zip: use GIT_SHA1_HEXSZ for trailers
[gitweb.git] / send-pack.c
index ef93f33aa5cacfb1713bbe6e9507dbae79c5eda2..25947d7df9dd3af6e665d5d5eb63ec970617aef1 100644 (file)
@@ -47,8 +47,9 @@ static int pack_objects(int fd, struct ref *refs, struct sha1_array *extra, stru
                NULL,
                NULL,
                NULL,
+               NULL,
        };
-       struct child_process po;
+       struct child_process po = CHILD_PROCESS_INIT;
        int i;
 
        i = 4;
@@ -60,7 +61,8 @@ static int pack_objects(int fd, struct ref *refs, struct sha1_array *extra, stru
                argv[i++] = "-q";
        if (args->progress)
                argv[i++] = "--progress";
-       memset(&po, 0, sizeof(po));
+       if (is_repository_shallow())
+               argv[i++] = "--shallow";
        po.argv = argv;
        po.in = -1;
        po.out = args->stateless_rpc ? -1 : fd;
@@ -225,20 +227,29 @@ static const char *next_line(const char *line, size_t len)
        return nl + 1;
 }
 
-static void generate_push_cert(struct strbuf *req_buf,
-                              const struct ref *remote_refs,
-                              struct send_pack_args *args)
+static int generate_push_cert(struct strbuf *req_buf,
+                             const struct ref *remote_refs,
+                             struct send_pack_args *args,
+                             const char *cap_string,
+                             const char *push_cert_nonce)
 {
        const struct ref *ref;
-       char stamp[60];
        char *signing_key = xstrdup(get_signing_key());
        const char *cp, *np;
        struct strbuf cert = STRBUF_INIT;
        int update_seen = 0;
 
-       datestamp(stamp, sizeof(stamp));
        strbuf_addf(&cert, "certificate version 0.1\n");
-       strbuf_addf(&cert, "pusher %s %s\n", signing_key, stamp);
+       strbuf_addf(&cert, "pusher %s ", signing_key);
+       datestamp(&cert);
+       strbuf_addch(&cert, '\n');
+       if (args->url && *args->url) {
+               char *anon_url = transport_anonymize_url(args->url);
+               strbuf_addf(&cert, "pushee %s\n", anon_url);
+               free(anon_url);
+       }
+       if (push_cert_nonce[0])
+               strbuf_addf(&cert, "nonce %s\n", push_cert_nonce);
        strbuf_addstr(&cert, "\n");
 
        for (ref = remote_refs; ref; ref = ref->next) {
@@ -256,7 +267,7 @@ static void generate_push_cert(struct strbuf *req_buf,
        if (sign_buffer(&cert, &cert, signing_key))
                die(_("failed to sign the push certificate"));
 
-       packet_buf_write(req_buf, "push-cert\n");
+       packet_buf_write(req_buf, "push-cert%c%s", 0, cap_string);
        for (cp = cert.buf; cp < cert.buf + cert.len; cp = np) {
                np = next_line(cp, cert.buf + cert.len - cp);
                packet_buf_write(req_buf,
@@ -267,6 +278,7 @@ static void generate_push_cert(struct strbuf *req_buf,
 free_return:
        free(signing_key);
        strbuf_release(&cert);
+       return update_seen;
 }
 
 int send_pack(struct send_pack_args *args,
@@ -288,6 +300,7 @@ int send_pack(struct send_pack_args *args,
        unsigned cmds_sent = 0;
        int ret;
        struct async demux;
+       const char *push_cert_nonce = NULL;
 
        /* Does the other end support the reporting? */
        if (server_supports("report-status"))
@@ -304,8 +317,14 @@ int send_pack(struct send_pack_args *args,
                agent_supported = 1;
        if (server_supports("no-thin"))
                args->use_thin_pack = 0;
-       if (args->push_cert && !server_supports("push-cert"))
-               die(_("the receiving end does not support --signed push"));
+       if (args->push_cert) {
+               int len;
+
+               push_cert_nonce = server_feature_value("push-cert", &len);
+               if (!push_cert_nonce)
+                       die(_("the receiving end does not support --signed push"));
+               push_cert_nonce = xmemdupz(push_cert_nonce, len);
+       }
 
        if (!remote_refs) {
                fprintf(stderr, "No refs in common and none specified; doing nothing.\n"
@@ -335,7 +354,8 @@ int send_pack(struct send_pack_args *args,
                advertise_shallow_grafts_buf(&req_buf);
 
        if (!args->dry_run && args->push_cert)
-               generate_push_cert(&req_buf, remote_refs, args);
+               cmds_sent = generate_push_cert(&req_buf, remote_refs, args,
+                                              cap_buf.buf, push_cert_nonce);
 
        /*
         * Clear the status for each ref and see if we need to send
@@ -360,7 +380,7 @@ int send_pack(struct send_pack_args *args,
        for (ref = remote_refs; ref; ref = ref->next) {
                char *old_hex, *new_hex;
 
-               if (args->dry_run)
+               if (args->dry_run || args->push_cert)
                        continue;
 
                if (!ref_update_to_be_sent(ref, args))