kmx git

Commit	Date	Message
10aff3d5	2018-03-29T22:14:15	travis: just grab what we need from mbedtls
54554757	2018-03-29T22:14:14	cmake: make our preferred backend ordering consistent
b3e0280d	2018-03-29T22:14:11	mbedtls: display error codes as hex for consistency with mbedTLS docs Remaining parts of https://github.com/JuliaLang/julia/blob/8d47a314537779c8fb86642c54925613628a91b0/deps/patches/libgit2-mbedtls-fixup.patch
262dfcf0	2018-03-29T22:14:05	mbedtls: enable Travis CI tests
ec79b0fd	2018-03-29T22:14:04	mbedtls: fix libgit2 hanging due to incomplete writes
382ed1e8	2018-03-29T22:14:09	mbedtls: load default CA certificates
2419cccd	2018-03-29T22:14:02	mbedtls: default cipher list support
60e1ad92	2018-03-29T22:14:01	mbedtls: add global initialization
e3d764a4	2018-03-29T22:14:12	tests: clarify comment
1edde0bc	2018-03-29T22:14:08	mbedtls: use mbedTLS certificate verification Taken from https://github.com/JuliaLang/julia/blob/8d47a314537779c8fb86642c54925613628a91b0/deps/patches/libgit2-mbedtls-verify.patch, with some modifications.
6c6be3ce	2018-03-29T22:13:59	mbedtls: use libmbedcrypto for hashing
1a1875f3	2018-03-29T22:13:58	mbedtls: proper certificate verification
4165bb7f	2018-03-29T22:14:06	mbedtls: use our own certificate validation Otherwise REQUIRED means that `git_stream_certificate` will always error. We're doing the mbedtls check in verify_server_cert though.
ca3b2234	2018-03-29T22:13:56	mbedtls: initial support
0eca4230	2018-04-06T10:03:09	Merge pull request #4597 from cjhoward92/fix/cert-check-docs remote/proxy: fix git_transport_certificate_check_db description
a57f42ac	2018-04-06T09:40:34	Merge pull request #4587 from rcjsuen/patch-2 Flag options in describe.h as being optional
83d6327d	2018-04-06T09:39:03	Merge pull request #4611 from erikvanzijst/erik/status_char diff: Add missing GIT_DELTA_TYPECHANGE -> 'T' mapping.
e0af6d12	2018-04-06T09:33:38	Merge pull request #4609 from pks-t/pks/appveyor-kxe-typo appveyor: fix typo in registry key to disable DHE
cd6a4323	2018-04-04T21:29:03	typo: Fixed a trivial typo in test function.
bc5ced66	2018-04-04T21:28:31	diff: Add missing GIT_DELTA_TYPECHANGE -> 'T' mapping. This adds the 'T' status character to git_diff_status_char() for diff entries that change type.
3a72b0e2	2018-04-03T12:31:35	appveyor: fix typo in registry key to disable DHE Commit 723e1e976 (appveyor: disable DHE to avoid spurious failures, 2018-03-29) added a workaround to fix spurious test failures due to a bug in Windows' SChannel implementation. The workaround only worked by accident, though, as the registry key was in fact mistyped. Fix the typo.
d9007dc8	2018-04-03T11:36:27	Merge pull request #4607 from Sp1l/private/fix-libressl-2.7 Fix build with LibreSSL 2.7
c42261a3	2018-04-03T09:38:38	Merge pull request #4603 from pks-t/pks/appveyor-winhttp-workaround appveyor: workaround for intermittent test failures
b5e0cfa7	2018-04-03T09:32:33	Merge pull request #4601 from bgermann/master sha1dc: update to fix errors with endianess
7490d449	2018-04-02T20:00:07	Fix build with LibreSSL 2.7 LibreSSL 2.7 adds OpenSSL 1.1 API Signed-off-by: Bernard Spil <brnrd@FreeBSD.org>
dc27772c	2018-03-30T13:12:26	Merge pull request #4378 from cjhoward92/fix/submodule-add-check-index submodule: check index for path and prefix before adding submodule
b3c3415d	2018-03-29T14:20:21	Merge pull request #4602 from pks-t/pks/mempack-memleak odb: mempack: fix leaking objects when freeing mempacks
723e1e97	2018-03-29T13:35:27	appveyor: disable DHE to avoid spurious failures Our CI builds have intermittent failures in our online tests, e.g. with the message "A provided buffer was too small". This is not a programming error in libgit2 but rather an error in the SChannel component of Windows. Under certain circumstances involving Diffie-Hellman key exchange, SChannel is unable to correctly handle input from the server. This bug has already been fixed in recent patches for Windows 10 and Windows Server 2016, but they are not yet available for AppVeyor. Manually pamper over that issue by disabling all ciphersuites using DHE via the registry. While this disables more ciphers than necessary, we really don't care for that at all but just want to avoid build failures due to that bug. See [1], [2] or [3] for additional information. 1: https://github.com/aws/aws-sdk-cpp/issues/671 2: https://github.com/dotnet/corefx/issues/7812 3: https://support.microsoft.com/en-us/help/2992611/ms14-066-vulnerability-in-schannel-could-allow-remote-code-execution-n
fbe52fa3	2018-03-29T10:18:51	util: fix missing headers for MinGW environments There are multiple references to undefined functions in the Microsoft builds. Add headers to make them known.
b6276ae0	2018-03-29T09:15:48	odb: mempack: fix leaking objects when freeing mempacks When a ODB mempack gets free'd, we take no measures at all to free its contents, most notably the objects added to the database, resulting in a memory leak. Call `git_mempack_reset` previous to freeing the ODB structures themselves, which takes care of releasing all associated data structures.
c9e5ba09	2018-03-28T17:37:39	sha1dc: update to fix errors with endianess This updates the version of SHA1DC to c3e1304ea3.
69a282da	2018-03-28T06:48:55	submodule: add more robust error handling when a submodule path is found on add
9e8bc726	2018-03-28T08:55:59	Merge pull request #4598 from cjhoward92/fix/remove-unused-merge-result types: remove unused git_merge_result
370ecdb2	2018-03-27T10:10:09	types: remove unused git_merge_result `git_merge_result` is currently unused in the codebase and generates a blank page in the [documentation](https://libgit2.github.com/libgit2/#HEAD/type/git_merge_result).
e6c720ea	2018-03-27T10:05:21	remote/proxy: fix git_transport_certificate_check_db comment
c07abd65	2018-03-27T07:37:34	submodule: add better error handling to is_path_occupied
b282ca79	2018-01-06T10:57:32	submodule: change can_add_submodule to is_path_occupied
677d393c	2017-12-18T10:28:37	tests: submodule: insert index entries directly into index
ef9a7749	2017-11-19T20:59:59	submodule: update index check to check path before directory and fix tests
9371149f	2017-10-20T14:24:01	submodule: fix styling errors
3e500fc8	2017-10-16T19:55:45	test: submodule: add: join path without slashes
0a74f391	2017-10-16T16:16:03	test: submodule: add: use p_mkdir to create directories
ad1c4350	2017-10-16T15:30:47	submodule: check index for prefix before adding submodule submodule: check path and prefix before adding submodule submodule: fix test errors
db90e951	2018-03-27T20:09:45	Flag options in describe.h as being optional The git_describe_options in git_describe_commit and git_describe_workdir and the git_describe_format_options in git_describe_format are optional and can be NULL. State this in the documentation to make people's lives easier when calling these functions. Signed-off-by: Remy Suen <remy.suen@gmail.com>
217add94	2018-03-27T11:25:20	Merge pull request #4531 from tiennou/fix/checkout-default-safe checkout: change default strategy to SAFE
cdd0bc2f	2018-03-26T18:44:13	checkout: change default strategy to SAFE As per #4200, our default is quite surprising to users that expect checkout to just "do the thing".
7bd129e4	2018-03-26T09:59:47	Merge pull request #4570 from newren/master Add myself to git.git-authors
6311e886	2018-03-23T07:38:34	Merge pull request #4594 from pks-t/pks/mempack-assert odb: fix writing to fake write streams
a52b4c51	2018-03-23T09:59:46	odb: fix writing to fake write streams In commit 7ec7aa4a7 (odb: assert on logic errors when writing objects, 2018-02-01), the check for whether we are trying to overflowing the fake stream buffer was changed from returning an error to raising an assert. The conversion forgot though that the logic around `assert`s are basically inverted. Previously, if the statement stream->written + len > steram->size evaluated to true, we would return a `-1`. Now we are asserting that this statement is true, and in case it is not we will raise an error. So the conversion to the `assert` in fact changed the behaviour to the complete opposite intention. Fix the assert by inverting its condition again and add a regression test.
904307af	2018-03-23T09:58:57	tests: add tests for the mempack ODB backend Our mempack ODB backend has no test coverage at all right now. Add a simple test suite to at least have some coverage of the most basic operations on the ODB.
72e60347	2018-03-20T23:16:36	Merge pull request #4588 from libgit2/ethomson/bitbucket online tests: update auth for bitbucket test
54bf4d14	2018-03-20T07:47:27	online tests: update auth for bitbucket test Update the settings to use a specific read-only token for accessing our test repositories in Bitbucket.
5585e358	2018-03-20T00:59:21	Merge pull request #4563 from libgit2/ethomson/ssh-unescape Refactor `gitno_extract_url_parts`
9108959a	2018-03-14T15:03:35	buf: add tests for percent decoding
0e4f3d9d	2018-03-03T21:47:22	gitno_extract_url_parts: decode hostnames RFC 3986 says that hostnames can be percent encoded. Percent decode hostnames in our URLs.
05551ca0	2018-03-03T20:14:54	Remove now unnecessary `gitno_unescape`
60e7848e	2018-03-03T20:13:30	gitno_extract_url_parts: use `git_buf`s Now that we can decode percent-encoded strings as part of `git_buf`s, use that decoder in `gitno_extract_url_parts`.
6f577906	2018-03-03T20:09:09	ssh urls: use `git_buf_decode_percent` Use `git_buf_decode_percent` so that we can avoid allocating a temporary buffer.
8070a357	2018-03-03T18:47:35	Introduce `git_buf_decode_percent` Introduce a function to take a percent-encoded string (URI encoded, described by RFC 1738) and decode it into a `git_buf`.
30333e82	2018-02-28T13:00:04	Update tests
16210877	2018-02-28T12:59:47	Unescape repo before constructing ssh request
8a2cdbd3	2018-02-28T12:58:58	Rename unescape and make non-static
31985775	2018-03-19T23:07:44	Merge pull request #4584 from libgit2/ethomson/bitbucket online::clone: skip creds fallback test
03c58778	2018-03-19T09:20:35	online::clone: skip creds fallback test At present, we have three online tests against bitbucket: one which specifies the credentials in the payload, one which specifies the correct credentials in the URL and a final one that specifies the incorrect credentials in the URL. Bitbucket has begun responding to the latter test with a 403, which causes us to fail. Break these three tests into separate tests so that we can skip the latter until this is resolved on Bitbucket's end or until we can change the test to a different provider.
937e7e26	2018-03-13T13:04:38	Merge pull request #4544 from josharian/docs pathspec: improve git_pathspec_flag_t doc rendering
7b66bfe2	2018-03-12T10:09:49	Merge pull request #4575 from pks-t/pks/index-secfixes-master Index parsing fixes
358cc2e2	2018-03-12T09:50:00	Merge pull request #4396 from libgit2/cmn/config-regex-is-normalised config: specify how we match the regular expressions
2f89bd90	2018-03-11T12:36:13	config: explicitly state that subsections are case-sensitive
3db1af1f	2018-03-08T12:36:46	index: error out on unreasonable prefix-compressed path lengths When computing the complete path length from the encoded prefix-compressed path, we end up just allocating the complete path without ever checking what the encoded path length actually is. This can easily lead to a denial of service by just encoding an unreasonable long path name inside of the index. Git already enforces a maximum path length of 4096 bytes. As we also have that enforcement ready in some places, just make sure that the resulting path is smaller than GIT_PATH_MAX. Reported-by: Krishna Ram Prakash R <krp@gtux.in> Reported-by: Vivek Parikh <viv0411.parikh@gmail.com>
3207ddb0	2018-03-08T12:00:27	index: fix out-of-bounds read with invalid index entry prefix length The index format in version 4 has prefix-compressed entries, where every index entry can compress its path by using a path prefix of the previous entry. Since implmenting support for this index format version in commit 5625d86b9 (index: support index v4, 2016-05-17), though, we do not correctly verify that the prefix length that we want to reuse is actually smaller or equal to the amount of characters than the length of the previous index entry's path. This can lead to a an integer underflow and subsequently to an out-of-bounds read. Fix this by verifying that the prefix is actually smaller than the previous entry's path length. Reported-by: Krishna Ram Prakash R <krp@gtux.in> Reported-by: Vivek Parikh <viv0411.parikh@gmail.com>
58a6fe94	2018-03-08T11:49:19	index: convert `read_entry` to return entry size via an out-param The function `read_entry` does not conform to our usual coding style of returning stuff via the out parameter and to use the return value for reporting errors. Due to most of our code conforming to that pattern, it has become quite natural for us to actually return `-1` in case there is any error, which has also slipped in with commit 5625d86b9 (index: support index v4, 2016-05-17). As the function returns an `size_t` only, though, the return value is wrapped around, causing the caller of `read_tree` to continue with an invalid index entry. Ultimately, this can lead to a double-free. Improve code and fix the bug by converting the function to return the index entry size via an out parameter and only using the return value to indicate errors. Reported-by: Krishna Ram Prakash R <krp@gtux.in> Reported-by: Vivek Parikh <viv0411.parikh@gmail.com>
d11c4a1a	2018-03-08T13:13:04	Merge pull request #4571 from jacquesg/overflow Integer overflow
e666495b	2018-03-08T08:31:49	cmake: enable shift count overflow warning
5f6383ca	2018-03-08T08:17:29	diff: ensure an unsigned number is shifted
ab0d6d1b	2018-03-07T08:39:29	Add myself to git.git-authors
515683c7	2018-03-07T12:39:28	Merge pull request #4567 from pks-t/pks/zlib-update deps: upgrade embedded zlib to version 1.2.11
4c5330cb	2018-03-07T10:33:41	deps: upgrade embedded zlib to version 1.2.11 The current version of zlib bundled with libgit2 is version 1.2.8. This version has several CVEs assigned: - CVE-2016-9843 - CVE-2016-9841 - CVE-2016-9842 - CVE-2016-9840 Upgrade the bundled version to the current release 1.2.11, which has these vulnerabilities fixes.
2d2a6025	2018-03-04T12:17:17	Merge pull request #4541 from libgit2/cmn/odb-streaming-read-changelog CHANGELOG: mention the change to `git_odb_open_rstream`
adf7d094	2018-03-04T12:17:06	Merge pull request #4559 from jacquesg/worktree-const Worktree lock reason should be const
53e692af	2018-03-02T12:49:54	worktree: rename parameter creason to reason
12356076	2018-03-02T12:41:04	worktree: lock reason should be const
8353e4b5	2018-02-22T09:20:31	CHANGELOG: mention the change to `git_odb_open_rstream`
8a8ea1db	2018-02-28T18:14:52	Merge pull request #4552 from libgit2/cmn/config-header-common Cast less blindly between configuration objects
e8e490b2	2018-02-28T17:01:47	Merge pull request #4554 from pks-t/pks/curl-init curl: initialize and cleanup global curl state
9cd0c6f1	2018-02-28T16:01:16	config: return an error if config_refresh is called on a snapshot Instead of treating it as a no-op, treat it as a programming error and return the same kind of error as if you called to set or delete variables on a snapshot.
17bef3b8	2018-02-28T15:01:43	Merge pull request #4553 from libgit2/cmn/tree-write-initialise tree: initialize the id we use for testing submodule insertions
fb884c62	2018-02-28T14:59:09	Merge pull request #4555 from libgit2/ethomson/strncmp_stdcall win32: strncmp -> git__strncmp for win32 STDCALL
2022b004	2018-02-28T12:06:59	curl: explicitly initialize and cleanup global curl state Our curl-based streams make use of the easy curl interface. This interface automatically initializes and de-initializes the global curl state by calling out to `curl_global_init` and `curl_global_cleanup`. Thus, all global state will be repeatedly re-initialized when creating multiple curl streams in succession. Despite being inefficient, this is not thread-safe due to `curl_global_init` being not thread-safe itself. Thus a multi-threaded programing handling multiple curl streams at the same time is inherently racy. Fix the issue by globally initializing and cleaning up curl's state.
a33deeb4	2018-02-28T12:20:23	win32: strncmp -> git__strncmp The win32 C library is compiled cdecl, however when configured with `STDCALL=ON`, our functions (and function pointers) will use the stdcall calling convention. You cannot set a `__stdcall` function pointer to a `__cdecl` function, so it's easier to just use our `git__strncmp` instead of sorting that mess out.
a554d588	2018-02-28T12:21:08	tree: initialize the id we use for testing submodule insertions Instead of laving it uninitialized and relying on luck for it to be non-zero, let's give it a dummy hash so we make valgrind happy (in this case the hash comes from `sha1sum </dev/null`.
2424e64c	2018-02-28T12:06:02	config: harden our use of the backend objects a bit When we create an iterator we don't actually know that we have a live config object and we must instead only rely on the header. We fixed it to use this in a previous commit, but this makes it harder to misuse by converting to use the header object in the typecast. We also guard inside the `config_refresh` function against being given a snapshot (although callers right now do check).
1785de4e	2018-02-28T11:46:17	config: move the level field into the header We use it in a few places where we might have a full object or a snapshot so move it to where we can actually access it.
c1524b2e	2018-02-28T11:33:11	config: move the repository to the diskfile header We pass this around and when creating a new iterator we need to read the repository pointer. Put it in a common place so we can reach it regardless of whether we got a full object or a snapshot.
c9d59c61	2018-02-27T12:45:21	Merge pull request #4545 from libgit2/ethomson/checkout_filemode Respect core.filemode in checkout
b4dde78a	2018-02-27T12:43:47	Merge pull request #4550 from libgit2/ethomson/winhttp winhttp: enable TLS 1.2
5ecb6220	2018-02-25T15:46:51	winhttp: enable TLS 1.2 on Windows 7 and earlier Versions of Windows prior to Windows 8 do not enable TLS 1.2 by default, though support may exist. Try to enable TLS 1.2 support explicitly on connections. This request may fail if the operating system does not have TLS 1.2 support - the initial release of Vista lacks TLS 1.2 support (though it is available as a software update) and XP completely lacks TLS 1.2 support. If this request does fail, the HTTP context is still valid, and still maintains the original protocol support. So we ignore the failure from this operation.
934e6a3b	2018-02-27T11:24:30	winhttp: include constants for TLS 1.1/1.2 support For platforms that do not define `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_1` and/or `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2`.
8c8db980	2018-02-27T10:32:29	mingw: update TLS option flags Include the constants for `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_1` and `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2` so that they can be used by mingw. This updates both the `deps/winhttp` framework (for classic mingw) and adds the defines for mingw64, which does not use that framework.
7d906370	2018-02-25T23:08:14	Merge pull request #4549 from libgit2/ethomson/travis_libssh travis: use custom libssh2-1-dev package
ca22cb5e	2018-02-25T22:43:12	travis: use custom libssh2-1-dev package To avoid pull requests needing to rebase, keep the libssh2-1-dev package as the development package for libssh2. Reverting to the original Debian package structure.

10aff3d5

2018-03-29T22:14:15

travis: just grab what we need from mbedtls

54554757

2018-03-29T22:14:14

cmake: make our preferred backend ordering consistent

b3e0280d

2018-03-29T22:14:11

mbedtls: display error codes as hex for consistency with mbedTLS docs Remaining parts of https://github.com/JuliaLang/julia/blob/8d47a314537779c8fb86642c54925613628a91b0/deps/patches/libgit2-mbedtls-fixup.patch

262dfcf0

2018-03-29T22:14:05

mbedtls: enable Travis CI tests

ec79b0fd

2018-03-29T22:14:04

mbedtls: fix libgit2 hanging due to incomplete writes

382ed1e8

2018-03-29T22:14:09

mbedtls: load default CA certificates

2419cccd

2018-03-29T22:14:02

mbedtls: default cipher list support

60e1ad92

2018-03-29T22:14:01

mbedtls: add global initialization

e3d764a4

2018-03-29T22:14:12

tests: clarify comment

1edde0bc

2018-03-29T22:14:08

mbedtls: use mbedTLS certificate verification Taken from https://github.com/JuliaLang/julia/blob/8d47a314537779c8fb86642c54925613628a91b0/deps/patches/libgit2-mbedtls-verify.patch, with some modifications.

6c6be3ce

2018-03-29T22:13:59

mbedtls: use libmbedcrypto for hashing

1a1875f3

2018-03-29T22:13:58

mbedtls: proper certificate verification

4165bb7f

2018-03-29T22:14:06

mbedtls: use our own certificate validation Otherwise REQUIRED means that `git_stream_certificate` will always error. We're doing the mbedtls check in verify_server_cert though.

ca3b2234

2018-03-29T22:13:56

mbedtls: initial support

0eca4230

2018-04-06T10:03:09

Merge pull request #4597 from cjhoward92/fix/cert-check-docs remote/proxy: fix git_transport_certificate_check_db description

a57f42ac

2018-04-06T09:40:34

Merge pull request #4587 from rcjsuen/patch-2 Flag options in describe.h as being optional

83d6327d

2018-04-06T09:39:03

Merge pull request #4611 from erikvanzijst/erik/status_char diff: Add missing GIT_DELTA_TYPECHANGE -> 'T' mapping.

e0af6d12

2018-04-06T09:33:38

Merge pull request #4609 from pks-t/pks/appveyor-kxe-typo appveyor: fix typo in registry key to disable DHE

cd6a4323

2018-04-04T21:29:03

typo: Fixed a trivial typo in test function.

bc5ced66

2018-04-04T21:28:31

diff: Add missing GIT_DELTA_TYPECHANGE -> 'T' mapping. This adds the 'T' status character to git_diff_status_char() for diff entries that change type.

3a72b0e2

2018-04-03T12:31:35

appveyor: fix typo in registry key to disable DHE Commit 723e1e976 (appveyor: disable DHE to avoid spurious failures, 2018-03-29) added a workaround to fix spurious test failures due to a bug in Windows' SChannel implementation. The workaround only worked by accident, though, as the registry key was in fact mistyped. Fix the typo.

d9007dc8

2018-04-03T11:36:27

Merge pull request #4607 from Sp1l/private/fix-libressl-2.7 Fix build with LibreSSL 2.7

c42261a3

2018-04-03T09:38:38

Merge pull request #4603 from pks-t/pks/appveyor-winhttp-workaround appveyor: workaround for intermittent test failures

b5e0cfa7

2018-04-03T09:32:33

Merge pull request #4601 from bgermann/master sha1dc: update to fix errors with endianess

7490d449

2018-04-02T20:00:07

Fix build with LibreSSL 2.7 LibreSSL 2.7 adds OpenSSL 1.1 API Signed-off-by: Bernard Spil <brnrd@FreeBSD.org>

dc27772c

2018-03-30T13:12:26

Merge pull request #4378 from cjhoward92/fix/submodule-add-check-index submodule: check index for path and prefix before adding submodule

b3c3415d

2018-03-29T14:20:21

Merge pull request #4602 from pks-t/pks/mempack-memleak odb: mempack: fix leaking objects when freeing mempacks

723e1e97

2018-03-29T13:35:27

appveyor: disable DHE to avoid spurious failures Our CI builds have intermittent failures in our online tests, e.g. with the message "A provided buffer was too small". This is not a programming error in libgit2 but rather an error in the SChannel component of Windows. Under certain circumstances involving Diffie-Hellman key exchange, SChannel is unable to correctly handle input from the server. This bug has already been fixed in recent patches for Windows 10 and Windows Server 2016, but they are not yet available for AppVeyor. Manually pamper over that issue by disabling all ciphersuites using DHE via the registry. While this disables more ciphers than necessary, we really don't care for that at all but just want to avoid build failures due to that bug. See [1], [2] or [3] for additional information. 1: https://github.com/aws/aws-sdk-cpp/issues/671 2: https://github.com/dotnet/corefx/issues/7812 3: https://support.microsoft.com/en-us/help/2992611/ms14-066-vulnerability-in-schannel-could-allow-remote-code-execution-n

fbe52fa3

2018-03-29T10:18:51

util: fix missing headers for MinGW environments There are multiple references to undefined functions in the Microsoft builds. Add headers to make them known.

b6276ae0

2018-03-29T09:15:48

odb: mempack: fix leaking objects when freeing mempacks When a ODB mempack gets free'd, we take no measures at all to free its contents, most notably the objects added to the database, resulting in a memory leak. Call `git_mempack_reset` previous to freeing the ODB structures themselves, which takes care of releasing all associated data structures.

c9e5ba09

2018-03-28T17:37:39

sha1dc: update to fix errors with endianess This updates the version of SHA1DC to c3e1304ea3.

69a282da

2018-03-28T06:48:55

submodule: add more robust error handling when a submodule path is found on add

9e8bc726

2018-03-28T08:55:59

Merge pull request #4598 from cjhoward92/fix/remove-unused-merge-result types: remove unused git_merge_result

370ecdb2

2018-03-27T10:10:09

types: remove unused git_merge_result `git_merge_result` is currently unused in the codebase and generates a blank page in the [documentation](https://libgit2.github.com/libgit2/#HEAD/type/git_merge_result).

e6c720ea

2018-03-27T10:05:21

remote/proxy: fix git_transport_certificate_check_db comment

c07abd65

2018-03-27T07:37:34

submodule: add better error handling to is_path_occupied

b282ca79

2018-01-06T10:57:32

submodule: change can_add_submodule to is_path_occupied

677d393c

2017-12-18T10:28:37

tests: submodule: insert index entries directly into index

ef9a7749

2017-11-19T20:59:59

submodule: update index check to check path before directory and fix tests

9371149f

2017-10-20T14:24:01

submodule: fix styling errors

3e500fc8

2017-10-16T19:55:45

test: submodule: add: join path without slashes

0a74f391

2017-10-16T16:16:03

test: submodule: add: use p_mkdir to create directories

ad1c4350

2017-10-16T15:30:47

submodule: check index for prefix before adding submodule submodule: check path and prefix before adding submodule submodule: fix test errors

db90e951

2018-03-27T20:09:45

Flag options in describe.h as being optional The git_describe_options in git_describe_commit and git_describe_workdir and the git_describe_format_options in git_describe_format are optional and can be NULL. State this in the documentation to make people's lives easier when calling these functions. Signed-off-by: Remy Suen <remy.suen@gmail.com>

217add94

2018-03-27T11:25:20

Merge pull request #4531 from tiennou/fix/checkout-default-safe checkout: change default strategy to SAFE

cdd0bc2f

2018-03-26T18:44:13

checkout: change default strategy to SAFE As per #4200, our default is quite surprising to users that expect checkout to just "do the thing".

7bd129e4

2018-03-26T09:59:47

Merge pull request #4570 from newren/master Add myself to git.git-authors

6311e886

2018-03-23T07:38:34

Merge pull request #4594 from pks-t/pks/mempack-assert odb: fix writing to fake write streams

a52b4c51

2018-03-23T09:59:46

odb: fix writing to fake write streams In commit 7ec7aa4a7 (odb: assert on logic errors when writing objects, 2018-02-01), the check for whether we are trying to overflowing the fake stream buffer was changed from returning an error to raising an assert. The conversion forgot though that the logic around `assert`s are basically inverted. Previously, if the statement stream->written + len > steram->size evaluated to true, we would return a `-1`. Now we are asserting that this statement is true, and in case it is not we will raise an error. So the conversion to the `assert` in fact changed the behaviour to the complete opposite intention. Fix the assert by inverting its condition again and add a regression test.

904307af

2018-03-23T09:58:57

tests: add tests for the mempack ODB backend Our mempack ODB backend has no test coverage at all right now. Add a simple test suite to at least have some coverage of the most basic operations on the ODB.

72e60347

2018-03-20T23:16:36

Merge pull request #4588 from libgit2/ethomson/bitbucket online tests: update auth for bitbucket test

54bf4d14

2018-03-20T07:47:27

online tests: update auth for bitbucket test Update the settings to use a specific read-only token for accessing our test repositories in Bitbucket.

5585e358

2018-03-20T00:59:21

Merge pull request #4563 from libgit2/ethomson/ssh-unescape Refactor `gitno_extract_url_parts`

9108959a

2018-03-14T15:03:35

buf: add tests for percent decoding

0e4f3d9d

2018-03-03T21:47:22

gitno_extract_url_parts: decode hostnames RFC 3986 says that hostnames can be percent encoded. Percent decode hostnames in our URLs.

05551ca0

2018-03-03T20:14:54

Remove now unnecessary `gitno_unescape`

60e7848e

2018-03-03T20:13:30

gitno_extract_url_parts: use `git_buf`s Now that we can decode percent-encoded strings as part of `git_buf`s, use that decoder in `gitno_extract_url_parts`.

6f577906

2018-03-03T20:09:09

ssh urls: use `git_buf_decode_percent` Use `git_buf_decode_percent` so that we can avoid allocating a temporary buffer.

8070a357

2018-03-03T18:47:35

Introduce `git_buf_decode_percent` Introduce a function to take a percent-encoded string (URI encoded, described by RFC 1738) and decode it into a `git_buf`.

30333e82

2018-02-28T13:00:04

Update tests

16210877

2018-02-28T12:59:47

Unescape repo before constructing ssh request

8a2cdbd3

2018-02-28T12:58:58

Rename unescape and make non-static

31985775

2018-03-19T23:07:44

Merge pull request #4584 from libgit2/ethomson/bitbucket online::clone: skip creds fallback test

03c58778

2018-03-19T09:20:35

online::clone: skip creds fallback test At present, we have three online tests against bitbucket: one which specifies the credentials in the payload, one which specifies the correct credentials in the URL and a final one that specifies the incorrect credentials in the URL. Bitbucket has begun responding to the latter test with a 403, which causes us to fail. Break these three tests into separate tests so that we can skip the latter until this is resolved on Bitbucket's end or until we can change the test to a different provider.

937e7e26

2018-03-13T13:04:38

Merge pull request #4544 from josharian/docs pathspec: improve git_pathspec_flag_t doc rendering

7b66bfe2

2018-03-12T10:09:49

Merge pull request #4575 from pks-t/pks/index-secfixes-master Index parsing fixes

358cc2e2

2018-03-12T09:50:00

Merge pull request #4396 from libgit2/cmn/config-regex-is-normalised config: specify how we match the regular expressions

2f89bd90

2018-03-11T12:36:13

config: explicitly state that subsections are case-sensitive

3db1af1f

2018-03-08T12:36:46

index: error out on unreasonable prefix-compressed path lengths When computing the complete path length from the encoded prefix-compressed path, we end up just allocating the complete path without ever checking what the encoded path length actually is. This can easily lead to a denial of service by just encoding an unreasonable long path name inside of the index. Git already enforces a maximum path length of 4096 bytes. As we also have that enforcement ready in some places, just make sure that the resulting path is smaller than GIT_PATH_MAX. Reported-by: Krishna Ram Prakash R <krp@gtux.in> Reported-by: Vivek Parikh <viv0411.parikh@gmail.com>

3207ddb0

2018-03-08T12:00:27

index: fix out-of-bounds read with invalid index entry prefix length The index format in version 4 has prefix-compressed entries, where every index entry can compress its path by using a path prefix of the previous entry. Since implmenting support for this index format version in commit 5625d86b9 (index: support index v4, 2016-05-17), though, we do not correctly verify that the prefix length that we want to reuse is actually smaller or equal to the amount of characters than the length of the previous index entry's path. This can lead to a an integer underflow and subsequently to an out-of-bounds read. Fix this by verifying that the prefix is actually smaller than the previous entry's path length. Reported-by: Krishna Ram Prakash R <krp@gtux.in> Reported-by: Vivek Parikh <viv0411.parikh@gmail.com>

58a6fe94

2018-03-08T11:49:19

index: convert `read_entry` to return entry size via an out-param The function `read_entry` does not conform to our usual coding style of returning stuff via the out parameter and to use the return value for reporting errors. Due to most of our code conforming to that pattern, it has become quite natural for us to actually return `-1` in case there is any error, which has also slipped in with commit 5625d86b9 (index: support index v4, 2016-05-17). As the function returns an `size_t` only, though, the return value is wrapped around, causing the caller of `read_tree` to continue with an invalid index entry. Ultimately, this can lead to a double-free. Improve code and fix the bug by converting the function to return the index entry size via an out parameter and only using the return value to indicate errors. Reported-by: Krishna Ram Prakash R <krp@gtux.in> Reported-by: Vivek Parikh <viv0411.parikh@gmail.com>

d11c4a1a

2018-03-08T13:13:04

Merge pull request #4571 from jacquesg/overflow Integer overflow

e666495b

2018-03-08T08:31:49

cmake: enable shift count overflow warning

5f6383ca

2018-03-08T08:17:29

diff: ensure an unsigned number is shifted

ab0d6d1b

2018-03-07T08:39:29

Add myself to git.git-authors

515683c7

2018-03-07T12:39:28

Merge pull request #4567 from pks-t/pks/zlib-update deps: upgrade embedded zlib to version 1.2.11

4c5330cb

2018-03-07T10:33:41

deps: upgrade embedded zlib to version 1.2.11 The current version of zlib bundled with libgit2 is version 1.2.8. This version has several CVEs assigned: - CVE-2016-9843 - CVE-2016-9841 - CVE-2016-9842 - CVE-2016-9840 Upgrade the bundled version to the current release 1.2.11, which has these vulnerabilities fixes.

2d2a6025

2018-03-04T12:17:17

Merge pull request #4541 from libgit2/cmn/odb-streaming-read-changelog CHANGELOG: mention the change to `git_odb_open_rstream`

adf7d094

2018-03-04T12:17:06

Merge pull request #4559 from jacquesg/worktree-const Worktree lock reason should be const

53e692af

2018-03-02T12:49:54

worktree: rename parameter creason to reason

12356076

2018-03-02T12:41:04

worktree: lock reason should be const

8353e4b5

2018-02-22T09:20:31

CHANGELOG: mention the change to `git_odb_open_rstream`

8a8ea1db

2018-02-28T18:14:52

Merge pull request #4552 from libgit2/cmn/config-header-common Cast less blindly between configuration objects

e8e490b2

2018-02-28T17:01:47

Merge pull request #4554 from pks-t/pks/curl-init curl: initialize and cleanup global curl state

9cd0c6f1

2018-02-28T16:01:16

config: return an error if config_refresh is called on a snapshot Instead of treating it as a no-op, treat it as a programming error and return the same kind of error as if you called to set or delete variables on a snapshot.

17bef3b8

2018-02-28T15:01:43

Merge pull request #4553 from libgit2/cmn/tree-write-initialise tree: initialize the id we use for testing submodule insertions

fb884c62

2018-02-28T14:59:09

Merge pull request #4555 from libgit2/ethomson/strncmp_stdcall win32: strncmp -> git__strncmp for win32 STDCALL

2022b004

2018-02-28T12:06:59

curl: explicitly initialize and cleanup global curl state Our curl-based streams make use of the easy curl interface. This interface automatically initializes and de-initializes the global curl state by calling out to `curl_global_init` and `curl_global_cleanup`. Thus, all global state will be repeatedly re-initialized when creating multiple curl streams in succession. Despite being inefficient, this is not thread-safe due to `curl_global_init` being not thread-safe itself. Thus a multi-threaded programing handling multiple curl streams at the same time is inherently racy. Fix the issue by globally initializing and cleaning up curl's state.

a33deeb4

2018-02-28T12:20:23

win32: strncmp -> git__strncmp The win32 C library is compiled cdecl, however when configured with `STDCALL=ON`, our functions (and function pointers) will use the stdcall calling convention. You cannot set a `__stdcall` function pointer to a `__cdecl` function, so it's easier to just use our `git__strncmp` instead of sorting that mess out.

a554d588

2018-02-28T12:21:08

tree: initialize the id we use for testing submodule insertions Instead of laving it uninitialized and relying on luck for it to be non-zero, let's give it a dummy hash so we make valgrind happy (in this case the hash comes from `sha1sum </dev/null`.

2424e64c

2018-02-28T12:06:02

config: harden our use of the backend objects a bit When we create an iterator we don't actually know that we have a live config object and we must instead only rely on the header. We fixed it to use this in a previous commit, but this makes it harder to misuse by converting to use the header object in the typecast. We also guard inside the `config_refresh` function against being given a snapshot (although callers right now do check).

1785de4e

2018-02-28T11:46:17

config: move the level field into the header We use it in a few places where we might have a full object or a snapshot so move it to where we can actually access it.

c1524b2e

2018-02-28T11:33:11

config: move the repository to the diskfile header We pass this around and when creating a new iterator we need to read the repository pointer. Put it in a common place so we can reach it regardless of whether we got a full object or a snapshot.

c9d59c61

2018-02-27T12:45:21

Merge pull request #4545 from libgit2/ethomson/checkout_filemode Respect core.filemode in checkout

b4dde78a

2018-02-27T12:43:47

Merge pull request #4550 from libgit2/ethomson/winhttp winhttp: enable TLS 1.2

5ecb6220

2018-02-25T15:46:51

winhttp: enable TLS 1.2 on Windows 7 and earlier Versions of Windows prior to Windows 8 do not enable TLS 1.2 by default, though support may exist. Try to enable TLS 1.2 support explicitly on connections. This request may fail if the operating system does not have TLS 1.2 support - the initial release of Vista lacks TLS 1.2 support (though it is available as a software update) and XP completely lacks TLS 1.2 support. If this request does fail, the HTTP context is still valid, and still maintains the original protocol support. So we ignore the failure from this operation.

934e6a3b

2018-02-27T11:24:30

winhttp: include constants for TLS 1.1/1.2 support For platforms that do not define `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_1` and/or `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2`.

8c8db980

2018-02-27T10:32:29

mingw: update TLS option flags Include the constants for `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_1` and `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2` so that they can be used by mingw. This updates both the `deps/winhttp` framework (for classic mingw) and adds the defines for mingw64, which does not use that framework.

7d906370

2018-02-25T23:08:14

Merge pull request #4549 from libgit2/ethomson/travis_libssh travis: use custom libssh2-1-dev package

ca22cb5e

2018-02-25T22:43:12

travis: use custom libssh2-1-dev package To avoid pull requests needing to rebase, keep the libssh2-1-dev package as the development package for libssh2. Reverting to the original Debian package structure.

thodg/libgit2

Log