git-clone: always keep pack sent from remote (documentation).
[gitweb.git] / http-fetch.c
index dd9ea4ca17d83f3267c4d9d7fe04b5e49a19cff2..a7dc2cc3bdbcda8eee8cdadb706aba51782e68da 100644 (file)
 #define curl_global_init(a) do { /* nothing */ } while(0)
 #endif
 
+#if LIBCURL_VERSION_NUM < 0x070c04
+#define NO_CURL_EASY_DUPHANDLE
+#endif
+
 #define PREV_BUF_SIZE 4096
 #define RANGE_HEADER_SIZE 30
 
@@ -25,10 +29,13 @@ static int active_requests = 0;
 static int data_received;
 
 #ifdef USE_CURL_MULTI
-static int max_requests = DEFAULT_MAX_REQUESTS;
+static int max_requests = -1;
 static CURLM *curlm;
 #endif
+#ifndef NO_CURL_EASY_DUPHANDLE
 static CURL *curl_default;
+#endif
+static struct curl_slist *pragma_header;
 static struct curl_slist *no_pragma_header;
 static struct curl_slist *no_range_header;
 static char curl_errorstr[CURL_ERROR_SIZE];
@@ -84,11 +91,17 @@ struct active_request_slot
 static struct transfer_request *request_queue_head = NULL;
 static struct active_request_slot *active_queue_head = NULL;
 
-static int curl_ssl_verify;
-static char *ssl_cert;
-static char *ssl_key;
-static char *ssl_capath;
-static char *ssl_cainfo;
+static int curl_ssl_verify = -1;
+static char *ssl_cert = NULL;
+#if LIBCURL_VERSION_NUM >= 0x070902
+static char *ssl_key = NULL;
+#endif
+#if LIBCURL_VERSION_NUM >= 0x070908
+static char *ssl_capath = NULL;
+#endif
+static char *ssl_cainfo = NULL;
+static long curl_low_speed_limit = -1;
+static long curl_low_speed_time = -1;
 
 struct buffer
 {
@@ -97,6 +110,71 @@ struct buffer
         void *buffer;
 };
 
+static int http_options(const char *var, const char *value)
+{
+       if (!strcmp("http.sslverify", var)) {
+               if (curl_ssl_verify == -1) {
+                       curl_ssl_verify = git_config_bool(var, value);
+               }
+               return 0;
+       }
+
+       if (!strcmp("http.sslcert", var)) {
+               if (ssl_cert == NULL) {
+                       ssl_cert = xmalloc(strlen(value)+1);
+                       strcpy(ssl_cert, value);
+               }
+               return 0;
+       }
+#if LIBCURL_VERSION_NUM >= 0x070902
+       if (!strcmp("http.sslkey", var)) {
+               if (ssl_key == NULL) {
+                       ssl_key = xmalloc(strlen(value)+1);
+                       strcpy(ssl_key, value);
+               }
+               return 0;
+       }
+#endif
+#if LIBCURL_VERSION_NUM >= 0x070908
+       if (!strcmp("http.sslcapath", var)) {
+               if (ssl_capath == NULL) {
+                       ssl_capath = xmalloc(strlen(value)+1);
+                       strcpy(ssl_capath, value);
+               }
+               return 0;
+       }
+#endif
+       if (!strcmp("http.sslcainfo", var)) {
+               if (ssl_cainfo == NULL) {
+                       ssl_cainfo = xmalloc(strlen(value)+1);
+                       strcpy(ssl_cainfo, value);
+               }
+               return 0;
+       }
+
+#ifdef USE_CURL_MULTI  
+       if (!strcmp("http.maxrequests", var)) {
+               if (max_requests == -1)
+                       max_requests = git_config_int(var, value);
+               return 0;
+       }
+#endif
+
+       if (!strcmp("http.lowspeedlimit", var)) {
+               if (curl_low_speed_limit == -1)
+                       curl_low_speed_limit = (long)git_config_int(var, value);
+               return 0;
+       }
+       if (!strcmp("http.lowspeedtime", var)) {
+               if (curl_low_speed_time == -1)
+                       curl_low_speed_time = (long)git_config_int(var, value);
+               return 0;
+       }
+
+       /* Fall back on the default ones */
+       return git_default_config(var, value);
+}
+
 static size_t fwrite_buffer(void *ptr, size_t eltsize, size_t nmemb,
                             struct buffer *buffer)
 {
@@ -109,6 +187,22 @@ static size_t fwrite_buffer(void *ptr, size_t eltsize, size_t nmemb,
         return size;
 }
 
+static size_t fwrite_buffer_dynamic(const void *ptr, size_t eltsize,
+                                   size_t nmemb, struct buffer *buffer)
+{
+       size_t size = eltsize * nmemb;
+       if (size > buffer->size - buffer->posn) {
+               buffer->size = buffer->size * 3 / 2;
+               if (buffer->size < buffer->posn + size)
+                       buffer->size = buffer->posn + size;
+               buffer->buffer = xrealloc(buffer->buffer, buffer->size);
+       }
+       memcpy(buffer->buffer + buffer->posn, ptr, size);
+       buffer->posn += size;
+       data_received++;
+       return size;
+}
+
 static size_t fwrite_sha1_file(void *ptr, size_t eltsize, size_t nmemb,
                               void *data)
 {
@@ -137,31 +231,45 @@ static size_t fwrite_sha1_file(void *ptr, size_t eltsize, size_t nmemb,
        return size;
 }
 
-int relink_or_rename(char *old, char *new) {
-       int ret;
+#ifdef USE_CURL_MULTI
+static void process_curl_messages(void);
+static void process_request_queue(void);
+#endif
 
-       ret = link(old, new);
-       if (ret < 0) {
-               /* Same Coda hack as in write_sha1_file(sha1_file.c) */
-               ret = errno;
-               if (ret == EXDEV && !rename(old, new))
-                       return 0;
-       }
-       unlink(old);
-       if (ret) {
-               if (ret != EEXIST)
-                       return ret;
-       }
+static CURL* get_curl_handle(void)
+{
+       CURL* result = curl_easy_init();
 
-       return 0;
-}
+       curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, curl_ssl_verify);
+#if LIBCURL_VERSION_NUM >= 0x070907
+       curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
+#endif
 
-#ifdef USE_CURL_MULTI
-void process_curl_messages();
-void process_request_queue();
+       if (ssl_cert != NULL)
+               curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert);
+#if LIBCURL_VERSION_NUM >= 0x070902
+       if (ssl_key != NULL)
+               curl_easy_setopt(result, CURLOPT_SSLKEY, ssl_key);
 #endif
+#if LIBCURL_VERSION_NUM >= 0x070908
+       if (ssl_capath != NULL)
+               curl_easy_setopt(result, CURLOPT_CAPATH, ssl_capath);
+#endif
+       if (ssl_cainfo != NULL)
+               curl_easy_setopt(result, CURLOPT_CAINFO, ssl_cainfo);
+       curl_easy_setopt(result, CURLOPT_FAILONERROR, 1);
+
+       if (curl_low_speed_limit > 0 && curl_low_speed_time > 0) {
+               curl_easy_setopt(result, CURLOPT_LOW_SPEED_LIMIT,
+                                curl_low_speed_limit);
+               curl_easy_setopt(result, CURLOPT_LOW_SPEED_TIME,
+                                curl_low_speed_time);
+       }
+
+       return result;
+}
 
-struct active_request_slot *get_active_slot()
+static struct active_request_slot *get_active_slot(void)
 {
        struct active_request_slot *slot = active_queue_head;
        struct active_request_slot *newslot;
@@ -183,7 +291,11 @@ struct active_request_slot *get_active_slot()
        }
        if (slot == NULL) {
                newslot = xmalloc(sizeof(*newslot));
+#ifdef NO_CURL_EASY_DUPHANDLE
+               newslot->curl = get_curl_handle();
+#else
                newslot->curl = curl_easy_duphandle(curl_default);
+#endif
                newslot->in_use = 0;
                newslot->next = NULL;
 
@@ -203,14 +315,14 @@ struct active_request_slot *get_active_slot()
        slot->in_use = 1;
        slot->done = 0;
        slot->local = NULL;
-       curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, no_pragma_header);
+       curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, pragma_header);
        curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, no_range_header);
        curl_easy_setopt(slot->curl, CURLOPT_ERRORBUFFER, curl_errorstr);
 
        return slot;
 }
 
-int start_active_slot(struct active_request_slot *slot)
+static int start_active_slot(struct active_request_slot *slot)
 {
 #ifdef USE_CURL_MULTI
        CURLMcode curlm_result = curl_multi_add_handle(curlm, slot->curl);
@@ -225,7 +337,7 @@ int start_active_slot(struct active_request_slot *slot)
        return 1;
 }
 
-void run_active_slot(struct active_request_slot *slot)
+static void run_active_slot(struct active_request_slot *slot)
 {
 #ifdef USE_CURL_MULTI
        int num_transfers;
@@ -273,7 +385,7 @@ void run_active_slot(struct active_request_slot *slot)
 #endif
 }
 
-void start_request(struct transfer_request *request)
+static void start_request(struct transfer_request *request)
 {
        char *hex = sha1_to_hex(request->sha1);
        char prevfile[PATH_MAX];
@@ -294,6 +406,20 @@ void start_request(struct transfer_request *request)
 
        request->local = open(request->tmpfile,
                              O_WRONLY | O_CREAT | O_EXCL, 0666);
+       /* This could have failed due to the "lazy directory creation";
+        * try to mkdir the last path component.
+        */
+       if (request->local < 0 && errno == ENOENT) {
+               char *dir = strrchr(request->tmpfile, '/');
+               if (dir) {
+                       *dir = 0;
+                       mkdir(request->tmpfile, 0777);
+                       *dir = '/';
+               }
+               request->local = open(request->tmpfile,
+                                     O_WRONLY | O_CREAT | O_EXCL, 0666);
+       }
+
        if (request->local < 0) {
                request->state = ABORTED;
                error("Couldn't create temporary file %s for %s: %s\n",
@@ -358,6 +484,7 @@ void start_request(struct transfer_request *request)
        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION, fwrite_sha1_file);
        curl_easy_setopt(slot->curl, CURLOPT_ERRORBUFFER, request->errorstr);
        curl_easy_setopt(slot->curl, CURLOPT_URL, url);
+       curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, no_pragma_header);
 
        /* If we have successfully processed data from a previous fetch
           attempt, only fetch the data we don't already have. */
@@ -384,7 +511,7 @@ void start_request(struct transfer_request *request)
        request->state = ACTIVE;
 }
 
-void finish_request(struct transfer_request *request)
+static void finish_request(struct transfer_request *request)
 {
        fchmod(request->local, 0444);
        close(request->local);
@@ -406,13 +533,13 @@ void finish_request(struct transfer_request *request)
                return;
        }
        request->rename =
-               relink_or_rename(request->tmpfile, request->filename);
+               move_temp_to_file(request->tmpfile, request->filename);
 
        if (request->rename == 0)
                pull_say("got %s\n", sha1_to_hex(request->sha1));
 }
 
-void release_request(struct transfer_request *request)
+static void release_request(struct transfer_request *request)
 {
        struct transfer_request *entry = request_queue_head;
 
@@ -430,7 +557,7 @@ void release_request(struct transfer_request *request)
 }
 
 #ifdef USE_CURL_MULTI
-void process_curl_messages()
+void process_curl_messages(void)
 {
        int num_messages;
        struct active_request_slot *slot;
@@ -482,14 +609,17 @@ void process_curl_messages()
        }
 }
 
-void process_request_queue()
+void process_request_queue(void)
 {
        struct transfer_request *request = request_queue_head;
        int num_transfers;
 
        while (active_requests < max_requests && request != NULL) {
                if (request->state == WAITING) {
-                       start_request(request);
+                       if (has_sha1_file(request->sha1))
+                               release_request(request);
+                       else
+                               start_request(request);
                        curl_multi_perform(curlm, &num_transfers);
                }
                request = request->next;
@@ -529,15 +659,12 @@ void prefetch(unsigned char *sha1)
 #endif
 }
 
-static int got_alternates = 0;
-
 static int fetch_index(struct alt_base *repo, unsigned char *sha1)
 {
        char *hex = sha1_to_hex(sha1);
        char *filename;
        char *url;
        char tmpfile[PATH_MAX];
-       int ret;
        long prev_posn = 0;
        char range[RANGE_HEADER_SIZE];
        struct curl_slist *range_header = NULL;
@@ -565,6 +692,7 @@ static int fetch_index(struct alt_base *repo, unsigned char *sha1)
        curl_easy_setopt(slot->curl, CURLOPT_FILE, indexfile);
        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION, fwrite);
        curl_easy_setopt(slot->curl, CURLOPT_URL, url);
+       curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, no_pragma_header);
        slot->local = indexfile;
 
        /* If there is data present from a previous transfer attempt,
@@ -593,12 +721,7 @@ static int fetch_index(struct alt_base *repo, unsigned char *sha1)
 
        fclose(indexfile);
 
-       ret = relink_or_rename(tmpfile, filename);
-       if (ret)
-               return error("unable to write index filename %s: %s",
-                            filename, strerror(ret));
-
-       return 0;
+       return move_temp_to_file(tmpfile, filename);
 }
 
 static int setup_index(struct alt_base *repo, unsigned char *sha1)
@@ -625,12 +748,12 @@ static int fetch_alternates(char *base)
        int i = 0;
        int http_specific = 1;
        struct alt_base *tail = alt;
+       static const char null_byte = '\0';
 
        struct active_request_slot *slot;
-       if (got_alternates)
-               return 0;
+
        data = xmalloc(4096);
-       buffer.size = 4095;
+       buffer.size = 4096;
        buffer.posn = 0;
        buffer.buffer = data;
 
@@ -642,7 +765,8 @@ static int fetch_alternates(char *base)
 
        slot = get_active_slot();
        curl_easy_setopt(slot->curl, CURLOPT_FILE, &buffer);
-       curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION, fwrite_buffer);
+       curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
+                        fwrite_buffer_dynamic);
        curl_easy_setopt(slot->curl, CURLOPT_URL, url);
        if (start_active_slot(slot)) {
                run_active_slot(slot);
@@ -654,20 +778,24 @@ static int fetch_alternates(char *base)
                        slot = get_active_slot();
                        curl_easy_setopt(slot->curl, CURLOPT_FILE, &buffer);
                        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
-                                        fwrite_buffer);
+                                        fwrite_buffer_dynamic);
                        curl_easy_setopt(slot->curl, CURLOPT_URL, url);
                        if (start_active_slot(slot)) {
                                run_active_slot(slot);
                                if (slot->curl_result != CURLE_OK) {
+                                       free(buffer.buffer);
                                        return 0;
                                }
                        }
                }
        } else {
+               free(buffer.buffer);
                return 0;
        }
 
-       data[buffer.posn] = '\0';
+       fwrite_buffer_dynamic(&null_byte, 1, 1, &buffer);
+       buffer.posn--;
+       data = buffer.buffer;
 
        while (i < buffer.posn) {
                int posn = i;
@@ -726,8 +854,8 @@ static int fetch_alternates(char *base)
                }
                i = posn + 1;
        }
-       got_alternates = 1;
-       
+
+       free(buffer.buffer);
        return ret;
 }
 
@@ -757,17 +885,22 @@ static int fetch_indices(struct alt_base *repo)
 
        slot = get_active_slot();
        curl_easy_setopt(slot->curl, CURLOPT_FILE, &buffer);
-       curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION, fwrite_buffer);
+       curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
+                        fwrite_buffer_dynamic);
        curl_easy_setopt(slot->curl, CURLOPT_URL, url);
        curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, NULL);
        if (start_active_slot(slot)) {
                run_active_slot(slot);
-               if (slot->curl_result != CURLE_OK)
+               if (slot->curl_result != CURLE_OK) {
+                       free(buffer.buffer);
                        return error("%s", curl_errorstr);
+               }
        } else {
+               free(buffer.buffer);
                return error("Unable to start request");
        }
 
+       data = buffer.buffer;
        while (i < buffer.posn) {
                switch (data[i]) {
                case 'P':
@@ -787,6 +920,7 @@ static int fetch_indices(struct alt_base *repo)
                i++;
        }
 
+       free(buffer.buffer);
        repo->got_indices = 1;
        return 0;
 }
@@ -834,6 +968,7 @@ static int fetch_pack(struct alt_base *repo, unsigned char *sha1)
        curl_easy_setopt(slot->curl, CURLOPT_FILE, packfile);
        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION, fwrite);
        curl_easy_setopt(slot->curl, CURLOPT_URL, url);
+       curl_easy_setopt(slot->curl, CURLOPT_HTTPHEADER, no_pragma_header);
        slot->local = packfile;
 
        /* If there is data present from a previous transfer attempt,
@@ -862,10 +997,9 @@ static int fetch_pack(struct alt_base *repo, unsigned char *sha1)
 
        fclose(packfile);
 
-       ret = relink_or_rename(tmpfile, filename);
+       ret = move_temp_to_file(tmpfile, filename);
        if (ret)
-               return error("unable to write pack filename %s: %s",
-                            filename, strerror(ret));
+               return ret;
 
        lst = &repo->packs;
        while (*lst != target)
@@ -890,9 +1024,14 @@ static int fetch_object(struct alt_base *repo, unsigned char *sha1)
        if (request == NULL)
                return error("Couldn't find request for %s in the queue", hex);
 
+       if (has_sha1_file(request->sha1)) {
+               release_request(request);
+               return 0;
+       }
+
 #ifdef USE_CURL_MULTI
-       int num_transfers;
        while (request->state == WAITING) {
+               int num_transfers;
                curl_multi_perform(curlm, &num_transfers);
                if (num_transfers < active_requests) {
                        process_curl_messages();
@@ -930,7 +1069,9 @@ static int fetch_object(struct alt_base *repo, unsigned char *sha1)
        }
 
        if (request->curl_result != CURLE_OK && request->http_code != 416) {
-               ret = error("%s", request->errorstr);
+               ret = error("%s (curl_result = %d, http_code = %ld, sha1 = %s)",
+                           request->errorstr, request->curl_result,
+                           request->http_code, hex);
                release_request(request);
                return ret;
        }
@@ -973,9 +1114,54 @@ int fetch(unsigned char *sha1)
                     alt->base);
 }
 
+static inline int needs_quote(int ch)
+{
+       switch (ch) {
+       case '/': case '-': case '.':
+       case 'A'...'Z': case 'a'...'z': case '0'...'9':
+               return 0;
+       default:
+               return 1;
+       }
+}
+
+static inline int hex(int v)
+{
+       if (v < 10) return '0' + v;
+       else return 'A' + v - 10;
+}
+
+static char *quote_ref_url(const char *base, const char *ref)
+{
+       const char *cp;
+       char *dp, *qref;
+       int len, baselen, ch;
+
+       baselen = strlen(base);
+       len = baselen + 6; /* "refs/" + NUL */
+       for (cp = ref; (ch = *cp) != 0; cp++, len++)
+               if (needs_quote(ch))
+                       len += 2; /* extra two hex plus replacement % */
+       qref = xmalloc(len);
+       memcpy(qref, base, baselen);
+       memcpy(qref + baselen, "refs/", 5);
+       for (cp = ref, dp = qref + baselen + 5; (ch = *cp) != 0; cp++) {
+               if (needs_quote(ch)) {
+                       *dp++ = '%';
+                       *dp++ = hex((ch >> 4) & 0xF);
+                       *dp++ = hex(ch & 0xF);
+               }
+               else
+                       *dp++ = ch;
+       }
+       *dp = 0;
+
+       return qref;
+}
+
 int fetch_ref(char *ref, unsigned char *sha1)
 {
-        char *url, *posn;
+        char *url;
         char hex[42];
         struct buffer buffer;
        char *base = alt->base;
@@ -985,13 +1171,7 @@ int fetch_ref(char *ref, unsigned char *sha1)
         buffer.buffer = hex;
         hex[41] = '\0';
         
-        url = xmalloc(strlen(base) + 6 + strlen(ref));
-        strcpy(url, base);
-        posn = url + strlen(base);
-        strcpy(posn, "refs/");
-        posn += 5;
-        strcpy(posn, ref);
-
+       url = quote_ref_url(base, ref);
        slot = get_active_slot();
        curl_easy_setopt(slot->curl, CURLOPT_FILE, &buffer);
        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION, fwrite_buffer);
@@ -1017,6 +1197,8 @@ int main(int argc, char **argv)
        char *url;
        int arg = 1;
        struct active_request_slot *slot;
+       char *low_speed_limit;
+       char *low_speed_time;
 
        while (arg < argc && argv[arg][0] == '-') {
                if (argv[arg][1] == 't') {
@@ -1047,11 +1229,11 @@ int main(int argc, char **argv)
        curl_global_init(CURL_GLOBAL_ALL);
 
 #ifdef USE_CURL_MULTI
-       char *http_max_requests = getenv("GIT_HTTP_MAX_REQUESTS");
-       if (http_max_requests != NULL)
-               max_requests = atoi(http_max_requests);
-       if (max_requests < 1)
-               max_requests = DEFAULT_MAX_REQUESTS;
+       {
+               char *http_max_requests = getenv("GIT_HTTP_MAX_REQUESTS");
+               if (http_max_requests != NULL)
+                       max_requests = atoi(http_max_requests);
+       }
 
        curlm = curl_multi_init();
        if (curlm == NULL) {
@@ -1059,34 +1241,43 @@ int main(int argc, char **argv)
                return 1;
        }
 #endif
-       no_pragma_header = curl_slist_append(no_pragma_header, "Pragma:");
-       no_range_header = curl_slist_append(no_range_header, "Range:");
 
-       curl_default = curl_easy_init();
+       if (getenv("GIT_SSL_NO_VERIFY"))
+               curl_ssl_verify = 0;
 
-       curl_ssl_verify = getenv("GIT_SSL_NO_VERIFY") ? 0 : 1;
-       curl_easy_setopt(curl_default, CURLOPT_SSL_VERIFYPEER, curl_ssl_verify);
-#if LIBCURL_VERSION_NUM >= 0x070907
-       curl_easy_setopt(curl_default, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
-#endif
-
-       if ((ssl_cert = getenv("GIT_SSL_CERT")) != NULL) {
-               curl_easy_setopt(curl_default, CURLOPT_SSLCERT, ssl_cert);
-       }
+       ssl_cert = getenv("GIT_SSL_CERT");
 #if LIBCURL_VERSION_NUM >= 0x070902
-       if ((ssl_key = getenv("GIT_SSL_KEY")) != NULL) {
-               curl_easy_setopt(curl_default, CURLOPT_SSLKEY, ssl_key);
-       }
+       ssl_key = getenv("GIT_SSL_KEY");
 #endif
 #if LIBCURL_VERSION_NUM >= 0x070908
-       if ((ssl_capath = getenv("GIT_SSL_CAPATH")) != NULL) {
-               curl_easy_setopt(curl_default, CURLOPT_CAPATH, ssl_capath);
-       }
+       ssl_capath = getenv("GIT_SSL_CAPATH");
+#endif
+       ssl_cainfo = getenv("GIT_SSL_CAINFO");
+
+       low_speed_limit = getenv("GIT_HTTP_LOW_SPEED_LIMIT");
+       if (low_speed_limit != NULL)
+               curl_low_speed_limit = strtol(low_speed_limit, NULL, 10);
+       low_speed_time = getenv("GIT_HTTP_LOW_SPEED_TIME");
+       if (low_speed_time != NULL)
+               curl_low_speed_time = strtol(low_speed_time, NULL, 10);
+
+       git_config(http_options);
+
+       if (curl_ssl_verify == -1)
+               curl_ssl_verify = 1;
+
+#ifdef USE_CURL_MULTI
+       if (max_requests < 1)
+               max_requests = DEFAULT_MAX_REQUESTS;
+#endif
+
+       pragma_header = curl_slist_append(pragma_header, "Pragma: no-cache");
+       no_pragma_header = curl_slist_append(no_pragma_header, "Pragma:");
+       no_range_header = curl_slist_append(no_range_header, "Range:");
+
+#ifndef NO_CURL_EASY_DUPHANDLE
+       curl_default = get_curl_handle();
 #endif
-       if ((ssl_cainfo = getenv("GIT_SSL_CAINFO")) != NULL) {
-               curl_easy_setopt(curl_default, CURLOPT_CAINFO, ssl_cainfo);
-       }
-       curl_easy_setopt(curl_default, CURLOPT_FAILONERROR, 1);
 
        alt = xmalloc(sizeof(*alt));
        alt->base = url;
@@ -1098,9 +1289,12 @@ int main(int argc, char **argv)
        if (pull(commit_id))
                return 1;
 
+       curl_slist_free_all(pragma_header);
        curl_slist_free_all(no_pragma_header);
        curl_slist_free_all(no_range_header);
+#ifndef NO_CURL_EASY_DUPHANDLE
        curl_easy_cleanup(curl_default);
+#endif
        slot = active_queue_head;
        while (slot != NULL) {
                curl_easy_cleanup(slot->curl);