d309109abbdb2cb3d6d3562ec1004fd5273b4c34
1#include "builtin.h"
2#include "lockfile.h"
3#include "pack.h"
4#include "refs.h"
5#include "pkt-line.h"
6#include "sideband.h"
7#include "run-command.h"
8#include "exec_cmd.h"
9#include "commit.h"
10#include "object.h"
11#include "remote.h"
12#include "connect.h"
13#include "transport.h"
14#include "string-list.h"
15#include "sha1-array.h"
16#include "connected.h"
17#include "argv-array.h"
18#include "version.h"
19#include "tag.h"
20#include "gpg-interface.h"
21#include "sigchain.h"
22#include "fsck.h"
23static const char * const receive_pack_usage[] = {
25 N_("git receive-pack <git-dir>"),
26 NULL
27};
28enum deny_action {
30 DENY_UNCONFIGURED,
31 DENY_IGNORE,
32 DENY_WARN,
33 DENY_REFUSE,
34 DENY_UPDATE_INSTEAD
35};
36static int deny_deletes;
38static int deny_non_fast_forwards;
39static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
40static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
41static int receive_fsck_objects = -1;
42static int transfer_fsck_objects = -1;
43static struct strbuf fsck_msg_types = STRBUF_INIT;
44static int receive_unpack_limit = -1;
45static int transfer_unpack_limit = -1;
46static int advertise_atomic_push = 1;
47static int unpack_limit = 100;
48static int report_status;
49static int use_sideband;
50static int use_atomic;
51static int quiet;
52static int prefer_ofs_delta = 1;
53static int auto_update_server_info;
54static int auto_gc = 1;
55static int reject_thin;
56static int stateless_rpc;
57static const char *service_dir;
58static const char *head_name;
59static void *head_name_to_free;
60static int sent_capabilities;
61static int shallow_update;
62static const char *alt_shallow_file;
63static struct strbuf push_cert = STRBUF_INIT;
64static unsigned char push_cert_sha1[20];
65static struct signature_check sigcheck;
66static const char *push_cert_nonce;
67static const char *cert_nonce_seed;
68static const char *NONCE_UNSOLICITED = "UNSOLICITED";
70static const char *NONCE_BAD = "BAD";
71static const char *NONCE_MISSING = "MISSING";
72static const char *NONCE_OK = "OK";
73static const char *NONCE_SLOP = "SLOP";
74static const char *nonce_status;
75static long nonce_stamp_slop;
76static unsigned long nonce_stamp_slop_limit;
77static struct ref_transaction *transaction;
78static enum deny_action parse_deny_action(const char *var, const char *value)
80{
81 if (value) {
82 if (!strcasecmp(value, "ignore"))
83 return DENY_IGNORE;
84 if (!strcasecmp(value, "warn"))
85 return DENY_WARN;
86 if (!strcasecmp(value, "refuse"))
87 return DENY_REFUSE;
88 if (!strcasecmp(value, "updateinstead"))
89 return DENY_UPDATE_INSTEAD;
90 }
91 if (git_config_bool(var, value))
92 return DENY_REFUSE;
93 return DENY_IGNORE;
94}
95static int receive_pack_config(const char *var, const char *value, void *cb)
97{
98 int status = parse_hide_refs_config(var, value, "receive");
99 if (status)
101 return status;
102 if (strcmp(var, "receive.denydeletes") == 0) {
104 deny_deletes = git_config_bool(var, value);
105 return 0;
106 }
107 if (strcmp(var, "receive.denynonfastforwards") == 0) {
109 deny_non_fast_forwards = git_config_bool(var, value);
110 return 0;
111 }
112 if (strcmp(var, "receive.unpacklimit") == 0) {
114 receive_unpack_limit = git_config_int(var, value);
115 return 0;
116 }
117 if (strcmp(var, "transfer.unpacklimit") == 0) {
119 transfer_unpack_limit = git_config_int(var, value);
120 return 0;
121 }
122 if (strcmp(var, "receive.fsck.skiplist") == 0) {
124 const char *path;
125 if (git_config_pathname(&path, var, value))
127 return 1;
128 strbuf_addf(&fsck_msg_types, "%cskiplist=%s",
129 fsck_msg_types.len ? ',' : '=', path);
130 free((char *)path);
131 return 0;
132 }
133 if (skip_prefix(var, "receive.fsck.", &var)) {
135 if (is_valid_msg_type(var, value))
136 strbuf_addf(&fsck_msg_types, "%c%s=%s",
137 fsck_msg_types.len ? ',' : '=', var, value);
138 else
139 warning("Skipping unknown msg id '%s'", var);
140 return 0;
141 }
142 if (strcmp(var, "receive.fsckobjects") == 0) {
144 receive_fsck_objects = git_config_bool(var, value);
145 return 0;
146 }
147 if (strcmp(var, "transfer.fsckobjects") == 0) {
149 transfer_fsck_objects = git_config_bool(var, value);
150 return 0;
151 }
152 if (!strcmp(var, "receive.denycurrentbranch")) {
154 deny_current_branch = parse_deny_action(var, value);
155 return 0;
156 }
157 if (strcmp(var, "receive.denydeletecurrent") == 0) {
159 deny_delete_current = parse_deny_action(var, value);
160 return 0;
161 }
162 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
164 prefer_ofs_delta = git_config_bool(var, value);
165 return 0;
166 }
167 if (strcmp(var, "receive.updateserverinfo") == 0) {
169 auto_update_server_info = git_config_bool(var, value);
170 return 0;
171 }
172 if (strcmp(var, "receive.autogc") == 0) {
174 auto_gc = git_config_bool(var, value);
175 return 0;
176 }
177 if (strcmp(var, "receive.shallowupdate") == 0) {
179 shallow_update = git_config_bool(var, value);
180 return 0;
181 }
182 if (strcmp(var, "receive.certnonceseed") == 0)
184 return git_config_string(&cert_nonce_seed, var, value);
185 if (strcmp(var, "receive.certnonceslop") == 0) {
187 nonce_stamp_slop_limit = git_config_ulong(var, value);
188 return 0;
189 }
190 if (strcmp(var, "receive.advertiseatomic") == 0) {
192 advertise_atomic_push = git_config_bool(var, value);
193 return 0;
194 }
195 return git_default_config(var, value, cb);
197}
198static void show_ref(const char *path, const unsigned char *sha1)
200{
201 if (sent_capabilities) {
202 packet_write(1, "%s %s\n", sha1_to_hex(sha1), path);
203 } else {
204 struct strbuf cap = STRBUF_INIT;
205 strbuf_addstr(&cap,
207 "report-status delete-refs side-band-64k quiet");
208 if (advertise_atomic_push)
209 strbuf_addstr(&cap, " atomic");
210 if (prefer_ofs_delta)
211 strbuf_addstr(&cap, " ofs-delta");
212 if (push_cert_nonce)
213 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
214 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
215 packet_write(1, "%s %s%c%s\n",
216 sha1_to_hex(sha1), path, 0, cap.buf);
217 strbuf_release(&cap);
218 sent_capabilities = 1;
219 }
220}
221static int show_ref_cb(const char *path_full, const struct object_id *oid,
223 int flag, void *unused)
224{
225 const char *path = strip_namespace(path_full);
226 if (ref_is_hidden(path, path_full))
228 return 0;
229 /*
231 * Advertise refs outside our current namespace as ".have"
232 * refs, so that the client can use them to minimize data
233 * transfer but will otherwise ignore them. This happens to
234 * cover ".have" that are thrown in by add_one_alternate_ref()
235 * to mark histories that are complete in our alternates as
236 * well.
237 */
238 if (!path)
239 path = ".have";
240 show_ref(path, oid->hash);
241 return 0;
242}
243static void show_one_alternate_sha1(const unsigned char sha1[20], void *unused)
245{
246 show_ref(".have", sha1);
247}
248static void collect_one_alternate_ref(const struct ref *ref, void *data)
250{
251 struct sha1_array *sa = data;
252 sha1_array_append(sa, ref->old_oid.hash);
253}
254static void write_head_info(void)
256{
257 struct sha1_array sa = SHA1_ARRAY_INIT;
258 for_each_alternate_ref(collect_one_alternate_ref, &sa);
260 sha1_array_for_each_unique(&sa, show_one_alternate_sha1, NULL);
261 sha1_array_clear(&sa);
262 for_each_ref(show_ref_cb, NULL);
263 if (!sent_capabilities)
264 show_ref("capabilities^{}", null_sha1);
265 advertise_shallow_grafts(1);
267 /* EOF */
269 packet_flush(1);
270}
271struct command {
273 struct command *next;
274 const char *error_string;
275 unsigned int skip_update:1,
276 did_not_exist:1;
277 int index;
278 unsigned char old_sha1[20];
279 unsigned char new_sha1[20];
280 char ref_name[FLEX_ARRAY]; /* more */
281};
282static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
284static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
285static void report_message(const char *prefix, const char *err, va_list params)
287{
288 int sz;
289 char msg[4096];
290 sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
292 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
293 if (sz > (sizeof(msg) - 1))
294 sz = sizeof(msg) - 1;
295 msg[sz++] = '\n';
296 if (use_sideband)
298 send_sideband(1, 2, msg, sz, use_sideband);
299 else
300 xwrite(2, msg, sz);
301}
302static void rp_warning(const char *err, ...)
304{
305 va_list params;
306 va_start(params, err);
307 report_message("warning: ", err, params);
308 va_end(params);
309}
310static void rp_error(const char *err, ...)
312{
313 va_list params;
314 va_start(params, err);
315 report_message("error: ", err, params);
316 va_end(params);
317}
318static int copy_to_sideband(int in, int out, void *arg)
320{
321 char data[128];
322 while (1) {
323 ssize_t sz = xread(in, data, sizeof(data));
324 if (sz <= 0)
325 break;
326 send_sideband(1, 2, data, sz, use_sideband);
327 }
328 close(in);
329 return 0;
330}
331#define HMAC_BLOCK_SIZE 64
333static void hmac_sha1(unsigned char *out,
335 const char *key_in, size_t key_len,
336 const char *text, size_t text_len)
337{
338 unsigned char key[HMAC_BLOCK_SIZE];
339 unsigned char k_ipad[HMAC_BLOCK_SIZE];
340 unsigned char k_opad[HMAC_BLOCK_SIZE];
341 int i;
342 git_SHA_CTX ctx;
343 /* RFC 2104 2. (1) */
345 memset(key, '\0', HMAC_BLOCK_SIZE);
346 if (HMAC_BLOCK_SIZE < key_len) {
347 git_SHA1_Init(&ctx);
348 git_SHA1_Update(&ctx, key_in, key_len);
349 git_SHA1_Final(key, &ctx);
350 } else {
351 memcpy(key, key_in, key_len);
352 }
353 /* RFC 2104 2. (2) & (5) */
355 for (i = 0; i < sizeof(key); i++) {
356 k_ipad[i] = key[i] ^ 0x36;
357 k_opad[i] = key[i] ^ 0x5c;
358 }
359 /* RFC 2104 2. (3) & (4) */
361 git_SHA1_Init(&ctx);
362 git_SHA1_Update(&ctx, k_ipad, sizeof(k_ipad));
363 git_SHA1_Update(&ctx, text, text_len);
364 git_SHA1_Final(out, &ctx);
365 /* RFC 2104 2. (6) & (7) */
367 git_SHA1_Init(&ctx);
368 git_SHA1_Update(&ctx, k_opad, sizeof(k_opad));
369 git_SHA1_Update(&ctx, out, 20);
370 git_SHA1_Final(out, &ctx);
371}
372static char *prepare_push_cert_nonce(const char *path, unsigned long stamp)
374{
375 struct strbuf buf = STRBUF_INIT;
376 unsigned char sha1[20];
377 strbuf_addf(&buf, "%s:%lu", path, stamp);
379 hmac_sha1(sha1, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));;
380 strbuf_release(&buf);
381 /* RFC 2104 5. HMAC-SHA1-80 */
383 strbuf_addf(&buf, "%lu-%.*s", stamp, 20, sha1_to_hex(sha1));
384 return strbuf_detach(&buf, NULL);
385}
386/*
388 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
389 * after dropping "_commit" from its name and possibly moving it out
390 * of commit.c
391 */
392static char *find_header(const char *msg, size_t len, const char *key)
393{
394 int key_len = strlen(key);
395 const char *line = msg;
396 while (line && line < msg + len) {
398 const char *eol = strchrnul(line, '\n');
399 if ((msg + len <= eol) || line == eol)
401 return NULL;
402 if (line + key_len < eol &&
403 !memcmp(line, key, key_len) && line[key_len] == ' ') {
404 int offset = key_len + 1;
405 return xmemdupz(line + offset, (eol - line) - offset);
406 }
407 line = *eol ? eol + 1 : NULL;
408 }
409 return NULL;
410}
411static const char *check_nonce(const char *buf, size_t len)
413{
414 char *nonce = find_header(buf, len, "nonce");
415 unsigned long stamp, ostamp;
416 char *bohmac, *expect = NULL;
417 const char *retval = NONCE_BAD;
418 if (!nonce) {
420 retval = NONCE_MISSING;
421 goto leave;
422 } else if (!push_cert_nonce) {
423 retval = NONCE_UNSOLICITED;
424 goto leave;
425 } else if (!strcmp(push_cert_nonce, nonce)) {
426 retval = NONCE_OK;
427 goto leave;
428 }
429 if (!stateless_rpc) {
431 /* returned nonce MUST match what we gave out earlier */
432 retval = NONCE_BAD;
433 goto leave;
434 }
435 /*
437 * In stateless mode, we may be receiving a nonce issued by
438 * another instance of the server that serving the same
439 * repository, and the timestamps may not match, but the
440 * nonce-seed and dir should match, so we can recompute and
441 * report the time slop.
442 *
443 * In addition, when a nonce issued by another instance has
444 * timestamp within receive.certnonceslop seconds, we pretend
445 * as if we issued that nonce when reporting to the hook.
446 */
447 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
449 if (*nonce <= '0' || '9' < *nonce) {
450 retval = NONCE_BAD;
451 goto leave;
452 }
453 stamp = strtoul(nonce, &bohmac, 10);
454 if (bohmac == nonce || bohmac[0] != '-') {
455 retval = NONCE_BAD;
456 goto leave;
457 }
458 expect = prepare_push_cert_nonce(service_dir, stamp);
460 if (strcmp(expect, nonce)) {
461 /* Not what we would have signed earlier */
462 retval = NONCE_BAD;
463 goto leave;
464 }
465 /*
467 * By how many seconds is this nonce stale? Negative value
468 * would mean it was issued by another server with its clock
469 * skewed in the future.
470 */
471 ostamp = strtoul(push_cert_nonce, NULL, 10);
472 nonce_stamp_slop = (long)ostamp - (long)stamp;
473 if (nonce_stamp_slop_limit &&
475 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
476 /*
477 * Pretend as if the received nonce (which passes the
478 * HMAC check, so it is not a forged by third-party)
479 * is what we issued.
480 */
481 free((void *)push_cert_nonce);
482 push_cert_nonce = xstrdup(nonce);
483 retval = NONCE_OK;
484 } else {
485 retval = NONCE_SLOP;
486 }
487leave:
489 free(nonce);
490 free(expect);
491 return retval;
492}
493static void prepare_push_cert_sha1(struct child_process *proc)
495{
496 static int already_done;
497 if (!push_cert.len)
499 return;
500 if (!already_done) {
502 struct strbuf gpg_output = STRBUF_INIT;
503 struct strbuf gpg_status = STRBUF_INIT;
504 int bogs /* beginning_of_gpg_sig */;
505 already_done = 1;
507 if (write_sha1_file(push_cert.buf, push_cert.len, "blob", push_cert_sha1))
508 hashclr(push_cert_sha1);
509 memset(&sigcheck, '\0', sizeof(sigcheck));
511 sigcheck.result = 'N';
512 bogs = parse_signature(push_cert.buf, push_cert.len);
514 if (verify_signed_buffer(push_cert.buf, bogs,
515 push_cert.buf + bogs, push_cert.len - bogs,
516 &gpg_output, &gpg_status) < 0) {
517 ; /* error running gpg */
518 } else {
519 sigcheck.payload = push_cert.buf;
520 sigcheck.gpg_output = gpg_output.buf;
521 sigcheck.gpg_status = gpg_status.buf;
522 parse_gpg_output(&sigcheck);
523 }
524 strbuf_release(&gpg_output);
526 strbuf_release(&gpg_status);
527 nonce_status = check_nonce(push_cert.buf, bogs);
528 }
529 if (!is_null_sha1(push_cert_sha1)) {
530 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT=%s",
531 sha1_to_hex(push_cert_sha1));
532 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_SIGNER=%s",
533 sigcheck.signer ? sigcheck.signer : "");
534 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_KEY=%s",
535 sigcheck.key ? sigcheck.key : "");
536 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_STATUS=%c",
537 sigcheck.result);
538 if (push_cert_nonce) {
539 argv_array_pushf(&proc->env_array,
540 "GIT_PUSH_CERT_NONCE=%s",
541 push_cert_nonce);
542 argv_array_pushf(&proc->env_array,
543 "GIT_PUSH_CERT_NONCE_STATUS=%s",
544 nonce_status);
545 if (nonce_status == NONCE_SLOP)
546 argv_array_pushf(&proc->env_array,
547 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
548 nonce_stamp_slop);
549 }
550 }
551}
552typedef int (*feed_fn)(void *, const char **, size_t *);
554static int run_and_feed_hook(const char *hook_name, feed_fn feed, void *feed_state)
555{
556 struct child_process proc = CHILD_PROCESS_INIT;
557 struct async muxer;
558 const char *argv[2];
559 int code;
560 argv[0] = find_hook(hook_name);
562 if (!argv[0])
563 return 0;
564 argv[1] = NULL;
566 proc.argv = argv;
568 proc.in = -1;
569 proc.stdout_to_stderr = 1;
570 if (use_sideband) {
572 memset(&muxer, 0, sizeof(muxer));
573 muxer.proc = copy_to_sideband;
574 muxer.in = -1;
575 code = start_async(&muxer);
576 if (code)
577 return code;
578 proc.err = muxer.in;
579 }
580 prepare_push_cert_sha1(&proc);
582 code = start_command(&proc);
584 if (code) {
585 if (use_sideband)
586 finish_async(&muxer);
587 return code;
588 }
589 sigchain_push(SIGPIPE, SIG_IGN);
591 while (1) {
593 const char *buf;
594 size_t n;
595 if (feed(feed_state, &buf, &n))
596 break;
597 if (write_in_full(proc.in, buf, n) != n)
598 break;
599 }
600 close(proc.in);
601 if (use_sideband)
602 finish_async(&muxer);
603 sigchain_pop(SIGPIPE);
605 return finish_command(&proc);
607}
608struct receive_hook_feed_state {
610 struct command *cmd;
611 int skip_broken;
612 struct strbuf buf;
613};
614static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
616{
617 struct receive_hook_feed_state *state = state_;
618 struct command *cmd = state->cmd;
619 while (cmd &&
621 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
622 cmd = cmd->next;
623 if (!cmd)
624 return -1; /* EOF */
625 strbuf_reset(&state->buf);
626 strbuf_addf(&state->buf, "%s %s %s\n",
627 sha1_to_hex(cmd->old_sha1), sha1_to_hex(cmd->new_sha1),
628 cmd->ref_name);
629 state->cmd = cmd->next;
630 if (bufp) {
631 *bufp = state->buf.buf;
632 *sizep = state->buf.len;
633 }
634 return 0;
635}
636static int run_receive_hook(struct command *commands, const char *hook_name,
638 int skip_broken)
639{
640 struct receive_hook_feed_state state;
641 int status;
642 strbuf_init(&state.buf, 0);
644 state.cmd = commands;
645 state.skip_broken = skip_broken;
646 if (feed_receive_hook(&state, NULL, NULL))
647 return 0;
648 state.cmd = commands;
649 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
650 strbuf_release(&state.buf);
651 return status;
652}
653static int run_update_hook(struct command *cmd)
655{
656 const char *argv[5];
657 struct child_process proc = CHILD_PROCESS_INIT;
658 int code;
659 argv[0] = find_hook("update");
661 if (!argv[0])
662 return 0;
663 argv[1] = cmd->ref_name;
665 argv[2] = sha1_to_hex(cmd->old_sha1);
666 argv[3] = sha1_to_hex(cmd->new_sha1);
667 argv[4] = NULL;
668 proc.no_stdin = 1;
670 proc.stdout_to_stderr = 1;
671 proc.err = use_sideband ? -1 : 0;
672 proc.argv = argv;
673 code = start_command(&proc);
675 if (code)
676 return code;
677 if (use_sideband)
678 copy_to_sideband(proc.err, -1, NULL);
679 return finish_command(&proc);
680}
681static int is_ref_checked_out(const char *ref)
683{
684 if (is_bare_repository())
685 return 0;
686 if (!head_name)
688 return 0;
689 return !strcmp(head_name, ref);
690}
691static char *refuse_unconfigured_deny_msg[] = {
693 "By default, updating the current branch in a non-bare repository",
694 "is denied, because it will make the index and work tree inconsistent",
695 "with what you pushed, and will require 'git reset --hard' to match",
696 "the work tree to HEAD.",
697 "",
698 "You can set 'receive.denyCurrentBranch' configuration variable to",
699 "'ignore' or 'warn' in the remote repository to allow pushing into",
700 "its current branch; however, this is not recommended unless you",
701 "arranged to update its work tree to match what you pushed in some",
702 "other way.",
703 "",
704 "To squelch this message and still keep the default behaviour, set",
705 "'receive.denyCurrentBranch' configuration variable to 'refuse'."
706};
707static void refuse_unconfigured_deny(void)
709{
710 int i;
711 for (i = 0; i < ARRAY_SIZE(refuse_unconfigured_deny_msg); i++)
712 rp_error("%s", refuse_unconfigured_deny_msg[i]);
713}
714static char *refuse_unconfigured_deny_delete_current_msg[] = {
716 "By default, deleting the current branch is denied, because the next",
717 "'git clone' won't result in any file checked out, causing confusion.",
718 "",
719 "You can set 'receive.denyDeleteCurrent' configuration variable to",
720 "'warn' or 'ignore' in the remote repository to allow deleting the",
721 "current branch, with or without a warning message.",
722 "",
723 "To squelch this message, you can set it to 'refuse'."
724};
725static void refuse_unconfigured_deny_delete_current(void)
727{
728 int i;
729 for (i = 0;
730 i < ARRAY_SIZE(refuse_unconfigured_deny_delete_current_msg);
731 i++)
732 rp_error("%s", refuse_unconfigured_deny_delete_current_msg[i]);
733}
734static int command_singleton_iterator(void *cb_data, unsigned char sha1[20]);
736static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
737{
738 static struct lock_file shallow_lock;
739 struct sha1_array extra = SHA1_ARRAY_INIT;
740 struct check_connected_options opt = CHECK_CONNECTED_INIT;
741 uint32_t mask = 1 << (cmd->index % 32);
742 int i;
743 trace_printf_key(&trace_shallow,
745 "shallow: update_shallow_ref %s\n", cmd->ref_name);
746 for (i = 0; i < si->shallow->nr; i++)
747 if (si->used_shallow[i] &&
748 (si->used_shallow[i][cmd->index / 32] & mask) &&
749 !delayed_reachability_test(si, i))
750 sha1_array_append(&extra, si->shallow->sha1[i]);
751 setup_alternate_shallow(&shallow_lock, &opt.shallow_file, &extra);
753 if (check_connected(command_singleton_iterator, cmd, &opt)) {
754 rollback_lock_file(&shallow_lock);
755 sha1_array_clear(&extra);
756 return -1;
757 }
758 commit_lock_file(&shallow_lock);
760 /*
762 * Make sure setup_alternate_shallow() for the next ref does
763 * not lose these new roots..
764 */
765 for (i = 0; i < extra.nr; i++)
766 register_shallow(extra.sha1[i]);
767 si->shallow_ref[cmd->index] = 0;
769 sha1_array_clear(&extra);
770 return 0;
771}
772/*
774 * NEEDSWORK: we should consolidate various implementions of "are we
775 * on an unborn branch?" test into one, and make the unified one more
776 * robust. !get_sha1() based check used here and elsewhere would not
777 * allow us to tell an unborn branch from corrupt ref, for example.
778 * For the purpose of fixing "deploy-to-update does not work when
779 * pushing into an empty repository" issue, this should suffice for
780 * now.
781 */
782static int head_has_history(void)
783{
784 unsigned char sha1[20];
785 return !get_sha1("HEAD", sha1);
787}
788static const char *push_to_deploy(unsigned char *sha1,
790 struct argv_array *env,
791 const char *work_tree)
792{
793 const char *update_refresh[] = {
794 "update-index", "-q", "--ignore-submodules", "--refresh", NULL
795 };
796 const char *diff_files[] = {
797 "diff-files", "--quiet", "--ignore-submodules", "--", NULL
798 };
799 const char *diff_index[] = {
800 "diff-index", "--quiet", "--cached", "--ignore-submodules",
801 NULL, "--", NULL
802 };
803 const char *read_tree[] = {
804 "read-tree", "-u", "-m", NULL, NULL
805 };
806 struct child_process child = CHILD_PROCESS_INIT;
807 child.argv = update_refresh;
809 child.env = env->argv;
810 child.dir = work_tree;
811 child.no_stdin = 1;
812 child.stdout_to_stderr = 1;
813 child.git_cmd = 1;
814 if (run_command(&child))
815 return "Up-to-date check failed";
816 /* run_command() does not clean up completely; reinitialize */
818 child_process_init(&child);
819 child.argv = diff_files;
820 child.env = env->argv;
821 child.dir = work_tree;
822 child.no_stdin = 1;
823 child.stdout_to_stderr = 1;
824 child.git_cmd = 1;
825 if (run_command(&child))
826 return "Working directory has unstaged changes";
827 /* diff-index with either HEAD or an empty tree */
829 diff_index[4] = head_has_history() ? "HEAD" : EMPTY_TREE_SHA1_HEX;
830 child_process_init(&child);
832 child.argv = diff_index;
833 child.env = env->argv;
834 child.no_stdin = 1;
835 child.no_stdout = 1;
836 child.stdout_to_stderr = 0;
837 child.git_cmd = 1;
838 if (run_command(&child))
839 return "Working directory has staged changes";
840 read_tree[3] = sha1_to_hex(sha1);
842 child_process_init(&child);
843 child.argv = read_tree;
844 child.env = env->argv;
845 child.dir = work_tree;
846 child.no_stdin = 1;
847 child.no_stdout = 1;
848 child.stdout_to_stderr = 0;
849 child.git_cmd = 1;
850 if (run_command(&child))
851 return "Could not update working tree to new HEAD";
852 return NULL;
854}
855static const char *push_to_checkout_hook = "push-to-checkout";
857static const char *push_to_checkout(unsigned char *sha1,
859 struct argv_array *env,
860 const char *work_tree)
861{
862 argv_array_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
863 if (run_hook_le(env->argv, push_to_checkout_hook,
864 sha1_to_hex(sha1), NULL))
865 return "push-to-checkout hook declined";
866 else
867 return NULL;
868}
869static const char *update_worktree(unsigned char *sha1)
871{
872 const char *retval;
873 const char *work_tree = git_work_tree_cfg ? git_work_tree_cfg : "..";
874 struct argv_array env = ARGV_ARRAY_INIT;
875 if (is_bare_repository())
877 return "denyCurrentBranch = updateInstead needs a worktree";
878 argv_array_pushf(&env, "GIT_DIR=%s", absolute_path(get_git_dir()));
880 if (!find_hook(push_to_checkout_hook))
882 retval = push_to_deploy(sha1, &env, work_tree);
883 else
884 retval = push_to_checkout(sha1, &env, work_tree);
885 argv_array_clear(&env);
887 return retval;
888}
889static const char *update(struct command *cmd, struct shallow_info *si)
891{
892 const char *name = cmd->ref_name;
893 struct strbuf namespaced_name_buf = STRBUF_INIT;
894 const char *namespaced_name, *ret;
895 unsigned char *old_sha1 = cmd->old_sha1;
896 unsigned char *new_sha1 = cmd->new_sha1;
897 /* only refs/... are allowed */
899 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
900 rp_error("refusing to create funny ref '%s' remotely", name);
901 return "funny refname";
902 }
903 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
905 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
906 if (is_ref_checked_out(namespaced_name)) {
908 switch (deny_current_branch) {
909 case DENY_IGNORE:
910 break;
911 case DENY_WARN:
912 rp_warning("updating the current branch");
913 break;
914 case DENY_REFUSE:
915 case DENY_UNCONFIGURED:
916 rp_error("refusing to update checked out branch: %s", name);
917 if (deny_current_branch == DENY_UNCONFIGURED)
918 refuse_unconfigured_deny();
919 return "branch is currently checked out";
920 case DENY_UPDATE_INSTEAD:
921 ret = update_worktree(new_sha1);
922 if (ret)
923 return ret;
924 break;
925 }
926 }
927 if (!is_null_sha1(new_sha1) && !has_sha1_file(new_sha1)) {
929 error("unpack should have generated %s, "
930 "but I can't find it!", sha1_to_hex(new_sha1));
931 return "bad pack";
932 }
933 if (!is_null_sha1(old_sha1) && is_null_sha1(new_sha1)) {
935 if (deny_deletes && starts_with(name, "refs/heads/")) {
936 rp_error("denying ref deletion for %s", name);
937 return "deletion prohibited";
938 }
939 if (head_name && !strcmp(namespaced_name, head_name)) {
941 switch (deny_delete_current) {
942 case DENY_IGNORE:
943 break;
944 case DENY_WARN:
945 rp_warning("deleting the current branch");
946 break;
947 case DENY_REFUSE:
948 case DENY_UNCONFIGURED:
949 case DENY_UPDATE_INSTEAD:
950 if (deny_delete_current == DENY_UNCONFIGURED)
951 refuse_unconfigured_deny_delete_current();
952 rp_error("refusing to delete the current branch: %s", name);
953 return "deletion of the current branch prohibited";
954 default:
955 return "Invalid denyDeleteCurrent setting";
956 }
957 }
958 }
959 if (deny_non_fast_forwards && !is_null_sha1(new_sha1) &&
961 !is_null_sha1(old_sha1) &&
962 starts_with(name, "refs/heads/")) {
963 struct object *old_object, *new_object;
964 struct commit *old_commit, *new_commit;
965 old_object = parse_object(old_sha1);
967 new_object = parse_object(new_sha1);
968 if (!old_object || !new_object ||
970 old_object->type != OBJ_COMMIT ||
971 new_object->type != OBJ_COMMIT) {
972 error("bad sha1 objects for %s", name);
973 return "bad ref";
974 }
975 old_commit = (struct commit *)old_object;
976 new_commit = (struct commit *)new_object;
977 if (!in_merge_bases(old_commit, new_commit)) {
978 rp_error("denying non-fast-forward %s"
979 " (you should pull first)", name);
980 return "non-fast-forward";
981 }
982 }
983 if (run_update_hook(cmd)) {
984 rp_error("hook declined to update %s", name);
985 return "hook declined";
986 }
987 if (is_null_sha1(new_sha1)) {
989 struct strbuf err = STRBUF_INIT;
990 if (!parse_object(old_sha1)) {
991 old_sha1 = NULL;
992 if (ref_exists(name)) {
993 rp_warning("Allowing deletion of corrupt ref.");
994 } else {
995 rp_warning("Deleting a non-existent ref.");
996 cmd->did_not_exist = 1;
997 }
998 }
999 if (ref_transaction_delete(transaction,
1000 namespaced_name,
1001 old_sha1,
1002 0, "push", &err)) {
1003 rp_error("%s", err.buf);
1004 strbuf_release(&err);
1005 return "failed to delete";
1006 }
1007 strbuf_release(&err);
1008 return NULL; /* good */
1009 }
1010 else {
1011 struct strbuf err = STRBUF_INIT;
1012 if (shallow_update && si->shallow_ref[cmd->index] &&
1013 update_shallow_ref(cmd, si))
1014 return "shallow error";
1015 if (ref_transaction_update(transaction,
1017 namespaced_name,
1018 new_sha1, old_sha1,
1019 0, "push",
1020 &err)) {
1021 rp_error("%s", err.buf);
1022 strbuf_release(&err);
1023 return "failed to update ref";
1025 }
1026 strbuf_release(&err);
1027 return NULL; /* good */
1029 }
1030}
1031static void run_update_post_hook(struct command *commands)
1033{
1034 struct command *cmd;
1035 int argc;
1036 struct child_process proc = CHILD_PROCESS_INIT;
1037 const char *hook;
1038 hook = find_hook("post-update");
1040 for (argc = 0, cmd = commands; cmd; cmd = cmd->next) {
1041 if (cmd->error_string || cmd->did_not_exist)
1042 continue;
1043 argc++;
1044 }
1045 if (!argc || !hook)
1046 return;
1047 argv_array_push(&proc.args, hook);
1049 for (cmd = commands; cmd; cmd = cmd->next) {
1050 if (cmd->error_string || cmd->did_not_exist)
1051 continue;
1052 argv_array_push(&proc.args, cmd->ref_name);
1053 }
1054 proc.no_stdin = 1;
1056 proc.stdout_to_stderr = 1;
1057 proc.err = use_sideband ? -1 : 0;
1058 if (!start_command(&proc)) {
1060 if (use_sideband)
1061 copy_to_sideband(proc.err, -1, NULL);
1062 finish_command(&proc);
1063 }
1064}
1065static void check_aliased_update(struct command *cmd, struct string_list *list)
1067{
1068 struct strbuf buf = STRBUF_INIT;
1069 const char *dst_name;
1070 struct string_list_item *item;
1071 struct command *dst_cmd;
1072 unsigned char sha1[GIT_SHA1_RAWSZ];
1073 char cmd_oldh[GIT_SHA1_HEXSZ + 1],
1074 cmd_newh[GIT_SHA1_HEXSZ + 1],
1075 dst_oldh[GIT_SHA1_HEXSZ + 1],
1076 dst_newh[GIT_SHA1_HEXSZ + 1];
1077 int flag;
1078 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1080 dst_name = resolve_ref_unsafe(buf.buf, 0, sha1, &flag);
1081 strbuf_release(&buf);
1082 if (!(flag & REF_ISSYMREF))
1084 return;
1085 if (!dst_name) {
1087 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1088 cmd->skip_update = 1;
1089 cmd->error_string = "broken symref";
1090 return;
1091 }
1092 dst_name = strip_namespace(dst_name);
1093 if ((item = string_list_lookup(list, dst_name)) == NULL)
1095 return;
1096 cmd->skip_update = 1;
1098 dst_cmd = (struct command *) item->util;
1100 if (!hashcmp(cmd->old_sha1, dst_cmd->old_sha1) &&
1102 !hashcmp(cmd->new_sha1, dst_cmd->new_sha1))
1103 return;
1104 dst_cmd->skip_update = 1;
1106 find_unique_abbrev_r(cmd_oldh, cmd->old_sha1, DEFAULT_ABBREV);
1108 find_unique_abbrev_r(cmd_newh, cmd->new_sha1, DEFAULT_ABBREV);
1109 find_unique_abbrev_r(dst_oldh, dst_cmd->old_sha1, DEFAULT_ABBREV);
1110 find_unique_abbrev_r(dst_newh, dst_cmd->new_sha1, DEFAULT_ABBREV);
1111 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1112 " its target '%s' (%s..%s)",
1113 cmd->ref_name, cmd_oldh, cmd_newh,
1114 dst_cmd->ref_name, dst_oldh, dst_newh);
1115 cmd->error_string = dst_cmd->error_string =
1117 "inconsistent aliased update";
1118}
1119static void check_aliased_updates(struct command *commands)
1121{
1122 struct command *cmd;
1123 struct string_list ref_list = STRING_LIST_INIT_NODUP;
1124 for (cmd = commands; cmd; cmd = cmd->next) {
1126 struct string_list_item *item =
1127 string_list_append(&ref_list, cmd->ref_name);
1128 item->util = (void *)cmd;
1129 }
1130 string_list_sort(&ref_list);
1131 for (cmd = commands; cmd; cmd = cmd->next) {
1133 if (!cmd->error_string)
1134 check_aliased_update(cmd, &ref_list);
1135 }
1136 string_list_clear(&ref_list, 0);
1138}
1139static int command_singleton_iterator(void *cb_data, unsigned char sha1[20])
1141{
1142 struct command **cmd_list = cb_data;
1143 struct command *cmd = *cmd_list;
1144 if (!cmd || is_null_sha1(cmd->new_sha1))
1146 return -1; /* end of list */
1147 *cmd_list = NULL; /* this returns only one */
1148 hashcpy(sha1, cmd->new_sha1);
1149 return 0;
1150}
1151static void set_connectivity_errors(struct command *commands,
1153 struct shallow_info *si)
1154{
1155 struct command *cmd;
1156 for (cmd = commands; cmd; cmd = cmd->next) {
1158 struct command *singleton = cmd;
1159 if (shallow_update && si->shallow_ref[cmd->index])
1160 /* to be checked in update_shallow_ref() */
1161 continue;
1162 if (!check_connected(command_singleton_iterator, &singleton,
1163 NULL))
1164 continue;
1165 cmd->error_string = "missing necessary objects";
1166 }
1167}
1168struct iterate_data {
1170 struct command *cmds;
1171 struct shallow_info *si;
1172};
1173static int iterate_receive_command_list(void *cb_data, unsigned char sha1[20])
1175{
1176 struct iterate_data *data = cb_data;
1177 struct command **cmd_list = &data->cmds;
1178 struct command *cmd = *cmd_list;
1179 for (; cmd; cmd = cmd->next) {
1181 if (shallow_update && data->si->shallow_ref[cmd->index])
1182 /* to be checked in update_shallow_ref() */
1183 continue;
1184 if (!is_null_sha1(cmd->new_sha1) && !cmd->skip_update) {
1185 hashcpy(sha1, cmd->new_sha1);
1186 *cmd_list = cmd->next;
1187 return 0;
1188 }
1189 }
1190 *cmd_list = NULL;
1191 return -1; /* end of list */
1192}
1193static void reject_updates_to_hidden(struct command *commands)
1195{
1196 struct strbuf refname_full = STRBUF_INIT;
1197 size_t prefix_len;
1198 struct command *cmd;
1199 strbuf_addstr(&refname_full, get_git_namespace());
1201 prefix_len = refname_full.len;
1202 for (cmd = commands; cmd; cmd = cmd->next) {
1204 if (cmd->error_string)
1205 continue;
1206 strbuf_setlen(&refname_full, prefix_len);
1208 strbuf_addstr(&refname_full, cmd->ref_name);
1209 if (!ref_is_hidden(cmd->ref_name, refname_full.buf))
1211 continue;
1212 if (is_null_sha1(cmd->new_sha1))
1213 cmd->error_string = "deny deleting a hidden ref";
1214 else
1215 cmd->error_string = "deny updating a hidden ref";
1216 }
1217 strbuf_release(&refname_full);
1219}
1220static int should_process_cmd(struct command *cmd)
1222{
1223 return !cmd->error_string && !cmd->skip_update;
1224}
1225static void warn_if_skipped_connectivity_check(struct command *commands,
1227 struct shallow_info *si)
1228{
1229 struct command *cmd;
1230 int checked_connectivity = 1;
1231 for (cmd = commands; cmd; cmd = cmd->next) {
1233 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index]) {
1234 error("BUG: connectivity check has not been run on ref %s",
1235 cmd->ref_name);
1236 checked_connectivity = 0;
1237 }
1238 }
1239 if (!checked_connectivity)
1240 die("BUG: connectivity check skipped???");
1241}
1242static void execute_commands_non_atomic(struct command *commands,
1244 struct shallow_info *si)
1245{
1246 struct command *cmd;
1247 struct strbuf err = STRBUF_INIT;
1248 for (cmd = commands; cmd; cmd = cmd->next) {
1250 if (!should_process_cmd(cmd))
1251 continue;
1252 transaction = ref_transaction_begin(&err);
1254 if (!transaction) {
1255 rp_error("%s", err.buf);
1256 strbuf_reset(&err);
1257 cmd->error_string = "transaction failed to start";
1258 continue;
1259 }
1260 cmd->error_string = update(cmd, si);
1262 if (!cmd->error_string
1264 && ref_transaction_commit(transaction, &err)) {
1265 rp_error("%s", err.buf);
1266 strbuf_reset(&err);
1267 cmd->error_string = "failed to update ref";
1268 }
1269 ref_transaction_free(transaction);
1270 }
1271 strbuf_release(&err);
1272}
1273static void execute_commands_atomic(struct command *commands,
1275 struct shallow_info *si)
1276{
1277 struct command *cmd;
1278 struct strbuf err = STRBUF_INIT;
1279 const char *reported_error = "atomic push failure";
1280 transaction = ref_transaction_begin(&err);
1282 if (!transaction) {
1283 rp_error("%s", err.buf);
1284 strbuf_reset(&err);
1285 reported_error = "transaction failed to start";
1286 goto failure;
1287 }
1288 for (cmd = commands; cmd; cmd = cmd->next) {
1290 if (!should_process_cmd(cmd))
1291 continue;
1292 cmd->error_string = update(cmd, si);
1294 if (cmd->error_string)
1296 goto failure;
1297 }
1298 if (ref_transaction_commit(transaction, &err)) {
1300 rp_error("%s", err.buf);
1301 reported_error = "atomic transaction failed";
1302 goto failure;
1303 }
1304 goto cleanup;
1305failure:
1307 for (cmd = commands; cmd; cmd = cmd->next)
1308 if (!cmd->error_string)
1309 cmd->error_string = reported_error;
1310cleanup:
1312 ref_transaction_free(transaction);
1313 strbuf_release(&err);
1314}
1315static void execute_commands(struct command *commands,
1317 const char *unpacker_error,
1318 struct shallow_info *si)
1319{
1320 struct check_connected_options opt = CHECK_CONNECTED_INIT;
1321 struct command *cmd;
1322 unsigned char sha1[20];
1323 struct iterate_data data;
1324 struct async muxer;
1325 int err_fd = 0;
1326 if (unpacker_error) {
1328 for (cmd = commands; cmd; cmd = cmd->next)
1329 cmd->error_string = "unpacker error";
1330 return;
1331 }
1332 if (use_sideband) {
1334 memset(&muxer, 0, sizeof(muxer));
1335 muxer.proc = copy_to_sideband;
1336 muxer.in = -1;
1337 if (!start_async(&muxer))
1338 err_fd = muxer.in;
1339 /* ...else, continue without relaying sideband */
1340 }
1341 data.cmds = commands;
1343 data.si = si;
1344 opt.err_fd = err_fd;
1345 if (check_connected(iterate_receive_command_list, &data, &opt))
1346 set_connectivity_errors(commands, si);
1347 if (use_sideband)
1349 finish_async(&muxer);
1350 reject_updates_to_hidden(commands);
1352 if (run_receive_hook(commands, "pre-receive", 0)) {
1354 for (cmd = commands; cmd; cmd = cmd->next) {
1355 if (!cmd->error_string)
1356 cmd->error_string = "pre-receive hook declined";
1357 }
1358 return;
1359 }
1360 check_aliased_updates(commands);
1362 free(head_name_to_free);
1364 head_name = head_name_to_free = resolve_refdup("HEAD", 0, sha1, NULL);
1365 if (use_atomic)
1367 execute_commands_atomic(commands, si);
1368 else
1369 execute_commands_non_atomic(commands, si);
1370 if (shallow_update)
1372 warn_if_skipped_connectivity_check(commands, si);
1373}
1374static struct command **queue_command(struct command **tail,
1376 const char *line,
1377 int linelen)
1378{
1379 unsigned char old_sha1[20], new_sha1[20];
1380 struct command *cmd;
1381 const char *refname;
1382 int reflen;
1383 if (linelen < 83 ||
1385 line[40] != ' ' ||
1386 line[81] != ' ' ||
1387 get_sha1_hex(line, old_sha1) ||
1388 get_sha1_hex(line + 41, new_sha1))
1389 die("protocol error: expected old/new/ref, got '%s'", line);
1390 refname = line + 82;
1392 reflen = linelen - 82;
1393 cmd = xcalloc(1, st_add3(sizeof(struct command), reflen, 1));
1394 hashcpy(cmd->old_sha1, old_sha1);
1395 hashcpy(cmd->new_sha1, new_sha1);
1396 memcpy(cmd->ref_name, refname, reflen);
1397 cmd->ref_name[reflen] = '\0';
1398 *tail = cmd;
1399 return &cmd->next;
1400}
1401static void queue_commands_from_cert(struct command **tail,
1403 struct strbuf *push_cert)
1404{
1405 const char *boc, *eoc;
1406 if (*tail)
1408 die("protocol error: got both push certificate and unsigned commands");
1409 boc = strstr(push_cert->buf, "\n\n");
1411 if (!boc)
1412 die("malformed push certificate %.*s", 100, push_cert->buf);
1413 else
1414 boc += 2;
1415 eoc = push_cert->buf + parse_signature(push_cert->buf, push_cert->len);
1416 while (boc < eoc) {
1418 const char *eol = memchr(boc, '\n', eoc - boc);
1419 tail = queue_command(tail, boc, eol ? eol - boc : eoc - eol);
1420 boc = eol ? eol + 1 : eoc;
1421 }
1422}
1423static struct command *read_head_info(struct sha1_array *shallow)
1425{
1426 struct command *commands = NULL;
1427 struct command **p = &commands;
1428 for (;;) {
1429 char *line;
1430 int len, linelen;
1431 line = packet_read_line(0, &len);
1433 if (!line)
1434 break;
1435 if (len == 48 && starts_with(line, "shallow ")) {
1437 unsigned char sha1[20];
1438 if (get_sha1_hex(line + 8, sha1))
1439 die("protocol error: expected shallow sha, got '%s'",
1440 line + 8);
1441 sha1_array_append(shallow, sha1);
1442 continue;
1443 }
1444 linelen = strlen(line);
1446 if (linelen < len) {
1447 const char *feature_list = line + linelen + 1;
1448 if (parse_feature_request(feature_list, "report-status"))
1449 report_status = 1;
1450 if (parse_feature_request(feature_list, "side-band-64k"))
1451 use_sideband = LARGE_PACKET_MAX;
1452 if (parse_feature_request(feature_list, "quiet"))
1453 quiet = 1;
1454 if (advertise_atomic_push
1455 && parse_feature_request(feature_list, "atomic"))
1456 use_atomic = 1;
1457 }
1458 if (!strcmp(line, "push-cert")) {
1460 int true_flush = 0;
1461 char certbuf[1024];
1462 for (;;) {
1464 len = packet_read(0, NULL, NULL,
1465 certbuf, sizeof(certbuf), 0);
1466 if (!len) {
1467 true_flush = 1;
1468 break;
1469 }
1470 if (!strcmp(certbuf, "push-cert-end\n"))
1471 break; /* end of cert */
1472 strbuf_addstr(&push_cert, certbuf);
1473 }
1474 if (true_flush)
1476 break;
1477 continue;
1478 }
1479 p = queue_command(p, line, linelen);
1481 }
1482 if (push_cert.len)
1484 queue_commands_from_cert(p, &push_cert);
1485 return commands;
1487}
1488static const char *parse_pack_header(struct pack_header *hdr)
1490{
1491 switch (read_pack_header(0, hdr)) {
1492 case PH_ERROR_EOF:
1493 return "eof before pack header was fully read";
1494 case PH_ERROR_PACK_SIGNATURE:
1496 return "protocol error (pack signature mismatch detected)";
1497 case PH_ERROR_PROTOCOL:
1499 return "protocol error (pack version unsupported)";
1500 default:
1502 return "unknown error in parse_pack_header";
1503 case 0:
1505 return NULL;
1506 }
1507}
1508static const char *pack_lockfile;
1510static const char *unpack(int err_fd, struct shallow_info *si)
1512{
1513 struct pack_header hdr;
1514 const char *hdr_err;
1515 int status;
1516 char hdr_arg[38];
1517 struct child_process child = CHILD_PROCESS_INIT;
1518 int fsck_objects = (receive_fsck_objects >= 0
1519 ? receive_fsck_objects
1520 : transfer_fsck_objects >= 0
1521 ? transfer_fsck_objects
1522 : 0);
1523 hdr_err = parse_pack_header(&hdr);
1525 if (hdr_err) {
1526 if (err_fd > 0)
1527 close(err_fd);
1528 return hdr_err;
1529 }
1530 snprintf(hdr_arg, sizeof(hdr_arg),
1531 "--pack_header=%"PRIu32",%"PRIu32,
1532 ntohl(hdr.hdr_version), ntohl(hdr.hdr_entries));
1533 if (si->nr_ours || si->nr_theirs) {
1535 alt_shallow_file = setup_temporary_shallow(si->shallow);
1536 argv_array_push(&child.args, "--shallow-file");
1537 argv_array_push(&child.args, alt_shallow_file);
1538 }
1539 if (ntohl(hdr.hdr_entries) < unpack_limit) {
1541 argv_array_pushl(&child.args, "unpack-objects", hdr_arg, NULL);
1542 if (quiet)
1543 argv_array_push(&child.args, "-q");
1544 if (fsck_objects)
1545 argv_array_pushf(&child.args, "--strict%s",
1546 fsck_msg_types.buf);
1547 child.no_stdout = 1;
1548 child.err = err_fd;
1549 child.git_cmd = 1;
1550 status = run_command(&child);
1551 if (status)
1552 return "unpack-objects abnormal exit";
1553 } else {
1554 char hostname[256];
1555 argv_array_pushl(&child.args, "index-pack",
1557 "--stdin", hdr_arg, NULL);
1558 if (gethostname(hostname, sizeof(hostname)))
1560 xsnprintf(hostname, sizeof(hostname), "localhost");
1561 argv_array_pushf(&child.args,
1562 "--keep=receive-pack %"PRIuMAX" on %s",
1563 (uintmax_t)getpid(),
1564 hostname);
1565 if (!quiet && err_fd)
1567 argv_array_push(&child.args, "--show-resolving-progress");
1568 if (fsck_objects)
1569 argv_array_pushf(&child.args, "--strict%s",
1570 fsck_msg_types.buf);
1571 if (!reject_thin)
1572 argv_array_push(&child.args, "--fix-thin");
1573 child.out = -1;
1574 child.err = err_fd;
1575 child.git_cmd = 1;
1576 status = start_command(&child);
1577 if (status)
1578 return "index-pack fork failed";
1579 pack_lockfile = index_pack_lockfile(child.out);
1580 close(child.out);
1581 status = finish_command(&child);
1582 if (status)
1583 return "index-pack abnormal exit";
1584 reprepare_packed_git();
1585 }
1586 return NULL;
1587}
1588static const char *unpack_with_sideband(struct shallow_info *si)
1590{
1591 struct async muxer;
1592 const char *ret;
1593 if (!use_sideband)
1595 return unpack(0, si);
1596 memset(&muxer, 0, sizeof(muxer));
1598 muxer.proc = copy_to_sideband;
1599 muxer.in = -1;
1600 if (start_async(&muxer))
1601 return NULL;
1602 ret = unpack(muxer.in, si);
1604 finish_async(&muxer);
1606 return ret;
1607}
1608static void prepare_shallow_update(struct command *commands,
1610 struct shallow_info *si)
1611{
1612 int i, j, k, bitmap_size = (si->ref->nr + 31) / 32;
1613 ALLOC_ARRAY(si->used_shallow, si->shallow->nr);
1615 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
1616 si->need_reachability_test =
1618 xcalloc(si->shallow->nr, sizeof(*si->need_reachability_test));
1619 si->reachable =
1620 xcalloc(si->shallow->nr, sizeof(*si->reachable));
1621 si->shallow_ref = xcalloc(si->ref->nr, sizeof(*si->shallow_ref));
1622 for (i = 0; i < si->nr_ours; i++)
1624 si->need_reachability_test[si->ours[i]] = 1;
1625 for (i = 0; i < si->shallow->nr; i++) {
1627 if (!si->used_shallow[i])
1628 continue;
1629 for (j = 0; j < bitmap_size; j++) {
1630 if (!si->used_shallow[i][j])
1631 continue;
1632 si->need_reachability_test[i]++;
1633 for (k = 0; k < 32; k++)
1634 if (si->used_shallow[i][j] & (1U << k))
1635 si->shallow_ref[j * 32 + k]++;
1636 }
1637 /*
1639 * true for those associated with some refs and belong
1640 * in "ours" list aka "step 7 not done yet"
1641 */
1642 si->need_reachability_test[i] =
1643 si->need_reachability_test[i] > 1;
1644 }
1645 /*
1647 * keep hooks happy by forcing a temporary shallow file via
1648 * env variable because we can't add --shallow-file to every
1649 * command. check_everything_connected() will be done with
1650 * true .git/shallow though.
1651 */
1652 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
1653}
1654static void update_shallow_info(struct command *commands,
1656 struct shallow_info *si,
1657 struct sha1_array *ref)
1658{
1659 struct command *cmd;
1660 int *ref_status;
1661 remove_nonexistent_theirs_shallow(si);
1662 if (!si->nr_ours && !si->nr_theirs) {
1663 shallow_update = 0;
1664 return;
1665 }
1666 for (cmd = commands; cmd; cmd = cmd->next) {
1668 if (is_null_sha1(cmd->new_sha1))
1669 continue;
1670 sha1_array_append(ref, cmd->new_sha1);
1671 cmd->index = ref->nr - 1;
1672 }
1673 si->ref = ref;
1674 if (shallow_update) {
1676 prepare_shallow_update(commands, si);
1677 return;
1678 }
1679 ALLOC_ARRAY(ref_status, ref->nr);
1681 assign_shallow_commits_to_refs(si, NULL, ref_status);
1682 for (cmd = commands; cmd; cmd = cmd->next) {
1683 if (is_null_sha1(cmd->new_sha1))
1684 continue;
1685 if (ref_status[cmd->index]) {
1686 cmd->error_string = "shallow update not allowed";
1687 cmd->skip_update = 1;
1688 }
1689 }
1690 free(ref_status);
1691}
1692static void report(struct command *commands, const char *unpack_status)
1694{
1695 struct command *cmd;
1696 struct strbuf buf = STRBUF_INIT;
1697 packet_buf_write(&buf, "unpack %s\n",
1699 unpack_status ? unpack_status : "ok");
1700 for (cmd = commands; cmd; cmd = cmd->next) {
1701 if (!cmd->error_string)
1702 packet_buf_write(&buf, "ok %s\n",
1703 cmd->ref_name);
1704 else
1705 packet_buf_write(&buf, "ng %s %s\n",
1706 cmd->ref_name, cmd->error_string);
1707 }
1708 packet_buf_flush(&buf);
1709 if (use_sideband)
1711 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
1712 else
1713 write_or_die(1, buf.buf, buf.len);
1714 strbuf_release(&buf);
1715}
1716static int delete_only(struct command *commands)
1718{
1719 struct command *cmd;
1720 for (cmd = commands; cmd; cmd = cmd->next) {
1721 if (!is_null_sha1(cmd->new_sha1))
1722 return 0;
1723 }
1724 return 1;
1725}
1726int cmd_receive_pack(int argc, const char **argv, const char *prefix)
1728{
1729 int advertise_refs = 0;
1730 struct command *commands;
1731 struct sha1_array shallow = SHA1_ARRAY_INIT;
1732 struct sha1_array ref = SHA1_ARRAY_INIT;
1733 struct shallow_info si;
1734 struct option options[] = {
1736 OPT__QUIET(&quiet, N_("quiet")),
1737 OPT_HIDDEN_BOOL(0, "stateless-rpc", &stateless_rpc, NULL),
1738 OPT_HIDDEN_BOOL(0, "advertise-refs", &advertise_refs, NULL),
1739 OPT_HIDDEN_BOOL(0, "reject-thin-pack-for-testing", &reject_thin, NULL),
1740 OPT_END()
1741 };
1742 packet_trace_identity("receive-pack");
1744 argc = parse_options(argc, argv, prefix, options, receive_pack_usage, 0);
1746 if (argc > 1)
1748 usage_msg_opt(_("Too many arguments."), receive_pack_usage, options);
1749 if (argc == 0)
1750 usage_msg_opt(_("You must specify a directory."), receive_pack_usage, options);
1751 service_dir = argv[0];
1753 setup_path();
1755 if (!enter_repo(service_dir, 0))
1757 die("'%s' does not appear to be a git repository", service_dir);
1758 git_config(receive_pack_config, NULL);
1760 if (cert_nonce_seed)
1761 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
1762 if (0 <= transfer_unpack_limit)
1764 unpack_limit = transfer_unpack_limit;
1765 else if (0 <= receive_unpack_limit)
1766 unpack_limit = receive_unpack_limit;
1767 if (advertise_refs || !stateless_rpc) {
1769 write_head_info();
1770 }
1771 if (advertise_refs)
1772 return 0;
1773 if ((commands = read_head_info(&shallow)) != NULL) {
1775 const char *unpack_status = NULL;
1776 prepare_shallow_info(&si, &shallow);
1778 if (!si.nr_ours && !si.nr_theirs)
1779 shallow_update = 0;
1780 if (!delete_only(commands)) {
1781 unpack_status = unpack_with_sideband(&si);
1782 update_shallow_info(commands, &si, &ref);
1783 }
1784 execute_commands(commands, unpack_status, &si);
1785 if (pack_lockfile)
1786 unlink_or_warn(pack_lockfile);
1787 if (report_status)
1788 report(commands, unpack_status);
1789 run_receive_hook(commands, "post-receive", 1);
1790 run_update_post_hook(commands);
1791 if (auto_gc) {
1792 const char *argv_gc_auto[] = {
1793 "gc", "--auto", "--quiet", NULL,
1794 };
1795 struct child_process proc = CHILD_PROCESS_INIT;
1796 proc.no_stdin = 1;
1798 proc.stdout_to_stderr = 1;
1799 proc.err = use_sideband ? -1 : 0;
1800 proc.git_cmd = 1;
1801 proc.argv = argv_gc_auto;
1802 close_all_packs();
1804 if (!start_command(&proc)) {
1805 if (use_sideband)
1806 copy_to_sideband(proc.err, -1, NULL);
1807 finish_command(&proc);
1808 }
1809 }
1810 if (auto_update_server_info)
1811 update_server_info(0);
1812 clear_shallow_info(&si);
1813 }
1814 if (use_sideband)
1815 packet_flush(1);
1816 sha1_array_clear(&shallow);
1817 sha1_array_clear(&ref);
1818 free((void *)push_cert_nonce);
1819 return 0;
1820}