slot(void)
 518{
 519        struct active_request_slot *slot = active_queue_head;
 520        struct active_request_slot *newslot;
 521
 522#ifdef USE_CURL_MULTI
 523        int num_transfers;
 524
 525        /* Wait for a slot to open up if the queue is full */
 526        while (active_requests >= max_requests) {
 527                curl_multi_perform(curlm, &num_transfers);
 528                if (num_transfers < active_requests)
 529                        process_curl_messages();
 530        }
 531#endif
 532
 533        while (slot != NULL && slot->in_use)
 534                slot = slot->next;
 535
 536        if (slot == NULL) {
 537                newslot = xmalloc(sizeof(*newslot));
 538                newslot->curl = NULL;
 539                newslot->in_use = 0;
 540                newslot->next = NULL;
 541
 542                slot = active_queue_head;
 543                if (slot == NULL) {
 544                        active_queue_head = newslot;
 545                } else {
 546                        while (slot->next != NULL)
 547                                slot = slot->next;
 548                        slot->next = newslot;
 549                }
 550                slot = newslot;
 551        }
 552
 553        if (slot->curl == NULL) {
 554#ifdef NO_CURL_EASY_DUPHANDLE
 555                slot->curl = get_curl_handle();
 556#else
 557                slot->curl = curl_easy_duphandle(curl_default);
 558#endif
 559                curl_session_count++;
 560        }
 561
 562        active_requests++;
 563        slot->in_use = 1;
 564        slot->results = NULL;
 565        slot->finished = NULL;
 566        slot->callback_data = NULL;
 567        slot->callback_func = NULL;
 568        curl_easy_setopt(slot->curl, CURLOPT_COOKIEFILE, curl_cookie_file);
 569        if (curl_save_cookies)
 570                curl_easy_setopt(slot->curl, CURLOPT_COOKIEJAR, curl_cookie_file);
 571        curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, pragma_header);
 572        curl_easy_setopt(slot->curl, CURLOPT_ERRORBUFFER, curl_errorstr);
 573        curl_easy_setopt(slot->curl, CURLOPT_CUSTOMREQUEST, NULL);
 574        curl_easy_setopt(slot->curl, CURLOPT_READFUNCTION, NULL);
 575        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION, NULL);
 576        curl_easy_setopt(slot->curl, CURLOPT_POSTFIELDS, NULL);
 577        curl_easy_setopt(slot->curl, CURLOPT_UPLOAD, 0);
 578        curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
 579        curl_easy_setopt(slot->curl, CURLOPT_FAILONERROR, 1);
 580        if (http_auth.password)
 581                init_curl_http_auth(slot->curl);
 582
 583        return slot;
 584}
 585
 586int start_active_slot(struct active_request_slot *slot)
 587{
 588#ifdef USE_CURL_MULTI
 589        CURLMcode curlm_result = curl_multi_add_handle(curlm, slot->curl);
 590        int num_transfers;
 591
 592        if (curlm_result != CURLM_OK &&
 593            curlm_result != CURLM_CALL_MULTI_PERFORM) {
 594                active_requests--;
 595                slot->in_use = 0;
 596                return 0;
 597        }
 598
 599        /*
 600         * We know there must be something to do, since we just added
 601         * something.
 602         */
 603        curl_multi_perform(curlm, &num_transfers);
 604#endif
 605        return 1;
 606}
 607
 608#ifdef USE_CURL_MULTI
 609struct fill_chain {
 610        void *data;
 611        int (*fill)(void *);
 612        struct fill_chain *next;
 613};
 614
 615static struct fill_chain *fill_cfg;
 616
 617void add_fill_function(void *data, int (*fill)(void *))
 618{
 619        struct fill_chain *new = xmalloc(sizeof(*new));
 620        struct fill_chain **linkp = &fill_cfg;
 621        new->data = data;
 622        new->fill = fill;
 623        new->next = NULL;
 624        while (*linkp)
 625                linkp = &(*linkp)->next;
 626        *linkp = new;
 627}
 628
 629void fill_active_slots(void)
 630{
 631        struct active_request_slot *slot = active_queue_head;
 632
 633        while (active_requests < max_requests) {
 634                struct fill_chain *fill;
 635                for (fill = fill_cfg; fill; fill = fill->next)
 636                        if (fill->fill(fill->data))
 637                                break;
 638
 639                if (!fill)
 640                        break;
 641        }
 642
 643        while (slot != NULL) {
 644                if (!slot->in_use && slot->curl != NULL
 645                        && curl_session_count > min_curl_sessions) {
 646                        curl_easy_cleanup(slot->curl);
 647                        slot->curl = NULL;
 648                        curl_session_count--;
 649                }
 650                slot = slot->next;
 651        }
 652}
 653
 654void step_active_slots(void)
 655{
 656        int num_transfers;
 657        CURLMcode curlm_result;
 658
 659        do {
 660                curlm_result = curl_multi_perform(curlm, &num_transfers);
 661        } while (curlm_result == CURLM_CALL_MULTI_PERFORM);
 662        if (num_transfers < active_requests) {
 663                process_curl_messages();
 664                fill_active_slots();
 665        }
 666}
 667#endif
 668
 669void run_active_slot(struct active_request_slot *slot)
 670{
 671#ifdef USE_CURL_MULTI
 672        fd_set readfds;
 673        fd_set writefds;
 674        fd_set excfds;
 675        int max_fd;
 676        struct timeval select_timeout;
 677        int finished = 0;
 678
 679        slot->finished = &finished;
 680        while (!finished) {
 681                step_active_slots();
 682
 683                if (slot->in_use) {
 684#if LIBCURL_VERSION_NUM >= 0x070f04
 685                        long curl_timeout;
 686                        curl_multi_timeout(curlm, &curl_timeout);
 687                        if (curl_timeout == 0) {
 688                                continue;
 689                        } else if (curl_timeout == -1) {
 690                                select_timeout.tv_sec  = 0;
 691                                select_timeout.tv_usec = 50000;
 692                        } else {
 693                                select_timeout.tv_sec  =  curl_timeout / 1000;
 694                                select_timeout.tv_usec = (curl_timeout % 1000) * 1000;
 695                        }
 696#else
 697                        select_timeout.tv_sec  = 0;
 698                        select_timeout.tv_usec = 50000;
 699#endif
 700
 701                        max_fd = -1;
 702                        FD_ZERO(&readfds);
 703                        FD_ZERO(&writefds);
 704                        FD_ZERO(&excfds);
 705                        curl_multi_fdset(curlm, &readfds, &writefds, &excfds, &max_fd);
 706
 707                        /*
 708                         * It can happen that curl_multi_timeout returns a pathologically
 709                         * long timeout when curl_multi_fdset returns no file descriptors
 710                         * to read.  See commit message for more details.
 711                         */
 712                        if (max_fd < 0 &&
 713                            (select_timeout.tv_sec > 0 ||
 714                             select_timeout.tv_usec > 50000)) {
 715                                select_timeout.tv_sec  = 0;
 716                                select_timeout.tv_usec = 50000;
 717                        }
 718
 719                        select(max_fd+1, &readfds, &writefds, &excfds, &select_timeout);
 720                }
 721        }
 722#else
 723        while (slot->in_use) {
 724                slot->curl_result = curl_easy_perform(slot->curl);
 725                finish_active_slot(slot);
 726        }
 727#endif
 728}
 729
 730static void closedown_active_slot(struct active_request_slot *slot)
 731{
 732        active_requests--;
 733        slot->in_use = 0;
 734}
 735
 736static void release_active_slot(struct active_request_slot *slot)
 737{
 738        closedown_active_slot(slot);
 739        if (slot->curl && curl_session_count > min_curl_sessions) {
 740#ifdef USE_CURL_MULTI
 741                curl_multi_remove_handle(curlm, slot->curl);
 742#endif
 743                curl_easy_cleanup(slot->curl);
 744                slot->curl = NULL;
 745                curl_session_count--;
 746        }
 747#ifdef USE_CURL_MULTI
 748        fill_active_slots();
 749#endif
 750}
 751
 752void finish_active_slot(struct active_request_slot *slot)
 753{
 754        closedown_active_slot(slot);
 755        curl_easy_getinfo(slot->curl, CURLINFO_HTTP_CODE, &slot->http_code);
 756
 757        if (slot->finished != NULL)
 758                (*slot->finished) = 1;
 759
 760        /* Store slot results so they can be read after the slot is reused */
 761        if (slot->results != NULL) {
 762                slot->results->curl_result = slot->curl_result;
 763                slot->results->http_code = slot->http_code;
 764#if LIBCURL_VERSION_NUM >= 0x070a08
 765                curl_easy_getinfo(slot->curl, CURLINFO_HTTPAUTH_AVAIL,
 766                                  &slot->results->auth_avail);
 767#else
 768                slot->results->auth_avail = 0;
 769#endif
 770        }
 771
 772        /* Run callback if appropriate */
 773        if (slot->callback_func != NULL)
 774                slot->callback_func(slot->callback_data);
 775}
 776
 777void finish_all_active_slots(void)
 778{
 779        struct active_request_slot *slot = active_queue_head;
 780
 781        while (slot != NULL)
 782                if (slot->in_use) {
 783                        run_active_slot(slot);
 784                        slot = active_queue_head;
 785                } else {
 786                        slot = slot->next;
 787                }
 788}
 789
 790/* Helpers for modifying and creating URLs */
 791static inline int needs_quote(int ch)
 792{
 793        if (((ch >= 'A') && (ch <= 'Z'))
 794                        || ((ch >= 'a') && (ch <= 'z'))
 795                        || ((ch >= '0') && (ch <= '9'))
 796                        || (ch == '/')
 797                        || (ch == '-')
 798                        || (ch == '.'))
 799                return 0;
 800        return 1;
 801}
 802
 803static char *quote_ref_url(const char *base, const char *ref)
 804{
 805        struct strbuf buf = STRBUF_INIT;
 806        const char *cp;
 807        int ch;
 808
 809        end_url_with_slash(&buf, base);
 810
 811        for (cp = ref; (ch = *cp) != 0; cp++)
 812                if (needs_quote(ch))
 813                        strbuf_addf(&buf, "%%%02x", ch);
 814                else
 815                        strbuf_addch(&buf, *cp);
 816
 817        return strbuf_detach(&buf, NULL);
 818}
 819
 820void append_remote_object_url(struct strbuf *buf, const char *url,
 821                              const char *hex,
 822                              int only_two_digit_prefix)
 823{
 824        end_url_with_slash(buf, url);
 825
 826        strbuf_addf(buf, "objects/%.*s/", 2, hex);
 827        if (!only_two_digit_prefix)
 828                strbuf_addf(buf, "%s", hex+2);
 829}
 830
 831char *get_remote_object_url(const char *url, const char *hex,
 832                            int only_two_digit_prefix)
 833{
 834        struct strbuf buf = STRBUF_INIT;
 835        append_remote_object_url(&buf, url, hex, only_two_digit_prefix);
 836        return strbuf_detach(&buf, NULL);
 837}
 838
 839int handle_curl_result(struct slot_results *results)
 840{
 841        /*
 842         * If we see a failing http code with CURLE_OK, we have turned off
 843         * FAILONERROR (to keep the server's custom error response), and should
 844         * translate the code into failure here.
 845         */
 846        if (results->curl_result == CURLE_OK &&
 847            results->http_code >= 400) {
 848                results->curl_result = CURLE_HTTP_RETURNED_ERROR;
 849                /*
 850                 * Normally curl will already have put the "reason phrase"
 851                 * from the server into curl_errorstr; unfortunately without
 852                 * FAILONERROR it is lost, so we can give only the numeric
 853                 * status code.
 854                 */
 855                snprintf(curl_errorstr, sizeof(curl_errorstr),
 856                         "The requested URL returned error: %ld",
 857                         results->http_code);
 858        }
 859
 860        if (results->curl_result == CURLE_OK) {
 861                credential_approve(&http_auth);
 862                return HTTP_OK;
 863        } else if (missing_target(results))
 864                return HTTP_MISSING_TARGET;
 865        else if (results->http_code == 401) {
 866                if (http_auth.username && http_auth.password) {
 867                        credential_reject(&http_auth);
 868                        return HTTP_NOAUTH;
 869                } else {
 870                        return HTTP_REAUTH;
 871                }
 872        } else {
 873#if LIBCURL_VERSION_NUM >= 0x070c00
 874                if (!curl_errorstr[0])
 875                        strlcpy(curl_errorstr,
 876                                curl_easy_strerror(results->curl_result),
 877                                sizeof(curl_errorstr));
 878#endif
 879                return HTTP_ERROR;
 880        }
 881}
 882
 883int run_one_slot(struct active_request_slot *slot,
 884                 struct slot_results *results)
 885{
 886        slot->results = results;
 887        if (!start_active_slot(slot)) {
 888                snprintf(curl_errorstr, sizeof(curl_errorstr),
 889                         "failed to start HTTP request");
 890                return HTTP_START_FAILED;
 891        }
 892
 893        run_active_slot(slot);
 894        return handle_curl_result(results);
 895}
 896
 897static CURLcode curlinfo_strbuf(CURL *curl, CURLINFO info, struct strbuf *buf)
 898{
 899        char *ptr;
 900        CURLcode ret;
 901
 902        strbuf_reset(buf);
 903        ret = curl_easy_getinfo(curl, info, &ptr);
 904        if (!ret && ptr)
 905                strbuf_addstr(buf, ptr);
 906        return ret;
 907}
 908
 909/*
 910 * Extract a normalized version of the content type, with any
 911 * spaces suppressed, all letters lowercased, and no trailing ";"
 912 * or parameters.
 913 *
 914 * Note that we will silently remove even invalid whitespace. For
 915 * example, "text / plain" is specifically forbidden by RFC 2616,
 916 * but "text/plain" is the only reasonable output, and this keeps
 917 * our code simple.
 918 *
 919 * Example:
 920 *   "TEXT/PLAIN; charset=utf-8" -> "text/plain"
 921 *   "text / plain" -> "text/plain"
 922 */
 923static void extract_content_type(struct strbuf *raw, struct strbuf *type)
 924{
 925        const char *p;
 926
 927        strbuf_reset(type);
 928        strbuf_grow(type, raw->len);
 929        for (p = raw->buf; *p; p++) {
 930                if (isspace(*p))
 931                        continue;
 932                if (*p == ';')
 933                        break;
 934                strbuf_addch(type, tolower(*p));
 935        }
 936}
 937
 938/* http_request() targets */
 939#define HTTP_REQUEST_STRBUF     0
 940#define HTTP_REQUEST_FILE       1
 941
 942static int http_request(const char *url,
 943                        void *result, int target,
 944                        const struct http_get_options *options)
 945{
 946        struct active_request_slot *slot;
 947        struct slot_results results;
 948        struct curl_slist *headers = NULL;
 949        struct strbuf buf = STRBUF_INIT;
 950        int ret;
 951
 952        slot = get_active_slot();
 953        curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
 954
 955        if (result == NULL) {
 956                curl_easy_setopt(slot->curl, CURLOPT_NOBODY, 1);
 957        } else {
 958                curl_easy_setopt(slot->curl, CURLOPT_NOBODY, 0);
 959                curl_easy_setopt(slot->curl, CURLOPT_FILE, result);
 960
 961                if (target == HTTP_REQUEST_FILE) {
 962                        long posn = ftell(result);
 963                        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
 964                                         fwrite);
 965                        if (posn > 0) {
 966                                strbuf_addf(&buf, "Range: bytes=%ld-", posn);
 967                                headers = curl_slist_append(headers, buf.buf);
 968                                strbuf_reset(&buf);
 969                        }
 970                } else
 971                        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
 972                                         fwrite_buffer);
 973        }
 974
 975        strbuf_addstr(&buf, "Pragma:");
 976        if (options && options->no_cache)
 977                strbuf_addstr(&buf, " no-cache");
 978        if (options && options->keep_error)
 979                curl_easy_setopt(slot->curl, CURLOPT_FAILONERROR, 0);
 980
 981        headers = curl_slist_append(headers, buf.buf);
 982
 983        curl_easy_setopt(slot->curl, CURLOPT_URL, url);
 984        curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, headers);
 985        curl_easy_setopt(slot->curl, CURLOPT_ENCODING, "gzip");
 986
 987        ret = run_one_slot(slot, &results);
 988
 989        if (options && options->content_type) {
 990                struct strbuf raw = STRBUF_INIT;
 991                curlinfo_strbuf(slot->curl, CURLINFO_CONTENT_TYPE, &raw);
 992                extract_content_type(&raw, options->content_type);
 993                strbuf_release(&raw);
 994        }
 995
 996        if (options && options->effective_url)
 997                curlinfo_strbuf(slot->curl, CURLINFO_EFFECTIVE_URL,
 998                                options->effective_url);
 999
1000        curl_slist_free_all(headers);
1001        strbuf_release(&buf);
1002
1003        return ret;
1004}
1005
1006/*
1007 * Update the "base" url to a more appropriate value, as deduced by
1008 * redirects seen when requesting a URL starting with "url".
1009 *
1010 * The "asked" parameter is a URL that we asked curl to access, and must begin
1011 * with "base".
1012 *
1013 * The "got" parameter is the URL that curl reported to us as where we ended
1014 * up.
1015 *
1016 * Returns 1 if we updated the base url, 0 otherwise.
1017 *
1018 * Our basic strategy is to compare "base" and "asked" to find the bits
1019 * specific to our request. We then strip those bits off of "got" to yield the
1020 * new base. So for example, if our base is "http://example.com/foo.git",
1021 * and we ask for "http://example.com/foo.git/info/refs", we might end up
1022 * with "https://other.example.com/foo.git/info/refs". We would want the
1023 * new URL to become "https://other.example.com/foo.git".
1024 *
1025 * Note that this assumes a sane redirect scheme. It's entirely possible
1026 * in the example above to end up at a URL that does not even end in
1027 * "info/refs".  In such a case we simply punt, as there is not much we can
1028 * do (and such a scheme is unlikely to represent a real git repository,
1029 * which means we are likely about to abort anyway).
1030 */
1031static int update_url_from_redirect(struct strbuf *base,
1032                                    const char *asked,
1033                                    const struct strbuf *got)
1034{
1035        const char *tail;
1036        size_t tail_len;
1037
1038        if (!strcmp(asked, got->buf))
1039                return 0;
1040
1041        if (!starts_with(asked, base->buf))
1042                die("BUG: update_url_from_redirect: %s is not a superset of %s",
1043                    asked, base->buf);
1044
1045        tail = asked + base->len;
1046        tail_len = strlen(tail);
1047
1048        if (got->len < tail_len ||
1049            strcmp(tail, got->buf + got->len - tail_len))
1050                return 0; /* insane redirect scheme */
1051
1052        strbuf_reset(base);
1053        strbuf_add(base, got->buf, got->len - tail_len);
1054        return 1;
1055}
1056
1057static int http_request_reauth(const char *url,
1058                               void *result, int target,
1059                               struct http_get_options *options)
1060{
1061        int ret = http_request(url, result, target, options);
1062
1063        if (options && options->effective_url && options->base_url) {
1064                if (update_url_from_redirect(options->base_url,
1065                                             url, options->effective_url)) {
1066                        credential_from_url(&http_auth, options->base_url->buf);
1067                        url = options->effective_url->buf;
1068                }
1069        }
1070
1071        if (ret != HTTP_REAUTH)
1072                return ret;
1073
1074        /*
1075         * If we are using KEEP_ERROR, the previous request may have
1076         * put cruft into our output stream; we should clear it out before
1077         * making our next request. We only know how to do this for
1078         * the strbuf case, but that is enough to satisfy current callers.
1079         */
1080        if (options && options->keep_error) {
1081                switch (target) {
1082                case HTTP_REQUEST_STRBUF:
1083                        strbuf_reset(result);
1084                        break;
1085                default:
1086                        die("BUG: HTTP_KEEP_ERROR is only supported with strbufs");
1087                }
1088        }
1089
1090        credential_fill(&http_auth);
1091
1092        return http_request(url, result, target, options);
1093}
1094
1095int http_get_strbuf(const char *url,
1096                    struct strbuf *result,
1097                    struct http_get_options *options)
1098{
1099        return http_request_reauth(url, result, HTTP_REQUEST_STRBUF, options);
1100}
1101
1102/*
1103 * Downloads a URL and stores the result in the given file.
1104 *
1105 * If a previous interrupted download is detected (i.e. a previous temporary
1106 * file is still around) the download is resumed.
1107 */
1108static int http_get_file(const char *url, const char *filename,
1109                         struct http_get_options *options)
1110{
1111        int ret;
1112        struct strbuf tmpfile = STRBUF_INIT;
1113        FILE *result;
1114
1115        strbuf_addf(&tmpfile, "%s.temp", filename);
1116        result = fopen(tmpfile.buf, "a");
1117        if (!result) {
1118                error("Unable to open local file %s", tmpfile.buf);
1119                ret = HTTP_ERROR;
1120                goto cleanup;
1121        }
1122
1123        ret = http_request_reauth(url, result, HTTP_REQUEST_FILE, options);
1124        fclose(result);
1125
1126        if (ret == HTTP_OK && move_temp_to_file(tmpfile.buf, filename))
1127                ret = HTTP_ERROR;
1128cleanup:
1129        strbuf_release(&tmpfile);
1130        return ret;
1131}
1132
1133int http_fetch_ref(const char *base, struct ref *ref)
1134{
1135        struct http_get_options options = {0};
1136        char *url;
1137        struct strbuf buffer = STRBUF_INIT;
1138        int ret = -1;
1139
1140        options.no_cache = 1;
1141
1142        url = quote_ref_url(base, ref->name);
1143        if (http_get_strbuf(url, &buffer, &options) == HTTP_OK) {
1144                strbuf_rtrim(&buffer);
1145                if (buffer.len == 40)
1146                        ret = get_sha1_hex(buffer.buf, ref->old_sha1);
1147                else if (starts_with(buffer.buf, "ref: ")) {
1148                        ref->symref = xstrdup(buffer.buf + 5);
1149                        ret = 0;
1150                }
1151        }
1152
1153        strbuf_release(&buffer);
1154        free(url);
1155        return ret;
1156}
1157
1158/* Helpers for fetching packs */
1159static char *fetch_pack_index(unsigned char *sha1, const char *base_url)
1160{
1161        char *url, *tmp;
1162        struct strbuf buf = STRBUF_INIT;
1163
1164        if (http_is_verbose)
1165                fprintf(stderr, "Getting index for pack %s\n", sha1_to_hex(sha1));
1166
1167        end_url_with_slash(&buf, base_url);
1168        strbuf_addf(&buf, "objects/pack/pack-%s.idx", sha1_to_hex(sha1));
1169        url = strbuf_detach(&buf, NULL);
1170
1171        strbuf_addf(&buf, "%s.temp", sha1_pack_index_name(sha1));
1172        tmp = strbuf_detach(&buf, NULL);
1173
1174        if (http_get_file(url, tmp, NULL) != HTTP_OK) {
1175                error("Unable to get pack index %s", url);
1176                free(tmp);
1177                tmp = NULL;
1178        }
1179
1180        free(url);
1181        return tmp;
1182}
1183
1184static int fetch_and_setup_pack_index(struct packed_git **packs_head,
1185        unsigned char *sha1, const char *base_url)
1186{
1187        struct packed_git *new_pack;
1188        char *tmp_idx = NULL;
1189        int ret;
1190
1191        if (has_pack_index(sha1)) {
1192                new_pack = parse_pack_index(sha1, NULL);
1193                if (!new_pack)
1194                        return -1; /* parse_pack_index() already issued error message */
1195                goto add_pack;
1196        }
1197
1198        tmp_idx = fetch_pack_index(sha1, base_url);
1199        if (!tmp_idx)
1200                return -1;
1201
1202        new_pack = parse_pack_index(sha1, tmp_idx);
1203        if (!new_pack) {
1204                unlink(tmp_idx);
1205                free(tmp_idx);
1206
1207                return -1; /* parse_pack_index() already issued error message */
1208        }
1209
1210        ret = verify_pack_index(new_pack);
1211        if (!ret) {
1212                close_pack_index(new_pack);
1213                ret = move_temp_to_file(tmp_idx, sha1_pack_index_name(sha1));
1214        }
1215        free(tmp_idx);
1216        if (ret)
1217                return -1;
1218
1219add_pack:
1220        new_pack->next = *packs_head;
1221        *packs_head = new_pack;
1222        return 0;
1223}
1224
1225int http_get_info_packs(const char *base_url, struct packed_git **packs_head)
1226{
1227        struct http_get_options options = {0};
1228        int ret = 0, i = 0;
1229        char *url, *data;
1230        struct strbuf buf = STRBUF_INIT;
1231        unsigned char sha1[20];
1232
1233        end_url_with_slash(&buf, base_url);
1234        strbuf_addstr(&buf, "objects/info/packs");
1235        url = strbuf_detach(&buf, NULL);
1236
1237        options.no_cache = 1;
1238        ret = http_get_strbuf(url, &buf, &options);
1239        if (ret != HTTP_OK)
1240                goto cleanup;
1241
1242        data = buf.buf;
1243        while (i < buf.len) {
1244                switch (data[i]) {
1245                case 'P':
1246                        i++;
1247                        if (i + 52 <= buf.len &&
1248                            starts_with(data + i, " pack-") &&
1249                            starts_with(data + i + 46, ".pack\n")) {
1250                                get_sha1_hex(data + i + 6, sha1);
1251                                fetch_and_setup_pack_index(packs_head, sha1,
1252                                                      base_url);
1253                                i += 51;
1254                                break;
1255                        }
1256                default:
1257                        while (i < buf.len && data[i] != '\n')
1258                                i++;
1259                }
1260                i++;
1261        }
1262
1263cleanup:
1264        free(url);
1265        return ret;
1266}
1267
1268void release_http_pack_request(struct http_pack_request *preq)
1269{
1270        if (preq->packfile != NULL) {
1271                fclose(preq->packfile);
1272                preq->packfile = NULL;
1273        }
1274        if (preq->range_header != NULL) {
1275                curl_slist_free_all(preq->range_header);
1276                preq->range_header = NULL;
1277        }
1278        preq->slot = NULL;
1279        free(preq->url);
1280}
1281
1282int finish_http_pack_request(struct http_pack_request *preq)
1283{
1284        struct packed_git **lst;
1285        struct packed_git *p = preq->target;
1286        char *tmp_idx;
1287        struct child_process ip;
1288        const char *ip_argv[8];
1289
1290        close_pack_index(p);
1291
1292        fclose(preq->packfile);
1293        preq->packfile = NULL;
1294
1295        lst = preq->lst;
1296        while (*lst != p)
1297                lst = &((*lst)->next);
1298        *lst = (*lst)->next;
1299
1300        tmp_idx = xstrdup(preq->tmpfile);
1301        strcpy(tmp_idx + strlen(tmp_idx) - strlen(".pack.temp"),
1302               ".idx.temp");
1303
1304        ip_argv[0] = "index-pack";
1305        ip_argv[1] = "-o";
1306        ip_argv[2] = tmp_idx;
1307        ip_argv[3] = preq->tmpfile;
1308        ip_argv[4] = NULL;
1309
1310        memset(&ip, 0, sizeof(ip));
1311        ip.argv = ip_argv;
1312        ip.git_cmd = 1;
1313        ip.no_stdin = 1;
1314        ip.no_stdout = 1;
1315
1316        if (run_command(&ip)) {
1317                unlink(preq->tmpfile);
1318                unlink(tmp_idx);
1319                free(tmp_idx);
1320                return -1;
1321        }
1322
1323        unlink(sha1_pack_index_name(p->sha1));
1324
1325        if (move_temp_to_file(preq->tmpfile, sha1_pack_name(p->sha1))
1326         || move_temp_to_file(tmp_idx, sha1_pack_index_name(p->sha1))) {
1327                free(tmp_idx);
1328                return -1;
1329        }
1330
1331        install_packed_git(p);
1332        free(tmp_idx);
1333        return 0;
1334}
1335
1336struct http_pack_request *new_http_pack_request(
1337        struct packed_git *target, const char *base_url)
1338{
1339        long prev_posn = 0;
1340        char range[RANGE_HEADER_SIZE];
1341        struct strbuf buf = STRBUF_INIT;
1342        struct http_pack_request *preq;
1343
1344        preq = xcalloc(1, sizeof(*preq));
1345        preq->target = target;
1346
1347        end_url_with_slash(&buf, base_url);
1348        strbuf_addf(&buf, "objects/pack/pack-%s.pack",
1349                sha1_to_hex(target->sha1));
1350        preq->url = strbuf_detach(&buf, NULL);
1351
1352        snprintf(preq->tmpfile, sizeof(preq->tmpfile), "%s.temp",
1353                sha1_pack_name(target->sha1));
1354        preq->packfile = fopen(preq->tmpfile, "a");
1355        if (!preq->packfile) {
1356                error("Unable to open local file %s for pack",
1357                      preq->tmpfile);
1358                goto abort;
1359        }
1360
1361        preq->slot = get_active_slot();
1362        curl_easy_setopt(preq->slot->curl, CURLOPT_FILE, preq->packfile);
1363        curl_easy_setopt(preq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite);
1364        curl_easy_setopt(preq->slot->curl, CURLOPT_URL, preq->url);
1365        curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
1366                no_pragma_header);
1367
1368        /*
1369         * If there is data present from a previous transfer attempt,
1370         * resume where it left off
1371         */
1372        prev_posn = ftell(preq->packfile);
1373        if (prev_posn>0) {
1374                if (http_is_verbose)
1375                        fprintf(stderr,
1376                                "Resuming fetch of pack %s at byte %ld\n",
1377                                sha1_to_hex(target->sha1), prev_posn);
1378                sprintf(range, "Range: bytes=%ld-", prev_posn);
1379                preq->range_header = curl_slist_append(NULL, range);
1380                curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
1381                        preq->range_header);
1382        }
1383
1384        return preq;
1385
1386abort:
1387        free(preq->url);
1388        free(preq);
1389        return NULL;
1390}
1391
1392/* Helpers for fetching objects (loose) */
1393static size_t fwrite_sha1_file(char *ptr, size_t eltsize, size_t nmemb,
1394                               void *data)
1395{
1396        unsigned char expn[4096];
1397        size_t size = eltsize * nmemb;
1398        int posn = 0;
1399        struct http_object_request *freq =
1400                (struct http_object_request *)data;
1401        do {
1402                ssize_t retval = xwrite(freq->localfile,
1403                                        (char *) ptr + posn, size - posn);
1404                if (retval < 0)
1405                        return posn;
1406                posn += retval;
1407        } while (posn < size);
1408
1409        freq->stream.avail_in = size;
1410        freq->stream.next_in = (void *)ptr;
1411        do {
1412                freq->stream.next_out = expn;
1413                freq->stream.avail_out = sizeof(expn);
1414                freq->zret = git_inflate(&freq->stream, Z_SYNC_FLUSH);
1415                git_SHA1_Update(&freq->c, expn,
1416                                sizeof(expn) - freq->stream.avail_out);
1417        } while (freq->stream.avail_in && freq->zret == Z_OK);
1418        return size;
1419}
1420
1421struct http_object_request *new_http_object_request(const char *base_url,
1422        unsigned char *sha1)
1423{
1424        char *hex = sha1_to_hex(sha1);
1425        const char *filename;
1426        char prevfile[PATH_MAX];
1427        int prevlocal;
1428        char prev_buf[PREV_BUF_SIZE];
1429        ssize_t prev_read = 0;
1430        long prev_posn = 0;
1431        char range[RANGE_HEADER_SIZE];
1432        struct curl_slist *range_header = NULL;
1433        struct http_object_request *freq;
1434
1435        freq = xcalloc(1, sizeof(*freq));
1436        hashcpy(freq->sha1, sha1);
1437        freq->localfile = -1;
1438
1439        filename = sha1_file_name(sha1);
1440        snprintf(freq->tmpfile, sizeof(freq->tmpfile),
1441                 "%s.temp", filename);
1442
1443        snprintf(prevfile, sizeof(prevfile), "%s.prev", filename);
1444        unlink_or_warn(prevfile);
1445        rename(freq->tmpfile, prevfile);
1446        unlink_or_warn(freq->tmpfile);
1447
1448        if (freq->localfile != -1)
1449                error("fd leakage in start: %d", freq->localfile);
1450        freq->localfile = open(freq->tmpfile,
1451                               O_WRONLY | O_CREAT | O_EXCL, 0666);
1452        /*
1453         * This could have failed due to the "lazy directory creation";
1454         * try to mkdir the last path component.
1455         */
1456        if (freq->localfile < 0 && errno == ENOENT) {
1457                char *dir = strrchr(freq->tmpfile, '/');
1458                if (dir) {
1459                        *dir = 0;
1460                        mkdir(freq->tmpfile, 0777);
1461                        *dir = '/';
1462                }
1463                freq->localfile = open(freq->tmpfile,
1464                                       O_WRONLY | O_CREAT | O_EXCL, 0666);
1465        }
1466
1467        if (freq->localfile < 0) {
1468                error("Couldn't create temporary file %s: %s",
1469                      freq->tmpfile, strerror(errno));
1470                goto abort;
1471        }
1472
1473        git_inflate_init(&freq->stream);
1474
1475        git_SHA1_Init(&freq->c);
1476
1477        freq->url = get_remote_object_url(base_url, hex, 0);
1478
1479        /*
1480         * If a previous temp file is present, process what was already
1481         * fetched.
1482         */
1483        prevlocal = open(prevfile, O_RDONLY);
1484        if (prevlocal != -1) {
1485                do {
1486                        prev_read = xread(prevlocal, prev_buf, PREV_BUF_SIZE);
1487                        if (prev_read>0) {
1488                                if (fwrite_sha1_file(prev_buf,
1489                                                     1,
1490                                                     prev_read,
1491                                                     freq) == prev_read) {
1492                                        prev_posn += prev_read;
1493                                } else {
1494                                        prev_read = -1;
1495                                }
1496                        }
1497                } while (prev_read > 0);
1498                close(prevlocal);
1499        }
1500        unlink_or_warn(prevfile);
1501
1502        /*
1503         * Reset inflate/SHA1 if there was an error reading the previous temp
1504         * file; also rewind to the beginning of the local file.
1505         */
1506        if (prev_read == -1) {
1507                memset(&freq->stream, 0, sizeof(freq->stream));
1508                git_inflate_init(&freq->stream);
1509                git_SHA1_Init(&freq->c);
1510                if (prev_posn>0) {
1511                        prev_posn = 0;
1512                        lseek(freq->localfile, 0, SEEK_SET);
1513                        if (ftruncate(freq->localfile, 0) < 0) {
1514                                error("Couldn't truncate temporary file %s: %s",
1515                                          freq->tmpfile, strerror(errno));
1516                                goto abort;
1517                        }
1518                }
1519        }
1520
1521        freq->slot = get_active_slot();
1522
1523        curl_easy_setopt(freq->slot->curl, CURLOPT_FILE, freq);
1524        curl_easy_setopt(freq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite_sha1_file);
1525        curl_easy_setopt(freq->slot->curl, CURLOPT_ERRORBUFFER, freq->errorstr);
1526        curl_easy_setopt(freq->slot->curl, CURLOPT_URL, freq->url);
1527        curl_easy_setopt(freq->slot->curl, CURLOPT_HTTPHEADER, no_pragma_header);
1528
1529        /*
1530         * If we have successfully processed data from a previous fetch
1531         * attempt, only fetch the data we don't already have.
1532         */
1533        if (prev_posn>0) {
1534                if (http_is_verbose)
1535                        fprintf(stderr,
1536                                "Resuming fetch of object %s at byte %ld\n",
1537                                hex, prev_posn);
1538                sprintf(range, "Range: bytes=%ld-", prev_posn);
1539                range_header = curl_slist_append(range_header, range);
1540                curl_easy_setopt(freq->slot->curl,
1541                                 CURLOPT_HTTPHEADER, range_header);
1542        }
1543
1544        return freq;
1545
1546abort:
1547        free(freq->url);
1548        free(freq);
1549        return NULL;
1550}
1551
1552void process_http_object_request(struct http_object_request *freq)
1553{
1554        if (freq->slot == NULL)
1555                return;
1556        freq->curl_result = freq->slot->curl_result;
1557        freq->http_code = freq->slot->http_code;
1558        freq->slot = NULL;
1559}
1560
1561int finish_http_object_request(struct http_object_request *freq)
1562{
1563        struct stat st;
1564
1565        close(freq->localfile);
1566        freq->localfile = -1;
1567
1568        process_http_object_request(freq);
1569
1570        if (freq->http_code == 416) {
1571                warning("requested range invalid; we may already have all the data.");
1572        } else if (freq->curl_result != CURLE_OK) {
1573                if (stat(freq->tmpfile, &st) == 0)
1574                        if (st.st_size == 0)
1575                                unlink_or_warn(freq->tmpfile);
1576                return -1;
1577        }
1578
1579        git_inflate_end(&freq->stream);
1580        git_SHA1_Final(freq->real_sha1, &freq->c);
1581        if (freq->zret != Z_STREAM_END) {
1582                unlink_or_warn(freq->tmpfile);
1583                return -1;
1584        }
1585        if (hashcmp(freq->sha1, freq->real_sha1)) {
1586                unlink_or_warn(freq->tmpfile);
1587                return -1;
1588        }
1589        freq->rename =
1590                move_temp_to_file(freq->tmpfile, sha1_file_name(freq->sha1));
1591
1592        return freq->rename;
1593}
1594
1595void abort_http_object_request(struct http_object_request *freq)
1596{
1597        unlink_or_warn(freq->tmpfile);
1598
1599        release_http_object_request(freq);
1600}
1601
1602void release_http_object_request(struct http_object_request *freq)
1603{
1604        if (freq->localfile != -1) {
1605                close(freq->localfile);
1606                freq->localfile = -1;
1607        }
1608        if (freq->url != NULL) {
1609                free(freq->url);
1610                freq->url = NULL;
1611        }
1612        if (freq->slot != NULL) {
1613                freq->slot->callback_func = NULL;
1614                freq->slot->callback_data = NULL;
1615                release_active_slot(freq->slot);
1616                freq->slot = NULL;
1617        }
1618}