|
b43567d6
|
2022-07-13T22:25:11
|
|
sha256: indirection for experimental functions
The experimental function signature is only available when
`GIT_EXPERIMENTAL_SHA256` is enabled.
|
|
433a1334
|
2022-07-13T21:08:04
|
|
Merge pull request #6191 from libgit2/ethomson/sha256_poc
RFC: SHA256 proof of concept
|
|
3c8a860d
|
2022-07-13T10:19:14
|
|
Merge pull request #6348 from lya001/fix-invalid-branch-name
Fix creation of branches and tags with invalid names
|
|
be08ef7f
|
2022-07-12T22:39:25
|
|
Update src/libgit2/tag.c
|
|
b70dbaa2
|
2022-07-12T22:12:36
|
|
Merge pull request #6347 from libgit2/ethomson/no_pack_v3
pack: don't pretend we support pack files v3
|
|
f6be8c26
|
2022-07-12T22:09:25
|
|
Apply suggestions from code review
|
|
ed24b8ba
|
2022-07-05T23:47:15
|
|
repo: allow users running with sudo to access their repositories
In the ownership checks implemented for CVE-2022-24765, we disallowed
users to access their own repositories when running with `sudo`.
Examine the `SUDO_UID` environment variable and allow users running
with `sudo`. This matches git's behavior.
|
|
af9e0032
|
2022-07-02T10:19:33
|
|
repo: validate gitdir and gitlink ownership
To match git's behavior with CVE 2022-29187, validate not only the
working directory, but also the gitdir and gitlink (if it exists). This
a follow up to CVE-2022-24765 that was fixed earlier.
|
|
760a5acc
|
2022-07-12T15:07:54
|
|
Merge branch 'main' into fix-invalid-branch-name
|
|
fe9bfec4
|
2022-07-11T15:35:15
|
|
tag: refactor tag name validity checks
|
|
7560ac4d
|
2022-07-11T15:25:51
|
|
branches: fix error message for invalid name
|
|
391afec4
|
2022-07-11T13:54:38
|
|
branch: refactor branch name validity checks
|
|
4597b869
|
2022-07-08T21:28:15
|
|
pack: don't pretend we support pack files v3
Pack files v3 are introduced in the SHA256 hash transition document
https://github.com/git/git/blob/master/Documentation/technical/hash-function-transition.txt
Obviously we do not support these yet. Stop pretending that we do.
|
|
56aaaf53
|
2022-07-04T16:03:10
|
|
repo: allow admin owned configs by admin users
Allow users in the administrator group to use git configs that are owned
by administrators.
|
|
5bc01a7d
|
2022-07-04T16:01:01
|
|
fs: allow ownership match if user is in admin group
Allow the user ownership to match if the file is owned by the admin
group and the user is in the admin group, even if the current process is
not running as administrator directly.
|
|
433f0166
|
2022-07-04T15:20:59
|
|
fs: refactor file ownership checks
Refactor the file ownership checks so that callers can provide discrete
information about the ownership expectations to a single function.
|
|
df354ec2
|
2022-07-03T09:07:32
|
|
fs: remove mock naming from change ownership constants
The file ownership concepts can reflect the actual file ownership, they
are not necessarily limited to mocking the interface. Rename them so
that they can be more broadly applicable.
|
|
f51f6646
|
2022-07-02T15:36:07
|
|
Revert "repo: allow administrator to own the configuration"
This reverts commit cdff2f0237f663e0f68155655a8b66d05c1ec716.
This change erroneously allowed system users to own a worktree; this
should only be allowed when the current user is in the Administrator
group on Windows as well.
|
|
50a1f637
|
2022-07-07T00:28:56
|
|
Merge pull request #6334 from i-tengfei/fix-rebase-interactive
fix interactive rebase detect.
|
|
cdcf5b9c
|
2022-07-06T23:19:28
|
|
rebase: formatting fixes
|
|
05b2c89d
|
2022-06-28T21:52:45
|
|
config: use correct git_sysdir_find* function within git_config_find* functions
|
|
8fa58818
|
2022-06-28T04:48:57
|
|
fix interactive rebase detect.
|
|
3847522e
|
2022-06-22T21:14:43
|
|
Merge pull request #6303 from zawata/legacy_buffer_stream_segfault
filter: Fix Segfault
|
|
f887fd60
|
2022-06-22T09:22:50
|
|
copy back git_buf after callback
|
|
6c57bac6
|
2022-06-14T22:29:10
|
|
sha256: make sha256 an experimental optional feature
libgit2 can be built with optional, experimental sha256 support. This
allows consumers to begin testing and providing feedback for our sha256
support while we continue to develop it, and allows us to make API
breaking changes while we iterate on a final sha256 implementation.
The results will be `git2-experimental.dll` and installed as
`git2-experimental.h` to avoid confusion with a production libgit2.
|
|
162c996b
|
2022-01-25T13:43:02
|
|
oid: add git_oid_fmt_substr
Tidy up `nfmt` / `pathfmt`.
|
|
4d7ec76c
|
2021-12-12T09:19:25
|
|
odb: add git_odb_loose_backend_options
Move the arguments to `git_odb_loose` into an options structure.
|
|
d1036201
|
2022-06-18T16:10:38
|
|
meta: generated `features.h` is now `git2_features.h`
Linux has a /usr/include/features.h, which gets confusing; update this
to `git2_features.h` and move it into the `util` directory.
|
|
04f34688
|
2022-01-26T13:10:01
|
|
odb_loose: SHA256 support for loose object storage
Teach the loose object database how to cope with SHA256 objects.
|
|
dbccfc20
|
2022-01-26T13:57:48
|
|
odb: accept an oid type in options
Allow the object database to take an oid type that it supports. This
oid type will be used to validate the objects that the backends provide.
|
|
3eba9181
|
2022-01-26T13:02:49
|
|
odb: add git_odb_options
Users will need to be able to specify the object id type for the given
object database; add a new `git_odb_options` with that option.
|
|
8444b6dc
|
2022-01-26T13:07:28
|
|
odb_hash*: accept the oid type to hash into
The git_odb_hash helper functions should not assume SHA1, and instead
should be given the oid type that they're producing.
|
|
c50b280f
|
2022-01-26T13:08:24
|
|
oid: provide an oid type to hash type map
We intentionally separate oid types from hash types; a hash is a generic
hunk of bytes, an object id has meaning and backs an object on disk. As
a result of this separation, we need a 1:1 mapping.
|
|
0db1c57c
|
2022-01-25T10:32:47
|
|
oid: add sha256 typed oids
|
|
3fbf580c
|
2022-01-23T09:47:01
|
|
oid: give oids a type
`git_oid`s now have a type, and we require the oid type when creating
the object id from creation functions.
|
|
e0a8b4e8
|
2022-06-16T13:26:52
|
|
fix indentation, copy asize
|
|
61838295
|
2022-01-26T16:22:04
|
|
object: move oid header printing to object
|
|
b7a46fa8
|
2022-01-23T12:25:03
|
|
object: move oid header parsing to object
|
|
0b068214
|
2021-12-11T15:34:27
|
|
oid: add functions to inspect oid information
Provide helper functions to provide information about the object id size
given its type.
|
|
0acaf3a8
|
2022-01-17T13:40:37
|
|
oid: define GIT_OID_SHA1_ZERO
Callers should not assume the layout of the oid structure; provide them
a macro that defines the null / zero sha1 object id.
|
|
dbc4ac1c
|
2022-01-22T23:10:03
|
|
oid: `GIT_OID_*SZ` is now `GIT_OID_SHA1_*SIZE`
In preparation for SHA256 support, `GIT_OID_RAWSZ` and `GIT_OID_HEXSZ`
need to indicate that they're the size of _SHA1_ OIDs.
|
|
e2ea138d
|
2022-06-14T08:47:50
|
|
Address feedback
Co-authored-by: Edward Thomson <ethomson@github.com>
|
|
cdff2f02
|
2022-06-13T21:34:01
|
|
repo: allow administrator to own the configuration
Update our ownership checks that were introduced in libgit2 v1.4.3
(to combat CVE 2022-24765). These were not compatible with git's; git
itself allows administrators to own the path. Our checks now match
this behavior.
|
|
96c61174
|
2022-06-13T11:19:55
|
|
cmake: only use `getloadavg` where it exists
|
|
3809ab0e
|
2022-06-13T10:50:40
|
|
cmake: add `gnu` library for Haiku
|
|
9bc82c8f
|
2022-06-13T10:46:21
|
|
cmake: detect `getentropy`
Look for `getentropy` and flag its existence.
|
|
7eb7edd4
|
2022-06-12T10:51:13
|
|
Merge pull request #6278 from lhchavez/git_transport_smart_remote_connect_options
transport: introduce `git_transport_smart_remote_connect_options`
|
|
d333dbea
|
2022-06-12T10:40:12
|
|
Merge pull request #6288 from libgit2/cmn/mwindow-simplifications
A couple of simplications around mwindow
|
|
0a7c00be
|
2022-06-11T14:31:16
|
|
Merge remote-tracking branch 'origin/main' into main
|
|
a7541676
|
2022-06-11T14:29:15
|
|
Apply suggestions from code review
Co-authored-by: Edward Thomson <ethomson@github.com>
|
|
2b28ee77
|
2022-06-11T16:51:04
|
|
Merge pull request #6319 from libgit2/ethomson/progress_32bit
CLI: progress updates
|
|
28d2ea1d
|
2022-06-11T16:50:56
|
|
Merge pull request #6305 from zawata/fix_refdb_error_msg
refs: fix missing error message
|
|
4f7b568d
|
2022-06-11T16:26:50
|
|
Merge pull request #6291 from libgit2/cmn/midx-no-hash
midx: do not verify the checksum on load
|
|
3a737169
|
2022-06-11T16:14:11
|
|
progress: fewer updates about throughput
Avoid too much flashing on the console with updates about throughput.
Only update throughput once a second.
|
|
286e7f0a
|
2022-06-11T16:08:28
|
|
cli: show progress on 32 bit machines
|
|
97954ee5
|
2022-05-20T09:06:50
|
|
Replace bitwise AND 0x7fffffff with XOR 0x80000000.
Though both are correct, this makes it clear that we're dealing with
the same value.
|
|
8a765c72
|
2022-05-19T16:33:57
|
|
midx: fix large object offset table check.
It's insufficient to only check if the offset high order bit is set, we
must also check to see if object_large_offsets are in use.
This bug is causing objects to appear missing because they can't be
found in the index.
|
|
640e8a63
|
2022-05-17T11:01:43
|
|
fix missing error message
|
|
9c3edca5
|
2022-05-13T15:05:05
|
|
Call legacy_write_fn if given
|
|
a3f9617b
|
2022-05-03T14:09:40
|
|
midx: do not verify the checksum on load
This is something we only want to do during explicit verification rather than on
every load.
Verifying does not seem like a big deal when we're running with test workloads
but once your `multi-pack-index` reaches gigabytes, we spend more time hashing
this than doing any work.
|
|
0f594445
|
2022-04-29T10:50:02
|
|
mwindow: use multiplication instesad of conditionals
This is a very verbose way of performing a comparison where we already
have the identity value with both signs. Instead of chainging several
conditions, we can rely on the maths working out.
|
|
55c84333
|
2022-04-29T10:32:45
|
|
mwindow: include both the offset and the extra in the same call
This makes it a bit easier to read while letting the caller specify
how big the hash size is for this particular call.
|
|
13502d9e
|
2022-04-25T09:22:02
|
|
Merge pull request #6274 from libgit2/ethomson/cli_clone
cli: clone
|
|
3b52e5f5
|
2022-04-18T17:12:27
|
|
Merge pull request #6265 from libgit2/ethomson/sha256_two
sha256: refactoring in preparation for sha256
|
|
1d88605c
|
2022-04-16T08:19:38
|
|
transport: introduce `git_transport_smart_remote_connect_options`
6fc6eeb66c40310086c8f059cae41de69ad4c6da removed
`git_transport_smart_proxy_option`, and there was nothing added to
replace it. That made it hard for custom transports / smart
subtransports to know what remote connect options to use (e.g. proxy
options).
This change introduces `git_transport_smart_remote_connect_options` to
replace it.
|
|
8a757ae2
|
2020-04-04T18:31:00
|
|
cli: introduce a clone command
|
|
7babe76f
|
2020-05-12T08:56:55
|
|
cli: introduce signal handler
Provide a mechanism to add a signal handler for Unix or Win32.
|
|
48506f2b
|
2020-04-04T18:29:34
|
|
cli: introduce a progress class
Provide a class that will display progress information to the console.
Initially, it contains callbacks for fetch progress and checkout
progress.
|
|
4161ebdd
|
2022-04-11T21:31:25
|
|
repo: make ownership checks optional
Introduce the `GIT_OPT_SET_OWNER_VALIDATION` option, so that users can
disable repository ownership validation.
|
|
fa366921
|
2022-04-11T15:18:44
|
|
repo: honor safe.directory during ownership checks
Obey the `safe.directory` configuration variable if it is set in the
global or system configuration. (Do not try to load this from the
repository configuration - to avoid malicious repositories that then
mark themselves as safe.)
|
|
f7f7e835
|
2022-04-11T13:04:26
|
|
repo: refactor global config loader function
Pull the global configuration loader out of the symlink check so that it
can be re-used.
|
|
c0b7f88e
|
2022-04-11T17:06:55
|
|
fs_path: mock ownership checks
Provide a mock for file ownership for testability.
|
|
c0dfd1ad
|
2022-04-11T09:56:26
|
|
repo: ensure that repo dir is owned by current user
Ensure that the repository directory is owned by the current user; this
prevents us from opening configuration files that may have been created
by an attacker.
|
|
bf2620bc
|
2022-04-10T21:29:43
|
|
fs_path: refactor ownership checks into current user and system
Provide individual file ownership checks for both the current user and
the system user, as well as a combined current user and system user
check.
|
|
71049b4a
|
2022-01-22T09:03:34
|
|
midx: use raw oid data
A multi-pack index uses raw oid data, use a byte array to index
into them.
|
|
41d4ac51
|
2022-01-22T08:49:06
|
|
index: use raw oid data
The index contains entries with raw oid data, use a byte array for the
raw entry data.
|
|
4fc3ce15
|
2022-01-22T07:46:41
|
|
pack: use raw oid data
A packfile contains arrays of raw oid data, use a byte array to index
into them.
|
|
c2b3b0d8
|
2022-01-21T19:38:13
|
|
commit_graph: use raw oid data
The commit graph contains arrays of raw oid data, use a byte array to
index into them.
|
|
9ffa33a1
|
2022-01-22T08:48:43
|
|
oid: introduce `git_oid_raw_cpy`
Now that oids are type-aware, they use their type to understand how many
bytes to copy. Some callers may need to copy the raw bytes of the
object id.
This is equivalent to a memcpy that is a little more semantic.
|
|
6d8c7cab
|
2022-01-21T19:37:53
|
|
oid: introduce `git_oid_raw_ncmp`
|
|
526e8869
|
2022-01-21T19:17:40
|
|
oid: `hashcmp` is now `raw_cmp`
We will talk about "raw" oids as untyped blobs of data; use a name for
the comparison function that is in keeping with that.
|
|
c569738c
|
2022-01-22T08:55:41
|
|
indexer: write raw id data
Don't write the object id structure, write its raw oid data.
|
|
563751d1
|
2022-01-22T06:42:50
|
|
treecache: write the raw id not the object
We explicitly want to write on the id data, not the beginning of the
object data, which may contain other information in the future.
|
|
831e20ac
|
2022-01-22T06:39:38
|
|
oidmap: hash on the id, not the object
We explicitly want to hash on the id data, not the beginning of the
object data, which may contain other information in the future.
|
|
590ff981
|
2022-01-21T19:49:09
|
|
oid: don't assume the size of an oid
Don't assume that a `git_oid` is a particular size; allocate
`sizeof(git_oid)` instead.
|
|
ab042161
|
2022-01-18T08:12:18
|
|
tree: move git_oid into tree entry
A tree entry previously pointed directly into the object id within the
tree object itself; this is useful to avoid any unnecessary memory copy
(and an unnecessary use of 40 bytes per tree entry) but difficult if we
change the underlying `git_oid` object to not simply be a raw object id
but have additional structure.
This commit moves the `git_oid` directly into the tree entry; this
simplifies the tree entry creation from user data. We now copy the
`git_oid` into place when parsing.
|
|
7e8d9be0
|
2022-04-10T09:45:51
|
|
Merge pull request #6260 from lhchavez/midx-fix-ub
midx: Fix an undefined behavior (left-shift signed overflow)
|
|
606afeda
|
2022-04-10T09:44:41
|
|
Merge pull request #6244 from jorio/fix-diff_delta_format_path-crash
Fix crash when regenerating a patch with unquoted spaces in filename
|
|
71bb92b5
|
2022-04-10T09:25:54
|
|
Update src/libgit2/diff_print.c
|
|
cd8fde82
|
2022-04-05T22:40:28
|
|
Merge pull request #6258 from libgit2/ethomson/sha256_openssl_dynamic
sha256: support dynamically loaded openssl
|
|
33b1d3fd
|
2022-04-05T13:10:33
|
|
[midx] Fix an undefined behavior (left-shift signed overflow)
There was a missing check to ensure that the `off64_t` (which is a
signed value) didn't overflow when parsing it from the midx file. This
shouldn't have huge repercusions since the parsed value is immediately
validated afterwards, but then again, there is no such thing as "benign"
undefined behavior.
This change makes all the bitwise arithmetic happen with unsigned types
and is only casted to `off64_t` until the very end.
Thanks to Taotao Gu for finding and reporting this!
|
|
d8015d28
|
2022-04-04T13:30:27
|
|
Merge pull request #6251 from libgit2/ethomson/oid_fetch
fetch: support OID refspec without dst
|
|
3bd9bb8d
|
2022-04-04T13:28:40
|
|
sha256: support dynamically loaded openssl
|
|
0e30becc
|
2021-12-13T17:49:57
|
|
sha: cast nonsense for obnoxious gcc warnings
gcc (mingw) warns when you cast the result of `GetProcAddress`; cast the
results to `void *` before casting them to the actual result.
|
|
ce78c83b
|
2021-12-13T15:31:21
|
|
sha: ensure we test both cng and cryptoapi on windows
When GIT_SHA1_WIN32 or GIT_SHA256_WIN32 is used, ensure that we test
both CryptoNG ("cng") and CryptoAPI.
|
|
6a7d5d23
|
2021-12-13T11:54:49
|
|
sha: support Win32 for SHA256
Adding SHA256 support prompted an overdue refactoring of some of the
unnecessary complexity around the CNG/CryptoAPI abstraction.
|
|
6b4a6faa
|
2021-12-12T15:41:47
|
|
sha: support OpenSSL for SHA256
|
|
b3e3fa10
|
2021-12-12T15:34:35
|
|
sha: support mbedTLS for SHA256
|
|
83c27786
|
2021-12-12T15:14:21
|
|
sha: support CommonCrypto for SHA256
|
|
b900981c
|
2021-12-12T14:25:25
|
|
sha: add sha256 algorithm
Add support for a SHA256 hash algorithm, and add the "builtin" SHA256
hash engine (from RFC 6234).
|