http.con commit zip: use GIT_SHA1_HEXSZ for trailers (aeecdcd)
   1#include "git-compat-util.h"
   2#include "http.h"
   3#include "pack.h"
   4#include "sideband.h"
   5#include "run-command.h"
   6#include "url.h"
   7#include "urlmatch.h"
   8#include "credential.h"
   9#include "version.h"
  10#include "pkt-line.h"
  11
  12int active_requests;
  13int http_is_verbose;
  14size_t http_post_buffer = 16 * LARGE_PACKET_MAX;
  15
  16#if LIBCURL_VERSION_NUM >= 0x070a06
  17#define LIBCURL_CAN_HANDLE_AUTH_ANY
  18#endif
  19
  20static int min_curl_sessions = 1;
  21static int curl_session_count;
  22#ifdef USE_CURL_MULTI
  23static int max_requests = -1;
  24static CURLM *curlm;
  25#endif
  26#ifndef NO_CURL_EASY_DUPHANDLE
  27static CURL *curl_default;
  28#endif
  29
  30#define PREV_BUF_SIZE 4096
  31#define RANGE_HEADER_SIZE 30
  32
  33char curl_errorstr[CURL_ERROR_SIZE];
  34
  35static int curl_ssl_verify = -1;
  36static int curl_ssl_try;
  37static const char *ssl_cert;
  38#if LIBCURL_VERSION_NUM >= 0x070903
  39static const char *ssl_key;
  40#endif
  41#if LIBCURL_VERSION_NUM >= 0x070908
  42static const char *ssl_capath;
  43#endif
  44static const char *ssl_cainfo;
  45static long curl_low_speed_limit = -1;
  46static long curl_low_speed_time = -1;
  47static int curl_ftp_no_epsv;
  48static const char *curl_http_proxy;
  49static const char *curl_cookie_file;
  50static int curl_save_cookies;
  51struct credential http_auth = CREDENTIAL_INIT;
  52static int http_proactive_auth;
  53static const char *user_agent;
  54
  55#if LIBCURL_VERSION_NUM >= 0x071700
  56/* Use CURLOPT_KEYPASSWD as is */
  57#elif LIBCURL_VERSION_NUM >= 0x070903
  58#define CURLOPT_KEYPASSWD CURLOPT_SSLKEYPASSWD
  59#else
  60#define CURLOPT_KEYPASSWD CURLOPT_SSLCERTPASSWD
  61#endif
  62
  63static struct credential cert_auth = CREDENTIAL_INIT;
  64static int ssl_cert_password_required;
  65#ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
  66static unsigned long http_auth_methods = CURLAUTH_ANY;
  67#endif
  68
  69static struct curl_slist *pragma_header;
  70static struct curl_slist *no_pragma_header;
  71
  72static struct active_request_slot *active_queue_head;
  73
  74size_t fread_buffer(char *ptr, size_t eltsize, size_t nmemb, void *buffer_)
  75{
  76        size_t size = eltsize * nmemb;
  77        struct buffer *buffer = buffer_;
  78
  79        if (size > buffer->buf.len - buffer->posn)
  80                size = buffer->buf.len - buffer->posn;
  81        memcpy(ptr, buffer->buf.buf + buffer->posn, size);
  82        buffer->posn += size;
  83
  84        return size;
  85}
  86
  87#ifndef NO_CURL_IOCTL
  88curlioerr ioctl_buffer(CURL *handle, int cmd, void *clientp)
  89{
  90        struct buffer *buffer = clientp;
  91
  92        switch (cmd) {
  93        case CURLIOCMD_NOP:
  94                return CURLIOE_OK;
  95
  96        case CURLIOCMD_RESTARTREAD:
  97                buffer->posn = 0;
  98                return CURLIOE_OK;
  99
 100        default:
 101                return CURLIOE_UNKNOWNCMD;
 102        }
 103}
 104#endif
 105
 106size_t fwrite_buffer(char *ptr, size_t eltsize, size_t nmemb, void *buffer_)
 107{
 108        size_t size = eltsize * nmemb;
 109        struct strbuf *buffer = buffer_;
 110
 111        strbuf_add(buffer, ptr, size);
 112        return size;
 113}
 114
 115size_t fwrite_null(char *ptr, size_t eltsize, size_t nmemb, void *strbuf)
 116{
 117        return eltsize * nmemb;
 118}
 119
 120#ifdef USE_CURL_MULTI
 121static void process_curl_messages(void)
 122{
 123        int num_messages;
 124        struct active_request_slot *slot;
 125        CURLMsg *curl_message = curl_multi_info_read(curlm, &num_messages);
 126
 127        while (curl_message != NULL) {
 128                if (curl_message->msg == CURLMSG_DONE) {
 129                        int curl_result = curl_message->data.result;
 130                        slot = active_queue_head;
 131                        while (slot != NULL &&
 132                               slot->curl != curl_message->easy_handle)
 133                                slot = slot->next;
 134                        if (slot != NULL) {
 135                                curl_multi_remove_handle(curlm, slot->curl);
 136                                slot->curl_result = curl_result;
 137                                finish_active_slot(slot);
 138                        } else {
 139                                fprintf(stderr, "Received DONE message for unknown request!\n");
 140                        }
 141                } else {
 142                        fprintf(stderr, "Unknown CURL message received: %d\n",
 143                                (int)curl_message->msg);
 144                }
 145                curl_message = curl_multi_info_read(curlm, &num_messages);
 146        }
 147}
 148#endif
 149
 150static int http_options(const char *var, const char *value, void *cb)
 151{
 152        if (!strcmp("http.sslverify", var)) {
 153                curl_ssl_verify = git_config_bool(var, value);
 154                return 0;
 155        }
 156        if (!strcmp("http.sslcert", var))
 157                return git_config_string(&ssl_cert, var, value);
 158#if LIBCURL_VERSION_NUM >= 0x070903
 159        if (!strcmp("http.sslkey", var))
 160                return git_config_string(&ssl_key, var, value);
 161#endif
 162#if LIBCURL_VERSION_NUM >= 0x070908
 163        if (!strcmp("http.sslcapath", var))
 164                return git_config_string(&ssl_capath, var, value);
 165#endif
 166        if (!strcmp("http.sslcainfo", var))
 167                return git_config_string(&ssl_cainfo, var, value);
 168        if (!strcmp("http.sslcertpasswordprotected", var)) {
 169                ssl_cert_password_required = git_config_bool(var, value);
 170                return 0;
 171        }
 172        if (!strcmp("http.ssltry", var)) {
 173                curl_ssl_try = git_config_bool(var, value);
 174                return 0;
 175        }
 176        if (!strcmp("http.minsessions", var)) {
 177                min_curl_sessions = git_config_int(var, value);
 178#ifndef USE_CURL_MULTI
 179                if (min_curl_sessions > 1)
 180                        min_curl_sessions = 1;
 181#endif
 182                return 0;
 183        }
 184#ifdef USE_CURL_MULTI
 185        if (!strcmp("http.maxrequests", var)) {
 186                max_requests = git_config_int(var, value);
 187                return 0;
 188        }
 189#endif
 190        if (!strcmp("http.lowspeedlimit", var)) {
 191                curl_low_speed_limit = (long)git_config_int(var, value);
 192                return 0;
 193        }
 194        if (!strcmp("http.lowspeedtime", var)) {
 195                curl_low_speed_time = (long)git_config_int(var, value);
 196                return 0;
 197        }
 198
 199        if (!strcmp("http.noepsv", var)) {
 200                curl_ftp_no_epsv = git_config_bool(var, value);
 201                return 0;
 202        }
 203        if (!strcmp("http.proxy", var))
 204                return git_config_string(&curl_http_proxy, var, value);
 205
 206        if (!strcmp("http.cookiefile", var))
 207                return git_config_string(&curl_cookie_file, var, value);
 208        if (!strcmp("http.savecookies", var)) {
 209                curl_save_cookies = git_config_bool(var, value);
 210                return 0;
 211        }
 212
 213        if (!strcmp("http.postbuffer", var)) {
 214                http_post_buffer = git_config_int(var, value);
 215                if (http_post_buffer < LARGE_PACKET_MAX)
 216                        http_post_buffer = LARGE_PACKET_MAX;
 217                return 0;
 218        }
 219
 220        if (!strcmp("http.useragent", var))
 221                return git_config_string(&user_agent, var, value);
 222
 223        /* Fall back on the default ones */
 224        return git_default_config(var, value, cb);
 225}
 226
 227static void init_curl_http_auth(CURL *result)
 228{
 229        if (!http_auth.username)
 230                return;
 231
 232        credential_fill(&http_auth);
 233
 234#if LIBCURL_VERSION_NUM >= 0x071301
 235        curl_easy_setopt(result, CURLOPT_USERNAME, http_auth.username);
 236        curl_easy_setopt(result, CURLOPT_PASSWORD, http_auth.password);
 237#else
 238        {
 239                static struct strbuf up = STRBUF_INIT;
 240                /*
 241                 * Note that we assume we only ever have a single set of
 242                 * credentials in a given program run, so we do not have
 243                 * to worry about updating this buffer, only setting its
 244                 * initial value.
 245                 */
 246                if (!up.len)
 247                        strbuf_addf(&up, "%s:%s",
 248                                http_auth.username, http_auth.password);
 249                curl_easy_setopt(result, CURLOPT_USERPWD, up.buf);
 250        }
 251#endif
 252}
 253
 254static int has_cert_password(void)
 255{
 256        if (ssl_cert == NULL || ssl_cert_password_required != 1)
 257                return 0;
 258        if (!cert_auth.password) {
 259                cert_auth.protocol = xstrdup("cert");
 260                cert_auth.username = xstrdup("");
 261                cert_auth.path = xstrdup(ssl_cert);
 262                credential_fill(&cert_auth);
 263        }
 264        return 1;
 265}
 266
 267#if LIBCURL_VERSION_NUM >= 0x071900
 268static void set_curl_keepalive(CURL *c)
 269{
 270        curl_easy_setopt(c, CURLOPT_TCP_KEEPALIVE, 1);
 271}
 272
 273#elif LIBCURL_VERSION_NUM >= 0x071000
 274static int sockopt_callback(void *client, curl_socket_t fd, curlsocktype type)
 275{
 276        int ka = 1;
 277        int rc;
 278        socklen_t len = (socklen_t)sizeof(ka);
 279
 280        if (type != CURLSOCKTYPE_IPCXN)
 281                return 0;
 282
 283        rc = setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, (void *)&ka, len);
 284        if (rc < 0)
 285                warning("unable to set SO_KEEPALIVE on socket %s",
 286                        strerror(errno));
 287
 288        return 0; /* CURL_SOCKOPT_OK only exists since curl 7.21.5 */
 289}
 290
 291static void set_curl_keepalive(CURL *c)
 292{
 293        curl_easy_setopt(c, CURLOPT_SOCKOPTFUNCTION, sockopt_callback);
 294}
 295
 296#else
 297static void set_curl_keepalive(CURL *c)
 298{
 299        /* not supported on older curl versions */
 300}
 301#endif
 302
 303static CURL *get_curl_handle(void)
 304{
 305        CURL *result = curl_easy_init();
 306
 307        if (!result)
 308                die("curl_easy_init failed");
 309
 310        if (!curl_ssl_verify) {
 311                curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 0);
 312                curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 0);
 313        } else {
 314                /* Verify authenticity of the peer's certificate */
 315                curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 1);
 316                /* The name in the cert must match whom we tried to connect */
 317                curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 2);
 318        }
 319
 320#if LIBCURL_VERSION_NUM >= 0x070907
 321        curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
 322#endif
 323#ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
 324        curl_easy_setopt(result, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
 325#endif
 326
 327        if (http_proactive_auth)
 328                init_curl_http_auth(result);
 329
 330        if (ssl_cert != NULL)
 331                curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert);
 332        if (has_cert_password())
 333                curl_easy_setopt(result, CURLOPT_KEYPASSWD, cert_auth.password);
 334#if LIBCURL_VERSION_NUM >= 0x070903
 335        if (ssl_key != NULL)
 336                curl_easy_setopt(result, CURLOPT_SSLKEY, ssl_key);
 337#endif
 338#if LIBCURL_VERSION_NUM >= 0x070908
 339        if (ssl_capath != NULL)
 340                curl_easy_setopt(result, CURLOPT_CAPATH, ssl_capath);
 341#endif
 342        if (ssl_cainfo != NULL)
 343                curl_easy_setopt(result, CURLOPT_CAINFO, ssl_cainfo);
 344
 345        if (curl_low_speed_limit > 0 && curl_low_speed_time > 0) {
 346                curl_easy_setopt(result, CURLOPT_LOW_SPEED_LIMIT,
 347                                 curl_low_speed_limit);
 348                curl_easy_setopt(result, CURLOPT_LOW_SPEED_TIME,
 349                                 curl_low_speed_time);
 350        }
 351
 352        curl_easy_setopt(result, CURLOPT_FOLLOWLOCATION, 1);
 353#if LIBCURL_VERSION_NUM >= 0x071301
 354        curl_easy_setopt(result, CURLOPT_POSTREDIR, CURL_REDIR_POST_ALL);
 355#elif LIBCURL_VERSION_NUM >= 0x071101
 356        curl_easy_setopt(result, CURLOPT_POST301, 1);
 357#endif
 358
 359        if (getenv("GIT_CURL_VERBOSE"))
 360                curl_easy_setopt(result, CURLOPT_VERBOSE, 1);
 361
 362        curl_easy_setopt(result, CURLOPT_USERAGENT,
 363                user_agent ? user_agent : git_user_agent());
 364
 365        if (curl_ftp_no_epsv)
 366                curl_easy_setopt(result, CURLOPT_FTP_USE_EPSV, 0);
 367
 368#ifdef CURLOPT_USE_SSL
 369        if (curl_ssl_try)
 370                curl_easy_setopt(result, CURLOPT_USE_SSL, CURLUSESSL_TRY);
 371#endif
 372
 373        if (curl_http_proxy) {
 374                curl_easy_setopt(result, CURLOPT_PROXY, curl_http_proxy);
 375                curl_easy_setopt(result, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
 376        }
 377
 378        set_curl_keepalive(result);
 379
 380        return result;
 381}
 382
 383static void set_from_env(const char **var, const char *envname)
 384{
 385        const char *val = getenv(envname);
 386        if (val)
 387                *var = val;
 388}
 389
 390void http_init(struct remote *remote, const char *url, int proactive_auth)
 391{
 392        char *low_speed_limit;
 393        char *low_speed_time;
 394        char *normalized_url;
 395        struct urlmatch_config config = { STRING_LIST_INIT_DUP };
 396
 397        config.section = "http";
 398        config.key = NULL;
 399        config.collect_fn = http_options;
 400        config.cascade_fn = git_default_config;
 401        config.cb = NULL;
 402
 403        http_is_verbose = 0;
 404        normalized_url = url_normalize(url, &config.url);
 405
 406        git_config(urlmatch_config_entry, &config);
 407        free(normalized_url);
 408
 409        if (curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK)
 410                die("curl_global_init failed");
 411
 412        http_proactive_auth = proactive_auth;
 413
 414        if (remote && remote->http_proxy)
 415                curl_http_proxy = xstrdup(remote->http_proxy);
 416
 417        pragma_header = curl_slist_append(pragma_header, "Pragma: no-cache");
 418        no_pragma_header = curl_slist_append(no_pragma_header, "Pragma:");
 419
 420#ifdef USE_CURL_MULTI
 421        {
 422                char *http_max_requests = getenv("GIT_HTTP_MAX_REQUESTS");
 423                if (http_max_requests != NULL)
 424                        max_requests = atoi(http_max_requests);
 425        }
 426
 427        curlm = curl_multi_init();
 428        if (!curlm)
 429                die("curl_multi_init failed");
 430#endif
 431
 432        if (getenv("GIT_SSL_NO_VERIFY"))
 433                curl_ssl_verify = 0;
 434
 435        set_from_env(&ssl_cert, "GIT_SSL_CERT");
 436#if LIBCURL_VERSION_NUM >= 0x070903
 437        set_from_env(&ssl_key, "GIT_SSL_KEY");
 438#endif
 439#if LIBCURL_VERSION_NUM >= 0x070908
 440        set_from_env(&ssl_capath, "GIT_SSL_CAPATH");
 441#endif
 442        set_from_env(&ssl_cainfo, "GIT_SSL_CAINFO");
 443
 444        set_from_env(&user_agent, "GIT_HTTP_USER_AGENT");
 445
 446        low_speed_limit = getenv("GIT_HTTP_LOW_SPEED_LIMIT");
 447        if (low_speed_limit != NULL)
 448                curl_low_speed_limit = strtol(low_speed_limit, NULL, 10);
 449        low_speed_time = getenv("GIT_HTTP_LOW_SPEED_TIME");
 450        if (low_speed_time != NULL)
 451                curl_low_speed_time = strtol(low_speed_time, NULL, 10);
 452
 453        if (curl_ssl_verify == -1)
 454                curl_ssl_verify = 1;
 455
 456        curl_session_count = 0;
 457#ifdef USE_CURL_MULTI
 458        if (max_requests < 1)
 459                max_requests = DEFAULT_MAX_REQUESTS;
 460#endif
 461
 462        if (getenv("GIT_CURL_FTP_NO_EPSV"))
 463                curl_ftp_no_epsv = 1;
 464
 465        if (url) {
 466                credential_from_url(&http_auth, url);
 467                if (!ssl_cert_password_required &&
 468                    getenv("GIT_SSL_CERT_PASSWORD_PROTECTED") &&
 469                    starts_with(url, "https://"))
 470                        ssl_cert_password_required = 1;
 471        }
 472
 473#ifndef NO_CURL_EASY_DUPHANDLE
 474        curl_default = get_curl_handle();
 475#endif
 476}
 477
 478void http_cleanup(void)
 479{
 480        struct active_request_slot *slot = active_queue_head;
 481
 482        while (slot != NULL) {
 483                struct active_request_slot *next = slot->next;
 484                if (slot->curl != NULL) {
 485#ifdef USE_CURL_MULTI
 486                        curl_multi_remove_handle(curlm, slot->curl);
 487#endif
 488                        curl_easy_cleanup(slot->curl);
 489                }
 490                free(slot);
 491                slot = next;
 492        }
 493        active_queue_head = NULL;
 494
 495#ifndef NO_CURL_EASY_DUPHANDLE
 496        curl_easy_cleanup(curl_default);
 497#endif
 498
 499#ifdef USE_CURL_MULTI
 500        curl_multi_cleanup(curlm);
 501#endif
 502        curl_global_cleanup();
 503
 504        curl_slist_free_all(pragma_header);
 505        pragma_header = NULL;
 506
 507        curl_slist_free_all(no_pragma_header);
 508        no_pragma_header = NULL;
 509
 510        if (curl_http_proxy) {
 511                free((void *)curl_http_proxy);
 512                curl_http_proxy = NULL;
 513        }
 514
 515        if (cert_auth.password != NULL) {
 516                memset(cert_auth.password, 0, strlen(cert_auth.password));
 517                free(cert_auth.password);
 518                cert_auth.password = NULL;
 519        }
 520        ssl_cert_password_required = 0;
 521}
 522
 523struct active_request_slot *get_active_slot(void)
 524{
 525        struct active_request_slot *slot = active_queue_head;
 526        struct active_request_slot *newslot;
 527
 528#ifdef USE_CURL_MULTI
 529        int num_transfers;
 530
 531        /* Wait for a slot to open up if the queue is full */
 532        while (active_requests >= max_requests) {
 533                curl_multi_perform(curlm, &num_transfers);
 534                if (num_transfers < active_requests)
 535                        process_curl_messages();
 536        }
 537#endif
 538
 539        while (slot != NULL && slot->in_use)
 540                slot = slot->next;
 541
 542        if (slot == NULL) {
 543                newslot = xmalloc(sizeof(*newslot));
 544                newslot->curl = NULL;
 545                newslot->in_use = 0;
 546                newslot->next = NULL;
 547
 548                slot = active_queue_head;
 549                if (slot == NULL) {
 550                        active_queue_head = newslot;
 551                } else {
 552                        while (slot->next != NULL)
 553                                slot = slot->next;
 554                        slot->next = newslot;
 555                }
 556                slot = newslot;
 557        }
 558
 559        if (slot->curl == NULL) {
 560#ifdef NO_CURL_EASY_DUPHANDLE
 561                slot->curl = get_curl_handle();
 562#else
 563                slot->curl = curl_easy_duphandle(curl_default);
 564#endif
 565                curl_session_count++;
 566        }
 567
 568        active_requests++;
 569        slot->in_use = 1;
 570        slot->results = NULL;
 571        slot->finished = NULL;
 572        slot->callback_data = NULL;
 573        slot->callback_func = NULL;
 574        curl_easy_setopt(slot->curl, CURLOPT_COOKIEFILE, curl_cookie_file);
 575        if (curl_save_cookies)
 576                curl_easy_setopt(slot->curl, CURLOPT_COOKIEJAR, curl_cookie_file);
 577        curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, pragma_header);
 578        curl_easy_setopt(slot->curl, CURLOPT_ERRORBUFFER, curl_errorstr);
 579        curl_easy_setopt(slot->curl, CURLOPT_CUSTOMREQUEST, NULL);
 580        curl_easy_setopt(slot->curl, CURLOPT_READFUNCTION, NULL);
 581        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION, NULL);
 582        curl_easy_setopt(slot->curl, CURLOPT_POSTFIELDS, NULL);
 583        curl_easy_setopt(slot->curl, CURLOPT_UPLOAD, 0);
 584        curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
 585        curl_easy_setopt(slot->curl, CURLOPT_FAILONERROR, 1);
 586#ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
 587        curl_easy_setopt(slot->curl, CURLOPT_HTTPAUTH, http_auth_methods);
 588#endif
 589        if (http_auth.password)
 590                init_curl_http_auth(slot->curl);
 591
 592        return slot;
 593}
 594
 595int start_active_slot(struct active_request_slot *slot)
 596{
 597#ifdef USE_CURL_MULTI
 598        CURLMcode curlm_result = curl_multi_add_handle(curlm, slot->curl);
 599        int num_transfers;
 600
 601        if (curlm_result != CURLM_OK &&
 602            curlm_result != CURLM_CALL_MULTI_PERFORM) {
 603                active_requests--;
 604                slot->in_use = 0;
 605                return 0;
 606        }
 607
 608        /*
 609         * We know there must be something to do, since we just added
 610         * something.
 611         */
 612        curl_multi_perform(curlm, &num_transfers);
 613#endif
 614        return 1;
 615}
 616
 617#ifdef USE_CURL_MULTI
 618struct fill_chain {
 619        void *data;
 620        int (*fill)(void *);
 621        struct fill_chain *next;
 622};
 623
 624static struct fill_chain *fill_cfg;
 625
 626void add_fill_function(void *data, int (*fill)(void *))
 627{
 628        struct fill_chain *new = xmalloc(sizeof(*new));
 629        struct fill_chain **linkp = &fill_cfg;
 630        new->data = data;
 631        new->fill = fill;
 632        new->next = NULL;
 633        while (*linkp)
 634                linkp = &(*linkp)->next;
 635        *linkp = new;
 636}
 637
 638void fill_active_slots(void)
 639{
 640        struct active_request_slot *slot = active_queue_head;
 641
 642        while (active_requests < max_requests) {
 643                struct fill_chain *fill;
 644                for (fill = fill_cfg; fill; fill = fill->next)
 645                        if (fill->fill(fill->data))
 646                                break;
 647
 648                if (!fill)
 649                        break;
 650        }
 651
 652        while (slot != NULL) {
 653                if (!slot->in_use && slot->curl != NULL
 654                        && curl_session_count > min_curl_sessions) {
 655                        curl_easy_cleanup(slot->curl);
 656                        slot->curl = NULL;
 657                        curl_session_count--;
 658                }
 659                slot = slot->next;
 660        }
 661}
 662
 663void step_active_slots(void)
 664{
 665        int num_transfers;
 666        CURLMcode curlm_result;
 667
 668        do {
 669                curlm_result = curl_multi_perform(curlm, &num_transfers);
 670        } while (curlm_result == CURLM_CALL_MULTI_PERFORM);
 671        if (num_transfers < active_requests) {
 672                process_curl_messages();
 673                fill_active_slots();
 674        }
 675}
 676#endif
 677
 678void run_active_slot(struct active_request_slot *slot)
 679{
 680#ifdef USE_CURL_MULTI
 681        fd_set readfds;
 682        fd_set writefds;
 683        fd_set excfds;
 684        int max_fd;
 685        struct timeval select_timeout;
 686        int finished = 0;
 687
 688        slot->finished = &finished;
 689        while (!finished) {
 690                step_active_slots();
 691
 692                if (slot->in_use) {
 693#if LIBCURL_VERSION_NUM >= 0x070f04
 694                        long curl_timeout;
 695                        curl_multi_timeout(curlm, &curl_timeout);
 696                        if (curl_timeout == 0) {
 697                                continue;
 698                        } else if (curl_timeout == -1) {
 699                                select_timeout.tv_sec  = 0;
 700                                select_timeout.tv_usec = 50000;
 701                        } else {
 702                                select_timeout.tv_sec  =  curl_timeout / 1000;
 703                                select_timeout.tv_usec = (curl_timeout % 1000) * 1000;
 704                        }
 705#else
 706                        select_timeout.tv_sec  = 0;
 707                        select_timeout.tv_usec = 50000;
 708#endif
 709
 710                        max_fd = -1;
 711                        FD_ZERO(&readfds);
 712                        FD_ZERO(&writefds);
 713                        FD_ZERO(&excfds);
 714                        curl_multi_fdset(curlm, &readfds, &writefds, &excfds, &max_fd);
 715
 716                        /*
 717                         * It can happen that curl_multi_timeout returns a pathologically
 718                         * long timeout when curl_multi_fdset returns no file descriptors
 719                         * to read.  See commit message for more details.
 720                         */
 721                        if (max_fd < 0 &&
 722                            (select_timeout.tv_sec > 0 ||
 723                             select_timeout.tv_usec > 50000)) {
 724                                select_timeout.tv_sec  = 0;
 725                                select_timeout.tv_usec = 50000;
 726                        }
 727
 728                        select(max_fd+1, &readfds, &writefds, &excfds, &select_timeout);
 729                }
 730        }
 731#else
 732        while (slot->in_use) {
 733                slot->curl_result = curl_easy_perform(slot->curl);
 734                finish_active_slot(slot);
 735        }
 736#endif
 737}
 738
 739static void closedown_active_slot(struct active_request_slot *slot)
 740{
 741        active_requests--;
 742        slot->in_use = 0;
 743}
 744
 745static void release_active_slot(struct active_request_slot *slot)
 746{
 747        closedown_active_slot(slot);
 748        if (slot->curl && curl_session_count > min_curl_sessions) {
 749#ifdef USE_CURL_MULTI
 750                curl_multi_remove_handle(curlm, slot->curl);
 751#endif
 752                curl_easy_cleanup(slot->curl);
 753                slot->curl = NULL;
 754                curl_session_count--;
 755        }
 756#ifdef USE_CURL_MULTI
 757        fill_active_slots();
 758#endif
 759}
 760
 761void finish_active_slot(struct active_request_slot *slot)
 762{
 763        closedown_active_slot(slot);
 764        curl_easy_getinfo(slot->curl, CURLINFO_HTTP_CODE, &slot->http_code);
 765
 766        if (slot->finished != NULL)
 767                (*slot->finished) = 1;
 768
 769        /* Store slot results so they can be read after the slot is reused */
 770        if (slot->results != NULL) {
 771                slot->results->curl_result = slot->curl_result;
 772                slot->results->http_code = slot->http_code;
 773#if LIBCURL_VERSION_NUM >= 0x070a08
 774                curl_easy_getinfo(slot->curl, CURLINFO_HTTPAUTH_AVAIL,
 775                                  &slot->results->auth_avail);
 776#else
 777                slot->results->auth_avail = 0;
 778#endif
 779        }
 780
 781        /* Run callback if appropriate */
 782        if (slot->callback_func != NULL)
 783                slot->callback_func(slot->callback_data);
 784}
 785
 786void finish_all_active_slots(void)
 787{
 788        struct active_request_slot *slot = active_queue_head;
 789
 790        while (slot != NULL)
 791                if (slot->in_use) {
 792                        run_active_slot(slot);
 793                        slot = active_queue_head;
 794                } else {
 795                        slot = slot->next;
 796                }
 797}
 798
 799/* Helpers for modifying and creating URLs */
 800static inline int needs_quote(int ch)
 801{
 802        if (((ch >= 'A') && (ch <= 'Z'))
 803                        || ((ch >= 'a') && (ch <= 'z'))
 804                        || ((ch >= '0') && (ch <= '9'))
 805                        || (ch == '/')
 806                        || (ch == '-')
 807                        || (ch == '.'))
 808                return 0;
 809        return 1;
 810}
 811
 812static char *quote_ref_url(const char *base, const char *ref)
 813{
 814        struct strbuf buf = STRBUF_INIT;
 815        const char *cp;
 816        int ch;
 817
 818        end_url_with_slash(&buf, base);
 819
 820        for (cp = ref; (ch = *cp) != 0; cp++)
 821                if (needs_quote(ch))
 822                        strbuf_addf(&buf, "%%%02x", ch);
 823                else
 824                        strbuf_addch(&buf, *cp);
 825
 826        return strbuf_detach(&buf, NULL);
 827}
 828
 829void append_remote_object_url(struct strbuf *buf, const char *url,
 830                              const char *hex,
 831                              int only_two_digit_prefix)
 832{
 833        end_url_with_slash(buf, url);
 834
 835        strbuf_addf(buf, "objects/%.*s/", 2, hex);
 836        if (!only_two_digit_prefix)
 837                strbuf_addf(buf, "%s", hex+2);
 838}
 839
 840char *get_remote_object_url(const char *url, const char *hex,
 841                            int only_two_digit_prefix)
 842{
 843        struct strbuf buf = STRBUF_INIT;
 844        append_remote_object_url(&buf, url, hex, only_two_digit_prefix);
 845        return strbuf_detach(&buf, NULL);
 846}
 847
 848int handle_curl_result(struct slot_results *results)
 849{
 850        /*
 851         * If we see a failing http code with CURLE_OK, we have turned off
 852         * FAILONERROR (to keep the server's custom error response), and should
 853         * translate the code into failure here.
 854         */
 855        if (results->curl_result == CURLE_OK &&
 856            results->http_code >= 400) {
 857                results->curl_result = CURLE_HTTP_RETURNED_ERROR;
 858                /*
 859                 * Normally curl will already have put the "reason phrase"
 860                 * from the server into curl_errorstr; unfortunately without
 861                 * FAILONERROR it is lost, so we can give only the numeric
 862                 * status code.
 863                 */
 864                snprintf(curl_errorstr, sizeof(curl_errorstr),
 865                         "The requested URL returned error: %ld",
 866                         results->http_code);
 867        }
 868
 869        if (results->curl_result == CURLE_OK) {
 870                credential_approve(&http_auth);
 871                return HTTP_OK;
 872        } else if (missing_target(results))
 873                return HTTP_MISSING_TARGET;
 874        else if (results->http_code == 401) {
 875                if (http_auth.username && http_auth.password) {
 876                        credential_reject(&http_auth);
 877                        return HTTP_NOAUTH;
 878                } else {
 879#ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
 880                        http_auth_methods &= ~CURLAUTH_GSSNEGOTIATE;
 881#endif
 882                        return HTTP_REAUTH;
 883                }
 884        } else {
 885#if LIBCURL_VERSION_NUM >= 0x070c00
 886                if (!curl_errorstr[0])
 887                        strlcpy(curl_errorstr,
 888                                curl_easy_strerror(results->curl_result),
 889                                sizeof(curl_errorstr));
 890#endif
 891                return HTTP_ERROR;
 892        }
 893}
 894
 895int run_one_slot(struct active_request_slot *slot,
 896                 struct slot_results *results)
 897{
 898        slot->results = results;
 899        if (!start_active_slot(slot)) {
 900                snprintf(curl_errorstr, sizeof(curl_errorstr),
 901                         "failed to start HTTP request");
 902                return HTTP_START_FAILED;
 903        }
 904
 905        run_active_slot(slot);
 906        return handle_curl_result(results);
 907}
 908
 909static CURLcode curlinfo_strbuf(CURL *curl, CURLINFO info, struct strbuf *buf)
 910{
 911        char *ptr;
 912        CURLcode ret;
 913
 914        strbuf_reset(buf);
 915        ret = curl_easy_getinfo(curl, info, &ptr);
 916        if (!ret && ptr)
 917                strbuf_addstr(buf, ptr);
 918        return ret;
 919}
 920
 921/*
 922 * Check for and extract a content-type parameter. "raw"
 923 * should be positioned at the start of the potential
 924 * parameter, with any whitespace already removed.
 925 *
 926 * "name" is the name of the parameter. The value is appended
 927 * to "out".
 928 */
 929static int extract_param(const char *raw, const char *name,
 930                         struct strbuf *out)
 931{
 932        size_t len = strlen(name);
 933
 934        if (strncasecmp(raw, name, len))
 935                return -1;
 936        raw += len;
 937
 938        if (*raw != '=')
 939                return -1;
 940        raw++;
 941
 942        while (*raw && !isspace(*raw) && *raw != ';')
 943                strbuf_addch(out, *raw++);
 944        return 0;
 945}
 946
 947/*
 948 * Extract a normalized version of the content type, with any
 949 * spaces suppressed, all letters lowercased, and no trailing ";"
 950 * or parameters.
 951 *
 952 * Note that we will silently remove even invalid whitespace. For
 953 * example, "text / plain" is specifically forbidden by RFC 2616,
 954 * but "text/plain" is the only reasonable output, and this keeps
 955 * our code simple.
 956 *
 957 * If the "charset" argument is not NULL, store the value of any
 958 * charset parameter there.
 959 *
 960 * Example:
 961 *   "TEXT/PLAIN; charset=utf-8" -> "text/plain", "utf-8"
 962 *   "text / plain" -> "text/plain"
 963 */
 964static void extract_content_type(struct strbuf *raw, struct strbuf *type,
 965                                 struct strbuf *charset)
 966{
 967        const char *p;
 968
 969        strbuf_reset(type);
 970        strbuf_grow(type, raw->len);
 971        for (p = raw->buf; *p; p++) {
 972                if (isspace(*p))
 973                        continue;
 974                if (*p == ';') {
 975                        p++;
 976                        break;
 977                }
 978                strbuf_addch(type, tolower(*p));
 979        }
 980
 981        if (!charset)
 982                return;
 983
 984        strbuf_reset(charset);
 985        while (*p) {
 986                while (isspace(*p) || *p == ';')
 987                        p++;
 988                if (!extract_param(p, "charset", charset))
 989                        return;
 990                while (*p && !isspace(*p))
 991                        p++;
 992        }
 993
 994        if (!charset->len && starts_with(type->buf, "text/"))
 995                strbuf_addstr(charset, "ISO-8859-1");
 996}
 997
 998
 999/* http_request() targets */
1000#define HTTP_REQUEST_STRBUF     0
1001#define HTTP_REQUEST_FILE       1
1002
1003static int http_request(const char *url,
1004                        void *result, int target,
1005                        const struct http_get_options *options)
1006{
1007        struct active_request_slot *slot;
1008        struct slot_results results;
1009        struct curl_slist *headers = NULL;
1010        struct strbuf buf = STRBUF_INIT;
1011        int ret;
1012
1013        slot = get_active_slot();
1014        curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
1015
1016        if (result == NULL) {
1017                curl_easy_setopt(slot->curl, CURLOPT_NOBODY, 1);
1018        } else {
1019                curl_easy_setopt(slot->curl, CURLOPT_NOBODY, 0);
1020                curl_easy_setopt(slot->curl, CURLOPT_FILE, result);
1021
1022                if (target == HTTP_REQUEST_FILE) {
1023                        long posn = ftell(result);
1024                        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
1025                                         fwrite);
1026                        if (posn > 0) {
1027                                strbuf_addf(&buf, "Range: bytes=%ld-", posn);
1028                                headers = curl_slist_append(headers, buf.buf);
1029                                strbuf_reset(&buf);
1030                        }
1031                } else
1032                        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
1033                                         fwrite_buffer);
1034        }
1035
1036        strbuf_addstr(&buf, "Pragma:");
1037        if (options && options->no_cache)
1038                strbuf_addstr(&buf, " no-cache");
1039        if (options && options->keep_error)
1040                curl_easy_setopt(slot->curl, CURLOPT_FAILONERROR, 0);
1041
1042        headers = curl_slist_append(headers, buf.buf);
1043
1044        curl_easy_setopt(slot->curl, CURLOPT_URL, url);
1045        curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, headers);
1046        curl_easy_setopt(slot->curl, CURLOPT_ENCODING, "gzip");
1047
1048        ret = run_one_slot(slot, &results);
1049
1050        if (options && options->content_type) {
1051                struct strbuf raw = STRBUF_INIT;
1052                curlinfo_strbuf(slot->curl, CURLINFO_CONTENT_TYPE, &raw);
1053                extract_content_type(&raw, options->content_type,
1054                                     options->charset);
1055                strbuf_release(&raw);
1056        }
1057
1058        if (options && options->effective_url)
1059                curlinfo_strbuf(slot->curl, CURLINFO_EFFECTIVE_URL,
1060                                options->effective_url);
1061
1062        curl_slist_free_all(headers);
1063        strbuf_release(&buf);
1064
1065        return ret;
1066}
1067
1068/*
1069 * Update the "base" url to a more appropriate value, as deduced by
1070 * redirects seen when requesting a URL starting with "url".
1071 *
1072 * The "asked" parameter is a URL that we asked curl to access, and must begin
1073 * with "base".
1074 *
1075 * The "got" parameter is the URL that curl reported to us as where we ended
1076 * up.
1077 *
1078 * Returns 1 if we updated the base url, 0 otherwise.
1079 *
1080 * Our basic strategy is to compare "base" and "asked" to find the bits
1081 * specific to our request. We then strip those bits off of "got" to yield the
1082 * new base. So for example, if our base is "http://example.com/foo.git",
1083 * and we ask for "http://example.com/foo.git/info/refs", we might end up
1084 * with "https://other.example.com/foo.git/info/refs". We would want the
1085 * new URL to become "https://other.example.com/foo.git".
1086 *
1087 * Note that this assumes a sane redirect scheme. It's entirely possible
1088 * in the example above to end up at a URL that does not even end in
1089 * "info/refs".  In such a case we simply punt, as there is not much we can
1090 * do (and such a scheme is unlikely to represent a real git repository,
1091 * which means we are likely about to abort anyway).
1092 */
1093static int update_url_from_redirect(struct strbuf *base,
1094                                    const char *asked,
1095                                    const struct strbuf *got)
1096{
1097        const char *tail;
1098        size_t tail_len;
1099
1100        if (!strcmp(asked, got->buf))
1101                return 0;
1102
1103        if (!skip_prefix(asked, base->buf, &tail))
1104                die("BUG: update_url_from_redirect: %s is not a superset of %s",
1105                    asked, base->buf);
1106
1107        tail_len = strlen(tail);
1108
1109        if (got->len < tail_len ||
1110            strcmp(tail, got->buf + got->len - tail_len))
1111                return 0; /* insane redirect scheme */
1112
1113        strbuf_reset(base);
1114        strbuf_add(base, got->buf, got->len - tail_len);
1115        return 1;
1116}
1117
1118static int http_request_reauth(const char *url,
1119                               void *result, int target,
1120                               struct http_get_options *options)
1121{
1122        int ret = http_request(url, result, target, options);
1123
1124        if (options && options->effective_url && options->base_url) {
1125                if (update_url_from_redirect(options->base_url,
1126                                             url, options->effective_url)) {
1127                        credential_from_url(&http_auth, options->base_url->buf);
1128                        url = options->effective_url->buf;
1129                }
1130        }
1131
1132        if (ret != HTTP_REAUTH)
1133                return ret;
1134
1135        /*
1136         * If we are using KEEP_ERROR, the previous request may have
1137         * put cruft into our output stream; we should clear it out before
1138         * making our next request. We only know how to do this for
1139         * the strbuf case, but that is enough to satisfy current callers.
1140         */
1141        if (options && options->keep_error) {
1142                switch (target) {
1143                case HTTP_REQUEST_STRBUF:
1144                        strbuf_reset(result);
1145                        break;
1146                default:
1147                        die("BUG: HTTP_KEEP_ERROR is only supported with strbufs");
1148                }
1149        }
1150
1151        credential_fill(&http_auth);
1152
1153        return http_request(url, result, target, options);
1154}
1155
1156int http_get_strbuf(const char *url,
1157                    struct strbuf *result,
1158                    struct http_get_options *options)
1159{
1160        return http_request_reauth(url, result, HTTP_REQUEST_STRBUF, options);
1161}
1162
1163/*
1164 * Downloads a URL and stores the result in the given file.
1165 *
1166 * If a previous interrupted download is detected (i.e. a previous temporary
1167 * file is still around) the download is resumed.
1168 */
1169static int http_get_file(const char *url, const char *filename,
1170                         struct http_get_options *options)
1171{
1172        int ret;
1173        struct strbuf tmpfile = STRBUF_INIT;
1174        FILE *result;
1175
1176        strbuf_addf(&tmpfile, "%s.temp", filename);
1177        result = fopen(tmpfile.buf, "a");
1178        if (!result) {
1179                error("Unable to open local file %s", tmpfile.buf);
1180                ret = HTTP_ERROR;
1181                goto cleanup;
1182        }
1183
1184        ret = http_request_reauth(url, result, HTTP_REQUEST_FILE, options);
1185        fclose(result);
1186
1187        if (ret == HTTP_OK && move_temp_to_file(tmpfile.buf, filename))
1188                ret = HTTP_ERROR;
1189cleanup:
1190        strbuf_release(&tmpfile);
1191        return ret;
1192}
1193
1194int http_fetch_ref(const char *base, struct ref *ref)
1195{
1196        struct http_get_options options = {0};
1197        char *url;
1198        struct strbuf buffer = STRBUF_INIT;
1199        int ret = -1;
1200
1201        options.no_cache = 1;
1202
1203        url = quote_ref_url(base, ref->name);
1204        if (http_get_strbuf(url, &buffer, &options) == HTTP_OK) {
1205                strbuf_rtrim(&buffer);
1206                if (buffer.len == 40)
1207                        ret = get_sha1_hex(buffer.buf, ref->old_sha1);
1208                else if (starts_with(buffer.buf, "ref: ")) {
1209                        ref->symref = xstrdup(buffer.buf + 5);
1210                        ret = 0;
1211                }
1212        }
1213
1214        strbuf_release(&buffer);
1215        free(url);
1216        return ret;
1217}
1218
1219/* Helpers for fetching packs */
1220static char *fetch_pack_index(unsigned char *sha1, const char *base_url)
1221{
1222        char *url, *tmp;
1223        struct strbuf buf = STRBUF_INIT;
1224
1225        if (http_is_verbose)
1226                fprintf(stderr, "Getting index for pack %s\n", sha1_to_hex(sha1));
1227
1228        end_url_with_slash(&buf, base_url);
1229        strbuf_addf(&buf, "objects/pack/pack-%s.idx", sha1_to_hex(sha1));
1230        url = strbuf_detach(&buf, NULL);
1231
1232        strbuf_addf(&buf, "%s.temp", sha1_pack_index_name(sha1));
1233        tmp = strbuf_detach(&buf, NULL);
1234
1235        if (http_get_file(url, tmp, NULL) != HTTP_OK) {
1236                error("Unable to get pack index %s", url);
1237                free(tmp);
1238                tmp = NULL;
1239        }
1240
1241        free(url);
1242        return tmp;
1243}
1244
1245static int fetch_and_setup_pack_index(struct packed_git **packs_head,
1246        unsigned char *sha1, const char *base_url)
1247{
1248        struct packed_git *new_pack;
1249        char *tmp_idx = NULL;
1250        int ret;
1251
1252        if (has_pack_index(sha1)) {
1253                new_pack = parse_pack_index(sha1, sha1_pack_index_name(sha1));
1254                if (!new_pack)
1255                        return -1; /* parse_pack_index() already issued error message */
1256                goto add_pack;
1257        }
1258
1259        tmp_idx = fetch_pack_index(sha1, base_url);
1260        if (!tmp_idx)
1261                return -1;
1262
1263        new_pack = parse_pack_index(sha1, tmp_idx);
1264        if (!new_pack) {
1265                unlink(tmp_idx);
1266                free(tmp_idx);
1267
1268                return -1; /* parse_pack_index() already issued error message */
1269        }
1270
1271        ret = verify_pack_index(new_pack);
1272        if (!ret) {
1273                close_pack_index(new_pack);
1274                ret = move_temp_to_file(tmp_idx, sha1_pack_index_name(sha1));
1275        }
1276        free(tmp_idx);
1277        if (ret)
1278                return -1;
1279
1280add_pack:
1281        new_pack->next = *packs_head;
1282        *packs_head = new_pack;
1283        return 0;
1284}
1285
1286int http_get_info_packs(const char *base_url, struct packed_git **packs_head)
1287{
1288        struct http_get_options options = {0};
1289        int ret = 0, i = 0;
1290        char *url, *data;
1291        struct strbuf buf = STRBUF_INIT;
1292        unsigned char sha1[20];
1293
1294        end_url_with_slash(&buf, base_url);
1295        strbuf_addstr(&buf, "objects/info/packs");
1296        url = strbuf_detach(&buf, NULL);
1297
1298        options.no_cache = 1;
1299        ret = http_get_strbuf(url, &buf, &options);
1300        if (ret != HTTP_OK)
1301                goto cleanup;
1302
1303        data = buf.buf;
1304        while (i < buf.len) {
1305                switch (data[i]) {
1306                case 'P':
1307                        i++;
1308                        if (i + 52 <= buf.len &&
1309                            starts_with(data + i, " pack-") &&
1310                            starts_with(data + i + 46, ".pack\n")) {
1311                                get_sha1_hex(data + i + 6, sha1);
1312                                fetch_and_setup_pack_index(packs_head, sha1,
1313                                                      base_url);
1314                                i += 51;
1315                                break;
1316                        }
1317                default:
1318                        while (i < buf.len && data[i] != '\n')
1319                                i++;
1320                }
1321                i++;
1322        }
1323
1324cleanup:
1325        free(url);
1326        return ret;
1327}
1328
1329void release_http_pack_request(struct http_pack_request *preq)
1330{
1331        if (preq->packfile != NULL) {
1332                fclose(preq->packfile);
1333                preq->packfile = NULL;
1334        }
1335        if (preq->range_header != NULL) {
1336                curl_slist_free_all(preq->range_header);
1337                preq->range_header = NULL;
1338        }
1339        preq->slot = NULL;
1340        free(preq->url);
1341}
1342
1343int finish_http_pack_request(struct http_pack_request *preq)
1344{
1345        struct packed_git **lst;
1346        struct packed_git *p = preq->target;
1347        char *tmp_idx;
1348        struct child_process ip = CHILD_PROCESS_INIT;
1349        const char *ip_argv[8];
1350
1351        close_pack_index(p);
1352
1353        fclose(preq->packfile);
1354        preq->packfile = NULL;
1355
1356        lst = preq->lst;
1357        while (*lst != p)
1358                lst = &((*lst)->next);
1359        *lst = (*lst)->next;
1360
1361        tmp_idx = xstrdup(preq->tmpfile);
1362        strcpy(tmp_idx + strlen(tmp_idx) - strlen(".pack.temp"),
1363               ".idx.temp");
1364
1365        ip_argv[0] = "index-pack";
1366        ip_argv[1] = "-o";
1367        ip_argv[2] = tmp_idx;
1368        ip_argv[3] = preq->tmpfile;
1369        ip_argv[4] = NULL;
1370
1371        ip.argv = ip_argv;
1372        ip.git_cmd = 1;
1373        ip.no_stdin = 1;
1374        ip.no_stdout = 1;
1375
1376        if (run_command(&ip)) {
1377                unlink(preq->tmpfile);
1378                unlink(tmp_idx);
1379                free(tmp_idx);
1380                return -1;
1381        }
1382
1383        unlink(sha1_pack_index_name(p->sha1));
1384
1385        if (move_temp_to_file(preq->tmpfile, sha1_pack_name(p->sha1))
1386         || move_temp_to_file(tmp_idx, sha1_pack_index_name(p->sha1))) {
1387                free(tmp_idx);
1388                return -1;
1389        }
1390
1391        install_packed_git(p);
1392        free(tmp_idx);
1393        return 0;
1394}
1395
1396struct http_pack_request *new_http_pack_request(
1397        struct packed_git *target, const char *base_url)
1398{
1399        long prev_posn = 0;
1400        char range[RANGE_HEADER_SIZE];
1401        struct strbuf buf = STRBUF_INIT;
1402        struct http_pack_request *preq;
1403
1404        preq = xcalloc(1, sizeof(*preq));
1405        preq->target = target;
1406
1407        end_url_with_slash(&buf, base_url);
1408        strbuf_addf(&buf, "objects/pack/pack-%s.pack",
1409                sha1_to_hex(target->sha1));
1410        preq->url = strbuf_detach(&buf, NULL);
1411
1412        snprintf(preq->tmpfile, sizeof(preq->tmpfile), "%s.temp",
1413                sha1_pack_name(target->sha1));
1414        preq->packfile = fopen(preq->tmpfile, "a");
1415        if (!preq->packfile) {
1416                error("Unable to open local file %s for pack",
1417                      preq->tmpfile);
1418                goto abort;
1419        }
1420
1421        preq->slot = get_active_slot();
1422        curl_easy_setopt(preq->slot->curl, CURLOPT_FILE, preq->packfile);
1423        curl_easy_setopt(preq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite);
1424        curl_easy_setopt(preq->slot->curl, CURLOPT_URL, preq->url);
1425        curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
1426                no_pragma_header);
1427
1428        /*
1429         * If there is data present from a previous transfer attempt,
1430         * resume where it left off
1431         */
1432        prev_posn = ftell(preq->packfile);
1433        if (prev_posn>0) {
1434                if (http_is_verbose)
1435                        fprintf(stderr,
1436                                "Resuming fetch of pack %s at byte %ld\n",
1437                                sha1_to_hex(target->sha1), prev_posn);
1438                sprintf(range, "Range: bytes=%ld-", prev_posn);
1439                preq->range_header = curl_slist_append(NULL, range);
1440                curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
1441                        preq->range_header);
1442        }
1443
1444        return preq;
1445
1446abort:
1447        free(preq->url);
1448        free(preq);
1449        return NULL;
1450}
1451
1452/* Helpers for fetching objects (loose) */
1453static size_t fwrite_sha1_file(char *ptr, size_t eltsize, size_t nmemb,
1454                               void *data)
1455{
1456        unsigned char expn[4096];
1457        size_t size = eltsize * nmemb;
1458        int posn = 0;
1459        struct http_object_request *freq =
1460                (struct http_object_request *)data;
1461        do {
1462                ssize_t retval = xwrite(freq->localfile,
1463                                        (char *) ptr + posn, size - posn);
1464                if (retval < 0)
1465                        return posn;
1466                posn += retval;
1467        } while (posn < size);
1468
1469        freq->stream.avail_in = size;
1470        freq->stream.next_in = (void *)ptr;
1471        do {
1472                freq->stream.next_out = expn;
1473                freq->stream.avail_out = sizeof(expn);
1474                freq->zret = git_inflate(&freq->stream, Z_SYNC_FLUSH);
1475                git_SHA1_Update(&freq->c, expn,
1476                                sizeof(expn) - freq->stream.avail_out);
1477        } while (freq->stream.avail_in && freq->zret == Z_OK);
1478        return size;
1479}
1480
1481struct http_object_request *new_http_object_request(const char *base_url,
1482        unsigned char *sha1)
1483{
1484        char *hex = sha1_to_hex(sha1);
1485        const char *filename;
1486        char prevfile[PATH_MAX];
1487        int prevlocal;
1488        char prev_buf[PREV_BUF_SIZE];
1489        ssize_t prev_read = 0;
1490        long prev_posn = 0;
1491        char range[RANGE_HEADER_SIZE];
1492        struct curl_slist *range_header = NULL;
1493        struct http_object_request *freq;
1494
1495        freq = xcalloc(1, sizeof(*freq));
1496        hashcpy(freq->sha1, sha1);
1497        freq->localfile = -1;
1498
1499        filename = sha1_file_name(sha1);
1500        snprintf(freq->tmpfile, sizeof(freq->tmpfile),
1501                 "%s.temp", filename);
1502
1503        snprintf(prevfile, sizeof(prevfile), "%s.prev", filename);
1504        unlink_or_warn(prevfile);
1505        rename(freq->tmpfile, prevfile);
1506        unlink_or_warn(freq->tmpfile);
1507
1508        if (freq->localfile != -1)
1509                error("fd leakage in start: %d", freq->localfile);
1510        freq->localfile = open(freq->tmpfile,
1511                               O_WRONLY | O_CREAT | O_EXCL, 0666);
1512        /*
1513         * This could have failed due to the "lazy directory creation";
1514         * try to mkdir the last path component.
1515         */
1516        if (freq->localfile < 0 && errno == ENOENT) {
1517                char *dir = strrchr(freq->tmpfile, '/');
1518                if (dir) {
1519                        *dir = 0;
1520                        mkdir(freq->tmpfile, 0777);
1521                        *dir = '/';
1522                }
1523                freq->localfile = open(freq->tmpfile,
1524                                       O_WRONLY | O_CREAT | O_EXCL, 0666);
1525        }
1526
1527        if (freq->localfile < 0) {
1528                error("Couldn't create temporary file %s: %s",
1529                      freq->tmpfile, strerror(errno));
1530                goto abort;
1531        }
1532
1533        git_inflate_init(&freq->stream);
1534
1535        git_SHA1_Init(&freq->c);
1536
1537        freq->url = get_remote_object_url(base_url, hex, 0);
1538
1539        /*
1540         * If a previous temp file is present, process what was already
1541         * fetched.
1542         */
1543        prevlocal = open(prevfile, O_RDONLY);
1544        if (prevlocal != -1) {
1545                do {
1546                        prev_read = xread(prevlocal, prev_buf, PREV_BUF_SIZE);
1547                        if (prev_read>0) {
1548                                if (fwrite_sha1_file(prev_buf,
1549                                                     1,
1550                                                     prev_read,
1551                                                     freq) == prev_read) {
1552                                        prev_posn += prev_read;
1553                                } else {
1554                                        prev_read = -1;
1555                                }
1556                        }
1557                } while (prev_read > 0);
1558                close(prevlocal);
1559        }
1560        unlink_or_warn(prevfile);
1561
1562        /*
1563         * Reset inflate/SHA1 if there was an error reading the previous temp
1564         * file; also rewind to the beginning of the local file.
1565         */
1566        if (prev_read == -1) {
1567                memset(&freq->stream, 0, sizeof(freq->stream));
1568                git_inflate_init(&freq->stream);
1569                git_SHA1_Init(&freq->c);
1570                if (prev_posn>0) {
1571                        prev_posn = 0;
1572                        lseek(freq->localfile, 0, SEEK_SET);
1573                        if (ftruncate(freq->localfile, 0) < 0) {
1574                                error("Couldn't truncate temporary file %s: %s",
1575                                          freq->tmpfile, strerror(errno));
1576                                goto abort;
1577                        }
1578                }
1579        }
1580
1581        freq->slot = get_active_slot();
1582
1583        curl_easy_setopt(freq->slot->curl, CURLOPT_FILE, freq);
1584        curl_easy_setopt(freq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite_sha1_file);
1585        curl_easy_setopt(freq->slot->curl, CURLOPT_ERRORBUFFER, freq->errorstr);
1586        curl_easy_setopt(freq->slot->curl, CURLOPT_URL, freq->url);
1587        curl_easy_setopt(freq->slot->curl, CURLOPT_HTTPHEADER, no_pragma_header);
1588
1589        /*
1590         * If we have successfully processed data from a previous fetch
1591         * attempt, only fetch the data we don't already have.
1592         */
1593        if (prev_posn>0) {
1594                if (http_is_verbose)
1595                        fprintf(stderr,
1596                                "Resuming fetch of object %s at byte %ld\n",
1597                                hex, prev_posn);
1598                sprintf(range, "Range: bytes=%ld-", prev_posn);
1599                range_header = curl_slist_append(range_header, range);
1600                curl_easy_setopt(freq->slot->curl,
1601                                 CURLOPT_HTTPHEADER, range_header);
1602        }
1603
1604        return freq;
1605
1606abort:
1607        free(freq->url);
1608        free(freq);
1609        return NULL;
1610}
1611
1612void process_http_object_request(struct http_object_request *freq)
1613{
1614        if (freq->slot == NULL)
1615                return;
1616        freq->curl_result = freq->slot->curl_result;
1617        freq->http_code = freq->slot->http_code;
1618        freq->slot = NULL;
1619}
1620
1621int finish_http_object_request(struct http_object_request *freq)
1622{
1623        struct stat st;
1624
1625        close(freq->localfile);
1626        freq->localfile = -1;
1627
1628        process_http_object_request(freq);
1629
1630        if (freq->http_code == 416) {
1631                warning("requested range invalid; we may already have all the data.");
1632        } else if (freq->curl_result != CURLE_OK) {
1633                if (stat(freq->tmpfile, &st) == 0)
1634                        if (st.st_size == 0)
1635                                unlink_or_warn(freq->tmpfile);
1636                return -1;
1637        }
1638
1639        git_inflate_end(&freq->stream);
1640        git_SHA1_Final(freq->real_sha1, &freq->c);
1641        if (freq->zret != Z_STREAM_END) {
1642                unlink_or_warn(freq->tmpfile);
1643                return -1;
1644        }
1645        if (hashcmp(freq->sha1, freq->real_sha1)) {
1646                unlink_or_warn(freq->tmpfile);
1647                return -1;
1648        }
1649        freq->rename =
1650                move_temp_to_file(freq->tmpfile, sha1_file_name(freq->sha1));
1651
1652        return freq->rename;
1653}
1654
1655void abort_http_object_request(struct http_object_request *freq)
1656{
1657        unlink_or_warn(freq->tmpfile);
1658
1659        release_http_object_request(freq);
1660}
1661
1662void release_http_object_request(struct http_object_request *freq)
1663{
1664        if (freq->localfile != -1) {
1665                close(freq->localfile);
1666                freq->localfile = -1;
1667        }
1668        if (freq->url != NULL) {
1669                free(freq->url);
1670                freq->url = NULL;
1671        }
1672        if (freq->slot != NULL) {
1673                freq->slot->callback_func = NULL;
1674                freq->slot->callback_data = NULL;
1675                release_active_slot(freq->slot);
1676                freq->slot = NULL;
1677        }
1678}