|
83333814
|
2019-02-15T10:56:50
|
|
refdb_fs: do not lazily copy packed ref cache
When creating a new iterator, we eagerly load loose refs but only lazily create
a copy of packed refs. The lazy load only happens as soon as we have iterated
over all loose refs, opening up a potentially wide window for races. This
may lead to an inconsistent view e.g. when the caller decides to reload packed
references somewhen between iterating the loose refs, which is unexpected.
Fix the issue by eagerly copying the sorted cache. Note that right now, we are
heavily dependent on ordering here: we first need to reload packed refs, then we
have to load loose refs and only as a last step are we allowed to copy the
cache. This is because loading loose refs has the side-effect of setting the
`PACKED_SHADOWED` flag in the packed refs cache, which we require to avoid
outputting packed refs that already exist as loose refs.
|
|
32063d82
|
2019-02-15T10:41:30
|
|
refdb_fs: refactor error handling in iterator creation
Refactor the error handling in `refdb_fs_backend__iterator` to always return the
correct error code returned by the failing function.
|
|
8c773438
|
2019-02-15T10:15:39
|
|
refdb_fs: fix potential race with ref repacking in `exists` callback
When repacking references, git.git will first update the packed refs and only
afterwards delete any existing loose references that have now been moved to the
new packed refs file. Due to this, there is a potential for racing if one first
reads the packfile (which has not been updated yet) and only then trying to read
the loose reference (which has just been deleted). In this case, one will
incorrectly fail to lookup the reference and it will be reported as missing.
Naturally, this is exactly what we've been doing in `refdb_fs_backend__exists`.
Fix the race by reversing the lookup: we will now first check if the loose
reference exists and only afterwards refresh the packed file.
|
|
bda08397
|
2019-02-14T16:57:47
|
|
Merge pull request #4982 from pks-t/pks/worktree-add-bare-head
Enable creation of worktree from bare repo's default branch
|
|
48005936
|
2019-02-14T16:55:18
|
|
Merge pull request #4965 from hackworks/eliminate-check-for-keep-file
Allow bypassing check for '.keep' file
|
|
efb20825
|
2019-02-14T13:05:49
|
|
branches: introduce flag to skip enumeration of certain HEADs
Right now, the function `git_repository_foreach_head` will always
iterate over all HEADs of the main repository and its worktrees. In some
cases, it might be required to skip either of those, though. Add a flag
in preparation for the following commit that enables this behaviour.
|
|
788cd2d5
|
2019-02-14T13:49:35
|
|
branches: do not assert that the given ref is a branch
Libraries should use assert(3P) only very scarcely. First, we usually
shouldn't cause the caller of our library to abort in case where the
assert fails. Second, if code is compiled with -DNDEBUG, then the assert
will not be included at all.
In our `git_branch_is_checked_out` function, we have an assert that
verifies that the given reference parameter is non-NULL and in fact a
branch. While the first check is fine, the second is not. E.g. when
compiled with -DNDEBUG, we'd proceed and treat the given reference as a
branch in all cases.
Fix the issue by instead treating a non-branch reference as not being
checked out. This is the obvious solution, as references other than
branches cannot be directly checked out.
|
|
bf013fc0
|
2019-02-14T13:30:33
|
|
branch: fix `branch_is_checked_out` with bare repos
In a bare repository, HEAD usually points to the branch that is
considered the "default" branch. As the current implementation for
`git_branch_is_checked_out` only does a comparison of HEAD with the
branch that is to be checked, it will say that the branch pointed to by
HEAD in such a bare repo is checked out.
Fix this by skipping the main repo's HEAD when it is bare.
|
|
698eae13
|
2019-02-14T12:52:25
|
|
worktree: error out early if given ref is not valid
When adding a new worktree, we only verify that an optionally given
reference is valid half-way through the function. At this point, some
data structures have already been created on-disk. If we bail out due to
an invalid reference, these will be left behind and need to be manually
cleaned up by the user.
Improve the situation by moving the reference checks to the function's
preamble. Like this, we error out as early as possible and will not
leave behind any files.
|
|
24ac9e0c
|
2019-02-13T23:26:54
|
|
deprecation: ensure we GIT_EXTERN deprecated funcs
Although the error functions were deprecated, we did not properly mark
them as deprecated. We need to include the `deprecated.h` file in order
to ensure that the functions get their export attributes.
Similarly, do not define `GIT_DEPRECATE_HARD` within the library, or
those functions will also not get their export attributes. Define that
only on the tests and examples.
|
|
004a3398
|
2019-01-28T18:31:21
|
|
Allow bypassing check '.keep' files using libgit2 option 'GIT_OPT_IGNORE_PACK_KEEP_FILE_CHECK'
|
|
0ceac0d0
|
2019-01-23T14:45:19
|
|
mbedtls: fix potential size overflow when reading or writing data
The mbedtls library uses a callback mechanism to allow downstream users
to plug in their own receive and send functions. We implement `bio_read`
and `bio_write` functions, which simply wrap the `git_stream_read` and
`git_stream_write` functions, respectively.
The problem arises due to the return value of the callback functions:
mbedtls expects us to return an `int` containing the actual number of
bytes that were read or written. But this is in fact completely
misdesigned, as callers are allowed to pass in a buffer with length
`SIZE_MAX`. We thus may be unable to represent the number of bytes
written via the return value.
Fix this by only ever reading or writing at most `INT_MAX` bytes.
|
|
75918aba
|
2019-01-23T14:43:54
|
|
mbedtls: make global variables static
The mbedtls stream implementation makes use of some global variables
which are not marked as `static`, even though they're only used in this
compilation unit. Fix this and remove a duplicate declaration.
|
|
657197e6
|
2019-01-23T15:54:05
|
|
openssl: fix potential size overflow when writing data
Our `openssl_write` function calls `SSL_write` by passing in both `data`
and `len` arguments directly. Thing is, our `len` parameter is of type
`size_t` and theirs is of type `int`. We thus need to clamp our length
to be at most `INT_MAX`.
|
|
7613086d
|
2019-01-23T15:49:28
|
|
streams: handle short writes only in generic stream
Now that the function `git_stream__write_full` exists and callers of
`git_stream_write` have been adjusted, we can lift logic for short
writes out of the stream implementations. Instead, this is now handled
either by `git_stream__write_full` or by callers of `git_stream_write`
directly.
|
|
5265b31c
|
2019-01-23T15:00:20
|
|
streams: fix callers potentially only writing partial data
Similar to the write(3) function, implementations of `git_stream_write`
do not guarantee that all bytes are written. Instead, they return the
number of bytes that actually have been written, which may be smaller
than the total number of bytes. Furthermore, due to an interface design
issue, we cannot ever write more than `SSIZE_MAX` bytes at once, as
otherwise we cannot represent the number of bytes written to the caller.
Unfortunately, no caller of `git_stream_write` ever checks the return
value, except to verify that no error occurred. Due to this, they are
susceptible to the case where only partial data has been written.
Fix this by introducing a new function `git_stream__write_full`. In
contrast to `git_stream_write`, it will always return either success or
failure, without returning the number of bytes written. Thus, it is able
to write all `SIZE_MAX` bytes and loop around `git_stream_write` until
all data has been written. Adjust all callers except the BIO callbacks
in our mbedtls and OpenSSL streams, which already do the right thing and
require the amount of bytes written.
|
|
193e7ce9
|
2019-01-23T15:42:07
|
|
streams: make file-local functions static
The callback functions that implement the `git_stream` structure are
only used inside of their respective implementation files, but they are
not marked as `static`. Fix this.
|
|
fac08837
|
2019-01-21T11:38:46
|
|
filter: return an int
Validate that the return value of the read is not less than INT_MAX,
then cast.
|
|
89bd4ddb
|
2019-01-21T11:32:53
|
|
diff_generate: validate oid file size
Index entries are 32 bit unsigned ints, not `size_t`s.
|
|
fd9d4e28
|
2019-01-21T11:29:16
|
|
describe: don't mix and match abbreviated size types
The git_describe_format_options.abbreviated_size type is an unsigned
int. There's no need for it to be anything else; keep it what it is.
|
|
751eb462
|
2019-01-21T11:20:18
|
|
delta: validate sizes and cast safely
Quiet down a warning from MSVC about how we're potentially losing data.
Validate that our data will fit into the type provided then cast.
|
|
4947216f
|
2019-01-21T11:11:27
|
|
git transport: only write INT_MAX bytes
The transport code returns an `int` with the number of bytes written;
thus only attempt to write at most `INT_MAX`.
|
|
a861839d
|
2019-01-21T10:55:59
|
|
windows: add SSIZE_MAX
Windows doesn't include ssize_t or its _MAX value by default. We are
already declaring ssize_t as SSIZE_T, which is __int64_t on Win64 and
long otherwise. Include its _MAX value as a correspondence to its type.
|
|
f1986a23
|
2019-01-21T09:56:23
|
|
streams: don't write more than SSIZE_MAX
Our streams implementation takes a `size_t` that indicates the length of
the data buffer to be written, and returns an `ssize_t` that indicates
the length that _was_ written. Clearly no such implementation can write
more than `SSIZE_MAX` bytes. Ensure that each TLS stream implementation
does not try to write more than `SSIZE_MAX` bytes (or smaller; if the
given implementation takes a smaller size).
|
|
e5e2fac8
|
2019-01-21T00:57:39
|
|
buffer: explicitly cast
Quiet down a warning from MSVC about how we're potentially losing data.
This is safe since we've explicitly tested it.
|
|
f4ebb2d4
|
2019-01-21T00:56:35
|
|
blame: make hunk_cmp handle unsigned differences
|
|
ae681d3f
|
2019-01-21T00:49:07
|
|
apply: make update_hunk accept a size_t
|
|
1d4ddb8e
|
2019-01-20T23:42:08
|
|
iterator: cast filesystem iterator entry values explicitly
The filesystem iterator takes `stat` data from disk and puts them into
index entries, which use 32 bit ints for time (the seconds portion) and
filesize. However, on most systems these are not 32 bit, thus will
typically invoke a warning.
Most users ignore these fields entirely. Diff and checkout code do use
the values, however only for the cache to determine if they should check
file modification. Thus, this is not a critical error (and will cause a
hash recomputation at worst).
|
|
c6cac733
|
2019-01-20T22:40:38
|
|
blob: validate that blob sizes fit in a size_t
Our blob size is a `git_off_t`, which is a signed 64 bit int. This may
be erroneously negative or larger than `SIZE_MAX`. Ensure that the blob
size fits into a `size_t` before casting.
|
|
3aa6d96a
|
2019-01-20T20:38:25
|
|
tree: cast filename length in git_tree__parse_raw
Quiet down a warning from MSVC about how we're potentially losing data.
Ensure that we're within a uint16_t before we do.
|
|
759502ed
|
2019-01-20T20:30:42
|
|
odb_loose: explicitly cast to size_t
Quiet down a warning from MSVC about how we're potentially losing data.
This is safe since we've explicitly tested that it's positive and less
than SIZE_MAX.
|
|
80c3867b
|
2019-01-20T19:20:12
|
|
patch: explicitly cast down in parse_header_percent
Quiet down a warning from MSVC about how we're potentially losing data.
This is safe since we've explicitly tested that it's within the range of
0-100.
|
|
494448a5
|
2019-01-20T19:10:08
|
|
index: explicitly cast down to a size_t
Quiet down a warning from MSVC about how we're potentially losing data.
This cast is safe since we've explicitly tested that `strip_len` <=
`last_len`.
|
|
c3866fa8
|
2019-01-20T18:54:16
|
|
diff: explicitly cast in flush_hunk
Quiet down a warning from MSVC about how we're potentially losing data.
|
|
826d9a4d
|
2019-01-25T09:43:20
|
|
Merge pull request #4858 from tiennou/fix/index-ext-read
index: preserve extension parsing errors
|
|
e09f0c10
|
2019-01-23T10:21:42
|
|
deprecation: don't use deprecated stream cb
Avoid the deprecated `git_stream_cb` typedef since we want to compile
the library without deprecated functions or types. Instead, we can
unroll the alias to its actual type.
|
|
bff7aed2
|
2019-01-24T16:44:04
|
|
Don't use deprecated constants
Follow up for PR #4917.
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
|
0bf7e043
|
2019-01-24T12:12:04
|
|
index: preserve extension parsing errors
Previously, we would clobber any extension-specific error message with
an "extension is truncated" message. This makes `read_extension`
correctly preserve those errors, takes responsibility for truncation
errors, and adds a new message with the actual extension signature for
unsupported mandatory extensions.
|
|
53bf0bde
|
2019-01-24T11:29:36
|
|
Fix VS warning C4098: 'giterr_set_str' : void function returning a value
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
|
f673e232
|
2018-12-27T13:47:34
|
|
git_error: use new names in internal APIs and usage
Move to the `git_error` name in the internal API for error-related
functions.
|
|
647dfdb4
|
2019-01-10T22:13:07
|
|
git_error: deprecate error values
Replace the `GITERR` values with a `const int` to deprecate error
values.
|
|
20961b98
|
2018-12-26T14:06:21
|
|
git_error: use full class name in public error API
Move to the `git_error` name in error-related functions, deprecating the
`giterr` functions. This means, for example, that `giterr_last` is now
`git_error_last`. The old names are retained for compatibility.
This only updates the public API; internal API and function usage
remains unchanged.
|
|
f7416509
|
2019-01-20T20:15:31
|
|
Fix odb foreach to also close on positive error code
In include/git2/odb.h it states that callback can also return
positive value which should break looping.
Implementations of git_odb_foreach() and pack_backend__foreach()
did not respect that.
|
|
b8b796c1
|
2019-01-20T18:09:43
|
|
repository: free memory in symlink detection function
|
|
86b522bd
|
2019-01-20T14:27:57
|
|
Merge pull request #4945 from libgit2/ethomson/fix-intrinsics
Add/multiply with overflow tweaks
|
|
75444d97
|
2019-01-20T13:52:46
|
|
add with overflow: correct documentation
Correct the documentation on the fallback add/multiply with overflow
functions.
|
|
abbc07f1
|
2019-01-20T13:51:15
|
|
add with overflow: use SizeTAdd on Windows
Windows provides <intsafe.h> which provides "performant" add and
multiply with overflow operations. Use them when possible.
|
|
c6d47acf
|
2019-01-20T13:04:10
|
|
Remove unused git__add_uint64_overflow
|
|
f04f1c7e
|
2019-01-20T13:00:53
|
|
add with overflow intrinsics: simplify tests
Use the smallest unsigned type that is equivalent to `size_t` to
simplify the conditionals. Error if we're on a system that we believe
offers builtins but we cannot determine which one to use.
|
|
1758636b
|
2019-01-19T01:38:34
|
|
Merge pull request #4939 from libgit2/ethomson/git_ref
Move `git_ref_t` to `git_reference_t`
|
|
b2c2dc64
|
2019-01-19T01:36:40
|
|
Merge pull request #4940 from libgit2/ethomson/git_obj
More `git_obj` to `git_object` updates
|
|
abe23675
|
2019-01-17T20:09:05
|
|
Merge pull request #4925 from lhchavez/fix-a-bunch-of-warnings
Fix a bunch of warnings
|
|
83151018
|
2019-01-17T10:47:32
|
|
object_type: convert final internal users to new names
Update some missed types that were continuing to use the old `GIT_OBJ`
names.
|
|
cd350852
|
2019-01-17T10:40:13
|
|
object_type: GIT_OBJECT_BAD is now GIT_OBJECT_INVALID
We use the term "invalid" to refer to bad or malformed data, eg
`GIT_REF_INVALID` and `GIT_EINVALIDSPEC`. Since we're changing the
names of the `git_object_t`s in this release, update it to be
`GIT_OBJECT_INVALID` instead of `BAD`.
|
|
ed8cfbf0
|
2019-01-17T00:32:31
|
|
references: use new names in internal usage
Update internal usage to use the `git_reference` names for constants.
|
|
35d86c77
|
2019-01-14T10:14:36
|
|
proxy: fix crash on remote connection with GIT_PROXY_AUTO but no proxy is detected
|
|
2848923a
|
2019-01-08T17:32:23
|
|
Let GCC use the add/mul overflow intrinsics
This change tweaks the macros for git__{add,multiply}_sizet_overflow so
that GCC can use them.
It also stops using the uadd,umul versions since the add,mul can handle
way more cases.
|
|
c6bfaf14
|
2019-01-09T06:58:40
|
|
Explanation for the rationale behind splitting formatting
|
|
1305cd4e
|
2019-01-09T09:55:26
|
|
Merge pull request #4926 from csware/warning-c4133
Fix warning 'function': incompatible types - from 'git_cvar_value *' to 'int *' (C4133) on VS
|
|
728101e3
|
2019-01-08T17:35:16
|
|
Move the intrinsics part of the change to its own PR
Less controversial changes together is better.
|
|
8b599528
|
2019-01-08T17:26:14
|
|
Fix Linux warnings
This change fixes -Wmaybe-uninitialized and -Wdeprecated-declarations
warnings on Linux builds
|
|
45001906
|
2019-01-07T16:14:51
|
|
Fix warning 'function': incompatible types - from 'git_cvar_value *' to 'int *' (C4133) on VS
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
|
321d19c1
|
2019-01-06T08:36:06
|
|
Windows is hard.
|
|
b5e8272f
|
2019-01-06T08:29:56
|
|
Attempt at fixing the MingW64 compilation
It seems like MingW64's size_t is defined differently than in Linux.
|
|
7b453e7e
|
2019-01-05T22:12:48
|
|
Fix a bunch of warnings
This change fixes a bunch of warnings that were discovered by compiling
with `clang -target=i386-pc-linux-gnu`. It turned out that the
intrinsics were not necessarily being used in all platforms! Especially
in GCC, since it does not support __has_builtin.
Some more warnings were gleaned from the Windows build, but I stopped
when I saw that some third-party dependencies (e.g. zlib) have warnings
of their own, so we might never be able to enable -Werror there.
|
|
d9eae98b
|
2018-10-24T01:30:12
|
|
refs: assert that we're passed valid refs when renaming
CID 1382962
|
|
0a8745f2
|
2018-10-24T01:26:48
|
|
diff: assert that we're passed a valid git_diff object
CID 1386176, 1386177, 1388219
|
|
9c23552c
|
2018-10-24T01:21:21
|
|
submodule: grab the error while loading from config
Previously, an error in `git_config_next` would be mistaken as a
successful load, because the previous call would have succeeded.
Coverity saw the subsequent check for a completed iteration as dead, so
let's make it useful again.
CID 1391374
|
|
9f714dec
|
2018-08-17T18:51:56
|
|
config: assert that our parameters are valid
CID 1395011
|
|
fba70a9d
|
2019-01-03T12:02:06
|
|
Merge pull request #4919 from pks-t/pks/shutdown-cb-count
Shutdown callback count
|
|
9084712b
|
2019-01-03T12:01:52
|
|
Merge pull request #4904 from libgit2/ethomson/crlf
Update CRLF filtering to match modern git
|
|
b46c3594
|
2019-01-02T09:33:55
|
|
global: move init callbacks into an array
We currently have an explicit callchain of all the initialization
callbacks in our `init_common` function. This is perfectly fine, but
requires us to manually keep track of how many shutdown callbacks there
may be installed: to avoid allocations before libgit2 is fully
initialized, we assume that every initializer may register at most one
shutdown function. These shutdown functions are stored in a static array
of size `MAX_SHUTDOWN_CB`, which then needs to be updated manually
whenever a new initializer function is being added.
The situation can be easily fixed: convert the callchain of init
functions into an array and iterate over it to initialize all
subsystems. This allows us to define the `git__shutdown_callbacks` array
with the same size as the initializer array and rids us of the need to
always update `MAX_SHUTDOWN_CB`.
|
|
03dc6480
|
2019-01-02T09:27:44
|
|
hash: convert `global_init` macros to real function
The `git_hash_global_init` function is simply defined as a macro to zero
for most of the different hash implementations. This makes it impossible
to treat it like a function pointer, which is required for a later
commit where we want to improve the way global initialization works.
Fix the issue by converting all no-op macros to an inline function
returning zero.
There's a small gotcha here, though: as most hash implementations only
have a header file, but not a corresponding implementation file, we
cannot declare the function as non-static. But declaring it as `static
inline` fails, too, as there is a previous declaration as non-static. So
we have to move the function declaration after the include that brings
in the function definition, as it is allowed to have a non-static
declaration after a static definition, but not the other way round.
|
|
8dde7e11
|
2018-12-19T11:04:58
|
|
refdb_fs: refactor error handling in `refdb_reflog_fs__delete`
The function `refdb_reflog_fs__delete` uses the `if (!error && foobar())`
pattern of checking, where error conditions are being checked by following calls
to different code. This does not match our current style, where the call-site of
a function is usually directly responsible for checking the return value.
Convert the function to use `if ((error = foobar()) < 0) goto out;` style. Note
that this changes the code flow a bit: previously, we were always trying to
delete empty reference hierarchies even if deleting the reflog entry has failed.
This wasn't much of a problem -- if deletion failed, the hierarchy will still
contain at least one file and thus the function call was an expensive no-op.
Now, we will only perform this deletion if we have successfully removed the
reflog.
|
|
bc219657
|
2018-12-19T11:01:55
|
|
Merge pull request #4833 from csware/drop-empty-dirs
Remove empty (sub-)directories when deleting refs
|
|
6ea9381b
|
2018-12-14T14:43:09
|
|
annotated_commit: peel to commit instead of assuming we have one
We want to allow the creation of annotated commits out of annotated tags and for
that we have to peel the reference all the way to the commit instead of stopping
at the first id it provides.
|
|
5bd78c48
|
2018-12-14T14:41:17
|
|
refs: constify git_reference_peel
We have no need to take a non-const reference. This does involve some other work
to make sure we don't mix const and non-const variables, but by splitting what
we want each variable to do we can also simplify the logic for when we do want
to free a new reference we might have allocated.
|
|
da8138b0
|
2018-12-06T12:59:17
|
|
Merge pull request #4906 from QBobWatson/bugfix
Fix segfault in loose_backend__readstream
|
|
2f3c4b69
|
2018-12-06T10:48:20
|
|
Typesetting conventions
|
|
f4835e44
|
2018-12-04T21:48:12
|
|
make proxy_stream_close close target stream even on errors
When git_filter_apply_fn callback returns a error while smudging proxy_stream_close
ends up returning without closing the stream. This is turn makes blob_content_to_file
crash as it asserts the stream being closed whether there are errors or not.
Closing the target stream on error fixes this problem.
|
|
08afdb57
|
2018-12-04T10:59:25
|
|
Removed one null check
|
|
36f80742
|
2018-12-04T10:12:24
|
|
Fix segfault in loose_backend__readstream
If the routine exits with error before stream or hash_ctx is initialized, the
program will segfault when trying to free them.
|
|
ef8f8ec6
|
2018-12-03T13:35:30
|
|
crlf: update to match git's logic
Examine the recent CRLF changes to git by Torsten Bögershausen and
include similar changes to update our CRLF logic to match.
Note: Torsten Bögershausen has previously agreed to allow his changes to
be included in libgit2.
|
|
168fe39b
|
2018-11-28T14:26:57
|
|
object_type: use new enumeration names
Use the new object_type enumeration names within the codebase.
|
|
18e71e6d
|
2018-11-28T13:31:06
|
|
index: use new enum and structure names
Use the new-style index names throughout our own codebase.
|
|
0ddc6094
|
2018-11-30T09:46:14
|
|
Merge pull request #4770 from tiennou/feature/merge-analysis-any-branch
Allow merge analysis against any reference
|
|
e7873eb2
|
2018-11-29T08:00:31
|
|
Merge pull request #4888 from TheBB/add-cb
revwalk: Allow changing hide_cb
|
|
487233fa
|
2018-11-29T07:21:41
|
|
Merge pull request #4895 from pks-t/pks/unused-warnings
Unused function warnings
|
|
a904fc6d
|
2018-11-28T20:31:30
|
|
Merge pull request #4870 from libgit2/ethomson/proxy
Add builtin proxy support for the http transport
|
|
30ac46aa
|
2018-11-28T10:12:43
|
|
http: reset replay_count upon connection
Reset the replay_count upon a successful connection. It's possible that
we could encounter a situation where we connect successfully but need to
replay a request - for example, a connection and initial request
succeeds without authentication but a subsequent call does require
authentication. Reset the replay count upon any successful request to
afford subsequent replays room to manuever.
|
|
02bb39f4
|
2018-11-22T08:49:09
|
|
stream registration: take an enum type
Accept an enum (`git_stream_t`) during custom stream registration that
indicates whether the registration structure should be used for standard
(non-TLS) streams or TLS streams.
|
|
52478d7d
|
2018-11-18T19:54:49
|
|
http: don't allow SSL connections to a proxy
Temporarily disallow SSL connections to a proxy until we can understand
the valgrind warnings when tunneling OpenSSL over OpenSSL.
|
|
41f620d9
|
2018-11-18T19:10:50
|
|
http: only load proxy configuration during connection
Only load the proxy configuration during connection; we need this data
when we're going to connect to the server, however we may mutate it
after connection (connecting through a CONNECT proxy means that we
should send requests like normal). If we reload the proxy configuration
but do not actually reconnect (because we're in a keep-alive session)
then we will reload the proxy configuration that we should have mutated.
Thus, only load the proxy configuration when we know that we're going to
reconnect.
|
|
df2cc108
|
2018-11-18T10:29:07
|
|
stream: provide generic registration API
Update the new stream registration API to be `git_stream_register`
which takes a registration structure and a TLS boolean. This allows
callers to register non-TLS streams as well as TLS streams.
Provide `git_stream_register_tls` that takes just the init callback for
backward compatibliity.
|
|
0467606f
|
2018-11-18T11:00:11
|
|
http: disallow repeated headers from servers
Don't allow servers to send us multiple Content-Type, Content-Length
or Location headers.
|
|
21142c5a
|
2018-10-29T10:04:48
|
|
http: remove cURL
We previously used cURL to support HTTP proxies. Now that we've added
this support natively, we can remove the curl dependency.
|
|
2878ad08
|
2018-10-29T08:59:33
|
|
streams: remove unused tls functions
The implementations of git_openssl_stream_new and
git_mbedtls_stream_new have callers protected by #ifdefs and
are never called unless compiled in. There's no need for a
dummy implementation. Remove them.
|
|
5d4e1e04
|
2018-10-28T21:27:56
|
|
http: use CONNECT to talk to proxies
Natively support HTTPS connections through proxies by speaking CONNECT
to the proxy and then adding a TLS connection on top of the socket.
|
|
43b592ac
|
2018-10-25T08:49:01
|
|
tls: introduce a wrap function
Introduce `git_tls_stream_wrap` which will take an existing `stream`
with an already connected socket and begin speaking TLS on top of it.
This is useful if you've built a connection to a proxy server and you
wish to begin CONNECT over it to tunnel a TLS connection.
Also update the pluggable TLS stream layer so that it can accept a
registration structure that provides an `init` and `wrap` function,
instead of a single initialization function.
|
|
b2ed778a
|
2018-11-18T22:20:10
|
|
http transport: reset error message on cert failure
Store the error message from the underlying TLS library before calling
the certificate callback. If it refuses to act (demonstrated by
returning GIT_PASSTHROUGH) then restore the error message. Otherwise,
if the callback does not set an error message, set a sensible default
that implicates the callback itself.
|