http.con commit RelNotes: the third batch (d1ca788)
   1#include "http.h"
   2#include "pack.h"
   3#include "sideband.h"
   4#include "run-command.h"
   5#include "url.h"
   6#include "credential.h"
   7
   8int active_requests;
   9int http_is_verbose;
  10size_t http_post_buffer = 16 * LARGE_PACKET_MAX;
  11
  12#if LIBCURL_VERSION_NUM >= 0x070a06
  13#define LIBCURL_CAN_HANDLE_AUTH_ANY
  14#endif
  15
  16static int min_curl_sessions = 1;
  17static int curl_session_count;
  18#ifdef USE_CURL_MULTI
  19static int max_requests = -1;
  20static CURLM *curlm;
  21#endif
  22#ifndef NO_CURL_EASY_DUPHANDLE
  23static CURL *curl_default;
  24#endif
  25
  26#define PREV_BUF_SIZE 4096
  27#define RANGE_HEADER_SIZE 30
  28
  29char curl_errorstr[CURL_ERROR_SIZE];
  30
  31static int curl_ssl_verify = -1;
  32static const char *ssl_cert;
  33#if LIBCURL_VERSION_NUM >= 0x070903
  34static const char *ssl_key;
  35#endif
  36#if LIBCURL_VERSION_NUM >= 0x070908
  37static const char *ssl_capath;
  38#endif
  39static const char *ssl_cainfo;
  40static long curl_low_speed_limit = -1;
  41static long curl_low_speed_time = -1;
  42static int curl_ftp_no_epsv;
  43static const char *curl_http_proxy;
  44static const char *curl_cookie_file;
  45static struct credential http_auth = CREDENTIAL_INIT;
  46static int http_proactive_auth;
  47static const char *user_agent;
  48
  49#if LIBCURL_VERSION_NUM >= 0x071700
  50/* Use CURLOPT_KEYPASSWD as is */
  51#elif LIBCURL_VERSION_NUM >= 0x070903
  52#define CURLOPT_KEYPASSWD CURLOPT_SSLKEYPASSWD
  53#else
  54#define CURLOPT_KEYPASSWD CURLOPT_SSLCERTPASSWD
  55#endif
  56
  57static struct credential cert_auth = CREDENTIAL_INIT;
  58static int ssl_cert_password_required;
  59
  60static struct curl_slist *pragma_header;
  61static struct curl_slist *no_pragma_header;
  62
  63static struct active_request_slot *active_queue_head;
  64
  65size_t fread_buffer(char *ptr, size_t eltsize, size_t nmemb, void *buffer_)
  66{
  67        size_t size = eltsize * nmemb;
  68        struct buffer *buffer = buffer_;
  69
  70        if (size > buffer->buf.len - buffer->posn)
  71                size = buffer->buf.len - buffer->posn;
  72        memcpy(ptr, buffer->buf.buf + buffer->posn, size);
  73        buffer->posn += size;
  74
  75        return size;
  76}
  77
  78#ifndef NO_CURL_IOCTL
  79curlioerr ioctl_buffer(CURL *handle, int cmd, void *clientp)
  80{
  81        struct buffer *buffer = clientp;
  82
  83        switch (cmd) {
  84        case CURLIOCMD_NOP:
  85                return CURLIOE_OK;
  86
  87        case CURLIOCMD_RESTARTREAD:
  88                buffer->posn = 0;
  89                return CURLIOE_OK;
  90
  91        default:
  92                return CURLIOE_UNKNOWNCMD;
  93        }
  94}
  95#endif
  96
  97size_t fwrite_buffer(char *ptr, size_t eltsize, size_t nmemb, void *buffer_)
  98{
  99        size_t size = eltsize * nmemb;
 100        struct strbuf *buffer = buffer_;
 101
 102        strbuf_add(buffer, ptr, size);
 103        return size;
 104}
 105
 106size_t fwrite_null(char *ptr, size_t eltsize, size_t nmemb, void *strbuf)
 107{
 108        return eltsize * nmemb;
 109}
 110
 111#ifdef USE_CURL_MULTI
 112static void process_curl_messages(void)
 113{
 114        int num_messages;
 115        struct active_request_slot *slot;
 116        CURLMsg *curl_message = curl_multi_info_read(curlm, &num_messages);
 117
 118        while (curl_message != NULL) {
 119                if (curl_message->msg == CURLMSG_DONE) {
 120                        int curl_result = curl_message->data.result;
 121                        slot = active_queue_head;
 122                        while (slot != NULL &&
 123                               slot->curl != curl_message->easy_handle)
 124                                slot = slot->next;
 125                        if (slot != NULL) {
 126                                curl_multi_remove_handle(curlm, slot->curl);
 127                                slot->curl_result = curl_result;
 128                                finish_active_slot(slot);
 129                        } else {
 130                                fprintf(stderr, "Received DONE message for unknown request!\n");
 131                        }
 132                } else {
 133                        fprintf(stderr, "Unknown CURL message received: %d\n",
 134                                (int)curl_message->msg);
 135                }
 136                curl_message = curl_multi_info_read(curlm, &num_messages);
 137        }
 138}
 139#endif
 140
 141static int http_options(const char *var, const char *value, void *cb)
 142{
 143        if (!strcmp("http.sslverify", var)) {
 144                curl_ssl_verify = git_config_bool(var, value);
 145                return 0;
 146        }
 147        if (!strcmp("http.sslcert", var))
 148                return git_config_string(&ssl_cert, var, value);
 149#if LIBCURL_VERSION_NUM >= 0x070903
 150        if (!strcmp("http.sslkey", var))
 151                return git_config_string(&ssl_key, var, value);
 152#endif
 153#if LIBCURL_VERSION_NUM >= 0x070908
 154        if (!strcmp("http.sslcapath", var))
 155                return git_config_string(&ssl_capath, var, value);
 156#endif
 157        if (!strcmp("http.sslcainfo", var))
 158                return git_config_string(&ssl_cainfo, var, value);
 159        if (!strcmp("http.sslcertpasswordprotected", var)) {
 160                if (git_config_bool(var, value))
 161                        ssl_cert_password_required = 1;
 162                return 0;
 163        }
 164        if (!strcmp("http.minsessions", var)) {
 165                min_curl_sessions = git_config_int(var, value);
 166#ifndef USE_CURL_MULTI
 167                if (min_curl_sessions > 1)
 168                        min_curl_sessions = 1;
 169#endif
 170                return 0;
 171        }
 172#ifdef USE_CURL_MULTI
 173        if (!strcmp("http.maxrequests", var)) {
 174                max_requests = git_config_int(var, value);
 175                return 0;
 176        }
 177#endif
 178        if (!strcmp("http.lowspeedlimit", var)) {
 179                curl_low_speed_limit = (long)git_config_int(var, value);
 180                return 0;
 181        }
 182        if (!strcmp("http.lowspeedtime", var)) {
 183                curl_low_speed_time = (long)git_config_int(var, value);
 184                return 0;
 185        }
 186
 187        if (!strcmp("http.noepsv", var)) {
 188                curl_ftp_no_epsv = git_config_bool(var, value);
 189                return 0;
 190        }
 191        if (!strcmp("http.proxy", var))
 192                return git_config_string(&curl_http_proxy, var, value);
 193
 194        if (!strcmp("http.cookiefile", var))
 195                return git_config_string(&curl_cookie_file, var, value);
 196
 197        if (!strcmp("http.postbuffer", var)) {
 198                http_post_buffer = git_config_int(var, value);
 199                if (http_post_buffer < LARGE_PACKET_MAX)
 200                        http_post_buffer = LARGE_PACKET_MAX;
 201                return 0;
 202        }
 203
 204        if (!strcmp("http.useragent", var))
 205                return git_config_string(&user_agent, var, value);
 206
 207        /* Fall back on the default ones */
 208        return git_default_config(var, value, cb);
 209}
 210
 211static void init_curl_http_auth(CURL *result)
 212{
 213        if (http_auth.username) {
 214                struct strbuf up = STRBUF_INIT;
 215                credential_fill(&http_auth);
 216                strbuf_addf(&up, "%s:%s",
 217                            http_auth.username, http_auth.password);
 218                curl_easy_setopt(result, CURLOPT_USERPWD,
 219                                 strbuf_detach(&up, NULL));
 220        }
 221}
 222
 223static int has_cert_password(void)
 224{
 225        if (ssl_cert == NULL || ssl_cert_password_required != 1)
 226                return 0;
 227        if (!cert_auth.password) {
 228                cert_auth.protocol = xstrdup("cert");
 229                cert_auth.path = xstrdup(ssl_cert);
 230                credential_fill(&cert_auth);
 231        }
 232        return 1;
 233}
 234
 235static CURL *get_curl_handle(void)
 236{
 237        CURL *result = curl_easy_init();
 238
 239        if (!curl_ssl_verify) {
 240                curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 0);
 241                curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 0);
 242        } else {
 243                /* Verify authenticity of the peer's certificate */
 244                curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 1);
 245                /* The name in the cert must match whom we tried to connect */
 246                curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 2);
 247        }
 248
 249#if LIBCURL_VERSION_NUM >= 0x070907
 250        curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
 251#endif
 252#ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
 253        curl_easy_setopt(result, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
 254#endif
 255
 256        if (http_proactive_auth)
 257                init_curl_http_auth(result);
 258
 259        if (ssl_cert != NULL)
 260                curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert);
 261        if (has_cert_password())
 262                curl_easy_setopt(result, CURLOPT_KEYPASSWD, cert_auth.password);
 263#if LIBCURL_VERSION_NUM >= 0x070903
 264        if (ssl_key != NULL)
 265                curl_easy_setopt(result, CURLOPT_SSLKEY, ssl_key);
 266#endif
 267#if LIBCURL_VERSION_NUM >= 0x070908
 268        if (ssl_capath != NULL)
 269                curl_easy_setopt(result, CURLOPT_CAPATH, ssl_capath);
 270#endif
 271        if (ssl_cainfo != NULL)
 272                curl_easy_setopt(result, CURLOPT_CAINFO, ssl_cainfo);
 273        curl_easy_setopt(result, CURLOPT_FAILONERROR, 1);
 274
 275        if (curl_low_speed_limit > 0 && curl_low_speed_time > 0) {
 276                curl_easy_setopt(result, CURLOPT_LOW_SPEED_LIMIT,
 277                                 curl_low_speed_limit);
 278                curl_easy_setopt(result, CURLOPT_LOW_SPEED_TIME,
 279                                 curl_low_speed_time);
 280        }
 281
 282        curl_easy_setopt(result, CURLOPT_FOLLOWLOCATION, 1);
 283#if LIBCURL_VERSION_NUM >= 0x071301
 284        curl_easy_setopt(result, CURLOPT_POSTREDIR, CURL_REDIR_POST_ALL);
 285#elif LIBCURL_VERSION_NUM >= 0x071101
 286        curl_easy_setopt(result, CURLOPT_POST301, 1);
 287#endif
 288
 289        if (getenv("GIT_CURL_VERBOSE"))
 290                curl_easy_setopt(result, CURLOPT_VERBOSE, 1);
 291
 292        curl_easy_setopt(result, CURLOPT_USERAGENT,
 293                user_agent ? user_agent : GIT_HTTP_USER_AGENT);
 294
 295        if (curl_ftp_no_epsv)
 296                curl_easy_setopt(result, CURLOPT_FTP_USE_EPSV, 0);
 297
 298        if (curl_http_proxy) {
 299                curl_easy_setopt(result, CURLOPT_PROXY, curl_http_proxy);
 300                curl_easy_setopt(result, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
 301        }
 302
 303        return result;
 304}
 305
 306static void set_from_env(const char **var, const char *envname)
 307{
 308        const char *val = getenv(envname);
 309        if (val)
 310                *var = val;
 311}
 312
 313void http_init(struct remote *remote, const char *url, int proactive_auth)
 314{
 315        char *low_speed_limit;
 316        char *low_speed_time;
 317
 318        http_is_verbose = 0;
 319
 320        git_config(http_options, NULL);
 321
 322        curl_global_init(CURL_GLOBAL_ALL);
 323
 324        http_proactive_auth = proactive_auth;
 325
 326        if (remote && remote->http_proxy)
 327                curl_http_proxy = xstrdup(remote->http_proxy);
 328
 329        pragma_header = curl_slist_append(pragma_header, "Pragma: no-cache");
 330        no_pragma_header = curl_slist_append(no_pragma_header, "Pragma:");
 331
 332#ifdef USE_CURL_MULTI
 333        {
 334                char *http_max_requests = getenv("GIT_HTTP_MAX_REQUESTS");
 335                if (http_max_requests != NULL)
 336                        max_requests = atoi(http_max_requests);
 337        }
 338
 339        curlm = curl_multi_init();
 340        if (curlm == NULL) {
 341                fprintf(stderr, "Error creating curl multi handle.\n");
 342                exit(1);
 343        }
 344#endif
 345
 346        if (getenv("GIT_SSL_NO_VERIFY"))
 347                curl_ssl_verify = 0;
 348
 349        set_from_env(&ssl_cert, "GIT_SSL_CERT");
 350#if LIBCURL_VERSION_NUM >= 0x070903
 351        set_from_env(&ssl_key, "GIT_SSL_KEY");
 352#endif
 353#if LIBCURL_VERSION_NUM >= 0x070908
 354        set_from_env(&ssl_capath, "GIT_SSL_CAPATH");
 355#endif
 356        set_from_env(&ssl_cainfo, "GIT_SSL_CAINFO");
 357
 358        set_from_env(&user_agent, "GIT_HTTP_USER_AGENT");
 359
 360        low_speed_limit = getenv("GIT_HTTP_LOW_SPEED_LIMIT");
 361        if (low_speed_limit != NULL)
 362                curl_low_speed_limit = strtol(low_speed_limit, NULL, 10);
 363        low_speed_time = getenv("GIT_HTTP_LOW_SPEED_TIME");
 364        if (low_speed_time != NULL)
 365                curl_low_speed_time = strtol(low_speed_time, NULL, 10);
 366
 367        if (curl_ssl_verify == -1)
 368                curl_ssl_verify = 1;
 369
 370        curl_session_count = 0;
 371#ifdef USE_CURL_MULTI
 372        if (max_requests < 1)
 373                max_requests = DEFAULT_MAX_REQUESTS;
 374#endif
 375
 376        if (getenv("GIT_CURL_FTP_NO_EPSV"))
 377                curl_ftp_no_epsv = 1;
 378
 379        if (url) {
 380                credential_from_url(&http_auth, url);
 381                if (!ssl_cert_password_required &&
 382                    getenv("GIT_SSL_CERT_PASSWORD_PROTECTED") &&
 383                    !prefixcmp(url, "https://"))
 384                        ssl_cert_password_required = 1;
 385        }
 386
 387#ifndef NO_CURL_EASY_DUPHANDLE
 388        curl_default = get_curl_handle();
 389#endif
 390}
 391
 392void http_cleanup(void)
 393{
 394        struct active_request_slot *slot = active_queue_head;
 395
 396        while (slot != NULL) {
 397                struct active_request_slot *next = slot->next;
 398                if (slot->curl != NULL) {
 399#ifdef USE_CURL_MULTI
 400                        curl_multi_remove_handle(curlm, slot->curl);
 401#endif
 402                        curl_easy_cleanup(slot->curl);
 403                }
 404                free(slot);
 405                slot = next;
 406        }
 407        active_queue_head = NULL;
 408
 409#ifndef NO_CURL_EASY_DUPHANDLE
 410        curl_easy_cleanup(curl_default);
 411#endif
 412
 413#ifdef USE_CURL_MULTI
 414        curl_multi_cleanup(curlm);
 415#endif
 416        curl_global_cleanup();
 417
 418        curl_slist_free_all(pragma_header);
 419        pragma_header = NULL;
 420
 421        curl_slist_free_all(no_pragma_header);
 422        no_pragma_header = NULL;
 423
 424        if (curl_http_proxy) {
 425                free((void *)curl_http_proxy);
 426                curl_http_proxy = NULL;
 427        }
 428
 429        if (cert_auth.password != NULL) {
 430                memset(cert_auth.password, 0, strlen(cert_auth.password));
 431                free(cert_auth.password);
 432                cert_auth.password = NULL;
 433        }
 434        ssl_cert_password_required = 0;
 435}
 436
 437struct active_request_slot *get_active_slot(void)
 438{
 439        struct active_request_slot *slot = active_queue_head;
 440        struct active_request_slot *newslot;
 441
 442#ifdef USE_CURL_MULTI
 443        int num_transfers;
 444
 445        /* Wait for a slot to open up if the queue is full */
 446        while (active_requests >= max_requests) {
 447                curl_multi_perform(curlm, &num_transfers);
 448                if (num_transfers < active_requests)
 449                        process_curl_messages();
 450        }
 451#endif
 452
 453        while (slot != NULL && slot->in_use)
 454                slot = slot->next;
 455
 456        if (slot == NULL) {
 457                newslot = xmalloc(sizeof(*newslot));
 458                newslot->curl = NULL;
 459                newslot->in_use = 0;
 460                newslot->next = NULL;
 461
 462                slot = active_queue_head;
 463                if (slot == NULL) {
 464                        active_queue_head = newslot;
 465                } else {
 466                        while (slot->next != NULL)
 467                                slot = slot->next;
 468                        slot->next = newslot;
 469                }
 470                slot = newslot;
 471        }
 472
 473        if (slot->curl == NULL) {
 474#ifdef NO_CURL_EASY_DUPHANDLE
 475                slot->curl = get_curl_handle();
 476#else
 477                slot->curl = curl_easy_duphandle(curl_default);
 478#endif
 479                curl_session_count++;
 480        }
 481
 482        active_requests++;
 483        slot->in_use = 1;
 484        slot->results = NULL;
 485        slot->finished = NULL;
 486        slot->callback_data = NULL;
 487        slot->callback_func = NULL;
 488        curl_easy_setopt(slot->curl, CURLOPT_COOKIEFILE, curl_cookie_file);
 489        curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, pragma_header);
 490        curl_easy_setopt(slot->curl, CURLOPT_ERRORBUFFER, curl_errorstr);
 491        curl_easy_setopt(slot->curl, CURLOPT_CUSTOMREQUEST, NULL);
 492        curl_easy_setopt(slot->curl, CURLOPT_READFUNCTION, NULL);
 493        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION, NULL);
 494        curl_easy_setopt(slot->curl, CURLOPT_POSTFIELDS, NULL);
 495        curl_easy_setopt(slot->curl, CURLOPT_UPLOAD, 0);
 496        curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
 497
 498        return slot;
 499}
 500
 501int start_active_slot(struct active_request_slot *slot)
 502{
 503#ifdef USE_CURL_MULTI
 504        CURLMcode curlm_result = curl_multi_add_handle(curlm, slot->curl);
 505        int num_transfers;
 506
 507        if (curlm_result != CURLM_OK &&
 508            curlm_result != CURLM_CALL_MULTI_PERFORM) {
 509                active_requests--;
 510                slot->in_use = 0;
 511                return 0;
 512        }
 513
 514        /*
 515         * We know there must be something to do, since we just added
 516         * something.
 517         */
 518        curl_multi_perform(curlm, &num_transfers);
 519#endif
 520        return 1;
 521}
 522
 523#ifdef USE_CURL_MULTI
 524struct fill_chain {
 525        void *data;
 526        int (*fill)(void *);
 527        struct fill_chain *next;
 528};
 529
 530static struct fill_chain *fill_cfg;
 531
 532void add_fill_function(void *data, int (*fill)(void *))
 533{
 534        struct fill_chain *new = xmalloc(sizeof(*new));
 535        struct fill_chain **linkp = &fill_cfg;
 536        new->data = data;
 537        new->fill = fill;
 538        new->next = NULL;
 539        while (*linkp)
 540                linkp = &(*linkp)->next;
 541        *linkp = new;
 542}
 543
 544void fill_active_slots(void)
 545{
 546        struct active_request_slot *slot = active_queue_head;
 547
 548        while (active_requests < max_requests) {
 549                struct fill_chain *fill;
 550                for (fill = fill_cfg; fill; fill = fill->next)
 551                        if (fill->fill(fill->data))
 552                                break;
 553
 554                if (!fill)
 555                        break;
 556        }
 557
 558        while (slot != NULL) {
 559                if (!slot->in_use && slot->curl != NULL
 560                        && curl_session_count > min_curl_sessions) {
 561                        curl_easy_cleanup(slot->curl);
 562                        slot->curl = NULL;
 563                        curl_session_count--;
 564                }
 565                slot = slot->next;
 566        }
 567}
 568
 569void step_active_slots(void)
 570{
 571        int num_transfers;
 572        CURLMcode curlm_result;
 573
 574        do {
 575                curlm_result = curl_multi_perform(curlm, &num_transfers);
 576        } while (curlm_result == CURLM_CALL_MULTI_PERFORM);
 577        if (num_transfers < active_requests) {
 578                process_curl_messages();
 579                fill_active_slots();
 580        }
 581}
 582#endif
 583
 584void run_active_slot(struct active_request_slot *slot)
 585{
 586#ifdef USE_CURL_MULTI
 587        fd_set readfds;
 588        fd_set writefds;
 589        fd_set excfds;
 590        int max_fd;
 591        struct timeval select_timeout;
 592        int finished = 0;
 593
 594        slot->finished = &finished;
 595        while (!finished) {
 596                step_active_slots();
 597
 598                if (slot->in_use) {
 599#if LIBCURL_VERSION_NUM >= 0x070f04
 600                        long curl_timeout;
 601                        curl_multi_timeout(curlm, &curl_timeout);
 602                        if (curl_timeout == 0) {
 603                                continue;
 604                        } else if (curl_timeout == -1) {
 605                                select_timeout.tv_sec  = 0;
 606                                select_timeout.tv_usec = 50000;
 607                        } else {
 608                                select_timeout.tv_sec  =  curl_timeout / 1000;
 609                                select_timeout.tv_usec = (curl_timeout % 1000) * 1000;
 610                        }
 611#else
 612                        select_timeout.tv_sec  = 0;
 613                        select_timeout.tv_usec = 50000;
 614#endif
 615
 616                        max_fd = -1;
 617                        FD_ZERO(&readfds);
 618                        FD_ZERO(&writefds);
 619                        FD_ZERO(&excfds);
 620                        curl_multi_fdset(curlm, &readfds, &writefds, &excfds, &max_fd);
 621
 622                        select(max_fd+1, &readfds, &writefds, &excfds, &select_timeout);
 623                }
 624        }
 625#else
 626        while (slot->in_use) {
 627                slot->curl_result = curl_easy_perform(slot->curl);
 628                finish_active_slot(slot);
 629        }
 630#endif
 631}
 632
 633static void closedown_active_slot(struct active_request_slot *slot)
 634{
 635        active_requests--;
 636        slot->in_use = 0;
 637}
 638
 639static void release_active_slot(struct active_request_slot *slot)
 640{
 641        closedown_active_slot(slot);
 642        if (slot->curl && curl_session_count > min_curl_sessions) {
 643#ifdef USE_CURL_MULTI
 644                curl_multi_remove_handle(curlm, slot->curl);
 645#endif
 646                curl_easy_cleanup(slot->curl);
 647                slot->curl = NULL;
 648                curl_session_count--;
 649        }
 650#ifdef USE_CURL_MULTI
 651        fill_active_slots();
 652#endif
 653}
 654
 655void finish_active_slot(struct active_request_slot *slot)
 656{
 657        closedown_active_slot(slot);
 658        curl_easy_getinfo(slot->curl, CURLINFO_HTTP_CODE, &slot->http_code);
 659
 660        if (slot->finished != NULL)
 661                (*slot->finished) = 1;
 662
 663        /* Store slot results so they can be read after the slot is reused */
 664        if (slot->results != NULL) {
 665                slot->results->curl_result = slot->curl_result;
 666                slot->results->http_code = slot->http_code;
 667        }
 668
 669        /* Run callback if appropriate */
 670        if (slot->callback_func != NULL)
 671                slot->callback_func(slot->callback_data);
 672}
 673
 674void finish_all_active_slots(void)
 675{
 676        struct active_request_slot *slot = active_queue_head;
 677
 678        while (slot != NULL)
 679                if (slot->in_use) {
 680                        run_active_slot(slot);
 681                        slot = active_queue_head;
 682                } else {
 683                        slot = slot->next;
 684                }
 685}
 686
 687/* Helpers for modifying and creating URLs */
 688static inline int needs_quote(int ch)
 689{
 690        if (((ch >= 'A') && (ch <= 'Z'))
 691                        || ((ch >= 'a') && (ch <= 'z'))
 692                        || ((ch >= '0') && (ch <= '9'))
 693                        || (ch == '/')
 694                        || (ch == '-')
 695                        || (ch == '.'))
 696                return 0;
 697        return 1;
 698}
 699
 700static char *quote_ref_url(const char *base, const char *ref)
 701{
 702        struct strbuf buf = STRBUF_INIT;
 703        const char *cp;
 704        int ch;
 705
 706        end_url_with_slash(&buf, base);
 707
 708        for (cp = ref; (ch = *cp) != 0; cp++)
 709                if (needs_quote(ch))
 710                        strbuf_addf(&buf, "%%%02x", ch);
 711                else
 712                        strbuf_addch(&buf, *cp);
 713
 714        return strbuf_detach(&buf, NULL);
 715}
 716
 717void append_remote_object_url(struct strbuf *buf, const char *url,
 718                              const char *hex,
 719                              int only_two_digit_prefix)
 720{
 721        end_url_with_slash(buf, url);
 722
 723        strbuf_addf(buf, "objects/%.*s/", 2, hex);
 724        if (!only_two_digit_prefix)
 725                strbuf_addf(buf, "%s", hex+2);
 726}
 727
 728char *get_remote_object_url(const char *url, const char *hex,
 729                            int only_two_digit_prefix)
 730{
 731        struct strbuf buf = STRBUF_INIT;
 732        append_remote_object_url(&buf, url, hex, only_two_digit_prefix);
 733        return strbuf_detach(&buf, NULL);
 734}
 735
 736/* http_request() targets */
 737#define HTTP_REQUEST_STRBUF     0
 738#define HTTP_REQUEST_FILE       1
 739
 740static int http_request(const char *url, void *result, int target, int options)
 741{
 742        struct active_request_slot *slot;
 743        struct slot_results results;
 744        struct curl_slist *headers = NULL;
 745        struct strbuf buf = STRBUF_INIT;
 746        int ret;
 747
 748        slot = get_active_slot();
 749        slot->results = &results;
 750        curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
 751
 752        if (result == NULL) {
 753                curl_easy_setopt(slot->curl, CURLOPT_NOBODY, 1);
 754        } else {
 755                curl_easy_setopt(slot->curl, CURLOPT_NOBODY, 0);
 756                curl_easy_setopt(slot->curl, CURLOPT_FILE, result);
 757
 758                if (target == HTTP_REQUEST_FILE) {
 759                        long posn = ftell(result);
 760                        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
 761                                         fwrite);
 762                        if (posn > 0) {
 763                                strbuf_addf(&buf, "Range: bytes=%ld-", posn);
 764                                headers = curl_slist_append(headers, buf.buf);
 765                                strbuf_reset(&buf);
 766                        }
 767                } else
 768                        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
 769                                         fwrite_buffer);
 770        }
 771
 772        strbuf_addstr(&buf, "Pragma:");
 773        if (options & HTTP_NO_CACHE)
 774                strbuf_addstr(&buf, " no-cache");
 775
 776        headers = curl_slist_append(headers, buf.buf);
 777
 778        curl_easy_setopt(slot->curl, CURLOPT_URL, url);
 779        curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, headers);
 780
 781        if (start_active_slot(slot)) {
 782                run_active_slot(slot);
 783                if (results.curl_result == CURLE_OK)
 784                        ret = HTTP_OK;
 785                else if (missing_target(&results))
 786                        ret = HTTP_MISSING_TARGET;
 787                else if (results.http_code == 401) {
 788                        if (http_auth.username && http_auth.password) {
 789                                credential_reject(&http_auth);
 790                                ret = HTTP_NOAUTH;
 791                        } else {
 792                                credential_fill(&http_auth);
 793                                init_curl_http_auth(slot->curl);
 794                                ret = HTTP_REAUTH;
 795                        }
 796                } else {
 797                        if (!curl_errorstr[0])
 798                                strlcpy(curl_errorstr,
 799                                        curl_easy_strerror(results.curl_result),
 800                                        sizeof(curl_errorstr));
 801                        ret = HTTP_ERROR;
 802                }
 803        } else {
 804                error("Unable to start HTTP request for %s", url);
 805                ret = HTTP_START_FAILED;
 806        }
 807
 808        curl_slist_free_all(headers);
 809        strbuf_release(&buf);
 810
 811        if (ret == HTTP_OK)
 812                credential_approve(&http_auth);
 813
 814        return ret;
 815}
 816
 817static int http_request_reauth(const char *url, void *result, int target,
 818                               int options)
 819{
 820        int ret = http_request(url, result, target, options);
 821        if (ret != HTTP_REAUTH)
 822                return ret;
 823        return http_request(url, result, target, options);
 824}
 825
 826int http_get_strbuf(const char *url, struct strbuf *result, int options)
 827{
 828        return http_request_reauth(url, result, HTTP_REQUEST_STRBUF, options);
 829}
 830
 831/*
 832 * Downloads a URL and stores the result in the given file.
 833 *
 834 * If a previous interrupted download is detected (i.e. a previous temporary
 835 * file is still around) the download is resumed.
 836 */
 837static int http_get_file(const char *url, const char *filename, int options)
 838{
 839        int ret;
 840        struct strbuf tmpfile = STRBUF_INIT;
 841        FILE *result;
 842
 843        strbuf_addf(&tmpfile, "%s.temp", filename);
 844        result = fopen(tmpfile.buf, "a");
 845        if (! result) {
 846                error("Unable to open local file %s", tmpfile.buf);
 847                ret = HTTP_ERROR;
 848                goto cleanup;
 849        }
 850
 851        ret = http_request_reauth(url, result, HTTP_REQUEST_FILE, options);
 852        fclose(result);
 853
 854        if ((ret == HTTP_OK) && move_temp_to_file(tmpfile.buf, filename))
 855                ret = HTTP_ERROR;
 856cleanup:
 857        strbuf_release(&tmpfile);
 858        return ret;
 859}
 860
 861int http_error(const char *url, int ret)
 862{
 863        /* http_request has already handled HTTP_START_FAILED. */
 864        if (ret != HTTP_START_FAILED)
 865                error("%s while accessing %s", curl_errorstr, url);
 866
 867        return ret;
 868}
 869
 870int http_fetch_ref(const char *base, struct ref *ref)
 871{
 872        char *url;
 873        struct strbuf buffer = STRBUF_INIT;
 874        int ret = -1;
 875
 876        url = quote_ref_url(base, ref->name);
 877        if (http_get_strbuf(url, &buffer, HTTP_NO_CACHE) == HTTP_OK) {
 878                strbuf_rtrim(&buffer);
 879                if (buffer.len == 40)
 880                        ret = get_sha1_hex(buffer.buf, ref->old_sha1);
 881                else if (!prefixcmp(buffer.buf, "ref: ")) {
 882                        ref->symref = xstrdup(buffer.buf + 5);
 883                        ret = 0;
 884                }
 885        }
 886
 887        strbuf_release(&buffer);
 888        free(url);
 889        return ret;
 890}
 891
 892/* Helpers for fetching packs */
 893static char *fetch_pack_index(unsigned char *sha1, const char *base_url)
 894{
 895        char *url, *tmp;
 896        struct strbuf buf = STRBUF_INIT;
 897
 898        if (http_is_verbose)
 899                fprintf(stderr, "Getting index for pack %s\n", sha1_to_hex(sha1));
 900
 901        end_url_with_slash(&buf, base_url);
 902        strbuf_addf(&buf, "objects/pack/pack-%s.idx", sha1_to_hex(sha1));
 903        url = strbuf_detach(&buf, NULL);
 904
 905        strbuf_addf(&buf, "%s.temp", sha1_pack_index_name(sha1));
 906        tmp = strbuf_detach(&buf, NULL);
 907
 908        if (http_get_file(url, tmp, 0) != HTTP_OK) {
 909                error("Unable to get pack index %s\n", url);
 910                free(tmp);
 911                tmp = NULL;
 912        }
 913
 914        free(url);
 915        return tmp;
 916}
 917
 918static int fetch_and_setup_pack_index(struct packed_git **packs_head,
 919        unsigned char *sha1, const char *base_url)
 920{
 921        struct packed_git *new_pack;
 922        char *tmp_idx = NULL;
 923        int ret;
 924
 925        if (has_pack_index(sha1)) {
 926                new_pack = parse_pack_index(sha1, NULL);
 927                if (!new_pack)
 928                        return -1; /* parse_pack_index() already issued error message */
 929                goto add_pack;
 930        }
 931
 932        tmp_idx = fetch_pack_index(sha1, base_url);
 933        if (!tmp_idx)
 934                return -1;
 935
 936        new_pack = parse_pack_index(sha1, tmp_idx);
 937        if (!new_pack) {
 938                unlink(tmp_idx);
 939                free(tmp_idx);
 940
 941                return -1; /* parse_pack_index() already issued error message */
 942        }
 943
 944        ret = verify_pack_index(new_pack);
 945        if (!ret) {
 946                close_pack_index(new_pack);
 947                ret = move_temp_to_file(tmp_idx, sha1_pack_index_name(sha1));
 948        }
 949        free(tmp_idx);
 950        if (ret)
 951                return -1;
 952
 953add_pack:
 954        new_pack->next = *packs_head;
 955        *packs_head = new_pack;
 956        return 0;
 957}
 958
 959int http_get_info_packs(const char *base_url, struct packed_git **packs_head)
 960{
 961        int ret = 0, i = 0;
 962        char *url, *data;
 963        struct strbuf buf = STRBUF_INIT;
 964        unsigned char sha1[20];
 965
 966        end_url_with_slash(&buf, base_url);
 967        strbuf_addstr(&buf, "objects/info/packs");
 968        url = strbuf_detach(&buf, NULL);
 969
 970        ret = http_get_strbuf(url, &buf, HTTP_NO_CACHE);
 971        if (ret != HTTP_OK)
 972                goto cleanup;
 973
 974        data = buf.buf;
 975        while (i < buf.len) {
 976                switch (data[i]) {
 977                case 'P':
 978                        i++;
 979                        if (i + 52 <= buf.len &&
 980                            !prefixcmp(data + i, " pack-") &&
 981                            !prefixcmp(data + i + 46, ".pack\n")) {
 982                                get_sha1_hex(data + i + 6, sha1);
 983                                fetch_and_setup_pack_index(packs_head, sha1,
 984                                                      base_url);
 985                                i += 51;
 986                                break;
 987                        }
 988                default:
 989                        while (i < buf.len && data[i] != '\n')
 990                                i++;
 991                }
 992                i++;
 993        }
 994
 995cleanup:
 996        free(url);
 997        return ret;
 998}
 999
1000void release_http_pack_request(struct http_pack_request *preq)
1001{
1002        if (preq->packfile != NULL) {
1003                fclose(preq->packfile);
1004                preq->packfile = NULL;
1005        }
1006        if (preq->range_header != NULL) {
1007                curl_slist_free_all(preq->range_header);
1008                preq->range_header = NULL;
1009        }
1010        preq->slot = NULL;
1011        free(preq->url);
1012}
1013
1014int finish_http_pack_request(struct http_pack_request *preq)
1015{
1016        struct packed_git **lst;
1017        struct packed_git *p = preq->target;
1018        char *tmp_idx;
1019        struct child_process ip;
1020        const char *ip_argv[8];
1021
1022        close_pack_index(p);
1023
1024        fclose(preq->packfile);
1025        preq->packfile = NULL;
1026
1027        lst = preq->lst;
1028        while (*lst != p)
1029                lst = &((*lst)->next);
1030        *lst = (*lst)->next;
1031
1032        tmp_idx = xstrdup(preq->tmpfile);
1033        strcpy(tmp_idx + strlen(tmp_idx) - strlen(".pack.temp"),
1034               ".idx.temp");
1035
1036        ip_argv[0] = "index-pack";
1037        ip_argv[1] = "-o";
1038        ip_argv[2] = tmp_idx;
1039        ip_argv[3] = preq->tmpfile;
1040        ip_argv[4] = NULL;
1041
1042        memset(&ip, 0, sizeof(ip));
1043        ip.argv = ip_argv;
1044        ip.git_cmd = 1;
1045        ip.no_stdin = 1;
1046        ip.no_stdout = 1;
1047
1048        if (run_command(&ip)) {
1049                unlink(preq->tmpfile);
1050                unlink(tmp_idx);
1051                free(tmp_idx);
1052                return -1;
1053        }
1054
1055        unlink(sha1_pack_index_name(p->sha1));
1056
1057        if (move_temp_to_file(preq->tmpfile, sha1_pack_name(p->sha1))
1058         || move_temp_to_file(tmp_idx, sha1_pack_index_name(p->sha1))) {
1059                free(tmp_idx);
1060                return -1;
1061        }
1062
1063        install_packed_git(p);
1064        free(tmp_idx);
1065        return 0;
1066}
1067
1068struct http_pack_request *new_http_pack_request(
1069        struct packed_git *target, const char *base_url)
1070{
1071        long prev_posn = 0;
1072        char range[RANGE_HEADER_SIZE];
1073        struct strbuf buf = STRBUF_INIT;
1074        struct http_pack_request *preq;
1075
1076        preq = xcalloc(1, sizeof(*preq));
1077        preq->target = target;
1078
1079        end_url_with_slash(&buf, base_url);
1080        strbuf_addf(&buf, "objects/pack/pack-%s.pack",
1081                sha1_to_hex(target->sha1));
1082        preq->url = strbuf_detach(&buf, NULL);
1083
1084        snprintf(preq->tmpfile, sizeof(preq->tmpfile), "%s.temp",
1085                sha1_pack_name(target->sha1));
1086        preq->packfile = fopen(preq->tmpfile, "a");
1087        if (!preq->packfile) {
1088                error("Unable to open local file %s for pack",
1089                      preq->tmpfile);
1090                goto abort;
1091        }
1092
1093        preq->slot = get_active_slot();
1094        curl_easy_setopt(preq->slot->curl, CURLOPT_FILE, preq->packfile);
1095        curl_easy_setopt(preq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite);
1096        curl_easy_setopt(preq->slot->curl, CURLOPT_URL, preq->url);
1097        curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
1098                no_pragma_header);
1099
1100        /*
1101         * If there is data present from a previous transfer attempt,
1102         * resume where it left off
1103         */
1104        prev_posn = ftell(preq->packfile);
1105        if (prev_posn>0) {
1106                if (http_is_verbose)
1107                        fprintf(stderr,
1108                                "Resuming fetch of pack %s at byte %ld\n",
1109                                sha1_to_hex(target->sha1), prev_posn);
1110                sprintf(range, "Range: bytes=%ld-", prev_posn);
1111                preq->range_header = curl_slist_append(NULL, range);
1112                curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
1113                        preq->range_header);
1114        }
1115
1116        return preq;
1117
1118abort:
1119        free(preq->url);
1120        free(preq);
1121        return NULL;
1122}
1123
1124/* Helpers for fetching objects (loose) */
1125static size_t fwrite_sha1_file(char *ptr, size_t eltsize, size_t nmemb,
1126                               void *data)
1127{
1128        unsigned char expn[4096];
1129        size_t size = eltsize * nmemb;
1130        int posn = 0;
1131        struct http_object_request *freq =
1132                (struct http_object_request *)data;
1133        do {
1134                ssize_t retval = xwrite(freq->localfile,
1135                                        (char *) ptr + posn, size - posn);
1136                if (retval < 0)
1137                        return posn;
1138                posn += retval;
1139        } while (posn < size);
1140
1141        freq->stream.avail_in = size;
1142        freq->stream.next_in = (void *)ptr;
1143        do {
1144                freq->stream.next_out = expn;
1145                freq->stream.avail_out = sizeof(expn);
1146                freq->zret = git_inflate(&freq->stream, Z_SYNC_FLUSH);
1147                git_SHA1_Update(&freq->c, expn,
1148                                sizeof(expn) - freq->stream.avail_out);
1149        } while (freq->stream.avail_in && freq->zret == Z_OK);
1150        return size;
1151}
1152
1153struct http_object_request *new_http_object_request(const char *base_url,
1154        unsigned char *sha1)
1155{
1156        char *hex = sha1_to_hex(sha1);
1157        char *filename;
1158        char prevfile[PATH_MAX];
1159        int prevlocal;
1160        char prev_buf[PREV_BUF_SIZE];
1161        ssize_t prev_read = 0;
1162        long prev_posn = 0;
1163        char range[RANGE_HEADER_SIZE];
1164        struct curl_slist *range_header = NULL;
1165        struct http_object_request *freq;
1166
1167        freq = xcalloc(1, sizeof(*freq));
1168        hashcpy(freq->sha1, sha1);
1169        freq->localfile = -1;
1170
1171        filename = sha1_file_name(sha1);
1172        snprintf(freq->tmpfile, sizeof(freq->tmpfile),
1173                 "%s.temp", filename);
1174
1175        snprintf(prevfile, sizeof(prevfile), "%s.prev", filename);
1176        unlink_or_warn(prevfile);
1177        rename(freq->tmpfile, prevfile);
1178        unlink_or_warn(freq->tmpfile);
1179
1180        if (freq->localfile != -1)
1181                error("fd leakage in start: %d", freq->localfile);
1182        freq->localfile = open(freq->tmpfile,
1183                               O_WRONLY | O_CREAT | O_EXCL, 0666);
1184        /*
1185         * This could have failed due to the "lazy directory creation";
1186         * try to mkdir the last path component.
1187         */
1188        if (freq->localfile < 0 && errno == ENOENT) {
1189                char *dir = strrchr(freq->tmpfile, '/');
1190                if (dir) {
1191                        *dir = 0;
1192                        mkdir(freq->tmpfile, 0777);
1193                        *dir = '/';
1194                }
1195                freq->localfile = open(freq->tmpfile,
1196                                       O_WRONLY | O_CREAT | O_EXCL, 0666);
1197        }
1198
1199        if (freq->localfile < 0) {
1200                error("Couldn't create temporary file %s: %s",
1201                      freq->tmpfile, strerror(errno));
1202                goto abort;
1203        }
1204
1205        git_inflate_init(&freq->stream);
1206
1207        git_SHA1_Init(&freq->c);
1208
1209        freq->url = get_remote_object_url(base_url, hex, 0);
1210
1211        /*
1212         * If a previous temp file is present, process what was already
1213         * fetched.
1214         */
1215        prevlocal = open(prevfile, O_RDONLY);
1216        if (prevlocal != -1) {
1217                do {
1218                        prev_read = xread(prevlocal, prev_buf, PREV_BUF_SIZE);
1219                        if (prev_read>0) {
1220                                if (fwrite_sha1_file(prev_buf,
1221                                                     1,
1222                                                     prev_read,
1223                                                     freq) == prev_read) {
1224                                        prev_posn += prev_read;
1225                                } else {
1226                                        prev_read = -1;
1227                                }
1228                        }
1229                } while (prev_read > 0);
1230                close(prevlocal);
1231        }
1232        unlink_or_warn(prevfile);
1233
1234        /*
1235         * Reset inflate/SHA1 if there was an error reading the previous temp
1236         * file; also rewind to the beginning of the local file.
1237         */
1238        if (prev_read == -1) {
1239                memset(&freq->stream, 0, sizeof(freq->stream));
1240                git_inflate_init(&freq->stream);
1241                git_SHA1_Init(&freq->c);
1242                if (prev_posn>0) {
1243                        prev_posn = 0;
1244                        lseek(freq->localfile, 0, SEEK_SET);
1245                        if (ftruncate(freq->localfile, 0) < 0) {
1246                                error("Couldn't truncate temporary file %s: %s",
1247                                          freq->tmpfile, strerror(errno));
1248                                goto abort;
1249                        }
1250                }
1251        }
1252
1253        freq->slot = get_active_slot();
1254
1255        curl_easy_setopt(freq->slot->curl, CURLOPT_FILE, freq);
1256        curl_easy_setopt(freq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite_sha1_file);
1257        curl_easy_setopt(freq->slot->curl, CURLOPT_ERRORBUFFER, freq->errorstr);
1258        curl_easy_setopt(freq->slot->curl, CURLOPT_URL, freq->url);
1259        curl_easy_setopt(freq->slot->curl, CURLOPT_HTTPHEADER, no_pragma_header);
1260
1261        /*
1262         * If we have successfully processed data from a previous fetch
1263         * attempt, only fetch the data we don't already have.
1264         */
1265        if (prev_posn>0) {
1266                if (http_is_verbose)
1267                        fprintf(stderr,
1268                                "Resuming fetch of object %s at byte %ld\n",
1269                                hex, prev_posn);
1270                sprintf(range, "Range: bytes=%ld-", prev_posn);
1271                range_header = curl_slist_append(range_header, range);
1272                curl_easy_setopt(freq->slot->curl,
1273                                 CURLOPT_HTTPHEADER, range_header);
1274        }
1275
1276        return freq;
1277
1278abort:
1279        free(freq->url);
1280        free(freq);
1281        return NULL;
1282}
1283
1284void process_http_object_request(struct http_object_request *freq)
1285{
1286        if (freq->slot == NULL)
1287                return;
1288        freq->curl_result = freq->slot->curl_result;
1289        freq->http_code = freq->slot->http_code;
1290        freq->slot = NULL;
1291}
1292
1293int finish_http_object_request(struct http_object_request *freq)
1294{
1295        struct stat st;
1296
1297        close(freq->localfile);
1298        freq->localfile = -1;
1299
1300        process_http_object_request(freq);
1301
1302        if (freq->http_code == 416) {
1303                warning("requested range invalid; we may already have all the data.");
1304        } else if (freq->curl_result != CURLE_OK) {
1305                if (stat(freq->tmpfile, &st) == 0)
1306                        if (st.st_size == 0)
1307                                unlink_or_warn(freq->tmpfile);
1308                return -1;
1309        }
1310
1311        git_inflate_end(&freq->stream);
1312        git_SHA1_Final(freq->real_sha1, &freq->c);
1313        if (freq->zret != Z_STREAM_END) {
1314                unlink_or_warn(freq->tmpfile);
1315                return -1;
1316        }
1317        if (hashcmp(freq->sha1, freq->real_sha1)) {
1318                unlink_or_warn(freq->tmpfile);
1319                return -1;
1320        }
1321        freq->rename =
1322                move_temp_to_file(freq->tmpfile, sha1_file_name(freq->sha1));
1323
1324        return freq->rename;
1325}
1326
1327void abort_http_object_request(struct http_object_request *freq)
1328{
1329        unlink_or_warn(freq->tmpfile);
1330
1331        release_http_object_request(freq);
1332}
1333
1334void release_http_object_request(struct http_object_request *freq)
1335{
1336        if (freq->localfile != -1) {
1337                close(freq->localfile);
1338                freq->localfile = -1;
1339        }
1340        if (freq->url != NULL) {
1341                free(freq->url);
1342                freq->url = NULL;
1343        }
1344        if (freq->slot != NULL) {
1345                freq->slot->callback_func = NULL;
1346                freq->slot->callback_data = NULL;
1347                release_active_slot(freq->slot);
1348                freq->slot = NULL;
1349        }
1350}