log: read gpg settings for signed commit verification
[gitweb.git] / remote.c
index f035af30747822077442d2af158dc872ddb5c660..57f36e14da7a8a33ae8c02a4bf46492936c79fdd 100644 (file)
--- a/remote.c
+++ b/remote.c
@@ -15,6 +15,7 @@ static struct refspec s_tag_refspec = {
        0,
        1,
        0,
+       0,
        "refs/tags/*",
        "refs/tags/*"
 };
@@ -538,7 +539,7 @@ static struct refspec *parse_refspec_internal(int nr_refspec, const char **refsp
 
                /*
                 * Before going on, special case ":" (or "+:") as a refspec
-                * for matching refs.
+                * for pushing matching refs.
                 */
                if (!fetch && rhs == lhs && rhs[1] == '\0') {
                        rs[i].matching = 1;
@@ -565,26 +566,25 @@ static struct refspec *parse_refspec_internal(int nr_refspec, const char **refsp
                flags = REFNAME_ALLOW_ONELEVEL | (is_glob ? REFNAME_REFSPEC_PATTERN : 0);
 
                if (fetch) {
-                       /*
-                        * LHS
-                        * - empty is allowed; it means HEAD.
-                        * - otherwise it must be a valid looking ref.
-                        */
+                       unsigned char unused[40];
+
+                       /* LHS */
                        if (!*rs[i].src)
-                               ; /* empty is ok */
-                       else if (check_refname_format(rs[i].src, flags))
+                               ; /* empty is ok; it means "HEAD" */
+                       else if (llen == 40 && !get_sha1_hex(rs[i].src, unused))
+                               rs[i].exact_sha1 = 1; /* ok */
+                       else if (!check_refname_format(rs[i].src, flags))
+                               ; /* valid looking ref is ok */
+                       else
                                goto invalid;
-                       /*
-                        * RHS
-                        * - missing is ok, and is same as empty.
-                        * - empty is ok; it means not to store.
-                        * - otherwise it must be a valid looking ref.
-                        */
+                       /* RHS */
                        if (!rs[i].dst)
-                               ; /* ok */
+                               ; /* missing is ok; it is the same as empty */
                        else if (!*rs[i].dst)
-                               ; /* ok */
-                       else if (check_refname_format(rs[i].dst, flags))
+                               ; /* empty is ok; it means "do not store" */
+                       else if (!check_refname_format(rs[i].dst, flags))
+                               ; /* valid looking ref is ok */
+                       else
                                goto invalid;
                } else {
                        /*
@@ -1384,6 +1384,8 @@ void set_ref_status_for_push(struct ref *remote_refs, int send_mirror,
        struct ref *ref;
 
        for (ref = remote_refs; ref; ref = ref->next) {
+               int force_ref_update = ref->force || force_update;
+
                if (ref->peer_ref)
                        hashcpy(ref->new_sha1, ref->peer_ref->new_sha1);
                else if (!send_mirror)
@@ -1396,34 +1398,41 @@ void set_ref_status_for_push(struct ref *remote_refs, int send_mirror,
                        continue;
                }
 
-               /* This part determines what can overwrite what.
-                * The rules are:
-                *
-                * (0) you can always use --force or +A:B notation to
-                *     selectively force individual ref pairs.
+               /*
+                * Decide whether an individual refspec A:B can be
+                * pushed.  The push will succeed if any of the
+                * following are true:
                 *
-                * (1) if the old thing does not exist, it is OK.
+                * (1) the remote reference B does not exist
                 *
-                * (2) if you do not have the old thing, you are not allowed
-                *     to overwrite it; you would not know what you are losing
-                *     otherwise.
+                * (2) the remote reference B is being removed (i.e.,
+                *     pushing :B where no source is specified)
                 *
-                * (3) if both new and old are commit-ish, and new is a
-                *     descendant of old, it is OK.
+                * (3) the destination is not under refs/tags/, and
+                *     if the old and new value is a commit, the new
+                *     is a descendant of the old.
                 *
-                * (4) regardless of all of the above, removing :B is
-                *     always allowed.
+                * (4) it is forced using the +A:B notation, or by
+                *     passing the --force argument
                 */
 
-               ref->nonfastforward =
-                       !ref->deletion &&
-                       !is_null_sha1(ref->old_sha1) &&
-                       (!has_sha1_file(ref->old_sha1)
-                         || !ref_newer(ref->new_sha1, ref->old_sha1));
-
-               if (ref->nonfastforward && !ref->force && !force_update) {
-                       ref->status = REF_STATUS_REJECT_NONFASTFORWARD;
-                       continue;
+               if (!ref->deletion && !is_null_sha1(ref->old_sha1)) {
+                       int why = 0; /* why would this push require --force? */
+
+                       if (!prefixcmp(ref->name, "refs/tags/"))
+                               why = REF_STATUS_REJECT_ALREADY_EXISTS;
+                       else if (!has_sha1_file(ref->old_sha1))
+                               why = REF_STATUS_REJECT_FETCH_FIRST;
+                       else if (!lookup_commit_reference_gently(ref->old_sha1, 1) ||
+                                !lookup_commit_reference_gently(ref->new_sha1, 1))
+                               why = REF_STATUS_REJECT_NEEDS_FORCE;
+                       else if (!ref_newer(ref->new_sha1, ref->old_sha1))
+                               why = REF_STATUS_REJECT_NONFASTFORWARD;
+
+                       if (!force_ref_update)
+                               ref->status = why;
+                       else if (why)
+                               ref->forced_update = 1;
                }
        }
 }
@@ -1556,7 +1565,12 @@ int get_fetch_map(const struct ref *remote_refs,
        } else {
                const char *name = refspec->src[0] ? refspec->src : "HEAD";
 
-               ref_map = get_remote_ref(remote_refs, name);
+               if (refspec->exact_sha1) {
+                       ref_map = alloc_ref(name);
+                       get_sha1_hex(name, ref_map->old_sha1);
+               } else {
+                       ref_map = get_remote_ref(remote_refs, name);
+               }
                if (!missing_ok && !ref_map)
                        die("Couldn't find remote ref %s", name);
                if (ref_map) {
@@ -1617,7 +1631,8 @@ int ref_newer(const unsigned char *new_sha1, const unsigned char *old_sha1)
        struct commit_list *list, *used;
        int found = 0;
 
-       /* Both new and old must be commit-ish and new is descendant of
+       /*
+        * Both new and old must be commit-ish and new is descendant of
         * old.  Otherwise we require --force.
         */
        o = deref_tag(parse_object(old_sha1), NULL, 0);