builtin/receive-pack: use check_signature from gpg-interface
[git.git] / transport.c
bloba32da30dee6f4e38433b68d7c9f7e9404aa58858
1 #include "cache.h"
2 #include "config.h"
3 #include "transport.h"
4 #include "run-command.h"
5 #include "pkt-line.h"
6 #include "fetch-pack.h"
7 #include "remote.h"
8 #include "connect.h"
9 #include "send-pack.h"
10 #include "walker.h"
11 #include "bundle.h"
12 #include "dir.h"
13 #include "refs.h"
14 #include "refspec.h"
15 #include "branch.h"
16 #include "url.h"
17 #include "submodule.h"
18 #include "string-list.h"
19 #include "sha1-array.h"
20 #include "sigchain.h"
21 #include "transport-internal.h"
22 #include "protocol.h"
23 #include "object-store.h"
24 #include "color.h"
26 static int transport_use_color = -1;
27 static char transport_colors[][COLOR_MAXLEN] = {
28 GIT_COLOR_RESET,
29 GIT_COLOR_RED /* REJECTED */
32 enum color_transport {
33 TRANSPORT_COLOR_RESET = 0,
34 TRANSPORT_COLOR_REJECTED = 1
37 static int transport_color_config(void)
39 const char *keys[] = {
40 "color.transport.reset",
41 "color.transport.rejected"
42 }, *key = "color.transport";
43 char *value;
44 int i;
45 static int initialized;
47 if (initialized)
48 return 0;
49 initialized = 1;
51 if (!git_config_get_string(key, &value))
52 transport_use_color = git_config_colorbool(key, value);
54 if (!want_color_stderr(transport_use_color))
55 return 0;
57 for (i = 0; i < ARRAY_SIZE(keys); i++)
58 if (!git_config_get_string(keys[i], &value)) {
59 if (!value)
60 return config_error_nonbool(keys[i]);
61 if (color_parse(value, transport_colors[i]) < 0)
62 return -1;
65 return 0;
68 static const char *transport_get_color(enum color_transport ix)
70 if (want_color_stderr(transport_use_color))
71 return transport_colors[ix];
72 return "";
75 static void set_upstreams(struct transport *transport, struct ref *refs,
76 int pretend)
78 struct ref *ref;
79 for (ref = refs; ref; ref = ref->next) {
80 const char *localname;
81 const char *tmp;
82 const char *remotename;
83 int flag = 0;
85 * Check suitability for tracking. Must be successful /
86 * already up-to-date ref create/modify (not delete).
88 if (ref->status != REF_STATUS_OK &&
89 ref->status != REF_STATUS_UPTODATE)
90 continue;
91 if (!ref->peer_ref)
92 continue;
93 if (is_null_oid(&ref->new_oid))
94 continue;
96 /* Follow symbolic refs (mainly for HEAD). */
97 localname = ref->peer_ref->name;
98 remotename = ref->name;
99 tmp = resolve_ref_unsafe(localname, RESOLVE_REF_READING,
100 NULL, &flag);
101 if (tmp && flag & REF_ISSYMREF &&
102 starts_with(tmp, "refs/heads/"))
103 localname = tmp;
105 /* Both source and destination must be local branches. */
106 if (!localname || !starts_with(localname, "refs/heads/"))
107 continue;
108 if (!remotename || !starts_with(remotename, "refs/heads/"))
109 continue;
111 if (!pretend)
112 install_branch_config(BRANCH_CONFIG_VERBOSE,
113 localname + 11, transport->remote->name,
114 remotename);
115 else
116 printf(_("Would set upstream of '%s' to '%s' of '%s'\n"),
117 localname + 11, remotename + 11,
118 transport->remote->name);
122 struct bundle_transport_data {
123 int fd;
124 struct bundle_header header;
127 static struct ref *get_refs_from_bundle(struct transport *transport,
128 int for_push,
129 const struct argv_array *ref_prefixes)
131 struct bundle_transport_data *data = transport->data;
132 struct ref *result = NULL;
133 int i;
135 if (for_push)
136 return NULL;
138 if (data->fd > 0)
139 close(data->fd);
140 data->fd = read_bundle_header(transport->url, &data->header);
141 if (data->fd < 0)
142 die ("Could not read bundle '%s'.", transport->url);
143 for (i = 0; i < data->header.references.nr; i++) {
144 struct ref_list_entry *e = data->header.references.list + i;
145 struct ref *ref = alloc_ref(e->name);
146 oidcpy(&ref->old_oid, &e->oid);
147 ref->next = result;
148 result = ref;
150 return result;
153 static int fetch_refs_from_bundle(struct transport *transport,
154 int nr_heads, struct ref **to_fetch)
156 struct bundle_transport_data *data = transport->data;
157 return unbundle(&data->header, data->fd,
158 transport->progress ? BUNDLE_VERBOSE : 0);
161 static int close_bundle(struct transport *transport)
163 struct bundle_transport_data *data = transport->data;
164 if (data->fd > 0)
165 close(data->fd);
166 free(data);
167 return 0;
170 struct git_transport_data {
171 struct git_transport_options options;
172 struct child_process *conn;
173 int fd[2];
174 unsigned got_remote_heads : 1;
175 enum protocol_version version;
176 struct oid_array extra_have;
177 struct oid_array shallow;
180 static int set_git_option(struct git_transport_options *opts,
181 const char *name, const char *value)
183 if (!strcmp(name, TRANS_OPT_UPLOADPACK)) {
184 opts->uploadpack = value;
185 return 0;
186 } else if (!strcmp(name, TRANS_OPT_RECEIVEPACK)) {
187 opts->receivepack = value;
188 return 0;
189 } else if (!strcmp(name, TRANS_OPT_THIN)) {
190 opts->thin = !!value;
191 return 0;
192 } else if (!strcmp(name, TRANS_OPT_FOLLOWTAGS)) {
193 opts->followtags = !!value;
194 return 0;
195 } else if (!strcmp(name, TRANS_OPT_KEEP)) {
196 opts->keep = !!value;
197 return 0;
198 } else if (!strcmp(name, TRANS_OPT_UPDATE_SHALLOW)) {
199 opts->update_shallow = !!value;
200 return 0;
201 } else if (!strcmp(name, TRANS_OPT_DEPTH)) {
202 if (!value)
203 opts->depth = 0;
204 else {
205 char *end;
206 opts->depth = strtol(value, &end, 0);
207 if (*end)
208 die(_("transport: invalid depth option '%s'"), value);
210 return 0;
211 } else if (!strcmp(name, TRANS_OPT_DEEPEN_SINCE)) {
212 opts->deepen_since = value;
213 return 0;
214 } else if (!strcmp(name, TRANS_OPT_DEEPEN_NOT)) {
215 opts->deepen_not = (const struct string_list *)value;
216 return 0;
217 } else if (!strcmp(name, TRANS_OPT_DEEPEN_RELATIVE)) {
218 opts->deepen_relative = !!value;
219 return 0;
220 } else if (!strcmp(name, TRANS_OPT_FROM_PROMISOR)) {
221 opts->from_promisor = !!value;
222 return 0;
223 } else if (!strcmp(name, TRANS_OPT_NO_DEPENDENTS)) {
224 opts->no_dependents = !!value;
225 return 0;
226 } else if (!strcmp(name, TRANS_OPT_LIST_OBJECTS_FILTER)) {
227 parse_list_objects_filter(&opts->filter_options, value);
228 return 0;
230 return 1;
233 static int connect_setup(struct transport *transport, int for_push)
235 struct git_transport_data *data = transport->data;
236 int flags = transport->verbose > 0 ? CONNECT_VERBOSE : 0;
238 if (data->conn)
239 return 0;
241 switch (transport->family) {
242 case TRANSPORT_FAMILY_ALL: break;
243 case TRANSPORT_FAMILY_IPV4: flags |= CONNECT_IPV4; break;
244 case TRANSPORT_FAMILY_IPV6: flags |= CONNECT_IPV6; break;
247 data->conn = git_connect(data->fd, transport->url,
248 for_push ? data->options.receivepack :
249 data->options.uploadpack,
250 flags);
252 return 0;
255 static struct ref *get_refs_via_connect(struct transport *transport, int for_push,
256 const struct argv_array *ref_prefixes)
258 struct git_transport_data *data = transport->data;
259 struct ref *refs = NULL;
260 struct packet_reader reader;
262 connect_setup(transport, for_push);
264 packet_reader_init(&reader, data->fd[0], NULL, 0,
265 PACKET_READ_CHOMP_NEWLINE |
266 PACKET_READ_GENTLE_ON_EOF);
268 data->version = discover_version(&reader);
269 switch (data->version) {
270 case protocol_v2:
271 get_remote_refs(data->fd[1], &reader, &refs, for_push,
272 ref_prefixes, transport->server_options);
273 break;
274 case protocol_v1:
275 case protocol_v0:
276 get_remote_heads(&reader, &refs,
277 for_push ? REF_NORMAL : 0,
278 &data->extra_have,
279 &data->shallow);
280 break;
281 case protocol_unknown_version:
282 BUG("unknown protocol version");
284 data->got_remote_heads = 1;
286 return refs;
289 static int fetch_refs_via_pack(struct transport *transport,
290 int nr_heads, struct ref **to_fetch)
292 int ret = 0;
293 struct git_transport_data *data = transport->data;
294 struct ref *refs = NULL;
295 char *dest = xstrdup(transport->url);
296 struct fetch_pack_args args;
297 struct ref *refs_tmp = NULL;
299 memset(&args, 0, sizeof(args));
300 args.uploadpack = data->options.uploadpack;
301 args.keep_pack = data->options.keep;
302 args.lock_pack = 1;
303 args.use_thin_pack = data->options.thin;
304 args.include_tag = data->options.followtags;
305 args.verbose = (transport->verbose > 1);
306 args.quiet = (transport->verbose < 0);
307 args.no_progress = !transport->progress;
308 args.depth = data->options.depth;
309 args.deepen_since = data->options.deepen_since;
310 args.deepen_not = data->options.deepen_not;
311 args.deepen_relative = data->options.deepen_relative;
312 args.check_self_contained_and_connected =
313 data->options.check_self_contained_and_connected;
314 args.cloning = transport->cloning;
315 args.update_shallow = data->options.update_shallow;
316 args.from_promisor = data->options.from_promisor;
317 args.no_dependents = data->options.no_dependents;
318 args.filter_options = data->options.filter_options;
319 args.stateless_rpc = transport->stateless_rpc;
320 args.server_options = transport->server_options;
322 if (!data->got_remote_heads)
323 refs_tmp = get_refs_via_connect(transport, 0, NULL);
325 switch (data->version) {
326 case protocol_v2:
327 refs = fetch_pack(&args, data->fd, data->conn,
328 refs_tmp ? refs_tmp : transport->remote_refs,
329 dest, to_fetch, nr_heads, &data->shallow,
330 &transport->pack_lockfile, data->version);
331 break;
332 case protocol_v1:
333 case protocol_v0:
334 refs = fetch_pack(&args, data->fd, data->conn,
335 refs_tmp ? refs_tmp : transport->remote_refs,
336 dest, to_fetch, nr_heads, &data->shallow,
337 &transport->pack_lockfile, data->version);
338 break;
339 case protocol_unknown_version:
340 BUG("unknown protocol version");
343 close(data->fd[0]);
344 close(data->fd[1]);
345 if (finish_connect(data->conn))
346 ret = -1;
347 data->conn = NULL;
348 data->got_remote_heads = 0;
349 data->options.self_contained_and_connected =
350 args.self_contained_and_connected;
352 if (refs == NULL)
353 ret = -1;
354 if (report_unmatched_refs(to_fetch, nr_heads))
355 ret = -1;
357 free_refs(refs_tmp);
358 free_refs(refs);
359 free(dest);
360 return ret;
363 static int push_had_errors(struct ref *ref)
365 for (; ref; ref = ref->next) {
366 switch (ref->status) {
367 case REF_STATUS_NONE:
368 case REF_STATUS_UPTODATE:
369 case REF_STATUS_OK:
370 break;
371 default:
372 return 1;
375 return 0;
378 int transport_refs_pushed(struct ref *ref)
380 for (; ref; ref = ref->next) {
381 switch(ref->status) {
382 case REF_STATUS_NONE:
383 case REF_STATUS_UPTODATE:
384 break;
385 default:
386 return 1;
389 return 0;
392 void transport_update_tracking_ref(struct remote *remote, struct ref *ref, int verbose)
394 struct refspec_item rs;
396 if (ref->status != REF_STATUS_OK && ref->status != REF_STATUS_UPTODATE)
397 return;
399 rs.src = ref->name;
400 rs.dst = NULL;
402 if (!remote_find_tracking(remote, &rs)) {
403 if (verbose)
404 fprintf(stderr, "updating local tracking ref '%s'\n", rs.dst);
405 if (ref->deletion) {
406 delete_ref(NULL, rs.dst, NULL, 0);
407 } else
408 update_ref("update by push", rs.dst, &ref->new_oid,
409 NULL, 0, 0);
410 free(rs.dst);
414 static void print_ref_status(char flag, const char *summary,
415 struct ref *to, struct ref *from, const char *msg,
416 int porcelain, int summary_width)
418 if (porcelain) {
419 if (from)
420 fprintf(stdout, "%c\t%s:%s\t", flag, from->name, to->name);
421 else
422 fprintf(stdout, "%c\t:%s\t", flag, to->name);
423 if (msg)
424 fprintf(stdout, "%s (%s)\n", summary, msg);
425 else
426 fprintf(stdout, "%s\n", summary);
427 } else {
428 const char *red = "", *reset = "";
429 if (push_had_errors(to)) {
430 red = transport_get_color(TRANSPORT_COLOR_REJECTED);
431 reset = transport_get_color(TRANSPORT_COLOR_RESET);
433 fprintf(stderr, " %s%c %-*s%s ", red, flag, summary_width,
434 summary, reset);
435 if (from)
436 fprintf(stderr, "%s -> %s", prettify_refname(from->name), prettify_refname(to->name));
437 else
438 fputs(prettify_refname(to->name), stderr);
439 if (msg) {
440 fputs(" (", stderr);
441 fputs(msg, stderr);
442 fputc(')', stderr);
444 fputc('\n', stderr);
448 static void print_ok_ref_status(struct ref *ref, int porcelain, int summary_width)
450 if (ref->deletion)
451 print_ref_status('-', "[deleted]", ref, NULL, NULL,
452 porcelain, summary_width);
453 else if (is_null_oid(&ref->old_oid))
454 print_ref_status('*',
455 (starts_with(ref->name, "refs/tags/") ? "[new tag]" :
456 "[new branch]"),
457 ref, ref->peer_ref, NULL, porcelain, summary_width);
458 else {
459 struct strbuf quickref = STRBUF_INIT;
460 char type;
461 const char *msg;
463 strbuf_add_unique_abbrev(&quickref, &ref->old_oid,
464 DEFAULT_ABBREV);
465 if (ref->forced_update) {
466 strbuf_addstr(&quickref, "...");
467 type = '+';
468 msg = "forced update";
469 } else {
470 strbuf_addstr(&quickref, "..");
471 type = ' ';
472 msg = NULL;
474 strbuf_add_unique_abbrev(&quickref, &ref->new_oid,
475 DEFAULT_ABBREV);
477 print_ref_status(type, quickref.buf, ref, ref->peer_ref, msg,
478 porcelain, summary_width);
479 strbuf_release(&quickref);
483 static int print_one_push_status(struct ref *ref, const char *dest, int count,
484 int porcelain, int summary_width)
486 if (!count) {
487 char *url = transport_anonymize_url(dest);
488 fprintf(porcelain ? stdout : stderr, "To %s\n", url);
489 free(url);
492 switch(ref->status) {
493 case REF_STATUS_NONE:
494 print_ref_status('X', "[no match]", ref, NULL, NULL,
495 porcelain, summary_width);
496 break;
497 case REF_STATUS_REJECT_NODELETE:
498 print_ref_status('!', "[rejected]", ref, NULL,
499 "remote does not support deleting refs",
500 porcelain, summary_width);
501 break;
502 case REF_STATUS_UPTODATE:
503 print_ref_status('=', "[up to date]", ref,
504 ref->peer_ref, NULL, porcelain, summary_width);
505 break;
506 case REF_STATUS_REJECT_NONFASTFORWARD:
507 print_ref_status('!', "[rejected]", ref, ref->peer_ref,
508 "non-fast-forward", porcelain, summary_width);
509 break;
510 case REF_STATUS_REJECT_ALREADY_EXISTS:
511 print_ref_status('!', "[rejected]", ref, ref->peer_ref,
512 "already exists", porcelain, summary_width);
513 break;
514 case REF_STATUS_REJECT_FETCH_FIRST:
515 print_ref_status('!', "[rejected]", ref, ref->peer_ref,
516 "fetch first", porcelain, summary_width);
517 break;
518 case REF_STATUS_REJECT_NEEDS_FORCE:
519 print_ref_status('!', "[rejected]", ref, ref->peer_ref,
520 "needs force", porcelain, summary_width);
521 break;
522 case REF_STATUS_REJECT_STALE:
523 print_ref_status('!', "[rejected]", ref, ref->peer_ref,
524 "stale info", porcelain, summary_width);
525 break;
526 case REF_STATUS_REJECT_SHALLOW:
527 print_ref_status('!', "[rejected]", ref, ref->peer_ref,
528 "new shallow roots not allowed",
529 porcelain, summary_width);
530 break;
531 case REF_STATUS_REMOTE_REJECT:
532 print_ref_status('!', "[remote rejected]", ref,
533 ref->deletion ? NULL : ref->peer_ref,
534 ref->remote_status, porcelain, summary_width);
535 break;
536 case REF_STATUS_EXPECTING_REPORT:
537 print_ref_status('!', "[remote failure]", ref,
538 ref->deletion ? NULL : ref->peer_ref,
539 "remote failed to report status",
540 porcelain, summary_width);
541 break;
542 case REF_STATUS_ATOMIC_PUSH_FAILED:
543 print_ref_status('!', "[rejected]", ref, ref->peer_ref,
544 "atomic push failed", porcelain, summary_width);
545 break;
546 case REF_STATUS_OK:
547 print_ok_ref_status(ref, porcelain, summary_width);
548 break;
551 return 1;
554 static int measure_abbrev(const struct object_id *oid, int sofar)
556 char hex[GIT_MAX_HEXSZ + 1];
557 int w = find_unique_abbrev_r(hex, oid, DEFAULT_ABBREV);
559 return (w < sofar) ? sofar : w;
562 int transport_summary_width(const struct ref *refs)
564 int maxw = -1;
566 for (; refs; refs = refs->next) {
567 maxw = measure_abbrev(&refs->old_oid, maxw);
568 maxw = measure_abbrev(&refs->new_oid, maxw);
570 if (maxw < 0)
571 maxw = FALLBACK_DEFAULT_ABBREV;
572 return (2 * maxw + 3);
575 void transport_print_push_status(const char *dest, struct ref *refs,
576 int verbose, int porcelain, unsigned int *reject_reasons)
578 struct ref *ref;
579 int n = 0;
580 char *head;
581 int summary_width = transport_summary_width(refs);
583 if (transport_color_config() < 0)
584 warning(_("could not parse transport.color.* config"));
586 head = resolve_refdup("HEAD", RESOLVE_REF_READING, NULL, NULL);
588 if (verbose) {
589 for (ref = refs; ref; ref = ref->next)
590 if (ref->status == REF_STATUS_UPTODATE)
591 n += print_one_push_status(ref, dest, n,
592 porcelain, summary_width);
595 for (ref = refs; ref; ref = ref->next)
596 if (ref->status == REF_STATUS_OK)
597 n += print_one_push_status(ref, dest, n,
598 porcelain, summary_width);
600 *reject_reasons = 0;
601 for (ref = refs; ref; ref = ref->next) {
602 if (ref->status != REF_STATUS_NONE &&
603 ref->status != REF_STATUS_UPTODATE &&
604 ref->status != REF_STATUS_OK)
605 n += print_one_push_status(ref, dest, n,
606 porcelain, summary_width);
607 if (ref->status == REF_STATUS_REJECT_NONFASTFORWARD) {
608 if (head != NULL && !strcmp(head, ref->name))
609 *reject_reasons |= REJECT_NON_FF_HEAD;
610 else
611 *reject_reasons |= REJECT_NON_FF_OTHER;
612 } else if (ref->status == REF_STATUS_REJECT_ALREADY_EXISTS) {
613 *reject_reasons |= REJECT_ALREADY_EXISTS;
614 } else if (ref->status == REF_STATUS_REJECT_FETCH_FIRST) {
615 *reject_reasons |= REJECT_FETCH_FIRST;
616 } else if (ref->status == REF_STATUS_REJECT_NEEDS_FORCE) {
617 *reject_reasons |= REJECT_NEEDS_FORCE;
620 free(head);
623 static int git_transport_push(struct transport *transport, struct ref *remote_refs, int flags)
625 struct git_transport_data *data = transport->data;
626 struct send_pack_args args;
627 int ret = 0;
629 if (transport_color_config() < 0)
630 return -1;
632 if (!data->got_remote_heads)
633 get_refs_via_connect(transport, 1, NULL);
635 memset(&args, 0, sizeof(args));
636 args.send_mirror = !!(flags & TRANSPORT_PUSH_MIRROR);
637 args.force_update = !!(flags & TRANSPORT_PUSH_FORCE);
638 args.use_thin_pack = data->options.thin;
639 args.verbose = (transport->verbose > 0);
640 args.quiet = (transport->verbose < 0);
641 args.progress = transport->progress;
642 args.dry_run = !!(flags & TRANSPORT_PUSH_DRY_RUN);
643 args.porcelain = !!(flags & TRANSPORT_PUSH_PORCELAIN);
644 args.atomic = !!(flags & TRANSPORT_PUSH_ATOMIC);
645 args.push_options = transport->push_options;
646 args.url = transport->url;
648 if (flags & TRANSPORT_PUSH_CERT_ALWAYS)
649 args.push_cert = SEND_PACK_PUSH_CERT_ALWAYS;
650 else if (flags & TRANSPORT_PUSH_CERT_IF_ASKED)
651 args.push_cert = SEND_PACK_PUSH_CERT_IF_ASKED;
652 else
653 args.push_cert = SEND_PACK_PUSH_CERT_NEVER;
655 switch (data->version) {
656 case protocol_v2:
657 die("support for protocol v2 not implemented yet");
658 break;
659 case protocol_v1:
660 case protocol_v0:
661 ret = send_pack(&args, data->fd, data->conn, remote_refs,
662 &data->extra_have);
663 break;
664 case protocol_unknown_version:
665 BUG("unknown protocol version");
668 close(data->fd[1]);
669 close(data->fd[0]);
670 ret |= finish_connect(data->conn);
671 data->conn = NULL;
672 data->got_remote_heads = 0;
674 return ret;
677 static int connect_git(struct transport *transport, const char *name,
678 const char *executable, int fd[2])
680 struct git_transport_data *data = transport->data;
681 data->conn = git_connect(data->fd, transport->url,
682 executable, 0);
683 fd[0] = data->fd[0];
684 fd[1] = data->fd[1];
685 return 0;
688 static int disconnect_git(struct transport *transport)
690 struct git_transport_data *data = transport->data;
691 if (data->conn) {
692 if (data->got_remote_heads)
693 packet_flush(data->fd[1]);
694 close(data->fd[0]);
695 close(data->fd[1]);
696 finish_connect(data->conn);
699 free(data);
700 return 0;
703 static struct transport_vtable taken_over_vtable = {
704 NULL,
705 get_refs_via_connect,
706 fetch_refs_via_pack,
707 git_transport_push,
708 NULL,
709 disconnect_git
712 void transport_take_over(struct transport *transport,
713 struct child_process *child)
715 struct git_transport_data *data;
717 if (!transport->smart_options)
718 BUG("taking over transport requires non-NULL "
719 "smart_options field.");
721 data = xcalloc(1, sizeof(*data));
722 data->options = *transport->smart_options;
723 data->conn = child;
724 data->fd[0] = data->conn->out;
725 data->fd[1] = data->conn->in;
726 data->got_remote_heads = 0;
727 transport->data = data;
729 transport->vtable = &taken_over_vtable;
730 transport->smart_options = &(data->options);
732 transport->cannot_reuse = 1;
735 static int is_file(const char *url)
737 struct stat buf;
738 if (stat(url, &buf))
739 return 0;
740 return S_ISREG(buf.st_mode);
743 static int external_specification_len(const char *url)
745 return strchr(url, ':') - url;
748 static const struct string_list *protocol_whitelist(void)
750 static int enabled = -1;
751 static struct string_list allowed = STRING_LIST_INIT_DUP;
753 if (enabled < 0) {
754 const char *v = getenv("GIT_ALLOW_PROTOCOL");
755 if (v) {
756 string_list_split(&allowed, v, ':', -1);
757 string_list_sort(&allowed);
758 enabled = 1;
759 } else {
760 enabled = 0;
764 return enabled ? &allowed : NULL;
767 enum protocol_allow_config {
768 PROTOCOL_ALLOW_NEVER = 0,
769 PROTOCOL_ALLOW_USER_ONLY,
770 PROTOCOL_ALLOW_ALWAYS
773 static enum protocol_allow_config parse_protocol_config(const char *key,
774 const char *value)
776 if (!strcasecmp(value, "always"))
777 return PROTOCOL_ALLOW_ALWAYS;
778 else if (!strcasecmp(value, "never"))
779 return PROTOCOL_ALLOW_NEVER;
780 else if (!strcasecmp(value, "user"))
781 return PROTOCOL_ALLOW_USER_ONLY;
783 die("unknown value for config '%s': %s", key, value);
786 static enum protocol_allow_config get_protocol_config(const char *type)
788 char *key = xstrfmt("protocol.%s.allow", type);
789 char *value;
791 /* first check the per-protocol config */
792 if (!git_config_get_string(key, &value)) {
793 enum protocol_allow_config ret =
794 parse_protocol_config(key, value);
795 free(key);
796 free(value);
797 return ret;
799 free(key);
801 /* if defined, fallback to user-defined default for unknown protocols */
802 if (!git_config_get_string("protocol.allow", &value)) {
803 enum protocol_allow_config ret =
804 parse_protocol_config("protocol.allow", value);
805 free(value);
806 return ret;
809 /* fallback to built-in defaults */
810 /* known safe */
811 if (!strcmp(type, "http") ||
812 !strcmp(type, "https") ||
813 !strcmp(type, "git") ||
814 !strcmp(type, "ssh") ||
815 !strcmp(type, "file"))
816 return PROTOCOL_ALLOW_ALWAYS;
818 /* known scary; err on the side of caution */
819 if (!strcmp(type, "ext"))
820 return PROTOCOL_ALLOW_NEVER;
822 /* unknown; by default let them be used only directly by the user */
823 return PROTOCOL_ALLOW_USER_ONLY;
826 int is_transport_allowed(const char *type, int from_user)
828 const struct string_list *whitelist = protocol_whitelist();
829 if (whitelist)
830 return string_list_has_string(whitelist, type);
832 switch (get_protocol_config(type)) {
833 case PROTOCOL_ALLOW_ALWAYS:
834 return 1;
835 case PROTOCOL_ALLOW_NEVER:
836 return 0;
837 case PROTOCOL_ALLOW_USER_ONLY:
838 if (from_user < 0)
839 from_user = git_env_bool("GIT_PROTOCOL_FROM_USER", 1);
840 return from_user;
843 BUG("invalid protocol_allow_config type");
846 void transport_check_allowed(const char *type)
848 if (!is_transport_allowed(type, -1))
849 die("transport '%s' not allowed", type);
852 static struct transport_vtable bundle_vtable = {
853 NULL,
854 get_refs_from_bundle,
855 fetch_refs_from_bundle,
856 NULL,
857 NULL,
858 close_bundle
861 static struct transport_vtable builtin_smart_vtable = {
862 NULL,
863 get_refs_via_connect,
864 fetch_refs_via_pack,
865 git_transport_push,
866 connect_git,
867 disconnect_git
870 struct transport *transport_get(struct remote *remote, const char *url)
872 const char *helper;
873 struct transport *ret = xcalloc(1, sizeof(*ret));
875 ret->progress = isatty(2);
877 if (!remote)
878 die("No remote provided to transport_get()");
880 ret->got_remote_refs = 0;
881 ret->remote = remote;
882 helper = remote->foreign_vcs;
884 if (!url && remote->url)
885 url = remote->url[0];
886 ret->url = url;
888 /* maybe it is a foreign URL? */
889 if (url) {
890 const char *p = url;
892 while (is_urlschemechar(p == url, *p))
893 p++;
894 if (starts_with(p, "::"))
895 helper = xstrndup(url, p - url);
898 if (helper) {
899 transport_helper_init(ret, helper);
900 } else if (starts_with(url, "rsync:")) {
901 die("git-over-rsync is no longer supported");
902 } else if (url_is_local_not_ssh(url) && is_file(url) && is_bundle(url, 1)) {
903 struct bundle_transport_data *data = xcalloc(1, sizeof(*data));
904 transport_check_allowed("file");
905 ret->data = data;
906 ret->vtable = &bundle_vtable;
907 ret->smart_options = NULL;
908 } else if (!is_url(url)
909 || starts_with(url, "file://")
910 || starts_with(url, "git://")
911 || starts_with(url, "ssh://")
912 || starts_with(url, "git+ssh://") /* deprecated - do not use */
913 || starts_with(url, "ssh+git://") /* deprecated - do not use */
916 * These are builtin smart transports; "allowed" transports
917 * will be checked individually in git_connect.
919 struct git_transport_data *data = xcalloc(1, sizeof(*data));
920 ret->data = data;
921 ret->vtable = &builtin_smart_vtable;
922 ret->smart_options = &(data->options);
924 data->conn = NULL;
925 data->got_remote_heads = 0;
926 } else {
927 /* Unknown protocol in URL. Pass to external handler. */
928 int len = external_specification_len(url);
929 char *handler = xmemdupz(url, len);
930 transport_helper_init(ret, handler);
933 if (ret->smart_options) {
934 ret->smart_options->thin = 1;
935 ret->smart_options->uploadpack = "git-upload-pack";
936 if (remote->uploadpack)
937 ret->smart_options->uploadpack = remote->uploadpack;
938 ret->smart_options->receivepack = "git-receive-pack";
939 if (remote->receivepack)
940 ret->smart_options->receivepack = remote->receivepack;
943 return ret;
946 int transport_set_option(struct transport *transport,
947 const char *name, const char *value)
949 int git_reports = 1, protocol_reports = 1;
951 if (transport->smart_options)
952 git_reports = set_git_option(transport->smart_options,
953 name, value);
955 if (transport->vtable->set_option)
956 protocol_reports = transport->vtable->set_option(transport,
957 name, value);
959 /* If either report is 0, report 0 (success). */
960 if (!git_reports || !protocol_reports)
961 return 0;
962 /* If either reports -1 (invalid value), report -1. */
963 if ((git_reports == -1) || (protocol_reports == -1))
964 return -1;
965 /* Otherwise if both report unknown, report unknown. */
966 return 1;
969 void transport_set_verbosity(struct transport *transport, int verbosity,
970 int force_progress)
972 if (verbosity >= 1)
973 transport->verbose = verbosity <= 3 ? verbosity : 3;
974 if (verbosity < 0)
975 transport->verbose = -1;
978 * Rules used to determine whether to report progress (processing aborts
979 * when a rule is satisfied):
981 * . Report progress, if force_progress is 1 (ie. --progress).
982 * . Don't report progress, if force_progress is 0 (ie. --no-progress).
983 * . Don't report progress, if verbosity < 0 (ie. -q/--quiet ).
984 * . Report progress if isatty(2) is 1.
986 if (force_progress >= 0)
987 transport->progress = !!force_progress;
988 else
989 transport->progress = verbosity >= 0 && isatty(2);
992 static void die_with_unpushed_submodules(struct string_list *needs_pushing)
994 int i;
996 fprintf(stderr, _("The following submodule paths contain changes that can\n"
997 "not be found on any remote:\n"));
998 for (i = 0; i < needs_pushing->nr; i++)
999 fprintf(stderr, " %s\n", needs_pushing->items[i].string);
1000 fprintf(stderr, _("\nPlease try\n\n"
1001 " git push --recurse-submodules=on-demand\n\n"
1002 "or cd to the path and use\n\n"
1003 " git push\n\n"
1004 "to push them to a remote.\n\n"));
1006 string_list_clear(needs_pushing, 0);
1008 die(_("Aborting."));
1011 static int run_pre_push_hook(struct transport *transport,
1012 struct ref *remote_refs)
1014 int ret = 0, x;
1015 struct ref *r;
1016 struct child_process proc = CHILD_PROCESS_INIT;
1017 struct strbuf buf;
1018 const char *argv[4];
1020 if (!(argv[0] = find_hook("pre-push")))
1021 return 0;
1023 argv[1] = transport->remote->name;
1024 argv[2] = transport->url;
1025 argv[3] = NULL;
1027 proc.argv = argv;
1028 proc.in = -1;
1030 if (start_command(&proc)) {
1031 finish_command(&proc);
1032 return -1;
1035 sigchain_push(SIGPIPE, SIG_IGN);
1037 strbuf_init(&buf, 256);
1039 for (r = remote_refs; r; r = r->next) {
1040 if (!r->peer_ref) continue;
1041 if (r->status == REF_STATUS_REJECT_NONFASTFORWARD) continue;
1042 if (r->status == REF_STATUS_REJECT_STALE) continue;
1043 if (r->status == REF_STATUS_UPTODATE) continue;
1045 strbuf_reset(&buf);
1046 strbuf_addf( &buf, "%s %s %s %s\n",
1047 r->peer_ref->name, oid_to_hex(&r->new_oid),
1048 r->name, oid_to_hex(&r->old_oid));
1050 if (write_in_full(proc.in, buf.buf, buf.len) < 0) {
1051 /* We do not mind if a hook does not read all refs. */
1052 if (errno != EPIPE)
1053 ret = -1;
1054 break;
1058 strbuf_release(&buf);
1060 x = close(proc.in);
1061 if (!ret)
1062 ret = x;
1064 sigchain_pop(SIGPIPE);
1066 x = finish_command(&proc);
1067 if (!ret)
1068 ret = x;
1070 return ret;
1073 int transport_push(struct transport *transport,
1074 struct refspec *rs, int flags,
1075 unsigned int *reject_reasons)
1077 *reject_reasons = 0;
1079 if (transport_color_config() < 0)
1080 return -1;
1082 if (transport->vtable->push_refs) {
1083 struct ref *remote_refs;
1084 struct ref *local_refs = get_local_heads();
1085 int match_flags = MATCH_REFS_NONE;
1086 int verbose = (transport->verbose > 0);
1087 int quiet = (transport->verbose < 0);
1088 int porcelain = flags & TRANSPORT_PUSH_PORCELAIN;
1089 int pretend = flags & TRANSPORT_PUSH_DRY_RUN;
1090 int push_ret, ret, err;
1091 struct argv_array ref_prefixes = ARGV_ARRAY_INIT;
1093 if (check_push_refs(local_refs, rs) < 0)
1094 return -1;
1096 refspec_ref_prefixes(rs, &ref_prefixes);
1098 remote_refs = transport->vtable->get_refs_list(transport, 1,
1099 &ref_prefixes);
1101 argv_array_clear(&ref_prefixes);
1103 if (flags & TRANSPORT_PUSH_ALL)
1104 match_flags |= MATCH_REFS_ALL;
1105 if (flags & TRANSPORT_PUSH_MIRROR)
1106 match_flags |= MATCH_REFS_MIRROR;
1107 if (flags & TRANSPORT_PUSH_PRUNE)
1108 match_flags |= MATCH_REFS_PRUNE;
1109 if (flags & TRANSPORT_PUSH_FOLLOW_TAGS)
1110 match_flags |= MATCH_REFS_FOLLOW_TAGS;
1112 if (match_push_refs(local_refs, &remote_refs, rs, match_flags))
1113 return -1;
1115 if (transport->smart_options &&
1116 transport->smart_options->cas &&
1117 !is_empty_cas(transport->smart_options->cas))
1118 apply_push_cas(transport->smart_options->cas,
1119 transport->remote, remote_refs);
1121 set_ref_status_for_push(remote_refs,
1122 flags & TRANSPORT_PUSH_MIRROR,
1123 flags & TRANSPORT_PUSH_FORCE);
1125 if (!(flags & TRANSPORT_PUSH_NO_HOOK))
1126 if (run_pre_push_hook(transport, remote_refs))
1127 return -1;
1129 if ((flags & (TRANSPORT_RECURSE_SUBMODULES_ON_DEMAND |
1130 TRANSPORT_RECURSE_SUBMODULES_ONLY)) &&
1131 !is_bare_repository()) {
1132 struct ref *ref = remote_refs;
1133 struct oid_array commits = OID_ARRAY_INIT;
1135 for (; ref; ref = ref->next)
1136 if (!is_null_oid(&ref->new_oid))
1137 oid_array_append(&commits,
1138 &ref->new_oid);
1140 if (!push_unpushed_submodules(&commits,
1141 transport->remote,
1143 transport->push_options,
1144 pretend)) {
1145 oid_array_clear(&commits);
1146 die("Failed to push all needed submodules!");
1148 oid_array_clear(&commits);
1151 if (((flags & TRANSPORT_RECURSE_SUBMODULES_CHECK) ||
1152 ((flags & (TRANSPORT_RECURSE_SUBMODULES_ON_DEMAND |
1153 TRANSPORT_RECURSE_SUBMODULES_ONLY)) &&
1154 !pretend)) && !is_bare_repository()) {
1155 struct ref *ref = remote_refs;
1156 struct string_list needs_pushing = STRING_LIST_INIT_DUP;
1157 struct oid_array commits = OID_ARRAY_INIT;
1159 for (; ref; ref = ref->next)
1160 if (!is_null_oid(&ref->new_oid))
1161 oid_array_append(&commits,
1162 &ref->new_oid);
1164 if (find_unpushed_submodules(&commits, transport->remote->name,
1165 &needs_pushing)) {
1166 oid_array_clear(&commits);
1167 die_with_unpushed_submodules(&needs_pushing);
1169 string_list_clear(&needs_pushing, 0);
1170 oid_array_clear(&commits);
1173 if (!(flags & TRANSPORT_RECURSE_SUBMODULES_ONLY))
1174 push_ret = transport->vtable->push_refs(transport, remote_refs, flags);
1175 else
1176 push_ret = 0;
1177 err = push_had_errors(remote_refs);
1178 ret = push_ret | err;
1180 if (!quiet || err)
1181 transport_print_push_status(transport->url, remote_refs,
1182 verbose | porcelain, porcelain,
1183 reject_reasons);
1185 if (flags & TRANSPORT_PUSH_SET_UPSTREAM)
1186 set_upstreams(transport, remote_refs, pretend);
1188 if (!(flags & (TRANSPORT_PUSH_DRY_RUN |
1189 TRANSPORT_RECURSE_SUBMODULES_ONLY))) {
1190 struct ref *ref;
1191 for (ref = remote_refs; ref; ref = ref->next)
1192 transport_update_tracking_ref(transport->remote, ref, verbose);
1195 if (porcelain && !push_ret)
1196 puts("Done");
1197 else if (!quiet && !ret && !transport_refs_pushed(remote_refs))
1198 fprintf(stderr, "Everything up-to-date\n");
1200 return ret;
1202 return 1;
1205 const struct ref *transport_get_remote_refs(struct transport *transport,
1206 const struct argv_array *ref_prefixes)
1208 if (!transport->got_remote_refs) {
1209 transport->remote_refs =
1210 transport->vtable->get_refs_list(transport, 0,
1211 ref_prefixes);
1212 transport->got_remote_refs = 1;
1215 return transport->remote_refs;
1218 int transport_fetch_refs(struct transport *transport, struct ref *refs)
1220 int rc;
1221 int nr_heads = 0, nr_alloc = 0, nr_refs = 0;
1222 struct ref **heads = NULL;
1223 struct ref *rm;
1225 for (rm = refs; rm; rm = rm->next) {
1226 nr_refs++;
1227 if (rm->peer_ref &&
1228 !is_null_oid(&rm->old_oid) &&
1229 !oidcmp(&rm->peer_ref->old_oid, &rm->old_oid))
1230 continue;
1231 ALLOC_GROW(heads, nr_heads + 1, nr_alloc);
1232 heads[nr_heads++] = rm;
1235 if (!nr_heads) {
1237 * When deepening of a shallow repository is requested,
1238 * then local and remote refs are likely to still be equal.
1239 * Just feed them all to the fetch method in that case.
1240 * This condition shouldn't be met in a non-deepening fetch
1241 * (see builtin/fetch.c:quickfetch()).
1243 ALLOC_ARRAY(heads, nr_refs);
1244 for (rm = refs; rm; rm = rm->next)
1245 heads[nr_heads++] = rm;
1248 rc = transport->vtable->fetch(transport, nr_heads, heads);
1250 free(heads);
1251 return rc;
1254 void transport_unlock_pack(struct transport *transport)
1256 if (transport->pack_lockfile) {
1257 unlink_or_warn(transport->pack_lockfile);
1258 FREE_AND_NULL(transport->pack_lockfile);
1262 int transport_connect(struct transport *transport, const char *name,
1263 const char *exec, int fd[2])
1265 if (transport->vtable->connect)
1266 return transport->vtable->connect(transport, name, exec, fd);
1267 else
1268 die("Operation not supported by protocol");
1271 int transport_disconnect(struct transport *transport)
1273 int ret = 0;
1274 if (transport->vtable->disconnect)
1275 ret = transport->vtable->disconnect(transport);
1276 free(transport);
1277 return ret;
1281 * Strip username (and password) from a URL and return
1282 * it in a newly allocated string.
1284 char *transport_anonymize_url(const char *url)
1286 char *scheme_prefix, *anon_part;
1287 size_t anon_len, prefix_len = 0;
1289 anon_part = strchr(url, '@');
1290 if (url_is_local_not_ssh(url) || !anon_part)
1291 goto literal_copy;
1293 anon_len = strlen(++anon_part);
1294 scheme_prefix = strstr(url, "://");
1295 if (!scheme_prefix) {
1296 if (!strchr(anon_part, ':'))
1297 /* cannot be "me@there:/path/name" */
1298 goto literal_copy;
1299 } else {
1300 const char *cp;
1301 /* make sure scheme is reasonable */
1302 for (cp = url; cp < scheme_prefix; cp++) {
1303 switch (*cp) {
1304 /* RFC 1738 2.1 */
1305 case '+': case '.': case '-':
1306 break; /* ok */
1307 default:
1308 if (isalnum(*cp))
1309 break;
1310 /* it isn't */
1311 goto literal_copy;
1314 /* @ past the first slash does not count */
1315 cp = strchr(scheme_prefix + 3, '/');
1316 if (cp && cp < anon_part)
1317 goto literal_copy;
1318 prefix_len = scheme_prefix - url + 3;
1320 return xstrfmt("%.*s%.*s", (int)prefix_len, url,
1321 (int)anon_len, anon_part);
1322 literal_copy:
1323 return xstrdup(url);
1326 static void read_alternate_refs(const char *path,
1327 alternate_ref_fn *cb,
1328 void *data)
1330 struct child_process cmd = CHILD_PROCESS_INIT;
1331 struct strbuf line = STRBUF_INIT;
1332 FILE *fh;
1334 cmd.git_cmd = 1;
1335 argv_array_pushf(&cmd.args, "--git-dir=%s", path);
1336 argv_array_push(&cmd.args, "for-each-ref");
1337 argv_array_push(&cmd.args, "--format=%(objectname) %(refname)");
1338 cmd.env = local_repo_env;
1339 cmd.out = -1;
1341 if (start_command(&cmd))
1342 return;
1344 fh = xfdopen(cmd.out, "r");
1345 while (strbuf_getline_lf(&line, fh) != EOF) {
1346 struct object_id oid;
1348 if (get_oid_hex(line.buf, &oid) ||
1349 line.buf[GIT_SHA1_HEXSZ] != ' ') {
1350 warning("invalid line while parsing alternate refs: %s",
1351 line.buf);
1352 break;
1355 cb(line.buf + GIT_SHA1_HEXSZ + 1, &oid, data);
1358 fclose(fh);
1359 finish_command(&cmd);
1362 struct alternate_refs_data {
1363 alternate_ref_fn *fn;
1364 void *data;
1367 static int refs_from_alternate_cb(struct alternate_object_database *e,
1368 void *data)
1370 struct strbuf path = STRBUF_INIT;
1371 size_t base_len;
1372 struct alternate_refs_data *cb = data;
1374 if (!strbuf_realpath(&path, e->path, 0))
1375 goto out;
1376 if (!strbuf_strip_suffix(&path, "/objects"))
1377 goto out;
1378 base_len = path.len;
1380 /* Is this a git repository with refs? */
1381 strbuf_addstr(&path, "/refs");
1382 if (!is_directory(path.buf))
1383 goto out;
1384 strbuf_setlen(&path, base_len);
1386 read_alternate_refs(path.buf, cb->fn, cb->data);
1388 out:
1389 strbuf_release(&path);
1390 return 0;
1393 void for_each_alternate_ref(alternate_ref_fn fn, void *data)
1395 struct alternate_refs_data cb;
1396 cb.fn = fn;
1397 cb.data = data;
1398 foreach_alt_odb(refs_from_alternate_cb, &cb);