connect.con commit send-email: explicitly disable authentication (8dd9b3f)
   1#include "git-compat-util.h"
   2#include "cache.h"
   3#include "config.h"
   4#include "pkt-line.h"
   5#include "quote.h"
   6#include "refs.h"
   7#include "run-command.h"
   8#include "remote.h"
   9#include "connect.h"
  10#include "url.h"
  11#include "string-list.h"
  12#include "sha1-array.h"
  13#include "transport.h"
  14#include "strbuf.h"
  15#include "version.h"
  16#include "protocol.h"
  17#include "alias.h"
  18
  19static char *server_capabilities_v1;
  20static struct argv_array server_capabilities_v2 = ARGV_ARRAY_INIT;
  21static const char *parse_feature_value(const char *, const char *, int *);
  22
  23static int check_ref(const char *name, unsigned int flags)
  24{
  25        if (!flags)
  26                return 1;
  27
  28        if (!skip_prefix(name, "refs/", &name))
  29                return 0;
  30
  31        /* REF_NORMAL means that we don't want the magic fake tag refs */
  32        if ((flags & REF_NORMAL) && check_refname_format(name, 0))
  33                return 0;
  34
  35        /* REF_HEADS means that we want regular branch heads */
  36        if ((flags & REF_HEADS) && starts_with(name, "heads/"))
  37                return 1;
  38
  39        /* REF_TAGS means that we want tags */
  40        if ((flags & REF_TAGS) && starts_with(name, "tags/"))
  41                return 1;
  42
  43        /* All type bits clear means that we are ok with anything */
  44        return !(flags & ~REF_NORMAL);
  45}
  46
  47int check_ref_type(const struct ref *ref, int flags)
  48{
  49        return check_ref(ref->name, flags);
  50}
  51
  52static NORETURN void die_initial_contact(int unexpected)
  53{
  54        /*
  55         * A hang-up after seeing some response from the other end
  56         * means that it is unexpected, as we know the other end is
  57         * willing to talk to us.  A hang-up before seeing any
  58         * response does not necessarily mean an ACL problem, though.
  59         */
  60        if (unexpected)
  61                die(_("the remote end hung up upon initial contact"));
  62        else
  63                die(_("Could not read from remote repository.\n\n"
  64                      "Please make sure you have the correct access rights\n"
  65                      "and the repository exists."));
  66}
  67
  68/* Checks if the server supports the capability 'c' */
  69int server_supports_v2(const char *c, int die_on_error)
  70{
  71        int i;
  72
  73        for (i = 0; i < server_capabilities_v2.argc; i++) {
  74                const char *out;
  75                if (skip_prefix(server_capabilities_v2.argv[i], c, &out) &&
  76                    (!*out || *out == '='))
  77                        return 1;
  78        }
  79
  80        if (die_on_error)
  81                die(_("server doesn't support '%s'"), c);
  82
  83        return 0;
  84}
  85
  86int server_supports_feature(const char *c, const char *feature,
  87                            int die_on_error)
  88{
  89        int i;
  90
  91        for (i = 0; i < server_capabilities_v2.argc; i++) {
  92                const char *out;
  93                if (skip_prefix(server_capabilities_v2.argv[i], c, &out) &&
  94                    (!*out || *(out++) == '=')) {
  95                        if (parse_feature_request(out, feature))
  96                                return 1;
  97                        else
  98                                break;
  99                }
 100        }
 101
 102        if (die_on_error)
 103                die(_("server doesn't support feature '%s'"), feature);
 104
 105        return 0;
 106}
 107
 108static void process_capabilities_v2(struct packet_reader *reader)
 109{
 110        while (packet_reader_read(reader) == PACKET_READ_NORMAL)
 111                argv_array_push(&server_capabilities_v2, reader->line);
 112
 113        if (reader->status != PACKET_READ_FLUSH)
 114                die(_("expected flush after capabilities"));
 115}
 116
 117enum protocol_version discover_version(struct packet_reader *reader)
 118{
 119        enum protocol_version version = protocol_unknown_version;
 120
 121        /*
 122         * Peek the first line of the server's response to
 123         * determine the protocol version the server is speaking.
 124         */
 125        switch (packet_reader_peek(reader)) {
 126        case PACKET_READ_EOF:
 127                die_initial_contact(0);
 128        case PACKET_READ_FLUSH:
 129        case PACKET_READ_DELIM:
 130                version = protocol_v0;
 131                break;
 132        case PACKET_READ_NORMAL:
 133                version = determine_protocol_version_client(reader->line);
 134                break;
 135        }
 136
 137        switch (version) {
 138        case protocol_v2:
 139                process_capabilities_v2(reader);
 140                break;
 141        case protocol_v1:
 142                /* Read the peeked version line */
 143                packet_reader_read(reader);
 144                break;
 145        case protocol_v0:
 146                break;
 147        case protocol_unknown_version:
 148                BUG("unknown protocol version");
 149        }
 150
 151        return version;
 152}
 153
 154static void parse_one_symref_info(struct string_list *symref, const char *val, int len)
 155{
 156        char *sym, *target;
 157        struct string_list_item *item;
 158
 159        if (!len)
 160                return; /* just "symref" */
 161        /* e.g. "symref=HEAD:refs/heads/master" */
 162        sym = xmemdupz(val, len);
 163        target = strchr(sym, ':');
 164        if (!target)
 165                /* just "symref=something" */
 166                goto reject;
 167        *(target++) = '\0';
 168        if (check_refname_format(sym, REFNAME_ALLOW_ONELEVEL) ||
 169            check_refname_format(target, REFNAME_ALLOW_ONELEVEL))
 170                /* "symref=bogus:pair */
 171                goto reject;
 172        item = string_list_append_nodup(symref, sym);
 173        item->util = target;
 174        return;
 175reject:
 176        free(sym);
 177        return;
 178}
 179
 180static void annotate_refs_with_symref_info(struct ref *ref)
 181{
 182        struct string_list symref = STRING_LIST_INIT_DUP;
 183        const char *feature_list = server_capabilities_v1;
 184
 185        while (feature_list) {
 186                int len;
 187                const char *val;
 188
 189                val = parse_feature_value(feature_list, "symref", &len);
 190                if (!val)
 191                        break;
 192                parse_one_symref_info(&symref, val, len);
 193                feature_list = val + 1;
 194        }
 195        string_list_sort(&symref);
 196
 197        for (; ref; ref = ref->next) {
 198                struct string_list_item *item;
 199                item = string_list_lookup(&symref, ref->name);
 200                if (!item)
 201                        continue;
 202                ref->symref = xstrdup((char *)item->util);
 203        }
 204        string_list_clear(&symref, 0);
 205}
 206
 207static void process_capabilities(const char *line, int *len)
 208{
 209        int nul_location = strlen(line);
 210        if (nul_location == *len)
 211                return;
 212        server_capabilities_v1 = xstrdup(line + nul_location + 1);
 213        *len = nul_location;
 214}
 215
 216static int process_dummy_ref(const char *line)
 217{
 218        struct object_id oid;
 219        const char *name;
 220
 221        if (parse_oid_hex(line, &oid, &name))
 222                return 0;
 223        if (*name != ' ')
 224                return 0;
 225        name++;
 226
 227        return oideq(&null_oid, &oid) && !strcmp(name, "capabilities^{}");
 228}
 229
 230static void check_no_capabilities(const char *line, int len)
 231{
 232        if (strlen(line) != len)
 233                warning(_("ignoring capabilities after first line '%s'"),
 234                        line + strlen(line));
 235}
 236
 237static int process_ref(const char *line, int len, struct ref ***list,
 238                       unsigned int flags, struct oid_array *extra_have)
 239{
 240        struct object_id old_oid;
 241        const char *name;
 242
 243        if (parse_oid_hex(line, &old_oid, &name))
 244                return 0;
 245        if (*name != ' ')
 246                return 0;
 247        name++;
 248
 249        if (extra_have && !strcmp(name, ".have")) {
 250                oid_array_append(extra_have, &old_oid);
 251        } else if (!strcmp(name, "capabilities^{}")) {
 252                die(_("protocol error: unexpected capabilities^{}"));
 253        } else if (check_ref(name, flags)) {
 254                struct ref *ref = alloc_ref(name);
 255                oidcpy(&ref->old_oid, &old_oid);
 256                **list = ref;
 257                *list = &ref->next;
 258        }
 259        check_no_capabilities(line, len);
 260        return 1;
 261}
 262
 263static int process_shallow(const char *line, int len,
 264                           struct oid_array *shallow_points)
 265{
 266        const char *arg;
 267        struct object_id old_oid;
 268
 269        if (!skip_prefix(line, "shallow ", &arg))
 270                return 0;
 271
 272        if (get_oid_hex(arg, &old_oid))
 273                die(_("protocol error: expected shallow sha-1, got '%s'"), arg);
 274        if (!shallow_points)
 275                die(_("repository on the other end cannot be shallow"));
 276        oid_array_append(shallow_points, &old_oid);
 277        check_no_capabilities(line, len);
 278        return 1;
 279}
 280
 281enum get_remote_heads_state {
 282        EXPECTING_FIRST_REF = 0,
 283        EXPECTING_REF,
 284        EXPECTING_SHALLOW,
 285        EXPECTING_DONE,
 286};
 287
 288/*
 289 * Read all the refs from the other end
 290 */
 291struct ref **get_remote_heads(struct packet_reader *reader,
 292                              struct ref **list, unsigned int flags,
 293                              struct oid_array *extra_have,
 294                              struct oid_array *shallow_points)
 295{
 296        struct ref **orig_list = list;
 297        int len = 0;
 298        enum get_remote_heads_state state = EXPECTING_FIRST_REF;
 299        const char *arg;
 300
 301        *list = NULL;
 302
 303        while (state != EXPECTING_DONE) {
 304                switch (packet_reader_read(reader)) {
 305                case PACKET_READ_EOF:
 306                        die_initial_contact(1);
 307                case PACKET_READ_NORMAL:
 308                        len = reader->pktlen;
 309                        if (len > 4 && skip_prefix(reader->line, "ERR ", &arg))
 310                                die(_("remote error: %s"), arg);
 311                        break;
 312                case PACKET_READ_FLUSH:
 313                        state = EXPECTING_DONE;
 314                        break;
 315                case PACKET_READ_DELIM:
 316                        die(_("invalid packet"));
 317                }
 318
 319                switch (state) {
 320                case EXPECTING_FIRST_REF:
 321                        process_capabilities(reader->line, &len);
 322                        if (process_dummy_ref(reader->line)) {
 323                                state = EXPECTING_SHALLOW;
 324                                break;
 325                        }
 326                        state = EXPECTING_REF;
 327                        /* fallthrough */
 328                case EXPECTING_REF:
 329                        if (process_ref(reader->line, len, &list, flags, extra_have))
 330                                break;
 331                        state = EXPECTING_SHALLOW;
 332                        /* fallthrough */
 333                case EXPECTING_SHALLOW:
 334                        if (process_shallow(reader->line, len, shallow_points))
 335                                break;
 336                        die(_("protocol error: unexpected '%s'"), reader->line);
 337                case EXPECTING_DONE:
 338                        break;
 339                }
 340        }
 341
 342        annotate_refs_with_symref_info(*orig_list);
 343
 344        return list;
 345}
 346
 347/* Returns 1 when a valid ref has been added to `list`, 0 otherwise */
 348static int process_ref_v2(const char *line, struct ref ***list)
 349{
 350        int ret = 1;
 351        int i = 0;
 352        struct object_id old_oid;
 353        struct ref *ref;
 354        struct string_list line_sections = STRING_LIST_INIT_DUP;
 355        const char *end;
 356
 357        /*
 358         * Ref lines have a number of fields which are space deliminated.  The
 359         * first field is the OID of the ref.  The second field is the ref
 360         * name.  Subsequent fields (symref-target and peeled) are optional and
 361         * don't have a particular order.
 362         */
 363        if (string_list_split(&line_sections, line, ' ', -1) < 2) {
 364                ret = 0;
 365                goto out;
 366        }
 367
 368        if (parse_oid_hex(line_sections.items[i++].string, &old_oid, &end) ||
 369            *end) {
 370                ret = 0;
 371                goto out;
 372        }
 373
 374        ref = alloc_ref(line_sections.items[i++].string);
 375
 376        oidcpy(&ref->old_oid, &old_oid);
 377        **list = ref;
 378        *list = &ref->next;
 379
 380        for (; i < line_sections.nr; i++) {
 381                const char *arg = line_sections.items[i].string;
 382                if (skip_prefix(arg, "symref-target:", &arg))
 383                        ref->symref = xstrdup(arg);
 384
 385                if (skip_prefix(arg, "peeled:", &arg)) {
 386                        struct object_id peeled_oid;
 387                        char *peeled_name;
 388                        struct ref *peeled;
 389                        if (parse_oid_hex(arg, &peeled_oid, &end) || *end) {
 390                                ret = 0;
 391                                goto out;
 392                        }
 393
 394                        peeled_name = xstrfmt("%s^{}", ref->name);
 395                        peeled = alloc_ref(peeled_name);
 396
 397                        oidcpy(&peeled->old_oid, &peeled_oid);
 398                        **list = peeled;
 399                        *list = &peeled->next;
 400
 401                        free(peeled_name);
 402                }
 403        }
 404
 405out:
 406        string_list_clear(&line_sections, 0);
 407        return ret;
 408}
 409
 410struct ref **get_remote_refs(int fd_out, struct packet_reader *reader,
 411                             struct ref **list, int for_push,
 412                             const struct argv_array *ref_prefixes,
 413                             const struct string_list *server_options)
 414{
 415        int i;
 416        *list = NULL;
 417
 418        if (server_supports_v2("ls-refs", 1))
 419                packet_write_fmt(fd_out, "command=ls-refs\n");
 420
 421        if (server_supports_v2("agent", 0))
 422                packet_write_fmt(fd_out, "agent=%s", git_user_agent_sanitized());
 423
 424        if (server_options && server_options->nr &&
 425            server_supports_v2("server-option", 1))
 426                for (i = 0; i < server_options->nr; i++)
 427                        packet_write_fmt(fd_out, "server-option=%s",
 428                                         server_options->items[i].string);
 429
 430        packet_delim(fd_out);
 431        /* When pushing we don't want to request the peeled tags */
 432        if (!for_push)
 433                packet_write_fmt(fd_out, "peel\n");
 434        packet_write_fmt(fd_out, "symrefs\n");
 435        for (i = 0; ref_prefixes && i < ref_prefixes->argc; i++) {
 436                packet_write_fmt(fd_out, "ref-prefix %s\n",
 437                                 ref_prefixes->argv[i]);
 438        }
 439        packet_flush(fd_out);
 440
 441        /* Process response from server */
 442        while (packet_reader_read(reader) == PACKET_READ_NORMAL) {
 443                if (!process_ref_v2(reader->line, &list))
 444                        die(_("invalid ls-refs response: %s"), reader->line);
 445        }
 446
 447        if (reader->status != PACKET_READ_FLUSH)
 448                die(_("expected flush after ref listing"));
 449
 450        return list;
 451}
 452
 453static const char *parse_feature_value(const char *feature_list, const char *feature, int *lenp)
 454{
 455        int len;
 456
 457        if (!feature_list)
 458                return NULL;
 459
 460        len = strlen(feature);
 461        while (*feature_list) {
 462                const char *found = strstr(feature_list, feature);
 463                if (!found)
 464                        return NULL;
 465                if (feature_list == found || isspace(found[-1])) {
 466                        const char *value = found + len;
 467                        /* feature with no value (e.g., "thin-pack") */
 468                        if (!*value || isspace(*value)) {
 469                                if (lenp)
 470                                        *lenp = 0;
 471                                return value;
 472                        }
 473                        /* feature with a value (e.g., "agent=git/1.2.3") */
 474                        else if (*value == '=') {
 475                                value++;
 476                                if (lenp)
 477                                        *lenp = strcspn(value, " \t\n");
 478                                return value;
 479                        }
 480                        /*
 481                         * otherwise we matched a substring of another feature;
 482                         * keep looking
 483                         */
 484                }
 485                feature_list = found + 1;
 486        }
 487        return NULL;
 488}
 489
 490int parse_feature_request(const char *feature_list, const char *feature)
 491{
 492        return !!parse_feature_value(feature_list, feature, NULL);
 493}
 494
 495const char *server_feature_value(const char *feature, int *len)
 496{
 497        return parse_feature_value(server_capabilities_v1, feature, len);
 498}
 499
 500int server_supports(const char *feature)
 501{
 502        return !!server_feature_value(feature, NULL);
 503}
 504
 505enum protocol {
 506        PROTO_LOCAL = 1,
 507        PROTO_FILE,
 508        PROTO_SSH,
 509        PROTO_GIT
 510};
 511
 512int url_is_local_not_ssh(const char *url)
 513{
 514        const char *colon = strchr(url, ':');
 515        const char *slash = strchr(url, '/');
 516        return !colon || (slash && slash < colon) ||
 517                has_dos_drive_prefix(url);
 518}
 519
 520static const char *prot_name(enum protocol protocol)
 521{
 522        switch (protocol) {
 523                case PROTO_LOCAL:
 524                case PROTO_FILE:
 525                        return "file";
 526                case PROTO_SSH:
 527                        return "ssh";
 528                case PROTO_GIT:
 529                        return "git";
 530                default:
 531                        return "unknown protocol";
 532        }
 533}
 534
 535static enum protocol get_protocol(const char *name)
 536{
 537        if (!strcmp(name, "ssh"))
 538                return PROTO_SSH;
 539        if (!strcmp(name, "git"))
 540                return PROTO_GIT;
 541        if (!strcmp(name, "git+ssh")) /* deprecated - do not use */
 542                return PROTO_SSH;
 543        if (!strcmp(name, "ssh+git")) /* deprecated - do not use */
 544                return PROTO_SSH;
 545        if (!strcmp(name, "file"))
 546                return PROTO_FILE;
 547        die(_("protocol '%s' is not supported"), name);
 548}
 549
 550static char *host_end(char **hoststart, int removebrackets)
 551{
 552        char *host = *hoststart;
 553        char *end;
 554        char *start = strstr(host, "@[");
 555        if (start)
 556                start++; /* Jump over '@' */
 557        else
 558                start = host;
 559        if (start[0] == '[') {
 560                end = strchr(start + 1, ']');
 561                if (end) {
 562                        if (removebrackets) {
 563                                *end = 0;
 564                                memmove(start, start + 1, end - start);
 565                                end++;
 566                        }
 567                } else
 568                        end = host;
 569        } else
 570                end = host;
 571        return end;
 572}
 573
 574#define STR_(s) # s
 575#define STR(s)  STR_(s)
 576
 577static void get_host_and_port(char **host, const char **port)
 578{
 579        char *colon, *end;
 580        end = host_end(host, 1);
 581        colon = strchr(end, ':');
 582        if (colon) {
 583                long portnr = strtol(colon + 1, &end, 10);
 584                if (end != colon + 1 && *end == '\0' && 0 <= portnr && portnr < 65536) {
 585                        *colon = 0;
 586                        *port = colon + 1;
 587                } else if (!colon[1]) {
 588                        *colon = 0;
 589                }
 590        }
 591}
 592
 593static void enable_keepalive(int sockfd)
 594{
 595        int ka = 1;
 596
 597        if (setsockopt(sockfd, SOL_SOCKET, SO_KEEPALIVE, &ka, sizeof(ka)) < 0)
 598                error_errno(_("unable to set SO_KEEPALIVE on socket"));
 599}
 600
 601#ifndef NO_IPV6
 602
 603static const char *ai_name(const struct addrinfo *ai)
 604{
 605        static char addr[NI_MAXHOST];
 606        if (getnameinfo(ai->ai_addr, ai->ai_addrlen, addr, sizeof(addr), NULL, 0,
 607                        NI_NUMERICHOST) != 0)
 608                xsnprintf(addr, sizeof(addr), "(unknown)");
 609
 610        return addr;
 611}
 612
 613/*
 614 * Returns a connected socket() fd, or else die()s.
 615 */
 616static int git_tcp_connect_sock(char *host, int flags)
 617{
 618        struct strbuf error_message = STRBUF_INIT;
 619        int sockfd = -1;
 620        const char *port = STR(DEFAULT_GIT_PORT);
 621        struct addrinfo hints, *ai0, *ai;
 622        int gai;
 623        int cnt = 0;
 624
 625        get_host_and_port(&host, &port);
 626        if (!*port)
 627                port = "<none>";
 628
 629        memset(&hints, 0, sizeof(hints));
 630        if (flags & CONNECT_IPV4)
 631                hints.ai_family = AF_INET;
 632        else if (flags & CONNECT_IPV6)
 633                hints.ai_family = AF_INET6;
 634        hints.ai_socktype = SOCK_STREAM;
 635        hints.ai_protocol = IPPROTO_TCP;
 636
 637        if (flags & CONNECT_VERBOSE)
 638                fprintf(stderr, _("Looking up %s ... "), host);
 639
 640        gai = getaddrinfo(host, port, &hints, &ai);
 641        if (gai)
 642                die(_("unable to look up %s (port %s) (%s)"), host, port, gai_strerror(gai));
 643
 644        if (flags & CONNECT_VERBOSE)
 645                /* TRANSLATORS: this is the end of "Looking up %s ... " */
 646                fprintf(stderr, _("done.\nConnecting to %s (port %s) ... "), host, port);
 647
 648        for (ai0 = ai; ai; ai = ai->ai_next, cnt++) {
 649                sockfd = socket(ai->ai_family,
 650                                ai->ai_socktype, ai->ai_protocol);
 651                if ((sockfd < 0) ||
 652                    (connect(sockfd, ai->ai_addr, ai->ai_addrlen) < 0)) {
 653                        strbuf_addf(&error_message, "%s[%d: %s]: errno=%s\n",
 654                                    host, cnt, ai_name(ai), strerror(errno));
 655                        if (0 <= sockfd)
 656                                close(sockfd);
 657                        sockfd = -1;
 658                        continue;
 659                }
 660                if (flags & CONNECT_VERBOSE)
 661                        fprintf(stderr, "%s ", ai_name(ai));
 662                break;
 663        }
 664
 665        freeaddrinfo(ai0);
 666
 667        if (sockfd < 0)
 668                die(_("unable to connect to %s:\n%s"), host, error_message.buf);
 669
 670        enable_keepalive(sockfd);
 671
 672        if (flags & CONNECT_VERBOSE)
 673                /* TRANSLATORS: this is the end of "Connecting to %s (port %s) ... " */
 674                fprintf_ln(stderr, _("done."));
 675
 676        strbuf_release(&error_message);
 677
 678        return sockfd;
 679}
 680
 681#else /* NO_IPV6 */
 682
 683/*
 684 * Returns a connected socket() fd, or else die()s.
 685 */
 686static int git_tcp_connect_sock(char *host, int flags)
 687{
 688        struct strbuf error_message = STRBUF_INIT;
 689        int sockfd = -1;
 690        const char *port = STR(DEFAULT_GIT_PORT);
 691        char *ep;
 692        struct hostent *he;
 693        struct sockaddr_in sa;
 694        char **ap;
 695        unsigned int nport;
 696        int cnt;
 697
 698        get_host_and_port(&host, &port);
 699
 700        if (flags & CONNECT_VERBOSE)
 701                fprintf(stderr, _("Looking up %s ... "), host);
 702
 703        he = gethostbyname(host);
 704        if (!he)
 705                die(_("unable to look up %s (%s)"), host, hstrerror(h_errno));
 706        nport = strtoul(port, &ep, 10);
 707        if ( ep == port || *ep ) {
 708                /* Not numeric */
 709                struct servent *se = getservbyname(port,"tcp");
 710                if ( !se )
 711                        die(_("unknown port %s"), port);
 712                nport = se->s_port;
 713        }
 714
 715        if (flags & CONNECT_VERBOSE)
 716                /* TRANSLATORS: this is the end of "Looking up %s ... " */
 717                fprintf(stderr, _("done.\nConnecting to %s (port %s) ... "), host, port);
 718
 719        for (cnt = 0, ap = he->h_addr_list; *ap; ap++, cnt++) {
 720                memset(&sa, 0, sizeof sa);
 721                sa.sin_family = he->h_addrtype;
 722                sa.sin_port = htons(nport);
 723                memcpy(&sa.sin_addr, *ap, he->h_length);
 724
 725                sockfd = socket(he->h_addrtype, SOCK_STREAM, 0);
 726                if ((sockfd < 0) ||
 727                    connect(sockfd, (struct sockaddr *)&sa, sizeof sa) < 0) {
 728                        strbuf_addf(&error_message, "%s[%d: %s]: errno=%s\n",
 729                                host,
 730                                cnt,
 731                                inet_ntoa(*(struct in_addr *)&sa.sin_addr),
 732                                strerror(errno));
 733                        if (0 <= sockfd)
 734                                close(sockfd);
 735                        sockfd = -1;
 736                        continue;
 737                }
 738                if (flags & CONNECT_VERBOSE)
 739                        fprintf(stderr, "%s ",
 740                                inet_ntoa(*(struct in_addr *)&sa.sin_addr));
 741                break;
 742        }
 743
 744        if (sockfd < 0)
 745                die(_("unable to connect to %s:\n%s"), host, error_message.buf);
 746
 747        enable_keepalive(sockfd);
 748
 749        if (flags & CONNECT_VERBOSE)
 750                /* TRANSLATORS: this is the end of "Connecting to %s (port %s) ... " */
 751                fprintf_ln(stderr, _("done."));
 752
 753        return sockfd;
 754}
 755
 756#endif /* NO_IPV6 */
 757
 758
 759/*
 760 * Dummy child_process returned by git_connect() if the transport protocol
 761 * does not need fork(2).
 762 */
 763static struct child_process no_fork = CHILD_PROCESS_INIT;
 764
 765int git_connection_is_socket(struct child_process *conn)
 766{
 767        return conn == &no_fork;
 768}
 769
 770static struct child_process *git_tcp_connect(int fd[2], char *host, int flags)
 771{
 772        int sockfd = git_tcp_connect_sock(host, flags);
 773
 774        fd[0] = sockfd;
 775        fd[1] = dup(sockfd);
 776
 777        return &no_fork;
 778}
 779
 780
 781static char *git_proxy_command;
 782
 783static int git_proxy_command_options(const char *var, const char *value,
 784                void *cb)
 785{
 786        if (!strcmp(var, "core.gitproxy")) {
 787                const char *for_pos;
 788                int matchlen = -1;
 789                int hostlen;
 790                const char *rhost_name = cb;
 791                int rhost_len = strlen(rhost_name);
 792
 793                if (git_proxy_command)
 794                        return 0;
 795                if (!value)
 796                        return config_error_nonbool(var);
 797                /* [core]
 798                 * ;# matches www.kernel.org as well
 799                 * gitproxy = netcatter-1 for kernel.org
 800                 * gitproxy = netcatter-2 for sample.xz
 801                 * gitproxy = netcatter-default
 802                 */
 803                for_pos = strstr(value, " for ");
 804                if (!for_pos)
 805                        /* matches everybody */
 806                        matchlen = strlen(value);
 807                else {
 808                        hostlen = strlen(for_pos + 5);
 809                        if (rhost_len < hostlen)
 810                                matchlen = -1;
 811                        else if (!strncmp(for_pos + 5,
 812                                          rhost_name + rhost_len - hostlen,
 813                                          hostlen) &&
 814                                 ((rhost_len == hostlen) ||
 815                                  rhost_name[rhost_len - hostlen -1] == '.'))
 816                                matchlen = for_pos - value;
 817                        else
 818                                matchlen = -1;
 819                }
 820                if (0 <= matchlen) {
 821                        /* core.gitproxy = none for kernel.org */
 822                        if (matchlen == 4 &&
 823                            !memcmp(value, "none", 4))
 824                                matchlen = 0;
 825                        git_proxy_command = xmemdupz(value, matchlen);
 826                }
 827                return 0;
 828        }
 829
 830        return git_default_config(var, value, cb);
 831}
 832
 833static int git_use_proxy(const char *host)
 834{
 835        git_proxy_command = getenv("GIT_PROXY_COMMAND");
 836        git_config(git_proxy_command_options, (void*)host);
 837        return (git_proxy_command && *git_proxy_command);
 838}
 839
 840static struct child_process *git_proxy_connect(int fd[2], char *host)
 841{
 842        const char *port = STR(DEFAULT_GIT_PORT);
 843        struct child_process *proxy;
 844
 845        get_host_and_port(&host, &port);
 846
 847        if (looks_like_command_line_option(host))
 848                die(_("strange hostname '%s' blocked"), host);
 849        if (looks_like_command_line_option(port))
 850                die(_("strange port '%s' blocked"), port);
 851
 852        proxy = xmalloc(sizeof(*proxy));
 853        child_process_init(proxy);
 854        argv_array_push(&proxy->args, git_proxy_command);
 855        argv_array_push(&proxy->args, host);
 856        argv_array_push(&proxy->args, port);
 857        proxy->in = -1;
 858        proxy->out = -1;
 859        if (start_command(proxy))
 860                die(_("cannot start proxy %s"), git_proxy_command);
 861        fd[0] = proxy->out; /* read from proxy stdout */
 862        fd[1] = proxy->in;  /* write to proxy stdin */
 863        return proxy;
 864}
 865
 866static char *get_port(char *host)
 867{
 868        char *end;
 869        char *p = strchr(host, ':');
 870
 871        if (p) {
 872                long port = strtol(p + 1, &end, 10);
 873                if (end != p + 1 && *end == '\0' && 0 <= port && port < 65536) {
 874                        *p = '\0';
 875                        return p+1;
 876                }
 877        }
 878
 879        return NULL;
 880}
 881
 882/*
 883 * Extract protocol and relevant parts from the specified connection URL.
 884 * The caller must free() the returned strings.
 885 */
 886static enum protocol parse_connect_url(const char *url_orig, char **ret_host,
 887                                       char **ret_path)
 888{
 889        char *url;
 890        char *host, *path;
 891        char *end;
 892        int separator = '/';
 893        enum protocol protocol = PROTO_LOCAL;
 894
 895        if (is_url(url_orig))
 896                url = url_decode(url_orig);
 897        else
 898                url = xstrdup(url_orig);
 899
 900        host = strstr(url, "://");
 901        if (host) {
 902                *host = '\0';
 903                protocol = get_protocol(url);
 904                host += 3;
 905        } else {
 906                host = url;
 907                if (!url_is_local_not_ssh(url)) {
 908                        protocol = PROTO_SSH;
 909                        separator = ':';
 910                }
 911        }
 912
 913        /*
 914         * Don't do destructive transforms as protocol code does
 915         * '[]' unwrapping in get_host_and_port()
 916         */
 917        end = host_end(&host, 0);
 918
 919        if (protocol == PROTO_LOCAL)
 920                path = end;
 921        else if (protocol == PROTO_FILE && has_dos_drive_prefix(end))
 922                path = end; /* "file://$(pwd)" may be "file://C:/projects/repo" */
 923        else
 924                path = strchr(end, separator);
 925
 926        if (!path || !*path)
 927                die(_("no path specified; see 'git help pull' for valid url syntax"));
 928
 929        /*
 930         * null-terminate hostname and point path to ~ for URL's like this:
 931         *    ssh://host.xz/~user/repo
 932         */
 933
 934        end = path; /* Need to \0 terminate host here */
 935        if (separator == ':')
 936                path++; /* path starts after ':' */
 937        if (protocol == PROTO_GIT || protocol == PROTO_SSH) {
 938                if (path[1] == '~')
 939                        path++;
 940        }
 941
 942        path = xstrdup(path);
 943        *end = '\0';
 944
 945        *ret_host = xstrdup(host);
 946        *ret_path = path;
 947        free(url);
 948        return protocol;
 949}
 950
 951static const char *get_ssh_command(void)
 952{
 953        const char *ssh;
 954
 955        if ((ssh = getenv("GIT_SSH_COMMAND")))
 956                return ssh;
 957
 958        if (!git_config_get_string_const("core.sshcommand", &ssh))
 959                return ssh;
 960
 961        return NULL;
 962}
 963
 964enum ssh_variant {
 965        VARIANT_AUTO,
 966        VARIANT_SIMPLE,
 967        VARIANT_SSH,
 968        VARIANT_PLINK,
 969        VARIANT_PUTTY,
 970        VARIANT_TORTOISEPLINK,
 971};
 972
 973static void override_ssh_variant(enum ssh_variant *ssh_variant)
 974{
 975        const char *variant = getenv("GIT_SSH_VARIANT");
 976
 977        if (!variant && git_config_get_string_const("ssh.variant", &variant))
 978                return;
 979
 980        if (!strcmp(variant, "auto"))
 981                *ssh_variant = VARIANT_AUTO;
 982        else if (!strcmp(variant, "plink"))
 983                *ssh_variant = VARIANT_PLINK;
 984        else if (!strcmp(variant, "putty"))
 985                *ssh_variant = VARIANT_PUTTY;
 986        else if (!strcmp(variant, "tortoiseplink"))
 987                *ssh_variant = VARIANT_TORTOISEPLINK;
 988        else if (!strcmp(variant, "simple"))
 989                *ssh_variant = VARIANT_SIMPLE;
 990        else
 991                *ssh_variant = VARIANT_SSH;
 992}
 993
 994static enum ssh_variant determine_ssh_variant(const char *ssh_command,
 995                                              int is_cmdline)
 996{
 997        enum ssh_variant ssh_variant = VARIANT_AUTO;
 998        const char *variant;
 999        char *p = NULL;
1000
1001        override_ssh_variant(&ssh_variant);
1002
1003        if (ssh_variant != VARIANT_AUTO)
1004                return ssh_variant;
1005
1006        if (!is_cmdline) {
1007                p = xstrdup(ssh_command);
1008                variant = basename(p);
1009        } else {
1010                const char **ssh_argv;
1011
1012                p = xstrdup(ssh_command);
1013                if (split_cmdline(p, &ssh_argv) > 0) {
1014                        variant = basename((char *)ssh_argv[0]);
1015                        /*
1016                         * At this point, variant points into the buffer
1017                         * referenced by p, hence we do not need ssh_argv
1018                         * any longer.
1019                         */
1020                        free(ssh_argv);
1021                } else {
1022                        free(p);
1023                        return ssh_variant;
1024                }
1025        }
1026
1027        if (!strcasecmp(variant, "ssh") ||
1028            !strcasecmp(variant, "ssh.exe"))
1029                ssh_variant = VARIANT_SSH;
1030        else if (!strcasecmp(variant, "plink") ||
1031                 !strcasecmp(variant, "plink.exe"))
1032                ssh_variant = VARIANT_PLINK;
1033        else if (!strcasecmp(variant, "tortoiseplink") ||
1034                 !strcasecmp(variant, "tortoiseplink.exe"))
1035                ssh_variant = VARIANT_TORTOISEPLINK;
1036
1037        free(p);
1038        return ssh_variant;
1039}
1040
1041/*
1042 * Open a connection using Git's native protocol.
1043 *
1044 * The caller is responsible for freeing hostandport, but this function may
1045 * modify it (for example, to truncate it to remove the port part).
1046 */
1047static struct child_process *git_connect_git(int fd[2], char *hostandport,
1048                                             const char *path, const char *prog,
1049                                             enum protocol_version version,
1050                                             int flags)
1051{
1052        struct child_process *conn;
1053        struct strbuf request = STRBUF_INIT;
1054        /*
1055         * Set up virtual host information based on where we will
1056         * connect, unless the user has overridden us in
1057         * the environment.
1058         */
1059        char *target_host = getenv("GIT_OVERRIDE_VIRTUAL_HOST");
1060        if (target_host)
1061                target_host = xstrdup(target_host);
1062        else
1063                target_host = xstrdup(hostandport);
1064
1065        transport_check_allowed("git");
1066
1067        /*
1068         * These underlying connection commands die() if they
1069         * cannot connect.
1070         */
1071        if (git_use_proxy(hostandport))
1072                conn = git_proxy_connect(fd, hostandport);
1073        else
1074                conn = git_tcp_connect(fd, hostandport, flags);
1075        /*
1076         * Separate original protocol components prog and path
1077         * from extended host header with a NUL byte.
1078         *
1079         * Note: Do not add any other headers here!  Doing so
1080         * will cause older git-daemon servers to crash.
1081         */
1082        strbuf_addf(&request,
1083                    "%s %s%chost=%s%c",
1084                    prog, path, 0,
1085                    target_host, 0);
1086
1087        /* If using a new version put that stuff here after a second null byte */
1088        if (version > 0) {
1089                strbuf_addch(&request, '\0');
1090                strbuf_addf(&request, "version=%d%c",
1091                            version, '\0');
1092        }
1093
1094        packet_write(fd[1], request.buf, request.len);
1095
1096        free(target_host);
1097        strbuf_release(&request);
1098        return conn;
1099}
1100
1101/*
1102 * Append the appropriate environment variables to `env` and options to
1103 * `args` for running ssh in Git's SSH-tunneled transport.
1104 */
1105static void push_ssh_options(struct argv_array *args, struct argv_array *env,
1106                             enum ssh_variant variant, const char *port,
1107                             enum protocol_version version, int flags)
1108{
1109        if (variant == VARIANT_SSH &&
1110            version > 0) {
1111                argv_array_push(args, "-o");
1112                argv_array_push(args, "SendEnv=" GIT_PROTOCOL_ENVIRONMENT);
1113                argv_array_pushf(env, GIT_PROTOCOL_ENVIRONMENT "=version=%d",
1114                                 version);
1115        }
1116
1117        if (flags & CONNECT_IPV4) {
1118                switch (variant) {
1119                case VARIANT_AUTO:
1120                        BUG("VARIANT_AUTO passed to push_ssh_options");
1121                case VARIANT_SIMPLE:
1122                        die(_("ssh variant 'simple' does not support -4"));
1123                case VARIANT_SSH:
1124                case VARIANT_PLINK:
1125                case VARIANT_PUTTY:
1126                case VARIANT_TORTOISEPLINK:
1127                        argv_array_push(args, "-4");
1128                }
1129        } else if (flags & CONNECT_IPV6) {
1130                switch (variant) {
1131                case VARIANT_AUTO:
1132                        BUG("VARIANT_AUTO passed to push_ssh_options");
1133                case VARIANT_SIMPLE:
1134                        die(_("ssh variant 'simple' does not support -6"));
1135                case VARIANT_SSH:
1136                case VARIANT_PLINK:
1137                case VARIANT_PUTTY:
1138                case VARIANT_TORTOISEPLINK:
1139                        argv_array_push(args, "-6");
1140                }
1141        }
1142
1143        if (variant == VARIANT_TORTOISEPLINK)
1144                argv_array_push(args, "-batch");
1145
1146        if (port) {
1147                switch (variant) {
1148                case VARIANT_AUTO:
1149                        BUG("VARIANT_AUTO passed to push_ssh_options");
1150                case VARIANT_SIMPLE:
1151                        die(_("ssh variant 'simple' does not support setting port"));
1152                case VARIANT_SSH:
1153                        argv_array_push(args, "-p");
1154                        break;
1155                case VARIANT_PLINK:
1156                case VARIANT_PUTTY:
1157                case VARIANT_TORTOISEPLINK:
1158                        argv_array_push(args, "-P");
1159                }
1160
1161                argv_array_push(args, port);
1162        }
1163}
1164
1165/* Prepare a child_process for use by Git's SSH-tunneled transport. */
1166static void fill_ssh_args(struct child_process *conn, const char *ssh_host,
1167                          const char *port, enum protocol_version version,
1168                          int flags)
1169{
1170        const char *ssh;
1171        enum ssh_variant variant;
1172
1173        if (looks_like_command_line_option(ssh_host))
1174                die(_("strange hostname '%s' blocked"), ssh_host);
1175
1176        ssh = get_ssh_command();
1177        if (ssh) {
1178                variant = determine_ssh_variant(ssh, 1);
1179        } else {
1180                /*
1181                 * GIT_SSH is the no-shell version of
1182                 * GIT_SSH_COMMAND (and must remain so for
1183                 * historical compatibility).
1184                 */
1185                conn->use_shell = 0;
1186
1187                ssh = getenv("GIT_SSH");
1188                if (!ssh)
1189                        ssh = "ssh";
1190                variant = determine_ssh_variant(ssh, 0);
1191        }
1192
1193        if (variant == VARIANT_AUTO) {
1194                struct child_process detect = CHILD_PROCESS_INIT;
1195
1196                detect.use_shell = conn->use_shell;
1197                detect.no_stdin = detect.no_stdout = detect.no_stderr = 1;
1198
1199                argv_array_push(&detect.args, ssh);
1200                argv_array_push(&detect.args, "-G");
1201                push_ssh_options(&detect.args, &detect.env_array,
1202                                 VARIANT_SSH, port, version, flags);
1203                argv_array_push(&detect.args, ssh_host);
1204
1205                variant = run_command(&detect) ? VARIANT_SIMPLE : VARIANT_SSH;
1206        }
1207
1208        argv_array_push(&conn->args, ssh);
1209        push_ssh_options(&conn->args, &conn->env_array, variant, port, version, flags);
1210        argv_array_push(&conn->args, ssh_host);
1211}
1212
1213/*
1214 * This returns the dummy child_process `no_fork` if the transport protocol
1215 * does not need fork(2), or a struct child_process object if it does.  Once
1216 * done, finish the connection with finish_connect() with the value returned
1217 * from this function (it is safe to call finish_connect() with NULL to
1218 * support the former case).
1219 *
1220 * If it returns, the connect is successful; it just dies on errors (this
1221 * will hopefully be changed in a libification effort, to return NULL when
1222 * the connection failed).
1223 */
1224struct child_process *git_connect(int fd[2], const char *url,
1225                                  const char *prog, int flags)
1226{
1227        char *hostandport, *path;
1228        struct child_process *conn;
1229        enum protocol protocol;
1230        enum protocol_version version = get_protocol_version_config();
1231
1232        /*
1233         * NEEDSWORK: If we are trying to use protocol v2 and we are planning
1234         * to perform a push, then fallback to v0 since the client doesn't know
1235         * how to push yet using v2.
1236         */
1237        if (version == protocol_v2 && !strcmp("git-receive-pack", prog))
1238                version = protocol_v0;
1239
1240        /* Without this we cannot rely on waitpid() to tell
1241         * what happened to our children.
1242         */
1243        signal(SIGCHLD, SIG_DFL);
1244
1245        protocol = parse_connect_url(url, &hostandport, &path);
1246        if ((flags & CONNECT_DIAG_URL) && (protocol != PROTO_SSH)) {
1247                printf("Diag: url=%s\n", url ? url : "NULL");
1248                printf("Diag: protocol=%s\n", prot_name(protocol));
1249                printf("Diag: hostandport=%s\n", hostandport ? hostandport : "NULL");
1250                printf("Diag: path=%s\n", path ? path : "NULL");
1251                conn = NULL;
1252        } else if (protocol == PROTO_GIT) {
1253                conn = git_connect_git(fd, hostandport, path, prog, version, flags);
1254        } else {
1255                struct strbuf cmd = STRBUF_INIT;
1256                const char *const *var;
1257
1258                conn = xmalloc(sizeof(*conn));
1259                child_process_init(conn);
1260
1261                if (looks_like_command_line_option(path))
1262                        die(_("strange pathname '%s' blocked"), path);
1263
1264                strbuf_addstr(&cmd, prog);
1265                strbuf_addch(&cmd, ' ');
1266                sq_quote_buf(&cmd, path);
1267
1268                /* remove repo-local variables from the environment */
1269                for (var = local_repo_env; *var; var++)
1270                        argv_array_push(&conn->env_array, *var);
1271
1272                conn->use_shell = 1;
1273                conn->in = conn->out = -1;
1274                if (protocol == PROTO_SSH) {
1275                        char *ssh_host = hostandport;
1276                        const char *port = NULL;
1277                        transport_check_allowed("ssh");
1278                        get_host_and_port(&ssh_host, &port);
1279
1280                        if (!port)
1281                                port = get_port(ssh_host);
1282
1283                        if (flags & CONNECT_DIAG_URL) {
1284                                printf("Diag: url=%s\n", url ? url : "NULL");
1285                                printf("Diag: protocol=%s\n", prot_name(protocol));
1286                                printf("Diag: userandhost=%s\n", ssh_host ? ssh_host : "NULL");
1287                                printf("Diag: port=%s\n", port ? port : "NONE");
1288                                printf("Diag: path=%s\n", path ? path : "NULL");
1289
1290                                free(hostandport);
1291                                free(path);
1292                                free(conn);
1293                                strbuf_release(&cmd);
1294                                return NULL;
1295                        }
1296                        fill_ssh_args(conn, ssh_host, port, version, flags);
1297                } else {
1298                        transport_check_allowed("file");
1299                        if (version > 0) {
1300                                argv_array_pushf(&conn->env_array, GIT_PROTOCOL_ENVIRONMENT "=version=%d",
1301                                                 version);
1302                        }
1303                }
1304                argv_array_push(&conn->args, cmd.buf);
1305
1306                if (start_command(conn))
1307                        die(_("unable to fork"));
1308
1309                fd[0] = conn->out; /* read from child's stdout */
1310                fd[1] = conn->in;  /* write to child's stdin */
1311                strbuf_release(&cmd);
1312        }
1313        free(hostandport);
1314        free(path);
1315        return conn;
1316}
1317
1318int finish_connect(struct child_process *conn)
1319{
1320        int code;
1321        if (!conn || git_connection_is_socket(conn))
1322                return 0;
1323
1324        code = finish_command(conn);
1325        free(conn);
1326        return code;
1327}