git
/
setup.c
2512 строк · 68.1 Кб
1#define USE_THE_REPOSITORY_VARIABLE2
3#include "git-compat-util.h"4#include "abspath.h"5#include "copy.h"6#include "environment.h"7#include "exec-cmd.h"8#include "gettext.h"9#include "hex.h"10#include "object-name.h"11#include "refs.h"12#include "repository.h"13#include "config.h"14#include "dir.h"15#include "setup.h"16#include "string-list.h"17#include "chdir-notify.h"18#include "path.h"19#include "quote.h"20#include "trace2.h"21#include "worktree.h"22#include "exec-cmd.h"23
24static int inside_git_dir = -1;25static int inside_work_tree = -1;26static int work_tree_config_is_bogus;27enum allowed_bare_repo {28ALLOWED_BARE_REPO_EXPLICIT = 0,29ALLOWED_BARE_REPO_ALL,30};31
32static struct startup_info the_startup_info;33struct startup_info *startup_info = &the_startup_info;34const char *tmp_original_cwd;35
36/*
37* The input parameter must contain an absolute path, and it must already be
38* normalized.
39*
40* Find the part of an absolute path that lies inside the work tree by
41* dereferencing symlinks outside the work tree, for example:
42* /dir1/repo/dir2/file (work tree is /dir1/repo) -> dir2/file
43* /dir/file (work tree is /) -> dir/file
44* /dir/symlink1/symlink2 (symlink1 points to work tree) -> symlink2
45* /dir/repolink/file (repolink points to /dir/repo) -> file
46* /dir/repo (exactly equal to work tree) -> (empty string)
47*/
48static int abspath_part_inside_repo(char *path)49{
50size_t len;51size_t wtlen;52char *path0;53int off;54const char *work_tree = precompose_string_if_needed(get_git_work_tree());55struct strbuf realpath = STRBUF_INIT;56
57if (!work_tree)58return -1;59wtlen = strlen(work_tree);60len = strlen(path);61off = offset_1st_component(path);62
63/* check if work tree is already the prefix */64if (wtlen <= len && !fspathncmp(path, work_tree, wtlen)) {65if (path[wtlen] == '/') {66memmove(path, path + wtlen + 1, len - wtlen);67return 0;68} else if (path[wtlen - 1] == '/' || path[wtlen] == '\0') {69/* work tree is the root, or the whole path */70memmove(path, path + wtlen, len - wtlen + 1);71return 0;72}73/* work tree might match beginning of a symlink to work tree */74off = wtlen;75}76path0 = path;77path += off;78
79/* check each '/'-terminated level */80while (*path) {81path++;82if (*path == '/') {83*path = '\0';84strbuf_realpath(&realpath, path0, 1);85if (fspathcmp(realpath.buf, work_tree) == 0) {86memmove(path0, path + 1, len - (path - path0));87strbuf_release(&realpath);88return 0;89}90*path = '/';91}92}93
94/* check whole path */95strbuf_realpath(&realpath, path0, 1);96if (fspathcmp(realpath.buf, work_tree) == 0) {97*path0 = '\0';98strbuf_release(&realpath);99return 0;100}101
102strbuf_release(&realpath);103return -1;104}
105
106/*
107* Normalize "path", prepending the "prefix" for relative paths. If
108* remaining_prefix is not NULL, return the actual prefix still
109* remains in the path. For example, prefix = sub1/sub2/ and path is
110*
111* foo -> sub1/sub2/foo (full prefix)
112* ../foo -> sub1/foo (remaining prefix is sub1/)
113* ../../bar -> bar (no remaining prefix)
114* ../../sub1/sub2/foo -> sub1/sub2/foo (but no remaining prefix)
115* `pwd`/../bar -> sub1/bar (no remaining prefix)
116*/
117char *prefix_path_gently(const char *prefix, int len,118int *remaining_prefix, const char *path)119{
120const char *orig = path;121char *sanitized;122if (is_absolute_path(orig)) {123sanitized = xmallocz(strlen(path));124if (remaining_prefix)125*remaining_prefix = 0;126if (normalize_path_copy_len(sanitized, path, remaining_prefix)) {127free(sanitized);128return NULL;129}130if (abspath_part_inside_repo(sanitized)) {131free(sanitized);132return NULL;133}134} else {135sanitized = xstrfmt("%.*s%s", len, len ? prefix : "", path);136if (remaining_prefix)137*remaining_prefix = len;138if (normalize_path_copy_len(sanitized, sanitized, remaining_prefix)) {139free(sanitized);140return NULL;141}142}143return sanitized;144}
145
146char *prefix_path(const char *prefix, int len, const char *path)147{
148char *r = prefix_path_gently(prefix, len, NULL, path);149if (!r) {150const char *hint_path = get_git_work_tree();151if (!hint_path)152hint_path = get_git_dir();153die(_("'%s' is outside repository at '%s'"), path,154absolute_path(hint_path));155}156return r;157}
158
159int path_inside_repo(const char *prefix, const char *path)160{
161int len = prefix ? strlen(prefix) : 0;162char *r = prefix_path_gently(prefix, len, NULL, path);163if (r) {164free(r);165return 1;166}167return 0;168}
169
170int check_filename(const char *prefix, const char *arg)171{
172char *to_free = NULL;173struct stat st;174
175if (skip_prefix(arg, ":/", &arg)) {176if (!*arg) /* ":/" is root dir, always exists */177return 1;178prefix = NULL;179} else if (skip_prefix(arg, ":!", &arg) ||180skip_prefix(arg, ":^", &arg)) {181if (!*arg) /* excluding everything is silly, but allowed */182return 1;183}184
185if (prefix)186arg = to_free = prefix_filename(prefix, arg);187
188if (!lstat(arg, &st)) {189free(to_free);190return 1; /* file exists */191}192if (is_missing_file_error(errno)) {193free(to_free);194return 0; /* file does not exist */195}196die_errno(_("failed to stat '%s'"), arg);197}
198
199static void NORETURN die_verify_filename(struct repository *r,200const char *prefix,201const char *arg,202int diagnose_misspelt_rev)203{
204if (!diagnose_misspelt_rev)205die(_("%s: no such path in the working tree.\n"206"Use 'git <command> -- <path>...' to specify paths that do not exist locally."),207arg);208/*209* Saying "'(icase)foo' does not exist in the index" when the
210* user gave us ":(icase)foo" is just stupid. A magic pathspec
211* begins with a colon and is followed by a non-alnum; do not
212* let maybe_die_on_misspelt_object_name() even trigger.
213*/
214if (!(arg[0] == ':' && !isalnum(arg[1])))215maybe_die_on_misspelt_object_name(r, arg, prefix);216
217/* ... or fall back the most general message. */218die(_("ambiguous argument '%s': unknown revision or path not in the working tree.\n"219"Use '--' to separate paths from revisions, like this:\n"220"'git <command> [<revision>...] -- [<file>...]'"), arg);221
222}
223
224/*
225* Check for arguments that don't resolve as actual files,
226* but which look sufficiently like pathspecs that we'll consider
227* them such for the purposes of rev/pathspec DWIM parsing.
228*/
229static int looks_like_pathspec(const char *arg)230{
231const char *p;232int escaped = 0;233
234/*235* Wildcard characters imply the user is looking to match pathspecs
236* that aren't in the filesystem. Note that this doesn't include
237* backslash even though it's a glob special; by itself it doesn't
238* cause any increase in the match. Likewise ignore backslash-escaped
239* wildcard characters.
240*/
241for (p = arg; *p; p++) {242if (escaped) {243escaped = 0;244} else if (is_glob_special(*p)) {245if (*p == '\\')246escaped = 1;247else248return 1;249}250}251
252/* long-form pathspec magic */253if (starts_with(arg, ":("))254return 1;255
256return 0;257}
258
259/*
260* Verify a filename that we got as an argument for a pathspec
261* entry. Note that a filename that begins with "-" never verifies
262* as true, because even if such a filename were to exist, we want
263* it to be preceded by the "--" marker (or we want the user to
264* use a format like "./-filename")
265*
266* The "diagnose_misspelt_rev" is used to provide a user-friendly
267* diagnosis when dying upon finding that "name" is not a pathname.
268* If set to 1, the diagnosis will try to diagnose "name" as an
269* invalid object name (e.g. HEAD:foo). If set to 0, the diagnosis
270* will only complain about an inexisting file.
271*
272* This function is typically called to check that a "file or rev"
273* argument is unambiguous. In this case, the caller will want
274* diagnose_misspelt_rev == 1 when verifying the first non-rev
275* argument (which could have been a revision), and
276* diagnose_misspelt_rev == 0 for the next ones (because we already
277* saw a filename, there's not ambiguity anymore).
278*/
279void verify_filename(const char *prefix,280const char *arg,281int diagnose_misspelt_rev)282{
283if (*arg == '-')284die(_("option '%s' must come before non-option arguments"), arg);285if (looks_like_pathspec(arg) || check_filename(prefix, arg))286return;287die_verify_filename(the_repository, prefix, arg, diagnose_misspelt_rev);288}
289
290/*
291* Opposite of the above: the command line did not have -- marker
292* and we parsed the arg as a refname. It should not be interpretable
293* as a filename.
294*/
295void verify_non_filename(const char *prefix, const char *arg)296{
297if (!is_inside_work_tree() || is_inside_git_dir())298return;299if (*arg == '-')300return; /* flag */301if (!check_filename(prefix, arg))302return;303die(_("ambiguous argument '%s': both revision and filename\n"304"Use '--' to separate paths from revisions, like this:\n"305"'git <command> [<revision>...] -- [<file>...]'"), arg);306}
307
308int get_common_dir(struct strbuf *sb, const char *gitdir)309{
310const char *git_env_common_dir = getenv(GIT_COMMON_DIR_ENVIRONMENT);311if (git_env_common_dir) {312strbuf_addstr(sb, git_env_common_dir);313return 1;314} else {315return get_common_dir_noenv(sb, gitdir);316}317}
318
319int get_common_dir_noenv(struct strbuf *sb, const char *gitdir)320{
321struct strbuf data = STRBUF_INIT;322struct strbuf path = STRBUF_INIT;323int ret = 0;324
325strbuf_addf(&path, "%s/commondir", gitdir);326if (file_exists(path.buf)) {327if (strbuf_read_file(&data, path.buf, 0) <= 0)328die_errno(_("failed to read %s"), path.buf);329while (data.len && (data.buf[data.len - 1] == '\n' ||330data.buf[data.len - 1] == '\r'))331data.len--;332data.buf[data.len] = '\0';333strbuf_reset(&path);334if (!is_absolute_path(data.buf))335strbuf_addf(&path, "%s/", gitdir);336strbuf_addbuf(&path, &data);337strbuf_add_real_path(sb, path.buf);338ret = 1;339} else {340strbuf_addstr(sb, gitdir);341}342
343strbuf_release(&data);344strbuf_release(&path);345return ret;346}
347
348static int validate_headref(const char *path)349{
350struct stat st;351char buffer[256];352const char *refname;353struct object_id oid;354int fd;355ssize_t len;356
357if (lstat(path, &st) < 0)358return -1;359
360/* Make sure it is a "refs/.." symlink */361if (S_ISLNK(st.st_mode)) {362len = readlink(path, buffer, sizeof(buffer)-1);363if (len >= 5 && !memcmp("refs/", buffer, 5))364return 0;365return -1;366}367
368/*369* Anything else, just open it and try to see if it is a symbolic ref.
370*/
371fd = open(path, O_RDONLY);372if (fd < 0)373return -1;374len = read_in_full(fd, buffer, sizeof(buffer)-1);375close(fd);376
377if (len < 0)378return -1;379buffer[len] = '\0';380
381/*382* Is it a symbolic ref?
383*/
384if (skip_prefix(buffer, "ref:", &refname)) {385while (isspace(*refname))386refname++;387if (starts_with(refname, "refs/"))388return 0;389}390
391/*392* Is this a detached HEAD?
393*/
394if (get_oid_hex_any(buffer, &oid) != GIT_HASH_UNKNOWN)395return 0;396
397return -1;398}
399
400/*
401* Test if it looks like we're at a git directory.
402* We want to see:
403*
404* - either an objects/ directory _or_ the proper
405* GIT_OBJECT_DIRECTORY environment variable
406* - a refs/ directory
407* - either a HEAD symlink or a HEAD file that is formatted as
408* a proper "ref:", or a regular file HEAD that has a properly
409* formatted sha1 object name.
410*/
411int is_git_directory(const char *suspect)412{
413struct strbuf path = STRBUF_INIT;414int ret = 0;415size_t len;416
417/* Check worktree-related signatures */418strbuf_addstr(&path, suspect);419strbuf_complete(&path, '/');420strbuf_addstr(&path, "HEAD");421if (validate_headref(path.buf))422goto done;423
424strbuf_reset(&path);425get_common_dir(&path, suspect);426len = path.len;427
428/* Check non-worktree-related signatures */429if (getenv(DB_ENVIRONMENT)) {430if (access(getenv(DB_ENVIRONMENT), X_OK))431goto done;432}433else {434strbuf_setlen(&path, len);435strbuf_addstr(&path, "/objects");436if (access(path.buf, X_OK))437goto done;438}439
440strbuf_setlen(&path, len);441strbuf_addstr(&path, "/refs");442if (access(path.buf, X_OK))443goto done;444
445ret = 1;446done:447strbuf_release(&path);448return ret;449}
450
451int is_nonbare_repository_dir(struct strbuf *path)452{
453int ret = 0;454int gitfile_error;455size_t orig_path_len = path->len;456assert(orig_path_len != 0);457strbuf_complete(path, '/');458strbuf_addstr(path, ".git");459if (read_gitfile_gently(path->buf, &gitfile_error) || is_git_directory(path->buf))460ret = 1;461if (gitfile_error == READ_GITFILE_ERR_OPEN_FAILED ||462gitfile_error == READ_GITFILE_ERR_READ_FAILED)463ret = 1;464strbuf_setlen(path, orig_path_len);465return ret;466}
467
468int is_inside_git_dir(void)469{
470if (inside_git_dir < 0)471inside_git_dir = is_inside_dir(get_git_dir());472return inside_git_dir;473}
474
475int is_inside_work_tree(void)476{
477if (inside_work_tree < 0)478inside_work_tree = is_inside_dir(get_git_work_tree());479return inside_work_tree;480}
481
482void setup_work_tree(void)483{
484const char *work_tree;485static int initialized = 0;486
487if (initialized)488return;489
490if (work_tree_config_is_bogus)491die(_("unable to set up work tree using invalid config"));492
493work_tree = get_git_work_tree();494if (!work_tree || chdir_notify(work_tree))495die(_("this operation must be run in a work tree"));496
497/*498* Make sure subsequent git processes find correct worktree
499* if $GIT_WORK_TREE is set relative
500*/
501if (getenv(GIT_WORK_TREE_ENVIRONMENT))502setenv(GIT_WORK_TREE_ENVIRONMENT, ".", 1);503
504initialized = 1;505}
506
507static void setup_original_cwd(void)508{
509struct strbuf tmp = STRBUF_INIT;510const char *worktree = NULL;511int offset = -1;512
513if (!tmp_original_cwd)514return;515
516/*517* startup_info->original_cwd points to the current working
518* directory we inherited from our parent process, which is a
519* directory we want to avoid removing.
520*
521* For convience, we would like to have the path relative to the
522* worktree instead of an absolute path.
523*
524* Yes, startup_info->original_cwd is usually the same as 'prefix',
525* but differs in two ways:
526* - prefix has a trailing '/'
527* - if the user passes '-C' to git, that modifies the prefix but
528* not startup_info->original_cwd.
529*/
530
531/* Normalize the directory */532if (!strbuf_realpath(&tmp, tmp_original_cwd, 0)) {533trace2_data_string("setup", the_repository,534"realpath-path", tmp_original_cwd);535trace2_data_string("setup", the_repository,536"realpath-failure", strerror(errno));537free((char*)tmp_original_cwd);538tmp_original_cwd = NULL;539return;540}541
542free((char*)tmp_original_cwd);543tmp_original_cwd = NULL;544startup_info->original_cwd = strbuf_detach(&tmp, NULL);545
546/*547* Get our worktree; we only protect the current working directory
548* if it's in the worktree.
549*/
550worktree = get_git_work_tree();551if (!worktree)552goto no_prevention_needed;553
554offset = dir_inside_of(startup_info->original_cwd, worktree);555if (offset >= 0) {556/*557* If startup_info->original_cwd == worktree, that is already
558* protected and we don't need original_cwd as a secondary
559* protection measure.
560*/
561if (!*(startup_info->original_cwd + offset))562goto no_prevention_needed;563
564/*565* original_cwd was inside worktree; precompose it just as
566* we do prefix so that built up paths will match
567*/
568startup_info->original_cwd = \569precompose_string_if_needed(startup_info->original_cwd570+ offset);571return;572}573
574no_prevention_needed:575free((char*)startup_info->original_cwd);576startup_info->original_cwd = NULL;577}
578
579static int read_worktree_config(const char *var, const char *value,580const struct config_context *ctx UNUSED,581void *vdata)582{
583struct repository_format *data = vdata;584
585if (strcmp(var, "core.bare") == 0) {586data->is_bare = git_config_bool(var, value);587} else if (strcmp(var, "core.worktree") == 0) {588if (!value)589return config_error_nonbool(var);590free(data->work_tree);591data->work_tree = xstrdup(value);592}593return 0;594}
595
596enum extension_result {597EXTENSION_ERROR = -1, /* compatible with error(), etc */598EXTENSION_UNKNOWN = 0,599EXTENSION_OK = 1600};601
602/*
603* Do not add new extensions to this function. It handles extensions which are
604* respected even in v0-format repositories for historical compatibility.
605*/
606static enum extension_result handle_extension_v0(const char *var,607const char *value,608const char *ext,609struct repository_format *data)610{
611if (!strcmp(ext, "noop")) {612return EXTENSION_OK;613} else if (!strcmp(ext, "preciousobjects")) {614data->precious_objects = git_config_bool(var, value);615return EXTENSION_OK;616} else if (!strcmp(ext, "partialclone")) {617if (!value)618return config_error_nonbool(var);619data->partial_clone = xstrdup(value);620return EXTENSION_OK;621} else if (!strcmp(ext, "worktreeconfig")) {622data->worktree_config = git_config_bool(var, value);623return EXTENSION_OK;624}625
626return EXTENSION_UNKNOWN;627}
628
629/*
630* Record any new extensions in this function.
631*/
632static enum extension_result handle_extension(const char *var,633const char *value,634const char *ext,635struct repository_format *data)636{
637if (!strcmp(ext, "noop-v1")) {638return EXTENSION_OK;639} else if (!strcmp(ext, "objectformat")) {640int format;641
642if (!value)643return config_error_nonbool(var);644format = hash_algo_by_name(value);645if (format == GIT_HASH_UNKNOWN)646return error(_("invalid value for '%s': '%s'"),647"extensions.objectformat", value);648data->hash_algo = format;649return EXTENSION_OK;650} else if (!strcmp(ext, "compatobjectformat")) {651struct string_list_item *item;652int format;653
654if (!value)655return config_error_nonbool(var);656format = hash_algo_by_name(value);657if (format == GIT_HASH_UNKNOWN)658return error(_("invalid value for '%s': '%s'"),659"extensions.compatobjectformat", value);660/* For now only support compatObjectFormat being specified once. */661for_each_string_list_item(item, &data->v1_only_extensions) {662if (!strcmp(item->string, "compatobjectformat"))663return error(_("'%s' already specified as '%s'"),664"extensions.compatobjectformat",665hash_algos[data->compat_hash_algo].name);666}667data->compat_hash_algo = format;668return EXTENSION_OK;669} else if (!strcmp(ext, "refstorage")) {670unsigned int format;671
672if (!value)673return config_error_nonbool(var);674format = ref_storage_format_by_name(value);675if (format == REF_STORAGE_FORMAT_UNKNOWN)676return error(_("invalid value for '%s': '%s'"),677"extensions.refstorage", value);678data->ref_storage_format = format;679return EXTENSION_OK;680}681return EXTENSION_UNKNOWN;682}
683
684static int check_repo_format(const char *var, const char *value,685const struct config_context *ctx, void *vdata)686{
687struct repository_format *data = vdata;688const char *ext;689
690if (strcmp(var, "core.repositoryformatversion") == 0)691data->version = git_config_int(var, value, ctx->kvi);692else if (skip_prefix(var, "extensions.", &ext)) {693switch (handle_extension_v0(var, value, ext, data)) {694case EXTENSION_ERROR:695return -1;696case EXTENSION_OK:697return 0;698case EXTENSION_UNKNOWN:699break;700}701
702switch (handle_extension(var, value, ext, data)) {703case EXTENSION_ERROR:704return -1;705case EXTENSION_OK:706string_list_append(&data->v1_only_extensions, ext);707return 0;708case EXTENSION_UNKNOWN:709string_list_append(&data->unknown_extensions, ext);710return 0;711}712}713
714return read_worktree_config(var, value, ctx, vdata);715}
716
717static int check_repository_format_gently(const char *gitdir, struct repository_format *candidate, int *nongit_ok)718{
719struct strbuf sb = STRBUF_INIT;720struct strbuf err = STRBUF_INIT;721int has_common;722
723has_common = get_common_dir(&sb, gitdir);724strbuf_addstr(&sb, "/config");725read_repository_format(candidate, sb.buf);726strbuf_release(&sb);727
728/*729* For historical use of check_repository_format() in git-init,
730* we treat a missing config as a silent "ok", even when nongit_ok
731* is unset.
732*/
733if (candidate->version < 0)734return 0;735
736if (verify_repository_format(candidate, &err) < 0) {737if (nongit_ok) {738warning("%s", err.buf);739strbuf_release(&err);740*nongit_ok = -1;741return -1;742}743die("%s", err.buf);744}745
746repository_format_precious_objects = candidate->precious_objects;747string_list_clear(&candidate->unknown_extensions, 0);748string_list_clear(&candidate->v1_only_extensions, 0);749
750if (candidate->worktree_config) {751/*752* pick up core.bare and core.worktree from per-worktree
753* config if present
754*/
755strbuf_addf(&sb, "%s/config.worktree", gitdir);756git_config_from_file(read_worktree_config, sb.buf, candidate);757strbuf_release(&sb);758has_common = 0;759}760
761if (!has_common) {762if (candidate->is_bare != -1) {763is_bare_repository_cfg = candidate->is_bare;764if (is_bare_repository_cfg == 1)765inside_work_tree = -1;766}767if (candidate->work_tree) {768free(git_work_tree_cfg);769git_work_tree_cfg = xstrdup(candidate->work_tree);770inside_work_tree = -1;771}772}773
774return 0;775}
776
777int upgrade_repository_format(int target_version)778{
779struct strbuf sb = STRBUF_INIT;780struct strbuf err = STRBUF_INIT;781struct strbuf repo_version = STRBUF_INIT;782struct repository_format repo_fmt = REPOSITORY_FORMAT_INIT;783int ret;784
785strbuf_git_common_path(&sb, the_repository, "config");786read_repository_format(&repo_fmt, sb.buf);787strbuf_release(&sb);788
789if (repo_fmt.version >= target_version) {790ret = 0;791goto out;792}793
794if (verify_repository_format(&repo_fmt, &err) < 0) {795ret = error("cannot upgrade repository format from %d to %d: %s",796repo_fmt.version, target_version, err.buf);797goto out;798}799if (!repo_fmt.version && repo_fmt.unknown_extensions.nr) {800ret = error("cannot upgrade repository format: "801"unknown extension %s",802repo_fmt.unknown_extensions.items[0].string);803goto out;804}805
806strbuf_addf(&repo_version, "%d", target_version);807git_config_set("core.repositoryformatversion", repo_version.buf);808
809ret = 1;810
811out:812clear_repository_format(&repo_fmt);813strbuf_release(&repo_version);814strbuf_release(&err);815return ret;816}
817
818static void init_repository_format(struct repository_format *format)819{
820const struct repository_format fresh = REPOSITORY_FORMAT_INIT;821
822memcpy(format, &fresh, sizeof(fresh));823}
824
825int read_repository_format(struct repository_format *format, const char *path)826{
827clear_repository_format(format);828git_config_from_file(check_repo_format, path, format);829if (format->version == -1)830clear_repository_format(format);831return format->version;832}
833
834void clear_repository_format(struct repository_format *format)835{
836string_list_clear(&format->unknown_extensions, 0);837string_list_clear(&format->v1_only_extensions, 0);838free(format->work_tree);839free(format->partial_clone);840init_repository_format(format);841}
842
843int verify_repository_format(const struct repository_format *format,844struct strbuf *err)845{
846if (GIT_REPO_VERSION_READ < format->version) {847strbuf_addf(err, _("Expected git repo version <= %d, found %d"),848GIT_REPO_VERSION_READ, format->version);849return -1;850}851
852if (format->version >= 1 && format->unknown_extensions.nr) {853int i;854
855strbuf_addstr(err, Q_("unknown repository extension found:",856"unknown repository extensions found:",857format->unknown_extensions.nr));858
859for (i = 0; i < format->unknown_extensions.nr; i++)860strbuf_addf(err, "\n\t%s",861format->unknown_extensions.items[i].string);862return -1;863}864
865if (format->version == 0 && format->v1_only_extensions.nr) {866int i;867
868strbuf_addstr(err,869Q_("repo version is 0, but v1-only extension found:",870"repo version is 0, but v1-only extensions found:",871format->v1_only_extensions.nr));872
873for (i = 0; i < format->v1_only_extensions.nr; i++)874strbuf_addf(err, "\n\t%s",875format->v1_only_extensions.items[i].string);876return -1;877}878
879return 0;880}
881
882void read_gitfile_error_die(int error_code, const char *path, const char *dir)883{
884switch (error_code) {885case READ_GITFILE_ERR_STAT_FAILED:886case READ_GITFILE_ERR_NOT_A_FILE:887/* non-fatal; follow return path */888break;889case READ_GITFILE_ERR_OPEN_FAILED:890die_errno(_("error opening '%s'"), path);891case READ_GITFILE_ERR_TOO_LARGE:892die(_("too large to be a .git file: '%s'"), path);893case READ_GITFILE_ERR_READ_FAILED:894die(_("error reading %s"), path);895case READ_GITFILE_ERR_INVALID_FORMAT:896die(_("invalid gitfile format: %s"), path);897case READ_GITFILE_ERR_NO_PATH:898die(_("no path in gitfile: %s"), path);899case READ_GITFILE_ERR_NOT_A_REPO:900die(_("not a git repository: %s"), dir);901default:902BUG("unknown error code");903}904}
905
906/*
907* Try to read the location of the git directory from the .git file,
908* return path to git directory if found. The return value comes from
909* a shared buffer.
910*
911* On failure, if return_error_code is not NULL, return_error_code
912* will be set to an error code and NULL will be returned. If
913* return_error_code is NULL the function will die instead (for most
914* cases).
915*/
916const char *read_gitfile_gently(const char *path, int *return_error_code)917{
918const int max_file_size = 1 << 20; /* 1MB */919int error_code = 0;920char *buf = NULL;921char *dir = NULL;922const char *slash;923struct stat st;924int fd;925ssize_t len;926static struct strbuf realpath = STRBUF_INIT;927
928if (stat(path, &st)) {929/* NEEDSWORK: discern between ENOENT vs other errors */930error_code = READ_GITFILE_ERR_STAT_FAILED;931goto cleanup_return;932}933if (!S_ISREG(st.st_mode)) {934error_code = READ_GITFILE_ERR_NOT_A_FILE;935goto cleanup_return;936}937if (st.st_size > max_file_size) {938error_code = READ_GITFILE_ERR_TOO_LARGE;939goto cleanup_return;940}941fd = open(path, O_RDONLY);942if (fd < 0) {943error_code = READ_GITFILE_ERR_OPEN_FAILED;944goto cleanup_return;945}946buf = xmallocz(st.st_size);947len = read_in_full(fd, buf, st.st_size);948close(fd);949if (len != st.st_size) {950error_code = READ_GITFILE_ERR_READ_FAILED;951goto cleanup_return;952}953if (!starts_with(buf, "gitdir: ")) {954error_code = READ_GITFILE_ERR_INVALID_FORMAT;955goto cleanup_return;956}957while (buf[len - 1] == '\n' || buf[len - 1] == '\r')958len--;959if (len < 9) {960error_code = READ_GITFILE_ERR_NO_PATH;961goto cleanup_return;962}963buf[len] = '\0';964dir = buf + 8;965
966if (!is_absolute_path(dir) && (slash = strrchr(path, '/'))) {967size_t pathlen = slash+1 - path;968dir = xstrfmt("%.*s%.*s", (int)pathlen, path,969(int)(len - 8), buf + 8);970free(buf);971buf = dir;972}973if (!is_git_directory(dir)) {974error_code = READ_GITFILE_ERR_NOT_A_REPO;975goto cleanup_return;976}977
978strbuf_realpath(&realpath, dir, 1);979path = realpath.buf;980
981cleanup_return:982if (return_error_code)983*return_error_code = error_code;984else if (error_code)985read_gitfile_error_die(error_code, path, dir);986
987free(buf);988return error_code ? NULL : path;989}
990
991static const char *setup_explicit_git_dir(const char *gitdirenv,992struct strbuf *cwd,993struct repository_format *repo_fmt,994int *nongit_ok)995{
996const char *work_tree_env = getenv(GIT_WORK_TREE_ENVIRONMENT);997const char *worktree;998char *gitfile;999int offset;1000
1001if (PATH_MAX - 40 < strlen(gitdirenv))1002die(_("'$%s' too big"), GIT_DIR_ENVIRONMENT);1003
1004gitfile = (char*)read_gitfile(gitdirenv);1005if (gitfile) {1006gitfile = xstrdup(gitfile);1007gitdirenv = gitfile;1008}1009
1010if (!is_git_directory(gitdirenv)) {1011if (nongit_ok) {1012*nongit_ok = 1;1013free(gitfile);1014return NULL;1015}1016die(_("not a git repository: '%s'"), gitdirenv);1017}1018
1019if (check_repository_format_gently(gitdirenv, repo_fmt, nongit_ok)) {1020free(gitfile);1021return NULL;1022}1023
1024/* #3, #7, #11, #15, #19, #23, #27, #31 (see t1510) */1025if (work_tree_env)1026set_git_work_tree(work_tree_env);1027else if (is_bare_repository_cfg > 0) {1028if (git_work_tree_cfg) {1029/* #22.2, #30 */1030warning("core.bare and core.worktree do not make sense");1031work_tree_config_is_bogus = 1;1032}1033
1034/* #18, #26 */1035set_git_dir(gitdirenv, 0);1036free(gitfile);1037return NULL;1038}1039else if (git_work_tree_cfg) { /* #6, #14 */1040if (is_absolute_path(git_work_tree_cfg))1041set_git_work_tree(git_work_tree_cfg);1042else {1043char *core_worktree;1044if (chdir(gitdirenv))1045die_errno(_("cannot chdir to '%s'"), gitdirenv);1046if (chdir(git_work_tree_cfg))1047die_errno(_("cannot chdir to '%s'"), git_work_tree_cfg);1048core_worktree = xgetcwd();1049if (chdir(cwd->buf))1050die_errno(_("cannot come back to cwd"));1051set_git_work_tree(core_worktree);1052free(core_worktree);1053}1054}1055else if (!git_env_bool(GIT_IMPLICIT_WORK_TREE_ENVIRONMENT, 1)) {1056/* #16d */1057set_git_dir(gitdirenv, 0);1058free(gitfile);1059return NULL;1060}1061else /* #2, #10 */1062set_git_work_tree(".");1063
1064/* set_git_work_tree() must have been called by now */1065worktree = get_git_work_tree();1066
1067/* both get_git_work_tree() and cwd are already normalized */1068if (!strcmp(cwd->buf, worktree)) { /* cwd == worktree */1069set_git_dir(gitdirenv, 0);1070free(gitfile);1071return NULL;1072}1073
1074offset = dir_inside_of(cwd->buf, worktree);1075if (offset >= 0) { /* cwd inside worktree? */1076set_git_dir(gitdirenv, 1);1077if (chdir(worktree))1078die_errno(_("cannot chdir to '%s'"), worktree);1079strbuf_addch(cwd, '/');1080free(gitfile);1081return cwd->buf + offset;1082}1083
1084/* cwd outside worktree */1085set_git_dir(gitdirenv, 0);1086free(gitfile);1087return NULL;1088}
1089
1090static const char *setup_discovered_git_dir(const char *gitdir,1091struct strbuf *cwd, int offset,1092struct repository_format *repo_fmt,1093int *nongit_ok)1094{
1095if (check_repository_format_gently(gitdir, repo_fmt, nongit_ok))1096return NULL;1097
1098/* --work-tree is set without --git-dir; use discovered one */1099if (getenv(GIT_WORK_TREE_ENVIRONMENT) || git_work_tree_cfg) {1100char *to_free = NULL;1101const char *ret;1102
1103if (offset != cwd->len && !is_absolute_path(gitdir))1104gitdir = to_free = real_pathdup(gitdir, 1);1105if (chdir(cwd->buf))1106die_errno(_("cannot come back to cwd"));1107ret = setup_explicit_git_dir(gitdir, cwd, repo_fmt, nongit_ok);1108free(to_free);1109return ret;1110}1111
1112/* #16.2, #17.2, #20.2, #21.2, #24, #25, #28, #29 (see t1510) */1113if (is_bare_repository_cfg > 0) {1114set_git_dir(gitdir, (offset != cwd->len));1115if (chdir(cwd->buf))1116die_errno(_("cannot come back to cwd"));1117return NULL;1118}1119
1120/* #0, #1, #5, #8, #9, #12, #13 */1121set_git_work_tree(".");1122if (strcmp(gitdir, DEFAULT_GIT_DIR_ENVIRONMENT))1123set_git_dir(gitdir, 0);1124inside_git_dir = 0;1125inside_work_tree = 1;1126if (offset >= cwd->len)1127return NULL;1128
1129/* Make "offset" point past the '/' (already the case for root dirs) */1130if (offset != offset_1st_component(cwd->buf))1131offset++;1132/* Add a '/' at the end */1133strbuf_addch(cwd, '/');1134return cwd->buf + offset;1135}
1136
1137/* #16.1, #17.1, #20.1, #21.1, #22.1 (see t1510) */
1138static const char *setup_bare_git_dir(struct strbuf *cwd, int offset,1139struct repository_format *repo_fmt,1140int *nongit_ok)1141{
1142int root_len;1143
1144if (check_repository_format_gently(".", repo_fmt, nongit_ok))1145return NULL;1146
1147setenv(GIT_IMPLICIT_WORK_TREE_ENVIRONMENT, "0", 1);1148
1149/* --work-tree is set without --git-dir; use discovered one */1150if (getenv(GIT_WORK_TREE_ENVIRONMENT) || git_work_tree_cfg) {1151static const char *gitdir;1152
1153gitdir = offset == cwd->len ? "." : xmemdupz(cwd->buf, offset);1154if (chdir(cwd->buf))1155die_errno(_("cannot come back to cwd"));1156return setup_explicit_git_dir(gitdir, cwd, repo_fmt, nongit_ok);1157}1158
1159inside_git_dir = 1;1160inside_work_tree = 0;1161if (offset != cwd->len) {1162if (chdir(cwd->buf))1163die_errno(_("cannot come back to cwd"));1164root_len = offset_1st_component(cwd->buf);1165strbuf_setlen(cwd, offset > root_len ? offset : root_len);1166set_git_dir(cwd->buf, 0);1167}1168else1169set_git_dir(".", 0);1170return NULL;1171}
1172
1173static dev_t get_device_or_die(const char *path, const char *prefix, int prefix_len)1174{
1175struct stat buf;1176if (stat(path, &buf)) {1177die_errno(_("failed to stat '%*s%s%s'"),1178prefix_len,1179prefix ? prefix : "",1180prefix ? "/" : "", path);1181}1182return buf.st_dev;1183}
1184
1185/*
1186* A "string_list_each_func_t" function that canonicalizes an entry
1187* from GIT_CEILING_DIRECTORIES using real_pathdup(), or
1188* discards it if unusable. The presence of an empty entry in
1189* GIT_CEILING_DIRECTORIES turns off canonicalization for all
1190* subsequent entries.
1191*/
1192static int canonicalize_ceiling_entry(struct string_list_item *item,1193void *cb_data)1194{
1195int *empty_entry_found = cb_data;1196char *ceil = item->string;1197
1198if (!*ceil) {1199*empty_entry_found = 1;1200return 0;1201} else if (!is_absolute_path(ceil)) {1202return 0;1203} else if (*empty_entry_found) {1204/* Keep entry but do not canonicalize it */1205return 1;1206} else {1207char *real_path = real_pathdup(ceil, 0);1208if (!real_path) {1209return 0;1210}1211free(item->string);1212item->string = real_path;1213return 1;1214}1215}
1216
1217struct safe_directory_data {1218char *path;1219int is_safe;1220};1221
1222static int safe_directory_cb(const char *key, const char *value,1223const struct config_context *ctx UNUSED, void *d)1224{
1225struct safe_directory_data *data = d;1226
1227if (strcmp(key, "safe.directory"))1228return 0;1229
1230if (!value || !*value) {1231data->is_safe = 0;1232} else if (!strcmp(value, "*")) {1233data->is_safe = 1;1234} else {1235char *allowed = NULL;1236
1237if (!git_config_pathname(&allowed, key, value)) {1238char *normalized = NULL;1239
1240/*1241* Setting safe.directory to a non-absolute path
1242* makes little sense---it won't be relative to
1243* the configuration file the item is defined in.
1244* Except for ".", which means "if we are at the top
1245* level of a repository, then it is OK", which is
1246* slightly tighter than "*" that allows discovery.
1247*/
1248if (!is_absolute_path(allowed) && strcmp(allowed, ".")) {1249warning(_("safe.directory '%s' not absolute"),1250allowed);1251goto next;1252}1253
1254/*1255* A .gitconfig in $HOME may be shared across
1256* different machines and safe.directory entries
1257* may or may not exist as paths on all of these
1258* machines. In other words, it is not a warning
1259* worthy event when there is no such path on this
1260* machine---the entry may be useful elsewhere.
1261*/
1262normalized = real_pathdup(allowed, 0);1263if (!normalized)1264goto next;1265
1266if (ends_with(normalized, "/*")) {1267size_t len = strlen(normalized);1268if (!fspathncmp(normalized, data->path, len - 1))1269data->is_safe = 1;1270} else if (!fspathcmp(data->path, normalized)) {1271data->is_safe = 1;1272}1273next:1274free(normalized);1275free(allowed);1276}1277}1278
1279return 0;1280}
1281
1282/*
1283* Check if a repository is safe, by verifying the ownership of the
1284* worktree (if any), the git directory, and the gitfile (if any).
1285*
1286* Exemptions for known-safe repositories can be added via `safe.directory`
1287* config settings; for non-bare repositories, their worktree needs to be
1288* added, for bare ones their git directory.
1289*/
1290static int ensure_valid_ownership(const char *gitfile,1291const char *worktree, const char *gitdir,1292struct strbuf *report)1293{
1294struct safe_directory_data data = { 0 };1295
1296if (!git_env_bool("GIT_TEST_ASSUME_DIFFERENT_OWNER", 0) &&1297(!gitfile || is_path_owned_by_current_user(gitfile, report)) &&1298(!worktree || is_path_owned_by_current_user(worktree, report)) &&1299(!gitdir || is_path_owned_by_current_user(gitdir, report)))1300return 1;1301
1302/*1303* normalize the data.path for comparison with normalized paths
1304* that come from the configuration file. The path is unsafe
1305* if it cannot be normalized.
1306*/
1307data.path = real_pathdup(worktree ? worktree : gitdir, 0);1308if (!data.path)1309return 0;1310
1311/*1312* data.path is the "path" that identifies the repository and it is
1313* constant regardless of what failed above. data.is_safe should be
1314* initialized to false, and might be changed by the callback.
1315*/
1316git_protected_config(safe_directory_cb, &data);1317
1318free(data.path);1319return data.is_safe;1320}
1321
1322void die_upon_dubious_ownership(const char *gitfile, const char *worktree,1323const char *gitdir)1324{
1325struct strbuf report = STRBUF_INIT, quoted = STRBUF_INIT;1326const char *path;1327
1328if (ensure_valid_ownership(gitfile, worktree, gitdir, &report))1329return;1330
1331strbuf_complete(&report, '\n');1332path = gitfile ? gitfile : gitdir;1333sq_quote_buf_pretty("ed, path);1334
1335die(_("detected dubious ownership in repository at '%s'\n"1336"%s"1337"To add an exception for this directory, call:\n"1338"\n"1339"\tgit config --global --add safe.directory %s"),1340path, report.buf, quoted.buf);1341}
1342
1343static int allowed_bare_repo_cb(const char *key, const char *value,1344const struct config_context *ctx UNUSED,1345void *d)1346{
1347enum allowed_bare_repo *allowed_bare_repo = d;1348
1349if (strcasecmp(key, "safe.bareRepository"))1350return 0;1351
1352if (!strcmp(value, "explicit")) {1353*allowed_bare_repo = ALLOWED_BARE_REPO_EXPLICIT;1354return 0;1355}1356if (!strcmp(value, "all")) {1357*allowed_bare_repo = ALLOWED_BARE_REPO_ALL;1358return 0;1359}1360return -1;1361}
1362
1363static enum allowed_bare_repo get_allowed_bare_repo(void)1364{
1365enum allowed_bare_repo result = ALLOWED_BARE_REPO_ALL;1366git_protected_config(allowed_bare_repo_cb, &result);1367return result;1368}
1369
1370static const char *allowed_bare_repo_to_string(1371enum allowed_bare_repo allowed_bare_repo)1372{
1373switch (allowed_bare_repo) {1374case ALLOWED_BARE_REPO_EXPLICIT:1375return "explicit";1376case ALLOWED_BARE_REPO_ALL:1377return "all";1378default:1379BUG("invalid allowed_bare_repo %d",1380allowed_bare_repo);1381}1382return NULL;1383}
1384
1385static int is_implicit_bare_repo(const char *path)1386{
1387/*1388* what we found is a ".git" directory at the root of
1389* the working tree.
1390*/
1391if (ends_with_path_components(path, ".git"))1392return 1;1393
1394/*1395* we are inside $GIT_DIR of a secondary worktree of a
1396* non-bare repository.
1397*/
1398if (strstr(path, "/.git/worktrees/"))1399return 1;1400
1401/*1402* we are inside $GIT_DIR of a worktree of a non-embedded
1403* submodule, whose superproject is not a bare repository.
1404*/
1405if (strstr(path, "/.git/modules/"))1406return 1;1407
1408return 0;1409}
1410
1411/*
1412* We cannot decide in this function whether we are in the work tree or
1413* not, since the config can only be read _after_ this function was called.
1414*
1415* Also, we avoid changing any global state (such as the current working
1416* directory) to allow early callers.
1417*
1418* The directory where the search should start needs to be passed in via the
1419* `dir` parameter; upon return, the `dir` buffer will contain the path of
1420* the directory where the search ended, and `gitdir` will contain the path of
1421* the discovered .git/ directory, if any. If `gitdir` is not absolute, it
1422* is relative to `dir` (i.e. *not* necessarily the cwd).
1423*/
1424static enum discovery_result setup_git_directory_gently_1(struct strbuf *dir,1425struct strbuf *gitdir,1426struct strbuf *report,1427int die_on_error)1428{
1429const char *env_ceiling_dirs = getenv(CEILING_DIRECTORIES_ENVIRONMENT);1430struct string_list ceiling_dirs = STRING_LIST_INIT_DUP;1431const char *gitdirenv;1432int ceil_offset = -1, min_offset = offset_1st_component(dir->buf);1433dev_t current_device = 0;1434int one_filesystem = 1;1435
1436/*1437* If GIT_DIR is set explicitly, we're not going
1438* to do any discovery, but we still do repository
1439* validation.
1440*/
1441gitdirenv = getenv(GIT_DIR_ENVIRONMENT);1442if (gitdirenv) {1443strbuf_addstr(gitdir, gitdirenv);1444return GIT_DIR_EXPLICIT;1445}1446
1447if (env_ceiling_dirs) {1448int empty_entry_found = 0;1449
1450string_list_split(&ceiling_dirs, env_ceiling_dirs, PATH_SEP, -1);1451filter_string_list(&ceiling_dirs, 0,1452canonicalize_ceiling_entry, &empty_entry_found);1453ceil_offset = longest_ancestor_length(dir->buf, &ceiling_dirs);1454string_list_clear(&ceiling_dirs, 0);1455}1456
1457if (ceil_offset < 0)1458ceil_offset = min_offset - 2;1459
1460if (min_offset && min_offset == dir->len &&1461!is_dir_sep(dir->buf[min_offset - 1])) {1462strbuf_addch(dir, '/');1463min_offset++;1464}1465
1466/*1467* Test in the following order (relative to the dir):
1468* - .git (file containing "gitdir: <path>")
1469* - .git/
1470* - ./ (bare)
1471* - ../.git
1472* - ../.git/
1473* - ../ (bare)
1474* - ../../.git
1475* etc.
1476*/
1477one_filesystem = !git_env_bool("GIT_DISCOVERY_ACROSS_FILESYSTEM", 0);1478if (one_filesystem)1479current_device = get_device_or_die(dir->buf, NULL, 0);1480for (;;) {1481int offset = dir->len, error_code = 0;1482char *gitdir_path = NULL;1483char *gitfile = NULL;1484
1485if (offset > min_offset)1486strbuf_addch(dir, '/');1487strbuf_addstr(dir, DEFAULT_GIT_DIR_ENVIRONMENT);1488gitdirenv = read_gitfile_gently(dir->buf, die_on_error ?1489NULL : &error_code);1490if (!gitdirenv) {1491if (die_on_error ||1492error_code == READ_GITFILE_ERR_NOT_A_FILE) {1493/* NEEDSWORK: fail if .git is not file nor dir */1494if (is_git_directory(dir->buf)) {1495gitdirenv = DEFAULT_GIT_DIR_ENVIRONMENT;1496gitdir_path = xstrdup(dir->buf);1497}1498} else if (error_code != READ_GITFILE_ERR_STAT_FAILED)1499return GIT_DIR_INVALID_GITFILE;1500} else1501gitfile = xstrdup(dir->buf);1502/*1503* Earlier, we tentatively added DEFAULT_GIT_DIR_ENVIRONMENT
1504* to check that directory for a repository.
1505* Now trim that tentative addition away, because we want to
1506* focus on the real directory we are in.
1507*/
1508strbuf_setlen(dir, offset);1509if (gitdirenv) {1510enum discovery_result ret;1511const char *gitdir_candidate =1512gitdir_path ? gitdir_path : gitdirenv;1513
1514if (ensure_valid_ownership(gitfile, dir->buf,1515gitdir_candidate, report)) {1516strbuf_addstr(gitdir, gitdirenv);1517ret = GIT_DIR_DISCOVERED;1518} else1519ret = GIT_DIR_INVALID_OWNERSHIP;1520
1521/*1522* Earlier, during discovery, we might have allocated
1523* string copies for gitdir_path or gitfile so make
1524* sure we don't leak by freeing them now, before
1525* leaving the loop and function.
1526*
1527* Note: gitdirenv will be non-NULL whenever these are
1528* allocated, therefore we need not take care of releasing
1529* them outside of this conditional block.
1530*/
1531free(gitdir_path);1532free(gitfile);1533
1534return ret;1535}1536
1537if (is_git_directory(dir->buf)) {1538trace2_data_string("setup", NULL, "implicit-bare-repository", dir->buf);1539if (get_allowed_bare_repo() == ALLOWED_BARE_REPO_EXPLICIT &&1540!is_implicit_bare_repo(dir->buf))1541return GIT_DIR_DISALLOWED_BARE;1542if (!ensure_valid_ownership(NULL, NULL, dir->buf, report))1543return GIT_DIR_INVALID_OWNERSHIP;1544strbuf_addstr(gitdir, ".");1545return GIT_DIR_BARE;1546}1547
1548if (offset <= min_offset)1549return GIT_DIR_HIT_CEILING;1550
1551while (--offset > ceil_offset && !is_dir_sep(dir->buf[offset]))1552; /* continue */1553if (offset <= ceil_offset)1554return GIT_DIR_HIT_CEILING;1555
1556strbuf_setlen(dir, offset > min_offset ? offset : min_offset);1557if (one_filesystem &&1558current_device != get_device_or_die(dir->buf, NULL, offset))1559return GIT_DIR_HIT_MOUNT_POINT;1560}1561}
1562
1563enum discovery_result discover_git_directory_reason(struct strbuf *commondir,1564struct strbuf *gitdir)1565{
1566struct strbuf dir = STRBUF_INIT, err = STRBUF_INIT;1567size_t gitdir_offset = gitdir->len, cwd_len;1568size_t commondir_offset = commondir->len;1569struct repository_format candidate = REPOSITORY_FORMAT_INIT;1570enum discovery_result result;1571
1572if (strbuf_getcwd(&dir))1573return GIT_DIR_CWD_FAILURE;1574
1575cwd_len = dir.len;1576result = setup_git_directory_gently_1(&dir, gitdir, NULL, 0);1577if (result <= 0) {1578strbuf_release(&dir);1579return result;1580}1581
1582/*1583* The returned gitdir is relative to dir, and if dir does not reflect
1584* the current working directory, we simply make the gitdir absolute.
1585*/
1586if (dir.len < cwd_len && !is_absolute_path(gitdir->buf + gitdir_offset)) {1587/* Avoid a trailing "/." */1588if (!strcmp(".", gitdir->buf + gitdir_offset))1589strbuf_setlen(gitdir, gitdir_offset);1590else1591strbuf_addch(&dir, '/');1592strbuf_insert(gitdir, gitdir_offset, dir.buf, dir.len);1593}1594
1595get_common_dir(commondir, gitdir->buf + gitdir_offset);1596
1597strbuf_reset(&dir);1598strbuf_addf(&dir, "%s/config", commondir->buf + commondir_offset);1599read_repository_format(&candidate, dir.buf);1600strbuf_release(&dir);1601
1602if (verify_repository_format(&candidate, &err) < 0) {1603warning("ignoring git dir '%s': %s",1604gitdir->buf + gitdir_offset, err.buf);1605strbuf_release(&err);1606strbuf_setlen(commondir, commondir_offset);1607strbuf_setlen(gitdir, gitdir_offset);1608clear_repository_format(&candidate);1609return GIT_DIR_INVALID_FORMAT;1610}1611
1612clear_repository_format(&candidate);1613return result;1614}
1615
1616const char *setup_git_directory_gently(int *nongit_ok)1617{
1618static struct strbuf cwd = STRBUF_INIT;1619struct strbuf dir = STRBUF_INIT, gitdir = STRBUF_INIT, report = STRBUF_INIT;1620const char *prefix = NULL;1621struct repository_format repo_fmt = REPOSITORY_FORMAT_INIT;1622
1623/*1624* We may have read an incomplete configuration before
1625* setting-up the git directory. If so, clear the cache so
1626* that the next queries to the configuration reload complete
1627* configuration (including the per-repo config file that we
1628* ignored previously).
1629*/
1630git_config_clear();1631
1632/*1633* Let's assume that we are in a git repository.
1634* If it turns out later that we are somewhere else, the value will be
1635* updated accordingly.
1636*/
1637if (nongit_ok)1638*nongit_ok = 0;1639
1640if (strbuf_getcwd(&cwd))1641die_errno(_("Unable to read current working directory"));1642strbuf_addbuf(&dir, &cwd);1643
1644switch (setup_git_directory_gently_1(&dir, &gitdir, &report, 1)) {1645case GIT_DIR_EXPLICIT:1646prefix = setup_explicit_git_dir(gitdir.buf, &cwd, &repo_fmt, nongit_ok);1647break;1648case GIT_DIR_DISCOVERED:1649if (dir.len < cwd.len && chdir(dir.buf))1650die(_("cannot change to '%s'"), dir.buf);1651prefix = setup_discovered_git_dir(gitdir.buf, &cwd, dir.len,1652&repo_fmt, nongit_ok);1653break;1654case GIT_DIR_BARE:1655if (dir.len < cwd.len && chdir(dir.buf))1656die(_("cannot change to '%s'"), dir.buf);1657prefix = setup_bare_git_dir(&cwd, dir.len, &repo_fmt, nongit_ok);1658break;1659case GIT_DIR_HIT_CEILING:1660if (!nongit_ok)1661die(_("not a git repository (or any of the parent directories): %s"),1662DEFAULT_GIT_DIR_ENVIRONMENT);1663*nongit_ok = 1;1664break;1665case GIT_DIR_HIT_MOUNT_POINT:1666if (!nongit_ok)1667die(_("not a git repository (or any parent up to mount point %s)\n"1668"Stopping at filesystem boundary (GIT_DISCOVERY_ACROSS_FILESYSTEM not set)."),1669dir.buf);1670*nongit_ok = 1;1671break;1672case GIT_DIR_INVALID_OWNERSHIP:1673if (!nongit_ok) {1674struct strbuf quoted = STRBUF_INIT;1675
1676strbuf_complete(&report, '\n');1677sq_quote_buf_pretty("ed, dir.buf);1678die(_("detected dubious ownership in repository at '%s'\n"1679"%s"1680"To add an exception for this directory, call:\n"1681"\n"1682"\tgit config --global --add safe.directory %s"),1683dir.buf, report.buf, quoted.buf);1684}1685*nongit_ok = 1;1686break;1687case GIT_DIR_DISALLOWED_BARE:1688if (!nongit_ok) {1689die(_("cannot use bare repository '%s' (safe.bareRepository is '%s')"),1690dir.buf,1691allowed_bare_repo_to_string(get_allowed_bare_repo()));1692}1693*nongit_ok = 1;1694break;1695case GIT_DIR_CWD_FAILURE:1696case GIT_DIR_INVALID_FORMAT:1697/*1698* As a safeguard against setup_git_directory_gently_1 returning
1699* these values, fallthrough to BUG. Otherwise it is possible to
1700* set startup_info->have_repository to 1 when we did nothing to
1701* find a repository.
1702*/
1703default:1704BUG("unhandled setup_git_directory_gently_1() result");1705}1706
1707/*1708* At this point, nongit_ok is stable. If it is non-NULL and points
1709* to a non-zero value, then this means that we haven't found a
1710* repository and that the caller expects startup_info to reflect
1711* this.
1712*
1713* Regardless of the state of nongit_ok, startup_info->prefix and
1714* the GIT_PREFIX environment variable must always match. For details
1715* see Documentation/config/alias.txt.
1716*/
1717if (nongit_ok && *nongit_ok)1718startup_info->have_repository = 0;1719else1720startup_info->have_repository = 1;1721
1722/*1723* Not all paths through the setup code will call 'set_git_dir()' (which
1724* directly sets up the environment) so in order to guarantee that the
1725* environment is in a consistent state after setup, explicitly setup
1726* the environment if we have a repository.
1727*
1728* NEEDSWORK: currently we allow bogus GIT_DIR values to be set in some
1729* code paths so we also need to explicitly setup the environment if
1730* the user has set GIT_DIR. It may be beneficial to disallow bogus
1731* GIT_DIR values at some point in the future.
1732*/
1733if (/* GIT_DIR_EXPLICIT, GIT_DIR_DISCOVERED, GIT_DIR_BARE */1734startup_info->have_repository ||1735/* GIT_DIR_EXPLICIT */1736getenv(GIT_DIR_ENVIRONMENT)) {1737if (!the_repository->gitdir) {1738const char *gitdir = getenv(GIT_DIR_ENVIRONMENT);1739if (!gitdir)1740gitdir = DEFAULT_GIT_DIR_ENVIRONMENT;1741setup_git_env(gitdir);1742}1743if (startup_info->have_repository) {1744repo_set_hash_algo(the_repository, repo_fmt.hash_algo);1745repo_set_compat_hash_algo(the_repository,1746repo_fmt.compat_hash_algo);1747repo_set_ref_storage_format(the_repository,1748repo_fmt.ref_storage_format);1749the_repository->repository_format_worktree_config =1750repo_fmt.worktree_config;1751/* take ownership of repo_fmt.partial_clone */1752the_repository->repository_format_partial_clone =1753repo_fmt.partial_clone;1754repo_fmt.partial_clone = NULL;1755}1756}1757/*1758* Since precompose_string_if_needed() needs to look at
1759* the core.precomposeunicode configuration, this
1760* has to happen after the above block that finds
1761* out where the repository is, i.e. a preparation
1762* for calling git_config_get_bool().
1763*/
1764if (prefix) {1765prefix = precompose_string_if_needed(prefix);1766startup_info->prefix = prefix;1767setenv(GIT_PREFIX_ENVIRONMENT, prefix, 1);1768} else {1769startup_info->prefix = NULL;1770setenv(GIT_PREFIX_ENVIRONMENT, "", 1);1771}1772
1773setup_original_cwd();1774
1775strbuf_release(&dir);1776strbuf_release(&gitdir);1777strbuf_release(&report);1778clear_repository_format(&repo_fmt);1779
1780return prefix;1781}
1782
1783int git_config_perm(const char *var, const char *value)1784{
1785int i;1786char *endptr;1787
1788if (!value)1789return PERM_GROUP;1790
1791if (!strcmp(value, "umask"))1792return PERM_UMASK;1793if (!strcmp(value, "group"))1794return PERM_GROUP;1795if (!strcmp(value, "all") ||1796!strcmp(value, "world") ||1797!strcmp(value, "everybody"))1798return PERM_EVERYBODY;1799
1800/* Parse octal numbers */1801i = strtol(value, &endptr, 8);1802
1803/* If not an octal number, maybe true/false? */1804if (*endptr != 0)1805return git_config_bool(var, value) ? PERM_GROUP : PERM_UMASK;1806
1807/*1808* Treat values 0, 1 and 2 as compatibility cases, otherwise it is
1809* a chmod value to restrict to.
1810*/
1811switch (i) {1812case PERM_UMASK: /* 0 */1813return PERM_UMASK;1814case OLD_PERM_GROUP: /* 1 */1815return PERM_GROUP;1816case OLD_PERM_EVERYBODY: /* 2 */1817return PERM_EVERYBODY;1818}1819
1820/* A filemode value was given: 0xxx */1821
1822if ((i & 0600) != 0600)1823die(_("problem with core.sharedRepository filemode value "1824"(0%.3o).\nThe owner of files must always have "1825"read and write permissions."), i);1826
1827/*1828* Mask filemode value. Others can not get write permission.
1829* x flags for directories are handled separately.
1830*/
1831return -(i & 0666);1832}
1833
1834void check_repository_format(struct repository_format *fmt)1835{
1836struct repository_format repo_fmt = REPOSITORY_FORMAT_INIT;1837if (!fmt)1838fmt = &repo_fmt;1839check_repository_format_gently(get_git_dir(), fmt, NULL);1840startup_info->have_repository = 1;1841repo_set_hash_algo(the_repository, fmt->hash_algo);1842repo_set_compat_hash_algo(the_repository, fmt->compat_hash_algo);1843repo_set_ref_storage_format(the_repository,1844fmt->ref_storage_format);1845the_repository->repository_format_worktree_config =1846fmt->worktree_config;1847the_repository->repository_format_partial_clone =1848xstrdup_or_null(fmt->partial_clone);1849clear_repository_format(&repo_fmt);1850}
1851
1852/*
1853* Returns the "prefix", a path to the current working directory
1854* relative to the work tree root, or NULL, if the current working
1855* directory is not a strict subdirectory of the work tree root. The
1856* prefix always ends with a '/' character.
1857*/
1858const char *setup_git_directory(void)1859{
1860return setup_git_directory_gently(NULL);1861}
1862
1863const char *resolve_gitdir_gently(const char *suspect, int *return_error_code)1864{
1865if (is_git_directory(suspect))1866return suspect;1867return read_gitfile_gently(suspect, return_error_code);1868}
1869
1870/* if any standard file descriptor is missing open it to /dev/null */
1871void sanitize_stdfds(void)1872{
1873int fd = xopen("/dev/null", O_RDWR);1874while (fd < 2)1875fd = xdup(fd);1876if (fd > 2)1877close(fd);1878}
1879
1880int daemonize(void)1881{
1882#ifdef NO_POSIX_GOODIES1883errno = ENOSYS;1884return -1;1885#else1886switch (fork()) {1887case 0:1888break;1889case -1:1890die_errno(_("fork failed"));1891default:1892exit(0);1893}1894if (setsid() == -1)1895die_errno(_("setsid failed"));1896close(0);1897close(1);1898close(2);1899sanitize_stdfds();1900return 0;1901#endif1902}
1903
1904struct template_dir_cb_data {1905char *path;1906int initialized;1907};1908
1909static int template_dir_cb(const char *key, const char *value,1910const struct config_context *ctx UNUSED, void *d)1911{
1912struct template_dir_cb_data *data = d;1913
1914if (strcmp(key, "init.templatedir"))1915return 0;1916
1917if (!value) {1918data->path = NULL;1919} else {1920char *path = NULL;1921
1922FREE_AND_NULL(data->path);1923if (!git_config_pathname(&path, key, value))1924data->path = path ? path : xstrdup(value);1925}1926
1927return 0;1928}
1929
1930const char *get_template_dir(const char *option_template)1931{
1932const char *template_dir = option_template;1933
1934if (!template_dir)1935template_dir = getenv(TEMPLATE_DIR_ENVIRONMENT);1936if (!template_dir) {1937static struct template_dir_cb_data data;1938
1939if (!data.initialized) {1940git_protected_config(template_dir_cb, &data);1941data.initialized = 1;1942}1943template_dir = data.path;1944}1945if (!template_dir) {1946static char *dir;1947
1948if (!dir)1949dir = system_path(DEFAULT_GIT_TEMPLATE_DIR);1950template_dir = dir;1951}1952return template_dir;1953}
1954
1955#ifdef NO_TRUSTABLE_FILEMODE1956#define TEST_FILEMODE 01957#else1958#define TEST_FILEMODE 11959#endif1960
1961#define GIT_DEFAULT_HASH_ENVIRONMENT "GIT_DEFAULT_HASH"1962
1963static void copy_templates_1(struct strbuf *path, struct strbuf *template_path,1964DIR *dir)1965{
1966size_t path_baselen = path->len;1967size_t template_baselen = template_path->len;1968struct dirent *de;1969
1970/* Note: if ".git/hooks" file exists in the repository being1971* re-initialized, /etc/core-git/templates/hooks/update would
1972* cause "git init" to fail here. I think this is sane but
1973* it means that the set of templates we ship by default, along
1974* with the way the namespace under .git/ is organized, should
1975* be really carefully chosen.
1976*/
1977safe_create_dir(path->buf, 1);1978while ((de = readdir(dir)) != NULL) {1979struct stat st_git, st_template;1980int exists = 0;1981
1982strbuf_setlen(path, path_baselen);1983strbuf_setlen(template_path, template_baselen);1984
1985if (de->d_name[0] == '.')1986continue;1987strbuf_addstr(path, de->d_name);1988strbuf_addstr(template_path, de->d_name);1989if (lstat(path->buf, &st_git)) {1990if (errno != ENOENT)1991die_errno(_("cannot stat '%s'"), path->buf);1992}1993else1994exists = 1;1995
1996if (lstat(template_path->buf, &st_template))1997die_errno(_("cannot stat template '%s'"), template_path->buf);1998
1999if (S_ISDIR(st_template.st_mode)) {2000DIR *subdir = opendir(template_path->buf);2001if (!subdir)2002die_errno(_("cannot opendir '%s'"), template_path->buf);2003strbuf_addch(path, '/');2004strbuf_addch(template_path, '/');2005copy_templates_1(path, template_path, subdir);2006closedir(subdir);2007}2008else if (exists)2009continue;2010else if (S_ISLNK(st_template.st_mode)) {2011struct strbuf lnk = STRBUF_INIT;2012if (strbuf_readlink(&lnk, template_path->buf,2013st_template.st_size) < 0)2014die_errno(_("cannot readlink '%s'"), template_path->buf);2015if (symlink(lnk.buf, path->buf))2016die_errno(_("cannot symlink '%s' '%s'"),2017lnk.buf, path->buf);2018strbuf_release(&lnk);2019}2020else if (S_ISREG(st_template.st_mode)) {2021if (copy_file(path->buf, template_path->buf, st_template.st_mode))2022die_errno(_("cannot copy '%s' to '%s'"),2023template_path->buf, path->buf);2024}2025else2026error(_("ignoring template %s"), template_path->buf);2027}2028}
2029
2030static void copy_templates(const char *option_template)2031{
2032const char *template_dir = get_template_dir(option_template);2033struct strbuf path = STRBUF_INIT;2034struct strbuf template_path = STRBUF_INIT;2035size_t template_len;2036struct repository_format template_format = REPOSITORY_FORMAT_INIT;2037struct strbuf err = STRBUF_INIT;2038DIR *dir;2039char *to_free = NULL;2040
2041if (!template_dir || !*template_dir)2042return;2043
2044strbuf_addstr(&template_path, template_dir);2045strbuf_complete(&template_path, '/');2046template_len = template_path.len;2047
2048dir = opendir(template_path.buf);2049if (!dir) {2050warning(_("templates not found in %s"), template_dir);2051goto free_return;2052}2053
2054/* Make sure that template is from the correct vintage */2055strbuf_addstr(&template_path, "config");2056read_repository_format(&template_format, template_path.buf);2057strbuf_setlen(&template_path, template_len);2058
2059/*2060* No mention of version at all is OK, but anything else should be
2061* verified.
2062*/
2063if (template_format.version >= 0 &&2064verify_repository_format(&template_format, &err) < 0) {2065warning(_("not copying templates from '%s': %s"),2066template_dir, err.buf);2067strbuf_release(&err);2068goto close_free_return;2069}2070
2071strbuf_addstr(&path, get_git_common_dir());2072strbuf_complete(&path, '/');2073copy_templates_1(&path, &template_path, dir);2074close_free_return:2075closedir(dir);2076free_return:2077free(to_free);2078strbuf_release(&path);2079strbuf_release(&template_path);2080clear_repository_format(&template_format);2081}
2082
2083/*
2084* If the git_dir is not directly inside the working tree, then git will not
2085* find it by default, and we need to set the worktree explicitly.
2086*/
2087static int needs_work_tree_config(const char *git_dir, const char *work_tree)2088{
2089if (!strcmp(work_tree, "/") && !strcmp(git_dir, "/.git"))2090return 0;2091if (skip_prefix(git_dir, work_tree, &git_dir) &&2092!strcmp(git_dir, "/.git"))2093return 0;2094return 1;2095}
2096
2097void initialize_repository_version(int hash_algo,2098enum ref_storage_format ref_storage_format,2099int reinit)2100{
2101char repo_version_string[10];2102int repo_version = GIT_REPO_VERSION;2103
2104/*2105* Note that we initialize the repository version to 1 when the ref
2106* storage format is unknown. This is on purpose so that we can add the
2107* correct object format to the config during git-clone(1). The format
2108* version will get adjusted by git-clone(1) once it has learned about
2109* the remote repository's format.
2110*/
2111if (hash_algo != GIT_HASH_SHA1 ||2112ref_storage_format != REF_STORAGE_FORMAT_FILES)2113repo_version = GIT_REPO_VERSION_READ;2114
2115/* This forces creation of new config file */2116xsnprintf(repo_version_string, sizeof(repo_version_string),2117"%d", repo_version);2118git_config_set("core.repositoryformatversion", repo_version_string);2119
2120if (hash_algo != GIT_HASH_SHA1 && hash_algo != GIT_HASH_UNKNOWN)2121git_config_set("extensions.objectformat",2122hash_algos[hash_algo].name);2123else if (reinit)2124git_config_set_gently("extensions.objectformat", NULL);2125
2126if (ref_storage_format != REF_STORAGE_FORMAT_FILES)2127git_config_set("extensions.refstorage",2128ref_storage_format_to_name(ref_storage_format));2129else if (reinit)2130git_config_set_gently("extensions.refstorage", NULL);2131}
2132
2133static int is_reinit(void)2134{
2135struct strbuf buf = STRBUF_INIT;2136char junk[2];2137int ret;2138
2139git_path_buf(&buf, "HEAD");2140ret = !access(buf.buf, R_OK) || readlink(buf.buf, junk, sizeof(junk) - 1) != -1;2141strbuf_release(&buf);2142return ret;2143}
2144
2145void create_reference_database(enum ref_storage_format ref_storage_format,2146const char *initial_branch, int quiet)2147{
2148struct strbuf err = STRBUF_INIT;2149char *to_free = NULL;2150int reinit = is_reinit();2151
2152repo_set_ref_storage_format(the_repository, ref_storage_format);2153if (ref_store_create_on_disk(get_main_ref_store(the_repository), 0, &err))2154die("failed to set up refs db: %s", err.buf);2155
2156/*2157* Point the HEAD symref to the initial branch with if HEAD does
2158* not yet exist.
2159*/
2160if (!reinit) {2161char *ref;2162
2163if (!initial_branch)2164initial_branch = to_free =2165repo_default_branch_name(the_repository, quiet);2166
2167ref = xstrfmt("refs/heads/%s", initial_branch);2168if (check_refname_format(ref, 0) < 0)2169die(_("invalid initial branch name: '%s'"),2170initial_branch);2171
2172if (refs_update_symref(get_main_ref_store(the_repository), "HEAD", ref, NULL) < 0)2173exit(1);2174free(ref);2175}2176
2177if (reinit && initial_branch)2178warning(_("re-init: ignored --initial-branch=%s"),2179initial_branch);2180
2181strbuf_release(&err);2182free(to_free);2183}
2184
2185static int create_default_files(const char *template_path,2186const char *original_git_dir,2187const struct repository_format *fmt,2188int init_shared_repository)2189{
2190struct stat st1;2191struct strbuf buf = STRBUF_INIT;2192char *path;2193int reinit;2194int filemode;2195const char *work_tree = get_git_work_tree();2196
2197/*2198* First copy the templates -- we might have the default
2199* config file there, in which case we would want to read
2200* from it after installing.
2201*
2202* Before reading that config, we also need to clear out any cached
2203* values (since we've just potentially changed what's available on
2204* disk).
2205*/
2206copy_templates(template_path);2207git_config_clear();2208reset_shared_repository();2209git_config(git_default_config, NULL);2210
2211reinit = is_reinit();2212
2213/*2214* We must make sure command-line options continue to override any
2215* values we might have just re-read from the config.
2216*/
2217if (init_shared_repository != -1)2218set_shared_repository(init_shared_repository);2219
2220is_bare_repository_cfg = !work_tree;2221
2222/*2223* We would have created the above under user's umask -- under
2224* shared-repository settings, we would need to fix them up.
2225*/
2226if (get_shared_repository()) {2227adjust_shared_perm(get_git_dir());2228}2229
2230initialize_repository_version(fmt->hash_algo, fmt->ref_storage_format, 0);2231
2232/* Check filemode trustability */2233path = git_path_buf(&buf, "config");2234filemode = TEST_FILEMODE;2235if (TEST_FILEMODE && !lstat(path, &st1)) {2236struct stat st2;2237filemode = (!chmod(path, st1.st_mode ^ S_IXUSR) &&2238!lstat(path, &st2) &&2239st1.st_mode != st2.st_mode &&2240!chmod(path, st1.st_mode));2241if (filemode && !reinit && (st1.st_mode & S_IXUSR))2242filemode = 0;2243}2244git_config_set("core.filemode", filemode ? "true" : "false");2245
2246if (is_bare_repository())2247git_config_set("core.bare", "true");2248else {2249git_config_set("core.bare", "false");2250/* allow template config file to override the default */2251if (log_all_ref_updates == LOG_REFS_UNSET)2252git_config_set("core.logallrefupdates", "true");2253if (needs_work_tree_config(original_git_dir, work_tree))2254git_config_set("core.worktree", work_tree);2255}2256
2257if (!reinit) {2258/* Check if symlink is supported in the work tree */2259path = git_path_buf(&buf, "tXXXXXX");2260if (!close(xmkstemp(path)) &&2261!unlink(path) &&2262!symlink("testing", path) &&2263!lstat(path, &st1) &&2264S_ISLNK(st1.st_mode))2265unlink(path); /* good */2266else2267git_config_set("core.symlinks", "false");2268
2269/* Check if the filesystem is case-insensitive */2270path = git_path_buf(&buf, "CoNfIg");2271if (!access(path, F_OK))2272git_config_set("core.ignorecase", "true");2273probe_utf8_pathname_composition();2274}2275
2276strbuf_release(&buf);2277return reinit;2278}
2279
2280static void create_object_directory(void)2281{
2282struct strbuf path = STRBUF_INIT;2283size_t baselen;2284
2285strbuf_addstr(&path, get_object_directory());2286baselen = path.len;2287
2288safe_create_dir(path.buf, 1);2289
2290strbuf_setlen(&path, baselen);2291strbuf_addstr(&path, "/pack");2292safe_create_dir(path.buf, 1);2293
2294strbuf_setlen(&path, baselen);2295strbuf_addstr(&path, "/info");2296safe_create_dir(path.buf, 1);2297
2298strbuf_release(&path);2299}
2300
2301static void separate_git_dir(const char *git_dir, const char *git_link)2302{
2303struct stat st;2304
2305if (!stat(git_link, &st)) {2306const char *src;2307
2308if (S_ISREG(st.st_mode))2309src = read_gitfile(git_link);2310else if (S_ISDIR(st.st_mode))2311src = git_link;2312else2313die(_("unable to handle file type %d"), (int)st.st_mode);2314
2315if (rename(src, git_dir))2316die_errno(_("unable to move %s to %s"), src, git_dir);2317repair_worktrees(NULL, NULL);2318}2319
2320write_file(git_link, "gitdir: %s", git_dir);2321}
2322
2323struct default_format_config {2324int hash;2325enum ref_storage_format ref_format;2326};2327
2328static int read_default_format_config(const char *key, const char *value,2329const struct config_context *ctx UNUSED,2330void *payload)2331{
2332struct default_format_config *cfg = payload;2333char *str = NULL;2334int ret;2335
2336if (!strcmp(key, "init.defaultobjectformat")) {2337ret = git_config_string(&str, key, value);2338if (ret)2339goto out;2340cfg->hash = hash_algo_by_name(str);2341if (cfg->hash == GIT_HASH_UNKNOWN)2342warning(_("unknown hash algorithm '%s'"), str);2343goto out;2344}2345
2346if (!strcmp(key, "init.defaultrefformat")) {2347ret = git_config_string(&str, key, value);2348if (ret)2349goto out;2350cfg->ref_format = ref_storage_format_by_name(str);2351if (cfg->ref_format == REF_STORAGE_FORMAT_UNKNOWN)2352warning(_("unknown ref storage format '%s'"), str);2353goto out;2354}2355
2356ret = 0;2357out:2358free(str);2359return ret;2360}
2361
2362static void repository_format_configure(struct repository_format *repo_fmt,2363int hash, enum ref_storage_format ref_format)2364{
2365struct default_format_config cfg = {2366.hash = GIT_HASH_UNKNOWN,2367.ref_format = REF_STORAGE_FORMAT_UNKNOWN,2368};2369struct config_options opts = {2370.respect_includes = 1,2371.ignore_repo = 1,2372.ignore_worktree = 1,2373};2374const char *env;2375
2376config_with_options(read_default_format_config, &cfg, NULL, NULL, &opts);2377
2378/*2379* If we already have an initialized repo, don't allow the user to
2380* specify a different algorithm, as that could cause corruption.
2381* Otherwise, if the user has specified one on the command line, use it.
2382*/
2383env = getenv(GIT_DEFAULT_HASH_ENVIRONMENT);2384if (repo_fmt->version >= 0 && hash != GIT_HASH_UNKNOWN && hash != repo_fmt->hash_algo)2385die(_("attempt to reinitialize repository with different hash"));2386else if (hash != GIT_HASH_UNKNOWN)2387repo_fmt->hash_algo = hash;2388else if (env) {2389int env_algo = hash_algo_by_name(env);2390if (env_algo == GIT_HASH_UNKNOWN)2391die(_("unknown hash algorithm '%s'"), env);2392repo_fmt->hash_algo = env_algo;2393} else if (cfg.hash != GIT_HASH_UNKNOWN) {2394repo_fmt->hash_algo = cfg.hash;2395}2396repo_set_hash_algo(the_repository, repo_fmt->hash_algo);2397
2398env = getenv("GIT_DEFAULT_REF_FORMAT");2399if (repo_fmt->version >= 0 &&2400ref_format != REF_STORAGE_FORMAT_UNKNOWN &&2401ref_format != repo_fmt->ref_storage_format) {2402die(_("attempt to reinitialize repository with different reference storage format"));2403} else if (ref_format != REF_STORAGE_FORMAT_UNKNOWN) {2404repo_fmt->ref_storage_format = ref_format;2405} else if (env) {2406ref_format = ref_storage_format_by_name(env);2407if (ref_format == REF_STORAGE_FORMAT_UNKNOWN)2408die(_("unknown ref storage format '%s'"), env);2409repo_fmt->ref_storage_format = ref_format;2410} else if (cfg.ref_format != REF_STORAGE_FORMAT_UNKNOWN) {2411repo_fmt->ref_storage_format = cfg.ref_format;2412}2413repo_set_ref_storage_format(the_repository, repo_fmt->ref_storage_format);2414}
2415
2416int init_db(const char *git_dir, const char *real_git_dir,2417const char *template_dir, int hash,2418enum ref_storage_format ref_storage_format,2419const char *initial_branch,2420int init_shared_repository, unsigned int flags)2421{
2422int reinit;2423int exist_ok = flags & INIT_DB_EXIST_OK;2424char *original_git_dir = real_pathdup(git_dir, 1);2425struct repository_format repo_fmt = REPOSITORY_FORMAT_INIT;2426
2427if (real_git_dir) {2428struct stat st;2429
2430if (!exist_ok && !stat(git_dir, &st))2431die(_("%s already exists"), git_dir);2432
2433if (!exist_ok && !stat(real_git_dir, &st))2434die(_("%s already exists"), real_git_dir);2435
2436set_git_dir(real_git_dir, 1);2437git_dir = get_git_dir();2438separate_git_dir(git_dir, original_git_dir);2439}2440else {2441set_git_dir(git_dir, 1);2442git_dir = get_git_dir();2443}2444startup_info->have_repository = 1;2445
2446/*2447* Check to see if the repository version is right.
2448* Note that a newly created repository does not have
2449* config file, so this will not fail. What we are catching
2450* is an attempt to reinitialize new repository with an old tool.
2451*/
2452check_repository_format(&repo_fmt);2453
2454repository_format_configure(&repo_fmt, hash, ref_storage_format);2455
2456/*2457* Ensure `core.hidedotfiles` is processed. This must happen after we
2458* have set up the repository format such that we can evaluate
2459* includeIf conditions correctly in the case of re-initialization.
2460*/
2461git_config(platform_core_config, NULL);2462
2463safe_create_dir(git_dir, 0);2464
2465reinit = create_default_files(template_dir, original_git_dir,2466&repo_fmt, init_shared_repository);2467
2468if (!(flags & INIT_DB_SKIP_REFDB))2469create_reference_database(repo_fmt.ref_storage_format,2470initial_branch, flags & INIT_DB_QUIET);2471create_object_directory();2472
2473if (get_shared_repository()) {2474char buf[10];2475/* We do not spell "group" and such, so that2476* the configuration can be read by older version
2477* of git. Note, we use octal numbers for new share modes,
2478* and compatibility values for PERM_GROUP and
2479* PERM_EVERYBODY.
2480*/
2481if (get_shared_repository() < 0)2482/* force to the mode value */2483xsnprintf(buf, sizeof(buf), "0%o", -get_shared_repository());2484else if (get_shared_repository() == PERM_GROUP)2485xsnprintf(buf, sizeof(buf), "%d", OLD_PERM_GROUP);2486else if (get_shared_repository() == PERM_EVERYBODY)2487xsnprintf(buf, sizeof(buf), "%d", OLD_PERM_EVERYBODY);2488else2489BUG("invalid value for shared_repository");2490git_config_set("core.sharedrepository", buf);2491git_config_set("receive.denyNonFastforwards", "true");2492}2493
2494if (!(flags & INIT_DB_QUIET)) {2495int len = strlen(git_dir);2496
2497if (reinit)2498printf(get_shared_repository()2499? _("Reinitialized existing shared Git repository in %s%s\n")2500: _("Reinitialized existing Git repository in %s%s\n"),2501git_dir, len && git_dir[len-1] != '/' ? "/" : "");2502else2503printf(get_shared_repository()2504? _("Initialized empty shared Git repository in %s%s\n")2505: _("Initialized empty Git repository in %s%s\n"),2506git_dir, len && git_dir[len-1] != '/' ? "/" : "");2507}2508
2509clear_repository_format(&repo_fmt);2510free(original_git_dir);2511return 0;2512}
2513