connect.con commit connect: request remote refs using v2 (e52449b)
   1#include "git-compat-util.h"
   2#include "cache.h"
   3#include "config.h"
   4#include "pkt-line.h"
   5#include "quote.h"
   6#include "refs.h"
   7#include "run-command.h"
   8#include "remote.h"
   9#include "connect.h"
  10#include "url.h"
  11#include "string-list.h"
  12#include "sha1-array.h"
  13#include "transport.h"
  14#include "strbuf.h"
  15#include "version.h"
  16#include "protocol.h"
  17
  18static char *server_capabilities_v1;
  19static struct argv_array server_capabilities_v2 = ARGV_ARRAY_INIT;
  20static const char *parse_feature_value(const char *, const char *, int *);
  21
  22static int check_ref(const char *name, unsigned int flags)
  23{
  24        if (!flags)
  25                return 1;
  26
  27        if (!skip_prefix(name, "refs/", &name))
  28                return 0;
  29
  30        /* REF_NORMAL means that we don't want the magic fake tag refs */
  31        if ((flags & REF_NORMAL) && check_refname_format(name, 0))
  32                return 0;
  33
  34        /* REF_HEADS means that we want regular branch heads */
  35        if ((flags & REF_HEADS) && starts_with(name, "heads/"))
  36                return 1;
  37
  38        /* REF_TAGS means that we want tags */
  39        if ((flags & REF_TAGS) && starts_with(name, "tags/"))
  40                return 1;
  41
  42        /* All type bits clear means that we are ok with anything */
  43        return !(flags & ~REF_NORMAL);
  44}
  45
  46int check_ref_type(const struct ref *ref, int flags)
  47{
  48        return check_ref(ref->name, flags);
  49}
  50
  51static void die_initial_contact(int unexpected)
  52{
  53        /*
  54         * A hang-up after seeing some response from the other end
  55         * means that it is unexpected, as we know the other end is
  56         * willing to talk to us.  A hang-up before seeing any
  57         * response does not necessarily mean an ACL problem, though.
  58         */
  59        if (unexpected)
  60                die(_("The remote end hung up upon initial contact"));
  61        else
  62                die(_("Could not read from remote repository.\n\n"
  63                      "Please make sure you have the correct access rights\n"
  64                      "and the repository exists."));
  65}
  66
  67/* Checks if the server supports the capability 'c' */
  68int server_supports_v2(const char *c, int die_on_error)
  69{
  70        int i;
  71
  72        for (i = 0; i < server_capabilities_v2.argc; i++) {
  73                const char *out;
  74                if (skip_prefix(server_capabilities_v2.argv[i], c, &out) &&
  75                    (!*out || *out == '='))
  76                        return 1;
  77        }
  78
  79        if (die_on_error)
  80                die("server doesn't support '%s'", c);
  81
  82        return 0;
  83}
  84
  85static void process_capabilities_v2(struct packet_reader *reader)
  86{
  87        while (packet_reader_read(reader) == PACKET_READ_NORMAL)
  88                argv_array_push(&server_capabilities_v2, reader->line);
  89
  90        if (reader->status != PACKET_READ_FLUSH)
  91                die("expected flush after capabilities");
  92}
  93
  94enum protocol_version discover_version(struct packet_reader *reader)
  95{
  96        enum protocol_version version = protocol_unknown_version;
  97
  98        /*
  99         * Peek the first line of the server's response to
 100         * determine the protocol version the server is speaking.
 101         */
 102        switch (packet_reader_peek(reader)) {
 103        case PACKET_READ_EOF:
 104                die_initial_contact(0);
 105        case PACKET_READ_FLUSH:
 106        case PACKET_READ_DELIM:
 107                version = protocol_v0;
 108                break;
 109        case PACKET_READ_NORMAL:
 110                version = determine_protocol_version_client(reader->line);
 111                break;
 112        }
 113
 114        switch (version) {
 115        case protocol_v2:
 116                process_capabilities_v2(reader);
 117                break;
 118        case protocol_v1:
 119                /* Read the peeked version line */
 120                packet_reader_read(reader);
 121                break;
 122        case protocol_v0:
 123                break;
 124        case protocol_unknown_version:
 125                BUG("unknown protocol version");
 126        }
 127
 128        return version;
 129}
 130
 131static void parse_one_symref_info(struct string_list *symref, const char *val, int len)
 132{
 133        char *sym, *target;
 134        struct string_list_item *item;
 135
 136        if (!len)
 137                return; /* just "symref" */
 138        /* e.g. "symref=HEAD:refs/heads/master" */
 139        sym = xmemdupz(val, len);
 140        target = strchr(sym, ':');
 141        if (!target)
 142                /* just "symref=something" */
 143                goto reject;
 144        *(target++) = '\0';
 145        if (check_refname_format(sym, REFNAME_ALLOW_ONELEVEL) ||
 146            check_refname_format(target, REFNAME_ALLOW_ONELEVEL))
 147                /* "symref=bogus:pair */
 148                goto reject;
 149        item = string_list_append_nodup(symref, sym);
 150        item->util = target;
 151        return;
 152reject:
 153        free(sym);
 154        return;
 155}
 156
 157static void annotate_refs_with_symref_info(struct ref *ref)
 158{
 159        struct string_list symref = STRING_LIST_INIT_DUP;
 160        const char *feature_list = server_capabilities_v1;
 161
 162        while (feature_list) {
 163                int len;
 164                const char *val;
 165
 166                val = parse_feature_value(feature_list, "symref", &len);
 167                if (!val)
 168                        break;
 169                parse_one_symref_info(&symref, val, len);
 170                feature_list = val + 1;
 171        }
 172        string_list_sort(&symref);
 173
 174        for (; ref; ref = ref->next) {
 175                struct string_list_item *item;
 176                item = string_list_lookup(&symref, ref->name);
 177                if (!item)
 178                        continue;
 179                ref->symref = xstrdup((char *)item->util);
 180        }
 181        string_list_clear(&symref, 0);
 182}
 183
 184static void process_capabilities(const char *line, int *len)
 185{
 186        int nul_location = strlen(line);
 187        if (nul_location == *len)
 188                return;
 189        server_capabilities_v1 = xstrdup(line + nul_location + 1);
 190        *len = nul_location;
 191}
 192
 193static int process_dummy_ref(const char *line)
 194{
 195        struct object_id oid;
 196        const char *name;
 197
 198        if (parse_oid_hex(line, &oid, &name))
 199                return 0;
 200        if (*name != ' ')
 201                return 0;
 202        name++;
 203
 204        return !oidcmp(&null_oid, &oid) && !strcmp(name, "capabilities^{}");
 205}
 206
 207static void check_no_capabilities(const char *line, int len)
 208{
 209        if (strlen(line) != len)
 210                warning("Ignoring capabilities after first line '%s'",
 211                        line + strlen(line));
 212}
 213
 214static int process_ref(const char *line, int len, struct ref ***list,
 215                       unsigned int flags, struct oid_array *extra_have)
 216{
 217        struct object_id old_oid;
 218        const char *name;
 219
 220        if (parse_oid_hex(line, &old_oid, &name))
 221                return 0;
 222        if (*name != ' ')
 223                return 0;
 224        name++;
 225
 226        if (extra_have && !strcmp(name, ".have")) {
 227                oid_array_append(extra_have, &old_oid);
 228        } else if (!strcmp(name, "capabilities^{}")) {
 229                die("protocol error: unexpected capabilities^{}");
 230        } else if (check_ref(name, flags)) {
 231                struct ref *ref = alloc_ref(name);
 232                oidcpy(&ref->old_oid, &old_oid);
 233                **list = ref;
 234                *list = &ref->next;
 235        }
 236        check_no_capabilities(line, len);
 237        return 1;
 238}
 239
 240static int process_shallow(const char *line, int len,
 241                           struct oid_array *shallow_points)
 242{
 243        const char *arg;
 244        struct object_id old_oid;
 245
 246        if (!skip_prefix(line, "shallow ", &arg))
 247                return 0;
 248
 249        if (get_oid_hex(arg, &old_oid))
 250                die("protocol error: expected shallow sha-1, got '%s'", arg);
 251        if (!shallow_points)
 252                die("repository on the other end cannot be shallow");
 253        oid_array_append(shallow_points, &old_oid);
 254        check_no_capabilities(line, len);
 255        return 1;
 256}
 257
 258enum get_remote_heads_state {
 259        EXPECTING_FIRST_REF = 0,
 260        EXPECTING_REF,
 261        EXPECTING_SHALLOW,
 262        EXPECTING_DONE,
 263};
 264
 265/*
 266 * Read all the refs from the other end
 267 */
 268struct ref **get_remote_heads(struct packet_reader *reader,
 269                              struct ref **list, unsigned int flags,
 270                              struct oid_array *extra_have,
 271                              struct oid_array *shallow_points)
 272{
 273        struct ref **orig_list = list;
 274        int len = 0;
 275        enum get_remote_heads_state state = EXPECTING_FIRST_REF;
 276        const char *arg;
 277
 278        *list = NULL;
 279
 280        while (state != EXPECTING_DONE) {
 281                switch (packet_reader_read(reader)) {
 282                case PACKET_READ_EOF:
 283                        die_initial_contact(1);
 284                case PACKET_READ_NORMAL:
 285                        len = reader->pktlen;
 286                        if (len > 4 && skip_prefix(reader->line, "ERR ", &arg))
 287                                die("remote error: %s", arg);
 288                        break;
 289                case PACKET_READ_FLUSH:
 290                        state = EXPECTING_DONE;
 291                        break;
 292                case PACKET_READ_DELIM:
 293                        die("invalid packet");
 294                }
 295
 296                switch (state) {
 297                case EXPECTING_FIRST_REF:
 298                        process_capabilities(reader->line, &len);
 299                        if (process_dummy_ref(reader->line)) {
 300                                state = EXPECTING_SHALLOW;
 301                                break;
 302                        }
 303                        state = EXPECTING_REF;
 304                        /* fallthrough */
 305                case EXPECTING_REF:
 306                        if (process_ref(reader->line, len, &list, flags, extra_have))
 307                                break;
 308                        state = EXPECTING_SHALLOW;
 309                        /* fallthrough */
 310                case EXPECTING_SHALLOW:
 311                        if (process_shallow(reader->line, len, shallow_points))
 312                                break;
 313                        die("protocol error: unexpected '%s'", reader->line);
 314                case EXPECTING_DONE:
 315                        break;
 316                }
 317        }
 318
 319        annotate_refs_with_symref_info(*orig_list);
 320
 321        return list;
 322}
 323
 324/* Returns 1 when a valid ref has been added to `list`, 0 otherwise */
 325static int process_ref_v2(const char *line, struct ref ***list)
 326{
 327        int ret = 1;
 328        int i = 0;
 329        struct object_id old_oid;
 330        struct ref *ref;
 331        struct string_list line_sections = STRING_LIST_INIT_DUP;
 332        const char *end;
 333
 334        /*
 335         * Ref lines have a number of fields which are space deliminated.  The
 336         * first field is the OID of the ref.  The second field is the ref
 337         * name.  Subsequent fields (symref-target and peeled) are optional and
 338         * don't have a particular order.
 339         */
 340        if (string_list_split(&line_sections, line, ' ', -1) < 2) {
 341                ret = 0;
 342                goto out;
 343        }
 344
 345        if (parse_oid_hex(line_sections.items[i++].string, &old_oid, &end) ||
 346            *end) {
 347                ret = 0;
 348                goto out;
 349        }
 350
 351        ref = alloc_ref(line_sections.items[i++].string);
 352
 353        oidcpy(&ref->old_oid, &old_oid);
 354        **list = ref;
 355        *list = &ref->next;
 356
 357        for (; i < line_sections.nr; i++) {
 358                const char *arg = line_sections.items[i].string;
 359                if (skip_prefix(arg, "symref-target:", &arg))
 360                        ref->symref = xstrdup(arg);
 361
 362                if (skip_prefix(arg, "peeled:", &arg)) {
 363                        struct object_id peeled_oid;
 364                        char *peeled_name;
 365                        struct ref *peeled;
 366                        if (parse_oid_hex(arg, &peeled_oid, &end) || *end) {
 367                                ret = 0;
 368                                goto out;
 369                        }
 370
 371                        peeled_name = xstrfmt("%s^{}", ref->name);
 372                        peeled = alloc_ref(peeled_name);
 373
 374                        oidcpy(&peeled->old_oid, &peeled_oid);
 375                        **list = peeled;
 376                        *list = &peeled->next;
 377
 378                        free(peeled_name);
 379                }
 380        }
 381
 382out:
 383        string_list_clear(&line_sections, 0);
 384        return ret;
 385}
 386
 387struct ref **get_remote_refs(int fd_out, struct packet_reader *reader,
 388                             struct ref **list, int for_push,
 389                             const struct argv_array *ref_prefixes)
 390{
 391        int i;
 392        *list = NULL;
 393
 394        if (server_supports_v2("ls-refs", 1))
 395                packet_write_fmt(fd_out, "command=ls-refs\n");
 396
 397        if (server_supports_v2("agent", 0))
 398                packet_write_fmt(fd_out, "agent=%s", git_user_agent_sanitized());
 399
 400        packet_delim(fd_out);
 401        /* When pushing we don't want to request the peeled tags */
 402        if (!for_push)
 403                packet_write_fmt(fd_out, "peel\n");
 404        packet_write_fmt(fd_out, "symrefs\n");
 405        for (i = 0; ref_prefixes && i < ref_prefixes->argc; i++) {
 406                packet_write_fmt(fd_out, "ref-prefix %s\n",
 407                                 ref_prefixes->argv[i]);
 408        }
 409        packet_flush(fd_out);
 410
 411        /* Process response from server */
 412        while (packet_reader_read(reader) == PACKET_READ_NORMAL) {
 413                if (!process_ref_v2(reader->line, &list))
 414                        die("invalid ls-refs response: %s", reader->line);
 415        }
 416
 417        if (reader->status != PACKET_READ_FLUSH)
 418                die("expected flush after ref listing");
 419
 420        return list;
 421}
 422
 423static const char *parse_feature_value(const char *feature_list, const char *feature, int *lenp)
 424{
 425        int len;
 426
 427        if (!feature_list)
 428                return NULL;
 429
 430        len = strlen(feature);
 431        while (*feature_list) {
 432                const char *found = strstr(feature_list, feature);
 433                if (!found)
 434                        return NULL;
 435                if (feature_list == found || isspace(found[-1])) {
 436                        const char *value = found + len;
 437                        /* feature with no value (e.g., "thin-pack") */
 438                        if (!*value || isspace(*value)) {
 439                                if (lenp)
 440                                        *lenp = 0;
 441                                return value;
 442                        }
 443                        /* feature with a value (e.g., "agent=git/1.2.3") */
 444                        else if (*value == '=') {
 445                                value++;
 446                                if (lenp)
 447                                        *lenp = strcspn(value, " \t\n");
 448                                return value;
 449                        }
 450                        /*
 451                         * otherwise we matched a substring of another feature;
 452                         * keep looking
 453                         */
 454                }
 455                feature_list = found + 1;
 456        }
 457        return NULL;
 458}
 459
 460int parse_feature_request(const char *feature_list, const char *feature)
 461{
 462        return !!parse_feature_value(feature_list, feature, NULL);
 463}
 464
 465const char *server_feature_value(const char *feature, int *len)
 466{
 467        return parse_feature_value(server_capabilities_v1, feature, len);
 468}
 469
 470int server_supports(const char *feature)
 471{
 472        return !!server_feature_value(feature, NULL);
 473}
 474
 475enum protocol {
 476        PROTO_LOCAL = 1,
 477        PROTO_FILE,
 478        PROTO_SSH,
 479        PROTO_GIT
 480};
 481
 482int url_is_local_not_ssh(const char *url)
 483{
 484        const char *colon = strchr(url, ':');
 485        const char *slash = strchr(url, '/');
 486        return !colon || (slash && slash < colon) ||
 487                has_dos_drive_prefix(url);
 488}
 489
 490static const char *prot_name(enum protocol protocol)
 491{
 492        switch (protocol) {
 493                case PROTO_LOCAL:
 494                case PROTO_FILE:
 495                        return "file";
 496                case PROTO_SSH:
 497                        return "ssh";
 498                case PROTO_GIT:
 499                        return "git";
 500                default:
 501                        return "unknown protocol";
 502        }
 503}
 504
 505static enum protocol get_protocol(const char *name)
 506{
 507        if (!strcmp(name, "ssh"))
 508                return PROTO_SSH;
 509        if (!strcmp(name, "git"))
 510                return PROTO_GIT;
 511        if (!strcmp(name, "git+ssh")) /* deprecated - do not use */
 512                return PROTO_SSH;
 513        if (!strcmp(name, "ssh+git")) /* deprecated - do not use */
 514                return PROTO_SSH;
 515        if (!strcmp(name, "file"))
 516                return PROTO_FILE;
 517        die("I don't handle protocol '%s'", name);
 518}
 519
 520static char *host_end(char **hoststart, int removebrackets)
 521{
 522        char *host = *hoststart;
 523        char *end;
 524        char *start = strstr(host, "@[");
 525        if (start)
 526                start++; /* Jump over '@' */
 527        else
 528                start = host;
 529        if (start[0] == '[') {
 530                end = strchr(start + 1, ']');
 531                if (end) {
 532                        if (removebrackets) {
 533                                *end = 0;
 534                                memmove(start, start + 1, end - start);
 535                                end++;
 536                        }
 537                } else
 538                        end = host;
 539        } else
 540                end = host;
 541        return end;
 542}
 543
 544#define STR_(s) # s
 545#define STR(s)  STR_(s)
 546
 547static void get_host_and_port(char **host, const char **port)
 548{
 549        char *colon, *end;
 550        end = host_end(host, 1);
 551        colon = strchr(end, ':');
 552        if (colon) {
 553                long portnr = strtol(colon + 1, &end, 10);
 554                if (end != colon + 1 && *end == '\0' && 0 <= portnr && portnr < 65536) {
 555                        *colon = 0;
 556                        *port = colon + 1;
 557                } else if (!colon[1]) {
 558                        *colon = 0;
 559                }
 560        }
 561}
 562
 563static void enable_keepalive(int sockfd)
 564{
 565        int ka = 1;
 566
 567        if (setsockopt(sockfd, SOL_SOCKET, SO_KEEPALIVE, &ka, sizeof(ka)) < 0)
 568                fprintf(stderr, "unable to set SO_KEEPALIVE on socket: %s\n",
 569                        strerror(errno));
 570}
 571
 572#ifndef NO_IPV6
 573
 574static const char *ai_name(const struct addrinfo *ai)
 575{
 576        static char addr[NI_MAXHOST];
 577        if (getnameinfo(ai->ai_addr, ai->ai_addrlen, addr, sizeof(addr), NULL, 0,
 578                        NI_NUMERICHOST) != 0)
 579                xsnprintf(addr, sizeof(addr), "(unknown)");
 580
 581        return addr;
 582}
 583
 584/*
 585 * Returns a connected socket() fd, or else die()s.
 586 */
 587static int git_tcp_connect_sock(char *host, int flags)
 588{
 589        struct strbuf error_message = STRBUF_INIT;
 590        int sockfd = -1;
 591        const char *port = STR(DEFAULT_GIT_PORT);
 592        struct addrinfo hints, *ai0, *ai;
 593        int gai;
 594        int cnt = 0;
 595
 596        get_host_and_port(&host, &port);
 597        if (!*port)
 598                port = "<none>";
 599
 600        memset(&hints, 0, sizeof(hints));
 601        if (flags & CONNECT_IPV4)
 602                hints.ai_family = AF_INET;
 603        else if (flags & CONNECT_IPV6)
 604                hints.ai_family = AF_INET6;
 605        hints.ai_socktype = SOCK_STREAM;
 606        hints.ai_protocol = IPPROTO_TCP;
 607
 608        if (flags & CONNECT_VERBOSE)
 609                fprintf(stderr, "Looking up %s ... ", host);
 610
 611        gai = getaddrinfo(host, port, &hints, &ai);
 612        if (gai)
 613                die("Unable to look up %s (port %s) (%s)", host, port, gai_strerror(gai));
 614
 615        if (flags & CONNECT_VERBOSE)
 616                fprintf(stderr, "done.\nConnecting to %s (port %s) ... ", host, port);
 617
 618        for (ai0 = ai; ai; ai = ai->ai_next, cnt++) {
 619                sockfd = socket(ai->ai_family,
 620                                ai->ai_socktype, ai->ai_protocol);
 621                if ((sockfd < 0) ||
 622                    (connect(sockfd, ai->ai_addr, ai->ai_addrlen) < 0)) {
 623                        strbuf_addf(&error_message, "%s[%d: %s]: errno=%s\n",
 624                                    host, cnt, ai_name(ai), strerror(errno));
 625                        if (0 <= sockfd)
 626                                close(sockfd);
 627                        sockfd = -1;
 628                        continue;
 629                }
 630                if (flags & CONNECT_VERBOSE)
 631                        fprintf(stderr, "%s ", ai_name(ai));
 632                break;
 633        }
 634
 635        freeaddrinfo(ai0);
 636
 637        if (sockfd < 0)
 638                die("unable to connect to %s:\n%s", host, error_message.buf);
 639
 640        enable_keepalive(sockfd);
 641
 642        if (flags & CONNECT_VERBOSE)
 643                fprintf(stderr, "done.\n");
 644
 645        strbuf_release(&error_message);
 646
 647        return sockfd;
 648}
 649
 650#else /* NO_IPV6 */
 651
 652/*
 653 * Returns a connected socket() fd, or else die()s.
 654 */
 655static int git_tcp_connect_sock(char *host, int flags)
 656{
 657        struct strbuf error_message = STRBUF_INIT;
 658        int sockfd = -1;
 659        const char *port = STR(DEFAULT_GIT_PORT);
 660        char *ep;
 661        struct hostent *he;
 662        struct sockaddr_in sa;
 663        char **ap;
 664        unsigned int nport;
 665        int cnt;
 666
 667        get_host_and_port(&host, &port);
 668
 669        if (flags & CONNECT_VERBOSE)
 670                fprintf(stderr, "Looking up %s ... ", host);
 671
 672        he = gethostbyname(host);
 673        if (!he)
 674                die("Unable to look up %s (%s)", host, hstrerror(h_errno));
 675        nport = strtoul(port, &ep, 10);
 676        if ( ep == port || *ep ) {
 677                /* Not numeric */
 678                struct servent *se = getservbyname(port,"tcp");
 679                if ( !se )
 680                        die("Unknown port %s", port);
 681                nport = se->s_port;
 682        }
 683
 684        if (flags & CONNECT_VERBOSE)
 685                fprintf(stderr, "done.\nConnecting to %s (port %s) ... ", host, port);
 686
 687        for (cnt = 0, ap = he->h_addr_list; *ap; ap++, cnt++) {
 688                memset(&sa, 0, sizeof sa);
 689                sa.sin_family = he->h_addrtype;
 690                sa.sin_port = htons(nport);
 691                memcpy(&sa.sin_addr, *ap, he->h_length);
 692
 693                sockfd = socket(he->h_addrtype, SOCK_STREAM, 0);
 694                if ((sockfd < 0) ||
 695                    connect(sockfd, (struct sockaddr *)&sa, sizeof sa) < 0) {
 696                        strbuf_addf(&error_message, "%s[%d: %s]: errno=%s\n",
 697                                host,
 698                                cnt,
 699                                inet_ntoa(*(struct in_addr *)&sa.sin_addr),
 700                                strerror(errno));
 701                        if (0 <= sockfd)
 702                                close(sockfd);
 703                        sockfd = -1;
 704                        continue;
 705                }
 706                if (flags & CONNECT_VERBOSE)
 707                        fprintf(stderr, "%s ",
 708                                inet_ntoa(*(struct in_addr *)&sa.sin_addr));
 709                break;
 710        }
 711
 712        if (sockfd < 0)
 713                die("unable to connect to %s:\n%s", host, error_message.buf);
 714
 715        enable_keepalive(sockfd);
 716
 717        if (flags & CONNECT_VERBOSE)
 718                fprintf(stderr, "done.\n");
 719
 720        return sockfd;
 721}
 722
 723#endif /* NO_IPV6 */
 724
 725
 726/*
 727 * Dummy child_process returned by git_connect() if the transport protocol
 728 * does not need fork(2).
 729 */
 730static struct child_process no_fork = CHILD_PROCESS_INIT;
 731
 732int git_connection_is_socket(struct child_process *conn)
 733{
 734        return conn == &no_fork;
 735}
 736
 737static struct child_process *git_tcp_connect(int fd[2], char *host, int flags)
 738{
 739        int sockfd = git_tcp_connect_sock(host, flags);
 740
 741        fd[0] = sockfd;
 742        fd[1] = dup(sockfd);
 743
 744        return &no_fork;
 745}
 746
 747
 748static char *git_proxy_command;
 749
 750static int git_proxy_command_options(const char *var, const char *value,
 751                void *cb)
 752{
 753        if (!strcmp(var, "core.gitproxy")) {
 754                const char *for_pos;
 755                int matchlen = -1;
 756                int hostlen;
 757                const char *rhost_name = cb;
 758                int rhost_len = strlen(rhost_name);
 759
 760                if (git_proxy_command)
 761                        return 0;
 762                if (!value)
 763                        return config_error_nonbool(var);
 764                /* [core]
 765                 * ;# matches www.kernel.org as well
 766                 * gitproxy = netcatter-1 for kernel.org
 767                 * gitproxy = netcatter-2 for sample.xz
 768                 * gitproxy = netcatter-default
 769                 */
 770                for_pos = strstr(value, " for ");
 771                if (!for_pos)
 772                        /* matches everybody */
 773                        matchlen = strlen(value);
 774                else {
 775                        hostlen = strlen(for_pos + 5);
 776                        if (rhost_len < hostlen)
 777                                matchlen = -1;
 778                        else if (!strncmp(for_pos + 5,
 779                                          rhost_name + rhost_len - hostlen,
 780                                          hostlen) &&
 781                                 ((rhost_len == hostlen) ||
 782                                  rhost_name[rhost_len - hostlen -1] == '.'))
 783                                matchlen = for_pos - value;
 784                        else
 785                                matchlen = -1;
 786                }
 787                if (0 <= matchlen) {
 788                        /* core.gitproxy = none for kernel.org */
 789                        if (matchlen == 4 &&
 790                            !memcmp(value, "none", 4))
 791                                matchlen = 0;
 792                        git_proxy_command = xmemdupz(value, matchlen);
 793                }
 794                return 0;
 795        }
 796
 797        return git_default_config(var, value, cb);
 798}
 799
 800static int git_use_proxy(const char *host)
 801{
 802        git_proxy_command = getenv("GIT_PROXY_COMMAND");
 803        git_config(git_proxy_command_options, (void*)host);
 804        return (git_proxy_command && *git_proxy_command);
 805}
 806
 807static struct child_process *git_proxy_connect(int fd[2], char *host)
 808{
 809        const char *port = STR(DEFAULT_GIT_PORT);
 810        struct child_process *proxy;
 811
 812        get_host_and_port(&host, &port);
 813
 814        if (looks_like_command_line_option(host))
 815                die("strange hostname '%s' blocked", host);
 816        if (looks_like_command_line_option(port))
 817                die("strange port '%s' blocked", port);
 818
 819        proxy = xmalloc(sizeof(*proxy));
 820        child_process_init(proxy);
 821        argv_array_push(&proxy->args, git_proxy_command);
 822        argv_array_push(&proxy->args, host);
 823        argv_array_push(&proxy->args, port);
 824        proxy->in = -1;
 825        proxy->out = -1;
 826        if (start_command(proxy))
 827                die("cannot start proxy %s", git_proxy_command);
 828        fd[0] = proxy->out; /* read from proxy stdout */
 829        fd[1] = proxy->in;  /* write to proxy stdin */
 830        return proxy;
 831}
 832
 833static char *get_port(char *host)
 834{
 835        char *end;
 836        char *p = strchr(host, ':');
 837
 838        if (p) {
 839                long port = strtol(p + 1, &end, 10);
 840                if (end != p + 1 && *end == '\0' && 0 <= port && port < 65536) {
 841                        *p = '\0';
 842                        return p+1;
 843                }
 844        }
 845
 846        return NULL;
 847}
 848
 849/*
 850 * Extract protocol and relevant parts from the specified connection URL.
 851 * The caller must free() the returned strings.
 852 */
 853static enum protocol parse_connect_url(const char *url_orig, char **ret_host,
 854                                       char **ret_path)
 855{
 856        char *url;
 857        char *host, *path;
 858        char *end;
 859        int separator = '/';
 860        enum protocol protocol = PROTO_LOCAL;
 861
 862        if (is_url(url_orig))
 863                url = url_decode(url_orig);
 864        else
 865                url = xstrdup(url_orig);
 866
 867        host = strstr(url, "://");
 868        if (host) {
 869                *host = '\0';
 870                protocol = get_protocol(url);
 871                host += 3;
 872        } else {
 873                host = url;
 874                if (!url_is_local_not_ssh(url)) {
 875                        protocol = PROTO_SSH;
 876                        separator = ':';
 877                }
 878        }
 879
 880        /*
 881         * Don't do destructive transforms as protocol code does
 882         * '[]' unwrapping in get_host_and_port()
 883         */
 884        end = host_end(&host, 0);
 885
 886        if (protocol == PROTO_LOCAL)
 887                path = end;
 888        else if (protocol == PROTO_FILE && has_dos_drive_prefix(end))
 889                path = end; /* "file://$(pwd)" may be "file://C:/projects/repo" */
 890        else
 891                path = strchr(end, separator);
 892
 893        if (!path || !*path)
 894                die("No path specified. See 'man git-pull' for valid url syntax");
 895
 896        /*
 897         * null-terminate hostname and point path to ~ for URL's like this:
 898         *    ssh://host.xz/~user/repo
 899         */
 900
 901        end = path; /* Need to \0 terminate host here */
 902        if (separator == ':')
 903                path++; /* path starts after ':' */
 904        if (protocol == PROTO_GIT || protocol == PROTO_SSH) {
 905                if (path[1] == '~')
 906                        path++;
 907        }
 908
 909        path = xstrdup(path);
 910        *end = '\0';
 911
 912        *ret_host = xstrdup(host);
 913        *ret_path = path;
 914        free(url);
 915        return protocol;
 916}
 917
 918static const char *get_ssh_command(void)
 919{
 920        const char *ssh;
 921
 922        if ((ssh = getenv("GIT_SSH_COMMAND")))
 923                return ssh;
 924
 925        if (!git_config_get_string_const("core.sshcommand", &ssh))
 926                return ssh;
 927
 928        return NULL;
 929}
 930
 931enum ssh_variant {
 932        VARIANT_AUTO,
 933        VARIANT_SIMPLE,
 934        VARIANT_SSH,
 935        VARIANT_PLINK,
 936        VARIANT_PUTTY,
 937        VARIANT_TORTOISEPLINK,
 938};
 939
 940static void override_ssh_variant(enum ssh_variant *ssh_variant)
 941{
 942        const char *variant = getenv("GIT_SSH_VARIANT");
 943
 944        if (!variant && git_config_get_string_const("ssh.variant", &variant))
 945                return;
 946
 947        if (!strcmp(variant, "auto"))
 948                *ssh_variant = VARIANT_AUTO;
 949        else if (!strcmp(variant, "plink"))
 950                *ssh_variant = VARIANT_PLINK;
 951        else if (!strcmp(variant, "putty"))
 952                *ssh_variant = VARIANT_PUTTY;
 953        else if (!strcmp(variant, "tortoiseplink"))
 954                *ssh_variant = VARIANT_TORTOISEPLINK;
 955        else if (!strcmp(variant, "simple"))
 956                *ssh_variant = VARIANT_SIMPLE;
 957        else
 958                *ssh_variant = VARIANT_SSH;
 959}
 960
 961static enum ssh_variant determine_ssh_variant(const char *ssh_command,
 962                                              int is_cmdline)
 963{
 964        enum ssh_variant ssh_variant = VARIANT_AUTO;
 965        const char *variant;
 966        char *p = NULL;
 967
 968        override_ssh_variant(&ssh_variant);
 969
 970        if (ssh_variant != VARIANT_AUTO)
 971                return ssh_variant;
 972
 973        if (!is_cmdline) {
 974                p = xstrdup(ssh_command);
 975                variant = basename(p);
 976        } else {
 977                const char **ssh_argv;
 978
 979                p = xstrdup(ssh_command);
 980                if (split_cmdline(p, &ssh_argv) > 0) {
 981                        variant = basename((char *)ssh_argv[0]);
 982                        /*
 983                         * At this point, variant points into the buffer
 984                         * referenced by p, hence we do not need ssh_argv
 985                         * any longer.
 986                         */
 987                        free(ssh_argv);
 988                } else {
 989                        free(p);
 990                        return ssh_variant;
 991                }
 992        }
 993
 994        if (!strcasecmp(variant, "ssh") ||
 995            !strcasecmp(variant, "ssh.exe"))
 996                ssh_variant = VARIANT_SSH;
 997        else if (!strcasecmp(variant, "plink") ||
 998                 !strcasecmp(variant, "plink.exe"))
 999                ssh_variant = VARIANT_PLINK;
1000        else if (!strcasecmp(variant, "tortoiseplink") ||
1001                 !strcasecmp(variant, "tortoiseplink.exe"))
1002                ssh_variant = VARIANT_TORTOISEPLINK;
1003
1004        free(p);
1005        return ssh_variant;
1006}
1007
1008/*
1009 * Open a connection using Git's native protocol.
1010 *
1011 * The caller is responsible for freeing hostandport, but this function may
1012 * modify it (for example, to truncate it to remove the port part).
1013 */
1014static struct child_process *git_connect_git(int fd[2], char *hostandport,
1015                                             const char *path, const char *prog,
1016                                             int flags)
1017{
1018        struct child_process *conn;
1019        struct strbuf request = STRBUF_INIT;
1020        /*
1021         * Set up virtual host information based on where we will
1022         * connect, unless the user has overridden us in
1023         * the environment.
1024         */
1025        char *target_host = getenv("GIT_OVERRIDE_VIRTUAL_HOST");
1026        if (target_host)
1027                target_host = xstrdup(target_host);
1028        else
1029                target_host = xstrdup(hostandport);
1030
1031        transport_check_allowed("git");
1032
1033        /*
1034         * These underlying connection commands die() if they
1035         * cannot connect.
1036         */
1037        if (git_use_proxy(hostandport))
1038                conn = git_proxy_connect(fd, hostandport);
1039        else
1040                conn = git_tcp_connect(fd, hostandport, flags);
1041        /*
1042         * Separate original protocol components prog and path
1043         * from extended host header with a NUL byte.
1044         *
1045         * Note: Do not add any other headers here!  Doing so
1046         * will cause older git-daemon servers to crash.
1047         */
1048        strbuf_addf(&request,
1049                    "%s %s%chost=%s%c",
1050                    prog, path, 0,
1051                    target_host, 0);
1052
1053        /* If using a new version put that stuff here after a second null byte */
1054        if (get_protocol_version_config() > 0) {
1055                strbuf_addch(&request, '\0');
1056                strbuf_addf(&request, "version=%d%c",
1057                            get_protocol_version_config(), '\0');
1058        }
1059
1060        packet_write(fd[1], request.buf, request.len);
1061
1062        free(target_host);
1063        strbuf_release(&request);
1064        return conn;
1065}
1066
1067/*
1068 * Append the appropriate environment variables to `env` and options to
1069 * `args` for running ssh in Git's SSH-tunneled transport.
1070 */
1071static void push_ssh_options(struct argv_array *args, struct argv_array *env,
1072                             enum ssh_variant variant, const char *port,
1073                             int flags)
1074{
1075        if (variant == VARIANT_SSH &&
1076            get_protocol_version_config() > 0) {
1077                argv_array_push(args, "-o");
1078                argv_array_push(args, "SendEnv=" GIT_PROTOCOL_ENVIRONMENT);
1079                argv_array_pushf(env, GIT_PROTOCOL_ENVIRONMENT "=version=%d",
1080                                 get_protocol_version_config());
1081        }
1082
1083        if (flags & CONNECT_IPV4) {
1084                switch (variant) {
1085                case VARIANT_AUTO:
1086                        BUG("VARIANT_AUTO passed to push_ssh_options");
1087                case VARIANT_SIMPLE:
1088                        die("ssh variant 'simple' does not support -4");
1089                case VARIANT_SSH:
1090                case VARIANT_PLINK:
1091                case VARIANT_PUTTY:
1092                case VARIANT_TORTOISEPLINK:
1093                        argv_array_push(args, "-4");
1094                }
1095        } else if (flags & CONNECT_IPV6) {
1096                switch (variant) {
1097                case VARIANT_AUTO:
1098                        BUG("VARIANT_AUTO passed to push_ssh_options");
1099                case VARIANT_SIMPLE:
1100                        die("ssh variant 'simple' does not support -6");
1101                case VARIANT_SSH:
1102                case VARIANT_PLINK:
1103                case VARIANT_PUTTY:
1104                case VARIANT_TORTOISEPLINK:
1105                        argv_array_push(args, "-6");
1106                }
1107        }
1108
1109        if (variant == VARIANT_TORTOISEPLINK)
1110                argv_array_push(args, "-batch");
1111
1112        if (port) {
1113                switch (variant) {
1114                case VARIANT_AUTO:
1115                        BUG("VARIANT_AUTO passed to push_ssh_options");
1116                case VARIANT_SIMPLE:
1117                        die("ssh variant 'simple' does not support setting port");
1118                case VARIANT_SSH:
1119                        argv_array_push(args, "-p");
1120                        break;
1121                case VARIANT_PLINK:
1122                case VARIANT_PUTTY:
1123                case VARIANT_TORTOISEPLINK:
1124                        argv_array_push(args, "-P");
1125                }
1126
1127                argv_array_push(args, port);
1128        }
1129}
1130
1131/* Prepare a child_process for use by Git's SSH-tunneled transport. */
1132static void fill_ssh_args(struct child_process *conn, const char *ssh_host,
1133                          const char *port, int flags)
1134{
1135        const char *ssh;
1136        enum ssh_variant variant;
1137
1138        if (looks_like_command_line_option(ssh_host))
1139                die("strange hostname '%s' blocked", ssh_host);
1140
1141        ssh = get_ssh_command();
1142        if (ssh) {
1143                variant = determine_ssh_variant(ssh, 1);
1144        } else {
1145                /*
1146                 * GIT_SSH is the no-shell version of
1147                 * GIT_SSH_COMMAND (and must remain so for
1148                 * historical compatibility).
1149                 */
1150                conn->use_shell = 0;
1151
1152                ssh = getenv("GIT_SSH");
1153                if (!ssh)
1154                        ssh = "ssh";
1155                variant = determine_ssh_variant(ssh, 0);
1156        }
1157
1158        if (variant == VARIANT_AUTO) {
1159                struct child_process detect = CHILD_PROCESS_INIT;
1160
1161                detect.use_shell = conn->use_shell;
1162                detect.no_stdin = detect.no_stdout = detect.no_stderr = 1;
1163
1164                argv_array_push(&detect.args, ssh);
1165                argv_array_push(&detect.args, "-G");
1166                push_ssh_options(&detect.args, &detect.env_array,
1167                                 VARIANT_SSH, port, flags);
1168                argv_array_push(&detect.args, ssh_host);
1169
1170                variant = run_command(&detect) ? VARIANT_SIMPLE : VARIANT_SSH;
1171        }
1172
1173        argv_array_push(&conn->args, ssh);
1174        push_ssh_options(&conn->args, &conn->env_array, variant, port, flags);
1175        argv_array_push(&conn->args, ssh_host);
1176}
1177
1178/*
1179 * This returns the dummy child_process `no_fork` if the transport protocol
1180 * does not need fork(2), or a struct child_process object if it does.  Once
1181 * done, finish the connection with finish_connect() with the value returned
1182 * from this function (it is safe to call finish_connect() with NULL to
1183 * support the former case).
1184 *
1185 * If it returns, the connect is successful; it just dies on errors (this
1186 * will hopefully be changed in a libification effort, to return NULL when
1187 * the connection failed).
1188 */
1189struct child_process *git_connect(int fd[2], const char *url,
1190                                  const char *prog, int flags)
1191{
1192        char *hostandport, *path;
1193        struct child_process *conn;
1194        enum protocol protocol;
1195
1196        /* Without this we cannot rely on waitpid() to tell
1197         * what happened to our children.
1198         */
1199        signal(SIGCHLD, SIG_DFL);
1200
1201        protocol = parse_connect_url(url, &hostandport, &path);
1202        if ((flags & CONNECT_DIAG_URL) && (protocol != PROTO_SSH)) {
1203                printf("Diag: url=%s\n", url ? url : "NULL");
1204                printf("Diag: protocol=%s\n", prot_name(protocol));
1205                printf("Diag: hostandport=%s\n", hostandport ? hostandport : "NULL");
1206                printf("Diag: path=%s\n", path ? path : "NULL");
1207                conn = NULL;
1208        } else if (protocol == PROTO_GIT) {
1209                conn = git_connect_git(fd, hostandport, path, prog, flags);
1210        } else {
1211                struct strbuf cmd = STRBUF_INIT;
1212                const char *const *var;
1213
1214                conn = xmalloc(sizeof(*conn));
1215                child_process_init(conn);
1216
1217                if (looks_like_command_line_option(path))
1218                        die("strange pathname '%s' blocked", path);
1219
1220                strbuf_addstr(&cmd, prog);
1221                strbuf_addch(&cmd, ' ');
1222                sq_quote_buf(&cmd, path);
1223
1224                /* remove repo-local variables from the environment */
1225                for (var = local_repo_env; *var; var++)
1226                        argv_array_push(&conn->env_array, *var);
1227
1228                conn->use_shell = 1;
1229                conn->in = conn->out = -1;
1230                if (protocol == PROTO_SSH) {
1231                        char *ssh_host = hostandport;
1232                        const char *port = NULL;
1233                        transport_check_allowed("ssh");
1234                        get_host_and_port(&ssh_host, &port);
1235
1236                        if (!port)
1237                                port = get_port(ssh_host);
1238
1239                        if (flags & CONNECT_DIAG_URL) {
1240                                printf("Diag: url=%s\n", url ? url : "NULL");
1241                                printf("Diag: protocol=%s\n", prot_name(protocol));
1242                                printf("Diag: userandhost=%s\n", ssh_host ? ssh_host : "NULL");
1243                                printf("Diag: port=%s\n", port ? port : "NONE");
1244                                printf("Diag: path=%s\n", path ? path : "NULL");
1245
1246                                free(hostandport);
1247                                free(path);
1248                                free(conn);
1249                                strbuf_release(&cmd);
1250                                return NULL;
1251                        }
1252                        fill_ssh_args(conn, ssh_host, port, flags);
1253                } else {
1254                        transport_check_allowed("file");
1255                        if (get_protocol_version_config() > 0) {
1256                                argv_array_pushf(&conn->env_array, GIT_PROTOCOL_ENVIRONMENT "=version=%d",
1257                                                 get_protocol_version_config());
1258                        }
1259                }
1260                argv_array_push(&conn->args, cmd.buf);
1261
1262                if (start_command(conn))
1263                        die("unable to fork");
1264
1265                fd[0] = conn->out; /* read from child's stdout */
1266                fd[1] = conn->in;  /* write to child's stdin */
1267                strbuf_release(&cmd);
1268        }
1269        free(hostandport);
1270        free(path);
1271        return conn;
1272}
1273
1274int finish_connect(struct child_process *conn)
1275{
1276        int code;
1277        if (!conn || git_connection_is_socket(conn))
1278                return 0;
1279
1280        code = finish_command(conn);
1281        free(conn);
1282        return code;
1283}