|
3d11b6c5
|
2019-03-11T20:36:09
|
|
winhttp: support default credentials for proxies
We did not properly support default credentials for proxies, only for
destination servers. Refactor the credential handling to support sending
either username/password _or_ default credentials to either the proxy or
the destination server.
This actually shares the authentication logic between proxy servers and
destination servers. Due to copy/pasta drift over time, they had
diverged. Now they share a common logic which is: first, use
credentials specified in the URL (if there were any), treating empty
username and password (ie, "http://:@foo.com/") as default credentials,
for compatibility with git. Next, call the credential callbacks.
Finally, fallback to WinHTTP compatibility layers using built-in
authentication like we always have.
Allowing default credentials for proxies requires moving the security
level downgrade into the credential setting routines themselves.
We will update our security level to "high" by default which means that
we will never send default credentials without prompting. (A lower
setting, like the WinHTTP default of "medium" would allow WinHTTP to
handle credentials for us, despite what a user may have requested with
their structures.) Now we start with "high" and downgrade to "low" only
after a user has explicitly requested default credentials.
|
|
c6ab183e
|
2019-03-11T11:43:08
|
|
net: rename gitno_connection_data to git_net_url
"Connection data" is an imprecise and largely incorrect name; these
structures are actually parsed URLs. Provide a parser that takes a URL
string and produces a URL structure (if it is valid).
Separate the HTTP redirect handling logic from URL parsing, keeping a
`gitno_connection_data_handle_redirect` whose only job is redirect
handling logic and does not parse URLs itself.
|
|
bff7aed2
|
2019-01-24T16:44:04
|
|
Don't use deprecated constants
Follow up for PR #4917.
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
|
f673e232
|
2018-12-27T13:47:34
|
|
git_error: use new names in internal APIs and usage
Move to the `git_error` name in the internal API for error-related
functions.
|
|
321d19c1
|
2019-01-06T08:36:06
|
|
Windows is hard.
|
|
7b453e7e
|
2019-01-05T22:12:48
|
|
Fix a bunch of warnings
This change fixes a bunch of warnings that were discovered by compiling
with `clang -target=i386-pc-linux-gnu`. It turned out that the
intrinsics were not necessarily being used in all platforms! Especially
in GCC, since it does not support __has_builtin.
Some more warnings were gleaned from the Windows build, but I stopped
when I saw that some third-party dependencies (e.g. zlib) have warnings
of their own, so we might never be able to enable -Werror there.
|
|
6af8572c
|
2018-10-22T11:29:01
|
|
http transport: cap number of authentication replays
Put a limit on the number of authentication replays in the HTTP
transport. Standardize on 7 replays for authentication or redirects,
which matches the behavior of the WinHTTP transport.
|
|
a2e6e0ea
|
2018-11-06T14:15:43
|
|
transport: allow cred/cert callbacks to return GIT_PASSTHROUGH
Allow credential and certificate checking callbacks to return
GIT_PASSTHROUGH, indicating that they do not want to act.
Introduce this to support in both the http and ssh callbacks.
Additionally, enable the same mechanism for certificate validation.
This is most useful to disambiguate any meaning in the publicly exposed
credential and certificate functions (`git_transport_smart_credentials`
and `git_transport_smart_certificate_check`) but it may be more
generally useful for callers to be able to defer back to libgit2.
|
|
2613fbb2
|
2018-10-18T11:58:14
|
|
global: replace remaining use of `git__strtol32`
Replace remaining uses of the `git__strtol32` function. While these uses
are all safe as the strings were either sanitized or from a trusted
source, we want to remove `git__strtol32` altogether to avoid future
misuse.
|
|
ba55592f
|
2018-08-02T20:34:56
|
|
Merge pull request #4743 from Agent00Log/dev/winbugfixes
Windows: default credentials / fallback credential handling
|
|
ccbffbae
|
2018-07-30T13:39:21
|
|
Only unitialize if the call to CoInitializeEx was successful
|
|
8c21cb5c
|
2018-07-26T09:52:32
|
|
Fix fallback credentials: The call to CoInitializeEx fails if it was previously been set to a different mode.
|
|
c9dc30ff
|
2018-07-26T09:52:21
|
|
Fix default credentials: The WinHttpSetCredentials auth scheme must only be one of the supported schemes.
|
|
dc371e3c
|
2018-07-20T08:20:48
|
|
winhttp: retry erroneously failing requests
Early Windows TLS 1.2 implementations have an issue during key exchange
with OpenSSL implementations that cause negotiation to fail with the
error "the buffer supplied to a function was too small."
This is a transient error on the connection, so when that error is
received, retry up to 5 times to create a connection to the remote
server before actually giving up.
|
|
ecf4f33a
|
2018-02-08T11:14:48
|
|
Convert usage of `git_buf_free` to new `git_buf_dispose`
|
|
5ecb6220
|
2018-02-25T15:46:51
|
|
winhttp: enable TLS 1.2 on Windows 7 and earlier
Versions of Windows prior to Windows 8 do not enable TLS 1.2 by default,
though support may exist. Try to enable TLS 1.2 support explicitly on
connections.
This request may fail if the operating system does not have TLS 1.2
support - the initial release of Vista lacks TLS 1.2 support (though
it is available as a software update) and XP completely lacks TLS 1.2
support. If this request does fail, the HTTP context is still valid,
and still maintains the original protocol support. So we ignore the
failure from this operation.
|
|
934e6a3b
|
2018-02-27T11:24:30
|
|
winhttp: include constants for TLS 1.1/1.2 support
For platforms that do not define `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_1`
and/or `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2`.
|
|
8c8db980
|
2018-02-27T10:32:29
|
|
mingw: update TLS option flags
Include the constants for `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_1` and
`WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2` so that they can be used by mingw.
This updates both the `deps/winhttp` framework (for classic mingw) and
adds the defines for mingw64, which does not use that framework.
|
|
ee6be190
|
2018-01-31T08:36:19
|
|
http: standardize user-agent addition
The winhttp and posix http each need to add the user-agent to their
requests. Standardize on a single function to include this so that we
do not get the version numbers we're sending out of sync.
Assemble the complete user agent in `git_http__user_agent`, returning
assembled strings.
Co-authored-by: Patrick Steinhardt <ps@pks.im>
|
|
526dea1c
|
2017-12-29T17:41:24
|
|
winhttp: properly support ntlm and negotiate
When parsing unauthorized responses, properly parse headers looking for
both NTLM and Negotiate challenges. Set the HTTP credentials to default
credentials (using a `NULL` username and password) with the schemes
supported by ourselves and the server.
|
|
38eaa7ab
|
2017-11-24T12:28:19
|
|
winhttp: pass the same payload as ssh & http transports when checking certificates
|
|
0c7f49dd
|
2017-06-30T13:39:01
|
|
Make sure to always include "common.h" first
Next to including several files, our "common.h" header also declares
various macros which are then used throughout the project. As such, we
have to make sure to always include this file first in all
implementation files. Otherwise, we might encounter problems or even
silent behavioural differences due to macros or defines not being
defined as they should be. So in fact, our header and implementation
files should make sure to always include "common.h" first.
This commit does so by establishing a common include pattern. Header
files inside of "src" will now always include "common.h" as its first
other file, separated by a newline from all the other includes to make
it stand out as special. There are two cases for the implementation
files. If they do have a matching header file, they will always include
this one first, leading to "common.h" being transitively included as
first file. If they do not have a matching header file, they instead
include "common.h" as first file themselves.
This fixes the outlined problems and will become our standard practice
for header and source files inside of the "src/" from now on.
|
|
97eb5ef0
|
2017-06-07T10:05:54
|
|
buffer: rely on `GITERR_OOM` set by `git_buf_try_grow`
The function `git_buf_try_grow` consistently calls `giterr_set_oom`
whenever growing the buffer fails due to insufficient memory being
available. So in fact, we do not have to do this ourselves when a call
to any buffer-growing function has failed due to an OOM situation. But
we still do so in two functions, which this patch cleans up.
|
|
b65a5e9b
|
2017-03-01T07:58:40
|
|
winhttp: disambiguate error messages when sending requests
|
|
1e929eb5
|
2017-02-06T11:00:06
|
|
Pass proxy options payload to credentials callback
|
|
fa2dfcf9
|
2017-02-01T09:28:30
|
|
Fix digest credentials for proxy in windows
|
|
1910a04a
|
2016-12-30T12:42:42
|
|
winhttp: set proper cert failure error messages
Set up a WinHTTP status callback; inspect the WinHTTP status for
WINHTTP_CALLBACK_STATUS_SECURE_FAILURE, and convert the status code
to a useful message for callers.
|
|
4e4a1460
|
2016-12-30T12:13:34
|
|
WinHTTP: support best auth mechanism
For username/password credentials, support NTLM or Basic (in that order
of priority). Use the WinHTTP built-in authentication support for both,
and maintain a bitfield of the supported mechanisms from the response.
|
|
909d5494
|
2016-12-29T12:25:15
|
|
giterr_set: consistent error messages
Error messages should be sentence fragments, and therefore:
1. Should not begin with a capital letter,
2. Should not conclude with punctuation, and
3. Should not end a sentence and begin a new one
|
|
43c55111
|
2016-06-07T14:14:07
|
|
winhttp: plug several memory leaks
|
|
0d72f67f
|
2016-03-14T17:36:04
|
|
proxy: don't specify the protocol in the type
We leave this up to the scheme in the url field. The type should only
tell us about whether we want a proxy and whether we want to auto-detect
it.
|
|
bf6f7ad2
|
2015-09-30T17:42:53
|
|
winhttp: correctly detect HTTPS usage
|
|
22e6aa0d
|
2015-09-23T04:39:05
|
|
proxy: don't require the trailing slash on WinHTTP
The path is not something that you use for proxies, so make use of the
new optionality of the path when extracting URL parts.
|
|
07bd3e57
|
2015-05-07T12:57:56
|
|
proxy: ask the user for credentials if necessary
|
|
a4cba9d4
|
2016-03-03T10:48:24
|
|
winhttp: retry authentication
If the caller has provided bad authentication, give them another
apportunity to get it right until they give up. This brings WinHTTP in
line with the other transports.
|
|
9ce0399c
|
2016-02-12T10:27:05
|
|
winhttp: use an unsigned iterator
|
|
5c7f2f01
|
2016-01-19T11:13:23
|
|
winhttp: name mangle class / iid on mingw
Standard Windows type systems define CLSID_InternetSecurityManager
and IID_IInternetSecurityManager, but MinGW lacks these definitions.
As a result, we must hardcode these definitions ourselves. However,
we should not use a public struct with those names, lest another
library do the same thing and consumers cannot link to both.
|
|
efd9ab56
|
2015-11-20T11:26:26
|
|
Treat GIT_PASSTHROUGH as though git_cred_acquire_cb isn't set.
|
|
1411cb9e
|
2015-10-02T03:57:14
|
|
winhttp: use a custom user-agent if the user has set it
We also keep the "git/1.0" prefix in order to maintain compatibility
with hosters.
|
|
d7375662
|
2015-09-25T10:16:16
|
|
Copy custom_headers insteach of referencing the caller's copy
|
|
35969c68
|
2015-09-10T08:58:23
|
|
Ignore NULL headers
|
|
c82c2ba6
|
2015-09-08T14:17:59
|
|
o i
|
|
80ee2543
|
2015-09-08T13:38:22
|
|
Teach winhttp about the extra headers
|
|
79698030
|
2015-06-29T22:51:18
|
|
git_cert: child types use proper base type
|
|
0305721c
|
2015-06-30T14:23:41
|
|
winhttp: remove unused var
|
|
c5e07187
|
2015-03-24T14:03:51
|
|
Merge pull request #2990 from leoyanggit/custom_param
Add a custom param to git_smart_subtransport_definition
|
|
b631e0d9
|
2015-03-19T07:25:25
|
|
Use swprintf_s everywhere except mingw.org
|
|
142e5379
|
2015-03-17T12:49:33
|
|
Add a custom param to git_smart_subtransport_definition
The smart transport has already take the payload param. For the
sub transport a payload param is useful for the implementer.
|
|
3066026b
|
2014-08-26T11:18:33
|
|
Fix build on mingw-w64
|
|
8f426d7d
|
2014-06-09T11:43:25
|
|
Win32: Enable WinHTTP for MinGW
|
|
392702ee
|
2015-02-09T23:41:13
|
|
allocations: test for overflow of requested size
Introduce some helper macros to test integer overflow from arithmetic
and set error message appropriately.
|
|
ad2bf40a
|
2014-12-08T17:31:34
|
|
winhttp: plug some leaks
|
|
70d21742
|
2014-12-03T00:41:46
|
|
win32: clear connection data on close
|
|
334a0696
|
2014-10-26T17:36:14
|
|
Minor cleanup: Use defined no_check_cert_flags instead of C&P them again
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
|
e6e834a1
|
2014-09-18T12:23:07
|
|
Provide host name to certificate_check_cb
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
|
4fe5b771
|
2014-09-16T13:35:36
|
|
winhttp: get rid of the cert ignore flag
This brings us back in line with the other transports.
|
|
0782fc43
|
2014-09-16T01:47:30
|
|
net: use only structs to pass information about cert
Instead of spreading the data in function arguments, some of which
aren't used for ssh and having a struct only for ssh, use a struct for
both, using a common parent to pass to the callback.
|
|
7c8acc54
|
2014-08-30T14:26:57
|
|
winhttp: set ignore security flags on user command
If the user returns 0 from the certificate check and we had certificate issues, set the options to ignore certificate errors and resend the request.
|
|
67c84e06
|
2014-08-30T14:04:57
|
|
winhttp: bring together request sending
We need to call WinHttpSendRequest() in three different places. Unify all in a single function to have a single place for the certificate check.
|
|
5f2cf732
|
2014-08-30T13:12:33
|
|
winhttp: only do certificate check for SSL
If we're not using SSL, don't call the user's certificate check callback.
|
|
08545d36
|
2014-08-30T00:40:37
|
|
winhttp: credential check on successful connect
On successful connection, still ask the user whether they accept the server's certificate, indicating that WinHTTP would let it though.
|
|
69db8934
|
2014-08-27T19:19:55
|
|
Merge pull request #2538 from libgit2/ntk/propagate_url_parsing_error
winhttp: Prevent swallowing of url parsing error
|
|
f0c53d21
|
2014-08-27T10:28:46
|
|
winhttp: Prevent swallowing of url parsing error
|
|
86d0a53c
|
2014-08-27T01:30:47
|
|
Set timeout on remote (WinHTTP) should return error in case of failure. Connection timeout set to 1 minute. Read/Write timeout remains set to infinite #2147
|
|
2db71194
|
2014-07-24T04:15:24
|
|
Set timeout on remote (WinHTTP) to infinite #2147
|
|
e003f83a
|
2014-07-31T15:14:56
|
|
Introduce git_buf_decode_base64
Decode base64-encoded text into a git_buf
|
|
c983604e
|
2014-07-12T14:44:21
|
|
Consistently use p_snprintf
|
|
d07fd442
|
2014-07-12T14:37:39
|
|
Define WINHTTP_IGNORE_REQUEST_TOTAL_LENGTH if not defined
|
|
c2c81615
|
2014-04-19T18:05:31
|
|
Win32: UTF-8 <-> WCHAR conversion overhaul
|
|
1392418e
|
2014-03-18T09:04:33
|
|
Seamless support for NTLM/Kerberos auth on Windows
|
|
25e0b157
|
2013-12-06T15:07:57
|
|
Remove converting user error to GIT_EUSER
This changes the behavior of callbacks so that the callback error
code is not converted into GIT_EUSER and instead we propagate the
return value through to the caller. Instead of using the
giterr_capture and giterr_restore functions, we now rely on all
functions to pass back the return value from a callback.
To avoid having a return value with no error message, the user
can call the public giterr_set_str or some such function to set
an error message. There is a new helper 'giterr_set_callback'
that functions can invoke after making a callback which ensures
that some error message was set in case the callback did not set
one.
In places where the sign of the callback return value is
meaningful (e.g. positive to skip, negative to abort), only the
negative values are returned back to the caller, obviously, since
the other values allow for continuing the loop.
The hardest parts of this were in the checkout code where positive
return values were overloaded as meaningful values for checkout.
I fixed this by adding an output parameter to many of the internal
checkout functions and removing the overload. This added some
code, but it is probably a better implementation.
There is some funkiness in the network code where user provided
callbacks could be returning a positive or a negative value and
we want to rely on that to cancel the loop. There are still a
couple places where an user error might get turned into GIT_EUSER
there, I think, though none exercised by the tests.
|
|
84efffc3
|
2013-11-13T16:57:51
|
|
Introduce git_cred_default for NTLM/SPNEGO auth
|
|
80fc7d6b
|
2013-11-13T16:46:45
|
|
Propagate auth error codes as GIT_EUSER in winhttp
|
|
df9fc82e
|
2013-10-25T13:33:42
|
|
Use two calls to set two headers
|
|
3dc3c723
|
2013-10-08T15:52:37
|
|
Combine WinHTTP API calls
|
|
a58eecd4
|
2013-10-08T13:40:52
|
|
WinHTTP: set Accept header for POSTs
|
|
256961e4
|
2013-09-26T16:36:05
|
|
WHOOPS
|
|
ea59f659
|
2013-09-26T16:20:30
|
|
Deploy gitno_connection_data into transport (winhttp)
...and have that call manage replaced memory in the output structure.
|
|
f30d91ce
|
2013-09-26T11:03:27
|
|
Refactor URL handling to use library call
|
|
ac316e74
|
2013-09-25T14:25:38
|
|
Why are we disabling redirects?
|
|
4a88eb20
|
2013-09-25T12:13:09
|
|
Win32: handle http->https redirects
|
|
66566516
|
2013-09-08T17:15:42
|
|
Fix warning
|
|
1ff3a094
|
2013-08-27T19:41:44
|
|
Improve win32 version check, no ipv6 tests on XP
|
|
d4cff0cb
|
2013-08-13T09:40:32
|
|
Rename git__win32_path fns to git_win32_path
|
|
abf37327
|
2013-08-13T09:15:39
|
|
windows: Path conversion with better semantics
|
|
aaefbdee
|
2013-08-08T08:48:57
|
|
Discriminate path-specific and general UTF-X conversions
|
|
2c0128ee
|
2013-08-07T19:29:33
|
|
Rename git_win_str_utf* to git_win32_path_utf*
|
|
9c38f7a6
|
2013-08-07T13:22:41
|
|
Add typedefs for win32 utf-8 and utf-16 buffers
...and normalize the signatures of the two conversion functions.
|
|
d8563619
|
2013-08-05T11:41:39
|
|
Split UTF-16 and UTF-8 buffer sizes for win32
Also fixed up call-sites to use the correct buffer sizes, especially
when converting to utf-8.
|
|
37f66e82
|
2013-06-12T15:21:21
|
|
Fix Windows warnings
This fixes problems with missing function prototypes and 64-bit
data issues on Windows.
|
|
e583334c
|
2013-05-10T21:42:22
|
|
Fix broken build when MSVC SDL checks is enabled
|
|
5c5eeba6
|
2013-03-31T22:22:33
|
|
Add git_has_win32_version helper
|
|
0227fa2a
|
2013-03-30T21:36:04
|
|
Avoid pre-Win7 WinHTTP self-redirect quirk
|
|
55e0f53d
|
2013-03-14T15:09:29
|
|
Fix various build warnings
This fixes various build warnings on Mac and Windows (64-bit).
|
|
56543a60
|
2013-02-15T16:02:45
|
|
Clear up warnings from cppcheck
The cppcheck static analyzer generates warnings for a bunch of
places in the libgit2 code base. All the ones fixed in this
commit are actually false positives, but I've reorganized the
code to hopefully make it easier for static analysis tools to
correctly understand the structure. I wouldn't do this if I
felt like it was making the code harder to read or worse for
humans, but in this case, these fixes don't seem too bad and will
hopefully make it easier for better analysis tools to get at any
real issues.
|
|
016179d6
|
2013-01-31T14:54:58
|
|
WinHttp: use cred in url if provided
|
|
54ffc1f7
|
2013-01-31T14:41:01
|
|
HTTP: use creds in url if available
|
|
cf7038a6
|
2013-01-31T14:04:21
|
|
Enhance url parsing to include passwords
|
|
2234b2b0
|
2013-01-30T19:03:58
|
|
Stash username from url (but don't use it yet)
|
|
090d5e1f
|
2013-01-11T14:40:09
|
|
Fix MSVC compilation warnings
|