src/transports


Log

Author Commit Date CI Message
Patrick Steinhardt 1a709604 2016-06-06T12:59:17 transports: smart: fix potential invalid memory dereferences When we receive a packet of exactly four bytes encoding its length as those four bytes it can be treated as an empty line. While it is not really specified how those empty lines should be treated, we currently ignore them and do not return an error when trying to parse it but simply advance the data pointer. Callers invoking `git_pkt_parse_line` are currently not prepared to handle this case as they do not explicitly check this case. While they could always reset the passed out-pointer to `NULL` before calling `git_pkt_parse_line` and determine if the pointer has been set afterwards, it makes more sense to update `git_pkt_parse_line` to set the out-pointer to `NULL` itself when it encounters such an empty packet. Like this it is guaranteed that there will be no invalid memory references to free'd pointers. As such, the issue has been fixed such that `git_pkt_parse_line` always sets the packet out pointer to `NULL` when an empty packet has been received and callers check for this condition, skipping such packets.
Chris Hescock 9ee498e8 2016-03-08T10:16:37 Only buffer if necessary.
Chris Hescock e3862c9f 2016-01-11T17:09:32 Buffer sideband packet data The inner packet may be split across multiple sideband packets.
Chris Bargren e44f6586 2015-12-28T07:43:24 Removing #define for SSH_PREFIX_COUNT and using ARRAY_SIZE instead Also moving var declarations to top of blocks to support bad old compilers
Chris Bargren ff8e3f0e 2015-12-22T10:38:31 Handle git+ssh:// and ssh+git:// protocols support
Carlos Martín Nieto 22f3d3aa 2016-03-03T22:26:31 ssh: initialize libssh2 We should have been doing this, but it initializes itself upon first use, which works as long as nobody's doing concurrent network operations. Initialize it on our init to make sure it's not getting initialized concurrently.
Carlos Martín Nieto a4cba9d4 2016-03-03T10:48:24 winhttp: retry authentication If the caller has provided bad authentication, give them another apportunity to get it right until they give up. This brings WinHTTP in line with the other transports.
Patrick Steinhardt 003c5e46 2016-02-22T15:52:49 transports: smart_pkt: fix memory leaks on error paths
Patrick Steinhardt 6e2a3755 2016-02-23T11:45:43 smart_pkt: check buffer with GITERR_CHECK_ALLOC_BUF
Patrick Steinhardt b0f7512f 2016-02-15T11:46:10 transports: smart_pkt: fix memory leaks
Patrick Steinhardt 704554cd 2016-02-15T11:37:48 transports: smart: fix memory leak on OOM path
Edward Thomson 9ce0399c 2016-02-12T10:27:05 winhttp: use an unsigned iterator
Edward Thomson 5c7f2f01 2016-01-19T11:13:23 winhttp: name mangle class / iid on mingw Standard Windows type systems define CLSID_InternetSecurityManager and IID_IInternetSecurityManager, but MinGW lacks these definitions. As a result, we must hardcode these definitions ourselves. However, we should not use a public struct with those names, lest another library do the same thing and consumers cannot link to both.
Michał Górny 02fdc2db 2015-12-26T17:17:05 ssh_stream_read(): fix possible *bytes_read < 0 branch Fix the possibility of returning successfully from ssh_stream_read() with *bytes_read < 0. This would occur if stdout channel read resulted in 0, and stderr channel read failed afterwards.
Chris Hescock efd9ab56 2015-11-20T11:26:26 Treat GIT_PASSTHROUGH as though git_cred_acquire_cb isn't set.
Carlos Martín Nieto 1411cb9e 2015-10-02T03:57:14 winhttp: use a custom user-agent if the user has set it We also keep the "git/1.0" prefix in order to maintain compatibility with hosters.
Carlos Martín Nieto 94bac76c 2015-10-02T03:46:34 http: use a custom user-agent if the user has set it We still prefix it with "git/1.0" since that's required in many situations, but we replace the area which mentions libgit2.
Carlos Martín Nieto e0be1d60 2015-10-30T18:23:17 git: put NULL check at the top
Carlos Martín Nieto 45d295e0 2015-10-30T17:51:50 git: accept NULL as argument to its stream free
Carlos Martín Nieto 72b7c570 2015-09-30T09:17:18 Merge pull request #3411 from spraints/custom-push-headers Include custom HTTP headers
Matt Burke d7375662 2015-09-25T10:16:16 Copy custom_headers insteach of referencing the caller's copy
Matt Burke d16c1b97 2015-09-24T10:30:37 These can be static
Matt Burke e60db3c7 2015-09-24T09:24:10 Revise custom header error messages If the header doesn't look like a header (e.g. if it doesn't have a ":" or if it has newlines), report "custom HTTP header '%s' is malformed". If the header has the same name as a header already set by libgit2 (e.g. "Host"), report "HTTP header '%s' is already set by libgit2".
Matt Burke 63cc5723 2015-09-24T09:13:05 Don't null-check
Matt Burke 098f1e6e 2015-09-24T09:09:48 Use an array of forbidden custom headers
Matt Burke 3245896b 2015-09-10T13:18:26 Add a test for custom header validation Also, *some* custom headers actually are valid.
Matt Burke 66d90e70 2015-09-10T09:14:20 More specific names
Matt Burke 8c876fa9 2015-09-10T09:11:16 Validate custom http headers
Matt Burke 35969c68 2015-09-10T08:58:23 Ignore NULL headers
Carlos Martín Nieto 6c21211c 2015-09-09T13:59:38 Merge pull request #3379 from theseion/additional_libssh2_error_reporting report libssh2 error if list of authentication methods can't be retrieved
Matt Burke c82c2ba6 2015-09-08T14:17:59 o i
Matt Burke 80ee2543 2015-09-08T13:38:22 Teach winhttp about the extra headers
Matt Burke 276f6aa0 2015-09-08T14:00:37 Hook up the custom_headers to the http transport
Matt Burke 24f5b4e1 2015-09-08T13:34:42 Drop extra_http_headers from git_remote
Matt Burke 59d6128e 2015-09-04T09:36:50 Allow the world to set HTTP headers for remotes
Matt Burke ac9b5127 2015-09-04T09:20:45 Pull extra_http_headers from the git_remote
Matt Burke 6af6e690 2015-09-04T09:18:32 Put the extra headers on the connection_data instead
Matt Burke c3733e56 2015-09-04T08:56:26 Add more headers to HTTP requests
Carlos Martín Nieto 19475924 2015-08-25T00:39:58 Merge pull request #3355 from palmin/palmin/fix-2830 Include the 4 characters not recognised as hex-number in parse_len
Carlos Martín Nieto 57af0b92 2015-08-19T00:46:28 cred: add a free function wrapper
Carlos Martín Nieto 47ed7e5a 2015-08-18T20:55:59 transport: provide a way to get the callbacks libgit2 implementations of smart subtransports can simply reach through the structure, but external implementors cannot. Add these two functions as a way for the smart subtransports to get the callbacks as set by the user.
Anders Borum 2d1d2bb5 2015-08-05T18:50:25 Include the 4 characters not recognised as hex-number when setting error in parse_len
Edward Thomson 252f86e1 2015-08-15T13:46:32 Merge pull request #3377 from dleehr/fix-push-cb Fix bug in git_smart__push: push_transfer_progress cb is only called at end
Carlos Martín Nieto 11bca2d2 2015-08-15T18:15:23 http: propagate the credentials callback's error code When we ask for credentials, the user may choose to return EUSER to indicate that an error has happened on its end and it wants to be given back control. We must therefore pass that back to the user instead of mentioning that it was on_headers_complete() that returned an error code. Since we can, we return the exact error code from the user (other than PASSTHROUGH) since it doesn't cost anything, though using other error codes aren't recommended.
Max Leske 241414ee 2015-08-14T15:42:59 added a single line of additional error reporting from libssh2 when failing to retrieve the list of authentication methods
Dan Leehr b0b2c722 2015-08-13T22:52:52 Fix bug in git_smart__push: push_transfer_progress cb is never called The conditional checked cbs->transfer_progress then used the value in cbs->push_transfer_progress. In both cases it should be push_transfer_progress
Simon ac728c24 2015-08-03T07:38:07 Handle ssh:// and git:// urls containing a '~' character. For such a path '/~/...' the leading '/' is stripped so the server will get a path starting with '~' and correctly handle it.
Anders Borum 31a76374 2015-07-29T22:23:00 case-insensitive check for WWW-Authenticate header Fixes issue #3338
Carlos Martín Nieto f861abad 2015-07-12T19:56:19 Merge branch 'portable-zu'
Matthew Plough 768f8be3 2015-06-30T19:00:41 Fix #3094 - improve use of portable size_t/ssize_t format specifiers. The header src/cc-compat.h defines portable format specifiers PRIuZ, PRIdZ, and PRIxZ. The original report highlighted the need to use these specifiers in examples/network/fetch.c. For this commit, I checked all C source and header files not in deps/ and transitioned to the appropriate format specifier where appropriate.
Edward Thomson 79698030 2015-06-29T22:51:18 git_cert: child types use proper base type
Carlos Martín Nieto 2f60073d 2015-06-30T21:40:20 Merge pull request #3273 from ethomson/warnings3 More warnings
Pierre-Olivier Latour 1630981e 2015-06-30T09:03:23 http: fixed leak when asking for credentials again t->cred might have been allocated the previous time and needs to be freed before asking caller for credentials again.
Edward Thomson 0305721c 2015-06-30T14:23:41 winhttp: remove unused var
Carlos Martín Nieto 8b380060 2015-06-29T21:12:44 http: don't give up on auth on the first try When the server rejects an authentication request, ask the caller for the credentials again, instead of giving up on the first try.
Carlos Martín Nieto 8443f492 2015-06-11T16:57:04 curl: remove the encrypted param to the constructor We do not want libcurl to perform the TLS negotiation for us, so we don't need to pass this option.
Carlos Martín Nieto f97d5d09 2015-06-11T16:54:48 http: ask for the curl stream for non-encrypted connections The TLS streams talk over the curl stream themselves, so we don't need to ask for it explicitly. Do so in the case of the non-encrypted one so we can still make use proxies in that case.
Carlos Martín Nieto 8762d721 2015-06-07T14:51:10 http: set the proxy if the stream supports it Of the built-in ones, only cURL support it, but there's no reason a user-provided stream wouldn't support it.
Carlos Martín Nieto 8dea1c21 2015-06-05T11:02:11 Implement a curl stream cURL has a mode in which it acts a lot like our streams, providing send and recv functions and taking care of the TLS and proxy setup for us. Implement a new stream which uses libcurl instead of raw sockets or the TLS libraries directly. This version does not support reporting certificates or proxies yet.
Edward Thomson a166466c 2015-06-09T17:06:28 Merge pull request #3198 from libgit2/cmn/coverity A few fixes from Coverity
Carlos Martín Nieto 81be2f46 2015-06-09T16:01:29 ssh: move NULL check to the free function Let `ssh_stream_free()` take a NULL stream, as free functions should, and remove the check from the connection setup. The connection setup would not need the check anyhow, as we always have a stream by the time we reach this code.
Carlos Martín Nieto fdb82dcd 2015-06-07T15:10:13 Merge pull request #3175 from git-up/build_warnings Fixed build warnings on Xcode 6.1
Pierre-Olivier Latour 9f3c18e2 2015-06-02T08:36:15 Fixed build warnings on Xcode 6.1
Marius Ungureanu d71e3b25 2015-06-02T10:23:54 Change error when running out of ssh agent keys
Michał Górny 2629fc87 2015-05-24T22:33:55 cred: Check for null values when getting key from memory The public key field is optional and as such can take NULL. Account for that and do not call strlen() on NULL values. Also assert() for non-NULL values of username & private key.
Michał Górny f7142b5e 2015-05-24T18:38:47 cred: Declare GIT_CREDTYPE_SSH_MEMORY unconditionally Declare GIT_CREDTYPE_SSH_MEMORY to have consistent API independently of whether libgit2 was built with or without in-memory key passing support. Or rather, to have it at all since build-time definitions are not stored in headers.
David Calavera 08e6b875 2015-03-19T14:57:15 Return an error when ssh memory credentials are not supported. To not modify the external api.
David Calavera 7a8b8503 2015-03-17T09:19:15 Add support to read ssh keys from memory.
Carlos Martín Nieto 1396c381 2015-05-18T16:04:55 errors: add GIT_EEOF to indicate early EOF This can be used by tools to show mesages about failing to communicate with the server. The error message in this case will often contain the server's error message, as far as it managed to send anything.
Carlos Martín Nieto e3435673 2015-05-18T15:51:55 ssh: read from stderr if stdout is empty When we fail to read from stdout, it's typically because the URL was wrong and the server process has sent some output over its stderr output. Read that output and set the error message to whatever we read from it.
Marius Ungureanu 7e9a240e 2015-05-14T21:33:55 Make "Early EOF" message start with lowercase
Carlos Martín Nieto 542a7de0 2015-05-14T17:26:09 local: plug a leak in the progress reporting
Edward Thomson cd430bc7 2015-05-13T14:26:20 Merge pull request #3103 from libgit2/cmn/local-push-message Use the packbuilder in local push
Carlos Martín Nieto 8cec2b8a 2015-05-06T12:28:01 local: send the packbuilder progress via the sideband Set a callback for the packbuilder so we can send the sideband messages to the caller, formatting them as git would.
Carlos Martín Nieto 4a5b781a 2015-05-07T13:44:28 local: use the packbuilder to push Instead of copying each object individually, as we'd been doing, use the packbuilder which should be faster and give us some feedback. While performing this change, we can hook up the packbuilder's writing to the push progress so the caller knows how far along we are.
Carlos Martín Nieto 81c0fb08 2015-05-07T13:28:51 local: add clarification for non-bare push restriction
Carlos Martín Nieto 8f0104ec 2015-04-21T22:10:36 Remove the callbacks struct from the remote Having the setting be different from calling its actions was not a great idea and made for the sake of the wrong convenience. Instead of that, accept either fetch options, push options or the callbacks when dealing with the remote. The fetch options are currently only the callbacks, but more options will be moved from setters and getters on the remote to the options. This does mean passing the same struct along the different functions but the typical use-case will only call git_remote_fetch() or git_remote_push() and so won't notice much difference.
Carlos Martín Nieto 05259114 2015-04-21T20:16:48 push: remove own copy of callbacks The push object knows which remote it's associated with, and therefore does not need to keep its own copy of the callbacks stored in the remote. Remove the copy and simply access the callbacks struct within the remote.
J Wyman 7dd22538 2015-05-11T10:19:25 centralizing all IO buffer size values
Carlos Martín Nieto 24e53d2f 2015-03-19T09:55:20 Rename GIT_SSL to GIT_OPENSSL This is what it's meant all along, but now we actually have multiple implementations, it's clearer to use the name of the library.
Carlos Martín Nieto 6946a3be 2015-03-19T00:18:03 Abstract away the TLS stream implementation Instead, provide git_tls_stream_new() to ask for the most appropriate encrypted stream and use it in our HTTP transport.
Carlos Martín Nieto 6bb54cbf 2014-11-02T13:23:32 Add a SecureTransport TLS channel As an alternative to OpenSSL when we're on OS X. This one can actually take advantage of stacking the streams.
Edward Thomson 623fbd93 2015-04-10T11:38:07 Merge pull request #2974 from libgit2/cmn/clone-everything Make sure to pack referenced objects for non-branches
Edward Thomson c5e07187 2015-03-24T14:03:51 Merge pull request #2990 from leoyanggit/custom_param Add a custom param to git_smart_subtransport_definition
Edward Thomson aa7a4a50 2015-03-24T09:06:20 Merge pull request #2986 from tkelman/mingw_winhttp WinHTTP for MinGW
Carlos Martín Nieto 2a0f67f0 2015-03-21T21:48:03 git: make sure to close the network stream In case of a bad url or other error during the connection setup, we close the stream via free.
Tony Kelman b631e0d9 2015-03-19T07:25:25 Use swprintf_s everywhere except mingw.org
Leo Yang 142e5379 2015-03-17T12:49:33 Add a custom param to git_smart_subtransport_definition The smart transport has already take the payload param. For the sub transport a payload param is useful for the implementer.
Carlos Martín Nieto c84a9dd2 2015-03-12T01:52:15 local: recusrively insert non-branch objects into the packfile When we insert e.g. a tag or tagged object into the packfile, we must make sure to insert any referenced objects as well, or we will have broken links. Use the recursive version of packfile insertion to make sure we send over not just the tagged object but also the objects it references.
Edward Thomson 7800048a 2015-03-17T10:06:50 Merge pull request #2972 from libgit2/cmn/pack-objects-walk [WIP] Smarter pack-building
Alex Crichton 3066026b 2014-08-26T11:18:33 Fix build on mingw-w64
Philip Kelley 8f426d7d 2014-06-09T11:43:25 Win32: Enable WinHTTP for MinGW
Carlos Martín Nieto 84d83b8e 2015-03-16T19:41:50 http: do not try to use the cert callback on unencrypted streams When the user has a certificate check callback set, we still have to check whether the stream we're using is even capable of providing a certificate. In the case of an unencrypted certificate, do not ask for it from the stream, and do not call the callback.
Carlos Martín Nieto 0ef54a63 2015-03-11T17:16:39 local: create pack with multiple threads The default behaviour for the packbuilder is to perform the work in a single thread, which is fine for the public API, but we currently have no way for a user to determine the number of threads to use when creating the packfile, which makes our clone behaviour over the filesystem quite a bit slower than what git offers. This is a very particular scenario, in which we avoid spawning git by being ourselves the server-side, so it's probably ok to auto-set the threading, as the upload-pack process would do if we were talking to git.
Carlos Martín Nieto e68b31a1 2015-03-04T20:57:52 local: let the packbuilder perform smarter object insertion Currently we use the most naïve and inefficient method for figuring out which objects to send to the remote whereby we end up trying to insert subdirs which have not changed multiple times. Instead, make use of the packbuilder's built-in more efficient method which uses the walk to feed the object list and avoids inserting an object and its descendants.
Carlos Martín Nieto e892b6a9 2015-03-03T17:23:01 http: enforce the credential types The user may decide to return any type of credential, including ones we did not say we support. Add a check to make sure the user returned an object of the right type and error out if not.
Carlos Martín Nieto 659cf202 2015-01-07T12:23:05 Remove the signature from ref-modifying functions The signature for the reflog is not something which changes dynamically. Almost all uses will be NULL, since we want for the repository's default identity to be used, making it noise. In order to allow for changing the identity, we instead provide git_repository_set_ident() and git_repository_ident() which allow a user to override the choice of signature.
Edward Thomson f1453c59 2015-02-12T12:19:37 Make our overflow check look more like gcc/clang's Make our overflow checking look more like gcc and clang's, so that we can substitute it out with the compiler instrinsics on platforms that support it. This means dropping the ability to pass `NULL` as an out parameter. As a result, the macros also get updated to reflect this as well.
Edward Thomson ec3b4d35 2015-02-11T11:20:05 Use `size_t` to hold size of arrays Use `size_t` to hold the size of arrays to ease overflow checking, lest we check for overflow of a `size_t` then promptly truncate by packing the length into a smaller type.
Edward Thomson 4aa664ae 2015-02-10T23:55:07 git_buf_grow_by: increase buf asize incrementally Introduce `git_buf_grow_by` to incrementally increase the size of a `git_buf`, performing an overflow calculation on the growth.