kmx git

Commit	Date	Message
433a1334	2022-07-13T21:08:04	Merge pull request #6191 from libgit2/ethomson/sha256_poc RFC: SHA256 proof of concept
ed24b8ba	2022-07-05T23:47:15	repo: allow users running with sudo to access their repositories In the ownership checks implemented for CVE-2022-24765, we disallowed users to access their own repositories when running with `sudo`. Examine the `SUDO_UID` environment variable and allow users running with `sudo`. This matches git's behavior.
5bc01a7d	2022-07-04T16:01:01	fs: allow ownership match if user is in admin group Allow the user ownership to match if the file is owned by the admin group and the user is in the admin group, even if the current process is not running as administrator directly.
433f0166	2022-07-04T15:20:59	fs: refactor file ownership checks Refactor the file ownership checks so that callers can provide discrete information about the ownership expectations to a single function.
df354ec2	2022-07-03T09:07:32	fs: remove mock naming from change ownership constants The file ownership concepts can reflect the actual file ownership, they are not necessarily limited to mocking the interface. Rename them so that they can be more broadly applicable.
6c57bac6	2022-06-14T22:29:10	sha256: make sha256 an experimental optional feature libgit2 can be built with optional, experimental sha256 support. This allows consumers to begin testing and providing feedback for our sha256 support while we continue to develop it, and allows us to make API breaking changes while we iterate on a final sha256 implementation. The results will be `git2-experimental.dll` and installed as `git2-experimental.h` to avoid confusion with a production libgit2.
d1036201	2022-06-18T16:10:38	meta: generated `features.h` is now `git2_features.h` Linux has a /usr/include/features.h, which gets confusing; update this to `git2_features.h` and move it into the `util` directory.
96c61174	2022-06-13T11:19:55	cmake: only use `getloadavg` where it exists
c0b7f88e	2022-04-11T17:06:55	fs_path: mock ownership checks Provide a mock for file ownership for testability.
bf2620bc	2022-04-10T21:29:43	fs_path: refactor ownership checks into current user and system Provide individual file ownership checks for both the current user and the system user, as well as a combined current user and system user check.
3bd9bb8d	2022-04-04T13:28:40	sha256: support dynamically loaded openssl
0e30becc	2021-12-13T17:49:57	sha: cast nonsense for obnoxious gcc warnings gcc (mingw) warns when you cast the result of `GetProcAddress`; cast the results to `void *` before casting them to the actual result.
ce78c83b	2021-12-13T15:31:21	sha: ensure we test both cng and cryptoapi on windows When GIT_SHA1_WIN32 or GIT_SHA256_WIN32 is used, ensure that we test both CryptoNG ("cng") and CryptoAPI.
6a7d5d23	2021-12-13T11:54:49	sha: support Win32 for SHA256 Adding SHA256 support prompted an overdue refactoring of some of the unnecessary complexity around the CNG/CryptoAPI abstraction.
6b4a6faa	2021-12-12T15:41:47	sha: support OpenSSL for SHA256
b3e3fa10	2021-12-12T15:34:35	sha: support mbedTLS for SHA256
83c27786	2021-12-12T15:14:21	sha: support CommonCrypto for SHA256
b900981c	2021-12-12T14:25:25	sha: add sha256 algorithm Add support for a SHA256 hash algorithm, and add the "builtin" SHA256 hash engine (from RFC 6234).
36df49c2	2021-12-12T14:29:11	sha: GIT_ERROR_SHA1 is deprecated in favor of GIT_ERROR_SHA The more generic GIT_ERROR_SHA allows for SHA256 errors as well as SHA1.
c7b189ba	2021-12-12T13:19:36	sha1: refactor folder structure Eliminate the `sha1` folder, move it down into `hash` so that future impelmentations can share common code.
8bc998f4	2021-12-12T12:44:13	sha1: remove generic implementation Remove the "generic" implementation; it should never be used; it only existed for a no-dependencies configuration, and our bundled sha1dc satisfies that requirement _and_ is correct.
9f0088c4	2022-02-27T09:26:16	fs_path: exit quickly in `dirname_r` failure When we encounter a situation where we need to exit, simply `return -1` instead of trying to set `len = -1` and then jumping to the exit handler, which would erroneously do work based on the `len` value.
d9b041e6	2022-02-27T09:20:58	assert: add `ASSERT_WITH_CLEANUP` Now that we safely assert and return, we may need to be in a place where we need to unlock mutexes or cleanup resources. Provide `ASSERT_WITH_CLEANUP` that permits for this behavior by taking a block.
dcabef22	2022-02-21T13:06:43	futils: produce improved error messages
e7be6b76	2021-11-29T12:04:06	futils: provide an option to read a whole file by fd
5fcfada5	2021-11-15T07:45:16	cmake: document CMakeLists.txt hierarchy
c3b7ace9	2021-11-14T16:43:53	refactor: make util an object library Instead of simply including the utility files directly, make them a cmake object library for easy reusability between other projects within libgit2. Now the top-level `src` is responsible for platform selection, while the next-level `libgit2` and `util` configurations are responsible for identifying what objects they include.

433a1334

2022-07-13T21:08:04

Merge pull request #6191 from libgit2/ethomson/sha256_poc RFC: SHA256 proof of concept

ed24b8ba

2022-07-05T23:47:15

repo: allow users running with sudo to access their repositories In the ownership checks implemented for CVE-2022-24765, we disallowed users to access their own repositories when running with `sudo`. Examine the `SUDO_UID` environment variable and allow users running with `sudo`. This matches git's behavior.

5bc01a7d

2022-07-04T16:01:01

fs: allow ownership match if user is in admin group Allow the user ownership to match if the file is owned by the admin group and the user is in the admin group, even if the current process is not running as administrator directly.

433f0166

2022-07-04T15:20:59

fs: refactor file ownership checks Refactor the file ownership checks so that callers can provide discrete information about the ownership expectations to a single function.

df354ec2

2022-07-03T09:07:32

fs: remove mock naming from change ownership constants The file ownership concepts can reflect the actual file ownership, they are not necessarily limited to mocking the interface. Rename them so that they can be more broadly applicable.

6c57bac6

2022-06-14T22:29:10

sha256: make sha256 an experimental optional feature libgit2 can be built with optional, experimental sha256 support. This allows consumers to begin testing and providing feedback for our sha256 support while we continue to develop it, and allows us to make API breaking changes while we iterate on a final sha256 implementation. The results will be `git2-experimental.dll` and installed as `git2-experimental.h` to avoid confusion with a production libgit2.

d1036201

2022-06-18T16:10:38

meta: generated `features.h` is now `git2_features.h` Linux has a /usr/include/features.h, which gets confusing; update this to `git2_features.h` and move it into the `util` directory.

96c61174

2022-06-13T11:19:55

cmake: only use `getloadavg` where it exists

c0b7f88e

2022-04-11T17:06:55

fs_path: mock ownership checks Provide a mock for file ownership for testability.

bf2620bc

2022-04-10T21:29:43

fs_path: refactor ownership checks into current user and system Provide individual file ownership checks for both the current user and the system user, as well as a combined current user and system user check.

3bd9bb8d

2022-04-04T13:28:40

sha256: support dynamically loaded openssl

0e30becc

2021-12-13T17:49:57

sha: cast nonsense for obnoxious gcc warnings gcc (mingw) warns when you cast the result of `GetProcAddress`; cast the results to `void *` before casting them to the actual result.

ce78c83b

2021-12-13T15:31:21

sha: ensure we test both cng and cryptoapi on windows When GIT_SHA1_WIN32 or GIT_SHA256_WIN32 is used, ensure that we test both CryptoNG ("cng") and CryptoAPI.

6a7d5d23

2021-12-13T11:54:49

sha: support Win32 for SHA256 Adding SHA256 support prompted an overdue refactoring of some of the unnecessary complexity around the CNG/CryptoAPI abstraction.

6b4a6faa

2021-12-12T15:41:47

sha: support OpenSSL for SHA256

b3e3fa10

2021-12-12T15:34:35

sha: support mbedTLS for SHA256

83c27786

2021-12-12T15:14:21

sha: support CommonCrypto for SHA256

b900981c

2021-12-12T14:25:25

sha: add sha256 algorithm Add support for a SHA256 hash algorithm, and add the "builtin" SHA256 hash engine (from RFC 6234).

36df49c2

2021-12-12T14:29:11

sha: GIT_ERROR_SHA1 is deprecated in favor of GIT_ERROR_SHA The more generic GIT_ERROR_SHA allows for SHA256 errors as well as SHA1.

c7b189ba

2021-12-12T13:19:36

sha1: refactor folder structure Eliminate the `sha1` folder, move it down into `hash` so that future impelmentations can share common code.

8bc998f4

2021-12-12T12:44:13

sha1: remove generic implementation Remove the "generic" implementation; it should never be used; it only existed for a no-dependencies configuration, and our bundled sha1dc satisfies that requirement _and_ is correct.

9f0088c4

2022-02-27T09:26:16

fs_path: exit quickly in `dirname_r` failure When we encounter a situation where we need to exit, simply `return -1` instead of trying to set `len = -1` and then jumping to the exit handler, which would erroneously do work based on the `len` value.

d9b041e6

2022-02-27T09:20:58

assert: add `ASSERT_WITH_CLEANUP` Now that we safely assert and return, we may need to be in a place where we need to unlock mutexes or cleanup resources. Provide `ASSERT_WITH_CLEANUP` that permits for this behavior by taking a block.

dcabef22

2022-02-21T13:06:43

futils: produce improved error messages

e7be6b76

2021-11-29T12:04:06

futils: provide an option to read a whole file by fd

5fcfada5

2021-11-15T07:45:16

cmake: document CMakeLists.txt hierarchy

c3b7ace9

2021-11-14T16:43:53

refactor: make util an object library Instead of simply including the utility files directly, make them a cmake object library for easy reusability between other projects within libgit2. Now the top-level `src` is responsible for platform selection, while the next-level `libgit2` and `util` configurations are responsible for identifying what objects they include.

thodg/libgit2/src/util

src/util

Log