kmx git

Commit	Date	Message
a622ff17	2014-04-18T20:05:28	Only zero sensitive information on destruction (and memory actually allocated by us)
8ec0a552	2014-04-18T00:49:07	Make git_cred_ssh_custom_new() naming more consistent
478408c0	2014-04-17T23:03:44	Introduce git_cred_ssh_interactive_new() This allows for keyboard-interactive based SSH authentication
bd270b70	2014-04-18T17:08:10	cred: tighten username rules The ssh-specific credentials allow the username to be missing. The idea being that the ssh transport will then use the username provided in the url, if it's available. There are two main issues with this. The credential callback already knows what username was provided by the url and needs to figure out whether it wants to ask the user for it or it can reuse it, so passing NULL as the username means the credential callback is suspicious. The username provided in the url is not in fact used by the transport. The only time it even considers it is for the user/pass credential, which asserts the existence of a username in its constructor. For the ssh-specific ones, it passes in the username stored in the credential, which is NULL. The libssh2 macro we use runs strlen() against this value (which is no different from what we would be doing ourselves), so we then crash. As the documentation doesn't suggest to leave out the username, assert the need for a username in the code, which removes this buggy behavior and removes implicit state. git_cred_has_username() becomes a blacklist of credential types that do not have a username. The only one at the moment is the 'default' one, which is meant to call up some Microsoft magic.
ee7040fd	2013-11-20T14:11:44	ssh: add support for ssh-agent authentication
84efffc3	2013-11-13T16:57:51	Introduce git_cred_default for NTLM/SPNEGO auth
70a8c78f	2013-10-23T12:08:54	Rename the ssh credentials The names from libssh2 are somewhat obtuse for us. We can simplify the usual key/passphrase credential's name, as well as make clearer what the custom signature function is.
2648dc1a	2013-10-21T11:03:31	Allowed credential types should be a bitfield
7affc2f7	2013-08-11T23:30:47	Include username in each credential type Key-based authentication also needs an username, so include it in each one. Also stop assuming a default username of "git" in the ssh transport which has no business making such a decision.
c2de6b1a	2013-07-10T10:21:24	Bring SSH error reporting up to base standards The SSH error checking and reporting could still be further improved by using the libssh2 native methods to get error info, but at least this ensures that all error codes are checked and translated into libgit2 error messages.
a4456929	2013-07-09T16:16:24	Make credential clearing consistent This makes all of the credential objects use the same pattern to clear the contents and call git__memzero when done. Much of this information is probably not sensitive, but it also seems better to just clear consistently.
03d9b930	2013-07-09T14:45:58	Indent with tabs
5813bc21	2013-07-09T12:01:16	Lots of SSH credential stuff can be left on Much of the SSH credential creation API can be left enabled even on platforms with no SSH support. We really just have to give an error when you attempt to open the SSH connection.
a3c062db	2013-07-09T09:58:33	Make SSH APIs present even without SSH support The SSH APIs will just return an error code and state that the library was built without SSH support if they are called in that case.
0525fb7e	2013-06-17T14:31:14	cred: deploy git__memzero to clear memory holding a password
ccaee222	2013-05-15T12:46:33	Added GITERR_CHECK_ALLOC
e057e411	2013-05-15T12:44:51	Reworked git_cred_ssh_keyfile_passphrase_new method
574b86b7	2013-05-07T13:53:23	Fixed compilation issues when libssh2 is missing
c36565c0	2013-05-07T13:43:10	Added SSH public key authentication
f7158cd7	2013-05-03T16:31:16	Push working over ssh
520dcc1c	2013-01-08T19:55:59	Move credential helpers to their own (optional) header
ffb02b16	2013-01-08T12:58:20	Expose stock user/pass credential utility
359fc2d2	2013-01-08T17:07:25	update copyrights
6762fe08	2012-11-29T08:29:26	Remove casts of return values of type void *
a8122b5d	2012-11-21T15:39:03	Fix warnings on Win64 build
091361f5	2012-11-06T08:52:03	Basic authentication for http and winhttp

a622ff17

2014-04-18T20:05:28

Only zero sensitive information on destruction (and memory actually allocated by us)

8ec0a552

2014-04-18T00:49:07

Make git_cred_ssh_custom_new() naming more consistent

478408c0

2014-04-17T23:03:44

Introduce git_cred_ssh_interactive_new() This allows for keyboard-interactive based SSH authentication

bd270b70

2014-04-18T17:08:10

cred: tighten username rules The ssh-specific credentials allow the username to be missing. The idea being that the ssh transport will then use the username provided in the url, if it's available. There are two main issues with this. The credential callback already knows what username was provided by the url and needs to figure out whether it wants to ask the user for it or it can reuse it, so passing NULL as the username means the credential callback is suspicious. The username provided in the url is not in fact used by the transport. The only time it even considers it is for the user/pass credential, which asserts the existence of a username in its constructor. For the ssh-specific ones, it passes in the username stored in the credential, which is NULL. The libssh2 macro we use runs strlen() against this value (which is no different from what we would be doing ourselves), so we then crash. As the documentation doesn't suggest to leave out the username, assert the need for a username in the code, which removes this buggy behavior and removes implicit state. git_cred_has_username() becomes a blacklist of credential types that do not have a username. The only one at the moment is the 'default' one, which is meant to call up some Microsoft magic.

ee7040fd

2013-11-20T14:11:44

ssh: add support for ssh-agent authentication

84efffc3

2013-11-13T16:57:51

Introduce git_cred_default for NTLM/SPNEGO auth

70a8c78f

2013-10-23T12:08:54

Rename the ssh credentials The names from libssh2 are somewhat obtuse for us. We can simplify the usual key/passphrase credential's name, as well as make clearer what the custom signature function is.

2648dc1a

2013-10-21T11:03:31

Allowed credential types should be a bitfield

7affc2f7

2013-08-11T23:30:47

Include username in each credential type Key-based authentication also needs an username, so include it in each one. Also stop assuming a default username of "git" in the ssh transport which has no business making such a decision.

c2de6b1a

2013-07-10T10:21:24

Bring SSH error reporting up to base standards The SSH error checking and reporting could still be further improved by using the libssh2 native methods to get error info, but at least this ensures that all error codes are checked and translated into libgit2 error messages.

a4456929

2013-07-09T16:16:24

Make credential clearing consistent This makes all of the credential objects use the same pattern to clear the contents and call git__memzero when done. Much of this information is probably not sensitive, but it also seems better to just clear consistently.

03d9b930

2013-07-09T14:45:58

Indent with tabs

5813bc21

2013-07-09T12:01:16

Lots of SSH credential stuff can be left on Much of the SSH credential creation API can be left enabled even on platforms with no SSH support. We really just have to give an error when you attempt to open the SSH connection.

a3c062db

2013-07-09T09:58:33

Make SSH APIs present even without SSH support The SSH APIs will just return an error code and state that the library was built without SSH support if they are called in that case.

0525fb7e

2013-06-17T14:31:14

cred: deploy git__memzero to clear memory holding a password

ccaee222

2013-05-15T12:46:33

Added GITERR_CHECK_ALLOC

e057e411

2013-05-15T12:44:51

Reworked git_cred_ssh_keyfile_passphrase_new method

574b86b7

2013-05-07T13:53:23

Fixed compilation issues when libssh2 is missing

c36565c0

2013-05-07T13:43:10

Added SSH public key authentication

f7158cd7

2013-05-03T16:31:16

Push working over ssh

520dcc1c

2013-01-08T19:55:59

Move credential helpers to their own (optional) header

ffb02b16

2013-01-08T12:58:20

Expose stock user/pass credential utility

359fc2d2

2013-01-08T17:07:25

update copyrights

6762fe08

2012-11-29T08:29:26

Remove casts of return values of type void *

a8122b5d

2012-11-21T15:39:03

Fix warnings on Win64 build

091361f5

2012-11-06T08:52:03

Basic authentication for http and winhttp

thodg/libgit2/src/transports/cred.c

src/transports/cred.c

Log