static struct ref *get_refs_via_connect(struct transport *transport, int for_push, const struct argv_array *ref_prefixes) { struct git_transport_data *data = transport->data; struct ref *refs = NULL; struct packet_reader reader; connect_setup(transport, for_push); packet_reader_init(&reader, data->fd[0], NULL, 0, PACKET_READ_CHOMP_NEWLINE | PACKET_READ_GENTLE_ON_EOF); data->version = discover_version(&reader); switch (data->version) { case protocol_v2: get_remote_refs(data->fd[1], &reader, &refs, for_push, ref_prefixes); break; case protocol_v1: case protocol_v0: get_remote_heads(&reader, &refs, for_push ? REF_NORMAL : 0, &data->extra_have, &data->shallow); break; case protocol_unknown_version: BUG("unknown protocol version"); } data->got_remote_heads = 1; return refs; }
static struct ref *parse_git_refs(struct discovery *heads, int for_push) { struct ref *list = NULL; struct packet_reader reader; packet_reader_init(&reader, -1, heads->buf, heads->len, PACKET_READ_CHOMP_NEWLINE | PACKET_READ_GENTLE_ON_EOF); heads->version = discover_version(&reader); switch (heads->version) { case protocol_v2: /* * Do nothing. This isn't a list of refs but rather a * capability advertisement. Client would have run * 'stateless-connect' so we'll dump this capability listing * and let them request the refs themselves. */ break; case protocol_v1: case protocol_v0: get_remote_heads(&reader, &list, for_push ? REF_NORMAL : 0, NULL, &heads->shallow); break; case protocol_unknown_version: BUG("unknown protocol version"); } return list; }
/* * Obtains the protocol version from the transport and writes it to * transport->data->version, first connecting if not already connected. * * If the protocol version is one that allows skipping the listing of remote * refs, and must_list_refs is 0, the listing of remote refs is skipped and * this function returns NULL. Otherwise, this function returns the list of * remote refs. */ static struct ref *handshake(struct transport *transport, int for_push, const struct argv_array *ref_prefixes, int must_list_refs) { struct git_transport_data *data = transport->data; struct ref *refs = NULL; struct packet_reader reader; connect_setup(transport, for_push); packet_reader_init(&reader, data->fd[0], NULL, 0, PACKET_READ_CHOMP_NEWLINE | PACKET_READ_GENTLE_ON_EOF | PACKET_READ_DIE_ON_ERR_PACKET); data->version = discover_version(&reader); switch (data->version) { case protocol_v2: if (must_list_refs) get_remote_refs(data->fd[1], &reader, &refs, for_push, ref_prefixes, transport->server_options); break; case protocol_v1: case protocol_v0: die_if_server_options(transport); get_remote_heads(&reader, &refs, for_push ? REF_NORMAL : 0, &data->extra_have, &data->shallow); break; case protocol_unknown_version: BUG("unknown protocol version"); } data->got_remote_heads = 1; if (reader.line_peeked) BUG("buffer must be empty at the end of handshake()"); return refs; }
static void proxy_state_init(struct proxy_state *p, const char *service_name, enum protocol_version version) { struct strbuf buf = STRBUF_INIT; memset(p, 0, sizeof(*p)); p->service_name = xstrdup(service_name); p->in = 0; p->out = 1; strbuf_init(&p->request_buffer, 0); strbuf_addf(&buf, "%s%s", url.buf, p->service_name); p->service_url = strbuf_detach(&buf, NULL); p->headers = http_copy_default_headers(); strbuf_addf(&buf, "Content-Type: application/x-%s-request", p->service_name); p->headers = curl_slist_append(p->headers, buf.buf); strbuf_reset(&buf); strbuf_addf(&buf, "Accept: application/x-%s-result", p->service_name); p->headers = curl_slist_append(p->headers, buf.buf); strbuf_reset(&buf); p->headers = curl_slist_append(p->headers, "Transfer-Encoding: chunked"); /* Add the Git-Protocol header */ if (get_protocol_http_header(version, &buf)) p->headers = curl_slist_append(p->headers, buf.buf); packet_reader_init(&p->reader, p->in, NULL, 0, PACKET_READ_GENTLE_ON_EOF); strbuf_release(&buf); }
int cmd_fetch_pack(int argc, const char **argv, const char *prefix) { int i, ret; struct ref *ref = NULL; const char *dest = NULL; struct ref **sought = NULL; int nr_sought = 0, alloc_sought = 0; int fd[2]; char *pack_lockfile = NULL; char **pack_lockfile_ptr = NULL; struct child_process *conn; struct fetch_pack_args args; struct oid_array shallow = OID_ARRAY_INIT; struct string_list deepen_not = STRING_LIST_INIT_DUP; struct packet_reader reader; enum protocol_version version; fetch_if_missing = 0; packet_trace_identity("fetch-pack"); memset(&args, 0, sizeof(args)); args.uploadpack = "git-upload-pack"; for (i = 1; i < argc && *argv[i] == '-'; i++) { const char *arg = argv[i]; if (skip_prefix(arg, "--upload-pack=", &arg)) { args.uploadpack = arg; continue; } if (skip_prefix(arg, "--exec=", &arg)) { args.uploadpack = arg; continue; } if (!strcmp("--quiet", arg) || !strcmp("-q", arg)) { args.quiet = 1; continue; } if (!strcmp("--keep", arg) || !strcmp("-k", arg)) { args.lock_pack = args.keep_pack; args.keep_pack = 1; continue; } if (!strcmp("--thin", arg)) { args.use_thin_pack = 1; continue; } if (!strcmp("--include-tag", arg)) { args.include_tag = 1; continue; } if (!strcmp("--all", arg)) { args.fetch_all = 1; continue; } if (!strcmp("--stdin", arg)) { args.stdin_refs = 1; continue; } if (!strcmp("--diag-url", arg)) { args.diag_url = 1; continue; } if (!strcmp("-v", arg)) { args.verbose = 1; continue; } if (skip_prefix(arg, "--depth=", &arg)) { args.depth = strtol(arg, NULL, 0); continue; } if (skip_prefix(arg, "--shallow-since=", &arg)) { args.deepen_since = xstrdup(arg); continue; } if (skip_prefix(arg, "--shallow-exclude=", &arg)) { string_list_append(&deepen_not, arg); continue; } if (!strcmp(arg, "--deepen-relative")) { args.deepen_relative = 1; continue; } if (!strcmp("--no-progress", arg)) { args.no_progress = 1; continue; } if (!strcmp("--stateless-rpc", arg)) { args.stateless_rpc = 1; continue; } if (!strcmp("--lock-pack", arg)) { args.lock_pack = 1; pack_lockfile_ptr = &pack_lockfile; continue; } if (!strcmp("--check-self-contained-and-connected", arg)) { args.check_self_contained_and_connected = 1; continue; } if (!strcmp("--cloning", arg)) { args.cloning = 1; continue; } if (!strcmp("--update-shallow", arg)) { args.update_shallow = 1; continue; } if (!strcmp("--from-promisor", arg)) { args.from_promisor = 1; continue; } if (!strcmp("--no-dependents", arg)) { args.no_dependents = 1; continue; } if (skip_prefix(arg, ("--" CL_ARG__FILTER "="), &arg)) { parse_list_objects_filter(&args.filter_options, arg); continue; } if (!strcmp(arg, ("--no-" CL_ARG__FILTER))) { list_objects_filter_set_no_filter(&args.filter_options); continue; } usage(fetch_pack_usage); } if (deepen_not.nr) args.deepen_not = &deepen_not; if (i < argc) dest = argv[i++]; else usage(fetch_pack_usage); /* * Copy refs from cmdline to growable list, then append any * refs from the standard input: */ for (; i < argc; i++) add_sought_entry(&sought, &nr_sought, &alloc_sought, argv[i]); if (args.stdin_refs) { if (args.stateless_rpc) { /* in stateless RPC mode we use pkt-line to read * from stdin, until we get a flush packet */ for (;;) { char *line = packet_read_line(0, NULL); if (!line) break; add_sought_entry(&sought, &nr_sought, &alloc_sought, line); } } else { /* read from stdin one ref per line, until EOF */ struct strbuf line = STRBUF_INIT; while (strbuf_getline_lf(&line, stdin) != EOF) add_sought_entry(&sought, &nr_sought, &alloc_sought, line.buf); strbuf_release(&line); } } if (args.stateless_rpc) { conn = NULL; fd[0] = 0; fd[1] = 1; } else { int flags = args.verbose ? CONNECT_VERBOSE : 0; if (args.diag_url) flags |= CONNECT_DIAG_URL; conn = git_connect(fd, dest, args.uploadpack, flags); if (!conn) return args.diag_url ? 0 : 1; } packet_reader_init(&reader, fd[0], NULL, 0, PACKET_READ_CHOMP_NEWLINE | PACKET_READ_GENTLE_ON_EOF | PACKET_READ_DIE_ON_ERR_PACKET); version = discover_version(&reader); switch (version) { case protocol_v2: get_remote_refs(fd[1], &reader, &ref, 0, NULL, NULL); break; case protocol_v1: case protocol_v0: get_remote_heads(&reader, &ref, 0, NULL, &shallow); break; case protocol_unknown_version: BUG("unknown protocol version"); } ref = fetch_pack(&args, fd, conn, ref, dest, sought, nr_sought, &shallow, pack_lockfile_ptr, version); if (pack_lockfile) { printf("lock %s\n", pack_lockfile); fflush(stdout); } if (args.check_self_contained_and_connected && args.self_contained_and_connected) { printf("connectivity-ok\n"); fflush(stdout); } close(fd[0]); close(fd[1]); if (finish_connect(conn)) return 1; ret = !ref; /* * If the heads to pull were given, we should have consumed * all of them by matching the remote. Otherwise, 'git fetch * remote no-such-ref' would silently succeed without issuing * an error. */ ret |= report_unmatched_refs(sought, nr_sought); while (ref) { printf("%s %s\n", oid_to_hex(&ref->old_oid), ref->name); ref = ref->next; } return ret; }
static struct ref *do_fetch_pack_v2(struct fetch_pack_args *args, int fd[2], const struct ref *orig_ref, struct ref **sought, int nr_sought, char **pack_lockfile) { struct ref *ref = copy_ref_list(orig_ref); enum fetch_state state = FETCH_CHECK_LOCAL; struct oidset common = OIDSET_INIT; struct packet_reader reader; int in_vain = 0; int haves_to_send = INITIAL_FLUSH; struct fetch_negotiator negotiator; fetch_negotiator_init(&negotiator, negotiation_algorithm); packet_reader_init(&reader, fd[0], NULL, 0, PACKET_READ_CHOMP_NEWLINE); while (state != FETCH_DONE) { switch (state) { case FETCH_CHECK_LOCAL: sort_ref_list(&ref, ref_compare_name); QSORT(sought, nr_sought, cmp_ref_by_name); /* v2 supports these by default */ allow_unadvertised_object_request |= ALLOW_REACHABLE_SHA1; use_sideband = 2; if (args->depth > 0 || args->deepen_since || args->deepen_not) args->deepen = 1; /* Filter 'ref' by 'sought' and those that aren't local */ if (!args->no_dependents) { mark_complete_and_common_ref(&negotiator, args, &ref); filter_refs(args, &ref, sought, nr_sought); if (everything_local(args, &ref)) state = FETCH_DONE; else state = FETCH_SEND_REQUEST; mark_tips(&negotiator, args->negotiation_tips); for_each_cached_alternate(&negotiator, insert_one_alternate_object); } else { filter_refs(args, &ref, sought, nr_sought); state = FETCH_SEND_REQUEST; } break; case FETCH_SEND_REQUEST: if (send_fetch_request(&negotiator, fd[1], args, ref, &common, &haves_to_send, &in_vain)) state = FETCH_GET_PACK; else state = FETCH_PROCESS_ACKS; break; case FETCH_PROCESS_ACKS: /* Process ACKs/NAKs */ switch (process_acks(&negotiator, &reader, &common)) { case 2: state = FETCH_GET_PACK; break; case 1: in_vain = 0; /* fallthrough */ default: state = FETCH_SEND_REQUEST; break; } break; case FETCH_GET_PACK: /* Check for shallow-info section */ if (process_section_header(&reader, "shallow-info", 1)) receive_shallow_info(args, &reader); if (process_section_header(&reader, "wanted-refs", 1)) receive_wanted_refs(&reader, sought, nr_sought); /* get the pack */ process_section_header(&reader, "packfile", 0); if (get_pack(args, fd, pack_lockfile)) die(_("git fetch-pack: fetch failed.")); state = FETCH_DONE; break; case FETCH_DONE: continue; } } negotiator.release(&negotiator); oidset_clear(&common); return ref; }
ya_result xfr_input_stream_init(input_stream* filtering_stream, const u8 *origin, input_stream *xfr_source_stream, message_data *message, u32 current_serial, xfr_copy_flags flags) { yassert(filtering_stream != NULL && origin != NULL && xfr_source_stream != NULL && message != NULL); input_stream *is = xfr_source_stream; packet_unpack_reader_data reader; u8 *buffer; u8 *record; u8 *ptr; #if DNSCORE_HAS_TSIG_SUPPORT const tsig_item *tsig; #endif ya_result record_len; ya_result return_value; u32 origin_len; u32 last_serial = 0; u16 tcplen; u16 qtype; u16 qclass; u16 old_mac_size; bool last_message_had_tsig; bool need_cleanup_tsig = FALSE; #if DNSCORE_HAS_TSIG_SUPPORT u8 old_mac[64]; #endif /* * ensure the stream will be unusable if the initialisation fails */ input_stream_set_void(filtering_stream); /* * Start by reading the first packet, and determine if it's an AXFR or an IXFR (for the name) * note: it's read and converted to the host endianness */ if(!is_fd_input_stream(is)) { // expected file input stream return INVALID_ARGUMENT_ERROR; } //buffer_input_stream_init(is, is, 4096); /* TCP length */ if(FAIL(return_value = input_stream_read_nu16(is, &tcplen))) { return return_value; } if(return_value != 2) { return UNEXPECTED_EOF; } /* if the length is not enough, return the most appropriate error code */ origin_len = dnsname_len(origin); if(tcplen < DNS_HEADER_LENGTH + origin_len + 4) { return_value = UNEXPECTED_EOF; if(tcplen >= DNS_HEADER_LENGTH) { if(ISOK(return_value = input_stream_read_fully(is, message->pool_buffer, DNS_HEADER_LENGTH))) { return_value = MAKE_DNSMSG_ERROR(MESSAGE_RCODE(message->pool_buffer)); } } return return_value; } /* read the whole message */ buffer = &message->buffer[0]; record = &message->pool_buffer[0]; assert(sizeof(message->pool_buffer) >= 255 + 10 + 65535); if(FAIL(return_value = input_stream_read_fully(is, buffer, tcplen))) { return return_value; } #if DEBUG_XFR_INPUT_STREAM log_memdump(g_system_logger, MSG_DEBUG1, &message->buffer[0], tcplen, 32); #endif message->received = return_value; /* check the message makes sense */ const u64 *h64 = (u64*)buffer; u64 m64 = AXFR_MESSAGE_HEADER_MASK; u64 r64 = AXFR_MESSAGE_HEADER_RESULT; if(((*h64&m64) != r64) || (MESSAGE_NS(message->buffer) != 0)) { u8 code = MESSAGE_RCODE(message->buffer); if(code != 0) { return_value = MAKE_DNSMSG_ERROR(code); } else { return_value = UNPROCESSABLE_MESSAGE; } return return_value; } //m64 = AXFR_NEXT_MESSAGE_HEADER_MASK; //r64 = AXFR_NEXT_MESSAGE_HEADER_RESULT; packet_reader_init(&reader, buffer, tcplen); reader.offset = DNS_HEADER_LENGTH; packet_reader_read_fqdn(&reader, record, RDATA_MAX_LENGTH + 1); if(!dnsname_equals(record, origin)) { return INVALID_PROTOCOL; } if(FAIL(return_value = packet_reader_read_u16(&reader, &qtype))) { return return_value; } if(return_value != 2) { return UNEXPECTED_EOF; } /* * check that we are allowed to process this particular kind of transfer * note : this does not determine what is REALLY begin transferred */ switch(qtype) { case TYPE_AXFR: { if((flags & XFR_ALLOW_AXFR) == 0) { return INVALID_PROTOCOL; } break; } case TYPE_IXFR: { if((flags & XFR_ALLOW_IXFR) == 0) { return INVALID_PROTOCOL; } break; } default: { return INVALID_PROTOCOL; } } if(FAIL(return_value = packet_reader_read_u16(&reader, &qclass))) { return return_value; } if(qclass != CLASS_IN) { /** wrong answer */ return INVALID_PROTOCOL; } /* check for TSIG and verify */ u16 ancount = ntohs(MESSAGE_AN(buffer)); #if DNSCORE_HAS_TSIG_SUPPORT if((last_message_had_tsig = ((tsig = message->tsig.tsig) != NULL))) { /* verify the TSIG * * AR > 0 * skip ALL the records until the last AR * it MUST be a TSIG * It's the first TSIG answering to our query * verify it * */ message->tsig.tsig = NULL; old_mac_size = message->tsig.mac_size; memcpy(old_mac, message->tsig.mac, old_mac_size); if(FAIL(return_value = tsig_message_extract(message))) { log_debug("xfr_input_stream: error extracting the signature"); return return_value; } if(return_value == 0) { log_debug("xfr_input_stream: no signature when one was requested"); return TSIG_BADSIG; /* no signature, when one was requested, is a bad signature */ } if(message->tsig.tsig != tsig) { /* This is not the one we started with */ log_debug("xfr_input_stream: signature key does not match"); return TSIG_BADSIG; } /// check that the tsig in the message matches the one that was sent if(FAIL(return_value = tsig_verify_tcp_first_message(message, old_mac, old_mac_size))) { return return_value; } reader.packet_size = message->received; need_cleanup_tsig = TRUE; } #endif log_debug("xfr_input_stream: expecting %5d answer records", ancount); /* * read the SOA (it MUST be an SOA) */ if(FAIL(record_len = packet_reader_read_record(&reader, record, RDATA_MAX_LENGTH + 1))) { return record_len; } if(!dnsname_equals(record, origin)) { return INVALID_PROTOCOL; } ptr = &record[origin_len]; if(GET_U16_AT(*ptr) != TYPE_SOA) { return INVALID_PROTOCOL; } ptr += 8; /* type class ttl */ u16 rdata_size = ntohs(GET_U16_AT(*ptr)); if(rdata_size < 22) { return INVALID_PROTOCOL; } rdata_size -= 16; ptr += 2; /* rdata size */ s32 len = dnsname_len(ptr); if(len >= rdata_size) { return INVALID_PROTOCOL; } rdata_size -= len; ptr += len; len = dnsname_len(ptr); if(len >= rdata_size) { return INVALID_PROTOCOL; } rdata_size -= len; if(rdata_size != 4) { return INVALID_PROTOCOL; } ptr += len; // if the serial of the SOA is the same one as we know, then there is no // need to download the zone last_serial = ntohl(GET_U32_AT(*ptr)); if(last_serial == current_serial) { //args->out_loaded_serial = args->current_serial; return ZONE_ALREADY_UP_TO_DATE; } xfr_input_stream_data *data; ZALLOC_OR_DIE(xfr_input_stream_data*, data, xfr_input_stream_data, XFRISDTA_TAG); ZEROMEMORY(data, sizeof(xfr_input_stream_data)); /* * We have got the first SOA * Next time we find this SOA (second next time for IXFR) the stream, it will be the end of the stream */ /* * The stream can be AXFR or IXFR. * The only way to know this is to look at the records, maybe on many packets. * If there are two SOA (different serial numbers) for the start, then it's an IXFR, else it's an AXFR. * * OPEN A PIPE STREAM "XFRs" * * Save the first SOA */ MALLOC_OR_DIE(u8*, data->first_soa_record, record_len, XFRISSOA_TAG); MEMCOPY(data->first_soa_record, record, record_len); data->first_soa_record_size = record_len; filtering_stream->vtbl = &xfr_input_stream_vtbl; filtering_stream->data = data; pipe_stream_init(&data->pipe_stream_output, &data->pipe_stream_input, 65536); MEMCOPY(&data->reader, &reader, sizeof(packet_unpack_reader_data)); data->origin = origin; data->message = message; data->ancount = ancount - 1; data->record_index++; data->last_serial = last_serial; data->xfr_mode = TYPE_ANY; data->ixfr_mark = FALSE; data->last_message_had_tsig = last_message_had_tsig; data->source_stream = *is; data->need_cleanup_tsig = need_cleanup_tsig; /* * Then we read all records for all packets * If we find an SOA ... * AXFR: it has to be the last serial and it is the end of the stream. * IXFR: if it's not the last serial it has to go from step to step * AND once we have reached the "last serial" once, the next hit is the end of the stream. */ data->eos = FALSE; /* * In order to know what the type is, read the first packet. */ return_value = xfr_input_stream_read_packet(data); if(FAIL(return_value)) { xfr_input_stream_close(filtering_stream); } return return_value; }
static ya_result xfr_input_stream_read(input_stream *is, u8 *buffer, u32 len) { xfr_input_stream_data *data = (xfr_input_stream_data*)is->data; input_stream *source_stream = &data->source_stream; message_data *message = data->message; #if DNSCORE_HAS_TSIG_SUPPORT const tsig_item *tsig = message->tsig.tsig; #endif packet_unpack_reader_data *reader = &data->reader; if(FAIL(data->last_error)) { return data->last_error; } ya_result return_value = SUCCESS; /* while there is not enough bytes on the input */ while(pipe_stream_read_available(&data->pipe_stream_input) < len) { /* read the packet and write on the output (so it can be read back on the input) */ if(FAIL(return_value = xfr_input_stream_read_packet(data))) { break; } if(data->eos) { break; } if(data->ancount > 0) { break; } /* next TCP chunk */ #ifdef DEBUG memset(&message->buffer[0], 0xee, sizeof(message->buffer)); #endif u16 tcplen; return_value = input_stream_read_nu16(source_stream, &tcplen); /* this is wrong ... */ if(return_value != 2) { #ifdef DEBUG log_debug("xfr_input_stream_read: next message is %ld bytes long", return_value); #endif break; } if(tcplen == 0) { return_value = UNEXPECTED_EOF; break; } if(FAIL(return_value = input_stream_read_fully(source_stream, message->buffer, tcplen))) { break; } #if DEBUG_XFR_INPUT_STREAM log_memdump(g_system_logger, MSG_DEBUG1, &message->buffer[0], tcplen, 32); #endif message->received = return_value; #ifdef DEBUG memset(&message->buffer[tcplen], 0xdd, DNSPACKET_MAX_LENGTH + 1 - tcplen); #endif /* * Check the headers */ const u64 *h64 = (u64*)message->buffer; const u64 m64 = AXFR_NEXT_MESSAGE_HEADER_MASK; const u64 r64 = AXFR_NEXT_MESSAGE_HEADER_RESULT; if(((*h64&m64) != r64) || (MESSAGE_NS(message->buffer) != 0)) { u8 code = MESSAGE_RCODE(message->buffer); if(code != 0) { return_value = MAKE_DNSMSG_ERROR(code); } else { return_value = UNPROCESSABLE_MESSAGE; } break; } #if DNSCORE_HAS_TSIG_SUPPORT if((data->last_message_had_tsig = (tsig != NULL))) { /* verify the TSIG * * AR > 0 * skip ALL the records until the last AR * it MUST be a TSIG * It's the first TSIG answering to our query * verify it * */ message->tsig.tsig = NULL; if(FAIL(return_value = tsig_message_extract(message))) { break; } if((return_value == 1) && (message->tsig.tsig != tsig)) { /* This is not the one we started with */ log_debug("xfr_input_stream: signature key does not match"); return_value = TSIG_BADSIG; break; } if(FAIL(return_value = tsig_verify_tcp_next_message(message))) { break; } } #endif message_header *header = (message_header*)message->buffer; data->ancount = ntohs(header->ancount); packet_reader_init(reader, message->buffer, message->received); reader->offset = DNS_HEADER_LENGTH; u16 n = ntohs(header->qdcount); while(n > 0) { if(FAIL(return_value = packet_reader_skip_fqdn(reader))) { break; } packet_reader_skip(reader, 4); n--; } } // for(;;) /* process all TCP chunks */ if(ISOK(return_value)) { if((return_value = pipe_stream_read_available(&data->pipe_stream_input)) > 0) // never fails { if(FAIL(return_value = input_stream_read(&data->pipe_stream_input, buffer, len))) { #if DNSCORE_HAS_TSIG_SUPPORT if(data->need_cleanup_tsig) { tsig_verify_tcp_last_message(message); data->need_cleanup_tsig = FALSE; } #endif } } else { // here, return_value == 0 #if DNSCORE_HAS_TSIG_SUPPORT if(tsig != NULL) { tsig_verify_tcp_last_message(message); data->need_cleanup_tsig = FALSE; if(!data->last_message_had_tsig) { /* * The stream didn't end with a TSIG * It's bad. * */ log_err("xfr_input_stream: TSIG enabled answer didn't ended with a signed packet"); return_value = TSIG_BADSIG; } } #endif } } else { #if DNSCORE_HAS_TSIG_SUPPORT // cleanup tsig_verify_tcp_last_message(message); data->need_cleanup_tsig = FALSE; #endif } data->last_error = return_value; return return_value; }
int send_pack(struct send_pack_args *args, int fd[], struct child_process *conn, struct ref *remote_refs, struct oid_array *extra_have) { int in = fd[0]; int out = fd[1]; struct strbuf req_buf = STRBUF_INIT; struct strbuf cap_buf = STRBUF_INIT; struct ref *ref; int need_pack_data = 0; int allow_deleting_refs = 0; int status_report = 0; int use_sideband = 0; int quiet_supported = 0; int agent_supported = 0; int use_atomic = 0; int atomic_supported = 0; int use_push_options = 0; int push_options_supported = 0; unsigned cmds_sent = 0; int ret; struct async demux; const char *push_cert_nonce = NULL; struct packet_reader reader; git_config(send_pack_config, NULL); /* Does the other end support the reporting? */ if (server_supports("report-status")) status_report = 1; if (server_supports("delete-refs")) allow_deleting_refs = 1; if (server_supports("ofs-delta")) args->use_ofs_delta = 1; if (config_use_sideband && server_supports("side-band-64k")) use_sideband = 1; if (server_supports("quiet")) quiet_supported = 1; if (server_supports("agent")) agent_supported = 1; if (server_supports("no-thin")) args->use_thin_pack = 0; if (server_supports("atomic")) atomic_supported = 1; if (server_supports("push-options")) push_options_supported = 1; if (args->push_cert != SEND_PACK_PUSH_CERT_NEVER) { int len; push_cert_nonce = server_feature_value("push-cert", &len); if (push_cert_nonce) { reject_invalid_nonce(push_cert_nonce, len); push_cert_nonce = xmemdupz(push_cert_nonce, len); } else if (args->push_cert == SEND_PACK_PUSH_CERT_ALWAYS) { die(_("the receiving end does not support --signed push")); } else if (args->push_cert == SEND_PACK_PUSH_CERT_IF_ASKED) { warning(_("not sending a push certificate since the" " receiving end does not support --signed" " push")); } } if (!remote_refs) { fprintf(stderr, "No refs in common and none specified; doing nothing.\n" "Perhaps you should specify a branch such as 'master'.\n"); return 0; } if (args->atomic && !atomic_supported) die(_("the receiving end does not support --atomic push")); use_atomic = atomic_supported && args->atomic; if (args->push_options && !push_options_supported) die(_("the receiving end does not support push options")); use_push_options = push_options_supported && args->push_options; if (status_report) strbuf_addstr(&cap_buf, " report-status"); if (use_sideband) strbuf_addstr(&cap_buf, " side-band-64k"); if (quiet_supported && (args->quiet || !args->progress)) strbuf_addstr(&cap_buf, " quiet"); if (use_atomic) strbuf_addstr(&cap_buf, " atomic"); if (use_push_options) strbuf_addstr(&cap_buf, " push-options"); if (agent_supported) strbuf_addf(&cap_buf, " agent=%s", git_user_agent_sanitized()); /* * NEEDSWORK: why does delete-refs have to be so specific to * send-pack machinery that set_ref_status_for_push() cannot * set this bit for us??? */ for (ref = remote_refs; ref; ref = ref->next) if (ref->deletion && !allow_deleting_refs) ref->status = REF_STATUS_REJECT_NODELETE; if (!args->dry_run) advertise_shallow_grafts_buf(&req_buf); if (!args->dry_run && push_cert_nonce) cmds_sent = generate_push_cert(&req_buf, remote_refs, args, cap_buf.buf, push_cert_nonce); /* * Clear the status for each ref and see if we need to send * the pack data. */ for (ref = remote_refs; ref; ref = ref->next) { switch (check_to_send_update(ref, args)) { case 0: /* no error */ break; case CHECK_REF_STATUS_REJECTED: /* * When we know the server would reject a ref update if * we were to send it and we're trying to send the refs * atomically, abort the whole operation. */ if (use_atomic) { strbuf_release(&req_buf); strbuf_release(&cap_buf); return atomic_push_failure(args, remote_refs, ref); } /* else fallthrough */ default: continue; } if (!ref->deletion) need_pack_data = 1; if (args->dry_run || !status_report) ref->status = REF_STATUS_OK; else ref->status = REF_STATUS_EXPECTING_REPORT; } /* * Finally, tell the other end! */ for (ref = remote_refs; ref; ref = ref->next) { char *old_hex, *new_hex; if (args->dry_run || push_cert_nonce) continue; if (check_to_send_update(ref, args) < 0) continue; old_hex = oid_to_hex(&ref->old_oid); new_hex = oid_to_hex(&ref->new_oid); if (!cmds_sent) { packet_buf_write(&req_buf, "%s %s %s%c%s", old_hex, new_hex, ref->name, 0, cap_buf.buf); cmds_sent = 1; } else { packet_buf_write(&req_buf, "%s %s %s", old_hex, new_hex, ref->name); } } if (use_push_options) { struct string_list_item *item; packet_buf_flush(&req_buf); for_each_string_list_item(item, args->push_options) packet_buf_write(&req_buf, "%s", item->string); } if (args->stateless_rpc) { if (!args->dry_run && (cmds_sent || is_repository_shallow(the_repository))) { packet_buf_flush(&req_buf); send_sideband(out, -1, req_buf.buf, req_buf.len, LARGE_PACKET_MAX); } } else { write_or_die(out, req_buf.buf, req_buf.len); packet_flush(out); } strbuf_release(&req_buf); strbuf_release(&cap_buf); if (use_sideband && cmds_sent) { memset(&demux, 0, sizeof(demux)); demux.proc = sideband_demux; demux.data = fd; demux.out = -1; demux.isolate_sigpipe = 1; if (start_async(&demux)) die("send-pack: unable to fork off sideband demultiplexer"); in = demux.out; } packet_reader_init(&reader, in, NULL, 0, PACKET_READ_CHOMP_NEWLINE | PACKET_READ_DIE_ON_ERR_PACKET); if (need_pack_data && cmds_sent) { if (pack_objects(out, remote_refs, extra_have, args) < 0) { for (ref = remote_refs; ref; ref = ref->next) ref->status = REF_STATUS_NONE; if (args->stateless_rpc) close(out); if (git_connection_is_socket(conn)) shutdown(fd[0], SHUT_WR); /* * Do not even bother with the return value; we know we * are failing, and just want the error() side effects. */ if (status_report) receive_unpack_status(&reader); if (use_sideband) { close(demux.out); finish_async(&demux); } fd[1] = -1; return -1; } if (!args->stateless_rpc) /* Closed by pack_objects() via start_command() */ fd[1] = -1; } if (args->stateless_rpc && cmds_sent) packet_flush(out); if (status_report && cmds_sent) ret = receive_status(&reader, remote_refs); else ret = 0; if (args->stateless_rpc) packet_flush(out); if (use_sideband && cmds_sent) { close(demux.out); if (finish_async(&demux)) { error("error in sideband demultiplexer"); ret = -1; } } if (ret < 0) return ret; if (args->porcelain) return 0; for (ref = remote_refs; ref; ref = ref->next) { switch (ref->status) { case REF_STATUS_NONE: case REF_STATUS_UPTODATE: case REF_STATUS_OK: break; default: return -1; } } return 0; }
static int find_common(struct fetch_negotiator *negotiator, struct fetch_pack_args *args, int fd[2], struct object_id *result_oid, struct ref *refs) { int fetching; int count = 0, flushes = 0, flush_at = INITIAL_FLUSH, retval; const struct object_id *oid; unsigned in_vain = 0; int got_continue = 0; int got_ready = 0; struct strbuf req_buf = STRBUF_INIT; size_t state_len = 0; struct packet_reader reader; if (args->stateless_rpc && multi_ack == 1) die(_("--stateless-rpc requires multi_ack_detailed")); packet_reader_init(&reader, fd[0], NULL, 0, PACKET_READ_CHOMP_NEWLINE | PACKET_READ_DIE_ON_ERR_PACKET); if (!args->no_dependents) { mark_tips(negotiator, args->negotiation_tips); for_each_cached_alternate(negotiator, insert_one_alternate_object); } fetching = 0; for ( ; refs ; refs = refs->next) { struct object_id *remote = &refs->old_oid; const char *remote_hex; struct object *o; /* * If that object is complete (i.e. it is an ancestor of a * local ref), we tell them we have it but do not have to * tell them about its ancestors, which they already know * about. * * We use lookup_object here because we are only * interested in the case we *know* the object is * reachable and we have already scanned it. * * Do this only if args->no_dependents is false (if it is true, * we cannot trust the object flags). */ if (!args->no_dependents && ((o = lookup_object(the_repository, remote->hash)) != NULL) && (o->flags & COMPLETE)) { continue; } remote_hex = oid_to_hex(remote); if (!fetching) { struct strbuf c = STRBUF_INIT; if (multi_ack == 2) strbuf_addstr(&c, " multi_ack_detailed"); if (multi_ack == 1) strbuf_addstr(&c, " multi_ack"); if (no_done) strbuf_addstr(&c, " no-done"); if (use_sideband == 2) strbuf_addstr(&c, " side-band-64k"); if (use_sideband == 1) strbuf_addstr(&c, " side-band"); if (args->deepen_relative) strbuf_addstr(&c, " deepen-relative"); if (args->use_thin_pack) strbuf_addstr(&c, " thin-pack"); if (args->no_progress) strbuf_addstr(&c, " no-progress"); if (args->include_tag) strbuf_addstr(&c, " include-tag"); if (prefer_ofs_delta) strbuf_addstr(&c, " ofs-delta"); if (deepen_since_ok) strbuf_addstr(&c, " deepen-since"); if (deepen_not_ok) strbuf_addstr(&c, " deepen-not"); if (agent_supported) strbuf_addf(&c, " agent=%s", git_user_agent_sanitized()); if (args->filter_options.choice) strbuf_addstr(&c, " filter"); packet_buf_write(&req_buf, "want %s%s\n", remote_hex, c.buf); strbuf_release(&c); } else packet_buf_write(&req_buf, "want %s\n", remote_hex); fetching++; } if (!fetching) { strbuf_release(&req_buf); packet_flush(fd[1]); return 1; } if (is_repository_shallow(the_repository)) write_shallow_commits(&req_buf, 1, NULL); if (args->depth > 0) packet_buf_write(&req_buf, "deepen %d", args->depth); if (args->deepen_since) { timestamp_t max_age = approxidate(args->deepen_since); packet_buf_write(&req_buf, "deepen-since %"PRItime, max_age); } if (args->deepen_not) { int i; for (i = 0; i < args->deepen_not->nr; i++) { struct string_list_item *s = args->deepen_not->items + i; packet_buf_write(&req_buf, "deepen-not %s", s->string); } } if (server_supports_filtering && args->filter_options.choice) { struct strbuf expanded_filter_spec = STRBUF_INIT; expand_list_objects_filter_spec(&args->filter_options, &expanded_filter_spec); packet_buf_write(&req_buf, "filter %s", expanded_filter_spec.buf); strbuf_release(&expanded_filter_spec); } packet_buf_flush(&req_buf); state_len = req_buf.len; if (args->deepen) { const char *arg; struct object_id oid; send_request(args, fd[1], &req_buf); while (packet_reader_read(&reader) == PACKET_READ_NORMAL) { if (skip_prefix(reader.line, "shallow ", &arg)) { if (get_oid_hex(arg, &oid)) die(_("invalid shallow line: %s"), reader.line); register_shallow(the_repository, &oid); continue; } if (skip_prefix(reader.line, "unshallow ", &arg)) { if (get_oid_hex(arg, &oid)) die(_("invalid unshallow line: %s"), reader.line); if (!lookup_object(the_repository, oid.hash)) die(_("object not found: %s"), reader.line); /* make sure that it is parsed as shallow */ if (!parse_object(the_repository, &oid)) die(_("error in object: %s"), reader.line); if (unregister_shallow(&oid)) die(_("no shallow found: %s"), reader.line); continue; } die(_("expected shallow/unshallow, got %s"), reader.line); } } else if (!args->stateless_rpc) send_request(args, fd[1], &req_buf); if (!args->stateless_rpc) { /* If we aren't using the stateless-rpc interface * we don't need to retain the headers. */ strbuf_setlen(&req_buf, 0); state_len = 0; } flushes = 0; retval = -1; if (args->no_dependents) goto done; while ((oid = negotiator->next(negotiator))) { packet_buf_write(&req_buf, "have %s\n", oid_to_hex(oid)); print_verbose(args, "have %s", oid_to_hex(oid)); in_vain++; if (flush_at <= ++count) { int ack; packet_buf_flush(&req_buf); send_request(args, fd[1], &req_buf); strbuf_setlen(&req_buf, state_len); flushes++; flush_at = next_flush(args->stateless_rpc, count); /* * We keep one window "ahead" of the other side, and * will wait for an ACK only on the next one */ if (!args->stateless_rpc && count == INITIAL_FLUSH) continue; consume_shallow_list(args, &reader); do { ack = get_ack(&reader, result_oid); if (ack) print_verbose(args, _("got %s %d %s"), "ack", ack, oid_to_hex(result_oid)); switch (ack) { case ACK: flushes = 0; multi_ack = 0; retval = 0; goto done; case ACK_common: case ACK_ready: case ACK_continue: { struct commit *commit = lookup_commit(the_repository, result_oid); int was_common; if (!commit) die(_("invalid commit %s"), oid_to_hex(result_oid)); was_common = negotiator->ack(negotiator, commit); if (args->stateless_rpc && ack == ACK_common && !was_common) { /* We need to replay the have for this object * on the next RPC request so the peer knows * it is in common with us. */ const char *hex = oid_to_hex(result_oid); packet_buf_write(&req_buf, "have %s\n", hex); state_len = req_buf.len; /* * Reset in_vain because an ack * for this commit has not been * seen. */ in_vain = 0; } else if (!args->stateless_rpc || ack != ACK_common) in_vain = 0; retval = 0; got_continue = 1; if (ack == ACK_ready) got_ready = 1; break; } } } while (ack); flushes--; if (got_continue && MAX_IN_VAIN < in_vain) { print_verbose(args, _("giving up")); break; /* give up */ } if (got_ready) break; } } done: if (!got_ready || !no_done) { packet_buf_write(&req_buf, "done\n"); send_request(args, fd[1], &req_buf); } print_verbose(args, _("done")); if (retval != 0) { multi_ack = 0; flushes++; } strbuf_release(&req_buf); if (!got_ready || !no_done) consume_shallow_list(args, &reader); while (flushes || multi_ack) { int ack = get_ack(&reader, result_oid); if (ack) { print_verbose(args, _("got %s (%d) %s"), "ack", ack, oid_to_hex(result_oid)); if (ack == ACK) return 0; multi_ack = 1; continue; } flushes--; } /* it is no error to fetch into a completely empty repo */ return count ? retval : 0; }