6cdd2c6b59f70a63ef01311cec7854960ca92735
1#include "builtin.h"
2#include "lockfile.h"
3#include "pack.h"
4#include "refs.h"
5#include "pkt-line.h"
6#include "sideband.h"
7#include "run-command.h"
8#include "exec_cmd.h"
9#include "commit.h"
10#include "object.h"
11#include "remote.h"
12#include "connect.h"
13#include "transport.h"
14#include "string-list.h"
15#include "sha1-array.h"
16#include "connected.h"
17#include "argv-array.h"
18#include "version.h"
19#include "tag.h"
20#include "gpg-interface.h"
21#include "sigchain.h"
22#include "fsck.h"
23static const char * const receive_pack_usage[] = {
25 N_("git receive-pack <git-dir>"),
26 NULL
27};
28enum deny_action {
30 DENY_UNCONFIGURED,
31 DENY_IGNORE,
32 DENY_WARN,
33 DENY_REFUSE,
34 DENY_UPDATE_INSTEAD
35};
36static int deny_deletes;
38static int deny_non_fast_forwards;
39static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
40static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
41static int receive_fsck_objects = -1;
42static int transfer_fsck_objects = -1;
43static struct strbuf fsck_msg_types = STRBUF_INIT;
44static int receive_unpack_limit = -1;
45static int transfer_unpack_limit = -1;
46static int advertise_atomic_push = 1;
47static int unpack_limit = 100;
48static int report_status;
49static int use_sideband;
50static int use_atomic;
51static int quiet;
52static int prefer_ofs_delta = 1;
53static int auto_update_server_info;
54static int auto_gc = 1;
55static int reject_thin;
56static int stateless_rpc;
57static const char *service_dir;
58static const char *head_name;
59static void *head_name_to_free;
60static int sent_capabilities;
61static int shallow_update;
62static const char *alt_shallow_file;
63static struct strbuf push_cert = STRBUF_INIT;
64static unsigned char push_cert_sha1[20];
65static struct signature_check sigcheck;
66static const char *push_cert_nonce;
67static const char *cert_nonce_seed;
68static const char *NONCE_UNSOLICITED = "UNSOLICITED";
70static const char *NONCE_BAD = "BAD";
71static const char *NONCE_MISSING = "MISSING";
72static const char *NONCE_OK = "OK";
73static const char *NONCE_SLOP = "SLOP";
74static const char *nonce_status;
75static long nonce_stamp_slop;
76static unsigned long nonce_stamp_slop_limit;
77static struct ref_transaction *transaction;
78static enum deny_action parse_deny_action(const char *var, const char *value)
80{
81 if (value) {
82 if (!strcasecmp(value, "ignore"))
83 return DENY_IGNORE;
84 if (!strcasecmp(value, "warn"))
85 return DENY_WARN;
86 if (!strcasecmp(value, "refuse"))
87 return DENY_REFUSE;
88 if (!strcasecmp(value, "updateinstead"))
89 return DENY_UPDATE_INSTEAD;
90 }
91 if (git_config_bool(var, value))
92 return DENY_REFUSE;
93 return DENY_IGNORE;
94}
95static int receive_pack_config(const char *var, const char *value, void *cb)
97{
98 int status = parse_hide_refs_config(var, value, "receive");
99 if (status)
101 return status;
102 if (strcmp(var, "receive.denydeletes") == 0) {
104 deny_deletes = git_config_bool(var, value);
105 return 0;
106 }
107 if (strcmp(var, "receive.denynonfastforwards") == 0) {
109 deny_non_fast_forwards = git_config_bool(var, value);
110 return 0;
111 }
112 if (strcmp(var, "receive.unpacklimit") == 0) {
114 receive_unpack_limit = git_config_int(var, value);
115 return 0;
116 }
117 if (strcmp(var, "transfer.unpacklimit") == 0) {
119 transfer_unpack_limit = git_config_int(var, value);
120 return 0;
121 }
122 if (strcmp(var, "receive.fsck.skiplist") == 0) {
124 const char *path;
125 if (git_config_pathname(&path, var, value))
127 return 1;
128 strbuf_addf(&fsck_msg_types, "%cskiplist=%s",
129 fsck_msg_types.len ? ',' : '=', path);
130 free((char *)path);
131 return 0;
132 }
133 if (skip_prefix(var, "receive.fsck.", &var)) {
135 if (is_valid_msg_type(var, value))
136 strbuf_addf(&fsck_msg_types, "%c%s=%s",
137 fsck_msg_types.len ? ',' : '=', var, value);
138 else
139 warning("Skipping unknown msg id '%s'", var);
140 return 0;
141 }
142 if (strcmp(var, "receive.fsckobjects") == 0) {
144 receive_fsck_objects = git_config_bool(var, value);
145 return 0;
146 }
147 if (strcmp(var, "transfer.fsckobjects") == 0) {
149 transfer_fsck_objects = git_config_bool(var, value);
150 return 0;
151 }
152 if (!strcmp(var, "receive.denycurrentbranch")) {
154 deny_current_branch = parse_deny_action(var, value);
155 return 0;
156 }
157 if (strcmp(var, "receive.denydeletecurrent") == 0) {
159 deny_delete_current = parse_deny_action(var, value);
160 return 0;
161 }
162 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
164 prefer_ofs_delta = git_config_bool(var, value);
165 return 0;
166 }
167 if (strcmp(var, "receive.updateserverinfo") == 0) {
169 auto_update_server_info = git_config_bool(var, value);
170 return 0;
171 }
172 if (strcmp(var, "receive.autogc") == 0) {
174 auto_gc = git_config_bool(var, value);
175 return 0;
176 }
177 if (strcmp(var, "receive.shallowupdate") == 0) {
179 shallow_update = git_config_bool(var, value);
180 return 0;
181 }
182 if (strcmp(var, "receive.certnonceseed") == 0)
184 return git_config_string(&cert_nonce_seed, var, value);
185 if (strcmp(var, "receive.certnonceslop") == 0) {
187 nonce_stamp_slop_limit = git_config_ulong(var, value);
188 return 0;
189 }
190 if (strcmp(var, "receive.advertiseatomic") == 0) {
192 advertise_atomic_push = git_config_bool(var, value);
193 return 0;
194 }
195 return git_default_config(var, value, cb);
197}
198static void show_ref(const char *path, const unsigned char *sha1)
200{
201 if (sent_capabilities) {
202 packet_write(1, "%s %s\n", sha1_to_hex(sha1), path);
203 } else {
204 struct strbuf cap = STRBUF_INIT;
205 strbuf_addstr(&cap,
207 "report-status delete-refs side-band-64k quiet");
208 if (advertise_atomic_push)
209 strbuf_addstr(&cap, " atomic");
210 if (prefer_ofs_delta)
211 strbuf_addstr(&cap, " ofs-delta");
212 if (push_cert_nonce)
213 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
214 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
215 packet_write(1, "%s %s%c%s\n",
216 sha1_to_hex(sha1), path, 0, cap.buf);
217 strbuf_release(&cap);
218 sent_capabilities = 1;
219 }
220}
221static int show_ref_cb(const char *path_full, const struct object_id *oid,
223 int flag, void *unused)
224{
225 const char *path = strip_namespace(path_full);
226 if (ref_is_hidden(path, path_full))
228 return 0;
229 /*
231 * Advertise refs outside our current namespace as ".have"
232 * refs, so that the client can use them to minimize data
233 * transfer but will otherwise ignore them. This happens to
234 * cover ".have" that are thrown in by add_one_alternate_ref()
235 * to mark histories that are complete in our alternates as
236 * well.
237 */
238 if (!path)
239 path = ".have";
240 show_ref(path, oid->hash);
241 return 0;
242}
243static void show_one_alternate_sha1(const unsigned char sha1[20], void *unused)
245{
246 show_ref(".have", sha1);
247}
248static void collect_one_alternate_ref(const struct ref *ref, void *data)
250{
251 struct sha1_array *sa = data;
252 sha1_array_append(sa, ref->old_oid.hash);
253}
254static void write_head_info(void)
256{
257 struct sha1_array sa = SHA1_ARRAY_INIT;
258 for_each_alternate_ref(collect_one_alternate_ref, &sa);
260 sha1_array_for_each_unique(&sa, show_one_alternate_sha1, NULL);
261 sha1_array_clear(&sa);
262 for_each_ref(show_ref_cb, NULL);
263 if (!sent_capabilities)
264 show_ref("capabilities^{}", null_sha1);
265 advertise_shallow_grafts(1);
267 /* EOF */
269 packet_flush(1);
270}
271struct command {
273 struct command *next;
274 const char *error_string;
275 unsigned int skip_update:1,
276 did_not_exist:1;
277 int index;
278 unsigned char old_sha1[20];
279 unsigned char new_sha1[20];
280 char ref_name[FLEX_ARRAY]; /* more */
281};
282static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
284static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
285static void report_message(const char *prefix, const char *err, va_list params)
287{
288 int sz;
289 char msg[4096];
290 sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
292 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
293 if (sz > (sizeof(msg) - 1))
294 sz = sizeof(msg) - 1;
295 msg[sz++] = '\n';
296 if (use_sideband)
298 send_sideband(1, 2, msg, sz, use_sideband);
299 else
300 xwrite(2, msg, sz);
301}
302static void rp_warning(const char *err, ...)
304{
305 va_list params;
306 va_start(params, err);
307 report_message("warning: ", err, params);
308 va_end(params);
309}
310static void rp_error(const char *err, ...)
312{
313 va_list params;
314 va_start(params, err);
315 report_message("error: ", err, params);
316 va_end(params);
317}
318static int copy_to_sideband(int in, int out, void *arg)
320{
321 char data[128];
322 while (1) {
323 ssize_t sz = xread(in, data, sizeof(data));
324 if (sz <= 0)
325 break;
326 send_sideband(1, 2, data, sz, use_sideband);
327 }
328 close(in);
329 return 0;
330}
331#define HMAC_BLOCK_SIZE 64
333static void hmac_sha1(unsigned char *out,
335 const char *key_in, size_t key_len,
336 const char *text, size_t text_len)
337{
338 unsigned char key[HMAC_BLOCK_SIZE];
339 unsigned char k_ipad[HMAC_BLOCK_SIZE];
340 unsigned char k_opad[HMAC_BLOCK_SIZE];
341 int i;
342 git_SHA_CTX ctx;
343 /* RFC 2104 2. (1) */
345 memset(key, '\0', HMAC_BLOCK_SIZE);
346 if (HMAC_BLOCK_SIZE < key_len) {
347 git_SHA1_Init(&ctx);
348 git_SHA1_Update(&ctx, key_in, key_len);
349 git_SHA1_Final(key, &ctx);
350 } else {
351 memcpy(key, key_in, key_len);
352 }
353 /* RFC 2104 2. (2) & (5) */
355 for (i = 0; i < sizeof(key); i++) {
356 k_ipad[i] = key[i] ^ 0x36;
357 k_opad[i] = key[i] ^ 0x5c;
358 }
359 /* RFC 2104 2. (3) & (4) */
361 git_SHA1_Init(&ctx);
362 git_SHA1_Update(&ctx, k_ipad, sizeof(k_ipad));
363 git_SHA1_Update(&ctx, text, text_len);
364 git_SHA1_Final(out, &ctx);
365 /* RFC 2104 2. (6) & (7) */
367 git_SHA1_Init(&ctx);
368 git_SHA1_Update(&ctx, k_opad, sizeof(k_opad));
369 git_SHA1_Update(&ctx, out, 20);
370 git_SHA1_Final(out, &ctx);
371}
372static char *prepare_push_cert_nonce(const char *path, unsigned long stamp)
374{
375 struct strbuf buf = STRBUF_INIT;
376 unsigned char sha1[20];
377 strbuf_addf(&buf, "%s:%lu", path, stamp);
379 hmac_sha1(sha1, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));;
380 strbuf_release(&buf);
381 /* RFC 2104 5. HMAC-SHA1-80 */
383 strbuf_addf(&buf, "%lu-%.*s", stamp, 20, sha1_to_hex(sha1));
384 return strbuf_detach(&buf, NULL);
385}
386/*
388 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
389 * after dropping "_commit" from its name and possibly moving it out
390 * of commit.c
391 */
392static char *find_header(const char *msg, size_t len, const char *key)
393{
394 int key_len = strlen(key);
395 const char *line = msg;
396 while (line && line < msg + len) {
398 const char *eol = strchrnul(line, '\n');
399 if ((msg + len <= eol) || line == eol)
401 return NULL;
402 if (line + key_len < eol &&
403 !memcmp(line, key, key_len) && line[key_len] == ' ') {
404 int offset = key_len + 1;
405 return xmemdupz(line + offset, (eol - line) - offset);
406 }
407 line = *eol ? eol + 1 : NULL;
408 }
409 return NULL;
410}
411static const char *check_nonce(const char *buf, size_t len)
413{
414 char *nonce = find_header(buf, len, "nonce");
415 unsigned long stamp, ostamp;
416 char *bohmac, *expect = NULL;
417 const char *retval = NONCE_BAD;
418 if (!nonce) {
420 retval = NONCE_MISSING;
421 goto leave;
422 } else if (!push_cert_nonce) {
423 retval = NONCE_UNSOLICITED;
424 goto leave;
425 } else if (!strcmp(push_cert_nonce, nonce)) {
426 retval = NONCE_OK;
427 goto leave;
428 }
429 if (!stateless_rpc) {
431 /* returned nonce MUST match what we gave out earlier */
432 retval = NONCE_BAD;
433 goto leave;
434 }
435 /*
437 * In stateless mode, we may be receiving a nonce issued by
438 * another instance of the server that serving the same
439 * repository, and the timestamps may not match, but the
440 * nonce-seed and dir should match, so we can recompute and
441 * report the time slop.
442 *
443 * In addition, when a nonce issued by another instance has
444 * timestamp within receive.certnonceslop seconds, we pretend
445 * as if we issued that nonce when reporting to the hook.
446 */
447 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
449 if (*nonce <= '0' || '9' < *nonce) {
450 retval = NONCE_BAD;
451 goto leave;
452 }
453 stamp = strtoul(nonce, &bohmac, 10);
454 if (bohmac == nonce || bohmac[0] != '-') {
455 retval = NONCE_BAD;
456 goto leave;
457 }
458 expect = prepare_push_cert_nonce(service_dir, stamp);
460 if (strcmp(expect, nonce)) {
461 /* Not what we would have signed earlier */
462 retval = NONCE_BAD;
463 goto leave;
464 }
465 /*
467 * By how many seconds is this nonce stale? Negative value
468 * would mean it was issued by another server with its clock
469 * skewed in the future.
470 */
471 ostamp = strtoul(push_cert_nonce, NULL, 10);
472 nonce_stamp_slop = (long)ostamp - (long)stamp;
473 if (nonce_stamp_slop_limit &&
475 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
476 /*
477 * Pretend as if the received nonce (which passes the
478 * HMAC check, so it is not a forged by third-party)
479 * is what we issued.
480 */
481 free((void *)push_cert_nonce);
482 push_cert_nonce = xstrdup(nonce);
483 retval = NONCE_OK;
484 } else {
485 retval = NONCE_SLOP;
486 }
487leave:
489 free(nonce);
490 free(expect);
491 return retval;
492}
493static void prepare_push_cert_sha1(struct child_process *proc)
495{
496 static int already_done;
497 if (!push_cert.len)
499 return;
500 if (!already_done) {
502 struct strbuf gpg_output = STRBUF_INIT;
503 struct strbuf gpg_status = STRBUF_INIT;
504 int bogs /* beginning_of_gpg_sig */;
505 already_done = 1;
507 if (write_sha1_file(push_cert.buf, push_cert.len, "blob", push_cert_sha1))
508 hashclr(push_cert_sha1);
509 memset(&sigcheck, '\0', sizeof(sigcheck));
511 sigcheck.result = 'N';
512 bogs = parse_signature(push_cert.buf, push_cert.len);
514 if (verify_signed_buffer(push_cert.buf, bogs,
515 push_cert.buf + bogs, push_cert.len - bogs,
516 &gpg_output, &gpg_status) < 0) {
517 ; /* error running gpg */
518 } else {
519 sigcheck.payload = push_cert.buf;
520 sigcheck.gpg_output = gpg_output.buf;
521 sigcheck.gpg_status = gpg_status.buf;
522 parse_gpg_output(&sigcheck);
523 }
524 strbuf_release(&gpg_output);
526 strbuf_release(&gpg_status);
527 nonce_status = check_nonce(push_cert.buf, bogs);
528 }
529 if (!is_null_sha1(push_cert_sha1)) {
530 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT=%s",
531 sha1_to_hex(push_cert_sha1));
532 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_SIGNER=%s",
533 sigcheck.signer ? sigcheck.signer : "");
534 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_KEY=%s",
535 sigcheck.key ? sigcheck.key : "");
536 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_STATUS=%c",
537 sigcheck.result);
538 if (push_cert_nonce) {
539 argv_array_pushf(&proc->env_array,
540 "GIT_PUSH_CERT_NONCE=%s",
541 push_cert_nonce);
542 argv_array_pushf(&proc->env_array,
543 "GIT_PUSH_CERT_NONCE_STATUS=%s",
544 nonce_status);
545 if (nonce_status == NONCE_SLOP)
546 argv_array_pushf(&proc->env_array,
547 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
548 nonce_stamp_slop);
549 }
550 }
551}
552struct receive_hook_feed_state {
554 struct command *cmd;
555 int skip_broken;
556 struct strbuf buf;
557 const struct string_list *push_options;
558};
559typedef int (*feed_fn)(void *, const char **, size_t *);
561static int run_and_feed_hook(const char *hook_name, feed_fn feed,
562 struct receive_hook_feed_state *feed_state)
563{
564 struct child_process proc = CHILD_PROCESS_INIT;
565 struct async muxer;
566 const char *argv[2];
567 int code;
568 argv[0] = find_hook(hook_name);
570 if (!argv[0])
571 return 0;
572 argv[1] = NULL;
574 proc.argv = argv;
576 proc.in = -1;
577 proc.stdout_to_stderr = 1;
578 if (feed_state->push_options) {
579 int i;
580 for (i = 0; i < feed_state->push_options->nr; i++)
581 argv_array_pushf(&proc.env_array,
582 "GIT_PUSH_OPTION_%d=%s", i,
583 feed_state->push_options->items[i].string);
584 argv_array_pushf(&proc.env_array, "GIT_PUSH_OPTION_COUNT=%d",
585 feed_state->push_options->nr);
586 } else
587 argv_array_pushf(&proc.env_array, "GIT_PUSH_OPTION_COUNT");
588 if (use_sideband) {
590 memset(&muxer, 0, sizeof(muxer));
591 muxer.proc = copy_to_sideband;
592 muxer.in = -1;
593 code = start_async(&muxer);
594 if (code)
595 return code;
596 proc.err = muxer.in;
597 }
598 prepare_push_cert_sha1(&proc);
600 code = start_command(&proc);
602 if (code) {
603 if (use_sideband)
604 finish_async(&muxer);
605 return code;
606 }
607 sigchain_push(SIGPIPE, SIG_IGN);
609 while (1) {
611 const char *buf;
612 size_t n;
613 if (feed(feed_state, &buf, &n))
614 break;
615 if (write_in_full(proc.in, buf, n) != n)
616 break;
617 }
618 close(proc.in);
619 if (use_sideband)
620 finish_async(&muxer);
621 sigchain_pop(SIGPIPE);
623 return finish_command(&proc);
625}
626static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
628{
629 struct receive_hook_feed_state *state = state_;
630 struct command *cmd = state->cmd;
631 while (cmd &&
633 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
634 cmd = cmd->next;
635 if (!cmd)
636 return -1; /* EOF */
637 strbuf_reset(&state->buf);
638 strbuf_addf(&state->buf, "%s %s %s\n",
639 sha1_to_hex(cmd->old_sha1), sha1_to_hex(cmd->new_sha1),
640 cmd->ref_name);
641 state->cmd = cmd->next;
642 if (bufp) {
643 *bufp = state->buf.buf;
644 *sizep = state->buf.len;
645 }
646 return 0;
647}
648static int run_receive_hook(struct command *commands,
650 const char *hook_name,
651 int skip_broken,
652 const struct string_list *push_options)
653{
654 struct receive_hook_feed_state state;
655 int status;
656 strbuf_init(&state.buf, 0);
658 state.cmd = commands;
659 state.skip_broken = skip_broken;
660 if (feed_receive_hook(&state, NULL, NULL))
661 return 0;
662 state.cmd = commands;
663 state.push_options = push_options;
664 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
665 strbuf_release(&state.buf);
666 return status;
667}
668static int run_update_hook(struct command *cmd)
670{
671 const char *argv[5];
672 struct child_process proc = CHILD_PROCESS_INIT;
673 int code;
674 argv[0] = find_hook("update");
676 if (!argv[0])
677 return 0;
678 argv[1] = cmd->ref_name;
680 argv[2] = sha1_to_hex(cmd->old_sha1);
681 argv[3] = sha1_to_hex(cmd->new_sha1);
682 argv[4] = NULL;
683 proc.no_stdin = 1;
685 proc.stdout_to_stderr = 1;
686 proc.err = use_sideband ? -1 : 0;
687 proc.argv = argv;
688 code = start_command(&proc);
690 if (code)
691 return code;
692 if (use_sideband)
693 copy_to_sideband(proc.err, -1, NULL);
694 return finish_command(&proc);
695}
696static int is_ref_checked_out(const char *ref)
698{
699 if (is_bare_repository())
700 return 0;
701 if (!head_name)
703 return 0;
704 return !strcmp(head_name, ref);
705}
706static char *refuse_unconfigured_deny_msg[] = {
708 "By default, updating the current branch in a non-bare repository",
709 "is denied, because it will make the index and work tree inconsistent",
710 "with what you pushed, and will require 'git reset --hard' to match",
711 "the work tree to HEAD.",
712 "",
713 "You can set 'receive.denyCurrentBranch' configuration variable to",
714 "'ignore' or 'warn' in the remote repository to allow pushing into",
715 "its current branch; however, this is not recommended unless you",
716 "arranged to update its work tree to match what you pushed in some",
717 "other way.",
718 "",
719 "To squelch this message and still keep the default behaviour, set",
720 "'receive.denyCurrentBranch' configuration variable to 'refuse'."
721};
722static void refuse_unconfigured_deny(void)
724{
725 int i;
726 for (i = 0; i < ARRAY_SIZE(refuse_unconfigured_deny_msg); i++)
727 rp_error("%s", refuse_unconfigured_deny_msg[i]);
728}
729static char *refuse_unconfigured_deny_delete_current_msg[] = {
731 "By default, deleting the current branch is denied, because the next",
732 "'git clone' won't result in any file checked out, causing confusion.",
733 "",
734 "You can set 'receive.denyDeleteCurrent' configuration variable to",
735 "'warn' or 'ignore' in the remote repository to allow deleting the",
736 "current branch, with or without a warning message.",
737 "",
738 "To squelch this message, you can set it to 'refuse'."
739};
740static void refuse_unconfigured_deny_delete_current(void)
742{
743 int i;
744 for (i = 0;
745 i < ARRAY_SIZE(refuse_unconfigured_deny_delete_current_msg);
746 i++)
747 rp_error("%s", refuse_unconfigured_deny_delete_current_msg[i]);
748}
749static int command_singleton_iterator(void *cb_data, unsigned char sha1[20]);
751static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
752{
753 static struct lock_file shallow_lock;
754 struct sha1_array extra = SHA1_ARRAY_INIT;
755 const char *alt_file;
756 uint32_t mask = 1 << (cmd->index % 32);
757 int i;
758 trace_printf_key(&trace_shallow,
760 "shallow: update_shallow_ref %s\n", cmd->ref_name);
761 for (i = 0; i < si->shallow->nr; i++)
762 if (si->used_shallow[i] &&
763 (si->used_shallow[i][cmd->index / 32] & mask) &&
764 !delayed_reachability_test(si, i))
765 sha1_array_append(&extra, si->shallow->sha1[i]);
766 setup_alternate_shallow(&shallow_lock, &alt_file, &extra);
768 if (check_shallow_connected(command_singleton_iterator,
769 0, cmd, alt_file)) {
770 rollback_lock_file(&shallow_lock);
771 sha1_array_clear(&extra);
772 return -1;
773 }
774 commit_lock_file(&shallow_lock);
776 /*
778 * Make sure setup_alternate_shallow() for the next ref does
779 * not lose these new roots..
780 */
781 for (i = 0; i < extra.nr; i++)
782 register_shallow(extra.sha1[i]);
783 si->shallow_ref[cmd->index] = 0;
785 sha1_array_clear(&extra);
786 return 0;
787}
788/*
790 * NEEDSWORK: we should consolidate various implementions of "are we
791 * on an unborn branch?" test into one, and make the unified one more
792 * robust. !get_sha1() based check used here and elsewhere would not
793 * allow us to tell an unborn branch from corrupt ref, for example.
794 * For the purpose of fixing "deploy-to-update does not work when
795 * pushing into an empty repository" issue, this should suffice for
796 * now.
797 */
798static int head_has_history(void)
799{
800 unsigned char sha1[20];
801 return !get_sha1("HEAD", sha1);
803}
804static const char *push_to_deploy(unsigned char *sha1,
806 struct argv_array *env,
807 const char *work_tree)
808{
809 const char *update_refresh[] = {
810 "update-index", "-q", "--ignore-submodules", "--refresh", NULL
811 };
812 const char *diff_files[] = {
813 "diff-files", "--quiet", "--ignore-submodules", "--", NULL
814 };
815 const char *diff_index[] = {
816 "diff-index", "--quiet", "--cached", "--ignore-submodules",
817 NULL, "--", NULL
818 };
819 const char *read_tree[] = {
820 "read-tree", "-u", "-m", NULL, NULL
821 };
822 struct child_process child = CHILD_PROCESS_INIT;
823 child.argv = update_refresh;
825 child.env = env->argv;
826 child.dir = work_tree;
827 child.no_stdin = 1;
828 child.stdout_to_stderr = 1;
829 child.git_cmd = 1;
830 if (run_command(&child))
831 return "Up-to-date check failed";
832 /* run_command() does not clean up completely; reinitialize */
834 child_process_init(&child);
835 child.argv = diff_files;
836 child.env = env->argv;
837 child.dir = work_tree;
838 child.no_stdin = 1;
839 child.stdout_to_stderr = 1;
840 child.git_cmd = 1;
841 if (run_command(&child))
842 return "Working directory has unstaged changes";
843 /* diff-index with either HEAD or an empty tree */
845 diff_index[4] = head_has_history() ? "HEAD" : EMPTY_TREE_SHA1_HEX;
846 child_process_init(&child);
848 child.argv = diff_index;
849 child.env = env->argv;
850 child.no_stdin = 1;
851 child.no_stdout = 1;
852 child.stdout_to_stderr = 0;
853 child.git_cmd = 1;
854 if (run_command(&child))
855 return "Working directory has staged changes";
856 read_tree[3] = sha1_to_hex(sha1);
858 child_process_init(&child);
859 child.argv = read_tree;
860 child.env = env->argv;
861 child.dir = work_tree;
862 child.no_stdin = 1;
863 child.no_stdout = 1;
864 child.stdout_to_stderr = 0;
865 child.git_cmd = 1;
866 if (run_command(&child))
867 return "Could not update working tree to new HEAD";
868 return NULL;
870}
871static const char *push_to_checkout_hook = "push-to-checkout";
873static const char *push_to_checkout(unsigned char *sha1,
875 struct argv_array *env,
876 const char *work_tree)
877{
878 argv_array_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
879 if (run_hook_le(env->argv, push_to_checkout_hook,
880 sha1_to_hex(sha1), NULL))
881 return "push-to-checkout hook declined";
882 else
883 return NULL;
884}
885static const char *update_worktree(unsigned char *sha1)
887{
888 const char *retval;
889 const char *work_tree = git_work_tree_cfg ? git_work_tree_cfg : "..";
890 struct argv_array env = ARGV_ARRAY_INIT;
891 if (is_bare_repository())
893 return "denyCurrentBranch = updateInstead needs a worktree";
894 argv_array_pushf(&env, "GIT_DIR=%s", absolute_path(get_git_dir()));
896 if (!find_hook(push_to_checkout_hook))
898 retval = push_to_deploy(sha1, &env, work_tree);
899 else
900 retval = push_to_checkout(sha1, &env, work_tree);
901 argv_array_clear(&env);
903 return retval;
904}
905static const char *update(struct command *cmd, struct shallow_info *si)
907{
908 const char *name = cmd->ref_name;
909 struct strbuf namespaced_name_buf = STRBUF_INIT;
910 const char *namespaced_name, *ret;
911 unsigned char *old_sha1 = cmd->old_sha1;
912 unsigned char *new_sha1 = cmd->new_sha1;
913 /* only refs/... are allowed */
915 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
916 rp_error("refusing to create funny ref '%s' remotely", name);
917 return "funny refname";
918 }
919 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
921 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
922 if (is_ref_checked_out(namespaced_name)) {
924 switch (deny_current_branch) {
925 case DENY_IGNORE:
926 break;
927 case DENY_WARN:
928 rp_warning("updating the current branch");
929 break;
930 case DENY_REFUSE:
931 case DENY_UNCONFIGURED:
932 rp_error("refusing to update checked out branch: %s", name);
933 if (deny_current_branch == DENY_UNCONFIGURED)
934 refuse_unconfigured_deny();
935 return "branch is currently checked out";
936 case DENY_UPDATE_INSTEAD:
937 ret = update_worktree(new_sha1);
938 if (ret)
939 return ret;
940 break;
941 }
942 }
943 if (!is_null_sha1(new_sha1) && !has_sha1_file(new_sha1)) {
945 error("unpack should have generated %s, "
946 "but I can't find it!", sha1_to_hex(new_sha1));
947 return "bad pack";
948 }
949 if (!is_null_sha1(old_sha1) && is_null_sha1(new_sha1)) {
951 if (deny_deletes && starts_with(name, "refs/heads/")) {
952 rp_error("denying ref deletion for %s", name);
953 return "deletion prohibited";
954 }
955 if (head_name && !strcmp(namespaced_name, head_name)) {
957 switch (deny_delete_current) {
958 case DENY_IGNORE:
959 break;
960 case DENY_WARN:
961 rp_warning("deleting the current branch");
962 break;
963 case DENY_REFUSE:
964 case DENY_UNCONFIGURED:
965 case DENY_UPDATE_INSTEAD:
966 if (deny_delete_current == DENY_UNCONFIGURED)
967 refuse_unconfigured_deny_delete_current();
968 rp_error("refusing to delete the current branch: %s", name);
969 return "deletion of the current branch prohibited";
970 default:
971 return "Invalid denyDeleteCurrent setting";
972 }
973 }
974 }
975 if (deny_non_fast_forwards && !is_null_sha1(new_sha1) &&
977 !is_null_sha1(old_sha1) &&
978 starts_with(name, "refs/heads/")) {
979 struct object *old_object, *new_object;
980 struct commit *old_commit, *new_commit;
981 old_object = parse_object(old_sha1);
983 new_object = parse_object(new_sha1);
984 if (!old_object || !new_object ||
986 old_object->type != OBJ_COMMIT ||
987 new_object->type != OBJ_COMMIT) {
988 error("bad sha1 objects for %s", name);
989 return "bad ref";
990 }
991 old_commit = (struct commit *)old_object;
992 new_commit = (struct commit *)new_object;
993 if (!in_merge_bases(old_commit, new_commit)) {
994 rp_error("denying non-fast-forward %s"
995 " (you should pull first)", name);
996 return "non-fast-forward";
997 }
998 }
999 if (run_update_hook(cmd)) {
1000 rp_error("hook declined to update %s", name);
1001 return "hook declined";
1002 }
1003 if (is_null_sha1(new_sha1)) {
1005 struct strbuf err = STRBUF_INIT;
1006 if (!parse_object(old_sha1)) {
1007 old_sha1 = NULL;
1008 if (ref_exists(name)) {
1009 rp_warning("Allowing deletion of corrupt ref.");
1010 } else {
1011 rp_warning("Deleting a non-existent ref.");
1012 cmd->did_not_exist = 1;
1013 }
1014 }
1015 if (ref_transaction_delete(transaction,
1016 namespaced_name,
1017 old_sha1,
1018 0, "push", &err)) {
1019 rp_error("%s", err.buf);
1020 strbuf_release(&err);
1021 return "failed to delete";
1022 }
1023 strbuf_release(&err);
1024 return NULL; /* good */
1025 }
1026 else {
1027 struct strbuf err = STRBUF_INIT;
1028 if (shallow_update && si->shallow_ref[cmd->index] &&
1029 update_shallow_ref(cmd, si))
1030 return "shallow error";
1031 if (ref_transaction_update(transaction,
1033 namespaced_name,
1034 new_sha1, old_sha1,
1035 0, "push",
1036 &err)) {
1037 rp_error("%s", err.buf);
1038 strbuf_release(&err);
1039 return "failed to update ref";
1041 }
1042 strbuf_release(&err);
1043 return NULL; /* good */
1045 }
1046}
1047static void run_update_post_hook(struct command *commands)
1049{
1050 struct command *cmd;
1051 int argc;
1052 struct child_process proc = CHILD_PROCESS_INIT;
1053 const char *hook;
1054 hook = find_hook("post-update");
1056 for (argc = 0, cmd = commands; cmd; cmd = cmd->next) {
1057 if (cmd->error_string || cmd->did_not_exist)
1058 continue;
1059 argc++;
1060 }
1061 if (!argc || !hook)
1062 return;
1063 argv_array_push(&proc.args, hook);
1065 for (cmd = commands; cmd; cmd = cmd->next) {
1066 if (cmd->error_string || cmd->did_not_exist)
1067 continue;
1068 argv_array_push(&proc.args, cmd->ref_name);
1069 }
1070 proc.no_stdin = 1;
1072 proc.stdout_to_stderr = 1;
1073 proc.err = use_sideband ? -1 : 0;
1074 if (!start_command(&proc)) {
1076 if (use_sideband)
1077 copy_to_sideband(proc.err, -1, NULL);
1078 finish_command(&proc);
1079 }
1080}
1081static void check_aliased_update(struct command *cmd, struct string_list *list)
1083{
1084 struct strbuf buf = STRBUF_INIT;
1085 const char *dst_name;
1086 struct string_list_item *item;
1087 struct command *dst_cmd;
1088 unsigned char sha1[GIT_SHA1_RAWSZ];
1089 char cmd_oldh[GIT_SHA1_HEXSZ + 1],
1090 cmd_newh[GIT_SHA1_HEXSZ + 1],
1091 dst_oldh[GIT_SHA1_HEXSZ + 1],
1092 dst_newh[GIT_SHA1_HEXSZ + 1];
1093 int flag;
1094 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1096 dst_name = resolve_ref_unsafe(buf.buf, 0, sha1, &flag);
1097 strbuf_release(&buf);
1098 if (!(flag & REF_ISSYMREF))
1100 return;
1101 if (!dst_name) {
1103 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1104 cmd->skip_update = 1;
1105 cmd->error_string = "broken symref";
1106 return;
1107 }
1108 dst_name = strip_namespace(dst_name);
1109 if ((item = string_list_lookup(list, dst_name)) == NULL)
1111 return;
1112 cmd->skip_update = 1;
1114 dst_cmd = (struct command *) item->util;
1116 if (!hashcmp(cmd->old_sha1, dst_cmd->old_sha1) &&
1118 !hashcmp(cmd->new_sha1, dst_cmd->new_sha1))
1119 return;
1120 dst_cmd->skip_update = 1;
1122 find_unique_abbrev_r(cmd_oldh, cmd->old_sha1, DEFAULT_ABBREV);
1124 find_unique_abbrev_r(cmd_newh, cmd->new_sha1, DEFAULT_ABBREV);
1125 find_unique_abbrev_r(dst_oldh, dst_cmd->old_sha1, DEFAULT_ABBREV);
1126 find_unique_abbrev_r(dst_newh, dst_cmd->new_sha1, DEFAULT_ABBREV);
1127 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1128 " its target '%s' (%s..%s)",
1129 cmd->ref_name, cmd_oldh, cmd_newh,
1130 dst_cmd->ref_name, dst_oldh, dst_newh);
1131 cmd->error_string = dst_cmd->error_string =
1133 "inconsistent aliased update";
1134}
1135static void check_aliased_updates(struct command *commands)
1137{
1138 struct command *cmd;
1139 struct string_list ref_list = STRING_LIST_INIT_NODUP;
1140 for (cmd = commands; cmd; cmd = cmd->next) {
1142 struct string_list_item *item =
1143 string_list_append(&ref_list, cmd->ref_name);
1144 item->util = (void *)cmd;
1145 }
1146 string_list_sort(&ref_list);
1147 for (cmd = commands; cmd; cmd = cmd->next) {
1149 if (!cmd->error_string)
1150 check_aliased_update(cmd, &ref_list);
1151 }
1152 string_list_clear(&ref_list, 0);
1154}
1155static int command_singleton_iterator(void *cb_data, unsigned char sha1[20])
1157{
1158 struct command **cmd_list = cb_data;
1159 struct command *cmd = *cmd_list;
1160 if (!cmd || is_null_sha1(cmd->new_sha1))
1162 return -1; /* end of list */
1163 *cmd_list = NULL; /* this returns only one */
1164 hashcpy(sha1, cmd->new_sha1);
1165 return 0;
1166}
1167static void set_connectivity_errors(struct command *commands,
1169 struct shallow_info *si)
1170{
1171 struct command *cmd;
1172 for (cmd = commands; cmd; cmd = cmd->next) {
1174 struct command *singleton = cmd;
1175 if (shallow_update && si->shallow_ref[cmd->index])
1176 /* to be checked in update_shallow_ref() */
1177 continue;
1178 if (!check_everything_connected(command_singleton_iterator,
1179 0, &singleton))
1180 continue;
1181 cmd->error_string = "missing necessary objects";
1182 }
1183}
1184struct iterate_data {
1186 struct command *cmds;
1187 struct shallow_info *si;
1188};
1189static int iterate_receive_command_list(void *cb_data, unsigned char sha1[20])
1191{
1192 struct iterate_data *data = cb_data;
1193 struct command **cmd_list = &data->cmds;
1194 struct command *cmd = *cmd_list;
1195 for (; cmd; cmd = cmd->next) {
1197 if (shallow_update && data->si->shallow_ref[cmd->index])
1198 /* to be checked in update_shallow_ref() */
1199 continue;
1200 if (!is_null_sha1(cmd->new_sha1) && !cmd->skip_update) {
1201 hashcpy(sha1, cmd->new_sha1);
1202 *cmd_list = cmd->next;
1203 return 0;
1204 }
1205 }
1206 *cmd_list = NULL;
1207 return -1; /* end of list */
1208}
1209static void reject_updates_to_hidden(struct command *commands)
1211{
1212 struct strbuf refname_full = STRBUF_INIT;
1213 size_t prefix_len;
1214 struct command *cmd;
1215 strbuf_addstr(&refname_full, get_git_namespace());
1217 prefix_len = refname_full.len;
1218 for (cmd = commands; cmd; cmd = cmd->next) {
1220 if (cmd->error_string)
1221 continue;
1222 strbuf_setlen(&refname_full, prefix_len);
1224 strbuf_addstr(&refname_full, cmd->ref_name);
1225 if (!ref_is_hidden(cmd->ref_name, refname_full.buf))
1227 continue;
1228 if (is_null_sha1(cmd->new_sha1))
1229 cmd->error_string = "deny deleting a hidden ref";
1230 else
1231 cmd->error_string = "deny updating a hidden ref";
1232 }
1233 strbuf_release(&refname_full);
1235}
1236static int should_process_cmd(struct command *cmd)
1238{
1239 return !cmd->error_string && !cmd->skip_update;
1240}
1241static void warn_if_skipped_connectivity_check(struct command *commands,
1243 struct shallow_info *si)
1244{
1245 struct command *cmd;
1246 int checked_connectivity = 1;
1247 for (cmd = commands; cmd; cmd = cmd->next) {
1249 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index]) {
1250 error("BUG: connectivity check has not been run on ref %s",
1251 cmd->ref_name);
1252 checked_connectivity = 0;
1253 }
1254 }
1255 if (!checked_connectivity)
1256 die("BUG: connectivity check skipped???");
1257}
1258static void execute_commands_non_atomic(struct command *commands,
1260 struct shallow_info *si)
1261{
1262 struct command *cmd;
1263 struct strbuf err = STRBUF_INIT;
1264 for (cmd = commands; cmd; cmd = cmd->next) {
1266 if (!should_process_cmd(cmd))
1267 continue;
1268 transaction = ref_transaction_begin(&err);
1270 if (!transaction) {
1271 rp_error("%s", err.buf);
1272 strbuf_reset(&err);
1273 cmd->error_string = "transaction failed to start";
1274 continue;
1275 }
1276 cmd->error_string = update(cmd, si);
1278 if (!cmd->error_string
1280 && ref_transaction_commit(transaction, &err)) {
1281 rp_error("%s", err.buf);
1282 strbuf_reset(&err);
1283 cmd->error_string = "failed to update ref";
1284 }
1285 ref_transaction_free(transaction);
1286 }
1287 strbuf_release(&err);
1288}
1289static void execute_commands_atomic(struct command *commands,
1291 struct shallow_info *si)
1292{
1293 struct command *cmd;
1294 struct strbuf err = STRBUF_INIT;
1295 const char *reported_error = "atomic push failure";
1296 transaction = ref_transaction_begin(&err);
1298 if (!transaction) {
1299 rp_error("%s", err.buf);
1300 strbuf_reset(&err);
1301 reported_error = "transaction failed to start";
1302 goto failure;
1303 }
1304 for (cmd = commands; cmd; cmd = cmd->next) {
1306 if (!should_process_cmd(cmd))
1307 continue;
1308 cmd->error_string = update(cmd, si);
1310 if (cmd->error_string)
1312 goto failure;
1313 }
1314 if (ref_transaction_commit(transaction, &err)) {
1316 rp_error("%s", err.buf);
1317 reported_error = "atomic transaction failed";
1318 goto failure;
1319 }
1320 goto cleanup;
1321failure:
1323 for (cmd = commands; cmd; cmd = cmd->next)
1324 if (!cmd->error_string)
1325 cmd->error_string = reported_error;
1326cleanup:
1328 ref_transaction_free(transaction);
1329 strbuf_release(&err);
1330}
1331static void execute_commands(struct command *commands,
1333 const char *unpacker_error,
1334 struct shallow_info *si,
1335 const struct string_list *push_options)
1336{
1337 struct command *cmd;
1338 unsigned char sha1[20];
1339 struct iterate_data data;
1340 if (unpacker_error) {
1342 for (cmd = commands; cmd; cmd = cmd->next)
1343 cmd->error_string = "unpacker error";
1344 return;
1345 }
1346 data.cmds = commands;
1348 data.si = si;
1349 if (check_everything_connected(iterate_receive_command_list, 0, &data))
1350 set_connectivity_errors(commands, si);
1351 reject_updates_to_hidden(commands);
1353 if (run_receive_hook(commands, "pre-receive", 0, push_options)) {
1355 for (cmd = commands; cmd; cmd = cmd->next) {
1356 if (!cmd->error_string)
1357 cmd->error_string = "pre-receive hook declined";
1358 }
1359 return;
1360 }
1361 check_aliased_updates(commands);
1363 free(head_name_to_free);
1365 head_name = head_name_to_free = resolve_refdup("HEAD", 0, sha1, NULL);
1366 if (use_atomic)
1368 execute_commands_atomic(commands, si);
1369 else
1370 execute_commands_non_atomic(commands, si);
1371 if (shallow_update)
1373 warn_if_skipped_connectivity_check(commands, si);
1374}
1375static struct command **queue_command(struct command **tail,
1377 const char *line,
1378 int linelen)
1379{
1380 unsigned char old_sha1[20], new_sha1[20];
1381 struct command *cmd;
1382 const char *refname;
1383 int reflen;
1384 if (linelen < 83 ||
1386 line[40] != ' ' ||
1387 line[81] != ' ' ||
1388 get_sha1_hex(line, old_sha1) ||
1389 get_sha1_hex(line + 41, new_sha1))
1390 die("protocol error: expected old/new/ref, got '%s'", line);
1391 refname = line + 82;
1393 reflen = linelen - 82;
1394 cmd = xcalloc(1, st_add3(sizeof(struct command), reflen, 1));
1395 hashcpy(cmd->old_sha1, old_sha1);
1396 hashcpy(cmd->new_sha1, new_sha1);
1397 memcpy(cmd->ref_name, refname, reflen);
1398 cmd->ref_name[reflen] = '\0';
1399 *tail = cmd;
1400 return &cmd->next;
1401}
1402static void queue_commands_from_cert(struct command **tail,
1404 struct strbuf *push_cert)
1405{
1406 const char *boc, *eoc;
1407 if (*tail)
1409 die("protocol error: got both push certificate and unsigned commands");
1410 boc = strstr(push_cert->buf, "\n\n");
1412 if (!boc)
1413 die("malformed push certificate %.*s", 100, push_cert->buf);
1414 else
1415 boc += 2;
1416 eoc = push_cert->buf + parse_signature(push_cert->buf, push_cert->len);
1417 while (boc < eoc) {
1419 const char *eol = memchr(boc, '\n', eoc - boc);
1420 tail = queue_command(tail, boc, eol ? eol - boc : eoc - eol);
1421 boc = eol ? eol + 1 : eoc;
1422 }
1423}
1424static struct command *read_head_info(struct sha1_array *shallow)
1426{
1427 struct command *commands = NULL;
1428 struct command **p = &commands;
1429 for (;;) {
1430 char *line;
1431 int len, linelen;
1432 line = packet_read_line(0, &len);
1434 if (!line)
1435 break;
1436 if (len == 48 && starts_with(line, "shallow ")) {
1438 unsigned char sha1[20];
1439 if (get_sha1_hex(line + 8, sha1))
1440 die("protocol error: expected shallow sha, got '%s'",
1441 line + 8);
1442 sha1_array_append(shallow, sha1);
1443 continue;
1444 }
1445 linelen = strlen(line);
1447 if (linelen < len) {
1448 const char *feature_list = line + linelen + 1;
1449 if (parse_feature_request(feature_list, "report-status"))
1450 report_status = 1;
1451 if (parse_feature_request(feature_list, "side-band-64k"))
1452 use_sideband = LARGE_PACKET_MAX;
1453 if (parse_feature_request(feature_list, "quiet"))
1454 quiet = 1;
1455 if (advertise_atomic_push
1456 && parse_feature_request(feature_list, "atomic"))
1457 use_atomic = 1;
1458 }
1459 if (!strcmp(line, "push-cert")) {
1461 int true_flush = 0;
1462 char certbuf[1024];
1463 for (;;) {
1465 len = packet_read(0, NULL, NULL,
1466 certbuf, sizeof(certbuf), 0);
1467 if (!len) {
1468 true_flush = 1;
1469 break;
1470 }
1471 if (!strcmp(certbuf, "push-cert-end\n"))
1472 break; /* end of cert */
1473 strbuf_addstr(&push_cert, certbuf);
1474 }
1475 if (true_flush)
1477 break;
1478 continue;
1479 }
1480 p = queue_command(p, line, linelen);
1482 }
1483 if (push_cert.len)
1485 queue_commands_from_cert(p, &push_cert);
1486 return commands;
1488}
1489static const char *parse_pack_header(struct pack_header *hdr)
1491{
1492 switch (read_pack_header(0, hdr)) {
1493 case PH_ERROR_EOF:
1494 return "eof before pack header was fully read";
1495 case PH_ERROR_PACK_SIGNATURE:
1497 return "protocol error (pack signature mismatch detected)";
1498 case PH_ERROR_PROTOCOL:
1500 return "protocol error (pack version unsupported)";
1501 default:
1503 return "unknown error in parse_pack_header";
1504 case 0:
1506 return NULL;
1507 }
1508}
1509static const char *pack_lockfile;
1511static const char *unpack(int err_fd, struct shallow_info *si)
1513{
1514 struct pack_header hdr;
1515 const char *hdr_err;
1516 int status;
1517 char hdr_arg[38];
1518 struct child_process child = CHILD_PROCESS_INIT;
1519 int fsck_objects = (receive_fsck_objects >= 0
1520 ? receive_fsck_objects
1521 : transfer_fsck_objects >= 0
1522 ? transfer_fsck_objects
1523 : 0);
1524 hdr_err = parse_pack_header(&hdr);
1526 if (hdr_err) {
1527 if (err_fd > 0)
1528 close(err_fd);
1529 return hdr_err;
1530 }
1531 snprintf(hdr_arg, sizeof(hdr_arg),
1532 "--pack_header=%"PRIu32",%"PRIu32,
1533 ntohl(hdr.hdr_version), ntohl(hdr.hdr_entries));
1534 if (si->nr_ours || si->nr_theirs) {
1536 alt_shallow_file = setup_temporary_shallow(si->shallow);
1537 argv_array_push(&child.args, "--shallow-file");
1538 argv_array_push(&child.args, alt_shallow_file);
1539 }
1540 if (ntohl(hdr.hdr_entries) < unpack_limit) {
1542 argv_array_pushl(&child.args, "unpack-objects", hdr_arg, NULL);
1543 if (quiet)
1544 argv_array_push(&child.args, "-q");
1545 if (fsck_objects)
1546 argv_array_pushf(&child.args, "--strict%s",
1547 fsck_msg_types.buf);
1548 child.no_stdout = 1;
1549 child.err = err_fd;
1550 child.git_cmd = 1;
1551 status = run_command(&child);
1552 if (status)
1553 return "unpack-objects abnormal exit";
1554 } else {
1555 char hostname[256];
1556 argv_array_pushl(&child.args, "index-pack",
1558 "--stdin", hdr_arg, NULL);
1559 if (gethostname(hostname, sizeof(hostname)))
1561 xsnprintf(hostname, sizeof(hostname), "localhost");
1562 argv_array_pushf(&child.args,
1563 "--keep=receive-pack %"PRIuMAX" on %s",
1564 (uintmax_t)getpid(),
1565 hostname);
1566 if (fsck_objects)
1568 argv_array_pushf(&child.args, "--strict%s",
1569 fsck_msg_types.buf);
1570 if (!reject_thin)
1571 argv_array_push(&child.args, "--fix-thin");
1572 child.out = -1;
1573 child.err = err_fd;
1574 child.git_cmd = 1;
1575 status = start_command(&child);
1576 if (status)
1577 return "index-pack fork failed";
1578 pack_lockfile = index_pack_lockfile(child.out);
1579 close(child.out);
1580 status = finish_command(&child);
1581 if (status)
1582 return "index-pack abnormal exit";
1583 reprepare_packed_git();
1584 }
1585 return NULL;
1586}
1587static const char *unpack_with_sideband(struct shallow_info *si)
1589{
1590 struct async muxer;
1591 const char *ret;
1592 if (!use_sideband)
1594 return unpack(0, si);
1595 memset(&muxer, 0, sizeof(muxer));
1597 muxer.proc = copy_to_sideband;
1598 muxer.in = -1;
1599 if (start_async(&muxer))
1600 return NULL;
1601 ret = unpack(muxer.in, si);
1603 finish_async(&muxer);
1605 return ret;
1606}
1607static void prepare_shallow_update(struct command *commands,
1609 struct shallow_info *si)
1610{
1611 int i, j, k, bitmap_size = (si->ref->nr + 31) / 32;
1612 ALLOC_ARRAY(si->used_shallow, si->shallow->nr);
1614 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
1615 si->need_reachability_test =
1617 xcalloc(si->shallow->nr, sizeof(*si->need_reachability_test));
1618 si->reachable =
1619 xcalloc(si->shallow->nr, sizeof(*si->reachable));
1620 si->shallow_ref = xcalloc(si->ref->nr, sizeof(*si->shallow_ref));
1621 for (i = 0; i < si->nr_ours; i++)
1623 si->need_reachability_test[si->ours[i]] = 1;
1624 for (i = 0; i < si->shallow->nr; i++) {
1626 if (!si->used_shallow[i])
1627 continue;
1628 for (j = 0; j < bitmap_size; j++) {
1629 if (!si->used_shallow[i][j])
1630 continue;
1631 si->need_reachability_test[i]++;
1632 for (k = 0; k < 32; k++)
1633 if (si->used_shallow[i][j] & (1U << k))
1634 si->shallow_ref[j * 32 + k]++;
1635 }
1636 /*
1638 * true for those associated with some refs and belong
1639 * in "ours" list aka "step 7 not done yet"
1640 */
1641 si->need_reachability_test[i] =
1642 si->need_reachability_test[i] > 1;
1643 }
1644 /*
1646 * keep hooks happy by forcing a temporary shallow file via
1647 * env variable because we can't add --shallow-file to every
1648 * command. check_everything_connected() will be done with
1649 * true .git/shallow though.
1650 */
1651 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
1652}
1653static void update_shallow_info(struct command *commands,
1655 struct shallow_info *si,
1656 struct sha1_array *ref)
1657{
1658 struct command *cmd;
1659 int *ref_status;
1660 remove_nonexistent_theirs_shallow(si);
1661 if (!si->nr_ours && !si->nr_theirs) {
1662 shallow_update = 0;
1663 return;
1664 }
1665 for (cmd = commands; cmd; cmd = cmd->next) {
1667 if (is_null_sha1(cmd->new_sha1))
1668 continue;
1669 sha1_array_append(ref, cmd->new_sha1);
1670 cmd->index = ref->nr - 1;
1671 }
1672 si->ref = ref;
1673 if (shallow_update) {
1675 prepare_shallow_update(commands, si);
1676 return;
1677 }
1678 ALLOC_ARRAY(ref_status, ref->nr);
1680 assign_shallow_commits_to_refs(si, NULL, ref_status);
1681 for (cmd = commands; cmd; cmd = cmd->next) {
1682 if (is_null_sha1(cmd->new_sha1))
1683 continue;
1684 if (ref_status[cmd->index]) {
1685 cmd->error_string = "shallow update not allowed";
1686 cmd->skip_update = 1;
1687 }
1688 }
1689 free(ref_status);
1690}
1691static void report(struct command *commands, const char *unpack_status)
1693{
1694 struct command *cmd;
1695 struct strbuf buf = STRBUF_INIT;
1696 packet_buf_write(&buf, "unpack %s\n",
1698 unpack_status ? unpack_status : "ok");
1699 for (cmd = commands; cmd; cmd = cmd->next) {
1700 if (!cmd->error_string)
1701 packet_buf_write(&buf, "ok %s\n",
1702 cmd->ref_name);
1703 else
1704 packet_buf_write(&buf, "ng %s %s\n",
1705 cmd->ref_name, cmd->error_string);
1706 }
1707 packet_buf_flush(&buf);
1708 if (use_sideband)
1710 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
1711 else
1712 write_or_die(1, buf.buf, buf.len);
1713 strbuf_release(&buf);
1714}
1715static int delete_only(struct command *commands)
1717{
1718 struct command *cmd;
1719 for (cmd = commands; cmd; cmd = cmd->next) {
1720 if (!is_null_sha1(cmd->new_sha1))
1721 return 0;
1722 }
1723 return 1;
1724}
1725int cmd_receive_pack(int argc, const char **argv, const char *prefix)
1727{
1728 int advertise_refs = 0;
1729 struct command *commands;
1730 struct sha1_array shallow = SHA1_ARRAY_INIT;
1731 struct sha1_array ref = SHA1_ARRAY_INIT;
1732 struct shallow_info si;
1733 struct option options[] = {
1735 OPT__QUIET(&quiet, N_("quiet")),
1736 OPT_HIDDEN_BOOL(0, "stateless-rpc", &stateless_rpc, NULL),
1737 OPT_HIDDEN_BOOL(0, "advertise-refs", &advertise_refs, NULL),
1738 OPT_HIDDEN_BOOL(0, "reject-thin-pack-for-testing", &reject_thin, NULL),
1739 OPT_END()
1740 };
1741 packet_trace_identity("receive-pack");
1743 argc = parse_options(argc, argv, prefix, options, receive_pack_usage, 0);
1745 if (argc > 1)
1747 usage_msg_opt(_("Too many arguments."), receive_pack_usage, options);
1748 if (argc == 0)
1749 usage_msg_opt(_("You must specify a directory."), receive_pack_usage, options);
1750 service_dir = argv[0];
1752 setup_path();
1754 if (!enter_repo(service_dir, 0))
1756 die("'%s' does not appear to be a git repository", service_dir);
1757 git_config(receive_pack_config, NULL);
1759 if (cert_nonce_seed)
1760 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
1761 if (0 <= transfer_unpack_limit)
1763 unpack_limit = transfer_unpack_limit;
1764 else if (0 <= receive_unpack_limit)
1765 unpack_limit = receive_unpack_limit;
1766 if (advertise_refs || !stateless_rpc) {
1768 write_head_info();
1769 }
1770 if (advertise_refs)
1771 return 0;
1772 if ((commands = read_head_info(&shallow)) != NULL) {
1774 const char *unpack_status = NULL;
1775 struct string_list push_options = STRING_LIST_INIT_DUP;
1776 prepare_shallow_info(&si, &shallow);
1778 if (!si.nr_ours && !si.nr_theirs)
1779 shallow_update = 0;
1780 if (!delete_only(commands)) {
1781 unpack_status = unpack_with_sideband(&si);
1782 update_shallow_info(commands, &si, &ref);
1783 }
1784 execute_commands(commands, unpack_status, &si,
1785 &push_options);
1786 if (pack_lockfile)
1787 unlink_or_warn(pack_lockfile);
1788 if (report_status)
1789 report(commands, unpack_status);
1790 run_receive_hook(commands, "post-receive", 1,
1791 &push_options);
1792 run_update_post_hook(commands);
1793 if (push_options.nr)
1794 string_list_clear(&push_options, 0);
1795 if (auto_gc) {
1796 const char *argv_gc_auto[] = {
1797 "gc", "--auto", "--quiet", NULL,
1798 };
1799 struct child_process proc = CHILD_PROCESS_INIT;
1800 proc.no_stdin = 1;
1802 proc.stdout_to_stderr = 1;
1803 proc.err = use_sideband ? -1 : 0;
1804 proc.git_cmd = 1;
1805 proc.argv = argv_gc_auto;
1806 close_all_packs();
1808 if (!start_command(&proc)) {
1809 if (use_sideband)
1810 copy_to_sideband(proc.err, -1, NULL);
1811 finish_command(&proc);
1812 }
1813 }
1814 if (auto_update_server_info)
1815 update_server_info(0);
1816 clear_shallow_info(&si);
1817 }
1818 if (use_sideband)
1819 packet_flush(1);
1820 sha1_array_clear(&shallow);
1821 sha1_array_clear(&ref);
1822 free((void *)push_cert_nonce);
1823 return 0;
1824}