kmx git

Commit	Date	Message
4fe5b771	2014-09-16T13:35:36	winhttp: get rid of the cert ignore flag This brings us back in line with the other transports.
1e0aa105	2014-09-16T03:22:09	ssh: expose both hashes The user may have the data hashed as MD5 or SHA-1, so we should provide both types for consumption.
286369a8	2014-09-16T02:27:16	ssh: provide our own types for host key lengths Instead of using the libssh2 defines, provide our own, which eases usage as we do not need to check whether libgit2 was built with libssh2 or not.
0782fc43	2014-09-16T01:47:30	net: use only structs to pass information about cert Instead of spreading the data in function arguments, some of which aren't used for ssh and having a struct only for ssh, use a struct for both, using a common parent to pass to the callback.
0fef3899	2014-09-16T01:25:53	Merge remote-tracking branch 'upstream/master' into cmn/host-cert-info
41698f22	2014-09-11T10:04:05	net: remove support for outright ignoring certificates This option make it easy to ignore anything about the server we're connecting to, which is bad security practice. This was necessary as we didn't use to expose detailed information about the certificate, but now that we do, we should get rid of this. If the user wants to ignore everything, they can still provide a callback which ignores all the information passed.
7c8acc54	2014-08-30T14:26:57	winhttp: set ignore security flags on user command If the user returns 0 from the certificate check and we had certificate issues, set the options to ignore certificate errors and resend the request.
67c84e06	2014-08-30T14:04:57	winhttp: bring together request sending We need to call WinHttpSendRequest() in three different places. Unify all in a single function to have a single place for the certificate check.
5f2cf732	2014-08-30T13:12:33	winhttp: only do certificate check for SSL If we're not using SSL, don't call the user's certificate check callback.
08545d36	2014-08-30T00:40:37	winhttp: credential check on successful connect On successful connection, still ask the user whether they accept the server's certificate, indicating that WinHTTP would let it though.
23ca0ad5	2014-08-29T21:25:13	Bring certificate check back to the normal return code Returning 0 lets the certificate check succeed. An error code is bubbled up to the user.
2f5864c5	2014-08-29T21:15:36	ssh: do ssh cert info before asking for credentials We know the host's key as soon as we connect, so we should perform the check as soon as we can, before we bother with the user's credentials.
17491f6e	2014-08-29T17:18:23	transport: always call the certificate check callback We should let the user decide whether to cancel the connection or not regardless of whether our checks have decided that the certificate is fine. We provide our own assessment to the callback to let the user fall back to our checks if they so desire.
ec1ce458	2014-08-10T17:06:53	http: send the DER-encoded cert to the callback Instead of the parsed data, we can ask OpenSSL to give us the DER-encoded version of the certificate, which the user can then parse and validate.
9b940586	2014-07-04T12:45:43	Provide a callback for certificate validation If the certificate validation fails (or always in the case of ssh), let the user decide whether to allow the connection. The data structure passed to the user is the native certificate information from the underlying implementation, namely OpenSSL or WinHTTP.
2dc399a8	2014-09-04T16:46:14	ssh: store error message immediately after a failed agent call When the call to the agent fails, we must retrieve the error message just after the function call, as other calls may overwrite it. As the agent authentication is the only one which has a teardown and there does not seem to be a way to get the error message from a stored error number, this tries to introduce some small changes to store the error from the agent. Clearing the error at the beginning of the loop lets us know whether the agent has already set the libgit2 error message and we should skip it, or if we should set it.
5cd81bb3	2014-09-03T01:01:25	Several CppCat warnings fixed
69db8934	2014-08-27T19:19:55	Merge pull request #2538 from libgit2/ntk/propagate_url_parsing_error winhttp: Prevent swallowing of url parsing error
893cfe06	2014-08-27T19:18:46	Merge pull request #2502 from rnowosielski/remote_set_timeout Set timeout on remote (Add timeout for WinHttpReceiveResponse #2147)
f0c53d21	2014-08-27T10:28:46	winhttp: Prevent swallowing of url parsing error
6a0d2b43	2014-08-27T15:09:07	Merge remote-tracking branch 'upstream/master' into cmn/ssh-retry
86d0a53c	2014-08-27T01:30:47	Set timeout on remote (WinHTTP) should return error in case of failure. Connection timeout set to 1 minute. Read/Write timeout remains set to infinite #2147
2db71194	2014-07-24T04:15:24	Set timeout on remote (WinHTTP) to infinite #2147
294c6f29	2014-08-16T22:12:13	http: make sure we can consume the data we request The recv buffer (parse_buffer) and the buffer have independent sizes and offsets. We try to fill in parse_buffer as much as possible before passing it to the http parser. This is fine most of the time, but fails us when the buffer is almost full. In those situations, parse_buffer can have more data than we would be able to put into the buffer (which may be getting full if we're towards the end of a data sideband packet). To work around this, we check if the space we have left on our buffer is smaller than what could come from the network. If this happens, we make parse_buffer think that it has as much space left as our buffer, so it won't try to retrieve more data than we can deal with. As the start of the data may no longer be at the start of the buffer, we need to keep track of where it really starts (data_offset) and use that in our calculations for the real size of the data we received from the network. This fixes #2518.
23135afa	2014-08-14T11:52:20	Introduce proper http authentication API
315cb38e	2014-07-31T18:43:20	Add GSSAPI support for SPNEGO/Kerberos auth over HTTP
e003f83a	2014-07-31T15:14:56	Introduce git_buf_decode_base64 Decode base64-encoded text into a git_buf
40867266	2014-07-31T18:39:58	Perform HTTP keep-alive
c180c065	2014-07-09T17:58:39	Custom transport: minor cleanups * Move the transport registration mechanisms into a new header under 'sys/' because this is advanced stuff. * Remove the 'priority' argument from the registration as it adds unnecessary complexity. (Since transports cannot decline to operate, only the highest priority transport is ever executed.) Users who require per-priority transports can implement that in their custom transport themselves. * Simplify registration further by taking a scheme (eg "http") instead of a prefix (eg "http://").
c983604e	2014-07-12T14:44:21	Consistently use p_snprintf
d07fd442	2014-07-12T14:37:39	Define WINHTTP_IGNORE_REQUEST_TOTAL_LENGTH if not defined
959a93e7	2014-07-13T11:50:49	Silence unused variables warnings
8baeb8a4	2014-07-16T13:03:34	ssh: Fix unused warning
d4256ed5	2014-07-04T10:00:39	ssh: provide a factory function for setting ssh paths git allows you to set which paths to use for the git server programs when connecting over ssh; and we want to provide something similar. We do this by providing a factory function which can be set as the remote's transport callback which will set the given paths upon creation.
ae241ae1	2014-07-03T20:20:00	Include libssh2.h before git2.h (transport.h)
de3cf801	2014-07-02T15:28:24	Merge pull request #2456 from libgit2/cmn/ssh-send-everything ssh: libssh2_channel_write() behaves like send()
0963716b	2014-07-02T12:49:51	ssh: libssh2_channel_write() behaves like send() When the stream writing function was written, it assume that libssh2_channel_write() would always write all of the data to the wire. This is only true for the first 32k of data, which it tries to fit into one ssh packet. Since it can perform short writes, call it in a loop like we do for send(), advancing the buffer offset.
bc8a0886	2014-06-27T11:51:35	Fix assert when receiving uncommon sideband packet
ccb85c8f	2014-06-25T16:27:43	ssh: make sure to ask for a username and use the same one In order to know which authentication methods are supported/allowed by the ssh server, we need to send a NONE auth request, which needs a username associated with it. Most ssh server implementations do not allow switching the username between authentication attempts, which means we cannot use a dummy username and then switch. There are two ways around this. The first is to use a different connection, which an earlier commit implements, but this increases how long it takes to get set up, and without knowing the right username, we cannot guarantee that the list we get in response is the right one. The second is what's implemented here: if there is no username specified in the url, ask for it first. We can then ask for the list of auth methods and use the user's credentials in the same connection.
d1c281a5	2014-06-25T16:24:26	cred: add convenience function to get the username Since each cred defines the username on their own, introduce git_cred__username to retrieve the username pointer from them.
54da6958	2014-06-25T15:41:01	cred: introduce username-only cred This exists as ssh needs to know about the username to use before it can query for the supported authentication methods.
d7f962f4	2014-06-16T19:30:06	ssh: request credentials again on authentication failure Instead of completely giving up on the first failure, ask for credentials as long as we fail to authenticate.
b529c5f9	2014-06-12T17:19:00	ssh: propagate the error code from the auth callback We need to be able to get a GIT_EUSER back through the outermost call.
22618906	2014-06-12T16:09:54	ssh: detect authentication methods Before calling the credentials callback, ask the sever which authentication methods it supports and report that to the user, instead of simply reporting everything that the transport supports. In case of an error, we do fall back to listing all of them.
9c3e4e97	2014-06-13T02:35:33	http: fix typo in credentials logic We want to check whether the credentials callback is NULL, not whether the payload is.
18d7896c	2014-06-03T21:47:53	clone: re-use the local transport's path resolution Whe already worked out the kinks with the function used in the local transport. Expose it and make use of it in the local clone method instead of trying to work it out again.
9331f98a	2014-05-22T12:52:31	smart: initialize the error variable
4c4408c3	2014-05-22T12:28:39	Plug leaks and fix a C99-ism We have too many places where we repeat free code, so when adding the new free to the generic code, it didn't take for the local transport. While there, fix a C99-ism that sneaked through.
a5982644	2014-05-22T02:28:42	Merge pull request #2376 from libgit2/cmn/remote-symref Add support for the symref extension
04865aa0	2014-05-21T10:01:44	local transport: expose the symref data When using the local transport, we always have the symbolic information available, so fill it.
306475eb	2014-05-20T09:55:26	remote: expose the remote's symref mappings Add a symref_target field to git_remote_head to expose the symref mappings to the user.
8156835d	2014-05-20T09:29:39	smart: store reported symrefs The protocol has a capability which allows the server to tell us which refs are symrefs, so we can e.g. know which is the default branch. This capability is different from the ones we already support, as it's not setting a flag to true, but requires us to store a list of refspec-formatted mappings. This commit does not yet expose the information in the reference listing.
ac11219b	2014-05-19T16:54:19	smart: send a flush when we disconnect The git server wants to hear a flush from us when we disconnect, particularly when we want to perform a fetch but are up to date.
8443ed6c	2014-04-25T02:10:19	Merge pull request #2284 from jacquesg/push-progress-callback Fire progress and update tips callbacks also for pushes.
5ca410b9	2014-04-23T07:13:49	Merge pull request #2283 from phkelley/win32_fs Win32: UTF-8 <-> WCHAR conversion overhaul
bc0a6198	2014-04-19T15:52:58	transports: allow the creds callback to say it doesn't exist Allow the credentials callback to return GIT_PASSTHROUGH to make the transports code behave as though none was set. This should make it easier for bindings to behave closer to the C code when there is no credentials callback set at their level.
8b686b31	2014-04-21T15:25:19	Correct argument order of git__calloc()
48e60ae7	2014-04-21T11:23:29	Don't redefine the same callback types, their signatures may change
98020d3a	2014-04-21T10:55:37	Rename progress callback to sideband_progress
4f62163e	2014-04-20T22:06:05	Check the return codes of remote callbacks. The user may have requested that the operation be cancelled.
9effa2fb	2014-04-20T19:19:13	Fire progress callbacks also for pushes. It's not very useful to only know that a pre-receive hook has declined a push, you probably want to know why.
c2c81615	2014-04-19T18:05:31	Win32: UTF-8 <-> WCHAR conversion overhaul
a622ff17	2014-04-18T20:05:28	Only zero sensitive information on destruction (and memory actually allocated by us)
8ec0a552	2014-04-18T00:49:07	Make git_cred_ssh_custom_new() naming more consistent
478408c0	2014-04-17T23:03:44	Introduce git_cred_ssh_interactive_new() This allows for keyboard-interactive based SSH authentication
bd270b70	2014-04-18T17:08:10	cred: tighten username rules The ssh-specific credentials allow the username to be missing. The idea being that the ssh transport will then use the username provided in the url, if it's available. There are two main issues with this. The credential callback already knows what username was provided by the url and needs to figure out whether it wants to ask the user for it or it can reuse it, so passing NULL as the username means the credential callback is suspicious. The username provided in the url is not in fact used by the transport. The only time it even considers it is for the user/pass credential, which asserts the existence of a username in its constructor. For the ssh-specific ones, it passes in the username stored in the credential, which is NULL. The libssh2 macro we use runs strlen() against this value (which is no different from what we would be doing ourselves), so we then crash. As the documentation doesn't suggest to leave out the username, assert the need for a username in the code, which removes this buggy behavior and removes implicit state. git_cred_has_username() becomes a blacklist of credential types that do not have a username. The only one at the moment is the 'default' one, which is meant to call up some Microsoft magic.
1392418e	2014-03-18T09:04:33	Seamless support for NTLM/Kerberos auth on Windows
5187b609	2014-03-07T14:58:43	local transport: catch double-opens Combinations of connect + fetch can call local_open multiple times. Detect this and skip the initialization stage.
300f4412	2014-02-25T11:56:11	- BUGFIX #2133 (@fourplusone) in smart_protocol.c - added MSVC cmake definitions to disable warnings - general.c is rewritten so it is ansi-c compatible and compiles ok on microsoft windows - some MSVC reported warning fixes
8bf476ac	2014-01-19T16:24:58	Factor out code to convert local "url" into a path. Previously this code was shared between `local_push` and `local_connect`.
4e974c97	2014-01-18T08:02:58	Fix local push to file:// URL.
0b28217b	2014-01-15T12:51:31	refs: remove the _with_log differentiation Any well-behaved program should write a descriptive message to the reflog whenever it updates a reference. Let's make this more prominent by removing the version without the reflog parameters.
9cfce273	2013-12-12T12:11:38	Cleanups, renames, and leak fixes This renames git_vector_free_all to the better git_vector_free_deep and also contains a couple of memory leak fixes based on valgrind checks. The fixes are specifically: failure to free global dir path variables when not compiled with threading on and failure to free filters from the filter registry that had not be initialized fully.
25e0b157	2013-12-06T15:07:57	Remove converting user error to GIT_EUSER This changes the behavior of callbacks so that the callback error code is not converted into GIT_EUSER and instead we propagate the return value through to the caller. Instead of using the giterr_capture and giterr_restore functions, we now rely on all functions to pass back the return value from a callback. To avoid having a return value with no error message, the user can call the public giterr_set_str or some such function to set an error message. There is a new helper 'giterr_set_callback' that functions can invoke after making a callback which ensures that some error message was set in case the callback did not set one. In places where the sign of the callback return value is meaningful (e.g. positive to skip, negative to abort), only the negative values are returned back to the caller, obviously, since the other values allow for continuing the loop. The hardest parts of this were in the checkout code where positive return values were overloaded as meaningful values for checkout. I fixed this by adding an output parameter to many of the internal checkout functions and removing the overload. This added some code, but it is probably a better implementation. There is some funkiness in the network code where user provided callbacks could be returning a positive or a negative value and we want to rely on that to cancel the loop. There are still a couple places where an user error might get turned into GIT_EUSER there, I think, though none exercised by the tests.
dab89f9b	2013-12-04T21:22:57	Further EUSER and error propagation fixes This continues auditing all the places where GIT_EUSER is being returned and making sure to clear any existing error using the new giterr_user_cancel helper. As a result, places that relied on intercepting GIT_EUSER but having the old error preserved also needed to be cleaned up to correctly stash and then retrieve the actual error. Additionally, as I encountered places where error codes were not being propagated correctly, I tried to fix them up. A number of those fixes are included in the this commit as well.
9f77b3f6	2013-11-25T14:21:34	Add config read fns with controlled error behavior This adds `git_config__lookup_entry` which will look up a key in a config and return either the entry or NULL if the key was not present. Optionally, it can either suppress all errors or can return them (although not finding the key is not an error for this function). Unlike other accessors, this does not normalize the config key string, so it must only be used when the key is known to be in normalized form (i.e. all lower-case before the first dot and after the last dot, with no invalid characters). This also adds three high-level helper functions to look up config values with no errors and a fallback value. The three functions are for string, bool, and int values, and will resort to the fallback value for any error that arises. They are: * `git_config__get_string_force` * `git_config__get_bool_force` * `git_config__get_int_force` None of them normalize the config `key` either, so they can only be used for internal cases where the key is known to be in normal format.
db4cbfe5	2013-12-02T14:09:12	Updates to cancellation logic during download and indexing of packfile.
ee7040fd	2013-11-20T14:11:44	ssh: add support for ssh-agent authentication
84efffc3	2013-11-13T16:57:51	Introduce git_cred_default for NTLM/SPNEGO auth
80fc7d6b	2013-11-13T16:46:45	Propagate auth error codes as GIT_EUSER in winhttp
6414fd33	2013-11-11T06:47:15	Merge pull request #1956 from libgit2/cmn/fetch-default-head Remote revamp (director's cut)
a6192d7c	2013-11-11T15:32:13	remote: update head list on push A previous commit forgot to update the head list after push as well, leading to wrong output of git_remote_ls().
359dce72	2013-11-02T00:05:32	remote: make _ls return the list directly The callback-based method of listing remote references dates back to the beginning of the network code's lifetime, when we didn't know any better. We need to keep the list around for update_tips() after disconnect() so let's make use of this to simply give the user a pointer to the array so they can write straightforward code instead of having to go through a callback.
0df96f2b	2013-11-10T07:31:21	Merge pull request #1936 from libgit2/better-url-parsing Streamline url-parsing logic.
7616b8d3	2013-11-05T17:34:45	don't double free pkt
ac72051a	2013-11-04T19:09:30	Fix ssh.c compile
c227c173	2013-11-04T11:42:14	Use http_parser_parse_url to parse urls
af613ecd	2013-10-28T23:30:45	remote: store dwimed refspecs separately This allows us to add e.g. "HEAD" as a refspec when none are given without overwriting the user's data.
a7382aa2	2013-10-26T16:52:54	remote: give up after 256 failures to find a common object This avoids sending our whole history bit by bit to the remote in cases where there is no common history, just to give up in the end. The number comes from the canonical implementation.
ac5e507c	2013-11-01T09:31:52	Merge pull request #1918 from libgit2/cmn/indexer-naming indexer: remove the stream infix
048f837b	2013-10-31T13:30:22	Prevent another segfault from bad URL
29b77446	2013-10-30T15:38:52	Initialize variables
2f8c481c	2013-10-08T16:22:21	protocol: basic support for multi_ack_detailed This tells the server that we speak it, but we don't make use of its extra information to determine if there's a better place to stop negotiating. In a somewhat-related change, reorder the capabilities so we ask for them in the same order as git does. Also take this opportunity to factor out a fairly-indented portion of the negotiation logic.
a6154f21	2013-10-30T15:00:05	indexer: remove the stream infix It was there to keep it apart from the one which read in from a file on disk. This other indexer does not exist anymore, so there is no need for anything other than git_indexer to refer to it. While here, rename _add() function to _append() and _finalize() to _commit(). The former change is cosmetic, while the latter avoids talking about "finalizing", which OO languages use to mean something completely different.
5c50f22a	2013-10-28T09:25:44	Merge pull request #1891 from libgit2/cmn/fix-thin-packs Add support for thin packs
5565f3cd	2013-10-28T07:04:58	Merge pull request #1904 from libgit2/cmn/ssh-naming Rename the ssh credentials
df9fc82e	2013-10-25T13:33:42	Use two calls to set two headers
5cb13670	2013-10-23T15:45:29	transport: let the progress output return an error There are any number of issues that can come up in the progress callback, and we should let the user cancel at that point as well.
70a8c78f	2013-10-23T12:08:54	Rename the ssh credentials The names from libssh2 are somewhat obtuse for us. We can simplify the usual key/passphrase credential's name, as well as make clearer what the custom signature function is.
2648dc1a	2013-10-21T11:03:31	Allowed credential types should be a bitfield

4fe5b771

2014-09-16T13:35:36

winhttp: get rid of the cert ignore flag This brings us back in line with the other transports.

1e0aa105

2014-09-16T03:22:09

ssh: expose both hashes The user may have the data hashed as MD5 or SHA-1, so we should provide both types for consumption.

286369a8

2014-09-16T02:27:16

ssh: provide our own types for host key lengths Instead of using the libssh2 defines, provide our own, which eases usage as we do not need to check whether libgit2 was built with libssh2 or not.

0782fc43

2014-09-16T01:47:30

net: use only structs to pass information about cert Instead of spreading the data in function arguments, some of which aren't used for ssh and having a struct only for ssh, use a struct for both, using a common parent to pass to the callback.

0fef3899

2014-09-16T01:25:53

Merge remote-tracking branch 'upstream/master' into cmn/host-cert-info

41698f22

2014-09-11T10:04:05

net: remove support for outright ignoring certificates This option make it easy to ignore anything about the server we're connecting to, which is bad security practice. This was necessary as we didn't use to expose detailed information about the certificate, but now that we do, we should get rid of this. If the user wants to ignore everything, they can still provide a callback which ignores all the information passed.

7c8acc54

2014-08-30T14:26:57

winhttp: set ignore security flags on user command If the user returns 0 from the certificate check and we had certificate issues, set the options to ignore certificate errors and resend the request.

67c84e06

2014-08-30T14:04:57

winhttp: bring together request sending We need to call WinHttpSendRequest() in three different places. Unify all in a single function to have a single place for the certificate check.

5f2cf732

2014-08-30T13:12:33

winhttp: only do certificate check for SSL If we're not using SSL, don't call the user's certificate check callback.

08545d36

2014-08-30T00:40:37

winhttp: credential check on successful connect On successful connection, still ask the user whether they accept the server's certificate, indicating that WinHTTP would let it though.

23ca0ad5

2014-08-29T21:25:13

Bring certificate check back to the normal return code Returning 0 lets the certificate check succeed. An error code is bubbled up to the user.

2f5864c5

2014-08-29T21:15:36

ssh: do ssh cert info before asking for credentials We know the host's key as soon as we connect, so we should perform the check as soon as we can, before we bother with the user's credentials.

17491f6e

2014-08-29T17:18:23

transport: always call the certificate check callback We should let the user decide whether to cancel the connection or not regardless of whether our checks have decided that the certificate is fine. We provide our own assessment to the callback to let the user fall back to our checks if they so desire.

ec1ce458

2014-08-10T17:06:53

http: send the DER-encoded cert to the callback Instead of the parsed data, we can ask OpenSSL to give us the DER-encoded version of the certificate, which the user can then parse and validate.

9b940586

2014-07-04T12:45:43

Provide a callback for certificate validation If the certificate validation fails (or always in the case of ssh), let the user decide whether to allow the connection. The data structure passed to the user is the native certificate information from the underlying implementation, namely OpenSSL or WinHTTP.

2dc399a8

2014-09-04T16:46:14

ssh: store error message immediately after a failed agent call When the call to the agent fails, we must retrieve the error message just after the function call, as other calls may overwrite it. As the agent authentication is the only one which has a teardown and there does not seem to be a way to get the error message from a stored error number, this tries to introduce some small changes to store the error from the agent. Clearing the error at the beginning of the loop lets us know whether the agent has already set the libgit2 error message and we should skip it, or if we should set it.

5cd81bb3

2014-09-03T01:01:25

Several CppCat warnings fixed

69db8934

2014-08-27T19:19:55

Merge pull request #2538 from libgit2/ntk/propagate_url_parsing_error winhttp: Prevent swallowing of url parsing error

893cfe06

2014-08-27T19:18:46

Merge pull request #2502 from rnowosielski/remote_set_timeout Set timeout on remote (Add timeout for WinHttpReceiveResponse #2147)

f0c53d21

2014-08-27T10:28:46

winhttp: Prevent swallowing of url parsing error

6a0d2b43

2014-08-27T15:09:07

Merge remote-tracking branch 'upstream/master' into cmn/ssh-retry

86d0a53c

2014-08-27T01:30:47

Set timeout on remote (WinHTTP) should return error in case of failure. Connection timeout set to 1 minute. Read/Write timeout remains set to infinite #2147

2db71194

2014-07-24T04:15:24

Set timeout on remote (WinHTTP) to infinite #2147

294c6f29

2014-08-16T22:12:13

http: make sure we can consume the data we request The recv buffer (parse_buffer) and the buffer have independent sizes and offsets. We try to fill in parse_buffer as much as possible before passing it to the http parser. This is fine most of the time, but fails us when the buffer is almost full. In those situations, parse_buffer can have more data than we would be able to put into the buffer (which may be getting full if we're towards the end of a data sideband packet). To work around this, we check if the space we have left on our buffer is smaller than what could come from the network. If this happens, we make parse_buffer think that it has as much space left as our buffer, so it won't try to retrieve more data than we can deal with. As the start of the data may no longer be at the start of the buffer, we need to keep track of where it really starts (data_offset) and use that in our calculations for the real size of the data we received from the network. This fixes #2518.

23135afa

2014-08-14T11:52:20

Introduce proper http authentication API

315cb38e

2014-07-31T18:43:20

Add GSSAPI support for SPNEGO/Kerberos auth over HTTP

e003f83a

2014-07-31T15:14:56

Introduce git_buf_decode_base64 Decode base64-encoded text into a git_buf

40867266

2014-07-31T18:39:58

Perform HTTP keep-alive

c180c065

2014-07-09T17:58:39

Custom transport: minor cleanups * Move the transport registration mechanisms into a new header under 'sys/' because this is advanced stuff. * Remove the 'priority' argument from the registration as it adds unnecessary complexity. (Since transports cannot decline to operate, only the highest priority transport is ever executed.) Users who require per-priority transports can implement that in their custom transport themselves. * Simplify registration further by taking a scheme (eg "http") instead of a prefix (eg "http://").

c983604e

2014-07-12T14:44:21

Consistently use p_snprintf

d07fd442

2014-07-12T14:37:39

Define WINHTTP_IGNORE_REQUEST_TOTAL_LENGTH if not defined

959a93e7

2014-07-13T11:50:49

Silence unused variables warnings

8baeb8a4

2014-07-16T13:03:34

ssh: Fix unused warning

d4256ed5

2014-07-04T10:00:39

ssh: provide a factory function for setting ssh paths git allows you to set which paths to use for the git server programs when connecting over ssh; and we want to provide something similar. We do this by providing a factory function which can be set as the remote's transport callback which will set the given paths upon creation.

ae241ae1

2014-07-03T20:20:00

Include libssh2.h before git2.h (transport.h)

de3cf801

2014-07-02T15:28:24

Merge pull request #2456 from libgit2/cmn/ssh-send-everything ssh: libssh2_channel_write() behaves like send()

0963716b

2014-07-02T12:49:51

ssh: libssh2_channel_write() behaves like send() When the stream writing function was written, it assume that libssh2_channel_write() would always write all of the data to the wire. This is only true for the first 32k of data, which it tries to fit into one ssh packet. Since it can perform short writes, call it in a loop like we do for send(), advancing the buffer offset.

bc8a0886

2014-06-27T11:51:35

Fix assert when receiving uncommon sideband packet

ccb85c8f

2014-06-25T16:27:43

ssh: make sure to ask for a username and use the same one In order to know which authentication methods are supported/allowed by the ssh server, we need to send a NONE auth request, which needs a username associated with it. Most ssh server implementations do not allow switching the username between authentication attempts, which means we cannot use a dummy username and then switch. There are two ways around this. The first is to use a different connection, which an earlier commit implements, but this increases how long it takes to get set up, and without knowing the right username, we cannot guarantee that the list we get in response is the right one. The second is what's implemented here: if there is no username specified in the url, ask for it first. We can then ask for the list of auth methods and use the user's credentials in the same connection.

d1c281a5

2014-06-25T16:24:26

cred: add convenience function to get the username Since each cred defines the username on their own, introduce git_cred__username to retrieve the username pointer from them.

54da6958

2014-06-25T15:41:01

cred: introduce username-only cred This exists as ssh needs to know about the username to use before it can query for the supported authentication methods.

d7f962f4

2014-06-16T19:30:06

ssh: request credentials again on authentication failure Instead of completely giving up on the first failure, ask for credentials as long as we fail to authenticate.

b529c5f9

2014-06-12T17:19:00

ssh: propagate the error code from the auth callback We need to be able to get a GIT_EUSER back through the outermost call.

22618906

2014-06-12T16:09:54

ssh: detect authentication methods Before calling the credentials callback, ask the sever which authentication methods it supports and report that to the user, instead of simply reporting everything that the transport supports. In case of an error, we do fall back to listing all of them.

9c3e4e97

2014-06-13T02:35:33

http: fix typo in credentials logic We want to check whether the credentials callback is NULL, not whether the payload is.

18d7896c

2014-06-03T21:47:53

clone: re-use the local transport's path resolution Whe already worked out the kinks with the function used in the local transport. Expose it and make use of it in the local clone method instead of trying to work it out again.

9331f98a

2014-05-22T12:52:31

smart: initialize the error variable

4c4408c3

2014-05-22T12:28:39

Plug leaks and fix a C99-ism We have too many places where we repeat free code, so when adding the new free to the generic code, it didn't take for the local transport. While there, fix a C99-ism that sneaked through.

a5982644

2014-05-22T02:28:42

Merge pull request #2376 from libgit2/cmn/remote-symref Add support for the symref extension

04865aa0

2014-05-21T10:01:44

local transport: expose the symref data When using the local transport, we always have the symbolic information available, so fill it.

306475eb

2014-05-20T09:55:26

remote: expose the remote's symref mappings Add a symref_target field to git_remote_head to expose the symref mappings to the user.

8156835d

2014-05-20T09:29:39

smart: store reported symrefs The protocol has a capability which allows the server to tell us which refs are symrefs, so we can e.g. know which is the default branch. This capability is different from the ones we already support, as it's not setting a flag to true, but requires us to store a list of refspec-formatted mappings. This commit does not yet expose the information in the reference listing.

ac11219b

2014-05-19T16:54:19

smart: send a flush when we disconnect The git server wants to hear a flush from us when we disconnect, particularly when we want to perform a fetch but are up to date.

8443ed6c

2014-04-25T02:10:19

Merge pull request #2284 from jacquesg/push-progress-callback Fire progress and update tips callbacks also for pushes.

5ca410b9

2014-04-23T07:13:49

Merge pull request #2283 from phkelley/win32_fs Win32: UTF-8 <-> WCHAR conversion overhaul

bc0a6198

2014-04-19T15:52:58

transports: allow the creds callback to say it doesn't exist Allow the credentials callback to return GIT_PASSTHROUGH to make the transports code behave as though none was set. This should make it easier for bindings to behave closer to the C code when there is no credentials callback set at their level.

8b686b31

2014-04-21T15:25:19

Correct argument order of git__calloc()

48e60ae7

2014-04-21T11:23:29

Don't redefine the same callback types, their signatures may change

98020d3a

2014-04-21T10:55:37

Rename progress callback to sideband_progress

4f62163e

2014-04-20T22:06:05

Check the return codes of remote callbacks. The user may have requested that the operation be cancelled.

9effa2fb

2014-04-20T19:19:13

Fire progress callbacks also for pushes. It's not very useful to only know that a pre-receive hook has declined a push, you probably want to know why.

c2c81615

2014-04-19T18:05:31

Win32: UTF-8 <-> WCHAR conversion overhaul

a622ff17

2014-04-18T20:05:28

Only zero sensitive information on destruction (and memory actually allocated by us)

8ec0a552

2014-04-18T00:49:07

Make git_cred_ssh_custom_new() naming more consistent

478408c0

2014-04-17T23:03:44

Introduce git_cred_ssh_interactive_new() This allows for keyboard-interactive based SSH authentication

bd270b70

2014-04-18T17:08:10

cred: tighten username rules The ssh-specific credentials allow the username to be missing. The idea being that the ssh transport will then use the username provided in the url, if it's available. There are two main issues with this. The credential callback already knows what username was provided by the url and needs to figure out whether it wants to ask the user for it or it can reuse it, so passing NULL as the username means the credential callback is suspicious. The username provided in the url is not in fact used by the transport. The only time it even considers it is for the user/pass credential, which asserts the existence of a username in its constructor. For the ssh-specific ones, it passes in the username stored in the credential, which is NULL. The libssh2 macro we use runs strlen() against this value (which is no different from what we would be doing ourselves), so we then crash. As the documentation doesn't suggest to leave out the username, assert the need for a username in the code, which removes this buggy behavior and removes implicit state. git_cred_has_username() becomes a blacklist of credential types that do not have a username. The only one at the moment is the 'default' one, which is meant to call up some Microsoft magic.

1392418e

2014-03-18T09:04:33

Seamless support for NTLM/Kerberos auth on Windows

5187b609

2014-03-07T14:58:43

local transport: catch double-opens Combinations of connect + fetch can call local_open multiple times. Detect this and skip the initialization stage.

300f4412

2014-02-25T11:56:11

- BUGFIX #2133 (@fourplusone) in smart_protocol.c - added MSVC cmake definitions to disable warnings - general.c is rewritten so it is ansi-c compatible and compiles ok on microsoft windows - some MSVC reported warning fixes

8bf476ac

2014-01-19T16:24:58

Factor out code to convert local "url" into a path. Previously this code was shared between `local_push` and `local_connect`.

4e974c97

2014-01-18T08:02:58

Fix local push to file:// URL.

0b28217b

2014-01-15T12:51:31

refs: remove the _with_log differentiation Any well-behaved program should write a descriptive message to the reflog whenever it updates a reference. Let's make this more prominent by removing the version without the reflog parameters.

9cfce273

2013-12-12T12:11:38

Cleanups, renames, and leak fixes This renames git_vector_free_all to the better git_vector_free_deep and also contains a couple of memory leak fixes based on valgrind checks. The fixes are specifically: failure to free global dir path variables when not compiled with threading on and failure to free filters from the filter registry that had not be initialized fully.

25e0b157

2013-12-06T15:07:57

Remove converting user error to GIT_EUSER This changes the behavior of callbacks so that the callback error code is not converted into GIT_EUSER and instead we propagate the return value through to the caller. Instead of using the giterr_capture and giterr_restore functions, we now rely on all functions to pass back the return value from a callback. To avoid having a return value with no error message, the user can call the public giterr_set_str or some such function to set an error message. There is a new helper 'giterr_set_callback' that functions can invoke after making a callback which ensures that some error message was set in case the callback did not set one. In places where the sign of the callback return value is meaningful (e.g. positive to skip, negative to abort), only the negative values are returned back to the caller, obviously, since the other values allow for continuing the loop. The hardest parts of this were in the checkout code where positive return values were overloaded as meaningful values for checkout. I fixed this by adding an output parameter to many of the internal checkout functions and removing the overload. This added some code, but it is probably a better implementation. There is some funkiness in the network code where user provided callbacks could be returning a positive or a negative value and we want to rely on that to cancel the loop. There are still a couple places where an user error might get turned into GIT_EUSER there, I think, though none exercised by the tests.

dab89f9b

2013-12-04T21:22:57

Further EUSER and error propagation fixes This continues auditing all the places where GIT_EUSER is being returned and making sure to clear any existing error using the new giterr_user_cancel helper. As a result, places that relied on intercepting GIT_EUSER but having the old error preserved also needed to be cleaned up to correctly stash and then retrieve the actual error. Additionally, as I encountered places where error codes were not being propagated correctly, I tried to fix them up. A number of those fixes are included in the this commit as well.

9f77b3f6

2013-11-25T14:21:34

Add config read fns with controlled error behavior This adds `git_config__lookup_entry` which will look up a key in a config and return either the entry or NULL if the key was not present. Optionally, it can either suppress all errors or can return them (although not finding the key is not an error for this function). Unlike other accessors, this does not normalize the config key string, so it must only be used when the key is known to be in normalized form (i.e. all lower-case before the first dot and after the last dot, with no invalid characters). This also adds three high-level helper functions to look up config values with no errors and a fallback value. The three functions are for string, bool, and int values, and will resort to the fallback value for any error that arises. They are: * `git_config__get_string_force` * `git_config__get_bool_force` * `git_config__get_int_force` None of them normalize the config `key` either, so they can only be used for internal cases where the key is known to be in normal format.

db4cbfe5

2013-12-02T14:09:12

Updates to cancellation logic during download and indexing of packfile.

ee7040fd

2013-11-20T14:11:44

ssh: add support for ssh-agent authentication

84efffc3

2013-11-13T16:57:51

Introduce git_cred_default for NTLM/SPNEGO auth

80fc7d6b

2013-11-13T16:46:45

Propagate auth error codes as GIT_EUSER in winhttp

6414fd33

2013-11-11T06:47:15

Merge pull request #1956 from libgit2/cmn/fetch-default-head Remote revamp (director's cut)

a6192d7c

2013-11-11T15:32:13

remote: update head list on push A previous commit forgot to update the head list after push as well, leading to wrong output of git_remote_ls().

359dce72

2013-11-02T00:05:32

remote: make _ls return the list directly The callback-based method of listing remote references dates back to the beginning of the network code's lifetime, when we didn't know any better. We need to keep the list around for update_tips() after disconnect() so let's make use of this to simply give the user a pointer to the array so they can write straightforward code instead of having to go through a callback.

0df96f2b

2013-11-10T07:31:21

Merge pull request #1936 from libgit2/better-url-parsing Streamline url-parsing logic.

7616b8d3

2013-11-05T17:34:45

don't double free pkt

ac72051a

2013-11-04T19:09:30

Fix ssh.c compile

c227c173

2013-11-04T11:42:14

Use http_parser_parse_url to parse urls

af613ecd

2013-10-28T23:30:45

remote: store dwimed refspecs separately This allows us to add e.g. "HEAD" as a refspec when none are given without overwriting the user's data.

a7382aa2

2013-10-26T16:52:54

remote: give up after 256 failures to find a common object This avoids sending our whole history bit by bit to the remote in cases where there is no common history, just to give up in the end. The number comes from the canonical implementation.

ac5e507c

2013-11-01T09:31:52

Merge pull request #1918 from libgit2/cmn/indexer-naming indexer: remove the stream infix

048f837b

2013-10-31T13:30:22

Prevent another segfault from bad URL

29b77446

2013-10-30T15:38:52

Initialize variables

2f8c481c

2013-10-08T16:22:21

protocol: basic support for multi_ack_detailed This tells the server that we speak it, but we don't make use of its extra information to determine if there's a better place to stop negotiating. In a somewhat-related change, reorder the capabilities so we ask for them in the same order as git does. Also take this opportunity to factor out a fairly-indented portion of the negotiation logic.

a6154f21

2013-10-30T15:00:05

indexer: remove the stream infix It was there to keep it apart from the one which read in from a file on disk. This other indexer does not exist anymore, so there is no need for anything other than git_indexer to refer to it. While here, rename _add() function to _append() and _finalize() to _commit(). The former change is cosmetic, while the latter avoids talking about "finalizing", which OO languages use to mean something completely different.

5c50f22a

2013-10-28T09:25:44

Merge pull request #1891 from libgit2/cmn/fix-thin-packs Add support for thin packs

5565f3cd

2013-10-28T07:04:58

Merge pull request #1904 from libgit2/cmn/ssh-naming Rename the ssh credentials

df9fc82e

2013-10-25T13:33:42

Use two calls to set two headers

5cb13670

2013-10-23T15:45:29

transport: let the progress output return an error There are any number of issues that can come up in the progress callback, and we should let the user cancel at that point as well.

70a8c78f

2013-10-23T12:08:54

Rename the ssh credentials The names from libssh2 are somewhat obtuse for us. We can simplify the usual key/passphrase credential's name, as well as make clearer what the custom signature function is.

2648dc1a

2013-10-21T11:03:31

Allowed credential types should be a bitfield

thodg/libgit2/src/transports

src/transports

Log