t/t6001-rev-list-graft.sh: use the $( ... ) construct for command substitution
[gitweb.git] / http.c
diff --git a/http.c b/http.c
index be3f5fb7def9bf20fee166407590bf989ea2f2fd..0da9e6639832a493f932e3ba332683d3d4ae73ae 100644 (file)
--- a/http.c
+++ b/http.c
@@ -30,13 +30,27 @@ static CURL *curl_default;
 #endif
 
 #define PREV_BUF_SIZE 4096
-#define RANGE_HEADER_SIZE 30
 
 char curl_errorstr[CURL_ERROR_SIZE];
 
 static int curl_ssl_verify = -1;
 static int curl_ssl_try;
 static const char *ssl_cert;
+static const char *ssl_cipherlist;
+static const char *ssl_version;
+static struct {
+       const char *name;
+       long ssl_version;
+} sslversions[] = {
+       { "sslv2", CURL_SSLVERSION_SSLv2 },
+       { "sslv3", CURL_SSLVERSION_SSLv3 },
+       { "tlsv1", CURL_SSLVERSION_TLSv1 },
+#if LIBCURL_VERSION_NUM >= 0x072200
+       { "tlsv1.0", CURL_SSLVERSION_TLSv1_0 },
+       { "tlsv1.1", CURL_SSLVERSION_TLSv1_1 },
+       { "tlsv1.2", CURL_SSLVERSION_TLSv1_2 },
+#endif
+};
 #if LIBCURL_VERSION_NUM >= 0x070903
 static const char *ssl_key;
 #endif
@@ -188,6 +202,10 @@ static int http_options(const char *var, const char *value, void *cb)
                curl_ssl_verify = git_config_bool(var, value);
                return 0;
        }
+       if (!strcmp("http.sslcipherlist", var))
+               return git_config_string(&ssl_cipherlist, var, value);
+       if (!strcmp("http.sslversion", var))
+               return git_config_string(&ssl_version, var, value);
        if (!strcmp("http.sslcert", var))
                return git_config_string(&ssl_cert, var, value);
 #if LIBCURL_VERSION_NUM >= 0x070903
@@ -196,10 +214,10 @@ static int http_options(const char *var, const char *value, void *cb)
 #endif
 #if LIBCURL_VERSION_NUM >= 0x070908
        if (!strcmp("http.sslcapath", var))
-               return git_config_string(&ssl_capath, var, value);
+               return git_config_pathname(&ssl_capath, var, value);
 #endif
        if (!strcmp("http.sslcainfo", var))
-               return git_config_string(&ssl_cainfo, var, value);
+               return git_config_pathname(&ssl_cainfo, var, value);
        if (!strcmp("http.sslcertpasswordprotected", var)) {
                ssl_cert_password_required = git_config_bool(var, value);
                return 0;
@@ -363,6 +381,28 @@ static CURL *get_curl_handle(void)
        if (http_proactive_auth)
                init_curl_http_auth(result);
 
+       if (getenv("GIT_SSL_VERSION"))
+               ssl_version = getenv("GIT_SSL_VERSION");
+       if (ssl_version && *ssl_version) {
+               int i;
+               for (i = 0; i < ARRAY_SIZE(sslversions); i++) {
+                       if (!strcmp(ssl_version, sslversions[i].name)) {
+                               curl_easy_setopt(result, CURLOPT_SSLVERSION,
+                                                sslversions[i].ssl_version);
+                               break;
+                       }
+               }
+               if (i == ARRAY_SIZE(sslversions))
+                       warning("unsupported ssl version %s: using default",
+                               ssl_version);
+       }
+
+       if (getenv("GIT_SSL_CIPHER_LIST"))
+               ssl_cipherlist = getenv("GIT_SSL_CIPHER_LIST");
+       if (ssl_cipherlist != NULL && *ssl_cipherlist)
+               curl_easy_setopt(result, CURLOPT_SSL_CIPHER_LIST,
+                               ssl_cipherlist);
+
        if (ssl_cert != NULL)
                curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert);
        if (has_cert_password())
@@ -651,6 +691,7 @@ struct active_request_slot *get_active_slot(void)
        curl_easy_setopt(slot->curl, CURLOPT_UPLOAD, 0);
        curl_easy_setopt(slot->curl, CURLOPT_HTTPGET, 1);
        curl_easy_setopt(slot->curl, CURLOPT_FAILONERROR, 1);
+       curl_easy_setopt(slot->curl, CURLOPT_RANGE, NULL);
 #ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
        curl_easy_setopt(slot->curl, CURLOPT_HTTPAUTH, http_auth_methods);
 #endif
@@ -1092,7 +1133,7 @@ static void write_accept_language(struct strbuf *buf)
                     decimal_places++, max_q *= 10)
                        ;
 
-               sprintf(q_format, ";q=0.%%0%dd", decimal_places);
+               xsnprintf(q_format, sizeof(q_format), ";q=0.%%0%dd", decimal_places);
 
                strbuf_addstr(buf, "Accept-Language: ");
 
@@ -1143,6 +1184,13 @@ static const char *get_accept_language(void)
        return cached_accept_language;
 }
 
+static void http_opt_request_remainder(CURL *curl, off_t pos)
+{
+       char buf[128];
+       xsnprintf(buf, sizeof(buf), "%"PRIuMAX"-", (uintmax_t)pos);
+       curl_easy_setopt(curl, CURLOPT_RANGE, buf);
+}
+
 /* http_request() targets */
 #define HTTP_REQUEST_STRBUF    0
 #define HTTP_REQUEST_FILE      1
@@ -1168,14 +1216,11 @@ static int http_request(const char *url,
                curl_easy_setopt(slot->curl, CURLOPT_FILE, result);
 
                if (target == HTTP_REQUEST_FILE) {
-                       long posn = ftell(result);
+                       off_t posn = ftello(result);
                        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
                                         fwrite);
-                       if (posn > 0) {
-                               strbuf_addf(&buf, "Range: bytes=%ld-", posn);
-                               headers = curl_slist_append(headers, buf.buf);
-                               strbuf_reset(&buf);
-                       }
+                       if (posn > 0)
+                               http_opt_request_remainder(slot->curl, posn);
                } else
                        curl_easy_setopt(slot->curl, CURLOPT_WRITEFUNCTION,
                                         fwrite_buffer);
@@ -1337,7 +1382,7 @@ static int http_get_file(const char *url, const char *filename,
        ret = http_request_reauth(url, result, HTTP_REQUEST_FILE, options);
        fclose(result);
 
-       if (ret == HTTP_OK && move_temp_to_file(tmpfile.buf, filename))
+       if (ret == HTTP_OK && finalize_object_file(tmpfile.buf, filename))
                ret = HTTP_ERROR;
 cleanup:
        strbuf_release(&tmpfile);
@@ -1357,7 +1402,7 @@ int http_fetch_ref(const char *base, struct ref *ref)
        if (http_get_strbuf(url, &buffer, &options) == HTTP_OK) {
                strbuf_rtrim(&buffer);
                if (buffer.len == 40)
-                       ret = get_sha1_hex(buffer.buf, ref->old_sha1);
+                       ret = get_oid_hex(buffer.buf, &ref->old_oid);
                else if (starts_with(buffer.buf, "ref: ")) {
                        ref->symref = xstrdup(buffer.buf + 5);
                        ret = 0;
@@ -1424,7 +1469,7 @@ static int fetch_and_setup_pack_index(struct packed_git **packs_head,
        ret = verify_pack_index(new_pack);
        if (!ret) {
                close_pack_index(new_pack);
-               ret = move_temp_to_file(tmp_idx, sha1_pack_index_name(sha1));
+               ret = finalize_object_file(tmp_idx, sha1_pack_index_name(sha1));
        }
        free(tmp_idx);
        if (ret)
@@ -1485,10 +1530,6 @@ void release_http_pack_request(struct http_pack_request *preq)
                fclose(preq->packfile);
                preq->packfile = NULL;
        }
-       if (preq->range_header != NULL) {
-               curl_slist_free_all(preq->range_header);
-               preq->range_header = NULL;
-       }
        preq->slot = NULL;
        free(preq->url);
        free(preq);
@@ -1499,6 +1540,7 @@ int finish_http_pack_request(struct http_pack_request *preq)
        struct packed_git **lst;
        struct packed_git *p = preq->target;
        char *tmp_idx;
+       size_t len;
        struct child_process ip = CHILD_PROCESS_INIT;
        const char *ip_argv[8];
 
@@ -1512,9 +1554,9 @@ int finish_http_pack_request(struct http_pack_request *preq)
                lst = &((*lst)->next);
        *lst = (*lst)->next;
 
-       tmp_idx = xstrdup(preq->tmpfile);
-       strcpy(tmp_idx + strlen(tmp_idx) - strlen(".pack.temp"),
-              ".idx.temp");
+       if (!strip_suffix(preq->tmpfile, ".pack.temp", &len))
+               die("BUG: pack tmpfile does not end in .pack.temp?");
+       tmp_idx = xstrfmt("%.*s.idx.temp", (int)len, preq->tmpfile);
 
        ip_argv[0] = "index-pack";
        ip_argv[1] = "-o";
@@ -1536,8 +1578,8 @@ int finish_http_pack_request(struct http_pack_request *preq)
 
        unlink(sha1_pack_index_name(p->sha1));
 
-       if (move_temp_to_file(preq->tmpfile, sha1_pack_name(p->sha1))
-        || move_temp_to_file(tmp_idx, sha1_pack_index_name(p->sha1))) {
+       if (finalize_object_file(preq->tmpfile, sha1_pack_name(p->sha1))
+        || finalize_object_file(tmp_idx, sha1_pack_index_name(p->sha1))) {
                free(tmp_idx);
                return -1;
        }
@@ -1550,8 +1592,7 @@ int finish_http_pack_request(struct http_pack_request *preq)
 struct http_pack_request *new_http_pack_request(
        struct packed_git *target, const char *base_url)
 {
-       long prev_posn = 0;
-       char range[RANGE_HEADER_SIZE];
+       off_t prev_posn = 0;
        struct strbuf buf = STRBUF_INIT;
        struct http_pack_request *preq;
 
@@ -1583,16 +1624,13 @@ struct http_pack_request *new_http_pack_request(
         * If there is data present from a previous transfer attempt,
         * resume where it left off
         */
-       prev_posn = ftell(preq->packfile);
+       prev_posn = ftello(preq->packfile);
        if (prev_posn>0) {
                if (http_is_verbose)
                        fprintf(stderr,
-                               "Resuming fetch of pack %s at byte %ld\n",
-                               sha1_to_hex(target->sha1), prev_posn);
-               sprintf(range, "Range: bytes=%ld-", prev_posn);
-               preq->range_header = curl_slist_append(NULL, range);
-               curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
-                       preq->range_header);
+                               "Resuming fetch of pack %s at byte %"PRIuMAX"\n",
+                               sha1_to_hex(target->sha1), (uintmax_t)prev_posn);
+               http_opt_request_remainder(preq->slot->curl, prev_posn);
        }
 
        return preq;
@@ -1641,9 +1679,7 @@ struct http_object_request *new_http_object_request(const char *base_url,
        int prevlocal;
        char prev_buf[PREV_BUF_SIZE];
        ssize_t prev_read = 0;
-       long prev_posn = 0;
-       char range[RANGE_HEADER_SIZE];
-       struct curl_slist *range_header = NULL;
+       off_t prev_posn = 0;
        struct http_object_request *freq;
 
        freq = xcalloc(1, sizeof(*freq));
@@ -1747,12 +1783,9 @@ struct http_object_request *new_http_object_request(const char *base_url,
        if (prev_posn>0) {
                if (http_is_verbose)
                        fprintf(stderr,
-                               "Resuming fetch of object %s at byte %ld\n",
-                               hex, prev_posn);
-               sprintf(range, "Range: bytes=%ld-", prev_posn);
-               range_header = curl_slist_append(range_header, range);
-               curl_easy_setopt(freq->slot->curl,
-                                CURLOPT_HTTPHEADER, range_header);
+                               "Resuming fetch of object %s at byte %"PRIuMAX"\n",
+                               hex, (uintmax_t)prev_posn);
+               http_opt_request_remainder(freq->slot->curl, prev_posn);
        }
 
        return freq;
@@ -1801,7 +1834,7 @@ int finish_http_object_request(struct http_object_request *freq)
                return -1;
        }
        freq->rename =
-               move_temp_to_file(freq->tmpfile, sha1_file_name(freq->sha1));
+               finalize_object_file(freq->tmpfile, sha1_file_name(freq->sha1));
 
        return freq->rename;
 }