restrict the patch filtering
[gitweb.git] / receive-pack.c
index e76d9aea31886ec9b0d287f02a12af9793fb44db..7cf58782e38b0d52c104921d938163f2ba2c343c 100644 (file)
@@ -6,11 +6,12 @@
 #include "exec_cmd.h"
 #include "commit.h"
 #include "object.h"
-#include <sys/wait.h>
 
 static const char receive_pack_usage[] = "git-receive-pack <git-dir>";
 
 static int deny_non_fast_forwards = 0;
+static int receive_unpack_limit = -1;
+static int transfer_unpack_limit = -1;
 static int unpack_limit = 100;
 static int report_status;
 
@@ -19,21 +20,22 @@ static int capabilities_sent;
 
 static int receive_pack_config(const char *var, const char *value)
 {
-       git_default_config(var, value);
-
-       if (strcmp(var, "receive.denynonfastforwards") == 0)
-       {
+       if (strcmp(var, "receive.denynonfastforwards") == 0) {
                deny_non_fast_forwards = git_config_bool(var, value);
                return 0;
        }
 
-       if (strcmp(var, "receive.unpacklimit") == 0)
-       {
-               unpack_limit = git_config_int(var, value);
+       if (strcmp(var, "receive.unpacklimit") == 0) {
+               receive_unpack_limit = git_config_int(var, value);
                return 0;
        }
 
-       return 0;
+       if (strcmp(var, "transfer.unpacklimit") == 0) {
+               transfer_unpack_limit = git_config_int(var, value);
+               return 0;
+       }
+
+       return git_default_config(var, value);
 }
 
 static int show_ref(const char *path, const unsigned char *sha1, int flag, void *cb_data)
@@ -65,16 +67,11 @@ struct command {
 
 static struct command *commands;
 
-static char update_hook[] = "hooks/update";
+static const char pre_receive_hook[] = "hooks/pre-receive";
+static const char post_receive_hook[] = "hooks/post-receive";
 
-static int run_update_hook(const char *refname,
-                          char *old_hex, char *new_hex)
+static int hook_status(int code, const char *hook_name)
 {
-       int code;
-
-       if (access(update_hook, X_OK) < 0)
-               return 0;
-       code = run_command(update_hook, refname, old_hex, new_hex, NULL);
        switch (code) {
        case 0:
                return 0;
@@ -82,46 +79,105 @@ static int run_update_hook(const char *refname,
                return error("hook fork failed");
        case -ERR_RUN_COMMAND_EXEC:
                return error("hook execute failed");
+       case -ERR_RUN_COMMAND_PIPE:
+               return error("hook pipe failed");
        case -ERR_RUN_COMMAND_WAITPID:
                return error("waitpid failed");
        case -ERR_RUN_COMMAND_WAITPID_WRONG_PID:
                return error("waitpid is confused");
        case -ERR_RUN_COMMAND_WAITPID_SIGNAL:
-               return error("%s died of signal", update_hook);
+               return error("%s died of signal", hook_name);
        case -ERR_RUN_COMMAND_WAITPID_NOEXIT:
-               return error("%s died strangely", update_hook);
+               return error("%s died strangely", hook_name);
        default:
-               error("%s exited with error code %d", update_hook, -code);
+               error("%s exited with error code %d", hook_name, -code);
                return -code;
        }
 }
 
-static int update(struct command *cmd)
+static int run_hook(const char *hook_name)
+{
+       static char buf[sizeof(commands->old_sha1) * 2 + PATH_MAX + 4];
+       struct command *cmd;
+       struct child_process proc;
+       const char *argv[2];
+       int have_input = 0, code;
+
+       for (cmd = commands; !have_input && cmd; cmd = cmd->next) {
+               if (!cmd->error_string)
+                       have_input = 1;
+       }
+
+       if (!have_input || access(hook_name, X_OK) < 0)
+               return 0;
+
+       argv[0] = hook_name;
+       argv[1] = NULL;
+
+       memset(&proc, 0, sizeof(proc));
+       proc.argv = argv;
+       proc.in = -1;
+       proc.stdout_to_stderr = 1;
+
+       code = start_command(&proc);
+       if (code)
+               return hook_status(code, hook_name);
+       for (cmd = commands; cmd; cmd = cmd->next) {
+               if (!cmd->error_string) {
+                       size_t n = snprintf(buf, sizeof(buf), "%s %s %s\n",
+                               sha1_to_hex(cmd->old_sha1),
+                               sha1_to_hex(cmd->new_sha1),
+                               cmd->ref_name);
+                       if (write_in_full(proc.in, buf, n) != n)
+                               break;
+               }
+       }
+       return hook_status(finish_command(&proc), hook_name);
+}
+
+static int run_update_hook(struct command *cmd)
+{
+       static const char update_hook[] = "hooks/update";
+       struct child_process proc;
+       const char *argv[5];
+
+       if (access(update_hook, X_OK) < 0)
+               return 0;
+
+       argv[0] = update_hook;
+       argv[1] = cmd->ref_name;
+       argv[2] = sha1_to_hex(cmd->old_sha1);
+       argv[3] = sha1_to_hex(cmd->new_sha1);
+       argv[4] = NULL;
+
+       memset(&proc, 0, sizeof(proc));
+       proc.argv = argv;
+       proc.no_stdin = 1;
+       proc.stdout_to_stderr = 1;
+
+       return hook_status(run_command(&proc), update_hook);
+}
+
+static const char *update(struct command *cmd)
 {
        const char *name = cmd->ref_name;
        unsigned char *old_sha1 = cmd->old_sha1;
        unsigned char *new_sha1 = cmd->new_sha1;
-       char new_hex[41], old_hex[41];
        struct ref_lock *lock;
 
-       cmd->error_string = NULL;
-       if (!strncmp(name, "refs/", 5) && check_ref_format(name + 5)) {
-               cmd->error_string = "funny refname";
-               return error("refusing to create funny ref '%s' locally",
-                            name);
+       if (!prefixcmp(name, "refs/") && check_ref_format(name + 5)) {
+               error("refusing to create funny ref '%s' locally", name);
+               return "funny refname";
        }
 
-       strcpy(new_hex, sha1_to_hex(new_sha1));
-       strcpy(old_hex, sha1_to_hex(old_sha1));
-
        if (!is_null_sha1(new_sha1) && !has_sha1_file(new_sha1)) {
-               cmd->error_string = "bad pack";
-               return error("unpack should have generated %s, "
-                            "but I can't find it!", new_hex);
+               error("unpack should have generated %s, "
+                     "but I can't find it!", sha1_to_hex(new_sha1));
+               return "bad pack";
        }
        if (deny_non_fast_forwards && !is_null_sha1(new_sha1) &&
            !is_null_sha1(old_sha1) &&
-           !strncmp(name, "refs/heads/", 11)) {
+           !prefixcmp(name, "refs/heads/")) {
                struct commit *old_commit, *new_commit;
                struct commit_list *bases, *ent;
 
@@ -132,32 +188,39 @@ static int update(struct command *cmd)
                        if (!hashcmp(old_sha1, ent->item->object.sha1))
                                break;
                free_commit_list(bases);
-               if (!ent)
-                       return error("denying non-fast forward;"
-                                    " you should pull first");
+               if (!ent) {
+                       error("denying non-fast forward %s"
+                             " (you should pull first)", name);
+                       return "non-fast forward";
+               }
        }
-       if (run_update_hook(name, old_hex, new_hex)) {
-               cmd->error_string = "hook declined";
-               return error("hook declined to update %s", name);
+       if (run_update_hook(cmd)) {
+               error("hook declined to update %s", name);
+               return "hook declined";
        }
 
        if (is_null_sha1(new_sha1)) {
                if (delete_ref(name, old_sha1)) {
-                       cmd->error_string = "failed to delete";
-                       return error("failed to delete %s", name);
+                       error("failed to delete %s", name);
+                       return "failed to delete";
                }
-               fprintf(stderr, "%s: %s -> deleted\n", name, old_hex);
+               fprintf(stderr, "%s: %s -> deleted\n", name,
+                       sha1_to_hex(old_sha1));
+               return NULL; /* good */
        }
        else {
                lock = lock_any_ref_for_update(name, old_sha1);
                if (!lock) {
-                       cmd->error_string = "failed to lock";
-                       return error("failed to lock %s", name);
+                       error("failed to lock %s", name);
+                       return "failed to lock";
+               }
+               if (write_ref_sha1(lock, new_sha1, "push")) {
+                       return "failed to write"; /* error() already called */
                }
-               write_ref_sha1(lock, new_sha1, "push");
-               fprintf(stderr, "%s: %s -> %s\n", name, old_hex, new_hex);
+               fprintf(stderr, "%s: %s -> %s\n", name,
+                       sha1_to_hex(old_sha1), sha1_to_hex(new_sha1));
+               return NULL; /* good */
        }
-       return 0;
 }
 
 static char update_post_hook[] = "hooks/post-update";
@@ -168,14 +231,14 @@ static void run_update_post_hook(struct command *cmd)
        int argc;
        const char **argv;
 
-       if (access(update_post_hook, X_OK) < 0)
-               return;
-       for (argc = 1, cmd_p = cmd; cmd_p; cmd_p = cmd_p->next) {
+       for (argc = 0, cmd_p = cmd; cmd_p; cmd_p = cmd_p->next) {
                if (cmd_p->error_string)
                        continue;
                argc++;
        }
-       argv = xmalloc(sizeof(*argv) * (1 + argc));
+       if (!argc || access(update_post_hook, X_OK) < 0)
+               return;
+       argv = xmalloc(sizeof(*argv) * (2 + argc));
        argv[0] = update_post_hook;
 
        for (argc = 1, cmd_p = cmd; cmd_p; cmd_p = cmd_p->next) {
@@ -188,22 +251,34 @@ static void run_update_post_hook(struct command *cmd)
                argc++;
        }
        argv[argc] = NULL;
-       run_command_v_opt(argc, argv, RUN_COMMAND_NO_STDIO);
+       run_command_v_opt(argv, RUN_COMMAND_NO_STDIN
+               | RUN_COMMAND_STDOUT_TO_STDERR);
 }
 
-/*
- * This gets called after(if) we've successfully
- * unpacked the data payload.
- */
-static void execute_commands(void)
+static void execute_commands(const char *unpacker_error)
 {
        struct command *cmd = commands;
 
+       if (unpacker_error) {
+               while (cmd) {
+                       cmd->error_string = "n/a (unpacker error)";
+                       cmd = cmd->next;
+               }
+               return;
+       }
+
+       if (run_hook(pre_receive_hook)) {
+               while (cmd) {
+                       cmd->error_string = "pre-receive hook declined";
+                       cmd = cmd->next;
+               }
+               return;
+       }
+
        while (cmd) {
-               update(cmd);
+               cmd->error_string = update(cmd);
                cmd = cmd->next;
        }
-       run_update_post_hook(commands);
 }
 
 static void read_head_info(void)
@@ -239,7 +314,7 @@ static void read_head_info(void)
                hashcpy(cmd->old_sha1, old_sha1);
                hashcpy(cmd->new_sha1, new_sha1);
                memcpy(cmd->ref_name, line + 82, len - 81);
-               cmd->error_string = "n/a (unpacker error)";
+               cmd->error_string = NULL;
                cmd->next = NULL;
                *p = cmd;
                p = &cmd->next;
@@ -248,20 +323,22 @@ static void read_head_info(void)
 
 static const char *parse_pack_header(struct pack_header *hdr)
 {
-       char *c = (char*)hdr;
-       ssize_t remaining = sizeof(struct pack_header);
-       do {
-               ssize_t r = xread(0, c, remaining);
-               if (r <= 0)
-                       return "eof before pack header was fully read";
-               remaining -= r;
-               c += r;
-       } while (remaining > 0);
-       if (hdr->hdr_signature != htonl(PACK_SIGNATURE))
+       switch (read_pack_header(0, hdr)) {
+       case PH_ERROR_EOF:
+               return "eof before pack header was fully read";
+
+       case PH_ERROR_PACK_SIGNATURE:
                return "protocol error (pack signature mismatch detected)";
-       if (!pack_version_ok(hdr->hdr_version))
+
+       case PH_ERROR_PROTOCOL:
                return "protocol error (pack version unsupported)";
-       return NULL;
+
+       default:
+               return "unknown error in parse_pack_header";
+
+       case 0:
+               return NULL;
+       }
 }
 
 static const char *pack_lockfile;
@@ -284,7 +361,7 @@ static const char *unpack(void)
                unpacker[0] = "unpack-objects";
                unpacker[1] = hdr_arg;
                unpacker[2] = NULL;
-               code = run_command_v_opt(1, unpacker, RUN_GIT_CMD);
+               code = run_command_v_opt(unpacker, RUN_GIT_CMD);
                switch (code) {
                case 0:
                        return NULL;
@@ -419,9 +496,16 @@ int main(int argc, char **argv)
        if (!enter_repo(dir, 0))
                die("'%s': unable to chdir or not a git archive", dir);
 
-       setup_ident();
+       if (is_repository_shallow())
+               die("attempt to push into a shallow repository");
+
        git_config(receive_pack_config);
 
+       if (0 <= transfer_unpack_limit)
+               unpack_limit = transfer_unpack_limit;
+       else if (0 <= receive_unpack_limit)
+               unpack_limit = receive_unpack_limit;
+
        write_head_info();
 
        /* EOF */
@@ -433,12 +517,13 @@ int main(int argc, char **argv)
 
                if (!delete_only(commands))
                        unpack_status = unpack();
-               if (!unpack_status)
-                       execute_commands();
+               execute_commands(unpack_status);
                if (pack_lockfile)
                        unlink(pack_lockfile);
                if (report_status)
                        report(unpack_status);
+               run_hook(post_receive_hook);
+               run_update_post_hook(commands);
        }
        return 0;
 }