http.con commit default core.clockskew variable to one day (de9f14e)
   1#include "http.h"
   2#include "pack.h"
   3#include "sideband.h"
   4#include "run-command.h"
   5
   6int data_received;
   7int active_requests;
   8int http_is_verbose;
   9size_t http_post_buffer = 16 * LARGE_PACKET_MAX;
  10
  11#if LIBCURL_VERSION_NUM >= 0x070a06
  12#define LIBCURL_CAN_HANDLE_AUTH_ANY
  13#endif
  14
  15static int min_curl_sessions = 1;
  16static int curl_session_count;
  17#ifdef USE_CURL_MULTI
  18static int max_requests = -1;
  19static CURLM *curlm;
  20#endif
  21#ifndef NO_CURL_EASY_DUPHANDLE
  22static CURL *curl_default;
  23#endif
  24
  25#define PREV_BUF_SIZE 4096
  26#define RANGE_HEADER_SIZE 30
  27
  28char curl_errorstr[CURL_ERROR_SIZE];
  29
  30static int curl_ssl_verify = -1;
  31static const char *ssl_cert;
  32#if LIBCURL_VERSION_NUM >= 0x070903
  33static const char *ssl_key;
  34#endif
  35#if LIBCURL_VERSION_NUM >= 0x070908
  36static const char *ssl_capath;
  37#endif
  38static const char *ssl_cainfo;
  39static long curl_low_speed_limit = -1;
  40static long curl_low_speed_time = -1;
  41static int curl_ftp_no_epsv;
  42static const char *curl_http_proxy;
  43static char *user_name, *user_pass;
  44
  45#if LIBCURL_VERSION_NUM >= 0x071700
  46/* Use CURLOPT_KEYPASSWD as is */
  47#elif LIBCURL_VERSION_NUM >= 0x070903
  48#define CURLOPT_KEYPASSWD CURLOPT_SSLKEYPASSWD
  49#else
  50#define CURLOPT_KEYPASSWD CURLOPT_SSLCERTPASSWD
  51#endif
  52
  53static char *ssl_cert_password;
  54static int ssl_cert_password_required;
  55
  56static struct curl_slist *pragma_header;
  57static struct curl_slist *no_pragma_header;
  58
  59static struct active_request_slot *active_queue_head;
  60
  61size_t fread_buffer(void *ptr, size_t eltsize, size_t nmemb, void *buffer_)
  62{
  63        size_t size = eltsize * nmemb;
  64        struct buffer *buffer = buffer_;
  65
  66        if (size > buffer->buf.len - buffer->posn)
  67                size = buffer->buf.len - buffer->posn;
  68        memcpy(ptr, buffer->buf.buf + buffer->posn, size);
  69        buffer->posn += size;
  70
  71        return size;
  72}
  73
  74#ifndef NO_CURL_IOCTL
  75curlioerr ioctl_buffer(CURL *handle, int cmd, void *clientp)
  76{
  77        struct buffer *buffer = clientp;
  78
  79        switch (cmd) {
  80        case CURLIOCMD_NOP:
  81                return CURLIOE_OK;
  82
  83        case CURLIOCMD_RESTARTREAD:
  84                buffer->posn = 0;
  85                return CURLIOE_OK;
  86
  87        default:
  88                return CURLIOE_UNKNOWNCMD;
  89        }
  90}
  91#endif
  92
  93size_t fwrite_buffer(const void *ptr, size_t eltsize, size_t nmemb, void *buffer_)
  94{
  95        size_t size = eltsize * nmemb;
  96        struct strbuf *buffer = buffer_;
  97
  98        strbuf_add(buffer, ptr, size);
  99        data_received++;
 100        return size;
 101}
 102
 103size_t fwrite_null(const void *ptr, size_t eltsize, size_t nmemb, void *strbuf)
 104{
 105        data_received++;
 106        return eltsize * nmemb;
 107}
 108
 109#ifdef USE_CURL_MULTI
 110static void process_curl_messages(void)
 111{
 112        int num_messages;
 113        struct active_request_slot *slot;
 114        CURLMsg *curl_message = curl_multi_info_read(curlm, &num_messages);
 115
 116        while (curl_message != NULL) {
 117                if (curl_message->msg == CURLMSG_DONE) {
 118                        int curl_result = curl_message->data.result;
 119                        slot = active_queue_head;
 120                        while (slot != NULL &&
 121                               slot->curl != curl_message->easy_handle)
 122                                slot = slot->next;
 123                        if (slot != NULL) {
 124                                curl_multi_remove_handle(curlm, slot->curl);
 125                                slot->curl_result = curl_result;
 126                                finish_active_slot(slot);
 127                        } else {
 128                                fprintf(stderr, "Received DONE message for unknown request!\n");
 129                        }
 130                } else {
 131                        fprintf(stderr, "Unknown CURL message received: %d\n",
 132                                (int)curl_message->msg);
 133                }
 134                curl_message = curl_multi_info_read(curlm, &num_messages);
 135        }
 136}
 137#endif
 138
 139static int http_options(const char *var, const char *value, void *cb)
 140{
 141        if (!strcmp("http.sslverify", var)) {
 142                curl_ssl_verify = git_config_bool(var, value);
 143                return 0;
 144        }
 145        if (!strcmp("http.sslcert", var))
 146                return git_config_string(&ssl_cert, var, value);
 147#if LIBCURL_VERSION_NUM >= 0x070903
 148        if (!strcmp("http.sslkey", var))
 149                return git_config_string(&ssl_key, var, value);
 150#endif
 151#if LIBCURL_VERSION_NUM >= 0x070908
 152        if (!strcmp("http.sslcapath", var))
 153                return git_config_string(&ssl_capath, var, value);
 154#endif
 155        if (!strcmp("http.sslcainfo", var))
 156                return git_config_string(&ssl_cainfo, var, value);
 157        if (!strcmp("http.sslcertpasswordprotected", var)) {
 158                if (git_config_bool(var, value))
 159                        ssl_cert_password_required = 1;
 160                return 0;
 161        }
 162        if (!strcmp("http.minsessions", var)) {
 163                min_curl_sessions = git_config_int(var, value);
 164#ifndef USE_CURL_MULTI
 165                if (min_curl_sessions > 1)
 166                        min_curl_sessions = 1;
 167#endif
 168                return 0;
 169        }
 170#ifdef USE_CURL_MULTI
 171        if (!strcmp("http.maxrequests", var)) {
 172                max_requests = git_config_int(var, value);
 173                return 0;
 174        }
 175#endif
 176        if (!strcmp("http.lowspeedlimit", var)) {
 177                curl_low_speed_limit = (long)git_config_int(var, value);
 178                return 0;
 179        }
 180        if (!strcmp("http.lowspeedtime", var)) {
 181                curl_low_speed_time = (long)git_config_int(var, value);
 182                return 0;
 183        }
 184
 185        if (!strcmp("http.noepsv", var)) {
 186                curl_ftp_no_epsv = git_config_bool(var, value);
 187                return 0;
 188        }
 189        if (!strcmp("http.proxy", var))
 190                return git_config_string(&curl_http_proxy, var, value);
 191
 192        if (!strcmp("http.postbuffer", var)) {
 193                http_post_buffer = git_config_int(var, value);
 194                if (http_post_buffer < LARGE_PACKET_MAX)
 195                        http_post_buffer = LARGE_PACKET_MAX;
 196                return 0;
 197        }
 198
 199        /* Fall back on the default ones */
 200        return git_default_config(var, value, cb);
 201}
 202
 203static void init_curl_http_auth(CURL *result)
 204{
 205        if (user_name) {
 206                struct strbuf up = STRBUF_INIT;
 207                if (!user_pass)
 208                        user_pass = xstrdup(git_getpass("Password: "));
 209                strbuf_addf(&up, "%s:%s", user_name, user_pass);
 210                curl_easy_setopt(result, CURLOPT_USERPWD,
 211                                 strbuf_detach(&up, NULL));
 212        }
 213}
 214
 215static int has_cert_password(void)
 216{
 217        if (ssl_cert_password != NULL)
 218                return 1;
 219        if (ssl_cert == NULL || ssl_cert_password_required != 1)
 220                return 0;
 221        /* Only prompt the user once. */
 222        ssl_cert_password_required = -1;
 223        ssl_cert_password = git_getpass("Certificate Password: ");
 224        if (ssl_cert_password != NULL) {
 225                ssl_cert_password = xstrdup(ssl_cert_password);
 226                return 1;
 227        } else
 228                return 0;
 229}
 230
 231static CURL *get_curl_handle(void)
 232{
 233        CURL *result = curl_easy_init();
 234
 235        if (!curl_ssl_verify) {
 236                curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 0);
 237                curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 0);
 238        } else {
 239                /* Verify authenticity of the peer's certificate */
 240                curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 1);
 241                /* The name in the cert must match whom we tried to connect */
 242                curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 2);
 243        }
 244
 245#if LIBCURL_VERSION_NUM >= 0x070907
 246        curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
 247#endif
 248#ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
 249        curl_easy_setopt(result, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
 250#endif
 251
 252        init_curl_http_auth(result);
 253
 254        if (ssl_cert != NULL)
 255                curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert);
 256        if (has_cert_password())
 257                curl_easy_setopt(result, CURLOPT_KEYPASSWD, ssl_cert_password);
 258#if LIBCURL_VERSION_NUM >= 0x070903
 259        if (ssl_key != NULL)
 260                curl_easy_setopt(result, CURLOPT_SSLKEY, ssl_key);
 261#endif
 262#if LIBCURL_VERSION_NUM >= 0x070908
 263        if (ssl_capath != NULL)
 264                curl_easy_setopt(result, CURLOPT_CAPATH, ssl_capath);
 265#endif
 266        if (ssl_cainfo != NULL)
 267                curl_easy_setopt(result, CURLOPT_CAINFO, ssl_cainfo);
 268        curl_easy_setopt(result, CURLOPT_FAILONERROR, 1);
 269
 270        if (curl_low_speed_limit > 0 && curl_low_speed_time > 0) {
 271                curl_easy_setopt(result, CURLOPT_LOW_SPEED_LIMIT,
 272                                 curl_low_speed_limit);
 273                curl_easy_setopt(result, CURLOPT_LOW_SPEED_TIME,
 274                                 curl_low_speed_time);
 275        }
 276
 277        curl_easy_setopt(result, CURLOPT_FOLLOWLOCATION, 1);
 278
 279        if (getenv("GIT_CURL_VERBOSE"))
 280                curl_easy_setopt(result, CURLOPT_VERBOSE, 1);
 281
 282        curl_easy_setopt(result, CURLOPT_USERAGENT, GIT_USER_AGENT);
 283
 284        if (curl_ftp_no_epsv)
 285                curl_easy_setopt(result, CURLOPT_FTP_USE_EPSV, 0);
 286
 287        if (curl_http_proxy)
 288                curl_easy_setopt(result, CURLOPT_PROXY, curl_http_proxy);
 289
 290        return result;
 291}
 292
 293static void http_auth_init(const char *url)
 294{
 295        char *at, *colon, *cp, *slash;
 296        int len;
 297
 298        cp = strstr(url, "://");
 299        if (!cp)
 300                return;
 301
 302        /*
 303         * Ok, the URL looks like "proto://something".  Which one?
 304         * "proto://<user>:<pass>@<host>/...",
 305         * "proto://<user>@<host>/...", or just
 306         * "proto://<host>/..."?
 307         */
 308        cp += 3;
 309        at = strchr(cp, '@');
 310        colon = strchr(cp, ':');
 311        slash = strchrnul(cp, '/');
 312        if (!at || slash <= at)
 313                return; /* No credentials */
 314        if (!colon || at <= colon) {
 315                /* Only username */
 316                len = at - cp;
 317                user_name = xmalloc(len + 1);
 318                memcpy(user_name, cp, len);
 319                user_name[len] = '\0';
 320                user_pass = NULL;
 321        } else {
 322                len = colon - cp;
 323                user_name = xmalloc(len + 1);
 324                memcpy(user_name, cp, len);
 325                user_name[len] = '\0';
 326                len = at - (colon + 1);
 327                user_pass = xmalloc(len + 1);
 328                memcpy(user_pass, colon + 1, len);
 329                user_pass[len] = '\0';
 330        }
 331}
 332
 333static void set_from_env(const char **var, const char *envname)
 334{
 335        const char *val = getenv(envname);
 336        if (val)
 337                *var = val;
 338}
 339
 340void http_init(struct remote *remote)
 341{
 342        char *low_speed_limit;
 343        char *low_speed_time;
 344
 345        http_is_verbose = 0;
 346
 347        git_config(http_options, NULL);
 348
 349        curl_global_init(CURL_GLOBAL_ALL);
 350
 351        if (remote && remote->http_proxy)
 352                curl_http_proxy = xstrdup(remote->http_proxy);
 353
 354        pragma_header = curl_slist_append(pragma_header, "Pragma: no-cache");
 355        no_pragma_header = curl_slist_append(no_pragma_header, "Pragma:");
 356
 357#ifdef USE_CURL_MULTI
 358        {
 359                char *http_max_requests = getenv("GIT_HTTP_MAX_REQUESTS");
 360                if (http_max_requests != NULL)
 361                        max_requests = atoi(http_max_requests);
 362        }
 363
 364        curlm = curl_multi_init();
 365        if (curlm == NULL) {
 366                fprintf(stderr, "Error creating curl multi handle.\n");
 367                exit(1);
 368        }
 369#endif
 370
 371        if (getenv("GIT_SSL_NO_VERIFY"))
 372                curl_ssl_verify = 0;
 373
 374        set_from_env(&ssl_cert, "GIT_SSL_CERT");
 375#if LIBCURL_VERSION_NUM >= 0x070903
 376        set_from_env(&ssl_key, "GIT_SSL_KEY");
 377#endif
 378#if LIBCURL_VERSION_NUM >= 0x070908
 379        set_from_env(&ssl_capath, "GIT_SSL_CAPATH");
 380#endif
 381        set_from_env(&ssl_cainfo, "GIT_SSL_CAINFO");
 382
 383        low_speed_limit = getenv("GIT_HTTP_LOW_SPEED_LIMIT");
 384        if (low_speed_limit != NULL)
 385                curl_low_speed_limit = strtol(low_speed_limit, NULL, 10);
 386        low_speed_time = getenv("GIT_HTTP_LOW_SPEED_TIME");
 387        if (low_speed_time != NULL)
 388                curl_low_speed_time = strtol(low_speed_time, NULL, 10);
 389
 390        if (curl_ssl_verify == -1)
 391                curl_ssl_verify = 1;
 392
 393        curl_session_count = 0;
 394#ifdef USE_CURL_MULTI
 395        if (max_requests < 1)
 396                max_requests = DEFAULT_MAX_REQUESTS;
 397#endif
 398
 399        if (getenv("GIT_CURL_FTP_NO_EPSV"))
 400                curl_ftp_no_epsv = 1;
 401
 402        if (remote && remote->url && remote->url[0]) {
 403                http_auth_init(remote->url[0]);
 404                if (!ssl_cert_password_required &&
 405                    getenv("GIT_SSL_CERT_PASSWORD_PROTECTED") &&
 406                    !prefixcmp(remote->url[0], "https://"))
 407                        ssl_cert_password_required = 1;
 408        }
 409
 410#ifndef NO_CURL_EASY_DUPHANDLE
 411        curl_default = get_curl_handle();
 412#endif
 413}
 414
 415void http_cleanup(void)
 416{
 417        struct active_request_slot *slot = active_queue_head;
 418
 419        while (slot != NULL) {
 420                struct active_request_slot *next = slot->next;
 421                if (slot->curl != NULL) {
 422#ifdef USE_CURL_MULTI
 423                        curl_multi_remove_handle(curlm, slot->curl);
 424#endif
 425                        curl_easy_cleanup(slot->curl);
 426                }
 427                free(slot);
 428                slot = next;
 429        }
 430        active_queue_head = NULL;
 431
 432#ifndef NO_CURL_EASY_DUPHANDLE
 433        curl_easy_cleanup(curl_default);
 434#endif
 435
 436#ifdef USE_CURL_MULTI
 437        curl_multi_cleanup(curlm);
 438#endif
 439        curl_global_cleanup();
 440
 441        curl_slist_free_all(pragma_header);
 442        pragma_header = NULL;
 443
 444        curl_slist_free_all(no_pragma_header);
 445        no_pragma_header = NULL;
 446
 447        if (curl_http_proxy) {
 448                free((void *)curl_http_proxy);
 449                curl_http_proxy = NULL;
 450        }
 451
 452        if (ssl_cert_password != NULL) {
 453                memset(ssl_cert_password, 0, strlen(ssl_cert_password));
 454                free(ssl_cert_password);
 455                ssl_cert_password = NULL;
 456        }
 457        ssl_cert_password_required = 0;
 458}
 459
 460struct active_request_slot *get_active_slot(void)
 461{
 462        struct active_request_slot *slot = active_queue_head;
 463        struct active_request_slot *newslot;
 464
 465#ifdef USE_CURL_MULTI
 466        int num_transfers;
 467
 468        /* Wait for a slot to open up if the queue is full */
 469        while (active_requests >= max_requests) {
 470                curl_multi_perform(curlm, &num_transfers);
 471                if (num_transfers < active_requests)
 472                        process_curl_messages();
 473        }
 474#endif
 475
 476        while (slot != NULL && slot->in_use)
 477                slot = slot->next;
 478
 479        if (slot == NULL) {
 480                newslot = xmalloc(sizeof(*newslot));
 481                newslot->curl = NULL;
 482                newslot->in_use = 0;
 483                newslot->next = NULL;
 484
 485                slot = active_queue_head;
 486                if (slot == NULL) {
 487                        active_queue_head = newslot;
 488                } else {
 489                        while (slot->next != NULL)
 490                                slot = slot->next;
 491                        slot->next = newslot;
 492                }
 493                slot = newslot;
 494        }
 495
 496        if (slot->curl == NULL) {
 497#ifdef NO_CURL_EASY_DUPHANDLE
 498                slot->curl = get_curl_handle();
 499#else
 500                slot->curl = curl_easy_duphandle(curl_default);
 501#endif
 502                curl_session_count++;
 503        }
 504
 505        active_requests++;
 506        slot->in_use = 1;
 507        slot->local = NULL;
 508        slot->results = NULL;
 509        slot->finished = NULL;
 510        slot->callback_data = NULL;
 511        slot->callback_func = NULL;
 512        curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, pragma_header);
 513        curl_easy_setopt(slot->curl, CURLOPT_ERRORBUFFER, curl_errorstr);
 514        curl_easy_setopt(slot->curl, CURLOPT_CUSTOMREQUEST, NULL);
 515        curl_easy_setopt(slot->curl, CURLOPT_READFUNCTION, NULL);
 516        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION, NULL);
 517        curl_easy_setopt(slot->curl, CURLOPT_UPLOAD, 0);
 518        curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
 519
 520        return slot;
 521}
 522
 523int start_active_slot(struct active_request_slot *slot)
 524{
 525#ifdef USE_CURL_MULTI
 526        CURLMcode curlm_result = curl_multi_add_handle(curlm, slot->curl);
 527        int num_transfers;
 528
 529        if (curlm_result != CURLM_OK &&
 530            curlm_result != CURLM_CALL_MULTI_PERFORM) {
 531                active_requests--;
 532                slot->in_use = 0;
 533                return 0;
 534        }
 535
 536        /*
 537         * We know there must be something to do, since we just added
 538         * something.
 539         */
 540        curl_multi_perform(curlm, &num_transfers);
 541#endif
 542        return 1;
 543}
 544
 545#ifdef USE_CURL_MULTI
 546struct fill_chain {
 547        void *data;
 548        int (*fill)(void *);
 549        struct fill_chain *next;
 550};
 551
 552static struct fill_chain *fill_cfg;
 553
 554void add_fill_function(void *data, int (*fill)(void *))
 555{
 556        struct fill_chain *new = xmalloc(sizeof(*new));
 557        struct fill_chain **linkp = &fill_cfg;
 558        new->data = data;
 559        new->fill = fill;
 560        new->next = NULL;
 561        while (*linkp)
 562                linkp = &(*linkp)->next;
 563        *linkp = new;
 564}
 565
 566void fill_active_slots(void)
 567{
 568        struct active_request_slot *slot = active_queue_head;
 569
 570        while (active_requests < max_requests) {
 571                struct fill_chain *fill;
 572                for (fill = fill_cfg; fill; fill = fill->next)
 573                        if (fill->fill(fill->data))
 574                                break;
 575
 576                if (!fill)
 577                        break;
 578        }
 579
 580        while (slot != NULL) {
 581                if (!slot->in_use && slot->curl != NULL
 582                        && curl_session_count > min_curl_sessions) {
 583                        curl_easy_cleanup(slot->curl);
 584                        slot->curl = NULL;
 585                        curl_session_count--;
 586                }
 587                slot = slot->next;
 588        }
 589}
 590
 591void step_active_slots(void)
 592{
 593        int num_transfers;
 594        CURLMcode curlm_result;
 595
 596        do {
 597                curlm_result = curl_multi_perform(curlm, &num_transfers);
 598        } while (curlm_result == CURLM_CALL_MULTI_PERFORM);
 599        if (num_transfers < active_requests) {
 600                process_curl_messages();
 601                fill_active_slots();
 602        }
 603}
 604#endif
 605
 606void run_active_slot(struct active_request_slot *slot)
 607{
 608#ifdef USE_CURL_MULTI
 609        long last_pos = 0;
 610        long current_pos;
 611        fd_set readfds;
 612        fd_set writefds;
 613        fd_set excfds;
 614        int max_fd;
 615        struct timeval select_timeout;
 616        int finished = 0;
 617
 618        slot->finished = &finished;
 619        while (!finished) {
 620                data_received = 0;
 621                step_active_slots();
 622
 623                if (!data_received && slot->local != NULL) {
 624                        current_pos = ftell(slot->local);
 625                        if (current_pos > last_pos)
 626                                data_received++;
 627                        last_pos = current_pos;
 628                }
 629
 630                if (slot->in_use && !data_received) {
 631                        max_fd = 0;
 632                        FD_ZERO(&readfds);
 633                        FD_ZERO(&writefds);
 634                        FD_ZERO(&excfds);
 635                        select_timeout.tv_sec = 0;
 636                        select_timeout.tv_usec = 50000;
 637                        select(max_fd, &readfds, &writefds,
 638                               &excfds, &select_timeout);
 639                }
 640        }
 641#else
 642        while (slot->in_use) {
 643                slot->curl_result = curl_easy_perform(slot->curl);
 644                finish_active_slot(slot);
 645        }
 646#endif
 647}
 648
 649static void closedown_active_slot(struct active_request_slot *slot)
 650{
 651        active_requests--;
 652        slot->in_use = 0;
 653}
 654
 655static void release_active_slot(struct active_request_slot *slot)
 656{
 657        closedown_active_slot(slot);
 658        if (slot->curl && curl_session_count > min_curl_sessions) {
 659#ifdef USE_CURL_MULTI
 660                curl_multi_remove_handle(curlm, slot->curl);
 661#endif
 662                curl_easy_cleanup(slot->curl);
 663                slot->curl = NULL;
 664                curl_session_count--;
 665        }
 666#ifdef USE_CURL_MULTI
 667        fill_active_slots();
 668#endif
 669}
 670
 671void finish_active_slot(struct active_request_slot *slot)
 672{
 673        closedown_active_slot(slot);
 674        curl_easy_getinfo(slot->curl, CURLINFO_HTTP_CODE, &slot->http_code);
 675
 676        if (slot->finished != NULL)
 677                (*slot->finished) = 1;
 678
 679        /* Store slot results so they can be read after the slot is reused */
 680        if (slot->results != NULL) {
 681                slot->results->curl_result = slot->curl_result;
 682                slot->results->http_code = slot->http_code;
 683        }
 684
 685        /* Run callback if appropriate */
 686        if (slot->callback_func != NULL)
 687                slot->callback_func(slot->callback_data);
 688}
 689
 690void finish_all_active_slots(void)
 691{
 692        struct active_request_slot *slot = active_queue_head;
 693
 694        while (slot != NULL)
 695                if (slot->in_use) {
 696                        run_active_slot(slot);
 697                        slot = active_queue_head;
 698                } else {
 699                        slot = slot->next;
 700                }
 701}
 702
 703/* Helpers for modifying and creating URLs */
 704static inline int needs_quote(int ch)
 705{
 706        if (((ch >= 'A') && (ch <= 'Z'))
 707                        || ((ch >= 'a') && (ch <= 'z'))
 708                        || ((ch >= '0') && (ch <= '9'))
 709                        || (ch == '/')
 710                        || (ch == '-')
 711                        || (ch == '.'))
 712                return 0;
 713        return 1;
 714}
 715
 716static inline int hex(int v)
 717{
 718        if (v < 10)
 719                return '0' + v;
 720        else
 721                return 'A' + v - 10;
 722}
 723
 724void end_url_with_slash(struct strbuf *buf, const char *url)
 725{
 726        strbuf_addstr(buf, url);
 727        if (buf->len && buf->buf[buf->len - 1] != '/')
 728                strbuf_addstr(buf, "/");
 729}
 730
 731static char *quote_ref_url(const char *base, const char *ref)
 732{
 733        struct strbuf buf = STRBUF_INIT;
 734        const char *cp;
 735        int ch;
 736
 737        end_url_with_slash(&buf, base);
 738
 739        for (cp = ref; (ch = *cp) != 0; cp++)
 740                if (needs_quote(ch))
 741                        strbuf_addf(&buf, "%%%02x", ch);
 742                else
 743                        strbuf_addch(&buf, *cp);
 744
 745        return strbuf_detach(&buf, NULL);
 746}
 747
 748void append_remote_object_url(struct strbuf *buf, const char *url,
 749                              const char *hex,
 750                              int only_two_digit_prefix)
 751{
 752        end_url_with_slash(buf, url);
 753
 754        strbuf_addf(buf, "objects/%.*s/", 2, hex);
 755        if (!only_two_digit_prefix)
 756                strbuf_addf(buf, "%s", hex+2);
 757}
 758
 759char *get_remote_object_url(const char *url, const char *hex,
 760                            int only_two_digit_prefix)
 761{
 762        struct strbuf buf = STRBUF_INIT;
 763        append_remote_object_url(&buf, url, hex, only_two_digit_prefix);
 764        return strbuf_detach(&buf, NULL);
 765}
 766
 767/* http_request() targets */
 768#define HTTP_REQUEST_STRBUF     0
 769#define HTTP_REQUEST_FILE       1
 770
 771static int http_request(const char *url, void *result, int target, int options)
 772{
 773        struct active_request_slot *slot;
 774        struct slot_results results;
 775        struct curl_slist *headers = NULL;
 776        struct strbuf buf = STRBUF_INIT;
 777        int ret;
 778
 779        slot = get_active_slot();
 780        slot->results = &results;
 781        curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
 782
 783        if (result == NULL) {
 784                curl_easy_setopt(slot->curl, CURLOPT_NOBODY, 1);
 785        } else {
 786                curl_easy_setopt(slot->curl, CURLOPT_NOBODY, 0);
 787                curl_easy_setopt(slot->curl, CURLOPT_FILE, result);
 788
 789                if (target == HTTP_REQUEST_FILE) {
 790                        long posn = ftell(result);
 791                        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
 792                                         fwrite);
 793                        if (posn > 0) {
 794                                strbuf_addf(&buf, "Range: bytes=%ld-", posn);
 795                                headers = curl_slist_append(headers, buf.buf);
 796                                strbuf_reset(&buf);
 797                        }
 798                        slot->local = result;
 799                } else
 800                        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
 801                                         fwrite_buffer);
 802        }
 803
 804        strbuf_addstr(&buf, "Pragma:");
 805        if (options & HTTP_NO_CACHE)
 806                strbuf_addstr(&buf, " no-cache");
 807
 808        headers = curl_slist_append(headers, buf.buf);
 809
 810        curl_easy_setopt(slot->curl, CURLOPT_URL, url);
 811        curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, headers);
 812
 813        if (start_active_slot(slot)) {
 814                run_active_slot(slot);
 815                if (results.curl_result == CURLE_OK)
 816                        ret = HTTP_OK;
 817                else if (missing_target(&results))
 818                        ret = HTTP_MISSING_TARGET;
 819                else if (results.http_code == 401) {
 820                        if (user_name) {
 821                                ret = HTTP_NOAUTH;
 822                        } else {
 823                                /*
 824                                 * git_getpass is needed here because its very likely stdin/stdout are
 825                                 * pipes to our parent process.  So we instead need to use /dev/tty,
 826                                 * but that is non-portable.  Using git_getpass() can at least be stubbed
 827                                 * on other platforms with a different implementation if/when necessary.
 828                                 */
 829                                user_name = xstrdup(git_getpass("Username: "));
 830                                init_curl_http_auth(slot->curl);
 831                                ret = HTTP_REAUTH;
 832                        }
 833                } else
 834                        ret = HTTP_ERROR;
 835        } else {
 836                error("Unable to start HTTP request for %s", url);
 837                ret = HTTP_START_FAILED;
 838        }
 839
 840        slot->local = NULL;
 841        curl_slist_free_all(headers);
 842        strbuf_release(&buf);
 843
 844        return ret;
 845}
 846
 847int http_get_strbuf(const char *url, struct strbuf *result, int options)
 848{
 849        int http_ret = http_request(url, result, HTTP_REQUEST_STRBUF, options);
 850        if (http_ret == HTTP_REAUTH) {
 851                http_ret = http_request(url, result, HTTP_REQUEST_STRBUF, options);
 852        }
 853        return http_ret;
 854}
 855
 856/*
 857 * Downloads an url and stores the result in the given file.
 858 *
 859 * If a previous interrupted download is detected (i.e. a previous temporary
 860 * file is still around) the download is resumed.
 861 */
 862static int http_get_file(const char *url, const char *filename, int options)
 863{
 864        int ret;
 865        struct strbuf tmpfile = STRBUF_INIT;
 866        FILE *result;
 867
 868        strbuf_addf(&tmpfile, "%s.temp", filename);
 869        result = fopen(tmpfile.buf, "a");
 870        if (! result) {
 871                error("Unable to open local file %s", tmpfile.buf);
 872                ret = HTTP_ERROR;
 873                goto cleanup;
 874        }
 875
 876        ret = http_request(url, result, HTTP_REQUEST_FILE, options);
 877        fclose(result);
 878
 879        if ((ret == HTTP_OK) && move_temp_to_file(tmpfile.buf, filename))
 880                ret = HTTP_ERROR;
 881cleanup:
 882        strbuf_release(&tmpfile);
 883        return ret;
 884}
 885
 886int http_error(const char *url, int ret)
 887{
 888        /* http_request has already handled HTTP_START_FAILED. */
 889        if (ret != HTTP_START_FAILED)
 890                error("%s while accessing %s\n", curl_errorstr, url);
 891
 892        return ret;
 893}
 894
 895int http_fetch_ref(const char *base, struct ref *ref)
 896{
 897        char *url;
 898        struct strbuf buffer = STRBUF_INIT;
 899        int ret = -1;
 900
 901        url = quote_ref_url(base, ref->name);
 902        if (http_get_strbuf(url, &buffer, HTTP_NO_CACHE) == HTTP_OK) {
 903                strbuf_rtrim(&buffer);
 904                if (buffer.len == 40)
 905                        ret = get_sha1_hex(buffer.buf, ref->old_sha1);
 906                else if (!prefixcmp(buffer.buf, "ref: ")) {
 907                        ref->symref = xstrdup(buffer.buf + 5);
 908                        ret = 0;
 909                }
 910        }
 911
 912        strbuf_release(&buffer);
 913        free(url);
 914        return ret;
 915}
 916
 917/* Helpers for fetching packs */
 918static char *fetch_pack_index(unsigned char *sha1, const char *base_url)
 919{
 920        char *url, *tmp;
 921        struct strbuf buf = STRBUF_INIT;
 922
 923        if (http_is_verbose)
 924                fprintf(stderr, "Getting index for pack %s\n", sha1_to_hex(sha1));
 925
 926        end_url_with_slash(&buf, base_url);
 927        strbuf_addf(&buf, "objects/pack/pack-%s.idx", sha1_to_hex(sha1));
 928        url = strbuf_detach(&buf, NULL);
 929
 930        strbuf_addf(&buf, "%s.temp", sha1_pack_index_name(sha1));
 931        tmp = strbuf_detach(&buf, NULL);
 932
 933        if (http_get_file(url, tmp, 0) != HTTP_OK) {
 934                error("Unable to get pack index %s\n", url);
 935                free(tmp);
 936                tmp = NULL;
 937        }
 938
 939        free(url);
 940        return tmp;
 941}
 942
 943static int fetch_and_setup_pack_index(struct packed_git **packs_head,
 944        unsigned char *sha1, const char *base_url)
 945{
 946        struct packed_git *new_pack;
 947        char *tmp_idx = NULL;
 948        int ret;
 949
 950        if (has_pack_index(sha1)) {
 951                new_pack = parse_pack_index(sha1, NULL);
 952                if (!new_pack)
 953                        return -1; /* parse_pack_index() already issued error message */
 954                goto add_pack;
 955        }
 956
 957        tmp_idx = fetch_pack_index(sha1, base_url);
 958        if (!tmp_idx)
 959                return -1;
 960
 961        new_pack = parse_pack_index(sha1, tmp_idx);
 962        if (!new_pack) {
 963                unlink(tmp_idx);
 964                free(tmp_idx);
 965
 966                return -1; /* parse_pack_index() already issued error message */
 967        }
 968
 969        ret = verify_pack_index(new_pack);
 970        if (!ret) {
 971                close_pack_index(new_pack);
 972                ret = move_temp_to_file(tmp_idx, sha1_pack_index_name(sha1));
 973        }
 974        free(tmp_idx);
 975        if (ret)
 976                return -1;
 977
 978add_pack:
 979        new_pack->next = *packs_head;
 980        *packs_head = new_pack;
 981        return 0;
 982}
 983
 984int http_get_info_packs(const char *base_url, struct packed_git **packs_head)
 985{
 986        int ret = 0, i = 0;
 987        char *url, *data;
 988        struct strbuf buf = STRBUF_INIT;
 989        unsigned char sha1[20];
 990
 991        end_url_with_slash(&buf, base_url);
 992        strbuf_addstr(&buf, "objects/info/packs");
 993        url = strbuf_detach(&buf, NULL);
 994
 995        ret = http_get_strbuf(url, &buf, HTTP_NO_CACHE);
 996        if (ret != HTTP_OK)
 997                goto cleanup;
 998
 999        data = buf.buf;
1000        while (i < buf.len) {
1001                switch (data[i]) {
1002                case 'P':
1003                        i++;
1004                        if (i + 52 <= buf.len &&
1005                            !prefixcmp(data + i, " pack-") &&
1006                            !prefixcmp(data + i + 46, ".pack\n")) {
1007                                get_sha1_hex(data + i + 6, sha1);
1008                                fetch_and_setup_pack_index(packs_head, sha1,
1009                                                      base_url);
1010                                i += 51;
1011                                break;
1012                        }
1013                default:
1014                        while (i < buf.len && data[i] != '\n')
1015                                i++;
1016                }
1017                i++;
1018        }
1019
1020cleanup:
1021        free(url);
1022        return ret;
1023}
1024
1025void release_http_pack_request(struct http_pack_request *preq)
1026{
1027        if (preq->packfile != NULL) {
1028                fclose(preq->packfile);
1029                preq->packfile = NULL;
1030                preq->slot->local = NULL;
1031        }
1032        if (preq->range_header != NULL) {
1033                curl_slist_free_all(preq->range_header);
1034                preq->range_header = NULL;
1035        }
1036        preq->slot = NULL;
1037        free(preq->url);
1038}
1039
1040int finish_http_pack_request(struct http_pack_request *preq)
1041{
1042        struct packed_git **lst;
1043        struct packed_git *p = preq->target;
1044        char *tmp_idx;
1045        struct child_process ip;
1046        const char *ip_argv[8];
1047
1048        close_pack_index(p);
1049
1050        fclose(preq->packfile);
1051        preq->packfile = NULL;
1052        preq->slot->local = NULL;
1053
1054        lst = preq->lst;
1055        while (*lst != p)
1056                lst = &((*lst)->next);
1057        *lst = (*lst)->next;
1058
1059        tmp_idx = xstrdup(preq->tmpfile);
1060        strcpy(tmp_idx + strlen(tmp_idx) - strlen(".pack.temp"),
1061               ".idx.temp");
1062
1063        ip_argv[0] = "index-pack";
1064        ip_argv[1] = "-o";
1065        ip_argv[2] = tmp_idx;
1066        ip_argv[3] = preq->tmpfile;
1067        ip_argv[4] = NULL;
1068
1069        memset(&ip, 0, sizeof(ip));
1070        ip.argv = ip_argv;
1071        ip.git_cmd = 1;
1072        ip.no_stdin = 1;
1073        ip.no_stdout = 1;
1074
1075        if (run_command(&ip)) {
1076                unlink(preq->tmpfile);
1077                unlink(tmp_idx);
1078                free(tmp_idx);
1079                return -1;
1080        }
1081
1082        unlink(sha1_pack_index_name(p->sha1));
1083
1084        if (move_temp_to_file(preq->tmpfile, sha1_pack_name(p->sha1))
1085         || move_temp_to_file(tmp_idx, sha1_pack_index_name(p->sha1))) {
1086                free(tmp_idx);
1087                return -1;
1088        }
1089
1090        install_packed_git(p);
1091        free(tmp_idx);
1092        return 0;
1093}
1094
1095struct http_pack_request *new_http_pack_request(
1096        struct packed_git *target, const char *base_url)
1097{
1098        long prev_posn = 0;
1099        char range[RANGE_HEADER_SIZE];
1100        struct strbuf buf = STRBUF_INIT;
1101        struct http_pack_request *preq;
1102
1103        preq = xmalloc(sizeof(*preq));
1104        preq->target = target;
1105        preq->range_header = NULL;
1106
1107        end_url_with_slash(&buf, base_url);
1108        strbuf_addf(&buf, "objects/pack/pack-%s.pack",
1109                sha1_to_hex(target->sha1));
1110        preq->url = strbuf_detach(&buf, NULL);
1111
1112        snprintf(preq->tmpfile, sizeof(preq->tmpfile), "%s.temp",
1113                sha1_pack_name(target->sha1));
1114        preq->packfile = fopen(preq->tmpfile, "a");
1115        if (!preq->packfile) {
1116                error("Unable to open local file %s for pack",
1117                      preq->tmpfile);
1118                goto abort;
1119        }
1120
1121        preq->slot = get_active_slot();
1122        preq->slot->local = preq->packfile;
1123        curl_easy_setopt(preq->slot->curl, CURLOPT_FILE, preq->packfile);
1124        curl_easy_setopt(preq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite);
1125        curl_easy_setopt(preq->slot->curl, CURLOPT_URL, preq->url);
1126        curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
1127                no_pragma_header);
1128
1129        /*
1130         * If there is data present from a previous transfer attempt,
1131         * resume where it left off
1132         */
1133        prev_posn = ftell(preq->packfile);
1134        if (prev_posn>0) {
1135                if (http_is_verbose)
1136                        fprintf(stderr,
1137                                "Resuming fetch of pack %s at byte %ld\n",
1138                                sha1_to_hex(target->sha1), prev_posn);
1139                sprintf(range, "Range: bytes=%ld-", prev_posn);
1140                preq->range_header = curl_slist_append(NULL, range);
1141                curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
1142                        preq->range_header);
1143        }
1144
1145        return preq;
1146
1147abort:
1148        free(preq->url);
1149        free(preq);
1150        return NULL;
1151}
1152
1153/* Helpers for fetching objects (loose) */
1154static size_t fwrite_sha1_file(void *ptr, size_t eltsize, size_t nmemb,
1155                               void *data)
1156{
1157        unsigned char expn[4096];
1158        size_t size = eltsize * nmemb;
1159        int posn = 0;
1160        struct http_object_request *freq =
1161                (struct http_object_request *)data;
1162        do {
1163                ssize_t retval = xwrite(freq->localfile,
1164                                        (char *) ptr + posn, size - posn);
1165                if (retval < 0)
1166                        return posn;
1167                posn += retval;
1168        } while (posn < size);
1169
1170        freq->stream.avail_in = size;
1171        freq->stream.next_in = ptr;
1172        do {
1173                freq->stream.next_out = expn;
1174                freq->stream.avail_out = sizeof(expn);
1175                freq->zret = git_inflate(&freq->stream, Z_SYNC_FLUSH);
1176                git_SHA1_Update(&freq->c, expn,
1177                                sizeof(expn) - freq->stream.avail_out);
1178        } while (freq->stream.avail_in && freq->zret == Z_OK);
1179        data_received++;
1180        return size;
1181}
1182
1183struct http_object_request *new_http_object_request(const char *base_url,
1184        unsigned char *sha1)
1185{
1186        char *hex = sha1_to_hex(sha1);
1187        char *filename;
1188        char prevfile[PATH_MAX];
1189        int prevlocal;
1190        unsigned char prev_buf[PREV_BUF_SIZE];
1191        ssize_t prev_read = 0;
1192        long prev_posn = 0;
1193        char range[RANGE_HEADER_SIZE];
1194        struct curl_slist *range_header = NULL;
1195        struct http_object_request *freq;
1196
1197        freq = xmalloc(sizeof(*freq));
1198        hashcpy(freq->sha1, sha1);
1199        freq->localfile = -1;
1200
1201        filename = sha1_file_name(sha1);
1202        snprintf(freq->tmpfile, sizeof(freq->tmpfile),
1203                 "%s.temp", filename);
1204
1205        snprintf(prevfile, sizeof(prevfile), "%s.prev", filename);
1206        unlink_or_warn(prevfile);
1207        rename(freq->tmpfile, prevfile);
1208        unlink_or_warn(freq->tmpfile);
1209
1210        if (freq->localfile != -1)
1211                error("fd leakage in start: %d", freq->localfile);
1212        freq->localfile = open(freq->tmpfile,
1213                               O_WRONLY | O_CREAT | O_EXCL, 0666);
1214        /*
1215         * This could have failed due to the "lazy directory creation";
1216         * try to mkdir the last path component.
1217         */
1218        if (freq->localfile < 0 && errno == ENOENT) {
1219                char *dir = strrchr(freq->tmpfile, '/');
1220                if (dir) {
1221                        *dir = 0;
1222                        mkdir(freq->tmpfile, 0777);
1223                        *dir = '/';
1224                }
1225                freq->localfile = open(freq->tmpfile,
1226                                       O_WRONLY | O_CREAT | O_EXCL, 0666);
1227        }
1228
1229        if (freq->localfile < 0) {
1230                error("Couldn't create temporary file %s: %s",
1231                      freq->tmpfile, strerror(errno));
1232                goto abort;
1233        }
1234
1235        memset(&freq->stream, 0, sizeof(freq->stream));
1236
1237        git_inflate_init(&freq->stream);
1238
1239        git_SHA1_Init(&freq->c);
1240
1241        freq->url = get_remote_object_url(base_url, hex, 0);
1242
1243        /*
1244         * If a previous temp file is present, process what was already
1245         * fetched.
1246         */
1247        prevlocal = open(prevfile, O_RDONLY);
1248        if (prevlocal != -1) {
1249                do {
1250                        prev_read = xread(prevlocal, prev_buf, PREV_BUF_SIZE);
1251                        if (prev_read>0) {
1252                                if (fwrite_sha1_file(prev_buf,
1253                                                     1,
1254                                                     prev_read,
1255                                                     freq) == prev_read) {
1256                                        prev_posn += prev_read;
1257                                } else {
1258                                        prev_read = -1;
1259                                }
1260                        }
1261                } while (prev_read > 0);
1262                close(prevlocal);
1263        }
1264        unlink_or_warn(prevfile);
1265
1266        /*
1267         * Reset inflate/SHA1 if there was an error reading the previous temp
1268         * file; also rewind to the beginning of the local file.
1269         */
1270        if (prev_read == -1) {
1271                memset(&freq->stream, 0, sizeof(freq->stream));
1272                git_inflate_init(&freq->stream);
1273                git_SHA1_Init(&freq->c);
1274                if (prev_posn>0) {
1275                        prev_posn = 0;
1276                        lseek(freq->localfile, 0, SEEK_SET);
1277                        if (ftruncate(freq->localfile, 0) < 0) {
1278                                error("Couldn't truncate temporary file %s: %s",
1279                                          freq->tmpfile, strerror(errno));
1280                                goto abort;
1281                        }
1282                }
1283        }
1284
1285        freq->slot = get_active_slot();
1286
1287        curl_easy_setopt(freq->slot->curl, CURLOPT_FILE, freq);
1288        curl_easy_setopt(freq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite_sha1_file);
1289        curl_easy_setopt(freq->slot->curl, CURLOPT_ERRORBUFFER, freq->errorstr);
1290        curl_easy_setopt(freq->slot->curl, CURLOPT_URL, freq->url);
1291        curl_easy_setopt(freq->slot->curl, CURLOPT_HTTPHEADER, no_pragma_header);
1292
1293        /*
1294         * If we have successfully processed data from a previous fetch
1295         * attempt, only fetch the data we don't already have.
1296         */
1297        if (prev_posn>0) {
1298                if (http_is_verbose)
1299                        fprintf(stderr,
1300                                "Resuming fetch of object %s at byte %ld\n",
1301                                hex, prev_posn);
1302                sprintf(range, "Range: bytes=%ld-", prev_posn);
1303                range_header = curl_slist_append(range_header, range);
1304                curl_easy_setopt(freq->slot->curl,
1305                                 CURLOPT_HTTPHEADER, range_header);
1306        }
1307
1308        return freq;
1309
1310abort:
1311        free(filename);
1312        free(freq->url);
1313        free(freq);
1314        return NULL;
1315}
1316
1317void process_http_object_request(struct http_object_request *freq)
1318{
1319        if (freq->slot == NULL)
1320                return;
1321        freq->curl_result = freq->slot->curl_result;
1322        freq->http_code = freq->slot->http_code;
1323        freq->slot = NULL;
1324}
1325
1326int finish_http_object_request(struct http_object_request *freq)
1327{
1328        struct stat st;
1329
1330        close(freq->localfile);
1331        freq->localfile = -1;
1332
1333        process_http_object_request(freq);
1334
1335        if (freq->http_code == 416) {
1336                warning("requested range invalid; we may already have all the data.");
1337        } else if (freq->curl_result != CURLE_OK) {
1338                if (stat(freq->tmpfile, &st) == 0)
1339                        if (st.st_size == 0)
1340                                unlink_or_warn(freq->tmpfile);
1341                return -1;
1342        }
1343
1344        git_inflate_end(&freq->stream);
1345        git_SHA1_Final(freq->real_sha1, &freq->c);
1346        if (freq->zret != Z_STREAM_END) {
1347                unlink_or_warn(freq->tmpfile);
1348                return -1;
1349        }
1350        if (hashcmp(freq->sha1, freq->real_sha1)) {
1351                unlink_or_warn(freq->tmpfile);
1352                return -1;
1353        }
1354        freq->rename =
1355                move_temp_to_file(freq->tmpfile, sha1_file_name(freq->sha1));
1356
1357        return freq->rename;
1358}
1359
1360void abort_http_object_request(struct http_object_request *freq)
1361{
1362        unlink_or_warn(freq->tmpfile);
1363
1364        release_http_object_request(freq);
1365}
1366
1367void release_http_object_request(struct http_object_request *freq)
1368{
1369        if (freq->localfile != -1) {
1370                close(freq->localfile);
1371                freq->localfile = -1;
1372        }
1373        if (freq->url != NULL) {
1374                free(freq->url);
1375                freq->url = NULL;
1376        }
1377        if (freq->slot != NULL) {
1378                freq->slot->callback_func = NULL;
1379                freq->slot->callback_data = NULL;
1380                release_active_slot(freq->slot);
1381                freq->slot = NULL;
1382        }
1383}