connect.con commit read-tree: add tests for confusing paths like ".." and ".git" (96b50cc)
   1#include "git-compat-util.h"
   2#include "cache.h"
   3#include "pkt-line.h"
   4#include "quote.h"
   5#include "refs.h"
   6#include "run-command.h"
   7#include "remote.h"
   8#include "connect.h"
   9#include "url.h"
  10#include "string-list.h"
  11
  12static char *server_capabilities;
  13static const char *parse_feature_value(const char *, const char *, int *);
  14
  15static int check_ref(const char *name, int len, unsigned int flags)
  16{
  17        if (!flags)
  18                return 1;
  19
  20        if (len < 5 || memcmp(name, "refs/", 5))
  21                return 0;
  22
  23        /* Skip the "refs/" part */
  24        name += 5;
  25        len -= 5;
  26
  27        /* REF_NORMAL means that we don't want the magic fake tag refs */
  28        if ((flags & REF_NORMAL) && check_refname_format(name, 0))
  29                return 0;
  30
  31        /* REF_HEADS means that we want regular branch heads */
  32        if ((flags & REF_HEADS) && !memcmp(name, "heads/", 6))
  33                return 1;
  34
  35        /* REF_TAGS means that we want tags */
  36        if ((flags & REF_TAGS) && !memcmp(name, "tags/", 5))
  37                return 1;
  38
  39        /* All type bits clear means that we are ok with anything */
  40        return !(flags & ~REF_NORMAL);
  41}
  42
  43int check_ref_type(const struct ref *ref, int flags)
  44{
  45        return check_ref(ref->name, strlen(ref->name), flags);
  46}
  47
  48static void add_extra_have(struct extra_have_objects *extra, unsigned char *sha1)
  49{
  50        ALLOC_GROW(extra->array, extra->nr + 1, extra->alloc);
  51        hashcpy(&(extra->array[extra->nr][0]), sha1);
  52        extra->nr++;
  53}
  54
  55static void die_initial_contact(int got_at_least_one_head)
  56{
  57        if (got_at_least_one_head)
  58                die("The remote end hung up upon initial contact");
  59        else
  60                die("Could not read from remote repository.\n\n"
  61                    "Please make sure you have the correct access rights\n"
  62                    "and the repository exists.");
  63}
  64
  65static void parse_one_symref_info(struct string_list *symref, const char *val, int len)
  66{
  67        char *sym, *target;
  68        struct string_list_item *item;
  69
  70        if (!len)
  71                return; /* just "symref" */
  72        /* e.g. "symref=HEAD:refs/heads/master" */
  73        sym = xmalloc(len + 1);
  74        memcpy(sym, val, len);
  75        sym[len] = '\0';
  76        target = strchr(sym, ':');
  77        if (!target)
  78                /* just "symref=something" */
  79                goto reject;
  80        *(target++) = '\0';
  81        if (check_refname_format(sym, REFNAME_ALLOW_ONELEVEL) ||
  82            check_refname_format(target, REFNAME_ALLOW_ONELEVEL))
  83                /* "symref=bogus:pair */
  84                goto reject;
  85        item = string_list_append(symref, sym);
  86        item->util = target;
  87        return;
  88reject:
  89        free(sym);
  90        return;
  91}
  92
  93static void annotate_refs_with_symref_info(struct ref *ref)
  94{
  95        struct string_list symref = STRING_LIST_INIT_DUP;
  96        const char *feature_list = server_capabilities;
  97
  98        while (feature_list) {
  99                int len;
 100                const char *val;
 101
 102                val = parse_feature_value(feature_list, "symref", &len);
 103                if (!val)
 104                        break;
 105                parse_one_symref_info(&symref, val, len);
 106                feature_list = val + 1;
 107        }
 108        sort_string_list(&symref);
 109
 110        for (; ref; ref = ref->next) {
 111                struct string_list_item *item;
 112                item = string_list_lookup(&symref, ref->name);
 113                if (!item)
 114                        continue;
 115                ref->symref = xstrdup((char *)item->util);
 116        }
 117        string_list_clear(&symref, 0);
 118}
 119
 120/*
 121 * Read all the refs from the other end
 122 */
 123struct ref **get_remote_heads(int in, char *src_buf, size_t src_len,
 124                              struct ref **list, unsigned int flags,
 125                              struct extra_have_objects *extra_have)
 126{
 127        struct ref **orig_list = list;
 128        int got_at_least_one_head = 0;
 129
 130        *list = NULL;
 131        for (;;) {
 132                struct ref *ref;
 133                unsigned char old_sha1[20];
 134                char *name;
 135                int len, name_len;
 136                char *buffer = packet_buffer;
 137
 138                len = packet_read(in, &src_buf, &src_len,
 139                                  packet_buffer, sizeof(packet_buffer),
 140                                  PACKET_READ_GENTLE_ON_EOF |
 141                                  PACKET_READ_CHOMP_NEWLINE);
 142                if (len < 0)
 143                        die_initial_contact(got_at_least_one_head);
 144
 145                if (!len)
 146                        break;
 147
 148                if (len > 4 && !prefixcmp(buffer, "ERR "))
 149                        die("remote error: %s", buffer + 4);
 150
 151                if (len < 42 || get_sha1_hex(buffer, old_sha1) || buffer[40] != ' ')
 152                        die("protocol error: expected sha/ref, got '%s'", buffer);
 153                name = buffer + 41;
 154
 155                name_len = strlen(name);
 156                if (len != name_len + 41) {
 157                        free(server_capabilities);
 158                        server_capabilities = xstrdup(name + name_len + 1);
 159                }
 160
 161                if (extra_have &&
 162                    name_len == 5 && !memcmp(".have", name, 5)) {
 163                        add_extra_have(extra_have, old_sha1);
 164                        continue;
 165                }
 166
 167                if (!check_ref(name, name_len, flags))
 168                        continue;
 169                ref = alloc_ref(buffer + 41);
 170                hashcpy(ref->old_sha1, old_sha1);
 171                *list = ref;
 172                list = &ref->next;
 173                got_at_least_one_head = 1;
 174        }
 175
 176        annotate_refs_with_symref_info(*orig_list);
 177
 178        return list;
 179}
 180
 181static const char *parse_feature_value(const char *feature_list, const char *feature, int *lenp)
 182{
 183        int len;
 184
 185        if (!feature_list)
 186                return NULL;
 187
 188        len = strlen(feature);
 189        while (*feature_list) {
 190                const char *found = strstr(feature_list, feature);
 191                if (!found)
 192                        return NULL;
 193                if (feature_list == found || isspace(found[-1])) {
 194                        const char *value = found + len;
 195                        /* feature with no value (e.g., "thin-pack") */
 196                        if (!*value || isspace(*value)) {
 197                                if (lenp)
 198                                        *lenp = 0;
 199                                return value;
 200                        }
 201                        /* feature with a value (e.g., "agent=git/1.2.3") */
 202                        else if (*value == '=') {
 203                                value++;
 204                                if (lenp)
 205                                        *lenp = strcspn(value, " \t\n");
 206                                return value;
 207                        }
 208                        /*
 209                         * otherwise we matched a substring of another feature;
 210                         * keep looking
 211                         */
 212                }
 213                feature_list = found + 1;
 214        }
 215        return NULL;
 216}
 217
 218int parse_feature_request(const char *feature_list, const char *feature)
 219{
 220        return !!parse_feature_value(feature_list, feature, NULL);
 221}
 222
 223const char *server_feature_value(const char *feature, int *len)
 224{
 225        return parse_feature_value(server_capabilities, feature, len);
 226}
 227
 228int server_supports(const char *feature)
 229{
 230        return !!server_feature_value(feature, NULL);
 231}
 232
 233enum protocol {
 234        PROTO_LOCAL = 1,
 235        PROTO_SSH,
 236        PROTO_GIT
 237};
 238
 239static enum protocol get_protocol(const char *name)
 240{
 241        if (!strcmp(name, "ssh"))
 242                return PROTO_SSH;
 243        if (!strcmp(name, "git"))
 244                return PROTO_GIT;
 245        if (!strcmp(name, "git+ssh"))
 246                return PROTO_SSH;
 247        if (!strcmp(name, "ssh+git"))
 248                return PROTO_SSH;
 249        if (!strcmp(name, "file"))
 250                return PROTO_LOCAL;
 251        die("I don't handle protocol '%s'", name);
 252}
 253
 254#define STR_(s) # s
 255#define STR(s)  STR_(s)
 256
 257static void get_host_and_port(char **host, const char **port)
 258{
 259        char *colon, *end;
 260
 261        if (*host[0] == '[') {
 262                end = strchr(*host + 1, ']');
 263                if (end) {
 264                        *end = 0;
 265                        end++;
 266                        (*host)++;
 267                } else
 268                        end = *host;
 269        } else
 270                end = *host;
 271        colon = strchr(end, ':');
 272
 273        if (colon) {
 274                *colon = 0;
 275                *port = colon + 1;
 276        }
 277}
 278
 279static void enable_keepalive(int sockfd)
 280{
 281        int ka = 1;
 282
 283        if (setsockopt(sockfd, SOL_SOCKET, SO_KEEPALIVE, &ka, sizeof(ka)) < 0)
 284                fprintf(stderr, "unable to set SO_KEEPALIVE on socket: %s\n",
 285                        strerror(errno));
 286}
 287
 288#ifndef NO_IPV6
 289
 290static const char *ai_name(const struct addrinfo *ai)
 291{
 292        static char addr[NI_MAXHOST];
 293        if (getnameinfo(ai->ai_addr, ai->ai_addrlen, addr, sizeof(addr), NULL, 0,
 294                        NI_NUMERICHOST) != 0)
 295                strcpy(addr, "(unknown)");
 296
 297        return addr;
 298}
 299
 300/*
 301 * Returns a connected socket() fd, or else die()s.
 302 */
 303static int git_tcp_connect_sock(char *host, int flags)
 304{
 305        struct strbuf error_message = STRBUF_INIT;
 306        int sockfd = -1;
 307        const char *port = STR(DEFAULT_GIT_PORT);
 308        struct addrinfo hints, *ai0, *ai;
 309        int gai;
 310        int cnt = 0;
 311
 312        get_host_and_port(&host, &port);
 313        if (!*port)
 314                port = "<none>";
 315
 316        memset(&hints, 0, sizeof(hints));
 317        hints.ai_socktype = SOCK_STREAM;
 318        hints.ai_protocol = IPPROTO_TCP;
 319
 320        if (flags & CONNECT_VERBOSE)
 321                fprintf(stderr, "Looking up %s ... ", host);
 322
 323        gai = getaddrinfo(host, port, &hints, &ai);
 324        if (gai)
 325                die("Unable to look up %s (port %s) (%s)", host, port, gai_strerror(gai));
 326
 327        if (flags & CONNECT_VERBOSE)
 328                fprintf(stderr, "done.\nConnecting to %s (port %s) ... ", host, port);
 329
 330        for (ai0 = ai; ai; ai = ai->ai_next, cnt++) {
 331                sockfd = socket(ai->ai_family,
 332                                ai->ai_socktype, ai->ai_protocol);
 333                if ((sockfd < 0) ||
 334                    (connect(sockfd, ai->ai_addr, ai->ai_addrlen) < 0)) {
 335                        strbuf_addf(&error_message, "%s[%d: %s]: errno=%s\n",
 336                                    host, cnt, ai_name(ai), strerror(errno));
 337                        if (0 <= sockfd)
 338                                close(sockfd);
 339                        sockfd = -1;
 340                        continue;
 341                }
 342                if (flags & CONNECT_VERBOSE)
 343                        fprintf(stderr, "%s ", ai_name(ai));
 344                break;
 345        }
 346
 347        freeaddrinfo(ai0);
 348
 349        if (sockfd < 0)
 350                die("unable to connect to %s:\n%s", host, error_message.buf);
 351
 352        enable_keepalive(sockfd);
 353
 354        if (flags & CONNECT_VERBOSE)
 355                fprintf(stderr, "done.\n");
 356
 357        strbuf_release(&error_message);
 358
 359        return sockfd;
 360}
 361
 362#else /* NO_IPV6 */
 363
 364/*
 365 * Returns a connected socket() fd, or else die()s.
 366 */
 367static int git_tcp_connect_sock(char *host, int flags)
 368{
 369        struct strbuf error_message = STRBUF_INIT;
 370        int sockfd = -1;
 371        const char *port = STR(DEFAULT_GIT_PORT);
 372        char *ep;
 373        struct hostent *he;
 374        struct sockaddr_in sa;
 375        char **ap;
 376        unsigned int nport;
 377        int cnt;
 378
 379        get_host_and_port(&host, &port);
 380
 381        if (flags & CONNECT_VERBOSE)
 382                fprintf(stderr, "Looking up %s ... ", host);
 383
 384        he = gethostbyname(host);
 385        if (!he)
 386                die("Unable to look up %s (%s)", host, hstrerror(h_errno));
 387        nport = strtoul(port, &ep, 10);
 388        if ( ep == port || *ep ) {
 389                /* Not numeric */
 390                struct servent *se = getservbyname(port,"tcp");
 391                if ( !se )
 392                        die("Unknown port %s", port);
 393                nport = se->s_port;
 394        }
 395
 396        if (flags & CONNECT_VERBOSE)
 397                fprintf(stderr, "done.\nConnecting to %s (port %s) ... ", host, port);
 398
 399        for (cnt = 0, ap = he->h_addr_list; *ap; ap++, cnt++) {
 400                memset(&sa, 0, sizeof sa);
 401                sa.sin_family = he->h_addrtype;
 402                sa.sin_port = htons(nport);
 403                memcpy(&sa.sin_addr, *ap, he->h_length);
 404
 405                sockfd = socket(he->h_addrtype, SOCK_STREAM, 0);
 406                if ((sockfd < 0) ||
 407                    connect(sockfd, (struct sockaddr *)&sa, sizeof sa) < 0) {
 408                        strbuf_addf(&error_message, "%s[%d: %s]: errno=%s\n",
 409                                host,
 410                                cnt,
 411                                inet_ntoa(*(struct in_addr *)&sa.sin_addr),
 412                                strerror(errno));
 413                        if (0 <= sockfd)
 414                                close(sockfd);
 415                        sockfd = -1;
 416                        continue;
 417                }
 418                if (flags & CONNECT_VERBOSE)
 419                        fprintf(stderr, "%s ",
 420                                inet_ntoa(*(struct in_addr *)&sa.sin_addr));
 421                break;
 422        }
 423
 424        if (sockfd < 0)
 425                die("unable to connect to %s:\n%s", host, error_message.buf);
 426
 427        enable_keepalive(sockfd);
 428
 429        if (flags & CONNECT_VERBOSE)
 430                fprintf(stderr, "done.\n");
 431
 432        return sockfd;
 433}
 434
 435#endif /* NO_IPV6 */
 436
 437
 438static void git_tcp_connect(int fd[2], char *host, int flags)
 439{
 440        int sockfd = git_tcp_connect_sock(host, flags);
 441
 442        fd[0] = sockfd;
 443        fd[1] = dup(sockfd);
 444}
 445
 446
 447static char *git_proxy_command;
 448
 449static int git_proxy_command_options(const char *var, const char *value,
 450                void *cb)
 451{
 452        if (!strcmp(var, "core.gitproxy")) {
 453                const char *for_pos;
 454                int matchlen = -1;
 455                int hostlen;
 456                const char *rhost_name = cb;
 457                int rhost_len = strlen(rhost_name);
 458
 459                if (git_proxy_command)
 460                        return 0;
 461                if (!value)
 462                        return config_error_nonbool(var);
 463                /* [core]
 464                 * ;# matches www.kernel.org as well
 465                 * gitproxy = netcatter-1 for kernel.org
 466                 * gitproxy = netcatter-2 for sample.xz
 467                 * gitproxy = netcatter-default
 468                 */
 469                for_pos = strstr(value, " for ");
 470                if (!for_pos)
 471                        /* matches everybody */
 472                        matchlen = strlen(value);
 473                else {
 474                        hostlen = strlen(for_pos + 5);
 475                        if (rhost_len < hostlen)
 476                                matchlen = -1;
 477                        else if (!strncmp(for_pos + 5,
 478                                          rhost_name + rhost_len - hostlen,
 479                                          hostlen) &&
 480                                 ((rhost_len == hostlen) ||
 481                                  rhost_name[rhost_len - hostlen -1] == '.'))
 482                                matchlen = for_pos - value;
 483                        else
 484                                matchlen = -1;
 485                }
 486                if (0 <= matchlen) {
 487                        /* core.gitproxy = none for kernel.org */
 488                        if (matchlen == 4 &&
 489                            !memcmp(value, "none", 4))
 490                                matchlen = 0;
 491                        git_proxy_command = xmemdupz(value, matchlen);
 492                }
 493                return 0;
 494        }
 495
 496        return git_default_config(var, value, cb);
 497}
 498
 499static int git_use_proxy(const char *host)
 500{
 501        git_proxy_command = getenv("GIT_PROXY_COMMAND");
 502        git_config(git_proxy_command_options, (void*)host);
 503        return (git_proxy_command && *git_proxy_command);
 504}
 505
 506static struct child_process *git_proxy_connect(int fd[2], char *host)
 507{
 508        const char *port = STR(DEFAULT_GIT_PORT);
 509        const char **argv;
 510        struct child_process *proxy;
 511
 512        get_host_and_port(&host, &port);
 513
 514        argv = xmalloc(sizeof(*argv) * 4);
 515        argv[0] = git_proxy_command;
 516        argv[1] = host;
 517        argv[2] = port;
 518        argv[3] = NULL;
 519        proxy = xcalloc(1, sizeof(*proxy));
 520        proxy->argv = argv;
 521        proxy->in = -1;
 522        proxy->out = -1;
 523        if (start_command(proxy))
 524                die("cannot start proxy %s", argv[0]);
 525        fd[0] = proxy->out; /* read from proxy stdout */
 526        fd[1] = proxy->in;  /* write to proxy stdin */
 527        return proxy;
 528}
 529
 530#define MAX_CMD_LEN 1024
 531
 532static char *get_port(char *host)
 533{
 534        char *end;
 535        char *p = strchr(host, ':');
 536
 537        if (p) {
 538                long port = strtol(p + 1, &end, 10);
 539                if (end != p + 1 && *end == '\0' && 0 <= port && port < 65536) {
 540                        *p = '\0';
 541                        return p+1;
 542                }
 543        }
 544
 545        return NULL;
 546}
 547
 548static struct child_process no_fork;
 549
 550/*
 551 * This returns a dummy child_process if the transport protocol does not
 552 * need fork(2), or a struct child_process object if it does.  Once done,
 553 * finish the connection with finish_connect() with the value returned from
 554 * this function (it is safe to call finish_connect() with NULL to support
 555 * the former case).
 556 *
 557 * If it returns, the connect is successful; it just dies on errors (this
 558 * will hopefully be changed in a libification effort, to return NULL when
 559 * the connection failed).
 560 */
 561struct child_process *git_connect(int fd[2], const char *url_orig,
 562                                  const char *prog, int flags)
 563{
 564        char *url;
 565        char *host, *path;
 566        char *end;
 567        int c;
 568        struct child_process *conn = &no_fork;
 569        enum protocol protocol = PROTO_LOCAL;
 570        int free_path = 0;
 571        char *port = NULL;
 572        const char **arg;
 573        struct strbuf cmd;
 574
 575        /* Without this we cannot rely on waitpid() to tell
 576         * what happened to our children.
 577         */
 578        signal(SIGCHLD, SIG_DFL);
 579
 580        if (is_url(url_orig))
 581                url = url_decode(url_orig);
 582        else
 583                url = xstrdup(url_orig);
 584
 585        host = strstr(url, "://");
 586        if (host) {
 587                *host = '\0';
 588                protocol = get_protocol(url);
 589                host += 3;
 590                c = '/';
 591        } else {
 592                host = url;
 593                c = ':';
 594        }
 595
 596        /*
 597         * Don't do destructive transforms with git:// as that
 598         * protocol code does '[]' unwrapping of its own.
 599         */
 600        if (host[0] == '[') {
 601                end = strchr(host + 1, ']');
 602                if (end) {
 603                        if (protocol != PROTO_GIT) {
 604                                *end = 0;
 605                                host++;
 606                        }
 607                        end++;
 608                } else
 609                        end = host;
 610        } else
 611                end = host;
 612
 613        path = strchr(end, c);
 614        if (path && !has_dos_drive_prefix(end)) {
 615                if (c == ':') {
 616                        if (host != url || path < strchrnul(host, '/')) {
 617                                protocol = PROTO_SSH;
 618                                *path++ = '\0';
 619                        } else /* '/' in the host part, assume local path */
 620                                path = end;
 621                }
 622        } else
 623                path = end;
 624
 625        if (!path || !*path)
 626                die("No path specified. See 'man git-pull' for valid url syntax");
 627
 628        /*
 629         * null-terminate hostname and point path to ~ for URL's like this:
 630         *    ssh://host.xz/~user/repo
 631         */
 632        if (protocol != PROTO_LOCAL && host != url) {
 633                char *ptr = path;
 634                if (path[1] == '~')
 635                        path++;
 636                else {
 637                        path = xstrdup(ptr);
 638                        free_path = 1;
 639                }
 640
 641                *ptr = '\0';
 642        }
 643
 644        /*
 645         * Add support for ssh port: ssh://host.xy:<port>/...
 646         */
 647        if (protocol == PROTO_SSH && host != url)
 648                port = get_port(end);
 649
 650        if (protocol == PROTO_GIT) {
 651                /* These underlying connection commands die() if they
 652                 * cannot connect.
 653                 */
 654                char *target_host = xstrdup(host);
 655                if (git_use_proxy(host))
 656                        conn = git_proxy_connect(fd, host);
 657                else
 658                        git_tcp_connect(fd, host, flags);
 659                /*
 660                 * Separate original protocol components prog and path
 661                 * from extended host header with a NUL byte.
 662                 *
 663                 * Note: Do not add any other headers here!  Doing so
 664                 * will cause older git-daemon servers to crash.
 665                 */
 666                packet_write(fd[1],
 667                             "%s %s%chost=%s%c",
 668                             prog, path, 0,
 669                             target_host, 0);
 670                free(target_host);
 671                free(url);
 672                if (free_path)
 673                        free(path);
 674                return conn;
 675        }
 676
 677        conn = xcalloc(1, sizeof(*conn));
 678
 679        strbuf_init(&cmd, MAX_CMD_LEN);
 680        strbuf_addstr(&cmd, prog);
 681        strbuf_addch(&cmd, ' ');
 682        sq_quote_buf(&cmd, path);
 683        if (cmd.len >= MAX_CMD_LEN)
 684                die("command line too long");
 685
 686        conn->in = conn->out = -1;
 687        conn->argv = arg = xcalloc(7, sizeof(*arg));
 688        if (protocol == PROTO_SSH) {
 689                const char *ssh = getenv("GIT_SSH");
 690                int putty = ssh && strcasestr(ssh, "plink");
 691                if (!ssh) ssh = "ssh";
 692
 693                *arg++ = ssh;
 694                if (putty && !strcasestr(ssh, "tortoiseplink"))
 695                        *arg++ = "-batch";
 696                if (port) {
 697                        /* P is for PuTTY, p is for OpenSSH */
 698                        *arg++ = putty ? "-P" : "-p";
 699                        *arg++ = port;
 700                }
 701                *arg++ = host;
 702        }
 703        else {
 704                /* remove repo-local variables from the environment */
 705                conn->env = local_repo_env;
 706                conn->use_shell = 1;
 707        }
 708        *arg++ = cmd.buf;
 709        *arg = NULL;
 710
 711        if (start_command(conn))
 712                die("unable to fork");
 713
 714        fd[0] = conn->out; /* read from child's stdout */
 715        fd[1] = conn->in;  /* write to child's stdin */
 716        strbuf_release(&cmd);
 717        free(url);
 718        if (free_path)
 719                free(path);
 720        return conn;
 721}
 722
 723int git_connection_is_socket(struct child_process *conn)
 724{
 725        return conn == &no_fork;
 726}
 727
 728int finish_connect(struct child_process *conn)
 729{
 730        int code;
 731        if (!conn || git_connection_is_socket(conn))
 732                return 0;
 733
 734        code = finish_command(conn);
 735        free(conn->argv);
 736        free(conn);
 737        return code;
 738}