1#include "builtin.h"
2#include "lockfile.h"
3#include "pack.h"
4#include "refs.h"
5#include "pkt-line.h"
6#include "sideband.h"
7#include "run-command.h"
8#include "exec_cmd.h"
9#include "commit.h"
10#include "object.h"
11#include "remote.h"
12#include "connect.h"
13#include "transport.h"
14#include "string-list.h"
15#include "sha1-array.h"
16#include "connected.h"
17#include "argv-array.h"
18#include "version.h"
19#include "tag.h"
20#include "gpg-interface.h"
21#include "sigchain.h"
22static const char receive_pack_usage[] = "git receive-pack <git-dir>";
24enum deny_action {
26 DENY_UNCONFIGURED,
27 DENY_IGNORE,
28 DENY_WARN,
29 DENY_REFUSE,
30 DENY_UPDATE_INSTEAD
31};
32static int deny_deletes;
34static int deny_non_fast_forwards;
35static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
36static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
37static int receive_fsck_objects = -1;
38static int transfer_fsck_objects = -1;
39static int receive_unpack_limit = -1;
40static int transfer_unpack_limit = -1;
41static int advertise_atomic_push = 1;
42static int unpack_limit = 100;
43static int report_status;
44static int use_sideband;
45static int use_atomic;
46static int quiet;
47static int prefer_ofs_delta = 1;
48static int auto_update_server_info;
49static int auto_gc = 1;
50static int fix_thin = 1;
51static int stateless_rpc;
52static const char *service_dir;
53static const char *head_name;
54static void *head_name_to_free;
55static int sent_capabilities;
56static int shallow_update;
57static const char *alt_shallow_file;
58static struct strbuf push_cert = STRBUF_INIT;
59static unsigned char push_cert_sha1[20];
60static struct signature_check sigcheck;
61static const char *push_cert_nonce;
62static const char *cert_nonce_seed;
63static const char *NONCE_UNSOLICITED = "UNSOLICITED";
65static const char *NONCE_BAD = "BAD";
66static const char *NONCE_MISSING = "MISSING";
67static const char *NONCE_OK = "OK";
68static const char *NONCE_SLOP = "SLOP";
69static const char *nonce_status;
70static long nonce_stamp_slop;
71static unsigned long nonce_stamp_slop_limit;
72static struct ref_transaction *transaction;
73static enum deny_action parse_deny_action(const char *var, const char *value)
75{
76 if (value) {
77 if (!strcasecmp(value, "ignore"))
78 return DENY_IGNORE;
79 if (!strcasecmp(value, "warn"))
80 return DENY_WARN;
81 if (!strcasecmp(value, "refuse"))
82 return DENY_REFUSE;
83 if (!strcasecmp(value, "updateinstead"))
84 return DENY_UPDATE_INSTEAD;
85 }
86 if (git_config_bool(var, value))
87 return DENY_REFUSE;
88 return DENY_IGNORE;
89}
90static int receive_pack_config(const char *var, const char *value, void *cb)
92{
93 int status = parse_hide_refs_config(var, value, "receive");
94 if (status)
96 return status;
97 if (strcmp(var, "receive.denydeletes") == 0) {
99 deny_deletes = git_config_bool(var, value);
100 return 0;
101 }
102 if (strcmp(var, "receive.denynonfastforwards") == 0) {
104 deny_non_fast_forwards = git_config_bool(var, value);
105 return 0;
106 }
107 if (strcmp(var, "receive.unpacklimit") == 0) {
109 receive_unpack_limit = git_config_int(var, value);
110 return 0;
111 }
112 if (strcmp(var, "transfer.unpacklimit") == 0) {
114 transfer_unpack_limit = git_config_int(var, value);
115 return 0;
116 }
117 if (strcmp(var, "receive.fsckobjects") == 0) {
119 receive_fsck_objects = git_config_bool(var, value);
120 return 0;
121 }
122 if (strcmp(var, "transfer.fsckobjects") == 0) {
124 transfer_fsck_objects = git_config_bool(var, value);
125 return 0;
126 }
127 if (!strcmp(var, "receive.denycurrentbranch")) {
129 deny_current_branch = parse_deny_action(var, value);
130 return 0;
131 }
132 if (strcmp(var, "receive.denydeletecurrent") == 0) {
134 deny_delete_current = parse_deny_action(var, value);
135 return 0;
136 }
137 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
139 prefer_ofs_delta = git_config_bool(var, value);
140 return 0;
141 }
142 if (strcmp(var, "receive.updateserverinfo") == 0) {
144 auto_update_server_info = git_config_bool(var, value);
145 return 0;
146 }
147 if (strcmp(var, "receive.autogc") == 0) {
149 auto_gc = git_config_bool(var, value);
150 return 0;
151 }
152 if (strcmp(var, "receive.shallowupdate") == 0) {
154 shallow_update = git_config_bool(var, value);
155 return 0;
156 }
157 if (strcmp(var, "receive.certnonceseed") == 0)
159 return git_config_string(&cert_nonce_seed, var, value);
160 if (strcmp(var, "receive.certnonceslop") == 0) {
162 nonce_stamp_slop_limit = git_config_ulong(var, value);
163 return 0;
164 }
165 if (strcmp(var, "receive.advertiseatomic") == 0) {
167 advertise_atomic_push = git_config_bool(var, value);
168 return 0;
169 }
170 return git_default_config(var, value, cb);
172}
173static void show_ref(const char *path, const unsigned char *sha1)
175{
176 if (ref_is_hidden(path))
177 return;
178 if (sent_capabilities) {
180 packet_write(1, "%s %s\n", sha1_to_hex(sha1), path);
181 } else {
182 struct strbuf cap = STRBUF_INIT;
183 strbuf_addstr(&cap,
185 "report-status delete-refs side-band-64k quiet");
186 if (advertise_atomic_push)
187 strbuf_addstr(&cap, " atomic");
188 if (prefer_ofs_delta)
189 strbuf_addstr(&cap, " ofs-delta");
190 if (push_cert_nonce)
191 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
192 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
193 packet_write(1, "%s %s%c%s\n",
194 sha1_to_hex(sha1), path, 0, cap.buf);
195 strbuf_release(&cap);
196 sent_capabilities = 1;
197 }
198}
199static int show_ref_cb(const char *path, const unsigned char *sha1, int flag, void *unused)
201{
202 path = strip_namespace(path);
203 /*
204 * Advertise refs outside our current namespace as ".have"
205 * refs, so that the client can use them to minimize data
206 * transfer but will otherwise ignore them. This happens to
207 * cover ".have" that are thrown in by add_one_alternate_ref()
208 * to mark histories that are complete in our alternates as
209 * well.
210 */
211 if (!path)
212 path = ".have";
213 show_ref(path, sha1);
214 return 0;
215}
216static void show_one_alternate_sha1(const unsigned char sha1[20], void *unused)
218{
219 show_ref(".have", sha1);
220}
221static void collect_one_alternate_ref(const struct ref *ref, void *data)
223{
224 struct sha1_array *sa = data;
225 sha1_array_append(sa, ref->old_sha1);
226}
227static void write_head_info(void)
229{
230 struct sha1_array sa = SHA1_ARRAY_INIT;
231 struct each_ref_fn_sha1_adapter wrapped_show_ref_cb =
232 {show_ref_cb, NULL};
233 for_each_alternate_ref(collect_one_alternate_ref, &sa);
235 sha1_array_for_each_unique(&sa, show_one_alternate_sha1, NULL);
236 sha1_array_clear(&sa);
237 for_each_ref(each_ref_fn_adapter, &wrapped_show_ref_cb);
238 if (!sent_capabilities)
239 show_ref("capabilities^{}", null_sha1);
240 advertise_shallow_grafts(1);
242 /* EOF */
244 packet_flush(1);
245}
246struct command {
248 struct command *next;
249 const char *error_string;
250 unsigned int skip_update:1,
251 did_not_exist:1;
252 int index;
253 unsigned char old_sha1[20];
254 unsigned char new_sha1[20];
255 char ref_name[FLEX_ARRAY]; /* more */
256};
257static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
259static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
260static void report_message(const char *prefix, const char *err, va_list params)
262{
263 int sz = strlen(prefix);
264 char msg[4096];
265 strncpy(msg, prefix, sz);
267 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
268 if (sz > (sizeof(msg) - 1))
269 sz = sizeof(msg) - 1;
270 msg[sz++] = '\n';
271 if (use_sideband)
273 send_sideband(1, 2, msg, sz, use_sideband);
274 else
275 xwrite(2, msg, sz);
276}
277static void rp_warning(const char *err, ...)
279{
280 va_list params;
281 va_start(params, err);
282 report_message("warning: ", err, params);
283 va_end(params);
284}
285static void rp_error(const char *err, ...)
287{
288 va_list params;
289 va_start(params, err);
290 report_message("error: ", err, params);
291 va_end(params);
292}
293static int copy_to_sideband(int in, int out, void *arg)
295{
296 char data[128];
297 while (1) {
298 ssize_t sz = xread(in, data, sizeof(data));
299 if (sz <= 0)
300 break;
301 send_sideband(1, 2, data, sz, use_sideband);
302 }
303 close(in);
304 return 0;
305}
306#define HMAC_BLOCK_SIZE 64
308static void hmac_sha1(unsigned char *out,
310 const char *key_in, size_t key_len,
311 const char *text, size_t text_len)
312{
313 unsigned char key[HMAC_BLOCK_SIZE];
314 unsigned char k_ipad[HMAC_BLOCK_SIZE];
315 unsigned char k_opad[HMAC_BLOCK_SIZE];
316 int i;
317 git_SHA_CTX ctx;
318 /* RFC 2104 2. (1) */
320 memset(key, '\0', HMAC_BLOCK_SIZE);
321 if (HMAC_BLOCK_SIZE < key_len) {
322 git_SHA1_Init(&ctx);
323 git_SHA1_Update(&ctx, key_in, key_len);
324 git_SHA1_Final(key, &ctx);
325 } else {
326 memcpy(key, key_in, key_len);
327 }
328 /* RFC 2104 2. (2) & (5) */
330 for (i = 0; i < sizeof(key); i++) {
331 k_ipad[i] = key[i] ^ 0x36;
332 k_opad[i] = key[i] ^ 0x5c;
333 }
334 /* RFC 2104 2. (3) & (4) */
336 git_SHA1_Init(&ctx);
337 git_SHA1_Update(&ctx, k_ipad, sizeof(k_ipad));
338 git_SHA1_Update(&ctx, text, text_len);
339 git_SHA1_Final(out, &ctx);
340 /* RFC 2104 2. (6) & (7) */
342 git_SHA1_Init(&ctx);
343 git_SHA1_Update(&ctx, k_opad, sizeof(k_opad));
344 git_SHA1_Update(&ctx, out, 20);
345 git_SHA1_Final(out, &ctx);
346}
347static char *prepare_push_cert_nonce(const char *path, unsigned long stamp)
349{
350 struct strbuf buf = STRBUF_INIT;
351 unsigned char sha1[20];
352 strbuf_addf(&buf, "%s:%lu", path, stamp);
354 hmac_sha1(sha1, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));;
355 strbuf_release(&buf);
356 /* RFC 2104 5. HMAC-SHA1-80 */
358 strbuf_addf(&buf, "%lu-%.*s", stamp, 20, sha1_to_hex(sha1));
359 return strbuf_detach(&buf, NULL);
360}
361/*
363 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
364 * after dropping "_commit" from its name and possibly moving it out
365 * of commit.c
366 */
367static char *find_header(const char *msg, size_t len, const char *key)
368{
369 int key_len = strlen(key);
370 const char *line = msg;
371 while (line && line < msg + len) {
373 const char *eol = strchrnul(line, '\n');
374 if ((msg + len <= eol) || line == eol)
376 return NULL;
377 if (line + key_len < eol &&
378 !memcmp(line, key, key_len) && line[key_len] == ' ') {
379 int offset = key_len + 1;
380 return xmemdupz(line + offset, (eol - line) - offset);
381 }
382 line = *eol ? eol + 1 : NULL;
383 }
384 return NULL;
385}
386static const char *check_nonce(const char *buf, size_t len)
388{
389 char *nonce = find_header(buf, len, "nonce");
390 unsigned long stamp, ostamp;
391 char *bohmac, *expect = NULL;
392 const char *retval = NONCE_BAD;
393 if (!nonce) {
395 retval = NONCE_MISSING;
396 goto leave;
397 } else if (!push_cert_nonce) {
398 retval = NONCE_UNSOLICITED;
399 goto leave;
400 } else if (!strcmp(push_cert_nonce, nonce)) {
401 retval = NONCE_OK;
402 goto leave;
403 }
404 if (!stateless_rpc) {
406 /* returned nonce MUST match what we gave out earlier */
407 retval = NONCE_BAD;
408 goto leave;
409 }
410 /*
412 * In stateless mode, we may be receiving a nonce issued by
413 * another instance of the server that serving the same
414 * repository, and the timestamps may not match, but the
415 * nonce-seed and dir should match, so we can recompute and
416 * report the time slop.
417 *
418 * In addition, when a nonce issued by another instance has
419 * timestamp within receive.certnonceslop seconds, we pretend
420 * as if we issued that nonce when reporting to the hook.
421 */
422 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
424 if (*nonce <= '0' || '9' < *nonce) {
425 retval = NONCE_BAD;
426 goto leave;
427 }
428 stamp = strtoul(nonce, &bohmac, 10);
429 if (bohmac == nonce || bohmac[0] != '-') {
430 retval = NONCE_BAD;
431 goto leave;
432 }
433 expect = prepare_push_cert_nonce(service_dir, stamp);
435 if (strcmp(expect, nonce)) {
436 /* Not what we would have signed earlier */
437 retval = NONCE_BAD;
438 goto leave;
439 }
440 /*
442 * By how many seconds is this nonce stale? Negative value
443 * would mean it was issued by another server with its clock
444 * skewed in the future.
445 */
446 ostamp = strtoul(push_cert_nonce, NULL, 10);
447 nonce_stamp_slop = (long)ostamp - (long)stamp;
448 if (nonce_stamp_slop_limit &&
450 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
451 /*
452 * Pretend as if the received nonce (which passes the
453 * HMAC check, so it is not a forged by third-party)
454 * is what we issued.
455 */
456 free((void *)push_cert_nonce);
457 push_cert_nonce = xstrdup(nonce);
458 retval = NONCE_OK;
459 } else {
460 retval = NONCE_SLOP;
461 }
462leave:
464 free(nonce);
465 free(expect);
466 return retval;
467}
468static void prepare_push_cert_sha1(struct child_process *proc)
470{
471 static int already_done;
472 if (!push_cert.len)
474 return;
475 if (!already_done) {
477 struct strbuf gpg_output = STRBUF_INIT;
478 struct strbuf gpg_status = STRBUF_INIT;
479 int bogs /* beginning_of_gpg_sig */;
480 already_done = 1;
482 if (write_sha1_file(push_cert.buf, push_cert.len, "blob", push_cert_sha1))
483 hashclr(push_cert_sha1);
484 memset(&sigcheck, '\0', sizeof(sigcheck));
486 sigcheck.result = 'N';
487 bogs = parse_signature(push_cert.buf, push_cert.len);
489 if (verify_signed_buffer(push_cert.buf, bogs,
490 push_cert.buf + bogs, push_cert.len - bogs,
491 &gpg_output, &gpg_status) < 0) {
492 ; /* error running gpg */
493 } else {
494 sigcheck.payload = push_cert.buf;
495 sigcheck.gpg_output = gpg_output.buf;
496 sigcheck.gpg_status = gpg_status.buf;
497 parse_gpg_output(&sigcheck);
498 }
499 strbuf_release(&gpg_output);
501 strbuf_release(&gpg_status);
502 nonce_status = check_nonce(push_cert.buf, bogs);
503 }
504 if (!is_null_sha1(push_cert_sha1)) {
505 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT=%s",
506 sha1_to_hex(push_cert_sha1));
507 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_SIGNER=%s",
508 sigcheck.signer ? sigcheck.signer : "");
509 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_KEY=%s",
510 sigcheck.key ? sigcheck.key : "");
511 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_STATUS=%c",
512 sigcheck.result);
513 if (push_cert_nonce) {
514 argv_array_pushf(&proc->env_array,
515 "GIT_PUSH_CERT_NONCE=%s",
516 push_cert_nonce);
517 argv_array_pushf(&proc->env_array,
518 "GIT_PUSH_CERT_NONCE_STATUS=%s",
519 nonce_status);
520 if (nonce_status == NONCE_SLOP)
521 argv_array_pushf(&proc->env_array,
522 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
523 nonce_stamp_slop);
524 }
525 }
526}
527typedef int (*feed_fn)(void *, const char **, size_t *);
529static int run_and_feed_hook(const char *hook_name, feed_fn feed, void *feed_state)
530{
531 struct child_process proc = CHILD_PROCESS_INIT;
532 struct async muxer;
533 const char *argv[2];
534 int code;
535 argv[0] = find_hook(hook_name);
537 if (!argv[0])
538 return 0;
539 argv[1] = NULL;
541 proc.argv = argv;
543 proc.in = -1;
544 proc.stdout_to_stderr = 1;
545 if (use_sideband) {
547 memset(&muxer, 0, sizeof(muxer));
548 muxer.proc = copy_to_sideband;
549 muxer.in = -1;
550 code = start_async(&muxer);
551 if (code)
552 return code;
553 proc.err = muxer.in;
554 }
555 prepare_push_cert_sha1(&proc);
557 code = start_command(&proc);
559 if (code) {
560 if (use_sideband)
561 finish_async(&muxer);
562 return code;
563 }
564 sigchain_push(SIGPIPE, SIG_IGN);
566 while (1) {
568 const char *buf;
569 size_t n;
570 if (feed(feed_state, &buf, &n))
571 break;
572 if (write_in_full(proc.in, buf, n) != n)
573 break;
574 }
575 close(proc.in);
576 if (use_sideband)
577 finish_async(&muxer);
578 sigchain_pop(SIGPIPE);
580 return finish_command(&proc);
582}
583struct receive_hook_feed_state {
585 struct command *cmd;
586 int skip_broken;
587 struct strbuf buf;
588};
589static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
591{
592 struct receive_hook_feed_state *state = state_;
593 struct command *cmd = state->cmd;
594 while (cmd &&
596 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
597 cmd = cmd->next;
598 if (!cmd)
599 return -1; /* EOF */
600 strbuf_reset(&state->buf);
601 strbuf_addf(&state->buf, "%s %s %s\n",
602 sha1_to_hex(cmd->old_sha1), sha1_to_hex(cmd->new_sha1),
603 cmd->ref_name);
604 state->cmd = cmd->next;
605 if (bufp) {
606 *bufp = state->buf.buf;
607 *sizep = state->buf.len;
608 }
609 return 0;
610}
611static int run_receive_hook(struct command *commands, const char *hook_name,
613 int skip_broken)
614{
615 struct receive_hook_feed_state state;
616 int status;
617 strbuf_init(&state.buf, 0);
619 state.cmd = commands;
620 state.skip_broken = skip_broken;
621 if (feed_receive_hook(&state, NULL, NULL))
622 return 0;
623 state.cmd = commands;
624 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
625 strbuf_release(&state.buf);
626 return status;
627}
628static int run_update_hook(struct command *cmd)
630{
631 const char *argv[5];
632 struct child_process proc = CHILD_PROCESS_INIT;
633 int code;
634 argv[0] = find_hook("update");
636 if (!argv[0])
637 return 0;
638 argv[1] = cmd->ref_name;
640 argv[2] = sha1_to_hex(cmd->old_sha1);
641 argv[3] = sha1_to_hex(cmd->new_sha1);
642 argv[4] = NULL;
643 proc.no_stdin = 1;
645 proc.stdout_to_stderr = 1;
646 proc.err = use_sideband ? -1 : 0;
647 proc.argv = argv;
648 code = start_command(&proc);
650 if (code)
651 return code;
652 if (use_sideband)
653 copy_to_sideband(proc.err, -1, NULL);
654 return finish_command(&proc);
655}
656static int is_ref_checked_out(const char *ref)
658{
659 if (is_bare_repository())
660 return 0;
661 if (!head_name)
663 return 0;
664 return !strcmp(head_name, ref);
665}
666static char *refuse_unconfigured_deny_msg[] = {
668 "By default, updating the current branch in a non-bare repository",
669 "is denied, because it will make the index and work tree inconsistent",
670 "with what you pushed, and will require 'git reset --hard' to match",
671 "the work tree to HEAD.",
672 "",
673 "You can set 'receive.denyCurrentBranch' configuration variable to",
674 "'ignore' or 'warn' in the remote repository to allow pushing into",
675 "its current branch; however, this is not recommended unless you",
676 "arranged to update its work tree to match what you pushed in some",
677 "other way.",
678 "",
679 "To squelch this message and still keep the default behaviour, set",
680 "'receive.denyCurrentBranch' configuration variable to 'refuse'."
681};
682static void refuse_unconfigured_deny(void)
684{
685 int i;
686 for (i = 0; i < ARRAY_SIZE(refuse_unconfigured_deny_msg); i++)
687 rp_error("%s", refuse_unconfigured_deny_msg[i]);
688}
689static char *refuse_unconfigured_deny_delete_current_msg[] = {
691 "By default, deleting the current branch is denied, because the next",
692 "'git clone' won't result in any file checked out, causing confusion.",
693 "",
694 "You can set 'receive.denyDeleteCurrent' configuration variable to",
695 "'warn' or 'ignore' in the remote repository to allow deleting the",
696 "current branch, with or without a warning message.",
697 "",
698 "To squelch this message, you can set it to 'refuse'."
699};
700static void refuse_unconfigured_deny_delete_current(void)
702{
703 int i;
704 for (i = 0;
705 i < ARRAY_SIZE(refuse_unconfigured_deny_delete_current_msg);
706 i++)
707 rp_error("%s", refuse_unconfigured_deny_delete_current_msg[i]);
708}
709static int command_singleton_iterator(void *cb_data, unsigned char sha1[20]);
711static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
712{
713 static struct lock_file shallow_lock;
714 struct sha1_array extra = SHA1_ARRAY_INIT;
715 const char *alt_file;
716 uint32_t mask = 1 << (cmd->index % 32);
717 int i;
718 trace_printf_key(&trace_shallow,
720 "shallow: update_shallow_ref %s\n", cmd->ref_name);
721 for (i = 0; i < si->shallow->nr; i++)
722 if (si->used_shallow[i] &&
723 (si->used_shallow[i][cmd->index / 32] & mask) &&
724 !delayed_reachability_test(si, i))
725 sha1_array_append(&extra, si->shallow->sha1[i]);
726 setup_alternate_shallow(&shallow_lock, &alt_file, &extra);
728 if (check_shallow_connected(command_singleton_iterator,
729 0, cmd, alt_file)) {
730 rollback_lock_file(&shallow_lock);
731 sha1_array_clear(&extra);
732 return -1;
733 }
734 commit_lock_file(&shallow_lock);
736 /*
738 * Make sure setup_alternate_shallow() for the next ref does
739 * not lose these new roots..
740 */
741 for (i = 0; i < extra.nr; i++)
742 register_shallow(extra.sha1[i]);
743 si->shallow_ref[cmd->index] = 0;
745 sha1_array_clear(&extra);
746 return 0;
747}
748/*
750 * NEEDSWORK: we should consolidate various implementions of "are we
751 * on an unborn branch?" test into one, and make the unified one more
752 * robust. !get_sha1() based check used here and elsewhere would not
753 * allow us to tell an unborn branch from corrupt ref, for example.
754 * For the purpose of fixing "deploy-to-update does not work when
755 * pushing into an empty repository" issue, this should suffice for
756 * now.
757 */
758static int head_has_history(void)
759{
760 unsigned char sha1[20];
761 return !get_sha1("HEAD", sha1);
763}
764static const char *push_to_deploy(unsigned char *sha1,
766 struct argv_array *env,
767 const char *work_tree)
768{
769 const char *update_refresh[] = {
770 "update-index", "-q", "--ignore-submodules", "--refresh", NULL
771 };
772 const char *diff_files[] = {
773 "diff-files", "--quiet", "--ignore-submodules", "--", NULL
774 };
775 const char *diff_index[] = {
776 "diff-index", "--quiet", "--cached", "--ignore-submodules",
777 NULL, "--", NULL
778 };
779 const char *read_tree[] = {
780 "read-tree", "-u", "-m", NULL, NULL
781 };
782 struct child_process child = CHILD_PROCESS_INIT;
783 child.argv = update_refresh;
785 child.env = env->argv;
786 child.dir = work_tree;
787 child.no_stdin = 1;
788 child.stdout_to_stderr = 1;
789 child.git_cmd = 1;
790 if (run_command(&child))
791 return "Up-to-date check failed";
792 /* run_command() does not clean up completely; reinitialize */
794 child_process_init(&child);
795 child.argv = diff_files;
796 child.env = env->argv;
797 child.dir = work_tree;
798 child.no_stdin = 1;
799 child.stdout_to_stderr = 1;
800 child.git_cmd = 1;
801 if (run_command(&child))
802 return "Working directory has unstaged changes";
803 /* diff-index with either HEAD or an empty tree */
805 diff_index[4] = head_has_history() ? "HEAD" : EMPTY_TREE_SHA1_HEX;
806 child_process_init(&child);
808 child.argv = diff_index;
809 child.env = env->argv;
810 child.no_stdin = 1;
811 child.no_stdout = 1;
812 child.stdout_to_stderr = 0;
813 child.git_cmd = 1;
814 if (run_command(&child))
815 return "Working directory has staged changes";
816 read_tree[3] = sha1_to_hex(sha1);
818 child_process_init(&child);
819 child.argv = read_tree;
820 child.env = env->argv;
821 child.dir = work_tree;
822 child.no_stdin = 1;
823 child.no_stdout = 1;
824 child.stdout_to_stderr = 0;
825 child.git_cmd = 1;
826 if (run_command(&child))
827 return "Could not update working tree to new HEAD";
828 return NULL;
830}
831static const char *push_to_checkout_hook = "push-to-checkout";
833static const char *push_to_checkout(unsigned char *sha1,
835 struct argv_array *env,
836 const char *work_tree)
837{
838 argv_array_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
839 if (run_hook_le(env->argv, push_to_checkout_hook,
840 sha1_to_hex(sha1), NULL))
841 return "push-to-checkout hook declined";
842 else
843 return NULL;
844}
845static const char *update_worktree(unsigned char *sha1)
847{
848 const char *retval;
849 const char *work_tree = git_work_tree_cfg ? git_work_tree_cfg : "..";
850 struct argv_array env = ARGV_ARRAY_INIT;
851 if (is_bare_repository())
853 return "denyCurrentBranch = updateInstead needs a worktree";
854 argv_array_pushf(&env, "GIT_DIR=%s", absolute_path(get_git_dir()));
856 if (!find_hook(push_to_checkout_hook))
858 retval = push_to_deploy(sha1, &env, work_tree);
859 else
860 retval = push_to_checkout(sha1, &env, work_tree);
861 argv_array_clear(&env);
863 return retval;
864}
865static const char *update(struct command *cmd, struct shallow_info *si)
867{
868 const char *name = cmd->ref_name;
869 struct strbuf namespaced_name_buf = STRBUF_INIT;
870 const char *namespaced_name, *ret;
871 unsigned char *old_sha1 = cmd->old_sha1;
872 unsigned char *new_sha1 = cmd->new_sha1;
873 /* only refs/... are allowed */
875 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
876 rp_error("refusing to create funny ref '%s' remotely", name);
877 return "funny refname";
878 }
879 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
881 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
882 if (is_ref_checked_out(namespaced_name)) {
884 switch (deny_current_branch) {
885 case DENY_IGNORE:
886 break;
887 case DENY_WARN:
888 rp_warning("updating the current branch");
889 break;
890 case DENY_REFUSE:
891 case DENY_UNCONFIGURED:
892 rp_error("refusing to update checked out branch: %s", name);
893 if (deny_current_branch == DENY_UNCONFIGURED)
894 refuse_unconfigured_deny();
895 return "branch is currently checked out";
896 case DENY_UPDATE_INSTEAD:
897 ret = update_worktree(new_sha1);
898 if (ret)
899 return ret;
900 break;
901 }
902 }
903 if (!is_null_sha1(new_sha1) && !has_sha1_file(new_sha1)) {
905 error("unpack should have generated %s, "
906 "but I can't find it!", sha1_to_hex(new_sha1));
907 return "bad pack";
908 }
909 if (!is_null_sha1(old_sha1) && is_null_sha1(new_sha1)) {
911 if (deny_deletes && starts_with(name, "refs/heads/")) {
912 rp_error("denying ref deletion for %s", name);
913 return "deletion prohibited";
914 }
915 if (!strcmp(namespaced_name, head_name)) {
917 switch (deny_delete_current) {
918 case DENY_IGNORE:
919 break;
920 case DENY_WARN:
921 rp_warning("deleting the current branch");
922 break;
923 case DENY_REFUSE:
924 case DENY_UNCONFIGURED:
925 case DENY_UPDATE_INSTEAD:
926 if (deny_delete_current == DENY_UNCONFIGURED)
927 refuse_unconfigured_deny_delete_current();
928 rp_error("refusing to delete the current branch: %s", name);
929 return "deletion of the current branch prohibited";
930 default:
931 return "Invalid denyDeleteCurrent setting";
932 }
933 }
934 }
935 if (deny_non_fast_forwards && !is_null_sha1(new_sha1) &&
937 !is_null_sha1(old_sha1) &&
938 starts_with(name, "refs/heads/")) {
939 struct object *old_object, *new_object;
940 struct commit *old_commit, *new_commit;
941 old_object = parse_object(old_sha1);
943 new_object = parse_object(new_sha1);
944 if (!old_object || !new_object ||
946 old_object->type != OBJ_COMMIT ||
947 new_object->type != OBJ_COMMIT) {
948 error("bad sha1 objects for %s", name);
949 return "bad ref";
950 }
951 old_commit = (struct commit *)old_object;
952 new_commit = (struct commit *)new_object;
953 if (!in_merge_bases(old_commit, new_commit)) {
954 rp_error("denying non-fast-forward %s"
955 " (you should pull first)", name);
956 return "non-fast-forward";
957 }
958 }
959 if (run_update_hook(cmd)) {
960 rp_error("hook declined to update %s", name);
961 return "hook declined";
962 }
963 if (is_null_sha1(new_sha1)) {
965 struct strbuf err = STRBUF_INIT;
966 if (!parse_object(old_sha1)) {
967 old_sha1 = NULL;
968 if (ref_exists(name)) {
969 rp_warning("Allowing deletion of corrupt ref.");
970 } else {
971 rp_warning("Deleting a non-existent ref.");
972 cmd->did_not_exist = 1;
973 }
974 }
975 if (ref_transaction_delete(transaction,
976 namespaced_name,
977 old_sha1,
978 0, "push", &err)) {
979 rp_error("%s", err.buf);
980 strbuf_release(&err);
981 return "failed to delete";
982 }
983 strbuf_release(&err);
984 return NULL; /* good */
985 }
986 else {
987 struct strbuf err = STRBUF_INIT;
988 if (shallow_update && si->shallow_ref[cmd->index] &&
989 update_shallow_ref(cmd, si))
990 return "shallow error";
991 if (ref_transaction_update(transaction,
993 namespaced_name,
994 new_sha1, old_sha1,
995 0, "push",
996 &err)) {
997 rp_error("%s", err.buf);
998 strbuf_release(&err);
999 return "failed to update ref";
1001 }
1002 strbuf_release(&err);
1003 return NULL; /* good */
1005 }
1006}
1007static void run_update_post_hook(struct command *commands)
1009{
1010 struct command *cmd;
1011 int argc;
1012 const char **argv;
1013 struct child_process proc = CHILD_PROCESS_INIT;
1014 const char *hook;
1015 hook = find_hook("post-update");
1017 for (argc = 0, cmd = commands; cmd; cmd = cmd->next) {
1018 if (cmd->error_string || cmd->did_not_exist)
1019 continue;
1020 argc++;
1021 }
1022 if (!argc || !hook)
1023 return;
1024 argv = xmalloc(sizeof(*argv) * (2 + argc));
1026 argv[0] = hook;
1027 for (argc = 1, cmd = commands; cmd; cmd = cmd->next) {
1029 if (cmd->error_string || cmd->did_not_exist)
1030 continue;
1031 argv[argc] = xstrdup(cmd->ref_name);
1032 argc++;
1033 }
1034 argv[argc] = NULL;
1035 proc.no_stdin = 1;
1037 proc.stdout_to_stderr = 1;
1038 proc.err = use_sideband ? -1 : 0;
1039 proc.argv = argv;
1040 if (!start_command(&proc)) {
1042 if (use_sideband)
1043 copy_to_sideband(proc.err, -1, NULL);
1044 finish_command(&proc);
1045 }
1046}
1047static void check_aliased_update(struct command *cmd, struct string_list *list)
1049{
1050 struct strbuf buf = STRBUF_INIT;
1051 const char *dst_name;
1052 struct string_list_item *item;
1053 struct command *dst_cmd;
1054 unsigned char sha1[20];
1055 char cmd_oldh[41], cmd_newh[41], dst_oldh[41], dst_newh[41];
1056 int flag;
1057 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1059 dst_name = resolve_ref_unsafe(buf.buf, 0, sha1, &flag);
1060 strbuf_release(&buf);
1061 if (!(flag & REF_ISSYMREF))
1063 return;
1064 dst_name = strip_namespace(dst_name);
1066 if (!dst_name) {
1067 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1068 cmd->skip_update = 1;
1069 cmd->error_string = "broken symref";
1070 return;
1071 }
1072 if ((item = string_list_lookup(list, dst_name)) == NULL)
1074 return;
1075 cmd->skip_update = 1;
1077 dst_cmd = (struct command *) item->util;
1079 if (!hashcmp(cmd->old_sha1, dst_cmd->old_sha1) &&
1081 !hashcmp(cmd->new_sha1, dst_cmd->new_sha1))
1082 return;
1083 dst_cmd->skip_update = 1;
1085 strcpy(cmd_oldh, find_unique_abbrev(cmd->old_sha1, DEFAULT_ABBREV));
1087 strcpy(cmd_newh, find_unique_abbrev(cmd->new_sha1, DEFAULT_ABBREV));
1088 strcpy(dst_oldh, find_unique_abbrev(dst_cmd->old_sha1, DEFAULT_ABBREV));
1089 strcpy(dst_newh, find_unique_abbrev(dst_cmd->new_sha1, DEFAULT_ABBREV));
1090 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1091 " its target '%s' (%s..%s)",
1092 cmd->ref_name, cmd_oldh, cmd_newh,
1093 dst_cmd->ref_name, dst_oldh, dst_newh);
1094 cmd->error_string = dst_cmd->error_string =
1096 "inconsistent aliased update";
1097}
1098static void check_aliased_updates(struct command *commands)
1100{
1101 struct command *cmd;
1102 struct string_list ref_list = STRING_LIST_INIT_NODUP;
1103 for (cmd = commands; cmd; cmd = cmd->next) {
1105 struct string_list_item *item =
1106 string_list_append(&ref_list, cmd->ref_name);
1107 item->util = (void *)cmd;
1108 }
1109 string_list_sort(&ref_list);
1110 for (cmd = commands; cmd; cmd = cmd->next) {
1112 if (!cmd->error_string)
1113 check_aliased_update(cmd, &ref_list);
1114 }
1115 string_list_clear(&ref_list, 0);
1117}
1118static int command_singleton_iterator(void *cb_data, unsigned char sha1[20])
1120{
1121 struct command **cmd_list = cb_data;
1122 struct command *cmd = *cmd_list;
1123 if (!cmd || is_null_sha1(cmd->new_sha1))
1125 return -1; /* end of list */
1126 *cmd_list = NULL; /* this returns only one */
1127 hashcpy(sha1, cmd->new_sha1);
1128 return 0;
1129}
1130static void set_connectivity_errors(struct command *commands,
1132 struct shallow_info *si)
1133{
1134 struct command *cmd;
1135 for (cmd = commands; cmd; cmd = cmd->next) {
1137 struct command *singleton = cmd;
1138 if (shallow_update && si->shallow_ref[cmd->index])
1139 /* to be checked in update_shallow_ref() */
1140 continue;
1141 if (!check_everything_connected(command_singleton_iterator,
1142 0, &singleton))
1143 continue;
1144 cmd->error_string = "missing necessary objects";
1145 }
1146}
1147struct iterate_data {
1149 struct command *cmds;
1150 struct shallow_info *si;
1151};
1152static int iterate_receive_command_list(void *cb_data, unsigned char sha1[20])
1154{
1155 struct iterate_data *data = cb_data;
1156 struct command **cmd_list = &data->cmds;
1157 struct command *cmd = *cmd_list;
1158 for (; cmd; cmd = cmd->next) {
1160 if (shallow_update && data->si->shallow_ref[cmd->index])
1161 /* to be checked in update_shallow_ref() */
1162 continue;
1163 if (!is_null_sha1(cmd->new_sha1) && !cmd->skip_update) {
1164 hashcpy(sha1, cmd->new_sha1);
1165 *cmd_list = cmd->next;
1166 return 0;
1167 }
1168 }
1169 *cmd_list = NULL;
1170 return -1; /* end of list */
1171}
1172static void reject_updates_to_hidden(struct command *commands)
1174{
1175 struct command *cmd;
1176 for (cmd = commands; cmd; cmd = cmd->next) {
1178 if (cmd->error_string || !ref_is_hidden(cmd->ref_name))
1179 continue;
1180 if (is_null_sha1(cmd->new_sha1))
1181 cmd->error_string = "deny deleting a hidden ref";
1182 else
1183 cmd->error_string = "deny updating a hidden ref";
1184 }
1185}
1186static int should_process_cmd(struct command *cmd)
1188{
1189 return !cmd->error_string && !cmd->skip_update;
1190}
1191static void warn_if_skipped_connectivity_check(struct command *commands,
1193 struct shallow_info *si)
1194{
1195 struct command *cmd;
1196 int checked_connectivity = 1;
1197 for (cmd = commands; cmd; cmd = cmd->next) {
1199 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index]) {
1200 error("BUG: connectivity check has not been run on ref %s",
1201 cmd->ref_name);
1202 checked_connectivity = 0;
1203 }
1204 }
1205 if (!checked_connectivity)
1206 die("BUG: connectivity check skipped???");
1207}
1208static void execute_commands_non_atomic(struct command *commands,
1210 struct shallow_info *si)
1211{
1212 struct command *cmd;
1213 struct strbuf err = STRBUF_INIT;
1214 for (cmd = commands; cmd; cmd = cmd->next) {
1216 if (!should_process_cmd(cmd))
1217 continue;
1218 transaction = ref_transaction_begin(&err);
1220 if (!transaction) {
1221 rp_error("%s", err.buf);
1222 strbuf_reset(&err);
1223 cmd->error_string = "transaction failed to start";
1224 continue;
1225 }
1226 cmd->error_string = update(cmd, si);
1228 if (!cmd->error_string
1230 && ref_transaction_commit(transaction, &err)) {
1231 rp_error("%s", err.buf);
1232 strbuf_reset(&err);
1233 cmd->error_string = "failed to update ref";
1234 }
1235 ref_transaction_free(transaction);
1236 }
1237 strbuf_release(&err);
1238}
1239static void execute_commands_atomic(struct command *commands,
1241 struct shallow_info *si)
1242{
1243 struct command *cmd;
1244 struct strbuf err = STRBUF_INIT;
1245 const char *reported_error = "atomic push failure";
1246 transaction = ref_transaction_begin(&err);
1248 if (!transaction) {
1249 rp_error("%s", err.buf);
1250 strbuf_reset(&err);
1251 reported_error = "transaction failed to start";
1252 goto failure;
1253 }
1254 for (cmd = commands; cmd; cmd = cmd->next) {
1256 if (!should_process_cmd(cmd))
1257 continue;
1258 cmd->error_string = update(cmd, si);
1260 if (cmd->error_string)
1262 goto failure;
1263 }
1264 if (ref_transaction_commit(transaction, &err)) {
1266 rp_error("%s", err.buf);
1267 reported_error = "atomic transaction failed";
1268 goto failure;
1269 }
1270 goto cleanup;
1271failure:
1273 for (cmd = commands; cmd; cmd = cmd->next)
1274 if (!cmd->error_string)
1275 cmd->error_string = reported_error;
1276cleanup:
1278 ref_transaction_free(transaction);
1279 strbuf_release(&err);
1280}
1281static void execute_commands(struct command *commands,
1283 const char *unpacker_error,
1284 struct shallow_info *si)
1285{
1286 struct command *cmd;
1287 unsigned char sha1[20];
1288 struct iterate_data data;
1289 if (unpacker_error) {
1291 for (cmd = commands; cmd; cmd = cmd->next)
1292 cmd->error_string = "unpacker error";
1293 return;
1294 }
1295 data.cmds = commands;
1297 data.si = si;
1298 if (check_everything_connected(iterate_receive_command_list, 0, &data))
1299 set_connectivity_errors(commands, si);
1300 reject_updates_to_hidden(commands);
1302 if (run_receive_hook(commands, "pre-receive", 0)) {
1304 for (cmd = commands; cmd; cmd = cmd->next) {
1305 if (!cmd->error_string)
1306 cmd->error_string = "pre-receive hook declined";
1307 }
1308 return;
1309 }
1310 check_aliased_updates(commands);
1312 free(head_name_to_free);
1314 head_name = head_name_to_free = resolve_refdup("HEAD", 0, sha1, NULL);
1315 if (use_atomic)
1317 execute_commands_atomic(commands, si);
1318 else
1319 execute_commands_non_atomic(commands, si);
1320 if (shallow_update)
1322 warn_if_skipped_connectivity_check(commands, si);
1323}
1324static struct command **queue_command(struct command **tail,
1326 const char *line,
1327 int linelen)
1328{
1329 unsigned char old_sha1[20], new_sha1[20];
1330 struct command *cmd;
1331 const char *refname;
1332 int reflen;
1333 if (linelen < 83 ||
1335 line[40] != ' ' ||
1336 line[81] != ' ' ||
1337 get_sha1_hex(line, old_sha1) ||
1338 get_sha1_hex(line + 41, new_sha1))
1339 die("protocol error: expected old/new/ref, got '%s'", line);
1340 refname = line + 82;
1342 reflen = linelen - 82;
1343 cmd = xcalloc(1, sizeof(struct command) + reflen + 1);
1344 hashcpy(cmd->old_sha1, old_sha1);
1345 hashcpy(cmd->new_sha1, new_sha1);
1346 memcpy(cmd->ref_name, refname, reflen);
1347 cmd->ref_name[reflen] = '\0';
1348 *tail = cmd;
1349 return &cmd->next;
1350}
1351static void queue_commands_from_cert(struct command **tail,
1353 struct strbuf *push_cert)
1354{
1355 const char *boc, *eoc;
1356 if (*tail)
1358 die("protocol error: got both push certificate and unsigned commands");
1359 boc = strstr(push_cert->buf, "\n\n");
1361 if (!boc)
1362 die("malformed push certificate %.*s", 100, push_cert->buf);
1363 else
1364 boc += 2;
1365 eoc = push_cert->buf + parse_signature(push_cert->buf, push_cert->len);
1366 while (boc < eoc) {
1368 const char *eol = memchr(boc, '\n', eoc - boc);
1369 tail = queue_command(tail, boc, eol ? eol - boc : eoc - eol);
1370 boc = eol ? eol + 1 : eoc;
1371 }
1372}
1373static struct command *read_head_info(struct sha1_array *shallow)
1375{
1376 struct command *commands = NULL;
1377 struct command **p = &commands;
1378 for (;;) {
1379 char *line;
1380 int len, linelen;
1381 line = packet_read_line(0, &len);
1383 if (!line)
1384 break;
1385 if (len == 48 && starts_with(line, "shallow ")) {
1387 unsigned char sha1[20];
1388 if (get_sha1_hex(line + 8, sha1))
1389 die("protocol error: expected shallow sha, got '%s'",
1390 line + 8);
1391 sha1_array_append(shallow, sha1);
1392 continue;
1393 }
1394 linelen = strlen(line);
1396 if (linelen < len) {
1397 const char *feature_list = line + linelen + 1;
1398 if (parse_feature_request(feature_list, "report-status"))
1399 report_status = 1;
1400 if (parse_feature_request(feature_list, "side-band-64k"))
1401 use_sideband = LARGE_PACKET_MAX;
1402 if (parse_feature_request(feature_list, "quiet"))
1403 quiet = 1;
1404 if (advertise_atomic_push
1405 && parse_feature_request(feature_list, "atomic"))
1406 use_atomic = 1;
1407 }
1408 if (!strcmp(line, "push-cert")) {
1410 int true_flush = 0;
1411 char certbuf[1024];
1412 for (;;) {
1414 len = packet_read(0, NULL, NULL,
1415 certbuf, sizeof(certbuf), 0);
1416 if (!len) {
1417 true_flush = 1;
1418 break;
1419 }
1420 if (!strcmp(certbuf, "push-cert-end\n"))
1421 break; /* end of cert */
1422 strbuf_addstr(&push_cert, certbuf);
1423 }
1424 if (true_flush)
1426 break;
1427 continue;
1428 }
1429 p = queue_command(p, line, linelen);
1431 }
1432 if (push_cert.len)
1434 queue_commands_from_cert(p, &push_cert);
1435 return commands;
1437}
1438static const char *parse_pack_header(struct pack_header *hdr)
1440{
1441 switch (read_pack_header(0, hdr)) {
1442 case PH_ERROR_EOF:
1443 return "eof before pack header was fully read";
1444 case PH_ERROR_PACK_SIGNATURE:
1446 return "protocol error (pack signature mismatch detected)";
1447 case PH_ERROR_PROTOCOL:
1449 return "protocol error (pack version unsupported)";
1450 default:
1452 return "unknown error in parse_pack_header";
1453 case 0:
1455 return NULL;
1456 }
1457}
1458static const char *pack_lockfile;
1460static const char *unpack(int err_fd, struct shallow_info *si)
1462{
1463 struct pack_header hdr;
1464 const char *hdr_err;
1465 int status;
1466 char hdr_arg[38];
1467 struct child_process child = CHILD_PROCESS_INIT;
1468 int fsck_objects = (receive_fsck_objects >= 0
1469 ? receive_fsck_objects
1470 : transfer_fsck_objects >= 0
1471 ? transfer_fsck_objects
1472 : 0);
1473 hdr_err = parse_pack_header(&hdr);
1475 if (hdr_err) {
1476 if (err_fd > 0)
1477 close(err_fd);
1478 return hdr_err;
1479 }
1480 snprintf(hdr_arg, sizeof(hdr_arg),
1481 "--pack_header=%"PRIu32",%"PRIu32,
1482 ntohl(hdr.hdr_version), ntohl(hdr.hdr_entries));
1483 if (si->nr_ours || si->nr_theirs) {
1485 alt_shallow_file = setup_temporary_shallow(si->shallow);
1486 argv_array_push(&child.args, "--shallow-file");
1487 argv_array_push(&child.args, alt_shallow_file);
1488 }
1489 if (ntohl(hdr.hdr_entries) < unpack_limit) {
1491 argv_array_pushl(&child.args, "unpack-objects", hdr_arg, NULL);
1492 if (quiet)
1493 argv_array_push(&child.args, "-q");
1494 if (fsck_objects)
1495 argv_array_push(&child.args, "--strict");
1496 child.no_stdout = 1;
1497 child.err = err_fd;
1498 child.git_cmd = 1;
1499 status = run_command(&child);
1500 if (status)
1501 return "unpack-objects abnormal exit";
1502 } else {
1503 int s;
1504 char keep_arg[256];
1505 s = sprintf(keep_arg, "--keep=receive-pack %"PRIuMAX" on ", (uintmax_t) getpid());
1507 if (gethostname(keep_arg + s, sizeof(keep_arg) - s))
1508 strcpy(keep_arg + s, "localhost");
1509 argv_array_pushl(&child.args, "index-pack",
1511 "--stdin", hdr_arg, keep_arg, NULL);
1512 if (fsck_objects)
1513 argv_array_push(&child.args, "--strict");
1514 if (fix_thin)
1515 argv_array_push(&child.args, "--fix-thin");
1516 child.out = -1;
1517 child.err = err_fd;
1518 child.git_cmd = 1;
1519 status = start_command(&child);
1520 if (status)
1521 return "index-pack fork failed";
1522 pack_lockfile = index_pack_lockfile(child.out);
1523 close(child.out);
1524 status = finish_command(&child);
1525 if (status)
1526 return "index-pack abnormal exit";
1527 reprepare_packed_git();
1528 }
1529 return NULL;
1530}
1531static const char *unpack_with_sideband(struct shallow_info *si)
1533{
1534 struct async muxer;
1535 const char *ret;
1536 if (!use_sideband)
1538 return unpack(0, si);
1539 memset(&muxer, 0, sizeof(muxer));
1541 muxer.proc = copy_to_sideband;
1542 muxer.in = -1;
1543 if (start_async(&muxer))
1544 return NULL;
1545 ret = unpack(muxer.in, si);
1547 finish_async(&muxer);
1549 return ret;
1550}
1551static void prepare_shallow_update(struct command *commands,
1553 struct shallow_info *si)
1554{
1555 int i, j, k, bitmap_size = (si->ref->nr + 31) / 32;
1556 si->used_shallow = xmalloc(sizeof(*si->used_shallow) *
1558 si->shallow->nr);
1559 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
1560 si->need_reachability_test =
1562 xcalloc(si->shallow->nr, sizeof(*si->need_reachability_test));
1563 si->reachable =
1564 xcalloc(si->shallow->nr, sizeof(*si->reachable));
1565 si->shallow_ref = xcalloc(si->ref->nr, sizeof(*si->shallow_ref));
1566 for (i = 0; i < si->nr_ours; i++)
1568 si->need_reachability_test[si->ours[i]] = 1;
1569 for (i = 0; i < si->shallow->nr; i++) {
1571 if (!si->used_shallow[i])
1572 continue;
1573 for (j = 0; j < bitmap_size; j++) {
1574 if (!si->used_shallow[i][j])
1575 continue;
1576 si->need_reachability_test[i]++;
1577 for (k = 0; k < 32; k++)
1578 if (si->used_shallow[i][j] & (1 << k))
1579 si->shallow_ref[j * 32 + k]++;
1580 }
1581 /*
1583 * true for those associated with some refs and belong
1584 * in "ours" list aka "step 7 not done yet"
1585 */
1586 si->need_reachability_test[i] =
1587 si->need_reachability_test[i] > 1;
1588 }
1589 /*
1591 * keep hooks happy by forcing a temporary shallow file via
1592 * env variable because we can't add --shallow-file to every
1593 * command. check_everything_connected() will be done with
1594 * true .git/shallow though.
1595 */
1596 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
1597}
1598static void update_shallow_info(struct command *commands,
1600 struct shallow_info *si,
1601 struct sha1_array *ref)
1602{
1603 struct command *cmd;
1604 int *ref_status;
1605 remove_nonexistent_theirs_shallow(si);
1606 if (!si->nr_ours && !si->nr_theirs) {
1607 shallow_update = 0;
1608 return;
1609 }
1610 for (cmd = commands; cmd; cmd = cmd->next) {
1612 if (is_null_sha1(cmd->new_sha1))
1613 continue;
1614 sha1_array_append(ref, cmd->new_sha1);
1615 cmd->index = ref->nr - 1;
1616 }
1617 si->ref = ref;
1618 if (shallow_update) {
1620 prepare_shallow_update(commands, si);
1621 return;
1622 }
1623 ref_status = xmalloc(sizeof(*ref_status) * ref->nr);
1625 assign_shallow_commits_to_refs(si, NULL, ref_status);
1626 for (cmd = commands; cmd; cmd = cmd->next) {
1627 if (is_null_sha1(cmd->new_sha1))
1628 continue;
1629 if (ref_status[cmd->index]) {
1630 cmd->error_string = "shallow update not allowed";
1631 cmd->skip_update = 1;
1632 }
1633 }
1634 free(ref_status);
1635}
1636static void report(struct command *commands, const char *unpack_status)
1638{
1639 struct command *cmd;
1640 struct strbuf buf = STRBUF_INIT;
1641 packet_buf_write(&buf, "unpack %s\n",
1643 unpack_status ? unpack_status : "ok");
1644 for (cmd = commands; cmd; cmd = cmd->next) {
1645 if (!cmd->error_string)
1646 packet_buf_write(&buf, "ok %s\n",
1647 cmd->ref_name);
1648 else
1649 packet_buf_write(&buf, "ng %s %s\n",
1650 cmd->ref_name, cmd->error_string);
1651 }
1652 packet_buf_flush(&buf);
1653 if (use_sideband)
1655 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
1656 else
1657 write_or_die(1, buf.buf, buf.len);
1658 strbuf_release(&buf);
1659}
1660static int delete_only(struct command *commands)
1662{
1663 struct command *cmd;
1664 for (cmd = commands; cmd; cmd = cmd->next) {
1665 if (!is_null_sha1(cmd->new_sha1))
1666 return 0;
1667 }
1668 return 1;
1669}
1670int cmd_receive_pack(int argc, const char **argv, const char *prefix)
1672{
1673 int advertise_refs = 0;
1674 int i;
1675 struct command *commands;
1676 struct sha1_array shallow = SHA1_ARRAY_INIT;
1677 struct sha1_array ref = SHA1_ARRAY_INIT;
1678 struct shallow_info si;
1679 packet_trace_identity("receive-pack");
1681 argv++;
1683 for (i = 1; i < argc; i++) {
1684 const char *arg = *argv++;
1685 if (*arg == '-') {
1687 if (!strcmp(arg, "--quiet")) {
1688 quiet = 1;
1689 continue;
1690 }
1691 if (!strcmp(arg, "--advertise-refs")) {
1693 advertise_refs = 1;
1694 continue;
1695 }
1696 if (!strcmp(arg, "--stateless-rpc")) {
1697 stateless_rpc = 1;
1698 continue;
1699 }
1700 if (!strcmp(arg, "--reject-thin-pack-for-testing")) {
1701 fix_thin = 0;
1702 continue;
1703 }
1704 usage(receive_pack_usage);
1706 }
1707 if (service_dir)
1708 usage(receive_pack_usage);
1709 service_dir = arg;
1710 }
1711 if (!service_dir)
1712 usage(receive_pack_usage);
1713 setup_path();
1715 if (!enter_repo(service_dir, 0))
1717 die("'%s' does not appear to be a git repository", service_dir);
1718 git_config(receive_pack_config, NULL);
1720 if (cert_nonce_seed)
1721 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
1722 if (0 <= transfer_unpack_limit)
1724 unpack_limit = transfer_unpack_limit;
1725 else if (0 <= receive_unpack_limit)
1726 unpack_limit = receive_unpack_limit;
1727 if (advertise_refs || !stateless_rpc) {
1729 write_head_info();
1730 }
1731 if (advertise_refs)
1732 return 0;
1733 if ((commands = read_head_info(&shallow)) != NULL) {
1735 const char *unpack_status = NULL;
1736 prepare_shallow_info(&si, &shallow);
1738 if (!si.nr_ours && !si.nr_theirs)
1739 shallow_update = 0;
1740 if (!delete_only(commands)) {
1741 unpack_status = unpack_with_sideband(&si);
1742 update_shallow_info(commands, &si, &ref);
1743 }
1744 execute_commands(commands, unpack_status, &si);
1745 if (pack_lockfile)
1746 unlink_or_warn(pack_lockfile);
1747 if (report_status)
1748 report(commands, unpack_status);
1749 run_receive_hook(commands, "post-receive", 1);
1750 run_update_post_hook(commands);
1751 if (auto_gc) {
1752 const char *argv_gc_auto[] = {
1753 "gc", "--auto", "--quiet", NULL,
1754 };
1755 int opt = RUN_GIT_CMD | RUN_COMMAND_STDOUT_TO_STDERR;
1756 run_command_v_opt(argv_gc_auto, opt);
1757 }
1758 if (auto_update_server_info)
1759 update_server_info(0);
1760 clear_shallow_info(&si);
1761 }
1762 if (use_sideband)
1763 packet_flush(1);
1764 sha1_array_clear(&shallow);
1765 sha1_array_clear(&ref);
1766 free((void *)push_cert_nonce);
1767 return 0;
1768}