search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
push-to-deploy: allow pushing into an unborn branch and updating it
[git.git] / builtin / receive-pack.c
blob0c0a2616ada04e474a879cd28f5b0bd5b876c8ca
1 #include "builtin.h"
2 #include "lockfile.h"
3 #include "pack.h"
4 #include "refs.h"
5 #include "pkt-line.h"
6 #include "sideband.h"
7 #include "run-command.h"
8 #include "exec_cmd.h"
9 #include "commit.h"
10 #include "object.h"
11 #include "remote.h"
12 #include "connect.h"
13 #include "transport.h"
14 #include "string-list.h"
15 #include "sha1-array.h"
16 #include "connected.h"
17 #include "argv-array.h"
18 #include "version.h"
19 #include "tag.h"
20 #include "gpg-interface.h"
21 #include "sigchain.h"
22
23 static const char receive_pack_usage[] = "git receive-pack <git-dir>";
24
25 enum deny_action {
26 DENY_UNCONFIGURED,
27 DENY_IGNORE,
28 DENY_WARN,
29 DENY_REFUSE,
30 DENY_UPDATE_INSTEAD
31 };
32
33 static int deny_deletes;
34 static int deny_non_fast_forwards;
35 static enum deny_action deny_current_branch = DENY_UNCONFIGURED;
36 static enum deny_action deny_delete_current = DENY_UNCONFIGURED;
37 static int receive_fsck_objects = -1;
38 static int transfer_fsck_objects = -1;
39 static int receive_unpack_limit = -1;
40 static int transfer_unpack_limit = -1;
41 static int unpack_limit = 100;
42 static int report_status;
43 static int use_sideband;
44 static int quiet;
45 static int prefer_ofs_delta = 1;
46 static int auto_update_server_info;
47 static int auto_gc = 1;
48 static int fix_thin = 1;
49 static int stateless_rpc;
50 static const char *service_dir;
51 static const char *head_name;
52 static void *head_name_to_free;
53 static int sent_capabilities;
54 static int shallow_update;
55 static const char *alt_shallow_file;
56 static struct strbuf push_cert = STRBUF_INIT;
57 static unsigned char push_cert_sha1[20];
58 static struct signature_check sigcheck;
59 static const char *push_cert_nonce;
60 static const char *cert_nonce_seed;
61
62 static const char *NONCE_UNSOLICITED = "UNSOLICITED";
63 static const char *NONCE_BAD = "BAD";
64 static const char *NONCE_MISSING = "MISSING";
65 static const char *NONCE_OK = "OK";
66 static const char *NONCE_SLOP = "SLOP";
67 static const char *nonce_status;
68 static long nonce_stamp_slop;
69 static unsigned long nonce_stamp_slop_limit;
70
71 static enum deny_action parse_deny_action(const char *var, const char *value)
72 {
73 if (value) {
74 if (!strcasecmp(value, "ignore"))
75 return DENY_IGNORE;
76 if (!strcasecmp(value, "warn"))
77 return DENY_WARN;
78 if (!strcasecmp(value, "refuse"))
79 return DENY_REFUSE;
80 if (!strcasecmp(value, "updateinstead"))
81 return DENY_UPDATE_INSTEAD;
82 }
83 if (git_config_bool(var, value))
84 return DENY_REFUSE;
85 return DENY_IGNORE;
86 }
87
88 static int receive_pack_config(const char *var, const char *value, void *cb)
89 {
90 int status = parse_hide_refs_config(var, value, "receive");
91
92 if (status)
93 return status;
94
95 if (strcmp(var, "receive.denydeletes") == 0) {
96 deny_deletes = git_config_bool(var, value);
97 return 0;
98 }
99
100 if (strcmp(var, "receive.denynonfastforwards") == 0) {
101 deny_non_fast_forwards = git_config_bool(var, value);
102 return 0;
103 }
104
105 if (strcmp(var, "receive.unpacklimit") == 0) {
106 receive_unpack_limit = git_config_int(var, value);
107 return 0;
108 }
109
110 if (strcmp(var, "transfer.unpacklimit") == 0) {
111 transfer_unpack_limit = git_config_int(var, value);
112 return 0;
113 }
114
115 if (strcmp(var, "receive.fsckobjects") == 0) {
116 receive_fsck_objects = git_config_bool(var, value);
117 return 0;
118 }
119
120 if (strcmp(var, "transfer.fsckobjects") == 0) {
121 transfer_fsck_objects = git_config_bool(var, value);
122 return 0;
123 }
124
125 if (!strcmp(var, "receive.denycurrentbranch")) {
126 deny_current_branch = parse_deny_action(var, value);
127 return 0;
128 }
129
130 if (strcmp(var, "receive.denydeletecurrent") == 0) {
131 deny_delete_current = parse_deny_action(var, value);
132 return 0;
133 }
134
135 if (strcmp(var, "repack.usedeltabaseoffset") == 0) {
136 prefer_ofs_delta = git_config_bool(var, value);
137 return 0;
138 }
139
140 if (strcmp(var, "receive.updateserverinfo") == 0) {
141 auto_update_server_info = git_config_bool(var, value);
142 return 0;
143 }
144
145 if (strcmp(var, "receive.autogc") == 0) {
146 auto_gc = git_config_bool(var, value);
147 return 0;
148 }
149
150 if (strcmp(var, "receive.shallowupdate") == 0) {
151 shallow_update = git_config_bool(var, value);
152 return 0;
153 }
154
155 if (strcmp(var, "receive.certnonceseed") == 0)
156 return git_config_string(&cert_nonce_seed, var, value);
157
158 if (strcmp(var, "receive.certnonceslop") == 0) {
159 nonce_stamp_slop_limit = git_config_ulong(var, value);
160 return 0;
161 }
162
163 return git_default_config(var, value, cb);
164 }
165
166 static void show_ref(const char *path, const unsigned char *sha1)
167 {
168 if (ref_is_hidden(path))
169 return;
170
171 if (sent_capabilities) {
172 packet_write(1, "%s %s\n", sha1_to_hex(sha1), path);
173 } else {
174 struct strbuf cap = STRBUF_INIT;
175
176 strbuf_addstr(&cap,
177 "report-status delete-refs side-band-64k quiet");
178 if (prefer_ofs_delta)
179 strbuf_addstr(&cap, " ofs-delta");
180 if (push_cert_nonce)
181 strbuf_addf(&cap, " push-cert=%s", push_cert_nonce);
182 strbuf_addf(&cap, " agent=%s", git_user_agent_sanitized());
183 packet_write(1, "%s %s%c%s\n",
184 sha1_to_hex(sha1), path, 0, cap.buf);
185 strbuf_release(&cap);
186 sent_capabilities = 1;
187 }
188 }
189
190 static int show_ref_cb(const char *path, const unsigned char *sha1, int flag, void *unused)
191 {
192 path = strip_namespace(path);
193 /*
194 * Advertise refs outside our current namespace as ".have"
195 * refs, so that the client can use them to minimize data
196 * transfer but will otherwise ignore them. This happens to
197 * cover ".have" that are thrown in by add_one_alternate_ref()
198 * to mark histories that are complete in our alternates as
199 * well.
200 */
201 if (!path)
202 path = ".have";
203 show_ref(path, sha1);
204 return 0;
205 }
206
207 static void show_one_alternate_sha1(const unsigned char sha1[20], void *unused)
208 {
209 show_ref(".have", sha1);
210 }
211
212 static void collect_one_alternate_ref(const struct ref *ref, void *data)
213 {
214 struct sha1_array *sa = data;
215 sha1_array_append(sa, ref->old_sha1);
216 }
217
218 static void write_head_info(void)
219 {
220 struct sha1_array sa = SHA1_ARRAY_INIT;
221 for_each_alternate_ref(collect_one_alternate_ref, &sa);
222 sha1_array_for_each_unique(&sa, show_one_alternate_sha1, NULL);
223 sha1_array_clear(&sa);
224 for_each_ref(show_ref_cb, NULL);
225 if (!sent_capabilities)
226 show_ref("capabilities^{}", null_sha1);
227
228 advertise_shallow_grafts(1);
229
230 /* EOF */
231 packet_flush(1);
232 }
233
234 struct command {
235 struct command *next;
236 const char *error_string;
237 unsigned int skip_update:1,
238 did_not_exist:1;
239 int index;
240 unsigned char old_sha1[20];
241 unsigned char new_sha1[20];
242 char ref_name[FLEX_ARRAY]; /* more */
243 };
244
245 static void rp_error(const char *err, ...) __attribute__((format (printf, 1, 2)));
246 static void rp_warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
247
248 static void report_message(const char *prefix, const char *err, va_list params)
249 {
250 int sz = strlen(prefix);
251 char msg[4096];
252
253 strncpy(msg, prefix, sz);
254 sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
255 if (sz > (sizeof(msg) - 1))
256 sz = sizeof(msg) - 1;
257 msg[sz++] = '\n';
258
259 if (use_sideband)
260 send_sideband(1, 2, msg, sz, use_sideband);
261 else
262 xwrite(2, msg, sz);
263 }
264
265 static void rp_warning(const char *err, ...)
266 {
267 va_list params;
268 va_start(params, err);
269 report_message("warning: ", err, params);
270 va_end(params);
271 }
272
273 static void rp_error(const char *err, ...)
274 {
275 va_list params;
276 va_start(params, err);
277 report_message("error: ", err, params);
278 va_end(params);
279 }
280
281 static int copy_to_sideband(int in, int out, void *arg)
282 {
283 char data[128];
284 while (1) {
285 ssize_t sz = xread(in, data, sizeof(data));
286 if (sz <= 0)
287 break;
288 send_sideband(1, 2, data, sz, use_sideband);
289 }
290 close(in);
291 return 0;
292 }
293
294 #define HMAC_BLOCK_SIZE 64
295
296 static void hmac_sha1(unsigned char *out,
297 const char *key_in, size_t key_len,
298 const char *text, size_t text_len)
299 {
300 unsigned char key[HMAC_BLOCK_SIZE];
301 unsigned char k_ipad[HMAC_BLOCK_SIZE];
302 unsigned char k_opad[HMAC_BLOCK_SIZE];
303 int i;
304 git_SHA_CTX ctx;
305
306 /* RFC 2104 2. (1) */
307 memset(key, '\0', HMAC_BLOCK_SIZE);
308 if (HMAC_BLOCK_SIZE < key_len) {
309 git_SHA1_Init(&ctx);
310 git_SHA1_Update(&ctx, key_in, key_len);
311 git_SHA1_Final(key, &ctx);
312 } else {
313 memcpy(key, key_in, key_len);
314 }
315
316 /* RFC 2104 2. (2) & (5) */
317 for (i = 0; i < sizeof(key); i++) {
318 k_ipad[i] = key[i] ^ 0x36;
319 k_opad[i] = key[i] ^ 0x5c;
320 }
321
322 /* RFC 2104 2. (3) & (4) */
323 git_SHA1_Init(&ctx);
324 git_SHA1_Update(&ctx, k_ipad, sizeof(k_ipad));
325 git_SHA1_Update(&ctx, text, text_len);
326 git_SHA1_Final(out, &ctx);
327
328 /* RFC 2104 2. (6) & (7) */
329 git_SHA1_Init(&ctx);
330 git_SHA1_Update(&ctx, k_opad, sizeof(k_opad));
331 git_SHA1_Update(&ctx, out, 20);
332 git_SHA1_Final(out, &ctx);
333 }
334
335 static char *prepare_push_cert_nonce(const char *path, unsigned long stamp)
336 {
337 struct strbuf buf = STRBUF_INIT;
338 unsigned char sha1[20];
339
340 strbuf_addf(&buf, "%s:%lu", path, stamp);
341 hmac_sha1(sha1, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));;
342 strbuf_release(&buf);
343
344 /* RFC 2104 5. HMAC-SHA1-80 */
345 strbuf_addf(&buf, "%lu-%.*s", stamp, 20, sha1_to_hex(sha1));
346 return strbuf_detach(&buf, NULL);
347 }
348
349 /*
350 * NEEDSWORK: reuse find_commit_header() from jk/commit-author-parsing
351 * after dropping "_commit" from its name and possibly moving it out
352 * of commit.c
353 */
354 static char *find_header(const char *msg, size_t len, const char *key)
355 {
356 int key_len = strlen(key);
357 const char *line = msg;
358
359 while (line && line < msg + len) {
360 const char *eol = strchrnul(line, '\n');
361
362 if ((msg + len <= eol) || line == eol)
363 return NULL;
364 if (line + key_len < eol &&
365 !memcmp(line, key, key_len) && line[key_len] == ' ') {
366 int offset = key_len + 1;
367 return xmemdupz(line + offset, (eol - line) - offset);
368 }
369 line = *eol ? eol + 1 : NULL;
370 }
371 return NULL;
372 }
373
374 static const char *check_nonce(const char *buf, size_t len)
375 {
376 char *nonce = find_header(buf, len, "nonce");
377 unsigned long stamp, ostamp;
378 char *bohmac, *expect = NULL;
379 const char *retval = NONCE_BAD;
380
381 if (!nonce) {
382 retval = NONCE_MISSING;
383 goto leave;
384 } else if (!push_cert_nonce) {
385 retval = NONCE_UNSOLICITED;
386 goto leave;
387 } else if (!strcmp(push_cert_nonce, nonce)) {
388 retval = NONCE_OK;
389 goto leave;
390 }
391
392 if (!stateless_rpc) {
393 /* returned nonce MUST match what we gave out earlier */
394 retval = NONCE_BAD;
395 goto leave;
396 }
397
398 /*
399 * In stateless mode, we may be receiving a nonce issued by
400 * another instance of the server that serving the same
401 * repository, and the timestamps may not match, but the
402 * nonce-seed and dir should match, so we can recompute and
403 * report the time slop.
404 *
405 * In addition, when a nonce issued by another instance has
406 * timestamp within receive.certnonceslop seconds, we pretend
407 * as if we issued that nonce when reporting to the hook.
408 */
409
410 /* nonce is concat(<seconds-since-epoch>, "-", <hmac>) */
411 if (*nonce <= '0' || '9' < *nonce) {
412 retval = NONCE_BAD;
413 goto leave;
414 }
415 stamp = strtoul(nonce, &bohmac, 10);
416 if (bohmac == nonce || bohmac[0] != '-') {
417 retval = NONCE_BAD;
418 goto leave;
419 }
420
421 expect = prepare_push_cert_nonce(service_dir, stamp);
422 if (strcmp(expect, nonce)) {
423 /* Not what we would have signed earlier */
424 retval = NONCE_BAD;
425 goto leave;
426 }
427
428 /*
429 * By how many seconds is this nonce stale? Negative value
430 * would mean it was issued by another server with its clock
431 * skewed in the future.
432 */
433 ostamp = strtoul(push_cert_nonce, NULL, 10);
434 nonce_stamp_slop = (long)ostamp - (long)stamp;
435
436 if (nonce_stamp_slop_limit &&
437 abs(nonce_stamp_slop) <= nonce_stamp_slop_limit) {
438 /*
439 * Pretend as if the received nonce (which passes the
440 * HMAC check, so it is not a forged by third-party)
441 * is what we issued.
442 */
443 free((void *)push_cert_nonce);
444 push_cert_nonce = xstrdup(nonce);
445 retval = NONCE_OK;
446 } else {
447 retval = NONCE_SLOP;
448 }
449
450 leave:
451 free(nonce);
452 free(expect);
453 return retval;
454 }
455
456 static void prepare_push_cert_sha1(struct child_process *proc)
457 {
458 static int already_done;
459
460 if (!push_cert.len)
461 return;
462
463 if (!already_done) {
464 struct strbuf gpg_output = STRBUF_INIT;
465 struct strbuf gpg_status = STRBUF_INIT;
466 int bogs /* beginning_of_gpg_sig */;
467
468 already_done = 1;
469 if (write_sha1_file(push_cert.buf, push_cert.len, "blob", push_cert_sha1))
470 hashclr(push_cert_sha1);
471
472 memset(&sigcheck, '\0', sizeof(sigcheck));
473 sigcheck.result = 'N';
474
475 bogs = parse_signature(push_cert.buf, push_cert.len);
476 if (verify_signed_buffer(push_cert.buf, bogs,
477 push_cert.buf + bogs, push_cert.len - bogs,
478 &gpg_output, &gpg_status) < 0) {
479 ; /* error running gpg */
480 } else {
481 sigcheck.payload = push_cert.buf;
482 sigcheck.gpg_output = gpg_output.buf;
483 sigcheck.gpg_status = gpg_status.buf;
484 parse_gpg_output(&sigcheck);
485 }
486
487 strbuf_release(&gpg_output);
488 strbuf_release(&gpg_status);
489 nonce_status = check_nonce(push_cert.buf, bogs);
490 }
491 if (!is_null_sha1(push_cert_sha1)) {
492 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT=%s",
493 sha1_to_hex(push_cert_sha1));
494 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_SIGNER=%s",
495 sigcheck.signer ? sigcheck.signer : "");
496 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_KEY=%s",
497 sigcheck.key ? sigcheck.key : "");
498 argv_array_pushf(&proc->env_array, "GIT_PUSH_CERT_STATUS=%c",
499 sigcheck.result);
500 if (push_cert_nonce) {
501 argv_array_pushf(&proc->env_array,
502 "GIT_PUSH_CERT_NONCE=%s",
503 push_cert_nonce);
504 argv_array_pushf(&proc->env_array,
505 "GIT_PUSH_CERT_NONCE_STATUS=%s",
506 nonce_status);
507 if (nonce_status == NONCE_SLOP)
508 argv_array_pushf(&proc->env_array,
509 "GIT_PUSH_CERT_NONCE_SLOP=%ld",
510 nonce_stamp_slop);
511 }
512 }
513 }
514
515 typedef int (*feed_fn)(void *, const char **, size_t *);
516 static int run_and_feed_hook(const char *hook_name, feed_fn feed, void *feed_state)
517 {
518 struct child_process proc = CHILD_PROCESS_INIT;
519 struct async muxer;
520 const char *argv[2];
521 int code;
522
523 argv[0] = find_hook(hook_name);
524 if (!argv[0])
525 return 0;
526
527 argv[1] = NULL;
528
529 proc.argv = argv;
530 proc.in = -1;
531 proc.stdout_to_stderr = 1;
532
533 if (use_sideband) {
534 memset(&muxer, 0, sizeof(muxer));
535 muxer.proc = copy_to_sideband;
536 muxer.in = -1;
537 code = start_async(&muxer);
538 if (code)
539 return code;
540 proc.err = muxer.in;
541 }
542
543 prepare_push_cert_sha1(&proc);
544
545 code = start_command(&proc);
546 if (code) {
547 if (use_sideband)
548 finish_async(&muxer);
549 return code;
550 }
551
552 sigchain_push(SIGPIPE, SIG_IGN);
553
554 while (1) {
555 const char *buf;
556 size_t n;
557 if (feed(feed_state, &buf, &n))
558 break;
559 if (write_in_full(proc.in, buf, n) != n)
560 break;
561 }
562 close(proc.in);
563 if (use_sideband)
564 finish_async(&muxer);
565
566 sigchain_pop(SIGPIPE);
567
568 return finish_command(&proc);
569 }
570
571 struct receive_hook_feed_state {
572 struct command *cmd;
573 int skip_broken;
574 struct strbuf buf;
575 };
576
577 static int feed_receive_hook(void *state_, const char **bufp, size_t *sizep)
578 {
579 struct receive_hook_feed_state *state = state_;
580 struct command *cmd = state->cmd;
581
582 while (cmd &&
583 state->skip_broken && (cmd->error_string || cmd->did_not_exist))
584 cmd = cmd->next;
585 if (!cmd)
586 return -1; /* EOF */
587 strbuf_reset(&state->buf);
588 strbuf_addf(&state->buf, "%s %s %s\n",
589 sha1_to_hex(cmd->old_sha1), sha1_to_hex(cmd->new_sha1),
590 cmd->ref_name);
591 state->cmd = cmd->next;
592 if (bufp) {
593 *bufp = state->buf.buf;
594 *sizep = state->buf.len;
595 }
596 return 0;
597 }
598
599 static int run_receive_hook(struct command *commands, const char *hook_name,
600 int skip_broken)
601 {
602 struct receive_hook_feed_state state;
603 int status;
604
605 strbuf_init(&state.buf, 0);
606 state.cmd = commands;
607 state.skip_broken = skip_broken;
608 if (feed_receive_hook(&state, NULL, NULL))
609 return 0;
610 state.cmd = commands;
611 status = run_and_feed_hook(hook_name, feed_receive_hook, &state);
612 strbuf_release(&state.buf);
613 return status;
614 }
615
616 static int run_update_hook(struct command *cmd)
617 {
618 const char *argv[5];
619 struct child_process proc = CHILD_PROCESS_INIT;
620 int code;
621
622 argv[0] = find_hook("update");
623 if (!argv[0])
624 return 0;
625
626 argv[1] = cmd->ref_name;
627 argv[2] = sha1_to_hex(cmd->old_sha1);
628 argv[3] = sha1_to_hex(cmd->new_sha1);
629 argv[4] = NULL;
630
631 proc.no_stdin = 1;
632 proc.stdout_to_stderr = 1;
633 proc.err = use_sideband ? -1 : 0;
634 proc.argv = argv;
635
636 code = start_command(&proc);
637 if (code)
638 return code;
639 if (use_sideband)
640 copy_to_sideband(proc.err, -1, NULL);
641 return finish_command(&proc);
642 }
643
644 static int is_ref_checked_out(const char *ref)
645 {
646 if (is_bare_repository())
647 return 0;
648
649 if (!head_name)
650 return 0;
651 return !strcmp(head_name, ref);
652 }
653
654 static char *refuse_unconfigured_deny_msg[] = {
655 "By default, updating the current branch in a non-bare repository",
656 "is denied, because it will make the index and work tree inconsistent",
657 "with what you pushed, and will require 'git reset --hard' to match",
658 "the work tree to HEAD.",
659 "",
660 "You can set 'receive.denyCurrentBranch' configuration variable to",
661 "'ignore' or 'warn' in the remote repository to allow pushing into",
662 "its current branch; however, this is not recommended unless you",
663 "arranged to update its work tree to match what you pushed in some",
664 "other way.",
665 "",
666 "To squelch this message and still keep the default behaviour, set",
667 "'receive.denyCurrentBranch' configuration variable to 'refuse'."
668 };
669
670 static void refuse_unconfigured_deny(void)
671 {
672 int i;
673 for (i = 0; i < ARRAY_SIZE(refuse_unconfigured_deny_msg); i++)
674 rp_error("%s", refuse_unconfigured_deny_msg[i]);
675 }
676
677 static char *refuse_unconfigured_deny_delete_current_msg[] = {
678 "By default, deleting the current branch is denied, because the next",
679 "'git clone' won't result in any file checked out, causing confusion.",
680 "",
681 "You can set 'receive.denyDeleteCurrent' configuration variable to",
682 "'warn' or 'ignore' in the remote repository to allow deleting the",
683 "current branch, with or without a warning message.",
684 "",
685 "To squelch this message, you can set it to 'refuse'."
686 };
687
688 static void refuse_unconfigured_deny_delete_current(void)
689 {
690 int i;
691 for (i = 0;
692 i < ARRAY_SIZE(refuse_unconfigured_deny_delete_current_msg);
693 i++)
694 rp_error("%s", refuse_unconfigured_deny_delete_current_msg[i]);
695 }
696
697 static int command_singleton_iterator(void *cb_data, unsigned char sha1[20]);
698 static int update_shallow_ref(struct command *cmd, struct shallow_info *si)
699 {
700 static struct lock_file shallow_lock;
701 struct sha1_array extra = SHA1_ARRAY_INIT;
702 const char *alt_file;
703 uint32_t mask = 1 << (cmd->index % 32);
704 int i;
705
706 trace_printf_key(&trace_shallow,
707 "shallow: update_shallow_ref %s\n", cmd->ref_name);
708 for (i = 0; i < si->shallow->nr; i++)
709 if (si->used_shallow[i] &&
710 (si->used_shallow[i][cmd->index / 32] & mask) &&
711 !delayed_reachability_test(si, i))
712 sha1_array_append(&extra, si->shallow->sha1[i]);
713
714 setup_alternate_shallow(&shallow_lock, &alt_file, &extra);
715 if (check_shallow_connected(command_singleton_iterator,
716 0, cmd, alt_file)) {
717 rollback_lock_file(&shallow_lock);
718 sha1_array_clear(&extra);
719 return -1;
720 }
721
722 commit_lock_file(&shallow_lock);
723
724 /*
725 * Make sure setup_alternate_shallow() for the next ref does
726 * not lose these new roots..
727 */
728 for (i = 0; i < extra.nr; i++)
729 register_shallow(extra.sha1[i]);
730
731 si->shallow_ref[cmd->index] = 0;
732 sha1_array_clear(&extra);
733 return 0;
734 }
735
736 /*
737 * NEEDSWORK: we should consolidate various implementions of "are we
738 * on an unborn branch?" test into one, and make the unified one more
739 * robust. !get_sha1() based check used here and elsewhere would not
740 * allow us to tell an unborn branch from corrupt ref, for example.
741 * For the purpose of fixing "deploy-to-update does not work when
742 * pushing into an empty repository" issue, this should suffice for
743 * now.
744 */
745 static int head_has_history(void)
746 {
747 unsigned char sha1[20];
748
749 return !get_sha1("HEAD", sha1);
750 }
751
752 static const char *push_to_deploy(unsigned char *sha1,
753 struct argv_array *env,
754 const char *work_tree)
755 {
756 const char *update_refresh[] = {
757 "update-index", "-q", "--ignore-submodules", "--refresh", NULL
758 };
759 const char *diff_files[] = {
760 "diff-files", "--quiet", "--ignore-submodules", "--", NULL
761 };
762 const char *diff_index[] = {
763 "diff-index", "--quiet", "--cached", "--ignore-submodules",
764 NULL, "--", NULL
765 };
766 const char *read_tree[] = {
767 "read-tree", "-u", "-m", NULL, NULL
768 };
769 struct child_process child = CHILD_PROCESS_INIT;
770
771 child.argv = update_refresh;
772 child.env = env->argv;
773 child.dir = work_tree;
774 child.no_stdin = 1;
775 child.stdout_to_stderr = 1;
776 child.git_cmd = 1;
777 if (run_command(&child))
778 return "Up-to-date check failed";
779
780 /* run_command() does not clean up completely; reinitialize */
781 child_process_init(&child);
782 child.argv = diff_files;
783 child.env = env->argv;
784 child.dir = work_tree;
785 child.no_stdin = 1;
786 child.stdout_to_stderr = 1;
787 child.git_cmd = 1;
788 if (run_command(&child))
789 return "Working directory has unstaged changes";
790
791 /* diff-index with either HEAD or an empty tree */
792 diff_index[4] = head_has_history() ? "HEAD" : EMPTY_TREE_SHA1_HEX;
793
794 child_process_init(&child);
795 child.argv = diff_index;
796 child.env = env->argv;
797 child.no_stdin = 1;
798 child.no_stdout = 1;
799 child.stdout_to_stderr = 0;
800 child.git_cmd = 1;
801 if (run_command(&child))
802 return "Working directory has staged changes";
803
804 read_tree[3] = sha1_to_hex(sha1);
805 child_process_init(&child);
806 child.argv = read_tree;
807 child.env = env->argv;
808 child.dir = work_tree;
809 child.no_stdin = 1;
810 child.no_stdout = 1;
811 child.stdout_to_stderr = 0;
812 child.git_cmd = 1;
813 if (run_command(&child))
814 return "Could not update working tree to new HEAD";
815
816 return NULL;
817 }
818
819 static const char *push_to_checkout_hook = "push-to-checkout";
820
821 static const char *push_to_checkout(unsigned char *sha1,
822 struct argv_array *env,
823 const char *work_tree)
824 {
825 argv_array_pushf(env, "GIT_WORK_TREE=%s", absolute_path(work_tree));
826 if (run_hook_le(env->argv, push_to_checkout_hook,
827 sha1_to_hex(sha1), NULL))
828 return "push-to-checkout hook declined";
829 else
830 return NULL;
831 }
832
833 static const char *update_worktree(unsigned char *sha1)
834 {
835 const char *retval;
836 const char *work_tree = git_work_tree_cfg ? git_work_tree_cfg : "..";
837 struct argv_array env = ARGV_ARRAY_INIT;
838
839 if (is_bare_repository())
840 return "denyCurrentBranch = updateInstead needs a worktree";
841
842 argv_array_pushf(&env, "GIT_DIR=%s", absolute_path(get_git_dir()));
843
844 if (!find_hook(push_to_checkout_hook))
845 retval = push_to_deploy(sha1, &env, work_tree);
846 else
847 retval = push_to_checkout(sha1, &env, work_tree);
848
849 argv_array_clear(&env);
850 return retval;
851 }
852
853 static const char *update(struct command *cmd, struct shallow_info *si)
854 {
855 const char *name = cmd->ref_name;
856 struct strbuf namespaced_name_buf = STRBUF_INIT;
857 const char *namespaced_name, *ret;
858 unsigned char *old_sha1 = cmd->old_sha1;
859 unsigned char *new_sha1 = cmd->new_sha1;
860
861 /* only refs/... are allowed */
862 if (!starts_with(name, "refs/") || check_refname_format(name + 5, 0)) {
863 rp_error("refusing to create funny ref '%s' remotely", name);
864 return "funny refname";
865 }
866
867 strbuf_addf(&namespaced_name_buf, "%s%s", get_git_namespace(), name);
868 namespaced_name = strbuf_detach(&namespaced_name_buf, NULL);
869
870 if (is_ref_checked_out(namespaced_name)) {
871 switch (deny_current_branch) {
872 case DENY_IGNORE:
873 break;
874 case DENY_WARN:
875 rp_warning("updating the current branch");
876 break;
877 case DENY_REFUSE:
878 case DENY_UNCONFIGURED:
879 rp_error("refusing to update checked out branch: %s", name);
880 if (deny_current_branch == DENY_UNCONFIGURED)
881 refuse_unconfigured_deny();
882 return "branch is currently checked out";
883 case DENY_UPDATE_INSTEAD:
884 ret = update_worktree(new_sha1);
885 if (ret)
886 return ret;
887 break;
888 }
889 }
890
891 if (!is_null_sha1(new_sha1) && !has_sha1_file(new_sha1)) {
892 error("unpack should have generated %s, "
893 "but I can't find it!", sha1_to_hex(new_sha1));
894 return "bad pack";
895 }
896
897 if (!is_null_sha1(old_sha1) && is_null_sha1(new_sha1)) {
898 if (deny_deletes && starts_with(name, "refs/heads/")) {
899 rp_error("denying ref deletion for %s", name);
900 return "deletion prohibited";
901 }
902
903 if (!strcmp(namespaced_name, head_name)) {
904 switch (deny_delete_current) {
905 case DENY_IGNORE:
906 break;
907 case DENY_WARN:
908 rp_warning("deleting the current branch");
909 break;
910 case DENY_REFUSE:
911 case DENY_UNCONFIGURED:
912 case DENY_UPDATE_INSTEAD:
913 if (deny_delete_current == DENY_UNCONFIGURED)
914 refuse_unconfigured_deny_delete_current();
915 rp_error("refusing to delete the current branch: %s", name);
916 return "deletion of the current branch prohibited";
917 default:
918 return "Invalid denyDeleteCurrent setting";
919 }
920 }
921 }
922
923 if (deny_non_fast_forwards && !is_null_sha1(new_sha1) &&
924 !is_null_sha1(old_sha1) &&
925 starts_with(name, "refs/heads/")) {
926 struct object *old_object, *new_object;
927 struct commit *old_commit, *new_commit;
928
929 old_object = parse_object(old_sha1);
930 new_object = parse_object(new_sha1);
931
932 if (!old_object || !new_object ||
933 old_object->type != OBJ_COMMIT ||
934 new_object->type != OBJ_COMMIT) {
935 error("bad sha1 objects for %s", name);
936 return "bad ref";
937 }
938 old_commit = (struct commit *)old_object;
939 new_commit = (struct commit *)new_object;
940 if (!in_merge_bases(old_commit, new_commit)) {
941 rp_error("denying non-fast-forward %s"
942 " (you should pull first)", name);
943 return "non-fast-forward";
944 }
945 }
946 if (run_update_hook(cmd)) {
947 rp_error("hook declined to update %s", name);
948 return "hook declined";
949 }
950
951 if (is_null_sha1(new_sha1)) {
952 if (!parse_object(old_sha1)) {
953 old_sha1 = NULL;
954 if (ref_exists(name)) {
955 rp_warning("Allowing deletion of corrupt ref.");
956 } else {
957 rp_warning("Deleting a non-existent ref.");
958 cmd->did_not_exist = 1;
959 }
960 }
961 if (delete_ref(namespaced_name, old_sha1, 0)) {
962 rp_error("failed to delete %s", name);
963 return "failed to delete";
964 }
965 return NULL; /* good */
966 }
967 else {
968 struct strbuf err = STRBUF_INIT;
969 struct ref_transaction *transaction;
970
971 if (shallow_update && si->shallow_ref[cmd->index] &&
972 update_shallow_ref(cmd, si))
973 return "shallow error";
974
975 transaction = ref_transaction_begin(&err);
976 if (!transaction ||
977 ref_transaction_update(transaction, namespaced_name,
978 new_sha1, old_sha1, 0, 1, "push",
979 &err) ||
980 ref_transaction_commit(transaction, &err)) {
981 ref_transaction_free(transaction);
982
983 rp_error("%s", err.buf);
984 strbuf_release(&err);
985 return "failed to update ref";
986 }
987
988 ref_transaction_free(transaction);
989 strbuf_release(&err);
990 return NULL; /* good */
991 }
992 }
993
994 static void run_update_post_hook(struct command *commands)
995 {
996 struct command *cmd;
997 int argc;
998 const char **argv;
999 struct child_process proc = CHILD_PROCESS_INIT;
1000 char *hook;
1001
1002 hook = find_hook("post-update");
1003 for (argc = 0, cmd = commands; cmd; cmd = cmd->next) {
1004 if (cmd->error_string || cmd->did_not_exist)
1005 continue;
1006 argc++;
1007 }
1008 if (!argc || !hook)
1009 return;
1010
1011 argv = xmalloc(sizeof(*argv) * (2 + argc));
1012 argv[0] = hook;
1013
1014 for (argc = 1, cmd = commands; cmd; cmd = cmd->next) {
1015 if (cmd->error_string || cmd->did_not_exist)
1016 continue;
1017 argv[argc] = xstrdup(cmd->ref_name);
1018 argc++;
1019 }
1020 argv[argc] = NULL;
1021
1022 proc.no_stdin = 1;
1023 proc.stdout_to_stderr = 1;
1024 proc.err = use_sideband ? -1 : 0;
1025 proc.argv = argv;
1026
1027 if (!start_command(&proc)) {
1028 if (use_sideband)
1029 copy_to_sideband(proc.err, -1, NULL);
1030 finish_command(&proc);
1031 }
1032 }
1033
1034 static void check_aliased_update(struct command *cmd, struct string_list *list)
1035 {
1036 struct strbuf buf = STRBUF_INIT;
1037 const char *dst_name;
1038 struct string_list_item *item;
1039 struct command *dst_cmd;
1040 unsigned char sha1[20];
1041 char cmd_oldh[41], cmd_newh[41], dst_oldh[41], dst_newh[41];
1042 int flag;
1043
1044 strbuf_addf(&buf, "%s%s", get_git_namespace(), cmd->ref_name);
1045 dst_name = resolve_ref_unsafe(buf.buf, 0, sha1, &flag);
1046 strbuf_release(&buf);
1047
1048 if (!(flag & REF_ISSYMREF))
1049 return;
1050
1051 dst_name = strip_namespace(dst_name);
1052 if (!dst_name) {
1053 rp_error("refusing update to broken symref '%s'", cmd->ref_name);
1054 cmd->skip_update = 1;
1055 cmd->error_string = "broken symref";
1056 return;
1057 }
1058
1059 if ((item = string_list_lookup(list, dst_name)) == NULL)
1060 return;
1061
1062 cmd->skip_update = 1;
1063
1064 dst_cmd = (struct command *) item->util;
1065
1066 if (!hashcmp(cmd->old_sha1, dst_cmd->old_sha1) &&
1067 !hashcmp(cmd->new_sha1, dst_cmd->new_sha1))
1068 return;
1069
1070 dst_cmd->skip_update = 1;
1071
1072 strcpy(cmd_oldh, find_unique_abbrev(cmd->old_sha1, DEFAULT_ABBREV));
1073 strcpy(cmd_newh, find_unique_abbrev(cmd->new_sha1, DEFAULT_ABBREV));
1074 strcpy(dst_oldh, find_unique_abbrev(dst_cmd->old_sha1, DEFAULT_ABBREV));
1075 strcpy(dst_newh, find_unique_abbrev(dst_cmd->new_sha1, DEFAULT_ABBREV));
1076 rp_error("refusing inconsistent update between symref '%s' (%s..%s) and"
1077 " its target '%s' (%s..%s)",
1078 cmd->ref_name, cmd_oldh, cmd_newh,
1079 dst_cmd->ref_name, dst_oldh, dst_newh);
1080
1081 cmd->error_string = dst_cmd->error_string =
1082 "inconsistent aliased update";
1083 }
1084
1085 static void check_aliased_updates(struct command *commands)
1086 {
1087 struct command *cmd;
1088 struct string_list ref_list = STRING_LIST_INIT_NODUP;
1089
1090 for (cmd = commands; cmd; cmd = cmd->next) {
1091 struct string_list_item *item =
1092 string_list_append(&ref_list, cmd->ref_name);
1093 item->util = (void *)cmd;
1094 }
1095 sort_string_list(&ref_list);
1096
1097 for (cmd = commands; cmd; cmd = cmd->next) {
1098 if (!cmd->error_string)
1099 check_aliased_update(cmd, &ref_list);
1100 }
1101
1102 string_list_clear(&ref_list, 0);
1103 }
1104
1105 static int command_singleton_iterator(void *cb_data, unsigned char sha1[20])
1106 {
1107 struct command **cmd_list = cb_data;
1108 struct command *cmd = *cmd_list;
1109
1110 if (!cmd || is_null_sha1(cmd->new_sha1))
1111 return -1; /* end of list */
1112 *cmd_list = NULL; /* this returns only one */
1113 hashcpy(sha1, cmd->new_sha1);
1114 return 0;
1115 }
1116
1117 static void set_connectivity_errors(struct command *commands,
1118 struct shallow_info *si)
1119 {
1120 struct command *cmd;
1121
1122 for (cmd = commands; cmd; cmd = cmd->next) {
1123 struct command *singleton = cmd;
1124 if (shallow_update && si->shallow_ref[cmd->index])
1125 /* to be checked in update_shallow_ref() */
1126 continue;
1127 if (!check_everything_connected(command_singleton_iterator,
1128 0, &singleton))
1129 continue;
1130 cmd->error_string = "missing necessary objects";
1131 }
1132 }
1133
1134 struct iterate_data {
1135 struct command *cmds;
1136 struct shallow_info *si;
1137 };
1138
1139 static int iterate_receive_command_list(void *cb_data, unsigned char sha1[20])
1140 {
1141 struct iterate_data *data = cb_data;
1142 struct command **cmd_list = &data->cmds;
1143 struct command *cmd = *cmd_list;
1144
1145 for (; cmd; cmd = cmd->next) {
1146 if (shallow_update && data->si->shallow_ref[cmd->index])
1147 /* to be checked in update_shallow_ref() */
1148 continue;
1149 if (!is_null_sha1(cmd->new_sha1) && !cmd->skip_update) {
1150 hashcpy(sha1, cmd->new_sha1);
1151 *cmd_list = cmd->next;
1152 return 0;
1153 }
1154 }
1155 *cmd_list = NULL;
1156 return -1; /* end of list */
1157 }
1158
1159 static void reject_updates_to_hidden(struct command *commands)
1160 {
1161 struct command *cmd;
1162
1163 for (cmd = commands; cmd; cmd = cmd->next) {
1164 if (cmd->error_string || !ref_is_hidden(cmd->ref_name))
1165 continue;
1166 if (is_null_sha1(cmd->new_sha1))
1167 cmd->error_string = "deny deleting a hidden ref";
1168 else
1169 cmd->error_string = "deny updating a hidden ref";
1170 }
1171 }
1172
1173 static void execute_commands(struct command *commands,
1174 const char *unpacker_error,
1175 struct shallow_info *si)
1176 {
1177 int checked_connectivity;
1178 struct command *cmd;
1179 unsigned char sha1[20];
1180 struct iterate_data data;
1181
1182 if (unpacker_error) {
1183 for (cmd = commands; cmd; cmd = cmd->next)
1184 cmd->error_string = "unpacker error";
1185 return;
1186 }
1187
1188 data.cmds = commands;
1189 data.si = si;
1190 if (check_everything_connected(iterate_receive_command_list, 0, &data))
1191 set_connectivity_errors(commands, si);
1192
1193 reject_updates_to_hidden(commands);
1194
1195 if (run_receive_hook(commands, "pre-receive", 0)) {
1196 for (cmd = commands; cmd; cmd = cmd->next) {
1197 if (!cmd->error_string)
1198 cmd->error_string = "pre-receive hook declined";
1199 }
1200 return;
1201 }
1202
1203 check_aliased_updates(commands);
1204
1205 free(head_name_to_free);
1206 head_name = head_name_to_free = resolve_refdup("HEAD", 0, sha1, NULL);
1207
1208 checked_connectivity = 1;
1209 for (cmd = commands; cmd; cmd = cmd->next) {
1210 if (cmd->error_string)
1211 continue;
1212
1213 if (cmd->skip_update)
1214 continue;
1215
1216 cmd->error_string = update(cmd, si);
1217 if (shallow_update && !cmd->error_string &&
1218 si->shallow_ref[cmd->index]) {
1219 error("BUG: connectivity check has not been run on ref %s",
1220 cmd->ref_name);
1221 checked_connectivity = 0;
1222 }
1223 }
1224
1225 if (shallow_update && !checked_connectivity)
1226 error("BUG: run 'git fsck' for safety.\n"
1227 "If there are errors, try to remove "
1228 "the reported refs above");
1229 }
1230
1231 static struct command **queue_command(struct command **tail,
1232 const char *line,
1233 int linelen)
1234 {
1235 unsigned char old_sha1[20], new_sha1[20];
1236 struct command *cmd;
1237 const char *refname;
1238 int reflen;
1239
1240 if (linelen < 83 ||
1241 line[40] != ' ' ||
1242 line[81] != ' ' ||
1243 get_sha1_hex(line, old_sha1) ||
1244 get_sha1_hex(line + 41, new_sha1))
1245 die("protocol error: expected old/new/ref, got '%s'", line);
1246
1247 refname = line + 82;
1248 reflen = linelen - 82;
1249 cmd = xcalloc(1, sizeof(struct command) + reflen + 1);
1250 hashcpy(cmd->old_sha1, old_sha1);
1251 hashcpy(cmd->new_sha1, new_sha1);
1252 memcpy(cmd->ref_name, refname, reflen);
1253 cmd->ref_name[reflen] = '\0';
1254 *tail = cmd;
1255 return &cmd->next;
1256 }
1257
1258 static void queue_commands_from_cert(struct command **tail,
1259 struct strbuf *push_cert)
1260 {
1261 const char *boc, *eoc;
1262
1263 if (*tail)
1264 die("protocol error: got both push certificate and unsigned commands");
1265
1266 boc = strstr(push_cert->buf, "\n\n");
1267 if (!boc)
1268 die("malformed push certificate %.*s", 100, push_cert->buf);
1269 else
1270 boc += 2;
1271 eoc = push_cert->buf + parse_signature(push_cert->buf, push_cert->len);
1272
1273 while (boc < eoc) {
1274 const char *eol = memchr(boc, '\n', eoc - boc);
1275 tail = queue_command(tail, boc, eol ? eol - boc : eoc - eol);
1276 boc = eol ? eol + 1 : eoc;
1277 }
1278 }
1279
1280 static struct command *read_head_info(struct sha1_array *shallow)
1281 {
1282 struct command *commands = NULL;
1283 struct command **p = &commands;
1284 for (;;) {
1285 char *line;
1286 int len, linelen;
1287
1288 line = packet_read_line(0, &len);
1289 if (!line)
1290 break;
1291
1292 if (len == 48 && starts_with(line, "shallow ")) {
1293 unsigned char sha1[20];
1294 if (get_sha1_hex(line + 8, sha1))
1295 die("protocol error: expected shallow sha, got '%s'",
1296 line + 8);
1297 sha1_array_append(shallow, sha1);
1298 continue;
1299 }
1300
1301 linelen = strlen(line);
1302 if (linelen < len) {
1303 const char *feature_list = line + linelen + 1;
1304 if (parse_feature_request(feature_list, "report-status"))
1305 report_status = 1;
1306 if (parse_feature_request(feature_list, "side-band-64k"))
1307 use_sideband = LARGE_PACKET_MAX;
1308 if (parse_feature_request(feature_list, "quiet"))
1309 quiet = 1;
1310 }
1311
1312 if (!strcmp(line, "push-cert")) {
1313 int true_flush = 0;
1314 char certbuf[1024];
1315
1316 for (;;) {
1317 len = packet_read(0, NULL, NULL,
1318 certbuf, sizeof(certbuf), 0);
1319 if (!len) {
1320 true_flush = 1;
1321 break;
1322 }
1323 if (!strcmp(certbuf, "push-cert-end\n"))
1324 break; /* end of cert */
1325 strbuf_addstr(&push_cert, certbuf);
1326 }
1327
1328 if (true_flush)
1329 break;
1330 continue;
1331 }
1332
1333 p = queue_command(p, line, linelen);
1334 }
1335
1336 if (push_cert.len)
1337 queue_commands_from_cert(p, &push_cert);
1338
1339 return commands;
1340 }
1341
1342 static const char *parse_pack_header(struct pack_header *hdr)
1343 {
1344 switch (read_pack_header(0, hdr)) {
1345 case PH_ERROR_EOF:
1346 return "eof before pack header was fully read";
1347
1348 case PH_ERROR_PACK_SIGNATURE:
1349 return "protocol error (pack signature mismatch detected)";
1350
1351 case PH_ERROR_PROTOCOL:
1352 return "protocol error (pack version unsupported)";
1353
1354 default:
1355 return "unknown error in parse_pack_header";
1356
1357 case 0:
1358 return NULL;
1359 }
1360 }
1361
1362 static const char *pack_lockfile;
1363
1364 static const char *unpack(int err_fd, struct shallow_info *si)
1365 {
1366 struct pack_header hdr;
1367 const char *hdr_err;
1368 int status;
1369 char hdr_arg[38];
1370 struct child_process child = CHILD_PROCESS_INIT;
1371 int fsck_objects = (receive_fsck_objects >= 0
1372 ? receive_fsck_objects
1373 : transfer_fsck_objects >= 0
1374 ? transfer_fsck_objects
1375 : 0);
1376
1377 hdr_err = parse_pack_header(&hdr);
1378 if (hdr_err) {
1379 if (err_fd > 0)
1380 close(err_fd);
1381 return hdr_err;
1382 }
1383 snprintf(hdr_arg, sizeof(hdr_arg),
1384 "--pack_header=%"PRIu32",%"PRIu32,
1385 ntohl(hdr.hdr_version), ntohl(hdr.hdr_entries));
1386
1387 if (si->nr_ours || si->nr_theirs) {
1388 alt_shallow_file = setup_temporary_shallow(si->shallow);
1389 argv_array_push(&child.args, "--shallow-file");
1390 argv_array_push(&child.args, alt_shallow_file);
1391 }
1392
1393 if (ntohl(hdr.hdr_entries) < unpack_limit) {
1394 argv_array_pushl(&child.args, "unpack-objects", hdr_arg, NULL);
1395 if (quiet)
1396 argv_array_push(&child.args, "-q");
1397 if (fsck_objects)
1398 argv_array_push(&child.args, "--strict");
1399 child.no_stdout = 1;
1400 child.err = err_fd;
1401 child.git_cmd = 1;
1402 status = run_command(&child);
1403 if (status)
1404 return "unpack-objects abnormal exit";
1405 } else {
1406 int s;
1407 char keep_arg[256];
1408
1409 s = sprintf(keep_arg, "--keep=receive-pack %"PRIuMAX" on ", (uintmax_t) getpid());
1410 if (gethostname(keep_arg + s, sizeof(keep_arg) - s))
1411 strcpy(keep_arg + s, "localhost");
1412
1413 argv_array_pushl(&child.args, "index-pack",
1414 "--stdin", hdr_arg, keep_arg, NULL);
1415 if (fsck_objects)
1416 argv_array_push(&child.args, "--strict");
1417 if (fix_thin)
1418 argv_array_push(&child.args, "--fix-thin");
1419 child.out = -1;
1420 child.err = err_fd;
1421 child.git_cmd = 1;
1422 status = start_command(&child);
1423 if (status)
1424 return "index-pack fork failed";
1425 pack_lockfile = index_pack_lockfile(child.out);
1426 close(child.out);
1427 status = finish_command(&child);
1428 if (status)
1429 return "index-pack abnormal exit";
1430 reprepare_packed_git();
1431 }
1432 return NULL;
1433 }
1434
1435 static const char *unpack_with_sideband(struct shallow_info *si)
1436 {
1437 struct async muxer;
1438 const char *ret;
1439
1440 if (!use_sideband)
1441 return unpack(0, si);
1442
1443 memset(&muxer, 0, sizeof(muxer));
1444 muxer.proc = copy_to_sideband;
1445 muxer.in = -1;
1446 if (start_async(&muxer))
1447 return NULL;
1448
1449 ret = unpack(muxer.in, si);
1450
1451 finish_async(&muxer);
1452 return ret;
1453 }
1454
1455 static void prepare_shallow_update(struct command *commands,
1456 struct shallow_info *si)
1457 {
1458 int i, j, k, bitmap_size = (si->ref->nr + 31) / 32;
1459
1460 si->used_shallow = xmalloc(sizeof(*si->used_shallow) *
1461 si->shallow->nr);
1462 assign_shallow_commits_to_refs(si, si->used_shallow, NULL);
1463
1464 si->need_reachability_test =
1465 xcalloc(si->shallow->nr, sizeof(*si->need_reachability_test));
1466 si->reachable =
1467 xcalloc(si->shallow->nr, sizeof(*si->reachable));
1468 si->shallow_ref = xcalloc(si->ref->nr, sizeof(*si->shallow_ref));
1469
1470 for (i = 0; i < si->nr_ours; i++)
1471 si->need_reachability_test[si->ours[i]] = 1;
1472
1473 for (i = 0; i < si->shallow->nr; i++) {
1474 if (!si->used_shallow[i])
1475 continue;
1476 for (j = 0; j < bitmap_size; j++) {
1477 if (!si->used_shallow[i][j])
1478 continue;
1479 si->need_reachability_test[i]++;
1480 for (k = 0; k < 32; k++)
1481 if (si->used_shallow[i][j] & (1 << k))
1482 si->shallow_ref[j * 32 + k]++;
1483 }
1484
1485 /*
1486 * true for those associated with some refs and belong
1487 * in "ours" list aka "step 7 not done yet"
1488 */
1489 si->need_reachability_test[i] =
1490 si->need_reachability_test[i] > 1;
1491 }
1492
1493 /*
1494 * keep hooks happy by forcing a temporary shallow file via
1495 * env variable because we can't add --shallow-file to every
1496 * command. check_everything_connected() will be done with
1497 * true .git/shallow though.
1498 */
1499 setenv(GIT_SHALLOW_FILE_ENVIRONMENT, alt_shallow_file, 1);
1500 }
1501
1502 static void update_shallow_info(struct command *commands,
1503 struct shallow_info *si,
1504 struct sha1_array *ref)
1505 {
1506 struct command *cmd;
1507 int *ref_status;
1508 remove_nonexistent_theirs_shallow(si);
1509 if (!si->nr_ours && !si->nr_theirs) {
1510 shallow_update = 0;
1511 return;
1512 }
1513
1514 for (cmd = commands; cmd; cmd = cmd->next) {
1515 if (is_null_sha1(cmd->new_sha1))
1516 continue;
1517 sha1_array_append(ref, cmd->new_sha1);
1518 cmd->index = ref->nr - 1;
1519 }
1520 si->ref = ref;
1521
1522 if (shallow_update) {
1523 prepare_shallow_update(commands, si);
1524 return;
1525 }
1526
1527 ref_status = xmalloc(sizeof(*ref_status) * ref->nr);
1528 assign_shallow_commits_to_refs(si, NULL, ref_status);
1529 for (cmd = commands; cmd; cmd = cmd->next) {
1530 if (is_null_sha1(cmd->new_sha1))
1531 continue;
1532 if (ref_status[cmd->index]) {
1533 cmd->error_string = "shallow update not allowed";
1534 cmd->skip_update = 1;
1535 }
1536 }
1537 free(ref_status);
1538 }
1539
1540 static void report(struct command *commands, const char *unpack_status)
1541 {
1542 struct command *cmd;
1543 struct strbuf buf = STRBUF_INIT;
1544
1545 packet_buf_write(&buf, "unpack %s\n",
1546 unpack_status ? unpack_status : "ok");
1547 for (cmd = commands; cmd; cmd = cmd->next) {
1548 if (!cmd->error_string)
1549 packet_buf_write(&buf, "ok %s\n",
1550 cmd->ref_name);
1551 else
1552 packet_buf_write(&buf, "ng %s %s\n",
1553 cmd->ref_name, cmd->error_string);
1554 }
1555 packet_buf_flush(&buf);
1556
1557 if (use_sideband)
1558 send_sideband(1, 1, buf.buf, buf.len, use_sideband);
1559 else
1560 write_or_die(1, buf.buf, buf.len);
1561 strbuf_release(&buf);
1562 }
1563
1564 static int delete_only(struct command *commands)
1565 {
1566 struct command *cmd;
1567 for (cmd = commands; cmd; cmd = cmd->next) {
1568 if (!is_null_sha1(cmd->new_sha1))
1569 return 0;
1570 }
1571 return 1;
1572 }
1573
1574 int cmd_receive_pack(int argc, const char **argv, const char *prefix)
1575 {
1576 int advertise_refs = 0;
1577 int i;
1578 struct command *commands;
1579 struct sha1_array shallow = SHA1_ARRAY_INIT;
1580 struct sha1_array ref = SHA1_ARRAY_INIT;
1581 struct shallow_info si;
1582
1583 packet_trace_identity("receive-pack");
1584
1585 argv++;
1586 for (i = 1; i < argc; i++) {
1587 const char *arg = *argv++;
1588
1589 if (*arg == '-') {
1590 if (!strcmp(arg, "--quiet")) {
1591 quiet = 1;
1592 continue;
1593 }
1594
1595 if (!strcmp(arg, "--advertise-refs")) {
1596 advertise_refs = 1;
1597 continue;
1598 }
1599 if (!strcmp(arg, "--stateless-rpc")) {
1600 stateless_rpc = 1;
1601 continue;
1602 }
1603 if (!strcmp(arg, "--reject-thin-pack-for-testing")) {
1604 fix_thin = 0;
1605 continue;
1606 }
1607
1608 usage(receive_pack_usage);
1609 }
1610 if (service_dir)
1611 usage(receive_pack_usage);
1612 service_dir = arg;
1613 }
1614 if (!service_dir)
1615 usage(receive_pack_usage);
1616
1617 setup_path();
1618
1619 if (!enter_repo(service_dir, 0))
1620 die("'%s' does not appear to be a git repository", service_dir);
1621
1622 git_config(receive_pack_config, NULL);
1623 if (cert_nonce_seed)
1624 push_cert_nonce = prepare_push_cert_nonce(service_dir, time(NULL));
1625
1626 if (0 <= transfer_unpack_limit)
1627 unpack_limit = transfer_unpack_limit;
1628 else if (0 <= receive_unpack_limit)
1629 unpack_limit = receive_unpack_limit;
1630
1631 if (advertise_refs || !stateless_rpc) {
1632 write_head_info();
1633 }
1634 if (advertise_refs)
1635 return 0;
1636
1637 if ((commands = read_head_info(&shallow)) != NULL) {
1638 const char *unpack_status = NULL;
1639
1640 prepare_shallow_info(&si, &shallow);
1641 if (!si.nr_ours && !si.nr_theirs)
1642 shallow_update = 0;
1643 if (!delete_only(commands)) {
1644 unpack_status = unpack_with_sideband(&si);
1645 update_shallow_info(commands, &si, &ref);
1646 }
1647 execute_commands(commands, unpack_status, &si);
1648 if (pack_lockfile)
1649 unlink_or_warn(pack_lockfile);
1650 if (report_status)
1651 report(commands, unpack_status);
1652 run_receive_hook(commands, "post-receive", 1);
1653 run_update_post_hook(commands);
1654 if (auto_gc) {
1655 const char *argv_gc_auto[] = {
1656 "gc", "--auto", "--quiet", NULL,
1657 };
1658 int opt = RUN_GIT_CMD | RUN_COMMAND_STDOUT_TO_STDERR;
1659 run_command_v_opt(argv_gc_auto, opt);
1660 }
1661 if (auto_update_server_info)
1662 update_server_info(0);
1663 clear_shallow_info(&si);
1664 }
1665 if (use_sideband)
1666 packet_flush(1);
1667 sha1_array_clear(&shallow);
1668 sha1_array_clear(&ref);
1669 free((void *)push_cert_nonce);
1670 return 0;
1671 }
The Best VCS Around