THIS IS A TEST INSTANCE ONLY! REPOSITORIES CAN BE DELETED AT ANY TIME!

Git Source Code Mirror - This is a publish-only repository and all pull requests are ignored. Please follow Documentation/SubmittingPatches procedure for any of your improvements.
git
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

629 lines
16KB

  1. #include "builtin.h"
  2. #include "config.h"
  3. #include "commit.h"
  4. #include "refs.h"
  5. #include "object-store.h"
  6. #include "pkt-line.h"
  7. #include "sideband.h"
  8. #include "run-command.h"
  9. #include "remote.h"
  10. #include "connect.h"
  11. #include "send-pack.h"
  12. #include "quote.h"
  13. #include "transport.h"
  14. #include "version.h"
  15. #include "sha1-array.h"
  16. #include "gpg-interface.h"
  17. #include "cache.h"
  18. int option_parse_push_signed(const struct option *opt,
  19. const char *arg, int unset)
  20. {
  21. if (unset) {
  22. *(int *)(opt->value) = SEND_PACK_PUSH_CERT_NEVER;
  23. return 0;
  24. }
  25. switch (git_parse_maybe_bool(arg)) {
  26. case 1:
  27. *(int *)(opt->value) = SEND_PACK_PUSH_CERT_ALWAYS;
  28. return 0;
  29. case 0:
  30. *(int *)(opt->value) = SEND_PACK_PUSH_CERT_NEVER;
  31. return 0;
  32. }
  33. if (!strcasecmp("if-asked", arg)) {
  34. *(int *)(opt->value) = SEND_PACK_PUSH_CERT_IF_ASKED;
  35. return 0;
  36. }
  37. die("bad %s argument: %s", opt->long_name, arg);
  38. }
  39. static void feed_object(const struct object_id *oid, FILE *fh, int negative)
  40. {
  41. if (negative &&
  42. !has_object_file_with_flags(oid, OBJECT_INFO_SKIP_FETCH_OBJECT))
  43. return;
  44. if (negative)
  45. putc('^', fh);
  46. fputs(oid_to_hex(oid), fh);
  47. putc('\n', fh);
  48. }
  49. /*
  50. * Make a pack stream and spit it out into file descriptor fd
  51. */
  52. static int pack_objects(int fd, struct ref *refs, struct oid_array *extra, struct send_pack_args *args)
  53. {
  54. /*
  55. * The child becomes pack-objects --revs; we feed
  56. * the revision parameters to it via its stdin and
  57. * let its stdout go back to the other end.
  58. */
  59. struct child_process po = CHILD_PROCESS_INIT;
  60. FILE *po_in;
  61. int i;
  62. int rc;
  63. argv_array_push(&po.args, "pack-objects");
  64. argv_array_push(&po.args, "--all-progress-implied");
  65. argv_array_push(&po.args, "--revs");
  66. argv_array_push(&po.args, "--stdout");
  67. if (args->use_thin_pack)
  68. argv_array_push(&po.args, "--thin");
  69. if (args->use_ofs_delta)
  70. argv_array_push(&po.args, "--delta-base-offset");
  71. if (args->quiet || !args->progress)
  72. argv_array_push(&po.args, "-q");
  73. if (args->progress)
  74. argv_array_push(&po.args, "--progress");
  75. if (is_repository_shallow(the_repository))
  76. argv_array_push(&po.args, "--shallow");
  77. po.in = -1;
  78. po.out = args->stateless_rpc ? -1 : fd;
  79. po.git_cmd = 1;
  80. if (start_command(&po))
  81. die_errno("git pack-objects failed");
  82. /*
  83. * We feed the pack-objects we just spawned with revision
  84. * parameters by writing to the pipe.
  85. */
  86. po_in = xfdopen(po.in, "w");
  87. for (i = 0; i < extra->nr; i++)
  88. feed_object(&extra->oid[i], po_in, 1);
  89. while (refs) {
  90. if (!is_null_oid(&refs->old_oid))
  91. feed_object(&refs->old_oid, po_in, 1);
  92. if (!is_null_oid(&refs->new_oid))
  93. feed_object(&refs->new_oid, po_in, 0);
  94. refs = refs->next;
  95. }
  96. fflush(po_in);
  97. if (ferror(po_in))
  98. die_errno("error writing to pack-objects");
  99. fclose(po_in);
  100. if (args->stateless_rpc) {
  101. char *buf = xmalloc(LARGE_PACKET_MAX);
  102. while (1) {
  103. ssize_t n = xread(po.out, buf, LARGE_PACKET_MAX);
  104. if (n <= 0)
  105. break;
  106. send_sideband(fd, -1, buf, n, LARGE_PACKET_MAX);
  107. }
  108. free(buf);
  109. close(po.out);
  110. po.out = -1;
  111. }
  112. rc = finish_command(&po);
  113. if (rc) {
  114. /*
  115. * For a normal non-zero exit, we assume pack-objects wrote
  116. * something useful to stderr. For death by signal, though,
  117. * we should mention it to the user. The exception is SIGPIPE
  118. * (141), because that's a normal occurrence if the remote end
  119. * hangs up (and we'll report that by trying to read the unpack
  120. * status).
  121. */
  122. if (rc > 128 && rc != 141)
  123. error("pack-objects died of signal %d", rc - 128);
  124. return -1;
  125. }
  126. return 0;
  127. }
  128. static int receive_unpack_status(struct packet_reader *reader)
  129. {
  130. if (packet_reader_read(reader) != PACKET_READ_NORMAL)
  131. return error(_("unexpected flush packet while reading remote unpack status"));
  132. if (!skip_prefix(reader->line, "unpack ", &reader->line))
  133. return error(_("unable to parse remote unpack status: %s"), reader->line);
  134. if (strcmp(reader->line, "ok"))
  135. return error(_("remote unpack failed: %s"), reader->line);
  136. return 0;
  137. }
  138. static int receive_status(struct packet_reader *reader, struct ref *refs)
  139. {
  140. struct ref *hint;
  141. int ret;
  142. hint = NULL;
  143. ret = receive_unpack_status(reader);
  144. while (1) {
  145. const char *refname;
  146. char *msg;
  147. if (packet_reader_read(reader) != PACKET_READ_NORMAL)
  148. break;
  149. if (!starts_with(reader->line, "ok ") && !starts_with(reader->line, "ng ")) {
  150. error("invalid ref status from remote: %s", reader->line);
  151. ret = -1;
  152. break;
  153. }
  154. refname = reader->line + 3;
  155. msg = strchr(refname, ' ');
  156. if (msg)
  157. *msg++ = '\0';
  158. /* first try searching at our hint, falling back to all refs */
  159. if (hint)
  160. hint = find_ref_by_name(hint, refname);
  161. if (!hint)
  162. hint = find_ref_by_name(refs, refname);
  163. if (!hint) {
  164. warning("remote reported status on unknown ref: %s",
  165. refname);
  166. continue;
  167. }
  168. if (hint->status != REF_STATUS_EXPECTING_REPORT) {
  169. warning("remote reported status on unexpected ref: %s",
  170. refname);
  171. continue;
  172. }
  173. if (reader->line[0] == 'o' && reader->line[1] == 'k')
  174. hint->status = REF_STATUS_OK;
  175. else {
  176. hint->status = REF_STATUS_REMOTE_REJECT;
  177. ret = -1;
  178. }
  179. hint->remote_status = xstrdup_or_null(msg);
  180. /* start our next search from the next ref */
  181. hint = hint->next;
  182. }
  183. return ret;
  184. }
  185. static int sideband_demux(int in, int out, void *data)
  186. {
  187. int *fd = data, ret;
  188. if (async_with_fork())
  189. close(fd[1]);
  190. ret = recv_sideband("send-pack", fd[0], out);
  191. close(out);
  192. return ret;
  193. }
  194. static int advertise_shallow_grafts_cb(const struct commit_graft *graft, void *cb)
  195. {
  196. struct strbuf *sb = cb;
  197. if (graft->nr_parent == -1)
  198. packet_buf_write(sb, "shallow %s\n", oid_to_hex(&graft->oid));
  199. return 0;
  200. }
  201. static void advertise_shallow_grafts_buf(struct strbuf *sb)
  202. {
  203. if (!is_repository_shallow(the_repository))
  204. return;
  205. for_each_commit_graft(advertise_shallow_grafts_cb, sb);
  206. }
  207. #define CHECK_REF_NO_PUSH -1
  208. #define CHECK_REF_STATUS_REJECTED -2
  209. #define CHECK_REF_UPTODATE -3
  210. static int check_to_send_update(const struct ref *ref, const struct send_pack_args *args)
  211. {
  212. if (!ref->peer_ref && !args->send_mirror)
  213. return CHECK_REF_NO_PUSH;
  214. /* Check for statuses set by set_ref_status_for_push() */
  215. switch (ref->status) {
  216. case REF_STATUS_REJECT_NONFASTFORWARD:
  217. case REF_STATUS_REJECT_ALREADY_EXISTS:
  218. case REF_STATUS_REJECT_FETCH_FIRST:
  219. case REF_STATUS_REJECT_NEEDS_FORCE:
  220. case REF_STATUS_REJECT_STALE:
  221. case REF_STATUS_REJECT_NODELETE:
  222. return CHECK_REF_STATUS_REJECTED;
  223. case REF_STATUS_UPTODATE:
  224. return CHECK_REF_UPTODATE;
  225. default:
  226. return 0;
  227. }
  228. }
  229. /*
  230. * the beginning of the next line, or the end of buffer.
  231. *
  232. * NEEDSWORK: perhaps move this to git-compat-util.h or somewhere and
  233. * convert many similar uses found by "git grep -A4 memchr".
  234. */
  235. static const char *next_line(const char *line, size_t len)
  236. {
  237. const char *nl = memchr(line, '\n', len);
  238. if (!nl)
  239. return line + len; /* incomplete line */
  240. return nl + 1;
  241. }
  242. static int generate_push_cert(struct strbuf *req_buf,
  243. const struct ref *remote_refs,
  244. struct send_pack_args *args,
  245. const char *cap_string,
  246. const char *push_cert_nonce)
  247. {
  248. const struct ref *ref;
  249. struct string_list_item *item;
  250. char *signing_key = xstrdup(get_signing_key());
  251. const char *cp, *np;
  252. struct strbuf cert = STRBUF_INIT;
  253. int update_seen = 0;
  254. strbuf_addstr(&cert, "certificate version 0.1\n");
  255. strbuf_addf(&cert, "pusher %s ", signing_key);
  256. datestamp(&cert);
  257. strbuf_addch(&cert, '\n');
  258. if (args->url && *args->url) {
  259. char *anon_url = transport_anonymize_url(args->url);
  260. strbuf_addf(&cert, "pushee %s\n", anon_url);
  261. free(anon_url);
  262. }
  263. if (push_cert_nonce[0])
  264. strbuf_addf(&cert, "nonce %s\n", push_cert_nonce);
  265. if (args->push_options)
  266. for_each_string_list_item(item, args->push_options)
  267. strbuf_addf(&cert, "push-option %s\n", item->string);
  268. strbuf_addstr(&cert, "\n");
  269. for (ref = remote_refs; ref; ref = ref->next) {
  270. if (check_to_send_update(ref, args) < 0)
  271. continue;
  272. update_seen = 1;
  273. strbuf_addf(&cert, "%s %s %s\n",
  274. oid_to_hex(&ref->old_oid),
  275. oid_to_hex(&ref->new_oid),
  276. ref->name);
  277. }
  278. if (!update_seen)
  279. goto free_return;
  280. if (sign_buffer(&cert, &cert, signing_key))
  281. die(_("failed to sign the push certificate"));
  282. packet_buf_write(req_buf, "push-cert%c%s", 0, cap_string);
  283. for (cp = cert.buf; cp < cert.buf + cert.len; cp = np) {
  284. np = next_line(cp, cert.buf + cert.len - cp);
  285. packet_buf_write(req_buf,
  286. "%.*s", (int)(np - cp), cp);
  287. }
  288. packet_buf_write(req_buf, "push-cert-end\n");
  289. free_return:
  290. free(signing_key);
  291. strbuf_release(&cert);
  292. return update_seen;
  293. }
  294. static int atomic_push_failure(struct send_pack_args *args,
  295. struct ref *remote_refs,
  296. struct ref *failing_ref)
  297. {
  298. struct ref *ref;
  299. /* Mark other refs as failed */
  300. for (ref = remote_refs; ref; ref = ref->next) {
  301. if (!ref->peer_ref && !args->send_mirror)
  302. continue;
  303. switch (ref->status) {
  304. case REF_STATUS_EXPECTING_REPORT:
  305. ref->status = REF_STATUS_ATOMIC_PUSH_FAILED;
  306. continue;
  307. default:
  308. break; /* do nothing */
  309. }
  310. }
  311. return error("atomic push failed for ref %s. status: %d\n",
  312. failing_ref->name, failing_ref->status);
  313. }
  314. #define NONCE_LEN_LIMIT 256
  315. static void reject_invalid_nonce(const char *nonce, int len)
  316. {
  317. int i = 0;
  318. if (NONCE_LEN_LIMIT <= len)
  319. die("the receiving end asked to sign an invalid nonce <%.*s>",
  320. len, nonce);
  321. for (i = 0; i < len; i++) {
  322. int ch = nonce[i] & 0xFF;
  323. if (isalnum(ch) ||
  324. ch == '-' || ch == '.' ||
  325. ch == '/' || ch == '+' ||
  326. ch == '=' || ch == '_')
  327. continue;
  328. die("the receiving end asked to sign an invalid nonce <%.*s>",
  329. len, nonce);
  330. }
  331. }
  332. int send_pack(struct send_pack_args *args,
  333. int fd[], struct child_process *conn,
  334. struct ref *remote_refs,
  335. struct oid_array *extra_have)
  336. {
  337. int in = fd[0];
  338. int out = fd[1];
  339. struct strbuf req_buf = STRBUF_INIT;
  340. struct strbuf cap_buf = STRBUF_INIT;
  341. struct ref *ref;
  342. int need_pack_data = 0;
  343. int allow_deleting_refs = 0;
  344. int status_report = 0;
  345. int use_sideband = 0;
  346. int quiet_supported = 0;
  347. int agent_supported = 0;
  348. int use_atomic = 0;
  349. int atomic_supported = 0;
  350. int use_push_options = 0;
  351. int push_options_supported = 0;
  352. unsigned cmds_sent = 0;
  353. int ret;
  354. struct async demux;
  355. const char *push_cert_nonce = NULL;
  356. struct packet_reader reader;
  357. /* Does the other end support the reporting? */
  358. if (server_supports("report-status"))
  359. status_report = 1;
  360. if (server_supports("delete-refs"))
  361. allow_deleting_refs = 1;
  362. if (server_supports("ofs-delta"))
  363. args->use_ofs_delta = 1;
  364. if (server_supports("side-band-64k"))
  365. use_sideband = 1;
  366. if (server_supports("quiet"))
  367. quiet_supported = 1;
  368. if (server_supports("agent"))
  369. agent_supported = 1;
  370. if (server_supports("no-thin"))
  371. args->use_thin_pack = 0;
  372. if (server_supports("atomic"))
  373. atomic_supported = 1;
  374. if (server_supports("push-options"))
  375. push_options_supported = 1;
  376. if (args->push_cert != SEND_PACK_PUSH_CERT_NEVER) {
  377. int len;
  378. push_cert_nonce = server_feature_value("push-cert", &len);
  379. if (push_cert_nonce) {
  380. reject_invalid_nonce(push_cert_nonce, len);
  381. push_cert_nonce = xmemdupz(push_cert_nonce, len);
  382. } else if (args->push_cert == SEND_PACK_PUSH_CERT_ALWAYS) {
  383. die(_("the receiving end does not support --signed push"));
  384. } else if (args->push_cert == SEND_PACK_PUSH_CERT_IF_ASKED) {
  385. warning(_("not sending a push certificate since the"
  386. " receiving end does not support --signed"
  387. " push"));
  388. }
  389. }
  390. if (!remote_refs) {
  391. fprintf(stderr, "No refs in common and none specified; doing nothing.\n"
  392. "Perhaps you should specify a branch such as 'master'.\n");
  393. return 0;
  394. }
  395. if (args->atomic && !atomic_supported)
  396. die(_("the receiving end does not support --atomic push"));
  397. use_atomic = atomic_supported && args->atomic;
  398. if (args->push_options && !push_options_supported)
  399. die(_("the receiving end does not support push options"));
  400. use_push_options = push_options_supported && args->push_options;
  401. if (status_report)
  402. strbuf_addstr(&cap_buf, " report-status");
  403. if (use_sideband)
  404. strbuf_addstr(&cap_buf, " side-band-64k");
  405. if (quiet_supported && (args->quiet || !args->progress))
  406. strbuf_addstr(&cap_buf, " quiet");
  407. if (use_atomic)
  408. strbuf_addstr(&cap_buf, " atomic");
  409. if (use_push_options)
  410. strbuf_addstr(&cap_buf, " push-options");
  411. if (agent_supported)
  412. strbuf_addf(&cap_buf, " agent=%s", git_user_agent_sanitized());
  413. /*
  414. * NEEDSWORK: why does delete-refs have to be so specific to
  415. * send-pack machinery that set_ref_status_for_push() cannot
  416. * set this bit for us???
  417. */
  418. for (ref = remote_refs; ref; ref = ref->next)
  419. if (ref->deletion && !allow_deleting_refs)
  420. ref->status = REF_STATUS_REJECT_NODELETE;
  421. if (!args->dry_run)
  422. advertise_shallow_grafts_buf(&req_buf);
  423. if (!args->dry_run && push_cert_nonce)
  424. cmds_sent = generate_push_cert(&req_buf, remote_refs, args,
  425. cap_buf.buf, push_cert_nonce);
  426. /*
  427. * Clear the status for each ref and see if we need to send
  428. * the pack data.
  429. */
  430. for (ref = remote_refs; ref; ref = ref->next) {
  431. switch (check_to_send_update(ref, args)) {
  432. case 0: /* no error */
  433. break;
  434. case CHECK_REF_STATUS_REJECTED:
  435. /*
  436. * When we know the server would reject a ref update if
  437. * we were to send it and we're trying to send the refs
  438. * atomically, abort the whole operation.
  439. */
  440. if (use_atomic) {
  441. strbuf_release(&req_buf);
  442. strbuf_release(&cap_buf);
  443. return atomic_push_failure(args, remote_refs, ref);
  444. }
  445. /* else fallthrough */
  446. default:
  447. continue;
  448. }
  449. if (!ref->deletion)
  450. need_pack_data = 1;
  451. if (args->dry_run || !status_report)
  452. ref->status = REF_STATUS_OK;
  453. else
  454. ref->status = REF_STATUS_EXPECTING_REPORT;
  455. }
  456. /*
  457. * Finally, tell the other end!
  458. */
  459. for (ref = remote_refs; ref; ref = ref->next) {
  460. char *old_hex, *new_hex;
  461. if (args->dry_run || push_cert_nonce)
  462. continue;
  463. if (check_to_send_update(ref, args) < 0)
  464. continue;
  465. old_hex = oid_to_hex(&ref->old_oid);
  466. new_hex = oid_to_hex(&ref->new_oid);
  467. if (!cmds_sent) {
  468. packet_buf_write(&req_buf,
  469. "%s %s %s%c%s",
  470. old_hex, new_hex, ref->name, 0,
  471. cap_buf.buf);
  472. cmds_sent = 1;
  473. } else {
  474. packet_buf_write(&req_buf, "%s %s %s",
  475. old_hex, new_hex, ref->name);
  476. }
  477. }
  478. if (use_push_options) {
  479. struct string_list_item *item;
  480. packet_buf_flush(&req_buf);
  481. for_each_string_list_item(item, args->push_options)
  482. packet_buf_write(&req_buf, "%s", item->string);
  483. }
  484. if (args->stateless_rpc) {
  485. if (!args->dry_run && (cmds_sent || is_repository_shallow(the_repository))) {
  486. packet_buf_flush(&req_buf);
  487. send_sideband(out, -1, req_buf.buf, req_buf.len, LARGE_PACKET_MAX);
  488. }
  489. } else {
  490. write_or_die(out, req_buf.buf, req_buf.len);
  491. packet_flush(out);
  492. }
  493. strbuf_release(&req_buf);
  494. strbuf_release(&cap_buf);
  495. if (use_sideband && cmds_sent) {
  496. memset(&demux, 0, sizeof(demux));
  497. demux.proc = sideband_demux;
  498. demux.data = fd;
  499. demux.out = -1;
  500. demux.isolate_sigpipe = 1;
  501. if (start_async(&demux))
  502. die("send-pack: unable to fork off sideband demultiplexer");
  503. in = demux.out;
  504. }
  505. packet_reader_init(&reader, in, NULL, 0,
  506. PACKET_READ_CHOMP_NEWLINE |
  507. PACKET_READ_DIE_ON_ERR_PACKET);
  508. if (need_pack_data && cmds_sent) {
  509. if (pack_objects(out, remote_refs, extra_have, args) < 0) {
  510. for (ref = remote_refs; ref; ref = ref->next)
  511. ref->status = REF_STATUS_NONE;
  512. if (args->stateless_rpc)
  513. close(out);
  514. if (git_connection_is_socket(conn))
  515. shutdown(fd[0], SHUT_WR);
  516. /*
  517. * Do not even bother with the return value; we know we
  518. * are failing, and just want the error() side effects.
  519. */
  520. if (status_report)
  521. receive_unpack_status(&reader);
  522. if (use_sideband) {
  523. close(demux.out);
  524. finish_async(&demux);
  525. }
  526. fd[1] = -1;
  527. return -1;
  528. }
  529. if (!args->stateless_rpc)
  530. /* Closed by pack_objects() via start_command() */
  531. fd[1] = -1;
  532. }
  533. if (args->stateless_rpc && cmds_sent)
  534. packet_flush(out);
  535. if (status_report && cmds_sent)
  536. ret = receive_status(&reader, remote_refs);
  537. else
  538. ret = 0;
  539. if (args->stateless_rpc)
  540. packet_flush(out);
  541. if (use_sideband && cmds_sent) {
  542. close(demux.out);
  543. if (finish_async(&demux)) {
  544. error("error in sideband demultiplexer");
  545. ret = -1;
  546. }
  547. }
  548. if (ret < 0)
  549. return ret;
  550. if (args->porcelain)
  551. return 0;
  552. for (ref = remote_refs; ref; ref = ref->next) {
  553. switch (ref->status) {
  554. case REF_STATUS_NONE:
  555. case REF_STATUS_UPTODATE:
  556. case REF_STATUS_OK:
  557. break;
  558. default:
  559. return -1;
  560. }
  561. }
  562. return 0;
  563. }