|
11bca2d2
|
2015-08-15T18:15:23
|
|
http: propagate the credentials callback's error code
When we ask for credentials, the user may choose to return EUSER to
indicate that an error has happened on its end and it wants to be given
back control.
We must therefore pass that back to the user instead of mentioning that
it was on_headers_complete() that returned an error code. Since we can,
we return the exact error code from the user (other than PASSTHROUGH)
since it doesn't cost anything, though using other error codes aren't
recommended.
|
|
31a76374
|
2015-07-29T22:23:00
|
|
case-insensitive check for WWW-Authenticate header
Fixes issue #3338
|
|
768f8be3
|
2015-06-30T19:00:41
|
|
Fix #3094 - improve use of portable size_t/ssize_t format specifiers.
The header src/cc-compat.h defines portable format specifiers PRIuZ, PRIdZ, and PRIxZ. The original report highlighted the need to use these specifiers in examples/network/fetch.c. For this commit, I checked all C source and header files not in deps/ and transitioned to the appropriate format specifier where appropriate.
|
|
1630981e
|
2015-06-30T09:03:23
|
|
http: fixed leak when asking for credentials again
t->cred might have been allocated the previous time and needs to be
freed before asking caller for credentials again.
|
|
8b380060
|
2015-06-29T21:12:44
|
|
http: don't give up on auth on the first try
When the server rejects an authentication request, ask the caller for
the credentials again, instead of giving up on the first try.
|
|
8443f492
|
2015-06-11T16:57:04
|
|
curl: remove the encrypted param to the constructor
We do not want libcurl to perform the TLS negotiation for us, so we
don't need to pass this option.
|
|
f97d5d09
|
2015-06-11T16:54:48
|
|
http: ask for the curl stream for non-encrypted connections
The TLS streams talk over the curl stream themselves, so we don't need
to ask for it explicitly. Do so in the case of the non-encrypted one so
we can still make use proxies in that case.
|
|
8762d721
|
2015-06-07T14:51:10
|
|
http: set the proxy if the stream supports it
Of the built-in ones, only cURL support it, but there's no reason a
user-provided stream wouldn't support it.
|
|
8dea1c21
|
2015-06-05T11:02:11
|
|
Implement a curl stream
cURL has a mode in which it acts a lot like our streams, providing send
and recv functions and taking care of the TLS and proxy setup for us.
Implement a new stream which uses libcurl instead of raw sockets or the
TLS libraries directly. This version does not support reporting
certificates or proxies yet.
|
|
7dd22538
|
2015-05-11T10:19:25
|
|
centralizing all IO buffer size values
|
|
24e53d2f
|
2015-03-19T09:55:20
|
|
Rename GIT_SSL to GIT_OPENSSL
This is what it's meant all along, but now we actually have multiple
implementations, it's clearer to use the name of the library.
|
|
6946a3be
|
2015-03-19T00:18:03
|
|
Abstract away the TLS stream implementation
Instead, provide git_tls_stream_new() to ask for the most appropriate
encrypted stream and use it in our HTTP transport.
|
|
6bb54cbf
|
2014-11-02T13:23:32
|
|
Add a SecureTransport TLS channel
As an alternative to OpenSSL when we're on OS X. This one can actually
take advantage of stacking the streams.
|
|
c5e07187
|
2015-03-24T14:03:51
|
|
Merge pull request #2990 from leoyanggit/custom_param
Add a custom param to git_smart_subtransport_definition
|
|
142e5379
|
2015-03-17T12:49:33
|
|
Add a custom param to git_smart_subtransport_definition
The smart transport has already take the payload param. For the
sub transport a payload param is useful for the implementer.
|
|
84d83b8e
|
2015-03-16T19:41:50
|
|
http: do not try to use the cert callback on unencrypted streams
When the user has a certificate check callback set, we still have to
check whether the stream we're using is even capable of providing a
certificate.
In the case of an unencrypted certificate, do not ask for it from the
stream, and do not call the callback.
|
|
e892b6a9
|
2015-03-03T17:23:01
|
|
http: enforce the credential types
The user may decide to return any type of credential, including ones we
did not say we support. Add a check to make sure the user returned an
object of the right type and error out if not.
|
|
a2fd56ab
|
2014-12-10T16:22:50
|
|
Fix a couple of compiler warnings
|
|
b6f5464e
|
2014-11-01T21:35:06
|
|
Port HTTP(S) to the new stream API
|
|
1ca61bdc
|
2014-11-19T20:53:25
|
|
fetch: clear the connection data on close
When we fetch twice with the same remote object, we did not properly
clear the connection flags, so we would leak state from the last
connection.
This can cause the second fetch with the same remote object to fail if
using a HTTP URL where the server redirects to HTTPS, as the second
fetch would see `use_ssl` set and think the initial connection wanted to
downgrade the connection.
|
|
369b0217
|
2014-10-13T13:34:15
|
|
Clean up various compiler warnings
|
|
e6e834a1
|
2014-09-18T12:23:07
|
|
Provide host name to certificate_check_cb
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
|
0782fc43
|
2014-09-16T01:47:30
|
|
net: use only structs to pass information about cert
Instead of spreading the data in function arguments, some of which
aren't used for ssh and having a struct only for ssh, use a struct for
both, using a common parent to pass to the callback.
|
|
41698f22
|
2014-09-11T10:04:05
|
|
net: remove support for outright ignoring certificates
This option make it easy to ignore anything about the server we're
connecting to, which is bad security practice. This was necessary as we
didn't use to expose detailed information about the certificate, but now
that we do, we should get rid of this.
If the user wants to ignore everything, they can still provide a
callback which ignores all the information passed.
|
|
23ca0ad5
|
2014-08-29T21:25:13
|
|
Bring certificate check back to the normal return code
Returning 0 lets the certificate check succeed. An error code is bubbled
up to the user.
|
|
17491f6e
|
2014-08-29T17:18:23
|
|
transport: always call the certificate check callback
We should let the user decide whether to cancel the connection or not
regardless of whether our checks have decided that the certificate is
fine. We provide our own assessment to the callback to let the user fall
back to our checks if they so desire.
|
|
ec1ce458
|
2014-08-10T17:06:53
|
|
http: send the DER-encoded cert to the callback
Instead of the parsed data, we can ask OpenSSL to give us the
DER-encoded version of the certificate, which the user can then parse
and validate.
|
|
9b940586
|
2014-07-04T12:45:43
|
|
Provide a callback for certificate validation
If the certificate validation fails (or always in the case of ssh),
let the user decide whether to allow the connection.
The data structure passed to the user is the native certificate
information from the underlying implementation, namely OpenSSL or
WinHTTP.
|
|
294c6f29
|
2014-08-16T22:12:13
|
|
http: make sure we can consume the data we request
The recv buffer (parse_buffer) and the buffer have independent sizes and
offsets. We try to fill in parse_buffer as much as possible before
passing it to the http parser. This is fine most of the time, but fails
us when the buffer is almost full.
In those situations, parse_buffer can have more data than we would be
able to put into the buffer (which may be getting full if we're towards
the end of a data sideband packet).
To work around this, we check if the space we have left on our buffer is
smaller than what could come from the network. If this happens, we make
parse_buffer think that it has as much space left as our buffer, so it
won't try to retrieve more data than we can deal with.
As the start of the data may no longer be at the start of the buffer, we
need to keep track of where it really starts (data_offset) and use that
in our calculations for the real size of the data we received from the
network.
This fixes #2518.
|
|
23135afa
|
2014-08-14T11:52:20
|
|
Introduce proper http authentication API
|
|
315cb38e
|
2014-07-31T18:43:20
|
|
Add GSSAPI support for SPNEGO/Kerberos auth over HTTP
|
|
e003f83a
|
2014-07-31T15:14:56
|
|
Introduce git_buf_decode_base64
Decode base64-encoded text into a git_buf
|
|
40867266
|
2014-07-31T18:39:58
|
|
Perform HTTP keep-alive
|
|
9c3e4e97
|
2014-06-13T02:35:33
|
|
http: fix typo in credentials logic
We want to check whether the credentials callback is NULL, not whether
the payload is.
|
|
bc0a6198
|
2014-04-19T15:52:58
|
|
transports: allow the creds callback to say it doesn't exist
Allow the credentials callback to return GIT_PASSTHROUGH to make the
transports code behave as though none was set.
This should make it easier for bindings to behave closer to the C code
when there is no credentials callback set at their level.
|
|
9cfce273
|
2013-12-12T12:11:38
|
|
Cleanups, renames, and leak fixes
This renames git_vector_free_all to the better git_vector_free_deep
and also contains a couple of memory leak fixes based on valgrind
checks. The fixes are specifically: failure to free global dir
path variables when not compiled with threading on and failure to
free filters from the filter registry that had not be initialized
fully.
|
|
25e0b157
|
2013-12-06T15:07:57
|
|
Remove converting user error to GIT_EUSER
This changes the behavior of callbacks so that the callback error
code is not converted into GIT_EUSER and instead we propagate the
return value through to the caller. Instead of using the
giterr_capture and giterr_restore functions, we now rely on all
functions to pass back the return value from a callback.
To avoid having a return value with no error message, the user
can call the public giterr_set_str or some such function to set
an error message. There is a new helper 'giterr_set_callback'
that functions can invoke after making a callback which ensures
that some error message was set in case the callback did not set
one.
In places where the sign of the callback return value is
meaningful (e.g. positive to skip, negative to abort), only the
negative values are returned back to the caller, obviously, since
the other values allow for continuing the loop.
The hardest parts of this were in the checkout code where positive
return values were overloaded as meaningful values for checkout.
I fixed this by adding an output parameter to many of the internal
checkout functions and removing the overload. This added some
code, but it is probably a better implementation.
There is some funkiness in the network code where user provided
callbacks could be returning a positive or a negative value and
we want to rely on that to cancel the loop. There are still a
couple places where an user error might get turned into GIT_EUSER
there, I think, though none exercised by the tests.
|
|
1b02baf4
|
2013-09-26T16:25:05
|
|
Adjust to new utility signature
|
|
83fbd368
|
2013-09-26T15:58:41
|
|
Deploy gitno_connection_data into transport
|
|
8988688c
|
2013-09-25T20:41:56
|
|
Migrate redirect URL handling to common utility
|
|
46fbc88e
|
2013-09-24T14:50:06
|
|
Prevent HTTPS to HTTP redirect
|
|
eb0ff130
|
2013-09-24T14:07:08
|
|
Disconnect path string to preserve after redirect
The subtransport path was relying on pointing to data owned by
the remote which meant that after a redirect, the updated path
was getting lost for future requests. This updates the http
transport to strdup the path and maintain its own lifetime.
This also pulls responsibility for parsing the URL back into the
http transport and isolates the functions that parse and free that
connection data so that they can be reused between the initial
parsing and the redirect parsing.
|
|
210d5325
|
2013-09-23T12:09:23
|
|
Allow redirects to use same host
|
|
35e0f3c6
|
2013-03-25T17:59:30
|
|
Refine the redirect check condition
|
|
2c7f7a66
|
2013-03-25T17:35:36
|
|
http: Support 302 Found (arrbee did most of the work)
|
|
54ffc1f7
|
2013-01-31T14:41:01
|
|
HTTP: use creds in url if available
|
|
cf7038a6
|
2013-01-31T14:04:21
|
|
Enhance url parsing to include passwords
|
|
7602cb7c
|
2013-01-31T10:44:57
|
|
Add user-from-url param to auth callback
|
|
2234b2b0
|
2013-01-30T19:03:58
|
|
Stash username from url (but don't use it yet)
|
|
359fc2d2
|
2013-01-08T17:07:25
|
|
update copyrights
|
|
59bccf33
|
2012-12-10T11:11:01
|
|
Add a payload param to git_cred_acquire_cb
Fixes #1128.
|
|
4a6621fd
|
2012-11-29T08:35:21
|
|
Leverage the min macro from util.h
|
|
6762fe08
|
2012-11-29T08:29:26
|
|
Remove casts of return values of type void *
|
|
613d5eb9
|
2012-11-28T11:42:37
|
|
Push! By schu, phkelley, and congyiwu, et al
|
|
f6c18dda
|
2012-11-13T14:17:41
|
|
http: Unrustle
|
|
aa1c3b58
|
2012-11-13T14:13:47
|
|
Merge pull request #1016 from arrbee/fix-checkout-dir-removal
Update checkout with new strategies & behavior
|
|
d51e54f1
|
2012-11-13T14:28:44
|
|
Remove unused variables
|
|
757b4065
|
2012-11-09T14:01:44
|
|
Fix warnings and valgrind issues
This fixes some various warnings that showed up in Travis and
a couple uses of uninitialized memory and one memory leak.
|
|
11fa8472
|
2012-11-06T11:27:23
|
|
Don't store no_check_cert; fetch it on demand
|
|
2f7538ec
|
2012-11-06T09:36:04
|
|
Fix connection leak in http subtransport
|
|
091361f5
|
2012-11-06T08:52:03
|
|
Basic authentication for http and winhttp
|
|
ff830366
|
2012-11-01T12:07:42
|
|
Http: Set an error for invalid content-type
|
|
41fb1ca0
|
2012-10-29T13:41:14
|
|
Reorganize transport architecture (squashed 3)
|
|
a0ce87c5
|
2012-10-26T13:43:13
|
|
Add network transfer callbacks on Windows
|
|
7bcd9e23
|
2012-10-19T19:23:32
|
|
gitno_buffer: callback on each packet
The fetch code takes advantage of this to implement a
progress callback every 100kb of transfer.
|
|
68206c54
|
2012-10-13T21:00:45
|
|
test: fix some memory leaks
|
|
aeba5e17
|
2012-10-10T23:55:03
|
|
http: don't discard the HEAD ref
The fix for fetching from empty repositories (22935b06d protocol:
don't store flushes; 2012-10-07) forgot to take into account the
deletion of the flush pkt in the HTTP transport. As a result, the HEAD
ref advertisement where we detect the remote's capabilities was
deleted instead. Fix this.
|
|
9ac8b113
|
2012-09-20T14:06:49
|
|
Fix MSVC amd64 compilation warnings
|
|
3ce22c74
|
2012-08-26T19:22:34
|
|
http: use WinHTTP on Windows
Wondows has its own HTTP library. Use that one when possible instead of
our own.
As we don't depend on them anymore, remove the http-parser library from
the Windows build, as well as the search for OpenSSL.
|
|
687ec68b
|
2012-09-14T00:51:29
|
|
http: use the new unicode functions
The winhttp branch was based on a version before these existed, so the
build broke on Windows.
|
|
cc1d85d1
|
2012-08-25T23:32:19
|
|
http: increase buffer side to deal with side-band-64k
This poor transport was forgotten in the recent sideband support.
|
|
e9ca852e
|
2012-08-23T09:20:17
|
|
Fix warnings and merge issues on Win64
|
|
5dca2010
|
2012-08-03T17:08:01
|
|
Update iterators for consistency across library
This updates all the `foreach()` type functions across the library
that take callbacks from the user to have a consistent behavior.
The rules are:
* A callback terminates the loop by returning any non-zero value
* Once the callback returns non-zero, it will not be called again
(i.e. the loop stops all iteration regardless of state)
* If the callback returns non-zero, the parent fn returns GIT_EUSER
* Although the parent returns GIT_EUSER, no error will be set in
the library and `giterr_last()` will return NULL if called.
This commit makes those changes across the library and adds tests
for most of the iteration APIs to make sure that they follow the
above rules.
|
|
ad4b5beb
|
2012-07-25T10:40:59
|
|
transport: store the refs in a common area
Instad of each transport having its own function and logic to get to
its refs, store them directly in transport.
Leverage the new gitno_buffer to make the parsing and storing of the
refs use common code and get rid of the git_protocol struct.
|
|
0048372a
|
2012-07-27T01:09:06
|
|
transport: rename encrypt to use_ssl
SSL isn't the only way that a transport can be encrypted. The new name
will make it easier to merge the SSH support.
|
|
b49c8f71
|
2012-07-24T19:03:22
|
|
remote: use the same code to control git and http
This allows us to add capabilitites to both at the same time, keeps
them in sync and removes a lot of code.
gitno_buffer now uses a callback to fill its buffer, allowing us to
use the same interface for git and http (which uses callbacks).
|
|
64d01de8
|
2012-07-24T14:23:16
|
|
remote: start moving the protocol to a common area
For the transition, http is going to keep its own logic until the
git/common code catches up with the implied multi_ack that http
has. This also has the side-effect of making the code cleaner and more
correct regardingt he protocol.
|
|
37159957
|
2012-06-28T09:33:08
|
|
indexer: don't use '/objects/pack/' unconditionally
Not everyone who indexes a packfile wants to put it in the standard
git repository location.
|
|
fdc5c38e
|
2012-06-05T23:03:06
|
|
transports: fix buglet
|
|
966fbdcb
|
2012-06-05T13:53:33
|
|
Merge pull request #697 from carlosmn/ssl
Add HTTPS support
|
|
e9551e86
|
2012-06-02T16:52:22
|
|
Fix git_close/http_close/local_close to set the transport's connected attribute to 0.
|
|
250b95b2
|
2012-05-26T21:17:08
|
|
ssl: allow skipping the server certificate check
Sometimes it's useful not to perform the check. Allow it to be
configurable.
|
|
66024c7c
|
2012-05-01T00:05:25
|
|
http: add https support when GnuTLS is available
If it's not available, an error saying so will be returned when trying
to use a https:// URL.
This also unifies a lot of the network code to use git_transport in
many places instead of an socket descriptor.
|
|
a6f24a5b
|
2012-05-01T01:50:26
|
|
https: make it work with OpenSSL as well
Add specific functions that use OpenSSL instead of GnuTLS
|
|
89460f3f
|
2012-05-03T14:07:55
|
|
ssl: teardown the connection on close
This should help us free some resources, though the libraries do keep
some buffers allocated regardless.
|
|
904b67e6
|
2012-05-18T01:48:50
|
|
errors: Rename error codes
|
|
e172cf08
|
2012-05-18T01:21:06
|
|
errors: Rename the generic return codes
|
|
cd58c15c
|
2012-05-05T16:47:20
|
|
Merge remote-tracking branch 'scottjg/fix-mingw32' into development
Conflicts:
src/netops.c
src/netops.h
src/transports/http.c
tests-clar/clar
|
|
b4b96d56
|
2012-05-05T13:30:33
|
|
Fix gitno_connect() error handling on Windows
gitno_connect() can return an error or socket, which is fine on most
platforms where sockets are file descriptors (signed int), but on Windows,
SOCKET is an unsigned type, which is problematic when we are trying to
test if the socket was actually a negative error code.
This fix seperates the error code and socket in gitno_connect(), and fixes
the error handling in do_connect() functions to compensate. It appears
that git_connect() and the git-transport do_connect() functions had bugs
in the non-windows cases too (leaking sockets, and not properly reporting
connection error, respectively) so I went ahead and fixed those too.
|
|
3fbcac89
|
2012-05-02T19:56:38
|
|
Remove old and unused error codes
|
|
ced9da54
|
2012-04-30T14:38:15
|
|
Merge pull request #654 from carlosmn/pkt-err
Recognize and report server-side error messages
|
|
39e6af6a
|
2012-04-30T17:44:37
|
|
net: recognize and report server-side error messages
When e.g. a repository isn't found, the server sends an error saying
so. Put that error message in our error buffer.
|
|
fa6420f7
|
2012-04-29T21:46:33
|
|
buf: deploy git_buf_len()
|
|
dee5515a
|
2012-04-14T18:34:50
|
|
transports: buffer the git requests before sending them
Trying to send every single line immediately won't give us any speed
improvement and duplicates the code we need for other transports. Make
the git transport use the same buffer functions as HTTP.
|
|
7a520f5d
|
2012-04-13T23:19:38
|
|
fetch: use the streaming indexer when downloading a pack
This changes the git_remote_download() API, but the existing one is
silly, so you don't get to complain.
The new API allows to know how much data has been downloaded, how many
objects we expect in total and how many we've processed.
|
|
44ef8b1b
|
2012-04-13T13:00:10
|
|
Fix warnings on 64-bit windows builds
This fixes all the warnings on win64 except those in deps, which
come from the regex code.
|
|
25530fca
|
2012-03-06T11:26:10
|
|
error-handling: http
|
|
cb8a7961
|
2012-03-07T00:02:55
|
|
error-handling: Repository
This also includes droping `git_buf_lasterror` because it makes no sense
in the new system. Note that in most of the places were it has been
dropped, the code needs cleanup. I.e. GIT_ENOMEM is going away, so
instead it should return a generic `-1` and obviously not throw
anything.
|
|
5e0de328
|
2012-02-13T17:10:24
|
|
Update Copyright header
Signed-off-by: schu <schu-github@schulog.org>
|
|
9269ccce
|
2012-01-19T23:44:52
|
|
diff-index: fix leak
The buffer wasn't getting freed if the last difference was a deletion.
|