diff options
author | Junio C Hamano <gitster@pobox.com> | 2013-02-17 15:25:57 -0800 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2013-02-17 15:25:57 -0800 |
commit | ce735bf7fd66c6404e86e5a313f35abc0394b838 (patch) | |
tree | ac1605c58fb6a3b12c90a4085cc6a0a7ada64da9 | |
parent | abea4dc76a675d4ac0f27a2367256dc31981d1ca (diff) | |
parent | daebaa78137d59693a808c1f0bdec0ecb40fc12e (diff) | |
download | git-ce735bf7fd66c6404e86e5a313f35abc0394b838.tar.gz git-ce735bf7fd66c6404e86e5a313f35abc0394b838.tar.xz |
Merge branch 'jc/hidden-refs'
Allow the server side to redact the refs/ namespace it shows to the
client.
Will merge to 'master'.
* jc/hidden-refs:
upload/receive-pack: allow hiding ref hierarchies
upload-pack: simplify request validation
upload-pack: share more code
-rw-r--r-- | Documentation/config.txt | 23 | ||||
-rw-r--r-- | builtin/receive-pack.c | 24 | ||||
-rw-r--r-- | refs.c | 44 | ||||
-rw-r--r-- | refs.h | 3 | ||||
-rwxr-xr-x | t/t5512-ls-remote.sh | 12 | ||||
-rwxr-xr-x | t/t5516-fetch-push.sh | 27 | ||||
-rw-r--r-- | upload-pack.c | 63 |
7 files changed, 166 insertions, 30 deletions
diff --git a/Documentation/config.txt b/Documentation/config.txt index 9b1159738..481736a47 100644 --- a/Documentation/config.txt +++ b/Documentation/config.txt @@ -1880,6 +1880,15 @@ receive.denyNonFastForwards:: even if that push is forced. This configuration variable is set when initializing a shared repository. +receive.hiderefs:: + String(s) `receive-pack` uses to decide which refs to omit + from its initial advertisement. Use more than one + definitions to specify multiple prefix strings. A ref that + are under the hierarchies listed on the value of this + variable is excluded, and is hidden when responding to `git + push`, and an attempt to update or delete a hidden ref by + `git push` is rejected. + receive.updateserverinfo:: If set to true, git-receive-pack will run git-update-server-info after receiving data from git-push and updating refs. @@ -2092,11 +2101,25 @@ transfer.fsckObjects:: not set, the value of this variable is used instead. Defaults to false. +transfer.hiderefs:: + This variable can be used to set both `receive.hiderefs` + and `uploadpack.hiderefs` at the same time to the same + values. See entries for these other variables. + transfer.unpackLimit:: When `fetch.unpackLimit` or `receive.unpackLimit` are not set, the value of this variable is used instead. The default value is 100. +uploadpack.hiderefs:: + String(s) `upload-pack` uses to decide which refs to omit + from its initial advertisement. Use more than one + definitions to specify multiple prefix strings. A ref that + are under the hierarchies listed on the value of this + variable is excluded, and is hidden from `git ls-remote`, + `git fetch`, etc. An attempt to fetch a hidden ref by `git + fetch` will fail. + url.<base>.insteadOf:: Any URL that starts with this value will be rewritten to start, instead, with <base>. In cases where some site serves a diff --git a/builtin/receive-pack.c b/builtin/receive-pack.c index e8878de45..62ba6e7a3 100644 --- a/builtin/receive-pack.c +++ b/builtin/receive-pack.c @@ -59,6 +59,11 @@ static enum deny_action parse_deny_action(const char *var, const char *value) static int receive_pack_config(const char *var, const char *value, void *cb) { + int status = parse_hide_refs_config(var, value, "receive"); + + if (status) + return status; + if (strcmp(var, "receive.denydeletes") == 0) { deny_deletes = git_config_bool(var, value); return 0; @@ -119,6 +124,9 @@ static int receive_pack_config(const char *var, const char *value, void *cb) static void show_ref(const char *path, const unsigned char *sha1) { + if (ref_is_hidden(path)) + return; + if (sent_capabilities) packet_write(1, "%s %s\n", sha1_to_hex(sha1), path); else @@ -685,6 +693,20 @@ static int iterate_receive_command_list(void *cb_data, unsigned char sha1[20]) return -1; /* end of list */ } +static void reject_updates_to_hidden(struct command *commands) +{ + struct command *cmd; + + for (cmd = commands; cmd; cmd = cmd->next) { + if (cmd->error_string || !ref_is_hidden(cmd->ref_name)) + continue; + if (is_null_sha1(cmd->new_sha1)) + cmd->error_string = "deny deleting a hidden ref"; + else + cmd->error_string = "deny updating a hidden ref"; + } +} + static void execute_commands(struct command *commands, const char *unpacker_error) { struct command *cmd; @@ -701,6 +723,8 @@ static void execute_commands(struct command *commands, const char *unpacker_erro 0, &cmd)) set_connectivity_errors(commands); + reject_updates_to_hidden(commands); + if (run_receive_hook(commands, "pre-receive", 0)) { for (cmd = commands; cmd; cmd = cmd->next) { if (!cmd->error_string) @@ -3,6 +3,7 @@ #include "object.h" #include "tag.h" #include "dir.h" +#include "string-list.h" /* * Make sure "ref" is something reasonable to have under ".git/refs/"; @@ -2554,3 +2555,46 @@ char *shorten_unambiguous_ref(const char *refname, int strict) free(short_name); return xstrdup(refname); } + +static struct string_list *hide_refs; + +int parse_hide_refs_config(const char *var, const char *value, const char *section) +{ + if (!strcmp("transfer.hiderefs", var) || + /* NEEDSWORK: use parse_config_key() once both are merged */ + (!prefixcmp(var, section) && var[strlen(section)] == '.' && + !strcmp(var + strlen(section), ".hiderefs"))) { + char *ref; + int len; + + if (!value) + return config_error_nonbool(var); + ref = xstrdup(value); + len = strlen(ref); + while (len && ref[len - 1] == '/') + ref[--len] = '\0'; + if (!hide_refs) { + hide_refs = xcalloc(1, sizeof(*hide_refs)); + hide_refs->strdup_strings = 1; + } + string_list_append(hide_refs, ref); + } + return 0; +} + +int ref_is_hidden(const char *refname) +{ + struct string_list_item *item; + + if (!hide_refs) + return 0; + for_each_string_list_item(item, hide_refs) { + int len; + if (prefixcmp(refname, item->string)) + continue; + len = strlen(item->string); + if (!refname[len] || refname[len] == '/') + return 1; + } + return 0; +} @@ -147,4 +147,7 @@ int update_ref(const char *action, const char *refname, const unsigned char *sha1, const unsigned char *oldval, int flags, enum action_on_err onerr); +extern int parse_hide_refs_config(const char *var, const char *value, const char *); +extern int ref_is_hidden(const char *); + #endif /* REFS_H */ diff --git a/t/t5512-ls-remote.sh b/t/t5512-ls-remote.sh index d16e5d384..321c3e523 100755 --- a/t/t5512-ls-remote.sh +++ b/t/t5512-ls-remote.sh @@ -126,4 +126,16 @@ test_expect_success 'Report match with --exit-code' ' test_cmp expect actual ' +for configsection in transfer uploadpack +do + test_expect_success "Hide some refs with $configsection.hiderefs" ' + test_config $configsection.hiderefs refs/tags && + git ls-remote . >actual && + test_unconfig $configsection.hiderefs && + git ls-remote . | + sed -e "/ refs\/tags\//d" >expect && + test_cmp expect actual + ' +done + test_done diff --git a/t/t5516-fetch-push.sh b/t/t5516-fetch-push.sh index 8f024a08f..c31e5c1c5 100755 --- a/t/t5516-fetch-push.sh +++ b/t/t5516-fetch-push.sh @@ -1016,4 +1016,31 @@ test_expect_success 'push --prune refspec' ' ! check_push_result $the_first_commit tmp/foo tmp/bar ' +for configsection in transfer receive +do + test_expect_success "push to update a ref hidden by $configsection.hiderefs" ' + mk_test heads/master hidden/one hidden/two hidden/three && + ( + cd testrepo && + git config $configsection.hiderefs refs/hidden + ) && + + # push to unhidden ref succeeds normally + git push testrepo master:refs/heads/master && + check_push_result $the_commit heads/master && + + # push to update a hidden ref should fail + test_must_fail git push testrepo master:refs/hidden/one && + check_push_result $the_first_commit hidden/one && + + # push to delete a hidden ref should fail + test_must_fail git push testrepo :refs/hidden/two && + check_push_result $the_first_commit hidden/two && + + # idempotent push to update a hidden ref should fail + test_must_fail git push testrepo $the_first_commit:refs/hidden/three && + check_push_result $the_first_commit hidden/three + ' +done + test_done diff --git a/upload-pack.c b/upload-pack.c index 7c05b15e6..30146a04f 100644 --- a/upload-pack.c +++ b/upload-pack.c @@ -12,6 +12,7 @@ #include "run-command.h" #include "sigchain.h" #include "version.h" +#include "string-list.h" static const char upload_pack_usage[] = "git upload-pack [--strict] [--timeout=<n>] <dir>"; @@ -28,7 +29,7 @@ static const char upload_pack_usage[] = "git upload-pack [--strict] [--timeout=< static unsigned long oldest_have; -static int multi_ack, nr_our_refs; +static int multi_ack; static int no_done; static int use_thin_pack, use_ofs_delta, use_include_tag; static int no_progress, daemon_mode; @@ -139,7 +140,6 @@ static void create_pack_file(void) { struct async rev_list; struct child_process pack_objects; - int create_full_pack = (nr_our_refs == want_obj.nr && !have_obj.nr); char data[8193], progress[128]; char abort_msg[] = "aborting due to possible repository " "corruption on the remote side."; @@ -151,9 +151,7 @@ static void create_pack_file(void) argv[arg++] = "pack-objects"; if (!shallow_nr) { argv[arg++] = "--revs"; - if (create_full_pack) - argv[arg++] = "--all"; - else if (use_thin_pack) + if (use_thin_pack) argv[arg++] = "--thin"; } @@ -185,15 +183,15 @@ static void create_pack_file(void) } else { FILE *pipe_fd = xfdopen(pack_objects.in, "w"); - if (!create_full_pack) { - int i; - for (i = 0; i < want_obj.nr; i++) - fprintf(pipe_fd, "%s\n", sha1_to_hex(want_obj.objects[i].item->sha1)); - fprintf(pipe_fd, "--not\n"); - for (i = 0; i < have_obj.nr; i++) - fprintf(pipe_fd, "%s\n", sha1_to_hex(have_obj.objects[i].item->sha1)); - } + int i; + for (i = 0; i < want_obj.nr; i++) + fprintf(pipe_fd, "%s\n", + sha1_to_hex(want_obj.objects[i].item->sha1)); + fprintf(pipe_fd, "--not\n"); + for (i = 0; i < have_obj.nr; i++) + fprintf(pipe_fd, "%s\n", + sha1_to_hex(have_obj.objects[i].item->sha1)); fprintf(pipe_fd, "\n"); fflush(pipe_fd); fclose(pipe_fd); @@ -729,15 +727,30 @@ static void receive_needs(void) free(shallows.objects); } +/* return non-zero if the ref is hidden, otherwise 0 */ +static int mark_our_ref(const char *refname, const unsigned char *sha1, int flag, void *cb_data) +{ + struct object *o = lookup_unknown_object(sha1); + + if (ref_is_hidden(refname)) + return 1; + if (!o) + die("git upload-pack: cannot find object %s:", sha1_to_hex(sha1)); + o->flags |= OUR_REF; + return 0; +} + static int send_ref(const char *refname, const unsigned char *sha1, int flag, void *cb_data) { static const char *capabilities = "multi_ack thin-pack side-band" " side-band-64k ofs-delta shallow no-progress" " include-tag multi_ack_detailed"; - struct object *o = lookup_unknown_object(sha1); const char *refname_nons = strip_namespace(refname); unsigned char peeled[20]; + if (mark_our_ref(refname, sha1, flag, cb_data)) + return 0; + if (capabilities) packet_write(1, "%s %s%c%s%s agent=%s\n", sha1_to_hex(sha1), refname_nons, @@ -747,27 +760,11 @@ static int send_ref(const char *refname, const unsigned char *sha1, int flag, vo else packet_write(1, "%s %s\n", sha1_to_hex(sha1), refname_nons); capabilities = NULL; - if (!(o->flags & OUR_REF)) { - o->flags |= OUR_REF; - nr_our_refs++; - } if (!peel_ref(refname, peeled)) packet_write(1, "%s %s^{}\n", sha1_to_hex(peeled), refname_nons); return 0; } -static int mark_our_ref(const char *refname, const unsigned char *sha1, int flag, void *cb_data) -{ - struct object *o = parse_object(sha1); - if (!o) - die("git upload-pack: cannot find object %s:", sha1_to_hex(sha1)); - if (!(o->flags & OUR_REF)) { - o->flags |= OUR_REF; - nr_our_refs++; - } - return 0; -} - static void upload_pack(void) { if (advertise_refs || !stateless_rpc) { @@ -789,6 +786,11 @@ static void upload_pack(void) } } +static int upload_pack_config(const char *var, const char *value, void *unused) +{ + return parse_hide_refs_config(var, value, "uploadpack"); +} + int main(int argc, char **argv) { char *dir; @@ -840,6 +842,7 @@ int main(int argc, char **argv) die("'%s' does not appear to be a git repository", dir); if (is_repository_shallow()) die("attempt to fetch/clone from a shallow repository"); + git_config(upload_pack_config, NULL); if (getenv("GIT_DEBUG_SEND_PACK")) debug_fd = atoi(getenv("GIT_DEBUG_SEND_PACK")); upload_pack(); |