send-pack.con commit submodule: avoid hard-coded constants (db1ba2a)
   1#include "builtin.h"
   2#include "config.h"
   3#include "commit.h"
   4#include "refs.h"
   5#include "object-store.h"
   6#include "pkt-line.h"
   7#include "sideband.h"
   8#include "run-command.h"
   9#include "remote.h"
  10#include "connect.h"
  11#include "send-pack.h"
  12#include "quote.h"
  13#include "transport.h"
  14#include "version.h"
  15#include "sha1-array.h"
  16#include "gpg-interface.h"
  17#include "cache.h"
  18
  19int option_parse_push_signed(const struct option *opt,
  20                             const char *arg, int unset)
  21{
  22        if (unset) {
  23                *(int *)(opt->value) = SEND_PACK_PUSH_CERT_NEVER;
  24                return 0;
  25        }
  26        switch (git_parse_maybe_bool(arg)) {
  27        case 1:
  28                *(int *)(opt->value) = SEND_PACK_PUSH_CERT_ALWAYS;
  29                return 0;
  30        case 0:
  31                *(int *)(opt->value) = SEND_PACK_PUSH_CERT_NEVER;
  32                return 0;
  33        }
  34        if (!strcasecmp("if-asked", arg)) {
  35                *(int *)(opt->value) = SEND_PACK_PUSH_CERT_IF_ASKED;
  36                return 0;
  37        }
  38        die("bad %s argument: %s", opt->long_name, arg);
  39}
  40
  41static void feed_object(const struct object_id *oid, FILE *fh, int negative)
  42{
  43        if (negative && !has_object_file(oid))
  44                return;
  45
  46        if (negative)
  47                putc('^', fh);
  48        fputs(oid_to_hex(oid), fh);
  49        putc('\n', fh);
  50}
  51
  52/*
  53 * Make a pack stream and spit it out into file descriptor fd
  54 */
  55static int pack_objects(int fd, struct ref *refs, struct oid_array *extra, struct send_pack_args *args)
  56{
  57        /*
  58         * The child becomes pack-objects --revs; we feed
  59         * the revision parameters to it via its stdin and
  60         * let its stdout go back to the other end.
  61         */
  62        struct child_process po = CHILD_PROCESS_INIT;
  63        FILE *po_in;
  64        int i;
  65        int rc;
  66
  67        argv_array_push(&po.args, "pack-objects");
  68        argv_array_push(&po.args, "--all-progress-implied");
  69        argv_array_push(&po.args, "--revs");
  70        argv_array_push(&po.args, "--stdout");
  71        if (args->use_thin_pack)
  72                argv_array_push(&po.args, "--thin");
  73        if (args->use_ofs_delta)
  74                argv_array_push(&po.args, "--delta-base-offset");
  75        if (args->quiet || !args->progress)
  76                argv_array_push(&po.args, "-q");
  77        if (args->progress)
  78                argv_array_push(&po.args, "--progress");
  79        if (is_repository_shallow(the_repository))
  80                argv_array_push(&po.args, "--shallow");
  81        po.in = -1;
  82        po.out = args->stateless_rpc ? -1 : fd;
  83        po.git_cmd = 1;
  84        if (start_command(&po))
  85                die_errno("git pack-objects failed");
  86
  87        /*
  88         * We feed the pack-objects we just spawned with revision
  89         * parameters by writing to the pipe.
  90         */
  91        po_in = xfdopen(po.in, "w");
  92        for (i = 0; i < extra->nr; i++)
  93                feed_object(&extra->oid[i], po_in, 1);
  94
  95        while (refs) {
  96                if (!is_null_oid(&refs->old_oid))
  97                        feed_object(&refs->old_oid, po_in, 1);
  98                if (!is_null_oid(&refs->new_oid))
  99                        feed_object(&refs->new_oid, po_in, 0);
 100                refs = refs->next;
 101        }
 102
 103        fflush(po_in);
 104        if (ferror(po_in))
 105                die_errno("error writing to pack-objects");
 106        fclose(po_in);
 107
 108        if (args->stateless_rpc) {
 109                char *buf = xmalloc(LARGE_PACKET_MAX);
 110                while (1) {
 111                        ssize_t n = xread(po.out, buf, LARGE_PACKET_MAX);
 112                        if (n <= 0)
 113                                break;
 114                        send_sideband(fd, -1, buf, n, LARGE_PACKET_MAX);
 115                }
 116                free(buf);
 117                close(po.out);
 118                po.out = -1;
 119        }
 120
 121        rc = finish_command(&po);
 122        if (rc) {
 123                /*
 124                 * For a normal non-zero exit, we assume pack-objects wrote
 125                 * something useful to stderr. For death by signal, though,
 126                 * we should mention it to the user. The exception is SIGPIPE
 127                 * (141), because that's a normal occurrence if the remote end
 128                 * hangs up (and we'll report that by trying to read the unpack
 129                 * status).
 130                 */
 131                if (rc > 128 && rc != 141)
 132                        error("pack-objects died of signal %d", rc - 128);
 133                return -1;
 134        }
 135        return 0;
 136}
 137
 138static int receive_unpack_status(struct packet_reader *reader)
 139{
 140        if (packet_reader_read(reader) != PACKET_READ_NORMAL)
 141                return error(_("unexpected flush packet while reading remote unpack status"));
 142        if (!skip_prefix(reader->line, "unpack ", &reader->line))
 143                return error(_("unable to parse remote unpack status: %s"), reader->line);
 144        if (strcmp(reader->line, "ok"))
 145                return error(_("remote unpack failed: %s"), reader->line);
 146        return 0;
 147}
 148
 149static int receive_status(struct packet_reader *reader, struct ref *refs)
 150{
 151        struct ref *hint;
 152        int ret;
 153
 154        hint = NULL;
 155        ret = receive_unpack_status(reader);
 156        while (1) {
 157                const char *refname;
 158                char *msg;
 159                if (packet_reader_read(reader) != PACKET_READ_NORMAL)
 160                        break;
 161                if (!starts_with(reader->line, "ok ") && !starts_with(reader->line, "ng ")) {
 162                        error("invalid ref status from remote: %s", reader->line);
 163                        ret = -1;
 164                        break;
 165                }
 166
 167                refname = reader->line + 3;
 168                msg = strchr(refname, ' ');
 169                if (msg)
 170                        *msg++ = '\0';
 171
 172                /* first try searching at our hint, falling back to all refs */
 173                if (hint)
 174                        hint = find_ref_by_name(hint, refname);
 175                if (!hint)
 176                        hint = find_ref_by_name(refs, refname);
 177                if (!hint) {
 178                        warning("remote reported status on unknown ref: %s",
 179                                        refname);
 180                        continue;
 181                }
 182                if (hint->status != REF_STATUS_EXPECTING_REPORT) {
 183                        warning("remote reported status on unexpected ref: %s",
 184                                        refname);
 185                        continue;
 186                }
 187
 188                if (reader->line[0] == 'o' && reader->line[1] == 'k')
 189                        hint->status = REF_STATUS_OK;
 190                else {
 191                        hint->status = REF_STATUS_REMOTE_REJECT;
 192                        ret = -1;
 193                }
 194                hint->remote_status = xstrdup_or_null(msg);
 195                /* start our next search from the next ref */
 196                hint = hint->next;
 197        }
 198        return ret;
 199}
 200
 201static int sideband_demux(int in, int out, void *data)
 202{
 203        int *fd = data, ret;
 204        if (async_with_fork())
 205                close(fd[1]);
 206        ret = recv_sideband("send-pack", fd[0], out);
 207        close(out);
 208        return ret;
 209}
 210
 211static int advertise_shallow_grafts_cb(const struct commit_graft *graft, void *cb)
 212{
 213        struct strbuf *sb = cb;
 214        if (graft->nr_parent == -1)
 215                packet_buf_write(sb, "shallow %s\n", oid_to_hex(&graft->oid));
 216        return 0;
 217}
 218
 219static void advertise_shallow_grafts_buf(struct strbuf *sb)
 220{
 221        if (!is_repository_shallow(the_repository))
 222                return;
 223        for_each_commit_graft(advertise_shallow_grafts_cb, sb);
 224}
 225
 226#define CHECK_REF_NO_PUSH -1
 227#define CHECK_REF_STATUS_REJECTED -2
 228#define CHECK_REF_UPTODATE -3
 229static int check_to_send_update(const struct ref *ref, const struct send_pack_args *args)
 230{
 231        if (!ref->peer_ref && !args->send_mirror)
 232                return CHECK_REF_NO_PUSH;
 233
 234        /* Check for statuses set by set_ref_status_for_push() */
 235        switch (ref->status) {
 236        case REF_STATUS_REJECT_NONFASTFORWARD:
 237        case REF_STATUS_REJECT_ALREADY_EXISTS:
 238        case REF_STATUS_REJECT_FETCH_FIRST:
 239        case REF_STATUS_REJECT_NEEDS_FORCE:
 240        case REF_STATUS_REJECT_STALE:
 241        case REF_STATUS_REJECT_NODELETE:
 242                return CHECK_REF_STATUS_REJECTED;
 243        case REF_STATUS_UPTODATE:
 244                return CHECK_REF_UPTODATE;
 245        default:
 246                return 0;
 247        }
 248}
 249
 250/*
 251 * the beginning of the next line, or the end of buffer.
 252 *
 253 * NEEDSWORK: perhaps move this to git-compat-util.h or somewhere and
 254 * convert many similar uses found by "git grep -A4 memchr".
 255 */
 256static const char *next_line(const char *line, size_t len)
 257{
 258        const char *nl = memchr(line, '\n', len);
 259        if (!nl)
 260                return line + len; /* incomplete line */
 261        return nl + 1;
 262}
 263
 264static int generate_push_cert(struct strbuf *req_buf,
 265                              const struct ref *remote_refs,
 266                              struct send_pack_args *args,
 267                              const char *cap_string,
 268                              const char *push_cert_nonce)
 269{
 270        const struct ref *ref;
 271        struct string_list_item *item;
 272        char *signing_key = xstrdup(get_signing_key());
 273        const char *cp, *np;
 274        struct strbuf cert = STRBUF_INIT;
 275        int update_seen = 0;
 276
 277        strbuf_addstr(&cert, "certificate version 0.1\n");
 278        strbuf_addf(&cert, "pusher %s ", signing_key);
 279        datestamp(&cert);
 280        strbuf_addch(&cert, '\n');
 281        if (args->url && *args->url) {
 282                char *anon_url = transport_anonymize_url(args->url);
 283                strbuf_addf(&cert, "pushee %s\n", anon_url);
 284                free(anon_url);
 285        }
 286        if (push_cert_nonce[0])
 287                strbuf_addf(&cert, "nonce %s\n", push_cert_nonce);
 288        if (args->push_options)
 289                for_each_string_list_item(item, args->push_options)
 290                        strbuf_addf(&cert, "push-option %s\n", item->string);
 291        strbuf_addstr(&cert, "\n");
 292
 293        for (ref = remote_refs; ref; ref = ref->next) {
 294                if (check_to_send_update(ref, args) < 0)
 295                        continue;
 296                update_seen = 1;
 297                strbuf_addf(&cert, "%s %s %s\n",
 298                            oid_to_hex(&ref->old_oid),
 299                            oid_to_hex(&ref->new_oid),
 300                            ref->name);
 301        }
 302        if (!update_seen)
 303                goto free_return;
 304
 305        if (sign_buffer(&cert, &cert, signing_key))
 306                die(_("failed to sign the push certificate"));
 307
 308        packet_buf_write(req_buf, "push-cert%c%s", 0, cap_string);
 309        for (cp = cert.buf; cp < cert.buf + cert.len; cp = np) {
 310                np = next_line(cp, cert.buf + cert.len - cp);
 311                packet_buf_write(req_buf,
 312                                 "%.*s", (int)(np - cp), cp);
 313        }
 314        packet_buf_write(req_buf, "push-cert-end\n");
 315
 316free_return:
 317        free(signing_key);
 318        strbuf_release(&cert);
 319        return update_seen;
 320}
 321
 322
 323static int atomic_push_failure(struct send_pack_args *args,
 324                               struct ref *remote_refs,
 325                               struct ref *failing_ref)
 326{
 327        struct ref *ref;
 328        /* Mark other refs as failed */
 329        for (ref = remote_refs; ref; ref = ref->next) {
 330                if (!ref->peer_ref && !args->send_mirror)
 331                        continue;
 332
 333                switch (ref->status) {
 334                case REF_STATUS_EXPECTING_REPORT:
 335                        ref->status = REF_STATUS_ATOMIC_PUSH_FAILED;
 336                        continue;
 337                default:
 338                        break; /* do nothing */
 339                }
 340        }
 341        return error("atomic push failed for ref %s. status: %d\n",
 342                     failing_ref->name, failing_ref->status);
 343}
 344
 345#define NONCE_LEN_LIMIT 256
 346
 347static void reject_invalid_nonce(const char *nonce, int len)
 348{
 349        int i = 0;
 350
 351        if (NONCE_LEN_LIMIT <= len)
 352                die("the receiving end asked to sign an invalid nonce <%.*s>",
 353                    len, nonce);
 354
 355        for (i = 0; i < len; i++) {
 356                int ch = nonce[i] & 0xFF;
 357                if (isalnum(ch) ||
 358                    ch == '-' || ch == '.' ||
 359                    ch == '/' || ch == '+' ||
 360                    ch == '=' || ch == '_')
 361                        continue;
 362                die("the receiving end asked to sign an invalid nonce <%.*s>",
 363                    len, nonce);
 364        }
 365}
 366
 367int send_pack(struct send_pack_args *args,
 368              int fd[], struct child_process *conn,
 369              struct ref *remote_refs,
 370              struct oid_array *extra_have)
 371{
 372        int in = fd[0];
 373        int out = fd[1];
 374        struct strbuf req_buf = STRBUF_INIT;
 375        struct strbuf cap_buf = STRBUF_INIT;
 376        struct ref *ref;
 377        int need_pack_data = 0;
 378        int allow_deleting_refs = 0;
 379        int status_report = 0;
 380        int use_sideband = 0;
 381        int quiet_supported = 0;
 382        int agent_supported = 0;
 383        int use_atomic = 0;
 384        int atomic_supported = 0;
 385        int use_push_options = 0;
 386        int push_options_supported = 0;
 387        unsigned cmds_sent = 0;
 388        int ret;
 389        struct async demux;
 390        const char *push_cert_nonce = NULL;
 391        struct packet_reader reader;
 392
 393        /* Does the other end support the reporting? */
 394        if (server_supports("report-status"))
 395                status_report = 1;
 396        if (server_supports("delete-refs"))
 397                allow_deleting_refs = 1;
 398        if (server_supports("ofs-delta"))
 399                args->use_ofs_delta = 1;
 400        if (server_supports("side-band-64k"))
 401                use_sideband = 1;
 402        if (server_supports("quiet"))
 403                quiet_supported = 1;
 404        if (server_supports("agent"))
 405                agent_supported = 1;
 406        if (server_supports("no-thin"))
 407                args->use_thin_pack = 0;
 408        if (server_supports("atomic"))
 409                atomic_supported = 1;
 410        if (server_supports("push-options"))
 411                push_options_supported = 1;
 412
 413        if (args->push_cert != SEND_PACK_PUSH_CERT_NEVER) {
 414                int len;
 415                push_cert_nonce = server_feature_value("push-cert", &len);
 416                if (push_cert_nonce) {
 417                        reject_invalid_nonce(push_cert_nonce, len);
 418                        push_cert_nonce = xmemdupz(push_cert_nonce, len);
 419                } else if (args->push_cert == SEND_PACK_PUSH_CERT_ALWAYS) {
 420                        die(_("the receiving end does not support --signed push"));
 421                } else if (args->push_cert == SEND_PACK_PUSH_CERT_IF_ASKED) {
 422                        warning(_("not sending a push certificate since the"
 423                                  " receiving end does not support --signed"
 424                                  " push"));
 425                }
 426        }
 427
 428        if (!remote_refs) {
 429                fprintf(stderr, "No refs in common and none specified; doing nothing.\n"
 430                        "Perhaps you should specify a branch such as 'master'.\n");
 431                return 0;
 432        }
 433        if (args->atomic && !atomic_supported)
 434                die(_("the receiving end does not support --atomic push"));
 435
 436        use_atomic = atomic_supported && args->atomic;
 437
 438        if (args->push_options && !push_options_supported)
 439                die(_("the receiving end does not support push options"));
 440
 441        use_push_options = push_options_supported && args->push_options;
 442
 443        if (status_report)
 444                strbuf_addstr(&cap_buf, " report-status");
 445        if (use_sideband)
 446                strbuf_addstr(&cap_buf, " side-band-64k");
 447        if (quiet_supported && (args->quiet || !args->progress))
 448                strbuf_addstr(&cap_buf, " quiet");
 449        if (use_atomic)
 450                strbuf_addstr(&cap_buf, " atomic");
 451        if (use_push_options)
 452                strbuf_addstr(&cap_buf, " push-options");
 453        if (agent_supported)
 454                strbuf_addf(&cap_buf, " agent=%s", git_user_agent_sanitized());
 455
 456        /*
 457         * NEEDSWORK: why does delete-refs have to be so specific to
 458         * send-pack machinery that set_ref_status_for_push() cannot
 459         * set this bit for us???
 460         */
 461        for (ref = remote_refs; ref; ref = ref->next)
 462                if (ref->deletion && !allow_deleting_refs)
 463                        ref->status = REF_STATUS_REJECT_NODELETE;
 464
 465        if (!args->dry_run)
 466                advertise_shallow_grafts_buf(&req_buf);
 467
 468        if (!args->dry_run && push_cert_nonce)
 469                cmds_sent = generate_push_cert(&req_buf, remote_refs, args,
 470                                               cap_buf.buf, push_cert_nonce);
 471
 472        /*
 473         * Clear the status for each ref and see if we need to send
 474         * the pack data.
 475         */
 476        for (ref = remote_refs; ref; ref = ref->next) {
 477                switch (check_to_send_update(ref, args)) {
 478                case 0: /* no error */
 479                        break;
 480                case CHECK_REF_STATUS_REJECTED:
 481                        /*
 482                         * When we know the server would reject a ref update if
 483                         * we were to send it and we're trying to send the refs
 484                         * atomically, abort the whole operation.
 485                         */
 486                        if (use_atomic) {
 487                                strbuf_release(&req_buf);
 488                                strbuf_release(&cap_buf);
 489                                return atomic_push_failure(args, remote_refs, ref);
 490                        }
 491                        /* else fallthrough */
 492                default:
 493                        continue;
 494                }
 495                if (!ref->deletion)
 496                        need_pack_data = 1;
 497
 498                if (args->dry_run || !status_report)
 499                        ref->status = REF_STATUS_OK;
 500                else
 501                        ref->status = REF_STATUS_EXPECTING_REPORT;
 502        }
 503
 504        /*
 505         * Finally, tell the other end!
 506         */
 507        for (ref = remote_refs; ref; ref = ref->next) {
 508                char *old_hex, *new_hex;
 509
 510                if (args->dry_run || push_cert_nonce)
 511                        continue;
 512
 513                if (check_to_send_update(ref, args) < 0)
 514                        continue;
 515
 516                old_hex = oid_to_hex(&ref->old_oid);
 517                new_hex = oid_to_hex(&ref->new_oid);
 518                if (!cmds_sent) {
 519                        packet_buf_write(&req_buf,
 520                                         "%s %s %s%c%s",
 521                                         old_hex, new_hex, ref->name, 0,
 522                                         cap_buf.buf);
 523                        cmds_sent = 1;
 524                } else {
 525                        packet_buf_write(&req_buf, "%s %s %s",
 526                                         old_hex, new_hex, ref->name);
 527                }
 528        }
 529
 530        if (use_push_options) {
 531                struct string_list_item *item;
 532
 533                packet_buf_flush(&req_buf);
 534                for_each_string_list_item(item, args->push_options)
 535                        packet_buf_write(&req_buf, "%s", item->string);
 536        }
 537
 538        if (args->stateless_rpc) {
 539                if (!args->dry_run && (cmds_sent || is_repository_shallow(the_repository))) {
 540                        packet_buf_flush(&req_buf);
 541                        send_sideband(out, -1, req_buf.buf, req_buf.len, LARGE_PACKET_MAX);
 542                }
 543        } else {
 544                write_or_die(out, req_buf.buf, req_buf.len);
 545                packet_flush(out);
 546        }
 547        strbuf_release(&req_buf);
 548        strbuf_release(&cap_buf);
 549
 550        if (use_sideband && cmds_sent) {
 551                memset(&demux, 0, sizeof(demux));
 552                demux.proc = sideband_demux;
 553                demux.data = fd;
 554                demux.out = -1;
 555                demux.isolate_sigpipe = 1;
 556                if (start_async(&demux))
 557                        die("send-pack: unable to fork off sideband demultiplexer");
 558                in = demux.out;
 559        }
 560
 561        packet_reader_init(&reader, in, NULL, 0,
 562                           PACKET_READ_CHOMP_NEWLINE |
 563                           PACKET_READ_DIE_ON_ERR_PACKET);
 564
 565        if (need_pack_data && cmds_sent) {
 566                if (pack_objects(out, remote_refs, extra_have, args) < 0) {
 567                        for (ref = remote_refs; ref; ref = ref->next)
 568                                ref->status = REF_STATUS_NONE;
 569                        if (args->stateless_rpc)
 570                                close(out);
 571                        if (git_connection_is_socket(conn))
 572                                shutdown(fd[0], SHUT_WR);
 573
 574                        /*
 575                         * Do not even bother with the return value; we know we
 576                         * are failing, and just want the error() side effects.
 577                         */
 578                        if (status_report)
 579                                receive_unpack_status(&reader);
 580
 581                        if (use_sideband) {
 582                                close(demux.out);
 583                                finish_async(&demux);
 584                        }
 585                        fd[1] = -1;
 586                        return -1;
 587                }
 588                if (!args->stateless_rpc)
 589                        /* Closed by pack_objects() via start_command() */
 590                        fd[1] = -1;
 591        }
 592        if (args->stateless_rpc && cmds_sent)
 593                packet_flush(out);
 594
 595        if (status_report && cmds_sent)
 596                ret = receive_status(&reader, remote_refs);
 597        else
 598                ret = 0;
 599        if (args->stateless_rpc)
 600                packet_flush(out);
 601
 602        if (use_sideband && cmds_sent) {
 603                close(demux.out);
 604                if (finish_async(&demux)) {
 605                        error("error in sideband demultiplexer");
 606                        ret = -1;
 607                }
 608        }
 609
 610        if (ret < 0)
 611                return ret;
 612
 613        if (args->porcelain)
 614                return 0;
 615
 616        for (ref = remote_refs; ref; ref = ref->next) {
 617                switch (ref->status) {
 618                case REF_STATUS_NONE:
 619                case REF_STATUS_UPTODATE:
 620                case REF_STATUS_OK:
 621                        break;
 622                default:
 623                        return -1;
 624                }
 625        }
 626        return 0;
 627}