src/transports


Log

Author Commit Date CI Message
Etienne Samson 836ec316 2018-04-19T01:05:05 local: fix a leaking reference when iterating over a symref Valgrind log : ==17702== 18 bytes in 1 blocks are indirectly lost in loss record 69 of 1,123 ==17702== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==17702== by 0x5FDBB49: strdup (strdup.c:42) ==17702== by 0x632B3E: git__strdup (util.h:106) ==17702== by 0x632D2C: git_reference__alloc_symbolic (refs.c:64) ==17702== by 0x62E0AF: loose_lookup (refdb_fs.c:408) ==17702== by 0x62E636: refdb_fs_backend__iterator_next (refdb_fs.c:565) ==17702== by 0x62CD8E: git_refdb_iterator_next (refdb.c:147) ==17702== by 0x6347F2: git_reference_next (refs.c:838) ==17702== by 0x6345CB: git_reference_foreach (refs.c:748) ==17702== by 0x66BE62: local_download_pack (local.c:579) ==17702== by 0x5DB48F: git_fetch_download_pack (fetch.c:148) ==17702== by 0x639028: git_remote_download (remote.c:932) ==17702== by 0x63919A: git_remote_fetch (remote.c:969) ==17702== by 0x4ABEDD: test_fetchhead_nonetwork__fetch_into_repo_with_symrefs (nonetwork.c:362) ==17702== by 0x4125D9: clar_run_test (clar.c:222) ==17702== by 0x41287C: clar_run_suite (clar.c:286) ==17702== by 0x412DDE: clar_test_run (clar.c:433) ==17702== by 0x4105E1: main (main.c:24)
Edward Thomson e5f32e81 2018-04-17T00:08:20 Merge pull request #4514 from tiennou/fix/pkt-type-enum Typedef git_pkt_type and clarify recv_pkt return type
Edward Thomson 17339cb3 2018-04-16T15:35:56 Merge pull request #4596 from pks-t/pks/ssh-disconnect transports: ssh: disconnect session before freeing it
Etienne Samson 13a77274 2018-02-26T21:33:55 smart: typo
Etienne Samson 2cf9b84c 2018-04-11T19:13:42 smart: free the pkt when we fail to store it
Etienne Samson 32586d5e 2018-04-11T19:03:57 smart: separate error handling from pkt handling
Etienne Samson 01381149 2018-02-26T21:27:10 smart: make out arguments explicit on recv_pkt
Etienne Samson 08961c9d 2017-08-22T16:29:07 smart: typedef git_pkt_type and clarify recv_pkt return type
Patrick Steinhardt 6c55fbf3 2018-04-06T10:39:16 transports: local: fix assert when fetching into repo with symrefs When fetching into a repository which has symbolic references via the "local" transport we run into an assert. The assert is being triggered while we negotiate the packfile between the two repositories. When hiding known revisions from the packbuilder revwalk, we unconditionally hide all references of the local refdb. In case one of these references is a symbolic reference, though, this means we're trying to hide a `NULL` OID, which triggers the assert. Fix the issue by only hiding OID references from the revwalk. Add a test to catch this issue in the future.
Patrick Steinhardt 874ce161 2018-03-27T15:03:15 transports: ssh: replace deprecated function `libssh2_session_startup` The function `libssh2_session_startup` has been deprecated since libssh2 version 1.2.8 in favor of `libssh2_session_handshake` introduced in the same version. libssh2 1.2.8 was released in April 2011, so it is already seven years old. It is available in Debian Wheezy, Ubuntu Trusty and CentOS 7.4, so the most important and conservative distros already have it available. As such, it seems safe to just use the new function.
Patrick Steinhardt 2785cc8e 2018-03-27T14:49:21 transports: ssh: disconnect session before freeing it The function `ssh_stream_free` takes over the responsibility of closing channels and streams just before freeing their memory, but it does not do so for the session. In fact, we never disconnect the session ourselves at all, as libssh2 will not do so itself upon freeing the structure. Quoting the documentation of `libssh2_session_free`: > Frees all resources associated with a session instance. Typically > called after libssh2_session_disconnect_ex, The missing disconnect probably stems from a misunderstanding what it actually does. As we are already closing the TCP socket ourselves, the assumption was that no additional disconnect is required. But calling `libssh2_session_disconnect` will notify the server that we are cleanly closing the connection, such that the server can free his own resources. Add a call to `libssh2_session_disconnect` to fix that issue. [1]: https://www.libssh2.org/libssh2_session_free.html
Edward Thomson 6f577906 2018-03-03T20:09:09 ssh urls: use `git_buf_decode_percent` Use `git_buf_decode_percent` so that we can avoid allocating a temporary buffer.
Steven King Jr 16210877 2018-02-28T12:59:47 Unescape repo before constructing ssh request
Edward Thomson 5ecb6220 2018-02-25T15:46:51 winhttp: enable TLS 1.2 on Windows 7 and earlier Versions of Windows prior to Windows 8 do not enable TLS 1.2 by default, though support may exist. Try to enable TLS 1.2 support explicitly on connections. This request may fail if the operating system does not have TLS 1.2 support - the initial release of Vista lacks TLS 1.2 support (though it is available as a software update) and XP completely lacks TLS 1.2 support. If this request does fail, the HTTP context is still valid, and still maintains the original protocol support. So we ignore the failure from this operation.
Edward Thomson 934e6a3b 2018-02-27T11:24:30 winhttp: include constants for TLS 1.1/1.2 support For platforms that do not define `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_1` and/or `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2`.
Edward Thomson 8c8db980 2018-02-27T10:32:29 mingw: update TLS option flags Include the constants for `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_1` and `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2` so that they can be used by mingw. This updates both the `deps/winhttp` framework (for classic mingw) and adds the defines for mingw64, which does not use that framework.
Edward Thomson ee6be190 2018-01-31T08:36:19 http: standardize user-agent addition The winhttp and posix http each need to add the user-agent to their requests. Standardize on a single function to include this so that we do not get the version numbers we're sending out of sync. Assemble the complete user agent in `git_http__user_agent`, returning assembled strings. Co-authored-by: Patrick Steinhardt <ps@pks.im>
Edward Thomson abb04caa 2018-02-01T15:55:48 consistent header guards use consistent names for the #include / #define header guard pattern.
Patrick Steinhardt 90f81f9f 2018-01-12T12:56:57 transports: local: fix memory leak in reference walk Upon downloading the pack file, the local transport will iterate through every reference using `git_reference_foreach`. The function is a bit tricky though in that it requires the passed callback to free the references, which does not currently happen. Fix the memory leak by freeing all passed references in the callback.
Edward Thomson 7610638e 2018-01-01T17:52:06 Merge pull request #4453 from libgit2/ethomson/spnego winhttp: properly support ntlm and negotiate
Edward Thomson 8cdf439b 2017-12-30T13:07:03 Merge pull request #4028 from chescock/improve-local-fetch Transfer fewer objects on push and local fetch
Edward Thomson 526dea1c 2017-12-29T17:41:24 winhttp: properly support ntlm and negotiate When parsing unauthorized responses, properly parse headers looking for both NTLM and Negotiate challenges. Set the HTTP credentials to default credentials (using a `NULL` username and password) with the schemes supported by ourselves and the server.
Etienne Samson 38eaa7ab 2017-11-24T12:28:19 winhttp: pass the same payload as ssh & http transports when checking certificates
Patrick Steinhardt 88450c1c 2017-11-09T21:49:30 Merge pull request #4283 from tiennou/generic-tls CMake: make HTTPS support more generic
Etienne Samson e9369856 2017-03-21T00:25:15 stream: Gather streams to src/streams
Curtis Vogt f2f14724 2017-09-21T15:51:52 transports: ssh: ask for credentials again when passphrase is wrong When trying to decode the private key it looks like LibSSH2 returns a LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED when the passphrase is incorrect.
Patrick Steinhardt 7cb705cb 2017-10-06T12:05:26 transports: smart: fix memory leak when skipping symbolic refs When we setup the revision walk for negotiating references with a remote, we iterate over all references, ignoring tags and symbolic references. While skipping over symbolic references, we forget to free the looked up reference, resulting in a memory leak when the next iteration simply overwrites the variable. Fix that issue by freeing the reference at the beginning of each iteration and collapsing return paths for error and success.
Patrick Steinhardt 0c7f49dd 2017-06-30T13:39:01 Make sure to always include "common.h" first Next to including several files, our "common.h" header also declares various macros which are then used throughout the project. As such, we have to make sure to always include this file first in all implementation files. Otherwise, we might encounter problems or even silent behavioural differences due to macros or defines not being defined as they should be. So in fact, our header and implementation files should make sure to always include "common.h" first. This commit does so by establishing a common include pattern. Header files inside of "src" will now always include "common.h" as its first other file, separated by a newline from all the other includes to make it stand out as special. There are two cases for the implementation files. If they do have a matching header file, they will always include this one first, leading to "common.h" being transitively included as first file. If they do not have a matching header file, they instead include "common.h" as first file themselves. This fixes the outlined problems and will become our standard practice for header and source files inside of the "src/" from now on.
Roger Gee e141f079 2017-06-10T11:46:09 smart_protocol: fix parsing of server ACK responses Fix ACK parsing in wait_while_ack() internal function. This patch handles the case where multi_ack_detailed mode sends 'ready' ACKs. The existing functionality would bail out too early, thus causing the processing of the ensuing packfile to fail if/when 'ready' ACKs were sent.
Patrick Steinhardt 97eb5ef0 2017-06-07T10:05:54 buffer: rely on `GITERR_OOM` set by `git_buf_try_grow` The function `git_buf_try_grow` consistently calls `giterr_set_oom` whenever growing the buffer fails due to insufficient memory being available. So in fact, we do not have to do this ourselves when a call to any buffer-growing function has failed due to an OOM situation. But we still do so in two functions, which this patch cleans up.
Carlos Martín Nieto 9b1260d3 2017-05-20T14:18:32 Merge pull request #4097 from implausible/fix/auto-detect-proxy-callbacks Fix proxy auto detect not utilizing callbacks
Patrick Steinhardt 2ce2a48f 2017-05-02T13:37:15 transports: ssh: clean up after libssh2 on exit After calling `libssh2_init`, we need to clean up after the library by executing `libssh2_exit` as soon as we exit. Register a shutdown handler to do so which simply calls `libssh2_exit`. This fixes several memory leaks.
Patrick Steinhardt 8c027351 2017-05-02T13:35:09 transports: ssh: report failure initializing libssh2 We unconditionally return success when initializing libssh2, regardless of whether `libgssh2_init` signals success or an error. Fix this by checking its return code.
Carlos Martín Nieto 5c760960 2017-04-17T13:03:03 transport: provide a getter for the proxy options As with the callbacks, third-party implementations of smart subtransports cannot reach into the opaque struct and thus cannot know what options the user set. Add a getter for these options to copy the proxy options into something external implementors can use.
Patrick Steinhardt b65a5e9b 2017-03-01T07:58:40 winhttp: disambiguate error messages when sending requests
Edward Thomson c576d4ff 2017-02-13T12:46:00 Merge pull request #4115 from gsaralms/users/gsaral/optionalOfsDelta Changes to provide option to turn off/on ofs_delta
Patrick Steinhardt c5f3da96 2016-11-11T14:36:43 repository: use `git_repository_item_path` The recent introduction of the commondir variable of a repository requires callers to distinguish whether their files are part of the dot-git directory or the common directory shared between multpile worktrees. In order to take the burden from callers and unify knowledge on which files reside where, the `git_repository_item_path` function has been introduced which encapsulate this knowledge. Modify most existing callers of `git_repository_path` to use `git_repository_item_path` instead, thus making them implicitly aware of the common directory.
Gaurav Saral 61acc9fa 2017-02-08T16:22:44 Changes to provide option to turn off/on ofs_delta This change provides an option in git_libgit2_opt_t which can be used in git_libgit2_opts to turn off/on ofs_delta capability in libGit2
Christopher Bargren 1e929eb5 2017-02-06T11:00:06 Pass proxy options payload to credentials callback
Chris Bargren fa2dfcf9 2017-02-01T09:28:30 Fix digest credentials for proxy in windows
tyler wanek 39e76bb3 2017-01-27T16:05:20 Do not discard proxy_options that have been set when auto is specified
Edward Thomson 1910a04a 2016-12-30T12:42:42 winhttp: set proper cert failure error messages Set up a WinHTTP status callback; inspect the WinHTTP status for WINHTTP_CALLBACK_STATUS_SECURE_FAILURE, and convert the status code to a useful message for callers.
Edward Thomson 4e4a1460 2016-12-30T12:13:34 WinHTTP: support best auth mechanism For username/password credentials, support NTLM or Basic (in that order of priority). Use the WinHTTP built-in authentication support for both, and maintain a bitfield of the supported mechanisms from the response.
Carlos Martín Nieto a6d833a2 2017-01-13T17:05:58 Merge pull request #4049 from libgit2/ethomson/error_msgs giterr_set: consistent error messages
Edward Thomson 6850b516 2017-01-06T17:12:16 Merge branch '25_smartpktparse' into maint/v0.25
Patrick Steinhardt 2fdef641 2016-11-15T11:44:51 smart_pkt: treat empty packet lines as error The Git protocol does not specify what should happen in the case of an empty packet line (that is a packet line "0004"). We currently indicate success, but do not return a packet in the case where we hit an empty line. The smart protocol was not prepared to handle such packets in all cases, though, resulting in a `NULL` pointer dereference. Fix the issue by returning an error instead. As such kind of packets is not even specified by upstream, this is the right thing to do.
Patrick Steinhardt 66e3774d 2016-11-15T11:36:27 smart_pkt: verify packet length exceeds PKT_LEN_SIZE Each packet line in the Git protocol is prefixed by a four-byte length of how much data will follow, which we parse in `git_pkt_parse_line`. The transmitted length can either be equal to zero in case of a flush packet or has to be at least of length four, as it also includes the encoded length itself. Not checking this may result in a buffer overflow as we directly pass the length to functions which accept a `size_t` length as parameter. Fix the issue by verifying that non-flush packets have at least a length of `PKT_LEN_SIZE`.
Etienne Samson 9a64e62f 2016-12-21T21:24:33 http: check certificate validity before clobbering the error variable
Edward Thomson 909d5494 2016-12-29T12:25:15 giterr_set: consistent error messages Error messages should be sentence fragments, and therefore: 1. Should not begin with a capital letter, 2. Should not conclude with punctuation, and 3. Should not end a sentence and begin a new one
Chris Hescock 709768a8 2016-12-09T15:59:52 Don't fetch objects we don't need in local transport. Hide all local refs in the revwalk. Packbuilder should not add hidden trees or blobs.
Carlos Martín Nieto fafafb1f 2016-12-20T16:19:30 http: bump the pretend git version in the User-Agent We want to keep the git UA in order for services to recognise that we're a Git client and not a browser. But in order to stop dumb HTTP some services have blocked UAs that claim to be pre-1.6.6 git. Thread these needles by using the "git/2.0" prefix which is still close enough to git's yet distinct enough that you can tell it's us.
Patrick Steinhardt 34b32053 2016-11-25T15:02:34 Fix potential use of uninitialized values
Patrick Steinhardt 482d1748 2016-11-25T15:01:35 transports: smart: do not redeclare loop counters
Patrick Steinhardt 62494bf2 2016-11-02T09:38:40 transports: smart: abort receiving packets on end of stream When trying to receive packets from the remote, we loop until either an error distinct to `GIT_EBUFS` occurs or until we successfully parsed the packet. This does not honor the case where we are looping over an already closed socket which has no more data, leaving us in an infinite loop if we got a bogus packet size or if the remote hang up. Fix the issue by returning `GIT_EEOF` when we cannot read data from the socket anymore.
Patrick Steinhardt 61530c49 2016-11-01T16:56:07 transports: smart: abort ref announcement on early end of stream When reading a server's reference announcements via the smart protocol, we expect the server to send multiple flushes before the protocol is finished. If we fail to receive new data from the socket, we will only return an end of stream error if we have not seen any flush yet. This logic is flawed in that we may run into an infinite loop when receiving a server's reference announcement with a bogus flush packet. E.g. assume the last flushing package is changed to not be '0000' but instead any other value. In this case, we will still await one more flush package and ignore the fact that we are not receiving any data from the socket, causing an infinite loop. Fix the issue by always returning `GIT_EEOF` if the socket indicates an end of stream.
Patrick Steinhardt b1453601 2016-08-17T11:38:26 transports: http: reset `connected` flag when closing transport
Patrick Steinhardt c4cba4e9 2016-08-17T11:00:05 transports: http: reset `connected` flag when re-connecting transport When calling `http_connect` on a subtransport whose stream is already connected, we first close the stream in case no keep-alive is in use. When doing so, we do not reset the transport's connection state, though. Usually, this will do no harm in case the subsequent connect will succeed. But when the connection fails we are left with a substransport which is tagged as connected but which has no valid stream attached. Fix the issue by resetting the subtransport's connected-state when closing its stream in `http_connect`.
wildart bdec62dc 2016-07-06T13:06:25 remove conditions that prevent use of custom TLS stream
David Brooks 6c9eb86f 2016-06-19T11:46:43 HTTP authentication scheme name is case insensitive.
Edward Thomson 2a09de91 2016-06-14T04:33:55 Merge pull request #3816 from pks-t/pks/memory-leaks Memory leak fixes
Patrick Steinhardt 43c55111 2016-06-07T14:14:07 winhttp: plug several memory leaks
Patrick Steinhardt 7d02019a 2016-06-06T12:59:17 transports: smart: fix potential invalid memory dereferences When we receive a packet of exactly four bytes encoding its length as those four bytes it can be treated as an empty line. While it is not really specified how those empty lines should be treated, we currently ignore them and do not return an error when trying to parse it but simply advance the data pointer. Callers invoking `git_pkt_parse_line` are currently not prepared to handle this case as they do not explicitly check this case. While they could always reset the passed out-pointer to `NULL` before calling `git_pkt_parse_line` and determine if the pointer has been set afterwards, it makes more sense to update `git_pkt_parse_line` to set the out-pointer to `NULL` itself when it encounters such an empty packet. Like this it is guaranteed that there will be no invalid memory references to free'd pointers. As such, the issue has been fixed such that `git_pkt_parse_line` always sets the packet out pointer to `NULL` when an empty packet has been received and callers check for this condition, skipping such packets.
Edward Thomson 375bb2fe 2016-04-21T11:02:31 transport: cast away constness for free
Carlos Martín Nieto 0d72f67f 2016-03-14T17:36:04 proxy: don't specify the protocol in the type We leave this up to the scheme in the url field. The type should only tell us about whether we want a proxy and whether we want to auto-detect it.
Carlos Martín Nieto bf6f7ad2 2015-09-30T17:42:53 winhttp: correctly detect HTTPS usage
Carlos Martín Nieto b373e9a6 2015-09-21T22:38:50 net: use proxy options struct in the stream config
Carlos Martín Nieto 22e6aa0d 2015-09-23T04:39:05 proxy: don't require the trailing slash on WinHTTP The path is not something that you use for proxies, so make use of the new optionality of the path when extracting URL parts.
Carlos Martín Nieto b117721d 2015-07-29T21:23:56 proxy: use poxy to test our Windows proxy support
Carlos Martín Nieto 07bd3e57 2015-05-07T12:57:56 proxy: ask the user for credentials if necessary
Carlos Martín Nieto d4763c98 2016-03-24T06:56:25 Merge pull request #3574 from chescock/buffer-sideband-pack-data Buffer sideband packet data
Chris Hescock 9028a8a2 2016-03-08T10:16:37 Only buffer if necessary.
Edward Thomson b7809b84 2016-03-08T13:38:55 Merge pull request #3555 from cbargren/ssh-git-protocols Support for ssh+git and git+ssh protocols
Carlos Martín Nieto 22f3d3aa 2016-03-03T22:26:31 ssh: initialize libssh2 We should have been doing this, but it initializes itself upon first use, which works as long as nobody's doing concurrent network operations. Initialize it on our init to make sure it's not getting initialized concurrently.
Carlos Martín Nieto a4cba9d4 2016-03-03T10:48:24 winhttp: retry authentication If the caller has provided bad authentication, give them another apportunity to get it right until they give up. This brings WinHTTP in line with the other transports.
Patrick Steinhardt 003c5e46 2016-02-22T15:52:49 transports: smart_pkt: fix memory leaks on error paths
Patrick Steinhardt 6e2a3755 2016-02-23T11:45:43 smart_pkt: check buffer with GITERR_CHECK_ALLOC_BUF
Patrick Steinhardt b0f7512f 2016-02-15T11:46:10 transports: smart_pkt: fix memory leaks
Patrick Steinhardt 704554cd 2016-02-15T11:37:48 transports: smart: fix memory leak on OOM path
Edward Thomson 9ce0399c 2016-02-12T10:27:05 winhttp: use an unsigned iterator
Edward Thomson 5c7f2f01 2016-01-19T11:13:23 winhttp: name mangle class / iid on mingw Standard Windows type systems define CLSID_InternetSecurityManager and IID_IInternetSecurityManager, but MinGW lacks these definitions. As a result, we must hardcode these definitions ourselves. However, we should not use a public struct with those names, lest another library do the same thing and consumers cannot link to both.
Chris Hescock a7d9d93d 2016-01-11T17:09:32 Buffer sideband packet data The inner packet may be split across multiple sideband packets.
Chris Bargren 4df17045 2015-12-28T07:43:24 Removing #define for SSH_PREFIX_COUNT and using ARRAY_SIZE instead Also moving var declarations to top of blocks to support bad old compilers
Michał Górny 02fdc2db 2015-12-26T17:17:05 ssh_stream_read(): fix possible *bytes_read < 0 branch Fix the possibility of returning successfully from ssh_stream_read() with *bytes_read < 0. This would occur if stdout channel read resulted in 0, and stderr channel read failed afterwards.
Chris Bargren ed21fd74 2015-12-22T10:38:31 Handle git+ssh:// and ssh+git:// protocols support
Chris Hescock efd9ab56 2015-11-20T11:26:26 Treat GIT_PASSTHROUGH as though git_cred_acquire_cb isn't set.
Carlos Martín Nieto 1411cb9e 2015-10-02T03:57:14 winhttp: use a custom user-agent if the user has set it We also keep the "git/1.0" prefix in order to maintain compatibility with hosters.
Carlos Martín Nieto 94bac76c 2015-10-02T03:46:34 http: use a custom user-agent if the user has set it We still prefix it with "git/1.0" since that's required in many situations, but we replace the area which mentions libgit2.
Carlos Martín Nieto e0be1d60 2015-10-30T18:23:17 git: put NULL check at the top
Carlos Martín Nieto 45d295e0 2015-10-30T17:51:50 git: accept NULL as argument to its stream free
Carlos Martín Nieto 72b7c570 2015-09-30T09:17:18 Merge pull request #3411 from spraints/custom-push-headers Include custom HTTP headers
Matt Burke d7375662 2015-09-25T10:16:16 Copy custom_headers insteach of referencing the caller's copy
Matt Burke d16c1b97 2015-09-24T10:30:37 These can be static
Matt Burke e60db3c7 2015-09-24T09:24:10 Revise custom header error messages If the header doesn't look like a header (e.g. if it doesn't have a ":" or if it has newlines), report "custom HTTP header '%s' is malformed". If the header has the same name as a header already set by libgit2 (e.g. "Host"), report "HTTP header '%s' is already set by libgit2".
Matt Burke 63cc5723 2015-09-24T09:13:05 Don't null-check
Matt Burke 098f1e6e 2015-09-24T09:09:48 Use an array of forbidden custom headers
Matt Burke 3245896b 2015-09-10T13:18:26 Add a test for custom header validation Also, *some* custom headers actually are valid.
Matt Burke 66d90e70 2015-09-10T09:14:20 More specific names
Matt Burke 8c876fa9 2015-09-10T09:11:16 Validate custom http headers
Matt Burke 35969c68 2015-09-10T08:58:23 Ignore NULL headers
Carlos Martín Nieto 6c21211c 2015-09-09T13:59:38 Merge pull request #3379 from theseion/additional_libssh2_error_reporting report libssh2 error if list of authentication methods can't be retrieved