1#include "builtin.h"
2#include "lockfile.h"
3#include "pack.h"
4#include "refs.h"
5#include "pkt-line.h"
6#include "sideband.h"
7#include "run-command.h"
8#include "exec_cmd.h"
9#include "commit.h"
10#include "object.h"
11#include "remote.h"
12#include "connect.h"
13#include "transport.h"
14#include "string-list.h"
15#include "sha1-array.h"
16#include "connected.h"
17#include "argv-array.h"
18#include "version.h"
19#include "tag.h"
20#include "gpg-interface.h"
21#include "sigchain.h"
22#include "fsck.h"
23static const char receive_pack_usage[] = "git receive-pack <git-dir>";
25enum deny_action {
27 DENY_UNCONFIGURED,
28 DENY_IGNORE,
29 DENY_WARN,
30 DENY_REFUSE,
31 DENY_UPDATE_INSTEAD
32};
33static int deny_deletes;
35static int deny_non_fast_forwards;
36static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
37static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
38static int receive_fsck_objects = -1;
39static int transfer_fsck_objects = -1;
40static struct strbuf fsck_msg_types = STRBUF_INIT;
41static int receive_unpack_limit = -1;
42static int transfer_unpack_limit = -1;
43static int advertise_atomic_push = 1;
44static int unpack_limit = 100;
45static int report_status;
46static int use_sideband;
47static int use_atomic;
48static int quiet;
49static int prefer_ofs_delta = 1;
50static int auto_update_server_info;
51static int auto_gc = 1;
52static int fix_thin = 1;
53static int stateless_rpc;
54static const char *service_dir;
55static const char *head_name;
56static void *head_name_to_free;
57static int sent_capabilities;
58static int shallow_update;
59static const char *alt_shallow_file;
60static struct strbuf push_cert = STRBUF_INIT;
61static unsigned char push_cert_sha1[20];
62static struct signature_check sigcheck;
63static const char *push_cert_nonce;
64static const char *cert_nonce_seed;
65static const char *NONCE_UNSOLICITED = "UNSOLICITED";
67static const char *NONCE_BAD = "BAD";
68static const char *NONCE_MISSING = "MISSING";
69static const char *NONCE_OK = "OK";
70static const char *NONCE_SLOP = "SLOP";
71static const char *nonce_status;
72static long nonce_stamp_slop;
73static unsigned long nonce_stamp_slop_limit;
74static struct ref_transaction *transaction;
75static enum deny_action parse_deny_action(const char *var, const char *value)
77{
78 if (value) {
79 if (!strcasecmp(value, "ignore"))
80 return DENY_IGNORE;
81 if (!strcasecmp(value, "warn"))
82 return DENY_WARN;
83 if (!strcasecmp(value, "refuse"))
84 return DENY_REFUSE;
85 if (!strcasecmp(value, "updateinstead"))
86 return DENY_UPDATE_INSTEAD;
87 }
88 if (git_config_bool(var, value))
89 return DENY_REFUSE;
90 return DENY_IGNORE;
91}
92static int receive_pack_config(const char *var, const char *value, void *cb)
94{
95 int status = parse_hide_refs_config(var, value, "receive");
96 if (status)
98 return status;
99 if (strcmp(var, "receive.denydeletes") == 0) {
101 deny_deletes = git_config_bool(var, value);
102 return 0;
103 }
104 if (strcmp(var, "receive.denynonfastforwards") == 0) {
106 deny_non_fast_forwards = git_config_bool(var, value);
107 return 0;
108 }
109 if (strcmp(var, "receive.unpacklimit") == 0) {
111 receive_unpack_limit = git_config_int(var, value);
112 return 0;
113 }
114 if (strcmp(var, "transfer.unpacklimit") == 0) {
116 transfer_unpack_limit = git_config_int(var, value);
117 return 0;
118 }
119 if (strcmp(var, "receive.fsck.skiplist") == 0) {
121 const char *path;
122 if (git_config_pathname(&path, var, value))
124 return 1;
125 strbuf_addf(&fsck_msg_types, "%cskiplist=%s",
126 fsck_msg_types.len ? ',' : '=', path);
127 free((char *)path);
128 return 0;
129 }
130 if (skip_prefix(var, "receive.fsck.", &var)) {
132 if (is_valid_msg_type(var, value))
133 strbuf_addf(&fsck_msg_types, "%c%s=%s",
134 fsck_msg_types.len ? ',' : '=', var, value);
135 else
136 warning("Skipping unknown msg id '%s'", var);
137 return 0;
138 }
139 if (strcmp(var, "receive.fsckobjects") == 0) {
141 receive_fsck_objects = git_config_bool(var, value);
142 return 0;
143 }
144 if (strcmp(var, "transfer.fsckobjects") == 0) {
146 transfer_fsck_objects = git_config_bool(var, value);
147 return 0;
148 }
149 if (!strcmp(var, "receive.denycurrentbranch")) {
151 deny_current_branch = parse_deny_action(var, value);
152 return 0;
153 }
154 if (strcmp(var, "receive.denydeletecurrent") == 0) {
156 deny_delete_current = parse_deny_action(var, value);
157 return 0;
158 }
159 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
161 prefer_ofs_delta = git_config_bool(var, value);
162 return 0;
163 }
164 if (strcmp(var, "receive.updateserverinfo") == 0) {
166 auto_update_server_info = git_config_bool(var, value);
167 return 0;
168 }
169 if (strcmp(var, "receive.autogc") == 0) {
171 auto_gc = git_config_bool(var, value);
172 return 0;
173 }
174 if (strcmp(var, "receive.shallowupdate") == 0) {
176 shallow_update = git_config_bool(var, value);
177 return 0;
178 }
179 if (strcmp(var, "receive.certnonceseed") == 0)
181 return git_config_string(&cert_nonce_seed, var, value);
182 if (strcmp(var, "receive.certnonceslop") == 0) {
184 nonce_stamp_slop_limit = git_config_ulong(var, value);
185 return 0;
186 }
187 if (strcmp(var, "receive.advertiseatomic") == 0) {
189 advertise_atomic_push = git_config_bool(var, value);
190 return 0;
191 }
192 return git_default_config(var, value, cb);
194}
195static void show_ref(const char *path, const unsigned char *sha1)
197{
198 if (sent_capabilities) {
199 packet_write(1, "%s %s\n", sha1_to_hex(sha1), path);
200 } else {
201 struct strbuf cap = STRBUF_INIT;
202 strbuf_addstr(&cap,
204 "report-status delete-refs side-band-64k quiet");
205 if (advertise_atomic_push)
206 strbuf_addstr(&cap, " atomic");
207 if (prefer_ofs_delta)
208 strbuf_addstr(&cap, " ofs-delta");
209 if (push_cert_nonce)
210 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
211 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
212 packet_write(1, "%s %s%c%s\n",
213 sha1_to_hex(sha1), path, 0, cap.buf);
214 strbuf_release(&cap);
215 sent_capabilities = 1;
216 }
217}
218static int show_ref_cb(const char *path_full, const struct object_id *oid,
220 int flag, void *unused)
221{
222 const char *path = strip_namespace(path_full);
223 if (ref_is_hidden(path, path_full))
225 return 0;
226 /*
228 * Advertise refs outside our current namespace as ".have"
229 * refs, so that the client can use them to minimize data
230 * transfer but will otherwise ignore them. This happens to
231 * cover ".have" that are thrown in by add_one_alternate_ref()
232 * to mark histories that are complete in our alternates as
233 * well.
234 */
235 if (!path)
236 path = ".have";
237 show_ref(path, oid->hash);
238 return 0;
239}
240static void show_one_alternate_sha1(const unsigned char sha1[20], void *unused)
242{
243 show_ref(".have", sha1);
244}
245static void collect_one_alternate_ref(const struct ref *ref, void *data)
247{
248 struct sha1_array *sa = data;
249 sha1_array_append(sa, ref->old_oid.hash);
250}
251static void write_head_info(void)
253{
254 struct sha1_array sa = SHA1_ARRAY_INIT;
255 for_each_alternate_ref(collect_one_alternate_ref, &sa);
257 sha1_array_for_each_unique(&sa, show_one_alternate_sha1, NULL);
258 sha1_array_clear(&sa);
259 for_each_ref(show_ref_cb, NULL);
260 if (!sent_capabilities)
261 show_ref("capabilities^{}", null_sha1);
262 advertise_shallow_grafts(1);
264 /* EOF */
266 packet_flush(1);
267}
268struct command {
270 struct command *next;
271 const char *error_string;
272 unsigned int skip_update:1,
273 did_not_exist:1;
274 int index;
275 unsigned char old_sha1[20];
276 unsigned char new_sha1[20];
277 char ref_name[FLEX_ARRAY]; /* more */
278};
279static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
281static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
282static void report_message(const char *prefix, const char *err, va_list params)
284{
285 int sz;
286 char msg[4096];
287 sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
289 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
290 if (sz > (sizeof(msg) - 1))
291 sz = sizeof(msg) - 1;
292 msg[sz++] = '\n';
293 if (use_sideband)
295 send_sideband(1, 2, msg, sz, use_sideband);
296 else
297 xwrite(2, msg, sz);
298}
299static void rp_warning(const char *err, ...)
301{
302 va_list params;
303 va_start(params, err);
304 report_message("warning: ", err, params);
305 va_end(params);
306}
307static void rp_error(const char *err, ...)
309{
310 va_list params;
311 va_start(params, err);
312 report_message("error: ", err, params);
313 va_end(params);
314}
315static int copy_to_sideband(int in, int out, void *arg)
317{
318 char data[128];
319 while (1) {
320 ssize_t sz = xread(in, data, sizeof(data));
321 if (sz <= 0)
322 break;
323 send_sideband(1, 2, data, sz, use_sideband);
324 }
325 close(in);
326 return 0;
327}
328#define HMAC_BLOCK_SIZE 64
330static void hmac_sha1(unsigned char *out,
332 const char *key_in, size_t key_len,
333 const char *text, size_t text_len)
334{
335 unsigned char key[HMAC_BLOCK_SIZE];
336 unsigned char k_ipad[HMAC_BLOCK_SIZE];
337 unsigned char k_opad[HMAC_BLOCK_SIZE];
338 int i;
339 git_SHA_CTX ctx;
340 /* RFC 2104 2. (1) */
342 memset(key, '\0', HMAC_BLOCK_SIZE);
343 if (HMAC_BLOCK_SIZE < key_len) {
344 git_SHA1_Init(&ctx);
345 git_SHA1_Update(&ctx, key_in, key_len);
346 git_SHA1_Final(key, &ctx);
347 } else {
348 memcpy(key, key_in, key_len);
349 }
350 /* RFC 2104 2. (2) & (5) */
352 for (i = 0; i < sizeof(key); i++) {
353 k_ipad[i] = key[i] ^ 0x36;
354 k_opad[i] = key[i] ^ 0x5c;
355 }
356 /* RFC 2104 2. (3) & (4) */
358 git_SHA1_Init(&ctx);
359 git_SHA1_Update(&ctx, k_ipad, sizeof(k_ipad));
360 git_SHA1_Update(&ctx, text, text_len);
361 git_SHA1_Final(out, &ctx);
362 /* RFC 2104 2. (6) & (7) */
364 git_SHA1_Init(&ctx);
365 git_SHA1_Update(&ctx, k_opad, sizeof(k_opad));
366 git_SHA1_Update(&ctx, out, 20);
367 git_SHA1_Final(out, &ctx);
368}
369static char *prepare_push_cert_nonce(const char *path, unsigned long stamp)
371{
372 struct strbuf buf = STRBUF_INIT;
373 unsigned char sha1[20];
374 strbuf_addf(&buf, "%s:%lu", path, stamp);
376 hmac_sha1(sha1, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));;
377 strbuf_release(&buf);
378 /* RFC 2104 5. HMAC-SHA1-80 */
380 strbuf_addf(&buf, "%lu-%.*s", stamp, 20, sha1_to_hex(sha1));
381 return strbuf_detach(&buf, NULL);
382}
383/*
385 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
386 * after dropping "_commit" from its name and possibly moving it out
387 * of commit.c
388 */
389static char *find_header(const char *msg, size_t len, const char *key)
390{
391 int key_len = strlen(key);
392 const char *line = msg;
393 while (line && line < msg + len) {
395 const char *eol = strchrnul(line, '\n');
396 if ((msg + len <= eol) || line == eol)
398 return NULL;
399 if (line + key_len < eol &&
400 !memcmp(line, key, key_len) && line[key_len] == ' ') {
401 int offset = key_len + 1;
402 return xmemdupz(line + offset, (eol - line) - offset);
403 }
404 line = *eol ? eol + 1 : NULL;
405 }
406 return NULL;
407}
408static const char *check_nonce(const char *buf, size_t len)
410{
411 char *nonce = find_header(buf, len, "nonce");
412 unsigned long stamp, ostamp;
413 char *bohmac, *expect = NULL;
414 const char *retval = NONCE_BAD;
415 if (!nonce) {
417 retval = NONCE_MISSING;
418 goto leave;
419 } else if (!push_cert_nonce) {
420 retval = NONCE_UNSOLICITED;
421 goto leave;
422 } else if (!strcmp(push_cert_nonce, nonce)) {
423 retval = NONCE_OK;
424 goto leave;
425 }
426 if (!stateless_rpc) {
428 /* returned nonce MUST match what we gave out earlier */
429 retval = NONCE_BAD;
430 goto leave;
431 }
432 /*
434 * In stateless mode, we may be receiving a nonce issued by
435 * another instance of the server that serving the same
436 * repository, and the timestamps may not match, but the
437 * nonce-seed and dir should match, so we can recompute and
438 * report the time slop.
439 *
440 * In addition, when a nonce issued by another instance has
441 * timestamp within receive.certnonceslop seconds, we pretend
442 * as if we issued that nonce when reporting to the hook.
443 */
444 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
446 if (*nonce <= '0' || '9' < *nonce) {
447 retval = NONCE_BAD;
448 goto leave;
449 }
450 stamp = strtoul(nonce, &bohmac, 10);
451 if (bohmac == nonce || bohmac[0] != '-') {
452 retval = NONCE_BAD;
453 goto leave;
454 }
455 expect = prepare_push_cert_nonce(service_dir, stamp);
457 if (strcmp(expect, nonce)) {
458 /* Not what we would have signed earlier */
459 retval = NONCE_BAD;
460 goto leave;
461 }
462 /*
464 * By how many seconds is this nonce stale? Negative value
465 * would mean it was issued by another server with its clock
466 * skewed in the future.
467 */
468 ostamp = strtoul(push_cert_nonce, NULL, 10);
469 nonce_stamp_slop = (long)ostamp - (long)stamp;
470 if (nonce_stamp_slop_limit &&
472 labs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
473 /*
474 * Pretend as if the received nonce (which passes the
475 * HMAC check, so it is not a forged by third-party)
476 * is what we issued.
477 */
478 free((void *)push_cert_nonce);
479 push_cert_nonce = xstrdup(nonce);
480 retval = NONCE_OK;
481 } else {
482 retval = NONCE_SLOP;
483 }
484leave:
486 free(nonce);
487 free(expect);
488 return retval;
489}
490static void prepare_push_cert_sha1(struct child_process *proc)
492{
493 static int already_done;
494 if (!push_cert.len)
496 return;
497 if (!already_done) {
499 struct strbuf gpg_output = STRBUF_INIT;
500 struct strbuf gpg_status = STRBUF_INIT;
501 int bogs /* beginning_of_gpg_sig */;
502 already_done = 1;
504 if (write_sha1_file(push_cert.buf, push_cert.len, "blob", push_cert_sha1))
505 hashclr(push_cert_sha1);
506 memset(&sigcheck, '\0', sizeof(sigcheck));
508 sigcheck.result = 'N';
509 bogs = parse_signature(push_cert.buf, push_cert.len);
511 if (verify_signed_buffer(push_cert.buf, bogs,
512 push_cert.buf + bogs, push_cert.len - bogs,
513 &gpg_output, &gpg_status) < 0) {
514 ; /* error running gpg */
515 } else {
516 sigcheck.payload = push_cert.buf;
517 sigcheck.gpg_output = gpg_output.buf;
518 sigcheck.gpg_status = gpg_status.buf;
519 parse_gpg_output(&sigcheck);
520 }
521 strbuf_release(&gpg_output);
523 strbuf_release(&gpg_status);
524 nonce_status = check_nonce(push_cert.buf, bogs);
525 }
526 if (!is_null_sha1(push_cert_sha1)) {
527 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT=%s",
528 sha1_to_hex(push_cert_sha1));
529 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_SIGNER=%s",
530 sigcheck.signer ? sigcheck.signer : "");
531 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_KEY=%s",
532 sigcheck.key ? sigcheck.key : "");
533 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_STATUS=%c",
534 sigcheck.result);
535 if (push_cert_nonce) {
536 argv_array_pushf(&proc->env_array,
537 "GIT_PUSH_CERT_NONCE=%s",
538 push_cert_nonce);
539 argv_array_pushf(&proc->env_array,
540 "GIT_PUSH_CERT_NONCE_STATUS=%s",
541 nonce_status);
542 if (nonce_status == NONCE_SLOP)
543 argv_array_pushf(&proc->env_array,
544 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
545 nonce_stamp_slop);
546 }
547 }
548}
549typedef int (*feed_fn)(void *, const char **, size_t *);
551static int run_and_feed_hook(const char *hook_name, feed_fn feed, void *feed_state)
552{
553 struct child_process proc = CHILD_PROCESS_INIT;
554 struct async muxer;
555 const char *argv[2];
556 int code;
557 argv[0] = find_hook(hook_name);
559 if (!argv[0])
560 return 0;
561 argv[1] = NULL;
563 proc.argv = argv;
565 proc.in = -1;
566 proc.stdout_to_stderr = 1;
567 if (use_sideband) {
569 memset(&muxer, 0, sizeof(muxer));
570 muxer.proc = copy_to_sideband;
571 muxer.in = -1;
572 code = start_async(&muxer);
573 if (code)
574 return code;
575 proc.err = muxer.in;
576 }
577 prepare_push_cert_sha1(&proc);
579 code = start_command(&proc);
581 if (code) {
582 if (use_sideband)
583 finish_async(&muxer);
584 return code;
585 }
586 sigchain_push(SIGPIPE, SIG_IGN);
588 while (1) {
590 const char *buf;
591 size_t n;
592 if (feed(feed_state, &buf, &n))
593 break;
594 if (write_in_full(proc.in, buf, n) != n)
595 break;
596 }
597 close(proc.in);
598 if (use_sideband)
599 finish_async(&muxer);
600 sigchain_pop(SIGPIPE);
602 return finish_command(&proc);
604}
605struct receive_hook_feed_state {
607 struct command *cmd;
608 int skip_broken;
609 struct strbuf buf;
610};
611static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
613{
614 struct receive_hook_feed_state *state = state_;
615 struct command *cmd = state->cmd;
616 while (cmd &&
618 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
619 cmd = cmd->next;
620 if (!cmd)
621 return -1; /* EOF */
622 strbuf_reset(&state->buf);
623 strbuf_addf(&state->buf, "%s %s %s\n",
624 sha1_to_hex(cmd->old_sha1), sha1_to_hex(cmd->new_sha1),
625 cmd->ref_name);
626 state->cmd = cmd->next;
627 if (bufp) {
628 *bufp = state->buf.buf;
629 *sizep = state->buf.len;
630 }
631 return 0;
632}
633static int run_receive_hook(struct command *commands, const char *hook_name,
635 int skip_broken)
636{
637 struct receive_hook_feed_state state;
638 int status;
639 strbuf_init(&state.buf, 0);
641 state.cmd = commands;
642 state.skip_broken = skip_broken;
643 if (feed_receive_hook(&state, NULL, NULL))
644 return 0;
645 state.cmd = commands;
646 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
647 strbuf_release(&state.buf);
648 return status;
649}
650static int run_update_hook(struct command *cmd)
652{
653 const char *argv[5];
654 struct child_process proc = CHILD_PROCESS_INIT;
655 int code;
656 argv[0] = find_hook("update");
658 if (!argv[0])
659 return 0;
660 argv[1] = cmd->ref_name;
662 argv[2] = sha1_to_hex(cmd->old_sha1);
663 argv[3] = sha1_to_hex(cmd->new_sha1);
664 argv[4] = NULL;
665 proc.no_stdin = 1;
667 proc.stdout_to_stderr = 1;
668 proc.err = use_sideband ? -1 : 0;
669 proc.argv = argv;
670 code = start_command(&proc);
672 if (code)
673 return code;
674 if (use_sideband)
675 copy_to_sideband(proc.err, -1, NULL);
676 return finish_command(&proc);
677}
678static int is_ref_checked_out(const char *ref)
680{
681 if (is_bare_repository())
682 return 0;
683 if (!head_name)
685 return 0;
686 return !strcmp(head_name, ref);
687}
688static char *refuse_unconfigured_deny_msg[] = {
690 "By default, updating the current branch in a non-bare repository",
691 "is denied, because it will make the index and work tree inconsistent",
692 "with what you pushed, and will require 'git reset --hard' to match",
693 "the work tree to HEAD.",
694 "",
695 "You can set 'receive.denyCurrentBranch' configuration variable to",
696 "'ignore' or 'warn' in the remote repository to allow pushing into",
697 "its current branch; however, this is not recommended unless you",
698 "arranged to update its work tree to match what you pushed in some",
699 "other way.",
700 "",
701 "To squelch this message and still keep the default behaviour, set",
702 "'receive.denyCurrentBranch' configuration variable to 'refuse'."
703};
704static void refuse_unconfigured_deny(void)
706{
707 int i;
708 for (i = 0; i < ARRAY_SIZE(refuse_unconfigured_deny_msg); i++)
709 rp_error("%s", refuse_unconfigured_deny_msg[i]);
710}
711static char *refuse_unconfigured_deny_delete_current_msg[] = {
713 "By default, deleting the current branch is denied, because the next",
714 "'git clone' won't result in any file checked out, causing confusion.",
715 "",
716 "You can set 'receive.denyDeleteCurrent' configuration variable to",
717 "'warn' or 'ignore' in the remote repository to allow deleting the",
718 "current branch, with or without a warning message.",
719 "",
720 "To squelch this message, you can set it to 'refuse'."
721};
722static void refuse_unconfigured_deny_delete_current(void)
724{
725 int i;
726 for (i = 0;
727 i < ARRAY_SIZE(refuse_unconfigured_deny_delete_current_msg);
728 i++)
729 rp_error("%s", refuse_unconfigured_deny_delete_current_msg[i]);
730}
731static int command_singleton_iterator(void *cb_data, unsigned char sha1[20]);
733static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
734{
735 static struct lock_file shallow_lock;
736 struct sha1_array extra = SHA1_ARRAY_INIT;
737 const char *alt_file;
738 uint32_t mask = 1 << (cmd->index % 32);
739 int i;
740 trace_printf_key(&trace_shallow,
742 "shallow: update_shallow_ref %s\n", cmd->ref_name);
743 for (i = 0; i < si->shallow->nr; i++)
744 if (si->used_shallow[i] &&
745 (si->used_shallow[i][cmd->index / 32] & mask) &&
746 !delayed_reachability_test(si, i))
747 sha1_array_append(&extra, si->shallow->sha1[i]);
748 setup_alternate_shallow(&shallow_lock, &alt_file, &extra);
750 if (check_shallow_connected(command_singleton_iterator,
751 0, cmd, alt_file)) {
752 rollback_lock_file(&shallow_lock);
753 sha1_array_clear(&extra);
754 return -1;
755 }
756 commit_lock_file(&shallow_lock);
758 /*
760 * Make sure setup_alternate_shallow() for the next ref does
761 * not lose these new roots..
762 */
763 for (i = 0; i < extra.nr; i++)
764 register_shallow(extra.sha1[i]);
765 si->shallow_ref[cmd->index] = 0;
767 sha1_array_clear(&extra);
768 return 0;
769}
770/*
772 * NEEDSWORK: we should consolidate various implementions of "are we
773 * on an unborn branch?" test into one, and make the unified one more
774 * robust. !get_sha1() based check used here and elsewhere would not
775 * allow us to tell an unborn branch from corrupt ref, for example.
776 * For the purpose of fixing "deploy-to-update does not work when
777 * pushing into an empty repository" issue, this should suffice for
778 * now.
779 */
780static int head_has_history(void)
781{
782 unsigned char sha1[20];
783 return !get_sha1("HEAD", sha1);
785}
786static const char *push_to_deploy(unsigned char *sha1,
788 struct argv_array *env,
789 const char *work_tree)
790{
791 const char *update_refresh[] = {
792 "update-index", "-q", "--ignore-submodules", "--refresh", NULL
793 };
794 const char *diff_files[] = {
795 "diff-files", "--quiet", "--ignore-submodules", "--", NULL
796 };
797 const char *diff_index[] = {
798 "diff-index", "--quiet", "--cached", "--ignore-submodules",
799 NULL, "--", NULL
800 };
801 const char *read_tree[] = {
802 "read-tree", "-u", "-m", NULL, NULL
803 };
804 struct child_process child = CHILD_PROCESS_INIT;
805 child.argv = update_refresh;
807 child.env = env->argv;
808 child.dir = work_tree;
809 child.no_stdin = 1;
810 child.stdout_to_stderr = 1;
811 child.git_cmd = 1;
812 if (run_command(&child))
813 return "Up-to-date check failed";
814 /* run_command() does not clean up completely; reinitialize */
816 child_process_init(&child);
817 child.argv = diff_files;
818 child.env = env->argv;
819 child.dir = work_tree;
820 child.no_stdin = 1;
821 child.stdout_to_stderr = 1;
822 child.git_cmd = 1;
823 if (run_command(&child))
824 return "Working directory has unstaged changes";
825 /* diff-index with either HEAD or an empty tree */
827 diff_index[4] = head_has_history() ? "HEAD" : EMPTY_TREE_SHA1_HEX;
828 child_process_init(&child);
830 child.argv = diff_index;
831 child.env = env->argv;
832 child.no_stdin = 1;
833 child.no_stdout = 1;
834 child.stdout_to_stderr = 0;
835 child.git_cmd = 1;
836 if (run_command(&child))
837 return "Working directory has staged changes";
838 read_tree[3] = sha1_to_hex(sha1);
840 child_process_init(&child);
841 child.argv = read_tree;
842 child.env = env->argv;
843 child.dir = work_tree;
844 child.no_stdin = 1;
845 child.no_stdout = 1;
846 child.stdout_to_stderr = 0;
847 child.git_cmd = 1;
848 if (run_command(&child))
849 return "Could not update working tree to new HEAD";
850 return NULL;
852}
853static const char *push_to_checkout_hook = "push-to-checkout";
855static const char *push_to_checkout(unsigned char *sha1,
857 struct argv_array *env,
858 const char *work_tree)
859{
860 argv_array_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
861 if (run_hook_le(env->argv, push_to_checkout_hook,
862 sha1_to_hex(sha1), NULL))
863 return "push-to-checkout hook declined";
864 else
865 return NULL;
866}
867static const char *update_worktree(unsigned char *sha1)
869{
870 const char *retval;
871 const char *work_tree = git_work_tree_cfg ? git_work_tree_cfg : "..";
872 struct argv_array env = ARGV_ARRAY_INIT;
873 if (is_bare_repository())
875 return "denyCurrentBranch = updateInstead needs a worktree";
876 argv_array_pushf(&env, "GIT_DIR=%s", absolute_path(get_git_dir()));
878 if (!find_hook(push_to_checkout_hook))
880 retval = push_to_deploy(sha1, &env, work_tree);
881 else
882 retval = push_to_checkout(sha1, &env, work_tree);
883 argv_array_clear(&env);
885 return retval;
886}
887static const char *update(struct command *cmd, struct shallow_info *si)
889{
890 const char *name = cmd->ref_name;
891 struct strbuf namespaced_name_buf = STRBUF_INIT;
892 const char *namespaced_name, *ret;
893 unsigned char *old_sha1 = cmd->old_sha1;
894 unsigned char *new_sha1 = cmd->new_sha1;
895 /* only refs/... are allowed */
897 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
898 rp_error("refusing to create funny ref '%s' remotely", name);
899 return "funny refname";
900 }
901 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
903 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
904 if (is_ref_checked_out(namespaced_name)) {
906 switch (deny_current_branch) {
907 case DENY_IGNORE:
908 break;
909 case DENY_WARN:
910 rp_warning("updating the current branch");
911 break;
912 case DENY_REFUSE:
913 case DENY_UNCONFIGURED:
914 rp_error("refusing to update checked out branch: %s", name);
915 if (deny_current_branch == DENY_UNCONFIGURED)
916 refuse_unconfigured_deny();
917 return "branch is currently checked out";
918 case DENY_UPDATE_INSTEAD:
919 ret = update_worktree(new_sha1);
920 if (ret)
921 return ret;
922 break;
923 }
924 }
925 if (!is_null_sha1(new_sha1) && !has_sha1_file(new_sha1)) {
927 error("unpack should have generated %s, "
928 "but I can't find it!", sha1_to_hex(new_sha1));
929 return "bad pack";
930 }
931 if (!is_null_sha1(old_sha1) && is_null_sha1(new_sha1)) {
933 if (deny_deletes && starts_with(name, "refs/heads/")) {
934 rp_error("denying ref deletion for %s", name);
935 return "deletion prohibited";
936 }
937 if (head_name && !strcmp(namespaced_name, head_name)) {
939 switch (deny_delete_current) {
940 case DENY_IGNORE:
941 break;
942 case DENY_WARN:
943 rp_warning("deleting the current branch");
944 break;
945 case DENY_REFUSE:
946 case DENY_UNCONFIGURED:
947 case DENY_UPDATE_INSTEAD:
948 if (deny_delete_current == DENY_UNCONFIGURED)
949 refuse_unconfigured_deny_delete_current();
950 rp_error("refusing to delete the current branch: %s", name);
951 return "deletion of the current branch prohibited";
952 default:
953 return "Invalid denyDeleteCurrent setting";
954 }
955 }
956 }
957 if (deny_non_fast_forwards && !is_null_sha1(new_sha1) &&
959 !is_null_sha1(old_sha1) &&
960 starts_with(name, "refs/heads/")) {
961 struct object *old_object, *new_object;
962 struct commit *old_commit, *new_commit;
963 old_object = parse_object(old_sha1);
965 new_object = parse_object(new_sha1);
966 if (!old_object || !new_object ||
968 old_object->type != OBJ_COMMIT ||
969 new_object->type != OBJ_COMMIT) {
970 error("bad sha1 objects for %s", name);
971 return "bad ref";
972 }
973 old_commit = (struct commit *)old_object;
974 new_commit = (struct commit *)new_object;
975 if (!in_merge_bases(old_commit, new_commit)) {
976 rp_error("denying non-fast-forward %s"
977 " (you should pull first)", name);
978 return "non-fast-forward";
979 }
980 }
981 if (run_update_hook(cmd)) {
982 rp_error("hook declined to update %s", name);
983 return "hook declined";
984 }
985 if (is_null_sha1(new_sha1)) {
987 struct strbuf err = STRBUF_INIT;
988 if (!parse_object(old_sha1)) {
989 old_sha1 = NULL;
990 if (ref_exists(name)) {
991 rp_warning("Allowing deletion of corrupt ref.");
992 } else {
993 rp_warning("Deleting a non-existent ref.");
994 cmd->did_not_exist = 1;
995 }
996 }
997 if (ref_transaction_delete(transaction,
998 namespaced_name,
999 old_sha1,
1000 0, "push", &err)) {
1001 rp_error("%s", err.buf);
1002 strbuf_release(&err);
1003 return "failed to delete";
1004 }
1005 strbuf_release(&err);
1006 return NULL; /* good */
1007 }
1008 else {
1009 struct strbuf err = STRBUF_INIT;
1010 if (shallow_update && si->shallow_ref[cmd->index] &&
1011 update_shallow_ref(cmd, si))
1012 return "shallow error";
1013 if (ref_transaction_update(transaction,
1015 namespaced_name,
1016 new_sha1, old_sha1,
1017 0, "push",
1018 &err)) {
1019 rp_error("%s", err.buf);
1020 strbuf_release(&err);
1021 return "failed to update ref";
1023 }
1024 strbuf_release(&err);
1025 return NULL; /* good */
1027 }
1028}
1029static void run_update_post_hook(struct command *commands)
1031{
1032 struct command *cmd;
1033 int argc;
1034 struct child_process proc = CHILD_PROCESS_INIT;
1035 const char *hook;
1036 hook = find_hook("post-update");
1038 for (argc = 0, cmd = commands; cmd; cmd = cmd->next) {
1039 if (cmd->error_string || cmd->did_not_exist)
1040 continue;
1041 argc++;
1042 }
1043 if (!argc || !hook)
1044 return;
1045 argv_array_push(&proc.args, hook);
1047 for (cmd = commands; cmd; cmd = cmd->next) {
1048 if (cmd->error_string || cmd->did_not_exist)
1049 continue;
1050 argv_array_push(&proc.args, cmd->ref_name);
1051 }
1052 proc.no_stdin = 1;
1054 proc.stdout_to_stderr = 1;
1055 proc.err = use_sideband ? -1 : 0;
1056 if (!start_command(&proc)) {
1058 if (use_sideband)
1059 copy_to_sideband(proc.err, -1, NULL);
1060 finish_command(&proc);
1061 }
1062}
1063static void check_aliased_update(struct command *cmd, struct string_list *list)
1065{
1066 struct strbuf buf = STRBUF_INIT;
1067 const char *dst_name;
1068 struct string_list_item *item;
1069 struct command *dst_cmd;
1070 unsigned char sha1[GIT_SHA1_RAWSZ];
1071 char cmd_oldh[GIT_SHA1_HEXSZ + 1],
1072 cmd_newh[GIT_SHA1_HEXSZ + 1],
1073 dst_oldh[GIT_SHA1_HEXSZ + 1],
1074 dst_newh[GIT_SHA1_HEXSZ + 1];
1075 int flag;
1076 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1078 dst_name = resolve_ref_unsafe(buf.buf, 0, sha1, &flag);
1079 strbuf_release(&buf);
1080 if (!(flag & REF_ISSYMREF))
1082 return;
1083 dst_name = strip_namespace(dst_name);
1085 if (!dst_name) {
1086 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1087 cmd->skip_update = 1;
1088 cmd->error_string = "broken symref";
1089 return;
1090 }
1091 if ((item = string_list_lookup(list, dst_name)) == NULL)
1093 return;
1094 cmd->skip_update = 1;
1096 dst_cmd = (struct command *) item->util;
1098 if (!hashcmp(cmd->old_sha1, dst_cmd->old_sha1) &&
1100 !hashcmp(cmd->new_sha1, dst_cmd->new_sha1))
1101 return;
1102 dst_cmd->skip_update = 1;
1104 find_unique_abbrev_r(cmd_oldh, cmd->old_sha1, DEFAULT_ABBREV);
1106 find_unique_abbrev_r(cmd_newh, cmd->new_sha1, DEFAULT_ABBREV);
1107 find_unique_abbrev_r(dst_oldh, dst_cmd->old_sha1, DEFAULT_ABBREV);
1108 find_unique_abbrev_r(dst_newh, dst_cmd->new_sha1, DEFAULT_ABBREV);
1109 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1110 " its target '%s' (%s..%s)",
1111 cmd->ref_name, cmd_oldh, cmd_newh,
1112 dst_cmd->ref_name, dst_oldh, dst_newh);
1113 cmd->error_string = dst_cmd->error_string =
1115 "inconsistent aliased update";
1116}
1117static void check_aliased_updates(struct command *commands)
1119{
1120 struct command *cmd;
1121 struct string_list ref_list = STRING_LIST_INIT_NODUP;
1122 for (cmd = commands; cmd; cmd = cmd->next) {
1124 struct string_list_item *item =
1125 string_list_append(&ref_list, cmd->ref_name);
1126 item->util = (void *)cmd;
1127 }
1128 string_list_sort(&ref_list);
1129 for (cmd = commands; cmd; cmd = cmd->next) {
1131 if (!cmd->error_string)
1132 check_aliased_update(cmd, &ref_list);
1133 }
1134 string_list_clear(&ref_list, 0);
1136}
1137static int command_singleton_iterator(void *cb_data, unsigned char sha1[20])
1139{
1140 struct command **cmd_list = cb_data;
1141 struct command *cmd = *cmd_list;
1142 if (!cmd || is_null_sha1(cmd->new_sha1))
1144 return -1; /* end of list */
1145 *cmd_list = NULL; /* this returns only one */
1146 hashcpy(sha1, cmd->new_sha1);
1147 return 0;
1148}
1149static void set_connectivity_errors(struct command *commands,
1151 struct shallow_info *si)
1152{
1153 struct command *cmd;
1154 for (cmd = commands; cmd; cmd = cmd->next) {
1156 struct command *singleton = cmd;
1157 if (shallow_update && si->shallow_ref[cmd->index])
1158 /* to be checked in update_shallow_ref() */
1159 continue;
1160 if (!check_everything_connected(command_singleton_iterator,
1161 0, &singleton))
1162 continue;
1163 cmd->error_string = "missing necessary objects";
1164 }
1165}
1166struct iterate_data {
1168 struct command *cmds;
1169 struct shallow_info *si;
1170};
1171static int iterate_receive_command_list(void *cb_data, unsigned char sha1[20])
1173{
1174 struct iterate_data *data = cb_data;
1175 struct command **cmd_list = &data->cmds;
1176 struct command *cmd = *cmd_list;
1177 for (; cmd; cmd = cmd->next) {
1179 if (shallow_update && data->si->shallow_ref[cmd->index])
1180 /* to be checked in update_shallow_ref() */
1181 continue;
1182 if (!is_null_sha1(cmd->new_sha1) && !cmd->skip_update) {
1183 hashcpy(sha1, cmd->new_sha1);
1184 *cmd_list = cmd->next;
1185 return 0;
1186 }
1187 }
1188 *cmd_list = NULL;
1189 return -1; /* end of list */
1190}
1191static void reject_updates_to_hidden(struct command *commands)
1193{
1194 struct strbuf refname_full = STRBUF_INIT;
1195 size_t prefix_len;
1196 struct command *cmd;
1197 strbuf_addstr(&refname_full, get_git_namespace());
1199 prefix_len = refname_full.len;
1200 for (cmd = commands; cmd; cmd = cmd->next) {
1202 if (cmd->error_string)
1203 continue;
1204 strbuf_setlen(&refname_full, prefix_len);
1206 strbuf_addstr(&refname_full, cmd->ref_name);
1207 if (!ref_is_hidden(cmd->ref_name, refname_full.buf))
1209 continue;
1210 if (is_null_sha1(cmd->new_sha1))
1211 cmd->error_string = "deny deleting a hidden ref";
1212 else
1213 cmd->error_string = "deny updating a hidden ref";
1214 }
1215 strbuf_release(&refname_full);
1217}
1218static int should_process_cmd(struct command *cmd)
1220{
1221 return !cmd->error_string && !cmd->skip_update;
1222}
1223static void warn_if_skipped_connectivity_check(struct command *commands,
1225 struct shallow_info *si)
1226{
1227 struct command *cmd;
1228 int checked_connectivity = 1;
1229 for (cmd = commands; cmd; cmd = cmd->next) {
1231 if (should_process_cmd(cmd) && si->shallow_ref[cmd->index]) {
1232 error("BUG: connectivity check has not been run on ref %s",
1233 cmd->ref_name);
1234 checked_connectivity = 0;
1235 }
1236 }
1237 if (!checked_connectivity)
1238 die("BUG: connectivity check skipped???");
1239}
1240static void execute_commands_non_atomic(struct command *commands,
1242 struct shallow_info *si)
1243{
1244 struct command *cmd;
1245 struct strbuf err = STRBUF_INIT;
1246 for (cmd = commands; cmd; cmd = cmd->next) {
1248 if (!should_process_cmd(cmd))
1249 continue;
1250 transaction = ref_transaction_begin(&err);
1252 if (!transaction) {
1253 rp_error("%s", err.buf);
1254 strbuf_reset(&err);
1255 cmd->error_string = "transaction failed to start";
1256 continue;
1257 }
1258 cmd->error_string = update(cmd, si);
1260 if (!cmd->error_string
1262 && ref_transaction_commit(transaction, &err)) {
1263 rp_error("%s", err.buf);
1264 strbuf_reset(&err);
1265 cmd->error_string = "failed to update ref";
1266 }
1267 ref_transaction_free(transaction);
1268 }
1269 strbuf_release(&err);
1270}
1271static void execute_commands_atomic(struct command *commands,
1273 struct shallow_info *si)
1274{
1275 struct command *cmd;
1276 struct strbuf err = STRBUF_INIT;
1277 const char *reported_error = "atomic push failure";
1278 transaction = ref_transaction_begin(&err);
1280 if (!transaction) {
1281 rp_error("%s", err.buf);
1282 strbuf_reset(&err);
1283 reported_error = "transaction failed to start";
1284 goto failure;
1285 }
1286 for (cmd = commands; cmd; cmd = cmd->next) {
1288 if (!should_process_cmd(cmd))
1289 continue;
1290 cmd->error_string = update(cmd, si);
1292 if (cmd->error_string)
1294 goto failure;
1295 }
1296 if (ref_transaction_commit(transaction, &err)) {
1298 rp_error("%s", err.buf);
1299 reported_error = "atomic transaction failed";
1300 goto failure;
1301 }
1302 goto cleanup;
1303failure:
1305 for (cmd = commands; cmd; cmd = cmd->next)
1306 if (!cmd->error_string)
1307 cmd->error_string = reported_error;
1308cleanup:
1310 ref_transaction_free(transaction);
1311 strbuf_release(&err);
1312}
1313static void execute_commands(struct command *commands,
1315 const char *unpacker_error,
1316 struct shallow_info *si)
1317{
1318 struct command *cmd;
1319 unsigned char sha1[20];
1320 struct iterate_data data;
1321 if (unpacker_error) {
1323 for (cmd = commands; cmd; cmd = cmd->next)
1324 cmd->error_string = "unpacker error";
1325 return;
1326 }
1327 data.cmds = commands;
1329 data.si = si;
1330 if (check_everything_connected(iterate_receive_command_list, 0, &data))
1331 set_connectivity_errors(commands, si);
1332 reject_updates_to_hidden(commands);
1334 if (run_receive_hook(commands, "pre-receive", 0)) {
1336 for (cmd = commands; cmd; cmd = cmd->next) {
1337 if (!cmd->error_string)
1338 cmd->error_string = "pre-receive hook declined";
1339 }
1340 return;
1341 }
1342 check_aliased_updates(commands);
1344 free(head_name_to_free);
1346 head_name = head_name_to_free = resolve_refdup("HEAD", 0, sha1, NULL);
1347 if (use_atomic)
1349 execute_commands_atomic(commands, si);
1350 else
1351 execute_commands_non_atomic(commands, si);
1352 if (shallow_update)
1354 warn_if_skipped_connectivity_check(commands, si);
1355}
1356static struct command **queue_command(struct command **tail,
1358 const char *line,
1359 int linelen)
1360{
1361 unsigned char old_sha1[20], new_sha1[20];
1362 struct command *cmd;
1363 const char *refname;
1364 int reflen;
1365 if (linelen < 83 ||
1367 line[40] != ' ' ||
1368 line[81] != ' ' ||
1369 get_sha1_hex(line, old_sha1) ||
1370 get_sha1_hex(line + 41, new_sha1))
1371 die("protocol error: expected old/new/ref, got '%s'", line);
1372 refname = line + 82;
1374 reflen = linelen - 82;
1375 FLEX_ALLOC_MEM(cmd, ref_name, refname, reflen);
1376 hashcpy(cmd->old_sha1, old_sha1);
1377 hashcpy(cmd->new_sha1, new_sha1);
1378 *tail = cmd;
1379 return &cmd->next;
1380}
1381static void queue_commands_from_cert(struct command **tail,
1383 struct strbuf *push_cert)
1384{
1385 const char *boc, *eoc;
1386 if (*tail)
1388 die("protocol error: got both push certificate and unsigned commands");
1389 boc = strstr(push_cert->buf, "\n\n");
1391 if (!boc)
1392 die("malformed push certificate %.*s", 100, push_cert->buf);
1393 else
1394 boc += 2;
1395 eoc = push_cert->buf + parse_signature(push_cert->buf, push_cert->len);
1396 while (boc < eoc) {
1398 const char *eol = memchr(boc, '\n', eoc - boc);
1399 tail = queue_command(tail, boc, eol ? eol - boc : eoc - eol);
1400 boc = eol ? eol + 1 : eoc;
1401 }
1402}
1403static struct command *read_head_info(struct sha1_array *shallow)
1405{
1406 struct command *commands = NULL;
1407 struct command **p = &commands;
1408 for (;;) {
1409 char *line;
1410 int len, linelen;
1411 line = packet_read_line(0, &len);
1413 if (!line)
1414 break;
1415 if (len == 48 && starts_with(line, "shallow ")) {
1417 unsigned char sha1[20];
1418 if (get_sha1_hex(line + 8, sha1))
1419 die("protocol error: expected shallow sha, got '%s'",
1420 line + 8);
1421 sha1_array_append(shallow, sha1);
1422 continue;
1423 }
1424 linelen = strlen(line);
1426 if (linelen < len) {
1427 const char *feature_list = line + linelen + 1;
1428 if (parse_feature_request(feature_list, "report-status"))
1429 report_status = 1;
1430 if (parse_feature_request(feature_list, "side-band-64k"))
1431 use_sideband = LARGE_PACKET_MAX;
1432 if (parse_feature_request(feature_list, "quiet"))
1433 quiet = 1;
1434 if (advertise_atomic_push
1435 && parse_feature_request(feature_list, "atomic"))
1436 use_atomic = 1;
1437 }
1438 if (!strcmp(line, "push-cert")) {
1440 int true_flush = 0;
1441 char certbuf[1024];
1442 for (;;) {
1444 len = packet_read(0, NULL, NULL,
1445 certbuf, sizeof(certbuf), 0);
1446 if (!len) {
1447 true_flush = 1;
1448 break;
1449 }
1450 if (!strcmp(certbuf, "push-cert-end\n"))
1451 break; /* end of cert */
1452 strbuf_addstr(&push_cert, certbuf);
1453 }
1454 if (true_flush)
1456 break;
1457 continue;
1458 }
1459 p = queue_command(p, line, linelen);
1461 }
1462 if (push_cert.len)
1464 queue_commands_from_cert(p, &push_cert);
1465 return commands;
1467}
1468static const char *parse_pack_header(struct pack_header *hdr)
1470{
1471 switch (read_pack_header(0, hdr)) {
1472 case PH_ERROR_EOF:
1473 return "eof before pack header was fully read";
1474 case PH_ERROR_PACK_SIGNATURE:
1476 return "protocol error (pack signature mismatch detected)";
1477 case PH_ERROR_PROTOCOL:
1479 return "protocol error (pack version unsupported)";
1480 default:
1482 return "unknown error in parse_pack_header";
1483 case 0:
1485 return NULL;
1486 }
1487}
1488static const char *pack_lockfile;
1490static const char *unpack(int err_fd, struct shallow_info *si)
1492{
1493 struct pack_header hdr;
1494 const char *hdr_err;
1495 int status;
1496 char hdr_arg[38];
1497 struct child_process child = CHILD_PROCESS_INIT;
1498 int fsck_objects = (receive_fsck_objects >= 0
1499 ? receive_fsck_objects
1500 : transfer_fsck_objects >= 0
1501 ? transfer_fsck_objects
1502 : 0);
1503 hdr_err = parse_pack_header(&hdr);
1505 if (hdr_err) {
1506 if (err_fd > 0)
1507 close(err_fd);
1508 return hdr_err;
1509 }
1510 snprintf(hdr_arg, sizeof(hdr_arg),
1511 "--pack_header=%"PRIu32",%"PRIu32,
1512 ntohl(hdr.hdr_version), ntohl(hdr.hdr_entries));
1513 if (si->nr_ours || si->nr_theirs) {
1515 alt_shallow_file = setup_temporary_shallow(si->shallow);
1516 argv_array_push(&child.args, "--shallow-file");
1517 argv_array_push(&child.args, alt_shallow_file);
1518 }
1519 if (ntohl(hdr.hdr_entries) < unpack_limit) {
1521 argv_array_pushl(&child.args, "unpack-objects", hdr_arg, NULL);
1522 if (quiet)
1523 argv_array_push(&child.args, "-q");
1524 if (fsck_objects)
1525 argv_array_pushf(&child.args, "--strict%s",
1526 fsck_msg_types.buf);
1527 child.no_stdout = 1;
1528 child.err = err_fd;
1529 child.git_cmd = 1;
1530 status = run_command(&child);
1531 if (status)
1532 return "unpack-objects abnormal exit";
1533 } else {
1534 char hostname[256];
1535 argv_array_pushl(&child.args, "index-pack",
1537 "--stdin", hdr_arg, NULL);
1538 if (gethostname(hostname, sizeof(hostname)))
1540 xsnprintf(hostname, sizeof(hostname), "localhost");
1541 argv_array_pushf(&child.args,
1542 "--keep=receive-pack %"PRIuMAX" on %s",
1543 (uintmax_t)getpid(),
1544 hostname);
1545 if (fsck_objects)
1547 argv_array_pushf(&child.args, "--strict%s",
1548 fsck_msg_types.buf);
1549 if (fix_thin)
1550 argv_array_push(&child.args, "--fix-thin");
1551 child.out = -1;
1552 child.err = err_fd;
1553 child.git_cmd = 1;
1554 status = start_command(&child);
1555 if (status)
1556 return "index-pack fork failed";
1557 pack_lockfile = index_pack_lockfile(child.out);
1558 close(child.out);
1559 status = finish_command(&child);
1560 if (status)
1561 return "index-pack abnormal exit";
1562 reprepare_packed_git();
1563 }
1564 return NULL;
1565}
1566static const char *unpack_with_sideband(struct shallow_info *si)
1568{
1569 struct async muxer;
1570 const char *ret;
1571 if (!use_sideband)
1573 return unpack(0, si);
1574 memset(&muxer, 0, sizeof(muxer));
1576 muxer.proc = copy_to_sideband;
1577 muxer.in = -1;
1578 if (start_async(&muxer))
1579 return NULL;
1580 ret = unpack(muxer.in, si);
1582 finish_async(&muxer);
1584 return ret;
1585}
1586static void prepare_shallow_update(struct command *commands,
1588 struct shallow_info *si)
1589{
1590 int i, j, k, bitmap_size = (si->ref->nr + 31) / 32;
1591 ALLOC_ARRAY(si->used_shallow, si->shallow->nr);
1593 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
1594 si->need_reachability_test =
1596 xcalloc(si->shallow->nr, sizeof(*si->need_reachability_test));
1597 si->reachable =
1598 xcalloc(si->shallow->nr, sizeof(*si->reachable));
1599 si->shallow_ref = xcalloc(si->ref->nr, sizeof(*si->shallow_ref));
1600 for (i = 0; i < si->nr_ours; i++)
1602 si->need_reachability_test[si->ours[i]] = 1;
1603 for (i = 0; i < si->shallow->nr; i++) {
1605 if (!si->used_shallow[i])
1606 continue;
1607 for (j = 0; j < bitmap_size; j++) {
1608 if (!si->used_shallow[i][j])
1609 continue;
1610 si->need_reachability_test[i]++;
1611 for (k = 0; k < 32; k++)
1612 if (si->used_shallow[i][j] & (1U << k))
1613 si->shallow_ref[j * 32 + k]++;
1614 }
1615 /*
1617 * true for those associated with some refs and belong
1618 * in "ours" list aka "step 7 not done yet"
1619 */
1620 si->need_reachability_test[i] =
1621 si->need_reachability_test[i] > 1;
1622 }
1623 /*
1625 * keep hooks happy by forcing a temporary shallow file via
1626 * env variable because we can't add --shallow-file to every
1627 * command. check_everything_connected() will be done with
1628 * true .git/shallow though.
1629 */
1630 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
1631}
1632static void update_shallow_info(struct command *commands,
1634 struct shallow_info *si,
1635 struct sha1_array *ref)
1636{
1637 struct command *cmd;
1638 int *ref_status;
1639 remove_nonexistent_theirs_shallow(si);
1640 if (!si->nr_ours && !si->nr_theirs) {
1641 shallow_update = 0;
1642 return;
1643 }
1644 for (cmd = commands; cmd; cmd = cmd->next) {
1646 if (is_null_sha1(cmd->new_sha1))
1647 continue;
1648 sha1_array_append(ref, cmd->new_sha1);
1649 cmd->index = ref->nr - 1;
1650 }
1651 si->ref = ref;
1652 if (shallow_update) {
1654 prepare_shallow_update(commands, si);
1655 return;
1656 }
1657 ALLOC_ARRAY(ref_status, ref->nr);
1659 assign_shallow_commits_to_refs(si, NULL, ref_status);
1660 for (cmd = commands; cmd; cmd = cmd->next) {
1661 if (is_null_sha1(cmd->new_sha1))
1662 continue;
1663 if (ref_status[cmd->index]) {
1664 cmd->error_string = "shallow update not allowed";
1665 cmd->skip_update = 1;
1666 }
1667 }
1668 free(ref_status);
1669}
1670static void report(struct command *commands, const char *unpack_status)
1672{
1673 struct command *cmd;
1674 struct strbuf buf = STRBUF_INIT;
1675 packet_buf_write(&buf, "unpack %s\n",
1677 unpack_status ? unpack_status : "ok");
1678 for (cmd = commands; cmd; cmd = cmd->next) {
1679 if (!cmd->error_string)
1680 packet_buf_write(&buf, "ok %s\n",
1681 cmd->ref_name);
1682 else
1683 packet_buf_write(&buf, "ng %s %s\n",
1684 cmd->ref_name, cmd->error_string);
1685 }
1686 packet_buf_flush(&buf);
1687 if (use_sideband)
1689 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
1690 else
1691 write_or_die(1, buf.buf, buf.len);
1692 strbuf_release(&buf);
1693}
1694static int delete_only(struct command *commands)
1696{
1697 struct command *cmd;
1698 for (cmd = commands; cmd; cmd = cmd->next) {
1699 if (!is_null_sha1(cmd->new_sha1))
1700 return 0;
1701 }
1702 return 1;
1703}
1704int cmd_receive_pack(int argc, const char **argv, const char *prefix)
1706{
1707 int advertise_refs = 0;
1708 int i;
1709 struct command *commands;
1710 struct sha1_array shallow = SHA1_ARRAY_INIT;
1711 struct sha1_array ref = SHA1_ARRAY_INIT;
1712 struct shallow_info si;
1713 packet_trace_identity("receive-pack");
1715 argv++;
1717 for (i = 1; i < argc; i++) {
1718 const char *arg = *argv++;
1719 if (*arg == '-') {
1721 if (!strcmp(arg, "--quiet")) {
1722 quiet = 1;
1723 continue;
1724 }
1725 if (!strcmp(arg, "--advertise-refs")) {
1727 advertise_refs = 1;
1728 continue;
1729 }
1730 if (!strcmp(arg, "--stateless-rpc")) {
1731 stateless_rpc = 1;
1732 continue;
1733 }
1734 if (!strcmp(arg, "--reject-thin-pack-for-testing")) {
1735 fix_thin = 0;
1736 continue;
1737 }
1738 usage(receive_pack_usage);
1740 }
1741 if (service_dir)
1742 usage(receive_pack_usage);
1743 service_dir = arg;
1744 }
1745 if (!service_dir)
1746 usage(receive_pack_usage);
1747 setup_path();
1749 if (!enter_repo(service_dir, 0))
1751 die("'%s' does not appear to be a git repository", service_dir);
1752 git_config(receive_pack_config, NULL);
1754 if (cert_nonce_seed)
1755 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
1756 if (0 <= transfer_unpack_limit)
1758 unpack_limit = transfer_unpack_limit;
1759 else if (0 <= receive_unpack_limit)
1760 unpack_limit = receive_unpack_limit;
1761 if (advertise_refs || !stateless_rpc) {
1763 write_head_info();
1764 }
1765 if (advertise_refs)
1766 return 0;
1767 if ((commands = read_head_info(&shallow)) != NULL) {
1769 const char *unpack_status = NULL;
1770 prepare_shallow_info(&si, &shallow);
1772 if (!si.nr_ours && !si.nr_theirs)
1773 shallow_update = 0;
1774 if (!delete_only(commands)) {
1775 unpack_status = unpack_with_sideband(&si);
1776 update_shallow_info(commands, &si, &ref);
1777 }
1778 execute_commands(commands, unpack_status, &si);
1779 if (pack_lockfile)
1780 unlink_or_warn(pack_lockfile);
1781 if (report_status)
1782 report(commands, unpack_status);
1783 run_receive_hook(commands, "post-receive", 1);
1784 run_update_post_hook(commands);
1785 if (auto_gc) {
1786 const char *argv_gc_auto[] = {
1787 "gc", "--auto", "--quiet", NULL,
1788 };
1789 int opt = RUN_GIT_CMD | RUN_COMMAND_STDOUT_TO_STDERR;
1790 close_all_packs();
1791 run_command_v_opt(argv_gc_auto, opt);
1792 }
1793 if (auto_update_server_info)
1794 update_server_info(0);
1795 clear_shallow_info(&si);
1796 }
1797 if (use_sideband)
1798 packet_flush(1);
1799 sha1_array_clear(&shallow);
1800 sha1_array_clear(&ref);
1801 free((void *)push_cert_nonce);
1802 return 0;
1803}