1#include "builtin.h"
2#include "lockfile.h"
3#include "pack.h"
4#include "refs.h"
5#include "pkt-line.h"
6#include "sideband.h"
7#include "run-command.h"
8#include "exec_cmd.h"
9#include "commit.h"
10#include "object.h"
11#include "remote.h"
12#include "connect.h"
13#include "transport.h"
14#include "string-list.h"
15#include "sha1-array.h"
16#include "connected.h"
17#include "argv-array.h"
18#include "version.h"
19#include "tag.h"
20#include "gpg-interface.h"
21#include "sigchain.h"
22#include "fsck.h"
23static const char receive_pack_usage[] = "git receive-pack <git-dir>";
25enum deny_action {
27 DENY_UNCONFIGURED,
28 DENY_IGNORE,
29 DENY_WARN,
30 DENY_REFUSE,
31 DENY_UPDATE_INSTEAD
32};
33static int deny_deletes;
35static int deny_non_fast_forwards;
36static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
37static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
38static int receive_fsck_objects = -1;
39static int transfer_fsck_objects = -1;
40static struct strbuf fsck_msg_types = STRBUF_INIT;
41static int receive_unpack_limit = -1;
42static int transfer_unpack_limit = -1;
43static int advertise_atomic_push = 1;
44static int unpack_limit = 100;
45static int report_status;
46static int use_sideband;
47static int use_atomic;
48static int quiet;
49static int prefer_ofs_delta = 1;
50static int auto_update_server_info;
51static int auto_gc = 1;
52static int fix_thin = 1;
53static int stateless_rpc;
54static const char *service_dir;
55static const char *head_name;
56static void *head_name_to_free;
57static int sent_capabilities;
58static int shallow_update;
59static const char *alt_shallow_file;
60static struct strbuf push_cert = STRBUF_INIT;
61static unsigned char push_cert_sha1[20];
62static struct signature_check sigcheck;
63static const char *push_cert_nonce;
64static const char *cert_nonce_seed;
65static const char *NONCE_UNSOLICITED = "UNSOLICITED";
67static const char *NONCE_BAD = "BAD";
68static const char *NONCE_MISSING = "MISSING";
69static const char *NONCE_OK = "OK";
70static const char *NONCE_SLOP = "SLOP";
71static const char *nonce_status;
72static long nonce_stamp_slop;
73static unsigned long nonce_stamp_slop_limit;
74static struct ref_transaction *transaction;
75static enum deny_action parse_deny_action(const char *var, const char *value)
77{
78 if (value) {
79 if (!strcasecmp(value, "ignore"))
80 return DENY_IGNORE;
81 if (!strcasecmp(value, "warn"))
82 return DENY_WARN;
83 if (!strcasecmp(value, "refuse"))
84 return DENY_REFUSE;
85 if (!strcasecmp(value, "updateinstead"))
86 return DENY_UPDATE_INSTEAD;
87 }
88 if (git_config_bool(var, value))
89 return DENY_REFUSE;
90 return DENY_IGNORE;
91}
92static int receive_pack_config(const char *var, const char *value, void *cb)
94{
95 int status = parse_hide_refs_config(var, value, "receive");
96 if (status)
98 return status;
99 if (strcmp(var, "receive.denydeletes") == 0) {
101 deny_deletes = git_config_bool(var, value);
102 return 0;
103 }
104 if (strcmp(var, "receive.denynonfastforwards") == 0) {
106 deny_non_fast_forwards = git_config_bool(var, value);
107 return 0;
108 }
109 if (strcmp(var, "receive.unpacklimit") == 0) {
111 receive_unpack_limit = git_config_int(var, value);
112 return 0;
113 }
114 if (strcmp(var, "transfer.unpacklimit") == 0) {
116 transfer_unpack_limit = git_config_int(var, value);
117 return 0;
118 }
119 if (strcmp(var, "receive.fsck.skiplist") == 0) {
121 const char *path;
122 if (git_config_pathname(&path, var, value))
124 return 1;
125 strbuf_addf(&fsck_msg_types, "%cskiplist=%s",
126 fsck_msg_types.len ? ',' : '=', path);
127 free((char *)path);
128 return 0;
129 }
130 if (skip_prefix(var, "receive.fsck.", &var)) {
132 if (is_valid_msg_type(var, value))
133 strbuf_addf(&fsck_msg_types, "%c%s=%s",
134 fsck_msg_types.len ? ',' : '=', var, value);
135 else
136 warning("Skipping unknown msg id '%s'", var);
137 return 0;
138 }
139 if (strcmp(var, "receive.fsckobjects") == 0) {
141 receive_fsck_objects = git_config_bool(var, value);
142 return 0;
143 }
144 if (strcmp(var, "transfer.fsckobjects") == 0) {
146 transfer_fsck_objects = git_config_bool(var, value);
147 return 0;
148 }
149 if (!strcmp(var, "receive.denycurrentbranch")) {
151 deny_current_branch = parse_deny_action(var, value);
152 return 0;
153 }
154 if (strcmp(var, "receive.denydeletecurrent") == 0) {
156 deny_delete_current = parse_deny_action(var, value);
157 return 0;
158 }
159 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
161 prefer_ofs_delta = git_config_bool(var, value);
162 return 0;
163 }
164 if (strcmp(var, "receive.updateserverinfo") == 0) {
166 auto_update_server_info = git_config_bool(var, value);
167 return 0;
168 }
169 if (strcmp(var, "receive.autogc") == 0) {
171 auto_gc = git_config_bool(var, value);
172 return 0;
173 }
174 if (strcmp(var, "receive.shallowupdate") == 0) {
176 shallow_update = git_config_bool(var, value);
177 return 0;
178 }
179 if (strcmp(var, "receive.certnonceseed") == 0)
181 return git_config_string(&cert_nonce_seed, var, value);
182 if (strcmp(var, "receive.certnonceslop") == 0) {
184 nonce_stamp_slop_limit = git_config_ulong(var, value);
185 return 0;
186 }
187 if (strcmp(var, "receive.advertiseatomic") == 0) {
189 advertise_atomic_push = git_config_bool(var, value);
190 return 0;
191 }
192 return git_default_config(var, value, cb);
194}
195static void show_ref(const char *path, const unsigned char *sha1)
197{
198 if (ref_is_hidden(path))
199 return;
200 if (sent_capabilities) {
202 packet_write(1, "%s %s\n", sha1_to_hex(sha1), path);
203 } else {
204 struct strbuf cap = STRBUF_INIT;
205 strbuf_addstr(&cap,
207 "report-status delete-refs side-band-64k quiet");
208 if (advertise_atomic_push)
209 strbuf_addstr(&cap, " atomic");
210 if (prefer_ofs_delta)
211 strbuf_addstr(&cap, " ofs-delta");
212 if (push_cert_nonce)
213 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
214 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
215 packet_write(1, "%s %s%c%s\n",
216 sha1_to_hex(sha1), path, 0, cap.buf);
217 strbuf_release(&cap);
218 sent_capabilities = 1;
219 }
220}
221static int show_ref_cb(const char *path, const struct object_id *oid, int flag, void *unused)
223{
224 path = strip_namespace(path);
225 /*
226 * Advertise refs outside our current namespace as ".have"
227 * refs, so that the client can use them to minimize data
228 * transfer but will otherwise ignore them. This happens to
229 * cover ".have" that are thrown in by add_one_alternate_ref()
230 * to mark histories that are complete in our alternates as
231 * well.
232 */
233 if (!path)
234 path = ".have";
235 show_ref(path, oid->hash);
236 return 0;
237}
238static void show_one_alternate_sha1(const unsigned char sha1[20], void *unused)
240{
241 show_ref(".have", sha1);
242}
243static void collect_one_alternate_ref(const struct ref *ref, void *data)
245{
246 struct sha1_array *sa = data;
247 sha1_array_append(sa, ref->old_sha1);
248}
249static void write_head_info(void)
251{
252 struct sha1_array sa = SHA1_ARRAY_INIT;
253 for_each_alternate_ref(collect_one_alternate_ref, &sa);
255 sha1_array_for_each_unique(&sa, show_one_alternate_sha1, NULL);
256 sha1_array_clear(&sa);
257 for_each_ref(show_ref_cb, NULL);
258 if (!sent_capabilities)
259 show_ref("capabilities^{}", null_sha1);
260 advertise_shallow_grafts(1);
262 /* EOF */
264 packet_flush(1);
265}
266struct command {
268 struct command *next;
269 const char *error_string;
270 unsigned int skip_update:1,
271 did_not_exist:1;
272 int index;
273 unsigned char old_sha1[20];
274 unsigned char new_sha1[20];
275 char ref_name[FLEX_ARRAY]; /* more */
276};
277static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
279static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
280static void report_message(const char *prefix, const char *err, va_list params)
282{
283 int sz;
284 char msg[4096];
285 sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
287 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
288 if (sz > (sizeof(msg) - 1))
289 sz = sizeof(msg) - 1;
290 msg[sz++] = '\n';
291 if (use_sideband)
293 send_sideband(1, 2, msg, sz, use_sideband);
294 else
295 xwrite(2, msg, sz);
296}
297static void rp_warning(const char *err, ...)
299{
300 va_list params;
301 va_start(params, err);
302 report_message("warning: ", err, params);
303 va_end(params);
304}
305static void rp_error(const char *err, ...)
307{
308 va_list params;
309 va_start(params, err);
310 report_message("error: ", err, params);
311 va_end(params);
312}
313static int copy_to_sideband(int in, int out, void *arg)
315{
316 char data[128];
317 while (1) {
318 ssize_t sz = xread(in, data, sizeof(data));
319 if (sz <= 0)
320 break;
321 send_sideband(1, 2, data, sz, use_sideband);
322 }
323 close(in);
324 return 0;
325}
326#define HMAC_BLOCK_SIZE 64
328static void hmac_sha1(unsigned char *out,
330 const char *key_in, size_t key_len,
331 const char *text, size_t text_len)
332{
333 unsigned char key[HMAC_BLOCK_SIZE];
334 unsigned char k_ipad[HMAC_BLOCK_SIZE];
335 unsigned char k_opad[HMAC_BLOCK_SIZE];
336 int i;
337 git_SHA_CTX ctx;
338 /* RFC 2104 2. (1) */
340 memset(key, '\0', HMAC_BLOCK_SIZE);
341 if (HMAC_BLOCK_SIZE < key_len) {
342 git_SHA1_Init(&ctx);
343 git_SHA1_Update(&ctx, key_in, key_len);
344 git_SHA1_Final(key, &ctx);
345 } else {
346 memcpy(key, key_in, key_len);
347 }
348 /* RFC 2104 2. (2) & (5) */
350 for (i = 0; i < sizeof(key); i++) {
351 k_ipad[i] = key[i] ^ 0x36;
352 k_opad[i] = key[i] ^ 0x5c;
353 }
354 /* RFC 2104 2. (3) & (4) */
356 git_SHA1_Init(&ctx);
357 git_SHA1_Update(&ctx, k_ipad, sizeof(k_ipad));
358 git_SHA1_Update(&ctx, text, text_len);
359 git_SHA1_Final(out, &ctx);
360 /* RFC 2104 2. (6) & (7) */
362 git_SHA1_Init(&ctx);
363 git_SHA1_Update(&ctx, k_opad, sizeof(k_opad));
364 git_SHA1_Update(&ctx, out, 20);
365 git_SHA1_Final(out, &ctx);
366}
367static char *prepare_push_cert_nonce(const char *path, unsigned long stamp)
369{
370 struct strbuf buf = STRBUF_INIT;
371 unsigned char sha1[20];
372 strbuf_addf(&buf, "%s:%lu", path, stamp);
374 hmac_sha1(sha1, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));;
375 strbuf_release(&buf);
376 /* RFC 2104 5. HMAC-SHA1-80 */
378 strbuf_addf(&buf, "%lu-%.*s", stamp, 20, sha1_to_hex(sha1));
379 return strbuf_detach(&buf, NULL);
380}
381/*
383 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
384 * after dropping "_commit" from its name and possibly moving it out
385 * of commit.c
386 */
387static char *find_header(const char *msg, size_t len, const char *key)
388{
389 int key_len = strlen(key);
390 const char *line = msg;
391 while (line && line < msg + len) {
393 const char *eol = strchrnul(line, '\n');
394 if ((msg + len <= eol) || line == eol)
396 return NULL;
397 if (line + key_len < eol &&
398 !memcmp(line, key, key_len) && line[key_len] == ' ') {
399 int offset = key_len + 1;
400 return xmemdupz(line + offset, (eol - line) - offset);
401 }
402 line = *eol ? eol + 1 : NULL;
403 }
404 return NULL;
405}
406static const char *check_nonce(const char *buf, size_t len)
408{
409 char *nonce = find_header(buf, len, "nonce");
410 unsigned long stamp, ostamp;
411 char *bohmac, *expect = NULL;
412 const char *retval = NONCE_BAD;
413 if (!nonce) {
415 retval = NONCE_MISSING;
416 goto leave;
417 } else if (!push_cert_nonce) {
418 retval = NONCE_UNSOLICITED;
419 goto leave;
420 } else if (!strcmp(push_cert_nonce, nonce)) {
421 retval = NONCE_OK;
422 goto leave;
423 }
424 if (!stateless_rpc) {
426 /* returned nonce MUST match what we gave out earlier */
427 retval = NONCE_BAD;
428 goto leave;
429 }
430 /*
432 * In stateless mode, we may be receiving a nonce issued by
433 * another instance of the server that serving the same
434 * repository, and the timestamps may not match, but the
435 * nonce-seed and dir should match, so we can recompute and
436 * report the time slop.
437 *
438 * In addition, when a nonce issued by another instance has
439 * timestamp within receive.certnonceslop seconds, we pretend
440 * as if we issued that nonce when reporting to the hook.
441 */
442 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
444 if (*nonce <= '0' || '9' < *nonce) {
445 retval = NONCE_BAD;
446 goto leave;
447 }
448 stamp = strtoul(nonce, &bohmac, 10);
449 if (bohmac == nonce || bohmac[0] != '-') {
450 retval = NONCE_BAD;
451 goto leave;
452 }
453 expect = prepare_push_cert_nonce(service_dir, stamp);
455 if (strcmp(expect, nonce)) {
456 /* Not what we would have signed earlier */
457 retval = NONCE_BAD;
458 goto leave;
459 }
460 /*
462 * By how many seconds is this nonce stale? Negative value
463 * would mean it was issued by another server with its clock
464 * skewed in the future.
465 */
466 ostamp = strtoul(push_cert_nonce, NULL, 10);
467 nonce_stamp_slop = (long)ostamp - (long)stamp;
468 if (nonce_stamp_slop_limit &&
470 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
471 /*
472 * Pretend as if the received nonce (which passes the
473 * HMAC check, so it is not a forged by third-party)
474 * is what we issued.
475 */
476 free((void *)push_cert_nonce);
477 push_cert_nonce = xstrdup(nonce);
478 retval = NONCE_OK;
479 } else {
480 retval = NONCE_SLOP;
481 }
482leave:
484 free(nonce);
485 free(expect);
486 return retval;
487}
488static void prepare_push_cert_sha1(struct child_process *proc)
490{
491 static int already_done;
492 if (!push_cert.len)
494 return;
495 if (!already_done) {
497 struct strbuf gpg_output = STRBUF_INIT;
498 struct strbuf gpg_status = STRBUF_INIT;
499 int bogs /* beginning_of_gpg_sig */;
500 already_done = 1;
502 if (write_sha1_file(push_cert.buf, push_cert.len, "blob", push_cert_sha1))
503 hashclr(push_cert_sha1);
504 memset(&sigcheck, '\0', sizeof(sigcheck));
506 sigcheck.result = 'N';
507 bogs = parse_signature(push_cert.buf, push_cert.len);
509 if (verify_signed_buffer(push_cert.buf, bogs,
510 push_cert.buf + bogs, push_cert.len - bogs,
511 &gpg_output, &gpg_status) < 0) {
512 ; /* error running gpg */
513 } else {
514 sigcheck.payload = push_cert.buf;
515 sigcheck.gpg_output = gpg_output.buf;
516 sigcheck.gpg_status = gpg_status.buf;
517 parse_gpg_output(&sigcheck);
518 }
519 strbuf_release(&gpg_output);
521 strbuf_release(&gpg_status);
522 nonce_status = check_nonce(push_cert.buf, bogs);
523 }
524 if (!is_null_sha1(push_cert_sha1)) {
525 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT=%s",
526 sha1_to_hex(push_cert_sha1));
527 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_SIGNER=%s",
528 sigcheck.signer ? sigcheck.signer : "");
529 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_KEY=%s",
530 sigcheck.key ? sigcheck.key : "");
531 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_STATUS=%c",
532 sigcheck.result);
533 if (push_cert_nonce) {
534 argv_array_pushf(&proc->env_array,
535 "GIT_PUSH_CERT_NONCE=%s",
536 push_cert_nonce);
537 argv_array_pushf(&proc->env_array,
538 "GIT_PUSH_CERT_NONCE_STATUS=%s",
539 nonce_status);
540 if (nonce_status == NONCE_SLOP)
541 argv_array_pushf(&proc->env_array,
542 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
543 nonce_stamp_slop);
544 }
545 }
546}
547typedef int (*feed_fn)(void *, const char **, size_t *);
549static int run_and_feed_hook(const char *hook_name, feed_fn feed, void *feed_state)
550{
551 struct child_process proc = CHILD_PROCESS_INIT;
552 struct async muxer;
553 const char *argv[2];
554 int code;
555 argv[0] = find_hook(hook_name);
557 if (!argv[0])
558 return 0;
559 argv[1] = NULL;
561 proc.argv = argv;
563 proc.in = -1;
564 proc.stdout_to_stderr = 1;
565 if (use_sideband) {
567 memset(&muxer, 0, sizeof(muxer));
568 muxer.proc = copy_to_sideband;
569 muxer.in = -1;
570 code = start_async(&muxer);
571 if (code)
572 return code;
573 proc.err = muxer.in;
574 }
575 prepare_push_cert_sha1(&proc);
577 code = start_command(&proc);
579 if (code) {
580 if (use_sideband)
581 finish_async(&muxer);
582 return code;
583 }
584 sigchain_push(SIGPIPE, SIG_IGN);
586 while (1) {
588 const char *buf;
589 size_t n;
590 if (feed(feed_state, &buf, &n))
591 break;
592 if (write_in_full(proc.in, buf, n) != n)
593 break;
594 }
595 close(proc.in);
596 if (use_sideband)
597 finish_async(&muxer);
598 sigchain_pop(SIGPIPE);
600 return finish_command(&proc);
602}
603struct receive_hook_feed_state {
605 struct command *cmd;
606 int skip_broken;
607 struct strbuf buf;
608};
609static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
611{
612 struct receive_hook_feed_state *state = state_;
613 struct command *cmd = state->cmd;
614 while (cmd &&
616 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
617 cmd = cmd->next;
618 if (!cmd)
619 return -1; /* EOF */
620 strbuf_reset(&state->buf);
621 strbuf_addf(&state->buf, "%s %s %s\n",
622 sha1_to_hex(cmd->old_sha1), sha1_to_hex(cmd->new_sha1),
623 cmd->ref_name);
624 state->cmd = cmd->next;
625 if (bufp) {
626 *bufp = state->buf.buf;
627 *sizep = state->buf.len;
628 }
629 return 0;
630}
631static int run_receive_hook(struct command *commands, const char *hook_name,
633 int skip_broken)
634{
635 struct receive_hook_feed_state state;
636 int status;
637 strbuf_init(&state.buf, 0);
639 state.cmd = commands;
640 state.skip_broken = skip_broken;
641 if (feed_receive_hook(&state, NULL, NULL))
642 return 0;
643 state.cmd = commands;
644 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
645 strbuf_release(&state.buf);
646 return status;
647}
648static int run_update_hook(struct command *cmd)
650{
651 const char *argv[5];
652 struct child_process proc = CHILD_PROCESS_INIT;
653 int code;
654 argv[0] = find_hook("update");
656 if (!argv[0])
657 return 0;
658 argv[1] = cmd->ref_name;
660 argv[2] = sha1_to_hex(cmd->old_sha1);
661 argv[3] = sha1_to_hex(cmd->new_sha1);
662 argv[4] = NULL;
663 proc.no_stdin = 1;
665 proc.stdout_to_stderr = 1;
666 proc.err = use_sideband ? -1 : 0;
667 proc.argv = argv;
668 code = start_command(&proc);
670 if (code)
671 return code;
672 if (use_sideband)
673 copy_to_sideband(proc.err, -1, NULL);
674 return finish_command(&proc);
675}
676static int is_ref_checked_out(const char *ref)
678{
679 if (is_bare_repository())
680 return 0;
681 if (!head_name)
683 return 0;
684 return !strcmp(head_name, ref);
685}
686static char *refuse_unconfigured_deny_msg[] = {
688 "By default, updating the current branch in a non-bare repository",
689 "is denied, because it will make the index and work tree inconsistent",
690 "with what you pushed, and will require 'git reset --hard' to match",
691 "the work tree to HEAD.",
692 "",
693 "You can set 'receive.denyCurrentBranch' configuration variable to",
694 "'ignore' or 'warn' in the remote repository to allow pushing into",
695 "its current branch; however, this is not recommended unless you",
696 "arranged to update its work tree to match what you pushed in some",
697 "other way.",
698 "",
699 "To squelch this message and still keep the default behaviour, set",
700 "'receive.denyCurrentBranch' configuration variable to 'refuse'."
701};
702static void refuse_unconfigured_deny(void)
704{
705 int i;
706 for (i = 0; i < ARRAY_SIZE(refuse_unconfigured_deny_msg); i++)
707 rp_error("%s", refuse_unconfigured_deny_msg[i]);
708}
709static char *refuse_unconfigured_deny_delete_current_msg[] = {
711 "By default, deleting the current branch is denied, because the next",
712 "'git clone' won't result in any file checked out, causing confusion.",
713 "",
714 "You can set 'receive.denyDeleteCurrent' configuration variable to",
715 "'warn' or 'ignore' in the remote repository to allow deleting the",
716 "current branch, with or without a warning message.",
717 "",
718 "To squelch this message, you can set it to 'refuse'."
719};
720static void refuse_unconfigured_deny_delete_current(void)
722{
723 int i;
724 for (i = 0;
725 i < ARRAY_SIZE(refuse_unconfigured_deny_delete_current_msg);
726 i++)
727 rp_error("%s", refuse_unconfigured_deny_delete_current_msg[i]);
728}
729static int command_singleton_iterator(void *cb_data, unsigned char sha1[20]);
731static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
732{
733 static struct lock_file shallow_lock;
734 struct sha1_array extra = SHA1_ARRAY_INIT;
735 const char *alt_file;
736 uint32_t mask = 1 << (cmd->index % 32);
737 int i;
738 trace_printf_key(&trace_shallow,
740 "shallow: update_shallow_ref %s\n", cmd->ref_name);
741 for (i = 0; i < si->shallow->nr; i++)
742 if (si->used_shallow[i] &&
743 (si->used_shallow[i][cmd->index / 32] & mask) &&
744 !delayed_reachability_test(si, i))
745 sha1_array_append(&extra, si->shallow->sha1[i]);
746 setup_alternate_shallow(&shallow_lock, &alt_file, &extra);
748 if (check_shallow_connected(command_singleton_iterator,
749 0, cmd, alt_file)) {
750 rollback_lock_file(&shallow_lock);
751 sha1_array_clear(&extra);
752 return -1;
753 }
754 commit_lock_file(&shallow_lock);
756 /*
758 * Make sure setup_alternate_shallow() for the next ref does
759 * not lose these new roots..
760 */
761 for (i = 0; i < extra.nr; i++)
762 register_shallow(extra.sha1[i]);
763 si->shallow_ref[cmd->index] = 0;
765 sha1_array_clear(&extra);
766 return 0;
767}
768/*
770 * NEEDSWORK: we should consolidate various implementions of "are we
771 * on an unborn branch?" test into one, and make the unified one more
772 * robust. !get_sha1() based check used here and elsewhere would not
773 * allow us to tell an unborn branch from corrupt ref, for example.
774 * For the purpose of fixing "deploy-to-update does not work when
775 * pushing into an empty repository" issue, this should suffice for
776 * now.
777 */
778static int head_has_history(void)
779{
780 unsigned char sha1[20];
781 return !get_sha1("HEAD", sha1);
783}
784static const char *push_to_deploy(unsigned char *sha1,
786 struct argv_array *env,
787 const char *work_tree)
788{
789 const char *update_refresh[] = {
790 "update-index", "-q", "--ignore-submodules", "--refresh", NULL
791 };
792 const char *diff_files[] = {
793 "diff-files", "--quiet", "--ignore-submodules", "--", NULL
794 };
795 const char *diff_index[] = {
796 "diff-index", "--quiet", "--cached", "--ignore-submodules",
797 NULL, "--", NULL
798 };
799 const char *read_tree[] = {
800 "read-tree", "-u", "-m", NULL, NULL
801 };
802 struct child_process child = CHILD_PROCESS_INIT;
803 child.argv = update_refresh;
805 child.env = env->argv;
806 child.dir = work_tree;
807 child.no_stdin = 1;
808 child.stdout_to_stderr = 1;
809 child.git_cmd = 1;
810 if (run_command(&child))
811 return "Up-to-date check failed";
812 /* run_command() does not clean up completely; reinitialize */
814 child_process_init(&child);
815 child.argv = diff_files;
816 child.env = env->argv;
817 child.dir = work_tree;
818 child.no_stdin = 1;
819 child.stdout_to_stderr = 1;
820 child.git_cmd = 1;
821 if (run_command(&child))
822 return "Working directory has unstaged changes";
823 /* diff-index with either HEAD or an empty tree */
825 diff_index[4] = head_has_history() ? "HEAD" : EMPTY_TREE_SHA1_HEX;
826 child_process_init(&child);
828 child.argv = diff_index;
829 child.env = env->argv;
830 child.no_stdin = 1;
831 child.no_stdout = 1;
832 child.stdout_to_stderr = 0;
833 child.git_cmd = 1;
834 if (run_command(&child))
835 return "Working directory has staged changes";
836 read_tree[3] = sha1_to_hex(sha1);
838 child_process_init(&child);
839 child.argv = read_tree;
840 child.env = env->argv;
841 child.dir = work_tree;
842 child.no_stdin = 1;
843 child.no_stdout = 1;
844 child.stdout_to_stderr = 0;
845 child.git_cmd = 1;
846 if (run_command(&child))
847 return "Could not update working tree to new HEAD";
848 return NULL;
850}
851static const char *push_to_checkout_hook = "push-to-checkout";
853static const char *push_to_checkout(unsigned char *sha1,
855 struct argv_array *env,
856 const char *work_tree)
857{
858 argv_array_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
859 if (run_hook_le(env->argv, push_to_checkout_hook,
860 sha1_to_hex(sha1), NULL))
861 return "push-to-checkout hook declined";
862 else
863 return NULL;
864}
865static const char *update_worktree(unsigned char *sha1)
867{
868 const char *retval;
869 const char *work_tree = git_work_tree_cfg ? git_work_tree_cfg : "..";
870 struct argv_array env = ARGV_ARRAY_INIT;
871 if (is_bare_repository())
873 return "denyCurrentBranch = updateInstead needs a worktree";
874 argv_array_pushf(&env, "GIT_DIR=%s", absolute_path(get_git_dir()));
876 if (!find_hook(push_to_checkout_hook))
878 retval = push_to_deploy(sha1, &env, work_tree);
879 else
880 retval = push_to_checkout(sha1, &env, work_tree);
881 argv_array_clear(&env);
883 return retval;
884}
885static const char *update(struct command *cmd, struct shallow_info *si)
887{
888 const char *name = cmd->ref_name;
889 struct strbuf namespaced_name_buf = STRBUF_INIT;
890 const char *namespaced_name, *ret;
891 unsigned char *old_sha1 = cmd->old_sha1;
892 unsigned char *new_sha1 = cmd->new_sha1;
893 /* only refs/... are allowed */
895 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
896 rp_error("refusing to create funny ref '%s' remotely", name);
897 return "funny refname";
898 }
899 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
901 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
902 if (is_ref_checked_out(namespaced_name)) {
904 switch (deny_current_branch) {
905 case DENY_IGNORE:
906 break;
907 case DENY_WARN:
908 rp_warning("updating the current branch");
909 break;
910 case DENY_REFUSE:
911 case DENY_UNCONFIGURED:
912 rp_error("refusing to update checked out branch: %s", name);
913 if (deny_current_branch == DENY_UNCONFIGURED)
914 refuse_unconfigured_deny();
915 return "branch is currently checked out";
916 case DENY_UPDATE_INSTEAD:
917 ret = update_worktree(new_sha1);
918 if (ret)
919 return ret;
920 break;
921 }
922 }
923 if (!is_null_sha1(new_sha1) && !has_sha1_file(new_sha1)) {
925 error("unpack should have generated %s, "
926 "but I can't find it!", sha1_to_hex(new_sha1));
927 return "bad pack";
928 }
929 if (!is_null_sha1(old_sha1) && is_null_sha1(new_sha1)) {
931 if (deny_deletes && starts_with(name, "refs/heads/")) {
932 rp_error("denying ref deletion for %s", name);
933 return "deletion prohibited";
934 }
935 if (head_name && !strcmp(namespaced_name, head_name)) {
937 switch (deny_delete_current) {
938 case DENY_IGNORE:
939 break;
940 case DENY_WARN:
941 rp_warning("deleting the current branch");
942 break;
943 case DENY_REFUSE:
944 case DENY_UNCONFIGURED:
945 case DENY_UPDATE_INSTEAD:
946 if (deny_delete_current == DENY_UNCONFIGURED)
947 refuse_unconfigured_deny_delete_current();
948 rp_error("refusing to delete the current branch: %s", name);
949 return "deletion of the current branch prohibited";
950 default:
951 return "Invalid denyDeleteCurrent setting";
952 }
953 }
954 }
955 if (deny_non_fast_forwards && !is_null_sha1(new_sha1) &&
957 !is_null_sha1(old_sha1) &&
958 starts_with(name, "refs/heads/")) {
959 struct object *old_object, *new_object;
960 struct commit *old_commit, *new_commit;
961 old_object = parse_object(old_sha1);
963 new_object = parse_object(new_sha1);
964 if (!old_object || !new_object ||
966 old_object->type != OBJ_COMMIT ||
967 new_object->type != OBJ_COMMIT) {
968 error("bad sha1 objects for %s", name);
969 return "bad ref";
970 }
971 old_commit = (struct commit *)old_object;
972 new_commit = (struct commit *)new_object;
973 if (!in_merge_bases(old_commit, new_commit)) {
974 rp_error("denying non-fast-forward %s"
975 " (you should pull first)", name);
976 return "non-fast-forward";
977 }
978 }
979 if (run_update_hook(cmd)) {
980 rp_error("hook declined to update %s", name);
981 return "hook declined";
982 }
983 if (is_null_sha1(new_sha1)) {
985 struct strbuf err = STRBUF_INIT;
986 if (!parse_object(old_sha1)) {
987 old_sha1 = NULL;
988 if (ref_exists(name)) {
989 rp_warning("Allowing deletion of corrupt ref.");
990 } else {
991 rp_warning("Deleting a non-existent ref.");
992 cmd->did_not_exist = 1;
993 }
994 }
995 if (ref_transaction_delete(transaction,
996 namespaced_name,
997 old_sha1,
998 0, "push", &err)) {
999 rp_error("%s", err.buf);
1000 strbuf_release(&err);
1001 return "failed to delete";
1002 }
1003 strbuf_release(&err);
1004 return NULL; /* good */
1005 }
1006 else {
1007 struct strbuf err = STRBUF_INIT;
1008 if (shallow_update && si->shallow_ref[cmd->index] &&
1009 update_shallow_ref(cmd, si))
1010 return "shallow error";
1011 if (ref_transaction_update(transaction,
1013 namespaced_name,
1014 new_sha1, old_sha1,
1015 0, "push",
1016 &err)) {
1017 rp_error("%s", err.buf);
1018 strbuf_release(&err);
1019 return "failed to update ref";
1021 }
1022 strbuf_release(&err);
1023 return NULL; /* good */
1025 }
1026}
1027static void run_update_post_hook(struct command *commands)
1029{
1030 struct command *cmd;
1031 int argc;
1032 const char **argv;
1033 struct child_process proc = CHILD_PROCESS_INIT;
1034 const char *hook;
1035 hook = find_hook("post-update");
1037 for (argc = 0, cmd = commands; cmd; cmd = cmd->next) {
1038 if (cmd->error_string || cmd->did_not_exist)
1039 continue;
1040 argc++;
1041 }
1042 if (!argc || !hook)
1043 return;
1044 argv = xmalloc(sizeof(*argv) * (2 + argc));
1046 argv[0] = hook;
1047 for (argc = 1, cmd = commands; cmd; cmd = cmd->next) {
1049 if (cmd->error_string || cmd->did_not_exist)
1050 continue;
1051 argv[argc] = xstrdup(cmd->ref_name);
1052 argc++;
1053 }
1054 argv[argc] = NULL;
1055 proc.no_stdin = 1;
1057 proc.stdout_to_stderr = 1;
1058 proc.err = use_sideband ? -1 : 0;
1059 proc.argv = argv;
1060 if (!start_command(&proc)) {
1062 if (use_sideband)
1063 copy_to_sideband(proc.err, -1, NULL);
1064 finish_command(&proc);
1065 }
1066}
1067static void check_aliased_update(struct command *cmd, struct string_list *list)
1069{
1070 struct strbuf buf = STRBUF_INIT;
1071 const char *dst_name;
1072 struct string_list_item *item;
1073 struct command *dst_cmd;
1074 unsigned char sha1[GIT_SHA1_RAWSZ];
1075 char cmd_oldh[GIT_SHA1_HEXSZ + 1],
1076 cmd_newh[GIT_SHA1_HEXSZ + 1],
1077 dst_oldh[GIT_SHA1_HEXSZ + 1],
1078 dst_newh[GIT_SHA1_HEXSZ + 1];
1079 int flag;
1080 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1082 dst_name = resolve_ref_unsafe(buf.buf, 0, sha1, &flag);
1083 strbuf_release(&buf);
1084 if (!(flag & REF_ISSYMREF))
1086 return;
1087 dst_name = strip_namespace(dst_name);
1089 if (!dst_name) {
1090 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1091 cmd->skip_update = 1;
1092 cmd->error_string = "broken symref";
1093 return;
1094 }
1095 if ((item = string_list_lookup(list, dst_name)) == NULL)
1097 return;
1098 cmd->skip_update = 1;
1100 dst_cmd = (struct command *) item->util;
1102 if (!hashcmp(cmd->old_sha1, dst_cmd->old_sha1) &&
1104 !hashcmp(cmd->new_sha1, dst_cmd->new_sha1))
1105 return;
1106 dst_cmd->skip_update = 1;
1108 find_unique_abbrev_r(cmd_oldh, cmd->old_sha1, DEFAULT_ABBREV);
1110 find_unique_abbrev_r(cmd_newh, cmd->new_sha1, DEFAULT_ABBREV);
1111 find_unique_abbrev_r(dst_oldh, dst_cmd->old_sha1, DEFAULT_ABBREV);
1112 find_unique_abbrev_r(dst_newh, dst_cmd->new_sha1, DEFAULT_ABBREV);
1113 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1114 " its target '%s' (%s..%s)",
1115 cmd->ref_name, cmd_oldh, cmd_newh,
1116 dst_cmd->ref_name, dst_oldh, dst_newh);
1117 cmd->error_string = dst_cmd->error_string =
1119 "inconsistent aliased update";
1120}
1121static void check_aliased_updates(struct command *commands)
1123{
1124 struct command *cmd;
1125 struct string_list ref_list = STRING_LIST_INIT_NODUP;
1126 for (cmd = commands; cmd; cmd = cmd->next) {
1128 struct string_list_item *item =
1129 string_list_append(&ref_list, cmd->ref_name);
1130 item->util = (void *)cmd;
1131 }
1132 string_list_sort(&ref_list);
1133 for (cmd = commands; cmd; cmd = cmd->next) {
1135 if (!cmd->error_string)
1136 check_aliased_update(cmd, &ref_list);
1137 }
1138 string_list_clear(&ref_list, 0);
1140}
1141static int command_singleton_iterator(void *cb_data, unsigned char sha1[20])
1143{
1144 struct command **cmd_list = cb_data;
1145 struct command *cmd = *cmd_list;
1146 if (!cmd || is_null_sha1(cmd->new_sha1))
1148 return -1; /* end of list */
1149 *cmd_list = NULL; /* this returns only one */
1150 hashcpy(sha1, cmd->new_sha1);
1151 return 0;
1152}
1153static void set_connectivity_errors(struct command *commands,
1155 struct shallow_info *si)
1156{
1157 struct command *cmd;
1158 for (cmd = commands; cmd; cmd = cmd->next) {
1160 struct command *singleton = cmd;
1161 if (shallow_update && si->shallow_ref[cmd->index])
1162 /* to be checked in update_shallow_ref() */
1163 continue;
1164 if (!check_everything_connected(command_singleton_iterator,
1165 0, &singleton))
1166 continue;
1167 cmd->error_string = "missing necessary objects";
1168 }
1169}
1170struct iterate_data {
1172 struct command *cmds;
1173 struct shallow_info *si;
1174};
1175static int iterate_receive_command_list(void *cb_data, unsigned char sha1[20])
1177{
1178 struct iterate_data *data = cb_data;
1179 struct command **cmd_list = &data->cmds;
1180 struct command *cmd = *cmd_list;
1181 for (; cmd; cmd = cmd->next) {
1183 if (shallow_update && data->si->shallow_ref[cmd->index])
1184 /* to be checked in update_shallow_ref() */
1185 continue;
1186 if (!is_null_sha1(cmd->new_sha1) && !cmd->skip_update) {
1187 hashcpy(sha1, cmd->new_sha1);
1188 *cmd_list = cmd->next;
1189 return 0;
1190 }
1191 }
1192 *cmd_list = NULL;
1193 return -1; /* end of list */
1194}
1195static void reject_updates_to_hidden(struct command *commands)
1197{
1198 struct command *cmd;
1199 for (cmd = commands; cmd; cmd = cmd->next) {
1201 if (cmd->error_string || !ref_is_hidden(cmd->ref_name))
1202 continue;
1203 if (is_null_sha1(cmd->new_sha1))
1204 cmd->error_string = "deny deleting a hidden ref";
1205 else
1206 cmd->error_string = "deny updating a hidden ref";
1207 }
1208}
1209static int should_process_cmd(struct command *cmd)
1211{
1212 return !cmd->error_string && !cmd->skip_update;
1213}
1214static void warn_if_skipped_connectivity_check(struct command *commands,
1216 struct shallow_info *si)
1217{
1218 struct command *cmd;
1219 int checked_connectivity = 1;
1220 for (cmd = commands; cmd; cmd = cmd->next) {
1222 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index]) {
1223 error("BUG: connectivity check has not been run on ref %s",
1224 cmd->ref_name);
1225 checked_connectivity = 0;
1226 }
1227 }
1228 if (!checked_connectivity)
1229 die("BUG: connectivity check skipped???");
1230}
1231static void execute_commands_non_atomic(struct command *commands,
1233 struct shallow_info *si)
1234{
1235 struct command *cmd;
1236 struct strbuf err = STRBUF_INIT;
1237 for (cmd = commands; cmd; cmd = cmd->next) {
1239 if (!should_process_cmd(cmd))
1240 continue;
1241 transaction = ref_transaction_begin(&err);
1243 if (!transaction) {
1244 rp_error("%s", err.buf);
1245 strbuf_reset(&err);
1246 cmd->error_string = "transaction failed to start";
1247 continue;
1248 }
1249 cmd->error_string = update(cmd, si);
1251 if (!cmd->error_string
1253 && ref_transaction_commit(transaction, &err)) {
1254 rp_error("%s", err.buf);
1255 strbuf_reset(&err);
1256 cmd->error_string = "failed to update ref";
1257 }
1258 ref_transaction_free(transaction);
1259 }
1260 strbuf_release(&err);
1261}
1262static void execute_commands_atomic(struct command *commands,
1264 struct shallow_info *si)
1265{
1266 struct command *cmd;
1267 struct strbuf err = STRBUF_INIT;
1268 const char *reported_error = "atomic push failure";
1269 transaction = ref_transaction_begin(&err);
1271 if (!transaction) {
1272 rp_error("%s", err.buf);
1273 strbuf_reset(&err);
1274 reported_error = "transaction failed to start";
1275 goto failure;
1276 }
1277 for (cmd = commands; cmd; cmd = cmd->next) {
1279 if (!should_process_cmd(cmd))
1280 continue;
1281 cmd->error_string = update(cmd, si);
1283 if (cmd->error_string)
1285 goto failure;
1286 }
1287 if (ref_transaction_commit(transaction, &err)) {
1289 rp_error("%s", err.buf);
1290 reported_error = "atomic transaction failed";
1291 goto failure;
1292 }
1293 goto cleanup;
1294failure:
1296 for (cmd = commands; cmd; cmd = cmd->next)
1297 if (!cmd->error_string)
1298 cmd->error_string = reported_error;
1299cleanup:
1301 ref_transaction_free(transaction);
1302 strbuf_release(&err);
1303}
1304static void execute_commands(struct command *commands,
1306 const char *unpacker_error,
1307 struct shallow_info *si)
1308{
1309 struct command *cmd;
1310 unsigned char sha1[20];
1311 struct iterate_data data;
1312 if (unpacker_error) {
1314 for (cmd = commands; cmd; cmd = cmd->next)
1315 cmd->error_string = "unpacker error";
1316 return;
1317 }
1318 data.cmds = commands;
1320 data.si = si;
1321 if (check_everything_connected(iterate_receive_command_list, 0, &data))
1322 set_connectivity_errors(commands, si);
1323 reject_updates_to_hidden(commands);
1325 if (run_receive_hook(commands, "pre-receive", 0)) {
1327 for (cmd = commands; cmd; cmd = cmd->next) {
1328 if (!cmd->error_string)
1329 cmd->error_string = "pre-receive hook declined";
1330 }
1331 return;
1332 }
1333 check_aliased_updates(commands);
1335 free(head_name_to_free);
1337 head_name = head_name_to_free = resolve_refdup("HEAD", 0, sha1, NULL);
1338 if (use_atomic)
1340 execute_commands_atomic(commands, si);
1341 else
1342 execute_commands_non_atomic(commands, si);
1343 if (shallow_update)
1345 warn_if_skipped_connectivity_check(commands, si);
1346}
1347static struct command **queue_command(struct command **tail,
1349 const char *line,
1350 int linelen)
1351{
1352 unsigned char old_sha1[20], new_sha1[20];
1353 struct command *cmd;
1354 const char *refname;
1355 int reflen;
1356 if (linelen < 83 ||
1358 line[40] != ' ' ||
1359 line[81] != ' ' ||
1360 get_sha1_hex(line, old_sha1) ||
1361 get_sha1_hex(line + 41, new_sha1))
1362 die("protocol error: expected old/new/ref, got '%s'", line);
1363 refname = line + 82;
1365 reflen = linelen - 82;
1366 cmd = xcalloc(1, sizeof(struct command) + reflen + 1);
1367 hashcpy(cmd->old_sha1, old_sha1);
1368 hashcpy(cmd->new_sha1, new_sha1);
1369 memcpy(cmd->ref_name, refname, reflen);
1370 cmd->ref_name[reflen] = '\0';
1371 *tail = cmd;
1372 return &cmd->next;
1373}
1374static void queue_commands_from_cert(struct command **tail,
1376 struct strbuf *push_cert)
1377{
1378 const char *boc, *eoc;
1379 if (*tail)
1381 die("protocol error: got both push certificate and unsigned commands");
1382 boc = strstr(push_cert->buf, "\n\n");
1384 if (!boc)
1385 die("malformed push certificate %.*s", 100, push_cert->buf);
1386 else
1387 boc += 2;
1388 eoc = push_cert->buf + parse_signature(push_cert->buf, push_cert->len);
1389 while (boc < eoc) {
1391 const char *eol = memchr(boc, '\n', eoc - boc);
1392 tail = queue_command(tail, boc, eol ? eol - boc : eoc - eol);
1393 boc = eol ? eol + 1 : eoc;
1394 }
1395}
1396static struct command *read_head_info(struct sha1_array *shallow)
1398{
1399 struct command *commands = NULL;
1400 struct command **p = &commands;
1401 for (;;) {
1402 char *line;
1403 int len, linelen;
1404 line = packet_read_line(0, &len);
1406 if (!line)
1407 break;
1408 if (len == 48 && starts_with(line, "shallow ")) {
1410 unsigned char sha1[20];
1411 if (get_sha1_hex(line + 8, sha1))
1412 die("protocol error: expected shallow sha, got '%s'",
1413 line + 8);
1414 sha1_array_append(shallow, sha1);
1415 continue;
1416 }
1417 linelen = strlen(line);
1419 if (linelen < len) {
1420 const char *feature_list = line + linelen + 1;
1421 if (parse_feature_request(feature_list, "report-status"))
1422 report_status = 1;
1423 if (parse_feature_request(feature_list, "side-band-64k"))
1424 use_sideband = LARGE_PACKET_MAX;
1425 if (parse_feature_request(feature_list, "quiet"))
1426 quiet = 1;
1427 if (advertise_atomic_push
1428 && parse_feature_request(feature_list, "atomic"))
1429 use_atomic = 1;
1430 }
1431 if (!strcmp(line, "push-cert")) {
1433 int true_flush = 0;
1434 char certbuf[1024];
1435 for (;;) {
1437 len = packet_read(0, NULL, NULL,
1438 certbuf, sizeof(certbuf), 0);
1439 if (!len) {
1440 true_flush = 1;
1441 break;
1442 }
1443 if (!strcmp(certbuf, "push-cert-end\n"))
1444 break; /* end of cert */
1445 strbuf_addstr(&push_cert, certbuf);
1446 }
1447 if (true_flush)
1449 break;
1450 continue;
1451 }
1452 p = queue_command(p, line, linelen);
1454 }
1455 if (push_cert.len)
1457 queue_commands_from_cert(p, &push_cert);
1458 return commands;
1460}
1461static const char *parse_pack_header(struct pack_header *hdr)
1463{
1464 switch (read_pack_header(0, hdr)) {
1465 case PH_ERROR_EOF:
1466 return "eof before pack header was fully read";
1467 case PH_ERROR_PACK_SIGNATURE:
1469 return "protocol error (pack signature mismatch detected)";
1470 case PH_ERROR_PROTOCOL:
1472 return "protocol error (pack version unsupported)";
1473 default:
1475 return "unknown error in parse_pack_header";
1476 case 0:
1478 return NULL;
1479 }
1480}
1481static const char *pack_lockfile;
1483static const char *unpack(int err_fd, struct shallow_info *si)
1485{
1486 struct pack_header hdr;
1487 const char *hdr_err;
1488 int status;
1489 char hdr_arg[38];
1490 struct child_process child = CHILD_PROCESS_INIT;
1491 int fsck_objects = (receive_fsck_objects >= 0
1492 ? receive_fsck_objects
1493 : transfer_fsck_objects >= 0
1494 ? transfer_fsck_objects
1495 : 0);
1496 hdr_err = parse_pack_header(&hdr);
1498 if (hdr_err) {
1499 if (err_fd > 0)
1500 close(err_fd);
1501 return hdr_err;
1502 }
1503 snprintf(hdr_arg, sizeof(hdr_arg),
1504 "--pack_header=%"PRIu32",%"PRIu32,
1505 ntohl(hdr.hdr_version), ntohl(hdr.hdr_entries));
1506 if (si->nr_ours || si->nr_theirs) {
1508 alt_shallow_file = setup_temporary_shallow(si->shallow);
1509 argv_array_push(&child.args, "--shallow-file");
1510 argv_array_push(&child.args, alt_shallow_file);
1511 }
1512 if (ntohl(hdr.hdr_entries) < unpack_limit) {
1514 argv_array_pushl(&child.args, "unpack-objects", hdr_arg, NULL);
1515 if (quiet)
1516 argv_array_push(&child.args, "-q");
1517 if (fsck_objects)
1518 argv_array_pushf(&child.args, "--strict%s",
1519 fsck_msg_types.buf);
1520 child.no_stdout = 1;
1521 child.err = err_fd;
1522 child.git_cmd = 1;
1523 status = run_command(&child);
1524 if (status)
1525 return "unpack-objects abnormal exit";
1526 } else {
1527 char hostname[256];
1528 argv_array_pushl(&child.args, "index-pack",
1530 "--stdin", hdr_arg, NULL);
1531 if (gethostname(hostname, sizeof(hostname)))
1533 xsnprintf(hostname, sizeof(hostname), "localhost");
1534 argv_array_pushf(&child.args,
1535 "--keep=receive-pack %"PRIuMAX" on %s",
1536 (uintmax_t)getpid(),
1537 hostname);
1538 if (fsck_objects)
1540 argv_array_pushf(&child.args, "--strict%s",
1541 fsck_msg_types.buf);
1542 if (fix_thin)
1543 argv_array_push(&child.args, "--fix-thin");
1544 child.out = -1;
1545 child.err = err_fd;
1546 child.git_cmd = 1;
1547 status = start_command(&child);
1548 if (status)
1549 return "index-pack fork failed";
1550 pack_lockfile = index_pack_lockfile(child.out);
1551 close(child.out);
1552 status = finish_command(&child);
1553 if (status)
1554 return "index-pack abnormal exit";
1555 reprepare_packed_git();
1556 }
1557 return NULL;
1558}
1559static const char *unpack_with_sideband(struct shallow_info *si)
1561{
1562 struct async muxer;
1563 const char *ret;
1564 if (!use_sideband)
1566 return unpack(0, si);
1567 memset(&muxer, 0, sizeof(muxer));
1569 muxer.proc = copy_to_sideband;
1570 muxer.in = -1;
1571 if (start_async(&muxer))
1572 return NULL;
1573 ret = unpack(muxer.in, si);
1575 finish_async(&muxer);
1577 return ret;
1578}
1579static void prepare_shallow_update(struct command *commands,
1581 struct shallow_info *si)
1582{
1583 int i, j, k, bitmap_size = (si->ref->nr + 31) / 32;
1584 si->used_shallow = xmalloc(sizeof(*si->used_shallow) *
1586 si->shallow->nr);
1587 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
1588 si->need_reachability_test =
1590 xcalloc(si->shallow->nr, sizeof(*si->need_reachability_test));
1591 si->reachable =
1592 xcalloc(si->shallow->nr, sizeof(*si->reachable));
1593 si->shallow_ref = xcalloc(si->ref->nr, sizeof(*si->shallow_ref));
1594 for (i = 0; i < si->nr_ours; i++)
1596 si->need_reachability_test[si->ours[i]] = 1;
1597 for (i = 0; i < si->shallow->nr; i++) {
1599 if (!si->used_shallow[i])
1600 continue;
1601 for (j = 0; j < bitmap_size; j++) {
1602 if (!si->used_shallow[i][j])
1603 continue;
1604 si->need_reachability_test[i]++;
1605 for (k = 0; k < 32; k++)
1606 if (si->used_shallow[i][j] & (1 << k))
1607 si->shallow_ref[j * 32 + k]++;
1608 }
1609 /*
1611 * true for those associated with some refs and belong
1612 * in "ours" list aka "step 7 not done yet"
1613 */
1614 si->need_reachability_test[i] =
1615 si->need_reachability_test[i] > 1;
1616 }
1617 /*
1619 * keep hooks happy by forcing a temporary shallow file via
1620 * env variable because we can't add --shallow-file to every
1621 * command. check_everything_connected() will be done with
1622 * true .git/shallow though.
1623 */
1624 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
1625}
1626static void update_shallow_info(struct command *commands,
1628 struct shallow_info *si,
1629 struct sha1_array *ref)
1630{
1631 struct command *cmd;
1632 int *ref_status;
1633 remove_nonexistent_theirs_shallow(si);
1634 if (!si->nr_ours && !si->nr_theirs) {
1635 shallow_update = 0;
1636 return;
1637 }
1638 for (cmd = commands; cmd; cmd = cmd->next) {
1640 if (is_null_sha1(cmd->new_sha1))
1641 continue;
1642 sha1_array_append(ref, cmd->new_sha1);
1643 cmd->index = ref->nr - 1;
1644 }
1645 si->ref = ref;
1646 if (shallow_update) {
1648 prepare_shallow_update(commands, si);
1649 return;
1650 }
1651 ref_status = xmalloc(sizeof(*ref_status) * ref->nr);
1653 assign_shallow_commits_to_refs(si, NULL, ref_status);
1654 for (cmd = commands; cmd; cmd = cmd->next) {
1655 if (is_null_sha1(cmd->new_sha1))
1656 continue;
1657 if (ref_status[cmd->index]) {
1658 cmd->error_string = "shallow update not allowed";
1659 cmd->skip_update = 1;
1660 }
1661 }
1662 free(ref_status);
1663}
1664static void report(struct command *commands, const char *unpack_status)
1666{
1667 struct command *cmd;
1668 struct strbuf buf = STRBUF_INIT;
1669 packet_buf_write(&buf, "unpack %s\n",
1671 unpack_status ? unpack_status : "ok");
1672 for (cmd = commands; cmd; cmd = cmd->next) {
1673 if (!cmd->error_string)
1674 packet_buf_write(&buf, "ok %s\n",
1675 cmd->ref_name);
1676 else
1677 packet_buf_write(&buf, "ng %s %s\n",
1678 cmd->ref_name, cmd->error_string);
1679 }
1680 packet_buf_flush(&buf);
1681 if (use_sideband)
1683 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
1684 else
1685 write_or_die(1, buf.buf, buf.len);
1686 strbuf_release(&buf);
1687}
1688static int delete_only(struct command *commands)
1690{
1691 struct command *cmd;
1692 for (cmd = commands; cmd; cmd = cmd->next) {
1693 if (!is_null_sha1(cmd->new_sha1))
1694 return 0;
1695 }
1696 return 1;
1697}
1698int cmd_receive_pack(int argc, const char **argv, const char *prefix)
1700{
1701 int advertise_refs = 0;
1702 int i;
1703 struct command *commands;
1704 struct sha1_array shallow = SHA1_ARRAY_INIT;
1705 struct sha1_array ref = SHA1_ARRAY_INIT;
1706 struct shallow_info si;
1707 packet_trace_identity("receive-pack");
1709 argv++;
1711 for (i = 1; i < argc; i++) {
1712 const char *arg = *argv++;
1713 if (*arg == '-') {
1715 if (!strcmp(arg, "--quiet")) {
1716 quiet = 1;
1717 continue;
1718 }
1719 if (!strcmp(arg, "--advertise-refs")) {
1721 advertise_refs = 1;
1722 continue;
1723 }
1724 if (!strcmp(arg, "--stateless-rpc")) {
1725 stateless_rpc = 1;
1726 continue;
1727 }
1728 if (!strcmp(arg, "--reject-thin-pack-for-testing")) {
1729 fix_thin = 0;
1730 continue;
1731 }
1732 usage(receive_pack_usage);
1734 }
1735 if (service_dir)
1736 usage(receive_pack_usage);
1737 service_dir = arg;
1738 }
1739 if (!service_dir)
1740 usage(receive_pack_usage);
1741 setup_path();
1743 if (!enter_repo(service_dir, 0))
1745 die("'%s' does not appear to be a git repository", service_dir);
1746 git_config(receive_pack_config, NULL);
1748 if (cert_nonce_seed)
1749 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
1750 if (0 <= transfer_unpack_limit)
1752 unpack_limit = transfer_unpack_limit;
1753 else if (0 <= receive_unpack_limit)
1754 unpack_limit = receive_unpack_limit;
1755 if (advertise_refs || !stateless_rpc) {
1757 write_head_info();
1758 }
1759 if (advertise_refs)
1760 return 0;
1761 if ((commands = read_head_info(&shallow)) != NULL) {
1763 const char *unpack_status = NULL;
1764 prepare_shallow_info(&si, &shallow);
1766 if (!si.nr_ours && !si.nr_theirs)
1767 shallow_update = 0;
1768 if (!delete_only(commands)) {
1769 unpack_status = unpack_with_sideband(&si);
1770 update_shallow_info(commands, &si, &ref);
1771 }
1772 execute_commands(commands, unpack_status, &si);
1773 if (pack_lockfile)
1774 unlink_or_warn(pack_lockfile);
1775 if (report_status)
1776 report(commands, unpack_status);
1777 run_receive_hook(commands, "post-receive", 1);
1778 run_update_post_hook(commands);
1779 if (auto_gc) {
1780 const char *argv_gc_auto[] = {
1781 "gc", "--auto", "--quiet", NULL,
1782 };
1783 int opt = RUN_GIT_CMD | RUN_COMMAND_STDOUT_TO_STDERR;
1784 run_command_v_opt(argv_gc_auto, opt);
1785 }
1786 if (auto_update_server_info)
1787 update_server_info(0);
1788 clear_shallow_info(&si);
1789 }
1790 if (use_sideband)
1791 packet_flush(1);
1792 sha1_array_clear(&shallow);
1793 sha1_array_clear(&ref);
1794 free((void *)push_cert_nonce);
1795 return 0;
1796}