kmx git

Commit	Date	Message
77e46232	2016-12-17T14:31:36	settings: clarify what each value means Most importantly, clarify what it means for HTTPS and SSH to be supported.
061a0ad1	2016-12-17T14:23:35	settings: don't hard-code HTTPS capability This partially reverts bdec62dce1c17465b7330100ea2f71e63fc411dd which activates the transport code-paths which allow you to use a custom TLS implementation without having to have one at build-time. However the capabilities describe how libgit2 was built, not what it could potentially support, bring back the ifdefs so we only say we support HTTPS if libgit2 was itself built with a TLS implementation.
c5e6ba28	2016-12-15T18:19:49	Merge pull request #4029 from libgit2/cmn/windows-no-concurrent-compress refdb: disable concurrent compress in the threading tests on Windows
9d5f12ff	2016-12-12T22:43:11	Merge pull request #4018 from pks-t/pks/various-fixes Various fixes
b31283a6	2016-12-12T17:09:12	refdb: disable concurrent compress in the threading tests on Windows This is far from an ideal situation, but this causes issues on Windows which make it harder to develop anything, as these tests hit issues which relate specifically to the Windows filesystem like permission errors for files we should be able to access. There is an issue likely related to the ordering of the repack, but there's enough noise that it does not currently help us to run this aspect of the test in CI.
482d1748	2016-11-25T15:01:35	transports: smart: do not redeclare loop counters
6cf575b1	2016-11-25T15:01:04	path: remove unused local variable
013ecb4f	2016-11-25T15:00:50	revwalk: do not re-declare `commit` variable
8468a440	2016-11-25T15:00:20	odb_mempack: mark zero-length array as GIT_FLEX_ARRAY
34b32053	2016-11-25T15:02:34	Fix potential use of uninitialized values
ab0cc5a0	2016-11-25T14:58:16	clar: mark `cl_git_thread_check()` as inline The function `cl_git_thread_check()` is defined as static. As the function is defined in a header file which is included by our tests, this can result in warnings for every test file where `cl_git_thread_check` is never used. Fix the issue by marking it as inline instead.
e781a0c5	2016-11-25T15:02:07	graph: flag fields should be declared as unsigned
8339c660	2016-12-07T17:44:25	Merge pull request #4020 from novalis/rebase-detached git_rebase_init: correctly handle detached HEAD
15769731	2016-12-07T15:01:20	Merge pull request #4014 from bokic/patch-1 Properly pass `wchar *` type to giterr_set
9af59f5d	2016-12-06T03:08:52	Properly pass `wchar *` type to giterr_set
5c18ece3	2016-12-04T15:58:40	Merge pull request #4022 from josharian/patch-1 remote: fix typo in git_fetch_init_options docs
72cee168	2016-12-02T16:14:47	remote: fix typo in git_fetch_init_options docs
4db1fc7e	2016-12-01T23:06:41	git_rebase_init: correctly handle detached HEAD git_rebase_finish relies on head_detached being set, but rebase_init_merge was only setting it when branch->ref_name was unset. But branch->ref_name would be set to "HEAD" in the case of detached HEAD being either implicitly (NULL) or explicitly passed to git_rebase_init.
86364af9	2016-11-20T11:30:45	Properly pass `wchar *` type to giterr_set
ae5838f1	2016-11-18T21:01:51	Merge pull request #4010 from libgit2/ethomson/clar_threads Introduce some clar helpers for child threads
6367c58c	2016-11-18T18:30:20	tests: handle life without threads
6a05c7a0	2016-11-18T07:37:47	threads::refdb tests: use new threaded clar assert
bbf22f82	2016-11-18T07:34:20	clar: Introduce assertion helpers for threads Don't `cl_git_pass` in a child thread. When the assertion fails, clar will `longjmp` to its error handler, but: > The effect of a call to longjmp() where initialization of the jmp_buf > structure was not performed in the calling thread is undefined. Instead, set up an error context that threads can populate, and the caller can check.
99479062	2016-11-18T16:50:34	core::init tests: reverse init/shutdown We want a predictable number of initializations in our multithreaded init test, but we also want to make sure that we have _actually_ initialized `git_libgit2_init` before calling `git_thread_create` (since it now has a sanity check that `git_libgit2_init` has been called). Since `git_thread_create` is internal-only, keep this sanity check. Flip the invocation so that we `git_libgit2_init` before our thread tests and `git_libgit2_shutdown` again after.
82f15896	2016-11-18T07:19:22	threads: introduce `git_thread_exit` Introduce `git_thread_exit`, which will allow threads to terminate at an arbitrary time, returning a `void `. On Windows, this means that we need to store the current `git_thread` in TLS, so that we can set its `return` value when terminating. We cannot simply use `ExitThread`, since Win32 returns `DWORD`s from threads; we return `void `.
6b0510e5	2016-11-17T15:45:23	Merge pull request #4009 from pranitbauva1997/fix-string-format use `giterr_set_str()` wherever possible
65b78ea3	2016-11-17T01:08:49	use `giterr_set_str()` wherever possible `giterr_set()` is used when it is required to format a string, and since we don't really require it for this case, it is better to stick to `giterr_set_str()`. This also suppresses a warning(-Wformat-security) raised by the compiler. Signed-off-by: Pranit Bauva <pranit.bauva@gmail.com>
a6763ff9	2016-11-15T19:04:18	Merge pull request #4007 from libgit2/cmn/bump-v25 Bump version number to v0.25
0cd162be	2016-11-15T16:28:10	Merge pull request #4008 from pks-t/pks/sortedcache-fd-leak sortedcache: plug leaked file descriptor
613381fc	2016-11-15T13:33:05	patch_parse: fix memory leak
24b2182c	2016-11-15T12:53:53	sortedcache: plug leaked file descriptor
1db3035d	2016-11-15T12:18:49	Merge pull request #3996 from pks-t/pks/curl-lastsocket-deprecation curl_stream: use CURLINFO_ACTIVESOCKET if curl is recent enough
5569778a	2016-11-15T11:15:40	Bump version number to v0.25
f5ea9d4a	2016-11-15T11:02:30	Merge pull request #3962 from libgit2/ethomson/issue_template Introduce a GitHub Issue Template
7ebf099d	2016-11-15T10:54:15	Merge pull request #4004 from libgit2/cmn/changelog CHANGELOG: fill in some updates we missed
5cbd5260	2016-11-11T11:37:00	curl_stream: use CURLINFO_ACTIVESOCKET if curl is recent enough The `CURLINFO_LASTSOCKET` information has been deprecated since curl version 7.45.0 as it may result in an overflow in the returned socket on certain systems, most importantly on 64 bit Windows. Instead, a new call `CURLINFO_ACTIVESOCKET` has been added which instead returns a `curl_socket_t`, which is always sufficiently long to store a socket. As we need to provide backwards compatibility with curl versions smaller than 7.45.0, alias CURLINFO_ACTIVESOCKET to CURLINFO_LASTSOCKET on platforms without CURLINFO_ACTIVESOCKET.
1d683c1d	2016-11-14T19:21:56	Merge pull request #4006 from libgit2/cmn/compress-buf-free Plug a leak in the refs compressor
8c984fea	2016-10-13T16:40:43	Introduce a GitHub Issue Template
06de4e75	2016-11-14T14:12:13	CHANGELOG: fill in some updates we missed
21e0fc32	2016-11-14T17:55:49	Plug a leak in the refs compressor
a39f18ac	2016-11-14T17:10:43	Merge pull request #3998 from pks-t/pks/repo-discovery Repository discovery starting from files
df045cef	2016-11-14T12:12:38	Merge pull request #4003 from libgit2/cmn/tree-updater-ordering Use the sorted input in the tree updater
904e1e75	2016-11-14T11:52:49	Merge pull request #3561 from libgit2/cmn/refdb-para Concurrency fixes for the reference db
89776585	2016-11-14T12:44:52	tree: look for conflicts in the new tree when updating We look at whether we're trying to replace a blob with a tree during the update phase, but we fail to look at whether we've just inserted a blob where we're now trying to insert a tree. Update the check to look at both places. The test for this was previously succeeding due to the bu where we did not look at the sorted output.
b85929c5	2016-11-14T12:44:01	tree: use the sorted update list in our loop The loop is made with the assumption that the inputs are sorted and not using it leads to bad outputs.
1d41b86c	2016-11-14T12:22:20	tree: add a failing test for unsorted input We do not currently use the sorted version of this input in the function, which means we produce bad results.
aef54a46	2016-11-14T11:29:40	refdb: use a constant for the number of per-thread creations/deletes
ce5553d4	2016-03-10T22:01:09	refdb: bubble up locked files on the read side On Windows we can find locked files even when reading a reference or the packed-refs file. Bubble up the error in this case as well to allow callers on Windows to retry more intelligently.
7c32d874	2016-03-10T12:27:07	refdb: expect threaded test deletes to race At times we may try to delete a reference which a different thread has already taken care of.
33248b9e	2016-03-10T12:22:34	refdb: remove a check-delete race when removing a loose ref It does not help us to check whether the file exists before trying to unlink it since it might be gone by the time unlink is called. Instead try to remove it and handle the resulting error if it did not exist.
40ffa07f	2015-12-31T14:51:42	sortedcache: check file size after opening the file Checking the size before we open the file descriptor can lead to the file being replaced from under us when renames aren't quite atomic, so we can end up reading too little of the file, leading to us thinking the file is corrupted.
26416f6d	2015-12-24T17:51:19	refdb: add retry logic to the threaded tests The logic simply consists of retrying for as long as the library says the data is locked, but it eventually gets through.
2e09106e	2015-12-24T17:49:49	refdb: bubble up the error code when compressing the db This allows the caller to know the errors was e.g. due to the packed-refs file being already locked and they can try again later.
dd1ca6f1	2015-12-24T17:38:41	refdb: refactor the lockfile cleanup We can reduce the duplication by cleaning up at the beginning of the loop, since it's something we want to do every time we continue.
7ea4710a	2015-12-24T17:30:24	refdb: don't report failure for expected errors There might be a few threads or processes working with references concurrently, so fortify the code to ignore errors which come from concurrent access which do not stop us from continuing the work. This includes ignoring an unlinking error. Either someone else removed it or we leave the file around. In the former case the job is done, and in the latter case, the ref is still in a valid state.
f94825c1	2015-12-24T17:21:51	fileops: save errno and report file existence We need to save the errno, lest we clobber it in the giterr_set() call. Also add code for reporting that a path component is missing, which is a distinct failure mode.
2d9aec99	2015-12-24T14:01:38	refdb: make ref deletion after pack safer In order not to undo concurrent modifications to references, we must make sure that we only delete a loose reference if it still has the same value as when we packed it. This means we need to lock it and then compare the value with the one we put in the packed file.
9914efec	2015-12-24T14:00:48	refdb: bubble up errors We can get useful information like GIT_ELOCKED out of this instead of just -1.
7da4c429	2015-12-24T12:37:41	refdb: adjust the threading tests to what we promise We say it's going to work if you use a different repository in each thread. Let's do precisely that in our code instead of hoping re-using the refdb is going to work. This test does fail currently, surfacing existing bugs.
2382b0f8	2016-11-11T15:50:14	test: discover: move layout creation into test initializer
0f316096	2016-11-11T16:55:33	repository: do not interpret all files as gitlinks in discovery When trying to find a discovery, we walk up the directory structure checking if there is a ".git" file or directory and, if so, check its validity. But in the case that we've got a ".git" file, we do not want to unconditionally assume that the file is in fact a ".git" file and treat it as such, as we would error out if it is not. Fix the issue by only treating a file as a gitlink file if it ends with "/.git". This allows users of the function to discover a repository by handing in any path contained inside of a git repository.
4dbaf3cd	2016-11-14T10:52:37	test: discover: fix indentation
5242c424	2016-11-11T16:43:37	test: discover: split up monolithic test into smaller ones
07afeb23	2016-11-11T16:16:34	test: discover: pass constants to ensure_repository_discover
e1c14335	2016-11-14T10:48:57	Merge pull request #4002 from pks-t/pks/giterr-format giterr format
cc5966b0	2016-11-14T10:39:45	Merge pull request #3983 from pks-t/pks/smart-early-eof transports: smart: abort on early end of stream
eb71490a	2016-11-14T10:19:30	Merge pull request #3985 from libgit2/cmn/threading-update Update THREADING for OpenSSL 1.1
b81fe7c9	2016-11-14T10:07:13	path: pass string instead of git_buf to giterr_set
90a934a5	2016-11-14T10:06:17	checkout: pass string instead of git_buf to `giterr_set`
901434b0	2016-11-14T10:07:37	common: cast precision specifiers to int
c77a55a9	2016-11-14T10:05:31	common: use PRIuZ for size_t in `giterr_set` calls
8effd26f	2016-11-14T09:54:08	common: mark printf-style formatting for `giterr_set`
2d205516	2016-11-14T09:38:44	Merge pull request #3992 from joshtriplett/env-namespace git_repository_open_ext: fix handling of $GIT_NAMESPACE
19981467	2016-11-14T09:31:31	Merge pull request #4001 from pks-t/pks/fileops-docs-typo fileops: fix typos in `git_futils_creat_locked{,with_path}`
7b3f49f0	2016-11-14T09:27:15	fileops: fix typos in `git_futils_creat_locked{,with_path}`
c9e967a1	2016-11-10T03:51:12	git_repository_open_ext: fix handling of $GIT_NAMESPACE The existing code would set a namespace of "" (empty string) with GIT_NAMESPACE unset. In a repository where refs/heads/namespaces/ exists, that can produce incorrect results. Detect that case and avoid setting the namespace at all. Since that makes the last assignment to error conditional, and the previous assignment can potentially get GIT_ENOTFOUND, set error to 0 explicitly to prevent the call from incorrectly failing with GIT_ENOTFOUND.
b7822050	2016-11-11T11:25:39	Merge pull request #3993 from alexcrichton/fix-fault
5ca75fd5	2016-11-10T08:00:22	curl_stream: check for -1 after CURLINFO_LASTSOCKET We're recently trying to upgrade to the current master of libgit2 in Cargo but we're unfortunately hitting a segfault in one of our tests. This particular test is just a small smoke test that https works (e.g. it's configured in libgit2). It attempts to clone from a URL which simply immediately drops connections after they're accepted (e.g. terminate abnormally). We expect to see a standard error from libgit2 but unfortunately we're seeing a segfault. This segfault is happening inside of the `wait_for` function of `curl_stream.c` at the line `FD_SET(fd, &errfd)` because `fd` is -1. This ends up doing an out-of-bounds array access that faults the program. I tracked back to where this -1 came from to the line here (returned by `CURLINFO_LASTSOCKET`) and added a check to return an error.
5fe5557e	2016-11-04T18:18:46	Merge pull request #3974 from libgit2/pks/synchronize-shutdown global: synchronize initialization and shutdown with pthreads
6e2fab9e	2016-11-04T18:14:00	Merge pull request #3977 from jfultz/fix-forced-branch-creation-on-bare-repo
f9793884	2016-10-28T14:32:01	branch: fix forced branch creation on HEAD of a bare repo The code correctly detects that forced creation of a branch on a nonbare repo should not be able to overwrite a branch which is the HEAD reference. But there's no reason to prevent this on a bare repo, and in fact, git allows this. I.e., git branch -f master new_sha works on a bare repo with HEAD set to master. This change fixes that problem, and updates tests so that, for this case, both the bare and nonbare cases are checked for correct behavior.
f7d316ed	2016-11-02T17:22:30	THREADING: OpenSSL 1.1 is thead-safe, rework some paragraphs
86bbaaa1	2016-11-02T17:06:15	THREADING: update cURL thread safety link
7175222c	2016-11-02T14:50:59	Merge pull request #3960 from ignatenkobrain/openssl-1.1.0 add support for OpenSSL 1.1.0 for BIO filter
3b832a08	2016-11-02T13:11:31	openssl: include OpenSSL headers only when we're buliding against it We need to include the initialisation and construction functions in all backend, so we include this header when building against SecureTransport and WinHTTP as well.
d2451fed	2016-11-02T13:05:35	Merge pull request #3984 from pks-t/pks/pack-find-offset-race pack: fix race in pack_entry_find_offset
2f3adf95	2016-11-02T12:35:46	openssl: use ASN1_STRING_get0_data when compiling against 1.1 For older versions we can fall back on the deprecated ASN1_STRING_data.
f15eedb3	2016-11-02T12:28:25	openssl: recreate the OpenSSL 1.1 BIO interface for older versions We want to program against the interface, so recreate it when we compile against pre-1.1 versions.
0cf15e39	2016-11-02T12:23:12	pack: fix race in pack_entry_find_offset In `pack_entry_find_offset`, we try to find the offset of a certain object in the pack file. To do so, we first assert if the packfile has already been opened and open it if not. Opening the packfile is guarded with a mutex, so concurrent access to this is in fact safe. What is not thread-safe though is our calculation of offsets inside the packfile. Assume two threads calling `pack_entry_find_offset` at the same time. We first calculate the offset and index location and only then determine if the pack has already been opened. If so, we re-calculate the offset and index address. Now the case for two threads: thread 1 first calculates the addresses and is subsequently suspended. The second thread will now call `pack_index_open` and initialize the pack file, calculating its addresses correctly. When the first thread is resumed now, he'll see that the pack file has already been initialized and will happily proceed with the addresses it has already calculated before the check. As the pack file was not initialized before, these addresses are bogus. Fix the issue by only calculating the addresses after having checked if the pack file is open.
62494bf2	2016-11-02T09:38:40	transports: smart: abort receiving packets on end of stream When trying to receive packets from the remote, we loop until either an error distinct to `GIT_EBUFS` occurs or until we successfully parsed the packet. This does not honor the case where we are looping over an already closed socket which has no more data, leaving us in an infinite loop if we got a bogus packet size or if the remote hang up. Fix the issue by returning `GIT_EEOF` when we cannot read data from the socket anymore.
61530c49	2016-11-01T16:56:07	transports: smart: abort ref announcement on early end of stream When reading a server's reference announcements via the smart protocol, we expect the server to send multiple flushes before the protocol is finished. If we fail to receive new data from the socket, we will only return an end of stream error if we have not seen any flush yet. This logic is flawed in that we may run into an infinite loop when receiving a server's reference announcement with a bogus flush packet. E.g. assume the last flushing package is changed to not be '0000' but instead any other value. In this case, we will still await one more flush package and ignore the fact that we are not receiving any data from the socket, causing an infinite loop. Fix the issue by always returning `GIT_EEOF` if the socket indicates an end of stream.
19001ca7	2016-11-02T09:23:53	Merge pull request #3976 from pks-t/pks/pqueue-null-deref pqueue: resolve possible NULL pointer dereference
1c33ecc4	2016-11-01T14:30:38	tests: core: test deinitialization and concurrent initialization Exercise the logic surrounding deinitialization of the libgit2 library as well as repeated concurrent de- and reinitialization. This tries to catch races and makes sure that it is possible to reinitialize libgit2 multiple times. After deinitializing libgit2, we have to make sure to setup options required for testing. Currently, this only includes setting up the configuration search path again. Before, this has been set up once in `tests/main.c`.
038f0e1b	2016-11-02T08:49:24	global: reset global state on shutdown without threading When threading is not enabled for libgit2, we keep global state in a simple static variable. When libgit2 is shut down, we clean up the global state by freeing the global state's dynamically allocated memory. When libgit2 is built with threading, we additionally free the thread-local storage and thus completely remove the global state. In a non-threaded build, though, we simply leave the global state as-is, which may result in an error upon reinitializing libgit2. Fix the issue by zeroing out the variable on a shutdown, thus returning it to its initial state.
6502398f	2016-11-01T16:55:16	proxy: fix typo in documentation
59c6c286	2016-10-27T12:31:17	global: synchronize initialization and shutdown with pthreads When trying to initialize and tear down global data structures from different threads at once with `git_libgit2_init` and `git_libgit2_shutdown`, we race around initializing data. While we use `pthread_once` to assert that we only initilize data a single time, we actually reset the `pthread_once_t` on the last call to `git_libgit2_shutdown`. As resetting this variable is not synchronized with other threads trying to access it, this is actually racy when one thread tries to do a complete shutdown of libgit2 while another thread tries to initialize it. Fix the issue by creating a mutex which synchronizes `init_once` and the library shutdown.
41ad9ebf	2016-11-01T09:59:17	Merge pull request #3975 from pks-t/pks/ci-improvements CI Improvements
a051ee31	2016-10-31T16:02:43	Merge pull request #3978 from pks-t/pks/doc-improvements Small documentation improvements
0334bf4b	2016-10-28T14:57:54	travis: do not allow valgrind failures Our valgrind jobs haven't been failing for several builds by now. This indicates that our tests are sufficiently stable when running under valgrind. As such, any failures reported by valgrind become interesting to us and shouldn't be ignored when causing a build to fail. Remove the valgrind job from the list of allowed failures.
18c18e3d	2016-10-31T15:55:46	coverity: check for Coverity token only if necessary When running a Coverity build, we have to provide an authentication token in order to proof that we are actually allowed to run analysis in the name of a certain project. As this token should be secret, it is only set on the main repository, so when we were requested to run the Coverity script on another repository we do error out. But in fact we do also error out if the Coverity analysis should _not_ be run if there is no authentication token provided. Fix the issue by only checking for the authentication token after determining if analysis is indeed requested.

77e46232

2016-12-17T14:31:36

settings: clarify what each value means Most importantly, clarify what it means for HTTPS and SSH to be supported.

061a0ad1

2016-12-17T14:23:35

settings: don't hard-code HTTPS capability This partially reverts bdec62dce1c17465b7330100ea2f71e63fc411dd which activates the transport code-paths which allow you to use a custom TLS implementation without having to have one at build-time. However the capabilities describe how libgit2 was built, not what it could potentially support, bring back the ifdefs so we only say we support HTTPS if libgit2 was itself built with a TLS implementation.

c5e6ba28

2016-12-15T18:19:49

Merge pull request #4029 from libgit2/cmn/windows-no-concurrent-compress refdb: disable concurrent compress in the threading tests on Windows

9d5f12ff

2016-12-12T22:43:11

Merge pull request #4018 from pks-t/pks/various-fixes Various fixes

b31283a6

2016-12-12T17:09:12

refdb: disable concurrent compress in the threading tests on Windows This is far from an ideal situation, but this causes issues on Windows which make it harder to develop anything, as these tests hit issues which relate specifically to the Windows filesystem like permission errors for files we should be able to access. There is an issue likely related to the ordering of the repack, but there's enough noise that it does not currently help us to run this aspect of the test in CI.

482d1748

2016-11-25T15:01:35

transports: smart: do not redeclare loop counters

6cf575b1

2016-11-25T15:01:04

path: remove unused local variable

013ecb4f

2016-11-25T15:00:50

revwalk: do not re-declare `commit` variable

8468a440

2016-11-25T15:00:20

odb_mempack: mark zero-length array as GIT_FLEX_ARRAY

34b32053

2016-11-25T15:02:34

Fix potential use of uninitialized values

ab0cc5a0

2016-11-25T14:58:16

clar: mark `cl_git_thread_check()` as inline The function `cl_git_thread_check()` is defined as static. As the function is defined in a header file which is included by our tests, this can result in warnings for every test file where `cl_git_thread_check` is never used. Fix the issue by marking it as inline instead.

e781a0c5

2016-11-25T15:02:07

graph: flag fields should be declared as unsigned

8339c660

2016-12-07T17:44:25

Merge pull request #4020 from novalis/rebase-detached git_rebase_init: correctly handle detached HEAD

15769731

2016-12-07T15:01:20

Merge pull request #4014 from bokic/patch-1 Properly pass `wchar *` type to giterr_set

9af59f5d

2016-12-06T03:08:52

Properly pass `wchar *` type to giterr_set

5c18ece3

2016-12-04T15:58:40

Merge pull request #4022 from josharian/patch-1 remote: fix typo in git_fetch_init_options docs

72cee168

2016-12-02T16:14:47

remote: fix typo in git_fetch_init_options docs

4db1fc7e

2016-12-01T23:06:41

git_rebase_init: correctly handle detached HEAD git_rebase_finish relies on head_detached being set, but rebase_init_merge was only setting it when branch->ref_name was unset. But branch->ref_name would be set to "HEAD" in the case of detached HEAD being either implicitly (NULL) or explicitly passed to git_rebase_init.

86364af9

2016-11-20T11:30:45

Properly pass `wchar *` type to giterr_set

ae5838f1

2016-11-18T21:01:51

Merge pull request #4010 from libgit2/ethomson/clar_threads Introduce some clar helpers for child threads

6367c58c

2016-11-18T18:30:20

tests: handle life without threads

6a05c7a0

2016-11-18T07:37:47

threads::refdb tests: use new threaded clar assert

bbf22f82

2016-11-18T07:34:20

clar: Introduce assertion helpers for threads Don't `cl_git_pass` in a child thread. When the assertion fails, clar will `longjmp` to its error handler, but: > The effect of a call to longjmp() where initialization of the jmp_buf > structure was not performed in the calling thread is undefined. Instead, set up an error context that threads can populate, and the caller can check.

99479062

2016-11-18T16:50:34

core::init tests: reverse init/shutdown We want a predictable number of initializations in our multithreaded init test, but we also want to make sure that we have _actually_ initialized `git_libgit2_init` before calling `git_thread_create` (since it now has a sanity check that `git_libgit2_init` has been called). Since `git_thread_create` is internal-only, keep this sanity check. Flip the invocation so that we `git_libgit2_init` before our thread tests and `git_libgit2_shutdown` again after.

82f15896

2016-11-18T07:19:22

threads: introduce `git_thread_exit` Introduce `git_thread_exit`, which will allow threads to terminate at an arbitrary time, returning a `void *`. On Windows, this means that we need to store the current `git_thread` in TLS, so that we can set its `return` value when terminating. We cannot simply use `ExitThread`, since Win32 returns `DWORD`s from threads; we return `void *`.

6b0510e5

2016-11-17T15:45:23

Merge pull request #4009 from pranitbauva1997/fix-string-format use `giterr_set_str()` wherever possible

65b78ea3

2016-11-17T01:08:49

use `giterr_set_str()` wherever possible `giterr_set()` is used when it is required to format a string, and since we don't really require it for this case, it is better to stick to `giterr_set_str()`. This also suppresses a warning(-Wformat-security) raised by the compiler. Signed-off-by: Pranit Bauva <pranit.bauva@gmail.com>

a6763ff9

2016-11-15T19:04:18

Merge pull request #4007 from libgit2/cmn/bump-v25 Bump version number to v0.25

0cd162be

2016-11-15T16:28:10

Merge pull request #4008 from pks-t/pks/sortedcache-fd-leak sortedcache: plug leaked file descriptor

613381fc

2016-11-15T13:33:05

patch_parse: fix memory leak

24b2182c

2016-11-15T12:53:53

sortedcache: plug leaked file descriptor

1db3035d

2016-11-15T12:18:49

Merge pull request #3996 from pks-t/pks/curl-lastsocket-deprecation curl_stream: use CURLINFO_ACTIVESOCKET if curl is recent enough

5569778a

2016-11-15T11:15:40

Bump version number to v0.25

f5ea9d4a

2016-11-15T11:02:30

Merge pull request #3962 from libgit2/ethomson/issue_template Introduce a GitHub Issue Template

7ebf099d

2016-11-15T10:54:15

Merge pull request #4004 from libgit2/cmn/changelog CHANGELOG: fill in some updates we missed

5cbd5260

2016-11-11T11:37:00

curl_stream: use CURLINFO_ACTIVESOCKET if curl is recent enough The `CURLINFO_LASTSOCKET` information has been deprecated since curl version 7.45.0 as it may result in an overflow in the returned socket on certain systems, most importantly on 64 bit Windows. Instead, a new call `CURLINFO_ACTIVESOCKET` has been added which instead returns a `curl_socket_t`, which is always sufficiently long to store a socket. As we need to provide backwards compatibility with curl versions smaller than 7.45.0, alias CURLINFO_ACTIVESOCKET to CURLINFO_LASTSOCKET on platforms without CURLINFO_ACTIVESOCKET.

1d683c1d

2016-11-14T19:21:56

Merge pull request #4006 from libgit2/cmn/compress-buf-free Plug a leak in the refs compressor

8c984fea

2016-10-13T16:40:43

Introduce a GitHub Issue Template

06de4e75

2016-11-14T14:12:13

CHANGELOG: fill in some updates we missed

21e0fc32

2016-11-14T17:55:49

Plug a leak in the refs compressor

a39f18ac

2016-11-14T17:10:43

Merge pull request #3998 from pks-t/pks/repo-discovery Repository discovery starting from files

df045cef

2016-11-14T12:12:38

Merge pull request #4003 from libgit2/cmn/tree-updater-ordering Use the sorted input in the tree updater

904e1e75

2016-11-14T11:52:49

Merge pull request #3561 from libgit2/cmn/refdb-para Concurrency fixes for the reference db

89776585

2016-11-14T12:44:52

tree: look for conflicts in the new tree when updating We look at whether we're trying to replace a blob with a tree during the update phase, but we fail to look at whether we've just inserted a blob where we're now trying to insert a tree. Update the check to look at both places. The test for this was previously succeeding due to the bu where we did not look at the sorted output.

b85929c5

2016-11-14T12:44:01

tree: use the sorted update list in our loop The loop is made with the assumption that the inputs are sorted and not using it leads to bad outputs.

1d41b86c

2016-11-14T12:22:20

tree: add a failing test for unsorted input We do not currently use the sorted version of this input in the function, which means we produce bad results.

aef54a46

2016-11-14T11:29:40

refdb: use a constant for the number of per-thread creations/deletes

ce5553d4

2016-03-10T22:01:09

refdb: bubble up locked files on the read side On Windows we can find locked files even when reading a reference or the packed-refs file. Bubble up the error in this case as well to allow callers on Windows to retry more intelligently.

7c32d874

2016-03-10T12:27:07

refdb: expect threaded test deletes to race At times we may try to delete a reference which a different thread has already taken care of.

33248b9e

2016-03-10T12:22:34

refdb: remove a check-delete race when removing a loose ref It does not help us to check whether the file exists before trying to unlink it since it might be gone by the time unlink is called. Instead try to remove it and handle the resulting error if it did not exist.

40ffa07f

2015-12-31T14:51:42

sortedcache: check file size after opening the file Checking the size before we open the file descriptor can lead to the file being replaced from under us when renames aren't quite atomic, so we can end up reading too little of the file, leading to us thinking the file is corrupted.

26416f6d

2015-12-24T17:51:19

refdb: add retry logic to the threaded tests The logic simply consists of retrying for as long as the library says the data is locked, but it eventually gets through.

2e09106e

2015-12-24T17:49:49

refdb: bubble up the error code when compressing the db This allows the caller to know the errors was e.g. due to the packed-refs file being already locked and they can try again later.

dd1ca6f1

2015-12-24T17:38:41

refdb: refactor the lockfile cleanup We can reduce the duplication by cleaning up at the beginning of the loop, since it's something we want to do every time we continue.

7ea4710a

2015-12-24T17:30:24

refdb: don't report failure for expected errors There might be a few threads or processes working with references concurrently, so fortify the code to ignore errors which come from concurrent access which do not stop us from continuing the work. This includes ignoring an unlinking error. Either someone else removed it or we leave the file around. In the former case the job is done, and in the latter case, the ref is still in a valid state.

f94825c1

2015-12-24T17:21:51

fileops: save errno and report file existence We need to save the errno, lest we clobber it in the giterr_set() call. Also add code for reporting that a path component is missing, which is a distinct failure mode.

2d9aec99

2015-12-24T14:01:38

refdb: make ref deletion after pack safer In order not to undo concurrent modifications to references, we must make sure that we only delete a loose reference if it still has the same value as when we packed it. This means we need to lock it and then compare the value with the one we put in the packed file.

9914efec

2015-12-24T14:00:48

refdb: bubble up errors We can get useful information like GIT_ELOCKED out of this instead of just -1.

7da4c429

2015-12-24T12:37:41

refdb: adjust the threading tests to what we promise We say it's going to work if you use a different repository in each thread. Let's do precisely that in our code instead of hoping re-using the refdb is going to work. This test does fail currently, surfacing existing bugs.

2382b0f8

2016-11-11T15:50:14

test: discover: move layout creation into test initializer

0f316096

2016-11-11T16:55:33

repository: do not interpret all files as gitlinks in discovery When trying to find a discovery, we walk up the directory structure checking if there is a ".git" file or directory and, if so, check its validity. But in the case that we've got a ".git" file, we do not want to unconditionally assume that the file is in fact a ".git" file and treat it as such, as we would error out if it is not. Fix the issue by only treating a file as a gitlink file if it ends with "/.git". This allows users of the function to discover a repository by handing in any path contained inside of a git repository.

4dbaf3cd

2016-11-14T10:52:37

test: discover: fix indentation

5242c424

2016-11-11T16:43:37

test: discover: split up monolithic test into smaller ones

07afeb23

2016-11-11T16:16:34

test: discover: pass constants to ensure_repository_discover

e1c14335

2016-11-14T10:48:57

Merge pull request #4002 from pks-t/pks/giterr-format giterr format

cc5966b0

2016-11-14T10:39:45

Merge pull request #3983 from pks-t/pks/smart-early-eof transports: smart: abort on early end of stream

eb71490a

2016-11-14T10:19:30

Merge pull request #3985 from libgit2/cmn/threading-update Update THREADING for OpenSSL 1.1

b81fe7c9

2016-11-14T10:07:13

path: pass string instead of git_buf to giterr_set

90a934a5

2016-11-14T10:06:17

checkout: pass string instead of git_buf to `giterr_set`

901434b0

2016-11-14T10:07:37

common: cast precision specifiers to int

c77a55a9

2016-11-14T10:05:31

common: use PRIuZ for size_t in `giterr_set` calls

8effd26f

2016-11-14T09:54:08

common: mark printf-style formatting for `giterr_set`

2d205516

2016-11-14T09:38:44

Merge pull request #3992 from joshtriplett/env-namespace git_repository_open_ext: fix handling of $GIT_NAMESPACE

19981467

2016-11-14T09:31:31

Merge pull request #4001 from pks-t/pks/fileops-docs-typo fileops: fix typos in `git_futils_creat_locked{,with_path}`

7b3f49f0

2016-11-14T09:27:15

fileops: fix typos in `git_futils_creat_locked{,with_path}`

c9e967a1

2016-11-10T03:51:12

git_repository_open_ext: fix handling of $GIT_NAMESPACE The existing code would set a namespace of "" (empty string) with GIT_NAMESPACE unset. In a repository where refs/heads/namespaces/ exists, that can produce incorrect results. Detect that case and avoid setting the namespace at all. Since that makes the last assignment to error conditional, and the previous assignment can potentially get GIT_ENOTFOUND, set error to 0 explicitly to prevent the call from incorrectly failing with GIT_ENOTFOUND.

b7822050

2016-11-11T11:25:39

Merge pull request #3993 from alexcrichton/fix-fault

5ca75fd5

2016-11-10T08:00:22

curl_stream: check for -1 after CURLINFO_LASTSOCKET We're recently trying to upgrade to the current master of libgit2 in Cargo but we're unfortunately hitting a segfault in one of our tests. This particular test is just a small smoke test that https works (e.g. it's configured in libgit2). It attempts to clone from a URL which simply immediately drops connections after they're accepted (e.g. terminate abnormally). We expect to see a standard error from libgit2 but unfortunately we're seeing a segfault. This segfault is happening inside of the `wait_for` function of `curl_stream.c` at the line `FD_SET(fd, &errfd)` because `fd` is -1. This ends up doing an out-of-bounds array access that faults the program. I tracked back to where this -1 came from to the line here (returned by `CURLINFO_LASTSOCKET`) and added a check to return an error.

5fe5557e

2016-11-04T18:18:46

Merge pull request #3974 from libgit2/pks/synchronize-shutdown global: synchronize initialization and shutdown with pthreads

6e2fab9e

2016-11-04T18:14:00

Merge pull request #3977 from jfultz/fix-forced-branch-creation-on-bare-repo

f9793884

2016-10-28T14:32:01

branch: fix forced branch creation on HEAD of a bare repo The code correctly detects that forced creation of a branch on a nonbare repo should not be able to overwrite a branch which is the HEAD reference. But there's no reason to prevent this on a bare repo, and in fact, git allows this. I.e., git branch -f master new_sha works on a bare repo with HEAD set to master. This change fixes that problem, and updates tests so that, for this case, both the bare and nonbare cases are checked for correct behavior.

f7d316ed

2016-11-02T17:22:30

THREADING: OpenSSL 1.1 is thead-safe, rework some paragraphs

86bbaaa1

2016-11-02T17:06:15

THREADING: update cURL thread safety link

7175222c

2016-11-02T14:50:59

Merge pull request #3960 from ignatenkobrain/openssl-1.1.0 add support for OpenSSL 1.1.0 for BIO filter

3b832a08

2016-11-02T13:11:31

openssl: include OpenSSL headers only when we're buliding against it We need to include the initialisation and construction functions in all backend, so we include this header when building against SecureTransport and WinHTTP as well.

d2451fed

2016-11-02T13:05:35

Merge pull request #3984 from pks-t/pks/pack-find-offset-race pack: fix race in pack_entry_find_offset

2f3adf95

2016-11-02T12:35:46

openssl: use ASN1_STRING_get0_data when compiling against 1.1 For older versions we can fall back on the deprecated ASN1_STRING_data.

f15eedb3

2016-11-02T12:28:25

openssl: recreate the OpenSSL 1.1 BIO interface for older versions We want to program against the interface, so recreate it when we compile against pre-1.1 versions.

0cf15e39

2016-11-02T12:23:12

pack: fix race in pack_entry_find_offset In `pack_entry_find_offset`, we try to find the offset of a certain object in the pack file. To do so, we first assert if the packfile has already been opened and open it if not. Opening the packfile is guarded with a mutex, so concurrent access to this is in fact safe. What is not thread-safe though is our calculation of offsets inside the packfile. Assume two threads calling `pack_entry_find_offset` at the same time. We first calculate the offset and index location and only then determine if the pack has already been opened. If so, we re-calculate the offset and index address. Now the case for two threads: thread 1 first calculates the addresses and is subsequently suspended. The second thread will now call `pack_index_open` and initialize the pack file, calculating its addresses correctly. When the first thread is resumed now, he'll see that the pack file has already been initialized and will happily proceed with the addresses it has already calculated before the check. As the pack file was not initialized before, these addresses are bogus. Fix the issue by only calculating the addresses after having checked if the pack file is open.

62494bf2

2016-11-02T09:38:40

transports: smart: abort receiving packets on end of stream When trying to receive packets from the remote, we loop until either an error distinct to `GIT_EBUFS` occurs or until we successfully parsed the packet. This does not honor the case where we are looping over an already closed socket which has no more data, leaving us in an infinite loop if we got a bogus packet size or if the remote hang up. Fix the issue by returning `GIT_EEOF` when we cannot read data from the socket anymore.

61530c49

2016-11-01T16:56:07

transports: smart: abort ref announcement on early end of stream When reading a server's reference announcements via the smart protocol, we expect the server to send multiple flushes before the protocol is finished. If we fail to receive new data from the socket, we will only return an end of stream error if we have not seen any flush yet. This logic is flawed in that we may run into an infinite loop when receiving a server's reference announcement with a bogus flush packet. E.g. assume the last flushing package is changed to not be '0000' but instead any other value. In this case, we will still await one more flush package and ignore the fact that we are not receiving any data from the socket, causing an infinite loop. Fix the issue by always returning `GIT_EEOF` if the socket indicates an end of stream.

19001ca7

2016-11-02T09:23:53

Merge pull request #3976 from pks-t/pks/pqueue-null-deref pqueue: resolve possible NULL pointer dereference

1c33ecc4

2016-11-01T14:30:38

tests: core: test deinitialization and concurrent initialization Exercise the logic surrounding deinitialization of the libgit2 library as well as repeated concurrent de- and reinitialization. This tries to catch races and makes sure that it is possible to reinitialize libgit2 multiple times. After deinitializing libgit2, we have to make sure to setup options required for testing. Currently, this only includes setting up the configuration search path again. Before, this has been set up once in `tests/main.c`.

038f0e1b

2016-11-02T08:49:24

global: reset global state on shutdown without threading When threading is not enabled for libgit2, we keep global state in a simple static variable. When libgit2 is shut down, we clean up the global state by freeing the global state's dynamically allocated memory. When libgit2 is built with threading, we additionally free the thread-local storage and thus completely remove the global state. In a non-threaded build, though, we simply leave the global state as-is, which may result in an error upon reinitializing libgit2. Fix the issue by zeroing out the variable on a shutdown, thus returning it to its initial state.

6502398f

2016-11-01T16:55:16

proxy: fix typo in documentation

59c6c286

2016-10-27T12:31:17

global: synchronize initialization and shutdown with pthreads When trying to initialize and tear down global data structures from different threads at once with `git_libgit2_init` and `git_libgit2_shutdown`, we race around initializing data. While we use `pthread_once` to assert that we only initilize data a single time, we actually reset the `pthread_once_t` on the last call to `git_libgit2_shutdown`. As resetting this variable is not synchronized with other threads trying to access it, this is actually racy when one thread tries to do a complete shutdown of libgit2 while another thread tries to initialize it. Fix the issue by creating a mutex which synchronizes `init_once` and the library shutdown.

41ad9ebf

2016-11-01T09:59:17

Merge pull request #3975 from pks-t/pks/ci-improvements CI Improvements

a051ee31

2016-10-31T16:02:43

Merge pull request #3978 from pks-t/pks/doc-improvements Small documentation improvements

0334bf4b

2016-10-28T14:57:54

travis: do not allow valgrind failures Our valgrind jobs haven't been failing for several builds by now. This indicates that our tests are sufficiently stable when running under valgrind. As such, any failures reported by valgrind become interesting to us and shouldn't be ignored when causing a build to fail. Remove the valgrind job from the list of allowed failures.

18c18e3d

2016-10-31T15:55:46

coverity: check for Coverity token only if necessary When running a Coverity build, we have to provide an authentication token in order to proof that we are actually allowed to run analysis in the name of a certain project. As this token should be secret, it is only set on the main repository, so when we were requested to run the Coverity script on another repository we do error out. But in fact we do also error out if the Coverity analysis should _not_ be run if there is no authentication token provided. Fix the issue by only checking for the authentication token after determining if analysis is indeed requested.

thodg/libgit2

Log